Closed
Bug 115657
Opened 23 years ago
Closed 23 years ago
importing certificates from a pkcs12 file does not work with NSS 3.4
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.4
People
(Reporter: rangansen, Assigned: rrelyea)
Details
Attachments
(1 file)
8.56 KB,
application/x-pkcs12
|
Details |
This works ok when PSM uses NSS 3.3, with no change in PSM code. With 3.4, SEC_PKCS12DecoderStart(...) seems to return success, and the correct password is being passed, too. But on calling SEC_PKCS12DecoderUpdate(....) with data from the file, we get a error [code -8177] I found this happening with quite a few p12 files - and found all of them failing with 3.4 [they are working with 3.3] - shall try to provide an example file though.
Comment 1•23 years ago
|
||
That error code is SEC_ERROR_BAD_PASSWORD.
Updated•23 years ago
|
Priority: -- → P1
Target Milestone: --- → 3.4
Assignee | ||
Comment 3•23 years ago
|
||
Rangan, could you please attach on of the failing .p12 files and send me the password (be sure it's one which does not have production keys or certs in it.). Thanks, bob
Reporter | ||
Comment 4•23 years ago
|
||
Assignee | ||
Comment 5•23 years ago
|
||
OK, I just checked in a fix: mozilla/security/nss/lib/softoken/lowpbe.c mozilla/security/nss/lib/softoken/pkcs11c.c NOTE: old p12 files generated with NSS 3.4 will not work because they were using invalid pbe key and iv values. You only need to update libsoftokn3.so (softokn3.dll), though for PSM it's probably just easier to rebuild all of NSS. bob
Assignee | ||
Comment 6•23 years ago
|
||
Fix checked in as per the previous comment.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•