diff options
author | Jack Magne <jmagne@localhost.localdomain> | 2015-04-17 17:55:05 -0700 |
---|---|---|
committer | Jack Magne <jmagne@localhost.localdomain> | 2015-04-17 17:56:01 -0700 |
commit | 4e7c48121aed229e21302e0b8a0c3096b3e851bd (patch) | |
tree | ce388cf6c1e3eac0d5e6b9a8a715cfc4b3085789 /base/symkey/src | |
parent | 6b6416888a90a75ca0a2c9b78bb88a4e217cc14b (diff) | |
download | pki-4e7c48121aed229e21302e0b8a0c3096b3e851bd.tar.gz pki-4e7c48121aed229e21302e0b8a0c3096b3e851bd.tar.xz pki-4e7c48121aed229e21302e0b8a0c3096b3e851bd.zip |
Bug 1186896 - NIST SP800-108 KDF - add sanity checking.
Diffstat (limited to 'base/symkey/src')
-rw-r--r-- | base/symkey/src/com/netscape/symkey/NistSP800_108KDF.cpp | 9 | ||||
-rw-r--r-- | base/symkey/src/com/netscape/symkey/SymKey.cpp | 4 |
2 files changed, 12 insertions, 1 deletions
diff --git a/base/symkey/src/com/netscape/symkey/NistSP800_108KDF.cpp b/base/symkey/src/com/netscape/symkey/NistSP800_108KDF.cpp index 9f89dd372..7bed85d71 100644 --- a/base/symkey/src/com/netscape/symkey/NistSP800_108KDF.cpp +++ b/base/symkey/src/com/netscape/symkey/NistSP800_108KDF.cpp @@ -51,6 +51,15 @@ void ComputeCardKeys( PK11SymKey* masterKey, // Key Derivation Ke PK11SymKey** macKey, // output parameter: generated mac key PK11SymKey** kekKey) // output parameter: generated kek key { + + // sanity check input parameters + if (masterKey == NULL){ + throw std::runtime_error("Input parameter \"masterKey\" was NULL."); + } + if (context == NULL){ + throw std::runtime_error("Input parameter \"context\" was NULL."); + } + // sanity check output parameters if (*encKey != NULL){ throw std::runtime_error("Output parameter \"encKey\" wasn't initialized to NULL. Overwriting may result in a memory leak."); diff --git a/base/symkey/src/com/netscape/symkey/SymKey.cpp b/base/symkey/src/com/netscape/symkey/SymKey.cpp index 02465de13..512da4efe 100644 --- a/base/symkey/src/com/netscape/symkey/SymKey.cpp +++ b/base/symkey/src/com/netscape/symkey/SymKey.cpp @@ -1280,7 +1280,9 @@ extern "C" JNIEXPORT jbyteArray JNICALL Java_com_netscape_symkey_SessionKey_Dive (env)->ReleaseStringUTFChars(newMasterKeyName, (const char *)newMasterKeyNameChars); } - + if(masterKey == NULL) { + goto done; + } // AC: BUGFIX for key versions higher than 09: Since "jstring keyInfo" is now passed in as "jbyteArray newKeyInfo", we no longer need this code. // |