问题
I want to access the currenly connected cryptography modules via an Firefox Addon.
I found some interfaces that look like i can access the module, the slot and the token (1 → 2 → 3 → 4) but how can i access the public key of an certificate stored on such a token?
Is there an such an API even available to an Addon?
回答1:
nsIX509CertDB.idl provides the means to access all stored certificates, therefore also the ones accessed through crypto modules. To filter the certificates using the tokenName property should work.
Here is a snippet to enumerate all certs:
var certDB = chrome.Cc["@mozilla.org/security/x509certdb;1"].getService(chrome.Ci.nsIX509CertDB);
var certs = certDB.getCerts();
var enumerator = certs.getEnumerator();
var s = "";
while (enumerator.hasMoreElements()) {
var cert = enumerator.getNext().QueryInterface(chrome.Ci.nsIX509Cert);
if (cert.tokenName.equals("Your-token-name"))
s += cert.tokenName + " # ";
}
The name of the token can be found through the module name by using: nsIPKCS11ModuleDB.listModules() → nsIPKCS11Module.listSlots() → nsIPKCS11Slot.getToken() → nsIPK11Token.tokenName
来源:https://stackoverflow.com/questions/28817166/firefox-addon-pkcs11-api