Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 668397: Remove all Fortezza support from lib/pkcs7, lib/smime, and

Browse Source 
tests/ssl. The patch is written by Brian Smith <bsmith@mozilla.com>. r=wtc.
Modified Files:
	lib/pkcs7/p7decode.c lib/pkcs7/p7encode.c lib/pkcs7/p7local.c
	lib/pkcs7/p7local.h lib/pkcs7/pkcs7t.h lib/pkcs7/secmime.c
	lib/smime/cmsasn1.c lib/smime/cmsencode.c lib/smime/cmslocal.h
	lib/smime/cmspubkey.c lib/smime/cmsrecinfo.c
	lib/smime/cmssiginfo.c lib/smime/cmst.h lib/smime/smime.h
	lib/smime/smimeutil.c tests/ssl/sslcov.txt


git-svn-id: svn://10.0.0.236/trunk@262723 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
wtc%google.com 2011-08-21 01:14:19 +00:00
parent 9bf97e400c
commit 613a840d29
16 changed files with 43 additions and 830 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
mozilla/security/nss/lib/pkcs7/p7decode.c
View File

@ -38,7 +38,7 @@
/*
* PKCS7 decoding, verification.
*
* $Id: p7decode.c,v 1.25 2008-03-10 00:01:26 wtc%google.com Exp $
* $Id: p7decode.c,v 1.26 2011-08-21 01:14:17 wtc%google.com Exp $
*/
#include "p7local.h"
@ -428,7 +428,6 @@ sec_pkcs7_decoder_finish_digests (SEC_PKCS7DecoderContext *p7dcx,
* XXX Need comment explaining following helper function (which is used
* by sec_pkcs7_decoder_start_decrypt).
*/
extern const SEC_ASN1Template SEC_SMIMEKEAParamTemplateAllParams[];
static PK11SymKey *
sec_pkcs7_decoder_get_recipient_key (SEC_PKCS7DecoderContext *p7dcx,
@ -460,7 +459,7 @@ sec_pkcs7_decoder_get_recipient_key (SEC_PKCS7DecoderContext *p7dcx,
keyalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
encalgtag = SECOID_GetAlgorithmTag (&(ri->keyEncAlg));
if ((encalgtag != SEC_OID_NETSCAPE_SMIME_KEA) && (keyalgtag != encalgtag)) {
if (keyalgtag != encalgtag) {
p7dcx->error = SEC_ERROR_PKCS7_KEYALG_MISMATCH;
goto no_key_found;
}
@ -477,117 +476,6 @@ sec_pkcs7_decoder_get_recipient_key (SEC_PKCS7DecoderContext *p7dcx,
goto no_key_found;
}
break;
/* ### mwelch -- KEA */
case SEC_OID_NETSCAPE_SMIME_KEA:
{
SECStatus err;
CK_MECHANISM_TYPE bulkType;
PK11SymKey *tek;
SECKEYPublicKey *senderPubKey;
SEC_PKCS7SMIMEKEAParameters keaParams;
(void) memset(&keaParams, 0, sizeof(keaParams));
/* Decode the KEA algorithm parameters. */
err = SEC_ASN1DecodeItem(NULL,
&keaParams,
SEC_SMIMEKEAParamTemplateAllParams,
&(ri->keyEncAlg.parameters));
if (err != SECSuccess)
{
p7dcx->error = err;
PORT_SetError(0);
goto no_key_found;
}
/* We just got key data, no key structure. So, we
create one. */
senderPubKey =
PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
keaParams.originatorKEAKey.len);
if (senderPubKey == NULL)
{
p7dcx->error = PORT_GetError();
PORT_SetError(0);
goto no_key_found;
}
/* Generate the TEK (token exchange key) which we use
to unwrap the bulk encryption key. */
tek = PK11_PubDerive(privkey, senderPubKey,
PR_FALSE,
&keaParams.originatorRA,
NULL,
CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
CKA_WRAP, 0, p7dcx->pwfn_arg);
SECKEY_DestroyPublicKey(senderPubKey);
if (tek == NULL)
{
p7dcx->error = PORT_GetError();
PORT_SetError(0);
goto no_key_found;
}
/* Now that we have the TEK, unwrap the bulk key
with which to decrypt the message. We have to
do one of two different things depending on
whether Skipjack was used for bulk encryption
of the message. */
bulkType = PK11_AlgtagToMechanism (bulkalgtag);
switch(bulkType)
{
case CKM_SKIPJACK_CBC64:
case CKM_SKIPJACK_ECB64:
case CKM_SKIPJACK_OFB64:
case CKM_SKIPJACK_CFB64:
case CKM_SKIPJACK_CFB32:
case CKM_SKIPJACK_CFB16:
case CKM_SKIPJACK_CFB8:
/* Skipjack is being used as the bulk encryption algorithm.*/
/* Unwrap the bulk key. */
bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP,
NULL, &ri->encKey,
CKM_SKIPJACK_CBC64,
CKA_DECRYPT, 0);
break;
default:
/* Skipjack was not used for bulk encryption of this
message. Use Skipjack CBC64, with the nonSkipjackIV
part of the KEA key parameters, to decrypt
the bulk key. If we got a parameter indicating that the
bulk key size is different than the encrypted key size,
pass in the real key size. */
/* Check for specified bulk key length (unspecified implies
that the bulk key length is the same as encrypted length) */
if (keaParams.bulkKeySize.len > 0)
{
p7dcx->error = SEC_ASN1DecodeItem(NULL, &bulkLength,
SEC_ASN1_GET(SEC_IntegerTemplate),
&keaParams.bulkKeySize);
}
if (p7dcx->error != SECSuccess)
goto no_key_found;
bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64,
&keaParams.nonSkipjackIV,
&ri->encKey,
bulkType,
CKA_DECRYPT, bulkLength);
}
if (bulkkey == NULL)
{
p7dcx->error = PORT_GetError();
PORT_SetError(0);
goto no_key_found;
}
break;
}
default:
p7dcx->error = SEC_ERROR_UNSUPPORTED_KEYALG;
break;

