Support GeneralizedTime in S/MIME libraries

RESOLVED FIXED

Status

NSS
Libraries
RESOLVED FIXED
15 years ago
15 years ago

People

(Reporter: Julien Pierre, Assigned: Julien Pierre)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

(Assignee)

Description

15 years ago
Currently, we only support the UTCTime encoding, which can only encode dates up
to the year 2049 . We need to support a CHOICE of either UTCTime or GeneralizedTime.
I have been working on a patch for this. It works OK. But I'm not sure if the
S/MIME test coverage is good enough, so I'm making this a separate bug from 143334.
(Assignee)

Comment 1

15 years ago
Created attachment 131641 [details] [diff] [review]
Allow GeneralizedTime encoding for signatures in S/MIME library
(Assignee)

Updated

15 years ago
Attachment #131641 - Flags: superreview?(nelsonbhchan)
Attachment #131641 - Flags: review?(wchang0222)

Comment 2

15 years ago
Comment on attachment 131641 [details] [diff] [review]
Allow GeneralizedTime encoding for signatures in S/MIME library

r=wtc.	Looks good to me.

Does CERT_SaveSMimeProfile fail if the signing time is
in GeneralizedTime format?
Attachment #131641 - Flags: review?(wchang0222) → review+
(Assignee)

Comment 3

15 years ago
Currently the answer is yes - it fails with a GeneralizedTime passed in.

I just found out that I had included a patch to "fix" that, because I'm only
working from a single source tree. That "fix" in the patch for bug 143334 in
stanpcertdb.c that I asked you to review last week. That part of the patch
shouldn't be checked in since it changes the DB format for dates after 2050.
We can leave it out and keep it failing. Or we could re-encode to UTCTime if the
date is in GeneralizedTime and before 2050, but I don't think that's worth it
since it's never supposed to happen.

(Assignee)

Comment 4

15 years ago
FYI, I verified that S/MIME tests still pass with this patch but not the
stanpcertdb fix.
(Assignee)

Updated

15 years ago
Depends on: 143334
(Assignee)

Updated

15 years ago
Attachment #131641 - Flags: superreview?(nelsonbhchan)
(Assignee)

Comment 5

15 years ago
Created attachment 131653 [details] [diff] [review]
use CERT_TimeChoiceTemplate instead of CERT_InlineChoiceTemplate
Attachment #131641 - Attachment is obsolete: true
(Assignee)

Updated

15 years ago
Attachment #131653 - Flags: superreview?(MisterSSL)
Attachment #131653 - Flags: review?(wchang0222)

Updated

15 years ago
Attachment #131653 - Flags: review?(wchang0222) → review+
Comment on attachment 131653 [details] [diff] [review]
use CERT_TimeChoiceTemplate instead of CERT_InlineChoiceTemplate

sr=MisterSSL
Attachment #131653 - Flags: superreview?(MisterSSL) → superreview+
(Assignee)

Comment 7

15 years ago
Fixed.

cvs commit: Examining .
Checking in cmsattr.c;
/cvsroot/mozilla/security/nss/lib/smime/cmsattr.c,v  <--  cmsattr.c
new revision: 1.6; previous revision: 1.5
done
Checking in cmssiginfo.c;
/cvsroot/mozilla/security/nss/lib/smime/cmssiginfo.c,v  <--  cmssiginfo.c
new revision: 1.18; previous revision: 1.17
done
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.