| OLD | NEW |
|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 4 /* | 4 /* |
| 5 * This file implements PKCS 11 on top of our existing security modules | 5 * This file implements PKCS 11 on top of our existing security modules |
| 6 * | 6 * |
| 7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard. | 7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard. |
| 8 * This implementation has two slots: | 8 * This implementation has two slots: |
| 9 * slot 1 is our generic crypto support. It does not require login. | 9 * slot 1 is our generic crypto support. It does not require login. |
| 10 * It supports Public Key ops, and all they bulk ciphers and hashes. | 10 * It supports Public Key ops, and all they bulk ciphers and hashes. |
| (...skipping 457 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 468 | 468 |
| 469 static SECStatus | 469 static SECStatus |
| 470 sftk_DecryptOAEP(SFTKOAEPDecryptInfo *info, unsigned char *output, | 470 sftk_DecryptOAEP(SFTKOAEPDecryptInfo *info, unsigned char *output, |
| 471 unsigned int *outputLen, unsigned int maxLen, | 471 unsigned int *outputLen, unsigned int maxLen, |
| 472 unsigned char *input, unsigned int inputLen) | 472 unsigned char *input, unsigned int inputLen) |
| 473 { | 473 { |
| 474 return RSA_DecryptOAEP(info->params, info->key, output, outputLen, | 474 return RSA_DecryptOAEP(info->params, info->key, output, outputLen, |
| 475 maxLen, input, inputLen); | 475 maxLen, input, inputLen); |
| 476 } | 476 } |
| 477 | 477 |
| 478 static SFTKChaCha20Poly1305Info * |
| 479 sftk_ChaCha20Poly1305_CreateContext(const unsigned char *key, |
| 480 unsigned int keyLen, |
| 481 const CK_NSS_AEAD_PARAMS* params) |
| 482 { |
| 483 SFTKChaCha20Poly1305Info *ctx; |
| 484 |
| 485 if (params->ulIvLen != sizeof(ctx->nonce)) { |
| 486 PORT_SetError(SEC_ERROR_INPUT_LEN); |
| 487 return NULL; |
| 488 } |
| 489 |
| 490 ctx = PORT_New(SFTKChaCha20Poly1305Info); |
| 491 if (ctx == NULL) { |
| 492 return NULL; |
| 493 } |
| 494 |
| 495 if (ChaCha20Poly1305_InitContext(&ctx->freeblCtx, key, keyLen, |
| 496 params->ulTagLen) != SECSuccess) { |
| 497 PORT_Free(ctx); |
| 498 return NULL; |
| 499 } |
| 500 |
| 501 memcpy(ctx->nonce, params->pIv, sizeof(ctx->nonce)); |
| 502 |
| 503 if (params->ulAADLen > sizeof(ctx->ad)) { |
| 504 /* Need to allocate an overflow buffer for the additional data. */ |
| 505 ctx->adOverflow = (unsigned char *)PORT_Alloc(params->ulAADLen); |
| 506 if (!ctx->adOverflow) { |
| 507 PORT_Free(ctx); |
| 508 return NULL; |
| 509 } |
| 510 memcpy(ctx->adOverflow, params->pAAD, params->ulAADLen); |
| 511 } else { |
| 512 ctx->adOverflow = NULL; |
| 513 memcpy(ctx->ad, params->pAAD, params->ulAADLen); |
| 514 } |
| 515 ctx->adLen = params->ulAADLen; |
| 516 |
| 517 return ctx; |
| 518 } |
| 519 |
| 520 static void |
| 521 sftk_ChaCha20Poly1305_DestroyContext(SFTKChaCha20Poly1305Info *ctx, |
| 522 PRBool freeit) |
| 523 { |
| 524 ChaCha20Poly1305_DestroyContext(&ctx->freeblCtx, PR_FALSE); |
| 525 if (ctx->adOverflow != NULL) { |
| 526 PORT_Free(ctx->adOverflow); |
| 527 ctx->adOverflow = NULL; |
| 528 } |
| 529 ctx->adLen = 0; |
| 530 if (freeit) { |
| 531 PORT_Free(ctx); |
| 532 } |
| 533 } |
| 534 |
| 535 static SECStatus |
| 536 sftk_ChaCha20Poly1305_Encrypt(const SFTKChaCha20Poly1305Info *ctx, |
| 537 unsigned char *output, unsigned int *outputLen, |
| 538 unsigned int maxOutputLen, |
| 539 const unsigned char *input, unsigned int inputLen) |
| 540 { |
| 541 const unsigned char *ad = ctx->adOverflow; |
| 542 |
| 543 if (ad == NULL) { |
| 544 ad = ctx->ad; |
| 545 } |
| 546 |
| 547 return ChaCha20Poly1305_Seal(&ctx->freeblCtx, output, outputLen, |
| 548 maxOutputLen, input, inputLen, ctx->nonce, |
| 549 sizeof(ctx->nonce), ad, ctx->adLen); |
| 550 } |
| 551 |
| 552 static SECStatus |
| 553 sftk_ChaCha20Poly1305_Decrypt(const SFTKChaCha20Poly1305Info *ctx, |
| 554 unsigned char *output, unsigned int *outputLen, |
| 555 unsigned int maxOutputLen, |
| 556 const unsigned char *input, unsigned int inputLen) |
| 557 { |
| 558 const unsigned char *ad = ctx->adOverflow; |
| 559 |
| 560 if (ad == NULL) { |
| 561 ad = ctx->ad; |
| 562 } |
| 563 |
| 564 return ChaCha20Poly1305_Open(&ctx->freeblCtx, output, outputLen, |
| 565 maxOutputLen, input, inputLen, ctx->nonce, |
| 566 sizeof(ctx->nonce), ad, ctx->adLen); |
| 567 } |
| 568 |
| 478 /** NSC_CryptInit initializes an encryption/Decryption operation. | 569 /** NSC_CryptInit initializes an encryption/Decryption operation. |
| 479 * | 570 * |
| 480 * Always called by NSC_EncryptInit, NSC_DecryptInit, NSC_WrapKey,NSC_UnwrapKey. | 571 * Always called by NSC_EncryptInit, NSC_DecryptInit, NSC_WrapKey,NSC_UnwrapKey. |
| 481 * Called by NSC_SignInit, NSC_VerifyInit (via sftk_InitCBCMac) only for block | 572 * Called by NSC_SignInit, NSC_VerifyInit (via sftk_InitCBCMac) only for block |
| 482 * ciphers MAC'ing. | 573 * ciphers MAC'ing. |
| 483 */ | 574 */ |
| 484 static CK_RV | 575 static CK_RV |
| 485 sftk_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, | 576 sftk_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, |
| 486 CK_OBJECT_HANDLE hKey, | 577 CK_OBJECT_HANDLE hKey, |
| 487 CK_ATTRIBUTE_TYPE mechUsage, CK_ATTRIBUTE_TYPE keyUsage, | 578 CK_ATTRIBUTE_TYPE mechUsage, CK_ATTRIBUTE_TYPE keyUsage, |
| (...skipping 375 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 863 isEncrypt, att->attrib.ulValueLen, 16); | 954 isEncrypt, att->attrib.ulValueLen, 16); |
| 864 sftk_FreeAttribute(att); | 955 sftk_FreeAttribute(att); |
| 865 if (context->cipherInfo == NULL) { | 956 if (context->cipherInfo == NULL) { |
| 866 crv = CKR_HOST_MEMORY; | 957 crv = CKR_HOST_MEMORY; |
| 867 break; | 958 break; |
| 868 } | 959 } |
| 869 context->update = (SFTKCipher) (isEncrypt ? AES_Encrypt : AES_Decrypt); | 960 context->update = (SFTKCipher) (isEncrypt ? AES_Encrypt : AES_Decrypt); |
| 870 context->destroy = (SFTKDestroy) AES_DestroyContext; | 961 context->destroy = (SFTKDestroy) AES_DestroyContext; |
| 871 break; | 962 break; |
| 872 | 963 |
| 964 case CKM_NSS_CHACHA20_POLY1305: |
| 965 if (pMechanism->ulParameterLen != sizeof(CK_NSS_AEAD_PARAMS)) { |
| 966 crv = CKR_MECHANISM_PARAM_INVALID; |
| 967 break; |
| 968 } |
| 969 context->multi = PR_FALSE; |
| 970 if (key_type != CKK_NSS_CHACHA20) { |
| 971 crv = CKR_KEY_TYPE_INCONSISTENT; |
| 972 break; |
| 973 } |
| 974 att = sftk_FindAttribute(key,CKA_VALUE); |
| 975 if (att == NULL) { |
| 976 crv = CKR_KEY_HANDLE_INVALID; |
| 977 break; |
| 978 } |
| 979 context->cipherInfo = sftk_ChaCha20Poly1305_CreateContext( |
| 980 (unsigned char*) att->attrib.pValue, att->attrib.ulValueLen, |
| 981 (CK_NSS_AEAD_PARAMS*) pMechanism->pParameter); |
| 982 sftk_FreeAttribute(att); |
| 983 if (context->cipherInfo == NULL) { |
| 984 crv = sftk_MapCryptError(PORT_GetError()); |
| 985 break; |
| 986 } |
| 987 context->update = (SFTKCipher) (isEncrypt ? |
| 988 sftk_ChaCha20Poly1305_Encrypt : |
| 989 sftk_ChaCha20Poly1305_Decrypt); |
| 990 context->destroy = (SFTKDestroy) sftk_ChaCha20Poly1305_DestroyContext; |
| 991 break; |
| 992 |
| 873 case CKM_NETSCAPE_AES_KEY_WRAP_PAD: | 993 case CKM_NETSCAPE_AES_KEY_WRAP_PAD: |
| 874 context->doPad = PR_TRUE; | 994 context->doPad = PR_TRUE; |
| 875 /* fall thru */ | 995 /* fall thru */ |
| 876 case CKM_NETSCAPE_AES_KEY_WRAP: | 996 case CKM_NETSCAPE_AES_KEY_WRAP: |
| 877 context->multi = PR_FALSE; | 997 context->multi = PR_FALSE; |
| 878 context->blockSize = 8; | 998 context->blockSize = 8; |
| 879 if (key_type != CKK_AES) { | 999 if (key_type != CKK_AES) { |
| 880 crv = CKR_KEY_TYPE_INCONSISTENT; | 1000 crv = CKR_KEY_TYPE_INCONSISTENT; |
| 881 break; | 1001 break; |
| 882 } | 1002 } |
| (...skipping 2382 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3265 *key_length = 16; | 3385 *key_length = 16; |
| 3266 break; | 3386 break; |
| 3267 case CKM_CAMELLIA_KEY_GEN: | 3387 case CKM_CAMELLIA_KEY_GEN: |
| 3268 *key_type = CKK_CAMELLIA; | 3388 *key_type = CKK_CAMELLIA; |
| 3269 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; | 3389 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; |
| 3270 break; | 3390 break; |
| 3271 case CKM_AES_KEY_GEN: | 3391 case CKM_AES_KEY_GEN: |
| 3272 *key_type = CKK_AES; | 3392 *key_type = CKK_AES; |
| 3273 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; | 3393 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; |
