diff options
| author | jpierre%netscape.com <devnull@localhost> | 2004-06-05 00:50:32 +0000 |
|---|---|---|
| committer | jpierre%netscape.com <devnull@localhost> | 2004-06-05 00:50:32 +0000 |
| commit | 4179ff76c2de261665ce0daf4e54378d658ad72f (patch) | |
| tree | 49f2220df153d7695d5279e1e9159778254f4750 /security/nss/lib/cryptohi | |
| parent | 8701fcb16454618baad14cf64ab6cc6daa7a2ef4 (diff) | |
| download | nss-hg-4179ff76c2de261665ce0daf4e54378d658ad72f.tar.gz | |
Fix for 178895 - QuickDER optimizations. r=relyea
Diffstat (limited to 'security/nss/lib/cryptohi')
| -rw-r--r-- | security/nss/lib/cryptohi/seckey.c | 221 |
1 files changed, 127 insertions, 94 deletions
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c index 23ed406c8..79185c6b1 100644 --- a/security/nss/lib/cryptohi/seckey.c +++ b/security/nss/lib/cryptohi/seckey.c @@ -577,44 +577,52 @@ SECKEY_UpdateCertPQG(CERTCertificate * subjectCert) SECStatus SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params) { - SECStatus rv; - SECKEYPQGDualParams dual_params; + SECStatus rv; + SECKEYPQGDualParams dual_params; + SECItem newparams; + + PORT_Assert(arena); if (params == NULL) return SECFailure; if (params->data == NULL) return SECFailure; + /* make a copy of the data into the arena so QuickDER output is valid */ + rv = SECITEM_CopyItem(arena, &newparams, params); + /* Check if params use the standard format. * The value 0xa1 will appear in the first byte of the parameter data * if the PQG parameters are not using the standard format. This * code should be changed to use a better method to detect non-standard * parameters. */ - if ((params->data[0] != 0xa1) && - (params->data[0] != 0xa0)) { + if ((newparams.data[0] != 0xa1) && + (newparams.data[0] != 0xa0)) { + if (SECSuccess == rv) { /* PQG params are in the standard format */ /* Store DSA PQG parameters */ prepare_pqg_params_for_asn1(&pubk->u.fortezza.params); - rv = SEC_ASN1DecodeItem(arena, &pubk->u.fortezza.params, + rv = SEC_QuickDERDecodeItem(arena, &pubk->u.fortezza.params, SECKEY_PQGParamsTemplate, - params); - - if (rv == SECSuccess) { + &newparams); + } - /* Copy the DSA PQG parameters to the KEA PQG parameters. */ - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime, - &pubk->u.fortezza.params.prime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime, - &pubk->u.fortezza.params.subPrime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base, - &pubk->u.fortezza.params.base); - if (rv != SECSuccess) return rv; - } + if (SECSuccess == rv) { + /* Copy the DSA PQG parameters to the KEA PQG parameters. */ + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime, + &pubk->u.fortezza.params.prime); + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime, + &pubk->u.fortezza.params.subPrime); + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base, + &pubk->u.fortezza.params.base); + } } else { dual_params.CommParams.prime.len = 0; @@ -626,67 +634,79 @@ SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk, /* else the old fortezza-only wrapped format is used. */ - if (params->data[0] == 0xa1) { - rv = SEC_ASN1DecodeItem(arena, &dual_params, - SECKEY_FortezzaPreParamTemplate, params); - } else { - rv = SEC_ASN1DecodeItem(arena, &dual_params, - SECKEY_FortezzaAltPreParamTemplate, params); + if (SECSuccess == rv) { + if (newparams.data[0] == 0xa1) { + rv = SEC_QuickDERDecodeItem(arena, &dual_params, + SECKEY_FortezzaPreParamTemplate, &newparams); + } else { + rv = SEC_QuickDERDecodeItem(arena, &dual_params, + SECKEY_FortezzaAltPreParamTemplate, &newparams); + } } - - if (rv < 0) return rv; if ( (dual_params.CommParams.prime.len > 0) && (dual_params.CommParams.subPrime.len > 0) && (dual_params.CommParams.base.len > 0) ) { /* copy in common params */ - - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime, - &dual_params.CommParams.prime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime, - &dual_params.CommParams.subPrime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base, - &dual_params.CommParams.base); + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime, + &dual_params.CommParams.prime); + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime, + &dual_params.CommParams.subPrime); + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base, + &dual_params.CommParams.base); + } /* Copy the DSA PQG parameters to the KEA PQG parameters. */ - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime, - &pubk->u.fortezza.params.prime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime, - &pubk->u.fortezza.params.subPrime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base, - &pubk->u.fortezza.params.base); - if (rv != SECSuccess) return rv; - + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime, + &pubk->u.fortezza.params.prime); + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime, + &pubk->u.fortezza.params.subPrime); + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base, + &pubk->u.fortezza.params.base); + } } else { /* else copy in