1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is the Netscape security libraries.
15 *
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
20 *
21 * Contributor(s):
22 * Dr Stephen Henson <stephen.henson@gemplus.com>
23 * Dr Vipul Gupta <vipul.gupta@sun.com>, and
24 * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories
25 *
26 * Alternatively, the contents of this file may be used under the terms of
27 * either the GNU General Public License Version 2 or later (the "GPL"), or
28 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
29 * in which case the provisions of the GPL or the LGPL are applicable instead
30 * of those above. If you wish to allow use of your version of this file only
31 * under the terms of either the GPL or the LGPL, and not to allow others to
32 * use your version of this file under the terms of the MPL, indicate your
33 * decision by deleting the provisions above and replace them with the notice
34 * and other provisions required by the GPL or the LGPL. If you do not delete
35 * the provisions above, a recipient may use your version of this file under
36 * the terms of any one of the MPL, the GPL or the LGPL.
37 *
38 * ***** END LICENSE BLOCK ***** */
39
40 #include "crypto/third_party/nss/chromium-nss.h"
41
42 #include <pk11pub.h>
43
44 #include "base/logging.h"
45
46 // Based on PK11_ImportEncryptedPrivateKeyInfo function in
47 // mozilla/security/nss/lib/pk11wrap/pk11akey.c.
ImportEncryptedECPrivateKeyInfoAndReturnKey(PK11SlotInfo * slot,SECKEYEncryptedPrivateKeyInfo * epki,SECItem * password,SECItem * nickname,SECItem * public_value,PRBool permanent,PRBool sensitive,SECKEYPrivateKey ** private_key,void * wincx)48 SECStatus ImportEncryptedECPrivateKeyInfoAndReturnKey(
49 PK11SlotInfo* slot,
50 SECKEYEncryptedPrivateKeyInfo* epki,
51 SECItem* password,
52 SECItem* nickname,
53 SECItem* public_value,
54 PRBool permanent,
55 PRBool sensitive,
56 SECKEYPrivateKey** private_key,
57 void* wincx) {
58 SECItem* crypto_param = NULL;
59
60 CK_ATTRIBUTE_TYPE usage = CKA_SIGN;
61
62 PK11SymKey* key = PK11_PBEKeyGen(slot,
63 &epki->algorithm,
64 password,
65 PR_FALSE, // faulty3DES
66 wincx);
67 if (key == NULL) {
68 DLOG(ERROR) << "PK11_PBEKeyGen: " << PORT_GetError();
69 return SECFailure;
70 }
71
72 CK_MECHANISM_TYPE crypto_mech_type = PK11_GetPBECryptoMechanism(
73 &epki->algorithm, &crypto_param, password);
74 if (crypto_mech_type == CKM_INVALID_MECHANISM) {
75 DLOG(ERROR) << "PK11_GetPBECryptoMechanism: " << PORT_GetError();
76 PK11_FreeSymKey(key);
77 return SECFailure;
78 }
79
80 crypto_mech_type = PK11_GetPadMechanism(crypto_mech_type);
81
82 *private_key = PK11_UnwrapPrivKey(slot, key, crypto_mech_type, crypto_param,
83 &epki->encryptedData, nickname,
84 public_value, permanent, sensitive, CKK_EC,
85 &usage, 1, wincx);
86
87 if (crypto_param != NULL)
88 SECITEM_ZfreeItem(crypto_param, PR_TRUE);
89
90 PK11_FreeSymKey(key);
91
92 if (!*private_key) {
93 DLOG(ERROR) << "PK11_UnwrapPrivKey: " << PORT_GetError();
94 return SECFailure;
95 }
96
97 return SECSuccess;
98 }
99