pk11mech.c (63487B)
1 /* This Source Code Form is subject to the terms of the Mozilla Public 2 * License, v. 2.0. If a copy of the MPL was not distributed with this 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 4 /* 5 * This file maps various PKCS #11 Mechanisms to related mechanisms, key 6 * types, and ASN.1 encodings. 7 */ 8 #include "seccomon.h" 9 #include "secmod.h" 10 #include "secmodi.h" 11 #include "pkcs11t.h" 12 #include "pk11func.h" 13 #include "secitem.h" 14 #include "secder.h" 15 #include "secasn1.h" 16 #include "secoid.h" 17 #include "secerr.h" 18 19 /************************************************************* 20 * local static and global data 21 *************************************************************/ 22 23 /* 24 * Tables used for Extended mechanism mapping (currently not used) 25 */ 26 typedef struct { 27 CK_MECHANISM_TYPE keyGen; 28 CK_KEY_TYPE keyType; 29 CK_MECHANISM_TYPE type; 30 CK_MECHANISM_TYPE padType; 31 int blockSize; 32 int iv; 33 } pk11MechanismData; 34 35 static pk11MechanismData pk11_default = { CKM_GENERIC_SECRET_KEY_GEN, CKK_GENERIC_SECRET, 36 CKM_FAKE_RANDOM, CKM_FAKE_RANDOM, 8, 8 }; 37 static pk11MechanismData *pk11_MechanismTable = NULL; 38 static int pk11_MechTableSize = 0; 39 static int pk11_MechEntrySize = 0; 40 41 /* 42 * list of mechanisms we're willing to wrap secret keys with. 43 * This list is ordered by preference. 44 */ 45 CK_MECHANISM_TYPE wrapMechanismList[] = { 46 CKM_DES3_ECB, 47 CKM_CAST5_ECB, 48 CKM_AES_ECB, 49 CKM_CAMELLIA_ECB, 50 CKM_SEED_ECB, 51 CKM_CAST5_ECB, 52 CKM_DES_ECB, 53 CKM_KEY_WRAP_LYNKS, 54 CKM_IDEA_ECB, 55 CKM_CAST3_ECB, 56 CKM_CAST_ECB, 57 CKM_RC5_ECB, 58 CKM_RC2_ECB, 59 CKM_CDMF_ECB, 60 CKM_SKIPJACK_WRAP, 61 }; 62 63 int wrapMechanismCount = sizeof(wrapMechanismList) / sizeof(wrapMechanismList[0]); 64 65 /********************************************************************* 66 * Mechanism Mapping functions 67 *********************************************************************/ 68 69 /* 70 * lookup an entry in the mechanism table. If none found, return the 71 * default structure. 72 */ 73 static pk11MechanismData * 74 pk11_lookup(CK_MECHANISM_TYPE type) 75 { 76 int i; 77 for (i = 0; i < pk11_MechEntrySize; i++) { 78 if (pk11_MechanismTable[i].type == type) { 79 return (&pk11_MechanismTable[i]); 80 } 81 } 82 return &pk11_default; 83 } 84 85 /* 86 * find the best key wrap mechanism for this slot. 87 */ 88 CK_MECHANISM_TYPE 89 PK11_GetBestWrapMechanism(PK11SlotInfo *slot) 90 { 91 int i; 92 for (i = 0; i < wrapMechanismCount; i++) { 93 if (PK11_DoesMechanism(slot, wrapMechanismList[i])) { 94 return wrapMechanismList[i]; 95 } 96 } 97 return CKM_INVALID_MECHANISM; 98 } 99 100 /* 101 * NOTE: This is not thread safe. Called at init time, and when loading 102 * a new Entry. It is reasonably safe as long as it is not re-entered 103 * (readers will always see a consistant table) 104 * 105 * This routine is called to add entries to the mechanism table, once there, 106 * they can not be removed. 107 */ 108 void 109 PK11_AddMechanismEntry(CK_MECHANISM_TYPE type, CK_KEY_TYPE key, 110 CK_MECHANISM_TYPE keyGen, 111 CK_MECHANISM_TYPE padType, 112 int ivLen, int blockSize) 113 { 114 int tableSize = pk11_MechTableSize; 115 int size = pk11_MechEntrySize; 116 int entry = size++; 117 pk11MechanismData *old = pk11_MechanismTable; 118 pk11MechanismData *newt = pk11_MechanismTable; 119 120 if (size > tableSize) { 121 int oldTableSize = tableSize; 122 tableSize += 10; 123 newt = PORT_NewArray(pk11MechanismData, tableSize); 124 if (newt == NULL) 125 return; 126 127 if (old) 128 PORT_Memcpy(newt, old, oldTableSize * sizeof(*newt)); 129 } else 130 old = NULL; 131 132 newt[entry].type = type; 133 newt[entry].keyType = key; 134 newt[entry].keyGen = keyGen; 135 newt[entry].padType = padType; 136 newt[entry].iv = ivLen; 137 newt[entry].blockSize = blockSize; 138 139 pk11_MechanismTable = newt; 140 pk11_MechTableSize = tableSize; 141 pk11_MechEntrySize = size; 142 if (old) 143 PORT_Free(old); 144 } 145 146 /* 147 * Get the mechanism needed for the given key type 148 */ 149 CK_MECHANISM_TYPE 150 PK11_GetKeyMechanism(CK_KEY_TYPE type) 151 { 152 switch (type) { 153 case CKK_SEED: 154 return CKM_SEED_CBC; 155 case CKK_CAMELLIA: 156 return CKM_CAMELLIA_CBC; 157 case CKK_NSS_CHACHA20: 158 return CKM_NSS_CHACHA20_POLY1305; 159 case CKK_CHACHA20: 160 return CKM_CHACHA20_POLY1305; 161 case CKK_AES: 162 return CKM_AES_CBC; 163 case CKK_DES: 164 return CKM_DES_CBC; 165 case CKK_DES3: 166 return CKM_DES3_KEY_GEN; 167 case CKK_DES2: 168 return CKM_DES2_KEY_GEN; 169 case CKK_CDMF: 170 return CKM_CDMF_CBC; 171 case CKK_RC2: 172 return CKM_RC2_CBC; 173 case CKK_RC4: 174 return CKM_RC4; 175 case CKK_RC5: 176 return CKM_RC5_CBC; 177 case CKK_SKIPJACK: 178 return CKM_SKIPJACK_CBC64; 179 case CKK_BATON: 180 return CKM_BATON_CBC128; 181 case CKK_JUNIPER: 182 return CKM_JUNIPER_CBC128; 183 case CKK_IDEA: 184 return CKM_IDEA_CBC; 185 case CKK_CAST: 186 return CKM_CAST_CBC; 187 case CKK_CAST3: 188 return CKM_CAST3_CBC; 189 case CKK_CAST5: 190 return CKM_CAST5_CBC; 191 case CKK_RSA: 192 return CKM_RSA_PKCS; 193 case CKK_DSA: 194 return CKM_DSA; 195 case CKK_DH: 196 return CKM_DH_PKCS_DERIVE; 197 case CKK_KEA: 198 return CKM_KEA_KEY_DERIVE; 199 case CKK_EC: /* CKK_ECDSA is deprecated */ 200 return CKM_ECDSA; 201 case CKK_EC_EDWARDS: 202 return CKM_EDDSA; 203 case CKK_HKDF: 204 return CKM_HKDF_DERIVE; 205 case CKK_ML_DSA: 206 return CKM_ML_DSA; 207 case CKK_GENERIC_SECRET: 208 default: 209 return CKM_SHA_1_HMAC; 210 } 211 } 212 213 /* 214 * Get the key type needed for the given mechanism 215 */ 216 CK_KEY_TYPE 217 PK11_GetKeyType(CK_MECHANISM_TYPE type, unsigned long len) 218 { 219 switch (type) { 220 case CKM_SEED_ECB: 221 case CKM_SEED_CBC: 222 case CKM_SEED_MAC: 223 case CKM_SEED_MAC_GENERAL: 224 case CKM_SEED_CBC_PAD: 225 case CKM_SEED_KEY_GEN: 226 return CKK_SEED; 227 case CKM_CAMELLIA_ECB: 228 case CKM_CAMELLIA_CBC: 229 case CKM_CAMELLIA_MAC: 230 case CKM_CAMELLIA_MAC_GENERAL: 231 case CKM_CAMELLIA_CBC_PAD: 232 case CKM_CAMELLIA_KEY_GEN: 233 return CKK_CAMELLIA; 234 case CKM_NSS_CHACHA20_POLY1305: 235 case CKM_NSS_CHACHA20_KEY_GEN: 236 case CKM_NSS_CHACHA20_CTR: 237 return CKK_NSS_CHACHA20; 238 case CKM_CHACHA20_POLY1305: 239 case CKM_CHACHA20_KEY_GEN: 240 case CKM_CHACHA20: 241 return CKK_CHACHA20; 242 case CKM_AES_ECB: 243 case CKM_AES_CBC: 244 case CKM_AES_CCM: 245 case CKM_AES_CTR: 246 case CKM_AES_CTS: 247 case CKM_AES_GCM: 248 case CKM_AES_MAC: 249 case CKM_AES_MAC_GENERAL: 250 case CKM_AES_CMAC: 251 case CKM_AES_CMAC_GENERAL: 252 case CKM_AES_CBC_PAD: 253 case CKM_AES_KEY_GEN: 254 case CKM_NSS_AES_KEY_WRAP: 255 case CKM_NSS_AES_KEY_WRAP_PAD: 256 case CKM_AES_KEY_WRAP: 257 case CKM_AES_KEY_WRAP_KWP: 258 case CKM_AES_XCBC_MAC: 259 case CKM_AES_XCBC_MAC_96: 260 return CKK_AES; 261 case CKM_DES_ECB: 262 case CKM_DES_CBC: 263 case CKM_DES_MAC: 264 case CKM_DES_MAC_GENERAL: 265 case CKM_DES_CBC_PAD: 266 case CKM_DES_KEY_GEN: 267 case CKM_KEY_WRAP_LYNKS: 268 case CKM_PBE_MD2_DES_CBC: 269 case CKM_PBE_MD5_DES_CBC: 270 return CKK_DES; 271 case CKM_DES3_ECB: 272 case CKM_DES3_CBC: 273 case CKM_DES3_MAC: 274 case