OLD | NEW |
1 | 1 |
2 /* This Source Code Form is subject to the terms of the Mozilla Public | 2 /* This Source Code Form is subject to the terms of the Mozilla Public |
3 * License, v. 2.0. If a copy of the MPL was not distributed with this | 3 * License, v. 2.0. If a copy of the MPL was not distributed with this |
4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
5 /* | 5 /* |
6 * This file PKCS #12 fuctions that should really be moved to the | 6 * This file PKCS #12 fuctions that should really be moved to the |
7 * PKCS #12 directory, however we can't do that in a point release | 7 * PKCS #12 directory, however we can't do that in a point release |
8 * because that will break binary compatibility, so we keep them here for now. | 8 * because that will break binary compatibility, so we keep them here for now. |
9 */ | 9 */ |
10 | 10 |
(...skipping 216 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
227 pki = PORT_ArenaZNew(temparena, SECKEYPrivateKeyInfo); | 227 pki = PORT_ArenaZNew(temparena, SECKEYPrivateKeyInfo); |
228 if (!pki) { | 228 if (!pki) { |
229 PORT_FreeArena(temparena, PR_FALSE); | 229 PORT_FreeArena(temparena, PR_FALSE); |
230 return rv; | 230 return rv; |
231 } | 231 } |
232 pki->arena = temparena; | 232 pki->arena = temparena; |
233 | 233 |
234 rv = SEC_ASN1DecodeItem(pki->arena, pki, SECKEY_PrivateKeyInfoTemplate, | 234 rv = SEC_ASN1DecodeItem(pki->arena, pki, SECKEY_PrivateKeyInfoTemplate, |
235 derPKI); | 235 derPKI); |
236 if( rv != SECSuccess ) { | 236 if( rv != SECSuccess ) { |
237 » goto finish; | 237 /* If SEC_ASN1DecodeItem fails, we cannot assume anything about the |
| 238 * validity of the data in pki. The best we can do is free the arena |
| 239 * and return. |
| 240 */ |
| 241 PORT_FreeArena(temparena, PR_TRUE); |
| 242 return rv; |
238 } | 243 } |
239 | 244 |
240 rv = PK11_ImportPrivateKeyInfoAndReturnKey(slot, pki, nickname, | 245 rv = PK11_ImportPrivateKeyInfoAndReturnKey(slot, pki, nickname, |
241 publicValue, isPerm, isPrivate, keyUsage, privk, wincx); | 246 publicValue, isPerm, isPrivate, keyUsage, privk, wincx); |
242 | 247 |
243 finish: | |
244 /* this zeroes the key and frees the arena */ | 248 /* this zeroes the key and frees the arena */ |
245 SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/); | 249 SECKEY_DestroyPrivateKeyInfo(pki, PR_TRUE /*freeit*/); |
246 return rv; | 250 return rv; |
247 } | 251 } |
248 | 252 |
249 SECStatus | 253 SECStatus |
250 PK11_ImportAndReturnPrivateKey(PK11SlotInfo *slot, SECKEYRawPrivateKey *lpk, | 254 PK11_ImportAndReturnPrivateKey(PK11SlotInfo *slot, SECKEYRawPrivateKey *lpk, |
251 SECItem *nickname, SECItem *publicValue, PRBool isPerm, | 255 SECItem *nickname, SECItem *publicValue, PRBool isPerm, |
252 PRBool isPrivate, unsigned int keyUsage, SECKEYPrivateKey **privk, | 256 PRBool isPrivate, unsigned int keyUsage, SECKEYPrivateKey **privk, |
253 void *wincx) | 257 void *wincx) |
(...skipping 161 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
415 } | 419 } |
416 return rv; | 420 return rv; |
417 } | 421 } |
418 | 422 |
419 SECStatus | 423 SECStatus |
420 PK11_ImportPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, | 424 PK11_ImportPrivateKeyInfoAndReturnKey(PK11SlotInfo *slot, |
421 SECKEYPrivateKeyInfo *pki, SECItem *nickname, SECItem *publicValue, | 425 SECKEYPrivateKeyInfo *pki, SECItem *nickname, SECItem *publicValue, |
422 PRBool isPerm, PRBool isPrivate, unsigned int keyUsage, | 426 PRBool isPerm, PRBool isPrivate, unsigned int keyUsage, |
423 SECKEYPrivateKey **privk, void *wincx) | 427 SECKEYPrivateKey **privk, void *wincx) |
