Bug 1495273 - use of RC4 for PKCS#12 certificate encryption causes pk12util to crash
Summary: use of RC4 for PKCS#12 certificate encryption causes pk12util to crash
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: nss
Version: 7.5
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Daiki Ueno
QA Contact: Hubert Kario
URL:
Whiteboard:
Depends On:
Blocks: rhel7-nss-pkcs12
TreeView+ depends on / blocked
 
Reported: 2017-09-25 16:20 UTC by Hubert Kario
Modified: 2018-04-10 09:46 UTC (History)
3 users (show)

Fixed In Version: nss-3.33.0-3.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-04-10 09:46:29 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2018:0679 None None None 2018-04-10 09:46:48 UTC
Mozilla Foundation 1350281 None None None 2017-09-25 16:20:35 UTC

Description Hubert Kario 2017-09-25 16:20:36 UTC
Description of problem:
When pk12util is asked to export pkcs12 file with certificate encrypted with RC4 it will crash with a segmentation fault

Version-Release number of selected component (if applicable):
nss-3.28.4-14.el7_4.x86_64

How reproducible:
always

Steps to Reproduce:
1. create nss database with key and associated certificate
2. pk12util -o x13.p12 -n ca -w pwfile -k pwfile -d sql:nssdb/ -C 'PKCS #12 V2 PBE With SHA-1 And 128 Bit RC4'
3.

Actual results:
Segmentation fault

Expected results:
Exported file, certificate encrypted with RC4

Additional info:

Comment 8 errata-xmlrpc 2018-04-10 09:46:29 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:0679


Note You need to log in before you can comment on or make changes to this bug.