1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #include <strings.h> 27 #include <errno.h> 28 #include <ecc_impl.h> 29 #include <security/cryptoki.h> 30 #include <sys/crypto/ioctl.h> 31 #include "kernelGlobal.h" 32 #include "kernelSession.h" 33 #include "kernelObject.h" 34 35 static boolean_t 36 attribute_in_template(CK_ATTRIBUTE_TYPE type, CK_ATTRIBUTE_PTR t, CK_ULONG cnt) 37 { 38 int i; 39 40 for (i = 0; i < cnt; i++) { 41 if (t[i].type == type) 42 return (B_TRUE); 43 } 44 return (B_FALSE); 45 } 46 47 /* 48 * This routine returns modulus bytes rounded up to the nearest 8 byte 49 * chunk. This is so we don't have to pass in max sized buffers for 50 * returned attributes. Every unnecessary byte that we pass in results 51 * in a kernel allocation. 52 */ 53 static ulong_t 54 get_modulus_bytes(CK_ATTRIBUTE_PTR t, CK_ULONG cnt) 55 { 56 CK_ULONG modulus_len; 57 int i; 58 59 for (i = 0; i < cnt; i++) { 60 if (t[i].type == CKA_MODULUS_BITS) { 61 get_ulong_attr_from_template(&modulus_len, &t[i]); 62 /* convert from bit length to byte length */ 63 modulus_len = (modulus_len - 1) / 64 + 1; 64 return (modulus_len * 8); 65 } 66 } 67 return (0); 68 } 69 70 /* 71 * Remove specified attribute from array. Storage for the attribute's 72 * value is freed if 'free_attr' is TRUE. Attributes are shifted so they are 73 * contiguous within the array, i.e. the next attribute is shifted into 74 * the position of the removed attribute. Returns TRUE if specified 75 * attribute is removed. 76 */ 77 static boolean_t 78 remove_one_attribute(CK_ATTRIBUTE_PTR t, CK_ULONG type, uint_t count, 79 boolean_t free_attr) 80 { 81 int i, j; 82 83 for (i = 0, j = 0; i < count; i++) { 84 if (t[i].type == type) { 85 if (free_attr) { 86 free(t[i].pValue); 87 } 88 continue; 89 } 90 if (i != j) { 91 t[j].type = t[i].type; 92 t[j].pValue = t[i].pValue; 93 t[j].ulValueLen = t[i].ulValueLen; 94 } 95 j++; 96 } 97 if (j == count) 98 return (B_FALSE); 99 100 /* safety */ 101 t[j].pValue = NULL; 102 t[j].ulValueLen = 0; 103 return (B_TRUE); 104 } 105 106 static boolean_t 107 is_secret_key_template(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount) 108 { 109 int i; 110 for (i = 0; i < ulAttributeCount; i++) { 111 if (pTemplate[i].type == CKA_CLASS && 112 *(CK_OBJECT_CLASS *)(pTemplate[i].pValue) == 113 CKO_SECRET_KEY) 114 return (B_TRUE); 115 } 116 return (B_FALSE); 117 } 118 119 /* 120 * Allocate a template with space for new_count entries and copy the 121 * specified template into the new template. 122 */ 123 static CK_ATTRIBUTE_PTR 124 grow_template(CK_ATTRIBUTE_PTR old_template, CK_ULONG old_count, 125 CK_ULONG new_count) 126 { 127 CK_ATTRIBUTE_PTR new_template; 128 129 new_template = malloc(new_count * sizeof (CK_ATTRIBUTE)); 130 if (new_template != NULL) 131 bcopy(old_template, new_template, 132 old_count * sizeof (CK_ATTRIBUTE)); 133 return (new_template); 134 } 135 136 /* 137 * For fixed length keys such as DES, return the length based on 138 * the key type. For variable length keys such as AES, take the 139 * length from the CKA_VALUE_LEN attribute. 140 */ 141 static int 142 get_key_len_from_template(CK_MECHANISM_PTR pMechanism, 143 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, 144 kernel_object_t *basekey_p, ulong_t *key_len) 145 { 146 boolean_t fixed_len_key = B_FALSE; 147 ulong_t key_type; 148 int i; 149 150 for (i = 0; i < ulAttributeCount; i++) { 151 if (pTemplate[i].type == CKA_KEY_TYPE) { 152 get_ulong_attr_from_template(&key_type, &pTemplate[i]); 153 break; 154 } 155 } 156 /* CKA_KEY_TYPE must be present */ 157 if (i == ulAttributeCount) 158 return (CKR_TEMPLATE_INCOMPLETE); 159 160 switch (key_type) { 161 case CKK_DES: 162 *key_len = 8; 163 fixed_len_key = B_TRUE; 164 break; 165 case CKK_DES3: 166 *key_len = 24; 167 fixed_len_key = B_TRUE; 168 break; 169 case CKK_AES: 170 case CKK_BLOWFISH: 171 for (i = 0; i < ulAttributeCount; i++) { 172 if (pTemplate[i].type == CKA_VALUE_LEN) { 173 get_ulong_attr_from_template(key_len, 174 &pTemplate[i]); 175 break; 176 } 177 } 178 /* CKA_VALUE_LEN must be present */ 179 if (i == ulAttributeCount) 180 return (CKR_TEMPLATE_INCOMPLETE); 181 break; 182 case CKK_GENERIC_SECRET: 183 /* 184 * The key will not be truncated, so we need to 185 * get the max length for the mechanism. 186 */ 187 if (pMechanism->mechanism == CKM_DH_PKCS_DERIVE) { 188 CK_ATTRIBUTE tmp; 189 190 tmp.type = CKA_PRIME; 191 tmp.pValue = NULL; 192 193 /* get size of attribute */ 194 if (kernel_get_attribute(basekey_p, &tmp) != CKR_OK) { 195 return (CKR_ARGUMENTS_BAD); 196 } 197 *key_len = tmp.ulValueLen; 198 } else if (pMechanism->mechanism == CKM_ECDH1_DERIVE) { 199 *key_len = EC_MAX_VALUE_LEN; 200 } else { 201 return (CKR_ARGUMENTS_BAD); 202 } 203 break; 204 default: 205 return (CKR_ATTRIBUTE_VALUE_INVALID); 206 } 207 208 if (fixed_len_key && attribute_in_template(CKA_VALUE_LEN, 209 pTemplate, ulAttributeCount)) 210 return (CKR_TEMPLATE_INCONSISTENT); 211 212 return (CKR_OK); 213 } 214 215 /* find specified attribute src template and copy to dest */ 216 static int 217 copy_attribute(CK_ULONG type, CK_ATTRIBUTE_PTR src, CK_ULONG src_cnt, 218 CK_ATTRIBUTE_PTR dst) 219 { 220 int rv, i; 221 222 for (i = 0; i < src_cnt; i++) { 223 if (src[i].type == type) { 224 rv = get_string_from_template(dst, &src[i]); 225 break; 226 } 227 } 228 /* 229 * The public template didn't have attribute. 