Remove dead old FORTEZZA KEA code. Coverity bug 337098. r=rrelyea,wtchang

2006-05-18 20:24:23 +00:00 · 2006-05-18 20:24:23 +00:00 · 000e1bafa1
--- a/security/nss/lib/pk11wrap/pk11kea.c
+++ b/security/nss/lib/pk11wrap/pk11kea.c
@ -157,82 +157,6 @@ rsa_failed:

 	return  newSymKey;
    }
-    /* KEA */
-    if (PK11_DoesMechanism(symKey->slot, CKM_KEA_KEY_DERIVE) && 
-				PK11_DoesMechanism(slot,CKM_KEA_KEY_DERIVE)) {
-	CERTCertificate *certSource = NULL;
-	CERTCertificate *certTarget = NULL;
-	SECKEYPublicKey *pubKeySource = NULL;
-	SECKEYPublicKey *pubKeyTarget = NULL;
-	SECKEYPrivateKey *privKeySource = NULL;
-	SECKEYPrivateKey *privKeyTarget = NULL;
-	PK11SymKey *tekSource = NULL;
-	PK11SymKey *tekTarget = NULL;
-	SECItem Ra,wrap;
-
-	/* can only exchange skipjack keys */
-	if ((type != CKM_SKIPJACK_CBC64) || (isPerm)) {
-    	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    goto kea_failed;
-	}
-
-	/* find a pair of certs we can use */
-	rv = PK11_GetKEAMatchedCerts(symKey->slot,slot,&certSource,&certTarget);
-	if (rv != SECSuccess) goto kea_failed;
-
-	/* get all the key pairs */
-	pubKeyTarget = CERT_ExtractPublicKey(certSource);
-	pubKeySource = CERT_ExtractPublicKey(certTarget);
-	privKeySource = 
-		PK11_FindKeyByDERCert(symKey->slot,certSource,symKey->cx);
-	privKeyTarget = 
-		PK11_FindKeyByDERCert(slot,certTarget,symKey->cx);
-
-	if ((pubKeySource == NULL) || (pubKeyTarget == NULL) ||
-	  (privKeySource == NULL) || (privKeyTarget == NULL)) goto kea_failed;
-
-	/* generate the wrapping TEK's */
-	Ra.data = (unsigned char*)PORT_Alloc(128 /* FORTEZZA RA MAGIC */);
-	Ra.len = 128;
-	if (Ra.data == NULL) goto kea_failed;
-
-	tekSource = PK11_PubDerive(privKeySource,pubKeyTarget,PR_TRUE,&Ra,NULL,
-		CKM_SKIPJACK_WRAP, CKM_KEA_KEY_DERIVE,CKA_WRAP,0,symKey->cx);
-	tekTarget = PK11_PubDerive(privKeyTarget,pubKeySource,PR_FALSE,&Ra,NULL,
-		CKM_SKIPJACK_WRAP, CKM_KEA_KEY_DERIVE,CKA_WRAP,0,symKey->cx);
-	PORT_Free(Ra.data);
-
-	if ((tekSource == NULL) || (tekTarget == NULL)) { goto kea_failed; }
-
-	/* wrap the key out of Source into target */
-	wrap.data = (unsigned char*)PORT_Alloc(12); /* MAGIC SKIPJACK LEN */
-	wrap.len = 12;
-
-	/* paranoia to prevent infinite recursion on bugs */
-	PORT_Assert(tekSource->slot == symKey->slot);
-	if (tekSource->slot != symKey->slot) {
-    	    PORT_SetError( SEC_ERROR_NO_MODULE );
-	    goto kea_failed;
-	}
-
-	rv = PK11_WrapSymKey(CKM_SKIPJACK_WRAP,NULL,tekSource,symKey,&wrap);
-	if (rv == SECSuccess) {
-	    newSymKey = PK11_UnwrapSymKeyWithFlags(tekTarget, 
-			CKM_SKIPJACK_WRAP, NULL,
-			&wrap, type, operation, flags, symKey->size);
-	}
-	PORT_Free(wrap.data);
-kea_failed:
-	if (certSource == NULL) CERT_DestroyCertificate(certSource);
-	if (certTarget == NULL) CERT_DestroyCertificate(certTarget);
-	if (pubKeySource == NULL) SECKEY_DestroyPublicKey(pubKeySource);
-	if (pubKeyTarget == NULL) SECKEY_DestroyPublicKey(pubKeyTarget);
-	if (privKeySource == NULL) SECKEY_DestroyPrivateKey(privKeySource);
-	if (privKeyTarget == NULL) SECKEY_DestroyPrivateKey(privKeyTarget);
-	if (tekSource == NULL) PK11_FreeSymKey(tekSource);
-	if (tekTarget == NULL) PK11_FreeSymKey(tekTarget);
-	return newSymKey;
-    }
    PORT_SetError( SEC_ERROR_NO_MODULE );
    return NULL;
 }