pkcs11dh_link.c revision 420a43c8d8028992a4e9c170022f97bfac689025
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * Copyright (C) 2014, 2015 Internet Systems Consortium, Inc. ("ISC")
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * Permission to use, copy, modify, and/or distribute this software for any
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * purpose with or without fee is hereby granted, provided that the above
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * copyright notice and this permission notice appear in all copies.
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
92fe6db3e46016f4ce0d6e372c745469bba10b5eEvan Hunt * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * PERFORMANCE OF THIS SOFTWARE.
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * PKCS#3 DH keys:
78608b0a454246d0e1e0169f1d671b8427e48199Francis Dupont * mechanisms:
78608b0a454246d0e1e0169f1d671b8427e48199Francis Dupont * CKM_DH_PKCS_PARAMETER_GEN,
78608b0a454246d0e1e0169f1d671b8427e48199Francis Dupont * CKM_DH_PKCS_KEY_PAIR_GEN,
78608b0a454246d0e1e0169f1d671b8427e48199Francis Dupont * CKM_DH_PKCS_DERIVE
78608b0a454246d0e1e0169f1d671b8427e48199Francis Dupont * domain parameters:
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * object class CKO_DOMAIN_PARAMETERS
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * key type CKK_DH
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * attribute CKA_PRIME (prime p)
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * attribute CKA_BASE (base g)
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * optional attribute CKA_PRIME_BITS (p length in bits)
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * public key:
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * object class CKO_PUBLIC_KEY
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * key type CKK_DH
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * attribute CKA_PRIME (prime p)
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * attribute CKA_BASE (base g)
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * attribute CKA_VALUE (public value y)
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * private key:
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * object class CKO_PRIVATE_KEY
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * key type CKK_DH
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * attribute CKA_PRIME (prime p)
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * attribute CKA_BASE (base g)
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * attribute CKA_VALUE (private value x)
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * optional attribute CKA_VALUE_BITS (x length in bits)
d58e33bfabfee19a035031dac633d36659738d56Evan Hunt * reuse CKA_PRIVATE_EXPONENT for key pair private value
static isc_result_t
return (ISC_R_SUCCESS);
return (DST_R_INVALIDPRIVATEKEY);
err:
return (ret);
static isc_result_t
isc_region_t r;
return (DST_R_INVALIDPUBLICKEY);
return (DST_R_INVALIDPUBLICKEY);
return (ret);
goto err;
if (secValue[i] != 0)
err:
return (ret);
static isc_boolean_t
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_FALSE);
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
static isc_boolean_t
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
return (ISC_FALSE);
return (ISC_TRUE);
static isc_result_t
sizeof(*pk11_ctx));
return (ISC_R_NOMEMORY);
goto err;
if ((generator == 0) &&
sizeof(pk11_dh_bn2));
sizeof(pk11_dh_bn2));
attr++;
return (ISC_R_SUCCESS);
err:
return (ret);
static isc_boolean_t
return (ISC_FALSE);
case CKA_VALUE:
case CKA_VALUE2:
case CKA_PRIME:
case CKA_BASE:
static isc_uint16_t
return (val);
static isc_result_t
isc_region_t r;
case CKA_VALUE:
case CKA_PRIME:
case CKA_BASE:
glen = 0;
return (ISC_R_NOSPACE);
sizeof(pk11_dh_bn768)))
sizeof(pk11_dh_bn1024)))
if (glen > 0)
return (ISC_R_SUCCESS);
static isc_result_t
isc_region_t r;
int special = 0;
if (r.length == 0)
return (ISC_R_SUCCESS);
return (ISC_R_NOMEMORY);
return (DST_R_INVALIDPUBLICKEY);
return (DST_R_INVALIDPUBLICKEY);
return (DST_R_INVALIDPUBLICKEY);
switch (special) {
return (DST_R_INVALIDPUBLICKEY);
return (DST_R_INVALIDPUBLICKEY);
return (DST_R_INVALIDPUBLICKEY);
if (special != 0) {
if (glen == 0) {
return (DST_R_INVALIDPUBLICKEY);
if (glen == 0) {
return (DST_R_INVALIDPUBLICKEY);
return (DST_R_INVALIDPUBLICKEY);
return (DST_R_INVALIDPUBLICKEY);
goto nomemory;
goto nomemory;
goto nomemory;
goto nomemory;
return (ISC_R_SUCCESS);
case CKA_VALUE:
case CKA_PRIME:
case CKA_BASE:
return (ISC_R_NOMEMORY);
static isc_result_t
return (DST_R_NULLKEY);
return (DST_R_EXTERNALKEY);
case CKA_VALUE:
case CKA_VALUE2:
case CKA_PRIME:
case CKA_BASE:
return (DST_R_NULLKEY);
goto fail;
fail:
return (result);
static isc_result_t
return (ret);
case TAG_DH_PRIME:
case TAG_DH_GENERATOR:
case TAG_DH_PRIVATE:
case TAG_DH_PUBLIC:
return (ISC_R_SUCCESS);
err:
return (ret);
return (ISC_R_SUCCESS);