Closed Bug 981170 Opened 6 years ago Closed 6 years ago

AESKeyWrap_Decrypt returns SECSuccess for invalid keys

Categories

(NSS :: Libraries, defect, P2)

defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: ryan.sleevi, Assigned: ryan.sleevi)

Details

Attachments

(1 file)

AESKeyWrap_Decrypt currently returns SECSuccess when an operation fails, instead setting pOutputLen to 0.

As a result, NSC_Decrypt / NSC_UnwrapKey fail to detect an error has occurred, and instead create a new key object with uninitialized data.
OS: Windows 7 → All
Hardware: x86_64 → All
Attached patch patch_1.diffSplinter Review
Attachment #8387942 - Flags: review?(wtc)
Comment on attachment 8387942 [details] [diff] [review]
patch_1.diff

Review of attachment 8387942 [details] [diff] [review]:
-----------------------------------------------------------------

r=wtc.
Attachment #8387942 - Flags: review?(wtc) → review+
Comment on attachment 8387942 [details] [diff] [review]
patch_1.diff

Review of attachment 8387942 [details] [diff] [review]:
-----------------------------------------------------------------

Kai checked this in last week:
https://hg.mozilla.org/projects/nss/rev/753bb69e543c
Attachment #8387942 - Flags: checked-in+
Fixed in NSS 3.16.

The AESKeyWrap_Decrypt function was added in NSS 3.8 in bug 167818
(https://hg.mozilla.org/projects/nss/rev/f244a2f439e3).
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Priority: -- → P2
Resolution: --- → FIXED
Target Milestone: 3.16.1 → 3.16
Version: 3.16.1 → 3.8
You need to log in before you can comment on or make changes to this bug.