Bug 703281

Summary: JSS needs methods for NSS 'SECMOD_OpenUserDB()' and NSS 'SECMOD_CloseUserDB()'
Product: [Retired] Dogtag Certificate System Reporter: Matthew Harmsen <mharmsen>
Component: JSSAssignee: Ade Lee <alee>
Status: CLOSED NOTABUG QA Contact: Chandrasekar Kannan <ckannan>
Severity: unspecified Docs Contact:
Priority: high    
Version: 9.0CC: benl, cfu, jmagne, mharmsen, rrelyea
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-23 21:04:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 445047    

Description Matthew Harmsen 2011-05-09 20:16:05 UTC 
The DRM Rekey tool (reference Bugzilla Bug #532548 - Tool to do DRM re-key) needs to open both legacy NSS security databases as well as current NSS security databases in order to use a legacy key for unwrapping/decrypting and using a current key for wrapping/encrypting.

NSS contains functions to support this feature
(located in mozilla/security/nss/lib/pk11wrap/pk11util.c):

- PK11SlotInfo *SECMOD_OpenUserDB( const char *moduleSpec)
- SECStatus SECMOD_CloseUserDB( PK11SlotInfo *slot )

JSS needs to add access to these two methods.
Comment 3 Matthew Harmsen 2011-05-23 21:04:28 UTC 
This was originally desired for DRMTool.  However, when it was discovered that these two functions did not include the secmod.db database, a different approach was taken, and these two functions no longer need to be exposed through JSS.