Nelson B Bolyard wrote: > Michael Ströder wrote, On 2008-08-05 15:44: >> Michael Ströder wrote: >>> I also tried signver but this hangs: >>> >>> signver -V -v -d ~/.mozilla/xxxxxxx/ -i name.tar.gz -s name.tar.gz.p7m >>> >>> strace output of hanging signver: >>> >>> ------------------------- snip ------------------------- >>> open("name.tar.gz", O_RDONLY|O_LARGEFILE) = 5 >>> open("name.tar.gz.p7m", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 6 >>> read(0, >>> ------------------------- snip ------------------------- >> BTW: This even destroys the signature file since the signature file >> seems to be opened for writing. > > I looked quickly at the source code > http://mxr.mozilla.org/security/source/security/nss/cmd/signver/signver.c#189 > and I don't see any code path that can do that. > See especially line 209. > This makes me wonder if perhaps you've got some other signver in your path.
Nope. It's always using /usr/bin/signver provided by package mozilla-nss-tools-3.12.0-23.4 downloaded from here: http://download.opensuse.org/repositories/mozilla/openSUSE_11.0/ I did not have signver in my $PATH before installing this package. > FYI, Be aware that NSS contains two separate implementations of CMS. > One implements the old original PKCS#7, and the other implements CMS 3.0. > signver is a test program for the old PKCS7 library. > cmsutil is a test program for the newer CMS 3.0 library. Noted. Strange enough this works as expected giving correct results: signver -V -v -d ~/.mozilla/xxxxxxx/ -i name.tar.gz < name.tar.gz.p7m Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto