OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 /* | 4 /* |
5 * This file implements PKCS 11 on top of our existing security modules | 5 * This file implements PKCS 11 on top of our existing security modules |
6 * | 6 * |
7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard. | 7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard. |
8 * This implementation has two slots: | 8 * This implementation has two slots: |
9 * slot 1 is our generic crypto support. It does not require login. | 9 * slot 1 is our generic crypto support. It does not require login. |
10 * It supports Public Key ops, and all they bulk ciphers and hashes. | 10 * It supports Public Key ops, and all they bulk ciphers and hashes. |
(...skipping 852 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
863 isEncrypt, att->attrib.ulValueLen, 16); | 863 isEncrypt, att->attrib.ulValueLen, 16); |
864 sftk_FreeAttribute(att); | 864 sftk_FreeAttribute(att); |
865 if (context->cipherInfo == NULL) { | 865 if (context->cipherInfo == NULL) { |
866 crv = CKR_HOST_MEMORY; | 866 crv = CKR_HOST_MEMORY; |
867 break; | 867 break; |
868 } | 868 } |
869 context->update = (SFTKCipher) (isEncrypt ? AES_Encrypt : AES_Decrypt); | 869 context->update = (SFTKCipher) (isEncrypt ? AES_Encrypt : AES_Decrypt); |
870 context->destroy = (SFTKDestroy) AES_DestroyContext; | 870 context->destroy = (SFTKDestroy) AES_DestroyContext; |
871 break; | 871 break; |
872 | 872 |
| 873 case CKM_NSS_CHACHA20_POLY1305: { |
| 874 CK_NSS_AEAD_PARAMS *params; |
| 875 if (pMechanism->ulParameterLen != sizeof(CK_NSS_AEAD_PARAMS)) { |
| 876 crv = CKR_MECHANISM_PARAM_INVALID; |
| 877 break; |
| 878 } |
| 879 params = (CK_NSS_AEAD_PARAMS*) pMechanism->pParameter; |
| 880 context->multi = PR_FALSE; |
| 881 if (key_type != CKK_NSS_CHACHA20) { |
| 882 crv = CKR_KEY_TYPE_INCONSISTENT; |
| 883 break; |
| 884 } |
| 885 att = sftk_FindAttribute(key,CKA_VALUE); |
| 886 if (att == NULL) { |
| 887 crv = CKR_KEY_HANDLE_INVALID; |
| 888 break; |
| 889 } |
| 890 context->cipherInfo = ChaCha20Poly1305_CreateContext( |
| 891 (unsigned char*) att->attrib.pValue, att->attrib.ulValueLen, |
| 892 params->pIv, params->ulIvLen, params->pAAD, params->ulAADLen, |
| 893 params->ulTagBits); |
| 894 sftk_FreeAttribute(att); |
| 895 if (context->cipherInfo == NULL) { |
| 896 /* XXX map error code */ |
| 897 crv = CKR_HOST_MEMORY; |
| 898 break; |
| 899 } |
| 900 context->update = (SFTKCipher) (isEncrypt ? ChaCha20Poly1305_Seal : |
| 901 ChaCha20Poly1305_Open); |
| 902 context->destroy = (SFTKDestroy) ChaCha20Poly1305_DestroyContext; |
| 903 break; |
| 904 } |
| 905 |
873 case CKM_NETSCAPE_AES_KEY_WRAP_PAD: | 906 case CKM_NETSCAPE_AES_KEY_WRAP_PAD: |
874 context->doPad = PR_TRUE; | 907 context->doPad = PR_TRUE; |
875 /* fall thru */ | 908 /* fall thru */ |
876 case CKM_NETSCAPE_AES_KEY_WRAP: | 909 case CKM_NETSCAPE_AES_KEY_WRAP: |
877 context->multi = PR_FALSE; | 910 context->multi = PR_FALSE; |
878 context->blockSize = 8; | 911 context->blockSize = 8; |
879 if (key_type != CKK_AES) { | 912 if (key_type != CKK_AES) { |
880 crv = CKR_KEY_TYPE_INCONSISTENT; | 913 crv = CKR_KEY_TYPE_INCONSISTENT; |
881 break; | 914 break; |
882 } | 915 } |
(...skipping 2382 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3265 *key_length = 16; | 3298 *key_length = 16; |
3266 break; | 3299 break; |
3267 case CKM_CAMELLIA_KEY_GEN: | 3300 case CKM_CAMELLIA_KEY_GEN: |
3268 *key_type = CKK_CAMELLIA; | 3301 *key_type = CKK_CAMELLIA; |
3269 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; | 3302 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; |
3270 break; | 3303 break; |
3271 case CKM_AES_KEY_GEN: | 3304 case CKM_AES_KEY_GEN: |
3272 *key_type = CKK_AES; | 3305 *key_type = CKK_AES; |
3273 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; | 3306 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; |
3274 break; | 3307 break; |
| 3308 case CKM_NSS_CHACHA20_KEY_GEN: |
| 3309 *key_type = CKK_NSS_CHACHA20; |
| 3310 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; |
| 3311 break; |
3275 default: | 3312 default: |
3276 PORT_Assert(0); | 3313 PORT_Assert(0); |
3277 crv = CKR_MECHANISM_INVALID; | 3314 crv = CKR_MECHANISM_INVALID; |
3278 break; | 3315 break; |
3279 } | 3316 } |
3280 | 3317 |
3281 return crv; | 3318 return crv; |
3282 } | 3319 } |
3283 | 3320 |
3284 CK_RV | 3321 CK_RV |
(...skipping 224 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3509 case CKM_DES_KEY_GEN: | 3546 case CKM_DES_KEY_GEN: |
3510 case CKM_DES2_KEY_GEN: | 3547 case CKM_DES2_KEY_GEN: |
3511 case CKM_DES3_KEY_GEN: | 3548 case CKM_DES3_KEY_GEN: |
3512 checkWeak = PR_TRUE; | 3549 checkWeak = PR_TRUE; |
3513 case CKM_RC2_KEY_GEN: | 3550 case CKM_RC2_KEY_GEN: |
3514 case CKM_RC4_KEY_GEN: | 3551 case CKM_RC4_KEY_GEN: |
3515 case CKM_GENERIC_SECRET_KEY_GEN: | 3552 case CKM_GENERIC_SECRET_KEY_GEN: |
3516 case CKM_SEED_KEY_GEN: | 3553 case CKM_SEED_KEY_GEN: |
3517 case CKM_CAMELLIA_KEY_GEN: | 3554 case CKM_CAMELLIA_KEY_GEN: |
3518 case CKM_AES_KEY_GEN: | 3555 case CKM_AES_KEY_GEN: |
| 3556 case CKM_NSS_CHACHA20_KEY_GEN: |
3519 #if NSS_SOFTOKEN_DOES_RC5 | 3557 #if NSS_SOFTOKEN_DOES_RC5 |
3520 case CKM_RC5_KEY_GEN: | 3558 case CKM_RC5_KEY_GEN: |
3521 #endif | 3559 #endif |
3522 crv = nsc_SetupBulkKeyGen(pMechanism->mechanism,&key_type,&key_length); | 3560 crv = nsc_SetupBulkKeyGen(pMechanism->mechanism,&key_type,&key_length); |
3523 break; | 3561 break; |
3524 case CKM_SSL3_PRE_MASTER_KEY_GEN: | 3562 case CKM_SSL3_PRE_MASTER_KEY_GEN: |
3525 key_type = CKK_GENERIC_SECRET; | 3563 key_type = CKK_GENERIC_SECRET; |
3526 key_length = 48; | 3564 key_length = 48; |
3527 key_gen_type = nsc_ssl; | 3565 key_gen_type = nsc_ssl; |
3528 break; | 3566 break; |
(...skipping 3418 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
6947 att = sftk_FindAttribute(key,CKA_VALUE); | 6985 att = sftk_FindAttribute(key,CKA_VALUE); |
6948 sftk_FreeObject(key); | 6986 sftk_FreeObject(key); |
6949 if (!att) { | 6987 if (!att) { |
6950 return CKR_KEY_HANDLE_INVALID; | 6988 return CKR_KEY_HANDLE_INVALID; |
6951 } | 6989 } |
6952 crv = NSC_DigestUpdate(hSession,(CK_BYTE_PTR)att->attrib.pValue, | 6990 crv = NSC_DigestUpdate(hSession,(CK_BYTE_PTR)att->attrib.pValue, |
6953 att->attrib.ulValueLen); | 6991 att->attrib.ulValueLen); |
6954 sftk_FreeAttribute(att); | 6992 sftk_FreeAttribute(att); |
6955 return crv; | 6993 return crv; |
6956 } | 6994 } |
OLD | NEW |