mozilla does not to generate SPKAC (KEYGEN) when using KEYTYPE="RSA"



Core Graveyard
Security: UI
16 years ago
a year ago


(Reporter: Kari HUrtta, Assigned: John G. Myers)


1.0 Branch

Firefox Tracking Flags

(Not tracked)




(3 attachments)



16 years ago
I seems to unable to get Mozilla 1.0 RC1 (BuilID 2002041711) 
to submit SPKAC to server. Server indicates that SPKAC is not
given (or is empty).

From works with Netscape® Communicator 4.79 

There of course can be something wrong of form.

Form is following:

<form METHOD="POST"  ENCTYPE="application/x-www-form-urlencoded">
<input TYPE="hidden" NAME="serial" VALUE="T045">
    <li><b>Nimi: </b>
<input TYPE="text" NAME="CN" VALUE="Etunimi Sukunimi (wwwtunnus T045)" SIZE=50><br>
    Säilytä nimen lopussa teksti <tt>(wwwtunnus T045)</tt>. Käytetty mekanismi
ei mahdollista
    useamman varmenteen myöntämistä samalla nimellä, joten jos poistat tämän, et
voi saada
    uutta varmennetta tämän vanhettua. 
    <li><b>Yksikkö: </b><ol>
<li><input TYPE="radio" NAME="OU" VALUE="Tietohallinto">Tietohallinto </li>
<li><input TYPE="radio" NAME="OU" VALUE="Peruspalvelu">Peruspalvelu </li>

<li><input TYPE="radio" NAME="OU" VALUE="Havaintotoiminta">Havaintotoiminta </li>
<li><input TYPE="radio" NAME="OU" VALUE="Meteorologia">Meteorologia </li>
<li><input TYPE="radio" NAME="OU" VALUE="Ilmanlaatu">Ilmanlaatu </li>
<li><input TYPE="radio" NAME="OU" VALUE="Geofysiikka">Geofysiikka </li>
<li><input TYPE="radio" NAME="OU" VALUE="Asiakaspalvelu">Asiakaspalvelu </li>
<li><input TYPE="radio" NAME="OU" VALUE="Hallinto">Hallinto </li>
<li><input TYPE="radio" NAME="OU" VALUE="Muu" CHECKED><input TYPE="text"
NAME="OU_TEXT" VALUE="" SIZE=40> </li>

<input TYPE="text" NAME="O" VALUE="Ilmatieteen laitos" SIZE=40><br>
<input TYPE="text" NAME="C" VALUE="FI" SIZE=2>
<li><b>Sähköposti: </b>
<input TYPE="text" NAME="emailAddress" VALUE="" SIZE=40>
<li>Avainkoko: <keygen NAME="SPKAC" CHALLENGE="" KEYTYPE="RSA"><br>
    Jos yllä ei ole mahdollisuutta valita avainkokoa, selaimesi
    ei generoi sinulle julkista ja salaista avainta. Näin ollen
    tämä lomake ei toimi.

<input TYPE="submit" NAME="Generoi avaimet" VALUE="Generoi avaimet"><input
TYPE="reset" VALUE="(reset)"><input TYPE="hidden" NAME=".cgifields"
VALUE="OU"></form><hr><tt>$Id:,v 1.6 2002/04/23 13:20:08 hurtta Exp $

( Or is product "PSM" instead of "Browser" on this case? )

Comment 1

16 years ago
Created attachment 80606 [details]

Comment 2

16 years ago
wfm on Linux build 2002-04-19-10-trunk... it does the same thing as on netscape 4.x
No, no.  Display is not the issue here, what is sent to the server is.

Kari, does this work with _any_ mozilla build?  I'm not completely sure KEYGEN
is even implemented in Mozilla (it _is_ in the commercial tree).

Also, see bug 94690...

Comment 4

16 years ago
Does not work with Build ID 2002031312

I think that does not work with any mozilla build.

My debug log says same thing with Build ID 2002031312:

Apr 24 16:21:14 wwwtunnus[193361508]: create_spkac: 400 SPKAC

I asked someone to test Netscape 6.2. Result was same

Apr 24 16:30:15 wwwtunnus[196618175]: create_spkac: 400 SPKAC

Assignee: alexsavulov → ssaux
Component: Form Submission → Client Library
Ever confirmed: true
Product: Browser → PSM
QA Contact: vladimire → junruh
Version: other → 2.0

Comment 6

16 years ago
John, can you test. I suspect that the utf8 issues are biting us here.
the fix to bug 90956 may help.

Comment 7

16 years ago
Mozilla does not anyway indicate that it will be generate
public key / secret key pair (as Netscape does). It either
does not ask master password for certificate store. So it
definately looks like key generation is not triggered
although <keygen -tag is regognized.

Comment 8

16 years ago
Created attachment 80984 [details]
Netscape's response to "Generoi avaimet"

Just a example what Netscape responses when pressing "Generoi avaimet"
on testcase. That is for comparision. On mozilla 1.0 RC1 there anything
like that, and security manager definately need password for Certificate DB.
Otherwise it can not store generated private key to Certificate DB.

(Mozilla calls that as "master password for Software Security Device".)

Comment 9

16 years ago
John can you run your KEYGEN tests to see if anything is broken on our test suite?


16 years ago
Version: 2.0 → 2.2

Comment 10

16 years ago
I have no problem with Keygen getting a Verisign cert. See the above URL

Comment 11

16 years ago
Reporter, if you will remove KEYTYPE="RSA", this works, even though it then 
doesn't appear to match the specs.

Comment 12

16 years ago

Form works with mozilla (Build ID 2002051009) when I remove

RCS file: /cvs/adm/www/,v
retrieving revision 1.6
diff -u -r1.6
---        2002/04/23 13:20:08     1.6
+++        2002/05/17 07:31:58
@@ -436,9 +436,13 @@
+    # On Mozilla there is bug that this does not work if
+    # there is KEYTYPE="RSA"   (althoug specs says there there
+    # should be that)
     print <<EOT
+<li>Avainkoko: <KEYGEN NAME="SPKAC" CHALLENGE=""><br>
     Jos yllä ei ole mahdollisuutta valita avainkokoa, selaimesi
     ei generoi sinulle julkista ja salaista avainta. Näin ollen
     tämä lomake ei toimi.                                                      

(Or at least mozilla seems generate valid data.)
However because mozilla does not work when doing
form according of the specs, I think that this bug is still valid.

Changing subject. 
Summary: Unable to get mozilla 1.0 RC1 to generate SPKAC (KEYGEN) → mozilla does not to generate SPKAC (KEYGEN) when using KEYTYPE="RSA"

Comment 13

16 years ago
I can get Mozilla to generate keys without the KEYTYPE flag set, but when I try
to sign them with the CA key, whatever SPKAC Mozilla generates is not recognized
by OpenSSL. Any ideas?

Comment 14

14 years ago
Mass reassign ssaux bugs to nobody
Assignee: ssaux → nobody

Comment 15

14 years ago
The code appears to be doing a case-sensitive comparison to "rsa".
Assignee: nobody → jgmyers

Comment 16

14 years ago
Created attachment 142977 [details] [diff] [review]
Treat KEYTYPE case insensitively


14 years ago
Attachment #142977 - Flags: review?(ddrinan0264)

Comment 17

14 years ago


14 years ago
Attachment #142977 - Flags: superreview?(jag)


14 years ago
Attachment #142977 - Flags: review?(ddrinan0264) → review+

Comment 18

14 years ago
Comment on attachment 142977 [details] [diff] [review]
Treat KEYTYPE case insensitively

Attachment #142977 - Flags: superreview?(jag) → superreview+

Comment 19

14 years ago
Fix checked in.
Last Resolved: 14 years ago
Resolution: --- → FIXED


13 years ago
Component: Security: UI → Security: UI
Product: PSM → Core


10 years ago
Version: psm2.2 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.