switch NSS_NoDB_Init() to NSS_InitContext()

libsrtp uses nss in the context of a system
library. It is up to the application to call
NSS_XXX_Init(). Changing to NSS_InitContext()
allows libsrtp to initialize as much of nss as
it requires without effecting the application. It
also allows nss cleanup through the use of
NSS_ShutdownContext()

This fixes potential memory leaks.

Author: pabuhler

crypto/cipher/aes_gcm_nss.c

@@ -53,7 +53,6 @@
 #include "err.h" /* for srtp_debug */
 #include "crypto_types.h"
 #include "cipher_types.h"
-#include <nss.h>
 #include <secerr.h>
 #include <nspr.h>
 
@@ -82,6 +81,7 @@ static srtp_err_status_t srtp_aes_gcm_nss_alloc(srtp_cipher_t **c,
                                                 int tlen)
 {
     srtp_aes_gcm_ctx_t *gcm;
+    NSSInitContext *nss;
 
     debug_print(srtp_mod_aes_gcm, "allocating cipher with key length %d",
                 key_len);
@@ -99,24 +99,32 @@ static srtp_err_status_t srtp_aes_gcm_nss_alloc(srtp_cipher_t **c,
         return (srtp_err_status_bad_param);
     }
 
-    /* Initialize NSS */
-    if (!NSS_IsInitialized() && NSS_NoDB_Init(NULL) != SECSuccess) {
+    /* Initialize NSS equiv of NSS_NoDB_Init(NULL) */
+    nss = NSS_InitContext("", "", "", "", NULL,
+                          NSS_INIT_READONLY | NSS_INIT_NOCERTDB |
+                              NSS_INIT_NOMODDB | NSS_INIT_FORCEOPEN |
+                              NSS_INIT_OPTIMIZESPACE);
+    if (!nss) {
         return (srtp_err_status_cipher_fail);
     }
 
     /* allocate memory a cipher of type aes_gcm */
     *c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
     if (*c == NULL) {
+        NSS_ShutdownContext(nss);
         return (srtp_err_status_alloc_fail);
     }
 
     gcm = (srtp_aes_gcm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_gcm_ctx_t));
     if (gcm == NULL) {
+        NSS_ShutdownContext(nss);
         srtp_crypto_free(*c);
         *c = NULL;
         return (srtp_err_status_alloc_fail);
     }
 
+    gcm->nss = nss;
+
     /* set pointers */
     (*c)->state = gcm;
 
@@ -161,6 +169,11 @@ static srtp_err_status_t srtp_aes_gcm_nss_dealloc(srtp_cipher_t *c)
             PK11_FreeSymKey(ctx->key);
         }
 
+        if (ctx->nss) {
+            NSS_ShutdownContext(ctx->nss);
+            ctx->nss = NULL;
+        }
+
         /* zeroize the key material */
         octet_string_set_to_zero(ctx, sizeof(srtp_aes_gcm_ctx_t));
         srtp_crypto_free(ctx);

crypto/cipher/aes_icm_nss.c

@@ -52,7 +52,6 @@
 #include "err.h" /* for srtp_debug */
 #include "alloc.h"
 #include "cipher_types.h"
-#include <nss.h>
 
 srtp_debug_module_t srtp_mod_aes_icm = {
     0,            /* debugging is off by default */
@@ -106,6 +105,7 @@ static srtp_err_status_t srtp_aes_icm_nss_alloc(srtp_cipher_t **c,
                                                 int tlen)
 {
     srtp_aes_icm_ctx_t *icm;
+    NSSInitContext *nss;
 
     debug_print(srtp_mod_aes_icm, "allocating cipher with key length %d",
                 key_len);
@@ -119,26 +119,33 @@ static srtp_err_status_t srtp_aes_icm_nss_alloc(srtp_cipher_t **c,
         return srtp_err_status_bad_param;
     }
 
-    /* Initialize NSS */
-    if (!NSS_IsInitialized() && NSS_NoDB_Init(NULL) != SECSuccess) {
+    /* Initialize NSS equiv of NSS_NoDB_Init(NULL) */
+    nss = NSS_InitContext("", "", "", "", NULL,
+                          NSS_INIT_READONLY | NSS_INIT_NOCERTDB |
+                              NSS_INIT_NOMODDB | NSS_INIT_FORCEOPEN |
+                              NSS_INIT_OPTIMIZESPACE);
+    if (!nss) {
         return (srtp_err_status_cipher_fail);
     }
 
     /* allocate memory a cipher of type aes_icm */
     *c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
     if (*c == NULL) {
+        NSS_ShutdownContext(nss);
         return srtp_err_status_alloc_fail;
     }
 
     icm = (srtp_aes_icm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_icm_ctx_t));
     if (icm == NULL) {
+        NSS_ShutdownContext(nss);
         srtp_crypto_free(*c);
         *c = NULL;
         return srtp_err_status_alloc_fail;
     }
 
     icm->key = NULL;
     icm->ctx = NULL;
+    icm->nss = nss;
 
     /* set pointers */
     (*c)->state = icm;
@@ -188,6 +195,11 @@ static srtp_err_status_t srtp_aes_icm_nss_dealloc(srtp_cipher_t *c)
             ctx->ctx = NULL;
         }
 
+        if (ctx->nss) {
+            NSS_ShutdownContext(ctx->nss);
+            ctx->nss = NULL;
+        }
+
         /* zeroize everything */
         octet_string_set_to_zero(ctx, sizeof(srtp_aes_icm_ctx_t));
         srtp_crypto_free(ctx);

crypto/include/aes_gcm.h

@@ -66,6 +66,7 @@ typedef struct {
 
 #ifdef NSS
 
+#include <nss.h>
 #include <pk11pub.h>
 
 #define MAX_AD_SIZE 2048
@@ -74,6 +75,7 @@ typedef struct {
     int key_size;
     int tag_size;
     srtp_cipher_direction_t dir;
+    NSSInitContext *nss;
     PK11SymKey *key;
     uint8_t iv[12];
     uint8_t aad[MAX_AD_SIZE];

crypto/include/aes_icm_ext.h

@@ -65,13 +65,15 @@ typedef struct {
 
 #ifdef NSS
 
+#include <nss.h>
 #include <pk11pub.h>
 
 typedef struct {
     v128_t counter;
     v128_t offset;
     int key_size;
     uint8_t iv[16];
+    NSSInitContext *nss;
     PK11SymKey *key;
     PK11Context *ctx;
 } srtp_aes_icm_ctx_t;