OLD | NEW |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | 1 /* This Source Code Form is subject to the terms of the Mozilla Public |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | 2 * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 #include "lowkeyi.h" | 4 #include "lowkeyi.h" |
5 #include "secoid.h" | 5 #include "secoid.h" |
6 #include "secitem.h" | 6 #include "secitem.h" |
7 #include "secder.h" | 7 #include "secder.h" |
8 #include "base64.h" | 8 #include "base64.h" |
9 #include "secasn1.h" | 9 #include "secasn1.h" |
10 #include "secerr.h" | 10 #include "secerr.h" |
11 | 11 |
12 #ifndef NSS_DISABLE_ECC | 12 #ifndef NSS_DISABLE_ECC |
13 #include "softoken.h" | 13 #include "softoken.h" |
14 #endif | 14 #endif |
15 | 15 |
16 SEC_ASN1_MKSUB(SEC_AnyTemplate) | 16 SEC_ASN1_MKSUB(SEC_AnyTemplate) |
17 SEC_ASN1_MKSUB(SEC_BitStringTemplate) | 17 SEC_ASN1_MKSUB(SEC_BitStringTemplate) |
18 SEC_ASN1_MKSUB(SEC_ObjectIDTemplate) | 18 SEC_ASN1_MKSUB(SEC_ObjectIDTemplate) |
19 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) | 19 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) |
20 | 20 |
21 const SEC_ASN1Template nsslowkey_AttributeTemplate[] = { | 21 const SEC_ASN1Template nsslowkey_AttributeTemplate[] = { |
22 { SEC_ASN1_SEQUENCE, | 22 {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYAttribute)}, |
23 » 0, NULL, sizeof(NSSLOWKEYAttribute) }, | 23 {SEC_ASN1_OBJECT_ID, offsetof(NSSLOWKEYAttribute, attrType)}, |
24 { SEC_ASN1_OBJECT_ID, offsetof(NSSLOWKEYAttribute, attrType) }, | 24 {SEC_ASN1_SET_OF | SEC_ASN1_XTRN, offsetof(NSSLOWKEYAttribute, attrValue), |
25 { SEC_ASN1_SET_OF | SEC_ASN1_XTRN , | 25 SEC_ASN1_SUB(SEC_AnyTemplate)}, |
26 offsetof(NSSLOWKEYAttribute, attrValue), | 26 {0}}; |
27 » SEC_ASN1_SUB(SEC_AnyTemplate) }, | |
28 { 0 } | |
29 }; | |
30 | 27 |
31 const SEC_ASN1Template nsslowkey_SetOfAttributeTemplate[] = { | 28 const SEC_ASN1Template nsslowkey_SetOfAttributeTemplate[] = { |
32 { SEC_ASN1_SET_OF, 0, nsslowkey_AttributeTemplate }, | 29 {SEC_ASN1_SET_OF, 0, nsslowkey_AttributeTemplate}, }; |
33 }; | |
34 /* ASN1 Templates for new decoder/encoder */ | 30 /* ASN1 Templates for new decoder/encoder */ |
35 const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = { | 31 const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = { |
36 { SEC_ASN1_SEQUENCE, | 32 {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKeyInfo)}, |
37 » 0, NULL, sizeof(NSSLOWKEYPrivateKeyInfo) }, | 33 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKeyInfo, version)}, |
38 { SEC_ASN1_INTEGER, | 34 {SEC_ASN1_INLINE | SEC_ASN1_XTRN, |
39 » offsetof(NSSLOWKEYPrivateKeyInfo,version) }, | 35 offsetof(NSSLOWKEYPrivateKeyInfo, algorithm), |
40 { SEC_ASN1_INLINE | SEC_ASN1_XTRN, | 36 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate)}, |
41 » offsetof(NSSLOWKEYPrivateKeyInfo,algorithm), | 37 {SEC_ASN1_OCTET_STRING, offsetof(NSSLOWKEYPrivateKeyInfo, privateKey)}, |
42 » SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, | 38 {SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, |
43 { SEC_ASN1_OCTET_STRING, | 39 offsetof(NSSLOWKEYPrivateKeyInfo, attributes), |
44 » offsetof(NSSLOWKEYPrivateKeyInfo,privateKey) }, | 40 nsslowkey_SetOfAttributeTemplate}, |
45 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, | 41 {0}}; |
46 » offsetof(NSSLOWKEYPrivateKeyInfo, attributes), | |
47 » nsslowkey_SetOfAttributeTemplate }, | |
48 { 0 } | |
49 }; | |
50 | 42 |
51 const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = { | 43 const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = { |
52 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) }, | 44 {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams)}, |
53 { SEC_ASN1_INTEGER, offsetof(PQGParams,prime) }, | 45 {SEC_ASN1_INTEGER, offsetof(PQGParams, prime)}, |
54 { SEC_ASN1_INTEGER, offsetof(PQGParams,subPrime) }, | 46 {SEC_ASN1_INTEGER, offsetof(PQGParams, subPrime)}, |
55 { SEC_ASN1_INTEGER, offsetof(PQGParams,base) }, | 47 {SEC_ASN1_INTEGER, offsetof(PQGParams, base)}, |
56 { 0, } | 48 {0, }}; |
57 }; | |
58 | 49 |
59 const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[] = { | 50 const SEC_ASN1Template nsslowkey_RSAPrivateKeyTemplate[] = { |
60 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) }, | 51 {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey)}, |
61 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.version) }, | 52 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.version)}, |
