Last Comment Bug 111078 - Deleting certs from ActivCard leaves key material on the token.
: Deleting certs from ActivCard leaves key material on the token.
Status: RESOLVED FIXED
:
Product: NSS
Classification: Components
Component: Libraries (show other bugs)
: 3.3.1
: x86 Windows 2000
: P2 normal (vote)
: 3.4
Assigned To: Wan-Teh Chang
: Bishakha Banerjee
:
Mentors:
Depends on:
Blocks: smartcard
  Show dependency treegraph
 
Reported: 2001-11-20 17:47 PST by Stephane Saux
Modified: 2002-07-16 17:25 PDT (History)
4 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Don't lookup the certs elsewhere if we can't find them on the token (853 bytes, patch)
2002-02-28 16:09 PST, Robert Relyea
no flags Details | Diff | Splinter Review

Description Stephane Saux 2001-11-20 17:47:24 PST
Use the browser to delete dual key certs from an ActivCard token.
Close the browser.
Open the card using the ActivCard utility. The utility shows that there are
still keys on the card.
If you delete certs using the utility everyting goes away.

Note that it doesn't matter whether the certs were generated on the card or
imported from a p12 file.
Comment 1 John Unruh 2002-02-19 10:48:26 PST
nsbeta1
Comment 2 John Unruh 2002-02-19 11:01:12 PST
WFM with an iButton. Deleting a 1K dual cert from AOL deletes the cert, and it 
does not display in the Admin Utility.
Comment 3 Stephane Saux 2002-02-19 12:33:11 PST
copy activCard contact.
Comment 4 ActivCard 2002-02-28 14:32:57 PST
PSM calls C_DestroyObject for the certificate and the public key, but does not 
calls C_DestroyObject for the private key, thus the private key is not 
destroyed.
Comment 5 Robert Relyea 2002-02-28 15:48:05 PST
Question: Stephan, do you have copies of those certs in your NSS database?

NSS does not destroy the key if it still finds certificates associated with that
key. This can happen one of two ways: 1) the card still reports the existance of
a cert with the same CKA_ID, or 2) we find a cert with the same subject in the
database. I believe the latter is a bug in NSS, which I'll supply a patch for. I
want to make sure the former is not happening as well.

bob
Comment 6 Robert Relyea 2002-02-28 16:09:17 PST
Created attachment 71977 [details] [diff] [review]
Don't lookup the certs elsewhere if we can't find them on the token

This code is used for 2 things: extracting a public key from a private key, and
deciding if we are going to delete the private key from a token. The former 1)
is only used by out utilities 2) has fallbacks if the cert is not found and 3)
is depending on code that was likely to find the wrong cert anyway (the code
deleted in the patch).	For the former we want to succede only if we don't find
any certs in the token we are searching.
Comment 7 Wan-Teh Chang 2002-02-28 16:41:46 PST
Comment on attachment 71977 [details] [diff] [review]
Don't lookup the certs elsewhere if we can't find them on the token

This patch is fine.  It may be a good idea to
call
    PORT_SetError(SSL_ERROR_NO_CERTIFICATE);
before returning NULL, but I am not sure if that's
the right error code.
Comment 8 Kai Engert (:kaie) 2002-07-16 16:10:10 PDT
So Bob has a patch and Wan-Teh likes the patch.
Will you check it in?
The patch is completely within NSS, so it looks like a NSS bug.
Reassining to NSS.
Comment 9 Robert Relyea 2002-07-16 16:33:45 PDT
This patch has been in NSS since Feb 2002. As such is has already been moved
into NSS 3.5 long ago. I think the bug was left open waiting for a tag move. 
Comment 10 Wan-Teh Chang 2002-07-16 17:25:55 PDT
Bob is right.  This bug is fixed in rev. 1.64 of
mozilla/security/nss/lib/pk11wrap/pk11cert.c.

Note You need to log in before you can comment on or make changes to this bug.