Closed Bug 584562 Opened 9 years ago Closed 9 years ago
Add algorithm string for RSA-PSS
Attached patch will add an algorithm string for RSA-PSS as defined in rfc 4055. We're working on PSS support in #158750 (as a summer of code project), though this patch only allows firefox to display the signature algorithm. It only depends on the OID and that has already been applied for nss 3.12.7.
Assignee: nobody → hanno
OS: Linux → All
Hardware: x86_64 → All
Target Milestone: --- → mozilla2.0b4
The OID tag SEC_OID_PKCS1_RSA_PSS_SIGNATURE was added in NSS 3.12.7. So this bug will make Mozilla require NSS 3.12.7.
Depends on: 158750
Comment on attachment 462993 [details] [diff] [review] add algorithm string for RSA PSS Thanks for the patch. In security/manager/locales/en-US/chrome/pipnss/pipnss.properties: >+CertDumpRSAPssSignature=PKCS #1 RSASSA-PSS Signature Please change this to CertDumpRSAPSSSignature=PKCS #1 RSA-PSS Signature In security/manager/ssl/src/nsNSSCertHelper.cpp: Please add the SEC_OID_PKCS1_RSA_PSS_SIGNATURE case after the SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION case, so that all the SEC_OID_PKCS1_*RSA_ENCRYPTION cases are consecutive.
I know we had the discussion before about the naming, but here I'd really prefer the more complete name RSASSA-PSS. The main reason is that all other apps supporting pss I saw for now use this (e.g. internet explorer). I'd probably also change that back for the public string in secoid.c.
Update for current cvs, no changes.
Comment on attachment 515352 [details] [diff] [review] firefox-showpssoid-v3.diff r=wtc. Thanks. >+ bundlekey = "CertDumpRSAPssSignature"; Nit: please spell "PSS" in all uppercase.
Attachment #515352 - Flags: review? → review+
nit fixed, please apply
Attachment #515406 - Flags: review?
Pushed to mozilla-central (Firefox 5): http://hg.mozilla.org/mozilla-central/rev/5b6c6ecb4cae
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: mozilla2.0b4 → mozilla2.2
Can someone confirm if this is fixed?
Anthony: this bug doesn't need to be verified. I verified that my checkin made it into http://mxr.mozilla.org/mozilla-central/.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.