diff --git a/security/nss/lib/certdb/alg1485.c b/security/nss/lib/certdb/alg1485.c index ca18e845e42..9bd24864089 100644 --- a/security/nss/lib/certdb/alg1485.c +++ b/security/nss/lib/certdb/alg1485.c @@ -776,7 +776,7 @@ CERT_DerNameToAscii(SECItem *dername) goto loser; } - rv = SEC_ASN1DecodeItem(arena, &name, CERT_NameTemplate, dername); + rv = SEC_QuickDERDecodeItem(arena, &name, CERT_NameTemplate, dername); if ( rv != SECSuccess ) { goto loser; diff --git a/security/nss/lib/certdb/certdb.c b/security/nss/lib/certdb/certdb.c index 502b06dc68e..15e93b9e051 100644 --- a/security/nss/lib/certdb/certdb.c +++ b/security/nss/lib/certdb/certdb.c @@ -34,7 +34,7 @@ /* * Certificate handling code * - * $Id: certdb.c,v 1.41 2002-08-22 18:05:32 wtc%netscape.com Exp $ + * $Id: certdb.c,v 1.42 2002-08-24 00:45:55 jpierre%netscape.com Exp $ */ #include "nssilock.h" @@ -263,14 +263,14 @@ CERT_NameFromDERCert(SECItem *derCert, SECItem *derName) } PORT_Memset(&sd, 0, sizeof(CERTSignedData)); - rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert); + rv = SEC_QuickDERDecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert); if ( rv ) { goto loser; } PORT_Memset(derName, 0, sizeof(SECItem)); - rv = SEC_ASN1DecodeItem(arena, derName, SEC_CertSubjectTemplate, &sd.data); + rv = SEC_QuickDERDecodeItem(arena, derName, SEC_CertSubjectTemplate, &sd.data); if ( rv ) { goto loser; @@ -307,14 +307,14 @@ CERT_IssuerNameFromDERCert(SECItem *derCert, SECItem *derName) } PORT_Memset(&sd, 0, sizeof(CERTSignedData)); - rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert); + rv = SEC_QuickDERDecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert); if ( rv ) { goto loser; } PORT_Memset(derName, 0, sizeof(SECItem)); - rv = SEC_ASN1DecodeItem(arena, derName, SEC_CertIssuerTemplate, &sd.data); + rv = SEC_QuickDERDecodeItem(arena, derName, SEC_CertIssuerTemplate, &sd.data); if ( rv ) { goto loser; @@ -351,14 +351,14 @@ CERT_SerialNumberFromDERCert(SECItem *derCert, SECItem *derName) } PORT_Memset(&sd, 0, sizeof(CERTSignedData)); - rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert); + rv = SEC_QuickDERDecodeItem(arena, &sd, CERT_SignedDataTemplate, derCert); if ( rv ) { goto loser; } PORT_Memset(derName, 0, sizeof(SECItem)); - rv = SEC_ASN1DecodeItem(arena, derName, SEC_CertSerialNumberTemplate, &sd.data); + rv = SEC_QuickDERDecodeItem(arena, derName, SEC_CertSerialNumberTemplate, &sd.data); if ( rv ) { goto loser; @@ -770,7 +770,7 @@ CERT_DecodeDERCertificate(SECItem *derSignedCert, PRBool copyDER, } /* decode the certificate info */ - rv = SEC_ASN1DecodeItem(arena, cert, SEC_SignedCertificateTemplate, + rv = SEC_QuickDERDecodeItem(arena, cert, SEC_SignedCertificateTemplate, &cert->derCert); if ( rv ) { diff --git a/security/nss/lib/certdb/certv3.c b/security/nss/lib/certdb/certv3.c index 584d75cad33..c5f4016a6d5 100644 --- a/security/nss/lib/certdb/certv3.c +++ b/security/nss/lib/certdb/certv3.c @@ -34,7 +34,7 @@ /* * Code for dealing with X509.V3 extensions. * - * $Id: certv3.c,v 1.1 2000-03-31 19:42:36 relyea%netscape.com Exp $ + * $Id: certv3.c,v 1.2 2002-08-24 00:46:08 jpierre%netscape.com Exp $ */ #include "cert.h" @@ -144,14 +144,14 @@ CERT_FindCertURLExtension(CERTCertificate *cert, int tag, int catag) goto loser; } - rv = SEC_ASN1DecodeItem(arena, &urlstringitem, SEC_IA5StringTemplate, + rv = SEC_QuickDERDecodeItem(arena, &urlstringitem, SEC_IA5StringTemplate, &urlitem); if ( rv != SECSuccess ) { goto loser; } if ( hasbase ) { - rv = SEC_ASN1DecodeItem(arena, &basestringitem, SEC_IA5StringTemplate, + rv = SEC_QuickDERDecodeItem(arena, &basestringitem, SEC_IA5StringTemplate, &baseitem); if ( rv != SECSuccess ) { @@ -249,7 +249,7 @@ CERT_FindNSStringExtension(CERTCertificate *cert, int oidtag) goto loser; } - rv = SEC_ASN1DecodeItem(arena, &tmpItem, SEC_IA5StringTemplate, + rv = SEC_QuickDERDecodeItem(arena, &tmpItem, SEC_IA5StringTemplate, &wrapperItem); if ( rv != SECSuccess ) { diff --git a/security/nss/lib/certdb/certxutl.c b/security/nss/lib/certdb/certxutl.c index 619f576b223..9e9fa9b97a5 100644 --- a/security/nss/lib/certdb/certxutl.c +++ b/security/nss/lib/certdb/certxutl.c @@ -397,7 +397,7 @@ CERT_FindBitStringExtension (CERTCertExtension **extensions, int tag, goto loser; } - rv = SEC_ASN1DecodeItem(arena, &tmpItem, SEC_BitStringTemplate, + rv = SEC_QuickDERDecodeItem(arena, &tmpItem, SEC_BitStringTemplate, &wrapperItem); if ( rv != SECSuccess ) { diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c index 005816b445e..e7f5a462c36 100644 --- a/security/nss/lib/certdb/crl.c +++ b/security/nss/lib/certdb/crl.c @@ -34,7 +34,7 @@ /* * Moved from secpkcs7.c * - * $Id: crl.c,v 1.14 2002-08-08 01:55:34 jpierre%netscape.com Exp $ + * $Id: crl.c,v 1.15 2002-08-24 00:46:21 jpierre%netscape.com Exp $ */ #include "cert.h" @@ -467,7 +467,7 @@ CERT_DecodeDERCrlEx(PRArenaPool *narena, SECItem *derSignedCrl, int type, break; case SEC_KRL_TYPE: - rv = SEC_ASN1DecodeItem + rv = SEC_QuickDERDecodeItem (arena, crl, cert_SignedKrlTemplate, derSignedCrl); break; default: diff --git a/security/nss/lib/certdb/polcyxtn.c b/security/nss/lib/certdb/polcyxtn.c index 8a3f27542a4..da2097ffe15 100644 --- a/security/nss/lib/certdb/polcyxtn.c +++ b/security/nss/lib/certdb/polcyxtn.c @@ -34,7 +34,7 @@ /* * Support for various policy related extensions * - * $Id: polcyxtn.c,v 1.1 2000-03-31 19:42:44 relyea%netscape.com Exp $ + * $Id: polcyxtn.c,v 1.2 2002-08-24 00:46:35 jpierre%netscape.com Exp $ */ #include "seccomon.h" @@ -157,7 +157,7 @@ CERT_DecodeCertificatePoliciesExtension(SECItem *extnValue) policies->arena = arena; /* decode the policy info */ - rv = SEC_ASN1DecodeItem(arena, policies, CERT_CertificatePoliciesTemplate, + rv = SEC_QuickDERDecodeItem(arena, policies, CERT_CertificatePoliciesTemplate, extnValue); if ( rv != SECSuccess ) { @@ -224,7 +224,7 @@ CERT_DecodeUserNotice(SECItem *noticeItem) userNotice->arena = arena; /* decode the user notice */ - rv = SEC_ASN1DecodeItem(arena, userNotice, CERT_UserNoticeTemplate, + rv = SEC_QuickDERDecodeItem(arena, userNotice, CERT_UserNoticeTemplate, noticeItem); if ( rv != SECSuccess ) { @@ -250,7 +250,7 @@ CERT_DecodeUserNotice(SECItem *noticeItem) userNotice->derNoticeReference.len); /* OK, no decode it */ - rv = SEC_ASN1DecodeItem(arena, &userNotice->noticeReference, + rv = SEC_QuickDERDecodeItem(arena, &userNotice->noticeReference, CERT_NoticeReferenceTemplate, &tmpbuf); PORT_Free(tmpbuf.data); tmpbuf.data = NULL; @@ -468,7 +468,7 @@ CERT_DecodeOidSequence(SECItem *seqItem) oidSeq->arena = arena; /* decode the user notice */ - rv = SEC_ASN1DecodeItem(arena, oidSeq, CERT_OidSeqTemplate, seqItem); + rv = SEC_QuickDERDecodeItem(arena, oidSeq, CERT_OidSeqTemplate, seqItem); if ( rv != SECSuccess ) { goto loser; diff --git a/security/nss/lib/certdb/secname.c b/security/nss/lib/certdb/secname.c index 9296fd86d45..002c481c441 100644 --- a/security/nss/lib/certdb/secname.c +++ b/security/nss/lib/certdb/secname.c @@ -566,6 +566,7 @@ CERT_DecodeAVAValue(SECItem *derAVAValue) PRBool convertUCS4toUTF8 = PR_FALSE; PRBool convertUCS2toUTF8 = PR_FALSE; SECItem avaValue = {siBuffer, 0}; + PRArenaPool* newarena = NULL; if(!derAVAValue) { return NULL; @@ -598,7 +599,11 @@ CERT_DecodeAVAValue(SECItem *derAVAValue) } PORT_Memset(&avaValue, 0, sizeof(SECItem)); - if(SEC_ASN1DecodeItem(NULL, &avaValue, theTemplate, derAVAValue) + newarena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); + if (!newarena) { + return NULL; + } + if(SEC_QuickDERDecodeItem(newarena, &avaValue, theTemplate, derAVAValue) != SECSuccess) { return NULL; } @@ -610,11 +615,11 @@ CERT_DecodeAVAValue(SECItem *derAVAValue) if(!PORT_UCS4_UTF8Conversion(PR_FALSE, avaValue.data, avaValue.len, utf8Val, utf8ValLen, &utf8ValLen)) { PORT_Free(utf8Val); - PORT_Free(avaValue.data); + PORT_FreeArena(newarena, PR_FALSE); return NULL; } - PORT_Free(avaValue.data); + PORT_FreeArena(newarena, PR_FALSE); avaValue.data = utf8Val; avaValue.len = utf8ValLen; @@ -626,16 +631,16 @@ CERT_DecodeAVAValue(SECItem *derAVAValue) if(!PORT_UCS2_UTF8Conversion(PR_FALSE, avaValue.data, avaValue.len, utf8Val, utf8ValLen, &utf8ValLen)) { PORT_Free(utf8Val); - PORT_Free(avaValue.data); + PORT_FreeArena(newarena, PR_FALSE); return NULL; } - PORT_Free(avaValue.data); + PORT_FreeArena(newarena, PR_FALSE); avaValue.data = utf8Val; avaValue.len = utf8ValLen; } retItem = SECITEM_DupItem(&avaValue); - PORT_Free(avaValue.data); + PORT_FreeArena(newarena, PR_FALSE); return retItem; } diff --git a/security/nss/lib/certdb/xauthkid.c b/security/nss/lib/certdb/xauthkid.c index 8b7ac4a9252..6e84f579d18 100644 --- a/security/nss/lib/certdb/xauthkid.c +++ b/security/nss/lib/certdb/xauthkid.c @@ -119,7 +119,7 @@ CERT_DecodeAuthKeyID (PRArenaPool *arena, SECItem *encodedValue) value->DERAuthCertIssuer = NULL; if (value == NULL) break; - rv = SEC_ASN1DecodeItem + rv = SEC_QuickDERDecodeItem (arena, value, CERTAuthKeyIDTemplate, encodedValue); if (rv != SECSuccess) break; diff --git a/security/nss/lib/certdb/xbsconst.c b/security/nss/lib/certdb/xbsconst.c index 5c16b651ce1..fea0e5dc885 100644 --- a/security/nss/lib/certdb/xbsconst.c +++ b/security/nss/lib/certdb/xbsconst.c @@ -137,7 +137,7 @@ SECStatus CERT_DecodeBasicConstraintValue GEN_BREAK (SECFailure); } - rv = SEC_ASN1DecodeItem + rv = SEC_QuickDERDecodeItem (our_pool, &decodeContext, CERTBasicConstraintsTemplate, encodedValue); if (rv == SECFailure) break; diff --git a/security/nss/lib/certhigh/ocsp.c b/security/nss/lib/certhigh/ocsp.c index d6f67711894..770aaf1edbc 100644 --- a/security/nss/lib/certhigh/ocsp.c +++ b/security/nss/lib/certhigh/ocsp.c @@ -35,7 +35,7 @@ * Implementation of OCSP services, for both client and server. * (XXX, really, mostly just for client