diff options
author | relyea%netscape.com <devnull@localhost> | 2003-10-16 23:49:15 +0000 |
---|---|---|
committer | relyea%netscape.com <devnull@localhost> | 2003-10-16 23:49:15 +0000 |
commit | cdcfd55f514b4111cfebcca82e7392e53df249bd (patch) | |
tree | 2c48f25c2671fd5bbcb45b4d98dcd0319812d149 /security/nss/lib/pkcs12 | |
parent | 6d2af5f21db152c5f17be4f720f101f1519de438 (diff) | |
download | nss-hg-cdcfd55f514b4111cfebcca82e7392e53df249bd.tar.gz |
Bug 156770 When we do a file import and give a bad password we get wrong errors back
When we fail to decode based on a bad password, don't continue.
So once we've tried failed to decode a ANS.1 stream, don't continue collecting
more data.
On microsoft.pfx files, we would wind up decoding to the end of the encrypted
stream, then fail in the padding in PKCS #7. This code bypasses this problem by
making sure we don't continue to try to decode data once we've hit a bad
password failure.
Diffstat (limited to 'security/nss/lib/pkcs12')
-rw-r--r-- | security/nss/lib/pkcs12/p12d.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/nss/lib/pkcs12/p12d.c b/security/nss/lib/pkcs12/p12d.c index dade3417b..b88962cd0 100644 --- a/security/nss/lib/pkcs12/p12d.c +++ b/security/nss/lib/pkcs12/p12d.c @@ -716,6 +716,7 @@ sec_pkcs12_decoder_safe_contents_callback(void *arg, const char *buf, * we didn't have the correct password. */ PORT_SetError(SEC_ERROR_BAD_PASSWORD); p12dcx->errorValue = SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE; + SEC_PKCS7DecoderAbort(p12dcx->currentASafeP7Dcx,SEC_ERROR_BAD_PASSWORD); goto loser; } |