This bug is the continuation of bug 295298, which we didn't have time to fix completely in NSS 3.10.2. The RSA algorithms has a hardcoded limit of 8192 bits in freebl/rsa.c . But that limit is only applied to public key ops and key pair generation. It is not applied to private key ops. We should impose the RSA key size limits in softoken also. While we're at it, we may also want to check out limits for DSA and DH keys and params, too. Softoken imposes lower bounds on RSA public key sizes with calls to sftk_ConstrainAttribute in sftk_handlePublicKeyObject (near http://lxr.mozilla.org/security/source/security/nss/lib/softoken/pkcs11.c#1047 ) but does not impose an upper bound. Since we now have an upper bound, it should be imposed at key import/derive/unwrap/gen time also, and imposing the limit in the calls to sftk_ConstrainAttribute would do that. sftk_handlePrivateKeyObject (near http://lxr.mozilla.org/security/source/security/nss/lib/softoken/pkcs11.c#1198 should impose similar limits on the corresponding private keys.

Unsetting target milestone in unresolved bugs whose targets have passed.