diff options
author | nelsonb%netscape.com <devnull@localhost> | 2003-01-22 03:13:04 +0000 |
---|---|---|
committer | nelsonb%netscape.com <devnull@localhost> | 2003-01-22 03:13:04 +0000 |
commit | ed5c95b8ccf5bba2718db3acb7e9b706b3a3bcd7 (patch) | |
tree | bac69c427ec45730427decab07de0e6337055ace /security/nss/lib/softoken | |
parent | 35bb8f91ee2b7286704f83836d08676ee4bbdff7 (diff) | |
download | nss-hg-ed5c95b8ccf5bba2718db3acb7e9b706b3a3bcd7.tar.gz |
Implement new AES Key Wrap mechanisms. Bug 167818.
Diffstat (limited to 'security/nss/lib/softoken')
-rw-r--r-- | security/nss/lib/softoken/pkcs11.c | 3 | ||||
-rw-r--r-- | security/nss/lib/softoken/pkcs11c.c | 34 | ||||
-rw-r--r-- | security/nss/lib/softoken/pkcs11n.h | 4 |
3 files changed, 36 insertions, 5 deletions
diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c index 90809a9c4..247d82943 100644 --- a/security/nss/lib/softoken/pkcs11.c +++ b/security/nss/lib/softoken/pkcs11.c @@ -406,6 +406,9 @@ static const struct mechanismList mechanisms[] = { {CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN, {20,20, CKF_GENERATE}, PR_TRUE}, {CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN, {16,16, CKF_GENERATE}, PR_TRUE}, {CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN, {16,16, CKF_GENERATE}, PR_TRUE}, + /* ------------------ AES Key Wrap (also encrypt) ------------------- */ + {CKM_NETSCAPE_AES_KEY_WRAP, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE}, + {CKM_NETSCAPE_AES_KEY_WRAP_PAD, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE}, }; static const CK_ULONG mechanismCount = sizeof(mechanisms)/sizeof(mechanisms[0]); diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index a38eb35d9..294eb9cab 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -170,11 +170,6 @@ pk11_cdmf2des(unsigned char *cdmfkey, unsigned char *deskey) } -static CK_RV -pk11_CryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, - CK_OBJECT_HANDLE hKey, CK_ATTRIBUTE_TYPE etype, - PK11ContextType contextType, PRBool isEncrypt); - /* NSC_DestroyObject destroys an object. */ CK_RV NSC_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject) @@ -651,8 +646,37 @@ finish_des: } context->update = (PK11Cipher) (isEncrypt ? AES_Encrypt : AES_Decrypt); context->destroy = (PK11Destroy) AES_DestroyContext; + break; + case CKM_NETSCAPE_AES_KEY_WRAP_PAD: + context->doPad = PR_TRUE; + /* fall thru */ + case CKM_NETSCAPE_AES_KEY_WRAP: + context->multi = PR_FALSE; + context->blockSize = 8; + if (key_type != CKK_AES) { + crv = CKR_KEY_TYPE_INCONSISTENT; + break; + } + att = pk11_FindAttribute(key,CKA_VALUE); + if (att == NULL) { + crv = CKR_KEY_HANDLE_INVALID; + break; + } + context->cipherInfo = AESKeyWrap_CreateContext( + (unsigned char*)att->attrib.pValue, + (unsigned char*)pMechanism->pParameter, + isEncrypt, att->attrib.ulValueLen); + pk11_FreeAttribute(att); + if (context->cipherInfo == NULL) { + crv = CKR_HOST_MEMORY; + break; + } + context->update = (PK11Cipher) (isEncrypt ? AESKeyWrap_Encrypt + : AESKeyWrap_Decrypt); + context->destroy = (PK11Destroy) AESKeyWrap_DestroyContext; break; + default: crv = CKR_MECHANISM_INVALID; break; diff --git a/security/nss/lib/softoken/pkcs11n.h b/security/nss/lib/softoken/pkcs11n.h index 82dcddd2a..4aaa8a8fb 100644 --- a/security/nss/lib/softoken/pkcs11n.h +++ b/security/nss/lib/softoken/pkcs11n.h @@ -146,6 +146,10 @@ static const char CKT_CVS_ID[] = "@(#) $RCSfile$ $Revision$ $Date$ $Name$"; * */ #define CKM_NETSCAPE (CKM_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE) + +#define CKM_NETSCAPE_AES_KEY_WRAP (CKM_NETSCAPE + 1) +#define CKM_NETSCAPE_AES_KEY_WRAP_PAD (CKM_NETSCAPE + 2) + /* * HISTORICAL: * Do not attempt to use these. They are only used by NETSCAPE's internal |