зеркало из https://github.com/mozilla/pjs.git
Fix for 178895 - QuickDER optimizations. r=relyea
This commit is contained in:
jpierre%netscape.com
Родитель
b9baa999e4
Коммит
15c733be33
|
|
@ -577,44 +577,52 @@ SECKEY_UpdateCertPQG(CERTCertificate * subjectCert)
|
||||||
SECStatus
|
SECStatus
|
||||||
SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk,
|
SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk,
|
||||||
SECItem *params) {
|
SECItem *params) {
|
||||||
SECStatus rv;
|
SECStatus rv;
|
||||||
SECKEYPQGDualParams dual_params;
|
SECKEYPQGDualParams dual_params;
|
||||||
|
SECItem newparams;
|
||||||
|
|
||||||
|
PORT_Assert(arena);
|
||||||
|
|
||||||
if (params == NULL) return SECFailure;
|
if (params == NULL) return SECFailure;
|
||||||
|
|
||||||
if (params->data == NULL) return SECFailure;
|
if (params->data == NULL) return SECFailure;
|
||||||
|
|
||||||
|
/* make a copy of the data into the arena so QuickDER output is valid */
|
||||||
|
rv = SECITEM_CopyItem(arena, &newparams, params);
|
||||||
|
|
||||||
/* Check if params use the standard format.
|
/* Check if params use the standard format.
|
||||||
* The value 0xa1 will appear in the first byte of the parameter data
|
* The value 0xa1 will appear in the first byte of the parameter data
|
||||||
* if the PQG parameters are not using the standard format. This
|
* if the PQG parameters are not using the standard format. This
|
||||||
* code should be changed to use a better method to detect non-standard
|
* code should be changed to use a better method to detect non-standard
|
||||||
* parameters. */
|
* parameters. */
|
||||||
|
|
||||||
if ((params->data[0] != 0xa1) &&
|
if ((newparams.data[0] != 0xa1) &&
|
||||||
(params->data[0] != 0xa0)) {
|
(newparams.data[0] != 0xa0)) {
|
||||||
|
|
||||||
|
if (SECSuccess == rv) {
|
||||||
/* PQG params are in the standard format */
|
/* PQG params are in the standard format */
|
||||||
|
|
||||||
/* Store DSA PQG parameters */
|
/* Store DSA PQG parameters */
|
||||||
prepare_pqg_params_for_asn1(&pubk->u.fortezza.params);
|
prepare_pqg_params_for_asn1(&pubk->u.fortezza.params);
|
||||||
rv = SEC_ASN1DecodeItem(arena, &pubk->u.fortezza.params,
|
rv = SEC_QuickDERDecodeItem(arena, &pubk->u.fortezza.params,
|
||||||
SECKEY_PQGParamsTemplate,
|
SECKEY_PQGParamsTemplate,
|
||||||
params);
|
&newparams);
|
||||||
|
}
|
||||||
|
|
||||||
if (rv == SECSuccess) {
|
if (SECSuccess == rv) {
|
||||||
|
|
||||||
/* Copy the DSA PQG parameters to the KEA PQG parameters. */
|
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
|
|
||||||
&pubk->u.fortezza.params.prime);
|
|
||||||
if (rv != SECSuccess) return rv;
|
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
|
|
||||||
&pubk->u.fortezza.params.subPrime);
|
|
||||||
if (rv != SECSuccess) return rv;
|
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
|
|
||||||
&pubk->u.fortezza.params.base);
|
|
||||||
if (rv != SECSuccess) return rv;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
/* Copy the DSA PQG parameters to the KEA PQG parameters. */
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
|
||||||
|
&pubk->u.fortezza.params.prime);
|
||||||
|
}
|
||||||
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
|
||||||
|
&pubk->u.fortezza.params.subPrime);
|
||||||
|
}
|
||||||
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
|
||||||
|
&pubk->u.fortezza.params.base);
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
dual_params.CommParams.prime.len = 0;
|
dual_params.CommParams.prime.len = 0;
|
||||||
|
