| OLD | NEW |
| (Empty) |
| 1 /* | |
| 2 * softoken.h - private data structures and prototypes for the softoken lib | |
| 3 * | |
| 4 * This Source Code Form is subject to the terms of the Mozilla Public | |
| 5 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 7 /* $Id: softoken.h,v 1.29 2013/02/05 02:19:52 ryan.sleevi%gmail.com Exp $ */ | |
| 8 | |
| 9 #ifndef _SOFTOKEN_H_ | |
| 10 #define _SOFTOKEN_H_ | |
| 11 | |
| 12 #include "blapi.h" | |
| 13 #include "lowkeyti.h" | |
| 14 #include "softoknt.h" | |
| 15 #include "secoidt.h" | |
| 16 | |
| 17 #include "pkcs11t.h" | |
| 18 | |
| 19 SEC_BEGIN_PROTOS | |
| 20 | |
| 21 /* | |
| 22 ** RSA encryption/decryption. When encrypting/decrypting the output | |
| 23 ** buffer must be at least the size of the public key modulus. | |
| 24 */ | |
| 25 | |
| 26 /* | |
| 27 ** Format some data into a PKCS#1 encryption block, preparing the | |
| 28 ** data for RSA encryption. | |
| 29 ** "result" where the formatted block is stored (memory is allocated) | |
| 30 ** "modulusLen" the size of the formatted block | |
| 31 ** "blockType" what block type to use (SEC_RSABlock*) | |
| 32 ** "data" the data to format | |
| 33 */ | |
| 34 extern SECStatus RSA_FormatBlock(SECItem *result, | |
| 35 unsigned int modulusLen, | |
| 36 RSA_BlockType blockType, | |
| 37 SECItem *data); | |
| 38 /* | |
| 39 ** Similar, but just returns a pointer to the allocated memory, *and* | |
| 40 ** will *only* format one block, even if we (in the future) modify | |
| 41 ** RSA_FormatBlock() to loop over multiples of modulusLen. | |
| 42 */ | |
| 43 extern unsigned char *RSA_FormatOneBlock(unsigned int modulusLen, | |
| 44 RSA_BlockType blockType, | |
| 45 SECItem *data); | |
| 46 | |
| 47 | |
| 48 | |
| 49 /* | |
| 50 * convenience wrappers for doing single RSA operations. They create the | |
| 51 * RSA context internally and take care of the formatting | |
| 52 * requirements. Blinding happens automagically within RSA_Sign and | |
| 53 * RSA_DecryptBlock. | |
| 54 */ | |
| 55 extern | |
| 56 SECStatus RSA_Sign(NSSLOWKEYPrivateKey *key, unsigned char *output, | |
| 57 unsigned int *outputLen, unsigned int maxOutputLen, | |
| 58 unsigned char *input, unsigned int inputLen); | |
| 59 extern | |
| 60 SECStatus RSA_HashSign(SECOidTag hashOid, | |
| 61 NSSLOWKEYPrivateKey *key, unsigned char *sig, | |
| 62 unsigned int *sigLen, unsigned int maxLen, | |
| 63 unsigned char *hash, unsigned int hashLen); | |
| 64 extern | |
| 65 SECStatus RSA_SignPSS(CK_RSA_PKCS_PSS_PARAMS *pss_params, | |
| 66 NSSLOWKEYPrivateKey *key, | |
| 67 unsigned char *output, unsigned int *output_len, | |
| 68 unsigned int max_output_len, const unsigned char *input, | |
| 69 unsigned int input_len); | |
| 70 extern | |
| 71 SECStatus RSA_CheckSign(NSSLOWKEYPublicKey *key, unsigned char *sign, | |
| 72 unsigned int signLength, unsigned char *hash, | |
| 73 unsigned int hashLength); | |
| 74 extern | |
| 75 SECStatus RSA_HashCheckSign(SECOidTag hashOid, | |
| 76 NSSLOWKEYPublicKey *key, unsigned char *sig, | |
| 77 unsigned int sigLen, unsigned char *digest, | |
| 78 unsigned int digestLen); | |
| 79 extern | |
| 80 SECStatus RSA_CheckSignPSS(CK_RSA_PKCS_PSS_PARAMS *pss_params, | |
| 81 NSSLOWKEYPublicKey *key, | |
| 82 const unsigned char *sign, unsigned int sign_len, | |
| 83 const unsigned char *hash, unsigned int hash_len); | |
| 84 extern | |
| 85 SECStatus RSA_CheckSignRecover(NSSLOWKEYPublicKey *key, unsigned char *data, | |
| 86 unsigned int *data_len,unsigned int max_output_len, | |
| 87 unsigned char *sign, unsigned int sign_len); | |
| 88 extern | |
| 89 SECStatus RSA_EncryptBlock(NSSLOWKEYPublicKey *key, unsigned char *output, | |
| 90 unsigned int *outputLen, unsigned int maxOutputLen, | |
| 91 unsigned char *input, unsigned int inputLen); | |
| 92 extern | |
| 93 SECStatus RSA_DecryptBlock(NSSLOWKEYPrivateKey *key, unsigned char *output, | |
| 94 unsigned int *outputLen, unsigned int maxOutputLen, | |
| 95 unsigned char *input, unsigned int inputLen); | |
| 96 | |
| 97 extern | |
| 98 SECStatus RSA_EncryptOAEP(CK_RSA_PKCS_OAEP_PARAMS *oaepParams, | |
| 99 NSSLOWKEYPublicKey *key, | |
| 100 unsigned char *output, unsigned int *outputLen, | |
| 101 unsigned int maxOutputLen, | |
| 102 const unsigned char *input, unsigned int inputLen); | |
| 103 | |
| 104 extern | |
| 105 SECStatus RSA_DecryptOAEP(CK_RSA_PKCS_OAEP_PARAMS *oaepParams, | |
| 106 NSSLOWKEYPrivateKey *key, | |
| 107 unsigned char *output, unsigned int *outputLen, | |
| 108 unsigned int maxOutputLen, | |
| 109 const unsigned char *input, unsigned int inputLen); | |
| 110 | |
| 111 /* | |
| 112 * added to make pkcs #11 happy | |
| 113 * RAW is RSA_X_509 | |
| 114 */ | |
| 115 extern | |
| 116 SECStatus RSA_SignRaw( NSSLOWKEYPrivateKey *key, unsigned char *output, | |
| 117 unsigned int *output_len, unsigned int maxOutputLen, | |
| 118 unsigned char *input, unsigned int input_len); | |
| 119 extern | |
| 120 SECStatus RSA_CheckSignRaw( NSSLOWKEYPublicKey *key, unsigned char *sign, | |
| 121 unsigned int sign_len, unsigned char *hash, | |
| 122 unsigned int hash_len); | |
| 123 extern | |
| 124 SECStatus RSA_CheckSignRecoverRaw( NSSLOWKEYPublicKey *key, unsigned char *data, | |
| 125 unsigned int *data_len, unsigned int max_output_len, | |
| 126 unsigned char *sign, unsigned int sign_len); | |
| 127 extern | |
| 128 SECStatus RSA_EncryptRaw( NSSLOWKEYPublicKey *key, unsigned char *output, | |
| 129 unsigned int *output_len, | |
| 130 unsigned int max_output_len, | |
| 131 unsigned char *input, unsigned int input_len); | |
| 132 extern | |
| 133 SECStatus RSA_DecryptRaw(NSSLOWKEYPrivateKey *key, unsigned char *output, | |
| 134 unsigned int *output_len, | |
| 135 unsigned int max_output_len, | |
| 136 unsigned char *input, unsigned int input_len); | |
| 137 #ifdef NSS_ENABLE_ECC | |
| 138 /* | |
| 139 ** pepare an ECParam structure from DEREncoded params | |
| 140 */ | |
| 141 extern SECStatus EC_FillParams(PRArenaPool *arena, | |
| 142 const SECItem *encodedParams, ECParams *params); | |
| 143 extern SECStatus EC_DecodeParams(const SECItem *encodedParams, | |
| 144 ECParams **ecparams); | |
| 145 extern SECStatus EC_CopyParams(PRArenaPool *arena, ECParams *dstParams, | |
| 146 const ECParams *srcParams); | |
| 147 #endif | |
| 148 | |
| 149 | |
| 150 /* | |
| 151 ** Prepare a buffer for padded CBC encryption, growing to the appropriate | |
| 152 ** boundary, filling with the appropriate padding. | |
| 153 ** | |
| 154 ** blockSize must be a power of 2. | |
| 155 ** | |
| 156 ** We add from 1 to blockSize bytes -- we *always* grow. | |
| 157 ** The extra bytes contain the value of the length of the padding: | |
| 158 ** if we have 2 bytes of padding, then the padding is "0x02, 0x02". | |
| 159 ** | |
| 160 ** NOTE: If arena is non-NULL, we re-allocate from there, otherwise | |
| 161 ** we assume (and use) PR memory (re)allocation. | |
| 162 */ | |
| 163 extern unsigned char * CBC_PadBuffer(PRArenaPool *arena, unsigned char *inbuf, | |
| 164 unsigned int inlen, unsigned int *outlen, | |
| 165 int blockSize); | |
| 166 | |
| 167 | |
| 168 /****************************************/ | |
| 169 /* | |
| 170 ** Power-Up selftests required for FIPS and invoked only | |
| 171 ** under PKCS #11 FIPS mode. | |
| 172 */ | |
| 173 extern CK_RV sftk_fipsPowerUpSelfTest( void ); | |
| 174 | |
| 175 /* | |
| 176 ** make known fixed PKCS #11 key types to their sizes in bytes | |
| 177 */ | |
| 178 unsigned long sftk_MapKeySize(CK_KEY_TYPE keyType); | |
| 179 | |
| 180 /* | |
| 181 ** FIPS 140-2 auditing | |
| 182 */ | |
| 183 extern PRBool sftk_audit_enabled; | |
| 184 | |
| 185 extern void sftk_LogAuditMessage(NSSAuditSeverity severity, | |
| 186 NSSAuditType, const char *msg); | |
| 187 | |
| 188 extern void sftk_AuditCreateObject(CK_SESSION_HANDLE hSession, | |
| 189 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, | |
| 190 CK_OBJECT_HANDLE_PTR phObject, CK_RV rv); | |
| 191 | |
| 192 extern void sftk_AuditCopyObject(CK_SESSION_HANDLE hSession, | |
| 193 CK_OBJECT_HANDLE hObject, | |
| 194 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, | |
| 195 CK_OBJECT_HANDLE_PTR phNewObject, CK_RV rv); | |
| 196 | |
| 197 extern void sftk_AuditDestroyObject(CK_SESSION_HANDLE hSession, | |
| 198 CK_OBJECT_HANDLE hObject, CK_RV rv); | |
| 199 | |
| 200 extern void sftk_AuditGetObjectSize(CK_SESSION_HANDLE hSession, | |
| 201 CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize, | |
| 202 CK_RV rv); | |
| 203 | |
| 204 extern void sftk_AuditGetAttributeValue(CK_SESSION_HANDLE hSession, | |
| 205 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, | |
| 206 CK_ULONG ulCount, CK_RV rv); | |
| 207 | |
| 208 extern void sftk_AuditSetAttributeValue(CK_SESSION_HANDLE hSession, | |
| 209 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, | |
| 210 CK_ULONG ulCount, CK_RV rv); | |
| 211 | |
| 212 extern void sftk_AuditCryptInit(const char *opName, | |
| 213 CK_SESSION_HANDLE hSession, | |
| 214 CK_MECHANISM_PTR pMechanism, | |
| 215 CK_OBJECT_HANDLE hKey, CK_RV rv); | |
| 216 | |
| 217 extern void sftk_AuditGenerateKey(CK_SESSION_HANDLE hSession, | |
| 218 CK_MECHANISM_PTR pMechanism, | |
| 219 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, | |
| 220 CK_OBJECT_HANDLE_PTR phKey, CK_RV rv); | |
| 221 | |
| 222 extern void sftk_AuditGenerateKeyPair(CK_SESSION_HANDLE hSession, | |
| 223 CK_MECHANISM_PTR pMechanism, | |
| 224 CK_ATTRIBUTE_PTR pPublicKeyTemplate, | |
| 225 CK_ULONG ulPublicKeyAttributeCount, | |
| 226 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, | |
| 227 CK_ULONG ulPrivateKeyAttributeCount, | |
| 228 CK_OBJECT_HANDLE_PTR phPublicKey, | |
| 229 CK_OBJECT_HANDLE_PTR phPrivateKey, CK_RV rv); | |
| 230 | |
| 231 extern void sftk_AuditWrapKey(CK_SESSION_HANDLE hSession, | |
| 232 CK_MECHANISM_PTR pMechanism, | |
| 233 CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, | |
| 234 CK_BYTE_PTR pWrappedKey, | |
| 235 CK_ULONG_PTR pulWrappedKeyLen, CK_RV rv); | |
| 236 | |
| 237 extern void sftk_AuditUnwrapKey(CK_SESSION_HANDLE hSession, | |
| 238 CK_MECHANISM_PTR pMechanism, | |
| 239 CK_OBJECT_HANDLE hUnwrappingKey, | |
| 240 CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen, | |
| 241 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, | |
| 242 CK_OBJECT_HANDLE_PTR phKey, CK_RV rv); | |
| 243 | |
| 244 extern void sftk_AuditDeriveKey(CK_SESSION_HANDLE hSession, | |
| 245 CK_MECHANISM_PTR pMechanism, | |
| 246 CK_OBJECT_HANDLE hBaseKey, | |
| 247 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, | |
| 248 CK_OBJECT_HANDLE_PTR phKey, CK_RV rv); | |
| 249 | |
| 250 extern void sftk_AuditDigestKey(CK_SESSION_HANDLE hSession, | |
| 251 CK_OBJECT_HANDLE hKey, CK_RV rv); | |
| 252 | |
| 253 /* | |
| 254 ** FIPS 140-2 Error state | |
| 255 */ | |
| 256 extern PRBool sftk_fatalError; | |
| 257 | |
| 258 /* | |
| 259 ** macros to check for forked child process after C_Initialize | |
| 260 */ | |
| 261 #if defined(XP_UNIX) && !defined(NO_FORK_CHECK) | |
| 262 | |
| 263 #ifdef DEBUG | |
| 264 | |
| 265 #define FORK_ASSERT() \ | |
| 266 { \ | |
| 267 char* forkAssert = getenv("NSS_STRICT_NOFORK"); \ | |
| 268 if ( (!forkAssert) || (0 == strcmp(forkAssert, "1")) ) { \ | |
| 269 PORT_Assert(0); \ | |
| 270 } \ | |
| 271 } | |
| 272 | |
| 273 #else | |
| 274 | |
| 275 #define FORK_ASSERT() | |
| 276 | |
| 277 #endif | |
| 278 | |
| 279 /* we have 3 methods of implementing the fork checks : | |
| 280 * - Solaris "mixed" method | |
| 281 * - pthread_atfork method | |
| 282 * - getpid method | |
| 283 */ | |
| 284 | |
| 285 #if !defined (CHECK_FORK_MIXED) && !defined(CHECK_FORK_PTHREAD) && \ | |
| 286 !defined (CHECK_FORK_GETPID) | |
| 287 | |
| 288 /* Choose fork check method automatically unless specified | |
| 289 * This section should be updated as more platforms get pthread fixes | |
| 290 * to unregister fork handlers in dlclose. | |
| 291 */ | |
| 292 | |
| 293 #ifdef SOLARIS | |
| 294 | |
| 295 /* Solaris 8, s9 use PID checks, s10 uses pthread_atfork */ | |
| 296 | |
| 297 #define CHECK_FORK_MIXED | |
| 298 | |
| 299 #elif defined(LINUX) | |
| 300 | |
| 301 #define CHECK_FORK_PTHREAD | |
| 302 | |
| 303 #else | |
| 304 | |
| 305 /* Other Unix platforms use only PID checks. Even if pthread_atfork is | |
| 306 * available, the behavior of dlclose isn't guaranteed by POSIX to | |
| 307 * unregister the fork handler. */ | |
| 308 | |
| 309 #define CHECK_FORK_GETPID | |
| 310 | |
| 311 #endif | |
| 312 | |
| 313 #endif | |
| 314 | |
| 315 #if defined(CHECK_FORK_MIXED) | |
| 316 | |
| 317 extern PRBool usePthread_atfork; | |
| 318 #include <unistd.h> | |
| 319 extern pid_t myPid; | |
| 320 extern PRBool forked; | |
| 321 | |
| 322 #define PARENT_FORKED() (usePthread_atfork ? forked : (myPid && myPid != getpid(
))) | |
| 323 | |
| 324 #elif defined(CHECK_FORK_PTHREAD) | |
| 325 | |
| 326 extern PRBool forked; | |
| 327 | |
| 328 #define PARENT_FORKED() forked | |
| 329 | |
| 330 #elif defined(CHECK_FORK_GETPID) | |
| 331 | |
| 332 #include <unistd.h> | |
| 333 extern pid_t myPid; | |
| 334 | |
| 335 #define PARENT_FORKED() (myPid && myPid != getpid()) | |
| 336 | |
| 337 #endif | |
| 338 | |
| 339 extern PRBool parentForkedAfterC_Initialize; | |
| 340 extern PRBool sftkForkCheckDisabled; | |
| 341 | |
| 342 #define CHECK_FORK() \ | |
| 343 do { \ | |
| 344 if (!sftkForkCheckDisabled && PARENT_FORKED()) { \ | |
| 345 FORK_ASSERT(); \ | |
| 346 return CKR_DEVICE_ERROR; \ | |
| 347 } \ | |
| 348 } while (0) | |
| 349 | |
| 350 #define SKIP_AFTER_FORK(x) if (!parentForkedAfterC_Initialize) x | |
| 351 | |
| 352 #define ENABLE_FORK_CHECK() \ | |
| 353 { \ | |
| 354 char* doForkCheck = getenv("NSS_STRICT_NOFORK"); \ | |
| 355 if ( doForkCheck && !strcmp(doForkCheck, "DISABLED") ) { \ | |
| 356 sftkForkCheckDisabled = PR_TRUE; \ | |
| 357 } \ | |
| 358 } | |
| 359 | |
| 360 | |
| 361 #else | |
| 362 | |
| 363 /* non-Unix platforms, or fork check disabled */ | |
| 364 | |
| 365 #define CHECK_FORK() | |
| 366 #define SKIP_AFTER_FORK(x) x | |
| 367 #define ENABLE_FORK_CHECK() | |
| 368 | |
| 369 #ifndef NO_FORK_CHECK | |
| 370 #define NO_FORK_CHECK | |
| 371 #endif | |
| 372 | |
| 373 #endif | |
| 374 | |
| 375 | |
| 376 SEC_END_PROTOS | |
| 377 | |
| 378 #endif /* _SOFTOKEN_H_ */ | |
| OLD | NEW |