Open Bug 1784858 Opened 3 years ago Updated 3 years ago

Add support for using operating system personal S/MIME certificates with Thunderbird's S/MIME feature (libosclientcerts)

Categories

(MailNews Core :: Security: S/MIME, enhancement)

Product:
MailNews Core
Component:
Security: S/MIME
Version:
Thunderbird 102
Type:
enhancement

Tracking

(Not tracked)

People

(Reporter: wangdingwen32, Unassigned)

Details

Steps to reproduce:

  • Import a S/MIME client certificate to OS certificate store (Certificate Manager/Keychain, etc)
  • Open Settings - Privacy & Security - Security Devices...
  • Load PKCS Module "libosclientcerts" (can be found under installation directory)
  • Configure mail account to use the client certificate
  • Send a S/MIME signed and encrypted message using the certificate, it succeeded
  • Try to decrypt a S/MIME encrypted message, it failed
  • Open Settings - Privacy & Security - Security Devices... and Unload libosclientcerts
  • Import S/MIME certificate
  • Try to decrypt a S/MIME encrypted message, it succeeded

Actual results:

When trying to decrypt S/MIME encrypted messages with libosclientcerts, which uses certificates that stored in OS certificate store, Thunderbird failed to decrypt.

Expected results:

Since Thunderbird is able to use libosclientcerts to send a signed message, it can use the private key stored in OS certificate store, so the expected behavior is that Thunderbird should be able to decrypt messages using libosclientcerts.

Component: Security → Security: S/MIME
Product: Thunderbird → MailNews Core
Status: UNCONFIRMED → NEW
Type: defect → enhancement
Ever confirmed: true
Summary: Unable to use OS Client Cert Module (libosclientcerts) to decrypt S/MIME emails → Add support for using operating system personal S/MIME certificates with Thunderbird's S/MIME feature (libosclientcerts)
You need to log in before you can comment on or make changes to this bug.