Closed
Bug 276310
Opened 20 years ago
Closed 19 years ago
PK11_DigestFinal will return SECSuccess despite DigestOp never being called
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
INVALID
3.10
People
(Reporter: jason.m.reid, Assigned: wtc)
Details
digest = (unsigned char *)malloc((MD2_LENGTH + 1)*sizeof(unsigned char));
digestContext = PK11_CreateDigestContext(SEC_OID_MD2);
if (NULL == digestContext) {
fprintf(stderr,
"ERROR: PK11_CreateDigestContext(SEC_OID_MD2) failed.\n");
rv++;
}
secStatus = PK11_DigestBegin(digestContext);
if (SECSuccess != secStatus) {
fprintf(stderr,"ERROR: PK11_DigestBegin failed\n");
rv++;
}
secStatus = PK11_DigestFinal(digestContext, digest, &counter,
(MD2_LENGTH + 1));
if (secStatus == SECSuccess) {
fprintf(stderr,"ERROR: PK11_DigestFinal returned success for a
digest without PK11_DigestOp ever being called.\n");
rv++;
} else {
fprintf(stderr, "ERROR: PK11_DigestFinal failed (expected)\n");
}
PK11_DestroyContext(digestContext, PR_TRUE);
free(digest);
In the above code, PK11_DigestFinal returns SECSuccess and a digest value
is inserted into digest despite PK11_DigestOp never being called. This gives the
false impression that a valid digest has been computed.
ERROR: PK11_DigestFinal returned success for a digest without PK11_DigestOp ever
being called.
|
Assignee | |
Comment 1•20 years ago
|
||
If PK11_DigestOp is never called, that can be interpreted as hashing a zero-byte input. Is a zero-byte input legal? If so, does PK11_DigestFinal write the correct digest value into the digest? If a zero-byte input is illegal, then I agree PK11_DigestFinal should fail if PK11_DigestOp is never called.
|
||
Comment 2•20 years ago
|
||
Zero byte input is legal for all hashes we support.
|
|
||
Comment 3•19 years ago
|
||
Marked invalid per previous comment.
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → INVALID
|
|
Assignee | |
Updated•19 years ago
|
Target Milestone: --- → 3.10
You need to log in
before you can comment on or make changes to this bug.
Description
•