Closed Bug 183364 Opened 22 years ago Closed 2 years ago

RSA funcs should declare all input buffers as const

Categories

(NSS :: Libraries, defect, P3)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: nelson, Unassigned)

Details

(Whiteboard: FIPS) 

Recently I changed all BLAPI's symmetric block ciphers to treat their 
input buffers as const.  Now I need to do the same thing for RSA, and
perhaps other non-symmetric algorithms.  

A change was made to fipstest.c to cast some const input buffers to 
unsigned char * specifically to eliminate errors from CodeWarrior compilers. 
When these casts are no longer needed, they should be removed.
This is merely a cleanup excersize.
Severity: normal → minor
Priority: -- → P3
Nelson, we don't support CodeWarrior compilers on
Mac OS X now.  Do you think it's time to remove
these casts?
Nelson, my previous comment may be wrong because I
suspect I misunderstood the description of this bug.
This bug is targeted at a Mac classic platform/OS, which is no longer supported
by mozilla.org. Please re-target it to another platform/OS if this bug applies
there as well or resolve this bug.

I will resolve this bug as WONTFIX in four weeks if no action has been taken.
To filter this and similar messages out, please filter for "mac_cla_reorg".
CHanging the target platform to ALL.
The steps to resolving this bug are:
1. Ensure that ALL BLAPI functions declare their input pointers  as pointers 
   to const, then
2. change fipstest.c to remove all the casts that cast away const for calls 
   to BLAPI functions.
OS: Mac System 9.x → All
Hardware: Macintosh → All
The casts that I'd like to eliminate are those that were added in rev 1.5 
of fipstest.c.  Those casts fall into two groups:

1. casts needed because the function being called didn't declare its input
buffer pointers as pointers to const.  The functions declared in blapi.h 
have been fixed, IINM.  The functions that remain to be fixed are the ones
declared in lib/softoken/softoken.h which include:

RSA_FormatBlock
RSA_FormatOneBlock
RSA_Sign
RSA_CheckSign
RSA_CheckSignRecover
RSA_EncryptBlock
RSA_DecryptBlock
RSA_SignRaw
RSA_CheckSignRaw
RSA_CheckSignRecoverRaw
RSA_EncryptRaw
RSA_DecryptRaw

2. casts needed to assign (or initialize) pointers in structs where the 
type of the pointer in the struct declaration is not pointer to const.  
Most of the pointers in fipstest.c v1.5 are for this problem.  

I don't know of a good solution to this latter problem.  
Take SECItem, for example.  We could declare a new struct SECItemConst that
is identical to SECItem except that the data pointer is a pointer to const.
But it would not be possible to pass one of those structs to a function that
expects a SECItem without a different cast.  We could change functions
to require a SECItemConst argument, but I think propagating that change 
would be worse than propagating const declarations in functions (but maybe
I'm wrong about that).
Summary: BLAPI funcs should declare all input buffers as const → RSA funcs should declare all input buffers as const
QA Contact: bishakhabanerjee → jason.m.reid
QA Contact: jason.m.reid → libraries
Blocks: FIPS2008
Whiteboard: FIPS
If this bug is completed by Nov17 2008 it will be included in the FIPS2008 validation otherwise it will be dropped for a later release.
removed from FIPS2009. will consider for future release.
No longer blocks: FIPS2008
Assignee: nelson → nobody
Severity: minor → S4

From what I understood, the bug has already been resolved. Closing.

Feel free to reopen if needed.

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.