| Index: nss/lib/softoken/pkcs11c.c
|
| ===================================================================
|
| --- nss/lib/softoken/pkcs11c.c (revision 251855)
|
| +++ nss/lib/softoken/pkcs11c.c (working copy)
|
| @@ -5782,6 +5782,7 @@
|
| return 0;
|
| }
|
|
|
| +#ifdef NSS_ENABLE_ECC
|
| /* Inputs:
|
| * key_len: Length of derived key to be generated.
|
| * SharedSecret: a shared secret that is the output of a key agreement primitive.
|
| @@ -5800,12 +5801,13 @@
|
| unsigned char *buffer = NULL, *output_buffer = NULL;
|
| PRUint32 buffer_len, max_counter, i;
|
| SECStatus rv;
|
| + CK_RV crv;
|
|
|
| /* Check that key_len isn't too long. The maximum key length could be
|
| * greatly increased if the code below did not limit the 4-byte counter
|
| * to a maximum value of 255. */
|
| if (key_len > 254 * HashLen)
|
| - return SEC_ERROR_INVALID_ARGS;
|
| + return CKR_ARGUMENTS_BAD;
|
|
|
| if (SharedInfo == NULL)
|
| SharedInfoLen = 0;
|
| @@ -5813,7 +5815,7 @@
|
| buffer_len = SharedSecret->len + 4 + SharedInfoLen;
|
| buffer = (CK_BYTE *)PORT_Alloc(buffer_len);
|
| if (buffer == NULL) {
|
| - rv = SEC_ERROR_NO_MEMORY;
|
| + crv = CKR_HOST_MEMORY;
|
| goto loser;
|
| }
|
|
|
| @@ -5823,7 +5825,7 @@
|
|
|
| output_buffer = (CK_BYTE *)PORT_Alloc(max_counter * HashLen);
|
| if (output_buffer == NULL) {
|
| - rv = SEC_ERROR_NO_MEMORY;
|
| + crv = CKR_HOST_MEMORY;
|
| goto loser;
|
| }
|
|
|
| @@ -5840,8 +5842,11 @@
|
|
|
| for(i=0; i < max_counter; i++) {
|
| rv = Hash(&output_buffer[i * HashLen], buffer, buffer_len);
|
| - if (rv != SECSuccess)
|
| + if (rv != SECSuccess) {
|
| + /* 'Hash' should not fail. */
|
| + crv = CKR_FUNCTION_FAILED;
|
| goto loser;
|
| + }
|
|
|
| /* Increment counter (assumes max_counter < 255) */
|
| buffer[SharedSecret->len + 3]++;
|
| @@ -5853,7 +5858,7 @@
|
| }
|
| *key = output_buffer;
|
|
|
| - return SECSuccess;
|
| + return CKR_OK;
|
|
|
| loser:
|
| if (buffer) {
|
| @@ -5862,7 +5867,7 @@
|
| if (output_buffer) {
|
| PORT_ZFree(output_buffer, max_counter * HashLen);
|
| }
|
| - return rv;
|
| + return crv;
|
| }
|
|
|
| static CK_RV sftk_ANSI_X9_63_kdf(CK_BYTE **key, CK_ULONG key_len,
|
| @@ -5886,8 +5891,9 @@
|
| return sftk_compute_ANSI_X9_63_kdf(key, key_len, SharedSecret, SharedInfo,
|
| SharedInfoLen, SHA512_HashBuf, SHA512_LENGTH);
|
| else
|
| - return SEC_ERROR_INVALID_ALGORITHM;
|
| + return CKR_MECHANISM_INVALID;
|
| }
|
| +#endif
|
|
|
| /*
|
| * SSL Key generation given pre master secret
|
| @@ -6939,12 +6945,11 @@
|
| secretlen = tmp.len;
|
| } else {
|
| secretlen = keySize;
|
| - rv = sftk_ANSI_X9_63_kdf(&secret, keySize,
|
| + crv = sftk_ANSI_X9_63_kdf(&secret, keySize,
|
| &tmp, mechParams->pSharedData,
|
| mechParams->ulSharedDataLen, mechParams->kdf);
|
| PORT_ZFree(tmp.data, tmp.len);
|
| - if (rv != SECSuccess) {
|
| - crv = CKR_HOST_MEMORY;
|
| + if (crv != CKR_OK) {
|
| break;
|
| }
|
| tmp.data = secret;
|
|
|
Chromium Code Reviews
Issue 170823003:
Update to NSS 3.15.5 and NSPR 4.10.3. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/