|
 |
c70942 |
diff -up ./nss/gtests/pk11_gtest/pk11_import_unittest.cc.pub-priv-mechs ./nss/gtests/pk11_gtest/pk11_import_unittest.cc
|
|
|
c70942 |
--- ./nss/gtests/pk11_gtest/pk11_import_unittest.cc.pub-priv-mechs 2019-05-10 14:14:18.000000000 -0700
|
|
|
c70942 |
+++ ./nss/gtests/pk11_gtest/pk11_import_unittest.cc 2019-06-05 12:01:13.728544204 -0700
|
|
|
c70942 |
@@ -78,17 +78,40 @@ class Pk11KeyImportTestBase : public ::t
|
|
|
c70942 |
CK_MECHANISM_TYPE mech_;
|
|
|
c70942 |
|
|
|
c70942 |
private:
|
|
|
c70942 |
+ SECItem GetPublicComponent(ScopedSECKEYPublicKey& pub_key) {
|
|
|
c70942 |
+ SECItem null = { siBuffer, NULL, 0};
|
|
|
c70942 |
+ switch(SECKEY_GetPublicKeyType(pub_key.get())) {
|
|
|
c70942 |
+ case rsaKey:
|
|
|
c70942 |
+ case rsaPssKey:
|
|
|
c70942 |
+ case rsaOaepKey:
|
|
|
c70942 |
+ return pub_key->u.rsa.modulus;
|
|
|
c70942 |
+ case keaKey:
|
|
|
c70942 |
+ return pub_key->u.kea.publicValue;
|
|
|
c70942 |
+ case dsaKey:
|
|
|
c70942 |
+ return pub_key->u.dsa.publicValue;
|
|
|
c70942 |
+ case dhKey:
|
|
|
c70942 |
+ return pub_key->u.dh.publicValue;
|
|
|
c70942 |
+ case ecKey:
|
|
|
c70942 |
+ return pub_key->u.ec.publicValue;
|
|
|
c70942 |
+ case fortezzaKey: /* depricated */
|
|
|
c70942 |
+ case nullKey:
|
|
|
c70942 |
+ /* didn't use default here so we can catch new key types at compile time */
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ }
|
|
|
c70942 |
+ return null;
|
|
|
c70942 |
+ }
|
|
|
c70942 |
void CheckForPublicKey(const ScopedSECKEYPrivateKey& priv_key,
|
|
|
c70942 |
const SECItem* expected_public) {
|
|
|
c70942 |
// Verify the public key exists.
|
|
|
c70942 |
StackSECItem priv_id;
|
|
|
c70942 |
+ KeyType type = SECKEY_GetPrivateKeyType(priv_key.get());
|
|
|
c70942 |
SECStatus rv = PK11_ReadRawAttribute(PK11_TypePrivKey, priv_key.get(),
|
|
|
c70942 |
CKA_ID, &priv_id);
|
|
|
c70942 |
ASSERT_EQ(SECSuccess, rv) << "Couldn't read CKA_ID from private key: "
|
|
|
c70942 |
<< PORT_ErrorToName(PORT_GetError());
|
|
|
c70942 |
|
|
|
c70942 |
CK_ATTRIBUTE_TYPE value_type = CKA_VALUE;
|
|
|
c70942 |
- switch (SECKEY_GetPrivateKeyType(priv_key.get())) {
|
|
|
c70942 |
+ switch (type) {
|
|
|
c70942 |
case rsaKey:
|
|
|
c70942 |
value_type = CKA_MODULUS;
|
|
|
c70942 |
break;
|
|
|
c70942 |
@@ -106,6 +129,8 @@ class Pk11KeyImportTestBase : public ::t
|
|
|
c70942 |
FAIL() << "unknown key type";
|
|
|
c70942 |
}
|
|
|
c70942 |
|
|
|
c70942 |
+ // Scan public key objects until we find one with the same CKA_ID as
|
|
|
c70942 |
+ // priv_key
|
|
|
c70942 |
std::unique_ptr<PK11GenericObject, PK11GenericObjectsDeleter> objs(
|
|
|
c70942 |
PK11_FindGenericObjects(slot_.get(), CKO_PUBLIC_KEY));
|
|
|
c70942 |
ASSERT_NE(nullptr, objs);
|
|
|
c70942 |
@@ -128,20 +153,46 @@ class Pk11KeyImportTestBase : public ::t
|
|
|
c70942 |
ASSERT_EQ(1U, token.len);
|
|
|
c70942 |
ASSERT_NE(0, token.data[0]);
|
|
|
c70942 |
|
|
|
c70942 |
- StackSECItem value;
|
|
|
c70942 |
- rv = PK11_ReadRawAttribute(PK11_TypeGeneric, obj, value_type, &value);
|
|
|
c70942 |
+ StackSECItem raw_value;
|
|
|
c70942 |
+ SECItem decoded_value;
|
|
|
c70942 |
+ rv = PK11_ReadRawAttribute(PK11_TypeGeneric, obj, value_type, &raw_value);
|
|
|
c70942 |
ASSERT_EQ(SECSuccess, rv);
|
|
|
c70942 |
+ SECItem value = raw_value;
|
|
|
c70942 |
|
|
|
c70942 |
+ // Decode the EC_POINT and check the output against expected.
