From de2d7f049eb4462c7442795a77a8a915ae70d216 Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <ftweedal@redhat.com>
Date: Mon, 3 Apr 2017 11:07:24 +1000
Subject: [PATCH 0/2] Add SEC_OID mappings for AES ECB/CBC algorithms

---
 org/mozilla/jss/crypto/Algorithm.c              |  8 +++++++-
 org/mozilla/jss/crypto/Algorithm.h              |  2 +-
 org/mozilla/jss/crypto/Algorithm.java           |  8 ++++++++
 org/mozilla/jss/crypto/EncryptionAlgorithm.java | 18 ++++++++++++------
 4 files changed, 28 insertions(+), 8 deletions(-)

diff --git a/org/mozilla/jss/crypto/Algorithm.c b/org/mozilla/jss/crypto/Algorithm.c
index 8679eadca573fdb2bc7903c3e5d0a1a05d4bbd2f..d32bcad469c45c9edcdd5bedfa5e98f2fab0e3a2 100644
--- a/org/mozilla/jss/crypto/Algorithm.c
+++ b/org/mozilla/jss/crypto/Algorithm.c
@@ -86,7 +86,13 @@ JSS_AlgInfo JSS_AlgTable[NUM_ALGS] = {
 /* 55 */    {SEC_OID_PKCS5_PBMAC1, SEC_OID_TAG},
 /* 56 */    {SEC_OID_ANSIX962_ECDSA_SIGNATURE_SPECIFIED_DIGEST, SEC_OID_TAG},
 /* 57 */    {CKM_NSS_AES_KEY_WRAP, PK11_MECH},
-/* 58 */    {CKM_NSS_AES_KEY_WRAP_PAD, PK11_MECH}
+/* 58 */    {CKM_NSS_AES_KEY_WRAP_PAD, PK11_MECH},
+/* 59 */    {SEC_OID_AES_128_ECB, SEC_OID_TAG},
+/* 60 */    {SEC_OID_AES_128_CBC, SEC_OID_TAG},
+/* 61 */    {SEC_OID_AES_192_ECB, SEC_OID_TAG},
+/* 62 */    {SEC_OID_AES_192_CBC, SEC_OID_TAG},
+/* 63 */    {SEC_OID_AES_256_ECB, SEC_OID_TAG},
+/* 64 */    {SEC_OID_AES_256_CBC, SEC_OID_TAG}
 /* REMEMBER TO UPDATE NUM_ALGS!!! */
 };
 
diff --git a/org/mozilla/jss/crypto/Algorithm.h b/org/mozilla/jss/crypto/Algorithm.h
index ec2dddb76e66187fce29051069d84293315199f0..c18623185184590799c3c2e0f0627579661051f7 100644
--- a/org/mozilla/jss/crypto/Algorithm.h
+++ b/org/mozilla/jss/crypto/Algorithm.h
@@ -24,7 +24,7 @@ typedef struct JSS_AlgInfoStr {
     JSS_AlgType type;
 } JSS_AlgInfo;
 
-#define NUM_ALGS 59
+#define NUM_ALGS 65
 
 extern JSS_AlgInfo JSS_AlgTable[];
 extern CK_ULONG JSS_symkeyUsage[];
diff --git a/org/mozilla/jss/crypto/Algorithm.java b/org/mozilla/jss/crypto/Algorithm.java
index 919c2ece0608418015a2f05e7c363cdd70a2b16a..1818bd4703b8d55ae81a64d468a5ade890b21382 100644
--- a/org/mozilla/jss/crypto/Algorithm.java
+++ b/org/mozilla/jss/crypto/Algorithm.java
@@ -212,4 +212,12 @@ public class Algorithm {
     protected static final short SEC_OID_ANSIX962_ECDSA_SIGNATURE_SPECIFIED_DIGEST=56;
     protected static final short CKM_NSS_AES_KEY_WRAP=57;
     protected static final short CKM_NSS_AES_KEY_WRAP_PAD=58;
+
+    // AES Encryption Algorithms
+    protected static final short SEC_OID_AES_128_ECB = 59;
+    protected static final short SEC_OID_AES_128_CBC = 60;
+    protected static final short SEC_OID_AES_192_ECB = 61;
+    protected static final short SEC_OID_AES_192_CBC = 62;
+    protected static final short SEC_OID_AES_256_ECB = 63;
+    protected static final short SEC_OID_AES_256_CBC = 64;
 }
diff --git a/org/mozilla/jss/crypto/EncryptionAlgorithm.java b/org/mozilla/jss/crypto/EncryptionAlgorithm.java
index db10305c14f7c5d75920624c1243feae09b0c92a..8e389b47035d51f073a9005756aed0cde915e024 100644
--- a/org/mozilla/jss/crypto/EncryptionAlgorithm.java
+++ b/org/mozilla/jss/crypto/EncryptionAlgorithm.java
@@ -347,12 +347,14 @@ public class EncryptionAlgorithm extends Algorithm {
             { 2, 16, 840, 1, 101, 3, 4, 1 } );
 
     public static final EncryptionAlgorithm
-    AES_128_ECB = new EncryptionAlgorithm(CKM_AES_ECB, Alg.AES, Mode.ECB,
+    AES_128_ECB = new EncryptionAlgorithm(SEC_OID_AES_128_ECB,
+        Alg.AES, Mode.ECB,
         Padding.NONE, (Class)null, 16,
         AES_ROOT_OID.subBranch(1), 128);
 
     public static final EncryptionAlgorithm
-    AES_128_CBC = new EncryptionAlgorithm(CKM_AES_CBC, Alg.AES, Mode.CBC,
+    AES_128_CBC = new EncryptionAlgorithm(SEC_OID_AES_128_CBC,
+        Alg.AES, Mode.CBC,
         Padding.NONE, IVParameterSpecClasses, 16,
         AES_ROOT_OID.subBranch(2), 128);
 
@@ -361,11 +363,13 @@ public class EncryptionAlgorithm extends Algorithm {
         Padding.PKCS5, IVParameterSpecClasses, 16, null, 128); // no oid
     
     public static final EncryptionAlgorithm
-    AES_192_ECB = new EncryptionAlgorithm(CKM_AES_ECB, Alg.AES, Mode.ECB,
+    AES_192_ECB = new EncryptionAlgorithm(SEC_OID_AES_192_ECB,
+        Alg.AES, Mode.ECB,
         Padding.NONE, (Class)null, 16, AES_ROOT_OID.subBranch(21), 192);
 
     public static final EncryptionAlgorithm
-    AES_192_CBC = new EncryptionAlgorithm(CKM_AES_CBC, Alg.AES, Mode.CBC,
+    AES_192_CBC = new EncryptionAlgorithm(SEC_OID_AES_192_CBC,
+        Alg.AES, Mode.CBC,
         Padding.NONE, IVParameterSpecClasses, 16,
         AES_ROOT_OID.subBranch(22), 192);
     
@@ -374,11 +378,13 @@ public class EncryptionAlgorithm extends Algorithm {
         Padding.PKCS5, IVParameterSpecClasses, 16, null, 192); // no oid
 
     public static final EncryptionAlgorithm
-    AES_256_ECB = new EncryptionAlgorithm(CKM_AES_ECB, Alg.AES, Mode.ECB,
+    AES_256_ECB = new EncryptionAlgorithm(SEC_OID_AES_256_ECB,
+        Alg.AES, Mode.ECB,
         Padding.NONE, (Class)null, 16, AES_ROOT_OID.subBranch(41), 256);
 
     public static final EncryptionAlgorithm
-    AES_256_CBC = new EncryptionAlgorithm(CKM_AES_CBC, Alg.AES, Mode.CBC,
+    AES_256_CBC = new EncryptionAlgorithm(SEC_OID_AES_256_CBC,
+        Alg.AES, Mode.CBC,
         Padding.NONE, IVParameterSpecClasses, 16,
         AES_ROOT_OID.subBranch(42), 256);
     
-- 
2.9.3