xref: /illumos-gate/usr/src/lib/pkcs11/libpkcs11/common/metaKeys.c (revision e5803b76927480e8f9b67b22201c484ccf4c2bcf)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 /*
27  * Key Management Functions
28  * (as defined in PKCS#11 spec section 11.14)
29  */
30 
31 #include "metaGlobal.h"
32 
33 
34 /*
35  * meta_GenerateKey
36  *
37  */
38 CK_RV
39 meta_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
40     CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey)
41 {
42 	CK_RV rv;
43 	meta_session_t *session;
44 	meta_object_t *key = NULL;
45 
46 	if (pMechanism == NULL || phKey == NULL)
47 		return (CKR_ARGUMENTS_BAD);
48 
49 	rv = meta_handle2session(hSession, &session);
50 	if (rv != CKR_OK)
51 		return (rv);
52 
53 
54 	rv = meta_object_alloc(session, &key);
55 	if (rv != CKR_OK)
56 		goto finish;
57 
58 	rv = meta_generate_keys(session, pMechanism, pTemplate, ulCount, key,
59 	    NULL, 0, NULL);
60 	if (rv != CKR_OK)
61 		goto finish;
62 
63 	meta_object_activate(key);
64 
65 	*phKey = (CK_OBJECT_HANDLE) key;
66 
67 finish:
68 	if (rv != CKR_OK) {
69 		if (key)
70 			(void) meta_object_dealloc(session, key, B_TRUE);
71 	}
72 
73 	REFRELEASE(session);
74 
75 	return (rv);
76 }
77 
78 
79 /*
80  * meta_GenerateKeyPair
81  *
82  */
83 CK_RV
84 meta_GenerateKeyPair(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
85     CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount,
86     CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount,
87     CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey)
88 {
89 	CK_RV rv;
90 	meta_session_t *session;
91 	meta_object_t *key1 = NULL, *key2 = NULL;
92 
93 	if (pMechanism == NULL || phPublicKey == NULL || phPrivateKey == NULL)
94 		return (CKR_ARGUMENTS_BAD);
95 
96 	rv = meta_handle2session(hSession, &session);
97 	if (rv != CKR_OK)
98 		return (rv);
99 
100 
101 	rv = meta_object_alloc(session, &key1);
102 	if (rv != CKR_OK)
103 		goto finish;
104 
105 	rv = meta_object_alloc(session, &key2);
106 	if (rv != CKR_OK)
107 		goto finish;
108 
109 	rv = meta_generate_keys(session, pMechanism,
110 	    pPublicKeyTemplate, ulPublicKeyAttributeCount, key1,
111 	    pPrivateKeyTemplate, ulPrivateKeyAttributeCount, key2);
112 	if (rv != CKR_OK)
113 		goto finish;
114 
115 	meta_object_activate(key1);
116 	meta_object_activate(key2);
117 
118 	*phPublicKey = (CK_OBJECT_HANDLE) key1;
119 	*phPrivateKey = (CK_OBJECT_HANDLE) key2;
120 
121 finish:
122 	if (rv != CKR_OK) {
123 		if (key1)
124 			(void) meta_object_dealloc(session, key1, B_TRUE);
125 		if (key2)
126 			(void) meta_object_dealloc(session, key2, B_TRUE);
127 	}
128 
129 	REFRELEASE(session);
130 
131 	return (rv);
132 }
133 
134 
135 /*
136  * meta_WrapKey
137  *
138  */
139 CK_RV
140 meta_WrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
141     CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
142     CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen)
143 {
144 	CK_RV rv;
145 	meta_session_t *session;
146 	meta_object_t *wrappingKey, *inputKey;
147 
148 	if (pMechanism == NULL || pulWrappedKeyLen == NULL)
149 		return (CKR_ARGUMENTS_BAD);
150 
151 	rv = meta_handle2session(hSession, &session);
152 	if (rv != CKR_OK)
153 		return (rv);
154 
155 	rv = meta_handle2object(hKey, &inputKey);
156 	if (rv != CKR_OK) {
157 		REFRELEASE(session);
158 		return (rv);
159 	}
160 
