1 files changed, 224 insertions, 0 deletions

diff --git a/security/nss/lib/pk11wrap/pk11kea.c b/security/nss/lib/pk11wrap/pk11kea.c
new file mode 100644
index 000000000..6006f6032
--- /dev/null
+++ b/security/nss/lib/pk11wrap/pk11kea.c
@@ -0,0 +1,224 @@
+/*
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ */
+/*
+ * This file implements the Symkey wrapper and the PKCS context
+ * Interfaces.
+ */
+
+#include "seccomon.h"
+#include "secmod.h"
+#include "nssilock.h"
+#include "secmodi.h"
+#include "pkcs11.h"
+#include "pk11func.h"
+#include "secitem.h"
+#include "key.h"
+#include "secasn1.h"
+#include "sechash.h"
+#include "cert.h"
+#include "secerr.h"
+
+/*
+ * find an RSA public key on a card
+ */
+static CK_OBJECT_HANDLE
+pk11_FindRSAPubKey(PK11SlotInfo *slot)
+{
+    CK_KEY_TYPE key_type = CKK_RSA;
+    CK_OBJECT_CLASS class_type = CKO_PUBLIC_KEY;
+    CK_ATTRIBUTE theTemplate[2];
+    int template_count = sizeof(theTemplate)/sizeof(theTemplate[0]);
+    CK_ATTRIBUTE *attrs = theTemplate;
+
+    PK11_SETATTRS(attrs,CKA_CLASS,&class_type,sizeof(class_type)); attrs++;
+    PK11_SETATTRS(attrs,CKA_KEY_TYPE,&key_type,sizeof(key_type)); attrs++;
+    template_count = attrs - theTemplate;
+    PR_ASSERT(template_count <= sizeof(theTemplate)/sizeof(CK_ATTRIBUTE));
+
+    return pk11_FindObjectByTemplate(slot,theTemplate,template_count);
+}
+
+SECKEYPublicKey *PK11_ExtractPublicKey(PK11SlotInfo *slot, KeyType keyType,
+					 CK_OBJECT_HANDLE id);
+
+PK11SymKey *
+pk11_KeyExchange(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
+		 	CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey)
+{
+    PK11SymKey *newSymKey = NULL;
+    SECStatus rv;
+    /* performance improvement can go here --- use a generated key to as a
+     * per startup wrapping key. If it exists, use it, otherwise do a full
+     * key exchange. */
+
+    /* find a common Key Exchange algorithm */
+    /* RSA */
+    if (PK11_DoesMechanism(symKey->slot, CKM_RSA_PKCS) && 
+				PK11_DoesMechanism(slot,CKM_RSA_PKCS)) {
+	CK_OBJECT_HANDLE pubKeyHandle = CK_INVALID_KEY;
+	CK_OBJECT_HANDLE privKeyHandle = CK_INVALID_KEY;
+	SECKEYPublicKey *pubKey = NULL;
+	SECKEYPrivateKey *privKey = NULL;
+	SECItem wrapData;
+
+	wrapData.data = NULL;
+
+	/* find RSA Public Key on target */
+	pubKeyHandle = pk11_FindRSAPubKey(slot);
+	if (pubKeyHandle != CK_INVALID_KEY) {
+	    privKeyHandle = PK11_MatchItem(slot,pubKeyHandle,CKO_PRIVATE_KEY);
+	}
+
+	/* if no key exits, generate a key pair */
+	if (privKeyHandle == CK_INVALID_KEY) {
+	    unsigned int     keyLength = PK11_GetKeyLength(symKey);
+	    PK11RSAGenParams rsaParams;
+
+	    rsaParams.keySizeInBits = 
+		((keyLength == 0) || (keyLength > 16)) ? 512 : 256;
+	    rsaParams.pe  = 0x10001;
+	    privKey = PK11_GenerateKeyPair(slot,CKM_RSA_PKCS_KEY_PAIR_GEN, 
+		&rsaParams, &pubKey,PR_FALSE,PR_TRUE,symKey->cx);
+	} else {
+	    /* if key's exist, build SECKEY data structures for them */
+	    privKey = PK11_MakePrivKey(slot,nullKey, PR_TRUE, privKeyHandle,
+					symKey->cx);
+	    if (privKey != NULL) {
+    		pubKey = PK11_ExtractPublicKey(slot, rsaKey, pubKeyHandle);
+		if (pubKey && pubKey->pkcs11Slot) {
+		    PK11_FreeSlot(pubKey->pkcs11Slot);
+		    pubKey->pkcs11Slot = NULL;
+		    pubKey->pkcs11ID = CK_INVALID_KEY;
+		}
+	    }
+	}
+	if (privKey == NULL) goto rsa_failed;
+	if (pubKey == NULL)  goto rsa_failed;
+
+        wrapData.len  = SECKEY_PublicKeyStrength(pubKey);
+        if (!wrapData.len) goto rsa_failed;
