Bug Summary

File:s/lib/softoken/legacydb/lowkey.c
Warning:line 151, column 11
Although the value stored to 'tag' is used in the enclosing expression, the value is never actually read from 'tag'

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name lowkey.c -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/var/lib/jenkins/workspace/nss-scan-build/nss/lib/softoken/legacydb -ffunction-sections -fdata-sections -fcoverage-compilation-dir=/var/lib/jenkins/workspace/nss-scan-build/nss/lib/softoken/legacydb -resource-dir /usr/lib/llvm-18/lib/clang/18 -D HAVE_STRERROR -D LINUX -D linux -D XP_UNIX -D XP_UNIX -D SHLIB_SUFFIX="so" -D SHLIB_PREFIX="lib" -D LG_LIB_NAME="libnssdbm3.so" -D DEBUG -U NDEBUG -D _DEFAULT_SOURCE -D _BSD_SOURCE -D _POSIX_SOURCE -D SDB_MEASURE_USE_TEMP_DIR -D _REENTRANT -D DEBUG -U NDEBUG -D _DEFAULT_SOURCE -D _BSD_SOURCE -D _POSIX_SOURCE -D SDB_MEASURE_USE_TEMP_DIR -D _REENTRANT -D NSS_DISABLE_SSE3 -D NSS_NO_INIT_SUPPORT -D USE_UTIL_DIRECTLY -D NO_NSPR_10_SUPPORT -D SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES -I ../../../../dist/Linux4.19_x86_64_gcc_glibc_PTH_64_DBG.OBJ/include -I ../../../../dist/public/nss -I ../../../../dist/private/nss -I ../../../../dist/public/dbm -internal-isystem /usr/lib/llvm-18/lib/clang/18/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -std=c99 -ferror-limit 19 -fgnuc-version=4.2.1 -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2024-05-18-082241-28900-1 -x c lowkey.c
1/* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4#include "lowkeyi.h"
5#include "secoid.h"
6#include "secitem.h"
7#include "secder.h"
8#include "secasn1.h"
9#include "secerr.h"
10
11SEC_ASN1_MKSUB(SEC_AnyTemplate)
12SEC_ASN1_MKSUB(SEC_BitStringTemplate)
13SEC_ASN1_MKSUB(SEC_ObjectIDTemplate)
14SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
15
16static const SEC_ASN1Template nsslowkey_AttributeTemplate[] = {
17 { SEC_ASN1_SEQUENCE0x10,
18 0, NULL((void*)0), sizeof(NSSLOWKEYAttribute) },
19 { SEC_ASN1_OBJECT_ID0x06, offsetof(NSSLOWKEYAttribute, attrType)__builtin_offsetof(NSSLOWKEYAttribute, attrType) },
20 { SEC_ASN1_SET_OF(0x02000 | 0x11) | SEC_ASN1_XTRN0, offsetof(NSSLOWKEYAttribute, attrValue)__builtin_offsetof(NSSLOWKEYAttribute, attrValue),
21 SEC_ASN1_SUB(SEC_AnyTemplate)SEC_AnyTemplate_Util },
22 { 0 }
23};
24
25static const SEC_ASN1Template nsslowkey_SetOfAttributeTemplate[] = {
26 { SEC_ASN1_SET_OF(0x02000 | 0x11), 0, nsslowkey_AttributeTemplate },
27};
28/* ASN1 Templates for new decoder/encoder */
29const SEC_ASN1Template lg_nsslowkey_PrivateKeyInfoTemplate[] = {
30 { SEC_ASN1_SEQUENCE0x10,
31 0, NULL((void*)0), sizeof(NSSLOWKEYPrivateKeyInfo) },
32 { SEC_ASN1_INTEGER0x02,
33 offsetof(NSSLOWKEYPrivateKeyInfo, version)__builtin_offsetof(NSSLOWKEYPrivateKeyInfo, version) },
34 { SEC_ASN1_INLINE0x00800 | SEC_ASN1_XTRN0,
35 offsetof(NSSLOWKEYPrivateKeyInfo, algorithm)__builtin_offsetof(NSSLOWKEYPrivateKeyInfo, algorithm),
36 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate)SECOID_AlgorithmIDTemplate_Util },
37 { SEC_ASN1_OCTET_STRING0x04,
38 offsetof(NSSLOWKEYPrivateKeyInfo, privateKey)__builtin_offsetof(NSSLOWKEYPrivateKeyInfo, privateKey) },
39 { SEC_ASN1_OPTIONAL0x00100 | SEC_ASN1_CONSTRUCTED0x20 | SEC_ASN1_CONTEXT_SPECIFIC0x80 | 0,
40 offsetof(NSSLOWKEYPrivateKeyInfo, attributes)__builtin_offsetof(NSSLOWKEYPrivateKeyInfo, attributes),
41 nsslowkey_SetOfAttributeTemplate },
42 { 0 }
43};
44
45const SEC_ASN1Template lg_nsslowkey_PQGParamsTemplate[] = {
46 { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(PQGParams) },
47 { SEC_ASN1_INTEGER0x02, offsetof(PQGParams, prime)__builtin_offsetof(PQGParams, prime) },
48 { SEC_ASN1_INTEGER0x02, offsetof(PQGParams, subPrime)__builtin_offsetof(PQGParams, subPrime) },
49 { SEC_ASN1_INTEGER0x02, offsetof(PQGParams, base)__builtin_offsetof(PQGParams, base) },
50 { 0 }
51};
52
53const SEC_ASN1Template lg_nsslowkey_RSAPrivateKeyTemplate[] = {
54 { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(NSSLOWKEYPrivateKey) },
55 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.version)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.version) },
56 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.modulus)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.modulus) },
