/security/nss/lib/softoken/pkcs11.c

http://github.com/zpao/v8monkey · C · 4638 lines · 3412 code · 548 blank · 678 comment · 893 complexity · aeb4ec02f6831187d84fd2a682ca0239 MD5 · raw file

Large files are truncated click here to view the full file

  1. /* ***** BEGIN LICENSE BLOCK *****
  2. * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  3. *
  4. * The contents of this file are subject to the Mozilla Public License Version
  5. * 1.1 (the "License"); you may not use this file except in compliance with
  6. * the License. You may obtain a copy of the License at
  7. * http://www.mozilla.org/MPL/
  8. *
  9. * Software distributed under the License is distributed on an "AS IS" basis,
  10. * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  11. * for the specific language governing rights and limitations under the
  12. * License.
  13. *
  14. * The Original Code is the Netscape security libraries.
  15. *
  16. * The Initial Developer of the Original Code is
  17. * Netscape Communications Corporation.
  18. * Portions created by the Initial Developer are Copyright (C) 1994-2000
  19. * the Initial Developer. All Rights Reserved.
  20. *
  21. * Contributor(s):
  22. * Dr Stephen Henson <stephen.henson@gemplus.com>
  23. * Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
  24. *
  25. * Alternatively, the contents of this file may be used under the terms of
  26. * either the GNU General Public License Version 2 or later (the "GPL"), or
  27. * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  28. * in which case the provisions of the GPL or the LGPL are applicable instead
  29. * of those above. If you wish to allow use of your version of this file only
  30. * under the terms of either the GPL or the LGPL, and not to allow others to
  31. * use your version of this file under the terms of the MPL, indicate your
  32. * decision by deleting the provisions above and replace them with the notice
  33. * and other provisions required by the GPL or the LGPL. If you do not delete
  34. * the provisions above, a recipient may use your version of this file under
  35. * the terms of any one of the MPL, the GPL or the LGPL.
  36. *
  37. * ***** END LICENSE BLOCK ***** */
  38. /*
  39. * This file implements PKCS 11 on top of our existing security modules
  40. *
  41. * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
  42. * This implementation has two slots:
  43. * slot 1 is our generic crypto support. It does not require login.
  44. * It supports Public Key ops, and all they bulk ciphers and hashes.
  45. * It can also support Private Key ops for imported Private keys. It does
  46. * not have any token storage.
  47. * slot 2 is our private key support. It requires a login before use. It
  48. * can store Private Keys and Certs as token objects. Currently only private
  49. * keys and their associated Certificates are saved on the token.
  50. *
  51. * In this implementation, session objects are only visible to the session
  52. * that created or generated them.
  53. */
  54. #include "seccomon.h"
  55. #include "secitem.h"
  56. #include "pkcs11.h"
  57. #include "pkcs11i.h"
  58. #include "softoken.h"
  59. #include "lowkeyi.h"
  60. #include "blapi.h"
  61. #include "secder.h"
  62. #include "secport.h"
  63. #include "secrng.h"
  64. #include "prtypes.h"
  65. #include "nspr.h"
  66. #include "softkver.h"
  67. #include "secoid.h"
  68. #include "sftkdb.h"
  69. #include "sftkpars.h"
  70. #include "ec.h"
  71. #include "secasn1.h"
  72. PRBool parentForkedAfterC_Initialize;
  73. #ifndef NO_FORK_CHECK
  74. PRBool sftkForkCheckDisabled;
  75. #if defined(CHECK_FORK_PTHREAD) || defined(CHECK_FORK_MIXED)
  76. PRBool forked = PR_FALSE;
  77. #endif
  78. #if defined(CHECK_FORK_GETPID) || defined(CHECK_FORK_MIXED)
  79. #include <unistd.h>
  80. pid_t myPid;
  81. #endif
  82. #ifdef CHECK_FORK_MIXED
  83. #include <sys/systeminfo.h>
  84. PRBool usePthread_atfork;
  85. #endif
  86. #endif
  87. /*
  88. * ******************** Static data *******************************
  89. */
  90. /* The next three strings must be exactly 32 characters long */
  91. static char *manufacturerID = "Mozilla Foundation ";
  92. static char manufacturerID_space[33];
  93. static char *libraryDescription = "NSS Internal Crypto Services ";
  94. static char libraryDescription_space[33];
  95. /*
  96. * In FIPS mode, we disallow login attempts for 1 second after a login
  97. * failure so that there are at most 60 login attempts per minute.
  98. */
  99. static PRIntervalTime loginWaitTime;
  100. static PRUint32 minSessionObjectHandle = 1U;
  101. #define __PASTE(x,y) x##y
  102. /*
  103. * we renamed all our internal functions, get the correct
  104. * definitions for them...
  105. */
  106. #undef CK_PKCS11_FUNCTION_INFO
  107. #undef CK_NEED_ARG_LIST
  108. #define CK_EXTERN extern
  109. #define CK_PKCS11_FUNCTION_INFO(func) \
  110. CK_RV __PASTE(NS,func)
  111. #define CK_NEED_ARG_LIST 1
  112. #include "pkcs11f.h"
  113. /* build the crypto module table */
  114. static const CK_FUNCTION_LIST sftk_funcList = {
  115. { 1, 10 },
  116. #undef CK_PKCS11_FUNCTION_INFO
  117. #undef CK_NEED_ARG_LIST
  118. #define CK_PKCS11_FUNCTION_INFO(func) \
  119. __PASTE(NS,func),
  120. #include "pkcs11f.h"
  121. };
  122. #undef CK_PKCS11_FUNCTION_INFO
  123. #undef CK_NEED_ARG_LIST
  124. #undef __PASTE
  125. /* List of DES Weak Keys */
  126. typedef unsigned char desKey[8];
  127. static const desKey sftk_desWeakTable[] = {
  128. #ifdef noParity
  129. /* weak */
  130. { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
  131. { 0x1e, 0x1e, 0x1e, 0x1e, 0x0e, 0x0e, 0x0e, 0x0e },
  132. { 0xe0, 0xe0, 0xe0, 0xe0, 0xf0, 0xf0, 0xf0, 0xf0 },
  133. { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
  134. /* semi-weak */
  135. { 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe },
  136. { 0xfe, 0x00, 0xfe, 0x00, 0x00, 0xfe, 0x00, 0xfe },
  137. { 0x1e, 0xe0, 0x1e, 0xe0, 0x0e, 0xf0, 0x0e, 0xf0 },
  138. { 0xe0, 0x1e, 0xe0, 0x1e, 0xf0, 0x0e, 0xf0, 0x0e },
  139. { 0x00, 0xe0, 0x00, 0xe0, 0x00, 0x0f, 0x00, 0x0f },
  140. { 0xe0, 0x00, 0xe0, 0x00, 0xf0, 0x00, 0xf0, 0x00 },
  141. { 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
  142. { 0xfe, 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e },
  143. { 0x00, 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e },
  144. { 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e, 0x00 },
  145. { 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0, 0xfe },
  146. { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0 },
  147. #else
  148. /* weak */
  149. { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
  150. { 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e },
  151. { 0xe0, 0xe0, 0xe0, 0xe0, 0xf1, 0xf1, 0xf1, 0xf1 },