230 */ 231 if (i == src_cnt) { 232 rv = CKR_TEMPLATE_INCOMPLETE; 233 } 234 return (rv); 235 } 236 237 static void 238 free_attributes(caddr_t p, uint_t *countp) 239 { 240 if (*countp > 0) { 241 free_object_attributes(p, *countp); 242 *countp = 0; 243 } 244 } 245 246 CK_RV 247 key_gen_by_value(CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, 248 CK_ULONG ulCount, kernel_session_t *session_p, 249 crypto_mech_type_t k_mech_type, kernel_object_t *new_objp) 250 { 251 crypto_nostore_generate_key_t obj_ngk; 252 char *key_buf = NULL; 253 CK_ATTRIBUTE_PTR newTemplate = NULL; 254 CK_BBOOL is_token_obj = FALSE; 255 CK_RV rv = CKR_OK; 256 ulong_t key_len = 0; 257 uint_t attr_count; 258 int r; 259 260 obj_ngk.ngk_in_count = 0; 261 obj_ngk.ngk_out_count = 0; 262 263 rv = get_key_len_from_template(pMechanism, pTemplate, ulCount, 264 NULL, &key_len); 265 if (rv != CRYPTO_SUCCESS) 266 goto failed_exit; 267 268 if ((key_buf = malloc(key_len)) == NULL) { 269 rv = CKR_HOST_MEMORY; 270 goto failed_exit; 271 } 272 273 attr_count = ulCount + 1; 274 newTemplate = grow_template(pTemplate, ulCount, attr_count); 275 if (newTemplate == NULL) { 276 rv = CKR_HOST_MEMORY; 277 goto failed_exit; 278 } 279 280 /* Now add the CKA_VALUE attribute to template */ 281 newTemplate[ulCount].type = CKA_VALUE; 282 newTemplate[ulCount].pValue = (caddr_t)key_buf; 283 newTemplate[ulCount].ulValueLen = key_len; 284 285 rv = process_object_attributes(newTemplate, attr_count - 1, 286 &obj_ngk.ngk_in_attributes, &is_token_obj); 287 if (rv != CKR_OK) { 288 goto failed_exit; 289 } 290 rv = process_object_attributes(&newTemplate[ulCount], 291 1, &obj_ngk.ngk_out_attributes, &is_token_obj); 292 if (rv != CKR_OK) { 293 goto failed_exit; 294 } 295 296 /* Cannot create a token object with a READ-ONLY session. */ 297 if (is_token_obj && session_p->ses_RO) { 298 rv = CKR_SESSION_READ_ONLY; 299 goto failed_exit; 300 } 301 302 /* Call the CRYPTO_NOSTORE_GENERATE_KEY ioctl */ 303 obj_ngk.ngk_session = session_p->k_session; 304 obj_ngk.ngk_in_count = attr_count - 1; 305 obj_ngk.ngk_out_count = 1; 306 obj_ngk.ngk_mechanism.cm_type = k_mech_type; 307 obj_ngk.ngk_mechanism.cm_param = pMechanism->pParameter; 308 obj_ngk.ngk_mechanism.cm_param_len = pMechanism->ulParameterLen; 309 310 while ((r = ioctl(kernel_fd, CRYPTO_NOSTORE_GENERATE_KEY, 311 &obj_ngk)) < 0) { 312 if (errno != EINTR) 313 break; 314 } 315 if (r < 0) { 316 rv = CKR_FUNCTION_FAILED; 317 } else { 318 rv = crypto2pkcs11_error_number(obj_ngk.ngk_return_value); 319 } 320 free_attributes(obj_ngk.ngk_in_attributes, &obj_ngk.ngk_in_count); 321 if (rv != CKR_OK) { 322 goto failed_exit; 323 } 324 325 rv = get_object_attributes(&newTemplate[ulCount], 1, 326 obj_ngk.ngk_out_attributes); 327 free_attributes(obj_ngk.ngk_out_attributes, &obj_ngk.ngk_out_count); 328 if (rv != CRYPTO_SUCCESS) { 329 goto failed_exit; 330 } 331 332 /* 333 * CKA_VALUE_LEN is not stored with the secret key object, 334 * so we remove it by shifting attributes down one. 335 */ 336 (void) remove_one_attribute(newTemplate, CKA_VALUE_LEN, 337 attr_count, B_FALSE); 338 339 rv = kernel_build_object(newTemplate, attr_count - 1, 340 new_objp, session_p, KERNEL_GEN_KEY); 341 if (rv != CRYPTO_SUCCESS) { 342 goto failed_exit; 343 } 344 new_objp->is_lib_obj = B_TRUE; 345 new_objp->session_handle = (CK_SESSION_HANDLE)session_p; 346 (void) free(newTemplate); 347 bzero(key_buf, key_len); 348 (void) free(key_buf); 349 return (CKR_OK); 350 351 failed_exit: 352 free_attributes(obj_ngk.ngk_in_attributes, &obj_ngk.ngk_in_count); 353 free_attributes(obj_ngk.ngk_out_attributes, &obj_ngk.ngk_out_count); 354 if (key_buf != NULL) { 355 bzero(key_buf, key_len); 356 (void) free(key_buf); 357 } 358 if (newTemplate != NULL) { 359 (void) free(newTemplate); 360 } 361 return (rv); 362 } 363 364 CK_RV 365 C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 366 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey) 367 { 368 CK_RV rv = CKR_OK; 369 kernel_session_t *session_p; 370 kernel_object_t *new_objp = NULL; 371 kernel_slot_t *pslot; 372 boolean_t ses_lock_held = B_FALSE; 373 CK_BBOOL is_pri_obj; 374 CK_BBOOL is_token_obj = FALSE; 375 crypto_mech_type_t k_mech_type; 376 int r; 377 378 if (!kernel_initialized) 379 return (CKR_CRYPTOKI_NOT_INITIALIZED); 380 381 /* Obtain the session pointer */ 382 rv = handle2session(hSession, &session_p); 383 if (rv != CKR_OK) 384 return (rv); 385 386 if ((pMechanism == NULL) || (phKey == NULL)) { 387 rv = CKR_ARGUMENTS_BAD; 388 goto failed_exit; 389 } 390 391 if ((pTemplate == NULL) && (ulCount != 0)) { 392 rv = CKR_ARGUMENTS_BAD; 393 goto failed_exit; 394 } 395 396 /* Get the kernel's internal mechanism number. */ 397 rv = kernel_mech(pMechanism->mechanism, &k_mech_type); 398 if (rv != CKR_OK) { 399 goto failed_exit; 400 } 401 402 /* Create an object wrapper in the library first */ 403 new_objp = calloc(1, sizeof (kernel_object_t)); 404 if (new_objp == NULL) { 405 rv = CKR_HOST_MEMORY; 406 goto failed_exit; 407 } 408 409 /* 410 * Special Case: if token does not support object creation, 411 * but does support key generation by value, then create a session 412 * object and initialize with value returned by token. 413 */ 414 pslot = slot_table[session_p->ses_slotid]; 415 if (!pslot->sl_func_list.fl_object_create) { 416 rv = key_gen_by_value(pMechanism, pTemplate, ulCount, session_p, 417 k_mech_type, new_objp); 418 if (rv != CKR_OK) 419 goto failed_exit; 420 } else { 421 crypto_object_generate_key_t obj_gk; 422 423 /* Process the attributes */ 424 rv = process_object_attributes(pTemplate, ulCount, 425 &obj_gk.gk_attributes, &is_token_obj); 426 if (rv != CKR_OK) { 427 goto failed_exit; 428 } 429 /* Cannot create a token object with a READ-ONLY session. */ 430 if (is_token_obj && session_p->ses_RO) { 431 free_object_attributes(obj_gk.gk_attributes, ulCount); 432 rv = CKR_SESSION_READ_ONLY; 433 goto failed_exit; 434 } 435 436 /* Call the CRYPTO_GENERATE_KEY ioctl */ 437 obj_gk.gk_session = session_p->k_session; 438 obj_gk.gk_count = ulCount; 439 obj_gk.gk_mechanism.cm_type = k_mech_type; 440 obj_gk.gk_mechanism.cm_param = pMechanism->pParameter; 441 obj_gk.gk_mechanism.cm_param_len = pMechanism->ulParameterLen; 442 443 while ((r = ioctl(kernel_fd, CRYPTO_GENERATE_KEY, 444 &obj_gk)) < 0) { 445 if (errno != EINTR) 446 break; 447 } 448 if (r < 0) { 449 rv = CKR_FUNCTION_FAILED; 450 } else { 451 rv = crypto2pkcs11_error_number(obj_gk.gk_return_value); 452 } 453 454 free_object_attributes(obj_gk.gk_attributes, ulCount); 455 456 if (rv != CKR_OK) { 457 goto failed_exit; 458 } 459 460 /* Get the value of the CKA_PRIVATE attribute. */ 461 rv = get_cka_private_value(session_p, obj_gk.gk_handle, 462 &is_pri_obj); 463 if (rv != CKR_OK) { 464 goto failed_exit; 465 } 466 467 /* 468 * Store the kernel object handle in the object wrapper and 469 * initialize the library object. 470 */ 471 new_objp->k_handle = obj_gk.gk_handle; 472 new_objp->is_lib_obj = B_FALSE; 473 new_objp->session_handle = (CK_SESSION_HANDLE)session_p; 474 new_objp->extra_attrlistp = NULL; 475 476 if (is_pri_obj) 477 new_objp->bool_attr_mask |= PRIVATE_BOOL_ON; 478 else 479 new_objp->bool_attr_mask &= ~PRIVATE_BOOL_ON; 480 481 if (is_token_obj) 482 new_objp->bool_attr_mask |= TOKEN_BOOL_ON; 483 else 484 new_objp->bool_attr_mask &= ~TOKEN_BOOL_ON; 485 } 486 487 (void) pthread_mutex_init(&new_objp->object_mutex, NULL); 488 new_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 489 490 /* 491 * Add the new object to the slot's token object list if it is a 492 * a token object. Otherwise, add it to the session's object list. 493 */ 494 if (is_token_obj) { 495 pslot = slot_table[session_p->ses_slotid]; 496 kernel_add_token_object_to_slot(new_objp, pslot); 497 } else { 498 kernel_add_object_to_session(new_objp, session_p); 499 } 500 501 *phKey = (CK_OBJECT_HANDLE)new_objp; 502 REFRELE(session_p, ses_lock_held); 503 return (rv); 504 505 failed_exit: 506 if (new_objp != NULL) { 507 (void) free(new_objp); 508 } 509 510 REFRELE(session_p, ses_lock_held); 511 return (rv); 512 } 513 514 CK_RV 515 key_gen_rsa_by_value(CK_MECHANISM_PTR pMechanism, 516 CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, 517 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, 518 kernel_session_t *session_p, crypto_mech_type_t k_mech_type, 519 kernel_object_t *new_pub_objp, kernel_object_t *new_pri_objp) 520 { 521 crypto_nostore_generate_key_pair_t obj_nkp; 522 CK_ATTRIBUTE_PTR pubTemplate = NULL; 523 CK_ATTRIBUTE_PTR priTemplate = NULL; 524 CK_RV rv = CKR_OK; 525 CK_BBOOL is_token_obj1 = FALSE; 526 CK_BBOOL is_token_obj2 = FALSE; 527 uint_t pub_attr_count, pri_attr_count; 528 uint_t pub_out_attr_count = 0, pri_out_attr_count = 0; 529 char public_modulus[512]; 530 char public_exponent[8]; 531 char private_exponent[512]; 532 char private_modulus[512]; 533 char prime_1[512]; 534 char prime_2[512]; 535 char exponent_1[512]; 536 char exponent_2[512]; 537 char coefficient[512]; 538 CK_ULONG pub_class = CKO_PUBLIC_KEY; 539 CK_ULONG pri_class = CKO_PRIVATE_KEY; 540 CK_ULONG key_type; 541 CK_ULONG modulus_bytes; 542 boolean_t has_class, has_key_type, has_pub_exponent; 543 int n, r; 544 545 obj_nkp.nkp_in_public_count = 0; 546 obj_nkp.nkp_out_public_count = 0; 547 obj_nkp.nkp_in_private_count = 0; 548 obj_nkp.nkp_out_private_count = 0; 549 550 /* modulus bits must be present when generating a RSA key pair */ 551 if (!attribute_in_template(CKA_MODULUS_BITS, pPublicKeyTemplate, 552 ulPublicKeyAttributeCount)) { 553 rv = CKR_TEMPLATE_INCOMPLETE; 554 goto failed_exit; 555 } 556 557 modulus_bytes = get_modulus_bytes(pPublicKeyTemplate, 558 ulPublicKeyAttributeCount); 559 560 /* 561 * Add CKA_MODULUS to the public template. 562 * This attribute must not be in the template. 563 */ 564 if (attribute_in_template(CKA_MODULUS, pPublicKeyTemplate, 565 ulPublicKeyAttributeCount)) { 566 rv = CKR_TEMPLATE_INCONSISTENT; 567 goto failed_exit; 568 } 569 has_class = attribute_in_template(CKA_CLASS, pPublicKeyTemplate, 570 ulPublicKeyAttributeCount); 571 has_key_type = attribute_in_template(CKA_KEY_TYPE, pPublicKeyTemplate, 572 ulPublicKeyAttributeCount); 573 has_pub_exponent = attribute_in_template(CKA_PUBLIC_EXPONENT, 574 pPublicKeyTemplate, ulPublicKeyAttributeCount); 575 576 pub_attr_count = ulPublicKeyAttributeCount + 1; 577 if (!has_class) 578 pub_attr_count++; 579 if (!has_key_type) 580 pub_attr_count++; 581 if (!has_pub_exponent) 582 pub_attr_count++; 583 pubTemplate = grow_template(pPublicKeyTemplate, 584 ulPublicKeyAttributeCount, pub_attr_count); 585 if (pubTemplate == NULL) { 586 rv = CKR_HOST_MEMORY; 587 goto failed_exit; 588 } 589 590 n = ulPublicKeyAttributeCount; 591 if (!has_class) { 592 pubTemplate[n].type = CKA_CLASS; 593 pubTemplate[n].pValue = (caddr_t)&pub_class; 594 pubTemplate[n].ulValueLen = sizeof (pub_class); 595 n++; 596 } 597 if (!has_key_type) { 598 pubTemplate[n].type = CKA_KEY_TYPE; 599 key_type = CKK_RSA; 600 pubTemplate[n].pValue = (caddr_t)&key_type; 601 pubTemplate[n].ulValueLen = sizeof (key_type); 602 n++; 603 } 604 if (!has_pub_exponent) { 605 pubTemplate[n].type = CKA_PUBLIC_EXPONENT; 606 pubTemplate[n].pValue = (caddr_t)public_exponent; 607 pubTemplate[n].ulValueLen = modulus_bytes; 608 n++; 609 pub_out_attr_count++; 610 } 611 pubTemplate[n].type = CKA_MODULUS; 612 pubTemplate[n].pValue = (caddr_t)public_modulus; 613 pubTemplate[n].ulValueLen = modulus_bytes; 614 pub_out_attr_count++; 615 616 rv = process_object_attributes(pubTemplate, 617 pub_attr_count - pub_out_attr_count, 618 &obj_nkp.nkp_in_public_attributes, &is_token_obj1); 619 if (rv != CKR_OK) { 620 goto failed_exit; 621 } 622 obj_nkp.nkp_in_public_count = pub_attr_count - pub_out_attr_count; 623 624 rv = process_object_attributes( 625 &pubTemplate[pub_attr_count - pub_out_attr_count], 626 pub_out_attr_count, &obj_nkp.nkp_out_public_attributes, 627 &is_token_obj1); 628 if (rv != CKR_OK) { 629 goto failed_exit; 630 } 631 obj_nkp.nkp_out_public_count = pub_out_attr_count; 632 633 /* 634 * Cannot create a token object with a READ-ONLY 635 * session. 636 */ 637 if (is_token_obj1 && session_p->ses_RO) { 638 rv = CKR_SESSION_READ_ONLY; 639 goto failed_exit; 640 } 641 642 /* 643 * Add CKA_MODULUS and CKA_PRIVATE_EXPONENT 644 * to the private template. These attributes 645 * must not be in the template. 646 */ 647 if (attribute_in_template(CKA_PRIVATE_EXPONENT, 648 pPrivateKeyTemplate, ulPrivateKeyAttributeCount) || 649 attribute_in_template(CKA_MODULUS, 650 pPrivateKeyTemplate, ulPrivateKeyAttributeCount)) { 651 rv = CKR_TEMPLATE_INCONSISTENT; 652 goto failed_exit; 653 } 654 has_class = attribute_in_template(CKA_CLASS, pPrivateKeyTemplate, 655 ulPrivateKeyAttributeCount); 656 has_key_type = attribute_in_template(CKA_KEY_TYPE, pPrivateKeyTemplate, 657 ulPrivateKeyAttributeCount); 658 659 pri_attr_count = ulPrivateKeyAttributeCount + 7; 660 if (!has_class) 661 pri_attr_count++; 662 if (!has_key_type) 663 pri_attr_count++; 664 665 /* allocate space for CKA_PUBLIC_EXPONENT */ 666 priTemplate = grow_template(pPrivateKeyTemplate, 667 ulPrivateKeyAttributeCount, pri_attr_count + 1); 668 if (priTemplate == NULL) { 669 rv = CKR_HOST_MEMORY; 670 goto failed_exit; 671 } 672 n = ulPrivateKeyAttributeCount; 673 if (!has_class) { 674 priTemplate[n].type = CKA_CLASS; 675 priTemplate[n].pValue = (caddr_t)&pri_class; 676 priTemplate[n].ulValueLen = sizeof (pri_class); 677 n++; 678 } 679 if (!has_key_type) { 680 priTemplate[n].type = CKA_KEY_TYPE; 681 key_type = CKK_RSA; 682 priTemplate[n].pValue = (caddr_t)&key_type; 683 priTemplate[n].ulValueLen = sizeof (key_type); 684 n++; 685 } 686 priTemplate[n].type = CKA_MODULUS; 687 priTemplate[n].pValue = (caddr_t)private_modulus; 688 priTemplate[n].ulValueLen = modulus_bytes; 689 pri_out_attr_count++; 690 691 n++; 692 priTemplate[n].type = CKA_PRIVATE_EXPONENT; 693 priTemplate[n].pValue = (caddr_t)private_exponent; 694 priTemplate[n].ulValueLen = modulus_bytes; 695 pri_out_attr_count++; 696 697 n++; 698 priTemplate[n].type = CKA_PRIME_1; 699 priTemplate[n].pValue = (caddr_t)prime_1; 700 priTemplate[n].ulValueLen = modulus_bytes/2; 701 pri_out_attr_count++; 702 703 n++; 704 priTemplate[n].type = CKA_PRIME_2; 705 priTemplate[n].pValue = (caddr_t)prime_2; 706 priTemplate[n].ulValueLen = modulus_bytes/2; 707 pri_out_attr_count++; 708 709 n++; 710 priTemplate[n].type = CKA_EXPONENT_1; 711 priTemplate[n].pValue = (caddr_t)exponent_1; 712 priTemplate[n].ulValueLen = modulus_bytes/2; 713 pri_out_attr_count++; 714 715 n++; 716 priTemplate[n].type = CKA_EXPONENT_2; 717 priTemplate[n].pValue = (caddr_t)exponent_2; 718 priTemplate[n].ulValueLen = modulus_bytes/2; 719 pri_out_attr_count++; 720 721 n++; 722 priTemplate[n].type = CKA_COEFFICIENT; 723 priTemplate[n].pValue = (caddr_t)coefficient; 724 priTemplate[n].ulValueLen = modulus_bytes/2; 725 pri_out_attr_count++; 726 727 rv = process_object_attributes(priTemplate, 728 pri_attr_count - pri_out_attr_count, 729 &obj_nkp.nkp_in_private_attributes, &is_token_obj2); 730 if (rv != CKR_OK) { 731 goto failed_exit; 732 } 733 obj_nkp.nkp_in_private_count = pri_attr_count - pri_out_attr_count; 734 735 rv = process_object_attributes( 736 &priTemplate[pri_attr_count - pri_out_attr_count], 737 pri_out_attr_count, &obj_nkp.nkp_out_private_attributes, 738 &is_token_obj2); 739 if (rv != CKR_OK) { 740 goto failed_exit; 741 } 742 obj_nkp.nkp_out_private_count = pri_out_attr_count; 743 744 /* 745 * The public key and the private key need to contain the same 746 * attribute values for CKA_TOKEN. 747 */ 748 if (is_token_obj1 != is_token_obj2) { 749 rv = CKR_ATTRIBUTE_VALUE_INVALID; 750 goto failed_exit; 751 } 752 753 /* Call the CRYPTO_NOSTORE_GENERATE_KEY_PAIR ioctl. */ 754 obj_nkp.nkp_session = session_p-> k_session; 755 obj_nkp.nkp_mechanism.cm_type = k_mech_type; 756 obj_nkp.nkp_mechanism.cm_param = pMechanism->pParameter; 757 obj_nkp.nkp_mechanism.cm_param_len = pMechanism->ulParameterLen; 758 759 while ((r = ioctl(kernel_fd, CRYPTO_NOSTORE_GENERATE_KEY_PAIR, 760 &obj_nkp)) < 0) { 761 if (errno != EINTR) 762 break; 763 } 764 if (r < 0) { 765 rv = CKR_FUNCTION_FAILED; 766 } else { 767 rv = crypto2pkcs11_error_number(obj_nkp.nkp_return_value); 768 } 769 free_attributes(obj_nkp.nkp_in_public_attributes, 770 &obj_nkp.nkp_in_public_count); 771 free_attributes(obj_nkp.nkp_in_private_attributes, 772 &obj_nkp.nkp_in_private_count); 773 774 if (rv != CKR_OK) { 775 goto failed_exit; 776 } 777 778 rv = get_object_attributes( 779 &pubTemplate[pub_attr_count - pub_out_attr_count], 780 pub_out_attr_count, obj_nkp.nkp_out_public_attributes); 781 if (rv == CRYPTO_SUCCESS) { 782 rv = get_object_attributes( 783 &priTemplate[pri_attr_count - pri_out_attr_count], 784 pri_out_attr_count, obj_nkp.nkp_out_private_attributes); 785 } 786 free_attributes(obj_nkp.nkp_out_public_attributes, 787 &obj_nkp.nkp_out_public_count); 788 free_attributes(obj_nkp.nkp_out_private_attributes, 789 &obj_nkp.nkp_out_private_count); 790 if (rv != CRYPTO_SUCCESS) { 791 goto failed_exit; 792 } 793 794 /* store generated modulus and public exponent */ 795 rv = kernel_build_object(pubTemplate, pub_attr_count, new_pub_objp, 796 session_p, KERNEL_GEN_KEY); 797 if (rv != CRYPTO_SUCCESS) { 798 goto failed_exit; 799 } 800 801 /* 802 * Copy CKA_PUBLIC_EXPONENT from the public template 803 * to the private template. 804 */ 805 rv = copy_attribute(CKA_PUBLIC_EXPONENT, pubTemplate, 806 pub_attr_count, &priTemplate[pri_attr_count]); 807 if (rv != CRYPTO_SUCCESS) { 808 goto failed_exit; 809 } 810 811 rv = kernel_build_object(priTemplate, pri_attr_count + 1, new_pri_objp, 812 session_p, KERNEL_GEN_KEY); 813 (void) free(priTemplate[pri_attr_count].pValue); 814 if (rv != CRYPTO_SUCCESS) { 815 goto failed_exit; 816 } 817 (void) free(pubTemplate); 818 (void) free(priTemplate); 819 820 new_pub_objp->is_lib_obj = B_TRUE; 821 new_pri_objp->is_lib_obj = B_TRUE; 822 new_pub_objp->session_handle = (CK_SESSION_HANDLE)session_p; 823 new_pri_objp->session_handle = (CK_SESSION_HANDLE)session_p; 824 (void) pthread_mutex_init(&new_pub_objp->object_mutex, NULL); 825 new_pub_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 826 (void) pthread_mutex_init(&new_pri_objp->object_mutex, NULL); 827 new_pri_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 828 return (CKR_OK); 829 830 failed_exit: 831 free_attributes(obj_nkp.nkp_in_public_attributes, 832 &obj_nkp.nkp_in_public_count); 833 free_attributes(obj_nkp.nkp_out_public_attributes, 834 &obj_nkp.nkp_out_public_count); 835 free_attributes(obj_nkp.nkp_in_private_attributes, 836 &obj_nkp.nkp_in_private_count); 837 free_attributes(obj_nkp.nkp_out_private_attributes, 838 &obj_nkp.nkp_out_private_count); 839 if (pubTemplate != NULL) { 840 (void) free(pubTemplate); 841 } 842 if (priTemplate != NULL) { 843 (void) free(priTemplate); 844 } 845 return (rv); 846 } 847 848 CK_RV 849 key_gen_dh_by_value(CK_MECHANISM_PTR pMechanism, 850 CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, 851 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, 852 kernel_session_t *session_p, crypto_mech_type_t k_mech_type, 853 kernel_object_t *new_pub_objp, kernel_object_t *new_pri_objp) 854 { 855 crypto_nostore_generate_key_pair_t obj_nkp; 856 CK_ATTRIBUTE_PTR pubTemplate = NULL; 857 CK_ATTRIBUTE_PTR priTemplate = NULL; 858 CK_RV rv = CKR_OK; 859 CK_BBOOL is_token_obj1 = FALSE; 860 CK_BBOOL is_token_obj2 = FALSE; 861 uint_t pub_attr_count, pri_attr_count; 862 uint_t pub_out_attr_count = 0, pri_out_attr_count = 0; 863 char public_value[256]; 864 char private_value[256]; 865 CK_ULONG pub_class = CKO_PUBLIC_KEY; 866 CK_ULONG pri_class = CKO_PRIVATE_KEY; 867 CK_ULONG key_type; 868 boolean_t has_class, has_key_type; 869 int n, r; 870 871 obj_nkp.nkp_in_public_count = 0; 872 obj_nkp.nkp_out_public_count = 0; 873 obj_nkp.nkp_in_private_count = 0; 874 obj_nkp.nkp_out_private_count = 0; 875 876 /* 877 * Add CKA_VALUE to the public template. 878 * This attribute must not be in the template. 879 */ 880 if (attribute_in_template(CKA_VALUE, pPublicKeyTemplate, 881 ulPublicKeyAttributeCount)) { 882 rv = CKR_TEMPLATE_INCONSISTENT; 883 goto failed_exit; 884 } 885 has_class = attribute_in_template(CKA_CLASS, pPublicKeyTemplate, 886 ulPublicKeyAttributeCount); 887 has_key_type = attribute_in_template(CKA_KEY_TYPE, pPublicKeyTemplate, 888 ulPublicKeyAttributeCount); 889 890 pub_attr_count = ulPublicKeyAttributeCount + 1; 891 if (!has_class) 892 pub_attr_count++; 893 if (!has_key_type) 894 pub_attr_count++; 895 pubTemplate = grow_template(pPublicKeyTemplate, 896 ulPublicKeyAttributeCount, pub_attr_count); 897 if (pubTemplate == NULL) { 898 rv = CKR_HOST_MEMORY; 899 goto failed_exit; 900 } 901 902 n = ulPublicKeyAttributeCount; 903 if (!has_class) { 904 pubTemplate[n].type = CKA_CLASS; 905 pubTemplate[n].pValue = (caddr_t)&pub_class; 906 pubTemplate[n].ulValueLen = sizeof (pub_class); 907 n++; 908 } 909 if (!has_key_type) { 910 pubTemplate[n].type = CKA_KEY_TYPE; 911 key_type = CKK_DH; 912 pubTemplate[n].pValue = (caddr_t)&key_type; 913 pubTemplate[n].ulValueLen = sizeof (key_type); 914 n++; 915 } 916 pubTemplate[n].type = CKA_VALUE; 917 pubTemplate[n].pValue = (caddr_t)public_value; 918 pubTemplate[n].ulValueLen = sizeof (public_value); 919 pub_out_attr_count++; 920 921 rv = process_object_attributes(pubTemplate, 922 pub_attr_count - pub_out_attr_count, 923 &obj_nkp.nkp_in_public_attributes, &is_token_obj1); 924 if (rv != CKR_OK) { 925 goto failed_exit; 926 } 927 obj_nkp.nkp_in_public_count = pub_attr_count - pub_out_attr_count; 928 929 rv = process_object_attributes( 930 &pubTemplate[pub_attr_count - pub_out_attr_count], 931 pub_out_attr_count, &obj_nkp.nkp_out_public_attributes, 932 &is_token_obj1); 933 if (rv != CKR_OK) { 934 goto failed_exit; 935 } 936 obj_nkp.nkp_out_public_count = pub_out_attr_count; 937 938 /* 939 * Cannot create a token object with a READ-ONLY 940 * session. 941 */ 942 if (is_token_obj1 && session_p->ses_RO) { 943 rv = CKR_SESSION_READ_ONLY; 944 goto failed_exit; 945 } 946 947 /* 948 * CKA_BASE, CKA_PRIME, and CKA_VALUE must not appear 949 * in private template. 950 */ 951 if (attribute_in_template(CKA_BASE, pPrivateKeyTemplate, 952 ulPrivateKeyAttributeCount) || 953 attribute_in_template(CKA_PRIME, pPrivateKeyTemplate, 954 ulPrivateKeyAttributeCount) || 955 attribute_in_template(CKA_VALUE, pPrivateKeyTemplate, 956 ulPrivateKeyAttributeCount)) { 957 rv = CKR_TEMPLATE_INCONSISTENT; 958 goto failed_exit; 959 } 960 961 if (attribute_in_template(CKA_VALUE, pPrivateKeyTemplate, 962 ulPrivateKeyAttributeCount)) { 963 rv = CKR_TEMPLATE_INCONSISTENT; 964 goto failed_exit; 965 } 966 has_class = attribute_in_template(CKA_CLASS, pPrivateKeyTemplate, 967 ulPrivateKeyAttributeCount); 968 has_key_type = attribute_in_template(CKA_KEY_TYPE, pPrivateKeyTemplate, 969 ulPrivateKeyAttributeCount); 970 971 pri_attr_count = ulPrivateKeyAttributeCount + 1; 972 if (!has_class) 973 pri_attr_count++; 974 if (!has_key_type) 975 pri_attr_count++; 976 977 /* allocate space for CKA_BASE and CKA_PRIME */ 978 priTemplate = grow_template(pPrivateKeyTemplate, 979 ulPrivateKeyAttributeCount, pri_attr_count + 2); 980 if (priTemplate == NULL) { 981 rv = CKR_HOST_MEMORY; 982 goto failed_exit; 983 } 984 n = ulPrivateKeyAttributeCount; 985 if (!has_class) { 986 priTemplate[n].type = CKA_CLASS; 987 priTemplate[n].pValue = (caddr_t)&pri_class; 988 priTemplate[n].ulValueLen = sizeof (pri_class); 989 n++; 990 } 991 if (!has_key_type) { 992 priTemplate[n].type = CKA_KEY_TYPE; 993 key_type = CKK_DH; 994 priTemplate[n].pValue = (caddr_t)&key_type; 995 priTemplate[n].ulValueLen = sizeof (key_type); 996 n++; 997 } 998 priTemplate[n].type = CKA_VALUE; 999 priTemplate[n].pValue = (caddr_t)private_value; 1000 priTemplate[n].ulValueLen = sizeof (private_value); 1001 pri_out_attr_count++; 1002 1003 rv = process_object_attributes(priTemplate, 1004 pri_attr_count - pri_out_attr_count, 1005 &obj_nkp.nkp_in_private_attributes, &is_token_obj2); 1006 if (rv != CKR_OK) { 1007 goto failed_exit; 1008 } 1009 obj_nkp.nkp_in_private_count = pri_attr_count - pri_out_attr_count; 1010 1011 rv = process_object_attributes( 1012 &priTemplate[pri_attr_count - pri_out_attr_count], 1013 pri_out_attr_count, &obj_nkp.nkp_out_private_attributes, 1014 &is_token_obj2); 1015 if (rv != CKR_OK) { 1016 goto failed_exit; 1017 } 1018 obj_nkp.nkp_out_private_count = pri_out_attr_count; 1019 1020 /* 1021 * The public key and the private key need to contain the same 1022 * attribute values for CKA_TOKEN. 1023 */ 1024 if (is_token_obj1 != is_token_obj2) { 1025 rv = CKR_ATTRIBUTE_VALUE_INVALID; 1026 goto failed_exit; 1027 } 1028 1029 /* Call the CRYPTO_NOSTORE_GENERATE_KEY_PAIR ioctl. */ 1030 obj_nkp.nkp_session = session_p-> k_session; 1031 obj_nkp.nkp_mechanism.cm_type = k_mech_type; 1032 obj_nkp.nkp_mechanism.cm_param = pMechanism->pParameter; 1033 obj_nkp.nkp_mechanism.cm_param_len = pMechanism->ulParameterLen; 1034 1035 while ((r = ioctl(kernel_fd, CRYPTO_NOSTORE_GENERATE_KEY_PAIR, 1036 &obj_nkp)) < 0) { 1037 if (errno != EINTR) 1038 break; 1039 } 1040 if (r < 0) { 1041 rv = CKR_FUNCTION_FAILED; 1042 } else { 1043 rv = crypto2pkcs11_error_number(obj_nkp.nkp_return_value); 1044 } 1045 free_attributes(obj_nkp.nkp_in_public_attributes, 1046 &obj_nkp.nkp_in_public_count); 1047 free_attributes(obj_nkp.nkp_in_private_attributes, 1048 &obj_nkp.nkp_in_private_count); 1049 1050 if (rv != CKR_OK) { 1051 goto failed_exit; 1052 } 1053 1054 rv = get_object_attributes( 1055 &pubTemplate[pub_attr_count - pub_out_attr_count], 1056 pub_out_attr_count, obj_nkp.nkp_out_public_attributes); 1057 if (rv == CRYPTO_SUCCESS) { 1058 rv = get_object_attributes( 1059 &priTemplate[pri_attr_count - pri_out_attr_count], 1060 pri_out_attr_count, obj_nkp.nkp_out_private_attributes); 1061 } 1062 free_attributes(obj_nkp.nkp_out_public_attributes, 1063 &obj_nkp.nkp_out_public_count); 1064 free_attributes(obj_nkp.nkp_out_private_attributes, 1065 &obj_nkp.nkp_out_private_count); 1066 1067 if (rv != CRYPTO_SUCCESS) { 1068 goto failed_exit; 1069 } 1070 1071 rv = kernel_build_object(pubTemplate, pub_attr_count, new_pub_objp, 1072 session_p, KERNEL_GEN_KEY); 1073 if (rv != CRYPTO_SUCCESS) { 1074 goto failed_exit; 1075 } 1076 1077 /* 1078 * Copy CKA_BASE and CKA_PRIME from the public template 1079 * to the private template. 1080 */ 1081 rv = copy_attribute(CKA_BASE, pubTemplate, pub_attr_count, 1082 &priTemplate[pri_attr_count]); 1083 if (rv != CRYPTO_SUCCESS) { 1084 goto failed_exit; 1085 } 1086 rv = copy_attribute(CKA_PRIME, pubTemplate, pub_attr_count, 1087 &priTemplate[pri_attr_count + 1]); 1088 if (rv != CRYPTO_SUCCESS) { 1089 (void) free(priTemplate[pri_attr_count].pValue); 1090 goto failed_exit; 1091 } 1092 1093 /* +2 to account for CKA_BASE and CKA_PRIME */ 1094 rv = kernel_build_object(priTemplate, pri_attr_count + 2, 1095 new_pri_objp, session_p, KERNEL_GEN_KEY); 1096 (void) free(priTemplate[pri_attr_count].pValue); 1097 (void) free(priTemplate[pri_attr_count + 1].pValue); 1098 if (rv != CRYPTO_SUCCESS) { 1099 goto failed_exit; 1100 } 1101 (void) free(pubTemplate); 1102 (void) free(priTemplate); 1103 1104 new_pub_objp->is_lib_obj = B_TRUE; 1105 new_pri_objp->is_lib_obj = B_TRUE; 1106 new_pub_objp->session_handle = (CK_SESSION_HANDLE)session_p; 1107 new_pri_objp->session_handle = (CK_SESSION_HANDLE)session_p; 1108 (void) pthread_mutex_init(&new_pub_objp->object_mutex, NULL); 1109 new_pub_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 1110 (void) pthread_mutex_init(&new_pri_objp->object_mutex, NULL); 1111 new_pri_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 1112 return (CKR_OK); 1113 1114 failed_exit: 1115 free_attributes(obj_nkp.nkp_in_public_attributes, 