key_mgr.c revision 47e946e784719ae402ace34695f67b0e6e76ae5c
/*
* The Initial Developer of the Original Code is International
* Business Machines Corporation. Portions created by IBM
* Corporation are Copyright (C) 2005 International Business
* Machines Corporation. All Rights Reserved.
*
* it under the terms of the Common Public License as published by
* IBM Corporation; either version 1 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* Common Public License for more details.
*
* You should have received a copy of the Common Public License
* along with this program; if not, a copy can be viewed at
*/
/* (C) COPYRIGHT International Business Machines Corp. 2001, 2002, 2005 */
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include "tpmtok_int.h"
static CK_RV
{
return (rc);
}
if (alg_len >= ber_rsaEncryptionLen) {
ber_rsaEncryptionLen) == 0) {
return (CKR_OK);
}
}
return (CKR_TEMPLATE_INCOMPLETE);
}
CK_MECHANISM * mech,
{
return (CKR_FUNCTION_FAILED);
}
if (! publ_tmpl && (publ_count != 0)) {
return (CKR_FUNCTION_FAILED);
}
if (! priv_tmpl && (priv_count != 0)) {
return (CKR_FUNCTION_FAILED);
}
for (i = 0; i < publ_count; i++) {
if (keyclass != CKO_PUBLIC_KEY) {
return (CKR_TEMPLATE_INCONSISTENT);
}
}
}
for (i = 0; i < priv_count; i++) {
if (keyclass != CKO_PRIVATE_KEY) {
return (CKR_TEMPLATE_INCONSISTENT);
}
}
return (CKR_TEMPLATE_INCONSISTENT);
}
}
}
return (CKR_TEMPLATE_INCONSISTENT);
}
break;
default:
return (CKR_MECHANISM_INVALID);
}
goto error;
}
goto error;
}
break;
default:
break;
}
goto error;
}
/*
* we can now set CKA_ALWAYS_SENSITIVE and CKA_NEVER_EXTRACTABLE
* to their appropriate values. this only applies to CKO_SECRET_KEY
* and CKO_PRIVATE_KEY objects
*/
CKA_SENSITIVE, &attr);
goto error;
}
new_attr);
} else {
goto error;
}
CKA_EXTRACTABLE, &attr);
goto error;
}
new_attr);
} else {
goto error;
}
goto error;
}
publ_key_obj = NULL;
goto error;
}
return (rc);
if (publ_key_obj)
(void) object_free(publ_key_obj);
if (priv_key_obj)
(void) object_free(priv_key_obj);
*publ_key_handle = 0;
*priv_key_handle = 0;
return (rc);
}
CK_MECHANISM * mech,
CK_ULONG * wrapped_key_len) {
if (! sess || ! wrapped_key_len) {
return (CKR_FUNCTION_FAILED);
}
return (CKR_WRAPPING_KEY_HANDLE_INVALID);
}
return (CKR_KEY_HANDLE_INVALID);
}
CKA_EXTRACTABLE, &attr);
return (CKR_KEY_NOT_WRAPPABLE);
} else {
return (CKR_KEY_NOT_WRAPPABLE);
}
}
return (CKR_KEY_NOT_WRAPPABLE);
} else
case CKM_RSA_PKCS:
if (class != CKO_SECRET_KEY) {
return (CKR_KEY_NOT_WRAPPABLE);
}
break;
default:
return (CKR_KEY_NOT_WRAPPABLE);
}
CKA_KEY_TYPE, &attr);
return (CKR_KEY_NOT_WRAPPABLE);
else
switch (keytype) {
case CKK_RSA:
return (rc);
}
break;
case CKK_GENERIC_SECRET:
return (rc);
}
break;
default:
return (CKR_KEY_NOT_WRAPPABLE);
}
case CKM_RSA_PKCS:
break;
default:
return (CKR_KEY_NOT_WRAPPABLE);
}
if (! ctx) {
return (CKR_HOST_MEMORY);
}
return (rc);
}
}
(void) encr_mgr_cleanup(ctx);
return (rc);
}
CK_MECHANISM * mech,
{
CK_ULONG i;
return (CKR_FUNCTION_FAILED);
}
&key_obj);
return (CKR_WRAPPING_KEY_HANDLE_INVALID);
}
found_class = FALSE;
found_type = FALSE;
case CKM_RSA_PKCS:
found_class = TRUE;
break;
}
for (i = 0; i < attrib_count; i++) {
switch (attributes[i].type) {
case CKA_CLASS:
found_class = TRUE;
break;
case CKA_KEY_TYPE:
found_type = TRUE;
break;
}
}
CKO_PRIVATE_KEY)) {
return (CKR_TEMPLATE_INCOMPLETE);
}
case CKM_RSA_PKCS:
if (keyclass != CKO_SECRET_KEY) {
return (CKR_TEMPLATE_INCONSISTENT);
}
break;
default:
return (CKR_MECHANISM_INVALID);
}
if (! ctx) {
return (CKR_HOST_MEMORY);
}
return (rc);
goto error;
}
if (! data) {
goto error;
}
(void) decr_mgr_cleanup(ctx);
goto error;
}
/*
* if we use X.509, the data will be padded from the front with zeros.
* PKCS #11 specifies that for this mechanism, CK_VALUE is to be read
* from the end of the data.
*
* Note: the PKCS #11 reference implementation gets this wrong.
*/
else
if (keyclass == CKO_PRIVATE_KEY) {
goto error;
}
}
&key_obj);
goto error;
}
switch (keyclass) {
case CKO_SECRET_KEY:
break;
case CKO_PRIVATE_KEY:
break;
default:
break;
}
goto error;
}
goto error;
}
return (rc);
return (rc);
}