/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include <strings.h>
#include <errno.h>
#include <ecc_impl.h>
#include <security/cryptoki.h>
#include <sys/crypto/ioctl.h>
#include "kernelGlobal.h"
#include "kernelSession.h"
#include "kernelObject.h"
static boolean_t
attribute_in_template(CK_ATTRIBUTE_TYPE type, CK_ATTRIBUTE_PTR t, CK_ULONG cnt)
{
int i;
for (i = 0; i < cnt; i++) {
if (t[i].type == type)
return (B_TRUE);
}
return (B_FALSE);
}
/*
* This routine returns modulus bytes rounded up to the nearest 8 byte
* chunk. This is so we don't have to pass in max sized buffers for
* returned attributes. Every unnecessary byte that we pass in results
* in a kernel allocation.
*/
static ulong_t
get_modulus_bytes(CK_ATTRIBUTE_PTR t, CK_ULONG cnt)
{
CK_ULONG modulus_len;
int i;
for (i = 0; i < cnt; i++) {
if (t[i].type == CKA_MODULUS_BITS) {
get_ulong_attr_from_template(&modulus_len, &t[i]);
/* convert from bit length to byte length */
modulus_len = (modulus_len - 1) / 64 + 1;
return (modulus_len * 8);
}
}
return (0);
}
/*
* Remove specified attribute from array. Storage for the attribute's
* value is freed if 'free_attr' is TRUE. Attributes are shifted so they are
* contiguous within the array, i.e. the next attribute is shifted into
* the position of the removed attribute. Returns TRUE if specified
* attribute is removed.
*/
static boolean_t
remove_one_attribute(CK_ATTRIBUTE_PTR t, CK_ULONG type, uint_t count,
boolean_t free_attr)
{
int i, j;
for (i = 0, j = 0; i < count; i++) {
if (t[i].type == type) {
if (free_attr) {
free(t[i].pValue);
}
continue;
}
if (i != j) {
t[j].type = t[i].type;
t[j].pValue = t[i].pValue;
t[j].ulValueLen = t[i].ulValueLen;
}
j++;
}
if (j == count)
return (B_FALSE);
/* safety */
t[j].pValue = NULL;
t[j].ulValueLen = 0;
return (B_TRUE);
}
static boolean_t
is_secret_key_template(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount)
{
int i;
for (i = 0; i < ulAttributeCount; i++) {
if (pTemplate[i].type == CKA_CLASS &&
*(CK_OBJECT_CLASS *)(pTemplate[i].pValue) ==
CKO_SECRET_KEY)
return (B_TRUE);
}
return (B_FALSE);
}
/*
* Allocate a template with space for new_count entries and copy the
* specified template into the new template.
*/
static CK_ATTRIBUTE_PTR
grow_template(CK_ATTRIBUTE_PTR old_template, CK_ULONG old_count,
CK_ULONG new_count)
{
CK_ATTRIBUTE_PTR new_template;
new_template = malloc(new_count * sizeof (CK_ATTRIBUTE));
if (new_template != NULL)
bcopy(old_template, new_template,
old_count * sizeof (CK_ATTRIBUTE));
return (new_template);
}
/*
* For fixed length keys such as DES, return the length based on
* the key type. For variable length keys such as AES, take the
* length from the CKA_VALUE_LEN attribute.
*/
static int
get_key_len_from_template(CK_MECHANISM_PTR pMechanism,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
kernel_object_t *basekey_p, ulong_t *key_len)
{
boolean_t fixed_len_key = B_FALSE;
ulong_t key_type;
int i;
for (i = 0; i < ulAttributeCount; i++) {
if (pTemplate[i].type == CKA_KEY_TYPE) {
get_ulong_attr_from_template(&key_type, &pTemplate[i]);
break;
}
}
/* CKA_KEY_TYPE must be present */
if (i == ulAttributeCount)
return (CKR_TEMPLATE_INCOMPLETE);
switch (key_type) {
case CKK_DES:
*key_len = 8;
fixed_len_key = B_TRUE;
break;
case CKK_DES3:
*key_len = 24;
fixed_len_key = B_TRUE;
break;
case CKK_AES:
case CKK_BLOWFISH:
for (i = 0; i < ulAttributeCount; i++) {
if (pTemplate[i].type == CKA_VALUE_LEN) {
get_ulong_attr_from_template(key_len,
&pTemplate[i]);
break;
}
}
/* CKA_VALUE_LEN must be present */
if (i == ulAttributeCount)
return (CKR_TEMPLATE_INCOMPLETE);
break;
case CKK_GENERIC_SECRET:
/*
* The key will not be truncated, so we need to
* get the max length for the mechanism.
*/
if (pMechanism->mechanism == CKM_DH_PKCS_DERIVE) {
CK_ATTRIBUTE tmp;
tmp.type = CKA_PRIME;
tmp.pValue = NULL;
/* get size of attribute */
if (kernel_get_attribute(basekey_p, &tmp) != CKR_OK) {
return (CKR_ARGUMENTS_BAD);
}
*key_len = tmp.ulValueLen;
} else if (pMechanism->mechanism == CKM_ECDH1_DERIVE) {
*key_len = EC_MAX_VALUE_LEN;
} else {
return (CKR_ARGUMENTS_BAD);
}
break;
default:
return (CKR_ATTRIBUTE_VALUE_INVALID);
}
if (fixed_len_key && attribute_in_template(CKA_VALUE_LEN,
pTemplate, ulAttributeCount))
return (CKR_TEMPLATE_INCONSISTENT);
return (CKR_OK);
}
/* find specified attribute src template and copy to dest */
static int
copy_attribute(CK_ULONG type, CK_ATTRIBUTE_PTR src, CK_ULONG src_cnt,
CK_ATTRIBUTE_PTR dst)
{
int rv, i;
for (i = 0; i < src_cnt; i++) {
if (src[i].type == type) {
rv = get_string_from_template(dst, &src[i]);
break;
}
}
/*
* The public template didn't have attribute.
*/
if (i == src_cnt) {
rv = CKR_TEMPLATE_INCOMPLETE;
}
return (rv);
}
static void
free_attributes(caddr_t p, uint_t *countp)
{
if (*countp > 0) {
free_object_attributes(p, *countp);
*countp = 0;
}
}
CK_RV
key_gen_by_value(CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulCount, kernel_session_t *session_p,
crypto_mech_type_t k_mech_type, kernel_object_t *new_objp)
{
crypto_nostore_generate_key_t obj_ngk;
char *key_buf = NULL;
CK_ATTRIBUTE_PTR newTemplate = NULL;
CK_BBOOL is_token_obj = FALSE;
CK_RV rv = CKR_OK;
ulong_t key_len = 0;
uint_t attr_count;
int r;
obj_ngk.ngk_in_count = 0;
obj_ngk.ngk_out_count = 0;
rv = get_key_len_from_template(pMechanism, pTemplate, ulCount,
NULL, &key_len);
if (rv != CRYPTO_SUCCESS)
goto failed_exit;
if ((key_buf = malloc(key_len)) == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
attr_count = ulCount + 1;
newTemplate = grow_template(pTemplate, ulCount, attr_count);
if (newTemplate == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
/* Now add the CKA_VALUE attribute to template */
newTemplate[ulCount].type = CKA_VALUE;
newTemplate[ulCount].pValue = (caddr_t)key_buf;
newTemplate[ulCount].ulValueLen = key_len;
rv = process_object_attributes(newTemplate, attr_count - 1,
&obj_ngk.ngk_in_attributes, &is_token_obj);
if (rv != CKR_OK) {
goto failed_exit;
}
rv = process_object_attributes(&newTemplate[ulCount],
1, &obj_ngk.ngk_out_attributes, &is_token_obj);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Cannot create a token object with a READ-ONLY session. */
if (is_token_obj && session_p->ses_RO) {
rv = CKR_SESSION_READ_ONLY;
goto failed_exit;
}
/* Call the CRYPTO_NOSTORE_GENERATE_KEY ioctl */
obj_ngk.ngk_session = session_p->k_session;
obj_ngk.ngk_in_count = attr_count - 1;
obj_ngk.ngk_out_count = 1;
obj_ngk.ngk_mechanism.cm_type = k_mech_type;
obj_ngk.ngk_mechanism.cm_param = pMechanism->pParameter;
obj_ngk.ngk_mechanism.cm_param_len = pMechanism->ulParameterLen;
while ((r = ioctl(kernel_fd, CRYPTO_NOSTORE_GENERATE_KEY,
&obj_ngk)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(obj_ngk.ngk_return_value);
}
free_attributes(obj_ngk.ngk_in_attributes, &obj_ngk.ngk_in_count);
if (rv != CKR_OK) {
goto failed_exit;
}
rv = get_object_attributes(&newTemplate[ulCount], 1,
obj_ngk.ngk_out_attributes);
free_attributes(obj_ngk.ngk_out_attributes, &obj_ngk.ngk_out_count);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
/*
* CKA_VALUE_LEN is not stored with the secret key object,
* so we remove it by shifting attributes down one.
