Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.


PKCS#11 module with NSS

  • Hi,

    I'm trying to use a PKCS#11 module with pidgin-encryption, but it never uses the configuration I'm doing.

    I ran:
    modutil -create -dbdir ~/.purple/ -secmod cap.db
    to create the structure and overwrite what the plugin created. This automatically configured the module I want to use:
    ~/.purple$ modutil -list -dbdir . -secmod cap.db

    Listing of PKCS #11 Modules
      1. NSS Internal PKCS #11 Module
         slots: 2 slots attached
        status: loaded

         slot: NSS Internal Cryptographic Services
        token: NSS Generic Crypto Services

         slot: NSS User Private Key and Certificate Services
        token: NSS Certificate DB

      2. SafeSign PKCS#11 Module
        library name: /usr/lib/
         slots: 1 slot attached
        status: loaded

         slot: OmniKey CardMan 3121 00 00
        token: TJ-PR

      3. Root Certs
        library name: ./
         slots: 1 slot attached
        status: loaded

         slot: NSS Builtin Objects
        token: Builtin Object Token

    I tried disabling every other module (1 and 3) to no avail. It always uses the key stored in id/id.priv.

    Since this plugin uses NSS for encryption, shouldn't it be possible for me to configure it through modutil?