📄 kgenctxt.c
字号:
SSMResource_Print(res, fmt, numParams, value, resultStr); rv = (*resultStr == NULL) ? PR_FAILURE : PR_SUCCESS; loser: PR_FREEIF(escrowCAName); return rv;}SSMStatus SSMKeyGenContext_SetEscrowAuthority(SSMKeyGenContext *ct, char *base64Cert){ SECItem derCert = { siBuffer, NULL, 0 }; SECStatus rv; if (base64Cert == NULL || ct->m_eaCert != NULL) { return PR_FAILURE; } rv = ATOB_ConvertAsciiToItem(&derCert, base64Cert); if (rv != SECSuccess) { goto loser; } ct->m_eaCert = CERT_DecodeDERCertificate(&derCert, PR_TRUE, NULL); if (ct->m_eaCert == NULL) { goto loser; } return PR_SUCCESS; loser: if (ct->m_eaCert != NULL) { CERT_DestroyCertificate(ct->m_eaCert); } ct->m_eaCert = NULL; return PR_FAILURE;}SSMStatus SSMKeyGenContext_SetAttr(SSMResource *res, SSMAttributeID attrID, SSMAttributeValue *value){ SSMKeyGenContext *ct = (SSMKeyGenContext*)res; SSMStatus rv = PR_FAILURE; PR_ASSERT(SSM_IsAKindOf(res, SSM_RESTYPE_KEYGEN_CONTEXT)); switch(attrID) { case SSM_FID_KEYGEN_ESCROW_AUTHORITY: SSM_DEBUG("Setting the Escrow Authority to \n%s\n", value->u.string.data); if (value->type != SSM_STRING_ATTRIBUTE) { goto loser; } rv = SSMKeyGenContext_SetEscrowAuthority(ct, (char *) value->u.string.data); break; case SSM_FID_CLIENT_CONTEXT: SSM_DEBUG("Setting the Key Gen UI context"); if (value->type != SSM_STRING_ATTRIBUTE) { goto loser; } if (!(res->m_clientContext.data = (unsigned char *) PR_Malloc(value->u.string.len))) { goto loser; } memcpy(res->m_clientContext.data, value->u.string.data, value->u.string.len); res->m_clientContext.len = value->u.string.len; break; default: SSM_DEBUG("Got unkown KeyGenContext Set Attribute Request %d\n", attrID); goto loser; break; } return PR_SUCCESS;loser: return PR_FAILURE;}SSMStatus SSMKeyGenContext_GetAttr(SSMResource *res, SSMAttributeID attrID, SSMResourceAttrType attrType, SSMAttributeValue *value){ SSMKeyGenContext *ct = (SSMKeyGenContext*)res; PR_ASSERT(SSM_IsAKindOf(res, SSM_RESTYPE_KEYGEN_CONTEXT)); switch(attrID) { case SSM_FID_CLIENT_CONTEXT: SSM_DEBUG("Getting the Key Gen UI context"); value->type = SSM_STRING_ATTRIBUTE; if (!(value->u.string.data = (unsigned char *) PR_Malloc(res->m_clientContext.len))) { goto loser; } memcpy(value->u.string.data, res->m_clientContext.data, res->m_clientContext.len); value->u.string.len = res->m_clientContext.len; break; default: SSM_DEBUG("Got unkown KeyGenContext Get Attribute Request %d\n", attrID); goto loser; break; } return PR_SUCCESS;loser: value->type = SSM_NO_ATTRIBUTE; return PR_FAILURE;}/* As a sanity check, make sure we have data structures consistent with our type. */void SSMKeyGenContext_Invariant(SSMKeyGenContext *ct){#ifdef DEBUG if (ct) { SSMResource_Invariant(&(ct->super)); SSM_LockResource(SSMRESOURCE(ct)); PR_ASSERT(SSM_IsAKindOf(SSMRESOURCE(ct), SSM_RESTYPE_KEYGEN_CONTEXT)); PR_ASSERT(ct->m_ctxtype == SSM_CRMF_KEYGEN || ct->m_ctxtype == SSM_OLD_STYLE_KEYGEN); if (ct->m_ctxtype == SSM_CRMF_KEYGEN) { PR_ASSERT(ct->m_incomingQ != NULL); PR_ASSERT(ct->m_keys != NULL);#if 0 PR_ASSERT(ct->m_serviceThread != NULL); /* context == service thread */#endif /* If the user canceled, then this thread will be NULL. */ } SSM_UnlockResource(SSMRESOURCE(ct)); }#endif}static SSMStatusssm_process_next_pqg_param(SECItem *dest, unsigned char *curParam){ PRUint32 tmpLong; tmpLong = PR_ntohl(*(PRUint32*)curParam); dest->len = tmpLong; curParam += sizeof (PRUint32); dest->data = PORT_ZNewArray(unsigned char, tmpLong); PORT_Memcpy(dest->data, curParam, tmpLong); return PR_SUCCESS;}void*ssm_ConvertToActualKeyGenParams(PRUint32 keyGenMech, unsigned char *params, PRUint32 paramLen, PRUint32 keySize){ void *returnParams = NULL; unsigned char *curPtr; PRUint32 tmpLong; if (params != NULL && paramLen > 0) { curPtr = params; switch (keyGenMech) { case CKM_RSA_PKCS_KEY_PAIR_GEN: { PK11RSAGenParams *rsaParams; rsaParams = PORT_New(PK11RSAGenParams); if (rsaParams == NULL) { return NULL; } rsaParams->keySizeInBits = keySize; tmpLong = PR_ntohl(*(PRUint32*)curPtr); rsaParams->pe = (unsigned long) tmpLong; returnParams = rsaParams; break; } case CKM_DSA_KEY_PAIR_GEN: { PQGParams *pqgParams; pqgParams = PORT_ZNew(PQGParams); if (pqgParams == NULL) { return NULL; } ssm_process_next_pqg_param(&pqgParams->prime, curPtr); curPtr += sizeof(PRUint32) + pqgParams->prime.len; ssm_process_next_pqg_param(&pqgParams->subPrime, curPtr); curPtr += sizeof(PRUint32) + pqgParams->subPrime.len; ssm_process_next_pqg_param(&pqgParams->base, curPtr); returnParams = pqgParams; break; } default: returnParams = NULL; } } else { /* In this case we provide the parameters ourselves. */ switch (keyGenMech) { case CKM_RSA_PKCS_KEY_PAIR_GEN: { PK11RSAGenParams *rsaParams; rsaParams = PORT_New(PK11RSAGenParams); if (rsaParams == NULL) { return NULL; } /* I'm just taking the same parameters used in * certdlgs.c:GenKey */ if (keySize > 0) { rsaParams->keySizeInBits = keySize; } else { rsaParams->keySizeInBits = 1024; } rsaParams->pe = 65537L; returnParams = rsaParams; break; } case CKM_DSA_KEY_PAIR_GEN: { PQGParams *pqgParams = NULL; PQGVerify *vfy = NULL; SECStatus rv; int index; index = PQG_PBITS_TO_INDEX(keySize); if (index == -1) { returnParams = NULL; break; } /* REMOVED CALL */; if (vfy) { PQG_DestroyVerify(vfy); } if (rv != SECSuccess) { if (pqgParams) { PQG_DestroyParams(pqgParams); } return NULL; } returnParams = pqgParams; break; } default: returnParams = NULL; } } return returnParams;}static voidssm_FreeKeyGenParams(CK_MECHANISM_TYPE keyGenMechanism, void *params){ switch (keyGenMechanism) { case CKM_RSA_PKCS_KEY_PAIR_GEN: PORT_Free(params); break; case CKM_DSA_KEY_PAIR_GEN: PQG_DestroyParams((PQGParams*) params); break; }}SSMStatus SSMKeyGenContext_BeginGeneratingKeyPair(SSMControlConnection * ctrl, SECItem *msg, SSMResourceID *destID){ SSMKeyGenContext *ct=NULL; SSMKeyGenParams *kg=NULL; SSMKeyPair *kp=NULL; void *actualParams=NULL; SSMStatus rv = PR_SUCCESS; SSMKeyPairArg keyPairArg; KeyPairGenRequest request; if (msg == NULL || msg->data == NULL || destID == NULL) return PR_INVALID_ARGUMENT_ERROR; if (CMT_DecodeMessage(KeyPairGenRequestTemplate, &request, (CMTItem*)msg) != CMTSuccess) { goto loser; } /* Find the requested key gen context. */ rv = SSMControlConnection_GetResource(ctrl, request.keyGenCtxtID, (SSMResource **) &ct); if (rv != PR_SUCCESS) goto loser; if ((!ct) || (!SSM_IsAKindOf(SSMRESOURCE(ct), SSM_RESTYPE_KEYGEN_CONTEXT))) { rv = PR_INVALID_ARGUMENT_ERROR; goto loser; } if (ct->m_userCancel) return (SSMStatus)SSM_ERR_USER_CANCEL; if (!SSM_KeyGenAllowedForSize(request.keySize)) { goto loser; } /* Convert to actual key generation params. */ actualParams = ssm_ConvertToActualKeyGenParams(request.genMechanism, request.params.data, request.params.len, request.keySize); if (actualParams == NULL) { goto loser; } /* Create a key pair resource so that we can return its ID. */ keyPairArg.keyGenContext = ct; if ((rv = SSMKeyPair_Create(&keyPairArg, SSMRESOURCE(ct)->m_connection, (SSMResource **) &kp)) != PR_SUCCESS) goto loser; /* Create a parameter lump with which we'll generate the key later. */ if (!(kg = (SSMKeyGenParams *) PR_CALLOC(sizeof(SSMKeyGenParams)))) { goto loser; } kg->keyGenMechanism = request.genMechanism; kg->kp = kp; SSM_GetResourceReference(SSMRESOURCE(kp)); kg->actualParams = actualParams; SSM_LockResource(SSMRESOURCE(ct)); if (ct->m_numKeyGens == ct->m_allocKeyGens) { int newSize = ct->m_allocKeyGens * 2; SSMKeyGenParams **tmp = (SSMKeyGenParams **) PR_Realloc(ct->m_keyGens, sizeof(SSMKeyGenParams*)*newSize); if (tmp == NULL) { rv = PR_FAILURE; SSM_UnlockResource(SSMRESOURCE(ct)); goto loser; } ct->m_keyGens = tmp; ct->m_allocKeyGens = newSize; } ct->m_keyGens[ct->m_numKeyGens] = kg; ct->m_numKeyGens++; SSM_UnlockResource(SSMRESOURCE(ct)); *destID = kp->super.m_id; goto done; loser: if (rv == PR_SUCCESS) rv = PR_FAILURE; PR_FREEIF(kg); if (kp != NULL) { SSM_FreeResource(&kp->super); /* ours should be the only ref */ } if (actualParams != NULL) ssm_FreeKeyGenParams(request.genMechanism, actualParams); /* * Something went wrong, so we should get rid of the key gen context * as well as locally allocated data. */ SSM_ShutdownResource(SSMRESOURCE(ct), PR_FAILURE); done: return rv;}#define SSM_PARENT_CONN(x) &((x)->m_parent->super)SSMStatusSSMKeyGenContext_FinishGeneratingKeyPair(SSMKeyGenContext *ct, SSMKeyGenParams *kg){ SSMKeyPair *kp = NULL; void *actualParams = NULL; PK11SlotInfo *slot = NULL; SSMStatus rv = PR_SUCCESS; PRUint32 keyGenMechanism; SECKEYPublicKey *pubKey = NULL; SECKEYPrivateKey *privKey = NULL; char *pwd = NULL; SSM_DEBUG("Inside FinishGeneratingKeyPair.\n"); PR_ASSERT((kg != NULL) && (ct != NULL));⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -