| OLD | NEW |
|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 4 #include "lowkeyi.h" | 4 #include "lowkeyi.h" |
| 5 #include "secoid.h" | 5 #include "secoid.h" |
| 6 #include "secitem.h" | 6 #include "secitem.h" |
| 7 #include "secder.h" | 7 #include "secder.h" |
| 8 #include "base64.h" | 8 #include "base64.h" |
| 9 #include "secasn1.h" | 9 #include "secasn1.h" |
| 10 #include "secerr.h" | 10 #include "secerr.h" |
| 11 | 11 |
| 12 #ifdef NSS_ENABLE_ECC | 12 #ifndef NSS_DISABLE_ECC |
| 13 #include "softoken.h" | 13 #include "softoken.h" |
| 14 #endif | 14 #endif |
| 15 | 15 |
| 16 SEC_ASN1_MKSUB(SEC_AnyTemplate) | 16 SEC_ASN1_MKSUB(SEC_AnyTemplate) |
| 17 SEC_ASN1_MKSUB(SEC_BitStringTemplate) | 17 SEC_ASN1_MKSUB(SEC_BitStringTemplate) |
| 18 SEC_ASN1_MKSUB(SEC_ObjectIDTemplate) | 18 SEC_ASN1_MKSUB(SEC_ObjectIDTemplate) |
| 19 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) | 19 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) |
| 20 | 20 |
| 21 const SEC_ASN1Template nsslowkey_AttributeTemplate[] = { | 21 const SEC_ASN1Template nsslowkey_AttributeTemplate[] = { |
| 22 { SEC_ASN1_SEQUENCE, | 22 { SEC_ASN1_SEQUENCE, |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 84 | 84 |
| 85 const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[] = { | 85 const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[] = { |
| 86 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) }, | 86 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) }, |
| 87 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.publicValue) }, | 87 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.publicValue) }, |
| 88 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.privateValue) }, | 88 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.privateValue) }, |
| 89 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.base) }, | 89 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.base) }, |
| 90 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.prime) }, | 90 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.prime) }, |
| 91 { 0, } | 91 { 0, } |
| 92 }; | 92 }; |
| 93 | 93 |
| 94 #ifdef NSS_ENABLE_ECC | 94 #ifndef NSS_DISABLE_ECC |
| 95 | 95 |
| 96 /* XXX This is just a placeholder for later when we support | 96 /* XXX This is just a placeholder for later when we support |
| 97 * generic curves and need full-blown support for parsing EC | 97 * generic curves and need full-blown support for parsing EC |
| 98 * parameters. For now, we only support named curves in which | 98 * parameters. For now, we only support named curves in which |
| 99 * EC params are simply encoded as an object ID and we don't | 99 * EC params are simply encoded as an object ID and we don't |
| 100 * use nsslowkey_ECParamsTemplate. | 100 * use nsslowkey_ECParamsTemplate. |
| 101 */ | 101 */ |
| 102 const SEC_ASN1Template nsslowkey_ECParamsTemplate[] = { | 102 const SEC_ASN1Template nsslowkey_ECParamsTemplate[] = { |
| 103 { SEC_ASN1_CHOICE, offsetof(ECParams,type), NULL, sizeof(ECParams) }, | 103 { SEC_ASN1_CHOICE, offsetof(ECParams,type), NULL, sizeof(ECParams) }, |
| 104 { SEC_ASN1_OBJECT_ID, offsetof(ECParams,curveOID), NULL, ec_params_named }, | 104 { SEC_ASN1_OBJECT_ID, offsetof(ECParams,curveOID), NULL, ec_params_named }, |
| (...skipping 28 matching lines...) Expand all Loading... |
| 133 offsetof(NSSLOWKEYPrivateKey,u.ec.ecParams), | 133 offsetof(NSSLOWKEYPrivateKey,u.ec.ecParams), |
| 134 nsslowkey_ECParamsTemplate }, | 134 nsslowkey_ECParamsTemplate }, |
| 135 #endif | 135 #endif |
| 136 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | | 136 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | |
| 137 SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | | 137 SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | |
| 138 SEC_ASN1_XTRN | 1, | 138 SEC_ASN1_XTRN | 1, |
| 139 offsetof(NSSLOWKEYPrivateKey,u.ec.publicValue), | 139 offsetof(NSSLOWKEYPrivateKey,u.ec.publicValue), |
| 140 SEC_ASN1_SUB(SEC_BitStringTemplate) }, | 140 SEC_ASN1_SUB(SEC_BitStringTemplate) }, |
| 141 { 0, } | 141 { 0, } |
| 142 }; | 142 }; |
| 143 #endif /* NSS_ENABLE_ECC */ | 143 #endif /* NSS_DISABLE_ECC */ |
| 144 /* | 144 /* |
| 145 * See bugzilla bug 125359 | 145 * See bugzilla bug 125359 |
| 146 * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints, | 146 * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints, |
| 147 * all of the templates above that en/decode into integers must be converted | 147 * all of the templates above that en/decode into integers must be converted |
| 148 * from ASN.1's signed integer type. This is done by marking either the | 148 * from ASN.1's signed integer type. This is done by marking either the |
| 149 * source or destination (encoding or decoding, respectively) type as | 149 * source or destination (encoding or decoding, respectively) type as |
| 150 * siUnsignedInteger. | 150 * siUnsignedInteger. |
| 151 */ | 151 */ |
| 152 | 152 |
| 153 void | 153 void |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 189 | 189 |
| 190 void | 190 void |
| 191 prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) | 191 prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) |
| 192 { | 192 { |
| 193 key->u.dh.prime.type = siUnsignedInteger; | 193 key->u.dh.prime.type = siUnsignedInteger; |
| 194 key->u.dh.base.type = siUnsignedInteger; | 194 key->u.dh.base.type = siUnsignedInteger; |
| 195 key->u.dh.publicValue.type = siUnsignedInteger; | 195 key->u.dh.publicValue.type = siUnsignedInteger; |
| 196 key->u.dh.privateValue.type = siUnsignedInteger; | 196 key->u.dh.privateValue.type = siUnsignedInteger; |
| 197 } | 197 } |
| 198 | 198 |
| 199 #ifdef NSS_ENABLE_ECC | 199 #ifndef NSS_DISABLE_ECC |
| 200 void | 200 void |
| 201 prepare_low_ecparams_for_asn1(ECParams *params) | 201 prepare_low_ecparams_for_asn1(ECParams *params) |
| 202 { | 202 { |
| 203 params->DEREncoding.type = siUnsignedInteger; | 203 params->DEREncoding.type = siUnsignedInteger; |
| 204 params->curveOID.type = siUnsignedInteger; | 204 params->curveOID.type = siUnsignedInteger; |
| 205 } | 205 } |
| 206 | 206 |
| 207 void | 207 void |
| 208 prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) | 208 prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) |
| 209 { | 209 { |
| 210 key->u.ec.version.type = siUnsignedInteger; | 210 key->u.ec.version.type = siUnsignedInteger; |
| 211 key->u.ec.ecParams.DEREncoding.type = siUnsignedInteger; | 211 key->u.ec.ecParams.DEREncoding.type = siUnsignedInteger; |
| 212 key->u.ec.ecParams.curveOID.type = siUnsignedInteger; | 212 key->u.ec.ecParams.curveOID.type = siUnsignedInteger; |
| 213 key->u.ec.privateValue.type = siUnsignedInteger; | 213 key->u.ec.privateValue.type = siUnsignedInteger; |
| 214 key->u.ec.publicValue.type = siUnsignedInteger; | 214 key->u.ec.publicValue.type = siUnsignedInteger; |
| 215 } | 215 } |
| 216 #endif /* NSS_ENABLE_ECC */ | 216 #endif /* NSS_DISABLE_ECC */ |
| 217 | 217 |
| 218 void | 218 void |
| 219 nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk) | 219 nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk) |
| 220 { | 220 { |
| 221 if (privk && privk->arena) { | 221 if (privk && privk->arena) { |
| 222 PORT_FreeArena(privk->arena, PR_TRUE); | 222 PORT_FreeArena(privk->arena, PR_TRUE); |
| 223 } | 223 } |
| 224 } | 224 } |
| 225 | 225 |
| 226 void | 226 void |
| (...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 334 &privk->u.dh.publicValue); | 334 &privk->u.dh.publicValue); |
| 335 if (rv != SECSuccess) break; | 335 if (rv != SECSuccess) break; |
| 336 rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime, | 336 rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime, |
| 337 &privk->u.dh.prime); | 337 &privk->u.dh.prime); |
| 338 if (rv != SECSuccess) break; | 338 if (rv != SECSuccess) break; |
| 339 rv = SECITEM_CopyItem(arena, &pubk->u.dh.base, | 339 rv = SECITEM_CopyItem(arena, &pubk->u.dh.base, |
| 340 &privk->u.dh.base); | 340 &privk->u.dh.base); |
| 341 if (rv == SECSuccess) return pubk; | 341 if (rv == SECSuccess) return pubk; |
| 342 } | 342 } |
| 343 break; | 343 break; |
| 344 #ifdef NSS_ENABLE_ECC | 344 #ifndef NSS_DISABLE_ECC |
| 345 case NSSLOWKEYECKey: | 345 case NSSLOWKEYECKey: |
| 346 pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, | 346 pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, |
| 347 sizeof(NSSLOWKEYPublicKey)); | 347 sizeof(NSSLOWKEYPublicKey)); |
| 348 if (pubk != NULL) { | 348 if (pubk != NULL) { |
| 349 SECStatus rv; | 349 SECStatus rv; |
| 350 | 350 |
| 351 pubk->arena = arena; | 351 pubk->arena = arena; |
| 352 pubk->keyType = privk->keyType; | 352 pubk->keyType = privk->keyType; |
| 353 rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue, | 353 rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue, |
| 354 &privk->u.ec.publicValue); | 354 &privk->u.ec.publicValue); |
| 355 if (rv != SECSuccess) break; | 355 if (rv != SECSuccess) break; |
| 356 pubk->u.ec.ecParams.arena = arena; | 356 pubk->u.ec.ecParams.arena = arena; |
| 357 /* Copy the rest of the params */ | 357 /* Copy the rest of the params */ |
| 358 rv = EC_CopyParams(arena, &(pubk->u.ec.ecParams), | 358 rv = EC_CopyParams(arena, &(pubk->u.ec.ecParams), |
| 359 &(privk->u.ec.ecParams)); | 359 &(privk->u.ec.ecParams)); |
| 360 if (rv == SECSuccess) return pubk; | 360 if (rv == SECSuccess) return pubk; |
| 361 } | 361 } |
| 362 break; | 362 break; |
| 363 #endif /* NSS_ENABLE_ECC */ | 363 #endif /* NSS_DISABLE_ECC */ |
| 364 /* No Fortezza in Low Key implementations (Fortezza keys aren't | 364 /* No Fortezza in Low Key implementations (Fortezza keys aren't |
| 365 * stored in our data base */ | 365 * stored in our data base */ |
| 366 default: | 366 default: |
| 367 break; | 367 break; |
| 368 } | 368 } |
| 369 | 369 |
| 370 PORT_FreeArena (arena, PR_FALSE); | 370 PORT_FreeArena (arena, PR_FALSE); |
| 371 return NULL; | 371 return NULL; |
| 372 } | 372 } |
| 373 | 373 |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 452 &(privKey->u.dh.privateValue)); | 452 &(privKey->u.dh.privateValue)); |
| 453 if(rv != SECSuccess) break; | 453 if(rv != SECSuccess) break; |
| 454 returnKey->u.dsa.params.arena = poolp; | 454 returnKey->u.dsa.params.arena = poolp; |
| 455 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.prime), | 455 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.prime), |
| 456 &(privKey->u.dh.prime)); | 456 &(privKey->u.dh.prime)); |
| 457 if(rv != SECSuccess) break; | 457 if(rv != SECSuccess) break; |
| 458 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.base), | 458 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.base), |
| 459 &(privKey->u.dh.base)); | 459 &(privKey->u.dh.base)); |
| 460 if(rv != SECSuccess) break; | 460 if(rv != SECSuccess) break; |
| 461 break; | 461 break; |
| 462 #ifdef NSS_ENABLE_ECC | 462 #ifndef NSS_DISABLE_ECC |
| 463 case NSSLOWKEYECKey: | 463 case NSSLOWKEYECKey: |
| 464 rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.version), | 464 rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.version), |
| 465 &(privKey->u.ec.version)); | 465 &(privKey->u.ec.version)); |
| 466 if(rv != SECSuccess) break; | 466 if(rv != SECSuccess) break; |
| 467 rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.publicValue), | 467 rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.publicValue), |
| 468 &(privKey->u.ec.publicValue)); | 468 &(privKey->u.ec.publicValue)); |
| 469 if(rv != SECSuccess) break; | 469 if(rv != SECSuccess) break; |
| 470 rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.privateValue), | 470 rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.privateValue), |
| 471 &(privKey->u.ec.privateValue)); | 471 &(privKey->u.ec.privateValue)); |
| 472 if(rv != SECSuccess) break; | 472 if(rv != SECSuccess) break; |
| 473 returnKey->u.ec.ecParams.arena = poolp; | 473 returnKey->u.ec.ecParams.arena = poolp; |
| 474 /* Copy the rest of the params */ | 474 /* Copy the rest of the params */ |
| 475 rv = EC_CopyParams(poolp, &(returnKey->u.ec.ecParams), | 475 rv = EC_CopyParams(poolp, &(returnKey->u.ec.ecParams), |
| 476 &(privKey->u.ec.ecParams)); | 476 &(privKey->u.ec.ecParams)); |
| 477 if (rv != SECSuccess) break; | 477 if (rv != SECSuccess) break; |
| 478 break; | 478 break; |
| 479 #endif /* NSS_ENABLE_ECC */ | 479 #endif /* NSS_DISABLE_ECC */ |
| 480 default: | 480 default: |
| 481 rv = SECFailure; | 481 rv = SECFailure; |
| 482 } | 482 } |
| 483 | 483 |
| 484 loser: | 484 loser: |
| 485 | 485 |
| 486 if(rv != SECSuccess) { | 486 if(rv != SECSuccess) { |
| 487 PORT_FreeArena(poolp, PR_TRUE); | 487 PORT_FreeArena(poolp, PR_TRUE); |
| 488 returnKey = NULL; | 488 returnKey = NULL; |
| 489 } | 489 } |
| 490 | 490 |
| 491 return returnKey; | 491 return returnKey; |
| 492 } | 492 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 195763027:
Update NSS to NSS_3_16_RC0. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/