The default bug view has changed. See this FAQ.

Incorrect smime perl script usage for message decoding

RESOLVED FIXED in 3.3.2

Status

NSS
Tools
P1
trivial
RESOLVED FIXED
16 years ago
16 years ago

People

(Reporter: Antonio Lam, Assigned: Julien Pierre)

Tracking

3.2.1
3.3.2
Sun
Solaris

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

16 years ago
Build Used:  20010810 solaris 2.6
smime tool infor: http://mozilla.org/projects/security/pki/nss/smime/

To decode a S/MIME message using smime script, we need to use "-p" (secure 
module password) in conjuction with the "-D" option.

The current smime script usage need to be updated, since it didn't say the
-p option must be used in conjunction with the -D option.

------------------------------------------------------------------
usage: smime [options]
 options:
 -S nick             generate signed message, use certificate named "nick"
  -p passwd          use "passwd" as security module password
 -E rec1[,rec2...]   generate encrypted message for recipients
 -D                  decode a S/MIME message
 -C pathname         set pathname of "cmsutil"
 -d directory        set directory containing certificate db
                     (default: ~/.netscape)

With -S or -E, smime will take a regular RFC822 message or MIME entity
on stdin and generate a signed or encrypted S/MIME message with the same
headers and content from it. The output can be used as input to a MTA.
-D causes smime to strip off all S/MIME layers if possible and output
the "inner" message.
--------------------------------------------------------------------

Comment 1

16 years ago
Marking NEW.
Status: UNCONFIRMED → NEW
Ever confirmed: true

Comment 2

16 years ago
Assigned the bug to Julien.
Assignee: ian.mcgreer → jpierre
Priority: -- → P1
Target Milestone: --- → 3.4
(Assignee)

Comment 3

16 years ago
Antonio,

The password should only be needed when you use -D to decrypt an S/MIME message.
When using -D to verify the signature of a signed message, the password should
not be needed. Please verify that this is the case. If this is so as I suspect,
this is not a bug, but is in fact working as designed, and it's only a
documentation issue to mention that decryption requires a password . 
(Reporter)

Comment 4

16 years ago
Julien, you are right, the -p option is only for decoding the encrypted message.  
But still, I think we should add the -p option for Decoding in the toolkit 
usage. Something may look like this:

-D                  decode a S/MIME message
 -p passwd          use "passwd" as security module password 
                    (for encrypted message only)

Put it this way will avoid potential errors that may occurs, since user 
will assume there is no need to do -p for encrypted message when he/she look at 
the usage at the beginning.
(Assignee)

Comment 5

16 years ago
Fixed on the tip (NSS 3.4).

Checking in smime;
/cvsroot/mozilla/security/nss/cmd/smimetools/smime,v  <--  smime
new revision: 1.8; previous revision: 1.7
done
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Resolution: --- → FIXED

Comment 6

16 years ago
Changed the target milestone to 3.3.2 because the fix
has been checked into the 3.3 branch.
Target Milestone: 3.4 → 3.3.2
You need to log in before you can comment on or make changes to this bug.