CERTAVA * CERT_CopyAVA(PLArenaPool *arena, CERTAVA *from) { CERTAVA *ava; int rv; ava = (CERTAVA *)PORT_ArenaZAlloc(arena, sizeof(CERTAVA)); if (ava) { rv = SECITEM_CopyItem(arena, &ava->type, &from->type); if (rv) goto loser; rv = SECITEM_CopyItem(arena, &ava->value, &from->value); if (rv) goto loser; } return ava; loser: return 0; }
/* * NSS_CMSAttribute_Create - create an attribute * * if value is NULL, the attribute won't have a value. It can be added later * with NSS_CMSAttribute_AddValue. */ NSSCMSAttribute * NSS_CMSAttribute_Create(PRArenaPool *poolp, SECOidTag oidtag, SECItem *value, PRBool encoded) { NSSCMSAttribute *attr; SECItem *copiedvalue; void *mark; PORT_Assert (poolp != NULL); mark = PORT_ArenaMark (poolp); attr = (NSSCMSAttribute *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSAttribute)); if (attr == NULL) goto loser; attr->typeTag = SECOID_FindOIDByTag(oidtag); if (attr->typeTag == NULL) goto loser; if (SECITEM_CopyItem(poolp, &(attr->type), &(attr->typeTag->oid)) != SECSuccess) goto loser; if (value != NULL) { if ((copiedvalue = SECITEM_ArenaDupItem(poolp, value)) == NULL) goto loser; if (NSS_CMSArray_Add(poolp, (void ***)&(attr->values), (void *)copiedvalue) != SECSuccess) goto loser; } attr->encoded = encoded; PORT_ArenaUnmark (poolp, mark); return attr; loser: PORT_Assert (mark != NULL); PORT_ArenaRelease (poolp, mark); return NULL; }
/* allocate space for a PFX structure and set up initial * arena pool. pfx structure is cleared and a pointer to * the new structure is returned. */ SEC_PKCS12AuthenticatedSafe * sec_pkcs12_new_asafe(PLArenaPool *poolp) { SEC_PKCS12AuthenticatedSafe *asafe = NULL; void *mark; mark = PORT_ArenaMark(poolp); asafe = (SEC_PKCS12AuthenticatedSafe *)PORT_ArenaZAlloc(poolp, sizeof(SEC_PKCS12AuthenticatedSafe)); if(asafe == NULL) goto loser; asafe->poolp = poolp; PORT_Memset(&asafe->old_baggage, 0, sizeof(SEC_PKCS7ContentInfo)); PORT_ArenaUnmark(poolp, mark); return asafe; loser: PORT_ArenaRelease(poolp, mark); return NULL; }
/* allocate space for a PFX structure and set up initial * arena pool. pfx structure is cleared and a pointer to * the new structure is returned. */ SEC_PKCS12PFXItem * sec_pkcs12_new_pfx(void) { SEC_PKCS12PFXItem *pfx = NULL; PLArenaPool *poolp = NULL; poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); /* XXX Different size? */ if(poolp == NULL) goto loser; pfx = (SEC_PKCS12PFXItem *)PORT_ArenaZAlloc(poolp, sizeof(SEC_PKCS12PFXItem)); if(pfx == NULL) goto loser; pfx->poolp = poolp; return pfx; loser: PORT_FreeArena(poolp, PR_TRUE); return NULL; }
/* * SecCmsMessageCreate - create a CMS message object * * "poolp" - arena to allocate memory from, or NULL if new arena should be created */ SecCmsMessageRef SecCmsMessageCreate(void) { PLArenaPool *poolp; SecCmsMessageRef cmsg; poolp = PORT_NewArena (1024); /* XXX what is right value? */ if (poolp == NULL) return NULL; cmsg = (SecCmsMessageRef)PORT_ArenaZAlloc (poolp, sizeof(SecCmsMessage)); if (cmsg == NULL) { PORT_FreeArena(poolp, PR_FALSE); return NULL; } cmsg->poolp = poolp; cmsg->contentInfo.cmsg = cmsg; cmsg->refCount = 1; return cmsg; }
/* compute the thumbprint of the DER cert and create a digest info * to store it in and return the digest info. * a return of NULL indicates an error. */ SGNDigestInfo * sec_pkcs12_compute_thumbprint(SECItem *der_cert) { SGNDigestInfo *thumb = NULL; SECItem digest; PRArenaPool *temparena = NULL; SECStatus rv = SECFailure; if(der_cert == NULL) return NULL; temparena = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE); if(temparena == NULL) { return NULL; } digest.data = (unsigned char *)PORT_ArenaZAlloc(temparena, sizeof(unsigned char) * SHA1_LENGTH); /* digest data and create digest info */ if(digest.data != NULL) { digest.len = SHA1_LENGTH; rv = PK11_HashBuf(SEC_OID_SHA1, digest.data, der_cert->data, der_cert->len); if(rv == SECSuccess) { thumb = SGN_CreateDigestInfo(SEC_OID_SHA1, digest.data, digest.len); } else { PORT_SetError(SEC_ERROR_NO_MEMORY); } } else { PORT_SetError(SEC_ERROR_NO_MEMORY); } PORT_FreeArena(temparena, PR_TRUE); return thumb; }
/* * NSS_CMSMessage_Create - create a CMS message object * * "poolp" - arena to allocate memory from, or NULL if new arena should be created */ NSSCMSMessage * NSS_CMSMessage_Create(PLArenaPool *poolp) { void *mark = NULL; NSSCMSMessage *cmsg; PRBool poolp_is_ours = PR_FALSE; if (poolp == NULL) { poolp = PORT_NewArena (1024); /* XXX what is right value? */ if (poolp == NULL) return NULL; poolp_is_ours = PR_TRUE; } if (!poolp_is_ours) mark = PORT_ArenaMark(poolp); cmsg = (NSSCMSMessage *)PORT_ArenaZAlloc (poolp, sizeof(NSSCMSMessage)); if (cmsg == NULL) { if (!poolp_is_ours) { if (mark) { PORT_ArenaRelease(poolp, mark); } } else PORT_FreeArena(poolp, PR_FALSE); return NULL; } NSS_CMSContentInfo_Private_Init(&(cmsg->contentInfo)); cmsg->poolp = poolp; cmsg->poolp_is_ours = poolp_is_ours; cmsg->refCount = 1; if (mark) PORT_ArenaUnmark(poolp, mark); return cmsg; }
SECStatus NSS_CMSSignedData_AddDigest(PLArenaPool *poolp, NSSCMSSignedData *sigd, SECOidTag digestalgtag, SECItem *digest) { SECAlgorithmID *digestalg; void *mark; if (!sigd || !poolp) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } mark = PORT_ArenaMark(poolp); digestalg = PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID)); if (digestalg == NULL) goto loser; if (SECOID_SetAlgorithmID(poolp, digestalg, digestalgtag, NULL) != SECSuccess) /* no params */ goto loser; if (NSS_CMSArray_Add(poolp, (void ***)&(sigd->digestAlgorithms), (void *)digestalg) != SECSuccess || /* even if digest is NULL, add dummy to have same-size array */ NSS_CMSArray_Add(poolp, (void ***)&(sigd->digests), (void *)digest) != SECSuccess) { goto loser; } PORT_ArenaUnmark(poolp, mark); return SECSuccess; loser: PORT_ArenaRelease(poolp, mark); return SECFailure; }
static CERTCertificate *createEmptyCertificate(void) { PLArenaPool *arena = 0; CERTCertificate *c = 0; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if ( !arena ) { return 0; } c = (CERTCertificate *) PORT_ArenaZAlloc(arena, sizeof(CERTCertificate)); if (c) { c->referenceCount = 1; c->arena = arena; } else { PORT_FreeArena(arena,PR_TRUE); } return c; }
CERTAVA * CERT_CreateAVAFromSECItem(PRArenaPool *arena, SECOidTag kind, int valueType, SECItem *value) { CERTAVA *ava; int rv; unsigned maxLen; ava = (CERTAVA*) PORT_ArenaZAlloc(arena, sizeof(CERTAVA)); if (ava) { rv = SetupAVAType(arena, kind, &ava->type, &maxLen); if (rv) { /* Illegal AVA type */ return NULL; } rv = SetupAVAValue(arena, valueType, value, &ava->value, maxLen); if (rv) { /* Illegal value type */ return NULL; } } return ava; }
static PQGParams * decode_pqg_params(char *aStr) { unsigned char *buf = nullptr; unsigned int len; PLArenaPool *arena = nullptr; PQGParams *params = nullptr; SECStatus status; arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (!arena) return nullptr; params = static_cast<PQGParams*>(PORT_ArenaZAlloc(arena, sizeof(PQGParams))); if (!params) goto loser; params->arena = arena; buf = ATOB_AsciiToData(aStr, &len); if ((!buf) || (len == 0)) goto loser; status = SEC_ASN1Decode(arena, params, SECKEY_PQGParamsTemplate, (const char*)buf, len); if (status != SECSuccess) goto loser; return params; loser: if (arena) { PORT_FreeArena(arena, false); } if (buf) { PR_Free(buf); } return nullptr; }
static char * nssutil_formatValue(PRArenaPool *arena, char *value, char quote) { char *vp,*vp2,*retval; int size = 0, escapes = 0; for (vp=value; *vp ;vp++) { if ((*vp == quote) || (*vp == NSSUTIL_ARG_ESCAPE)) escapes++; size++; } if (arena) { retval = PORT_ArenaZAlloc(arena,size+escapes+1); } else { retval = PORT_ZAlloc(size+escapes+1); } if (retval == NULL) return NULL; vp2 = retval; for (vp=value; *vp; vp++) { if ((*vp == quote) || (*vp == NSSUTIL_ARG_ESCAPE)) *vp2++ = NSSUTIL_ARG_ESCAPE; *vp2++ = *vp; } return retval; }
static long smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts) { PLArenaPool *poolp; long chosen_cipher; int *cipher_abilities; int *cipher_votes; int strong_mapi; int rcount, mapi, max; if (smime_policy_bits == 0) { PORT_SetError(SEC_ERROR_BAD_EXPORT_ALGORITHM); return -1; } chosen_cipher = SMIME_RC2_CBC_40; /* the default, LCD */ poolp = PORT_NewArena(1024); /* XXX what is right value? */ if (poolp == NULL) goto done; cipher_abilities = (int *)PORT_ArenaZAlloc(poolp, smime_symmetric_count * sizeof(int)); if (cipher_abilities == NULL) goto done; cipher_votes = (int *)PORT_ArenaZAlloc(poolp, smime_symmetric_count * sizeof(int)); if (cipher_votes == NULL) goto done; /* * XXX Should have a #define somewhere which specifies default * strong cipher. (Or better, a way to configure.) */ /* Make triple-DES the strong cipher. */ strong_mapi = smime_mapi_by_cipher(SMIME_DES_EDE3_168); PORT_Assert(strong_mapi >= 0); for (rcount = 0; rcerts[rcount] != NULL; rcount++) { SECItem *profile; smime_capability **caps; int capi, pref; SECStatus dstat; pref = smime_symmetric_count; profile = CERT_FindSMimeProfile(rcerts[rcount]); if (profile != NULL && profile->data != NULL && profile->len > 0) { caps = NULL; dstat = SEC_QuickDERDecodeItem(poolp, &caps, smime_capabilities_template, profile); if (dstat == SECSuccess && caps != NULL) { for (capi = 0; caps[capi] != NULL; capi++) { smime_fill_capability(caps[capi]); mapi = smime_mapi_by_cipher(caps[capi]->cipher); if (mapi >= 0) { cipher_abilities[mapi]++; cipher_votes[mapi] += pref; --pref; } } } } else { SECKEYPublicKey *key; unsigned int pklen_bits; /* * XXX This is probably only good for RSA keys. What I would * really like is a function to just say; Is the public key in * this cert an export-length key? Then I would not have to * know things like the value 512, or the kind of key, or what * a subjectPublicKeyInfo is, etc. */ key = CERT_ExtractPublicKey(rcerts[rcount]); if (key != NULL) { pklen_bits = SECKEY_PublicKeyStrength(key) * 8; SECKEY_DestroyPublicKey(key); if (pklen_bits > 512) { cipher_abilities[strong_mapi]++; cipher_votes[strong_mapi] += pref; } } } if (profile != NULL) SECITEM_FreeItem(profile, PR_TRUE); } max = 0; for (mapi = 0; mapi < smime_symmetric_count; mapi++) { if (cipher_abilities[mapi] != rcount) continue; if (!smime_cipher_allowed(smime_cipher_maps[mapi].cipher)) continue; if (cipher_votes[mapi] > max) { chosen_cipher = smime_cipher_maps[mapi].cipher; max = cipher_votes[mapi]; } /* XXX else if a tie, let scert break it? */ } done: if (poolp != NULL) PORT_FreeArena(poolp, PR_FALSE); return chosen_cipher; }
NSSCMSRecipientInfo * nss_cmsrecipientinfo_create(NSSCMSMessage *cmsg, NSSCMSRecipientIDSelector type, CERTCertificate *cert, SECKEYPublicKey *pubKey, SECItem *subjKeyID, void* pwfn_arg, SECItem* DERinput) { NSSCMSRecipientInfo *ri; void *mark; SECOidTag certalgtag; SECStatus rv = SECSuccess; NSSCMSRecipientEncryptedKey *rek; NSSCMSOriginatorIdentifierOrKey *oiok; unsigned long version; SECItem *dummy; PLArenaPool *poolp; CERTSubjectPublicKeyInfo *spki, *freeSpki = NULL; NSSCMSRecipientIdentifier *rid; extern const SEC_ASN1Template NSSCMSRecipientInfoTemplate[]; if (!cmsg) { /* a CMSMessage wasn't supplied, create a fake one to hold the pwfunc * and a private arena pool */ cmsg = NSS_CMSMessage_Create(NULL); cmsg->pwfn_arg = pwfn_arg; /* mark it as a special cms message */ cmsg->contentInfo.contentTypeTag = (SECOidData *)&fakeContent; } poolp = cmsg->poolp; mark = PORT_ArenaMark(poolp); ri = (NSSCMSRecipientInfo *)PORT_ArenaZAlloc(poolp, sizeof(NSSCMSRecipientInfo)); if (ri == NULL) goto loser; ri->cmsg = cmsg; if (DERinput) { /* decode everything from DER */ SECItem newinput; SECStatus rv = SECITEM_CopyItem(poolp, &newinput, DERinput); if (SECSuccess != rv) goto loser; rv = SEC_QuickDERDecodeItem(poolp, ri, NSSCMSRecipientInfoTemplate, &newinput); if (SECSuccess != rv) goto loser; } switch (type) { case NSSCMSRecipientID_IssuerSN: { ri->cert = CERT_DupCertificate(cert); if (NULL == ri->cert) goto loser; spki = &(cert->subjectPublicKeyInfo); break; } case NSSCMSRecipientID_SubjectKeyID: { PORT_Assert(pubKey); spki = freeSpki = SECKEY_CreateSubjectPublicKeyInfo(pubKey); break; } case NSSCMSRecipientID_BrandNew: goto done; break; default: /* unkown type */ goto loser; break; } certalgtag = SECOID_GetAlgorithmTag(&(spki->algorithm)); rid = &ri->ri.keyTransRecipientInfo.recipientIdentifier; switch (certalgtag) { case SEC_OID_PKCS1_RSA_ENCRYPTION: ri->recipientInfoType = NSSCMSRecipientInfoID_KeyTrans; rid->identifierType = type; if (type == NSSCMSRecipientID_IssuerSN) { rid->id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert); if (rid->id.issuerAndSN == NULL) { break; } } else if (type == NSSCMSRecipientID_SubjectKeyID){ NSSCMSKeyTransRecipientInfoEx *riExtra; rid->id.subjectKeyID = PORT_ArenaNew(poolp, SECItem); if (rid->id.subjectKeyID == NULL) { rv = SECFailure; PORT_SetError(SEC_ERROR_NO_MEMORY); break; } SECITEM_CopyItem(poolp, rid->id.subjectKeyID, subjKeyID); if (rid->id.subjectKeyID->data == NULL) { rv = SECFailure; PORT_SetError(SEC_ERROR_NO_MEMORY); break; } riExtra = &ri->ri.keyTransRecipientInfoEx; riExtra->version = 0; riExtra->pubKey = SECKEY_CopyPublicKey(pubKey); if (riExtra->pubKey == NULL) { rv = SECFailure; PORT_SetError(SEC_ERROR_NO_MEMORY); break; } } else { PORT_SetError(SEC_ERROR_INVALID_ARGS); rv = SECFailure; } break; case SEC_OID_X942_DIFFIE_HELMAN_KEY: /* dh-public-number */ PORT_Assert(type == NSSCMSRecipientID_IssuerSN); if (type != NSSCMSRecipientID_IssuerSN) { rv = SECFailure; break; } /* a key agreement op */ ri->recipientInfoType = NSSCMSRecipientInfoID_KeyAgree; if (ri->ri.keyTransRecipientInfo.recipientIdentifier.id.issuerAndSN == NULL) { rv = SECFailure; break; } /* we do not support the case where multiple recipients * share the same KeyAgreeRecipientInfo and have multiple RecipientEncryptedKeys * in this case, we would need to walk all the recipientInfos, take the * ones that do KeyAgreement algorithms and join them, algorithm by algorithm * Then, we'd generate ONE ukm and OriginatorIdentifierOrKey */ /* only epheremal-static Diffie-Hellman is supported for now * this is the only form of key agreement that