62 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.modulus) }, | 53 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.modulus)}, |
63 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.publicExponent) }, | 54 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.publicExponent)}, |
64 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.privateExponent) }, | 55 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.privateExponent)}, |
65 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime1) }, | 56 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime1)}, |
66 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.prime2) }, | 57 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.prime2)}, |
67 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent1) }, | 58 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent1)}, |
68 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.exponent2) }, | 59 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.exponent2)}, |
69 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.rsa.coefficient) }, | 60 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.rsa.coefficient)}, |
70 { 0 }····································································· | 61 {0}}; |
71 };············································································ | |
72 | |
73 | 62 |
74 const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[] = { | 63 const SEC_ASN1Template nsslowkey_DSAPrivateKeyTemplate[] = { |
75 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) }, | 64 {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey)}, |
76 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.publicValue) }, | 65 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dsa.publicValue)}, |
77 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) }, | 66 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dsa.privateValue)}, |
78 { 0, } | 67 {0, }}; |
79 }; | |
80 | 68 |
81 const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[] = { | 69 const SEC_ASN1Template nsslowkey_DSAPrivateKeyExportTemplate[] = { |
82 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dsa.privateValue) }, | 70 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dsa.privateValue)}, }; |
83 }; | |
84 | 71 |
85 const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[] = { | 72 const SEC_ASN1Template nsslowkey_DHPrivateKeyTemplate[] = { |
86 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) }, | 73 {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey)}, |
87 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.publicValue) }, | 74 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.publicValue)}, |
88 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.privateValue) }, | 75 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.privateValue)}, |
89 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.base) }, | 76 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.base)}, |
90 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.dh.prime) }, | 77 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.dh.prime)}, |
91 { 0, } | 78 {0, }}; |
92 }; | |
93 | 79 |
94 #ifndef NSS_DISABLE_ECC | 80 #ifndef NSS_DISABLE_ECC |
95 | 81 |
96 /* XXX This is just a placeholder for later when we support | 82 /* XXX This is just a placeholder for later when we support |
97 * generic curves and need full-blown support for parsing EC | 83 * generic curves and need full-blown support for parsing EC |
98 * parameters. For now, we only support named curves in which | 84 * parameters. For now, we only support named curves in which |
99 * EC params are simply encoded as an object ID and we don't | 85 * EC params are simply encoded as an object ID and we don't |
100 * use nsslowkey_ECParamsTemplate. | 86 * use nsslowkey_ECParamsTemplate. |
101 */ | 87 */ |
102 const SEC_ASN1Template nsslowkey_ECParamsTemplate[] = { | 88 const SEC_ASN1Template nsslowkey_ECParamsTemplate[] = { |
103 { SEC_ASN1_CHOICE, offsetof(ECParams,type), NULL, sizeof(ECParams) }, | 89 {SEC_ASN1_CHOICE, offsetof(ECParams, type), NULL, sizeof(ECParams)}, |
104 { SEC_ASN1_OBJECT_ID, offsetof(ECParams,curveOID), NULL, ec_params_named }, | 90 {SEC_ASN1_OBJECT_ID, offsetof(ECParams, curveOID), NULL, ec_params_named}, |
105 { 0, } | 91 {0, }}; |
106 }; | |
107 | |
108 | 92 |
109 /* NOTE: The SECG specification allows the private key structure | 93 /* NOTE: The SECG specification allows the private key structure |
110 * to contain curve parameters but recommends that they be stored | 94 * to contain curve parameters but recommends that they be stored |
111 * in the PrivateKeyAlgorithmIdentifier field of the PrivateKeyInfo | 95 * in the PrivateKeyAlgorithmIdentifier field of the PrivateKeyInfo |
112 * instead. | 96 * instead. |
113 */ | 97 */ |
114 const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[] = { | 98 const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[] = { |
115 { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey) }, | 99 {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPrivateKey)}, |
116 { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey,u.ec.version) }, | 100 {SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPrivateKey, u.ec.version)}, |
117 { SEC_ASN1_OCTET_STRING, | 101 {SEC_ASN1_OCTET_STRING, offsetof(NSSLOWKEYPrivateKey, u.ec.privateValue)}, |
118 offsetof(NSSLOWKEYPrivateKey,u.ec.privateValue) }, | 102 /* XXX The following template works for now since we only |
119 /* XXX The following template works for now since we only | 103 * support named curves for which the parameters are |
120 * support named curves for which the parameters are | 104 * encoded as an object ID. When we support generic curves, |
121 * encoded as an object ID. When we support generic curves, | 105 * we'll need to define nsslowkey_ECParamsTemplate |
122 * we'll need to define nsslowkey_ECParamsTemplate | 106 */ |
123 */ | |
124 #if 1 | 107 #if 1 |
125 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | | 108 {SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | |
126 SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | | 109 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0, |
127 SEC_ASN1_XTRN | 0, | 110 offsetof(NSSLOWKEYPrivateKey, u.ec.ecParams.curveOID), |
128 offsetof(NSSLOWKEYPrivateKey,u.ec.ecParams.curveOID), | 111 SEC_ASN1_SUB(SEC_ObjectIDTemplate)}, |
129 SEC_ASN1_SUB(SEC_ObjectIDTemplate) }, | |
130 #else | 112 #else |
131 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | | 113 {SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | |
132 SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | 0, | 114 SEC_ASN1_CONTEXT_SPECIFIC | 0, |
133 offsetof(NSSLOWKEYPrivateKey,u.ec.ecParams), | 115 offsetof(NSSLOWKEYPrivateKey, u.ec.ecParams), nsslowkey_ECParamsTemplate}, |
134 nsslowkey_ECParamsTemplate }, | |
135 #endif | 116 #endif |
136 { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | | 117 {SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_EXPLICIT | |
137 SEC_ASN1_EXPLICIT | SEC_ASN1_CONTEXT_SPECIFIC | | 118 SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1, |
138 SEC_ASN1_XTRN | 1, | 119 offsetof(NSSLOWKEYPrivateKey, u.ec.publicValue), |
139 offsetof(NSSLOWKEYPrivateKey,u.ec.publicValue), | 120 SEC_ASN1_SUB(SEC_BitStringTemplate)}, |
140 SEC_ASN1_SUB(SEC_BitStringTemplate) }, | 121 {0, }}; |
141 { 0, } | |
142 }; | |
143 #endif /* NSS_DISABLE_ECC */ | 122 #endif /* NSS_DISABLE_ECC */ |
144 /* | 123 /* |
145 * See bugzilla bug 125359 | 124 * See bugzilla bug 125359 |
146 * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints, | 125 * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints, |
147 * all of the templates above that en/decode into integers must be converted | 126 * all of the templates above that en/decode into integers must be converted |
148 * from ASN.1's signed integer type. This is done by marking either the | 127 * from ASN.1's signed integer type. This is done by marking either the |
149 * source or destination (encoding or decoding, respectively) type as | 128 * source or destination (encoding or decoding, respectively) type as |
150 * siUnsignedInteger. | 129 * siUnsignedInteger. |
151 */ | 130 */ |
152 | 131 |
153 void | 132 void prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) { |
154 prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) | 133 key->u.rsa.modulus.type = siUnsignedInteger; |
155 { | 134 key->u.rsa.publicExponent.type = siUnsignedInteger; |
156 key->u.rsa.modulus.type = siUnsignedInteger; | 135 key->u.rsa.privateExponent.type = siUnsignedInteger; |
157 key->u.rsa.publicExponent.type = siUnsignedInteger; | 136 key->u.rsa.prime1.type = siUnsignedInteger; |
158 key->u.rsa.privateExponent.type = siUnsignedInteger; | 137 key->u.rsa.prime2.type = siUnsignedInteger; |
159 key->u.rsa.prime1.type = siUnsignedInteger; | 138 key->u.rsa.exponent1.type = siUnsignedInteger; |
160 key->u.rsa.prime2.type = siUnsignedInteger; | 139 key->u.rsa.exponent2.type = siUnsignedInteger; |
161 key->u.rsa.exponent1.type = siUnsignedInteger; | 140 key->u.rsa.coefficient.type = siUnsignedInteger; |
162 key->u.rsa.exponent2.type = siUnsignedInteger; | 141 } |
163 key->u.rsa.coefficient.type = siUnsignedInteger; | 142 |
164 } | 143 void prepare_low_pqg_params_for_asn1(PQGParams *params) { |
165 | 144 params->prime.type = siUnsignedInteger; |
166 void | 145 params->subPrime.type = siUnsignedInteger; |
167 prepare_low_pqg_params_for_asn1(PQGParams *params) | 146 params->base.type = siUnsignedInteger; |
168 { | 147 } |
169 params->prime.type = siUnsignedInteger; | 148 |
170 params->subPrime.type = siUnsignedInteger; | 149 void prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) { |
171 params->base.type = siUnsignedInteger; | 150 key->u.dsa.publicValue.type = siUnsignedInteger; |
172 } | 151 key->u.dsa.privateValue.type = siUnsignedInteger; |
173 | 152 key->u.dsa.params.prime.type = siUnsignedInteger; |
174 void | 153 key->u.dsa.params.subPrime.type = siUnsignedInteger; |
175 prepare_low_dsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) | 154 key->u.dsa.params.base.type = siUnsignedInteger; |
176 { | 155 } |
177 key->u.dsa.publicValue.type = siUnsignedInteger; | 156 |
178 key->u.dsa.privateValue.type = siUnsignedInteger; | 157 void prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key) { |
179 key->u.dsa.params.prime.type = siUnsignedInteger; | 158 key->u.dsa.privateValue.type = siUnsignedInteger; |
180 key->u.dsa.params.subPrime.type = siUnsignedInteger; | 159 } |
181 key->u.dsa.params.base.type = siUnsignedInteger; | 160 |
182 } | 161 void prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) { |
183 | 162 key->u.dh.prime.type = siUnsignedInteger; |
184 void | 163 key->u.dh.base.type = siUnsignedInteger; |
185 prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key) | 164 key->u.dh.publicValue.type = siUnsignedInteger; |
186 { | 165 key->u.dh.privateValue.type = siUnsignedInteger; |
187 key->u.dsa.privateValue.type = siUnsignedInteger; | |
188 } | |
189 | |
190 void | |
191 prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) | |
192 { | |
193 key->u.dh.prime.type = siUnsignedInteger; | |
194 key->u.dh.base.type = siUnsignedInteger; | |
195 key->u.dh.publicValue.type = siUnsignedInteger; | |
196 key->u.dh.privateValue.type = siUnsignedInteger; | |
197 } | 166 } |
198 | 167 |
199 #ifndef NSS_DISABLE_ECC | 168 #ifndef NSS_DISABLE_ECC |
200 void | 169 void prepare_low_ecparams_for_asn1(ECParams *params) { |
201 prepare_low_ecparams_for_asn1(ECParams *params) | 170 params->DEREncoding.type = siUnsignedInteger; |
202 { | 171 params->curveOID.type = siUnsignedInteger; |
203 params->DEREncoding.type = siUnsignedInteger; | 172 } |
204 params->curveOID.type = siUnsignedInteger; | 173 |
205 } | 174 void prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) { |
206 | 175 key->u.ec.version.type = siUnsignedInteger; |
207 void | 176 key->u.ec.ecParams.DEREncoding.type = siUnsignedInteger; |
208 prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) | 177 key->u.ec.ecParams.curveOID.type = siUnsignedInteger; |
209 { | 178 key->u.ec.privateValue.type = siUnsignedInteger; |
210 key->u.ec.version.type = siUnsignedInteger; | 179 key->u.ec.publicValue.type = siUnsignedInteger; |
211 key->u.ec.ecParams.DEREncoding.type = siUnsignedInteger; | |
212 key->u.ec.ecParams.curveOID.type = siUnsignedInteger; | |
213 key->u.ec.privateValue.type = siUnsignedInteger; | |
214 key->u.ec.publicValue.type = siUnsignedInteger; | |
215 } | 180 } |
216 #endif /* NSS_DISABLE_ECC */ | 181 #endif /* NSS_DISABLE_ECC */ |
217 | 182 |
218 void | 183 void nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk) { |
219 nsslowkey_DestroyPrivateKey(NSSLOWKEYPrivateKey *privk) | 184 if (privk && privk->arena) { |
220 { | 185 PORT_FreeArena(privk->arena, PR_TRUE); |
221 if (privk && privk->arena) { | 186 } |
222 » PORT_FreeArena(privk->arena, PR_TRUE); | 187 } |
223 } | 188 |
224 } | 189 void nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *pubk) { |
225 | 190 if (pubk && pubk->arena) { |
226 void | 191 PORT_FreeArena(pubk->arena, PR_FALSE); |
227 nsslowkey_DestroyPublicKey(NSSLOWKEYPublicKey *pubk) | 192 } |
228 { | 193 } |
229 if (pubk && pubk->arena) { | 194 unsigned nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubk) { |
230 » PORT_FreeArena(pubk->arena, PR_FALSE); | 195 unsigned char b0; |
231 } | 196 |
232 } | 197 /* interpret modulus length as key strength... in |
233 unsigned | 198 * fortezza that's the public key length */ |
234 nsslowkey_PublicModulusLen(NSSLOWKEYPublicKey *pubk) | 199 |
235 { | 200 switch (pubk->keyType) { |
236 unsigned char b0; | |
237 | |
238 /* interpret modulus length as key strength... in | |
239 * fortezza that's the public key length */ | |
240 | |
241 switch (pubk->keyType) { | |
242 case NSSLOWKEYRSAKey: | 201 case NSSLOWKEYRSAKey: |
243 » b0 = pubk->u.rsa.modulus.data[0]; | 202 b0 = pubk->u.rsa.modulus.data[0]; |
244 » return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1; | 203 return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1; |
245 default: | 204 default: |
246 » break; | 205 break; |
247 } | 206 } |
248 return 0; | 207 return 0; |
249 } | 208 } |
250 | 209 |
251 unsigned | 210 unsigned nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privk) { |
252 nsslowkey_PrivateModulusLen(NSSLOWKEYPrivateKey *privk) | 211 |
253 { | 212 unsigned char b0; |
254 | 213 |
255 unsigned char b0; | 214 switch (privk->keyType) { |
256 | |
257 switch (privk->keyType) { | |
258 case NSSLOWKEYRSAKey: | 215 case NSSLOWKEYRSAKey: |
259 » b0 = privk->u.rsa.modulus.data[0]; | 216 b0 = privk->u.rsa.modulus.data[0]; |
260 » return b0 ? privk->u.rsa.modulus.len : privk->u.rsa.modulus.len - 1; | 217 return b0 ? privk->u.rsa.modulus.len : privk->u.rsa.modulus.len - 1; |
261 default: | 218 default: |
262 » break; | 219 break; |
263 } | 220 } |
264 return 0; | 221 return 0; |
265 } | 222 } |
266 | 223 |
267 NSSLOWKEYPublicKey * | 224 NSSLOWKEYPublicKey *nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk) { |
268 nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk) | 225 NSSLOWKEYPublicKey *pubk; |
269 { | 226 PLArenaPool *arena; |
270 NSSLOWKEYPublicKey *pubk; | 227 |
271 PLArenaPool *arena; | 228 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
272 | 229 if (arena == NULL) { |
273 | 230 PORT_SetError(SEC_ERROR_NO_MEMORY); |
274 arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE); | 231 return NULL; |
275 if (arena == NULL) { | 232 } |
276 PORT_SetError (SEC_ERROR_NO_MEMORY); | 233 |
277 return NULL; | 234 switch (privk->keyType) { |
278 } | 235 case NSSLOWKEYRSAKey: |
279 | 236 case NSSLOWKEYNullKey: |
280 switch(privk->keyType) { | 237 pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, |
281 case NSSLOWKEYRSAKey: | 238 sizeof(NSSLOWKEYPublicKey)); |
282 case NSSLOWKEYNullKey: | 239 if (pubk != NULL) { |
283 » pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, | 240 SECStatus rv; |
284 » » » » » » sizeof (NSSLOWKEYPublicKey)); | 241 |
285 » if (pubk != NULL) { | 242 pubk->arena = arena; |
286 » SECStatus rv; | 243 pubk->keyType = privk->keyType; |
287 | 244 if (privk->keyType == NSSLOWKEYNullKey) return pubk; |
288 » pubk->arena = arena; | 245 rv = SECITEM_CopyItem(arena, &pubk->u.rsa.modulus, |
289 » pubk->keyType = privk->keyType; | 246 &privk->u.rsa.modulus); |
290 » if (privk->keyType == NSSLOWKEYNullKey) return pubk; | 247 if (rv == SECSuccess) { |
291 » rv = SECITEM_CopyItem(arena, &pubk->u.rsa.modulus, | 248 rv = SECITEM_CopyItem(arena, &pubk->u.rsa.publicExponent, |
292 » » » » &privk->u.rsa.modulus); | 249 &privk->u.rsa.publicExponent); |
293 » if (rv == SECSuccess) { | 250 if (rv == SECSuccess) return pubk; |
294 » » rv = SECITEM_CopyItem (arena, &pubk->u.rsa.publicExponent, | 251 } |
295 » » » » &privk->u.rsa.publicExponent); | 252 } else { |
296 » » if (rv == SECSuccess) | 253 PORT_SetError(SEC_ERROR_NO_MEMORY); |
297 » » return pubk; | 254 } |
298 » } | 255 break; |
299 » } else { | 256 case NSSLOWKEYDSAKey: |
300 » PORT_SetError (SEC_ERROR_NO_MEMORY); | 257 pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, |
301 » } | 258 sizeof(NSSLOWKEYPublicKey)); |
302 » break; | 259 if (pubk != NULL) { |
303 case NSSLOWKEYDSAKey: | 260 SECStatus rv; |
304 » pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, | 261 |
305 » » » » » » sizeof(NSSLOWKEYPublicKey)); | 262 pubk->arena = arena; |
306 » if (pubk != NULL) { | 263 pubk->keyType = privk->keyType; |
307 » SECStatus rv; | 264 rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue, |
308 | 265 &privk->u.dsa.publicValue); |
309 » pubk->arena = arena; | 266 if (rv != SECSuccess) break; |
310 » pubk->keyType = privk->keyType; | 267 rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime, |
311 » rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue, | 268 &privk->u.dsa.params.prime); |
312 » » » » &privk->u.dsa.publicValue); | 269 if (rv != SECSuccess) break; |
313 » if (rv != SECSuccess) break; | 270 rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime, |
314 » rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime, | 271 &privk->u.dsa.params.subPrime); |
315 » » » » &privk->u.dsa.params.prime); | 272 if (rv != SECSuccess) break; |
316 » if (rv != SECSuccess) break; | 273 rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base, |
317 » rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime, | 274 &privk->u.dsa.params.base); |
318 » » » » &privk->u.dsa.params.subPrime); | 275 if (rv == SECSuccess) return pubk; |
319 » if (rv != SECSuccess) break; | 276 } |
320 » rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base, | 277 break; |
321 » » » » &privk->u.dsa.params.base); | 278 case NSSLOWKEYDHKey: |
322 » if (rv == SECSuccess) return pubk; | 279 pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, |
323 » } | 280 sizeof(NSSLOWKEYPublicKey)); |
324 » break; | 281 if (pubk != NULL) { |
325 case NSSLOWKEYDHKey: | 282 SECStatus rv; |
326 » pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, | 283 |
327 » » » » » » sizeof(NSSLOWKEYPublicKey)); | 284 pubk->arena = arena; |
328 » if (pubk != NULL) { | 285 pubk->keyType = privk->keyType; |
329 » SECStatus rv; | 286 rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue, |
330 | 287 &privk->u.dh.publicValue); |
331 » pubk->arena = arena; | 288 if (rv != SECSuccess) break; |
332 » pubk->keyType = privk->keyType; | 289 rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime, &privk->u.dh.prime); |
333 » rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue, | 290 if (rv != SECSuccess) break; |
334 » » » » &privk->u.dh.publicValue); | 291 rv = SECITEM_CopyItem(arena, &pubk->u.dh.base, &privk->u.dh.base); |
335 » if (rv != SECSuccess) break; | 292 if (rv == SECSuccess) return pubk; |
336 » rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime, | 293 } |
337 » » » » &privk->u.dh.prime); | 294 break; |
338 » if (rv != SECSuccess) break; | |
339 » rv = SECITEM_CopyItem(arena, &pubk->u.dh.base, | |
340 » » » » &privk->u.dh.base); | |
341 » if (rv == SECSuccess) return pubk; | |
342 » } | |
343 » break; | |
344 #ifndef NSS_DISABLE_ECC | 295 #ifndef NSS_DISABLE_ECC |
345 case NSSLOWKEYECKey: | 296 case NSSLOWKEYECKey: |
346 » pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, | 297 pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, |
347 » » » » » » sizeof(NSSLOWKEYPublicKey)); | 298 sizeof(NSSLOWKEYPublicKey)); |
348 » if (pubk != NULL) { | 299 if (pubk != NULL) { |
349 » SECStatus rv; | 300 SECStatus rv; |
350 | 301 |
351 » pubk->arena = arena; | 302 pubk->arena = arena; |
352 » pubk->keyType = privk->keyType; | 303 pubk->keyType = privk->keyType; |
353 » rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue, | 304 rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue, |
354 » » » » &privk->u.ec.publicValue); | 305 &privk->u.ec.publicValue); |
355 » if (rv != SECSuccess) break; | 306 if (rv != SECSuccess) break; |
356 » pubk->u.ec.ecParams.arena = arena; | 307 pubk->u.ec.ecParams.arena = arena; |
357 » /* Copy the rest of the params */ | 308 /* Copy the rest of the params */ |
358 » rv = EC_CopyParams(arena, &(pubk->u.ec.ecParams), | 309 rv = EC_CopyParams(arena, &(pubk->u.ec.ecParams), |
359 » » » &(privk->u.ec.ecParams)); | 310 &(privk->u.ec.ecParams)); |
360 » if (rv == SECSuccess) return pubk; | 311 if (rv == SECSuccess) return pubk; |
361 » } | 312 } |
362 » break; | 313 break; |
363 #endif /* NSS_DISABLE_ECC */ | 314 #endif /* NSS_DISABLE_ECC */ |
364 » /* No Fortezza in Low Key implementations (Fortezza keys aren't | 315 /* No Fortezza in Low Key implementations (Fortezza keys aren't |
365 » * stored in our data base */ | 316 * stored in our data base */ |
366 default: | 317 default: |
367 » break; | 318 break; |
368 } | 319 } |
369 | 320 |
370 PORT_FreeArena (arena, PR_FALSE); | 321 PORT_FreeArena(arena, PR_FALSE); |
| 322 return NULL; |
| 323 } |
| 324 |
| 325 NSSLOWKEYPrivateKey *nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey) { |
| 326 NSSLOWKEYPrivateKey *returnKey = NULL; |
| 327 SECStatus rv = SECFailure; |
| 328 PLArenaPool *poolp; |
| 329 |
| 330 if (!privKey) { |
371 return NULL; | 331 return NULL; |
372 } | 332 } |
373 | 333 |
374 NSSLOWKEYPrivateKey * | 334 poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); |
375 nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey) | 335 if (!poolp) { |
376 { | 336 return NULL; |
377 NSSLOWKEYPrivateKey *returnKey = NULL; | 337 } |
378 SECStatus rv = SECFailure; | 338 |
379 PLArenaPool *poolp; | 339 returnKey = (NSSLOWKEYPrivateKey *)PORT_ArenaZAlloc( |
380 | 340 poolp, sizeof(NSSLOWKEYPrivateKey)); |
381 if(!privKey) { | 341 if (!returnKey) { |
382 » return NULL; | 342 rv = SECFailure; |
383 } | 343 goto loser; |
384 | 344 } |
385 poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); | 345 |
386 if(!poolp) { | 346 returnKey->keyType = privKey->keyType; |
387 » return NULL; | 347 returnKey->arena = poolp; |
388 } | 348 |
389 | 349 switch (privKey->keyType) { |
390 returnKey = (NSSLOWKEYPrivateKey*)PORT_ArenaZAlloc(poolp, sizeof(NSSLOWKEYPr
ivateKey)); | 350 case NSSLOWKEYRSAKey: |
391 if(!returnKey) { | 351 rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.modulus), |
392 » rv = SECFailure; | 352 &(privKey->u.rsa.modulus)); |
393 » goto loser; | 353 if (rv != SECSuccess) break; |
394 } | 354 rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.version), |
395 | 355 &(privKey->u.rsa.version)); |
396 returnKey->keyType = privKey->keyType; | 356 if (rv != SECSuccess) break; |
397 returnKey->arena = poolp; | 357 rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.publicExponent), |
398 | 358 &(privKey->u.rsa.publicExponent)); |
399 switch(privKey->keyType) { | 359 if (rv != SECSuccess) break; |
400 » case NSSLOWKEYRSAKey: | 360 rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.privateExponent), |
401 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.modulus),· | 361 &(privKey->u.rsa.privateExponent)); |
402 » » » » » &(privKey->u.rsa.modulus)); | 362 if (rv != SECSuccess) break; |
403 » if(rv != SECSuccess) break; | 363 rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime1), |
404 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.version),· | 364 &(privKey->u.rsa.prime1)); |
405 » » » » » &(privKey->u.rsa.version)); | 365 if (rv != SECSuccess) break; |
406 » if(rv != SECSuccess) break; | 366 rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime2), |
407 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.publicExponent),· | 367 &(privKey->u.rsa.prime2)); |
408 » » » » » &(privKey->u.rsa.publicExponent)); | 368 if (rv != SECSuccess) break; |
409 » if(rv != SECSuccess) break; | 369 rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent1), |
410 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.privateExponent),· | 370 &(privKey->u.rsa.exponent1)); |
411 » » » » » &(privKey->u.rsa.privateExponent)); | 371 if (rv != SECSuccess) break; |
412 » if(rv != SECSuccess) break; | 372 rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent2), |
413 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime1),· | 373 &(privKey->u.rsa.exponent2)); |
414 » » » » » &(privKey->u.rsa.prime1)); | 374 if (rv != SECSuccess) break; |
415 » if(rv != SECSuccess) break; | 375 rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.coefficient), |
416 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime2),· | 376 &(privKey->u.rsa.coefficient)); |
417 » » » » » &(privKey->u.rsa.prime2)); | 377 if (rv != SECSuccess) break; |
418 » if(rv != SECSuccess) break; | 378 break; |
419 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent1),· | 379 case NSSLOWKEYDSAKey: |
420 » » » » » &(privKey->u.rsa.exponent1)); | 380 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.publicValue), |
421 » if(rv != SECSuccess) break; | 381 &(privKey->u.dsa.publicValue)); |
422 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent2),· | 382 if (rv != SECSuccess) break; |
423 » » » » » &(privKey->u.rsa.exponent2)); | 383 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.privateValue), |
424 » if(rv != SECSuccess) break; | 384 &(privKey->u.dsa.privateValue)); |
425 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.coefficient),· | 385 if (rv != SECSuccess) break; |
426 » » » » » &(privKey->u.rsa.coefficient)); | 386 returnKey->u.dsa.params.arena = poolp; |
427 » if(rv != SECSuccess) break; | 387 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.prime), |
428 » break; | 388 &(privKey->u.dsa.params.prime)); |
429 » case NSSLOWKEYDSAKey: | 389 if (rv != SECSuccess) break; |
