| Index: mozilla/security/nss/lib/softoken/pkcs11c.c
|
| ===================================================================
|
| --- mozilla/security/nss/lib/softoken/pkcs11c.c (revision 180595)
|
| +++ mozilla/security/nss/lib/softoken/pkcs11c.c (working copy)
|
| @@ -457,6 +457,24 @@
|
| return -1;
|
| }
|
|
|
| +static SECStatus
|
| +sftk_EncryptOAEP(SFTKOAEPEncryptInfo *info, unsigned char *output,
|
| + unsigned int *outputLen, unsigned int maxLen,
|
| + unsigned char *input, unsigned int inputLen)
|
| +{
|
| + return RSA_EncryptOAEP(info->params, info->key, output, outputLen,
|
| + maxLen, input, inputLen);
|
| +}
|
| +
|
| +static SECStatus
|
| +sftk_DecryptOAEP(SFTKOAEPDecryptInfo *info, unsigned char *output,
|
| + unsigned int *outputLen, unsigned int maxLen,
|
| + unsigned char *input, unsigned int inputLen)
|
| +{
|
| + return RSA_DecryptOAEP(info->params, info->key, output, outputLen,
|
| + maxLen, input, inputLen);
|
| +}
|
| +
|
| /** NSC_CryptInit initializes an encryption/Decryption operation.
|
| *
|
| * Always called by NSC_EncryptInit, NSC_DecryptInit, NSC_WrapKey,NSC_UnwrapKey.
|
| @@ -513,6 +531,7 @@
|
| if (isEncrypt) {
|
| NSSLOWKEYPublicKey *pubKey = sftk_GetPubKey(key,CKK_RSA,&crv);
|
| if (pubKey == NULL) {
|
| + crv = CKR_KEY_HANDLE_INVALID;
|
| break;
|
| }
|
| context->maxLen = nsslowkey_PublicModulusLen(pubKey);
|
| @@ -523,6 +542,7 @@
|
| } else {
|
| NSSLOWKEYPrivateKey *privKey = sftk_GetPrivKey(key,CKK_RSA,&crv);
|
| if (privKey == NULL) {
|
| + crv = CKR_KEY_HANDLE_INVALID;
|
| break;
|
| }
|
| context->maxLen = nsslowkey_PrivateModulusLen(privKey);
|
| @@ -533,6 +553,55 @@
|
| }
|
| context->destroy = sftk_Null;
|
| break;
|
| +/* XXX: Disabled until unit tests land.
|
| + case CKM_RSA_PKCS_OAEP:
|
| + if (key_type != CKK_RSA) {
|
| + crv = CKR_KEY_TYPE_INCONSISTENT;
|
| + break;
|
| + }
|
| + context->multi = PR_FALSE;
|
| + context->rsa = PR_TRUE;
|
| + if (pMechanism->ulParameterLen != sizeof(CK_RSA_PKCS_OAEP_PARAMS)) {
|
| + crv = CKR_MECHANISM_PARAM_INVALID;
|
| + break;
|
| + }
|
| + /\* XXX: Need Parameter validation here *\/
|
| + if (isEncrypt) {
|
| + SFTKOAEPEncryptInfo *info = PORT_New(SFTKOAEPEncryptInfo);
|
| + if (info == NULL) {
|
| + crv = CKR_HOST_MEMORY;
|
| + break;
|
| + }
|
| + info->params = pMechanism->pParameter;
|
| + info->key = sftk_GetPubKey(key, CKK_RSA, &crv);
|
| + if (info->key == NULL) {
|
| + PORT_Free(info);
|
| + crv = CKR_KEY_HANDLE_INVALID;
|
| + break;
|
| + }
|
| + context->update = (SFTKCipher) sftk_EncryptOAEP;
|
| + context->maxLen = nsslowkey_PublicModulusLen(info->key);
|
| + context->cipherInfo = info;
|
| + } else {
|
| + SFTKOAEPDecryptInfo *info = PORT_New(SFTKOAEPDecryptInfo);
|
| + if (info == NULL) {
|
| + crv = CKR_HOST_MEMORY;
|
| + break;
|
| + }
|
| + info->params = pMechanism->pParameter;
|
| + info->key = sftk_GetPrivKey(key, CKK_RSA, &crv);
|
| + if (info->key == NULL) {
|
| + PORT_Free(info);
|
| + crv = CKR_KEY_HANDLE_INVALID;
|
| + break;
|
| + }
|
| + context->update = (SFTKCipher) sftk_DecryptOAEP;
|
| + context->maxLen = nsslowkey_PrivateModulusLen(info->key);
|
| + context->cipherInfo = info;
|
| + }
|
| + context->destroy = (SFTKDestroy) sftk_Space;
|
| + break;
|
| +*/
|
| case CKM_RC2_CBC_PAD:
|
| context->doPad = PR_TRUE;
|
| /* fall thru */
|
| @@ -1460,17 +1529,25 @@
|
| DOSUB(SHA384)
|
| DOSUB(SHA512)
|
|
|
| -/*
|
| - * HMAC General copies only a portion of the result. This update routine likes
|
| - * the final HMAC output with the signature.
