Closed Bug 1423557 Opened 7 years ago Closed 7 years ago

cryptohi: make RSA-PSS parameter check stricter

Tracking

(Not tracked)

Status:

RESOLVED FIXED

Milestone:

3.35

People

(Reporter: ueno, Assigned: ueno)

References

Details

Attachments

(1 file)

cryptohi: make RSA-PSS parameter check stricter 7 years ago Phabricator Automation 45 bytes, text/x-phabricator-request	mt : review+	Details \| Review

Daiki Ueno [:ueno]

Assignee

Description

•

7 years ago

The code for verifying RSA-PSS signature on certificate accepts invalid hash algorithms as SHA-1 and also doesn't check the value of trailerField. This should be more strict, according to the discussion in bug 1400844.

Daiki Ueno [:ueno]

Assignee

Comment 1

•

7 years ago

https://phabricator.services.mozilla.com/D322

Daiki Ueno [:ueno]

Assignee

Updated

•

7 years ago

Comment 2

•

7 years ago

Landed as: https://hg.mozilla.org/projects/nss/rev/5a14f42384eb

Status: NEW → RESOLVED

Closed: 7 years ago

Resolution: --- → FIXED

Target Milestone: --- → 3.35

Kai Engert [:KaiE:]

Updated

•

7 years ago

Assignee: nobody → dueno

Phabricator Automation

Comment 3

•

7 years ago

Attached file cryptohi: make RSA-PSS parameter check stricter — Details

Phabricator Automation

Comment 4

•

7 years ago

Comment on attachment 8945484 [details] cryptohi: make RSA-PSS parameter check stricter Martin Thomson [:mt:] has approved the revision. https://phabricator.services.mozilla.com/D322

Attachment #8945484 - Flags: review+

You need to log in before you can comment on or make changes to this bug.

Bugzilla

cryptohi: make RSA-PSS parameter check stricter

Categories

(NSS :: Libraries, enhancement)

Tracking

(Not tracked)

People

(Reporter: ueno, Assigned: ueno)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Updated

Comment 2

Updated

Comment 3

Comment 4

Attachment

General

Description

File Name

Content Type