summaryrefslogtreecommitdiffstats
path: root/nss/lib/util/secoid.c
diff options
context:
space:
mode:
Diffstat (limited to 'nss/lib/util/secoid.c')
-rw-r--r--nss/lib/util/secoid.c181
1 files changed, 163 insertions, 18 deletions
diff --git a/nss/lib/util/secoid.c b/nss/lib/util/secoid.c
index 05208ee..641c5b0 100644
--- a/nss/lib/util/secoid.c
+++ b/nss/lib/util/secoid.c
@@ -159,6 +159,9 @@ const char __nss_util_version[] = "Version: NSS " NSSUTIL_VERSION _DEBUG_STRING;
#define ANSI_X962_SIGNATURE_OID ANSI_X962_OID, 0x04
#define ANSI_X962_SPECIFY_OID ANSI_X962_SIGNATURE_OID, 0x03
+#define X9_63_SCHEME 0x2B, 0x81, 0x05, 0x10, 0x86, 0x48, 0x3F, 0x00
+#define SECG_SCHEME CERTICOM_OID, 0x01
+
/* for Camellia: iso(1) member-body(2) jisc(392)
* mitsubishi(200011) isl(61) security(1) algorithm(1)
*/
@@ -602,6 +605,18 @@ CONST_OID secgECsect409r1[] = { SECG_OID, 0x25 }; /* unsupported by freebl */
CONST_OID secgECsect571k1[] = { SECG_OID, 0x26 }; /* unsupported by freebl */
CONST_OID secgECsect571r1[] = { SECG_OID, 0x27 }; /* unsupported by freebl */
+/* Diffie-Hellman key agreement algorithms */
+CONST_OID dhSinglePassstdDHsha1kdfscheme[] = { X9_63_SCHEME, 0x02 };
+CONST_OID dhSinglePassstdDHsha224kdfscheme[] = { SECG_SCHEME, 0x0B, 0x00 };
+CONST_OID dhSinglePassstdDHsha256kdfscheme[] = { SECG_SCHEME, 0x0B, 0x01 };
+CONST_OID dhSinglePassstdDHsha384kdfscheme[] = { SECG_SCHEME, 0x0B, 0x02 };
+CONST_OID dhSinglePassstdDHsha512kdfscheme[] = { SECG_SCHEME, 0x0B, 0x03 };
+CONST_OID dhSinglePasscofactorDHsha1kdfscheme[] = { X9_63_SCHEME, 0x03 };
+CONST_OID dhSinglePasscofactorDHsha224kdfscheme[] = { SECG_SCHEME, 0x0E, 0x00 };
+CONST_OID dhSinglePasscofactorDHsha256kdfscheme[] = { SECG_SCHEME, 0x0E, 0x01 };
+CONST_OID dhSinglePasscofactorDHsha384kdfscheme[] = { SECG_SCHEME, 0x0E, 0x02 };
+CONST_OID dhSinglePasscofactorDHsha512kdfscheme[] = { SECG_SCHEME, 0x0E, 0x03 };
+
CONST_OID seed_CBC[] = { SEED_OID, 4 };
CONST_OID evIncorporationLocality[] = { EV_NAME_ATTRIBUTE, 1 };
@@ -692,7 +707,7 @@ const static SECOidData oids[SEC_OID_TOTAL] = {
"DES-EDE", CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
OD(isoSHAWithRSASignature, SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE,
"ISO SHA with RSA Signature",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ CKM_SHA1_RSA_PKCS, INVALID_CERT_EXTENSION),
OD(pkcs1RSAEncryption, SEC_OID_PKCS1_RSA_ENCRYPTION,
"PKCS #1 RSA Encryption", CKM_RSA_PKCS, INVALID_CERT_EXTENSION),
@@ -1576,19 +1591,19 @@ const static SECOidData oids[SEC_OID_TOTAL] = {
INVALID_CERT_EXTENSION),
OD(ansix962SignaturewithSHA224Digest,
SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE,
- "X9.62 ECDSA signature with SHA224", CKM_INVALID_MECHANISM,
+ "X9.62 ECDSA signature with SHA224", CKM_ECDSA_SHA224,
INVALID_CERT_EXTENSION),
OD(ansix962SignaturewithSHA256Digest,
SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE,
- "X9.62 ECDSA signature with SHA256", CKM_INVALID_MECHANISM,
+ "X9.62 ECDSA signature with SHA256", CKM_ECDSA_SHA256,
INVALID_CERT_EXTENSION),
OD(ansix962SignaturewithSHA384Digest,
SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE,
- "X9.62 ECDSA signature with SHA384", CKM_INVALID_MECHANISM,
+ "X9.62 ECDSA signature with SHA384", CKM_ECDSA_SHA384,
INVALID_CERT_EXTENSION),
OD(ansix962SignaturewithSHA512Digest,
SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE,
- "X9.62 ECDSA signature with SHA512", CKM_INVALID_MECHANISM,
+ "X9.62 ECDSA signature with SHA512", CKM_ECDSA_SHA512,
INVALID_CERT_EXTENSION),
/* More id-ce and id-pe OIDs from RFC 3280 */
@@ -1624,7 +1639,7 @@ const static SECOidData oids[SEC_OID_TOTAL] = {
/* PKCS 5 v2 OIDS */
OD(pkcs5Pbkdf2, SEC_OID_PKCS5_PBKDF2,
- "PKCS #5 Password Based Key Dervive Function v2 ",
+ "PKCS #5 Password Based Key Derive Function v2 ",
CKM_PKCS5_PBKD2, INVALID_CERT_EXTENSION),
OD(pkcs5Pbes2, SEC_OID_PKCS5_PBES2,
"PKCS #5 Password Based Encryption v2 ",
@@ -1653,7 +1668,7 @@ const static SECOidData oids[SEC_OID_TOTAL] = {
OD(isoSHA1WithRSASignature, SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE,
"ISO SHA-1 with RSA Signature",
- CKM_INVALID_MECHANISM, INVALID_CERT_EXTENSION),
+ CKM_SHA1_RSA_PKCS, INVALID_CERT_EXTENSION),
/* SEED algorithm OIDs */
OD(seed_CBC, SEC_OID_SEED_CBC,
@@ -1701,11 +1716,11 @@ const static SECOidData oids[SEC_OID_TOTAL] = {
OD(nistDSASignaturewithSHA224Digest,
SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST,
"DSA with SHA-224 Signature",
- CKM_INVALID_MECHANISM /* not yet defined */, INVALID_CERT_EXTENSION),
+ CKM_DSA_SHA224, INVALID_CERT_EXTENSION),
OD(nistDSASignaturewithSHA256Digest,
SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST,
"DSA with SHA-256 Signature",
- CKM_INVALID_MECHANISM /* not yet defined */, INVALID_CERT_EXTENSION),
+ CKM_DSA_SHA256, INVALID_CERT_EXTENSION),
OD(msExtendedKeyUsageTrustListSigning,
SEC_OID_MS_EXT_KEY_USAGE_CTL_SIGNING,
"Microsoft Trust List Signing",
@@ -1842,6 +1857,39 @@ const static SECOidData oids[SEC_OID_TOTAL] = {
OD(ed25519PublicKey, SEC_OID_ED25519_PUBLIC_KEY,
"X9.62 elliptic edwards curve public key", CKM_EC_EDWARDS_KEY_PAIR_GEN, INVALID_CERT_EXTENSION),
+ OD(dhSinglePassstdDHsha1kdfscheme, SEC_OID_DHSINGLEPASS_STDDH_SHA1KDF_SCHEME,
+ "Eliptic Curve Diffie-Hellman Single Pass Standard with SHA1 KDF", CKM_ECDH1_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(dhSinglePassstdDHsha224kdfscheme, SEC_OID_DHSINGLEPASS_STDDH_SHA224KDF_SCHEME,
+ "Eliptic Curve Diffie-Hellman Single Pass Standard with SHA224 KDF", CKM_ECDH1_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(dhSinglePassstdDHsha256kdfscheme, SEC_OID_DHSINGLEPASS_STDDH_SHA256KDF_SCHEME,
+ "Eliptic Curve Diffie-Hellman Single Pass Standard with SHA256 KDF", CKM_ECDH1_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(dhSinglePassstdDHsha384kdfscheme, SEC_OID_DHSINGLEPASS_STDDH_SHA384KDF_SCHEME,
+ "Eliptic Curve Diffie-Hellman Single Pass Standard with SHA384 KDF", CKM_ECDH1_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(dhSinglePassstdDHsha512kdfscheme, SEC_OID_DHSINGLEPASS_STDDH_SHA512KDF_SCHEME,
+ "Eliptic Curve Diffie-Hellman Single Pass Standard with SHA512 KDF", CKM_ECDH1_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(dhSinglePasscofactorDHsha1kdfscheme, SEC_OID_DHSINGLEPASS_COFACTORDH_SHA1KDF_SCHEME,
+ "Eliptic Curve Diffie-Hellman Single Pass Cofactor with SHA1 KDF", CKM_ECDH1_COFACTOR_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(dhSinglePasscofactorDHsha224kdfscheme, SEC_OID_DHSINGLEPASS_COFACTORDH_SHA224KDF_SCHEME,
+ "Eliptic Curve Diffie-Hellman Single Pass Cofactor with SHA224 KDF", CKM_ECDH1_COFACTOR_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(dhSinglePasscofactorDHsha256kdfscheme, SEC_OID_DHSINGLEPASS_COFACTORDH_SHA256KDF_SCHEME,
+ "Eliptic Curve Diffie-Hellman Single Pass Cofactor with SHA256 KDF", CKM_ECDH1_COFACTOR_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(dhSinglePasscofactorDHsha384kdfscheme, SEC_OID_DHSINGLEPASS_COFACTORDH_SHA384KDF_SCHEME,
+ "Eliptic Curve Diffie-Hellman Single Pass Cofactor with SHA384 KDF", CKM_ECDH1_COFACTOR_DERIVE,
+ INVALID_CERT_EXTENSION),
+ OD(dhSinglePasscofactorDHsha512kdfscheme, SEC_OID_DHSINGLEPASS_COFACTORDH_SHA512KDF_SCHEME,
+ "Eliptic Curve Diffie-Hellman Single Pass Cofactor with SHA512 KDF", CKM_ECDH1_COFACTOR_DERIVE,
+ INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_RC2_64_CBC, "RC2-64-CBC", CKM_RC2_CBC, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_RC2_128_CBC, "RC2-128-CBC", CKM_RC2_CBC, INVALID_CERT_EXTENSION),
+ ODE(SEC_OID_ECDH_KEA, "ECDH", CKM_ECDH1_DERIVE, INVALID_CERT_EXTENSION),
};
/* PRIVATE EXTENDED SECOID Table
@@ -1970,6 +2018,7 @@ secoid_FindDynamicByTag(SECOidTag tagnum)
SECOidTag
SECOID_AddEntry(const SECOidData *src)
{
+ dynXOid *ddst;
SECOidData *dst;
dynXOid **table;
SECOidTag ret = SEC_OID_UNKNOWN;
@@ -2031,10 +2080,11 @@ SECOID_AddEntry(const SECOidData *src)
}
/* copy oid structure */
- dst = (SECOidData *)PORT_ArenaZNew(dynOidPool, dynXOid);
- if (!dst) {
+ ddst = PORT_ArenaZNew(dynOidPool, dynXOid);
+ if (!ddst) {
goto done;
}
+ dst = &ddst->data;
rv = SECITEM_CopyItem(dynOidPool, &dst->oid, &src->oid);
if (rv != SECSuccess) {
goto done;
@@ -2046,10 +2096,12 @@ SECOID_AddEntry(const SECOidData *src)
dst->offset = (SECOidTag)(used + SEC_OID_TOTAL);
dst->mechanism = src->mechanism;
dst->supportedExtension = src->supportedExtension;
+ /* disable S/MIME for new oids by default */
+ ddst->priv.notPolicyFlags = NSS_USE_ALG_IN_SMIME;
rv = secoid_HashDynamicOiddata(dst);
if (rv == SECSuccess) {
- table[used++] = (dynXOid *)dst;
+ table[used++] = ddst;
dynOidEntriesUsed = used;
ret = dst->offset;
}
@@ -2068,7 +2120,8 @@ secoid_HashNumber(const void *key)
return (PLHashNumber)((char *)key - (char *)NULL);
}
-#define DEF_FLAGS (NSS_USE_ALG_IN_CERT_SIGNATURE | NSS_USE_ALG_IN_SSL_KX | NSS_USE_ALG_IN_SSL_KX)
+#define DEF_FLAGS (NSS_USE_ALG_IN_CERT_SIGNATURE | NSS_USE_ALG_IN_SSL_KX | \
+ NSS_USE_ALG_IN_SMIME | NSS_USE_ALG_IN_PKCS12)
static void
handleHashAlgSupport(char *envVal)
{
@@ -2120,14 +2173,14 @@ SECOID_Init(void)
if (!PR_GetEnvSecure("NSS_ALLOW_WEAK_SIGNATURE_ALG")) {
/* initialize any policy flags that are disabled by default */
- xOids[SEC_OID_MD2].notPolicyFlags = ~0;
- xOids[SEC_OID_MD4].notPolicyFlags = ~0;
- xOids[SEC_OID_MD5].notPolicyFlags = ~0;
+ xOids[SEC_OID_MD2].notPolicyFlags = ~NSS_USE_ALG_IN_PKCS12_DECRYPT;
+ xOids[SEC_OID_MD4].notPolicyFlags = ~NSS_USE_ALG_IN_PKCS12_DECRYPT;
+ xOids[SEC_OID_MD5].notPolicyFlags = ~NSS_USE_ALG_IN_PKCS12_DECRYPT;
xOids[SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION].notPolicyFlags = ~0;
xOids[SEC_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION].notPolicyFlags = ~0;
xOids[SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION].notPolicyFlags = ~0;
- xOids[SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC].notPolicyFlags = ~0;
- xOids[SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC].notPolicyFlags = ~0;
+ xOids[SEC_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC].notPolicyFlags = ~NSS_USE_ALG_IN_PKCS12_DECRYPT;
+ xOids[SEC_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC].notPolicyFlags = ~NSS_USE_ALG_IN_PKCS12_DECRYPT;
}
/* turn off NSS_USE_POLICY_IN_SSL by default */
@@ -2177,6 +2230,10 @@ SECOID_Init(void)
}
PORT_Assert(i == SEC_OID_TOTAL);
+ /* finally, clear S/MIME from the policy oids. If no one turns on any
+ * S/MIME policies after this, then S/MIME will enable the traditional
+ * algs when it initializes */
+ (void)NSS_SetAlgorithmPolicyAll(0, NSS_USE_ALG_IN_SMIME);
return (SECSuccess);
}
@@ -2264,6 +2321,24 @@ SECOID_FindOIDTagDescription(SECOidTag tagnum)
return oidData ? oidData->desc : 0;
}
+/* return the total tags, including dymamic tags. NOTE: there is
+ * a race between getting this value and adding new tags, but that
+ * race is only a race against seeing the newly added tags, total
+ * tags only ever grows, so it's safe to use the output of this in
+ * loops. */
+SECOidTag
+SECOID_GetTotalTags(void)
+{
+ SECOidTag total;
+
+ /* get the lock to make sure we don't catch and inconsistant value
+ * for dynOidEntriesUsed. */
+ NSSRWLock_LockRead(dynOidLock);
+ total = SEC_OID_TOTAL + dynOidEntriesUsed;
+ NSSRWLock_UnlockRead(dynOidLock);
+ return total;
+}
+
/* --------- opaque extended OID table accessor functions ---------------*/
/*
* Any of these functions may return SECSuccess or SECFailure with the error
@@ -2329,6 +2404,76 @@ NSS_SetAlgorithmPolicy(SECOidTag tag, PRUint32 setBits, PRUint32 clearBits)
return SECSuccess;
}
+/* set or clear a particular policy algorithm for all oids */
+SECStatus
+NSS_SetAlgorithmPolicyAll(PRUint32 setBits, PRUint32 clearBits)
+{
+ SECOidTag tag;
+ /* call this once,not once per loop */
+ SECOidTag lastTag = SECOID_GetTotalTags();
+
+ for (tag = SEC_OID_UNKNOWN; tag < lastTag; tag++) {
+ SECStatus rv = NSS_SetAlgorithmPolicy(tag, setBits, clearBits);
+ /* there are only 2 reasons SetAlgorithmPolicy can fail:
+ * 1) we passed an invalid tag, or 2) policy is locked.
+ * The first case should not happen because we are only looping
+ * through known good tags. In the second case, we will always fail,
+ * so there is no point continuing our loop */
+ if (rv != SECSuccess) {
+ return rv;
+ }
+ }
+ return SECSuccess;
+}
+
+/* return all the tags whose valueBits match the mask. */
+SECStatus
+NSS_GetAlgorithmPolicyAll(PRUint32 maskBits, PRUint32 valueBits,
+ SECOidTag **outTags, int *outTagCount)
+{
+ SECOidTag *tags;
+ SECOidTag tag;
+ /* call this once,not once per loop */
+ SECOidTag lastTag = SECOID_GetTotalTags();
+ int tagCount, tableSize;
+
+ tags = *outTags = NULL;
+ tableSize = tagCount = *outTagCount = 0;
+
+ for (tag = SEC_OID_UNKNOWN; tag < lastTag; tag++) {
+ PRUint32 policy;
+ SECStatus rv = NSS_GetAlgorithmPolicy(tag, &policy);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ if ((policy & maskBits) == valueBits) {
+ /* add found tag to the table, grow it if necessary */
+ if (tagCount >= tableSize) {
+ int newTableSize = tableSize + 16;
+ SECOidTag *newTags;
+ newTags = (SECOidTag *)PORT_Realloc(tags,
+ newTableSize *
+ sizeof(SECOidTag));
+ if (newTags == NULL) {
+ goto loser;
+ }
+ tags = newTags;
+ tableSize = newTableSize;
+ }
+ tags[tagCount++] = tag;
+ }
+ }
+ *outTags = tags;
+ *outTagCount = tagCount;
+ return SECSuccess;
+loser:
+ if (tags) {
+ PORT_Free(tags);
+ }
+ /* failing function already called PORT_SetError() */
+ return SECFailure;
+}
+
/* Get the state of nss_policy_locked */
PRBool
NSS_IsPolicyLocked(void)
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-24 20:05:31 +0000