Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(277)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/third_party/nss/ssl/srp.c

Issue 6804032: Add TLS-SRP (RFC 5054) support Base URL: http://git.chromium.org/git/chromium.git@trunk
Patch Set: Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/third_party/nss/ssl/mpi/secmpi.h ('k') | net/third_party/nss/ssl/srp_groups.h » ('j') | ppapi/c/dev/ppb_opengles_dev.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Initial Developer of the Original Code is
15 * Steffen Schulz - pepe (at) cbg.dyndns.org
16 *
17 * Portions created by the Initial Developer are Copyright (C) 2007
18 * the Initial Developer. All Rights Reserved.
19 *
20 * Contributor(s):
21 *
22 * Alternatively, the contents of this file may be used under the terms of
23 * either the GNU General Public License Version 2 or later (the "GPL"), or
24 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
25 * in which case the provisions of the GPL or the LGPL are applicable instead
26 * of those above. If you wish to allow use of your version of this file only
27 * under the terms of either the GPL or the LGPL, and not to allow others to
28 * use your version of this file under the terms of the MPL, indicate your
29 * decision by deleting the provisions above and replace them with the notice
30 * and other provisions required by the GPL or the LGPL. If you do not delete
31 * the provisions above, a recipient may use your version of this file under
32 * the terms of any one of the MPL, the GPL or the LGPL.
33 *
34 * ***** END LICENSE BLOCK ***** */
35
36 /*
37 * This file implements the core SRP algorithms described in rfc 5054
38 * for enabling secure password based authentication in TLS via SRP.
39 *
40 * See also:
41 * Wu, T., "SRP-6: Improvements and Refinements to the Secure
42 * Remote Password Protocol", October 2002,
43 * <http://srp.stanford.edu/srp6.ps>.
44 */
45
46 #ifdef FREEBL_NO_DEPEND
47 #include "stubs.h"
48 #endif
49
50 #include "secerr.h"
51 #include "blapi.h"
52 #include "mpi/mpi.h"
53 #include "mpi/secmpi.h"
54 #include "secitem.h"
55 #include "keythi.h"
56 #include "plbase64.h"
57
58 #include "srp_groups.h"
59
60 /* length of srp secret keys in byte */
61 #define SRP_SECRET_KEY_LEN 32
62
63
64 /* check if (N,g) are among the known-good group params */
65 static SECStatus check_srp_group(const mp_int *N, const mp_int *g) {
66 int i;
67 char *N_str;
68 char *g_str;
69 mp_err err;
70 SECStatus rv = SECFailure;
71
72 N_str = PORT_Alloc(mp_radix_size(N, 16));
73 g_str = PORT_Alloc(mp_radix_size(g, 16));
74
75 CHECK_MPI_OK(mp_toradix(N, N_str, 16));
76 CHECK_MPI_OK(mp_toradix(g, g_str, 16));
77
78 /* compare bytes and length */
79 for ( i=0; i < SRP_KNOWN_GROUPS; i++)
80 if (PORT_Strcmp(N_str, known_srp_groups[i].modulus))
81 if (PORT_Strcmp(g_str, known_srp_groups[i].generator)) {
82 rv = SECSuccess;
83 break;
84 }
85
86 if (rv !=SECSuccess)
87 PORT_SetError(SEC_ERROR_SRP_UNSUPPORTED_GROUP);
88
89 cleanup:
90 PORT_Free(N_str);
91 PORT_Free(g_str);
92 if (err) {
93 MP_TO_SEC_ERROR(err);
94 rv = SECFailure;
95 }
96
97 return rv;
98 }
99
100 /* check if B%N = 0 -> trapdoor */
101 static SECStatus srp_backdoor_check(const mp_int *N, const mp_int *B) {
102
103 mp_int res;
104 mp_err err;
105
106 CHECK_MPI_OK(mp_init(&res));
107 CHECK_MPI_OK(mp_mod(B, N, &res));
108
109
110 if ( mp_cmp_z(&res) == 0) {
111 PORT_SetError(SEC_ERROR_SRP_ILLEGAL_PARAMETER);
112 return SECFailure;
113 }
114 cleanup:
115 mp_clear(&res);
116 if (err) {
117 MP_TO_SEC_ERROR(err);
118 return SECFailure;
119 }
120 return SECSuccess;
121 }
122
123 /* SRP_DeriveKey computes common key 'pms'
124 *
125 * The pre-master secret is calculated as follows:
126 *
127 * u = SHA1(PAD(A) | PAD(B))
128 * k = SHA1(N | PAD(g))
129 * pms = (A * v^u) ^ b % N
130 *
131 * PAD() left-paddes with \0 until length of N
132 */
133
134 SECStatus SRP_ServerDerive(SRPPrivateKey *prvKey, SRPDeriveParams *srp,
135 SECItem *pms) {
136 mp_int mp_pms, mp_res;
137 mp_int mp_A, mp_b, mp_v;
138 mp_int mp_N, mp_g, mp_u, mp_k;
139 SECItem *it_u, *it_k;
140 unsigned char *zero;
141 unsigned int len = srp->N.len;
142 SHA1Context *ctx = SHA1_NewContext();
143 SECStatus rv = SECFailure;
144 mp_err err = MP_OKAY;
145
146 CHECK_MPI_OK(mp_init(&mp_N));
147 CHECK_MPI_OK(mp_init(&mp_g));
148 CHECK_MPI_OK(mp_init(&mp_u));
149 CHECK_MPI_OK(mp_init(&mp_k));
150 CHECK_MPI_OK(mp_init(&mp_v));
151 CHECK_MPI_OK(mp_init(&mp_b));
152 CHECK_MPI_OK(mp_init(&mp_A));
153 CHECK_MPI_OK(mp_init(&mp_res));
154 CHECK_MPI_OK(mp_init(&mp_pms));
155
156 zero = PORT_ZAlloc(len);
157 it_u = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH);
158 it_k = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH);
159
160 if (!zero || !it_u || !it_k) {
161 PORT_SetError(SEC_ERROR_NO_MEMORY);
162 goto cleanup;
163 }
164
165 /* u = SHA1( PAD(A) | PAD(B) ) */
166 SHA1_Begin(ctx);
167 SHA1_Update(ctx, zero, len - srp->ppub.len);
168 SHA1_Update(ctx, srp->ppub.data, srp->ppub.len);
169 SHA1_Update(ctx, zero, len - prvKey->pubKey.len);
170 SHA1_Update(ctx, prvKey->pubKey.data, prvKey->pubKey.len);
171 SHA1_End(ctx, it_u->data, &it_u->len, SHA1_LENGTH);
172
173 /* k = SHA1( N | PAD(g) ) */
174 SHA1_Begin(ctx);
175 SHA1_Update(ctx, srp->N.data, srp->N.len);
176 SHA1_Update(ctx, zero, len - srp->g.len);
177 SHA1_Update(ctx, srp->g.data, srp->g.len);
178 SHA1_End(ctx, it_k->data, &it_k->len, SHA1_LENGTH);
179
180 /*
181 * calculate pms = (A * v^u) ^ b % N
182 */
183
184 SECITEM_TO_MPINT(*it_u, &mp_u);
185 SECITEM_TO_MPINT(*it_k, &mp_k);
186 SECITEM_TO_MPINT(srp->N, &mp_N);
187 SECITEM_TO_MPINT(srp->g, &mp_g);
188 SECITEM_TO_MPINT(srp->ppub,&mp_A);
189 SECITEM_TO_MPINT(prvKey->secret, &mp_v);
190 SECITEM_TO_MPINT(prvKey->prvKey, &mp_b);
191
192 CHECK_MPI_OK(mp_exptmod(&mp_v, &mp_u, &mp_N, &mp_res));
193 CHECK_MPI_OK(mp_mulmod(&mp_A, &mp_res, &mp_N, &mp_res));
194 CHECK_MPI_OK(mp_exptmod(&mp_res, &mp_b, &mp_N, &mp_pms));
195
196 MPINT_TO_SECITEM(&mp_pms, pms, NULL);
197
198 rv = SECSuccess;
199 cleanup:
200 PORT_Free(zero);
201 SECITEM_FreeItem(it_u, PR_TRUE);
202 SECITEM_FreeItem(it_k, PR_TRUE);
203 SHA1_DestroyContext(ctx, PR_TRUE);
204 mp_clear(&mp_N);
205 mp_clear(&mp_g);
206 mp_clear(&mp_b);
207 mp_clear(&mp_A);
208 mp_clear(&mp_k);
209 mp_clear(&mp_u);
210 mp_clear(&mp_v);
211 mp_clear(&mp_pms);
212 mp_clear(&mp_res);
213 if (err) {
214 MP_TO_SEC_ERROR(err);
215 rv = SECFailure;
216 }
217 return rv;
218 }
219
220 /* SRP_ClientDerive, computes common key 'pms'
221 *
222 * The pre-master secret is calculated as follows:
223 *
224 * u = SHA1(PAD(A) | PAD(B))
225 * k = SHA1(N | PAD(g))
226 * x = SHA1(s | SHA1(I | ":" | P))
227 * pms = (B - (k * g^x)) ^ (a + (u * x)) % N
228 *
229 * PAD() left-paddes with \0 until length of N
230 */
231 SECStatus SRP_ClientDerive(SRPPrivateKey *prvKey, SRPDeriveParams *srp,
232 SECItem * pms) {
233
234 /* mp_int use pointers*/
235 unsigned char *zero = NULL;
236 mp_int mp_pms, mp_res1, mp_res2;
237 mp_int mp_B, mp_a, mp_A;
238 mp_int mp_N, mp_g, mp_u;
239 mp_int mp_k, mp_x;
240 mp_err err = MP_OKAY;
241 SECItem *it_u = NULL;
242 SECItem *it_k = NULL;
243 SECItem *it_x = NULL;
244 SHA1Context *ctx = SHA1_NewContext();
245 unsigned int len = srp->N.len;
246 SECStatus rv = SECFailure;
247
248 if (prvKey->secret.len == 0) {
249 /* XXX this error is probably meant for token passwords
250 * anyway, we use it to show missing password in bypass mode*/
251 PORT_SetError(SEC_ERROR_BAD_PASSWORD);
252 return SECFailure;
253 }
254
255 CHECK_MPI_OK(mp_init(&mp_N));
256 CHECK_MPI_OK(mp_init(&mp_g));
257 CHECK_MPI_OK(mp_init(&mp_u));
258 CHECK_MPI_OK(mp_init(&mp_k));
259 CHECK_MPI_OK(mp_init(&mp_x));
260 CHECK_MPI_OK(mp_init(&mp_A));
261 CHECK_MPI_OK(mp_init(&mp_a));
262 CHECK_MPI_OK(mp_init(&mp_B));
263 CHECK_MPI_OK(mp_init(&mp_res1));
264 CHECK_MPI_OK(mp_init(&mp_res2));
265 CHECK_MPI_OK(mp_init(&mp_pms));
266
267 /* check server-supplied parameters */
268 SECITEM_TO_MPINT(srp->N, &mp_N);
269 SECITEM_TO_MPINT(srp->g, &mp_g);
270 SECITEM_TO_MPINT(srp->ppub,&mp_B);
271
272 CHECK_SEC_OK(srp_backdoor_check(&mp_N, &mp_B));
273
274 /*
275 * create hashed variables u, k, x
276 */
277
278 zero = PORT_ZAlloc(len);
