~ubuntu-branches/ubuntu/raring/nss/raring-security

Viewing changes to mozilla/security/nss/lib/pkcs12/p12e.c

Committer: Bazaar Package Importer
Author(s): Chris Coulson
Date: 2010-10-04 22:29:19 UTC
mfrom: (1.1.13 upstream) (24.1.1 maverick-security)
Revision ID: james.westby@ubuntu.com-20101004222919-f94922gs962h6hnp

Tags: 3.12.8-0ubuntu0.10.10.1

* New upstream release v3.12.8 (NSS_3_12_8_RTM)
  - Fix browser wildcard certificate validation issue
  - Update root certs
  - Fix SSL deadlocks
* Refresh patches:
  - update debian/patches/38_kbsd.patch
  - update debian/patches/97_SSL_RENEGOTIATE_TRANSITIONAL.patch

files modified:
debian/changelog

debian/patches/38_kbsd.patch

debian/patches/97_SSL_RENEGOTIATE_TRANSITIONAL.patch

mozilla/security/coreconf/Darwin.mk

mozilla/security/coreconf/Linux.mk

mozilla/security/coreconf/WIN32.mk

mozilla/security/coreconf/headers.mk

mozilla/security/nss/cmd/certutil/certutil.c

mozilla/security/nss/cmd/lib/SECerrs.h

mozilla/security/nss/cmd/lib/SSLerrs.h

mozilla/security/nss/cmd/lib/secutil.c

mozilla/security/nss/cmd/lib/secutil.h

mozilla/security/nss/cmd/pk12util/pk12util.c

mozilla/security/nss/cmd/strsclnt/strsclnt.c

mozilla/security/nss/cmd/tstclnt/tstclnt.c

mozilla/security/nss/lib/certdb/certdb.c

mozilla/security/nss/lib/certhigh/certhtml.c

mozilla/security/nss/lib/certhigh/certreq.c

mozilla/security/nss/lib/ckfw/builtins/certdata.c

mozilla/security/nss/lib/ckfw/builtins/certdata.txt

mozilla/security/nss/lib/ckfw/builtins/nssckbi.h

mozilla/security/nss/lib/crmf/servget.c

mozilla/security/nss/lib/freebl/Makefile

mozilla/security/nss/lib/freebl/config.mk

mozilla/security/nss/lib/freebl/ldvector.c

mozilla/security/nss/lib/jar/jar.h

mozilla/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c

mozilla/security/nss/lib/nss/nss.h

mozilla/security/nss/lib/pk11wrap/debug_module.c

mozilla/security/nss/lib/pk11wrap/pk11auth.c

mozilla/security/nss/lib/pkcs12/p12d.c

mozilla/security/nss/lib/pkcs12/p12e.c

mozilla/security/nss/lib/smime/cmssiginfo.c

mozilla/security/nss/lib/softoken/legacydb/keydb.c

mozilla/security/nss/lib/softoken/legacydb/manifest.mn

mozilla/security/nss/lib/softoken/manifest.mn

mozilla/security/nss/lib/softoken/pkcs11.c

mozilla/security/nss/lib/softoken/sdb.c

mozilla/security/nss/lib/softoken/sdb.h

mozilla/security/nss/lib/softoken/softkver.h

mozilla/security/nss/lib/ssl/ssl.h

mozilla/security/nss/lib/ssl/ssl3con.c

mozilla/security/nss/lib/ssl/ssl3gthr.c

mozilla/security/nss/lib/ssl/sslauth.c

mozilla/security/nss/lib/ssl/sslerr.h

mozilla/security/nss/lib/ssl/sslimpl.h

mozilla/security/nss/lib/ssl/sslinfo.c

mozilla/security/nss/lib/ssl/sslreveal.c

mozilla/security/nss/lib/ssl/sslsecur.c

mozilla/security/nss/lib/ssl/sslsock.c

mozilla/security/nss/lib/util/nssutil.h

mozilla/security/nss/lib/util/secoid.c

mozilla/security/nss/tests/ssl/sslstress.txt

Show diffs side-by-side

added added

removed removed

mozilla/security/nss/lib/pkcs12/p12e.c

162

typedef struct sec_PKCS12EncoderContextStr {

163

PRArenaPool *arena;

164

SEC_PKCS12ExportContext *p12exp;

165

PK11SymKey *encryptionKey;

166

165

167

166

/* encoder information - this is set up based on whether

168

167

* password based or public key pased privacy is being used

1478

1477

* Encoding routines

1479

1478

*********************************/

1480

1479

1480

/* Clean up the resources allocated by a sec_PKCS12EncoderContext. */

1481

static void

1482

sec_pkcs12_encoder_destroy_context(sec_PKCS12EncoderContext *p12enc)

1483

{

1484

if(p12enc) {

1485

if(p12enc->outerA1ecx) {

1486

SEC_ASN1EncoderFinish(p12enc->outerA1ecx);

1487

p12enc->outerA1ecx = NULL;

1488

}

1489

if(p12enc->aSafeCinfo) {

1490

SEC_PKCS7DestroyContentInfo(p12enc->aSafeCinfo);

1491

p12enc->aSafeCinfo = NULL;

1492

}

1493

if(p12enc->middleP7ecx) {

1494

SEC_PKCS7EncoderFinish(p12enc->middleP7ecx, p12enc->p12exp->pwfn,

1495

p12enc->p12exp->pwfnarg);

1496

p12enc->middleP7ecx = NULL;

1497

}

1498

if(p12enc->middleA1ecx) {

1499

SEC_ASN1EncoderFinish(p12enc->middleA1ecx);

1500

p12enc->middleA1ecx = NULL;

1501

}

1502

if(p12enc->hmacCx) {

1503

PK11_DestroyContext(p12enc->hmacCx, PR_TRUE);

1504

p12enc->hmacCx = NULL;

1505

}

1506

}

1507

}

1508

1481

1509

/* set up the encoder context based on information in the export context

1482

1510

* and return the newly allocated enocoder context. A return of NULL

1483

1511

* indicates an error occurred.

1484

1512

1485

sec_PKCS12EncoderContext *

1513

static sec_PKCS12EncoderContext *

1486

1514

sec_pkcs12_encoder_start_context(SEC_PKCS12ExportContext *p12exp)

1487

1515

{

1488

1516

sec_PKCS12EncoderContext *p12enc = NULL;

1573

1601

}

1574

1602

if(SECITEM_CopyItem(p12exp->arena, &(p12enc->mac.macSalt), salt)

1575

1603

!= SECSuccess) {

1604

/* XXX salt is leaked */

1576

1605

PORT_SetError(SEC_ERROR_NO_MEMORY);

1577

1606

goto loser;

1578

1607

}

1581

1610

if(!sec_pkcs12_convert_item_to_unicode(NULL, &pwd,

1582

1611

p12exp->integrityInfo.pwdInfo.password, PR_TRUE,

1583

1612

PR_TRUE, PR_TRUE)) {

1613

/* XXX salt is leaked */

1584

1614

goto loser;

1585

1615

}

1586

1616

1601

1631

case SEC_OID_MD2:

1602

1632

integrityMechType = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN; break;

1603

1633

default:

1634

/* XXX params is leaked */

1604

1635

goto loser;

1605

1636

}

1606

1637

1639

1670

return p12enc;

1640

1671

1641

1672

loser:

1642

if(p12enc) {

1643

if(p12enc->aSafeCinfo) {

1644

SEC_PKCS7DestroyContentInfo(p12enc->aSafeCinfo);

1645

}

1646

if(p12enc->hmacCx) {

1647

PK11_DestroyContext(p12enc->hmacCx, PR_TRUE);

1648

}

1649

}

1673

sec_pkcs12_encoder_destroy_context(p12enc);

1650

1674

if (p12exp->arena != NULL)

1651

1675

PORT_ArenaRelease(p12exp->arena, mark);

1652

1676

2018

2042

SEC_ASN1EncoderClearStreaming(p12enc->middleA1ecx);

2019

2043

SEC_ASN1EncoderUpdate(p12enc->middleA1ecx, NULL, 0);

2020

2044

SEC_ASN1EncoderFinish(p12enc->middleA1ecx);

2045

p12enc->middleA1ecx = NULL;

2021

2046

2022

2047

sec_FlushPkcs12OutputBuffer( &p12enc->middleBuf);

2023

2048

2024

2049

/* finish the encoding of the authenticated safes */

2025

2050

rv = SEC_PKCS7EncoderFinish(p12enc->middleP7ecx, p12exp->pwfn,

2026

2051

p12exp->pwfnarg);

2052

p12enc->middleP7ecx = NULL;

2027

2053

if(rv != SECSuccess) {

2028

2054

goto loser;

2029

2055

}

2041

2067

rv = SEC_ASN1EncoderUpdate(p12enc->outerA1ecx, NULL, 0);

2042

2068

2043

2069

SEC_ASN1EncoderFinish(p12enc->outerA1ecx);

2070

p12enc->outerA1ecx = NULL;

2044

2071

2045

2072

loser:

2073

sec_pkcs12_encoder_destroy_context(p12enc);

2046

2074

return rv;

2047

2075

}

2048

2076

2072

2100

2073

2101

PORT_FreeArena(p12ecx->arena, PR_TRUE);

2074

2102

}

2075

Older »