*/
(void) remove_one_attribute(newTemplate, CKA_VALUE_LEN,
attr_count, B_FALSE);
rv = kernel_build_object(newTemplate, attr_count - 1,
new_objp, session_p, KERNEL_GEN_KEY);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
new_objp->is_lib_obj = B_TRUE;
new_objp->session_handle = (CK_SESSION_HANDLE)session_p;
(void) free(newTemplate);
bzero(key_buf, key_len);
(void) free(key_buf);
return (CKR_OK);
failed_exit:
free_attributes(obj_ngk.ngk_in_attributes, &obj_ngk.ngk_in_count);
free_attributes(obj_ngk.ngk_out_attributes, &obj_ngk.ngk_out_count);
if (key_buf != NULL) {
bzero(key_buf, key_len);
(void) free(key_buf);
}
if (newTemplate != NULL) {
(void) free(newTemplate);
}
return (rv);
}
CK_RV
C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey)
{
CK_RV rv = CKR_OK;
kernel_session_t *session_p;
kernel_object_t *new_objp = NULL;
kernel_slot_t *pslot;
boolean_t ses_lock_held = B_FALSE;
CK_BBOOL is_pri_obj;
CK_BBOOL is_token_obj = FALSE;
crypto_mech_type_t k_mech_type;
int r;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
/* Obtain the session pointer */
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
if ((pMechanism == NULL) || (phKey == NULL)) {
rv = CKR_ARGUMENTS_BAD;
goto failed_exit;
}
if ((pTemplate == NULL) && (ulCount != 0)) {
rv = CKR_ARGUMENTS_BAD;
goto failed_exit;
}
/* Get the kernel's internal mechanism number. */
rv = kernel_mech(pMechanism->mechanism, &k_mech_type);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Create an object wrapper in the library first */
new_objp = calloc(1, sizeof (kernel_object_t));
if (new_objp == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
/*
* Special Case: if token does not support object creation,
* but does support key generation by value, then create a session
* object and initialize with value returned by token.
*/
pslot = slot_table[session_p->ses_slotid];
if (!pslot->sl_func_list.fl_object_create) {
rv = key_gen_by_value(pMechanism, pTemplate, ulCount, session_p,
k_mech_type, new_objp);
if (rv != CKR_OK)
goto failed_exit;
} else {
crypto_object_generate_key_t obj_gk;
/* Process the attributes */
rv = process_object_attributes(pTemplate, ulCount,
&obj_gk.gk_attributes, &is_token_obj);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Cannot create a token object with a READ-ONLY session. */
if (is_token_obj && session_p->ses_RO) {
free_object_attributes(obj_gk.gk_attributes, ulCount);
rv = CKR_SESSION_READ_ONLY;
goto failed_exit;
}
/* Call the CRYPTO_GENERATE_KEY ioctl */
obj_gk.gk_session = session_p->k_session;
obj_gk.gk_count = ulCount;
obj_gk.gk_mechanism.cm_type = k_mech_type;
obj_gk.gk_mechanism.cm_param = pMechanism->pParameter;
obj_gk.gk_mechanism.cm_param_len = pMechanism->ulParameterLen;
while ((r = ioctl(kernel_fd, CRYPTO_GENERATE_KEY,
&obj_gk)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(obj_gk.gk_return_value);
}
free_object_attributes(obj_gk.gk_attributes, ulCount);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Get the value of the CKA_PRIVATE attribute. */
rv = get_cka_private_value(session_p, obj_gk.gk_handle,
&is_pri_obj);
if (rv != CKR_OK) {
goto failed_exit;
}
/*
* Store the kernel object handle in the object wrapper and
* initialize the library object.
*/
new_objp->k_handle = obj_gk.gk_handle;
new_objp->is_lib_obj = B_FALSE;
new_objp->session_handle = (CK_SESSION_HANDLE)session_p;
new_objp->extra_attrlistp = NULL;
if (is_pri_obj)
new_objp->bool_attr_mask |= PRIVATE_BOOL_ON;
else
new_objp->bool_attr_mask &= ~PRIVATE_BOOL_ON;
if (is_token_obj)
new_objp->bool_attr_mask |= TOKEN_BOOL_ON;
else
new_objp->bool_attr_mask &= ~TOKEN_BOOL_ON;
}
(void) pthread_mutex_init(&new_objp->object_mutex, NULL);
new_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
/*
* Add the new object to the slot's token object list if it is a
* a token object. Otherwise, add it to the session's object list.
*/
if (is_token_obj) {
pslot = slot_table[session_p->ses_slotid];
kernel_add_token_object_to_slot(new_objp, pslot);
} else {
kernel_add_object_to_session(new_objp, session_p);
}
*phKey = (CK_OBJECT_HANDLE)new_objp;
REFRELE(session_p, ses_lock_held);
return (rv);
failed_exit:
if (new_objp != NULL) {
(void) free(new_objp);
}
REFRELE(session_p, ses_lock_held);
return (rv);
}
CK_RV
key_gen_rsa_by_value(CK_MECHANISM_PTR pMechanism,
CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount,
CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount,
kernel_session_t *session_p, crypto_mech_type_t k_mech_type,
kernel_object_t *new_pub_objp, kernel_object_t *new_pri_objp)
{
crypto_nostore_generate_key_pair_t obj_nkp;
CK_ATTRIBUTE_PTR pubTemplate = NULL;
CK_ATTRIBUTE_PTR priTemplate = NULL;
CK_RV rv = CKR_OK;
CK_BBOOL is_token_obj1 = FALSE;
CK_BBOOL is_token_obj2 = FALSE;
uint_t pub_attr_count, pri_attr_count;
uint_t pub_out_attr_count = 0, pri_out_attr_count = 0;
char public_modulus[512];
char public_exponent[8];
char private_exponent[512];
char private_modulus[512];
char prime_1[512];
char prime_2[512];
char exponent_1[512];
char exponent_2[512];
char coefficient[512];
CK_ULONG pub_class = CKO_PUBLIC_KEY;
CK_ULONG pri_class = CKO_PRIVATE_KEY;
CK_ULONG key_type;
CK_ULONG modulus_bytes;
boolean_t has_class, has_key_type, has_pub_exponent;
int n, r;
obj_nkp.nkp_in_public_count = 0;
obj_nkp.nkp_out_public_count = 0;
obj_nkp.nkp_in_private_count = 0;
obj_nkp.nkp_out_private_count = 0;
/* modulus bits must be present when generating a RSA key pair */
if (!attribute_in_template(CKA_MODULUS_BITS, pPublicKeyTemplate,
ulPublicKeyAttributeCount)) {
rv = CKR_TEMPLATE_INCOMPLETE;
goto failed_exit;
}
modulus_bytes = get_modulus_bytes(pPublicKeyTemplate,
ulPublicKeyAttributeCount);
/*
* Add CKA_MODULUS to the public template.
* This attribute must not be in the template.
*/
if (attribute_in_template(CKA_MODULUS, pPublicKeyTemplate,
ulPublicKeyAttributeCount)) {
rv = CKR_TEMPLATE_INCONSISTENT;
goto failed_exit;
}
has_class = attribute_in_template(CKA_CLASS, pPublicKeyTemplate,
ulPublicKeyAttributeCount);
has_key_type = attribute_in_template(CKA_KEY_TYPE, pPublicKeyTemplate,
ulPublicKeyAttributeCount);
has_pub_exponent = attribute_in_template(CKA_PUBLIC_EXPONENT,
pPublicKeyTemplate, ulPublicKeyAttributeCount);
pub_attr_count = ulPublicKeyAttributeCount + 1;
if (!has_class)
pub_attr_count++;
if (!has_key_type)
pub_attr_count++;
if (!has_pub_exponent)
pub_attr_count++;
pubTemplate = grow_template(pPublicKeyTemplate,
ulPublicKeyAttributeCount, pub_attr_count);
if (pubTemplate == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
n = ulPublicKeyAttributeCount;
if (!has_class) {
pubTemplate[n].type = CKA_CLASS;
pubTemplate[n].pValue = (caddr_t)&pub_class;
pubTemplate[n].ulValueLen = sizeof (pub_class);
n++;
}
if (!has_key_type) {
pubTemplate[n].type = CKA_KEY_TYPE;
key_type = CKK_RSA;
pubTemplate[n].pValue = (caddr_t)&key_type;
pubTemplate[n].ulValueLen = sizeof (key_type);
n++;
}
if (!has_pub_exponent) {
pubTemplate[n].type = CKA_PUBLIC_EXPONENT;
pubTemplate[n].pValue = (caddr_t)public_exponent;
pubTemplate[n].ulValueLen = modulus_bytes;
n++;
pub_out_attr_count++;
}
pubTemplate[n].type = CKA_MODULUS;
pubTemplate[n].pValue = (caddr_t)public_modulus;
pubTemplate[n].ulValueLen = modulus_bytes;
pub_out_attr_count++;
rv = process_object_attributes(pubTemplate,
pub_attr_count - pub_out_attr_count,
&obj_nkp.nkp_in_public_attributes, &is_token_obj1);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_in_public_count = pub_attr_count - pub_out_attr_count;
rv = process_object_attributes(
&pubTemplate[pub_attr_count - pub_out_attr_count],
pub_out_attr_count, &obj_nkp.nkp_out_public_attributes,
&is_token_obj1);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_out_public_count = pub_out_attr_count;
/*
* Cannot create a token object with a READ-ONLY
* session.
*/
if (is_token_obj1 && session_p->ses_RO) {
rv = CKR_SESSION_READ_ONLY;
goto failed_exit;
}
/*
* Add CKA_MODULUS and CKA_PRIVATE_EXPONENT
* to the private template. These attributes
* must not be in the template.
