NSS 3.16 incompatibility

Ed Finnerty edfinnerty at gmx.com
Sun Aug 31 13:16:45 CEST 2014


I see that there's been no reply to this issue at all, either here or on
the NSS bug tracker site:
https://bugzilla.mozilla.org/show_bug.cgi?id=990958

Should I assume that compatibility with NSS is not a goal at all for gpgsm?

On 03/31/14 01:07, Ed Finnerty wrote:
> Hello,
> 
> Running this script:
> 
> #!/bin/sh
> 
> # Create an input file with random content
> dd if=/dev/urandom of=input.bin bs=1K count=1
> 
> # Loop forever
> while : ; do
> 
> # Cleanup previous output
> rm -f out.bin
> 
> # Encrypt input, write to out.bin
> gpgsm -e -r email at address input.bin 2>/dev/null > out.bin
> 
> # Decrypt with cmsutil
> cmsutil -D -d ~/.thunderbird/yourprofile.default -i out.bin -v -n
> 
> # If cmsutil, break out of the loop
> if [[ $? != 0 ]] ; then
> 	echo "GOTCHA"
> 	break
> fi
> 
> done # While loop done
> 
> Will eventually produce this output:
> 
> NSS has been initialized.
> Got default certdb
> cmsutil: failed to decode message.
> cmsutil: problem decoding: SEC_ERROR_BAD_DATABASE: security library: bad
> database.
> GOTCHA
> 
> Here's more info:
> 
> $ gpgsm --version
> gpgsm (GnuPG) 2.0.22
> libgcrypt 1.5.3
> libksba 1.3.0
> Copyright (C) 2013 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later
> <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
> 
> Home: ~/.gnupg
> Supported algorithms:
> Cipher: 3DES, AES, AES192, AES256, SERPENT128, SERPENT192, SERPENT256,
> SEED, CAMELLIA128, CAMELLIA192, CAMELLIA256
> Pubkey: RSA, ECDSA
> Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224, WHIRLPOOL
> 
> I'm using NSS 3.16.
> 
> Obviously, you need to have the proper certificates imported with gpgsm,
> certutil, etc.
> 
> What's happening?
> 
> Thanks.




More information about the Gnupg-devel mailing list