예제 #1
0
SHA1Context *
SHA1_NewContext(void)
{
    SHA1Context *cx;

    /* no need to ZNew, SHA1_Begin will init the context */
    cx = PORT_New(SHA1Context);
    return cx;
}
예제 #2
0
ChaCha20Poly1305Context *
ChaCha20Poly1305_CreateContext(const unsigned char *key, unsigned int keyLen,
			       unsigned int tagLen)
{
    ChaCha20Poly1305Context *ctx;

    ctx = PORT_New(ChaCha20Poly1305Context);
    if (ctx == NULL) {
	return NULL;
    }

    if (ChaCha20Poly1305_InitContext(ctx, key, keyLen, tagLen) != SECSuccess) {
	PORT_Free(ctx);
	ctx = NULL;
    }

    return ctx;
}
예제 #3
0
파일: sha3.c 프로젝트: martinthomson/sha3
SHA3Context *
SHA3_NewContext(void)
{
  SHA3Context *ctx = PORT_New(SHA3Context);
  return ctx;
}
예제 #4
0
AESKeyWrapContext * 
AESKeyWrap_AllocateContext(void)
{
    AESKeyWrapContext * cx = PORT_New(AESKeyWrapContext);
    return cx;
}
예제 #5
0
/*
 * pk11_getKeyFromList returns a symKey that has a session (if needSession
 * was specified), or explicitly does not have a session (if needSession
 * was not specified).
 */
static PK11SymKey *
pk11_getKeyFromList(PK11SlotInfo *slot, PRBool needSession) {
    PK11SymKey *symKey = NULL;

    PZ_Lock(slot->freeListLock);
    /* own session list are symkeys with sessions that the symkey owns.
     * 'most' symkeys will own their own session. */
    if (needSession) {
	if (slot->freeSymKeysWithSessionHead) {
    	    symKey = slot->freeSymKeysWithSessionHead;
	    slot->freeSymKeysWithSessionHead = symKey->next;
	    slot->keyCount--;
	}
    }
    /* if we don't need a symkey with its own session, or we couldn't find
     * one on the owner list, get one from the non-owner free list. */
    if (!symKey) {
	if (slot->freeSymKeysHead) {
    	    symKey = slot->freeSymKeysHead;
	    slot->freeSymKeysHead = symKey->next;
	    slot->keyCount--;
	}
    }
    PZ_Unlock(slot->freeListLock);
    if (symKey) {
	symKey->next = NULL;
	if (!needSession) {
	    return symKey;
	}
	/* if we are getting an owner key, make sure we have a valid session.
         * session could be invalid if the token has been removed or because
         * we got it from the non-owner free list */
	if ((symKey->series != slot->series) || 
			 (symKey->session == CK_INVALID_SESSION)) {
	    symKey->session = pk11_GetNewSession(slot, &symKey->sessionOwner);
	}
	PORT_Assert(symKey->session != CK_INVALID_SESSION);
	if (symKey->session != CK_INVALID_SESSION)
	    return symKey;
	PK11_FreeSymKey(symKey);
	/* if we are here, we need a session, but couldn't get one, it's 
	 * unlikely we pk11_GetNewSession will succeed if we call it a second
	 * time. */
	return NULL;
    }

    symKey = PORT_New(PK11SymKey);
    if (symKey == NULL) {
	return NULL;
    }

    symKey->next = NULL;
    if (needSession) {
	symKey->session = pk11_GetNewSession(slot,&symKey->sessionOwner);
	PORT_Assert(symKey->session != CK_INVALID_SESSION);
        if (symKey->session == CK_INVALID_SESSION) {
	    PK11_FreeSymKey(symKey);
	    symKey = NULL;
	}
    } else {
	symKey->session = CK_INVALID_SESSION;
    }
    return symKey;
}
/* Generate a mechaism param from a type, and iv. */
SECItem *
PK11_ParamFromAlgid(SECAlgorithmID *algid)
{
    CK_RC2_CBC_PARAMS * rc2_cbc_params = NULL;
    CK_RC2_PARAMS *     rc2_ecb_params = NULL;
    CK_RC5_CBC_PARAMS * rc5_cbc_params = NULL;
    CK_RC5_PARAMS *     rc5_ecb_params = NULL;
    PRArenaPool *       arena          = NULL;
    SECItem *           mech           = NULL;
    SECOidTag           algtag;
    SECStatus           rv;
    CK_MECHANISM_TYPE   type;
    /* initialize these to prevent UMRs in the ASN1 decoder. */
    SECItem             iv  =   {siBuffer, NULL, 0};
    sec_rc2cbcParameter rc2 = { {siBuffer, NULL, 0}, {siBuffer, NULL, 0} };
    sec_rc5cbcParameter rc5 = { {siBuffer, NULL, 0}, {siBuffer, NULL, 0},
                                {siBuffer, NULL, 0}, {siBuffer, NULL, 0} };

