Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(533)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/softoken/fipstokn.c

Issue 2078763002: Delete bundled copy of NSS and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss@master
Patch Set: Delete bundled copy of NSS and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « nss/lib/softoken/fipstest.c ('k') | nss/lib/softoken/jpakesftk.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /*
5 * This file implements PKCS 11 on top of our existing security modules
6 *
7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
8 * This implementation has two slots:
9 * slot 1 is our generic crypto support. It does not require login
10 * (unless you've enabled FIPS). It supports Public Key ops, and all they
11 * bulk ciphers and hashes. It can also support Private Key ops for imported
12 * Private keys. It does not have any token storage.
13 * slot 2 is our private key support. It requires a login before use. It
14 * can store Private Keys and Certs as token objects. Currently only private
15 * keys and their associated Certificates are saved on the token.
16 *
17 * In this implementation, session objects are only visible to the session
18 * that created or generated them.
19 */
20 #include "seccomon.h"
21 #include "softoken.h"
22 #include "lowkeyi.h"
23 #include "pkcs11.h"
24 #include "pkcs11i.h"
25 #include "prenv.h"
26 #include "prprf.h"
27
28 #include <ctype.h>
29
30 #ifdef XP_UNIX
31 #define NSS_AUDIT_WITH_SYSLOG 1
32 #include <syslog.h>
33 #include <unistd.h>
34 #endif
35
36 #ifdef LINUX
37 #include <pthread.h>
38 #include <dlfcn.h>
39 #define LIBAUDIT_NAME "libaudit.so.0"
40 #ifndef AUDIT_CRYPTO_TEST_USER
41 #define AUDIT_CRYPTO_TEST_USER 2400 /* Crypto test results */
42 #define AUDIT_CRYPTO_PARAM_CHANGE_USER 2401 /* Crypto attribute change */
43 #define AUDIT_CRYPTO_LOGIN 2402 /* Logged in as crypto officer */
44 #define AUDIT_CRYPTO_LOGOUT 2403 /* Logged out from crypto */
45 #define AUDIT_CRYPTO_KEY_USER 2404 /* Create,delete,negotiate */
46 #define AUDIT_CRYPTO_FAILURE_USER 2405 /* Fail decrypt,encrypt,randomize * /
47 #endif
48 static void *libaudit_handle;
49 static int (*audit_open_func)(void);
50 static void (*audit_close_func)(int fd);
51 static int (*audit_log_user_message_func)(int audit_fd, int type,
52 const char *message, const char *hostname, const char *addr,
53 const char *tty, int result);
54 static int (*audit_send_user_message_func)(int fd, int type,
55 const char *message);
56
57 static pthread_once_t libaudit_once_control = PTHREAD_ONCE_INIT;
58
59 static void
60 libaudit_init(void)
61 {
62 libaudit_handle = dlopen(LIBAUDIT_NAME, RTLD_LAZY);
63 if (!libaudit_handle) {
64 return;
65 }
66 audit_open_func = dlsym(libaudit_handle, "audit_open");
67 audit_close_func = dlsym(libaudit_handle, "audit_close");
68 /*
69 * audit_send_user_message is the older function.
70 * audit_log_user_message, if available, is preferred.
71 */
72 audit_log_user_message_func = dlsym(libaudit_handle,
73 "audit_log_user_message");
74 if (!audit_log_user_message_func) {
75 audit_send_user_message_func = dlsym(libaudit_handle,
76 "audit_send_user_message");
77 }
78 if (!audit_open_func || !audit_close_func ||
79 (!audit_log_user_message_func && !audit_send_user_message_func)) {
80 dlclose(libaudit_handle);
81 libaudit_handle = NULL;
82 audit_open_func = NULL;
83 audit_close_func = NULL;
84 audit_log_user_message_func = NULL;
85 audit_send_user_message_func = NULL;
86 }
87 }
88 #endif /* LINUX */
89
90
91 /*
92 * ******************** Password Utilities *******************************
93 */
94 static PRBool isLoggedIn = PR_FALSE;
95 PRBool sftk_fatalError = PR_FALSE;
96
97 /*
98 * This function returns
99 * - CKR_PIN_INVALID if the password/PIN is not a legal UTF8 string
100 * - CKR_PIN_LEN_RANGE if the password/PIN is too short or does not
101 * consist of characters from three or more character classes.
102 * - CKR_OK otherwise
103 *
104 * The minimum password/PIN length is FIPS_MIN_PIN Unicode characters.
105 * We define five character classes: digits (0-9), ASCII lowercase letters,
106 * ASCII uppercase letters, ASCII non-alphanumeric characters (such as
107 * space and punctuation marks), and non-ASCII characters. If an ASCII
108 * uppercase letter is the first character of the password/PIN, the
109 * uppercase letter is not counted toward its character class. Similarly,
110 * if a digit is the last character of the password/PIN, the digit is not
111 * counted toward its character class.
112 *
113 * Although NSC_SetPIN and NSC_InitPIN already do the maximum and minimum
114 * password/PIN length checks, they check the length in bytes as opposed
115 * to characters. To meet the minimum password/PIN guessing probability
116 * requirements in FIPS 140-2, we need to check the length in characters.
117 */
118 static CK_RV sftk_newPinCheck(CK_CHAR_PTR pPin, CK_ULONG ulPinLen) {
119 unsigned int i;
120 int nchar = 0; /* number of characters */
121 int ntrail = 0; /* number of trailing bytes to follow */
122 int ndigit = 0; /* number of decimal digits */
123 int nlower = 0; /* number of ASCII lowercase letters */
124 int nupper = 0; /* number of ASCII uppercase letters */
125 int nnonalnum = 0; /* number of ASCII non-alphanumeric characters */
126 int nnonascii = 0; /* number of non-ASCII characters */
127 int nclass; /* number of character classes */
128
129 for (i = 0; i < ulPinLen; i++) {
130 unsigned int byte = pPin[i];
131
132 if (ntrail) {
133 if ((byte & 0xc0) != 0x80) {
134 /* illegal */
135 nchar = -1;
136 break;
137 }
138 if (--ntrail == 0) {
139 nchar++;
140 nnonascii++;
141 }
142 continue;
143 }
144 if ((byte & 0x80) == 0x00) {
145 /* single-byte (ASCII) character */
146 nchar++;
147 if (isdigit(byte)) {
148 if (i < ulPinLen - 1) {
149 ndigit++;
150 }
151 } else if (islower(byte)) {
152 nlower++;
153 } else if (isupper(byte)) {
154 if (i > 0) {
155 nupper++;
156 }
157 } else {
158 nnonalnum++;
159 }
160 } else if ((byte & 0xe0) == 0xc0) {
161 /* leading byte of two-byte character */
162 ntrail = 1;
163 } else if ((byte & 0xf0) == 0xe0) {
164 /* leading byte of three-byte character */
165 ntrail = 2;
166 } else if ((byte & 0xf8) == 0xf0) {
167 /* leading byte of four-byte character */
168 ntrail = 3;
169 } else {
170 /* illegal */
171 nchar = -1;
172 break;
173 }
174 }
175 if (nchar == -1) {
176 /* illegal UTF8 string */
177 return CKR_PIN_INVALID;
178 }
179 if (nchar < FIPS_MIN_PIN) {
180 return CKR_PIN_LEN_RANGE;
181 }
182 nclass = (ndigit != 0) + (nlower != 0) + (nupper != 0) +
183 (nnonalnum != 0) + (nnonascii != 0);
184 if (nclass < 3) {
185 return CKR_PIN_LEN_RANGE;
186 }
187 return CKR_OK;
188 }
189
190
191 /* FIPS required checks before any useful cryptographic services */
192 static CK_RV sftk_fipsCheck(void) {
193 if (sftk_fatalError)
194 return CKR_DEVICE_ERROR;
195 if (!isLoggedIn)
196 return CKR_USER_NOT_LOGGED_IN;
197 return CKR_OK;
198 }
199
200
201 #define SFTK_FIPSCHECK() \
202 CK_RV rv; \
203 if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
204
205 #define SFTK_FIPSFATALCHECK() \
206 if (sftk_fatalError) return CKR_DEVICE_ERROR;
207
208
209 /* grab an attribute out of a raw template */
210 void *
211 fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate,
212 CK_ULONG ulCount, CK_ATTRIBUTE_TYPE type)
213 {
214 int i;
215
216 for (i=0; i < (int) ulCount; i++) {
217 if (pTemplate[i].type == type) {
218 return pTemplate[i].pValue;
219 }
220 }
221 return NULL;
222 }
223
224
225 #define __PASTE(x,y) x##y
226
227 /* ------------- forward declare all the NSC_ functions ------------- */
228 #undef CK_NEED_ARG_LIST
229 #undef CK_PKCS11_FUNCTION_INFO
230
231 #define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(NS,name)
232 #define CK_NEED_ARG_LIST 1
233
234 #include "pkcs11f.h"
235
236 /* ------------- forward declare all the FIPS functions ------------- */
237 #undef CK_NEED_ARG_LIST
238 #undef CK_PKCS11_FUNCTION_INFO
239
240 #define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F,name)
241 #define CK_NEED_ARG_LIST 1
242
243 #include "pkcs11f.h"
244
245 /* ------------- build the CK_CRYPTO_TABLE ------------------------- */
246 static CK_FUNCTION_LIST sftk_fipsTable = {
247 { 1, 10 },
248
249 #undef CK_NEED_ARG_LIST
250 #undef CK_PKCS11_FUNCTION_INFO
251
252 #define CK_PKCS11_FUNCTION_INFO(name) __PASTE(F,name),
253
254
255 #include "pkcs11f.h"
256
257 };
258
259 #undef CK_NEED_ARG_LIST
260 #undef CK_PKCS11_FUNCTION_INFO
261
262
263 #undef __PASTE
264
265 /* CKO_NOT_A_KEY can be any object class that's not a key object. */
266 #define CKO_NOT_A_KEY CKO_DATA
267
268 #define SFTK_IS_KEY_OBJECT(objClass) \
269 (((objClass) == CKO_PUBLIC_KEY) || \
270 ((objClass) == CKO_PRIVATE_KEY) || \
271 ((objClass) == CKO_SECRET_KEY))
272
273 #define SFTK_IS_NONPUBLIC_KEY_OBJECT(objClass) \
274 (((objClass) == CKO_PRIVATE_KEY) || ((objClass) == CKO_SECRET_KEY))
275
276 static CK_RV
277 sftk_get_object_class_and_fipsCheck(CK_SESSION_HANDLE hSession,
278 CK_OBJECT_HANDLE hObject, CK_OBJECT_CLASS *pObjClass)
279 {
280 CK_RV rv;
281 CK_ATTRIBUTE class;
282 class.type = CKA_CLASS;
283 class.pValue = pObjClass;
284 class.ulValueLen = sizeof(*pObjClass);
285 rv = NSC_GetAttributeValue(hSession, hObject, &class, 1);
286 if ((rv == CKR_OK) && SFTK_IS_NONPUBLIC_KEY_OBJECT(*pObjClass)) {
287 rv = sftk_fipsCheck();
288 }
289 return rv;
290 }
291
292 #ifdef LINUX
293
294 int
295 sftk_mapLinuxAuditType(NSSAuditSeverity severity, NSSAuditType auditType)
296 {
297 switch (auditType) {
298 case NSS_AUDIT_ACCESS_KEY:
299 case NSS_AUDIT_CHANGE_KEY:
300 case NSS_AUDIT_COPY_KEY:
301 case NSS_AUDIT_DERIVE_KEY:
302 case NSS_AUDIT_DESTROY_KEY:
303 case NSS_AUDIT_DIGEST_KEY:
304 case NSS_AUDIT_GENERATE_KEY:
305 case NSS_AUDIT_LOAD_KEY:
306 case NSS_AUDIT_UNWRAP_KEY:
307 case NSS_AUDIT_WRAP_KEY:
308 return AUDIT_CRYPTO_KEY_USER;
309 case NSS_AUDIT_CRYPT:
310 return (severity == NSS_AUDIT_ERROR) ? AUDIT_CRYPTO_FAILURE_USER :
311 AUDIT_CRYPTO_KEY_USER;
312 case NSS_AUDIT_FIPS_STATE:
313 case NSS_AUDIT_INIT_PIN:
314 case NSS_AUDIT_INIT_TOKEN:
315 case NSS_AUDIT_SET_PIN:
316 return AUDIT_CRYPTO_PARAM_CHANGE_USER;
317 case NSS_AUDIT_SELF_TEST:
318 return AUDIT_CRYPTO_TEST_USER;
319 case NSS_AUDIT_LOGIN:
320 return AUDIT_CRYPTO_LOGIN;
321 case NSS_AUDIT_LOGOUT:
322 return AUDIT_CRYPTO_LOGOUT;
323 /* we skip the fault case here so we can get compiler
324 * warnings if new 'NSSAuditType's are added without
325 * added them to this list, defaults fall through */
326 }
327 /* default */
328 return AUDIT_CRYPTO_PARAM_CHANGE_USER;
329 }
330 #endif
331
332
333 /**********************************************************************
334 *
335 * FIPS 140 auditable event logging
336 *
337 **********************************************************************/
338
339 PRBool sftk_audit_enabled = PR_FALSE;
340
341 /*
342 * Each audit record must have the following information:
343 * - Date and time of the event
344 * - Type of event
345 * - user (subject) identity
346 * - outcome (success or failure) of the event
347 * - process ID
348 * - name (ID) of the object
349 * - for changes to data (except for authentication data and CSPs), the new
350 * and old values of the data
351 * - for authentication attempts, the origin of the attempt (e.g., terminal
352 * identifier)
353 * - for assuming a role, the type of role, and the location of the request
354 */
355 void
356 sftk_LogAuditMessage(NSSAuditSeverity severity, NSSAuditType auditType,
357 const char *msg)
358 {
359 #ifdef NSS_AUDIT_WITH_SYSLOG
360 int level;
361
362 switch (severity) {
363 case NSS_AUDIT_ERROR:
364 level = LOG_ERR;
365 break;
366 case NSS_AUDIT_WARNING:
367 level = LOG_WARNING;
368 break;
369 default:
370 level = LOG_INFO;
371 break;
372 }
373 /* timestamp is provided by syslog in the message header */
374 syslog(level | LOG_USER /* facility */,
375 "NSS " SOFTOKEN_LIB_NAME "[pid=%d uid=%d]: %s",
376 (int)getpid(), (int)getuid(), msg);
377 #ifdef LINUX
378 if (pthread_once(&libaudit_once_control, libaudit_init) != 0) {
379 return;
380 }
381 if (libaudit_handle) {
382 int audit_fd;
383 int linuxAuditType;
384 int result = (severity != NSS_AUDIT_ERROR); /* 1=success; 0=failed */
385 char *message = PR_smprintf("NSS " SOFTOKEN_LIB_NAME ": %s", msg);
386 if (!message) {
387 return;
388 }
389 audit_fd = audit_open_func();
390 if (audit_fd < 0) {
391 PR_smprintf_free(message);
392 return;
393 }
394 linuxAuditType = sftk_mapLinuxAuditType(severity, auditType);
395 if (audit_log_user_message_func) {
396 audit_log_user_message_func(audit_fd, linuxAuditType, message,
397 NULL, NULL, NULL, result);
398 } else {
399 audit_send_user_message_func(audit_fd, linuxAuditType, message);
400 }
401 audit_close_func(audit_fd);
402 PR_smprintf_free(message);
403 }
404 #endif /* LINUX */
405 #else
406 /* do nothing */
407 #endif
408 }
409
410
411 /**********************************************************************
412 *
413 * Start of PKCS 11 functions
414 *
415 **********************************************************************/
416 /* return the function list */
417 CK_RV FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
418
419 CHECK_FORK();
420
421 *pFunctionList = &sftk_fipsTable;
422 return CKR_OK;
423 }
424
425 /* sigh global so pkcs11 can read it */
426 PRBool nsf_init = PR_FALSE;
427
428 /* FC_Initialize initializes the PKCS #11 library. */
429 CK_RV FC_Initialize(CK_VOID_PTR pReserved) {
430 const char *envp;
431 CK_RV crv;
432
433 sftk_ForkReset(pReserved, &crv);
434
435 if (nsf_init) {
436 return CKR_CRYPTOKI_ALREADY_INITIALIZED;
437 }
438
439 if ((envp = PR_GetEnvSecure("NSS_ENABLE_AUDIT")) != NULL) {
440 sftk_audit_enabled = (atoi(envp) == 1);
441 }
442
443 crv = nsc_CommonInitialize(pReserved, PR_TRUE);
444
445 /* not an 'else' rv can be set by either SFTK_LowInit or SFTK_SlotInit*/
446 if (crv != CKR_OK) {
447 sftk_fatalError = PR_TRUE;
448 return crv;
449 }
450
451 sftk_fatalError = PR_FALSE; /* any error has been reset */
452
453 crv = sftk_fipsPowerUpSelfTest();
454 if (crv != CKR_OK) {
455 nsc_CommonFinalize(NULL, PR_TRUE);
456 sftk_fatalError = PR_TRUE;
457 if (sftk_audit_enabled) {
458 char msg[128];
459 PR_snprintf(msg,sizeof msg,
460 "C_Initialize()=0x%08lX "
461 "power-up self-tests failed",
462 (PRUint32)crv);
463 sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
464 }
465 return crv;
466 }
467 nsf_init = PR_TRUE;
468
469 return CKR_OK;
470 }
471
472 /*FC_Finalize indicates that an application is done with the PKCS #11 library.*/
473 CK_RV FC_Finalize (CK_VOID_PTR pReserved) {
474 CK_RV crv;
475
476 if (sftk_ForkReset(pReserved, &crv)) {
477 return crv;
478 }
479
480 if (!nsf_init) {
481 return CKR_OK;
482 }
483
484 crv = nsc_CommonFinalize (pReserved, PR_TRUE);
485
486 nsf_init = (PRBool) !(crv == CKR_OK);
487 return crv;
488 }
489
490
491 /* FC_GetInfo returns general information about PKCS #11. */
492 CK_RV FC_GetInfo(CK_INFO_PTR pInfo) {
493 CHECK_FORK();
494
495 return NSC_GetInfo(pInfo);
496 }
497
498 /* FC_GetSlotList obtains a list of slots in the system. */
499 CK_RV FC_GetSlotList(CK_BBOOL tokenPresent,
500 CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) {
501 CHECK_FORK();
502
503 return nsc_CommonGetSlotList(tokenPresent,pSlotList,pulCount,
504 NSC_FIPS_MODULE);
505 }
506
507 /* FC_GetSlotInfo obtains information about a particular slot in the system. */
508 CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
509 CHECK_FORK();
510
511 return NSC_GetSlotInfo(slotID,pInfo);
512 }
513
514
515 /*FC_GetTokenInfo obtains information about a particular token in the system.*/
516 CK_RV FC_GetTokenInfo(CK_SLOT_ID slotID,CK_TOKEN_INFO_PTR pInfo) {
517 CK_RV crv;
518
519 CHECK_FORK();
520
521 crv = NSC_GetTokenInfo(slotID,pInfo);
522 if (crv == CKR_OK)
523 pInfo->flags |= CKF_LOGIN_REQUIRED;
524 return crv;
525
526 }
527
528
529
530 /*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/
531 CK_RV FC_GetMechanismList(CK_SLOT_ID slotID,
532 CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount) {
533 CHECK_FORK();
534
535 SFTK_FIPSFATALCHECK();
536 if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
537 /* FIPS Slot supports all functions */
538 return NSC_GetMechanismList(slotID,pMechanismList,pusCount);
539 }
540
541
542 /* FC_GetMechanismInfo obtains information about a particular mechanism
543 * possibly supported by a token. */
544 CK_RV FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
545 CK_MECHANISM_INFO_PTR pInfo) {
546 CHECK_FORK();
547
548 SFTK_FIPSFATALCHECK();
549 if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
550 /* FIPS Slot supports all functions */
551 return NSC_GetMechanismInfo(slotID,type,pInfo);
552 }
553
554
555 /* FC_InitToken initializes a token. */
556 CK_RV FC_InitToken(CK_SLOT_ID slotID,CK_CHAR_PTR pPin,
557 CK_ULONG usPinLen,CK_CHAR_PTR pLabel) {
558 CK_RV crv;
559
560 CHECK_FORK();
561
562 crv = NSC_InitToken(slotID,pPin,usPinLen,pLabel);
563 if (sftk_audit_enabled) {
564 char msg[128];
565 NSSAuditSeverity severity = (crv == CKR_OK) ?
566 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
567 /* pLabel points to a 32-byte label, which is not null-terminated */
568 PR_snprintf(msg,sizeof msg,
569 "C_InitToken(slotID=%lu, pLabel=\"%.32s\")=0x%08lX",
570 (PRUint32)slotID,pLabel,(PRUint32)crv);
571 sftk_LogAuditMessage(severity, NSS_AUDIT_INIT_TOKEN, msg);
572 }
573 return crv;
574 }
575
576
577 /* FC_InitPIN initializes the normal user's PIN. */
578 CK_RV FC_InitPIN(CK_SESSION_HANDLE hSession,
579 CK_CHAR_PTR pPin, CK_ULONG ulPinLen) {
580 CK_RV rv;
581
582 CHECK_FORK();
583
584 if (sftk_fatalError) return CKR_DEVICE_ERROR;
585 if ((rv = sftk_newPinCheck(pPin,ulPinLen)) == CKR_OK) {
586 rv = NSC_InitPIN(hSession,pPin,ulPinLen);
587 }
588 if (sftk_audit_enabled) {
589 char msg[128];
590 NSSAuditSeverity severity = (rv == CKR_OK) ?
591 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
592 PR_snprintf(msg,sizeof msg,
593 "C_InitPIN(hSession=0x%08lX)=0x%08lX",
594 (PRUint32)hSession,(PRUint32)rv);
595 sftk_LogAuditMessage(severity, NSS_AUDIT_INIT_PIN, msg);
596 }
597 return rv;
598 }
599
600
601 /* FC_SetPIN modifies the PIN of user that is currently logged in. */
602 /* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
603 CK_RV FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
604 CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen) {
605 CK_RV rv;
606
607 CHECK_FORK();
608
609 if ((rv = sftk_fipsCheck()) == CKR_OK &&
610 (rv = sftk_newPinCheck(pNewPin,usNewLen)) == CKR_OK) {
611 rv = NSC_SetPIN(hSession,pOldPin,usOldLen,pNewPin,usNewLen);
612 }
613 if (sftk_audit_enabled) {
614 char msg[128];
615 NSSAuditSeverity severity = (rv == CKR_OK) ?
616 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
617 PR_snprintf(msg,sizeof msg,
618 "C_SetPIN(hSession=0x%08lX)=0x%08lX",
619 (PRUint32)hSession,(PRUint32)rv);
620 sftk_LogAuditMessage(severity, NSS_AUDIT_SET_PIN, msg);
621 }
622 return rv;
623 }
624
625 /* FC_OpenSession opens a session between an application and a token. */
626 CK_RV FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
627 CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession) {
628 SFTK_FIPSFATALCHECK();
629
630 CHECK_FORK();
631
632 return NSC_OpenSession(slotID,flags,pApplication,Notify,phSession);
633 }
634
635
636 /* FC_CloseSession closes a session between an application and a token. */
637 CK_RV FC_CloseSession(CK_SESSION_HANDLE hSession) {
638 CHECK_FORK();
639
640 return NSC_CloseSession(hSession);
641 }
642
643
644 /* FC_CloseAllSessions closes all sessions with a token. */
645 CK_RV FC_CloseAllSessions (CK_SLOT_ID slotID) {
646
647 CHECK_FORK();
648
649 return NSC_CloseAllSessions (slotID);
650 }
651
652
653 /* FC_GetSessionInfo obtains information about the session. */
654 CK_RV FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
655 CK_SESSION_INFO_PTR pInfo) {
656 CK_RV rv;
657 SFTK_FIPSFATALCHECK();
658
659 CHECK_FORK();
660
661 rv = NSC_GetSessionInfo(hSession,pInfo);
662 if (rv == CKR_OK) {
663 if ((isLoggedIn) && (pInfo->state == CKS_RO_PUBLIC_SESSION)) {
664 pInfo->state = CKS_RO_USER_FUNCTIONS;
665 }
666 if ((isLoggedIn) && (pInfo->state == CKS_RW_PUBLIC_SESSION)) {
667 pInfo->state = CKS_RW_USER_FUNCTIONS;
668 }
669 }
670 return rv;
671 }
672
673 /* FC_Login logs a user into a token. */
674 CK_RV FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
675 CK_CHAR_PTR pPin, CK_ULONG usPinLen) {
676 CK_RV rv;
677 PRBool successful;
678 if (sftk_fatalError) return CKR_DEVICE_ERROR;
679 rv = NSC_Login(hSession,userType,pPin,usPinLen);
680 successful = (rv == CKR_OK) || (rv == CKR_USER_ALREADY_LOGGED_IN);
681 if (successful)
682 isLoggedIn = PR_TRUE;
683 if (sftk_audit_enabled) {
684 char msg[128];
685 NSSAuditSeverity severity;
686 severity = successful ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
687 PR_snprintf(msg,sizeof msg,
688 "C_Login(hSession=0x%08lX, userType=%lu)=0x%08lX",
689 (PRUint32)hSession,(PRUint32)userType,(PRUint32)rv);
690 sftk_LogAuditMessage(severity, NSS_AUDIT_LOGIN, msg);
691 }
692 return rv;
693 }
694
695 /* FC_Logout logs a user out from a token. */
696 CK_RV FC_Logout(CK_SESSION_HANDLE hSession) {
697 CK_RV rv;
698
699 CHECK_FORK();
700
701 if ((rv = sftk_fipsCheck()) == CKR_OK) {
702 rv = NSC_Logout(hSession);
703 isLoggedIn = PR_FALSE;
704 }
705 if (sftk_audit_enabled) {
706 char msg[128];
707 NSSAuditSeverity severity = (rv == CKR_OK) ?
708 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
709 PR_snprintf(msg,sizeof msg,
710 "C_Logout(hSession=0x%08lX)=0x%08lX",
711 (PRUint32)hSession,(PRUint32)rv);
712 sftk_LogAuditMessage(severity, NSS_AUDIT_LOGOUT, msg);
713 }
714 return rv;
715 }
716
717
718 /* FC_CreateObject creates a new object. */
719 CK_RV FC_CreateObject(CK_SESSION_HANDLE hSession,
720 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
721 CK_OBJECT_HANDLE_PTR phObject) {
722 CK_OBJECT_CLASS * classptr;
723 CK_RV rv = CKR_OK;
724
725 CHECK_FORK();
726
727 classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate,ulCount,CKA_CLASS);
728 if (classptr == NULL) return CKR_TEMPLATE_INCOMPLETE;
729
730 if (*classptr == CKO_NETSCAPE_NEWSLOT || *classptr == CKO_NETSCAPE_DELSLOT) {
731 if (sftk_fatalError)
732 return CKR_DEVICE_ERROR;
733 } else {
734 rv = sftk_fipsCheck();
735 if (rv != CKR_OK)
736 return rv;
737 }
738
739 /* FIPS can't create keys from raw key material */
740 if (SFTK_IS_NONPUBLIC_KEY_OBJECT(*classptr)) {
741 rv = CKR_ATTRIBUTE_VALUE_INVALID;
742 } else {
743 rv = NSC_CreateObject(hSession,pTemplate,ulCount,phObject);
744 }
745 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(*classptr)) {
746 sftk_AuditCreateObject(hSession,pTemplate,ulCount,phObject,rv);
747 }
748 return rv;
749 }
750
751
752
753
754
755 /* FC_CopyObject copies an object, creating a new object for the copy. */
756 CK_RV FC_CopyObject(CK_SESSION_HANDLE hSession,
757 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
758 CK_OBJECT_HANDLE_PTR phNewObject) {
759 CK_RV rv;
760 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
761
762 CHECK_FORK();
763
764 SFTK_FIPSFATALCHECK();
765 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
766 if (rv == CKR_OK) {
767 rv = NSC_CopyObject(hSession,hObject,pTemplate,ulCount,phNewObject);
768 }
769 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
770 sftk_AuditCopyObject(hSession,
771 hObject,pTemplate,ulCount,phNewObject,rv);
772 }
773 return rv;
774 }
775
776
777 /* FC_DestroyObject destroys an object. */
778 CK_RV FC_DestroyObject(CK_SESSION_HANDLE hSession,
779 CK_OBJECT_HANDLE hObject) {
780 CK_RV rv;
781 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
782
783 CHECK_FORK();
784
785 SFTK_FIPSFATALCHECK();
786 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
787 if (rv == CKR_OK) {
788 rv = NSC_DestroyObject(hSession,hObject);
789 }
790 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
791 sftk_AuditDestroyObject(hSession,hObject,rv);
792 }
793 return rv;
794 }
795
796
797 /* FC_GetObjectSize gets the size of an object in bytes. */
798 CK_RV FC_GetObjectSize(CK_SESSION_HANDLE hSession,
799 CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize) {
800 CK_RV rv;
801 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
802
803 CHECK_FORK();
804
805 SFTK_FIPSFATALCHECK();
806 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
807 if (rv == CKR_OK) {
808 rv = NSC_GetObjectSize(hSession, hObject, pulSize);
809 }
810 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
811 sftk_AuditGetObjectSize(hSession, hObject, pulSize, rv);
812 }
813 return rv;
814 }
815
816
817 /* FC_GetAttributeValue obtains the value of one or more object attributes. */
818 CK_RV FC_GetAttributeValue(CK_SESSION_HANDLE hSession,
819 CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
820 CK_RV rv;
821 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
822
823 CHECK_FORK();
824
825 SFTK_FIPSFATALCHECK();
826 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
827 if (rv == CKR_OK) {
828 rv = NSC_GetAttributeValue(hSession,hObject,pTemplate,ulCount);
829 }
830 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
831 sftk_AuditGetAttributeValue(hSession,hObject,pTemplate,ulCount,rv);
832 }
833 return rv;
834 }
835
836
837 /* FC_SetAttributeValue modifies the value of one or more object attributes */
838 CK_RV FC_SetAttributeValue (CK_SESSION_HANDLE hSession,
839 CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
840 CK_RV rv;
841 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
842
843 CHECK_FORK();
844
845 SFTK_FIPSFATALCHECK();
846 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
847 if (rv == CKR_OK) {
848 rv = NSC_SetAttributeValue(hSession,hObject,pTemplate,ulCount);
849 }
850 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
851 sftk_AuditSetAttributeValue(hSession,hObject,pTemplate,ulCount,rv);
852 }
853 return rv;
854 }
855
856
857
858 /* FC_FindObjectsInit initializes a search for token and session objects
859 * that match a template. */
860 CK_RV FC_FindObjectsInit(CK_SESSION_HANDLE hSession,
861 CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
862 /* let publically readable object be found */
863 unsigned int i;
864 CK_RV rv;
865 PRBool needLogin = PR_FALSE;
866
867
868 CHECK_FORK();
869
870 SFTK_FIPSFATALCHECK();
871
872 for (i=0; i < usCount; i++) {
873 CK_OBJECT_CLASS class;
874 if (pTemplate[i].type != CKA_CLASS) {
875 continue;
876 }
877 if (pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS)) {
878 continue;
879 }
880 if (pTemplate[i].pValue == NULL) {
881 continue;
882 }
883 class = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
884 if ((class == CKO_PRIVATE_KEY) || (class == CKO_SECRET_KEY)) {
885 needLogin = PR_TRUE;
886 break;
887 }
888 }
889 if (needLogin) {
890 if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
891 }
892 return NSC_FindObjectsInit(hSession,pTemplate,usCount);
893 }
894
895
896 /* FC_FindObjects continues a search for token and session objects
897 * that match a template, obtaining additional object handles. */
898 CK_RV FC_FindObjects(CK_SESSION_HANDLE hSession,
899 CK_OBJECT_HANDLE_PTR phObject,CK_ULONG usMaxObjectCount,
900 CK_ULONG_PTR pusObjectCount) {
901 CHECK_FORK();
902
903 /* let publically readable object be found */
904 SFTK_FIPSFATALCHECK();
905 return NSC_FindObjects(hSession,phObject,usMaxObjectCount,
906 pusObjectCount);
907 }
908
909
910 /*
911 ************** Crypto Functions: Encrypt ************************
912 */
913
914 /* FC_EncryptInit initializes an encryption operation. */
915 CK_RV FC_EncryptInit(CK_SESSION_HANDLE hSession,
916 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
917 SFTK_FIPSCHECK();
918 CHECK_FORK();
919
920 rv = NSC_EncryptInit(hSession,pMechanism,hKey);
921 if (sftk_audit_enabled) {
922 sftk_AuditCryptInit("Encrypt",hSession,pMechanism,hKey,rv);
923 }
924 return rv;
925 }
926
927 /* FC_Encrypt encrypts single-part data. */
928 CK_RV FC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
929 CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
930 CK_ULONG_PTR pusEncryptedDataLen) {
931 SFTK_FIPSCHECK();
932 CHECK_FORK();
933
934 return NSC_Encrypt(hSession,pData,usDataLen,pEncryptedData,
935 pusEncryptedDataLen);
936 }
937
938
939 /* FC_EncryptUpdate continues a multiple-part encryption operation. */
940 CK_RV FC_EncryptUpdate(CK_SESSION_HANDLE hSession,
941 CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
942 CK_ULONG_PTR pusEncryptedPartLen) {
943 SFTK_FIPSCHECK();
944 CHECK_FORK();
945
946 return NSC_EncryptUpdate(hSession,pPart,usPartLen,pEncryptedPart,
947 pusEncryptedPartLen);
948 }
949
950
951 /* FC_EncryptFinal finishes a multiple-part encryption operation. */
952 CK_RV FC_EncryptFinal(CK_SESSION_HANDLE hSession,
953 CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen) {
954 SFTK_FIPSCHECK();
955 CHECK_FORK();
956
957 return NSC_EncryptFinal(hSession,pLastEncryptedPart,
958 pusLastEncryptedPartLen);
959 }
960
961 /*
962 ************** Crypto Functions: Decrypt ************************
963 */
964
965
966 /* FC_DecryptInit initializes a decryption operation. */
967 CK_RV FC_DecryptInit( CK_SESSION_HANDLE hSession,
968 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
969 SFTK_FIPSCHECK();
970 CHECK_FORK();
971
972 rv = NSC_DecryptInit(hSession,pMechanism,hKey);
973 if (sftk_audit_enabled) {
974 sftk_AuditCryptInit("Decrypt",hSession,pMechanism,hKey,rv);
975 }
976 return rv;
977 }
978
979 /* FC_Decrypt decrypts encrypted data in a single part. */
980 CK_RV FC_Decrypt(CK_SESSION_HANDLE hSession,
981 CK_BYTE_PTR pEncryptedData,CK_ULONG usEncryptedDataLen,CK_BYTE_PTR pData,
982 CK_ULONG_PTR pusDataLen) {
983 SFTK_FIPSCHECK();
984 CHECK_FORK();
985
986 return NSC_Decrypt(hSession,pEncryptedData,usEncryptedDataLen,pData,
987 pusDataLen);
988 }
989
990
991 /* FC_DecryptUpdate continues a multiple-part decryption operation. */
992 CK_RV FC_DecryptUpdate(CK_SESSION_HANDLE hSession,
993 CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen,
994 CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen) {
995 SFTK_FIPSCHECK();
996 CHECK_FORK();
997
998 return NSC_DecryptUpdate(hSession,pEncryptedPart,usEncryptedPartLen,
999 pPart,pusPartLen);
1000 }
1001
1002
1003 /* FC_DecryptFinal finishes a multiple-part decryption operation. */
1004 CK_RV FC_DecryptFinal(CK_SESSION_HANDLE hSession,
1005 CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen) {
1006 SFTK_FIPSCHECK();
1007 CHECK_FORK();
1008
1009 return NSC_DecryptFinal(hSession,pLastPart,pusLastPartLen);
1010 }
1011
1012
1013 /*
1014 ************** Crypto Functions: Digest (HASH) ************************
1015 */
1016
1017 /* FC_DigestInit initializes a message-digesting operation. */
1018 CK_RV FC_DigestInit(CK_SESSION_HANDLE hSession,
1019 CK_MECHANISM_PTR pMechanism) {
1020 SFTK_FIPSFATALCHECK();
1021 CHECK_FORK();
1022
1023 return NSC_DigestInit(hSession, pMechanism);
1024 }
1025
1026
1027 /* FC_Digest digests data in a single part. */
1028 CK_RV FC_Digest(CK_SESSION_HANDLE hSession,
1029 CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
1030 CK_ULONG_PTR pusDigestLen) {
1031 SFTK_FIPSFATALCHECK();
1032 CHECK_FORK();
1033
1034 return NSC_Digest(hSession,pData,usDataLen,pDigest,pusDigestLen);
1035 }
1036
1037
1038 /* FC_DigestUpdate continues a multiple-part message-digesting operation. */
1039 CK_RV FC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
1040 CK_ULONG usPartLen) {
1041 SFTK_FIPSFATALCHECK();
1042 CHECK_FORK();
1043
1044 return NSC_DigestUpdate(hSession,pPart,usPartLen);
1045 }
1046
1047
1048 /* FC_DigestFinal finishes a multiple-part message-digesting operation. */
1049 CK_RV FC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
1050 CK_ULONG_PTR pusDigestLen) {
1051 SFTK_FIPSFATALCHECK();
1052 CHECK_FORK();
1053
1054 return NSC_DigestFinal(hSession,pDigest,pusDigestLen);
1055 }
1056
1057
1058 /*
1059 ************** Crypto Functions: Sign ************************
1060 */
1061
1062 /* FC_SignInit initializes a signature (private key encryption) operation,
1063 * where the signature is (will be) an appendix to the data,
1064 * and plaintext cannot be recovered from the signature */
1065 CK_RV FC_SignInit(CK_SESSION_HANDLE hSession,
1066 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
1067 SFTK_FIPSCHECK();
1068 CHECK_FORK();
1069
1070 rv = NSC_SignInit(hSession,pMechanism,hKey);
1071 if (sftk_audit_enabled) {
1072 sftk_AuditCryptInit("Sign",hSession,pMechanism,hKey,rv);
1073 }
1074 return rv;
1075 }
1076
1077
1078 /* FC_Sign signs (encrypts with private key) data in a single part,
1079 * where the signature is (will be) an appendix to the data,
1080 * and plaintext cannot be recovered from the signature */
1081 CK_RV FC_Sign(CK_SESSION_HANDLE hSession,
1082 CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,
1083 CK_ULONG_PTR pusSignatureLen) {
1084 SFTK_FIPSCHECK();
1085 CHECK_FORK();
1086
1087 return NSC_Sign(hSession,pData,usDataLen,pSignature,pusSignatureLen);
1088 }
1089
1090
1091 /* FC_SignUpdate continues a multiple-part signature operation,
1092 * where the signature is (will be) an appendix to the data,
1093 * and plaintext cannot be recovered from the signature */
1094 CK_RV FC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
1095 CK_ULONG usPartLen) {
1096 SFTK_FIPSCHECK();
1097 CHECK_FORK();
1098
1099 return NSC_SignUpdate(hSession,pPart,usPartLen);
1100 }
1101
1102
1103 /* FC_SignFinal finishes a multiple-part signature operation,
1104 * returning the signature. */
1105 CK_RV FC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
1106 CK_ULONG_PTR pusSignatureLen) {
1107 SFTK_FIPSCHECK();
1108 CHECK_FORK();
1109
1110 return NSC_SignFinal(hSession,pSignature,pusSignatureLen);
1111 }
1112
1113 /*
1114 ************** Crypto Functions: Sign Recover ************************
1115 */
1116 /* FC_SignRecoverInit initializes a signature operation,
1117 * where the (digest) data can be recovered from the signature.
1118 * E.g. encryption with the user's private key */
1119 CK_RV FC_SignRecoverInit(CK_SESSION_HANDLE hSession,
1120 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
1121 SFTK_FIPSCHECK();
1122 CHECK_FORK();
1123
1124 rv = NSC_SignRecoverInit(hSession,pMechanism,hKey);
1125 if (sftk_audit_enabled) {
1126 sftk_AuditCryptInit("SignRecover",hSession,pMechanism,hKey,rv);
1127 }
1128 return rv;
1129 }
1130
1131
1132 /* FC_SignRecover signs data in a single operation
1133 * where the (digest) data can be recovered from the signature.
1134 * E.g. encryption with the user's private key */
1135 CK_RV FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
1136 CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen) {
1137 SFTK_FIPSCHECK();
1138 CHECK_FORK();
1139
1140 return NSC_SignRecover(hSession,pData,usDataLen,pSignature,pusSignatureLen);
1141 }
1142
1143 /*
1144 ************** Crypto Functions: verify ************************
1145 */
1146
1147 /* FC_VerifyInit initializes a verification operation,
1148 * where the signature is an appendix to the data,
1149 * and plaintext cannot be recovered from the signature (e.g. DSA) */
1150 CK_RV FC_VerifyInit(CK_SESSION_HANDLE hSession,
1151 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
1152 SFTK_FIPSCHECK();
1153 CHECK_FORK();
1154
1155 rv = NSC_VerifyInit(hSession,pMechanism,hKey);
1156 if (sftk_audit_enabled) {
1157 sftk_AuditCryptInit("Verify",hSession,pMechanism,hKey,rv);
1158 }
1159 return rv;
1160 }
1161
1162
1163 /* FC_Verify verifies a signature in a single-part operation,
1164 * where the signature is an appendix to the data,
1165 * and plaintext cannot be recovered from the signature */
1166 CK_RV FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
1167 CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen) {
1168 /* make sure we're legal */
1169 SFTK_FIPSCHECK();
1170 CHECK_FORK();
1171
1172 return NSC_Verify(hSession,pData,usDataLen,pSignature,usSignatureLen);
1173 }
1174
1175
1176 /* FC_VerifyUpdate continues a multiple-part verification operation,
1177 * where the signature is an appendix to the data,
1178 * and plaintext cannot be recovered from the signature */
1179 CK_RV FC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1180 CK_ULONG usPartLen) {
1181 SFTK_FIPSCHECK();
1182 CHECK_FORK();
1183
1184 return NSC_VerifyUpdate(hSession,pPart,usPartLen);
1185 }
1186
1187
1188 /* FC_VerifyFinal finishes a multiple-part verification operation,
1189 * checking the signature. */
1190 CK_RV FC_VerifyFinal(CK_SESSION_HANDLE hSession,
1191 CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen) {
1192 SFTK_FIPSCHECK();
1193 CHECK_FORK();
1194
1195 return NSC_VerifyFinal(hSession,pSignature,usSignatureLen);
1196 }
1197
1198 /*
1199 ************** Crypto Functions: Verify Recover ************************
1200 */
1201
1202 /* FC_VerifyRecoverInit initializes a signature verification operation,
1203 * where the data is recovered from the signature.
1204 * E.g. Decryption with the user's public key */
1205 CK_RV FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
1206 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
1207 SFTK_FIPSCHECK();
1208 CHECK_FORK();
1209
1210 rv = NSC_VerifyRecoverInit(hSession,pMechanism,hKey);
1211 if (sftk_audit_enabled) {
1212 sftk_AuditCryptInit("VerifyRecover",hSession,pMechanism,hKey,rv);
1213 }
1214 return rv;
1215 }
1216
1217
1218 /* FC_VerifyRecover verifies a signature in a single-part operation,
1219 * where the data is recovered from the signature.
1220 * E.g. Decryption with the user's public key */
1221 CK_RV FC_VerifyRecover(CK_SESSION_HANDLE hSession,
1222 CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen,
1223 CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen) {
1224 SFTK_FIPSCHECK();
1225 CHECK_FORK();
1226
1227 return NSC_VerifyRecover(hSession,pSignature,usSignatureLen,pData,
1228 pusDataLen);
1229 }
1230
1231 /*
1232 **************************** Key Functions: ************************
1233 */
1234
1235 /* FC_GenerateKey generates a secret key, creating a new key object. */
1236 CK_RV FC_GenerateKey(CK_SESSION_HANDLE hSession,
1237 CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,
1238 CK_OBJECT_HANDLE_PTR phKey) {
1239 CK_BBOOL *boolptr;
1240
1241 SFTK_FIPSCHECK();
1242 CHECK_FORK();
1243
1244 /* all secret keys must be sensitive, if the upper level code tries to say
1245 * otherwise, reject it. */
1246 boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate, ulCount, CKA_SENSITIVE);
1247 if (boolptr != NULL) {
1248 if (!(*boolptr)) {
1249 return CKR_ATTRIBUTE_VALUE_INVALID;
1250 }
1251 }
1252
1253 rv = NSC_GenerateKey(hSession,pMechanism,pTemplate,ulCount,phKey);
1254 if (sftk_audit_enabled) {
1255 sftk_AuditGenerateKey(hSession,pMechanism,pTemplate,ulCount,phKey,rv);
1256 }
1257 return rv;
1258 }
1259
1260
1261 /* FC_GenerateKeyPair generates a public-key/private-key pair,
1262 * creating new key objects. */
1263 CK_RV FC_GenerateKeyPair (CK_SESSION_HANDLE hSession,
1264 CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1265 CK_ULONG usPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
1266 CK_ULONG usPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
1267 CK_OBJECT_HANDLE_PTR phPrivateKey) {
1268 CK_BBOOL *boolptr;
1269 CK_RV crv;
1270
1271 SFTK_FIPSCHECK();
1272 CHECK_FORK();
1273
1274
1275 /* all private keys must be sensitive, if the upper level code tries to say
1276 * otherwise, reject it. */
1277 boolptr = (CK_BBOOL *) fc_getAttribute(pPrivateKeyTemplate,
1278 usPrivateKeyAttributeCount, CKA_SENSITIVE);
1279 if (boolptr != NULL) {
1280 if (!(*boolptr)) {
1281 return CKR_ATTRIBUTE_VALUE_INVALID;
1282 }
1283 }
1284 crv = NSC_GenerateKeyPair (hSession,pMechanism,pPublicKeyTemplate,
1285 usPublicKeyAttributeCount,pPrivateKeyTemplate,
1286 usPrivateKeyAttributeCount,phPublicKey,phPrivateKey);
1287 if (crv == CKR_GENERAL_ERROR) {
1288 /* pairwise consistency check failed. */
1289 sftk_fatalError = PR_TRUE;
1290 }
1291 if (sftk_audit_enabled) {
1292 sftk_AuditGenerateKeyPair(hSession,pMechanism,pPublicKeyTemplate,
1293 usPublicKeyAttributeCount,pPrivateKeyTemplate,
1294 usPrivateKeyAttributeCount,phPublicKey,phPrivateKey,crv);
1295 }
1296 return crv;
1297 }
1298
1299
1300 /* FC_WrapKey wraps (i.e., encrypts) a key. */
1301 CK_RV FC_WrapKey(CK_SESSION_HANDLE hSession,
1302 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
1303 CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
1304 CK_ULONG_PTR pulWrappedKeyLen) {
1305 SFTK_FIPSCHECK();
1306 CHECK_FORK();
1307
1308 rv = NSC_WrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
1309 pulWrappedKeyLen);
1310 if (sftk_audit_enabled) {
1311 sftk_AuditWrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
1312 pulWrappedKeyLen,rv);
1313 }
1314 return rv;
1315 }
1316
1317
1318 /* FC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
1319 CK_RV FC_UnwrapKey(CK_SESSION_HANDLE hSession,
1320 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
1321 CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
1322 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
1323 CK_OBJECT_HANDLE_PTR phKey) {
1324 CK_BBOOL *boolptr;
1325
1326 SFTK_FIPSCHECK();
1327 CHECK_FORK();
1328
1329 /* all secret keys must be sensitive, if the upper level code tries to say
1330 * otherwise, reject it. */
1331 boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate,
1332 ulAttributeCount, CKA_SENSITIVE);
1333 if (boolptr != NULL) {
1334 if (!(*boolptr)) {
1335 return CKR_ATTRIBUTE_VALUE_INVALID;
1336 }
1337 }
1338 rv = NSC_UnwrapKey(hSession,pMechanism,hUnwrappingKey,pWrappedKey,
1339 ulWrappedKeyLen,pTemplate,ulAttributeCount,phKey);
1340 if (sftk_audit_enabled) {
1341 sftk_AuditUnwrapKey(hSession,pMechanism,hUnwrappingKey,pWrappedKey,
1342 ulWrappedKeyLen,pTemplate,ulAttributeCount,phKey,rv);
1343 }
1344 return rv;
1345 }
1346
1347
1348 /* FC_DeriveKey derives a key from a base key, creating a new key object. */
1349 CK_RV FC_DeriveKey( CK_SESSION_HANDLE hSession,
1350 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
1351 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
1352 CK_OBJECT_HANDLE_PTR phKey) {
1353 CK_BBOOL *boolptr;
1354
1355 SFTK_FIPSCHECK();
1356 CHECK_FORK();
1357
1358 /* all secret keys must be sensitive, if the upper level code tries to say
1359 * otherwise, reject it. */
1360 boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate,
1361 ulAttributeCount, CKA_SENSITIVE);
1362 if (boolptr != NULL) {
1363 if (!(*boolptr)) {
1364 return CKR_ATTRIBUTE_VALUE_INVALID;
1365 }
1366 }
1367 rv = NSC_DeriveKey(hSession,pMechanism,hBaseKey,pTemplate,
1368 ulAttributeCount, phKey);
1369 if (sftk_audit_enabled) {
1370 sftk_AuditDeriveKey(hSession,pMechanism,hBaseKey,pTemplate,
1371 ulAttributeCount,phKey,rv);
1372 }
1373 return rv;
1374 }
1375
1376 /*
1377 **************************** Radom Functions: ************************
1378 */
1379
1380 /* FC_SeedRandom mixes additional seed material into the token's random number
1381 * generator. */
1382 CK_RV FC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
1383 CK_ULONG usSeedLen) {
1384 CK_RV crv;
1385
1386 SFTK_FIPSFATALCHECK();
1387 CHECK_FORK();
1388
1389 crv = NSC_SeedRandom(hSession,pSeed,usSeedLen);
1390 if (crv != CKR_OK) {
1391 sftk_fatalError = PR_TRUE;
1392 }
1393 return crv;
1394 }
1395
1396
1397 /* FC_GenerateRandom generates random data. */
1398 CK_RV FC_GenerateRandom(CK_SESSION_HANDLE hSession,
1399 CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen) {
1400 CK_RV crv;
1401
1402 CHECK_FORK();
1403
1404 SFTK_FIPSFATALCHECK();
1405 crv = NSC_GenerateRandom(hSession,pRandomData,ulRandomLen);
1406 if (crv != CKR_OK) {
1407 sftk_fatalError = PR_TRUE;
1408 if (sftk_audit_enabled) {
1409 char msg[128];
1410 PR_snprintf(msg,sizeof msg,
1411 "C_GenerateRandom(hSession=0x%08lX, pRandomData=%p, "
1412 "ulRandomLen=%lu)=0x%08lX "
1413 "self-test: continuous RNG test failed",
1414 (PRUint32)hSession,pRandomData,
1415 (PRUint32)ulRandomLen,(PRUint32)crv);
1416 sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
1417 }
1418 }
1419 return crv;
1420 }
1421
1422
1423 /* FC_GetFunctionStatus obtains an updated status of a function running
1424 * in parallel with an application. */
1425 CK_RV FC_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
1426 SFTK_FIPSCHECK();
1427 CHECK_FORK();
1428
1429 return NSC_GetFunctionStatus(hSession);
1430 }
1431
1432
1433 /* FC_CancelFunction cancels a function running in parallel */
1434 CK_RV FC_CancelFunction(CK_SESSION_HANDLE hSession) {
1435 SFTK_FIPSCHECK();
1436 CHECK_FORK();
1437
1438 return NSC_CancelFunction(hSession);
1439 }
1440
1441 /*
1442 **************************** Version 1.1 Functions: ************************
1443 */
1444
1445 /* FC_GetOperationState saves the state of the cryptographic
1446 *operation in a session. */
1447 CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession,
1448 CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen) {
1449 SFTK_FIPSFATALCHECK();
1450 CHECK_FORK();
1451
1452 return NSC_GetOperationState(hSession,pOperationState,pulOperationStateLen);
1453 }
1454
1455
1456 /* FC_SetOperationState restores the state of the cryptographic operation
1457 * in a session. */
1458 CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession,
1459 CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
1460 CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) {
1461 SFTK_FIPSFATALCHECK();
1462 CHECK_FORK();
1463
1464 return NSC_SetOperationState(hSession,pOperationState,ulOperationStateLen,
1465 hEncryptionKey,hAuthenticationKey);
1466 }
1467
1468 /* FC_FindObjectsFinal finishes a search for token and session objects. */
1469 CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
1470 /* let publically readable object be found */
1471 SFTK_FIPSFATALCHECK();
1472 CHECK_FORK();
1473
1474 return NSC_FindObjectsFinal(hSession);
1475 }
1476
1477
1478 /* Dual-function cryptographic operations */
1479
1480 /* FC_DigestEncryptUpdate continues a multiple-part digesting and encryption
1481 * operation. */
1482 CK_RV FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1483 CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1484 CK_ULONG_PTR pulEncryptedPartLen) {
1485 SFTK_FIPSCHECK();
1486 CHECK_FORK();
1487
1488 return NSC_DigestEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
1489 pulEncryptedPartLen);
1490 }
1491
1492
1493 /* FC_DecryptDigestUpdate continues a multiple-part decryption and digesting
1494 * operation. */
1495 CK_RV FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
1496 CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
1497 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) {
1498 SFTK_FIPSCHECK();
1499 CHECK_FORK();
1500
1501 return NSC_DecryptDigestUpdate(hSession, pEncryptedPart,ulEncryptedPartLen,
1502 pPart,pulPartLen);
1503 }
1504
1505 /* FC_SignEncryptUpdate continues a multiple-part signing and encryption
1506 * operation. */
1507 CK_RV FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1508 CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1509 CK_ULONG_PTR pulEncryptedPartLen) {
1510 SFTK_FIPSCHECK();
1511 CHECK_FORK();
1512
1513 return NSC_SignEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
1514 pulEncryptedPartLen);
1515 }
1516
1517 /* FC_DecryptVerifyUpdate continues a multiple-part decryption and verify
1518 * operation. */
1519 CK_RV FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
1520 CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
1521 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) {
1522 SFTK_FIPSCHECK();
1523 CHECK_FORK();
1524
1525 return NSC_DecryptVerifyUpdate(hSession,pEncryptedData,ulEncryptedDataLen,
1526 pData,pulDataLen);
1527 }
1528
1529
1530 /* FC_DigestKey continues a multi-part message-digesting operation,
1531 * by digesting the value of a secret key as part of the data already digested.
1532 */
1533 CK_RV FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) {
1534 SFTK_FIPSCHECK();
1535 CHECK_FORK();
1536
1537 rv = NSC_DigestKey(hSession,hKey);
1538 if (sftk_audit_enabled) {
1539 sftk_AuditDigestKey(hSession,hKey,rv);
1540 }
1541 return rv;
1542 }
1543
1544
1545 CK_RV FC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
1546 CK_VOID_PTR pReserved)
1547 {
1548 CHECK_FORK();
1549
1550 return NSC_WaitForSlotEvent(flags, pSlot, pReserved);
1551 }
OLDNEW
« no previous file with comments | « nss/lib/softoken/fipstest.c ('k') | nss/lib/softoken/jpakesftk.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698