Closed Bug 1350332 Opened 3 years ago Closed 3 years ago

pk12util mishandles invalid cipher names

Categories

(NSS :: Tools, enhancement)

enhancement
Not set

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: ueno, Unassigned)

Details

Attachments

(1 file)

When an invalid cipher name is used with -C, pk12util silently produces output without encryption.  According to the code, it is supposed to abort on that case:
https://dxr.mozilla.org/mozilla-central/source/security/nss/cmd/pk12util/pk12util.c#1061
but the check below is irrelevant: it should check the just obtained certCipher instead of cipher.

Also, the tools.sh test uses "null", meaning no encryption, while pk12util expects "none".

I am attaching a patch to fix those.
Attachment #8850944 - Flags: review?(kaie)
Comment on attachment 8850944 [details] [diff] [review]
nss-pk12util-invalid.patch

r=kaie
Attachment #8850944 - Flags: review?(kaie) → review+
https://hg.mozilla.org/projects/nss/rev/9a79b408169f3b1fcbcf1dee9e596397e5661bbb
Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.31
You need to log in before you can comment on or make changes to this bug.