Allow Softtoken to be used without the NSS intialization string

Assigned to


13 years ago
7 years ago


(Reporter:, Assigned: rrelyea)


Firefox Tracking Flags

(Not tracked)



(1 attachment)



13 years ago
(I believe this is a well known issue but I could not find an open bug)

Some people would like to use the NSS Softtoken as a PKCS#11 crypto library. This is made a little difficult by the Softtoken because it requires an NSS specific initialization string.

As a simple fix for users who only want crypto and no permanent key storage, initialize Softtoken without a database when no initialization string is set.

See attached patch. It uses the same initialization string that would be passed to Softtoken after a call to NSS_NoDB_Init().

Comment 1

13 years ago
Created attachment 224270 [details] [diff] [review]
Patch against NSS_3_11_BRANCH
Assignee: nobody → rrelyea
Severity: normal → enhancement
Priority: -- → P2
Target Milestone: --- → 3.11.2

Comment 2

13 years ago
We should define carefully what it means to initialize
the softoken without the NSS initialization string, because
we won't be able to change the definition in the future.  A
better definition would be to look for the NSS databases
in the "default" NSS config directory for the current
user.  But we'd need to define the default NSS config
directory for a user first.

Comment 3

13 years ago
I am not sure there is a good default config directory location that works for everyone. I think the location (and other possible config options) would be better handled via environment variables than hardcoded defaults.

I am suggesting to do the easy thing now, which is to initialize Softtoken without a DB if the config string is NULL. This would help people today that just want to use Softtoken as a crypto engine without permanent key storage.

If other needs arise in the future, they could be met by using environment variables, which if set would override the NoDB default of today (when the config string is NULL). In other words, the solution proposed by this bug does not preclude future enhancements.

Comment 4

13 years ago
Retargetting all P2s to 3.11.3 .
Target Milestone: 3.11.2 → 3.11.3


12 years ago
Target Milestone: 3.11.3 → 3.12


11 years ago
Unsetting target milestone in unresolved bugs whose targets have passed.
Target Milestone: 3.12 → ---

Comment 6

7 years ago
The patch for Bug 475578 has a fix at the bottom:
You need to log in before you can comment on or make changes to this bug.