Closed Bug 584562 Opened 15 years ago Closed 14 years ago

Add algorithm string for RSA-PSS

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED FIXED
Milestone:
mozilla5

People

(Reporter: hanno, Assigned: hanno)

References

(Depends on 1 open bug)

Details

Attachments

(1 file, 3 obsolete files)

firefox-showpssoid-v4.diff
2.33 KB, patch
wtc
: review+
Details | Diff | Splinter Review
Attached patch add algorithm string for RSA PSS (obsolete) — Splinter Review
Attached patch will add an algorithm string for RSA-PSS as defined in rfc 4055. We're working on PSS support in #158750 (as a summer of code project), though this patch only allows firefox to display the signature algorithm. It only depends on the OID and that has already been applied for nss 3.12.7.
Assignee: nobody → hanno
OS: Linux → All
Hardware: x86_64 → All
Target Milestone: --- → mozilla2.0b4
The OID tag SEC_OID_PKCS1_RSA_PSS_SIGNATURE was added in NSS 3.12.7. So this bug will make Mozilla require NSS 3.12.7.
Depends on: 158750
Comment on attachment 462993 [details] [diff] [review] add algorithm string for RSA PSS Thanks for the patch. In security/manager/locales/en-US/chrome/pipnss/pipnss.properties: >+CertDumpRSAPssSignature=PKCS #1 RSASSA-PSS Signature Please change this to CertDumpRSAPSSSignature=PKCS #1 RSA-PSS Signature In security/manager/ssl/src/nsNSSCertHelper.cpp: Please add the SEC_OID_PKCS1_RSA_PSS_SIGNATURE case after the SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION case, so that all the SEC_OID_PKCS1_*RSA_ENCRYPTION cases are consecutive.
Attachment #462993 - Attachment is patch: true
Attachment #462993 - Flags: review-
I know we had the discussion before about the naming, but here I'd really prefer the more complete name RSASSA-PSS. The main reason is that all other apps supporting pss I saw for now use this (e.g. internet explorer). I'd probably also change that back for the public string in secoid.c.
Attached patch firefox-showpssoid-v2.diff (obsolete) — Splinter Review
Attachment #493793 - Flags: review?(wtc)
Attachment #462993 - Attachment is obsolete: true
Attached patch firefox-showpssoid-v3.diff (obsolete) — Splinter Review
Update for current cvs, no changes.
Attachment #493793 - Attachment is obsolete: true
Attachment #515352 - Flags: review?
Attachment #493793 - Flags: review?(wtc)
Comment on attachment 515352 [details] [diff] [review] firefox-showpssoid-v3.diff r=wtc. Thanks. >+ bundlekey = "CertDumpRSAPssSignature"; Nit: please spell "PSS" in all uppercase.
Attachment #515352 - Flags: review? → review+
nit fixed, please apply
Attachment #515406 - Flags: review?
Attachment #515406 - Flags: review? → review+
Attachment #515352 - Attachment is obsolete: true
Pushed to mozilla-central (Firefox 5): http://hg.mozilla.org/mozilla-central/rev/5b6c6ecb4cae
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Target Milestone: mozilla2.0b4 → mozilla2.2
Can someone confirm if this is fixed?
Anthony: this bug doesn't need to be verified. I verified that my checkin made it into http://mxr.mozilla.org/mozilla-central/.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: