Closed Bug 298537 Opened 16 years ago Closed 16 years ago

softoken PKCS#11 version is incorrect

Categories

(NSS :: Libraries, defect, P2)

3.10
defect

Tracking

(Not tracked)

RESOLVED FIXED
3.10.2

People

(Reporter: julien.pierre, Assigned: rrelyea)

Details

Attachments

(1 file)

Our softoken still reports that it's version 3.8 :

Name: NSS Internal PKCS #11 Module
Library file: **Internal ONLY module**
Manufacturer: mozilla.org
Description: NSS Internal Crypto Services
PKCS #11 Version 2.11
Library Version: 3.8
Cipher Enable Flags: None
Default Mechanism Flags: RSA:RC2:RC4:DES:DH:SHA1:MD5:MD2:SSL:TLS

  Slot: NSS Internal Cryptographic Services
  Slot Mechanism Flags: RSA:RC2:RC4:DES:DH:SHA1:MD5:MD2:SSL:TLS
  Manufacturer: mozilla.org
  Type: Software
  Version Number: 3.8
  Firmware Version: 0.0
  Status: Enabled
  Token Name: NSS Generic Crypto Services
  Token Manufacturer: mozilla.org
  Token Model: NSS 3
  Token Serial Number: 0000000000000000
  Token Version: 4.0
  Token Firmware Version: 0.0
  Access: Write Protected
  Login Type: Public (no login required)
  User Pin: NOT Initialized

  Slot: NSS User Private Key and Certificate Services
  Slot Mechanism Flags: None
  Manufacturer: mozilla.org
  Type: Software
  Version Number: 3.8
  Firmware Version: 0.0
  Status: Enabled
  Token Name: NSS Certificate DB
  Token Manufacturer: mozilla.org
  Token Model: NSS 3
  Token Serial Number: 0000000000000000
  Token Version: 8.3
  Token Firmware Version: 0.0
  Access: NOT Write Protected
  Login Type: Public (no login required)
  User Pin: Initialized

We need to find a way to automatically rev up the reported version when the NSS
version gets incremented.
Some interesting info.

That version has been 3.2, 3.6, 3.7, 3.8.

The changes to 3.6, 3.7, and 3.8 were all done
by Julien, in rev. 1.61 (bug 172732), rev. 1.62,
and rev. 1.80 (bug 200394) of lib/softoken/pkcs11.c.

I suggested this patch in bug 200394 comment 3,
but didn't follow it through.

We should review all the versions returned by our
NSC_GetInfo, NSC_GetSlotInfo, and NSC_GetTokenInfo.
So this patch is just the first step in fixing
this bug.

Also, we may want to give softoken its own version
number, independent of the rest of NSS, so that
we can upgrade the rest of NSS while freezing softoken
at the version that's FIPS validated.
Attachment #187086 - Flags: superreview?(rrelyea)
Attachment #187086 - Flags: review?(julien.pierre.bugs)
Comment on attachment 187086 [details] [diff] [review]
Use the version macros defined in nss.h

I think we didn't do this initially because we thought we might freeze
softoken. We haven't been bumping it up, and and usually make some change each
release, so we should have it track the NSS version number like all our other
shared libraries.

While we are at it we probably should bump up the minor version to 20 since we
are using 20 functions and semantics now.
Attachment #187086 - Flags: superreview?(rrelyea) → superreview+
Comment on attachment 187086 [details] [diff] [review]
Use the version macros defined in nss.h

Nelson, Julien, please indicate Sun's approval of the
inclusion of this patch in NSS 3.10.1 with a review+.
Thanks.
Attachment #187086 - Flags: review?(nelson)
Bob, when we bump the minor version to 20, should we also
update our pkcs11*.h headers to v2.20?  Is that easy to do,
or is that more appropriate for NSS 3.11?
Let's bump it at 3.11 then,

bob
Comment on attachment 187086 [details] [diff] [review]
Use the version macros defined in nss.h

Looks right to me. This would be good for 3.10.x.
Attachment #187086 - Flags: review?(nelson) → review+
By my last comment, I meant only that
I'm OK with applying this first in either 3.10.1 or in 3.11.
Comment on attachment 187086 [details] [diff] [review]
Use the version macros defined in nss.h

I checked in this patch on the NSS trunk for NSS 3.10.1.

Checking in pkcs11.c;
/cvsroot/mozilla/security/nss/lib/softoken/pkcs11.c,v  <--  pkcs11.c
new revision: 1.101; previous revision: 1.100
done
Attachment #187086 - Flags: review?(julien.pierre.bugs)
Marked the bug fixed.

Upgrading to PKCS #11 v2.20 headers is bug 292239.

I opened bug 298631 for the review of the various
versions returned by NSC_GetInfo, NSC_GetSlotInfo,
and NSC_GetTokenInfo
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.10.1
Priority: -- → P2
Attachment #187086 - Flags: review+
Target Milestone: 3.10.1 → 3.10.2
You need to log in before you can comment on or make changes to this bug.