Don't unnecessarily strip leading 0's from key material during PKCS11 import.

author: wolfbeast <mcwerewolf@wolfbeast.com> 2019-07-17 01:31:34 +0200
committer: wolfbeast <mcwerewolf@wolfbeast.com> 2019-07-17 01:31:34 +0200
commit: 1e560deff8c37164eb7496e7d87aa7b30de80398 (patch)
tree: 57dbb282776c358d430747f34e77298b1f069511 /security/nss/lib/freebl/ecl
parent: ef189737a3a97bbdeb06825c06121697f62ed50b (diff)
download: UXP-1e560deff8c37164eb7496e7d87aa7b30de80398.tar
UXP-1e560deff8c37164eb7496e7d87aa7b30de80398.tar.gz
UXP-1e560deff8c37164eb7496e7d87aa7b30de80398.tar.lz
UXP-1e560deff8c37164eb7496e7d87aa7b30de80398.tar.xz
UXP-1e560deff8c37164eb7496e7d87aa7b30de80398.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/security/nss/lib/freebl/ecl/ecp_25519.c b/security/nss/lib/freebl/ecl/ecp_25519.c
index 38bd34c50..7b331b28f 100644
--- a/security/nss/lib/freebl/ecl/ecp_25519.c
+++ b/security/nss/lib/freebl/ecl/ecp_25519.c
@@ -114,6 +114,9 @@ ec_Curve25519_pt_mul(SECItem *X, SECItem *k, SECItem *P)
         }
         px = P->data;
     }
+    if (k->len != 32) {
+        return SECFailure;
+    }
 
     SECStatus rv = ec_Curve25519_mul(X->data, k->data, px);
     if (NSS_SecureMemcmpZero(X->data, X->len) == 0) {
author	wolfbeast <mcwerewolf@wolfbeast.com>	2019-07-17 01:31:34 +0200
committer	wolfbeast <mcwerewolf@wolfbeast.com>	2019-07-17 01:31:34 +0200
commit	1e560deff8c37164eb7496e7d87aa7b30de80398 (patch)
tree	57dbb282776c358d430747f34e77298b1f069511 /security/nss/lib/freebl/ecl
parent	ef189737a3a97bbdeb06825c06121697f62ed50b (diff)
download	UXP-1e560deff8c37164eb7496e7d87aa7b30de80398.tar UXP-1e560deff8c37164eb7496e7d87aa7b30de80398.tar.gz UXP-1e560deff8c37164eb7496e7d87aa7b30de80398.tar.lz UXP-1e560deff8c37164eb7496e7d87aa7b30de80398.tar.xz UXP-1e560deff8c37164eb7496e7d87aa7b30de80398.zip