Closed Bug 39495 Opened 25 years ago Closed 22 years ago

Certificates with identical serial numbers, subjects and issuers.

Categories

(NSS :: Libraries, defect, P3)

Product:
NSS
Component:
Libraries
Platform:
x86
Windows NT
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 230996

People

(Reporter: bugzilla, Assigned: nelson)

Details

This is a replacement bug for Netscape bug http://scopus/bugsplat/show_bug.cgi?id=113432 Creating second certificate with new key material and nickname but with the same serial number and with one distinguished name for all subjects and issuers, let you pass certificate = CERT_NewTempCertificate(certHandle, derCert, certNickname, PR_FALSE, PR_TRUE); but then it throws assertion PORT_Assert(!cert->isperm); in CERT_AddTempCertToPerm(certificate, certNickname, &trust); ------- Additional Comments From awnuk 05/05/98 14:35 ------- It is NT problem only and can be easily reproduced by running CertKey test with test Id 437208613. To do this type certkey 437208613. CertKey test is under cvs control and available on ns/sectools/suites/secuity/certkey/certkey.c and can be build by typing gmake in the test source directory. Test input data and execution log should look like the one presented below: http://warp/m/dist/sectools/results/security/certkey/WINNT4.0/19980427/043720861 3/index.html ------- Additional Comments From relyea Jun-10-1999 14:08 ------- Fred, this is an invalid thing to do, but it shouldn't crash the library. Don
Set Target Milestone 4.0.
Assignee: lord → wtc
Target Milestone: --- → 4.0
Version: unspecified → 3.0
Status: NEW → ASSIGNED
QA Contact: lord → sonmi
Changed the QA contact to Bishakha.
QA Contact: sonja.mirtitsch → bishakhabanerjee
I'm guessing that this bug no longer exists as of 3.9 given all the work we have done to detect the identical serial numbers. It should be verified and closed.
*** This bug has been marked as a duplicate of 172247 ***
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
Target Milestone: 4.0 → 3.7
I found the source to this old NSS 2.8 test program, and made the minimum necessary modifications to get it to build with NSS 3.9 (mostly made it use NSS_InitReadWrite). Then I tested it. I found that a) The problem due to duplicate issuer and serial number is fixed in NSS 3.9 It is actually a duplicate of bug 230996, rather than bug 172247. b) There is another crash in libNSS shown by this test program. Function CERT_DecodeTrustString crashes if it is given a NULL ptr for the second argument. I will mark this bug a duplicate of 230996, and file a separate bug about this other crash.
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
taking bug.
Assignee: wchang0222 → MisterSSL
Status: REOPENED → NEW
*** This bug has been marked as a duplicate of 230996 ***
Status: NEW → RESOLVED
Closed: 22 years ago22 years ago
Resolution: --- → DUPLICATE
Target Milestone: 3.7 → 3.9.1
Correction to comment 5 above. I changed it to work with 3.9.1 and verified that it is fixed in NSS 3.9.1 by the fix to bug 230996
You need to log in before you can comment on or make changes to this bug.