Closed Bug 325494 Opened 18 years ago Closed 18 years ago

Multipart verification broken for CKM_ECDSA_SHA1

Categories

(NSS :: Libraries, defect, P1)

3.11

Tracking

(Not tracked)

RESOLVED FIXED
3.11.1

People

(Reporter: andreas.st, Assigned: wtc)

Details

Attachments

(1 file)

The issue reported and fixed in 191467 for CKM_DSA_SHA1 still exists for CKM_ECDSA_SHA1. context->multi is incorrectly set to false for CKM_DSA_SHA1, so multi part verification operations do not work. The fix is to delete the assignment, which is unnecessary as context->multi is set to false at the beginning of the function.

===
From pkcs11c.c:NSC_VerifyInit:

    case CKM_ECDSA_SHA1:
        context->multi = PR_TRUE;
        crv = sftk_doSubSHA1(context);
        if (crv != CKR_OK) break;
        /* fall through */
    case CKM_ECDSA:
        if (key_type != CKK_EC) {
            crv = CKR_KEY_TYPE_INCONSISTENT;
            break;
        }
/*      context->multi = PR_FALSE; DELETE THIS LINE */
        pubKey = sftk_GetPubKey(key,CKK_EC,&crv);
===
I gave this patch r=wtc.
Attachment #210417 - Flags: superreview?(nelson)
Attachment #210417 - Flags: review?(rrelyea)
Comment on attachment 210417 [details] [diff] [review]
Patch proposed by Andreas

r+=rrelyea
this function defaults to multi=PR_FALSE (the most common usage in NSS), so the patch is correct.
Attachment #210417 - Flags: review?(rrelyea) → review+
Attachment #210417 - Flags: review+
Comment on attachment 210417 [details] [diff] [review]
Patch proposed by Andreas

sr=nelson.bolyard
Attachment #210417 - Flags: superreview?(nelson) → superreview+
Checked in on 3.11 branch
Checking in pkcs11c.c;  new revision: 1.68.2.2; previous revision: 1.68.2.1

Trunk checkin delayed due to change of my CVS login name :-/
Wan-Teh, would you care to checkin on the trunk?
Status: NEW → ASSIGNED
Priority: -- → P1
I checked in the patch on the NSS trunk (3.12).
pkcs11c.c, revision 1.72

Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: