This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 614532 - Add support for PKCS#8 encoded PEM RSA private key files
Add support for PKCS#8 encoded PEM RSA private key files
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: nss (Show other bugs)
14
All Linux
low Severity medium
: ---
: ---
Assigned To: Elio Maldonado Batiz
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 630102
  Show dependency treegraph
 
Reported: 2010-07-14 13:05 EDT by Rich Megginson
Modified: 2010-09-10 23:39 EDT (History)
4 users (show)

See Also:
Fixed In Version: nss-3.12.7-4.fc14
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 630102 (view as bug list)
Environment:
Last Closed: 2010-08-19 21:31:31 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
0001-Add-support-for-PKCS-8-encoded-private-keys.patch (8.49 KB, patch)
2010-07-14 13:05 EDT, Rich Megginson
no flags Details | Diff
0001-Do-not-define-SEC_SkipTemplate.patch (1.04 KB, patch)
2010-07-14 13:39 EDT, Rich Megginson
no flags Details | Diff
patch for spec file (1.48 KB, patch)
2010-07-14 13:39 EDT, Rich Megginson
no flags Details | Diff

  None (edit)
Description Rich Megginson 2010-07-14 13:05:13 EDT
Created attachment 431849 [details]
0001-Add-support-for-PKCS-8-encoded-private-keys.patch

These are PEM files which in ASCII begin with the header

BEGIN PRIVATE KEY

The code already supports PKCS#1 format BEGIN RSA PRIVATE KEY but the openssl req -x509 tool creates private keys with the BEGIN PRIVATE KEY format.

There is a second patch attached - with mock, nss did not build because SEC_SkipTemplate is defined more than once.  Not sure why we don't see this problem with the regular builds, so I don't know if it is needed, but I've attached it anyway.
Comment 1 Rich Megginson 2010-07-14 13:39:09 EDT
Created attachment 431859 [details]
0001-Do-not-define-SEC_SkipTemplate.patch
Comment 2 Rich Megginson 2010-07-14 13:39:48 EDT
Created attachment 431860 [details]
patch for spec file
Comment 3 Rich Megginson 2010-07-14 13:40:51 EDT
I don't know if you want these patches applied to current Fedora versions - the git patch flies should apply cleanly, don't know about the spec file patch.
Comment 4 Bug Zapper 2010-07-30 08:34:55 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 14 development cycle.
Changing version to '14'.

More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 5 Rob Crittenden 2010-08-09 15:47:22 EDT
These two patches have been accepted upstream.
Comment 6 Fedora Update System 2010-08-10 01:35:44 EDT
nss-3.12.6-11.fc14 has been submitted as an update for Fedora 14.
http://admin.fedoraproject.org/updates/nss-3.12.6-11.fc14
Comment 7 Fedora Update System 2010-08-10 22:55:49 EDT
nss-3.12.6-11.fc14 has been pushed to the Fedora 14 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update nss'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/nss-3.12.6-11.fc14
Comment 8 Fedora Update System 2010-08-11 19:01:03 EDT
nss-3.12.6-11.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/nss-3.12.6-11.fc12
Comment 9 Fedora Update System 2010-08-11 19:01:20 EDT
nss-3.12.6-11.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/nss-3.12.6-11.fc13
Comment 10 Elio Maldonado Batiz 2010-08-13 17:02:17 EDT
My bad, I discovered that the nss-pem tar ball uploaded to the look-aside cache has the same contents as the one it was intended to replace. Rather than making and uploading a new tar ball I'll just apply the patches via the spec file. New builds are coming, with Rawhide first.
Comment 11 Fedora Update System 2010-08-13 17:13:33 EDT
nss-3.12.6-11.fc13 has been pushed to the Fedora 13 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update nss'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/nss-3.12.6-11.fc13
Comment 12 Fedora Update System 2010-08-15 12:31:43 EDT
nss-3.12.6-12.fc14 has been submitted as an update for Fedora 14.
http://admin.fedoraproject.org/updates/nss-3.12.6-12.fc14
Comment 13 Fedora Update System 2010-08-15 12:36:39 EDT
nss-3.12.6-12.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/nss-3.12.6-12.fc13
Comment 14 Fedora Update System 2010-08-15 12:38:21 EDT
nss-3.12.6-12.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/nss-3.12.6-12.fc12
Comment 15 Fedora Update System 2010-08-19 21:31:15 EDT
nss-3.12.6-12.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 16 Fedora Update System 2010-09-02 11:42:13 EDT
nss-3.12.7-3.fc14,nss-softokn-3.12.7-3.fc14,nss-util-3.12.7-2.fc14,nspr-4.8.6-1.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/nss-3.12.7-3.fc14,nss-softokn-3.12.7-3.fc14,nss-util-3.12.7-2.fc14,nspr-4.8.6-1.fc14
Comment 17 Fedora Update System 2010-09-02 16:35:20 EDT
nss-3.12.6-12.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 18 Fedora Update System 2010-09-07 15:09:08 EDT
nss-3.12.7-4.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc14
Comment 19 Fedora Update System 2010-09-10 23:39:06 EDT
nss-3.12.7-4.fc14, nspr-4.8.6-1.fc14, nss-util-3.12.7-2.fc14, nss-softokn-3.12.7-3.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.