common/mbedtls/pkcs11.c

   1 /**
   2  * \file pkcs11.c
   3  *
   4  * \brief Wrapper for PKCS#11 library libpkcs11-helper
   5  *
   6  * \author Adriaan de Jong <dejong@fox-it.com>
   7  *
   8  *  Copyright The Mbed TLS Contributors
   9  *  SPDX-License-Identifier: Apache-2.0
  10  *
  11  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
  12  *  not use this file except in compliance with the License.
  13  *  You may obtain a copy of the License at
  14  *
  15  *  http://www.apache.org/licenses/LICENSE-2.0
  16  *
  17  *  Unless required by applicable law or agreed to in writing, software
  18  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  19  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20  *  See the License for the specific language governing permissions and
  21  *  limitations under the License.
  22  */
  23
  24 #include "mbedtls/pkcs11.h"
  25
  26 #if defined(MBEDTLS_PKCS11_C)
  27
  28 #include "mbedtls/md.h"
  29 #include "mbedtls/oid.h"
  30 #include "mbedtls/x509_crt.h"
  31
  32 #if defined(MBEDTLS_PLATFORM_C)
  33 #include "mbedtls/platform.h"
  34 #else
  35 #include <stdlib.h>
  36 #define mbedtls_calloc    calloc
  37 #define mbedtls_free       free
  38 #endif
  39
  40 #include <string.h>
  41
  42 void mbedtls_pkcs11_init(mbedtls_pkcs11_context *ctx) {
  43     memset(ctx, 0, sizeof(mbedtls_pkcs11_context));
  44 }
  45
  46 int mbedtls_pkcs11_x509_cert_bind(mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert) {
  47     int ret = 1;
  48     unsigned char *cert_blob = NULL;
  49     size_t cert_blob_size = 0;
  50
  51     if (cert == NULL) {
  52         ret = 2;
  53         goto cleanup;
  54     }
  55
  56     if (pkcs11h_certificate_getCertificateBlob(pkcs11_cert, NULL,
  57                                                &cert_blob_size) != CKR_OK) {
  58         ret = 3;
  59         goto cleanup;
  60     }
  61
  62     cert_blob = mbedtls_calloc(1, cert_blob_size);
  63     if (NULL == cert_blob) {
  64         ret = 4;
  65         goto cleanup;
  66     }
  67
  68     if (pkcs11h_certificate_getCertificateBlob(pkcs11_cert, cert_blob,
  69                                                &cert_blob_size) != CKR_OK) {
  70         ret = 5;
  71         goto cleanup;
  72     }
  73
  74     if (0 != mbedtls_x509_crt_parse(cert, cert_blob, cert_blob_size)) {
  75         ret = 6;
  76         goto cleanup;
  77     }
  78
  79     ret = 0;
  80
  81 cleanup:
  82     if (NULL != cert_blob)
  83         mbedtls_free(cert_blob);
  84
  85     return (ret);
  86 }
  87
  88
  89 int mbedtls_pkcs11_priv_key_bind(mbedtls_pkcs11_context *priv_key,
  90                                  pkcs11h_certificate_t pkcs11_cert) {
  91     int ret = 1;
  92     mbedtls_x509_crt cert;
  93
  94     mbedtls_x509_crt_init(&cert);
  95
  96     if (priv_key == NULL)
  97         goto cleanup;
  98
  99     if (0 != mbedtls_pkcs11_x509_cert_bind(&cert, pkcs11_cert))
 100         goto cleanup;
 101
 102     priv_key->len = mbedtls_pk_get_len(&cert.pk);
 103     priv_key->pkcs11h_cert = pkcs11_cert;
 104
 105     ret = 0;
 106
 107 cleanup:
 108     mbedtls_x509_crt_free(&cert);
 109
 110     return (ret);
 111 }
 112
 113 void mbedtls_pkcs11_priv_key_free(mbedtls_pkcs11_context *priv_key) {
 114     if (NULL != priv_key)
 115         pkcs11h_certificate_freeCertificate(priv_key->pkcs11h_cert);
 116 }
 117
 118 int mbedtls_pkcs11_decrypt(mbedtls_pkcs11_context *ctx,
 119                            int mode, size_t *olen,
 120                            const unsigned char *input,
 121                            unsigned char *output,
 122                            size_t output_max_len) {
 123     size_t input_len, output_len;
 124
 125     if (NULL == ctx)
 126         return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 127
 128     if (MBEDTLS_RSA_PRIVATE != mode)
 129         return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 130
 131     output_len = input_len = ctx->len;
 132
 133     if (input_len < 16 || input_len > output_max_len)
 134         return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 135
 136     /* Determine size of output buffer */
 137     if (pkcs11h_certificate_decryptAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
 138                                        input_len, NULL, &output_len) != CKR_OK) {
 139         return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 140     }
 141
 142     if (output_len > output_max_len)
 143         return (MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE);
 144
 145     if (pkcs11h_certificate_decryptAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
 146                                        input_len, output, &output_len) != CKR_OK) {
 147         return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 148     }
 149     *olen = output_len;
 150     return (0);
 151 }
 152
 153 int mbedtls_pkcs11_sign(mbedtls_pkcs11_context *ctx,
 154                         int mode,
 155                         mbedtls_md_type_t md_alg,
 156                         unsigned int hashlen,
 157                         const unsigned char *hash,
 158                         unsigned char *sig) {
 159     size_t sig_len = 0, asn_len = 0, oid_size = 0;
 160     unsigned char *p = sig;
 161     const char *oid;
 162
 163     if (NULL == ctx)
 164         return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 165
 166     if (MBEDTLS_RSA_PRIVATE != mode)
 167         return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 168
 169     if (md_alg != MBEDTLS_MD_NONE) {
 170         const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_alg);
 171         if (md_info == NULL)
 172             return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 173
 174         if (mbedtls_oid_get_oid_by_md(md_alg, &oid, &oid_size) != 0)
 175             return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 176
 177         hashlen = mbedtls_md_get_size(md_info);
 178         asn_len = 10 + oid_size;
 179     }
 180
 181     sig_len = ctx->len;
 182     if (hashlen > sig_len || asn_len > sig_len ||
 183             hashlen + asn_len > sig_len) {
 184         return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 185     }
 186
 187     if (md_alg != MBEDTLS_MD_NONE) {
 188         /*
 189          * DigestInfo ::= SEQUENCE {
 190          *   digestAlgorithm DigestAlgorithmIdentifier,
 191          *   digest Digest }
 192          *
 193          * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
 194          *
 195          * Digest ::= OCTET STRING
 196          */
 197         *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
 198         *p++ = (unsigned char)(0x08 + oid_size + hashlen);
 199         *p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
 200         *p++ = (unsigned char)(0x04 + oid_size);
 201         *p++ = MBEDTLS_ASN1_OID;
 202         *p++ = oid_size & 0xFF;
 203         memcpy(p, oid, oid_size);
 204         p += oid_size;
 205         *p++ = MBEDTLS_ASN1_NULL;
 206         *p++ = 0x00;
 207         *p++ = MBEDTLS_ASN1_OCTET_STRING;
 208         *p++ = hashlen;
 209     }
 210
 211     memcpy(p, hash, hashlen);
 212
 213     if (pkcs11h_certificate_signAny(ctx->pkcs11h_cert, CKM_RSA_PKCS, sig,
 214                                     asn_len + hashlen, sig, &sig_len) != CKR_OK) {
 215         return (MBEDTLS_ERR_RSA_BAD_INPUT_DATA);
 216     }
 217
 218     return (0);
 219 }
 220
 221 #endif /* defined(MBEDTLS_PKCS11_C) */