161 	rv = meta_handle2object(hWrappingKey, &wrappingKey);
162 	if (rv != CKR_OK) {
163 		OBJRELEASE(inputKey);
164 		REFRELEASE(session);
165 		return (rv);
166 	}
167 
168 	rv = meta_wrap_key(session, pMechanism, wrappingKey,
169 	    inputKey, pWrappedKey, pulWrappedKeyLen);
170 
171 finish:
172 	OBJRELEASE(inputKey);
173 	OBJRELEASE(wrappingKey);
174 	REFRELEASE(session);
175 
176 	return (rv);
177 }
178 
179 
180 /*
181  * meta_UnwrapKey
182  *
183  */
184 CK_RV
185 meta_UnwrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
186     CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey,
187     CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate,
188     CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey)
189 {
190 	CK_RV rv;
191 	meta_session_t *session;
192 	meta_object_t *unwrappingKey, *outputKey = NULL;
193 
194 	if (pMechanism == NULL || pWrappedKey == NULL || phKey == NULL)
195 		return (CKR_ARGUMENTS_BAD);
196 
197 	rv = meta_handle2session(hSession, &session);
198 	if (rv != CKR_OK)
199 		return (rv);
200 
201 	rv = meta_handle2object(hUnwrappingKey, &unwrappingKey);
202 	if (rv != CKR_OK) {
203 		REFRELEASE(session);
204 		return (rv);
205 	}
206 
207 	rv = meta_object_alloc(session, &outputKey);
208 	if (rv != CKR_OK)
209 		goto finish;
210 
211 	(void) get_template_boolean(CKA_TOKEN, pTemplate, ulAttributeCount,
212 	    &(outputKey->isToken));
213 
214 	rv = meta_unwrap_key(session, pMechanism, unwrappingKey,
215 	    pWrappedKey, ulWrappedKeyLen,
216 	    pTemplate, ulAttributeCount, outputKey);
217 	if (rv != CKR_OK)
218 		goto finish;
219 
220 	meta_object_activate(outputKey);
221 
222 	*phKey = (CK_OBJECT_HANDLE) outputKey;
223 
224 finish:
225 	if (rv != CKR_OK) {
226 		if (outputKey)
227 			(void) meta_object_dealloc(session, outputKey, B_TRUE);
228 	}
229 
230 	OBJRELEASE(unwrappingKey);
231 	REFRELEASE(session);
232 
233 	return (rv);
234 }
235 
236 
237 /*
238  * meta_DeriveKey
239  *
240  * This function is a bit gross because of PKCS#11 kludges that pass extra
241  * object handles in some mechanism parameters. It probably needs to be
242  * broken up into more managable pieces.
243  */
244 CK_RV
245 meta_DeriveKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
246     CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate,
247     CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey)
248 {
249 	CK_RV rv;
250 	CK_MECHANISM *pMech = pMechanism;
251 	meta_session_t *session;
252 	meta_object_t *basekey1 = NULL, *basekey2 = NULL;
253 	meta_object_t *newKey1 = NULL, *newKey2 = NULL, *newKey3 = NULL,
254 	    *newKey4 = NULL;
255 	boolean_t ssl_keys = B_FALSE;
256 	boolean_t tlsprf = B_FALSE;
257 
258 	CK_MECHANISM metaMech;
259 	CK_OBJECT_HANDLE *phBaseKey2 = NULL;
260 	CK_X9_42_DH2_DERIVE_PARAMS x942_params, *x9_tmpptr;
261 	CK_ECDH2_DERIVE_PARAMS ecdh_params, *ec_tmpptr;
262 	CK_SSL3_KEY_MAT_OUT *ssl_key_mat;
263 	CK_SSL3_KEY_MAT_PARAMS *keyparams;
264 
265 	if (pMech == NULL) {
266 		return (CKR_ARGUMENTS_BAD);
267 	}
268 
269 	/*
270 	 * Special case: Normally, the caller must always provide storage
271 	 * for the derived key handle at phKey. Two (related) mechanisms
272 	 * are special, in that multiple keys are instead returned via
273 	 * pMech->pParameter. In these cases the spec says (see 12.38.4
274 	 * and 12.39.4) that phKey should be a NULL pointer, as it is not used.
275 	 */
276 	switch (pMech->mechanism) {
277 	case CKM_SSL3_KEY_AND_MAC_DERIVE:
278 	case CKM_TLS_KEY_AND_MAC_DERIVE:
279 		keyparams = (CK_SSL3_KEY_MAT_PARAMS*)pMech->pParameter;
280 
281 		if ((keyparams == NULL) || (pMech->ulParameterLen
282 		    != sizeof (CK_SSL3_KEY_MAT_PARAMS)))
283 			return (CKR_ARGUMENTS_BAD);
284 
285 		ssl_key_mat = keyparams->pReturnedKeyMaterial;
286 		if (ssl_key_mat == NULL)
287 			return (CKR_ARGUMENTS_BAD);
288 
289 		ssl_keys = B_TRUE;
290 		break;
291 
292 	case CKM_TLS_PRF:
293 		tlsprf = B_TRUE;
294 		break;
295 
296 	default:
297 		if (phKey == NULL)
298 			return (CKR_ARGUMENTS_BAD);
299 	};
300 
301 	rv = meta_handle2session(hSession, &session);
302 	if (rv != CKR_OK)
303 		return (rv);
304 
305 	rv = meta_handle2object(hBaseKey, &basekey1);
306 	if (rv != CKR_OK)
307 		goto finish;
308 
309 
310 	/*
311 	 * A few oddball mechanisms pass a 2nd object handle in the parameters.
312 	 * Here we validate that handle, and create a duplicate copy of the
313 	 * mechanism and parameters. This is done because the application
314 	 * does not expect these values to be changing, and could be using the
315 	 * same data in multiple threads (eg concurrent calls to C_DeriveKey).
316 	 * We copy the data to make sure there are no MT-Safe problems.
317 	 */
318 	switch (pMech->mechanism) {
319 
320 	case CKM_ECMQV_DERIVE:
321 		/* uses CK_ECDH2_DERIVE_PARAMS struct as the parameter */
322 
323 		if ((pMech->pParameter == NULL) || (pMech->ulParameterLen
324 		    != sizeof (CK_ECDH2_DERIVE_PARAMS))) {
325 			rv = CKR_ARGUMENTS_BAD;
326 			goto finish;
327 		}
328 
329 		/* Duplicate the mechanism and paramaters */
330 		ec_tmpptr = (CK_ECDH2_DERIVE_PARAMS *)pMech->pParameter;
331 		ecdh_params = *ec_tmpptr;
332 		metaMech = *pMech;
333 		metaMech.pParameter = &ecdh_params;
334 		pMech = &metaMech;
335 
336 		/* Get the key the application is providing */
337 		phBaseKey2 = &ecdh_params.hPrivateData;
338 		break;
339 
340 	case CKM_X9_42_DH_HYBRID_DERIVE:
341 	case CKM_X9_42_MQV_DERIVE:
342 		/* both use CK_X9_42_DH2_DERIVE_PARAMS as the parameter */
343 
344 		if ((pMech->pParameter == NULL) || (pMech->ulParameterLen
345 		    != sizeof (CK_X9_42_DH2_DERIVE_PARAMS))) {
346 			rv = CKR_ARGUMENTS_BAD;
347 			goto finish;
348 		}
349 
350 		/* Duplicate the mechanism and paramaters */
351 		x9_tmpptr = (CK_X9_42_DH2_DERIVE_PARAMS *)pMech->pParameter;
352 		x942_params = *x9_tmpptr;
353 		metaMech = *pMech;
354 		metaMech.pParameter  = &x942_params;
355 		pMech = &metaMech;
356 
357 		/* Get the key the application is providing */
358 		phBaseKey2 = &x942_params.hPrivateData;
359 		break;
360 
361 	case CKM_CONCATENATE_BASE_AND_KEY:
362 		/* uses a CK_OBJECT_HANDLE as the parameter */
363 
364 		if ((pMech->pParameter == NULL) || (pMech->ulParameterLen
365 		    != sizeof (CK_OBJECT_HANDLE))) {
366 			rv = CKR_ARGUMENTS_BAD;
367 			goto finish;
368 		}
369 
370 		/* Duplicate the mechanism and paramaters */
371 		metaMech = *pMech;
372 		pMech = &metaMech;
373 
374 		/* Get the key the application is providing */
375 		phBaseKey2 = (CK_OBJECT_HANDLE *) &metaMech.pParameter;
376 		break;
377 
378 	default:
379 		/* nothing special to do. */
380 		break;
381 	}
382 
383 	if (phBaseKey2) {
384 		rv = meta_handle2object(*phBaseKey2, &basekey2);
385 		if (rv != CKR_OK)
386 			goto finish;
387 	}
388 
389 	/*
390 	 * Allocate meta objects to store the derived key(s). Normally just
391 	 * a single key is created, but the SSL/TLS mechanisms generate four.
