Closed Bug 75770 Opened 23 years ago Closed 23 years ago

RSA_NewKey returns an incomplete key

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Platform:
Sun
Solaris
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: jamie-bugzilla, Assigned: bugz)

Details

Under certain circumstances, RSA_NewKey will return an incomplete key. This
causes a SEGV in the PKCS #11 code when it tries to access one of the key's
components, which is NULL.

Here's what happens: in the do loop at rsa.c:261, rsa_keygen_from_primes fails,
with PORT_GetError() returning SEC_ERROR_NEED_RANDOM, which gets stored into
prerr. Then the loop repeats, and this time rsa_keygen_from_primes returns
SECSuccess, so we break out of the loop. However, prerr is still
SEC_ERROR_NEED_RANDOM, so after the loop we "goto cleanup" before setting
key->prime1 and key->prime2.

Cleanup thinks the operation was a success because err is 0 and rv is
SECSuccess, so it returns the incomplete key as if nothing was wrong.
Fixed by setting prerr=0 at the beginning of the loop each time. Reviewed by
mcgreer and nelsonb.

Checked in the following change to rsa.c on the tip:

RCS file: /cvsroot/mozilla/security/nss/lib/freebl/rsa.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -r1.24 -r1.25
38c38
<  * $Id: rsa.c,v 1.24 2001/01/31 15:49:19 mcgreer%netscape.com Exp $
---
>  * $Id: rsa.c,v 1.25 2001/04/12 20:23:42 nicolson%netscape.com Exp $
261a262
>       prerr = 0;

Marking this fixed.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.