PKIFNSSAesKeyWrap.cpp

Go to the documentation of this file.

#include "PKIFNSSAesKeyWrap.h"
#include "PKIFNSSAesKeyWrapCryptContext.h"
#include "PKIFNSSHashContext.h"

#include "PKIFCryptoException.h"
#include "PKIFKeyMaterial.h"
#include "PKIFCryptoPPKeyMaterial.h"
#include "PKIFAlgorithm.h"

#include "ToolkitUtils.h"
#include "PKIFNSSErrors.h"
#include "PKIFNSSDatabase.h"
#include "PKIFCryptoErrors.h"
#include "Certificate.h"
#include "Buffer.h"

#include <sstream>

#include "PKIFNSSConfig.h"


static CK_MECHANISM_TYPE s_kwmech = CKM_NETSCAPE_AES_KEY_WRAP;


CPKIFNSSAesKeyWrap::CPKIFNSSAesKeyWrap(void)
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::CPKIFNSSAesKeyWrap(void)", TOOLKIT_CRYPTO_NSSRAW, 0, this);
}
CPKIFNSSAesKeyWrap::~CPKIFNSSAesKeyWrap(void)
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::~CPKIFNSSAesKeyWrap(void)", TOOLKIT_CRYPTO_NSSRAW, 0, this);
}
void CPKIFNSSAesKeyWrap::Initialize()
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::Initialize()", TOOLKIT_CRYPTO_NSSRAW, 0, this);
}
bool CPKIFNSSAesKeyWrap::SupportsAlgorithm(
    const CPKIFKeyMaterial& key)
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::SupportsAlgorithm(const CPKIFKeyMaterial& key)", TOOLKIT_CRYPTO_NSSRAW, 0, this);
    if(key.ContainsSymmetricKeyMaterial())
    {   
        PKIFCRYPTO::SYMKEY_ALG ska = key.GetSymmetricKeyAlgorithm();
        if(PKIFCRYPTO::AES128Wrap == ska || PKIFCRYPTO::AES192Wrap == ska || PKIFCRYPTO::AES256Wrap  == ska)
            return true;
    }
    return false;
}

void CPKIFNSSAesKeyWrap::Decrypt(   
    const CPKIFKeyMaterial& key,
    unsigned char* pData, 
    int nDataLen, 
    unsigned char* pResult, 
    int* pnResultLen, 
    bool pad)
{
    if(key.ContainsSymmetricKeyMaterial()) 
    {
        CPKIFNSSAesKeyWrapCryptContext * ctx = static_cast<CPKIFNSSAesKeyWrapCryptContext *>(this->CryptInit(key,pad));
        try {
            Decrypt(ctx,pData,nDataLen,pResult,pnResultLen,true);
        } catch(...) {
            delete ctx;
            throw;
        }
        delete ctx;
    } 
}
void CPKIFNSSAesKeyWrap::Encrypt(
    const CPKIFKeyMaterial& key,
    unsigned char* pData, 
    int nDataLen, 
    unsigned char* pResult, 
    int* pnResultLen, 
    bool pad)
{
    if(key.ContainsSymmetricKeyMaterial()) {
        CPKIFNSSAesKeyWrapCryptContext * ctx = static_cast<CPKIFNSSAesKeyWrapCryptContext *>(this->CryptInit(key,pad));
        try {
            Encrypt(ctx,pData,nDataLen,pResult,pnResultLen,true);
        } catch(...) {
            delete ctx;
            throw;
        }
        delete ctx;
    } 
}

IPKIFRawCryptContext* CPKIFNSSAesKeyWrap::CryptInit(
    const CPKIFKeyMaterial& key,
    bool pad)
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::CryptInit(const CPKIFKeyMaterial& key)", TOOLKIT_CRYPTO_NSSRAW, 0, this);
    
    // AES keys only here.
    if(!key.ContainsSymmetricKeyMaterial())
    {
        throw CPKIFCryptoException(TOOLKIT_CRYPTO_NSSRAW, COMMON_INVALID_INPUT, "CryptInit() only makes sense for symmetric keys.");    
    }
    PKIFCRYPTO::SYMKEY_ALG ka = key.GetSymmetricKeyAlgorithm();
    CK_MECHANISM_TYPE kmmech;
    switch(ka) {
        case PKIFCRYPTO::AES:
        case PKIFCRYPTO::AES128:
        case PKIFCRYPTO::AES192:
        case PKIFCRYPTO::AES256:
        case PKIFCRYPTO::AES128Wrap:
        case PKIFCRYPTO::AES192Wrap:
        case PKIFCRYPTO::AES256Wrap:
            kmmech = CKM_AES_KEY_GEN;
            break;
        default:
            throw CPKIFCryptoException(TOOLKIT_CRYPTO_NSSRAW, COMMON_INVALID_INPUT, "Key material not usable for AES key wrap");
            break;
            
    }

    // throw bad_alloc... nothing to cleanup
    CPKIFNSSAesKeyWrapCryptContext * ctx = new CPKIFNSSAesKeyWrapCryptContext();

    
    ctx->m_slot = PK11_GetInternalKeySlot();

    // AES key wrap IVs are 64 bits if used
    const unsigned char * kmiv = key.GetIV();
    if(kmiv) {
        SECItem ivItem;
        memset(&ivItem,0x00,sizeof(SECItem));
        // this gets copied by ParamFromIV
        ivItem.data = const_cast<unsigned char *>(kmiv);
        ivItem.len = 8;
        ctx->m_params = PK11_ParamFromIV(kmmech,&ivItem);
    } else {
        ctx->m_params = PK11_ParamFromIV(kmmech,0);
    }
    
    SECItem kekItem;
    memset(&kekItem,0x00,sizeof(SECItem));
    // safe, since import will copy it
    kekItem.data = const_cast<unsigned char *>(key.GetSymmetricKey());
    kekItem.len = key.GetSymmetricKeyLength();
    ctx->m_wrappingkey = PK11_ImportSymKey(ctx->m_slot, kmmech, PK11_OriginUnwrap, CKA_ENCRYPT|CKA_DECRYPT|CKA_WRAP|CKA_UNWRAP,&kekItem,0);

    return ctx;
}
void CPKIFNSSAesKeyWrap::Decrypt(
    IPKIFRawCryptContext* cryptContext, 
    unsigned char* pData, 
    int nDataLen, 
    unsigned char* pResult,
    int* pnResultLen, 
    bool final)
{
    CPKIFNSSAesKeyWrapCryptContext* icc = dynamic_cast<CPKIFNSSAesKeyWrapCryptContext*>(cryptContext);
    if(!icc)
    { 
        RAISE_CRYPTO_EXCEPTION("CPKIFNSSAesKeyWrap called with an invalid context.", TOOLKIT_CRYPTO_NSSRAW, COMMON_INVALID_INPUT, NULL);
    }

    // all the data needs to be available in 1 shot for the public nss API
    if(!final)
    {
        RAISE_CRYPTO_EXCEPTION("CPKIFNSSAesKeyWrap::Decrypt can only be called once per context", TOOLKIT_CRYPTO_NSSRAW, COMMON_INVALID_INPUT,NULL);
    }

    unsigned int unsignedCipherLength = nDataLen;
    /*SECStatus s = AESKeyWrap_Decrypt(icc->m_ctxDec, pResult,
            &usignedcipherTextLength, *pnResultLen,
            pData, nDataLen);*/

    SECItem ciphersi;
    memset(&ciphersi,0x00,sizeof(SECItem));
    ciphersi.data = pData;
    ciphersi.len = unsignedCipherLength; // key wrap always pads with 64 bits
    unsigned int unsignedPlainLength = unsignedCipherLength - 8;
    // CKK_GENERIC_SECRET allows us to go through this high level interface without being able to tell NSS  just what we're unwrapping
    PK11SymKey * unwrappedKey = PK11_UnwrapSymKey(
                    // the KEK, which must be available in the module
                    icc->m_wrappingkey,
                    // the only mechanism supported by this class is 3394's algorithm
                    s_kwmech,
                    // this will transmit the IV if one is used
                    icc->m_params,
                    // the actual ciphertext
                    &ciphersi,
                    // import the key material without knowing what kind it is
                    CKK_GENERIC_SECRET,
                    // a safe value since all we're doing is exporting the key
                    CKA_ENCRYPT,
                    // key size of the key being unwrapped
                    unsignedPlainLength);
    if(0 == unwrappedKey)
    {
        RAISE_CRYPTO_EXCEPTION("Unable to perform cipher operation",TOOLKIT_CRYPTO_NSSRAW,PKIFNSS_CIPHER_OP_FAILED,NULL);
    }
    
    SECStatus res = PK11_ExtractKeyValue(unwrappedKey);
    if(SECSuccess != res)
    {
        RAISE_CRYPTO_EXCEPTION("Unable to access plaintext",TOOLKIT_CRYPTO_NSSRAW,PKIFNSS_CIPHER_OP_FAILED,NULL);
    }
    SECItem * uwkeydata = PK11_GetKeyData(unwrappedKey);
    if(!uwkeydata)
    {
        RAISE_CRYPTO_EXCEPTION("Unable to copy plaintext",TOOLKIT_CRYPTO_NSSRAW,PKIFNSS_CIPHER_OP_FAILED,NULL);
    }
    memcpy(pResult,uwkeydata->data,uwkeydata->len);
    *pnResultLen = uwkeydata->len;

}

void CPKIFNSSAesKeyWrap::Encrypt(
    IPKIFRawCryptContext* cryptContext, 
    unsigned char* pData, 
    int nDataLen, 
    unsigned char* pResult, 
    int* pnResultLen, 
    bool final)
{
    CPKIFNSSAesKeyWrapCryptContext* icc = dynamic_cast<CPKIFNSSAesKeyWrapCryptContext*>(cryptContext);
    if(!icc)
    { 
        RAISE_CRYPTO_EXCEPTION("CPKIFNSSAesKeyWrap called with an invalid context.", TOOLKIT_CRYPTO_NSSRAW, COMMON_INVALID_INPUT, NULL);
    }

    // all the data needs to be available in 1 shot for the public nss API
    if(!final)
    {
        RAISE_CRYPTO_EXCEPTION("CPKIFNSSAesKeyWrap::Encrypt can only be called once per context", TOOLKIT_CRYPTO_NSSRAW, COMMON_INVALID_INPUT,NULL);
    }

    SECItem tbWrappedSI;
    memset(&tbWrappedSI,0x00,sizeof(SECItem));
    tbWrappedSI.data = pData;
    tbWrappedSI.len = nDataLen;
    // import the plaintext to NSS as a generic secret blob since we can't be certain what it is at this point.
    PK11SymKey * tbWrappedKey = PK11_ImportSymKey(icc->m_slot, CKK_GENERIC_SECRET, PK11_OriginGenerated, CKA_ENCRYPT, &tbWrappedSI,0);
    /*
    SECStatus s = AESKeyWrap_Encrypt(icc->m_ctxEnc, pResult,
            &upnResultLen, *pnResultLen,
            pData, nDataLen);*/
    if(0 == tbWrappedKey)
    {
        RAISE_CRYPTO_EXCEPTION("Unable to import key material for wrap",TOOLKIT_CRYPTO_NSSRAW,PKIFNSS_CIPHER_OP_FAILED,NULL);
    }
    SECItem wrappedKeySI;
    memset(&wrappedKeySI,0x00,sizeof(SECItem));
    wrappedKeySI.data = pResult;
    wrappedKeySI.len = *pnResultLen;

