1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #include <strings.h> 27 #include <md5.h> 28 #include <pthread.h> 29 #include <stdlib.h> 30 #include <sys/sha1.h> 31 #include <sys/sha2.h> 32 #include <sys/types.h> 33 #include <security/cryptoki.h> 34 #include "softGlobal.h" 35 #include "softOps.h" 36 #include "softSession.h" 37 #include "softObject.h" 38 39 40 /* 41 * soft_digest_init() 42 * 43 * Arguments: 44 * session_p: pointer to soft_session_t struct 45 * pMechanism: pointer to CK_MECHANISM struct provided by application 46 * 47 * Description: 48 * called by C_DigestInit(). This function allocates space for 49 * context, then calls the corresponding software provided digest 50 * init routine based on the mechanism. 51 * 52 * Returns: 53 * CKR_OK: success 54 * CKR_HOST_MEMORY: run out of system memory 55 * CKR_MECHANISM_INVALID: invalid mechanism type 56 */ 57 CK_RV 58 soft_digest_init(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism) 59 { 60 61 switch (pMechanism->mechanism) { 62 63 case CKM_MD5: 64 (void) pthread_mutex_lock(&session_p->session_mutex); 65 66 session_p->digest.context = malloc(sizeof (MD5_CTX)); 67 68 if (session_p->digest.context == NULL) { 69 (void) pthread_mutex_unlock(&session_p->session_mutex); 70 return (CKR_HOST_MEMORY); 71 } 72 73 session_p->digest.mech.mechanism = CKM_MD5; 74 (void) pthread_mutex_unlock(&session_p->session_mutex); 75 76 MD5Init((MD5_CTX *)session_p->digest.context); 77 78 break; 79 80 case CKM_SHA_1: 81 82 (void) pthread_mutex_lock(&session_p->session_mutex); 83 84 session_p->digest.context = malloc(sizeof (SHA1_CTX)); 85 86 if (session_p->digest.context == NULL) { 87 (void) pthread_mutex_unlock(&session_p->session_mutex); 88 return (CKR_HOST_MEMORY); 89 } 90 91 session_p->digest.mech.mechanism = CKM_SHA_1; 92 session_p->digest.mech.pParameter = pMechanism->pParameter; 93 session_p->digest.mech.ulParameterLen = 94 pMechanism->ulParameterLen; 95 (void) pthread_mutex_unlock(&session_p->session_mutex); 96 97 SHA1Init((SHA1_CTX *)session_p->digest.context); 98 99 break; 100 101 case CKM_SHA256: 102 case CKM_SHA384: 103 case CKM_SHA512: 104 105 (void) pthread_mutex_lock(&session_p->session_mutex); 106 107 session_p->digest.context = malloc(sizeof (SHA2_CTX)); 108 109 if (session_p->digest.context == NULL) { 110 (void) pthread_mutex_unlock(&session_p->session_mutex); 111 return (CKR_HOST_MEMORY); 112 } 113 114 switch (pMechanism->mechanism) { 115 case CKM_SHA256: 116 session_p->digest.mech.mechanism = CKM_SHA256; 117 (void) pthread_mutex_unlock(&session_p->session_mutex); 118 SHA2Init(SHA256, 119 (SHA2_CTX *)session_p->digest.context); 120 break; 121 122 case CKM_SHA384: 123 session_p->digest.mech.mechanism = CKM_SHA384; 124 (void) pthread_mutex_unlock(&session_p->session_mutex); 125 SHA2Init(SHA384, 126 (SHA2_CTX *)session_p->digest.context); 127 break; 128 129 case CKM_SHA512: 130 session_p->digest.mech.mechanism = CKM_SHA512; 131 (void) pthread_mutex_unlock(&session_p->session_mutex); 132 SHA2Init(SHA512, 133 (SHA2_CTX *)session_p->digest.context); 134 break; 135 } 136 break; 137 138 default: 139 return (CKR_MECHANISM_INVALID); 140 } 