Land latest SDR changes on the tip.

2000-05-17 01:20:20 +00:00 · 2000-05-17 01:20:20 +00:00 · 4ab73df7ec
--- a/security/psm/lib/client/cmtcmn.h
+++ b/security/psm/lib/client/cmtcmn.h
@ -2188,6 +2188,9 @@ CMTStatus CMT_FlushPendingRandomData(PCMT_CONTROL control);
 * INPUTS
 *    control
 *        A control connection that has been established with the psm server.
+ *    ctx
+ *        A pointer to application defined context.  It will be returned with
+ *        the password callback request.
 *    key
 *        A buffer containing the key identifier to use for encrypting. May
 *        be NULL if keyLen is 0, which uses the "default" key.
@ -2208,7 +2211,7 @@ CMTStatus CMT_FlushPendingRandomData(PCMT_CONTROL control);
 *     CMTSuccess - the encryption worked.
 *     CMTFailure - some (unspecified) error occurred  (needs work)
 */
-CMTStatus CMT_SDREncrypt(PCMT_CONTROL control, 
+CMTStatus CMT_SDREncrypt(PCMT_CONTROL control, void *ctx,
               const unsigned char *key, CMUint32 keyLen,
               const unsigned char *data, CMUint32 dataLen,
               unsigned char **result, CMUint32 *resultLen);
@ -2219,6 +2222,9 @@ CMTStatus CMT_SDREncrypt(PCMT_CONTROL control,
 * INPUTS
 *    control
 *        A control connection that has been established with the psm server.
+ *    ctx
+ *        A pointer to application defined context.  It will be returned with
+ *        the password callback request.
 *    data
 *        A buffer containing the the results of a call to SDREncrypt
 *    dataLen
@ -2234,10 +2240,27 @@ CMTStatus CMT_SDREncrypt(PCMT_CONTROL control,
 *     CMTSuccess - the encryption worked.
 *     CMTFailure - some (unspecified) error occurred  (needs work)
 */
-CMTStatus CMT_SDRDecrypt(PCMT_CONTROL control, 
+CMTStatus CMT_SDRDecrypt(PCMT_CONTROL control, void *ctx,
               const unsigned char *data, CMUint32 dataLen,
               unsigned char **result, CMUint32 *resultLen);

+/*
+ * FUNCTION: CMT_SDRChangePassword
+ * ----------------------------------
+ * INPUTS
+ *    control
+ *        A control connection that has been established with the psm server.
+ *    ctx
+ *        A context pointer that may be provided in callbacks
+ * NOTES
+ *
+ * RETURN
+ *     CMTSuccess - the operation completed normally.
+ *     CMTFailure - some (unspecified) error occurred. (probably not useful)
+ */
+CMTStatus CMT_SDRChangePassword(PCMT_CONTROL control, void *ctx);
+
+
 /* Lock operations */
 void CMT_LockConnection(PCMT_CONTROL control);
 void CMT_UnlockConnection(PCMT_CONTROL control);
--- a/security/psm/lib/client/cmtsdr.c
+++ b/security/psm/lib/client/cmtsdr.c
@ -87,7 +87,8 @@ tmp_SendMessage(PCMT_CONTROL control, CMTItem *message)
 /* End test code */

 CMTStatus
-CMT_SDREncrypt(PCMT_CONTROL control, const unsigned char *key, CMUint32 keyLen,
+CMT_SDREncrypt(PCMT_CONTROL control, void *ctx,
+               const unsigned char *key, CMUint32 keyLen,
               const unsigned char *data, CMUint32 dataLen,
               unsigned char **result, CMUint32 *resultLen)
 {
@ -99,6 +100,7 @@ CMT_SDREncrypt(PCMT_CONTROL control, const unsigned char *key, CMUint32 keyLen,
  /* Fill in the request */
  request.keyid = CMT_CopyDataToItem(key, keyLen);
  request.data = CMT_CopyDataToItem(data, dataLen);
+  request.ctx = CMT_CopyPtrToItem(ctx);

  reply.item.data = 0;
  reply.item.len = 0;
@ -133,29 +135,33 @@ loser:
  if (message.data) free(message.data);
  if (request.keyid.data) free(request.keyid.data);
  if (request.data.data) free(request.data.data);
+  if (request.ctx.data) free(request.ctx.data);
  if (reply.item.data) free(reply.item.data);

  return rv; /* need return value */
 }

 CMTStatus
-CMT_SDRDecrypt(PCMT_CONTROL control, const unsigned char *data, CMUint32 dataLen,
+CMT_SDRDecrypt(PCMT_CONTROL control, void *ctx,
+               const unsigned char *data, CMUint32 dataLen,
               unsigned char **result, CMUint32 *resultLen)
 {
  CMTStatus rv;
  CMTItem message;
-  SingleItemMessage request;
+  DecryptRequestMessage request;
  SingleItemMessage reply;

