close hole in trust lookups.

author: relyea%netscape.com <devnull@localhost> 2002-08-27 23:38:29 +0000
committer: relyea%netscape.com <devnull@localhost> 2002-08-27 23:38:29 +0000
commit: 7aea5036c858194843995413c96d53665aa6cb64 (patch)
tree: 023c139f7fbec6d45dc283e2a5743c87d9dc6598 /security/nss
parent: de9a7e9f25b990d4d8bbb595ee718167727c4a03 (diff)
download: nss-hg-7aea5036c858194843995413c96d53665aa6cb64.tar.gz
5 files changed, 28 insertions, 4 deletions
diff --git a/security/nss/lib/dev/ckhelper.c b/security/nss/lib/dev/ckhelper.c
index 26c4b58e4..19099df33 100644
--- a/security/nss/lib/dev/ckhelper.c
+++ b/security/nss/lib/dev/ckhelper.c
@@ -552,6 +552,7 @@ nssCryptokiTrust_GetAttributes
 (
   nssCryptokiObject *trustObject,
   nssSession *sessionOpt,
+  NSSItem *sha1_hash,
   nssTrustLevel *serverAuth,
   nssTrustLevel *clientAuth,
   nssTrustLevel *codeSigning,
@@ -564,7 +565,7 @@ nssCryptokiTrust_GetAttributes
     CK_BBOOL isToken;
     CK_TRUST saTrust, caTrust, epTrust, csTrust;
     CK_ATTRIBUTE_PTR attr;
-    CK_ATTRIBUTE trust_template[5];
+    CK_ATTRIBUTE trust_template[6];
     CK_ULONG trust_size;
 
     /* Use the trust object to find the trust settings */
@@ -574,6 +575,7 @@ nssCryptokiTrust_GetAttributes
     NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CLIENT_AUTH,      caTrust);
     NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_EMAIL_PROTECTION, epTrust);
     NSS_CK_SET_ATTRIBUTE_VAR(attr, CKA_TRUST_CODE_SIGNING,     csTrust);
+    NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_CERT_SHA1_HASH,     sha1_hash);
     NSS_CK_TEMPLATE_FINISH(trust_template, attr, trust_size);
 
     status = nssToken_GetCachedObjectAttributes(trustObject->token, NULL,
diff --git a/security/nss/lib/dev/dev.h b/security/nss/lib/dev/dev.h
index ef2853336..fc6e2091d 100644
--- a/security/nss/lib/dev/dev.h
+++ b/security/nss/lib/dev/dev.h
@@ -741,6 +741,7 @@ nssCryptokiTrust_GetAttributes
 (
   nssCryptokiObject *trustObject,
   nssSession *sessionOpt,
+  NSSItem *sha1_hash,
   nssTrustLevel *serverAuth,
   nssTrustLevel *clientAuth,
   nssTrustLevel *codeSigning,
diff --git a/security/nss/lib/pki/certificate.c b/security/nss/lib/pki/certificate.c
index c4ef4fb3f..4761948f1 100644
--- a/security/nss/lib/pki/certificate.c
+++ b/security/nss/lib/pki/certificate.c
@@ -53,6 +53,8 @@ static const char CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$";
 
 #ifdef NSS_3_4_CODE
 #include "pki3hack.h"
+#include "pk11func.h"
+#include "hasht.h"
 #endif
 
 #ifndef BASE_H
@@ -950,15 +952,20 @@ nssCertificateList_AddReferences
 NSS_IMPLEMENT NSSTrust *
 nssTrust_Create
 (
-  nssPKIObject *object
+  nssPKIObject *object,
+  NSSItem *certData
 )
 {
     PRStatus status;
     PRUint32 i;
     PRUint32 lastTrustOrder, myTrustOrder;
+    unsigned char sha1_hashcmp[SHA1_LENGTH];
+    unsigned char sha1_hashin[SHA1_LENGTH];
+    NSSItem sha1_hash;
     NSSTrust *rvt;
     nssCryptokiObject *instance;
     nssTrustLevel serverAuth, clientAuth, codeSigning, emailProtection;
+    SECStatus rv; /* Should be stan flavor */
     lastTrustOrder = 1<<16; /* just make it big */
     PR_ASSERT(object->instances != NULL && object->numInstances > 0);
     rvt = nss_ZNEW(object->arena, NSSTrust);
@@ -966,12 +973,21 @@ nssTrust_Create
 	return (NSSTrust *)NULL;
     }
     rvt->object = *object;
+
+    /* should be stan flavor of Hashbuf */
+    rv = PK11_HashBuf(SEC_OID_SHA1,sha1_hashcmp,certData->data,certData->size);
+    if (rv != SECSuccess) {
+	return (NSSTrust *)NULL;
+    }
+    sha1_hash.data = sha1_hashin;
+    sha1_hash.size = sizeof (sha1_hashin);
     /* trust has to peek into the base object members */
     PZ_Lock(object->lock);
     for (i=0; i<object->numInstances; i++) {
 	instance = object->instances[i];
 	myTrustOrder = nssToken_GetTrustOrder(instance->token);
 	status = nssCryptokiTrust_GetAttributes(instance, NULL,
+						&sha1_hash,
 	                                        &serverAuth,
 	                                        &clientAuth,
 	                                        &codeSigning,
@@ -980,6 +996,10 @@ nssTrust_Create
 	    PZ_Unlock(object->lock);
 	    return (NSSTrust *)NULL;
 	}
+	if (PORT_Memcmp(sha1_hashin,sha1_hashcmp,SHA1_LENGTH) != 0) {
+	    PZ_Unlock(object->lock);
+	    return (NSSTrust *)NULL;
+	}
 	if (rvt->serverAuth == nssTrustLevel_Unknown ||
 	    myTrustOrder < lastTrustOrder) 
 	{
diff --git a/security/nss/lib/pki/pkim.h b/security/nss/lib/pki/pkim.h
index 170a4d938..c1fe3e146 100644
--- a/security/nss/lib/pki/pkim.h
+++ b/security/nss/lib/pki/pkim.h
@@ -247,7 +247,8 @@ nssDecodedCert_Destroy
 NSS_EXTERN NSSTrust *
 nssTrust_Create
 (
-  nssPKIObject *object
+  nssPKIObject *object,
+  NSSCertificate *nssCert
 );
 
 NSS_EXTERN NSSCRL *
diff --git a/security/nss/lib/pki/trustdomain.c b/security/nss/lib/pki/trustdomain.c
index c5e3dc337..15542c568 100644
--- a/security/nss/lib/pki/trustdomain.c
+++ b/security/nss/lib/pki/trustdomain.c
@@ -1261,7 +1261,7 @@ nssTrustDomain_FindTrustForCertificate
 	}
     }
     if (pkio) {
-	rvt = nssTrust_Create(pkio);
+	rvt = nssTrust_Create(pkio, &c->encoding);
 	if (!rvt) {
 	    goto loser;
 	}
author	relyea%netscape.com <devnull@localhost>	2002-08-27 23:38:29 +0000
committer	relyea%netscape.com <devnull@localhost>	2002-08-27 23:38:29 +0000
commit	7aea5036c858194843995413c96d53665aa6cb64 (patch)
tree	023c139f7fbec6d45dc283e2a5743c87d9dc6598 /security/nss
parent	de9a7e9f25b990d4d8bbb595ee718167727c4a03 (diff)
download	nss-hg-7aea5036c858194843995413c96d53665aa6cb64.tar.gz