Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(49)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/pk11wrap/pk11obj.c

Issue 1843333003: Update NSPR to 4.12 and NSS to 3.23 on iOS (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@master
Patch Set: Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « nss/lib/pk11wrap/pk11mech.c ('k') | nss/lib/pk11wrap/pk11pars.c » ('j') | nss/lib/util/secoid.c » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* This Source Code Form is subject to the terms of the Mozilla Public 1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this 2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /* 4 /*
5 * This file manages object type indepentent functions. 5 * This file manages object type indepentent functions.
6 */ 6 */
7 #include "seccomon.h" 7 #include "seccomon.h"
8 #include "secmod.h" 8 #include "secmod.h"
9 #include "secmodi.h" 9 #include "secmodi.h"
10 #include "secmodti.h" 10 #include "secmodti.h"
11 #include "pkcs11.h" 11 #include "pkcs11.h"
12 #include "pkcs11t.h" 12 #include "pkcs11t.h"
13 #include "pk11func.h" 13 #include "pk11func.h"
14 #include "key.h" 14 #include "key.h"
15 #include "secitem.h" 15 #include "secitem.h"
16 #include "secerr.h" 16 #include "secerr.h"
17 #include "sslerr.h" 17 #include "sslerr.h"
18 18
19 #define PK11_SEARCH_CHUNKSIZE 10 19 #define PK11_SEARCH_CHUNKSIZE 10
20 20
21 /* 21 /*
22 * Build a block big enough to hold the data 22 * Build a block big enough to hold the data
23 */ 23 */
24 SECItem * 24 SECItem *
25 PK11_BlockData(SECItem *data,unsigned long size) { 25 PK11_BlockData(SECItem *data,unsigned long size) {
26 SECItem *newData; 26 SECItem *newData;
27 27
28 if (size == 0u) return NULL;
29
28 newData = (SECItem *)PORT_Alloc(sizeof(SECItem)); 30 newData = (SECItem *)PORT_Alloc(sizeof(SECItem));
29 if (newData == NULL) return NULL; 31 if (newData == NULL) return NULL;
30 32
31 newData->len = (data->len + (size-1))/size; 33 newData->len = (data->len + (size-1))/size;
32 newData->len *= size; 34 newData->len *= size;
33 35
34 newData->data = (unsigned char *) PORT_ZAlloc(newData->len); 36 newData->data = (unsigned char *) PORT_ZAlloc(newData->len);
35 if (newData->data == NULL) { 37 if (newData->data == NULL) {
36 PORT_Free(newData); 38 PORT_Free(newData);
37 return NULL; 39 return NULL;
(...skipping 621 matching lines...) Expand 10 before | Expand all | Expand 10 after
659 return SECSuccess; 661 return SECSuccess;
660 } 662 }
661 663
662 /* 664 /*
663 * verify a signature from its hash. 665 * verify a signature from its hash.
664 */ 666 */
665 SECStatus 667 SECStatus
666 PK11_Verify(SECKEYPublicKey *key, const SECItem *sig, const SECItem *hash, 668 PK11_Verify(SECKEYPublicKey *key, const SECItem *sig, const SECItem *hash,
667 void *wincx) 669 void *wincx)
668 { 670 {
671 CK_MECHANISM_TYPE mech = PK11_MapSignKeyType(key->keyType);
672 return PK11_VerifyWithMechanism(key, mech, NULL, sig, hash, wincx);
673 }
674
675 /*
676 * Verify a signature from its hash using the given algorithm.
677 */
678 SECStatus
679 PK11_VerifyWithMechanism(SECKEYPublicKey *key, CK_MECHANISM_TYPE mechanism,
680 const SECItem *param, const SECItem *sig,
681 const SECItem *hash, void *wincx)
682 {
669 PK11SlotInfo *slot = key->pkcs11Slot; 683 PK11SlotInfo *slot = key->pkcs11Slot;
670 CK_OBJECT_HANDLE id = key->pkcs11ID; 684 CK_OBJECT_HANDLE id = key->pkcs11ID;
671 CK_MECHANISM mech = {0, NULL, 0 }; 685 CK_MECHANISM mech = {0, NULL, 0 };
672 PRBool owner = PR_TRUE; 686 PRBool owner = PR_TRUE;
673 CK_SESSION_HANDLE session; 687 CK_SESSION_HANDLE session;
674 CK_RV crv; 688 CK_RV crv;
675 689
676 mech.mechanism = PK11_MapSignKeyType(key->keyType); 690 mech.mechanism = mechanism;
691 if (param) {
692 mech.pParameter = param->data;
693 mech.ulParameterLen = param->len;
694 }
677 695
678 if (slot == NULL) { 696 if (slot == NULL) {
679 unsigned int length = 0; 697 unsigned int length = 0;
680 if ((mech.mechanism == CKM_DSA) && 698 if ((mech.mechanism == CKM_DSA) &&
681 /* 129 is 1024 bits translated to bytes and 699 /* 129 is 1024 bits translated to bytes and
682 * padded with an optional '0' to maintain a 700 * padded with an optional '0' to maintain a
683 * positive sign */ 701 * positive sign */
684 (key->u.dsa.params.prime.len > 129)) { 702 (key->u.dsa.params.prime.len > 129)) {
685 /* we need to get a slot that not only can do DSA, but can do DSA2 703 /* we need to get a slot that not only can do DSA, but can do DSA2
686 * key lengths */ 704 * key lengths */
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
730 } 748 }
731 return SECSuccess; 749 return SECSuccess;
732 } 750 }
733 751
734 /* 752 /*
735 * sign a hash. The algorithm is determined by the key. 753 * sign a hash. The algorithm is determined by the key.
