Commit f367b94c authored by Daiki Ueno's avatar Daiki Ueno

Bug 1353724, fix key length calculation for PKCS#5 DES-EDE3-CBC-Pad, r=rrelyea

parent c546432a
......@@ -370,6 +370,13 @@ sec_pkcs5v2_key_length(SECAlgorithmID *algid, SECAlgorithmID *cipherAlgId)
length = sec_pkcs5v2_aes_key_length(cipherAlg);
} else if (p5_param.keyLength.data != NULL) {
length = DER_GetInteger(&p5_param.keyLength);
} else {
CK_MECHANISM_TYPE cipherMech;
cipherMech = PK11_AlgtagToMechanism(cipherAlg);
if (cipherMech == CKM_INVALID_MECHANISM) {
goto loser;
}
length = PK11_GetMaxKeyLength(cipherMech);
}
loser:
......
......@@ -106,6 +106,7 @@ CK_OBJECT_HANDLE PK11_FindObjectForCert(CERTCertificate *cert,
void *wincx, PK11SlotInfo **pSlot);
PK11SymKey *pk11_CopyToSlot(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey);
unsigned int pk11_GetPredefinedKeyLength(CK_KEY_TYPE keyType);
/**********************************************************************
* Certs
......
......@@ -2291,6 +2291,14 @@ PK11_GetMaxKeyLength(CK_MECHANISM_TYPE mechanism)
}
}
}
/* fallback to pk11_GetPredefinedKeyLength for fixed key size algorithms */
if (keyLength == 0) {
CK_KEY_TYPE keyType;
keyType = PK11_GetKeyType(mechanism, 0);
keyLength = pk11_GetPredefinedKeyLength(keyType);
}
if (le)
PK11_FreeSlotListElement(list, le);
if (freeit)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment