Open Bug 59801 Opened 20 years ago Updated 15 years ago
S/MIME toolkit fails when attempting to create signed-enveloped-message
nss_cms_before_data is called twice for enveloped-data, which causes an assertion as memory which has already been written to is attempted to be rewritten. It appears that the encoder layering is not proceeding correctly, as the function should probably not be called twice for the same content type.
have to move to 3.3.
Target Milestone: 3.2 → 3.3
Terry, you've been working with the S/MIME library. Have you seen this problem?
I'm only using enveloped messages, not enveloped and signed, so I can't comment on this report.
David, Is PSM not using nested content types yet? I suspect you are, in which case this bug must be invalid and signed-enveloped messages work. Or have you not tried signing an enveloped message?
Ian, The way S/MIME works for signing and encrypting is a 2 step process; step 1 is to create signature content info and encoder, feed the encoder a hash of the message body and append the output to the message as a separate part. step 2 is to create an encryption content info and encoder and feed in all the data from step 1 (i.e. message body and signature part). No use is made of nested content types.
lowering priority since there is no immediate need for this. This bug may even be invalid.
Priority: P1 → P3
Changed the QA contact to Bishakha.
QA Contact: sonja.mirtitsch → bishakhabanerjee
Set target milestone to NSS 3.5.
Target Milestone: 3.4 → 3.5
Ian, should this bug be resolved INVALID or be fixed?
I'm setting it to future. The bug definitely exists and is easy to reproduce, but until there is demand for nested content types, this bug has no priority. If at any point there is such demand, we need to fix this bug.
Target Milestone: 3.5 → Future
redistributing Ian's bugs
Assignee: bugz → wtchang
Status: ASSIGNED → NEW
QA Contact: bishakhabanerjee → jason.m.reid
Assignee: wtchang → nobody
QA Contact: jason.m.reid → libraries
You need to log in before you can comment on or make changes to this bug.