279 it_u = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH);
280 it_k = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH);
281 it_x = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH);
282
283 if (!zero || !it_u || !it_k || !it_x) {
284 PORT_SetError(SEC_ERROR_NO_MEMORY);
285 goto cleanup;
286 }
287
288 /* u = SHA1( PAD(A) | PAD(B) ) */
289 SHA1_Begin(ctx);
290 SHA1_Update(ctx, zero, len - prvKey->pubKey.len);
291 SHA1_Update(ctx, prvKey->pubKey.data, prvKey->pubKey.len);
292 SHA1_Update(ctx, zero, len - srp->ppub.len);
293 SHA1_Update(ctx, srp->ppub.data, srp->ppub.len);
294 SHA1_End(ctx, it_u->data, &it_u->len, SHA1_LENGTH);
295
296 /* k = SHA1( N | PAD(g) ) */
297 SHA1_Begin(ctx);
298 SHA1_Update(ctx, srp->N.data, srp->N.len);
299 SHA1_Update(ctx, zero, len - srp->g.len);
300 SHA1_Update(ctx, srp->g.data, srp->g.len);
301 SHA1_End(ctx, it_k->data, &it_k->len, SHA1_LENGTH);
302
303 /* x = SHA1(s | SHA1(I | ":" | P)) */
304 SHA1_Begin(ctx);
305 SHA1_Update(ctx, srp->u.data, srp->u.len);
306 SHA1_Update(ctx,(unsigned char *)":",1);
307 SHA1_Update(ctx, prvKey->secret.data, prvKey->secret.len);
308 SHA1_End(ctx, it_x->data, &it_x->len, SHA1_LENGTH);
309
310 SHA1_Begin(ctx);
311 SHA1_Update(ctx, srp->s.data, srp->s.len);
312 SHA1_Update(ctx, it_x->data, it_x->len);
313 SHA1_End(ctx, it_x->data, &it_x->len, SHA1_LENGTH);
314
315 /*
316 * compute pms = (B - (k * g^x)) ^ (a + (u * x)) % N
317 */
318
319 SECITEM_TO_MPINT(*it_u, &mp_u);
320 SECITEM_TO_MPINT(*it_k, &mp_k);
321 SECITEM_TO_MPINT(*it_x, &mp_x);
322 SECITEM_TO_MPINT(prvKey->prvKey, &mp_a);
323
324 CHECK_MPI_OK(mp_exptmod(&mp_g,&mp_x,&mp_N,&mp_res2));
325 CHECK_MPI_OK(mp_mulmod(&mp_res2,&mp_k,&mp_N,&mp_res2));
326 CHECK_MPI_OK(mp_submod(&mp_B,&mp_res2,&mp_N,&mp_res2));
327 CHECK_MPI_OK(mp_mul(&mp_u, &mp_x, &mp_res1));
328 CHECK_MPI_OK(mp_add(&mp_res1,&mp_a,&mp_res1));
329 CHECK_MPI_OK(mp_exptmod(&mp_res2,&mp_res1,&mp_N,&mp_pms));
330
331 MPINT_TO_SECITEM(&mp_pms, pms, NULL);
332 rv = SECSuccess;
333 cleanup:
334 PORT_Free(zero);
335 SECITEM_FreeItem(it_u, PR_TRUE);
336 SECITEM_FreeItem(it_k, PR_TRUE);
337 SECITEM_FreeItem(it_x, PR_TRUE);
338 SHA1_DestroyContext(ctx, PR_TRUE);
339 mp_clear(&mp_N);
340 mp_clear(&mp_g);
341 mp_clear(&mp_a);
342 mp_clear(&mp_A);
343 mp_clear(&mp_B);
344 mp_clear(&mp_k);
345 mp_clear(&mp_u);
346 mp_clear(&mp_x);
347 mp_clear(&mp_pms);
348 mp_clear(&mp_res1);
349 mp_clear(&mp_res2);
350 if (err) {
351 MP_TO_SEC_ERROR(err);
352 rv = SECFailure;
353 }
354 return rv;
355 }
356
357
358 /* SRP_NewServerKeyPair
359 * creates a new srp key pair for the server
360 *
361 * k = SHA1(N | PAD(g))
362 * pubKey = k*v + g^prvKey % N
363 */
364 SECStatus SRP_NewServerKeyPair(SRPPrivateKey **prvKey, SRPKeyPairParams *srp) {
365
366 mp_int mp_N, mp_g, mp_pub, mp_prv, mp_k, mp_v, mp_res;
367 PRArenaPool *arena;
368 SRPPrivateKey *key;
369 SECItem *it_k;
370 unsigned char *zero;
371 mp_err err = MP_OKAY;
372 SECStatus rv = SECFailure;
373 SHA1Context *ctx = SHA1_NewContext();
374
375
376 if (!srp || !prvKey) {
377 PORT_SetError(SEC_ERROR_INVALID_ARGS);
378 return SECFailure;
379 }
380 arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
381 if (!arena) {
382 PORT_SetError(SEC_ERROR_NO_MEMORY);
383 return SECFailure;
384 }
385 key = (SRPPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(SRPPrivateKey));
386 if (!key) {
387 PORT_FreeArena(arena, PR_TRUE);
388 PORT_SetError(SEC_ERROR_NO_MEMORY);
389 return SECFailure;
390 }
391 key->arena = arena;
392
393 /* prv=rand() */
394 SECITEM_AllocItem(arena, &key->prvKey, SRP_SECRET_KEY_LEN);
395 rv = RNG_GenerateGlobalRandomBytes(key->prvKey.data, key->prvKey.len);
396
397 if (rv != SECSuccess || !(&key->prvKey)) {
398 PORT_SetError(SEC_ERROR_NO_MEMORY);
399 PORT_FreeArena(arena, PR_TRUE);
400 return SECFailure;
401 }
402
403 it_k = SECITEM_AllocItem(NULL, NULL, SHA1_LENGTH);
404 zero = PORT_ZAlloc(srp->N.len);
405
406 if (!zero || !it_k) {
407 PORT_SetError(SEC_ERROR_NO_MEMORY);
408 goto cleanup;
409 }
410
411 /* k = SHA1( N | PAD(g) ) */
412 SHA1_Begin(ctx);
413 SHA1_Update(ctx, srp->N.data, srp->N.len);
414 SHA1_Update(ctx, zero, srp->N.len - srp->g.len);
415 SHA1_Update(ctx, srp->g.data, srp->g.len);
416 SHA1_End(ctx, it_k->data, &it_k->len, SHA1_LENGTH);
417
418 /*
419 * create key pair
420 */
421 CHECK_MPI_OK( mp_init(&mp_N) );
422 CHECK_MPI_OK( mp_init(&mp_g) );
423 CHECK_MPI_OK( mp_init(&mp_k) );
424 CHECK_MPI_OK( mp_init(&mp_v) );
425 CHECK_MPI_OK( mp_init(&mp_pub));
426 CHECK_MPI_OK( mp_init(&mp_prv));
427 CHECK_MPI_OK( mp_init(&mp_res));
428 SECITEM_TO_MPINT(*it_k, &mp_k);
429 SECITEM_TO_MPINT(srp->N, &mp_N);
430 SECITEM_TO_MPINT(srp->g, &mp_g);
431 SECITEM_TO_MPINT(srp->secret, &mp_v);
432 SECITEM_TO_MPINT(key->prvKey, &mp_prv);
433
434 char *N_str;
435 char *g_str;
436 printf("X\n");
437 N_str = PORT_ZAlloc(mp_radix_size(&mp_N,16));
438 mp_toradix(&mp_N,N_str,16);
439 printf("%s\n",N_str);
440 g_str = PORT_ZAlloc(mp_radix_size(&mp_g,16));
441 mp_toradix(&mp_g,g_str,16);
442 printf("%s\n",g_str);
443 printf("X\n");
444
445
446 /* pub = k*v + g^prv % N */
447 CHECK_MPI_OK(mp_exptmod(&mp_g, &mp_prv, &mp_N, &mp_pub));
448 CHECK_MPI_OK(mp_mulmod(&mp_k, &mp_v, &mp_N, &mp_res));
449 CHECK_MPI_OK(mp_addmod(&mp_res, &mp_pub, &mp_N, &mp_pub));
450
451 MPINT_TO_SECITEM(&mp_pub, &key->pubKey, arena);
452 CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->secret, &srp->secret));
453 *prvKey = key;
454
455 cleanup:
456 PORT_Free(zero);
457 SECITEM_FreeItem(it_k,PR_TRUE);
458 SHA1_DestroyContext(ctx, PR_TRUE);
459 mp_clear(&mp_N);
460 mp_clear(&mp_g);
461 mp_clear(&mp_k);
462 mp_clear(&mp_v);
463 mp_clear(&mp_pub);
464 mp_clear(&mp_prv);
465 mp_clear(&mp_res);
466 if (err) {
467 PORT_FreeArena(arena, PR_TRUE); /* not zeroized!! */
468 MP_TO_SEC_ERROR(err);
469 rv = SECFailure;
470 }
471 return rv;
472 }
473
474 /* SRP_NewClientKeyPair
475 * creates a new srp key pair for the client
476 *
477 * prv = rand()
478 * pub = g^prv % N, with prv at least 256bit random
479 * prvKey->secret = srp->secret
480 */
481
482 SECStatus SRP_NewClientKeyPair(SRPPrivateKey **prvKey, SRPKeyPairParams *srp) {
483
484
485 SRPPrivateKey *key;
486 PRArenaPool *arena;
487 mp_int mp_N, mp_g, mp_prv, mp_pub;
488 mp_err err = MP_OKAY;
489 SECStatus rv = SECFailure;
490
491 if (!srp || !prvKey) {
492 PORT_SetError(SEC_ERROR_INVALID_ARGS);
493 return SECFailure;
494 }
495
496 arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE);
497 if (!arena) {
498 PORT_SetError(SEC_ERROR_NO_MEMORY);
499 return SECFailure;
500 }
501
502 key = (SRPPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(SRPPrivateKey));
503 if (!key) {
504 PORT_SetError(SEC_ERROR_NO_MEMORY);
505 PORT_FreeArena(arena, PR_TRUE);
506 return SECFailure;
507 }
508 key->arena = arena;
509
510 /* prv=rand() */
511 SECITEM_AllocItem(arena, &key->prvKey, SRP_SECRET_KEY_LEN);
512 rv = RNG_GenerateGlobalRandomBytes(key->prvKey.data, key->prvKey.len);
513
514 if (rv != SECSuccess || !(&key->prvKey)) {
515 PORT_SetError(SEC_ERROR_NO_MEMORY);
516 PORT_FreeArena(arena, PR_TRUE);
517 return SECFailure;
518 }
519
520 /* pub = g^prv % N */
521 CHECK_MPI_OK( mp_init(&mp_N) );
522 CHECK_MPI_OK( mp_init(&mp_g) );
523 CHECK_MPI_OK( mp_init(&mp_pub));
524 CHECK_MPI_OK( mp_init(&mp_prv));
525 SECITEM_TO_MPINT(srp->N, &mp_N);
526 SECITEM_TO_MPINT(srp->g, &mp_g);
527 SECITEM_TO_MPINT(key->prvKey, &mp_prv);
528
529 if (SECSuccess != check_srp_group(&mp_N, &mp_g))
530 goto cleanup;
531
532 CHECK_MPI_OK( mp_exptmod(&mp_g, &mp_prv, &mp_N, &mp_pub) );
533
534 MPINT_TO_SECITEM(&mp_pub, &key->pubKey, key->arena);
535 CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->secret, &srp->secret) );
536 *prvKey = key;
537
538 cleanup:
539 mp_clear(&mp_g);
540 mp_clear(&mp_N);
541 mp_clear(&mp_pub);
542 mp_clear(&mp_prv);
543 if (err) {
544 PORT_FreeArena(arena, PR_TRUE); /* not zeroized!! */
545 MP_TO_SEC_ERROR(err);
546 rv = SECFailure;
547 }
548 return rv;
549 }
550
OLDNEW
« no previous file with comments | « net/third_party/nss/ssl/mpi/secmpi.h ('k') | net/third_party/nss/ssl/srp_groups.h » ('j') | ppapi/c/dev/ppb_opengles_dev.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698