public static SECStatus CheckUserPassword(string password)
        {
            try
            {
                IntPtr slot = NSS3.PK11_GetInternalKeySlot();                 // get a slot to work with

                if (slot == IntPtr.Zero)
                {
                    throw new Exception("Failed to get slot");
                }

                try
                {
                    SECStatus result = NSS3.PK11_CheckUserPassword(slot, password);
                    return(result);
                }
                finally
                {
                    NSS3.PK11_FreeSlot(slot);
                }
            }
            finally
            {
                if (NSS3.NSS_Shutdown() != SECStatus.Success)
                {
                    Int32  error     = NSPR4.PR_GetError();
                    string errorName = NSPR4.PR_ErrorToName(error);
                    throw new Exception("Failed to shutdown: " + errorName);
                }
            }
        }
        /// <summary>
        /// use NSS to decode and decrypt a string
        /// </summary>
        /// <param name="base64EncryptedData">data that is encrypted and then base64 encoded</param>
        /// <param name="result">clear text result</param>
        /// <returns>success status</returns>
        private static SECStatus Decrypt(string base64EncryptedData, ref string result)
        {
            SECStatus status        = SECStatus.Success;
            SECItem   decodedItem   = new SECItem();
            IntPtr    decodedObject = IntPtr.Zero;

            result = string.Empty;

            decodedItem.Data   = IntPtr.Zero;
            decodedItem.Length = 0;

            try
            {
                decodedObject = NSS3.NSSBase64_DecodeBuffer(IntPtr.Zero, IntPtr.Zero, base64EncryptedData, base64EncryptedData.Length);

                if (decodedObject == IntPtr.Zero)
                {
                    status = SECStatus.Failure;
                }
                else
                {
                    status = NSS3.PK11SDR_Decrypt(decodedObject, ref decodedItem, IntPtr.Zero);

                    if (status != SECStatus.Success)
                    {
                        Int32  error     = NSPR4.PR_GetError();
                        string errorName = NSPR4.PR_ErrorToName(error);
                        throw new Exception("Failed to decrypt data: " + errorName);
                    }

                    try
                    {
                        result = Marshal.PtrToStringAnsi(decodedItem.Data, decodedItem.Length);
                    }
                    finally
                    {
                        NSS3.SECITEM_FreeItem(ref decodedItem, 0);
                    }
                }
            }
            catch (Exception ex)
            {
                status = SECStatus.Failure;
                KeePassUtilities.LogException(ex);
            }
            finally
            {
                if (decodedObject != IntPtr.Zero)
                {
                    NSS3.SECITEM_FreeItem(decodedObject, 1);
                }

                if (decodedItem.Data != IntPtr.Zero)
                {
                    Marshal.FreeHGlobal(decodedItem.Data);
                }
            }

            return(status);
        }