Bugzilla Bug 320038: checked in a better fix that allows us to write

EC domain parameters as hex strings with leading 00's. r=douglas.stebila sr=relyea. Modified files: softoken/ecdecode.c freebl/ecl/ecl-curve.h
2006-02-27 23:18:34 +00:00 · 2006-02-27 23:18:34 +00:00 · 7a0f0203c7
--- a/security/nss/lib/freebl/ecl/ecl-curve.h
+++ b/security/nss/lib/freebl/ecl/ecl-curve.h
@ -117,7 +117,7 @@ static const ECCurveParams ecCurve_NIST_K233 = {
 	"000000000000000000000000000000000000000000000000000000000001",
 	"017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",
 	"01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
-	  "8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", 4
+	"008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", 4
 };
 static const ECCurveParams ecCurve_NIST_B233 = {
 	"NIST-B233", ECField_GF2m, 233,
@ -155,7 +155,7 @@ static const ECCurveParams ecCurve_NIST_K409 = {
 	"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
 	"0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746",
 	"01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B",
-	  "7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF",
+	"007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF",
 	4
 };
 static const ECCurveParams ecCurve_NIST_B409 = {
--- a/security/nss/lib/softoken/ecdecode.c
+++ b/security/nss/lib/softoken/ecdecode.c
@ -49,7 +49,12 @@
 #define CHECK_OK(func) if (func == NULL) goto cleanup
 #define CHECK_SEC_OK(func) if (SECSuccess != (rv = func)) goto cleanup

-/* Initializes a SECItem from a hexadecimal string */
+/*
+ * Initializes a SECItem from a hexadecimal string
+ *
+ * Warning: This function ignores leading 00's, so any leading 00's
+ * in the hexadecimal string must be optional.
+ */
 static SECItem *
 hexString2SECItem(PRArenaPool *arena, SECItem *item, const char *str)
 {
@ -59,6 +64,12 @@ hexString2SECItem(PRArenaPool *arena, SECItem *item, const char *str)

    if ((tmp % 2) != 0) return NULL;
    
+    /* skip leading 00's unless the hex string is "00" */
+    while ((tmp > 2) && (str[0] == '0') && (str[1] == '0')) {
+        str += 2;
+        tmp -= 2;
+    }
+
    item->data = (unsigned char *) PORT_ArenaAlloc(arena, tmp/2);
    if (item->data == NULL) return NULL;
    item->len = tmp/2;