| 3274 break; | 3394 break; |
| 3395 case CKM_NSS_CHACHA20_KEY_GEN: |
| 3396 *key_type = CKK_NSS_CHACHA20; |
| 3397 if (*key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE; |
| 3398 break; |
| 3275 default: | 3399 default: |
| 3276 PORT_Assert(0); | 3400 PORT_Assert(0); |
| 3277 crv = CKR_MECHANISM_INVALID; | 3401 crv = CKR_MECHANISM_INVALID; |
| 3278 break; | 3402 break; |
| 3279 } | 3403 } |
| 3280 | 3404 |
| 3281 return crv; | 3405 return crv; |
| 3282 } | 3406 } |
| 3283 | 3407 |
| 3284 CK_RV | 3408 CK_RV |
| (...skipping 224 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3509 case CKM_DES_KEY_GEN: | 3633 case CKM_DES_KEY_GEN: |
| 3510 case CKM_DES2_KEY_GEN: | 3634 case CKM_DES2_KEY_GEN: |
| 3511 case CKM_DES3_KEY_GEN: | 3635 case CKM_DES3_KEY_GEN: |
| 3512 checkWeak = PR_TRUE; | 3636 checkWeak = PR_TRUE; |
| 3513 case CKM_RC2_KEY_GEN: | 3637 case CKM_RC2_KEY_GEN: |
| 3514 case CKM_RC4_KEY_GEN: | 3638 case CKM_RC4_KEY_GEN: |
| 3515 case CKM_GENERIC_SECRET_KEY_GEN: | 3639 case CKM_GENERIC_SECRET_KEY_GEN: |
| 3516 case CKM_SEED_KEY_GEN: | 3640 case CKM_SEED_KEY_GEN: |
| 3517 case CKM_CAMELLIA_KEY_GEN: | 3641 case CKM_CAMELLIA_KEY_GEN: |
| 3518 case CKM_AES_KEY_GEN: | 3642 case CKM_AES_KEY_GEN: |
| 3643 case CKM_NSS_CHACHA20_KEY_GEN: |
| 3519 #if NSS_SOFTOKEN_DOES_RC5 | 3644 #if NSS_SOFTOKEN_DOES_RC5 |
| 3520 case CKM_RC5_KEY_GEN: | 3645 case CKM_RC5_KEY_GEN: |
| 3521 #endif | 3646 #endif |
| 3522 crv = nsc_SetupBulkKeyGen(pMechanism->mechanism,&key_type,&key_length); | 3647 crv = nsc_SetupBulkKeyGen(pMechanism->mechanism,&key_type,&key_length); |
| 3523 break; | 3648 break; |
| 3524 case CKM_SSL3_PRE_MASTER_KEY_GEN: | 3649 case CKM_SSL3_PRE_MASTER_KEY_GEN: |
| 3525 key_type = CKK_GENERIC_SECRET; | 3650 key_type = CKK_GENERIC_SECRET; |
| 3526 key_length = 48; | 3651 key_length = 48; |
| 3527 key_gen_type = nsc_ssl; | 3652 key_gen_type = nsc_ssl; |
| 3528 break; | 3653 break; |
| (...skipping 3418 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 6947 att = sftk_FindAttribute(key,CKA_VALUE); | 7072 att = sftk_FindAttribute(key,CKA_VALUE); |
| 6948 sftk_FreeObject(key); | 7073 sftk_FreeObject(key); |
| 6949 if (!att) { | 7074 if (!att) { |
| 6950 return CKR_KEY_HANDLE_INVALID; | 7075 return CKR_KEY_HANDLE_INVALID; |
| 6951 } | 7076 } |
| 6952 crv = NSC_DigestUpdate(hSession,(CK_BYTE_PTR)att->attrib.pValue, | 7077 crv = NSC_DigestUpdate(hSession,(CK_BYTE_PTR)att->attrib.pValue, |
| 6953 att->attrib.ulValueLen); | 7078 att->attrib.ulValueLen); |
| 6954 sftk_FreeAttribute(att); | 7079 sftk_FreeAttribute(att); |
| 6955 return crv; | 7080 return crv; |
| 6956 } | 7081 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 27510015:
Support ChaCha20+Poly1305 cipher suites. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/