Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Effectively remove all the code that uses RC5 from the software token
by surrounding it with #if NSS_SOFTOKEN_DOES_RC5
  • Loading branch information
nelsonb%netscape.com committed Sep 7, 2000
1 parent b74c2f9 commit e5076a6
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 2 deletions.
8 changes: 8 additions & 0 deletions security/nss/cmd/bltest/blapitest.c
Expand Up @@ -80,8 +80,10 @@ static void Usage()
PRINTUSAGE("", "-g", "key size (in bytes).");
PRINTUSAGE("", "-p", "do performance test.");
PRINTUSAGE("(rsa)", "-e", "rsa public exponent.");
#if NSS_SOFTOKEN_DOES_RC5
PRINTUSAGE("(rc5)", "-r", "number of rounds.");
PRINTUSAGE("(rc5)", "-w", "wordsize (32 or 64).");
#endif
fprintf(stderr, "\n");
PRINTUSAGE(progName, "-D -m mode", "Decrypt a buffer.");
PRINTUSAGE("", "", "[-i plaintext] [-o ciphertext] [-k key] [-v iv]");
Expand Down Expand Up @@ -856,6 +858,7 @@ rc4_test(blapitestInfo *info)
return rv;
}

#if NSS_SOFTOKEN_DOES_RC5
/************************
** RC5
************************/
Expand Down Expand Up @@ -978,6 +981,7 @@ rc5_cbc_test(blapitestInfo *info)
RC5_DestroyContext(rc5cx, PR_TRUE);
return rv;
}
#endif

static SECStatus
rsa_test(blapitestInfo *info)
Expand Down Expand Up @@ -1354,8 +1358,10 @@ static blapitestCryptoFn crypto_fns[] =
rc2_ecb_test,
rc2_cbc_test,
rc4_test,
#if NSS_SOFTOKEN_DOES_RC5
rc5_ecb_test,
rc5_cbc_test,
#endif
rsa_test,
NULL,
pqg_test,
Expand All @@ -1376,8 +1382,10 @@ static char *mode_strings[] =
"rc2_ecb",
"rc2_cbc",
"rc4",
#if NSS_SOFTOKEN_DOES_RC5
"rc5_ecb",
"rc5_cbc",
#endif
"rsa",
"#endencrypt",
"pqg",
Expand Down
6 changes: 5 additions & 1 deletion security/nss/lib/softoken/pkcs11.c
Expand Up @@ -316,15 +316,17 @@ static struct mechanismList mechanisms[] = {
{CKM_CAST5_MAC_GENERAL, {1, 16, CKF_SN_VR}, PR_FALSE},
{CKM_CAST5_CBC_PAD, {1, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
#endif
#if NSS_SOFTOKEN_DOES_RC5
/* ------------------------- RC5 Operations --------------------------- */
{CKM_RC5_KEY_GEN, {1, 255, CKF_GENERATE}, PR_FALSE},
{CKM_RC5_ECB, {1, 255, CKF_EN_DE_WR_UN}, PR_FALSE},
{CKM_RC5_CBC, {1, 255, CKF_EN_DE_WR_UN}, PR_FALSE},
{CKM_RC5_MAC, {1, 255, CKF_SN_VR}, PR_FALSE},
{CKM_RC5_MAC_GENERAL, {1, 255, CKF_SN_VR}, PR_FALSE},
{CKM_RC5_CBC_PAD, {1, 255, CKF_EN_DE_WR_UN}, PR_FALSE},
/* ------------------------- IDEA Operations -------------------------- */
#endif
#ifdef PK11_IDEA_SUPPORTED
/* ------------------------- IDEA Operations -------------------------- */
{CKM_IDEA_KEY_GEN, {16, 16, CKF_GENERATE}, PR_FALSE},
{CKM_IDEA_ECB, {16, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
{CKM_IDEA_CBC, {16, 16, CKF_EN_DE_WR_UN}, PR_FALSE},
Expand Down Expand Up @@ -1013,7 +1015,9 @@ validateSecretKey(PK11Object *object, CK_KEY_TYPE key_type, PRBool isFIPS)
case CKK_GENERIC_SECRET:
case CKK_RC2:
case CKK_RC4:
#if NSS_SOFTOKEN_DOES_RC5
case CKK_RC5:
#endif
case CKK_CAST:
case CKK_CAST3:
case CKK_CAST5:
Expand Down
16 changes: 15 additions & 1 deletion security/nss/lib/softoken/pkcs11c.c
Expand Up @@ -516,14 +516,16 @@ pk11_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
PK11SessionContext *context;
PK11Attribute *att;
CK_RC2_CBC_PARAMS *rc2_param;
#if NSS_SOFTOKEN_DOES_RC5
CK_RC5_CBC_PARAMS *rc5_param;
SECItem rc5Key;
#endif
CK_KEY_TYPE key_type;
CK_RV crv = CKR_OK;
SECKEYLowPublicKey *pubKey;
unsigned effectiveKeyLength;
unsigned char newdeskey[8];
PRBool useNewKey=PR_FALSE;
SECItem rc5Key;
int t;

session = pk11_SessionFromHandle(hSession);
Expand Down Expand Up @@ -586,6 +588,7 @@ pk11_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
context->update = (PK11Cipher) RC2_Encrypt;
context->destroy = (PK11Destroy) RC2_DestroyContext;
break;
#if NSS_SOFTOKEN_DOES_RC5
case CKM_RC5_CBC_PAD:
context->doPad = PR_TRUE;
/* fall thru */
Expand Down Expand Up @@ -617,6 +620,7 @@ pk11_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
context->update = (PK11Cipher) RC5_Encrypt;
context->destroy = (PK11Destroy) RC5_DestroyContext;
break;
#endif
case CKM_RC4:
if (key_type != CKK_RC4) {
crv = CKR_KEY_TYPE_INCONSISTENT;
Expand Down Expand Up @@ -898,8 +902,10 @@ static CK_RV pk11_DecryptInit( CK_SESSION_HANDLE hSession,
PK11Attribute *att;
PK11SessionContext *context;
CK_RC2_CBC_PARAMS *rc2_param;
#if NSS_SOFTOKEN_DOES_RC5
CK_RC5_CBC_PARAMS *rc5_param;
SECItem rc5Key;
#endif
CK_KEY_TYPE key_type;
CK_RV crv = CKR_OK;
unsigned effectiveKeyLength;
Expand Down Expand Up @@ -965,6 +971,7 @@ static CK_RV pk11_DecryptInit( CK_SESSION_HANDLE hSession,
context->update = (PK11Cipher) RC2_Decrypt;
context->destroy = (PK11Destroy) RC2_DestroyContext;
break;
#if NSS_SOFTOKEN_DOES_RC5
case CKM_RC5_CBC_PAD:
context->doPad = PR_TRUE;
/* fall thru */
Expand Down Expand Up @@ -996,6 +1003,7 @@ static CK_RV pk11_DecryptInit( CK_SESSION_HANDLE hSession,
context->update = (PK11Cipher) RC5_Decrypt;
context->destroy = (PK11Destroy) RC5_DestroyContext;
break;
#endif
case CKM_RC4:
if (key_type != CKK_RC4) {
crv = CKR_KEY_TYPE_INCONSISTENT;
Expand Down Expand Up @@ -1785,8 +1793,10 @@ pk11_InitCBCMac(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_MECHANISM cbc_mechanism;
CK_ULONG mac_bytes = PK11_INVALID_MAC_SIZE;
CK_RC2_CBC_PARAMS rc2_params;
#if NSS_SOFTOKEN_DOES_RC5
CK_RC5_CBC_PARAMS rc5_params;
CK_RC5_MAC_GENERAL_PARAMS *rc5_mac;
#endif
unsigned char ivBlock[PK11_MAX_BLOCK_SIZE];
PK11SessionContext *context;
CK_RV crv;
Expand All @@ -1808,6 +1818,7 @@ pk11_InitCBCMac(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
cbc_mechanism.ulParameterLen = sizeof(rc2_params);
blockSize = 8;
break;
#if NSS_SOFTOKEN_DOES_RC5
case CKM_RC5_MAC_GENERAL:
mac_bytes =
((CK_RC5_MAC_GENERAL_PARAMS *)pMechanism->pParameter)->ulMacLength;
Expand All @@ -1826,6 +1837,7 @@ pk11_InitCBCMac(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
cbc_mechanism.pParameter = &rc5_params;
cbc_mechanism.ulParameterLen = sizeof(rc5_params);
break;
#endif
/* add cast and idea later */
case CKM_DES_MAC_GENERAL:
mac_bytes = *(CK_ULONG *)pMechanism->pParameter;
Expand Down Expand Up @@ -2873,10 +2885,12 @@ CK_RV NSC_GenerateKey(CK_SESSION_HANDLE hSession,
key_type = CKK_RC2;
if (key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
break;
#if NSS_SOFTOKEN_DOES_RC5
case CKM_RC5_KEY_GEN:
key_type = CKK_RC5;
if (key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
break;
#endif
case CKM_RC4_KEY_GEN:
key_type = CKK_RC4;
if (key_length == 0) crv = CKR_TEMPLATE_INCOMPLETE;
Expand Down

0 comments on commit e5076a6

Please sign in to comment.