1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #pragma ident "%Z%%M% %I% %E% SMI"
27
28 /*
29 * Functions for Verifying Signatures and MACS
30 * (as defined in PKCS#11 spec section 11.13)
31 */
32
33 #include "metaGlobal.h"
34
35
36 /*
37 * meta_VerifyInit
38 *
39 */
40 CK_RV
meta_VerifyInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)41 meta_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
42 CK_OBJECT_HANDLE hKey)
43 {
44 CK_RV rv;
45 meta_session_t *session;
46 meta_object_t *key;
47
48 if (pMechanism == NULL)
49 return (CKR_ARGUMENTS_BAD);
50
51 rv = meta_handle2session(hSession, &session);
52 if (rv != CKR_OK)
53 return (rv);
54
55 rv = meta_handle2object(hKey, &key);
56 if (rv != CKR_OK) {
57 REFRELEASE(session);
58 return (rv);
59 }
60
61 rv = meta_operation_init(CKF_VERIFY, session, pMechanism, key);
62
63 OBJRELEASE(key);
64 REFRELEASE(session);
65
66 return (rv);
67 }
68
69
70 /*
71 * meta_Verify
72 *
73 */
74 CK_RV
meta_Verify(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pData,CK_ULONG ulDataLen,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)75 meta_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
76 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
77 {
78 CK_RV rv;
79 meta_session_t *session;
80
81 rv = meta_handle2session(hSession, &session);
82 if (rv != CKR_OK)
83 return (rv);
84
85 /* Note: unlike other ops, both buffers are inputs, and required. */
86 if (pData == NULL || pSignature == NULL) {
87 meta_operation_cleanup(session, CKF_VERIFY, FALSE);
88 REFRELEASE(session);
89 return (CKR_ARGUMENTS_BAD);
90 }
91
92 rv = meta_do_operation(CKF_VERIFY, MODE_SINGLE, session, NULL,
93 pData, ulDataLen, pSignature, &ulSignatureLen);
94
95 REFRELEASE(session);
96
97 return (rv);
98 }
99
100
101 /*
102 * meta_VerifyUpdate
103 *
104 */
105 CK_RV
meta_VerifyUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,CK_ULONG ulPartLen)106 meta_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
107 CK_ULONG ulPartLen)
108 {
109 CK_RV rv;
110 meta_session_t *session;
111
112 rv = meta_handle2session(hSession, &session);
113 if (rv != CKR_OK)
114 return (rv);
115
116 if (pPart == NULL) {
117 meta_operation_cleanup(session, CKF_VERIFY, FALSE);
118 REFRELEASE(session);
119 return (CKR_ARGUMENTS_BAD);
120 }
121
122 rv = meta_do_operation(CKF_VERIFY, MODE_UPDATE, session, NULL,
123 pPart, ulPartLen, NULL, NULL);
124
125 REFRELEASE(session);
126
127 return (rv);
128 }
129
130
131 /*
132 * meta_VerifyFinal
133 *
134 */
135 CK_RV
meta_VerifyFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)136 meta_VerifyFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
137 CK_ULONG ulSignatureLen)
138 {
139 CK_RV rv;
140 meta_session_t *session;
141
142 rv = meta_handle2session(hSession, &session);
143 if (rv != CKR_OK)
144 return (rv);
145
146 /*
147 * Unlike other ops the buffer is an input. Allow NULL if there's
148 * no more input.
149 */
150 if (pSignature == NULL && ulSignatureLen != 0) {
151 meta_operation_cleanup(session, CKF_VERIFY, FALSE);
152 REFRELEASE(session);
153 return (CKR_ARGUMENTS_BAD);
154 }
155
156 rv = meta_do_operation(CKF_VERIFY, MODE_FINAL, session, NULL,
157 pSignature, ulSignatureLen, NULL, NULL);
158
159 REFRELEASE(session);
160
161 return (rv);
162 }
163
164
165 /*
166 * meta_VerifyRecoverInit
167 *
168 */
169 CK_RV
meta_VerifyRecoverInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)170 meta_VerifyRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
171 CK_OBJECT_HANDLE hKey)
172 {
173 CK_RV rv;
174 meta_session_t *session;
175 meta_object_t *key;
176
177 if (pMechanism == NULL)
178 return (CKR_ARGUMENTS_BAD);
179
180 rv = meta_handle2session(hSession, &session);
181 if (rv != CKR_OK)
182 return (rv);
183
184 rv = meta_handle2object(hKey, &key);
185 if (rv != CKR_OK) {
186 REFRELEASE(session);
187 return (rv);
188 }
189
190 rv = meta_operation_init(CKF_VERIFY_RECOVER, session, pMechanism, key);
191
192 OBJRELEASE(key);
193 REFRELEASE(session);
194
195 return (rv);
196 }
197
198
199 /*
200 * meta_VerifyRecover
201 *
202 */
203 CK_RV
meta_VerifyRecover(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen,CK_BYTE_PTR pData,CK_ULONG_PTR pulDataLen)204 meta_VerifyRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
205 CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
206 {
207 CK_RV rv;
208 meta_session_t *session;
209
210 rv = meta_handle2session(hSession, &session);
211 if (rv != CKR_OK)
212 return (rv);
213
214 if (pSignature == NULL || pulDataLen == NULL) {
215 meta_operation_cleanup(session, CKF_VERIFY_RECOVER, FALSE);
216 REFRELEASE(session);
217 return (CKR_ARGUMENTS_BAD);
218 }
219
220 rv = meta_do_operation(CKF_VERIFY_RECOVER, MODE_SINGLE, session, NULL,
221 pSignature, ulSignatureLen, pData, pulDataLen);
222
223 REFRELEASE(session);
224
225 return (rv);
226 }
227