blapi_bsf.c

来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言 代码 · 共 2,087 行 · 第 1/5 页

	if (inputLen & (DES_BLOCK_SIZE - 1)) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}
	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
	if (maxOutputLen < inputLen) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}

	if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}
	if ((status = B_DecryptUpdate(cx->algobj, 
	                              output, 
	                              &outputLenUpdate,
	                              maxOutputLen, 
	                              input, 
	                              inputLen,
	                              (B_ALGORITHM_OBJ)NULL_PTR,
	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		return SECFailure;
	}
	if ((status = B_DecryptFinal(cx->algobj, 
	                             output + outputLenUpdate, 
	                             &outputLenFinal, 
	                             maxOutputLen - outputLenUpdate,
	                             (B_ALGORITHM_OBJ)NULL_PTR,
	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		return SECFailure;
	}
	*outputLen = outputLenUpdate + outputLenFinal;
	return SECSuccess;
}

/*****************************************************************************
** BLAPI implementation of RC2
******************************************************************************/

struct RC2ContextStr
{
	B_ALGORITHM_OBJ     algobj;
	B_ALGORITHM_METHOD *alg_chooser[6];
	B_KEY_OBJ           keyobj;
};

RC2Context *
RC2_CreateContext(unsigned char *key, unsigned int len,
                  unsigned char *iv, int mode, unsigned effectiveKeyLen)
{
	/* BLAPI */
	RC2Context *cx;
	/* BSAFE */
	B_BLK_CIPHER_W_FEEDBACK_PARAMS fbParams;
	A_RC2_PARAMS                   rc2Params;
	ITEM                           ivItem;
	ITEM                           keyItem;
	unsigned int                   blockLength = RC2_BLOCK_SIZE;
	int status;

	if (mode == NSS_RC2_CBC && iv == NULL) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return NULL;
	}

	cx = (RC2Context *)PORT_ZAlloc(sizeof(RC2Context));
	if (cx == NULL) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		return NULL;
	}
	cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR;
	if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	cx->keyobj = (B_KEY_OBJ)NULL_PTR;
	if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	rc2Params.effectiveKeyBits = effectiveKeyLen * BITS_PER_BYTE;
	ivItem.data = iv;
	ivItem.len = RC2_BLOCK_SIZE;

	fbParams.encryptionMethodName = (unsigned char *)"rc2";
	fbParams.encryptionParams = (POINTER)&rc2Params;
	fbParams.paddingMethodName = (unsigned char *)"nopad";
	fbParams.paddingParams = NULL_PTR;
	cx->alg_chooser[0] = &AM_RC2_ENCRYPT;
	cx->alg_chooser[1] = &AM_RC2_DECRYPT;
	cx->alg_chooser[4] = &AM_SHA_RANDOM;
	cx->alg_chooser[5] = (B_ALGORITHM_METHOD *)NULL;

	switch (mode) {
	case NSS_RC2:
		fbParams.feedbackMethodName = (unsigned char *)"ecb";
		fbParams.feedbackParams = (POINTER)&blockLength;
		cx->alg_chooser[2] = &AM_ECB_ENCRYPT;
		cx->alg_chooser[3] = &AM_ECB_DECRYPT;
		break;
	case NSS_RC2_CBC:
		fbParams.feedbackMethodName = (unsigned char *)"cbc";
		fbParams.feedbackParams = (POINTER)&ivItem;
		cx->alg_chooser[2] = &AM_CBC_ENCRYPT;
		cx->alg_chooser[3] = &AM_CBC_DECRYPT;
		break;
	default:
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	if ((status = B_SetAlgorithmInfo(cx->algobj, AI_FeedbackCipher,
	                                 (POINTER)&fbParams)) != 0) {
		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
		goto loser;
	}

	keyItem.len = len;
	keyItem.data = key;
	if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	return cx;

loser:
	RC2_DestroyContext(cx, PR_TRUE);
	return NULL;
}

void 
RC2_DestroyContext(RC2Context *cx, PRBool freeit)
{
	if (freeit) {
		PORT_Assert(cx != NULL);
		if (cx == NULL) {
			PORT_SetError(SEC_ERROR_INVALID_ARGS);
			return;
		}
		if (cx->keyobj != NULL_PTR)
			B_DestroyKeyObject(&cx->keyobj);
		if (cx->algobj != NULL_PTR)
			B_DestroyAlgorithmObject(&cx->algobj);
		PORT_ZFree(cx, sizeof(RC2Context));
	}
}

SECStatus 
RC2_Encrypt(RC2Context *cx, unsigned char *output,
            unsigned int *outputLen, unsigned int maxOutputLen,
            unsigned char *input, unsigned int inputLen)
{
	int status;
	unsigned int outputLenUpdate, outputLenFinal;

	PORT_Assert(cx != NULL);
	if (cx == NULL) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}
	PORT_Assert((inputLen & (RC2_BLOCK_SIZE - 1)) == 0);
	if (inputLen & (RC2_BLOCK_SIZE - 1)) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}
	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
	if (maxOutputLen < inputLen) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}

	if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}
	if ((status = B_EncryptUpdate(cx->algobj, 
	                              output, 
	                              &outputLenUpdate,
	                              maxOutputLen, 
	                              input, 
	                              inputLen,
	                              (B_ALGORITHM_OBJ)NULL_PTR,
	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		return SECFailure;
	}
	if ((status = B_EncryptFinal(cx->algobj, 
	                             output + outputLenUpdate,
	                             &outputLenFinal, 
	                             maxOutputLen - outputLenUpdate,
	                             (B_ALGORITHM_OBJ)NULL_PTR,
	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		return SECFailure;
	}
	*outputLen = outputLenUpdate + outputLenFinal;
	return SECSuccess;
}

SECStatus 
RC2_Decrypt(RC2Context *cx, unsigned char *output,
            unsigned int *outputLen, unsigned int maxOutputLen,
            unsigned char *input, unsigned int inputLen)
{
	int status;
	unsigned int outputLenUpdate, outputLenFinal;
	ptrdiff_t inpptr;
	unsigned char *inp = NULL;
	PRBool cpybuffer = PR_FALSE;

	/*  The BSAFE Crypto-C 4.1 library with which we tested on a Sun 
	 *  UltraSparc crashed when the input to an RC2 CBC decryption operation
	 *  was not 4-byte aligned.
	 *  So, we work around this problem by aligning unaligned input in a
	 *  temporary buffer.
	 */
	inpptr = (ptrdiff_t)input;
	if (inpptr & 0x03) {
		inp = PORT_ZAlloc(inputLen);
		if (inp == NULL) {
			PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
			return SECFailure;
		}
		PORT_Memcpy(inp, input, inputLen);
		cpybuffer = PR_TRUE;
	} else {
		inp = input;
	}

	PORT_Assert(cx != NULL);
	if (cx == NULL) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}
	PORT_Assert((inputLen & (RC2_BLOCK_SIZE - 1)) == 0);
	if (inputLen & (RC2_BLOCK_SIZE - 1)) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}
	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
	if (maxOutputLen < inputLen) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	if ((status = B_DecryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}
	if ((status = B_DecryptUpdate(cx->algobj, 
	                              output, 
	                              &outputLenUpdate,
	                              maxOutputLen, 
	                              inp,
	                              inputLen,
	                              (B_ALGORITHM_OBJ)NULL_PTR,
	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		goto loser;
	}
	if ((status = B_DecryptFinal(cx->algobj, 
	                             output + outputLenUpdate,
	                             &outputLenFinal, 
	                             maxOutputLen - outputLenUpdate,
	                             (B_ALGORITHM_OBJ)NULL_PTR,
	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		goto loser;
	}
	*outputLen = outputLenUpdate + outputLenFinal;

	if (cpybuffer)
		PORT_ZFree(inp, inputLen);
	return SECSuccess;

loser:
	if (cpybuffer)
		PORT_ZFree(inp, inputLen);
	return SECFailure;
}

/*****************************************************************************
** BLAPI implementation of RC4
******************************************************************************/

struct RC4ContextStr
{
	B_ALGORITHM_OBJ     algobj;
	B_ALGORITHM_METHOD *alg_chooser[3];
	B_KEY_OBJ           keyobj;
};