provides potential anonymity * of the sender, plus we do not have to include certs in the message */ /* force single recipientEncryptedKey for now */ if ((rek = NSS_CMSRecipientEncryptedKey_Create(poolp)) == NULL) { rv = SECFailure; break; } /* hardcoded IssuerSN choice for now */ rek->recipientIdentifier.identifierType = NSSCMSKeyAgreeRecipientID_IssuerSN; if ((rek->recipientIdentifier.id.issuerAndSN = CERT_GetCertIssuerAndSN(poolp, cert)) == NULL) { rv = SECFailure; break; } oiok = &(ri->ri.keyAgreeRecipientInfo.originatorIdentifierOrKey); /* see RFC2630 12.3.1.1 */ oiok->identifierType = NSSCMSOriginatorIDOrKey_OriginatorPublicKey; rv = NSS_CMSArray_Add(poolp, (void ***)&ri->ri.keyAgreeRecipientInfo.recipientEncryptedKeys, (void *)rek); break; default: /* other algorithms not supported yet */ /* NOTE that we do not support any KEK algorithm */ PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); rv = SECFailure; break; } if (rv == SECFailure) goto loser; /* set version */ switch (ri->recipientInfoType) { case NSSCMSRecipientInfoID_KeyTrans: if (ri->ri.keyTransRecipientInfo.recipientIdentifier.identifierType == NSSCMSRecipientID_IssuerSN) version = NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_ISSUERSN; else version = NSS_CMS_KEYTRANS_RECIPIENT_INFO_VERSION_SUBJKEY; dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.keyTransRecipientInfo.version), version); if (dummy == NULL) goto loser; break; case NSSCMSRecipientInfoID_KeyAgree: dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.keyAgreeRecipientInfo.version), NSS_CMS_KEYAGREE_RECIPIENT_INFO_VERSION); if (dummy == NULL) goto loser; break; case NSSCMSRecipientInfoID_KEK: /* NOTE: this cannot happen as long as we do not support any KEK algorithm */ dummy = SEC_ASN1EncodeInteger(poolp, &(ri->ri.kekRecipientInfo.version), NSS_CMS_KEK_RECIPIENT_INFO_VERSION); if (dummy == NULL) goto loser; break; } done: PORT_ArenaUnmark (poolp, mark); if (freeSpki) SECKEY_DestroySubjectPublicKeyInfo(freeSpki); return ri; loser: if (ri && ri->cert) { CERT_DestroyCertificate(ri->cert); } if (freeSpki) { SECKEY_DestroySubjectPublicKeyInfo(freeSpki); } PORT_ArenaRelease (poolp, mark); if (cmsg->contentInfo.contentTypeTag == &fakeContent) { NSS_CMSMessage_Destroy(cmsg); } return NULL; }
static int sm_encrypt(CamelCipherContext *context, const char *userid, GPtrArray *recipients, CamelMimePart *ipart, CamelMimePart *opart, CamelException *ex) { struct _CamelSMIMEContextPrivate *p = ((CamelSMIMEContext *)context)->priv; /*NSSCMSRecipientInfo **recipient_infos;*/ CERTCertificate **recipient_certs = NULL; NSSCMSContentInfo *cinfo; PK11SymKey *bulkkey = NULL; SECOidTag bulkalgtag; int bulkkeysize, i; CK_MECHANISM_TYPE type; PK11SlotInfo *slot; PLArenaPool *poolp; NSSCMSMessage *cmsg = NULL; NSSCMSEnvelopedData *envd; NSSCMSEncoderContext *enc = NULL; CamelStreamMem *mem; CamelStream *ostream = NULL; CamelDataWrapper *dw; CamelContentType *ct; poolp = PORT_NewArena(1024); if (poolp == NULL) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM)); return -1; } /* Lookup all recipients certs, for later working */ recipient_certs = (CERTCertificate **)PORT_ArenaZAlloc(poolp, sizeof(*recipient_certs[0])*(recipients->len + 1)); if (recipient_certs == NULL) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, g_strerror (ENOMEM)); goto fail; } for (i=0;i<recipients->len;i++) { recipient_certs[i] = CERT_FindCertByNicknameOrEmailAddr(p->certdb, recipients->pdata[i]); if (recipient_certs[i] == NULL) { camel_exception_setv(ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot find certificate for `%s'"), recipients->pdata[i]); goto fail; } } /* Find a common algorithm, probably 3DES anyway ... */ if (NSS_SMIMEUtil_FindBulkAlgForRecipients(recipient_certs, &bulkalgtag, &bulkkeysize) != SECSuccess) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot find common bulk encryption algorithm")); goto fail; } /* Generate a new bulk key based on the common algorithm - expensive */ type = PK11_AlgtagToMechanism(bulkalgtag); slot = PK11_GetBestSlot(type, context); if (slot == NULL) { /* PORT_GetError(); ?? */ camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot allocate slot for encryption bulk key")); goto fail; } bulkkey = PK11_KeyGen(slot, type, NULL, bulkkeysize/8, context); PK11_FreeSlot(slot); /* Now we can start building the message */ /* msg->envelopedData->data */ cmsg = NSS_CMSMessage_Create(NULL); if (cmsg == NULL) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot create CMS Message")); goto fail; } envd = NSS_CMSEnvelopedData_Create(cmsg, bulkalgtag, bulkkeysize); if (envd == NULL) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot create CMS Enveloped data")); goto fail; } cinfo = NSS_CMSMessage_GetContentInfo(cmsg); if (NSS_CMSContentInfo_SetContent_EnvelopedData(cmsg, cinfo, envd) != SECSuccess) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot attach CMS Enveloped data")); goto fail; } cinfo = NSS_CMSEnvelopedData_GetContentInfo(envd); if (NSS_CMSContentInfo_SetContent_Data(cmsg, cinfo, NULL, PR_FALSE) != SECSuccess) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot attach CMS data object")); goto fail; } /* add recipient certs */ for (i=0;recipient_certs[i];i++) { NSSCMSRecipientInfo *ri = NSS_CMSRecipientInfo_Create(cmsg, recipient_certs[i]); if (ri == NULL) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot create CMS Recipient information")); goto fail; } if (NSS_CMSEnvelopedData_AddRecipient(envd, ri) != SECSuccess) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot add CMS Recipient information")); goto fail; } } /* dump it out */ ostream = camel_stream_mem_new(); enc = NSS_CMSEncoder_Start(cmsg, sm_write_stream, ostream, NULL, NULL, NULL, NULL, sm_decrypt_key, bulkkey, NULL, NULL); if (enc == NULL) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Cannot create encoder context")); goto fail; } /* FIXME: Stream the input */ /* FIXME: Canonicalise the input? */ mem = (CamelStreamMem *)camel_stream_mem_new(); camel_data_wrapper_write_to_stream((CamelDataWrapper *)ipart, (CamelStream *)mem); if (NSS_CMSEncoder_Update(enc, (char *) mem->buffer->data, mem->buffer->len) != SECSuccess) { NSS_CMSEncoder_Cancel(enc); camel_object_unref(mem); camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Failed to add data to encoder")); goto fail; } camel_object_unref(mem); if (NSS_CMSEncoder_Finish(enc) != SECSuccess) { camel_exception_set (ex, CAMEL_EXCEPTION_SYSTEM, _("Failed to encode data")); goto fail; } PK11_FreeSymKey(bulkkey); NSS_CMSMessage_Destroy(cmsg); for (i=0;recipient_certs[i];i++) CERT_DestroyCertificate(recipient_certs[i]); PORT_FreeArena(poolp, PR_FALSE); dw = camel_data_wrapper_new(); camel_data_wrapper_construct_from_stream(dw, ostream); camel_object_unref(ostream); dw->encoding = CAMEL_TRANSFER_ENCODING_BINARY; ct = camel_content_type_new("application", "x-pkcs7-mime"); camel_content_type_set_param(ct, "name", "smime.p7m"); camel_content_type_set_param(ct, "smime-type", "enveloped-data"); camel_data_wrapper_set_mime_type_field(dw, ct); camel_content_type_unref(ct); camel_medium_set_content_object((CamelMedium *)opart, dw); camel_object_unref(dw); camel_mime_part_set_disposition(opart, "attachment"); camel_mime_part_set_filename(opart, "smime.p7m"); camel_mime_part_set_description(opart, "S/MIME Encrypted Message"); camel_mime_part_set_encoding(opart, CAMEL_TRANSFER_ENCODING_BASE64); return 0; fail: if (ostream) camel_object_unref(ostream); if (cmsg) NSS_CMSMessage_Destroy(cmsg); if (bulkkey) PK11_FreeSymKey(bulkkey); if (recipient_certs) { for (i=0;recipient_certs[i];i++) CERT_DestroyCertificate(recipient_certs[i]); } PORT_FreeArena(poolp, PR_FALSE); return -1; }
/* * SecCmsDigestContextFinishMultiple - finish the digests and put them * into an array of CSSM_DATAs (allocated on poolp) */ OSStatus SecCmsDigestContextFinishMultiple(SecCmsDigestContextRef cmsdigcx, SecArenaPoolRef poolp, CSSM_DATA_PTR **digestsp) { CSSM_CC_HANDLE digobj; CSSM_DATA_PTR *digests, digest; int i; void *mark; OSStatus rv = SECFailure; /* no contents? do not update digests */ if (digestsp == NULL || !cmsdigcx->saw_contents) { for (i = 0; i < cmsdigcx->digcnt; i++) if (cmsdigcx->digobjs[i]) CSSM_DeleteContext(cmsdigcx->digobjs[i]); rv = SECSuccess; if (digestsp) *digestsp = NULL; goto cleanup; } mark = PORT_ArenaMark ((PLArenaPool *)poolp); /* allocate digest array & CSSM_DATAs on arena */ digests = (CSSM_DATA_PTR *)PORT_ArenaAlloc((PLArenaPool *)poolp, (cmsdigcx->digcnt+1) * sizeof(CSSM_DATA_PTR)); digest = (CSSM_DATA_PTR)PORT_ArenaZAlloc((PLArenaPool *)poolp, cmsdigcx->digcnt * sizeof(CSSM_DATA)); if (digests == NULL || digest == NULL) { goto loser; } for (i = 0; i < cmsdigcx->digcnt; i++, digest++) { digobj = cmsdigcx->digobjs[i]; CSSM_QUERY_SIZE_DATA dataSize; rv = CSSM_QuerySize(digobj, CSSM_FALSE, 1, &dataSize); if (rv != CSSM_OK) { goto loser; } int diglength = dataSize.SizeOutputBlock; if (digobj) { digest->Data = (unsigned char*)PORT_ArenaAlloc((PLArenaPool *)poolp, diglength); if (digest->Data == NULL) goto loser; digest->Length = diglength; rv = CSSM_DigestDataFinal(digobj, digest); if (rv != CSSM_OK) { goto loser; } CSSM_DeleteContext(digobj); } else { digest->Data = NULL; digest->Length = 0; } digests[i] = digest; } digests[i] = NULL; *digestsp = digests; rv = SECSuccess; loser: if (rv == SECSuccess) PORT_ArenaUnmark((PLArenaPool *)poolp, mark); else PORT_ArenaRelease((PLArenaPool *)poolp, mark); cleanup: if (cmsdigcx->digcnt > 0) { PORT_Free(cmsdigcx->digobjs); } PORT_Free(cmsdigcx); return rv; }
NSSLOWKEYPublicKey * nsslowkey_ConvertToPublicKey(NSSLOWKEYPrivateKey *privk) { NSSLOWKEYPublicKey *pubk; PLArenaPool *arena; arena = PORT_NewArena (DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { PORT_SetError (SEC_ERROR_NO_MEMORY); return NULL; } switch(privk->keyType) { case NSSLOWKEYRSAKey: case NSSLOWKEYNullKey: pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, sizeof (NSSLOWKEYPublicKey)); if (pubk != NULL) { SECStatus rv; pubk->arena = arena; pubk->keyType = privk->keyType; if (privk->keyType == NSSLOWKEYNullKey) return pubk; rv = SECITEM_CopyItem(arena, &pubk->u.rsa.modulus, &privk->u.rsa.modulus); if (rv == SECSuccess) { rv = SECITEM_CopyItem (arena, &pubk->u.rsa.publicExponent, &privk->u.rsa.publicExponent); if (rv == SECSuccess) return pubk; } } else { PORT_SetError (SEC_ERROR_NO_MEMORY); } break; case NSSLOWKEYDSAKey: pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPublicKey)); if (pubk != NULL) { SECStatus rv; pubk->arena = arena; pubk->keyType = privk->keyType; rv = SECITEM_CopyItem(arena, &pubk->u.dsa.publicValue, &privk->u.dsa.publicValue); if (rv != SECSuccess) break; rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.prime, &privk->u.dsa.params.prime); if (rv != SECSuccess) break; rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.subPrime, &privk->u.dsa.params.subPrime); if (rv != SECSuccess) break; rv = SECITEM_CopyItem(arena, &pubk->u.dsa.params.base, &privk->u.dsa.params.base); if (rv == SECSuccess) return pubk; } break; case NSSLOWKEYDHKey: pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPublicKey)); if (pubk != NULL) { SECStatus rv; pubk->arena = arena; pubk->keyType = privk->keyType; rv = SECITEM_CopyItem(arena, &pubk->u.dh.publicValue, &privk->u.dh.publicValue); if (rv != SECSuccess) break; rv = SECITEM_CopyItem(arena, &pubk->u.dh.prime, &privk->u.dh.prime); if (rv != SECSuccess) break; rv = SECITEM_CopyItem(arena, &pubk->u.dh.base, &privk->u.dh.base); if (rv == SECSuccess) return pubk; } break; #ifndef NSS_DISABLE_ECC case NSSLOWKEYECKey: pubk = (NSSLOWKEYPublicKey *)PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPublicKey)); if (pubk != NULL) { SECStatus rv; pubk->arena = arena; pubk->keyType = privk->keyType; rv = SECITEM_CopyItem(arena, &pubk->u.ec.publicValue, &privk->u.ec.publicValue); if (rv != SECSuccess) break; pubk->u.ec.ecParams.arena = arena; /* Copy the rest of the params */ rv = EC_CopyParams(arena, &(pubk->u.ec.ecParams), &(privk->u.ec.ecParams)); if (rv == SECSuccess) return pubk; } break; #endif /* NSS_DISABLE_ECC */ /* No Fortezza in Low Key implementations (Fortezza keys aren't * stored in our data base */ default: break; } PORT_FreeArena (arena, PR_FALSE); return NULL; }
SECStatus DH_GenParam(int primeLen, DHParams **params) { PLArenaPool *arena; DHParams *dhparams; unsigned char *pb = NULL; unsigned char *ab = NULL; unsigned long counter = 0; mp_int p, q, a, h, psub1, test; mp_err err = MP_OKAY; SECStatus rv = SECSuccess; if (!params || primeLen < 0) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); if (!arena) { PORT_SetError(SEC_ERROR_NO_MEMORY); return SECFailure; } dhparams = (DHParams *)PORT_ArenaZAlloc(arena, sizeof(DHParams)); if (!dhparams) { PORT_SetError(SEC_ERROR_NO_MEMORY); PORT_FreeArena(arena, PR_TRUE); return SECFailure; } dhparams->arena = arena; MP_DIGITS(&p) = 0; MP_DIGITS(&q) = 0; MP_DIGITS(&a) = 0; MP_DIGITS(&h) = 0; MP_DIGITS(&psub1) = 0; MP_DIGITS(&test) = 0; CHECK_MPI_OK( mp_init(&p) ); CHECK_MPI_OK( mp_init(&q) ); CHECK_MPI_OK( mp_init(&a) ); CHECK_MPI_OK( mp_init(&h) ); CHECK_MPI_OK( mp_init(&psub1) ); CHECK_MPI_OK( mp_init(&test) ); /* generate prime with MPI, uses Miller-Rabin to generate strong prime. */ pb = PORT_Alloc(primeLen); CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(pb, primeLen) ); pb[0] |= 0x80; /* set high-order bit */ pb[primeLen-1] |= 0x01; /* set low-order bit */ CHECK_MPI_OK( mp_read_unsigned_octets(&p, pb, primeLen) ); CHECK_MPI_OK( mpp_make_prime(&p, primeLen * 8, PR_TRUE, &counter) ); /* construct Sophie-Germain prime q = (p-1)/2. */ CHECK_MPI_OK( mp_sub_d(&p, 1, &psub1) ); CHECK_MPI_OK( mp_div_2(&psub1, &q) ); /* construct a generator from the prime. */ ab = PORT_Alloc(primeLen); /* generate a candidate number a in p's field */ CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(ab, primeLen) ); CHECK_MPI_OK( mp_read_unsigned_octets(&a, ab, primeLen) ); /* force a < p (note that quot(a/p) <= 1) */ if ( mp_cmp(&a, &p) > 0 ) CHECK_MPI_OK( mp_sub(&a, &p, &a) ); do { /* check that a is in the range [2..p-1] */ if ( mp_cmp_d(&a, 2) < 0 || mp_cmp(&a, &psub1) >= 0) { /* a is outside of the allowed range. Set a=3 and keep going. */ mp_set(&a, 3); } /* if a**q mod p != 1 then a is a generator */ CHECK_MPI_OK( mp_exptmod(&a, &q, &p, &test) ); if ( mp_cmp_d(&test, 1) != 0 ) break; /* increment the candidate and try again. */ CHECK_MPI_OK( mp_add_d(&a, 1, &a) ); } while (PR_TRUE); MPINT_TO_SECITEM(&p, &dhparams->prime, arena); MPINT_TO_SECITEM(&a, &dhparams->base, arena); *params = dhparams; cleanup: mp_clear(&p); mp_clear(&q); mp_clear(&a); mp_clear(&h); mp_clear(&psub1); mp_clear(&test); if (pb) PORT_ZFree(pb, primeLen); if (ab) PORT_ZFree(ab, primeLen); if (err) { MP_TO_SEC_ERROR(err); rv = SECFailure; } if (rv) PORT_FreeArena(arena, PR_TRUE); return rv; }
static void ListCRLNames (CERTCertDBHandle *certHandle, int crlType, PRBool deletecrls) { CERTCrlHeadNode *crlList = NULL; CERTCrlNode *crlNode = NULL; CERTName *name = NULL; PLArenaPool *arena = NULL; SECStatus rv; do { arena = PORT_NewArena (SEC_ASN1_DEFAULT_ARENA_SIZE); if (arena == NULL) { fprintf(stderr, "%s: fail to allocate memory\n", progName); break; } name = PORT_ArenaZAlloc (arena, sizeof(*name)); if (name == NULL) { fprintf(stderr, "%s: fail to allocate memory\n", progName); break; } name->arena = arena; rv = SEC_LookupCrls (certHandle, &crlList, crlType); if (rv != SECSuccess) { fprintf(stderr, "%s: fail to look up CRLs (%s)\n", progName, SECU_Strerror(PORT_GetError())); break; } /* just in case */ if (!crlList) break; crlNode = crlList->first; fprintf (stdout, "\n"); fprintf (stdout, "\n%-40s %-5s\n\n", "CRL names", "CRL Type"); while (crlNode) { char* asciiname = NULL; CERTCertificate *cert = NULL; if (crlNode->crl && &crlNode->crl->crl.derName) { cert = CERT_FindCertByName(certHandle, &crlNode->crl->crl.derName); if (!cert) { SECU_PrintError(progName, "could not find signing " "certificate in database"); } } if (cert) { char* certName = NULL; if (cert->nickname && PORT_Strlen(cert->nickname) > 0) { certName = cert->nickname; } else if (cert->emailAddr && PORT_Strlen(cert->emailAddr) > 0) { certName = cert->emailAddr; } if (certName) { asciiname = PORT_Strdup(certName); } CERT_DestroyCertificate(cert); } if (!asciiname) { name = &crlNode->crl->crl.name; if (!name){ SECU_PrintError(progName, "fail to get the CRL " "issuer name"); continue; } asciiname = CERT_NameToAscii(name); } fprintf (stdout, "%-40s %-5s\n", asciiname, "CRL"); if (asciiname) { PORT_Free(asciiname); } if ( PR_TRUE == deletecrls) { CERTSignedCrl* acrl = NULL; SECItem* issuer = &crlNode->crl->crl.derName; acrl = SEC_FindCrlByName(certHandle, issuer, crlType); if (acrl) { SEC_DeletePermCRL(acrl); SEC_DestroyCrl(acrl); } } crlNode = crlNode->next; } } while (0); if (crlList) PORT_FreeArena (crlList->arena, PR_FALSE); PORT_FreeArena (arena, PR_FALSE); }
err_t RSA_signature_verify_nss(const struct RSA_public_key *k , const u_char *hash_val, size_t hash_len ,const u_char *sig_val, size_t sig_len) { SECKEYPublicKey *publicKey; PRArenaPool *arena; SECStatus retVal = SECSuccess; SECItem nss_n, nss_e; SECItem signature, data; chunk_t n,e; /*Converting n and e to form public key in SECKEYPublicKey data structure*/ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { PORT_SetError (SEC_ERROR_NO_MEMORY); return "10" "NSS error: Not enough memory to create arena"; } publicKey = (SECKEYPublicKey *) PORT_ArenaZAlloc (arena, sizeof (SECKEYPublicKey)); if (!publicKey) { PORT_FreeArena (arena, PR_FALSE); PORT_SetError (SEC_ERROR_NO_MEMORY); return "11" "NSS error: Not enough memory to create publicKey"; } publicKey->arena = arena; publicKey->keyType = rsaKey; publicKey->pkcs11Slot = NULL; publicKey->pkcs11ID = CK_INVALID_HANDLE; /* Converting n(modulus) and e(exponent) from mpz_t form to chunk_t */ n = mpz_to_n_autosize(&k->n); e = mpz_to_n_autosize(&k->e); /*Converting n and e to nss_n and nss_e*/ nss_n.data = n.ptr; nss_n.len = (unsigned int)n.len; nss_n.type = siBuffer; nss_e.data = e.ptr; nss_e.len = (unsigned int)e.len; nss_e.type = siBuffer; retVal = SECITEM_CopyItem(arena, &publicKey->u.rsa.modulus, &nss_n); if (retVal == SECSuccess) { retVal = SECITEM_CopyItem (arena, &publicKey->u.rsa.publicExponent, &nss_e); } if(retVal != SECSuccess) { pfree(n.ptr); pfree(e.ptr); SECKEY_DestroyPublicKey (publicKey); return "12" "NSS error: Not able to copy modulus or exponent or both while forming SECKEYPublicKey structure"; } signature.type = siBuffer; signature.data = DISCARD_CONST(unsigned char *, sig_val); signature.len = (unsigned int)sig_len; data.len = (unsigned int)sig_len; data.data = alloc_bytes(data.len, "NSS decrypted signature"); data.type = siBuffer; if(PK11_VerifyRecover(publicKey, &signature, &data, osw_return_nss_password_file_info()) == SECSuccess ) { DBG(DBG_CRYPT,DBG_dump("NSS RSA verify: decrypted sig: ", data.data, data.len)); } else { DBG(DBG_CRYPT,DBG_log("NSS RSA verify: decrypting signature is failed")); return "13" "NSS error: Not able to decrypt"; } if(memcmp(data.data+data.len-hash_len, hash_val, hash_len)!=0) { pfree(data.data); loglog(RC_LOG_SERIOUS, "RSA Signature NOT verified"); return "14" "NSS error: Not able to verify"; } DBG(DBG_CRYPT,DBG_dump("NSS RSA verify: hash value: ", hash_val, hash_len)); pfree(data.data); pfree(n.ptr); pfree(e.ptr); SECKEY_DestroyPublicKey (publicKey); DBG(DBG_CRYPT, DBG_log("RSA Signature verified")); return NULL; }
/* create a new external bag which is appended onto the list * of bags in baggage. the bag is created in the same arena * as baggage */ SEC_PKCS12BaggageItem * sec_pkcs12_create_external_bag(SEC_PKCS12Baggage *luggage) { void *dummy, *mark; SEC_PKCS12BaggageItem *bag; if(luggage == NULL) { return NULL; } mark = PORT_ArenaMark(luggage->poolp); /* allocate space for null terminated bag list */ if(luggage->bags == NULL) { luggage->bags=(SEC_PKCS12BaggageItem**)PORT_ArenaZAlloc(luggage->poolp, sizeof(SEC_PKCS12BaggageItem *)); if(luggage->bags == NULL) { goto loser; } luggage->luggage_size = 0; } /* grow the list */ dummy = PORT_ArenaGrow(luggage->poolp, luggage->bags, sizeof(SEC_PKCS12BaggageItem *) * (luggage->luggage_size + 1), sizeof(SEC_PKCS12BaggageItem *) * (luggage->luggage_size + 2)); if(dummy == NULL) { goto loser; } luggage->bags = (SEC_PKCS12BaggageItem**)dummy; luggage->bags[luggage->luggage_size] = (SEC_PKCS12BaggageItem *)PORT_ArenaZAlloc(luggage->poolp, sizeof(SEC_PKCS12BaggageItem)); if(luggage->bags[luggage->luggage_size] == NULL) { goto loser; } /* create new bag and append it to the end */ bag = luggage->bags[luggage->luggage_size]; bag->espvks = (SEC_PKCS12ESPVKItem **)PORT_ArenaZAlloc( luggage->poolp, sizeof(SEC_PKCS12ESPVKItem *)); bag->unencSecrets = (SEC_PKCS12SafeBag **)PORT_ArenaZAlloc( luggage->poolp, sizeof(SEC_PKCS12SafeBag *)); if((bag->espvks == NULL) || (bag->unencSecrets == NULL)) { goto loser; } bag->poolp = luggage->poolp; luggage->luggage_size++; luggage->bags[luggage->luggage_size] = NULL; bag->espvks[0] = NULL; bag->unencSecrets[0] = NULL; bag->nEspvks = bag->nSecrets = 0; PORT_ArenaUnmark(luggage->poolp, mark); return bag; loser: PORT_ArenaRelease(luggage->poolp, mark); PORT_SetError(SEC_ERROR_NO_MEMORY); return NULL; }
/* * smime_choose_cipher - choose a cipher that works for all the recipients * * "scert" - sender's certificate * "rcerts" - recipient's certificates */ static long smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts) { PLArenaPool *poolp; long cipher; long chosen_cipher; int *cipher_abilities; int *cipher_votes; int weak_mapi; int strong_mapi; int aes128_mapi; int aes256_mapi; int rcount, mapi, max, i; chosen_cipher = SMIME_RC2_CBC_40; /* the default, LCD */ weak_mapi = smime_mapi_by_cipher(chosen_cipher); aes128_mapi = smime_mapi_by_cipher(SMIME_AES_CBC_128); aes256_mapi = smime_mapi_by_cipher(SMIME_AES_CBC_256); poolp = PORT_NewArena (1024); /* XXX what is right value? */ if (poolp == NULL) goto done; cipher_abilities = (int *)PORT_ArenaZAlloc(poolp, smime_cipher_map_count * sizeof(int)); cipher_votes = (int *)PORT_ArenaZAlloc(poolp, smime_cipher_map_count * sizeof(int)); if (cipher_votes == NULL || cipher_abilities == NULL) goto done; /* Make triple-DES the strong cipher. */ strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168); /* walk all the recipient's certs */ for (rcount = 0; rcerts[rcount] != NULL; rcount++) { SECItem *profile; NSSSMIMECapability **caps; int pref; /* the first cipher that matches in the user's SMIME profile gets * "smime_cipher_map_count" votes; the next one gets "smime_cipher_map_count" - 1 * and so on. If every cipher matches, the last one gets 1 (one) vote */ pref = smime_cipher_map_count; /* find recipient's SMIME profile */ profile = CERT_FindSMimeProfile(rcerts[rcount]); if (profile != NULL && profile->data != NULL && profile->len > 0) { /* we have a profile (still DER-encoded) */ caps = NULL; /* decode it */ if (SEC_QuickDERDecodeItem(poolp, &caps, NSSSMIMECapabilitiesTemplate, profile) == SECSuccess && caps != NULL) { /* walk the SMIME capabilities for this recipient */ for (i = 0; caps[i] != NULL; i++) { cipher = nss_SMIME_FindCipherForSMIMECap(caps[i]); mapi = smime_mapi_by_cipher(cipher); if (mapi >= 0) { /* found the cipher */ cipher_abilities[mapi]++; cipher_votes[mapi] += pref; --pref; } } } } else { /* no profile found - so we can only assume that the user can do * the mandatory algorithms which are RC2-40 (weak crypto) and * 3DES (strong crypto), unless the user has an elliptic curve * key. For elliptic curve keys, RFC 5753 mandates support * for AES 128 CBC. */ SECKEYPublicKey *key; unsigned int pklen_bits; KeyType key_type; /* * if recipient's public key length is > 512, vote for a strong cipher * please not that the side effect of this is that if only one recipient * has an export-level public key, the strong cipher is disabled. * * XXX This is probably only good for RSA keys. What I would * really like is a function to just say; Is the public key in * this cert an export-length key? Then I would not have to * know things like the value 512, or the kind of key, or what * a subjectPublicKeyInfo is, etc. */ key = CERT_ExtractPublicKey(rcerts[rcount]); pklen_bits = 0; key_type = nullKey; if (key != NULL) { pklen_bits = SECKEY_PublicKeyStrengthInBits (key); key_type = SECKEY_GetPublicKeyType(key); SECKEY_DestroyPublicKey (key); key = NULL; } if (key_type == ecKey) { /* While RFC 5753 mandates support for AES-128 CBC, should use * AES 256 if user's key provides more than 128 bits of * security strength so that symmetric key is not weak link. */ /* RC2-40 is not compatible with elliptic curve keys. */ chosen_cipher = SMIME_DES_EDE3_168; if (pklen_bits > 256) { cipher_abilities[aes256_mapi]++; cipher_votes[aes256_mapi] += pref; pref--; } cipher_abilities[aes128_mapi]++; cipher_votes[aes128_mapi] += pref; pref--; cipher_abilities[strong_mapi]++; cipher_votes[strong_mapi] += pref; pref--; } else { if (pklen_bits > 512) { /* cast votes for the strong algorithm */ cipher_abilities[strong_mapi]++; cipher_votes[strong_mapi] += pref; pref--; } /* always cast (possibly less) votes for the weak algorithm */ cipher_abilities[weak_mapi]++; cipher_votes[weak_mapi] += pref; } } if (profile != NULL) SECITEM_FreeItem(profile, PR_TRUE); } /* find cipher that is agreeable by all recipients and that has the most votes */ max = 0; for (mapi = 0; mapi < smime_cipher_map_count; mapi++) { /* if not all of the recipients can do this, forget it */ if (cipher_abilities[mapi] != rcount) continue; /* if cipher is not enabled or not allowed by policy, forget it */ if (!smime_cipher_map[mapi].enabled || !smime_cipher_map[mapi].allowed) continue; /* now see if this one has more votes than the last best one */ if (cipher_votes[mapi] >= max) { /* if equal number of votes, prefer the ones further down in the list */ /* with the expectation that these are higher rated ciphers */ chosen_cipher = smime_cipher_map[mapi].cipher; max = cipher_votes[mapi]; } } /* if no common cipher was found, chosen_cipher stays at the default */ done: if (poolp != NULL) PORT_FreeArena (poolp, PR_FALSE); return chosen_cipher; }
SECItem * SECITEM_AllocItem(PLArenaPool *arena, SECItem *item, unsigned int len) { SECItem *result = NULL; void *mark = NULL; if (arena != NULL) { mark = PORT_ArenaMark(arena); } if (item == NULL) { if (arena != NULL) { result = PORT_ArenaZAlloc(arena, sizeof(SECItem)); } else { result = PORT_ZAlloc(sizeof(SECItem)); } if (result == NULL) { goto loser; } } else { PORT_Assert(item->data == NULL); result = item; } result->len = len; if (len) { if (arena != NULL) { result->data = PORT_ArenaAlloc(arena, len); } else { result->data = PORT_Alloc(len); } if (result->data == NULL) { goto loser; } } else { result->data = NULL; } if (mark) { PORT_ArenaUnmark(arena, mark); } return(result); loser: if ( arena != NULL ) { if (mark) { PORT_ArenaRelease(arena, mark); } if (item != NULL) { item->data = NULL; item->len = 0; } } else { if (result != NULL) { SECITEM_FreeItem(result, (item == NULL) ? PR_TRUE : PR_FALSE); } /* * If item is not NULL, the above has set item->data and * item->len to 0. */ } return(NULL); }
/* MUST BE THREAD-SAFE */ static PK11SymKey *calc_dh_shared(const chunk_t g, /* converted to SECItem */ /*const*/ SECKEYPrivateKey *privk, /* NSS doesn't do const */ const struct oakley_group_desc *group, const SECKEYPublicKey *local_pubk) { struct timeval tv0; SECKEYPublicKey *remote_pubk; SECItem nss_g; PK11SymKey *dhshared; PRArenaPool *arena; SECStatus status; unsigned int dhshared_len; DBG(DBG_CRYPT, DBG_log("Started DH shared-secret computation in NSS:")); gettimeofday(&tv0, NULL); arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); passert(arena != NULL); remote_pubk = (SECKEYPublicKey *) PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey)); remote_pubk->arena = arena; remote_pubk->keyType = dhKey; remote_pubk->pkcs11Slot = NULL; remote_pubk->pkcs11ID = CK_INVALID_HANDLE; nss_g.data = g.ptr; nss_g.len = (unsigned int)g.len; nss_g.type = siBuffer; status = SECITEM_CopyItem(remote_pubk->arena, &remote_pubk->u.dh.prime, &local_pubk->u.dh.prime); passert(status == SECSuccess); status = SECITEM_CopyItem(remote_pubk->arena, &remote_pubk->u.dh.base, &local_pubk->u.dh.base); passert(status == SECSuccess); status = SECITEM_CopyItem(remote_pubk->arena, &remote_pubk->u.dh.publicValue, &nss_g); passert(status == SECSuccess); dhshared = PK11_PubDerive(privk, remote_pubk, PR_FALSE, NULL, NULL, CKM_DH_PKCS_DERIVE, CKM_CONCATENATE_DATA_AND_BASE, CKA_DERIVE, group->bytes, lsw_return_nss_password_file_info()); passert(dhshared != NULL); dhshared_len = PK11_GetKeyLength(dhshared); if (group->bytes > dhshared_len) { DBG(DBG_CRYPT, DBG_log("Dropped %lu leading zeros", group->bytes - dhshared_len)); chunk_t zeros; PK11SymKey *newdhshared; CK_KEY_DERIVATION_STRING_DATA string_params; SECItem params; zeros = hmac_pads(0x00, group->bytes - dhshared_len); params.data = (unsigned char *)&string_params; params.len = sizeof(string_params); string_params.pData = zeros.ptr; string_params.ulLen = zeros.len; newdhshared = PK11_Derive(dhshared, CKM_CONCATENATE_DATA_AND_BASE, ¶ms, CKM_CONCATENATE_DATA_AND_BASE, CKA_DERIVE, 0); passert(newdhshared != NULL); PK11_FreeSymKey(dhshared); dhshared = newdhshared; freeanychunk(zeros); } else { DBG(DBG_CRYPT, DBG_log("Dropped no leading zeros %d", dhshared_len)); } /* nss_symkey_log(dhshared, "dhshared"); */ DBG(DBG_CRYPT, { struct timeval tv1; unsigned long tv_diff; gettimeofday(&tv1, NULL); tv_diff = (tv1.tv_sec - tv0.tv_sec) * 1000000 + (tv1.tv_usec - tv0.tv_usec); DBG_log("calc_dh_shared(): time elapsed (%s): %ld usec", enum_show(&oakley_group_names, group->group), tv_diff); });
SECItemArray * SECITEM_AllocArray(PLArenaPool *arena, SECItemArray *array, unsigned int len) { SECItemArray *result = NULL; void *mark = NULL; if (array != NULL && array->items != NULL) { PORT_Assert(0); PORT_SetError(SEC_ERROR_INVALID_ARGS); return NULL; } if (arena != NULL) { mark = PORT_ArenaMark(arena); } if (array == NULL) { if (arena != NULL) { result = PORT_ArenaZAlloc(arena, sizeof(SECItemArray)); } else { result = PORT_ZAlloc(sizeof(SECItemArray)); } if (result == NULL) { goto loser; } } else { result = array; } result->len = len; if (len) { if (arena != NULL) { result->items = PORT_ArenaZNewArray(arena, SECItem, len); } else { result->items = PORT_ZNewArray(SECItem, len); } if (result->items == NULL) { goto loser; } } else { result->items = NULL; } if (mark) { PORT_ArenaUnmark(arena, mark); } return result; loser: if ( arena != NULL ) { if (mark) { PORT_ArenaRelease(arena, mark); } } else { if (result != NULL && array == NULL) { PORT_Free(result); } } if (array != NULL) { array->items = NULL; array->len = 0; } return NULL; }
SGNDigestInfo * SGN_CreateDigestInfo(SECOidTag algorithm, const unsigned char *sig, unsigned len) { SGNDigestInfo *di; SECStatus rv; PLArenaPool *arena; SECItem *null_param; SECItem dummy_value; switch (algorithm) { case SEC_OID_MD2: case SEC_OID_MD5: case SEC_OID_SHA1: case SEC_OID_SHA224: case SEC_OID_SHA256: case SEC_OID_SHA384: case SEC_OID_SHA512: break; default: PORT_SetError(SEC_ERROR_INVALID_ALGORITHM); return NULL; } arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { return NULL; } di = (SGNDigestInfo *) PORT_ArenaZAlloc(arena, sizeof(SGNDigestInfo)); if (di == NULL) { PORT_FreeArena(arena, PR_FALSE); return NULL; } di->arena = arena; /* * PKCS #1 specifies that the AlgorithmID must have a NULL parameter * (as opposed to no parameter at all). */ dummy_value.data = NULL; dummy_value.len = 0; null_param = SEC_ASN1EncodeItem(NULL, NULL, &dummy_value, SEC_NullTemplate); if (null_param == NULL) { goto loser; } rv = SECOID_SetAlgorithmID(arena, &di->digestAlgorithm, algorithm, null_param); SECITEM_FreeItem(null_param, PR_TRUE); if (rv != SECSuccess) { goto loser; } di->digest.data = (unsigned char *) PORT_ArenaAlloc(arena, len); if (di->digest.data == NULL) { goto loser; } di->digest.len = len; PORT_Memcpy(di->digest.data, sig, len); return di; loser: SGN_DestroyDigestInfo(di); return NULL; }
NSSLOWKEYPrivateKey * nsslowkey_CopyPrivateKey(NSSLOWKEYPrivateKey *privKey) { NSSLOWKEYPrivateKey *returnKey = NULL; SECStatus rv = SECFailure; PLArenaPool *poolp; if(!privKey) { return NULL; } poolp = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if(!poolp) { return NULL; } returnKey = (NSSLOWKEYPrivateKey*)PORT_ArenaZAlloc(poolp, sizeof(NSSLOWKEYPrivateKey)); if(!returnKey) { rv = SECFailure; goto loser; } returnKey->keyType = privKey->keyType; returnKey->arena = poolp; switch(privKey->keyType) { case NSSLOWKEYRSAKey: rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.modulus), &(privKey->u.rsa.modulus)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.version), &(privKey->u.rsa.version)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.publicExponent), &(privKey->u.rsa.publicExponent)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.privateExponent), &(privKey->u.rsa.privateExponent)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime1), &(privKey->u.rsa.prime1)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.prime2), &(privKey->u.rsa.prime2)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent1), &(privKey->u.rsa.exponent1)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.exponent2), &(privKey->u.rsa.exponent2)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.rsa.coefficient), &(privKey->u.rsa.coefficient)); if(rv != SECSuccess) break; break; case NSSLOWKEYDSAKey: rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.publicValue), &(privKey->u.dsa.publicValue)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.privateValue), &(privKey->u.dsa.privateValue)); if(rv != SECSuccess) break; returnKey->u.dsa.params.arena = poolp; rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.prime), &(privKey->u.dsa.params.prime)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.subPrime), &(privKey->u.dsa.params.subPrime)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.dsa.params.base), &(privKey->u.dsa.params.base)); if(rv != SECSuccess) break; break; case NSSLOWKEYDHKey: rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.publicValue), &(privKey->u.dh.publicValue)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.privateValue), &(privKey->u.dh.privateValue)); if(rv != SECSuccess) break; returnKey->u.dsa.params.arena = poolp; rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.prime), &(privKey->u.dh.prime)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.dh.base), &(privKey->u.dh.base)); if(rv != SECSuccess) break; break; #ifndef NSS_DISABLE_ECC case NSSLOWKEYECKey: rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.version), &(privKey->u.ec.version)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.publicValue), &(privKey->u.ec.publicValue)); if(rv != SECSuccess) break; rv = SECITEM_CopyItem(poolp, &(returnKey->u.ec.privateValue), &(privKey->u.ec.privateValue)); if(rv != SECSuccess) break; returnKey->u.ec.ecParams.arena = poolp; /* Copy the rest of the params */ rv = EC_CopyParams(poolp, &(returnKey->u.ec.ecParams), &(privKey->u.ec.ecParams)); if (rv != SECSuccess) break; break; #endif /* NSS_DISABLE_ECC */ default: rv = SECFailure; } loser: if(rv != SECSuccess) { PORT_FreeArena(poolp, PR_TRUE); returnKey = NULL; } return returnKey; }
