Open
Bug 1248320
Opened 8 years ago
Updated 2 years ago
Key wrapping does inadvisable things with keys
Categories
(NSS :: Libraries, defect, P3)
NSS
Libraries
Tracking
(firefox47 affected)
NEW
Tracking | Status | |
---|---|---|
firefox47 | --- | affected |
People
(Reporter: mt, Unassigned)
References
Details
getWrappingKey in ssl3con.c doesn't respect modern rules regarding single use of keys. It appears as though an ECDSA key is used with ECDH. RSA signing keys are used to encrypt. See also Bug 421389.
Updated•7 years ago
|
Priority: -- → P3
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•