1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 /*
27 * Functions for Verifying Signatures and MACS
28 * (as defined in PKCS#11 spec section 11.13)
29 */
30
31 #include "metaGlobal.h"
32
33
34 /*
35 * meta_VerifyInit
36 *
37 */
38 CK_RV
meta_VerifyInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)39 meta_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
40 CK_OBJECT_HANDLE hKey)
41 {
42 CK_RV rv;
43 meta_session_t *session;
44 meta_object_t *key;
45
46 if (pMechanism == NULL)
47 return (CKR_ARGUMENTS_BAD);
48
49 rv = meta_handle2session(hSession, &session);
50 if (rv != CKR_OK)
51 return (rv);
52
53 rv = meta_handle2object(hKey, &key);
54 if (rv != CKR_OK) {
55 REFRELEASE(session);
56 return (rv);
57 }
58
59 rv = meta_operation_init(CKF_VERIFY, session, pMechanism, key);
60
61 OBJRELEASE(key);
62 REFRELEASE(session);
63
64 return (rv);
65 }
66
67
68 /*
69 * meta_Verify
70 *
71 */
72 CK_RV
meta_Verify(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pData,CK_ULONG ulDataLen,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)73 meta_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
74 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
75 {
76 CK_RV rv;
77 meta_session_t *session;
78
79 rv = meta_handle2session(hSession, &session);
80 if (rv != CKR_OK)
81 return (rv);
82
83 /* Note: unlike other ops, both buffers are inputs, and required. */
84 if (pData == NULL || pSignature == NULL) {
85 meta_operation_cleanup(session, CKF_VERIFY, FALSE);
86 REFRELEASE(session);
87 return (CKR_ARGUMENTS_BAD);
88 }
89
90 rv = meta_do_operation(CKF_VERIFY, MODE_SINGLE, session, NULL,
91 pData, ulDataLen, pSignature, &ulSignatureLen);
92
93 REFRELEASE(session);
94
95 return (rv);
96 }
97
98
99 /*
100 * meta_VerifyUpdate
101 *
102 */
103 CK_RV
meta_VerifyUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,CK_ULONG ulPartLen)104 meta_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
105 CK_ULONG ulPartLen)
106 {
107 CK_RV rv;
108 meta_session_t *session;
109
110 rv = meta_handle2session(hSession, &session);
111 if (rv != CKR_OK)
112 return (rv);
113
114 if (pPart == NULL) {
115 meta_operation_cleanup(session, CKF_VERIFY, FALSE);
116 REFRELEASE(session);
117 return (CKR_ARGUMENTS_BAD);
118 }
119
120 rv = meta_do_operation(CKF_VERIFY, MODE_UPDATE, session, NULL,
121 pPart, ulPartLen, NULL, NULL);
122
123 REFRELEASE(session);
124
125 return (rv);
126 }
127
128
129 /*
130 * meta_VerifyFinal
131 *
132 */
133 CK_RV
meta_VerifyFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)134 meta_VerifyFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
135 CK_ULONG ulSignatureLen)
136 {
137 CK_RV rv;
138 meta_session_t *session;
139
140 rv = meta_handle2session(hSession, &session);
141 if (rv != CKR_OK)
142 return (rv);
143
144 /*
145 * Unlike other ops the buffer is an input. Allow NULL if there's
146 * no more input.
147 */
148 if (pSignature == NULL && ulSignatureLen != 0) {
149 meta_operation_cleanup(session, CKF_VERIFY, FALSE);
150 REFRELEASE(session);
151 return (CKR_ARGUMENTS_BAD);
152 }
153
154 rv = meta_do_operation(CKF_VERIFY, MODE_FINAL, session, NULL,
155 pSignature, ulSignatureLen, NULL, NULL);
156
157 REFRELEASE(session);
158
159 return (rv);
160 }
161
162
163 /*
164 * meta_VerifyRecoverInit
165 *
166 */
167 CK_RV
meta_VerifyRecoverInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)168 meta_VerifyRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
169 CK_OBJECT_HANDLE hKey)
170 {
171 CK_RV rv;
172 meta_session_t *session;
173 meta_object_t *key;
174
175 if (pMechanism == NULL)
176 return (CKR_ARGUMENTS_BAD);
177
178 rv = meta_handle2session(hSession, &session);
179 if (rv != CKR_OK)
180 return (rv);
181
182 rv = meta_handle2object(hKey, &key);
183 if (rv != CKR_OK) {
184 REFRELEASE(session);
185 return (rv);
186 }
187
188 rv = meta_operation_init(CKF_VERIFY_RECOVER, session, pMechanism, key);
189
190 OBJRELEASE(key);
191 REFRELEASE(session);
192
193 return (rv);
194 }
195
196
197 /*
198 * meta_VerifyRecover
199 *
200 */
201 CK_RV
meta_VerifyRecover(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen,CK_BYTE_PTR pData,CK_ULONG_PTR pulDataLen)202 meta_VerifyRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
203 CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
204 {
205 CK_RV rv;
206 meta_session_t *session;
207
208 rv = meta_handle2session(hSession, &session);
209 if (rv != CKR_OK)
210 return (rv);
211
212 if (pSignature == NULL || pulDataLen == NULL) {
213 meta_operation_cleanup(session, CKF_VERIFY_RECOVER, FALSE);
214 REFRELEASE(session);
215 return (CKR_ARGUMENTS_BAD);
216 }
217
218 rv = meta_do_operation(CKF_VERIFY_RECOVER, MODE_SINGLE, session, NULL,
219 pSignature, ulSignatureLen, pData, pulDataLen);
220
221 REFRELEASE(session);
222
223 return (rv);
224 }
225