141 142 return (CKR_OK); 143 } 144 145 146 /* 147 * soft_digest_common() 148 * 149 * Arguments: 150 * session_p: pointer to soft_session_t struct 151 * pData: pointer to the input data to be digested 152 * ulDataLen: length of the input data 153 * pDigest: pointer to the output data after digesting 154 * pulDigestLen: length of the output data 155 * 156 * Description: 157 * called by soft_digest() or soft_digest_final(). This function 158 * determines the length of output buffer and calls the corresponding 159 * software provided digest routine based on the mechanism. 160 * 161 * Returns: 162 * CKR_OK: success 163 * CKR_MECHANISM_INVALID: invalid mechanism type 164 * CKR_BUFFER_TOO_SMALL: the output buffer provided by application 165 * is too small 166 */ 167 CK_RV 168 soft_digest_common(soft_session_t *session_p, CK_BYTE_PTR pData, 169 CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) 170 { 171 172 CK_ULONG digestLen = 0; 173 size_t len = 0; 174 175 /* 176 * Determine the output data length based on the mechanism 177 */ 178 switch (session_p->digest.mech.mechanism) { 179 180 case CKM_MD5: 181 digestLen = 16; 182 break; 183 184 case CKM_SHA_1: 185 digestLen = 20; 186 break; 187 188 case CKM_SHA256: 189 digestLen = 32; 190 break; 191 192 case CKM_SHA384: 193 digestLen = 48; 194 break; 195 196 case CKM_SHA512: 197 digestLen = 64; 198 break; 199 200 default: 201 return (CKR_MECHANISM_INVALID); 202 } 203 204 if (pDigest == NULL) { 205 /* 206 * Application only wants to know the length of the 207 * buffer needed to hold the message digest. 208 */ 209 *pulDigestLen = digestLen; 210 return (CKR_OK); 211 } 212 213 if (*pulDigestLen < digestLen) { 214 /* 215 * Application provides buffer too small to hold the 216 * digest message. Return the length of buffer needed 217 * to the application. 218 */ 219 *pulDigestLen = digestLen; 220 return (CKR_BUFFER_TOO_SMALL); 221 } 222 223 /* 224 * Call the corresponding system provided software digest routine. 225 * If the soft_digest_common() is called by soft_digest_final() 226 * the pData is NULL, and the ulDataLen is zero. 227 */ 228 switch (session_p->digest.mech.mechanism) { 229 230 case CKM_MD5: 231 if (pData != NULL) { 232 /* 233 * this is called by soft_digest() 234 */ 235 #ifdef __sparcv9 236 MD5Update((MD5_CTX *)session_p->digest.context, 237 /* LINTED */ 238 pData, (uint_t)ulDataLen); 239 #else /* !__sparcv9 */ 240 MD5Update((MD5_CTX *)session_p->digest.context, 241 pData, ulDataLen); 242 #endif /* __sparcv9 */ 243 MD5Final(pDigest, (MD5_CTX *)session_p->digest.context); 244 } else { 245 /* 246 * this is called by soft_digest_final() 247 */ 248 MD5Final(pDigest, (MD5_CTX *)session_p->digest.context); 249 len = sizeof (MD5_CTX); 250 } 251 break; 252 253 case CKM_SHA_1: 254 if (pData != NULL) { 255 /* 256 * this is called by soft_digest() 257 */ 258 259 #ifdef __sparcv9 260 SHA1Update((SHA1_CTX *)session_p->digest.context, 261 /* LINTED */ 262 pData, (uint32_t)ulDataLen); 263 #else /* !__sparcv9 */ 264 SHA1Update((SHA1_CTX *)session_p->digest.context, 265 pData, ulDataLen); 266 #endif /* __sparcv9 */ 267 SHA1Final(pDigest, 268 (SHA1_CTX *)session_p->digest.context); 269 } else { 270 /* 271 * this is called by soft_digest_final() 272 */ 273 SHA1Final(pDigest, 274 (SHA1_CTX *)session_p->digest.context); 275 len = sizeof (SHA1_CTX); 276 } 277 break; 278 case CKM_SHA256: 279 case CKM_SHA384: 280 case CKM_SHA512: 281 if (pData != NULL) { 282 /* 283 * this is called by soft_digest() 284 */ 285 286 SHA2Update((SHA2_CTX *)session_p->digest.context, 287 pData, ulDataLen); 288 289 SHA2Final(pDigest, 290 (SHA2_CTX *)session_p->digest.context); 291 } else { 292 /* 293 * this is called by soft_digest_final() 294 */ 295 SHA2Final(pDigest, 296 (SHA2_CTX *)session_p->digest.context); 297 len = sizeof (SHA2_CTX); 298 } 299 300 break; 301 } 302 303 /* Paranoia on behalf of C_DigestKey callers: bzero the context */ 304 if (session_p->digest.flags & CRYPTO_KEY_DIGESTED) { 305 bzero(session_p->digest.context, len); 306 session_p->digest.flags &= ~CRYPTO_KEY_DIGESTED; 307 } 308 *pulDigestLen = digestLen; 309 (void) pthread_mutex_lock(&session_p->session_mutex); 310 free(session_p->digest.context); 311 session_p->digest.context = NULL; 312 (void) pthread_mutex_unlock(&session_p->session_mutex); 313 314 return (CKR_OK); 315 } 316 317 318 /* 319 * soft_digest() 320 * 321 * Arguments: 322 * session_p: pointer to soft_session_t struct 323 * pData: pointer to the input data to be digested 324 * ulDataLen: length of the input data 325 * pDigest: pointer to the output data after digesting 326 * pulDigestLen: length of the output data 327 * 328 * Description: 329 * called by C_Digest(). This function calls soft_digest_common(). 330 * 331 * Returns: 332 * see return values in soft_digest_common(). 333 */ 334 CK_RV 335 soft_digest(soft_session_t *session_p, CK_BYTE_PTR pData, CK_ULONG ulDataLen, 336 CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) 337 { 338 339 return (soft_digest_common(session_p, pData, ulDataLen, 340 pDigest, pulDigestLen)); 341 } 342 343 344 /* 345 * soft_digest_update() 346 * 347 * Arguments: 348 * session_p: pointer to soft_session_t struct 349 * pPart: pointer to the input data to be digested 350 * ulPartLen: length of the input data 351 * 352 * Description: 353 * called by C_DigestUpdate(). This function calls the corresponding 354 * software provided digest update routine based on the mechanism. 355 * 356 * Returns: 357 * CKR_OK: success 358 * CKR_MECHANISM_INVALID: invalid MECHANISM type. 359 */ 360 CK_RV 361 soft_digest_update(soft_session_t *session_p, CK_BYTE_PTR pPart, 362 CK_ULONG ulPartLen) 363 { 364 365 switch (session_p->digest.mech.mechanism) { 366 367 case CKM_MD5: 368 #ifdef __sparcv9 369 MD5Update((MD5_CTX *)session_p->digest.context, 370 /* LINTED */ 371 pPart, (uint_t)ulPartLen); 372 #else /* !__sparcv9 */ 373 MD5Update((MD5_CTX *)session_p->digest.context, 374 pPart, ulPartLen); 375 #endif /* __sparcv9 */ 376 break; 377 378 case CKM_SHA_1: 379 #ifdef __sparcv9 380 SHA1Update((SHA1_CTX *)session_p->digest.context, 381 /* LINTED */ 382 pPart, (uint32_t)ulPartLen); 383 #else /* !__sparcv9 */ 384 SHA1Update((SHA1_CTX *)session_p->digest.context, 385 pPart, ulPartLen); 386 #endif /* __sparcv9 */ 387 break; 388 389 case CKM_SHA256: 390 case CKM_SHA384: 391 case CKM_SHA512: 392 SHA2Update((SHA2_CTX *)session_p->digest.context, 393 pPart, ulPartLen); 394 break; 395 396 default: 397 return (CKR_MECHANISM_INVALID); 398 } 399 400 return (CKR_OK); 401 } 402 403 404 /* 405 * soft_digest_final() 406 * 407 * Arguments: 408 * session_p: pointer to soft_session_t struct 409 * pDigest: pointer to the output data after digesting 410 * pulDigestLen: length of the output data 411 * 412 * Description: 413 * called by C_DigestFinal(). This function calls soft_digest_common(). 414 * 415 * Returns: 416 * see return values in soft_digest_common(). 417 */ 418 CK_RV 419 soft_digest_final(soft_session_t *session_p, CK_BYTE_PTR pDigest, 420 CK_ULONG_PTR pulDigestLen) 421 { 422 423 return (soft_digest_common(session_p, NULL, 0, 424 pDigest, pulDigestLen)); 425 } 426 427 /* 428 * Perform digest init operation internally for the support of 429 * CKM_MD5_RSA_PKCS, CKM_SHA1_RSA_PKCS, CKM_SHA1_KEY_DERIVATION 430 * and CKM_MD5_KEY_DERIVATION mechanisms. 431 * 432 * This function is called with the session being held, and without 433 * its mutex taken. 434 */ 435 CK_RV 436 soft_digest_init_internal(soft_session_t *session_p, CK_MECHANISM_PTR 437 pMechanism) 438 { 439 440 CK_RV rv; 441 442 (void) pthread_mutex_lock(&session_p->session_mutex); 443 444 /* Check to see if digest operation is already active */ 445 if (session_p->digest.flags & CRYPTO_OPERATION_ACTIVE) { 446 (void) pthread_mutex_unlock(&session_p->session_mutex); 447 return (CKR_OPERATION_ACTIVE); 448 } 449 450 session_p->digest.flags = CRYPTO_OPERATION_ACTIVE; 451 452 (void) pthread_mutex_unlock(&session_p->session_mutex); 453 454 rv = soft_digest_init(session_p, pMechanism); 455 456 if (rv != CKR_OK) { 457 (void) pthread_mutex_lock(&session_p->session_mutex); 458 session_p->digest.flags &= ~CRYPTO_OPERATION_ACTIVE; 459 (void) pthread_mutex_unlock(&session_p->session_mutex); 460 } 461 462 return (rv); 463 } 464 465 /* 466 * Call soft_digest_update() function with the value of a secret key. 467 */ 468 CK_RV 469 soft_digest_key(soft_session_t *session_p, soft_object_t *key_p) 470 { 471 472 CK_RV rv; 473 474 /* Only secret key is allowed to be digested */ 475 if (key_p->class != CKO_SECRET_KEY) 476 return (CKR_KEY_INDIGESTIBLE); 477 478 if ((OBJ_SEC_VALUE(key_p) == NULL) || 479 (OBJ_SEC_VALUE_LEN(key_p) == 0)) 480 return (CKR_KEY_SIZE_RANGE); 481 482 rv = soft_digest_update(session_p, OBJ_SEC_VALUE(key_p), 483 OBJ_SEC_VALUE_LEN(key_p)); 484 485 return (rv); 486 487 } 488 489 /* 490 * This function releases allocated digest context. The caller 491 * may (lock_held == B_TRUE) or may not (lock_held == B_FALSE) 492 * hold a session mutex. 493 */ 494 void 495 soft_digest_cleanup(soft_session_t *session_p, boolean_t lock_held) 496 { 497 boolean_t lock_true = B_TRUE; 498 499 if (!lock_held) 500 (void) pthread_mutex_lock(&session_p->session_mutex); 501 502 if (session_p->digest.context != NULL) { 503 free(session_p->digest.context); 504 session_p->digest.context = NULL; 505 } 506 507 session_p->digest.flags = 0; 508 509 if (!lock_held) 510 SES_REFRELE(session_p, lock_true); 511 512 } 513