CKM_DES3_MAC_GENERAL: 275 case CKM_DES3_CBC_PAD: 276 return (len == 16) ? CKK_DES2 : CKK_DES3; 277 case CKM_DES2_KEY_GEN: 278 case CKM_PBE_SHA1_DES2_EDE_CBC: 279 return CKK_DES2; 280 case CKM_PBE_SHA1_DES3_EDE_CBC: 281 case CKM_DES3_KEY_GEN: 282 return CKK_DES3; 283 case CKM_CDMF_ECB: 284 case CKM_CDMF_CBC: 285 case CKM_CDMF_MAC: 286 case CKM_CDMF_MAC_GENERAL: 287 case CKM_CDMF_CBC_PAD: 288 case CKM_CDMF_KEY_GEN: 289 return CKK_CDMF; 290 case CKM_RC2_ECB: 291 case CKM_RC2_CBC: 292 case CKM_RC2_MAC: 293 case CKM_RC2_MAC_GENERAL: 294 case CKM_RC2_CBC_PAD: 295 case CKM_RC2_KEY_GEN: 296 case CKM_PBE_SHA1_RC2_128_CBC: 297 case CKM_PBE_SHA1_RC2_40_CBC: 298 return CKK_RC2; 299 case CKM_RC4: 300 case CKM_RC4_KEY_GEN: 301 return CKK_RC4; 302 case CKM_RC5_ECB: 303 case CKM_RC5_CBC: 304 case CKM_RC5_MAC: 305 case CKM_RC5_MAC_GENERAL: 306 case CKM_RC5_CBC_PAD: 307 case CKM_RC5_KEY_GEN: 308 return CKK_RC5; 309 case CKM_SKIPJACK_CBC64: 310 case CKM_SKIPJACK_ECB64: 311 case CKM_SKIPJACK_OFB64: 312 case CKM_SKIPJACK_CFB64: 313 case CKM_SKIPJACK_CFB32: 314 case CKM_SKIPJACK_CFB16: 315 case CKM_SKIPJACK_CFB8: 316 case CKM_SKIPJACK_KEY_GEN: 317 case CKM_SKIPJACK_WRAP: 318 case CKM_SKIPJACK_PRIVATE_WRAP: 319 return CKK_SKIPJACK; 320 case CKM_BATON_ECB128: 321 case CKM_BATON_ECB96: 322 case CKM_BATON_CBC128: 323 case CKM_BATON_COUNTER: 324 case CKM_BATON_SHUFFLE: 325 case CKM_BATON_WRAP: 326 case CKM_BATON_KEY_GEN: 327 return CKK_BATON; 328 case CKM_JUNIPER_ECB128: 329 case CKM_JUNIPER_CBC128: 330 case CKM_JUNIPER_COUNTER: 331 case CKM_JUNIPER_SHUFFLE: 332 case CKM_JUNIPER_WRAP: 333 case CKM_JUNIPER_KEY_GEN: 334 return CKK_JUNIPER; 335 case CKM_IDEA_CBC: 336 case CKM_IDEA_ECB: 337 case CKM_IDEA_MAC: 338 case CKM_IDEA_MAC_GENERAL: 339 case CKM_IDEA_CBC_PAD: 340 case CKM_IDEA_KEY_GEN: 341 return CKK_IDEA; 342 case CKM_CAST_ECB: 343 case CKM_CAST_CBC: 344 case CKM_CAST_MAC: 345 case CKM_CAST_MAC_GENERAL: 346 case CKM_CAST_CBC_PAD: 347 case CKM_CAST_KEY_GEN: 348 case CKM_PBE_MD5_CAST_CBC: 349 return CKK_CAST; 350 case CKM_CAST3_ECB: 351 case CKM_CAST3_CBC: 352 case CKM_CAST3_MAC: 353 case CKM_CAST3_MAC_GENERAL: 354 case CKM_CAST3_CBC_PAD: 355 case CKM_CAST3_KEY_GEN: 356 case CKM_PBE_MD5_CAST3_CBC: 357 return CKK_CAST3; 358 case CKM_CAST5_ECB: 359 case CKM_CAST5_CBC: 360 case CKM_CAST5_MAC: 361 case CKM_CAST5_MAC_GENERAL: 362 case CKM_CAST5_CBC_PAD: 363 case CKM_CAST5_KEY_GEN: 364 case CKM_PBE_MD5_CAST5_CBC: 365 return CKK_CAST5; 366 case CKM_RSA_PKCS: 367 case CKM_RSA_9796: 368 case CKM_RSA_X_509: 369 case CKM_MD2_RSA_PKCS: 370 case CKM_MD5_RSA_PKCS: 371 case CKM_SHA1_RSA_PKCS: 372 case CKM_SHA224_RSA_PKCS: 373 case CKM_SHA256_RSA_PKCS: 374 case CKM_SHA384_RSA_PKCS: 375 case CKM_SHA512_RSA_PKCS: 376 case CKM_KEY_WRAP_SET_OAEP: 377 case CKM_RSA_PKCS_KEY_PAIR_GEN: 378 case CKM_RSA_X9_31_KEY_PAIR_GEN: 379 return CKK_RSA; 380 case CKM_DSA: 381 case CKM_DSA_SHA1: 382 case CKM_DSA_KEY_PAIR_GEN: 383 return CKK_DSA; 384 case CKM_DH_PKCS_DERIVE: 385 case CKM_DH_PKCS_KEY_PAIR_GEN: 386 return CKK_DH; 387 case CKM_KEA_KEY_DERIVE: 388 case CKM_KEA_KEY_PAIR_GEN: 389 return CKK_KEA; 390 case CKM_ECDSA: 391 case CKM_ECDSA_SHA1: 392 case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */ 393 case CKM_ECDH1_DERIVE: 394 return CKK_EC; /* CKK_ECDSA is deprecated */ 395 case CKM_EC_EDWARDS_KEY_PAIR_GEN: 396 case CKM_EDDSA: 397 return CKK_EC_EDWARDS; 398 case CKM_HKDF_KEY_GEN: 399 case CKM_HKDF_DERIVE: 400 case CKM_HKDF_DATA: 401 return CKK_HKDF; 402 case CKM_SSL3_PRE_MASTER_KEY_GEN: 403 case CKM_GENERIC_SECRET_KEY_GEN: 404 case CKM_SSL3_MASTER_KEY_DERIVE: 405 case CKM_SSL3_MASTER_KEY_DERIVE_DH: 406 case CKM_SSL3_KEY_AND_MAC_DERIVE: 407 case CKM_SSL3_SHA1_MAC: 408 case CKM_SSL3_MD5_MAC: 409 case CKM_TLS_MASTER_KEY_DERIVE: 410 case CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256: 411 case CKM_TLS_MASTER_KEY_DERIVE_DH: 412 case CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256: 413 case CKM_TLS_KEY_AND_MAC_DERIVE: 414 case CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256: 415 case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE: 416 case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH: 417 case CKM_SHA_1_HMAC: 418 case CKM_SHA_1_HMAC_GENERAL: 419 case CKM_SHA224_HMAC: 420 case CKM_SHA224_HMAC_GENERAL: 421 case CKM_SHA256_HMAC: 422 case CKM_SHA256_HMAC_GENERAL: 423 case CKM_SHA384_HMAC: 424 case CKM_SHA384_HMAC_GENERAL: 425 case CKM_SHA512_HMAC: 426 case CKM_SHA512_HMAC_GENERAL: 427 case CKM_MD2_HMAC: 428 case CKM_MD2_HMAC_GENERAL: 429 case CKM_MD5_HMAC: 430 case CKM_MD5_HMAC_GENERAL: 431 case CKM_TLS_PRF_GENERAL: 432 case CKM_NSS_TLS_PRF_GENERAL_SHA256: 433 return CKK_GENERIC_SECRET; 434 case CKM_NSS_KYBER_KEY_PAIR_GEN: 435 return CKK_NSS_KYBER; 436 case CKM_NSS_ML_KEM_KEY_PAIR_GEN: 437 return CKK_NSS_ML_KEM; 438 case CKM_ML_DSA_KEY_PAIR_GEN: 439 case CKM_ML_DSA: 440 return CKK_ML_DSA; 441 default: 442 return pk11_lookup(type)->keyType; 443 } 444 } 445 446 /* 447 * Get the Key Gen Mechanism needed for the given 448 * crypto mechanism 449 */ 450 CK_MECHANISM_TYPE 451 PK11_GetKeyGen(CK_MECHANISM_TYPE type) 452 { 453 return PK11_GetKeyGenWithSize(type, 0); 454 } 455 456 CK_MECHANISM_TYPE 457 PK11_GetKeyGenWithSize(CK_MECHANISM_TYPE type, int size) 458 { 459 switch (type) { 460 case CKM_SEED_ECB: 461 case CKM_SEED_CBC: 462 case CKM_SEED_MAC: 463 case CKM_SEED_MAC_GENERAL: 464 case CKM_SEED_CBC_PAD: 465 case CKM_SEED_KEY_GEN: 466 return CKM_SEED_KEY_GEN; 467 case CKM_CAMELLIA_ECB: 468 case CKM_CAMELLIA_CBC: 469 case CKM_CAMELLIA_MAC: 470 case CKM_CAMELLIA_MAC_GENERAL: 471 case CKM_CAMELLIA_CBC_PAD: 472 case CKM_CAMELLIA_KEY_GEN: 473 return CKM_CAMELLIA_KEY_GEN; 474 case CKM_NSS_CHACHA20_POLY1305: 475 case CKM_NSS_CHACHA20_CTR: 476 return CKM_NSS_CHACHA20_KEY_GEN; 477 case CKM_CHACHA20_POLY1305: 478 case CKM_CHACHA20: 479 return CKM_CHACHA20_KEY_GEN; 480 case CKM_AES_ECB: 481 case CKM_AES_CBC: 482 case CKM_AES_CCM: 483 case CKM_AES_CTR: 484 case CKM_AES_CTS: 485 case CKM_AES_GCM: 486 case CKM_AES_MAC: 487 case CKM_AES_MAC_GENERAL: 488 case CKM_AES_CMAC: 489 case CKM_AES_CMAC_GENERAL: 490 case CKM_AES_CBC_PAD: 491 case CKM_AES_KEY_GEN: 492 return CKM_AES_KEY_GEN; 493 case CKM_DES_ECB: 494 case CKM_DES_CBC: 495 case CKM_DES_MAC: 496 case CKM_DES_MAC_GENERAL: 497 case CKM_KEY_WRAP_LYNKS: 498 case CKM_DES_CBC_PAD: 499 case CKM_DES_KEY_GEN: 500 return CKM_DES_KEY_GEN; 501 case CKM_DES3_ECB: 502 case CKM_DES3_CBC: 503 case CKM_DES3_MAC: 504 case CKM_DES3_MAC_GENERAL: 505 case CKM_DES3_CBC_PAD: 506 return (size == 16) ? CKM_DES2_KEY_GEN : CKM_DES3_KEY_GEN; 507 case CKM_DES3_KEY_GEN: 508 return CKM_DES3_KEY_GEN; 509 case CKM_DES2_KEY_GEN: 510 return CKM_DES2_KEY_GEN; 511 case CKM_CDMF_ECB: 512 case CKM_CDMF_CBC: 513 case CKM_CDMF_MAC: 514 case CKM_CDMF_MAC_GENERAL: 515 case CKM_CDMF_CBC_PAD: 516 case CKM_CDMF_KEY_GEN: 517 return CKM_CDMF_KEY_GEN; 518 case CKM_RC2_ECB: 519 case CKM_RC2_CBC: 520 case CKM_RC2_MAC: 521 case CKM_RC2_MAC_GENERAL: 522 case CKM_RC2_CBC_PAD: 523 case CKM_RC2_KEY_GEN: 524 return CKM_RC2_KEY_GEN; 525 case CKM_RC4: 526 case CKM_RC4_KEY_GEN: 527 return CKM_RC4_KEY_GEN; 528 case CKM_RC5_ECB: 529 case CKM_RC5_CBC: 530 case CKM_RC5_MAC: 