diff options
| author | dveditz%cruzio.com <devnull@localhost> | 2006-09-10 00:39:17 +0000 |
|---|---|---|
| committer | dveditz%cruzio.com <devnull@localhost> | 2006-09-10 00:39:17 +0000 |
| commit | e89b6d0d6b1c0f2e46b1d1a318a2207d4a26a4ab (patch) | |
| tree | f84df04d758254c85bf282f580036f67f943172c | |
| parent | 8d08eeda864bce1530395844d919e9bcc887dbaa (diff) | |
| download | nss-hg-e89b6d0d6b1c0f2e46b1d1a318a2207d4a26a4ab.tar.gz | |
Change DecryptSigBlock to return the parsed DigestInfo's length, soTHUNDERBIRD_1_5_0_7_RELEASETHUNDERBIRD_1_5_0_7_RC6MOZILLA_1_8_0_7_RELEASEFIREFOX_1_5_0_7_RELEASEFIREFOX_1_5_0_7_RC6
the caller can check it. Patch by wtchang@redhat.com. r=nelson,rrelyea,
merged to 1.8.0 branch (nss 3_10_2) by dveditz, r(-ish)=nelson, a=dveditz
bug 351848.
| -rw-r--r-- | security/nss/lib/cryptohi/secvfy.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/security/nss/lib/cryptohi/secvfy.c b/security/nss/lib/cryptohi/secvfy.c index 60f48d13b..3a4213ff8 100644 --- a/security/nss/lib/cryptohi/secvfy.c +++ b/security/nss/lib/cryptohi/secvfy.c @@ -54,7 +54,8 @@ ** XXX this is assuming that the signature algorithm has WITH_RSA_ENCRYPTION */ static SECStatus -DecryptSigBlock(SECOidTag *tagp, unsigned char *digest, SECKEYPublicKey *key, +DecryptSigBlock(SECOidTag *tagp, unsigned char *digest, + unsigned int *digestlen, SECKEYPublicKey *key, SECItem *sig, char *wincx) { SGNDigestInfo *di = NULL; @@ -96,6 +97,7 @@ DecryptSigBlock(SECOidTag *tagp, unsigned char *digest, SECKEYPublicKey *key, } PORT_Memcpy(digest, di->digest.data, di->digest.len); *tagp = tag; + *digestlen = di->digest.len; goto done; sigloser: @@ -122,6 +124,7 @@ struct VFYContextStr { * in the RSA signature, or the full DSA signature (40 bytes). */ unsigned char digest[HASH_LENGTH_MAX]; + unsigned int rsadigestlen; void * wincx; void *hashcx; const SECHashObject *hashobj; @@ -256,9 +259,11 @@ VFY_CreateContext(SECKEYPublicKey *key, SECItem *sig, SECOidTag algid, cx->key = SECKEY_CopyPublicKey(key); /* extra safety precautions */ if (sig) { SECOidTag hashid = SEC_OID_UNKNOWN; - rv = DecryptSigBlock(&hashid, &cx->digest[0], + unsigned int digestlen = 0; + rv = DecryptSigBlock(&hashid, &cx->digest[0], &digestlen, cx->key, sig, (char*)wincx); cx->alg = hashid; + cx->rsadigestlen = digestlen; } else { rv = decodeSigAlg(algid,&cx->alg); } @@ -403,14 +408,15 @@ VFY_EndWithSignature(VFYContext *cx, SECItem *sig) case VFY_RSA: if (sig) { SECOidTag hashid = SEC_OID_UNKNOWN; - rv = DecryptSigBlock(&hashid, &cx->digest[0], + rv = DecryptSigBlock(&hashid, &cx->digest[0], &cx->rsadigestlen, cx->key, sig, (char*)cx->wincx); if ((rv != SECSuccess) || (hashid != cx->alg)) { PORT_SetError(SEC_ERROR_BAD_SIGNATURE); return SECFailure; } } - if (PORT_Memcmp(final, cx->digest, part)) { + if ((part != cx->rsadigestlen) || + PORT_Memcmp(final, cx->digest, part)) { PORT_SetError(SEC_ERROR_BAD_SIGNATURE); return SECFailure; } @@ -452,7 +458,8 @@ VFY_VerifyDigest(SECItem *digest, SECKEYPublicKey *key, SECItem *sig, if (cx != NULL) { switch (key->keyType) { case rsaKey: - if (PORT_Memcmp(digest->data, cx->digest, digest->len)) { + if ((digest->len != cx->rsadigestlen) || + PORT_Memcmp(digest->data, cx->digest, digest->len)) { PORT_SetError(SEC_ERROR_BAD_SIGNATURE); } else { rv = SECSuccess; |