mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Use statically-sized stack buffers to fix building on Windows.

This commit is contained in:
Justin Dolske 2008-06-26 15:22:48 -07:00
Родитель 773399e36a
Коммит 1b1d0f308a
1 изменённых файлов: 30 добавлений и 18 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

48
services/crypto/WeaveCrypto.cpp
Просмотреть файл

@ -50,6 +50,12 @@
#include "keyhi.h"
#include "nss.h"
/*
* In a number of places we use stack buffers to hold smallish temporary data.
* 4K is plenty big for the exptected uses, and avoids poking holes in the
* heap for small allocations. (Yes, we still check for overflow.)
*/
#define STACK_BUFFER_SIZE 4096
NS_IMPL_ISUPPORTS1(WeaveCrypto, IWeaveCrypto)
@ -273,9 +279,9 @@ WeaveCrypto::CommonCrypt(const char *input, PRUint32 inputSize,
SECItem *ivParam = nsnull;
PRUint32 maxOutputSize;
char keyData[aSymmetricKey.Length()];
char keyData[STACK_BUFFER_SIZE];
PRUint32 keyDataSize = sizeof(keyData);
char ivData[aIV.Length()];
char ivData[STACK_BUFFER_SIZE];
PRUint32 ivDataSize = sizeof(ivData);
rv = DecodeBase64(aSymmetricKey, keyData, &keyDataSize);
@ -468,8 +474,8 @@ WeaveCrypto::DeriveKeyFromPassphrase(const nsACString& aPassphrase,
PromiseFlatCString fPass(aPassphrase);
SECItem passphrase = {siBuffer, (unsigned char *)fPass.get(), fPass.Length()};
char saltBytes[aSalt.Length()];
PRUint32 saltBytesLength = aSalt.Length();
char saltBytes[STACK_BUFFER_SIZE];
PRUint32 saltBytesLength = sizeof(saltBytes);
rv = DecodeBase64(aSalt, saltBytes, &saltBytesLength);
NS_ENSURE_SUCCESS(rv, rv);
SECItem salt = {siBuffer, (unsigned char*)saltBytes, saltBytesLength};
@ -531,7 +537,7 @@ WeaveCrypto::WrapPrivateKey(SECKEYPrivateKey *aPrivateKey,
rv = DeriveKeyFromPassphrase(aPassphrase, aSalt, &pbeKey);
NS_ENSURE_SUCCESS(rv, rv);
char ivData[aIV.Length()];
char ivData[STACK_BUFFER_SIZE];
PRUint32 ivDataSize = sizeof(ivData);
rv = DecodeBase64(aIV, ivData, &ivDataSize);
NS_ENSURE_SUCCESS(rv, rv);
@ -554,7 +560,7 @@ WeaveCrypto::WrapPrivateKey(SECKEYPrivateKey *aPrivateKey,
// Use a stack buffer to hold the wrapped key. NSS says about 1200 bytes for
// a 2048-bit RSA key, so our 4096 byte buffer should be plenty.
unsigned char stackBuffer[4096];
unsigned char stackBuffer[STACK_BUFFER_SIZE];
SECItem wrappedKey = {siBuffer, stackBuffer, sizeof(stackBuffer)};
s = PK11_WrapPrivKey(aPrivateKey->pkcs11Slot,
@ -608,7 +614,10 @@ WeaveCrypto::GenerateRandomBytes(PRUint32 aByteCount,
nsACString& aEncodedBytes)
{
nsresult rv;
char random[aByteCount];
char random[STACK_BUFFER_SIZE];
if (aByteCount > STACK_BUFFER_SIZE)
return NS_ERROR_OUT_OF_MEMORY;
rv = PK11_GenerateRandom((unsigned char *)random, aByteCount);
NS_ENSURE_SUCCESS(rv, rv);
@ -631,7 +640,10 @@ WeaveCrypto::GenerateRandomIV(nsACString& aEncodedBytes)
CK_MECHANISM_TYPE mech = PK11_AlgtagToMechanism(mAlgorithm);
PRUint32 size = PK11_GetIVLength(mech);
char random[size];
char random[STACK_BUFFER_SIZE];
if (size > STACK_BUFFER_SIZE)
return NS_ERROR_OUT_OF_MEMORY;
rv = PK11_GenerateRandom((unsigned char *)random, size);
NS_ENSURE_SUCCESS(rv, rv);
@ -742,19 +754,19 @@ WeaveCrypto::WrapSymmetricKey(const nsACString& aSymmetricKey,
// Step 1. Get rid of the base64 encoding on the inputs.
char publicKeyBuffer[aPublicKey.Length()];
PRUint32 publicKeyBufferSize = aPublicKey.Length();
char publicKeyBuffer[STACK_BUFFER_SIZE];
PRUint32 publicKeyBufferSize = sizeof(publicKeyBuffer);
rv = DecodeBase64(aPublicKey, publicKeyBuffer, &publicKeyBufferSize);
NS_ENSURE_SUCCESS(rv, rv);
SECItem pubKeyData = {siBuffer, (unsigned char *)publicKeyBuffer, publicKeyBufferSize};
char symKeyBuffer[aSymmetricKey.Length()];
PRUint32 symKeyBufferSize = aSymmetricKey.Length();
char symKeyBuffer[STACK_BUFFER_SIZE];
PRUint32 symKeyBufferSize = sizeof(symKeyBuffer);
rv = DecodeBase64(aSymmetricKey, symKeyBuffer, &symKeyBufferSize);
NS_ENSURE_SUCCESS(rv, rv);
SECItem symKeyData = {siBuffer, (unsigned char *)symKeyBuffer, symKeyBufferSize};
char wrappedBuffer[4096];
char wrappedBuffer[STACK_BUFFER_SIZE];
SECItem wrappedKey = {siBuffer, (unsigned char *)wrappedBuffer, sizeof(wrappedBuffer)};
@ -869,14 +881,14 @@ WeaveCrypto::UnwrapSymmetricKey(const nsACString& aWrappedSymmetricKey,
// Step 1. Get rid of the base64 encoding on the inputs.
char privateKeyBuffer[aWrappedPrivateKey.Length()];
PRUint32 privateKeyBufferSize = aWrappedPrivateKey.Length();
char privateKeyBuffer[STACK_BUFFER_SIZE];
PRUint32 privateKeyBufferSize = sizeof(privateKeyBuffer);
rv = DecodeBase64(aWrappedPrivateKey, privateKeyBuffer, &privateKeyBufferSize);
NS_ENSURE_SUCCESS(rv, rv);
SECItem wrappedPrivKey = {siBuffer, (unsigned char *)privateKeyBuffer, privateKeyBufferSize};
char wrappedKeyBuffer[aWrappedSymmetricKey.Length()];
PRUint32 wrappedKeyBufferSize = aWrappedSymmetricKey.Length();
char wrappedKeyBuffer[STACK_BUFFER_SIZE];
PRUint32 wrappedKeyBufferSize = sizeof(wrappedKeyBuffer);
rv = DecodeBase64(aWrappedSymmetricKey, wrappedKeyBuffer, &wrappedKeyBufferSize);
NS_ENSURE_SUCCESS(rv, rv);
SECItem wrappedSymKey = {siBuffer, (unsigned char *)wrappedKeyBuffer, wrappedKeyBufferSize};
@ -886,7 +898,7 @@ WeaveCrypto::UnwrapSymmetricKey(const nsACString& aWrappedSymmetricKey,
rv = DeriveKeyFromPassphrase(aPassphrase, aSalt, &pbeKey);
NS_ENSURE_SUCCESS(rv, rv);
char ivData[aIV.Length()];
char ivData[STACK_BUFFER_SIZE];
PRUint32 ivDataSize = sizeof(ivData);
rv = DecodeBase64(aIV, ivData, &ivDataSize);
NS_ENSURE_SUCCESS(rv, rv);