Support SHA256, SHA384, and SHA512 hashes in NSS.

author: nelsonb%netscape.com <devnull@localhost> 2002-12-12 06:05:45 +0000
committer: nelsonb%netscape.com <devnull@localhost> 2002-12-12 06:05:45 +0000
commit: 8b73734345b41dabe737d54180e8345d40a4e93f (patch)
tree: ee10a7c132587f6a9e991358d284530bd627cff1 /security/nss/lib/crmf
parent: ed724e99c57dbf66768fde5710465b5728f5cfdd (diff)
download: nss-hg-8b73734345b41dabe737d54180e8345d40a4e93f.tar.gz
1 files changed, 11 insertions, 21 deletions
diff --git a/security/nss/lib/crmf/challcli.c b/security/nss/lib/crmf/challcli.c
index bf385609a..43d09aad6 100644
--- a/security/nss/lib/crmf/challcli.c
+++ b/security/nss/lib/crmf/challcli.c
@@ -37,6 +37,7 @@
 #include "secitem.h"
 #include "pk11func.h"
 #include "secder.h"
+#include "sechash.h"
 
 CMMFPOPODecKeyChallContent*
 CMMF_CreatePOPODecKeyChallContentFromDER(const char *buf, long len)
@@ -118,16 +119,14 @@ CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
 {
     CMMFChallenge  *challenge;
     SECItem        *decryptedRand=NULL;
-    SECStatus       rv = SECFailure;
+    SECAlgorithmID *owf;
     PK11SlotInfo   *slot;
     PK11SymKey     *symKey = NULL;
+    SECStatus       rv     = SECFailure;
     CMMFRand        randStr;
-    SECAlgorithmID *owf;
-    unsigned char   hash[SHA1_LENGTH]; /*SHA1 is the longest, so we'll use
-					*it's length.
-					*/
     SECItem         hashItem;
     SECOidTag       tag;
+    unsigned char   hash[HASH_LENGTH_MAX]; 
 
     PORT_Assert(inChalCont != NULL && inPrivKey != NULL);
     if (inChalCont == NULL || inIndex <0 || inIndex > inChalCont->numChallenges
@@ -158,9 +157,9 @@ CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
     decryptedRand = PK11_GetKeyData(symKey);
     rv = SEC_ASN1DecodeItem(NULL, &randStr, CMMFRandTemplate,
 			    decryptedRand); 
-    /* The decryptedRand returned points to a member within the symKey structure,
-     * so we don't want to free it. Let the symKey destruction function deal with
-     * freeing that memory.
+    /* The decryptedRand returned points to a member within the symKey 
+     * structure, so we don't want to free it. Let the symKey destruction 
+     * function deal with freeing that memory.
      */
     if (rv != SECSuccess) {
         goto loser;
@@ -175,19 +174,10 @@ CMMF_POPODecKeyChallContDecryptChallenge(CMMFPOPODecKeyChallContent *inChalCont,
     }
     /* Verify the hashes in the challenge */
     tag = SECOID_FindOIDTag(&owf->algorithm);
-    switch (tag) {
-    case SEC_OID_MD2:
-        hashItem.len = MD2_LENGTH;
-	break;
-    case SEC_OID_MD5:
-        hashItem.len = MD5_LENGTH;
-	break;
-    case SEC_OID_SHA1:
-        hashItem.len = SHA1_LENGTH;
-	break;
-    default:
-        goto loser;
-    }
+    hashItem.len = HASH_ResultLenByOidTag(tag);
+    if (!hashItem.len)
+        goto loser;	/* error code has been set */
+
     rv = PK11_HashBuf(tag, hash, randStr.integer.data, randStr.integer.len);
     if (rv != SECSuccess) {
         goto loser;
author	nelsonb%netscape.com <devnull@localhost>	2002-12-12 06:05:45 +0000
committer	nelsonb%netscape.com <devnull@localhost>	2002-12-12 06:05:45 +0000
commit	8b73734345b41dabe737d54180e8345d40a4e93f (patch)
tree	ee10a7c132587f6a9e991358d284530bd627cff1 /security/nss/lib/crmf
parent	ed724e99c57dbf66768fde5710465b5728f5cfdd (diff)
download	nss-hg-8b73734345b41dabe737d54180e8345d40a4e93f.tar.gz