/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <pthread.h>
#include <errno.h>
#include <security/cryptoki.h>
#include <sys/crypto/ioctl.h>
#include "kernelGlobal.h"
#include "kernelSession.h"
#include "kernelSlot.h"
#include "kernelEmulate.h"
CK_RV
C_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication,
CK_NOTIFY Notify, CK_SESSION_HANDLE_PTR phSession)
{
CK_RV rv = CKR_OK;
kernel_slot_t *pslot;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
/*
* For legacy reasons, the CKF_SERIAL_SESSION bit must always
* be set.
*/
if (!(flags & CKF_SERIAL_SESSION))
return (CKR_SESSION_PARALLEL_NOT_SUPPORTED);
if (phSession == NULL)
return (CKR_ARGUMENTS_BAD);
if (slotID >= slot_count) {
return (CKR_SLOT_ID_INVALID);
}
/*
* Acquire the slot lock to protect sl_state and sl_sess_list.
* These two fields need to be protected atomically, even though
* "sl_sess_list" is updated in kernel_add_session().
*/
pslot = slot_table[slotID];
(void) pthread_mutex_lock(&pslot->sl_mutex);
/* If SO is logged in the slot, only the RW session is allowed. */
if ((pslot->sl_state == CKU_SO) && !(flags & CKF_RW_SESSION)) {
(void) pthread_mutex_unlock(&pslot->sl_mutex);
return (CKR_SESSION_READ_WRITE_SO_EXISTS);
}
/* Create a new session */
rv = kernel_add_session(slotID, flags, pApplication, Notify,
phSession);
(void) pthread_mutex_unlock(&pslot->sl_mutex);
return (rv);
}
CK_RV
C_CloseSession(CK_SESSION_HANDLE hSession)
{
CK_RV rv;
kernel_session_t *session_p;
boolean_t ses_lock_held = B_FALSE;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
/*
* Obtain the session pointer. Also, increment the session
* reference count.
*/
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
(void) pthread_mutex_lock(&session_p->session_mutex);
ses_lock_held = B_TRUE;
/*
* Set SESSION_IS_CLOSING flag so any access to this
* session will be rejected.
*/
if (session_p->ses_close_sync & SESSION_IS_CLOSING) {
REFRELE(session_p, ses_lock_held);
return (CKR_SESSION_CLOSED);
}
session_p->ses_close_sync |= SESSION_IS_CLOSING;
/*
* Decrement the session reference count.
* We hold the session lock, and REFRELE()
* will release the session lock for us.
*/
REFRELE(session_p, ses_lock_held);
/*
* Delete a session by calling kernel_delete_session() with
* a session pointer and two boolean arguments. The 3rd argument
* boolean value FALSE indicates that the caller does not
* hold the slot lock. The 4th argument boolean value B_FALSE
* indicates that we want to delete all the objects completely.
*
* kernel_delete_session() will reset SESSION_IS_CLOSING
* flag after it is done.
*/
kernel_delete_session(session_p->ses_slotid, session_p, B_FALSE,
B_FALSE);
return (rv);
}
CK_RV
C_CloseAllSessions(CK_SLOT_ID slotID)
{
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
/* Delete all the sessions and release the allocated resources */
kernel_delete_all_sessions(slotID, B_FALSE);
return (CKR_OK);
}
/*
* Utility routine to get CK_STATE value for a session.
* The caller should not be holding the session lock.
*/
static CK_STATE
get_ses_state(kernel_session_t *session_p)
{
CK_STATE state;
kernel_slot_t *pslot;
pslot = slot_table[session_p->ses_slotid];
(void) pthread_mutex_lock(&pslot->sl_mutex);
if (pslot->sl_state == CKU_PUBLIC) {
state = (session_p->ses_RO) ?
CKS_RO_PUBLIC_SESSION : CKS_RW_PUBLIC_SESSION;
} else if (pslot->sl_state == CKU_USER) {
state = (session_p->ses_RO) ?
CKS_RO_USER_FUNCTIONS : CKS_RW_USER_FUNCTIONS;
} else if (pslot->sl_state == CKU_SO) {
state = CKS_RW_SO_FUNCTIONS;
}
(void) pthread_mutex_unlock(&pslot->sl_mutex);
return (state);
}
CK_RV
C_GetSessionInfo(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo)
{
kernel_session_t *session_p;
CK_RV rv;
boolean_t ses_lock_held = B_FALSE;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
if (pInfo == NULL)
return (CKR_ARGUMENTS_BAD);
/*
* Obtain the session pointer. Also, increment the session
* reference count.
*/
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
/* Provide information for the specified session */
pInfo->slotID = session_p->ses_slotid;
pInfo->flags = session_p->flags;
pInfo->ulDeviceError = 0;
pInfo->state = get_ses_state(session_p);
/*
* Decrement the session reference count.
*/
REFRELE(session_p, ses_lock_held);
return (CKR_OK);
}
/*
* Save the state in pOperationState. The data format is:
* 1. Total length (including this field)
* 2. session state
* 3. crypto_active_op_t structure
* 4. digest_buf_t's data buffer contents
*/
static CK_RV
kernel_get_operationstate(kernel_session_t *session_p, CK_STATE ses_state,
CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen)
{
int op_data_len = 0;
CK_BYTE_PTR dst;
digest_buf_t *bufp;
if (!(session_p->digest.flags & CRYPTO_EMULATE)) {
/*
* Return CKR_OPERATION_NOT_INITIALIZED if the slot
* is capable of C_GetOperationState(). Return
* CKR_FUNCTION_NOT_SUPPORTED otherwise.
*
* We return these codes because some clients
* check the return code to determine if C_GetOperationState()
* is supported.
*/
if (slot_table[session_p->ses_slotid]->sl_flags &
CRYPTO_LIMITED_HASH_SUPPORT)
return (CKR_OPERATION_NOT_INITIALIZED);
else
return (CKR_FUNCTION_NOT_SUPPORTED);
}
/*
* XXX Need to support this case in future.
* This is the case where we exceeded SLOT_MAX_INDATA_LEN and
* hence started using libmd. SLOT_MAX_INDATA_LEN is at least
* 64K for current crypto framework providers and web servers
* do not need to clone digests that big for SSL operations.
*/
if (session_p->digest.flags & CRYPTO_EMULATE_USING_SW) {
return (CKR_STATE_UNSAVEABLE);
}
/* Check to see if this is an unsupported operation. */
if (session_p->encrypt.flags & CRYPTO_OPERATION_ACTIVE ||
session_p->decrypt.flags & CRYPTO_OPERATION_ACTIVE ||
session_p->sign.flags & CRYPTO_OPERATION_ACTIVE ||
session_p->verify.flags & CRYPTO_OPERATION_ACTIVE) {
return (CKR_STATE_UNSAVEABLE);
}
/* Check to see if digest operation is active. */
if (!(session_p->digest.flags & CRYPTO_OPERATION_ACTIVE)) {
return (CKR_OPERATION_NOT_INITIALIZED);
}
bufp = session_p->digest.context;
op_data_len = sizeof (int);
op_data_len += sizeof (CK_STATE);
op_data_len += sizeof (crypto_active_op_t);
op_data_len += bufp->indata_len;
if (pOperationState == NULL_PTR) {
*pulOperationStateLen = op_data_len;
return (CKR_OK);
} else {
if (*pulOperationStateLen < op_data_len) {
*pulOperationStateLen = op_data_len;
return (CKR_BUFFER_TOO_SMALL);
}
}
dst = pOperationState;
/* Save total length */
bcopy(&op_data_len, dst, sizeof (int));
dst += sizeof (int);
/* Save session state */
bcopy(&ses_state, dst, sizeof (CK_STATE));
dst += sizeof (CK_STATE);
/* Save crypto_active_op_t */
bcopy(&session_p->digest, dst, sizeof (crypto_active_op_t));
dst += sizeof (crypto_active_op_t);
/* Save the data buffer */
bcopy(bufp->buf, dst, bufp->indata_len);
*pulOperationStateLen = op_data_len;
return (CKR_OK);
}
CK_RV
C_GetOperationState(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState,
CK_ULONG_PTR pulOperationStateLen)
{
CK_RV rv;
CK_STATE ses_state;
kernel_session_t *session_p;
boolean_t ses_lock_held = B_TRUE;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
if (pulOperationStateLen == NULL_PTR)
return (CKR_ARGUMENTS_BAD);
/*
* Obtain the session pointer. Also, increment the session
* reference count.
*/
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
ses_state = get_ses_state(session_p);
(void) pthread_mutex_lock(&session_p->session_mutex);
rv = kernel_get_operationstate(session_p, ses_state,
pOperationState, pulOperationStateLen);
REFRELE(session_p, ses_lock_held);
return (rv);
}
/*
* Restore the state from pOperationState. The data format is:
* 1. Total length (including this field)
* 2. session state
* 3. crypto_active_op_t structure
* 4. digest_buf_t's data buffer contents
*/
static CK_RV
kernel_set_operationstate(kernel_session_t *session_p, CK_STATE ses_state,
CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey)
{
CK_RV rv;
CK_BYTE_PTR src;
CK_STATE src_ses_state;
int expected_len, indata_len;
digest_buf_t *bufp;
crypto_active_op_t tmp_op;
if ((hAuthenticationKey != 0) || (hEncryptionKey != 0))
return (CKR_KEY_NOT_NEEDED);
src = pOperationState;
/* Get total length field */
bcopy(src, &expected_len, sizeof (int));
if (ulOperationStateLen < expected_len)
return (CKR_SAVED_STATE_INVALID);
/* compute the data buffer length */
indata_len = expected_len - sizeof (int) -
sizeof (CK_STATE) - sizeof (crypto_active_op_t);
if (indata_len > SLOT_MAX_INDATA_LEN(session_p))
return (CKR_SAVED_STATE_INVALID);
src += sizeof (int);
/* Get session state */
bcopy(src, &src_ses_state, sizeof (CK_STATE));
if (ses_state != src_ses_state)
return (CKR_SAVED_STATE_INVALID);
src += sizeof (CK_STATE);
/*
* Restore crypto_active_op_t. We need to use a temporary
* buffer to avoid modifying the source session's buffer.
*/
bcopy(src, &tmp_op, sizeof (crypto_active_op_t));
if (tmp_op.flags & CRYPTO_EMULATE_USING_SW)
return (CKR_SAVED_STATE_INVALID);
session_p->digest.mech = tmp_op.mech;
session_p->digest.flags = tmp_op.flags;
src += sizeof (crypto_active_op_t);
/* This routine reuses the session's existing buffer if possible */
rv = emulate_buf_init(session_p, indata_len, OP_DIGEST);
if (rv != CKR_OK)
return (rv);
bufp = session_p->digest.context;
bufp->indata_len = indata_len;
/* Restore the data buffer */
bcopy(src, bufp->buf, bufp->indata_len);
return (CKR_OK);
}
CK_RV
C_SetOperationState(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState,
CK_ULONG ulOperationStateLen, CK_OBJECT_HANDLE hEncryptionKey,
CK_OBJECT_HANDLE hAuthenticationKey)
{
CK_RV rv;
CK_STATE ses_state;
kernel_session_t *session_p;
boolean_t ses_lock_held = B_TRUE;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
if ((pOperationState == NULL_PTR) ||
(ulOperationStateLen == 0))
return (CKR_ARGUMENTS_BAD);
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
ses_state = get_ses_state(session_p);
(void) pthread_mutex_lock(&session_p->session_mutex);
rv = kernel_set_operationstate(session_p, ses_state,
pOperationState, ulOperationStateLen,
hEncryptionKey, hAuthenticationKey);
REFRELE(session_p, ses_lock_held);
return (rv);
}
CK_RV
C_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen)
{
CK_RV rv = CKR_OK;
kernel_session_t *session_p;
kernel_slot_t *pslot;
boolean_t ses_lock_held = B_FALSE;
crypto_login_t c_login;
int r;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
if ((userType != CKU_SO) && (userType != CKU_USER)) {
return (CKR_USER_TYPE_INVALID);
}
/*
* Obtain the session pointer. Also, increment the session
* reference count.
*/
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
/* Acquire the slot lock */
pslot = slot_table[session_p->ses_slotid];
(void) pthread_mutex_lock(&pslot->sl_mutex);
/* Check if the slot is logged in already */
if ((pslot->sl_state == CKU_USER) || (pslot->sl_state == CKU_SO)) {
rv = CKR_USER_ALREADY_LOGGED_IN;
goto clean_exit;
}
/* To login as SO, every session in this slot needs to be R/W */
if (userType == CKU_SO) {
kernel_session_t *sp;
boolean_t found;
found = B_FALSE;
sp = pslot->sl_sess_list;
while (sp) {
/*
* Need not to lock individual sessions before
* accessing their "ses_RO" and "next" fields,
* because they are always accessed under the
* slot's mutex protection.
*/
if (sp->ses_RO) {
found = B_TRUE;
break;
}
sp = sp->next;
}
if (found) {
rv = CKR_SESSION_READ_ONLY_EXISTS;
goto clean_exit;
}
}
/* Now make the ioctl call; no need to acquire the session lock. */
c_login.co_session = session_p->k_session;
c_login.co_user_type = userType;
c_login.co_pin_len = ulPinLen;
c_login.co_pin = (char *)pPin;
while ((r = ioctl(kernel_fd, CRYPTO_LOGIN, &c_login)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(c_login.co_return_value);
}
if (rv == CKR_OK) {
/* Set the slot's session state. */
pslot->sl_state = userType;
}
clean_exit:
REFRELE(session_p, ses_lock_held);
(void) pthread_mutex_unlock(&pslot->sl_mutex);
return (rv);
}
CK_RV
C_Logout(CK_SESSION_HANDLE hSession)
{
CK_RV rv = CKR_OK;
kernel_session_t *session_p;
kernel_slot_t *pslot;
boolean_t ses_lock_held = B_FALSE;
crypto_logout_t c_logout;
int r;
if (!kernel_initialized)
return (CKR_CRYPTOKI_NOT_INITIALIZED);
/*
* Obtain the session pointer. Also, increment the session
* reference count.
*/
rv = handle2session(hSession, &session_p);
if (rv != CKR_OK)
return (rv);
/* Acquire the slot lock. */
pslot = slot_table[session_p->ses_slotid];
(void) pthread_mutex_lock(&pslot->sl_mutex);
/* Check if the user or SO was logged in */
if (pslot->sl_state == CKU_PUBLIC) {
rv = CKR_USER_NOT_LOGGED_IN;
goto clean_exit;
}
/* Now make the ioctl call. No need to acquire the session lock. */
c_logout.cl_session = session_p->k_session;
while ((r = ioctl(kernel_fd, CRYPTO_LOGOUT, &c_logout)) < 0) {
if (errno != EINTR)
break;
}
if (r < 0) {
rv = CKR_FUNCTION_FAILED;
} else {
rv = crypto2pkcs11_error_number(c_logout.cl_return_value);
}
if (rv != CKR_OK) {
goto clean_exit;
}
/*
* If this slot was logged in as USER previously, we need to clean up
* all private object wrappers in library for this slot.
*/
kernel_cleanup_pri_objects_in_slot(pslot, session_p);
if (rv == CKR_OK) {
/* Reset the slot's session state. */
pslot->sl_state = CKU_PUBLIC;
}
clean_exit:
REFRELE(session_p, ses_lock_held);
(void) pthread_mutex_unlock(&pslot->sl_mutex);
return (rv);
}