*/
if (attribute_in_template(CKA_PRIVATE_EXPONENT,
pPrivateKeyTemplate, ulPrivateKeyAttributeCount) ||
attribute_in_template(CKA_MODULUS,
pPrivateKeyTemplate, ulPrivateKeyAttributeCount)) {
rv = CKR_TEMPLATE_INCONSISTENT;
goto failed_exit;
}
has_class = attribute_in_template(CKA_CLASS, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount);
has_key_type = attribute_in_template(CKA_KEY_TYPE, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount);
pri_attr_count = ulPrivateKeyAttributeCount + 7;
if (!has_class)
pri_attr_count++;
if (!has_key_type)
pri_attr_count++;
/* allocate space for CKA_PUBLIC_EXPONENT */
priTemplate = grow_template(pPrivateKeyTemplate,
ulPrivateKeyAttributeCount, pri_attr_count + 1);
if (priTemplate == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
n = ulPrivateKeyAttributeCount;
if (!has_class) {
priTemplate[n].type = CKA_CLASS;
priTemplate[n].pValue = (caddr_t)&pri_class;
priTemplate[n].ulValueLen = sizeof (pri_class);
n++;
}
if (!has_key_type) {
priTemplate[n].type = CKA_KEY_TYPE;
key_type = CKK_RSA;
priTemplate[n].pValue = (caddr_t)&key_type;
priTemplate[n].ulValueLen = sizeof (key_type);
n++;
}
priTemplate[n].type = CKA_MODULUS;
priTemplate[n].pValue = (caddr_t)private_modulus;
priTemplate[n].ulValueLen = modulus_bytes;
pri_out_attr_count++;
n++;
priTemplate[n].type = CKA_PRIVATE_EXPONENT;
priTemplate[n].pValue = (caddr_t)private_exponent;
priTemplate[n].ulValueLen = modulus_bytes;
pri_out_attr_count++;
n++;
priTemplate[n].type = CKA_PRIME_1;
priTemplate[n].pValue = (caddr_t)prime_1;
priTemplate[n].ulValueLen = modulus_bytes/2;
pri_out_attr_count++;
n++;
priTemplate[n].type = CKA_PRIME_2;
priTemplate[n].pValue = (caddr_t)prime_2;
priTemplate[n].ulValueLen = modulus_bytes/2;
pri_out_attr_count++;
n++;
priTemplate[n].type = CKA_EXPONENT_1;
priTemplate[n].pValue = (caddr_t)exponent_1;
priTemplate[n].ulValueLen = modulus_bytes/2;
pri_out_attr_count++;
n++;
priTemplate[n].type = CKA_EXPONENT_2;
priTemplate[n].pValue = (caddr_t)exponent_2;
priTemplate[n].ulValueLen = modulus_bytes/2;
pri_out_attr_count++;
n++;
priTemplate[n].type = CKA_COEFFICIENT;
priTemplate[n].pValue = (caddr_t)coefficient;
priTemplate[n].ulValueLen = modulus_bytes/2;
pri_out_attr_count++;
rv = process_object_attributes(priTemplate,
pri_attr_count - pri_out_attr_count,
&obj_nkp.nkp_in_private_attributes, &is_token_obj2);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_in_private_count = pri_attr_count - pri_out_attr_count;
rv = process_object_attributes(
&priTemplate[pri_attr_count - pri_out_attr_count],
pri_out_attr_count, &obj_nkp.nkp_out_private_attributes,
&is_token_obj2);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_out_private_count = pri_out_attr_count;
/*
* The public key and the private key need to contain the same
* attribute values for CKA_TOKEN.
*/
if (is_token_obj1 != is_token_obj2) {
rv = CKR_ATTRIBUTE_VALUE_INVALID;
goto failed_exit;
}
/* Call the CRYPTO_NOSTORE_GENERATE_KEY_PAIR ioctl. */
obj_nkp.nkp_session = session_p-> k_session;
obj_nkp.nkp_mechanism.cm_type = k_mech_type;
obj_nkp.nkp_mechanism.cm_param = pMechanism->pParameter;
obj_nkp.nkp_mechanism.cm_param_len = pMechanism->ulParameterLen;
while ((r = ioctl(kernel_fd, CRYPTO_NOSTORE_GENERATE_KEY_PAIR,
&obj_nkp)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(obj_nkp.nkp_return_value);
}
free_attributes(obj_nkp.nkp_in_public_attributes,
&obj_nkp.nkp_in_public_count);
free_attributes(obj_nkp.nkp_in_private_attributes,
&obj_nkp.nkp_in_private_count);
if (rv != CKR_OK) {
goto failed_exit;
}
rv = get_object_attributes(
&pubTemplate[pub_attr_count - pub_out_attr_count],
pub_out_attr_count, obj_nkp.nkp_out_public_attributes);
if (rv == CRYPTO_SUCCESS) {
rv = get_object_attributes(
&priTemplate[pri_attr_count - pri_out_attr_count],
pri_out_attr_count, obj_nkp.nkp_out_private_attributes);
}
free_attributes(obj_nkp.nkp_out_public_attributes,
&obj_nkp.nkp_out_public_count);
free_attributes(obj_nkp.nkp_out_private_attributes,
&obj_nkp.nkp_out_private_count);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
/* store generated modulus and public exponent */
rv = kernel_build_object(pubTemplate, pub_attr_count, new_pub_objp,
session_p, KERNEL_GEN_KEY);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
/*
* Copy CKA_PUBLIC_EXPONENT from the public template
* to the private template.
*/
rv = copy_attribute(CKA_PUBLIC_EXPONENT, pubTemplate,
pub_attr_count, &priTemplate[pri_attr_count]);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
rv = kernel_build_object(priTemplate, pri_attr_count + 1, new_pri_objp,
session_p, KERNEL_GEN_KEY);
(void) free(priTemplate[pri_attr_count].pValue);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
(void) free(pubTemplate);
(void) free(priTemplate);
new_pub_objp->is_lib_obj = B_TRUE;
new_pri_objp->is_lib_obj = B_TRUE;
new_pub_objp->session_handle = (CK_SESSION_HANDLE)session_p;
new_pri_objp->session_handle = (CK_SESSION_HANDLE)session_p;
(void) pthread_mutex_init(&new_pub_objp->object_mutex, NULL);
new_pub_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
(void) pthread_mutex_init(&new_pri_objp->object_mutex, NULL);
new_pri_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
return (CKR_OK);
failed_exit:
free_attributes(obj_nkp.nkp_in_public_attributes,
&obj_nkp.nkp_in_public_count);
free_attributes(obj_nkp.nkp_out_public_attributes,
&obj_nkp.nkp_out_public_count);
free_attributes(obj_nkp.nkp_in_private_attributes,
&obj_nkp.nkp_in_private_count);
free_attributes(obj_nkp.nkp_out_private_attributes,
&obj_nkp.nkp_out_private_count);
if (pubTemplate != NULL) {
(void) free(pubTemplate);
}
if (priTemplate != NULL) {
(void) free(priTemplate);
}
return (rv);
}
CK_RV
key_gen_dh_by_value(CK_MECHANISM_PTR pMechanism,
CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount,
CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount,
kernel_session_t *session_p, crypto_mech_type_t k_mech_type,
kernel_object_t *new_pub_objp, kernel_object_t *new_pri_objp)
{
crypto_nostore_generate_key_pair_t obj_nkp;
CK_ATTRIBUTE_PTR pubTemplate = NULL;
CK_ATTRIBUTE_PTR priTemplate = NULL;
CK_RV rv = CKR_OK;
CK_BBOOL is_token_obj1 = FALSE;
CK_BBOOL is_token_obj2 = FALSE;
uint_t pub_attr_count, pri_attr_count;
uint_t pub_out_attr_count = 0, pri_out_attr_count = 0;
char public_value[256];
char private_value[256];
CK_ULONG pub_class = CKO_PUBLIC_KEY;
CK_ULONG pri_class = CKO_PRIVATE_KEY;
CK_ULONG key_type;
boolean_t has_class, has_key_type;
int n, r;
obj_nkp.nkp_in_public_count = 0;
obj_nkp.nkp_out_public_count = 0;
obj_nkp.nkp_in_private_count = 0;
obj_nkp.nkp_out_private_count = 0;
/*
* Add CKA_VALUE to the public template.
* This attribute must not be in the template.
*/
if (attribute_in_template(CKA_VALUE, pPublicKeyTemplate,
ulPublicKeyAttributeCount)) {
rv = CKR_TEMPLATE_INCONSISTENT;
goto failed_exit;
}
has_class = attribute_in_template(CKA_CLASS, pPublicKeyTemplate,
ulPublicKeyAttributeCount);
has_key_type = attribute_in_template(CKA_KEY_TYPE, pPublicKeyTemplate,
ulPublicKeyAttributeCount);
pub_attr_count = ulPublicKeyAttributeCount + 1;
if (!has_class)
pub_attr_count++;
if (!has_key_type)
pub_attr_count++;
pubTemplate = grow_template(pPublicKeyTemplate,
ulPublicKeyAttributeCount, pub_attr_count);
if (pubTemplate == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
n = ulPublicKeyAttributeCount;
if (!has_class) {
pubTemplate[n].type = CKA_CLASS;
pubTemplate[n].pValue = (caddr_t)&pub_class;
pubTemplate[n].ulValueLen = sizeof (pub_class);
n++;
}
if (!has_key_type) {
pubTemplate[n].type = CKA_KEY_TYPE;
key_type = CKK_DH;
pubTemplate[n].pValue = (caddr_t)&key_type;
pubTemplate[n].ulValueLen = sizeof (key_type);
n++;
}
pubTemplate[n].type = CKA_VALUE;
pubTemplate[n].pValue = (caddr_t)public_value;
pubTemplate[n].ulValueLen = sizeof (public_value);
pub_out_attr_count++;
rv = process_object_attributes(pubTemplate,
pub_attr_count - pub_out_attr_count,
&obj_nkp.nkp_in_public_attributes, &is_token_obj1);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_in_public_count = pub_attr_count - pub_out_attr_count;
rv = process_object_attributes(
&pubTemplate[pub_attr_count - pub_out_attr_count],
pub_out_attr_count, &obj_nkp.nkp_out_public_attributes,
&is_token_obj1);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_out_public_count = pub_out_attr_count;
/*
* Cannot create a token object with a READ-ONLY
* session.
*/
if (is_token_obj1 && session_p->ses_RO) {
rv = CKR_SESSION_READ_ONLY;
goto failed_exit;
}
/*
* CKA_BASE, CKA_PRIME, and CKA_VALUE must not appear
* in private template.
*/
if (attribute_in_template(CKA_BASE, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount) ||
attribute_in_template(CKA_PRIME, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount) ||
attribute_in_template(CKA_VALUE, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount)) {
rv = CKR_TEMPLATE_INCONSISTENT;
goto failed_exit;
}
if (attribute_in_template(CKA_VALUE, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount)) {
rv = CKR_TEMPLATE_INCONSISTENT;
goto failed_exit;
}
has_class = attribute_in_template(CKA_CLASS, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount);
has_key_type = attribute_in_template(CKA_KEY_TYPE, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount);
pri_attr_count = ulPrivateKeyAttributeCount + 1;
if (!has_class)
pri_attr_count++;
if (!has_key_type)
pri_attr_count++;
/* allocate space for CKA_BASE and CKA_PRIME */
priTemplate = grow_template(pPrivateKeyTemplate,
ulPrivateKeyAttributeCount, pri_attr_count + 2);
if (priTemplate == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
n = ulPrivateKeyAttributeCount;
if (!has_class) {
priTemplate[n].type = CKA_CLASS;
priTemplate[n].pValue = (caddr_t)&pri_class;
priTemplate[n].ulValueLen = sizeof (pri_class);
n++;
}
if (!has_key_type) {
priTemplate[n].type = CKA_KEY_TYPE;
key_type = CKK_DH;
priTemplate[n].pValue = (caddr_t)&key_type;
priTemplate[n].ulValueLen = sizeof (key_type);
n++;
}
priTemplate[n].type = CKA_VALUE;
priTemplate[n].pValue = (caddr_t)private_value;
priTemplate[n].ulValueLen = sizeof (private_value);
pri_out_attr_count++;
rv = process_object_attributes(priTemplate,
pri_attr_count - pri_out_attr_count,
&obj_nkp.nkp_in_private_attributes, &is_token_obj2);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_in_private_count = pri_attr_count - pri_out_attr_count;
rv = process_object_attributes(
&priTemplate[pri_attr_count - pri_out_attr_count],
pri_out_attr_count, &obj_nkp.nkp_out_private_attributes,
&is_token_obj2);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_out_private_count = pri_out_attr_count;
/*
* The public key and the private key need to contain the same
* attribute values for CKA_TOKEN.
*/
if (is_token_obj1 != is_token_obj2) {
rv = CKR_ATTRIBUTE_VALUE_INVALID;
goto failed_exit;
}
/* Call the CRYPTO_NOSTORE_GENERATE_KEY_PAIR ioctl. */
obj_nkp.nkp_session = session_p-> k_session;
obj_nkp.nkp_mechanism.cm_type = k_mech_type;
obj_nkp.nkp_mechanism.cm_param = pMechanism->pParameter;
obj_nkp.nkp_mechanism.cm_param_len = pMechanism->ulParameterLen;
while ((r = ioctl(kernel_fd, CRYPTO_NOSTORE_GENERATE_KEY_PAIR,
&obj_nkp)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(obj_nkp.nkp_return_value);
}
free_attributes(obj_nkp.nkp_in_public_attributes,
&obj_nkp.nkp_in_public_count);
free_attributes(obj_nkp.nkp_in_private_attributes,
&obj_nkp.nkp_in_private_count);
if (rv != CKR_OK) {
goto failed_exit;
}
rv = get_object_attributes(
&pubTemplate[pub_attr_count - pub_out_attr_count],
pub_out_attr_count, obj_nkp.nkp_out_public_attributes);
if (rv == CRYPTO_SUCCESS) {
rv = get_object_attributes(
&priTemplate[pri_attr_count - pri_out_attr_count],
pri_out_attr_count, obj_nkp.nkp_out_private_attributes);
}
free_attributes(obj_nkp.nkp_out_public_attributes,
&obj_nkp.nkp_out_public_count);
free_attributes(obj_nkp.nkp_out_private_attributes,
&obj_nkp.nkp_out_private_count);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
rv = kernel_build_object(pubTemplate, pub_attr_count, new_pub_objp,
session_p, KERNEL_GEN_KEY);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
/*
* Copy CKA_BASE and CKA_PRIME from the public template
* to the private template.
*/
rv = copy_attribute(CKA_BASE, pubTemplate, pub_attr_count,
&priTemplate[pri_attr_count]);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
rv = copy_attribute(CKA_PRIME, pubTemplate, pub_attr_count,
&priTemplate[pri_attr_count + 1]);
if (rv != CRYPTO_SUCCESS) {
(void) free(priTemplate[pri_attr_count].pValue);
goto failed_exit;
}
/* +2 to account for CKA_BASE and CKA_PRIME */
rv = kernel_build_object(priTemplate, pri_attr_count + 2,
new_pri_objp, session_p, KERNEL_GEN_KEY);
(void) free(priTemplate[pri_attr_count].pValue);
(void) free(priTemplate[pri_attr_count + 1].pValue);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
(void) free(pubTemplate);
(void) free(priTemplate);
new_pub_objp->is_lib_obj = B_TRUE;
new_pri_objp->is_lib_obj = B_TRUE;
new_pub_objp->session_handle = (CK_SESSION_HANDLE)session_p;
new_pri_objp->session_handle = (CK_SESSION_HANDLE)session_p;
(void) pthread_mutex_init(&new_pub_objp->object_mutex, NULL);
new_pub_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
(void) pthread_mutex_init(&new_pri_objp->object_mutex, NULL);
new_pri_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
return (CKR_OK);
failed_exit:
free_attributes(obj_nkp.nkp_in_public_attributes,
&obj_nkp.nkp_in_public_count);
free_attributes(obj_nkp.nkp_out_public_attributes,
&obj_nkp.nkp_out_public_count);
free_attributes(obj_nkp.nkp_in_private_attributes,
&obj_nkp.nkp_in_private_count);
free_attributes(obj_nkp.nkp_out_private_attributes,
&obj_nkp.nkp_out_private_count);
if (pubTemplate != NULL) {
(void) free(pubTemplate);
}
if (priTemplate != NULL) {
(void) free(priTemplate);
}
return (rv);
}
CK_RV
key_gen_ec_by_value(CK_MECHANISM_PTR pMechanism,
CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount,
CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount,
kernel_session_t *session_p, crypto_mech_type_t k_mech_type,
kernel_object_t *new_pub_objp, kernel_object_t *new_pri_objp)
{
crypto_nostore_generate_key_pair_t obj_nkp;
CK_ATTRIBUTE_PTR pubTemplate = NULL;
CK_ATTRIBUTE_PTR priTemplate = NULL;
CK_RV rv = CKR_OK;
CK_BBOOL is_token_obj1 = FALSE;
CK_BBOOL is_token_obj2 = FALSE;
uint_t pub_attr_count, pri_attr_count;
uint_t pub_out_attr_count = 0, pri_out_attr_count = 0;
char value[EC_MAX_VALUE_LEN];
char point[EC_MAX_POINT_LEN];
CK_ULONG pub_class = CKO_PUBLIC_KEY;
CK_ULONG pri_class = CKO_PRIVATE_KEY;
CK_ULONG key_type;
boolean_t has_class, has_key_type;
int n, r;
obj_nkp.nkp_in_public_count = 0;
obj_nkp.nkp_out_public_count = 0;
obj_nkp.nkp_in_private_count = 0;
obj_nkp.nkp_out_private_count = 0;
/*
* Add CKA_EC_POINT to the public template.
* This is the generated value Q. This attribute
* must not be in the template.
*/
if (attribute_in_template(CKA_EC_POINT, pPublicKeyTemplate,
ulPublicKeyAttributeCount)) {
rv = CKR_TEMPLATE_INCONSISTENT;
goto failed_exit;
}
has_class = attribute_in_template(CKA_CLASS, pPublicKeyTemplate,
ulPublicKeyAttributeCount);
has_key_type = attribute_in_template(CKA_KEY_TYPE, pPublicKeyTemplate,
ulPublicKeyAttributeCount);
pub_attr_count = ulPublicKeyAttributeCount + 1;
if (!has_class)
pub_attr_count++;
if (!has_key_type)
pub_attr_count++;
pubTemplate = grow_template(pPublicKeyTemplate,
ulPublicKeyAttributeCount, pub_attr_count);
if (pubTemplate == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
n = ulPublicKeyAttributeCount;
if (!has_class) {
pubTemplate[n].type = CKA_CLASS;
pubTemplate[n].pValue = (caddr_t)&pub_class;
pubTemplate[n].ulValueLen = sizeof (pub_class);
n++;
}
if (!has_key_type) {
pubTemplate[n].type = CKA_KEY_TYPE;
key_type = CKK_EC;
pubTemplate[n].pValue = (caddr_t)&key_type;
pubTemplate[n].ulValueLen = sizeof (key_type);
n++;
}
pubTemplate[n].type = CKA_EC_POINT;
pubTemplate[n].pValue = (caddr_t)point;
pubTemplate[n].ulValueLen = sizeof (point);
pub_out_attr_count++;
rv = process_object_attributes(pubTemplate,
pub_attr_count - pub_out_attr_count,
&obj_nkp.nkp_in_public_attributes, &is_token_obj1);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_in_public_count = pub_attr_count - pub_out_attr_count;
rv = process_object_attributes(
&pubTemplate[pub_attr_count - pub_out_attr_count],
pub_out_attr_count, &obj_nkp.nkp_out_public_attributes,
&is_token_obj1);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_out_public_count = pub_out_attr_count;
/*
* Cannot create a token object with a READ-ONLY
* session.
*/
if (is_token_obj1 && session_p->ses_RO) {
rv = CKR_SESSION_READ_ONLY;
goto failed_exit;
}
/*
* CKA_EC_PARAMS and CKA_VALUE must not appear in
* private template.
*/
if (attribute_in_template(CKA_EC_PARAMS, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount) ||
attribute_in_template(CKA_VALUE, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount)) {
rv = CKR_TEMPLATE_INCONSISTENT;
goto failed_exit;
}
has_class = attribute_in_template(CKA_CLASS, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount);
has_key_type = attribute_in_template(CKA_KEY_TYPE, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount);
pri_attr_count = ulPrivateKeyAttributeCount + 1;
if (!has_class)
pri_attr_count++;
if (!has_key_type)
pri_attr_count++;
/* allocate space for CKA_EC_PARAMS */
priTemplate = grow_template(pPrivateKeyTemplate,
ulPrivateKeyAttributeCount, pri_attr_count + 1);
if (priTemplate == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
n = ulPrivateKeyAttributeCount;
if (!has_class) {
priTemplate[n].type = CKA_CLASS;
priTemplate[n].pValue = (caddr_t)&pri_class;
priTemplate[n].ulValueLen = sizeof (pri_class);
n++;
}
if (!has_key_type) {
priTemplate[n].type = CKA_KEY_TYPE;
key_type = CKK_EC;
priTemplate[n].pValue = (caddr_t)&key_type;
priTemplate[n].ulValueLen = sizeof (key_type);
n++;
}
priTemplate[n].type = CKA_VALUE;
priTemplate[n].pValue = (caddr_t)value;
priTemplate[n].ulValueLen = sizeof (value);
pri_out_attr_count++;
rv = process_object_attributes(priTemplate,
pri_attr_count - pri_out_attr_count,
&obj_nkp.nkp_in_private_attributes, &is_token_obj2);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_in_private_count = pri_attr_count - pri_out_attr_count;
rv = process_object_attributes(
&priTemplate[pri_attr_count - pri_out_attr_count],
pri_out_attr_count, &obj_nkp.nkp_out_private_attributes,
&is_token_obj2);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_nkp.nkp_out_private_count = pri_out_attr_count;
/*
* The public key and the private key need to contain the same
* attribute values for CKA_TOKEN.
*/
if (is_token_obj1 != is_token_obj2) {
rv = CKR_ATTRIBUTE_VALUE_INVALID;
goto failed_exit;
}
/* Call the CRYPTO_NOSTORE_GENERATE_KEY_PAIR ioctl. */
obj_nkp.nkp_session = session_p-> k_session;
obj_nkp.nkp_mechanism.cm_type = k_mech_type;
obj_nkp.nkp_mechanism.cm_param = pMechanism->pParameter;
obj_nkp.nkp_mechanism.cm_param_len = pMechanism->ulParameterLen;
while ((r = ioctl(kernel_fd, CRYPTO_NOSTORE_GENERATE_KEY_PAIR,
&obj_nkp)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(obj_nkp.nkp_return_value);
}
free_attributes(obj_nkp.nkp_in_public_attributes,
&obj_nkp.nkp_in_public_count);
free_attributes(obj_nkp.nkp_in_private_attributes,
&obj_nkp.nkp_in_private_count);
if (rv != CKR_OK) {
goto failed_exit;
}
rv = get_object_attributes(
&pubTemplate[pub_attr_count - pub_out_attr_count],
pub_out_attr_count, obj_nkp.nkp_out_public_attributes);
if (rv == CRYPTO_SUCCESS) {
rv = get_object_attributes(
&priTemplate[pri_attr_count - pri_out_attr_count],
pri_out_attr_count, obj_nkp.nkp_out_private_attributes);
}
free_attributes(obj_nkp.nkp_out_public_attributes,
&obj_nkp.nkp_out_public_count);
free_attributes(obj_nkp.nkp_out_private_attributes,
&obj_nkp.nkp_out_private_count);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
rv = kernel_build_object(pubTemplate, pub_attr_count, new_pub_objp,
session_p, KERNEL_GEN_KEY);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
/*
* Copy CKA_EC_PARAMS from the public template to the
* private template.
*/
rv = copy_attribute(CKA_EC_PARAMS, pubTemplate, pub_attr_count,
&priTemplate[pri_attr_count]);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
/* +1 to account for CKA_EC_PARAMS */
rv = kernel_build_object(priTemplate, pri_attr_count + 1,
new_pri_objp, session_p, KERNEL_GEN_KEY);
(void) free(priTemplate[pri_attr_count].pValue);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
(void) free(pubTemplate);
(void) free(priTemplate);
new_pub_objp->is_lib_obj = B_TRUE;
new_pri_objp->is_lib_obj = B_TRUE;
new_pub_objp->session_handle = (CK_SESSION_HANDLE)session_p;
new_pri_objp->session_handle = (CK_SESSION_HANDLE)session_p;
(void) pthread_mutex_init(&new_pub_objp->object_mutex, NULL);
new_pub_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
(void) pthread_mutex_init(&new_pri_objp->object_mutex, NULL);
new_pri_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
return (CKR_OK);
failed_exit:
free_attributes(obj_nkp.nkp_in_public_attributes,
&obj_nkp.nkp_in_public_count);
free_attributes(obj_nkp.nkp_out_public_attributes,
&obj_nkp.nkp_out_public_count);
free_attributes(obj_nkp.nkp_in_private_attributes,
&obj_nkp.nkp_in_private_count);
free_attributes(obj_nkp.nkp_out_private_attributes,
&obj_nkp.nkp_out_private_count);
if (pubTemplate != NULL) {
(void) free(pubTemplate);
}
if (priTemplate != NULL) {
(void) free(priTemplate);
}
return (rv);
}
CK_RV
C_GenerateKeyPair(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount,
CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount,
CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey)
{
CK_RV rv = CKR_OK;
kernel_session_t *session_p;
kernel_object_t *new_pub_objp = NULL;
kernel_object_t *new_pri_objp = NULL;
kernel_slot_t *pslot;
boolean_t ses_lock_held = B_FALSE;
CK_BBOOL is_pri_obj1;
CK_BBOOL is_pri_obj2;
CK_BBOOL is_token_obj1 = FALSE;
CK_BBOOL is_token_obj2 = FALSE;
crypto_mech_type_t k_mech_type;
int r;
CK_RV (*func)(CK_MECHANISM_PTR, CK_ATTRIBUTE_PTR, CK_ULONG,
CK_ATTRIBUTE_PTR, CK_ULONG, kernel_session_t *, crypto_mech_type_t,
kernel_object_t *, kernel_object_t *);
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
/* Obtain the session pointer. */
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
if ((pMechanism == NULL) || (phPublicKey == NULL) ||
(phPrivateKey == NULL)) {
rv = CKR_ARGUMENTS_BAD;
goto failed_exit;
}
if ((pPublicKeyTemplate == NULL) && (ulPublicKeyAttributeCount != 0)) {
rv = CKR_ARGUMENTS_BAD;
goto failed_exit;
}
if ((pPrivateKeyTemplate == NULL) &&
(ulPrivateKeyAttributeCount != 0)) {
rv = CKR_ARGUMENTS_BAD;
goto failed_exit;
}
/* Get the kernel's internal mechanism number. */
rv = kernel_mech(pMechanism->mechanism, &k_mech_type);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Create an object wrapper for the public key */
new_pub_objp = calloc(1, sizeof (kernel_object_t));
if (new_pub_objp == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
/* Create an object wrapper for the private key. */
new_pri_objp = calloc(1, sizeof (kernel_object_t));
if (new_pri_objp == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
/*
* Special Case: if token does not support object creation,
* but does support key generation by value, then create a session
* object and initialize with values returned by token.
*/
pslot = slot_table[session_p->ses_slotid];
if (!pslot->sl_func_list.fl_object_create) {
switch (pMechanism->mechanism) {
case CKM_RSA_PKCS_KEY_PAIR_GEN:
func = key_gen_rsa_by_value;
break;
case CKM_DH_PKCS_KEY_PAIR_GEN:
func = key_gen_dh_by_value;
break;
case CKM_EC_KEY_PAIR_GEN:
func = key_gen_ec_by_value;
break;
default:
rv = CKR_MECHANISM_INVALID;
goto failed_exit;
}
rv = (*func)(pMechanism, pPublicKeyTemplate,
ulPublicKeyAttributeCount, pPrivateKeyTemplate,
ulPrivateKeyAttributeCount, session_p, k_mech_type,
new_pub_objp, new_pri_objp);
if (rv != CKR_OK)
goto failed_exit;
} else {
crypto_object_generate_key_pair_t obj_kp;
/* Process the public key attributes. */
rv = process_object_attributes(pPublicKeyTemplate,
ulPublicKeyAttributeCount, &obj_kp.kp_public_attributes,
&is_token_obj1);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Cannot create a token object with a READ-ONLY session. */
if (is_token_obj1 && session_p->ses_RO) {
free_object_attributes(obj_kp.kp_public_attributes,
ulPublicKeyAttributeCount);
rv = CKR_SESSION_READ_ONLY;
goto failed_exit;
}
/* Process the private key attributes. */
rv = process_object_attributes(pPrivateKeyTemplate,
ulPrivateKeyAttributeCount, &obj_kp.kp_private_attributes,
&is_token_obj2);
if (rv != CKR_OK) {
free_object_attributes(obj_kp.kp_public_attributes,
ulPublicKeyAttributeCount);
goto failed_exit;
}
/*
* The public key and the private key need to contain the same
* attribute values for CKA_TOKEN.
*/
if (is_token_obj1 != is_token_obj2) {
free_object_attributes(obj_kp.kp_public_attributes,
ulPublicKeyAttributeCount);
free_object_attributes(obj_kp.kp_private_attributes,
ulPrivateKeyAttributeCount);
rv = CKR_ATTRIBUTE_VALUE_INVALID;
goto failed_exit;
}
/* Call the CRYPTO_GENERATE_KEY_PAIR ioctl. */
obj_kp.kp_session = session_p-> k_session;
obj_kp.kp_mechanism.cm_type = k_mech_type;
obj_kp.kp_mechanism.cm_param = pMechanism->pParameter;
obj_kp.kp_mechanism.cm_param_len = pMechanism->ulParameterLen;
obj_kp.kp_public_count = ulPublicKeyAttributeCount;
obj_kp.kp_private_count = ulPrivateKeyAttributeCount;
while ((r = ioctl(kernel_fd, CRYPTO_GENERATE_KEY_PAIR,
&obj_kp)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(obj_kp.kp_return_value);
}
free_object_attributes(obj_kp.kp_public_attributes,
ulPublicKeyAttributeCount);
free_object_attributes(obj_kp.kp_private_attributes,
ulPrivateKeyAttributeCount);
if (rv != CKR_OK)
goto failed_exit;
/* Get the CKA_PRIVATE value for the key pair. */
rv = get_cka_private_value(session_p, obj_kp.kp_public_handle,
&is_pri_obj1);
if (rv != CKR_OK) {
goto failed_exit;
}
rv = get_cka_private_value(session_p, obj_kp.kp_private_handle,
&is_pri_obj2);
if (rv != CKR_OK) {
goto failed_exit;
}
/*
* Store the kernel public key handle into the public key
* object and finish the public key object initialization.
*/
new_pub_objp->is_lib_obj = B_FALSE;
new_pub_objp->k_handle = obj_kp.kp_public_handle;
new_pub_objp->session_handle = (CK_SESSION_HANDLE)session_p;
new_pub_objp->extra_attrlistp = NULL;
if (is_pri_obj1)
new_pub_objp->bool_attr_mask |= PRIVATE_BOOL_ON;
else
new_pub_objp->bool_attr_mask &= ~PRIVATE_BOOL_ON;
if (is_token_obj1)
new_pub_objp->bool_attr_mask |= TOKEN_BOOL_ON;
else
new_pub_objp->bool_attr_mask &= ~TOKEN_BOOL_ON;
(void) pthread_mutex_init(&new_pub_objp->object_mutex, NULL);
new_pub_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
/*
* Store the kernel private key handle into the private key
* object and finish the private key object initialization.
*/
new_pri_objp->is_lib_obj = B_FALSE;
new_pri_objp->k_handle = obj_kp.kp_private_handle;
new_pri_objp->session_handle = (CK_SESSION_HANDLE)session_p;
new_pri_objp->extra_attrlistp = NULL;
if (is_pri_obj2)
new_pri_objp->bool_attr_mask |= PRIVATE_BOOL_ON;
else
new_pri_objp->bool_attr_mask &= ~PRIVATE_BOOL_ON;
if (is_token_obj2)
new_pri_objp->bool_attr_mask |= TOKEN_BOOL_ON;
else
new_pri_objp->bool_attr_mask &= ~TOKEN_BOOL_ON;
}
(void) pthread_mutex_init(&new_pri_objp->object_mutex, NULL);
new_pri_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
/*
* Add the new pub/pri objects to the slot's token list if they are
* token objects. Otherwise, add them to the session's object list.
*/
if (is_token_obj1) { /* is_token_obj1 == is_token_obj2 */
pslot = slot_table[session_p->ses_slotid];
kernel_add_token_object_to_slot(new_pub_objp, pslot);
kernel_add_token_object_to_slot(new_pri_objp, pslot);
} else {
kernel_add_object_to_session(new_pub_objp, session_p);
kernel_add_object_to_session(new_pri_objp, session_p);
}
*phPublicKey = (CK_OBJECT_HANDLE)new_pub_objp;
*phPrivateKey = (CK_OBJECT_HANDLE)new_pri_objp;
REFRELE(session_p, ses_lock_held);
return (rv);
failed_exit:
if (new_pub_objp != NULL) {
(void) free(new_pub_objp);
}
if (new_pri_objp != NULL) {
(void) free(new_pri_objp);
}
REFRELE(session_p, ses_lock_held);
return (rv);
}
CK_RV
C_WrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen)
{
CK_RV rv = CKR_OK;
kernel_session_t *session_p;
boolean_t ses_lock_held = B_FALSE;
kernel_object_t *wrappingkey_p;
kernel_object_t *key_p;
crypto_mech_type_t k_mech_type;
crypto_object_wrap_key_t obj_wrapkey;
int r;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
if (pulWrappedKeyLen == NULL || pMechanism == NULL) {
return (CKR_ARGUMENTS_BAD);
}
/*
* Obtain the session pointer. Also, increment the session
* reference count.
*/
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
/* Get the kernel's internal mechanism number. */
rv = kernel_mech(pMechanism->mechanism, &k_mech_type);
if (rv != CKR_OK) {
REFRELE(session_p, ses_lock_held);
return (rv);
}
/* Obtain the wrapping key object pointer. */
HANDLE2OBJECT(hWrappingKey, wrappingkey_p, rv);
if (rv != CKR_OK) {
REFRELE(session_p, ses_lock_held);
return (rv);
}
/* Obtain the to_be_wrapped key object pointer. */
HANDLE2OBJECT(hKey, key_p, rv);
if (rv != CKR_OK) {
OBJ_REFRELE(wrappingkey_p);
REFRELE(session_p, ses_lock_held);
return (rv);
}
/* Make the CRYPTO_OBJECT_WRAP_KEY ioctl call. */
obj_wrapkey.wk_session = session_p->k_session;
obj_wrapkey.wk_mechanism.cm_type = k_mech_type;
obj_wrapkey.wk_mechanism.cm_param = pMechanism->pParameter;
obj_wrapkey.wk_mechanism.cm_param_len = pMechanism->ulParameterLen;
obj_wrapkey.wk_wrapping_key.ck_format = CRYPTO_KEY_REFERENCE;
obj_wrapkey.wk_wrapping_key.ck_obj_id = wrappingkey_p->k_handle;
obj_wrapkey.wk_object_handle = key_p->k_handle;
obj_wrapkey.wk_wrapped_key_len = *pulWrappedKeyLen;
obj_wrapkey.wk_wrapped_key = (char *)pWrappedKey;
while ((r = ioctl(kernel_fd, CRYPTO_WRAP_KEY, &obj_wrapkey)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(obj_wrapkey.wk_return_value);
}
/*
* Besides rv == CKR_OK, we will set the value of pulWrappedKeyLen
* when the applciation-supplied wrapped key buffer is too small.
* The situation that the application only asks for the length of
* the wrapped key is covered in rv == CKR_OK.
*/
if (rv == CKR_OK || rv == CKR_BUFFER_TOO_SMALL) {
*pulWrappedKeyLen = obj_wrapkey.wk_wrapped_key_len;
}
OBJ_REFRELE(key_p);
OBJ_REFRELE(wrappingkey_p);
REFRELE(session_p, ses_lock_held);
return (rv);
}
CK_RV
C_UnwrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey,
CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey)
{
CK_RV rv = CKR_OK;
kernel_session_t *session_p;
kernel_object_t *unwrappingkey_p;
kernel_object_t *new_objp = NULL;
kernel_slot_t *pslot;
boolean_t ses_lock_held = B_FALSE;
CK_BBOOL is_pri_obj;
CK_BBOOL is_token_obj = FALSE;
CK_MECHANISM_INFO info;
uint32_t k_mi_flags;
CK_BYTE *clear_key_val = NULL;
CK_ULONG ulDataLen;
CK_ATTRIBUTE_PTR newTemplate = NULL;
crypto_mech_type_t k_mech_type;
crypto_object_unwrap_key_t obj_unwrapkey;
int r;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
if (pMechanism == NULL || pWrappedKey == NULL || phKey == NULL) {
return (CKR_ARGUMENTS_BAD);
}
if ((pTemplate == NULL) && (ulAttributeCount != 0)) {
return (CKR_ARGUMENTS_BAD);
}
/* Obtain the session pointer. */
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
/* Obtain the wrapping key object pointer. */
HANDLE2OBJECT(hUnwrappingKey, unwrappingkey_p, rv);
if (rv != CKR_OK) {
REFRELE(session_p, ses_lock_held);
return (rv);
}
/*
* If the HW provider doesn't support C_UnwrapKey, we will try
* to emulate it in the library.
*/
pslot = slot_table[session_p->ses_slotid];
if ((!pslot->sl_func_list.fl_object_create) &&
(!pslot->sl_func_list.fl_key_unwrap)) {
rv = get_mechanism_info(pslot, pMechanism->mechanism, &info,
&k_mi_flags);
if (rv != CKR_OK) {
goto failed_exit;
}
/*
* If the mechanism flag doesn't have CKF_UNWRAP, and it's
* an unwrapping of a secret key object, then help this
* out with a decryption followed by an object creation.
*/
if (!(k_mi_flags & CRYPTO_FG_UNWRAP) &&
(k_mi_flags & CRYPTO_FG_DECRYPT) &&
(is_secret_key_template(pTemplate, ulAttributeCount))) {
/* First allocate space for the recovered key value */
clear_key_val = malloc(ulWrappedKeyLen);
if (clear_key_val == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
rv = kernel_decrypt_init(session_p, unwrappingkey_p,
pMechanism);
if (rv != CKR_OK) {
goto failed_exit;
}
ulDataLen = ulWrappedKeyLen;
rv = kernel_decrypt(session_p, pWrappedKey,
ulWrappedKeyLen, clear_key_val, &ulDataLen);
if (rv != CKR_OK) {
goto failed_exit;
}
newTemplate = grow_template(pTemplate, ulAttributeCount,
ulAttributeCount + 1);
if (newTemplate == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
/* Now add the CKA_VALUE attribute to template */
newTemplate[ulAttributeCount].type = CKA_VALUE;
newTemplate[ulAttributeCount].pValue = clear_key_val;
newTemplate[ulAttributeCount].ulValueLen = ulDataLen;
/* Finally create the key, based on the new template */
rv = kernel_add_object(newTemplate,
ulAttributeCount + 1, phKey, session_p);
(void) free(clear_key_val);
(void) free(newTemplate);
OBJ_REFRELE(unwrappingkey_p);
REFRELE(session_p, ses_lock_held);
return (rv);
} else {
rv = CKR_FUNCTION_FAILED;
goto failed_exit;
}
}
/*
* If we come here, the HW provider must have registered the unwrapkey
* entry. Therefore, the unwrap key will be performed in the HW
* provider.
