| OLD | NEW |
|---|
| 1 Index: mozilla/security/nss/lib/pk11wrap/pk11obj.c | 1 Index: mozilla/security/nss/lib/pk11wrap/pk11obj.c |
| 2 =================================================================== | 2 =================================================================== |
| 3 --- mozilla/security/nss/lib/pk11wrap/pk11obj.c»(revision 182578) | 3 --- mozilla/security/nss/lib/pk11wrap/pk11obj.c»(revision 190722) |
| 4 +++ mozilla/security/nss/lib/pk11wrap/pk11obj.c (working copy) | 4 +++ mozilla/security/nss/lib/pk11wrap/pk11obj.c (working copy) |
| 5 @@ -822,6 +822,93 @@ | 5 @@ -822,6 +822,93 @@ |
| 6 return SECSuccess; | 6 return SECSuccess; |
| 7 } | 7 } |
| 8 | 8 |
| 9 +SECStatus | 9 +SECStatus |
| 10 +PK11_EncryptWithSymKey(PK11SymKey *symKey, | 10 +PK11_Decrypt(PK11SymKey *symKey, |
| 11 + CK_MECHANISM_TYPE mechanism, SECItem *param, | 11 + CK_MECHANISM_TYPE mechanism, SECItem *param, |
| 12 + unsigned char *out, unsigned int *outLen, | 12 + unsigned char *out, unsigned int *outLen, |
| 13 + unsigned int maxLen, | 13 + unsigned int maxLen, |
| 14 + const unsigned char *data, unsigned dataLen) | 14 + const unsigned char *enc, unsigned encLen) |
| 15 +{ | 15 +{ |
| 16 + PK11SlotInfo *slot = symKey->slot; | 16 + PK11SlotInfo *slot = symKey->slot; |
| 17 + CK_MECHANISM mech = {0, NULL, 0 }; | 17 + CK_MECHANISM mech = {0, NULL, 0 }; |
| 18 + CK_ULONG len = maxLen; | 18 + CK_ULONG len = maxLen; |
| 19 + PRBool owner = PR_TRUE; | 19 + PRBool owner = PR_TRUE; |
| 20 + CK_SESSION_HANDLE session; | 20 + CK_SESSION_HANDLE session; |
| 21 + PRBool haslock = PR_FALSE; | 21 + PRBool haslock = PR_FALSE; |
| 22 + CK_RV crv; | 22 + CK_RV crv; |
| 23 + | 23 + |
| 24 + mech.mechanism = mechanism; | 24 + mech.mechanism = mechanism; |
| 25 + if (param) { | 25 + if (param) { |
| 26 + mech.pParameter = param->data; | 26 + mech.pParameter = param->data; |
| 27 + mech.ulParameterLen = param->len; | 27 + mech.ulParameterLen = param->len; |
| 28 + } | 28 + } |
| 29 + | 29 + |
| 30 + session = pk11_GetNewSession(slot, &owner); | 30 + session = pk11_GetNewSession(slot, &owner); |
| 31 + haslock = (!owner || !slot->isThreadSafe); | 31 + haslock = (!owner || !slot->isThreadSafe); |
| 32 + if (haslock) PK11_EnterSlotMonitor(slot); | 32 + if (haslock) PK11_EnterSlotMonitor(slot); |
| 33 + crv = PK11_GETTAB(slot)->C_EncryptInit(session, &mech, symKey->objectID); | 33 + crv = PK11_GETTAB(slot)->C_DecryptInit(session, &mech, symKey->objectID); |
| 34 + if (crv != CKR_OK) { | 34 + if (crv != CKR_OK) { |
| 35 + if (haslock) PK11_ExitSlotMonitor(slot); | 35 + if (haslock) PK11_ExitSlotMonitor(slot); |
| 36 +» pk11_CloseSession(slot,session,owner); | 36 +» pk11_CloseSession(slot, session, owner); |
| 37 + PORT_SetError( PK11_MapError(crv) ); | 37 + PORT_SetError( PK11_MapError(crv) ); |
| 38 + return SECFailure; | 38 + return SECFailure; |
| 39 + } | 39 + } |
| 40 + crv = PK11_GETTAB(slot)->C_Encrypt(session, (unsigned char *)data, | 40 + |
| 41 + dataLen, out, &len); | 41 + crv = PK11_GETTAB(slot)->C_Decrypt(session, (unsigned char *)enc, encLen, |
| 42 + out, &len); |
| 42 + if (haslock) PK11_ExitSlotMonitor(slot); | 43 + if (haslock) PK11_ExitSlotMonitor(slot); |
| 43 + pk11_CloseSession(slot,session,owner); | 44 + pk11_CloseSession(slot, session, owner); |
| 44 + *outLen = len; | 45 + *outLen = len; |
| 45 + if (crv != CKR_OK) { | 46 + if (crv != CKR_OK) { |
| 46 + PORT_SetError( PK11_MapError(crv) ); | 47 + PORT_SetError( PK11_MapError(crv) ); |
| 47 + return SECFailure; | 48 + return SECFailure; |
| 48 + } | 49 + } |
| 49 + return SECSuccess; | 50 + return SECSuccess; |
| 50 +} | 51 +} |
| 51 + | 52 + |
| 52 +SECStatus | 53 +SECStatus |
| 53 +PK11_DecryptWithSymKey(PK11SymKey *symKey, | 54 +PK11_Encrypt(PK11SymKey *symKey, |
| 54 + CK_MECHANISM_TYPE mechanism, SECItem *param, | 55 + CK_MECHANISM_TYPE mechanism, SECItem *param, |
| 55 + unsigned char *out, unsigned int *outLen, | 56 + unsigned char *out, unsigned int *outLen, |
| 56 + unsigned int maxLen, | 57 + unsigned int maxLen, |
| 57 + const unsigned char *enc, unsigned encLen) | 58 + const unsigned char *data, unsigned int dataLen) |
| 58 +{ | 59 +{ |
| 59 + PK11SlotInfo *slot = symKey->slot; | 60 + PK11SlotInfo *slot = symKey->slot; |
| 60 + CK_MECHANISM mech = {0, NULL, 0 }; | 61 + CK_MECHANISM mech = {0, NULL, 0 }; |
| 61 + CK_ULONG len = maxLen; | 62 + CK_ULONG len = maxLen; |
| 62 + PRBool owner = PR_TRUE; | 63 + PRBool owner = PR_TRUE; |
| 63 + CK_SESSION_HANDLE session; | 64 + CK_SESSION_HANDLE session; |
| 64 + PRBool haslock = PR_FALSE; | 65 + PRBool haslock = PR_FALSE; |
| 65 + CK_RV crv; | 66 + CK_RV crv; |
| 66 + | 67 + |
| 67 + mech.mechanism = mechanism; | 68 + mech.mechanism = mechanism; |
| 68 + if (param) { | 69 + if (param) { |
| 69 + mech.pParameter = param->data; | 70 + mech.pParameter = param->data; |
| 70 + mech.ulParameterLen = param->len; | 71 + mech.ulParameterLen = param->len; |
| 71 + } | 72 + } |
| 72 + | 73 + |
| 73 + session = pk11_GetNewSession(slot, &owner); | 74 + session = pk11_GetNewSession(slot, &owner); |
| 74 + haslock = (!owner || !slot->isThreadSafe); | 75 + haslock = (!owner || !slot->isThreadSafe); |
| 75 + if (haslock) PK11_EnterSlotMonitor(slot); | 76 + if (haslock) PK11_EnterSlotMonitor(slot); |
| 76 + crv = PK11_GETTAB(slot)->C_DecryptInit(session, &mech, symKey->objectID); | 77 + crv = PK11_GETTAB(slot)->C_EncryptInit(session, &mech, symKey->objectID); |
| 77 + if (crv != CKR_OK) { | 78 + if (crv != CKR_OK) { |
| 78 + if (haslock) PK11_ExitSlotMonitor(slot); | 79 + if (haslock) PK11_ExitSlotMonitor(slot); |
| 79 +» pk11_CloseSession(slot, session, owner); | 80 +» pk11_CloseSession(slot,session,owner); |
| 80 + PORT_SetError( PK11_MapError(crv) ); | 81 + PORT_SetError( PK11_MapError(crv) ); |
| 81 + return SECFailure; | 82 + return SECFailure; |
| 82 + } | 83 + } |
| 83 + | 84 + crv = PK11_GETTAB(slot)->C_Encrypt(session, (unsigned char *)data, |
| 84 + crv = PK11_GETTAB(slot)->C_Decrypt(session, (unsigned char *)enc, encLen, | 85 + dataLen, out, &len); |
| 85 + out, &len); | |
| 86 + if (haslock) PK11_ExitSlotMonitor(slot); | 86 + if (haslock) PK11_ExitSlotMonitor(slot); |
| 87 + pk11_CloseSession(slot, session, owner); | 87 + pk11_CloseSession(slot,session,owner); |
| 88 + *outLen = len; | 88 + *outLen = len; |
| 89 + if (crv != CKR_OK) { | 89 + if (crv != CKR_OK) { |
| 90 + PORT_SetError( PK11_MapError(crv) ); | 90 + PORT_SetError( PK11_MapError(crv) ); |
| 91 + return SECFailure; | 91 + return SECFailure; |
| 92 + } | 92 + } |
| 93 + return SECSuccess; | 93 + return SECSuccess; |
| 94 +} | 94 +} |
