xref: /illumos-gate/usr/src/lib/pkcs11/libpkcs11/common/metaVerify.c (revision 40cb5e5daa7b80bb70fcf8dadfb20f9281566331)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #pragma ident	"%Z%%M%	%I%	%E% SMI"
28 
29 /*
30  * Functions for Verifying Signatures and MACS
31  * (as defined in PKCS#11 spec section 11.13)
32  */
33 
34 #include "metaGlobal.h"
35 
36 
37 /*
38  * meta_VerifyInit
39  *
40  */
41 CK_RV
42 meta_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
43     CK_OBJECT_HANDLE hKey)
44 {
45 	CK_RV rv;
46 	meta_session_t *session;
47 	meta_object_t *key;
48 
49 	if (pMechanism == NULL)
50 		return (CKR_ARGUMENTS_BAD);
51 
52 	rv = meta_handle2session(hSession, &session);
53 	if (rv != CKR_OK)
54 		return (rv);
55 
56 	rv = meta_handle2object(hKey, &key);
57 	if (rv != CKR_OK) {
58 		REFRELEASE(session);
59 		return (rv);
60 	}
61 
62 	rv = meta_operation_init(OP_VERIFY, session, pMechanism, key);
63 
64 	OBJRELEASE(key);
65 	REFRELEASE(session);
66 
67 	return (rv);
68 }
69 
70 
71 /*
72  * meta_Verify
73  *
74  */
75 CK_RV
76 meta_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
77     CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
78 {
79 	CK_RV rv;
80 	meta_session_t *session;
81 
82 	rv = meta_handle2session(hSession, &session);
83 	if (rv != CKR_OK)
84 		return (rv);
85 
86 	/* Note: unlike other ops, both buffers are inputs, and required. */
87 	if (pData == NULL || pSignature == NULL) {
88 		meta_operation_cleanup(session, OP_VERIFY, FALSE);
89 		REFRELEASE(session);
90 		return (CKR_ARGUMENTS_BAD);
91 	}
92 
93 	rv = meta_do_operation(OP_VERIFY, MODE_SINGLE, session, NULL,
94 		pData, ulDataLen, pSignature, &ulSignatureLen);
95 
96 	REFRELEASE(session);
97 
98 	return (rv);
99 }
100 
101 
102 /*
103  * meta_VerifyUpdate
104  *
105  */
106 CK_RV
107 meta_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
108     CK_ULONG ulPartLen)
109 {
110 	CK_RV rv;
111 	meta_session_t *session;
112 
113 	rv = meta_handle2session(hSession, &session);
114 	if (rv != CKR_OK)
115 		return (rv);
116 
117 	if (pPart == NULL) {
118 		meta_operation_cleanup(session, OP_VERIFY, FALSE);
119 		REFRELEASE(session);
120 		return (CKR_ARGUMENTS_BAD);
121 	}
122 
123 	rv = meta_do_operation(OP_VERIFY, MODE_UPDATE, session, NULL,
124 		pPart, ulPartLen, NULL, NULL);
125 
126 	REFRELEASE(session);
127 
128 	return (rv);
129 }
130 
131 
132 /*
133  * meta_VerifyFinal
134  *
135  */
136 CK_RV
137 meta_VerifyFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
138     CK_ULONG ulSignatureLen)
139 {
140 	CK_RV rv;
141 	meta_session_t *session;
142 
143 	rv = meta_handle2session(hSession, &session);
144 	if (rv != CKR_OK)
145 		return (rv);
146 
147 	/*
148 	 * Unlike other ops the buffer is an input. Allow NULL if there's
149 	 * no more input.
150 	 */
151 	if (pSignature == NULL && ulSignatureLen != 0) {
152 		meta_operation_cleanup(session, OP_VERIFY, FALSE);
153 		REFRELEASE(session);
154 		return (CKR_ARGUMENTS_BAD);
155 	}
156 
157 	rv = meta_do_operation(OP_VERIFY, MODE_FINAL, session, NULL,
158 		pSignature, ulSignatureLen, NULL, NULL);
159 
160 	REFRELEASE(session);
161 
162 	return (rv);
163 }
164 
165 
166 /*
167  * meta_VerifyRecoverInit
168  *
169  */
170 CK_RV
171 meta_VerifyRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
172     CK_OBJECT_HANDLE hKey)
173 {
174 	CK_RV rv;
175 	meta_session_t *session;
176 	meta_object_t *key;
177 
178 	if (pMechanism == NULL)
179 		return (CKR_ARGUMENTS_BAD);
180 
181 	rv = meta_handle2session(hSession, &session);
182 	if (rv != CKR_OK)
183 		return (rv);
184 
185 	rv = meta_handle2object(hKey, &key);
186 	if (rv != CKR_OK) {
187 		REFRELEASE(session);
188 		return (rv);
189 	}
190 
191 	rv = meta_operation_init(OP_VERIFYRECOVER, session, pMechanism, key);
192 
193 	OBJRELEASE(key);
194 	REFRELEASE(session);
195 
196 	return (rv);
197 }
198 
199 
200 /*
201  * meta_VerifyRecover
202  *
203  */
204 CK_RV
205 meta_VerifyRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
206     CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
207 {
208 	CK_RV rv;
209 	meta_session_t *session;
210 
211 	rv = meta_handle2session(hSession, &session);
212 	if (rv != CKR_OK)
213 		return (rv);
214 
215 	if (pSignature == NULL || pulDataLen == NULL) {
216 		meta_operation_cleanup(session, OP_VERIFYRECOVER, FALSE);
217 		REFRELEASE(session);
218 		return (CKR_ARGUMENTS_BAD);
219 	}
220 
221 	rv = meta_do_operation(OP_VERIFYRECOVER, MODE_SINGLE, session, NULL,
222 		pSignature, ulSignatureLen, pData, pulDataLen);
223 
224 	REFRELEASE(session);
225 
226 	return (rv);
227 }
228