# HG changeset patch # User Robert Relyea # Date 1544226862 28800 # Fri Dec 07 15:54:22 2018 -0800 # Node ID 521a5b2f10cc197b9349df033f9d3cca0b5226c5 # Parent 5ac4d4904afae59149bb1fab49c3b21244a51a22 diff --git a/lib/softoken/pkcs11.c b/lib/softoken/pkcs11.c --- a/lib/softoken/pkcs11.c +++ b/lib/softoken/pkcs11.c @@ -1810,29 +1810,36 @@ sftk_GetPubKey(SFTKObject *object, CK_KE * Some curves are always pressumed to be non-DER. */ if (pubKey->u.ec.publicValue.len == keyLen && (pubKey->u.ec.ecParams.fieldID.type == ec_field_plain || pubKey->u.ec.publicValue.data[0] == EC_POINT_FORM_UNCOMPRESSED)) { break; /* key was not DER encoded, no need to unwrap */ } - PORT_Assert(pubKey->u.ec.ecParams.name != ECCurve25519); + /* The PKCS #11 spec says that the Params should be DER encoded. Even though the params from the + * Certificate aren't according the the ECCurve 25519 spec. We should accept this encoding. + PORT_Assert(pubKey->u.ec.ecParams.name != ECCurve25519); */ /* handle the encoded case */ if ((pubKey->u.ec.publicValue.data[0] == SEC_ASN1_OCTET_STRING) && pubKey->u.ec.publicValue.len > keyLen) { SECItem publicValue; SECStatus rv; rv = SEC_QuickDERDecodeItem(arena, &publicValue, SEC_ASN1_GET(SEC_OctetStringTemplate), &pubKey->u.ec.publicValue); /* nope, didn't decode correctly */ - if ((rv != SECSuccess) || (publicValue.data[0] != EC_POINT_FORM_UNCOMPRESSED) || (publicValue.len != keyLen)) { + if ((rv != SECSuccess) || (publicValue.len != keyLen)) { + crv = CKR_ATTRIBUTE_VALUE_INVALID; + break; + } + /* we don't handle compressed points except in the case of ECCurve25519 */ + if ((pubKey->u.ec.ecParams.fieldID.type != ec_field_plain) && (publicValue.data[0] != EC_POINT_FORM_UNCOMPRESSED)) { crv = CKR_ATTRIBUTE_VALUE_INVALID; break; } /* replace our previous with the decoded key */ pubKey->u.ec.publicValue = publicValue; break; } crv = CKR_ATTRIBUTE_VALUE_INVALID;