531 case CKM_RC5_MAC_GENERAL: 532 case CKM_RC5_CBC_PAD: 533 case CKM_RC5_KEY_GEN: 534 return CKM_RC5_KEY_GEN; 535 case CKM_SKIPJACK_CBC64: 536 case CKM_SKIPJACK_ECB64: 537 case CKM_SKIPJACK_OFB64: 538 case CKM_SKIPJACK_CFB64: 539 case CKM_SKIPJACK_CFB32: 540 case CKM_SKIPJACK_CFB16: 541 case CKM_SKIPJACK_CFB8: 542 case CKM_SKIPJACK_WRAP: 543 case CKM_SKIPJACK_KEY_GEN: 544 return CKM_SKIPJACK_KEY_GEN; 545 case CKM_BATON_ECB128: 546 case CKM_BATON_ECB96: 547 case CKM_BATON_CBC128: 548 case CKM_BATON_COUNTER: 549 case CKM_BATON_SHUFFLE: 550 case CKM_BATON_WRAP: 551 case CKM_BATON_KEY_GEN: 552 return CKM_BATON_KEY_GEN; 553 case CKM_JUNIPER_ECB128: 554 case CKM_JUNIPER_CBC128: 555 case CKM_JUNIPER_COUNTER: 556 case CKM_JUNIPER_SHUFFLE: 557 case CKM_JUNIPER_WRAP: 558 case CKM_JUNIPER_KEY_GEN: 559 return CKM_JUNIPER_KEY_GEN; 560 case CKM_IDEA_CBC: 561 case CKM_IDEA_ECB: 562 case CKM_IDEA_MAC: 563 case CKM_IDEA_MAC_GENERAL: 564 case CKM_IDEA_CBC_PAD: 565 case CKM_IDEA_KEY_GEN: 566 return CKM_IDEA_KEY_GEN; 567 case CKM_CAST_ECB: 568 case CKM_CAST_CBC: 569 case CKM_CAST_MAC: 570 case CKM_CAST_MAC_GENERAL: 571 case CKM_CAST_CBC_PAD: 572 case CKM_CAST_KEY_GEN: 573 return CKM_CAST_KEY_GEN; 574 case CKM_CAST3_ECB: 575 case CKM_CAST3_CBC: 576 case CKM_CAST3_MAC: 577 case CKM_CAST3_MAC_GENERAL: 578 case CKM_CAST3_CBC_PAD: 579 case CKM_CAST3_KEY_GEN: 580 return CKM_CAST3_KEY_GEN; 581 case CKM_CAST5_ECB: 582 case CKM_CAST5_CBC: 583 case CKM_CAST5_MAC: 584 case CKM_CAST5_MAC_GENERAL: 585 case CKM_CAST5_CBC_PAD: 586 case CKM_CAST5_KEY_GEN: 587 return CKM_CAST5_KEY_GEN; 588 case CKM_RSA_PKCS: 589 case CKM_RSA_9796: 590 case CKM_RSA_X_509: 591 case CKM_MD2_RSA_PKCS: 592 case CKM_MD5_RSA_PKCS: 593 case CKM_SHA1_RSA_PKCS: 594 case CKM_SHA224_RSA_PKCS: 595 case CKM_SHA256_RSA_PKCS: 596 case CKM_SHA384_RSA_PKCS: 597 case CKM_SHA512_RSA_PKCS: 598 case CKM_KEY_WRAP_SET_OAEP: 599 case CKM_RSA_PKCS_KEY_PAIR_GEN: 600 return CKM_RSA_PKCS_KEY_PAIR_GEN; 601 case CKM_RSA_X9_31_KEY_PAIR_GEN: 602 return CKM_RSA_X9_31_KEY_PAIR_GEN; 603 case CKM_DSA: 604 case CKM_DSA_SHA1: 605 case CKM_DSA_KEY_PAIR_GEN: 606 return CKM_DSA_KEY_PAIR_GEN; 607 case CKM_DH_PKCS_DERIVE: 608 case CKM_DH_PKCS_KEY_PAIR_GEN: 609 return CKM_DH_PKCS_KEY_PAIR_GEN; 610 case CKM_KEA_KEY_DERIVE: 611 case CKM_KEA_KEY_PAIR_GEN: 612 return CKM_KEA_KEY_PAIR_GEN; 613 case CKM_ECDSA: 614 case CKM_ECDSA_SHA1: 615 case CKM_EC_KEY_PAIR_GEN: /* aka CKM_ECDSA_KEY_PAIR_GEN */ 616 case CKM_ECDH1_DERIVE: 617 return CKM_EC_KEY_PAIR_GEN; 618 case CKM_EDDSA: 619 return CKM_EC_EDWARDS_KEY_PAIR_GEN; 620 case CKM_SSL3_PRE_MASTER_KEY_GEN: 621 case CKM_SSL3_MASTER_KEY_DERIVE: 622 case CKM_SSL3_KEY_AND_MAC_DERIVE: 623 case CKM_SSL3_SHA1_MAC: 624 case CKM_SSL3_MD5_MAC: 625 case CKM_TLS_MASTER_KEY_DERIVE: 626 case CKM_TLS_KEY_AND_MAC_DERIVE: 627 case CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256: 628 case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE: 629 case CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH: 630 return CKM_SSL3_PRE_MASTER_KEY_GEN; 631 case CKM_SHA_1_HMAC: 632 case CKM_SHA_1_HMAC_GENERAL: 633 case CKM_SHA224_HMAC: 634 case CKM_SHA224_HMAC_GENERAL: 635 case CKM_SHA256_HMAC: 636 case CKM_SHA256_HMAC_GENERAL: 637 case CKM_SHA384_HMAC: 638 case CKM_SHA384_HMAC_GENERAL: 639 case CKM_SHA512_HMAC: 640 case CKM_SHA512_HMAC_GENERAL: 641 case CKM_MD2_HMAC: 642 case CKM_MD2_HMAC_GENERAL: 643 case CKM_MD5_HMAC: 644 case CKM_MD5_HMAC_GENERAL: 645 case CKM_TLS_PRF_GENERAL: 646 case CKM_NSS_TLS_PRF_GENERAL_SHA256: 647 case CKM_GENERIC_SECRET_KEY_GEN: 648 return CKM_GENERIC_SECRET_KEY_GEN; 649 case CKM_PBE_MD2_DES_CBC: 650 case CKM_PBE_MD5_DES_CBC: 651 case CKM_PBA_SHA1_WITH_SHA1_HMAC: 652 case CKM_NSS_PBE_SHA1_HMAC_KEY_GEN: 653 case CKM_NSS_PBE_MD5_HMAC_KEY_GEN: 654 case CKM_NSS_PBE_MD2_HMAC_KEY_GEN: 655 case CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN: 656 case CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN: 657 case CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN: 658 case CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN: 659 case CKM_NSS_PBE_SHA1_DES_CBC: 660 case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC: 661 case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC: 662 case CKM_NSS_PBE_SHA1_40_BIT_RC4: 663 case CKM_NSS_PBE_SHA1_128_BIT_RC4: 664 case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC: 665 case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC: 666 case CKM_PBE_SHA1_RC2_40_CBC: 667 case CKM_PBE_SHA1_RC2_128_CBC: 668 case CKM_PBE_SHA1_RC4_40: 669 case CKM_PBE_SHA1_RC4_128: 670 case CKM_PBE_SHA1_DES3_EDE_CBC: 671 case CKM_PBE_SHA1_DES2_EDE_CBC: 672 case CKM_PKCS5_PBKD2: 673 return type; 674 case CKM_ML_DSA: 675 return CKM_ML_DSA_KEY_PAIR_GEN; 676 default: 677 return pk11_lookup(type)->keyGen; 678 } 679 } 680 681 /* 682 * get the mechanism block size 683 */ 684 int 685 PK11_GetBlockSize(CK_MECHANISM_TYPE type, SECItem *params) 686 { 687 CK_RC5_PARAMS *rc5_params; 688 CK_RC5_CBC_PARAMS *rc5_cbc_params; 689 switch (type) { 690 case CKM_RC5_ECB: 691 if ((params) && (params->data)) { 692 rc5_params = (CK_RC5_PARAMS *)params->data; 693 return (rc5_params->ulWordsize) * 2; 694 } 695 return 8; 696 case CKM_RC5_CBC: 697 case CKM_RC5_CBC_PAD: 698 if ((params) && (params->data)) { 699 rc5_cbc_params = (CK_RC5_CBC_PARAMS *)params->data; 700 return (rc5_cbc_params->ulWordsize) * 2; 701 } 702 return 8; 703 case CKM_DES_ECB: 704 case CKM_DES3_ECB: 705 case CKM_RC2_ECB: 706 case CKM_IDEA_ECB: 707 case CKM_CAST_ECB: 708 case CKM_CAST3_ECB: 709 case CKM_CAST5_ECB: 710 case CKM_RC2_CBC: 711 case CKM_SKIPJACK_CBC64: 712 case CKM_SKIPJACK_ECB64: 713 case CKM_SKIPJACK_OFB64: 714 case CKM_SKIPJACK_CFB64: 715 case CKM_DES_CBC: 716 case CKM_DES3_CBC: 717 case CKM_IDEA_CBC: 718 case CKM_CAST_CBC: 719 case CKM_CAST3_CBC: 720 case CKM_CAST5_CBC: 721 case CKM_DES_CBC_PAD: 722 case CKM_DES3_CBC_PAD: 723 case CKM_RC2_CBC_PAD: 724 case CKM_IDEA_CBC_PAD: 725 case CKM_CAST_CBC_PAD: 726 case CKM_CAST3_CBC_PAD: 727 case CKM_CAST5_CBC_PAD: 728 case CKM_PBE_MD2_DES_CBC: 729 case CKM_PBE_MD5_DES_CBC: 730 case CKM_NSS_PBE_SHA1_DES_CBC: 731 case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC: 732 case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC: 733 case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC: 734 case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC: 735 case CKM_PBE_SHA1_RC2_40_CBC: 736 case CKM_PBE_SHA1_RC2_128_CBC: 737 case CKM_PBE_SHA1_DES3_EDE_CBC: 738 case CKM_PBE_SHA1_DES2_EDE_CBC: 739 return 8; 740 case CKM_SKIPJACK_CFB32: 741 case CKM_SKIPJACK_CFB16: 742 case CKM_SKIPJACK_CFB8: 743 return 4; 744 case CKM_SEED_ECB: 745 case CKM_SEED_CBC: 746 case CKM_SEED_CBC_PAD: 747 case CKM_CAMELLIA_ECB: 748 case CKM_CAMELLIA_CBC: 749 case CKM_CAMELLIA_CBC_PAD: 750 case CKM_AES_ECB: 751 case CKM_AES_CBC: 752 case CKM_AES_CBC_PAD: 753 case CKM_BATON_ECB128: 754 case CKM_BATON_CBC128: 755 case CKM_BATON_COUNTER: 756 case CKM_BATON_SHUFFLE: 757 case CKM_JUNIPER_ECB128: 758 case CKM_JUNIPER_CBC128: 759 case CKM_JUNIPER_COUNTER: 760 case CKM_JUNIPER_SHUFFLE: 761 return 16; 762 case CKM_BATON_ECB96: 763 return 12; 764 case CKM_RC4: 765 case CKM_NSS_PBE_SHA1_40_BIT_RC4: 766 case CKM_NSS_PBE_SHA1_128_BIT_RC4: 767 case CKM_PBE_SHA1_RC4_40: 768 case CKM_PBE_SHA1_RC4_128: 769 return 0; 770 case CKM_RSA_PKCS: 771 case CKM_RSA_9796: 772 case CKM_RSA_X_509: 773 /*actually it's the modulus length of the key!