Closed Bug 553512 Opened 15 years ago Closed 15 years ago

SEC_OID_X509_ANY_POLICY should not be an UNSUPPORTED_CERT_EXTENSION

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Version:
3.12.4
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.7

People

(Reporter: wtc, Assigned: wtc)

Details

Attachments

(1 file)

Proposed patch
1.19 KB, patch
alvolkov.bgs
: review+
Details | Diff | Splinter Review
Attached patch Proposed patchSplinter Review
In NSS 3.12.4, SEC_OID_X509_ANY_POLICY was added (bug 391434). OD( x509CertificatePoliciesAnyPolicy, SEC_OID_X509_ANY_POLICY, "Certificate Policies AnyPolicy", CKM_INVALID_MECHANISM, UNSUPPORTED_CERT_EXTENSION ), Since anyPolicy is not a certificate extension, it should be INVALID_CERT_EXTENSION rather than UNSUPPORTED_CERT_EXTENSION. See the following examples of adding certificate policy OIDs: http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/cmd/vfychain/vfychain.c&rev=1.30&mark=643,645,661#638 PSM adds EV certificate policy OIDs: http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/manager/ssl/src/nsIdentityChecking.cpp&rev=1.26&mark=432-433#420
Attachment #433502 - Flags: review?(alexei.volkov.bugs)
Comment on attachment 433502 [details] [diff] [review] Proposed patch r=alexei
Attachment #433502 - Flags: review?(alexei.volkov.bugs) → review+
I checked in the patch on the NSS trunk (NSS 3.12.7). Checking in secoid.c; /cvsroot/mozilla/security/nss/lib/util/secoid.c,v <-- secoid.c new revision: 1.57; previous revision: 1.56 done
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: