diff options
| author | relyea%netscape.com <devnull@localhost> | 2001-12-19 18:06:29 +0000 |
|---|---|---|
| committer | relyea%netscape.com <devnull@localhost> | 2001-12-19 18:06:29 +0000 |
| commit | 586a373580395a007e70080228298867cd3b8b36 (patch) | |
| tree | a4ae33f02948bb531322f18973e79854123b34e9 /security | |
| parent | cc838253832cb98c12f60749424887517466d591 (diff) | |
| download | nss-hg-586a373580395a007e70080228298867cd3b8b36.tar.gz | |
Fix Bug 115657.
1) advance the pointers in the initialization setup for p12 pbes (at the same
time fix the code to be much easier to read and understand).
2) Copy out the returned IV in pkcs11c.c.
Diffstat (limited to 'security')
| -rw-r--r-- | security/nss/lib/softoken/lowpbe.c | 25 | ||||
| -rw-r--r-- | security/nss/lib/softoken/pkcs11c.c | 6 |
2 files changed, 10 insertions, 21 deletions
diff --git a/security/nss/lib/softoken/lowpbe.c b/security/nss/lib/softoken/lowpbe.c index 91d936076..51831b4db 100644 --- a/security/nss/lib/softoken/lowpbe.c +++ b/security/nss/lib/softoken/lowpbe.c @@ -415,7 +415,8 @@ loser: #endif #define HMAC_BUFFER 64 -#define ROUNDUP(x,y) ((((x)+((y)-1))/(y))*(y)) +#define NSSPBE_ROUNDUP(x,y) ((((x)+((y)-1))/(y))*(y)) +#define NSSPBE_MIN(x,y) ((x) < (y) ? (x) : (y)) /* * This is the extended PBE function defined by the final PKCS #12 spec. */ @@ -456,8 +457,8 @@ nsspkcs5_PKCS12PBE(const SECHashObject *hashObject, goto loser; } - SLen = ROUNDUP(salt->len,HMAC_BUFFER); - PLen = ROUNDUP(pwitem->len,HMAC_BUFFER); + SLen = NSSPBE_ROUNDUP(salt->len,HMAC_BUFFER); + PLen = NSSPBE_ROUNDUP(pwitem->len,HMAC_BUFFER); I.len = SLen+PLen; I.data = (unsigned char*)PORT_ArenaZAlloc(arena, I.len); if (I.data == NULL) { @@ -470,19 +471,13 @@ nsspkcs5_PKCS12PBE(const SECHashObject *hashObject, PORT_Memset(D.data, (char)bitGenPurpose, D.len); if (SLen) { - unsigned int z = 0; - while (z < SLen) { - int amount = (z + salt->len > SLen) ? SLen - z : salt->len; - PORT_Memcpy(S, salt->data, amount); - z += salt->len; + for (i=0; i < SLen; i += salt->len) { + PORT_Memcpy(S+i, salt->data, NSSPBE_MIN(SLen-i,salt->len)); } } if (PLen) { - unsigned int z = 0; - while (z < PLen) { - int amount = (z + pwitem->len > PLen) ? PLen - z : pwitem->len; - PORT_Memcpy(P, pwitem->data, amount); - z += pwitem->len; + for (i=0; i < PLen; i += pwitem->len) { + PORT_Memcpy(P+i, pwitem->data, NSSPBE_MIN(PLen-i,pwitem->len)); } } @@ -520,9 +515,7 @@ nsspkcs5_PKCS12PBE(const SECHashObject *hashObject, PORT_Memcpy(Ai, iterBuf, hashLength); for (Bidx = 0; Bidx < B.len; Bidx += hashLength) { - PORT_Memcpy(B.data +Bidx, iterBuf, - (((Bidx + hashLength) > B.len) ? (B.len - Bidx) : - hashLength)); + PORT_Memcpy(B.data+Bidx,iterBuf,NSSPBE_MIN(B.len-Bidx,hashLength)); } k = I.len/B.len; diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index 997002c71..110fc9e69 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -2534,11 +2534,7 @@ nsc_pbe_key_gen(NSSPKCS5PBEParameter *pkcs5_pbe, CK_MECHANISM_PTR pMechanism, SECITEM_ZfreeItem(pbe_key, PR_TRUE); pbe_key = NULL; - if (iv.data && pbe_params->pInitVector == NULL) { - pbe_params->pInitVector = (CK_CHAR_PTR)PORT_ZAlloc(pbe_key->len); - if (pbe_params->pInitVector == NULL) { - return CKR_HOST_MEMORY; - } + if (iv.data && pbe_params->pInitVector != NULL) { PORT_Memcpy(pbe_params->pInitVector, iv.data, iv.len); } return CKR_OK; |