Red Hat Bugzilla – Bug 500454
NSS does not handle ECC correctly
Last modified: 2009-11-06 14:12:12 EST
Description of problem:
NSS does not implement the ECC PKCS #11 boundary correctly. This causes a number of HSMs to fail when used with NSS. This problem has been fixed upstream in Mozilla bug https://bugzilla.mozilla.org/show_bug.cgi?id=480280 .
Version-Release number of selected component (if applicable):
Install and ECC capable HSM and try to use it.
Steps to Reproduce:
The fix changes NSS to conform to the PKCS #11 spec. Some PKCS #11 modules may have conformed to NSS usage. To maintain support for those modules NSS accepts a define "NSS_USE_DECODED_CKA_EC_POINT" which tells NSS to revert to the old usage.
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
This bug is already fixed.