New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 641440 link

Starred by 3 users

Issue metadata

Status: Assigned
Owner:
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 3
Type: Bug



Sign in to add a comment

Certificate selection dialog is buggy when identical certificate is provided by the TPM and an extension

Project Member Reported by isandrk@chromium.org, Aug 26 2016

Issue description

What steps will reproduce the problem?
(1) Add cert A manually in Chrome cert store.
(2) Burn cert A on smart card and use middleware to provide it to Chrome OS.
(3) Go to website requiring certificate (use cacert for testing) - both certs are shown.
(4) Disable the middleware app providing cert (effectively removing one of the certs).
(5) Go to the website again (use incognito browsing to circumvent caching).

What is the expected output?
Cert selection dialog is shown with one cert.

What do you see instead?
Cert selection dialog is skipped, client cannot be authenticated to the website.


Bug description:

The bug is located in CertificateSelector::CertificateSelector. The code goes through the available certs and filters out the ones previously provided by an extension but since removed. The problem is caused by the fact that the manually added cert and the one provided by the extension cannot be distinguished from one another and so the code filters both out. The certificate selection dialog is hence empty and not shown.


Note:

This bug is a corner case (remove one cert) of a corner case (have two identical certs present), ie. not a very frequently occuring bug.


Temporary workaround:

Log out and log back into the account.

 

Comment 1 by emaxx@chromium.org, Aug 30 2016

Cc: dskaram@chromium.org
Labels: -Restrict-View-Google
Removed Restrict-View-Google, as the bug is talking about the buggy functionality. There's no evidence that this harms the security of the system.

Comment 2 by pmarko@chromium.org, Feb 13 2018

Cc: pmarko@chromium.org

Sign in to add a comment