encr_mgr.c revision 47e946e784719ae402ace34695f67b0e6e76ae5c
2N/A/*
2N/A * The Initial Developer of the Original Code is International
2N/A * Business Machines Corporation. Portions created by IBM
2N/A * Corporation are Copyright (C) 2005 International Business
2N/A * Machines Corporation. All Rights Reserved.
2N/A *
2N/A * This program is free software; you can redistribute it and/or modify
2N/A * it under the terms of the Common Public License as published by
2N/A * IBM Corporation; either version 1 of the License, or (at your option)
2N/A * any later version.
2N/A *
2N/A * This program is distributed in the hope that it will be useful,
2N/A * but WITHOUT ANY WARRANTY; without even the implied warranty of
2N/A * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
2N/A * Common Public License for more details.
2N/A *
2N/A * You should have received a copy of the Common Public License
2N/A * along with this program; if not, a copy can be viewed at
2N/A * http://www.opensource.org/licenses/cpl1.0.php.
2N/A */
2N/A
2N/A/* (C) COPYRIGHT International Business Machines Corp. 2001, 2002, 2005 */
2N/A/*
2N/A * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
2N/A * Use is subject to license terms.
2N/A */
2N/A
2N/A#include "tpmtok_int.h"
2N/A
2N/ACK_RV
2N/Aencr_mgr_init(SESSION * sess,
2N/A ENCR_DECR_CONTEXT * ctx,
2N/A CK_ULONG operation,
2N/A CK_MECHANISM * mech,
2N/A CK_OBJECT_HANDLE key_handle)
2N/A{
2N/A OBJECT * key_obj = NULL;
2N/A CK_ATTRIBUTE * attr = NULL;
2N/A CK_BYTE * ptr = NULL;
2N/A CK_KEY_TYPE keytype;
2N/A CK_BBOOL flag;
2N/A CK_RV rc;
2N/A
2N/A
2N/A if (! sess || ! ctx || ! mech) {
2N/A return (CKR_FUNCTION_FAILED);
2N/A }
2N/A if (ctx->active != FALSE) {
2N/A return (CKR_OPERATION_ACTIVE);
2N/A }
2N/A
2N/A if (operation == OP_ENCRYPT_INIT) {
2N/A rc = object_mgr_find_in_map1(sess->hContext, key_handle,
2N/A &key_obj);
2N/A if (rc != CKR_OK) {
2N/A return (CKR_KEY_HANDLE_INVALID);
2N/A }
2N/A rc = template_attribute_find(key_obj->template,
2N/A CKA_ENCRYPT, &attr);
2N/A if (rc == FALSE) {
2N/A return (CKR_KEY_FUNCTION_NOT_PERMITTED);
2N/A } else {
2N/A flag = *(CK_BBOOL *)attr->pValue;
2N/A if (flag != TRUE) {
2N/A return (CKR_KEY_FUNCTION_NOT_PERMITTED);
2N/A }
2N/A }
2N/A } else if (operation == OP_WRAP) {
2N/A rc = object_mgr_find_in_map1(sess->hContext, key_handle,
2N/A &key_obj);
2N/A if (rc != CKR_OK) {
2N/A return (CKR_WRAPPING_KEY_HANDLE_INVALID);
2N/A }
2N/A rc = template_attribute_find(key_obj->template,
2N/A CKA_WRAP, &attr);
2N/A if (rc == FALSE) {
2N/A return (CKR_KEY_NOT_WRAPPABLE);
2N/A } else {
2N/A flag = *(CK_BBOOL *)attr->pValue;
2N/A if (flag == FALSE) {
2N/A return (CKR_KEY_NOT_WRAPPABLE);
2N/A }
2N/A }
2N/A } else {
2N/A return (CKR_FUNCTION_FAILED);
2N/A }
2N/A
2N/A switch (mech->mechanism) {
2N/A case CKM_RSA_PKCS:
2N/A {
2N/A if (mech->ulParameterLen != 0) {
2N/A return (CKR_MECHANISM_PARAM_INVALID);
2N/A }
2N/A rc = template_attribute_find(key_obj->template,
2N/A CKA_KEY_TYPE, &attr);
2N/A if (rc == FALSE) {
2N/A return (CKR_KEY_TYPE_INCONSISTENT);
2N/A } else {
2N/A keytype = *(CK_KEY_TYPE *)attr->pValue;
2N/A if (keytype != CKK_RSA) {
2N/A return (CKR_KEY_TYPE_INCONSISTENT);
2N/A }
2N/A }
2N/A
2N/A ctx->context_len = 0;
2N/A ctx->context = NULL;
2N/A }
2N/A break;
2N/A default:
2N/A return (CKR_MECHANISM_INVALID);
2N/A }
2N/A
2N/A
2N/A if (mech->ulParameterLen > 0) {
2N/A ptr = (CK_BYTE *)malloc(mech->ulParameterLen);
2N/A if (! ptr) {
2N/A return (CKR_HOST_MEMORY);
2N/A }
2N/A (void) memcpy(ptr, mech->pParameter, mech->ulParameterLen);
2N/A }
2N/A
2N/A ctx->key = key_handle;
2N/A ctx->mech.ulParameterLen = mech->ulParameterLen;
2N/A ctx->mech.mechanism = mech->mechanism;
2N/A ctx->mech.pParameter = ptr;
2N/A ctx->multi = FALSE;
2N/A ctx->active = TRUE;
2N/A
2N/A return (CKR_OK);
2N/A}
2N/A
2N/ACK_RV
2N/Aencr_mgr_cleanup(ENCR_DECR_CONTEXT *ctx)
2N/A{
2N/A if (! ctx) {
2N/A return (CKR_FUNCTION_FAILED);
2N/A }
2N/A ctx->key = 0;
2N/A ctx->mech.ulParameterLen = 0;
2N/A ctx->mech.mechanism = 0;
2N/A ctx->multi = FALSE;
2N/A ctx->active = FALSE;
2N/A ctx->context_len = 0;
2N/A
2N/A if (ctx->mech.pParameter) {
2N/A free(ctx->mech.pParameter);
2N/A ctx->mech.pParameter = NULL;
2N/A }
2N/A
2N/A if (ctx->context) {
2N/A free(ctx->context);
2N/A ctx->context = NULL;
2N/A }
2N/A
2N/A return (CKR_OK);
2N/A}
2N/A
2N/ACK_RV
2N/Aencr_mgr_encrypt(SESSION *sess,
2N/A CK_BBOOL length_only,
2N/A ENCR_DECR_CONTEXT *ctx,
2N/A CK_BYTE *in_data,
2N/A CK_ULONG in_data_len,
2N/A CK_BYTE *out_data,
2N/A CK_ULONG *out_data_len)
2N/A{
2N/A if (! sess || ! ctx) {
2N/A return (CKR_FUNCTION_FAILED);
2N/A }
2N/A if (ctx->active == FALSE) {
2N/A return (CKR_OPERATION_NOT_INITIALIZED);
2N/A }
2N/A if ((length_only == FALSE) && (! in_data || ! out_data)) {
2N/A return (CKR_FUNCTION_FAILED);
2N/A }
2N/A if (ctx->multi == TRUE) {
2N/A return (CKR_OPERATION_ACTIVE);
2N/A }
2N/A switch (ctx->mech.mechanism) {
2N/A case CKM_RSA_PKCS:
2N/A return (rsa_pkcs_encrypt(sess, length_only,
2N/A ctx, in_data, in_data_len, out_data,
2N/A out_data_len));
2N/A
2N/A default:
2N/A return (CKR_MECHANISM_INVALID);
2N/A }
2N/A}
2N/A