Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(81)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mozilla/security/nss/lib/softoken/fipstokn.c

Issue 14249009: Change the NSS and NSPR source tree to the new directory structure to be (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/
Patch Set: Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « mozilla/security/nss/lib/softoken/fipstest.c ('k') | mozilla/security/nss/lib/softoken/jpakesftk.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /*
5 * This file implements PKCS 11 on top of our existing security modules
6 *
7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
8 * This implementation has two slots:
9 * slot 1 is our generic crypto support. It does not require login
10 * (unless you've enabled FIPS). It supports Public Key ops, and all they
11 * bulk ciphers and hashes. It can also support Private Key ops for imported
12 * Private keys. It does not have any token storage.
13 * slot 2 is our private key support. It requires a login before use. It
14 * can store Private Keys and Certs as token objects. Currently only private
15 * keys and their associated Certificates are saved on the token.
16 *
17 * In this implementation, session objects are only visible to the session
18 * that created or generated them.
19 */
20 #include "seccomon.h"
21 #include "softoken.h"
22 #include "lowkeyi.h"
23 #include "pkcs11.h"
24 #include "pkcs11i.h"
25 #include "prenv.h"
26 #include "prprf.h"
27
28 #include <ctype.h>
29
30 #ifdef XP_UNIX
31 #define NSS_AUDIT_WITH_SYSLOG 1
32 #include <syslog.h>
33 #include <unistd.h>
34 #endif
35
36 #ifdef SOLARIS
37 #include <bsm/libbsm.h>
38 #define AUE_FIPS_AUDIT 34444
39 #endif
40
41 #ifdef LINUX
42 #include <pthread.h>
43 #include <dlfcn.h>
44 #define LIBAUDIT_NAME "libaudit.so.0"
45 #ifndef AUDIT_CRYPTO_TEST_USER
46 #define AUDIT_CRYPTO_TEST_USER 2400 /* Crypto test results */
47 #define AUDIT_CRYPTO_PARAM_CHANGE_USER 2401 /* Crypto attribute change */
48 #define AUDIT_CRYPTO_LOGIN 2402 /* Logged in as crypto officer */
49 #define AUDIT_CRYPTO_LOGOUT 2403 /* Logged out from crypto */
50 #define AUDIT_CRYPTO_KEY_USER 2404 /* Create,delete,negotiate */
51 #define AUDIT_CRYPTO_FAILURE_USER 2405 /* Fail decrypt,encrypt,randomize * /
52 #endif
53 static void *libaudit_handle;
54 static int (*audit_open_func)(void);
55 static void (*audit_close_func)(int fd);
56 static int (*audit_log_user_message_func)(int audit_fd, int type,
57 const char *message, const char *hostname, const char *addr,
58 const char *tty, int result);
59 static int (*audit_send_user_message_func)(int fd, int type,
60 const char *message);
61
62 static pthread_once_t libaudit_once_control = PTHREAD_ONCE_INIT;
63
64 static void
65 libaudit_init(void)
66 {
67 libaudit_handle = dlopen(LIBAUDIT_NAME, RTLD_LAZY);
68 if (!libaudit_handle) {
69 return;
70 }
71 audit_open_func = dlsym(libaudit_handle, "audit_open");
72 audit_close_func = dlsym(libaudit_handle, "audit_close");
73 /*
74 * audit_send_user_message is the older function.
75 * audit_log_user_message, if available, is preferred.
76 */
77 audit_log_user_message_func = dlsym(libaudit_handle,
78 "audit_log_user_message");
79 if (!audit_log_user_message_func) {
80 audit_send_user_message_func = dlsym(libaudit_handle,
81 "audit_send_user_message");
82 }
83 if (!audit_open_func || !audit_close_func ||
84 (!audit_log_user_message_func && !audit_send_user_message_func)) {
85 dlclose(libaudit_handle);
86 libaudit_handle = NULL;
87 audit_open_func = NULL;
88 audit_close_func = NULL;
89 audit_log_user_message_func = NULL;
90 audit_send_user_message_func = NULL;
91 }
92 }
93 #endif /* LINUX */
94
95
96 /*
97 * ******************** Password Utilities *******************************
98 */
99 static PRBool isLoggedIn = PR_FALSE;
100 PRBool sftk_fatalError = PR_FALSE;
101
102 /*
103 * This function returns
104 * - CKR_PIN_INVALID if the password/PIN is not a legal UTF8 string
105 * - CKR_PIN_LEN_RANGE if the password/PIN is too short or does not
106 * consist of characters from three or more character classes.
107 * - CKR_OK otherwise
108 *
109 * The minimum password/PIN length is FIPS_MIN_PIN Unicode characters.
110 * We define five character classes: digits (0-9), ASCII lowercase letters,
111 * ASCII uppercase letters, ASCII non-alphanumeric characters (such as
112 * space and punctuation marks), and non-ASCII characters. If an ASCII
113 * uppercase letter is the first character of the password/PIN, the
114 * uppercase letter is not counted toward its character class. Similarly,
115 * if a digit is the last character of the password/PIN, the digit is not
116 * counted toward its character class.
117 *
118 * Although NSC_SetPIN and NSC_InitPIN already do the maximum and minimum
119 * password/PIN length checks, they check the length in bytes as opposed
120 * to characters. To meet the minimum password/PIN guessing probability
121 * requirements in FIPS 140-2, we need to check the length in characters.
122 */
123 static CK_RV sftk_newPinCheck(CK_CHAR_PTR pPin, CK_ULONG ulPinLen) {
124 unsigned int i;
125 int nchar = 0; /* number of characters */
126 int ntrail = 0; /* number of trailing bytes to follow */
127 int ndigit = 0; /* number of decimal digits */
128 int nlower = 0; /* number of ASCII lowercase letters */
129 int nupper = 0; /* number of ASCII uppercase letters */
130 int nnonalnum = 0; /* number of ASCII non-alphanumeric characters */
131 int nnonascii = 0; /* number of non-ASCII characters */
132 int nclass; /* number of character classes */
133
134 for (i = 0; i < ulPinLen; i++) {
135 unsigned int byte = pPin[i];
136
137 if (ntrail) {
138 if ((byte & 0xc0) != 0x80) {
139 /* illegal */
140 nchar = -1;
141 break;
142 }
143 if (--ntrail == 0) {
144 nchar++;
145 nnonascii++;
146 }
147 continue;
148 }
149 if ((byte & 0x80) == 0x00) {
150 /* single-byte (ASCII) character */
151 nchar++;
152 if (isdigit(byte)) {
153 if (i < ulPinLen - 1) {
154 ndigit++;
155 }
156 } else if (islower(byte)) {
157 nlower++;
158 } else if (isupper(byte)) {
159 if (i > 0) {
160 nupper++;
161 }
162 } else {
163 nnonalnum++;
164 }
165 } else if ((byte & 0xe0) == 0xc0) {
166 /* leading byte of two-byte character */
167 ntrail = 1;
168 } else if ((byte & 0xf0) == 0xe0) {
169 /* leading byte of three-byte character */
170 ntrail = 2;
171 } else if ((byte & 0xf8) == 0xf0) {
172 /* leading byte of four-byte character */
173 ntrail = 3;
174 } else {
175 /* illegal */
176 nchar = -1;
177 break;
178 }
179 }
180 if (nchar == -1) {
181 /* illegal UTF8 string */
182 return CKR_PIN_INVALID;
183 }
184 if (nchar < FIPS_MIN_PIN) {
185 return CKR_PIN_LEN_RANGE;
186 }
187 nclass = (ndigit != 0) + (nlower != 0) + (nupper != 0) +
188 (nnonalnum != 0) + (nnonascii != 0);
189 if (nclass < 3) {
190 return CKR_PIN_LEN_RANGE;
191 }
192 return CKR_OK;
193 }
194
195
196 /* FIPS required checks before any useful cryptographic services */
197 static CK_RV sftk_fipsCheck(void) {
198 if (sftk_fatalError)
199 return CKR_DEVICE_ERROR;
200 if (!isLoggedIn)
201 return CKR_USER_NOT_LOGGED_IN;
202 return CKR_OK;
203 }
204
205
206 #define SFTK_FIPSCHECK() \
207 CK_RV rv; \
208 if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
209
210 #define SFTK_FIPSFATALCHECK() \
211 if (sftk_fatalError) return CKR_DEVICE_ERROR;
212
213
214 /* grab an attribute out of a raw template */
215 void *
216 fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate,
217 CK_ULONG ulCount, CK_ATTRIBUTE_TYPE type)
218 {
219 int i;
220
221 for (i=0; i < (int) ulCount; i++) {
222 if (pTemplate[i].type == type) {
223 return pTemplate[i].pValue;
224 }
225 }
226 return NULL;
227 }
228
229
230 #define __PASTE(x,y) x##y
231
232 /* ------------- forward declare all the NSC_ functions ------------- */
233 #undef CK_NEED_ARG_LIST
234 #undef CK_PKCS11_FUNCTION_INFO
235
236 #define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(NS,name)
237 #define CK_NEED_ARG_LIST 1
238
239 #include "pkcs11f.h"
240
241 /* ------------- forward declare all the FIPS functions ------------- */
242 #undef CK_NEED_ARG_LIST
243 #undef CK_PKCS11_FUNCTION_INFO
244
245 #define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F,name)
246 #define CK_NEED_ARG_LIST 1
247
248 #include "pkcs11f.h"
249
250 /* ------------- build the CK_CRYPTO_TABLE ------------------------- */
251 static CK_FUNCTION_LIST sftk_fipsTable = {
252 { 1, 10 },
253
254 #undef CK_NEED_ARG_LIST
255 #undef CK_PKCS11_FUNCTION_INFO
256
257 #define CK_PKCS11_FUNCTION_INFO(name) __PASTE(F,name),
258
259
260 #include "pkcs11f.h"
261
262 };
263
264 #undef CK_NEED_ARG_LIST
265 #undef CK_PKCS11_FUNCTION_INFO
266
267
268 #undef __PASTE
269
270 /* CKO_NOT_A_KEY can be any object class that's not a key object. */
271 #define CKO_NOT_A_KEY CKO_DATA
272
273 #define SFTK_IS_KEY_OBJECT(objClass) \
274 (((objClass) == CKO_PUBLIC_KEY) || \
275 ((objClass) == CKO_PRIVATE_KEY) || \
276 ((objClass) == CKO_SECRET_KEY))
277
278 #define SFTK_IS_NONPUBLIC_KEY_OBJECT(objClass) \
279 (((objClass) == CKO_PRIVATE_KEY) || ((objClass) == CKO_SECRET_KEY))
280
281 static CK_RV
282 sftk_get_object_class_and_fipsCheck(CK_SESSION_HANDLE hSession,
283 CK_OBJECT_HANDLE hObject, CK_OBJECT_CLASS *pObjClass)
284 {
285 CK_RV rv;
286 CK_ATTRIBUTE class;
287 class.type = CKA_CLASS;
288 class.pValue = pObjClass;
289 class.ulValueLen = sizeof(*pObjClass);
290 rv = NSC_GetAttributeValue(hSession, hObject, &class, 1);
291 if ((rv == CKR_OK) && SFTK_IS_NONPUBLIC_KEY_OBJECT(*pObjClass)) {
292 rv = sftk_fipsCheck();
293 }
294 return rv;
295 }
296
297 #ifdef LINUX
298
299 int
300 sftk_mapLinuxAuditType(NSSAuditSeverity severity, NSSAuditType auditType)
301 {
302 switch (auditType) {
303 case NSS_AUDIT_ACCESS_KEY:
304 case NSS_AUDIT_CHANGE_KEY:
305 case NSS_AUDIT_COPY_KEY:
306 case NSS_AUDIT_DERIVE_KEY:
307 case NSS_AUDIT_DESTROY_KEY:
308 case NSS_AUDIT_DIGEST_KEY:
309 case NSS_AUDIT_GENERATE_KEY:
310 case NSS_AUDIT_LOAD_KEY:
311 case NSS_AUDIT_UNWRAP_KEY:
312 case NSS_AUDIT_WRAP_KEY:
313 return AUDIT_CRYPTO_KEY_USER;
314 case NSS_AUDIT_CRYPT:
315 return (severity == NSS_AUDIT_ERROR) ? AUDIT_CRYPTO_FAILURE_USER :
316 AUDIT_CRYPTO_KEY_USER;
317 case NSS_AUDIT_FIPS_STATE:
318 case NSS_AUDIT_INIT_PIN:
319 case NSS_AUDIT_INIT_TOKEN:
320 case NSS_AUDIT_SET_PIN:
321 return AUDIT_CRYPTO_PARAM_CHANGE_USER;
322 case NSS_AUDIT_SELF_TEST:
323 return AUDIT_CRYPTO_TEST_USER;
324 case NSS_AUDIT_LOGIN:
325 return AUDIT_CRYPTO_LOGIN;
326 case NSS_AUDIT_LOGOUT:
327 return AUDIT_CRYPTO_LOGOUT;
328 /* we skip the fault case here so we can get compiler
329 * warnings if new 'NSSAuditType's are added without
330 * added them to this list, defaults fall through */
331 }
332 /* default */
333 return AUDIT_CRYPTO_PARAM_CHANGE_USER;
334 }
335 #endif
336
337
338 /**********************************************************************
339 *
340 * FIPS 140 auditable event logging
341 *
342 **********************************************************************/
343
344 PRBool sftk_audit_enabled = PR_FALSE;
345
346 /*
347 * Each audit record must have the following information:
348 * - Date and time of the event
349 * - Type of event
350 * - user (subject) identity
351 * - outcome (success or failure) of the event
352 * - process ID
353 * - name (ID) of the object
354 * - for changes to data (except for authentication data and CSPs), the new
355 * and old values of the data
356 * - for authentication attempts, the origin of the attempt (e.g., terminal
357 * identifier)
358 * - for assuming a role, the type of role, and the location of the request
359 */
360 void
361 sftk_LogAuditMessage(NSSAuditSeverity severity, NSSAuditType auditType,
362 const char *msg)
363 {
364 #ifdef NSS_AUDIT_WITH_SYSLOG
365 int level;
366
367 switch (severity) {
368 case NSS_AUDIT_ERROR:
369 level = LOG_ERR;
370 break;
371 case NSS_AUDIT_WARNING:
372 level = LOG_WARNING;
373 break;
374 default:
375 level = LOG_INFO;
376 break;
377 }
378 /* timestamp is provided by syslog in the message header */
379 syslog(level | LOG_USER /* facility */,
380 "NSS " SOFTOKEN_LIB_NAME "[pid=%d uid=%d]: %s",
381 (int)getpid(), (int)getuid(), msg);
382 #ifdef LINUX
383 if (pthread_once(&libaudit_once_control, libaudit_init) != 0) {
384 return;
385 }
386 if (libaudit_handle) {
387 int audit_fd;
388 int linuxAuditType;
389 int result = (severity != NSS_AUDIT_ERROR); /* 1=success; 0=failed */
390 char *message = PR_smprintf("NSS " SOFTOKEN_LIB_NAME ": %s", msg);
391 if (!message) {
392 return;
393 }
394 audit_fd = audit_open_func();
395 if (audit_fd < 0) {
396 PR_smprintf_free(message);
397 return;
398 }
399 linuxAuditType = sftk_mapLinuxAuditType(severity, auditType);
400 if (audit_log_user_message_func) {
401 audit_log_user_message_func(audit_fd, linuxAuditType, message,
402 NULL, NULL, NULL, result);
403 } else {
404 audit_send_user_message_func(audit_fd, linuxAuditType, message);
405 }
406 audit_close_func(audit_fd);
407 PR_smprintf_free(message);
408 }
409 #endif /* LINUX */
410 #ifdef SOLARIS
411 {
412 int rd;
413 char *message = PR_smprintf("NSS " SOFTOKEN_LIB_NAME ": %s", msg);
414
415 if (!message) {
416 return;
417 }
418
419 /* open the record descriptor */
420 if ((rd = au_open()) == -1) {
421 PR_smprintf_free(message);
422 return;
423 }
424
425 /* write the audit tokens to the audit record */
426 if (au_write(rd, au_to_text(message))) {
427 (void)au_close(rd, AU_TO_NO_WRITE, AUE_FIPS_AUDIT);
428 PR_smprintf_free(message);
429 return;
430 }
431
432 /* close the record and send it to the audit trail */
433 (void)au_close(rd, AU_TO_WRITE, AUE_FIPS_AUDIT);
434
435 PR_smprintf_free(message);
436 }
437 #endif /* SOLARIS */
438 #else
439 /* do nothing */
440 #endif
441 }
442
443
444 /**********************************************************************
445 *
446 * Start of PKCS 11 functions
447 *
448 **********************************************************************/
449 /* return the function list */
450 CK_RV FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
451
452 CHECK_FORK();
453
454 *pFunctionList = &sftk_fipsTable;
455 return CKR_OK;
456 }
457
458 /* sigh global so pkcs11 can read it */
459 PRBool nsf_init = PR_FALSE;
460
461 /* FC_Initialize initializes the PKCS #11 library. */
462 CK_RV FC_Initialize(CK_VOID_PTR pReserved) {
463 const char *envp;
464 CK_RV crv;
465
466 sftk_ForkReset(pReserved, &crv);
467
468 if (nsf_init) {
469 return CKR_CRYPTOKI_ALREADY_INITIALIZED;
470 }
471
472 if ((envp = PR_GetEnv("NSS_ENABLE_AUDIT")) != NULL) {
473 sftk_audit_enabled = (atoi(envp) == 1);
474 }
475
476 crv = nsc_CommonInitialize(pReserved, PR_TRUE);
477
478 /* not an 'else' rv can be set by either SFTK_LowInit or SFTK_SlotInit*/
479 if (crv != CKR_OK) {
480 sftk_fatalError = PR_TRUE;
481 return crv;
482 }
483
484 sftk_fatalError = PR_FALSE; /* any error has been reset */
485
486 crv = sftk_fipsPowerUpSelfTest();
487 if (crv != CKR_OK) {
488 nsc_CommonFinalize(NULL, PR_TRUE);
489 sftk_fatalError = PR_TRUE;
490 if (sftk_audit_enabled) {
491 char msg[128];
492 PR_snprintf(msg,sizeof msg,
493 "C_Initialize()=0x%08lX "
494 "power-up self-tests failed",
495 (PRUint32)crv);
496 sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
497 }
498 return crv;
499 }
500 nsf_init = PR_TRUE;
501
502 return CKR_OK;
503 }
504
505 /*FC_Finalize indicates that an application is done with the PKCS #11 library.*/
506 CK_RV FC_Finalize (CK_VOID_PTR pReserved) {
507 CK_RV crv;
508
509 if (sftk_ForkReset(pReserved, &crv)) {
510 return crv;
511 }
512
513 if (!nsf_init) {
514 return CKR_OK;
515 }
516
517 crv = nsc_CommonFinalize (pReserved, PR_TRUE);
518
519 nsf_init = (PRBool) !(crv == CKR_OK);
520 return crv;
521 }
522
523
524 /* FC_GetInfo returns general information about PKCS #11. */
525 CK_RV FC_GetInfo(CK_INFO_PTR pInfo) {
526 CHECK_FORK();
527
528 return NSC_GetInfo(pInfo);
529 }
530
531 /* FC_GetSlotList obtains a list of slots in the system. */
532 CK_RV FC_GetSlotList(CK_BBOOL tokenPresent,
533 CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) {
534 CHECK_FORK();
535
536 return nsc_CommonGetSlotList(tokenPresent,pSlotList,pulCount,
537 NSC_FIPS_MODULE);
538 }
539
540 /* FC_GetSlotInfo obtains information about a particular slot in the system. */
541 CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
542 CHECK_FORK();
543
544 return NSC_GetSlotInfo(slotID,pInfo);
545 }
546
547
548 /*FC_GetTokenInfo obtains information about a particular token in the system.*/
549 CK_RV FC_GetTokenInfo(CK_SLOT_ID slotID,CK_TOKEN_INFO_PTR pInfo) {
550 CK_RV crv;
551
552 CHECK_FORK();
553
554 crv = NSC_GetTokenInfo(slotID,pInfo);
555 if (crv == CKR_OK)
556 pInfo->flags |= CKF_LOGIN_REQUIRED;
557 return crv;
558
559 }
560
561
562
563 /*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/
564 CK_RV FC_GetMechanismList(CK_SLOT_ID slotID,
565 CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount) {
566 CHECK_FORK();
567
568 SFTK_FIPSFATALCHECK();
569 if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
570 /* FIPS Slot supports all functions */
571 return NSC_GetMechanismList(slotID,pMechanismList,pusCount);
572 }
573
574
575 /* FC_GetMechanismInfo obtains information about a particular mechanism
576 * possibly supported by a token. */
577 CK_RV FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
578 CK_MECHANISM_INFO_PTR pInfo) {
579 CHECK_FORK();
580
581 SFTK_FIPSFATALCHECK();
582 if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
583 /* FIPS Slot supports all functions */
584 return NSC_GetMechanismInfo(slotID,type,pInfo);
585 }
586
587
588 /* FC_InitToken initializes a token. */
589 CK_RV FC_InitToken(CK_SLOT_ID slotID,CK_CHAR_PTR pPin,
590 CK_ULONG usPinLen,CK_CHAR_PTR pLabel) {
591 CK_RV crv;
592
593 CHECK_FORK();
594
595 crv = NSC_InitToken(slotID,pPin,usPinLen,pLabel);
596 if (sftk_audit_enabled) {
597 char msg[128];
598 NSSAuditSeverity severity = (crv == CKR_OK) ?
599 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
600 /* pLabel points to a 32-byte label, which is not null-terminated */
601 PR_snprintf(msg,sizeof msg,
602 "C_InitToken(slotID=%lu, pLabel=\"%.32s\")=0x%08lX",
603 (PRUint32)slotID,pLabel,(PRUint32)crv);
604 sftk_LogAuditMessage(severity, NSS_AUDIT_INIT_TOKEN, msg);
605 }
606 return crv;
607 }
608
609
610 /* FC_InitPIN initializes the normal user's PIN. */
611 CK_RV FC_InitPIN(CK_SESSION_HANDLE hSession,
612 CK_CHAR_PTR pPin, CK_ULONG ulPinLen) {
613 CK_RV rv;
614
615 CHECK_FORK();
616
617 if (sftk_fatalError) return CKR_DEVICE_ERROR;
618 if ((rv = sftk_newPinCheck(pPin,ulPinLen)) == CKR_OK) {
619 rv = NSC_InitPIN(hSession,pPin,ulPinLen);
620 }
621 if (sftk_audit_enabled) {
622 char msg[128];
623 NSSAuditSeverity severity = (rv == CKR_OK) ?
624 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
625 PR_snprintf(msg,sizeof msg,
626 "C_InitPIN(hSession=0x%08lX)=0x%08lX",
627 (PRUint32)hSession,(PRUint32)rv);
628 sftk_LogAuditMessage(severity, NSS_AUDIT_INIT_PIN, msg);
629 }
630 return rv;
631 }
632
633
634 /* FC_SetPIN modifies the PIN of user that is currently logged in. */
635 /* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
636 CK_RV FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
637 CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen) {
638 CK_RV rv;
639
640 CHECK_FORK();
641
642 if ((rv = sftk_fipsCheck()) == CKR_OK &&
643 (rv = sftk_newPinCheck(pNewPin,usNewLen)) == CKR_OK) {
644 rv = NSC_SetPIN(hSession,pOldPin,usOldLen,pNewPin,usNewLen);
645 }
646 if (sftk_audit_enabled) {
647 char msg[128];
648 NSSAuditSeverity severity = (rv == CKR_OK) ?
649 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
650 PR_snprintf(msg,sizeof msg,
651 "C_SetPIN(hSession=0x%08lX)=0x%08lX",
652 (PRUint32)hSession,(PRUint32)rv);
653 sftk_LogAuditMessage(severity, NSS_AUDIT_SET_PIN, msg);
654 }
655 return rv;
656 }
657
658 /* FC_OpenSession opens a session between an application and a token. */
659 CK_RV FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
660 CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession) {
661 SFTK_FIPSFATALCHECK();
662
663 CHECK_FORK();
664
665 return NSC_OpenSession(slotID,flags,pApplication,Notify,phSession);
666 }
667
668
669 /* FC_CloseSession closes a session between an application and a token. */
670 CK_RV FC_CloseSession(CK_SESSION_HANDLE hSession) {
671 CHECK_FORK();
672
673 return NSC_CloseSession(hSession);
674 }
675
676
677 /* FC_CloseAllSessions closes all sessions with a token. */
678 CK_RV FC_CloseAllSessions (CK_SLOT_ID slotID) {
679
680 CHECK_FORK();
681
682 return NSC_CloseAllSessions (slotID);
683 }
684
685
686 /* FC_GetSessionInfo obtains information about the session. */
687 CK_RV FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
688 CK_SESSION_INFO_PTR pInfo) {
689 CK_RV rv;
690 SFTK_FIPSFATALCHECK();
691
692 CHECK_FORK();
693
694 rv = NSC_GetSessionInfo(hSession,pInfo);
695 if (rv == CKR_OK) {
696 if ((isLoggedIn) && (pInfo->state == CKS_RO_PUBLIC_SESSION)) {
697 pInfo->state = CKS_RO_USER_FUNCTIONS;
698 }
699 if ((isLoggedIn) && (pInfo->state == CKS_RW_PUBLIC_SESSION)) {
700 pInfo->state = CKS_RW_USER_FUNCTIONS;
701 }
702 }
703 return rv;
704 }
705
706 /* FC_Login logs a user into a token. */
707 CK_RV FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
708 CK_CHAR_PTR pPin, CK_ULONG usPinLen) {
709 CK_RV rv;
710 PRBool successful;
711 if (sftk_fatalError) return CKR_DEVICE_ERROR;
712 rv = NSC_Login(hSession,userType,pPin,usPinLen);
713 successful = (rv == CKR_OK) || (rv == CKR_USER_ALREADY_LOGGED_IN);
714 if (successful)
715 isLoggedIn = PR_TRUE;
716 if (sftk_audit_enabled) {
717 char msg[128];
718 NSSAuditSeverity severity;
719 severity = successful ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
720 PR_snprintf(msg,sizeof msg,
721 "C_Login(hSession=0x%08lX, userType=%lu)=0x%08lX",
722 (PRUint32)hSession,(PRUint32)userType,(PRUint32)rv);
723 sftk_LogAuditMessage(severity, NSS_AUDIT_LOGIN, msg);
724 }
725 return rv;
726 }
727
728 /* FC_Logout logs a user out from a token. */
729 CK_RV FC_Logout(CK_SESSION_HANDLE hSession) {
730 CK_RV rv;
731
732 CHECK_FORK();
733
734 if ((rv = sftk_fipsCheck()) == CKR_OK) {
735 rv = NSC_Logout(hSession);
736 isLoggedIn = PR_FALSE;
737 }
738 if (sftk_audit_enabled) {
739 char msg[128];
740 NSSAuditSeverity severity = (rv == CKR_OK) ?
741 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
742 PR_snprintf(msg,sizeof msg,
743 "C_Logout(hSession=0x%08lX)=0x%08lX",
744 (PRUint32)hSession,(PRUint32)rv);
745 sftk_LogAuditMessage(severity, NSS_AUDIT_LOGOUT, msg);
746 }
747 return rv;
748 }
749
750
751 /* FC_CreateObject creates a new object. */
752 CK_RV FC_CreateObject(CK_SESSION_HANDLE hSession,
753 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
754 CK_OBJECT_HANDLE_PTR phObject) {
755 CK_OBJECT_CLASS * classptr;
756
757 SFTK_FIPSCHECK();
758 CHECK_FORK();
759
760 classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate,ulCount,CKA_CLASS);
761 if (classptr == NULL) return CKR_TEMPLATE_INCOMPLETE;
762
763 /* FIPS can't create keys from raw key material */
764 if (SFTK_IS_NONPUBLIC_KEY_OBJECT(*classptr)) {
765 rv = CKR_ATTRIBUTE_VALUE_INVALID;
766 } else {
767 rv = NSC_CreateObject(hSession,pTemplate,ulCount,phObject);
768 }
769 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(*classptr)) {
770 sftk_AuditCreateObject(hSession,pTemplate,ulCount,phObject,rv);
771 }
772 return rv;
773 }
774
775
776
777
778
779 /* FC_CopyObject copies an object, creating a new object for the copy. */
780 CK_RV FC_CopyObject(CK_SESSION_HANDLE hSession,
781 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
782 CK_OBJECT_HANDLE_PTR phNewObject) {
783 CK_RV rv;
784 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
785
786 CHECK_FORK();
787
788 SFTK_FIPSFATALCHECK();
789 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
790 if (rv == CKR_OK) {
791 rv = NSC_CopyObject(hSession,hObject,pTemplate,ulCount,phNewObject);
792 }
793 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
794 sftk_AuditCopyObject(hSession,
795 hObject,pTemplate,ulCount,phNewObject,rv);
796 }
797 return rv;
798 }
799
800
801 /* FC_DestroyObject destroys an object. */
802 CK_RV FC_DestroyObject(CK_SESSION_HANDLE hSession,
803 CK_OBJECT_HANDLE hObject) {
804 CK_RV rv;
805 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
806
807 CHECK_FORK();
808
809 SFTK_FIPSFATALCHECK();
810 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
811 if (rv == CKR_OK) {
812 rv = NSC_DestroyObject(hSession,hObject);
813 }
814 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
815 sftk_AuditDestroyObject(hSession,hObject,rv);
816 }
817 return rv;
818 }
819
820
821 /* FC_GetObjectSize gets the size of an object in bytes. */
822 CK_RV FC_GetObjectSize(CK_SESSION_HANDLE hSession,
823 CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize) {
824 CK_RV rv;
825 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
826
827 CHECK_FORK();
828
829 SFTK_FIPSFATALCHECK();
830 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
831 if (rv == CKR_OK) {
832 rv = NSC_GetObjectSize(hSession, hObject, pulSize);
833 }
834 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
835 sftk_AuditGetObjectSize(hSession, hObject, pulSize, rv);
836 }
837 return rv;
838 }
839
840
841 /* FC_GetAttributeValue obtains the value of one or more object attributes. */
842 CK_RV FC_GetAttributeValue(CK_SESSION_HANDLE hSession,
843 CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
844 CK_RV rv;
845 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
846
847 CHECK_FORK();
848
849 SFTK_FIPSFATALCHECK();
850 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
851 if (rv == CKR_OK) {
852 rv = NSC_GetAttributeValue(hSession,hObject,pTemplate,ulCount);
853 }
854 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
855 sftk_AuditGetAttributeValue(hSession,hObject,pTemplate,ulCount,rv);
856 }
857 return rv;
858 }
859
860
861 /* FC_SetAttributeValue modifies the value of one or more object attributes */
862 CK_RV FC_SetAttributeValue (CK_SESSION_HANDLE hSession,
863 CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
864 CK_RV rv;
865 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
866
867 CHECK_FORK();
868
869 SFTK_FIPSFATALCHECK();
870 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
871 if (rv == CKR_OK) {
872 rv = NSC_SetAttributeValue(hSession,hObject,pTemplate,ulCount);
873 }
874 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
875 sftk_AuditSetAttributeValue(hSession,hObject,pTemplate,ulCount,rv);
876 }
877 return rv;
878 }
879
880
881
882 /* FC_FindObjectsInit initializes a search for token and session objects
883 * that match a template. */
884 CK_RV FC_FindObjectsInit(CK_SESSION_HANDLE hSession,
885 CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
886 /* let publically readable object be found */
887 unsigned int i;
888 CK_RV rv;
889 PRBool needLogin = PR_FALSE;
890
891
892 CHECK_FORK();
893
894 SFTK_FIPSFATALCHECK();
895
896 for (i=0; i < usCount; i++) {
897 CK_OBJECT_CLASS class;
898 if (pTemplate[i].type != CKA_CLASS) {
899 continue;
900 }
901 if (pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS)) {
902 continue;
903 }
904 if (pTemplate[i].pValue == NULL) {
905 continue;
906 }
907 class = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
908 if ((class == CKO_PRIVATE_KEY) || (class == CKO_SECRET_KEY)) {
909 needLogin = PR_TRUE;
910 break;
911 }
912 }
913 if (needLogin) {
914 if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
915 }
916 return NSC_FindObjectsInit(hSession,pTemplate,usCount);
917 }
918
919
920 /* FC_FindObjects continues a search for token and session objects
921 * that match a template, obtaining additional object handles. */
922 CK_RV FC_FindObjects(CK_SESSION_HANDLE hSession,
923 CK_OBJECT_HANDLE_PTR phObject,CK_ULONG usMaxObjectCount,
924 CK_ULONG_PTR pusObjectCount) {
925 CHECK_FORK();
926
927 /* let publically readable object be found */
928 SFTK_FIPSFATALCHECK();
929 return NSC_FindObjects(hSession,phObject,usMaxObjectCount,
930 pusObjectCount);
931 }
932
933
934 /*
935 ************** Crypto Functions: Encrypt ************************
936 */
937
938 /* FC_EncryptInit initializes an encryption operation. */
939 CK_RV FC_EncryptInit(CK_SESSION_HANDLE hSession,
940 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
941 SFTK_FIPSCHECK();
942 CHECK_FORK();
943
944 rv = NSC_EncryptInit(hSession,pMechanism,hKey);
945 if (sftk_audit_enabled) {
946 sftk_AuditCryptInit("Encrypt",hSession,pMechanism,hKey,rv);
947 }
948 return rv;
949 }
950
951 /* FC_Encrypt encrypts single-part data. */
952 CK_RV FC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
953 CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
954 CK_ULONG_PTR pusEncryptedDataLen) {
955 SFTK_FIPSCHECK();
956 CHECK_FORK();
957
958 return NSC_Encrypt(hSession,pData,usDataLen,pEncryptedData,
959 pusEncryptedDataLen);
960 }
961
962
963 /* FC_EncryptUpdate continues a multiple-part encryption operation. */
964 CK_RV FC_EncryptUpdate(CK_SESSION_HANDLE hSession,
965 CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
966 CK_ULONG_PTR pusEncryptedPartLen) {
967 SFTK_FIPSCHECK();
968 CHECK_FORK();
969
970 return NSC_EncryptUpdate(hSession,pPart,usPartLen,pEncryptedPart,
971 pusEncryptedPartLen);
972 }
973
974
975 /* FC_EncryptFinal finishes a multiple-part encryption operation. */
976 CK_RV FC_EncryptFinal(CK_SESSION_HANDLE hSession,
977 CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen) {
978 SFTK_FIPSCHECK();
979 CHECK_FORK();
980
981 return NSC_EncryptFinal(hSession,pLastEncryptedPart,
982 pusLastEncryptedPartLen);
983 }
984
985 /*
986 ************** Crypto Functions: Decrypt ************************
987 */
988
989
990 /* FC_DecryptInit initializes a decryption operation. */
991 CK_RV FC_DecryptInit( CK_SESSION_HANDLE hSession,
992 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
993 SFTK_FIPSCHECK();
994 CHECK_FORK();
995
996 rv = NSC_DecryptInit(hSession,pMechanism,hKey);
997 if (sftk_audit_enabled) {
998 sftk_AuditCryptInit("Decrypt",hSession,pMechanism,hKey,rv);
999 }
1000 return rv;
1001 }
1002
1003 /* FC_Decrypt decrypts encrypted data in a single part. */
1004 CK_RV FC_Decrypt(CK_SESSION_HANDLE hSession,
1005 CK_BYTE_PTR pEncryptedData,CK_ULONG usEncryptedDataLen,CK_BYTE_PTR pData,
1006 CK_ULONG_PTR pusDataLen) {
1007 SFTK_FIPSCHECK();
1008 CHECK_FORK();
1009
1010 return NSC_Decrypt(hSession,pEncryptedData,usEncryptedDataLen,pData,
1011 pusDataLen);
1012 }
1013
1014
1015 /* FC_DecryptUpdate continues a multiple-part decryption operation. */
1016 CK_RV FC_DecryptUpdate(CK_SESSION_HANDLE hSession,
1017 CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen,
1018 CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen) {
1019 SFTK_FIPSCHECK();
1020 CHECK_FORK();
1021
1022 return NSC_DecryptUpdate(hSession,pEncryptedPart,usEncryptedPartLen,
1023 pPart,pusPartLen);
1024 }
1025
1026
1027 /* FC_DecryptFinal finishes a multiple-part decryption operation. */
1028 CK_RV FC_DecryptFinal(CK_SESSION_HANDLE hSession,
1029 CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen) {
1030 SFTK_FIPSCHECK();
1031 CHECK_FORK();
1032
1033 return NSC_DecryptFinal(hSession,pLastPart,pusLastPartLen);
1034 }
1035
1036
1037 /*
1038 ************** Crypto Functions: Digest (HASH) ************************
1039 */
1040
1041 /* FC_DigestInit initializes a message-digesting operation. */
1042 CK_RV FC_DigestInit(CK_SESSION_HANDLE hSession,
1043 CK_MECHANISM_PTR pMechanism) {
1044 SFTK_FIPSFATALCHECK();
1045 CHECK_FORK();
1046
1047 return NSC_DigestInit(hSession, pMechanism);
1048 }
1049
1050
1051 /* FC_Digest digests data in a single part. */
1052 CK_RV FC_Digest(CK_SESSION_HANDLE hSession,
1053 CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
1054 CK_ULONG_PTR pusDigestLen) {
1055 SFTK_FIPSFATALCHECK();
1056 CHECK_FORK();
1057
1058 return NSC_Digest(hSession,pData,usDataLen,pDigest,pusDigestLen);
1059 }
1060
1061
1062 /* FC_DigestUpdate continues a multiple-part message-digesting operation. */
1063 CK_RV FC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
1064 CK_ULONG usPartLen) {
1065 SFTK_FIPSFATALCHECK();
1066 CHECK_FORK();
1067
1068 return NSC_DigestUpdate(hSession,pPart,usPartLen);
1069 }
1070
1071
1072 /* FC_DigestFinal finishes a multiple-part message-digesting operation. */
1073 CK_RV FC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
1074 CK_ULONG_PTR pusDigestLen) {
1075 SFTK_FIPSFATALCHECK();
1076 CHECK_FORK();
1077
1078 return NSC_DigestFinal(hSession,pDigest,pusDigestLen);
1079 }
1080
1081
1082 /*
1083 ************** Crypto Functions: Sign ************************
1084 */
1085
1086 /* FC_SignInit initializes a signature (private key encryption) operation,
1087 * where the signature is (will be) an appendix to the data,
1088 * and plaintext cannot be recovered from the signature */
1089 CK_RV FC_SignInit(CK_SESSION_HANDLE hSession,
1090 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
1091 SFTK_FIPSCHECK();
1092 CHECK_FORK();
1093
1094 rv = NSC_SignInit(hSession,pMechanism,hKey);
1095 if (sftk_audit_enabled) {
1096 sftk_AuditCryptInit("Sign",hSession,pMechanism,hKey,rv);
1097 }
1098 return rv;
1099 }
1100
1101
1102 /* FC_Sign signs (encrypts with private key) data in a single part,
1103 * where the signature is (will be) an appendix to the data,
1104 * and plaintext cannot be recovered from the signature */
1105 CK_RV FC_Sign(CK_SESSION_HANDLE hSession,
1106 CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,
1107 CK_ULONG_PTR pusSignatureLen) {
1108 SFTK_FIPSCHECK();
1109 CHECK_FORK();
1110
1111 return NSC_Sign(hSession,pData,usDataLen,pSignature,pusSignatureLen);
1112 }
1113
1114
1115 /* FC_SignUpdate continues a multiple-part signature operation,
1116 * where the signature is (will be) an appendix to the data,
1117 * and plaintext cannot be recovered from the signature */
1118 CK_RV FC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
1119 CK_ULONG usPartLen) {
1120 SFTK_FIPSCHECK();
1121 CHECK_FORK();
1122
1123 return NSC_SignUpdate(hSession,pPart,usPartLen);
1124 }
1125
1126
1127 /* FC_SignFinal finishes a multiple-part signature operation,
1128 * returning the signature. */
1129 CK_RV FC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
1130 CK_ULONG_PTR pusSignatureLen) {
1131 SFTK_FIPSCHECK();
1132 CHECK_FORK();
1133
1134 return NSC_SignFinal(hSession,pSignature,pusSignatureLen);
1135 }
1136
1137 /*
1138 ************** Crypto Functions: Sign Recover ************************
1139 */
1140 /* FC_SignRecoverInit initializes a signature operation,
1141 * where the (digest) data can be recovered from the signature.
1142 * E.g. encryption with the user's private key */
1143 CK_RV FC_SignRecoverInit(CK_SESSION_HANDLE hSession,
1144 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
1145 SFTK_FIPSCHECK();
1146 CHECK_FORK();
1147
1148 rv = NSC_SignRecoverInit(hSession,pMechanism,hKey);
1149 if (sftk_audit_enabled) {
1150 sftk_AuditCryptInit("SignRecover",hSession,pMechanism,hKey,rv);
1151 }
1152 return rv;
1153 }
1154
1155
1156 /* FC_SignRecover signs data in a single operation
1157 * where the (digest) data can be recovered from the signature.
1158 * E.g. encryption with the user's private key */
1159 CK_RV FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
1160 CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen) {
1161 SFTK_FIPSCHECK();
1162 CHECK_FORK();
1163
1164 return NSC_SignRecover(hSession,pData,usDataLen,pSignature,pusSignatureLen);
1165 }
1166
1167 /*
1168 ************** Crypto Functions: verify ************************
1169 */
1170
1171 /* FC_VerifyInit initializes a verification operation,
1172 * where the signature is an appendix to the data,
1173 * and plaintext cannot be recovered from the signature (e.g. DSA) */
1174 CK_RV FC_VerifyInit(CK_SESSION_HANDLE hSession,
1175 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
1176 SFTK_FIPSCHECK();
1177 CHECK_FORK();
1178
1179 rv = NSC_VerifyInit(hSession,pMechanism,hKey);
1180 if (sftk_audit_enabled) {
1181 sftk_AuditCryptInit("Verify",hSession,pMechanism,hKey,rv);
1182 }
1183 return rv;
1184 }
1185
1186
1187 /* FC_Verify verifies a signature in a single-part operation,
1188 * where the signature is an appendix to the data,
1189 * and plaintext cannot be recovered from the signature */
1190 CK_RV FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
1191 CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen) {
1192 /* make sure we're legal */
1193 SFTK_FIPSCHECK();
1194 CHECK_FORK();
1195
1196 return NSC_Verify(hSession,pData,usDataLen,pSignature,usSignatureLen);
1197 }
1198
1199
1200 /* FC_VerifyUpdate continues a multiple-part verification operation,
1201 * where the signature is an appendix to the data,
1202 * and plaintext cannot be recovered from the signature */
1203 CK_RV FC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1204 CK_ULONG usPartLen) {
1205 SFTK_FIPSCHECK();
1206 CHECK_FORK();
1207
1208 return NSC_VerifyUpdate(hSession,pPart,usPartLen);
1209 }
1210
1211
1212 /* FC_VerifyFinal finishes a multiple-part verification operation,
1213 * checking the signature. */
1214 CK_RV FC_VerifyFinal(CK_SESSION_HANDLE hSession,
1215 CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen) {
1216 SFTK_FIPSCHECK();
1217 CHECK_FORK();
1218
1219 return NSC_VerifyFinal(hSession,pSignature,usSignatureLen);
1220 }
1221
1222 /*
1223 ************** Crypto Functions: Verify Recover ************************
1224 */
1225
1226 /* FC_VerifyRecoverInit initializes a signature verification operation,
1227 * where the data is recovered from the signature.
1228 * E.g. Decryption with the user's public key */
1229 CK_RV FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
1230 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
1231 SFTK_FIPSCHECK();
1232 CHECK_FORK();
1233
1234 rv = NSC_VerifyRecoverInit(hSession,pMechanism,hKey);
1235 if (sftk_audit_enabled) {
1236 sftk_AuditCryptInit("VerifyRecover",hSession,pMechanism,hKey,rv);
1237 }
1238 return rv;
1239 }
1240
1241
1242 /* FC_VerifyRecover verifies a signature in a single-part operation,
1243 * where the data is recovered from the signature.
1244 * E.g. Decryption with the user's public key */
1245 CK_RV FC_VerifyRecover(CK_SESSION_HANDLE hSession,
1246 CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen,
1247 CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen) {
1248 SFTK_FIPSCHECK();
1249 CHECK_FORK();
1250
1251 return NSC_VerifyRecover(hSession,pSignature,usSignatureLen,pData,
1252 pusDataLen);
1253 }
1254
1255 /*
1256 **************************** Key Functions: ************************
1257 */
1258
1259 /* FC_GenerateKey generates a secret key, creating a new key object. */
1260 CK_RV FC_GenerateKey(CK_SESSION_HANDLE hSession,
1261 CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,
1262 CK_OBJECT_HANDLE_PTR phKey) {
1263 CK_BBOOL *boolptr;
1264
1265 SFTK_FIPSCHECK();
1266 CHECK_FORK();
1267
1268 /* all secret keys must be sensitive, if the upper level code tries to say
1269 * otherwise, reject it. */
1270 boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate, ulCount, CKA_SENSITIVE);
1271 if (boolptr != NULL) {
1272 if (!(*boolptr)) {
1273 return CKR_ATTRIBUTE_VALUE_INVALID;
1274 }
1275 }
1276
1277 rv = NSC_GenerateKey(hSession,pMechanism,pTemplate,ulCount,phKey);
1278 if (sftk_audit_enabled) {
1279 sftk_AuditGenerateKey(hSession,pMechanism,pTemplate,ulCount,phKey,rv);
1280 }
1281 return rv;
1282 }
1283
1284
1285 /* FC_GenerateKeyPair generates a public-key/private-key pair,
1286 * creating new key objects. */
1287 CK_RV FC_GenerateKeyPair (CK_SESSION_HANDLE hSession,
1288 CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1289 CK_ULONG usPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
1290 CK_ULONG usPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
1291 CK_OBJECT_HANDLE_PTR phPrivateKey) {
1292 CK_BBOOL *boolptr;
1293 CK_RV crv;
1294
1295 SFTK_FIPSCHECK();
1296 CHECK_FORK();
1297
1298
1299 /* all private keys must be sensitive, if the upper level code tries to say
1300 * otherwise, reject it. */
1301 boolptr = (CK_BBOOL *) fc_getAttribute(pPrivateKeyTemplate,
1302 usPrivateKeyAttributeCount, CKA_SENSITIVE);
1303 if (boolptr != NULL) {
1304 if (!(*boolptr)) {
1305 return CKR_ATTRIBUTE_VALUE_INVALID;
1306 }
1307 }
1308 crv = NSC_GenerateKeyPair (hSession,pMechanism,pPublicKeyTemplate,
1309 usPublicKeyAttributeCount,pPrivateKeyTemplate,
1310 usPrivateKeyAttributeCount,phPublicKey,phPrivateKey);
1311 if (crv == CKR_GENERAL_ERROR) {
1312 /* pairwise consistency check failed. */
1313 sftk_fatalError = PR_TRUE;
1314 }
1315 if (sftk_audit_enabled) {
1316 sftk_AuditGenerateKeyPair(hSession,pMechanism,pPublicKeyTemplate,
1317 usPublicKeyAttributeCount,pPrivateKeyTemplate,
1318 usPrivateKeyAttributeCount,phPublicKey,phPrivateKey,crv);
1319 }
1320 return crv;
1321 }
1322
1323
1324 /* FC_WrapKey wraps (i.e., encrypts) a key. */
1325 CK_RV FC_WrapKey(CK_SESSION_HANDLE hSession,
1326 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
1327 CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
1328 CK_ULONG_PTR pulWrappedKeyLen) {
1329 SFTK_FIPSCHECK();
1330 CHECK_FORK();
1331
1332 rv = NSC_WrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
1333 pulWrappedKeyLen);
1334 if (sftk_audit_enabled) {
1335 sftk_AuditWrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
1336 pulWrappedKeyLen,rv);
1337 }
1338 return rv;
1339 }
1340
1341
1342 /* FC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
1343 CK_RV FC_UnwrapKey(CK_SESSION_HANDLE hSession,
1344 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
1345 CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
1346 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
1347 CK_OBJECT_HANDLE_PTR phKey) {
1348 CK_BBOOL *boolptr;
1349
1350 SFTK_FIPSCHECK();
1351 CHECK_FORK();
1352
1353 /* all secret keys must be sensitive, if the upper level code tries to say
1354 * otherwise, reject it. */
1355 boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate,
1356 ulAttributeCount, CKA_SENSITIVE);
1357 if (boolptr != NULL) {
1358 if (!(*boolptr)) {
1359 return CKR_ATTRIBUTE_VALUE_INVALID;
1360 }
1361 }
1362 rv = NSC_UnwrapKey(hSession,pMechanism,hUnwrappingKey,pWrappedKey,
1363 ulWrappedKeyLen,pTemplate,ulAttributeCount,phKey);
1364 if (sftk_audit_enabled) {
1365 sftk_AuditUnwrapKey(hSession,pMechanism,hUnwrappingKey,pWrappedKey,
1366 ulWrappedKeyLen,pTemplate,ulAttributeCount,phKey,rv);
1367 }
1368 return rv;
1369 }
1370
1371
1372 /* FC_DeriveKey derives a key from a base key, creating a new key object. */
1373 CK_RV FC_DeriveKey( CK_SESSION_HANDLE hSession,
1374 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
1375 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
1376 CK_OBJECT_HANDLE_PTR phKey) {
1377 CK_BBOOL *boolptr;
1378
1379 SFTK_FIPSCHECK();
1380 CHECK_FORK();
1381
1382 /* all secret keys must be sensitive, if the upper level code tries to say
1383 * otherwise, reject it. */
1384 boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate,
1385 ulAttributeCount, CKA_SENSITIVE);
1386 if (boolptr != NULL) {
1387 if (!(*boolptr)) {
1388 return CKR_ATTRIBUTE_VALUE_INVALID;
1389 }
1390 }
1391 rv = NSC_DeriveKey(hSession,pMechanism,hBaseKey,pTemplate,
1392 ulAttributeCount, phKey);
1393 if (sftk_audit_enabled) {
1394 sftk_AuditDeriveKey(hSession,pMechanism,hBaseKey,pTemplate,
1395 ulAttributeCount,phKey,rv);
1396 }
1397 return rv;
1398 }
1399
1400 /*
1401 **************************** Radom Functions: ************************
1402 */
1403
1404 /* FC_SeedRandom mixes additional seed material into the token's random number
1405 * generator. */
1406 CK_RV FC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
1407 CK_ULONG usSeedLen) {
1408 CK_RV crv;
1409
1410 SFTK_FIPSFATALCHECK();
1411 CHECK_FORK();
1412
1413 crv = NSC_SeedRandom(hSession,pSeed,usSeedLen);
1414 if (crv != CKR_OK) {
1415 sftk_fatalError = PR_TRUE;
1416 }
1417 return crv;
1418 }
1419
1420
1421 /* FC_GenerateRandom generates random data. */
1422 CK_RV FC_GenerateRandom(CK_SESSION_HANDLE hSession,
1423 CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen) {
1424 CK_RV crv;
1425
1426 CHECK_FORK();
1427
1428 SFTK_FIPSFATALCHECK();
1429 crv = NSC_GenerateRandom(hSession,pRandomData,ulRandomLen);
1430 if (crv != CKR_OK) {
1431 sftk_fatalError = PR_TRUE;
1432 if (sftk_audit_enabled) {
1433 char msg[128];
1434 PR_snprintf(msg,sizeof msg,
1435 "C_GenerateRandom(hSession=0x%08lX, pRandomData=%p, "
1436 "ulRandomLen=%lu)=0x%08lX "
1437 "self-test: continuous RNG test failed",
1438 (PRUint32)hSession,pRandomData,
1439 (PRUint32)ulRandomLen,(PRUint32)crv);
1440 sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
1441 }
1442 }
1443 return crv;
1444 }
1445
1446
1447 /* FC_GetFunctionStatus obtains an updated status of a function running
1448 * in parallel with an application. */
1449 CK_RV FC_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
1450 SFTK_FIPSCHECK();
1451 CHECK_FORK();
1452
1453 return NSC_GetFunctionStatus(hSession);
1454 }
1455
1456
1457 /* FC_CancelFunction cancels a function running in parallel */
1458 CK_RV FC_CancelFunction(CK_SESSION_HANDLE hSession) {
1459 SFTK_FIPSCHECK();
1460 CHECK_FORK();
1461
1462 return NSC_CancelFunction(hSession);
1463 }
1464
1465 /*
1466 **************************** Version 1.1 Functions: ************************
1467 */
1468
1469 /* FC_GetOperationState saves the state of the cryptographic
1470 *operation in a session. */
1471 CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession,
1472 CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen) {
1473 SFTK_FIPSFATALCHECK();
1474 CHECK_FORK();
1475
1476 return NSC_GetOperationState(hSession,pOperationState,pulOperationStateLen);
1477 }
1478
1479
1480 /* FC_SetOperationState restores the state of the cryptographic operation
1481 * in a session. */
1482 CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession,
1483 CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
1484 CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) {
1485 SFTK_FIPSFATALCHECK();
1486 CHECK_FORK();
1487
1488 return NSC_SetOperationState(hSession,pOperationState,ulOperationStateLen,
1489 hEncryptionKey,hAuthenticationKey);
1490 }
1491
1492 /* FC_FindObjectsFinal finishes a search for token and session objects. */
1493 CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
1494 /* let publically readable object be found */
1495 SFTK_FIPSFATALCHECK();
1496 CHECK_FORK();
1497
1498 return NSC_FindObjectsFinal(hSession);
1499 }
1500
1501
1502 /* Dual-function cryptographic operations */
1503
1504 /* FC_DigestEncryptUpdate continues a multiple-part digesting and encryption
1505 * operation. */
1506 CK_RV FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1507 CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1508 CK_ULONG_PTR pulEncryptedPartLen) {
1509 SFTK_FIPSCHECK();
1510 CHECK_FORK();
1511
1512 return NSC_DigestEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
1513 pulEncryptedPartLen);
1514 }
1515
1516
1517 /* FC_DecryptDigestUpdate continues a multiple-part decryption and digesting
1518 * operation. */
1519 CK_RV FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
1520 CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
1521 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) {
1522 SFTK_FIPSCHECK();
1523 CHECK_FORK();
1524
1525 return NSC_DecryptDigestUpdate(hSession, pEncryptedPart,ulEncryptedPartLen,
1526 pPart,pulPartLen);
1527 }
1528
1529 /* FC_SignEncryptUpdate continues a multiple-part signing and encryption
1530 * operation. */
1531 CK_RV FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1532 CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1533 CK_ULONG_PTR pulEncryptedPartLen) {
1534 SFTK_FIPSCHECK();
1535 CHECK_FORK();
1536
1537 return NSC_SignEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
1538 pulEncryptedPartLen);
1539 }
1540
1541 /* FC_DecryptVerifyUpdate continues a multiple-part decryption and verify
1542 * operation. */
1543 CK_RV FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
1544 CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
1545 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) {
1546 SFTK_FIPSCHECK();
1547 CHECK_FORK();
1548
1549 return NSC_DecryptVerifyUpdate(hSession,pEncryptedData,ulEncryptedDataLen,
1550 pData,pulDataLen);
1551 }
1552
1553
1554 /* FC_DigestKey continues a multi-part message-digesting operation,
1555 * by digesting the value of a secret key as part of the data already digested.
1556 */
1557 CK_RV FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) {
1558 SFTK_FIPSCHECK();
1559 CHECK_FORK();
1560
1561 rv = NSC_DigestKey(hSession,hKey);
1562 if (sftk_audit_enabled) {
1563 sftk_AuditDigestKey(hSession,hKey,rv);
1564 }
1565 return rv;
1566 }
1567
1568
1569 CK_RV FC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
1570 CK_VOID_PTR pReserved)
1571 {
1572 CHECK_FORK();
1573
1574 return NSC_WaitForSlotEvent(flags, pSlot, pReserved);
1575 }
OLDNEW
« no previous file with comments | « mozilla/security/nss/lib/softoken/fipstest.c ('k') | mozilla/security/nss/lib/softoken/jpakesftk.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698