summaryrefslogtreecommitdiff
path: root/security/nss/lib/pk11wrap/pk11skey.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/pk11wrap/pk11skey.c')
-rw-r--r--security/nss/lib/pk11wrap/pk11skey.c12
1 files changed, 10 insertions, 2 deletions
diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c
index f7a5a9f6b..062a22f4a 100644
--- a/security/nss/lib/pk11wrap/pk11skey.c
+++ b/security/nss/lib/pk11wrap/pk11skey.c
@@ -2427,6 +2427,12 @@ PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
mechanism.ulParameterLen = 0;
id = PK11_ImportPublicKey(slot,pubKey,PR_FALSE);
+ if (id == CK_INVALID_HANDLE) {
+ if (newKey) {
+ PK11_FreeSymKey(newKey);
+ }
+ return SECFailure; /* Error code has been set. */
+ }
session = pk11_GetNewSession(slot,&owner);
if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
@@ -3267,7 +3273,8 @@ pk11_AnyUnwrapKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
/* initialize the mechanism structure */
mechanism.mechanism = wrapType;
/* use NULL IV's for wrapping */
- if (param == NULL) param = param_free = PK11_ParamFromIV(wrapType,NULL);
+ if (param == NULL)
+ param = param_free = PK11_ParamFromIV(wrapType,NULL);
if (param) {
mechanism.pParameter = param->data;
mechanism.ulParameterLen = param->len;
@@ -3290,7 +3297,8 @@ pk11_AnyUnwrapKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
* with this module.
*/
if (crv == CKR_DEVICE_ERROR){
- return NULL;
+ if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
+ return NULL;
}
/* fall through, maybe they incorrectly set CKF_DECRYPT */
}
View Lorry Controller Status