*/
rv = kernel_mech(pMechanism->mechanism, &k_mech_type);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Create an object wrapper for the new key in the library first */
new_objp = calloc(1, sizeof (kernel_object_t));
if (new_objp == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
/* Process the attributes */
rv = process_object_attributes(pTemplate, ulAttributeCount,
&obj_unwrapkey.uk_attributes, &is_token_obj);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Cannot create a token object with a READ-ONLY session. */
if (is_token_obj && session_p->ses_RO) {
free_object_attributes(obj_unwrapkey.uk_attributes,
ulAttributeCount);
rv = CKR_SESSION_READ_ONLY;
goto failed_exit;
}
/* Make the CRYPTO_UNWRAP_KEY ioctl call. */
obj_unwrapkey.uk_session = session_p->k_session;
obj_unwrapkey.uk_mechanism.cm_type = k_mech_type;
obj_unwrapkey.uk_mechanism.cm_param = pMechanism->pParameter;
obj_unwrapkey.uk_mechanism.cm_param_len = pMechanism->ulParameterLen;
obj_unwrapkey.uk_unwrapping_key.ck_format = CRYPTO_KEY_REFERENCE;
obj_unwrapkey.uk_unwrapping_key.ck_obj_id = unwrappingkey_p->k_handle;
obj_unwrapkey.uk_wrapped_key = (char *)pWrappedKey;
obj_unwrapkey.uk_wrapped_key_len = ulWrappedKeyLen;
obj_unwrapkey.uk_count = ulAttributeCount;
while ((r = ioctl(kernel_fd, CRYPTO_UNWRAP_KEY, &obj_unwrapkey)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(obj_unwrapkey.uk_return_value);
}
free_object_attributes(obj_unwrapkey.uk_attributes, ulAttributeCount);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Get the CKA_PRIVATE value for the unwrapped key. */
rv = get_cka_private_value(session_p, obj_unwrapkey.uk_object_handle,
&is_pri_obj);
if (rv != CKR_OK) {
goto failed_exit;
}
/*
* Store the kernel object handle in the new key object wrapper and
* initialize it.
*/
new_objp->k_handle = obj_unwrapkey.uk_object_handle;
new_objp->is_lib_obj = B_FALSE;
new_objp->session_handle = (CK_SESSION_HANDLE)session_p;
new_objp->extra_attrlistp = NULL;
if (is_pri_obj)
new_objp->bool_attr_mask |= PRIVATE_BOOL_ON;
else
new_objp->bool_attr_mask &= ~PRIVATE_BOOL_ON;
if (is_token_obj)
new_objp->bool_attr_mask |= TOKEN_BOOL_ON;
else
new_objp->bool_attr_mask &= ~TOKEN_BOOL_ON;
(void) pthread_mutex_init(&new_objp->object_mutex, NULL);
new_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
/*
* Add the new object to the slot's token object list if it is a
* a token object. Otherwise, add it to the session's object list.
*/
if (is_token_obj) {
pslot = slot_table[session_p->ses_slotid];
kernel_add_token_object_to_slot(new_objp, pslot);
} else {
kernel_add_object_to_session(new_objp, session_p);
}
*phKey = (CK_OBJECT_HANDLE)new_objp;
OBJ_REFRELE(unwrappingkey_p);
REFRELE(session_p, ses_lock_held);
return (rv);
failed_exit:
OBJ_REFRELE(unwrappingkey_p);
if (new_objp != NULL)
(void) free(new_objp);
if (clear_key_val != NULL)
(void) free(clear_key_val);
if (newTemplate != NULL)
(void) free(newTemplate);
REFRELE(session_p, ses_lock_held);
return (rv);
}
/*
* Get sufficient attributes from a base key to pass by value in a
* crypto_key structure. Storage for attributes is allocated.
* For EC public keys, it is CKA_EC_PARAMS and CKA_EC_POINT.
* For EC private keys, it is CKA_EC_PARAMS and CKA_VALUE.
*/
static int
get_base_key_attributes(kernel_object_t *base_key, crypto_key_t *key_by_value)
{
CK_ATTRIBUTE tmp;
crypto_object_attribute_t *attrs = NULL;
biginteger_t *big;
int i, count = 0, rv;
switch (base_key->key_type) {
case CKK_EC:
count = 2;
attrs = malloc(count * sizeof (crypto_object_attribute_t));
if (attrs == NULL) {
rv = CKR_HOST_MEMORY;
goto out;
}
bzero(attrs, count * sizeof (crypto_object_attribute_t));
(void) pthread_mutex_lock(&base_key->object_mutex);
if (!base_key->is_lib_obj) {
rv = CRYPTO_ARGUMENTS_BAD;
goto out;
}
if (base_key->class != CKO_PUBLIC_KEY &&
base_key->class != CKO_PRIVATE_KEY) {
rv = CRYPTO_ARGUMENTS_BAD;
goto out;
}
/*
* Both public and private EC keys should have
* a CKA_EC_PARAMS attribute.
*/
tmp.type = CKA_EC_PARAMS;
tmp.pValue = NULL;
/* get size of attribute */
rv = kernel_get_attribute(base_key, &tmp);
if (rv != CKR_OK) {
goto out;
}
tmp.pValue = malloc(tmp.ulValueLen);
if (tmp.pValue == NULL) {
rv = CKR_HOST_MEMORY;
goto out;
}
rv = kernel_get_attribute(base_key, &tmp);
if (rv != CKR_OK) {
free(tmp.pValue);
goto out;
}
attrs[0].oa_type = tmp.type;
attrs[0].oa_value = tmp.pValue;
attrs[0].oa_value_len = tmp.ulValueLen;
switch (base_key->class) {
case CKO_PUBLIC_KEY:
big = OBJ_PUB_EC_POINT(base_key);
tmp.type = CKA_EC_POINT;
break;
case CKO_PRIVATE_KEY:
big = OBJ_PRI_EC_VALUE(base_key);
tmp.type = CKA_VALUE;
break;
default:
rv = CKR_ATTRIBUTE_TYPE_INVALID;
goto out;
}
tmp.ulValueLen = big->big_value_len;
tmp.pValue = malloc(tmp.ulValueLen);
if (tmp.pValue == NULL) {
rv = CKR_HOST_MEMORY;
goto out;
}
rv = kernel_get_attribute(base_key, &tmp);
if (rv != CKR_OK) {
free(tmp.pValue);
goto out;
}
attrs[1].oa_type = tmp.type;
attrs[1].oa_value = tmp.pValue;
attrs[1].oa_value_len = tmp.ulValueLen;
key_by_value->ck_attrs = attrs;
key_by_value->ck_count = 2;
break;
case CKK_DH:
count = 3;
attrs = malloc(count * sizeof (crypto_object_attribute_t));
if (attrs == NULL) {
rv = CKR_HOST_MEMORY;
goto out;
}
bzero(attrs, count * sizeof (crypto_object_attribute_t));
(void) pthread_mutex_lock(&base_key->object_mutex);
if (!base_key->is_lib_obj) {
rv = CRYPTO_ARGUMENTS_BAD;
goto out;
}
if (base_key->class != CKO_PRIVATE_KEY) {
rv = CRYPTO_ARGUMENTS_BAD;
goto out;
}
tmp.type = CKA_BASE;
tmp.pValue = NULL;
/* get size of attribute */
rv = kernel_get_attribute(base_key, &tmp);
if (rv != CKR_OK) {
goto out;
}
tmp.pValue = malloc(tmp.ulValueLen);
if (tmp.pValue == NULL) {
rv = CKR_HOST_MEMORY;
goto out;
}
rv = kernel_get_attribute(base_key, &tmp);
if (rv != CKR_OK) {
free(tmp.pValue);
goto out;
}
attrs[0].oa_type = tmp.type;
attrs[0].oa_value = tmp.pValue;
attrs[0].oa_value_len = tmp.ulValueLen;
tmp.type = CKA_PRIME;
tmp.pValue = NULL;
/* get size of attribute */
rv = kernel_get_attribute(base_key, &tmp);
if (rv != CKR_OK) {
goto out;
}
tmp.pValue = malloc(tmp.ulValueLen);
if (tmp.pValue == NULL) {
rv = CKR_HOST_MEMORY;
goto out;
}
rv = kernel_get_attribute(base_key, &tmp);
if (rv != CKR_OK) {
free(tmp.pValue);
goto out;
}
attrs[1].oa_type = tmp.type;
attrs[1].oa_value = tmp.pValue;
attrs[1].oa_value_len = tmp.ulValueLen;
big = OBJ_PRI_DH_VALUE(base_key);
tmp.type = CKA_VALUE;
tmp.ulValueLen = big->big_value_len;
tmp.pValue = malloc(tmp.ulValueLen);
if (tmp.pValue == NULL) {
rv = CKR_HOST_MEMORY;
goto out;
}
rv = kernel_get_attribute(base_key, &tmp);
if (rv != CKR_OK) {
free(tmp.pValue);
goto out;
}
attrs[2].oa_type = tmp.type;
attrs[2].oa_value = tmp.pValue;
attrs[2].oa_value_len = tmp.ulValueLen;
key_by_value->ck_attrs = attrs;
key_by_value->ck_count = 3;
break;
default:
rv = CKR_ATTRIBUTE_TYPE_INVALID;
goto out;
}
(void) pthread_mutex_unlock(&base_key->object_mutex);
return (CKR_OK);
out:
(void) pthread_mutex_unlock(&base_key->object_mutex);
if (attrs != NULL) {
for (i = 0; i < count; i++) {
if (attrs[i].oa_value != NULL)
free(attrs[i].oa_value);
}
free(attrs);
}
return (rv);
}
CK_RV
derive_key_by_value(CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount, kernel_session_t *session_p,
crypto_mech_type_t k_mech_type, kernel_object_t *basekey_p,
kernel_object_t *new_objp)
{
crypto_nostore_derive_key_t obj_ndk;
char *key_buf = NULL;
CK_ATTRIBUTE_PTR newTemplate = NULL;
CK_BBOOL is_token_obj = FALSE;
CK_RV rv = CKR_OK;
CK_ULONG secret_class = CKO_SECRET_KEY;
ulong_t key_len = 0;
uint_t attr_count = 0;
boolean_t removed;
boolean_t has_class;
int r, n;
obj_ndk.ndk_in_count = 0;
obj_ndk.ndk_out_count = 0;
obj_ndk.ndk_base_key.ck_count = 0;
rv = get_key_len_from_template(pMechanism, pTemplate, ulAttributeCount,
basekey_p, &key_len);
if (rv != CKR_OK) {
goto failed_exit;
}
if ((key_buf = malloc(key_len)) == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
has_class = attribute_in_template(CKA_CLASS, pTemplate,
ulAttributeCount);
attr_count = ulAttributeCount + 1;
if (!has_class)
attr_count++;
newTemplate = grow_template(pTemplate, ulAttributeCount, attr_count);
if (newTemplate == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
n = ulAttributeCount;
if (!has_class) {
newTemplate[n].type = CKA_CLASS;
newTemplate[n].pValue = (caddr_t)&secret_class;
newTemplate[n].ulValueLen = sizeof (secret_class);
n++;
}
/* Add CKA_VALUE to the template */
newTemplate[n].type = CKA_VALUE;
newTemplate[n].pValue = (caddr_t)key_buf;
newTemplate[n].ulValueLen = key_len;
rv = process_object_attributes(newTemplate, attr_count - 1,
&obj_ndk.ndk_in_attributes, &is_token_obj);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_ndk.ndk_in_count = attr_count - 1;
rv = process_object_attributes(&newTemplate[attr_count - 1],
1, &obj_ndk.ndk_out_attributes, &is_token_obj);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_ndk.ndk_out_count = 1;
/* Cannot create a token object with a READ-ONLY session. */
if (is_token_obj && session_p->ses_RO) {
rv = CKR_SESSION_READ_ONLY;
goto failed_exit;
}
obj_ndk.ndk_session = session_p->k_session;
obj_ndk.ndk_mechanism.cm_type = k_mech_type;
obj_ndk.ndk_mechanism.cm_param = pMechanism->pParameter;
obj_ndk.ndk_mechanism.cm_param_len = pMechanism->ulParameterLen;
/*
* Obtain the attributes of base key and pass them by value.
*/
rv = get_base_key_attributes(basekey_p, &obj_ndk.ndk_base_key);
if (rv != CKR_OK) {
goto failed_exit;
}
obj_ndk.ndk_base_key.ck_format = CRYPTO_KEY_ATTR_LIST;
while ((r = ioctl(kernel_fd, CRYPTO_NOSTORE_DERIVE_KEY,
&obj_ndk)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(obj_ndk.ndk_return_value);
}
free_attributes(obj_ndk.ndk_in_attributes, &obj_ndk.ndk_in_count);
free_attributes((caddr_t)obj_ndk.ndk_base_key.ck_attrs,
&obj_ndk.ndk_base_key.ck_count);
if (rv != CKR_OK) {
goto failed_exit;
}
rv = get_object_attributes(&newTemplate[attr_count - 1],
1, obj_ndk.ndk_out_attributes);
free_attributes(obj_ndk.ndk_out_attributes, &obj_ndk.ndk_out_count);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
removed = remove_one_attribute(newTemplate, CKA_VALUE_LEN,
attr_count, B_FALSE);
rv = kernel_build_object(newTemplate, removed ? attr_count - 1 :
attr_count, new_objp, session_p, KERNEL_GEN_KEY);
if (rv != CRYPTO_SUCCESS) {
goto failed_exit;
}
free(key_buf);
free(newTemplate);
new_objp->is_lib_obj = B_TRUE;
new_objp->session_handle = (CK_SESSION_HANDLE)session_p;
return (CKR_OK);
failed_exit:
if (key_buf != NULL)
free(key_buf);
if (newTemplate != NULL)
free(newTemplate);
free_attributes(obj_ndk.ndk_in_attributes, &obj_ndk.ndk_in_count);
free_attributes(obj_ndk.ndk_out_attributes, &obj_ndk.ndk_out_count);
free_attributes((caddr_t)obj_ndk.ndk_base_key.ck_attrs,
&obj_ndk.ndk_base_key.ck_count);
return (rv);
}
CK_RV
C_DeriveKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey)
{
CK_RV rv = CKR_OK;
kernel_session_t *session_p;
kernel_object_t *basekey_p;
kernel_object_t *new_objp;
kernel_slot_t *pslot;
boolean_t ses_lock_held = B_FALSE;
CK_BBOOL is_pri_obj;
CK_BBOOL is_token_obj = FALSE;
crypto_mech_type_t k_mech_type;
int r;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
/* Obtain the session pointer. */
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
if (pMechanism == NULL) {
REFRELE(session_p, ses_lock_held);
return (CKR_ARGUMENTS_BAD);
}
if ((pTemplate == NULL && ulAttributeCount != 0) ||
(pTemplate != NULL && ulAttributeCount == 0)) {
REFRELE(session_p, ses_lock_held);
return (CKR_ARGUMENTS_BAD);
}
/* Obtain the base key object pointer. */
HANDLE2OBJECT(hBaseKey, basekey_p, rv);
if (rv != CKR_OK) {
REFRELE(session_p, ses_lock_held);
return (rv);
}
/* Get the kernel's internal mechanism number. */
rv = kernel_mech(pMechanism->mechanism, &k_mech_type);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Create an object wrapper in the library for the generated key. */
new_objp = calloc(1, sizeof (kernel_object_t));
if (new_objp == NULL) {
rv = CKR_HOST_MEMORY;
goto failed_exit;
}
/*
* Special Case: if token does not support object creation,
* but does support key derivation by value, then create a session
* object and initialize with values returned by token.
*/
pslot = slot_table[session_p->ses_slotid];
if (!pslot->sl_func_list.fl_object_create) {
rv = derive_key_by_value(pMechanism, pTemplate,
ulAttributeCount, session_p, k_mech_type, basekey_p,
new_objp);
if (rv != CKR_OK)
goto failed_exit;
} else {
crypto_derive_key_t obj_dk;
rv = process_object_attributes(pTemplate, ulAttributeCount,
&obj_dk.dk_attributes, &is_token_obj);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Cannot create a token object with a READ-ONLY session. */
if (is_token_obj && session_p->ses_RO) {
free_object_attributes(obj_dk.dk_attributes,
ulAttributeCount);
rv = CKR_SESSION_READ_ONLY;
goto failed_exit;
}
obj_dk.dk_session = session_p->k_session;
obj_dk.dk_mechanism.cm_type = k_mech_type;
obj_dk.dk_mechanism.cm_param = pMechanism->pParameter;
obj_dk.dk_mechanism.cm_param_len = pMechanism->ulParameterLen;
obj_dk.dk_base_key.ck_format = CRYPTO_KEY_REFERENCE;
obj_dk.dk_base_key.ck_obj_id = basekey_p->k_handle;
obj_dk.dk_count = ulAttributeCount;
while ((r = ioctl(kernel_fd, CRYPTO_DERIVE_KEY, &obj_dk)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(obj_dk.dk_return_value);
}
free_object_attributes(obj_dk.dk_attributes, ulAttributeCount);
if (rv != CKR_OK) {
goto failed_exit;
}
/* Get the CKA_PRIVATE value for the derived key. */
rv = get_cka_private_value(session_p, obj_dk.dk_object_handle,
&is_pri_obj);
if (rv != CKR_OK) {
goto failed_exit;
}
/*
* Store the kernel object handle into the new derived key
* object and finish the object initialization.
*/
new_objp->is_lib_obj = B_FALSE;
new_objp->k_handle = obj_dk.dk_object_handle;
new_objp->session_handle = (CK_SESSION_HANDLE)session_p;
new_objp->extra_attrlistp = NULL;
if (is_pri_obj)
new_objp->bool_attr_mask |= PRIVATE_BOOL_ON;
else
new_objp->bool_attr_mask &= ~PRIVATE_BOOL_ON;
if (is_token_obj)
new_objp->bool_attr_mask |= TOKEN_BOOL_ON;
else
new_objp->bool_attr_mask &= ~TOKEN_BOOL_ON;
}
(void) pthread_mutex_init(&new_objp->object_mutex, NULL);
new_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC;
/*
* Add the new derived object to the slot's token list if it is a
* token object. Otherwise, add it to the session's object list.
*/
if (is_token_obj) {
pslot = slot_table[session_p->ses_slotid];
kernel_add_token_object_to_slot(new_objp, pslot);
} else {
kernel_add_object_to_session(new_objp, session_p);
}
*phKey = (CK_OBJECT_HANDLE)new_objp;
OBJ_REFRELE(basekey_p);
REFRELE(session_p, ses_lock_held);
return (rv);
failed_exit:
OBJ_REFRELE(basekey_p);
if (new_objp != NULL) {
(void) free(new_objp);
}
REFRELE(session_p, ses_lock_held);
return (rv);
}