This works ok when PSM uses NSS 3.3, with no change in PSM code. With 3.4, SEC_PKCS12DecoderStart(...) seems to return success, and the correct password is being passed, too. But on calling SEC_PKCS12DecoderUpdate(....) with data from the file, we get a error [code -8177] I found this happening with quite a few p12 files - and found all of them failing with 3.4 [they are working with 3.3] - shall try to provide an example file though.
That error code is SEC_ERROR_BAD_PASSWORD.
Assigned the bug to Bob.
Assignee: wtc → relyea
Rangan, could you please attach on of the failing .p12 files and send me the password (be sure it's one which does not have production keys or certs in it.). Thanks, bob
OK, I just checked in a fix: mozilla/security/nss/lib/softoken/lowpbe.c mozilla/security/nss/lib/softoken/pkcs11c.c NOTE: old p12 files generated with NSS 3.4 will not work because they were using invalid pbe key and iv values. You only need to update libsoftokn3.so (softokn3.dll), though for PSM it's probably just easier to rebuild all of NSS. bob
Fix checked in as per the previous comment.
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.