• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1  /* ***** BEGIN LICENSE BLOCK *****
2   * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3   *
4   * The contents of this file are subject to the Mozilla Public License Version
5   * 1.1 (the "License"); you may not use this file except in compliance with
6   * the License. You may obtain a copy of the License at
7   * http://www.mozilla.org/MPL/
8   *
9   * Software distributed under the License is distributed on an "AS IS" basis,
10   * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11   * for the specific language governing rights and limitations under the
12   * License.
13   *
14   * The Original Code is the Netscape security libraries.
15   *
16   * The Initial Developer of the Original Code is
17   * Netscape Communications Corporation.
18   * Portions created by the Initial Developer are Copyright (C) 1994-2000
19   * the Initial Developer. All Rights Reserved.
20   *
21   * Contributor(s):
22   *   Dr Stephen Henson <stephen.henson@gemplus.com>
23   *   Dr Vipul Gupta <vipul.gupta@sun.com>, and
24   *   Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories
25   *
26   * Alternatively, the contents of this file may be used under the terms of
27   * either the GNU General Public License Version 2 or later (the "GPL"), or
28   * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
29   * in which case the provisions of the GPL or the LGPL are applicable instead
30   * of those above. If you wish to allow use of your version of this file only
31   * under the terms of either the GPL or the LGPL, and not to allow others to
32   * use your version of this file under the terms of the MPL, indicate your
33   * decision by deleting the provisions above and replace them with the notice
34   * and other provisions required by the GPL or the LGPL. If you do not delete
35   * the provisions above, a recipient may use your version of this file under
36   * the terms of any one of the MPL, the GPL or the LGPL.
37   *
38   * ***** END LICENSE BLOCK ***** */
39 
40 #include "crypto/third_party/nss/chromium-nss.h"
41 
42 #include <pk11pub.h>
43 
44 #include "base/logging.h"
45 
46 // Based on PK11_ImportEncryptedPrivateKeyInfo function in
47 // mozilla/security/nss/lib/pk11wrap/pk11akey.c.
ImportEncryptedECPrivateKeyInfoAndReturnKey(PK11SlotInfo * slot,SECKEYEncryptedPrivateKeyInfo * epki,SECItem * password,SECItem * nickname,SECItem * public_value,PRBool permanent,PRBool sensitive,SECKEYPrivateKey ** private_key,void * wincx)48 SECStatus ImportEncryptedECPrivateKeyInfoAndReturnKey(
49     PK11SlotInfo* slot,
50     SECKEYEncryptedPrivateKeyInfo* epki,
51     SECItem* password,
52     SECItem* nickname,
53     SECItem* public_value,
54     PRBool permanent,
55     PRBool sensitive,
56     SECKEYPrivateKey** private_key,
57     void* wincx) {
58   SECItem* crypto_param = NULL;
59 
60   CK_ATTRIBUTE_TYPE usage = CKA_SIGN;
61 
62   PK11SymKey* key = PK11_PBEKeyGen(slot,
63                                    &epki->algorithm,
64                                    password,
65                                    PR_FALSE,  // faulty3DES
66                                    wincx);
67   if (key == NULL) {
68     DLOG(ERROR) << "PK11_PBEKeyGen: " << PORT_GetError();
69     return SECFailure;
70   }
71 
72   CK_MECHANISM_TYPE crypto_mech_type = PK11_GetPBECryptoMechanism(
73       &epki->algorithm, &crypto_param, password);
74   if (crypto_mech_type == CKM_INVALID_MECHANISM) {
75     DLOG(ERROR) << "PK11_GetPBECryptoMechanism: " << PORT_GetError();
76     PK11_FreeSymKey(key);
77     return SECFailure;
78   }
79 
80   crypto_mech_type = PK11_GetPadMechanism(crypto_mech_type);
81 
82   *private_key = PK11_UnwrapPrivKey(slot, key, crypto_mech_type, crypto_param,
83                                     &epki->encryptedData, nickname,
84                                     public_value, permanent, sensitive, CKK_EC,
85                                     &usage, 1, wincx);
86 
87   if (crypto_param != NULL)
88     SECITEM_ZfreeItem(crypto_param, PR_TRUE);
89 
90   PK11_FreeSymKey(key);
91 
92   if (!*private_key) {
93     DLOG(ERROR) << "PK11_UnwrapPrivKey: " << PORT_GetError();
94     return SECFailure;
95   }
96 
97   return SECSuccess;
98 }
99