Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 405966: Unknown signature OID 1.3.14.3.2.29 causes sec_error_bad_signature

Browse Source 
3.11 ignores it. r=julien.pierre


git-svn-id: svn://10.0.0.236/trunk@246703 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
nelson%bolyard.com 2008-02-28 04:27:36 +00:00
parent 5c98524a48
commit 19e5b361e5
3 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
mozilla/security/nss/lib/cryptohi/secvfy.c
View File

@ -37,7 +37,7 @@
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/* $Id: secvfy.c,v 1.21 2007-01-09 00:37:20 alexei.volkov.bugs%sun.com Exp $ */
/* $Id: secvfy.c,v 1.22 2008-02-28 04:27:36 nelson%bolyard.com Exp $ */
#include <stdio.h>
#include "cryptohi.h"
@ -233,6 +233,7 @@ sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
break;
case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
case SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE:
*hashalg = SEC_OID_SHA1;
break;
case SEC_OID_PKCS1_RSA_ENCRYPTION:
@ -320,6 +321,7 @@ sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
case SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE:
case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
@ -738,9 +740,9 @@ VFY_VerifyDataWithAlgorithmID(const unsigned char *buf, int len,
SECOidTag *hash, void *wincx)
{
SECOidTag encAlg, hashAlg;
SECStatus rv = sec_DecodeSigAlg(key,
SECOID_GetAlgorithmTag((SECAlgorithmID *)sigAlgorithm),
&sigAlgorithm->parameters, &encAlg, &hashAlg);
SECOidTag sigAlg = SECOID_GetAlgorithmTag((SECAlgorithmID *)sigAlgorithm);
SECStatus rv = sec_DecodeSigAlg(key, sigAlg,
&sigAlgorithm->parameters, &encAlg, &hashAlg);
if (rv != SECSuccess) {
return rv;
}

5
mozilla/security/nss/lib/util/secoid.c
View File

@ -201,6 +201,7 @@ CONST_OID isoSHAWithRSASignature[] = { ALGORITHM, 0x0f };
CONST_OID desede[] = { ALGORITHM, 0x11 };
CONST_OID sha1[] = { ALGORITHM, 0x1a };
CONST_OID bogusDSASignaturewithSHA1Digest[] = { ALGORITHM, 0x1b };
CONST_OID isoSHA1WithRSASignature[] = { ALGORITHM, 0x1d };
CONST_OID pkcs1RSAEncryption[] = { PKCS1, 0x01 };
CONST_OID pkcs1MD2WithRSAEncryption[] = { PKCS1, 0x02 };
@ -1569,6 +1570,10 @@ const static SECOidData oids[] = {
"SIA CA Repository", CKM_INVALID_MECHANISM,
INVALID_CERT_EXTENSION ),
OD( isoSHA1WithRSASignature, SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE,
"ISO SHA1 with RSA Signature",
CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION ),
};
/*

4
mozilla/security/nss/lib/util/secoidt.h
View File

@ -43,7 +43,7 @@
/*
* secoidt.h - public data structures for ASN.1 OID functions
*
* $Id: secoidt.h,v 1.26 2007-10-12 01:44:51 julien.pierre.boogz%sun.com Exp $
* $Id: secoidt.h,v 1.27 2008-02-28 04:27:30 nelson%bolyard.com Exp $
*/
#include "secitem.h"
@ -444,6 +444,8 @@ typedef enum {
SEC_OID_PKIX_TIMESTAMPING = 299,
SEC_OID_PKIX_CA_REPOSITORY = 300,
SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE = 301,
SEC_OID_TOTAL
} SECOidTag;