Bug 1035438

Summary: ECC signature not always padded correctly.
Product: Red Hat Enterprise Linux 7 Reporter: Jack Magne <jmagne>
Component: coolkeyAssignee: Bob Relyea <rrelyea>
Status: CLOSED DUPLICATE QA Contact: Asha Akkiangady <aakkiang>
Severity: high Docs Contact:
Priority: high    
Version: 7.0CC: cww, eparis, sforsber
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1001299 Environment:
Last Closed: 2014-07-17 19:11:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1001299    
Bug Blocks: 1035437    

Description Jack Magne 2013-11-27 18:52:58 UTC
+++ This bug was initially created as a clone of Bug #1001299 +++

Description of problem:

Now that we can make ECC signatures, this requires often that the signature data has to be padded or truncated correctly based on what is returned by the card and what is required by NSS.

We already have a method to do this but it only handles the truncation case, not the padding case.


Version-Release number of selected component (if applicable):

Latest rhel5 coolkey


How reproducible:

Always.

Steps to reproduce.

1. Enroll a 384 bit or higher token with rhcs ecc upcoming errata candidate.

2. Run BobR's smartcard test program.




Actual results:

Some of the signatures attempted by the tool will fail.

Expected results:

We want all support signature types to be performed correctly.

--- Additional comment from Suzanne Forsberg on 2013-08-29 10:22:57 EDT ---

Since 5.10 is only accepting blocker bugs at this point(they have already built a release candidate), I am recommending that we defer this fix until 5.11 and we consider fixing this in 5.10.z.

--- Additional comment from Bob Relyea on 2013-11-26 20:36:03 EST ---

Jack please clone this bug for RHEL6 (target 6.6) and RHEL 7

Comment 2 Bob Relyea 2014-02-26 22:53:01 UTC
Jack, if you need this for 7.0, then please bug asha for a qa ack, and request blocker (you'll have to justify it). Otherwise we should move this to 7.1.

Comment 3 RHEL Program Management 2014-03-22 06:27:13 UTC
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.

Comment 5 Asha Akkiangady 2014-07-17 19:11:10 UTC

*** This bug has been marked as a duplicate of bug 1001299 ***