  152. { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
  153. /* semi-weak */
  154. { 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe },
  155. { 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01 },
  156. { 0x1f, 0xe0, 0x1f, 0xe0, 0x0e, 0xf1, 0x0e, 0xf1 },
  157. { 0xe0, 0x1f, 0xe0, 0x1f, 0xf1, 0x0e, 0xf1, 0x0e },
  158. { 0x01, 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1 },
  159. { 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1, 0x01 },
  160. { 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
  161. { 0xfe, 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e },
  162. { 0x01, 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e },
  163. { 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e, 0x01 },
  164. { 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1, 0xfe },
  165. { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1 }
  166. #endif
  167. };
  168. static const int sftk_desWeakTableSize = sizeof(sftk_desWeakTable)/
  169. sizeof(sftk_desWeakTable[0]);
  170. /* DES KEY Parity conversion table. Takes each byte/2 as an index, returns
  171. * that byte with the proper parity bit set */
  172. static const unsigned char parityTable[256] = {
  173. /* Even...0x00,0x02,0x04,0x06,0x08,0x0a,0x0c,0x0e */
  174. /* E */ 0x01,0x02,0x04,0x07,0x08,0x0b,0x0d,0x0e,
  175. /* Odd....0x10,0x12,0x14,0x16,0x18,0x1a,0x1c,0x1e */
  176. /* O */ 0x10,0x13,0x15,0x16,0x19,0x1a,0x1c,0x1f,
  177. /* Odd....0x20,0x22,0x24,0x26,0x28,0x2a,0x2c,0x2e */
  178. /* O */ 0x20,0x23,0x25,0x26,0x29,0x2a,0x2c,0x2f,
  179. /* Even...0x30,0x32,0x34,0x36,0x38,0x3a,0x3c,0x3e */
  180. /* E */ 0x31,0x32,0x34,0x37,0x38,0x3b,0x3d,0x3e,
  181. /* Odd....0x40,0x42,0x44,0x46,0x48,0x4a,0x4c,0x4e */
  182. /* O */ 0x40,0x43,0x45,0x46,0x49,0x4a,0x4c,0x4f,
  183. /* Even...0x50,0x52,0x54,0x56,0x58,0x5a,0x5c,0x5e */
  184. /* E */ 0x51,0x52,0x54,0x57,0x58,0x5b,0x5d,0x5e,
  185. /* Even...0x60,0x62,0x64,0x66,0x68,0x6a,0x6c,0x6e */
  186. /* E */ 0x61,0x62,0x64,0x67,0x68,0x6b,0x6d,0x6e,
  187. /* Odd....0x70,0x72,0x74,0x76,0x78,0x7a,0x7c,0x7e */
  188. /* O */ 0x70,0x73,0x75,0x76,0x79,0x7a,0x7c,0x7f,
  189. /* Odd....0x80,0x82,0x84,0x86,0x88,0x8a,0x8c,0x8e */
  190. /* O */ 0x80,0x83,0x85,0x86,0x89,0x8a,0x8c,0x8f,
  191. /* Even...0x90,0x92,0x94,0x96,0x98,0x9a,0x9c,0x9e */
  192. /* E */ 0x91,0x92,0x94,0x97,0x98,0x9b,0x9d,0x9e,
  193. /* Even...0xa0,0xa2,0xa4,0xa6,0xa8,0xaa,0xac,0xae */
  194. /* E */ 0xa1,0xa2,0xa4,0xa7,0xa8,0xab,0xad,0xae,
  195. /* Odd....0xb0,0xb2,0xb4,0xb6,0xb8,0xba,0xbc,0xbe */
  196. /* O */ 0xb0,0xb3,0xb5,0xb6,0xb9,0xba,0xbc,0xbf,
  197. /* Even...0xc0,0xc2,0xc4,0xc6,0xc8,0xca,0xcc,0xce */
  198. /* E */ 0xc1,0xc2,0xc4,0xc7,0xc8,0xcb,0xcd,0xce,
  199. /* Odd....0xd0,0xd2,0xd4,0xd6,0xd8,0xda,0xdc,0xde */
  200. /* O */ 0xd0,0xd3,0xd5,0xd6,0xd9,0xda,0xdc,0xdf,
  201. /* Odd....0xe0,0xe2,0xe4,0xe6,0xe8,0xea,0xec,0xee */
  202. /* O */ 0xe0,0xe3,0xe5,0xe6,0xe9,0xea,0xec,0xef,
  203. /* Even...0xf0,0xf2,0xf4,0xf6,0xf8,0xfa,0xfc,0xfe */
  204. /* E */ 0xf1,0xf2,0xf4,0xf7,0xf8,0xfb,0xfd,0xfe,
  205. };
  206. /* Mechanisms */
  207. struct mechanismList {
  208. CK_MECHANISM_TYPE type;
  209. CK_MECHANISM_INFO info;
  210. PRBool privkey;
  211. };
  212. /*
  213. * the following table includes a complete list of mechanism defined by
  214. * PKCS #11 version 2.01. Those Mechanisms not supported by this PKCS #11
  215. * module are ifdef'ed out.
  216. */
  217. #define CKF_EN_DE CKF_ENCRYPT | CKF_DECRYPT
  218. #define CKF_WR_UN CKF_WRAP | CKF_UNWRAP
  219. #define CKF_SN_VR CKF_SIGN | CKF_VERIFY
  220. #define CKF_SN_RE CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER
  221. #define CKF_EN_DE_WR_UN CKF_EN_DE | CKF_WR_UN
  222. #define CKF_SN_VR_RE CKF_SN_VR | CKF_SN_RE
  223. #define CKF_DUZ_IT_ALL CKF_EN_DE_WR_UN | CKF_SN_VR_RE
  224. #define CKF_EC_PNU CKF_EC_FP | CKF_EC_NAMEDCURVE | CKF_EC_UNCOMPRESS
  225. #define CKF_EC_BPNU CKF_EC_F_2M | CKF_EC_PNU
  226. #define CK_MAX 0xffffffff
  227. static const struct mechanismList mechanisms[] = {
  228. /*
  229. * PKCS #11 Mechanism List.
  230. *
  231. * The first argument is the PKCS #11 Mechanism we support.
  232. * The second argument is Mechanism info structure. It includes:
  233. * The minimum key size,
  234. * in bits for RSA, DSA, DH, EC*, KEA, RC2 and RC4 * algs.
  235. * in bytes for RC5, AES, Camellia, and CAST*
  236. * ignored for DES*, IDEA and FORTEZZA based
  237. * The maximum key size,
  238. * in bits for RSA, DSA, DH, EC*, KEA, RC2 and RC4 * algs.
  239. * in bytes for RC5, AES, Camellia, and CAST*
  240. * ignored for DES*, IDEA and FORTEZZA based
  241. * Flags
  242. * What operations are supported by this mechanism.
  243. * The third argument is a bool which tells if this mechanism is
  244. * supported in the database token.
  245. *
  246. */
  247. /* ------------------------- RSA Operations ---------------------------*/
  248. {CKM_RSA_PKCS_KEY_PAIR_GEN,{RSA_MIN_MODULUS_BITS,CK_MAX,
  249. CKF_GENERATE_KEY_PAIR},PR_TRUE},
  250. {CKM_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX,
  251. CKF_DUZ_IT_ALL}, PR_TRUE},
  252. {CKM_RSA_PKCS_PSS, {RSA_MIN_MODULUS_BITS,CK_MAX,
  253. CKF_SN_VR}, PR_TRUE},
  254. #ifdef SFTK_RSA9796_SUPPORTED
  255. {CKM_RSA_9796, {RSA_MIN_MODULUS_BITS,CK_MAX,
  256. CKF_DUZ_IT_ALL}, PR_TRUE},
  257. #endif
  258. {CKM_RSA_X_509, {RSA_MIN_MODULUS_BITS,CK_MAX,
  259. CKF_DUZ_IT_ALL}, PR_TRUE},
  260. /* -------------- RSA Multipart Signing Operations -------------------- */
  261. {CKM_MD2_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX,
  262. CKF_SN_VR}, PR_TRUE},
  263. {CKM_MD5_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX,
  264. CKF_SN_VR}, PR_TRUE},
  265. {CKM_SHA1_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX,
  266. CKF_SN_VR}, PR_TRUE},
  267. {CKM_SHA224_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX,
  268. CKF_SN_VR}, PR_TRUE},
  269. {CKM_SHA256_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX,
  270. CKF_SN_VR}, PR_TRUE},
  271. {CKM_SHA384_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX,
  272. CKF_SN_VR}, PR_TRUE},
  273. {CKM_SHA512_RSA_PKCS, {RSA_MIN_MODULUS_BITS,CK_MAX,
  274. CKF_SN_VR}, PR_TRUE},
  275. /* ------------------------- DSA Operations --------------------------- */
  276. {CKM_DSA_KEY_PAIR_GEN, {DSA_MIN_P_BITS, DSA_MAX_P_BITS,
  277. CKF_GENERATE_KEY_PAIR}, PR_TRUE},
  278. {CKM_DSA, {DSA_MIN_P_BITS, DSA_MAX_P_BITS,
  279. CKF_SN_VR}, PR_TRUE},
  280. {CKM_DSA_SHA1, {DSA_MIN_P_BITS, DSA_MAX_P_BITS,
  281. CKF_SN_VR}, PR_TRUE},
  282. /* -------------------- Diffie Hellman Operations --------------------- */
  283. /* no diffie hellman yet */
  284. {CKM_DH_PKCS_KEY_PAIR_GEN, {DH_MIN_P_BITS, DH_MAX_P_BITS,
  285. CKF_GENERATE_KEY_PAIR}, PR_TRUE},
  286. {CKM_DH_PKCS_DERIVE, {DH_MIN_P_BITS, DH_MAX_P_BITS,
  287. CKF_DERIVE}, PR_TRUE},
  288. #ifdef NSS_ENABLE_ECC
  289. /* -------------------- Elliptic Curve Operations --------------------- */
  290. {CKM_EC_KEY_PAIR_GEN, {112, 571, CKF_GENERATE_KEY_PAIR|CKF_EC_BPNU}, PR_TRUE},
  291. {CKM_ECDH1_DERIVE, {112, 571, CKF_DERIVE|CKF_EC_BPNU}, PR_TRUE},
  292. {CKM_ECDSA, {112, 571, CKF_SN_VR|CKF_EC_BPNU}, PR_TRUE},
  293. {CKM_ECDSA_SHA1, {112, 571, CKF_SN_VR|CKF_EC_BPNU}, PR_TRUE},
  294. #endif /* NSS_ENABLE_ECC */
  295. /* ------------------------- RC2 Operations --------------------------- */
  296. {CKM_RC2_KEY_GEN, {1, 128, CKF_GENERATE}, PR_TRUE},
  297. {CKM_RC2_ECB, {1, 128, CKF_EN_DE_WR_UN}, PR_TRUE},
  298. {CKM_RC2_CBC, {1, 128, CKF_EN_DE_WR_UN}, PR_TRUE},
  299. {CKM_RC2_MAC, {1, 128, CKF_SN_VR}, PR_TRUE},
  300. {CKM_RC2_MAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
  301. {CKM_RC2_CBC_PAD, {1, 128, CKF_EN_DE_WR_UN}, PR_TRUE},
  302. /* ------------------------- RC4 Operations --------------------------- */
  303. {CKM_RC4_KEY_GEN, {1, 256, CKF_GENERATE}, PR_FALSE},
  304. {CKM_RC4, {1, 256, CKF_EN_DE_WR_UN}, PR_FALSE},
  305. /* ------------------------- DES Operations --------------------------- */
  306. {CKM_DES_KEY_GEN, { 8, 8, CKF_GENERATE}, PR_TRUE},
  307. {CKM_DES_ECB, { 8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
  308. {CKM_DES_CBC, { 8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
  309. {CKM_DES_MAC, { 8, 8, CKF_SN_VR}, PR_TRUE},
  310. {CKM_DES_MAC_GENERAL, { 8, 8, CKF_SN_VR}, PR_TRUE},
  311. {CKM_DES_CBC_PAD, { 8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
  312. {CKM_DES2_KEY_GEN, {24, 24, CKF_GENERATE}, PR_TRUE},
  313. {CKM_DES3_KEY_GEN, {24, 24, CKF_GENERATE}, PR_TRUE },
  314. {CKM_DES3_ECB, {24, 24, CKF_EN_DE_WR_UN}, PR_TRUE },
  315. {CKM_DES3_CBC, {24, 24, CKF_EN_DE_WR_UN}, PR_TRUE },
  316. {CKM_DES3_MAC, {24, 24, CKF_SN_VR}, PR_TRUE },
  317. {CKM_DES3_MAC_GENERAL, {24, 24, CKF_SN_VR}, PR_TRUE },
  318. {CKM_DES3_CBC_PAD, {24, 24, CKF_EN_DE_WR_UN}, PR_TRUE },
  319. /* ------------------------- CDMF Operations --------------------------- */
  320. {CKM_CDMF_KEY_GEN, {8, 8, CKF_GENERATE}, PR_TRUE},
  321. {CKM_CDMF_ECB, {8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
  322. {CKM_CDMF_CBC, {8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
  323. {CKM_CDMF_MAC, {8, 8, CKF_SN_VR}, PR_TRUE},
  324. {CKM_CDMF_MAC_GENERAL, {8, 8, CKF_SN_VR}, PR_TRUE},
  325. {CKM_CDMF_CBC_PAD, {8, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
  326. /* ------------------------- AES Operations --------------------------- */
  327. {CKM_AES_KEY_GEN, {16, 32, CKF_GENERATE}, PR_TRUE},
  328. {CKM_AES_ECB, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  329. {CKM_AES_CBC, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  330. {CKM_AES_MAC, {16, 32, CKF_SN_VR}, PR_TRUE},
  331. {CKM_AES_MAC_GENERAL, {16, 32, CKF_SN_VR}, PR_TRUE},
  332. {CKM_AES_CBC_PAD, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  333. /* ------------------------- Camellia Operations --------------------- */
  334. {CKM_CAMELLIA_KEY_GEN, {16, 32, CKF_GENERATE}, PR_TRUE},
  335. {CKM_CAMELLIA_ECB, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  336. {CKM_CAMELLIA_CBC, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  337. {CKM_CAMELLIA_MAC, {16, 32, CKF_SN_VR}, PR_TRUE},
  338. {CKM_CAMELLIA_MAC_GENERAL, {16, 32, CKF_SN_VR}, PR_TRUE},
  339. {CKM_CAMELLIA_CBC_PAD, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  340. /* ------------------------- SEED Operations --------------------------- */
  341. {CKM_SEED_KEY_GEN, {16, 16, CKF_GENERATE}, PR_TRUE},
  342. {CKM_SEED_ECB, {16, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  343. {CKM_SEED_CBC, {16, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  344. {CKM_SEED_MAC, {16, 16, CKF_SN_VR}, PR_TRUE},
  345. {CKM_SEED_MAC_GENERAL, {16, 16, CKF_SN_VR}, PR_TRUE},
  346. {CKM_SEED_CBC_PAD, {16, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  347. /* ------------------------- Hashing Operations ----------------------- */
  348. {CKM_MD2, {0, 0, CKF_DIGEST}, PR_FALSE},
  349. {CKM_MD2_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
  350. {CKM_MD2_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
  351. {CKM_MD5, {0, 0, CKF_DIGEST}, PR_FALSE},
  352. {CKM_MD5_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
  353. {CKM_MD5_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
  354. {CKM_SHA_1, {0, 0, CKF_DIGEST}, PR_FALSE},
  355. {CKM_SHA_1_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
  356. {CKM_SHA_1_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
  357. {CKM_SHA224, {0, 0, CKF_DIGEST}, PR_FALSE},
  358. {CKM_SHA224_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
  359. {CKM_SHA224_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
  360. {CKM_SHA256, {0, 0, CKF_DIGEST}, PR_FALSE},
  361. {CKM_SHA256_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
  362. {CKM_SHA256_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
  363. {CKM_SHA384, {0, 0, CKF_DIGEST}, PR_FALSE},
  364. {CKM_SHA384_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
  365. {CKM_SHA384_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
  366. {CKM_SHA512, {0, 0, CKF_DIGEST}, PR_FALSE},
  367. {CKM_SHA512_HMAC, {1, 128, CKF_SN_VR}, PR_TRUE},
  368. {CKM_SHA512_HMAC_GENERAL, {1, 128, CKF_SN_VR}, PR_TRUE},
  369. {CKM_TLS_PRF_GENERAL, {0, 512, CKF_SN_VR}, PR_FALSE},
  370. /* ------------------------- HKDF Operations -------------------------- */
  371. {CKM_NSS_HKDF_SHA1, {1, 128, CKF_DERIVE}, PR_TRUE},
  372. {CKM_NSS_HKDF_SHA256, {1, 128, CKF_DERIVE}, PR_TRUE},
  373. {CKM_NSS_HKDF_SHA384, {1, 128, CKF_DERIVE}, PR_TRUE},
  374. {CKM_NSS_HKDF_SHA512, {1, 128, CKF_DERIVE}, PR_TRUE},
  375. /* ------------------------- CAST Operations --------------------------- */
  376. #ifdef NSS_SOFTOKEN_DOES_CAST
  377. /* Cast operations are not supported ( yet? ) */
  378. {CKM_CAST_KEY_GEN, {1, 8, CKF_GENERATE}, PR_TRUE},
  379. {CKM_CAST_ECB, {1, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
  380. {CKM_CAST_CBC, {1, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
  381. {CKM_CAST_MAC, {1, 8, CKF_SN_VR}, PR_TRUE},
  382. {CKM_CAST_MAC_GENERAL, {1, 8, CKF_SN_VR}, PR_TRUE},
  383. {CKM_CAST_CBC_PAD, {1, 8, CKF_EN_DE_WR_UN}, PR_TRUE},
  384. {CKM_CAST3_KEY_GEN, {1, 16, CKF_GENERATE}, PR_TRUE},
  385. {CKM_CAST3_ECB, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  386. {CKM_CAST3_CBC, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  387. {CKM_CAST3_MAC, {1, 16, CKF_SN_VR}, PR_TRUE},
  388. {CKM_CAST3_MAC_GENERAL, {1, 16, CKF_SN_VR}, PR_TRUE},
  389. {CKM_CAST3_CBC_PAD, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  390. {CKM_CAST5_KEY_GEN, {1, 16, CKF_GENERATE}, PR_TRUE},
  391. {CKM_CAST5_ECB, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  392. {CKM_CAST5_CBC, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  393. {CKM_CAST5_MAC, {1, 16, CKF_SN_VR}, PR_TRUE},
  394. {CKM_CAST5_MAC_GENERAL, {1, 16, CKF_SN_VR}, PR_TRUE},
  395. {CKM_CAST5_CBC_PAD, {1, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  396. #endif
  397. #if NSS_SOFTOKEN_DOES_RC5
  398. /* ------------------------- RC5 Operations --------------------------- */
  399. {CKM_RC5_KEY_GEN, {1, 32, CKF_GENERATE}, PR_TRUE},
  400. {CKM_RC5_ECB, {1, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  401. {CKM_RC5_CBC, {1, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  402. {CKM_RC5_MAC, {1, 32, CKF_SN_VR}, PR_TRUE},
  403. {CKM_RC5_MAC_GENERAL, {1, 32, CKF_SN_VR}, PR_TRUE},
  404. {CKM_RC5_CBC_PAD, {1, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  405. #endif
  406. #ifdef NSS_SOFTOKEN_DOES_IDEA
  407. /* ------------------------- IDEA Operations -------------------------- */
  408. {CKM_IDEA_KEY_GEN, {16, 16, CKF_GENERATE}, PR_TRUE},
  409. {CKM_IDEA_ECB, {16, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  410. {CKM_IDEA_CBC, {16, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  411. {CKM_IDEA_MAC, {16, 16, CKF_SN_VR}, PR_TRUE},
  412. {CKM_IDEA_MAC_GENERAL, {16, 16, CKF_SN_VR}, PR_TRUE},
  413. {CKM_IDEA_CBC_PAD, {16, 16, CKF_EN_DE_WR_UN}, PR_TRUE},
  414. #endif
  415. /* --------------------- Secret Key Operations ------------------------ */
  416. {CKM_GENERIC_SECRET_KEY_GEN, {1, 32, CKF_GENERATE}, PR_TRUE},
  417. {CKM_CONCATENATE_BASE_AND_KEY, {1, 32, CKF_GENERATE}, PR_FALSE},
  418. {CKM_CONCATENATE_BASE_AND_DATA, {1, 32, CKF_GENERATE}, PR_FALSE},
  419. {CKM_CONCATENATE_DATA_AND_BASE, {1, 32, CKF_GENERATE}, PR_FALSE},
  420. {CKM_XOR_BASE_AND_DATA, {1, 32, CKF_GENERATE}, PR_FALSE},
  421. {CKM_EXTRACT_KEY_FROM_KEY, {1, 32, CKF_DERIVE}, PR_FALSE},
  422. /* ---------------------- SSL Key Derivations ------------------------- */
  423. {CKM_SSL3_PRE_MASTER_KEY_GEN, {48, 48, CKF_GENERATE}, PR_FALSE},
  424. {CKM_SSL3_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
  425. {CKM_SSL3_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE},
  426. {CKM_SSL3_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
  427. {CKM_SSL3_MD5_MAC, { 0, 16, CKF_DERIVE}, PR_FALSE},
  428. {CKM_SSL3_SHA1_MAC, { 0, 20, CKF_DERIVE}, PR_FALSE},
  429. {CKM_MD5_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE},
  430. {CKM_MD2_KEY_DERIVATION, { 0, 16, CKF_DERIVE}, PR_FALSE},
  431. {CKM_SHA1_KEY_DERIVATION, { 0, 20, CKF_DERIVE}, PR_FALSE},
  432. {CKM_TLS_MASTER_KEY_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
  433. {CKM_TLS_MASTER_KEY_DERIVE_DH, {8, 128, CKF_DERIVE}, PR_FALSE},
  434. {CKM_TLS_KEY_AND_MAC_DERIVE, {48, 48, CKF_DERIVE}, PR_FALSE},
  435. /* ---------------------- PBE Key Derivations ------------------------ */
  436. {CKM_PBE_MD2_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE},
  437. {CKM_PBE_MD5_DES_CBC, {8, 8, CKF_DERIVE}, PR_TRUE},
  438. /* ------------------ NETSCAPE PBE Key Derivations ------------------- */
  439. {CKM_NETSCAPE_PBE_SHA1_DES_CBC, { 8, 8, CKF_GENERATE}, PR_TRUE},
  440. {CKM_NETSCAPE_PBE_SHA1_FAULTY_3DES_CBC, {24,24, CKF_GENERATE}, PR_TRUE},
  441. {CKM_PBE_SHA1_DES3_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE},
  442. {CKM_PBE_SHA1_DES2_EDE_CBC, {24,24, CKF_GENERATE}, PR_TRUE},
  443. {CKM_PBE_SHA1_RC2_40_CBC, {40,40, CKF_GENERATE}, PR_TRUE},
  444. {CKM_PBE_SHA1_RC2_128_CBC, {128,128, CKF_GENERATE}, PR_TRUE},
  445. {CKM_PBE_SHA1_RC4_40, {40,40, CKF_GENERATE}, PR_TRUE},
  446. {CKM_PBE_SHA1_RC4_128, {128,128, CKF_GENERATE}, PR_TRUE},
  447. {CKM_PBA_SHA1_WITH_SHA1_HMAC, {20,20, CKF_GENERATE}, PR_TRUE},
  448. {CKM_PKCS5_PBKD2, {1,256, CKF_GENERATE}, PR_TRUE},
  449. {CKM_NETSCAPE_PBE_SHA1_HMAC_KEY_GEN, {20,20, CKF_GENERATE}, PR_TRUE},
  450. {CKM_NETSCAPE_PBE_MD5_HMAC_KEY_GEN, {16,16, CKF_GENERATE}, PR_TRUE},
  451. {CKM_NETSCAPE_PBE_MD2_HMAC_KEY_GEN, {16,16, CKF_GENERATE}, PR_TRUE},
  452. /* ------------------ AES Key Wrap (also encrypt) ------------------- */
  453. {CKM_NETSCAPE_AES_KEY_WRAP, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  454. {CKM_NETSCAPE_AES_KEY_WRAP_PAD, {16, 32, CKF_EN_DE_WR_UN}, PR_TRUE},
  455. /* --------------------------- J-PAKE -------------------------------- */
  456. {CKM_NSS_JPAKE_ROUND1_SHA1, {0, 0, CKF_GENERATE}, PR_TRUE},
  457. {CKM_NSS_JPAKE_ROUND1_SHA256, {0, 0, CKF_GENERATE}, PR_TRUE},
  458. {CKM_NSS_JPAKE_ROUND1_SHA384, {0, 0, CKF_GENERATE}, PR_TRUE},
  459. {CKM_NSS_JPAKE_ROUND1_SHA512, {0, 0, CKF_GENERATE}, PR_TRUE},
  460. {CKM_NSS_JPAKE_ROUND2_SHA1, {0, 0, CKF_DERIVE}, PR_TRUE},
  461. {CKM_NSS_JPAKE_ROUND2_SHA256, {0, 0, CKF_DERIVE}, PR_TRUE},
  462. {CKM_NSS_JPAKE_ROUND2_SHA384, {0, 0, CKF_DERIVE}, PR_TRUE},
  463. {CKM_NSS_JPAKE_ROUND2_SHA512, {0, 0, CKF_DERIVE}, PR_TRUE},
  464. {CKM_NSS_JPAKE_FINAL_SHA1, {0, 0, CKF_DERIVE}, PR_TRUE},
  465. {CKM_NSS_JPAKE_FINAL_SHA256, {0, 0, CKF_DERIVE}, PR_TRUE},
  466. {CKM_NSS_JPAKE_FINAL_SHA384, {0, 0, CKF_DERIVE}, PR_TRUE},
  467. {CKM_NSS_JPAKE_FINAL_SHA512, {0, 0, CKF_DERIVE}, PR_TRUE}
  468. };
  469. static const CK_ULONG mechanismCount = sizeof(mechanisms)/sizeof(mechanisms[0]);
  470. /* sigh global so fipstokn can read it */
  471. PRBool nsc_init = PR_FALSE;
  472. #if defined(CHECK_FORK_PTHREAD) || defined(CHECK_FORK_MIXED)
  473. #include <pthread.h>
  474. static void ForkedChild(void)
  475. {
  476. if (nsc_init || nsf_init) {
  477. forked = PR_TRUE;
  478. }
  479. }
  480. #endif
  481. static char *
  482. sftk_setStringName(const char *inString, char *buffer, int buffer_length, PRBool nullTerminate)
  483. {
  484. int full_length, string_length;
  485. full_length = nullTerminate ? buffer_length -1 : buffer_length;
  486. string_length = PORT_Strlen(inString);
  487. /*
  488. * shorten the string, respecting utf8 encoding
  489. * to do so, we work backward from the end
  490. * bytes looking from the end are either:
  491. * - ascii [0x00,0x7f]
  492. * - the [2-n]th byte of a multibyte sequence
  493. * [0x3F,0xBF], i.e, most significant 2 bits are '10'
  494. * - the first byte of a multibyte sequence [0xC0,0xFD],
  495. * i.e, most significant 2 bits are '11'
  496. *
  497. * When the string is too long, we lop off any trailing '10' bytes,
  498. * if any. When these are all eliminated we lop off
  499. * one additional byte. Thus if we lopped any '10'
  500. * we'll be lopping a '11' byte (the first byte of the multibyte sequence),
  501. * otherwise we're lopping off an ascii character.
  502. *
  503. * To test for '10' bytes, we first AND it with
  504. * 11000000 (0xc0) so that we get 10000000 (0x80) if and only if
  505. * the byte starts with 10. We test for equality.
