Closed Bug 942172 Opened 11 years ago Closed 10 years ago

algtag set but not used in CERTUTIL_GeneratePrivateKey

Categories

(NSS :: Tools, defect)

Product:
NSS
Component:
Tools
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.17.4

People

(Reporter: philippovmi, Assigned: Cykesiopka)

Details

Attachments

(1 file, 1 obsolete file)

bug942172_rm-algtag-CERTUTIL_GeneratePrivateKey_v2.patch
1.57 KB, patch
Cykesiopka
: review+
Details | Diff | Splinter Review
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:28.0) Gecko/20100101 Firefox/28.0 (Beta/Release) Build ID: 20131121171534 Steps to reproduce: Compiled Firefox against changeset 156520:cf378dddfac8 Actual results: Spotted a warning in build logs: gcc -o /home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/security/nss/cmd/certutil/keystuff.o -c -O2 -gdwarf-2 -D_POSIX_SOURCE -D_BSD_SOURCE -D_XOPEN_SOURCE -fPIC -DLINUX2_1 -Wall -Werror-implicit-function-declaration -Wno-switch -pipe -DLINUX -Dlinux -DHAVE_STRERROR -DXP_UNIX -DNSPR20 -UDEBUG -DNDEBUG -D_REENTRANT -DNSS_ENABLE_ECC -DUSE_UTIL_DIRECTLY -DNO_NSPR_10_SUPPORT -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/include/nspr -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/include/nspr -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/include/nss -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/private/nss -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/include/dbm -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/include/seccmd keystuff.c keystuff.c: In function ‘CERTUTIL_GeneratePrivateKey’: keystuff.c:497:15: warning: variable ‘algtag’ set but not used [-Wunused-but-set-variable] SECOidTag algtag; ^ Verified that this variable is actually set and not used under any macro directive. I'm not sure whether it's a bug or just some forgotten code.
Status: UNCONFIRMED → NEW
Ever confirmed: true
I just came across this today. Actually, while checking the security of key/csr/cert generation I saw that it gets set to a very insecure algorithm: algtag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; and spent quite a while making double extra super sure it isn't actually used for anything. I'm 99.999999% sure it isn't. what's odd is that it *never appears to have done anything*, ever, in the history of Mozilla NSS - if you go back to the very first check-in of the file, hg rev 205 in March 2000, algtag is set but never used in that version of the file. Being a bit obsessive I've been trying to dig out a copy of the initial incomplete open source tarball dump of NSS from somewhere to see if it did anything in *that*, but not having any luck so far. :) would be good to take it out so other people grepping for MD5 don't waste their time, I guess.
This patch just gets rid of algtag.
Assignee: nobody → cykesiopka.bmo
Status: NEW → ASSIGNED
Attachment #8530582 - Flags: review?(emaldona)
Attachment #8530582 - Flags: review+
Attachment #8530582 - Flags: review?(emaldona) → review+
Thanks for the review.
Keywords: checkin-needed
+ Correct a minor issue with the patch comment
Attachment #8530582 - Attachment is obsolete: true
Attachment #8532881 - Flags: review+
https://hg.mozilla.org/projects/nss/rev/f0ee7498e20a
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → 3.18
mass change target milestone to 3.17.4
Target Milestone: 3.18 → 3.17.4
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: