Fix a crash. An attempt to move a sensitive key longer than 48 bytes

from one token to another will no longer crash. Instead, it will fail with the new error code SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY. Bug 97887. In addition, DHE key pairs are now generated with CKA_SENSITIVE false.
2001-09-06 03:00:39 +00:00 · 2001-09-06 03:00:39 +00:00 · 6fe8beb4fb
--- a/security/nss/cmd/lib/SECerrs.h
+++ b/security/nss/cmd/lib/SECerrs.h
@ -355,7 +355,8 @@ ER3(SEC_ERROR_BAD_NICKNAME,			(SEC_ERROR_BASE + 103),
 ER3(SEC_ERROR_NOT_FORTEZZA_ISSUER,       	(SEC_ERROR_BASE + 104),
 "Peer FORTEZZA chain has a non-FORTEZZA Certificate.")

-/* ER3(SEC_ERROR_UNKNOWN, 			(SEC_ERROR_BASE + 105), */
+ER3(SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY, 	(SEC_ERROR_BASE + 105),
+"A sensitive key cannot be moved to the slot where it is needed.")

 ER3(SEC_ERROR_JS_INVALID_MODULE_NAME, 		(SEC_ERROR_BASE + 106),
 "Invalid module name.")
--- a/security/nss/lib/cryptohi/seckey.c
+++ b/security/nss/lib/cryptohi/seckey.c
@ -139,11 +139,10 @@ const SEC_ASN1Template SECKEY_KEAParamsTemplate[] = {
    { 0, }
 };

-
-/*
- * NOTE: This only generates RSA Private Key's. If you need more,
- * We need to pass in some more params...
- */
+/* Create an RSA key pair is any slot able to do so.
+** The created keys are "session" (temporary), not "token" (permanent), 
+** and they are "sensitive", which makes them costly to move to another token.
+*/
 SECKEYPrivateKey *
 SECKEY_CreateRSAPrivateKey(int keySizeInBits,SECKEYPublicKey **pubk, void *cx)
 {
@ -160,14 +159,25 @@ SECKEY_CreateRSAPrivateKey(int keySizeInBits,SECKEYPublicKey **pubk, void *cx)
    return(privk);
 }

+/* Create a DH key pair in any slot able to do so, 
+** This is a "session" (temporary), not "token" (permanent) key. 
+** Because of the high probability that this key will need to be moved to
+** another token, and the high cost of moving "sensitive" keys, we attempt
+** to create this key pair without the "sensitive" attribute, but revert to 
+** creating a "sensitive" key if necessary.
+*/
 SECKEYPrivateKey *
 SECKEY_CreateDHPrivateKey(DHParams *param, SECKEYPublicKey **pubk, void *cx)
 {
    SECKEYPrivateKey *privk;
    PK11SlotInfo *slot = PK11_GetBestSlot(CKM_DH_PKCS_KEY_PAIR_GEN,cx);
-    
-    privk = PK11_GenerateKeyPair(slot,CKM_DH_PKCS_KEY_PAIR_GEN,param,pubk,
-					PR_FALSE, PR_TRUE, cx);
+
+    privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN, param, 
+                                 pubk, PR_FALSE, PR_FALSE, cx);
+    if (!privk) 
+	privk = PK11_GenerateKeyPair(slot, CKM_DH_PKCS_KEY_PAIR_GEN, param, 
+	                             pubk, PR_FALSE, PR_TRUE, cx);
+
    PK11_FreeSlot(slot);
    return(privk);
 }
--- a/security/nss/lib/pk11wrap/pk11kea.c
+++ b/security/nss/lib/pk11wrap/pk11kea.c
@ -99,18 +99,25 @@ pk11_KeyExchange(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
 	    privKeyHandle = PK11_MatchItem(slot,pubKeyHandle,CKO_PRIVATE_KEY);
 	}

-	/* if no key exits, generate a key pair */
+	/* if no key exists, generate a key pair */
 	if (privKeyHandle == CK_INVALID_KEY) {
-	    unsigned int     keyLength = PK11_GetKeyLength(symKey);
+	    unsigned int     symKeyLength = PK11_GetKeyLength(symKey);
 	    PK11RSAGenParams rsaParams;

+	    if (symKeyLength > 60) /* bytes */ {
+		/* we'd have to generate an RSA key pair > 512 bits long,
+		** and that's too costly.  Don't even try. 
+		*/
+		PORT_SetError( SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY );
+		goto rsa_failed;
+	    }
 	    rsaParams.keySizeInBits = 
-		((keyLength == 0) || (keyLength > 16)) ? 512 : 256;
+	        (symKeyLength > 28 || symKeyLength == 0) ? 512 : 256;
 	    rsaParams.pe  = 0x10001;
 	    privKey = PK11_GenerateKeyPair(slot,CKM_RSA_PKCS_KEY_PAIR_GEN, 
-		&rsaParams, &pubKey,PR_FALSE,PR_TRUE,symKey->cx);
+			    &rsaParams, &pubKey,PR_FALSE,PR_TRUE,symKey->cx);
 	} else {
-	    /* if key's exist, build SECKEY data structures for them */
+	    /* if keys exist, build SECKEY data structures for them */
 	    privKey = PK11_MakePrivKey(slot,nullKey, PR_TRUE, privKeyHandle,
 					symKey->cx);
 	    if (privKey != NULL) {
--- a/security/nss/lib/util/secerr.h
+++ b/security/nss/lib/util/secerr.h
@ -149,7 +149,7 @@ SEC_ERROR_INVALID_PASSWORD 		    =	(SEC_ERROR_BASE + 101),
 SEC_ERROR_RETRY_OLD_PASSWORD 		    =	(SEC_ERROR_BASE + 102),
 SEC_ERROR_BAD_NICKNAME 			    =	(SEC_ERROR_BASE + 103),
 SEC_ERROR_NOT_FORTEZZA_ISSUER 		    = 	(SEC_ERROR_BASE + 104),
-/* UNUSED                                       (SEC_ERROR_BASE + 105) */
+SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY         =   (SEC_ERROR_BASE + 105),
 SEC_ERROR_JS_INVALID_MODULE_NAME 	    =	(SEC_ERROR_BASE + 106),
 SEC_ERROR_JS_INVALID_DLL 		    =	(SEC_ERROR_BASE + 107),
 SEC_ERROR_JS_ADD_MOD_FAILURE 		    =	(SEC_ERROR_BASE + 108),