392 	 */
393 	rv = meta_object_alloc(session, &newKey1);
394 	if (rv != CKR_OK)
395 		goto finish;
396 
397 	if (ssl_keys) {
398 		rv = meta_object_alloc(session, &newKey2);
399 		if (rv != CKR_OK)
400 			goto finish;
401 		rv = meta_object_alloc(session, &newKey3);
402 		if (rv != CKR_OK)
403 			goto finish;
404 		rv = meta_object_alloc(session, &newKey4);
405 		if (rv != CKR_OK)
406 			goto finish;
407 	}
408 
409 
410 	/* Perform the actual key derive operation. */
411 	rv = meta_derive_key(session, pMech, basekey1, basekey2, phBaseKey2,
412 	    pTemplate, ulAttributeCount, newKey1, newKey2, newKey3, newKey4);
413 	if (rv != CKR_OK)
414 		goto finish;
415 
416 	if (tlsprf) {
417 		(void) meta_object_dealloc(session, newKey1, B_TRUE);
418 		newKey1 = NULL;
419 		/* phKey isn't used (is NULL) for mechanism CKM_TLS_PRF. */
420 
421 	} else {
422 		/* Make derived key(s) active and visible to other threads. */
423 		meta_object_activate(newKey1);
424 		if (ssl_keys) {
425 			meta_object_activate(newKey2);
426 			meta_object_activate(newKey3);
427 			meta_object_activate(newKey4);
428 
429 			ssl_key_mat->hClientMacSecret
430 			    = (CK_OBJECT_HANDLE) newKey1;
431 			ssl_key_mat->hServerMacSecret
432 			    = (CK_OBJECT_HANDLE) newKey2;
433 			ssl_key_mat->hClientKey = (CK_OBJECT_HANDLE) newKey3;
434 			ssl_key_mat->hServerKey = (CK_OBJECT_HANDLE) newKey4;
435 			/* phKey isn't used (is NULL) for these SSL/TLS mechs */
436 
437 		} else {
438 			*phKey = (CK_OBJECT_HANDLE) newKey1;
439 		}
440 	}
441 
442 finish:
443 	if (rv != CKR_OK) {
444 		if (newKey1)
445 			(void) meta_object_dealloc(session, newKey1, B_TRUE);
446 		if (newKey2)
447 			(void) meta_object_dealloc(session, newKey2, B_TRUE);
448 		if (newKey3)
449 			(void) meta_object_dealloc(session, newKey3, B_TRUE);
450 		if (newKey4)
451 			(void) meta_object_dealloc(session, newKey4, B_TRUE);
452 	}
453 
454 	if (basekey1)
455 		OBJRELEASE(basekey1);
456 	if (basekey2)
457 		OBJRELEASE(basekey2);
458 	REFRELEASE(session);
459 
460 	return (rv);
461 }
462