mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-28 12:45:27 +00:00
fixes for 95135 and 95150, find DSA keys that start with a leading 0
This commit is contained in:
parent
c2bf0b573d
commit
c64ee802b4
@ -2111,6 +2111,18 @@ pk11_GetPrivKey(PK11Object *object,CK_KEY_TYPE key_type)
|
||||
priv=SECKEY_FindKeyByPublicKey(SECKEY_GetDefaultKeyDB(),&pubKey,
|
||||
(SECKEYGetPasswordKey) pk11_givePass,
|
||||
object->slot);
|
||||
if (!priv && pubKey.data[0] == 0) {
|
||||
/* Because of legacy code issues, sometimes the public key has
|
||||
* a '0' prepended to it, forcing it to be unsigned. The database
|
||||
* does not store that '0', so catch that failure here.
|
||||
*/
|
||||
SECItem tmpPubKey;
|
||||
tmpPubKey.data = pubKey.data + 1;
|
||||
tmpPubKey.len = pubKey.len - 1;
|
||||
priv=SECKEY_FindKeyByPublicKey(SECKEY_GetDefaultKeyDB(),&tmpPubKey,
|
||||
(SECKEYGetPasswordKey) pk11_givePass,
|
||||
object->slot);
|
||||
}
|
||||
if (pubKey.data) PORT_Free(pubKey.data);
|
||||
|
||||
/* don't 'cache' DB private keys */
|
||||
|
@ -749,6 +749,17 @@ pk11_DestroyObject(PK11Object *object)
|
||||
crv=pk11_Attribute2SecItem(NULL,&pubKey,object,CKA_NETSCAPE_DB);
|
||||
if (crv != CKR_OK) break;
|
||||
rv = SECKEY_DeleteKey(SECKEY_GetDefaultKeyDB(), &pubKey);
|
||||
if (rv != SECSuccess && pubKey.data[0] == 0) {
|
||||
/* Because of legacy code issues, sometimes the public key
|
||||
* has a '0' prepended to it, forcing it to be unsigned.
|
||||
* The database does not store that '0', so catch that
|
||||
* failure here.
|
||||
*/
|
||||
SECItem tmpPubKey;
|
||||
tmpPubKey.data = pubKey.data + 1;
|
||||
tmpPubKey.len = pubKey.len - 1;
|
||||
rv = SECKEY_DeleteKey(SECKEY_GetDefaultKeyDB(), &tmpPubKey);
|
||||
}
|
||||
if (rv != SECSuccess) crv= CKR_DEVICE_ERROR;
|
||||
break;
|
||||
case PK11_TOKEN_TYPE_CERT:
|
||||
|
Loading…
Reference in New Issue
Block a user