|
| - */
|
| static SECStatus
|
| -sftk_HMACCopy(CK_ULONG *copyLen,unsigned char *sig,unsigned int *sigLen,
|
| - unsigned int maxLen,unsigned char *hash, unsigned int hashLen)
|
| +sftk_SignCopy(
|
| + CK_ULONG *copyLen,
|
| + void *out, unsigned int *outLength,
|
| + unsigned int maxLength,
|
| + const unsigned char *hashResult,
|
| + unsigned int hashResultLength)
|
| {
|
| - if (maxLen < *copyLen) return SECFailure;
|
| - PORT_Memcpy(sig,hash,*copyLen);
|
| - *sigLen = *copyLen;
|
| + unsigned int toCopy = *copyLen;
|
| + if (toCopy > maxLength) {
|
| + toCopy = maxLength;
|
| + }
|
| + if (toCopy > hashResultLength) {
|
| + toCopy = hashResultLength;
|
| + }
|
| + memcpy(out, hashResult, toCopy);
|
| + if (outLength) {
|
| + *outLength = toCopy;
|
| + }
|
| return SECSuccess;
|
| }
|
|
|
| @@ -1519,14 +1596,14 @@
|
| context->end = (SFTKEnd) HMAC_Finish;
|
|
|
| context->hashdestroy = (SFTKDestroy) HMAC_Destroy;
|
| - intpointer = (CK_ULONG *) PORT_Alloc(sizeof(CK_ULONG));
|
| + intpointer = PORT_New(CK_ULONG);
|
| if (intpointer == NULL) {
|
| return CKR_HOST_MEMORY;
|
| }
|
| *intpointer = mac_size;
|
| - context->cipherInfo = (void *) intpointer;
|
| + context->cipherInfo = intpointer;
|
| context->destroy = (SFTKDestroy) sftk_Space;
|
| - context->update = (SFTKCipher) sftk_HMACCopy;
|
| + context->update = (SFTKCipher) sftk_SignCopy;
|
| context->verify = (SFTKVerify) sftk_HMACCmp;
|
| context->maxLen = hashObj->length;
|
| HMAC_Begin(HMACcontext);
|
| @@ -2172,6 +2249,65 @@
|
| case CKM_TLS_PRF_GENERAL:
|
| crv = sftk_TLSPRFInit(context, key, key_type);
|
| break;
|
| +
|
| + case CKM_NSS_HMAC_CONSTANT_TIME: {
|
| + sftk_MACConstantTimeCtx *ctx =
|
| + sftk_HMACConstantTime_New(pMechanism,key);
|
| + CK_ULONG *intpointer;
|
| +
|
| + if (ctx == NULL) {
|
| + crv = CKR_ARGUMENTS_BAD;
|
| + break;
|
| + }
|
| + intpointer = PORT_New(CK_ULONG);
|
| + if (intpointer == NULL) {
|
| + crv = CKR_HOST_MEMORY;
|
| + break;
|
| + }
|
| + *intpointer = ctx->hash->length;
|
| +
|
| + context->cipherInfo = intpointer;
|
| + context->hashInfo = ctx;
|
| + context->currentMech = pMechanism->mechanism;
|
| + context->hashUpdate = sftk_HMACConstantTime_Update;
|
| + context->hashdestroy = sftk_MACConstantTime_DestroyContext;
|
| + context->end = sftk_MACConstantTime_EndHash;
|
| + context->update = sftk_SignCopy;
|
| + context->destroy = sftk_Space;
|
| + context->maxLen = 64;
|
| + context->multi = PR_TRUE;
|
| + break;
|
| + }
|
| +
|
| + case CKM_NSS_SSL3_MAC_CONSTANT_TIME: {
|
| + sftk_MACConstantTimeCtx *ctx =
|
| + sftk_SSLv3MACConstantTime_New(pMechanism,key);
|
| + CK_ULONG *intpointer;
|
| +
|
| + if (ctx == NULL) {
|
| + crv = CKR_ARGUMENTS_BAD;
|
| + break;
|
| + }
|
| + intpointer = PORT_New(CK_ULONG);
|
| + if (intpointer == NULL) {
|
| + crv = CKR_HOST_MEMORY;
|
| + break;
|
| + }
|
| + *intpointer = ctx->hash->length;
|
| +
|
| + context->cipherInfo = intpointer;
|
| + context->hashInfo = ctx;
|
| + context->currentMech = pMechanism->mechanism;
|
| + context->hashUpdate = sftk_SSLv3MACConstantTime_Update;
|
| + context->hashdestroy = sftk_MACConstantTime_DestroyContext;
|
| + context->end = sftk_MACConstantTime_EndHash;
|
| + context->update = sftk_SignCopy;
|
| + context->destroy = sftk_Space;
|
| + context->maxLen = 64;
|
| + context->multi = PR_TRUE;
|
| + break;
|
| + }
|
| +
|
| default:
|
| crv = CKR_MECHANISM_INVALID;
|
| break;
|
|
|
Chromium Code Reviews
Issue 12207073:
Update to NSS 3.14.3 Beta 1 for the TLS CBC constant-time (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/