diff options
author | relyea%netscape.com <devnull@localhost> | 2002-05-02 17:39:13 +0000 |
---|---|---|
committer | relyea%netscape.com <devnull@localhost> | 2002-05-02 17:39:13 +0000 |
commit | e11f737be2ce33ce105d095a80945bf327f0e86f (patch) | |
tree | bbb4eb4a67d383bb4e9bc274d36eb02a9a6a4045 | |
parent | f002a441ea5ca5d45c76ff000555a0bc84737d86 (diff) | |
download | nss-hg-e11f737be2ce33ce105d095a80945bf327f0e86f.tar.gz |
Fix the RSA key check to correctly accept keys with p < q.
-rw-r--r-- | security/nss/lib/freebl/rsa.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/security/nss/lib/freebl/rsa.c b/security/nss/lib/freebl/rsa.c index 3151ebb87..e1d973fdb 100644 --- a/security/nss/lib/freebl/rsa.c +++ b/security/nss/lib/freebl/rsa.c @@ -759,11 +759,13 @@ swap_in_key_value(PRArenaPool *arena, mp_int *mpval, SECItem *buffer) if ((unsigned int)len <= buffer->len) { /* The new value is no longer than the old buffer, so use it */ err = mp_to_unsigned_octets(mpval, buffer->data, len); + if (err >= 0) err = MP_OKAY; buffer->len = len; } else if (arena) { /* The new value is longer, but working within an arena */ (void)SECITEM_AllocItem(arena, buffer, len); err = mp_to_unsigned_octets(mpval, buffer->data, len); + if (err >= 0) err = MP_OKAY; } else { /* The new value is longer, no arena, can't handle this key */ return SECFailure; @@ -810,6 +812,7 @@ RSA_PrivateKeyCheck(RSAPrivateKey *key) /* mind the p's and q's (and d_p's and d_q's) */ SECItem tmp; mp_exch(&p, &q); + mp_exch(&d_p,&d_q); tmp = key->prime1; key->prime1 = key->prime2; key->prime2 = tmp; |