Closed Bug 225301 Opened 21 years ago Closed 21 years ago

cmsutil test program IGNORES BAD SIGNATURES

Categories

(NSS :: Tools, defect, P1)

Product:
NSS
Component:
Tools
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: nelson, Assigned: nelson)

References

Details

Attachments

(1 file, 1 obsolete file)

patch v2
11.24 KB, patch
julien.pierre
: review+
Details | Diff | Splinter Review 
When our cmsutil QA program decodes a signed message (or detached signature),
it completely ignores whether the signature is good or bad.  It outputs
the same output and returns the same program status whether the signature
was correct or incorrect.   It's USELESS for validating signatures, and 
it's worse than useless as a QA regression tool.  

I will fix this pronto.
Marking P1 for NSS 3.9, and accepting bug.
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → 3.9
Attached patch patch v1 (obsolete) — Splinter Review 
This patch does the following:
1. Fixes the Usage message to document the command line options.
2. Changes the "decode" function to
   a) report an error on bad signatures, only when decoding the input file,
      not when decoding an ancillary "enveloped file".
   b) only output the contents of the "detached content" file (-c option)
      when that file's content was actually used in the computation.
3. Sundry other cleanup and added comments.
Comment on attachment 135287 [details] [diff] [review]
patch v1

Please review.
I just spotted the misspelling of "envelope". :(
Attachment #135287 - Flags: review?(wchang0222)
Comment on attachment 135287 [details] [diff] [review]
patch v1

This patch has two problems.

1. The SECU_FileToItem(&sitem, decodeOptions->contentFile) was
moved inside a for loop.  We should not read the content file
repeatedly.

2. The new code

>+	SECItem *item = (sitem.len && sitem.data) 
>+	                    ? &sitem 
>+	                    : NSS_CMSMessage_GetContent(cmsg);

may not handle a zero-length content file correctly.
Attachment #135287 - Flags: review?(wchang0222) → review-
Blocks: 225513
Attached patch patch v2 Splinter Review 
This patch incorporates Wan-Teh's review comments.
Attachment #135287 - Attachment is obsolete: true
Attachment #135367 - Flags: review?(jpierre)
Attachment #135367 - Flags: review?(jpierre) → review+
Checking in cmsutil.c;
/cvsroot/mozilla/security/nss/cmd/smimetools/cmsutil.c,v  <--  cmsutil.c
new revision: 1.44; previous revision: 1.43
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: