view certificate details showing only OID
Reported by
legendm...@gmail.com,
Oct 24 2016
|
||||||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0 Example URL: https://hpbn.co Steps to reproduce the problem: 1. open https://hpbn.co 2. view certificate => details 3. certificate signature algorithm, subject public key algorithm What is the expected behavior? OID shown What went wrong? no human-readable name or description for the OID Did this work before? Yes Chrome version: 54.0.2840.71 (Official Build) (64-bit) Channel: stable OS Version: Ubuntu 16.04.1 LTS Flash Version: Shockwave Flash 11.2 r202 I think it worked before showing the name of all the OIDs like ECDSA, not sure when it started showing only the OID
,
Oct 26 2016
I think it should show a human-readable name Elliptic Curve Cryptography (ECC)just like PKCS #1 RSA Encryption for older algorithms.
,
Oct 26 2016
,
Oct 26 2016
David: It's as simple as updating https://cs.chromium.org/chromium/src/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp?rcl=1477495967&l=186 with no IDs for ECC - we only have the RSA ones covered - but I wanted to double check to make sure that we're only missing SEC_OID_SECG_EC_SECP256R1, SEC_OID_SECG_EC_SECP384R1, and SEC_OID_SECG_EC_SECP521R1 Are there any other sig algs you can think that are relevant?
,
Oct 26 2016
1.2.840.10045.2.1 is actually just the generic id-ecPublicKey OID (not sure what the NSS name is). To get the curve out, we'd need to dispatch on the key type and then decode the curve from the SPKI's AlgorithmIdentifier parameters.
,
Oct 27 2016
I'll grab it and update some of the OID tables, it should be low hassle.
,
Oct 31 2016
https://codereview.chromium.org/2463703005/ Adding Emily as FYI since it affects Security>UX; pinged rolfe/ainslie on the review.
,
Nov 4 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5a5a26864366257845b1fa0ce7d22dcefdf751f1 commit 5a5a26864366257845b1fa0ce7d22dcefdf751f1 Author: rsleevi <rsleevi@chromium.org> Date: Fri Nov 04 21:06:43 2016 Update WebUI Cert Viewer with additional algorithms Add several EC algorithms to the viewer UI, as well as those OIDs related to EV certificates. This ensures that the WebUI version is similarly detailed as the native UIs on Windows/OS X. BUG= 658850 Review-Url: https://codereview.chromium.org/2463703005 Cr-Commit-Position: refs/heads/master@{#430012} [modify] https://crrev.com/5a5a26864366257845b1fa0ce7d22dcefdf751f1/chrome/app/generated_resources.grd [modify] https://crrev.com/5a5a26864366257845b1fa0ce7d22dcefdf751f1/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp
,
Dec 16 2016
|
||||||
►
Sign in to add a comment |
||||||
Comment 1 by hdodda@chromium.org
, Oct 25 2016Labels: Needs-Feedback
112 KB
112 KB View Download