If I enable FIPS mode in Device Manager, the left panel show a truncated string, "PSM Internal FIPS-140-1 Cryptogr", instead of "PSM Internal FIPS-140-1 Cryptographic Services". The comment on http://lxr.mozilla.org/mozilla/source/security/manager/locales/en-US/chrome/pipnss/pipnss.properties#71 seems to say that this string can be up to 64 byte long. Is the limit perhaps 32 byte instead?
rv = GetPIPNSSBundleString("FipsSlotDescription", fipsSlotDescription); if (NS_FAILED(rv)) return rv; ... PK11_ConfigurePKCS11(... NS_ConvertUCS2toUTF8(fipsSlotDescription).get() ...); Bob, are only 32 chars allowed here?
Yes. PKCS #11 has to following limits: Slot Description 64 bytes. Slot and Token Manufacture ID 32 bytes. Token Label (the one that's displayed for password prompts) 32 bytes Model number 16 bytes Serial number 16 bytes. All fields are UTF8, space padded, no NULL terminators. NSS will automatically truncate the string if it is too long. If you use UTF8 characters NSS will drop any partial characters (multi-byte characters which strattle the boundary). bob
Status: NEW → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 317630
You need to log in before you can comment on or make changes to this bug.