424 { | 428 { |
425 CK_KEY_TYPE keyType = CKK_RSA; | |
426 SECStatus rv = SECFailure; | 429 SECStatus rv = SECFailure; |
427 SECKEYRawPrivateKey *lpk = NULL; | 430 SECKEYRawPrivateKey *lpk = NULL; |
428 const SEC_ASN1Template *keyTemplate, *paramTemplate; | 431 const SEC_ASN1Template *keyTemplate, *paramTemplate; |
429 void *paramDest = NULL; | 432 void *paramDest = NULL; |
430 PLArenaPool *arena = NULL; | 433 PLArenaPool *arena = NULL; |
431 | 434 |
432 arena = PORT_NewArena(2048); | 435 arena = PORT_NewArena(2048); |
433 if(!arena) { | 436 if(!arena) { |
434 return SECFailure; | 437 return SECFailure; |
435 } | 438 } |
436 | 439 |
437 /* need to change this to use RSA/DSA keys */ | 440 /* need to change this to use RSA/DSA keys */ |
438 lpk = (SECKEYRawPrivateKey *)PORT_ArenaZAlloc(arena, | 441 lpk = (SECKEYRawPrivateKey *)PORT_ArenaZAlloc(arena, |
439 sizeof(SECKEYRawPrivateKey)); | 442 sizeof(SECKEYRawPrivateKey)); |
440 if(lpk == NULL) { | 443 if(lpk == NULL) { |
441 goto loser; | 444 goto loser; |
442 } | 445 } |
443 lpk->arena = arena; | 446 lpk->arena = arena; |
444 | 447 |
445 switch(SECOID_GetAlgorithmTag(&pki->algorithm)) { | 448 switch(SECOID_GetAlgorithmTag(&pki->algorithm)) { |
446 case SEC_OID_PKCS1_RSA_ENCRYPTION: | 449 case SEC_OID_PKCS1_RSA_ENCRYPTION: |
447 prepare_rsa_priv_key_export_for_asn1(lpk); | 450 prepare_rsa_priv_key_export_for_asn1(lpk); |
448 keyTemplate = SECKEY_RSAPrivateKeyExportTemplate; | 451 keyTemplate = SECKEY_RSAPrivateKeyExportTemplate; |
449 paramTemplate = NULL; | 452 paramTemplate = NULL; |
450 paramDest = NULL; | 453 paramDest = NULL; |
451 lpk->keyType = rsaKey; | 454 lpk->keyType = rsaKey; |
452 keyType = CKK_RSA; | |
453 break; | 455 break; |
454 case SEC_OID_ANSIX9_DSA_SIGNATURE: | 456 case SEC_OID_ANSIX9_DSA_SIGNATURE: |
455 prepare_dsa_priv_key_export_for_asn1(lpk); | 457 prepare_dsa_priv_key_export_for_asn1(lpk); |
456 keyTemplate = SECKEY_DSAPrivateKeyExportTemplate; | 458 keyTemplate = SECKEY_DSAPrivateKeyExportTemplate; |
457 paramTemplate = SECKEY_PQGParamsTemplate; | 459 paramTemplate = SECKEY_PQGParamsTemplate; |
458 paramDest = &(lpk->u.dsa.params); | 460 paramDest = &(lpk->u.dsa.params); |
459 lpk->keyType = dsaKey; | 461 lpk->keyType = dsaKey; |
460 keyType = CKK_DSA; | |
461 break; | 462 break; |
462 case SEC_OID_X942_DIFFIE_HELMAN_KEY: | 463 case SEC_OID_X942_DIFFIE_HELMAN_KEY: |
463 if(!publicValue) { | 464 if(!publicValue) { |
464 goto loser; | 465 goto loser; |
465 } | 466 } |
466 prepare_dh_priv_key_export_for_asn1(lpk); | 467 prepare_dh_priv_key_export_for_asn1(lpk); |
467 keyTemplate = SECKEY_DHPrivateKeyExportTemplate; | 468 keyTemplate = SECKEY_DHPrivateKeyExportTemplate; |
468 paramTemplate = NULL; | 469 paramTemplate = NULL; |
469 paramDest = NULL; | 470 paramDest = NULL; |
470 lpk->keyType = dhKey; | 471 lpk->keyType = dhKey; |
471 keyType = CKK_DH; | |
472 break; | 472 break; |
473 | 473 |
474 default: | 474 default: |
475 keyTemplate = NULL; | 475 keyTemplate = NULL; |
476 paramTemplate = NULL; | 476 paramTemplate = NULL; |
477 paramDest = NULL; | 477 paramDest = NULL; |
478 break; | 478 break; |
479 } | 479 } |
480 | 480 |
481 if(!keyTemplate) { | 481 if(!keyTemplate) { |
(...skipping 137 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
619 pki->arena = arena; | 619 pki->arena = arena; |
620 | 620 |
621 return pki; | 621 return pki; |
622 | 622 |
623 loser: | 623 loser: |
624 if (arena) { | 624 if (arena) { |
625 PORT_FreeArena(arena, PR_TRUE); | 625 PORT_FreeArena(arena, PR_TRUE); |
626 } | 626 } |
627 return NULL; | 627 return NULL; |
628 } | 628 } |
OLD | NEW |