Print this page
9643 PKCS#11 tests should not use CRYPTO_INVALID_SESSION
Reviewed by: Robert Mustacchi <rm@joyent.com>
Reviewed by: Dan McDonald <danmcd@joyent.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/test/crypto-tests/tests/common/cryptotest_pkcs.c
+++ new/usr/src/test/crypto-tests/tests/common/cryptotest_pkcs.c
1 1 /*
2 2 * This file and its contents are supplied under the terms of the
3 3 * Common Development and Distribution License ("CDDL"), version 1.0.
|
↓ open down ↓ |
3 lines elided |
↑ open up ↑ |
4 4 * You may only use this file in accordance with the terms of version
5 5 * 1.0 of the CDDL.
6 6 *
7 7 * A full copy of the text of the CDDL should have accompanied this
8 8 * source. A copy of the CDDL is also available via the Internet at
9 9 * http://www.illumos.org/license/CDDL.
10 10 */
11 11
12 12 /*
13 13 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
14 + * Copyright 2018, Joyent, Inc.
14 15 */
15 16
16 17 #include <stdio.h>
17 18 #include <cryptoutil.h>
19 +#include <security/cryptoki.h>
18 20
19 21 #include "cryptotest.h"
20 22
21 23 struct crypto_op {
22 24 CK_BYTE_PTR in;
23 25 CK_BYTE_PTR out;
24 26 CK_BYTE_PTR key;
25 27 CK_BYTE_PTR param;
26 28
27 29 size_t inlen;
28 30 size_t outlen;
29 31 size_t keylen;
30 32 size_t paramlen;
31 33 size_t updatelen;
32 34
33 35 char *mechname;
34 36
35 37 /* internal */
36 38 CK_MECHANISM_TYPE mech;
37 39 CK_OBJECT_HANDLE keyt;
38 40 CK_SESSION_HANDLE hsession;
39 41 size_t fg;
40 42 };
41 43
42 44 static void
43 45 cryptotest_error(char *name, CK_RV rv)
44 46 {
45 47 (void) fprintf(stderr, "%s: Error = 0x%.8lX '%s'\n",
46 48 name, rv, pkcs11_strerror(rv));
47 49 }
48 50
49 51 crypto_op_t *
50 52 cryptotest_init(cryptotest_t *arg, size_t fg)
51 53 {
52 54 crypto_op_t *op = malloc(sizeof (*op));
53 55
54 56 op->in = (CK_BYTE_PTR)arg->in;
55 57 op->out = (CK_BYTE_PTR)arg->out;
56 58 op->key = (CK_BYTE_PTR)arg->key;
|
↓ open down ↓ |
29 lines elided |
↑ open up ↑ |
57 59 op->param = (CK_BYTE_PTR)arg->param;
58 60
59 61 op->inlen = arg->inlen;
60 62 op->outlen = arg->outlen;
61 63 op->keylen = arg->keylen;
62 64 op->paramlen = arg->plen;
63 65 op->updatelen = arg->updatelen;
64 66
65 67 op->mechname = arg->mechname;
66 68
67 - op->hsession = CRYPTO_INVALID_SESSION;
69 + op->hsession = CK_INVALID_HANDLE;
68 70 op->fg = fg;
69 71
70 72 if (op->out == NULL)
71 73 op->outlen = op->inlen;
72 74 return (op);
73 75 }
74 76
75 77 int
76 78 cryptotest_close_session(CK_SESSION_HANDLE hsession)
77 79 {
78 80 CK_RV rv;
79 81 rv = C_CloseSession(hsession);
|
↓ open down ↓ |
2 lines elided |
↑ open up ↑ |
80 82 if (rv != CKR_OK)
81 83 cryptotest_error("cryptotest_close_session", rv);
82 84
83 85 return (rv);
84 86 }
85 87
86 88 int
87 89 cryptotest_close(crypto_op_t *op)
88 90 {
89 91 (void) C_DestroyObject(op->hsession, op->keyt);
90 - if (op->hsession != CRYPTO_INVALID_SESSION)
92 + if (op->hsession != CK_INVALID_HANDLE)
91 93 (void) cryptotest_close_session(op->hsession);
92 94 free(op);
93 95 return (C_Finalize(NULL));
94 96 }
95 97
96 98 int
97 99 get_mech_info(crypto_op_t *op)
98 100 {
99 101 CK_RV rv;
100 102 rv = pkcs11_str2mech(op->mechname, &op->mech);
101 103 if (rv != CKR_OK) {
102 104 cryptotest_error("get_mech_info", rv);
103 105 (void) fprintf(stderr, "failed to resolve mechanism name %s\n",
104 106 op->mechname);
105 107 (void) cryptotest_close(op);
106 108 return (CTEST_NAME_RESOLVE_FAILED);
107 109 }
108 110 return (rv);
109 111 }
110 112
111 113
112 114 int
113 115 get_hsession_by_mech(crypto_op_t *op)
114 116 {
115 117 CK_RV rv;
116 118 rv = SUNW_C_GetMechSession(op->mech, &op->hsession);
117 119 if (rv != CKR_OK) {
