diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-07-18 15:58:00 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-07-18 15:58:00 +0200 |
| commit | 2539ce925195a9524521c5d87fd3441d964d03d3 (patch) | |
| tree | 00fd2cf658129d6c30e1dbb4f9c54d83321157db /security/nss/lib/freebl | |
| parent | ca0083022fad1f9fb2a7b1d4b94f32402026e3e6 (diff) | |
| parent | 89bd45bf91e0611449a93cbc978bdd6654109c46 (diff) | |
| download | UXP-2539ce925195a9524521c5d87fd3441d964d03d3.tar UXP-2539ce925195a9524521c5d87fd3441d964d03d3.tar.gz UXP-2539ce925195a9524521c5d87fd3441d964d03d3.tar.lz UXP-2539ce925195a9524521c5d87fd3441d964d03d3.tar.xz UXP-2539ce925195a9524521c5d87fd3441d964d03d3.zip | |
Merge branch 'nss-work'
Diffstat (limited to 'security/nss/lib/freebl')
| -rw-r--r-- | security/nss/lib/freebl/dh.c | 3 | ||||
| -rw-r--r-- | security/nss/lib/freebl/ec.c | 14 | ||||
| -rw-r--r-- | security/nss/lib/freebl/ecl/ecp_25519.c | 3 |
3 files changed, 13 insertions, 7 deletions
diff --git a/security/nss/lib/freebl/dh.c b/security/nss/lib/freebl/dh.c index 6f2bafda2..b2d6d7430 100644 --- a/security/nss/lib/freebl/dh.c +++ b/security/nss/lib/freebl/dh.c @@ -210,7 +210,8 @@ DH_Derive(SECItem *publicValue, unsigned int len = 0; unsigned int nb; unsigned char *secret = NULL; - if (!publicValue || !prime || !privateValue || !derivedSecret) { + if (!publicValue || !publicValue->len || !prime || !prime->len || + !privateValue || !privateValue->len || !derivedSecret) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } diff --git a/security/nss/lib/freebl/ec.c b/security/nss/lib/freebl/ec.c index 6468a10d6..ddbcc2340 100644 --- a/security/nss/lib/freebl/ec.c +++ b/security/nss/lib/freebl/ec.c @@ -202,8 +202,8 @@ ec_NewKey(ECParams *ecParams, ECPrivateKey **privKey, #endif MP_DIGITS(&k) = 0; - if (!ecParams || !privKey || !privKeyBytes || (privKeyLen < 0) || - !ecParams->name) { + if (!ecParams || ecParams->name == ECCurve_noName || + !privKey || !privKeyBytes || privKeyLen <= 0) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } @@ -391,7 +391,7 @@ EC_NewKey(ECParams *ecParams, ECPrivateKey **privKey) int len; unsigned char *privKeyBytes = NULL; - if (!ecParams) { + if (!ecParams || ecParams->name == ECCurve_noName || !privKey) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } @@ -430,7 +430,8 @@ EC_ValidatePublicKey(ECParams *ecParams, SECItem *publicValue) mp_err err = MP_OKAY; int len; - if (!ecParams || !publicValue || !ecParams->name) { + if (!ecParams || ecParams->name == ECCurve_noName || + !publicValue || !publicValue->len) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } @@ -536,8 +537,9 @@ ECDH_Derive(SECItem *publicValue, int i; #endif - if (!publicValue || !ecParams || !privateValue || !derivedSecret || - !ecParams->name) { + if (!publicValue || !publicValue->len || + !ecParams || ecParams->name == ECCurve_noName || + !privateValue || !privateValue->len || !derivedSecret) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } diff --git a/security/nss/lib/freebl/ecl/ecp_25519.c b/security/nss/lib/freebl/ecl/ecp_25519.c index 38bd34c50..7b331b28f 100644 --- a/security/nss/lib/freebl/ecl/ecp_25519.c +++ b/security/nss/lib/freebl/ecl/ecp_25519.c @@ -114,6 +114,9 @@ ec_Curve25519_pt_mul(SECItem *X, SECItem *k, SECItem *P) } px = P->data; } + if (k->len != 32) { + return SECFailure; + } SECStatus rv = ec_Curve25519_mul(X->data, k->data, px); if (NSS_SecureMemcmpZero(X->data, X->len) == 0) { |