Bug 704595

Summary: lib crmf uses a hard-coded maximum size of 2048 for wrapped private keys
Product: Red Hat Enterprise Linux 5 Reporter: Elio Maldonado Batiz <emaldona>
Component: nssAssignee: Elio Maldonado Batiz <emaldona>
Status: CLOSED ERRATA QA Contact: Aleš Mareček <amarecek>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 5.7CC: amarecek, awnuk, dpal, emaldona, jwest, kdudka, kengert, kevinu, rrelyea, shaines, syeghiay
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: nss-3.12.8-4.el5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 703658
: 705120 757917 (view as bug list) Environment:
Last Closed: 2012-02-21 06:49:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 703656, 703658    
Bug Blocks: 445047, 705120, 710649, 757917, 758797    
Attachments:
Description Flags
the patch from upstream
none
patch ajusted for RHEL 5 to add for the missing macro definition if needed rrelyea: review+

Comment 5 Elio Maldonado Batiz 2011-06-03 17:54:40 UTC 
Created attachment 502875 [details]
the patch from upstream

Not directely applicable with RHEL 5. Will attach the modified version next.
Comment 6 Elio Maldonado Batiz 2011-06-03 17:58:43 UTC 
The patch need to be adjusted as follows:
+@@ -46,11 +46,46 @@
  #include "secasn1.h"
  #include "crmfit.h"
  #include "secerr.h"
 +#include "blapit.h"
++
++/* RSA_MAX_MODULUS_BITS is not defined in older versions 
++ * of blapit.h such as the one from nss 3.11.5 
++ */
++#ifndef RSA_MAX_MODULUS_BITS
++#define RSA_MAX_MODULUS_BITS  8192
++#endif
++#define MAX_WRAPPED_KEY_LEN       RSA_MAX_MODULUS_BITS
Comment 7 Elio Maldonado Batiz 2011-06-03 18:01:49 UTC 
Created attachment 502878 [details]
patch ajusted for RHEL 5 to add for the missing macro definition if needed
Comment 8 Bob Relyea 2011-06-03 18:50:47 UTC 
Comment on attachment 502878 [details]
patch ajusted for RHEL 5 to add for the missing macro definition if needed

r+ since it the same patch I r+ upstream;).

bob
Comment 11 Ludek Smid 2011-11-29 08:43:09 UTC 
*** Bug 757917 has been marked as a duplicate of this bug. ***
Comment 18 errata-xmlrpc 2012-02-21 06:49:14 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0291.html