Fix for bug 423839 . Add wincx in libpkix while verifying certs and CRLs. r=nelson

author: julien.pierre.boogz%sun.com <devnull@localhost> 2008-08-22 19:45:32 +0000
committer: julien.pierre.boogz%sun.com <devnull@localhost> 2008-08-22 19:45:32 +0000
commit: 896274d0bce687b721413511eca9a3f29192cbe7 (patch)
tree: 64bddbdcb9d87730c1b130d06d5fc4a1766c0bad
parent: 5c29cf0fc7be62c5d595df057d652b149a888f88 (diff)
download: nss-hg-896274d0bce687b721413511eca9a3f29192cbe7.tar.gz
2 files changed, 13 insertions, 2 deletions
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
index 507bc3355..8f259fadf 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_cert.c
@@ -2903,6 +2903,7 @@ PKIX_PL_Cert_VerifySignature(
         SECStatus status;
         PKIX_Boolean certEqual = PKIX_FALSE;
         PKIX_Boolean certInHash = PKIX_FALSE;
+        void* wincx = NULL;
 
         PKIX_ENTER(CERT, "PKIX_PL_Cert_VerifySignature");
         PKIX_NULLCHECK_THREE(cert, cert->nssCert, pubKey);
@@ -2934,7 +2935,12 @@ PKIX_PL_Cert_VerifySignature(
         }
 
         PKIX_CERT_DEBUG("\t\tCalling CERT_VerifySignedDataWithPublicKey).\n");
-        status = CERT_VerifySignedDataWithPublicKey(tbsCert, nssPubKey, NULL);
+
+        PKIX_CHECK(pkix_pl_NssContext_GetWincx
+                   ((PKIX_PL_NssContext *)plContext, &wincx),
+                   PKIX_NSSCONTEXTGETWINCXFAILED);
+
+        status = CERT_VerifySignedDataWithPublicKey(tbsCert, nssPubKey, wincx);
 
         if (status != SECSuccess) {
                 PKIX_ERROR(PKIX_SIGNATUREDIDNOTVERIFYWITHTHEPUBLICKEY);
diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.c
index 84a624185..1f38ba35e 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_crl.c
@@ -1153,6 +1153,7 @@ PKIX_PL_CRL_VerifySignature(
         CERTSignedCrl *nssSignedCrl = NULL;
         SECKEYPublicKey *nssPubKey = NULL;
         CERTSignedData *tbsCrl = NULL;
+        void* wincx = NULL;
         SECStatus status;
 
         PKIX_ENTER(CRL, "PKIX_PL_CRL_VerifySignature");
@@ -1184,8 +1185,12 @@ PKIX_PL_CRL_VerifySignature(
                 PKIX_ERROR(PKIX_SECKEYEXTRACTPUBLICKEYFAILED);
         }
 
+        PKIX_CHECK(pkix_pl_NssContext_GetWincx
+                   ((PKIX_PL_NssContext *)plContext, &wincx),
+                   PKIX_NSSCONTEXTGETWINCXFAILED);
+
         PKIX_CRL_DEBUG("\t\tCalling CERT_VerifySignedDataWithPublicKey\n");
-        status = CERT_VerifySignedDataWithPublicKey(tbsCrl, nssPubKey, NULL);
+        status = CERT_VerifySignedDataWithPublicKey(tbsCrl, nssPubKey, wincx);
 
         if (status != SECSuccess) {
                 PKIX_ERROR(PKIX_SIGNATUREDIDNOTVERIFYWITHTHEPUBLICKEY);
author	julien.pierre.boogz%sun.com <devnull@localhost>	2008-08-22 19:45:32 +0000
committer	julien.pierre.boogz%sun.com <devnull@localhost>	2008-08-22 19:45:32 +0000
commit	896274d0bce687b721413511eca9a3f29192cbe7 (patch)
tree	64bddbdcb9d87730c1b130d06d5fc4a1766c0bad
parent	5c29cf0fc7be62c5d595df057d652b149a888f88 (diff)
download	nss-hg-896274d0bce687b721413511eca9a3f29192cbe7.tar.gz