MozillaWiki

VE 07KeyMgmt: Difference between revisions

Page Discussion

VE 07KeyMgmt (view source)

Revision as of 00:50, 17 August 2006

128 bytes added ,  17 August 2006
→‎Key Zeroization
Line 132: Line 132:
* the NSS cryptographic module is shut down (with a <code>FC_Finalize</code> call),
* the NSS cryptographic module is shut down (with a <code>FC_Finalize</code> call),
* the NSS cryptographic module is reinitialized (with a <code>FC_InitToken</code> call), or
* the NSS cryptographic module is reinitialized (with a <code>FC_InitToken</code> call), or
* the NSS cryptographic module switches between the FIPS and non-FIPS modes.
* the NSS cryptographic module switches between the FIPS and non-FIPS modes (with a <code>C_Finalize</code>/<code>FC_Initialize</code> or <code>FC_Finalize</code>/<code>C_Initialize</code> call sequence).


Passwords are automatically zeroized by the NSS cryptographic module immediately after use.
Passwords are automatically zeroized by the NSS cryptographic module immediately after use.


The <code>memset()</code> function is extremely fast. Zeroization can be performed in a time that is not sufficient to compromise plaintext secret and private keys and passwords.
The <code>memset()</code> function is extremely fast. Zeroization can be performed in a time that is not sufficient to compromise plaintext secret and private keys and passwords.
Wtchang
canmove, Confirmed users
937

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/31810"