File: | s/lib/cryptohi/seckey.c |
Warning: | line 691, column 21 Value stored to 'rv' is never read |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* This Source Code Form is subject to the terms of the Mozilla Public |
2 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
3 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
4 | #include "cryptohi.h" |
5 | #include "keyhi.h" |
6 | #include "secoid.h" |
7 | #include "secitem.h" |
8 | #include "secder.h" |
9 | #include "base64.h" |
10 | #include "secasn1.h" |
11 | #include "cert.h" |
12 | #include "pk11func.h" |
13 | #include "secerr.h" |
14 | #include "secdig.h" |
15 | #include "prtime.h" |
16 | #include "keyi.h" |
17 | #include "nss.h" |
18 | |
19 | SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) |
20 | SEC_ASN1_MKSUB(SEC_IntegerTemplate) |
21 | |
22 | const SEC_ASN1Template CERT_SubjectPublicKeyInfoTemplate[] = { |
23 | { SEC_ASN1_SEQUENCE0x10, |
24 | 0, NULL((void*)0), sizeof(CERTSubjectPublicKeyInfo) }, |
25 | { SEC_ASN1_INLINE0x00800 | SEC_ASN1_XTRN0, |
26 | offsetof(CERTSubjectPublicKeyInfo, algorithm)__builtin_offsetof(CERTSubjectPublicKeyInfo, algorithm), |
27 | SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate)SECOID_AlgorithmIDTemplate_Util }, |
28 | { SEC_ASN1_BIT_STRING0x03, |
29 | offsetof(CERTSubjectPublicKeyInfo, subjectPublicKey)__builtin_offsetof(CERTSubjectPublicKeyInfo, subjectPublicKey ) }, |
30 | { 0 } |
31 | }; |
32 | |
33 | const SEC_ASN1Template CERT_PublicKeyAndChallengeTemplate[] = { |
34 | { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(CERTPublicKeyAndChallenge) }, |
35 | { SEC_ASN1_ANY0x00400, offsetof(CERTPublicKeyAndChallenge, spki)__builtin_offsetof(CERTPublicKeyAndChallenge, spki) }, |
36 | { SEC_ASN1_IA5_STRING0x16, offsetof(CERTPublicKeyAndChallenge, challenge)__builtin_offsetof(CERTPublicKeyAndChallenge, challenge) }, |
37 | { 0 } |
38 | }; |
39 | |
40 | const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[] = { |
41 | { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(SECKEYPublicKey) }, |
42 | { SEC_ASN1_INTEGER0x02, offsetof(SECKEYPublicKey, u.rsa.modulus)__builtin_offsetof(SECKEYPublicKey, u.rsa.modulus) }, |
43 | { SEC_ASN1_INTEGER0x02, offsetof(SECKEYPublicKey, u.rsa.publicExponent)__builtin_offsetof(SECKEYPublicKey, u.rsa.publicExponent) }, |
44 | { 0 } |
45 | }; |
46 | |
47 | static const SEC_ASN1Template seckey_PointerToAlgorithmIDTemplate[] = { |
48 | { SEC_ASN1_POINTER0x01000 | SEC_ASN1_XTRN0, 0, |
49 | SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate)SECOID_AlgorithmIDTemplate_Util } |
50 | }; |
51 | |
52 | /* Parameters for SEC_OID_PKCS1_RSA_PSS_SIGNATURE */ |
53 | const SEC_ASN1Template SECKEY_RSAPSSParamsTemplate[] = { |
54 | { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(SECKEYRSAPSSParams) }, |
55 | { SEC_ASN1_OPTIONAL0x00100 | SEC_ASN1_CONSTRUCTED0x20 | SEC_ASN1_EXPLICIT0x00200 | |
56 | SEC_ASN1_CONTEXT_SPECIFIC0x80 | 0, |
57 | offsetof(SECKEYRSAPSSParams, hashAlg)__builtin_offsetof(SECKEYRSAPSSParams, hashAlg), |
58 | seckey_PointerToAlgorithmIDTemplate }, |
59 | { SEC_ASN1_OPTIONAL0x00100 | SEC_ASN1_CONSTRUCTED0x20 | SEC_ASN1_EXPLICIT0x00200 | |
60 | SEC_ASN1_CONTEXT_SPECIFIC0x80 | 1, |
61 | offsetof(SECKEYRSAPSSParams, maskAlg)__builtin_offsetof(SECKEYRSAPSSParams, maskAlg), |
62 | seckey_PointerToAlgorithmIDTemplate }, |
63 | { SEC_ASN1_OPTIONAL0x00100 | SEC_ASN1_CONSTRUCTED0x20 | SEC_ASN1_EXPLICIT0x00200 | |
64 | SEC_ASN1_XTRN0 | SEC_ASN1_CONTEXT_SPECIFIC0x80 | 2, |
65 | offsetof(SECKEYRSAPSSParams, saltLength)__builtin_offsetof(SECKEYRSAPSSParams, saltLength), |
66 | SEC_ASN1_SUB(SEC_IntegerTemplate)SEC_IntegerTemplate_Util }, |
67 | { SEC_ASN1_OPTIONAL0x00100 | SEC_ASN1_CONSTRUCTED0x20 | SEC_ASN1_EXPLICIT0x00200 | |
68 | SEC_ASN1_XTRN0 | SEC_ASN1_CONTEXT_SPECIFIC0x80 | 3, |
69 | offsetof(SECKEYRSAPSSParams, trailerField)__builtin_offsetof(SECKEYRSAPSSParams, trailerField), |
70 | SEC_ASN1_SUB(SEC_IntegerTemplate)SEC_IntegerTemplate_Util }, |
71 | { 0 } |
72 | }; |
73 | |
74 | const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[] = { |
75 | { SEC_ASN1_INTEGER0x02, offsetof(SECKEYPublicKey, u.dsa.publicValue)__builtin_offsetof(SECKEYPublicKey, u.dsa.publicValue) }, |
76 | { 0 } |
77 | }; |
78 | |
79 | const SEC_ASN1Template SECKEY_PQGParamsTemplate[] = { |
80 | { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(SECKEYPQGParams) }, |
81 | { SEC_ASN1_INTEGER0x02, offsetof(SECKEYPQGParams, prime)__builtin_offsetof(SECKEYPQGParams, prime) }, |
82 | { SEC_ASN1_INTEGER0x02, offsetof(SECKEYPQGParams, subPrime)__builtin_offsetof(SECKEYPQGParams, subPrime) }, |
83 | { SEC_ASN1_INTEGER0x02, offsetof(SECKEYPQGParams, base)__builtin_offsetof(SECKEYPQGParams, base) }, |
84 | { 0 } |
85 | }; |
86 | |
87 | const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[] = { |
88 | { SEC_ASN1_INTEGER0x02, offsetof(SECKEYPublicKey, u.dh.publicValue)__builtin_offsetof(SECKEYPublicKey, u.dh.publicValue) }, |
89 | { 0 } |
90 | }; |
91 | |
92 | const SEC_ASN1Template SECKEY_DHParamKeyTemplate[] = { |
93 | { SEC_ASN1_SEQUENCE0x10, 0, NULL((void*)0), sizeof(SECKEYPublicKey) }, |
94 | { SEC_ASN1_INTEGER0x02, offsetof(SECKEYPublicKey, u.dh.prime)__builtin_offsetof(SECKEYPublicKey, u.dh.prime) }, |
95 | { SEC_ASN1_INTEGER0x02, offsetof(SECKEYPublicKey, u.dh.base)__builtin_offsetof(SECKEYPublicKey, u.dh.base) }, |
96 | /* XXX chrisk: this needs to be expanded for decoding of j and validationParms (RFC2459 7.3.2) */ |
97 | { SEC_ASN1_SKIP_REST0x80000 }, |
98 | { 0 } |
99 | }; |
100 | |
101 | SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_DSAPublicKeyTemplate)const SEC_ASN1Template *NSS_Get_SECKEY_DSAPublicKeyTemplate(void *arg, PRBool enc) { return SECKEY_DSAPublicKeyTemplate; } |
102 | SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_RSAPublicKeyTemplate)const SEC_ASN1Template *NSS_Get_SECKEY_RSAPublicKeyTemplate(void *arg, PRBool enc) { return SECKEY_RSAPublicKeyTemplate; } |
103 | SEC_ASN1_CHOOSER_IMPLEMENT(SECKEY_RSAPSSParamsTemplate)const SEC_ASN1Template *NSS_Get_SECKEY_RSAPSSParamsTemplate(void *arg, PRBool enc) { return SECKEY_RSAPSSParamsTemplate; } |
104 | SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SubjectPublicKeyInfoTemplate)const SEC_ASN1Template *NSS_Get_CERT_SubjectPublicKeyInfoTemplate (void *arg, PRBool enc) { return CERT_SubjectPublicKeyInfoTemplate ; } |
105 | |
106 | /* |
107 | * See bugzilla bug 125359 |
108 | * Since NSS (via PKCS#11) wants to handle big integers as unsigned ints, |
109 | * all of the templates above that en/decode into integers must be converted |
110 | * from ASN.1's signed integer type. This is done by marking either the |
111 | * source or destination (encoding or decoding, respectively) type as |
112 | * siUnsignedInteger. |
113 | */ |
114 | static void |
115 | prepare_rsa_pub_key_for_asn1(SECKEYPublicKey *pubk) |
116 | { |
117 | pubk->u.rsa.modulus.type = siUnsignedInteger; |
118 | pubk->u.rsa.publicExponent.type = siUnsignedInteger; |
119 | } |
120 | |
121 | static void |
122 | prepare_dsa_pub_key_for_asn1(SECKEYPublicKey *pubk) |
123 | { |
124 | pubk->u.dsa.publicValue.type = siUnsignedInteger; |
125 | } |
126 | |
127 | static void |
128 | prepare_pqg_params_for_asn1(SECKEYPQGParams *params) |
129 | { |
130 | params->prime.type = siUnsignedInteger; |
131 | params->subPrime.type = siUnsignedInteger; |
132 | params->base.type = siUnsignedInteger; |
133 | } |
134 | |
135 | static void |
136 | prepare_dh_pub_key_for_asn1(SECKEYPublicKey *pubk) |
137 | { |
138 | pubk->u.dh.prime.type = siUnsignedInteger; |
139 | pubk->u.dh.base.type = siUnsignedInteger; |
140 | pubk->u.dh.publicValue.type = siUnsignedInteger; |
141 | } |
142 | |
143 | /* Create an RSA key pair is any slot able to do so. |
144 | ** The created keys are "session" (temporary), not "token" (permanent), |
145 | ** and they are "sensitive", which makes them costly to move to another token. |
146 | */ |
147 | SECKEYPrivateKey * |
148 | SECKEY_CreateRSAPrivateKey(int keySizeInBits, SECKEYPublicKey **pubk, void *cx) |
149 | { |
150 | SECKEYPrivateKey *privk; |
151 | PK11RSAGenParams param; |
152 | PK11SlotInfo *slot = PK11_GetBestSlot(CKM_RSA_PKCS_KEY_PAIR_GEN0x00000000UL, cx); |
153 | if (!slot) { |
154 | return NULL((void*)0); |
155 | } |
156 | |
157 | param.keySizeInBits = keySizeInBits; |
158 | param.pe = 65537L; |
159 | |
160 | privk = PK11_GenerateKeyPair(slot, CKM_RSA_PKCS_KEY_PAIR_GEN0x00000000UL, ¶m, pubk, |
161 | PR_FALSE0, PR_TRUE1, cx); |
162 | PK11_FreeSlot(slot); |
163 | return (privk); |
164 | } |
165 | |
166 | /* Create a DH key pair in any slot able to do so, |
167 | ** This is a "session" (temporary), not "token" (permanent) key. |
168 | ** Because of the high probability that this key will need to be moved to |
169 | ** another token, and the high cost of moving "sensitive" keys, we attempt |
170 | ** to create this key pair without the "sensitive" attribute, but revert to |
171 | ** creating a "sensitive" key if necessary. |
172 | */ |
173 | SECKEYPrivateKey * |
174 | SECKEY_CreateDHPrivateKey(SECKEYDHParams *param, SECKEYPublicKey **pubk, void *cx) |
175 | { |
176 | SECKEYPrivateKey *privk; |
177 | PK11SlotInfo *slot; |
178 | |
179 | if (!param || !param->base.data || !param->prime.data || |
180 | SECKEY_BigIntegerBitLength(¶m->prime) < DH_MIN_P_BITS128 || |
181 | param->base.len == 0 || param->base.len > param->prime.len + 1 || |
182 | (param->base.len == 1 && param->base.data[0] == 0)) { |
183 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_ARGS); |
184 | return NULL((void*)0); |
185 | } |
186 | |
187 | slot = PK11_GetBestSlot(CKM_DH_PKCS_KEY_PAIR_GEN0x00000020UL, cx); |
188 | if (!slot) { |
189 | return NULL((void*)0); |
190 | } |
191 | |
192 | privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN0x00000020UL, param, |
193 | pubk, PR_FALSE0, PR_FALSE0, cx); |
194 | if (!privk) |
195 | privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN0x00000020UL, param, |
196 | pubk, PR_FALSE0, PR_TRUE1, cx); |
197 | |
198 | PK11_FreeSlot(slot); |
199 | return (privk); |
200 | } |
201 | |
202 | /* Create an EC key pair in any slot able to do so, |
203 | ** This is a "session" (temporary), not "token" (permanent) key. |
204 | ** Because of the high probability that this key will need to be moved to |
205 | ** another token, and the high cost of moving "sensitive" keys, we attempt |
206 | ** to create this key pair without the "sensitive" attribute, but revert to |
207 | ** creating a "sensitive" key if necessary. |
208 | */ |
209 | SECKEYPrivateKey * |
210 | SECKEY_CreateECPrivateKey(SECKEYECParams *param, SECKEYPublicKey **pubk, void *cx) |
211 | { |
212 | SECKEYPrivateKey *privk; |
213 | PK11SlotInfo *slot = PK11_GetBestSlot(CKM_EC_KEY_PAIR_GEN0x00001040UL, cx); |
214 | if (!slot) { |
215 | return NULL((void*)0); |
216 | } |
217 | |
218 | privk = PK11_GenerateKeyPairWithOpFlags(slot, CKM_EC_KEY_PAIR_GEN0x00001040UL, |
219 | param, pubk, |
220 | PK11_ATTR_SESSION0x00000002L | |
221 | PK11_ATTR_INSENSITIVE0x00000080L | |
222 | PK11_ATTR_PUBLIC0x00000008L, |
223 | CKF_DERIVE0x00080000UL, CKF_DERIVE0x00080000UL | CKF_SIGN0x00000800UL, |
224 | cx); |
225 | if (!privk) |
226 | privk = PK11_GenerateKeyPairWithOpFlags(slot, CKM_EC_KEY_PAIR_GEN0x00001040UL, |
227 | param, pubk, |
228 | PK11_ATTR_SESSION0x00000002L | |
229 | PK11_ATTR_SENSITIVE0x00000040L | |
230 | PK11_ATTR_PRIVATE0x00000004L, |
231 | CKF_DERIVE0x00080000UL, CKF_DERIVE0x00080000UL | CKF_SIGN0x00000800UL, |
232 | cx); |
233 | |
234 | PK11_FreeSlot(slot); |
235 | return (privk); |
236 | } |
237 | |
238 | SECKEYPrivateKey * |
239 | SECKEY_CreateEDPrivateKey(SECKEYECParams *param, SECKEYPublicKey **pubk, void *cx) |
240 | { |
241 | SECKEYPrivateKey *privk; |
242 | PK11SlotInfo *slot = PK11_GetBestSlot(CKM_EC_EDWARDS_KEY_PAIR_GEN0x00001055UL, cx); |
243 | if (!slot) { |
244 | return NULL((void*)0); |
245 | } |
246 | |
247 | privk = PK11_GenerateKeyPairWithOpFlags(slot, CKM_EC_EDWARDS_KEY_PAIR_GEN0x00001055UL, |
248 | param, pubk, |
249 | PK11_ATTR_SESSION0x00000002L | |
250 | PK11_ATTR_INSENSITIVE0x00000080L | |
251 | PK11_ATTR_PUBLIC0x00000008L, |
252 | CKF_SIGN0x00000800UL, CKF_SIGN0x00000800UL, cx); |
253 | if (!privk) |
254 | privk = PK11_GenerateKeyPairWithOpFlags(slot, CKM_EC_EDWARDS_KEY_PAIR_GEN0x00001055UL, |
255 | param, pubk, |
256 | PK11_ATTR_SESSION0x00000002L | |
257 | PK11_ATTR_SENSITIVE0x00000040L | |
258 | PK11_ATTR_PRIVATE0x00000004L, |
259 | CKF_SIGN0x00000800UL, CKF_SIGN0x00000800UL, cx); |
260 | |
261 | PK11_FreeSlot(slot); |
262 | return (privk); |
263 | } |
264 | |
265 | void |
266 | SECKEY_DestroyPrivateKey(SECKEYPrivateKey *privk) |
267 | { |
268 | if (privk) { |
269 | if (privk->pkcs11Slot) { |
270 | if (privk->pkcs11IsTemp) { |
271 | PK11_DestroyObject(privk->pkcs11Slot, privk->pkcs11ID); |
272 | } |
273 | PK11_FreeSlot(privk->pkcs11Slot); |
274 | } |
275 | if (privk->arena) { |
276 | PORT_FreeArenaPORT_FreeArena_Util(privk->arena, PR_TRUE1); |
277 | } |
278 | } |
279 | } |
280 | |
281 | void |
282 | SECKEY_DestroyPublicKey(SECKEYPublicKey *pubk) |
283 | { |
284 | if (pubk) { |
285 | if (pubk->pkcs11Slot) { |
286 | if (!PK11_IsPermObject(pubk->pkcs11Slot, pubk->pkcs11ID)) { |
287 | PK11_DestroyObject(pubk->pkcs11Slot, pubk->pkcs11ID); |
288 | } |
289 | PK11_FreeSlot(pubk->pkcs11Slot); |
290 | } |
291 | if (pubk->arena) { |
292 | PORT_FreeArenaPORT_FreeArena_Util(pubk->arena, PR_FALSE0); |
293 | } |
294 | } |
295 | } |
296 | |
297 | SECStatus |
298 | SECKEY_CopySubjectPublicKeyInfo(PLArenaPool *arena, |
299 | CERTSubjectPublicKeyInfo *to, |
300 | CERTSubjectPublicKeyInfo *from) |
301 | { |
302 | SECStatus rv; |
303 | SECItem spk; |
304 | |
305 | rv = SECOID_CopyAlgorithmIDSECOID_CopyAlgorithmID_Util(arena, &to->algorithm, &from->algorithm); |
306 | if (rv == SECSuccess) { |
307 | /* |
308 | * subjectPublicKey is a bit string, whose length is in bits. |
309 | * Convert the length from bits to bytes for SECITEM_CopyItem. |
310 | */ |
311 | spk = from->subjectPublicKey; |
312 | DER_ConvertBitString(&spk){ (&spk)->len = ((&spk)->len + 7) >> 3; }; |
313 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &to->subjectPublicKey, &spk); |
314 | /* Set the length back to bits. */ |
315 | if (rv == SECSuccess) { |
316 | to->subjectPublicKey.len = from->subjectPublicKey.len; |
317 | } |
318 | } |
319 | |
320 | return rv; |
321 | } |
322 | |
323 | /* Procedure to update the pqg parameters for a cert's public key. |
324 | * pqg parameters only need to be updated for DSA certificates. |
325 | * The procedure uses calls to itself recursively to update a certificate |
326 | * issuer's pqg parameters. Some important rules are: |
327 | * - Do nothing if the cert already has PQG parameters. |
328 | * - If the cert does not have PQG parameters, obtain them from the issuer. |
329 | * - A valid cert chain cannot have a DSA cert without |
330 | * pqg parameters that has a parent that is not a DSA cert. */ |
331 | |
332 | static SECStatus |
333 | seckey_UpdateCertPQGChain(CERTCertificate *subjectCert, int count) |
334 | { |
335 | SECStatus rv; |
336 | SECOidData *oid = NULL((void*)0); |
337 | int tag; |
338 | CERTSubjectPublicKeyInfo *subjectSpki = NULL((void*)0); |
339 | CERTSubjectPublicKeyInfo *issuerSpki = NULL((void*)0); |
340 | CERTCertificate *issuerCert = NULL((void*)0); |
341 | |
342 | /* increment cert chain length counter*/ |
343 | count++; |
344 | |
345 | /* check if cert chain length exceeds the maximum length*/ |
346 | if (count > CERT_MAX_CERT_CHAIN20) { |
347 | return SECFailure; |
348 | } |
349 | |
350 | oid = SECOID_FindOIDSECOID_FindOID_Util(&subjectCert->subjectPublicKeyInfo.algorithm.algorithm); |
351 | if (oid != NULL((void*)0)) { |
352 | tag = oid->offset; |
353 | |
354 | /* Check if cert has a DSA or EC public key. If not, return |
355 | * success since no PQG params need to be updated. |
356 | * |
357 | * Question: do we really need to do this for EC keys. They don't have |
358 | * PQG parameters, but they do have parameters. The question is does |
359 | * the child cert inherit those parameters for EC from the parent, or |
360 | * do we always include those parameters in each cert. |
361 | */ |
362 | |
363 | if ((tag != SEC_OID_ANSIX9_DSA_SIGNATURE) && |
364 | (tag != SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) && |
365 | (tag != SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST) && |
366 | (tag != SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST) && |
367 | (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) && |
368 | (tag != SEC_OID_SDN702_DSA_SIGNATURE) && |
369 | (tag != SEC_OID_ED25519_PUBLIC_KEY) && |
370 | (tag != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) { |
371 | |
372 | return SECSuccess; |
373 | } |
374 | } else { |
375 | return SECFailure; /* return failure if oid is NULL */ |
376 | } |
377 | |
378 | /* if cert has PQG parameters, return success */ |
379 | |
380 | subjectSpki = &subjectCert->subjectPublicKeyInfo; |
381 | |
382 | if (subjectSpki->algorithm.parameters.len != 0) { |
383 | return SECSuccess; |
384 | } |
385 | |
386 | /* check if the cert is self-signed */ |
387 | if (subjectCert->isRoot) { |
388 | /* fail since cert is self-signed and has no pqg params. */ |
389 | return SECFailure; |
390 | } |
391 | |
392 | /* get issuer cert */ |
393 | issuerCert = CERT_FindCertIssuer(subjectCert, PR_Now(), certUsageAnyCA); |
394 | if (!issuerCert) { |
395 | return SECFailure; |
396 | } |
397 | |
398 | /* if parent is not DSA, return failure since |
399 | we don't allow this case. */ |
400 | |
401 | oid = SECOID_FindOIDSECOID_FindOID_Util(&issuerCert->subjectPublicKeyInfo.algorithm.algorithm); |
402 | if (oid != NULL((void*)0)) { |
403 | tag = oid->offset; |
404 | |
405 | /* Check if issuer cert has a DSA public key. If not, |
406 | * return failure. */ |
407 | |
408 | if ((tag != SEC_OID_ANSIX9_DSA_SIGNATURE) && |
409 | (tag != SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST) && |
410 | (tag != SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST) && |
411 | (tag != SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST) && |
412 | (tag != SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST) && |
413 | (tag != SEC_OID_SDN702_DSA_SIGNATURE) && |
414 | (tag != SEC_OID_ED25519_PUBLIC_KEY) && |
415 | (tag != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) { |
416 | rv = SECFailure; |
417 | goto loser; |
418 | } |
419 | } else { |
420 | rv = SECFailure; /* return failure if oid is NULL */ |
421 | goto loser; |
422 | } |
423 | |
424 | /* at this point the subject cert has no pqg parameters and the |
425 | * issuer cert has a DSA public key. Update the issuer's |
426 | * pqg parameters with a recursive call to this same function. */ |
427 | |
428 | rv = seckey_UpdateCertPQGChain(issuerCert, count); |
429 | if (rv != SECSuccess) { |
430 | rv = SECFailure; |
431 | goto loser; |
432 | } |
433 | |
434 | /* ensure issuer has pqg parameters */ |
435 | |
436 | issuerSpki = &issuerCert->subjectPublicKeyInfo; |
437 | if (issuerSpki->algorithm.parameters.len == 0) { |
438 | rv = SECFailure; |
439 | } |
440 | |
441 | /* if update was successful and pqg params present, then copy the |
442 | * parameters to the subject cert's key. */ |
443 | |
444 | if (rv == SECSuccess) { |
445 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(subjectCert->arena, |
446 | &subjectSpki->algorithm.parameters, |
447 | &issuerSpki->algorithm.parameters); |
448 | } |
449 | |
450 | loser: |
451 | if (issuerCert) { |
452 | CERT_DestroyCertificate(issuerCert); |
453 | } |
454 | return rv; |
455 | } |
456 | |
457 | SECStatus |
458 | SECKEY_UpdateCertPQG(CERTCertificate *subjectCert) |
459 | { |
460 | if (!subjectCert) { |
461 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_ARGS); |
462 | return SECFailure; |
463 | } |
464 | return seckey_UpdateCertPQGChain(subjectCert, 0); |
465 | } |
466 | |
467 | /* Decode the DSA PQG parameters. The params could be stored in two |
468 | * possible formats, the old fortezza-only wrapped format or |
469 | * the normal standard format. Store the decoded parameters in |
470 | * a V3 certificate data structure. */ |
471 | |
472 | static SECStatus |
473 | seckey_DSADecodePQG(PLArenaPool *arena, SECKEYPublicKey *pubk, |
474 | const SECItem *params) |
475 | { |
476 | SECStatus rv; |
477 | SECItem newparams; |
478 | |
479 | if (params == NULL((void*)0)) |
480 | return SECFailure; |
481 | |
482 | if (params->data == NULL((void*)0)) |
483 | return SECFailure; |
484 | |
485 | PORT_Assert(arena)((arena)?((void)0):PR_Assert("arena","seckey.c",485)); |
486 | |
487 | /* make a copy of the data into the arena so QuickDER output is valid */ |
488 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &newparams, params); |
489 | |
490 | /* Check if params use the standard format. |
491 | * The value 0xa1 will appear in the first byte of the parameter data |
492 | * if the PQG parameters are not using the standard format. This |
493 | * code should be changed to use a better method to detect non-standard |
494 | * parameters. */ |
495 | |
496 | if ((newparams.data[0] != 0xa1) && |
497 | (newparams.data[0] != 0xa0)) { |
498 | |
499 | if (SECSuccess == rv) { |
500 | /* PQG params are in the standard format */ |
501 | prepare_pqg_params_for_asn1(&pubk->u.dsa.params); |
502 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, &pubk->u.dsa.params, |
503 | SECKEY_PQGParamsTemplate, |
504 | &newparams); |
505 | } |
506 | } else { |
507 | |
508 | if (SECSuccess == rv) { |
509 | /* else the old fortezza-only wrapped format is used. */ |
510 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_BAD_DER); |
511 | rv = SECFailure; |
512 | } |
513 | } |
514 | return rv; |
515 | } |
516 | |
517 | /* Function used to make an oid tag to a key type */ |
518 | KeyType |
519 | seckey_GetKeyType(SECOidTag tag) |
520 | { |
521 | KeyType keyType; |
522 | |
523 | switch (tag) { |
524 | case SEC_OID_X500_RSA_ENCRYPTION: |
525 | case SEC_OID_PKCS1_RSA_ENCRYPTION: |
526 | keyType = rsaKey; |
527 | break; |
528 | case SEC_OID_PKCS1_RSA_PSS_SIGNATURE: |
529 | keyType = rsaPssKey; |
530 | break; |
531 | case SEC_OID_PKCS1_RSA_OAEP_ENCRYPTION: |
532 | keyType = rsaOaepKey; |
533 | break; |
534 | case SEC_OID_ANSIX9_DSA_SIGNATURE: |
535 | keyType = dsaKey; |
536 | break; |
537 | case SEC_OID_MISSI_KEA_DSS_OLD: |
538 | case SEC_OID_MISSI_KEA_DSS: |
539 | case SEC_OID_MISSI_DSS_OLD: |
540 | case SEC_OID_MISSI_DSS: |
541 | keyType = fortezzaKey; |
542 | break; |
543 | case SEC_OID_MISSI_KEA: |
544 | case SEC_OID_MISSI_ALT_KEA: |
545 | keyType = keaKey; |
546 | break; |
547 | case SEC_OID_X942_DIFFIE_HELMAN_KEY: |
548 | keyType = dhKey; |
549 | break; |
550 | case SEC_OID_ANSIX962_EC_PUBLIC_KEY: |
551 | keyType = ecKey; |
552 | break; |
553 | case SEC_OID_ED25519_PUBLIC_KEY: |
554 | keyType = edKey; |
555 | break; |
556 | /* accommodate applications that hand us a signature type when they |
557 | * should be handing us a cipher type */ |
558 | case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION: |
559 | case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION: |
560 | case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION: |
561 | case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION: |
562 | case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION: |
563 | case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION: |
564 | keyType = rsaKey; |
565 | break; |
566 | default: |
567 | keyType = nullKey; |
568 | } |
569 | return keyType; |
570 | } |
571 | |
572 | /* Function used to determine what kind of cert we are dealing with. */ |
573 | KeyType |
574 | CERT_GetCertKeyType(const CERTSubjectPublicKeyInfo *spki) |
575 | { |
576 | return seckey_GetKeyType(SECOID_GetAlgorithmTagSECOID_GetAlgorithmTag_Util(&spki->algorithm)); |
577 | } |
578 | |
579 | /* Ensure pubKey contains an OID */ |
580 | static SECStatus |
581 | seckey_HasCurveOID(const SECKEYPublicKey *pubKey) |
582 | { |
583 | SECItem oid; |
584 | SECStatus rv; |
585 | PORTCheapArenaPool tmpArena; |
586 | |
587 | PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE(2048)); |
588 | /* If we can decode it, an OID is available. */ |
589 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(&tmpArena.arena, &oid, |
590 | SEC_ASN1_GET(SEC_ObjectIDTemplate)SEC_ObjectIDTemplate_Util, |
591 | &pubKey->u.ec.DEREncodedParams); |
592 | PORT_DestroyCheapArena(&tmpArena); |
593 | return rv; |
594 | } |
595 | |
596 | static SECKEYPublicKey * |
597 | seckey_ExtractPublicKey(const CERTSubjectPublicKeyInfo *spki) |
598 | { |
599 | SECKEYPublicKey *pubk; |
600 | SECItem os, newOs, newParms; |
601 | SECStatus rv; |
602 | PLArenaPool *arena; |
603 | SECOidTag tag; |
604 | |
605 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); |
606 | if (arena == NULL((void*)0)) |
607 | return NULL((void*)0); |
608 | |
609 | pubk = (SECKEYPublicKey *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena, sizeof(SECKEYPublicKey)); |
610 | if (pubk == NULL((void*)0)) { |
611 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); |
612 | return NULL((void*)0); |
613 | } |
614 | |
615 | pubk->arena = arena; |
616 | pubk->pkcs11Slot = 0; |
617 | pubk->pkcs11ID = CK_INVALID_HANDLE0; |
618 | |
619 | /* Convert bit string length from bits to bytes */ |
620 | os = spki->subjectPublicKey; |
621 | DER_ConvertBitString(&os){ (&os)->len = ((&os)->len + 7) >> 3; }; |
622 | |
623 | tag = SECOID_GetAlgorithmTagSECOID_GetAlgorithmTag_Util(&spki->algorithm); |
624 | |
625 | /* copy the DER into the arena, since Quick DER returns data that points |
626 | into the DER input, which may get freed by the caller */ |
627 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &newOs, &os); |
628 | if (rv == SECSuccess) |
629 | switch (tag) { |
630 | case SEC_OID_X500_RSA_ENCRYPTION: |
631 | case SEC_OID_PKCS1_RSA_ENCRYPTION: |
632 | case SEC_OID_PKCS1_RSA_PSS_SIGNATURE: |
633 | pubk->keyType = rsaKey; |
634 | prepare_rsa_pub_key_for_asn1(pubk); |
635 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, pubk, SECKEY_RSAPublicKeyTemplate, &newOs); |
636 | if (rv == SECSuccess) |
637 | return pubk; |
638 | break; |
639 | case SEC_OID_ANSIX9_DSA_SIGNATURE: |
640 | case SEC_OID_SDN702_DSA_SIGNATURE: |
641 | pubk->keyType = dsaKey; |
642 | prepare_dsa_pub_key_for_asn1(pubk); |
643 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, pubk, SECKEY_DSAPublicKeyTemplate, &newOs); |
644 | if (rv != SECSuccess) |
645 | break; |
646 | |
647 | rv = seckey_DSADecodePQG(arena, pubk, |
648 | &spki->algorithm.parameters); |
649 | |
650 | if (rv == SECSuccess) |
651 | return pubk; |
652 | break; |
653 | case SEC_OID_X942_DIFFIE_HELMAN_KEY: |
654 | pubk->keyType = dhKey; |
655 | prepare_dh_pub_key_for_asn1(pubk); |
656 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, pubk, SECKEY_DHPublicKeyTemplate, &newOs); |
657 | if (rv != SECSuccess) |
658 | break; |
659 | |
660 | /* copy the DER into the arena, since Quick DER returns data that points |
661 | into the DER input, which may get freed by the caller */ |
662 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &newParms, &spki->algorithm.parameters); |
663 | if (rv != SECSuccess) |
664 | break; |
665 | |
666 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, pubk, SECKEY_DHParamKeyTemplate, |
667 | &newParms); |
668 | |
669 | if (rv == SECSuccess) |
670 | return pubk; |
671 | break; |
672 | case SEC_OID_ED25519_PUBLIC_KEY: |
673 | /* A basic consistency check on inputs. */ |
674 | if (newOs.len == 0) { |
675 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INPUT_LEN); |
676 | break; |
677 | } |
678 | |
679 | /* Currently supporting only (Pure)Ed25519 .*/ |
680 | if (spki->algorithm.parameters.len != 0) { |
681 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_UNSUPPORTED_KEYALG); |
682 | break; |
683 | } |
684 | |
685 | pubk->keyType = edKey; |
686 | pubk->u.ec.size = 0; |
687 | |
688 | SECOidData *oidEd25519 = SECOID_FindOIDByTagSECOID_FindOIDByTag_Util(SEC_OID_ED25519_PUBLIC_KEY); |
689 | |
690 | if (!SECITEM_AllocItemSECITEM_AllocItem_Util(arena, &pubk->u.ec.DEREncodedParams, oidEd25519->oid.len + 2)) { |
691 | rv = SECFailure; |
Value stored to 'rv' is never read | |
692 | break; |
693 | } |
694 | pubk->u.ec.DEREncodedParams.data[0] = SEC_ASN1_OBJECT_ID0x06; |
695 | pubk->u.ec.DEREncodedParams.data[1] = oidEd25519->oid.len; |
696 | PORT_Memcpymemcpy(pubk->u.ec.DEREncodedParams.data + 2, oidEd25519->oid.data, oidEd25519->oid.len); |
697 | |
698 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.ec.publicValue, &newOs); |
699 | if (rv != SECSuccess) { |
700 | break; |
701 | } |
702 | return pubk; |
703 | case SEC_OID_ANSIX962_EC_PUBLIC_KEY: |
704 | /* A basic sanity check on inputs. */ |
705 | if (spki->algorithm.parameters.len == 0 || newOs.len == 0) { |
706 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INPUT_LEN); |
707 | break; |
708 | } |
709 | pubk->keyType = ecKey; |
710 | pubk->u.ec.size = 0; |
711 | |
712 | /* Since PKCS#11 directly takes the DER encoding of EC params |
713 | * and public value, we don't need any decoding here. |
714 | */ |
715 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.ec.DEREncodedParams, |
716 | &spki->algorithm.parameters); |
717 | if (rv != SECSuccess) { |
718 | break; |
719 | } |
720 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &pubk->u.ec.publicValue, &newOs); |
721 | if (rv != SECSuccess) { |
722 | break; |
723 | } |
724 | pubk->u.ec.encoding = ECPoint_Undefined; |
725 | rv = seckey_HasCurveOID(pubk); |
726 | if (rv == SECSuccess) { |
727 | return pubk; |
728 | } |
729 | break; |
730 | |
731 | default: |
732 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_UNSUPPORTED_KEYALG); |
733 | break; |
734 | } |
735 | |
736 | SECKEY_DestroyPublicKey(pubk); |
737 | return NULL((void*)0); |
738 | } |
739 | |
740 | /* required for JSS */ |
741 | SECKEYPublicKey * |
742 | SECKEY_ExtractPublicKey(const CERTSubjectPublicKeyInfo *spki) |
743 | { |
744 | return seckey_ExtractPublicKey(spki); |
745 | } |
746 | |
747 | SECKEYPublicKey * |
748 | CERT_ExtractPublicKey(CERTCertificate *cert) |
749 | { |
750 | return seckey_ExtractPublicKey(&cert->subjectPublicKeyInfo); |
751 | } |
752 | |
753 | int |
754 | SECKEY_ECParamsToKeySize(const SECItem *encodedParams) |
755 | { |
756 | SECOidTag tag; |
757 | SECItem oid = { siBuffer, NULL((void*)0), 0 }; |
758 | |
759 | /* The encodedParams data contains 0x06 (SEC_ASN1_OBJECT_ID), |
760 | * followed by the length of the curve oid and the curve oid. |
761 | */ |
762 | oid.len = encodedParams->data[1]; |
763 | oid.data = encodedParams->data + 2; |
764 | if ((tag = SECOID_FindOIDTagSECOID_FindOIDTag_Util(&oid)) == SEC_OID_UNKNOWN) |
765 | return 0; |
766 | |
767 | switch (tag) { |
768 | case SEC_OID_SECG_EC_SECP112R1: |
769 | case SEC_OID_SECG_EC_SECP112R2: |
770 | return 112; |
771 | |
772 | case SEC_OID_SECG_EC_SECT113R1: |
773 | case SEC_OID_SECG_EC_SECT113R2: |
774 | return 113; |
775 | |
776 | case SEC_OID_SECG_EC_SECP128R1: |
777 | case SEC_OID_SECG_EC_SECP128R2: |
778 | return 128; |
779 | |
780 | case SEC_OID_SECG_EC_SECT131R1: |
781 | case SEC_OID_SECG_EC_SECT131R2: |
782 | return 131; |
783 | |
784 | case SEC_OID_SECG_EC_SECP160K1: |
785 | case SEC_OID_SECG_EC_SECP160R1: |
786 | case SEC_OID_SECG_EC_SECP160R2: |
787 | return 160; |
788 | |
789 | case SEC_OID_SECG_EC_SECT163K1: |
790 | case SEC_OID_SECG_EC_SECT163R1: |
791 | case SEC_OID_SECG_EC_SECT163R2: |
792 | case SEC_OID_ANSIX962_EC_C2PNB163V1: |
793 | case SEC_OID_ANSIX962_EC_C2PNB163V2: |
794 | case SEC_OID_ANSIX962_EC_C2PNB163V3: |
795 | return 163; |
796 | |
797 | case SEC_OID_ANSIX962_EC_C2PNB176V1: |
798 | return 176; |
799 | |
800 | case SEC_OID_ANSIX962_EC_C2TNB191V1: |
801 | case SEC_OID_ANSIX962_EC_C2TNB191V2: |
802 | case SEC_OID_ANSIX962_EC_C2TNB191V3: |
803 | case SEC_OID_ANSIX962_EC_C2ONB191V4: |
804 | case SEC_OID_ANSIX962_EC_C2ONB191V5: |
805 | return 191; |
806 | |
807 | case SEC_OID_SECG_EC_SECP192K1: |
808 | case SEC_OID_ANSIX962_EC_PRIME192V1: |
809 | case SEC_OID_ANSIX962_EC_PRIME192V2: |
810 | case SEC_OID_ANSIX962_EC_PRIME192V3: |
811 | return 192; |
812 | |
813 | case SEC_OID_SECG_EC_SECT193R1: |
814 | case SEC_OID_SECG_EC_SECT193R2: |
815 | return 193; |
816 | |
817 | case SEC_OID_ANSIX962_EC_C2PNB208W1: |
818 | return 208; |
819 | |
820 | case SEC_OID_SECG_EC_SECP224K1: |
821 | case SEC_OID_SECG_EC_SECP224R1: |
822 | return 224; |
823 | |
824 | case SEC_OID_SECG_EC_SECT233K1: |
825 | case SEC_OID_SECG_EC_SECT233R1: |
826 | return 233; |
827 | |
828 | case SEC_OID_SECG_EC_SECT239K1: |
829 | case SEC_OID_ANSIX962_EC_C2TNB239V1: |
830 | case SEC_OID_ANSIX962_EC_C2TNB239V2: |
831 | case SEC_OID_ANSIX962_EC_C2TNB239V3: |
832 | case SEC_OID_ANSIX962_EC_C2ONB239V4: |
833 | case SEC_OID_ANSIX962_EC_C2ONB239V5: |
834 | case SEC_OID_ANSIX962_EC_PRIME239V1: |
835 | case SEC_OID_ANSIX962_EC_PRIME239V2: |
836 | case SEC_OID_ANSIX962_EC_PRIME239V3: |
837 | return 239; |
838 | |
839 | case SEC_OID_SECG_EC_SECP256K1: |
840 | case SEC_OID_ANSIX962_EC_PRIME256V1: |
841 | return 256; |
842 | |
843 | case SEC_OID_ANSIX962_EC_C2PNB272W1: |
844 | return 272; |
845 | |
846 | case SEC_OID_SECG_EC_SECT283K1: |
847 | case SEC_OID_SECG_EC_SECT283R1: |
848 | return 283; |
849 | |
850 | case SEC_OID_ANSIX962_EC_C2PNB304W1: |
851 | return 304; |
852 | |
853 | case SEC_OID_ANSIX962_EC_C2TNB359V1: |
854 | return 359; |
855 | |
856 | case SEC_OID_ANSIX962_EC_C2PNB368W1: |
857 | return 368; |
858 | |
859 | case SEC_OID_SECG_EC_SECP384R1: |
860 | return 384; |
861 | |
862 | case SEC_OID_SECG_EC_SECT409K1: |
863 | case SEC_OID_SECG_EC_SECT409R1: |
864 | return 409; |
865 | |
866 | case SEC_OID_ANSIX962_EC_C2TNB431R1: |
867 | return 431; |
868 | |
869 | case SEC_OID_SECG_EC_SECP521R1: |
870 | return 521; |
871 | |
872 | case SEC_OID_SECG_EC_SECT571K1: |
873 | case SEC_OID_SECG_EC_SECT571R1: |
874 | return 571; |
875 | |
876 | case SEC_OID_CURVE25519: |
877 | case SEC_OID_ED25519_PUBLIC_KEY: |
878 | return 255; |
879 | |
880 | default: |
881 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); |
882 | return 0; |
883 | } |
884 | } |
885 | |
886 | int |
887 | SECKEY_ECParamsToBasePointOrderLen(const SECItem *encodedParams) |
888 | { |
889 | SECOidTag tag; |
890 | SECItem oid = { siBuffer, NULL((void*)0), 0 }; |
891 | |
892 | /* The encodedParams data contains 0x06 (SEC_ASN1_OBJECT_ID), |
893 | * followed by the length of the curve oid and the curve oid. |
894 | */ |
895 | oid.len = encodedParams->data[1]; |
896 | oid.data = encodedParams->data + 2; |
897 | if ((tag = SECOID_FindOIDTagSECOID_FindOIDTag_Util(&oid)) == SEC_OID_UNKNOWN) |
898 | return 0; |
899 | |
900 | switch (tag) { |
901 | case SEC_OID_SECG_EC_SECP112R1: |
902 | return 112; |
903 | case SEC_OID_SECG_EC_SECP112R2: |
904 | return 110; |
905 | |
906 | case SEC_OID_SECG_EC_SECT113R1: |
907 | case SEC_OID_SECG_EC_SECT113R2: |
908 | return 113; |
909 | |
910 | case SEC_OID_SECG_EC_SECP128R1: |
911 | return 128; |
912 | case SEC_OID_SECG_EC_SECP128R2: |
913 | return 126; |
914 | |
915 | case SEC_OID_SECG_EC_SECT131R1: |
916 | case SEC_OID_SECG_EC_SECT131R2: |
917 | return 131; |
918 | |
919 | case SEC_OID_SECG_EC_SECP160K1: |
920 | case SEC_OID_SECG_EC_SECP160R1: |
921 | case SEC_OID_SECG_EC_SECP160R2: |
922 | return 161; |
923 | |
924 | case SEC_OID_SECG_EC_SECT163K1: |
925 | return 163; |
926 | case SEC_OID_SECG_EC_SECT163R1: |
927 | return 162; |
928 | case SEC_OID_SECG_EC_SECT163R2: |
929 | case SEC_OID_ANSIX962_EC_C2PNB163V1: |
930 | return 163; |
931 | case SEC_OID_ANSIX962_EC_C2PNB163V2: |
932 | case SEC_OID_ANSIX962_EC_C2PNB163V3: |
933 | return 162; |
934 | |
935 | case SEC_OID_ANSIX962_EC_C2PNB176V1: |
936 | return 161; |
937 | |
938 | case SEC_OID_ANSIX962_EC_C2TNB191V1: |
939 | return 191; |
940 | case SEC_OID_ANSIX962_EC_C2TNB191V2: |
941 | return 190; |
942 | case SEC_OID_ANSIX962_EC_C2TNB191V3: |
943 | return 189; |
944 | case SEC_OID_ANSIX962_EC_C2ONB191V4: |
945 | return 191; |
946 | case SEC_OID_ANSIX962_EC_C2ONB191V5: |
947 | return 188; |
948 | |
949 | case SEC_OID_SECG_EC_SECP192K1: |
950 | case SEC_OID_ANSIX962_EC_PRIME192V1: |
951 | case SEC_OID_ANSIX962_EC_PRIME192V2: |
952 | case SEC_OID_ANSIX962_EC_PRIME192V3: |
953 | return 192; |
954 | |
955 | case SEC_OID_SECG_EC_SECT193R1: |
956 | case SEC_OID_SECG_EC_SECT193R2: |
957 | return 193; |
958 | |
959 | case SEC_OID_ANSIX962_EC_C2PNB208W1: |
960 | return 193; |
961 | |
962 | case SEC_OID_SECG_EC_SECP224K1: |
963 | return 225; |
964 | case SEC_OID_SECG_EC_SECP224R1: |
965 | return 224; |
966 | |
967 | case SEC_OID_SECG_EC_SECT233K1: |
968 | return 232; |
969 | case SEC_OID_SECG_EC_SECT233R1: |
970 | return 233; |
971 | |
972 | case SEC_OID_SECG_EC_SECT239K1: |
973 | case SEC_OID_ANSIX962_EC_C2TNB239V1: |
974 | return 238; |
975 | case SEC_OID_ANSIX962_EC_C2TNB239V2: |
976 | return 237; |
977 | case SEC_OID_ANSIX962_EC_C2TNB239V3: |
978 | return 236; |
979 | case SEC_OID_ANSIX962_EC_C2ONB239V4: |
980 | return 238; |
981 | case SEC_OID_ANSIX962_EC_C2ONB239V5: |
982 | return 237; |
983 | case SEC_OID_ANSIX962_EC_PRIME239V1: |
984 | case SEC_OID_ANSIX962_EC_PRIME239V2: |
985 | case SEC_OID_ANSIX962_EC_PRIME239V3: |
986 | return 239; |
987 | |
988 | case SEC_OID_SECG_EC_SECP256K1: |
989 | case SEC_OID_ANSIX962_EC_PRIME256V1: |
990 | return 256; |
991 | |
992 | case SEC_OID_ANSIX962_EC_C2PNB272W1: |
993 | return 257; |
994 | |
995 | case SEC_OID_SECG_EC_SECT283K1: |
996 | return 281; |
997 | case SEC_OID_SECG_EC_SECT283R1: |
998 | return 282; |
999 | |
1000 | case SEC_OID_ANSIX962_EC_C2PNB304W1: |
1001 | return 289; |
1002 | |
1003 | case SEC_OID_ANSIX962_EC_C2TNB359V1: |
1004 | return 353; |
1005 | |
1006 | case SEC_OID_ANSIX962_EC_C2PNB368W1: |
1007 | return 353; |
1008 | |
1009 | case SEC_OID_SECG_EC_SECP384R1: |
1010 | return 384; |
1011 | |
1012 | case SEC_OID_SECG_EC_SECT409K1: |
1013 | return 407; |
1014 | case SEC_OID_SECG_EC_SECT409R1: |
1015 | return 409; |
1016 | |
1017 | case SEC_OID_ANSIX962_EC_C2TNB431R1: |
1018 | return 418; |
1019 | |
1020 | case SEC_OID_SECG_EC_SECP521R1: |
1021 | return 521; |
1022 | |
1023 | case SEC_OID_SECG_EC_SECT571K1: |
1024 | case SEC_OID_SECG_EC_SECT571R1: |
1025 | return 570; |
1026 | |
1027 | case SEC_OID_CURVE25519: |
1028 | case SEC_OID_ED25519_PUBLIC_KEY: |
1029 | return 255; |
1030 | |
1031 | default: |
1032 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); |
1033 | return 0; |
1034 | } |
1035 | } |
1036 | |
1037 | /* The number of bits in the number from the first non-zero bit onward. */ |
1038 | unsigned |
1039 | SECKEY_BigIntegerBitLength(const SECItem *number) |
1040 | { |
1041 | const unsigned char *p; |
1042 | unsigned octets; |
1043 | unsigned bits; |
1044 | |
1045 | if (!number || !number->data) { |
1046 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_KEY); |
1047 | return 0; |
1048 | } |
1049 | |
1050 | p = number->data; |
1051 | octets = number->len; |
1052 | while (octets > 0 && !*p) { |
1053 | ++p; |
1054 | --octets; |
1055 | } |
1056 | if (octets == 0) { |
1057 | return 0; |
1058 | } |
1059 | /* bits = 7..1 because we know at least one bit is set already */ |
1060 | /* Note: This could do a binary search, but this is faster for keys if we |
1061 | * assume that good keys will have the MSB set. */ |
1062 | for (bits = 7; bits > 0; --bits) { |
1063 | if (*p & (1 << bits)) { |
1064 | break; |
1065 | } |
1066 | } |
1067 | return octets * 8 + bits - 7; |
1068 | } |
1069 | |
1070 | /* returns key strength in bytes (not bits) */ |
1071 | unsigned |
1072 | SECKEY_PublicKeyStrength(const SECKEYPublicKey *pubk) |
1073 | { |
1074 | return (SECKEY_PublicKeyStrengthInBits(pubk) + 7) / 8; |
1075 | } |
1076 | |
1077 | /* returns key strength in bits */ |
1078 | unsigned |
1079 | SECKEY_PublicKeyStrengthInBits(const SECKEYPublicKey *pubk) |
1080 | { |
1081 | unsigned bitSize = 0; |
1082 | |
1083 | if (!pubk) { |
1084 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_KEY); |
1085 | return 0; |
1086 | } |
1087 | |
1088 | /* interpret modulus length as key strength */ |
1089 | switch (pubk->keyType) { |
1090 | case rsaKey: |
1091 | bitSize = SECKEY_BigIntegerBitLength(&pubk->u.rsa.modulus); |
1092 | break; |
1093 | case dsaKey: |
1094 | bitSize = SECKEY_BigIntegerBitLength(&pubk->u.dsa.params.prime); |
1095 | break; |
1096 | case dhKey: |
1097 | bitSize = SECKEY_BigIntegerBitLength(&pubk->u.dh.prime); |
1098 | break; |
1099 | case ecKey: |
1100 | case edKey: |
1101 | bitSize = SECKEY_ECParamsToKeySize(&pubk->u.ec.DEREncodedParams); |
1102 | break; |
1103 | default: |
1104 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_KEY); |
1105 | break; |
1106 | } |
1107 | return bitSize; |
1108 | } |
1109 | |
1110 | unsigned |
1111 | SECKEY_PrivateKeyStrengthInBits(const SECKEYPrivateKey *privk) |
1112 | { |
1113 | unsigned bitSize = 0; |
1114 | SECItem params = { siBuffer, NULL((void*)0), 0 }; |
1115 | SECStatus rv; |
1116 | |
1117 | if (!privk) { |
1118 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_KEY); |
1119 | return 0; |
1120 | } |
1121 | |
1122 | /* interpret modulus length as key strength */ |
1123 | switch (privk->keyType) { |
1124 | case rsaKey: |
1125 | case rsaPssKey: |
1126 | case rsaOaepKey: |
1127 | /* some tokens don't export CKA_MODULUS on the private key, |
1128 | * PK11_SignatureLen works around this if necessary */ |
1129 | bitSize = PK11_SignatureLen((SECKEYPrivateKey *)privk) * PR_BITS_PER_BYTE8; |
1130 | if (bitSize == -1) { |
1131 | bitSize = 0; |
1132 | } |
1133 | return bitSize; |
1134 | case dsaKey: |
1135 | case fortezzaKey: |
1136 | case dhKey: |
1137 | case keaKey: |
1138 | rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, |
1139 | CKA_PRIME0x00000130UL, NULL((void*)0), ¶ms); |
1140 | if ((rv != SECSuccess) || (params.data == NULL((void*)0))) { |
1141 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_KEY); |
1142 | return 0; |
1143 | } |
1144 | bitSize = SECKEY_BigIntegerBitLength(¶ms); |
1145 | PORT_FreePORT_Free_Util(params.data); |
1146 | return bitSize; |
1147 | case ecKey: |
1148 | rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, |
1149 | CKA_EC_PARAMS0x00000180UL, NULL((void*)0), ¶ms); |
1150 | if ((rv != SECSuccess) || (params.data == NULL((void*)0))) { |
1151 | return 0; |
1152 | } |
1153 | bitSize = SECKEY_ECParamsToKeySize(¶ms); |
1154 | PORT_FreePORT_Free_Util(params.data); |
1155 | return bitSize; |
1156 | default: |
1157 | break; |
1158 | } |
1159 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_KEY); |
1160 | return 0; |
1161 | } |
1162 | |
1163 | /* returns signature length in bytes (not bits) */ |
1164 | unsigned |
1165 | SECKEY_SignatureLen(const SECKEYPublicKey *pubk) |
1166 | { |
1167 | unsigned size; |
1168 | |
1169 | switch (pubk->keyType) { |
1170 | case rsaKey: |
1171 | case rsaPssKey: |
1172 | if (pubk->u.rsa.modulus.len == 0) { |
1173 | return 0; |
1174 | } |
1175 | if (pubk->u.rsa.modulus.data[0] == 0) { |
1176 | return pubk->u.rsa.modulus.len - 1; |
1177 | } |
1178 | return pubk->u.rsa.modulus.len; |
1179 | case dsaKey: |
1180 | return pubk->u.dsa.params.subPrime.len * 2; |
1181 | case ecKey: |
1182 | case edKey: |
1183 | /* Get the base point order length in bits and adjust */ |
1184 | size = SECKEY_ECParamsToBasePointOrderLen( |
1185 | &pubk->u.ec.DEREncodedParams); |
1186 | return ((size + 7) / 8) * 2; |
1187 | default: |
1188 | break; |
1189 | } |
1190 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_KEY); |
1191 | return 0; |
1192 | } |
1193 | |
1194 | SECKEYPrivateKey * |
1195 | SECKEY_CopyPrivateKey(const SECKEYPrivateKey *privk) |
1196 | { |
1197 | SECKEYPrivateKey *copyk; |
1198 | PLArenaPool *arena; |
1199 | |
1200 | if (!privk || !privk->pkcs11Slot) { |
1201 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_ARGS); |
1202 | return NULL((void*)0); |
1203 | } |
1204 | |
1205 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); |
1206 | if (arena == NULL((void*)0)) { |
1207 | return NULL((void*)0); |
1208 | } |
1209 | |
1210 | copyk = (SECKEYPrivateKey *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena, sizeof(SECKEYPrivateKey)); |
1211 | if (copyk) { |
1212 | copyk->arena = arena; |
1213 | copyk->keyType = privk->keyType; |
1214 | |
1215 | /* copy the PKCS #11 parameters */ |
1216 | copyk->pkcs11Slot = PK11_ReferenceSlot(privk->pkcs11Slot); |
1217 | /* if the key we're referencing was a temparary key we have just |
1218 | * created, that we want to go away when we're through, we need |
1219 | * to make a copy of it */ |
1220 | if (privk->pkcs11IsTemp) { |
1221 | copyk->pkcs11ID = |
1222 | PK11_CopyKey(privk->pkcs11Slot, privk->pkcs11ID); |
1223 | if (copyk->pkcs11ID == CK_INVALID_HANDLE0) |
1224 | goto fail; |
1225 | } else { |
1226 | copyk->pkcs11ID = privk->pkcs11ID; |
1227 | } |
1228 | copyk->pkcs11IsTemp = privk->pkcs11IsTemp; |
1229 | copyk->wincx = privk->wincx; |
1230 | copyk->staticflags = privk->staticflags; |
1231 | return copyk; |
1232 | } else { |
1233 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY); |
1234 | } |
1235 | |
1236 | fail: |
1237 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); |
1238 | return NULL((void*)0); |
1239 | } |
1240 | |
1241 | SECKEYPublicKey * |
1242 | SECKEY_CopyPublicKey(const SECKEYPublicKey *pubk) |
1243 | { |
1244 | SECKEYPublicKey *copyk; |
1245 | PLArenaPool *arena; |
1246 | SECStatus rv = SECSuccess; |
1247 | |
1248 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); |
1249 | if (arena == NULL((void*)0)) { |
1250 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY); |
1251 | return NULL((void*)0); |
1252 | } |
1253 | |
1254 | copyk = (SECKEYPublicKey *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena, sizeof(SECKEYPublicKey)); |
1255 | if (!copyk) { |
1256 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); |
1257 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY); |
1258 | return NULL((void*)0); |
1259 | } |
1260 | |
1261 | copyk->arena = arena; |
1262 | copyk->keyType = pubk->keyType; |
1263 | if (pubk->pkcs11Slot && |
1264 | PK11_IsPermObject(pubk->pkcs11Slot, pubk->pkcs11ID)) { |
1265 | copyk->pkcs11Slot = PK11_ReferenceSlot(pubk->pkcs11Slot); |
1266 | copyk->pkcs11ID = pubk->pkcs11ID; |
1267 | } else { |
1268 | copyk->pkcs11Slot = NULL((void*)0); /* go get own reference */ |
1269 | copyk->pkcs11ID = CK_INVALID_HANDLE0; |
1270 | } |
1271 | switch (pubk->keyType) { |
1272 | case rsaKey: |
1273 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.rsa.modulus, |
1274 | &pubk->u.rsa.modulus); |
1275 | if (rv == SECSuccess) { |
1276 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.rsa.publicExponent, |
1277 | &pubk->u.rsa.publicExponent); |
1278 | if (rv == SECSuccess) |
1279 | return copyk; |
1280 | } |
1281 | break; |
1282 | case dsaKey: |
1283 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.dsa.publicValue, |
1284 | &pubk->u.dsa.publicValue); |
1285 | if (rv != SECSuccess) |
1286 | break; |
1287 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.dsa.params.prime, |
1288 | &pubk->u.dsa.params.prime); |
1289 | if (rv != SECSuccess) |
1290 | break; |
1291 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.dsa.params.subPrime, |
1292 | &pubk->u.dsa.params.subPrime); |
1293 | if (rv != SECSuccess) |
1294 | break; |
1295 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.dsa.params.base, |
1296 | &pubk->u.dsa.params.base); |
1297 | break; |
1298 | case dhKey: |
1299 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.dh.prime, &pubk->u.dh.prime); |
1300 | if (rv != SECSuccess) |
1301 | break; |
1302 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.dh.base, &pubk->u.dh.base); |
1303 | if (rv != SECSuccess) |
1304 | break; |
1305 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.dh.publicValue, |
1306 | &pubk->u.dh.publicValue); |
1307 | break; |
1308 | case ecKey: |
1309 | case edKey: |
1310 | copyk->u.ec.size = pubk->u.ec.size; |
1311 | rv = seckey_HasCurveOID(pubk); |
1312 | if (rv != SECSuccess) { |
1313 | break; |
1314 | } |
1315 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.ec.DEREncodedParams, |
1316 | &pubk->u.ec.DEREncodedParams); |
1317 | if (rv != SECSuccess) { |
1318 | break; |
1319 | } |
1320 | copyk->u.ec.encoding = ECPoint_Undefined; |
1321 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.ec.publicValue, |
1322 | &pubk->u.ec.publicValue); |
1323 | break; |
1324 | case nullKey: |
1325 | return copyk; |
1326 | case kyberKey: |
1327 | copyk->u.kyber.params = pubk->u.kyber.params; |
1328 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ©k->u.kyber.publicValue, |
1329 | &pubk->u.kyber.publicValue); |
1330 | break; |
1331 | default: |
1332 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_KEY); |
1333 | rv = SECFailure; |
1334 | break; |
1335 | } |
1336 | if (rv == SECSuccess) |
1337 | return copyk; |
1338 | |
1339 | SECKEY_DestroyPublicKey(copyk); |
1340 | return NULL((void*)0); |
1341 | } |
1342 | |
1343 | /* |
1344 | * Check that a given key meets the policy limits for the given key |
1345 | * size. |
1346 | */ |
1347 | SECStatus |
1348 | seckey_EnforceKeySize(KeyType keyType, unsigned keyLength, SECErrorCodes error) |
1349 | { |
1350 | PRInt32 opt = -1; |
1351 | PRInt32 optVal; |
1352 | SECStatus rv; |
1353 | |
1354 | switch (keyType) { |
1355 | case rsaKey: |
1356 | case rsaPssKey: |
1357 | case rsaOaepKey: |
1358 | opt = NSS_RSA_MIN_KEY_SIZE0x001; |
1359 | break; |
1360 | case dsaKey: |
1361 | case fortezzaKey: |
1362 | opt = NSS_DSA_MIN_KEY_SIZE0x004; |
1363 | break; |
1364 | case dhKey: |
1365 | case keaKey: |
1366 | opt = NSS_DH_MIN_KEY_SIZE0x002; |
1367 | break; |
1368 | case ecKey: |
1369 | opt = NSS_ECC_MIN_KEY_SIZE0x011; |
1370 | break; |
1371 | case nullKey: |
1372 | default: |
1373 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_KEY); |
1374 | return SECFailure; |
1375 | } |
1376 | PORT_Assert(opt != -1)((opt != -1)?((void)0):PR_Assert("opt != -1","seckey.c",1376) ); |
1377 | rv = NSS_OptionGet(opt, &optVal); |
1378 | if (rv != SECSuccess) { |
1379 | return rv; |
1380 | } |
1381 | if (optVal > keyLength) { |
1382 | PORT_SetErrorPORT_SetError_Util(error); |
1383 | return SECFailure; |
1384 | } |
1385 | return SECSuccess; |
1386 | } |
1387 | |
1388 | /* |
1389 | * Use the private key to find a public key handle. The handle will be on |
1390 | * the same slot as the private key. |
1391 | */ |
1392 | static CK_OBJECT_HANDLE |
1393 | seckey_FindPublicKeyHandle(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk) |
1394 | { |
1395 | CK_OBJECT_HANDLE keyID; |
1396 | |
1397 | /* this helper function is only used below. If we want to make this more |
1398 | * general, we would need to free up any already cached handles if the |
1399 | * slot doesn't match up with the private key slot */ |
1400 | PORT_Assert(pubk->pkcs11ID == CK_INVALID_HANDLE)((pubk->pkcs11ID == 0)?((void)0):PR_Assert("pubk->pkcs11ID == CK_INVALID_HANDLE" ,"seckey.c",1400)); |
1401 | |
1402 | /* first look for a matching public key */ |
1403 | keyID = PK11_MatchItem(privk->pkcs11Slot, privk->pkcs11ID, CKO_PUBLIC_KEY0x00000002UL); |
1404 | if (keyID != CK_INVALID_HANDLE0) { |
1405 | return keyID; |
1406 | } |
1407 | |
1408 | /* none found, create a temp one, make the pubk the owner */ |
1409 | pubk->pkcs11ID = PK11_DerivePubKeyFromPrivKey(privk); |
1410 | if (pubk->pkcs11ID == CK_INVALID_HANDLE0) { |
1411 | /* end of the road. Token doesn't have matching public key, nor can |
1412 | * token regenerate a new public key from and existing private key. */ |
1413 | return CK_INVALID_HANDLE0; |
1414 | } |
1415 | pubk->pkcs11Slot = PK11_ReferenceSlot(privk->pkcs11Slot); |
1416 | return pubk->pkcs11ID; |
1417 | } |
1418 | |
1419 | SECKEYPublicKey * |
1420 | SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privk) |
1421 | { |
1422 | SECKEYPublicKey *pubk; |
1423 | PLArenaPool *arena; |
1424 | CERTCertificate *cert; |
1425 | SECStatus rv; |
1426 | CK_OBJECT_HANDLE pubKeyHandle; |
1427 | SECItem decodedPoint; |
1428 | |
1429 | /* |
1430 | * First try to look up the cert. |
1431 | */ |
1432 | cert = PK11_GetCertFromPrivateKey(privk); |
1433 | if (cert) { |
1434 | pubk = CERT_ExtractPublicKey(cert); |
1435 | CERT_DestroyCertificate(cert); |
1436 | return pubk; |
1437 | } |
1438 | |
1439 | /* couldn't find the cert, build pub key by hand */ |
1440 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); |
1441 | if (arena == NULL((void*)0)) { |
1442 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY); |
1443 | return NULL((void*)0); |
1444 | } |
1445 | pubk = (SECKEYPublicKey *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena, |
1446 | sizeof(SECKEYPublicKey)); |
1447 | if (pubk == NULL((void*)0)) { |
1448 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); |
1449 | return NULL((void*)0); |
1450 | } |
1451 | pubk->keyType = privk->keyType; |
1452 | pubk->pkcs11Slot = NULL((void*)0); |
1453 | pubk->pkcs11ID = CK_INVALID_HANDLE0; |
1454 | pubk->arena = arena; |
1455 | |
1456 | switch (privk->keyType) { |
1457 | case nullKey: |
1458 | /* Nothing to query, if the cert isn't there, we're done -- no way |
1459 | * to get the public key */ |
1460 | break; |
1461 | case dsaKey: |
1462 | pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk); |
1463 | if (pubKeyHandle == CK_INVALID_HANDLE0) |
1464 | break; |
1465 | rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, |
1466 | CKA_BASE0x00000132UL, arena, &pubk->u.dsa.params.base); |
1467 | if (rv != SECSuccess) |
1468 | break; |
1469 | rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, |
1470 | CKA_PRIME0x00000130UL, arena, &pubk->u.dsa.params.prime); |
1471 | if (rv != SECSuccess) |
1472 | break; |
1473 | rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, |
1474 | CKA_SUBPRIME0x00000131UL, arena, &pubk->u.dsa.params.subPrime); |
1475 | if (rv != SECSuccess) |
1476 | break; |
1477 | rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, |
1478 | CKA_VALUE0x00000011UL, arena, &pubk->u.dsa.publicValue); |
1479 | if (rv != SECSuccess) |
1480 | break; |
1481 | return pubk; |
1482 | case dhKey: |
1483 | pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk); |
1484 | if (pubKeyHandle == CK_INVALID_HANDLE0) |
1485 | break; |
1486 | rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, |
1487 | CKA_BASE0x00000132UL, arena, &pubk->u.dh.base); |
1488 | if (rv != SECSuccess) |
1489 | break; |
1490 | rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, |
1491 | CKA_PRIME0x00000130UL, arena, &pubk->u.dh.prime); |
1492 | if (rv != SECSuccess) |
1493 | break; |
1494 | rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, |
1495 | CKA_VALUE0x00000011UL, arena, &pubk->u.dh.publicValue); |
1496 | if (rv != SECSuccess) |
1497 | break; |
1498 | return pubk; |
1499 | case rsaKey: |
1500 | rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, |
1501 | CKA_MODULUS0x00000120UL, arena, &pubk->u.rsa.modulus); |
1502 | if (rv != SECSuccess) |
1503 | break; |
1504 | rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, |
1505 | CKA_PUBLIC_EXPONENT0x00000122UL, arena, &pubk->u.rsa.publicExponent); |
1506 | if (rv != SECSuccess) |
1507 | break; |
1508 | return pubk; |
1509 | case ecKey: |
1510 | rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, |
1511 | CKA_EC_PARAMS0x00000180UL, arena, &pubk->u.ec.DEREncodedParams); |
1512 | if (rv != SECSuccess) { |
1513 | break; |
1514 | } |
1515 | rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, |
1516 | CKA_EC_POINT0x00000181UL, arena, &pubk->u.ec.publicValue); |
1517 | if (rv != SECSuccess || pubk->u.ec.publicValue.len == 0) { |
1518 | pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk); |
1519 | if (pubKeyHandle == CK_INVALID_HANDLE0) |
1520 | break; |
1521 | rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, |
1522 | CKA_EC_POINT0x00000181UL, arena, &pubk->u.ec.publicValue); |
1523 | if (rv != SECSuccess) |
1524 | break; |
1525 | } |
1526 | /* ec.publicValue should be decoded, PKCS #11 defines CKA_EC_POINT |
1527 | * as encoded, but it's not always. try do decoded it and if it |
1528 | * succeeds store the decoded value */ |
1529 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, &decodedPoint, |
1530 | SEC_ASN1_GET(SEC_OctetStringTemplate)SEC_OctetStringTemplate_Util, &pubk->u.ec.publicValue); |
1531 | if (rv == SECSuccess) { |
1532 | /* both values are in the public key arena, so it's safe to |
1533 | * overwrite the old value */ |
1534 | pubk->u.ec.publicValue = decodedPoint; |
1535 | } |
1536 | |
1537 | pubk->u.ec.encoding = ECPoint_Undefined; |
1538 | return pubk; |
1539 | case edKey: |
1540 | rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, |
1541 | CKA_EC_PARAMS0x00000180UL, arena, &pubk->u.ec.DEREncodedParams); |
1542 | if (rv != SECSuccess) { |
1543 | break; |
1544 | } |
1545 | rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID, |
1546 | CKA_EC_POINT0x00000181UL, arena, &pubk->u.ec.publicValue); |
1547 | if (rv != SECSuccess || pubk->u.ec.publicValue.len == 0) { |
1548 | pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk); |
1549 | if (pubKeyHandle == CK_INVALID_HANDLE0) { |
1550 | break; |
1551 | } |
1552 | rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle, |
1553 | CKA_EC_POINT0x00000181UL, arena, &pubk->u.ec.publicValue); |
1554 | if (rv != SECSuccess) { |
1555 | break; |
1556 | } |
1557 | } |
1558 | pubk->u.ec.encoding = ECPoint_Undefined; |
1559 | return pubk; |
1560 | default: |
1561 | break; |
1562 | } |
1563 | |
1564 | /* must use Destroy public key here, because some paths create temporary |
1565 | * PKCS #11 objects which need to be freed */ |
1566 | SECKEY_DestroyPublicKey(pubk); |
1567 | return NULL((void*)0); |
1568 | } |
1569 | |
1570 | static CERTSubjectPublicKeyInfo * |
1571 | seckey_CreateSubjectPublicKeyInfo_helper(SECKEYPublicKey *pubk) |
1572 | { |
1573 | CERTSubjectPublicKeyInfo *spki; |
1574 | PLArenaPool *arena; |
1575 | SECItem params = { siBuffer, NULL((void*)0), 0 }; |
1576 | SECOidTag tag; |
1577 | |
1578 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); |
1579 | if (arena == NULL((void*)0)) { |
1580 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY); |
1581 | return NULL((void*)0); |
1582 | } |
1583 | |
1584 | spki = (CERTSubjectPublicKeyInfo *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena, sizeof(*spki)); |
1585 | if (spki != NULL((void*)0)) { |
1586 | SECStatus rv; |
1587 | SECItem *rv_item; |
1588 | |
1589 | spki->arena = arena; |
1590 | switch (pubk->keyType) { |
1591 | case rsaKey: |
1592 | rv = SECOID_SetAlgorithmIDSECOID_SetAlgorithmID_Util(arena, &spki->algorithm, |
1593 | SEC_OID_PKCS1_RSA_ENCRYPTION, 0); |
1594 | if (rv == SECSuccess) { |
1595 | /* |
1596 | * DER encode the public key into the subjectPublicKeyInfo. |
1597 | */ |
1598 | prepare_rsa_pub_key_for_asn1(pubk); |
1599 | rv_item = SEC_ASN1EncodeItemSEC_ASN1EncodeItem_Util(arena, &spki->subjectPublicKey, |
1600 | pubk, SECKEY_RSAPublicKeyTemplate); |
1601 | if (rv_item != NULL((void*)0)) { |
1602 | /* |
1603 | * The stored value is supposed to be a BIT_STRING, |
1604 | * so convert the length. |
1605 | */ |
1606 | spki->subjectPublicKey.len <<= 3; |
1607 | /* |
1608 | * We got a good one; return it. |
1609 | */ |
1610 | return spki; |
1611 | } |
1612 | } |
1613 | break; |
1614 | case dsaKey: |
1615 | /* DER encode the params. */ |
1616 | prepare_pqg_params_for_asn1(&pubk->u.dsa.params); |
1617 | rv_item = SEC_ASN1EncodeItemSEC_ASN1EncodeItem_Util(arena, ¶ms, &pubk->u.dsa.params, |
1618 | SECKEY_PQGParamsTemplate); |
1619 | if (rv_item != NULL((void*)0)) { |
1620 | rv = SECOID_SetAlgorithmIDSECOID_SetAlgorithmID_Util(arena, &spki->algorithm, |
1621 | SEC_OID_ANSIX9_DSA_SIGNATURE, |
1622 | ¶ms); |
1623 | if (rv == SECSuccess) { |
1624 | /* |
1625 | * DER encode the public key into the subjectPublicKeyInfo. |
1626 | */ |
1627 | prepare_dsa_pub_key_for_asn1(pubk); |
1628 | rv_item = SEC_ASN1EncodeItemSEC_ASN1EncodeItem_Util(arena, &spki->subjectPublicKey, |
1629 | pubk, |
1630 | SECKEY_DSAPublicKeyTemplate); |
1631 | if (rv_item != NULL((void*)0)) { |
1632 | /* |
1633 | * The stored value is supposed to be a BIT_STRING, |
1634 | * so convert the length. |
1635 | */ |
1636 | spki->subjectPublicKey.len <<= 3; |
1637 | /* |
1638 | * We got a good one; return it. |
1639 | */ |
1640 | return spki; |
1641 | } |
1642 | } |
1643 | } |
1644 | SECITEM_FreeItemSECITEM_FreeItem_Util(¶ms, PR_FALSE0); |
1645 | break; |
1646 | case ecKey: |
1647 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, ¶ms, |
1648 | &pubk->u.ec.DEREncodedParams); |
1649 | if (rv != SECSuccess) { |
1650 | break; |
1651 | } |
1652 | |
1653 | tag = SEC_OID_ANSIX962_EC_PUBLIC_KEY; |
1654 | rv = SECOID_SetAlgorithmIDSECOID_SetAlgorithmID_Util(arena, &spki->algorithm, |
1655 | tag, |
1656 | ¶ms); |
1657 | if (rv != SECSuccess) { |
1658 | break; |
1659 | } |
1660 | |
1661 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &spki->subjectPublicKey, |
1662 | &pubk->u.ec.publicValue); |
1663 | |
1664 | if (rv == SECSuccess) { |
1665 | /* |
1666 | * The stored value is supposed to be a BIT_STRING, |
1667 | * so convert the length. |
1668 | */ |
1669 | spki->subjectPublicKey.len <<= 3; |
1670 | /* |
1671 | * We got a good one; return it. |
1672 | */ |
1673 | return spki; |
1674 | } |
1675 | break; |
1676 | case edKey: |
1677 | tag = SECKEY_GetECCOid(&pubk->u.ec.DEREncodedParams); |
1678 | rv = SECOID_SetAlgorithmIDSECOID_SetAlgorithmID_Util(arena, &spki->algorithm, |
1679 | tag, |
1680 | ¶ms); |
1681 | if (rv != SECSuccess) { |
1682 | break; |
1683 | } |
1684 | |
1685 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &spki->subjectPublicKey, |
1686 | &pubk->u.ec.publicValue); |
1687 | |
1688 | if (rv == SECSuccess) { |
1689 | /* |
1690 | * The stored value is supposed to be a BIT_STRING, |
1691 | * so convert the length. |
1692 | */ |
1693 | spki->subjectPublicKey.len <<= 3; |
1694 | /* |
1695 | * We got a good one; return it. |
1696 | */ |
1697 | return spki; |
1698 | } |
1699 | break; |
1700 | case dhKey: /* later... */ |
1701 | |
1702 | break; |
1703 | default: |
1704 | break; |
1705 | } |
1706 | } else { |
1707 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY); |
1708 | } |
1709 | |
1710 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); |
1711 | return NULL((void*)0); |
1712 | } |
1713 | |
1714 | CERTSubjectPublicKeyInfo * |
1715 | SECKEY_CreateSubjectPublicKeyInfo(const SECKEYPublicKey *pubk) |
1716 | { |
1717 | CERTSubjectPublicKeyInfo *spki; |
1718 | SECKEYPublicKey *tempKey; |
1719 | |
1720 | if (!pubk) { |
1721 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_ARGS); |
1722 | return NULL((void*)0); |
1723 | } |
1724 | |
1725 | tempKey = SECKEY_CopyPublicKey(pubk); |
1726 | if (!tempKey) { |
1727 | return NULL((void*)0); |
1728 | } |
1729 | spki = seckey_CreateSubjectPublicKeyInfo_helper(tempKey); |
1730 | SECKEY_DestroyPublicKey(tempKey); |
1731 | return spki; |
1732 | } |
1733 | |
1734 | void |
1735 | SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki) |
1736 | { |
1737 | if (spki && spki->arena) { |
1738 | PORT_FreeArenaPORT_FreeArena_Util(spki->arena, PR_FALSE0); |
1739 | } |
1740 | } |
1741 | |
1742 | SECItem * |
1743 | SECKEY_EncodeDERSubjectPublicKeyInfo(const SECKEYPublicKey *pubk) |
1744 | { |
1745 | CERTSubjectPublicKeyInfo *spki = NULL((void*)0); |
1746 | SECItem *spkiDER = NULL((void*)0); |
1747 | |
1748 | /* get the subjectpublickeyinfo */ |
1749 | spki = SECKEY_CreateSubjectPublicKeyInfo(pubk); |
1750 | if (spki == NULL((void*)0)) { |
1751 | goto finish; |
1752 | } |
1753 | |
1754 | /* DER-encode the subjectpublickeyinfo */ |
1755 | spkiDER = SEC_ASN1EncodeItemSEC_ASN1EncodeItem_Util(NULL((void*)0) /*arena*/, NULL((void*)0) /*dest*/, spki, |
1756 | CERT_SubjectPublicKeyInfoTemplate); |
1757 | |
1758 | SECKEY_DestroySubjectPublicKeyInfo(spki); |
1759 | |
1760 | finish: |
1761 | return spkiDER; |
1762 | } |
1763 | |
1764 | CERTSubjectPublicKeyInfo * |
1765 | SECKEY_DecodeDERSubjectPublicKeyInfo(const SECItem *spkider) |
1766 | { |
1767 | PLArenaPool *arena; |
1768 | CERTSubjectPublicKeyInfo *spki; |
1769 | SECStatus rv; |
1770 | SECItem newSpkider; |
1771 | |
1772 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); |
1773 | if (arena == NULL((void*)0)) { |
1774 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY); |
1775 | return NULL((void*)0); |
1776 | } |
1777 | |
1778 | spki = (CERTSubjectPublicKeyInfo *) |
1779 | PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena, sizeof(CERTSubjectPublicKeyInfo)); |
1780 | if (spki != NULL((void*)0)) { |
1781 | spki->arena = arena; |
1782 | |
1783 | /* copy the DER into the arena, since Quick DER returns data that points |
1784 | into the DER input, which may get freed by the caller */ |
1785 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(arena, &newSpkider, spkider); |
1786 | if (rv == SECSuccess) { |
1787 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, spki, |
1788 | CERT_SubjectPublicKeyInfoTemplate, &newSpkider); |
1789 | } |
1790 | if (rv == SECSuccess) { |
1791 | return spki; |
1792 | } |
1793 | } else { |
1794 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY); |
1795 | } |
1796 | |
1797 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); |
1798 | return NULL((void*)0); |
1799 | } |
1800 | |
1801 | /* |
1802 | * Decode a base64 ascii encoded DER encoded subject public key info. |
1803 | */ |
1804 | CERTSubjectPublicKeyInfo * |
1805 | SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(const char *spkistr) |
1806 | { |
1807 | CERTSubjectPublicKeyInfo *spki; |
1808 | SECStatus rv; |
1809 | SECItem der; |
1810 | |
1811 | rv = ATOB_ConvertAsciiToItemATOB_ConvertAsciiToItem_Util(&der, spkistr); |
1812 | if (rv != SECSuccess) |
1813 | return NULL((void*)0); |
1814 | |
1815 | spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&der); |
1816 | |
1817 | PORT_FreePORT_Free_Util(der.data); |
1818 | return spki; |
1819 | } |
1820 | |
