Bug 1009794: pk11_PrivDecryptRaw and pk11_PubEncryptRaw need to cast
authorWan-Teh Chang <wtc@google.com>
Tue, 20 May 2014 07:16:01 -0700
changeset 11154 b96d9c28e90dd3ec66ac0c9e582bbb0f4a4589df
parent 11153 9b43cad852e176b771fa223484fdae26891e06e7
child 11155 1ed35c824d29efb61c2fe447b2f18df1bf7d5a34
push id398
push userwtc@google.com
push dateTue, 20 May 2014 14:16:17 +0000
bugs1009794
Bug 1009794: pk11_PrivDecryptRaw and pk11_PubEncryptRaw need to cast away the const of the input buffer pointers for C_Decrypt and C_Encrypt. r=ryan.sleevi.
lib/pk11wrap/pk11obj.c
--- a/lib/pk11wrap/pk11obj.c
+++ b/lib/pk11wrap/pk11obj.c
@@ -949,21 +949,22 @@ pk11_PrivDecryptRaw(SECKEYPrivateKey *ke
 	PORT_SetError( PK11_MapError(crv) );
 	return SECFailure;
     }
 
     /* PKCS11 2.20 says if CKA_ALWAYS_AUTHENTICATE then 
      * do C_Login with CKU_CONTEXT_SPECIFIC 
      * between C_DecryptInit and C_Decrypt
      * ... But see note above about servers */
-     if (SECKEY_HAS_ATTRIBUTE_SET_LOCK(key, CKA_ALWAYS_AUTHENTICATE, haslock)) {
+    if (SECKEY_HAS_ATTRIBUTE_SET_LOCK(key, CKA_ALWAYS_AUTHENTICATE, haslock)) {
 	PK11_DoPassword(slot, session, PR_FALSE, key->wincx, haslock, PR_TRUE);
     }
 
-    crv = PK11_GETTAB(slot)->C_Decrypt(session,enc, encLen, data, &out);
+    crv = PK11_GETTAB(slot)->C_Decrypt(session, (unsigned char *)enc, encLen,
+				       data, &out);
     if (haslock) PK11_ExitSlotMonitor(slot);
     pk11_CloseSession(slot,session,owner);
     *outLen = out;
     if (crv != CKR_OK) {
 	PORT_SetError( PK11_MapError(crv) );
 	return SECFailure;
     }
     return SECSuccess;
@@ -1020,17 +1021,18 @@ pk11_PubEncryptRaw(SECKEYPublicKey *key,
     crv = PK11_GETTAB(slot)->C_EncryptInit(session, mech, id);
     if (crv != CKR_OK) {
 	if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
 	pk11_CloseSession(slot,session,owner);
 	PK11_FreeSlot(slot);
 	PORT_SetError( PK11_MapError(crv) );
 	return SECFailure;
     }
-    crv = PK11_GETTAB(slot)->C_Encrypt(session,data,dataLen,out,&len);
+    crv = PK11_GETTAB(slot)->C_Encrypt(session,(unsigned char *)data,dataLen,
+				       out,&len);
     if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
     pk11_CloseSession(slot,session,owner);
     PK11_FreeSlot(slot);
     *outLen = len;
     if (crv != CKR_OK) {
 	PORT_SetError( PK11_MapError(crv) );
 	return SECFailure;
     }