static bool pluto_init_nss(char *nssdb)
{
SECStatus rv;
/* little lie, lsw_nss_setup doesn't have logging */
loglog(RC_LOG_SERIOUS, "NSS DB directory: sql:%s", nssdb);
lsw_nss_buf_t err;
if (!lsw_nss_setup(nssdb, LSW_NSS_READONLY, lsw_nss_get_password, err)) {
loglog(RC_LOG_SERIOUS, "%s", err);
return FALSE;
}
libreswan_log("NSS initialized");
/*
* This exists purely to make the BSI happy.
* We do not inflict this on other users
*/
if (pluto_nss_seedbits != 0) {
int seedbytes = BYTES_FOR_BITS(pluto_nss_seedbits);
unsigned char *buf = alloc_bytes(seedbytes,"TLA seedmix");
get_bsi_random(seedbytes, buf); /* much TLA, very blocking */
rv = PK11_RandomUpdate(buf, seedbytes);
libreswan_log("seeded %d bytes into the NSS PRNG", seedbytes);
passert(rv == SECSuccess);
messupn(buf, seedbytes);
pfree(buf);
}
return TRUE;
}
static bool pluto_init_nss(char *nssdb)
{
SECStatus rv;
char dbuf[1024];
snprintf(dbuf, sizeof(dbuf), "sql:%s", nssdb);
loglog(RC_LOG_SERIOUS, "NSS DB directory: %s", dbuf);
rv = NSS_Initialize(dbuf, "", "", SECMOD_DB, NSS_INIT_READONLY);
if (rv != SECSuccess) {
loglog(RC_LOG_SERIOUS, "NSS readonly initialization (\"%s\") failed (err %d)\n",
dbuf, PR_GetError());
return FALSE;
}
libreswan_log("NSS initialized");
PK11_SetPasswordFunc(getNSSPassword);
/*
* This exists purely to make the BSI happy.
* We do not inflict this on other users
*/
if (pluto_nss_seedbits != 0) {
int seedbytes = BYTES_FOR_BITS(pluto_nss_seedbits);
unsigned char *buf = alloc_bytes(seedbytes,"TLA seedmix");
get_bsi_random(seedbytes, buf); /* much TLA, very blocking */
rv = PK11_RandomUpdate(buf, seedbytes);
libreswan_log("seeded %d bytes into the NSS PRNG", seedbytes);
passert(rv == SECSuccess);
messupn(buf, seedbytes);
pfree(buf);
}
return TRUE;
}
/*
* UpdateRNG - Updates NSS's PRNG with user generated entropy
*
* pluto and rsasigkey use the NSS crypto library as its random source.
* Some government Three Letter Agencies require that pluto reads additional
* bits from /dev/random and feed these into the NSS RNG before drawing random
* from the NSS library, despite the NSS library itself already seeding its
* internal state. This process can block pluto or rsasigkey for an extended
* time during startup, depending on the entropy of the system. Therefore
* the default is to not perform this redundant seeding. If specifying a
* value, it is recommended to specify at least 460 bits (for FIPS) or 440
* bits (for BSI).
*/
static void UpdateNSS_RNG(int seedbits)
{
SECStatus rv;
int seedbytes = BYTES_FOR_BITS(seedbits);
unsigned char *buf = alloc_bytes(seedbytes,"TLA seedmix");
lsw_random(seedbytes, buf);
rv = PK11_RandomUpdate(buf, seedbytes);
assert(rv == SECSuccess);
messupn(buf, seedbytes);
pfree(buf);
}
/*
* bundle - bundle e and n into an RFC2537-format chunk_t
*/
static char *base64_bundle(int e, chunk_t modulus)
{
/*
* Pack the single-byte exponent into a byte array.
*/
assert(e <= 255);
u_char exponent_byte = 1;
chunk_t exponent = {
.ptr = &exponent_byte,
.len = 1,
};
/*
* Create the resource record.
*/
char *bundle;
err_t err = rsa_pubkey_to_base64(exponent, modulus, &bundle);
if (err) {
fprintf(stderr, "%s: can't-happen bundle convert error `%s'\n",
progname, err);
exit(1);
}
return bundle;
}
/* UpdateRNG - Updates NSS's PRNG with user generated entropy. */
static void UpdateNSS_RNG(int seedbits)
{
SECStatus rv;
int seedbytes = BYTES_FOR_BITS(seedbits);
unsigned char *buf = alloc_bytes(seedbytes,"TLA seedmix");
getrandom(seedbytes, buf);
rv = PK11_RandomUpdate(buf, seedbytes);
assert(rv == SECSuccess);
messupn(buf, seedbytes);
pfree(buf);
}
