search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Import from 1.9a8 tarball
[mozilla-nss.git] / security / nss / lib / pk11wrap / pk11skey.c
blobf7cb0541110203ee1ee8145ad07fcf12b31eea27
1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is the Netscape security libraries.
15 *
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
20 *
21 * Contributor(s):
22 * Dr Vipul Gupta <vipul.gupta@sun.com> and
23 * Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories
24 *
25 * Alternatively, the contents of this file may be used under the terms of
26 * either the GNU General Public License Version 2 or later (the "GPL"), or
27 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
28 * in which case the provisions of the GPL or the LGPL are applicable instead
29 * of those above. If you wish to allow use of your version of this file only
30 * under the terms of either the GPL or the LGPL, and not to allow others to
31 * use your version of this file under the terms of the MPL, indicate your
32 * decision by deleting the provisions above and replace them with the notice
33 * and other provisions required by the GPL or the LGPL. If you do not delete
34 * the provisions above, a recipient may use your version of this file under
35 * the terms of any one of the MPL, the GPL or the LGPL.
36 *
37 * ***** END LICENSE BLOCK ***** */
38 /*
39 * This file implements the Symkey wrapper and the PKCS context
40 * Interfaces.
41 */
42
43 #include "seccomon.h"
44 #include "secmod.h"
45 #include "nssilock.h"
46 #include "secmodi.h"
47 #include "secmodti.h"
48 #include "pkcs11.h"
49 #include "pk11func.h"
50 #include "secitem.h"
51 #include "secoid.h"
52 #include "secerr.h"
53
54 /* forward static declarations. */
55 static PK11SymKey *pk11_DeriveWithTemplate(PK11SymKey *baseKey,
56 CK_MECHANISM_TYPE derive, SECItem *param, CK_MECHANISM_TYPE target,
57 CK_ATTRIBUTE_TYPE operation, int keySize, CK_ATTRIBUTE *userAttr,
58 unsigned int numAttrs, PRBool isPerm);
59
60 static void
61 pk11_EnterKeyMonitor(PK11SymKey *symKey) {
62 if (!symKey->sessionOwner || !(symKey->slot->isThreadSafe))
63 PK11_EnterSlotMonitor(symKey->slot);
64 }
65
66 static void
67 pk11_ExitKeyMonitor(PK11SymKey *symKey) {
68 if (!symKey->sessionOwner || !(symKey->slot->isThreadSafe))
69 PK11_ExitSlotMonitor(symKey->slot);
70 }
71
72 /*
73 * pk11_getKeyFromList returns a symKey that has a session (if needSession
74 * was specified), or explicitly does not have a session (if needSession
75 * was not specified).
76 */
77 static PK11SymKey *
78 pk11_getKeyFromList(PK11SlotInfo *slot, PRBool needSession) {
79 PK11SymKey *symKey = NULL;
80
81 PZ_Lock(slot->freeListLock);
82 /* own session list are symkeys with sessions that the symkey owns.
83 * 'most' symkeys will own their own session. */
84 if (needSession) {
85 if (slot->freeSymKeysWithSessionHead) {
86 symKey = slot->freeSymKeysWithSessionHead;
87 slot->freeSymKeysWithSessionHead = symKey->next;
88 slot->keyCount--;
89 }
90 }
91 /* if we don't need a symkey with its own session, or we couldn't find
92 * one on the owner list, get one from the non-owner free list. */
93 if (!symKey) {
94 if (slot->freeSymKeysHead) {
95 symKey = slot->freeSymKeysHead;
96 slot->freeSymKeysHead = symKey->next;
97 slot->keyCount--;
98 }
99 }
100 PZ_Unlock(slot->freeListLock);
101 if (symKey) {
102 symKey->next = NULL;
103 if (!needSession) {
104 return symKey;
105 }
106 /* if we are getting an owner key, make sure we have a valid session.
107 * session could be invalid if the token has been removed or because
108 * we got it from the non-owner free list */
109 if ((symKey->series != slot->series) ||
110 (symKey->session == CK_INVALID_SESSION)) {
111 symKey->session = pk11_GetNewSession(slot, &symKey->sessionOwner);
112 }
113 PORT_Assert(symKey->session != CK_INVALID_SESSION);
114 if (symKey->session != CK_INVALID_SESSION)
115 return symKey;
116 PK11_FreeSymKey(symKey);
117 /* if we are here, we need a session, but couldn't get one, it's
118 * unlikely we pk11_GetNewSession will succeed if we call it a second
119 * time. */
120 return NULL;
121 }
122
123 symKey = PORT_New(PK11SymKey);
124 if (symKey == NULL) {
125 return NULL;
126 }
127
128 symKey->next = NULL;
129 if (needSession) {
130 symKey->session = pk11_GetNewSession(slot,&symKey->sessionOwner);
131 PORT_Assert(symKey->session != CK_INVALID_SESSION);
132 if (symKey->session == CK_INVALID_SESSION) {
133 PK11_FreeSymKey(symKey);
134 symKey = NULL;
135 }
136 } else {
137 symKey->session = CK_INVALID_SESSION;
138 }
139 return symKey;
140 }
141
142 /* Caller MUST hold slot->freeListLock (or ref count == 0?) !! */
143 void
144 PK11_CleanKeyList(PK11SlotInfo *slot)
145 {
146 PK11SymKey *symKey = NULL;
147
148 while (slot->freeSymKeysWithSessionHead) {
149 symKey = slot->freeSymKeysWithSessionHead;
150 slot->freeSymKeysWithSessionHead = symKey->next;
151 pk11_CloseSession(slot, symKey->session, symKey->sessionOwner);
152 PORT_Free(symKey);
153 }
154 while (slot->freeSymKeysHead) {
155 symKey = slot->freeSymKeysHead;
156 slot->freeSymKeysHead = symKey->next;
157 pk11_CloseSession(slot, symKey->session, symKey->sessionOwner);
158 PORT_Free(symKey);
159 }
160 return;
161 }
162
163 /*
164 * create a symetric key:
165 * Slot is the slot to create the key in.
166 * type is the mechanism type
167 * owner is does this symKey structure own it's object handle (rare
168 * that this is false).
169 * needSession means the returned symKey will return with a valid session
170 * allocated already.
171 */
172 static PK11SymKey *
173 pk11_CreateSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
174 PRBool owner, PRBool needSession, void *wincx)
175 {
176
177 PK11SymKey *symKey = pk11_getKeyFromList(slot, needSession);
178
179 if (symKey == NULL) {
180 return NULL;
181 }
182 /* if needSession was specified, make sure we have a valid session.
183 * callers which specify needSession as false should do their own
184 * check of the session before returning the symKey */
185 if (needSession && symKey->session == CK_INVALID_SESSION) {
186 PK11_FreeSymKey(symKey);
187 PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
188 return NULL;
189 }
190
191 symKey->type = type;
192 symKey->data.type = siBuffer;
193 symKey->data.data = NULL;
194 symKey->data.len = 0;
195 symKey->owner = owner;
196 symKey->objectID = CK_INVALID_HANDLE;
197 symKey->slot = slot;
198 symKey->series = slot->series;
199 symKey->cx = wincx;
200 symKey->size = 0;
201 symKey->refCount = 1;
202 symKey->origin = PK11_OriginNULL;
203 symKey->parent = NULL;
204 symKey->freeFunc = NULL;
205 symKey->userData = NULL;
206 PK11_ReferenceSlot(slot);
207 return symKey;
208 }
209
210 /*
211 * destroy a symetric key
212 */
213 void
214 PK11_FreeSymKey(PK11SymKey *symKey)
215 {
216 PK11SlotInfo *slot;
217 PRBool freeit = PR_TRUE;
218
219 if (PR_AtomicDecrement(&symKey->refCount) == 0) {
220 PK11SymKey *parent = symKey->parent;
221
222 symKey->parent = NULL;
223 if ((symKey->owner) && symKey->objectID != CK_INVALID_HANDLE) {
224 pk11_EnterKeyMonitor(symKey);
225 (void) PK11_GETTAB(symKey->slot)->
226 C_DestroyObject(symKey->session, symKey->objectID);
227 pk11_ExitKeyMonitor(symKey);
228 }
229 if (symKey->data.data) {
230 PORT_Memset(symKey->data.data, 0, symKey->data.len);
231 PORT_Free(symKey->data.data);
232 }
233 /* free any existing data */
234 if (symKey->userData && symKey->freeFunc) {
235 (*symKey->freeFunc)(symKey->userData);
236 }
237 slot = symKey->slot;
238 PZ_Lock(slot->freeListLock);
239 if (slot->keyCount < slot->maxKeyCount) {
240 /*
241 * freeSymkeysWithSessionHead contain a list of reusable
242 * SymKey structures with valid sessions.
243 * sessionOwner must be true.
244 * session must be valid.
245 * freeSymKeysHead contain a list of SymKey structures without
246 * valid session.
247 * session must be CK_INVALID_SESSION.
248 * though sessionOwner is false, callers should not depend on
249 * this fact.
250 */
251 if (symKey->sessionOwner) {
252 PORT_Assert (symKey->session != CK_INVALID_SESSION);
253 symKey->next = slot->freeSymKeysWithSessionHead;
254 slot->freeSymKeysWithSessionHead = symKey;
255 } else {
256 symKey->session = CK_INVALID_SESSION;
257 symKey->next = slot->freeSymKeysHead;
258 slot->freeSymKeysHead = symKey;
259 }
260 slot->keyCount++;
261 symKey->slot = NULL;
262 freeit = PR_FALSE;
263 }
264 PZ_Unlock(slot->freeListLock);
265 if (freeit) {
266 pk11_CloseSession(symKey->slot, symKey->session,
267 symKey->sessionOwner);
268 PORT_Free(symKey);
269 }
270 PK11_FreeSlot(slot);
271
272 if (parent) {
273 PK11_FreeSymKey(parent);
274 }
275 }
276 }
277
278 PK11SymKey *
279 PK11_ReferenceSymKey(PK11SymKey *symKey)
280 {
281 PR_AtomicIncrement(&symKey->refCount);
282 return symKey;
283 }
284
285 /*
286 * Accessors
287 */
288 CK_MECHANISM_TYPE
289 PK11_GetMechanism(PK11SymKey *symKey)
290 {
291 return symKey->type;
292 }
293
294 /*
295 * return the slot associated with a symetric key
296 */
297 PK11SlotInfo *
298 PK11_GetSlotFromKey(PK11SymKey *symKey)
299 {
300 return PK11_ReferenceSlot(symKey->slot);
301 }
302
303 CK_KEY_TYPE PK11_GetSymKeyType(PK11SymKey *symKey)
304 {
305 return PK11_GetKeyType(symKey->type,symKey->size);
306 }
307
308 PK11SymKey *
309 PK11_GetNextSymKey(PK11SymKey *symKey)
310 {
311 return symKey ? symKey->next : NULL;
312 }
313
314 char *
315 PK11_GetSymKeyNickname(PK11SymKey *symKey)
316 {
317 return PK11_GetObjectNickname(symKey->slot,symKey->objectID);
318 }
319
320 SECStatus
321 PK11_SetSymKeyNickname(PK11SymKey *symKey, const char *nickname)
322 {
323 return PK11_SetObjectNickname(symKey->slot,symKey->objectID,nickname);
324 }
325
326 void *
327 PK11_GetSymKeyUserData(PK11SymKey *symKey)
328 {
329 return symKey->userData;
330 }
331
332 void
333 PK11_SetSymKeyUserData(PK11SymKey *symKey, void *userData,
334 PK11FreeDataFunc freeFunc)
335 {
336 /* free any existing data */
337 if (symKey->userData && symKey->freeFunc) {
338 (*symKey->freeFunc)(symKey->userData);
339 }
340 symKey->userData = userData;
341 symKey->freeFunc = freeFunc;
342 return;
343 }
344
345 /*
346 * turn key handle into an appropriate key object
347 */
348 PK11SymKey *
349 PK11_SymKeyFromHandle(PK11SlotInfo *slot, PK11SymKey *parent, PK11Origin origin,
350 CK_MECHANISM_TYPE type, CK_OBJECT_HANDLE keyID, PRBool owner, void *wincx)
351 {
352 PK11SymKey *symKey;
353 PRBool needSession = !(owner && parent);
354
355 if (keyID == CK_INVALID_HANDLE) {
356 return NULL;
357 }
358
359 symKey = pk11_CreateSymKey(slot, type, owner, needSession, wincx);
360 if (symKey == NULL) {
361 return NULL;
362 }
363
364 symKey->objectID = keyID;
365 symKey->origin = origin;
366
367 /* adopt the parent's session */
368 /* This is only used by SSL. What we really want here is a session
369 * structure with a ref count so the session goes away only after all the
370 * keys do. */
371 if (!needSession) {
372 symKey->sessionOwner = PR_FALSE;
373 symKey->session = parent->session;
374 symKey->parent = PK11_ReferenceSymKey(parent);
375 /* This is the only case where pk11_CreateSymKey does not explicitly
376 * check symKey->session. We need to assert here to make sure.
377 * the session isn't invalid. */
378 PORT_Assert(parent->session != CK_INVALID_SESSION);
379 if (parent->session == CK_INVALID_SESSION) {
380 PK11_FreeSymKey(symKey);
381 PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
382 return NULL;
383 }
384 }
385
386 return symKey;
387 }
388
389 /*
390 * turn key handle into an appropriate key object
391 */
392 PK11SymKey *
393 PK11_GetWrapKey(PK11SlotInfo *slot, int wrap, CK_MECHANISM_TYPE type,
394 int series, void *wincx)
395 {
396 PK11SymKey *symKey = NULL;
397
398 if (slot->series != series) return NULL;
399 if (slot->refKeys[wrap] == CK_INVALID_HANDLE) return NULL;
400 if (type == CKM_INVALID_MECHANISM) type = slot->wrapMechanism;
401
402 symKey = PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive,
403 slot->wrapMechanism, slot->refKeys[wrap], PR_FALSE, wincx);
404 return symKey;
405 }
406
407 /*
408 * This function is not thread-safe because it sets wrapKey->sessionOwner
409 * without using a lock or atomic routine. It can only be called when
410 * only one thread has a reference to wrapKey.
411 */
412 void
413 PK11_SetWrapKey(PK11SlotInfo *slot, int wrap, PK11SymKey *wrapKey)
414 {
415 /* save the handle and mechanism for the wrapping key */
416 /* mark the key and session as not owned by us to they don't get freed
417 * when the key goes way... that lets us reuse the key later */
418 slot->refKeys[wrap] = wrapKey->objectID;
419 wrapKey->owner = PR_FALSE;
420 wrapKey->sessionOwner = PR_FALSE;
421 slot->wrapMechanism = wrapKey->type;
422 }
423
424
425 /*
426 * figure out if a key is still valid or if it is stale.
427 */
428 PRBool
429 PK11_VerifyKeyOK(PK11SymKey *key) {
430 if (!PK11_IsPresent(key->slot)) {
431 return PR_FALSE;
432 }
433 return (PRBool)(key->series == key->slot->series);
434 }
435
436 static PK11SymKey *
437 pk11_ImportSymKeyWithTempl(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
438 PK11Origin origin, PRBool isToken, CK_ATTRIBUTE *keyTemplate,
439 unsigned int templateCount, SECItem *key, void *wincx)
440 {
441 PK11SymKey * symKey;
442 SECStatus rv;
443
444 symKey = pk11_CreateSymKey(slot, type, !isToken, PR_TRUE, wincx);
445 if (symKey == NULL) {
446 return NULL;
447 }
448
449 symKey->size = key->len;
450
451 PK11_SETATTRS(&keyTemplate[templateCount], CKA_VALUE, key->data, key->len);
452 templateCount++;
453
454 if (SECITEM_CopyItem(NULL,&symKey->data,key) != SECSuccess) {
455 PK11_FreeSymKey(symKey);
456 return NULL;
457 }
458
459 symKey->origin = origin;
460
461 /* import the keys */
462 rv = PK11_CreateNewObject(slot, symKey->session, keyTemplate,
463 templateCount, isToken, &symKey->objectID);
464 if ( rv != SECSuccess) {
465 PK11_FreeSymKey(symKey);
466 return NULL;
467 }
468
469 return symKey;
470 }
471
472 /*
473 * turn key bits into an appropriate key object
474 */
475 PK11SymKey *
476 PK11_ImportSymKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
477 PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,void *wincx)
478 {
479 PK11SymKey * symKey;
480 unsigned int templateCount = 0;
481 CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
482 CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
483 CK_BBOOL cktrue = CK_TRUE; /* sigh */
484 CK_ATTRIBUTE keyTemplate[5];
485 CK_ATTRIBUTE * attrs = keyTemplate;
486
487 PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
488 PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
489 PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
490 templateCount = attrs - keyTemplate;
491 PR_ASSERT(templateCount+1 <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
492
493 keyType = PK11_GetKeyType(type,key->len);
494 symKey = pk11_ImportSymKeyWithTempl(slot, type, origin, PR_FALSE,
495 keyTemplate, templateCount, key, wincx);
496 return symKey;
497 }
498
499
500 /*
501 * turn key bits into an appropriate key object
502 */
503 PK11SymKey *
504 PK11_ImportSymKeyWithFlags(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
505 PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key,
506 CK_FLAGS flags, PRBool isPerm, void *wincx)
507 {
508 PK11SymKey * symKey;
509 unsigned int templateCount = 0;
510 CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
511 CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
512 CK_BBOOL cktrue = CK_TRUE; /* sigh */
513 CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
514 CK_ATTRIBUTE * attrs = keyTemplate;
515
516 PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass) ); attrs++;
517 PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType) ); attrs++;
518 if (isPerm) {
519 PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue) ); attrs++;
520 /* sigh some tokens think CKA_PRIVATE = false is a reasonable
521 * default for secret keys */
522 PK11_SETATTRS(attrs, CKA_PRIVATE, &cktrue, sizeof(cktrue) ); attrs++;
523 }
524 attrs += pk11_OpFlagsToAttributes(flags, attrs, &cktrue);
525 if ((operation != CKA_FLAGS_ONLY) &&
526 !pk11_FindAttrInTemplate(keyTemplate, attrs-keyTemplate, operation)) {
527 PK11_SETATTRS(attrs, operation, &cktrue, sizeof(cktrue)); attrs++;
528 }
529 templateCount = attrs - keyTemplate;
530 PR_ASSERT(templateCount+1 <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
531
532 keyType = PK11_GetKeyType(type,key->len);
533 symKey = pk11_ImportSymKeyWithTempl(slot, type, origin, isPerm,
534 keyTemplate, templateCount, key, wincx);
535 if (symKey && isPerm) {
536 symKey->owner = PR_FALSE;
537 }
538 return symKey;
539 }
540
541
542 PK11SymKey *
543 PK11_FindFixedKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *keyID,
544 void *wincx)
545 {
546 CK_ATTRIBUTE findTemp[4];
547 CK_ATTRIBUTE *attrs;
548 CK_BBOOL ckTrue = CK_TRUE;
549 CK_OBJECT_CLASS keyclass = CKO_SECRET_KEY;
550 int tsize = 0;
551 CK_OBJECT_HANDLE key_id;
552
553 attrs = findTemp;
554 PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
555 PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
556 if (keyID) {
557 PK11_SETATTRS(attrs, CKA_ID, keyID->data, keyID->len); attrs++;
558 }
559 tsize = attrs - findTemp;
560 PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
561
562 key_id = pk11_FindObjectByTemplate(slot,findTemp,tsize);
563 if (key_id == CK_INVALID_HANDLE) {
564 return NULL;
565 }
566 return PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive, type, key_id,