  506. */
  507. while ( string_length > full_length ) {
  508. /* need to shorten */
  509. while ( string_length > 0 &&
  510. ((inString[string_length-1]&(char)0xc0) == (char)0x80)) {
  511. /* lop off '10' byte */
  512. string_length--;
  513. }
  514. /*
  515. * test string_length in case bad data is received
  516. * and string consisted of all '10' bytes,
  517. * avoiding any infinite loop
  518. */
  519. if ( string_length ) {
  520. /* remove either '11' byte or an asci byte */
  521. string_length--;
  522. }
  523. }
  524. PORT_Memset(buffer,' ',full_length);
  525. if (nullTerminate) {
  526. buffer[full_length] = 0;
  527. }
  528. PORT_Memcpy(buffer,inString,string_length);
  529. return buffer;
  530. }
  531. /*
  532. * Configuration utils
  533. */
  534. static CK_RV
  535. sftk_configure(const char *man, const char *libdes)
  536. {
  537. /* make sure the internationalization was done correctly... */
  538. if (man) {
  539. manufacturerID = sftk_setStringName(man,manufacturerID_space,
  540. sizeof(manufacturerID_space), PR_TRUE);
  541. }
  542. if (libdes) {
  543. libraryDescription = sftk_setStringName(libdes,
  544. libraryDescription_space, sizeof(libraryDescription_space),
  545. PR_TRUE);
  546. }
  547. return CKR_OK;
  548. }
  549. /*
  550. * ******************** Password Utilities *******************************
  551. */
  552. /*
  553. * see if the key DB password is enabled
  554. */
  555. static PRBool
  556. sftk_hasNullPassword(SFTKSlot *slot, SFTKDBHandle *keydb)
  557. {
  558. PRBool pwenabled;
  559. pwenabled = PR_FALSE;
  560. if (sftkdb_HasPasswordSet(keydb) == SECSuccess) {
  561. PRBool tokenRemoved = PR_FALSE;
  562. SECStatus rv = sftkdb_CheckPassword(keydb, "", &tokenRemoved);
  563. if (tokenRemoved) {
  564. sftk_CloseAllSessions(slot, PR_FALSE);
  565. }
  566. return (rv == SECSuccess);
  567. }
  568. return pwenabled;
  569. }
  570. /*
  571. * ******************** Object Creation Utilities ***************************
  572. */
  573. /* Make sure a given attribute exists. If it doesn't, initialize it to
  574. * value and len
  575. */
  576. CK_RV
  577. sftk_defaultAttribute(SFTKObject *object,CK_ATTRIBUTE_TYPE type,void *value,
  578. unsigned int len)
  579. {
  580. if ( !sftk_hasAttribute(object, type)) {
  581. return sftk_AddAttributeType(object,type,value,len);
  582. }
  583. return CKR_OK;
  584. }
  585. /*
  586. * check the consistancy and initialize a Data Object
  587. */
  588. static CK_RV
  589. sftk_handleDataObject(SFTKSession *session,SFTKObject *object)
  590. {
  591. CK_RV crv;
  592. /* first reject private and token data objects */
  593. if (sftk_isTrue(object,CKA_PRIVATE) || sftk_isTrue(object,CKA_TOKEN)) {
  594. return CKR_ATTRIBUTE_VALUE_INVALID;
  595. }
  596. /* now just verify the required date fields */
  597. crv = sftk_defaultAttribute(object,CKA_APPLICATION,NULL,0);
  598. if (crv != CKR_OK) return crv;
  599. crv = sftk_defaultAttribute(object,CKA_VALUE,NULL,0);
  600. if (crv != CKR_OK) return crv;
  601. return CKR_OK;
  602. }
  603. /*
  604. * check the consistancy and initialize a Certificate Object
  605. */
  606. static CK_RV
  607. sftk_handleCertObject(SFTKSession *session,SFTKObject *object)
  608. {
  609. CK_CERTIFICATE_TYPE type;
  610. SFTKAttribute *attribute;
  611. CK_RV crv;
  612. /* certificates must have a type */
  613. if ( !sftk_hasAttribute(object,CKA_CERTIFICATE_TYPE) ) {
  614. return CKR_TEMPLATE_INCOMPLETE;
  615. }
  616. /* we can't store any certs private */
  617. if (sftk_isTrue(object,CKA_PRIVATE)) {
  618. return CKR_ATTRIBUTE_VALUE_INVALID;
  619. }
  620. /* We only support X.509 Certs for now */
  621. attribute = sftk_FindAttribute(object,CKA_CERTIFICATE_TYPE);
  622. if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
  623. type = *(CK_CERTIFICATE_TYPE *)attribute->attrib.pValue;
  624. sftk_FreeAttribute(attribute);
  625. if (type != CKC_X_509) {
  626. return CKR_ATTRIBUTE_VALUE_INVALID;
  627. }
  628. /* X.509 Certificate */
  629. /* make sure we have a cert */
  630. if ( !sftk_hasAttribute(object,CKA_VALUE) ) {
  631. return CKR_TEMPLATE_INCOMPLETE;
  632. }
  633. /* in PKCS #11, Subject is a required field */
  634. if ( !sftk_hasAttribute(object,CKA_SUBJECT) ) {
  635. return CKR_TEMPLATE_INCOMPLETE;
  636. }
  637. /* in PKCS #11, Issuer is a required field */
  638. if ( !sftk_hasAttribute(object,CKA_ISSUER) ) {
  639. return CKR_TEMPLATE_INCOMPLETE;
  640. }
  641. /* in PKCS #11, Serial is a required field */
  642. if ( !sftk_hasAttribute(object,CKA_SERIAL_NUMBER) ) {
  643. return CKR_TEMPLATE_INCOMPLETE;
  644. }
  645. /* add it to the object */
  646. object->objectInfo = NULL;
  647. object->infoFree = (SFTKFree) NULL;
  648. /* now just verify the required date fields */
  649. crv = sftk_defaultAttribute(object, CKA_ID, NULL, 0);
  650. if (crv != CKR_OK) { return crv; }
  651. if (sftk_isTrue(object,CKA_TOKEN)) {
  652. SFTKSlot *slot = session->slot;
  653. SFTKDBHandle *certHandle = sftk_getCertDB(slot);
  654. if (certHandle == NULL) {
  655. return CKR_TOKEN_WRITE_PROTECTED;
  656. }
  657. crv = sftkdb_write(certHandle, object, &object->handle);
  658. sftk_freeDB(certHandle);
  659. return crv;
  660. }
  661. return CKR_OK;
  662. }
  663. /*
  664. * check the consistancy and initialize a Trust Object
  665. */
  666. static CK_RV
  667. sftk_handleTrustObject(SFTKSession *session,SFTKObject *object)
  668. {
  669. /* we can't store any certs private */
  670. if (sftk_isTrue(object,CKA_PRIVATE)) {
  671. return CKR_ATTRIBUTE_VALUE_INVALID;
  672. }
  673. /* certificates must have a type */
  674. if ( !sftk_hasAttribute(object,CKA_ISSUER) ) {
  675. return CKR_TEMPLATE_INCOMPLETE;
  676. }
  677. if ( !sftk_hasAttribute(object,CKA_SERIAL_NUMBER) ) {
  678. return CKR_TEMPLATE_INCOMPLETE;
  679. }
  680. if ( !sftk_hasAttribute(object,CKA_CERT_SHA1_HASH) ) {
  681. return CKR_TEMPLATE_INCOMPLETE;
  682. }
  683. if ( !sftk_hasAttribute(object,CKA_CERT_MD5_HASH) ) {
  684. return CKR_TEMPLATE_INCOMPLETE;
  685. }
  686. if (sftk_isTrue(object,CKA_TOKEN)) {
  687. SFTKSlot *slot = session->slot;
  688. SFTKDBHandle *certHandle = sftk_getCertDB(slot);
  689. CK_RV crv;
  690. if (certHandle == NULL) {
  691. return CKR_TOKEN_WRITE_PROTECTED;
  692. }
  693. crv = sftkdb_write(certHandle, object, &object->handle);
  694. sftk_freeDB(certHandle);
  695. return crv;
  696. }
  697. return CKR_OK;
  698. }
  699. /*
  700. * check the consistancy and initialize a Trust Object
  701. */
  702. static CK_RV
  703. sftk_handleSMimeObject(SFTKSession *session,SFTKObject *object)
  704. {
  705. /* we can't store any certs private */
  706. if (sftk_isTrue(object,CKA_PRIVATE)) {
  707. return CKR_ATTRIBUTE_VALUE_INVALID;
  708. }
  709. /* certificates must have a type */
  710. if ( !sftk_hasAttribute(object,CKA_SUBJECT) ) {
  711. return CKR_TEMPLATE_INCOMPLETE;
  712. }
  713. if ( !sftk_hasAttribute(object,CKA_NETSCAPE_EMAIL) ) {
  714. return CKR_TEMPLATE_INCOMPLETE;
  715. }
  716. if (sftk_isTrue(object,CKA_TOKEN)) {
  717. SFTKSlot *slot = session->slot;
  718. SFTKDBHandle *certHandle;
  719. CK_RV crv;
  720. PORT_Assert(slot);
  721. if (slot == NULL) {
  722. return CKR_SESSION_HANDLE_INVALID;
  723. }
  724. certHandle = sftk_getCertDB(slot);
  725. if (certHandle == NULL) {
  726. return CKR_TOKEN_WRITE_PROTECTED;
  727. }
  728. crv = sftkdb_write(certHandle, object, &object->handle);
  729. sftk_freeDB(certHandle);
  730. return crv;
  731. }
  732. return CKR_OK;
  733. }
  734. /*
  735. * check the consistancy and initialize a Trust Object
  736. */
  737. static CK_RV
  738. sftk_handleCrlObject(SFTKSession *session,SFTKObject *object)
  739. {
  740. /* we can't store any certs private */
  741. if (sftk_isTrue(object,CKA_PRIVATE)) {
  742. return CKR_ATTRIBUTE_VALUE_INVALID;
  743. }
  744. /* certificates must have a type */
  745. if ( !sftk_hasAttribute(object,CKA_SUBJECT) ) {
  746. return CKR_TEMPLATE_INCOMPLETE;
  747. }
  748. if ( !sftk_hasAttribute(object,CKA_VALUE) ) {
  749. return CKR_TEMPLATE_INCOMPLETE;
  750. }
  751. if (sftk_isTrue(object,CKA_TOKEN)) {
  752. SFTKSlot *slot = session->slot;
  753. SFTKDBHandle *certHandle = sftk_getCertDB(slot);
  754. CK_RV crv;
  755. if (certHandle == NULL) {
  756. return CKR_TOKEN_WRITE_PROTECTED;
  757. }
  758. crv = sftkdb_write(certHandle, object, &object->handle);
  759. sftk_freeDB(certHandle);
  760. return crv;
  761. }
  762. return CKR_OK;
  763. }
  764. /*
  765. * check the consistancy and initialize a Public Key Object
  766. */
  767. static CK_RV
  768. sftk_handlePublicKeyObject(SFTKSession *session, SFTKObject *object,
  769. CK_KEY_TYPE key_type)
  770. {
  771. CK_BBOOL encrypt = CK_TRUE;
  772. CK_BBOOL recover = CK_TRUE;
  773. CK_BBOOL wrap = CK_TRUE;
  774. CK_BBOOL derive = CK_FALSE;
  775. CK_BBOOL verify = CK_TRUE;
  776. CK_RV crv;
  777. switch (key_type) {
  778. case CKK_RSA:
  779. crv = sftk_ConstrainAttribute(object, CKA_MODULUS,
  780. RSA_MIN_MODULUS_BITS, 0, 0);
  781. if (crv != CKR_OK) {
  782. return crv;
  783. }
  784. crv = sftk_ConstrainAttribute(object, CKA_PUBLIC_EXPONENT, 2, 0, 0);
  785. if (crv != CKR_OK) {
  786. return crv;
  787. }
  788. break;
  789. case CKK_DSA:
  790. crv = sftk_ConstrainAttribute(object, CKA_SUBPRIME,
  791. DSA_Q_BITS, DSA_Q_BITS, 0);
  792. if (crv != CKR_OK) {
  793. return crv;
  794. }
  795. crv = sftk_ConstrainAttribute(object, CKA_PRIME,
  796. DSA_MIN_P_BITS, DSA_MAX_P_BITS, 64);
  797. if (crv != CKR_OK) {
  798. return crv;
  799. }
  800. crv = sftk_ConstrainAttribute(object, CKA_BASE, 1, DSA_MAX_P_BITS, 0);
  801. if (crv != CKR_OK) {
  802. return crv;
  803. }
  804. crv = sftk_ConstrainAttribute(object, CKA_VALUE, 1, DSA_MAX_P_BITS, 0);
  805. if (crv != CKR_OK) {
  806. return crv;
  807. }
  808. encrypt = CK_FALSE;
  809. recover = CK_FALSE;
  810. wrap = CK_FALSE;
  811. break;
  812. case CKK_DH:
  813. crv = sftk_ConstrainAttribute(object, CKA_PRIME,
  814. DH_MIN_P_BITS, DH_MAX_P_BITS, 0);
  815. if (crv != CKR_OK) {
  816. return crv;
  817. }
  818. crv = sftk_ConstrainAttribute(object, CKA_BASE, 1, DH_MAX_P_BITS, 0);
  819. if (crv != CKR_OK) {
  820. return crv;
  821. }
  822. crv = sftk_ConstrainAttribute(object, CKA_VALUE, 1, DH_MAX_P_BITS, 0);
  823. if (crv != CKR_OK) {
  824. return crv;
  825. }
  826. verify = CK_FALSE;
  827. derive = CK_TRUE;
  828. encrypt = CK_FALSE;
  829. recover = CK_FALSE;
  830. wrap = CK_FALSE;
  831. break;
  832. #ifdef NSS_ENABLE_ECC
  833. case CKK_EC:
  834. if ( !sftk_hasAttribute(object, CKA_EC_PARAMS)) {
  835. return CKR_TEMPLATE_INCOMPLETE;
  836. }
  837. if ( !sftk_hasAttribute(object, CKA_EC_POINT)) {
  838. return CKR_TEMPLATE_INCOMPLETE;
  839. }
  840. derive = CK_TRUE; /* for ECDH */
  841. verify = CK_TRUE; /* for ECDSA */
  842. encrypt = CK_FALSE;
  843. recover = CK_FALSE;
  844. wrap = CK_FALSE;
  845. break;
  846. #endif /* NSS_ENABLE_ECC */
  847. default:
  848. return CKR_ATTRIBUTE_VALUE_INVALID;
  849. }
  850. /* make sure the required fields exist */
  851. crv = sftk_defaultAttribute(object,CKA_SUBJECT,NULL,0);
  852. if (crv != CKR_OK) return crv;
  853. crv = sftk_defaultAttribute(object,CKA_ENCRYPT,&encrypt,sizeof(CK_BBOOL));
  854. if (crv != CKR_OK) return crv;
  855. crv = sftk_defaultAttribute(object,CKA_VERIFY,&verify,sizeof(CK_BBOOL));
  856. if (crv != CKR_OK) return crv;
  857. crv = sftk_defaultAttribute(object,CKA_VERIFY_RECOVER,
  858. &recover,sizeof(CK_BBOOL));
  859. if (crv != CKR_OK) return crv;
  860. crv = sftk_defaultAttribute(object,CKA_WRAP,&wrap,sizeof(CK_BBOOL));
  861. if (crv != CKR_OK) return crv;
  862. crv = sftk_defaultAttribute(object,CKA_DERIVE,&derive,sizeof(CK_BBOOL));
  863. if (crv != CKR_OK) return crv;
  864. object->objectInfo = sftk_GetPubKey(object,key_type, &crv);
  865. if (object->objectInfo == NULL) {
  866. return crv;
  867. }
  868. object->infoFree = (SFTKFree) nsslowkey_DestroyPublicKey;
  869. if (sftk_isTrue(object,CKA_TOKEN)) {
  870. SFTKSlot *slot = session->slot;
  871. SFTKDBHandle *certHandle = sftk_getCertDB(slot);
  872. if (certHandle == NULL) {
  873. return CKR_TOKEN_WRITE_PROTECTED;
  874. }
  875. crv = sftkdb_write(certHandle, object, &object->handle);
  876. sftk_freeDB(certHandle);
  877. return crv;
  878. }
  879. return CKR_OK;
  880. }
  881. static NSSLOWKEYPrivateKey *
  882. sftk_mkPrivKey(SFTKObject *object,CK_KEY_TYPE key, CK_RV *rvp);
  883. static SECStatus
  884. sftk_fillRSAPrivateKey(SFTKObject *object);
  885. /*
  886. * check the consistancy and initialize a Private Key Object
  887. */
  888. static CK_RV
  889. sftk_handlePrivateKeyObject(SFTKSession *session,SFTKObject *object,CK_KEY_TYPE key_type)
  890. {
  891. CK_BBOOL cktrue = CK_TRUE;
  892. CK_BBOOL encrypt = CK_TRUE;
  893. CK_BBOOL sign = CK_FALSE;
  894. CK_BBOOL recover = CK_TRUE;
  895. CK_BBOOL wrap = CK_TRUE;
  896. CK_BBOOL derive = CK_TRUE;
  897. CK_BBOOL ckfalse = CK_FALSE;
  898. PRBool createObjectInfo = PR_TRUE;
  899. int missing_rsa_mod_component = 0;
  900. int missing_rsa_exp_component = 0;
  901. int missing_rsa_crt_component = 0;
  902. SECItem mod;
  903. CK_RV crv;
  904. switch (key_type) {
  905. case CKK_RSA:
  906. if ( !sftk_hasAttribute(object, CKA_MODULUS)) {
  907. missing_rsa_mod_component++;
  908. }
  909. if ( !sftk_hasAttribute(object, CKA_PUBLIC_EXPONENT)) {
  910. missing_rsa_exp_component++;
  911. }
  912. if ( !sftk_hasAttribute(object, CKA_PRIVATE_EXPONENT)) {
  913. missing_rsa_exp_component++;
  914. }
  915. if ( !sftk_hasAttribute(object, CKA_PRIME_1)) {
  916. missing_rsa_mod_component++;
  917. }
  918. if ( !sftk_hasAttribute(object, CKA_PRIME_2)) {
  919. missing_rsa_mod_component++;
  920. }
  921. if ( !sftk_hasAttribute(object, CKA_EXPONENT_1)) {
  922. missing_rsa_crt_component++;
  923. }
  924. if ( !sftk_hasAttribute(object, CKA_EXPONENT_2)) {
  925. missing_rsa_crt_component++;
  926. }
  927. if ( !sftk_hasAttribute(object, CKA_COEFFICIENT)) {
  928. missing_rsa_crt_component++;
  929. }
  930. if (missing_rsa_mod_component || missing_rsa_exp_component ||
  931. missing_rsa_crt_component) {
  932. /* we are missing a component, see if we have enough to rebuild
  933. * the rest */
  934. int have_exp = 2- missing_rsa_exp_component;
  935. int have_component = 5-
  936. (missing_rsa_exp_component+missing_rsa_mod_component);
  937. SECStatus rv;
  938. if ((have_exp == 0) || (have_component < 3)) {
  939. /* nope, not enough to reconstruct the private key */
  940. return CKR_TEMPLATE_INCOMPLETE;
  941. }
  942. /*fill in the missing parameters */
  943. rv = sftk_fillRSAPrivateKey(object);
  944. if (rv != SECSuccess) {
  945. return CKR_TEMPLATE_INCOMPLETE;
  946. }
  947. }
  948. /* make sure Netscape DB attribute is set correctly */
  949. crv = sftk_Attribute2SSecItem(NULL, &mod, object, CKA_MODULUS);
  950. if (crv != CKR_OK) return crv;
  951. crv = sftk_forceAttribute(object, CKA_NETSCAPE_DB,
  952. sftk_item_expand(&mod));
  953. if (mod.data) PORT_Free(mod.data);
  954. if (crv != CKR_OK) return crv;
  955. sign = CK_TRUE;
  956. derive = CK_FALSE;
  957. break;
  958. case CKK_DSA:
  959. if ( !sftk_hasAttribute(object, CKA_SUBPRIME)) {
  960. return CKR_TEMPLATE_INCOMPLETE;
  961. }
  962. sign = CK_TRUE;
  963. derive = CK_FALSE;
  964. /* fall through */
  965. case CKK_DH:
  966. if ( !sftk_hasAttribute(object, CKA_PRIME)) {
  967. return CKR_TEMPLATE_INCOMPLETE;
  968. }
  969. if ( !sftk_hasAttribute(object, CKA_BASE)) {
  970. return CKR_TEMPLATE_INCOMPLETE;
  971. }
  972. if ( !sftk_hasAttribute(object, CKA_VALUE)) {
  973. return CKR_TEMPLATE_INCOMPLETE;
  974. }
  975. encrypt = CK_FALSE;
  976. recover = CK_FALSE;
  977. wrap = CK_FALSE;
  978. break;
  979. #ifdef NSS_ENABLE_ECC
  980. case CKK_EC:
  981. if ( !sftk_hasAttribute(object, CKA_EC_PARAMS)) {
  982. return CKR_TEMPLATE_INCOMPLETE;
  983. }
  984. if ( !sftk_hasAttribute(object, CKA_VALUE)) {
  985. return CKR_TEMPLATE_INCOMPLETE;
  986. }
  987. encrypt = CK_FALSE;
  988. sign = CK_TRUE;
  989. recover = CK_FALSE;
  990. wrap = CK_FALSE;
  991. break;
  992. #endif /* NSS_ENABLE_ECC */
  993. case CKK_NSS_JPAKE_ROUND1:
  994. if (!sftk_hasAttribute(object, CKA_PRIME ||
  995. !sftk_hasAttribute(object, CKA_SUBPRIME) ||
  996. !sftk_hasAttribute(object, CKA_BASE))) {
  997. return CKR_TEMPLATE_INCOMPLETE;
  998. }
  999. /* fall through */
  1000. case CKK_NSS_JPAKE_ROUND2:
  1001. /* CKA_NSS_JPAKE_SIGNERID and CKA_NSS_JPAKE_PEERID are checked in
  1002. the J-PAKE code. */
  1003. encrypt = sign = recover = wrap = CK_FALSE;
  1004. derive = CK_TRUE;
  1005. createObjectInfo = PR_FALSE;
  1006. break;
  1007. default:
  1008. return CKR_ATTRIBUTE_VALUE_INVALID;
  1009. }
  1010. crv = sftk_defaultAttribute(object,CKA_SUBJECT,NULL,0);
  1011. if (crv != CKR_OK) return crv;
  1012. crv = sftk_defaultAttribute(object,CKA_SENSITIVE,&cktrue,sizeof(CK_BBOOL));
  1013. if (crv != CKR_OK) return crv;
  1014. crv = sftk_defaultAttribute(object,CKA_EXTRACTABLE,&cktrue,sizeof(CK_BBOOL));
  1015. if (crv != CKR_OK) return crv;
  1016. crv = sftk_defaultAttribute(object,CKA_DECRYPT,&encrypt,sizeof(CK_BBOOL));
  1017. if (crv != CKR_OK) return crv;
  1018. crv = sftk_defaultAttribute(object,CKA_SIGN,&sign,sizeof(CK_BBOOL));
  1019. if (crv != CKR_OK) return crv;
  1020. crv = sftk_defaultAttribute(object,CKA_SIGN_RECOVER,&recover,
  1021. sizeof(CK_BBOOL));
  1022. if (crv != CKR_OK) return crv;
  1023. crv = sftk_defaultAttribute(object,CKA_UNWRAP,&wrap,sizeof(CK_BBOOL));
  1024. if (crv != CKR_OK) return crv;
  1025. crv = sftk_defaultAttribute(object,CKA_DERIVE,&derive,sizeof(CK_BBOOL));
  1026. if (crv != CKR_OK) return crv;
  1027. /* the next two bits get modified only in the key gen and token cases */
  1028. crv = sftk_forceAttribute(object,CKA_ALWAYS_SENSITIVE,
  1029. &ckfalse,sizeof(CK_BBOOL));
  1030. if (crv != CKR_OK) return crv;
  1031. crv = sftk_forceAttribute(object,CKA_NEVER_EXTRACTABLE,
  1032. &ckfalse,sizeof(CK_BBOOL));
  1033. if (crv != CKR_OK) return crv;
  1034. /* should we check the non-token RSA private keys? */
  1035. if (sftk_isTrue(object,CKA_TOKEN)) {
  1036. SFTKSlot *slot = session->slot;
  1037. SFTKDBHandle *keyHandle = sftk_getKeyDB(slot);
  1038. CK_RV crv;
  1039. if (keyHandle == NULL) {
  1040. return CKR_TOKEN_WRITE_PROTECTED;
  1041. }
  1042. crv = sftkdb_write(keyHandle, object, &object->handle);
  1043. sftk_freeDB(keyHandle);
  1044. return crv;
  1045. } else if (createObjectInfo) {
  1046. object->objectInfo = sftk_mkPrivKey(object,key_type,&crv);
  1047. if (object->objectInfo == NULL) return crv;
  1048. object->infoFree = (SFTKFree) nsslowkey_DestroyPrivateKey;
  1049. }
  1050. return CKR_OK;
  1051. }
  1052. /* forward declare the DES formating function for handleSecretKey */
  1053. void sftk_FormatDESKey(unsigned char *key, int length);
  1054. /* Validate secret key data, and set defaults */
  1055. static CK_RV
  1056. validateSecretKey(SFTKSession *session, SFTKObject *object,
  1057. CK_KEY_TYPE key_type, PRBool isFIPS)
  1058. {
  1059. CK_RV crv;
  1060. CK_BBOOL cktrue = CK_TRUE;
  1061. CK_BBOOL ckfalse = CK_FALSE;
  1062. SFTKAttribute *attribute = NULL;
  1063. unsigned long requiredLen;
  1064. crv = sftk_defaultAttribute(object,CKA_SENSITIVE,
  1065. isFIPS?&cktrue:&ckfalse,sizeof(CK_BBOOL));
  1066. if (crv != CKR_OK) return crv;
  1067. crv = sftk_defaultAttribute(object,CKA_EXTRACTABLE,
  1068. &cktrue,sizeof(CK_BBOOL));
  1069. if (crv != CKR_OK) return crv;
  1070. crv = sftk_defaultAttribute(object,CKA_ENCRYPT,&cktrue,sizeof(CK_BBOOL));
  1071. if (crv != CKR_OK) return crv;
  1072. crv = sftk_defaultAttribute(object,CKA_DECRYPT,&cktrue,sizeof(CK_BBOOL));
  1073. if (crv != CKR_OK) return crv;
  1074. crv = sftk_defaultAttribute(object,CKA_SIGN,&ckfalse,sizeof(CK_BBOOL));
  1075. if (crv != CKR_OK) return crv;
  1076. crv = sftk_defaultAttribute(object,CKA_VERIFY,&ckfalse,sizeof(CK_BBOOL));
  1077. if (crv != CKR_OK) return crv;
  1078. crv = sftk_defaultAttribute(object,CKA_WRAP,&cktrue,sizeof(CK_BBOOL));
  1079. if (crv != CKR_OK) return crv;
  1080. crv = sftk_defaultAttribute(object,CKA_UNWRAP,&cktrue,sizeof(CK_BBOOL));
  1081. if (crv != CKR_OK) return crv;
  1082. if ( !sftk_hasAttribute(object, CKA_VALUE)) {
  1083. return CKR_TEMPLATE_INCOMPLETE;
  1084. }
  1085. /* the next two bits get modified only in the key gen and token cases */
  1086. crv = sftk_forceAttribute(object,CKA_ALWAYS_SENSITIVE,
  1087. &ckfalse,sizeof(CK_BBOOL));
  1088. if (crv != CKR_OK) return crv;
  1089. crv = sftk_forceAttribute(object,CKA_NEVER_EXTRACTABLE,
  1090. &ckfalse,sizeof(CK_BBOOL));
  1091. if (crv != CKR_OK) return crv;
  1092. /* some types of keys have a value length */
  1093. crv = CKR_OK;
  1094. switch (key_type) {
  1095. /* force CKA_VALUE_LEN to be set */
  1096. case CKK_GENERIC_SECRET:
  1097. case CKK_RC2:
  1098. case CKK_RC4:
  1099. #if NSS_SOFTOKEN_DOES_RC5
  1100. case CKK_RC5:
  1101. #endif
  1102. #ifdef NSS_SOFTOKEN_DOES_CAST
  1103. case CKK_CAST:
  1104. case CKK_CAST3:
  1105. case CKK_CAST5:
  1106. #endif
  1107. #if NSS_SOFTOKEN_DOES_IDEA
  1108. case CKK_IDEA:
  1109. #endif
  1110. attribute = sftk_FindAttribute(object,CKA_VALUE);
  1111. /* shouldn't happen */
  1112. if (attribute == NULL) return CKR_TEMPLATE_INCOMPLETE;
  1113. crv = sftk_forceAttribute(object, CKA_VALUE_LEN,
  1114. &attribute->attrib.ulValueLen, sizeof(CK_ULONG));
  1115. sftk_FreeAttribute(attribute);
  1116. break;
  1117. /* force the value to have the correct parity */
  1118. case CKK_DES:
  1119. case CKK_DES2:
  1120. case CKK_DES3:
  1121. case CKK_CDMF:
  1122. attribute = sftk_FindAttribute(object,CKA_VALUE);
  1123. /* shouldn't happen */
  1124. if (attribute == NULL)
  1125. return CKR_TEMPLATE_INCOMPLETE;
  1126. requiredLen = sftk_MapKeySize(key_type);
  1127. if (attribute->attrib.ulValueLen != requiredLen) {
  1128. sftk_FreeAttribute(attribute);
  1129. return CKR_KEY_SIZE_RANGE;
  1130. }
  1131. sftk_FormatDESKey((unsigned char*)attribute->attrib.pValue,
  1132. attribute->attrib.ulValueLen);
  1133. sftk_FreeAttribute(attribute);
  1134. break;
  1135. case CKK_AES:
  1136. attribute = sftk_FindAttribute(object,CKA_VALUE);
  1137. /* shouldn't happen */
  1138. if (attribute == NULL)
  1139. return CKR_TEMPLATE_INCOMPLETE;
  1140. if (attribute->attrib.ulValueLen != 16 &&
  1141. attribute->attrib.ulValueLen != 24 &&
  1142. attribute->attrib.ulValueLen != 32) {
  1143. sftk_FreeAttribute(attribute);
  1144. return CKR_KEY_SIZE_RANGE;
  1145. }
  1146. crv = sftk_forceAttribute(object, CKA_VALUE_LEN,
  1147. &attribute->attrib.ulValueLen, sizeof(CK_ULONG));
  1148. sftk_FreeAttribute(attribute);
  1149. break;
  1150. default:
  1151. break;
  1152. }
  1153. return crv;
  1154. }
  1155. /*
  1156. * check the consistancy and initialize a Secret Key Object
  1157. */
  1158. static CK_RV
  1159. sftk_handleSecretKeyObject(SFTKSession *session,SFTKObject *object,
  1160. CK_KEY_TYPE key_type, PRBool isFIPS)
  1161. {
  1162. CK_RV crv;
  1163. /* First validate and set defaults */
  1164. crv = validateSecretKey(session, object, key_type, isFIPS);
  1165. if (crv != CKR_OK) goto loser;
  1166. /* If the object is a TOKEN object, store in the database */
  1167. if (sftk_isTrue(object,CKA_TOKEN)) {
  1168. SFTKSlot *slot = session->slot;
  1169. SFTKDBHandle *keyHandle = sftk_getKeyDB(slot);
  1170. CK_RV crv;
  1171. if (keyHandle == NULL) {
  1172. return CKR_TOKEN_WRITE_PROTECTED;
  1173. }
  1174. crv = sftkdb_write(keyHandle, object, &object->handle);
  1175. sftk_freeDB(keyHandle);
  1176. return crv;
  1177. }
  1178. loser:
  1179. return crv;
  1180. }
  1181. /*
  1182. * check the consistancy and initialize a Key Object
  1183. */
  1184. static CK_RV
  1185. sftk_handleKeyObject(SFTKSession *session, SFTKObject *object)
  1186. {
  1187. SFTKAttribute *attribute;
  1188. CK_KEY_TYPE key_type;
  1189. CK_BBOOL ckfalse = CK_FALSE;
  1190. CK_RV crv;
  1191. /* verify the required fields */
  1192. if ( !sftk_hasAttribute(object,CKA_KEY_TYPE) ) {
  1193. return CKR_TEMPLATE_INCOMPLETE;
  1194. }
  1195. /* now verify the common fields */
  1196. crv = sftk_defaultAttribute(object,CKA_ID,NULL,0);
  1197. if (crv != CKR_OK) return crv;
  1198. crv = sftk_defaultAttribute(object,CKA_START_DATE,NULL,0);
  1199. if (crv != CKR_OK) return crv;
  1200. crv = sftk_defaultAttribute(object,CKA_END_DATE,NULL,0);
  1201. if (crv != CKR_OK) return crv;
  1202. /* CKA_DERIVE is common to all keys, but it's default value is
  1203. * key dependent */
  1204. crv = sftk_defaultAttribute(object,CKA_LOCAL,&ckfalse,sizeof(CK_BBOOL));
  1205. if (crv != CKR_OK) return crv;
  1206. /* get the key type */
  1207. attribute = sftk_FindAttribute(object,CKA_KEY_TYPE);
  1208. if (!attribute) {
  1209. return CKR_ATTRIBUTE_VALUE_INVALID;
  1210. }
  1211. key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
  1212. sftk_FreeAttribute(attribute);
  1213. switch (object->objclass) {
  1214. case CKO_PUBLIC_KEY:
  1215. return sftk_handlePublicKeyObject(session,object,key_type);
  1216. case CKO_PRIVATE_KEY:
  1217. return sftk_handlePrivateKeyObject(session,object,key_type);
  1218. case CKO_SECRET_KEY:
  1219. /* make sure the required fields exist */
  1220. return sftk_handleSecretKeyObject(session,object,key_type,
  1221. (PRBool)(session->slot->slotID == FIPS_SLOT_ID));
  1222. default:
  1223. break;
  1224. }
  1225. return CKR_ATTRIBUTE_VALUE_INVALID;
  1226. }
  1227. /*
  1228. * check the consistancy and Verify a DSA Parameter Object
  1229. */
  1230. static CK_RV
  1231. sftk_handleDSAParameterObject(SFTKSession *session, SFTKObject *object)
  1232. {
  1233. SFTKAttribute *primeAttr = NULL;
  1234. SFTKAttribute *subPrimeAttr = NULL;
  1235. SFTKAttribute *baseAttr = NULL;
  1236. SFTKAttribute *seedAttr = NULL;
  1237. SFTKAttribute *hAttr = NULL;
  1238. SFTKAttribute *attribute;
  1239. CK_RV crv = CKR_TEMPLATE_INCOMPLETE;
  1240. PQGParams params;
  1241. PQGVerify vfy, *verify = NULL;
  1242. SECStatus result,rv;
  1243. primeAttr = sftk_FindAttribute(object,CKA_PRIME);
  1244. if (primeAttr == NULL) goto loser;
  1245. params.prime.data = primeAttr->attrib.pValue;
  1246. params.prime.len = primeAttr->attrib.ulValueLen;
  1247. subPrimeAttr = sftk_FindAttribute(object,CKA_SUBPRIME);
  1248. if (subPrimeAttr == NULL) goto loser;
  1249. params.subPrime.data = subPrimeAttr->attrib.pValue;
  1250. params.subPrime.len = subPrimeAttr->attrib.ulValueLen;
  1251. baseAttr = sftk_FindAttribute(object,CKA_BASE);
  1252. if (baseAttr == NULL) goto loser;
  1253. params.base.data = baseAttr->attrib.pValue;
  1254. params.base.len = baseAttr->attrib.ulValueLen;
  1255. attribute = sftk_FindAttribute(object, CKA_NETSCAPE_PQG_COUNTER);
  1256. if (attribute != NULL) {
  1257. vfy.counter = *(CK_ULONG *) attribute->attrib.pValue;
  1258. sftk_FreeAttribute(attribute);
  1259. seedAttr = sftk_FindAttribute(object, CKA_NETSCAPE_PQG_SEED);
  1260. if (seedAttr == NULL) goto loser;
  1261. vfy.seed.data = seedAttr->attrib.pValue;
  1262. vfy.seed.len = seedAttr->attrib.ulValueLen;
  1263. hAttr = sftk_FindAttribute(object, CKA_NETSCAPE_PQG_H);
  1264. if (hAttr == NULL) goto loser;
  1265. vfy.h.data = hAttr->attrib.pValue;
  1266. vfy.h.len = hAttr->attrib.ulValueLen;
  1267. verify = &vfy;
  1268. }
  1269. crv = CKR_FUNCTION_FAILED;
  1270. rv = PQG_VerifyParams(&params,verify,&result);
  1271. if (rv == SECSuccess) {
  1272. crv = (result== SECSuccess) ? CKR_OK : CKR_ATTRIBUTE_VALUE_INVALID;
  1273. }
  1274. loser:
  1275. if (hAttr) sftk_FreeAttribute(hAttr);
  1276. if (seedAttr) sftk_FreeAttribute(seedAttr);
  1277. if (baseAttr) sftk_FreeAttribute(baseAttr);
  1278. if (subPrimeAttr) sftk_FreeAttribute(subPrimeAttr);
  1279. if (primeAttr) sftk_FreeAttribute(primeAttr);
  1280. return crv;
  1281. }
  1282. /*
  1283. * check the consistancy and initialize a Key Parameter Object
  1284. */
  1285. static CK_RV
  1286. sftk_handleKeyParameterObject(SFTKSession *session, SFTKObject *object)
  1287. {
  1288. SFTKAttribute *attribute;