|
|
|
c70942 |
// CKA_EC_POINT isn't stable, see Bug 1520649.
|
|
|
c70942 |
+ ScopedPLArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
|
|
|
c70942 |
+ ASSERT_TRUE(arena);
|
|
|
c70942 |
if (value_type == CKA_EC_POINT) {
|
|
|
c70942 |
- continue;
|
|
|
c70942 |
- }
|
|
|
c70942 |
|
|
|
c70942 |
+ // If this fails due to the noted inconsistency, we may need to
|
|
|
c70942 |
+ // check the whole raw_value, or remove a leading UNCOMPRESSED_POINT tag
|
|
|
c70942 |
+ rv = SEC_QuickDERDecodeItem(arena.get(), &decoded_value,
|
|
|
c70942 |
+ SEC_ASN1_GET(SEC_OctetStringTemplate),
|
|
|
c70942 |
+ &raw_value);
|
|
|
c70942 |
+ ASSERT_EQ(SECSuccess, rv);
|
|
|
c70942 |
+ value = decoded_value;
|
|
|
c70942 |
+ }
|
|
|
c70942 |
ASSERT_TRUE(SECITEM_ItemsAreEqual(expected_public, &value))
|
|
|
c70942 |
<< "expected: "
|
|
|
c70942 |
<< DataBuffer(expected_public->data, expected_public->len)
|
|
|
c70942 |
<< std::endl
|
|
|
c70942 |
<< "actual: " << DataBuffer(value.data, value.len) << std::endl;
|
|
|
c70942 |
+
|
|
|
c70942 |
+ // Finally, convert the private to public and ensure it matches.
|
|
|
c70942 |
+ ScopedSECKEYPublicKey pub_key(
|
|
|
c70942 |
+ SECKEY_ConvertToPublicKey(priv_key.get()));
|
|
|
c70942 |
+ ASSERT_TRUE(pub_key);
|
|
|
c70942 |
+ SECItem converted_public = GetPublicComponent(pub_key);
|
|
|
c70942 |
+ ASSERT_TRUE(converted_public.len != 0);
|
|
|
c70942 |
+
|
|
|
c70942 |
+ ASSERT_TRUE(SECITEM_ItemsAreEqual(expected_public, &converted_public))
|
|
|
c70942 |
+ << "expected: "
|
|
|
c70942 |
+ << DataBuffer(expected_public->data, expected_public->len)
|
|
|
c70942 |
+ << std::endl
|
|
|
c70942 |
+ << "actual: "
|
|
|
c70942 |
+ << DataBuffer(converted_public.data, converted_public.len)
|
|
|
c70942 |
+ << std::endl;
|
|
|
c70942 |
}
|
|
|
c70942 |
}
|
|
|
c70942 |
|
|
|
c70942 |
diff -up ./nss/lib/cryptohi/seckey.c.pub-priv-mechs ./nss/lib/cryptohi/seckey.c
|
|
|
c70942 |
--- ./nss/lib/cryptohi/seckey.c.pub-priv-mechs 2019-05-10 14:14:18.000000000 -0700
|
|
|
c70942 |
+++ ./nss/lib/cryptohi/seckey.c 2019-06-05 12:01:13.729544204 -0700
|
|
|
c70942 |
@@ -1206,6 +1206,37 @@ SECKEY_CopyPublicKey(const SECKEYPublicK
|
|
|
c70942 |
return NULL;
|
|
|
c70942 |
}
|
|
|
c70942 |
|
|
|
c70942 |
+/*
|
|
|
c70942 |
+ * Use the private key to find a public key handle. The handle will be on
|
|
|
c70942 |
+ * the same slot as the private key.
|
|
|
c70942 |
+ */
|
|
|
c70942 |
+static CK_OBJECT_HANDLE
|
|
|
c70942 |
+seckey_FindPublicKeyHandle(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk)
|
|
|
c70942 |
+{
|
|
|
c70942 |
+ CK_OBJECT_HANDLE keyID;
|
|
|
c70942 |
+
|
|
|
c70942 |
+ /* this helper function is only used below. If we want to make this more
|
|
|
c70942 |
+ * general, we would need to free up any already cached handles if the
|
|
|
c70942 |
+ * slot doesn't match up with the private key slot */
|
|
|
c70942 |
+ PORT_Assert(pubk->pkcs11ID == CK_INVALID_HANDLE);
|
|
|
c70942 |
+
|
|
|
c70942 |
+ /* first look for a matching public key */
|
|
|
c70942 |
+ keyID = PK11_MatchItem(privk->pkcs11Slot, privk->pkcs11ID, CKO_PUBLIC_KEY);
|
|
|
c70942 |
+ if (keyID != CK_INVALID_HANDLE) {
|
|
|
c70942 |
+ return keyID;
|
|
|
c70942 |
+ }
|
|
|
c70942 |
+
|
|
|
c70942 |
+ /* none found, create a temp one, make the pubk the owner */
|
|
|
c70942 |
+ pubk->pkcs11ID = PK11_DerivePubKeyFromPrivKey(privk);
|
|
|
c70942 |
+ if (pubk->pkcs11ID == CK_INVALID_HANDLE) {
|
|
|
c70942 |
+ /* end of the road. Token doesn't have matching public key, nor can
|
|
|
c70942 |
+ * token regenerate a new public key from and existing private key. */
|
|
|
c70942 |
+ return CK_INVALID_HANDLE;
|
|
|
c70942 |
+ }
|
|
|
c70942 |
+ pubk->pkcs11Slot = PK11_ReferenceSlot(privk->pkcs11Slot);
|
|
|
c70942 |
+ return pubk->pkcs11ID;
|
|
|
c70942 |
+}
|
|
|
c70942 |
+
|
|
|
c70942 |
SECKEYPublicKey *
|
|
|
c70942 |
SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privk)
|
|
|
c70942 |
{
|
|
|
c70942 |
@@ -1213,6 +1244,8 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK
|
|
|
c70942 |
PLArenaPool *arena;
|
|
|
c70942 |
CERTCertificate *cert;
|
|
|
c70942 |
SECStatus rv;
|
|
|
c70942 |
+ CK_OBJECT_HANDLE pubKeyHandle;
|
|
|
c70942 |
+ SECItem decodedPoint;
|
|
|
c70942 |
|
|
|
c70942 |
/*
|
|
|
c70942 |
* First try to look up the cert.
|
|
|
c70942 |
@@ -1243,11 +1276,47 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK
|
|
|
c70942 |
|
|
|
c70942 |
switch (privk->keyType) {
|
|
|
c70942 |
case nullKey:
|
|
|
c70942 |
- case dhKey:
|
|
|
c70942 |
- case dsaKey:
|
|
|
c70942 |
/* Nothing to query, if the cert isn't there, we're done -- no way
|
|
|
c70942 |
* to get the public key */
|
|
|
c70942 |
break;
|
|
|
c70942 |
+ case dsaKey:
|
|
|
c70942 |
+ pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk);
|
|
|
c70942 |
+ if (pubKeyHandle == CK_INVALID_HANDLE)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
|
|
c70942 |
+ CKA_BASE, arena, &pubk->u.dsa.params.base);
|
|
|
c70942 |
+ if (rv != SECSuccess)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
|
|
c70942 |
+ CKA_PRIME, arena, &pubk->u.dsa.params.prime);
|
|
|
c70942 |
+ if (rv != SECSuccess)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
|
|
c70942 |
+ CKA_SUBPRIME, arena, &pubk->u.dsa.params.subPrime);
|
|
|
c70942 |
+ if (rv != SECSuccess)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
|
|
c70942 |
+ CKA_VALUE, arena, &pubk->u.dsa.publicValue);
|
|
|
c70942 |
+ if (rv != SECSuccess)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ return pubk;
|
|
|
c70942 |
+ case dhKey:
|
|
|
c70942 |
+ pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk);
|
|
|
c70942 |
+ if (pubKeyHandle == CK_INVALID_HANDLE)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
|
|
c70942 |
+ CKA_BASE, arena, &pubk->u.dh.base);
|
|
|
c70942 |
+ if (rv != SECSuccess)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
|
|
c70942 |
+ CKA_PRIME, arena, &pubk->u.dh.prime);
|
|
|
c70942 |
+ if (rv != SECSuccess)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
|
|
c70942 |
+ CKA_VALUE, arena, &pubk->u.dh.publicValue);
|
|
|
c70942 |
+ if (rv != SECSuccess)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ return pubk;
|
|
|
c70942 |
case rsaKey:
|
|
|
c70942 |
rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID,
|
|
|
c70942 |
CKA_MODULUS, arena, &pubk->u.rsa.modulus);
|
|
|
c70942 |
@@ -1258,7 +1327,6 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK
|
|
|
c70942 |
if (rv != SECSuccess)
|
|
|
c70942 |
break;
|
|
|
c70942 |
return pubk;
|
|
|
c70942 |
- break;
|
|
|
c70942 |
case ecKey:
|
|
|
c70942 |
rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID,
|
|
|
c70942 |
CKA_EC_PARAMS, arena, &pubk->u.ec.DEREncodedParams);
|
|
|
c70942 |
@@ -1268,7 +1336,23 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK
|
|
|
c70942 |
rv = PK11_ReadAttribute(privk->pkcs11Slot, privk->pkcs11ID,
|
|
|
c70942 |
CKA_EC_POINT, arena, &pubk->u.ec.publicValue);
|
|
|
c70942 |
if (rv != SECSuccess || pubk->u.ec.publicValue.len == 0) {
|
|
|
c70942 |
- break;
|
|
|
c70942 |
+ pubKeyHandle = seckey_FindPublicKeyHandle(privk, pubk);
|
|
|
c70942 |
+ if (pubKeyHandle == CK_INVALID_HANDLE)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ rv = PK11_ReadAttribute(privk->pkcs11Slot, pubKeyHandle,
|
|
|
c70942 |
+ CKA_EC_POINT, arena, &pubk->u.ec.publicValue);
|
|
|
c70942 |
+ if (rv != SECSuccess)
|
|
|
c70942 |
+ break;
|
|
|
c70942 |
+ }
|
|
|
c70942 |
+ /* ec.publicValue should be decoded, PKCS #11 defines CKA_EC_POINT
|
|
|
c70942 |
+ * as encoded, but it's not always. try do decoded it and if it
|
|
|
c70942 |
+ * succeeds store the decoded value */
|
|
|
c70942 |
+ rv = SEC_QuickDERDecodeItem(arena, &decodedPoint,
|
|
|
c70942 |
+ SEC_ASN1_GET(SEC_OctetStringTemplate), &pubk->u.ec.publicValue);
|
|
|
c70942 |
+ if (rv == SECSuccess) {
|
|
|
c70942 |
+ /* both values are in the public key arena, so it's safe to
|
|
|
c70942 |
+ * overwrite the old value */
|
|
|
c70942 |
+ pubk->u.ec.publicValue = decodedPoint;
|
|
|
c70942 |
}
|
|
|
c70942 |
pubk->u.ec.encoding = ECPoint_Undefined;
|
|
|
c70942 |
return pubk;
|
|
|
c70942 |
@@ -1276,7 +1360,9 @@ SECKEY_ConvertToPublicKey(SECKEYPrivateK
|
|
|
c70942 |
break;
|
|
|
c70942 |
}
|
|
|
c70942 |
|
|
|
c70942 |
- PORT_FreeArena(arena, PR_FALSE);
|
|
|
c70942 |
+ /* must use Destroy public key here, because some paths create temporary
|
|
|
c70942 |
+ * PKCS #11 objects which need to be freed */
|
|
|
c70942 |
+ SECKEY_DestroyPublicKey(pubk);
|
|
|
c70942 |
return NULL;
|
|
|
c70942 |
}
|
|
|
c70942 |
|
|
|
c70942 |
diff -up ./nss/lib/pk11wrap/pk11priv.h.pub-priv-mechs ./nss/lib/pk11wrap/pk11priv.h
|
|
|
c70942 |
--- ./nss/lib/pk11wrap/pk11priv.h.pub-priv-mechs 2019-05-10 14:14:18.000000000 -0700
|
|
|
c70942 |
+++ ./nss/lib/pk11wrap/pk11priv.h 2019-06-05 12:01:13.729544204 -0700
|
|
|
c70942 |
@@ -111,6 +111,7 @@ CK_OBJECT_HANDLE PK11_FindObjectForCert(
|
|
|
c70942 |
PK11SymKey *pk11_CopyToSlot(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
|
|
|
c70942 |
CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey);
|
|
|
c70942 |
unsigned int pk11_GetPredefinedKeyLength(CK_KEY_TYPE keyType);
|
|
|
c70942 |
+CK_OBJECT_HANDLE PK11_DerivePubKeyFromPrivKey(SECKEYPrivateKey *privKey);
|
|
|
c70942 |
|
|
|
c70942 |
/**********************************************************************
|
|
|
c70942 |
* Certs
|
|
|
c70942 |
diff -up ./nss/lib/pk11wrap/pk11skey.c.pub-priv-mechs ./nss/lib/pk11wrap/pk11skey.c
|
|
|
c70942 |
--- ./nss/lib/pk11wrap/pk11skey.c.pub-priv-mechs 2019-05-10 14:14:18.000000000 -0700
|
|
|
c70942 |
+++ ./nss/lib/pk11wrap/pk11skey.c 2019-06-05 12:01:13.730544203 -0700
|
|
|
c70942 |
@@ -1840,6 +1840,35 @@ loser:
|
|
|
c70942 |
}
|
|
|
c70942 |
|
|
|
c70942 |
/*
|
|
|
c70942 |
+ * This regenerate a public key from a private key. This function is currently
|
|
|
c70942 |
+ * NSS private. If we want to make it public, we need to add and optional
|
|
|
c70942 |
+ * template or at least flags (a.la. PK11_DeriveWithFlags).
|
|
|
c70942 |
+ */
|
|
|
c70942 |
+CK_OBJECT_HANDLE
|
|
|
c70942 |
+PK11_DerivePubKeyFromPrivKey(SECKEYPrivateKey *privKey)
|
|
|
c70942 |
+{
|
|
|
c70942 |
+ PK11SlotInfo *slot = privKey->pkcs11Slot;
|
|
|
c70942 |
+ CK_MECHANISM mechanism;
|
|
|
c70942 |
+ CK_OBJECT_HANDLE objectID = CK_INVALID_HANDLE;
|
|
|
c70942 |
+ CK_RV crv;
|
|
|
c70942 |
+
|
|
|
c70942 |
+ mechanism.mechanism = CKM_NSS_PUB_FROM_PRIV;
|
|
|
c70942 |
+ mechanism.pParameter = NULL;
|
|
|
c70942 |
+ mechanism.ulParameterLen = 0;
|
|
|
c70942 |
+
|
|
|
c70942 |
+ PK11_EnterSlotMonitor(slot);
|
|
|
c70942 |
+ crv = PK11_GETTAB(slot)->C_DeriveKey(slot->session, &mechanism,
|
|
|
c70942 |
+ privKey->pkcs11ID, NULL, 0,
|
|
|
c70942 |
+ &objectID);
|
|
|
c70942 |
+ PK11_ExitSlotMonitor(slot);
|
|
|
c70942 |
+ if (crv != CKR_OK) {
|
|
|
c70942 |
+ PORT_SetError(PK11_MapError(crv));
|
|
|
c70942 |
+ return CK_INVALID_HANDLE;
|
|
|
c70942 |
+ }
|
|
|
c70942 |
+ return objectID;
|
|
|
c70942 |
+}
|
|
|
c70942 |
+
|
|
|
c70942 |
+/*
|
|
|
c70942 |
* This Generates a wrapping key based on a privateKey, publicKey, and two
|
|
|
c70942 |
* random numbers. For Mail usage RandomB should be NULL. In the Sender's
|
|
|
c70942 |
* case RandomA is generate, outherwize it is passed.
|