Closed
Bug 1528174
Opened 4 years ago
Closed 4 years ago
ChaCha20Poly1305 modifies output length on failure
Categories
(NSS :: Libraries, defect, P1)
NSS
Libraries
Tracking
(Not tracked)
RESOLVED
FIXED
3.45
People
(Reporter: mt, Assigned: mt)
Details
Attachments
(1 file)
I know that we make no promises about the state of outparams when operations fail, but generally we try to avoid touching outparam values unless things work.
CKM_NSS_CHACHA20_POLY1305 touches the length of the output when it fails. It probably shouldn't.
Assignee | ||
Comment 1•4 years ago
|
||
This modifies the encrypt/decrypt paths to only modify their outparams
when the operation succeeds. I wasn't thorough, but the tests pass.
Assignee | ||
Comment 2•4 years ago
|
||
As it happens, all of the encrypt/decrypt routines touched the outparam on failure. I've tweaked the code so that they don't.
Updated•4 years ago
|
Assignee: nobody → martin.thomson
Status: NEW → ASSIGNED
Priority: -- → P1
Comment 3•4 years ago
|
||
There's a r+ patch which didn't land and no activity in this bug for 2 weeks.
:mt, could you have a look please?
For more information, please visit auto_nag documentation.
Flags: needinfo?(mt)
Assignee | ||
Comment 4•4 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Flags: needinfo?(mt)
Resolution: --- → FIXED
Target Milestone: --- → 3.45
You need to log in
before you can comment on or make changes to this bug.
Description
•