| 95 + | 95 + |
| 96 /* | 96 /* |
| 97 * Now SSL 2.0 uses raw RSA stuff. These next to functions *must* use | 97 * Now SSL 2.0 uses raw RSA stuff. These next to functions *must* use |
| 98 * RSA keys, or they'll fail. We do the checks up front. If anyone comes | 98 * RSA keys, or they'll fail. We do the checks up front. If anyone comes |
| 99 Index: mozilla/security/nss/lib/pk11wrap/pk11pub.h | 99 Index: mozilla/security/nss/lib/pk11wrap/pk11pub.h |
| 100 =================================================================== | 100 =================================================================== |
| 101 --- mozilla/security/nss/lib/pk11wrap/pk11pub.h»(revision 182578) | 101 --- mozilla/security/nss/lib/pk11wrap/pk11pub.h»(revision 190722) |
| 102 +++ mozilla/security/nss/lib/pk11wrap/pk11pub.h (working copy) | 102 +++ mozilla/security/nss/lib/pk11wrap/pk11pub.h (working copy) |
| 103 @@ -266,7 +266,7 @@ |
| 104 CK_MECHANISM_TYPE PK11_MapSignKeyType(KeyType keyType); |
| 105 |
| 106 /********************************************************************** |
| 107 - * Symetric, Public, and Private Keys |
| 108 + * Symmetric, Public, and Private Keys |
| 109 **********************************************************************/ |
| 110 void PK11_FreeSymKey(PK11SymKey *key); |
| 111 PK11SymKey *PK11_ReferenceSymKey(PK11SymKey *symKey); |
| 103 @@ -508,6 +508,17 @@ | 112 @@ -508,6 +508,17 @@ |
| 104 void *wincx); | 113 void *wincx); |
| 105 int PK11_GetPrivateModulusLen(SECKEYPrivateKey *key); | 114 int PK11_GetPrivateModulusLen(SECKEYPrivateKey *key); |
| 106 | 115 |
| 107 +SECStatus PK11_EncryptWithSymKey(PK11SymKey *symKey, | 116 +SECStatus PK11_Decrypt(PK11SymKey *symkey, |
| 108 +» » » CK_MECHANISM_TYPE mechanism, SECItem *param, | 117 +» » CK_MECHANISM_TYPE mechanism, SECItem *param, |
| 109 +» » » unsigned char *out, unsigned int *outLen, | 118 +» » unsigned char *out, unsigned int *outLen, |
| 110 +» » » unsigned int maxLen, | 119 +» » unsigned int maxLen, |
| 111 +» » » const unsigned char *data, unsigned dataLen); | 120 +» » const unsigned char *enc, unsigned int encLen); |
| 112 +SECStatus PK11_DecryptWithSymKey(PK11SymKey *symkey, | 121 +SECStatus PK11_Encrypt(PK11SymKey *symKey, |
| 113 +» » » CK_MECHANISM_TYPE mechanism, SECItem *param, | 122 +» » CK_MECHANISM_TYPE mechanism, SECItem *param, |
| 114 +» » » unsigned char *out, unsigned int *outLen, | 123 +» » unsigned char *out, unsigned int *outLen, |
| 115 +» » » unsigned int maxLen, | 124 +» » unsigned int maxLen, |
| 116 +» » » const unsigned char *enc, unsigned encLen); | 125 +» » const unsigned char *data, unsigned int dataLen); |
| 117 + | 126 + |
| 118 /* note: despite the name, this function takes a private key. */ | 127 /* note: despite the name, this function takes a private key. */ |
| 119 SECStatus PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data, | 128 SECStatus PK11_PubDecryptRaw(SECKEYPrivateKey *key, unsigned char *data, |
| 120 unsigned *outLen, unsigned int maxLen, unsigned char *enc, unsigned encLen); | 129 unsigned *outLen, unsigned int maxLen, unsigned char *enc, unsigned encLen); |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 13327005:
PK11_DecryptWithSymKey and PK11_EncryptWithSymKey have been (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/