User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; MS-RTC LM 8) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:184.108.40.206) Gecko/2008102920 Firefox/3.0.4 When using a PKCS #11 library for smart cards with PIN pad reader, Firefox crashes. The library sets the CK_TOKEN_INFO.flags CKF_PROTECTED_AUTHENTICATION_PATH flag to TRUE, as described in PKCS #11 spec. When Firefox 3.0.4 needs to login into the token, it displays a "Protected Token Authentication" dialog and calls correctly C_Login with an empty PIN, everything good so far. When the C_Login returns, either with CKR_OK or an error, FF crashes. Reproducible: Always Steps to Reproduce: 1. Load a PKCS #11 library that sets CKF_PROTECTED_AUTHENTICATION_PATH 2. Open the certificate dialog: Tools->Options->Advanced->Encryption->View Certificates 3. FF Displays a "Protected Token Authentication" message box and activates the PIN pad entry. 4. Enter correct PIN, wrong PIN or Cancel, in either case, FF crashes. Actual Results: Firefox crashes Expected Results: Firefox should behave the same way as when PIN is entered through the regular PIN dialog of Firefox, i.e. accept or reject authentication depending on the result.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 443284
Component: Libraries → Security: UI
Product: NSS → Core
Version: unspecified → 1.9.0 Branch
You need to log in before you can comment on or make changes to this bug.