right now, but intended to do both.) * - * $Id: ocsp.c,v 1.11 2002-08-04 02:50:40 jpierre%netscape.com Exp $ + * $Id: ocsp.c,v 1.12 2002-08-24 00:47:30 jpierre%netscape.com Exp $ */ #include "prerror.h" @@ -572,7 +572,7 @@ CERT_DecodeOCSPRequest(SECItem *src) } dest->arena = arena; - rv = SEC_ASN1DecodeItem(arena, dest, ocsp_OCSPRequestTemplate, src); + rv = SEC_QuickDERDecodeItem(arena, dest, ocsp_OCSPRequestTemplate, src); if (rv != SECSuccess) { if (PORT_GetError() == SEC_ERROR_BAD_DER) PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST); @@ -1304,7 +1304,7 @@ ocsp_DecodeBasicOCSPResponse(PRArenaPool *arena, SECItem *src) goto loser; } - rv = SEC_ASN1DecodeItem(arena, basicResponse, + rv = SEC_QuickDERDecodeItem(arena, basicResponse, ocsp_BasicOCSPResponseTemplate, src); if (rv != SECSuccess) { if (PORT_GetError() == SEC_ERROR_BAD_DER) @@ -1333,7 +1333,7 @@ ocsp_DecodeBasicOCSPResponse(PRArenaPool *arena, SECItem *src) if (responderID == NULL) { goto loser; } - rv = SEC_ASN1DecodeItem(arena, responderID, responderIDTemplate, + rv = SEC_QuickDERDecodeItem(arena, responderID, responderIDTemplate, &responseData->derResponderID); if (rv != SECSuccess) { if (PORT_GetError() == SEC_ERROR_BAD_DER) @@ -1433,7 +1433,7 @@ CERT_DecodeOCSPResponse(SECItem *src) } response->arena = arena; - rv = SEC_ASN1DecodeItem(arena, response, ocsp_OCSPResponseTemplate, src); + rv = SEC_QuickDERDecodeItem(arena, response, ocsp_OCSPResponseTemplate, src); if (rv != SECSuccess) { if (PORT_GetError() == SEC_ERROR_BAD_DER) PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE); diff --git a/security/nss/lib/certhigh/xcrldist.c b/security/nss/lib/certhigh/xcrldist.c index d560cfd2368..6f8a014f09a 100644 --- a/security/nss/lib/certhigh/xcrldist.c +++ b/security/nss/lib/certhigh/xcrldist.c @@ -155,7 +155,7 @@ CERT_DecodeCRLDistributionPoints (PRArenaPool *arena, SECItem *encodedValue) break; } - rv = SEC_ASN1DecodeItem + rv = SEC_QuickDERDecodeItem (arena, &value->distPoints, CERTCRLDistributionPointsTemplate, encodedValue); if (rv != SECSuccess) @@ -173,7 +173,7 @@ CERT_DecodeCRLDistributionPoints (PRArenaPool *arena, SECItem *encodedValue) SECItem innerDER; innerDER.data = NULL; - rv = SEC_ASN1DecodeItem + rv = SEC_QuickDERDecodeItem (arena, point, FullNameTemplate, &(point->derDistPoint)); if (rv != SECSuccess) break; @@ -184,7 +184,7 @@ CERT_DecodeCRLDistributionPoints (PRArenaPool *arena, SECItem *encodedValue) break; } else if ( relativeDistinguishedName) { - rv = SEC_ASN1DecodeItem + rv = SEC_QuickDERDecodeItem (arena, point, RelativeNameTemplate, &(point->derDistPoint)); if (rv != SECSuccess) break; diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c index 1ca123c26d7..7f0b4025aaf 100644 --- a/security/nss/lib/cryptohi/seckey.c +++ b/security/nss/lib/cryptohi/seckey.c @@ -921,7 +921,7 @@ seckey_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki) case SEC_OID_PKCS1_RSA_ENCRYPTION: pubk->keyType = rsaKey; prepare_rsa_pub_key_for_asn1(pubk); - rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate, &os); + rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate, &os); if (rv == SECSuccess) return pubk; break; @@ -929,7 +929,7 @@ seckey_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki) case SEC_OID_SDN702_DSA_SIGNATURE: pubk->keyType = dsaKey; prepare_dsa_pub_key_for_asn1(pubk); - rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_DSAPublicKeyTemplate, &os); + rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DSAPublicKeyTemplate, &os); if (rv != SECSuccess) break; rv = SECKEY_DSADecodePQG(arena, pubk, @@ -940,10 +940,10 @@ seckey_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki) case SEC_OID_X942_DIFFIE_HELMAN_KEY: pubk->keyType = dhKey; prepare_dh_pub_key_for_asn1(pubk); - rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_DHPublicKeyTemplate, &os); + rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DHPublicKeyTemplate, &os); if (rv != SECSuccess) break; - rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_DHParamKeyTemplate, + rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_DHParamKeyTemplate, &spki->algorithm.parameters); if (rv == SECSuccess) return pubk; @@ -963,12 +963,12 @@ seckey_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki) pubk->keyType = keaKey; prepare_kea_pub_key_for_asn1(pubk); - rv = SEC_ASN1DecodeItem(arena, pubk, + rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_KEAPublicKeyTemplate, &os); if (rv != SECSuccess) break; - rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_KEAParamsTemplate, + rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_KEAParamsTemplate, &spki->algorithm.parameters); if (rv == SECSuccess) @@ -982,7 +982,7 @@ seckey_ExtractPublicKey(CERTSubjectPublicKeyInfo *spki) rv = SECITEM_CopyItem(arena,&pubk->u.kea.publicValue,&os); if (rv != SECSuccess) break; - rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_KEAParamsTemplate, + rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_KEAParamsTemplate, &spki->algorithm.parameters); if (rv == SECSuccess) @@ -1443,7 +1443,7 @@ SECKEY_DecodeDERPublicKey(SECItem *pubkder) pubk->pkcs11Slot = NULL; pubk->pkcs11ID = 0; prepare_rsa_pub_key_for_asn1(pubk); - rv = SEC_ASN1DecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate, + rv = SEC_QuickDERDecodeItem(arena, pubk, SECKEY_RSAPublicKeyTemplate, pubkder); if (rv == SECSuccess) return pubk; @@ -1516,7 +1516,7 @@ SECKEY_DecodeDERSubjectPublicKeyInfo(SECItem *spkider) PORT_ArenaZAlloc(arena, sizeof (CERTSubjectPublicKeyInfo)); if (spki != NULL) { spki->arena = arena; - rv = SEC_ASN1DecodeItem(arena,spki, + rv = SEC_QuickDERDecodeItem(arena,spki, CERT_SubjectPublicKeyInfoTemplate,spkider); if (rv == SECSuccess) return spki; @@ -1583,14 +1583,14 @@ SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge, /* decode the outer wrapping of signed data */ PORT_Memset(&sd, 0, sizeof(CERTSignedData)); - rv = SEC_ASN1DecodeItem(arena, &sd, CERT_SignedDataTemplate, &signedItem ); + rv = SEC_QuickDERDecodeItem(arena, &sd, CERT_SignedDataTemplate, &signedItem ); if ( rv ) { goto loser; } /* decode the public key and challenge wrapper */ PORT_Memset(&pkac, 0, sizeof(CERTPublicKeyAndChallenge)); - rv = SEC_ASN1DecodeItem(arena, &pkac, CERT_PublicKeyAndChallengeTemplate, + rv = SEC_QuickDERDecodeItem(arena, &pkac, CERT_PublicKeyAndChallengeTemplate, &sd.data); if ( rv ) { goto loser; diff --git a/security/nss/lib/fortcrypt/swfort/swfparse.c b/security/nss/lib/fortcrypt/swfort/swfparse.c