Closed
Bug 1803226
Opened 3 years ago
Closed 2 years ago
NULL password encoding incorrect.
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: rrelyea, Assigned: rrelyea)
Details
Attachments
(1 file)
When patching previous pkcs12 files to fix errors in handling large passwords (Bug 1757075), NSS broke the null password case. NSS and openssl are tolerant of incorrectly coded NULL passwords because they have to accept old cases where this was broken before. Gnutls, however, enforces null password encoding and interop tests with gnutls found the issue.
|
Assignee | |
Updated•3 years ago
|
Assignee: nobody → rrelyea
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 1•3 years ago
|
||
The test for adding the unicode null in the null password case was incorrect from Bug 1757075 (https://bugzilla.mozilla.org/show_bug.cgi?id=1757075). The sense of the test was backwards meaning that no null was added.
We didn't notice because NSS and openssl tolerate incorrect null password encoding. It was picked up in gnutls interop testing.
|
||
Updated•2 years ago
|
Attachment #9306065 -
Attachment description: WIP: Bug 1803226 NULL password encoding incorrect. → Bug 1803226 - NULL password encoding incorrect.
|
||
Comment 2•2 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•