Wrong OIDs for SHA-256, SHA-384, and SHA-512.

RESOLVED FIXED in 4.3

Status

JSS
Library
P1
normal
RESOLVED FIXED
10 years ago
10 years ago

People

(Reporter: Wan-Teh Chang, Assigned: glen beasley)

Tracking

unspecified

Details

(URL)

Attachments

(1 attachment)

(Reporter)

Description

10 years ago
This bug was first reported on the dev-tech-crypto.lists.mozilla.org
mailing list by fercufer <fercufer@gmail.com>, and tracked down by
Jean-Marc Desperrier.

The official page of the OIDs for NIST algorithms is
http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html

It has this definition:

    hashAlgs OBJECT IDENTIFIER ::= { nistAlgorithms 2 }

Note that it ends in 2.

The corresponding JSS code is
http://mxr.mozilla.org/security/source/security/jss/org/mozilla/jss/asn1/OBJECT_IDENTIFIER.java#110

110     /**
111      * The OID space for FIPS-180-2 SHA256/SHA384/SHA512 standardized algorithms.
112      */
113     public static final OBJECT_IDENTIFIER HASH_ALGORITHM =
114         new OBJECT_IDENTIFIER( new long[] {2, 16, 840, 1, 101, 3, 4 } );

Note that it ends in 4.  That actually corresponds to nistAlgorithms:

    nistAlgorithms OBJECT IDENTIFIER ::= { csor nistAlgorithm(4) }

Line 114 should be changed to

114         new OBJECT_IDENTIFIER( new long[] {2, 16, 840, 1, 101, 3, 4, 2 } );
(Assignee)

Comment 1

10 years ago
Created attachment 336078 [details] [diff] [review]
correct OID
Attachment #336078 - Flags: review?(wtc)
(Assignee)

Updated

10 years ago
Attachment #336078 - Attachment is patch: true
Attachment #336078 - Attachment mime type: application/octet-stream → text/plain
(Reporter)

Updated

10 years ago
Attachment #336078 - Flags: review?(wtc) → review+
(Reporter)

Comment 2

10 years ago
Comment on attachment 336078 [details] [diff] [review]
correct OID

r=wtc.
(Assignee)

Comment 3

10 years ago
/cvsroot/mozilla/security/jss/org/mozilla/jss/asn1/OBJECT_IDENTIFIER.java,v  <--  OBJECT_IDENTIFIER.java
new revision: 1.6; previous revision: 1.5
done
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Priority: -- → P1
Resolution: --- → FIXED
Target Milestone: --- → 4.3
You need to log in before you can comment on or make changes to this bug.