| |
| # Configuration to run unit tests with NSS |
| # Marks private and secret keys as sensitive |
| |
| name = NSS |
| |
| slot = 1 |
| |
| #showInfo = true |
| |
| library = ${pkcs11test.nss.lib} |
| |
| nssArgs = "configdir='${pkcs11test.nss.db}' certPrefix='' keyPrefix='' secmod='secmod.db' flags=readOnly" |
| |
| disabledMechanisms = { |
| CKM_DSA_SHA224 |
| CKM_DSA_SHA256 |
| CKM_DSA_SHA384 |
| CKM_DSA_SHA512 |
| CKM_ECDSA_SHA224 |
| CKM_ECDSA_SHA256 |
| CKM_ECDSA_SHA384 |
| CKM_ECDSA_SHA512 |
| } |
| |
| attributes = compatibility |
| |
| # NSS needs CKA_NETSCAPE_DB for DSA and DH private keys |
| # just put an arbitrary value in there to make it happy |
| |
| attributes(*,CKO_PRIVATE_KEY,CKK_DSA) = { |
| CKA_NETSCAPE_DB = 0h00 |
| } |
| |
| attributes(*,CKO_PRIVATE_KEY,CKK_DH) = { |
| CKA_NETSCAPE_DB = 0h00 |
| } |
| |
| # Everything above this line (with the exception of the comment at the top) is copy/pasted from p11-nss.txt |
| |
| # Make all private keys sensitive |
| attributes(*,CKO_PRIVATE_KEY,*) = { |
| CKA_SENSITIVE = true |
| } |
| |
| |
| # Make all secret keys sensitive |
| attributes(*,CKO_SECRET_KEY,*) = { |
| CKA_SENSITIVE = true |
| } |