import less(1)
[unleashed/tickless.git] / usr / src / lib / pkcs11 / libpkcs11 / common / pkcs11Crypt.c
blob28b85998d0d2a5ab968a0df558a0c7648af73381
1 /*
2 * CDDL HEADER START
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License, Version 1.0 only
6 * (the "License"). You may not use this file except in compliance
7 * with the License.
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 * or http://www.opensolaris.org/os/licensing.
11 * See the License for the specific language governing permissions
12 * and limitations under the License.
14 * When distributing Covered Code, include this CDDL HEADER in each
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 * If applicable, add the following below this CDDL HEADER, with the
17 * fields enclosed by brackets "[]" replaced with your own identifying
18 * information: Portions Copyright [yyyy] [name of copyright owner]
20 * CDDL HEADER END
23 * Copyright 2003 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
27 #pragma ident "%Z%%M% %I% %E% SMI"
29 #include <security/cryptoki.h>
30 #include "pkcs11Global.h"
31 #include "pkcs11Conf.h"
32 #include "pkcs11Session.h"
33 #include "pkcs11Slot.h"
36 * C_EncryptInit will verify that the session handle is valid within
37 * the framework, that the mechanism is not disabled for the slot
38 * associated with this session, and then redirect to the underlying
39 * provider. Policy is checked for C_EncryptInit, and not C_Encrypt
40 * or C_EncryptUpdate, since C_EncryptInit is required to be called
41 * before C_Encrypt and C_EncryptUpdate.
43 CK_RV
44 C_EncryptInit(CK_SESSION_HANDLE hSession,
45 CK_MECHANISM_PTR pMechanism,
46 CK_OBJECT_HANDLE hKey)
48 CK_RV rv;
49 pkcs11_session_t *sessp;
50 CK_SLOT_ID slotid;
52 /* Check for a fastpath */
53 if (purefastpath || policyfastpath) {
54 if (policyfastpath &&
55 pkcs11_is_dismech(fast_slot, pMechanism->mechanism)) {
56 return (CKR_MECHANISM_INVALID);
58 return (fast_funcs->C_EncryptInit(hSession, pMechanism, hKey));
61 if (!pkcs11_initialized) {
62 return (CKR_CRYPTOKI_NOT_INITIALIZED);
65 /* Obtain the session pointer */
66 HANDLE2SESSION(hSession, sessp, rv);
68 if (rv != CKR_OK) {
69 return (rv);
72 slotid = sessp->se_slotid;
74 /* Make sure this is not a disabled mechanism */
75 if (pkcs11_is_dismech(slotid, pMechanism->mechanism)) {
76 return (CKR_MECHANISM_INVALID);
79 /* Initialize the digest with the underlying provider */
80 rv = FUNCLIST(slotid)->C_EncryptInit(sessp->se_handle,
81 pMechanism, hKey);
83 /* Present consistent interface to the application */
84 if (rv == CKR_FUNCTION_NOT_SUPPORTED) {
85 return (CKR_FUNCTION_FAILED);
88 return (rv);
92 * C_Encrypt is a pure wrapper to the underlying provider.
93 * The only argument checked is whether or not hSession is valid.
95 CK_RV
96 C_Encrypt(CK_SESSION_HANDLE hSession,
97 CK_BYTE_PTR pData,
98 CK_ULONG ulDataLen,
99 CK_BYTE_PTR pEncryptedData,
100 CK_ULONG_PTR pulEncryptedDataLen)
102 CK_RV rv;
103 pkcs11_session_t *sessp;
105 /* Check for a fastpath */
106 if (purefastpath || policyfastpath) {
107 return (fast_funcs->C_Encrypt(hSession, pData, ulDataLen,
108 pEncryptedData, pulEncryptedDataLen));
111 if (!pkcs11_initialized) {
112 return (CKR_CRYPTOKI_NOT_INITIALIZED);
115 /* Obtain the session pointer */
116 HANDLE2SESSION(hSession, sessp, rv);
118 if (rv != CKR_OK) {
119 return (rv);
122 /* Initialize the digest with the underlying provider */
123 rv = FUNCLIST(sessp->se_slotid)->C_Encrypt(sessp->se_handle, pData,
124 ulDataLen, pEncryptedData, pulEncryptedDataLen);
126 /* Present consistent interface to the application */
127 if (rv == CKR_FUNCTION_NOT_SUPPORTED) {
128 return (CKR_FUNCTION_FAILED);
131 return (rv);
135 * C_EncryptUpdate is a pure wrapper to the underlying provider.
136 * The only argument checked is whether or not hSession is valid.
138 CK_RV
139 C_EncryptUpdate(CK_SESSION_HANDLE hSession,
140 CK_BYTE_PTR pPart,
141 CK_ULONG ulPartLen,
142 CK_BYTE_PTR pEncryptedPart,
143 CK_ULONG_PTR pulEncryptedPartLen)
145 CK_RV rv;
146 pkcs11_session_t *sessp;
148 /* Check for a fastpath */
149 if (purefastpath || policyfastpath) {
150 return (fast_funcs->C_EncryptUpdate(hSession, pPart, ulPartLen,
151 pEncryptedPart, pulEncryptedPartLen));
154 if (!pkcs11_initialized) {
155 return (CKR_CRYPTOKI_NOT_INITIALIZED);
158 /* Obtain the session pointer */
159 HANDLE2SESSION(hSession, sessp, rv);
161 if (rv != CKR_OK) {
162 return (rv);
165 /* Initialize the digest with the underlying provider */
166 rv = FUNCLIST(sessp->se_slotid)->C_EncryptUpdate(sessp->se_handle,
167 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
169 /* Present consistent interface to the application */
170 if (rv == CKR_FUNCTION_NOT_SUPPORTED) {
171 return (CKR_FUNCTION_FAILED);
174 return (rv);
178 * C_EncryptFinal is a pure wrapper to the underlying provider.
179 * The only argument checked is whether or not hSession is valid.
181 CK_RV
182 C_EncryptFinal(CK_SESSION_HANDLE hSession,
183 CK_BYTE_PTR pLastEncryptedPart,
184 CK_ULONG_PTR pulLastEncryptedPartLen)
186 CK_RV rv;
187 pkcs11_session_t *sessp;
189 /* Check for a fastpath */
190 if (purefastpath || policyfastpath) {
191 return (fast_funcs->C_EncryptFinal(hSession,
192 pLastEncryptedPart, pulLastEncryptedPartLen));
195 if (!pkcs11_initialized) {
196 return (CKR_CRYPTOKI_NOT_INITIALIZED);
199 /* Obtain the session pointer */
200 HANDLE2SESSION(hSession, sessp, rv);
202 if (rv != CKR_OK) {
203 return (rv);
206 /* Initialize the digest with the underlying provider */
207 rv = FUNCLIST(sessp->se_slotid)->C_EncryptFinal(sessp->se_handle,
208 pLastEncryptedPart, pulLastEncryptedPartLen);
210 /* Present consistent interface to the application */
211 if (rv == CKR_FUNCTION_NOT_SUPPORTED) {
212 return (CKR_FUNCTION_FAILED);
215 return (rv);
219 * C_DecryptInit will verify that the session handle is valid within
220 * the framework, that the mechanism is not disabled for the slot
221 * associated with this session, and then redirect to the underlying
222 * provider. Policy is checked for C_DecryptInit, and not C_Decrypt
223 * or C_DecryptUpdate, since C_DecryptInit is required to be called
224 * before C_Decrypt and C_DecryptUpdate.
226 CK_RV
227 C_DecryptInit(CK_SESSION_HANDLE hSession,
228 CK_MECHANISM_PTR pMechanism,
229 CK_OBJECT_HANDLE hKey)
231 CK_RV rv;
232 pkcs11_session_t *sessp;
233 CK_SLOT_ID slotid;
235 /* Check for a fastpath */
236 if (purefastpath || policyfastpath) {
237 if (policyfastpath &&
238 pkcs11_is_dismech(fast_slot, pMechanism->mechanism)) {
239 return (CKR_MECHANISM_INVALID);
241 return (fast_funcs->C_DecryptInit(hSession, pMechanism, hKey));
244 if (!pkcs11_initialized) {
245 return (CKR_CRYPTOKI_NOT_INITIALIZED);
248 /* Obtain the session pointer */
249 HANDLE2SESSION(hSession, sessp, rv);
251 if (rv != CKR_OK) {
252 return (rv);
255 slotid = sessp->se_slotid;
257 /* Make sure this is not a disabled mechanism */
258 if (pkcs11_is_dismech(slotid, pMechanism->mechanism)) {
259 return (CKR_MECHANISM_INVALID);
262 /* Initialize the digest with the underlying provider */
263 rv = FUNCLIST(slotid)->C_DecryptInit(sessp->se_handle,
264 pMechanism, hKey);
266 /* Present consistent interface to the application */
267 if (rv == CKR_FUNCTION_NOT_SUPPORTED) {
268 return (CKR_FUNCTION_FAILED);
271 return (rv);
275 * C_Decrypt is a pure wrapper to the underlying provider.
276 * The only argument checked is whether or not hSession is valid.
278 CK_RV
279 C_Decrypt(CK_SESSION_HANDLE hSession,
280 CK_BYTE_PTR pEncryptedData,
281 CK_ULONG ulEncryptedDataLen,
282 CK_BYTE_PTR pData,
283 CK_ULONG_PTR pulDataLen)
285 CK_RV rv;
286 pkcs11_session_t *sessp;
288 /* Check for a fastpath */
289 if (purefastpath || policyfastpath) {
290 return (fast_funcs->C_Decrypt(hSession, pEncryptedData,
291 ulEncryptedDataLen, pData, pulDataLen));
294 if (!pkcs11_initialized) {
295 return (CKR_CRYPTOKI_NOT_INITIALIZED);
298 /* Obtain the session pointer */
299 HANDLE2SESSION(hSession, sessp, rv);
301 if (rv != CKR_OK) {
302 return (rv);
305 /* Initialize the digest with the underlying provider */
306 rv = FUNCLIST(sessp->se_slotid)->C_Decrypt(sessp->se_handle,
307 pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
309 /* Present consistent interface to the application */
310 if (rv == CKR_FUNCTION_NOT_SUPPORTED) {
311 return (CKR_FUNCTION_FAILED);
314 return (rv);
318 * C_DecryptUpdate is a pure wrapper to the underlying provider.
319 * The only argument checked is whether or not hSession is valid.
321 CK_RV
322 C_DecryptUpdate(CK_SESSION_HANDLE hSession,
323 CK_BYTE_PTR pEncryptedPart,
324 CK_ULONG ulEncryptedPartLen,
325 CK_BYTE_PTR pPart,
326 CK_ULONG_PTR pulPartLen)
328 CK_RV rv;
329 pkcs11_session_t *sessp;
331 /* Check for a fastpath */
332 if (purefastpath || policyfastpath) {
333 return (fast_funcs->C_DecryptUpdate(hSession, pEncryptedPart,
334 ulEncryptedPartLen, pPart, pulPartLen));
337 if (!pkcs11_initialized) {
338 return (CKR_CRYPTOKI_NOT_INITIALIZED);
341 /* Obtain the session pointer */
342 HANDLE2SESSION(hSession, sessp, rv);
344 if (rv != CKR_OK) {
345 return (rv);
348 /* Initialize the digest with the underlying provider */
349 rv = FUNCLIST(sessp->se_slotid)->C_DecryptUpdate(sessp->se_handle,
350 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
352 /* Present consistent interface to the application */
353 if (rv == CKR_FUNCTION_NOT_SUPPORTED) {
354 return (CKR_FUNCTION_FAILED);
357 return (rv);
361 * C_DecryptFinal is a pure wrapper to the underlying provider.
362 * The only argument checked is whether or not hSession is valid.
364 CK_RV
365 C_DecryptFinal(CK_SESSION_HANDLE hSession,
366 CK_BYTE_PTR pLastPart,
367 CK_ULONG_PTR pulLastPartLen)
369 CK_RV rv;
370 pkcs11_session_t *sessp;
372 /* Check for a fastpath */
373 if (purefastpath || policyfastpath) {
374 return (fast_funcs->C_DecryptFinal(hSession, pLastPart,
375 pulLastPartLen));
378 if (!pkcs11_initialized) {
379 return (CKR_CRYPTOKI_NOT_INITIALIZED);
382 /* Obtain the session pointer */
383 HANDLE2SESSION(hSession, sessp, rv);
385 if (rv != CKR_OK) {
386 return (rv);
389 /* Initialize the digest with the underlying provider */
390 rv = FUNCLIST(sessp->se_slotid)->C_DecryptFinal(sessp->se_handle,
391 pLastPart, pulLastPartLen);
393 /* Present consistent interface to the application */
394 if (rv == CKR_FUNCTION_NOT_SUPPORTED) {
395 return (CKR_FUNCTION_FAILED);
398 return (rv);