312175 - Encrypted mail crashes when personal cert is missing email in DN

Status: RESOLVED DUPLICATE of bug 312173

(Thunderbird :: Security, defect)

Description

[Warren Gavin]

User-Agent:       Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; en) Opera 8.50
Build Identifier: 1.0.6

It is possible to load a certificate that does not contain an email address in the distinguished name.

Once selected as the cert to use for digitial signatures and encryption, sending an encrypted email to any recipient caused thunderbird to crash.

I've tried this for a number of certificates

1. My own, with my email in the DN
2. A random dummy cert, with email in the DN
3. My own, with no email in the DN
4. My own, with no email in the DN

use cases 3 & 4 cause a crash. It would seem the missing DN data is the issue.

Reproducible: Always

Steps to Reproduce:
1. Create a certificate with an emtpy email address
2. Create a PFX file with cert and private key
3. Load pfx file in 'Manage Certificates', specify any token device
4. In 'Account settings' -> 'Digital Signature' select this loaded cert as the 
requested cert & key for signatures and encryption.
5. Create email to some recipient, select 'Encrpyt this message' in security 
options.
6. hit send


Actual Results:  
Thunderbird crashes, unknown error in nss3.dll

Expected Results:  
As I am encrypting and sending, I don't see why this cannot just perform as 
needed. I'm at a loss as to why my certificate, regardless of its contents, is 
checked at any point. Surely the recipients certificate is all that's processed?

I'd upload the pfx files, but there doesn't seem to be an option to do that 
here.

Comment 1

[Warren Gavin]

*** This bug has been marked as a duplicate of 312173 ***