Last Comment Bug 95264 - Incorrect smime perl script usage for message decoding
: Incorrect smime perl script usage for message decoding
Product: NSS
Classification: Components
Component: Tools (show other bugs)
: 3.2.1
: Sun Solaris
P1 trivial (vote)
: 3.3.2
Assigned To: Julien Pierre
: Sonja Mirtitsch
Depends on:
  Show dependency treegraph
Reported: 2001-08-14 11:57 PDT by Antonio Lam
Modified: 2001-11-28 18:41 PST (History)
5 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---


Description User image Antonio Lam 2001-08-14 11:57:22 PDT
Build Used:  20010810 solaris 2.6
smime tool infor:

To decode a S/MIME message using smime script, we need to use "-p" (secure 
module password) in conjuction with the "-D" option.

The current smime script usage need to be updated, since it didn't say the
-p option must be used in conjunction with the -D option.

usage: smime [options]
 -S nick             generate signed message, use certificate named "nick"
  -p passwd          use "passwd" as security module password
 -E rec1[,rec2...]   generate encrypted message for recipients
 -D                  decode a S/MIME message
 -C pathname         set pathname of "cmsutil"
 -d directory        set directory containing certificate db
                     (default: ~/.netscape)

With -S or -E, smime will take a regular RFC822 message or MIME entity
on stdin and generate a signed or encrypted S/MIME message with the same
headers and content from it. The output can be used as input to a MTA.
-D causes smime to strip off all S/MIME layers if possible and output
the "inner" message.
Comment 1 User image Keyser Sose 2001-10-08 17:22:45 PDT
Marking NEW.
Comment 2 User image Wan-Teh Chang 2001-10-31 19:12:12 PST
Assigned the bug to Julien.
Comment 3 User image Julien Pierre 2001-11-16 14:53:25 PST

The password should only be needed when you use -D to decrypt an S/MIME message.
When using -D to verify the signature of a signed message, the password should
not be needed. Please verify that this is the case. If this is so as I suspect,
this is not a bug, but is in fact working as designed, and it's only a
documentation issue to mention that decryption requires a password . 
Comment 4 User image Antonio Lam 2001-11-16 16:05:27 PST
Julien, you are right, the -p option is only for decoding the encrypted message.  
But still, I think we should add the -p option for Decoding in the toolkit 
usage. Something may look like this:

-D                  decode a S/MIME message
 -p passwd          use "passwd" as security module password 
                    (for encrypted message only)

Put it this way will avoid potential errors that may occurs, since user 
will assume there is no need to do -p for encrypted message when he/she look at 
the usage at the beginning.
Comment 5 User image Julien Pierre 2001-11-21 13:41:54 PST
Fixed on the tip (NSS 3.4).

Checking in smime;
/cvsroot/mozilla/security/nss/cmd/smimetools/smime,v  <--  smime
new revision: 1.8; previous revision: 1.7
Comment 6 User image Wan-Teh Chang 2001-11-28 18:41:22 PST
Changed the target milestone to 3.3.2 because the fix
has been checked into the 3.3 branch.

Note You need to log in before you can comment on or make changes to this bug.