different params */ /* copy DSA PQG parameters */ - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime, + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime, &dual_params.DiffParams.DiffDSAParams.prime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime, + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime, &dual_params.DiffParams.DiffDSAParams.subPrime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base, + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base, &dual_params.DiffParams.DiffDSAParams.base); + } /* copy KEA PQG parameters */ - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime, + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime, &dual_params.DiffParams.DiffKEAParams.prime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime, + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime, &dual_params.DiffParams.DiffKEAParams.subPrime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base, + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base, &dual_params.DiffParams.DiffKEAParams.base); + } } - } return rv; } @@ -699,27 +719,35 @@ SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk, SECStatus SECKEY_DSADecodePQG(PRArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params) { - SECStatus rv; - SECKEYPQGDualParams dual_params; + SECStatus rv; + SECKEYPQGDualParams dual_params; + SECItem newparams; if (params == NULL) return SECFailure; if (params->data == NULL) return SECFailure; + PORT_Assert(arena); + + /* make a copy of the data into the arena so QuickDER output is valid */ + rv = SECITEM_CopyItem(arena, &newparams, params); + /* Check if params use the standard format. * The value 0xa1 will appear in the first byte of the parameter data * if the PQG parameters are not using the standard format. This * code should be changed to use a better method to detect non-standard * parameters. */ - if ((params->data[0] != 0xa1) && - (params->data[0] != 0xa0)) { + if ((newparams.data[0] != 0xa1) && + (newparams.data[0] != 0xa0)) { - /* PQG params are in the standard format */ - prepare_pqg_params_for_asn1(&pubk->u.dsa.params); - rv = SEC_ASN1DecodeItem(arena, &pubk->u.dsa.params, - SECKEY_PQGParamsTemplate, - params); + if (SECSuccess == rv) { + /* PQG params are in the standard format */ + prepare_pqg_params_for_asn1(&pubk->u.dsa.params); + rv = SEC_QuickDERDecodeItem(arena, &pubk->u.dsa.params, + SECKEY_PQGParamsTemplate, + &newparams); + } } else { dual_params.CommParams.prime.len = 0; @@ -729,52 +757,57 @@ SECKEY_DSADecodePQG(PRArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params) dual_params.DiffParams.DiffDSAParams.subPrime.len = 0; dual_params.DiffParams.DiffDSAParams.base.len = 0; - /* else the old fortezza-only wrapped format is used. */ - if (params->data[0] == 0xa1) { - rv = SEC_ASN1DecodeItem(arena, &dual_params, - SECKEY_FortezzaPreParamTemplate, params); - } else { - rv = SEC_ASN1DecodeItem(arena, &dual_params, - SECKEY_FortezzaAltPreParamTemplate, params); + if (SECSuccess == rv) { + /* else the old fortezza-only wrapped format is used. */ + if (newparams.data[0] == 0xa1) { + rv = SEC_QuickDERDecodeItem(arena, &dual_params, + SECKEY_FortezzaPreParamTemplate, &newparams); + } else { + rv = SEC_QuickDERDecodeItem(arena, &dual_params, + SECKEY_FortezzaAltPreParamTemplate, &newparams); + } } - if (rv < 0) return rv; - if ( (dual_params.CommParams.prime.len > 0) && (dual_params.CommParams.subPrime.len > 0) && (dual_params.CommParams.base.len > 0) ) { /* copy in common params */ - - rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime, - &dual_params.CommParams.prime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime, - &dual_params.CommParams.subPrime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base, - &dual_params.CommParams.base); + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime, + &dual_params.CommParams.prime); + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime, + &dual_params.CommParams.subPrime); + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base, + &dual_params.CommParams.base); + } } else { /* else copy in different params */ /* copy DSA PQG parameters */ - rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime, - &dual_params.DiffParams.DiffDSAParams.prime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime, - &dual_params.DiffParams.DiffDSAParams.subPrime); - if (rv != SECSuccess) return rv; - rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base, - &dual_params.DiffParams.DiffDSAParams.base); - + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime, + &dual_params.DiffParams.DiffDSAParams.prime); + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime, + &dual_params.DiffParams.DiffDSAParams.subPrime); + } + if (SECSuccess == rv) { + rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base, + &dual_params.DiffParams.DiffDSAParams.base); + } } } return rv; } - /* Decodes the DER encoded fortezza public key and stores the results in a * structure of type SECKEYPublicKey. */ |