pkcs11_kms/common/kmsSlotToken.c

	kmsSlotToken.c revision 4f14b0f29aa144cc03efdde5508ae126ae197acf
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller/*
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * CDDL HEADER START
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller *
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * The contents of this file are subject to the terms of the
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * Common Development and Distribution License (the "License").
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * You may not use this file except in compliance with the License.
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller *
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * or http://www.opensolaris.org/os/licensing.
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * See the License for the specific language governing permissions
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * and limitations under the License.
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller *
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * When distributing Covered Code, include this CDDL HEADER in each
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * If applicable, add the following below this CDDL HEADER, with the
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * fields enclosed by brackets "[]" replaced with your own identifying
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * information: Portions Copyright [yyyy] [name of copyright owner]
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller *
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * CDDL HEADER END
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller */
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller/*
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller */
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller#include <stdlib.h>
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller#include <strings.h>
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller#include <security/cryptoki.h>
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller#include <cryptoutil.h>
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller#include <errno.h>
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller#include <aes_impl.h>
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller#include "kmsGlobal.h"
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller#include "kmsSlot.h"
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller#include "kmsKeystoreUtil.h"
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller/*
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * Just basic AES mechanisms (for now...)
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller */
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmillerstatic CK_MECHANISM_TYPE kms_mechanisms[] = {
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	CKM_AES_KEY_GEN,
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	CKM_AES_CBC,
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	CKM_AES_CBC_PAD
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller};
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller/*
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * KMS only supports 256 bit keys, so the range below is MAX-MAX
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller * instead of MIN-MAX.
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller */
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmillerstatic CK_MECHANISM_INFO kms_mechanism_info[] = {
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	{AES_MAX_KEY_BYTES, AES_MAX_KEY_BYTES, CKF_GENERATE},
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	{AES_MAX_KEY_BYTES, AES_MAX_KEY_BYTES, CKF_ENCRYPT|CKF_DECRYPT|
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller		CKF_WRAP|CKF_UNWRAP},		/* CKM_AES_CBC */
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	{AES_MAX_KEY_BYTES, AES_MAX_KEY_BYTES, CKF_ENCRYPT|CKF_DECRYPT|
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller		CKF_WRAP|CKF_UNWRAP}		/* CKM_AES_CBC_PAD */
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller};
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller/* ARGSUSED */
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan MmillerCK_RV
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan MmillerC_GetSlotList(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList,
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller    CK_ULONG_PTR pulCount)
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller{
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	if (!kms_initialized)
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller		return (CKR_CRYPTOKI_NOT_INITIALIZED);
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	if (pulCount == NULL) {
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller		return (CKR_ARGUMENTS_BAD);
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	}
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	/*
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	 * If KMS is not available or initialized, return 0 slots
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	 * but CKR_OK status.
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	 */
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	if (!kms_is_initialized()) {
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller		*pulCount = 0;
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller		return (CKR_OK);
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	}
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	if (pSlotList == NULL) {
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller		*pulCount = KMS_SLOTS;
b31a18cdb1b7c0bd3b3436df2992af32f0dd21a9Chad Kienle		return (CKR_OK);
b31a18cdb1b7c0bd3b3436df2992af32f0dd21a9Chad Kienle	}
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	if (*pulCount < KMS_SLOTS) {
b31a18cdb1b7c0bd3b3436df2992af32f0dd21a9Chad Kienle		*pulCount = KMS_SLOTS;
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller		return (CKR_BUFFER_TOO_SMALL);
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	}
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	*pulCount = 1;
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	pSlotList[0] = KMS_TOKEN_SLOTID;
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller
5cb9d86f97eb79f6a8a7d6231cf0354196dce286Brendan Mmiller	return (CKR_OK);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller}
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan MmillerCK_RV
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan MmillerC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller{
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	if (!kms_initialized)
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller		return (CKR_CRYPTOKI_NOT_INITIALIZED);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	if (slotID != KMS_TOKEN_SLOTID ||
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	    !kms_is_initialized()) {
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller		return (CKR_SLOT_ID_INVALID);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	}
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	if (pInfo == NULL)
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller		return (CKR_ARGUMENTS_BAD);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	/* Provide information about the slot in the provided buffer */
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	(void) strncpy((char *)pInfo->slotDescription, SLOT_DESCRIPTION,
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	    64);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	(void) strncpy((char *)pInfo->manufacturerID, MANUFACTURER_ID, 32);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	pInfo->flags = CKF_TOKEN_PRESENT;
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	pInfo->hardwareVersion.major = HARDWARE_VERSION_MAJOR;
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	pInfo->hardwareVersion.minor = HARDWARE_VERSION_MINOR;
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	pInfo->firmwareVersion.major = FIRMWARE_VERSION_MAJOR;
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	pInfo->firmwareVersion.minor = FIRMWARE_VERSION_MINOR;
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	return (CKR_OK);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller}
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan MmillerCK_RV
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan MmillerC_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller{
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	kms_cfg_info_t kmscfg;
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	KMSAGENT_PROFILE_FLAGS kmsflags = 0;
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	if (!kms_initialized)
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller		return (CKR_CRYPTOKI_NOT_INITIALIZED);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	if (slotID != KMS_TOKEN_SLOTID ||
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	    !kms_is_initialized())
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller		return (CKR_SLOT_ID_INVALID);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	if (pInfo == NULL)
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller		return (CKR_ARGUMENTS_BAD);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	/* Provide information about a token in the provided buffer */
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	(void) strncpy((char *)pInfo->label, KMS_TOKEN_LABEL, 32);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	(void) strncpy((char *)pInfo->manufacturerID, MANUFACTURER_ID, 32);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	(void) strncpy((char *)pInfo->model, KMS_TOKEN_MODEL, 16);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	(void) strncpy((char *)pInfo->serialNumber, KMS_TOKEN_SERIAL, 16);
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	pInfo->flags = KMS_TOKEN_FLAGS;
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	pInfo->ulMaxSessionCount = CK_EFFECTIVELY_INFINITE;
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller	pInfo->ulSessionCount = kms_session_cnt;
	pInfo->ulMaxRwSessionCount = CK_EFFECTIVELY_INFINITE;
	pInfo->ulRwSessionCount = kms_session_rw_cnt;
	pInfo->ulMaxPinLen = MAX_PIN_LEN;
	pInfo->ulMinPinLen = MIN_PIN_LEN;
	pInfo->ulTotalPublicMemory = CK_UNAVAILABLE_INFORMATION;
	pInfo->ulFreePublicMemory = CK_UNAVAILABLE_INFORMATION;
	pInfo->ulTotalPrivateMemory = CK_UNAVAILABLE_INFORMATION;
	pInfo->ulFreePrivateMemory = CK_UNAVAILABLE_INFORMATION;
	pInfo->hardwareVersion.major = HARDWARE_VERSION_MAJOR;
	pInfo->hardwareVersion.minor = HARDWARE_VERSION_MINOR;
	pInfo->firmwareVersion.major = FIRMWARE_VERSION_MAJOR;
	pInfo->firmwareVersion.minor = FIRMWARE_VERSION_MINOR;
	(void) memset(pInfo->utcTime, ' ', 16);

	if (KMS_GetConfigInfo(&kmscfg) == CKR_OK &&
	    KMSAgent_GetProfileStatus(kmscfg.name, &kmsflags) ==
	    KMS_AGENT_STATUS_OK) {

		if ((kmsflags & KMSAGENT_PROFILE_EXISTS_FLAG) &&
		    (kmsflags & KMSAGENT_CLIENTKEY_EXISTS_FLAG))
			pInfo->flags |= CKF_TOKEN_INITIALIZED;
		else
			pInfo->flags &= ~CKF_TOKEN_INITIALIZED;
	}
	return (CKR_OK);
}

/*ARGSUSED*/
CK_RV
C_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, CK_VOID_PTR pReserved)
{
	if (!kms_initialized)
		return (CKR_CRYPTOKI_NOT_INITIALIZED);

	return (CKR_FUNCTION_NOT_SUPPORTED);
}


CK_RV
C_GetMechanismList(CK_SLOT_ID slotID,
	CK_MECHANISM_TYPE_PTR pMechanismList,
	CK_ULONG_PTR pulCount)
{
	int i;
	ulong_t mechnum;

	/*
	 * Just check to see if the library has been
	 * properly initialized.
	 */
	if (!kms_initialized)
		return (CKR_CRYPTOKI_NOT_INITIALIZED);

	/*
	 * This is different from above check, this verifies that
	 * the KMS token is actually configured.
	 */
	if (slotID != KMS_TOKEN_SLOTID ||
	    !kms_is_initialized())
		return (CKR_SLOT_ID_INVALID);

	mechnum = sizeof (kms_mechanisms) / sizeof (CK_MECHANISM_TYPE);
	if (pMechanismList == NULL) {
		*pulCount = mechnum;
		return (CKR_OK);
	}
	if (*pulCount < mechnum) {
		*pulCount = mechnum;
		return (CKR_BUFFER_TOO_SMALL);
	}
	for (i = 0; i < mechnum; i++)
		pMechanismList[i] = kms_mechanisms[i];

	*pulCount = mechnum;

	return (CKR_OK);
}

CK_RV
C_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
    CK_MECHANISM_INFO_PTR pInfo)
{
	CK_ULONG mechnum, i;

	if (!kms_initialized)
		return (CKR_CRYPTOKI_NOT_INITIALIZED);

	if (slotID != KMS_TOKEN_SLOTID ||
	    !kms_is_initialized())
		return (CKR_SLOT_ID_INVALID);

	if (pInfo == NULL) {
		return (CKR_ARGUMENTS_BAD);
	}

	mechnum = sizeof (kms_mechanisms) / sizeof (CK_MECHANISM_TYPE);
	for (i = 0; i < mechnum; i++) {
		if (kms_mechanisms[i] == type)
			break;
	}

	if (i == mechnum)
		/* unsupported mechanism */
		return (CKR_MECHANISM_INVALID);

	pInfo->ulMinKeySize = kms_mechanism_info[i].ulMinKeySize;
	pInfo->ulMaxKeySize = kms_mechanism_info[i].ulMaxKeySize;
	pInfo->flags = kms_mechanism_info[i].flags;

	return (CKR_OK);
}

/*ARGSUSED*/
CK_RV
C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen,
    CK_UTF8CHAR_PTR pLabel)
{
	CK_RV rv = CKR_FUNCTION_FAILED;
	kms_cfg_info_t kmscfg;
	KMSAGENT_PROFILE_FLAGS kmsflags;

	if (!kms_initialized)
		return (CKR_CRYPTOKI_NOT_INITIALIZED);

	if (slotID != KMS_TOKEN_SLOTID ||
	    !kms_is_initialized())
		return (CKR_SLOT_ID_INVALID);

	if (KMS_GetConfigInfo(&kmscfg) != CKR_OK ||
	    KMSAgent_GetProfileStatus(kmscfg.name, &kmsflags) !=
	    KMS_AGENT_STATUS_OK)
		return (CKR_FUNCTION_FAILED);

	if (!(kmsflags & KMSAGENT_PROFILE_EXISTS_FLAG) ||
	    !(kmsflags & KMSAGENT_CLIENTKEY_EXISTS_FLAG)) {
		KMSClientProfile kmsProfile;
		/*
		 * Attempt to enroll and load a KMS profile.
		 * This will force the KMSAgent library to fetch
		 * the profile, the CA certificate, and the
		 * client private key and store them locally so that
		 * the KMS agent API can be used later.
		 */
		rv = KMS_LoadProfile(
		    &kmsProfile,
		    &kmscfg,
		    (const char *)pPin,
		    (size_t)ulPinLen);

		if (rv == CKR_OK)
			KMS_UnloadProfile(&kmsProfile);
	}
	return (rv);
}

/*ARGSUSED*/
CK_RV
C_InitPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen)
{
	if (!kms_initialized)
		return (CKR_CRYPTOKI_NOT_INITIALIZED);

	/*
	 * Could be supported once the agent library supports
	 * storing the client certificate in a PKCS#12 file.
	 */
	return (CKR_FUNCTION_NOT_SUPPORTED);
}

CK_RV
C_SetPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin,
    CK_ULONG ulOldLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen)
{
	CK_RV	rv = CKR_OK;
	kms_session_t *session_p;
	boolean_t ses_lock_held = B_FALSE;

	if (!kms_initialized)
		return (CKR_CRYPTOKI_NOT_INITIALIZED);

	/*
	 * Obtain the session pointer. Also, increment the session
	 * reference count.
	 */
	rv = handle2session(hSession, &session_p);
	if (rv != CKR_OK)
		return (rv);

	/* Make sure it is a RW session. */
	if (session_p->ses_RO) {
		rv = CKR_SESSION_READ_ONLY;
		REFRELE(session_p, ses_lock_held);
		return (rv);
	}

	/*
	 * If the token is not yet initialized, we cannot set the pin.
	 */
	if (!kms_is_initialized()) {
		REFRELE(session_p, ses_lock_held);
		return (CKR_FUNCTION_FAILED);
	}

	if (pOldPin == NULL || ulOldLen == 0 ||
	    pNewPin == NULL || ulNewLen == 0) {
		REFRELE(session_p, ses_lock_held);
		return (CKR_ARGUMENTS_BAD);
	}

	if (!kms_is_pin_set()) {
		/*
		 * We don't yet support this mode since
		 * the KMS private key file will automatically
		 * be generated using the KMS Agent passphrase
		 * which is initialized out-of-band.
		 */
		rv = CKR_FUNCTION_NOT_SUPPORTED;

	} else {
		/*
		 * Login to KMS by attempting to load the profile using
		 * the given password.
		 */
		rv = KMS_LoadProfile(&session_p->kmsProfile,
		    &session_p->configInfo,
		    (const char *)pOldPin,
		    (size_t)ulOldLen);
		if (rv == CKR_USER_ANOTHER_ALREADY_LOGGED_IN)
			rv = CKR_OK;

		if (rv == CKR_OK)
			rv = KMS_ChangeLocalPWD(session_p,
			    (const char *)pOldPin,
			    (const char *)pNewPin);
	}

	REFRELE(session_p, ses_lock_held);
	return (rv);
}