567 PR_FALSE, wincx);
568 }
569
570 PK11SymKey *
571 PK11_ListFixedKeysInSlot(PK11SlotInfo *slot, char *nickname, void *wincx)
572 {
573 CK_ATTRIBUTE findTemp[4];
574 CK_ATTRIBUTE *attrs;
575 CK_BBOOL ckTrue = CK_TRUE;
576 CK_OBJECT_CLASS keyclass = CKO_SECRET_KEY;
577 int tsize = 0;
578 int objCount = 0;
579 CK_OBJECT_HANDLE *key_ids;
580 PK11SymKey *nextKey = NULL;
581 PK11SymKey *topKey = NULL;
582 int i,len;
583
584 attrs = findTemp;
585 PK11_SETATTRS(attrs, CKA_CLASS, &keyclass, sizeof(keyclass)); attrs++;
586 PK11_SETATTRS(attrs, CKA_TOKEN, &ckTrue, sizeof(ckTrue)); attrs++;
587 if (nickname) {
588 len = PORT_Strlen(nickname);
589 PK11_SETATTRS(attrs, CKA_LABEL, nickname, len); attrs++;
590 }
591 tsize = attrs - findTemp;
592 PORT_Assert(tsize <= sizeof(findTemp)/sizeof(CK_ATTRIBUTE));
593
594 key_ids = pk11_FindObjectsByTemplate(slot,findTemp,tsize,&objCount);
595 if (key_ids == NULL) {
596 return NULL;
597 }
598
599 for (i=0; i < objCount ; i++) {
600 SECItem typeData;
601 CK_KEY_TYPE type = CKK_GENERIC_SECRET;
602 SECStatus rv = PK11_ReadAttribute(slot, key_ids[i],
603 CKA_KEY_TYPE, NULL, &typeData);
604 if (rv == SECSuccess) {
605 if (typeData.len == sizeof(CK_KEY_TYPE)) {
606 type = *(CK_KEY_TYPE *)typeData.data;
607 }
608 PORT_Free(typeData.data);
609 }
610 nextKey = PK11_SymKeyFromHandle(slot, NULL, PK11_OriginDerive,
611 PK11_GetKeyMechanism(type), key_ids[i], PR_FALSE, wincx);
612 if (nextKey) {
613 nextKey->next = topKey;
614 topKey = nextKey;
615 }
616 }
617 PORT_Free(key_ids);
618 return topKey;
619 }
620
621 void *
622 PK11_GetWindow(PK11SymKey *key)
623 {
624 return key->cx;
625 }
626
627
628 /*
629 * extract a symetric key value. NOTE: if the key is sensitive, we will
630 * not be able to do this operation. This function is used to move
631 * keys from one token to another */
632 SECStatus
633 PK11_ExtractKeyValue(PK11SymKey *symKey)
634 {
635 SECStatus rv;
636
637 if (symKey->data.data != NULL) {
638 if (symKey->size == 0) {
639 symKey->size = symKey->data.len;
640 }
641 return SECSuccess;
642 }
643
644 if (symKey->slot == NULL) {
645 PORT_SetError( SEC_ERROR_INVALID_KEY );
646 return SECFailure;
647 }
648
649 rv = PK11_ReadAttribute(symKey->slot,symKey->objectID,CKA_VALUE,NULL,
650 &symKey->data);
651 if (rv == SECSuccess) {
652 symKey->size = symKey->data.len;
653 }
654 return rv;
655 }
656
657 SECStatus
658 PK11_DeleteTokenSymKey(PK11SymKey *symKey)
659 {
660 if (!PK11_IsPermObject(symKey->slot, symKey->objectID)) {
661 return SECFailure;
662 }
663 PK11_DestroyTokenObject(symKey->slot,symKey->objectID);
664 symKey->objectID = CK_INVALID_HANDLE;
665 return SECSuccess;
666 }
667
668 SECItem *
669 __PK11_GetKeyData(PK11SymKey *symKey)
670 {
671 return &symKey->data;
672 }
673
674 SECItem *
675 PK11_GetKeyData(PK11SymKey *symKey)
676 {
677 return __PK11_GetKeyData(symKey);
678 }
679
680 /* return the keylength if possible. '0' if not */
681 unsigned int
682 PK11_GetKeyLength(PK11SymKey *key)
683 {
684 CK_KEY_TYPE keyType;
685
686 if (key->size != 0) return key->size;
687
688 /* First try to figure out the key length from its type */
689 keyType = PK11_ReadULongAttribute(key->slot,key->objectID,CKA_KEY_TYPE);
690 switch (keyType) {
691 case CKK_DES: key->size = 8; break;
692 case CKK_DES2: key->size = 16; break;
693 case CKK_DES3: key->size = 24; break;
694 case CKK_SKIPJACK: key->size = 10; break;
695 case CKK_BATON: key->size = 20; break;
696 case CKK_JUNIPER: key->size = 20; break;
697 case CKK_GENERIC_SECRET:
698 if (key->type == CKM_SSL3_PRE_MASTER_KEY_GEN) {
699 key->size=48;
700 }
701 break;
702 default: break;
703 }
704 if( key->size != 0 ) return key->size;
705
706 if (key->data.data == NULL) {
707 PK11_ExtractKeyValue(key);
708 }
709 /* key is probably secret. Look up its length */
710 /* this is new PKCS #11 version 2.0 functionality. */
711 if (key->size == 0) {
712 CK_ULONG keyLength;
713
714 keyLength = PK11_ReadULongAttribute(key->slot,key->objectID,CKA_VALUE_LEN);
715 if (keyLength != CK_UNAVAILABLE_INFORMATION) {
716 key->size = (unsigned int)keyLength;
717 }
718 }
719
720 return key->size;
721 }
722
723 /* return the strength of a key. This is different from length in that
724 * 1) it returns the size in bits, and 2) it returns only the secret portions
725 * of the key minus any checksums or parity.
726 */
727 unsigned int
728 PK11_GetKeyStrength(PK11SymKey *key, SECAlgorithmID *algid)
729 {
730 int size=0;
731 CK_MECHANISM_TYPE mechanism= CKM_INVALID_MECHANISM; /* RC2 only */
732 SECItem *param = NULL; /* RC2 only */
733 CK_RC2_CBC_PARAMS *rc2_params = NULL; /* RC2 ONLY */
734 unsigned int effectiveBits = 0; /* RC2 ONLY */
735
736 switch (PK11_GetKeyType(key->type,0)) {
737 case CKK_CDMF:
738 return 40;
739 case CKK_DES:
740 return 56;
741 case CKK_DES3:
742 case CKK_DES2:
743 size = PK11_GetKeyLength(key);
744 if (size == 16) {
745 /* double des */
746 return 112; /* 16*7 */
747 }
748 return 168;
749 /*
750 * RC2 has is different than other ciphers in that it allows the user
751 * to deprecating keysize while still requiring all the bits for the
752 * original key. The info
753 * on what the effective key strength is in the parameter for the key.
754 * In S/MIME this parameter is stored in the DER encoded algid. In Our
755 * other uses of RC2, effectiveBits == keyBits, so this code functions
756 * correctly without an algid.
757 */
758 case CKK_RC2:
759 /* if no algid was provided, fall through to default */
760 if (!algid) {
761 break;
762 }
763 /* verify that the algid is for RC2 */
764 mechanism = PK11_AlgtagToMechanism(SECOID_GetAlgorithmTag(algid));
765 if ((mechanism != CKM_RC2_CBC) && (mechanism != CKM_RC2_ECB)) {
766 break;
767 }
768
769 /* now get effective bits from the algorithm ID. */
770 param = PK11_ParamFromAlgid(algid);
771 /* if we couldn't get memory just use key length */
772 if (param == NULL) {
773 break;
774 }
775
776 rc2_params = (CK_RC2_CBC_PARAMS *) param->data;
777 /* paranoia... shouldn't happen */
778 PORT_Assert(param->data != NULL);
779 if (param->data == NULL) {
780 SECITEM_FreeItem(param,PR_TRUE);
781 break;
782 }
783 effectiveBits = (unsigned int)rc2_params->ulEffectiveBits;
784 SECITEM_FreeItem(param,PR_TRUE);
785 param = NULL; rc2_params=NULL; /* paranoia */
786
787 /* we have effective bits, is and allocated memory is free, now
788 * we need to return the smaller of effective bits and keysize */
789 size = PK11_GetKeyLength(key);
790 if ((unsigned int)size*8 > effectiveBits) {
791 return effectiveBits;
792 }
793
794 return size*8; /* the actual key is smaller, the strength can't be
795 * greater than the actual key size */
796
797 default:
798 break;
799 }
800 return PK11_GetKeyLength(key) * 8;
801 }
802
803 /*
804 * The next three utilities are to deal with the fact that a given operation
805 * may be a multi-slot affair. This creates a new key object that is copied
806 * into the new slot.
807 */
808 PK11SymKey *
809 pk11_CopyToSlotPerm(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
810 CK_ATTRIBUTE_TYPE operation, CK_FLAGS flags,
811 PRBool isPerm, PK11SymKey *symKey)
812 {
813 SECStatus rv;
814 PK11SymKey *newKey = NULL;
815
816 /* Extract the raw key data if possible */
817 if (symKey->data.data == NULL) {
818 rv = PK11_ExtractKeyValue(symKey);
819 /* KEY is sensitive, we're try key exchanging it. */
820 if (rv != SECSuccess) {
821 return pk11_KeyExchange(slot, type, operation,
822 flags, isPerm, symKey);
823 }
824 }
825
826 newKey = PK11_ImportSymKeyWithFlags(slot, type, symKey->origin,
827 operation, &symKey->data, flags, isPerm, symKey->cx);
828 if (newKey == NULL) {
829 newKey = pk11_KeyExchange(slot, type, operation, flags, isPerm, symKey);
830 }
831 return newKey;
832 }
833
834 PK11SymKey *
835 pk11_CopyToSlot(PK11SlotInfo *slot,CK_MECHANISM_TYPE type,
836 CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey)
837 {
838 return pk11_CopyToSlotPerm(slot, type, operation, 0, PR_FALSE, symKey);
839 }
840
841 /*
842 * Make sure the slot we are in the correct slot for the operation
843 */
844 PK11SymKey *
845 pk11_ForceSlot(PK11SymKey *symKey,CK_MECHANISM_TYPE type,
846 CK_ATTRIBUTE_TYPE operation)
847 {
848 PK11SlotInfo *slot = symKey->slot;
849 PK11SymKey *newKey = NULL;
850
851 if ((slot== NULL) || !PK11_DoesMechanism(slot,type)) {
852 slot = PK11_GetBestSlot(type,symKey->cx);
853 if (slot == NULL) {
854 PORT_SetError( SEC_ERROR_NO_MODULE );
855 return NULL;
856 }
857 newKey = pk11_CopyToSlot(slot, type, operation, symKey);
858 PK11_FreeSlot(slot);
859 }
860 return newKey;
861 }
862
863 PK11SymKey *
864 PK11_MoveSymKey(PK11SlotInfo *slot, CK_ATTRIBUTE_TYPE operation,
865 CK_FLAGS flags, PRBool perm, PK11SymKey *symKey)
866 {
867 if (symKey->slot == slot) {
868 if (perm) {
869 return PK11_ConvertSessionSymKeyToTokenSymKey(symKey,symKey->cx);
870 } else {
871 return PK11_ReferenceSymKey(symKey);
872 }
873 }
874
875 return pk11_CopyToSlotPerm(slot, symKey->type,
876 operation, flags, perm, symKey);
877 }
878
879
880 /*
881 * Use the token to generate a key. keySize must be 'zero' for fixed key
882 * length algorithms. A nonzero keySize causes the CKA_VALUE_LEN attribute
883 * to be added to the template for the key. PKCS #11 modules fail if you
884 * specify the CKA_VALUE_LEN attribute for keys with fixed length.
885 * NOTE: this means to generate a DES2 key from this interface you must
886 * specify CKM_DES2_KEY_GEN as the mechanism directly; specifying
887 * CKM_DES3_CBC as the mechanism and 16 as keySize currently doesn't work.
888 *
889 * CK_FLAGS flags: key operation flags
890 * PK11AttrFlags attrFlags: PK11_ATTR_XXX key attribute flags
891 */
892 PK11SymKey *
893 PK11_TokenKeyGenWithFlags(PK11SlotInfo *slot, CK_MECHANISM_TYPE type,
894 SECItem *param, int keySize, SECItem *keyid, CK_FLAGS opFlags,
895 PK11AttrFlags attrFlags, void *wincx)
896 {
897 PK11SymKey *symKey;
898 CK_ATTRIBUTE genTemplate[MAX_TEMPL_ATTRS];
899 CK_ATTRIBUTE *attrs = genTemplate;
900 int count = sizeof(genTemplate)/sizeof(genTemplate[0]);
901 CK_SESSION_HANDLE session;
902 CK_MECHANISM mechanism;
903 CK_RV crv;
904 CK_BBOOL cktrue = CK_TRUE;
905 CK_BBOOL ckfalse = CK_FALSE;
906 CK_ULONG ck_key_size; /* only used for variable-length keys */
907 PRBool isToken = ((attrFlags & PK11_ATTR_TOKEN) != 0);
908
909 if (pk11_BadAttrFlags(attrFlags)) {
910 PORT_SetError( SEC_ERROR_INVALID_ARGS );
911 return NULL;
912 }
913
914 if (keySize != 0) {
915 ck_key_size = keySize; /* Convert to PK11 type */
916
917 PK11_SETATTRS(attrs, CKA_VALUE_LEN, &ck_key_size, sizeof(ck_key_size));
918 attrs++;
919 }
920
921 /* Include key id value if provided */
922 if (keyid) {
923 PK11_SETATTRS(attrs, CKA_ID, keyid->data, keyid->len); attrs++;
924 }
925
926 attrs += pk11_AttrFlagsToAttributes(attrFlags, attrs, &cktrue, &ckfalse);
927 attrs += pk11_OpFlagsToAttributes(opFlags, attrs, &cktrue);
928
929 count = attrs - genTemplate;
930 PR_ASSERT(count <= sizeof(genTemplate)/sizeof(CK_ATTRIBUTE));
931
932 /* Initialize the Key Gen Mechanism */
933 mechanism.mechanism = PK11_GetKeyGenWithSize(type, keySize);
934 if (mechanism.mechanism == CKM_FAKE_RANDOM) {
935 PORT_SetError( SEC_ERROR_NO_MODULE );
936 return NULL;
937 }
938
939 /* find a slot to generate the key into */
940 /* Only do slot management if this is not a token key */
941 if (!isToken && (slot == NULL || !PK11_DoesMechanism(slot,type))) {
942 PK11SlotInfo *bestSlot;
943
944 bestSlot = PK11_GetBestSlot(type,wincx);
945 if (bestSlot == NULL) {
946 PORT_SetError( SEC_ERROR_NO_MODULE );
947 return NULL;
948 }
949
950 symKey = pk11_CreateSymKey(bestSlot, type, !isToken, PR_TRUE, wincx);
951
952 PK11_FreeSlot(bestSlot);
953 } else {
954 symKey = pk11_CreateSymKey(slot, type, !isToken, PR_TRUE, wincx);
955 }
956 if (symKey == NULL) return NULL;
957
958 symKey->size = keySize;
959 symKey->origin = PK11_OriginGenerated;
960
961 /* Set the parameters for the key gen if provided */
962 mechanism.pParameter = NULL;
963 mechanism.ulParameterLen = 0;
964 if (param) {
965 mechanism.pParameter = param->data;
966 mechanism.ulParameterLen = param->len;
967 }
968
969 /* Get session and perform locking */
970 if (isToken) {
971 PK11_Authenticate(symKey->slot,PR_TRUE,wincx);
972 /* Should always be original slot */
973 session = PK11_GetRWSession(symKey->slot);
974 symKey->owner = PR_FALSE;
975 } else {
976 session = symKey->session;
977 if (session != CK_INVALID_SESSION)
978 pk11_EnterKeyMonitor(symKey);
979 }
980 if (session == CK_INVALID_SESSION) {
981 PK11_FreeSymKey(symKey);
982 PORT_SetError(SEC_ERROR_BAD_DATA);
983 return NULL;
984 }
985
986 crv = PK11_GETTAB(symKey->slot)->C_GenerateKey(session,
987 &mechanism, genTemplate, count, &symKey->objectID);
988
989 /* Release lock and session */
990 if (isToken) {
991 PK11_RestoreROSession(symKey->slot, session);
992 } else {
993 pk11_ExitKeyMonitor(symKey);
994 }
995
996 if (crv != CKR_OK) {
997 PK11_FreeSymKey(symKey);
998 PORT_SetError( PK11_MapError(crv) );
999 return NULL;
1000 }
1001
1002 return symKey;
1003 }
1004
1005 /*
1006 * Use the token to generate a key. keySize must be 'zero' for fixed key
1007 * length algorithms. A nonzero keySize causes the CKA_VALUE_LEN attribute
1008 * to be added to the template for the key. PKCS #11 modules fail if you
1009 * specify the CKA_VALUE_LEN attribute for keys with fixed length.
1010 * NOTE: this means to generate a DES2 key from this interface you must
1011 * specify CKM_DES2_KEY_GEN as the mechanism directly; specifying
1012 * CKM_DES3_CBC as the mechanism and 16 as keySize currently doesn't work.
1013 */
1014 PK11SymKey *
1015 PK11_TokenKeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *param,
1016 int keySize, SECItem *keyid, PRBool isToken, void *wincx)
1017 {
1018 PK11SymKey *symKey;
1019 PRBool weird = PR_FALSE; /* hack for fortezza */
1020 CK_FLAGS opFlags = CKF_SIGN;
1021 PK11AttrFlags attrFlags = 0;
1022
1023 if ((keySize == -1) && (type == CKM_SKIPJACK_CBC64)) {
1024 weird = PR_TRUE;
1025 keySize = 0;
1026 }
1027
1028 opFlags |= weird ? CKF_DECRYPT : CKF_ENCRYPT;
1029
1030 if (isToken) {
1031 attrFlags |= (PK11_ATTR_TOKEN | PK11_ATTR_PRIVATE);
1032 }
1033
1034 symKey = PK11_TokenKeyGenWithFlags(slot, type, param, keySize, keyid,
1035 opFlags, attrFlags, wincx);
1036 if (symKey && weird) {
1037 PK11_SetFortezzaHack(symKey);
1038 }
1039
1040 return symKey;
1041 }
1042
1043 PK11SymKey *
1044 PK11_KeyGen(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, SECItem *param,
1045 int keySize, void *wincx)
1046 {
1047 return PK11_TokenKeyGen(slot, type, param, keySize, 0, PR_FALSE, wincx);
1048 }
1049
1050 /* --- */
1051 PK11SymKey *
1052 PK11_GenDES3TokenKey(PK11SlotInfo *slot, SECItem *keyid, void *cx)
1053 {
1054 return PK11_TokenKeyGen(slot, CKM_DES3_CBC, 0, 0, keyid, PR_TRUE, cx);
1055 }
1056
1057 PK11SymKey*
1058 PK11_ConvertSessionSymKeyToTokenSymKey(PK11SymKey *symk, void *wincx)
1059 {
1060 PK11SlotInfo* slot = symk->slot;
1061 CK_ATTRIBUTE template[1];
1062 CK_ATTRIBUTE *attrs = template;
1063 CK_BBOOL cktrue = CK_TRUE;
1064 CK_RV crv;
1065 CK_OBJECT_HANDLE newKeyID;
1066 CK_SESSION_HANDLE rwsession;
1067
1068 PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(cktrue)); attrs++;
1069
1070 PK11_Authenticate(slot, PR_TRUE, wincx);
1071 rwsession = PK11_GetRWSession(slot);
1072 if (rwsession == CK_INVALID_SESSION) {
1073 PORT_SetError(SEC_ERROR_BAD_DATA);
1074 return NULL;
1075 }
1076 crv = PK11_GETTAB(slot)->C_CopyObject(rwsession, symk->objectID,
1077 template, 1, &newKeyID);
1078 PK11_RestoreROSession(slot, rwsession);
1079
1080 if (crv != CKR_OK) {
1081 PORT_SetError( PK11_MapError(crv) );
1082 return NULL;
1083 }
1084
1085 return PK11_SymKeyFromHandle(slot, NULL /*parent*/, symk->origin,
1086 symk->type, newKeyID, PR_FALSE /*owner*/, NULL /*wincx*/);
1087 }
1088
1089 /*
1090 * This function does a straight public key wrap (which only RSA can do).
1091 * Use PK11_PubGenKey and PK11_WrapSymKey to implement the FORTEZZA and
1092 * Diffie-Hellman Ciphers. */
1093 SECStatus
1094 PK11_PubWrapSymKey(CK_MECHANISM_TYPE type, SECKEYPublicKey *pubKey,
1095 PK11SymKey *symKey, SECItem *wrappedKey)
1096 {
1097 PK11SlotInfo *slot;
1098 CK_ULONG len = wrappedKey->len;
1099 PK11SymKey *newKey = NULL;
1100 CK_OBJECT_HANDLE id;
1101 CK_MECHANISM mechanism;
1102 PRBool owner = PR_TRUE;
1103 CK_SESSION_HANDLE session;
1104 CK_RV crv;
1105
1106 /* if this slot doesn't support the mechanism, go to a slot that does */
1107 newKey = pk11_ForceSlot(symKey,type,CKA_ENCRYPT);
1108 if (newKey != NULL) {
1109 symKey = newKey;
1110 }
1111
1112 if ((symKey == NULL) || (symKey->slot == NULL)) {
1113 PORT_SetError( SEC_ERROR_NO_MODULE );
1114 return SECFailure;
1115 }
1116
1117 slot = symKey->slot;
1118 mechanism.mechanism = pk11_mapWrapKeyType(pubKey->keyType);
1119 mechanism.pParameter = NULL;
1120 mechanism.ulParameterLen = 0;
1121
1122 id = PK11_ImportPublicKey(slot,pubKey,PR_FALSE);
1123 if (id == CK_INVALID_HANDLE) {
1124 if (newKey) {
1125 PK11_FreeSymKey(newKey);
1126 }
1127 return SECFailure; /* Error code has been set. */
1128 }
1129
1130 session = pk11_GetNewSession(slot,&owner);
1131 if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
1132 crv = PK11_GETTAB(slot)->C_WrapKey(session,&mechanism,
1133 id,symKey->objectID,wrappedKey->data,&len);
1134 if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
1135 pk11_CloseSession(slot,session,owner);
1136 if (newKey) {
1137 PK11_FreeSymKey(newKey);
1138 }
1139
1140 if (crv != CKR_OK) {
1141 PORT_SetError( PK11_MapError(crv) );
1142 return SECFailure;
1143 }
1144 wrappedKey->len = len;
1145 return SECSuccess;
1146 }
1147
1148 /*
1149 * this little function uses the Encrypt function to wrap a key, just in
1150 * case we have problems with the wrap implementation for a token.