*/ 774 return -1; /* failure */ 775 case CKM_NSS_CHACHA20_POLY1305: 776 case CKM_NSS_CHACHA20_CTR: 777 case CKM_CHACHA20_POLY1305: 778 case CKM_CHACHA20: 779 return 64; 780 default: 781 return pk11_lookup(type)->blockSize; 782 } 783 } 784 785 /* 786 * get the iv length 787 */ 788 int 789 PK11_GetIVLength(CK_MECHANISM_TYPE type) 790 { 791 switch (type) { 792 case CKM_SEED_ECB: 793 case CKM_CAMELLIA_ECB: 794 case CKM_AES_ECB: 795 case CKM_DES_ECB: 796 case CKM_DES3_ECB: 797 case CKM_RC2_ECB: 798 case CKM_IDEA_ECB: 799 case CKM_SKIPJACK_WRAP: 800 case CKM_BATON_WRAP: 801 case CKM_RC5_ECB: 802 case CKM_CAST_ECB: 803 case CKM_CAST3_ECB: 804 case CKM_CAST5_ECB: 805 case CKM_AES_KEY_WRAP: 806 case CKM_AES_KEY_WRAP_PAD: 807 case CKM_AES_KEY_WRAP_KWP: 808 case CKM_NSS_AES_KEY_WRAP: 809 case CKM_NSS_AES_KEY_WRAP_PAD: 810 return 0; 811 case CKM_RC2_CBC: 812 case CKM_DES_CBC: 813 case CKM_DES3_CBC: 814 case CKM_IDEA_CBC: 815 case CKM_PBE_MD2_DES_CBC: 816 case CKM_PBE_MD5_DES_CBC: 817 case CKM_NSS_PBE_SHA1_DES_CBC: 818 case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC: 819 case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC: 820 case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC: 821 case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC: 822 case CKM_PBE_SHA1_RC2_40_CBC: 823 case CKM_PBE_SHA1_RC2_128_CBC: 824 case CKM_PBE_SHA1_DES3_EDE_CBC: 825 case CKM_PBE_SHA1_DES2_EDE_CBC: 826 case CKM_RC5_CBC: 827 case CKM_CAST_CBC: 828 case CKM_CAST3_CBC: 829 case CKM_CAST5_CBC: 830 case CKM_RC2_CBC_PAD: 831 case CKM_DES_CBC_PAD: 832 case CKM_DES3_CBC_PAD: 833 case CKM_IDEA_CBC_PAD: 834 case CKM_RC5_CBC_PAD: 835 case CKM_CAST_CBC_PAD: 836 case CKM_CAST3_CBC_PAD: 837 case CKM_CAST5_CBC_PAD: 838 return 8; 839 case CKM_AES_GCM: 840 case CKM_NSS_CHACHA20_POLY1305: 841 case CKM_CHACHA20_POLY1305: 842 return 12; 843 case CKM_SEED_CBC: 844 case CKM_SEED_CBC_PAD: 845 case CKM_CAMELLIA_CBC: 846 case CKM_CAMELLIA_CBC_PAD: 847 case CKM_AES_CBC: 848 case CKM_AES_CBC_PAD: 849 case CKM_NSS_CHACHA20_CTR: 850 case CKM_CHACHA20: 851 return 16; 852 case CKM_SKIPJACK_CBC64: 853 case CKM_SKIPJACK_ECB64: 854 case CKM_SKIPJACK_OFB64: 855 case CKM_SKIPJACK_CFB64: 856 case CKM_SKIPJACK_CFB32: 857 case CKM_SKIPJACK_CFB16: 858 case CKM_SKIPJACK_CFB8: 859 case CKM_BATON_ECB128: 860 case CKM_BATON_ECB96: 861 case CKM_BATON_CBC128: 862 case CKM_BATON_COUNTER: 863 case CKM_BATON_SHUFFLE: 864 case CKM_JUNIPER_ECB128: 865 case CKM_JUNIPER_CBC128: 866 case CKM_JUNIPER_COUNTER: 867 case CKM_JUNIPER_SHUFFLE: 868 return 24; 869 case CKM_RC4: 870 case CKM_RSA_PKCS: 871 case CKM_RSA_9796: 872 case CKM_RSA_X_509: 873 case CKM_NSS_PBE_SHA1_40_BIT_RC4: 874 case CKM_NSS_PBE_SHA1_128_BIT_RC4: 875 case CKM_PBE_SHA1_RC4_40: 876 case CKM_PBE_SHA1_RC4_128: 877 return 0; 878 default: 879 return pk11_lookup(type)->iv; 880 } 881 } 882 883 /* These next two utilities are here to help facilitate future 884 * Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions 885 * like SSL and S-MIME to automatically add them. 886 */ 887 SECItem * 888 pk11_ParamFromIVWithLen(CK_MECHANISM_TYPE type, SECItem *iv, int keyLen) 889 { 890 CK_RC2_CBC_PARAMS *rc2_params = NULL; 891 CK_RC2_PARAMS *rc2_ecb_params = NULL; 892 CK_RC5_PARAMS *rc5_params = NULL; 893 CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL; 894 SECItem *param; 895 896 param = (SECItem *)PORT_Alloc(sizeof(SECItem)); 897 if (param == NULL) 898 return NULL; 899 param->data = NULL; 900 param->len = 0; 901 param->type = 0; 902 switch (type) { 903 case CKM_SEED_ECB: 904 case CKM_CAMELLIA_ECB: 905 case CKM_AES_ECB: 906 case CKM_DES_ECB: 907 case CKM_DES3_ECB: 908 case CKM_RSA_PKCS: 909 case CKM_RSA_X_509: 910 case CKM_RSA_9796: 911 case CKM_IDEA_ECB: 912 case CKM_CDMF_ECB: 913 case CKM_CAST_ECB: 914 case CKM_CAST3_ECB: 915 case CKM_CAST5_ECB: 916 case CKM_RC4: 917 case CKM_AES_KEY_WRAP: 918 case CKM_AES_KEY_WRAP_PAD: 919 case CKM_AES_KEY_WRAP_KWP: 920 case CKM_NSS_AES_KEY_WRAP: 921 case CKM_NSS_AES_KEY_WRAP_PAD: 922 break; 923 case CKM_RC2_ECB: 924 rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS)); 925 if (rc2_ecb_params == NULL) 926 break; 927 /* Maybe we should pass the key size in too to get this value? */ 928 *rc2_ecb_params = keyLen ? keyLen * 8 : 128; 929 param->data = (unsigned char *)rc2_ecb_params; 930 param->len = sizeof(CK_RC2_PARAMS); 931 break; 932 case CKM_RC2_CBC: 933 case CKM_RC2_CBC_PAD: 934 rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS)); 935 if (rc2_params == NULL) 936 break; 937 /* Maybe we should pass the key size in too to get this value? */ 938 rc2_params->ulEffectiveBits = keyLen ? keyLen * 8 : 128; 939 if (iv && iv->data) 940 PORT_Memcpy(rc2_params->iv, iv->data, sizeof(rc2_params->iv)); 941 param->data = (unsigned char *)rc2_params; 942 param->len = sizeof(CK_RC2_CBC_PARAMS); 943 break; 944 case CKM_RC5_CBC: 945 case CKM_RC5_CBC_PAD: 946 rc5_cbc_params = (CK_RC5_CBC_PARAMS *) 947 PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + ((iv) ? iv->len : 0)); 948 if (rc5_cbc_params == NULL) 949 break; 950 if (iv && iv->data && iv->len) { 951 rc5_cbc_params->pIv = ((CK_BYTE_PTR)rc5_cbc_params) + sizeof(CK_RC5_CBC_PARAMS); 952 PORT_Memcpy(rc5_cbc_params->pIv, iv->data, iv->len); 953 rc5_cbc_params->ulIvLen = iv->len; 954 rc5_cbc_params->ulWordsize = iv->len / 2; 955 } else { 956 rc5_cbc_params->ulWordsize = 4; 957 rc5_cbc_params->pIv = NULL; 958 rc5_cbc_params->ulIvLen = 0; 959 } 960 rc5_cbc_params->ulRounds = 16; 961 param->data = (unsigned char *)rc5_cbc_params; 962 param->len = sizeof(CK_RC5_CBC_PARAMS); 963 break; 964 case CKM_RC5_ECB: 965 rc5_params = (CK_RC5_PARAMS *)PORT_Alloc(sizeof(CK_RC5_PARAMS)); 966 if (rc5_params == NULL) 967 break; 968 if (iv && iv->data && iv->len) { 969 rc5_params->ulWordsize = iv->len / 2; 970 } else { 971 rc5_params->ulWordsize = 4; 972 } 973 rc5_params->ulRounds = 16; 974 param->data = (unsigned char *)rc5_params; 975 param->len = sizeof(CK_RC5_PARAMS); 976 break; 977 978 case CKM_SEED_CBC: 979 case CKM_CAMELLIA_CBC: 980 case CKM_AES_CBC: 981 case CKM_DES_CBC: 982 case CKM_DES3_CBC: 983 case CKM_IDEA_CBC: 984 case CKM_CDMF_CBC: 985 case CKM_CAST_CBC: 986 case CKM_CAST3_CBC: 987 case CKM_CAST5_CBC: 988 case CKM_CAMELLIA_CBC_PAD: 989 case CKM_AES_CBC_PAD: 990 case CKM_DES_CBC_PAD: 991 case CKM_DES3_CBC_PAD: 992 case CKM_IDEA_CBC_PAD: 993 case CKM_CDMF_CBC_PAD: 994 case CKM_CAST_CBC_PAD: 995 case CKM_CAST3_CBC_PAD: 996 case CKM_CAST5_CBC_PAD: 997 case CKM_SKIPJACK_CBC64: 998 case CKM_SKIPJACK_ECB64: 999 case CKM_SKIPJACK_OFB64: 1000 case CKM_SKIPJACK_CFB64: 1001 case CKM_SKIPJACK_CFB32: 1002 case CKM_SKIPJACK_CFB16: 1003 case CKM_SKIPJACK_CFB8: 1004 case CKM_BATON_ECB128: 1005 case CKM_BATON_ECB96: 1006 case CKM_BATON_CBC128: 1007 case CKM_BATON_COUNTER: 1008 case CKM_BATON_SHUFFLE: 1009 case CKM_JUNIPER_ECB128: 1010 case CKM_JUNIPER_CBC128: 1011 case CKM_JUNIPER_COUNTER: 1012 case CKM_JUNIPER_SHUFFLE: 1013 if ((iv == NULL) || (iv->data == NULL)) 1014 break; 1015 param->data = (unsigned char *)PORT_Alloc(iv->len); 1016 if (param->data != NULL) { 1017 PORT_Memcpy(param->data, iv->data, iv->len); 1018 param->len = iv->len; 1019 } 1020 break; 1021 /* unknown mechanism, pass IV in if it's there */ 1022 default: 1023 if (pk11_lookup(type)->iv == 0) { 1024 break; 1025 } 1026 if ((iv == NULL) || (iv->data == NULL)) { 1027 break; 1028 } 1029 param->data = (unsigned char *)PORT_Alloc(iv->len); 1030 if (param->data != NULL) { 1031 PORT_Memcpy(param->data, iv->data, iv->len); 1032 param->len = iv->len; 1033 } 1034 break; 1035 } 1036 return param; 1037 } 1038 1039 /* These next two utilities are here to help facilitate future 1040 * Dynamic Encrypt/Decrypt symetric key mechanisms, and to allow functions 1041 * like SSL and S-MIME to automatically add them. 1042 */ 1043 SECItem * 1044 PK11_ParamFromIV(CK_MECHANISM_TYPE type, SECItem *iv) 1045 { 1046 return pk11_ParamFromIVWithLen(type, iv, 0); 1047 } 1048 1049 unsigned char * 1050 PK11_IVFromParam(CK_MECHANISM_TYPE type, SECItem *param, int *len) 1051 { 1052 CK_RC2_CBC_PARAMS *rc2_params; 1053 CK_RC5_CBC_PARAMS *rc5_cbc_params; 1054 1055 *len = 0; 1056 switch (type) { 1057 case CKM_SEED_ECB: 1058 case CKM_CAMELLIA_ECB: 1059 case CKM_AES_ECB: 1060 case CKM_DES_ECB: 1061 case CKM_DES3_ECB: 1062 case CKM_RSA_PKCS: 1063 case CKM_RSA_X_509: 1064 case CKM_RSA_9796: 1065 case CKM_IDEA_ECB: 1066 case CKM_CDMF_ECB: 1067 case CKM_CAST_ECB: 1068 case CKM_CAST3_ECB: 1069 case CKM_CAST5_ECB: 1070 case CKM_RC4: 1071 return NULL; 1072 case CKM_RC2_ECB: 1073 return NULL; 1074 case CKM_RC2_CBC: 1075 case CKM_RC2_CBC_PAD: 1076 rc2_params = (CK_RC2_CBC_PARAMS *)param->data; 1077 *len = sizeof(rc2_params->iv); 1078 return &rc2_params->iv[0]; 1079 case CKM_RC5_CBC: 1080 case CKM_RC5_CBC_PAD: 1081 rc5_cbc_params = (CK_RC5_CBC_PARAMS *)param->data; 1082 *len = rc5_cbc_params->ulIvLen; 1083 return rc5_cbc_params->pIv; 1084 case CKM_SEED_CBC: 1085 case CKM_CAMELLIA_CBC: 1086 case CKM_AES_CBC: 1087 case CKM_DES_CBC: 1088 case CKM_DES3_CBC: 1089 case CKM_IDEA_CBC: 1090 case CKM_CDMF_CBC: 1091 case CKM_CAST_CBC: 1092 case CKM_CAST3_CBC: 1093 case CKM_CAST5_CBC: 1094 case CKM_CAMELLIA_CBC_PAD: 1095 case CKM_AES_CBC_PAD: 1096 case CKM_DES_CBC_PAD: 1097 case CKM_DES3_CBC_PAD: 1098 case CKM_IDEA_CBC_PAD: 1099 case CKM_CDMF_CBC_PAD: 1100 case CKM_CAST_CBC_PAD: 1101 case CKM_CAST3_CBC_PAD: 1102 case CKM_CAST5_CBC_PAD: 1103 case CKM_SKIPJACK_CBC64: 1104 case CKM_SKIPJACK_ECB64: 1105 case CKM_SKIPJACK_OFB64: 1106 case CKM_SKIPJACK_CFB64: 1107 case CKM_SKIPJACK_CFB32: 1108 case CKM_SKIPJACK_CFB16: 1109 case CKM_SKIPJACK_CFB8: 1110 case CKM_BATON_ECB128: 1111 case CKM_BATON_ECB96: 1112 case CKM_BATON_CBC128: 1113 case CKM_BATON_COUNTER: 1114 case CKM_BATON_SHUFFLE: 1115 case CKM_JUNIPER_ECB128: 1116 case CKM_JUNIPER_CBC128: 1117 case CKM_JUNIPER_COUNTER: 1118 case CKM_JUNIPER_SHUFFLE: 1119 break; 1120 /* unknown mechanism, pass IV in if it's there */ 1121 default: 1122 break; 1123 } 1124 if (param->data) { 1125 *len = param->len; 1126 } 1127 return param->data; 1128 } 1129 1130 typedef struct sec_rc5cbcParameterStr { 1131 SECItem version; 1132 SECItem rounds; 1133 SECItem blockSizeInBits; 1134 SECItem iv; 1135 } sec_rc5cbcParameter; 1136 1137 static const SEC_ASN1Template sec_rc5ecb_parameter_template[] = { 1138 { SEC_ASN1_SEQUENCE, 1139 0, NULL, sizeof(sec_rc5cbcParameter) }, 1140 { SEC_ASN1_INTEGER, 1141 offsetof(sec_rc5cbcParameter, version) }, 1142 { SEC_ASN1_INTEGER, 1143 offsetof(sec_rc5cbcParameter, rounds) }, 1144 { SEC_ASN1_INTEGER, 1145 offsetof(sec_rc5cbcParameter, blockSizeInBits) }, 1146 { 0 } 1147 }; 1148 1149 static const SEC_ASN1Template sec_rc5cbc_parameter_template[] = { 1150 { SEC_ASN1_SEQUENCE, 1151 0, NULL, sizeof(sec_rc5cbcParameter) }, 1152 { SEC_ASN1_INTEGER, 1153 offsetof(sec_rc5cbcParameter, version) }, 1154 { SEC_ASN1_INTEGER, 1155 offsetof(sec_rc5cbcParameter, rounds) }, 1156 { SEC_ASN1_INTEGER, 1157 offsetof(sec_rc5cbcParameter, blockSizeInBits) }, 1158 { SEC_ASN1_OCTET_STRING, 1159 offsetof(sec_rc5cbcParameter, iv) }, 1160 { 0 } 1161 }; 1162 1163 typedef struct sec_rc2cbcParameterStr { 1164 SECItem rc2ParameterVersion; 1165 SECItem iv; 1166 } sec_rc2cbcParameter; 1167 1168 static const SEC_ASN1Template sec_rc2cbc_parameter_template[] = { 1169 { SEC_ASN1_SEQUENCE, 1170 0, NULL, sizeof(sec_rc2cbcParameter) }, 1171 { SEC_ASN1_INTEGER, 1172 offsetof(sec_rc2cbcParameter, rc2ParameterVersion) }, 1173 { SEC_ASN1_OCTET_STRING, 1174 offsetof(sec_rc2cbcParameter, iv) }, 1175 { 0 } 1176 }; 1177 1178 static const SEC_ASN1Template sec_rc2ecb_parameter_template[] = { 1179 { SEC_ASN1_SEQUENCE, 1180 0, NULL, sizeof(sec_rc2cbcParameter) }, 1181 { SEC_ASN1_INTEGER, 1182 offsetof(sec_rc2cbcParameter, rc2ParameterVersion) }, 1183 { 0 } 1184 }; 1185 1186 /* S/MIME picked id values to represent differnt keysizes */ 1187 /* I do have a formula, but it ain't pretty, and it only works because you 1188 * can always match three points to a parabola:) */ 1189 static unsigned char 1190 rc2_map(SECItem *version) 1191 { 1192 long x; 1193 1194 x = DER_GetInteger(version); 1195 1196 switch (x) { 1197 case 58: 1198 return 128; 1199 case 120: 1200 return 64; 1201 case 160: 1202 return 40; 1203 } 1204 return 128; 1205 } 1206 1207 static unsigned long 1208 rc2_unmap(unsigned long x) 1209 { 1210 switch (x) { 1211 case 128: 1212 return 58; 1213 case 64: 1214 return 120; 1215 case 40: 1216 return 160; 1217 } 1218 return 58; 1219 } 1220 1221 /* Generate a mechaism param from a type, and iv. */ 1222 SECItem * 1223 PK11_ParamFromAlgid(SECAlgorithmID *algid) 1224 { 1225 CK_RC2_CBC_PARAMS *rc2_cbc_params = NULL; 1226 CK_RC2_PARAMS *rc2_ecb_params = NULL; 1227 CK_RC5_CBC_PARAMS *rc5_cbc_params = NULL; 1228 CK_RC5_PARAMS *rc5_ecb_params = NULL; 1229 PLArenaPool *arena = NULL; 1230 SECItem *mech = NULL; 1231 SECOidTag algtag; 1232 SECStatus rv; 1233 CK_MECHANISM_TYPE type; 1234 /* initialize these to prevent UMRs in the ASN1 decoder. */ 1235 SECItem iv = { siBuffer, NULL, 0 }; 1236 sec_rc2cbcParameter rc2 = { { siBuffer, NULL, 0 }, { siBuffer, NULL, 0 } }; 1237 sec_rc5cbcParameter rc5 = { { siBuffer, NULL, 0 }, { siBuffer, NULL, 0 }, { siBuffer, NULL, 0 }, { siBuffer, NULL, 0 } }; 1238 1239 algtag = SECOID_GetAlgorithmTag(algid); 1240 type = PK11_AlgtagToMechanism(algtag); 1241 1242 mech = PORT_New(SECItem); 1243 if (mech == NULL) { 1244 return NULL; 1245 } 1246 mech->type = siBuffer; 1247 mech->data = NULL; 1248 mech->len = 0; 1249 1250 arena = PORT_NewArena(1024); 1251 if (!arena) { 1252 goto loser; 1253 } 1254 1255 /* handle the complicated cases */ 1256 switch (type) { 1257 case CKM_RC2_ECB: 1258 rv = SEC_ASN1DecodeItem(arena, &rc2, sec_rc2ecb_parameter_template, 1259 &(algid->parameters)); 1260 if (rv != SECSuccess) { 1261 goto loser; 1262 } 1263 rc2_ecb_params = PORT_New(CK_RC2_PARAMS); 1264 if (rc2_ecb_params == NULL) { 1265 goto loser; 1266 } 1267 *rc2_ecb_params = rc2_map(&rc2.rc2ParameterVersion); 1268 mech->data = (unsigned char *)rc2_ecb_params; 1269 mech->len = sizeof *rc2_ecb_params; 1270 break; 1271 case CKM_RC2_CBC: 1272 case CKM_RC2_CBC_PAD: 