    algtag = SECOID_GetAlgorithmTag(algid);
    type = PK11_AlgtagToMechanism(algtag);

    mech = PORT_New(SECItem);
    if (mech == NULL) {
    	return NULL;
    }
    mech->type = siBuffer;
    mech->data = NULL;
    mech->len  = 0;

    arena = PORT_NewArena(1024);
    if (!arena) {
    	goto loser;
    }

    /* handle the complicated cases */
    switch (type) {
    case CKM_RC2_ECB:
        rv = SEC_ASN1DecodeItem(arena, &rc2 ,sec_rc2ecb_parameter_template,
							&(algid->parameters));
	if (rv != SECSuccess) { 
	    goto loser;
	}
	rc2_ecb_params = PORT_New(CK_RC2_PARAMS);
	if (rc2_ecb_params == NULL) {
	    goto loser;
	}
	*rc2_ecb_params = rc2_map(&rc2.rc2ParameterVersion);
	mech->data = (unsigned char *) rc2_ecb_params;
	mech->len  = sizeof *rc2_ecb_params;
	break;
    case CKM_RC2_CBC:
    case CKM_RC2_CBC_PAD:
        rv = SEC_ASN1DecodeItem(arena, &rc2 ,sec_rc2cbc_parameter_template,
							&(algid->parameters));
	if (rv != SECSuccess) { 
	    goto loser;
	}
	rc2_cbc_params = PORT_New(CK_RC2_CBC_PARAMS);
	if (rc2_cbc_params == NULL) {
	    goto loser;
	}
	mech->data = (unsigned char *) rc2_cbc_params;
	mech->len  = sizeof *rc2_cbc_params;
	rc2_cbc_params->ulEffectiveBits = rc2_map(&rc2.rc2ParameterVersion);
	if (rc2.iv.len != sizeof rc2_cbc_params->iv) {
	    PORT_SetError(SEC_ERROR_INPUT_LEN);
	    goto loser;
	}
	PORT_Memcpy(rc2_cbc_params->iv, rc2.iv.data, rc2.iv.len);
	break;
    case CKM_RC5_ECB:
        rv = SEC_ASN1DecodeItem(arena, &rc5 ,sec_rc5ecb_parameter_template,
							&(algid->parameters));
	if (rv != SECSuccess) { 
	    goto loser;
	}
	rc5_ecb_params = PORT_New(CK_RC5_PARAMS);
	if (rc5_ecb_params == NULL) {
	    goto loser;
	}
	rc5_ecb_params->ulRounds   = DER_GetInteger(&rc5.rounds);
	rc5_ecb_params->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits)/8;
	mech->data = (unsigned char *) rc5_ecb_params;
	mech->len = sizeof *rc5_ecb_params;
	break;
    case CKM_RC5_CBC:
    case CKM_RC5_CBC_PAD:
        rv = SEC_ASN1DecodeItem(arena, &rc5 ,sec_rc5cbc_parameter_template,
							&(algid->parameters));
	if (rv != SECSuccess) { 
	    goto loser;
	}
	rc5_cbc_params = (CK_RC5_CBC_PARAMS *)
		PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + rc5.iv.len);
	if (rc5_cbc_params == NULL) {
	    goto loser;
	}
	mech->data = (unsigned char *) rc5_cbc_params;
	mech->len = sizeof *rc5_cbc_params;
	rc5_cbc_params->ulRounds   = DER_GetInteger(&rc5.rounds);
	rc5_cbc_params->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits)/8;
        rc5_cbc_params->pIv        = ((CK_BYTE_PTR)rc5_cbc_params)
						+ sizeof(CK_RC5_CBC_PARAMS);
        rc5_cbc_params->ulIvLen    = rc5.iv.len;
	PORT_Memcpy(rc5_cbc_params->pIv, rc5.iv.data, rc5.iv.len);
	break;
    case CKM_PBE_MD2_DES_CBC:
    case CKM_PBE_MD5_DES_CBC:
    case CKM_NETSCAPE_PBE_SHA1_DES_CBC:
    case CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC:
    case CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC:
    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC:
    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC:
    case CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4:
    case CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4:
    case CKM_PBE_SHA1_DES2_EDE_CBC:
    case CKM_PBE_SHA1_DES3_EDE_CBC:
    case CKM_PBE_SHA1_RC2_40_CBC:
    case CKM_PBE_SHA1_RC2_128_CBC:
    case CKM_PBE_SHA1_RC4_40:
    case CKM_PBE_SHA1_RC4_128:
    case CKM_PKCS5_PBKD2:
	rv = pbe_PK11AlgidToParam(algid,mech);
	if (rv != SECSuccess) {
	    goto loser;
	}
	break;
    case CKM_RC4:
    case CKM_SEED_ECB:
    case CKM_CAMELLIA_ECB:
    case CKM_AES_ECB:
    case CKM_DES_ECB:
    case CKM_DES3_ECB:
    case CKM_IDEA_ECB:
    case CKM_CDMF_ECB:
    case CKM_CAST_ECB:
    case CKM_CAST3_ECB:
    case CKM_CAST5_ECB:
	break;

    default:
	if (pk11_lookup(type)->iv == 0) {
	    break;
	}
	/* FALL THROUGH */
    case CKM_SEED_CBC:
    case CKM_CAMELLIA_CBC:
    case CKM_AES_CBC:
    case CKM_DES_CBC:
    case CKM_DES3_CBC:
    case CKM_IDEA_CBC:
    case CKM_CDMF_CBC:
    case CKM_CAST_CBC:
    case CKM_CAST3_CBC:
    case CKM_CAST5_CBC:
    case CKM_SEED_CBC_PAD:
    case CKM_CAMELLIA_CBC_PAD:
    case CKM_AES_CBC_PAD:
    case CKM_DES_CBC_PAD:
    case CKM_DES3_CBC_PAD:
    case CKM_IDEA_CBC_PAD:
    case CKM_CDMF_CBC_PAD:
    case CKM_CAST_CBC_PAD:
    case CKM_CAST3_CBC_PAD:
    case CKM_CAST5_CBC_PAD:
    case CKM_SKIPJACK_CBC64:
    case CKM_SKIPJACK_ECB64:
    case CKM_SKIPJACK_OFB64:
    case CKM_SKIPJACK_CFB64:
    case CKM_SKIPJACK_CFB32:
    case CKM_SKIPJACK_CFB16:
    case CKM_SKIPJACK_CFB8:
    case CKM_BATON_ECB128:
    case CKM_BATON_ECB96:
    case CKM_BATON_CBC128:
    case CKM_BATON_COUNTER:
    case CKM_BATON_SHUFFLE:
    case CKM_JUNIPER_ECB128:
    case CKM_JUNIPER_CBC128:
    case CKM_JUNIPER_COUNTER:
    case CKM_JUNIPER_SHUFFLE:
	/* simple cases are simply octet string encoded IVs */
	rv = SEC_ASN1DecodeItem(arena, &iv,
                                SEC_ASN1_GET(SEC_OctetStringTemplate),
                                &(algid->parameters));
	if (rv != SECSuccess || iv.data == NULL) {
	    goto loser;
	}
	/* XXX Should be some IV length sanity check here. */
	mech->data = (unsigned char*)PORT_Alloc(iv.len);
	if (mech->data == NULL) {
	    goto loser;
	}
	PORT_Memcpy(mech->data, iv.data, iv.len);
	mech->len = iv.len;
	break;
    }
    PORT_FreeArena(arena, PR_FALSE);
    return mech;

loser:
    if (arena)
    	PORT_FreeArena(arena, PR_FALSE);
    SECITEM_FreeItem(mech,PR_TRUE);
    return NULL;
}