diff options
author | Kai Engert <kaie@kuix.de> | 2019-11-01 10:46:52 +0100 |
---|---|---|
committer | Kai Engert <kaie@kuix.de> | 2019-11-01 10:46:52 +0100 |
commit | 5e97ced61c7932b7694500168ea11437025eb0fc (patch) | |
tree | 2e3959cf1394fa5f82e53b2c441b1b54d1f26032 /lib/softoken/lgglue.c | |
parent | 4e8dff13b030da024977cabc07f0ae26fd55d1e6 (diff) | |
download | nss-hg-5e97ced61c7932b7694500168ea11437025eb0fc.tar.gz |
Bug 1562671 - Add environment variables to control Master Password KDF iteration count. Disable iteration count for legacy DBM storage by default. r=rrelyea
Diffstat (limited to 'lib/softoken/lgglue.c')
-rw-r--r-- | lib/softoken/lgglue.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/lib/softoken/lgglue.c b/lib/softoken/lgglue.c index 67f17943b..8cfb4ec56 100644 --- a/lib/softoken/lgglue.c +++ b/lib/softoken/lgglue.c @@ -194,12 +194,15 @@ sftkdb_encrypt_stub(PLArenaPool *arena, SDB *sdb, SECItem *plainText, /* PORT_SetError */ return SECFailure; } - if (handle->newKey) { - key = handle->newKey; - iterationCount = handle->newDefaultIterationCount; + key = handle->newKey ? handle->newKey : &handle->passwordKey; + if (sftk_isLegacyIterationCountAllowed()) { + if (handle->newKey) { + iterationCount = handle->newDefaultIterationCount; + } else { + iterationCount = handle->defaultIterationCount; + } } else { - key = &handle->passwordKey; - iterationCount = handle->defaultIterationCount; + iterationCount = 1; } rv = sftkdb_EncryptAttribute(arena, key, iterationCount, |