Closed Bug 1820348 Opened 1 year ago Closed 1 year ago

Libnss3 doesn't log SEC_ERROR_UNKNOWN_PKCS11_ERROR properly ( NSS error code: -8018 )

Categories

(NSS :: Libraries, enhancement)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: nusch88, Unassigned)

Details

Steps to reproduce:

I've faced an issue with all browsers relying in libnss refusing ever X.509 certificate. I've hard time to debug it through months due to not enough information returned from libnss. It was in detail described here:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1960736

Actual results:

Root issue is that libnss returned [23391:23426:0213/133531.202486:ERROR:nss_util.cc(286)] After loading Root Certs, loaded==false: NSS error code: -8018
In my case the root cause was poor quality code written by local government agency known for infringing LGPG licence. The configuration change was deployed when installing their PKCS#11 related software and lack of proper debug from Libnss cause I was not able to connect cause and the effect.

Expected results:

Instead of displaying code which couldn't be googled NSS should return full human readable error name ' SEC_ERROR_UNKNOWN_PKCS11_ERROR' - in way it does for other errors of same kind.

Group: crypto-core-security

This is a bug in Chromium, not NSS. You can file a bug here: https://bugs.chromium.org/p/chromium/issues/list

Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.