mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
b49af54726
--HG-- rename : security/coreconf/AIX.mk => security/nss/coreconf/AIX.mk rename : security/coreconf/Android.mk => security/nss/coreconf/Android.mk rename : security/coreconf/BSD_OS.mk => security/nss/coreconf/BSD_OS.mk rename : security/coreconf/BeOS.mk => security/nss/coreconf/BeOS.mk rename : security/coreconf/Darwin.mk => security/nss/coreconf/Darwin.mk rename : security/coreconf/FreeBSD.mk => security/nss/coreconf/FreeBSD.mk rename : security/coreconf/HP-UX.mk => security/nss/coreconf/HP-UX.mk rename : security/coreconf/HP-UXA.09.03.mk => security/nss/coreconf/HP-UXA.09.03.mk rename : security/coreconf/HP-UXA.09.07.mk => security/nss/coreconf/HP-UXA.09.07.mk rename : security/coreconf/HP-UXA.09.mk => security/nss/coreconf/HP-UXA.09.mk rename : security/coreconf/HP-UXB.10.01.mk => security/nss/coreconf/HP-UXB.10.01.mk rename : security/coreconf/HP-UXB.10.10.mk => security/nss/coreconf/HP-UXB.10.10.mk rename : security/coreconf/HP-UXB.10.20.mk => security/nss/coreconf/HP-UXB.10.20.mk rename : security/coreconf/HP-UXB.10.30.mk => security/nss/coreconf/HP-UXB.10.30.mk rename : security/coreconf/HP-UXB.10.mk => security/nss/coreconf/HP-UXB.10.mk rename : security/coreconf/HP-UXB.11.00.mk => security/nss/coreconf/HP-UXB.11.00.mk rename : security/coreconf/HP-UXB.11.11.mk => security/nss/coreconf/HP-UXB.11.11.mk rename : security/coreconf/HP-UXB.11.20.mk => security/nss/coreconf/HP-UXB.11.20.mk rename : security/coreconf/HP-UXB.11.22.mk => security/nss/coreconf/HP-UXB.11.22.mk rename : security/coreconf/HP-UXB.11.23.mk => security/nss/coreconf/HP-UXB.11.23.mk rename : security/coreconf/HP-UXB.11.mk => security/nss/coreconf/HP-UXB.11.mk rename : security/coreconf/IRIX.mk => security/nss/coreconf/IRIX.mk rename : security/coreconf/IRIX5.2.mk => security/nss/coreconf/IRIX5.2.mk rename : security/coreconf/IRIX5.3.mk => security/nss/coreconf/IRIX5.3.mk rename : security/coreconf/IRIX5.mk => security/nss/coreconf/IRIX5.mk rename : security/coreconf/IRIX6.2.mk => security/nss/coreconf/IRIX6.2.mk rename : security/coreconf/IRIX6.3.mk => security/nss/coreconf/IRIX6.3.mk rename : security/coreconf/IRIX6.5.mk => security/nss/coreconf/IRIX6.5.mk rename : security/coreconf/IRIX6.mk => security/nss/coreconf/IRIX6.mk rename : security/coreconf/Linux.mk => security/nss/coreconf/Linux.mk rename : security/coreconf/Makefile => security/nss/coreconf/Makefile rename : security/coreconf/NCR3.0.mk => security/nss/coreconf/NCR3.0.mk rename : security/coreconf/NEC4.2.mk => security/nss/coreconf/NEC4.2.mk rename : security/coreconf/NetBSD.mk => security/nss/coreconf/NetBSD.mk rename : security/coreconf/OS2.mk => security/nss/coreconf/OS2.mk rename : security/coreconf/OSF1.mk => security/nss/coreconf/OSF1.mk rename : security/coreconf/OSF1V3.0.mk => security/nss/coreconf/OSF1V2.0.mk rename : security/coreconf/OSF1V3.0.mk => security/nss/coreconf/OSF1V3.0.mk rename : security/coreconf/OSF1V3.2.mk => security/nss/coreconf/OSF1V3.2.mk rename : security/coreconf/OSF1V4.0.mk => security/nss/coreconf/OSF1V4.0.mk rename : security/coreconf/OSF1V4.0B.mk => security/nss/coreconf/OSF1V4.0B.mk rename : security/coreconf/OSF1V4.0D.mk => security/nss/coreconf/OSF1V4.0D.mk rename : security/coreconf/OSF1V5.0.mk => security/nss/coreconf/OSF1V5.0.mk rename : security/coreconf/OSF1V5.1.mk => security/nss/coreconf/OSF1V5.1.mk rename : security/coreconf/OpenBSD.mk => security/nss/coreconf/OpenBSD.mk rename : security/coreconf/OpenUNIX.mk => security/nss/coreconf/OpenUNIX.mk rename : security/coreconf/QNX.mk => security/nss/coreconf/QNX.mk rename : security/coreconf/README => security/nss/coreconf/README rename : security/coreconf/RISCOS.mk => security/nss/coreconf/RISCOS.mk rename : security/coreconf/ReliantUNIX.mk => security/nss/coreconf/ReliantUNIX.mk rename : security/coreconf/ReliantUNIX5.4.mk => security/nss/coreconf/ReliantUNIX5.4.mk rename : security/coreconf/SCOOS5.0.mk => security/nss/coreconf/SCOOS5.0.mk rename : security/coreconf/SCO_SV3.2.mk => security/nss/coreconf/SCO_SV3.2.mk rename : security/coreconf/SunOS4.1.3_U1.mk => security/nss/coreconf/SunOS4.1.3_U1.mk rename : security/coreconf/UNIX.mk => security/nss/coreconf/UNIX.mk rename : security/coreconf/UNIXWARE2.1.mk => security/nss/coreconf/UNIXWARE2.1.mk rename : security/coreconf/WIN95.mk => security/nss/coreconf/WIN95.mk rename : security/coreconf/WINNT.mk => security/nss/coreconf/WINNT.mk rename : security/coreconf/arch.mk => security/nss/coreconf/arch.mk rename : security/coreconf/command.mk => security/nss/coreconf/command.mk rename : security/coreconf/coreconf.pl => security/nss/coreconf/coreconf.pl rename : security/coreconf/cpdist.pl => security/nss/coreconf/cpdist.pl rename : security/coreconf/headers.mk => security/nss/coreconf/headers.mk rename : security/coreconf/import.pl => security/nss/coreconf/import.pl rename : security/coreconf/jdk.mk => security/nss/coreconf/jdk.mk rename : security/coreconf/jniregen.pl => security/nss/coreconf/jniregen.pl rename : security/coreconf/location.mk => security/nss/coreconf/location.mk rename : security/coreconf/mkdepend/Makefile => security/nss/coreconf/mkdepend/Makefile rename : security/coreconf/mkdepend/cppsetup.c => security/nss/coreconf/mkdepend/cppsetup.c rename : security/coreconf/mkdepend/def.h => security/nss/coreconf/mkdepend/def.h rename : security/coreconf/mkdepend/ifparser.c => security/nss/coreconf/mkdepend/ifparser.c rename : security/coreconf/mkdepend/ifparser.h => security/nss/coreconf/mkdepend/ifparser.h rename : security/coreconf/mkdepend/imakemdep.h => security/nss/coreconf/mkdepend/imakemdep.h rename : security/coreconf/mkdepend/include.c => security/nss/coreconf/mkdepend/include.c rename : security/coreconf/mkdepend/main.c => security/nss/coreconf/mkdepend/main.c rename : security/coreconf/mkdepend/mkdepend.man => security/nss/coreconf/mkdepend/mkdepend.man rename : security/coreconf/mkdepend/parse.c => security/nss/coreconf/mkdepend/parse.c rename : security/coreconf/mkdepend/pr.c => security/nss/coreconf/mkdepend/pr.c rename : security/coreconf/module.mk => security/nss/coreconf/module.mk rename : security/coreconf/nsinstall/Makefile => security/nss/coreconf/nsinstall/Makefile rename : security/coreconf/nsinstall/nsinstall.c => security/nss/coreconf/nsinstall/nsinstall.c rename : security/coreconf/nsinstall/pathsub.c => security/nss/coreconf/nsinstall/pathsub.c rename : security/coreconf/nsinstall/pathsub.h => security/nss/coreconf/nsinstall/pathsub.h rename : security/coreconf/nsinstall/sunos4.h => security/nss/coreconf/nsinstall/sunos4.h rename : security/coreconf/outofdate.pl => security/nss/coreconf/outofdate.pl rename : security/coreconf/prefix.mk => security/nss/coreconf/prefix.mk rename : security/coreconf/release.pl => security/nss/coreconf/release.pl rename : security/coreconf/rules.mk => security/nss/coreconf/rules.mk rename : security/coreconf/ruleset.mk => security/nss/coreconf/ruleset.mk rename : security/coreconf/source.mk => security/nss/coreconf/source.mk rename : security/coreconf/suffix.mk => security/nss/coreconf/suffix.mk rename : security/coreconf/tree.mk => security/nss/coreconf/tree.mk rename : security/coreconf/version.mk => security/nss/coreconf/version.mk rename : security/coreconf/version.pl => security/nss/coreconf/version.pl rename : security/dbm/config/config.mk => security/nss/lib/dbm/config/config.mk rename : dbm/include/cdefs.h => security/nss/lib/dbm/include/cdefs.h rename : dbm/include/extern.h => security/nss/lib/dbm/include/extern.h rename : dbm/include/hash.h => security/nss/lib/dbm/include/hash.h rename : dbm/include/search.h => security/nss/lib/dbm/include/hsearch.h rename : dbm/include/mcom_db.h => security/nss/lib/dbm/include/mcom_db.h rename : dbm/include/mpool.h => security/nss/lib/dbm/include/mpool.h rename : dbm/include/ncompat.h => security/nss/lib/dbm/include/ncompat.h rename : dbm/include/page.h => security/nss/lib/dbm/include/page.h rename : dbm/include/queue.h => security/nss/lib/dbm/include/queue.h rename : dbm/include/search.h => security/nss/lib/dbm/include/search.h rename : dbm/include/winfile.h => security/nss/lib/dbm/include/winfile.h rename : dbm/src/db.c => security/nss/lib/dbm/src/db.c rename : security/dbm/src/dirent.c => security/nss/lib/dbm/src/dirent.c rename : security/dbm/src/dirent.h => security/nss/lib/dbm/src/dirent.h rename : dbm/src/h_bigkey.c => security/nss/lib/dbm/src/h_bigkey.c rename : dbm/src/h_func.c => security/nss/lib/dbm/src/h_func.c rename : dbm/src/h_log2.c => security/nss/lib/dbm/src/h_log2.c rename : dbm/src/h_page.c => security/nss/lib/dbm/src/h_page.c rename : dbm/src/hash.c => security/nss/lib/dbm/src/hash.c rename : dbm/src/hash_buf.c => security/nss/lib/dbm/src/hash_buf.c rename : dbm/src/memmove.c => security/nss/lib/dbm/src/memmove.c rename : dbm/src/mktemp.c => security/nss/lib/dbm/src/mktemp.c rename : dbm/src/snprintf.c => security/nss/lib/dbm/src/snprintf.c rename : dbm/src/strerror.c => security/nss/lib/dbm/src/strerror.c rename : dbm/tests/dbmtest.pkg => security/nss/lib/dbm/tests/dbmtest.pkg rename : dbm/tests/lots.c => security/nss/lib/dbm/tests/lots.c extra : rebase_source : 119dad5f824e8e760182047fd32e2a0d0f944172 extra : amend_source : 98e24aa51f9044d9091a26f013b643925e8f9dcf
263 lines
6.5 KiB
C
263 lines
6.5 KiB
C
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
/*
|
|
* CMS digesting.
|
|
*
|
|
* $Id$
|
|
*/
|
|
|
|
#include "cmslocal.h"
|
|
|
|
#include "cert.h"
|
|
#include "key.h"
|
|
#include "secitem.h"
|
|
#include "secoid.h"
|
|
#include "pk11func.h"
|
|
#include "prtime.h"
|
|
#include "secerr.h"
|
|
|
|
/* #define CMS_FIND_LEAK_MULTIPLE 1 */
|
|
#ifdef CMS_FIND_LEAK_MULTIPLE
|
|
static int stop_on_err = 1;
|
|
static int global_num_digests = 0;
|
|
#endif
|
|
|
|
struct digestPairStr {
|
|
const SECHashObject * digobj;
|
|
void * digcx;
|
|
};
|
|
typedef struct digestPairStr digestPair;
|
|
|
|
struct NSSCMSDigestContextStr {
|
|
PRBool saw_contents;
|
|
PLArenaPool * pool;
|
|
int digcnt;
|
|
digestPair * digPairs;
|
|
};
|
|
|
|
|
|
/*
|
|
* NSS_CMSDigestContext_StartMultiple - start digest calculation using all the
|
|
* digest algorithms in "digestalgs" in parallel.
|
|
*/
|
|
NSSCMSDigestContext *
|
|
NSS_CMSDigestContext_StartMultiple(SECAlgorithmID **digestalgs)
|
|
{
|
|
PLArenaPool * pool;
|
|
NSSCMSDigestContext *cmsdigcx;
|
|
int digcnt;
|
|
int i;
|
|
|
|
#ifdef CMS_FIND_LEAK_MULTIPLE
|
|
PORT_Assert(global_num_digests == 0 || !stop_on_err);
|
|
#endif
|
|
|
|
digcnt = (digestalgs == NULL) ? 0 : NSS_CMSArray_Count((void **)digestalgs);
|
|
/* It's OK if digcnt is zero. We have to allow this for "certs only"
|
|
** messages.
|
|
*/
|
|
pool = PORT_NewArena(2048);
|
|
if (!pool)
|
|
return NULL;
|
|
|
|
cmsdigcx = PORT_ArenaNew(pool, NSSCMSDigestContext);
|
|
if (cmsdigcx == NULL)
|
|
goto loser;
|
|
|
|
cmsdigcx->saw_contents = PR_FALSE;
|
|
cmsdigcx->pool = pool;
|
|
cmsdigcx->digcnt = digcnt;
|
|
|
|
cmsdigcx->digPairs = PORT_ArenaZNewArray(pool, digestPair, digcnt);
|
|
if (cmsdigcx->digPairs == NULL) {
|
|
goto loser;
|
|
}
|
|
|
|
/*
|
|
* Create a digest object context for each algorithm.
|
|
*/
|
|
for (i = 0; i < digcnt; i++) {
|
|
const SECHashObject *digobj;
|
|
void *digcx;
|
|
|
|
digobj = NSS_CMSUtil_GetHashObjByAlgID(digestalgs[i]);
|
|
/*
|
|
* Skip any algorithm we do not even recognize; obviously,
|
|
* this could be a problem, but if it is critical then the
|
|
* result will just be that the signature does not verify.
|
|
* We do not necessarily want to error out here, because
|
|
* the particular algorithm may not actually be important,
|
|
* but we cannot know that until later.
|
|
*/
|
|
if (digobj == NULL)
|
|
continue;
|
|
|
|
digcx = (*digobj->create)();
|
|
if (digcx != NULL) {
|
|
(*digobj->begin) (digcx);
|
|
cmsdigcx->digPairs[i].digobj = digobj;
|
|
cmsdigcx->digPairs[i].digcx = digcx;
|
|
#ifdef CMS_FIND_LEAK_MULTIPLE
|
|
global_num_digests++;
|
|
#endif
|
|
}
|
|
}
|
|
return cmsdigcx;
|
|
|
|
loser:
|
|
/* no digest objects have been created, or need to be destroyed. */
|
|
if (pool) {
|
|
PORT_FreeArena(pool, PR_FALSE);
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
/*
|
|
* NSS_CMSDigestContext_StartSingle - same as
|
|
* NSS_CMSDigestContext_StartMultiple, but only one algorithm.
|
|
*/
|
|
NSSCMSDigestContext *
|
|
NSS_CMSDigestContext_StartSingle(SECAlgorithmID *digestalg)
|
|
{
|
|
SECAlgorithmID *digestalgs[] = { NULL, NULL }; /* fake array */
|
|
|
|
digestalgs[0] = digestalg;
|
|
return NSS_CMSDigestContext_StartMultiple(digestalgs);
|
|
}
|
|
|
|
/*
|
|
* NSS_CMSDigestContext_Update - feed more data into the digest machine
|
|
*/
|
|
void
|
|
NSS_CMSDigestContext_Update(NSSCMSDigestContext *cmsdigcx,
|
|
const unsigned char *data, int len)
|
|
{
|
|
int i;
|
|
digestPair *pair = cmsdigcx->digPairs;
|
|
|
|
cmsdigcx->saw_contents = PR_TRUE;
|
|
|
|
for (i = 0; i < cmsdigcx->digcnt; i++, pair++) {
|
|
if (pair->digcx) {
|
|
(*pair->digobj->update)(pair->digcx, data, len);
|
|
}
|
|
}
|
|
}
|
|
|
|
/*
|
|
* NSS_CMSDigestContext_Cancel - cancel digesting operation
|
|
*/
|
|
void
|
|
NSS_CMSDigestContext_Cancel(NSSCMSDigestContext *cmsdigcx)
|
|
{
|
|
int i;
|
|
digestPair *pair = cmsdigcx->digPairs;
|
|
|
|
for (i = 0; i < cmsdigcx->digcnt; i++, pair++) {
|
|
if (pair->digcx) {
|
|
(*pair->digobj->destroy)(pair->digcx, PR_TRUE);
|
|
#ifdef CMS_FIND_LEAK_MULTIPLE
|
|
--global_num_digests;
|
|
#endif
|
|
}
|
|
}
|
|
#ifdef CMS_FIND_LEAK_MULTIPLE
|
|
PORT_Assert(global_num_digests == 0 || !stop_on_err);
|
|
#endif
|
|
PORT_FreeArena(cmsdigcx->pool, PR_FALSE);
|
|
}
|
|
|
|
/*
|
|
* NSS_CMSDigestContext_FinishMultiple - finish the digests and put them
|
|
* into an array of SECItems (allocated on poolp)
|
|
*/
|
|
SECStatus
|
|
NSS_CMSDigestContext_FinishMultiple(NSSCMSDigestContext *cmsdigcx,
|
|
PLArenaPool *poolp,
|
|
SECItem ***digestsp)
|
|
{
|
|
SECItem ** digests = NULL;
|
|
digestPair *pair;
|
|
void * mark;
|
|
int i;
|
|
SECStatus rv;
|
|
|
|
/* no contents? do not finish digests */
|
|
if (digestsp == NULL || !cmsdigcx->saw_contents) {
|
|
rv = SECSuccess;
|
|
goto cleanup;
|
|
}
|
|
|
|
mark = PORT_ArenaMark (poolp);
|
|
|
|
/* allocate digest array & SECItems on arena */
|
|
digests = PORT_ArenaNewArray( poolp, SECItem *, cmsdigcx->digcnt + 1);
|
|
|
|
rv = ((digests == NULL) ? SECFailure : SECSuccess);
|
|
pair = cmsdigcx->digPairs;
|
|
for (i = 0; rv == SECSuccess && i < cmsdigcx->digcnt; i++, pair++) {
|
|
SECItem digest;
|
|
unsigned char hash[HASH_LENGTH_MAX];
|
|
|
|
if (!pair->digcx) {
|
|
digests[i] = NULL;
|
|
continue;
|
|
}
|
|
|
|
digest.type = siBuffer;
|
|
digest.data = hash;
|
|
digest.len = pair->digobj->length;
|
|
(* pair->digobj->end)(pair->digcx, hash, &digest.len, digest.len);
|
|
digests[i] = SECITEM_ArenaDupItem(poolp, &digest);
|
|
if (!digests[i]) {
|
|
rv = SECFailure;
|
|
}
|
|
}
|
|
digests[i] = NULL;
|
|
if (rv == SECSuccess) {
|
|
PORT_ArenaUnmark(poolp, mark);
|
|
} else
|
|
PORT_ArenaRelease(poolp, mark);
|
|
|
|
cleanup:
|
|
NSS_CMSDigestContext_Cancel(cmsdigcx);
|
|
/* Don't change the caller's digests pointer if we have no digests.
|
|
** NSS_CMSSignedData_Encode_AfterData depends on this behavior.
|
|
*/
|
|
if (rv == SECSuccess && digestsp && digests) {
|
|
*digestsp = digests;
|
|
}
|
|
return rv;
|
|
}
|
|
|
|
/*
|
|
* NSS_CMSDigestContext_FinishSingle - same as
|
|
* NSS_CMSDigestContext_FinishMultiple, but for one digest.
|
|
*/
|
|
SECStatus
|
|
NSS_CMSDigestContext_FinishSingle(NSSCMSDigestContext *cmsdigcx,
|
|
PLArenaPool *poolp,
|
|
SECItem *digest)
|
|
{
|
|
SECStatus rv = SECFailure;
|
|
SECItem **dp;
|
|
PLArenaPool *arena = NULL;
|
|
|
|
if ((arena = PORT_NewArena(1024)) == NULL)
|
|
goto loser;
|
|
|
|
/* get the digests into arena, then copy the first digest into poolp */
|
|
rv = NSS_CMSDigestContext_FinishMultiple(cmsdigcx, arena, &dp);
|
|
if (rv == SECSuccess) {
|
|
/* now copy it into poolp */
|
|
rv = SECITEM_CopyItem(poolp, digest, dp[0]);
|
|
}
|
|
loser:
|
|
if (arena)
|
|
PORT_FreeArena(arena, PR_FALSE);
|
|
|
|
return rv;
|
|
}
|