Mac-Cannot get certs-No public key generated.

VERIFIED FIXED in psm2.0

Status

P1
blocker
VERIFIED FIXED
18 years ago
2 years ago

People

(Reporter: junruh, Assigned: javi)

Tracking

1.0 Branch
psm2.0
PowerPC
Mac System 9.x

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: PDT; want plus; need a=, URL)

Attachments

(1 attachment)

(Reporter)

Description

18 years ago
1.) Visit http://www.verisign.com/client/enrollment/index.html and request a 60 
day free cert.
What happens: The following page states that "The public key was not generated"
2.) Visit the above in-house URL and try any of the CMS 4.2 tests.
What happens: After you click submit, the watch cursor appears for a few seconds 
and then returns you to the same page. No cert appears in the cert manager.

Comment 1

18 years ago
-> javi
P1
target -> 2.0
Assignee: ssaux → javi
Priority: -- → P1
Target Milestone: --- → 2.0

Comment 2

18 years ago
The keygen process is required to get Verisign or intranet certs.  This is a
critical bug to fix.
Keywords: nsBranch, nsdogfood
(Assignee)

Comment 3

18 years ago
This is fialing in RSA_NewKey

This function call fails:
http://lxr.mozilla.org/mozilla/source/security/nss/lib/freebl/rsa.c#264

trying to generate a prime for p.

I'm gonna need nelsonb and mcgreer to help on this since they know what this
code is supposed to be doing.

Updated

18 years ago
Whiteboard: PDT; want plus
(Assignee)

Comment 4

18 years ago
Created attachment 40311 [details] [diff] [review]
Patch to fix keygen in NSS for the Mac.
(Assignee)

Comment 5

18 years ago
The problem was in using the sizeof operator on the variable sieve.  On all
platforms except the Mac, sieve was a static array of size 32*1024 (SIEVE_SIZE).

On the Mac, it was of type unsigned char* (this is due to not being able to
allocate that much memory on the stack for the Mac).  So a loop that was
supposed to execute 32*1024 times was only executing 4 times on the Mac (which
is sizeof unsigned char*)

That patch replaces all occurences of "sizeof sieve" with "SIEVE_SIZE" which was
already defined in the file.

Updated

18 years ago
Whiteboard: PDT; want plus → PDT; want plus; need r=, sr=, a=

Comment 6

18 years ago
I worked with Javi on this and believe it is correct.  So r=mcgreer.
Yes, this patch looks right to me.
(Assignee)

Updated

18 years ago
Whiteboard: PDT; want plus; need r=, sr=, a= → PDT; want plus; need sr=, a=
sr=blizzard

Updated

18 years ago
Whiteboard: PDT; want plus; need sr=, a= → PDT; want plus; need a=
(Assignee)

Comment 9

18 years ago
This has been checked-in to trunk builds of Mozilla and to the trunk of NSS.
(Assignee)

Comment 10

18 years ago
Fixed checked into 0.9.2 branch as well.
Status: NEW → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → FIXED
(Reporter)

Comment 11

18 years ago
Verified.
Status: RESOLVED → VERIFIED

Updated

14 years ago
Component: Security: UI → Security: UI
Product: PSM → Core

Updated

10 years ago
Version: psm2.0 → 1.0 Branch
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.