Nelson B Bolyard wrote:
> Michael Ströder wrote, On 2008-08-05 15:44:
>> Michael Ströder wrote:
>>> I also tried signver but this hangs:
>>>
>>> signver -V -v -d ~/.mozilla/xxxxxxx/ -i name.tar.gz -s name.tar.gz.p7m
>>>
>>> strace output of hanging signver:
>>>
>>> ------------------------- snip -------------------------
>>> open("name.tar.gz", O_RDONLY|O_LARGEFILE) = 5
>>> open("name.tar.gz.p7m", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 6
>>> read(0,
>>> ------------------------- snip -------------------------
>> BTW: This even destroys the signature file since the signature file
>> seems to be opened for writing.
>
> I looked quickly at the source code
> http://mxr.mozilla.org/security/source/security/nss/cmd/signver/signver.c#189
> and I don't see any code path that can do that.
> See especially line 209.
> This makes me wonder if perhaps you've got some other signver in your path.
Nope. It's always using /usr/bin/signver provided by package
mozilla-nss-tools-3.12.0-23.4 downloaded from here:
http://download.opensuse.org/repositories/mozilla/openSUSE_11.0/
I did not have signver in my $PATH before installing this package.
> FYI, Be aware that NSS contains two separate implementations of CMS.
> One implements the old original PKCS#7, and the other implements CMS 3.0.
> signver is a test program for the old PKCS7 library.
> cmsutil is a test program for the newer CMS 3.0 library.
Noted.
Strange enough this works as expected giving correct results:
signver -V -v -d ~/.mozilla/xxxxxxx/ -i name.tar.gz < name.tar.gz.p7m
Ciao, Michael.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
