Closed
Bug 39495
Opened 24 years ago
Closed 21 years ago
Certificates with identical serial numbers, subjects and issuers.
Categories
(NSS :: Libraries, defect, P3)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 230996
3.9.1
People
(Reporter: bugzilla, Assigned: nelson)
Details
This is a replacement bug for Netscape bug http://scopus/bugsplat/show_bug.cgi?id=113432 Creating second certificate with new key material and nickname but with the same serial number and with one distinguished name for all subjects and issuers, let you pass certificate = CERT_NewTempCertificate(certHandle, derCert, certNickname, PR_FALSE, PR_TRUE); but then it throws assertion PORT_Assert(!cert->isperm); in CERT_AddTempCertToPerm(certificate, certNickname, &trust); ------- Additional Comments From awnuk 05/05/98 14:35 ------- It is NT problem only and can be easily reproduced by running CertKey test with test Id 437208613. To do this type certkey 437208613. CertKey test is under cvs control and available on ns/sectools/suites/secuity/certkey/certkey.c and can be build by typing gmake in the test source directory. Test input data and execution log should look like the one presented below: http://warp/m/dist/sectools/results/security/certkey/WINNT4.0/19980427/043720861 3/index.html ------- Additional Comments From relyea Jun-10-1999 14:08 ------- Fred, this is an invalid thing to do, but it shouldn't crash the library. Don
Comment 1•24 years ago
|
||
Set Target Milestone 4.0.
Assignee: lord → wtc
Target Milestone: --- → 4.0
Version: unspecified → 3.0
Updated•24 years ago
|
Status: NEW → ASSIGNED
QA Contact: lord → sonmi
Comment 2•22 years ago
|
||
Changed the QA contact to Bishakha.
QA Contact: sonja.mirtitsch → bishakhabanerjee
Comment 3•21 years ago
|
||
I'm guessing that this bug no longer exists as of 3.9 given all the work we have done to detect the identical serial numbers. It should be verified and closed.
Comment 4•21 years ago
|
||
*** This bug has been marked as a duplicate of 172247 ***
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
Target Milestone: 4.0 → 3.7
Assignee | ||
Comment 5•21 years ago
|
||
I found the source to this old NSS 2.8 test program, and made the minimum necessary modifications to get it to build with NSS 3.9 (mostly made it use NSS_InitReadWrite). Then I tested it. I found that a) The problem due to duplicate issuer and serial number is fixed in NSS 3.9 It is actually a duplicate of bug 230996, rather than bug 172247. b) There is another crash in libNSS shown by this test program. Function CERT_DecodeTrustString crashes if it is given a NULL ptr for the second argument. I will mark this bug a duplicate of 230996, and file a separate bug about this other crash.
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
Assignee | ||
Comment 7•21 years ago
|
||
*** This bug has been marked as a duplicate of 230996 ***
Status: NEW → RESOLVED
Closed: 21 years ago → 21 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Updated•21 years ago
|
Target Milestone: 3.7 → 3.9.1
Assignee | ||
Comment 8•21 years ago
|
||
Correction to comment 5 above. I changed it to work with 3.9.1 and verified that it is fixed in NSS 3.9.1 by the fix to bug 230996
You need to log in
before you can comment on or make changes to this bug.
Description
•