/*
* NSS_CMSUtil_EncryptSymKey_RSA - wrap a symmetric key with RSA
*
* this function takes a symmetric key and encrypts it using an RSA public key
* according to PKCS#1 and RFC2633 (S/MIME)
*/
SECStatus
NSS_CMSUtil_EncryptSymKey_RSA(PLArenaPool *poolp, CERTCertificate *cert,
PK11SymKey *bulkkey,
SECItem *encKey)
{
SECStatus rv;
SECKEYPublicKey *publickey;
publickey = CERT_ExtractPublicKey(cert);
if (publickey == NULL)
return SECFailure;
rv = NSS_CMSUtil_EncryptSymKey_RSAPubKey(poolp, publickey, bulkkey, encKey);
SECKEY_DestroyPublicKey(publickey);
return rv;
}
SECStatus
NSS_CMSRecipientInfo_WrapBulkKey(NSSCMSRecipientInfo *ri, PK11SymKey *bulkkey,
SECOidTag bulkalgtag)
{
CERTCertificate *cert;
SECOidTag certalgtag;
SECStatus rv = SECSuccess;
NSSCMSRecipientEncryptedKey *rek;
NSSCMSOriginatorIdentifierOrKey *oiok;
CERTSubjectPublicKeyInfo *spki, *freeSpki = NULL;
PLArenaPool *poolp;
NSSCMSKeyTransRecipientInfoEx *extra = NULL;
PRBool usesSubjKeyID;
poolp = ri->cmsg->poolp;
cert = ri->cert;
usesSubjKeyID = nss_cmsrecipientinfo_usessubjectkeyid(ri);
if (cert) {
spki = &cert->subjectPublicKeyInfo;
} else if (usesSubjKeyID) {
extra = &ri->ri.keyTransRecipientInfoEx;
/* sanity check */
PORT_Assert(extra->pubKey);
if (!extra->pubKey) {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
spki = freeSpki = SECKEY_CreateSubjectPublicKeyInfo(extra->pubKey);
} else {
PORT_SetError(SEC_ERROR_INVALID_ARGS);
return SECFailure;
}
/* XXX set ri->recipientInfoType to the proper value here */
/* or should we look if it's been set already ? */
certalgtag = SECOID_GetAlgorithmTag(&spki->algorithm);
switch (certalgtag) {
case SEC_OID_PKCS1_RSA_ENCRYPTION:
/* wrap the symkey */
if (cert) {
rv = NSS_CMSUtil_EncryptSymKey_RSA(poolp, cert, bulkkey,
&ri->ri.keyTransRecipientInfo.encKey);
if (rv != SECSuccess)
break;
} else if (usesSubjKeyID) {
PORT_Assert(extra != NULL);
rv = NSS_CMSUtil_EncryptSymKey_RSAPubKey(poolp, extra->pubKey,
bulkkey, &ri->ri.keyTransRecipientInfo.encKey);
if (rv != SECSuccess)
break;
}
rv = SECOID_SetAlgorithmID(poolp, &(ri->ri.keyTransRecipientInfo.keyEncAlg), certalgtag, NULL);
break;
case SEC_OID_X942_DIFFIE_HELMAN_KEY: /* dh-public-number */
rek = ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys[0];
if (rek == NULL) {
rv = SECFailure;
break;
}
oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey);
PORT_Assert(oiok->identifierType == NSSCMSOriginatorIDOrKey_OriginatorPublicKey);
/* see RFC2630 12.3.1.1 */
if (SECOID_SetAlgorithmID(poolp, &oiok->id.originatorPublicKey.algorithmIdentifier,
SEC_OID_X942_DIFFIE_HELMAN_KEY, NULL) != SECSuccess) {
rv = SECFailure;
break;
}
/* this will generate a key pair, compute the shared secret, */
/* derive a key and ukm for the keyEncAlg out of it, encrypt the bulk key with */
/* the keyEncAlg, set encKey, keyEncAlg, publicKey etc. */
rv = NSS_CMSUtil_EncryptSymKey_ESDH(poolp, cert, bulkkey,
&rek->encKey,
&ri->ri.keyAgreeRecipientInfo.ukm,
&ri->ri.keyAgreeRecipientInfo.keyEncAlg,
&oiok->id.originatorPublicKey.publicKey);
break;
default:
/* other algorithms not supported yet */
/* NOTE that we do not support any KEK algorithm */
PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
rv = SECFailure;
}
if (freeSpki)
SECKEY_DestroySubjectPublicKeyInfo(freeSpki);
return rv;
}