736 */ 754 */
737 SECStatus 755 SECStatus
738 PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, const SECItem *hash) 756 PK11_Sign(SECKEYPrivateKey *key, SECItem *sig, const SECItem *hash)
739 { 757 {
758 CK_MECHANISM_TYPE mech = PK11_MapSignKeyType(key->keyType);
759 return PK11_SignWithMechanism(key, mech, NULL, sig, hash);
760 }
761
762 /*
763 * Sign a hash using the given algorithm.
764 */
765 SECStatus
766 PK11_SignWithMechanism(SECKEYPrivateKey *key, CK_MECHANISM_TYPE mechanism,
767 const SECItem *param, SECItem *sig, const SECItem *hash)
768 {
740 PK11SlotInfo *slot = key->pkcs11Slot; 769 PK11SlotInfo *slot = key->pkcs11Slot;
741 CK_MECHANISM mech = {0, NULL, 0 }; 770 CK_MECHANISM mech = {0, NULL, 0 };
742 PRBool owner = PR_TRUE; 771 PRBool owner = PR_TRUE;
743 CK_SESSION_HANDLE session; 772 CK_SESSION_HANDLE session;
744 PRBool haslock = PR_FALSE; 773 PRBool haslock = PR_FALSE;
745 CK_ULONG len; 774 CK_ULONG len;
746 CK_RV crv; 775 CK_RV crv;
747 776
748 mech.mechanism = PK11_MapSignKeyType(key->keyType); 777 mech.mechanism = mechanism;
778 if (param) {
779 mech.pParameter = param->data;
780 mech.ulParameterLen = param->len;
781 }
749 782
750 if (SECKEY_HAS_ATTRIBUTE_SET(key,CKA_PRIVATE)) { 783 if (SECKEY_HAS_ATTRIBUTE_SET(key,CKA_PRIVATE)) {
751 PK11_HandlePasswordCheck(slot, key->wincx); 784 PK11_HandlePasswordCheck(slot, key->wincx);
752 } 785 }
753 786
754 session = pk11_GetNewSession(slot,&owner); 787 session = pk11_GetNewSession(slot,&owner);
755 haslock = (!owner || !(slot->isThreadSafe)); 788 haslock = (!owner || !(slot->isThreadSafe));
756 if (haslock) PK11_EnterSlotMonitor(slot); 789 if (haslock) PK11_EnterSlotMonitor(slot);
757 crv = PK11_GETTAB(slot)->C_SignInit(session,&mech,key->pkcs11ID); 790 crv = PK11_GETTAB(slot)->C_SignInit(session,&mech,key->pkcs11ID);
758 if (crv != CKR_OK) { 791 if (crv != CKR_OK) {
(...skipping 1254 matching lines...) Expand 10 before | Expand all | Expand 10 after
2013 PORT_SetError( PK11_MapError(crv) ); 2046 PORT_SetError( PK11_MapError(crv) );
2014 return NULL; 2047 return NULL;
2015 } 2048 }
2016 2049
2017 item->data = (unsigned char*) theTemplate[0].pValue; 2050 item->data = (unsigned char*) theTemplate[0].pValue;
2018 item->len =theTemplate[0].ulValueLen; 2051 item->len =theTemplate[0].ulValueLen;
2019 2052
2020 return item; 2053 return item;
2021 } 2054 }
2022 2055
OLDNEW
« no previous file with comments | « nss/lib/pk11wrap/pk11mech.c ('k') | nss/lib/pk11wrap/pk11pars.c » ('j') | nss/lib/util/secoid.c » ('J')

Powered by Google App Engine
This is Rietveld 408576698