|
|
66ebb3 |
diff -up ./nss/cmd/modutil/pk11.c.ecc-lists ./nss/cmd/modutil/pk11.c
|
|
|
66ebb3 |
--- ./nss/cmd/modutil/pk11.c.ecc-lists 2013-11-09 09:23:30.000000000 -0800
|
|
|
66ebb3 |
+++ ./nss/cmd/modutil/pk11.c 2013-12-20 10:29:01.540726233 -0800
|
|
|
66ebb3 |
@@ -7,12 +7,9 @@
|
|
|
66ebb3 |
*/
|
|
|
66ebb3 |
|
|
|
66ebb3 |
#include "modutil.h"
|
|
|
66ebb3 |
-/* #include "secmodti.h" */
|
|
|
66ebb3 |
+#include "secmodi.h"
|
|
|
66ebb3 |
#include "pk11func.h"
|
|
|
66ebb3 |
|
|
|
66ebb3 |
-static PK11DefaultArrayEntry *pk11_DefaultArray = NULL;
|
|
|
66ebb3 |
-static int pk11_DefaultArraySize = 0;
|
|
|
66ebb3 |
-
|
|
|
66ebb3 |
/*************************************************************************
|
|
|
66ebb3 |
*
|
|
|
66ebb3 |
* F i p s M o d e
|
|
|
66ebb3 |
@@ -110,32 +107,11 @@ ChkFipsMode(char *arg)
|
|
|
66ebb3 |
|
|
|
66ebb3 |
typedef struct {
|
|
|
66ebb3 |
const char *name;
|
|
|
66ebb3 |
- const unsigned long mask;
|
|
|
66ebb3 |
+ unsigned long mask;
|
|
|
66ebb3 |
} MaskString;
|
|
|
66ebb3 |
|
|
|
66ebb3 |
-static const MaskString mechanismStrings[] = {
|
|
|
66ebb3 |
- {"RSA", PUBLIC_MECH_RSA_FLAG},
|
|
|
66ebb3 |
- {"DSA", PUBLIC_MECH_DSA_FLAG},
|
|
|
66ebb3 |
- {"RC2", PUBLIC_MECH_RC2_FLAG},
|
|
|
66ebb3 |
- {"RC4", PUBLIC_MECH_RC4_FLAG},
|
|
|
66ebb3 |
- {"RC5", PUBLIC_MECH_RC5_FLAG},
|
|
|
66ebb3 |
- {"DES", PUBLIC_MECH_DES_FLAG},
|
|
|
66ebb3 |
- {"DH", PUBLIC_MECH_DH_FLAG},
|
|
|
66ebb3 |
- {"FORTEZZA", PUBLIC_MECH_FORTEZZA_FLAG},
|
|
|
66ebb3 |
- {"SHA1", PUBLIC_MECH_SHA1_FLAG},
|
|
|
66ebb3 |
- {"MD5", PUBLIC_MECH_MD5_FLAG},
|
|
|
66ebb3 |
- {"MD2", PUBLIC_MECH_MD2_FLAG},
|
|
|
66ebb3 |
- {"SSL", PUBLIC_MECH_SSL_FLAG},
|
|
|
66ebb3 |
- {"TLS", PUBLIC_MECH_TLS_FLAG},
|
|
|
66ebb3 |
- {"AES", PUBLIC_MECH_AES_FLAG},
|
|
|
66ebb3 |
- {"CAMELLIA", PUBLIC_MECH_CAMELLIA_FLAG},
|
|
|
66ebb3 |
- {"SHA256", PUBLIC_MECH_SHA256_FLAG},
|
|
|
66ebb3 |
- {"SHA512", PUBLIC_MECH_SHA512_FLAG},
|
|
|
66ebb3 |
- {"RANDOM", PUBLIC_MECH_RANDOM_FLAG},
|
|
|
66ebb3 |
- {"FRIENDLY", PUBLIC_MECH_FRIENDLY_FLAG}
|
|
|
66ebb3 |
-};
|
|
|
66ebb3 |
-static const int numMechanismStrings =
|
|
|
66ebb3 |
- sizeof(mechanismStrings) / sizeof(mechanismStrings[0]);
|
|
|
66ebb3 |
+static MaskString *mechanismStrings = NULL;
|
|
|
66ebb3 |
+static int numMechanismStrings = 0;
|
|
|
66ebb3 |
|
|
|
66ebb3 |
static const MaskString cipherStrings[] = {
|
|
|
66ebb3 |
{"FORTEZZA", PUBLIC_CIPHER_FORTEZZA_FLAG}
|
|
|
66ebb3 |
@@ -143,10 +119,83 @@ static const MaskString cipherStrings[]
|
|
|
66ebb3 |
static const int numCipherStrings =
|
|
|
66ebb3 |
sizeof(cipherStrings) / sizeof(cipherStrings[0]);
|
|
|
66ebb3 |
|
|
|
66ebb3 |
+static PK11DefaultArrayEntry *pk11_DefaultArray = NULL;
|
|
|
66ebb3 |
+static int pk11_DefaultArraySize = 0;
|
|
|
66ebb3 |
+
|
|
|
66ebb3 |
+
|
|
|
66ebb3 |
/* Maximum length of a colon-separated list of all the strings in an
|
|
|
66ebb3 |
* array. */
|
|
|
66ebb3 |
#define MAX_STRING_LIST_LEN 240 /* or less */
|
|
|
66ebb3 |
|
|
|
66ebb3 |
+/*
|
|
|
66ebb3 |
+** The same as SECMOD_InternaltoPubMechFlags
|
|
|
66ebb3 |
+** from nss/lib/pk11wrap/pk11util.c wich is a
|
|
|
66ebb3 |
+** private export and not visible to us
|
|
|
66ebb3 |
+*/
|
|
|
66ebb3 |
+static unsigned long
|
|
|
66ebb3 |
+InternaltoPubMechFlags(unsigned long internalFlags)
|
|
|
66ebb3 |
+{
|
|
|
66ebb3 |
+ unsigned long publicFlags = internalFlags;
|
|
|
66ebb3 |
+
|
|
|
66ebb3 |
+ if (internalFlags & SECMOD_RANDOM_FLAG) {
|
|
|
66ebb3 |
+ publicFlags &= ~SECMOD_RANDOM_FLAG;
|
|
|
66ebb3 |
+ publicFlags |= PUBLIC_MECH_RANDOM_FLAG;
|
|
|
66ebb3 |
+ }
|
|
|
66ebb3 |
+ return publicFlags;
|
|
|
66ebb3 |
+}
|
|
|
66ebb3 |
+
|
|
|
66ebb3 |
+
|
|
|
66ebb3 |
+Error
|
|
|
66ebb3 |
+loadMechanismList(void)
|
|
|
66ebb3 |
+{
|
|
|
66ebb3 |
+ int i;
|
|
|
66ebb3 |
+
|
|
|
66ebb3 |
+ if (pk11_DefaultArray == NULL) {
|
|
|
66ebb3 |
+ pk11_DefaultArray = PK11_GetDefaultArray(&pk11_DefaultArraySize);
|
|
|
66ebb3 |
+ if (pk11_DefaultArray == NULL) {
|
|
|
66ebb3 |
+ /* should assert. This shouldn't happen */
|
|
|
66ebb3 |
+ return UNSPECIFIED_ERR;
|
|
|
66ebb3 |
+ }
|
|
|
66ebb3 |
+ }
|
|
|
66ebb3 |
+ if (mechanismStrings != NULL) {
|
|
|
66ebb3 |
+ PR_Free(mechanismStrings);
|
|
|
66ebb3 |
+ }
|
|
|
66ebb3 |
+
|
|
|
66ebb3 |
+ /* build the mechanismStrings array */
|
|
|
66ebb3 |
+ mechanismStrings = PR_Malloc( pk11_DefaultArraySize*sizeof(MaskString) );
|
|
|
66ebb3 |
+ if (mechanismStrings == NULL) {
|
|
|
66ebb3 |
+ return OUT_OF_MEM_ERR;
|
|
|
66ebb3 |
+ }
|
|
|
66ebb3 |
+ numMechanismStrings = pk11_DefaultArraySize;
|
|
|
66ebb3 |
+ for (i = 0; i < numMechanismStrings; i++) {
|
|
|
66ebb3 |
+ char *name = pk11_DefaultArray[i].name;
|
|
|
66ebb3 |
+ unsigned long flag = pk11_DefaultArray[i].flag;
|
|
|
66ebb3 |
+ /* map new name to old */
|
|
|
66ebb3 |
+ switch (flag) {
|
|
|
66ebb3 |
+ case SECMOD_FORTEZZA_FLAG:
|
|
|
66ebb3 |
+ name = "FORTEZZA";
|
|
|
66ebb3 |
+ break;
|
|
|
66ebb3 |
+ case SECMOD_SHA1_FLAG:
|
|
|
66ebb3 |
+ name = "SHA1";
|
|
|
66ebb3 |
+ break;
|
|
|
66ebb3 |
+ case SECMOD_CAMELLIA_FLAG:
|
|
|
66ebb3 |
+ name = "CAMELLIA";
|
|
|
66ebb3 |
+ break;
|
|
|
66ebb3 |
+ case SECMOD_RANDOM_FLAG:
|
|
|
66ebb3 |
+ name = "RANDOM";
|
|
|
66ebb3 |
+ break;
|
|
|
66ebb3 |
+ case SECMOD_FRIENDLY_FLAG:
|
|
|
66ebb3 |
+ name = "FRIENDLY";
|
|
|
66ebb3 |
+ break;
|
|
|
66ebb3 |
+ default:
|
|
|
66ebb3 |
+ break;
|
|
|
66ebb3 |
+ }
|
|
|
66ebb3 |
+ mechanismStrings[i].name = name;
|
|
|
66ebb3 |
+ mechanismStrings[i].mask = InternaltoPubMechFlags(flag);
|
|
|
66ebb3 |
+ }
|
|
|
66ebb3 |
+ return SUCCESS;
|
|
|
66ebb3 |
+}
|
|
|
66ebb3 |
+
|
|
|
66ebb3 |
/************************************************************************
|
|
|
66ebb3 |
*
|
|
|
66ebb3 |
* g e t F l a g s F r o m S t r i n g
|
|
|
66ebb3 |
@@ -244,6 +293,12 @@ AddModule(char *moduleName, char *libFil
|
|
|
66ebb3 |
unsigned long ciphers;
|
|
|
66ebb3 |
unsigned long mechanisms;
|
|
|
66ebb3 |
SECStatus status;
|
|
|
66ebb3 |
+ Error rv;
|
|
|
66ebb3 |
+
|
|
|
66ebb3 |
+ rv = loadMechanismList();
|
|
|
66ebb3 |
+ if (rv != SUCCESS) {
|
|
|
66ebb3 |
+ return rv;
|
|
|
66ebb3 |
+ }
|
|
|
66ebb3 |
|
|
|
66ebb3 |
mechanisms =
|
|
|
66ebb3 |
getFlagsFromString(mechanismString, mechanismStrings,
|
|
|
66ebb3 |
@@ -493,6 +548,11 @@ ListModule(char *moduleName)
|
|
|
66ebb3 |
return SUCCESS;
|
|
|
66ebb3 |
}
|
|
|
66ebb3 |
|
|
|
66ebb3 |
+ rv = loadMechanismList();
|
|
|
66ebb3 |
+ if (rv != SUCCESS) {
|
|
|
66ebb3 |
+ return rv;
|
|
|
66ebb3 |
+ }
|
|
|
66ebb3 |
+
|
|
|
66ebb3 |
module = SECMOD_FindModule(moduleName);
|
|
|
66ebb3 |
if(!module) {
|
|
|
66ebb3 |
PR_fprintf(PR_STDERR, errStrings[NO_SUCH_MODULE_ERR], moduleName);
|
|
|
66ebb3 |
@@ -811,19 +871,18 @@ SetDefaultModule(char *moduleName, char
|
|
|
66ebb3 |
SECMODModule *module = NULL;
|
|
|
66ebb3 |
PK11SlotInfo *slot;
|
|
|
66ebb3 |
int s, i;
|
|
|
66ebb3 |
- unsigned long mechFlags = getFlagsFromString(mechanisms, mechanismStrings,
|
|
|
66ebb3 |
- numMechanismStrings);
|
|
|
66ebb3 |
+ unsigned long mechFlags;
|
|
|
66ebb3 |
PRBool found = PR_FALSE;
|
|
|
66ebb3 |
- Error errcode = UNSPECIFIED_ERR;
|
|
|
66ebb3 |
+ Error errcode;
|
|
|
66ebb3 |
|
|
|
66ebb3 |
- if (pk11_DefaultArray == NULL) {
|
|
|
66ebb3 |
- pk11_DefaultArray = PK11_GetDefaultArray(&pk11_DefaultArraySize);
|
|
|
66ebb3 |
- if (pk11_DefaultArray == NULL) {
|
|
|
66ebb3 |
- /* should assert. This shouldn't happen */
|
|
|
66ebb3 |
- goto loser;
|
|
|
66ebb3 |
- }
|
|
|
66ebb3 |
+ errcode = loadMechanismList();
|
|
|
66ebb3 |
+ if (errcode != SUCCESS) {
|
|
|
66ebb3 |
+ return errcode;
|
|
|
66ebb3 |
}
|
|
|
66ebb3 |
+ errcode = UNSPECIFIED_ERR;
|
|
|
66ebb3 |
|
|
|
66ebb3 |
+ mechFlags = getFlagsFromString(mechanisms, mechanismStrings,
|
|
|
66ebb3 |
+ numMechanismStrings);
|
|
|
66ebb3 |
mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
|
|
|
66ebb3 |
|
|
|
66ebb3 |
module = SECMOD_FindModule(moduleName);
|
|
|
66ebb3 |
@@ -889,20 +948,17 @@ UnsetDefaultModule(char *moduleName, cha
|
|
|
66ebb3 |
SECMODModule * module = NULL;
|
|
|
66ebb3 |
PK11SlotInfo *slot;
|
|
|
66ebb3 |
int s, i;
|
|
|
66ebb3 |
- unsigned long mechFlags = getFlagsFromString(mechanisms,
|
|
|
66ebb3 |
- mechanismStrings, numMechanismStrings);
|
|
|
66ebb3 |
+ unsigned long mechFlags;
|
|
|
66ebb3 |
PRBool found = PR_FALSE;
|
|
|
66ebb3 |
Error rv;
|
|
|
66ebb3 |
|
|
|
66ebb3 |
- if (pk11_DefaultArray == NULL) {
|
|
|
66ebb3 |
- pk11_DefaultArray = PK11_GetDefaultArray(&pk11_DefaultArraySize);
|
|
|
66ebb3 |
- if (pk11_DefaultArray == NULL) {
|
|
|
66ebb3 |
- /* should assert. This shouldn't happen */
|
|
|
66ebb3 |
- rv = UNSPECIFIED_ERR;
|
|
|
66ebb3 |
- goto loser;
|
|
|
66ebb3 |
- }
|
|
|
66ebb3 |
+ rv = loadMechanismList();
|
|
|
66ebb3 |
+ if (rv != SUCCESS) {
|
|
|
66ebb3 |
+ return rv;
|
|
|
66ebb3 |
}
|
|
|
66ebb3 |
|
|
|
66ebb3 |
+ mechFlags = getFlagsFromString(mechanisms, mechanismStrings,
|
|
|
66ebb3 |
+ numMechanismStrings);
|
|
|
66ebb3 |
mechFlags = SECMOD_PubMechFlagstoInternal(mechFlags);
|
|
|
66ebb3 |
|
|
|
66ebb3 |
module = SECMOD_FindModule(moduleName);
|
|
|
66ebb3 |
diff -up ./nss/lib/pk11wrap/pk11slot.c.ecc-lists ./nss/lib/pk11wrap/pk11slot.c
|
|
|
66ebb3 |
--- ./nss/lib/pk11wrap/pk11slot.c.ecc-lists 2013-11-09 09:23:30.000000000 -0800
|
|
|
66ebb3 |
+++ ./nss/lib/pk11wrap/pk11slot.c 2013-12-20 10:29:55.756109883 -0800
|
|
|
66ebb3 |
@@ -32,6 +32,7 @@
|
|
|
66ebb3 |
PK11DefaultArrayEntry PK11_DefaultArray[] = {
|
|
|
66ebb3 |
{ "RSA", SECMOD_RSA_FLAG, CKM_RSA_PKCS },
|
|
|
66ebb3 |
{ "DSA", SECMOD_DSA_FLAG, CKM_DSA },
|
|
|
66ebb3 |
+ { "ECC", SECMOD_ECC_FLAG, CKM_ECDSA },
|
|
|
66ebb3 |
{ "DH", SECMOD_DH_FLAG, CKM_DH_PKCS_DERIVE },
|
|
|
66ebb3 |
{ "RC2", SECMOD_RC2_FLAG, CKM_RC2_CBC },
|
|
|
66ebb3 |
{ "RC4", SECMOD_RC4_FLAG, CKM_RC4 },
|
|
|
66ebb3 |
diff -up ./nss/lib/pk11wrap/secmod.h.ecc-lists ./nss/lib/pk11wrap/secmod.h
|
|
|
66ebb3 |
--- ./nss/lib/pk11wrap/secmod.h.ecc-lists 2013-11-09 09:23:30.000000000 -0800
|
|
|
66ebb3 |
+++ ./nss/lib/pk11wrap/secmod.h 2013-12-20 10:26:20.881585723 -0800
|
|
|
66ebb3 |
@@ -28,6 +28,7 @@
|
|
|
66ebb3 |
#define PUBLIC_MECH_SHA512_FLAG 0x00008000ul
|
|
|
66ebb3 |
#define PUBLIC_MECH_CAMELLIA_FLAG 0x00010000ul
|
|
|
66ebb3 |
#define PUBLIC_MECH_SEED_FLAG 0x00020000ul
|
|
|
66ebb3 |
+#define PUBLIC_MECH_ECC_FLAG 0x00040000ul
|
|
|
66ebb3 |
|
|
|
66ebb3 |
#define PUBLIC_MECH_RANDOM_FLAG 0x08000000ul
|
|
|
66ebb3 |
#define PUBLIC_MECH_FRIENDLY_FLAG 0x10000000ul
|