search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 460926 A11y hierachy is broken on Ubuntu 8.10 (GNOME 2.24), r=Evan.Yan sr=roc
[wine-gecko.git] / security / nss / lib / softoken / fipstokn.c
blobca6aa34f22f7cc378222f1ece661b83d85135e2a
1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is the Netscape security libraries.
15 *
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
20 *
21 * Contributor(s):
22 *
23 * Alternatively, the contents of this file may be used under the terms of
24 * either the GNU General Public License Version 2 or later (the "GPL"), or
25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
26 * in which case the provisions of the GPL or the LGPL are applicable instead
27 * of those above. If you wish to allow use of your version of this file only
28 * under the terms of either the GPL or the LGPL, and not to allow others to
29 * use your version of this file under the terms of the MPL, indicate your
30 * decision by deleting the provisions above and replace them with the notice
31 * and other provisions required by the GPL or the LGPL. If you do not delete
32 * the provisions above, a recipient may use your version of this file under
33 * the terms of any one of the MPL, the GPL or the LGPL.
34 *
35 * ***** END LICENSE BLOCK ***** */
36 /*
37 * This file implements PKCS 11 on top of our existing security modules
38 *
39 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
40 * This implementation has two slots:
41 * slot 1 is our generic crypto support. It does not require login
42 * (unless you've enabled FIPS). It supports Public Key ops, and all they
43 * bulk ciphers and hashes. It can also support Private Key ops for imported
44 * Private keys. It does not have any token storage.
45 * slot 2 is our private key support. It requires a login before use. It
46 * can store Private Keys and Certs as token objects. Currently only private
47 * keys and their associated Certificates are saved on the token.
48 *
49 * In this implementation, session objects are only visible to the session
50 * that created or generated them.
51 */
52 #include "seccomon.h"
53 #include "softoken.h"
54 #include "lowkeyi.h"
55 #include "pkcs11.h"
56 #include "pkcs11i.h"
57 #include "prenv.h"
58 #include "prprf.h"
59
60 #include <ctype.h>
61
62 #ifdef XP_UNIX
63 #define NSS_AUDIT_WITH_SYSLOG 1
64 #include <syslog.h>
65 #include <unistd.h>
66 #endif
67
68 #ifdef SOLARIS
69 #include <bsm/libbsm.h>
70 #define AUE_FIPS_AUDIT 34444
71 #endif
72
73 #ifdef LINUX
74 #include <pthread.h>
75 #include <dlfcn.h>
76 #define LIBAUDIT_NAME "libaudit.so.0"
77 #ifndef AUDIT_USER
78 #define AUDIT_USER 1005 /* message type: message from userspace */
79 #endif
80 static void *libaudit_handle;
81 static int (*audit_open_func)(void);
82 static void (*audit_close_func)(int fd);
83 static int (*audit_log_user_message_func)(int audit_fd, int type,
84 const char *message, const char *hostname, const char *addr,
85 const char *tty, int result);
86 static int (*audit_send_user_message_func)(int fd, int type,
87 const char *message);
88
89 static pthread_once_t libaudit_once_control = PTHREAD_ONCE_INIT;
90
91 static void
92 libaudit_init(void)
93 {
94 libaudit_handle = dlopen(LIBAUDIT_NAME, RTLD_LAZY);
95 if (!libaudit_handle) {
96 return;
97 }
98 audit_open_func = dlsym(libaudit_handle, "audit_open");
99 audit_close_func = dlsym(libaudit_handle, "audit_close");
100 /*
101 * audit_send_user_message is the older function.
102 * audit_log_user_message, if available, is preferred.
103 */
104 audit_log_user_message_func = dlsym(libaudit_handle,
105 "audit_log_user_message");
106 if (!audit_log_user_message_func) {
107 audit_send_user_message_func = dlsym(libaudit_handle,
108 "audit_send_user_message");
109 }
110 if (!audit_open_func || !audit_close_func ||
111 (!audit_log_user_message_func && !audit_send_user_message_func)) {
112 dlclose(libaudit_handle);
113 libaudit_handle = NULL;
114 audit_open_func = NULL;
115 audit_close_func = NULL;
116 audit_log_user_message_func = NULL;
117 audit_send_user_message_func = NULL;
118 }
119 }
120 #endif /* LINUX */
121
122
123 /*
124 * ******************** Password Utilities *******************************
125 */
126 static PRBool isLoggedIn = PR_FALSE;
127 PRBool sftk_fatalError = PR_FALSE;
128
129 /*
130 * This function returns
131 * - CKR_PIN_INVALID if the password/PIN is not a legal UTF8 string
132 * - CKR_PIN_LEN_RANGE if the password/PIN is too short or does not
133 * consist of characters from three or more character classes.
134 * - CKR_OK otherwise
135 *
136 * The minimum password/PIN length is FIPS_MIN_PIN Unicode characters.
137 * We define five character classes: digits (0-9), ASCII lowercase letters,
138 * ASCII uppercase letters, ASCII non-alphanumeric characters (such as
139 * space and punctuation marks), and non-ASCII characters. If an ASCII
140 * uppercase letter is the first character of the password/PIN, the
141 * uppercase letter is not counted toward its character class. Similarly,
142 * if a digit is the last character of the password/PIN, the digit is not
143 * counted toward its character class.
144 *
145 * Although NSC_SetPIN and NSC_InitPIN already do the maximum and minimum
146 * password/PIN length checks, they check the length in bytes as opposed
147 * to characters. To meet the minimum password/PIN guessing probability
148 * requirements in FIPS 140-2, we need to check the length in characters.
149 */
150 static CK_RV sftk_newPinCheck(CK_CHAR_PTR pPin, CK_ULONG ulPinLen) {
151 unsigned int i;
152 int nchar = 0; /* number of characters */
153 int ntrail = 0; /* number of trailing bytes to follow */
154 int ndigit = 0; /* number of decimal digits */
155 int nlower = 0; /* number of ASCII lowercase letters */
156 int nupper = 0; /* number of ASCII uppercase letters */
157 int nnonalnum = 0; /* number of ASCII non-alphanumeric characters */
158 int nnonascii = 0; /* number of non-ASCII characters */
159 int nclass; /* number of character classes */
160
161 for (i = 0; i < ulPinLen; i++) {
162 unsigned int byte = pPin[i];
163
164 if (ntrail) {
165 if ((byte & 0xc0) != 0x80) {
166 /* illegal */
167 nchar = -1;
168 break;
169 }
170 if (--ntrail == 0) {
171 nchar++;
172 nnonascii++;
173 }
174 continue;
175 }
176 if ((byte & 0x80) == 0x00) {
177 /* single-byte (ASCII) character */
178 nchar++;
179 if (isdigit(byte)) {
180 if (i < ulPinLen - 1) {
181 ndigit++;
182 }
183 } else if (islower(byte)) {
184 nlower++;
185 } else if (isupper(byte)) {
186 if (i > 0) {
187 nupper++;
188 }
189 } else {
190 nnonalnum++;
191 }
192 } else if ((byte & 0xe0) == 0xc0) {
193 /* leading byte of two-byte character */
194 ntrail = 1;
195 } else if ((byte & 0xf0) == 0xe0) {
196 /* leading byte of three-byte character */
197 ntrail = 2;
198 } else if ((byte & 0xf8) == 0xf0) {
199 /* leading byte of four-byte character */
200 ntrail = 3;
201 } else {
202 /* illegal */
203 nchar = -1;
204 break;
205 }
206 }
207 if (nchar == -1) {
208 /* illegal UTF8 string */
209 return CKR_PIN_INVALID;
210 }
211 if (nchar < FIPS_MIN_PIN) {
212 return CKR_PIN_LEN_RANGE;
213 }
214 nclass = (ndigit != 0) + (nlower != 0) + (nupper != 0) +
215 (nnonalnum != 0) + (nnonascii != 0);
216 if (nclass < 3) {
217 return CKR_PIN_LEN_RANGE;
218 }
219 return CKR_OK;
220 }
221
222
223 /* FIPS required checks before any useful cryptographic services */
224 static CK_RV sftk_fipsCheck(void) {
225 if (sftk_fatalError)
226 return CKR_DEVICE_ERROR;
227 if (!isLoggedIn)
228 return CKR_USER_NOT_LOGGED_IN;
229 return CKR_OK;
230 }
231
232
233 #define SFTK_FIPSCHECK() \
234 CK_RV rv; \
235 if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
236
237 #define SFTK_FIPSFATALCHECK() \
238 if (sftk_fatalError) return CKR_DEVICE_ERROR;
239
240
241 /* grab an attribute out of a raw template */
242 void *
243 fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate,
244 CK_ULONG ulCount, CK_ATTRIBUTE_TYPE type)
245 {
246 int i;
247
248 for (i=0; i < (int) ulCount; i++) {
249 if (pTemplate[i].type == type) {
250 return pTemplate[i].pValue;
251 }
252 }
253 return NULL;
254 }
255
256
257 #define __PASTE(x,y) x##y
258
259 /* ------------- forward declare all the NSC_ functions ------------- */
260 #undef CK_NEED_ARG_LIST
261 #undef CK_PKCS11_FUNCTION_INFO
262
263 #define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(NS,name)
264 #define CK_NEED_ARG_LIST 1
265
266 #include "pkcs11f.h"
267
268 /* ------------- forward declare all the FIPS functions ------------- */
269 #undef CK_NEED_ARG_LIST
270 #undef CK_PKCS11_FUNCTION_INFO
271
272 #define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F,name)
273 #define CK_NEED_ARG_LIST 1
274
275 #include "pkcs11f.h"
276
277 /* ------------- build the CK_CRYPTO_TABLE ------------------------- */
278 static CK_FUNCTION_LIST sftk_fipsTable = {
279 { 1, 10 },
280
281 #undef CK_NEED_ARG_LIST
282 #undef CK_PKCS11_FUNCTION_INFO
283
284 #define CK_PKCS11_FUNCTION_INFO(name) __PASTE(F,name),
285
286
287 #include "pkcs11f.h"
288
289 };
290
291 #undef CK_NEED_ARG_LIST
292 #undef CK_PKCS11_FUNCTION_INFO
293
294
295 #undef __PASTE
296
297 /* CKO_NOT_A_KEY can be any object class that's not a key object. */
298 #define CKO_NOT_A_KEY CKO_DATA
299
300 #define SFTK_IS_KEY_OBJECT(objClass) \
301 (((objClass) == CKO_PUBLIC_KEY) || \
302 ((objClass) == CKO_PRIVATE_KEY) || \
303 ((objClass) == CKO_SECRET_KEY))
304
305 #define SFTK_IS_NONPUBLIC_KEY_OBJECT(objClass) \
306 (((objClass) == CKO_PRIVATE_KEY) || ((objClass) == CKO_SECRET_KEY))
307
308 static CK_RV
309 sftk_get_object_class_and_fipsCheck(CK_SESSION_HANDLE hSession,
310 CK_OBJECT_HANDLE hObject, CK_OBJECT_CLASS *pObjClass)
311 {
312 CK_RV rv;
313 CK_ATTRIBUTE class;
314 class.type = CKA_CLASS;
315 class.pValue = pObjClass;
316 class.ulValueLen = sizeof(*pObjClass);
317 rv = NSC_GetAttributeValue(hSession, hObject, &class, 1);
318 if ((rv == CKR_OK) && SFTK_IS_NONPUBLIC_KEY_OBJECT(*pObjClass)) {
319 rv = sftk_fipsCheck();
320 }
321 return rv;
322 }
323
324 /**********************************************************************
325 *
326 * FIPS 140 auditable event logging
327 *
328 **********************************************************************/
329
330 PRBool sftk_audit_enabled = PR_FALSE;
331
332 /*
333 * Each audit record must have the following information:
334 * - Date and time of the event
335 * - Type of event
336 * - user (subject) identity
337 * - outcome (success or failure) of the event
338 * - process ID
339 * - name (ID) of the object
340 * - for changes to data (except for authentication data and CSPs), the new
341 * and old values of the data
342 * - for authentication attempts, the origin of the attempt (e.g., terminal
343 * identifier)
344 * - for assuming a role, the type of role, and the location of the request
345 */
346 void
347 sftk_LogAuditMessage(NSSAuditSeverity severity, const char *msg)
348 {
349 #ifdef NSS_AUDIT_WITH_SYSLOG
350 int level;
351
352 switch (severity) {
353 case NSS_AUDIT_ERROR:
354 level = LOG_ERR;
355 break;
356 case NSS_AUDIT_WARNING:
357 level = LOG_WARNING;
358 break;
359 default:
360 level = LOG_INFO;
361 break;
362 }
363 /* timestamp is provided by syslog in the message header */
364 syslog(level | LOG_USER /* facility */,
365 "NSS " SOFTOKEN_LIB_NAME "[pid=%d uid=%d]: %s",
366 (int)getpid(), (int)getuid(), msg);
367 #ifdef LINUX
368 if (pthread_once(&libaudit_once_control, libaudit_init) != 0) {
369 return;
370 }
371 if (libaudit_handle) {
372 int audit_fd;
373 int result = (severity != NSS_AUDIT_ERROR); /* 1=success; 0=failed */
374 char *message = PR_smprintf("NSS " SOFTOKEN_LIB_NAME ": %s", msg);
375 if (!message) {
376 return;
377 }
378 audit_fd = audit_open_func();
379 if (audit_fd < 0) {
380 PR_smprintf_free(message);
381 return;
382 }
383 if (audit_log_user_message_func) {
384 audit_log_user_message_func(audit_fd, AUDIT_USER, message,
385 NULL, NULL, NULL, result);
386 } else {
387 audit_send_user_message_func(audit_fd, AUDIT_USER, message);
388 }
389 audit_close_func(audit_fd);
390 PR_smprintf_free(message);
391 }
392 #endif /* LINUX */
393 #ifdef SOLARIS
394 {
395 int rd;
396 char *message = PR_smprintf("NSS " SOFTOKEN_LIB_NAME ": %s", msg);
397
398 if (!message) {
399 return;
400 }
401
402 /* open the record descriptor */
403 if ((rd = au_open()) == -1) {
404 PR_smprintf_free(message);
405 return;
406 }
407
408 /* write the audit tokens to the audit record */
409 if (au_write(rd, au_to_text(message))) {
410 (void)au_close(rd, AU_TO_NO_WRITE, AUE_FIPS_AUDIT);
411 PR_smprintf_free(message);
412 return;
413 }
414
415 /* close the record and send it to the audit trail */
416 (void)au_close(rd, AU_TO_WRITE, AUE_FIPS_AUDIT);
417
418 PR_smprintf_free(message);
419 }
420 #endif /* SOLARIS */
421 #else
422 /* do nothing */
423 #endif
424 }
425
426
427 /**********************************************************************
428 *
429 * Start of PKCS 11 functions
430 *
431 **********************************************************************/
432 /* return the function list */
433 CK_RV FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList) {
434
435 CHECK_FORK();
436
437 *pFunctionList = &sftk_fipsTable;
438 return CKR_OK;
439 }
440
441 /* sigh global so pkcs11 can read it */
442 PRBool nsf_init = PR_FALSE;
443
444 /* FC_Initialize initializes the PKCS #11 library. */
445 CK_RV FC_Initialize(CK_VOID_PTR pReserved) {
446 const char *envp;
447 CK_RV crv;
448
449 CHECK_FORK();
450
451 if (nsf_init) {
452 return CKR_CRYPTOKI_ALREADY_INITIALIZED;
453 }
454
455 if ((envp = PR_GetEnv("NSS_ENABLE_AUDIT")) != NULL) {
456 sftk_audit_enabled = (atoi(envp) == 1);
457 }
458
459 crv = nsc_CommonInitialize(pReserved, PR_TRUE);
460
461 /* not an 'else' rv can be set by either SFTK_LowInit or SFTK_SlotInit*/
462 if (crv != CKR_OK) {
463 sftk_fatalError = PR_TRUE;
464 return crv;
465 }
466
467 sftk_fatalError = PR_FALSE; /* any error has been reset */
468
469 crv = sftk_fipsPowerUpSelfTest();
470 if (crv != CKR_OK) {
471 nsc_CommonFinalize(NULL, PR_TRUE);
472 sftk_fatalError = PR_TRUE;
473 if (sftk_audit_enabled) {
474 char msg[128];
475 PR_snprintf(msg,sizeof msg,
476 "C_Initialize()=0x%08lX "
477 "power-up self-tests failed",
478 (PRUint32)crv);
479 sftk_LogAuditMessage(NSS_AUDIT_ERROR, msg);
480 }
481 return crv;
482 }
483 nsf_init = PR_TRUE;
484
485 return CKR_OK;
486 }
487
488 /*FC_Finalize indicates that an application is done with the PKCS #11 library.*/
489 CK_RV FC_Finalize (CK_VOID_PTR pReserved) {
490 CK_RV crv;
491
492 CHECK_FORK();
493
494 if (!nsf_init) {
495 return CKR_OK;
496 }
497 crv = nsc_CommonFinalize (pReserved, PR_TRUE);
498 nsf_init = (PRBool) !(crv == CKR_OK);
499 return crv;
500 }
501
502
503 /* FC_GetInfo returns general information about PKCS #11. */
504 CK_RV FC_GetInfo(CK_INFO_PTR pInfo) {
505 CHECK_FORK();
506
507 return NSC_GetInfo(pInfo);
508 }
509
510 /* FC_GetSlotList obtains a list of slots in the system. */
511 CK_RV FC_GetSlotList(CK_BBOOL tokenPresent,
512 CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) {
513 CHECK_FORK();
514
515 return nsc_CommonGetSlotList(tokenPresent,pSlotList,pulCount,
516 NSC_FIPS_MODULE);
517 }
518
519 /* FC_GetSlotInfo obtains information about a particular slot in the system. */
520 CK_RV FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
521 CHECK_FORK();
522
523 return NSC_GetSlotInfo(slotID,pInfo);
524 }
525
526
527 /*FC_GetTokenInfo obtains information about a particular token in the system.*/
528 CK_RV FC_GetTokenInfo(CK_SLOT_ID slotID,CK_TOKEN_INFO_PTR pInfo) {
529 CK_RV crv;
530
531 CHECK_FORK();
532
533 crv = NSC_GetTokenInfo(slotID,pInfo);
534 if (crv == CKR_OK)
535 pInfo->flags |= CKF_LOGIN_REQUIRED;
536 return crv;
537
538 }
539
540
541
542 /*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/
543 CK_RV FC_GetMechanismList(CK_SLOT_ID slotID,
544 CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount) {
545 CHECK_FORK();
546
547 SFTK_FIPSFATALCHECK();
548 if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
549 /* FIPS Slot supports all functions */
550 return NSC_GetMechanismList(slotID,pMechanismList,pusCount);
551 }
552
553
554 /* FC_GetMechanismInfo obtains information about a particular mechanism
555 * possibly supported by a token. */
556 CK_RV FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
557 CK_MECHANISM_INFO_PTR pInfo) {
558 CHECK_FORK();
559
560 SFTK_FIPSFATALCHECK();
561 if (slotID == FIPS_SLOT_ID) slotID = NETSCAPE_SLOT_ID;
562 /* FIPS Slot supports all functions */
563 return NSC_GetMechanismInfo(slotID,type,pInfo);
564 }
565
566
567 /* FC_InitToken initializes a token. */
568 CK_RV FC_InitToken(CK_SLOT_ID slotID,CK_CHAR_PTR pPin,
569 CK_ULONG usPinLen,CK_CHAR_PTR pLabel) {
570 CK_RV crv;
571
572 CHECK_FORK();
573
574 crv = NSC_InitToken(slotID,pPin,usPinLen,pLabel);
575 if (sftk_audit_enabled) {
576 char msg[128];
577 NSSAuditSeverity severity = (crv == CKR_OK) ?
578 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
579 /* pLabel points to a 32-byte label, which is not null-terminated */
580 PR_snprintf(msg,sizeof msg,
581 "C_InitToken(slotID=%lu, pLabel=\"%.32s\")=0x%08lX",
582 (PRUint32)slotID,pLabel,(PRUint32)crv);
583 sftk_LogAuditMessage(severity, msg);
584 }
585 return crv;
586 }
587
588
589 /* FC_InitPIN initializes the normal user's PIN. */
590 CK_RV FC_InitPIN(CK_SESSION_HANDLE hSession,
591 CK_CHAR_PTR pPin, CK_ULONG ulPinLen) {
592 CK_RV rv;
593
594 CHECK_FORK();
595
596 if (sftk_fatalError) return CKR_DEVICE_ERROR;
597 if ((rv = sftk_newPinCheck(pPin,ulPinLen)) == CKR_OK) {
598 rv = NSC_InitPIN(hSession,pPin,ulPinLen);
599 }
600 if (sftk_audit_enabled) {
601 char msg[128];
602 NSSAuditSeverity severity = (rv == CKR_OK) ?
603 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
604 PR_snprintf(msg,sizeof msg,
605 "C_InitPIN(hSession=0x%08lX)=0x%08lX",
606 (PRUint32)hSession,(PRUint32)rv);
607 sftk_LogAuditMessage(severity, msg);
608 }
609 return rv;
610 }
611
612
613 /* FC_SetPIN modifies the PIN of user that is currently logged in. */
614 /* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
615 CK_RV FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
616 CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen) {
617 CK_RV rv;
618
619 CHECK_FORK();
620
621 if ((rv = sftk_fipsCheck()) == CKR_OK &&
622 (rv = sftk_newPinCheck(pNewPin,usNewLen)) == CKR_OK) {
623 rv = NSC_SetPIN(hSession,pOldPin,usOldLen,pNewPin,usNewLen);
624 }
625 if (sftk_audit_enabled) {
626 char msg[128];
627 NSSAuditSeverity severity = (rv == CKR_OK) ?
628 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
629 PR_snprintf(msg,sizeof msg,
630 "C_SetPIN(hSession=0x%08lX)=0x%08lX",
631 (PRUint32)hSession,(PRUint32)rv);
632 sftk_LogAuditMessage(severity, msg);
633 }
634 return rv;
635 }
636
637 /* FC_OpenSession opens a session between an application and a token. */
638 CK_RV FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
639 CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession) {
640 SFTK_FIPSFATALCHECK();
641
642 CHECK_FORK();
643
644 return NSC_OpenSession(slotID,flags,pApplication,Notify,phSession);
645 }
646
647
648 /* FC_CloseSession closes a session between an application and a token. */
649 CK_RV FC_CloseSession(CK_SESSION_HANDLE hSession) {
650 CHECK_FORK();
651
652 return NSC_CloseSession(hSession);
653 }
654
655
656 /* FC_CloseAllSessions closes all sessions with a token. */
657 CK_RV FC_CloseAllSessions (CK_SLOT_ID slotID) {
658
659 CHECK_FORK();
660
661 return NSC_CloseAllSessions (slotID);
662 }
663
664
665 /* FC_GetSessionInfo obtains information about the session. */
666 CK_RV FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
667 CK_SESSION_INFO_PTR pInfo) {
668 CK_RV rv;
669 SFTK_FIPSFATALCHECK();
670
671 CHECK_FORK();
672
673 rv = NSC_GetSessionInfo(hSession,pInfo);
674 if (rv == CKR_OK) {
675 if ((isLoggedIn) && (pInfo->state == CKS_RO_PUBLIC_SESSION)) {
676 pInfo->state = CKS_RO_USER_FUNCTIONS;
677 }
678 if ((isLoggedIn) && (pInfo->state == CKS_RW_PUBLIC_SESSION)) {
679 pInfo->state = CKS_RW_USER_FUNCTIONS;
680 }
681 }
682 return rv;
683 }
684
685 /* FC_Login logs a user into a token. */
686 CK_RV FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
687 CK_CHAR_PTR pPin, CK_ULONG usPinLen) {
688 CK_RV rv;
689 PRBool successful;
690 if (sftk_fatalError) return CKR_DEVICE_ERROR;
691 rv = NSC_Login(hSession,userType,pPin,usPinLen);
692 successful = (rv == CKR_OK) || (rv == CKR_USER_ALREADY_LOGGED_IN);
693 if (successful)
694 isLoggedIn = PR_TRUE;
695 if (sftk_audit_enabled) {
696 char msg[128];
697 NSSAuditSeverity severity;
698 severity = successful ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
699 PR_snprintf(msg,sizeof msg,
700 "C_Login(hSession=0x%08lX, userType=%lu)=0x%08lX",
701 (PRUint32)hSession,(PRUint32)userType,(PRUint32)rv);
702 sftk_LogAuditMessage(severity, msg);
703 }
704 return rv;
705 }
706
707 /* FC_Logout logs a user out from a token. */
708 CK_RV FC_Logout(CK_SESSION_HANDLE hSession) {
709 CK_RV rv;
710
711 CHECK_FORK();
712
713 if ((rv = sftk_fipsCheck()) == CKR_OK) {
714 rv = NSC_Logout(hSession);
715 isLoggedIn = PR_FALSE;
716 }
717 if (sftk_audit_enabled) {
718 char msg[128];
719 NSSAuditSeverity severity = (rv == CKR_OK) ?
720 NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
721 PR_snprintf(msg,sizeof msg,
722 "C_Logout(hSession=0x%08lX)=0x%08lX",
723 (PRUint32)hSession,(PRUint32)rv);
724 sftk_LogAuditMessage(severity, msg);
725 }
726 return rv;
727 }
728
729
730 /* FC_CreateObject creates a new object. */
731 CK_RV FC_CreateObject(CK_SESSION_HANDLE hSession,
732 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
733 CK_OBJECT_HANDLE_PTR phObject) {
734 CK_OBJECT_CLASS * classptr;
735
736 SFTK_FIPSCHECK();
737 CHECK_FORK();
738
739 classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate,ulCount,CKA_CLASS);
740 if (classptr == NULL) return CKR_TEMPLATE_INCOMPLETE;
741
742 /* FIPS can't create keys from raw key material */
743 if (SFTK_IS_NONPUBLIC_KEY_OBJECT(*classptr)) {
744 rv = CKR_ATTRIBUTE_VALUE_INVALID;
745 } else {
746 rv = NSC_CreateObject(hSession,pTemplate,ulCount,phObject);
747 }
748 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(*classptr)) {
749 sftk_AuditCreateObject(hSession,pTemplate,ulCount,phObject,rv);
750 }
751 return rv;
752 }
753
754
755
756
757
758 /* FC_CopyObject copies an object, creating a new object for the copy. */
759 CK_RV FC_CopyObject(CK_SESSION_HANDLE hSession,
760 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
761 CK_OBJECT_HANDLE_PTR phNewObject) {
762 CK_RV rv;
763 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
764
765 CHECK_FORK();
766
767 SFTK_FIPSFATALCHECK();
768 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
769 if (rv == CKR_OK) {
770 rv = NSC_CopyObject(hSession,hObject,pTemplate,ulCount,phNewObject);
771 }
772 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
773 sftk_AuditCopyObject(hSession,
774 hObject,pTemplate,ulCount,phNewObject,rv);
775 }
776 return rv;
777 }
778
779
780 /* FC_DestroyObject destroys an object. */
781 CK_RV FC_DestroyObject(CK_SESSION_HANDLE hSession,
782 CK_OBJECT_HANDLE hObject) {
783 CK_RV rv;
784 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
785
786 CHECK_FORK();
787
788 SFTK_FIPSFATALCHECK();
789 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
790 if (rv == CKR_OK) {
791 rv = NSC_DestroyObject(hSession,hObject);
792 }
793 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
794 sftk_AuditDestroyObject(hSession,hObject,rv);
795 }
796 return rv;
797 }
798
799
800 /* FC_GetObjectSize gets the size of an object in bytes. */
801 CK_RV FC_GetObjectSize(CK_SESSION_HANDLE hSession,
802 CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize) {
803 CK_RV rv;
804 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
805
806 CHECK_FORK();
807
808 SFTK_FIPSFATALCHECK();
809 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
810 if (rv == CKR_OK) {
811 rv = NSC_GetObjectSize(hSession, hObject, pulSize);
812 }
813 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
814 sftk_AuditGetObjectSize(hSession, hObject, pulSize, rv);
815 }
816 return rv;
817 }
818
819
820 /* FC_GetAttributeValue obtains the value of one or more object attributes. */
821 CK_RV FC_GetAttributeValue(CK_SESSION_HANDLE hSession,
822 CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
823 CK_RV rv;
824 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
825
826 CHECK_FORK();
827
828 SFTK_FIPSFATALCHECK();
829 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
830 if (rv == CKR_OK) {
831 rv = NSC_GetAttributeValue(hSession,hObject,pTemplate,ulCount);
832 }
833 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
834 sftk_AuditGetAttributeValue(hSession,hObject,pTemplate,ulCount,rv);
835 }
836 return rv;
837 }
838
839
840 /* FC_SetAttributeValue modifies the value of one or more object attributes */
841 CK_RV FC_SetAttributeValue (CK_SESSION_HANDLE hSession,
842 CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount) {
843 CK_RV rv;
844 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
845
846 CHECK_FORK();
847
848 SFTK_FIPSFATALCHECK();
849 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
850 if (rv == CKR_OK) {
851 rv = NSC_SetAttributeValue(hSession,hObject,pTemplate,ulCount);
852 }
853 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
854 sftk_AuditSetAttributeValue(hSession,hObject,pTemplate,ulCount,rv);
855 }
856 return rv;
857 }
858
859
860
861 /* FC_FindObjectsInit initializes a search for token and session objects
862 * that match a template. */
863 CK_RV FC_FindObjectsInit(CK_SESSION_HANDLE hSession,
864 CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount) {
865 /* let publically readable object be found */
866 unsigned int i;
867 CK_RV rv;
868 PRBool needLogin = PR_FALSE;
869
870
871 CHECK_FORK();
872
873 SFTK_FIPSFATALCHECK();
874
875 for (i=0; i < usCount; i++) {
876 CK_OBJECT_CLASS class;
877 if (pTemplate[i].type != CKA_CLASS) {
878 continue;
879 }
880 if (pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS)) {
881 continue;
882 }
883 if (pTemplate[i].pValue == NULL) {
884 continue;
885 }
886 class = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
887 if ((class == CKO_PRIVATE_KEY) || (class == CKO_SECRET_KEY)) {
888 needLogin = PR_TRUE;
889 break;
890 }
891 }
892 if (needLogin) {
893 if ((rv = sftk_fipsCheck()) != CKR_OK) return rv;
894 }
895 return NSC_FindObjectsInit(hSession,pTemplate,usCount);
896 }
897
898
899 /* FC_FindObjects continues a search for token and session objects
900 * that match a template, obtaining additional object handles. */
901 CK_RV FC_FindObjects(CK_SESSION_HANDLE hSession,
902 CK_OBJECT_HANDLE_PTR phObject,CK_ULONG usMaxObjectCount,
903 CK_ULONG_PTR pusObjectCount) {
904 CHECK_FORK();
905
906 /* let publically readable object be found */
907 SFTK_FIPSFATALCHECK();
908 return NSC_FindObjects(hSession,phObject,usMaxObjectCount,
909 pusObjectCount);
910 }
911
912
913 /*
914 ************** Crypto Functions: Encrypt ************************
915 */
916
917 /* FC_EncryptInit initializes an encryption operation. */
918 CK_RV FC_EncryptInit(CK_SESSION_HANDLE hSession,
919 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
920 SFTK_FIPSCHECK();
921 CHECK_FORK();
922
923 rv = NSC_EncryptInit(hSession,pMechanism,hKey);
924 if (sftk_audit_enabled) {
925 sftk_AuditCryptInit("Encrypt",hSession,pMechanism,hKey,rv);
926 }
927 return rv;
928 }
929
930 /* FC_Encrypt encrypts single-part data. */
931 CK_RV FC_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
932 CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
933 CK_ULONG_PTR pusEncryptedDataLen) {
934 SFTK_FIPSCHECK();
935 CHECK_FORK();
936
937 return NSC_Encrypt(hSession,pData,usDataLen,pEncryptedData,
938 pusEncryptedDataLen);
939 }
940
941
942 /* FC_EncryptUpdate continues a multiple-part encryption operation. */
943 CK_RV FC_EncryptUpdate(CK_SESSION_HANDLE hSession,
944 CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
945 CK_ULONG_PTR pusEncryptedPartLen) {
946 SFTK_FIPSCHECK();
947 CHECK_FORK();
948
949 return NSC_EncryptUpdate(hSession,pPart,usPartLen,pEncryptedPart,
950 pusEncryptedPartLen);
951 }
952
953
954 /* FC_EncryptFinal finishes a multiple-part encryption operation. */
955 CK_RV FC_EncryptFinal(CK_SESSION_HANDLE hSession,
956 CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen) {
957 SFTK_FIPSCHECK();
958 CHECK_FORK();
959
960 return NSC_EncryptFinal(hSession,pLastEncryptedPart,
961 pusLastEncryptedPartLen);
962 }
963
964 /*
965 ************** Crypto Functions: Decrypt ************************
966 */
967
968
969 /* FC_DecryptInit initializes a decryption operation. */
970 CK_RV FC_DecryptInit( CK_SESSION_HANDLE hSession,
971 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
972 SFTK_FIPSCHECK();
973 CHECK_FORK();
974
975 rv = NSC_DecryptInit(hSession,pMechanism,hKey);
976 if (sftk_audit_enabled) {
977 sftk_AuditCryptInit("Decrypt",hSession,pMechanism,hKey,rv);
978 }
979 return rv;
980 }
981
982 /* FC_Decrypt decrypts encrypted data in a single part. */
983 CK_RV FC_Decrypt(CK_SESSION_HANDLE hSession,
984 CK_BYTE_PTR pEncryptedData,CK_ULONG usEncryptedDataLen,CK_BYTE_PTR pData,
985 CK_ULONG_PTR pusDataLen) {
986 SFTK_FIPSCHECK();
987 CHECK_FORK();
988
989 return NSC_Decrypt(hSession,pEncryptedData,usEncryptedDataLen,pData,
990 pusDataLen);
991 }
992
993
994 /* FC_DecryptUpdate continues a multiple-part decryption operation. */
995 CK_RV FC_DecryptUpdate(CK_SESSION_HANDLE hSession,
996 CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen,
997 CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen) {
998 SFTK_FIPSCHECK();
999 CHECK_FORK();
1000
1001 return NSC_DecryptUpdate(hSession,pEncryptedPart,usEncryptedPartLen,
1002 pPart,pusPartLen);
1003 }
1004
1005
1006 /* FC_DecryptFinal finishes a multiple-part decryption operation. */
1007 CK_RV FC_DecryptFinal(CK_SESSION_HANDLE hSession,
1008 CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen) {
1009 SFTK_FIPSCHECK();
1010 CHECK_FORK();
1011
1012 return NSC_DecryptFinal(hSession,pLastPart,pusLastPartLen);
1013 }
1014
1015
1016 /*
1017 ************** Crypto Functions: Digest (HASH) ************************
1018 */
1019
1020 /* FC_DigestInit initializes a message-digesting operation. */
1021 CK_RV FC_DigestInit(CK_SESSION_HANDLE hSession,
1022 CK_MECHANISM_PTR pMechanism) {
1023 SFTK_FIPSFATALCHECK();
1024 CHECK_FORK();
1025
1026 return NSC_DigestInit(hSession, pMechanism);
1027 }
1028
1029
1030 /* FC_Digest digests data in a single part. */
1031 CK_RV FC_Digest(CK_SESSION_HANDLE hSession,
1032 CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
1033 CK_ULONG_PTR pusDigestLen) {
1034 SFTK_FIPSFATALCHECK();
1035 CHECK_FORK();
1036
1037 return NSC_Digest(hSession,pData,usDataLen,pDigest,pusDigestLen);
1038 }
1039
1040
1041 /* FC_DigestUpdate continues a multiple-part message-digesting operation. */
1042 CK_RV FC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
1043 CK_ULONG usPartLen) {
1044 SFTK_FIPSFATALCHECK();
1045 CHECK_FORK();
1046
1047 return NSC_DigestUpdate(hSession,pPart,usPartLen);
1048 }
1049
1050
1051 /* FC_DigestFinal finishes a multiple-part message-digesting operation. */
1052 CK_RV FC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,
1053 CK_ULONG_PTR pusDigestLen) {
1054 SFTK_FIPSFATALCHECK();
1055 CHECK_FORK();
1056
1057 return NSC_DigestFinal(hSession,pDigest,pusDigestLen);
1058 }
1059
1060
1061 /*
1062 ************** Crypto Functions: Sign ************************
1063 */
1064
1065 /* FC_SignInit initializes a signature (private key encryption) operation,
1066 * where the signature is (will be) an appendix to the data,
1067 * and plaintext cannot be recovered from the signature */
1068 CK_RV FC_SignInit(CK_SESSION_HANDLE hSession,
1069 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) {
1070 SFTK_FIPSCHECK();
1071 CHECK_FORK();
1072
1073 rv = NSC_SignInit(hSession,pMechanism,hKey);
1074 if (sftk_audit_enabled) {
1075 sftk_AuditCryptInit("Sign",hSession,pMechanism,hKey,rv);
1076 }
1077 return rv;
1078 }
1079
1080
1081 /* FC_Sign signs (encrypts with private key) data in a single part,
1082 * where the signature is (will be) an appendix to the data,
1083 * and plaintext cannot be recovered from the signature */
1084 CK_RV FC_Sign(CK_SESSION_HANDLE hSession,
1085 CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,
1086 CK_ULONG_PTR pusSignatureLen) {
1087 SFTK_FIPSCHECK();
1088 CHECK_FORK();
1089
1090 return NSC_Sign(hSession,pData,usDataLen,pSignature,pusSignatureLen);
1091 }
1092
1093
1094 /* FC_SignUpdate continues a multiple-part signature operation,
1095 * where the signature is (will be) an appendix to the data,
1096 * and plaintext cannot be recovered from the signature */
1097 CK_RV FC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,
1098 CK_ULONG usPartLen) {
1099 SFTK_FIPSCHECK();
1100 CHECK_FORK();
1101
1102 return NSC_SignUpdate(hSession,pPart,usPartLen);
1103 }
1104
1105
1106 /* FC_SignFinal finishes a multiple-part signature operation,
1107 * returning the signature. */
1108 CK_RV FC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,
1109 CK_ULONG_PTR pusSignatureLen) {
1110 SFTK_FIPSCHECK();
1111 CHECK_FORK();
1112
1113 return NSC_SignFinal(hSession,pSignature,pusSignatureLen);
1114 }
1115
1116 /*
1117 ************** Crypto Functions: Sign Recover ************************
1118 */
1119 /* FC_SignRecoverInit initializes a signature operation,
1120 * where the (digest) data can be recovered from the signature.
1121 * E.g. encryption with the user's private key */
1122 CK_RV FC_SignRecoverInit(CK_SESSION_HANDLE hSession,
1123 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
1124 SFTK_FIPSCHECK();
1125 CHECK_FORK();
1126
1127 rv = NSC_SignRecoverInit(hSession,pMechanism,hKey);
1128 if (sftk_audit_enabled) {
1129 sftk_AuditCryptInit("SignRecover",hSession,pMechanism,hKey,rv);
1130 }
1131 return rv;
1132 }
1133
1134
1135 /* FC_SignRecover signs data in a single operation
1136 * where the (digest) data can be recovered from the signature.
1137 * E.g. encryption with the user's private key */
1138 CK_RV FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
1139 CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen) {
1140 SFTK_FIPSCHECK();
1141 CHECK_FORK();
1142
1143 return NSC_SignRecover(hSession,pData,usDataLen,pSignature,pusSignatureLen);
1144 }
1145
1146 /*
1147 ************** Crypto Functions: verify ************************
1148 */
1149
1150 /* FC_VerifyInit initializes a verification operation,
1151 * where the signature is an appendix to the data,
1152 * and plaintext cannot be recovered from the signature (e.g. DSA) */
1153 CK_RV FC_VerifyInit(CK_SESSION_HANDLE hSession,
1154 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
1155 SFTK_FIPSCHECK();
1156 CHECK_FORK();
1157
1158 rv = NSC_VerifyInit(hSession,pMechanism,hKey);
1159 if (sftk_audit_enabled) {
1160 sftk_AuditCryptInit("Verify",hSession,pMechanism,hKey,rv);
1161 }
1162 return rv;
1163 }
1164
1165
1166 /* FC_Verify verifies a signature in a single-part operation,
1167 * where the signature is an appendix to the data,
1168 * and plaintext cannot be recovered from the signature */
1169 CK_RV FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
1170 CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen) {
1171 /* make sure we're legal */
1172 SFTK_FIPSCHECK();
1173 CHECK_FORK();
1174
1175 return NSC_Verify(hSession,pData,usDataLen,pSignature,usSignatureLen);
1176 }
1177
1178
1179 /* FC_VerifyUpdate continues a multiple-part verification operation,
1180 * where the signature is an appendix to the data,
1181 * and plaintext cannot be recovered from the signature */
1182 CK_RV FC_VerifyUpdate( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1183 CK_ULONG usPartLen) {
1184 SFTK_FIPSCHECK();
1185 CHECK_FORK();
1186
1187 return NSC_VerifyUpdate(hSession,pPart,usPartLen);
1188 }
1189
1190
1191 /* FC_VerifyFinal finishes a multiple-part verification operation,
1192 * checking the signature. */
1193 CK_RV FC_VerifyFinal(CK_SESSION_HANDLE hSession,
1194 CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen) {
1195 SFTK_FIPSCHECK();
1196 CHECK_FORK();
1197
1198 return NSC_VerifyFinal(hSession,pSignature,usSignatureLen);
1199 }
1200
1201 /*
1202 ************** Crypto Functions: Verify Recover ************************
1203 */
1204
1205 /* FC_VerifyRecoverInit initializes a signature verification operation,
1206 * where the data is recovered from the signature.
1207 * E.g. Decryption with the user's public key */
1208 CK_RV FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
1209 CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey) {
1210 SFTK_FIPSCHECK();
1211 CHECK_FORK();
1212
1213 rv = NSC_VerifyRecoverInit(hSession,pMechanism,hKey);
1214 if (sftk_audit_enabled) {
1215 sftk_AuditCryptInit("VerifyRecover",hSession,pMechanism,hKey,rv);
1216 }
1217 return rv;
1218 }
1219
1220
1221 /* FC_VerifyRecover verifies a signature in a single-part operation,
1222 * where the data is recovered from the signature.
1223 * E.g. Decryption with the user's public key */
1224 CK_RV FC_VerifyRecover(CK_SESSION_HANDLE hSession,
1225 CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen,
1226 CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen) {
1227 SFTK_FIPSCHECK();
1228 CHECK_FORK();
1229
1230 return NSC_VerifyRecover(hSession,pSignature,usSignatureLen,pData,
1231 pusDataLen);
1232 }
1233
1234 /*
1235 **************************** Key Functions: ************************
1236 */
1237
1238 /* FC_GenerateKey generates a secret key, creating a new key object. */
1239 CK_RV FC_GenerateKey(CK_SESSION_HANDLE hSession,
1240 CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,
1241 CK_OBJECT_HANDLE_PTR phKey) {
1242 CK_BBOOL *boolptr;
1243
1244 SFTK_FIPSCHECK();
1245 CHECK_FORK();
1246
1247 /* all secret keys must be sensitive, if the upper level code tries to say
1248 * otherwise, reject it. */
1249 boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate, ulCount, CKA_SENSITIVE);
1250 if (boolptr != NULL) {
1251 if (!(*boolptr)) {
1252 return CKR_ATTRIBUTE_VALUE_INVALID;
1253 }
1254 }
1255
1256 rv = NSC_GenerateKey(hSession,pMechanism,pTemplate,ulCount,phKey);
1257 if (sftk_audit_enabled) {
1258 sftk_AuditGenerateKey(hSession,pMechanism,pTemplate,ulCount,phKey,rv);
1259 }
1260 return rv;
1261 }
1262
1263
1264 /* FC_GenerateKeyPair generates a public-key/private-key pair,
1265 * creating new key objects. */
1266 CK_RV FC_GenerateKeyPair (CK_SESSION_HANDLE hSession,
1267 CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1268 CK_ULONG usPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
1269 CK_ULONG usPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
1270 CK_OBJECT_HANDLE_PTR phPrivateKey) {
1271 CK_BBOOL *boolptr;
1272 CK_RV crv;
1273
1274 SFTK_FIPSCHECK();
1275 CHECK_FORK();
1276
1277
1278 /* all private keys must be sensitive, if the upper level code tries to say
1279 * otherwise, reject it. */
1280 boolptr = (CK_BBOOL *) fc_getAttribute(pPrivateKeyTemplate,
1281 usPrivateKeyAttributeCount, CKA_SENSITIVE);
1282 if (boolptr != NULL) {
1283 if (!(*boolptr)) {
1284 return CKR_ATTRIBUTE_VALUE_INVALID;
1285 }
1286 }
1287 crv = NSC_GenerateKeyPair (hSession,pMechanism,pPublicKeyTemplate,
1288 usPublicKeyAttributeCount,pPrivateKeyTemplate,
1289 usPrivateKeyAttributeCount,phPublicKey,phPrivateKey);
1290 if (crv == CKR_GENERAL_ERROR) {
1291 /* pairwise consistency check failed. */
1292 sftk_fatalError = PR_TRUE;
1293 }
1294 if (sftk_audit_enabled) {
1295 sftk_AuditGenerateKeyPair(hSession,pMechanism,pPublicKeyTemplate,
1296 usPublicKeyAttributeCount,pPrivateKeyTemplate,
1297 usPrivateKeyAttributeCount,phPublicKey,phPrivateKey,crv);
1298 }
1299 return crv;
1300 }
1301
1302
1303 /* FC_WrapKey wraps (i.e., encrypts) a key. */
1304 CK_RV FC_WrapKey(CK_SESSION_HANDLE hSession,
1305 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
1306 CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
1307 CK_ULONG_PTR pulWrappedKeyLen) {
1308 SFTK_FIPSCHECK();
1309 CHECK_FORK();
1310
1311 rv = NSC_WrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
1312 pulWrappedKeyLen);
1313 if (sftk_audit_enabled) {
1314 sftk_AuditWrapKey(hSession,pMechanism,hWrappingKey,hKey,pWrappedKey,
1315 pulWrappedKeyLen,rv);
1316 }
1317 return rv;
1318 }
1319
1320
1321 /* FC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
1322 CK_RV FC_UnwrapKey(CK_SESSION_HANDLE hSession,
1323 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
1324 CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
1325 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
1326 CK_OBJECT_HANDLE_PTR phKey) {
1327 CK_BBOOL *boolptr;
1328
1329 SFTK_FIPSCHECK();
1330 CHECK_FORK();
1331
1332 /* all secret keys must be sensitive, if the upper level code tries to say
1333 * otherwise, reject it. */
1334 boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate,
1335 ulAttributeCount, CKA_SENSITIVE);
1336 if (boolptr != NULL) {
1337 if (!(*boolptr)) {
1338 return CKR_ATTRIBUTE_VALUE_INVALID;
1339 }
1340 }
1341 rv = NSC_UnwrapKey(hSession,pMechanism,hUnwrappingKey,pWrappedKey,
1342 ulWrappedKeyLen,pTemplate,ulAttributeCount,phKey);
1343 if (sftk_audit_enabled) {
1344 sftk_AuditUnwrapKey(hSession,pMechanism,hUnwrappingKey,pWrappedKey,
1345 ulWrappedKeyLen,pTemplate,ulAttributeCount,phKey,rv);
1346 }
1347 return rv;
1348 }
1349
1350
1351 /* FC_DeriveKey derives a key from a base key, creating a new key object. */
1352 CK_RV FC_DeriveKey( CK_SESSION_HANDLE hSession,
1353 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
1354 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
1355 CK_OBJECT_HANDLE_PTR phKey) {
1356 CK_BBOOL *boolptr;
1357
1358 SFTK_FIPSCHECK();
1359 CHECK_FORK();
1360
1361 /* all secret keys must be sensitive, if the upper level code tries to say
1362 * otherwise, reject it. */
1363 boolptr = (CK_BBOOL *) fc_getAttribute(pTemplate,
1364 ulAttributeCount, CKA_SENSITIVE);
1365 if (boolptr != NULL) {
1366 if (!(*boolptr)) {
1367 return CKR_ATTRIBUTE_VALUE_INVALID;
1368 }
1369 }
1370 rv = NSC_DeriveKey(hSession,pMechanism,hBaseKey,pTemplate,
1371 ulAttributeCount, phKey);
1372 if (sftk_audit_enabled) {
1373 sftk_AuditDeriveKey(hSession,pMechanism,hBaseKey,pTemplate,
1374 ulAttributeCount,phKey,rv);
1375 }
1376 return rv;
1377 }
1378
1379 /*
1380 **************************** Radom Functions: ************************
1381 */
1382
1383 /* FC_SeedRandom mixes additional seed material into the token's random number
1384 * generator. */
1385 CK_RV FC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
1386 CK_ULONG usSeedLen) {
1387 CK_RV crv;
1388
1389 SFTK_FIPSFATALCHECK();
1390 CHECK_FORK();
1391
1392 crv = NSC_SeedRandom(hSession,pSeed,usSeedLen);
1393 if (crv != CKR_OK) {
1394 sftk_fatalError = PR_TRUE;
1395 }
1396 return crv;
1397 }
1398
1399
1400 /* FC_GenerateRandom generates random data. */
1401 CK_RV FC_GenerateRandom(CK_SESSION_HANDLE hSession,
1402 CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen) {
1403 CK_RV crv;
1404
1405 CHECK_FORK();
1406
1407 SFTK_FIPSFATALCHECK();
1408 crv = NSC_GenerateRandom(hSession,pRandomData,ulRandomLen);
1409 if (crv != CKR_OK) {
1410 sftk_fatalError = PR_TRUE;
1411 if (sftk_audit_enabled) {
1412 char msg[128];
1413 PR_snprintf(msg,sizeof msg,
1414 "C_GenerateRandom(hSession=0x%08lX, pRandomData=%p, "
1415 "ulRandomLen=%lu)=0x%08lX "
1416 "self-test: continuous RNG test failed",
1417 (PRUint32)hSession,pRandomData,
1418 (PRUint32)ulRandomLen,(PRUint32)crv);
1419 sftk_LogAuditMessage(NSS_AUDIT_ERROR, msg);
1420 }
1421 }
1422 return crv;
1423 }
1424
1425
1426 /* FC_GetFunctionStatus obtains an updated status of a function running
1427 * in parallel with an application. */
1428 CK_RV FC_GetFunctionStatus(CK_SESSION_HANDLE hSession) {
1429 SFTK_FIPSCHECK();
1430 CHECK_FORK();
1431
1432 return NSC_GetFunctionStatus(hSession);
1433 }
1434
1435
1436 /* FC_CancelFunction cancels a function running in parallel */
1437 CK_RV FC_CancelFunction(CK_SESSION_HANDLE hSession) {
1438 SFTK_FIPSCHECK();
1439 CHECK_FORK();
1440
1441 return NSC_CancelFunction(hSession);
1442 }
1443
1444 /*
1445 **************************** Version 1.1 Functions: ************************
1446 */
1447
1448 /* FC_GetOperationState saves the state of the cryptographic
1449 *operation in a session. */
1450 CK_RV FC_GetOperationState(CK_SESSION_HANDLE hSession,
1451 CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen) {
1452 SFTK_FIPSFATALCHECK();
1453 CHECK_FORK();
1454
1455 return NSC_GetOperationState(hSession,pOperationState,pulOperationStateLen);
1456 }
1457
1458
1459 /* FC_SetOperationState restores the state of the cryptographic operation
1460 * in a session. */
1461 CK_RV FC_SetOperationState(CK_SESSION_HANDLE hSession,
1462 CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
1463 CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) {
1464 SFTK_FIPSFATALCHECK();
1465 CHECK_FORK();
1466
1467 return NSC_SetOperationState(hSession,pOperationState,ulOperationStateLen,
1468 hEncryptionKey,hAuthenticationKey);
1469 }
1470
1471 /* FC_FindObjectsFinal finishes a search for token and session objects. */
1472 CK_RV FC_FindObjectsFinal(CK_SESSION_HANDLE hSession) {
1473 /* let publically readable object be found */
1474 SFTK_FIPSFATALCHECK();
1475 CHECK_FORK();
1476
1477 return NSC_FindObjectsFinal(hSession);
1478 }
1479
1480
1481 /* Dual-function cryptographic operations */
1482
1483 /* FC_DigestEncryptUpdate continues a multiple-part digesting and encryption
1484 * operation. */
1485 CK_RV FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1486 CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1487 CK_ULONG_PTR pulEncryptedPartLen) {
1488 SFTK_FIPSCHECK();
1489 CHECK_FORK();
1490
1491 return NSC_DigestEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
1492 pulEncryptedPartLen);
1493 }
1494
1495
1496 /* FC_DecryptDigestUpdate continues a multiple-part decryption and digesting
1497 * operation. */
1498 CK_RV FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
1499 CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
1500 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) {
1501 SFTK_FIPSCHECK();
1502 CHECK_FORK();
1503
1504 return NSC_DecryptDigestUpdate(hSession, pEncryptedPart,ulEncryptedPartLen,
1505 pPart,pulPartLen);
1506 }
1507
1508 /* FC_SignEncryptUpdate continues a multiple-part signing and encryption
1509 * operation. */
1510 CK_RV FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1511 CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1512 CK_ULONG_PTR pulEncryptedPartLen) {
1513 SFTK_FIPSCHECK();
1514 CHECK_FORK();
1515
1516 return NSC_SignEncryptUpdate(hSession,pPart,ulPartLen,pEncryptedPart,
1517 pulEncryptedPartLen);
1518 }
1519
1520 /* FC_DecryptVerifyUpdate continues a multiple-part decryption and verify
1521 * operation. */
1522 CK_RV FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
1523 CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
1524 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) {
1525 SFTK_FIPSCHECK();
1526 CHECK_FORK();
1527
1528 return NSC_DecryptVerifyUpdate(hSession,pEncryptedData,ulEncryptedDataLen,
1529 pData,pulDataLen);
1530 }
1531
1532
1533 /* FC_DigestKey continues a multi-part message-digesting operation,
1534 * by digesting the value of a secret key as part of the data already digested.
1535 */
1536 CK_RV FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) {
1537 SFTK_FIPSCHECK();
1538 CHECK_FORK();
1539
1540 rv = NSC_DigestKey(hSession,hKey);
1541 if (sftk_audit_enabled) {
1542 sftk_AuditDigestKey(hSession,hKey,rv);
1543 }
1544 return rv;
1545 }
1546
1547
1548 CK_RV FC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
1549 CK_VOID_PTR pReserved)
1550 {
1551 CHECK_FORK();
1552
1553 return NSC_WaitForSlotEvent(flags, pSlot, pReserved);
1554 }
Wine Gecko package