nss/lib/freebl/rsa.c - Issue 329663003: Apply the fix for NSS bug 1021102 from the NSS upstream.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: nss/lib/freebl/rsa.c

Issue 329663003: Apply the fix for NSS bug 1021102 from the NSS upstream. (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/nss

Patch Set: RSA_PrivateKeyCheck should require p > q. Created 6 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: nss/lib/freebl/rsa.c

diff --git a/nss/lib/freebl/rsa.c b/nss/lib/freebl/rsa.c

index fb4b5d058945fc4c7821d6ad0259a6ce94475eb3..34bc395fe2baae872645712fb190656100af5738 100644

--- a/nss/lib/freebl/rsa.c

+++ b/nss/lib/freebl/rsa.c

@@ -1353,33 +1353,8 @@ RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,

return rsa_PrivateKeyOp(key, output, input, PR_TRUE);

}

-static SECStatus

-swap_in_key_value(PLArenaPool *arena, mp_int *mpval, SECItem *buffer)

- int len;

- mp_err err = MP_OKAY;

- memset(buffer->data, 0, buffer->len);

- len = mp_unsigned_octet_size(mpval);

- if (len <= 0) return SECFailure;

- if ((unsigned int)len <= buffer->len) {

- /* The new value is no longer than the old buffer, so use it */

- err = mp_to_unsigned_octets(mpval, buffer->data, len);

- if (err >= 0) err = MP_OKAY;

- buffer->len = len;

- } else if (arena) {

- /* The new value is longer, but working within an arena */

- (void)SECITEM_AllocItem(arena, buffer, len);

- err = mp_to_unsigned_octets(mpval, buffer->data, len);

- if (err >= 0) err = MP_OKAY;

- } else {

- /* The new value is longer, no arena, can't handle this key */

- return SECFailure;

- }

- return (err == MP_OKAY) ? SECSuccess : SECFailure;

SECStatus

-RSA_PrivateKeyCheck(RSAPrivateKey *key)

+RSA_PrivateKeyCheck(const RSAPrivateKey *key)

{

mp_int p, q, n, psub1, qsub1, e, d, d_p, d_q, qInv, res;

mp_err err = MP_OKAY;

@@ -1425,18 +1400,10 @@ RSA_PrivateKeyCheck(RSAPrivateKey *key)

SECITEM_TO_MPINT(key->exponent1, &d_p);

SECITEM_TO_MPINT(key->exponent2, &d_q);

SECITEM_TO_MPINT(key->coefficient, &qInv);

- /* p > q */

+ /* p > q */

if (mp_cmp(&p, &q) <= 0) {

- /* mind the p's and q's (and d_p's and d_q's) */

- SECItem tmp;

- mp_exch(&p, &q);

- mp_exch(&d_p,&d_q);

- tmp = key->prime1;

- key->prime1 = key->prime2;

- key->prime2 = tmp;

- tmp = key->exponent1;

- key->exponent1 = key->exponent2;

- key->exponent2 = tmp;

+ rv = SECFailure;

+ goto cleanup;

}

#define VERIFY_MPI_EQUAL(m1, m2) \

if (mp_cmp(m1, m2) != 0) { \

« no previous file with comments | « nss/lib/freebl/blapi.h ('k') | nss/lib/softoken/pkcs11.c » ('j') | no next file with comments »