Update to NSS 3.16.2 Beta 3.

nss/lib/softoken/pkcs11.c

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /*
  * This file implements PKCS 11 on top of our existing security modules
  *
  * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
  *   This implementation has two slots:
  *      slot 1 is our generic crypto support. It does not require login.
  *   It supports Public Key ops, and all they bulk ciphers and hashes. 
@@ skipping 974 matching lines @@
         return crv;
     }
 
     return CKR_OK;
 }
 
 static NSSLOWKEYPrivateKey * 
 sftk_mkPrivKey(SFTKObject *object,CK_KEY_TYPE key, CK_RV *rvp);
 
 static SECStatus
-sftk_fillRSAPrivateKey(SFTKObject *object);
+sftk_verifyRSAPrivateKey(SFTKObject *object, PRBool fillIfNeeded);
 
 /*
  * check the consistancy and initialize a Private Key Object 
  */
 static CK_RV
 sftk_handlePrivateKeyObject(SFTKSession *session,SFTKObject *object,CK_KEY_TYPE key_type)
 {
     CK_BBOOL cktrue = CK_TRUE;
     CK_BBOOL encrypt = CK_TRUE;
     CK_BBOOL sign = CK_FALSE;
     CK_BBOOL recover = CK_TRUE;
     CK_BBOOL wrap = CK_TRUE;
     CK_BBOOL derive = CK_TRUE;
     CK_BBOOL ckfalse = CK_FALSE;
     PRBool createObjectInfo = PR_TRUE;
+    PRBool fillPrivateKey = PR_FALSE;
     int missing_rsa_mod_component = 0;
     int missing_rsa_exp_component = 0;
     int missing_rsa_crt_component = 0;
-    
+
     SECItem mod;
     CK_RV crv;
+    SECStatus rv;
 
     switch (key_type) {
     case CKK_RSA:
         if ( !sftk_hasAttribute(object, CKA_MODULUS)) {
             missing_rsa_mod_component++;
         }
         if ( !sftk_hasAttribute(object, CKA_PUBLIC_EXPONENT)) {
             missing_rsa_exp_component++;
         }
         if ( !sftk_hasAttribute(object, CKA_PRIVATE_EXPONENT)) {
@@ skipping 14 matching lines @@
         if ( !sftk_hasAttribute(object, CKA_COEFFICIENT)) {
             missing_rsa_crt_component++;
         }
         if (missing_rsa_mod_component || missing_rsa_exp_component || 
                                          missing_rsa_crt_component) {
             /* we are missing a component, see if we have enough to rebuild
              * the rest */
             int have_exp = 2- missing_rsa_exp_component;
             int have_component = 5- 
                 (missing_rsa_exp_component+missing_rsa_mod_component);
-            SECStatus rv;
 
             if ((have_exp == 0) || (have_component < 3)) {
                 /* nope, not enough to reconstruct the private key */
                 return CKR_TEMPLATE_INCOMPLETE;
             }
-            /*fill in the missing parameters */
-            rv = sftk_fillRSAPrivateKey(object);
-            if (rv != SECSuccess) {
+            fillPrivateKey = PR_TRUE;
+        }
+        /*verify the parameters for consistency*/
+        rv = sftk_verifyRSAPrivateKey(object, fillPrivateKey);
+        if (rv != SECSuccess) {
                 return CKR_TEMPLATE_INCOMPLETE;
-            }
         }
-                
+
         /* make sure Netscape DB attribute is set correctly */
         crv = sftk_Attribute2SSecItem(NULL, &mod, object, CKA_MODULUS);
         if (crv != CKR_OK) return crv;
         crv = sftk_forceAttribute(object, CKA_NETSCAPE_DB, 
                                                 sftk_item_expand(&mod));
         if (mod.data) PORT_Free(mod.data);
         if (crv != CKR_OK) return crv;
 
         sign = CK_TRUE;
         derive = CK_FALSE;
@@ skipping 73 matching lines @@
     if (crv != CKR_OK)  return crv; 
     crv = sftk_forceAttribute(object,CKA_NEVER_EXTRACTABLE,
                                                 &ckfalse,sizeof(CK_BBOOL));
     if (crv != CKR_OK)  return crv; 
 
     /* should we check the non-token RSA private keys? */
 
     if (sftk_isTrue(object,CKA_TOKEN)) {
         SFTKSlot *slot = session->slot;
         SFTKDBHandle *keyHandle = sftk_getKeyDB(slot);
-        CK_RV crv;
 
         if (keyHandle == NULL) {
             return CKR_TOKEN_WRITE_PROTECTED;
         }
 
         crv = sftkdb_write(keyHandle, object, &object->handle);
         sftk_freeDB(keyHandle);
         return crv;
     } else if (createObjectInfo) {
         object->objectInfo = sftk_mkPrivKey(object,key_type,&crv);
@@ skipping 770 matching lines @@
     }
     *crvp = crv;
     if (crv != CKR_OK) {
         PORT_FreeArena(arena,PR_FALSE);
         return NULL;
     }
     return privKey;
 }
 
 /*
- * we have a partial rsa private key, fill in the rest
+ * If a partial RSA private key is present, fill in the rest if necessary,
+ * and then verify the parameters are well-formed
  */
 static SECStatus
-sftk_fillRSAPrivateKey(SFTKObject *object)
+sftk_verifyRSAPrivateKey(SFTKObject *object, PRBool fillIfNeeded)
 {
     RSAPrivateKey tmpKey = { 0 };
     SFTKAttribute *modulus = NULL;
     SFTKAttribute *prime1 = NULL;
     SFTKAttribute *prime2 = NULL;
     SFTKAttribute *privateExponent = NULL;
     SFTKAttribute *publicExponent = NULL;
+    SFTKAttribute *exponent1 = NULL;
+    SFTKAttribute *exponent2 = NULL;
+    SFTKAttribute *coefficient = NULL;
     SECStatus rv;
     CK_RV crv;
 
     /* first fill in the components that we have. Populate only uses
      * the non-crt components, so only fill those in  */
     tmpKey.arena = NULL;
     modulus = sftk_FindAttribute(object, CKA_MODULUS);
     if (modulus) {
         tmpKey.modulus.data = modulus->attrib.pValue;
         tmpKey.modulus.len  = modulus->attrib.ulValueLen;
@@ skipping 10 matching lines @@
     } 
     privateExponent = sftk_FindAttribute(object, CKA_PRIVATE_EXPONENT);
     if (privateExponent) {
         tmpKey.privateExponent.data = privateExponent->attrib.pValue;
         tmpKey.privateExponent.len  = privateExponent->attrib.ulValueLen;
     } 
     publicExponent = sftk_FindAttribute(object, CKA_PUBLIC_EXPONENT);
     if (publicExponent) {
         tmpKey.publicExponent.data = publicExponent->attrib.pValue;
         tmpKey.publicExponent.len  = publicExponent->attrib.ulValueLen;
-    } 
+    }
+    exponent1 = sftk_FindAttribute(object, CKA_EXPONENT_1);
+    if (exponent1) {
+        tmpKey.exponent1.data = exponent1->attrib.pValue;
+        tmpKey.exponent1.len  = exponent1->attrib.ulValueLen;
+    }
+    exponent2 = sftk_FindAttribute(object, CKA_EXPONENT_2);
+    if (exponent2) {
+        tmpKey.exponent2.data = exponent2->attrib.pValue;
+        tmpKey.exponent2.len  = exponent2->attrib.ulValueLen;
+    }
+    coefficient = sftk_FindAttribute(object, CKA_COEFFICIENT);
+    if (coefficient) {
+        tmpKey.coefficient.data = coefficient->attrib.pValue;
+        tmpKey.coefficient.len  = coefficient->attrib.ulValueLen;
+    }
 
-    /*
-     * populate requires one exponent plus 2 other components to work.
-     * we expected our caller to check that first. If that didn't happen,
-     * populate will simply return an error here.
-     */
-    rv = RSA_PopulatePrivateKey(&tmpKey);
+    if (fillIfNeeded) {
+        /*
+        * populate requires one exponent plus 2 other components to work.
+        * we expected our caller to check that first. If that didn't happen,
+        * populate will simply return an error here.
+        */
+        rv = RSA_PopulatePrivateKey(&tmpKey);
+        if (rv != SECSuccess) {
+                goto loser;
+        }
+    }
+    rv = RSA_PrivateKeyCheck(&tmpKey);
     if (rv != SECSuccess) {
         goto loser;
     }
-
     /* now that we have a fully populated key, set all our attribute values */
     rv = SECFailure;
-    crv = sftk_forceAttribute(object,CKA_MODULUS,
-                       sftk_item_expand(&tmpKey.modulus));
-    if (crv != CKR_OK) goto loser;
-    crv = sftk_forceAttribute(object,CKA_PUBLIC_EXPONENT,
-                       sftk_item_expand(&tmpKey.publicExponent));
-    if (crv != CKR_OK) goto loser;
-    crv = sftk_forceAttribute(object,CKA_PRIVATE_EXPONENT,
-                       sftk_item_expand(&tmpKey.privateExponent));
-    if (crv != CKR_OK) goto loser;
-    crv = sftk_forceAttribute(object,CKA_PRIME_1,
-                       sftk_item_expand(&tmpKey.prime1));
-    if (crv != CKR_OK) goto loser;
-    crv = sftk_forceAttribute(object,CKA_PRIME_2,
-                       sftk_item_expand(&tmpKey.prime2));
-    if (crv != CKR_OK) goto loser;
-    crv = sftk_forceAttribute(object,CKA_EXPONENT_1,
-                       sftk_item_expand(&tmpKey.exponent1));
-    if (crv != CKR_OK) goto loser;
-    crv = sftk_forceAttribute(object,CKA_EXPONENT_2,
-                       sftk_item_expand(&tmpKey.exponent2));
-    if (crv != CKR_OK) goto loser;
-    crv = sftk_forceAttribute(object,CKA_COEFFICIENT,
-                       sftk_item_expand(&tmpKey.coefficient));
-    if (crv != CKR_OK) goto loser;
+    if (!modulus || modulus->attrib.pValue != tmpKey.modulus.data) {
+        crv = sftk_forceAttribute(object,CKA_MODULUS,
+                                  sftk_item_expand(&tmpKey.modulus));
+        if (crv != CKR_OK) goto loser;
+    }
+    if (!publicExponent ||
+        publicExponent->attrib.pValue != tmpKey.publicExponent.data) {
+        crv = sftk_forceAttribute(object, CKA_PUBLIC_EXPONENT,
+                                  sftk_item_expand(&tmpKey.publicExponent));
+        if (crv != CKR_OK) goto loser;
+    }
+    if (!privateExponent ||
+        privateExponent->attrib.pValue != tmpKey.privateExponent.data) {
+        crv = sftk_forceAttribute(object, CKA_PRIVATE_EXPONENT,
+                                  sftk_item_expand(&tmpKey.privateExponent));
+        if (crv != CKR_OK) goto loser;
+    }
+    if (!prime1 || prime1->attrib.pValue != tmpKey.prime1.data) {
+        crv = sftk_forceAttribute(object, CKA_PRIME_1,
+                                  sftk_item_expand(&tmpKey.prime1));
+        if (crv != CKR_OK) goto loser;
+    }
+    if (!prime2 || prime2->attrib.pValue != tmpKey.prime2.data) {
+        crv = sftk_forceAttribute(object, CKA_PRIME_2,
+                                  sftk_item_expand(&tmpKey.prime2));
+        if (crv != CKR_OK) goto loser;
+    }
+    if (!exponent1 || exponent1->attrib.pValue != tmpKey.exponent1.data) {
+        crv = sftk_forceAttribute(object, CKA_EXPONENT_1,
+                                 sftk_item_expand(&tmpKey.exponent1));
+        if (crv != CKR_OK) goto loser;
+    }
+    if (!exponent1 || exponent1->attrib.pValue != tmpKey.exponent1.data) {
+        crv = sftk_forceAttribute(object, CKA_EXPONENT_2,
+                                  sftk_item_expand(&tmpKey.exponent2));
+        if (crv != CKR_OK) goto loser;
+    }
+    if (!exponent1 || exponent1->attrib.pValue != tmpKey.exponent1.data) {
+        crv = sftk_forceAttribute(object, CKA_COEFFICIENT,
+                                  sftk_item_expand(&tmpKey.coefficient));
+        if (crv != CKR_OK) goto loser;
+    }
     rv = SECSuccess;
 
     /* we're done (one way or the other), clean up all our stuff */
 loser:
     if (tmpKey.arena) {
         PORT_FreeArena(tmpKey.arena,PR_TRUE);
     }
     if (modulus) {
         sftk_FreeAttribute(modulus);
     }
     if (prime1) {
         sftk_FreeAttribute(prime1);
     }
     if (prime2) {
         sftk_FreeAttribute(prime2);
     }
     if (privateExponent) {
         sftk_FreeAttribute(privateExponent);
     }
     if (publicExponent) {
         sftk_FreeAttribute(publicExponent);
     }
     return rv;
 }
 
-
-
-
-
-
-
 /* Generate a low private key structure from an object */
 NSSLOWKEYPrivateKey *
 sftk_GetPrivKey(SFTKObject *object,CK_KEY_TYPE key_type, CK_RV *crvp)
 {
     NSSLOWKEYPrivateKey *priv = NULL;
 
     if (object->objclass != CKO_PRIVATE_KEY) {
         *crvp = CKR_KEY_TYPE_INCONSISTENT;
         return NULL;
     }
@@ skipping 1058 matching lines @@
         
 /* NSC_GetSlotInfo obtains information about a particular slot in the system. */
 CK_RV NSC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
 {
     SFTKSlot *slot = sftk_SlotFromID(slotID, PR_TRUE);
 
     CHECK_FORK();
 
     if (slot == NULL) return CKR_SLOT_ID_INVALID;
 
-    pInfo->firmwareVersion.major = 0;
-    pInfo->firmwareVersion.minor = 0;
-
     PORT_Memcpy(pInfo->manufacturerID,manufacturerID,
                 sizeof(pInfo->manufacturerID));
     PORT_Memcpy(pInfo->slotDescription,slot->slotDescription,
                 sizeof(pInfo->slotDescription));
     pInfo->flags = (slot->present) ? CKF_TOKEN_PRESENT : 0;
 
     /* all user defined slots are defined as removable */
     if (slotID >= SFTK_MIN_USER_SLOT_ID) {
         pInfo->flags |= CKF_REMOVABLE_DEVICE;
     } else {
         /* In the case where we are doing a merge update, we need
          * the DB slot to be removable so the token name can change
          * appropriately. */
         SFTKDBHandle *handle = sftk_getKeyDB(slot);
         if (handle) { 
             if (sftkdb_InUpdateMerge(handle)) {
                 pInfo->flags |= CKF_REMOVABLE_DEVICE;
             }
             sftk_freeDB(handle);
         }
     }
 
     /* ok we really should read it out of the keydb file. */
     /* pInfo->hardwareVersion.major = NSSLOWKEY_DB_FILE_VERSION; */
     pInfo->hardwareVersion.major = SOFTOKEN_VMAJOR;
     pInfo->hardwareVersion.minor = SOFTOKEN_VMINOR;
+    pInfo->firmwareVersion.major = SOFTOKEN_VPATCH;
+    pInfo->firmwareVersion.minor = SOFTOKEN_VBUILD;

[wtc, 2014/06/04 23:58:11]

Are you sure we want to abuse firmwareVersion like this!?

I will comment in the upstream NSS bug report for this change.

[Ryan Sleevi, 2014/06/05 00:13:45]

I'm not sure your concern - but yes, we do :)

The firmware version is tied to the hardware version, so it still keeps the
precedence of implementation.

This is to allow us to know 3.16.2 freebl, as discussed on the conference call.

[wtc, 2014/06/05 03:00:10]

A firmware version may support multiple hardware versions, so their relation is
not quite the same as what patch.build is to major.minor. But this analogy is a
good way to motivate why we interpret firmware version this way.

     return CKR_OK;
 }
 
 /*
  * check the current state of the 'needLogin' flag in case the database has
  * been changed underneath us.
  */
 static PRBool
 sftk_checkNeedLogin(SFTKSlot *slot, SFTKDBHandle *keyHandle)
 {
@@ skipping 1552 matching lines @@
 
 
 CK_RV NSC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
                                                          CK_VOID_PTR pReserved)
 {
     CHECK_FORK();
 
     return CKR_FUNCTION_NOT_SUPPORTED;
 }