Closed Bug 1594965 Opened 5 years ago Closed 4 years ago

PSS delegated credentials need to include a salt length

Tracking

(Not tracked)

Status:

RESOLVED FIXED

Milestone:

3.48

People

(Reporter: mt, Assigned: mt)

Details

Attachments

(1 file)

Bug 1594965 - Include saltLength in DC SPKI, r?kjacobs 5 years ago Martin Thomson [:mt:] 47 bytes, text/x-phabricator-request		Details \| Review

Martin Thomson [:mt:]

Assignee

Description

•

5 years ago

Right now, these omit the salt length field, implying a value of 20. However, signatures use a salt length equal to the hash output length. This is just an omission in the encoding. But it indicates that maybe there are other issues that need further investigation.

Martin Thomson [:mt:]

Assignee

Comment 1

•

5 years ago

Attached file Bug 1594965 - Include saltLength in DC SPKI, r?kjacobs — Details

I discovered this when validating new additions to our root store
policy. The encodings there didn't line up with what we were producing with DC.

Martin Thomson [:mt:]

Assignee

Comment 2

•

4 years ago

https://hg.mozilla.org/projects/nss/rev/661058254ade

Status: NEW → RESOLVED

Closed: 4 years ago

Resolution: --- → FIXED

Target Milestone: --- → 3.48

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

PSS delegated credentials need to include a salt length

Categories

(NSS :: Libraries, defect, P2)

Tracking

(Not tracked)

People

(Reporter: mt, Assigned: mt)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Comment 1

Comment 2

Attachment

General

Description

File Name

Content Type