The Tor Browser / annotate

security/nss/cmd/pk11util/scripts/dosign@97036ab72558 (annotated)

security/nss/cmd/pk11util/scripts/dosign

Tue, 06 Jan 2015 21:39:09 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Tue, 06 Jan 2015 21:39:09 +0100
branch
TOR_BUG_9701
changeset 8
97036ab72558
permissions
-rw-r--r--

Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.

michael@0 1 Load nsscapi.dll
michael@0 2 C_Initialize NULL
michael@0 3 C_GetSlotList false NULL slotCount
michael@0 4 NewArray slotList CK_ULONG slotCount
michael@0 5 C_GetSlotList false slotList slotCount
michael@0 6 #change the following to the appropriate slot id
michael@0 7 set slotID 1
michael@0 8 #set slotID slotList[0]
michael@0 9 C_GetSlotInfo slotID slotInfo
michael@0 10 C_GetTokenInfo slotID tokenInfo
michael@0 11 C_OpenSession slotID CKF_SERIAL_SESSION session
michael@0 12 #
michael@0 13 #uncomment the following line and include the correct password
michael@0 14 #C_Login session CKU_USER 0000 4
michael@0 15 #
michael@0 16 # build the search template
michael@0 17 #
michael@0 18 NewTemplate search CKA_CLASS
michael@0 19 SetTemplate search 0 CKO_CERTIFICATE
michael@0 20 NewArray certID CK_ULONG 10
michael@0 21 C_FindObjectsInit session search 1
michael@0 22 C_FindObjects session certID sizeA(certID) count
michael@0 23 C_FindObjectsFinal session
michael@0 24 #
michael@0 25 # now read the cert out
michael@0 26 #
michael@0 27 #NewTemplate derCert CKA_VALUE
michael@0 28 #NewTemplate certName CKA_LABEL,CKA_VALUE
michael@0 29 #C_GetAttributeValue session certID[0] certName sizeA(certName)
michael@0 30 #BuildTemplate certName
michael@0 31 #C_GetAttributeValue session certID[0] certName sizeA(certName)
michael@0 32 #print certName[0]
michael@0 33 Set countm1 count
michael@0 34 Decrement countm1 1
michael@0 35 LoopRun pLabel1 i 0 countm1 1
michael@0 36 Set i 1
michael@0 37 run pLabel1
michael@0 38 NewTemplate id CKA_CLASS,CKA_ID
michael@0 39 C_GetAttributeValue session certID[i] id sizeA(id)
michael@0 40 BuildTemplate id
michael@0 41 C_GetAttributeValue session certID[i] id sizeA(id)
michael@0 42 SetTemplate id 0 CKO_PRIVATE_KEY
michael@0 43 NewArray keyID CK_ULONG 10
michael@0 44 C_FindObjectsInit session id sizeA(id)
michael@0 45 C_FindObjects session keyID sizeA(keyID) count
michael@0 46 C_FindObjectsFinal session
michael@0 47
michael@0 48 NewMechanism rsaParams CKM_RSA_PKCS
michael@0 49 NewArray sign data 256
michael@0 50 NewArray sdata data 36
michael@0 51 C_SignInit session rsaParams keyID[0]
michael@0 52 print sdata
michael@0 53 C_Sign session sdata sizeof(sdata) sign sizeof(sign)
michael@0 54 save signature sign
michael@0 55 save hash sdata
michael@0 56 NewTemplate privValue CKA_MODULUS,CKA_PUBLIC_EXPONENT
michael@0 57 C_GetAttributeValue session keyID[0] privValue sizeA(privValue)
michael@0 58 BuildTemplate privValue
michael@0 59 C_GetAttributeValue session keyID[0] privValue sizeA(privValue)
michael@0 60 print privValue[0]
michael@0 61 print privValue[1]
michael@0 62
michael@0 63 # save the public key
michael@0 64 SetTemplate id 0 CKO_PUBLIC_KEY
michael@0 65 NewArray pubkeyID CK_ULONG 10
michael@0 66 C_FindObjectsInit session id sizeA(id)
michael@0 67 C_FindObjects session pubkeyID sizeA(pubkeyID) count
michael@0 68 C_FindObjectsFinal session
michael@0 69 NewTemplate pubkeyValue CKA_MODULUS,CKA_PUBLIC_EXPONENT
michael@0 70 C_GetAttributeValue session pubkeyID[0] pubkeyValue sizeA(pubkeyValue)
michael@0 71 BuildTemplate pubkeyValue
michael@0 72 C_GetAttributeValue session pubkeyID[0] pubkeyValue sizeA(pubkeyValue)
michael@0 73 print pubkeyValue[0]
michael@0 74 print pubkeyValue[1]
michael@0 75
michael@0 76
michael@0 77 C_Finalize null
