| OLD | NEW |
|---|
| (Empty) |
| 1 /* tlsprf.c - TLS Pseudo Random Function (PRF) implementation | |
| 2 * | |
| 3 * This Source Code Form is subject to the terms of the Mozilla Public | |
| 4 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 6 /* $Id: tlsprf.c,v 1.7 2012/04/25 14:50:10 gerv%gerv.net Exp $ */ | |
| 7 | |
| 8 #include "pkcs11i.h" | |
| 9 #include "blapi.h" | |
| 10 | |
| 11 #define SFTK_OFFSETOF(str, memb) ((PRPtrdiff)(&(((str *)0)->memb))) | |
| 12 | |
| 13 static void sftk_TLSPRFNull(void *data, PRBool freeit) | |
| 14 { | |
| 15 return; | |
| 16 } | |
| 17 | |
| 18 typedef struct { | |
| 19 PRUint32 cxSize; /* size of allocated block, in bytes. */ | |
| 20 PRUint32 cxBufSize; /* sizeof buffer at cxBufPtr. */ | |
| 21 unsigned char *cxBufPtr; /* points to real buffer, may be cxBuf. */ | |
| 22 PRUint32 cxKeyLen; /* bytes of cxBufPtr containing key. */ | |
| 23 PRUint32 cxDataLen; /* bytes of cxBufPtr containing data. */ | |
| 24 SECStatus cxRv; /* records failure of void functions. */ | |
| 25 PRBool cxIsFIPS; /* true if conforming to FIPS 198. */ | |
| 26 unsigned char cxBuf[512]; /* actual size may be larger than 512. */ | |
| 27 } TLSPRFContext; | |
| 28 | |
| 29 static void | |
| 30 sftk_TLSPRFHashUpdate(TLSPRFContext *cx, const unsigned char *data, | |
| 31 unsigned int data_len) | |
| 32 { | |
| 33 PRUint32 bytesUsed = cx->cxKeyLen + cx->cxDataLen; | |
| 34 | |
| 35 if (cx->cxRv != SECSuccess) /* function has previously failed. */ | |
| 36 return; | |
| 37 if (bytesUsed + data_len > cx->cxBufSize) { | |
| 38 /* We don't use realloc here because | |
| 39 ** (a) realloc doesn't zero out the old block, and | |
| 40 ** (b) if realloc fails, we lose the old block. | |
| 41 */ | |
| 42 PRUint32 newBufSize = bytesUsed + data_len + 512; | |
| 43 unsigned char * newBuf = (unsigned char *)PORT_Alloc(newBufSize); | |
| 44 if (!newBuf) { | |
| 45 cx->cxRv = SECFailure; | |
| 46 return; | |
| 47 } | |
| 48 PORT_Memcpy(newBuf, cx->cxBufPtr, bytesUsed); | |
| 49 if (cx->cxBufPtr != cx->cxBuf) { | |
| 50 PORT_ZFree(cx->cxBufPtr, bytesUsed); | |
| 51 } | |
| 52 cx->cxBufPtr = newBuf; | |
| 53 cx->cxBufSize = newBufSize; | |
| 54 } | |
| 55 PORT_Memcpy(cx->cxBufPtr + bytesUsed, data, data_len); | |
| 56 cx->cxDataLen += data_len; | |
| 57 } | |
| 58 | |
| 59 static void | |
| 60 sftk_TLSPRFEnd(TLSPRFContext *ctx, unsigned char *hashout, | |
| 61 unsigned int *pDigestLen, unsigned int maxDigestLen) | |
| 62 { | |
| 63 *pDigestLen = 0; /* tells Verify that no data has been input yet. */ | |
| 64 } | |
| 65 | |
| 66 /* Compute the PRF values from the data previously input. */ | |
| 67 static SECStatus | |
| 68 sftk_TLSPRFUpdate(TLSPRFContext *cx, | |
| 69 unsigned char *sig, /* output goes here. */ | |
| 70 unsigned int * sigLen, /* how much output. */ | |
| 71 unsigned int maxLen, /* output buffer size */ | |
| 72 unsigned char *hash, /* unused. */ | |
| 73 unsigned int hashLen) /* unused. */ | |
| 74 { | |
| 75 SECStatus rv; | |
| 76 SECItem sigItem; | |
| 77 SECItem seedItem; | |
| 78 SECItem secretItem; | |
| 79 | |
| 80 if (cx->cxRv != SECSuccess) | |
| 81 return cx->cxRv; | |
| 82 | |
| 83 secretItem.data = cx->cxBufPtr; | |
| 84 secretItem.len = cx->cxKeyLen; | |
| 85 | |
| 86 seedItem.data = cx->cxBufPtr + cx->cxKeyLen; | |
| 87 seedItem.len = cx->cxDataLen; | |
| 88 | |
| 89 sigItem.data = sig; | |
| 90 sigItem.len = maxLen; | |
| 91 | |
| 92 rv = TLS_PRF(&secretItem, NULL, &seedItem, &sigItem, cx->cxIsFIPS); | |
| 93 if (rv == SECSuccess && sigLen != NULL) | |
| 94 *sigLen = sigItem.len; | |
| 95 return rv; | |
| 96 | |
| 97 } | |
| 98 | |
| 99 static SECStatus | |
| 100 sftk_TLSPRFVerify(TLSPRFContext *cx, | |
| 101 unsigned char *sig, /* input, for comparison. */ | |
| 102 unsigned int sigLen, /* length of sig. */ | |
| 103 unsigned char *hash, /* data to be verified. */ | |
| 104 unsigned int hashLen) /* size of hash data. */ | |
| 105 { | |
| 106 unsigned char * tmp = (unsigned char *)PORT_Alloc(sigLen); | |
| 107 unsigned int tmpLen = sigLen; | |
| 108 SECStatus rv; | |
| 109 | |
| 110 if (!tmp) | |
| 111 return SECFailure; | |
| 112 if (hashLen) { | |
| 113 /* hashLen is non-zero when the user does a one-step verify. | |
| 114 ** In this case, none of the data has been input yet. | |
| 115 */ | |
| 116 sftk_TLSPRFHashUpdate(cx, hash, hashLen); | |
| 117 } | |
| 118 rv = sftk_TLSPRFUpdate(cx, tmp, &tmpLen, sigLen, NULL, 0); | |
| 119 if (rv == SECSuccess) { | |
| 120 rv = (SECStatus)(1 - !PORT_Memcmp(tmp, sig, sigLen)); | |
| 121 } | |
| 122 PORT_ZFree(tmp, sigLen); | |
| 123 return rv; | |
| 124 } | |
| 125 | |
| 126 static void | |
| 127 sftk_TLSPRFHashDestroy(TLSPRFContext *cx, PRBool freeit) | |
| 128 { | |
| 129 if (freeit) { | |
| 130 if (cx->cxBufPtr != cx->cxBuf) | |
| 131 PORT_ZFree(cx->cxBufPtr, cx->cxBufSize); | |
| 132 PORT_ZFree(cx, cx->cxSize); | |
| 133 } | |
| 134 } | |
| 135 | |
| 136 CK_RV | |
| 137 sftk_TLSPRFInit(SFTKSessionContext *context, | |
| 138 SFTKObject * key, | |
| 139 CK_KEY_TYPE key_type) | |
| 140 { | |
| 141 SFTKAttribute * keyVal; | |
| 142 TLSPRFContext * prf_cx; | |
| 143 CK_RV crv = CKR_HOST_MEMORY; | |
| 144 PRUint32 keySize; | |
| 145 PRUint32 blockSize; | |
| 146 | |
| 147 if (key_type != CKK_GENERIC_SECRET) | |
| 148 return CKR_KEY_TYPE_INCONSISTENT; /* CKR_KEY_FUNCTION_NOT_PERMITTED */ | |
| 149 | |
| 150 context->multi = PR_TRUE; | |
| 151 | |
| 152 keyVal = sftk_FindAttribute(key, CKA_VALUE); | |
| 153 keySize = (!keyVal) ? 0 : keyVal->attrib.ulValueLen; | |
| 154 blockSize = keySize + sizeof(TLSPRFContext); | |
| 155 prf_cx = (TLSPRFContext *)PORT_Alloc(blockSize); | |
| 156 if (!prf_cx) | |
| 157 goto done; | |
| 158 prf_cx->cxSize = blockSize; | |
| 159 prf_cx->cxKeyLen = keySize; | |
| 160 prf_cx->cxDataLen = 0; | |
| 161 prf_cx->cxBufSize = blockSize - SFTK_OFFSETOF(TLSPRFContext, cxBuf); | |
| 162 prf_cx->cxRv = SECSuccess; | |
| 163 prf_cx->cxIsFIPS = (key->slot->slotID == FIPS_SLOT_ID); | |
| 164 prf_cx->cxBufPtr = prf_cx->cxBuf; | |
| 165 if (keySize) | |
| 166 PORT_Memcpy(prf_cx->cxBufPtr, keyVal->attrib.pValue, keySize); | |
| 167 | |
| 168 context->hashInfo = (void *) prf_cx; | |
| 169 context->cipherInfo = (void *) prf_cx; | |
| 170 context->hashUpdate = (SFTKHash) sftk_TLSPRFHashUpdate; | |
| 171 context->end = (SFTKEnd) sftk_TLSPRFEnd; | |
| 172 context->update = (SFTKCipher) sftk_TLSPRFUpdate; | |
| 173 context->verify = (SFTKVerify) sftk_TLSPRFVerify; | |
| 174 context->destroy = (SFTKDestroy) sftk_TLSPRFNull; | |
| 175 context->hashdestroy = (SFTKDestroy) sftk_TLSPRFHashDestroy; | |
| 176 crv = CKR_OK; | |
| 177 | |
| 178 done: | |
| 179 if (keyVal) | |
| 180 sftk_FreeAttribute(keyVal); | |
| 181 return crv; | |
| 182 } | |
| 183 | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 14249009:
Change the NSS and NSPR source tree to the new directory structure to be (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/