    SECStatus res = PK11_WrapSymKey(s_kwmech,icc->m_params,icc->m_wrappingkey,tbWrappedKey,&wrappedKeySI);
    PK11_FreeSymKey(tbWrappedKey);
    if(SECSuccess != res)
    {
        RAISE_CRYPTO_EXCEPTION("Unable to perform key wrap operation",TOOLKIT_CRYPTO_NSSRAW,PKIFNSS_CIPHER_OP_FAILED,NULL);
    }
    *pnResultLen = wrappedKeySI.len;
}
void CPKIFNSSAesKeyWrap::Sign(
    const CPKIFKeyMaterial& key,
    unsigned char* pHashData, 
    int nHashDataLen, 
    unsigned char* pSignature, 
    int* nSignatureLen,
    PKIFCRYPTO::HASH_ALG hashAlg
    )
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::Sign(const CPKIFKeyMaterial& key,...)", TOOLKIT_CRYPTO_NSSRAW, 0, this);
    // Don't do raw signature generation since we don't have a way of slinging raw private keys around
    RAISE_CRYPTO_EXCEPTION("Signing operations are not implemented by this class.", TOOLKIT_CRYPTO_NSSRAW, COMMON_NOT_IMPLEMENTED, this);
}

IPKIFRawCryptContext* CPKIFNSSAesKeyWrap::HMACInit(const CPKIFKeyMaterial &key, PKIFCRYPTO::HASH_ALG ha)
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::HMACInit(const CPKIFKeyMaterial& key, HASH_ALG ha)", TOOLKIT_CRYPTO_NSSRAW, 0, this);
    RAISE_CRYPTO_EXCEPTION("MAC operations are not implemented by this class.", TOOLKIT_CRYPTO_NSSRAW, COMMON_NOT_IMPLEMENTED, this);
    return NULL;
}

void CPKIFNSSAesKeyWrap::HMACUpdate(IPKIFRawCryptContext* ctx, unsigned char* pData, int nDataLen)
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::HMACUpdate(IPKIFRawCryptContext* ctx, unsigned char* pData, int nDataLen)", TOOLKIT_CRYPTO_NSSRAW, 0, this);
    RAISE_CRYPTO_EXCEPTION("MAC operations are not implemented by this class.", TOOLKIT_CRYPTO_NSSRAW, COMMON_NOT_IMPLEMENTED, this);
}

void CPKIFNSSAesKeyWrap::HMACFinal(IPKIFRawCryptContext* ctx, unsigned char* pResult, int* pnResultLen)
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::HMACFinal(IPKIFRawCryptContext* ctx, unsigned char* pResult, int* pnResultLen)", TOOLKIT_CRYPTO_NSSRAW, 0, this);
    RAISE_CRYPTO_EXCEPTION("MAC operations are not implemented by this class.", TOOLKIT_CRYPTO_NSSRAW, COMMON_NOT_IMPLEMENTED, this);
}

bool CPKIFNSSAesKeyWrap::VerifyCertificate(
    const CPKIFCertificate& issCert, 
    const CPKIFCertificate& subCert)
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::VerifyCertificate(const CPKIFCertificate& issCert, const CPKIFCertificate& subCert)", TOOLKIT_CRYPTO_NSSRAW, 0, this);
    RAISE_CRYPTO_EXCEPTION("Signing operations are not implemented by this class.", TOOLKIT_CRYPTO_NSSRAW, COMMON_NOT_IMPLEMENTED, this);
    return false;
}

//support RSA w/ SHA1 (DSS and MD5)
bool CPKIFNSSAesKeyWrap::Verify(
    const CPKIFKeyMaterial& key,
    unsigned char* pHashData, 
    int nHashDataLen, 
    unsigned char* pSignature, 
    int nSignatureLen,
    PKIFCRYPTO::HASH_ALG hashAlg
    )
{
    LOG_STRING_DEBUG("CPKIFNSSAesKeyWrap::VerifyCertificate(const CPKIFCertificate& issCert, const CPKIFCertificate& subCert)", TOOLKIT_CRYPTO_NSSRAW, 0, this);
    RAISE_CRYPTO_EXCEPTION("Signing operations are not implemented by this class.", TOOLKIT_CRYPTO_NSSRAW, COMMON_NOT_IMPLEMENTED, this);
    return false;
}