Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystore.c
+++ new/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystore.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
|
↓ open down ↓ |
12 lines elided |
↑ open up ↑ |
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
23 + * Copyright 2018, Joyent, Inc.
23 24 */
24 25
25 26 #include <crypt.h>
26 27 #include <cryptoutil.h>
27 28 #include <pwd.h>
28 29 #include <pthread.h>
29 30 #include <stdlib.h>
30 31 #include <string.h>
31 32 #include <strings.h>
32 33 #include <sys/types.h>
33 34 #include <sys/sysmacros.h>
34 35 #include <security/cryptoki.h>
35 36 #include "softGlobal.h"
36 37 #include "softCrypt.h"
37 38 #include "softSession.h"
38 39 #include "softObject.h"
39 40 #include "softKeys.h"
40 41 #include "softKeystore.h"
41 42 #include "softKeystoreUtil.h"
42 43 #include "softMAC.h"
43 44 #include "softOps.h"
44 45
45 46 soft_session_t token_session;
46 47
47 48 /*
48 49 * soft_gen_hashed_pin()
49 50 *
50 51 * Arguments:
51 52 *
52 53 * pPin: pointer to caller provided Pin
53 54 * result: output argument which contains the address of the
54 55 * pointer to the hashed pin
55 56 * salt: input argument (if non-NULL), or
56 57 * output argument (if NULL):
57 58 * address of pointer to the "salt" of the hashed pin
58 59 *
59 60 * Description:
60 61 *
61 62 * Generate a hashed pin using system provided crypt(3C) function.
62 63 *
63 64 * Returns:
64 65 *
65 66 * 0: no error
66 67 * -1: some error occurred while generating the hashed pin
67 68 *
68 69 */
69 70 int
70 71 soft_gen_hashed_pin(CK_UTF8CHAR_PTR pPin, char **result, char **salt)
71 72 {
72 73
73 74 uid_t uid;
74 75 struct passwd pwd, *pw;
75 76 char pwdbuf[PWD_BUFFER_SIZE];
76 77 boolean_t new_salt = B_FALSE;
77 78
78 79 /*
79 80 * We need to get the passwd entry of the application, which is required
80 81 * by the crypt_gensalt() below.
81 82 */
82 83 uid = geteuid();
83 84 if (getpwuid_r(uid, &pwd, pwdbuf, PWD_BUFFER_SIZE, &pw) != 0) {
84 85 return (-1);
85 86 }
86 87
87 88 if (*salt == NULL) {
88 89 new_salt = B_TRUE;
89 90 /*
90 91 * crypt_gensalt() will allocate memory to store the new salt.
|
↓ open down ↓ |
58 lines elided |
↑ open up ↑ |
91 92 * on return. Pass "$5" here to default to crypt_sha256 since
92 93 * SHA256 is a FIPS 140-2 certified algorithm and we shouldn't
93 94 * assume the system default is that strong.
94 95 */
95 96 if ((*salt = crypt_gensalt("$5", pw)) == NULL) {
96 97 return (-1);
97 98 }
98 99 }
99 100
100 101 if ((*result = crypt((char *)pPin, *salt)) == NULL) {
101 - if (new_salt)
102 - free(*salt);
102 + if (new_salt) {
103 + size_t saltlen = strlen(*salt) + 1;
104 +
105 + freezero(*salt, saltlen);
106 + }
103 107 return (-1);
104 108 }
105 109
106 110 return (0);
107 111 }
108 112
109 113 /*
110 114 * Authenticate user's PIN for C_Login.
111 115 */
112 116 CK_RV
113 117 soft_verify_pin(CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen)
114 118 {
115 119
116 120 char *user_cryptpin = NULL;
117 121 char *ks_cryptpin = NULL;
118 122 char *salt = NULL;
119 123 uchar_t *tmp_pin = NULL;
120 124 boolean_t pin_initialized = B_FALSE;
121 125 CK_RV rv = CKR_OK;
126 + size_t len = 0;
122 127
123 128 /*
124 129 * Check to see if keystore is initialized.
125 130 */
126 131 rv = soft_keystore_pin_initialized(&pin_initialized, &ks_cryptpin,
127 132 B_FALSE);
128 133 if (rv != CKR_OK)
129 134 return (rv);
130 135
131 136 /*
132 137 * Authenticate user's PIN for C_Login.
133 138 */
134 139 if (pin_initialized) {
135 140
136 141 if (soft_keystore_get_pin_salt(&salt) < 0) {
137 142 rv = CKR_FUNCTION_FAILED;
138 143 goto cleanup;
139 144 }
140 145
141 146 /*
142 147 * Generate the hashed value based on the user's supplied pin.
143 148 */
144 149 tmp_pin = malloc(ulPinLen + 1);
145 150 if (tmp_pin == NULL) {
146 151 rv = CKR_HOST_MEMORY;
147 152 goto cleanup;
148 153 }
149 154
150 155 (void) memcpy(tmp_pin, pPin, ulPinLen);
151 156 tmp_pin[ulPinLen] = '\0';
152 157
153 158 if (soft_gen_hashed_pin(tmp_pin, &user_cryptpin, &salt) < 0) {
154 159 rv = CKR_FUNCTION_FAILED;
155 160 goto cleanup;
156 161 }
157 162
158 163 /*
159 164 * Compare hash value of the user supplied PIN with
160 165 * hash value of the keystore PIN.
161 166 */
162 167 if (strcmp(user_cryptpin, ks_cryptpin) != 0) {
163 168 rv = CKR_PIN_INCORRECT;
164 169 goto cleanup;
165 170 }
166 171
167 172 /*
168 173 * Provide the user's PIN to low-level keystore so that
169 174 * it can use it to generate encryption key as needed for
170 175 * encryption/decryption of the private objects in
171 176 * keystore.
172 177 */
173 178 if (soft_keystore_authpin(tmp_pin) != 0) {
174 179 rv = CKR_FUNCTION_FAILED;
175 180 } else {
176 181 rv = CKR_OK;
177 182 }
178 183 goto cleanup;
179 184 } else {
180 185 /*
181 186 * The PIN is not initialized in the keystore
|
↓ open down ↓ |
50 lines elided |
↑ open up ↑ |
182 187 * We will let it pass the authentication anyway but set the
183 188 * "userpin_change_needed" flag so that the application
184 189 * will get CKR_PIN_EXPIRED by other C_functions such as
185 190 * C_CreateObject, C_FindObjectInit, C_GenerateKey etc.
186 191 */
187 192 soft_slot.userpin_change_needed = 1;
188 193 rv = CKR_OK;
189 194 }
190 195
191 196 cleanup:
192 - if (salt)
193 - free(salt);
194 - if (tmp_pin)
195 - free(tmp_pin);
196 - if (ks_cryptpin)
197 - free(ks_cryptpin);
198 -
197 + if (salt) {
198 + len = strlen(salt) + 1;
199 + freezero(salt, len);
200 + }
201 + if (tmp_pin) {
202 + len = strlen((char *)tmp_pin) + 1;
203 + freezero(tmp_pin, len);
204 + }
205 + if (ks_cryptpin) {
206 + len = strlen(ks_cryptpin) + 1;
207 + freezero(ks_cryptpin, len);
208 + }
199 209 return (rv);
200 210 }
201 211
202 212 /*
203 213 * The second level C_SetPIN function.
204 214 */
205 215 CK_RV
206 216 soft_setpin(CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldPinLen,
207 217 CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewPinLen)
208 218 {
209 219
210 220 char *user_cryptpin = NULL;
211 221 char *ks_cryptpin = NULL;
212 222 char *salt = NULL;
213 223 boolean_t pin_initialized = B_FALSE;
214 224 uchar_t *tmp_old_pin = NULL, *tmp_new_pin = NULL;
215 225 CK_RV rv = CKR_OK;
226 + size_t len = 0;
216 227
217 228 /*
218 229 * Check to see if keystore is initialized.
219 230 */
220 231 rv = soft_keystore_pin_initialized(&pin_initialized, &ks_cryptpin,
221 232 B_FALSE);
222 233 if (rv != CKR_OK)
223 234 return (rv);
224 235
225 236 /*
226 237 * Authenticate user's PIN for C_SetPIN.
227 238 */
228 239 if (pin_initialized) {
229 240 /*
230 241 * Generate the hashed value based on the user supplied PIN.
231 242 */
232 243 if (soft_keystore_get_pin_salt(&salt) < 0) {
233 244 rv = CKR_FUNCTION_FAILED;
234 245 goto cleanup;
235 246 }
236 247
237 248 tmp_old_pin = malloc(ulOldPinLen + 1);
238 249 if (tmp_old_pin == NULL) {
239 250 rv = CKR_HOST_MEMORY;
240 251 goto cleanup;
241 252 }
242 253 (void) memcpy(tmp_old_pin, pOldPin, ulOldPinLen);
243 254 tmp_old_pin[ulOldPinLen] = '\0';
244 255
245 256 if (soft_gen_hashed_pin(tmp_old_pin, &user_cryptpin,
246 257 &salt) < 0) {
247 258 rv = CKR_FUNCTION_FAILED;
248 259 goto cleanup;
249 260 }
250 261
251 262 /*
252 263 * Compare hashed value of the user supplied PIN with the
253 264 * hashed value of the keystore PIN.
254 265 */
255 266 if (strcmp(user_cryptpin, ks_cryptpin) != 0) {
256 267 rv = CKR_PIN_INCORRECT;
257 268 goto cleanup;
258 269 }
259 270 } else {
260 271 /*
261 272 * This is the first time to setpin, the oldpin must be
262 273 * "changeme".
263 274 */
264 275 if (strncmp("changeme", (const char *)pOldPin,
265 276 ulOldPinLen) != 0) {
266 277 rv = CKR_PIN_INCORRECT;
267 278 goto cleanup;
268 279 }
269 280 }
270 281
271 282 tmp_new_pin = malloc(ulNewPinLen + 1);
272 283 if (tmp_new_pin == NULL) {
273 284 rv = CKR_HOST_MEMORY;
274 285 goto cleanup;
275 286 }
276 287 (void) memcpy(tmp_new_pin, pNewPin, ulNewPinLen);
277 288 tmp_new_pin[ulNewPinLen] = '\0';
278 289
279 290 /*
280 291 * Set the new pin after the old pin is authenticated.
281 292 */
282 293 if (soft_keystore_setpin(tmp_old_pin, tmp_new_pin, B_FALSE)) {
|
↓ open down ↓ |
57 lines elided |
↑ open up ↑ |
283 294 rv = CKR_FUNCTION_FAILED;
284 295 goto cleanup;
285 296 } else {
286 297 (void) pthread_mutex_lock(&soft_giant_mutex);
287 298 soft_slot.userpin_change_needed = 0;
288 299 (void) pthread_mutex_unlock(&soft_giant_mutex);
289 300 rv = CKR_OK;
290 301 }
291 302
292 303 cleanup:
293 - if (salt)
294 - free(salt);
295 - if (ks_cryptpin)
296 - free(ks_cryptpin);
297 - if (tmp_old_pin)
298 - free(tmp_old_pin);
299 - if (tmp_new_pin)
300 - free(tmp_new_pin);
304 + if (salt) {
305 + len = strlen(salt) + 1;
306 + freezero(salt, len);
307 + }
308 + if (ks_cryptpin) {
309 + len = strlen(ks_cryptpin) + 1;
310 + freezero(ks_cryptpin, len);
311 + }
312 + if (tmp_old_pin) {
313 + len = strlen((char *)tmp_old_pin) + 1;
314 + freezero(tmp_old_pin, len);
315 + }
316 + if (tmp_new_pin) {
317 + len = strlen((char *)tmp_new_pin) + 1;
318 + freezero(tmp_new_pin, len);
319 + }
301 320
302 321 return (rv);
303 322 }
304 323
305 324 /*
306 325 * soft_keystore_pack_obj()
307 326 *
308 327 * Arguments:
309 328 *
310 329 * obj: pointer to the soft_object_t of the token object to
311 330 * be packed
312 331 * ks_buf: output argument which contains the address of the
313 332 * pointer to the buf of the packed token object
314 333 * soft_keystore_pack_obj() will allocate memory for the buf,
315 334 * it is caller's responsibility to free it.
316 335 * len: output argument which contains the address of the
317 336 * buffer length of the packed token object
318 337 *
319 338 * Description:
320 339 *
321 340 * Pack the in-core token object into the keystore format.
322 341 *
323 342 * Returns:
324 343 *
325 344 * CKR_OK: no error
326 345 * Other: some error occurred while packing the object
327 346 *
328 347 */
329 348 CK_RV
330 349 soft_keystore_pack_obj(soft_object_t *obj, uchar_t **ks_buf, size_t *len)
331 350 {
332 351 ks_obj_hdr_t hdr;
333 352 ks_attr_hdr_t attr_hdr;
334 353 CK_ATTRIBUTE_INFO_PTR extra_attr;
335 354 int num_attrs = 0;
336 355 ulong_t len_attrs = 0;
337 356 size_t ks_len;
338 357 uchar_t *buf, *buf1;
339 358 CK_RV rv;
340 359 int i;
341 360
342 361 (void) memset(&hdr, 0, sizeof (ks_obj_hdr_t));
343 362
344 363 /*
345 364 * The first part of the packed format contains
346 365 * the ks_obj_hdr_t struct.
347 366 */
348 367 hdr.class = SWAP64((uint64_t)obj->class);
349 368 hdr.key_type = SWAP64((uint64_t)obj->key_type);
350 369 hdr.cert_type = SWAP64((uint64_t)obj->cert_type);
351 370 hdr.bool_attr_mask = SWAP64(obj->bool_attr_mask);
352 371 hdr.mechanism = SWAP64((uint64_t)obj->mechanism);
353 372 hdr.object_type = obj->object_type;
354 373
355 374 /*
356 375 * The second part of the packed format contains
357 376 * the attributes from the extra atrribute list.
358 377 */
359 378 extra_attr = obj->extra_attrlistp;
360 379
361 380 while (extra_attr) {
362 381 num_attrs++;
363 382 len_attrs += ROUNDUP(extra_attr->attr.ulValueLen, 8);
364 383 extra_attr = extra_attr->next;
365 384 }
366 385 hdr.num_attrs = SWAP32(num_attrs);
367 386 ks_len = soft_pack_object_size(obj);
368 387 ks_len += sizeof (ks_obj_hdr_t) + len_attrs +
369 388 2 * num_attrs * sizeof (uint64_t);
370 389 buf = calloc(1, ks_len);
371 390 if (buf == NULL) {
372 391 return (CKR_HOST_MEMORY);
373 392 }
374 393 (void) memcpy(buf, &hdr, sizeof (ks_obj_hdr_t));
375 394 buf1 = buf + sizeof (ks_obj_hdr_t);
376 395 extra_attr = obj->extra_attrlistp;
377 396 for (i = 0; i < num_attrs; i++) {
378 397 attr_hdr.type = SWAP64((uint64_t)extra_attr->attr.type);
379 398 attr_hdr.ulValueLen =
380 399 SWAP64((uint64_t)extra_attr->attr.ulValueLen);
381 400 (void) memcpy(buf1, &attr_hdr, sizeof (ks_attr_hdr_t));
382 401 buf1 = buf1 + sizeof (ks_attr_hdr_t);
383 402 (void) memcpy(buf1, extra_attr->attr.pValue,
384 403 extra_attr->attr.ulValueLen);
385 404 buf1 = buf1 + ROUNDUP(extra_attr->attr.ulValueLen, 8);
386 405 extra_attr = extra_attr->next;
387 406 }
388 407
389 408 /*
390 409 * The third part of the packed format contains
391 410 * the key itself.
392 411 */
393 412 rv = soft_pack_object(obj, buf1);
394 413 *len = ks_len;
395 414 *ks_buf = buf;
396 415
397 416 return (rv);
398 417
399 418 }
400 419
401 420 /*
402 421 * soft_keystore_unpack_obj()
403 422 *
404 423 * Arguments:
405 424 *
406 425 * obj: pointer to the soft_object_t to store the unpacked
407 426 * token object
408 427 * ks_obj: input argument which contains the pointer to the
409 428 * ks_obj_t struct of packed token object to be unpacked
410 429 *
411 430 * Description:
412 431 *
413 432 * Unpack the token object in keystore format to in-core soft_object_t.
414 433 *
415 434 * Returns:
416 435 *
417 436 * CKR_OK: no error
418 437 * Other: some error occurred while unpacking the object
419 438 *
420 439 */
421 440 CK_RV
422 441 soft_keystore_unpack_obj(soft_object_t *obj, ks_obj_t *ks_obj)
423 442 {
424 443
425 444 CK_RV rv;
426 445 ks_obj_hdr_t *hdr;
427 446 ks_attr_hdr_t *attr_hdr;
428 447 CK_ATTRIBUTE template;
429 448 int i;
430 449 uchar_t *buf;
431 450
432 451 /*
433 452 * Unpack the common area.
434 453 */
435 454 (void) strcpy((char *)obj->ks_handle.name,
436 455 (char *)ks_obj->ks_handle.name);
437 456 obj->ks_handle.public = ks_obj->ks_handle.public;
438 457 /* LINTED: pointer alignment */
439 458 hdr = (ks_obj_hdr_t *)ks_obj->buf;
440 459 obj->version = ks_obj->obj_version;
441 460 obj->class = (CK_OBJECT_CLASS)(SWAP64(hdr->class));
442 461 obj->key_type = (CK_KEY_TYPE)(SWAP64(hdr->key_type));
443 462 obj->cert_type = (CK_CERTIFICATE_TYPE)(SWAP64(hdr->cert_type));
444 463 obj->bool_attr_mask = SWAP64(hdr->bool_attr_mask);
445 464 obj->mechanism = (CK_MECHANISM_TYPE)(SWAP64(hdr->mechanism));
446 465 obj->object_type = hdr->object_type;
447 466
448 467 /*
449 468 * Initialize other stuffs which were not from keystore.
450 469 */
451 470 (void) pthread_mutex_init(&obj->object_mutex, NULL);
452 471 obj->magic_marker = SOFTTOKEN_OBJECT_MAGIC;
453 472 obj->session_handle = (CK_SESSION_HANDLE)NULL;
454 473
455 474 buf = ks_obj->buf + sizeof (ks_obj_hdr_t);
456 475
457 476 /*
458 477 * Unpack extra attribute list.
459 478 */
460 479 for (i = 0; i < SWAP32(hdr->num_attrs); i++) {
461 480 /* LINTED: pointer alignment */
462 481 attr_hdr = (ks_attr_hdr_t *)buf;
463 482 (void) memset(&template, 0, sizeof (CK_ATTRIBUTE));
464 483 template.type = (CK_ATTRIBUTE_TYPE)(SWAP64(attr_hdr->type));
465 484 template.ulValueLen = (CK_ULONG)(SWAP64(attr_hdr->ulValueLen));
466 485 buf = buf + sizeof (ks_attr_hdr_t);
467 486 /* Allocate storage for the value of the attribute. */
|
↓ open down ↓ |
157 lines elided |
↑ open up ↑ |
468 487 if (template.ulValueLen > 0) {
469 488 template.pValue = malloc(template.ulValueLen);
470 489 if (template.pValue == NULL) {
471 490 return (CKR_HOST_MEMORY);
472 491 }
473 492 (void) memcpy(template.pValue, buf,
474 493 template.ulValueLen);
475 494 }
476 495
477 496 rv = soft_add_extra_attr(&template, obj);
478 - if (template.pValue) {
479 - free(template.pValue);
480 - }
497 + freezero(template.pValue, template.ulValueLen);
481 498
482 499 if (rv != CKR_OK) {
483 500 return (rv);
484 501 }
485 502
486 503 buf = buf + ROUNDUP(template.ulValueLen, 8);
487 504 }
488 505
489 506 /*
490 507 * Unpack the key itself.
491 508 */
492 509 rv = soft_unpack_object(obj, buf);
493 510 return (rv);
494 511
495 512 }
496 513
497 514
498 515 /*
499 516 * soft_unpack_obj_attribute()
500 517 *
501 518 * Arguments:
502 519 *
503 520 * buf: contains the packed data (attributes) from keystore
504 521 * key_dest: the key attribute will be unpacked and save in key_dest
505 522 * cert_dest: the certificate attribute will be unpacked an
506 523 * in cert_dest
507 524 * offset: length of the current attribute occupies.
508 525 * The caller should use this returned "offset" to
509 526 * advance the buffer pointer to next attribute.
510 527 * cert: TRUE for certificate (use cert_dest)
511 528 * FALSE for key (use key_dest)
512 529 *
513 530 * Description:
514 531 *
515 532 * Unpack the attribute from keystore format to the big integer format.
516 533 *
517 534 * Returns:
518 535 *
519 536 * CKR_OK: no error
520 537 * Other: some error occurred while unpacking the object attribute
521 538 *
522 539 */
523 540 CK_RV
524 541 soft_unpack_obj_attribute(uchar_t *buf, biginteger_t *key_dest,
525 542 cert_attr_t **cert_dest, ulong_t *offset, boolean_t cert)
526 543 {
527 544
528 545 CK_RV rv;
529 546 CK_ATTRIBUTE template;
530 547
531 548 /* LINTED: pointer alignment */
532 549 template.ulValueLen = SWAP64(*(uint64_t *)buf);
533 550 buf = buf + sizeof (uint64_t);
534 551 template.pValue = malloc(template.ulValueLen);
535 552 if (template.pValue == NULL) {
|
↓ open down ↓ |
45 lines elided |
↑ open up ↑ |
536 553 return (CKR_HOST_MEMORY);
537 554 }
538 555
539 556 (void) memcpy(template.pValue, buf, template.ulValueLen);
540 557 if (cert) {
541 558 rv = get_cert_attr_from_template(cert_dest, &template);
542 559 } else {
543 560 rv = get_bigint_attr_from_template(key_dest, &template);
544 561 }
545 562
546 - free(template.pValue);
563 + freezero(template.pValue, template.ulValueLen);
547 564 if (rv != CKR_OK) {
548 565 return (rv);
549 566 }
550 567
551 568 *offset = sizeof (uint64_t) + template.ulValueLen;
552 569 return (CKR_OK);
553 570 }
554 571
555 572
556 573 /*
557 574 * Calculate the total buffer length required to store the
558 575 * object key (the third part) in a keystore format.
559 576 */
560 577 ulong_t
561 578 soft_pack_object_size(soft_object_t *objp)
562 579 {
563 580
564 581 CK_OBJECT_CLASS class = objp->class;
565 582 CK_KEY_TYPE keytype = objp->key_type;
566 583 CK_CERTIFICATE_TYPE certtype = objp->cert_type;
567 584
568 585 switch (class) {
569 586 case CKO_PUBLIC_KEY:
570 587 switch (keytype) {
571 588 case CKK_RSA:
572 589 /*
573 590 * modulus_bits + modulus_len + modulus +
574 591 * pubexpo_len + pubexpo
575 592 */
576 593 return (ROUNDUP(((biginteger_t *)
577 594 OBJ_PUB_RSA_MOD(objp))->big_value_len, 8) +
578 595 ROUNDUP(((biginteger_t *)
579 596 OBJ_PUB_RSA_PUBEXPO(objp))->big_value_len, 8) +
580 597 3 * sizeof (uint64_t));
581 598
582 599 case CKK_DSA:
583 600 /*
584 601 * prime_len + prime + subprime_len + subprime +
585 602 * base_len + base + value_len + value
586 603 */
587 604 return (ROUNDUP(((biginteger_t *)
588 605 OBJ_PUB_DSA_PRIME(objp))->big_value_len, 8) +
589 606 ROUNDUP(((biginteger_t *)
590 607 OBJ_PUB_DSA_SUBPRIME(objp))->big_value_len, 8) +
591 608 ROUNDUP(((biginteger_t *)
592 609 OBJ_PUB_DSA_BASE(objp))->big_value_len, 8) +
593 610 ROUNDUP(((biginteger_t *)
594 611 OBJ_PUB_DSA_VALUE(objp))->big_value_len, 8) +
595 612 4 * sizeof (uint64_t));
596 613 case CKK_EC:
597 614 /*
598 615 * ec_point_len + ec_point
599 616 */
600 617 return (ROUNDUP(((biginteger_t *)
601 618 OBJ_PUB_EC_POINT(objp))->big_value_len, 8) +
602 619 sizeof (uint64_t));
603 620 case CKK_DH:
604 621 /*
605 622 * prime_len + prime + base_len + base +
606 623 * value_len + value
607 624 */
608 625 return (ROUNDUP(((biginteger_t *)
609 626 OBJ_PUB_DH_PRIME(objp))->big_value_len, 8) +
610 627 ROUNDUP(((biginteger_t *)
611 628 OBJ_PUB_DH_BASE(objp))->big_value_len, 8) +
612 629 ROUNDUP(((biginteger_t *)
613 630 OBJ_PUB_DH_VALUE(objp))->big_value_len, 8) +
614 631 3 * sizeof (uint64_t));
615 632
616 633 case CKK_X9_42_DH:
617 634 /*
618 635 * prime_len + prime + base_len + base +
619 636 * subprime_len + subprime + value_len + value
620 637 */
621 638 return (ROUNDUP(((biginteger_t *)
622 639 OBJ_PUB_DH942_PRIME(objp))->big_value_len, 8) +
623 640 ROUNDUP(((biginteger_t *)
624 641 OBJ_PUB_DH942_BASE(objp))->big_value_len, 8) +
625 642 ROUNDUP(((biginteger_t *)
626 643 OBJ_PUB_DH942_SUBPRIME(objp))->big_value_len, 8) +
627 644 ROUNDUP(((biginteger_t *)
628 645 OBJ_PUB_DH942_VALUE(objp))->big_value_len, 8) +
629 646 4 * sizeof (uint64_t));
630 647 } /* keytype */
631 648
632 649 break;
633 650
634 651 case CKO_PRIVATE_KEY:
635 652 switch (keytype) {
636 653 case CKK_RSA:
637 654 /*
638 655 * modulus_len + modulus + pubexpo_len + pubexpo +
639 656 * priexpo_len + priexpo + prime1_len + prime1 +
640 657 * prime2_len + prime2 + expo1_len + expo1 +
641 658 * expo2_len + expo2 + coef_len + coef
642 659 */
643 660 return (ROUNDUP(((biginteger_t *)
644 661 OBJ_PRI_RSA_MOD(objp))->big_value_len, 8) +
645 662 ROUNDUP(((biginteger_t *)
646 663 OBJ_PRI_RSA_PUBEXPO(objp))->big_value_len, 8) +
647 664 ROUNDUP(((biginteger_t *)
648 665 OBJ_PRI_RSA_PRIEXPO(objp))->big_value_len, 8) +
649 666 ROUNDUP(((biginteger_t *)
650 667 OBJ_PRI_RSA_PRIME1(objp))->big_value_len, 8) +
651 668 ROUNDUP(((biginteger_t *)
652 669 OBJ_PRI_RSA_PRIME2(objp))->big_value_len, 8) +
653 670 ROUNDUP(((biginteger_t *)
654 671 OBJ_PRI_RSA_EXPO1(objp))->big_value_len, 8) +
655 672 ROUNDUP(((biginteger_t *)
656 673 OBJ_PRI_RSA_EXPO2(objp))->big_value_len, 8) +
657 674 ROUNDUP(((biginteger_t *)
658 675 OBJ_PRI_RSA_COEF(objp))->big_value_len, 8) +
659 676 8 * sizeof (uint64_t));
660 677
661 678 case CKK_DSA:
662 679 /*
663 680 * prime_len + prime + subprime_len + subprime +
664 681 * base_len + base + value_len + value
665 682 */
666 683 return (ROUNDUP(((biginteger_t *)
667 684 OBJ_PRI_DSA_PRIME(objp))->big_value_len, 8) +
668 685 ROUNDUP(((biginteger_t *)
669 686 OBJ_PRI_DSA_SUBPRIME(objp))->big_value_len, 8) +
670 687 ROUNDUP(((biginteger_t *)
671 688 OBJ_PRI_DSA_BASE(objp))->big_value_len, 8) +
672 689 ROUNDUP(((biginteger_t *)
673 690 OBJ_PRI_DSA_VALUE(objp))->big_value_len, 8) +
674 691 4 * sizeof (uint64_t));
675 692
676 693 case CKK_DH:
677 694 /*
678 695 * value_bits + prime_len + prime + base_len + base +
679 696 * value_len + value
680 697 */
681 698 return (ROUNDUP(((biginteger_t *)
682 699 OBJ_PRI_DH_PRIME(objp))->big_value_len, 8) +
683 700 ROUNDUP(((biginteger_t *)
684 701 OBJ_PRI_DH_BASE(objp))->big_value_len, 8) +
685 702 ROUNDUP(((biginteger_t *)
686 703 OBJ_PRI_DH_VALUE(objp))->big_value_len, 8) +
687 704 4 * sizeof (uint64_t));
688 705
689 706 case CKK_EC:
690 707 /*
691 708 * value_len + value
692 709 */
693 710 return (ROUNDUP(((biginteger_t *)
694 711 OBJ_PRI_EC_VALUE(objp))->big_value_len, 8) +
695 712 sizeof (uint64_t));
696 713
697 714 case CKK_X9_42_DH:
698 715 /*
699 716 * prime_len + prime + base_len + base +
700 717 * subprime_len + subprime + value_len + value
701 718 */
702 719 return (ROUNDUP(((biginteger_t *)
703 720 OBJ_PRI_DH942_PRIME(objp))->big_value_len, 8) +
704 721 ROUNDUP(((biginteger_t *)
705 722 OBJ_PRI_DH942_BASE(objp))->big_value_len, 8) +
706 723 ROUNDUP(((biginteger_t *)
707 724 OBJ_PRI_DH942_SUBPRIME(objp))->big_value_len, 8) +
708 725 ROUNDUP(((biginteger_t *)
709 726 OBJ_PRI_DH942_VALUE(objp))->big_value_len, 8) +
710 727 4 * sizeof (uint64_t));
711 728
712 729 } /* keytype */
713 730
714 731 break;
715 732
716 733 case CKO_SECRET_KEY:
717 734 /*
718 735 * value_len + value
719 736 */
720 737 return (ROUNDUP(OBJ_SEC_VALUE_LEN(objp), 8) +
721 738 sizeof (uint64_t));
722 739
723 740 case CKO_CERTIFICATE:
724 741 switch (certtype) {
725 742 case CKC_X_509:
726 743 /*
727 744 * subject_len + subject + value_len + value
728 745 */
729 746 return (ROUNDUP(((cert_attr_t *)
730 747 X509_CERT_SUBJECT(objp))->length, 8) +
731 748 ROUNDUP(((cert_attr_t *)
732 749 X509_CERT_VALUE(objp))->length, 8) +
733 750 2 * sizeof (uint64_t));
734 751
735 752 case CKC_X_509_ATTR_CERT:
736 753 /*
737 754 * owner_len + owner + value_len + value
738 755 */
739 756 return (ROUNDUP(((cert_attr_t *)
740 757 X509_ATTR_CERT_OWNER(objp))->length, 8) +
741 758 ROUNDUP(((cert_attr_t *)
742 759 X509_ATTR_CERT_VALUE(objp))->length, 8) +
743 760 2 * sizeof (uint64_t));
744 761 }
745 762 return (0);
746 763
747 764 case CKO_DOMAIN_PARAMETERS:
748 765
749 766 return (0);
750 767 }
751 768 return (0);
752 769 }
753 770
754 771 /*
755 772 * Pack the object key (the third part) from the soft_object_t
756 773 * into the keystore format.
757 774 */
758 775 CK_RV
759 776 soft_pack_object(soft_object_t *objp, uchar_t *buf)
760 777 {
761 778
762 779 CK_OBJECT_CLASS class = objp->class;
763 780 CK_KEY_TYPE keytype = objp->key_type;
764 781 CK_CERTIFICATE_TYPE certtype = objp->cert_type;
765 782 uint64_t tmp_val;
766 783
767 784 switch (class) {
768 785 case CKO_PUBLIC_KEY:
769 786 switch (keytype) {
770 787 case CKK_RSA:
771 788 /* modulus_bits */
772 789 tmp_val = SWAP64((uint64_t)OBJ_PUB_RSA_MOD_BITS(objp));
773 790 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
774 791 buf = buf + sizeof (uint64_t);
775 792
776 793 /* modulus_len + modulus */
777 794 tmp_val = SWAP64((uint64_t)(((biginteger_t *)
778 795 OBJ_PUB_RSA_MOD(objp))->big_value_len));
779 796 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
780 797 buf = buf + sizeof (uint64_t);
781 798
782 799 (void) memcpy(buf, (char *)(((biginteger_t *)
783 800 OBJ_PUB_RSA_MOD(objp))->big_value),
784 801 ((biginteger_t *)
785 802 OBJ_PUB_RSA_MOD(objp))->big_value_len);
786 803 buf = buf + ROUNDUP(((biginteger_t *)
787 804 OBJ_PUB_RSA_MOD(objp))->big_value_len, 8);
788 805
789 806 /* pubexpo_len + pubexpo */
790 807 tmp_val = SWAP64((uint64_t)((biginteger_t *)
791 808 OBJ_PUB_RSA_PUBEXPO(objp))->big_value_len);
792 809 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
793 810 buf = buf + sizeof (uint64_t);
794 811
795 812 (void) memcpy(buf, (char *)(((biginteger_t *)
796 813 OBJ_PUB_RSA_PUBEXPO(objp))->big_value),
797 814 ((biginteger_t *)
798 815 OBJ_PUB_RSA_PUBEXPO(objp))->big_value_len);
799 816 break;
800 817
801 818 case CKK_DSA:
802 819 /* prime_len + prime */
803 820 tmp_val = SWAP64((uint64_t)((biginteger_t *)
804 821 OBJ_PUB_DSA_PRIME(objp))->big_value_len);
805 822 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
806 823 buf = buf + sizeof (uint64_t);
807 824
808 825 (void) memcpy(buf, (char *)((biginteger_t *)
809 826 OBJ_PUB_DSA_PRIME(objp))->big_value,
810 827 ((biginteger_t *)
811 828 OBJ_PUB_DSA_PRIME(objp))->big_value_len);
812 829 buf = buf + ROUNDUP(((biginteger_t *)
813 830 OBJ_PUB_DSA_PRIME(objp))->big_value_len, 8);
814 831
815 832 /* subprime_len + subprime */
816 833 tmp_val = SWAP64((uint64_t)((biginteger_t *)
817 834 OBJ_PUB_DSA_SUBPRIME(objp))->big_value_len);
818 835 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
819 836 buf = buf + sizeof (uint64_t);
820 837
821 838 (void) memcpy(buf, (char *)((biginteger_t *)
822 839 OBJ_PUB_DSA_SUBPRIME(objp))->big_value,
823 840 ((biginteger_t *)
824 841 OBJ_PUB_DSA_SUBPRIME(objp))->big_value_len);
825 842 buf = buf + ROUNDUP(((biginteger_t *)
826 843 OBJ_PUB_DSA_SUBPRIME(objp))->big_value_len, 8);
827 844
828 845 /* base_len + base */
829 846 tmp_val = SWAP64((uint64_t)((biginteger_t *)
830 847 OBJ_PUB_DSA_BASE(objp))->big_value_len);
831 848 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
832 849 buf = buf + sizeof (uint64_t);
833 850
834 851 (void) memcpy(buf, (char *)((biginteger_t *)
835 852 OBJ_PUB_DSA_BASE(objp))->big_value,
836 853 ((biginteger_t *)
837 854 OBJ_PUB_DSA_BASE(objp))->big_value_len);
838 855 buf = buf + ROUNDUP(((biginteger_t *)
839 856 OBJ_PUB_DSA_BASE(objp))->big_value_len, 8);
840 857
841 858 /* value_len + value */
842 859 tmp_val = SWAP64((uint64_t)((biginteger_t *)
843 860 OBJ_PUB_DSA_VALUE(objp))->big_value_len);
844 861 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
845 862 buf = buf + sizeof (uint64_t);
846 863
847 864 (void) memcpy(buf, (char *)((biginteger_t *)
848 865 OBJ_PUB_DSA_VALUE(objp))->big_value,
849 866 ((biginteger_t *)
850 867 OBJ_PUB_DSA_VALUE(objp))->big_value_len);
851 868
852 869 break;
853 870 case CKK_EC:
854 871 /* point_len + point */
855 872 tmp_val = SWAP64((uint64_t)((biginteger_t *)
856 873 OBJ_PUB_EC_POINT(objp))->big_value_len);
857 874 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
858 875 buf = buf + sizeof (uint64_t);
859 876
860 877 (void) memcpy(buf, (char *)((biginteger_t *)
861 878 OBJ_PUB_EC_POINT(objp))->big_value,
862 879 ((biginteger_t *)
863 880 OBJ_PUB_EC_POINT(objp))->big_value_len);
864 881 break;
865 882
866 883 case CKK_DH:
867 884 /* prime_len + prime */
868 885 tmp_val = SWAP64((uint64_t)((biginteger_t *)
869 886 OBJ_PUB_DH_PRIME(objp))->big_value_len);
870 887 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
871 888 buf = buf + sizeof (uint64_t);
872 889
873 890 (void) memcpy(buf, (char *)((biginteger_t *)
874 891 OBJ_PUB_DH_PRIME(objp))->big_value,
875 892 ((biginteger_t *)
876 893 OBJ_PUB_DH_PRIME(objp))->big_value_len);
877 894 buf = buf + ROUNDUP(((biginteger_t *)
878 895 OBJ_PUB_DH_PRIME(objp))->big_value_len, 8);
879 896
880 897 /* base_len + base */
881 898 tmp_val = SWAP64((uint64_t)((biginteger_t *)
882 899 OBJ_PUB_DH_BASE(objp))->big_value_len);
883 900 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
884 901 buf = buf + sizeof (uint64_t);
885 902
886 903 (void) memcpy(buf, (char *)((biginteger_t *)
887 904 OBJ_PUB_DH_BASE(objp))->big_value,
888 905 ((biginteger_t *)
889 906 OBJ_PUB_DH_BASE(objp))->big_value_len);
890 907 buf = buf + ROUNDUP(((biginteger_t *)
891 908 OBJ_PUB_DH_BASE(objp))->big_value_len, 8);
892 909
893 910 /* value_len + value */
894 911 tmp_val = SWAP64((uint64_t)((biginteger_t *)
895 912 OBJ_PUB_DH_VALUE(objp))->big_value_len);
896 913 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
897 914 buf = buf + sizeof (uint64_t);
898 915
899 916 (void) memcpy(buf, (char *)((biginteger_t *)
900 917 OBJ_PUB_DH_VALUE(objp))->big_value,
901 918 ((biginteger_t *)
902 919 OBJ_PUB_DH_VALUE(objp))->big_value_len);
903 920
904 921 break;
905 922
906 923 case CKK_X9_42_DH:
907 924 /* prime_len + prime */
908 925 tmp_val = SWAP64((uint64_t)((biginteger_t *)
909 926 OBJ_PUB_DH942_PRIME(objp))->big_value_len);
910 927 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
911 928 buf = buf + sizeof (uint64_t);
912 929
913 930 (void) memcpy(buf, (char *)((biginteger_t *)
914 931 OBJ_PUB_DH942_PRIME(objp))->big_value,
915 932 ((biginteger_t *)
916 933 OBJ_PUB_DH942_PRIME(objp))->big_value_len);
917 934 buf = buf + ROUNDUP(((biginteger_t *)
918 935 OBJ_PUB_DH942_PRIME(objp))->big_value_len, 8);
919 936
920 937 /* base_len + base */
921 938 tmp_val = SWAP64((uint64_t)((biginteger_t *)
922 939 OBJ_PUB_DH942_BASE(objp))->big_value_len);
923 940 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
924 941 buf = buf + sizeof (uint64_t);
925 942
926 943 (void) memcpy(buf, (char *)((biginteger_t *)
927 944 OBJ_PUB_DH942_BASE(objp))->big_value,
928 945 ((biginteger_t *)
929 946 OBJ_PUB_DH942_BASE(objp))->big_value_len);
930 947 buf = buf + ROUNDUP(((biginteger_t *)
931 948 OBJ_PUB_DH942_BASE(objp))->big_value_len, 8);
932 949
933 950 /* subprime_len + subprime */
934 951 tmp_val = SWAP64((uint64_t)((biginteger_t *)
935 952 OBJ_PUB_DH942_SUBPRIME(objp))->big_value_len);
936 953 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
937 954 buf = buf + sizeof (uint64_t);
938 955
939 956 (void) memcpy(buf, (char *)((biginteger_t *)
940 957 OBJ_PUB_DH942_SUBPRIME(objp))->big_value,
941 958 ((biginteger_t *)
942 959 OBJ_PUB_DH942_SUBPRIME(objp))->big_value_len);
943 960 buf = buf + ROUNDUP(((biginteger_t *)
944 961 OBJ_PUB_DH942_SUBPRIME(objp))->big_value_len, 8);
945 962
946 963 /* value_len + value */
947 964 tmp_val = SWAP64((uint64_t)((biginteger_t *)
948 965 OBJ_PUB_DH942_VALUE(objp))->big_value_len);
949 966 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
950 967 buf = buf + sizeof (uint64_t);
951 968
952 969 (void) memcpy(buf, (char *)((biginteger_t *)
953 970 OBJ_PUB_DH942_VALUE(objp))->big_value,
954 971 ((biginteger_t *)
955 972 OBJ_PUB_DH942_VALUE(objp))->big_value_len);
956 973
957 974 break;
958 975 } /* keytype */
959 976
960 977 break;
961 978
962 979 case CKO_PRIVATE_KEY:
963 980 switch (keytype) {
964 981 case CKK_RSA:
965 982 /* modulus_len + modulus */
966 983 tmp_val = SWAP64((uint64_t)((biginteger_t *)
967 984 OBJ_PRI_RSA_MOD(objp))->big_value_len);
968 985 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
969 986 buf = buf + sizeof (uint64_t);
970 987
971 988 (void) memcpy(buf, (char *)((biginteger_t *)
972 989 OBJ_PRI_RSA_MOD(objp))->big_value,
973 990 ((biginteger_t *)
974 991 OBJ_PRI_RSA_MOD(objp))->big_value_len);
975 992 buf = buf + ROUNDUP(((biginteger_t *)
976 993 OBJ_PRI_RSA_MOD(objp))->big_value_len, 8);
977 994
978 995 /* pubexpo_len + pubexpo */
979 996 tmp_val = SWAP64((uint64_t)((biginteger_t *)
980 997 OBJ_PRI_RSA_PUBEXPO(objp))->big_value_len);
981 998 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
982 999 buf = buf + sizeof (uint64_t);
983 1000
984 1001 (void) memcpy(buf, (char *)((biginteger_t *)
985 1002 OBJ_PRI_RSA_PUBEXPO(objp))->big_value,
986 1003 ((biginteger_t *)
987 1004 OBJ_PRI_RSA_PUBEXPO(objp))->big_value_len);
988 1005 buf = buf + ROUNDUP(((biginteger_t *)
989 1006 OBJ_PRI_RSA_PUBEXPO(objp))->big_value_len, 8);
990 1007
991 1008 /* priexpo_len + priexpo */
992 1009 tmp_val = SWAP64((uint64_t)((biginteger_t *)
993 1010 OBJ_PRI_RSA_PRIEXPO(objp))->big_value_len);
994 1011 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
995 1012 buf = buf + sizeof (uint64_t);
996 1013
997 1014 (void) memcpy(buf, (char *)((biginteger_t *)
998 1015 OBJ_PRI_RSA_PRIEXPO(objp))->big_value,
999 1016 ((biginteger_t *)
1000 1017 OBJ_PRI_RSA_PRIEXPO(objp))->big_value_len);
