Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(1056)

Unified Diff: lib/pk11wrap/pk11mech.c

Issue 201830043: Bug 1118245 - Apply uniform style across NSS
Patch Set: Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « lib/pk11wrap/pk11load.c ('k') | lib/pk11wrap/pk11merge.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: lib/pk11wrap/pk11mech.c
===================================================================
--- a/lib/pk11wrap/pk11mech.c
+++ b/lib/pk11wrap/pk11mech.c
@@ -7,370 +7,351 @@
*/
#include "seccomon.h"
#include "secmod.h"
#include "secmodi.h"
#include "pkcs11t.h"
#include "pk11func.h"
#include "secitem.h"
#include "secder.h"
-#include "secasn1.h"
+#include "secasn1.h"
#include "secoid.h"
#include "secerr.h"
/*************************************************************
* local static and global data
*************************************************************/
/*
* Tables used for Extended mechanism mapping (currently not used)
*/
typedef struct {
- CK_MECHANISM_TYPE keyGen;
- CK_KEY_TYPE keyType;
- CK_MECHANISM_TYPE type;
- CK_MECHANISM_TYPE padType;
- int blockSize;
- int iv;
+ CK_MECHANISM_TYPE keyGen;
+ CK_KEY_TYPE keyType;
+ CK_MECHANISM_TYPE type;
+ CK_MECHANISM_TYPE padType;
+ int blockSize;
+ int iv;
} pk11MechanismData;
-
-static pk11MechanismData pk11_default =
- { CKM_GENERIC_SECRET_KEY_GEN, CKK_GENERIC_SECRET,
- CKM_FAKE_RANDOM, CKM_FAKE_RANDOM, 8, 8 };
+
+static pk11MechanismData pk11_default = {
+ CKM_GENERIC_SECRET_KEY_GEN, CKK_GENERIC_SECRET, CKM_FAKE_RANDOM,
+ CKM_FAKE_RANDOM, 8, 8};
static pk11MechanismData *pk11_MechanismTable = NULL;
static int pk11_MechTableSize = 0;
static int pk11_MechEntrySize = 0;
/*
* list of mechanisms we're willing to wrap secret keys with.
* This list is ordered by preference.
*/
CK_MECHANISM_TYPE wrapMechanismList[] = {
- CKM_DES3_ECB,
- CKM_CAST5_ECB,
- CKM_AES_ECB,
- CKM_CAMELLIA_ECB,
- CKM_SEED_ECB,
- CKM_CAST5_ECB,
- CKM_DES_ECB,
- CKM_KEY_WRAP_LYNKS,
- CKM_IDEA_ECB,
- CKM_CAST3_ECB,
- CKM_CAST_ECB,
- CKM_RC5_ECB,
- CKM_RC2_ECB,
- CKM_CDMF_ECB,
- CKM_SKIPJACK_WRAP,
-};
+ CKM_DES3_ECB, CKM_CAST5_ECB, CKM_AES_ECB, CKM_CAMELLIA_ECB,
+ CKM_SEED_ECB, CKM_CAST5_ECB, CKM_DES_ECB, CKM_KEY_WRAP_LYNKS,
+ CKM_IDEA_ECB, CKM_CAST3_ECB, CKM_CAST_ECB, CKM_RC5_ECB,
+ CKM_RC2_ECB, CKM_CDMF_ECB, CKM_SKIPJACK_WRAP, };
-int wrapMechanismCount = sizeof(wrapMechanismList)/sizeof(wrapMechanismList[0]);
+int wrapMechanismCount =
+ sizeof(wrapMechanismList) / sizeof(wrapMechanismList[0]);
/*********************************************************************
* Mechanism Mapping functions
*********************************************************************/
/*
* lookup an entry in the mechanism table. If none found, return the
* default structure.
*/
-static pk11MechanismData *
-pk11_lookup(CK_MECHANISM_TYPE type)
-{
- int i;
- for (i=0; i < pk11_MechEntrySize; i++) {
- if (pk11_MechanismTable[i].type == type) {
- return (&pk11_MechanismTable[i]);
- }
+static pk11MechanismData *pk11_lookup(CK_MECHANISM_TYPE type) {
+ int i;
+ for (i = 0; i < pk11_MechEntrySize; i++) {
+ if (pk11_MechanismTable[i].type == type) {
+ return (&pk11_MechanismTable[i]);
}
- return &pk11_default;
+ }
+ return &pk11_default;
}
/*
* find the best key wrap mechanism for this slot.
*/
CK_MECHANISM_TYPE
-PK11_GetBestWrapMechanism(PK11SlotInfo *slot)
-{
- int i;
- for (i=0; i < wrapMechanismCount; i++) {
- if (PK11_DoesMechanism(slot,wrapMechanismList[i])) {
- return wrapMechanismList[i];
- }
+PK11_GetBestWrapMechanism(PK11SlotInfo *slot) {
+ int i;
+ for (i = 0; i < wrapMechanismCount; i++) {
+ if (PK11_DoesMechanism(slot, wrapMechanismList[i])) {
+ return wrapMechanismList[i];
}
- return CKM_INVALID_MECHANISM;
+ }
+ return CKM_INVALID_MECHANISM;
}
/*
* NOTE: This is not thread safe. Called at init time, and when loading
* a new Entry. It is reasonably safe as long as it is not re-entered
* (readers will always see a consistant table)
*
* This routine is called to add entries to the mechanism table, once there,
* they can not be removed.
*/
-void
-PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key,
- CK_MECHANISM_TYPE keyGen,
- CK_MECHANISM_TYPE padType,
- int ivLen, int blockSize)
-{
- int tableSize = pk11_MechTableSize;
- int size = pk11_MechEntrySize;
- int entry = size++;
- pk11MechanismData *old = pk11_MechanismTable;
- pk11MechanismData *newt = pk11_MechanismTable;
+void PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key,
+ CK_MECHANISM_TYPE keyGen, CK_MECHANISM_TYPE padType,
+ int ivLen, int blockSize) {
+ int tableSize = pk11_MechTableSize;
+ int size = pk11_MechEntrySize;
+ int entry = size++;
+ pk11MechanismData *old = pk11_MechanismTable;
+ pk11MechanismData *newt = pk11_MechanismTable;
-
- if (size > tableSize) {
- int oldTableSize = tableSize;
- tableSize += 10;
- newt = PORT_NewArray(pk11MechanismData, tableSize);
- if (newt == NULL) return;
+ if (size > tableSize) {
+ int oldTableSize = tableSize;
+ tableSize += 10;
+ newt = PORT_NewArray(pk11MechanismData, tableSize);
+ if (newt == NULL) return;
- if (old) PORT_Memcpy(newt, old, oldTableSize*sizeof(*newt));
- } else old = NULL;
+ if (old) PORT_Memcpy(newt, old, oldTableSize * sizeof(*newt));
+ } else
+ old = NULL;
- newt[entry].type = type;
- newt[entry].keyType = key;
- newt[entry].keyGen = keyGen;
- newt[entry].padType = padType;
- newt[entry].iv = ivLen;
- newt[entry].blockSize = blockSize;
+ newt[entry].type = type;
+ newt[entry].keyType = key;
+ newt[entry].keyGen = keyGen;
+ newt[entry].padType = padType;
+ newt[entry].iv = ivLen;
+ newt[entry].blockSize = blockSize;
- pk11_MechanismTable = newt;
- pk11_MechTableSize = tableSize;
- pk11_MechEntrySize = size;
- if (old) PORT_Free(old);
+ pk11_MechanismTable = newt;
+ pk11_MechTableSize = tableSize;
+ pk11_MechEntrySize = size;
+ if (old) PORT_Free(old);
}
/*
* Get the mechanism needed for the given key type
*/
CK_MECHANISM_TYPE
-PK11_GetKeyMechanism(CK_KEY_TYPE type)
-{
- switch (type) {
+PK11_GetKeyMechanism(CK_KEY_TYPE type) {
+ switch (type) {
case CKK_SEED:
- return CKM_SEED_CBC;
+ return CKM_SEED_CBC;
case CKK_CAMELLIA:
- return CKM_CAMELLIA_CBC;
+ return CKM_CAMELLIA_CBC;
case CKK_AES:
- return CKM_AES_CBC;
+ return CKM_AES_CBC;
case CKK_DES:
- return CKM_DES_CBC;
+ return CKM_DES_CBC;
case CKK_DES3:
- return CKM_DES3_KEY_GEN;
+ return CKM_DES3_KEY_GEN;
case CKK_DES2:
- return CKM_DES2_KEY_GEN;
+ return CKM_DES2_KEY_GEN;
case CKK_CDMF:
- return CKM_CDMF_CBC;
+ return CKM_CDMF_CBC;
case CKK_RC2:
- return CKM_RC2_CBC;
+ return CKM_RC2_CBC;
case CKK_RC4:
- return CKM_RC4;
+ return CKM_RC4;
case CKK_RC5:
- return CKM_RC5_CBC;
+ return CKM_RC5_CBC;
case CKK_SKIPJACK:
- return CKM_SKIPJACK_CBC64;
+ return CKM_SKIPJACK_CBC64;
case CKK_BATON:
- return CKM_BATON_CBC128;
+ return CKM_BATON_CBC128;
case CKK_JUNIPER:
- return CKM_JUNIPER_CBC128;
+ return CKM_JUNIPER_CBC128;
case CKK_IDEA:
- return CKM_IDEA_CBC;
+ return CKM_IDEA_CBC;
case CKK_CAST:
- return CKM_CAST_CBC;
+ return CKM_CAST_CBC;
case CKK_CAST3:
- return CKM_CAST3_CBC;
+ return CKM_CAST3_CBC;
case CKK_CAST5:
- return CKM_CAST5_CBC;
+ return CKM_CAST5_CBC;
case CKK_RSA:
- return CKM_RSA_PKCS;
+ return CKM_RSA_PKCS;
case CKK_DSA:
- return CKM_DSA;
+ return CKM_DSA;
case CKK_DH:
- return CKM_DH_PKCS_DERIVE;
+ return CKM_DH_PKCS_DERIVE;
case CKK_KEA:
- return CKM_KEA_KEY_DERIVE;
- case CKK_EC: /* CKK_ECDSA is deprecated */
- return CKM_ECDSA;
+ return CKM_KEA_KEY_DERIVE;
+ case CKK_EC: /* CKK_ECDSA is deprecated */
+ return CKM_ECDSA;
case CKK_GENERIC_SECRET:
default:
- return CKM_SHA_1_HMAC;
- }
+ return CKM_SHA_1_HMAC;
+ }
}
/*
* Get the key type needed for the given mechanism
*/
CK_KEY_TYPE
-PK11_GetKeyType(CK_MECHANISM_TYPE type,unsigned long len)
-{
- switch (type) {
+PK11_GetKeyType(CK_MECHANISM_TYPE type, unsigned long len) {
+ switch (type) {
case CKM_SEED_ECB:
case CKM_SEED_CBC:
case CKM_SEED_MAC:
case CKM_SEED_MAC_GENERAL:
case CKM_SEED_CBC_PAD:
case CKM_SEED_KEY_GEN:
- return CKK_SEED;
+ return CKK_SEED;
case CKM_CAMELLIA_ECB:
case CKM_CAMELLIA_CBC:
case CKM_CAMELLIA_MAC:
case CKM_CAMELLIA_MAC_GENERAL:
case CKM_CAMELLIA_CBC_PAD:
case CKM_CAMELLIA_KEY_GEN:
- return CKK_CAMELLIA;
+ return CKK_CAMELLIA;
case CKM_AES_ECB:
case CKM_AES_CBC:
case CKM_AES_CCM:
case CKM_AES_CTR:
case CKM_AES_CTS:
case CKM_AES_GCM:
case CKM_AES_MAC:
case CKM_AES_MAC_GENERAL:
case CKM_AES_CBC_PAD:
case CKM_AES_KEY_GEN:
case CKM_NETSCAPE_AES_KEY_WRAP:
case CKM_NETSCAPE_AES_KEY_WRAP_PAD:
- return CKK_AES;
+ return CKK_AES;
case CKM_DES_ECB:
case CKM_DES_CBC:
case CKM_DES_MAC:
case CKM_DES_MAC_GENERAL:
case CKM_DES_CBC_PAD:
case CKM_DES_KEY_GEN:
case CKM_KEY_WRAP_LYNKS:
case CKM_PBE_MD2_DES_CBC:
case CKM_PBE_MD5_DES_CBC:
- return CKK_DES;
+ return CKK_DES;
case CKM_DES3_ECB:
case CKM_DES3_CBC:
case CKM_DES3_MAC:
case CKM_DES3_MAC_GENERAL:
case CKM_DES3_CBC_PAD:
- return (len == 16) ? CKK_DES2 : CKK_DES3;
+ return (len == 16) ? CKK_DES2 : CKK_DES3;
case CKM_DES2_KEY_GEN:
case CKM_PBE_SHA1_DES2_EDE_CBC:
- return CKK_DES2;
+ return CKK_DES2;
case CKM_PBE_SHA1_DES3_EDE_CBC:
case CKM_DES3_KEY_GEN:
- return CKK_DES3;
+ return CKK_DES3;
case CKM_CDMF_ECB:
case CKM_CDMF_CBC:
case CKM_CDMF_MAC:
case CKM_CDMF_MAC_GENERAL:
case CKM_CDMF_CBC_PAD:
case CKM_CDMF_KEY_GEN:
- return CKK_CDMF;
+ return CKK_CDMF;
case CKM_RC2_ECB:
case CKM_RC2_CBC:
case CKM_RC2_MAC:
case CKM_RC2_MAC_GENERAL:
case CKM_RC2_CBC_PAD:
case CKM_RC2_KEY_GEN:
case CKM_PBE_SHA1_RC2_128_CBC:
case CKM_PBE_SHA1_RC2_40_CBC:
- return CKK_RC2;
+ return CKK_RC2;
case CKM_RC4:
case CKM_RC4_KEY_GEN:
- return CKK_RC4;
+ return CKK_RC4;
case CKM_RC5_ECB:
case CKM_RC5_CBC:
case CKM_RC5_MAC:
case CKM_RC5_MAC_GENERAL:
case CKM_RC5_CBC_PAD:
case CKM_RC5_KEY_GEN:
- return CKK_RC5;
+ return CKK_RC5;
case CKM_SKIPJACK_CBC64:
case CKM_SKIPJACK_ECB64:
case CKM_SKIPJACK_OFB64:
case CKM_SKIPJACK_CFB64:
case CKM_SKIPJACK_CFB32:
case CKM_SKIPJACK_CFB16:
case CKM_SKIPJACK_CFB8:
case CKM_SKIPJACK_KEY_GEN:
case CKM_SKIPJACK_WRAP:
case CKM_SKIPJACK_PRIVATE_WRAP:
- return CKK_SKIPJACK;
+ return CKK_SKIPJACK;
case CKM_BATON_ECB128:
case CKM_BATON_ECB96:
case CKM_BATON_CBC128:
case CKM_BATON_COUNTER:
case CKM_BATON_SHUFFLE:
case CKM_BATON_WRAP:
case CKM_BATON_KEY_GEN:
- return CKK_BATON;
+ return CKK_BATON;
case CKM_JUNIPER_ECB128:
case CKM_JUNIPER_CBC128:
case CKM_JUNIPER_COUNTER:
case CKM_JUNIPER_SHUFFLE:
case CKM_JUNIPER_WRAP:
case CKM_JUNIPER_KEY_GEN:
- return CKK_JUNIPER;
+ return CKK_JUNIPER;
case CKM_IDEA_CBC:
case CKM_IDEA_ECB:
case CKM_IDEA_MAC:
case CKM_IDEA_MAC_GENERAL:
case CKM_IDEA_CBC_PAD:
case CKM_IDEA_KEY_GEN:
- return CKK_IDEA;
+ return CKK_IDEA;
case CKM_CAST_ECB:
case CKM_CAST_CBC:
case CKM_CAST_MAC:
case CKM_CAST_MAC_GENERAL:
case CKM_CAST_CBC_PAD:
case CKM_CAST_KEY_GEN:
case CKM_PBE_MD5_CAST_CBC:
- return CKK_CAST;
+ return CKK_CAST;
case CKM_CAST3_ECB:
case CKM_CAST3_CBC:
case CKM_CAST3_MAC:
case CKM_CAST3_MAC_GENERAL:
case CKM_CAST3_CBC_PAD:
case CKM_CAST3_KEY_GEN:
case CKM_PBE_MD5_CAST3_CBC:
- return CKK_CAST3;
+ return CKK_CAST3;
case CKM_CAST5_ECB:
case CKM_CAST5_CBC:
case CKM_CAST5_MAC:
case CKM_CAST5_MAC_GENERAL:
case CKM_CAST5_CBC_PAD:
case CKM_CAST5_KEY_GEN:
case CKM_PBE_MD5_CAST5_CBC:
- return CKK_CAST5;
+ return CKK_CAST5;
case CKM_RSA_PKCS:
case CKM_RSA_9796:
case CKM_RSA_X_509:
case CKM_MD2_RSA_PKCS:
case CKM_MD5_RSA_PKCS:
case CKM_SHA1_RSA_PKCS:
case CKM_SHA224_RSA_PKCS:
case CKM_SHA256_RSA_PKCS:
case CKM_SHA384_RSA_PKCS:
case CKM_SHA512_RSA_PKCS:
case CKM_KEY_WRAP_SET_OAEP:
case CKM_RSA_PKCS_KEY_PAIR_GEN:
case CKM_RSA_X9_31_KEY_PAIR_GEN:
- return CKK_RSA;
+ return CKK_RSA;
case CKM_DSA:
case CKM_DSA_SHA1:
case CKM_DSA_KEY_PAIR_GEN:
- return CKK_DSA;
+ return CKK_DSA;
case CKM_DH_PKCS_DERIVE:
case CKM_DH_PKCS_KEY_PAIR_GEN:
- return CKK_DH;
+ return CKK_DH;
case CKM_KEA_KEY_DERIVE:
case CKM_KEA_KEY_PAIR_GEN:
- return CKK_KEA;
+ return CKK_KEA;
case CKM_ECDSA:
case CKM_ECDSA_SHA1:
case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */
case CKM_ECDH1_DERIVE:
- return CKK_EC; /* CKK_ECDSA is deprecated */
+ return CKK_EC; /* CKK_ECDSA is deprecated */
case CKM_SSL3_PRE_MASTER_KEY_GEN:
case CKM_GENERIC_SECRET_KEY_GEN:
case CKM_SSL3_MASTER_KEY_DERIVE:
case CKM_SSL3_MASTER_KEY_DERIVE_DH:
case CKM_SSL3_KEY_AND_MAC_DERIVE:
case CKM_SSL3_SHA1_MAC:
case CKM_SSL3_MD5_MAC:
case CKM_TLS_MASTER_KEY_DERIVE:
@@ -390,195 +371,193 @@ PK11_GetKeyType(CK_MECHANISM_TYPE type,u
case CKM_SHA512_HMAC:
case CKM_SHA512_HMAC_GENERAL:
case CKM_MD2_HMAC:
case CKM_MD2_HMAC_GENERAL:
case CKM_MD5_HMAC:
case CKM_MD5_HMAC_GENERAL:
case CKM_TLS_PRF_GENERAL:
case CKM_NSS_TLS_PRF_GENERAL_SHA256:
- return CKK_GENERIC_SECRET;
+ return CKK_GENERIC_SECRET;
default:
- return pk11_lookup(type)->keyType;
- }
+ return pk11_lookup(type)->keyType;
+ }
}
/*
- * Get the Key Gen Mechanism needed for the given
+ * Get the Key Gen Mechanism needed for the given
* crypto mechanism
*/
CK_MECHANISM_TYPE
-PK11_GetKeyGen(CK_MECHANISM_TYPE type)
-{
- return PK11_GetKeyGenWithSize(type, 0);
+PK11_GetKeyGen(CK_MECHANISM_TYPE type) {
+ return PK11_GetKeyGenWithSize(type, 0);
}
CK_MECHANISM_TYPE
-PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE type, int size)
-{
- switch (type) {
+PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE type, int size) {
+ switch (type) {
case CKM_SEED_ECB:
case CKM_SEED_CBC:
case CKM_SEED_MAC:
case CKM_SEED_MAC_GENERAL:
case CKM_SEED_CBC_PAD:
case CKM_SEED_KEY_GEN:
- return CKM_SEED_KEY_GEN;
+ return CKM_SEED_KEY_GEN;
case CKM_CAMELLIA_ECB:
case CKM_CAMELLIA_CBC:
case CKM_CAMELLIA_MAC:
case CKM_CAMELLIA_MAC_GENERAL:
case CKM_CAMELLIA_CBC_PAD:
case CKM_CAMELLIA_KEY_GEN:
- return CKM_CAMELLIA_KEY_GEN;
+ return CKM_CAMELLIA_KEY_GEN;
case CKM_AES_ECB:
case CKM_AES_CBC:
case CKM_AES_CCM:
case CKM_AES_CTR:
case CKM_AES_CTS:
case CKM_AES_GCM:
case CKM_AES_MAC:
case CKM_AES_MAC_GENERAL:
case CKM_AES_CBC_PAD:
case CKM_AES_KEY_GEN:
- return CKM_AES_KEY_GEN;
+ return CKM_AES_KEY_GEN;
case CKM_DES_ECB:
case CKM_DES_CBC:
case CKM_DES_MAC:
case CKM_DES_MAC_GENERAL:
case CKM_KEY_WRAP_LYNKS:
case CKM_DES_CBC_PAD:
case CKM_DES_KEY_GEN:
- return CKM_DES_KEY_GEN;
+ return CKM_DES_KEY_GEN;
case CKM_DES3_ECB:
case CKM_DES3_CBC:
case CKM_DES3_MAC:
case CKM_DES3_MAC_GENERAL:
case CKM_DES3_CBC_PAD:
- return (size == 16) ? CKM_DES2_KEY_GEN : CKM_DES3_KEY_GEN;
+ return (size == 16) ? CKM_DES2_KEY_GEN : CKM_DES3_KEY_GEN;
case CKM_DES3_KEY_GEN:
- return CKM_DES3_KEY_GEN;
+ return CKM_DES3_KEY_GEN;
case CKM_DES2_KEY_GEN:
- return CKM_DES2_KEY_GEN;
+ return CKM_DES2_KEY_GEN;
case CKM_CDMF_ECB:
case CKM_CDMF_CBC:
case CKM_CDMF_MAC:
case CKM_CDMF_MAC_GENERAL:
case CKM_CDMF_CBC_PAD:
case CKM_CDMF_KEY_GEN:
- return CKM_CDMF_KEY_GEN;
+ return CKM_CDMF_KEY_GEN;
case CKM_RC2_ECB:
case CKM_RC2_CBC:
case CKM_RC2_MAC:
case CKM_RC2_MAC_GENERAL:
case CKM_RC2_CBC_PAD:
case CKM_RC2_KEY_GEN:
- return CKM_RC2_KEY_GEN;
+ return CKM_RC2_KEY_GEN;
case CKM_RC4:
case CKM_RC4_KEY_GEN:
- return CKM_RC4_KEY_GEN;
+ return CKM_RC4_KEY_GEN;
case CKM_RC5_ECB:
case CKM_RC5_CBC:
case CKM_RC5_MAC:
case CKM_RC5_MAC_GENERAL:
case CKM_RC5_CBC_PAD:
case CKM_RC5_KEY_GEN:
- return CKM_RC5_KEY_GEN;
+ return CKM_RC5_KEY_GEN;
case CKM_SKIPJACK_CBC64:
case CKM_SKIPJACK_ECB64:
case CKM_SKIPJACK_OFB64:
case CKM_SKIPJACK_CFB64:
case CKM_SKIPJACK_CFB32:
case CKM_SKIPJACK_CFB16:
case CKM_SKIPJACK_CFB8:
case CKM_SKIPJACK_WRAP:
case CKM_SKIPJACK_KEY_GEN:
- return CKM_SKIPJACK_KEY_GEN;
+ return CKM_SKIPJACK_KEY_GEN;
case CKM_BATON_ECB128:
case CKM_BATON_ECB96:
case CKM_BATON_CBC128:
case CKM_BATON_COUNTER:
case CKM_BATON_SHUFFLE:
case CKM_BATON_WRAP:
case CKM_BATON_KEY_GEN:
- return CKM_BATON_KEY_GEN;
+ return CKM_BATON_KEY_GEN;
case CKM_JUNIPER_ECB128:
case CKM_JUNIPER_CBC128:
case CKM_JUNIPER_COUNTER:
case CKM_JUNIPER_SHUFFLE:
case CKM_JUNIPER_WRAP:
case CKM_JUNIPER_KEY_GEN:
- return CKM_JUNIPER_KEY_GEN;
+ return CKM_JUNIPER_KEY_GEN;
case CKM_IDEA_CBC:
case CKM_IDEA_ECB:
case CKM_IDEA_MAC:
case CKM_IDEA_MAC_GENERAL:
case CKM_IDEA_CBC_PAD:
case CKM_IDEA_KEY_GEN:
- return CKM_IDEA_KEY_GEN;
+ return CKM_IDEA_KEY_GEN;
case CKM_CAST_ECB:
case CKM_CAST_CBC:
case CKM_CAST_MAC:
case CKM_CAST_MAC_GENERAL:
case CKM_CAST_CBC_PAD:
case CKM_CAST_KEY_GEN:
- return CKM_CAST_KEY_GEN;
+ return CKM_CAST_KEY_GEN;
case CKM_CAST3_ECB:
case CKM_CAST3_CBC:
case CKM_CAST3_MAC:
case CKM_CAST3_MAC_GENERAL:
case CKM_CAST3_CBC_PAD:
case CKM_CAST3_KEY_GEN:
- return CKM_CAST3_KEY_GEN;
+ return CKM_CAST3_KEY_GEN;
case CKM_CAST5_ECB:
case CKM_CAST5_CBC:
case CKM_CAST5_MAC:
case CKM_CAST5_MAC_GENERAL:
case CKM_CAST5_CBC_PAD:
case CKM_CAST5_KEY_GEN:
- return CKM_CAST5_KEY_GEN;
+ return CKM_CAST5_KEY_GEN;
case CKM_RSA_PKCS:
case CKM_RSA_9796:
case CKM_RSA_X_509:
case CKM_MD2_RSA_PKCS:
case CKM_MD5_RSA_PKCS:
case CKM_SHA1_RSA_PKCS:
case CKM_SHA224_RSA_PKCS:
case CKM_SHA256_RSA_PKCS:
case CKM_SHA384_RSA_PKCS:
case CKM_SHA512_RSA_PKCS:
case CKM_KEY_WRAP_SET_OAEP:
case CKM_RSA_PKCS_KEY_PAIR_GEN:
- return CKM_RSA_PKCS_KEY_PAIR_GEN;
+ return CKM_RSA_PKCS_KEY_PAIR_GEN;
case CKM_RSA_X9_31_KEY_PAIR_GEN:
- return CKM_RSA_X9_31_KEY_PAIR_GEN;
+ return CKM_RSA_X9_31_KEY_PAIR_GEN;
case CKM_DSA:
case CKM_DSA_SHA1:
case CKM_DSA_KEY_PAIR_GEN:
- return CKM_DSA_KEY_PAIR_GEN;
+ return CKM_DSA_KEY_PAIR_GEN;
case CKM_DH_PKCS_DERIVE:
case CKM_DH_PKCS_KEY_PAIR_GEN:
- return CKM_DH_PKCS_KEY_PAIR_GEN;
+ return CKM_DH_PKCS_KEY_PAIR_GEN;
case CKM_KEA_KEY_DERIVE:
case CKM_KEA_KEY_PAIR_GEN:
- return CKM_KEA_KEY_PAIR_GEN;
+ return CKM_KEA_KEY_PAIR_GEN;
case CKM_ECDSA:
case CKM_ECDSA_SHA1:
case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */
case CKM_ECDH1_DERIVE:
- return CKM_EC_KEY_PAIR_GEN;
+ return CKM_EC_KEY_PAIR_GEN;
case CKM_SSL3_PRE_MASTER_KEY_GEN:
case CKM_SSL3_MASTER_KEY_DERIVE:
case CKM_SSL3_KEY_AND_MAC_DERIVE:
case CKM_SSL3_SHA1_MAC:
case CKM_SSL3_MD5_MAC:
case CKM_TLS_MASTER_KEY_DERIVE:
case CKM_TLS_KEY_AND_MAC_DERIVE:
case CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256:
- return CKM_SSL3_PRE_MASTER_KEY_GEN;
+ return CKM_SSL3_PRE_MASTER_KEY_GEN;
case CKM_SHA_1_HMAC:
case CKM_SHA_1_HMAC_GENERAL:
case CKM_SHA224_HMAC:
case CKM_SHA224_HMAC_GENERAL:
case CKM_SHA256_HMAC:
case CKM_SHA256_HMAC_GENERAL:
case CKM_SHA384_HMAC:
case CKM_SHA384_HMAC_GENERAL:
@@ -586,17 +565,17 @@ PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE
case CKM_SHA512_HMAC_GENERAL:
case CKM_MD2_HMAC:
case CKM_MD2_HMAC_GENERAL:
case CKM_MD5_HMAC:
case CKM_MD5_HMAC_GENERAL:
case CKM_TLS_PRF_GENERAL:
case CKM_NSS_TLS_PRF_GENERAL_SHA256:
case CKM_GENERIC_SECRET_KEY_GEN:
- return CKM_GENERIC_SECRET_KEY_GEN;
+ return CKM_GENERIC_SECRET_KEY_GEN;
case CKM_PBE_MD2_DES_CBC:
case CKM_PBE_MD5_DES_CBC:
case CKM_PBA_SHA1_WITH_SHA1_HMAC:
case CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN:
case CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN:
case CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN:
case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
@@ -607,44 +586,42 @@ PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE
case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
case CKM_PBE_SHA1_RC2_40_CBC:
case CKM_PBE_SHA1_RC2_128_CBC:
case CKM_PBE_SHA1_RC4_40:
case CKM_PBE_SHA1_RC4_128:
case CKM_PBE_SHA1_DES3_EDE_CBC:
case CKM_PBE_SHA1_DES2_EDE_CBC:
case CKM_PKCS5_PBKD2:
- return type;
+ return type;
default:
- return pk11_lookup(type)->keyGen;
- }
+ return pk11_lookup(type)->keyGen;
+ }
}
/*
* get the mechanism block size
*/
-int
-PK11_GetBlockSize(CK_MECHANISM_TYPE type,SECItem *params)
-{
- CK_RC5_PARAMS *rc5_params;
- CK_RC5_CBC_PARAMS *rc5_cbc_params;
- switch (type) {
+int PK11_GetBlockSize(CK_MECHANISM_TYPE type, SECItem *params) {
+ CK_RC5_PARAMS *rc5_params;
+ CK_RC5_CBC_PARAMS *rc5_cbc_params;
+ switch (type) {
case CKM_RC5_ECB:
- if ((params) && (params->data)) {
- rc5_params = (CK_RC5_PARAMS *) params->data;
- return (rc5_params->ulWordsize)*2;
- }
- return 8;
+ if ((params) && (params->data)) {
+ rc5_params = (CK_RC5_PARAMS *)params->data;
+ return (rc5_params->ulWordsize) * 2;
+ }
+ return 8;
case CKM_RC5_CBC:
case CKM_RC5_CBC_PAD:
- if ((params) && (params->data)) {
- rc5_cbc_params = (CK_RC5_CBC_PARAMS *) params->data;
- return (rc5_cbc_params->ulWordsize)*2;
- }
- return 8;
+ if ((params) && (params->data)) {
+ rc5_cbc_params = (CK_RC5_CBC_PARAMS *)params->data;
+ return (rc5_cbc_params->ulWordsize) * 2;
+ }
+ return 8;
case CKM_DES_ECB:
case CKM_DES3_ECB:
case CKM_RC2_ECB:
case CKM_IDEA_ECB:
case CKM_CAST_ECB:
case CKM_CAST3_ECB:
case CKM_CAST5_ECB:
case CKM_RC2_CBC:
@@ -671,21 +648,21 @@ PK11_GetBlockSize(CK_MECHANISM_TYPE type
case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
case CKM_PBE_SHA1_RC2_40_CBC:
case CKM_PBE_SHA1_RC2_128_CBC:
case CKM_PBE_SHA1_DES3_EDE_CBC:
case CKM_PBE_SHA1_DES2_EDE_CBC:
- return 8;
+ return 8;
case CKM_SKIPJACK_CFB32:
case CKM_SKIPJACK_CFB16:
case CKM_SKIPJACK_CFB8:
- return 4;
+ return 4;
case CKM_SEED_ECB:
case CKM_SEED_CBC:
case CKM_SEED_CBC_PAD:
case CKM_CAMELLIA_ECB:
case CKM_CAMELLIA_CBC:
case CKM_CAMELLIA_CBC_PAD:
case CKM_AES_ECB:
case CKM_AES_CBC:
@@ -693,56 +670,54 @@ PK11_GetBlockSize(CK_MECHANISM_TYPE type
case CKM_BATON_ECB128:
case CKM_BATON_CBC128:
case CKM_BATON_COUNTER:
case CKM_BATON_SHUFFLE:
case CKM_JUNIPER_ECB128:
case CKM_JUNIPER_CBC128:
case CKM_JUNIPER_COUNTER:
case CKM_JUNIPER_SHUFFLE:
- return 16;
+ return 16;
case CKM_BATON_ECB96:
- return 12;
+ return 12;
case CKM_RC4:
case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
case CKM_PBE_SHA1_RC4_40:
case CKM_PBE_SHA1_RC4_128:
- return 0;
+ return 0;
case CKM_RSA_PKCS:
case CKM_RSA_9796:
case CKM_RSA_X_509:
- /*actually it's the modulus length of the key!*/
- return -1; /* failure */
+ /*actually it's the modulus length of the key!*/
+ return -1; /* failure */
default:
- return pk11_lookup(type)->blockSize;
- }
+ return pk11_lookup(type)->blockSize;
+ }
}
/*
* get the iv length
*/
-int
-PK11_GetIVLength(CK_MECHANISM_TYPE type)
-{
- switch (type) {
+int PK11_GetIVLength(CK_MECHANISM_TYPE type) {
+ switch (type) {
case CKM_SEED_ECB:
case CKM_CAMELLIA_ECB:
case CKM_AES_ECB:
case CKM_DES_ECB:
case CKM_DES3_ECB:
case CKM_RC2_ECB:
case CKM_IDEA_ECB:
case CKM_SKIPJACK_WRAP:
case CKM_BATON_WRAP:
case CKM_RC5_ECB:
case CKM_CAST_ECB:
case CKM_CAST3_ECB:
case CKM_CAST5_ECB:
- return 0;
+ return 0;
case CKM_RC2_CBC:
case CKM_DES_CBC:
case CKM_DES3_CBC:
case CKM_IDEA_CBC:
case CKM_PBE_MD2_DES_CBC:
case CKM_PBE_MD5_DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
@@ -760,141 +735,139 @@ PK11_GetIVLength(CK_MECHANISM_TYPE type)
case CKM_RC2_CBC_PAD:
case CKM_DES_CBC_PAD:
case CKM_DES3_CBC_PAD:
case CKM_IDEA_CBC_PAD:
case CKM_RC5_CBC_PAD:
case CKM_CAST_CBC_PAD:
case CKM_CAST3_CBC_PAD:
case CKM_CAST5_CBC_PAD:
- return 8;
+ return 8;
case CKM_SEED_CBC:
case CKM_SEED_CBC_PAD:
case CKM_CAMELLIA_CBC:
case CKM_CAMELLIA_CBC_PAD:
case CKM_AES_CBC:
case CKM_AES_CBC_PAD:
- return 16;
+ return 16;
case CKM_SKIPJACK_CBC64:
case CKM_SKIPJACK_ECB64:
case CKM_SKIPJACK_OFB64:
case CKM_SKIPJACK_CFB64:
case CKM_SKIPJACK_CFB32:
case CKM_SKIPJACK_CFB16:
case CKM_SKIPJACK_CFB8:
case CKM_BATON_ECB128:
case CKM_BATON_ECB96:
case CKM_BATON_CBC128:
case CKM_BATON_COUNTER:
case CKM_BATON_SHUFFLE:
case CKM_JUNIPER_ECB128:
case CKM_JUNIPER_CBC128:
case CKM_JUNIPER_COUNTER:
case CKM_JUNIPER_SHUFFLE:
- return 24;
+ return 24;
case CKM_RC4:
case CKM_RSA_PKCS:
case CKM_RSA_9796:
case CKM_RSA_X_509:
case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
case CKM_PBE_SHA1_RC4_40:
case CKM_PBE_SHA1_RC4_128:
- return 0;
+ return 0;
default:
- return pk11_lookup(type)->iv;
- }
+ return pk11_lookup(type)->iv;
+ }
}
-
/* These next two utilities are here to help facilitate future
* Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions
* like SSL and S-MIME to automatically add them.
*/
-SECItem *
-pk11_ParamFromIVWithLen(CK_MECHANISM_TYPE type, SECItem *iv, int keyLen)
-{
- CK_RC2_CBC_PARAMS *rc2_params = NULL;
- CK_RC2_PARAMS *rc2_ecb_params = NULL;
- CK_RC5_PARAMS *rc5_params = NULL;
- CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL;
- SECItem *param;
+SECItem *pk11_ParamFromIVWithLen(CK_MECHANISM_TYPE type, SECItem *iv,
+ int keyLen) {
+ CK_RC2_CBC_PARAMS *rc2_params = NULL;
+ CK_RC2_PARAMS *rc2_ecb_params = NULL;
+ CK_RC5_PARAMS *rc5_params = NULL;
+ CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL;
+ SECItem *param;
- param = (SECItem *)PORT_Alloc(sizeof(SECItem));
- if (param == NULL) return NULL;
- param->data = NULL;
- param->len = 0;
- param->type = 0;
- switch (type) {
+ param = (SECItem *)PORT_Alloc(sizeof(SECItem));
+ if (param == NULL) return NULL;
+ param->data = NULL;
+ param->len = 0;
+ param->type = 0;
+ switch (type) {
case CKM_SEED_ECB:
case CKM_CAMELLIA_ECB:
case CKM_AES_ECB:
case CKM_DES_ECB:
case CKM_DES3_ECB:
case CKM_RSA_PKCS:
case CKM_RSA_X_509:
case CKM_RSA_9796:
case CKM_IDEA_ECB:
case CKM_CDMF_ECB:
case CKM_CAST_ECB:
case CKM_CAST3_ECB:
case CKM_CAST5_ECB:
case CKM_RC4:
- break;
+ break;
case CKM_RC2_ECB:
- rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
- if (rc2_ecb_params == NULL) break;
- /* Maybe we should pass the key size in too to get this value? */
- *rc2_ecb_params = keyLen ? keyLen*8 : 128;
- param->data = (unsigned char *) rc2_ecb_params;
- param->len = sizeof(CK_RC2_PARAMS);
- break;
+ rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
+ if (rc2_ecb_params == NULL) break;
+ /* Maybe we should pass the key size in too to get this value? */
+ *rc2_ecb_params = keyLen ? keyLen * 8 : 128;
+ param->data = (unsigned char *)rc2_ecb_params;
+ param->len = sizeof(CK_RC2_PARAMS);
+ break;
case CKM_RC2_CBC:
case CKM_RC2_CBC_PAD:
- rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
- if (rc2_params == NULL) break;
- /* Maybe we should pass the key size in too to get this value? */
- rc2_params->ulEffectiveBits = keyLen ? keyLen*8 : 128;
- if (iv && iv->data)
- PORT_Memcpy(rc2_params->iv,iv->data,sizeof(rc2_params->iv));
- param->data = (unsigned char *) rc2_params;
- param->len = sizeof(CK_RC2_CBC_PARAMS);
- break;
+ rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
+ if (rc2_params == NULL) break;
+ /* Maybe we should pass the key size in too to get this value? */
+ rc2_params->ulEffectiveBits = keyLen ? keyLen * 8 : 128;
+ if (iv && iv->data)
+ PORT_Memcpy(rc2_params->iv, iv->data, sizeof(rc2_params->iv));
+ param->data = (unsigned char *)rc2_params;
+ param->len = sizeof(CK_RC2_CBC_PARAMS);
+ break;
case CKM_RC5_CBC:
case CKM_RC5_CBC_PAD:
- rc5_cbc_params = (CK_RC5_CBC_PARAMS *)
- PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + ((iv) ? iv->len : 0));
- if (rc5_cbc_params == NULL) break;
- if (iv && iv->data && iv->len) {
- rc5_cbc_params->pIv = ((CK_BYTE_PTR) rc5_cbc_params)
- + sizeof(CK_RC5_CBC_PARAMS);
- PORT_Memcpy(rc5_cbc_params->pIv,iv->data,iv->len);
- rc5_cbc_params->ulIvLen = iv->len;
- rc5_cbc_params->ulWordsize = iv->len/2;
- } else {
- rc5_cbc_params->ulWordsize = 4;
- rc5_cbc_params->pIv = NULL;
- rc5_cbc_params->ulIvLen = 0;
- }
- rc5_cbc_params->ulRounds = 16;
- param->data = (unsigned char *) rc5_cbc_params;
- param->len = sizeof(CK_RC5_CBC_PARAMS);
- break;
+ rc5_cbc_params = (CK_RC5_CBC_PARAMS *)PORT_Alloc(
+ sizeof(CK_RC5_CBC_PARAMS) + ((iv) ? iv->len : 0));
+ if (rc5_cbc_params == NULL) break;
+ if (iv && iv->data && iv->len) {
+ rc5_cbc_params->pIv =
+ ((CK_BYTE_PTR)rc5_cbc_params) + sizeof(CK_RC5_CBC_PARAMS);
+ PORT_Memcpy(rc5_cbc_params->pIv, iv->data, iv->len);
+ rc5_cbc_params->ulIvLen = iv->len;
+ rc5_cbc_params->ulWordsize = iv->len / 2;
+ } else {
+ rc5_cbc_params->ulWordsize = 4;
+ rc5_cbc_params->pIv = NULL;
+ rc5_cbc_params->ulIvLen = 0;
+ }
+ rc5_cbc_params->ulRounds = 16;
+ param->data = (unsigned char *)rc5_cbc_params;
+ param->len = sizeof(CK_RC5_CBC_PARAMS);
+ break;
case CKM_RC5_ECB:
- rc5_params = (CK_RC5_PARAMS *)PORT_Alloc(sizeof(CK_RC5_PARAMS));
- if (rc5_params == NULL) break;
- if (iv && iv->data && iv->len) {
- rc5_params->ulWordsize = iv->len/2;
- } else {
- rc5_params->ulWordsize = 4;
- }
- rc5_params->ulRounds = 16;
- param->data = (unsigned char *) rc5_params;
- param->len = sizeof(CK_RC5_PARAMS);
- break;
+ rc5_params = (CK_RC5_PARAMS *)PORT_Alloc(sizeof(CK_RC5_PARAMS));
+ if (rc5_params == NULL) break;
+ if (iv && iv->data && iv->len) {
+ rc5_params->ulWordsize = iv->len / 2;
+ } else {
+ rc5_params->ulWordsize = 4;
+ }
+ rc5_params->ulRounds = 16;
+ param->data = (unsigned char *)rc5_params;
+ param->len = sizeof(CK_RC5_PARAMS);
+ break;
case CKM_SEED_CBC:
case CKM_CAMELLIA_CBC:
case CKM_AES_CBC:
case CKM_DES_CBC:
case CKM_DES3_CBC:
case CKM_IDEA_CBC:
case CKM_CDMF_CBC:
@@ -921,86 +894,83 @@ pk11_ParamFromIVWithLen(CK_MECHANISM_TYP
case CKM_BATON_ECB96:
case CKM_BATON_CBC128:
case CKM_BATON_COUNTER:
case CKM_BATON_SHUFFLE:
case CKM_JUNIPER_ECB128:
case CKM_JUNIPER_CBC128:
case CKM_JUNIPER_COUNTER:
case CKM_JUNIPER_SHUFFLE:
- if ((iv == NULL) || (iv->data == NULL)) break;
- param->data = (unsigned char*)PORT_Alloc(iv->len);
- if (param->data != NULL) {
- PORT_Memcpy(param->data,iv->data,iv->len);
- param->len = iv->len;
- }
- break;
- /* unknown mechanism, pass IV in if it's there */
- default:
- if (pk11_lookup(type)->iv == 0) {
- break;
- }
- if ((iv == NULL) || (iv->data == NULL)) {
- break;
- }
- param->data = (unsigned char*)PORT_Alloc(iv->len);
- if (param->data != NULL) {
- PORT_Memcpy(param->data,iv->data,iv->len);
- param->len = iv->len;
- }
- break;
- }
- return param;
+ if ((iv == NULL) || (iv->data == NULL)) break;
+ param->data = (unsigned char *)PORT_Alloc(iv->len);
+ if (param->data != NULL) {
+ PORT_Memcpy(param->data, iv->data, iv->len);
+ param->len = iv->len;
+ }
+ break;
+ /* unknown mechanism, pass IV in if it's there */
+ default:
+ if (pk11_lookup(type)->iv == 0) {
+ break;
+ }
+ if ((iv == NULL) || (iv->data == NULL)) {
+ break;
+ }
+ param->data = (unsigned char *)PORT_Alloc(iv->len);
+ if (param->data != NULL) {
+ PORT_Memcpy(param->data, iv->data, iv->len);
+ param->len = iv->len;
+ }
+ break;
+ }
+ return param;
}
/* These next two utilities are here to help facilitate future
* Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions
* like SSL and S-MIME to automatically add them.
*/
-SECItem *
-PK11_ParamFromIV(CK_MECHANISM_TYPE type,SECItem *iv)
-{
- return pk11_ParamFromIVWithLen(type, iv, 0);
+SECItem *PK11_ParamFromIV(CK_MECHANISM_TYPE type, SECItem *iv) {
+ return pk11_ParamFromIVWithLen(type, iv, 0);
}
-unsigned char *
-PK11_IVFromParam(CK_MECHANISM_TYPE type,SECItem *param,int *len)
-{
- CK_RC2_CBC_PARAMS *rc2_params;
- CK_RC5_CBC_PARAMS *rc5_cbc_params;
+unsigned char *PK11_IVFromParam(CK_MECHANISM_TYPE type, SECItem *param,
+ int *len) {
+ CK_RC2_CBC_PARAMS *rc2_params;
+ CK_RC5_CBC_PARAMS *rc5_cbc_params;
- *len = 0;
- switch (type) {
+ *len = 0;
+ switch (type) {
case CKM_SEED_ECB:
case CKM_CAMELLIA_ECB:
case CKM_AES_ECB:
case CKM_DES_ECB:
case CKM_DES3_ECB:
case CKM_RSA_PKCS:
case CKM_RSA_X_509:
case CKM_RSA_9796:
case CKM_IDEA_ECB:
case CKM_CDMF_ECB:
case CKM_CAST_ECB:
case CKM_CAST3_ECB:
case CKM_CAST5_ECB:
case CKM_RC4:
- return NULL;
+ return NULL;
case CKM_RC2_ECB:
- return NULL;
+ return NULL;
case CKM_RC2_CBC:
case CKM_RC2_CBC_PAD:
- rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
- *len = sizeof(rc2_params->iv);
- return &rc2_params->iv[0];
+ rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
+ *len = sizeof(rc2_params->iv);
+ return &rc2_params->iv[0];
case CKM_RC5_CBC:
case CKM_RC5_CBC_PAD:
- rc5_cbc_params = (CK_RC5_CBC_PARAMS *) param->data;
- *len = rc5_cbc_params->ulIvLen;
- return rc5_cbc_params->pIv;
+ rc5_cbc_params = (CK_RC5_CBC_PARAMS *)param->data;
+ *len = rc5_cbc_params->ulIvLen;
+ return rc5_cbc_params->pIv;
case CKM_SEED_CBC:
case CKM_CAMELLIA_CBC:
case CKM_AES_CBC:
case CKM_DES_CBC:
case CKM_DES3_CBC:
case CKM_IDEA_CBC:
case CKM_CDMF_CBC:
case CKM_CAST_CBC:
@@ -1026,258 +996,242 @@ PK11_IVFromParam(CK_MECHANISM_TYPE type,
case CKM_BATON_ECB96:
case CKM_BATON_CBC128:
case CKM_BATON_COUNTER:
case CKM_BATON_SHUFFLE:
case CKM_JUNIPER_ECB128:
case CKM_JUNIPER_CBC128:
case CKM_JUNIPER_COUNTER:
case CKM_JUNIPER_SHUFFLE:
- break;
- /* unknown mechanism, pass IV in if it's there */
- default:
- break;
- }
- if (param->data) {
- *len = param->len;
- }
- return param->data;
+ break;
+ /* unknown mechanism, pass IV in if it's there */
+ default:
+ break;
+ }
+ if (param->data) {
+ *len = param->len;
+ }
+ return param->data;
}
typedef struct sec_rc5cbcParameterStr {
- SECItem version;
- SECItem rounds;
- SECItem blockSizeInBits;
- SECItem iv;
+ SECItem version;
+ SECItem rounds;
+ SECItem blockSizeInBits;
+ SECItem iv;
} sec_rc5cbcParameter;
static const SEC_ASN1Template sec_rc5ecb_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc5cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,version) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,rounds) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,blockSizeInBits) },
- { 0 }
-};
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_rc5cbcParameter)},
+ {SEC_ASN1_INTEGER, offsetof(sec_rc5cbcParameter, version)},
+ {SEC_ASN1_INTEGER, offsetof(sec_rc5cbcParameter, rounds)},
+ {SEC_ASN1_INTEGER, offsetof(sec_rc5cbcParameter, blockSizeInBits)},
+ {0}};
static const SEC_ASN1Template sec_rc5cbc_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc5cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,version) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,rounds) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc5cbcParameter,blockSizeInBits) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(sec_rc5cbcParameter,iv) },
- { 0 }
-};
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_rc5cbcParameter)},
+ {SEC_ASN1_INTEGER, offsetof(sec_rc5cbcParameter, version)},
+ {SEC_ASN1_INTEGER, offsetof(sec_rc5cbcParameter, rounds)},
+ {SEC_ASN1_INTEGER, offsetof(sec_rc5cbcParameter, blockSizeInBits)},
+ {SEC_ASN1_OCTET_STRING, offsetof(sec_rc5cbcParameter, iv)},
+ {0}};
typedef struct sec_rc2cbcParameterStr {
- SECItem rc2ParameterVersion;
- SECItem iv;
+ SECItem rc2ParameterVersion;
+ SECItem iv;
} sec_rc2cbcParameter;
static const SEC_ASN1Template sec_rc2cbc_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc2cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc2cbcParameter,rc2ParameterVersion) },
- { SEC_ASN1_OCTET_STRING,
- offsetof(sec_rc2cbcParameter,iv) },
- { 0 }
-};
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_rc2cbcParameter)},
+ {SEC_ASN1_INTEGER, offsetof(sec_rc2cbcParameter, rc2ParameterVersion)},
+ {SEC_ASN1_OCTET_STRING, offsetof(sec_rc2cbcParameter, iv)},
+ {0}};
static const SEC_ASN1Template sec_rc2ecb_parameter_template[] = {
- { SEC_ASN1_SEQUENCE,
- 0, NULL, sizeof(sec_rc2cbcParameter) },
- { SEC_ASN1_INTEGER,
- offsetof(sec_rc2cbcParameter,rc2ParameterVersion) },
- { 0 }
-};
+ {SEC_ASN1_SEQUENCE, 0, NULL, sizeof(sec_rc2cbcParameter)},
+ {SEC_ASN1_INTEGER, offsetof(sec_rc2cbcParameter, rc2ParameterVersion)},
+ {0}};
/* S/MIME picked id values to represent differnt keysizes */
/* I do have a formula, but it ain't pretty, and it only works because you
* can always match three points to a parabola:) */
-static unsigned char rc2_map(SECItem *version)
-{
- long x;
+static unsigned char rc2_map(SECItem *version) {
+ long x;
- x = DER_GetInteger(version);
-
- switch (x) {
- case 58: return 128;
- case 120: return 64;
- case 160: return 40;
- }
- return 128;
+ x = DER_GetInteger(version);
+
+ switch (x) {
+ case 58:
+ return 128;
+ case 120:
+ return 64;
+ case 160:
+ return 40;
+ }
+ return 128;
}
-static unsigned long rc2_unmap(unsigned long x)
-{
- switch (x) {
- case 128: return 58;
- case 64: return 120;
- case 40: return 160;
- }
- return 58;
+static unsigned long rc2_unmap(unsigned long x) {
+ switch (x) {
+ case 128:
+ return 58;
+ case 64:
+ return 120;
+ case 40:
+ return 160;
+ }
+ return 58;
}
+/* Generate a mechaism param from a type, and iv. */
+SECItem *PK11_ParamFromAlgid(SECAlgorithmID *algid) {
+ CK_RC2_CBC_PARAMS *rc2_cbc_params = NULL;
+ CK_RC2_PARAMS *rc2_ecb_params = NULL;
+ CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL;
+ CK_RC5_PARAMS *rc5_ecb_params = NULL;
+ PLArenaPool *arena = NULL;
+ SECItem *mech = NULL;
+ SECOidTag algtag;
+ SECStatus rv;
+ CK_MECHANISM_TYPE type;
+ /* initialize these to prevent UMRs in the ASN1 decoder. */
+ SECItem iv = {siBuffer, NULL, 0};
+ sec_rc2cbcParameter rc2 = {{siBuffer, NULL, 0}, {siBuffer, NULL, 0}};
+ sec_rc5cbcParameter rc5 = {{siBuffer, NULL, 0},
+ {siBuffer, NULL, 0},
+ {siBuffer, NULL, 0},
+ {siBuffer, NULL, 0}};
+ algtag = SECOID_GetAlgorithmTag(algid);
+ type = PK11_AlgtagToMechanism(algtag);
-/* Generate a mechaism param from a type, and iv. */
-SECItem *
-PK11_ParamFromAlgid(SECAlgorithmID *algid)
-{
- CK_RC2_CBC_PARAMS * rc2_cbc_params = NULL;
- CK_RC2_PARAMS * rc2_ecb_params = NULL;
- CK_RC5_CBC_PARAMS * rc5_cbc_params = NULL;
- CK_RC5_PARAMS * rc5_ecb_params = NULL;
- PLArenaPool * arena = NULL;
- SECItem * mech = NULL;
- SECOidTag algtag;
- SECStatus rv;
- CK_MECHANISM_TYPE type;
- /* initialize these to prevent UMRs in the ASN1 decoder. */
- SECItem iv = {siBuffer, NULL, 0};
- sec_rc2cbcParameter rc2 = { {siBuffer, NULL, 0}, {siBuffer, NULL, 0} };
- sec_rc5cbcParameter rc5 = { {siBuffer, NULL, 0}, {siBuffer, NULL, 0},
- {siBuffer, NULL, 0}, {siBuffer, NULL, 0} };
+ mech = PORT_New(SECItem);
+ if (mech == NULL) {
+ return NULL;
+ }
+ mech->type = siBuffer;
+ mech->data = NULL;
+ mech->len = 0;
- algtag = SECOID_GetAlgorithmTag(algid);
- type = PK11_AlgtagToMechanism(algtag);
+ arena = PORT_NewArena(1024);
+ if (!arena) {
+ goto loser;
+ }
- mech = PORT_New(SECItem);
- if (mech == NULL) {
- return NULL;
- }
- mech->type = siBuffer;
- mech->data = NULL;
- mech->len = 0;
-
- arena = PORT_NewArena(1024);
- if (!arena) {
- goto loser;
- }
-
- /* handle the complicated cases */
- switch (type) {
+ /* handle the complicated cases */
+ switch (type) {
case CKM_RC2_ECB:
- rv = SEC_ASN1DecodeItem(arena, &rc2 ,sec_rc2ecb_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- goto loser;
- }
- rc2_ecb_params = PORT_New(CK_RC2_PARAMS);
- if (rc2_ecb_params == NULL) {
- goto loser;
- }
- *rc2_ecb_params = rc2_map(&rc2.rc2ParameterVersion);
- mech->data = (unsigned char *) rc2_ecb_params;
- mech->len = sizeof *rc2_ecb_params;
- break;
+ rv = SEC_ASN1DecodeItem(arena, &rc2, sec_rc2ecb_parameter_template,
+ &(algid->parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rc2_ecb_params = PORT_New(CK_RC2_PARAMS);
+ if (rc2_ecb_params == NULL) {
+ goto loser;
+ }
+ *rc2_ecb_params = rc2_map(&rc2.rc2ParameterVersion);
+ mech->data = (unsigned char *)rc2_ecb_params;
+ mech->len = sizeof *rc2_ecb_params;
+ break;
case CKM_RC2_CBC:
case CKM_RC2_CBC_PAD:
- rv = SEC_ASN1DecodeItem(arena, &rc2 ,sec_rc2cbc_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- goto loser;
- }
- rc2_cbc_params = PORT_New(CK_RC2_CBC_PARAMS);
- if (rc2_cbc_params == NULL) {
- goto loser;
- }
- mech->data = (unsigned char *) rc2_cbc_params;
- mech->len = sizeof *rc2_cbc_params;
- rc2_cbc_params->ulEffectiveBits = rc2_map(&rc2.rc2ParameterVersion);
- if (rc2.iv.len != sizeof rc2_cbc_params->iv) {
- PORT_SetError(SEC_ERROR_INPUT_LEN);
- goto loser;
- }
- PORT_Memcpy(rc2_cbc_params->iv, rc2.iv.data, rc2.iv.len);
- break;
+ rv = SEC_ASN1DecodeItem(arena, &rc2, sec_rc2cbc_parameter_template,
+ &(algid->parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rc2_cbc_params = PORT_New(CK_RC2_CBC_PARAMS);
+ if (rc2_cbc_params == NULL) {
+ goto loser;
+ }
+ mech->data = (unsigned char *)rc2_cbc_params;
+ mech->len = sizeof *rc2_cbc_params;
+ rc2_cbc_params->ulEffectiveBits = rc2_map(&rc2.rc2ParameterVersion);
+ if (rc2.iv.len != sizeof rc2_cbc_params->iv) {
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
+ goto loser;
+ }
+ PORT_Memcpy(rc2_cbc_params->iv, rc2.iv.data, rc2.iv.len);
+ break;
case CKM_RC5_ECB:
- rv = SEC_ASN1DecodeItem(arena, &rc5 ,sec_rc5ecb_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- goto loser;
- }
- rc5_ecb_params = PORT_New(CK_RC5_PARAMS);
- if (rc5_ecb_params == NULL) {
- goto loser;
- }
- rc5_ecb_params->ulRounds = DER_GetInteger(&rc5.rounds);
- rc5_ecb_params->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits)/8;
- mech->data = (unsigned char *) rc5_ecb_params;
- mech->len = sizeof *rc5_ecb_params;
- break;
+ rv = SEC_ASN1DecodeItem(arena, &rc5, sec_rc5ecb_parameter_template,
+ &(algid->parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rc5_ecb_params = PORT_New(CK_RC5_PARAMS);
+ if (rc5_ecb_params == NULL) {
+ goto loser;
+ }
+ rc5_ecb_params->ulRounds = DER_GetInteger(&rc5.rounds);
+ rc5_ecb_params->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits) / 8;
+ mech->data = (unsigned char *)rc5_ecb_params;
+ mech->len = sizeof *rc5_ecb_params;
+ break;
case CKM_RC5_CBC:
case CKM_RC5_CBC_PAD:
- rv = SEC_ASN1DecodeItem(arena, &rc5 ,sec_rc5cbc_parameter_template,
- &(algid->parameters));
- if (rv != SECSuccess) {
- goto loser;
- }
- rc5_cbc_params = (CK_RC5_CBC_PARAMS *)
- PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + rc5.iv.len);
- if (rc5_cbc_params == NULL) {
- goto loser;
- }
- mech->data = (unsigned char *) rc5_cbc_params;
- mech->len = sizeof *rc5_cbc_params;
- rc5_cbc_params->ulRounds = DER_GetInteger(&rc5.rounds);
- rc5_cbc_params->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits)/8;
- rc5_cbc_params->pIv = ((CK_BYTE_PTR)rc5_cbc_params)
- + sizeof(CK_RC5_CBC_PARAMS);
- rc5_cbc_params->ulIvLen = rc5.iv.len;
- PORT_Memcpy(rc5_cbc_params->pIv, rc5.iv.data, rc5.iv.len);
- break;
+ rv = SEC_ASN1DecodeItem(arena, &rc5, sec_rc5cbc_parameter_template,
+ &(algid->parameters));
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ rc5_cbc_params = (CK_RC5_CBC_PARAMS *)PORT_Alloc(
+ sizeof(CK_RC5_CBC_PARAMS) + rc5.iv.len);
+ if (rc5_cbc_params == NULL) {
+ goto loser;
+ }
+ mech->data = (unsigned char *)rc5_cbc_params;
+ mech->len = sizeof *rc5_cbc_params;
+ rc5_cbc_params->ulRounds = DER_GetInteger(&rc5.rounds);
+ rc5_cbc_params->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits) / 8;
+ rc5_cbc_params->pIv =
+ ((CK_BYTE_PTR)rc5_cbc_params) + sizeof(CK_RC5_CBC_PARAMS);
+ rc5_cbc_params->ulIvLen = rc5.iv.len;
+ PORT_Memcpy(rc5_cbc_params->pIv, rc5.iv.data, rc5.iv.len);
+ break;
case CKM_PBE_MD2_DES_CBC:
case CKM_PBE_MD5_DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
case CKM_PBE_SHA1_DES2_EDE_CBC:
case CKM_PBE_SHA1_DES3_EDE_CBC:
case CKM_PBE_SHA1_RC2_40_CBC:
case CKM_PBE_SHA1_RC2_128_CBC:
case CKM_PBE_SHA1_RC4_40:
case CKM_PBE_SHA1_RC4_128:
case CKM_PKCS5_PBKD2:
- rv = pbe_PK11AlgidToParam(algid,mech);
- if (rv != SECSuccess) {
- goto loser;
- }
- break;
+ rv = pbe_PK11AlgidToParam(algid, mech);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ break;
case CKM_RC4:
case CKM_SEED_ECB:
case CKM_CAMELLIA_ECB:
case CKM_AES_ECB:
case CKM_DES_ECB:
case CKM_DES3_ECB:
case CKM_IDEA_ECB:
case CKM_CDMF_ECB:
case CKM_CAST_ECB:
case CKM_CAST3_ECB:
case CKM_CAST5_ECB:
- break;
+ break;
default:
- if (pk11_lookup(type)->iv == 0) {
- break;
- }
- /* FALL THROUGH */
+ if (pk11_lookup(type)->iv == 0) {
+ break;
+ }
+ /* FALL THROUGH */
case CKM_SEED_CBC:
case CKM_CAMELLIA_CBC:
case CKM_AES_CBC:
case CKM_DES_CBC:
case CKM_DES3_CBC:
case CKM_IDEA_CBC:
case CKM_CDMF_CBC:
case CKM_CAST_CBC:
@@ -1304,153 +1258,147 @@ PK11_ParamFromAlgid(SECAlgorithmID *algi
case CKM_BATON_ECB96:
case CKM_BATON_CBC128:
case CKM_BATON_COUNTER:
case CKM_BATON_SHUFFLE:
case CKM_JUNIPER_ECB128:
case CKM_JUNIPER_CBC128:
case CKM_JUNIPER_COUNTER:
case CKM_JUNIPER_SHUFFLE:
- /* simple cases are simply octet string encoded IVs */
- rv = SEC_ASN1DecodeItem(arena, &iv,
- SEC_ASN1_GET(SEC_OctetStringTemplate),
- &(algid->parameters));
- if (rv != SECSuccess || iv.data == NULL) {
- goto loser;
- }
- /* XXX Should be some IV length sanity check here. */
- mech->data = (unsigned char*)PORT_Alloc(iv.len);
- if (mech->data == NULL) {
- goto loser;
- }
- PORT_Memcpy(mech->data, iv.data, iv.len);
- mech->len = iv.len;
- break;
- }
- PORT_FreeArena(arena, PR_FALSE);
- return mech;
+ /* simple cases are simply octet string encoded IVs */
+ rv = SEC_ASN1DecodeItem(arena, &iv, SEC_ASN1_GET(SEC_OctetStringTemplate),
+ &(algid->parameters));
+ if (rv != SECSuccess || iv.data == NULL) {
+ goto loser;
+ }
+ /* XXX Should be some IV length sanity check here. */
+ mech->data = (unsigned char *)PORT_Alloc(iv.len);
+ if (mech->data == NULL) {
+ goto loser;
+ }
+ PORT_Memcpy(mech->data, iv.data, iv.len);
+ mech->len = iv.len;
+ break;
+ }
+ PORT_FreeArena(arena, PR_FALSE);
+ return mech;
loser:
- if (arena)
- PORT_FreeArena(arena, PR_FALSE);
- SECITEM_FreeItem(mech,PR_TRUE);
- return NULL;
+ if (arena) PORT_FreeArena(arena, PR_FALSE);
+ SECITEM_FreeItem(mech, PR_TRUE);
+ return NULL;
}
/*
- * Generate an IV for the given mechanism
+ * Generate an IV for the given mechanism
*/
-static SECStatus
-pk11_GenIV(CK_MECHANISM_TYPE type, SECItem *iv) {
- int iv_size = PK11_GetIVLength(type);
- SECStatus rv;
+static SECStatus pk11_GenIV(CK_MECHANISM_TYPE type, SECItem *iv) {
+ int iv_size = PK11_GetIVLength(type);
+ SECStatus rv;
- iv->len = iv_size;
- if (iv_size == 0) {
- iv->data = NULL;
- return SECSuccess;
- }
+ iv->len = iv_size;
+ if (iv_size == 0) {
+ iv->data = NULL;
+ return SECSuccess;
+ }
- iv->data = (unsigned char *) PORT_Alloc(iv_size);
- if (iv->data == NULL) {
- iv->len = 0;
- return SECFailure;
- }
+ iv->data = (unsigned char *)PORT_Alloc(iv_size);
+ if (iv->data == NULL) {
+ iv->len = 0;
+ return SECFailure;
+ }
- rv = PK11_GenerateRandom(iv->data,iv->len);
- if (rv != SECSuccess) {
- PORT_Free(iv->data);
- iv->data = NULL; iv->len = 0;
- return SECFailure;
- }
- return SECSuccess;
+ rv = PK11_GenerateRandom(iv->data, iv->len);
+ if (rv != SECSuccess) {
+ PORT_Free(iv->data);
+ iv->data = NULL;
+ iv->len = 0;
+ return SECFailure;
+ }
+ return SECSuccess;
}
-
/*
* create a new parameter block from the passed in MECHANISM and the
* key. Use Netscape's S/MIME Rules for the New param block.
*/
-SECItem *
-pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen)
-{
- CK_RC2_CBC_PARAMS *rc2_params;
- CK_RC2_PARAMS *rc2_ecb_params;
- SECItem *mech;
- SECItem iv;
- SECStatus rv;
+SECItem *pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen) {
+ CK_RC2_CBC_PARAMS *rc2_params;
+ CK_RC2_PARAMS *rc2_ecb_params;
+ SECItem *mech;
+ SECItem iv;
+ SECStatus rv;
- mech = (SECItem *) PORT_Alloc(sizeof(SECItem));
- if (mech == NULL) return NULL;
+ mech = (SECItem *)PORT_Alloc(sizeof(SECItem));
+ if (mech == NULL) return NULL;
- rv = SECSuccess;
- mech->type = siBuffer;
- mech->data = NULL;
- mech->len = 0;
- switch (type) {
+ rv = SECSuccess;
+ mech->type = siBuffer;
+ mech->data = NULL;
+ mech->len = 0;
+ switch (type) {
case CKM_RC4:
case CKM_SEED_ECB:
case CKM_CAMELLIA_ECB:
case CKM_AES_ECB:
case CKM_DES_ECB:
case CKM_DES3_ECB:
case CKM_IDEA_ECB:
case CKM_CDMF_ECB:
case CKM_CAST_ECB:
case CKM_CAST3_ECB:
case CKM_CAST5_ECB:
- break;
+ break;
case CKM_RC2_ECB:
- rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
- if (rc2_ecb_params == NULL) {
- rv = SECFailure;
- break;
- }
- /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
- * or RC4 key. Of course that wouldn't happen here doing RC2:).*/
- *rc2_ecb_params = keyLen ? keyLen*8 : 128;
- mech->data = (unsigned char *) rc2_ecb_params;
- mech->len = sizeof(CK_RC2_PARAMS);
- break;
+ rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS));
+ if (rc2_ecb_params == NULL) {
+ rv = SECFailure;
+ break;
+ }
+ /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
+ * or RC4 key. Of course that wouldn't happen here doing RC2:).*/
+ *rc2_ecb_params = keyLen ? keyLen * 8 : 128;
+ mech->data = (unsigned char *)rc2_ecb_params;
+ mech->len = sizeof(CK_RC2_PARAMS);
+ break;
case CKM_RC2_CBC:
case CKM_RC2_CBC_PAD:
- rv = pk11_GenIV(type,&iv);
- if (rv != SECSuccess) {
- break;
- }
- rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
- if (rc2_params == NULL) {
- PORT_Free(iv.data);
- rv = SECFailure;
- break;
- }
- /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
- * or RC4 key. Of course that wouldn't happen here doing RC2:).*/
- rc2_params->ulEffectiveBits = keyLen ? keyLen*8 : 128;
- if (iv.data)
- PORT_Memcpy(rc2_params->iv,iv.data,sizeof(rc2_params->iv));
- mech->data = (unsigned char *) rc2_params;
- mech->len = sizeof(CK_RC2_CBC_PARAMS);
- PORT_Free(iv.data);
- break;
+ rv = pk11_GenIV(type, &iv);
+ if (rv != SECSuccess) {
+ break;
+ }
+ rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS));
+ if (rc2_params == NULL) {
+ PORT_Free(iv.data);
+ rv = SECFailure;
+ break;
+ }
+ /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5,
+ * or RC4 key. Of course that wouldn't happen here doing RC2:).*/
+ rc2_params->ulEffectiveBits = keyLen ? keyLen * 8 : 128;
+ if (iv.data) PORT_Memcpy(rc2_params->iv, iv.data, sizeof(rc2_params->iv));
+ mech->data = (unsigned char *)rc2_params;
+ mech->len = sizeof(CK_RC2_CBC_PARAMS);
+ PORT_Free(iv.data);
+ break;
case CKM_RC5_ECB:
- PORT_Free(mech);
- return PK11_ParamFromIV(type,NULL);
+ PORT_Free(mech);
+ return PK11_ParamFromIV(type, NULL);
case CKM_RC5_CBC:
case CKM_RC5_CBC_PAD:
- rv = pk11_GenIV(type,&iv);
- if (rv != SECSuccess) {
- break;
- }
- PORT_Free(mech);
- return PK11_ParamFromIV(type,&iv);
+ rv = pk11_GenIV(type, &iv);
+ if (rv != SECSuccess) {
+ break;
+ }
+ PORT_Free(mech);
+ return PK11_ParamFromIV(type, &iv);
default:
- if (pk11_lookup(type)->iv == 0) {
- break;
- }
+ if (pk11_lookup(type)->iv == 0) {
+ break;
+ }
case CKM_SEED_CBC:
case CKM_CAMELLIA_CBC:
case CKM_AES_CBC:
case CKM_DES_CBC:
case CKM_DES3_CBC:
case CKM_IDEA_CBC:
case CKM_CDMF_CBC:
case CKM_CAST_CBC:
@@ -1474,147 +1422,141 @@ pk11_GenerateNewParamWithKeyLen(CK_MECHA
case CKM_BATON_ECB96:
case CKM_BATON_CBC128:
case CKM_BATON_COUNTER:
case CKM_BATON_SHUFFLE:
case CKM_JUNIPER_ECB128:
case CKM_JUNIPER_CBC128:
case CKM_JUNIPER_COUNTER:
case CKM_JUNIPER_SHUFFLE:
- rv = pk11_GenIV(type,&iv);
- if (rv != SECSuccess) {
- break;
- }
- mech->data = (unsigned char*)PORT_Alloc(iv.len);
- if (mech->data == NULL) {
- PORT_Free(iv.data);
- rv = SECFailure;
- break;
- }
- PORT_Memcpy(mech->data,iv.data,iv.len);
- mech->len = iv.len;
+ rv = pk11_GenIV(type, &iv);
+ if (rv != SECSuccess) {
+ break;
+ }
+ mech->data = (unsigned char *)PORT_Alloc(iv.len);
+ if (mech->data == NULL) {
PORT_Free(iv.data);
- break;
- }
- if (rv != SECSuccess) {
- SECITEM_FreeItem(mech,PR_TRUE);
- return NULL;
- }
- return mech;
-
+ rv = SECFailure;
+ break;
+ }
+ PORT_Memcpy(mech->data, iv.data, iv.len);
+ mech->len = iv.len;
+ PORT_Free(iv.data);
+ break;
+ }
+ if (rv != SECSuccess) {
+ SECITEM_FreeItem(mech, PR_TRUE);
+ return NULL;
+ }
+ return mech;
}
-SECItem *
-PK11_GenerateNewParam(CK_MECHANISM_TYPE type, PK11SymKey *key)
-{
- int keyLen = key ? PK11_GetKeyLength(key) : 0;
+SECItem *PK11_GenerateNewParam(CK_MECHANISM_TYPE type, PK11SymKey *key) {
+ int keyLen = key ? PK11_GetKeyLength(key) : 0;
- return pk11_GenerateNewParamWithKeyLen(type, keyLen);
+ return pk11_GenerateNewParamWithKeyLen(type, keyLen);
}
#define RC5_V10 0x10
/* turn a PKCS #11 parameter into a DER Encoded Algorithm ID */
-SECStatus
-PK11_ParamToAlgid(SECOidTag algTag, SECItem *param,
- PLArenaPool *arena, SECAlgorithmID *algid) {
- CK_RC2_CBC_PARAMS *rc2_params;
- sec_rc2cbcParameter rc2;
- CK_RC5_CBC_PARAMS *rc5_params;
- sec_rc5cbcParameter rc5;
- CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(algTag);
- SECItem *newParams = NULL;
- SECStatus rv = SECFailure;
- unsigned long rc2version;
+SECStatus PK11_ParamToAlgid(SECOidTag algTag, SECItem *param,
+ PLArenaPool *arena, SECAlgorithmID *algid) {
+ CK_RC2_CBC_PARAMS *rc2_params;
+ sec_rc2cbcParameter rc2;
+ CK_RC5_CBC_PARAMS *rc5_params;
+ sec_rc5cbcParameter rc5;
+ CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(algTag);
+ SECItem *newParams = NULL;
+ SECStatus rv = SECFailure;
+ unsigned long rc2version;
- switch (type) {
+ switch (type) {
case CKM_RC4:
case CKM_SEED_ECB:
case CKM_CAMELLIA_ECB:
case CKM_AES_ECB:
case CKM_DES_ECB:
case CKM_DES3_ECB:
case CKM_IDEA_ECB:
case CKM_CDMF_ECB:
case CKM_CAST_ECB:
case CKM_CAST3_ECB:
case CKM_CAST5_ECB:
- newParams = NULL;
- rv = SECSuccess;
- break;
+ newParams = NULL;
+ rv = SECSuccess;
+ break;
case CKM_RC2_ECB:
- break;
+ break;
case CKM_RC2_CBC:
case CKM_RC2_CBC_PAD:
- rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
- rc2version = rc2_unmap(rc2_params->ulEffectiveBits);
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &(rc2.rc2ParameterVersion),
- rc2version) == NULL)
- break;
- rc2.iv.data = rc2_params->iv;
- rc2.iv.len = sizeof(rc2_params->iv);
- newParams = SEC_ASN1EncodeItem (NULL, NULL, &rc2,
- sec_rc2cbc_parameter_template);
- PORT_Free(rc2.rc2ParameterVersion.data);
- if (newParams == NULL)
- break;
- rv = SECSuccess;
- break;
+ rc2_params = (CK_RC2_CBC_PARAMS *)param->data;
+ rc2version = rc2_unmap(rc2_params->ulEffectiveBits);
+ if (SEC_ASN1EncodeUnsignedInteger(NULL, &(rc2.rc2ParameterVersion),
+ rc2version) == NULL)
+ break;
+ rc2.iv.data = rc2_params->iv;
+ rc2.iv.len = sizeof(rc2_params->iv);
+ newParams =
+ SEC_ASN1EncodeItem(NULL, NULL, &rc2, sec_rc2cbc_parameter_template);
+ PORT_Free(rc2.rc2ParameterVersion.data);
+ if (newParams == NULL) break;
+ rv = SECSuccess;
+ break;
case CKM_RC5_ECB: /* well not really... */
- break;
+ break;
case CKM_RC5_CBC:
case CKM_RC5_CBC_PAD:
- rc5_params = (CK_RC5_CBC_PARAMS *)param->data;
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.version, RC5_V10) == NULL)
- break;
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.blockSizeInBits,
- rc5_params->ulWordsize*8) == NULL) {
- PORT_Free(rc5.version.data);
- break;
- }
- if (SEC_ASN1EncodeUnsignedInteger (NULL, &rc5.rounds,
- rc5_params->ulWordsize*8) == NULL) {
- PORT_Free(rc5.blockSizeInBits.data);
- PORT_Free(rc5.version.data);
- break;
- }
- rc5.iv.data = rc5_params->pIv;
- rc5.iv.len = rc5_params->ulIvLen;
- newParams = SEC_ASN1EncodeItem (NULL, NULL, &rc5,
- sec_rc5cbc_parameter_template);
+ rc5_params = (CK_RC5_CBC_PARAMS *)param->data;
+ if (SEC_ASN1EncodeUnsignedInteger(NULL, &rc5.version, RC5_V10) == NULL)
+ break;
+ if (SEC_ASN1EncodeUnsignedInteger(NULL, &rc5.blockSizeInBits,
+ rc5_params->ulWordsize * 8) == NULL) {
PORT_Free(rc5.version.data);
+ break;
+ }
+ if (SEC_ASN1EncodeUnsignedInteger(NULL, &rc5.rounds,
+ rc5_params->ulWordsize * 8) == NULL) {
PORT_Free(rc5.blockSizeInBits.data);
- PORT_Free(rc5.rounds.data);
- if (newParams == NULL)
- break;
- rv = SECSuccess;
- break;
+ PORT_Free(rc5.version.data);
+ break;
+ }
+ rc5.iv.data = rc5_params->pIv;
+ rc5.iv.len = rc5_params->ulIvLen;
+ newParams =
+ SEC_ASN1EncodeItem(NULL, NULL, &rc5, sec_rc5cbc_parameter_template);
+ PORT_Free(rc5.version.data);
+ PORT_Free(rc5.blockSizeInBits.data);
+ PORT_Free(rc5.rounds.data);
+ if (newParams == NULL) break;
+ rv = SECSuccess;
+ break;
case CKM_PBE_MD2_DES_CBC:
case CKM_PBE_MD5_DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
case CKM_PBE_SHA1_DES3_EDE_CBC:
case CKM_PBE_SHA1_DES2_EDE_CBC:
case CKM_PBE_SHA1_RC2_40_CBC:
case CKM_PBE_SHA1_RC2_128_CBC:
case CKM_PBE_SHA1_RC4_40:
case CKM_PBE_SHA1_RC4_128:
- return PBE_PK11ParamToAlgid(algTag, param, arena, algid);
+ return PBE_PK11ParamToAlgid(algTag, param, arena, algid);
default:
- if (pk11_lookup(type)->iv == 0) {
- rv = SECSuccess;
- newParams = NULL;
- break;
- }
+ if (pk11_lookup(type)->iv == 0) {
+ rv = SECSuccess;
+ newParams = NULL;
+ break;
+ }
case CKM_SEED_CBC:
case CKM_CAMELLIA_CBC:
case CKM_AES_CBC:
case CKM_DES_CBC:
case CKM_DES3_CBC:
case CKM_IDEA_CBC:
case CKM_CDMF_CBC:
case CKM_CAST_CBC:
@@ -1638,246 +1580,235 @@ PK11_ParamToAlgid(SECOidTag algTag, SECI
case CKM_BATON_ECB96:
case CKM_BATON_CBC128:
case CKM_BATON_COUNTER:
case CKM_BATON_SHUFFLE:
case CKM_JUNIPER_ECB128:
case CKM_JUNIPER_CBC128:
case CKM_JUNIPER_COUNTER:
case CKM_JUNIPER_SHUFFLE:
- newParams = SEC_ASN1EncodeItem(NULL,NULL,param,
- SEC_ASN1_GET(SEC_OctetStringTemplate) );
- if (newParams == NULL)
- break;
- rv = SECSuccess;
- break;
- }
+ newParams = SEC_ASN1EncodeItem(NULL, NULL, param,
+ SEC_ASN1_GET(SEC_OctetStringTemplate));
+ if (newParams == NULL) break;
+ rv = SECSuccess;
+ break;
+ }
- if (rv != SECSuccess) {
- if (newParams) SECITEM_FreeItem(newParams,PR_TRUE);
- return rv;
- }
+ if (rv != SECSuccess) {
+ if (newParams) SECITEM_FreeItem(newParams, PR_TRUE);
+ return rv;
+ }
- rv = SECOID_SetAlgorithmID(arena, algid, algTag, newParams);
- SECITEM_FreeItem(newParams,PR_TRUE);
- return rv;
+ rv = SECOID_SetAlgorithmID(arena, algid, algTag, newParams);
+ SECITEM_FreeItem(newParams, PR_TRUE);
+ return rv;
}
/* turn an OID algorithm tag into a PKCS #11 mechanism. This allows us to
* map OID's directly into the PKCS #11 mechanism we want to call. We find
* this mapping in our standard OID table */
CK_MECHANISM_TYPE
PK11_AlgtagToMechanism(SECOidTag algTag) {
- SECOidData *oid = SECOID_FindOIDByTag(algTag);
+ SECOidData *oid = SECOID_FindOIDByTag(algTag);
- if (oid) return (CK_MECHANISM_TYPE) oid->mechanism;
- return CKM_INVALID_MECHANISM;
+ if (oid) return (CK_MECHANISM_TYPE)oid->mechanism;
+ return CKM_INVALID_MECHANISM;
}
/* turn a mechanism into an oid. */
-SECOidTag
-PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type) {
- SECOidData *oid = SECOID_FindOIDByMechanism((unsigned long)type);
+SECOidTag PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type) {
+ SECOidData *oid = SECOID_FindOIDByMechanism((unsigned long)type);
- if (oid) return oid->offset;
- return SEC_OID_UNKNOWN;
+ if (oid) return oid->offset;
+ return SEC_OID_UNKNOWN;
}
/* Determine appropriate blocking mechanism, used when wrapping private keys
* which require PKCS padding. If the mechanism does not map to a padding
* mechanism, we simply return the mechanism.
*/
CK_MECHANISM_TYPE
PK11_GetPadMechanism(CK_MECHANISM_TYPE type) {
- switch(type) {
- case CKM_SEED_CBC:
- return CKM_SEED_CBC_PAD;
- case CKM_CAMELLIA_CBC:
- return CKM_CAMELLIA_CBC_PAD;
- case CKM_AES_CBC:
- return CKM_AES_CBC_PAD;
- case CKM_DES_CBC:
- return CKM_DES_CBC_PAD;
- case CKM_DES3_CBC:
- return CKM_DES3_CBC_PAD;
- case CKM_RC2_CBC:
- return CKM_RC2_CBC_PAD;
- case CKM_CDMF_CBC:
- return CKM_CDMF_CBC_PAD;
- case CKM_CAST_CBC:
- return CKM_CAST_CBC_PAD;
- case CKM_CAST3_CBC:
- return CKM_CAST3_CBC_PAD;
- case CKM_CAST5_CBC:
- return CKM_CAST5_CBC_PAD;
- case CKM_RC5_CBC:
- return CKM_RC5_CBC_PAD;
- case CKM_IDEA_CBC:
- return CKM_IDEA_CBC_PAD;
- default:
- break;
+ switch (type) {
+ case CKM_SEED_CBC:
+ return CKM_SEED_CBC_PAD;
+ case CKM_CAMELLIA_CBC:
+ return CKM_CAMELLIA_CBC_PAD;
+ case CKM_AES_CBC:
+ return CKM_AES_CBC_PAD;
+ case CKM_DES_CBC:
+ return CKM_DES_CBC_PAD;
+ case CKM_DES3_CBC:
+ return CKM_DES3_CBC_PAD;
+ case CKM_RC2_CBC:
+ return CKM_RC2_CBC_PAD;
+ case CKM_CDMF_CBC:
+ return CKM_CDMF_CBC_PAD;
+ case CKM_CAST_CBC:
+ return CKM_CAST_CBC_PAD;
+ case CKM_CAST3_CBC:
+ return CKM_CAST3_CBC_PAD;
+ case CKM_CAST5_CBC:
+ return CKM_CAST5_CBC_PAD;
+ case CKM_RC5_CBC:
+ return CKM_RC5_CBC_PAD;
+ case CKM_IDEA_CBC:
+ return CKM_IDEA_CBC_PAD;
+ default:
+ break;
+ }
+
+ return type;
+}
+
+static PRBool pk11_isAllZero(unsigned char *data, int len) {
+ while (len--) {
+ if (*data++) {
+ return PR_FALSE;
}
-
- return type;
-}
-
-static PRBool
-pk11_isAllZero(unsigned char *data,int len) {
- while (len--) {
- if (*data++) {
- return PR_FALSE;
- }
- }
- return PR_TRUE;
+ }
+ return PR_TRUE;
}
CK_RV
-PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism,
- CK_MECHANISM_PTR pCryptoMechanism,
- SECItem *pbe_pwd, PRBool faulty3DES)
-{
- int iv_len = 0;
- CK_PBE_PARAMS_PTR pPBEparams;
- CK_RC2_CBC_PARAMS_PTR rc2_params;
- CK_ULONG rc2_key_len;
+PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism,
+ CK_MECHANISM_PTR pCryptoMechanism,
+ SECItem *pbe_pwd, PRBool faulty3DES) {
+ int iv_len = 0;
+ CK_PBE_PARAMS_PTR pPBEparams;
+ CK_RC2_CBC_PARAMS_PTR rc2_params;
+ CK_ULONG rc2_key_len;
- if((pPBEMechanism == CK_NULL_PTR) || (pCryptoMechanism == CK_NULL_PTR)) {
- return CKR_HOST_MEMORY;
+ if ((pPBEMechanism == CK_NULL_PTR) || (pCryptoMechanism == CK_NULL_PTR)) {
+ return CKR_HOST_MEMORY;
+ }
+
+ /* pkcs5 v2 cannot be supported by this interface.
+ * use PK11_GetPBECryptoMechanism instead.
+ */
+ if ((pPBEMechanism->mechanism == CKM_INVALID_MECHANISM) ||
+ (pPBEMechanism->mechanism == CKM_PKCS5_PBKD2)) {
+ return CKR_MECHANISM_INVALID;
+ }
+
+ pPBEparams = (CK_PBE_PARAMS_PTR)pPBEMechanism->pParameter;
+ iv_len = PK11_GetIVLength(pPBEMechanism->mechanism);
+
+ if (iv_len) {
+ if (pk11_isAllZero(pPBEparams->pInitVector, iv_len)) {
+ SECItem param;
+ PK11SymKey *symKey;
+ PK11SlotInfo *intSlot = PK11_GetInternalSlot();
+
+ if (intSlot == NULL) {
+ return CKR_DEVICE_ERROR;
+ }
+
+ param.data = pPBEMechanism->pParameter;
+ param.len = pPBEMechanism->ulParameterLen;
+
+ symKey = PK11_RawPBEKeyGen(intSlot, pPBEMechanism->mechanism, &param,
+ pbe_pwd, faulty3DES, NULL);
+ PK11_FreeSlot(intSlot);
+ if (symKey == NULL) {
+ return CKR_DEVICE_ERROR; /* sigh */
+ }
+ PK11_FreeSymKey(symKey);
}
+ }
- /* pkcs5 v2 cannot be supported by this interface.
- * use PK11_GetPBECryptoMechanism instead.
- */
- if ((pPBEMechanism->mechanism == CKM_INVALID_MECHANISM) ||
- (pPBEMechanism->mechanism == CKM_PKCS5_PBKD2)) {
- return CKR_MECHANISM_INVALID;
- }
+ switch (pPBEMechanism->mechanism) {
+ case CKM_PBE_MD2_DES_CBC:
+ case CKM_PBE_MD5_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
+ pCryptoMechanism->mechanism = CKM_DES_CBC;
+ goto have_crypto_mechanism;
+ case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
+ case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
+ case CKM_PBE_SHA1_DES3_EDE_CBC:
+ case CKM_PBE_SHA1_DES2_EDE_CBC:
+ pCryptoMechanism->mechanism = CKM_DES3_CBC;
+ have_crypto_mechanism:
+ pCryptoMechanism->pParameter = PORT_Alloc(iv_len);
+ pCryptoMechanism->ulParameterLen = (CK_ULONG)iv_len;
+ if (pCryptoMechanism->pParameter == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ PORT_Memcpy((unsigned char *)(pCryptoMechanism->pParameter),
+ (unsigned char *)(pPBEparams->pInitVector), iv_len);
+ break;
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
+ case CKM_PBE_SHA1_RC4_40:
+ case CKM_PBE_SHA1_RC4_128:
+ pCryptoMechanism->mechanism = CKM_RC4;
+ pCryptoMechanism->ulParameterLen = 0;
+ pCryptoMechanism->pParameter = CK_NULL_PTR;
+ break;
+ case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
+ case CKM_PBE_SHA1_RC2_40_CBC:
+ rc2_key_len = 40;
+ goto have_key_len;
+ case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
+ rc2_key_len = 128;
+ have_key_len:
+ pCryptoMechanism->mechanism = CKM_RC2_CBC;
+ pCryptoMechanism->ulParameterLen = (CK_ULONG)sizeof(CK_RC2_CBC_PARAMS);
+ pCryptoMechanism->pParameter =
+ (CK_RC2_CBC_PARAMS_PTR)PORT_ZAlloc(sizeof(CK_RC2_CBC_PARAMS));
+ if (pCryptoMechanism->pParameter == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ rc2_params = (CK_RC2_CBC_PARAMS_PTR)pCryptoMechanism->pParameter;
+ PORT_Memcpy((unsigned char *)rc2_params->iv,
+ (unsigned char *)pPBEparams->pInitVector, iv_len);
+ rc2_params->ulEffectiveBits = rc2_key_len;
+ break;
+ default:
+ return CKR_MECHANISM_INVALID;
+ }
- pPBEparams = (CK_PBE_PARAMS_PTR)pPBEMechanism->pParameter;
- iv_len = PK11_GetIVLength(pPBEMechanism->mechanism);
-
- if (iv_len) {
- if (pk11_isAllZero(pPBEparams->pInitVector,iv_len)) {
- SECItem param;
- PK11SymKey *symKey;
- PK11SlotInfo *intSlot = PK11_GetInternalSlot();
-
- if (intSlot == NULL) {
- return CKR_DEVICE_ERROR;
- }
-
- param.data = pPBEMechanism->pParameter;
- param.len = pPBEMechanism->ulParameterLen;
-
- symKey = PK11_RawPBEKeyGen(intSlot,
- pPBEMechanism->mechanism, &param, pbe_pwd, faulty3DES, NULL);
- PK11_FreeSlot(intSlot);
- if (symKey== NULL) {
- return CKR_DEVICE_ERROR; /* sigh */
- }
- PK11_FreeSymKey(symKey);
- }
- }
-
- switch(pPBEMechanism->mechanism) {
- case CKM_PBE_MD2_DES_CBC:
- case CKM_PBE_MD5_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
- pCryptoMechanism->mechanism = CKM_DES_CBC;
- goto have_crypto_mechanism;
- case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
- case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
- case CKM_PBE_SHA1_DES3_EDE_CBC:
- case CKM_PBE_SHA1_DES2_EDE_CBC:
- pCryptoMechanism->mechanism = CKM_DES3_CBC;
-have_crypto_mechanism:
- pCryptoMechanism->pParameter = PORT_Alloc(iv_len);
- pCryptoMechanism->ulParameterLen = (CK_ULONG)iv_len;
- if(pCryptoMechanism->pParameter == NULL) {
- return CKR_HOST_MEMORY;
- }
- PORT_Memcpy((unsigned char *)(pCryptoMechanism->pParameter),
- (unsigned char *)(pPBEparams->pInitVector),
- iv_len);
- break;
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
- case CKM_PBE_SHA1_RC4_40:
- case CKM_PBE_SHA1_RC4_128:
- pCryptoMechanism->mechanism = CKM_RC4;
- pCryptoMechanism->ulParameterLen = 0;
- pCryptoMechanism->pParameter = CK_NULL_PTR;
- break;
- case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
- case CKM_PBE_SHA1_RC2_40_CBC:
- rc2_key_len = 40;
- goto have_key_len;
- case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
- rc2_key_len = 128;
-have_key_len:
- pCryptoMechanism->mechanism = CKM_RC2_CBC;
- pCryptoMechanism->ulParameterLen = (CK_ULONG)
- sizeof(CK_RC2_CBC_PARAMS);
- pCryptoMechanism->pParameter = (CK_RC2_CBC_PARAMS_PTR)
- PORT_ZAlloc(sizeof(CK_RC2_CBC_PARAMS));
- if(pCryptoMechanism->pParameter == NULL) {
- return CKR_HOST_MEMORY;
- }
- rc2_params = (CK_RC2_CBC_PARAMS_PTR)pCryptoMechanism->pParameter;
- PORT_Memcpy((unsigned char *)rc2_params->iv,
- (unsigned char *)pPBEparams->pInitVector,
- iv_len);
- rc2_params->ulEffectiveBits = rc2_key_len;
- break;
- default:
- return CKR_MECHANISM_INVALID;
- }
-
- return CKR_OK;
+ return CKR_OK;
}
/* Make a Key type to an appropriate signing/verification mechanism */
CK_MECHANISM_TYPE
-PK11_MapSignKeyType(KeyType keyType)
-{
- switch (keyType) {
+PK11_MapSignKeyType(KeyType keyType) {
+ switch (keyType) {
case rsaKey:
- return CKM_RSA_PKCS;
+ return CKM_RSA_PKCS;
case fortezzaKey:
case dsaKey:
- return CKM_DSA;
+ return CKM_DSA;
case ecKey:
- return CKM_ECDSA;
+ return CKM_ECDSA;
case dhKey:
default:
- break;
- }
- return CKM_INVALID_MECHANISM;
+ break;
+ }
+ return CKM_INVALID_MECHANISM;
}
CK_MECHANISM_TYPE
-pk11_mapWrapKeyType(KeyType keyType)
-{
- switch (keyType) {
+pk11_mapWrapKeyType(KeyType keyType) {
+ switch (keyType) {
case rsaKey:
- return CKM_RSA_PKCS;
+ return CKM_RSA_PKCS;
/* Add fortezza?? */
default:
- break;
- }
- return CKM_INVALID_MECHANISM;
+ break;
+ }
+ return CKM_INVALID_MECHANISM;
}
-SECOidTag
-PK11_FortezzaMapSig(SECOidTag algTag)
-{
- switch (algTag) {
+SECOidTag PK11_FortezzaMapSig(SECOidTag algTag) {
+ switch (algTag) {
case SEC_OID_MISSI_KEA_DSS:
case SEC_OID_MISSI_DSS:
case SEC_OID_MISSI_DSS_OLD:
case SEC_OID_MISSI_KEA_DSS_OLD:
case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
- return SEC_OID_ANSIX9_DSA_SIGNATURE;
+ return SEC_OID_ANSIX9_DSA_SIGNATURE;
default:
- break;
- }
- return algTag;
+ break;
+ }
+ return algTag;
}
« no previous file with comments | « lib/pk11wrap/pk11load.c ('k') | lib/pk11wrap/pk11merge.c » ('j') | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b