michael@0 78 unload
michael@0 79
michael@0 80 #
michael@0 81 # Now do the same for using softoken
michael@0 82 #
michael@0 83 load softokn3.dll
michael@0 84 NewInitArg init CKF_OS_LOCKING_OK configdir=./db
michael@0 85 C_Initialize init
michael@0 86 C_GetSlotList false NULL slotCount
michael@0 87 NewArray slotList CK_ULONG slotCount
michael@0 88 C_GetSlotList false slotList slotCount
michael@0 89 #change the following to the appropriate slot id
michael@0 90 set slotID slotList[1]
michael@0 91 #set slotID slotList[0]
michael@0 92 C_GetSlotInfo slotID slotInfo
michael@0 93 C_GetTokenInfo slotID tokenInfo
michael@0 94 C_OpenSession slotID CKF_SERIAL_SESSION session
michael@0 95 NewTemplate search CKA_CLASS
michael@0 96 SetTemplate search 0 CKO_CERTIFICATE
michael@0 97 NewArray certID CK_ULONG 10
michael@0 98 C_FindObjectsInit session search 1
michael@0 99 C_FindObjects session certID sizeA(certID) count
michael@0 100 C_FindObjectsFinal session
michael@0 101 #
michael@0 102 # now read the cert out
michael@0 103 #
michael@0 104 #NewTemplate derCert CKA_VALUE
michael@0 105 #NewTemplate certName CKA_LABEL,CKA_VALUE
michael@0 106 #C_GetAttributeValue session certID[0] certName sizeA(certName)
michael@0 107 #BuildTemplate certName
michael@0 108 #C_GetAttributeValue session certID[0] certName sizeA(certName)
michael@0 109 #print certName[0]
michael@0 110 #Set countm1 count
michael@0 111 #Decrement countm1 1
michael@0 112 #LoopRun pLabel1 i 0 countm1 1
michael@0 113 Set i 0
michael@0 114 run pLabel1
michael@0 115 NewTemplate id CKA_CLASS,CKA_ID
michael@0 116 C_GetAttributeValue session certID[i] id sizeA(id)
michael@0 117 BuildTemplate id
michael@0 118 C_GetAttributeValue session certID[i] id sizeA(id)
michael@0 119 SetTemplate id 0 CKO_PRIVATE_KEY
michael@0 120 NewArray keyID CK_ULONG 10
michael@0 121 C_FindObjectsInit session id sizeA(id)
michael@0 122 C_FindObjects session keyID sizeA(keyID) count
michael@0 123 C_FindObjectsFinal session
michael@0 124
michael@0 125 NewMechanism rsaParams CKM_RSA_PKCS
michael@0 126 NewArray sign data 256
michael@0 127 NewArray sdata data 36
michael@0 128 C_SignInit session rsaParams keyID[0]
michael@0 129 C_Sign session sdata sizeof(sdata) sign sizeof(sign)
michael@0 130 save signature2 sign
michael@0 131 save hash2 sdata
michael@0 132
michael@0 133 SetTemplate id 0 CKO_PUBLIC_KEY
michael@0 134 NewArray pubkeyID CK_ULONG 10
michael@0 135 C_FindObjectsInit session id sizeA(id)
michael@0 136 C_FindObjects session pubkeyID sizeA(pubkeyID) count
michael@0 137 C_FindObjectsFinal session
michael@0 138
michael@0 139 #
michael@0 140 # OK now we use raw unwrap and see what we have...
michael@0 141 #
michael@0 142 NewMechanism rawRsaParams CKM_RSA_X_509
michael@0 143 NewArray vdata data 256
michael@0 144 C_VerifyRecoverInit session rawRsaParams pubkeyID[0]
michael@0 145 C_VerifyRecover session sign sizeof(sign) vdata sizeof(vdata)
michael@0 146 save verify2 vdata
michael@0 147 restore signature sign
michael@0 148 C_VerifyRecoverInit session rawRsaParams pubkeyID[0]
michael@0 149 C_VerifyRecover session sign sizeof(sign) vdata sizeof(vdata)
michael@0 150 save verify vdata
michael@0 151
michael@0 152 NewTemplate pubkeyValue CKA_MODULUS,CKA_PUBLIC_EXPONENT
michael@0 153 C_GetAttributeValue session pubkeyID[0] pubkeyValue sizeA(pubkeyValue)
michael@0 154 BuildTemplate pubkeyValue
michael@0 155 C_GetAttributeValue session pubkeyID[0] pubkeyValue sizeA(pubkeyValue)
michael@0 156 print pubkeyValue[0]
michael@0 157 print pubkeyValue[1]
michael@0 158
michael@0 159
michael@0 160 C_Finalize null
michael@0 161
michael@0 162 unload

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial