зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1677548 - land NSS f84fb229842a UPGRADE_NSS_RELEASE, r=bbeurdouche
2020-12-04 Kevin Jacobs <kjacobs@mozilla.com> * gtests/pk11_gtest/pk11_aeskeywrappad_unittest.cc, lib/pk11wrap/pk11obj.c: Bug 1680400 - Fix memory leak in PK11_UnwrapPrivKey. r=bbeurdouche [f84fb229842a] [tip] 2020-12-03 yogesh <yoyogesh01@gmail.com> * cmd/tstclnt/tstclnt.c: Bug 1570539 - Removed -X alt-server-hello option from tstclnt r=kjacobs [ef9198eb2895] 2020-12-03 J.C. Jones <jjones@mozilla.com> * lib/util/pkcs11t.h: Bug 1675523 - CKR_PUBLIC_KEY_INVALID has an incorrect value r=bbeurdouche PKCS#11 v2.40: https://www.cryptsoft.com/pkcs11doc/STANDARD/include/v240/pkcs11t.h line 1150 jdk8u: https://hg.openjdk.java.net/jdk8u/jdk8u/jdk/file/eb7f437285a1 /src/share/native/sun/security/pkcs11/wrapper/pkcs11t.h#l1155 [f9bcf45ca3bf] Differential Revision: https://phabricator.services.mozilla.com/D98946
This commit is contained in:
Родитель
dff7d3707f
Коммит
254f0c7699
|
@ -1 +1 @@
|
|||
f8c49b334e51
|
||||
f84fb229842a
|
|
@ -313,7 +313,6 @@ PrintParameterUsage()
|
|||
"%-20s rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512,\n"
|
||||
"%-20s dsa_sha1, dsa_sha256, dsa_sha384, dsa_sha512\n",
|
||||
"-J", "", "", "", "", "", "", "");
|
||||
fprintf(stderr, "%-20s Enable alternative TLS 1.3 handshake\n", "-X alt-server-hello");
|
||||
fprintf(stderr, "%-20s Use DTLS\n", "-P {client, server}");
|
||||
fprintf(stderr, "%-20s Exit after handshake\n", "-Q");
|
||||
fprintf(stderr, "%-20s Use Encrypted Client Hello with the given Base64-encoded ECHConfigs\n", "-N");
|
||||
|
|
|
@ -10,4 +10,3 @@
|
|||
*/
|
||||
|
||||
#error "Do not include this header file."
|
||||
|
||||
|
|
|
@ -66,6 +66,14 @@ TEST_F(Pkcs11AESKeyWrapPadTest, WrapUnwrapECKey) {
|
|||
true, CKK_EC, usages, usageCount, nullptr));
|
||||
ASSERT_EQ(0, PORT_GetError());
|
||||
ASSERT_TRUE(!!unwrapped);
|
||||
|
||||
// Try it with internal params allocation.
|
||||
SECKEYPrivateKey* tmp = PK11_UnwrapPrivKey(
|
||||
slot.get(), kek.get(), CKM_NSS_AES_KEY_WRAP_PAD, nullptr, wrapped.get(),
|
||||
nullptr, &pubKey, false, true, CKK_EC, usages, usageCount, nullptr);
|
||||
ASSERT_EQ(0, PORT_GetError());
|
||||
ASSERT_NE(nullptr, tmp);
|
||||
unwrapped.reset(tmp);
|
||||
}
|
||||
|
||||
// Encrypt an ephemeral RSA key
|
||||
|
|
|
@ -1321,23 +1321,23 @@ PK11_UnwrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey,
|
|||
NULL, perm, sensitive);
|
||||
SECKEY_DestroyPrivateKey(privKey);
|
||||
PK11_FreeSlot(int_slot);
|
||||
SECITEM_FreeItem(param_free, PR_TRUE);
|
||||
return newPrivKey;
|
||||
}
|
||||
}
|
||||
if (int_slot)
|
||||
PK11_FreeSlot(int_slot);
|
||||
PORT_SetError(PK11_MapError(crv));
|
||||
SECITEM_FreeItem(param_free, PR_TRUE);
|
||||
return NULL;
|
||||
}
|
||||
SECITEM_FreeItem(param_free, PR_TRUE);
|
||||
return PK11_MakePrivKey(slot, nullKey, PR_FALSE, privKeyID, wincx);
|
||||
|
||||
loser:
|
||||
if (newKey) {
|
||||
PK11_FreeSymKey(newKey);
|
||||
}
|
||||
if (ck_id) {
|
||||
SECITEM_FreeItem(ck_id, PR_TRUE);
|
||||
}
|
||||
PK11_FreeSymKey(newKey);
|
||||
SECITEM_FreeItem(ck_id, PR_TRUE);
|
||||
SECITEM_FreeItem(param_free, PR_TRUE);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
|
|
@ -1460,7 +1460,7 @@ typedef CK_ULONG CK_RV;
|
|||
#define CKR_FIPS_SELF_TEST_FAILED 0x000001B6UL
|
||||
#define CKR_LIBRARY_LOAD_FAILED 0x000001B7UL
|
||||
#define CKR_PIN_TOO_WEAK 0x000001B8UL
|
||||
#define CKR_PUBLIC_KEY_INVALID 0x000001B
|
||||
#define CKR_PUBLIC_KEY_INVALID 0x000001B9UL
|
||||
|
||||
/* This is new to v2.20 */
|
||||
#define CKR_FUNCTION_REJECTED 0x00000200UL
|
||||
|
|
Загрузка…
Ссылка в новой задаче