Closed Bug 942172 Opened 10 years ago Closed 9 years ago

algtag set but not used in CERTUTIL_GeneratePrivateKey

Categories

(NSS :: Tools, defect)

Product:
NSS
Component:
Tools
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.17.4

People

(Reporter: philippovmi, Assigned: Cykesiopka)

Details

Attachments

(1 file, 1 obsolete file)

bug942172_rm-algtag-CERTUTIL_GeneratePrivateKey_v2.patch
1.57 KB, patch
Cykesiopka
: review+
Details | Diff | Splinter Review 
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:28.0) Gecko/20100101 Firefox/28.0 (Beta/Release)
Build ID: 20131121171534

Steps to reproduce:

Compiled Firefox against changeset 156520:cf378dddfac8


Actual results:

Spotted a warning in build logs:

gcc -o /home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/security/nss/cmd/certutil/keystuff.o -c -O2 -gdwarf-2 -D_POSIX_SOURCE -D_BSD_SOURCE -D_XOPEN_SOURCE -fPIC -DLINUX2_1  -Wall -Werror-implicit-function-declaration -Wno-switch -pipe -DLINUX -Dlinux -DHAVE_STRERROR -DXP_UNIX -DNSPR20 -UDEBUG -DNDEBUG -D_REENTRANT -DNSS_ENABLE_ECC -DUSE_UTIL_DIRECTLY -DNO_NSPR_10_SUPPORT -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/include/nspr -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/include/nspr -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/include/nss  -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/private/nss  -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/include/dbm -I/home/maxim/projects/mozilla/obj-x86_64-unknown-linux-gnu/dist/include/seccmd  keystuff.c
keystuff.c: In function ‘CERTUTIL_GeneratePrivateKey’:
keystuff.c:497:15: warning: variable ‘algtag’ set but not used [-Wunused-but-set-variable]
     SECOidTag          algtag;
               ^

Verified that this variable is actually set and not used under any macro directive. I'm not sure whether it's a bug or just some forgotten code.
Status: UNCONFIRMED → NEW
Ever confirmed: true
I just came across this today. Actually, while checking the security of key/csr/cert generation I saw that it gets set to a very insecure algorithm:

algtag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;

and spent quite a while making double extra super sure it isn't actually used for anything. I'm 99.999999% sure it isn't.

what's odd is that it *never appears to have done anything*, ever, in the history of Mozilla NSS - if you go back to the very first check-in of the file, hg rev 205 in March 2000, algtag is set but never used in that version of the file. Being a bit obsessive I've been trying to dig out a copy of the initial incomplete open source tarball dump of NSS from somewhere to see if it did anything in *that*, but not having any luck so far. :)

would be good to take it out so other people grepping for MD5 don't waste their time, I guess.
This patch just gets rid of algtag.
Assignee: nobody → cykesiopka.bmo
Status: NEW → ASSIGNED
Attachment #8530582 - Flags: review?(emaldona)
Attachment #8530582 - Flags: review+
Attachment #8530582 - Flags: review?(emaldona) → review+
Thanks for the review.
Keywords: checkin-needed
+ Correct a minor issue with the patch comment
Attachment #8530582 - Attachment is obsolete: true
Attachment #8532881 - Flags: review+
https://hg.mozilla.org/projects/nss/rev/f0ee7498e20a
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → 3.18
mass change target milestone to 3.17.4
Target Milestone: 3.18 → 3.17.4
You need to log in before you can comment on or make changes to this bug.