int nss_ctx_init(TALLOC_CTX *mem_ctx,
struct crypto_mech_data *mech_props,
uint8_t *key, int keylen,
uint8_t *iv, int ivlen,
struct sss_nss_crypto_ctx **_cctx)
{
struct sss_nss_crypto_ctx *cctx;
int ret;
cctx = talloc_zero(mem_ctx, struct sss_nss_crypto_ctx);
if (!cctx) {
return ENOMEM;
}
talloc_set_destructor(cctx, sss_nss_crypto_ctx_destructor);
cctx->slot = PK11_GetBestSlot(mech_props->cipher, NULL);
if (cctx->slot == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to find security device (err %d)\n",
PR_GetError());
ret = EIO;
goto done;
}
if (keylen > 0) {
cctx->key = talloc(cctx, SECItem);
if (cctx->key == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Failed to allocate Key buffer\n");
ret = ENOMEM;
goto done;
}
if (key) {
MAKE_SECITEM(key, keylen, cctx->key);
} else {
ret = generate_random_key(cctx, cctx->slot,
mech_props, &cctx->key);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Could not generate encryption key\n");
goto done;
}
}
}
if (ivlen > 0) {
cctx->iv = talloc(cctx, SECItem);
if (cctx->iv == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Failed to allocate IV buffer\n");
ret = ENOMEM;
goto done;
}
if (iv) {
MAKE_SECITEM(iv, ivlen, cctx->iv);
} else {
ret = generate_random_key(cctx, cctx->slot,
mech_props, &cctx->iv);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Could not generate initialization vector\n");
goto done;
}
}
}
ret = EOK;
*_cctx = cctx;
done:
if (ret) talloc_zfree(cctx);
return ret;
}
int nss_crypto_init(struct crypto_mech_data *mech_props,
enum crypto_mech_op crypto_op,
struct sss_nss_crypto_ctx *cctx)
{
CK_ATTRIBUTE_TYPE op;
int ret;
switch (crypto_op) {
case op_encrypt:
op = CKA_ENCRYPT;
break;
case op_decrypt:
op = CKA_DECRYPT;
break;
case op_sign:
op = CKA_SIGN;
break;
default:
return EFAULT;
}
/* turn the raw key into a key object */
cctx->keyobj = PK11_ImportSymKey(cctx->slot, mech_props->cipher,
PK11_OriginUnwrap, op, cctx->key, NULL);
if (cctx->keyobj == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Failure to import key into NSS (err %d)\n",
PR_GetError());
ret = EIO;
goto done;
}
if (crypto_op == op_encrypt || crypto_op == op_decrypt) {
/* turn the raw IV into a initialization vector object */
cctx->sparam = PK11_ParamFromIV(mech_props->cipher, cctx->iv);
if (cctx->sparam == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Failure to set up PKCS11 param (err %d)\n",
PR_GetError());
ret = EIO;
goto done;
}
} else {
cctx->sparam = SECITEM_AllocItem(NULL, NULL, 0);
if (cctx->sparam == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Failure to allocate SECItem\n");
ret = EIO;
goto done;
}
MAKE_SECITEM(NULL, 0, cctx->sparam);
}
/* Create cipher context */
cctx->ectx = PK11_CreateContextBySymKey(mech_props->cipher, op,
cctx->keyobj, cctx->sparam);
if (cctx->ectx == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Cannot create cipher context (err %d)\n",
PORT_GetError());
ret = EIO;
goto done;
}
ret = EOK;
done:
return ret;
}
int sss_password_decrypt(TALLOC_CTX *mem_ctx, char *b64encoded,
char **password)
{
SECStatus sret;
int ret;
TALLOC_CTX *tmp_ctx = NULL;
struct crypto_mech_data *mech_props;
struct sss_nss_crypto_ctx *cctx;
int plainlen;
unsigned int digestlen;
unsigned char *obfbuf = NULL;
size_t obflen;
char *pwdbuf;
/* for unmarshaling data */
uint16_t meth;
uint16_t ctsize;
size_t p = 0;
unsigned char *cryptotext;
unsigned char *keybuf;
unsigned char *ivbuf;
unsigned char sentinel_check[OBF_BUFFER_SENTINEL_SIZE];
tmp_ctx = talloc_new(mem_ctx);
if (!tmp_ctx) {
return ENOMEM;
}
/* initialize NSS if needed */
ret = nspr_nss_init();
if (ret != EOK) {
ret = EIO;
goto done;
}
/* Base64 decode the incoming buffer */
obfbuf = sss_base64_decode(tmp_ctx, b64encoded, &obflen);
if (!obfbuf) {
ret = ENOMEM;
goto done;
}
/* unpack obfuscation buffer */
SAFEALIGN_COPY_UINT16_CHECK(&meth, obfbuf+p, obflen, &p);
DEBUG(SSSDBG_TRACE_INTERNAL, "Read method: %d\n", meth);
SAFEALIGN_COPY_UINT16_CHECK(&ctsize, obfbuf+p, obflen, &p);
DEBUG(SSSDBG_TRACE_INTERNAL, "Read bufsize: %d\n", ctsize);
mech_props = get_crypto_mech_data(meth);
if (mech_props == NULL) {
ret = EINVAL;
goto done;
}
/* check that we got sane mechanism properties and cryptotext size */
memcpy(sentinel_check,
obfbuf + p + mech_props->keylen + mech_props->bsize + ctsize,
OBF_BUFFER_SENTINEL_SIZE);
if (memcmp(sentinel_check, OBF_BUFFER_SENTINEL, OBF_BUFFER_SENTINEL_SIZE) != 0) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Obfuscation buffer seems corrupt, aborting\n");
ret = EFAULT;
goto done;
}
/* copy out key, ivbuf and cryptotext */
keybuf = talloc_array(tmp_ctx, unsigned char, mech_props->keylen);
if (keybuf == NULL) {
ret = ENOMEM;
goto done;
}
safealign_memcpy(keybuf, obfbuf+p, mech_props->keylen, &p);
ivbuf = talloc_array(tmp_ctx, unsigned char, mech_props->bsize);
if (ivbuf == NULL) {
ret = ENOMEM;
goto done;
}
safealign_memcpy(ivbuf, obfbuf+p, mech_props->bsize, &p);
cryptotext = talloc_array(tmp_ctx, unsigned char, ctsize);
if (cryptotext == NULL) {
ret = ENOMEM;
goto done;
}
safealign_memcpy(cryptotext, obfbuf+p, ctsize, &p);
ret = nss_ctx_init(tmp_ctx, mech_props, &cctx);
if (ret) {
DEBUG(SSSDBG_CRIT_FAILURE, "Cannot initialize NSS context\n");
goto done;
}
cctx->iv = talloc_zero(cctx, SECItem);
cctx->key = talloc_zero(cctx, SECItem);
if (!cctx->iv || !cctx->key) {
ret = ENOMEM;
goto done;
}
MAKE_SECITEM(ivbuf, mech_props->bsize, cctx->iv);
MAKE_SECITEM(keybuf, mech_props->keylen, cctx->key);
ret = nss_encrypt_decrypt_init(mech_props, false, cctx);
if (ret) {
goto done;
}
pwdbuf = talloc_array(tmp_ctx, char, ctsize);
if (!pwdbuf) {
ret = ENOMEM;
goto done;
}
sret = PK11_CipherOp(cctx->ectx, (unsigned char *) pwdbuf, &plainlen, ctsize,
cryptotext, ctsize);
if (sret != SECSuccess) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Cannot execute the encryption operation (err %d)\n",
PR_GetError());
ret = EIO;
goto done;
}
sret = PK11_DigestFinal(cctx->ectx, (unsigned char *) pwdbuf+plainlen, &digestlen,
ctsize - plainlen);
if (sret != SECSuccess) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Cannot execute the encryption operation (err %d)\n",
PR_GetError());
ret = EIO;
goto done;
}
*password = talloc_move(mem_ctx, &pwdbuf);
ret = EOK;
done:
talloc_free(tmp_ctx);
nspr_nss_cleanup();
return ret;
}
