From 4e7c48121aed229e21302e0b8a0c3096b3e851bd Mon Sep 17 00:00:00 2001 From: Jack Magne Date: Fri, 17 Apr 2015 17:55:05 -0700 Subject: Bug 1186896 - NIST SP800-108 KDF - add sanity checking. --- base/symkey/src/com/netscape/symkey/NistSP800_108KDF.cpp | 9 +++++++++ base/symkey/src/com/netscape/symkey/SymKey.cpp | 4 +++- 2 files changed, 12 insertions(+), 1 deletion(-) (limited to 'base/symkey/src') diff --git a/base/symkey/src/com/netscape/symkey/NistSP800_108KDF.cpp b/base/symkey/src/com/netscape/symkey/NistSP800_108KDF.cpp index 9f89dd372..7bed85d71 100644 --- a/base/symkey/src/com/netscape/symkey/NistSP800_108KDF.cpp +++ b/base/symkey/src/com/netscape/symkey/NistSP800_108KDF.cpp @@ -51,6 +51,15 @@ void ComputeCardKeys( PK11SymKey* masterKey, // Key Derivation Ke PK11SymKey** macKey, // output parameter: generated mac key PK11SymKey** kekKey) // output parameter: generated kek key { + + // sanity check input parameters + if (masterKey == NULL){ + throw std::runtime_error("Input parameter \"masterKey\" was NULL."); + } + if (context == NULL){ + throw std::runtime_error("Input parameter \"context\" was NULL."); + } + // sanity check output parameters if (*encKey != NULL){ throw std::runtime_error("Output parameter \"encKey\" wasn't initialized to NULL. Overwriting may result in a memory leak."); diff --git a/base/symkey/src/com/netscape/symkey/SymKey.cpp b/base/symkey/src/com/netscape/symkey/SymKey.cpp index 02465de13..512da4efe 100644 --- a/base/symkey/src/com/netscape/symkey/SymKey.cpp +++ b/base/symkey/src/com/netscape/symkey/SymKey.cpp @@ -1280,7 +1280,9 @@ extern "C" JNIEXPORT jbyteArray JNICALL Java_com_netscape_symkey_SessionKey_Dive (env)->ReleaseStringUTFChars(newMasterKeyName, (const char *)newMasterKeyNameChars); } - + if(masterKey == NULL) { + goto done; + } // AC: BUGFIX for key versions higher than 09: Since "jstring keyInfo" is now passed in as "jbyteArray newKeyInfo", we no longer need this code. // -- cgit