1151 */
1152 static SECStatus
1153 pk11_HandWrap(PK11SymKey *wrappingKey, SECItem *param, CK_MECHANISM_TYPE type,
1154 SECItem *inKey, SECItem *outKey)
1155 {
1156 PK11SlotInfo *slot;
1157 CK_ULONG len;
1158 SECItem *data;
1159 CK_MECHANISM mech;
1160 PRBool owner = PR_TRUE;
1161 CK_SESSION_HANDLE session;
1162 CK_RV crv;
1163
1164 slot = wrappingKey->slot;
1165 /* use NULL IV's for wrapping */
1166 mech.mechanism = type;
1167 if (param) {
1168 mech.pParameter = param->data;
1169 mech.ulParameterLen = param->len;
1170 } else {
1171 mech.pParameter = NULL;
1172 mech.ulParameterLen = 0;
1173 }
1174 session = pk11_GetNewSession(slot,&owner);
1175 if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
1176 crv = PK11_GETTAB(slot)->C_EncryptInit(session,&mech,
1177 wrappingKey->objectID);
1178 if (crv != CKR_OK) {
1179 if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
1180 pk11_CloseSession(slot,session,owner);
1181 PORT_SetError( PK11_MapError(crv) );
1182 return SECFailure;
1183 }
1184
1185 /* keys are almost always aligned, but if we get this far,
1186 * we've gone above and beyond anyway... */
1187 data = PK11_BlockData(inKey,PK11_GetBlockSize(type,param));
1188 if (data == NULL) {
1189 if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
1190 pk11_CloseSession(slot,session,owner);
1191 PORT_SetError(SEC_ERROR_NO_MEMORY);
1192 return SECFailure;
1193 }
1194 len = outKey->len;
1195 crv = PK11_GETTAB(slot)->C_Encrypt(session,data->data,data->len,
1196 outKey->data, &len);
1197 if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
1198 pk11_CloseSession(slot,session,owner);
1199 SECITEM_FreeItem(data,PR_TRUE);
1200 outKey->len = len;
1201 if (crv != CKR_OK) {
1202 PORT_SetError( PK11_MapError(crv) );
1203 return SECFailure;
1204 }
1205 return SECSuccess;
1206 }
1207
1208 /*
1209 * This function does a symetric based wrap.
1210 */
1211 SECStatus
1212 PK11_WrapSymKey(CK_MECHANISM_TYPE type, SECItem *param,
1213 PK11SymKey *wrappingKey, PK11SymKey *symKey, SECItem *wrappedKey)
1214 {
1215 PK11SlotInfo *slot;
1216 CK_ULONG len = wrappedKey->len;
1217 PK11SymKey *newKey = NULL;
1218 SECItem *param_save = NULL;
1219 CK_MECHANISM mechanism;
1220 PRBool owner = PR_TRUE;
1221 CK_SESSION_HANDLE session;
1222 CK_RV crv;
1223 SECStatus rv;
1224
1225 /* if this slot doesn't support the mechanism, go to a slot that does */
1226 /* Force symKey and wrappingKey into the same slot */
1227 if ((wrappingKey->slot == NULL) || (symKey->slot != wrappingKey->slot)) {
1228 /* first try copying the wrapping Key to the symKey slot */
1229 if (symKey->slot && PK11_DoesMechanism(symKey->slot,type)) {
1230 newKey = pk11_CopyToSlot(symKey->slot,type,CKA_WRAP,wrappingKey);
1231 }
1232 /* Nope, try it the other way */
1233 if (newKey == NULL) {
1234 if (wrappingKey->slot) {
1235 newKey = pk11_CopyToSlot(wrappingKey->slot,
1236 symKey->type, CKA_ENCRYPT, symKey);
1237 }
1238 /* just not playing... one last thing, can we get symKey's data?
1239 * If it's possible, we it should already be in the
1240 * symKey->data.data pointer because pk11_CopyToSlot would have
1241 * tried to put it there. */
1242 if (newKey == NULL) {
1243 /* Can't get symKey's data: Game Over */
1244 if (symKey->data.data == NULL) {
1245 PORT_SetError( SEC_ERROR_NO_MODULE );
1246 return SECFailure;
1247 }
1248 if (param == NULL) {
1249 param_save = param = PK11_ParamFromIV(type,NULL);
1250 }
1251 rv = pk11_HandWrap(wrappingKey, param, type,
1252 &symKey->data,wrappedKey);
1253 if (param_save) SECITEM_FreeItem(param_save,PR_TRUE);
1254 return rv;
1255 }
1256 /* we successfully moved the sym Key */
1257 symKey = newKey;
1258 } else {
1259 /* we successfully moved the wrapping Key */
1260 wrappingKey = newKey;
1261 }
1262 }
1263
1264 /* at this point both keys are in the same token */
1265 slot = wrappingKey->slot;
1266 mechanism.mechanism = type;
1267 /* use NULL IV's for wrapping */
1268 if (param == NULL) {
1269 param_save = param = PK11_ParamFromIV(type,NULL);
1270 }
1271 if (param) {
1272 mechanism.pParameter = param->data;
1273 mechanism.ulParameterLen = param->len;
1274 } else {
1275 mechanism.pParameter = NULL;
1276 mechanism.ulParameterLen = 0;
1277 }
1278
1279 len = wrappedKey->len;
1280
1281 session = pk11_GetNewSession(slot,&owner);
1282 if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
1283 crv = PK11_GETTAB(slot)->C_WrapKey(session, &mechanism,
1284 wrappingKey->objectID, symKey->objectID,
1285 wrappedKey->data, &len);
1286 if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
1287 pk11_CloseSession(slot,session,owner);
1288 rv = SECSuccess;
1289 if (crv != CKR_OK) {
1290 /* can't wrap it? try hand wrapping it... */
1291 do {
1292 if (symKey->data.data == NULL) {
1293 rv = PK11_ExtractKeyValue(symKey);
1294 if (rv != SECSuccess) break;
1295 }
1296 rv = pk11_HandWrap(wrappingKey, param, type, &symKey->data,
1297 wrappedKey);
1298 } while (PR_FALSE);
1299 } else {
1300 wrappedKey->len = len;
1301 }
1302 if (newKey) PK11_FreeSymKey(newKey);
1303 if (param_save) SECITEM_FreeItem(param_save,PR_TRUE);
1304 return rv;
1305 }
1306
1307 /*
1308 * This Generates a new key based on a symetricKey
1309 */
1310 PK11SymKey *
1311 PK11_Derive( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive, SECItem *param,
1312 CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
1313 int keySize)
1314 {
1315 return pk11_DeriveWithTemplate(baseKey, derive, param, target, operation,
1316 keySize, NULL, 0, PR_FALSE);
1317 }
1318
1319
1320 PK11SymKey *
1321 PK11_DeriveWithFlags( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
1322 SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
1323 int keySize, CK_FLAGS flags)
1324 {
1325 CK_BBOOL ckTrue = CK_TRUE;
1326 CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
1327 unsigned int templateCount;
1328
1329 templateCount = pk11_OpFlagsToAttributes(flags, keyTemplate, &ckTrue);
1330 return pk11_DeriveWithTemplate(baseKey, derive, param, target, operation,
1331 keySize, keyTemplate, templateCount, PR_FALSE);
1332 }
1333
1334 PK11SymKey *
1335 PK11_DeriveWithFlagsPerm( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
1336 SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
1337 int keySize, CK_FLAGS flags, PRBool isPerm)
1338 {
1339 CK_BBOOL cktrue = CK_TRUE;
1340 CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
1341 CK_ATTRIBUTE *attrs;
1342 unsigned int templateCount = 0;
1343
1344 attrs = keyTemplate;
1345 if (isPerm) {
1346 PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(CK_BBOOL)); attrs++;
1347 }
1348 templateCount = attrs - keyTemplate;
1349 templateCount += pk11_OpFlagsToAttributes(flags, attrs, &cktrue);
1350 return pk11_DeriveWithTemplate(baseKey, derive, param, target, operation,
1351 keySize, keyTemplate, templateCount, isPerm);
1352 }
1353
1354 static PK11SymKey *
1355 pk11_DeriveWithTemplate( PK11SymKey *baseKey, CK_MECHANISM_TYPE derive,
1356 SECItem *param, CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
1357 int keySize, CK_ATTRIBUTE *userAttr, unsigned int numAttrs,
1358 PRBool isPerm)
1359 {
1360 PK11SlotInfo * slot = baseKey->slot;
1361 PK11SymKey * symKey;
1362 PK11SymKey * newBaseKey = NULL;
1363 CK_BBOOL cktrue = CK_TRUE;
1364 CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
1365 CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
1366 CK_ULONG valueLen = 0;
1367 CK_MECHANISM mechanism;
1368 CK_RV crv;
1369 CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
1370 CK_ATTRIBUTE * attrs = keyTemplate;
1371 CK_SESSION_HANDLE session;
1372 unsigned int templateCount;
1373
1374 if (numAttrs > MAX_TEMPL_ATTRS) {
1375 PORT_SetError(SEC_ERROR_INVALID_ARGS);
1376 return NULL;
1377 }
1378 /* first copy caller attributes in. */
1379 for (templateCount = 0; templateCount < numAttrs; ++templateCount) {
1380 *attrs++ = *userAttr++;
1381 }
1382
1383 /* We only add the following attributes to the template if the caller
1384 ** didn't already supply them.
1385 */
1386 if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_CLASS)) {
1387 PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof keyClass);
1388 attrs++;
1389 }
1390 if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_KEY_TYPE)) {
1391 keyType = PK11_GetKeyType(target, keySize);
1392 PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof keyType );
1393 attrs++;
1394 }
1395 if (keySize > 0 &&
1396 !pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_VALUE_LEN)) {
1397 valueLen = (CK_ULONG)keySize;
1398 PK11_SETATTRS(attrs, CKA_VALUE_LEN, &valueLen, sizeof valueLen);
1399 attrs++;
1400 }
1401 if ((operation != CKA_FLAGS_ONLY) &&
1402 !pk11_FindAttrInTemplate(keyTemplate, numAttrs, operation)) {
1403 PK11_SETATTRS(attrs, operation, &cktrue, sizeof cktrue); attrs++;
1404 }
1405
1406 templateCount = attrs - keyTemplate;
1407 PR_ASSERT(templateCount <= MAX_TEMPL_ATTRS);
1408
1409 /* move the key to a slot that can do the function */
1410 if (!PK11_DoesMechanism(slot,derive)) {
1411 /* get a new base key & slot */
1412 PK11SlotInfo *newSlot = PK11_GetBestSlot(derive, baseKey->cx);
1413
1414 if (newSlot == NULL) return NULL;
1415
1416 newBaseKey = pk11_CopyToSlot (newSlot, derive, CKA_DERIVE,
1417 baseKey);
1418 PK11_FreeSlot(newSlot);
1419 if (newBaseKey == NULL)
1420 return NULL;
1421 baseKey = newBaseKey;
1422 slot = baseKey->slot;
1423 }
1424
1425
1426 /* get our key Structure */
1427 symKey = pk11_CreateSymKey(slot, target, !isPerm, PR_TRUE, baseKey->cx);
1428 if (symKey == NULL) {
1429 return NULL;
1430 }
1431
1432 symKey->size = keySize;
1433
1434 mechanism.mechanism = derive;
1435 if (param) {
1436 mechanism.pParameter = param->data;
1437 mechanism.ulParameterLen = param->len;
1438 } else {
1439 mechanism.pParameter = NULL;
1440 mechanism.ulParameterLen = 0;
1441 }
1442 symKey->origin=PK11_OriginDerive;
1443
1444 if (isPerm) {
1445 session = PK11_GetRWSession(slot);
1446 } else {
1447 pk11_EnterKeyMonitor(symKey);
1448 session = symKey->session;
1449 }
1450 if (session == CK_INVALID_SESSION) {
1451 if (!isPerm)
1452 pk11_ExitKeyMonitor(symKey);
1453 crv = CKR_SESSION_HANDLE_INVALID;
1454 } else {
1455 crv = PK11_GETTAB(slot)->C_DeriveKey(session, &mechanism,
1456 baseKey->objectID, keyTemplate, templateCount, &symKey->objectID);
1457 if (isPerm) {
1458 PK11_RestoreROSession(slot, session);
1459 } else {
1460 pk11_ExitKeyMonitor(symKey);
1461 }
1462 }
1463 if (newBaseKey)
1464 PK11_FreeSymKey(newBaseKey);
1465 if (crv != CKR_OK) {
1466 PK11_FreeSymKey(symKey);
1467 return NULL;
1468 }
1469 return symKey;
1470 }
1471
1472 /*
1473 * This Generates a wrapping key based on a privateKey, publicKey, and two
1474 * random numbers. For Mail usage RandomB should be NULL. In the Sender's
1475 * case RandomA is generate, outherwize it is passed.
1476 */
1477 static unsigned char *rb_email = NULL;
1478
1479 PK11SymKey *
1480 PK11_PubDerive(SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
1481 PRBool isSender, SECItem *randomA, SECItem *randomB,
1482 CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
1483 CK_ATTRIBUTE_TYPE operation, int keySize,void *wincx)
1484 {
1485 PK11SlotInfo *slot = privKey->pkcs11Slot;
1486 CK_MECHANISM mechanism;
1487 PK11SymKey *symKey;
1488 CK_RV crv;
1489
1490
1491 if (rb_email == NULL) {
1492 rb_email = PORT_ZAlloc(128);
1493 if (rb_email == NULL) {
1494 return NULL;
1495 }
1496 rb_email[127] = 1;
1497 }
1498
1499 /* get our key Structure */
1500 symKey = pk11_CreateSymKey(slot, target, PR_TRUE, PR_TRUE, wincx);
1501 if (symKey == NULL) {
1502 return NULL;
1503 }
1504
1505 symKey->origin = PK11_OriginDerive;
1506
1507 switch (privKey->keyType) {
1508 case rsaKey:
1509 case nullKey:
1510 PORT_SetError(SEC_ERROR_BAD_KEY);
1511 break;
1512 case dsaKey:
1513 case keaKey:
1514 case fortezzaKey:
1515 {
1516 CK_KEA_DERIVE_PARAMS param;
1517 param.isSender = (CK_BBOOL) isSender;
1518 param.ulRandomLen = randomA->len;
1519 param.pRandomA = randomA->data;
1520 param.pRandomB = rb_email;
1521 if (randomB)
1522 param.pRandomB = randomB->data;
1523 if (pubKey->keyType == fortezzaKey) {
1524 param.ulPublicDataLen = pubKey->u.fortezza.KEAKey.len;
1525 param.pPublicData = pubKey->u.fortezza.KEAKey.data;
1526 } else {
1527 /* assert type == keaKey */
1528 /* XXX change to match key key types */
1529 param.ulPublicDataLen = pubKey->u.fortezza.KEAKey.len;
1530 param.pPublicData = pubKey->u.fortezza.KEAKey.data;
1531 }
1532
1533 mechanism.mechanism = derive;
1534 mechanism.pParameter = &param;
1535 mechanism.ulParameterLen = sizeof(param);
1536
1537 /* get a new symKey structure */
1538 pk11_EnterKeyMonitor(symKey);
1539 crv=PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
1540 privKey->pkcs11ID, NULL, 0, &symKey->objectID);
1541 pk11_ExitKeyMonitor(symKey);
1542 if (crv == CKR_OK) return symKey;
1543 PORT_SetError( PK11_MapError(crv) );
1544 }
1545 break;
1546 case dhKey:
1547 {
1548 CK_BBOOL cktrue = CK_TRUE;
1549 CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
1550 CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
1551 CK_ULONG key_size = 0;
1552 CK_ATTRIBUTE keyTemplate[4];
1553 int templateCount;
1554 CK_ATTRIBUTE *attrs = keyTemplate;
1555
1556 if (pubKey->keyType != dhKey) {
1557 PORT_SetError(SEC_ERROR_BAD_KEY);
1558 break;
1559 }
1560
1561 PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
1562 attrs++;
1563 PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
1564 attrs++;
1565 PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
1566 PK11_SETATTRS(attrs, CKA_VALUE_LEN, &key_size, sizeof(key_size));
1567 attrs++;
1568 templateCount = attrs - keyTemplate;
1569 PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
1570
1571 keyType = PK11_GetKeyType(target,keySize);
1572 key_size = keySize;
1573 symKey->size = keySize;
1574 if (key_size == 0) templateCount--;
1575
1576 mechanism.mechanism = derive;
1577
1578 /* we can undefine these when we define diffie-helman keys */
1579 mechanism.pParameter = pubKey->u.dh.publicValue.data;
1580 mechanism.ulParameterLen = pubKey->u.dh.publicValue.len;
1581
1582 pk11_EnterKeyMonitor(symKey);
1583 crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
1584 privKey->pkcs11ID, keyTemplate, templateCount, &symKey->objectID);
1585 pk11_ExitKeyMonitor(symKey);
1586 if (crv == CKR_OK) return symKey;
1587 PORT_SetError( PK11_MapError(crv) );
1588 }
1589 break;
1590 case ecKey:
1591 {
1592 CK_BBOOL cktrue = CK_TRUE;
1593 CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
1594 CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
1595 CK_ULONG key_size = 0;
1596 CK_ATTRIBUTE keyTemplate[4];
1597 int templateCount;
1598 CK_ATTRIBUTE *attrs = keyTemplate;
1599 CK_ECDH1_DERIVE_PARAMS *mechParams = NULL;
1600
1601 if (pubKey->keyType != ecKey) {
1602 PORT_SetError(SEC_ERROR_BAD_KEY);
1603 break;
1604 }
1605
1606 PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass));
1607 attrs++;
1608 PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType));
1609 attrs++;
1610 PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
1611 PK11_SETATTRS(attrs, CKA_VALUE_LEN, &key_size, sizeof(key_size));
1612 attrs++;
1613 templateCount = attrs - keyTemplate;
1614 PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
1615
1616 keyType = PK11_GetKeyType(target,keySize);
1617 key_size = keySize;
1618 symKey->size = keySize;
1619 if (key_size == 0) templateCount--;
1620
1621 mechParams = PORT_ZNew(CK_ECDH1_DERIVE_PARAMS);
1622 mechParams->kdf = CKD_SHA1_KDF;
1623 mechParams->ulSharedDataLen = 0;
1624 mechParams->pSharedData = NULL;
1625 mechParams->ulPublicDataLen = pubKey->u.ec.publicValue.len;
1626 mechParams->pPublicData = pubKey->u.ec.publicValue.data;
1627
1628 mechanism.mechanism = derive;
1629 mechanism.pParameter = mechParams;
1630 mechanism.ulParameterLen = sizeof(CK_ECDH1_DERIVE_PARAMS);
1631
1632 pk11_EnterKeyMonitor(symKey);
1633 crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session,
1634 &mechanism, privKey->pkcs11ID, keyTemplate,
1635 templateCount, &symKey->objectID);
1636 pk11_ExitKeyMonitor(symKey);
1637
1638 PORT_ZFree(mechParams, sizeof(CK_ECDH1_DERIVE_PARAMS));
1639
1640 if (crv == CKR_OK) return symKey;
1641 PORT_SetError( PK11_MapError(crv) );
1642 }
1643 }
1644
1645 PK11_FreeSymKey(symKey);
1646 return NULL;
1647 }
1648
1649 static PK11SymKey *
1650 pk11_PubDeriveECKeyWithKDF(
1651 SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
1652 PRBool isSender, SECItem *randomA, SECItem *randomB,
1653 CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
1654 CK_ATTRIBUTE_TYPE operation, int keySize,
1655 CK_ULONG kdf, SECItem *sharedData, void *wincx)
1656 {
1657 PK11SlotInfo *slot = privKey->pkcs11Slot;
1658 PK11SymKey *symKey;
1659 CK_MECHANISM mechanism;
1660 CK_RV crv;
1661 CK_BBOOL cktrue = CK_TRUE;
1662 CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
1663 CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
1664 CK_ULONG key_size = 0;
1665 CK_ATTRIBUTE keyTemplate[4];
1666 int templateCount;
1667 CK_ATTRIBUTE *attrs = keyTemplate;
1668 CK_ECDH1_DERIVE_PARAMS *mechParams = NULL;
1669
1670 if (pubKey->keyType != ecKey) {
1671 PORT_SetError(SEC_ERROR_BAD_KEY);
1672 return NULL;
1673 }
1674 if ((kdf < CKD_NULL) || (kdf > CKD_SHA1_KDF)) {
1675 PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
1676 return NULL;
1677 }
1678
1679 /* get our key Structure */
1680 symKey = pk11_CreateSymKey(slot, target, PR_TRUE, PR_TRUE, wincx);
1681 if (symKey == NULL) {
1682 return NULL;
1683 }
1684
1685 symKey->origin = PK11_OriginDerive;
1686
1687 PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof(keyClass)); attrs++;
1688 PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof(keyType)); attrs++;
1689 PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
1690 PK11_SETATTRS(attrs, CKA_VALUE_LEN, &key_size, sizeof(key_size)); attrs++;
1691 templateCount = attrs - keyTemplate;
1692 PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
1693
1694 keyType = PK11_GetKeyType(target,keySize);
1695 key_size = keySize;
1696 symKey->size = keySize;
1697 if (key_size == 0)
1698 templateCount--;
1699
1700 mechParams = PORT_ZNew(CK_ECDH1_DERIVE_PARAMS);
1701 if (!mechParams) {
1702 PK11_FreeSymKey(symKey);
1703 return NULL;
1704 }
1705 mechParams->kdf = kdf;
1706 if (sharedData == NULL) {
1707 mechParams->ulSharedDataLen = 0;
1708 mechParams->pSharedData = NULL;
1709 } else {
1710 mechParams->ulSharedDataLen = sharedData->len;
1711 mechParams->pSharedData = sharedData->data;
1712 }
1713 mechParams->ulPublicDataLen = pubKey->u.ec.publicValue.len;
1714 mechParams->pPublicData = pubKey->u.ec.publicValue.data;
1715
1716 mechanism.mechanism = derive;
1717 mechanism.pParameter = mechParams;
1718 mechanism.ulParameterLen = sizeof(CK_ECDH1_DERIVE_PARAMS);
1719
1720 pk11_EnterKeyMonitor(symKey);
1721 crv = PK11_GETTAB(slot)->C_DeriveKey(symKey->session, &mechanism,
1722 privKey->pkcs11ID, keyTemplate, templateCount, &symKey->objectID);
1723 pk11_ExitKeyMonitor(symKey);
1724
1725 PORT_ZFree(mechParams, sizeof(CK_ECDH1_DERIVE_PARAMS));
1726
1727 if (crv != CKR_OK) {
1728 PK11_FreeSymKey(symKey);
1729 symKey = NULL;
1730 PORT_SetError( PK11_MapError(crv) );
1731 }
1732 return symKey;
1733 }
1734
1735 PK11SymKey *
1736 PK11_PubDeriveWithKDF(SECKEYPrivateKey *privKey, SECKEYPublicKey *pubKey,
1737 PRBool isSender, SECItem *randomA, SECItem *randomB,
1738 CK_MECHANISM_TYPE derive, CK_MECHANISM_TYPE target,
1739 CK_ATTRIBUTE_TYPE operation, int keySize,
1740 CK_ULONG kdf, SECItem *sharedData, void *wincx)
1741 {
1742
1743 switch (privKey->keyType) {
1744 case rsaKey:
1745 case nullKey:
1746 case dsaKey:
1747 case keaKey:
1748 case fortezzaKey:
1749 case dhKey:
1750 return PK11_PubDerive(privKey, pubKey, isSender, randomA, randomB,
1751 derive, target, operation, keySize, wincx);
1752 case ecKey:
1753 return pk11_PubDeriveECKeyWithKDF( privKey, pubKey, isSender,
1754 randomA, randomB, derive, target, operation, keySize,
1755 kdf, sharedData, wincx);
1756 default: break;
1757 }
1758
1759 return NULL;
1760 }
1761
1762 /*
1763 * this little function uses the Decrypt function to unwrap a key, just in
1764 * case we are having problem with unwrap. NOTE: The key size may
1765 * not be preserved properly for some algorithms!
1766 */
1767 static PK11SymKey *
1768 pk11_HandUnwrap(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
1769 CK_MECHANISM *mech, SECItem *inKey, CK_MECHANISM_TYPE target,
1770 CK_ATTRIBUTE *keyTemplate, unsigned int templateCount,
1771 int key_size, void * wincx, CK_RV *crvp, PRBool isPerm)
1772 {
1773 CK_ULONG len;
1774 SECItem outKey;
1775 PK11SymKey *symKey;
1776 CK_RV crv;
1777 PRBool owner = PR_TRUE;
1778 CK_SESSION_HANDLE session;
1779
1780 /* remove any VALUE_LEN parameters */
1781 if (keyTemplate[templateCount-1].type == CKA_VALUE_LEN) {
1782 templateCount--;
1783 }
1784
1785 /* keys are almost always aligned, but if we get this far,
1786 * we've gone above and beyond anyway... */
1787 outKey.data = (unsigned char*)PORT_Alloc(inKey->len);
1788 if (outKey.data == NULL) {
1789 PORT_SetError( SEC_ERROR_NO_MEMORY );
1790 if (crvp) *crvp = CKR_HOST_MEMORY;
1791 return NULL;
1792 }
1793 len = inKey->len;
1794
1795 /* use NULL IV's for wrapping */
1796 session = pk11_GetNewSession(slot,&owner);
1797 if (!owner || !(slot->isThreadSafe)) PK11_EnterSlotMonitor(slot);
1798 crv = PK11_GETTAB(slot)->C_DecryptInit(session,mech,wrappingKey);
1799 if (crv != CKR_OK) {
1800 if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
1801 pk11_CloseSession(slot,session,owner);
1802 PORT_Free(outKey.data);
1803 PORT_SetError( PK11_MapError(crv) );
1804 if (crvp) *crvp =crv;
1805 return NULL;
1806 }
1807 crv = PK11_GETTAB(slot)->C_Decrypt(session,inKey->data,inKey->len,
1808 outKey.data, &len);
1809 if (!owner || !(slot->isThreadSafe)) PK11_ExitSlotMonitor(slot);
1810 pk11_CloseSession(slot,session,owner);
1811 if (crv != CKR_OK) {
1812 PORT_Free(outKey.data);
1813 PORT_SetError( PK11_MapError(crv) );
1814 if (crvp) *crvp =crv;
1815 return NULL;
1816 }
1817
1818 outKey.len = (key_size == 0) ? len : key_size;
1819 outKey.type = siBuffer;
1820
1821 if (PK11_DoesMechanism(slot,target)) {
1822 symKey = pk11_ImportSymKeyWithTempl(slot, target, PK11_OriginUnwrap,
1823 isPerm, keyTemplate,
1824 templateCount, &outKey, wincx);
1825 } else {
1826 slot = PK11_GetBestSlot(target,wincx);
1827 if (slot == NULL) {
1828 PORT_SetError( SEC_ERROR_NO_MODULE );
1829 PORT_Free(outKey.data);
1830 if (crvp) *crvp = CKR_DEVICE_ERROR;
1831 return NULL;
1832 }
1833 symKey = pk11_ImportSymKeyWithTempl(slot, target, PK11_OriginUnwrap,
1834 isPerm, keyTemplate,
1835 templateCount, &outKey, wincx);
1836 PK11_FreeSlot(slot);
1837 }
1838 PORT_Free(outKey.data);
1839
1840 if (crvp) *crvp = symKey? CKR_OK : CKR_DEVICE_ERROR;
1841 return symKey;
1842 }
1843
1844 /*
1845 * The wrap/unwrap function is pretty much the same for private and
1846 * public keys. It's just getting the Object ID and slot right. This is
1847 * the combined unwrap function.
1848 */
1849 static PK11SymKey *
1850 pk11_AnyUnwrapKey(PK11SlotInfo *slot, CK_OBJECT_HANDLE wrappingKey,
1851 CK_MECHANISM_TYPE wrapType, SECItem *param, SECItem *wrappedKey,
1852 CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize,
1853 void *wincx, CK_ATTRIBUTE *userAttr, unsigned int numAttrs, PRBool isPerm)
1854 {
1855 PK11SymKey * symKey;
1856 SECItem * param_free = NULL;
1857 CK_BBOOL cktrue = CK_TRUE;
1858 CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
1859 CK_KEY_TYPE keyType = CKK_GENERIC_SECRET;
1860 CK_ULONG valueLen = 0;
1861 CK_MECHANISM mechanism;
1862 CK_SESSION_HANDLE rwsession;
1863 CK_RV crv;
1864 CK_MECHANISM_INFO mechanism_info;
1865 CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
1866 CK_ATTRIBUTE * attrs = keyTemplate;
1867 unsigned int templateCount;
1868
1869 if (numAttrs > MAX_TEMPL_ATTRS) {
1870 PORT_SetError(SEC_ERROR_INVALID_ARGS);
1871 return NULL;
1872 }
1873 /* first copy caller attributes in. */
1874 for (templateCount = 0; templateCount < numAttrs; ++templateCount) {
1875 *attrs++ = *userAttr++;
1876 }
1877
1878 /* We only add the following attributes to the template if the caller
1879 ** didn't already supply them.
1880 */
1881 if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_CLASS)) {
1882 PK11_SETATTRS(attrs, CKA_CLASS, &keyClass, sizeof keyClass);
1883 attrs++;
1884 }
1885 if (!pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_KEY_TYPE)) {
1886 keyType = PK11_GetKeyType(target, keySize);
1887 PK11_SETATTRS(attrs, CKA_KEY_TYPE, &keyType, sizeof keyType );
1888 attrs++;
1889 }
1890 if ((operation != CKA_FLAGS_ONLY) &&
1891 !pk11_FindAttrInTemplate(keyTemplate, numAttrs, operation)) {
1892 PK11_SETATTRS(attrs, operation, &cktrue, 1); attrs++;
1893 }
1894
1895 /*
1896 * must be last in case we need to use this template to import the key
1897 */
1898 if (keySize > 0 &&
1899 !pk11_FindAttrInTemplate(keyTemplate, numAttrs, CKA_VALUE_LEN)) {
1900 valueLen = (CK_ULONG)keySize;
1901 PK11_SETATTRS(attrs, CKA_VALUE_LEN, &valueLen, sizeof valueLen);
1902 attrs++;
1903 }
1904
1905 templateCount = attrs - keyTemplate;
1906 PR_ASSERT(templateCount <= sizeof(keyTemplate)/sizeof(CK_ATTRIBUTE));
1907
1908
1909 /* find out if we can do wrap directly. Because the RSA case if *very*
1910 * common, cache the results for it. */
1911 if ((wrapType == CKM_RSA_PKCS) && (slot->hasRSAInfo)) {
1912 mechanism_info.flags = slot->RSAInfoFlags;
1913 } else {
1914 if (!slot->isThreadSafe) PK11_EnterSlotMonitor(slot);
1915 crv = PK11_GETTAB(slot)->C_GetMechanismInfo(slot->slotID,wrapType,
1916 &mechanism_info);
1917 if (!slot->isThreadSafe) PK11_ExitSlotMonitor(slot);
1918 if (crv != CKR_OK) {
1919 mechanism_info.flags = 0;
1920 }
1921 if (wrapType == CKM_RSA_PKCS) {
1922 slot->RSAInfoFlags = mechanism_info.flags;
1923 slot->hasRSAInfo = PR_TRUE;
1924 }
1925 }
1926
1927 /* initialize the mechanism structure */
1928 mechanism.mechanism = wrapType;
1929 /* use NULL IV's for wrapping */
1930 if (param == NULL)
1931 param = param_free = PK11_ParamFromIV(wrapType,NULL);
1932 if (param) {
1933 mechanism.pParameter = param->data;
1934 mechanism.ulParameterLen = param->len;
1935 } else {
1936 mechanism.pParameter = NULL;
1937 mechanism.ulParameterLen = 0;
1938 }
1939
1940 if ((mechanism_info.flags & CKF_DECRYPT)
1941 && !PK11_DoesMechanism(slot,target)) {
1942 symKey = pk11_HandUnwrap(slot, wrappingKey, &mechanism, wrappedKey,
1943 target, keyTemplate, templateCount, keySize,
1944 wincx, &crv, isPerm);
1945 if (symKey) {
1946 if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
1947 return symKey;
1948 }
1949 /*
1950 * if the RSA OP simply failed, don't try to unwrap again
1951 * with this module.
1952 */
1953 if (crv == CKR_DEVICE_ERROR){
1954 if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
1955 return NULL;
1956 }
1957 /* fall through, maybe they incorrectly set CKF_DECRYPT */
1958 }
1959
1960 /* get our key Structure */
1961 symKey = pk11_CreateSymKey(slot, target, !isPerm, PR_TRUE, wincx);
1962 if (symKey == NULL) {
1963 if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
1964 return NULL;
1965 }
1966
1967 symKey->size = keySize;
1968 symKey->origin = PK11_OriginUnwrap;
1969
1970 if (isPerm) {
1971 rwsession = PK11_GetRWSession(slot);
1972 } else {
1973 pk11_EnterKeyMonitor(symKey);
1974 rwsession = symKey->session;
1975 }
1976 PORT_Assert(rwsession != CK_INVALID_SESSION);
1977 if (rwsession == CK_INVALID_SESSION)
1978 crv = CKR_SESSION_HANDLE_INVALID;
1979 else
1980 crv = PK11_GETTAB(slot)->C_UnwrapKey(rwsession,&mechanism,wrappingKey,
1981 wrappedKey->data, wrappedKey->len, keyTemplate, templateCount,
1982 &symKey->objectID);
1983 if (isPerm) {
1984 if (rwsession != CK_INVALID_SESSION)
1985 PK11_RestoreROSession(slot, rwsession);
1986 } else {
1987 pk11_ExitKeyMonitor(symKey);
1988 }
1989 if (param_free) SECITEM_FreeItem(param_free,PR_TRUE);
1990 if (crv != CKR_OK) {
1991 PK11_FreeSymKey(symKey);
1992 symKey = NULL;
1993 if (crv != CKR_DEVICE_ERROR) {
1994 /* try hand Unwrapping */
1995 symKey = pk11_HandUnwrap(slot, wrappingKey, &mechanism, wrappedKey,
1996 target, keyTemplate, templateCount,
1997 keySize, wincx, NULL, isPerm);
1998 }
1999 }
2000
2001 return symKey;
2002 }
2003
2004 /* use a symetric key to unwrap another symetric key */
2005 PK11SymKey *
2006 PK11_UnwrapSymKey( PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
2007 SECItem *param, SECItem *wrappedKey,
2008 CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
2009 int keySize)
2010 {
2011 return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
2012 wrapType, param, wrappedKey, target, operation, keySize,
2013 wrappingKey->cx, NULL, 0, PR_FALSE);
2014 }
2015
2016 /* use a symetric key to unwrap another symetric key */
2017 PK11SymKey *
2018 PK11_UnwrapSymKeyWithFlags(PK11SymKey *wrappingKey, CK_MECHANISM_TYPE wrapType,
2019 SECItem *param, SECItem *wrappedKey,
2020 CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
2021 int keySize, CK_FLAGS flags)
2022 {
2023 CK_BBOOL ckTrue = CK_TRUE;
2024 CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
2025 unsigned int templateCount;
2026
2027 templateCount = pk11_OpFlagsToAttributes(flags, keyTemplate, &ckTrue);
2028 return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
2029 wrapType, param, wrappedKey, target, operation, keySize,
2030 wrappingKey->cx, keyTemplate, templateCount, PR_FALSE);
2031 }
2032
2033 PK11SymKey *
2034 PK11_UnwrapSymKeyWithFlagsPerm(PK11SymKey *wrappingKey,
2035 CK_MECHANISM_TYPE wrapType,
2036 SECItem *param, SECItem *wrappedKey,
2037 CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation,
2038 int keySize, CK_FLAGS flags, PRBool isPerm)
2039 {
2040 CK_BBOOL cktrue = CK_TRUE;
2041 CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
2042 CK_ATTRIBUTE *attrs;
2043 unsigned int templateCount;
2044
2045 attrs = keyTemplate;
2046 if (isPerm) {
2047 PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(CK_BBOOL)); attrs++;
2048 }
2049 templateCount = attrs-keyTemplate;
2050 templateCount += pk11_OpFlagsToAttributes(flags, attrs, &cktrue);
2051
2052 return pk11_AnyUnwrapKey(wrappingKey->slot, wrappingKey->objectID,
2053 wrapType, param, wrappedKey, target, operation, keySize,
2054 wrappingKey->cx, keyTemplate, templateCount, isPerm);
2055 }
2056
2057
2058 /* unwrap a symetric key with a private key. */
2059 PK11SymKey *
2060 PK11_PubUnwrapSymKey(SECKEYPrivateKey *wrappingKey, SECItem *wrappedKey,
2061 CK_MECHANISM_TYPE target, CK_ATTRIBUTE_TYPE operation, int keySize)
2062 {
2063 CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
2064 PK11SlotInfo *slot = wrappingKey->pkcs11Slot;
2065
2066 if (SECKEY_HAS_ATTRIBUTE_SET(wrappingKey,CKA_PRIVATE)) {
2067 PK11_HandlePasswordCheck(slot,wrappingKey->wincx);
2068 }
2069
2070 return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID,
2071 wrapType, NULL, wrappedKey, target, operation, keySize,
2072 wrappingKey->wincx, NULL, 0, PR_FALSE);
2073 }
2074
2075 /* unwrap a symetric key with a private key. */
2076 PK11SymKey *
2077 PK11_PubUnwrapSymKeyWithFlags(SECKEYPrivateKey *wrappingKey,
2078 SECItem *wrappedKey, CK_MECHANISM_TYPE target,
2079 CK_ATTRIBUTE_TYPE operation, int keySize, CK_FLAGS flags)
2080 {
2081 CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
2082 CK_BBOOL ckTrue = CK_TRUE;
2083 CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
2084 unsigned int templateCount;
2085 PK11SlotInfo *slot = wrappingKey->pkcs11Slot;
2086
2087 templateCount = pk11_OpFlagsToAttributes(flags, keyTemplate, &ckTrue);
2088
2089 if (SECKEY_HAS_ATTRIBUTE_SET(wrappingKey,CKA_PRIVATE)) {
2090 PK11_HandlePasswordCheck(slot,wrappingKey->wincx);
2091 }
2092
2093 return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID,
2094 wrapType, NULL, wrappedKey, target, operation, keySize,
2095 wrappingKey->wincx, keyTemplate, templateCount, PR_FALSE);
2096 }
2097
2098 PK11SymKey *
2099 PK11_PubUnwrapSymKeyWithFlagsPerm(SECKEYPrivateKey *wrappingKey,
2100 SECItem *wrappedKey, CK_MECHANISM_TYPE target,
2101 CK_ATTRIBUTE_TYPE operation, int keySize,
2102 CK_FLAGS flags, PRBool isPerm)
2103 {
2104 CK_MECHANISM_TYPE wrapType = pk11_mapWrapKeyType(wrappingKey->keyType);
2105 CK_BBOOL cktrue = CK_TRUE;
2106 CK_ATTRIBUTE keyTemplate[MAX_TEMPL_ATTRS];
2107 CK_ATTRIBUTE *attrs;
2108 unsigned int templateCount;
2109 PK11SlotInfo *slot = wrappingKey->pkcs11Slot;
2110
2111 attrs = keyTemplate;
2112 if (isPerm) {
2113 PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(CK_BBOOL)); attrs++;
2114 }
2115 templateCount = attrs-keyTemplate;
2116
2117 templateCount += pk11_OpFlagsToAttributes(flags, attrs, &cktrue);
2118
2119 if (SECKEY_HAS_ATTRIBUTE_SET(wrappingKey,CKA_PRIVATE)) {
2120 PK11_HandlePasswordCheck(slot,wrappingKey->wincx);
2121 }
2122
2123 return pk11_AnyUnwrapKey(slot, wrappingKey->pkcs11ID,
2124 wrapType, NULL, wrappedKey, target, operation, keySize,
2125 wrappingKey->wincx, keyTemplate, templateCount, isPerm);
2126 }
2127
2128 PK11SymKey*
2129 PK11_CopySymKeyForSigning(PK11SymKey *originalKey, CK_MECHANISM_TYPE mech)
2130 {
2131 CK_RV crv;
2132 CK_ATTRIBUTE setTemplate;
2133 CK_BBOOL ckTrue = CK_TRUE;
2134 PK11SlotInfo *slot = originalKey->slot;
2135
2136 /* first just try to set this key up for signing */
2137 PK11_SETATTRS(&setTemplate, CKA_SIGN, &ckTrue, sizeof(ckTrue));
2138 pk11_EnterKeyMonitor(originalKey);
2139 crv = PK11_GETTAB(slot)-> C_SetAttributeValue(originalKey->session,
2140 originalKey->objectID, &setTemplate, 1);
2141 pk11_ExitKeyMonitor(originalKey);
2142 if (crv == CKR_OK) {
2143 return PK11_ReferenceSymKey(originalKey);
2144 }
2145
2146 /* nope, doesn't like it, use the pk11 copy object command */
2147 return pk11_CopyToSlot(slot, mech, CKA_SIGN, originalKey);
2148 }
2149
2150 void
2151 PK11_SetFortezzaHack(PK11SymKey *symKey) {
2152 symKey->origin = PK11_OriginFortezzaHack;
2153 }
2154
2155 /*
2156 * This is required to allow FORTEZZA_NULL and FORTEZZA_RC4
2157 * working. This function simply gets a valid IV for the keys.
2158 */
2159 SECStatus
2160 PK11_GenerateFortezzaIV(PK11SymKey *symKey,unsigned char *iv,int len)
2161 {
2162 CK_MECHANISM mech_info;
2163 CK_ULONG count = 0;
2164 CK_RV crv;
2165 SECStatus rv = SECFailure;
2166
2167 mech_info.mechanism = CKM_SKIPJACK_CBC64;
2168 mech_info.pParameter = iv;
2169 mech_info.ulParameterLen = len;
2170
2171 /* generate the IV for fortezza */
2172 PK11_EnterSlotMonitor(symKey->slot);
2173 crv=PK11_GETTAB(symKey->slot)->C_EncryptInit(symKey->slot->session,
2174 &mech_info, symKey->objectID);
2175 if (crv == CKR_OK) {
2176 PK11_GETTAB(symKey->slot)->C_EncryptFinal(symKey->slot->session,
2177 NULL, &count);
2178 rv = SECSuccess;
2179 }
2180 PK11_ExitSlotMonitor(symKey->slot);
2181 return rv;
2182 }
Mozilla NSS module