Back to index

lightning-sunbird  0.9+nobinonly
Typedefs | Enumerations | Functions
secpkcs5.h File Reference
#include "seccomon.h"
#include "secmodt.h"
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Typedefs

typedef struct PBEBitGenContextStr

Enumerations

enum  PBEBitGenID {
  pbeBitGenIDNull = 0, pbeBitGenCipherKey = 0x01, pbeBitGenCipherIV = 0x02, pbeBitGenIntegrityKey = 0x03,
  pbeBitGenIDNull = 0, pbeBitGenCipherKey = 0x01, pbeBitGenCipherIV = 0x02, pbeBitGenIntegrityKey = 0x03,
  pbeBitGenIDNull = 0, pbeBitGenCipherKey = 0x01, pbeBitGenCipherIV = 0x02, pbeBitGenIntegrityKey = 0x03,
  pbeBitGenIDNull = 0, pbeBitGenCipherKey = 0x01, pbeBitGenCipherIV = 0x02, pbeBitGenIntegrityKey = 0x03
}

Functions

SEC_BEGIN_PROTOS SECAlgorithmID * SEC_PKCS5CreateAlgorithmID (SECOidTag algorithm, SECItem *salt, int iteration)
SECItem * SEC_PKCS5GetIV (SECAlgorithmID *algid, SECItem *pwitem, PRBool faulty3DES)
SECOidTag SEC_PKCS5GetCryptoAlgorithm (SECAlgorithmID *algid)
PRBool SEC_PKCS5IsAlgorithmPBEAlg (SECAlgorithmID *algid)
SECOidTag SEC_PKCS5GetPBEAlgorithm (SECOidTag algTag, int keyLen)
int SEC_PKCS5GetKeyLength (SECAlgorithmID *algid)
PBEBitGenContext * PBE_CreateContext (SECOidTag hashAlgorithm, PBEBitGenID bitGenPurpose, SECItem *pwitem, SECItem *salt, unsigned int bitsNeeded, unsigned int iterations)
void PBE_DestroyContext (PBEBitGenContext *context)
SECItem * PBE_GenerateBits (PBEBitGenContext *context)

Typedef Documentation

typedef struct PBEBitGenContextStr

Definition at line 49 of file secpkcs5.h.


Enumeration Type Documentation

Enumerator:
pbeBitGenIDNull 
pbeBitGenCipherKey 
pbeBitGenCipherIV 
pbeBitGenIntegrityKey 
pbeBitGenIDNull 
pbeBitGenCipherKey 
pbeBitGenCipherIV 
pbeBitGenIntegrityKey 
pbeBitGenIDNull 
pbeBitGenCipherKey 
pbeBitGenCipherIV 
pbeBitGenIntegrityKey 
pbeBitGenIDNull 
pbeBitGenCipherKey 
pbeBitGenCipherIV 
pbeBitGenIntegrityKey 

Definition at line 42 of file secpkcs5.h.


Function Documentation

PBEBitGenContext* PBE_CreateContext ( SECOidTag  hashAlgorithm,
PBEBitGenID  bitGenPurpose,
SECItem *  pwitem,
SECItem *  salt,
unsigned int  bitsNeeded,
unsigned int  iterations 
)

Definition at line 507 of file pk11pbe.c.

{
    SECItem *context = NULL;
    SECItem mechItem;
    CK_PBE_PARAMS pbe_params;
    CK_MECHANISM_TYPE mechanism = CKM_INVALID_MECHANISM;
    PK11SlotInfo *slot;
    PK11SymKey *symKey = NULL;
    unsigned char ivData[8];
    

    /* use the purpose to select the low level keygen algorithm */
    switch (bitGenPurpose) {
    case pbeBitGenIntegrityKey:
       switch (hashAlgorithm) {
       case SEC_OID_SHA1:
           mechanism = CKM_PBA_SHA1_WITH_SHA1_HMAC;
           break;
       case SEC_OID_MD2:
           mechanism = CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN;
           break;
       case SEC_OID_MD5:
           mechanism = CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN;
           break;
       default:
           break;
       }
       break;
    case pbeBitGenCipherIV:
       if (bitsNeeded > 64) {
           break;
       }
       if (hashAlgorithm != SEC_OID_SHA1) {
           break;
       }
       mechanism = CKM_PBE_SHA1_DES3_EDE_CBC;
       break;
    case pbeBitGenCipherKey:
       if (hashAlgorithm != SEC_OID_SHA1) {
           break;
       }
       switch (bitsNeeded) {
       case 40:
           mechanism = CKM_PBE_SHA1_RC4_40;
           break;
       case 128:
           mechanism = CKM_PBE_SHA1_RC4_128;
           break;
       default:
           break;
       }
    case pbeBitGenIDNull:
       break;
    }

    if (mechanism == CKM_INVALID_MECHANISM) {
       /* we should set an error, but this is a depricated function, and
        * we are keeping bug for bug compatibility;)... */
           return NULL;
    } 

    pbe_params.pInitVector = ivData;
    pbe_params.pPassword = pwitem->data;
    pbe_params.ulPasswordLen = pwitem->len;
    pbe_params.pSalt = salt->data;
    pbe_params.ulSaltLen = salt->len;
    pbe_params.ulIteration = iterations;
    mechItem.data = (unsigned char *) &pbe_params;
    mechItem.len = sizeof(pbe_params);


    slot = PK11_GetInternalSlot();
    symKey = PK11_RawPBEKeyGen(slot,mechanism,
                                   &mechItem, pwitem, PR_FALSE, NULL);
    PK11_FreeSlot(slot);
    if (symKey != NULL) {
       if (bitGenPurpose == pbeBitGenCipherIV) {
           /* NOTE: this assumes that bitsNeeded is a multiple of 8! */
           SECItem ivItem;

           ivItem.data = ivData;
           ivItem.len = bitsNeeded/8;
           context = SECITEM_DupItem(&ivItem);
       } else {
           SECItem *keyData;
           PK11_ExtractKeyValue(symKey);
           keyData = PK11_GetKeyData(symKey);

           /* assert bitsNeeded with length? */
           if (keyData) {
              context = SECITEM_DupItem(keyData);
           }
       }
       PK11_FreeSymKey(symKey);
    }

    return (PBEBitGenContext *)context;
}

Here is the call graph for this function:

void PBE_DestroyContext ( PBEBitGenContext *  context)

Definition at line 615 of file pk11pbe.c.

{
    SECITEM_FreeItem((SECItem *)context,PR_TRUE);
}

Here is the call graph for this function:

SECItem* PBE_GenerateBits ( PBEBitGenContext *  context)

Definition at line 609 of file pk11pbe.c.

{
    return (SECItem *)context;
}
SEC_BEGIN_PROTOS SECAlgorithmID* SEC_PKCS5CreateAlgorithmID ( SECOidTag  algorithm,
SECItem *  salt,
int  iteration 
)

Definition at line 340 of file pk11pbe.c.

{
    PRArenaPool *poolp = NULL;
    SECAlgorithmID *algid, *ret_algid;
    SECItem der_param;
    SECStatus rv = SECFailure;
    SEC_PKCS5PBEParameter *pbe_param;

    if(iteration <= 0) {
       return NULL;
    }

    der_param.data = NULL;
    der_param.len = 0;

    /* generate the parameter */
    pbe_param = sec_pkcs5_create_pbe_parameter(algorithm, salt, iteration);
    if(!pbe_param) {
       return NULL;
    }

    poolp = PORT_NewArena(SEC_ASN1_DEFAULT_ARENA_SIZE);
    if(!poolp) {
       sec_pkcs5_destroy_pbe_param(pbe_param);
       return NULL;
    }

    /* generate the algorithm id */
    algid = (SECAlgorithmID *)PORT_ArenaZAlloc(poolp, sizeof(SECAlgorithmID));
    if(algid != NULL) {
       void *dummy;
       if(!sec_pkcs5_is_algorithm_v2_pkcs12_algorithm(algorithm)) {
           dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
                                   SEC_PKCS5PBEParameterTemplate);
       } else {
           dummy = SEC_ASN1EncodeItem(poolp, &der_param, pbe_param,
                                   SEC_V2PKCS12PBEParameterTemplate);
       }
       
       if(dummy) {
           rv = SECOID_SetAlgorithmID(poolp, algid, algorithm, &der_param);
       }
    }

    ret_algid = NULL;
    if(algid != NULL) {
       ret_algid = (SECAlgorithmID *)PORT_ZAlloc(sizeof(SECAlgorithmID));
       if(ret_algid != NULL) {
           rv = SECOID_CopyAlgorithmID(NULL, ret_algid, algid);
           if(rv != SECSuccess) {
              SECOID_DestroyAlgorithmID(ret_algid, PR_TRUE);
              ret_algid = NULL;
           }
       }
    }
       
    if(poolp != NULL) {
       PORT_FreeArena(poolp, PR_TRUE);
       algid = NULL;
    }

    sec_pkcs5_destroy_pbe_param(pbe_param);

    return ret_algid;
}

Here is the call graph for this function:

Here is the caller graph for this function:

SECOidTag SEC_PKCS5GetCryptoAlgorithm ( SECAlgorithmID *  algid)
SECItem* SEC_PKCS5GetIV ( SECAlgorithmID *  algid,
SECItem *  pwitem,
PRBool  faulty3DES 
)

Definition at line 621 of file pk11pbe.c.

{
    SECItem mechItem;
    SECOidTag algorithm = SECOID_GetAlgorithmTag(algid);
    CK_PBE_PARAMS *pbe_params;
    CK_MECHANISM_TYPE mechanism;
    SECItem *iv = NULL;
    SECStatus rv;
    int iv_len;
    PK11SlotInfo *slot;
    PK11SymKey *symKey;

    rv = pbe_PK11AlgidToParam(algid,&mechItem);
    if (rv != SECSuccess) {
       return NULL;
    }

    mechanism = PK11_AlgtagToMechanism(algorithm);
    iv_len = PK11_GetIVLength(mechanism);
    pbe_params = (CK_PBE_PARAMS_PTR)mechItem.data;

    slot = PK11_GetInternalSlot();
    symKey = PK11_RawPBEKeyGen(slot,mechanism,
                                   &mechItem, pwitem, faulty3DES,NULL);
    PK11_FreeSlot(slot);

    if (symKey) {
       SECItem tmp;

       tmp.data = pbe_params->pInitVector;
       tmp.len = iv_len;
       iv = SECITEM_DupItem(&tmp);
        PK11_FreeSymKey(symKey);
    }

    if (mechItem.data) {
       PORT_ZFree(mechItem.data,mechItem.len);
    }

    return iv;
}

Here is the call graph for this function:

int SEC_PKCS5GetKeyLength ( SECAlgorithmID *  algid)
SECOidTag SEC_PKCS5GetPBEAlgorithm ( SECOidTag  algTag,
int  keyLen 
)

Definition at line 140 of file pk11pbe.c.

{
    switch(algTag)
    {
       case SEC_OID_DES_EDE3_CBC:
           switch(keyLen) {
              case 168:
              case 192:
                  return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC;
              case 128:
              case 92:
                  return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC;
              default:
                  break;
           }
           break;
       case SEC_OID_DES_CBC:
           return SEC_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC;
       case SEC_OID_RC2_CBC:
           switch(keyLen) {
              case 40:
                  return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC;
              case 128:
                  return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC;
              default:
                  break;
           }
           break;
       case SEC_OID_RC4:
           switch(keyLen) {
              case 40:
                  return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4;
              case 128:
                  return SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4;
              default:
                  break;
           }
           break;
       default:
           break;
    }

    return SEC_OID_UNKNOWN;
}

Here is the caller graph for this function:

PRBool SEC_PKCS5IsAlgorithmPBEAlg ( SECAlgorithmID *  algid)

Definition at line 132 of file pk11pbe.c.

Here is the call graph for this function:

Here is the caller graph for this function: