int nss_ctx_init(TALLOC_CTX *mem_ctx,
struct crypto_mech_data *mech_props,
uint8_t *key, int keylen,
uint8_t *iv, int ivlen,
struct sss_nss_crypto_ctx **_cctx)
{
struct sss_nss_crypto_ctx *cctx;
int ret;
cctx = talloc_zero(mem_ctx, struct sss_nss_crypto_ctx);
if (!cctx) {
return ENOMEM;
}
talloc_set_destructor(cctx, sss_nss_crypto_ctx_destructor);
cctx->slot = PK11_GetBestSlot(mech_props->cipher, NULL);
if (cctx->slot == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to find security device (err %d)\n",
PR_GetError());
ret = EIO;
goto done;
}
if (keylen > 0) {
cctx->key = talloc(cctx, SECItem);
if (cctx->key == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Failed to allocate Key buffer\n");
ret = ENOMEM;
goto done;
}
if (key) {
MAKE_SECITEM(key, keylen, cctx->key);
} else {
ret = generate_random_key(cctx, cctx->slot,
mech_props, &cctx->key);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Could not generate encryption key\n");
goto done;
}
}
}
if (ivlen > 0) {
cctx->iv = talloc(cctx, SECItem);
if (cctx->iv == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Failed to allocate IV buffer\n");
ret = ENOMEM;
goto done;
}
if (iv) {
MAKE_SECITEM(iv, ivlen, cctx->iv);
} else {
ret = generate_random_key(cctx, cctx->slot,
mech_props, &cctx->iv);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Could not generate initialization vector\n");
goto done;
}
}
}
ret = EOK;
*_cctx = cctx;
done:
if (ret) talloc_zfree(cctx);
return ret;
}
int sss_password_encrypt(TALLOC_CTX *mem_ctx, const char *password, int plen,
enum obfmethod meth, char **obfpwd)
{
SECStatus sret;
int ret;
TALLOC_CTX *tmp_ctx = NULL;
struct crypto_mech_data *mech_props;
struct sss_nss_crypto_ctx *cctx;
unsigned char *plaintext;
unsigned char *cryptotext;
int ct_maxsize;
int ctlen;
unsigned int digestlen;
int result_len;
unsigned char *obfbuf;
size_t obufsize = 0;
size_t p = 0;
tmp_ctx = talloc_new(mem_ctx);
if (!tmp_ctx) {
return ENOMEM;
}
/* initialize NSS if needed */
ret = nspr_nss_init();
if (ret != EOK) {
ret = EIO;
goto done;
}
mech_props = get_crypto_mech_data(meth);
if (mech_props == NULL) {
ret = EINVAL;
goto done;
}
ret = nss_ctx_init(tmp_ctx, mech_props, &cctx);
if (ret) {
DEBUG(SSSDBG_CRIT_FAILURE, "Cannot initialize NSS context\n");
goto done;
}
/* generate random encryption and IV key */
ret = generate_random_key(cctx, cctx->slot, mech_props, &cctx->key);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, "Could not generate encryption key\n");
goto done;
}
ret = generate_random_key(cctx, cctx->slot, mech_props, &cctx->iv);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Could not generate initialization vector\n");
goto done;
}
ret = nss_encrypt_decrypt_init(mech_props, true, cctx);
if (ret) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Cannot initialize NSS context properties\n");
goto done;
}
plaintext = (unsigned char *) talloc_strndup(tmp_ctx, password, plen);
if (!plaintext) {
ret = ENOMEM;
goto done;
}
/* cryptotext buffer must be at least len(plaintext)+blocksize */
ct_maxsize = plen + (mech_props->bsize);
cryptotext = talloc_array(tmp_ctx, unsigned char, ct_maxsize);
if (!cryptotext) {
ret = ENOMEM;
goto done;
}
/* sample data we'll encrypt and decrypt */
sret = PK11_CipherOp(cctx->ectx, cryptotext, &ctlen, ct_maxsize,
plaintext, plen);
if (sret != SECSuccess) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Cannot execute the encryption operation (err %d)\n",
PR_GetError());
ret = EIO;
goto done;
}
sret = PK11_DigestFinal(cctx->ectx, cryptotext+ctlen, &digestlen,
ct_maxsize-ctlen);
if (sret != SECSuccess) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Cannot execute the digest operation (err %d)\n",
PR_GetError());
ret = EIO;
goto done;
}
result_len = ctlen + digestlen;
if (result_len < 0 || result_len > UINT16_MAX) {
ret = ERANGE;
goto done;
}
/* Pack the obfuscation buffer */
/* The buffer consists of:
* uint16_t the type of the cipher
* uint16_t length of the cryptotext in bytes (clen)
* uint8_t[klen] key
* uint8_t[blen] IV
* uint8_t[clen] cryptotext
* 4 bytes of "sentinel" denoting end of the buffer
*/
obufsize = sizeof(uint16_t) + sizeof(uint16_t) +
mech_props->keylen + mech_props->bsize +
result_len + OBF_BUFFER_SENTINEL_SIZE;
obfbuf = talloc_array(tmp_ctx, unsigned char, obufsize);
if (!obfbuf) {
ret = ENOMEM;
goto done;
}
DEBUG(SSSDBG_TRACE_INTERNAL, "Writing method: %d\n", meth);
SAFEALIGN_SET_UINT16(&obfbuf[p], meth, &p);
DEBUG(SSSDBG_TRACE_INTERNAL, "Writing bufsize: %d\n", result_len);
SAFEALIGN_SET_UINT16(&obfbuf[p], result_len, &p);
safealign_memcpy(&obfbuf[p], cctx->key->data, mech_props->keylen, &p);
safealign_memcpy(&obfbuf[p], cctx->iv->data, mech_props->bsize, &p);
safealign_memcpy(&obfbuf[p], cryptotext, result_len, &p);
safealign_memcpy(&obfbuf[p], OBF_BUFFER_SENTINEL,
OBF_BUFFER_SENTINEL_SIZE, &p);
/* Base64 encode the resulting buffer */
*obfpwd = sss_base64_encode(mem_ctx, obfbuf, obufsize);
if (*obfpwd == NULL) {
ret = ENOMEM;
goto done;
}
ret = EOK;
done:
talloc_free(tmp_ctx);
nspr_nss_cleanup();
return ret;
}