57 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.publicExponent)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.publicExponent) },
58 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.privateExponent)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.privateExponent
) },
59 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime1)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.prime1) },
60 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime2)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.prime2) },
61 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent1)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent1) },
62 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent2)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent2) },
63 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.coefficient)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.coefficient) },
64 { 0 }
65};
66
67/*
68 * Allows u.rsa.modulus to be zero length for secret keys with an empty
69 * CKA_ID incorrectly generated in NSS 3.13.3 or earlier. Only used for
70 * decoding. See bug 715073.
71 */
72const SEC_ASN1Template lg_nsslowkey_RSAPrivateKeyTemplate2[] = {
73 { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(NSSLOWKEYPrivateKey) },
74 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.version)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.version) },
75 { SEC_ASN1_ANY0x00400, offsetof(NSSLOWKEYPrivateKey, u.rsa.modulus)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.modulus) },
76 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.publicExponent)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.publicExponent) },
77 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.privateExponent)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.privateExponent
) },
78 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime1)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.prime1) },
79 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime2)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.prime2) },
80 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent1)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent1) },
81 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent2)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent2) },
82 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.rsa.coefficient)__builtin_offsetof(NSSLOWKEYPrivateKey, u.rsa.coefficient) },
83 { 0 }
84};
85
86const SEC_ASN1Template lg_nsslowkey_DSAPrivateKeyTemplate[] = {
87 { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(NSSLOWKEYPrivateKey) },
88 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.dsa.publicValue)__builtin_offsetof(NSSLOWKEYPrivateKey, u.dsa.publicValue) },
89 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.dsa.privateValue)__builtin_offsetof(NSSLOWKEYPrivateKey, u.dsa.privateValue) },
90 { 0 }
91};
92
93const SEC_ASN1Template lg_nsslowkey_DHPrivateKeyTemplate[] = {
94 { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(NSSLOWKEYPrivateKey) },
95 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.dh.publicValue)__builtin_offsetof(NSSLOWKEYPrivateKey, u.dh.publicValue) },
96 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.dh.privateValue)__builtin_offsetof(NSSLOWKEYPrivateKey, u.dh.privateValue) },
97 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.dh.base)__builtin_offsetof(NSSLOWKEYPrivateKey, u.dh.base) },
98 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.dh.prime)__builtin_offsetof(NSSLOWKEYPrivateKey, u.dh.prime) },
99 { 0 }
100};
101
102/* NOTE: The SECG specification allows the private key structure
103 * to contain curve parameters but recommends that they be stored
104 * in the PrivateKeyAlgorithmIdentifier field of the PrivateKeyInfo
105 * instead.
106 */
107const SEC_ASN1Template lg_nsslowkey_ECPrivateKeyTemplate[] = {
108 { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(NSSLOWKEYPrivateKey) },
109 { SEC_ASN1_INTEGER0x02, offsetof(NSSLOWKEYPrivateKey, u.ec.version)__builtin_offsetof(NSSLOWKEYPrivateKey, u.ec.version) },
110 { SEC_ASN1_OCTET_STRING0x04,
111 offsetof(NSSLOWKEYPrivateKey, u.ec.privateValue)__builtin_offsetof(NSSLOWKEYPrivateKey, u.ec.privateValue) },
112 /* We only support named curves for which the parameters are
113 * encoded as an object ID.
