diff options
author | nicolson%netscape.com <devnull@localhost> | 2002-09-28 00:48:32 +0000 |
---|---|---|
committer | nicolson%netscape.com <devnull@localhost> | 2002-09-28 00:48:32 +0000 |
commit | 187b2dd41ff9e62c0f85e7184a63412f40179a83 (patch) | |
tree | 21eae7278d53db00cebb3787a30df7952a80088a | |
parent | 5501545c5e4601d8376fcf45e4f40affdaca6935 (diff) | |
download | nss-hg-187b2dd41ff9e62c0f85e7184a63412f40179a83.tar.gz |
Fix 128172: function to convert a session key to a token key.
-rw-r--r-- | security/nss/lib/nss/nss.def | 2 | ||||
-rw-r--r-- | security/nss/lib/pk11wrap/pk11func.h | 5 | ||||
-rw-r--r-- | security/nss/lib/pk11wrap/pk11skey.c | 59 |
3 files changed, 66 insertions, 0 deletions
diff --git a/security/nss/lib/nss/nss.def b/security/nss/lib/nss/nss.def index 94c2b2f1d..61a631c4f 100644 --- a/security/nss/lib/nss/nss.def +++ b/security/nss/lib/nss/nss.def @@ -697,6 +697,8 @@ CERT_VerifyCACertForUsage; CERT_VerifyCertificate; CERT_VerifyCertificateNow; CERT_VerifyOCSPResponseSignature; +PK11_ConvertSessionPrivKeyToTokenPrivKey; +PK11_ConvertSessionSymKeyToTokenSymKey; PK11_GetModInfo; PK11_GetPBEIV; PK11_ImportCRL; diff --git a/security/nss/lib/pk11wrap/pk11func.h b/security/nss/lib/pk11wrap/pk11func.h index ba409619a..37f101237 100644 --- a/security/nss/lib/pk11wrap/pk11func.h +++ b/security/nss/lib/pk11wrap/pk11func.h @@ -376,6 +376,11 @@ SECKEYPQGParams *PK11_GetPQGParamsFromPrivateKey(SECKEYPrivateKey *privKey); /* depricated */ SECKEYPrivateKeyList* PK11_ListPrivateKeysInSlot(PK11SlotInfo *slot); +PK11SymKey *PK11_ConvertSessionSymKeyToTokenSymKey(PK11SymKey *symk, + void *wincx); +SECKEYPrivateKey *PK11_ConvertSessionPrivKeyToTokenPrivKey( + SECKEYPrivateKey *privk, void* wincx); + /********************************************************************** * Certs **********************************************************************/ diff --git a/security/nss/lib/pk11wrap/pk11skey.c b/security/nss/lib/pk11wrap/pk11skey.c index 183d0af38..fb3b72847 100644 --- a/security/nss/lib/pk11wrap/pk11skey.c +++ b/security/nss/lib/pk11wrap/pk11skey.c @@ -5096,3 +5096,62 @@ PK11_GetNextSymKey(PK11SymKey *symKey) { return symKey ? symKey->next : NULL; } + + +SECKEYPrivateKey* +PK11_ConvertSessionPrivKeyToTokenPrivKey(SECKEYPrivateKey *privk, void* wincx) +{ + PK11SlotInfo* slot = privk->pkcs11Slot; + CK_ATTRIBUTE template[1]; + CK_ATTRIBUTE *attrs = template; + CK_BBOOL cktrue = CK_TRUE; + CK_RV crv; + CK_OBJECT_HANDLE newKeyID; + SECKEYPrivateKey *newKey=NULL; + CK_SESSION_HANDLE rwsession; + + PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue)); attrs++; + + PK11_Authenticate(slot, PR_TRUE, wincx); + rwsession = PK11_GetRWSession(slot); + crv = PK11_GETTAB(slot)->C_CopyObject(rwsession, privk->pkcs11ID, + template, 1, &newKeyID); + PK11_RestoreROSession(slot, rwsession); + + if (crv != CKR_OK) { + PORT_SetError( PK11_MapError(crv) ); + return NULL; + } + + return PK11_MakePrivKey(slot, nullKey /*KeyType*/, PR_FALSE /*isTemp*/, + newKeyID, NULL /*wincx*/); +} + +PK11SymKey* +PK11_ConvertSessionSymKeyToTokenSymKey(PK11SymKey *symk, void *wincx) +{ + PK11SlotInfo* slot = symk->slot; + CK_ATTRIBUTE template[1]; + CK_ATTRIBUTE *attrs = template; + CK_BBOOL cktrue = CK_TRUE; + CK_RV crv; + CK_OBJECT_HANDLE newKeyID; + PK11SymKey *newKey=NULL; + CK_SESSION_HANDLE rwsession; + + PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue)); attrs++; + + PK11_Authenticate(slot, PR_TRUE, wincx); + rwsession = PK11_GetRWSession(slot); + crv = PK11_GETTAB(slot)->C_CopyObject(rwsession, symk->objectID, + template, 1, &newKeyID); + PK11_RestoreROSession(slot, rwsession); + + if (crv != CKR_OK) { + PORT_SetError( PK11_MapError(crv) ); + return NULL; + } + + return PK11_SymKeyFromHandle(slot, NULL /*parent*/, symk->origin, + symk->type, newKeyID, PR_FALSE /*owner*/, NULL /*wincx*/); +} |