1001 1018 buf = buf + ROUNDUP(((biginteger_t *)
1002 1019 OBJ_PRI_RSA_PRIEXPO(objp))->big_value_len, 8);
1003 1020
1004 1021 /* prime1_len + prime1 */
1005 1022 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1006 1023 OBJ_PRI_RSA_PRIME1(objp))->big_value_len);
1007 1024 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1008 1025 buf = buf + sizeof (uint64_t);
1009 1026
1010 1027 (void) memcpy(buf, (char *)((biginteger_t *)
1011 1028 OBJ_PRI_RSA_PRIME1(objp))->big_value,
1012 1029 ((biginteger_t *)
1013 1030 OBJ_PRI_RSA_PRIME1(objp))->big_value_len);
1014 1031 buf = buf + ROUNDUP(((biginteger_t *)
1015 1032 OBJ_PRI_RSA_PRIME1(objp))->big_value_len, 8);
1016 1033
1017 1034 /* prime2_len + prime2 */
1018 1035 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1019 1036 OBJ_PRI_RSA_PRIME2(objp))->big_value_len);
1020 1037 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1021 1038 buf = buf + sizeof (uint64_t);
1022 1039
1023 1040 (void) memcpy(buf, (char *)((biginteger_t *)
1024 1041 OBJ_PRI_RSA_PRIME2(objp))->big_value,
1025 1042 ((biginteger_t *)
1026 1043 OBJ_PRI_RSA_PRIME2(objp))->big_value_len);
1027 1044 buf = buf + ROUNDUP(((biginteger_t *)
1028 1045 OBJ_PRI_RSA_PRIME2(objp))->big_value_len, 8);
1029 1046
1030 1047 /* expo1_len + expo1 */
1031 1048 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1032 1049 OBJ_PRI_RSA_EXPO1(objp))->big_value_len);
1033 1050 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1034 1051 buf = buf + sizeof (uint64_t);
1035 1052
1036 1053 (void) memcpy(buf, (char *)((biginteger_t *)
1037 1054 OBJ_PRI_RSA_EXPO1(objp))->big_value,
1038 1055 ((biginteger_t *)
1039 1056 OBJ_PRI_RSA_EXPO1(objp))->big_value_len);
1040 1057 buf = buf + ROUNDUP(((biginteger_t *)
1041 1058 OBJ_PRI_RSA_EXPO1(objp))->big_value_len, 8);
1042 1059
1043 1060 /* expo2_len + expo2 */
1044 1061 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1045 1062 OBJ_PRI_RSA_EXPO2(objp))->big_value_len);
1046 1063 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1047 1064 buf = buf + sizeof (uint64_t);
1048 1065
1049 1066 (void) memcpy(buf, (char *)((biginteger_t *)
1050 1067 OBJ_PRI_RSA_EXPO2(objp))->big_value,
1051 1068 ((biginteger_t *)
1052 1069 OBJ_PRI_RSA_EXPO2(objp))->big_value_len);
1053 1070 buf = buf + ROUNDUP(((biginteger_t *)
1054 1071 OBJ_PRI_RSA_EXPO2(objp))->big_value_len, 8);
1055 1072
1056 1073 /* coef_len + coef */
1057 1074 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1058 1075 OBJ_PRI_RSA_COEF(objp))->big_value_len);
1059 1076 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1060 1077 buf = buf + sizeof (uint64_t);
1061 1078
1062 1079 (void) memcpy(buf, (char *)((biginteger_t *)
1063 1080 OBJ_PRI_RSA_COEF(objp))->big_value,
1064 1081 ((biginteger_t *)
1065 1082 OBJ_PRI_RSA_COEF(objp))->big_value_len);
1066 1083 buf = buf + ROUNDUP(((biginteger_t *)
1067 1084 OBJ_PRI_RSA_COEF(objp))->big_value_len, 8);
1068 1085
1069 1086 break;
1070 1087
1071 1088 case CKK_DSA:
1072 1089 /* prime_len + prime */
1073 1090 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1074 1091 OBJ_PRI_DSA_PRIME(objp))->big_value_len);
1075 1092 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1076 1093 buf = buf + sizeof (uint64_t);
1077 1094
1078 1095 (void) memcpy(buf, (char *)((biginteger_t *)
1079 1096 OBJ_PRI_DSA_PRIME(objp))->big_value,
1080 1097 ((biginteger_t *)
1081 1098 OBJ_PRI_DSA_PRIME(objp))->big_value_len);
1082 1099 buf = buf + ROUNDUP(((biginteger_t *)
1083 1100 OBJ_PRI_DSA_PRIME(objp))->big_value_len, 8);
1084 1101
1085 1102 /* subprime_len + subprime */
1086 1103 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1087 1104 OBJ_PRI_DSA_SUBPRIME(objp))->big_value_len);
1088 1105 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1089 1106 buf = buf + sizeof (uint64_t);
1090 1107
1091 1108 (void) memcpy(buf, (char *)((biginteger_t *)
1092 1109 OBJ_PRI_DSA_SUBPRIME(objp))->big_value,
1093 1110 ((biginteger_t *)
1094 1111 OBJ_PRI_DSA_SUBPRIME(objp))->big_value_len);
1095 1112 buf = buf + ROUNDUP(((biginteger_t *)
1096 1113 OBJ_PRI_DSA_SUBPRIME(objp))->big_value_len, 8);
1097 1114
1098 1115 /* base_len + base */
1099 1116 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1100 1117 OBJ_PRI_DSA_BASE(objp))->big_value_len);
1101 1118 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1102 1119 buf = buf + sizeof (uint64_t);
1103 1120
1104 1121 (void) memcpy(buf, (char *)((biginteger_t *)
1105 1122 OBJ_PRI_DSA_BASE(objp))->big_value,
1106 1123 ((biginteger_t *)
1107 1124 OBJ_PRI_DSA_BASE(objp))->big_value_len);
1108 1125 buf = buf + ROUNDUP(((biginteger_t *)
1109 1126 OBJ_PRI_DSA_BASE(objp))->big_value_len, 8);
1110 1127
1111 1128 /* value_len + value */
1112 1129 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1113 1130 OBJ_PRI_DSA_VALUE(objp))->big_value_len);
1114 1131 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1115 1132 buf = buf + sizeof (uint64_t);
1116 1133
1117 1134 (void) memcpy(buf, (char *)((biginteger_t *)
1118 1135 OBJ_PRI_DSA_VALUE(objp))->big_value,
1119 1136 ((biginteger_t *)
1120 1137 OBJ_PRI_DSA_VALUE(objp))->big_value_len);
1121 1138
1122 1139 break;
1123 1140 case CKK_EC:
1124 1141 /* value_len + value */
1125 1142 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1126 1143 OBJ_PRI_EC_VALUE(objp))->big_value_len);
1127 1144 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1128 1145 buf = buf + sizeof (uint64_t);
1129 1146
1130 1147 (void) memcpy(buf, (char *)((biginteger_t *)
1131 1148 OBJ_PRI_EC_VALUE(objp))->big_value,
1132 1149 ((biginteger_t *)
1133 1150 OBJ_PRI_EC_VALUE(objp))->big_value_len);
1134 1151 break;
1135 1152
1136 1153 case CKK_DH:
1137 1154 /* value_bits */
1138 1155 tmp_val = SWAP64((uint64_t)OBJ_PRI_DH_VAL_BITS(objp));
1139 1156 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1140 1157 buf = buf + sizeof (uint64_t);
1141 1158
1142 1159 /* prime_len + prime */
1143 1160 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1144 1161 OBJ_PRI_DH_PRIME(objp))->big_value_len);
1145 1162 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1146 1163 buf = buf + sizeof (uint64_t);
1147 1164
1148 1165 (void) memcpy(buf, (char *)((biginteger_t *)
1149 1166 OBJ_PRI_DH_PRIME(objp))->big_value,
1150 1167 ((biginteger_t *)
1151 1168 OBJ_PRI_DH_PRIME(objp))->big_value_len);
1152 1169 buf = buf + ROUNDUP(((biginteger_t *)
1153 1170 OBJ_PRI_DH_PRIME(objp))->big_value_len, 8);
1154 1171
1155 1172 /* base_len + base */
1156 1173 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1157 1174 OBJ_PRI_DH_BASE(objp))->big_value_len);
1158 1175 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1159 1176 buf = buf + sizeof (uint64_t);
1160 1177
1161 1178 (void) memcpy(buf, (char *)((biginteger_t *)
1162 1179 OBJ_PRI_DH_BASE(objp))->big_value,
1163 1180 ((biginteger_t *)
1164 1181 OBJ_PRI_DH_BASE(objp))->big_value_len);
1165 1182 buf = buf + ROUNDUP(((biginteger_t *)
1166 1183 OBJ_PRI_DH_BASE(objp))->big_value_len, 8);
1167 1184
1168 1185 /* value_len + value */
1169 1186 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1170 1187 OBJ_PRI_DH_VALUE(objp))->big_value_len);
1171 1188 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1172 1189 buf = buf + sizeof (uint64_t);
1173 1190
1174 1191 (void) memcpy(buf, (char *)((biginteger_t *)
1175 1192 OBJ_PRI_DH_VALUE(objp))->big_value,
1176 1193 ((biginteger_t *)
1177 1194 OBJ_PRI_DH_VALUE(objp))->big_value_len);
1178 1195
1179 1196 break;
1180 1197
1181 1198 case CKK_X9_42_DH:
1182 1199 /* prime_len + prime */
1183 1200 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1184 1201 OBJ_PRI_DH942_PRIME(objp))->big_value_len);
1185 1202 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1186 1203 buf = buf + sizeof (uint64_t);
1187 1204
1188 1205 (void) memcpy(buf, (char *)((biginteger_t *)
1189 1206 OBJ_PRI_DH942_PRIME(objp))->big_value,
1190 1207 ((biginteger_t *)
1191 1208 OBJ_PRI_DH942_PRIME(objp))->big_value_len);
1192 1209 buf = buf + ROUNDUP(((biginteger_t *)
1193 1210 OBJ_PRI_DH942_PRIME(objp))->big_value_len, 8);
1194 1211
1195 1212 /* base_len + base */
1196 1213 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1197 1214 OBJ_PRI_DH942_BASE(objp))->big_value_len);
1198 1215 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1199 1216 buf = buf + sizeof (uint64_t);
1200 1217
1201 1218 (void) memcpy(buf, (char *)((biginteger_t *)
1202 1219 OBJ_PRI_DH942_BASE(objp))->big_value,
1203 1220 ((biginteger_t *)
1204 1221 OBJ_PRI_DH942_BASE(objp))->big_value_len);
1205 1222 buf = buf + ROUNDUP(((biginteger_t *)
1206 1223 OBJ_PRI_DH942_BASE(objp))->big_value_len, 8);
1207 1224
1208 1225 /* subprime_len + subprime */
1209 1226 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1210 1227 OBJ_PRI_DH942_SUBPRIME(objp))->big_value_len);
1211 1228 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1212 1229 buf = buf + sizeof (uint64_t);
1213 1230
1214 1231 (void) memcpy(buf, (char *)((biginteger_t *)
1215 1232 OBJ_PRI_DH942_SUBPRIME(objp))->big_value,
1216 1233 ((biginteger_t *)
1217 1234 OBJ_PRI_DH942_SUBPRIME(objp))->big_value_len);
1218 1235 buf = buf + ROUNDUP(((biginteger_t *)
1219 1236 OBJ_PRI_DH942_SUBPRIME(objp))->big_value_len, 8);
1220 1237
1221 1238 /* value_len + value */
1222 1239 tmp_val = SWAP64((uint64_t)((biginteger_t *)
1223 1240 OBJ_PRI_DH942_VALUE(objp))->big_value_len);
1224 1241 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1225 1242 buf = buf + sizeof (uint64_t);
1226 1243
1227 1244 (void) memcpy(buf, (char *)((biginteger_t *)
1228 1245 OBJ_PRI_DH942_VALUE(objp))->big_value,
1229 1246 ((biginteger_t *)
1230 1247 OBJ_PRI_DH942_VALUE(objp))->big_value_len);
1231 1248
1232 1249 break;
1233 1250
1234 1251 } /* keytype */
1235 1252
1236 1253 break;
1237 1254
1238 1255 case CKO_SECRET_KEY:
1239 1256 /* value_len + value */
1240 1257 tmp_val = SWAP64((uint64_t)OBJ_SEC_VALUE_LEN(objp));
1241 1258 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1242 1259 buf = buf + sizeof (uint64_t);
1243 1260
1244 1261 if (OBJ_SEC_VALUE_LEN(objp) > 0) {
1245 1262 (void) memcpy(buf, (char *)OBJ_SEC_VALUE(objp),
1246 1263 OBJ_SEC_VALUE_LEN(objp));
1247 1264 buf = buf + ROUNDUP(OBJ_SEC_VALUE_LEN(objp), 8);
1248 1265 }
1249 1266
1250 1267 break;
1251 1268
1252 1269 case CKO_CERTIFICATE:
1253 1270
1254 1271 switch (certtype) {
1255 1272 case CKC_X_509:
1256 1273 /* subject_len + subject */
1257 1274 tmp_val = SWAP64((uint64_t)(((cert_attr_t *)
1258 1275 X509_CERT_SUBJECT(objp))->length));
1259 1276 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1260 1277 buf = buf + sizeof (uint64_t);
1261 1278
1262 1279 (void) memcpy(buf, (char *)((cert_attr_t *)
1263 1280 X509_CERT_SUBJECT(objp))->value,
1264 1281 ((cert_attr_t *)
1265 1282 X509_CERT_SUBJECT(objp))->length);
1266 1283 buf = buf + ROUNDUP(((cert_attr_t *)
1267 1284 X509_CERT_SUBJECT(objp))->length, 8);
1268 1285
1269 1286 /* value_len + value */
1270 1287 tmp_val = SWAP64((uint64_t)(((cert_attr_t *)
1271 1288 X509_CERT_VALUE(objp))->length));
1272 1289 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1273 1290 buf = buf + sizeof (uint64_t);
1274 1291
1275 1292 (void) memcpy(buf, (char *)((cert_attr_t *)
1276 1293 X509_CERT_VALUE(objp))->value,
1277 1294 ((cert_attr_t *)
1278 1295 X509_CERT_VALUE(objp))->length);
1279 1296 break;
1280 1297
1281 1298 case CKC_X_509_ATTR_CERT:
1282 1299 /* owner_len + owner */
1283 1300 tmp_val = SWAP64((uint64_t)(((cert_attr_t *)
1284 1301 X509_ATTR_CERT_OWNER(objp))->length));
1285 1302 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1286 1303 buf = buf + sizeof (uint64_t);
1287 1304
1288 1305 (void) memcpy(buf, (char *)((cert_attr_t *)
1289 1306 X509_ATTR_CERT_OWNER(objp))->value,
1290 1307 ((cert_attr_t *)
1291 1308 X509_ATTR_CERT_OWNER(objp))->length);
1292 1309 buf = buf + ROUNDUP(((cert_attr_t *)
1293 1310 X509_ATTR_CERT_OWNER(objp))->length, 8);
1294 1311
1295 1312 /* value_len + value */
1296 1313 tmp_val = SWAP64((uint64_t)(((cert_attr_t *)
1297 1314 X509_ATTR_CERT_VALUE(objp))->length));
1298 1315 (void) memcpy(buf, (char *)&tmp_val, sizeof (uint64_t));
1299 1316 buf = buf + sizeof (uint64_t);
1300 1317
1301 1318 (void) memcpy(buf, (char *)((cert_attr_t *)
1302 1319 X509_ATTR_CERT_VALUE(objp))->value,
1303 1320 ((cert_attr_t *)
1304 1321 X509_ATTR_CERT_VALUE(objp))->length);
1305 1322 break;
1306 1323 }
1307 1324 break;
1308 1325
1309 1326 case CKO_DOMAIN_PARAMETERS:
1310 1327
1311 1328 return (0);
1312 1329 }
1313 1330 return (CKR_OK);
1314 1331 }
1315 1332
1316 1333 /*
1317 1334 * Unpack the object key in keystore format (the third part)
1318 1335 * into soft_object_t.
1319 1336 */
1320 1337 CK_RV
1321 1338 soft_unpack_object(soft_object_t *objp, uchar_t *buf)
1322 1339 {
1323 1340
1324 1341 public_key_obj_t *pbk;
1325 1342 private_key_obj_t *pvk;
1326 1343 secret_key_obj_t *sck;
1327 1344 certificate_obj_t *cert;
1328 1345 CK_OBJECT_CLASS class = objp->class;
1329 1346 CK_KEY_TYPE keytype = objp->key_type;
1330 1347 CK_CERTIFICATE_TYPE certtype = objp->cert_type;
1331 1348
1332 1349 biginteger_t modulus;
1333 1350 biginteger_t pubexpo;
1334 1351 biginteger_t prime;
1335 1352 biginteger_t subprime;
1336 1353 biginteger_t base;
1337 1354 biginteger_t value;
1338 1355
1339 1356 biginteger_t priexpo;
1340 1357 biginteger_t prime1;
1341 1358 biginteger_t prime2;
1342 1359 biginteger_t expo1;
1343 1360 biginteger_t expo2;
1344 1361 biginteger_t coef;
1345 1362 CK_RV rv = CKR_OK;
1346 1363 ulong_t offset = 0;
1347 1364 uint64_t tmp_val;
1348 1365
1349 1366 /* prevent bigint_attr_cleanup from freeing invalid attr value */
1350 1367 (void) memset(&modulus, 0x0, sizeof (biginteger_t));
1351 1368 (void) memset(&pubexpo, 0x0, sizeof (biginteger_t));
1352 1369 (void) memset(&prime, 0x0, sizeof (biginteger_t));
1353 1370 (void) memset(&subprime, 0x0, sizeof (biginteger_t));
1354 1371 (void) memset(&base, 0x0, sizeof (biginteger_t));
1355 1372 (void) memset(&value, 0x0, sizeof (biginteger_t));
1356 1373
1357 1374 (void) memset(&priexpo, 0x0, sizeof (biginteger_t));
1358 1375 (void) memset(&prime1, 0x0, sizeof (biginteger_t));
1359 1376 (void) memset(&prime2, 0x0, sizeof (biginteger_t));
1360 1377 (void) memset(&expo1, 0x0, sizeof (biginteger_t));
1361 1378 (void) memset(&expo2, 0x0, sizeof (biginteger_t));
1362 1379 (void) memset(&coef, 0x0, sizeof (biginteger_t));
1363 1380
1364 1381 switch (class) {
1365 1382
1366 1383 case CKO_PUBLIC_KEY:
1367 1384 /* Allocate storage for Public Key Object. */
1368 1385 pbk = calloc(1, sizeof (public_key_obj_t));
1369 1386 if (pbk == NULL) {
1370 1387 rv = CKR_HOST_MEMORY;
1371 1388 return (rv);
1372 1389 }
1373 1390
1374 1391 objp->object_class_u.public_key = pbk;
1375 1392
1376 1393 switch (keytype) {
1377 1394 case CKK_RSA: /* modulus_bits */
1378 1395 (void) memcpy(&tmp_val, buf, sizeof (uint64_t));
1379 1396 KEY_PUB_RSA_MOD_BITS(pbk) = (CK_ULONG)(SWAP64(tmp_val));
1380 1397 buf = buf + sizeof (uint64_t);
1381 1398
1382 1399 /* modulus */
1383 1400 if ((rv = soft_unpack_obj_attribute(buf, &modulus,
1384 1401 NULL, &offset, B_FALSE)) != CKR_OK)
1385 1402 goto pub_cleanup;
1386 1403
1387 1404 copy_bigint_attr(&modulus, KEY_PUB_RSA_MOD(pbk));
1388 1405
1389 1406 buf += ROUNDUP(offset, 8);
1390 1407
1391 1408 /* pubexpo */
1392 1409 if ((rv = soft_unpack_obj_attribute(buf, &pubexpo,
1393 1410 NULL, &offset, B_FALSE)) != CKR_OK)
1394 1411 goto pub_cleanup;
1395 1412
1396 1413 copy_bigint_attr(&pubexpo, KEY_PUB_RSA_PUBEXPO(pbk));
1397 1414
1398 1415 break;
1399 1416
1400 1417 case CKK_DSA:
1401 1418 /* prime */
1402 1419 if ((rv = soft_unpack_obj_attribute(buf, &prime,
1403 1420 NULL, &offset, B_FALSE)) != CKR_OK)
1404 1421 goto pub_cleanup;
1405 1422
1406 1423 copy_bigint_attr(&prime, KEY_PUB_DSA_PRIME(pbk));
1407 1424
1408 1425 buf += ROUNDUP(offset, 8);
1409 1426
1410 1427 /* subprime */
1411 1428 if ((rv = soft_unpack_obj_attribute(buf, &subprime,
1412 1429 NULL, &offset, B_FALSE)) != CKR_OK)
1413 1430 goto pub_cleanup;
1414 1431
1415 1432 copy_bigint_attr(&subprime, KEY_PUB_DSA_SUBPRIME(pbk));
1416 1433
1417 1434 buf += ROUNDUP(offset, 8);
1418 1435
1419 1436 /* base */
1420 1437 if ((rv = soft_unpack_obj_attribute(buf, &base,
1421 1438 NULL, &offset, B_FALSE)) != CKR_OK)
1422 1439 goto pub_cleanup;
1423 1440
1424 1441 copy_bigint_attr(&base, KEY_PUB_DSA_BASE(pbk));
1425 1442
1426 1443 buf += ROUNDUP(offset, 8);
1427 1444
1428 1445 /* value */
1429 1446 if ((rv = soft_unpack_obj_attribute(buf, &value,
1430 1447 NULL, &offset, B_FALSE)) != CKR_OK)
1431 1448 goto pub_cleanup;
1432 1449
1433 1450 copy_bigint_attr(&value, KEY_PUB_DSA_VALUE(pbk));
1434 1451
1435 1452 break;
1436 1453
1437 1454 case CKK_DH:
1438 1455 /* prime */
1439 1456 if ((rv = soft_unpack_obj_attribute(buf, &prime,
1440 1457 NULL, &offset, B_FALSE)) != CKR_OK)
1441 1458 goto pub_cleanup;
1442 1459
1443 1460 copy_bigint_attr(&prime, KEY_PUB_DH_PRIME(pbk));
1444 1461
1445 1462 buf += ROUNDUP(offset, 8);
1446 1463
1447 1464 /* base */
1448 1465 if ((rv = soft_unpack_obj_attribute(buf, &base,
1449 1466 NULL, &offset, B_FALSE)) != CKR_OK)
1450 1467 goto pub_cleanup;
1451 1468
1452 1469 copy_bigint_attr(&base, KEY_PUB_DH_BASE(pbk));
1453 1470
1454 1471 buf += ROUNDUP(offset, 8);
1455 1472
1456 1473 /* value */
1457 1474 if ((rv = soft_unpack_obj_attribute(buf, &value,
1458 1475 NULL, &offset, B_FALSE)) != CKR_OK)
1459 1476 goto pub_cleanup;
1460 1477
1461 1478 copy_bigint_attr(&value, KEY_PUB_DH_VALUE(pbk));
1462 1479
1463 1480 break;
1464 1481
1465 1482 case CKK_EC:
1466 1483 /* ec_point */
1467 1484 if ((rv = soft_unpack_obj_attribute(buf, &value,
1468 1485 NULL, &offset, B_FALSE)) != CKR_OK)
1469 1486 goto pri_cleanup;
1470 1487
1471 1488 copy_bigint_attr(&value, KEY_PUB_EC_POINT(pbk));
1472 1489 break;
1473 1490
1474 1491 case CKK_X9_42_DH:
1475 1492 /* prime */
1476 1493 if ((rv = soft_unpack_obj_attribute(buf, &prime,
1477 1494 NULL, &offset, B_FALSE)) != CKR_OK)
1478 1495 goto pub_cleanup;
1479 1496
1480 1497 copy_bigint_attr(&prime, KEY_PUB_DH942_PRIME(pbk));
1481 1498
1482 1499 buf += ROUNDUP(offset, 8);
1483 1500
1484 1501 /* base */
1485 1502 if ((rv = soft_unpack_obj_attribute(buf, &base,
1486 1503 NULL, &offset, B_FALSE)) != CKR_OK)
1487 1504 goto pub_cleanup;
1488 1505
1489 1506 copy_bigint_attr(&base, KEY_PUB_DH942_BASE(pbk));
1490 1507
1491 1508 buf += ROUNDUP(offset, 8);
1492 1509
1493 1510 /* subprime */
1494 1511 if ((rv = soft_unpack_obj_attribute(buf, &subprime,
1495 1512 NULL, &offset, B_FALSE)) != CKR_OK)
1496 1513 goto pub_cleanup;
1497 1514
1498 1515 copy_bigint_attr(&subprime,
1499 1516 KEY_PUB_DH942_SUBPRIME(pbk));
1500 1517
1501 1518 buf += ROUNDUP(offset, 8);
1502 1519
1503 1520 /* value */
1504 1521 if ((rv = soft_unpack_obj_attribute(buf, &value,
1505 1522 NULL, &offset, B_FALSE)) != CKR_OK)
1506 1523 goto pub_cleanup;
1507 1524
1508 1525 copy_bigint_attr(&value, KEY_PUB_DH942_VALUE(pbk));
1509 1526
1510 1527 break;
1511 1528 } /* keytype */
1512 1529
1513 1530 break;
1514 1531
1515 1532 case CKO_PRIVATE_KEY:
1516 1533 /* Allocate storage for Private Key Object. */
1517 1534 pvk = calloc(1, sizeof (private_key_obj_t));
1518 1535 if (pvk == NULL) {
1519 1536 rv = CKR_HOST_MEMORY;
1520 1537 return (rv);
1521 1538 }
1522 1539
1523 1540 objp->object_class_u.private_key = pvk;
1524 1541
1525 1542 switch (keytype) {
1526 1543 case CKK_RSA:
1527 1544 /* modulus */
1528 1545 if ((rv = soft_unpack_obj_attribute(buf, &modulus,
1529 1546 NULL, &offset, B_FALSE)) != CKR_OK)
1530 1547 goto pri_cleanup;
1531 1548
1532 1549 copy_bigint_attr(&modulus, KEY_PRI_RSA_MOD(pvk));
1533 1550
1534 1551 buf += ROUNDUP(offset, 8);
1535 1552
1536 1553 /* pubexpo */
1537 1554 if ((rv = soft_unpack_obj_attribute(buf, &pubexpo,
1538 1555 NULL, &offset, B_FALSE)) != CKR_OK)
1539 1556 goto pri_cleanup;
1540 1557
1541 1558 copy_bigint_attr(&pubexpo, KEY_PRI_RSA_PUBEXPO(pvk));
1542 1559
1543 1560 buf += ROUNDUP(offset, 8);
1544 1561
1545 1562 /* priexpo */
1546 1563 if ((rv = soft_unpack_obj_attribute(buf, &priexpo,
1547 1564 NULL, &offset, B_FALSE)) != CKR_OK)
1548 1565 goto pri_cleanup;
1549 1566
1550 1567 copy_bigint_attr(&priexpo, KEY_PRI_RSA_PRIEXPO(pvk));
1551 1568
1552 1569 buf += ROUNDUP(offset, 8);
1553 1570
1554 1571 /* prime1 */
1555 1572 if ((rv = soft_unpack_obj_attribute(buf, &prime1,
1556 1573 NULL, &offset, B_FALSE)) != CKR_OK)
1557 1574 goto pri_cleanup;
1558 1575
1559 1576 copy_bigint_attr(&prime1, KEY_PRI_RSA_PRIME1(pvk));
1560 1577
1561 1578 buf += ROUNDUP(offset, 8);
1562 1579
1563 1580 /* prime2 */
1564 1581 if ((rv = soft_unpack_obj_attribute(buf, &prime2,
1565 1582 NULL, &offset, B_FALSE)) != CKR_OK)
1566 1583 goto pri_cleanup;
1567 1584
1568 1585 copy_bigint_attr(&prime2, KEY_PRI_RSA_PRIME2(pvk));
1569 1586
1570 1587 buf += ROUNDUP(offset, 8);
1571 1588
1572 1589 /* expo1 */
1573 1590 if ((rv = soft_unpack_obj_attribute(buf, &expo1,
1574 1591 NULL, &offset, B_FALSE)) != CKR_OK)
1575 1592 goto pri_cleanup;
1576 1593
1577 1594 copy_bigint_attr(&expo1, KEY_PRI_RSA_EXPO1(pvk));
1578 1595
1579 1596 buf += ROUNDUP(offset, 8);
1580 1597
1581 1598 /* expo2 */
1582 1599 if ((rv = soft_unpack_obj_attribute(buf, &expo2,
1583 1600 NULL, &offset, B_FALSE)) != CKR_OK)
1584 1601 goto pri_cleanup;
1585 1602
1586 1603 copy_bigint_attr(&expo2, KEY_PRI_RSA_EXPO2(pvk));
1587 1604
1588 1605 buf += ROUNDUP(offset, 8);
1589 1606
1590 1607 /* coef */
1591 1608 if ((rv = soft_unpack_obj_attribute(buf, &coef,
1592 1609 NULL, &offset, B_FALSE)) != CKR_OK)
1593 1610 goto pri_cleanup;
1594 1611
1595 1612 copy_bigint_attr(&coef, KEY_PRI_RSA_COEF(pvk));
1596 1613
1597 1614 break;
1598 1615
1599 1616 case CKK_DSA:
1600 1617 /* prime */
1601 1618 if ((rv = soft_unpack_obj_attribute(buf, &prime,
1602 1619 NULL, &offset, B_FALSE)) != CKR_OK)
1603 1620 goto pri_cleanup;
1604 1621
1605 1622 copy_bigint_attr(&prime, KEY_PRI_DSA_PRIME(pvk));
1606 1623
1607 1624 buf += ROUNDUP(offset, 8);
1608 1625
1609 1626 /* subprime */
1610 1627 if ((rv = soft_unpack_obj_attribute(buf, &subprime,
1611 1628 NULL, &offset, B_FALSE)) != CKR_OK)
1612 1629 goto pri_cleanup;
1613 1630
1614 1631 copy_bigint_attr(&subprime, KEY_PRI_DSA_SUBPRIME(pvk));
1615 1632
1616 1633 buf += ROUNDUP(offset, 8);
1617 1634
1618 1635 /* base */
1619 1636 if ((rv = soft_unpack_obj_attribute(buf, &base,
1620 1637 NULL, &offset, B_FALSE)) != CKR_OK)
1621 1638 goto pri_cleanup;
1622 1639
1623 1640 copy_bigint_attr(&base, KEY_PRI_DSA_BASE(pvk));
1624 1641
1625 1642 buf += ROUNDUP(offset, 8);
1626 1643
1627 1644 /* value */
1628 1645 if ((rv = soft_unpack_obj_attribute(buf, &value,
1629 1646 NULL, &offset, B_FALSE)) != CKR_OK)
1630 1647 goto pri_cleanup;
1631 1648
1632 1649 copy_bigint_attr(&value, KEY_PRI_DSA_VALUE(pvk));
1633 1650
1634 1651 break;
1635 1652
1636 1653 case CKK_DH:
1637 1654 /* value_bits */
1638 1655 (void) memcpy(&tmp_val, buf, sizeof (uint64_t));
1639 1656 KEY_PRI_DH_VAL_BITS(pvk) = (CK_ULONG)(SWAP64(tmp_val));
1640 1657 buf = buf + sizeof (uint64_t);
1641 1658
1642 1659 /* prime */
1643 1660 if ((rv = soft_unpack_obj_attribute(buf, &prime,
1644 1661 NULL, &offset, B_FALSE)) != CKR_OK)
1645 1662 goto pri_cleanup;
1646 1663
1647 1664 copy_bigint_attr(&prime, KEY_PRI_DH_PRIME(pvk));
1648 1665
1649 1666 buf += ROUNDUP(offset, 8);
1650 1667
1651 1668 /* base */
1652 1669 if ((rv = soft_unpack_obj_attribute(buf, &base,
1653 1670 NULL, &offset, B_FALSE)) != CKR_OK)
1654 1671 goto pri_cleanup;
1655 1672
1656 1673 copy_bigint_attr(&base, KEY_PRI_DH_BASE(pvk));
1657 1674
1658 1675 buf += ROUNDUP(offset, 8);
1659 1676
1660 1677 /* value */
1661 1678 if ((rv = soft_unpack_obj_attribute(buf, &value,
1662 1679 NULL, &offset, B_FALSE)) != CKR_OK)
1663 1680 goto pri_cleanup;
1664 1681
1665 1682 copy_bigint_attr(&value, KEY_PRI_DH_VALUE(pvk));
1666 1683
1667 1684 break;
1668 1685
1669 1686 case CKK_EC:
1670 1687 /* value */
1671 1688 if ((rv = soft_unpack_obj_attribute(buf, &value,
1672 1689 NULL, &offset, B_FALSE)) != CKR_OK)
1673 1690 goto pri_cleanup;
1674 1691
1675 1692 copy_bigint_attr(&value, KEY_PRI_EC_VALUE(pvk));
1676 1693 break;
1677 1694
1678 1695 case CKK_X9_42_DH:
1679 1696 /* prime */
1680 1697 if ((rv = soft_unpack_obj_attribute(buf, &prime,
1681 1698 NULL, &offset, B_FALSE)) != CKR_OK)
1682 1699 goto pri_cleanup;
1683 1700
1684 1701 copy_bigint_attr(&prime, KEY_PRI_DH942_PRIME(pvk));
1685 1702
1686 1703 buf += ROUNDUP(offset, 8);
1687 1704
1688 1705 /* base */
1689 1706 if ((rv = soft_unpack_obj_attribute(buf, &base,
1690 1707 NULL, &offset, B_FALSE)) != CKR_OK)
1691 1708 goto pri_cleanup;
1692 1709
1693 1710 copy_bigint_attr(&base, KEY_PRI_DH942_BASE(pvk));
1694 1711
1695 1712 buf += ROUNDUP(offset, 8);
1696 1713
1697 1714 /* subprime */
1698 1715 if ((rv = soft_unpack_obj_attribute(buf, &subprime,
1699 1716 NULL, &offset, B_FALSE)) != CKR_OK)
1700 1717 goto pri_cleanup;
1701 1718
1702 1719 copy_bigint_attr(&subprime, KEY_PRI_DH942_BASE(pvk));
1703 1720
1704 1721 buf += ROUNDUP(offset, 8);
1705 1722
1706 1723 /* value */
1707 1724 if ((rv = soft_unpack_obj_attribute(buf, &value,
1708 1725 NULL, &offset, B_FALSE)) != CKR_OK)
1709 1726 goto pri_cleanup;
1710 1727
1711 1728 copy_bigint_attr(&value, KEY_PRI_DH942_VALUE(pvk));
1712 1729
1713 1730 break;
1714 1731 } /* keytype */
1715 1732
1716 1733 break;
1717 1734
1718 1735 case CKO_SECRET_KEY:
1719 1736 /* Allocate storage for Secret Key Object. */
1720 1737 sck = calloc(1, sizeof (secret_key_obj_t));
1721 1738 if (sck == NULL) {
1722 1739 return (CKR_HOST_MEMORY);
1723 1740 }
1724 1741
1725 1742 objp->object_class_u.secret_key = sck;
1726 1743
1727 1744 /* value */
1728 1745 (void) memcpy((void *)&tmp_val, buf, sizeof (uint64_t));
1729 1746 OBJ_SEC_VALUE_LEN(objp) = (CK_ULONG)(SWAP64(tmp_val));
1730 1747 buf = buf + sizeof (uint64_t);
1731 1748
1732 1749 if (OBJ_SEC_VALUE_LEN(objp) > 0) {
1733 1750 OBJ_SEC_VALUE(objp) = malloc(OBJ_SEC_VALUE_LEN(objp));
1734 1751 if (OBJ_SEC_VALUE(objp) == NULL) {
1735 1752 free(sck);
1736 1753 return (CKR_HOST_MEMORY);
1737 1754 }
1738 1755 (void) memcpy(OBJ_SEC_VALUE(objp), buf,
1739 1756 OBJ_SEC_VALUE_LEN(objp));
1740 1757
1741 1758 buf = buf + ROUNDUP(OBJ_SEC_VALUE_LEN(objp), 8);
1742 1759 }
1743 1760
1744 1761 return (rv);
1745 1762
1746 1763 case CKO_CERTIFICATE:
1747 1764 /* Allocate storage for Certificate Object. */
1748 1765 cert = calloc(1, sizeof (certificate_obj_t));
1749 1766 if (cert == NULL) {
1750 1767 return (CKR_HOST_MEMORY);
1751 1768 }
1752 1769 (void) memset((void *)cert, 0, sizeof (certificate_obj_t));
1753 1770
1754 1771 cert->certificate_type = certtype;
1755 1772 objp->object_class_u.certificate = cert;
1756 1773
1757 1774 switch (certtype) {
1758 1775 case CKC_X_509:
1759 1776 /* subject */
1760 1777 if ((rv = soft_unpack_obj_attribute(buf, NULL,
1761 1778 &cert->cert_type_u.x509.subject,
1762 1779 &offset, B_TRUE)) != CKR_OK) {
1763 1780 free(cert);
1764 1781 return (rv);
1765 1782 }
1766 1783
1767 1784 buf += ROUNDUP(offset, 8);
1768 1785
1769 1786 /* value */
1770 1787 if ((rv = soft_unpack_obj_attribute(buf, NULL,
1771 1788 &cert->cert_type_u.x509.value,
1772 1789 &offset, B_TRUE)) != CKR_OK) {
1773 1790 free(cert);
1774 1791 return (rv);
1775 1792 }
1776 1793
1777 1794 break;
1778 1795
1779 1796 case CKC_X_509_ATTR_CERT:
1780 1797 /* owner */
1781 1798 if ((rv = soft_unpack_obj_attribute(buf, NULL,
1782 1799 &cert->cert_type_u.x509_attr.owner,
1783 1800 &offset, B_TRUE)) != CKR_OK) {
1784 1801 free(cert);
1785 1802 return (rv);
1786 1803 }
1787 1804
1788 1805 buf += ROUNDUP(offset, 8);
1789 1806
1790 1807 /* value */
1791 1808 if ((rv = soft_unpack_obj_attribute(buf, NULL,
1792 1809 &cert->cert_type_u.x509_attr.value,
1793 1810 &offset, B_TRUE)) != CKR_OK) {
1794 1811 free(cert);
1795 1812 return (rv);
1796 1813 }
1797 1814
1798 1815 break;
1799 1816 }
1800 1817
1801 1818 return (rv);
1802 1819
1803 1820 case CKO_DOMAIN_PARAMETERS:
1804 1821
1805 1822 break;
1806 1823 }
1807 1824
1808 1825 pub_cleanup:
1809 1826 /*
1810 1827 * cleanup the storage allocated to the local variables.
1811 1828 */
1812 1829 if (rv != CKR_OK)
1813 1830 free(pbk);
1814 1831 bigint_attr_cleanup(&modulus);
1815 1832 bigint_attr_cleanup(&pubexpo);
1816 1833 bigint_attr_cleanup(&prime);
1817 1834 bigint_attr_cleanup(&subprime);
1818 1835 bigint_attr_cleanup(&base);
1819 1836 bigint_attr_cleanup(&value);
1820 1837 return (rv);
1821 1838
1822 1839 pri_cleanup:
1823 1840 /*
1824 1841 * cleanup the storage allocated to the local variables.
1825 1842 */
1826 1843 if (rv != CKR_OK)
1827 1844 free(pvk);
1828 1845 bigint_attr_cleanup(&modulus);
1829 1846 bigint_attr_cleanup(&priexpo);
1830 1847 bigint_attr_cleanup(&prime);
1831 1848 bigint_attr_cleanup(&subprime);
1832 1849 bigint_attr_cleanup(&base);
1833 1850 bigint_attr_cleanup(&value);
1834 1851 bigint_attr_cleanup(&pubexpo);
1835 1852 bigint_attr_cleanup(&prime1);
1836 1853 bigint_attr_cleanup(&prime2);
1837 1854 bigint_attr_cleanup(&expo1);
1838 1855 bigint_attr_cleanup(&expo2);
1839 1856 bigint_attr_cleanup(&coef);
1840 1857 return (rv);
1841 1858 }
1842 1859
1843 1860
1844 1861 /*
1845 1862 * Store the token object to a keystore file.
1846 1863 */
1847 1864 CK_RV
1848 1865 soft_put_object_to_keystore(soft_object_t *objp)
1849 1866 {
|
↓ open down ↓ |
1293 lines elided |
↑ open up ↑ |
1850 1867
1851 1868 uchar_t *buf;
1852 1869 size_t len;
1853 1870 CK_RV rv;
1854 1871
1855 1872 rv = soft_keystore_pack_obj(objp, &buf, &len);
1856 1873 if (rv != CKR_OK)
1857 1874 return (rv);
1858 1875
1859 1876 (void) pthread_mutex_lock(&soft_slot.slot_mutex);
1860 - if (objp->object_type == TOKEN_PUBLIC) {
1861 - if ((soft_keystore_put_new_obj(buf, len, B_TRUE,
1862 - B_FALSE, &objp->ks_handle)) == -1) {
1863 - (void) pthread_mutex_unlock(&soft_slot.slot_mutex);
1864 - free(buf);
1865 - return (CKR_FUNCTION_FAILED);
1866 - }
1867 - } else {
1868 - if ((soft_keystore_put_new_obj(buf, len, B_FALSE,
1869 - B_FALSE, &objp->ks_handle)) == -1) {
1870 - (void) pthread_mutex_unlock(&soft_slot.slot_mutex);
1871 - free(buf);
1872 - return (CKR_FUNCTION_FAILED);
1873 - }
1877 + if (soft_keystore_put_new_obj(buf, len,
1878 + !!(objp->object_type == TOKEN_PUBLIC), B_FALSE,
1879 + &objp->ks_handle) == -1) {
1880 + rv = CKR_FUNCTION_FAILED;
1874 1881 }
1875 1882 (void) pthread_mutex_unlock(&soft_slot.slot_mutex);
1876 - free(buf);
1877 - return (CKR_OK);
1878 1883
1884 + freezero(buf, len);
1885 + return (rv);
1879 1886 }
1880 1887
1881 1888 /*
1882 1889 * Modify the in-core token object and then write it to
1883 1890 * a keystore file.
1884 1891 */
1885 1892 CK_RV
1886 1893 soft_modify_object_to_keystore(soft_object_t *objp)
1887 1894 {
1888 1895
1889 1896 uchar_t *buf;
|
↓ open down ↓ |
1 lines elided |
↑ open up ↑ |
1890 1897 size_t len;
1891 1898 CK_RV rv;
1892 1899
1893 1900 rv = soft_keystore_pack_obj(objp, &buf, &len);
1894 1901 if (rv != CKR_OK)
1895 1902 return (rv);
1896 1903
1897 1904 /* B_TRUE: caller has held a writelock on the keystore */
1898 1905 if (soft_keystore_modify_obj(&objp->ks_handle, buf, len,
1899 1906 B_TRUE) < 0) {
1900 - return (CKR_FUNCTION_FAILED);
1907 + rv = CKR_FUNCTION_FAILED;
1901 1908 }
1902 1909
1903 - free(buf);
1904 - return (CKR_OK);
1910 + freezero(buf, len);
1911 + return (rv);
1905 1912
1906 1913 }
1907 1914
1908 1915 /*
1909 1916 * Read the token object from the keystore file.
1910 1917 */
1911 1918 CK_RV
1912 1919 soft_get_token_objects_from_keystore(ks_search_type_t type)
1913 1920 {
1914 1921 CK_RV rv;
1915 1922 ks_obj_t *ks_obj = NULL, *ks_obj_next;
1916 1923 soft_object_t *new_objp = NULL;
1917 1924
1918 1925 /* Load the token object from keystore based on the object type */
1919 1926 rv = soft_keystore_get_objs(type, &ks_obj, B_FALSE);
1920 1927 if (rv != CKR_OK) {
1921 1928 return (rv);
1922 1929 }
1923 1930
1924 1931 while (ks_obj) {
1925 1932
1926 1933 new_objp = calloc(1, sizeof (soft_object_t));
1927 1934 if (new_objp == NULL) {
1928 1935 rv = CKR_HOST_MEMORY;
1929 1936 goto cleanup;
1930 1937 }
1931 1938 /* Convert the keystore format to memory format */
1932 1939 rv = soft_keystore_unpack_obj(new_objp, ks_obj);
1933 1940 if (rv != CKR_OK) {
1934 1941 if (new_objp->class == CKO_CERTIFICATE)
|
↓ open down ↓ |
20 lines elided |
↑ open up ↑ |
1935 1942 soft_cleanup_cert_object(new_objp);
1936 1943 else
1937 1944 soft_cleanup_object(new_objp);
1938 1945 goto cleanup;
1939 1946 }
1940 1947
1941 1948 soft_add_token_object_to_slot(new_objp);
1942 1949
1943 1950 /* Free the ks_obj list */
1944 1951 ks_obj_next = ks_obj->next;
1945 - if (ks_obj->buf)
1946 - free(ks_obj->buf);
1952 + freezero(ks_obj->buf, ks_obj->size);
1947 1953 free(ks_obj);
1948 1954 ks_obj = ks_obj_next;
1949 1955 }
1950 1956
1951 1957 return (CKR_OK);
1952 1958
1953 1959 cleanup:
1954 1960 while (ks_obj) {
1955 1961 ks_obj_next = ks_obj->next;
1956 - free(ks_obj->buf);
1962 + freezero(ks_obj->buf, ks_obj->size);
1957 1963 free(ks_obj);
1958 1964 ks_obj = ks_obj_next;
1959 1965 }
1960 1966 return (rv);
1961 1967 }
1962 1968
1963 1969 /*
1964 1970 * soft_gen_crypt_key()
1965 1971 *
1966 1972 * Arguments:
1967 1973 *
1968 1974 * pPIN: pointer to caller provided Pin
1969 1975 * key: output argument which contains the address of the
1970 1976 * pointer to encryption key in the soft_object_t.
1971 1977 * It is caller's responsibility to call soft_delete_object()
1972 1978 * if this key is no longer in use.
1973 1979 * saltdata: input argument (if non-NULL), or
1974 1980 * output argument (if NULL):
1975 1981 * address of pointer to the "salt" of the encryption key
1976 1982 *
1977 1983 * Description:
1978 1984 *
1979 1985 * Generate an encryption key of the input PIN.
1980 1986 *
1981 1987 * Returns:
1982 1988 *
1983 1989 * CKR_OK: no error
1984 1990 * Other: some error occurred while generating the encryption key
1985 1991 *
1986 1992 */
1987 1993 CK_RV
1988 1994 soft_gen_crypt_key(uchar_t *pPIN, soft_object_t **key, CK_BYTE **saltdata)
1989 1995 {
1990 1996 CK_OBJECT_CLASS class = CKO_SECRET_KEY;
1991 1997 CK_ATTRIBUTE tmpl[5];
1992 1998 int attrs = 0;
1993 1999 CK_RV rv;
1994 2000 CK_MECHANISM Mechanism;
1995 2001 CK_PKCS5_PBKD2_PARAMS params;
1996 2002 CK_BYTE salt[PBKD2_SALT_SIZE];
1997 2003 CK_ULONG keylen = AES_MIN_KEY_BYTES;
1998 2004 CK_KEY_TYPE keytype = CKK_AES;
1999 2005 static CK_BBOOL truevalue = TRUE;
2000 2006 soft_object_t *secret_key;
2001 2007 CK_OBJECT_HANDLE hKey;
2002 2008 CK_ULONG passwd_size;
2003 2009
2004 2010 if (pPIN == NULL)
2005 2011 return (CKR_FUNCTION_FAILED);
2006 2012
2007 2013 tmpl[attrs].type = CKA_CLASS;
2008 2014 tmpl[attrs].pValue = &class;
2009 2015 tmpl[attrs].ulValueLen = sizeof (class);
2010 2016 attrs++;
2011 2017
2012 2018 tmpl[attrs].type = CKA_KEY_TYPE;
2013 2019 tmpl[attrs].pValue = &keytype;
2014 2020 tmpl[attrs].ulValueLen = sizeof (keytype);
2015 2021 attrs++;
2016 2022
2017 2023 tmpl[attrs].type = CKA_ENCRYPT;
2018 2024 tmpl[attrs].pValue = &truevalue;
2019 2025 tmpl[attrs].ulValueLen = sizeof (CK_BBOOL);
2020 2026 attrs++;
2021 2027
2022 2028 tmpl[attrs].type = CKA_DECRYPT;
2023 2029 tmpl[attrs].pValue = &truevalue;
2024 2030 tmpl[attrs].ulValueLen = sizeof (CK_BBOOL);
2025 2031 attrs++;
2026 2032
2027 2033 tmpl[attrs].type = CKA_VALUE_LEN;
2028 2034 tmpl[attrs].pValue = &keylen;
2029 2035 tmpl[attrs].ulValueLen = sizeof (keylen);
2030 2036 attrs++;
2031 2037
2032 2038 if (*saltdata == NULL) {
2033 2039 bzero(salt, sizeof (salt));
2034 2040 (void) pkcs11_get_nzero_urandom(salt, sizeof (salt));
2035 2041 *saltdata = malloc(PBKD2_SALT_SIZE);
2036 2042 if (*saltdata == NULL)
2037 2043 return (CKR_HOST_MEMORY);
2038 2044 (void) memcpy(*saltdata, salt, PBKD2_SALT_SIZE);
2039 2045 } else {
2040 2046 bzero(salt, sizeof (salt));
2041 2047 (void) memcpy(salt, *saltdata, PBKD2_SALT_SIZE);
2042 2048 }
2043 2049
2044 2050 Mechanism.mechanism = CKM_PKCS5_PBKD2;
2045 2051 Mechanism.pParameter = ¶ms;
2046 2052 Mechanism.ulParameterLen = sizeof (params);
2047 2053 passwd_size = (CK_ULONG)strlen((const char *)pPIN);
2048 2054
2049 2055 params.saltSource = CKZ_SALT_SPECIFIED;
2050 2056 params.pSaltSourceData = (void *)salt;
2051 2057 params.ulSaltSourceDataLen = sizeof (salt);
2052 2058 params.iterations = PBKD2_ITERATIONS;
2053 2059 params.prf = CKP_PKCS5_PBKD2_HMAC_SHA1;
2054 2060 params.pPrfData = NULL;
2055 2061 params.ulPrfDataLen = 0;
2056 2062 params.pPassword = (CK_UTF8CHAR_PTR)pPIN;
2057 2063 params.ulPasswordLen = &passwd_size;
2058 2064
2059 2065 rv = soft_gen_keyobject(tmpl, attrs, &hKey, &token_session,
2060 2066 CKO_SECRET_KEY, CKK_AES, 0, SOFT_GEN_KEY, B_TRUE);
2061 2067
2062 2068 if (rv != CKR_OK) {
2063 2069 return (rv);
2064 2070 }
2065 2071
2066 2072 /* Obtain the secret object pointer. */
2067 2073 secret_key = (soft_object_t *)hKey;
2068 2074 keylen = OBJ_SEC_VALUE_LEN(secret_key);
2069 2075 if ((OBJ_SEC_VALUE(secret_key) = malloc(keylen)) == NULL) {
2070 2076 soft_delete_object(&token_session, secret_key,
2071 2077 B_FALSE, B_FALSE);
2072 2078 return (CKR_HOST_MEMORY);
2073 2079 }
2074 2080
2075 2081 rv = soft_generate_pkcs5_pbkdf2_key(&token_session, &Mechanism,
2076 2082 secret_key);
2077 2083
2078 2084 if (rv != CKR_OK)
2079 2085 soft_delete_object(&token_session, secret_key,
2080 2086 B_FALSE, B_FALSE);
2081 2087 else
2082 2088 *key = secret_key;
2083 2089
2084 2090 return (rv);
2085 2091
2086 2092 }
2087 2093
2088 2094 /*
2089 2095 * soft_gen_hmac_key()
2090 2096 *
2091 2097 * Arguments:
2092 2098 *
2093 2099 * pPIN: pointer to caller provided Pin
2094 2100 * key: output argument which contains the address of the
2095 2101 * pointer to hmac key in the soft_object_t.
2096 2102 * It is caller's responsibility to call soft_delete_object()
2097 2103 * if this key is no longer in use.
2098 2104 * saltdata: input argument (if non-NULL), or
2099 2105 * output argument (if NULL):
2100 2106 * address of pointer to the "salt" of the hmac key
2101 2107 *
2102 2108 * Description:
2103 2109 *
2104 2110 * Generate a hmac key of the input PIN.
2105 2111 *
2106 2112 * Returns:
2107 2113 *
2108 2114 * CKR_OK: no error
2109 2115 * Other: some error occurred while generating the hmac key
2110 2116 *
2111 2117 */
2112 2118 CK_RV
2113 2119 soft_gen_hmac_key(uchar_t *pPIN, soft_object_t **key, CK_BYTE **saltdata)
2114 2120 {
2115 2121 CK_OBJECT_CLASS class = CKO_SECRET_KEY;
2116 2122 CK_ATTRIBUTE tmpl[5];
2117 2123 int attrs = 0;
2118 2124 CK_RV rv;
2119 2125 CK_MECHANISM Mechanism;
2120 2126 CK_PKCS5_PBKD2_PARAMS params;
2121 2127 CK_BYTE salt[PBKD2_SALT_SIZE];
2122 2128 CK_ULONG keylen = 16;
2123 2129 CK_KEY_TYPE keytype = CKK_GENERIC_SECRET;
2124 2130 static CK_BBOOL truevalue = TRUE;
2125 2131 soft_object_t *secret_key;
2126 2132 CK_OBJECT_HANDLE hKey;
2127 2133 CK_ULONG passwd_size;
2128 2134
2129 2135 if (pPIN == NULL)
2130 2136 return (CKR_FUNCTION_FAILED);
2131 2137
2132 2138 tmpl[attrs].type = CKA_CLASS;
2133 2139 tmpl[attrs].pValue = &class;
2134 2140 tmpl[attrs].ulValueLen = sizeof (class);
2135 2141 attrs++;
2136 2142
2137 2143 tmpl[attrs].type = CKA_KEY_TYPE;
2138 2144 tmpl[attrs].pValue = &keytype;
2139 2145 tmpl[attrs].ulValueLen = sizeof (keytype);
2140 2146 attrs++;
2141 2147
2142 2148 tmpl[attrs].type = CKA_SIGN;
2143 2149 tmpl[attrs].pValue = &truevalue;
2144 2150 tmpl[attrs].ulValueLen = sizeof (CK_BBOOL);
2145 2151 attrs++;
2146 2152
2147 2153 tmpl[attrs].type = CKA_VERIFY;
2148 2154 tmpl[attrs].pValue = &truevalue;
2149 2155 tmpl[attrs].ulValueLen = sizeof (CK_BBOOL);
2150 2156 attrs++;
2151 2157
2152 2158 tmpl[attrs].type = CKA_VALUE_LEN;
2153 2159 tmpl[attrs].pValue = &keylen;
2154 2160 tmpl[attrs].ulValueLen = sizeof (keylen);
2155 2161 attrs++;
2156 2162
2157 2163 if (*saltdata == NULL) {
2158 2164 bzero(salt, sizeof (salt));
2159 2165 (void) pkcs11_get_nzero_urandom(salt, sizeof (salt));
2160 2166 *saltdata = malloc(PBKD2_SALT_SIZE);
2161 2167 if (*saltdata == NULL)
2162 2168 return (CKR_HOST_MEMORY);
2163 2169 (void) memcpy(*saltdata, salt, PBKD2_SALT_SIZE);
2164 2170 } else {
2165 2171 bzero(salt, sizeof (salt));
2166 2172 (void) memcpy(salt, *saltdata, PBKD2_SALT_SIZE);
2167 2173 }
2168 2174
2169 2175 Mechanism.mechanism = CKM_PKCS5_PBKD2;
2170 2176 Mechanism.pParameter = ¶ms;
2171 2177 Mechanism.ulParameterLen = sizeof (params);
2172 2178 passwd_size = (CK_ULONG)strlen((const char *)pPIN);
2173 2179
2174 2180 params.saltSource = CKZ_SALT_SPECIFIED;
2175 2181 params.pSaltSourceData = (void *)salt;
2176 2182 params.ulSaltSourceDataLen = sizeof (salt);
2177 2183 params.iterations = PBKD2_ITERATIONS;
2178 2184 params.prf = CKP_PKCS5_PBKD2_HMAC_SHA1;
2179 2185 params.pPrfData = NULL;
2180 2186 params.ulPrfDataLen = 0;
2181 2187 params.pPassword = (CK_UTF8CHAR_PTR)pPIN;
2182 2188 params.ulPasswordLen = &passwd_size;
2183 2189
2184 2190 rv = soft_gen_keyobject(tmpl, attrs, &hKey, &token_session,
2185 2191 CKO_SECRET_KEY, CKK_GENERIC_SECRET, 0, SOFT_GEN_KEY, B_TRUE);
2186 2192
2187 2193 if (rv != CKR_OK) {
2188 2194 return (rv);
2189 2195 }
2190 2196
2191 2197 /* Obtain the secret object pointer. */
2192 2198 secret_key = (soft_object_t *)hKey;
2193 2199 keylen = OBJ_SEC_VALUE_LEN(secret_key);
2194 2200 if ((OBJ_SEC_VALUE(secret_key) = malloc(keylen)) == NULL) {
2195 2201 soft_delete_object(&token_session, secret_key,
2196 2202 B_FALSE, B_FALSE);
2197 2203 return (CKR_HOST_MEMORY);
2198 2204 }
2199 2205
2200 2206 rv = soft_generate_pkcs5_pbkdf2_key(&token_session, &Mechanism,
2201 2207 secret_key);
2202 2208
2203 2209 if (rv != CKR_OK)
2204 2210 soft_delete_object(&token_session, secret_key,
2205 2211 B_FALSE, B_FALSE);
2206 2212 else
2207 2213 *key = secret_key;
2208 2214
2209 2215 return (rv);
2210 2216
2211 2217 }
2212 2218
2213 2219 /*
2214 2220 * The token session is just a psuedo session (a place holder)
2215 2221 * to hold some information during encryption/decryption and
2216 2222 * sign/verify operations when writing/reading the keystore
2217 2223 * token object.
2218 2224 */
2219 2225 CK_RV
2220 2226 soft_init_token_session(void)
2221 2227 {
2222 2228
2223 2229
2224 2230 token_session.magic_marker = SOFTTOKEN_SESSION_MAGIC;
2225 2231 token_session.pApplication = NULL_PTR;
2226 2232 token_session.Notify = NULL;
2227 2233 token_session.flags = CKF_SERIAL_SESSION;
2228 2234 token_session.state = CKS_RO_PUBLIC_SESSION;
2229 2235 token_session.object_list = NULL;
2230 2236 token_session.ses_refcnt = 0;
2231 2237 token_session.ses_close_sync = 0;
2232 2238 token_session.next = NULL;
2233 2239 token_session.prev = NULL;
2234 2240
2235 2241 /* Initialize the lock for the token session */
2236 2242 if (pthread_mutex_init(&token_session.session_mutex, NULL) != 0) {
2237 2243 return (CKR_CANT_LOCK);
2238 2244 }
2239 2245
2240 2246 (void) pthread_cond_init(&token_session.ses_free_cond, NULL);
2241 2247
2242 2248 return (CKR_OK);
2243 2249
2244 2250 }
2245 2251
2246 2252 void
2247 2253 soft_destroy_token_session(void)
2248 2254 {
2249 2255
2250 2256 (void) pthread_cond_destroy(&token_session.ses_free_cond);
2251 2257 (void) pthread_mutex_destroy(&token_session.session_mutex);
2252 2258
2253 2259 }
2254 2260
2255 2261 /*
2256 2262 * Encrypt/Decrypt the private token object when dealing with the keystore.
2257 2263 * This function only applies to the private token object.
2258 2264 */
2259 2265 CK_RV
2260 2266 soft_keystore_crypt(soft_object_t *key_p, uchar_t *ivec, boolean_t encrypt,
2261 2267 CK_BYTE_PTR in, CK_ULONG in_len, CK_BYTE_PTR out, CK_ULONG_PTR out_len)
2262 2268 {
2263 2269 CK_MECHANISM mech;
2264 2270 soft_aes_ctx_t *soft_aes_ctx;
2265 2271 CK_RV rv;
2266 2272 CK_ULONG tmplen, tmplen1;
2267 2273
2268 2274 /*
2269 2275 * The caller will pass NULL for "out" (output buffer) to find out
2270 2276 * the output buffer size that it need to allocate for the encrption
2271 2277 * or decryption.
2272 2278 */
2273 2279 if (out == NULL) {
2274 2280 mech.mechanism = CKM_AES_CBC_PAD;
2275 2281 mech.pParameter = (void *)ivec;
2276 2282 mech.ulParameterLen = AES_BLOCK_LEN;
2277 2283
2278 2284 if (encrypt)
2279 2285 rv = soft_aes_crypt_init_common(&token_session, &mech,
2280 2286 key_p, B_TRUE);
2281 2287 else
2282 2288 rv = soft_aes_crypt_init_common(&token_session, &mech,
2283 2289 key_p, B_FALSE);
2284 2290
2285 2291 if (rv != CKR_OK)
2286 2292 return (rv);
2287 2293
2288 2294
2289 2295 (void) pthread_mutex_lock(&token_session.session_mutex);
2290 2296
2291 2297 if (encrypt)
2292 2298 soft_aes_ctx =
2293 2299 (soft_aes_ctx_t *)token_session.encrypt.context;
2294 2300 else
2295 2301 soft_aes_ctx =
2296 2302 (soft_aes_ctx_t *)token_session.decrypt.context;
|
↓ open down ↓ |
330 lines elided |
↑ open up ↑ |
2297 2303
2298 2304 /* Copy Initialization Vector (IV) into the context. */
2299 2305 (void) memcpy(soft_aes_ctx->ivec, ivec, AES_BLOCK_LEN);
2300 2306
2301 2307 /* Allocate a context for AES cipher-block chaining. */
2302 2308 soft_aes_ctx->aes_cbc = (void *)aes_cbc_ctx_init(
2303 2309 soft_aes_ctx->key_sched, soft_aes_ctx->keysched_len,
2304 2310 soft_aes_ctx->ivec);
2305 2311
2306 2312 if (soft_aes_ctx->aes_cbc == NULL) {
2307 - bzero(soft_aes_ctx->key_sched,
2313 + freezero(soft_aes_ctx->key_sched,
2308 2314 soft_aes_ctx->keysched_len);
2309 - free(soft_aes_ctx->key_sched);
2310 2315 if (encrypt) {
2311 2316 free(token_session.encrypt.context);
2312 2317 token_session.encrypt.context = NULL;
2313 2318 } else {
2314 2319 free(token_session.encrypt.context);
2315 2320 token_session.encrypt.context = NULL;
2316 2321 }
2317 2322
2318 2323 (void) pthread_mutex_unlock(&token_session.
2319 2324 session_mutex);
2320 2325 return (CKR_HOST_MEMORY);
2321 2326 }
2322 2327
2323 2328 (void) pthread_mutex_unlock(&token_session.session_mutex);
2324 2329 /*
2325 2330 * Since out == NULL, the soft_aes_xxcrypt_common() will
2326 2331 * simply return the output buffer length to the caller.
2327 2332 */
2328 2333 if (encrypt) {
2329 2334 rv = soft_aes_encrypt_common(&token_session, in,
2330 2335 in_len, out, out_len, B_FALSE);
2331 2336 } else {
2332 2337 rv = soft_aes_decrypt_common(&token_session, in,
2333 2338 in_len, out, out_len, B_FALSE);
2334 2339 }
2335 2340
2336 2341 } else {
2337 2342 /*
2338 2343 * The caller has allocated the output buffer, so that we
2339 2344 * are doing the real encryption/decryption this time.
2340 2345 */
2341 2346 tmplen = *out_len;
2342 2347 if (encrypt) {
2343 2348 rv = soft_aes_encrypt_common(&token_session, in,
2344 2349 in_len, out, &tmplen, B_TRUE);
2345 2350 if (rv == CKR_OK) {
2346 2351 tmplen1 = *out_len - tmplen;
2347 2352 rv = soft_encrypt_final(&token_session,
2348 2353 out+tmplen, &tmplen1);
2349 2354 *out_len = tmplen + tmplen1;
2350 2355 }
2351 2356 } else {
2352 2357 rv = soft_aes_decrypt_common(&token_session, in,
2353 2358 in_len, out, &tmplen, B_TRUE);
2354 2359 if (rv == CKR_OK) {
2355 2360 tmplen1 = *out_len - tmplen;
2356 2361 rv = soft_decrypt_final(&token_session,
2357 2362 out+tmplen, &tmplen1);
2358 2363 *out_len = tmplen + tmplen1;
2359 2364 }
2360 2365 }
2361 2366 }
2362 2367
2363 2368 return (rv);
2364 2369
2365 2370 }
2366 2371
2367 2372 /*
2368 2373 * Sign/Verify the private token object for checking its data integrity
2369 2374 * when dealing with the keystore.
2370 2375 * This function only applies to the private token object.
2371 2376 */
2372 2377 CK_RV
2373 2378 soft_keystore_hmac(soft_object_t *key_p, boolean_t sign,
2374 2379 CK_BYTE_PTR in, CK_ULONG in_len, CK_BYTE_PTR out, CK_ULONG_PTR out_len)
2375 2380 {
2376 2381 CK_MECHANISM mech;
2377 2382 CK_RV rv;
2378 2383
2379 2384 mech.mechanism = CKM_MD5_HMAC;
2380 2385 mech.pParameter = NULL_PTR;
2381 2386 mech.ulParameterLen = 0;
2382 2387
2383 2388 rv = soft_hmac_sign_verify_init_common(&token_session, &mech,
2384 2389 key_p, sign);
2385 2390
2386 2391 if (rv != CKR_OK)
2387 2392 return (rv);
2388 2393
2389 2394 if (sign) {
2390 2395 rv = soft_sign(&token_session, in, in_len, out, out_len);
2391 2396 } else {
2392 2397 rv = soft_verify(&token_session, in, in_len, out, *out_len);
2393 2398 }
2394 2399
2395 2400 return (rv);
2396 2401 }
|
↓ open down ↓ |
77 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX