File: | s/lib/pk11wrap/pk11mech.c |
Warning: | line 1564, column 13 Null pointer passed to 2nd parameter expecting 'nonnull' |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* This Source Code Form is subject to the terms of the Mozilla Public | |||
2 | * License, v. 2.0. If a copy of the MPL was not distributed with this | |||
3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |||
4 | /* | |||
5 | * This file maps various PKCS #11 Mechanisms to related mechanisms, key | |||
6 | * types, and ASN.1 encodings. | |||
7 | */ | |||
8 | #include "seccomon.h" | |||
9 | #include "secmod.h" | |||
10 | #include "secmodi.h" | |||
11 | #include "pkcs11t.h" | |||
12 | #include "pk11func.h" | |||
13 | #include "secitem.h" | |||
14 | #include "secder.h" | |||
15 | #include "secasn1.h" | |||
16 | #include "secoid.h" | |||
17 | #include "secerr.h" | |||
18 | ||||
19 | /************************************************************* | |||
20 | * local static and global data | |||
21 | *************************************************************/ | |||
22 | ||||
23 | /* | |||
24 | * Tables used for Extended mechanism mapping (currently not used) | |||
25 | */ | |||
26 | typedef struct { | |||
27 | CK_MECHANISM_TYPE keyGen; | |||
28 | CK_KEY_TYPE keyType; | |||
29 | CK_MECHANISM_TYPE type; | |||
30 | CK_MECHANISM_TYPE padType; | |||
31 | int blockSize; | |||
32 | int iv; | |||
33 | } pk11MechanismData; | |||
34 | ||||
35 | static pk11MechanismData pk11_default = { CKM_GENERIC_SECRET_KEY_GEN0x00000350UL, CKK_GENERIC_SECRET0x00000010UL, | |||
36 | CKM_FAKE_RANDOM0x80000efeUL, CKM_FAKE_RANDOM0x80000efeUL, 8, 8 }; | |||
37 | static pk11MechanismData *pk11_MechanismTable = NULL((void*)0); | |||
38 | static int pk11_MechTableSize = 0; | |||
39 | static int pk11_MechEntrySize = 0; | |||
40 | ||||
41 | /* | |||
42 | * list of mechanisms we're willing to wrap secret keys with. | |||
43 | * This list is ordered by preference. | |||
44 | */ | |||
45 | CK_MECHANISM_TYPE wrapMechanismList[] = { | |||
46 | CKM_DES3_ECB0x00000132UL, | |||
47 | CKM_CAST5_ECB0x00000321UL, | |||
48 | CKM_AES_ECB0x00001081UL, | |||
49 | CKM_CAMELLIA_ECB0x00000551UL, | |||
50 | CKM_SEED_ECB0x00000651UL, | |||
51 | CKM_CAST5_ECB0x00000321UL, | |||
52 | CKM_DES_ECB0x00000121UL, | |||
53 | CKM_KEY_WRAP_LYNKS0x00000400UL, | |||
54 | CKM_IDEA_ECB0x00000341UL, | |||
55 | CKM_CAST3_ECB0x00000311UL, | |||
56 | CKM_CAST_ECB0x00000301UL, | |||
57 | CKM_RC5_ECB0x00000331UL, | |||
58 | CKM_RC2_ECB0x00000101UL, | |||
59 | CKM_CDMF_ECB0x00000141UL, | |||
60 | CKM_SKIPJACK_WRAP0x00001008UL, | |||
61 | }; | |||
62 | ||||
63 | int wrapMechanismCount = sizeof(wrapMechanismList) / sizeof(wrapMechanismList[0]); | |||
64 | ||||
65 | /********************************************************************* | |||
66 | * Mechanism Mapping functions | |||
67 | *********************************************************************/ | |||
68 | ||||
69 | /* | |||
70 | * lookup an entry in the mechanism table. If none found, return the | |||
71 | * default structure. | |||
72 | */ | |||
73 | static pk11MechanismData * | |||
74 | pk11_lookup(CK_MECHANISM_TYPE type) | |||
75 | { | |||
76 | int i; | |||
77 | for (i = 0; i < pk11_MechEntrySize; i++) { | |||
78 | if (pk11_MechanismTable[i].type == type) { | |||
79 | return (&pk11_MechanismTable[i]); | |||
80 | } | |||
81 | } | |||
82 | return &pk11_default; | |||
83 | } | |||
84 | ||||
85 | /* | |||
86 | * find the best key wrap mechanism for this slot. | |||
87 | */ | |||
88 | CK_MECHANISM_TYPE | |||
89 | PK11_GetBestWrapMechanism(PK11SlotInfo *slot) | |||
90 | { | |||
91 | int i; | |||
92 | for (i = 0; i < wrapMechanismCount; i++) { | |||
93 | if (PK11_DoesMechanism(slot, wrapMechanismList[i])) { | |||
94 | return wrapMechanismList[i]; | |||
95 | } | |||
96 | } | |||
97 | return CKM_INVALID_MECHANISM0xffffffffUL; | |||
98 | } | |||
99 | ||||
100 | /* | |||
101 | * NOTE: This is not thread safe. Called at init time, and when loading | |||
102 | * a new Entry. It is reasonably safe as long as it is not re-entered | |||
103 | * (readers will always see a consistant table) | |||
104 | * | |||
105 | * This routine is called to add entries to the mechanism table, once there, | |||
106 | * they can not be removed. | |||
107 | */ | |||
108 | void | |||
109 | PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key, | |||
110 | CK_MECHANISM_TYPE keyGen, | |||
111 | CK_MECHANISM_TYPE padType, | |||
112 | int ivLen, int blockSize) | |||
113 | { | |||
114 | int tableSize = pk11_MechTableSize; | |||
115 | int size = pk11_MechEntrySize; | |||
116 | int entry = size++; | |||
117 | pk11MechanismData *old = pk11_MechanismTable; | |||
118 | pk11MechanismData *newt = pk11_MechanismTable; | |||
119 | ||||
120 | if (size > tableSize) { | |||
121 | int oldTableSize = tableSize; | |||
122 | tableSize += 10; | |||
123 | newt = PORT_NewArray(pk11MechanismData, tableSize)(pk11MechanismData *)PORT_Alloc_Util(sizeof(pk11MechanismData ) * (tableSize)); | |||
124 | if (newt == NULL((void*)0)) | |||
125 | return; | |||
126 | ||||
127 | if (old) | |||
128 | PORT_Memcpymemcpy(newt, old, oldTableSize * sizeof(*newt)); | |||
129 | } else | |||
130 | old = NULL((void*)0); | |||
131 | ||||
132 | newt[entry].type = type; | |||
133 | newt[entry].keyType = key; | |||
134 | newt[entry].keyGen = keyGen; | |||
135 | newt[entry].padType = padType; | |||
136 | newt[entry].iv = ivLen; | |||
137 | newt[entry].blockSize = blockSize; | |||
138 | ||||
139 | pk11_MechanismTable = newt; | |||
140 | pk11_MechTableSize = tableSize; | |||
141 | pk11_MechEntrySize = size; | |||
142 | if (old) | |||
143 | PORT_FreePORT_Free_Util(old); | |||
144 | } | |||
145 | ||||
146 | /* | |||
147 | * Get the mechanism needed for the given key type | |||
148 | */ | |||
149 | CK_MECHANISM_TYPE | |||
150 | PK11_GetKeyMechanism(CK_KEY_TYPE type) | |||
151 | { | |||
152 | switch (type) { | |||
153 | case CKK_SEED0x0000002FUL: | |||
154 | return CKM_SEED_CBC0x00000652UL; | |||
155 | case CKK_CAMELLIA0x00000025UL: | |||
156 | return CKM_CAMELLIA_CBC0x00000552UL; | |||
157 | case CKK_NSS_CHACHA20((0x80000000UL | 0x4E534350) + 4): | |||
158 | return CKM_NSS_CHACHA20_POLY1305((0x80000000UL | 0x4E534350) + 28); | |||
159 | case CKK_CHACHA200x00000033UL: | |||
160 | return CKM_CHACHA20_POLY13050x00004021UL; | |||
161 | case CKK_AES0x0000001FUL: | |||
162 | return CKM_AES_CBC0x00001082UL; | |||
163 | case CKK_DES0x00000013UL: | |||
164 | return CKM_DES_CBC0x00000122UL; | |||
165 | case CKK_DES30x00000015UL: | |||
166 | return CKM_DES3_KEY_GEN0x00000131UL; | |||
167 | case CKK_DES20x00000014UL: | |||
168 | return CKM_DES2_KEY_GEN0x00000130UL; | |||
169 | case CKK_CDMF0x0000001EUL: | |||
170 | return CKM_CDMF_CBC0x00000142UL; | |||
171 | case CKK_RC20x00000011UL: | |||
172 | return CKM_RC2_CBC0x00000102UL; | |||
173 | case CKK_RC40x00000012UL: | |||
174 | return CKM_RC40x00000111UL; | |||
175 | case CKK_RC50x00000019UL: | |||
176 | return CKM_RC5_CBC0x00000332UL; | |||
177 | case CKK_SKIPJACK0x0000001BUL: | |||
178 | return CKM_SKIPJACK_CBC640x00001002UL; | |||
179 | case CKK_BATON0x0000001CUL: | |||
180 | return CKM_BATON_CBC1280x00001033UL; | |||
181 | case CKK_JUNIPER0x0000001DUL: | |||
182 | return CKM_JUNIPER_CBC1280x00001062UL; | |||
183 | case CKK_IDEA0x0000001AUL: | |||
184 | return CKM_IDEA_CBC0x00000342UL; | |||
185 | case CKK_CAST0x00000016UL: | |||
186 | return CKM_CAST_CBC0x00000302UL; | |||
187 | case CKK_CAST30x00000017UL: | |||
188 | return CKM_CAST3_CBC0x00000312UL; | |||
189 | case CKK_CAST50x00000018UL: | |||
190 | return CKM_CAST5_CBC0x00000322UL; | |||
191 | case CKK_RSA0x00000000UL: | |||
192 | return CKM_RSA_PKCS0x00000001UL; | |||
193 | case CKK_DSA0x00000001UL: | |||
194 | return CKM_DSA0x00000011UL; | |||
195 | case CKK_DH0x00000002UL: | |||
196 | return CKM_DH_PKCS_DERIVE0x00000021UL; | |||
197 | case CKK_KEA0x00000005UL: | |||
198 | return CKM_KEA_KEY_DERIVE0x00001011UL; | |||
199 | case CKK_EC0x00000003UL: /* CKK_ECDSA is deprecated */ | |||
200 | return CKM_ECDSA0x00001041UL; | |||
201 | case CKK_EC_EDWARDS0x00000040UL: | |||
202 | return CKM_EDDSA0x00001057UL; | |||
203 | case CKK_HKDF0x00000042UL: | |||
204 | return CKM_HKDF_DERIVE0x0000402aUL; | |||
205 | case CKK_GENERIC_SECRET0x00000010UL: | |||
206 | default: | |||
207 | return CKM_SHA_1_HMAC0x00000221UL; | |||
208 | } | |||
209 | } | |||
210 | ||||
211 | /* | |||
212 | * Get the key type needed for the given mechanism | |||
213 | */ | |||
214 | CK_KEY_TYPE | |||
215 | PK11_GetKeyType(CK_MECHANISM_TYPE type, unsigned long len) | |||
216 | { | |||
217 | switch (type) { | |||
218 | case CKM_SEED_ECB0x00000651UL: | |||
219 | case CKM_SEED_CBC0x00000652UL: | |||
220 | case CKM_SEED_MAC0x00000653UL: | |||
221 | case CKM_SEED_MAC_GENERAL0x00000654UL: | |||
222 | case CKM_SEED_CBC_PAD0x00000655UL: | |||
223 | case CKM_SEED_KEY_GEN0x00000650UL: | |||
224 | return CKK_SEED0x0000002FUL; | |||
225 | case CKM_CAMELLIA_ECB0x00000551UL: | |||
226 | case CKM_CAMELLIA_CBC0x00000552UL: | |||
227 | case CKM_CAMELLIA_MAC0x00000553UL: | |||
228 | case CKM_CAMELLIA_MAC_GENERAL0x00000554UL: | |||
229 | case CKM_CAMELLIA_CBC_PAD0x00000555UL: | |||
230 | case CKM_CAMELLIA_KEY_GEN0x00000550UL: | |||
231 | return CKK_CAMELLIA0x00000025UL; | |||
232 | case CKM_NSS_CHACHA20_POLY1305((0x80000000UL | 0x4E534350) + 28): | |||
233 | case CKM_NSS_CHACHA20_KEY_GEN((0x80000000UL | 0x4E534350) + 27): | |||
234 | case CKM_NSS_CHACHA20_CTR((0x80000000UL | 0x4E534350) + 33): | |||
235 | return CKK_NSS_CHACHA20((0x80000000UL | 0x4E534350) + 4); | |||
236 | case CKM_CHACHA20_POLY13050x00004021UL: | |||
237 | case CKM_CHACHA20_KEY_GEN0x00001225UL: | |||
238 | case CKM_CHACHA200x00001226UL: | |||
239 | return CKK_CHACHA200x00000033UL; | |||
240 | case CKM_AES_ECB0x00001081UL: | |||
241 | case CKM_AES_CBC0x00001082UL: | |||
242 | case CKM_AES_CCM0x00001088UL: | |||
243 | case CKM_AES_CTR0x00001086UL: | |||
244 | case CKM_AES_CTS0x00001089UL: | |||
245 | case CKM_AES_GCM0x00001087UL: | |||
246 | case CKM_AES_MAC0x00001083UL: | |||
247 | case CKM_AES_MAC_GENERAL0x00001084UL: | |||
248 | case CKM_AES_CMAC0x0000108AUL: | |||
249 | case CKM_AES_CMAC_GENERAL0x0000108BUL: | |||
250 | case CKM_AES_CBC_PAD0x00001085UL: | |||
251 | case CKM_AES_KEY_GEN0x00001080UL: | |||
252 | case CKM_NSS_AES_KEY_WRAP((0x80000000UL | 0x4E534350) + 1): | |||
253 | case CKM_NSS_AES_KEY_WRAP_PAD((0x80000000UL | 0x4E534350) + 2): | |||
254 | case CKM_AES_KEY_WRAP0x00002109UL: | |||
255 | case CKM_AES_KEY_WRAP_KWP0x0000210BUL: | |||
256 | case CKM_AES_XCBC_MAC0x0000108CUL: | |||
257 | case CKM_AES_XCBC_MAC_960x0000108DUL: | |||
258 | return CKK_AES0x0000001FUL; | |||
259 | case CKM_DES_ECB0x00000121UL: | |||
260 | case CKM_DES_CBC0x00000122UL: | |||
261 | case CKM_DES_MAC0x00000123UL: | |||
262 | case CKM_DES_MAC_GENERAL0x00000124UL: | |||
263 | case CKM_DES_CBC_PAD0x00000125UL: | |||
264 | case CKM_DES_KEY_GEN0x00000120UL: | |||
265 | case CKM_KEY_WRAP_LYNKS0x00000400UL: | |||
266 | case CKM_PBE_MD2_DES_CBC0x000003A0UL: | |||
267 | case CKM_PBE_MD5_DES_CBC0x000003A1UL: | |||
268 | return CKK_DES0x00000013UL; | |||
269 | case CKM_DES3_ECB0x00000132UL: | |||
270 | case CKM_DES3_CBC0x00000133UL: | |||
271 | case CKM_DES3_MAC0x00000134UL: | |||
272 | case CKM_DES3_MAC_GENERAL0x00000135UL: | |||
273 | case CKM_DES3_CBC_PAD0x00000136UL: | |||
274 | return (len == 16) ? CKK_DES20x00000014UL : CKK_DES30x00000015UL; | |||
275 | case CKM_DES2_KEY_GEN0x00000130UL: | |||
276 | case CKM_PBE_SHA1_DES2_EDE_CBC0x000003A9UL: | |||
277 | return CKK_DES20x00000014UL; | |||
278 | case CKM_PBE_SHA1_DES3_EDE_CBC0x000003A8UL: | |||
279 | case CKM_DES3_KEY_GEN0x00000131UL: | |||
280 | return CKK_DES30x00000015UL; | |||
281 | case CKM_CDMF_ECB0x00000141UL: | |||
282 | case CKM_CDMF_CBC0x00000142UL: | |||
283 | case CKM_CDMF_MAC0x00000143UL: | |||
284 | case CKM_CDMF_MAC_GENERAL0x00000144UL: | |||
285 | case CKM_CDMF_CBC_PAD0x00000145UL: | |||
286 | case CKM_CDMF_KEY_GEN0x00000140UL: | |||
287 | return CKK_CDMF0x0000001EUL; | |||
288 | case CKM_RC2_ECB0x00000101UL: | |||
289 | case CKM_RC2_CBC0x00000102UL: | |||
290 | case CKM_RC2_MAC0x00000103UL: | |||
291 | case CKM_RC2_MAC_GENERAL0x00000104UL: | |||
292 | case CKM_RC2_CBC_PAD0x00000105UL: | |||
293 | case CKM_RC2_KEY_GEN0x00000100UL: | |||
294 | case CKM_PBE_SHA1_RC2_128_CBC0x000003AAUL: | |||
295 | case CKM_PBE_SHA1_RC2_40_CBC0x000003ABUL: | |||
296 | return CKK_RC20x00000011UL; | |||
297 | case CKM_RC40x00000111UL: | |||
298 | case CKM_RC4_KEY_GEN0x00000110UL: | |||
299 | return CKK_RC40x00000012UL; | |||
300 | case CKM_RC5_ECB0x00000331UL: | |||
301 | case CKM_RC5_CBC0x00000332UL: | |||
302 | case CKM_RC5_MAC0x00000333UL: | |||
303 | case CKM_RC5_MAC_GENERAL0x00000334UL: | |||
304 | case CKM_RC5_CBC_PAD0x00000335UL: | |||
305 | case CKM_RC5_KEY_GEN0x00000330UL: | |||
306 | return CKK_RC50x00000019UL; | |||
307 | case CKM_SKIPJACK_CBC640x00001002UL: | |||
308 | case CKM_SKIPJACK_ECB640x00001001UL: | |||
309 | case CKM_SKIPJACK_OFB640x00001003UL: | |||
310 | case CKM_SKIPJACK_CFB640x00001004UL: | |||
311 | case CKM_SKIPJACK_CFB320x00001005UL: | |||
312 | case CKM_SKIPJACK_CFB160x00001006UL: | |||
313 | case CKM_SKIPJACK_CFB80x00001007UL: | |||
314 | case CKM_SKIPJACK_KEY_GEN0x00001000UL: | |||
315 | case CKM_SKIPJACK_WRAP0x00001008UL: | |||
316 | case CKM_SKIPJACK_PRIVATE_WRAP0x00001009UL: | |||
317 | return CKK_SKIPJACK0x0000001BUL; | |||
318 | case CKM_BATON_ECB1280x00001031UL: | |||
319 | case CKM_BATON_ECB960x00001032UL: | |||
320 | case CKM_BATON_CBC1280x00001033UL: | |||
321 | case CKM_BATON_COUNTER0x00001034UL: | |||
322 | case CKM_BATON_SHUFFLE0x00001035UL: | |||
323 | case CKM_BATON_WRAP0x00001036UL: | |||
324 | case CKM_BATON_KEY_GEN0x00001030UL: | |||
325 | return CKK_BATON0x0000001CUL; | |||
326 | case CKM_JUNIPER_ECB1280x00001061UL: | |||
327 | case CKM_JUNIPER_CBC1280x00001062UL: | |||
328 | case CKM_JUNIPER_COUNTER0x00001063UL: | |||
329 | case CKM_JUNIPER_SHUFFLE0x00001064UL: | |||
330 | case CKM_JUNIPER_WRAP0x00001065UL: | |||
331 | case CKM_JUNIPER_KEY_GEN0x00001060UL: | |||
332 | return CKK_JUNIPER0x0000001DUL; | |||
333 | case CKM_IDEA_CBC0x00000342UL: | |||
334 | case CKM_IDEA_ECB0x00000341UL: | |||
335 | case CKM_IDEA_MAC0x00000343UL: | |||
336 | case CKM_IDEA_MAC_GENERAL0x00000344UL: | |||
337 | case CKM_IDEA_CBC_PAD0x00000345UL: | |||
338 | case CKM_IDEA_KEY_GEN0x00000340UL: | |||
339 | return CKK_IDEA0x0000001AUL; | |||
340 | case CKM_CAST_ECB0x00000301UL: | |||
341 | case CKM_CAST_CBC0x00000302UL: | |||
342 | case CKM_CAST_MAC0x00000303UL: | |||
343 | case CKM_CAST_MAC_GENERAL0x00000304UL: | |||
344 | case CKM_CAST_CBC_PAD0x00000305UL: | |||
345 | case CKM_CAST_KEY_GEN0x00000300UL: | |||
346 | case CKM_PBE_MD5_CAST_CBC0x000003A2UL: | |||
347 | return CKK_CAST0x00000016UL; | |||
348 | case CKM_CAST3_ECB0x00000311UL: | |||
349 | case CKM_CAST3_CBC0x00000312UL: | |||
350 | case CKM_CAST3_MAC0x00000313UL: | |||
351 | case CKM_CAST3_MAC_GENERAL0x00000314UL: | |||
352 | case CKM_CAST3_CBC_PAD0x00000315UL: | |||
353 | case CKM_CAST3_KEY_GEN0x00000310UL: | |||
354 | case CKM_PBE_MD5_CAST3_CBC0x000003A3UL: | |||
355 | return CKK_CAST30x00000017UL; | |||
356 | case CKM_CAST5_ECB0x00000321UL: | |||
357 | case CKM_CAST5_CBC0x00000322UL: | |||
358 | case CKM_CAST5_MAC0x00000323UL: | |||
359 | case CKM_CAST5_MAC_GENERAL0x00000324UL: | |||
360 | case CKM_CAST5_CBC_PAD0x00000325UL: | |||
361 | case CKM_CAST5_KEY_GEN0x00000320UL: | |||
362 | case CKM_PBE_MD5_CAST5_CBC0x000003A4UL: | |||
363 | return CKK_CAST50x00000018UL; | |||
364 | case CKM_RSA_PKCS0x00000001UL: | |||
365 | case CKM_RSA_97960x00000002UL: | |||
366 | case CKM_RSA_X_5090x00000003UL: | |||
367 | case CKM_MD2_RSA_PKCS0x00000004UL: | |||
368 | case CKM_MD5_RSA_PKCS0x00000005UL: | |||
369 | case CKM_SHA1_RSA_PKCS0x00000006UL: | |||
370 | case CKM_SHA224_RSA_PKCS0x00000046UL: | |||
371 | case CKM_SHA256_RSA_PKCS0x00000040UL: | |||
372 | case CKM_SHA384_RSA_PKCS0x00000041UL: | |||
373 | case CKM_SHA512_RSA_PKCS0x00000042UL: | |||
374 | case CKM_KEY_WRAP_SET_OAEP0x00000401UL: | |||
375 | case CKM_RSA_PKCS_KEY_PAIR_GEN0x00000000UL: | |||
376 | case CKM_RSA_X9_31_KEY_PAIR_GEN0x0000000AUL: | |||
377 | return CKK_RSA0x00000000UL; | |||
378 | case CKM_DSA0x00000011UL: | |||
379 | case CKM_DSA_SHA10x00000012UL: | |||
380 | case CKM_DSA_KEY_PAIR_GEN0x00000010UL: | |||
381 | return CKK_DSA0x00000001UL; | |||
382 | case CKM_DH_PKCS_DERIVE0x00000021UL: | |||
383 | case CKM_DH_PKCS_KEY_PAIR_GEN0x00000020UL: | |||
384 | return CKK_DH0x00000002UL; | |||
385 | case CKM_KEA_KEY_DERIVE0x00001011UL: | |||
386 | case CKM_KEA_KEY_PAIR_GEN0x00001010UL: | |||
387 | return CKK_KEA0x00000005UL; | |||
388 | case CKM_ECDSA0x00001041UL: | |||
389 | case CKM_ECDSA_SHA10x00001042UL: | |||
390 | case CKM_EC_KEY_PAIR_GEN0x00001040UL: /* aka CKM_ECDSA_KEY_PAIR_GEN */ | |||
391 | case CKM_ECDH1_DERIVE0x00001050UL: | |||
392 | return CKK_EC0x00000003UL; /* CKK_ECDSA is deprecated */ | |||
393 | case CKM_EC_EDWARDS_KEY_PAIR_GEN0x00001055UL: | |||
394 | case CKM_EDDSA0x00001057UL: | |||
395 | return CKK_EC_EDWARDS0x00000040UL; | |||
396 | case CKM_HKDF_KEY_GEN0x0000402cUL: | |||
397 | case CKM_HKDF_DERIVE0x0000402aUL: | |||
398 | case CKM_HKDF_DATA0x0000402bUL: | |||
399 | return CKK_HKDF0x00000042UL; | |||
400 | case CKM_SSL3_PRE_MASTER_KEY_GEN0x00000370UL: | |||
401 | case CKM_GENERIC_SECRET_KEY_GEN0x00000350UL: | |||
402 | case CKM_SSL3_MASTER_KEY_DERIVE0x00000371UL: | |||
403 | case CKM_SSL3_MASTER_KEY_DERIVE_DH0x00000373UL: | |||
404 | case CKM_SSL3_KEY_AND_MAC_DERIVE0x00000372UL: | |||
405 | case CKM_SSL3_SHA1_MAC0x00000381UL: | |||
406 | case CKM_SSL3_MD5_MAC0x00000380UL: | |||
407 | case CKM_TLS_MASTER_KEY_DERIVE0x00000375UL: | |||
408 | case CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256((0x80000000UL | 0x4E534350) + 22): | |||
409 | case CKM_TLS_MASTER_KEY_DERIVE_DH0x00000377UL: | |||
410 | case CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256((0x80000000UL | 0x4E534350) + 24): | |||
411 | case CKM_TLS_KEY_AND_MAC_DERIVE0x00000376UL: | |||
412 | case CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256((0x80000000UL | 0x4E534350) + 23): | |||
413 | case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE((0x80000000UL | 0x4E534350) + 25): | |||
414 | case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH((0x80000000UL | 0x4E534350) + 26): | |||
415 | case CKM_SHA_1_HMAC0x00000221UL: | |||
416 | case CKM_SHA_1_HMAC_GENERAL0x00000222UL: | |||
417 | case CKM_SHA224_HMAC0x00000256UL: | |||
418 | case CKM_SHA224_HMAC_GENERAL0x00000257UL: | |||
419 | case CKM_SHA256_HMAC0x00000251UL: | |||
420 | case CKM_SHA256_HMAC_GENERAL0x00000252UL: | |||
421 | case CKM_SHA384_HMAC0x00000261UL: | |||
422 | case CKM_SHA384_HMAC_GENERAL0x00000262UL: | |||
423 | case CKM_SHA512_HMAC0x00000271UL: | |||
424 | case CKM_SHA512_HMAC_GENERAL0x00000272UL: | |||
425 | case CKM_MD2_HMAC0x00000201UL: | |||
426 | case CKM_MD2_HMAC_GENERAL0x00000202UL: | |||
427 | case CKM_MD5_HMAC0x00000211UL: | |||
428 | case CKM_MD5_HMAC_GENERAL0x00000212UL: | |||
429 | case CKM_TLS_PRF_GENERAL0x80000373UL: | |||
430 | case CKM_NSS_TLS_PRF_GENERAL_SHA256((0x80000000UL | 0x4E534350) + 21): | |||
431 | return CKK_GENERIC_SECRET0x00000010UL; | |||
432 | case CKM_NSS_KYBER_KEY_PAIR_GEN((0x80000000UL | 0x4E534350) + 45): | |||
433 | return CKK_NSS_KYBER((0x80000000UL | 0x4E534350) + 5); | |||
434 | default: | |||
435 | return pk11_lookup(type)->keyType; | |||
436 | } | |||
437 | } | |||
438 | ||||
439 | /* | |||
440 | * Get the Key Gen Mechanism needed for the given | |||
441 | * crypto mechanism | |||
442 | */ | |||
443 | CK_MECHANISM_TYPE | |||
444 | PK11_GetKeyGen(CK_MECHANISM_TYPE type) | |||
445 | { | |||
446 | return PK11_GetKeyGenWithSize(type, 0); | |||
447 | } | |||
448 | ||||
449 | CK_MECHANISM_TYPE | |||
450 | PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE type, int size) | |||
451 | { | |||
452 | switch (type) { | |||
453 | case CKM_SEED_ECB0x00000651UL: | |||
454 | case CKM_SEED_CBC0x00000652UL: | |||
455 | case CKM_SEED_MAC0x00000653UL: | |||
456 | case CKM_SEED_MAC_GENERAL0x00000654UL: | |||
457 | case CKM_SEED_CBC_PAD0x00000655UL: | |||
458 | case CKM_SEED_KEY_GEN0x00000650UL: | |||
459 | return CKM_SEED_KEY_GEN0x00000650UL; | |||
460 | case CKM_CAMELLIA_ECB0x00000551UL: | |||
461 | case CKM_CAMELLIA_CBC0x00000552UL: | |||
462 | case CKM_CAMELLIA_MAC0x00000553UL: | |||
463 | case CKM_CAMELLIA_MAC_GENERAL0x00000554UL: | |||
464 | case CKM_CAMELLIA_CBC_PAD0x00000555UL: | |||
465 | case CKM_CAMELLIA_KEY_GEN0x00000550UL: | |||
466 | return CKM_CAMELLIA_KEY_GEN0x00000550UL; | |||
467 | case CKM_NSS_CHACHA20_POLY1305((0x80000000UL | 0x4E534350) + 28): | |||
468 | case CKM_NSS_CHACHA20_CTR((0x80000000UL | 0x4E534350) + 33): | |||
469 | return CKM_NSS_CHACHA20_KEY_GEN((0x80000000UL | 0x4E534350) + 27); | |||
470 | case CKM_CHACHA20_POLY13050x00004021UL: | |||
471 | case CKM_CHACHA200x00001226UL: | |||
472 | return CKM_CHACHA20_KEY_GEN0x00001225UL; | |||
473 | case CKM_AES_ECB0x00001081UL: | |||
474 | case CKM_AES_CBC0x00001082UL: | |||
475 | case CKM_AES_CCM0x00001088UL: | |||
476 | case CKM_AES_CTR0x00001086UL: | |||
477 | case CKM_AES_CTS0x00001089UL: | |||
478 | case CKM_AES_GCM0x00001087UL: | |||
479 | case CKM_AES_MAC0x00001083UL: | |||
480 | case CKM_AES_MAC_GENERAL0x00001084UL: | |||
481 | case CKM_AES_CMAC0x0000108AUL: | |||
482 | case CKM_AES_CMAC_GENERAL0x0000108BUL: | |||
483 | case CKM_AES_CBC_PAD0x00001085UL: | |||
484 | case CKM_AES_KEY_GEN0x00001080UL: | |||
485 | return CKM_AES_KEY_GEN0x00001080UL; | |||
486 | case CKM_DES_ECB0x00000121UL: | |||
487 | case CKM_DES_CBC0x00000122UL: | |||
488 | case CKM_DES_MAC0x00000123UL: | |||
489 | case CKM_DES_MAC_GENERAL0x00000124UL: | |||
490 | case CKM_KEY_WRAP_LYNKS0x00000400UL: | |||
491 | case CKM_DES_CBC_PAD0x00000125UL: | |||
492 | case CKM_DES_KEY_GEN0x00000120UL: | |||
493 | return CKM_DES_KEY_GEN0x00000120UL; | |||
494 | case CKM_DES3_ECB0x00000132UL: | |||
495 | case CKM_DES3_CBC0x00000133UL: | |||
496 | case CKM_DES3_MAC0x00000134UL: | |||
497 | case CKM_DES3_MAC_GENERAL0x00000135UL: | |||
498 | case CKM_DES3_CBC_PAD0x00000136UL: | |||
499 | return (size == 16) ? CKM_DES2_KEY_GEN0x00000130UL : CKM_DES3_KEY_GEN0x00000131UL; | |||
500 | case CKM_DES3_KEY_GEN0x00000131UL: | |||
501 | return CKM_DES3_KEY_GEN0x00000131UL; | |||
502 | case CKM_DES2_KEY_GEN0x00000130UL: | |||
503 | return CKM_DES2_KEY_GEN0x00000130UL; | |||
504 | case CKM_CDMF_ECB0x00000141UL: | |||
505 | case CKM_CDMF_CBC0x00000142UL: | |||
506 | case CKM_CDMF_MAC0x00000143UL: | |||
507 | case CKM_CDMF_MAC_GENERAL0x00000144UL: | |||
508 | case CKM_CDMF_CBC_PAD0x00000145UL: | |||
509 | case CKM_CDMF_KEY_GEN0x00000140UL: | |||
510 | return CKM_CDMF_KEY_GEN0x00000140UL; | |||
511 | case CKM_RC2_ECB0x00000101UL: | |||
512 | case CKM_RC2_CBC0x00000102UL: | |||
513 | case CKM_RC2_MAC0x00000103UL: | |||
514 | case CKM_RC2_MAC_GENERAL0x00000104UL: | |||
515 | case CKM_RC2_CBC_PAD0x00000105UL: | |||
516 | case CKM_RC2_KEY_GEN0x00000100UL: | |||
517 | return CKM_RC2_KEY_GEN0x00000100UL; | |||
518 | case CKM_RC40x00000111UL: | |||
519 | case CKM_RC4_KEY_GEN0x00000110UL: | |||
520 | return CKM_RC4_KEY_GEN0x00000110UL; | |||
521 | case CKM_RC5_ECB0x00000331UL: | |||
522 | case CKM_RC5_CBC0x00000332UL: | |||
523 | case CKM_RC5_MAC0x00000333UL: | |||
524 | case CKM_RC5_MAC_GENERAL0x00000334UL: | |||
525 | case CKM_RC5_CBC_PAD0x00000335UL: | |||
526 | case CKM_RC5_KEY_GEN0x00000330UL: | |||
527 | return CKM_RC5_KEY_GEN0x00000330UL; | |||
528 | case CKM_SKIPJACK_CBC640x00001002UL: | |||
529 | case CKM_SKIPJACK_ECB640x00001001UL: | |||
530 | case CKM_SKIPJACK_OFB640x00001003UL: | |||
531 | case CKM_SKIPJACK_CFB640x00001004UL: | |||
532 | case CKM_SKIPJACK_CFB320x00001005UL: | |||
533 | case CKM_SKIPJACK_CFB160x00001006UL: | |||
534 | case CKM_SKIPJACK_CFB80x00001007UL: | |||
535 | case CKM_SKIPJACK_WRAP0x00001008UL: | |||
536 | case CKM_SKIPJACK_KEY_GEN0x00001000UL: | |||
537 | return CKM_SKIPJACK_KEY_GEN0x00001000UL; | |||
538 | case CKM_BATON_ECB1280x00001031UL: | |||
539 | case CKM_BATON_ECB960x00001032UL: | |||
540 | case CKM_BATON_CBC1280x00001033UL: | |||
541 | case CKM_BATON_COUNTER0x00001034UL: | |||
542 | case CKM_BATON_SHUFFLE0x00001035UL: | |||
543 | case CKM_BATON_WRAP0x00001036UL: | |||
544 | case CKM_BATON_KEY_GEN0x00001030UL: | |||
545 | return CKM_BATON_KEY_GEN0x00001030UL; | |||
546 | case CKM_JUNIPER_ECB1280x00001061UL: | |||
547 | case CKM_JUNIPER_CBC1280x00001062UL: | |||
548 | case CKM_JUNIPER_COUNTER0x00001063UL: | |||
549 | case CKM_JUNIPER_SHUFFLE0x00001064UL: | |||
550 | case CKM_JUNIPER_WRAP0x00001065UL: | |||
551 | case CKM_JUNIPER_KEY_GEN0x00001060UL: | |||
552 | return CKM_JUNIPER_KEY_GEN0x00001060UL; | |||
553 | case CKM_IDEA_CBC0x00000342UL: | |||
554 | case CKM_IDEA_ECB0x00000341UL: | |||
555 | case CKM_IDEA_MAC0x00000343UL: | |||
556 | case CKM_IDEA_MAC_GENERAL0x00000344UL: | |||
557 | case CKM_IDEA_CBC_PAD0x00000345UL: | |||
558 | case CKM_IDEA_KEY_GEN0x00000340UL: | |||
559 | return CKM_IDEA_KEY_GEN0x00000340UL; | |||
560 | case CKM_CAST_ECB0x00000301UL: | |||
561 | case CKM_CAST_CBC0x00000302UL: | |||
562 | case CKM_CAST_MAC0x00000303UL: | |||
563 | case CKM_CAST_MAC_GENERAL0x00000304UL: | |||
564 | case CKM_CAST_CBC_PAD0x00000305UL: | |||
565 | case CKM_CAST_KEY_GEN0x00000300UL: | |||
566 | return CKM_CAST_KEY_GEN0x00000300UL; | |||
567 | case CKM_CAST3_ECB0x00000311UL: | |||
568 | case CKM_CAST3_CBC0x00000312UL: | |||
569 | case CKM_CAST3_MAC0x00000313UL: | |||
570 | case CKM_CAST3_MAC_GENERAL0x00000314UL: | |||
571 | case CKM_CAST3_CBC_PAD0x00000315UL: | |||
572 | case CKM_CAST3_KEY_GEN0x00000310UL: | |||
573 | return CKM_CAST3_KEY_GEN0x00000310UL; | |||
574 | case CKM_CAST5_ECB0x00000321UL: | |||
575 | case CKM_CAST5_CBC0x00000322UL: | |||
576 | case CKM_CAST5_MAC0x00000323UL: | |||
577 | case CKM_CAST5_MAC_GENERAL0x00000324UL: | |||
578 | case CKM_CAST5_CBC_PAD0x00000325UL: | |||
579 | case CKM_CAST5_KEY_GEN0x00000320UL: | |||
580 | return CKM_CAST5_KEY_GEN0x00000320UL; | |||
581 | case CKM_RSA_PKCS0x00000001UL: | |||
582 | case CKM_RSA_97960x00000002UL: | |||
583 | case CKM_RSA_X_5090x00000003UL: | |||
584 | case CKM_MD2_RSA_PKCS0x00000004UL: | |||
585 | case CKM_MD5_RSA_PKCS0x00000005UL: | |||
586 | case CKM_SHA1_RSA_PKCS0x00000006UL: | |||
587 | case CKM_SHA224_RSA_PKCS0x00000046UL: | |||
588 | case CKM_SHA256_RSA_PKCS0x00000040UL: | |||
589 | case CKM_SHA384_RSA_PKCS0x00000041UL: | |||
590 | case CKM_SHA512_RSA_PKCS0x00000042UL: | |||
591 | case CKM_KEY_WRAP_SET_OAEP0x00000401UL: | |||
592 | case CKM_RSA_PKCS_KEY_PAIR_GEN0x00000000UL: | |||
593 | return CKM_RSA_PKCS_KEY_PAIR_GEN0x00000000UL; | |||
594 | case CKM_RSA_X9_31_KEY_PAIR_GEN0x0000000AUL: | |||
595 | return CKM_RSA_X9_31_KEY_PAIR_GEN0x0000000AUL; | |||
596 | case CKM_DSA0x00000011UL: | |||
597 | case CKM_DSA_SHA10x00000012UL: | |||
598 | case CKM_DSA_KEY_PAIR_GEN0x00000010UL: | |||
599 | return CKM_DSA_KEY_PAIR_GEN0x00000010UL; | |||
600 | case CKM_DH_PKCS_DERIVE0x00000021UL: | |||
601 | case CKM_DH_PKCS_KEY_PAIR_GEN0x00000020UL: | |||
602 | return CKM_DH_PKCS_KEY_PAIR_GEN0x00000020UL; | |||
603 | case CKM_KEA_KEY_DERIVE0x00001011UL: | |||
604 | case CKM_KEA_KEY_PAIR_GEN0x00001010UL: | |||
605 | return CKM_KEA_KEY_PAIR_GEN0x00001010UL; | |||
606 | case CKM_ECDSA0x00001041UL: | |||
607 | case CKM_ECDSA_SHA10x00001042UL: | |||
608 | case CKM_EC_KEY_PAIR_GEN0x00001040UL: /* aka CKM_ECDSA_KEY_PAIR_GEN */ | |||
609 | case CKM_ECDH1_DERIVE0x00001050UL: | |||
610 | return CKM_EC_KEY_PAIR_GEN0x00001040UL; | |||
611 | case CKM_EDDSA0x00001057UL: | |||
612 | return CKM_EC_EDWARDS_KEY_PAIR_GEN0x00001055UL; | |||
613 | case CKM_SSL3_PRE_MASTER_KEY_GEN0x00000370UL: | |||
614 | case CKM_SSL3_MASTER_KEY_DERIVE0x00000371UL: | |||
615 | case CKM_SSL3_KEY_AND_MAC_DERIVE0x00000372UL: | |||
616 | case CKM_SSL3_SHA1_MAC0x00000381UL: | |||
617 | case CKM_SSL3_MD5_MAC0x00000380UL: | |||
618 | case CKM_TLS_MASTER_KEY_DERIVE0x00000375UL: | |||
619 | case CKM_TLS_KEY_AND_MAC_DERIVE0x00000376UL: | |||
620 | case CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256((0x80000000UL | 0x4E534350) + 23): | |||
621 | case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE((0x80000000UL | 0x4E534350) + 25): | |||
622 | case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH((0x80000000UL | 0x4E534350) + 26): | |||
623 | return CKM_SSL3_PRE_MASTER_KEY_GEN0x00000370UL; | |||
624 | case CKM_SHA_1_HMAC0x00000221UL: | |||
625 | case CKM_SHA_1_HMAC_GENERAL0x00000222UL: | |||
626 | case CKM_SHA224_HMAC0x00000256UL: | |||
627 | case CKM_SHA224_HMAC_GENERAL0x00000257UL: | |||
628 | case CKM_SHA256_HMAC0x00000251UL: | |||
629 | case CKM_SHA256_HMAC_GENERAL0x00000252UL: | |||
630 | case CKM_SHA384_HMAC0x00000261UL: | |||
631 | case CKM_SHA384_HMAC_GENERAL0x00000262UL: | |||
632 | case CKM_SHA512_HMAC0x00000271UL: | |||
633 | case CKM_SHA512_HMAC_GENERAL0x00000272UL: | |||
634 | case CKM_MD2_HMAC0x00000201UL: | |||
635 | case CKM_MD2_HMAC_GENERAL0x00000202UL: | |||
636 | case CKM_MD5_HMAC0x00000211UL: | |||
637 | case CKM_MD5_HMAC_GENERAL0x00000212UL: | |||
638 | case CKM_TLS_PRF_GENERAL0x80000373UL: | |||
639 | case CKM_NSS_TLS_PRF_GENERAL_SHA256((0x80000000UL | 0x4E534350) + 21): | |||
640 | case CKM_GENERIC_SECRET_KEY_GEN0x00000350UL: | |||
641 | return CKM_GENERIC_SECRET_KEY_GEN0x00000350UL; | |||
642 | case CKM_PBE_MD2_DES_CBC0x000003A0UL: | |||
643 | case CKM_PBE_MD5_DES_CBC0x000003A1UL: | |||
644 | case CKM_PBA_SHA1_WITH_SHA1_HMAC0x000003C0UL: | |||
645 | case CKM_NSS_PBE_SHA1_HMAC_KEY_GEN0x80000009UL: | |||
646 | case CKM_NSS_PBE_MD5_HMAC_KEY_GEN0x8000000aUL: | |||
647 | case CKM_NSS_PBE_MD2_HMAC_KEY_GEN0x8000000bUL: | |||
648 | case CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN((0x80000000UL | 0x4E534350) + 29): | |||
649 | case CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN((0x80000000UL | 0x4E534350) + 30): | |||
650 | case CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN((0x80000000UL | 0x4E534350) + 31): | |||
651 | case CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN((0x80000000UL | 0x4E534350) + 32): | |||
652 | case CKM_NSS_PBE_SHA1_DES_CBC0x80000002UL: | |||
653 | case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC0x80000004UL: | |||
654 | case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC0x80000005UL: | |||
655 | case CKM_NSS_PBE_SHA1_40_BIT_RC40x80000006UL: | |||
656 | case CKM_NSS_PBE_SHA1_128_BIT_RC40x80000007UL: | |||
657 | case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC0x80000003UL: | |||
658 | case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC0x80000008UL: | |||
659 | case CKM_PBE_SHA1_RC2_40_CBC0x000003ABUL: | |||
660 | case CKM_PBE_SHA1_RC2_128_CBC0x000003AAUL: | |||
661 | case CKM_PBE_SHA1_RC4_400x000003A7UL: | |||
662 | case CKM_PBE_SHA1_RC4_1280x000003A6UL: | |||
663 | case CKM_PBE_SHA1_DES3_EDE_CBC0x000003A8UL: | |||
664 | case CKM_PBE_SHA1_DES2_EDE_CBC0x000003A9UL: | |||
665 | case CKM_PKCS5_PBKD20x000003B0UL: | |||
666 | return type; | |||
667 | default: | |||
668 | return pk11_lookup(type)->keyGen; | |||
669 | } | |||
670 | } | |||
671 | ||||
672 | /* | |||
673 | * get the mechanism block size | |||
674 | */ | |||
675 | int | |||
676 | PK11_GetBlockSize(CK_MECHANISM_TYPE type, SECItem *params) | |||
677 | { | |||
678 | CK_RC5_PARAMS *rc5_params; | |||
679 | CK_RC5_CBC_PARAMS *rc5_cbc_params; | |||
680 | switch (type) { | |||
681 | case CKM_RC5_ECB0x00000331UL: | |||
682 | if ((params) && (params->data)) { | |||
683 | rc5_params = (CK_RC5_PARAMS *)params->data; | |||
684 | return (rc5_params->ulWordsize) * 2; | |||
685 | } | |||
686 | return 8; | |||
687 | case CKM_RC5_CBC0x00000332UL: | |||
688 | case CKM_RC5_CBC_PAD0x00000335UL: | |||
689 | if ((params) && (params->data)) { | |||
690 | rc5_cbc_params = (CK_RC5_CBC_PARAMS *)params->data; | |||
691 | return (rc5_cbc_params->ulWordsize) * 2; | |||
692 | } | |||
693 | return 8; | |||
694 | case CKM_DES_ECB0x00000121UL: | |||
695 | case CKM_DES3_ECB0x00000132UL: | |||
696 | case CKM_RC2_ECB0x00000101UL: | |||
697 | case CKM_IDEA_ECB0x00000341UL: | |||
698 | case CKM_CAST_ECB0x00000301UL: | |||
699 | case CKM_CAST3_ECB0x00000311UL: | |||
700 | case CKM_CAST5_ECB0x00000321UL: | |||
701 | case CKM_RC2_CBC0x00000102UL: | |||
702 | case CKM_SKIPJACK_CBC640x00001002UL: | |||
703 | case CKM_SKIPJACK_ECB640x00001001UL: | |||
704 | case CKM_SKIPJACK_OFB640x00001003UL: | |||
705 | case CKM_SKIPJACK_CFB640x00001004UL: | |||
706 | case CKM_DES_CBC0x00000122UL: | |||
707 | case CKM_DES3_CBC0x00000133UL: | |||
708 | case CKM_IDEA_CBC0x00000342UL: | |||
709 | case CKM_CAST_CBC0x00000302UL: | |||
710 | case CKM_CAST3_CBC0x00000312UL: | |||
711 | case CKM_CAST5_CBC0x00000322UL: | |||
712 | case CKM_DES_CBC_PAD0x00000125UL: | |||
713 | case CKM_DES3_CBC_PAD0x00000136UL: | |||
714 | case CKM_RC2_CBC_PAD0x00000105UL: | |||
715 | case CKM_IDEA_CBC_PAD0x00000345UL: | |||
716 | case CKM_CAST_CBC_PAD0x00000305UL: | |||
717 | case CKM_CAST3_CBC_PAD0x00000315UL: | |||
718 | case CKM_CAST5_CBC_PAD0x00000325UL: | |||
719 | case CKM_PBE_MD2_DES_CBC0x000003A0UL: | |||
720 | case CKM_PBE_MD5_DES_CBC0x000003A1UL: | |||
721 | case CKM_NSS_PBE_SHA1_DES_CBC0x80000002UL: | |||
722 | case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC0x80000004UL: | |||
723 | case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC0x80000005UL: | |||
724 | case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC0x80000003UL: | |||
725 | case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC0x80000008UL: | |||
726 | case CKM_PBE_SHA1_RC2_40_CBC0x000003ABUL: | |||
727 | case CKM_PBE_SHA1_RC2_128_CBC0x000003AAUL: | |||
728 | case CKM_PBE_SHA1_DES3_EDE_CBC0x000003A8UL: | |||
729 | case CKM_PBE_SHA1_DES2_EDE_CBC0x000003A9UL: | |||
730 | return 8; | |||
731 | case CKM_SKIPJACK_CFB320x00001005UL: | |||
732 | case CKM_SKIPJACK_CFB160x00001006UL: | |||
733 | case CKM_SKIPJACK_CFB80x00001007UL: | |||
734 | return 4; | |||
735 | case CKM_SEED_ECB0x00000651UL: | |||
736 | case CKM_SEED_CBC0x00000652UL: | |||
737 | case CKM_SEED_CBC_PAD0x00000655UL: | |||
738 | case CKM_CAMELLIA_ECB0x00000551UL: | |||
739 | case CKM_CAMELLIA_CBC0x00000552UL: | |||
740 | case CKM_CAMELLIA_CBC_PAD0x00000555UL: | |||
741 | case CKM_AES_ECB0x00001081UL: | |||
742 | case CKM_AES_CBC0x00001082UL: | |||
743 | case CKM_AES_CBC_PAD0x00001085UL: | |||
744 | case CKM_BATON_ECB1280x00001031UL: | |||
745 | case CKM_BATON_CBC1280x00001033UL: | |||
746 | case CKM_BATON_COUNTER0x00001034UL: | |||
747 | case CKM_BATON_SHUFFLE0x00001035UL: | |||
748 | case CKM_JUNIPER_ECB1280x00001061UL: | |||
749 | case CKM_JUNIPER_CBC1280x00001062UL: | |||
750 | case CKM_JUNIPER_COUNTER0x00001063UL: | |||
751 | case CKM_JUNIPER_SHUFFLE0x00001064UL: | |||
752 | return 16; | |||
753 | case CKM_BATON_ECB960x00001032UL: | |||
754 | return 12; | |||
755 | case CKM_RC40x00000111UL: | |||
756 | case CKM_NSS_PBE_SHA1_40_BIT_RC40x80000006UL: | |||
757 | case CKM_NSS_PBE_SHA1_128_BIT_RC40x80000007UL: | |||
758 | case CKM_PBE_SHA1_RC4_400x000003A7UL: | |||
759 | case CKM_PBE_SHA1_RC4_1280x000003A6UL: | |||
760 | return 0; | |||
761 | case CKM_RSA_PKCS0x00000001UL: | |||
762 | case CKM_RSA_97960x00000002UL: | |||
763 | case CKM_RSA_X_5090x00000003UL: | |||
764 | /*actually it's the modulus length of the key!*/ | |||
765 | return -1; /* failure */ | |||
766 | case CKM_NSS_CHACHA20_POLY1305((0x80000000UL | 0x4E534350) + 28): | |||
767 | case CKM_NSS_CHACHA20_CTR((0x80000000UL | 0x4E534350) + 33): | |||
768 | case CKM_CHACHA20_POLY13050x00004021UL: | |||
769 | case CKM_CHACHA200x00001226UL: | |||
770 | return 64; | |||
771 | default: | |||
772 | return pk11_lookup(type)->blockSize; | |||
773 | } | |||
774 | } | |||
775 | ||||
776 | /* | |||
777 | * get the iv length | |||
778 | */ | |||
779 | int | |||
780 | PK11_GetIVLength(CK_MECHANISM_TYPE type) | |||
781 | { | |||
782 | switch (type) { | |||
783 | case CKM_SEED_ECB0x00000651UL: | |||
784 | case CKM_CAMELLIA_ECB0x00000551UL: | |||
785 | case CKM_AES_ECB0x00001081UL: | |||
786 | case CKM_DES_ECB0x00000121UL: | |||
787 | case CKM_DES3_ECB0x00000132UL: | |||
788 | case CKM_RC2_ECB0x00000101UL: | |||
789 | case CKM_IDEA_ECB0x00000341UL: | |||
790 | case CKM_SKIPJACK_WRAP0x00001008UL: | |||
791 | case CKM_BATON_WRAP0x00001036UL: | |||
792 | case CKM_RC5_ECB0x00000331UL: | |||
793 | case CKM_CAST_ECB0x00000301UL: | |||
794 | case CKM_CAST3_ECB0x00000311UL: | |||
795 | case CKM_CAST5_ECB0x00000321UL: | |||
796 | return 0; | |||
797 | case CKM_RC2_CBC0x00000102UL: | |||
798 | case CKM_DES_CBC0x00000122UL: | |||
799 | case CKM_DES3_CBC0x00000133UL: | |||
800 | case CKM_IDEA_CBC0x00000342UL: | |||
801 | case CKM_PBE_MD2_DES_CBC0x000003A0UL: | |||
802 | case CKM_PBE_MD5_DES_CBC0x000003A1UL: | |||
803 | case CKM_NSS_PBE_SHA1_DES_CBC0x80000002UL: | |||
804 | case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC0x80000004UL: | |||
805 | case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC0x80000005UL: | |||
806 | case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC0x80000003UL: | |||
807 | case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC0x80000008UL: | |||
808 | case CKM_PBE_SHA1_RC2_40_CBC0x000003ABUL: | |||
809 | case CKM_PBE_SHA1_RC2_128_CBC0x000003AAUL: | |||
810 | case CKM_PBE_SHA1_DES3_EDE_CBC0x000003A8UL: | |||
811 | case CKM_PBE_SHA1_DES2_EDE_CBC0x000003A9UL: | |||
812 | case CKM_RC5_CBC0x00000332UL: | |||
813 | case CKM_CAST_CBC0x00000302UL: | |||
814 | case CKM_CAST3_CBC0x00000312UL: | |||
815 | case CKM_CAST5_CBC0x00000322UL: | |||
816 | case CKM_RC2_CBC_PAD0x00000105UL: | |||
817 | case CKM_DES_CBC_PAD0x00000125UL: | |||
818 | case CKM_DES3_CBC_PAD0x00000136UL: | |||
819 | case CKM_IDEA_CBC_PAD0x00000345UL: | |||
820 | case CKM_RC5_CBC_PAD0x00000335UL: | |||
821 | case CKM_CAST_CBC_PAD0x00000305UL: | |||
822 | case CKM_CAST3_CBC_PAD0x00000315UL: | |||
823 | case CKM_CAST5_CBC_PAD0x00000325UL: | |||
824 | return 8; | |||
825 | case CKM_AES_GCM0x00001087UL: | |||
826 | case CKM_NSS_CHACHA20_POLY1305((0x80000000UL | 0x4E534350) + 28): | |||
827 | case CKM_CHACHA20_POLY13050x00004021UL: | |||
828 | return 12; | |||
829 | case CKM_SEED_CBC0x00000652UL: | |||
830 | case CKM_SEED_CBC_PAD0x00000655UL: | |||
831 | case CKM_CAMELLIA_CBC0x00000552UL: | |||
832 | case CKM_CAMELLIA_CBC_PAD0x00000555UL: | |||
833 | case CKM_AES_CBC0x00001082UL: | |||
834 | case CKM_AES_CBC_PAD0x00001085UL: | |||
835 | case CKM_NSS_CHACHA20_CTR((0x80000000UL | 0x4E534350) + 33): | |||
836 | case CKM_CHACHA200x00001226UL: | |||
837 | return 16; | |||
838 | case CKM_SKIPJACK_CBC640x00001002UL: | |||
839 | case CKM_SKIPJACK_ECB640x00001001UL: | |||
840 | case CKM_SKIPJACK_OFB640x00001003UL: | |||
841 | case CKM_SKIPJACK_CFB640x00001004UL: | |||
842 | case CKM_SKIPJACK_CFB320x00001005UL: | |||
843 | case CKM_SKIPJACK_CFB160x00001006UL: | |||
844 | case CKM_SKIPJACK_CFB80x00001007UL: | |||
845 | case CKM_BATON_ECB1280x00001031UL: | |||
846 | case CKM_BATON_ECB960x00001032UL: | |||
847 | case CKM_BATON_CBC1280x00001033UL: | |||
848 | case CKM_BATON_COUNTER0x00001034UL: | |||
849 | case CKM_BATON_SHUFFLE0x00001035UL: | |||
850 | case CKM_JUNIPER_ECB1280x00001061UL: | |||
851 | case CKM_JUNIPER_CBC1280x00001062UL: | |||
852 | case CKM_JUNIPER_COUNTER0x00001063UL: | |||
853 | case CKM_JUNIPER_SHUFFLE0x00001064UL: | |||
854 | return 24; | |||
855 | case CKM_RC40x00000111UL: | |||
856 | case CKM_RSA_PKCS0x00000001UL: | |||
857 | case CKM_RSA_97960x00000002UL: | |||
858 | case CKM_RSA_X_5090x00000003UL: | |||
859 | case CKM_NSS_PBE_SHA1_40_BIT_RC40x80000006UL: | |||
860 | case CKM_NSS_PBE_SHA1_128_BIT_RC40x80000007UL: | |||
861 | case CKM_PBE_SHA1_RC4_400x000003A7UL: | |||
862 | case CKM_PBE_SHA1_RC4_1280x000003A6UL: | |||
863 | return 0; | |||
864 | default: | |||
865 | return pk11_lookup(type)->iv; | |||
866 | } | |||
867 | } | |||
868 | ||||
869 | /* These next two utilities are here to help facilitate future | |||
870 | * Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions | |||
871 | * like SSL and S-MIME to automatically add them. | |||
872 | */ | |||
873 | SECItem * | |||
874 | pk11_ParamFromIVWithLen(CK_MECHANISM_TYPE type, SECItem *iv, int keyLen) | |||
875 | { | |||
876 | CK_RC2_CBC_PARAMS *rc2_params = NULL((void*)0); | |||
877 | CK_RC2_PARAMS *rc2_ecb_params = NULL((void*)0); | |||
878 | CK_RC5_PARAMS *rc5_params = NULL((void*)0); | |||
879 | CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL((void*)0); | |||
880 | SECItem *param; | |||
881 | ||||
882 | param = (SECItem *)PORT_AllocPORT_Alloc_Util(sizeof(SECItem)); | |||
883 | if (param == NULL((void*)0)) | |||
884 | return NULL((void*)0); | |||
885 | param->data = NULL((void*)0); | |||
886 | param->len = 0; | |||
887 | param->type = 0; | |||
888 | switch (type) { | |||
889 | case CKM_SEED_ECB0x00000651UL: | |||
890 | case CKM_CAMELLIA_ECB0x00000551UL: | |||
891 | case CKM_AES_ECB0x00001081UL: | |||
892 | case CKM_DES_ECB0x00000121UL: | |||
893 | case CKM_DES3_ECB0x00000132UL: | |||
894 | case CKM_RSA_PKCS0x00000001UL: | |||
895 | case CKM_RSA_X_5090x00000003UL: | |||
896 | case CKM_RSA_97960x00000002UL: | |||
897 | case CKM_IDEA_ECB0x00000341UL: | |||
898 | case CKM_CDMF_ECB0x00000141UL: | |||
899 | case CKM_CAST_ECB0x00000301UL: | |||
900 | case CKM_CAST3_ECB0x00000311UL: | |||
901 | case CKM_CAST5_ECB0x00000321UL: | |||
902 | case CKM_RC40x00000111UL: | |||
903 | break; | |||
904 | case CKM_RC2_ECB0x00000101UL: | |||
905 | rc2_ecb_params = (CK_RC2_PARAMS *)PORT_AllocPORT_Alloc_Util(sizeof(CK_RC2_PARAMS)); | |||
906 | if (rc2_ecb_params == NULL((void*)0)) | |||
907 | break; | |||
908 | /* Maybe we should pass the key size in too to get this value? */ | |||
909 | *rc2_ecb_params = keyLen ? keyLen * 8 : 128; | |||
910 | param->data = (unsigned char *)rc2_ecb_params; | |||
911 | param->len = sizeof(CK_RC2_PARAMS); | |||
912 | break; | |||
913 | case CKM_RC2_CBC0x00000102UL: | |||
914 | case CKM_RC2_CBC_PAD0x00000105UL: | |||
915 | rc2_params = (CK_RC2_CBC_PARAMS *)PORT_AllocPORT_Alloc_Util(sizeof(CK_RC2_CBC_PARAMS)); | |||
916 | if (rc2_params == NULL((void*)0)) | |||
917 | break; | |||
918 | /* Maybe we should pass the key size in too to get this value? */ | |||
919 | rc2_params->ulEffectiveBits = keyLen ? keyLen * 8 : 128; | |||
920 | if (iv && iv->data) | |||
921 | PORT_Memcpymemcpy(rc2_params->iv, iv->data, sizeof(rc2_params->iv)); | |||
922 | param->data = (unsigned char *)rc2_params; | |||
923 | param->len = sizeof(CK_RC2_CBC_PARAMS); | |||
924 | break; | |||
925 | case CKM_RC5_CBC0x00000332UL: | |||
926 | case CKM_RC5_CBC_PAD0x00000335UL: | |||
927 | rc5_cbc_params = (CK_RC5_CBC_PARAMS *) | |||
928 | PORT_AllocPORT_Alloc_Util(sizeof(CK_RC5_CBC_PARAMS) + ((iv) ? iv->len : 0)); | |||
929 | if (rc5_cbc_params == NULL((void*)0)) | |||
930 | break; | |||
931 | if (iv && iv->data && iv->len) { | |||
932 | rc5_cbc_params->pIv = ((CK_BYTE_PTR)rc5_cbc_params) + sizeof(CK_RC5_CBC_PARAMS); | |||
933 | PORT_Memcpymemcpy(rc5_cbc_params->pIv, iv->data, iv->len); | |||
934 | rc5_cbc_params->ulIvLen = iv->len; | |||
935 | rc5_cbc_params->ulWordsize = iv->len / 2; | |||
936 | } else { | |||
937 | rc5_cbc_params->ulWordsize = 4; | |||
938 | rc5_cbc_params->pIv = NULL((void*)0); | |||
939 | rc5_cbc_params->ulIvLen = 0; | |||
940 | } | |||
941 | rc5_cbc_params->ulRounds = 16; | |||
942 | param->data = (unsigned char *)rc5_cbc_params; | |||
943 | param->len = sizeof(CK_RC5_CBC_PARAMS); | |||
944 | break; | |||
945 | case CKM_RC5_ECB0x00000331UL: | |||
946 | rc5_params = (CK_RC5_PARAMS *)PORT_AllocPORT_Alloc_Util(sizeof(CK_RC5_PARAMS)); | |||
947 | if (rc5_params == NULL((void*)0)) | |||
948 | break; | |||
949 | if (iv && iv->data && iv->len) { | |||
950 | rc5_params->ulWordsize = iv->len / 2; | |||
951 | } else { | |||
952 | rc5_params->ulWordsize = 4; | |||
953 | } | |||
954 | rc5_params->ulRounds = 16; | |||
955 | param->data = (unsigned char *)rc5_params; | |||
956 | param->len = sizeof(CK_RC5_PARAMS); | |||
957 | break; | |||
958 | ||||
959 | case CKM_SEED_CBC0x00000652UL: | |||
960 | case CKM_CAMELLIA_CBC0x00000552UL: | |||
961 | case CKM_AES_CBC0x00001082UL: | |||
962 | case CKM_DES_CBC0x00000122UL: | |||
963 | case CKM_DES3_CBC0x00000133UL: | |||
964 | case CKM_IDEA_CBC0x00000342UL: | |||
965 | case CKM_CDMF_CBC0x00000142UL: | |||
966 | case CKM_CAST_CBC0x00000302UL: | |||
967 | case CKM_CAST3_CBC0x00000312UL: | |||
968 | case CKM_CAST5_CBC0x00000322UL: | |||
969 | case CKM_CAMELLIA_CBC_PAD0x00000555UL: | |||
970 | case CKM_AES_CBC_PAD0x00001085UL: | |||
971 | case CKM_DES_CBC_PAD0x00000125UL: | |||
972 | case CKM_DES3_CBC_PAD0x00000136UL: | |||
973 | case CKM_IDEA_CBC_PAD0x00000345UL: | |||
974 | case CKM_CDMF_CBC_PAD0x00000145UL: | |||
975 | case CKM_CAST_CBC_PAD0x00000305UL: | |||
976 | case CKM_CAST3_CBC_PAD0x00000315UL: | |||
977 | case CKM_CAST5_CBC_PAD0x00000325UL: | |||
978 | case CKM_SKIPJACK_CBC640x00001002UL: | |||
979 | case CKM_SKIPJACK_ECB640x00001001UL: | |||
980 | case CKM_SKIPJACK_OFB640x00001003UL: | |||
981 | case CKM_SKIPJACK_CFB640x00001004UL: | |||
982 | case CKM_SKIPJACK_CFB320x00001005UL: | |||
983 | case CKM_SKIPJACK_CFB160x00001006UL: | |||
984 | case CKM_SKIPJACK_CFB80x00001007UL: | |||
985 | case CKM_BATON_ECB1280x00001031UL: | |||
986 | case CKM_BATON_ECB960x00001032UL: | |||
987 | case CKM_BATON_CBC1280x00001033UL: | |||
988 | case CKM_BATON_COUNTER0x00001034UL: | |||
989 | case CKM_BATON_SHUFFLE0x00001035UL: | |||
990 | case CKM_JUNIPER_ECB1280x00001061UL: | |||
991 | case CKM_JUNIPER_CBC1280x00001062UL: | |||
992 | case CKM_JUNIPER_COUNTER0x00001063UL: | |||
993 | case CKM_JUNIPER_SHUFFLE0x00001064UL: | |||
994 | if ((iv == NULL((void*)0)) || (iv->data == NULL((void*)0))) | |||
995 | break; | |||
996 | param->data = (unsigned char *)PORT_AllocPORT_Alloc_Util(iv->len); | |||
997 | if (param->data != NULL((void*)0)) { | |||
998 | PORT_Memcpymemcpy(param->data, iv->data, iv->len); | |||
999 | param->len = iv->len; | |||
1000 | } | |||
1001 | break; | |||
1002 | /* unknown mechanism, pass IV in if it's there */ | |||
1003 | default: | |||
1004 | if (pk11_lookup(type)->iv == 0) { | |||
1005 | break; | |||
1006 | } | |||
1007 | if ((iv == NULL((void*)0)) || (iv->data == NULL((void*)0))) { | |||
1008 | break; | |||
1009 | } | |||
1010 | param->data = (unsigned char *)PORT_AllocPORT_Alloc_Util(iv->len); | |||
1011 | if (param->data != NULL((void*)0)) { | |||
1012 | PORT_Memcpymemcpy(param->data, iv->data, iv->len); | |||
1013 | param->len = iv->len; | |||
1014 | } | |||
1015 | break; | |||
1016 | } | |||
1017 | return param; | |||
1018 | } | |||
1019 | ||||
1020 | /* These next two utilities are here to help facilitate future | |||
1021 | * Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions | |||
1022 | * like SSL and S-MIME to automatically add them. | |||
1023 | */ | |||
1024 | SECItem * | |||
1025 | PK11_ParamFromIV(CK_MECHANISM_TYPE type, SECItem *iv) | |||
1026 | { | |||
1027 | return pk11_ParamFromIVWithLen(type, iv, 0); | |||
1028 | } | |||
1029 | ||||
1030 | unsigned char * | |||
1031 | PK11_IVFromParam(CK_MECHANISM_TYPE type, SECItem *param, int *len) | |||
1032 | { | |||
1033 | CK_RC2_CBC_PARAMS *rc2_params; | |||
1034 | CK_RC5_CBC_PARAMS *rc5_cbc_params; | |||
1035 | ||||
1036 | *len = 0; | |||
1037 | switch (type) { | |||
1038 | case CKM_SEED_ECB0x00000651UL: | |||
1039 | case CKM_CAMELLIA_ECB0x00000551UL: | |||
1040 | case CKM_AES_ECB0x00001081UL: | |||
1041 | case CKM_DES_ECB0x00000121UL: | |||
1042 | case CKM_DES3_ECB0x00000132UL: | |||
1043 | case CKM_RSA_PKCS0x00000001UL: | |||
1044 | case CKM_RSA_X_5090x00000003UL: | |||
1045 | case CKM_RSA_97960x00000002UL: | |||
1046 | case CKM_IDEA_ECB0x00000341UL: | |||
1047 | case CKM_CDMF_ECB0x00000141UL: | |||
1048 | case CKM_CAST_ECB0x00000301UL: | |||
1049 | case CKM_CAST3_ECB0x00000311UL: | |||
1050 | case CKM_CAST5_ECB0x00000321UL: | |||
1051 | case CKM_RC40x00000111UL: | |||
1052 | return NULL((void*)0); | |||
1053 | case CKM_RC2_ECB0x00000101UL: | |||
1054 | return NULL((void*)0); | |||
1055 | case CKM_RC2_CBC0x00000102UL: | |||
1056 | case CKM_RC2_CBC_PAD0x00000105UL: | |||
1057 | rc2_params = (CK_RC2_CBC_PARAMS *)param->data; | |||
1058 | *len = sizeof(rc2_params->iv); | |||
1059 | return &rc2_params->iv[0]; | |||
1060 | case CKM_RC5_CBC0x00000332UL: | |||
1061 | case CKM_RC5_CBC_PAD0x00000335UL: | |||
1062 | rc5_cbc_params = (CK_RC5_CBC_PARAMS *)param->data; | |||
1063 | *len = rc5_cbc_params->ulIvLen; | |||
1064 | return rc5_cbc_params->pIv; | |||
1065 | case CKM_SEED_CBC0x00000652UL: | |||
1066 | case CKM_CAMELLIA_CBC0x00000552UL: | |||
1067 | case CKM_AES_CBC0x00001082UL: | |||
1068 | case CKM_DES_CBC0x00000122UL: | |||
1069 | case CKM_DES3_CBC0x00000133UL: | |||
1070 | case CKM_IDEA_CBC0x00000342UL: | |||
1071 | case CKM_CDMF_CBC0x00000142UL: | |||
1072 | case CKM_CAST_CBC0x00000302UL: | |||
1073 | case CKM_CAST3_CBC0x00000312UL: | |||
1074 | case CKM_CAST5_CBC0x00000322UL: | |||
1075 | case CKM_CAMELLIA_CBC_PAD0x00000555UL: | |||
1076 | case CKM_AES_CBC_PAD0x00001085UL: | |||
1077 | case CKM_DES_CBC_PAD0x00000125UL: | |||
1078 | case CKM_DES3_CBC_PAD0x00000136UL: | |||
1079 | case CKM_IDEA_CBC_PAD0x00000345UL: | |||
1080 | case CKM_CDMF_CBC_PAD0x00000145UL: | |||
1081 | case CKM_CAST_CBC_PAD0x00000305UL: | |||
1082 | case CKM_CAST3_CBC_PAD0x00000315UL: | |||
1083 | case CKM_CAST5_CBC_PAD0x00000325UL: | |||
1084 | case CKM_SKIPJACK_CBC640x00001002UL: | |||
1085 | case CKM_SKIPJACK_ECB640x00001001UL: | |||
1086 | case CKM_SKIPJACK_OFB640x00001003UL: | |||
1087 | case CKM_SKIPJACK_CFB640x00001004UL: | |||
1088 | case CKM_SKIPJACK_CFB320x00001005UL: | |||
1089 | case CKM_SKIPJACK_CFB160x00001006UL: | |||
1090 | case CKM_SKIPJACK_CFB80x00001007UL: | |||
1091 | case CKM_BATON_ECB1280x00001031UL: | |||
1092 | case CKM_BATON_ECB960x00001032UL: | |||
1093 | case CKM_BATON_CBC1280x00001033UL: | |||
1094 | case CKM_BATON_COUNTER0x00001034UL: | |||
1095 | case CKM_BATON_SHUFFLE0x00001035UL: | |||
1096 | case CKM_JUNIPER_ECB1280x00001061UL: | |||
1097 | case CKM_JUNIPER_CBC1280x00001062UL: | |||
1098 | case CKM_JUNIPER_COUNTER0x00001063UL: | |||
1099 | case CKM_JUNIPER_SHUFFLE0x00001064UL: | |||
1100 | break; | |||
1101 | /* unknown mechanism, pass IV in if it's there */ | |||
1102 | default: | |||
1103 | break; | |||
1104 | } | |||
1105 | if (param->data) { | |||
1106 | *len = param->len; | |||
1107 | } | |||
1108 | return param->data; | |||
1109 | } | |||
1110 | ||||
1111 | typedef struct sec_rc5cbcParameterStr { | |||
1112 | SECItem version; | |||
1113 | SECItem rounds; | |||
1114 | SECItem blockSizeInBits; | |||
1115 | SECItem iv; | |||
1116 | } sec_rc5cbcParameter; | |||
1117 | ||||
1118 | static const SEC_ASN1Template sec_rc5ecb_parameter_template[] = { | |||
1119 | { SEC_ASN1_SEQUENCE0x10, | |||
1120 | 0, NULL((void*)0), sizeof(sec_rc5cbcParameter) }, | |||
1121 | { SEC_ASN1_INTEGER0x02, | |||
1122 | offsetof(sec_rc5cbcParameter, version)__builtin_offsetof(sec_rc5cbcParameter, version) }, | |||
1123 | { SEC_ASN1_INTEGER0x02, | |||
1124 | offsetof(sec_rc5cbcParameter, rounds)__builtin_offsetof(sec_rc5cbcParameter, rounds) }, | |||
1125 | { SEC_ASN1_INTEGER0x02, | |||
1126 | offsetof(sec_rc5cbcParameter, blockSizeInBits)__builtin_offsetof(sec_rc5cbcParameter, blockSizeInBits) }, | |||
1127 | { 0 } | |||
1128 | }; | |||
1129 | ||||
1130 | static const SEC_ASN1Template sec_rc5cbc_parameter_template[] = { | |||
1131 | { SEC_ASN1_SEQUENCE0x10, | |||
1132 | 0, NULL((void*)0), sizeof(sec_rc5cbcParameter) }, | |||
1133 | { SEC_ASN1_INTEGER0x02, | |||
1134 | offsetof(sec_rc5cbcParameter, version)__builtin_offsetof(sec_rc5cbcParameter, version) }, | |||
1135 | { SEC_ASN1_INTEGER0x02, | |||
1136 | offsetof(sec_rc5cbcParameter, rounds)__builtin_offsetof(sec_rc5cbcParameter, rounds) }, | |||
1137 | { SEC_ASN1_INTEGER0x02, | |||
1138 | offsetof(sec_rc5cbcParameter, blockSizeInBits)__builtin_offsetof(sec_rc5cbcParameter, blockSizeInBits) }, | |||
1139 | { SEC_ASN1_OCTET_STRING0x04, | |||
1140 | offsetof(sec_rc5cbcParameter, iv)__builtin_offsetof(sec_rc5cbcParameter, iv) }, | |||
1141 | { 0 } | |||
1142 | }; | |||
1143 | ||||
1144 | typedef struct sec_rc2cbcParameterStr { | |||
1145 | SECItem rc2ParameterVersion; | |||
1146 | SECItem iv; | |||
1147 | } sec_rc2cbcParameter; | |||
1148 | ||||
1149 | static const SEC_ASN1Template sec_rc2cbc_parameter_template[] = { | |||
1150 | { SEC_ASN1_SEQUENCE0x10, | |||
1151 | 0, NULL((void*)0), sizeof(sec_rc2cbcParameter) }, | |||
1152 | { SEC_ASN1_INTEGER0x02, | |||
1153 | offsetof(sec_rc2cbcParameter, rc2ParameterVersion)__builtin_offsetof(sec_rc2cbcParameter, rc2ParameterVersion) }, | |||
1154 | { SEC_ASN1_OCTET_STRING0x04, | |||
1155 | offsetof(sec_rc2cbcParameter, iv)__builtin_offsetof(sec_rc2cbcParameter, iv) }, | |||
1156 | { 0 } | |||
1157 | }; | |||
1158 | ||||
1159 | static const SEC_ASN1Template sec_rc2ecb_parameter_template[] = { | |||
1160 | { SEC_ASN1_SEQUENCE0x10, | |||
1161 | 0, NULL((void*)0), sizeof(sec_rc2cbcParameter) }, | |||
1162 | { SEC_ASN1_INTEGER0x02, | |||
1163 | offsetof(sec_rc2cbcParameter, rc2ParameterVersion)__builtin_offsetof(sec_rc2cbcParameter, rc2ParameterVersion) }, | |||
1164 | { 0 } | |||
1165 | }; | |||
1166 | ||||
1167 | /* S/MIME picked id values to represent differnt keysizes */ | |||
1168 | /* I do have a formula, but it ain't pretty, and it only works because you | |||
1169 | * can always match three points to a parabola:) */ | |||
1170 | static unsigned char | |||
1171 | rc2_map(SECItem *version) | |||
1172 | { | |||
1173 | long x; | |||
1174 | ||||
1175 | x = DER_GetIntegerDER_GetInteger_Util(version); | |||
1176 | ||||
1177 | switch (x) { | |||
1178 | case 58: | |||
1179 | return 128; | |||
1180 | case 120: | |||
1181 | return 64; | |||
1182 | case 160: | |||
1183 | return 40; | |||
1184 | } | |||
1185 | return 128; | |||
1186 | } | |||
1187 | ||||
1188 | static unsigned long | |||
1189 | rc2_unmap(unsigned long x) | |||
1190 | { | |||
1191 | switch (x) { | |||
1192 | case 128: | |||
1193 | return 58; | |||
1194 | case 64: | |||
1195 | return 120; | |||
1196 | case 40: | |||
1197 | return 160; | |||
1198 | } | |||
1199 | return 58; | |||
1200 | } | |||
1201 | ||||
1202 | /* Generate a mechaism param from a type, and iv. */ | |||
1203 | SECItem * | |||
1204 | PK11_ParamFromAlgid(SECAlgorithmID *algid) | |||
1205 | { | |||
1206 | CK_RC2_CBC_PARAMS *rc2_cbc_params = NULL((void*)0); | |||
1207 | CK_RC2_PARAMS *rc2_ecb_params = NULL((void*)0); | |||
1208 | CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL((void*)0); | |||
1209 | CK_RC5_PARAMS *rc5_ecb_params = NULL((void*)0); | |||
1210 | PLArenaPool *arena = NULL((void*)0); | |||
1211 | SECItem *mech = NULL((void*)0); | |||
1212 | SECOidTag algtag; | |||
1213 | SECStatus rv; | |||
1214 | CK_MECHANISM_TYPE type; | |||
1215 | /* initialize these to prevent UMRs in the ASN1 decoder. */ | |||
1216 | SECItem iv = { siBuffer, NULL((void*)0), 0 }; | |||
1217 | sec_rc2cbcParameter rc2 = { { siBuffer, NULL((void*)0), 0 }, { siBuffer, NULL((void*)0), 0 } }; | |||
1218 | sec_rc5cbcParameter rc5 = { { siBuffer, NULL((void*)0), 0 }, { siBuffer, NULL((void*)0), 0 }, { siBuffer, NULL((void*)0), 0 }, { siBuffer, NULL((void*)0), 0 } }; | |||
1219 | ||||
1220 | algtag = SECOID_GetAlgorithmTagSECOID_GetAlgorithmTag_Util(algid); | |||
1221 | type = PK11_AlgtagToMechanism(algtag); | |||
1222 | ||||
1223 | mech = PORT_New(SECItem)(SECItem *)PORT_Alloc_Util(sizeof(SECItem)); | |||
1224 | if (mech == NULL((void*)0)) { | |||
1225 | return NULL((void*)0); | |||
1226 | } | |||
1227 | mech->type = siBuffer; | |||
1228 | mech->data = NULL((void*)0); | |||
1229 | mech->len = 0; | |||
1230 | ||||
1231 | arena = PORT_NewArenaPORT_NewArena_Util(1024); | |||
1232 | if (!arena) { | |||
1233 | goto loser; | |||
1234 | } | |||
1235 | ||||
1236 | /* handle the complicated cases */ | |||
1237 | switch (type) { | |||
1238 | case CKM_RC2_ECB0x00000101UL: | |||
1239 | rv = SEC_ASN1DecodeItemSEC_ASN1DecodeItem_Util(arena, &rc2, sec_rc2ecb_parameter_template, | |||
1240 | &(algid->parameters)); | |||
1241 | if (rv != SECSuccess) { | |||
1242 | goto loser; | |||
1243 | } | |||
1244 | rc2_ecb_params = PORT_New(CK_RC2_PARAMS)(CK_RC2_PARAMS *)PORT_Alloc_Util(sizeof(CK_RC2_PARAMS)); | |||
1245 | if (rc2_ecb_params == NULL((void*)0)) { | |||
1246 | goto loser; | |||
1247 | } | |||
1248 | *rc2_ecb_params = rc2_map(&rc2.rc2ParameterVersion); | |||
1249 | mech->data = (unsigned char *)rc2_ecb_params; | |||
1250 | mech->len = sizeof *rc2_ecb_params; | |||
1251 | break; | |||
1252 | case CKM_RC2_CBC0x00000102UL: | |||
1253 | case CKM_RC2_CBC_PAD0x00000105UL: | |||
1254 | rv = SEC_ASN1DecodeItemSEC_ASN1DecodeItem_Util(arena, &rc2, sec_rc2cbc_parameter_template, | |||
1255 | &(algid->parameters)); | |||
1256 | if (rv != SECSuccess) { | |||
1257 | goto loser; | |||
1258 | } | |||
1259 | rc2_cbc_params = PORT_New(CK_RC2_CBC_PARAMS)(CK_RC2_CBC_PARAMS *)PORT_Alloc_Util(sizeof(CK_RC2_CBC_PARAMS )); | |||
1260 | if (rc2_cbc_params == NULL((void*)0)) { | |||
1261 | goto loser; | |||
1262 | } | |||
1263 | mech->data = (unsigned char *)rc2_cbc_params; | |||
1264 | mech->len = sizeof *rc2_cbc_params; | |||
1265 | rc2_cbc_params->ulEffectiveBits = rc2_map(&rc2.rc2ParameterVersion); | |||
1266 | if (rc2.iv.len != sizeof rc2_cbc_params->iv) { | |||
1267 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INPUT_LEN); | |||
1268 | goto loser; | |||
1269 | } | |||
1270 | PORT_Memcpymemcpy(rc2_cbc_params->iv, rc2.iv.data, rc2.iv.len); | |||
1271 | break; | |||
1272 | case CKM_RC5_ECB0x00000331UL: | |||
1273 | rv = SEC_ASN1DecodeItemSEC_ASN1DecodeItem_Util(arena, &rc5, sec_rc5ecb_parameter_template, | |||
1274 | &(algid->parameters)); | |||
1275 | if (rv != SECSuccess) { | |||
1276 | goto loser; | |||
1277 | } | |||
1278 | rc5_ecb_params = PORT_New(CK_RC5_PARAMS)(CK_RC5_PARAMS *)PORT_Alloc_Util(sizeof(CK_RC5_PARAMS)); | |||
1279 | if (rc5_ecb_params == NULL((void*)0)) { | |||
1280 | goto loser; | |||
1281 | } | |||
1282 | rc5_ecb_params->ulRounds = DER_GetIntegerDER_GetInteger_Util(&rc5.rounds); | |||
1283 | rc5_ecb_params->ulWordsize = DER_GetIntegerDER_GetInteger_Util(&rc5.blockSizeInBits) / 8; | |||
1284 | mech->data = (unsigned char *)rc5_ecb_params; | |||
1285 | mech->len = sizeof *rc5_ecb_params; | |||
1286 | break; | |||
1287 | case CKM_RC5_CBC0x00000332UL: | |||
1288 | case CKM_RC5_CBC_PAD0x00000335UL: | |||
1289 | rv = SEC_ASN1DecodeItemSEC_ASN1DecodeItem_Util(arena, &rc5, sec_rc5cbc_parameter_template, | |||
1290 | &(algid->parameters)); | |||
1291 | if (rv != SECSuccess) { | |||
1292 | goto loser; | |||
1293 | } | |||
1294 | rc5_cbc_params = (CK_RC5_CBC_PARAMS *) | |||
1295 | PORT_AllocPORT_Alloc_Util(sizeof(CK_RC5_CBC_PARAMS) + rc5.iv.len); | |||
1296 | if (rc5_cbc_params == NULL((void*)0)) { | |||
1297 | goto loser; | |||
1298 | } | |||
1299 | mech->data = (unsigned char *)rc5_cbc_params; | |||
1300 | mech->len = sizeof *rc5_cbc_params; | |||
1301 | rc5_cbc_params->ulRounds = DER_GetIntegerDER_GetInteger_Util(&rc5.rounds); | |||
1302 | rc5_cbc_params->ulWordsize = DER_GetIntegerDER_GetInteger_Util(&rc5.blockSizeInBits) / 8; | |||
1303 | rc5_cbc_params->pIv = ((CK_BYTE_PTR)rc5_cbc_params) + sizeof(CK_RC5_CBC_PARAMS); | |||
1304 | rc5_cbc_params->ulIvLen = rc5.iv.len; | |||
1305 | PORT_Memcpymemcpy(rc5_cbc_params->pIv, rc5.iv.data, rc5.iv.len); | |||
1306 | break; | |||
1307 | case CKM_PBE_MD2_DES_CBC0x000003A0UL: | |||
1308 | case CKM_PBE_MD5_DES_CBC0x000003A1UL: | |||
1309 | case CKM_NSS_PBE_SHA1_DES_CBC0x80000002UL: | |||
1310 | case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC0x80000003UL: | |||
1311 | case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC0x80000008UL: | |||
1312 | case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC0x80000004UL: | |||
1313 | case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC0x80000005UL: | |||
1314 | case CKM_NSS_PBE_SHA1_40_BIT_RC40x80000006UL: | |||
1315 | case CKM_NSS_PBE_SHA1_128_BIT_RC40x80000007UL: | |||
1316 | case CKM_PBE_SHA1_DES2_EDE_CBC0x000003A9UL: | |||
1317 | case CKM_PBE_SHA1_DES3_EDE_CBC0x000003A8UL: | |||
1318 | case CKM_PBE_SHA1_RC2_40_CBC0x000003ABUL: | |||
1319 | case CKM_PBE_SHA1_RC2_128_CBC0x000003AAUL: | |||
1320 | case CKM_PBE_SHA1_RC4_400x000003A7UL: | |||
1321 | case CKM_PBE_SHA1_RC4_1280x000003A6UL: | |||
1322 | case CKM_PKCS5_PBKD20x000003B0UL: | |||
1323 | rv = pbe_PK11AlgidToParam(algid, mech); | |||
1324 | if (rv != SECSuccess) { | |||
1325 | goto loser; | |||
1326 | } | |||
1327 | break; | |||
1328 | case CKM_RC40x00000111UL: | |||
1329 | case CKM_SEED_ECB0x00000651UL: | |||
1330 | case CKM_CAMELLIA_ECB0x00000551UL: | |||
1331 | case CKM_AES_ECB0x00001081UL: | |||
1332 | case CKM_DES_ECB0x00000121UL: | |||
1333 | case CKM_DES3_ECB0x00000132UL: | |||
1334 | case CKM_IDEA_ECB0x00000341UL: | |||
1335 | case CKM_CDMF_ECB0x00000141UL: | |||
1336 | case CKM_CAST_ECB0x00000301UL: | |||
1337 | case CKM_CAST3_ECB0x00000311UL: | |||
1338 | case CKM_CAST5_ECB0x00000321UL: | |||
1339 | break; | |||
1340 | ||||
1341 | default: | |||
1342 | if (pk11_lookup(type)->iv == 0) { | |||
1343 | break; | |||
1344 | } | |||
1345 | /* FALL THROUGH */ | |||
1346 | case CKM_SEED_CBC0x00000652UL: | |||
1347 | case CKM_CAMELLIA_CBC0x00000552UL: | |||
1348 | case CKM_AES_CBC0x00001082UL: | |||
1349 | case CKM_DES_CBC0x00000122UL: | |||
1350 | case CKM_DES3_CBC0x00000133UL: | |||
1351 | case CKM_IDEA_CBC0x00000342UL: | |||
1352 | case CKM_CDMF_CBC0x00000142UL: | |||
1353 | case CKM_CAST_CBC0x00000302UL: | |||
1354 | case CKM_CAST3_CBC0x00000312UL: | |||
1355 | case CKM_CAST5_CBC0x00000322UL: | |||
1356 | case CKM_SEED_CBC_PAD0x00000655UL: | |||
1357 | case CKM_CAMELLIA_CBC_PAD0x00000555UL: | |||
1358 | case CKM_AES_CBC_PAD0x00001085UL: | |||
1359 | case CKM_DES_CBC_PAD0x00000125UL: | |||
1360 | case CKM_DES3_CBC_PAD0x00000136UL: | |||
1361 | case CKM_IDEA_CBC_PAD0x00000345UL: | |||
1362 | case CKM_CDMF_CBC_PAD0x00000145UL: | |||
1363 | case CKM_CAST_CBC_PAD0x00000305UL: | |||
1364 | case CKM_CAST3_CBC_PAD0x00000315UL: | |||
1365 | case CKM_CAST5_CBC_PAD0x00000325UL: | |||
1366 | case CKM_SKIPJACK_CBC640x00001002UL: | |||
1367 | case CKM_SKIPJACK_ECB640x00001001UL: | |||
1368 | case CKM_SKIPJACK_OFB640x00001003UL: | |||
1369 | case CKM_SKIPJACK_CFB640x00001004UL: | |||
1370 | case CKM_SKIPJACK_CFB320x00001005UL: | |||
1371 | case CKM_SKIPJACK_CFB160x00001006UL: | |||
1372 | case CKM_SKIPJACK_CFB80x00001007UL: | |||
1373 | case CKM_BATON_ECB1280x00001031UL: | |||
1374 | case CKM_BATON_ECB960x00001032UL: | |||
1375 | case CKM_BATON_CBC1280x00001033UL: | |||
1376 | case CKM_BATON_COUNTER0x00001034UL: | |||
1377 | case CKM_BATON_SHUFFLE0x00001035UL: | |||
1378 | case CKM_JUNIPER_ECB1280x00001061UL: | |||
1379 | case CKM_JUNIPER_CBC1280x00001062UL: | |||
1380 | case CKM_JUNIPER_COUNTER0x00001063UL: | |||
1381 | case CKM_JUNIPER_SHUFFLE0x00001064UL: | |||
1382 | /* simple cases are simply octet string encoded IVs */ | |||
1383 | rv = SEC_ASN1DecodeItemSEC_ASN1DecodeItem_Util(arena, &iv, | |||
1384 | SEC_ASN1_GET(SEC_OctetStringTemplate)SEC_OctetStringTemplate_Util, | |||
1385 | &(algid->parameters)); | |||
1386 | if (rv != SECSuccess || iv.data == NULL((void*)0)) { | |||
1387 | goto loser; | |||
1388 | } | |||
1389 | /* XXX Should be some IV length sanity check here. */ | |||
1390 | mech->data = (unsigned char *)PORT_AllocPORT_Alloc_Util(iv.len); | |||
1391 | if (mech->data == NULL((void*)0)) { | |||
1392 | goto loser; | |||
1393 | } | |||
1394 | PORT_Memcpymemcpy(mech->data, iv.data, iv.len); | |||
1395 | mech->len = iv.len; | |||
1396 | break; | |||
1397 | } | |||
1398 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); | |||
1399 | return mech; | |||
1400 | ||||
1401 | loser: | |||
1402 | if (arena) | |||
1403 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); | |||
1404 | SECITEM_FreeItemSECITEM_FreeItem_Util(mech, PR_TRUE1); | |||
1405 | return NULL((void*)0); | |||
1406 | } | |||
1407 | ||||
1408 | /* | |||
1409 | * Generate an IV for the given mechanism | |||
1410 | */ | |||
1411 | static SECStatus | |||
1412 | pk11_GenIV(CK_MECHANISM_TYPE type, SECItem *iv) | |||
1413 | { | |||
1414 | int iv_size = PK11_GetIVLength(type); | |||
1415 | SECStatus rv; | |||
1416 | ||||
1417 | iv->len = iv_size; | |||
1418 | if (iv_size == 0) { | |||
1419 | iv->data = NULL((void*)0); | |||
1420 | return SECSuccess; | |||
1421 | } | |||
1422 | ||||
1423 | iv->data = (unsigned char *)PORT_AllocPORT_Alloc_Util(iv_size); | |||
1424 | if (iv->data == NULL((void*)0)) { | |||
1425 | iv->len = 0; | |||
1426 | return SECFailure; | |||
1427 | } | |||
1428 | ||||
1429 | rv = PK11_GenerateRandom(iv->data, iv->len); | |||
1430 | if (rv != SECSuccess) { | |||
1431 | PORT_FreePORT_Free_Util(iv->data); | |||
1432 | iv->data = NULL((void*)0); | |||
1433 | iv->len = 0; | |||
1434 | return SECFailure; | |||
1435 | } | |||
1436 | return SECSuccess; | |||
1437 | } | |||
1438 | ||||
1439 | /* | |||
1440 | * create a new parameter block from the passed in MECHANISM and the | |||
1441 | * key. Use Netscape's S/MIME Rules for the New param block. | |||
1442 | */ | |||
1443 | SECItem * | |||
1444 | pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen) | |||
1445 | { | |||
1446 | CK_RC2_CBC_PARAMS *rc2_params; | |||
1447 | CK_RC2_PARAMS *rc2_ecb_params; | |||
1448 | SECItem *mech; | |||
1449 | SECItem iv; | |||
1450 | SECStatus rv; | |||
1451 | ||||
1452 | mech = (SECItem *)PORT_AllocPORT_Alloc_Util(sizeof(SECItem)); | |||
1453 | if (mech == NULL((void*)0)) | |||
1454 | return NULL((void*)0); | |||
1455 | ||||
1456 | rv = SECSuccess; | |||
1457 | mech->type = siBuffer; | |||
1458 | mech->data = NULL((void*)0); | |||
1459 | mech->len = 0; | |||
1460 | switch (type) { | |||
1461 | case CKM_RC40x00000111UL: | |||
1462 | case CKM_SEED_ECB0x00000651UL: | |||
1463 | case CKM_CAMELLIA_ECB0x00000551UL: | |||
1464 | case CKM_AES_ECB0x00001081UL: | |||
1465 | case CKM_DES_ECB0x00000121UL: | |||
1466 | case CKM_DES3_ECB0x00000132UL: | |||
1467 | case CKM_IDEA_ECB0x00000341UL: | |||
1468 | case CKM_CDMF_ECB0x00000141UL: | |||
1469 | case CKM_CAST_ECB0x00000301UL: | |||
1470 | case CKM_CAST3_ECB0x00000311UL: | |||
1471 | case CKM_CAST5_ECB0x00000321UL: | |||
1472 | break; | |||
1473 | case CKM_RC2_ECB0x00000101UL: | |||
1474 | rc2_ecb_params = (CK_RC2_PARAMS *)PORT_AllocPORT_Alloc_Util(sizeof(CK_RC2_PARAMS)); | |||
1475 | if (rc2_ecb_params == NULL((void*)0)) { | |||
1476 | rv = SECFailure; | |||
1477 | break; | |||
1478 | } | |||
1479 | /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5, | |||
1480 | * or RC4 key. Of course that wouldn't happen here doing RC2:).*/ | |||
1481 | *rc2_ecb_params = keyLen ? keyLen * 8 : 128; | |||
1482 | mech->data = (unsigned char *)rc2_ecb_params; | |||
1483 | mech->len = sizeof(CK_RC2_PARAMS); | |||
1484 | break; | |||
1485 | case CKM_RC2_CBC0x00000102UL: | |||
1486 | case CKM_RC2_CBC_PAD0x00000105UL: | |||
1487 | rv = pk11_GenIV(type, &iv); | |||
1488 | if (rv != SECSuccess) { | |||
1489 | break; | |||
1490 | } | |||
1491 | rc2_params = (CK_RC2_CBC_PARAMS *)PORT_AllocPORT_Alloc_Util(sizeof(CK_RC2_CBC_PARAMS)); | |||
1492 | if (rc2_params == NULL((void*)0)) { | |||
1493 | PORT_FreePORT_Free_Util(iv.data); | |||
1494 | rv = SECFailure; | |||
1495 | break; | |||
1496 | } | |||
1497 | /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5, | |||
1498 | * or RC4 key. Of course that wouldn't happen here doing RC2:).*/ | |||
1499 | rc2_params->ulEffectiveBits = keyLen ? keyLen * 8 : 128; | |||
1500 | if (iv.data) | |||
1501 | PORT_Memcpymemcpy(rc2_params->iv, iv.data, sizeof(rc2_params->iv)); | |||
1502 | mech->data = (unsigned char *)rc2_params; | |||
1503 | mech->len = sizeof(CK_RC2_CBC_PARAMS); | |||
1504 | PORT_FreePORT_Free_Util(iv.data); | |||
1505 | break; | |||
1506 | case CKM_RC5_ECB0x00000331UL: | |||
1507 | PORT_FreePORT_Free_Util(mech); | |||
1508 | return PK11_ParamFromIV(type, NULL((void*)0)); | |||
1509 | case CKM_RC5_CBC0x00000332UL: | |||
1510 | case CKM_RC5_CBC_PAD0x00000335UL: | |||
1511 | rv = pk11_GenIV(type, &iv); | |||
1512 | if (rv != SECSuccess) { | |||
1513 | break; | |||
1514 | } | |||
1515 | PORT_FreePORT_Free_Util(mech); | |||
1516 | return PK11_ParamFromIV(type, &iv); | |||
1517 | default: | |||
1518 | if (pk11_lookup(type)->iv == 0) { | |||
1519 | break; | |||
1520 | } | |||
1521 | case CKM_SEED_CBC0x00000652UL: | |||
1522 | case CKM_CAMELLIA_CBC0x00000552UL: | |||
1523 | case CKM_AES_CBC0x00001082UL: | |||
1524 | case CKM_DES_CBC0x00000122UL: | |||
1525 | case CKM_DES3_CBC0x00000133UL: | |||
1526 | case CKM_IDEA_CBC0x00000342UL: | |||
1527 | case CKM_CDMF_CBC0x00000142UL: | |||
1528 | case CKM_CAST_CBC0x00000302UL: | |||
1529 | case CKM_CAST3_CBC0x00000312UL: | |||
1530 | case CKM_CAST5_CBC0x00000322UL: | |||
1531 | case CKM_DES_CBC_PAD0x00000125UL: | |||
1532 | case CKM_DES3_CBC_PAD0x00000136UL: | |||
1533 | case CKM_IDEA_CBC_PAD0x00000345UL: | |||
1534 | case CKM_CDMF_CBC_PAD0x00000145UL: | |||
1535 | case CKM_CAST_CBC_PAD0x00000305UL: | |||
1536 | case CKM_CAST3_CBC_PAD0x00000315UL: | |||
1537 | case CKM_CAST5_CBC_PAD0x00000325UL: | |||
1538 | case CKM_SKIPJACK_CBC640x00001002UL: | |||
1539 | case CKM_SKIPJACK_ECB640x00001001UL: | |||
1540 | case CKM_SKIPJACK_OFB640x00001003UL: | |||
1541 | case CKM_SKIPJACK_CFB640x00001004UL: | |||
1542 | case CKM_SKIPJACK_CFB320x00001005UL: | |||
1543 | case CKM_SKIPJACK_CFB160x00001006UL: | |||
1544 | case CKM_SKIPJACK_CFB80x00001007UL: | |||
1545 | case CKM_BATON_ECB1280x00001031UL: | |||
1546 | case CKM_BATON_ECB960x00001032UL: | |||
1547 | case CKM_BATON_CBC1280x00001033UL: | |||
1548 | case CKM_BATON_COUNTER0x00001034UL: | |||
1549 | case CKM_BATON_SHUFFLE0x00001035UL: | |||
1550 | case CKM_JUNIPER_ECB1280x00001061UL: | |||
1551 | case CKM_JUNIPER_CBC1280x00001062UL: | |||
1552 | case CKM_JUNIPER_COUNTER0x00001063UL: | |||
1553 | case CKM_JUNIPER_SHUFFLE0x00001064UL: | |||
1554 | rv = pk11_GenIV(type, &iv); | |||
1555 | if (rv
| |||
1556 | break; | |||
1557 | } | |||
1558 | mech->data = (unsigned char *)PORT_AllocPORT_Alloc_Util(iv.len); | |||
1559 | if (mech->data == NULL((void*)0)) { | |||
1560 | PORT_FreePORT_Free_Util(iv.data); | |||
1561 | rv = SECFailure; | |||
1562 | break; | |||
1563 | } | |||
1564 | PORT_Memcpymemcpy(mech->data, iv.data, iv.len); | |||
| ||||
1565 | mech->len = iv.len; | |||
1566 | PORT_FreePORT_Free_Util(iv.data); | |||
1567 | break; | |||
1568 | } | |||
1569 | if (rv != SECSuccess) { | |||
1570 | SECITEM_FreeItemSECITEM_FreeItem_Util(mech, PR_TRUE1); | |||
1571 | return NULL((void*)0); | |||
1572 | } | |||
1573 | return mech; | |||
1574 | } | |||
1575 | ||||
1576 | SECItem * | |||
1577 | PK11_GenerateNewParam(CK_MECHANISM_TYPE type, PK11SymKey *key) | |||
1578 | { | |||
1579 | int keyLen = key ? PK11_GetKeyLength(key) : 0; | |||
| ||||
1580 | ||||
1581 | return pk11_GenerateNewParamWithKeyLen(type, keyLen); | |||
1582 | } | |||
1583 | ||||
1584 | #define RC5_V100x10 0x10 | |||
1585 | ||||
1586 | /* turn a PKCS #11 parameter into a DER Encoded Algorithm ID */ | |||
1587 | SECStatus | |||
1588 | PK11_ParamToAlgid(SECOidTag algTag, SECItem *param, | |||
1589 | PLArenaPool *arena, SECAlgorithmID *algid) | |||
1590 | { | |||
1591 | CK_RC2_CBC_PARAMS *rc2_params; | |||
1592 | sec_rc2cbcParameter rc2; | |||
1593 | CK_RC5_CBC_PARAMS *rc5_params; | |||
1594 | sec_rc5cbcParameter rc5; | |||
1595 | CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(algTag); | |||
1596 | SECItem *newParams = NULL((void*)0); | |||
1597 | SECStatus rv = SECFailure; | |||
1598 | unsigned long rc2version; | |||
1599 | ||||
1600 | switch (type) { | |||
1601 | case CKM_RC40x00000111UL: | |||
1602 | case CKM_SEED_ECB0x00000651UL: | |||
1603 | case CKM_CAMELLIA_ECB0x00000551UL: | |||
1604 | case CKM_AES_ECB0x00001081UL: | |||
1605 | case CKM_DES_ECB0x00000121UL: | |||
1606 | case CKM_DES3_ECB0x00000132UL: | |||
1607 | case CKM_IDEA_ECB0x00000341UL: | |||
1608 | case CKM_CDMF_ECB0x00000141UL: | |||
1609 | case CKM_CAST_ECB0x00000301UL: | |||
1610 | case CKM_CAST3_ECB0x00000311UL: | |||
1611 | case CKM_CAST5_ECB0x00000321UL: | |||
1612 | newParams = NULL((void*)0); | |||
1613 | rv = SECSuccess; | |||
1614 | break; | |||
1615 | case CKM_RC2_ECB0x00000101UL: | |||
1616 | break; | |||
1617 | case CKM_RC2_CBC0x00000102UL: | |||
1618 | case CKM_RC2_CBC_PAD0x00000105UL: | |||
1619 | rc2_params = (CK_RC2_CBC_PARAMS *)param->data; | |||
1620 | rc2version = rc2_unmap(rc2_params->ulEffectiveBits); | |||
1621 | if (SEC_ASN1EncodeUnsignedIntegerSEC_ASN1EncodeUnsignedInteger_Util(NULL((void*)0), &(rc2.rc2ParameterVersion), | |||
1622 | rc2version) == NULL((void*)0)) | |||
1623 | break; | |||
1624 | rc2.iv.data = rc2_params->iv; | |||
1625 | rc2.iv.len = sizeof(rc2_params->iv); | |||
1626 | newParams = SEC_ASN1EncodeItemSEC_ASN1EncodeItem_Util(NULL((void*)0), NULL((void*)0), &rc2, | |||
1627 | sec_rc2cbc_parameter_template); | |||
1628 | PORT_FreePORT_Free_Util(rc2.rc2ParameterVersion.data); | |||
1629 | if (newParams == NULL((void*)0)) | |||
1630 | break; | |||
1631 | rv = SECSuccess; | |||
1632 | break; | |||
1633 | ||||
1634 | case CKM_RC5_ECB0x00000331UL: /* well not really... */ | |||
1635 | break; | |||
1636 | case CKM_RC5_CBC0x00000332UL: | |||
1637 | case CKM_RC5_CBC_PAD0x00000335UL: | |||
1638 | rc5_params = (CK_RC5_CBC_PARAMS *)param->data; | |||
1639 | if (SEC_ASN1EncodeUnsignedIntegerSEC_ASN1EncodeUnsignedInteger_Util(NULL((void*)0), &rc5.version, RC5_V100x10) == NULL((void*)0)) | |||
1640 | break; | |||
1641 | if (SEC_ASN1EncodeUnsignedIntegerSEC_ASN1EncodeUnsignedInteger_Util(NULL((void*)0), &rc5.blockSizeInBits, | |||
1642 | rc5_params->ulWordsize * 8) == NULL((void*)0)) { | |||
1643 | PORT_FreePORT_Free_Util(rc5.version.data); | |||
1644 | break; | |||
1645 | } | |||
1646 | if (SEC_ASN1EncodeUnsignedIntegerSEC_ASN1EncodeUnsignedInteger_Util(NULL((void*)0), &rc5.rounds, | |||
1647 | rc5_params->ulWordsize * 8) == NULL((void*)0)) { | |||
1648 | PORT_FreePORT_Free_Util(rc5.blockSizeInBits.data); | |||
1649 | PORT_FreePORT_Free_Util(rc5.version.data); | |||
1650 | break; | |||
1651 | } | |||
1652 | rc5.iv.data = rc5_params->pIv; | |||
1653 | rc5.iv.len = rc5_params->ulIvLen; | |||
1654 | newParams = SEC_ASN1EncodeItemSEC_ASN1EncodeItem_Util(NULL((void*)0), NULL((void*)0), &rc5, | |||
1655 | sec_rc5cbc_parameter_template); | |||
1656 | PORT_FreePORT_Free_Util(rc5.version.data); | |||
1657 | PORT_FreePORT_Free_Util(rc5.blockSizeInBits.data); | |||
1658 | PORT_FreePORT_Free_Util(rc5.rounds.data); | |||
1659 | if (newParams == NULL((void*)0)) | |||
1660 | break; | |||
1661 | rv = SECSuccess; | |||
1662 | break; | |||
1663 | case CKM_PBE_MD2_DES_CBC0x000003A0UL: | |||
1664 | case CKM_PBE_MD5_DES_CBC0x000003A1UL: | |||
1665 | case CKM_NSS_PBE_SHA1_DES_CBC0x80000002UL: | |||
1666 | case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC0x80000003UL: | |||
1667 | case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC0x80000008UL: | |||
1668 | case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC0x80000004UL: | |||
1669 | case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC0x80000005UL: | |||
1670 | case CKM_NSS_PBE_SHA1_40_BIT_RC40x80000006UL: | |||
1671 | case CKM_NSS_PBE_SHA1_128_BIT_RC40x80000007UL: | |||
1672 | case CKM_PBE_SHA1_DES3_EDE_CBC0x000003A8UL: | |||
1673 | case CKM_PBE_SHA1_DES2_EDE_CBC0x000003A9UL: | |||
1674 | case CKM_PBE_SHA1_RC2_40_CBC0x000003ABUL: | |||
1675 | case CKM_PBE_SHA1_RC2_128_CBC0x000003AAUL: | |||
1676 | case CKM_PBE_SHA1_RC4_400x000003A7UL: | |||
1677 | case CKM_PBE_SHA1_RC4_1280x000003A6UL: | |||
1678 | return PBE_PK11ParamToAlgid(algTag, param, arena, algid); | |||
1679 | default: | |||
1680 | if (pk11_lookup(type)->iv == 0) { | |||
1681 | rv = SECSuccess; | |||
1682 | newParams = NULL((void*)0); | |||
1683 | break; | |||
1684 | } | |||
1685 | case CKM_SEED_CBC0x00000652UL: | |||
1686 | case CKM_CAMELLIA_CBC0x00000552UL: | |||
1687 | case CKM_AES_CBC0x00001082UL: | |||
1688 | case CKM_DES_CBC0x00000122UL: | |||
1689 | case CKM_DES3_CBC0x00000133UL: | |||
1690 | case CKM_IDEA_CBC0x00000342UL: | |||
1691 | case CKM_CDMF_CBC0x00000142UL: | |||
1692 | case CKM_CAST_CBC0x00000302UL: | |||
1693 | case CKM_CAST3_CBC0x00000312UL: | |||
1694 | case CKM_CAST5_CBC0x00000322UL: | |||
1695 | case CKM_DES_CBC_PAD0x00000125UL: | |||
1696 | case CKM_DES3_CBC_PAD0x00000136UL: | |||
1697 | case CKM_IDEA_CBC_PAD0x00000345UL: | |||
1698 | case CKM_CDMF_CBC_PAD0x00000145UL: | |||
1699 | case CKM_CAST_CBC_PAD0x00000305UL: | |||
1700 | case CKM_CAST3_CBC_PAD0x00000315UL: | |||
1701 | case CKM_CAST5_CBC_PAD0x00000325UL: | |||
1702 | case CKM_SKIPJACK_CBC640x00001002UL: | |||
1703 | case CKM_SKIPJACK_ECB640x00001001UL: | |||
1704 | case CKM_SKIPJACK_OFB640x00001003UL: | |||
1705 | case CKM_SKIPJACK_CFB640x00001004UL: | |||
1706 | case CKM_SKIPJACK_CFB320x00001005UL: | |||
1707 | case CKM_SKIPJACK_CFB160x00001006UL: | |||
1708 | case CKM_SKIPJACK_CFB80x00001007UL: | |||
1709 | case CKM_BATON_ECB1280x00001031UL: | |||
1710 | case CKM_BATON_ECB960x00001032UL: | |||
1711 | case CKM_BATON_CBC1280x00001033UL: | |||
1712 | case CKM_BATON_COUNTER0x00001034UL: | |||
1713 | case CKM_BATON_SHUFFLE0x00001035UL: | |||
1714 | case CKM_JUNIPER_ECB1280x00001061UL: | |||
1715 | case CKM_JUNIPER_CBC1280x00001062UL: | |||
1716 | case CKM_JUNIPER_COUNTER0x00001063UL: | |||
1717 | case CKM_JUNIPER_SHUFFLE0x00001064UL: | |||
1718 | newParams = SEC_ASN1EncodeItemSEC_ASN1EncodeItem_Util(NULL((void*)0), NULL((void*)0), param, | |||
1719 | SEC_ASN1_GET(SEC_OctetStringTemplate)SEC_OctetStringTemplate_Util); | |||
1720 | if (newParams == NULL((void*)0)) | |||
1721 | break; | |||
1722 | rv = SECSuccess; | |||
1723 | break; | |||
1724 | } | |||
1725 | ||||
1726 | if (rv != SECSuccess) { | |||
1727 | if (newParams) | |||
1728 | SECITEM_FreeItemSECITEM_FreeItem_Util(newParams, PR_TRUE1); | |||
1729 | return rv; | |||
1730 | } | |||
1731 | ||||
1732 | rv = SECOID_SetAlgorithmIDSECOID_SetAlgorithmID_Util(arena, algid, algTag, newParams); | |||
1733 | SECITEM_FreeItemSECITEM_FreeItem_Util(newParams, PR_TRUE1); | |||
1734 | return rv; | |||
1735 | } | |||
1736 | ||||
1737 | /* turn an OID algorithm tag into a PKCS #11 mechanism. This allows us to | |||
1738 | * map OID's directly into the PKCS #11 mechanism we want to call. We find | |||
1739 | * this mapping in our standard OID table */ | |||
1740 | CK_MECHANISM_TYPE | |||
1741 | PK11_AlgtagToMechanism(SECOidTag algTag) | |||
1742 | { | |||
1743 | SECOidData *oid = SECOID_FindOIDByTagSECOID_FindOIDByTag_Util(algTag); | |||
1744 | ||||
1745 | if (oid) | |||
1746 | return (CK_MECHANISM_TYPE)oid->mechanism; | |||
1747 | return CKM_INVALID_MECHANISM0xffffffffUL; | |||
1748 | } | |||
1749 | ||||
1750 | /* turn a mechanism into an oid. */ | |||
1751 | SECOidTag | |||
1752 | PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type) | |||
1753 | { | |||
1754 | SECOidData *oid = SECOID_FindOIDByMechanism((unsigned long)type); | |||
1755 | ||||
1756 | if (oid) | |||
1757 | return oid->offset; | |||
1758 | return SEC_OID_UNKNOWN; | |||
1759 | } | |||
1760 | ||||
1761 | /* Determine appropriate blocking mechanism, used when wrapping private keys | |||
1762 | * which require PKCS padding. If the mechanism does not map to a padding | |||
1763 | * mechanism, we simply return the mechanism. | |||
1764 | */ | |||
1765 | CK_MECHANISM_TYPE | |||
1766 | PK11_GetPadMechanism(CK_MECHANISM_TYPE type) | |||
1767 | { | |||
1768 | switch (type) { | |||
1769 | case CKM_SEED_CBC0x00000652UL: | |||
1770 | return CKM_SEED_CBC_PAD0x00000655UL; | |||
1771 | case CKM_CAMELLIA_CBC0x00000552UL: | |||
1772 | return CKM_CAMELLIA_CBC_PAD0x00000555UL; | |||
1773 | case CKM_AES_CBC0x00001082UL: | |||
1774 | return CKM_AES_CBC_PAD0x00001085UL; | |||
1775 | case CKM_DES_CBC0x00000122UL: | |||
1776 | return CKM_DES_CBC_PAD0x00000125UL; | |||
1777 | case CKM_DES3_CBC0x00000133UL: | |||
1778 | return CKM_DES3_CBC_PAD0x00000136UL; | |||
1779 | case CKM_RC2_CBC0x00000102UL: | |||
1780 | return CKM_RC2_CBC_PAD0x00000105UL; | |||
1781 | case CKM_CDMF_CBC0x00000142UL: | |||
1782 | return CKM_CDMF_CBC_PAD0x00000145UL; | |||
1783 | case CKM_CAST_CBC0x00000302UL: | |||
1784 | return CKM_CAST_CBC_PAD0x00000305UL; | |||
1785 | case CKM_CAST3_CBC0x00000312UL: | |||
1786 | return CKM_CAST3_CBC_PAD0x00000315UL; | |||
1787 | case CKM_CAST5_CBC0x00000322UL: | |||
1788 | return CKM_CAST5_CBC_PAD0x00000325UL; | |||
1789 | case CKM_RC5_CBC0x00000332UL: | |||
1790 | return CKM_RC5_CBC_PAD0x00000335UL; | |||
1791 | case CKM_IDEA_CBC0x00000342UL: | |||
1792 | return CKM_IDEA_CBC_PAD0x00000345UL; | |||
1793 | default: | |||
1794 | break; | |||
1795 | } | |||
1796 | ||||
1797 | return type; | |||
1798 | } | |||
1799 | ||||
1800 | static PRBool | |||
1801 | pk11_isAllZero(unsigned char *data, int len) | |||
1802 | { | |||
1803 | while (len--) { | |||
1804 | if (*data++) { | |||
1805 | return PR_FALSE0; | |||
1806 | } | |||
1807 | } | |||
1808 | return PR_TRUE1; | |||
1809 | } | |||
1810 | ||||
1811 | CK_RV | |||
1812 | PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism, | |||
1813 | CK_MECHANISM_PTR pCryptoMechanism, | |||
1814 | SECItem *pbe_pwd, PRBool faulty3DES) | |||
1815 | { | |||
1816 | int iv_len = 0; | |||
1817 | CK_PBE_PARAMS_PTR pPBEparams; | |||
1818 | CK_RC2_CBC_PARAMS_PTR rc2_params; | |||
1819 | CK_ULONG rc2_key_len; | |||
1820 | ||||
1821 | if ((pPBEMechanism == CK_NULL_PTR0) || (pCryptoMechanism == CK_NULL_PTR0)) { | |||
1822 | return CKR_HOST_MEMORY0x00000002UL; | |||
1823 | } | |||
1824 | ||||
1825 | /* pkcs5 v2 cannot be supported by this interface. | |||
1826 | * use PK11_GetPBECryptoMechanism instead. | |||
1827 | */ | |||
1828 | if ((pPBEMechanism->mechanism == CKM_INVALID_MECHANISM0xffffffffUL) || | |||
1829 | (pPBEMechanism->mechanism == CKM_PKCS5_PBKD20x000003B0UL)) { | |||
1830 | return CKR_MECHANISM_INVALID0x00000070UL; | |||
1831 | } | |||
1832 | ||||
1833 | pPBEparams = (CK_PBE_PARAMS_PTR)pPBEMechanism->pParameter; | |||
1834 | iv_len = PK11_GetIVLength(pPBEMechanism->mechanism); | |||
1835 | ||||
1836 | if (iv_len) { | |||
1837 | if (pk11_isAllZero(pPBEparams->pInitVector, iv_len)) { | |||
1838 | SECItem param; | |||
1839 | PK11SymKey *symKey; | |||
1840 | PK11SlotInfo *intSlot = PK11_GetInternalSlot(); | |||
1841 | ||||
1842 | if (intSlot == NULL((void*)0)) { | |||
1843 | return CKR_DEVICE_ERROR0x00000030UL; | |||
1844 | } | |||
1845 | ||||
1846 | param.data = pPBEMechanism->pParameter; | |||
1847 | param.len = pPBEMechanism->ulParameterLen; | |||
1848 | ||||
1849 | symKey = PK11_RawPBEKeyGen(intSlot, | |||
1850 | pPBEMechanism->mechanism, ¶m, pbe_pwd, faulty3DES, NULL((void*)0)); | |||
1851 | PK11_FreeSlot(intSlot); | |||
1852 | if (symKey == NULL((void*)0)) { | |||
1853 | return CKR_DEVICE_ERROR0x00000030UL; /* sigh */ | |||
1854 | } | |||
1855 | PK11_FreeSymKey(symKey); | |||
1856 | } | |||
1857 | } | |||
1858 | ||||
1859 | switch (pPBEMechanism->mechanism) { | |||
1860 | case CKM_PBE_MD2_DES_CBC0x000003A0UL: | |||
1861 | case CKM_PBE_MD5_DES_CBC0x000003A1UL: | |||
1862 | case CKM_NSS_PBE_SHA1_DES_CBC0x80000002UL: | |||
1863 | pCryptoMechanism->mechanism = CKM_DES_CBC0x00000122UL; | |||
1864 | goto have_crypto_mechanism; | |||
1865 | case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC0x80000003UL: | |||
1866 | case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC0x80000008UL: | |||
1867 | case CKM_PBE_SHA1_DES3_EDE_CBC0x000003A8UL: | |||
1868 | case CKM_PBE_SHA1_DES2_EDE_CBC0x000003A9UL: | |||
1869 | pCryptoMechanism->mechanism = CKM_DES3_CBC0x00000133UL; | |||
1870 | have_crypto_mechanism: | |||
1871 | pCryptoMechanism->pParameter = PORT_AllocPORT_Alloc_Util(iv_len); | |||
1872 | pCryptoMechanism->ulParameterLen = (CK_ULONG)iv_len; | |||
1873 | if (pCryptoMechanism->pParameter == NULL((void*)0)) { | |||
1874 | return CKR_HOST_MEMORY0x00000002UL; | |||
1875 | } | |||
1876 | PORT_Memcpymemcpy((unsigned char *)(pCryptoMechanism->pParameter), | |||
1877 | (unsigned char *)(pPBEparams->pInitVector), | |||
1878 | iv_len); | |||
1879 | break; | |||
1880 | case CKM_NSS_PBE_SHA1_40_BIT_RC40x80000006UL: | |||
1881 | case CKM_NSS_PBE_SHA1_128_BIT_RC40x80000007UL: | |||
1882 | case CKM_PBE_SHA1_RC4_400x000003A7UL: | |||
1883 | case CKM_PBE_SHA1_RC4_1280x000003A6UL: | |||
1884 | pCryptoMechanism->mechanism = CKM_RC40x00000111UL; | |||
1885 | pCryptoMechanism->ulParameterLen = 0; | |||
1886 | pCryptoMechanism->pParameter = CK_NULL_PTR0; | |||
1887 | break; | |||
1888 | case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC0x80000004UL: | |||
1889 | case CKM_PBE_SHA1_RC2_40_CBC0x000003ABUL: | |||
1890 | rc2_key_len = 40; | |||
1891 | goto have_key_len; | |||
1892 | case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC0x80000005UL: | |||
1893 | rc2_key_len = 128; | |||
1894 | have_key_len: | |||
1895 | pCryptoMechanism->mechanism = CKM_RC2_CBC0x00000102UL; | |||
1896 | pCryptoMechanism->ulParameterLen = (CK_ULONG)sizeof(CK_RC2_CBC_PARAMS); | |||
1897 | pCryptoMechanism->pParameter = (CK_RC2_CBC_PARAMS_PTR) | |||
1898 | PORT_ZAllocPORT_ZAlloc_Util(sizeof(CK_RC2_CBC_PARAMS)); | |||
1899 | if (pCryptoMechanism->pParameter == NULL((void*)0)) { | |||
1900 | return CKR_HOST_MEMORY0x00000002UL; | |||
1901 | } | |||
1902 | rc2_params = (CK_RC2_CBC_PARAMS_PTR)pCryptoMechanism->pParameter; | |||
1903 | PORT_Memcpymemcpy((unsigned char *)rc2_params->iv, | |||
1904 | (unsigned char *)pPBEparams->pInitVector, | |||
1905 | iv_len); | |||
1906 | rc2_params->ulEffectiveBits = rc2_key_len; | |||
1907 | break; | |||
1908 | default: | |||
1909 | return CKR_MECHANISM_INVALID0x00000070UL; | |||
1910 | } | |||
1911 | ||||
1912 | return CKR_OK0x00000000UL; | |||
1913 | } | |||
1914 | ||||
1915 | /* Make a Key type to an appropriate signing/verification mechanism */ | |||
1916 | CK_MECHANISM_TYPE | |||
1917 | PK11_MapSignKeyType(KeyType keyType) | |||
1918 | { | |||
1919 | switch (keyType) { | |||
1920 | case rsaKey: | |||
1921 | return CKM_RSA_PKCS0x00000001UL; | |||
1922 | case fortezzaKey: | |||
1923 | case dsaKey: | |||
1924 | return CKM_DSA0x00000011UL; | |||
1925 | case ecKey: | |||
1926 | return CKM_ECDSA0x00001041UL; | |||
1927 | case edKey: | |||
1928 | return CKM_EDDSA0x00001057UL; | |||
1929 | case dhKey: | |||
1930 | default: | |||
1931 | break; | |||
1932 | } | |||
1933 | return CKM_INVALID_MECHANISM0xffffffffUL; | |||
1934 | } | |||
1935 | ||||
1936 | CK_MECHANISM_TYPE | |||
1937 | pk11_mapWrapKeyType(KeyType keyType) | |||
1938 | { | |||
1939 | switch (keyType) { | |||
1940 | case rsaKey: | |||
1941 | return CKM_RSA_PKCS0x00000001UL; | |||
1942 | /* Add fortezza?? */ | |||
1943 | default: | |||
1944 | break; | |||
1945 | } | |||
1946 | return CKM_INVALID_MECHANISM0xffffffffUL; | |||
1947 | } | |||
1948 | ||||
1949 | SECOidTag | |||
1950 | PK11_FortezzaMapSig(SECOidTag algTag) | |||
1951 | { | |||
1952 | switch (algTag) { | |||
1953 | case SEC_OID_MISSI_KEA_DSS: | |||
1954 | case SEC_OID_MISSI_DSS: | |||
1955 | case SEC_OID_MISSI_DSS_OLD: | |||
1956 | case SEC_OID_MISSI_KEA_DSS_OLD: | |||
1957 | case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST: | |||
1958 | return SEC_OID_ANSIX9_DSA_SIGNATURE; | |||
1959 | default: | |||
1960 | break; | |||
1961 | } | |||
1962 | return algTag; | |||
1963 | } |