Closed
Bug 835174
Opened 11 years ago
Closed 8 years ago
nsIX509CertDB::openSignedJARFile does not support old-style signatures (without SHA1-Digest-Manifest)
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: briansmith, Unassigned)
References
Details
nsIX509CertDB::openSignedJARFile current requires the SHA1-Digest-Manifest in the JAR file, which is technically optional. We do this because relying on SHA1-Digest-Manifest is safer, because it is simpler and because it allows us to process much less untrusted input prior to verifying the signature. However, the tool in NSS for signing jar files does not add the SHA1-Digest-Manifest attribute when signing, so we can't expect extension developers to have SHA1-Digest-Manifest in their extensions. Consequently, in order for Toolkit to switch to openSignedJARFile for verifying extension signatures, we need to add an option for openSignedJARFile to accept the old (less safe) kind of signature.
AMO is the only entity doing add-on signing now, so we don't have to support this if we don't want to.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•