114 */
115 { SEC_ASN1_OPTIONAL0x00100 | SEC_ASN1_CONSTRUCTED0x20 |
116 SEC_ASN1_EXPLICIT0x00200 | SEC_ASN1_CONTEXT_SPECIFIC0x80 | SEC_ASN1_XTRN0 | 0,
117 offsetof(NSSLOWKEYPrivateKey, u.ec.ecParams.curveOID)__builtin_offsetof(NSSLOWKEYPrivateKey, u.ec.ecParams.curveOID
),
118 SEC_ASN1_SUB(SEC_ObjectIDTemplate)SEC_ObjectIDTemplate_Util },
119 { SEC_ASN1_OPTIONAL0x00100 | SEC_ASN1_CONSTRUCTED0x20 |
120 SEC_ASN1_EXPLICIT0x00200 | SEC_ASN1_CONTEXT_SPECIFIC0x80 |
121 SEC_ASN1_XTRN0 | 1,
122 offsetof(NSSLOWKEYPrivateKey, u.ec.publicValue)__builtin_offsetof(NSSLOWKEYPrivateKey, u.ec.publicValue),
123 SEC_ASN1_SUB(SEC_BitStringTemplate)SEC_BitStringTemplate_Util },
124 { 0 }
125};
126
127/*
128 * smaller version of EC_FillParams. In this code, we only need
129 * oid and DER data.
130 */
131SECStatus
132LGEC_FillParams(PLArenaPool *arena, const SECItem *encodedParams,
133 ECParams *params)
134{
135 SECOidTag tag;
136 SECItem oid = { siBuffer, NULL((void*)0), 0 };
137
138#if EC_DEBUG
139 int i;
140
141 printf("Encoded params in EC_DecodeParams: ");
142 for (i = 0; i < encodedParams->len; i++) {
143 printf("%02x:", encodedParams->data[i]);
144 }
145 printf("\n");
146#endif
147
148 oid.len = encodedParams->len - 2;
149 oid.data = encodedParams->data + 2;
150 if ((encodedParams->data[0] != SEC_ASN1_OBJECT_ID0x06) ||
151 ((tag = SECOID_FindOIDTagSECOID_FindOIDTag_Util(&oid)) == SEC_OID_UNKNOWN)) {
Although the value stored to 'tag' is used in the enclosing expression, the value is never actually read from 'tag'
152 PORT_SetErrorPORT_SetError_Util(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
153 return SECFailure;
154 }
155
156 params->arena = arena;
157
158 /* For named curves, fill out curveOID */
159 params->curveOID.len = oid.len;
160 params->curveOID.data = (unsigned char *)PORT_ArenaAllocPORT_ArenaAlloc_Util(arena, oid.len);
161 if (params->curveOID.data == NULL((void*)0)) {
162 return SECFailure;
163 }
164 memcpy(params->curveOID.data, oid.data, oid.len);
165
166 return SECSuccess;
167}
168
169/* Copy all of the fields from srcParams into dstParams
170 */
171SECStatus
172LGEC_CopyParams(PLArenaPool *arena, ECParams *dstParams,
173 const ECParams *srcParams)
174{
175 SECStatus rv = SECFailure;
176
177 dstParams->arena = arena;
178 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &dstParams->DEREncoding,
179 &srcParams->DEREncoding);
180 if (rv != SECSuccess) {
181 goto loser;
182 }
183 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &dstParams->curveOID,
184 &srcParams->curveOID);
185 if (rv != SECSuccess) {
186 goto loser;
187 }
188
189 return SECSuccess;
190
191loser:
192 return SECFailure;
193}
194/*
195 * See bugzilla bug 125359
196 * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints,
197 * all of the templates above that en/decode into integers must be converted
198 * from ASN.1's signed integer type. This is done by marking either the
199 * source or destination (encoding or decoding, respectively) type as
200 * siUnsignedInteger.