1273 rv = SEC_ASN1DecodeItem(arena, &rc2, sec_rc2cbc_parameter_template, 1274 &(algid->parameters)); 1275 if (rv != SECSuccess) { 1276 goto loser; 1277 } 1278 rc2_cbc_params = PORT_New(CK_RC2_CBC_PARAMS); 1279 if (rc2_cbc_params == NULL) { 1280 goto loser; 1281 } 1282 mech->data = (unsigned char *)rc2_cbc_params; 1283 mech->len = sizeof *rc2_cbc_params; 1284 rc2_cbc_params->ulEffectiveBits = rc2_map(&rc2.rc2ParameterVersion); 1285 if (rc2.iv.len != sizeof rc2_cbc_params->iv) { 1286 PORT_SetError(SEC_ERROR_INPUT_LEN); 1287 goto loser; 1288 } 1289 PORT_Memcpy(rc2_cbc_params->iv, rc2.iv.data, rc2.iv.len); 1290 break; 1291 case CKM_RC5_ECB: 1292 rv = SEC_ASN1DecodeItem(arena, &rc5, sec_rc5ecb_parameter_template, 1293 &(algid->parameters)); 1294 if (rv != SECSuccess) { 1295 goto loser; 1296 } 1297 rc5_ecb_params = PORT_New(CK_RC5_PARAMS); 1298 if (rc5_ecb_params == NULL) { 1299 goto loser; 1300 } 1301 rc5_ecb_params->ulRounds = DER_GetInteger(&rc5.rounds); 1302 rc5_ecb_params->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits) / 8; 1303 mech->data = (unsigned char *)rc5_ecb_params; 1304 mech->len = sizeof *rc5_ecb_params; 1305 break; 1306 case CKM_RC5_CBC: 1307 case CKM_RC5_CBC_PAD: 1308 rv = SEC_ASN1DecodeItem(arena, &rc5, sec_rc5cbc_parameter_template, 1309 &(algid->parameters)); 1310 if (rv != SECSuccess) { 1311 goto loser; 1312 } 1313 rc5_cbc_params = (CK_RC5_CBC_PARAMS *) 1314 PORT_Alloc(sizeof(CK_RC5_CBC_PARAMS) + rc5.iv.len); 1315 if (rc5_cbc_params == NULL) { 1316 goto loser; 1317 } 1318 mech->data = (unsigned char *)rc5_cbc_params; 1319 mech->len = sizeof *rc5_cbc_params; 1320 rc5_cbc_params->ulRounds = DER_GetInteger(&rc5.rounds); 1321 rc5_cbc_params->ulWordsize = DER_GetInteger(&rc5.blockSizeInBits) / 8; 1322 rc5_cbc_params->pIv = ((CK_BYTE_PTR)rc5_cbc_params) + sizeof(CK_RC5_CBC_PARAMS); 1323 rc5_cbc_params->ulIvLen = rc5.iv.len; 1324 PORT_Memcpy(rc5_cbc_params->pIv, rc5.iv.data, rc5.iv.len); 1325 break; 1326 case CKM_PBE_MD2_DES_CBC: 1327 case CKM_PBE_MD5_DES_CBC: 1328 case CKM_NSS_PBE_SHA1_DES_CBC: 1329 case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC: 1330 case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC: 1331 case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC: 1332 case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC: 1333 case CKM_NSS_PBE_SHA1_40_BIT_RC4: 1334 case CKM_NSS_PBE_SHA1_128_BIT_RC4: 1335 case CKM_PBE_SHA1_DES2_EDE_CBC: 1336 case CKM_PBE_SHA1_DES3_EDE_CBC: 1337 case CKM_PBE_SHA1_RC2_40_CBC: 1338 case CKM_PBE_SHA1_RC2_128_CBC: 1339 case CKM_PBE_SHA1_RC4_40: 1340 case CKM_PBE_SHA1_RC4_128: 1341 case CKM_PKCS5_PBKD2: 1342 rv = pbe_PK11AlgidToParam(algid, mech); 1343 if (rv != SECSuccess) { 1344 goto loser; 1345 } 1346 break; 1347 case CKM_RC4: 1348 case CKM_SEED_ECB: 1349 case CKM_CAMELLIA_ECB: 1350 case CKM_AES_ECB: 1351 case CKM_DES_ECB: 1352 case CKM_DES3_ECB: 1353 case CKM_IDEA_ECB: 1354 case CKM_CDMF_ECB: 1355 case CKM_CAST_ECB: 1356 case CKM_CAST3_ECB: 1357 case CKM_CAST5_ECB: 1358 break; 1359 1360 default: 1361 if (pk11_lookup(type)->iv == 0) { 1362 break; 1363 } 1364 /* FALL THROUGH */ 1365 case CKM_SEED_CBC: 1366 case CKM_CAMELLIA_CBC: 1367 case CKM_AES_CBC: 1368 case CKM_DES_CBC: 1369 case CKM_DES3_CBC: 1370 case CKM_IDEA_CBC: 1371 case CKM_CDMF_CBC: 1372 case CKM_CAST_CBC: 1373 case CKM_CAST3_CBC: 1374 case CKM_CAST5_CBC: 1375 case CKM_SEED_CBC_PAD: 1376 case CKM_CAMELLIA_CBC_PAD: 1377 case CKM_AES_CBC_PAD: 1378 case CKM_DES_CBC_PAD: 1379 case CKM_DES3_CBC_PAD: 1380 case CKM_IDEA_CBC_PAD: 1381 case CKM_CDMF_CBC_PAD: 1382 case CKM_CAST_CBC_PAD: 1383 case CKM_CAST3_CBC_PAD: 1384 case CKM_CAST5_CBC_PAD: 1385 case CKM_SKIPJACK_CBC64: 1386 case CKM_SKIPJACK_ECB64: 1387 case CKM_SKIPJACK_OFB64: 1388 case CKM_SKIPJACK_CFB64: 1389 case CKM_SKIPJACK_CFB32: 1390 case CKM_SKIPJACK_CFB16: 1391 case CKM_SKIPJACK_CFB8: 1392 case CKM_BATON_ECB128: 1393 case CKM_BATON_ECB96: 1394 case CKM_BATON_CBC128: 1395 case CKM_BATON_COUNTER: 1396 case CKM_BATON_SHUFFLE: 1397 case CKM_JUNIPER_ECB128: 1398 case CKM_JUNIPER_CBC128: 1399 case CKM_JUNIPER_COUNTER: 1400 case CKM_JUNIPER_SHUFFLE: 1401 /* simple cases are simply octet string encoded IVs */ 1402 rv = SEC_ASN1DecodeItem(arena, &iv, 1403 SEC_ASN1_GET(SEC_OctetStringTemplate), 1404 &(algid->parameters)); 1405 if (rv != SECSuccess || iv.data == NULL) { 1406 goto loser; 1407 } 1408 /* XXX Should be some IV length sanity check here. */ 1409 mech->data = (unsigned char *)PORT_Alloc(iv.len); 1410 if (mech->data == NULL) { 1411 goto loser; 1412 } 1413 PORT_Memcpy(mech->data, iv.data, iv.len); 1414 mech->len = iv.len; 1415 break; 1416 } 1417 PORT_FreeArena(arena, PR_FALSE); 1418 return mech; 1419 1420 loser: 1421 if (arena) 1422 PORT_FreeArena(arena, PR_FALSE); 1423 SECITEM_FreeItem(mech, PR_TRUE); 1424 return NULL; 1425 } 1426 1427 /* 1428 * Generate an IV for the given mechanism 1429 */ 1430 static SECStatus 1431 pk11_GenIV(CK_MECHANISM_TYPE type, SECItem *iv) 1432 { 1433 int iv_size = PK11_GetIVLength(type); 1434 SECStatus rv; 1435 1436 iv->len = iv_size; 1437 if (iv_size == 0) { 1438 iv->data = NULL; 1439 return SECSuccess; 1440 } 1441 1442 iv->data = (unsigned char *)PORT_Alloc(iv_size); 1443 if (iv->data == NULL) { 1444 iv->len = 0; 1445 return SECFailure; 1446 } 1447 1448 rv = PK11_GenerateRandom(iv->data, iv->len); 1449 if (rv != SECSuccess) { 1450 PORT_Free(iv->data); 1451 iv->data = NULL; 1452 iv->len = 0; 1453 return SECFailure; 1454 } 1455 return SECSuccess; 1456 } 1457 1458 /* 1459 * create a new parameter block from the passed in MECHANISM and the 1460 * key. Use Netscape's S/MIME Rules for the New param block. 1461 */ 1462 SECItem * 1463 pk11_GenerateNewParamWithKeyLen(CK_MECHANISM_TYPE type, int keyLen) 1464 { 1465 CK_RC2_CBC_PARAMS *rc2_params; 1466 CK_RC2_PARAMS *rc2_ecb_params; 1467 SECItem *mech; 1468 SECItem iv; 1469 SECStatus rv; 1470 1471 mech = (SECItem *)PORT_Alloc(sizeof(SECItem)); 1472 if (mech == NULL) 1473 return NULL; 1474 1475 rv = SECSuccess; 1476 mech->type = siBuffer; 1477 mech->data = NULL; 1478 mech->len = 0; 1479 switch (type) { 1480 case CKM_RC4: 1481 case CKM_SEED_ECB: 1482 case CKM_CAMELLIA_ECB: 1483 case CKM_AES_ECB: 1484 case CKM_DES_ECB: 1485 case CKM_DES3_ECB: 1486 case CKM_IDEA_ECB: 1487 case CKM_CDMF_ECB: 1488 case CKM_CAST_ECB: 1489 case CKM_CAST3_ECB: 1490 case CKM_CAST5_ECB: 1491 break; 1492 case CKM_RC2_ECB: 1493 rc2_ecb_params = (CK_RC2_PARAMS *)PORT_Alloc(sizeof(CK_RC2_PARAMS)); 1494 if (rc2_ecb_params == NULL) { 1495 rv = SECFailure; 1496 break; 1497 } 1498 /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5, 1499 * or RC4 key. Of course that wouldn't happen here doing RC2:).*/ 1500 *rc2_ecb_params = keyLen ? keyLen * 8 : 128; 1501 mech->data = (unsigned char *)rc2_ecb_params; 1502 mech->len = sizeof(CK_RC2_PARAMS); 1503 break; 1504 case CKM_RC2_CBC: 1505 case CKM_RC2_CBC_PAD: 1506 rv = pk11_GenIV(type, &iv); 1507 if (rv != SECSuccess) { 1508 break; 1509 } 1510 rc2_params = (CK_RC2_CBC_PARAMS *)PORT_Alloc(sizeof(CK_RC2_CBC_PARAMS)); 1511 if (rc2_params == NULL) { 1512 PORT_Free(iv.data); 1513 rv = SECFailure; 1514 break; 1515 } 1516 /* NOTE PK11_GetKeyLength can return -1 if the key isn't and RC2, RC5, 1517 * or RC4 key. Of course that wouldn't happen here doing RC2:).