156
mozilla/security/nss/lib/pkcs7/p7encode.c
View File

@ -38,7 +38,7 @@
/*
* PKCS7 encoding.
*
* $Id: p7encode.c,v 1.13 2008-03-10 00:01:26 wtc%google.com Exp $
* $Id: p7encode.c,v 1.14 2011-08-21 01:14:17 wtc%google.com Exp $
*/
#include "p7local.h"
@ -91,7 +91,6 @@ sec_pkcs7_encoder_start_encrypt (SEC_PKCS7ContentInfo *cinfo,
sec_PKCS7CipherObject *encryptobj;
SEC_PKCS7RecipientInfo **recipientinfos, *ri;
SEC_PKCS7EncryptedContentInfo *enccinfo;
SEC_PKCS7SMIMEKEAParameters keaParams;
SECKEYPublicKey *publickey = NULL;
SECKEYPrivateKey *ourPrivKey = NULL;
PK11SymKey *bulkkey;
@ -102,9 +101,6 @@ sec_pkcs7_encoder_start_encrypt (SEC_PKCS7ContentInfo *cinfo,
/* Get the context in case we need it below. */
wincx = cinfo->pwfn_arg;
/* Clear keaParams, since cleanup code checks the lengths */
(void) memset(&keaParams, 0, sizeof(keaParams));
kind = SEC_PKCS7ContentType (cinfo);
switch (kind) {
default:
@ -197,8 +193,7 @@ sec_pkcs7_encoder_start_encrypt (SEC_PKCS7ContentInfo *cinfo,
* down into the subjectPublicKeyInfo myself) and another which
* takes a public key and algorithm tag and data and encrypts
* the data. Or something like that. The point is that all
* of the following hardwired RSA and KEA stuff should be done
* elsewhere.
* of the following hardwired RSA stuff should be done elsewhere.
*/
certalgtag=SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
@ -223,149 +218,6 @@ sec_pkcs7_encoder_start_encrypt (SEC_PKCS7ContentInfo *cinfo,
if (rv != SECSuccess) goto loser;
params = NULL; /* paranoia */
break;
/* ### mwelch -- KEA */
case SEC_OID_MISSI_KEA_DSS_OLD:
case SEC_OID_MISSI_KEA_DSS:
case SEC_OID_MISSI_KEA:
{
#define SMIME_FORTEZZA_RA_LENGTH 128
#define SMIME_FORTEZZA_IV_LENGTH 24
#define SMIME_FORTEZZA_MAX_KEY_SIZE 256
SECStatus err;
PK11SymKey *tek;
CERTCertificate *ourCert;
SECKEYPublicKey *ourPubKey;
SECKEATemplateSelector whichKEA = SECKEAInvalid;
/* We really want to show our KEA tag as the
key exchange algorithm tag. */
encalgtag = SEC_OID_NETSCAPE_SMIME_KEA;
/* Get the public key of the recipient. */
publickey = CERT_ExtractPublicKey(cert);
if (publickey == NULL) goto loser;
/* Find our own cert, and extract its keys. */
ourCert = PK11_FindBestKEAMatch(cert,wincx);
if (ourCert == NULL) goto loser;
arena = PORT_NewArena(1024);
if (arena == NULL) goto loser;
ourPubKey = CERT_ExtractPublicKey(ourCert);
if (ourPubKey == NULL)
{
CERT_DestroyCertificate(ourCert);
goto loser;
}
/* While we're here, copy the public key into the outgoing
* KEA parameters. */
SECITEM_CopyItem(arena, &(keaParams.originatorKEAKey),
&(ourPubKey->u.fortezza.KEAKey));
SECKEY_DestroyPublicKey(ourPubKey);
ourPubKey = NULL;
/* Extract our private key in order to derive the
* KEA key. */
ourPrivKey = PK11_FindKeyByAnyCert(ourCert,wincx);
CERT_DestroyCertificate(ourCert); /* we're done with this */
if (!ourPrivKey) goto loser;
/* Prepare raItem with 128 bytes (filled with zeros). */
keaParams.originatorRA.data =
(unsigned char*)PORT_ArenaAlloc(arena,SMIME_FORTEZZA_RA_LENGTH);
keaParams.originatorRA.len = SMIME_FORTEZZA_RA_LENGTH;
/* Generate the TEK (token exchange key) which we use
* to wrap the bulk encryption key. (raItem) will be
* filled with a random seed which we need to send to
* the recipient. */
tek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
&keaParams.originatorRA, NULL,
CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
CKA_WRAP, 0, wincx);
SECKEY_DestroyPublicKey(publickey);
SECKEY_DestroyPrivateKey(ourPrivKey);
publickey = NULL;
ourPrivKey = NULL;
if (!tek)
goto loser;
ri->encKey.data = (unsigned char*)PORT_ArenaAlloc(cinfo->poolp,
SMIME_FORTEZZA_MAX_KEY_SIZE);
ri->encKey.len = SMIME_FORTEZZA_MAX_KEY_SIZE;
if (ri->encKey.data == NULL)
{
PK11_FreeSymKey(tek);
goto loser;
}
/* Wrap the bulk key. What we do with the resulting data
depends on whether we're using Skipjack to wrap the key. */
switch(PK11_AlgtagToMechanism(enccinfo->encalg))
{
case CKM_SKIPJACK_CBC64:
case CKM_SKIPJACK_ECB64:
case CKM_SKIPJACK_OFB64:
case CKM_SKIPJACK_CFB64:
case CKM_SKIPJACK_CFB32:
case CKM_SKIPJACK_CFB16:
case CKM_SKIPJACK_CFB8:
/* do SKIPJACK, we use the wrap mechanism */
err = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL,
tek, bulkkey, &ri->encKey);
whichKEA = SECKEAUsesSkipjack;
break;
default:
/* Not SKIPJACK, we encrypt the raw key data */
keaParams.nonSkipjackIV .data =
(unsigned char*)PORT_ArenaAlloc(arena,
SMIME_FORTEZZA_IV_LENGTH);
keaParams.nonSkipjackIV.len = SMIME_FORTEZZA_IV_LENGTH;
err = PK11_WrapSymKey(CKM_SKIPJACK_CBC64,
&keaParams.nonSkipjackIV,
tek, bulkkey, &ri->encKey);
if (err != SECSuccess)
goto loser;
if (ri->encKey.len != PK11_GetKeyLength(bulkkey))
{
/* The size of the encrypted key is not the same as
that of the original bulk key, presumably due to
padding. Encode and store the real size of the
bulk key. */
if (SEC_ASN1EncodeInteger(arena,
&keaParams.bulkKeySize,
PK11_GetKeyLength(bulkkey))
== NULL)
err = (SECStatus)PORT_GetError();
else
/* use full template for encoding */
whichKEA = SECKEAUsesNonSkipjackWithPaddedEncKey;
}
else
/* enc key length == bulk key length */
whichKEA = SECKEAUsesNonSkipjack;
break;
}
PK11_FreeSymKey(tek);
if (err != SECSuccess)
goto loser;
PORT_Assert( whichKEA != SECKEAInvalid);
/* Encode the KEA parameters into the recipient info. */
params = SEC_ASN1EncodeItem(arena,NULL, &keaParams,
sec_pkcs7_get_kea_template(whichKEA));
if (params == NULL) goto loser;
break;
}
default:
PORT_SetError (SEC_ERROR_INVALID_ALGORITHM);
goto loser;
@ -940,10 +792,6 @@ sec_pkcs7_encoder_sig_and_certs (SEC_PKCS7ContentInfo *cinfo,
*/
signalgtag = SECOID_GetAlgorithmTag (&(cert->subjectPublicKeyInfo.algorithm));
/* Fortezza MISSI have weird signature formats. Map them
* to standard DSA formats */
signalgtag = PK11_FortezzaMapSig(signalgtag);
if (signerinfo->authAttr != NULL) {
SEC_PKCS7Attribute *attr;
SECItem encoded_attrs;

59
mozilla/security/nss/lib/pkcs7/p7local.c
View File

@ -40,7 +40,7 @@
* encoding/creation side *and* the decoding/decryption side. Anything
* else should be static routines in the appropriate file.
*
* $Id: p7local.c,v 1.14 2010-03-15 07:25:14 nelson%bolyard.com Exp $
* $Id: p7local.c,v 1.15 2011-08-21 01:14:17 wtc%google.com Exp $
*/
#include "p7local.h"
@ -1308,63 +1308,6 @@ static const SEC_ASN1Template SEC_PointerToPKCS7EncryptedDataTemplate[] = {
{ SEC_ASN1_POINTER, 0, SEC_PKCS7EncryptedDataTemplate }
};
const SEC_ASN1Template SEC_SMIMEKEAParamTemplateSkipjack[] = {
{ SEC_ASN1_SEQUENCE,
0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
{ SEC_ASN1_OCTET_STRING,
offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
{ 0 }
};
const SEC_ASN1Template SEC_SMIMEKEAParamTemplateNoSkipjack[] = {
{ SEC_ASN1_SEQUENCE,
0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
{ SEC_ASN1_OCTET_STRING,
offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
{ SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
offsetof(SEC_PKCS7SMIMEKEAParameters,nonSkipjackIV) },
{ 0 }
};
const SEC_ASN1Template SEC_SMIMEKEAParamTemplateAllParams[] = {
{ SEC_ASN1_SEQUENCE,
0, NULL, sizeof(SEC_PKCS7SMIMEKEAParameters) },
{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
offsetof(SEC_PKCS7SMIMEKEAParameters,originatorKEAKey) },
{ SEC_ASN1_OCTET_STRING,
offsetof(SEC_PKCS7SMIMEKEAParameters,originatorRA) },
{ SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
offsetof(SEC_PKCS7SMIMEKEAParameters,nonSkipjackIV) },
{ SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
offsetof(SEC_PKCS7SMIMEKEAParameters,bulkKeySize) },
{ 0 }
};
const SEC_ASN1Template*
sec_pkcs7_get_kea_template(SECKEATemplateSelector whichTemplate)
{
const SEC_ASN1Template *returnVal = NULL;
switch(whichTemplate)
{
case SECKEAUsesNonSkipjack:
returnVal = SEC_SMIMEKEAParamTemplateNoSkipjack;
break;
case SECKEAUsesSkipjack:
returnVal = SEC_SMIMEKEAParamTemplateSkipjack;
break;
case SECKEAUsesNonSkipjackWithPaddedEncKey:
default:
returnVal = SEC_SMIMEKEAParamTemplateAllParams;
break;
}
return returnVal;
}
static const SEC_ASN1Template *
sec_pkcs7_choose_content_template(void *src_or_dest, PRBool encoding)
{

8
mozilla/security/nss/lib/pkcs7/p7local.h
View File

@ -45,7 +45,7 @@
* you. If that has a problem, then just move out what you need, changing
* its name as appropriate!
*
* $Id: p7local.h,v 1.2 2004-04-25 15:03:13 gerv%gerv.net Exp $
* $Id: p7local.h,v 1.3 2011-08-21 01:14:17 wtc%google.com Exp $
*/
#ifndef _P7LOCAL_H_
@ -167,12 +167,6 @@ extern SECStatus sec_PKCS7Encrypt (sec_PKCS7CipherObject *obj,
unsigned int input_len,
PRBool final);
/* return the correct kea template based on the template selector. skipjack
* does not have the extra IV.
*/
const SEC_ASN1Template *
sec_pkcs7_get_kea_template(SECKEATemplateSelector whichTemplate);
/************************************************************************/
SEC_END_PROTOS

32
mozilla/security/nss/lib/pkcs7/pkcs7t.h
View File

@ -37,7 +37,7 @@
/*
* Header for pkcs7 types.
*
* $Id: pkcs7t.h,v 1.6 2008-06-14 14:20:24 wtc%google.com Exp $
* $Id: pkcs7t.h,v 1.7 2011-08-21 01:14:17 wtc%google.com Exp $
*/
#ifndef _PKCS7T_H_
@ -98,7 +98,6 @@ typedef struct SEC_PKCS7SignerInfoStr SEC_PKCS7SignerInfo;
typedef struct SEC_PKCS7RecipientInfoStr SEC_PKCS7RecipientInfo;
typedef struct SEC_PKCS7DigestedDataStr SEC_PKCS7DigestedData;
typedef struct SEC_PKCS7EncryptedDataStr SEC_PKCS7EncryptedData;
typedef struct SEC_PKCS7SMIMEKEAParametersStr SEC_PKCS7SMIMEKEAParameters;
/*
* The following is not actually a PKCS7 type, but for now it is only
* used by PKCS7, so we have adopted it. If someone else *ever* needs
@ -223,35 +222,6 @@ struct SEC_PKCS7AttributeStr {
PRBool encoded; /* when true, values are encoded */
};
/* An enumerated type used to select templates based on the encryption
scenario and data specifics. */
typedef enum
{
SECKEAInvalid = -1,
SECKEAUsesSkipjack = 0,
SECKEAUsesNonSkipjack = 1,
SECKEAUsesNonSkipjackWithPaddedEncKey = 2
} SECKEATemplateSelector;
/* ### mwelch - S/MIME KEA parameters. These don't really fit here,
but I cannot think of a more appropriate place at this time. */
struct SEC_PKCS7SMIMEKEAParametersStr {
SECItem originatorKEAKey; /* sender KEA key (encrypted?) */
SECItem originatorRA; /* random number generated by sender */
SECItem nonSkipjackIV; /* init'n vector for SkipjackCBC64
decryption of KEA key if Skipjack
is not the bulk algorithm used on
the message */
SECItem bulkKeySize; /* if Skipjack is not the bulk
algorithm used on the message,
and the size of the bulk encryption
key is not the same as that of
originatorKEAKey (due to padding
perhaps), this field will contain
the real size of the bulk encryption
key. */
};
/*
* Type of function passed to SEC_PKCS7Decode or SEC_PKCS7DecoderStart.
* If specified, this is where the content bytes (only) will be "sent"

86
mozilla/security/nss/lib/pkcs7/secmime.c
View File

@ -38,7 +38,7 @@
* Stuff specific to S/MIME policy and interoperability.
* Depends on PKCS7, but there should be no dependency the other way around.
*
* $Id: secmime.c,v 1.4 2004-06-18 00:38:45 jpierre%netscape.com Exp $
* $Id: secmime.c,v 1.5 2011-08-21 01:14:17 wtc%google.com Exp $
*/
#include "secmime.h"
@ -87,8 +87,7 @@ static smime_cipher_map smime_cipher_maps[] = {
{ SMIME_RC5PAD_64_16_128, SEC_OID_RC5_CBC_PAD, &smime_rc5p128 },
#endif
{ SMIME_DES_CBC_56, SEC_OID_DES_CBC, NULL },
{ SMIME_DES_EDE3_168, SEC_OID_DES_EDE3_CBC, NULL },
{ SMIME_FORTEZZA, SEC_OID_FORTEZZA_SKIPJACK, NULL}
{ SMIME_DES_EDE3_168, SEC_OID_DES_EDE3_CBC, NULL }
};
/*
@ -252,8 +251,6 @@ smime_policy_algorithm (SECAlgorithmID *algid, PK11SymKey *key)
return SMIME_DES_CBC_56;
case SEC_OID_DES_EDE3_CBC:
return SMIME_DES_EDE3_168;
case SEC_OID_FORTEZZA_SKIPJACK:
return SMIME_FORTEZZA;
#ifdef SMIME_DOES_RC5
case SEC_OID_RC5_CBC_PAD:
PORT_Assert (0); /* XXX need to pull out parameters and match */
@ -403,8 +400,7 @@ smime_choose_cipher (CERTCertificate *scert, CERTCertificate **rcerts)
int *cipher_abilities;
int *cipher_votes;
int strong_mapi;
int rcount, mapi, max, i;
PRBool isFortezza = PK11_FortezzaHasKEA(scert);
int rcount, mapi, max;
if (smime_policy_bits == 0) {
PORT_SetError (SEC_ERROR_BAD_EXPORT_ALGORITHM);
@ -429,23 +425,11 @@ smime_choose_cipher (CERTCertificate *scert, CERTCertificate **rcerts)
/*
* XXX Should have a #define somewhere which specifies default
* strong cipher. (Or better, a way to configure, which would
* take Fortezza into account as well.)
* strong cipher. (Or better, a way to configure.)
*/
/* If the user has the Fortezza preference turned on, make
* that the strong cipher. Otherwise, use triple-DES. */
strong_mapi = -1;
if (isFortezza) {
for(i=0;i < smime_current_pref_index && strong_mapi < 0;i++)
{
if (smime_prefs[i] == SMIME_FORTEZZA)
strong_mapi = smime_mapi_by_cipher(SMIME_FORTEZZA);
}
}
if (strong_mapi == -1)
strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168);
/* Make triple-DES the strong cipher. */
strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168);
PORT_Assert (strong_mapi >= 0);
@ -505,8 +489,6 @@ smime_choose_cipher (CERTCertificate *scert, CERTCertificate **rcerts)
continue;
if (! smime_cipher_allowed (smime_cipher_maps[mapi].cipher))
continue;
if (!isFortezza && (smime_cipher_maps[mapi].cipher == SMIME_FORTEZZA))
continue;
if (cipher_votes[mapi] > max) {
chosen_cipher = smime_cipher_maps[mapi].cipher;
max = cipher_votes[mapi];
@ -553,7 +535,6 @@ smime_keysize_by_cipher (unsigned long which)
#endif
case SMIME_DES_CBC_56:
case SMIME_DES_EDE3_168:
case SMIME_FORTEZZA:
/*
* These are special; since the key size is fixed, we actually
* want to *avoid* specifying a key size.
@ -642,21 +623,18 @@ SECMIME_CreateEncrypted(CERTCertificate *scert,
static smime_capability **smime_capabilities;
static SECItem *smime_encoded_caps;
static PRBool lastUsedFortezza;
static SECStatus
smime_init_caps (PRBool isFortezza)
smime_init_caps (void)
{
smime_capability *cap;
smime_cipher_map *map;
SECOidData *oiddata;
SECStatus rv;
int i, capIndex;
int i;
if (smime_encoded_caps != NULL
&& (! smime_prefs_changed)
&& lastUsedFortezza == isFortezza)
if (smime_encoded_caps != NULL && (! smime_prefs_changed))
return SECSuccess;
if (smime_encoded_caps != NULL) {
@ -690,17 +668,8 @@ smime_init_caps (PRBool isFortezza)
(In the process of performing (a), Lisa put in some optimizations
which allow us to avoid needlessly re-populating elements in
smime_capabilities as we walk through smime_prefs.)
We want to use separate loop variables for smime_prefs and
smime_capabilities because in the case where the Skipjack cipher
is turned on in the prefs, but where we don't want to include
Skipjack in the encoded capabilities (presumably due to using a
non-fortezza cert when sending a message), we want to avoid creating
an empty element in smime_capabilities. This would otherwise cause
the encoding step to produce an empty set, since Skipjack happens
to be the first cipher in smime_prefs, if it is turned on.
*/
for (i = 0, capIndex = 0; i < smime_current_pref_index; i++, capIndex++) {
for (i = 0; i < smime_current_pref_index; i++) {
int mapi;
/* Get the next cipher preference in smime_prefs. */
@ -712,26 +681,17 @@ smime_init_caps (PRBool isFortezza)
PORT_Assert (mapi < smime_symmetric_count);
map = &(smime_cipher_maps[mapi]);
/* If we're using a non-Fortezza cert, only advertise non-Fortezza
capabilities. (We advertise all capabilities if we have a
Fortezza cert.) */
if ((!isFortezza) && (map->cipher == SMIME_FORTEZZA))
{
capIndex--; /* we want to visit the same caps index entry next time */
continue;
}
/*
* Convert the next preference found in smime_prefs into an
* smime_capability.
*/
cap = smime_capabilities[capIndex];
cap = smime_capabilities[i];
if (cap == NULL) {
cap = (smime_capability*)PORT_ZAlloc (sizeof(smime_capability));
if (cap == NULL)
break;
smime_capabilities[capIndex] = cap;
smime_capabilities[i] = cap;
} else if (cap->cipher == smime_prefs[i]) {
continue; /* no change to this one */
}
@ -765,24 +725,22 @@ smime_init_caps (PRBool isFortezza)
if (i != smime_current_pref_index)
return rv;
while (capIndex < smime_symmetric_count) {
cap = smime_capabilities[capIndex];
while (i < smime_symmetric_count) {
cap = smime_capabilities[i];
if (cap != NULL) {
SECITEM_FreeItem (&(cap->capabilityID), PR_FALSE);
PORT_Free (cap);
}
smime_capabilities[capIndex] = NULL;
capIndex++;
smime_capabilities[i] = NULL;
i++;
}
smime_capabilities[capIndex] = NULL;
smime_capabilities[i] = NULL;
smime_encoded_caps = SEC_ASN1EncodeItem (NULL, NULL, &smime_capabilities,
smime_capabilities_template);
if (smime_encoded_caps == NULL)
return SECFailure;
lastUsedFortezza = isFortezza;
return SECSuccess;
}
@ -790,22 +748,16 @@ smime_init_caps (PRBool isFortezza)
static SECStatus
smime_add_profile (CERTCertificate *cert, SEC_PKCS7ContentInfo *cinfo)
{
PRBool isFortezza = PR_FALSE;
PORT_Assert (smime_prefs_complete);
if (! smime_prefs_complete)
return SECFailure;
/* See if the sender's cert specifies Fortezza key exchange. */
if (cert != NULL)
isFortezza = PK11_FortezzaHasKEA(cert);
/* For that matter, if capabilities haven't been initialized yet,
do so now. */
if (isFortezza != lastUsedFortezza || smime_encoded_caps == NULL || smime_prefs_changed) {
if (smime_encoded_caps == NULL || smime_prefs_changed) {
SECStatus rv;
rv = smime_init_caps(isFortezza);
rv = smime_init_caps();
if (rv != SECSuccess)
return rv;

62
mozilla/security/nss/lib/smime/cmsasn1.c
View File

@ -37,7 +37,7 @@
/*
* CMS ASN.1 templates
*
* $Id: cmsasn1.c,v 1.9 2011-01-31 23:56:30 rrelyea%redhat.com Exp $
* $Id: cmsasn1.c,v 1.10 2011-08-21 01:14:18 wtc%google.com Exp $
*/
#include "cmslocal.h"
@ -493,66 +493,6 @@ const SEC_ASN1Template NSS_PointerToCMSGenericWrapperDataTemplate[] = {
SEC_ASN1_CHOOSER_IMPLEMENT(NSS_PointerToCMSGenericWrapperDataTemplate);
/* -----------------------------------------------------------------------------
* FORTEZZA KEA
*/
const SEC_ASN1Template NSS_SMIMEKEAParamTemplateSkipjack[] = {
{ SEC_ASN1_SEQUENCE,
0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
{ SEC_ASN1_OCTET_STRING,
offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
{ 0 }
};
const SEC_ASN1Template NSS_SMIMEKEAParamTemplateNoSkipjack[] = {
{ SEC_ASN1_SEQUENCE,
0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
{ SEC_ASN1_OCTET_STRING,
offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
{ SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
{ 0 }
};
const SEC_ASN1Template NSS_SMIMEKEAParamTemplateAllParams[] = {
{ SEC_ASN1_SEQUENCE,
0, NULL, sizeof(NSSCMSSMIMEKEAParameters) },
{ SEC_ASN1_OCTET_STRING /* | SEC_ASN1_OPTIONAL */,
offsetof(NSSCMSSMIMEKEAParameters,originatorKEAKey) },
{ SEC_ASN1_OCTET_STRING,
offsetof(NSSCMSSMIMEKEAParameters,originatorRA) },
{ SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
offsetof(NSSCMSSMIMEKEAParameters,nonSkipjackIV) },
{ SEC_ASN1_OCTET_STRING | SEC_ASN1_OPTIONAL ,
offsetof(NSSCMSSMIMEKEAParameters,bulkKeySize) },
{ 0 }
};
const SEC_ASN1Template *
nss_cms_get_kea_template(NSSCMSKEATemplateSelector whichTemplate)
{
const SEC_ASN1Template *returnVal = NULL;
switch(whichTemplate)
{
case NSSCMSKEAUsesNonSkipjack:
returnVal = NSS_SMIMEKEAParamTemplateNoSkipjack;
break;
case NSSCMSKEAUsesSkipjack:
returnVal = NSS_SMIMEKEAParamTemplateSkipjack;
break;
case NSSCMSKEAUsesNonSkipjackWithPaddedEncKey:
default:
returnVal = NSS_SMIMEKEAParamTemplateAllParams;
break;
}
return returnVal;
}
/* -----------------------------------------------------------------------------
*
*/

3
mozilla/security/nss/lib/smime/cmsencode.c
View File

@ -37,7 +37,7 @@
/*
* CMS encoding.
*
* $Id: cmsencode.c,v 1.11 2011-02-11 01:53:17 emaldona%redhat.com Exp $
* $Id: cmsencode.c,v 1.12 2011-08-21 01:14:18 wtc%google.com Exp $
*/
#include "cmslocal.h"
@ -726,7 +726,6 @@ NSS_CMSEncoder_Finish(NSSCMSEncoderContext *p7ecx)
{
SECStatus rv = SECFailure;
NSSCMSContentInfo *cinfo;
SECOidTag childtype;
/*
* Finish any inner decoders before us so that all the encoded data is flushed

10
mozilla/security/nss/lib/smime/cmslocal.h
View File

@ -42,7 +42,7 @@
* you. If that has a problem, then just move out what you need, changing
* its name as appropriate!
*
* $Id: cmslocal.h,v 1.6 2011-01-28 23:03:59 rrelyea%redhat.com Exp $
* $Id: cmslocal.h,v 1.7 2011-08-21 01:14:18 wtc%google.com Exp $
*/
#ifndef _CMSLOCAL_H_
@ -199,14 +199,6 @@ NSS_CMSUtil_EncryptSymKey_RSAPubKey(PLArenaPool *poolp,
extern PK11SymKey *
NSS_CMSUtil_DecryptSymKey_RSA(SECKEYPrivateKey *privkey, SECItem *encKey, SECOidTag bulkalgtag);
extern SECStatus
NSS_CMSUtil_EncryptSymKey_MISSI(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
SECOidTag symalgtag, SECItem *encKey, SECItem **pparams, void *pwfn_arg);
extern PK11SymKey *
NSS_CMSUtil_DecryptSymKey_MISSI(SECKEYPrivateKey *privkey, SECItem *encKey,
SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg);
extern SECStatus
NSS_CMSUtil_EncryptSymKey_ESDH(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *key,
SECItem *encKey, SECItem **ukm, SECAlgorithmID *keyEncAlg,

248
mozilla/security/nss/lib/smime/cmspubkey.c
View File

@ -37,7 +37,7 @@
/*
* CMS public key crypto
*
* $Id: cmspubkey.c,v 1.7 2004-04-25 15:03:16 gerv%gerv.net Exp $
* $Id: cmspubkey.c,v 1.8 2011-08-21 01:14:18 wtc%google.com Exp $
*/
#include "cmslocal.h"
@ -141,252 +141,6 @@ NSS_CMSUtil_DecryptSymKey_RSA(SECKEYPrivateKey *privkey, SECItem *encKey, SECOid
return PK11_PubUnwrapSymKey(privkey, encKey, target, CKA_DECRYPT, 0);
}
/* ====== MISSI (Fortezza) ========================================================== */
extern const SEC_ASN1Template NSS_SMIMEKEAParamTemplateAllParams[];
SECStatus
NSS_CMSUtil_EncryptSymKey_MISSI(PLArenaPool *poolp, CERTCertificate *cert, PK11SymKey *bulkkey,
SECOidTag symalgtag, SECItem *encKey, SECItem **pparams, void *pwfn_arg)
{
SECOidTag certalgtag; /* the certificate's encryption algorithm */
SECOidTag encalgtag; /* the algorithm used for key exchange/agreement */
SECStatus rv = SECFailure;
SECItem *params = NULL;
SECStatus err;
PK11SymKey *tek;
CERTCertificate *ourCert;
SECKEYPublicKey *ourPubKey, *publickey = NULL;
SECKEYPrivateKey *ourPrivKey = NULL;
NSSCMSKEATemplateSelector whichKEA = NSSCMSKEAInvalid;
NSSCMSSMIMEKEAParameters keaParams;
PLArenaPool *arena = NULL;
extern const SEC_ASN1Template *nss_cms_get_kea_template(NSSCMSKEATemplateSelector whichTemplate);
/* Clear keaParams, since cleanup code checks the lengths */
(void) memset(&keaParams, 0, sizeof(keaParams));
certalgtag = SECOID_GetAlgorithmTag(&(cert->subjectPublicKeyInfo.algorithm));
PORT_Assert(certalgtag == SEC_OID_MISSI_KEA_DSS_OLD ||
certalgtag == SEC_OID_MISSI_KEA_DSS ||
certalgtag == SEC_OID_MISSI_KEA);
#define SMIME_FORTEZZA_RA_LENGTH 128
#define SMIME_FORTEZZA_IV_LENGTH 24
#define SMIME_FORTEZZA_MAX_KEY_SIZE 256
/* We really want to show our KEA tag as the key exchange algorithm tag. */
encalgtag = SEC_OID_NETSCAPE_SMIME_KEA;
/* Get the public key of the recipient. */
publickey = CERT_ExtractPublicKey(cert);
if (publickey == NULL) goto loser;
/* Find our own cert, and extract its keys. */
ourCert = PK11_FindBestKEAMatch(cert, pwfn_arg);
if (ourCert == NULL) goto loser;
arena = PORT_NewArena(1024);
if (arena == NULL)
goto loser;
ourPubKey = CERT_ExtractPublicKey(ourCert);
if (ourPubKey == NULL) {
CERT_DestroyCertificate(ourCert);
goto loser;
}
/* While we're here, copy the public key into the outgoing
* KEA parameters. */
SECITEM_CopyItem(arena, &(keaParams.originatorKEAKey), &(ourPubKey->u.fortezza.KEAKey));
SECKEY_DestroyPublicKey(ourPubKey);
ourPubKey = NULL;
/* Extract our private key in order to derive the KEA key. */
ourPrivKey = PK11_FindKeyByAnyCert(ourCert, pwfn_arg);
CERT_DestroyCertificate(ourCert); /* we're done with this */
if (!ourPrivKey)
goto loser;
/* Prepare raItem with 128 bytes (filled with zeros). */
keaParams.originatorRA.data = (unsigned char *)PORT_ArenaAlloc(arena,SMIME_FORTEZZA_RA_LENGTH);
keaParams.originatorRA.len = SMIME_FORTEZZA_RA_LENGTH;
/* Generate the TEK (token exchange key) which we use
* to wrap the bulk encryption key. (keaparams.originatorRA) will be
* filled with a random seed which we need to send to
* the recipient. (user keying material in RFC2630/DSA speak) */
tek = PK11_PubDerive(ourPrivKey, publickey, PR_TRUE,
&keaParams.originatorRA, NULL,
CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
CKA_WRAP, 0, pwfn_arg);
SECKEY_DestroyPublicKey(publickey);
SECKEY_DestroyPrivateKey(ourPrivKey);
publickey = NULL;
ourPrivKey = NULL;
if (!tek)
goto loser;
/* allocate space for the wrapped key data */
encKey->data = (unsigned char *)PORT_ArenaAlloc(poolp, SMIME_FORTEZZA_MAX_KEY_SIZE);
encKey->len = SMIME_FORTEZZA_MAX_KEY_SIZE;
if (encKey->data == NULL) {
PK11_FreeSymKey(tek);
goto loser;
}
/* Wrap the bulk key. What we do with the resulting data
depends on whether we're using Skipjack to wrap the key. */
switch (PK11_AlgtagToMechanism(symalgtag)) {
case CKM_SKIPJACK_CBC64:
case CKM_SKIPJACK_ECB64:
case CKM_SKIPJACK_OFB64:
case CKM_SKIPJACK_CFB64:
case CKM_SKIPJACK_CFB32:
case CKM_SKIPJACK_CFB16:
case CKM_SKIPJACK_CFB8:
/* SKIPJACK, we use the wrap mechanism because we can do it on the hardware */
err = PK11_WrapSymKey(CKM_SKIPJACK_WRAP, NULL, tek, bulkkey, encKey);
whichKEA = NSSCMSKEAUsesSkipjack;
break;
default:
/* Not SKIPJACK, we encrypt the raw key data */
keaParams.nonSkipjackIV.data =
(unsigned char *)PORT_ArenaAlloc(arena, SMIME_FORTEZZA_IV_LENGTH);
keaParams.nonSkipjackIV.len = SMIME_FORTEZZA_IV_LENGTH;
err = PK11_WrapSymKey(CKM_SKIPJACK_CBC64, &keaParams.nonSkipjackIV, tek, bulkkey, encKey);
if (err != SECSuccess)
goto loser;
if (encKey->len != PK11_GetKeyLength(bulkkey)) {
/* The size of the encrypted key is not the same as
that of the original bulk key, presumably due to
padding. Encode and store the real size of the
bulk key. */
if (SEC_ASN1EncodeInteger(arena, &keaParams.bulkKeySize, PK11_GetKeyLength(bulkkey)) == NULL)
err = (SECStatus)PORT_GetError();
else
/* use full template for encoding */
whichKEA = NSSCMSKEAUsesNonSkipjackWithPaddedEncKey;
}
else
/* enc key length == bulk key length */
whichKEA = NSSCMSKEAUsesNonSkipjack;
break;
}
PK11_FreeSymKey(tek);
if (err != SECSuccess)
goto loser;
PORT_Assert(whichKEA != NSSCMSKEAInvalid);
/* Encode the KEA parameters into the recipient info. */
params = SEC_ASN1EncodeItem(poolp, NULL, &keaParams, nss_cms_get_kea_template(whichKEA));
if (params == NULL)
goto loser;
/* pass back the algorithm params */
*pparams = params;
rv = SECSuccess;
loser:
if (arena)
PORT_FreeArena(arena, PR_FALSE);
if (publickey)
SECKEY_DestroyPublicKey(publickey);
if (ourPrivKey)
SECKEY_DestroyPrivateKey(ourPrivKey);
return rv;
}
PK11SymKey *
NSS_CMSUtil_DecryptSymKey_MISSI(SECKEYPrivateKey *privkey, SECItem *encKey, SECAlgorithmID *keyEncAlg, SECOidTag bulkalgtag, void *pwfn_arg)
{
/* fortezza: do a key exchange */
SECStatus err;
CK_MECHANISM_TYPE bulkType;
PK11SymKey *tek;
SECKEYPublicKey *originatorPubKey;
NSSCMSSMIMEKEAParameters keaParams;
PK11SymKey *bulkkey;
int bulkLength;
(void) memset(&keaParams, 0, sizeof(keaParams));
/* NOTE: this uses the SMIME v2 recipientinfo for compatibility.
All additional KEA parameters are DER-encoded in the encryption algorithm parameters */
/* Decode the KEA algorithm parameters. */
err = SEC_ASN1DecodeItem(NULL, &keaParams, NSS_SMIMEKEAParamTemplateAllParams,
&(keyEncAlg->parameters));
if (err != SECSuccess)
goto loser;
/* get originator's public key */
originatorPubKey = PK11_MakeKEAPubKey(keaParams.originatorKEAKey.data,
keaParams.originatorKEAKey.len);
if (originatorPubKey == NULL)
goto loser;
/* Generate the TEK (token exchange key) which we use to unwrap the bulk encryption key.
The Derive function generates a shared secret and combines it with the originatorRA
data to come up with an unique session key */
tek = PK11_PubDerive(privkey, originatorPubKey, PR_FALSE,
&keaParams.originatorRA, NULL,
CKM_KEA_KEY_DERIVE, CKM_SKIPJACK_WRAP,
CKA_WRAP, 0, pwfn_arg);
SECKEY_DestroyPublicKey(originatorPubKey); /* not needed anymore */
if (tek == NULL)
goto loser;
/* Now that we have the TEK, unwrap the bulk key
with which to decrypt the message. We have to
do one of two different things depending on
whether Skipjack was used for *bulk* encryption
of the message. */
bulkType = PK11_AlgtagToMechanism(bulkalgtag);
switch (bulkType) {
case CKM_SKIPJACK_CBC64:
case CKM_SKIPJACK_ECB64:
case CKM_SKIPJACK_OFB64:
case CKM_SKIPJACK_CFB64:
case CKM_SKIPJACK_CFB32:
case CKM_SKIPJACK_CFB16:
case CKM_SKIPJACK_CFB8:
/* Skipjack is being used as the bulk encryption algorithm.*/
/* Unwrap the bulk key. */
bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_WRAP, NULL,
encKey, CKM_SKIPJACK_CBC64, CKA_DECRYPT, 0);
break;
default:
/* Skipjack was not used for bulk encryption of this
message. Use Skipjack CBC64, with the nonSkipjackIV
part of the KEA key parameters, to decrypt
the bulk key. If the optional parameter bulkKeySize is present,
bulk key size is different than the encrypted key size */
if (keaParams.bulkKeySize.len > 0) {
err = SEC_ASN1DecodeItem(NULL, &bulkLength,
SEC_ASN1_GET(SEC_IntegerTemplate),
&keaParams.bulkKeySize);
if (err != SECSuccess)
goto loser;
}
bulkkey = PK11_UnwrapSymKey(tek, CKM_SKIPJACK_CBC64, &keaParams.nonSkipjackIV,
encKey, bulkType, CKA_DECRYPT, bulkLength);
break;
}
return bulkkey;
loser:
return NULL;
}
/* ====== ESDH (Ephemeral-Static Diffie-Hellman) ==================================== */
SECStatus

9
mozilla/security/nss/lib/smime/cmsrecinfo.c
View File

@ -37,7 +37,7 @@
/*
* CMS recipientInfo methods.
*
* $Id: cmsrecinfo.c,v 1.20 2008-06-06 01:16:18 wtc%google.com Exp $
* $Id: cmsrecinfo.c,v 1.21 2011-08-21 01:14:18 wtc%google.com Exp $
*/
#include "cmslocal.h"
@ -579,11 +579,6 @@ NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex,
/* get the symmetric (bulk) key by unwrapping it using our private key */
bulkkey = NSS_CMSUtil_DecryptSymKey_RSA(privkey, enckey, bulkalgtag);
break;
case SEC_OID_NETSCAPE_SMIME_KEA:
/* FORTEZZA key exchange algorithm */
/* the supplemental data is in the parameters of encalg */
bulkkey = NSS_CMSUtil_DecryptSymKey_MISSI(privkey, enckey, encalg, bulkalgtag, ri->cmsg->pwfn_arg);
break;
default:
error = SEC_ERROR_UNSUPPORTED_KEYALG;
goto loser;
@ -604,6 +599,7 @@ NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex,
/* content encryption key using a Unwrap op */
/* the derive operation has to generate the key using the algorithm in RFC2631 */
error = SEC_ERROR_UNSUPPORTED_KEYALG;
goto loser;
break;
default:
error = SEC_ERROR_UNSUPPORTED_KEYALG;
@ -623,6 +619,7 @@ NSS_CMSRecipientInfo_UnwrapBulkKey(NSSCMSRecipientInfo *ri, int subIndex,
return bulkkey;
loser:
PORT_SetError(error);
return NULL;
}

10
mozilla/security/nss/lib/smime/cmssiginfo.c
View File

@ -38,7 +38,7 @@
/*
* CMS signerInfo methods.
*
* $Id: cmssiginfo.c,v 1.34 2011-02-07 18:32:19 nelson%bolyard.com Exp $
* $Id: cmssiginfo.c,v 1.35 2011-08-21 01:14:18 wtc%google.com Exp $
*/
#include "cmslocal.h"
@ -215,11 +215,6 @@ NSS_CMSSignerInfo_Sign(NSSCMSSignerInfo *signerinfo, SECItem *digest,
SECOID_DestroyAlgorithmID(&freeAlgID, PR_FALSE);
}
/* Fortezza MISSI have weird signature formats.
* Map them to standard DSA formats
*/
pubkAlgTag = PK11_FortezzaMapSig(pubkAlgTag);
if (signerinfo->authAttr != NULL) {
SECOidTag signAlgTag;
SECItem encoded_attrs;
@ -784,8 +779,7 @@ NSS_CMSSignerInfo_AddSMIMECaps(NSSCMSSignerInfo *signerinfo)
goto loser;
/* create new signing time attribute */
if (NSS_SMIMEUtil_CreateSMIMECapabilities(poolp, smimecaps,
PK11_FortezzaHasKEA(signerinfo->cert)) != SECSuccess)
if (NSS_SMIMEUtil_CreateSMIMECapabilities(poolp, smimecaps) != SECSuccess)
goto loser;
if ((attr = NSS_CMSAttribute_Create(poolp, SEC_OID_PKCS9_SMIME_CAPABILITIES, smimecaps, PR_TRUE)) == NULL)

36
mozilla/security/nss/lib/smime/cmst.h
View File

@ -37,7 +37,7 @@
/*
* Header for CMS types.
*
* $Id: cmst.h,v 1.13 2011-02-11 01:53:17 emaldona%redhat.com Exp $
* $Id: cmst.h,v 1.14 2011-08-21 01:14:18 wtc%google.com Exp $
*/
#ifndef _CMST_H_
@ -100,8 +100,6 @@ typedef struct NSSCMSEncryptedDataStr NSSCMSEncryptedData;
typedef struct NSSCMSGenericWrapperDataStr NSSCMSGenericWrapperData;
typedef struct NSSCMSSMIMEKEAParametersStr NSSCMSSMIMEKEAParameters;
typedef struct NSSCMSAttributeStr NSSCMSAttribute;
typedef struct NSSCMSDecoderContextStr NSSCMSDecoderContext;
@ -511,38 +509,6 @@ struct NSSCMSEncryptedDataStr {
#define NSS_CMS_ENCRYPTED_DATA_VERSION 0 /* what we *create* */
#define NSS_CMS_ENCRYPTED_DATA_VERSION_UPATTR 2 /* what we *create* */
/* =============================================================================
* FORTEZZA KEA
*/
/* An enumerated type used to select templates based on the encryption
scenario and data specifics. */
typedef enum {
NSSCMSKEAInvalid = -1,
NSSCMSKEAUsesSkipjack = 0,
NSSCMSKEAUsesNonSkipjack = 1,
NSSCMSKEAUsesNonSkipjackWithPaddedEncKey = 2
} NSSCMSKEATemplateSelector;
/* ### mwelch - S/MIME KEA parameters. These don't really fit here,
but I cannot think of a more appropriate place at this time. */
struct NSSCMSSMIMEKEAParametersStr {
SECItem originatorKEAKey; /* sender KEA key (encrypted?) */
SECItem originatorRA; /* random number generated by sender */
SECItem nonSkipjackIV; /* init'n vector for SkipjackCBC64
decryption of KEA key if Skipjack
is not the bulk algorithm used on
the message */
SECItem bulkKeySize; /* if Skipjack is not the bulk
algorithm used on the message,
and the size of the bulk encryption
key is not the same as that of
originatorKEAKey (due to padding
perhaps), this field will contain
the real size of the bulk encryption
key. */
};
/*
* *****************************************************************************
* *****************************************************************************

4
mozilla/security/nss/lib/smime/smime.h
View File

@ -38,7 +38,7 @@
* Header file for routines specific to S/MIME. Keep things that are pure
* pkcs7 out of here; this is for S/MIME policy, S/MIME interoperability, etc.
*
* $Id: smime.h,v 1.10 2011-08-01 07:08:09 kaie%kuix.de Exp $
* $Id: smime.h,v 1.11 2011-08-21 01:14:18 wtc%google.com Exp $
*/
#ifndef _SECMIME_H_
@ -126,7 +126,7 @@ extern PRBool NSS_SMIMEUtil_EncryptionPossible(void);
* scans the list of allowed and enabled ciphers and construct a PKCS9-compliant
* S/MIME capabilities attribute value.
*/
extern SECStatus NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest, PRBool includeFortezzaCiphers);
extern SECStatus NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest);
/*
* NSS_SMIMEUtil_CreateSMIMEEncKeyPrefs - create S/MIME encryption key preferences attr value

31
mozilla/security/nss/lib/smime/smimeutil.c
View File

@ -37,7 +37,7 @@
/*
* Stuff specific to S/MIME policy and interoperability.
*
* $Id: smimeutil.c,v 1.21 2011-08-01 07:08:09 kaie%kuix.de Exp $
* $Id: smimeutil.c,v 1.22 2011-08-21 01:14:18 wtc%google.com Exp $
*/
#include "secmime.h"
@ -152,8 +152,7 @@ static smime_cipher_map_entry smime_cipher_map[] = {
{ SMIME_RC2_CBC_64, SEC_OID_RC2_CBC, &param_int64, PR_TRUE, PR_TRUE },
{ SMIME_RC2_CBC_128, SEC_OID_RC2_CBC, &param_int128, PR_TRUE, PR_TRUE },
{ SMIME_DES_EDE3_168, SEC_OID_DES_EDE3_CBC, NULL, PR_TRUE, PR_TRUE },
{ SMIME_AES_CBC_128, SEC_OID_AES_128_CBC, NULL, PR_TRUE, PR_TRUE },
{ SMIME_FORTEZZA, SEC_OID_FORTEZZA_SKIPJACK, NULL, PR_TRUE, PR_TRUE }
{ SMIME_AES_CBC_128, SEC_OID_AES_128_CBC, NULL, PR_TRUE, PR_TRUE }
};
static const int smime_cipher_map_count = sizeof(smime_cipher_map) / sizeof(smime_cipher_map_entry);
@ -273,10 +272,8 @@ nss_smime_get_cipher_for_alg_and_key(SECAlgorithmID *algid, PK11SymKey *key, uns
case SEC_OID_AES_128_CBC:
c = SMIME_AES_CBC_128;
break;
case SEC_OID_FORTEZZA_SKIPJACK:
c = SMIME_FORTEZZA;
break;
default:
PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
return SECFailure;
}
*cipher = c;
@ -393,7 +390,6 @@ smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts)
int weak_mapi;
int strong_mapi;
int rcount, mapi, max, i;
PRBool scert_is_fortezza = (scert == NULL) ? PR_FALSE : PK11_FortezzaHasKEA(scert);
chosen_cipher = SMIME_RC2_CBC_40; /* the default, LCD */
weak_mapi = smime_mapi_by_cipher(chosen_cipher);
@ -407,14 +403,8 @@ smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts)
if (cipher_votes == NULL || cipher_abilities == NULL)
goto done;
/* If the user has the Fortezza preference turned on, make
* that the strong cipher. Otherwise, use triple-DES. */
/* Make triple-DES the strong cipher. */
strong_mapi = smime_mapi_by_cipher (SMIME_DES_EDE3_168);
if (scert_is_fortezza) {
mapi = smime_mapi_by_cipher(SMIME_FORTEZZA);
if (mapi >= 0 && smime_cipher_map[mapi].enabled)
strong_mapi = mapi;
}
/* walk all the recipient's certs */
for (rcount = 0; rcerts[rcount] != NULL; rcount++) {
@ -498,9 +488,6 @@ smime_choose_cipher(CERTCertificate *scert, CERTCertificate **rcerts)
/* if cipher is not enabled or not allowed by policy, forget it */
if (!smime_cipher_map[mapi].enabled || !smime_cipher_map[mapi].allowed)
continue;
/* if we're not doing fortezza, but the cipher is fortezza, forget it */
if (!scert_is_fortezza && (smime_cipher_map[mapi].cipher == SMIME_FORTEZZA))
continue;
/* now see if this one has more votes than the last best one */
if (cipher_votes[mapi] >= max) {
/* if equal number of votes, prefer the ones further down in the list */
@ -541,7 +528,6 @@ smime_keysize_by_cipher (unsigned long which)
break;
case SMIME_DES_CBC_56:
case SMIME_DES_EDE3_168:
case SMIME_FORTEZZA:
/*
* These are special; since the key size is fixed, we actually
* want to *avoid* specifying a key size.
@ -588,10 +574,9 @@ NSS_SMIMEUtil_FindBulkAlgForRecipients(CERTCertificate **rcerts, SECOidTag *bulk
*
* "poolp" - arena pool to create the S/MIME capabilities data on
* "dest" - SECItem to put the data in
* "includeFortezzaCiphers" - PR_TRUE if fortezza ciphers should be included
*/
SECStatus
NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest, PRBool includeFortezzaCiphers)
NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest)
{
NSSSMIMECapability *cap;
NSSSMIMECapability **smime_capabilities;
@ -619,12 +604,6 @@ NSS_SMIMEUtil_CreateSMIMECapabilities(PLArenaPool *poolp, SECItem *dest, PRBool
if (!map->enabled)
continue;
/* If we're using a non-Fortezza cert, only advertise non-Fortezza
capabilities. (We advertise all capabilities if we have a
Fortezza cert.) */
if ((!includeFortezzaCiphers) && (map->cipher == SMIME_FORTEZZA))
continue;
/* get next SMIME capability */
cap = (NSSSMIMECapability *)PORT_ZAlloc(sizeof(NSSSMIMECapability));
if (cap == NULL)

3
mozilla/security/nss/tests/ssl/sslcov.txt
View File

@ -48,14 +48,11 @@
noECC TLS E SSL2_DES_64_CBC_WITH_MD5
noECC noTLS F SSL2_DES_192_EDE3_CBC_WITH_MD5
#
# noECC noTLS a SSL3_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA
# noECC noTLS b SSL3_FORTEZZA_DMS_WITH_RC4_128_SHA
noECC noTLS c SSL3_RSA_WITH_RC4_128_MD5
noECC noTLS d SSL3_RSA_WITH_3DES_EDE_CBC_SHA
noECC noTLS e SSL3_RSA_WITH_DES_CBC_SHA
noECC noTLS f SSL3_RSA_EXPORT_WITH_RC4_40_MD5
noECC noTLS g SSL3_RSA_EXPORT_WITH_RC2_CBC_40_MD5
# noECC noTLS h SSL3_FORTEZZA_DMS_WITH_NULL_SHA
noECC noTLS i SSL3_RSA_WITH_NULL_MD5
noECC noTLS j SSL3_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
noECC noTLS k SSL3_RSA_FIPS_WITH_DES_CBC_SHA