Commit 376da7d4 authored by Franziskus Kiefer's avatar Franziskus Kiefer

Bug 1460673 - handle p12 properly, r=ttaubert

Differential Revision: https://phabricator.services.mozilla.com/D1295

--HG--
extra : rebase_source : 3bf6646352a05b65a29b76cbc06510ce93fd1050
extra : amend_source : d572d1c0915d74348207c44db2f1a56d191d05a2
extra : histedit_source : 8e185e4a7d6e8550df49a0fe5826fb992d82fd00%2Cbd442a581f37e5cd0929fc4d2ec59df576f2590b
parent 0ea280c1
......@@ -13,6 +13,7 @@
#include "pk11pub.h"
#include "pkcs11uri.h"
#include "sslexp.h"
#include "p12.h"
struct ScopedDelete {
void operator()(CERTCertificate* cert) { CERT_DestroyCertificate(cert); }
......@@ -41,6 +42,9 @@ struct ScopedDelete {
void operator()(SSLResumptionTokenInfo* token) {
SSL_DestroyResumptionTokenInfo(token);
}
void operator()(SEC_PKCS12DecoderContext* dcx) {
SEC_PKCS12DecoderFinish(dcx);
}
};
template <class T>
......@@ -73,6 +77,7 @@ SCOPED(PLArenaPool);
SCOPED(PK11Context);
SCOPED(PK11GenericObject);
SCOPED(SSLResumptionTokenInfo);
SCOPED(SEC_PKCS12DecoderContext);
#undef SCOPED
......
......@@ -13,6 +13,7 @@
'sources': [
'der_getint_unittest.cc',
'der_quickder_unittest.cc',
'p12_import_unittest.cc',
'<(DEPTH)/gtests/common/gtests.cc'
],
'dependencies': [
......@@ -21,6 +22,8 @@
'<(DEPTH)/lib/util/util.gyp:nssutil3',
'<(DEPTH)/lib/ssl/ssl.gyp:ssl3',
'<(DEPTH)/lib/nss/nss.gyp:nss3',
'<(DEPTH)/lib/pkcs12/pkcs12.gyp:pkcs12',
'<(DEPTH)/lib/pkcs7/pkcs7.gyp:pkcs7',
]
}
],
......
......@@ -9,6 +9,7 @@ MODULE = nss
CPPSRCS = \
der_getint_unittest.cc \
der_quickder_unittest.cc \
p12_import_unittest.cc \
$(NULL)
INCLUDES += -I$(CORE_DEPTH)/gtests/google_test/gtest/include \
......
This diff is collapsed.
......@@ -813,6 +813,7 @@ sec_pkcs12_decoder_asafes_notify(void *arg, PRBool before, void *dest,
unsigned int cnt = p12dcx->safeContentsCnt - 1;
safeContentsCtx = p12dcx->safeContentsList[cnt];
if (safeContentsCtx->safeContentsA1Dcx) {
SEC_ASN1DecoderClearFilterProc(p12dcx->aSafeA1Dcx);
SEC_ASN1DecoderFinish(safeContentsCtx->safeContentsA1Dcx);
safeContentsCtx->safeContentsA1Dcx = NULL;
}
......
......@@ -560,6 +560,7 @@ sec_pkcs7_decoder_start_decrypt(SEC_PKCS7DecoderContext *p7dcx, int depth,
return SECSuccess;
no_decryption:
PK11_FreeSymKey(bulkkey);
/*
* For some reason (error set already, if appropriate), we cannot
* decrypt the content. I am not sure what exactly is the right
......@@ -1031,6 +1032,11 @@ SECStatus
SEC_PKCS7DecoderUpdate(SEC_PKCS7DecoderContext *p7dcx,
const char *buf, unsigned long len)
{
if (!p7dcx) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
if (p7dcx->cinfo != NULL && p7dcx->dcx != NULL) {
PORT_Assert(p7dcx->error == 0);
if (p7dcx->error == 0) {
......
......@@ -175,7 +175,7 @@ static int /* bool */
}
}
} else {
sprintf(buf, " [%d]", k);
sprintf(buf, " [%lu]", k);
}
buf += strlen(buf);
......@@ -982,7 +982,7 @@ sec_asn1d_prepare_for_contents(sec_asn1d_state *state)
#ifdef DEBUG_ASN1D_STATES
{
printf("Found Length %d %s\n", state->contents_length,
printf("Found Length %lu %s\n", state->contents_length,
state->indefinite ? "indefinite" : "");
}
#endif
......@@ -2717,16 +2717,15 @@ dump_states(SEC_ASN1DecoderContext *cx)
}
i = formatKind(state->theTemplate->kind, kindBuf);
printf("%s: tmpl %08x, kind%s",
printf("%s: tmpl kind %s",
(state == cx->current) ? "STATE" : "State",
state->theTemplate,
kindBuf);
printf(" %s", (state->place >= 0 && state->place <= notInUse) ? place_names[state->place] : "(undefined)");
if (!i)
printf(", expect 0x%02x",
printf(", expect 0x%02lx",
state->expect_tag_number | state->expect_tag_modifiers);
printf("%s%s%s %d\n",
printf("%s%s%s %lu\n",
state->indefinite ? ", indef" : "",
state->missing ? ", miss" : "",
state->endofcontents ? ", EOC" : "",
......@@ -2754,7 +2753,7 @@ SEC_ASN1DecoderUpdate(SEC_ASN1DecoderContext *cx,
what = SEC_ASN1_Contents;
consumed = 0;
#ifdef DEBUG_ASN1D_STATES
printf("\nPLACE = %s, next byte = 0x%02x, %08x[%d]\n",
printf("\nPLACE = %s, next byte = 0x%02x, %p[%lu]\n",
(state->place >= 0 && state->place <= notInUse) ? place_names[state->place] : "(undefined)",
len ? (unsigned int)((unsigned char *)buf)[consumed] : 0,
buf, consumed);
......@@ -2977,7 +2976,7 @@ SEC_ASN1DecoderFinish(SEC_ASN1DecoderContext *cx)
{
SECStatus rv;
if (cx->status == needBytes) {
if (!cx || cx->status == needBytes) {
PORT_SetError(SEC_ERROR_BAD_DER);
rv = SECFailure;
} else {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment