Closed
Bug 223494
Opened 21 years ago
Closed 21 years ago
cmsutil signing does not work with hardware tokens
Categories
(NSS :: Libraries, defect)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: julien.pierre, Assigned: wtc)
Details
Attachments
(1 file)
3.70 KB,
patch
|
wtc
:
review+
rrelyea
:
superreview+
|
Details | Diff | Splinter Review |
When trying to use cmsutil today, it would not find the certificate for signing on my hardware token. It appears that the password is not being passed down in all cases. Even with softoken this would be a problem in theory, except that the CERT_FindUserCertByUsage function may be able to find certs marked "user" without actually opening the key db. I will attach a patch that resolved the problem with my token.
Reporter | ||
Comment 1•21 years ago
|
||
Reporter | ||
Updated•21 years ago
|
Attachment #133999 -
Flags: review?(wchang0222)
Comment 2•21 years ago
|
||
Julien, is your token not a "friendly" token? (friendly means one that will allow you to search certificates even when not logged in)
Reporter | ||
Comment 3•21 years ago
|
||
Nelson, No, the token won't present any certs over PKCS#11 unless logged in.
Assignee | ||
Comment 4•21 years ago
|
||
Comment on attachment 133999 [details] [diff] [review] fix password issues r=wtc. This patch looks correct as far as I can tell. I'd like either Bob or Nelson to do a second review because I'm not familiar with CERT_FindUserCertByUsage and PK11_SetPasswordFunc. One suggested change: declare the following as 'static': >+secuPWData pwdata = { PW_NONE, 0 }; >+PK11PasswordFunc pwcb = NULL; >+void *pwcb_arg = NULL; Actually I don't think pwcb and pwcb_arg are that useful. Why don't we just pass SECU_GetModulePassword and &pwdata as arguments to NSS_CMSDecoder_Start and NSS_CMSEncoder_Start?
Attachment #133999 -
Flags: superreview?(rrelyea0264)
Attachment #133999 -
Flags: review?(wchang0222)
Attachment #133999 -
Flags: review+
Updated•21 years ago
|
Attachment #133999 -
Flags: superreview?(rrelyea0264) → superreview+
Reporter | ||
Comment 5•21 years ago
|
||
Thanks for the reviews, Wan-Teh and Bob. I made the variables static and checked this in to the tip. Checking in cmsutil.c; /cvsroot/mozilla/security/nss/cmd/smimetools/cmsutil.c,v <-- cmsutil.c new revision: 1.43; previous revision: 1.42
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•