  /* Fill in the request */
-  request.item = CMT_CopyDataToItem(data, dataLen);
+  request.data = CMT_CopyDataToItem(data, dataLen);
+  request.ctx = CMT_CopyPtrToItem(ctx);
+
  reply.item.data = 0;
  reply.item.len = 0;
  message.data = 0;
  message.len = 0;

  /* Encode */
-  rv = CMT_EncodeMessage(SingleItemMessageTemplate, &message, &request);
+  rv = CMT_EncodeMessage(DecryptRequestTemplate, &message, &request);
  if (rv != CMTSuccess) {
    goto loser;
  }
@ -180,8 +186,52 @@ CMT_SDRDecrypt(PCMT_CONTROL control, const unsigned char *data, CMUint32 dataLen

 loser:
  if (message.data) free(message.data);
-  if (request.item.data) free(request.item.data);
+  if (request.data.data) free(request.data.data);
+  if (request.ctx.data) free(request.ctx.data);
  if (reply.item.data) free(reply.item.data);

  return rv; /* need return value */
 }
+
+CMTStatus
+CMT_SDRChangePassword(PCMT_CONTROL control, void *ctx)
+{
+  CMTStatus rv = CMTSuccess;
+  CMTItem message;
+  SingleItemMessage request;
+  SingleNumMessage reply;
+
+  /* Fill in the request */
+  request.item = CMT_CopyPtrToItem(ctx);
+
+  message.data = 0;
+  message.len = 0;
+
+  /* Encode */
+  rv = CMT_EncodeMessage(SingleItemMessageTemplate, &message, &request);
+  if (rv != CMTSuccess) {
+    goto loser;
+  }
+
+  message.type = (SSM_REQUEST_MESSAGE|SSM_MISC_ACTION|SSM_MISC_UI|SSM_UI_CHANGE_PASSWORD);
+
+  /* Send */
+  rv = CMT_SendMessage(control, &message);
+  if (rv != CMTSuccess) goto loser;
+
+  if (message.type != 
+     (SSM_REPLY_OK_MESSAGE|SSM_MISC_ACTION|SSM_MISC_UI|SSM_UI_CHANGE_PASSWORD)) { 
+    rv = CMTFailure;
+    goto loser; 
+  }
+
+  rv = CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message);
+  if (rv != CMTSuccess)
+    goto loser;
+
+loser:
+  if (request.item.data) free(request.item.data);
+  if (message.data) free(message.data);
+
+  return rv; /* need return value */
+}
--- a/security/psm/lib/client/manifest.mn
+++ b/security/psm/lib/client/manifest.mn
@ -54,6 +54,7 @@ CSRCS = cmtinit.c  \
        cmtpasswd.c \
 	cmtadvisor.c \
 	cmtrng.c \
+	cmtsdr.c \
 	$(NULL)

 REQUIRES = nspr security
--- a/security/psm/lib/protocol/messages.h
+++ b/security/psm/lib/protocol/messages.h
@ -599,6 +599,7 @@ typedef struct EncryptRequestMessage
 {
  CMTItem keyid;  /* May have length 0 for default */
  CMTItem data;
+  CMTItem ctx;  /* serialized void* ptr */
 } EncryptRequestMessage;

 extern CMTMessageTemplate EncryptRequestTemplate[];
@ -606,8 +607,12 @@ extern CMTMessageTemplate EncryptRequestTemplate[];
 typedef struct SingleItemMessage EncryptReplyMessage;
 #define EncryptReplyTemplate SingleItemMessageTemplate

-typedef struct SingleItemMessage DecryptRequestMessage;
-#define DecryptRequestTemplate SingleItemMessageTemplate
+typedef struct DecryptRequestMessage
+{
+  CMTItem data;
+  CMTItem ctx;  /* serialized void* ptr */
+} DecryptRequestMessage;
+extern CMTMessageTemplate DecryptRequestTemplate[];

 typedef struct SingleItemMessage DecryptReplyMessage;
 #define DecryptReplyTemplate SingleItemMessageTemplate
--- a/security/psm/lib/protocol/protocolshr.c
+++ b/security/psm/lib/protocol/protocolshr.c
@ -53,6 +53,7 @@ CMT_DoEncryptionRequest(CMTItem *message)
  /* Initialize */
  request.keyid.data = 0;
  request.data.data = 0;
+  reply.item.data = 0;

  /* Decode incoming message */
  rv = CMT_DecodeMessage(EncryptRequestTemplate, &request, message);
@ -82,6 +83,8 @@ CMT_DoEncryptionRequest(CMTItem *message)
 loser:
  if (request.keyid.data) free(request.keyid.data);
  if (request.data.data) free(request.data.data);
+  if (request.ctx.data) free(request.ctx.data);
+  if (reply.item.data) free(reply.item.data);

  return rv;
 }
@ -96,7 +99,8 @@ CMT_DoDecryptionRequest(CMTItem *message)
  CMUint32 pLen = strlen(kPrefix);

  /* Initialize */
-  request.item.data = 0;
+  request.data.data = 0;
+  request.ctx.data = 0;
  reply.item.data = 0;

  /* Decode the message */
@ -108,16 +112,16 @@ CMT_DoDecryptionRequest(CMTItem *message)
  message->data = NULL;

  /* "Decrypt" the message by removing the key */
-  if (pLen && memcmp(request.item.data, kPrefix, pLen) != 0) {
+  if (pLen && memcmp(request.data.data, kPrefix, pLen) != 0) {
    rv = CMTFailure;  /* Invalid format */
    goto loser;
  }

-  reply.item.len = request.item.len - pLen;
+  reply.item.len = request.data.len - pLen;
  reply.item.data = calloc(reply.item.len, 1);
  if (!reply.item.data) { rv = CMTFailure;  goto loser; }

-  memcpy(reply.item.data, &request.item.data[pLen], reply.item.len);
+  memcpy(reply.item.data, &request.data.data[pLen], reply.item.len);
  decrypt(&reply.item);

  /* Create reply message */
@ -126,7 +130,8 @@ CMT_DoDecryptionRequest(CMTItem *message)
  if (rv != CMTSuccess) goto loser;

 loser:
-  if (request.item.data) free(request.item.data);
+  if (request.data.data) free(request.data.data);
+  if (request.ctx.data) free(request.ctx.data);
  if (reply.item.data) free(reply.item.data);

  return rv;
--- a/security/psm/lib/protocol/ssmdefs.h
+++ b/security/psm/lib/protocol/ssmdefs.h
@ -200,6 +200,10 @@ typedef struct _SSMString SSMString;
 #define SSM_MISC_PUT_RNG_DATA      0x00000200
 #define SSM_MISC_SDR_ENCRYPT       0x00000300
 #define SSM_MISC_SDR_DECRYPT       0x00000400
+#define SSM_MISC_UI                0x00000500
+
+/* specific UI requests */
+#define SSM_UI_CHANGE_PASSWORD     0x00000010

 #define SSM_SDR_ENCRYPT_REQUEST \
  (SSM_REQUEST_MESSAGE|SSM_MISC_ACTION|SSM_MISC_SDR_ENCRYPT)
--- a/security/psm/lib/protocol/templates.c
+++ b/security/psm/lib/protocol/templates.c
@ -616,5 +616,13 @@ CMTMessageTemplate EncryptRequestTemplate[] =
 {
  { CMT_DT_ITEM, offsetof(EncryptRequestMessage, keyid) },
  { CMT_DT_ITEM, offsetof(EncryptRequestMessage, data) },
+  { CMT_DT_ITEM, offsetof(EncryptRequestMessage, ctx) },
+  { CMT_DT_END }
+};
+
+CMTMessageTemplate DecryptRequestTemplate[] =
+{
+  { CMT_DT_ITEM, offsetof(DecryptRequestMessage, data) },
+  { CMT_DT_ITEM, offsetof(DecryptRequestMessage, ctx) },
  { CMT_DT_END }
 };