Add algorithm string for RSA-PSS

VERIFIED FIXED in mozilla5

Status

()

Core
Security: PSM
VERIFIED FIXED
8 years ago
7 years ago

People

(Reporter: Hanno Boeck, Assigned: Hanno Boeck)

Tracking

(Depends on: 1 bug)

unspecified
mozilla5
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 3 obsolete attachments)

(Assignee)

Description

8 years ago
Created attachment 462993 [details] [diff] [review]
add algorithm string for RSA PSS

Attached patch will add an algorithm string for RSA-PSS as defined in rfc 4055.
We're working on PSS support in #158750 (as a summer of code project), though this patch only allows firefox to display the signature algorithm. It only depends on the OID and that has already been applied for nss 3.12.7.

Updated

8 years ago
Assignee: nobody → hanno
OS: Linux → All
Hardware: x86_64 → All
Target Milestone: --- → mozilla2.0b4

Comment 1

8 years ago
The OID tag SEC_OID_PKCS1_RSA_PSS_SIGNATURE was added
in NSS 3.12.7.  So this bug will make Mozilla require
NSS 3.12.7.
Depends on: 158750

Comment 2

8 years ago
Comment on attachment 462993 [details] [diff] [review]
add algorithm string for RSA PSS

Thanks for the patch.

In security/manager/locales/en-US/chrome/pipnss/pipnss.properties:

>+CertDumpRSAPssSignature=PKCS #1 RSASSA-PSS Signature

Please change this to

CertDumpRSAPSSSignature=PKCS #1 RSA-PSS Signature

In security/manager/ssl/src/nsNSSCertHelper.cpp:

Please add the SEC_OID_PKCS1_RSA_PSS_SIGNATURE case
after the SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION
case, so that all the SEC_OID_PKCS1_*RSA_ENCRYPTION
cases are consecutive.
Attachment #462993 - Attachment is patch: true
Attachment #462993 - Flags: review-
(Assignee)

Comment 3

8 years ago
I know we had the discussion before about the naming, but here I'd really prefer the more complete name RSASSA-PSS. The main reason is that all other apps supporting pss I saw for now use this (e.g. internet explorer). I'd probably also change that back for the public string in secoid.c.
(Assignee)

Comment 4

8 years ago
Created attachment 493793 [details] [diff] [review]
firefox-showpssoid-v2.diff
Attachment #493793 - Flags: review?(wtc)
(Assignee)

Updated

8 years ago
Attachment #462993 - Attachment is obsolete: true
(Assignee)

Comment 5

7 years ago
Created attachment 515352 [details] [diff] [review]
firefox-showpssoid-v3.diff

Update for current cvs, no changes.
Attachment #493793 - Attachment is obsolete: true
Attachment #515352 - Flags: review?
Attachment #493793 - Flags: review?(wtc)

Comment 6

7 years ago
Comment on attachment 515352 [details] [diff] [review]
firefox-showpssoid-v3.diff

r=wtc.  Thanks.

>+    bundlekey = "CertDumpRSAPssSignature";

Nit: please spell "PSS" in all uppercase.
Attachment #515352 - Flags: review? → review+
(Assignee)

Comment 7

7 years ago
Created attachment 515406 [details] [diff] [review]
firefox-showpssoid-v4.diff

nit fixed, please apply
Attachment #515406 - Flags: review?

Updated

7 years ago
Attachment #515406 - Flags: review? → review+

Updated

7 years ago
Attachment #515352 - Attachment is obsolete: true

Comment 8

7 years ago
Pushed to mozilla-central (Firefox 5):
http://hg.mozilla.org/mozilla-central/rev/5b6c6ecb4cae
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
Target Milestone: mozilla2.0b4 → mozilla2.2
Can someone confirm if this is fixed?

Comment 10

7 years ago
Anthony: this bug doesn't need to be verified.
I verified that my checkin made it into
http://mxr.mozilla.org/mozilla-central/.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.