Closed
Bug 386351
Opened 16 years ago
Closed 6 years ago
SignerInfo class inserts wrong version # into the resulting structure
Categories
(JSS Graveyard :: Library, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
4.2.7
People
(Reporter: david.konrad.stutzman, Assigned: david.konrad.stutzman)
Details
Attachments
(1 file, 2 obsolete files)
|
1.68 KB,
patch
|
david.konrad.stutzman
:
review?
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4 Build Identifier: JSS 4.2 The CMS rfc (http://www.faqs.org/rfcs/rfc3852.html) says the following about SignerInfo version: "version is the syntax version number. If the SignerIdentifier is the CHOICE issuerAndSerialNumber, then the version MUST be 1. If the SignerIdentifier is subjectKeyIdentifier, then the version MUST be 3." I have constructed a SignerInfo object passing in a SignerIdentifier as the first argument that was constructed with an IssuerAndSerialNumber and the resulting structure has a version of 3 when it should have a version of 1 according to the spec. Reproducible: Always Steps to Reproduce: 1. construct an IssuerAndSerialNumber 2. construct a SignerIdentifier using the IssuerAndSerialNumber you just created 3. construct a SignerInfo using the SignerIdentifier you just created 4. call getVersion() on the resulting SignerInfo object and get a 3 Actual Results: SignerInfo.getVersion() returns a 3 Expected Results: SignerInfo.getVersion() returns a 1 I haven't tested what version you get if you make a SignerIdentifier with a SubjectKeyIdentifier.
Updated•16 years ago
|
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Priority: -- → P1
Target Milestone: --- → 4.3
Updated•16 years ago
|
QA Contact: jss-qa
Updated•16 years ago
|
Target Milestone: 4.3 → 4.2.7
Version: unspecified → 4.2.5
Updated•14 years ago
|
Assignee: gbmozilla → nobody
| Assignee | ||
Comment 1•6 years ago
|
||
Fix versioning of SignerInfo to match CMS spec. Tested with constructing a SignerInfo with a SignerIdentifier that is an IASN and calling SignerInfo.getVersion() which returns 1 now and constructing with a SignerIdentifier that is a SKI yields version 3. Also encoded and decoded the objects and correct versions persist.
Attachment #8942262 -
Flags: review?(cfu)
Comment 2•6 years ago
|
||
Comment on attachment 8942262 [details] [diff] [review] 386351.patch Review of attachment 8942262 [details] [diff] [review]: ----------------------------------------------------------------- logic looks reasonable. My only suggestion is to add null check for signerIdentifier. I see the existing code doesn't do much of that, but since you are dereferencing it, it would be a safer practice.
| Assignee | ||
Comment 3•6 years ago
|
||
Added null-check for signerIdentifier param as noted from code review.
Attachment #8942262 -
Attachment is obsolete: true
Attachment #8942262 -
Flags: review?(cfu)
Comment 4•6 years ago
|
||
Comment on attachment 8942656 [details] [diff] [review] 386351.patch Review of attachment 8942656 [details] [diff] [review]: ----------------------------------------------------------------- Hi Dave, thanks for the update. I have trouble applying the patch to the latest tip. Did you make sure that you did a pull before creating the patch? Please let me know. thanks.
Attachment #8942656 -
Flags: review?
| Assignee | ||
Comment 5•6 years ago
|
||
Sorry, working on an offline box. New patch against current tip (8746a3fc7478)
Attachment #8942656 -
Attachment is obsolete: true
Attachment #8942656 -
Flags: review?
Attachment #8942899 -
Flags: review?
Comment 6•6 years ago
|
||
pushed: https://hg.mozilla.org/projects/jss/rev/1d858c6d4626b625bb671426e6899d98c2f5bb2e
Assignee: nobody → david.konrad.stutzman
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•