static SECStatus dsa_NewKeyExtended(const PQGParams *params, const SECItem * seed, DSAPrivateKey **privKey) { mp_int p, g; mp_int x, y; mp_err err; PRArenaPool *arena; DSAPrivateKey *key; /* Check args. */ if (!params || !privKey || !seed || !seed->data) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } /* Initialize an arena for the DSA key. */ arena = PORT_NewArena(NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE); if (!arena) { PORT_SetError(SEC_ERROR_NO_MEMORY); return SECFailure; } key = (DSAPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DSAPrivateKey)); if (!key) { PORT_SetError(SEC_ERROR_NO_MEMORY); PORT_FreeArena(arena, PR_TRUE); return SECFailure; } key->params.arena = arena; /* Initialize MPI integers. */ MP_DIGITS(&p) = 0; MP_DIGITS(&g) = 0; MP_DIGITS(&x) = 0; MP_DIGITS(&y) = 0; CHECK_MPI_OK( mp_init(&p) ); CHECK_MPI_OK( mp_init(&g) ); CHECK_MPI_OK( mp_init(&x) ); CHECK_MPI_OK( mp_init(&y) ); /* Copy over the PQG params */ CHECK_MPI_OK( SECITEM_CopyItem(arena, &key->params.prime, ¶ms->prime) ); CHECK_MPI_OK( SECITEM_CopyItem(arena, &key->params.subPrime, ¶ms->subPrime) ); CHECK_MPI_OK( SECITEM_CopyItem(arena, &key->params.base, ¶ms->base) ); /* Convert stored p, g, and received x into MPI integers. */ SECITEM_TO_MPINT(params->prime, &p); SECITEM_TO_MPINT(params->base, &g); OCTETS_TO_MPINT(seed->data, &x, seed->len); /* Store x in private key */ SECITEM_AllocItem(arena, &key->privateValue, seed->len); PORT_Memcpy(key->privateValue.data, seed->data, seed->len); /* Compute public key y = g**x mod p */ CHECK_MPI_OK( mp_exptmod(&g, &x, &p, &y) ); /* Store y in public key */ MPINT_TO_SECITEM(&y, &key->publicValue, arena); *privKey = key; key = NULL; cleanup: mp_clear(&p); mp_clear(&g); mp_clear(&x); mp_clear(&y); if (key) PORT_FreeArena(key->params.arena, PR_TRUE); if (err) { translate_mpi_error(err); return SECFailure; } return SECSuccess; }
/* Generates a new EC key pair. The private key is a supplied * value and the public key is the result of performing a scalar * point multiplication of that value with the curve's base point. */ SECStatus ec_NewKey(ECParams *ecParams, ECPrivateKey **privKey, const unsigned char *privKeyBytes, int privKeyLen) { SECStatus rv = SECFailure; #ifndef NSS_DISABLE_ECC PLArenaPool *arena; ECPrivateKey *key; mp_int k; mp_err err = MP_OKAY; int len; #if EC_DEBUG printf("ec_NewKey called\n"); #endif MP_DIGITS(&k) = 0; if (!ecParams || !privKey || !privKeyBytes || (privKeyLen < 0)) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } /* Initialize an arena for the EC key. */ if (!(arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE))) return SECFailure; key = (ECPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(ECPrivateKey)); if (!key) { PORT_FreeArena(arena, PR_TRUE); return SECFailure; } /* Set the version number (SEC 1 section C.4 says it should be 1) */ SECITEM_AllocItem(arena, &key->version, 1); key->version.data[0] = 1; /* Copy all of the fields from the ECParams argument to the * ECParams structure within the private key. */ key->ecParams.arena = arena; key->ecParams.type = ecParams->type; key->ecParams.fieldID.size = ecParams->fieldID.size; key->ecParams.fieldID.type = ecParams->fieldID.type; if (ecParams->fieldID.type == ec_field_GFp) { CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.fieldID.u.prime, &ecParams->fieldID.u.prime)); } else { CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.fieldID.u.poly, &ecParams->fieldID.u.poly)); } key->ecParams.fieldID.k1 = ecParams->fieldID.k1; key->ecParams.fieldID.k2 = ecParams->fieldID.k2; key->ecParams.fieldID.k3 = ecParams->fieldID.k3; CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.curve.a, &ecParams->curve.a)); CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.curve.b, &ecParams->curve.b)); CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.curve.seed, &ecParams->curve.seed)); CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.base, &ecParams->base)); CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.order, &ecParams->order)); key->ecParams.cofactor = ecParams->cofactor; CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.DEREncoding, &ecParams->DEREncoding)); key->ecParams.name = ecParams->name; CHECK_SEC_OK(SECITEM_CopyItem(arena, &key->ecParams.curveOID, &ecParams->curveOID)); len = (ecParams->fieldID.size + 7) >> 3; SECITEM_AllocItem(arena, &key->publicValue, 2*len + 1); len = ecParams->order.len; SECITEM_AllocItem(arena, &key->privateValue, len); /* Copy private key */ if (privKeyLen >= len) { memcpy(key->privateValue.data, privKeyBytes, len); } else { memset(key->privateValue.data, 0, (len - privKeyLen)); memcpy(key->privateValue.data + (len - privKeyLen), privKeyBytes, privKeyLen); } /* Compute corresponding public key */ CHECK_MPI_OK( mp_init(&k) ); CHECK_MPI_OK( mp_read_unsigned_octets(&k, key->privateValue.data, (mp_size) len) ); rv = ec_points_mul(ecParams, &k, NULL, NULL, &(key->publicValue)); if (rv != SECSuccess) goto cleanup; *privKey = key; cleanup: mp_clear(&k); if (rv) PORT_FreeArena(arena, PR_TRUE); #if EC_DEBUG printf("ec_NewKey returning %s\n", (rv == SECSuccess) ? "success" : "failure"); #endif #else PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG); #endif /* NSS_DISABLE_ECC */ return rv; }
SECStatus DH_NewKey(DHParams *params, DHPrivateKey **privKey) { PLArenaPool *arena; DHPrivateKey *key; mp_int g, xa, p, Ya; mp_err err = MP_OKAY; SECStatus rv = SECSuccess; if (!params || !privKey) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); if (!arena) { PORT_SetError(SEC_ERROR_NO_MEMORY); return SECFailure; } key = (DHPrivateKey *)PORT_ArenaZAlloc(arena, sizeof(DHPrivateKey)); if (!key) { PORT_SetError(SEC_ERROR_NO_MEMORY); PORT_FreeArena(arena, PR_TRUE); return SECFailure; } key->arena = arena; MP_DIGITS(&g) = 0; MP_DIGITS(&xa) = 0; MP_DIGITS(&p) = 0; MP_DIGITS(&Ya) = 0; CHECK_MPI_OK( mp_init(&g) ); CHECK_MPI_OK( mp_init(&xa) ); CHECK_MPI_OK( mp_init(&p) ); CHECK_MPI_OK( mp_init(&Ya) ); /* Set private key's p */ CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->prime, ¶ms->prime) ); SECITEM_TO_MPINT(key->prime, &p); /* Set private key's g */ CHECK_SEC_OK( SECITEM_CopyItem(arena, &key->base, ¶ms->base) ); SECITEM_TO_MPINT(key->base, &g); /* Generate private key xa */ SECITEM_AllocItem(arena, &key->privateValue, dh_GetSecretKeyLen(params->prime.len)); CHECK_SEC_OK(RNG_GenerateGlobalRandomBytes(key->privateValue.data, key->privateValue.len)); SECITEM_TO_MPINT( key->privateValue, &xa ); /* xa < p */ CHECK_MPI_OK( mp_mod(&xa, &p, &xa) ); /* Compute public key Ya = g ** xa mod p */ CHECK_MPI_OK( mp_exptmod(&g, &xa, &p, &Ya) ); MPINT_TO_SECITEM(&Ya, &key->publicValue, key->arena); *privKey = key; cleanup: mp_clear(&g); mp_clear(&xa); mp_clear(&p); mp_clear(&Ya); if (err) { MP_TO_SEC_ERROR(err); rv = SECFailure; } if (rv) { *privKey = NULL; PORT_FreeArena(arena, PR_TRUE); } return rv; }