/* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * * The contents of this file are subject to the Mozilla Public License Version * 1.1 (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the * License. * * The Original Code is the Netscape security libraries. * * The Initial Developer of the Original Code is * Netscape Communications Corporation. * Portions created by the Initial Developer are Copyright (C) 1994-2000 * the Initial Developer. All Rights Reserved. * * Contributor(s): * Dr Stephen Henson * Dr Vipul Gupta , and * Douglas Stebila , Sun Microsystems Laboratories * * Alternatively, the contents of this file may be used under the terms of * either the GNU General Public License Version 2 or later (the "GPL"), or * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), * in which case the provisions of the GPL or the LGPL are applicable instead * of those above. If you wish to allow use of your version of this file only * under the terms of either the GPL or the LGPL, and not to allow others to * use your version of this file under the terms of the MPL, indicate your * decision by deleting the provisions above and replace them with the notice * and other provisions required by the GPL or the LGPL. If you do not delete * the provisions above, a recipient may use your version of this file under * the terms of any one of the MPL, the GPL or the LGPL. * * ***** END LICENSE BLOCK ***** */ #include "crypto/third_party/nss/chromium-nss.h" #include #include "base/logging.h" // Based on PK11_ImportEncryptedPrivateKeyInfo function in // mozilla/security/nss/lib/pk11wrap/pk11akey.c. SECStatus ImportEncryptedECPrivateKeyInfoAndReturnKey( PK11SlotInfo* slot, SECKEYEncryptedPrivateKeyInfo* epki, SECItem* password, SECItem* nickname, SECItem* public_value, PRBool permanent, PRBool sensitive, SECKEYPrivateKey** private_key, void* wincx) { SECItem* crypto_param = NULL; CK_ATTRIBUTE_TYPE usage = CKA_SIGN; PK11SymKey* key = PK11_PBEKeyGen(slot, &epki->algorithm, password, PR_FALSE, // faulty3DES wincx); if (key == NULL) { DLOG(ERROR) << "PK11_PBEKeyGen: " << PORT_GetError(); return SECFailure; } CK_MECHANISM_TYPE crypto_mech_type = PK11_GetPBECryptoMechanism( &epki->algorithm, &crypto_param, password); if (crypto_mech_type == CKM_INVALID_MECHANISM) { DLOG(ERROR) << "PK11_GetPBECryptoMechanism: " << PORT_GetError(); PK11_FreeSymKey(key); return SECFailure; } crypto_mech_type = PK11_GetPadMechanism(crypto_mech_type); *private_key = PK11_UnwrapPrivKey(slot, key, crypto_mech_type, crypto_param, &epki->encryptedData, nickname, public_value, permanent, sensitive, CKK_EC, &usage, 1, wincx); if (crypto_param != NULL) SECITEM_ZfreeItem(crypto_param, PR_TRUE); PK11_FreeSymKey(key); if (!*private_key) { DLOG(ERROR) << "PK11_UnwrapPrivKey: " << PORT_GetError(); return SECFailure; } return SECSuccess; }