diff options
| author | wolfbeast <mcwerewolf@gmail.com> | 2018-12-17 14:12:04 +0100 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@gmail.com> | 2018-12-17 14:12:04 +0100 |
| commit | 51b821b3fdc5a7eab2369cb6a6680598a6264b08 (patch) | |
| tree | f3608a518bbb9e31b0a42b9a10742fb11ef5b39b /security/nss/lib/util/pkcs1sig.c | |
| parent | 8e44bbb43789e585fab9fc1ce8becc94b45d566c (diff) | |
| parent | 680c3eadb6aaec1f3653636db081a519e0f62ef5 (diff) | |
| download | UXP-51b821b3fdc5a7eab2369cb6a6680598a6264b08.tar UXP-51b821b3fdc5a7eab2369cb6a6680598a6264b08.tar.gz UXP-51b821b3fdc5a7eab2369cb6a6680598a6264b08.tar.lz UXP-51b821b3fdc5a7eab2369cb6a6680598a6264b08.tar.xz UXP-51b821b3fdc5a7eab2369cb6a6680598a6264b08.zip | |
Merge branch 'master' into Sync-weave
Diffstat (limited to 'security/nss/lib/util/pkcs1sig.c')
| -rw-r--r-- | security/nss/lib/util/pkcs1sig.c | 67 |
1 files changed, 28 insertions, 39 deletions
diff --git a/security/nss/lib/util/pkcs1sig.c b/security/nss/lib/util/pkcs1sig.c index 502119aa5..68588c7f8 100644 --- a/security/nss/lib/util/pkcs1sig.c +++ b/security/nss/lib/util/pkcs1sig.c @@ -15,13 +15,6 @@ struct pkcs1PrefixStr { PRUint8 *data; }; -typedef struct pkcs1PrefixesStr pkcs1Prefixes; -struct pkcs1PrefixesStr { - unsigned int digestLen; - pkcs1Prefix prefixWithParams; - pkcs1Prefix prefixWithoutParams; -}; - /* The value for SGN_PKCS1_DIGESTINFO_MAX_PREFIX_LEN_EXCLUDING_OID is based on * the possible prefix encodings as explained below. */ @@ -101,9 +94,8 @@ _SGN_VerifyPKCS1DigestInfo(SECOidTag digestAlg, PRBool unsafeAllowMissingParameters) { SECOidData *hashOid; - pkcs1Prefixes pp; - const pkcs1Prefix *expectedPrefix; - SECStatus rv, rv2, rv3; + pkcs1Prefix prefix; + SECStatus rv; if (!digest || !digest->data || !dataRecoveredFromSignature || !dataRecoveredFromSignature->data) { @@ -117,17 +109,9 @@ _SGN_VerifyPKCS1DigestInfo(SECOidTag digestAlg, return SECFailure; } - pp.digestLen = digest->len; - pp.prefixWithParams.data = NULL; - pp.prefixWithoutParams.data = NULL; + prefix.data = NULL; - rv2 = encodePrefix(hashOid, pp.digestLen, &pp.prefixWithParams, PR_TRUE); - rv3 = encodePrefix(hashOid, pp.digestLen, &pp.prefixWithoutParams, PR_FALSE); - - rv = SECSuccess; - if (rv2 != SECSuccess || rv3 != SECSuccess) { - rv = SECFailure; - } + rv = encodePrefix(hashOid, digest->len, &prefix, PR_TRUE); if (rv == SECSuccess) { /* We don't attempt to avoid timing attacks on these comparisons because @@ -135,34 +119,39 @@ _SGN_VerifyPKCS1DigestInfo(SECOidTag digestAlg, * operation. */ - if (dataRecoveredFromSignature->len == - pp.prefixWithParams.len + pp.digestLen) { - expectedPrefix = &pp.prefixWithParams; - } else if (unsafeAllowMissingParameters && - dataRecoveredFromSignature->len == - pp.prefixWithoutParams.len + pp.digestLen) { - expectedPrefix = &pp.prefixWithoutParams; - } else { - PORT_SetError(SEC_ERROR_BAD_SIGNATURE); - rv = SECFailure; + if (dataRecoveredFromSignature->len != prefix.len + digest->len) { + PRBool lengthMismatch = PR_TRUE; +#ifdef NSS_PKCS1_AllowMissingParameters + if (unsafeAllowMissingParameters) { + if (prefix.data) { + PORT_Free(prefix.data); + prefix.data = NULL; + } + rv = encodePrefix(hashOid, digest->len, &prefix, PR_FALSE); + if (rv != SECSuccess || + dataRecoveredFromSignature->len == prefix.len + digest->len) { + lengthMismatch = PR_FALSE; + } + } +#endif + if (lengthMismatch) { + PORT_SetError(SEC_ERROR_BAD_SIGNATURE); + rv = SECFailure; + } } } if (rv == SECSuccess) { - if (memcmp(dataRecoveredFromSignature->data, expectedPrefix->data, - expectedPrefix->len) || - memcmp(dataRecoveredFromSignature->data + expectedPrefix->len, - digest->data, digest->len)) { + if (memcmp(dataRecoveredFromSignature->data, prefix.data, prefix.len) || + memcmp(dataRecoveredFromSignature->data + prefix.len, digest->data, + digest->len)) { PORT_SetError(SEC_ERROR_BAD_SIGNATURE); rv = SECFailure; } } - if (pp.prefixWithParams.data) { - PORT_Free(pp.prefixWithParams.data); - } - if (pp.prefixWithoutParams.data) { - PORT_Free(pp.prefixWithoutParams.data); + if (prefix.data) { + PORT_Free(prefix.data); } return rv; |