diff options
author | nelsonb%netscape.com <devnull@localhost> | 2002-12-12 06:05:45 +0000 |
---|---|---|
committer | nelsonb%netscape.com <devnull@localhost> | 2002-12-12 06:05:45 +0000 |
commit | 8b73734345b41dabe737d54180e8345d40a4e93f (patch) | |
tree | ee10a7c132587f6a9e991358d284530bd627cff1 /security/nss/lib/crmf | |
parent | ed724e99c57dbf66768fde5710465b5728f5cfdd (diff) | |
download | nss-hg-8b73734345b41dabe737d54180e8345d40a4e93f.tar.gz |
Support SHA256, SHA384, and SHA512 hashes in NSS.
Diffstat (limited to 'security/nss/lib/crmf')
-rw-r--r-- | security/nss/lib/crmf/challcli.c | 32 |
1 files changed, 11 insertions, 21 deletions
diff --git a/security/nss/lib/crmf/challcli.c b/security/nss/lib/crmf/challcli.c index bf385609a..43d09aad6 100644 --- a/security/nss/lib/crmf/challcli.c +++ b/security/nss/lib/crmf/challcli.c @@ -37,6 +37,7 @@ #include "secitem.h" #include "pk11func.h" #include "secder.h" +#include "sechash.h" CMMFPOPODecKeyChallContent* CMMF_CreatePOPODecKeyChallContentFromDER(const char *buf, long len) @@ -118,16 +119,14 @@ CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont, { CMMFChallenge *challenge; SECItem *decryptedRand=NULL; - SECStatus rv = SECFailure; + SECAlgorithmID *owf; PK11SlotInfo *slot; PK11SymKey *symKey = NULL; + SECStatus rv = SECFailure; CMMFRand randStr; - SECAlgorithmID *owf; - unsigned char hash[SHA1_LENGTH]; /*SHA1 is the longest, so we'll use - *it's length. - */ SECItem hashItem; SECOidTag tag; + unsigned char hash[HASH_LENGTH_MAX]; PORT_Assert(inChalCont != NULL && inPrivKey != NULL); if (inChalCont == NULL || inIndex <0 || inIndex > inChalCont->numChallenges @@ -158,9 +157,9 @@ CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont, decryptedRand = PK11_GetKeyData(symKey); rv = SEC_ASN1DecodeItem(NULL, &randStr, CMMFRandTemplate, decryptedRand); - /* The decryptedRand returned points to a member within the symKey structure, - * so we don't want to free it. Let the symKey destruction function deal with - * freeing that memory. + /* The decryptedRand returned points to a member within the symKey + * structure, so we don't want to free it. Let the symKey destruction + * function deal with freeing that memory. */ if (rv != SECSuccess) { goto loser; @@ -175,19 +174,10 @@ CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont, } /* Verify the hashes in the challenge */ tag = SECOID_FindOIDTag(&owf->algorithm); - switch (tag) { - case SEC_OID_MD2: - hashItem.len = MD2_LENGTH; - break; - case SEC_OID_MD5: - hashItem.len = MD5_LENGTH; - break; - case SEC_OID_SHA1: - hashItem.len = SHA1_LENGTH; - break; - default: - goto loser; - } + hashItem.len = HASH_ResultLenByOidTag(tag); + if (!hashItem.len) + goto loser; /* error code has been set */ + rv = PK11_HashBuf(tag, hash, randStr.integer.data, randStr.integer.len); if (rv != SECSuccess) { goto loser; |