Add code to 'shutdown' freebl (clean up the blinding cache in rsa).

merge the NSS 3.3 changes to export Ian's double check code through the loader.


git-svn-id: svn://10.0.0.236/trunk@109403 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/security/nss/lib/freebl/blapi.h

@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: blapi.h,v 1.9 2001-11-15 02:41:14 nelsonb%netscape.com Exp $
+ * $Id: blapi.h,v 1.10 2001-11-30 23:21:48 relyea%netscape.com Exp $
  */
 
 #ifndef _BLAPI_H_
@@ -792,6 +792,13 @@ extern SECStatus   PQG_VerifyParams(const PQGParams *params,
                                     const PQGVerify *vfy, SECStatus *result);
 
 
+/*
+ * clean-up any global tables freebl may have allocated after it starts up.
+ * This function is not thread safe and should be called only after the
+ * library has been quiessed.
+ */
+extern void BL_Cleanup(void);
+
 /**************************************************************************
  *  Free the PQGParams struct and the things it points to.                *
  **************************************************************************/

mozilla/security/nss/lib/freebl/blapi_bsf.c

@@ -1507,6 +1507,26 @@ loser:
 	return SECFailure;
 }
 
+/*
+ * this should check the operation!!!!
+ */
+SECStatus
+RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
+                              unsigned char *output,
+                              const unsigned char *input)
+{
+    return RSA_PrivateKeyOp(key, output, input);
+}
+
+/*
+ * this should check the key!!!
+ */
+SECStatus
+RSA_PrivateKeyCheck(RSAPrivateKey *key)
+{
+    return SECSuccess;
+}
+
 /*****************************************************************************
 ** BLAPI implementation of DSA
 ******************************************************************************/

mozilla/security/nss/lib/freebl/ldvector.c

@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: ldvector.c,v 1.1 2000-12-27 03:20:02 nelsonb%netscape.com Exp $
+ * $Id: ldvector.c,v 1.2 2001-11-30 23:21:48 relyea%netscape.com Exp $
  */
 
 #include "loader.h"
@@ -112,7 +112,10 @@ static const struct FREEBLVectorStr vector = {
     RNG_RNGShutdown,
     PQG_ParamGen,
     PQG_ParamGenSeedLen,
-    PQG_VerifyParams
+    PQG_VerifyParams,
+    RSA_PrivateKeyOpDoubleChecked,
+    RSA_PrivateKeyCheck,
+    BL_Cleanup,
 };
 
 

mozilla/security/nss/lib/freebl/loader.c

@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: loader.c,v 1.5 2001-11-15 02:41:16 nelsonb%netscape.com Exp $
+ * $Id: loader.c,v 1.6 2001-11-30 23:21:48 relyea%netscape.com Exp $
  */
 
 #include "loader.h"
@@ -322,6 +322,24 @@ RSA_PrivateKeyOp(RSAPrivateKey *  key,
   return (vector->p_RSA_PrivateKeyOp)(key, output, input);
 }
 
+SECStatus
+RSA_PrivateKeyOpDoubleChecked(RSAPrivateKey *key,
+                              unsigned char *output,
+                              const unsigned char *input)
+{
+  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+      return SECFailure;
+  return (vector->p_RSA_PrivateKeyOpDoubleChecked)(key, output, input);
+}
+
+SECStatus
+RSA_PrivateKeyCheck(RSAPrivateKey *key)
+{
+  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+      return SECFailure;
+  return (vector->p_RSA_PrivateKeyCheck)(key);
+}
+
 SECStatus 
 DSA_NewKey(const PQGParams * params, DSAPrivateKey ** privKey)
 {
@@ -931,3 +949,11 @@ PQG_DestroyVerify(PQGVerify *vfy)
   (vector->p_PQG_DestroyVerify)( vfy);
 }
 #endif
+
+void 
+BL_Cleanup(void)
+{
+  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+      return;
+  (vector->p_Cleanup)();
+}

mozilla/security/nss/lib/freebl/loader.h

@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: loader.h,v 1.3 2001-11-15 02:41:16 nelsonb%netscape.com Exp $
+ * $Id: loader.h,v 1.4 2001-11-30 23:21:48 relyea%netscape.com Exp $
  */
 
 #ifndef _LOADER_H_
@@ -40,7 +40,7 @@
 
 #include "blapi.h"
 
-#define FREEBL_VERSION 0x0301
+#define FREEBL_VERSION 0x0302
 
 struct FREEBLVectorStr {
 
@@ -249,6 +249,15 @@ struct FREEBLVectorStr {
 
  SECStatus (* p_PQG_VerifyParams)(const PQGParams *params, 
                                   const PQGVerify *vfy, SECStatus *result);
+
+  SECStatus (* p_RSA_PrivateKeyOpDoubleChecked)(RSAPrivateKey *key,
+                              unsigned char *output,
+                              const unsigned char *input);
+
+  SECStatus (* p_RSA_PrivateKeyCheck)(RSAPrivateKey *key);
+
+  void (* p_BL_Cleanup)(void);
+
 };
 
 typedef struct FREEBLVectorStr FREEBLVector;

mozilla/security/nss/lib/freebl/rsa.c

@@ -35,7 +35,7 @@
 /*
  * RSA key generation, public key op, private key op.
  *
- * $Id: rsa.c,v 1.27 2001-11-14 23:03:20 ian.mcgreer%sun.com Exp $
+ * $Id: rsa.c,v 1.28 2001-11-30 23:21:49 relyea%netscape.com Exp $
  */
 
 #include "secerr.h"
@@ -967,3 +967,40 @@ cleanup:
     return rv;
 }
 
+/* cleanup at shutdown */
+void RSA_Cleanup(void)
+{
+    if (!coBPInit.initialized)
+	return;
+
+    while (!PR_CLIST_IS_EMPTY(&blindingParamsList.head))
+    {
+	struct RSABlindingParamsStr * rsabp = (struct RSABlindingParamsStr *)
+	    PR_LIST_HEAD(&blindingParamsList.head);
+	PR_REMOVE_LINK(&rsabp->link);
+	mp_clear(&rsabp->f);
+	mp_clear(&rsabp->g);
+	SECITEM_FreeItem(&rsabp->modulus,PR_FALSE);
+	PORT_Free(rsabp);
+    }
+
+    if (blindingParamsList.lock)
+    {
+	PZ_DestroyLock(blindingParamsList.lock);
+	blindingParamsList.lock = NULL;
+    }
+
+    coBPInit.initialized = 0;
+    coBPInit.inProgress = 0;
+    coBPInit.status = 0;
+}
+
+/*
+ * need a central place for this function to free up all the memory that
+ * free_bl may have allocated along the way. Currently only RSA does this,
+ * so I've put it here for now.
+ */
+void BL_Cleanup(void)
+{
+    RSA_Cleanup();
+}