RC4Context *
RC4_CreateContext(unsigned char *key, int len)
{
	/* BLAPI */
	RC4Context *cx;
	/* BSAFE */
	ITEM keyItem;
	int status;

	cx = (RC4Context *)PORT_ZAlloc(sizeof(RC4Context));
	if (cx == NULL) {
		/* set out of memory error */
		return NULL;
	}

	cx->algobj = (B_ALGORITHM_OBJ)NULL_PTR;
	if ((status = B_CreateAlgorithmObject(&cx->algobj)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	cx->keyobj = (B_KEY_OBJ)NULL_PTR;
	if ((status = B_CreateKeyObject(&cx->keyobj)) != 0) {
		PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
		goto loser;
	}

	if ((status = B_SetAlgorithmInfo(cx->algobj, AI_RC4, NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
		goto loser;
	}

	cx->alg_chooser[0] = &AM_RC4_ENCRYPT;
	cx->alg_chooser[1] = &AM_RC4_DECRYPT;
	cx->alg_chooser[2] = (B_ALGORITHM_METHOD *)NULL;

	keyItem.len = len;
	keyItem.data = key;
	if ((status = B_SetKeyInfo(cx->keyobj, KI_Item, (POINTER)&keyItem)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		goto loser;
	}

	return cx;

loser:
	RC4_DestroyContext(cx, PR_TRUE);
	return NULL;
}

void 
RC4_DestroyContext(RC4Context *cx, PRBool freeit)
{
	if (freeit) {
		PORT_Assert(cx != NULL);
		if (cx == NULL) {
			PORT_SetError(SEC_ERROR_INVALID_ARGS);
			return;
		}
		if (cx->keyobj != NULL_PTR)
			B_DestroyKeyObject(&cx->keyobj);
		if (cx->algobj != NULL_PTR)
			B_DestroyAlgorithmObject(&cx->algobj);
		PORT_ZFree(cx, sizeof(RC4Context));
	}
}

SECStatus 
RC4_Encrypt(RC4Context *cx, unsigned char *output,
            unsigned int *outputLen, unsigned int maxOutputLen,
            const unsigned char *input, unsigned int inputLen)
{
	int status;
	unsigned int outputLenUpdate, outputLenFinal;

	PORT_Assert(cx != NULL);
	if (cx == NULL) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}
	PORT_Assert(maxOutputLen >= inputLen);  /* check for enough room */
	if (maxOutputLen < inputLen) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}

	if ((status = B_EncryptInit(cx->algobj, cx->keyobj, cx->alg_chooser,
	                            (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_INVALID_ARGS);
		return SECFailure;
	}
	if ((status = B_EncryptUpdate(cx->algobj, 
	                              output, 
	                              &outputLenUpdate,
	                              maxOutputLen, 
	                              input, 
	                              inputLen,
	                              (B_ALGORITHM_OBJ)NULL_PTR,
	                              (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		return SECFailure;
	}
	if ((status = B_EncryptFinal(cx->algobj, 
	                             output + outputLenUpdate,
	                             &outputLenFinal, 
	                             maxOutputLen - outputLenUpdate,
	                             (B_ALGORITHM_OBJ)NULL_PTR,
	                             (A_SURRENDER_CTX *)NULL_PTR)) != 0) {
		PORT_SetError(SEC_ERROR_BAD_DATA);
		return SECFailure;
	}
	*outputLen = outputLenUpdate + outputLenFinal;
	return SECSuccess;
}

SECStatus 
RC4_Decrypt(RC4Context *cx, unsigned char *output,