430 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.publicValue), | 390 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.subPrime), |
431 » » » » » &(privKey->u.dsa.publicValue)); | 391 &(privKey->u.dsa.params.subPrime)); |
432 » if(rv != SECSuccess) break; | 392 if (rv != SECSuccess) break; |
433 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.privateValue), | 393 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.base), |
434 » » » » » &(privKey->u.dsa.privateValue)); | 394 &(privKey->u.dsa.params.base)); |
435 » if(rv != SECSuccess) break; | 395 if (rv != SECSuccess) break; |
436 » returnKey->u.dsa.params.arena = poolp; | 396 break; |
437 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.prime), | 397 case NSSLOWKEYDHKey: |
438 » » » » » &(privKey->u.dsa.params.prime)); | 398 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.publicValue), |
439 » if(rv != SECSuccess) break; | 399 &(privKey->u.dh.publicValue)); |
440 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.subPrime), | 400 if (rv != SECSuccess) break; |
441 » » » » » &(privKey->u.dsa.params.subPrime)); | 401 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.privateValue), |
442 » if(rv != SECSuccess) break; | 402 &(privKey->u.dh.privateValue)); |
443 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.base), | 403 if (rv != SECSuccess) break; |
444 » » » » » &(privKey->u.dsa.params.base)); | 404 returnKey->u.dsa.params.arena = poolp; |
445 » if(rv != SECSuccess) break; | 405 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.prime), |
446 » break; | 406 &(privKey->u.dh.prime)); |
447 » case NSSLOWKEYDHKey: | 407 if (rv != SECSuccess) break; |
448 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.publicValue), | 408 rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.base), |
449 » » » » » &(privKey->u.dh.publicValue)); | 409 &(privKey->u.dh.base)); |
450 » if(rv != SECSuccess) break; | 410 if (rv != SECSuccess) break; |
451 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.privateValue), | 411 break; |
452 » » » » » &(privKey->u.dh.privateValue)); | |
453 » if(rv != SECSuccess) break; | |
454 » returnKey->u.dsa.params.arena = poolp; | |
455 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.prime), | |
456 » » » » » &(privKey->u.dh.prime)); | |
457 » if(rv != SECSuccess) break; | |
458 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.base), | |
459 » » » » » &(privKey->u.dh.base)); | |
460 » if(rv != SECSuccess) break; | |
461 » break; | |
462 #ifndef NSS_DISABLE_ECC | 412 #ifndef NSS_DISABLE_ECC |
463 » case NSSLOWKEYECKey: | 413 case NSSLOWKEYECKey: |
464 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.version), | 414 rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.version), |
465 » » » » » &(privKey->u.ec.version)); | 415 &(privKey->u.ec.version)); |
466 » if(rv != SECSuccess) break; | 416 if (rv != SECSuccess) break; |
467 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.publicValue), | 417 rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.publicValue), |
468 » » » » » &(privKey->u.ec.publicValue)); | 418 &(privKey->u.ec.publicValue)); |
469 » if(rv != SECSuccess) break; | 419 if (rv != SECSuccess) break; |
470 » rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.privateValue), | 420 rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.privateValue), |
471 » » » » » &(privKey->u.ec.privateValue)); | 421 &(privKey->u.ec.privateValue)); |
472 » if(rv != SECSuccess) break; | 422 if (rv != SECSuccess) break; |
473 » returnKey->u.ec.ecParams.arena = poolp; | 423 returnKey->u.ec.ecParams.arena = poolp; |
474 » /* Copy the rest of the params */ | 424 /* Copy the rest of the params */ |
475 » rv = EC_CopyParams(poolp, &(returnKey->u.ec.ecParams), | 425 rv = EC_CopyParams(poolp, &(returnKey->u.ec.ecParams), |
476 » » » &(privKey->u.ec.ecParams)); | 426 &(privKey->u.ec.ecParams)); |
477 » if (rv != SECSuccess) break; | 427 if (rv != SECSuccess) break; |
478 » break; | 428 break; |
479 #endif /* NSS_DISABLE_ECC */ | 429 #endif /* NSS_DISABLE_ECC */ |
480 » default: | 430 default: |
481 » rv = SECFailure; | 431 rv = SECFailure; |
482 } | 432 } |
483 | 433 |
484 loser: | 434 loser: |
485 | 435 |
486 if(rv != SECSuccess) { | 436 if (rv != SECSuccess) { |
487 » PORT_FreeArena(poolp, PR_TRUE); | 437 PORT_FreeArena(poolp, PR_TRUE); |
488 » returnKey = NULL; | 438 returnKey = NULL; |
489 } | 439 } |
490 | 440 |
491 return returnKey; | 441 return returnKey; |
492 } | 442 } |
OLD | NEW |