Closed Bug 95264 Opened 23 years ago Closed 23 years ago

Incorrect smime perl script usage for message decoding

Categories

(NSS :: Tools, defect, P1)

Product:
NSS
Component:
Tools
Version:
3.2.1
Platform:
Sun
Solaris
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: alam, Assigned: julien.pierre)

Details

Build Used:  20010810 solaris 2.6
smime tool infor: http://mozilla.org/projects/security/pki/nss/smime/

To decode a S/MIME message using smime script, we need to use "-p" (secure 
module password) in conjuction with the "-D" option.

The current smime script usage need to be updated, since it didn't say the
-p option must be used in conjunction with the -D option.

------------------------------------------------------------------
usage: smime [options]
 options:
 -S nick             generate signed message, use certificate named "nick"
  -p passwd          use "passwd" as security module password
 -E rec1[,rec2...]   generate encrypted message for recipients
 -D                  decode a S/MIME message
 -C pathname         set pathname of "cmsutil"
 -d directory        set directory containing certificate db
                     (default: ~/.netscape)

With -S or -E, smime will take a regular RFC822 message or MIME entity
on stdin and generate a signed or encrypted S/MIME message with the same
headers and content from it. The output can be used as input to a MTA.
-D causes smime to strip off all S/MIME layers if possible and output
the "inner" message.
--------------------------------------------------------------------
Marking NEW.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Assigned the bug to Julien.
Assignee: ian.mcgreer → jpierre
Priority: -- → P1
Target Milestone: --- → 3.4
Antonio,

The password should only be needed when you use -D to decrypt an S/MIME message.
When using -D to verify the signature of a signed message, the password should
not be needed. Please verify that this is the case. If this is so as I suspect,
this is not a bug, but is in fact working as designed, and it's only a
documentation issue to mention that decryption requires a password . 

Julien, you are right, the -p option is only for decoding the encrypted message.  
But still, I think we should add the -p option for Decoding in the toolkit 
usage. Something may look like this:

-D                  decode a S/MIME message
 -p passwd          use "passwd" as security module password 
                    (for encrypted message only)

Put it this way will avoid potential errors that may occurs, since user 
will assume there is no need to do -p for encrypted message when he/she look at 
the usage at the beginning.
Fixed on the tip (NSS 3.4).

Checking in smime;
/cvsroot/mozilla/security/nss/cmd/smimetools/smime,v  <--  smime
new revision: 1.8; previous revision: 1.7
done
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Changed the target milestone to 3.3.2 because the fix
has been checked into the 3.3 branch.
Target Milestone: 3.4 → 3.3.2
You need to log in before you can comment on or make changes to this bug.