Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(393)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mozilla/security/nss/lib/freebl/shvfy.c

Issue 10961060: Update NSS to NSS 3.14 Beta 1. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Add the NSS snapshot timestamp to README.chromium and nss-checkout.sh Created 8 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « mozilla/security/nss/lib/freebl/sha_fast.c ('k') | mozilla/security/nss/lib/freebl/tlsprfalg.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 1
2 /* This Source Code Form is subject to the terms of the Mozilla Public 2 /* This Source Code Form is subject to the terms of the Mozilla Public
3 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * License, v. 2.0. If a copy of the MPL was not distributed with this
4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5 /* $Id: shvfy.c,v 1.17 2012/06/12 16:39:00 rrelyea%redhat.com Exp $ */ 5 /* $Id: shvfy.c,v 1.18 2012/09/22 15:18:19 wtc%google.com Exp $ */
6 6
7 #ifdef FREEBL_NO_DEPEND 7 #ifdef FREEBL_NO_DEPEND
8 #include "stubs.h" 8 #include "stubs.h"
9 #endif 9 #endif
10 10
11 #include "shsign.h" 11 #include "shsign.h"
12 #include "prlink.h" 12 #include "prlink.h"
13 #include "prio.h" 13 #include "prio.h"
14 #include "blapi.h" 14 #include "blapi.h"
15 #include "seccomon.h" 15 #include "seccomon.h"
16 #include "stdio.h" 16 #include "stdio.h"
17 #include "prmem.h" 17 #include "prmem.h"
18 #include "hasht.h"
19 #include "pqg.h"
18 20
19 /* 21 /*
20 * Most modern version of Linux support a speed optimization scheme where an 22 * Most modern version of Linux support a speed optimization scheme where an
21 * application called prelink modifies programs and shared libraries to quickly 23 * application called prelink modifies programs and shared libraries to quickly
22 * load if they fit into an already designed address space. In short, prelink 24 * load if they fit into an already designed address space. In short, prelink
23 * scans the list of programs and libraries on your system, assigns them a 25 * scans the list of programs and libraries on your system, assigns them a
24 * predefined space in the the address space, then provides the fixups to the 26 * predefined space in the the address space, then provides the fixups to the
25 * library. 27 * library.
26 28
27 * The modification of the shared library is correctly detected by the freebl 29 * The modification of the shared library is correctly detected by the freebl
(...skipping 279 matching lines...) Expand 10 before | Expand all | Expand 10 after
307 309
308 PRBool 310 PRBool
309 BLAPI_SHVerifyFile(const char *shName) 311 BLAPI_SHVerifyFile(const char *shName)
310 { 312 {
311 #ifdef PSEUDO_FIPS 313 #ifdef PSEUDO_FIPS
312 return PR_TRUE; /* a lie, hence *pseudo* FIPS */ 314 return PR_TRUE; /* a lie, hence *pseudo* FIPS */
313 #else 315 #else
314 char *checkName = NULL; 316 char *checkName = NULL;
315 PRFileDesc *checkFD = NULL; 317 PRFileDesc *checkFD = NULL;
316 PRFileDesc *shFD = NULL; 318 PRFileDesc *shFD = NULL;
317 SHA1Context *hashcx = NULL; 319 void *hashcx = NULL;
320 const SECHashObject *hashObj = NULL;
318 SECItem signature = { 0, NULL, 0 }; 321 SECItem signature = { 0, NULL, 0 };
319 SECItem hash; 322 SECItem hash;
320 int bytesRead, offset; 323 int bytesRead, offset;
321 SECStatus rv; 324 SECStatus rv;
322 DSAPublicKey key; 325 DSAPublicKey key;
323 int count; 326 int count;
324 #ifdef FREEBL_USE_PRELINK 327 #ifdef FREEBL_USE_PRELINK
325 int pid = 0; 328 int pid = 0;
326 #endif 329 #endif
327 330
328 PRBool result = PR_FALSE; /* if anything goes wrong, 331 PRBool result = PR_FALSE; /* if anything goes wrong,
329 * the signature does not verify */ 332 * the signature does not verify */
330 unsigned char buf[4096]; 333 unsigned char buf[4096];
331 unsigned char hashBuf[SHA1_LENGTH]; 334 unsigned char hashBuf[HASH_LENGTH_MAX];
332 335
333 PORT_Memset(&key,0,sizeof(key)); 336 PORT_Memset(&key,0,sizeof(key));
334 hash.data = hashBuf; 337 hash.data = hashBuf;
335 hash.len = sizeof(hashBuf); 338 hash.len = sizeof(hashBuf);
336 339
337 if (!shName) { 340 if (!shName) {
338 goto loser; 341 goto loser;
339 } 342 }
340 343
341 /* figure out the name of our check file */ 344 /* figure out the name of our check file */
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after
396 /* read the siganture */ 399 /* read the siganture */
397 rv = readItem(checkFD,&signature); 400 rv = readItem(checkFD,&signature);
398 if (rv != SECSuccess) { 401 if (rv != SECSuccess) {
399 goto loser; 402 goto loser;
400 } 403 }
401 404
402 /* done with the check file */ 405 /* done with the check file */
403 PR_Close(checkFD); 406 PR_Close(checkFD);
404 checkFD = NULL; 407 checkFD = NULL;
405 408
409 hashObj = HASH_GetRawHashObject(PQG_GetHashType(&key.params));
410 if (hashObj == NULL) {
411 goto loser;
412 }
413
406 /* open our library file */ 414 /* open our library file */
407 #ifdef FREEBL_USE_PRELINK 415 #ifdef FREEBL_USE_PRELINK
408 shFD = bl_OpenUnPrelink(shName,&pid); 416 shFD = bl_OpenUnPrelink(shName,&pid);
409 #else 417 #else
410 shFD = PR_Open(shName, PR_RDONLY, 0); 418 shFD = PR_Open(shName, PR_RDONLY, 0);
411 #endif 419 #endif
412 if (shFD == NULL) { 420 if (shFD == NULL) {
413 #ifdef DEBUG_SHVERIFY 421 #ifdef DEBUG_SHVERIFY
414 fprintf(stderr, "Failed to open the library file %s: (%d, %d)\n", 422 fprintf(stderr, "Failed to open the library file %s: (%d, %d)\n",
415 shName, (int)PR_GetError(), (int)PR_GetOSError()); 423 shName, (int)PR_GetError(), (int)PR_GetOSError());
416 #endif /* DEBUG_SHVERIFY */ 424 #endif /* DEBUG_SHVERIFY */
417 goto loser; 425 goto loser;
418 } 426 }
419 427
420 /* hash our library file with SHA1 */ 428 /* hash our library file with SHA1 */
421 hashcx = SHA1_NewContext(); 429 hashcx = hashObj->create();
422 if (hashcx == NULL) { 430 if (hashcx == NULL) {
423 goto loser; 431 goto loser;
424 } 432 }
425 SHA1_Begin(hashcx); 433 hashObj->begin(hashcx);
426 434
427 count = 0; 435 count = 0;
428 while ((bytesRead = PR_Read(shFD, buf, sizeof(buf))) > 0) { 436 while ((bytesRead = PR_Read(shFD, buf, sizeof(buf))) > 0) {
429 » SHA1_Update(hashcx, buf, bytesRead); 437 » hashObj->update(hashcx, buf, bytesRead);
430 count += bytesRead; 438 count += bytesRead;
431 } 439 }
432 #ifdef FREEBL_USE_PRELINK 440 #ifdef FREEBL_USE_PRELINK
433 bl_CloseUnPrelink(shFD, pid); 441 bl_CloseUnPrelink(shFD, pid);
434 #else 442 #else
435 PR_Close(shFD); 443 PR_Close(shFD);
436 #endif 444 #endif
437 shFD = NULL; 445 shFD = NULL;
438 446
439 SHA1_End(hashcx, hash.data, &hash.len, hash.len); 447 hashObj->end(hashcx, hash.data, &hash.len, hash.len);
440 448
441 449
442 /* verify the hash against the check file */ 450 /* verify the hash against the check file */
443 if (DSA_VerifyDigest(&key, &signature, &hash) == SECSuccess) { 451 if (DSA_VerifyDigest(&key, &signature, &hash) == SECSuccess) {
444 result = PR_TRUE; 452 result = PR_TRUE;
445 } 453 }
446 #ifdef DEBUG_SHVERIFY 454 #ifdef DEBUG_SHVERIFY
447 { 455 {
448 int i,j; 456 int i,j;
449 fprintf(stderr,"File %s: %d bytes\n",shName, count); 457 fprintf(stderr,"File %s: %d bytes\n",shName, count);
(...skipping 23 matching lines...) Expand all
473 if (checkName != NULL) { 481 if (checkName != NULL) {
474 PORT_Free(checkName); 482 PORT_Free(checkName);
475 } 483 }
476 if (checkFD != NULL) { 484 if (checkFD != NULL) {
477 PR_Close(checkFD); 485 PR_Close(checkFD);
478 } 486 }
479 if (shFD != NULL) { 487 if (shFD != NULL) {
480 PR_Close(shFD); 488 PR_Close(shFD);
481 } 489 }
482 if (hashcx != NULL) { 490 if (hashcx != NULL) {
483 » SHA1_DestroyContext(hashcx,PR_TRUE); 491 » if (hashObj) {
492 » hashObj->destroy(hashcx,PR_TRUE);
493 » }
484 } 494 }
485 if (signature.data != NULL) { 495 if (signature.data != NULL) {
486 PORT_Free(signature.data); 496 PORT_Free(signature.data);
487 } 497 }
488 if (key.params.prime.data != NULL) { 498 if (key.params.prime.data != NULL) {
489 PORT_Free(key.params.prime.data); 499 PORT_Free(key.params.prime.data);
490 } 500 }
491 if (key.params.subPrime.data != NULL) { 501 if (key.params.subPrime.data != NULL) {
492 PORT_Free(key.params.subPrime.data); 502 PORT_Free(key.params.subPrime.data);
493 } 503 }
(...skipping 13 matching lines...) Expand all
507 { 517 {
508 if (name == NULL) { 518 if (name == NULL) {
509 /* 519 /*
510 * If name is NULL, freebl is statically linked into softoken. 520 * If name is NULL, freebl is statically linked into softoken.
511 * softoken will call BLAPI_SHVerify next to verify itself. 521 * softoken will call BLAPI_SHVerify next to verify itself.
512 */ 522 */
513 return PR_TRUE; 523 return PR_TRUE;
514 } 524 }
515 return BLAPI_SHVerify(name, (PRFuncPtr) decodeInt); 525 return BLAPI_SHVerify(name, (PRFuncPtr) decodeInt);
516 } 526 }
OLDNEW
« no previous file with comments | « mozilla/security/nss/lib/freebl/sha_fast.c ('k') | mozilla/security/nss/lib/freebl/tlsprfalg.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698