*/ 1518 rc2_params->ulEffectiveBits = keyLen ? keyLen * 8 : 128; 1519 if (iv.data) 1520 PORT_Memcpy(rc2_params->iv, iv.data, sizeof(rc2_params->iv)); 1521 mech->data = (unsigned char *)rc2_params; 1522 mech->len = sizeof(CK_RC2_CBC_PARAMS); 1523 PORT_Free(iv.data); 1524 break; 1525 case CKM_RC5_ECB: 1526 PORT_Free(mech); 1527 return PK11_ParamFromIV(type, NULL); 1528 case CKM_RC5_CBC: 1529 case CKM_RC5_CBC_PAD: 1530 rv = pk11_GenIV(type, &iv); 1531 if (rv != SECSuccess) { 1532 break; 1533 } 1534 PORT_Free(mech); 1535 return PK11_ParamFromIV(type, &iv); 1536 default: 1537 if (pk11_lookup(type)->iv == 0) { 1538 break; 1539 } 1540 case CKM_SEED_CBC: 1541 case CKM_CAMELLIA_CBC: 1542 case CKM_AES_CBC: 1543 case CKM_DES_CBC: 1544 case CKM_DES3_CBC: 1545 case CKM_IDEA_CBC: 1546 case CKM_CDMF_CBC: 1547 case CKM_CAST_CBC: 1548 case CKM_CAST3_CBC: 1549 case CKM_CAST5_CBC: 1550 case CKM_DES_CBC_PAD: 1551 case CKM_DES3_CBC_PAD: 1552 case CKM_IDEA_CBC_PAD: 1553 case CKM_CDMF_CBC_PAD: 1554 case CKM_CAST_CBC_PAD: 1555 case CKM_CAST3_CBC_PAD: 1556 case CKM_CAST5_CBC_PAD: 1557 case CKM_SKIPJACK_CBC64: 1558 case CKM_SKIPJACK_ECB64: 1559 case CKM_SKIPJACK_OFB64: 1560 case CKM_SKIPJACK_CFB64: 1561 case CKM_SKIPJACK_CFB32: 1562 case CKM_SKIPJACK_CFB16: 1563 case CKM_SKIPJACK_CFB8: 1564 case CKM_BATON_ECB128: 1565 case CKM_BATON_ECB96: 1566 case CKM_BATON_CBC128: 1567 case CKM_BATON_COUNTER: 1568 case CKM_BATON_SHUFFLE: 1569 case CKM_JUNIPER_ECB128: 1570 case CKM_JUNIPER_CBC128: 1571 case CKM_JUNIPER_COUNTER: 1572 case CKM_JUNIPER_SHUFFLE: 1573 rv = pk11_GenIV(type, &iv); 1574 if (rv != SECSuccess) { 1575 break; 1576 } 1577 mech->data = (unsigned char *)PORT_Alloc(iv.len); 1578 if (mech->data == NULL) { 1579 PORT_Free(iv.data); 1580 rv = SECFailure; 1581 break; 1582 } 1583 if (iv.len) { 1584 PORT_Memcpy(mech->data, iv.data, iv.len); 1585 } 1586 mech->len = iv.len; 1587 PORT_Free(iv.data); 1588 break; 1589 } 1590 if (rv != SECSuccess) { 1591 SECITEM_FreeItem(mech, PR_TRUE); 1592 return NULL; 1593 } 1594 return mech; 1595 } 1596 1597 SECItem * 1598 PK11_GenerateNewParam(CK_MECHANISM_TYPE type, PK11SymKey *key) 1599 { 1600 int keyLen = key ? PK11_GetKeyLength(key) : 0; 1601 1602 return pk11_GenerateNewParamWithKeyLen(type, keyLen); 1603 } 1604 1605 #define RC5_V10 0x10 1606 1607 /* turn a PKCS #11 parameter into a DER Encoded Algorithm ID */ 1608 SECStatus 1609 PK11_ParamToAlgid(SECOidTag algTag, SECItem *param, 1610 PLArenaPool *arena, SECAlgorithmID *algid) 1611 { 1612 CK_RC2_CBC_PARAMS *rc2_params; 1613 sec_rc2cbcParameter rc2; 1614 CK_RC5_CBC_PARAMS *rc5_params; 1615 sec_rc5cbcParameter rc5; 1616 CK_MECHANISM_TYPE type = PK11_AlgtagToMechanism(algTag); 1617 SECItem *newParams = NULL; 1618 SECStatus rv = SECFailure; 1619 unsigned long rc2version; 1620 1621 switch (type) { 1622 case CKM_RC4: 1623 case CKM_SEED_ECB: 1624 case CKM_CAMELLIA_ECB: 1625 case CKM_AES_ECB: 1626 case CKM_DES_ECB: 1627 case CKM_DES3_ECB: 1628 case CKM_IDEA_ECB: 1629 case CKM_CDMF_ECB: 1630 case CKM_CAST_ECB: 1631 case CKM_CAST3_ECB: 1632 case CKM_CAST5_ECB: 1633 newParams = NULL; 1634 rv = SECSuccess; 1635 break; 1636 case CKM_RC2_ECB: 1637 break; 1638 case CKM_RC2_CBC: 1639 case CKM_RC2_CBC_PAD: 1640 rc2_params = (CK_RC2_CBC_PARAMS *)param->data; 1641 rc2version = rc2_unmap(rc2_params->ulEffectiveBits); 1642 if (SEC_ASN1EncodeUnsignedInteger(NULL, &(rc2.rc2ParameterVersion), 1643 rc2version) == NULL) 1644 break; 1645 rc2.iv.data = rc2_params->iv; 1646 rc2.iv.len = sizeof(rc2_params->iv); 1647 newParams = SEC_ASN1EncodeItem(NULL, NULL, &rc2, 1648 sec_rc2cbc_parameter_template); 1649 PORT_Free(rc2.rc2ParameterVersion.data); 1650 if (newParams == NULL) 1651 break; 1652 rv = SECSuccess; 1653 break; 1654 1655 case CKM_RC5_ECB: /* well not really... */ 1656 break; 1657 case CKM_RC5_CBC: 1658 case CKM_RC5_CBC_PAD: 1659 rc5_params = (CK_RC5_CBC_PARAMS *)param->data; 1660 if (SEC_ASN1EncodeUnsignedInteger(NULL, &rc5.version, RC5_V10) == NULL) 1661 break; 1662 if (SEC_ASN1EncodeUnsignedInteger(NULL, &rc5.blockSizeInBits, 1663 rc5_params->ulWordsize * 8) == NULL) { 1664 PORT_Free(rc5.version.data); 1665 break; 1666 } 1667 if (SEC_ASN1EncodeUnsignedInteger(NULL, &rc5.rounds, 1668 rc5_params->ulWordsize * 8) == NULL) { 1669 PORT_Free(rc5.blockSizeInBits.data); 1670 PORT_Free(rc5.version.data); 1671 break; 1672 } 1673 rc5.iv.data = rc5_params->pIv; 1674 rc5.iv.len = rc5_params->ulIvLen; 1675 newParams = SEC_ASN1EncodeItem(NULL, NULL, &rc5, 1676 sec_rc5cbc_parameter_template); 1677 PORT_Free(rc5.version.data); 1678 PORT_Free(rc5.blockSizeInBits.data); 1679 PORT_Free(rc5.rounds.data); 1680 if (newParams == NULL) 1681 break; 1682 rv = SECSuccess; 1683 break; 1684 case CKM_PBE_MD2_DES_CBC: 1685 case CKM_PBE_MD5_DES_CBC: 1686 case CKM_NSS_PBE_SHA1_DES_CBC: 1687 case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC: 1688 case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC: 1689 case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC: 1690 case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC: 1691 case CKM_NSS_PBE_SHA1_40_BIT_RC4: 1692 case CKM_NSS_PBE_SHA1_128_BIT_RC4: 1693 case CKM_PBE_SHA1_DES3_EDE_CBC: 1694 case CKM_PBE_SHA1_DES2_EDE_CBC: 1695 case CKM_PBE_SHA1_RC2_40_CBC: 1696 case CKM_PBE_SHA1_RC2_128_CBC: 1697 case CKM_PBE_SHA1_RC4_40: 1698 case CKM_PBE_SHA1_RC4_128: 1699 return PBE_PK11ParamToAlgid(algTag, param, arena, algid); 1700 default: 1701 if (pk11_lookup(type)->iv == 0) { 1702 rv = SECSuccess; 1703 newParams = NULL; 1704 break; 1705 } 1706 case CKM_SEED_CBC: 1707 case CKM_CAMELLIA_CBC: 1708 case CKM_AES_CBC: 1709 case CKM_DES_CBC: 1710 case CKM_DES3_CBC: 1711 case CKM_IDEA_CBC: 1712 case CKM_CDMF_CBC: 1713 case CKM_CAST_CBC: 1714 case CKM_CAST3_CBC: 1715 case CKM_CAST5_CBC: 1716 case CKM_DES_CBC_PAD: 1717 case CKM_DES3_CBC_PAD: 1718 case CKM_IDEA_CBC_PAD: 1719 case CKM_CDMF_CBC_PAD: 1720 case CKM_CAST_CBC_PAD: 1721 case CKM_CAST3_CBC_PAD: 1722 case CKM_CAST5_CBC_PAD: 1723 case CKM_SKIPJACK_CBC64: 1724 case CKM_SKIPJACK_ECB64: 1725 case CKM_SKIPJACK_OFB64: 1726 case CKM_SKIPJACK_CFB64: 1727 case CKM_SKIPJACK_CFB32: 1728 case CKM_SKIPJACK_CFB16: 1729 case CKM_SKIPJACK_CFB8: 1730 case CKM_BATON_ECB128: 1731 case CKM_BATON_ECB96: 1732 case CKM_BATON_CBC128: 1733 case CKM_BATON_COUNTER: 1734 case CKM_BATON_SHUFFLE: 1735 case CKM_JUNIPER_ECB128: 1736 case CKM_JUNIPER_CBC128: 1737 case CKM_JUNIPER_COUNTER: 1738 case CKM_JUNIPER_SHUFFLE: 1739 if (param && param->len > 0) { 1740 newParams = SEC_ASN1EncodeItem(NULL, NULL, param, 1741 SEC_ASN1_GET(SEC_OctetStringTemplate)); 1742 if (newParams == NULL) 1743 break; 1744 } else { 1745 /* if no parameters have been supplied, then use NULL params 1746 * The SECOID_SetAlgorithmID encoder will encode that as no 1747 * params (since params are optional) or with an explicit NULL 1748 * (for some historical cases where explicit NULL is expected). 