index 4422cb18aa3..92b5bae2dcd 100644 --- a/security/nss/lib/fortcrypt/swfort/swfparse.c +++ b/security/nss/lib/fortcrypt/swfort/swfparse.c @@ -332,7 +332,7 @@ FORT_GetSWFile(SECItem *initBits) if (sw_init_file == NULL) goto fail; /* ANS1 decode the complete init file */ - rv = SEC_ASN1DecodeItem(arena,sw_init_file,fortSwFortezzaInitFile,initBits); + rv = SEC_QuickDERDecodeItem(arena,sw_init_file,fortSwFortezzaInitFile,initBits); if (rv != SECSuccess) { goto fail; } diff --git a/security/nss/lib/softoken/lowcert.c b/security/nss/lib/softoken/lowcert.c index 29084063757..27fe57fdb2d 100644 --- a/security/nss/lib/softoken/lowcert.c +++ b/security/nss/lib/softoken/lowcert.c @@ -34,7 +34,7 @@ /* * Certificate handling code * - * $Id: lowcert.c,v 1.11 2002-07-25 03:59:38 wtc%netscape.com Exp $ + * $Id: lowcert.c,v 1.12 2002-08-24 00:49:11 jpierre%netscape.com Exp $ */ #include "seccomon.h" @@ -512,7 +512,7 @@ nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *cert) PORT_Memset(&spki,0,sizeof(spki)); /* we haven't bothered decoding the spki struct yet, do it now */ - rv = SEC_ASN1DecodeItem(arena, &spki, + rv = SEC_QuickDERDecodeItem(arena, &spki, nsslowcert_SubjectPublicKeyInfoTemplate, &cert->derSubjKeyInfo); if (rv != SECSuccess) { PORT_FreeArena (arena, PR_FALSE); @@ -529,7 +529,7 @@ nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *cert) case SEC_OID_PKCS1_RSA_ENCRYPTION: pubk->keyType = NSSLOWKEYRSAKey; prepare_low_rsa_pub_key_for_asn1(pubk); - rv = SEC_ASN1DecodeItem(arena, pubk, + rv = SEC_QuickDERDecodeItem(arena, pubk, nsslowcert_RSAPublicKeyTemplate, &os); if (rv == SECSuccess) return pubk; @@ -537,14 +537,14 @@ nsslowcert_ExtractPublicKey(NSSLOWCERTCertificate *cert) case SEC_OID_ANSIX9_DSA_SIGNATURE: pubk->keyType = NSSLOWKEYDSAKey; prepare_low_dsa_pub_key_for_asn1(pubk); - rv = SEC_ASN1DecodeItem(arena, pubk, + rv = SEC_QuickDERDecodeItem(arena, pubk, nsslowcert_DSAPublicKeyTemplate, &os); if (rv == SECSuccess) return pubk; break; case SEC_OID_X942_DIFFIE_HELMAN_KEY: pubk->keyType = NSSLOWKEYDHKey; prepare_low_dh_pub_key_for_asn1(pubk); - rv = SEC_ASN1DecodeItem(arena, pubk, + rv = SEC_QuickDERDecodeItem(arena, pubk, nsslowcert_DHPublicKeyTemplate, &os); if (rv == SECSuccess) return pubk; break; diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index 91a6a195bcd..7b706d5f6c5 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -3668,7 +3668,7 @@ pk11_unwrapPrivateKey(PK11Object *key, SECItem *bpki) return SECFailure; } - if(SEC_ASN1DecodeItem(arena, pki, nsslowkey_PrivateKeyInfoTemplate, bpki) + if(SEC_QuickDERDecodeItem(arena, pki, nsslowkey_PrivateKeyInfoTemplate, bpki) != SECSuccess) { PORT_FreeArena(arena, PR_FALSE); return SECFailure; @@ -3710,12 +3710,12 @@ pk11_unwrapPrivateKey(PK11Object *key, SECItem *bpki) } /* decode the private key and any algorithm parameters */ - rv = SEC_ASN1DecodeItem(arena, lpk, keyTemplate, &pki->privateKey); + rv = SEC_QuickDERDecodeItem(arena, lpk, keyTemplate, &pki->privateKey); if(rv != SECSuccess) { goto loser; } if(paramDest && paramTemplate) { - rv = SEC_ASN1DecodeItem(arena, paramDest, paramTemplate, + rv = SEC_QuickDERDecodeItem(arena, paramDest, paramTemplate, &(pki->algorithm.parameters)); if(rv != SECSuccess) { goto loser;