diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-06-27 00:45:42 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-06-27 00:45:42 +0200 |
| commit | 3c568a5681bac0a84f7a49697951780170ad182c (patch) | |
| tree | be4fc0e3b5849d3b5282bdabe981698ecce31385 /security/nss/lib/softoken/legacydb | |
| parent | 4b188510af097627f117482dfc7c3d308c845385 (diff) | |
| download | UXP-3c568a5681bac0a84f7a49697951780170ad182c.tar UXP-3c568a5681bac0a84f7a49697951780170ad182c.tar.gz UXP-3c568a5681bac0a84f7a49697951780170ad182c.tar.lz UXP-3c568a5681bac0a84f7a49697951780170ad182c.tar.xz UXP-3c568a5681bac0a84f7a49697951780170ad182c.zip | |
Update NSS to 3.41.1 (custom)
This resolves #82
Diffstat (limited to 'security/nss/lib/softoken/legacydb')
| -rw-r--r-- | security/nss/lib/softoken/legacydb/keydb.c | 33 |
1 files changed, 30 insertions, 3 deletions
diff --git a/security/nss/lib/softoken/legacydb/keydb.c b/security/nss/lib/softoken/legacydb/keydb.c index b4aa7754b..c8c4d07ba 100644 --- a/security/nss/lib/softoken/legacydb/keydb.c +++ b/security/nss/lib/softoken/legacydb/keydb.c @@ -1213,6 +1213,8 @@ nsslowkey_EncodePW(SECOidTag alg, const SECItem *salt, SECItem *data) unsigned char one = 1; SECItem *epw = NULL; SECItem *encParam; + int iterLen = 0; + int saltLen; SECStatus rv; param.salt = *salt; @@ -1221,6 +1223,17 @@ nsslowkey_EncodePW(SECOidTag alg, const SECItem *salt, SECItem *data) param.iter.len = 1; edi.encryptedData = *data; + iterLen = salt->len > 1 ? salt->data[salt->len - 1] : 2; + saltLen = (salt->len - iterLen) - 1; + /* if the resulting saltLen is a sha hash length, then assume that + * the iteration count is tacked on the end of the buffer */ + if ((saltLen == SHA1_LENGTH) || (saltLen == SHA256_LENGTH) || (saltLen == SHA384_LENGTH) || (saltLen == SHA224_LENGTH) || + (saltLen == SHA512_LENGTH)) { + param.iter.data = &salt->data[saltLen]; + param.iter.len = iterLen; + param.salt.len = saltLen; + } + arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { return NULL; @@ -1270,9 +1283,23 @@ nsslowkey_DecodePW(const SECItem *derData, SECOidTag *alg, SECItem *salt) if (rv != SECSuccess) { goto loser; } - rv = SECITEM_CopyItem(NULL, salt, ¶m.salt); - if (rv != SECSuccess) { - goto loser; + /* if the iteration count isn't one, tack it at the end of the salt */ + if (!((param.iter.len == 1) && (param.iter.data[0] == 1))) { + int total_len = param.salt.len + param.iter.len + 1; + salt->data = PORT_Alloc(total_len); + if (salt->data == NULL) { + goto loser; + } + PORT_Memcpy(salt->data, param.salt.data, param.salt.len); + PORT_Memcpy(&salt->data[param.salt.len], param.iter.data, + param.iter.len); + salt->data[total_len - 1] = param.iter.len; + salt->len = total_len; + } else { + rv = SECITEM_CopyItem(NULL, salt, ¶m.salt); + if (rv != SECSuccess) { + goto loser; + } } pwe = SECITEM_DupItem(&edi.encryptedData); |