The Tor Browser: security/nss/lib/softoken/legacydb/lgutil.c@6474c204b198 (annotated)

security/nss/lib/softoken/legacydb/lgutil.c@6474c204b198 (annotated)

security/nss/lib/softoken/legacydb/lgutil.c

Wed, 31 Dec 2014 06:09:35 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Wed, 31 Dec 2014 06:09:35 +0100
changeset 0: 6474c204b198
permissions: -rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #include "lgdb.h"
 #include "secerr.h"
 #include "lgglue.h"
 /*
  * ******************** Attribute Utilities *******************************
  */
 /*
  * look up and attribute structure from a type and Object structure.
  * The returned attribute is referenced and needs to be freed when
  * it is no longer needed.
  */
 const CK_ATTRIBUTE *
 lg_FindAttribute(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ,
 		 CK_ULONG count )
 {
     unsigned int i;
     for (i=0; i < count; i++) {
 	if (templ[i].type == type) {
 	    return &templ[i];
 	}
     }
     return NULL;
 }
 /*
  * return true if object has attribute
  */
 PRBool
 lg_hasAttribute(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ,
 		 CK_ULONG count )
 {
    if (lg_FindAttribute(type, templ, count) == NULL) {
 	return PR_FALSE;
    }
    return PR_TRUE;
 }
 /*
  * copy an attribute into a SECItem. Secitem is allocated in the specified
  * arena.
  */
 CK_RV
 lg_Attribute2SecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
 			const CK_ATTRIBUTE *templ, CK_ULONG count,
 			SECItem *item)
 {
     int len;
     const CK_ATTRIBUTE *attribute;
     attribute = lg_FindAttribute(type, templ, count);
     if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
     len = attribute->ulValueLen;
     if (arena) {
     	item->data = (unsigned char *) PORT_ArenaAlloc(arena,len);
     } else {
     	item->data = (unsigned char *) PORT_Alloc(len);
     }
     if (item->data == NULL) {
 	return CKR_HOST_MEMORY;
     }
     item->len = len;
     PORT_Memcpy(item->data, attribute->pValue, len);
     return CKR_OK;
 }
 /*
  * copy an unsigned attribute into a SECItem. Secitem is allocated in
  * the specified arena.
  */
 CK_RV
 lg_Attribute2SSecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
 			const CK_ATTRIBUTE *templ, CK_ULONG count,
 			SECItem *item)
 {
     const CK_ATTRIBUTE *attribute;
     item->data = NULL;
     attribute = lg_FindAttribute(type, templ, count);
     if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
     (void)SECITEM_AllocItem(arena, item, attribute->ulValueLen);
     if (item->data == NULL) {
 	return CKR_HOST_MEMORY;
     }
     PORT_Memcpy(item->data, attribute->pValue, item->len);
     return CKR_OK;
 }
 /*
  * copy an unsigned attribute into a SECItem. Secitem is allocated in
  * the specified arena.
  */
 CK_RV
 lg_PrivAttr2SSecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
 			const CK_ATTRIBUTE *templ, CK_ULONG count,
 			SECItem *item, SDB *sdbpw)
 {
     const CK_ATTRIBUTE *attribute;
     SECItem epki, *dest = NULL;
     SECStatus rv;
     item->data = NULL;
     attribute = lg_FindAttribute(type, templ, count);
     if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
     epki.data = attribute->pValue;
     epki.len = attribute->ulValueLen;
     rv = lg_util_decrypt(sdbpw, &epki, &dest);
     if (rv != SECSuccess) {
 	return CKR_USER_NOT_LOGGED_IN;
     }
     (void)SECITEM_AllocItem(arena, item, dest->len);
     if (item->data == NULL) {
 	SECITEM_FreeItem(dest, PR_TRUE);
 	return CKR_HOST_MEMORY;
     }
     PORT_Memcpy(item->data, dest->data, item->len);
     SECITEM_FreeItem(dest, PR_TRUE);
     return CKR_OK;
 }
 CK_RV
 lg_PrivAttr2SecItem(PLArenaPool *arena, CK_ATTRIBUTE_TYPE type,
 			const CK_ATTRIBUTE *templ, CK_ULONG count,
 			SECItem *item, SDB *sdbpw)
 {
     return lg_PrivAttr2SSecItem(arena, type, templ, count, item, sdbpw);
 }
 /*
  * this is only valid for CK_BBOOL type attributes. Return the state
  * of that attribute.
  */
 PRBool
 lg_isTrue(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ, CK_ULONG count)
 {
     const CK_ATTRIBUTE *attribute;
     PRBool tok = PR_FALSE;
     attribute=lg_FindAttribute(type, templ, count);
     if (attribute == NULL) { return PR_FALSE; }
     tok = (PRBool)(*(CK_BBOOL *)attribute->pValue);
     return tok;
 }
 /*
  * return a null terminated string from attribute 'type'. This string
  * is allocated and needs to be freed with PORT_Free() When complete.
  */
 char *
 lg_getString(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ, CK_ULONG count)
 {
     const CK_ATTRIBUTE *attribute;
     char *label = NULL;
     attribute = lg_FindAttribute(type, templ, count);
     if (attribute == NULL) return NULL;
     if (attribute->pValue != NULL) {
 	label = (char *) PORT_Alloc(attribute->ulValueLen+1);
 	if (label == NULL) {
 	    return NULL;
 	}
 	PORT_Memcpy(label,attribute->pValue, attribute->ulValueLen);
 	label[attribute->ulValueLen] = 0;
     }
     return label;
 }
 CK_RV
 lg_GetULongAttribute(CK_ATTRIBUTE_TYPE type, const CK_ATTRIBUTE *templ,
 				 CK_ULONG count, CK_ULONG *longData)
 {
     const CK_ATTRIBUTE *attribute;
     CK_ULONG value = 0;
     const unsigned char *data;
     int i;
     attribute = lg_FindAttribute(type, templ, count);
     if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
     if (attribute->ulValueLen != 4) {
 	return CKR_ATTRIBUTE_VALUE_INVALID;
     }
     data = (const unsigned char *)attribute->pValue;
     for (i=0; i < 4; i++) {
 	value |= (CK_ULONG)(data[i]) << ((3-i)*8);
     }
     *longData = value;
     return CKR_OK;
 }
 /*
  * ******************** Object Utilities *******************************
  */
 SECStatus
 lg_deleteTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle)
 {
     SECItem *item;
     PRBool rem;
     PLHashTable *hashTable= lg_GetHashTable(sdb);
     item = (SECItem *)PL_HashTableLookup(hashTable, (void *)handle);
     rem = PL_HashTableRemove(hashTable,(void *)handle) ;
     if (rem && item) {
 	SECITEM_FreeItem(item,PR_TRUE);
     }
     return rem ? SECSuccess : SECFailure;
 }
 /* must be called holding lg_DBLock(sdb) */
 static SECStatus
 lg_addTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle, SECItem *key)
 {
     PLHashEntry *entry;
     SECItem *item;
     PLHashTable *hashTable= lg_GetHashTable(sdb);
     item = SECITEM_DupItem(key);
     if (item == NULL) {
 	return SECFailure;
     }
     entry = PL_HashTableAdd(hashTable,(void *)handle,item);
     if (entry == NULL) {
 	SECITEM_FreeItem(item,PR_TRUE);
 	return SECFailure;
     }
     return SECSuccess;
 }
 /* must be called holding lg_DBLock(sdb) */
 const SECItem *
 lg_lookupTokenKeyByHandle(SDB *sdb, CK_OBJECT_HANDLE handle)
 {
     PLHashTable *hashTable= lg_GetHashTable(sdb);
     return (const SECItem *)PL_HashTableLookup(hashTable, (void *)handle);
 }
 static PRIntn
 lg_freeHashItem(PLHashEntry* entry, PRIntn index, void *arg)
 {
     SECItem *item = (SECItem *)entry->value;
     SECITEM_FreeItem(item, PR_TRUE);
     return HT_ENUMERATE_NEXT;
 }
 CK_RV
 lg_ClearTokenKeyHashTable(SDB *sdb)
 {
     PLHashTable *hashTable;
     lg_DBLock(sdb);
     hashTable= lg_GetHashTable(sdb);
     PL_HashTableEnumerateEntries(hashTable, lg_freeHashItem, NULL);
     lg_DBUnlock(sdb);
     return CKR_OK;
 }
 /*
  * handle Token Object stuff
  */
 static void
 lg_XORHash(unsigned char *key, unsigned char *dbkey, int len)
 {
    int i;
    PORT_Memset(key, 0, 4);
    for (i=0; i < len-4; i += 4) {
 	key[0] ^= dbkey[i];
 	key[1] ^= dbkey[i+1];
 	key[2] ^= dbkey[i+2];
 	key[3] ^= dbkey[i+3];
    }
 }
 /* Make a token handle for an object and record it so we can find it again */
 CK_OBJECT_HANDLE
 lg_mkHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class)
 {
     unsigned char hashBuf[4];
     CK_OBJECT_HANDLE handle;
     const SECItem *key;
     handle = class;
     /* there is only one KRL, use a fixed handle for it */
     if (handle != LG_TOKEN_KRL_HANDLE) {
 	lg_XORHash(hashBuf,dbKey->data,dbKey->len);
 	handle = (hashBuf[0] << 24) | (hashBuf[1] << 16) |
 					(hashBuf[2] << 8)  | hashBuf[3];
 	handle =  class | (handle & ~(LG_TOKEN_TYPE_MASK|LG_TOKEN_MASK));
 	/* we have a CRL who's handle has randomly matched the reserved KRL
 	 * handle, increment it */
 	if (handle == LG_TOKEN_KRL_HANDLE) {
 	    handle++;
 	}
     }
     lg_DBLock(sdb);
     while ((key = lg_lookupTokenKeyByHandle(sdb,handle)) != NULL) {
 	if (SECITEM_ItemsAreEqual(key,dbKey)) {
     	   lg_DBUnlock(sdb);
 	   return handle;
 	}
 	handle++;
     }
     lg_addTokenKeyByHandle(sdb,handle,dbKey);
     lg_DBUnlock(sdb);
     return handle;
 }
 PRBool
 lg_poisonHandle(SDB *sdb, SECItem *dbKey, CK_OBJECT_HANDLE class)
 {
     unsigned char hashBuf[4];
     CK_OBJECT_HANDLE handle;
     const SECItem *key;
     handle = class;
     /* there is only one KRL, use a fixed handle for it */
     if (handle != LG_TOKEN_KRL_HANDLE) {
 	lg_XORHash(hashBuf,dbKey->data,dbKey->len);
 	handle = (hashBuf[0] << 24) | (hashBuf[1] << 16) |
 					(hashBuf[2] << 8)  | hashBuf[3];
 	handle = class | (handle & ~(LG_TOKEN_TYPE_MASK|LG_TOKEN_MASK));
 	/* we have a CRL who's handle has randomly matched the reserved KRL
 	 * handle, increment it */
 	if (handle == LG_TOKEN_KRL_HANDLE) {
 	    handle++;
 	}
     }
     lg_DBLock(sdb);
     while ((key = lg_lookupTokenKeyByHandle(sdb,handle)) != NULL) {
 	if (SECITEM_ItemsAreEqual(key,dbKey)) {
 	   key->data[0] ^= 0x80;
     	   lg_DBUnlock(sdb);
 	   return PR_TRUE;
 	}
 	handle++;
     }
     lg_DBUnlock(sdb);
     return PR_FALSE;
 }
 static LGEncryptFunc lg_encrypt_stub = NULL;
 static LGDecryptFunc lg_decrypt_stub = NULL;
 void
 legacy_SetCryptFunctions(LGEncryptFunc enc, LGDecryptFunc dec)
 {
    lg_encrypt_stub = enc;
    lg_decrypt_stub = dec;
 }
 SECStatus lg_util_encrypt(PLArenaPool *arena, SDB *sdb,
 			  SECItem *plainText, SECItem **cipherText)
 {
     if (lg_encrypt_stub == NULL) {
 	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
 	return SECFailure;
     }
     return (*lg_encrypt_stub)(arena, sdb, plainText, cipherText);
 }
 SECStatus lg_util_decrypt(SDB *sdb, SECItem *cipherText, SECItem **plainText)
 {
     if (lg_decrypt_stub == NULL) {
 	PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
 	return SECFailure;
     }
     return (*lg_decrypt_stub)(sdb, cipherText, plainText);
 }

The Tor Browser / annotate

security/nss/lib/softoken/legacydb/lgutil.c@6474c204b198 (annotated)

security/nss/lib/softoken/legacydb/lgutil.c