Closed
Bug 466447
Opened 16 years ago
Closed 16 years ago
Firefox crashes when the PIN is entered on a smart card reader with secure PIN entry
Categories
(Core Graveyard :: Security: UI, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 443284
People
(Reporter: helge, Unassigned)
Details
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; MS-RTC LM 8) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4 When using a PKCS #11 library for smart cards with PIN pad reader, Firefox crashes. The library sets the CK_TOKEN_INFO.flags CKF_PROTECTED_AUTHENTICATION_PATH flag to TRUE, as described in PKCS #11 spec. When Firefox 3.0.4 needs to login into the token, it displays a "Protected Token Authentication" dialog and calls correctly C_Login with an empty PIN, everything good so far. When the C_Login returns, either with CKR_OK or an error, FF crashes. Reproducible: Always Steps to Reproduce: 1. Load a PKCS #11 library that sets CKF_PROTECTED_AUTHENTICATION_PATH 2. Open the certificate dialog: Tools->Options->Advanced->Encryption->View Certificates 3. FF Displays a "Protected Token Authentication" message box and activates the PIN pad entry. 4. Enter correct PIN, wrong PIN or Cancel, in either case, FF crashes. Actual Results: Firefox crashes Expected Results: Firefox should behave the same way as when PIN is entered through the regular PIN dialog of Firefox, i.e. accept or reject authentication depending on the result.
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
Updated•16 years ago
|
Component: Libraries → Security: UI
Product: NSS → Core
Version: unspecified → 1.9.0 Branch
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•