|
@ -626,67 +634,79 @@ SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk,
|
||||||
|
|
||||||
/* else the old fortezza-only wrapped format is used. */
|
/* else the old fortezza-only wrapped format is used. */
|
||||||
|
|
||||||
if (params->data[0] == 0xa1) {
|
if (SECSuccess == rv) {
|
||||||
rv = SEC_ASN1DecodeItem(arena, &dual_params,
|
if (newparams.data[0] == 0xa1) {
|
||||||
SECKEY_FortezzaPreParamTemplate, params);
|
rv = SEC_QuickDERDecodeItem(arena, &dual_params,
|
||||||
} else {
|
SECKEY_FortezzaPreParamTemplate, &newparams);
|
||||||
rv = SEC_ASN1DecodeItem(arena, &dual_params,
|
} else {
|
||||||
SECKEY_FortezzaAltPreParamTemplate, params);
|
rv = SEC_QuickDERDecodeItem(arena, &dual_params,
|
||||||
|
SECKEY_FortezzaAltPreParamTemplate, &newparams);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rv < 0) return rv;
|
|
||||||
|
|
||||||
if ( (dual_params.CommParams.prime.len > 0) &&
|
if ( (dual_params.CommParams.prime.len > 0) &&
|
||||||
(dual_params.CommParams.subPrime.len > 0) &&
|
(dual_params.CommParams.subPrime.len > 0) &&
|
||||||
(dual_params.CommParams.base.len > 0) ) {
|
(dual_params.CommParams.base.len > 0) ) {
|
||||||
/* copy in common params */
|
/* copy in common params */
|
||||||
|
if (SECSuccess == rv) {
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
|
||||||
&dual_params.CommParams.prime);
|
&dual_params.CommParams.prime);
|
||||||
if (rv != SECSuccess) return rv;
|
}
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
|
if (SECSuccess == rv) {
|
||||||
&dual_params.CommParams.subPrime);
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
|
||||||
if (rv != SECSuccess) return rv;
|
&dual_params.CommParams.subPrime);
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
|
}
|
||||||
&dual_params.CommParams.base);
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
|
||||||
|
&dual_params.CommParams.base);
|
||||||
|
}
|
||||||
|
|
||||||
/* Copy the DSA PQG parameters to the KEA PQG parameters. */
|
/* Copy the DSA PQG parameters to the KEA PQG parameters. */
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
|
if (SECSuccess == rv) {
|
||||||
&pubk->u.fortezza.params.prime);
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
|
||||||
if (rv != SECSuccess) return rv;
|
&pubk->u.fortezza.params.prime);
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
|
}
|
||||||
&pubk->u.fortezza.params.subPrime);
|
if (SECSuccess == rv) {
|
||||||
if (rv != SECSuccess) return rv;
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
|
&pubk->u.fortezza.params.subPrime);
|
||||||
&pubk->u.fortezza.params.base);
|
}
|
||||||
if (rv != SECSuccess) return rv;
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
|
||||||
|
&pubk->u.fortezza.params.base);
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
/* else copy in different params */
|
/* else copy in different params */
|
||||||
|
|
||||||
/* copy DSA PQG parameters */
|
/* copy DSA PQG parameters */
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.prime,
|
||||||
&dual_params.DiffParams.DiffDSAParams.prime);
|
&dual_params.DiffParams.DiffDSAParams.prime);
|
||||||
if (rv != SECSuccess) return rv;
|
}
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.subPrime,
|
||||||
&dual_params.DiffParams.DiffDSAParams.subPrime);
|
&dual_params.DiffParams.DiffDSAParams.subPrime);
|
||||||
if (rv != SECSuccess) return rv;
|
}
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.params.base,
|
||||||
&dual_params.DiffParams.DiffDSAParams.base);
|
&dual_params.DiffParams.DiffDSAParams.base);
|
||||||
|
}
|
||||||
|
|
||||||
/* copy KEA PQG parameters */
|
/* copy KEA PQG parameters */
|
||||||
|
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.prime,
|
||||||
&dual_params.DiffParams.DiffKEAParams.prime);
|
&dual_params.DiffParams.DiffKEAParams.prime);
|
||||||
if (rv != SECSuccess) return rv;
|
}
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.subPrime,
|
||||||
&dual_params.DiffParams.DiffKEAParams.subPrime);
|
&dual_params.DiffParams.DiffKEAParams.subPrime);
|
||||||
if (rv != SECSuccess) return rv;
|
}
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.fortezza.keaParams.base,
|
||||||
&dual_params.DiffParams.DiffKEAParams.base);
|
&dual_params.DiffParams.DiffKEAParams.base);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
@ -699,27 +719,35 @@ SECKEY_FortezzaDecodePQGtoOld(PRArenaPool *arena, SECKEYPublicKey *pubk,
|
||||||
|
|
||||||
SECStatus
|
SECStatus
|
||||||
SECKEY_DSADecodePQG(PRArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params) {
|
SECKEY_DSADecodePQG(PRArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params) {
|
||||||
SECStatus rv;
|
SECStatus rv;
|
||||||
SECKEYPQGDualParams dual_params;
|
SECKEYPQGDualParams dual_params;
|
||||||
|
SECItem newparams;
|
||||||
|
|
||||||
if (params == NULL) return SECFailure;
|
if (params == NULL) return SECFailure;
|
||||||
|
|
||||||
if (params->data == NULL) return SECFailure;
|
if (params->data == NULL) return SECFailure;
|
||||||
|
|
||||||
|
PORT_Assert(arena);
|
||||||
|
|
||||||
|
/* make a copy of the data into the arena so QuickDER output is valid */
|
||||||
|
rv = SECITEM_CopyItem(arena, &newparams, params);
|
||||||
|
|
||||||
/* Check if params use the standard format.
|
/* Check if params use the standard format.
|
||||||
* The value 0xa1 will appear in the first byte of the parameter data
|
* The value 0xa1 will appear in the first byte of the parameter data
|
||||||
* if the PQG parameters are not using the standard format. This
|
* if the PQG parameters are not using the standard format. This
|
||||||
* code should be changed to use a better method to detect non-standard
|
* code should be changed to use a better method to detect non-standard
|
||||||
* parameters. */
|
* parameters. */
|
||||||
|
|
||||||
if ((params->data[0] != 0xa1) &&
|
if ((newparams.data[0] != 0xa1) &&
|
||||||
(params->data[0] != 0xa0)) {
|
(newparams.data[0] != 0xa0)) {
|
||||||
|
|
||||||
/* PQG params are in the standard format */
|
if (SECSuccess == rv) {
|
||||||
prepare_pqg_params_for_asn1(&pubk->u.dsa.params);
|
/* PQG params are in the standard format */
|
||||||
rv = SEC_ASN1DecodeItem(arena, &pubk->u.dsa.params,
|
prepare_pqg_params_for_asn1(&pubk->u.dsa.params);
|
||||||
SECKEY_PQGParamsTemplate,
|
rv = SEC_QuickDERDecodeItem(arena, &pubk->u.dsa.params,
|
||||||
params);
|
SECKEY_PQGParamsTemplate,
|
||||||
|
&newparams);
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
dual_params.CommParams.prime.len = 0;
|
dual_params.CommParams.prime.len = 0;
|
||||||
|
|
@ -729,52 +757,57 @@ SECKEY_DSADecodePQG(PRArenaPool *arena, SECKEYPublicKey *pubk, SECItem *params)
|
||||||
dual_params.DiffParams.DiffDSAParams.subPrime.len = 0;
|
dual_params.DiffParams.DiffDSAParams.subPrime.len = 0;
|
||||||
dual_params.DiffParams.DiffDSAParams.base.len = 0;
|
dual_params.DiffParams.DiffDSAParams.base.len = 0;
|
||||||
|
|
||||||
/* else the old fortezza-only wrapped format is used. */
|
if (SECSuccess == rv) {
|
||||||
if (params->data[0] == 0xa1) {
|
/* else the old fortezza-only wrapped format is used. */