201 */
202
203void
204lg_prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
205{
206 key->u.rsa.modulus.type = siUnsignedInteger;
207 key->u.rsa.publicExponent.type = siUnsignedInteger;
208 key->u.rsa.privateExponent.type = siUnsignedInteger;
209 key->u.rsa.prime1.type = siUnsignedInteger;
210 key->u.rsa.prime2.type = siUnsignedInteger;
211 key->u.rsa.exponent1.type = siUnsignedInteger;
212 key->u.rsa.exponent2.type = siUnsignedInteger;
213 key->u.rsa.coefficient.type = siUnsignedInteger;
214}
215
216void
217lg_prepare_low_pqg_params_for_asn1(PQGParams *params)
218{
219 params->prime.type = siUnsignedInteger;
220 params->subPrime.type = siUnsignedInteger;
221 params->base.type = siUnsignedInteger;
222}
223
224void
225lg_prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
226{
227 key->u.dsa.publicValue.type = siUnsignedInteger;
228 key->u.dsa.privateValue.type = siUnsignedInteger;
229 key->u.dsa.params.prime.type = siUnsignedInteger;
230 key->u.dsa.params.subPrime.type = siUnsignedInteger;
231 key->u.dsa.params.base.type = siUnsignedInteger;
232}
233
234void
235lg_prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
236{
237 key->u.dh.prime.type = siUnsignedInteger;
238 key->u.dh.base.type = siUnsignedInteger;
239 key->u.dh.publicValue.type = siUnsignedInteger;
240 key->u.dh.privateValue.type = siUnsignedInteger;
241}
242
243void
244lg_prepare_low_ecparams_for_asn1(ECParams *params)
245{
246 params->DEREncoding.type = siUnsignedInteger;
247 params->curveOID.type = siUnsignedInteger;
248}
249
250void
251lg_prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key)
252{
253 key->u.ec.version.type = siUnsignedInteger;
254 key->u.ec.ecParams.DEREncoding.type = siUnsignedInteger;
255 key->u.ec.ecParams.curveOID.type = siUnsignedInteger;
256 key->u.ec.privateValue.type = siUnsignedInteger;
257 key->u.ec.publicValue.type = siUnsignedInteger;
258}
259
260void
261lg_nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk)
262{
263 if (privk && privk->arena) {
264 PORT_FreeArenaPORT_FreeArena_Util(privk->arena, PR_TRUE1);
265 }
266}
267
268void
269lg_nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *pubk)
270{
271 if (pubk && pubk->arena) {
272 PORT_FreeArenaPORT_FreeArena_Util(pubk->arena, PR_FALSE0);
273 }
274}
275
276NSSLOWKEYPublicKey *
277lg_nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk)
278{
279 NSSLOWKEYPublicKey *pubk;
280 PLArenaPool *arena;
281
282 arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048));
283 if (arena == NULL((void*)0)) {
284 PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY);
285 return NULL((void*)0);
286 }
287
288 switch (privk->keyType) {
289 case NSSLOWKEYRSAKey:
290 case NSSLOWKEYNullKey:
291 pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena,
292 sizeof(NSSLOWKEYPublicKey));
293 if (pubk != NULL((void*)0)) {
294 SECStatus rv;
295
296 pubk->arena = arena;
297 pubk->keyType = privk->keyType;
298 if (privk->keyType == NSSLOWKEYNullKey)
299 return pubk;
300 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.rsa.modulus,
301 &privk->u.rsa.modulus);
302 if (rv == SECSuccess) {
303 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.rsa.publicExponent,
304 &privk->u.rsa.publicExponent);
305 if (rv == SECSuccess)
306 return pubk;
307 }
308 } else {
309 PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY);
310 }
311 break;
312 case NSSLOWKEYDSAKey:
313 pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena,
314 sizeof(NSSLOWKEYPublicKey));
315 if (pubk != NULL((void*)0)) {
316 SECStatus rv;
317
318 pubk->arena = arena;
319 pubk->keyType = privk->keyType;
320 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.dsa.publicValue,
321 &privk->u.dsa.publicValue);
322 if (rv != SECSuccess)
323 break;
324 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.dsa.params.prime,
325 &privk->u.dsa.params.prime);
326 if (rv != SECSuccess)
327 break;
328 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.dsa.params.subPrime,
329 &privk->u.dsa.params.subPrime);
330 if (rv != SECSuccess)
331 break;
332 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.dsa.params.base,
333 &privk->u.dsa.params.base);
334 if (rv == SECSuccess)
335 return pubk;
336 }
337 break;
338 case NSSLOWKEYDHKey:
339 pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena,
340 sizeof(NSSLOWKEYPublicKey));
341 if (pubk != NULL((void*)0)) {
342 SECStatus rv;
343
344 pubk->arena = arena;
345 pubk->keyType = privk->keyType;
346 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.dh.publicValue,
347 &privk->u.dh.publicValue);
348 if (rv != SECSuccess)
349 break;
350 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.dh.prime,
351 &privk->u.dh.prime);
352 if (rv != SECSuccess)
353 break;
354 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.dh.base,
355 &privk->u.dh.base);
356 if (rv == SECSuccess)
357 return pubk;
358 }
359 break;
360 case NSSLOWKEYECKey:
361 pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena,
362 sizeof(NSSLOWKEYPublicKey));
363 if (pubk != NULL((void*)0)) {
364 SECStatus rv;
365
366 pubk->arena = arena;
367 pubk->keyType = privk->keyType;
368 rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.ec.publicValue,
369 &privk->u.ec.publicValue);
370 if (rv != SECSuccess)
371 break;
372 pubk->u.ec.ecParams.arena = arena;
373 /* Copy the rest of the params */
374 rv = LGEC_CopyParams(arena, &(pubk->u.ec.ecParams),
375 &(privk->u.ec.ecParams));
376 if (rv == SECSuccess)
377 return pubk;
378 }
379 break;
380 /* No Fortezza in Low Key implementations (Fortezza keys aren't
381 * stored in our data base */
382 default:
383 break;
384 }
385
386 PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0);
387 return NULL((void*)0);
388}