1749 */ 1750 newParams = NULL; 1751 } 1752 rv = SECSuccess; 1753 break; 1754 } 1755 1756 if (rv != SECSuccess) { 1757 if (newParams) 1758 SECITEM_FreeItem(newParams, PR_TRUE); 1759 return rv; 1760 } 1761 1762 rv = SECOID_SetAlgorithmID(arena, algid, algTag, newParams); 1763 SECITEM_FreeItem(newParams, PR_TRUE); 1764 return rv; 1765 } 1766 1767 /* turn an OID algorithm tag into a PKCS #11 mechanism. This allows us to 1768 * map OID's directly into the PKCS #11 mechanism we want to call. We find 1769 * this mapping in our standard OID table */ 1770 CK_MECHANISM_TYPE 1771 PK11_AlgtagToMechanism(SECOidTag algTag) 1772 { 1773 SECOidData *oid = SECOID_FindOIDByTag(algTag); 1774 1775 if (oid) 1776 return (CK_MECHANISM_TYPE)oid->mechanism; 1777 return CKM_INVALID_MECHANISM; 1778 } 1779 1780 /* turn a mechanism into an oid. */ 1781 SECOidTag 1782 PK11_MechanismToAlgtag(CK_MECHANISM_TYPE type) 1783 { 1784 SECOidData *oid = SECOID_FindOIDByMechanism((unsigned long)type); 1785 1786 if (oid) 1787 return oid->offset; 1788 return SEC_OID_UNKNOWN; 1789 } 1790 1791 /* Determine appropriate blocking mechanism, used when wrapping private keys 1792 * which require PKCS padding. If the mechanism does not map to a padding 1793 * mechanism, we simply return the mechanism. 1794 */ 1795 CK_MECHANISM_TYPE 1796 PK11_GetPadMechanism(CK_MECHANISM_TYPE type) 1797 { 1798 switch (type) { 1799 case CKM_SEED_CBC: 1800 return CKM_SEED_CBC_PAD; 1801 case CKM_CAMELLIA_CBC: 1802 return CKM_CAMELLIA_CBC_PAD; 1803 case CKM_AES_CBC: 1804 return CKM_AES_CBC_PAD; 1805 case CKM_DES_CBC: 1806 return CKM_DES_CBC_PAD; 1807 case CKM_DES3_CBC: 1808 return CKM_DES3_CBC_PAD; 1809 case CKM_RC2_CBC: 1810 return CKM_RC2_CBC_PAD; 1811 case CKM_CDMF_CBC: 1812 return CKM_CDMF_CBC_PAD; 1813 case CKM_CAST_CBC: 1814 return CKM_CAST_CBC_PAD; 1815 case CKM_CAST3_CBC: 1816 return CKM_CAST3_CBC_PAD; 1817 case CKM_CAST5_CBC: 1818 return CKM_CAST5_CBC_PAD; 1819 case CKM_RC5_CBC: 1820 return CKM_RC5_CBC_PAD; 1821 case CKM_IDEA_CBC: 1822 return CKM_IDEA_CBC_PAD; 1823 default: 1824 break; 1825 } 1826 1827 return type; 1828 } 1829 1830 static PRBool 1831 pk11_isAllZero(unsigned char *data, int len) 1832 { 1833 while (len--) { 1834 if (*data++) { 1835 return PR_FALSE; 1836 } 1837 } 1838 return PR_TRUE; 1839 } 1840 1841 CK_RV 1842 PK11_MapPBEMechanismToCryptoMechanism(CK_MECHANISM_PTR pPBEMechanism, 1843 CK_MECHANISM_PTR pCryptoMechanism, 1844 SECItem *pbe_pwd, PRBool faulty3DES) 1845 { 1846 int iv_len = 0; 1847 CK_PBE_PARAMS_PTR pPBEparams; 1848 CK_RC2_CBC_PARAMS_PTR rc2_params; 1849 CK_ULONG rc2_key_len; 1850 1851 if ((pPBEMechanism == CK_NULL_PTR) || (pCryptoMechanism == CK_NULL_PTR)) { 1852 return CKR_HOST_MEMORY; 1853 } 1854 1855 /* pkcs5 v2 cannot be supported by this interface. 1856 * use PK11_GetPBECryptoMechanism instead. 1857 */ 1858 if ((pPBEMechanism->mechanism == CKM_INVALID_MECHANISM) || 1859 (pPBEMechanism->mechanism == CKM_PKCS5_PBKD2)) { 1860 return CKR_MECHANISM_INVALID; 1861 } 1862 1863 pPBEparams = (CK_PBE_PARAMS_PTR)pPBEMechanism->pParameter; 1864 iv_len = PK11_GetIVLength(pPBEMechanism->mechanism); 1865 1866 if (iv_len) { 1867 if (pk11_isAllZero(pPBEparams->pInitVector, iv_len)) { 1868 SECItem param; 1869 PK11SymKey *symKey; 1870 PK11SlotInfo *intSlot = PK11_GetInternalSlot(); 1871 1872 if (intSlot == NULL) { 1873 return CKR_DEVICE_ERROR; 1874 } 1875 1876 param.data = pPBEMechanism->pParameter; 1877 param.len = pPBEMechanism->ulParameterLen; 1878 1879 symKey = PK11_RawPBEKeyGen(intSlot, 1880 pPBEMechanism->mechanism, ¶m, pbe_pwd, faulty3DES, NULL); 1881 PK11_FreeSlot(intSlot); 1882 if (symKey == NULL) { 1883 return CKR_DEVICE_ERROR; /* sigh */ 1884 } 1885 PK11_FreeSymKey(symKey); 1886 } 1887 } 1888 1889 switch (pPBEMechanism->mechanism) { 1890 case CKM_PBE_MD2_DES_CBC: 1891 case CKM_PBE_MD5_DES_CBC: 1892 case CKM_NSS_PBE_SHA1_DES_CBC: 1893 pCryptoMechanism->mechanism = CKM_DES_CBC; 1894 goto have_crypto_mechanism; 1895 case CKM_NSS_PBE_SHA1_TRIPLE_DES_CBC: 1896 case CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC: 1897 case CKM_PBE_SHA1_DES3_EDE_CBC: 1898 case CKM_PBE_SHA1_DES2_EDE_CBC: 1899 pCryptoMechanism->mechanism = CKM_DES3_CBC; 1900 have_crypto_mechanism: 1901 pCryptoMechanism->pParameter = PORT_Alloc(iv_len); 1902 pCryptoMechanism->ulParameterLen = (CK_ULONG)iv_len; 1903 if (pCryptoMechanism->pParameter == NULL) { 1904 return CKR_HOST_MEMORY; 1905 } 1906 PORT_Memcpy((unsigned char *)(pCryptoMechanism->pParameter), 1907 (unsigned char *)(pPBEparams->pInitVector), 1908 iv_len); 1909 break; 1910 case CKM_NSS_PBE_SHA1_40_BIT_RC4: 1911 case CKM_NSS_PBE_SHA1_128_BIT_RC4: 1912 case CKM_PBE_SHA1_RC4_40: 1913 case CKM_PBE_SHA1_RC4_128: 1914 pCryptoMechanism->mechanism = CKM_RC4; 1915 pCryptoMechanism->ulParameterLen = 0; 1916 pCryptoMechanism->pParameter = CK_NULL_PTR; 1917 break; 1918 case CKM_NSS_PBE_SHA1_40_BIT_RC2_CBC: 1919 case CKM_PBE_SHA1_RC2_40_CBC: 1920 rc2_key_len = 40; 1921 goto have_key_len; 1922 case CKM_NSS_PBE_SHA1_128_BIT_RC2_CBC: 1923 rc2_key_len = 128; 1924 have_key_len: 1925 pCryptoMechanism->mechanism = CKM_RC2_CBC; 1926 pCryptoMechanism->ulParameterLen = (CK_ULONG)sizeof(CK_RC2_CBC_PARAMS); 1927 pCryptoMechanism->pParameter = (CK_RC2_CBC_PARAMS_PTR) 1928 PORT_ZAlloc(sizeof(CK_RC2_CBC_PARAMS)); 1929 if (pCryptoMechanism->pParameter == NULL) { 1930 return CKR_HOST_MEMORY; 1931 } 1932 rc2_params = (CK_RC2_CBC_PARAMS_PTR)pCryptoMechanism->pParameter; 1933 PORT_Memcpy((unsigned char *)rc2_params->iv, 1934 (unsigned char *)pPBEparams->pInitVector, 1935 iv_len); 1936 rc2_params->ulEffectiveBits = rc2_key_len; 1937 break; 1938 default: 1939 return CKR_MECHANISM_INVALID; 1940 } 1941 1942 return CKR_OK; 1943 } 1944 1945 /* Make a Key type to an appropriate signing/verification mechanism */ 1946 CK_MECHANISM_TYPE 1947 PK11_MapSignKeyType(KeyType keyType) 1948 { 1949 switch (keyType) { 1950 case rsaKey: 1951 return CKM_RSA_PKCS; 1952 case fortezzaKey: 1953 case dsaKey: 1954 return CKM_DSA; 1955 case ecKey: 1956 return CKM_ECDSA; 1957 case edKey: 1958 return CKM_EDDSA; 1959 case mldsaKey: 1960 return CKM_ML_DSA; 1961 case dhKey: 1962 default: 1963 break; 1964 } 1965 return CKM_INVALID_MECHANISM; 1966 } 1967 1968 CK_MECHANISM_TYPE 1969 pk11_mapKemKeyType(KeyType keyType) 1970 { 1971 switch (keyType) { 1972 case kyberKey: 1973 return CKM_ML_KEM; 1974 default: 1975 break; 1976 } 1977 return CKM_INVALID_MECHANISM; 1978 } 1979 1980 CK_MECHANISM_TYPE 1981 pk11_mapWrapKeyType(KeyType keyType) 1982 { 1983 switch (keyType) { 1984 case rsaKey: 1985 return CKM_RSA_PKCS; 1986 default: 1987 break; 1988 } 1989 return CKM_INVALID_MECHANISM; 1990 } 1991 1992 CK_MECHANISM_TYPE 1993 pk11_mapDeriveKeyType(KeyType keyType) 1994 { 1995 switch (keyType) { 1996 case dhKey: 1997 return CKM_DH_PKCS_DERIVE; 1998 case ecMontKey: 1999 case ecKey: 2000 return CKM_ECDH1_DERIVE; 2001 /* not adding fortezza here 2002 * only because forezza is dead */ 2003 default: 2004 break; 2005 } 2006 return CKM_INVALID_MECHANISM; 2007 } 2008 2009 SECOidTag 2010 PK11_FortezzaMapSig(SECOidTag algTag) 2011 { 2012 switch (algTag) { 2013 case SEC_OID_MISSI_KEA_DSS: 2014 case SEC_OID_MISSI_DSS: 2015 case SEC_OID_MISSI_DSS_OLD: 2016 case SEC_OID_MISSI_KEA_DSS_OLD: 2017 case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST: 2018 return SEC_OID_ANSIX9_DSA_SIGNATURE; 2019 default: 2020 break; 2021 } 2022 return algTag; 2023 }