|
||||||
rv = SEC_ASN1DecodeItem(arena, &dual_params,
|
if (newparams.data[0] == 0xa1) {
|
||||||
SECKEY_FortezzaPreParamTemplate, params);
|
rv = SEC_QuickDERDecodeItem(arena, &dual_params,
|
||||||
} else {
|
SECKEY_FortezzaPreParamTemplate, &newparams);
|
||||||
rv = SEC_ASN1DecodeItem(arena, &dual_params,
|
} else {
|
||||||
SECKEY_FortezzaAltPreParamTemplate, params);
|
rv = SEC_QuickDERDecodeItem(arena, &dual_params,
|
||||||
|
SECKEY_FortezzaAltPreParamTemplate, &newparams);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rv < 0) return rv;
|
|
||||||
|
|
||||||
if ( (dual_params.CommParams.prime.len > 0) &&
|
if ( (dual_params.CommParams.prime.len > 0) &&
|
||||||
(dual_params.CommParams.subPrime.len > 0) &&
|
(dual_params.CommParams.subPrime.len > 0) &&
|
||||||
(dual_params.CommParams.base.len > 0) ) {
|
(dual_params.CommParams.base.len > 0) ) {
|
||||||
/* copy in common params */
|
/* copy in common params */
|
||||||
|
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
|
|
||||||
&dual_params.CommParams.prime);
|
|
||||||
if (rv != SECSuccess) return rv;
|
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
|
|
||||||
&dual_params.CommParams.subPrime);
|
|
||||||
if (rv != SECSuccess) return rv;
|
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
|
|
||||||
&dual_params.CommParams.base);
|
|
||||||
|
|
||||||
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
|
||||||
|
&dual_params.CommParams.prime);
|
||||||
|
}
|
||||||
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
|
||||||
|
&dual_params.CommParams.subPrime);
|
||||||
|
}
|
||||||
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
|
||||||
|
&dual_params.CommParams.base);
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
/* else copy in different params */
|
/* else copy in different params */
|
||||||
|
|
||||||
/* copy DSA PQG parameters */
|
/* copy DSA PQG parameters */
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
|
if (SECSuccess == rv) {
|
||||||
&dual_params.DiffParams.DiffDSAParams.prime);
|
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime,
|
||||||
if (rv != SECSuccess) return rv;
|
&dual_params.DiffParams.DiffDSAParams.prime);
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
|
}
|
||||||
&dual_params.DiffParams.DiffDSAParams.subPrime);
|
if (SECSuccess == rv) {
|
||||||
if (rv != SECSuccess) return rv;
|
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime,
|
||||||
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
|
&dual_params.DiffParams.DiffDSAParams.subPrime);
|
||||||
&dual_params.DiffParams.DiffDSAParams.base);
|
}
|
||||||
|
if (SECSuccess == rv) {
|
||||||
|
rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base,
|
||||||
|
&dual_params.DiffParams.DiffDSAParams.base);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* Decodes the DER encoded fortezza public key and stores the results in a
|
/* Decodes the DER encoded fortezza public key and stores the results in a
|
||||||
* structure of type SECKEYPublicKey. */
|
* structure of type SECKEYPublicKey. */
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -422,10 +422,10 @@ pbe_PK11AlgidToParam(SECAlgorithmID *algid,SECItem *mech)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
|
if (sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
|
||||||
rv = SEC_ASN1DecodeItem(arena, &p5_param,
|
rv = SEC_QuickDERDecodeItem(arena, &p5_param,
|
||||||
SEC_V2PKCS12PBEParameterTemplate, &algid->parameters);
|
SEC_V2PKCS12PBEParameterTemplate, &algid->parameters);
|
||||||
