From 7be65c82cf37dbfa704e9722f1c69851580f212e Mon Sep 17 00:00:00 2001
From: "wtc%google.com" <devnull@localhost>
Date: Thu, 13 Jan 2011 00:26:57 +0000
Subject: Bug 572289: SEC_ASN1EncodeInteger cannot correctly encode some
 positive integer values.  r=nelson.  Tag: NSS_3_12_BRANCH

---
 security/nss/lib/util/secasn1e.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'security/nss')

diff --git a/security/nss/lib/util/secasn1e.c b/security/nss/lib/util/secasn1e.c
index 2300060df..9283b1758 100644
--- a/security/nss/lib/util/secasn1e.c
+++ b/security/nss/lib/util/secasn1e.c
@@ -1587,7 +1587,7 @@ SEC_ASN1EncodeItem (PRArenaPool *poolp, SECItem *dest, const void *src,
 
 static SECItem *
 sec_asn1e_integer(PRArenaPool *poolp, SECItem *dest, unsigned long value,
-		  PRBool make_unsigned)
+		  PRBool is_unsigned)
 {
     unsigned long copy;
     unsigned char sign;
@@ -1604,11 +1604,11 @@ sec_asn1e_integer(PRArenaPool *poolp, SECItem *dest, unsigned long value,
     } while (copy);
 
     /*
-     * If this is an unsigned encoding, and the high bit of the last
+     * If 'value' is non-negative, and the high bit of the last
      * byte we counted was set, we need to add one to the length so
      * we put a high-order zero byte in the encoding.
      */
-    if (sign && make_unsigned)
+    if (sign && (is_unsigned || (long)value >= 0))
 	len++;
 
     /*
-- 
cgit v1.2.1