summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/ckfw/nssmkey/README
diff options
context:
space:
mode:
authorMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
committerMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
commit5f8de423f190bbb79a62f804151bc24824fa32d8 (patch)
tree10027f336435511475e392454359edea8e25895d /security/nss/lib/ckfw/nssmkey/README
parent49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff)
downloadUXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip
Add m-esr52 at 52.6.0
Diffstat (limited to 'security/nss/lib/ckfw/nssmkey/README')
-rw-r--r--security/nss/lib/ckfw/nssmkey/README21
1 files changed, 21 insertions, 0 deletions
diff --git a/security/nss/lib/ckfw/nssmkey/README b/security/nss/lib/ckfw/nssmkey/README
new file mode 100644
index 000000000..c060d9c3c
--- /dev/null
+++ b/security/nss/lib/ckfw/nssmkey/README
@@ -0,0 +1,21 @@
+This Cryptoki module provides acces to certs and keys stored in
+Macintosh key Ring.
+
+- It does not yet export PKCS #12 keys. To get this to work should be
+ implemented using exporting the key object in PKCS #8 wrapped format.
+ PSM work needs to happen before this can be completed.
+- It does not import or export CA Root trust from the mac keychain.
+- It does not handle S/MIME objects (pkcs #7 in mac keychain terms?).
+- The AuthRoots don't show up on the default list.
+- Only RSA keys are supported currently.
+
+There are a number of things that have not been tested that other PKCS #11
+apps may need:
+- reading Modulus and Public Exponents from private keys and public keys.
+- storing public keys.
+- setting attributes other than CKA_ID and CKA_LABEL.
+
+Other TODOs:
+- Check for and plug memory leaks.
+- Need to map mac errors into something more intellegible than
+ CKR_GENERAL_ERROR.