+        wrapData.data = PORT_Alloc(wrapData.len);
+        if (wrapData.data == NULL) goto rsa_failed;
+
+	/* now wrap the keys in and out */
+	rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, pubKey, symKey, &wrapData);
+	if (rv == SECSuccess) {
+	    newSymKey = PK11_PubUnwrapSymKey(privKey,&wrapData,type,operation,
+							symKey->size);
+	}
+rsa_failed:
+	if (wrapData.data != NULL) PORT_Free(wrapData.data);
+	if (privKey != NULL) SECKEY_DestroyPrivateKey(privKey);
+	if (pubKey != NULL) SECKEY_DestroyPublicKey(pubKey);
+
+	return  newSymKey;
+    }
+    /* KEA */
+    if (PK11_DoesMechanism(symKey->slot, CKM_KEA_KEY_DERIVE) && 
+				PK11_DoesMechanism(slot,CKM_KEA_KEY_DERIVE)) {
+	CERTCertificate *certSource = NULL;
+	CERTCertificate *certTarget = NULL;
+	SECKEYPublicKey *pubKeySource = NULL;
+	SECKEYPublicKey *pubKeyTarget = NULL;
+	SECKEYPrivateKey *privKeySource = NULL;
+	SECKEYPrivateKey *privKeyTarget = NULL;
+	PK11SymKey *tekSource = NULL;
+	PK11SymKey *tekTarget = NULL;
+	SECItem Ra,wrap;
+
+	/* can only exchange skipjack keys */
+	if (type != CKM_SKIPJACK_CBC64) {
+    	    PORT_SetError( SEC_ERROR_NO_MODULE );
+	    goto kea_failed;
+	}
+
+	/* find a pair of certs we can use */
+	rv = PK11_GetKEAMatchedCerts(symKey->slot,slot,&certSource,&certTarget);
+	if (rv != SECSuccess) goto kea_failed;
+
+	/* get all the key pairs */
+	pubKeyTarget = CERT_ExtractPublicKey(certSource);
+	pubKeySource = CERT_ExtractPublicKey(certTarget);
+	privKeySource = 
+		PK11_FindKeyByDERCert(symKey->slot,certSource,symKey->cx);
+	privKeyTarget = 
+		PK11_FindKeyByDERCert(slot,certTarget,symKey->cx);
+
+	if ((pubKeySource == NULL) || (pubKeyTarget == NULL) ||
+	  (privKeySource == NULL) || (privKeyTarget == NULL)) goto kea_failed;
+
+	/* generate the wrapping TEK's */
+	Ra.data = (unsigned char*)PORT_Alloc(128 /* FORTEZZA RA MAGIC */);
+	Ra.len = 128;
+	if (Ra.data == NULL) goto kea_failed;
+
+	tekSource = PK11_PubDerive(privKeySource,pubKeyTarget,PR_TRUE,&Ra,NULL,
+		CKM_SKIPJACK_WRAP, CKM_KEA_KEY_DERIVE,CKA_WRAP,0,symKey->cx);
+	tekTarget = PK11_PubDerive(privKeyTarget,pubKeySource,PR_FALSE,&Ra,NULL,
+		CKM_SKIPJACK_WRAP, CKM_KEA_KEY_DERIVE,CKA_WRAP,0,symKey->cx);
+	PORT_Free(Ra.data);
+
+	if ((tekSource == NULL) || (tekTarget == NULL)) { goto kea_failed; }
+
+	/* wrap the key out of Source into target */
+	wrap.data = (unsigned char*)PORT_Alloc(12); /* MAGIC SKIPJACK LEN */
+	wrap.len = 12;
+
+	/* paranoia to prevent infinite recursion on bugs */
+	PORT_Assert(tekSource->slot == symKey->slot);
+	if (tekSource->slot != symKey->slot) {
+    	    PORT_SetError( SEC_ERROR_NO_MODULE );
+	    goto kea_failed;
+	}
+
+	rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP,NULL,tekSource,symKey,&wrap);
+	if (rv == SECSuccess) {
+	    newSymKey = PK11_UnwrapSymKey(tekTarget, CKM_SKIPJACK_WRAP, NULL,
+			&wrap, type, operation, symKey->size);
+	}
+	PORT_Free(wrap.data);
+kea_failed:
+	if (certSource == NULL) CERT_DestroyCertificate(certSource);
+	if (certTarget == NULL) CERT_DestroyCertificate(certTarget);
+	if (pubKeySource == NULL) SECKEY_DestroyPublicKey(pubKeySource);
+	if (pubKeyTarget == NULL) SECKEY_DestroyPublicKey(pubKeyTarget);
+	if (privKeySource == NULL) SECKEY_DestroyPrivateKey(privKeySource);
+	if (privKeyTarget == NULL) SECKEY_DestroyPrivateKey(privKeyTarget);
+	if (tekSource == NULL) PK11_FreeSymKey(tekSource);
+	if (tekTarget == NULL) PK11_FreeSymKey(tekTarget);
+	return newSymKey;
+    }
+    PORT_SetError( SEC_ERROR_NO_MODULE );
+    return NULL;
+}
+