diff options
author | Moonchild <mcwerewolf@gmail.com> | 2018-02-06 12:02:47 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-02-06 12:02:47 +0100 |
commit | 389c60da5e01761f4a11ef539ffa26e4c1b17875 (patch) | |
tree | c6033924a0de9be1ab140596e305898c651bf57e /security/nss/lib/pk11wrap/pk11skey.c | |
parent | 7c9b585349c985df0cf6ace83da5dadba8b5c677 (diff) | |
parent | f017b749ea9f1586d2308504553d40bf4cc5439d (diff) | |
download | UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar.gz UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar.lz UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.tar.xz UXP-389c60da5e01761f4a11ef539ffa26e4c1b17875.zip |
Merge pull request #13 from MoonchildProductions/ported-upstream
Ported upstream
Diffstat (limited to 'security/nss/lib/pk11wrap/pk11skey.c')
-rw-r--r-- | security/nss/lib/pk11wrap/pk11skey.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c index e6301388e..1ef53e1d7 100644 --- a/security/nss/lib/pk11wrap/pk11skey.c +++ b/security/nss/lib/pk11wrap/pk11skey.c @@ -18,6 +18,8 @@ #include "secerr.h" #include "hasht.h" +static ECPointEncoding pk11_ECGetPubkeyEncoding(const SECKEYPublicKey *pubKey); + static void pk11_EnterKeyMonitor(PK11SymKey *symKey) { @@ -2005,7 +2007,7 @@ PK11_PubDerive(SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey, /* old PKCS #11 spec was ambiguous on what needed to be passed, * try this again with and encoded public key */ - if (crv != CKR_OK) { + if (crv != CKR_OK && pk11_ECGetPubkeyEncoding(pubKey) != ECPoint_XOnly) { SECItem *pubValue = SEC_ASN1EncodeItem(NULL, NULL, &pubKey->u.ec.publicValue, SEC_ASN1_GET(SEC_OctetStringTemplate)); @@ -2211,6 +2213,11 @@ pk11_PubDeriveECKeyWithKDF( /* old PKCS #11 spec was ambiguous on what needed to be passed, * try this again with an encoded public key */ if (crv != CKR_OK) { + /* For curves that only use X as public value and no encoding we don't + * have to try again. (Currently only Curve25519) */ + if (pk11_ECGetPubkeyEncoding(pubKey) == ECPoint_XOnly) { + goto loser; + } SECItem *pubValue = SEC_ASN1EncodeItem(NULL, NULL, &pubKey->u.ec.publicValue, SEC_ASN1_GET(SEC_OctetStringTemplate)); |