| Index: mozilla/security/nss/lib/pk11wrap/pk11skey.c
|
| ===================================================================
|
| --- mozilla/security/nss/lib/pk11wrap/pk11skey.c (revision 164196)
|
| +++ mozilla/security/nss/lib/pk11wrap/pk11skey.c (working copy)
|
| @@ -1677,7 +1677,7 @@
|
| keyType = PK11_GetKeyType(target,keySize);
|
| key_size = keySize;
|
| if (key_size == 0) {
|
| - if (pk11_GetPredefinedKeyLength(keyType)) {
|
| + if ((key_size = pk11_GetPredefinedKeyLength(keyType))) {
|
| templateCount --;
|
| } else {
|
| /* sigh, some tokens can't figure this out and require
|
| @@ -1762,7 +1762,9 @@
|
| PORT_SetError(SEC_ERROR_BAD_KEY);
|
| return NULL;
|
| }
|
| - if ((kdf < CKD_NULL) || (kdf > CKD_SHA1_KDF)) {
|
| + if ((kdf != CKD_NULL) && (kdf != CKD_SHA1_KDF) &&
|
| + (kdf != CKD_SHA224_KDF) && (kdf != CKD_SHA256_KDF) &&
|
| + (kdf != CKD_SHA384_KDF) && (kdf != CKD_SHA512_KDF)) {
|
| PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
|
| return NULL;
|
| }
|
| @@ -1785,18 +1787,41 @@
|
| keyType = PK11_GetKeyType(target,keySize);
|
| key_size = keySize;
|
| if (key_size == 0) {
|
| - if (pk11_GetPredefinedKeyLength(keyType)) {
|
| + if ((key_size = pk11_GetPredefinedKeyLength(keyType))) {
|
| templateCount --;
|
| } else {
|
| /* sigh, some tokens can't figure this out and require
|
| * CKA_VALUE_LEN to be set */
|
| switch (kdf) {
|
| case CKD_NULL:
|
| - key_size = (pubKey->u.ec.publicValue.len-1)/2;
|
| + if (pubKey->u.ec.publicValue.data[0] == 0x04) {
|
| + /* key encoded in uncompressed form */
|
| + key_size = (pubKey->u.ec.publicValue.len-1)/2;
|
| + } else if ((pubKey->u.ec.publicValue.data[0] == 0x02) ||
|
| + (pubKey->u.ec.publicValue.data[0] == 0x03)) {
|
| + /* key encoded in compressed form */
|
| + key_size = pubKey->u.ec.publicValue.len-1;
|
| + } else {
|
| + /* key encoding not recognized */
|
| + PK11_FreeSymKey(symKey);
|
| + return NULL;
|
| + }
|
| break;
|
| case CKD_SHA1_KDF:
|
| key_size = SHA1_LENGTH;
|
| break;
|
| + case CKD_SHA224_KDF:
|
| + key_size = SHA224_LENGTH;
|
| + break;
|
| + case CKD_SHA256_KDF:
|
| + key_size = SHA256_LENGTH;
|
| + break;
|
| + case CKD_SHA384_KDF:
|
| + key_size = SHA384_LENGTH;
|
| + break;
|
| + case CKD_SHA512_KDF:
|
| + key_size = SHA512_LENGTH;
|
| + break;
|
| default:
|
| PORT_Assert(!"Invalid CKD");
|
| PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
|
|
|
Chromium Code Reviews
Issue 11359091:
Update NSS to NSS 3.14 pre-release snapshot 2012-06-26 01:00:00 PDT. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/