Open Bug 66604 Opened 25 years ago Updated 3 years ago

Signtool reports unnecessary error message when verifying without key3.db

Categories

(NSS :: Tools, enhancement, P3)

Product:
NSS
Component:
Tools
Platform:
Sun
Solaris
Type:
enhancement

Tracking

(Not tracked)

People

(Reporter: arshad.noor, Unassigned)

Details

From Bugzilla Helper: User-Agent: Mozilla/4.7 [en] (X11; I; SunOS 5.8 sun4u) BuildID: When attempting to verify a signed jar file, with just the cert7.db in $HOME/.netscape (we definitely don't want the key3.db involved in any verification purposes; we'd prefer that the secumodule.db also not be involved, but I have no preference about this), signtool -v reports an incorrect and unnecessary error message. Reproducible: Always Steps to Reproduce: 1. Sign an object with an object signing certificate. 2. Remove or Move the $HOME/.netscape/key3.db file temporarily. 3. From the command line, type in signtool -v jarfile.jar Actual Results: You will see output such as follows: $ sophia:/home/anoor> signtool -v *.jar using certificate directory: /home/anoor/.netscape WARNING: No password set on internal key database. Most operations will fail. You must use Communicator to create a password. . . Expected Results: No messages regarding key database. For verification operations the private key is unnecessary.
Marking NEW.
Status: UNCONFIRMED → NEW
Ever confirmed: true
marking signtool bugs as future until 3.3 plan is ready.
Status: NEW → ASSIGNED
Target Milestone: --- → Future
forgot to reassign
Assignee: wtc → mcgreer
Status: ASSIGNED → NEW
Set Target Milestone to NSS 3.3. Assigned the bug to Bob for evaluation.
Assignee: mcgreer → relyea
Priority: -- → P2
Target Milestone: Future → 3.3
reassign to Ian. work on this if it's in the prd.
Assignee: relyea → mcgreer
Target Milestone: 3.3 → 3.4
Changed the QA contact to Bishakha.
QA Contact: sonja.mirtitsch → bishakhabanerjee
Set target milestone to NSS 3.5.
Target Milestone: 3.4 → 3.5
Assigned the bug to Kirk. Target NSS 3.7.
Assignee: ian.mcgreer → kirk.erickson
Target Milestone: 3.5 → 3.7
Moved to target milestone 3.8 because the original NSS 3.7 release has been renamed 3.8.
Target Milestone: 3.7 → 3.8
Remove target milestone of 3.8, since these bugs didn't get into that release.
Target Milestone: 3.8 → ---
Not likely to get to this in the 3.9 timeframe. Set Target Milestone to Future.
Target Milestone: --- → Future
Target Milestone: Future → ---
I provided a password in reproducing this failure: signtool -v nojs.jar -d ../alicedir -p nss signtool: NSS_Initialize failed: security library: bad database. signtool is calling NSS_Init(): NSS_Init(configdir = 0x3367f0 "../alicedir"), line 493 in "nssinit.c" which has no provision for startup without key3.db. Arshad is asking for a new feature. Changed this Severity to "enhancement" In addition to relaxing nss_Init(), facilities downstream that assume the key3.db has been opened would need to check for its existence and fail gracefully in the case it wasn't opened as part of NSS_Init(). Unfortunately, Arshad is no longer at Sun, so I need to find out whose taken his place and query further to understand the motivation for this. Perhaps we can offer another means to accomplish their goal.
Severity: normal → enhancement
Priority: P2 → P3
2003-0609-1720 Back from Michael Hein: Kirk, I don't know who Arshad is.....or what group he was in. I would say just leave the bug for now......if it is very important I'm sure someone will ping us. Michael
Mass reassign of Kirk's bugs.
Assignee: kirk.erickson → glen.beasley
QA Contact: bishakhabanerjee → jason.m.reid
QA Contact: jason.m.reid → tools
Assignee: gbmozilla → nobody
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.