118 120 cryptotest_error("get_hsession_by_mech", rv);
119 121 (void) fprintf(stderr,
120 122 "could not find provider for mechanism %lu\n",
121 123 op->mech);
122 124 (void) cryptotest_close(op);
123 125 return (CTEST_MECH_NO_PROVIDER);
124 126 }
125 127 return (rv);
126 128 }
127 129
128 130 /*
129 131 * SIGN_* functions
130 132 */
131 133 int
132 134 sign_init(crypto_op_t *op)
133 135 {
134 136 CK_MECHANISM mech;
135 137 CK_RV rv;
136 138
137 139 mech.mechanism = op->mech;
138 140 mech.pParameter = NULL;
139 141 mech.ulParameterLen = 0;
140 142
141 143 rv = SUNW_C_KeyToObject(op->hsession, op->mech,
142 144 op->key, op->keylen, &op->keyt);
143 145
144 146 if (rv != CKR_OK)
145 147 cryptotest_error("SUNW_C_KeyToObject", rv);
146 148
147 149 rv = C_SignInit(op->hsession, &mech, op->keyt);
148 150
149 151 if (rv != CKR_OK)
150 152 cryptotest_error("C_SignInit", rv);
151 153
152 154 return (rv);
153 155 }
154 156
155 157 int
156 158 sign_single(crypto_op_t *op)
157 159 {
158 160 CK_RV rv;
159 161
160 162 rv = C_Sign(op->hsession, op->in, op->inlen,
161 163 op->out, (CK_ULONG_PTR)&op->outlen);
162 164 if (rv != CKR_OK)
163 165 cryptotest_error("C_Sign", rv);
164 166 return (rv);
165 167 }
166 168
167 169 int
168 170 sign_update(crypto_op_t *op, int offset)
169 171 {
170 172 CK_RV rv;
171 173 rv = C_SignUpdate(op->hsession, op->in + offset, op->updatelen);
172 174 if (rv != CKR_OK)
173 175 cryptotest_error("C_SignUpdate", rv);
174 176
175 177 return (rv);
176 178 }
177 179
178 180 int
179 181 sign_final(crypto_op_t *op)
180 182 {
181 183 CK_RV rv;
182 184 rv = C_SignFinal(op->hsession, op->out, (CK_ULONG_PTR)&op->outlen);
183 185 if (rv != CKR_OK)
184 186 cryptotest_error("C_SignFinal", rv);
185 187 return (rv);
186 188 }
187 189
188 190 /*
189 191 * MAC_* functions
190 192 */
191 193 int
192 194 mac_init(crypto_op_t *op)
193 195 {
194 196 return (sign_init(op));
195 197 }
196 198
197 199 int
198 200 mac_single(crypto_op_t *op)
199 201 {
200 202 return (sign_single(op));
201 203 }
202 204
203 205 int
204 206 mac_update(crypto_op_t *op, int offset)
205 207 {
206 208 return (sign_update(op, offset));
207 209 }
208 210
209 211 int
210 212 mac_final(crypto_op_t *op)
211 213 {
212 214 return (sign_final(op));
213 215 }
214 216
215 217 /*
216 218 * VERIFY_* functions
217 219 */
218 220 int
219 221 verify_init(crypto_op_t *op)
220 222 {
221 223 CK_MECHANISM mech;
222 224 CK_RV rv;
223 225
224 226 mech.mechanism = op->mech;
225 227 mech.pParameter = NULL;
226 228 mech.ulParameterLen = 0;
227 229
228 230 rv = SUNW_C_KeyToObject(op->hsession, op->mech,
229 231 op->key, op->keylen, &op->keyt);
230 232
231 233 if (rv != CKR_OK)
232 234 cryptotest_error("SUNW_C_KeyToObject", rv);
233 235
234 236 rv = C_VerifyInit(op->hsession, &mech, op->keyt);
235 237
236 238 if (rv != CKR_OK)
237 239 cryptotest_error("C_VerifyInit", rv);
238 240
239 241 return (rv);
240 242 }
241 243
242 244 int
243 245 verify_single(crypto_op_t *op)
244 246 {
245 247 CK_RV rv;
246 248
247 249 rv = C_Verify(op->hsession, op->in, op->inlen, op->out, op->outlen);
248 250 if (rv != CKR_OK && rv != CKR_SIGNATURE_INVALID &&
249 251 rv != CKR_SIGNATURE_LEN_RANGE)
250 252 cryptotest_error("C_Verify", rv);
251 253 return (rv);
252 254 }
253 255
254 256 int
255 257 verify_update(crypto_op_t *op, int offset)
256 258 {
257 259 CK_RV rv;
258 260 rv = C_VerifyUpdate(op->hsession, op->in + offset, op->updatelen);
259 261 if (rv != CKR_OK)
260 262 cryptotest_error("C_VerifyUpdate", rv);
261 263 return (rv);
262 264 }
263 265
264 266 int
265 267 verify_final(crypto_op_t *op)
266 268 {
267 269 CK_RV rv;
268 270 rv = C_VerifyFinal(op->hsession, op->out, op->outlen);
269 271 if (rv != CKR_OK && rv != CKR_SIGNATURE_INVALID &&
270 272 rv != CKR_SIGNATURE_LEN_RANGE)
271 273 cryptotest_error("C_VerifyFinal", rv);
272 274 return (rv);
273 275 }
274 276
275 277 /*
276 278 * ENCRYPT_* functions
277 279 */
278 280 int
279 281 encrypt_init(crypto_op_t *op)
280 282 {
281 283 CK_MECHANISM mech;
282 284 CK_RV rv;
283 285
284 286 mech.mechanism = op->mech;
285 287 mech.pParameter = op->param;
286 288 mech.ulParameterLen = op->paramlen;
287 289
288 290 rv = SUNW_C_KeyToObject(op->hsession, op->mech,
289 291 op->key, op->keylen, &op->keyt);
290 292
291 293 if (rv != CKR_OK)
292 294 cryptotest_error("SUNW_C_KeyToObject", rv);
293 295
294 296 rv = C_EncryptInit(op->hsession, &mech, op->keyt);
295 297
296 298 if (rv != CKR_OK)
297 299 cryptotest_error("C_EncryptInit", rv);
298 300
299 301 return (rv);
300 302 }
301 303
302 304 int
303 305 encrypt_single(crypto_op_t *op)
304 306 {
305 307 CK_RV rv;
306 308
307 309 rv = C_Encrypt(op->hsession, op->in, op->inlen,
308 310 op->out, (CK_ULONG_PTR)&op->outlen);
309 311 if (rv != CKR_OK)
310 312 cryptotest_error("C_Encrypt", rv);
311 313 return (rv);
312 314 }
313 315
314 316 int
315 317 encrypt_update(crypto_op_t *op, int offset, size_t *encrlen)
316 318 {
317 319 CK_RV rv;
318 320 CK_ULONG outlen = op->outlen - *encrlen;
319 321 rv = C_EncryptUpdate(op->hsession, op->in + offset, op->updatelen,
320 322 op->out + *encrlen, &outlen);
321 323 if (rv != CKR_OK)
322 324 cryptotest_error("C_EncryptUpdate", rv);
323 325
324 326 *encrlen += outlen;
325 327 return (rv);
326 328 }
327 329
328 330 int
329 331 encrypt_final(crypto_op_t *op, size_t encrlen)
330 332 {
331 333 CK_RV rv;
332 334 CK_ULONG outlen = op->outlen - encrlen;
333 335 rv = C_EncryptFinal(op->hsession, op->out + encrlen, &outlen);
334 336 if (rv != CKR_OK)
335 337 cryptotest_error("C_EncryptFinal", rv);
336 338 return (rv);
337 339 }
338 340
339 341 /*
340 342 * DECRYPT_* functions
341 343 */
342 344 int
343 345 decrypt_init(crypto_op_t *op)
344 346 {
345 347 CK_MECHANISM mech;
346 348 CK_RV rv;
347 349
348 350 mech.mechanism = op->mech;
349 351 mech.pParameter = op->param;
350 352 mech.ulParameterLen = op->paramlen;
351 353
352 354 rv = SUNW_C_KeyToObject(op->hsession, op->mech,
353 355 op->key, op->keylen, &op->keyt);
354 356
355 357 if (rv != CKR_OK)
356 358 cryptotest_error("SUNW_C_KeyToObject", rv);
357 359
358 360 rv = C_DecryptInit(op->hsession, &mech, op->keyt);
359 361
360 362 if (rv != CKR_OK)
361 363 cryptotest_error("C_DecryptInit", rv);
362 364
363 365 return (rv);
364 366 }
365 367
366 368 int
367 369 decrypt_single(crypto_op_t *op)
368 370 {
369 371 CK_RV rv;
370 372
371 373 rv = C_Decrypt(op->hsession, op->in, op->inlen,
372 374 op->out, (CK_ULONG_PTR)&op->outlen);
373 375 if (rv != CKR_OK)
374 376 cryptotest_error("C_Decrypt", rv);
375 377 return (rv);
376 378 }
377 379
378 380 int
379 381 decrypt_update(crypto_op_t *op, int offset, size_t *encrlen)
380 382 {
381 383 CK_RV rv;
382 384 CK_ULONG outlen = op->outlen - *encrlen;
383 385 rv = C_DecryptUpdate(op->hsession, op->in + offset, op->updatelen,
384 386 op->out + *encrlen, &outlen);
385 387 if (rv != CKR_OK)
386 388 cryptotest_error("C_DecryptUpdate", rv);
387 389
388 390 *encrlen += outlen;
389 391 return (rv);
390 392 }
391 393
392 394 int
393 395 decrypt_final(crypto_op_t *op, size_t encrlen)
394 396 {
395 397 CK_RV rv;
396 398 CK_ULONG outlen = op->outlen - encrlen;
397 399 rv = C_DecryptFinal(op->hsession, op->out + encrlen, &outlen);
398 400 if (rv != CKR_OK)
399 401 cryptotest_error("C_DecryptFinal", rv);
400 402 return (rv);
401 403 }
|
↓ open down ↓ |
301 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX