diff options
author | John M. Schanck <jschanck@mozilla.com> | 2022-12-15 04:02:37 +0000 |
---|---|---|
committer | John M. Schanck <jschanck@mozilla.com> | 2022-12-15 04:02:37 +0000 |
commit | 753b46c0f439ffb607145992c134251c825456c3 (patch) | |
tree | 9e7d11dd40a1064005afd1fb992c93c1a097c410 /lib/cryptohi | |
parent | ddaaed8de3c1d0c4aa168201b64e2cb03ea3ace0 (diff) | |
download | nss-hg-753b46c0f439ffb607145992c134251c825456c3.tar.gz |
Bug 1798823 - Additional zero-length RSA modulus checks. r=nkulatovaNSS_3_87_BETA1
Differential Revision: https://phabricator.services.mozilla.com/D163622
Diffstat (limited to 'lib/cryptohi')
-rw-r--r-- | lib/cryptohi/seckey.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c index dfeb0e20d..fb353fa14 100644 --- a/lib/cryptohi/seckey.c +++ b/lib/cryptohi/seckey.c @@ -1044,14 +1044,18 @@ SECKEY_PublicKeyStrengthInBits(const SECKEYPublicKey *pubk) unsigned SECKEY_SignatureLen(const SECKEYPublicKey *pubk) { - unsigned char b0; unsigned size; switch (pubk->keyType) { case rsaKey: case rsaPssKey: - b0 = pubk->u.rsa.modulus.data[0]; - return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1; + if (pubk->u.rsa.modulus.len == 0) { + return 0; + } + if (pubk->u.rsa.modulus.data[0] == 0) { + return pubk->u.rsa.modulus.len - 1; + } + return pubk->u.rsa.modulus.len; case dsaKey: return pubk->u.dsa.params.subPrime.len * 2; case ecKey: |