} else {
|
} else {
|
||||||
rv = SEC_ASN1DecodeItem(arena,&p5_param,SEC_PKCS5PBEParameterTemplate,
|
rv = SEC_QuickDERDecodeItem(arena,&p5_param,SEC_PKCS5PBEParameterTemplate,
|
||||||
&algid->parameters);
|
&algid->parameters);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -250,11 +250,18 @@ PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, SECItem *derPKI,
|
||||||
SECStatus rv = SECFailure;
|
SECStatus rv = SECFailure;
|
||||||
|
|
||||||
temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
temparena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
||||||
|
if (!temparena) {
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
pki = PORT_ArenaZNew(temparena, SECKEYPrivateKeyInfo);
|
pki = PORT_ArenaZNew(temparena, SECKEYPrivateKeyInfo);
|
||||||
|
if (!pki) {
|
||||||
|
goto finish;
|
||||||
|
}
|
||||||
pki->arena = temparena;
|
pki->arena = temparena;
|
||||||
|
|
||||||
rv = SEC_ASN1DecodeItem(pki->arena, pki, SECKEY_PrivateKeyInfoTemplate,
|
rv = SEC_QuickDERDecodeItem(pki->arena, pki, SECKEY_PrivateKeyInfoTemplate,
|
||||||
derPKI);
|
derPKI);
|
||||||
|
|
||||||
if( rv != SECSuccess ) {
|
if( rv != SECSuccess ) {
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
|
@ -263,9 +270,13 @@ PK11_ImportDERPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, SECItem *derPKI,
|
||||||
publicValue, isPerm, isPrivate, keyUsage, privk, wincx);
|
publicValue, isPerm, isPrivate, keyUsage, privk, wincx);
|
||||||
|
|
||||||
finish:
|
finish:
|
||||||
if( pki != NULL ) {
|
if( temparena != NULL ) {
|
||||||
/* this zeroes the key and frees the arena */
|
if (pki) {
|
||||||
SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/);
|
/* this zeroes the key and frees the arena */
|
||||||
|
SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/);
|
||||||
|
} else {
|
||||||
|
PORT_FreeArena(temparena, PR_FALSE);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
@ -522,12 +533,12 @@ PK11_ImportPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot,
|
||||||
}
|
}
|
||||||
|
|
||||||
/* decode the private key and any algorithm parameters */
|
/* decode the private key and any algorithm parameters */
|
||||||
rv = SEC_ASN1DecodeItem(arena, lpk, keyTemplate, &pki->privateKey);
|
rv = SEC_QuickDERDecodeItem(arena, lpk, keyTemplate, &pki->privateKey);
|
||||||
if(rv != SECSuccess) {
|
if(rv != SECSuccess) {
|
||||||
goto loser;
|
goto loser;
|
||||||
}
|
}
|
||||||
if(paramDest && paramTemplate) {
|
if(paramDest && paramTemplate) {
|
||||||
rv = SEC_ASN1DecodeItem(arena, paramDest, paramTemplate,
|
rv = SEC_QuickDERDecodeItem(arena, paramDest, paramTemplate,
|
||||||
&(pki->algorithm.parameters));
|
&(pki->algorithm.parameters));
|
||||||
if(rv != SECSuccess) {
|
if(rv != SECSuccess) {
|
||||||
goto loser;
|
goto loser;
|
||||||
|
|
|
||||||
|
|
@ -275,7 +275,7 @@ PK11SDR_Decrypt(SECItem *data, SECItem *result, void *cx)
|
||||||
|
|
||||||
/* Decode the incoming data */
|
/* Decode the incoming data */
|
||||||
memset(&sdrResult, 0, sizeof sdrResult);
|
memset(&sdrResult, 0, sizeof sdrResult);
|
||||||
rv = SEC_ASN1DecodeItem(arena, &sdrResult, template, data);
|
rv = SEC_QuickDERDecodeItem(arena, &sdrResult, template, data);
|
||||||
if (rv != SECSuccess) goto loser; /* Invalid format */
|
if (rv != SECSuccess) goto loser; /* Invalid format */
|
||||||
|
|
||||||
/* Find the slot and key for the given keyid */
|
/* Find the slot and key for the given keyid */
|
||||||
|
|
|
||||||
|
|
@ -34,7 +34,7 @@
|
||||||
* the terms of any one of the MPL, the GPL or the LGPL.
|
* the terms of any one of the MPL, the GPL or the LGPL.
|
||||||
*
|
*
|
||||||
* ***** END LICENSE BLOCK ***** */
|
* ***** END LICENSE BLOCK ***** */
|
||||||
/* $Id: keydb.c,v 1.38 2004-04-27 23:04:38 gerv%gerv.net Exp $ */
|
/* $Id: keydb.c,v 1.39 2004-06-05 00:50:32 jpierre%netscape.com Exp $ */
|
||||||
|
|
||||||
#include "lowkeyi.h"
|
#include "lowkeyi.h"
|
||||||
#include "seccomon.h"
|
#include "seccomon.h"
|
||||||
|
|
@ -1917,10 +1917,13 @@ seckey_decrypt_private_key(NSSLOWKEYEncryptedPrivateKeyInfo *epki,
|
||||||
|
|
||||||
if(dest != NULL)
|
if(dest != NULL)
|
||||||
{
|
{
|
||||||
|
SECItem newPrivateKey;
|
||||||
|
SECItem newAlgParms;
|
||||||
|
|
||||||
SEC_PRINT("seckey_decrypt_private_key()", "PrivateKeyInfo", -1,
|
SEC_PRINT("seckey_decrypt_private_key()", "PrivateKeyInfo", -1,
|
||||||
dest);
|
dest);
|
||||||
|
|
||||||
rv = SEC_ASN1DecodeItem(temparena, pki,
|
rv = SEC_QuickDERDecodeItem(temparena, pki,
|
||||||
nsslowkey_PrivateKeyInfoTemplate, dest);
|
nsslowkey_PrivateKeyInfoTemplate, dest);
|
||||||
if(rv == SECSuccess)
|
if(rv == SECSuccess)
|
||||||
{
|
{
|
||||||
|
|
@ -1929,29 +1932,37 @@ seckey_decrypt_private_key(NSSLOWKEYEncryptedPrivateKeyInfo *epki,
|
||||||
case SEC_OID_PKCS1_RSA_ENCRYPTION:
|
case SEC_OID_PKCS1_RSA_ENCRYPTION:
|
||||||
pk->keyType = NSSLOWKEYRSAKey;
|
pk->keyType = NSSLOWKEYRSAKey;
|
||||||
prepare_low_rsa_priv_key_for_asn1(pk);
|
prepare_low_rsa_priv_key_for_asn1(pk);
|
||||||
rv = SEC_ASN1DecodeItem(permarena, pk,
|
if (SECSuccess != SECITEM_CopyItem(permarena, &newPrivateKey,
|
||||||
|
&pki->privateKey) ) break;
|
||||||
|
rv = SEC_QuickDERDecodeItem(permarena, pk,
|
||||||
nsslowkey_RSAPrivateKeyTemplate,
|
nsslowkey_RSAPrivateKeyTemplate,
|
||||||
&pki->privateKey);
|
&newPrivateKey);
|
||||||
break;
|
break;
|
||||||
case SEC_OID_ANSIX9_DSA_SIGNATURE:
|
case SEC_OID_ANSIX9_DSA_SIGNATURE:
|
||||||
pk->keyType = NSSLOWKEYDSAKey;
|
pk->keyType = NSSLOWKEYDSAKey;
|
||||||
prepare_low_dsa_priv_key_for_asn1(pk);
|
prepare_low_dsa_priv_key_for_asn1(pk);
|
||||||
rv = SEC_ASN1DecodeItem(permarena, pk,
|
if (SECSuccess != SECITEM_CopyItem(permarena, &newPrivateKey,
|
||||||
|
&pki->privateKey) ) break;
|
||||||
|
rv = SEC_QuickDERDecodeItem(permarena, pk,
|
||||||
nsslowkey_DSAPrivateKeyTemplate,
|
nsslowkey_DSAPrivateKeyTemplate,
|
||||||
&pki->privateKey);
|
&newPrivateKey);
|
||||||
if (rv != SECSuccess)
|
if (rv != SECSuccess)
|
||||||
goto loser;
|
goto loser;
|
||||||
prepare_low_pqg_params_for_asn1(&pk->u.dsa.params);
|
prepare_low_pqg_params_for_asn1(&pk->u.dsa.params);
|
||||||
rv = SEC_ASN1DecodeItem(permarena, &pk->u.dsa.params,
|
if (SECSuccess != SECITEM_CopyItem(permarena, &newAlgParms,
|
||||||
|
&pki->algorithm.parameters) ) break;
|
||||||
|
rv = SEC_QuickDERDecodeItem(permarena, &pk->u.dsa.params,
|
||||||
nsslowkey_PQGParamsTemplate,
|
nsslowkey_PQGParamsTemplate,
|
||||||
&pki->algorithm.parameters);
|
&newAlgParms);
|
||||||
break;
|
break;
|
||||||
case SEC_OID_X942_DIFFIE_HELMAN_KEY:
|
case SEC_OID_X942_DIFFIE_HELMAN_KEY:
|
||||||
pk->keyType = NSSLOWKEYDHKey;
|
pk->keyType = NSSLOWKEYDHKey;
|
||||||
prepare_low_dh_priv_key_for_asn1(pk);
|
prepare_low_dh_priv_key_for_asn1(pk);
|
||||||
rv = SEC_ASN1DecodeItem(permarena, pk,
|
if (SECSuccess != SECITEM_CopyItem(permarena, &newPrivateKey,
|
||||||
|
&pki->privateKey) ) break;
|
||||||
|
rv = SEC_QuickDERDecodeItem(permarena, pk,
|
||||||
nsslowkey_DHPrivateKeyTemplate,
|
nsslowkey_DHPrivateKeyTemplate,
|
||||||
&pki->privateKey);
|
&newPrivateKey);
|
||||||
break;
|
break;
|
||||||
#ifdef NSS_ENABLE_ECC
|
#ifdef NSS_ENABLE_ECC
|
||||||
case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
|
case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
|
||||||
|
|
@ -1961,9 +1972,11 @@ seckey_decrypt_private_key(NSSLOWKEYEncryptedPrivateKeyInfo *epki,
|
||||||
fordebug = &pki->privateKey;
|
fordebug = &pki->privateKey;
|
||||||
SEC_PRINT("seckey_decrypt_private_key()", "PrivateKey",
|
SEC_PRINT("seckey_decrypt_private_key()", "PrivateKey",
|
||||||
pk->keyType, fordebug);
|
pk->keyType, fordebug);
|
||||||
rv = SEC_ASN1DecodeItem(permarena, pk,
|
if (SECSuccess != SECITEM_CopyItem(permarena, &newPrivateKey,
|
||||||
|
&pki->privateKey) ) break;
|
||||||
|
rv = SEC_QuickDERDecodeItem(permarena, pk,
|
||||||
nsslowkey_ECPrivateKeyTemplate,
|
nsslowkey_ECPrivateKeyTemplate,
|
||||||
&pki->privateKey);
|
&newPrivateKey);
|
||||||
if (rv != SECSuccess)
|
if (rv != SECSuccess)
|
||||||
goto loser;
|
goto loser;
|
||||||
|
|
||||||
|
|
@ -2059,7 +2072,7 @@ seckey_decode_encrypted_private_key(NSSLOWKEYDBKey *dbkey, SECItem *pwitem)
|
||||||
goto loser;
|
goto loser;
|
||||||
}
|
}
|
||||||
|
|
||||||
rv = SEC_ASN1DecodeItem(temparena, epki,
|
rv = SEC_QuickDERDecodeItem(temparena, epki,
|
||||||
nsslowkey_EncryptedPrivateKeyInfoTemplate,
|
nsslowkey_EncryptedPrivateKeyInfoTemplate,
|
||||||
&(dbkey->derPK));
|
&(dbkey->derPK));
|
||||||
if(rv != SECSuccess) {
|
if(rv != SECSuccess) {
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче