[nss] Sync up with changes made upstream for freebl and softoken
Elio Maldonado
emaldonado at fedoraproject.org
Wed Jan 8 17:20:20 UTC 2014
commit d2ef6540b5ded5498426adfd4bdcbb2557a4fc3a
Author: Elio Maldonado <emaldona at redhat.com>
Date: Wed Jan 8 09:08:35 2014 -0800
Sync up with changes made upstream for freebl and softoken
- Reduce the patch to its bare minumum
- Remove RSA_BlockOAEP cases which aren't used by the pem module after all
- Copied the private RSA_BlockType data structure from freebl/pkcss11.c that needed here
- Upstream removed softoken/rsawrapr.c and moved the code to freebl/pkcs11.c
- https://bugzilla.mozilla.org/show_bug.cgi?id=836019
- Bug 836019 - Move RSA-PKCS#1, RSA-PSS, and RSA-OAEP into freebl
0001-sync-up-with-upstream-softokn-changes.patch | 871 +---------------------
1 files changed, 27 insertions(+), 844 deletions(-)
---
diff --git a/0001-sync-up-with-upstream-softokn-changes.patch b/0001-sync-up-with-upstream-softokn-changes.patch
index 8733b49..3416ed3 100644
--- a/0001-sync-up-with-upstream-softokn-changes.patch
+++ b/0001-sync-up-with-upstream-softokn-changes.patch
@@ -1,42 +1,10 @@
diff -up ./nss/lib/ckfw/pem/rsawrapr.c.syncupwithupstream ./nss/lib/ckfw/pem/rsawrapr.c
--- ./nss/lib/ckfw/pem/rsawrapr.c.syncupwithupstream 2013-12-26 14:21:08.000000000 -0800
-+++ ./nss/lib/ckfw/pem/rsawrapr.c 2014-01-07 13:26:43.350502692 -0800
-@@ -1,5 +1,10 @@
-+/* This Source Code Form is subject to the terms of the Mozilla Public
-+ * License, v. 2.0. If a copy of the MPL was not distributed with this
-+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-+
- /*
-- * PKCS#1 encoding and decoding functions.
-+ RSA PKCS#1 v2.1 (RFC 3447) encoding and decoding functions.
-+
- * This file is believed to contain no code licensed from other parties.
- *
- * ***** BEGIN LICENSE BLOCK *****
-@@ -42,21 +47,38 @@
-
- #include "ckpem.h"
- #include "blapi.h"
-+#include "secitem.h"
-+/*#include "blapii.h"*/
-+/*
- #include "softoken.h"
- #include "sechash.h"
--#include "base.h"
--
-+#include "base.h"#include "lowkeyi.h"
-+*/
- #include "secerr.h"
++++ ./nss/lib/ckfw/pem/rsawrapr.c 2014-01-08 09:05:09.549718089 -0800
+@@ -60,6 +60,21 @@
- #define RSA_BLOCK_MIN_PAD_LEN 8
- #define RSA_BLOCK_FIRST_OCTET 0x00
--#define RSA_BLOCK_PRIVATE0_PAD_OCTET 0x00
- #define RSA_BLOCK_PRIVATE_PAD_OCTET 0xff
- #define RSA_BLOCK_AFTER_PAD_OCTET 0x00
+ #define FLAT_BUFSIZE 512 /* bytes to hold flattened SHA1Context. */
--#define OAEP_SALT_LEN 8
--#define OAEP_PAD_LEN 8
--#define OAEP_PAD_OCTET 0x00
+/*
+ * RSA block types
+ *
@@ -52,217 +20,18 @@ diff -up ./nss/lib/ckfw/pem/rsawrapr.c.syncupwithupstream ./nss/lib/ckfw/pem/rsa
+ RSA_BlockTotal
+} RSA_BlockType;
+
-+
-+/* Needed for RSA-PSS functions */
-+static const unsigned char eightZeros[] = { 0, 0, 0, 0, 0, 0, 0, 0 };
-
- #define FLAT_BUFSIZE 512 /* bytes to hold flattened SHA1Context. */
-
-@@ -78,141 +100,62 @@ pem_PublicModulusLen(NSSLOWKEYPublicKey
- return 0;
- }
-
--static SHA1Context *SHA1_CloneContext(SHA1Context * original)
--{
-- SHA1Context *clone = NULL;
-- unsigned char *pBuf;
-- int sha1ContextSize = SHA1_FlattenSize(original);
-- SECStatus frv;
-- unsigned char buf[FLAT_BUFSIZE];
--
-- PORT_Assert(sizeof buf >= sha1ContextSize);
-- if (sizeof buf >= sha1ContextSize) {
-- pBuf = buf;
-- } else {
-- pBuf = nss_ZAlloc(NULL, sha1ContextSize);
-- if (!pBuf)
-- goto done;
-- }
--
-- frv = SHA1_Flatten(original, pBuf);
-- if (frv == SECSuccess) {
-- clone = SHA1_Resurrect(pBuf, NULL);
-- memset(pBuf, 0, sha1ContextSize);
-- }
-- done:
-- if (pBuf != buf)
-- nss_ZFreeIf(pBuf);
-- return clone;
-+/* Constant time comparison of a single byte.
-+ * Returns 1 iff a == b, otherwise returns 0.
-+ * Note: For ranges of bytes, use constantTimeCompare.
-+ */
-+static unsigned char constantTimeEQ8(unsigned char a, unsigned char b) {
-+ unsigned char c = ~((a - b) | (b - a));
-+ c >>= 7;
-+ return c;
- }
-
--/*
-- * Modify data by XORing it with a special hash of salt.
-+/* Constant time comparison of a range of bytes.
-+ * Returns 1 iff len bytes of a are identical to len bytes of b, otherwise
-+ * returns 0.
- */
--static SECStatus
--oaep_xor_with_h1(unsigned char *data, unsigned int datalen,
-- unsigned char *salt, unsigned int saltlen)
--{
-- SHA1Context *sha1cx;
-- unsigned char *dp, *dataend;
-- unsigned char end_octet;
--
-- sha1cx = SHA1_NewContext();
-- if (sha1cx == NULL) {
-- return SECFailure;
-- }
--
-- /*
-- * Get a hash of salt started; we will use it several times,
-- * adding in a different end octet (x00, x01, x02, ...).
-- */
-- SHA1_Begin(sha1cx);
-- SHA1_Update(sha1cx, salt, saltlen);
-- end_octet = 0;
--
-- dp = data;
-- dataend = data + datalen;
--
-- while (dp < dataend) {
-- SHA1Context *sha1cx_h1;
-- unsigned int sha1len, sha1off;
-- unsigned char sha1[SHA1_LENGTH];
--
-- /*
-- * Create hash of (salt || end_octet)
-- */
-- sha1cx_h1 = SHA1_CloneContext(sha1cx);
-- SHA1_Update(sha1cx_h1, &end_octet, 1);
-- SHA1_End(sha1cx_h1, sha1, &sha1len, sizeof(sha1));
-- SHA1_DestroyContext(sha1cx_h1, PR_TRUE);
-- PORT_Assert(sha1len == SHA1_LENGTH);
--
-- /*
-- * XOR that hash with the data.
-- * When we have fewer than SHA1_LENGTH octets of data
-- * left to xor, use just the low-order ones of the hash.
-- */
-- sha1off = 0;
-- if ((dataend - dp) < SHA1_LENGTH)
-- sha1off = SHA1_LENGTH - (dataend - dp);
-- while (sha1off < SHA1_LENGTH)
-- *dp++ ^= sha1[sha1off++];
--
-- /*
-- * Bump for next hash chunk.
-- */
-- end_octet++;
-- }
--
-- SHA1_DestroyContext(sha1cx, PR_TRUE);
-- return SECSuccess;
-+static unsigned char constantTimeCompare(const unsigned char *a,
-+ const unsigned char *b,
-+ unsigned int len) {
-+ unsigned char tmp = 0;
-+ unsigned int i;
-+ for (i = 0; i < len; ++i, ++a, ++b)
-+ tmp |= *a ^ *b;
-+ return constantTimeEQ8(0x00, tmp);
- }
-
--/*
-- * Modify salt by XORing it with a special hash of data.
-+/* Constant time conditional.
-+ * Returns a if c is 1, or b if c is 0. The result is undefined if c is
-+ * not 0 or 1.
- */
--static SECStatus
--oaep_xor_with_h2(unsigned char *salt, unsigned int saltlen,
-- unsigned char *data, unsigned int datalen)
-+static unsigned int constantTimeCondition(unsigned int c,
-+ unsigned int a,
-+ unsigned int b)
+ unsigned
+ pem_PublicModulusLen(NSSLOWKEYPublicKey *pubk)
{
-- unsigned char sha1[SHA1_LENGTH];
-- unsigned char *psalt, *psha1, *saltend;
-- SECStatus rv;
--
-- /*
-- * Create a hash of data.
-- */
-- rv = SHA1_HashBuf(sha1, data, datalen);
-- if (rv != SECSuccess) {
-- return rv;
-- }
--
-- /*
-- * XOR the low-order octets of that hash with salt.
-- */
-- PORT_Assert(saltlen <= SHA1_LENGTH);
-- saltend = salt + saltlen;
-- psalt = salt;
-- psha1 = sha1 + SHA1_LENGTH - saltlen;
-- while (psalt < saltend) {
-- *psalt++ ^= *psha1++;
-- }
-+ return (~(c - 1) & a) | ((c - 1) & b);
-+}
-
-- return SECSuccess;
-+static unsigned int
-+rsa_modulusLen(SECItem * modulus)
-+{
-+ unsigned char byteZero = modulus->data[0];
-+ unsigned int modLen = modulus->len - !byteZero;
-+ return modLen;
- }
-
- /*
- * Format one block of data for public/private key encryption using
- * the rules defined in PKCS #1.
- */
--static unsigned char *rsa_FormatOneBlock(unsigned modulusLen,
-- RSA_BlockType blockType,
-- SECItem * data)
-+static unsigned char *
-+rsa_FormatOneBlock(unsigned modulusLen,
-+ RSA_BlockType blockType,
-+ SECItem * data)
- {
- unsigned char *block;
- unsigned char *bp;
- int padLen;
-- int i;
-+ int i, j;
- SECStatus rv;
-
- block = (unsigned char *) nss_ZAlloc(NULL, modulusLen);
-@@ -223,18 +166,17 @@ static unsigned char *rsa_FormatOneBlock
-
- /*
- * All RSA blocks start with two octets:
-- * 0x00 || BlockType
-+ * 0x00 || BlockType
- */
- *bp++ = RSA_BLOCK_FIRST_OCTET;
- *bp++ = (unsigned char) blockType;
-
- switch (blockType) {
-
-- /*
-- * Blocks intended for private-key operation.
-- */
+@@ -233,7 +248,6 @@ static unsigned char *rsa_FormatOneBlock
+ /*
+ * Blocks intended for private-key operation.
+ */
- case RSA_BlockPrivate0: /* essentially unused */
-- case RSA_BlockPrivate: /* preferred method */
-+ /*
-+ * Blocks intended for private-key operation.
-+ */
-+ case RSA_BlockPrivate: /* preferred method */
+ case RSA_BlockPrivate: /* preferred method */
/*
* 0x00 || BT || Pad || 0x00 || ActualData
- * 1 1 padLen 1 data->len
-@@ -246,138 +188,69 @@ static unsigned char *rsa_FormatOneBlock
+@@ -246,10 +260,7 @@ static unsigned char *rsa_FormatOneBlock
nss_ZFreeIf(block);
return NULL;
}
@@ -274,42 +43,11 @@ diff -up ./nss/lib/ckfw/pem/rsawrapr.c.syncupwithupstream ./nss/lib/ckfw/pem/rsa
bp += padLen;
*bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
nsslibc_memcpy(bp, data->data, data->len);
+@@ -288,97 +299,6 @@ static unsigned char *rsa_FormatOneBlock
+
break;
- /*
-- * Blocks intended for public-key operation.
-- */
-- case RSA_BlockPublic:
--
-- /*
-- * 0x00 || BT || Pad || 0x00 || ActualData
-- * 1 1 padLen 1 data->len
-- * Pad is all non-zero random bytes.
-- */
-- padLen = modulusLen - data->len - 3;
-- PORT_Assert(padLen >= RSA_BLOCK_MIN_PAD_LEN);
-- if (padLen < RSA_BLOCK_MIN_PAD_LEN) {
-- nss_ZFreeIf(block);
-- return NULL;
-- }
-- for (i = 0; i < padLen; i++) {
-- /* Pad with non-zero random data. */
-- do {
-- rv = RNG_GenerateGlobalRandomBytes(bp + i, 1);
-- } while (rv == SECSuccess
-- && bp[i] == RSA_BLOCK_AFTER_PAD_OCTET);
-- if (rv != SECSuccess) {
-- nss_ZFreeIf(block);
-- return NULL;
-- }
-- }
-- bp += padLen;
-- *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
-- nsslibc_memcpy(bp, data->data, data->len);
--
-- break;
--
-- /*
- * Blocks intended for public-key operation, using
- * Optimal Asymmetric Encryption Padding (OAEP).
- */
@@ -399,107 +137,22 @@ diff -up ./nss/lib/ckfw/pem/rsawrapr.c.syncupwithupstream ./nss/lib/ckfw/pem/rsa
- }
-
- break;
-+ /*
-+ * Blocks intended for public-key operation.
-+ */
-+ case RSA_BlockPublic:
-+
-+ /*
-+ * 0x00 || BT || Pad || 0x00 || ActualData
-+ * 1 1 padLen 1 data->len
-+ * Pad is all non-zero random bytes.
-+ *
-+ * Build the block left to right.
-+ * Fill the entire block from Pad to the end with random bytes.
-+ * Use the bytes after Pad as a supply of extra random bytes from
-+ * which to find replacements for the zero bytes in Pad.
-+ * If we need more than that, refill the bytes after Pad with
-+ * new random bytes as necessary.
-+ */
-+ padLen = modulusLen - (data->len + 3);
-+ PORT_Assert (padLen >= RSA_BLOCK_MIN_PAD_LEN);
-+ if (padLen < RSA_BLOCK_MIN_PAD_LEN) {
-+ nss_ZFreeIf (block);
-+ return NULL;
-+ }
-+ j = modulusLen - 2;
-+ rv = RNG_GenerateGlobalRandomBytes(bp, j);
-+ if (rv == SECSuccess) {
-+ for (i = 0; i < padLen; ) {
-+ unsigned char repl;
-+ /* Pad with non-zero random data. */
-+ if (bp[i] != RSA_BLOCK_AFTER_PAD_OCTET) {
-+ ++i;
-+ continue;
-+ }
-+ if (j <= padLen) {
-+ rv = RNG_GenerateGlobalRandomBytes(bp + padLen,
-+ modulusLen - (2 + padLen));
-+ if (rv != SECSuccess)
-+ break;
-+ j = modulusLen - 2;
-+ }
-+ do {
-+ repl = bp[--j];
-+ } while (repl == RSA_BLOCK_AFTER_PAD_OCTET && j > padLen);
-+ if (repl != RSA_BLOCK_AFTER_PAD_OCTET) {
-+ bp[i++] = repl;
-+ }
-+ }
-+ }
-+ if (rv != SECSuccess) {
-+ /*sftk_fatalError = PR_TRUE;*/
-+ nss_ZFreeIf (block);
-+ return NULL;
-+ }
-+ bp += padLen;
-+ *bp++ = RSA_BLOCK_AFTER_PAD_OCTET;
-+ nsslibc_memcpy(bp, data->data, data->len);
-+ break;
-
+-
default:
PORT_Assert(0);
-@@ -389,54 +262,21 @@ static unsigned char *rsa_FormatOneBlock
- }
+ nss_ZFreeIf(block);
+@@ -406,7 +326,6 @@ rsa_FormatBlock(SECItem * result, unsign
+ */
- static SECStatus
--rsa_FormatBlock(SECItem * result, unsigned modulusLen,
-- RSA_BlockType blockType, SECItem * data)
-+rsa_FormatBlock(SECItem * result,
-+ unsigned modulusLen,
-+ RSA_BlockType blockType,
-+ SECItem * data)
- {
-- /*
-- * XXX For now assume that the data length fits in a single
-- * XXX encryption block; the ASSERTs below force this.
-- * XXX To fix it, each case will have to loop over chunks whose
-- * XXX lengths satisfy the assertions, until all data is handled.
-- * XXX (Unless RSA has more to say about how to handle data
-- * XXX which does not fit in a single encryption block?)
-- * XXX And I do not know what the result is supposed to be,
-- * XXX so the interface to this function may need to change
-- * XXX to allow for returning multiple blocks, if they are
-- * XXX not wanted simply concatenated one after the other.
-- */
--
switch (blockType) {
- case RSA_BlockPrivate0:
-- case RSA_BlockPrivate:
-- case RSA_BlockPublic:
-+ case RSA_BlockPrivate:
-+ case RSA_BlockPublic:
+ case RSA_BlockPrivate:
+ case RSA_BlockPublic:
/*
- * 0x00 || BT || Pad || 0x00 || ActualData
- *
- * The "3" below is the first octet + the second octet + the 0x00
- * octet that always comes just before the ActualData.
- */
-- PORT_Assert(data->len <=
-- (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));
--
-- result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
-- if (result->data == NULL) {
+@@ -420,26 +339,6 @@ rsa_FormatBlock(SECItem * result, unsign
+
+ result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
+ if (result->data == NULL) {
- result->len = 0;
- return SECFailure;
- }
@@ -517,479 +170,9 @@ diff -up ./nss/lib/ckfw/pem/rsawrapr.c.syncupwithupstream ./nss/lib/ckfw/pem/rsa
- */
- PORT_Assert(data->len <= (modulusLen - (2 + OAEP_SALT_LEN
- + OAEP_PAD_LEN)));
-+ PORT_Assert(data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN)));
-
- result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
- if (result->data == NULL) {
-@@ -447,7 +287,7 @@ rsa_FormatBlock(SECItem * result, unsign
-
- break;
-
-- case RSA_BlockRaw:
-+ case RSA_BlockRaw:
- /*
- * Pad || ActualData
- * Pad is zeros. The application is responsible for recovering
-@@ -476,36 +316,34 @@ rsa_FormatBlock(SECItem * result, unsign
- SECStatus
- pem_RSA_Sign(pemLOWKEYPrivateKey * key,
- unsigned char *output,
-- unsigned int *output_len,
-+ unsigned int *outputLen,
- unsigned int maxOutputLen,
-- unsigned char *input, unsigned int input_len)
-+ unsigned char *input, unsigned int inputLen)
- {
- SECStatus rv = SECSuccess;
-- unsigned int modulus_len = pem_PrivateModulusLen(key);
-+ unsigned int modulusLen = pem_PrivateModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
-- if (maxOutputLen < modulus_len)
-+ if (maxOutputLen < modulusLen)
- return SECFailure;
- PORT_Assert(key->keyType == pemLOWKEYRSAKey);
- if (key->keyType != pemLOWKEYRSAKey)
- return SECFailure;
-
-- unformatted.len = input_len;
-+ unformatted.len = inputLen;
- unformatted.data = input;
- formatted.data = NULL;
-- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockPrivate,
-+ rv = rsa_FormatBlock(&formatted, modulusLen, RSA_BlockPrivate,
- &unformatted);
- if (rv != SECSuccess)
- goto done;
-
- rv = RSA_PrivateKeyOpDoubleChecked(&key->u.rsa, output,
- formatted.data);
-- *output_len = modulus_len;
-+ *outputLen = modulusLen;
-
-- goto done;
-
-- done:
-+done:
- if (formatted.data != NULL)
- nss_ZFreeIf(formatted.data);
- return rv;
-@@ -515,17 +353,17 @@ pem_RSA_Sign(pemLOWKEYPrivateKey * key,
- /* XXX Doesn't set error code */
- SECStatus
- RSA_CheckSign(NSSLOWKEYPublicKey * key,
-- unsigned char *sign,
-- unsigned int sign_len,
-+ unsigned char *sig,
-+ unsigned int sigLen,
- unsigned char *hash, unsigned int hash_len)
- {
- SECStatus rv;
-- unsigned int modulus_len = pem_PublicModulusLen(key);
-+ unsigned int modulusLen = pem_PublicModulusLen(key);
- unsigned int i;
- unsigned char *buffer;
-
-- modulus_len = pem_PublicModulusLen(key);
-- if (sign_len != modulus_len)
-+ modulusLen = pem_PublicModulusLen(key);
-+ if (sigLen != modulusLen)
- goto failure;
- /*
- * 0x00 || BT || Pad || 0x00 || ActualData
-@@ -533,17 +371,17 @@ RSA_CheckSign(NSSLOWKEYPublicKey * key,
- * The "3" below is the first octet + the second octet + the 0x00
- * octet that always comes just before the ActualData.
- */
-- if (hash_len > modulus_len - (3 + RSA_BLOCK_MIN_PAD_LEN))
-+ if (hash_len > modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN))
- goto failure;
- PORT_Assert(key->keyType == pemLOWKEYRSAKey);
- if (key->keyType != pemLOWKEYRSAKey)
- goto failure;
-
-- buffer = (unsigned char *) nss_ZAlloc(NULL, modulus_len + 1);
-+ buffer = (unsigned char *) nss_ZAlloc(NULL, modulusLen + 1);
- if (!buffer)
- goto failure;
-
-- rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
-+ rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sig);
- if (rv != SECSuccess)
- goto loser;
-
-@@ -552,7 +390,7 @@ RSA_CheckSign(NSSLOWKEYPublicKey * key,
- */
- if (buffer[0] != 0 || buffer[1] != 1)
- goto loser;
-- for (i = 2; i < modulus_len - hash_len - 1; i++) {
-+ for (i = 2; i < modulusLen - hash_len - 1; i++) {
- if (buffer[i] != 0xff)
- goto loser;
- }
-@@ -562,7 +400,7 @@ RSA_CheckSign(NSSLOWKEYPublicKey * key,
- /*
- * make sure we get the same results
- */
-- if (memcmp(buffer + modulus_len - hash_len, hash, hash_len) != 0)
-+ if (memcmp(buffer + modulusLen - hash_len, hash, hash_len) != 0)
- goto loser;
-
- nss_ZFreeIf(buffer);
-@@ -579,25 +417,25 @@ SECStatus
- RSA_CheckSignRecover(NSSLOWKEYPublicKey * key,
- unsigned char *data,
- unsigned int *data_len,
-- unsigned int max_output_len,
-- unsigned char *sign, unsigned int sign_len)
-+ unsigned int maxOutputLen,
-+ unsigned char *sig, unsigned int sigLen)
- {
- SECStatus rv;
-- unsigned int modulus_len = pem_PublicModulusLen(key);
-+ unsigned int modulusLen = pem_PublicModulusLen(key);
- unsigned int i;
- unsigned char *buffer;
-
-- if (sign_len != modulus_len)
-+ if (sigLen != modulusLen)
- goto failure;
- PORT_Assert(key->keyType == pemLOWKEYRSAKey);
- if (key->keyType != pemLOWKEYRSAKey)
- goto failure;
-
-- buffer = (unsigned char *) nss_ZAlloc(NULL, modulus_len + 1);
-+ buffer = (unsigned char *) nss_ZAlloc(NULL, modulusLen + 1);
- if (!buffer)
- goto failure;
-
-- rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
-+ rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sig);
- if (rv != SECSuccess)
- goto loser;
- *data_len = 0;
-@@ -607,9 +445,9 @@ RSA_CheckSignRecover(NSSLOWKEYPublicKey
- */
- if (buffer[0] != 0 || buffer[1] != 1)
- goto loser;
-- for (i = 2; i < modulus_len; i++) {
-+ for (i = 2; i < modulusLen; i++) {
- if (buffer[i] == 0) {
-- *data_len = modulus_len - i - 1;
-+ *data_len = modulusLen - i - 1;
- break;
- }
- if (buffer[i] != 0xff)
-@@ -617,13 +455,13 @@ RSA_CheckSignRecover(NSSLOWKEYPublicKey
- }
- if (*data_len == 0)
- goto loser;
-- if (*data_len > max_output_len)
-+ if (*data_len > maxOutputLen)
- goto loser;
-
- /*
- * make sure we get the same results
- */
-- nsslibc_memcpy(data, buffer + modulus_len - *data_len, *data_len);
-+ nsslibc_memcpy(data, buffer + modulusLen - *data_len, *data_len);
-
- nss_ZFreeIf(buffer);
- return SECSuccess;
-@@ -638,26 +476,26 @@ RSA_CheckSignRecover(NSSLOWKEYPublicKey
- SECStatus
- RSA_EncryptBlock(NSSLOWKEYPublicKey * key,
- unsigned char *output,
-- unsigned int *output_len,
-- unsigned int max_output_len,
-- unsigned char *input, unsigned int input_len)
-+ unsigned int *outputLen,
-+ unsigned int maxOutputLen,
-+ unsigned char *input, unsigned int inputLen)
- {
- SECStatus rv;
-- unsigned int modulus_len = pem_PublicModulusLen(key);
-+ unsigned int modulusLen = pem_PublicModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
- formatted.data = NULL;
-- if (max_output_len < modulus_len)
-+ if (maxOutputLen < modulusLen)
- goto failure;
- PORT_Assert(key->keyType == pemLOWKEYRSAKey);
- if (key->keyType != pemLOWKEYRSAKey)
- goto failure;
-
-- unformatted.len = input_len;
-+ unformatted.len = inputLen;
- unformatted.data = input;
- formatted.data = NULL;
-- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockPublic,
-+ rv = rsa_FormatBlock(&formatted, modulusLen, RSA_BlockPublic,
- &unformatted);
- if (rv != SECSuccess)
- goto failure;
-@@ -667,7 +505,7 @@ RSA_EncryptBlock(NSSLOWKEYPublicKey * ke
- goto failure;
-
- nss_ZFreeIf(formatted.data);
-- *output_len = modulus_len;
-+ *outputLen = modulusLen;
- return SECSuccess;
-
- failure:
-@@ -681,22 +519,22 @@ RSA_EncryptBlock(NSSLOWKEYPublicKey * ke
- SECStatus
- pem_RSA_DecryptBlock(pemLOWKEYPrivateKey * key,
- unsigned char *output,
-- unsigned int *output_len,
-- unsigned int max_output_len,
-- unsigned char *input, unsigned int input_len)
-+ unsigned int *outputLen,
-+ unsigned int maxOutputLen,
-+ unsigned char *input, unsigned int inputLen)
- {
- SECStatus rv;
-- unsigned int modulus_len = pem_PrivateModulusLen(key);
-+ unsigned int modulusLen = pem_PrivateModulusLen(key);
- unsigned int i;
- unsigned char *buffer;
-
- PORT_Assert(key->keyType == pemLOWKEYRSAKey);
- if (key->keyType != pemLOWKEYRSAKey)
- goto failure;
-- if (input_len != modulus_len)
-+ if (inputLen != modulusLen)
- goto failure;
-
-- buffer = (unsigned char *) nss_ZAlloc(NULL, modulus_len + 1);
-+ buffer = (unsigned char *) nss_ZAlloc(NULL, modulusLen + 1);
- if (!buffer)
- goto failure;
-
-@@ -707,19 +545,19 @@ pem_RSA_DecryptBlock(pemLOWKEYPrivateKey
-
- if (buffer[0] != 0 || buffer[1] != 2)
- goto loser;
-- *output_len = 0;
-- for (i = 2; i < modulus_len; i++) {
-+ *outputLen = 0;
-+ for (i = 2; i < modulusLen; i++) {
- if (buffer[i] == 0) {
-- *output_len = modulus_len - i - 1;
-+ *outputLen = modulusLen - i - 1;
- break;
+- result->data = rsa_FormatOneBlock(modulusLen, blockType, data);
+- if (result->data == NULL) {
+ result->len = 0;
+ return SECFailure;
}
- }
-- if (*output_len == 0)
-+ if (*outputLen == 0)
- goto loser;
-- if (*output_len > max_output_len)
-+ if (*outputLen > maxOutputLen)
- goto loser;
-
-- nsslibc_memcpy(output, buffer + modulus_len - *output_len, *output_len);
-+ nsslibc_memcpy(output, buffer + modulusLen - *outputLen, *outputLen);
-
- nss_ZFreeIf(buffer);
- return SECSuccess;
-@@ -739,32 +577,32 @@ pem_RSA_DecryptBlock(pemLOWKEYPrivateKey
- SECStatus
- pem_RSA_SignRaw(pemLOWKEYPrivateKey * key,
- unsigned char *output,
-- unsigned int *output_len,
-+ unsigned int *outputLen,
- unsigned int maxOutputLen,
-- unsigned char *input, unsigned int input_len)
-+ unsigned char *input, unsigned int inputLen)
- {
- SECStatus rv = SECSuccess;
-- unsigned int modulus_len = pem_PrivateModulusLen(key);
-+ unsigned int modulusLen = pem_PrivateModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
-- if (maxOutputLen < modulus_len)
-+ if (maxOutputLen < modulusLen)
- return SECFailure;
- PORT_Assert(key->keyType == pemLOWKEYRSAKey);
- if (key->keyType != pemLOWKEYRSAKey)
- return SECFailure;
-
-- unformatted.len = input_len;
-+ unformatted.len = inputLen;
- unformatted.data = input;
- formatted.data = NULL;
-- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockRaw,
-+ rv = rsa_FormatBlock(&formatted, modulusLen, RSA_BlockRaw,
- &unformatted);
- if (rv != SECSuccess)
- goto done;
-
- rv = RSA_PrivateKeyOpDoubleChecked(&key->u.rsa, output,
- formatted.data);
-- *output_len = modulus_len;
-+ *outputLen = modulusLen;
-
- done:
- if (formatted.data != NULL)
-@@ -775,27 +613,27 @@ pem_RSA_SignRaw(pemLOWKEYPrivateKey * ke
- /* XXX Doesn't set error code */
- SECStatus
- RSA_CheckSignRaw(NSSLOWKEYPublicKey * key,
-- unsigned char *sign,
-- unsigned int sign_len,
-+ unsigned char *sig,
-+ unsigned int sigLen,
- unsigned char *hash, unsigned int hash_len)
- {
- SECStatus rv;
-- unsigned int modulus_len = pem_PublicModulusLen(key);
-+ unsigned int modulusLen = pem_PublicModulusLen(key);
- unsigned char *buffer;
-
-- if (sign_len != modulus_len)
-+ if (sigLen != modulusLen)
- goto failure;
-- if (hash_len > modulus_len)
-+ if (hash_len > modulusLen)
- goto failure;
- PORT_Assert(key->keyType == pemLOWKEYRSAKey);
- if (key->keyType != pemLOWKEYRSAKey)
- goto failure;
-
-- buffer = (unsigned char *) nss_ZAlloc(NULL, modulus_len + 1);
-+ buffer = (unsigned char *) nss_ZAlloc(NULL, modulusLen + 1);
- if (!buffer)
- goto failure;
-
-- rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sign);
-+ rv = RSA_PublicKeyOp(&key->u.rsa, buffer, sig);
- if (rv != SECSuccess)
- goto loser;
-
-@@ -803,7 +641,7 @@ RSA_CheckSignRaw(NSSLOWKEYPublicKey * ke
- * make sure we get the same results
- */
- /* NOTE: should we verify the leading zeros? */
-- if (memcmp(buffer + (modulus_len - hash_len), hash, hash_len) !=
-+ if (memcmp(buffer + (modulusLen - hash_len), hash, hash_len) !=
- 0)
- goto loser;
-
-@@ -821,25 +659,25 @@ SECStatus
- RSA_CheckSignRecoverRaw(NSSLOWKEYPublicKey * key,
- unsigned char *data,
- unsigned int *data_len,
-- unsigned int max_output_len,
-- unsigned char *sign, unsigned int sign_len)
-+ unsigned int maxOutputLen,
-+ unsigned char *sig, unsigned int sigLen)
- {
- SECStatus rv;
-- unsigned int modulus_len = pem_PublicModulusLen(key);
-+ unsigned int modulusLen = pem_PublicModulusLen(key);
-
-- if (sign_len != modulus_len)
-+ if (sigLen != modulusLen)
- goto failure;
-- if (max_output_len < modulus_len)
-+ if (maxOutputLen < modulusLen)
- goto failure;
- PORT_Assert(key->keyType == pemLOWKEYRSAKey);
- if (key->keyType != pemLOWKEYRSAKey)
- goto failure;
-
-- rv = RSA_PublicKeyOp(&key->u.rsa, data, sign);
-+ rv = RSA_PublicKeyOp(&key->u.rsa, data, sig);
- if (rv != SECSuccess)
- goto failure;
-
-- *data_len = modulus_len;
-+ *data_len = modulusLen;
- return SECSuccess;
-
- failure:
-@@ -851,26 +689,26 @@ RSA_CheckSignRecoverRaw(NSSLOWKEYPublicK
- SECStatus
- RSA_EncryptRaw(NSSLOWKEYPublicKey * key,
- unsigned char *output,
-- unsigned int *output_len,
-- unsigned int max_output_len,
-- unsigned char *input, unsigned int input_len)
-+ unsigned int *outputLen,
-+ unsigned int maxOutputLen,
-+ unsigned char *input, unsigned int inputLen)
- {
- SECStatus rv;
-- unsigned int modulus_len = pem_PublicModulusLen(key);
-+ unsigned int modulusLen = pem_PublicModulusLen(key);
- SECItem formatted;
- SECItem unformatted;
-
- formatted.data = NULL;
-- if (max_output_len < modulus_len)
-+ if (maxOutputLen < modulusLen)
- goto failure;
- PORT_Assert(key->keyType == pemLOWKEYRSAKey);
- if (key->keyType != pemLOWKEYRSAKey)
- goto failure;
-
-- unformatted.len = input_len;
-+ unformatted.len = inputLen;
- unformatted.data = input;
- formatted.data = NULL;
-- rv = rsa_FormatBlock(&formatted, modulus_len, RSA_BlockRaw,
-+ rv = rsa_FormatBlock(&formatted, modulusLen, RSA_BlockRaw,
- &unformatted);
- if (rv != SECSuccess)
- goto failure;
-@@ -880,7 +718,7 @@ RSA_EncryptRaw(NSSLOWKEYPublicKey * key,
- goto failure;
-
- nss_ZFreeIf(formatted.data);
-- *output_len = modulus_len;
-+ *outputLen = modulusLen;
- return SECSuccess;
-
- failure:
-@@ -893,21 +731,21 @@ RSA_EncryptRaw(NSSLOWKEYPublicKey * key,
- SECStatus
- pem_RSA_DecryptRaw(pemLOWKEYPrivateKey * key,
- unsigned char *output,
-- unsigned int *output_len,
-- unsigned int max_output_len,
-- unsigned char *input, unsigned int input_len)
-+ unsigned int *outputLen,
-+ unsigned int maxOutputLen,
-+ unsigned char *input, unsigned int inputLen)
- {
- SECStatus rv;
-- unsigned int modulus_len = pem_PrivateModulusLen(key);
-+ unsigned int modulusLen = pem_PrivateModulusLen(key);
-
-- if (modulus_len <= 0)
-+ if (modulusLen <= 0)
- goto failure;
-- if (modulus_len > max_output_len)
-+ if (modulusLen > maxOutputLen)
- goto failure;
- PORT_Assert(key->keyType == pemLOWKEYRSAKey);
- if (key->keyType != pemLOWKEYRSAKey)
- goto failure;
-- if (input_len != modulus_len)
-+ if (inputLen != modulusLen)
- goto failure;
-
- rv = RSA_PrivateKeyOp(&key->u.rsa, output, input);
-@@ -915,7 +753,7 @@ pem_RSA_DecryptRaw(pemLOWKEYPrivateKey *
- goto failure;
- }
-
-- *output_len = modulus_len;
-+ *outputLen = modulusLen;
- return SECSuccess;
-
- failure:
More information about the scm-commits
mailing list