Closed
Bug 981170
Opened 11 years ago
Closed 11 years ago
AESKeyWrap_Decrypt returns SECSuccess for invalid keys
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.16
People
(Reporter: ryan.sleevi, Assigned: ryan.sleevi)
Details
Attachments
(1 file)
|
590 bytes,
patch
|
wtc
:
review+
wtc
:
checked-in+
|
Details | Diff | Splinter Review |
AESKeyWrap_Decrypt currently returns SECSuccess when an operation fails, instead setting pOutputLen to 0.
As a result, NSC_Decrypt / NSC_UnwrapKey fail to detect an error has occurred, and instead create a new key object with uninitialized data.
|
Assignee | |
Updated•11 years ago
|
OS: Windows 7 → All
Hardware: x86_64 → All
|
|
Assignee | |
Comment 1•11 years ago
|
||
Attachment #8387942 -
Flags: review?(wtc)
|
||
Comment 2•11 years ago
|
||
Comment on attachment 8387942 [details] [diff] [review]
patch_1.diff
Review of attachment 8387942 [details] [diff] [review]:
-----------------------------------------------------------------
r=wtc.
Attachment #8387942 -
Flags: review?(wtc) → review+
|
|
||
Comment 3•11 years ago
|
||
Comment on attachment 8387942 [details] [diff] [review]
patch_1.diff
Review of attachment 8387942 [details] [diff] [review]:
-----------------------------------------------------------------
Kai checked this in last week:
https://hg.mozilla.org/projects/nss/rev/753bb69e543c
Attachment #8387942 -
Flags: checked-in+
|
|
||
Comment 4•11 years ago
|
||
Fixed in NSS 3.16.
The AESKeyWrap_Decrypt function was added in NSS 3.8 in bug 167818
(https://hg.mozilla.org/projects/nss/rev/f244a2f439e3).
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Priority: -- → P2
Resolution: --- → FIXED
Target Milestone: 3.16.1 → 3.16
Version: 3.16.1 → 3.8
You need to log in
before you can comment on or make changes to this bug.
Description
•