# HG changeset patch

# User Martin Thomson <mt@lowentropy.net>

# Date 1560498951 0

#      Fri Jun 14 07:55:51 2019 +0000

# Branch NSS_3_44_BRANCH

# Node ID fb9932d6e083322e7b5dfcd3d6e67477e0bb075a

# Parent  876bca2723a1f969422edc93e7504420d8331d3c

Bug 1515342 - More thorough input checking, r=jcj

All part of applying better discipline throughout.

Differential Revision: https://phabricator.services.mozilla.com/D33736

diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c

--- a/lib/cryptohi/seckey.c

+++ b/lib/cryptohi/seckey.c

@@ -639,6 +639,11 @@ seckey_ExtractPublicKey(const CERTSubjec

                     return pubk;

                 break;

             case SEC_OID_ANSIX962_EC_PUBLIC_KEY:

+                /* A basic sanity check on inputs. */

+                if (spki->algorithm.parameters.len == 0 || newOs.len == 0) {

+                    PORT_SetError(SEC_ERROR_INPUT_LEN);

+                    break;

+                }

                 pubk->keyType = ecKey;

                 pubk->u.ec.size = 0;

diff --git a/lib/freebl/dh.c b/lib/freebl/dh.c

--- a/lib/freebl/dh.c

+++ b/lib/freebl/dh.c

@@ -210,7 +210,8 @@ DH_Derive(SECItem *publicValue,

     unsigned int len = 0;

     unsigned int nb;

     unsigned char *secret = NULL;

-    if (!publicValue || !prime || !privateValue || !derivedSecret) {

+    if (!publicValue || !publicValue->len || !prime || !prime->len ||

+        !privateValue || !privateValue->len || !derivedSecret) {

         PORT_SetError(SEC_ERROR_INVALID_ARGS);

         return SECFailure;

     }

diff --git a/lib/freebl/ec.c b/lib/freebl/ec.c

--- a/lib/freebl/ec.c

+++ b/lib/freebl/ec.c

@@ -202,8 +202,8 @@ ec_NewKey(ECParams *ecParams, ECPrivateK

 #endif

     MP_DIGITS(&k) = 0;

-    if (!ecParams || !privKey || !privKeyBytes || (privKeyLen < 0) ||

-        !ecParams->name) {

+    if (!ecParams || ecParams->name == ECCurve_noName ||

+        !privKey || !privKeyBytes || privKeyLen <= 0) {

         PORT_SetError(SEC_ERROR_INVALID_ARGS);

         return SECFailure;

     }

@@ -391,7 +391,7 @@ EC_NewKey(ECParams *ecParams, ECPrivateK

     int len;

     unsigned char *privKeyBytes = NULL;

-    if (!ecParams) {

+    if (!ecParams || ecParams->name == ECCurve_noName || !privKey) {

         PORT_SetError(SEC_ERROR_INVALID_ARGS);

         return SECFailure;

     }

@@ -430,7 +430,8 @@ EC_ValidatePublicKey(ECParams *ecParams,

     mp_err err = MP_OKAY;

     int len;

-    if (!ecParams || !publicValue || !ecParams->name) {

+    if (!ecParams || ecParams->name == ECCurve_noName ||

+        !publicValue || !publicValue->len) {

         PORT_SetError(SEC_ERROR_INVALID_ARGS);

         return SECFailure;

     }

@@ -536,8 +537,9 @@ ECDH_Derive(SECItem *publicValue,

     int i;

 #endif

-    if (!publicValue || !ecParams || !privateValue || !derivedSecret ||

-        !ecParams->name) {

+    if (!publicValue || !publicValue->len ||

+        !ecParams || ecParams->name == ECCurve_noName ||

+        !privateValue || !privateValue->len || !derivedSecret) {

         PORT_SetError(SEC_ERROR_INVALID_ARGS);

         return SECFailure;

     }

diff --git a/lib/util/quickder.c b/lib/util/quickder.c

--- a/lib/util/quickder.c

+++ b/lib/util/quickder.c

@@ -757,6 +757,13 @@ DecodeItem(void* dest,

                         }

                         case SEC_ASN1_BIT_STRING: {

+                            /* Can't be 8 or more spare bits, or any spare bits

+			     * if there are no octets. */

+                            if (temp.data[0] >= 8 || (temp.data[0] > 0 && temp.len == 1)) {

+                                PORT_SetError(SEC_ERROR_BAD_DER);

+                                rv = SECFailure;

+                                break;

+                            }

                             /* change the length in the SECItem to be the number

                                of bits */

                             temp.len = (temp.len - 1) * 8 - (temp.data[0] & 0x7);

# HG changeset patch

# User Kevin Jacobs <kjacobs@mozilla.com>

# Date 1561145635 0

#      Fri Jun 21 19:33:55 2019 +0000

# Branch NSS_3_44_BRANCH

# Node ID 416a8f7cf8986103b4d74694aac1198edbb08b3e

# Parent  fb9932d6e083322e7b5dfcd3d6e67477e0bb075a

Bug 1515342 - Ignore spki decode failures on negative (expect_fail) tests. r=jcj

Differential Revision: https://phabricator.services.mozilla.com/D35565

diff --git a/gtests/pk11_gtest/pk11_curve25519_unittest.cc b/gtests/pk11_gtest/pk11_curve25519_unittest.cc

--- a/gtests/pk11_gtest/pk11_curve25519_unittest.cc

+++ b/gtests/pk11_gtest/pk11_curve25519_unittest.cc

@@ -40,6 +40,9 @@ class Pkcs11Curve25519Test

     ScopedCERTSubjectPublicKeyInfo certSpki(

         SECKEY_DecodeDERSubjectPublicKeyInfo(&spkiItem));

+    if (!expect_success && !certSpki) {

+      return;

+    }

     ASSERT_TRUE(certSpki);

     ScopedSECKEYPublicKey pubKey(SECKEY_ExtractPublicKey(certSpki.get()));