1821 | /* |
1822 | * Decode a base64 ascii encoded DER encoded public key and challenge |
1823 | * Verify digital signature and make sure challenge matches |
1824 | */ |
1825 | CERTSubjectPublicKeyInfo * |
1826 | SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge, |
1827 | void *wincx) |
1828 | { |
1829 | CERTSubjectPublicKeyInfo *spki = NULL((void*)0); |
1830 | CERTPublicKeyAndChallenge pkac; |
1831 | SECStatus rv; |
1832 | SECItem signedItem; |
1833 | PLArenaPool *arena = NULL((void*)0); |
1834 | CERTSignedData sd; |
1835 | SECItem sig; |
1836 | SECKEYPublicKey *pubKey = NULL((void*)0); |
1837 | unsigned int len; |
1838 | |
1839 | signedItem.data = NULL((void*)0); |
1840 | |
1841 | /* convert the base64 encoded data to binary */ |
1842 | rv = ATOB_ConvertAsciiToItemATOB_ConvertAsciiToItem_Util(&signedItem, pkacstr); |
1843 | if (rv != SECSuccess) { |
1844 | goto loser; |
1845 | } |
1846 | |
1847 | /* create an arena */ |
1848 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); |
1849 | if (arena == NULL((void*)0)) { |
1850 | goto loser; |
1851 | } |
1852 | |
1853 | /* decode the outer wrapping of signed data */ |
1854 | PORT_Memsetmemset(&sd, 0, sizeof(CERTSignedData)); |
1855 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, &sd, CERT_SignedDataTemplate, &signedItem); |
1856 | if (rv) { |
1857 | goto loser; |
1858 | } |
1859 | |
1860 | /* decode the public key and challenge wrapper */ |
1861 | PORT_Memsetmemset(&pkac, 0, sizeof(CERTPublicKeyAndChallenge)); |
1862 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, &pkac, CERT_PublicKeyAndChallengeTemplate, |
1863 | &sd.data); |
1864 | if (rv) { |
1865 | goto loser; |
1866 | } |
1867 | |
1868 | /* decode the subject public key info */ |
1869 | spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&pkac.spki); |
1870 | if (spki == NULL((void*)0)) { |
1871 | goto loser; |
1872 | } |
1873 | |
1874 | /* get the public key */ |
1875 | pubKey = seckey_ExtractPublicKey(spki); |
1876 | if (pubKey == NULL((void*)0)) { |
1877 | goto loser; |
1878 | } |
1879 | |
1880 | /* check the signature */ |
1881 | sig = sd.signature; |
1882 | DER_ConvertBitString(&sig){ (&sig)->len = ((&sig)->len + 7) >> 3; }; |
1883 | rv = VFY_VerifyDataWithAlgorithmID(sd.data.data, sd.data.len, pubKey, &sig, |
1884 | &(sd.signatureAlgorithm), NULL((void*)0), wincx); |
1885 | if (rv != SECSuccess) { |
1886 | goto loser; |
1887 | } |
1888 | |
1889 | /* check the challenge */ |
1890 | if (challenge) { |
1891 | len = PORT_Strlen(challenge)strlen(challenge); |
1892 | /* length is right */ |
1893 | if (len != pkac.challenge.len) { |
1894 | goto loser; |
1895 | } |
1896 | /* actual data is right */ |
1897 | if (PORT_Memcmpmemcmp(challenge, pkac.challenge.data, len) != 0) { |
1898 | goto loser; |
1899 | } |
1900 | } |
1901 | goto done; |
1902 | |
1903 | loser: |
1904 | /* make sure that we return null if we got an error */ |
1905 | if (spki) { |
1906 | SECKEY_DestroySubjectPublicKeyInfo(spki); |
1907 | } |
1908 | spki = NULL((void*)0); |
1909 | |
1910 | done: |
1911 | if (signedItem.data) { |
1912 | PORT_FreePORT_Free_Util(signedItem.data); |
1913 | } |
1914 | if (arena) { |
1915 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); |
1916 | } |
1917 | if (pubKey) { |
1918 | SECKEY_DestroyPublicKey(pubKey); |
1919 | } |
1920 | |
1921 | return spki; |
1922 | } |
1923 | |
1924 | void |
1925 | SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk, |
1926 | PRBool freeit) |
1927 | { |
1928 | PLArenaPool *poolp; |
1929 | |
1930 | if (pvk != NULL((void*)0)) { |
1931 | if (pvk->arena) { |
1932 | poolp = pvk->arena; |
1933 | /* zero structure since PORT_FreeArena does not support |
1934 | * this yet. |
1935 | */ |
1936 | PORT_Memsetmemset(pvk->privateKey.data, 0, pvk->privateKey.len); |
1937 | PORT_Memsetmemset(pvk, 0, sizeof(*pvk)); |
1938 | if (freeit == PR_TRUE1) { |
1939 | PORT_FreeArenaPORT_FreeArena_Util(poolp, PR_TRUE1); |
1940 | } else { |
1941 | pvk->arena = poolp; |
1942 | } |
1943 | } else { |
1944 | SECITEM_ZfreeItemSECITEM_ZfreeItem_Util(&pvk->version, PR_FALSE0); |
1945 | SECITEM_ZfreeItemSECITEM_ZfreeItem_Util(&pvk->privateKey, PR_FALSE0); |
1946 | SECOID_DestroyAlgorithmIDSECOID_DestroyAlgorithmID_Util(&pvk->algorithm, PR_FALSE0); |
1947 | PORT_Memsetmemset(pvk, 0, sizeof(*pvk)); |
1948 | if (freeit == PR_TRUE1) { |
1949 | PORT_FreePORT_Free_Util(pvk); |
1950 | } |
1951 | } |
1952 | } |
1953 | } |
1954 | |
1955 | void |
1956 | SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki, |
1957 | PRBool freeit) |
1958 | { |
1959 | PLArenaPool *poolp; |
1960 | |
1961 | if (epki != NULL((void*)0)) { |
1962 | if (epki->arena) { |
1963 | poolp = epki->arena; |
1964 | /* zero structure since PORT_FreeArena does not support |
1965 | * this yet. |
1966 | */ |
1967 | PORT_Memsetmemset(epki->encryptedData.data, 0, epki->encryptedData.len); |
1968 | PORT_Memsetmemset(epki, 0, sizeof(*epki)); |
1969 | if (freeit == PR_TRUE1) { |
1970 | PORT_FreeArenaPORT_FreeArena_Util(poolp, PR_TRUE1); |
1971 | } else { |
1972 | epki->arena = poolp; |
1973 | } |
1974 | } else { |
1975 | SECITEM_ZfreeItemSECITEM_ZfreeItem_Util(&epki->encryptedData, PR_FALSE0); |
1976 | SECOID_DestroyAlgorithmIDSECOID_DestroyAlgorithmID_Util(&epki->algorithm, PR_FALSE0); |
1977 | PORT_Memsetmemset(epki, 0, sizeof(*epki)); |
1978 | if (freeit == PR_TRUE1) { |
1979 | PORT_FreePORT_Free_Util(epki); |
1980 | } |
1981 | } |
1982 | } |
1983 | } |
1984 | |
1985 | SECStatus |
1986 | SECKEY_CopyPrivateKeyInfo(PLArenaPool *poolp, |
1987 | SECKEYPrivateKeyInfo *to, |
1988 | const SECKEYPrivateKeyInfo *from) |
1989 | { |
1990 | SECStatus rv = SECFailure; |
1991 | |
1992 | if ((to == NULL((void*)0)) || (from == NULL((void*)0))) { |
1993 | return SECFailure; |
1994 | } |
1995 | |
1996 | rv = SECOID_CopyAlgorithmIDSECOID_CopyAlgorithmID_Util(poolp, &to->algorithm, &from->algorithm); |
1997 | if (rv != SECSuccess) { |
1998 | return SECFailure; |
1999 | } |
2000 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(poolp, &to->privateKey, &from->privateKey); |
2001 | if (rv != SECSuccess) { |
2002 | return SECFailure; |
2003 | } |
2004 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(poolp, &to->version, &from->version); |
2005 | |
2006 | return rv; |
2007 | } |
2008 | |
2009 | SECStatus |
2010 | SECKEY_CopyEncryptedPrivateKeyInfo(PLArenaPool *poolp, |
2011 | SECKEYEncryptedPrivateKeyInfo *to, |
2012 | const SECKEYEncryptedPrivateKeyInfo *from) |
2013 | { |
2014 | SECStatus rv = SECFailure; |
2015 | |
2016 | if ((to == NULL((void*)0)) || (from == NULL((void*)0))) { |
2017 | return SECFailure; |
2018 | } |
2019 | |
2020 | rv = SECOID_CopyAlgorithmIDSECOID_CopyAlgorithmID_Util(poolp, &to->algorithm, &from->algorithm); |
2021 | if (rv != SECSuccess) { |
2022 | return SECFailure; |
2023 | } |
2024 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(poolp, &to->encryptedData, &from->encryptedData); |
2025 | |
2026 | return rv; |
2027 | } |
2028 | |
2029 | KeyType |
2030 | SECKEY_GetPrivateKeyType(const SECKEYPrivateKey *privKey) |
2031 | { |
2032 | return privKey->keyType; |
2033 | } |
2034 | |
2035 | KeyType |
2036 | SECKEY_GetPublicKeyType(const SECKEYPublicKey *pubKey) |
2037 | { |
2038 | return pubKey->keyType; |
2039 | } |
2040 | |
2041 | SECKEYPublicKey * |
2042 | SECKEY_ImportDERPublicKey(const SECItem *derKey, CK_KEY_TYPE type) |
2043 | { |
2044 | SECKEYPublicKey *pubk = NULL((void*)0); |
2045 | SECStatus rv = SECFailure; |
2046 | SECItem newDerKey; |
2047 | PLArenaPool *arena = NULL((void*)0); |
2048 | |
2049 | if (!derKey) { |
2050 | return NULL((void*)0); |
2051 | } |
2052 | |
2053 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); |
2054 | if (arena == NULL((void*)0)) { |
2055 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_NO_MEMORY); |
2056 | goto finish; |
2057 | } |
2058 | |
2059 | pubk = PORT_ArenaZNew(arena, SECKEYPublicKey)(SECKEYPublicKey *)PORT_ArenaZAlloc_Util(arena, sizeof(SECKEYPublicKey )); |
2060 | if (pubk == NULL((void*)0)) { |
2061 | goto finish; |
2062 | } |
2063 | pubk->arena = arena; |
2064 | |
2065 | rv = SECITEM_CopyItemSECITEM_CopyItem_Util(pubk->arena, &newDerKey, derKey); |
2066 | if (SECSuccess != rv) { |
2067 | goto finish; |
2068 | } |
2069 | |
2070 | pubk->pkcs11Slot = NULL((void*)0); |
2071 | pubk->pkcs11ID = CK_INVALID_HANDLE0; |
2072 | |
2073 | switch (type) { |
2074 | case CKK_RSA0x00000000UL: |
2075 | prepare_rsa_pub_key_for_asn1(pubk); |
2076 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(pubk->arena, pubk, SECKEY_RSAPublicKeyTemplate, &newDerKey); |
2077 | pubk->keyType = rsaKey; |
2078 | break; |
2079 | case CKK_DSA0x00000001UL: |
2080 | prepare_dsa_pub_key_for_asn1(pubk); |
2081 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(pubk->arena, pubk, SECKEY_DSAPublicKeyTemplate, &newDerKey); |
2082 | pubk->keyType = dsaKey; |
2083 | break; |
2084 | case CKK_DH0x00000002UL: |
2085 | prepare_dh_pub_key_for_asn1(pubk); |
2086 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(pubk->arena, pubk, SECKEY_DHPublicKeyTemplate, &newDerKey); |
2087 | pubk->keyType = dhKey; |
2088 | break; |
2089 | default: |
2090 | rv = SECFailure; |
2091 | break; |
2092 | } |
2093 | |
2094 | finish: |
2095 | if (rv != SECSuccess) { |
2096 | if (arena != NULL((void*)0)) { |
2097 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); |
2098 | } |
2099 | pubk = NULL((void*)0); |
2100 | } |
2101 | return pubk; |
2102 | } |
2103 | |
2104 | SECKEYPrivateKeyList * |
2105 | SECKEY_NewPrivateKeyList(void) |
2106 | { |
2107 | PLArenaPool *arena = NULL((void*)0); |
2108 | SECKEYPrivateKeyList *ret = NULL((void*)0); |
2109 | |
2110 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); |
2111 | if (arena == NULL((void*)0)) { |
2112 | goto loser; |
2113 | } |
2114 | |
2115 | ret = (SECKEYPrivateKeyList *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena, |
2116 | sizeof(SECKEYPrivateKeyList)); |
2117 | if (ret == NULL((void*)0)) { |
2118 | goto loser; |
2119 | } |
2120 | |
2121 | ret->arena = arena; |
2122 | |
2123 | PR_INIT_CLIST(&ret->list)do { (&ret->list)->next = (&ret->list); (& ret->list)->prev = (&ret->list); } while (0); |
2124 | |
2125 | return (ret); |
2126 | |
2127 | loser: |
2128 | if (arena != NULL((void*)0)) { |
2129 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); |
2130 | } |
2131 | |
2132 | return (NULL((void*)0)); |
2133 | } |
2134 | |
2135 | void |
2136 | SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys) |
2137 | { |
2138 | while (!PR_CLIST_IS_EMPTY(&keys->list)((&keys->list)->next == (&keys->list))) { |
2139 | SECKEY_RemovePrivateKeyListNode( |
2140 | (SECKEYPrivateKeyListNode *)(PR_LIST_HEAD(&keys->list)(&keys->list)->next)); |
2141 | } |
2142 | |
2143 | PORT_FreeArenaPORT_FreeArena_Util(keys->arena, PR_FALSE0); |
2144 | |
2145 | return; |
2146 | } |
2147 | |
2148 | void |
2149 | SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node) |
2150 | { |
2151 | PR_ASSERT(node->key)((node->key)?((void)0):PR_Assert("node->key","seckey.c" ,2151)); |
2152 | SECKEY_DestroyPrivateKey(node->key); |
2153 | node->key = NULL((void*)0); |
2154 | PR_REMOVE_LINK(&node->links)do { (&node->links)->prev->next = (&node-> links)->next; (&node->links)->next->prev = (& node->links)->prev; } while (0); |
2155 | return; |
2156 | } |
2157 | |
2158 | SECStatus |
2159 | SECKEY_AddPrivateKeyToListTail(SECKEYPrivateKeyList *list, |
2160 | SECKEYPrivateKey *key) |
2161 | { |
2162 | SECKEYPrivateKeyListNode *node; |
2163 | |
2164 | node = (SECKEYPrivateKeyListNode *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(list->arena, |
2165 | sizeof(SECKEYPrivateKeyListNode)); |
2166 | if (node == NULL((void*)0)) { |
2167 | goto loser; |
2168 | } |
2169 | |
2170 | PR_INSERT_BEFORE(&node->links, &list->list)do { (&node->links)->next = (&list->list); ( &node->links)->prev = (&list->list)->prev ; (&list->list)->prev->next = (&node->links ); (&list->list)->prev = (&node->links); } while (0); |
2171 | node->key = key; |
2172 | return (SECSuccess); |
2173 | |
2174 | loser: |
2175 | return (SECFailure); |
2176 | } |
2177 | |
2178 | SECKEYPublicKeyList * |
2179 | SECKEY_NewPublicKeyList(void) |
2180 | { |
2181 | PLArenaPool *arena = NULL((void*)0); |
2182 | SECKEYPublicKeyList *ret = NULL((void*)0); |
2183 | |
2184 | arena = PORT_NewArenaPORT_NewArena_Util(DER_DEFAULT_CHUNKSIZE(2048)); |
2185 | if (arena == NULL((void*)0)) { |
2186 | goto loser; |
2187 | } |
2188 | |
2189 | ret = (SECKEYPublicKeyList *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(arena, |
2190 | sizeof(SECKEYPublicKeyList)); |
2191 | if (ret == NULL((void*)0)) { |
2192 | goto loser; |
2193 | } |
2194 | |
2195 | ret->arena = arena; |
2196 | |
2197 | PR_INIT_CLIST(&ret->list)do { (&ret->list)->next = (&ret->list); (& ret->list)->prev = (&ret->list); } while (0); |
2198 | |
2199 | return (ret); |
2200 | |
2201 | loser: |
2202 | if (arena != NULL((void*)0)) { |
2203 | PORT_FreeArenaPORT_FreeArena_Util(arena, PR_FALSE0); |
2204 | } |
2205 | |
2206 | return (NULL((void*)0)); |
2207 | } |
2208 | |
2209 | void |
2210 | SECKEY_DestroyPublicKeyList(SECKEYPublicKeyList *keys) |
2211 | { |
2212 | while (!PR_CLIST_IS_EMPTY(&keys->list)((&keys->list)->next == (&keys->list))) { |
2213 | SECKEY_RemovePublicKeyListNode( |
2214 | (SECKEYPublicKeyListNode *)(PR_LIST_HEAD(&keys->list)(&keys->list)->next)); |
2215 | } |
2216 | |
2217 | PORT_FreeArenaPORT_FreeArena_Util(keys->arena, PR_FALSE0); |
2218 | |
2219 | return; |
2220 | } |
2221 | |
2222 | void |
2223 | SECKEY_RemovePublicKeyListNode(SECKEYPublicKeyListNode *node) |
2224 | { |
2225 | PR_ASSERT(node->key)((node->key)?((void)0):PR_Assert("node->key","seckey.c" ,2225)); |
2226 | SECKEY_DestroyPublicKey(node->key); |
2227 | node->key = NULL((void*)0); |
2228 | PR_REMOVE_LINK(&node->links)do { (&node->links)->prev->next = (&node-> links)->next; (&node->links)->next->prev = (& node->links)->prev; } while (0); |
2229 | return; |
2230 | } |
2231 | |
2232 | SECStatus |
2233 | SECKEY_AddPublicKeyToListTail(SECKEYPublicKeyList *list, |
2234 | SECKEYPublicKey *key) |
2235 | { |
2236 | SECKEYPublicKeyListNode *node; |
2237 | |
2238 | node = (SECKEYPublicKeyListNode *)PORT_ArenaZAllocPORT_ArenaZAlloc_Util(list->arena, |
2239 | sizeof(SECKEYPublicKeyListNode)); |
2240 | if (node == NULL((void*)0)) { |
2241 | goto loser; |
2242 | } |
2243 | |
2244 | PR_INSERT_BEFORE(&node->links, &list->list)do { (&node->links)->next = (&list->list); ( &node->links)->prev = (&list->list)->prev ; (&list->list)->prev->next = (&node->links ); (&list->list)->prev = (&node->links); } while (0); |
2245 | node->key = key; |
2246 | return (SECSuccess); |
2247 | |
2248 | loser: |
2249 | return (SECFailure); |
2250 | } |
2251 | |
2252 | #define SECKEY_CacheAttribute(key, attribute)if (1 == PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID , attribute, 0)) { key->staticflags |= SECKEY_attribute; } else { key->staticflags &= (~SECKEY_attribute); } \ |
2253 | if (CK_TRUE1 == PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID, attribute, PR_FALSE0)) { \ |
2254 | key->staticflags |= SECKEY_##attribute; \ |
2255 | } else { \ |
2256 | key->staticflags &= (~SECKEY_##attribute); \ |
2257 | } |
2258 | |
2259 | SECStatus |
2260 | SECKEY_CacheStaticFlags(SECKEYPrivateKey *key) |
2261 | { |
2262 | SECStatus rv = SECFailure; |
2263 | if (key && key->pkcs11Slot && key->pkcs11ID) { |
2264 | key->staticflags |= SECKEY_Attributes_Cached0x1; |
2265 | SECKEY_CacheAttribute(key, CKA_PRIVATE)if (1 == PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID , 0x00000002UL, 0)) { key->staticflags |= (1U << 1); } else { key->staticflags &= (~(1U << 1)); }; |
2266 | SECKEY_CacheAttribute(key, CKA_ALWAYS_AUTHENTICATE)if (1 == PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID , 0x00000202UL, 0)) { key->staticflags |= (1U << 2); } else { key->staticflags &= (~(1U << 2)); }; |
2267 | rv = SECSuccess; |
2268 | } |
2269 | return rv; |
2270 | } |
2271 | |
2272 | SECOidTag |
2273 | SECKEY_GetECCOid(const SECKEYECParams *params) |
2274 | { |
2275 | SECItem oid = { siBuffer, NULL((void*)0), 0 }; |
2276 | SECOidData *oidData = NULL((void*)0); |
2277 | |
2278 | /* |
2279 | * params->data needs to contain the ASN encoding of an object ID (OID) |
2280 | * representing a named curve. Here, we strip away everything |
2281 | * before the actual OID and use the OID to look up a named curve. |
2282 | */ |
2283 | if (params->data[0] != SEC_ASN1_OBJECT_ID0x06) |
2284 | return 0; |
2285 | oid.len = params->len - 2; |
2286 | oid.data = params->data + 2; |
2287 | if ((oidData = SECOID_FindOIDSECOID_FindOID_Util(&oid)) == NULL((void*)0)) |
2288 | return 0; |
2289 | |
2290 | return oidData->offset; |
2291 | } |
2292 | |
2293 | static CK_MECHANISM_TYPE |
2294 | sec_GetHashMechanismByOidTag(SECOidTag tag) |
2295 | { |
2296 | switch (tag) { |
2297 | case SEC_OID_SHA512: |
2298 | return CKM_SHA5120x00000270UL; |
2299 | case SEC_OID_SHA384: |
2300 | return CKM_SHA3840x00000260UL; |
2301 | case SEC_OID_SHA256: |
2302 | return CKM_SHA2560x00000250UL; |
2303 | case SEC_OID_SHA224: |
2304 | return CKM_SHA2240x00000255UL; |
2305 | case SEC_OID_SHA1: |
2306 | return CKM_SHA_10x00000220UL; |
2307 | default: |
2308 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_ALGORITHM); |
2309 | return CKM_INVALID_MECHANISM0xffffffffUL; |
2310 | } |
2311 | } |
2312 | |
2313 | CK_RSA_PKCS_MGF_TYPE |
2314 | SEC_GetMgfTypeByOidTag(SECOidTag tag) |
2315 | { |
2316 | switch (tag) { |
2317 | case SEC_OID_SHA3_512: |
2318 | return CKG_MGF1_SHA3_5120x00000009UL; |
2319 | case SEC_OID_SHA3_384: |
2320 | return CKG_MGF1_SHA3_3840x00000008UL; |
2321 | case SEC_OID_SHA3_256: |
2322 | return CKG_MGF1_SHA3_2560x00000007UL; |
2323 | case SEC_OID_SHA3_224: |
2324 | return CKG_MGF1_SHA3_2240x00000006UL; |
2325 | case SEC_OID_SHA512: |
2326 | return CKG_MGF1_SHA5120x00000004UL; |
2327 | case SEC_OID_SHA384: |
2328 | return CKG_MGF1_SHA3840x00000003UL; |
2329 | case SEC_OID_SHA256: |
2330 | return CKG_MGF1_SHA2560x00000002UL; |
2331 | case SEC_OID_SHA224: |
2332 | return CKG_MGF1_SHA2240x00000005UL; |
2333 | case SEC_OID_SHA1: |
2334 | return CKG_MGF1_SHA10x00000001UL; |
2335 | default: |
2336 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_ALGORITHM); |
2337 | return 0; |
2338 | } |
2339 | } |
2340 | |
2341 | SECStatus |
2342 | sec_DecodeRSAPSSParams(PLArenaPool *arena, |
2343 | const SECItem *params, |
2344 | SECOidTag *retHashAlg, SECOidTag *retMaskHashAlg, |
2345 | unsigned long *retSaltLength) |
2346 | { |
2347 | SECKEYRSAPSSParams pssParams; |
2348 | SECOidTag hashAlg; |
2349 | SECOidTag maskHashAlg; |
2350 | unsigned long saltLength; |
2351 | unsigned long trailerField; |
2352 | SECStatus rv; |
2353 | |
2354 | PORT_Memsetmemset(&pssParams, 0, sizeof(pssParams)); |
2355 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, &pssParams, |
2356 | SECKEY_RSAPSSParamsTemplate, |
2357 | params); |
2358 | if (rv != SECSuccess) { |
2359 | return rv; |
2360 | } |
2361 | |
2362 | if (pssParams.hashAlg) { |
2363 | hashAlg = SECOID_GetAlgorithmTagSECOID_GetAlgorithmTag_Util(pssParams.hashAlg); |
2364 | } else { |
2365 | hashAlg = SEC_OID_SHA1; /* default, SHA-1 */ |
2366 | } |
2367 | |
2368 | if (pssParams.maskAlg) { |
2369 | SECAlgorithmID algId; |
2370 | |
2371 | if (SECOID_GetAlgorithmTagSECOID_GetAlgorithmTag_Util(pssParams.maskAlg) != SEC_OID_PKCS1_MGF1) { |
2372 | /* only MGF1 is known to PKCS#11 */ |
2373 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_ALGORITHM); |
2374 | return SECFailure; |
2375 | } |
2376 | |
2377 | rv = SEC_QuickDERDecodeItemSEC_QuickDERDecodeItem_Util(arena, &algId, |
2378 | SEC_ASN1_GET(SECOID_AlgorithmIDTemplate)SECOID_AlgorithmIDTemplate_Util, |
2379 | &pssParams.maskAlg->parameters); |
2380 | if (rv != SECSuccess) { |
2381 | return rv; |
2382 | } |
2383 | maskHashAlg = SECOID_GetAlgorithmTagSECOID_GetAlgorithmTag_Util(&algId); |
2384 | } else { |
2385 | maskHashAlg = SEC_OID_SHA1; /* default, MGF1 with SHA-1 */ |
2386 | } |
2387 | |
2388 | if (pssParams.saltLength.data) { |
2389 | rv = SEC_ASN1DecodeIntegerSEC_ASN1DecodeInteger_Util((SECItem *)&pssParams.saltLength, &saltLength); |
2390 | if (rv != SECSuccess) { |
2391 | return rv; |
2392 | } |
2393 | } else { |
2394 | saltLength = 20; /* default, 20 */ |
2395 | } |
2396 | |
2397 | if (pssParams.trailerField.data) { |
2398 | rv = SEC_ASN1DecodeIntegerSEC_ASN1DecodeInteger_Util((SECItem *)&pssParams.trailerField, &trailerField); |
2399 | if (rv != SECSuccess) { |
2400 | return rv; |
2401 | } |
2402 | if (trailerField != 1) { |
2403 | /* the value must be 1, which represents the trailer field |
2404 | * with hexadecimal value 0xBC */ |
2405 | PORT_SetErrorPORT_SetError_Util(SEC_ERROR_INVALID_ARGS); |
2406 | return SECFailure; |
2407 | } |
2408 | } |
2409 | |
2410 | if (retHashAlg) { |
2411 | *retHashAlg = hashAlg; |
2412 | } |
2413 | if (retMaskHashAlg) { |
2414 | *retMaskHashAlg = maskHashAlg; |
2415 | } |
2416 | if (retSaltLength) { |
2417 | *retSaltLength = saltLength; |
2418 | } |
2419 | |
2420 | return SECSuccess; |
2421 | } |
2422 | |
2423 | SECStatus |
2424 | sec_DecodeRSAPSSParamsToMechanism(PLArenaPool *arena, |
2425 | const SECItem *params, |
2426 | CK_RSA_PKCS_PSS_PARAMS *mech, |
2427 | SECOidTag *hashAlgp) |
2428 | { |
2429 | SECOidTag hashAlg; |
2430 | SECOidTag maskHashAlg; |
2431 | unsigned long saltLength; |
2432 | SECStatus rv; |
2433 | |
2434 | rv = sec_DecodeRSAPSSParams(arena, params, |
2435 | &hashAlg, &maskHashAlg, &saltLength); |
2436 | if (rv != SECSuccess) { |
2437 | return SECFailure; |
2438 | } |
2439 | *hashAlgp = hashAlg; |
2440 | |
2441 | mech->hashAlg = sec_GetHashMechanismByOidTag(hashAlg); |
2442 | if (mech->hashAlg == CKM_INVALID_MECHANISM0xffffffffUL) { |
2443 | return SECFailure; |
2444 | } |
2445 | |
2446 | mech->mgf = SEC_GetMgfTypeByOidTag(maskHashAlg); |
2447 | if (mech->mgf == 0) { |
2448 | return SECFailure; |
2449 | } |
2450 | |
2451 | mech->sLen = saltLength; |
2452 | |
2453 | return SECSuccess; |
2454 | } |