1116 &obj_nkp.nkp_in_public_count); 1117 free_attributes(obj_nkp.nkp_out_public_attributes, 1118 &obj_nkp.nkp_out_public_count); 1119 free_attributes(obj_nkp.nkp_in_private_attributes, 1120 &obj_nkp.nkp_in_private_count); 1121 free_attributes(obj_nkp.nkp_out_private_attributes, 1122 &obj_nkp.nkp_out_private_count); 1123 if (pubTemplate != NULL) { 1124 (void) free(pubTemplate); 1125 } 1126 if (priTemplate != NULL) { 1127 (void) free(priTemplate); 1128 } 1129 return (rv); 1130 } 1131 1132 CK_RV 1133 key_gen_ec_by_value(CK_MECHANISM_PTR pMechanism, 1134 CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, 1135 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, 1136 kernel_session_t *session_p, crypto_mech_type_t k_mech_type, 1137 kernel_object_t *new_pub_objp, kernel_object_t *new_pri_objp) 1138 { 1139 crypto_nostore_generate_key_pair_t obj_nkp; 1140 CK_ATTRIBUTE_PTR pubTemplate = NULL; 1141 CK_ATTRIBUTE_PTR priTemplate = NULL; 1142 CK_RV rv = CKR_OK; 1143 CK_BBOOL is_token_obj1 = FALSE; 1144 CK_BBOOL is_token_obj2 = FALSE; 1145 uint_t pub_attr_count, pri_attr_count; 1146 uint_t pub_out_attr_count = 0, pri_out_attr_count = 0; 1147 char value[EC_MAX_VALUE_LEN]; 1148 char point[EC_MAX_POINT_LEN]; 1149 CK_ULONG pub_class = CKO_PUBLIC_KEY; 1150 CK_ULONG pri_class = CKO_PRIVATE_KEY; 1151 CK_ULONG key_type; 1152 boolean_t has_class, has_key_type; 1153 int n, r; 1154 1155 obj_nkp.nkp_in_public_count = 0; 1156 obj_nkp.nkp_out_public_count = 0; 1157 obj_nkp.nkp_in_private_count = 0; 1158 obj_nkp.nkp_out_private_count = 0; 1159 1160 /* 1161 * Add CKA_EC_POINT to the public template. 1162 * This is the generated value Q. This attribute 1163 * must not be in the template. 1164 */ 1165 if (attribute_in_template(CKA_EC_POINT, pPublicKeyTemplate, 1166 ulPublicKeyAttributeCount)) { 1167 rv = CKR_TEMPLATE_INCONSISTENT; 1168 goto failed_exit; 1169 } 1170 has_class = attribute_in_template(CKA_CLASS, pPublicKeyTemplate, 1171 ulPublicKeyAttributeCount); 1172 has_key_type = attribute_in_template(CKA_KEY_TYPE, pPublicKeyTemplate, 1173 ulPublicKeyAttributeCount); 1174 1175 pub_attr_count = ulPublicKeyAttributeCount + 1; 1176 if (!has_class) 1177 pub_attr_count++; 1178 if (!has_key_type) 1179 pub_attr_count++; 1180 pubTemplate = grow_template(pPublicKeyTemplate, 1181 ulPublicKeyAttributeCount, pub_attr_count); 1182 if (pubTemplate == NULL) { 1183 rv = CKR_HOST_MEMORY; 1184 goto failed_exit; 1185 } 1186 1187 n = ulPublicKeyAttributeCount; 1188 if (!has_class) { 1189 pubTemplate[n].type = CKA_CLASS; 1190 pubTemplate[n].pValue = (caddr_t)&pub_class; 1191 pubTemplate[n].ulValueLen = sizeof (pub_class); 1192 n++; 1193 } 1194 if (!has_key_type) { 1195 pubTemplate[n].type = CKA_KEY_TYPE; 1196 key_type = CKK_EC; 1197 pubTemplate[n].pValue = (caddr_t)&key_type; 1198 pubTemplate[n].ulValueLen = sizeof (key_type); 1199 n++; 1200 } 1201 pubTemplate[n].type = CKA_EC_POINT; 1202 pubTemplate[n].pValue = (caddr_t)point; 1203 pubTemplate[n].ulValueLen = sizeof (point); 1204 pub_out_attr_count++; 1205 1206 rv = process_object_attributes(pubTemplate, 1207 pub_attr_count - pub_out_attr_count, 1208 &obj_nkp.nkp_in_public_attributes, &is_token_obj1); 1209 if (rv != CKR_OK) { 1210 goto failed_exit; 1211 } 1212 obj_nkp.nkp_in_public_count = pub_attr_count - pub_out_attr_count; 1213 1214 rv = process_object_attributes( 1215 &pubTemplate[pub_attr_count - pub_out_attr_count], 1216 pub_out_attr_count, &obj_nkp.nkp_out_public_attributes, 1217 &is_token_obj1); 1218 if (rv != CKR_OK) { 1219 goto failed_exit; 1220 } 1221 obj_nkp.nkp_out_public_count = pub_out_attr_count; 1222 1223 /* 1224 * Cannot create a token object with a READ-ONLY 1225 * session. 1226 */ 1227 if (is_token_obj1 && session_p->ses_RO) { 1228 rv = CKR_SESSION_READ_ONLY; 1229 goto failed_exit; 1230 } 1231 1232 /* 1233 * CKA_EC_PARAMS and CKA_VALUE must not appear in 1234 * private template. 1235 */ 1236 if (attribute_in_template(CKA_EC_PARAMS, pPrivateKeyTemplate, 1237 ulPrivateKeyAttributeCount) || 1238 attribute_in_template(CKA_VALUE, pPrivateKeyTemplate, 1239 ulPrivateKeyAttributeCount)) { 1240 rv = CKR_TEMPLATE_INCONSISTENT; 1241 goto failed_exit; 1242 } 1243 has_class = attribute_in_template(CKA_CLASS, pPrivateKeyTemplate, 1244 ulPrivateKeyAttributeCount); 1245 has_key_type = attribute_in_template(CKA_KEY_TYPE, pPrivateKeyTemplate, 1246 ulPrivateKeyAttributeCount); 1247 1248 pri_attr_count = ulPrivateKeyAttributeCount + 1; 1249 if (!has_class) 1250 pri_attr_count++; 1251 if (!has_key_type) 1252 pri_attr_count++; 1253 1254 /* allocate space for CKA_EC_PARAMS */ 1255 priTemplate = grow_template(pPrivateKeyTemplate, 1256 ulPrivateKeyAttributeCount, pri_attr_count + 1); 1257 if (priTemplate == NULL) { 1258 rv = CKR_HOST_MEMORY; 1259 goto failed_exit; 1260 } 1261 n = ulPrivateKeyAttributeCount; 1262 if (!has_class) { 1263 priTemplate[n].type = CKA_CLASS; 1264 priTemplate[n].pValue = (caddr_t)&pri_class; 1265 priTemplate[n].ulValueLen = sizeof (pri_class); 1266 n++; 1267 } 1268 if (!has_key_type) { 1269 priTemplate[n].type = CKA_KEY_TYPE; 1270 key_type = CKK_EC; 1271 priTemplate[n].pValue = (caddr_t)&key_type; 1272 priTemplate[n].ulValueLen = sizeof (key_type); 1273 n++; 1274 } 1275 priTemplate[n].type = CKA_VALUE; 1276 priTemplate[n].pValue = (caddr_t)value; 1277 priTemplate[n].ulValueLen = sizeof (value); 1278 pri_out_attr_count++; 1279 1280 rv = process_object_attributes(priTemplate, 1281 pri_attr_count - pri_out_attr_count, 1282 &obj_nkp.nkp_in_private_attributes, &is_token_obj2); 1283 if (rv != CKR_OK) { 1284 goto failed_exit; 1285 } 1286 obj_nkp.nkp_in_private_count = pri_attr_count - pri_out_attr_count; 1287 1288 rv = process_object_attributes( 1289 &priTemplate[pri_attr_count - pri_out_attr_count], 1290 pri_out_attr_count, &obj_nkp.nkp_out_private_attributes, 1291 &is_token_obj2); 1292 if (rv != CKR_OK) { 1293 goto failed_exit; 1294 } 1295 obj_nkp.nkp_out_private_count = pri_out_attr_count; 1296 1297 /* 1298 * The public key and the private key need to contain the same 1299 * attribute values for CKA_TOKEN. 1300 */ 1301 if (is_token_obj1 != is_token_obj2) { 1302 rv = CKR_ATTRIBUTE_VALUE_INVALID; 1303 goto failed_exit; 1304 } 1305 1306 /* Call the CRYPTO_NOSTORE_GENERATE_KEY_PAIR ioctl. */ 1307 obj_nkp.nkp_session = session_p-> k_session; 1308 obj_nkp.nkp_mechanism.cm_type = k_mech_type; 1309 obj_nkp.nkp_mechanism.cm_param = pMechanism->pParameter; 1310 obj_nkp.nkp_mechanism.cm_param_len = pMechanism->ulParameterLen; 1311 1312 while ((r = ioctl(kernel_fd, CRYPTO_NOSTORE_GENERATE_KEY_PAIR, 1313 &obj_nkp)) < 0) { 1314 if (errno != EINTR) 1315 break; 1316 } 1317 if (r < 0) { 1318 rv = CKR_FUNCTION_FAILED; 1319 } else { 1320 rv = crypto2pkcs11_error_number(obj_nkp.nkp_return_value); 1321 } 1322 free_attributes(obj_nkp.nkp_in_public_attributes, 1323 &obj_nkp.nkp_in_public_count); 1324 free_attributes(obj_nkp.nkp_in_private_attributes, 1325 &obj_nkp.nkp_in_private_count); 1326 1327 if (rv != CKR_OK) { 1328 goto failed_exit; 1329 } 1330 1331 rv = get_object_attributes( 1332 &pubTemplate[pub_attr_count - pub_out_attr_count], 1333 pub_out_attr_count, obj_nkp.nkp_out_public_attributes); 1334 if (rv == CRYPTO_SUCCESS) { 1335 rv = get_object_attributes( 1336 &priTemplate[pri_attr_count - pri_out_attr_count], 1337 pri_out_attr_count, obj_nkp.nkp_out_private_attributes); 1338 } 1339 free_attributes(obj_nkp.nkp_out_public_attributes, 1340 &obj_nkp.nkp_out_public_count); 1341 free_attributes(obj_nkp.nkp_out_private_attributes, 1342 &obj_nkp.nkp_out_private_count); 1343 if (rv != CRYPTO_SUCCESS) { 1344 goto failed_exit; 1345 } 1346 1347 rv = kernel_build_object(pubTemplate, pub_attr_count, new_pub_objp, 1348 session_p, KERNEL_GEN_KEY); 1349 if (rv != CRYPTO_SUCCESS) { 1350 goto failed_exit; 1351 } 1352 1353 /* 1354 * Copy CKA_EC_PARAMS from the public template to the 1355 * private template. 1356 */ 1357 rv = copy_attribute(CKA_EC_PARAMS, pubTemplate, pub_attr_count, 1358 &priTemplate[pri_attr_count]); 1359 if (rv != CRYPTO_SUCCESS) { 1360 goto failed_exit; 1361 } 1362 1363 /* +1 to account for CKA_EC_PARAMS */ 1364 rv = kernel_build_object(priTemplate, pri_attr_count + 1, 1365 new_pri_objp, session_p, KERNEL_GEN_KEY); 1366 (void) free(priTemplate[pri_attr_count].pValue); 1367 if (rv != CRYPTO_SUCCESS) { 1368 goto failed_exit; 1369 } 1370 (void) free(pubTemplate); 1371 (void) free(priTemplate); 1372 1373 new_pub_objp->is_lib_obj = B_TRUE; 1374 new_pri_objp->is_lib_obj = B_TRUE; 1375 new_pub_objp->session_handle = (CK_SESSION_HANDLE)session_p; 1376 new_pri_objp->session_handle = (CK_SESSION_HANDLE)session_p; 1377 (void) pthread_mutex_init(&new_pub_objp->object_mutex, NULL); 1378 new_pub_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 1379 (void) pthread_mutex_init(&new_pri_objp->object_mutex, NULL); 1380 new_pri_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 1381 return (CKR_OK); 1382 1383 failed_exit: 1384 free_attributes(obj_nkp.nkp_in_public_attributes, 1385 &obj_nkp.nkp_in_public_count); 1386 free_attributes(obj_nkp.nkp_out_public_attributes, 1387 &obj_nkp.nkp_out_public_count); 1388 free_attributes(obj_nkp.nkp_in_private_attributes, 1389 &obj_nkp.nkp_in_private_count); 1390 free_attributes(obj_nkp.nkp_out_private_attributes, 1391 &obj_nkp.nkp_out_private_count); 1392 if (pubTemplate != NULL) { 1393 (void) free(pubTemplate); 1394 } 1395 if (priTemplate != NULL) { 1396 (void) free(priTemplate); 1397 } 1398 return (rv); 1399 } 1400 1401 CK_RV 1402 C_GenerateKeyPair(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1403 CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, 1404 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, 1405 CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey) 1406 { 1407 CK_RV rv = CKR_OK; 1408 kernel_session_t *session_p; 1409 kernel_object_t *new_pub_objp = NULL; 1410 kernel_object_t *new_pri_objp = NULL; 1411 kernel_slot_t *pslot; 1412 boolean_t ses_lock_held = B_FALSE; 1413 CK_BBOOL is_pri_obj1; 1414 CK_BBOOL is_pri_obj2; 1415 CK_BBOOL is_token_obj1 = FALSE; 1416 CK_BBOOL is_token_obj2 = FALSE; 1417 crypto_mech_type_t k_mech_type; 1418 int r; 1419 CK_RV (*func)(CK_MECHANISM_PTR, CK_ATTRIBUTE_PTR, CK_ULONG, 1420 CK_ATTRIBUTE_PTR, CK_ULONG, kernel_session_t *, crypto_mech_type_t, 1421 kernel_object_t *, kernel_object_t *); 1422 1423 if (!kernel_initialized) 1424 return (CKR_CRYPTOKI_NOT_INITIALIZED); 1425 1426 /* Obtain the session pointer. */ 1427 rv = handle2session(hSession, &session_p); 1428 if (rv != CKR_OK) 1429 return (rv); 1430 1431 if ((pMechanism == NULL) || (phPublicKey == NULL) || 1432 (phPrivateKey == NULL)) { 1433 rv = CKR_ARGUMENTS_BAD; 1434 goto failed_exit; 1435 } 1436 1437 if ((pPublicKeyTemplate == NULL) && (ulPublicKeyAttributeCount != 0)) { 1438 rv = CKR_ARGUMENTS_BAD; 1439 goto failed_exit; 1440 } 1441 1442 if ((pPrivateKeyTemplate == NULL) && 1443 (ulPrivateKeyAttributeCount != 0)) { 1444 rv = CKR_ARGUMENTS_BAD; 1445 goto failed_exit; 1446 } 1447 1448 /* Get the kernel's internal mechanism number. */ 1449 rv = kernel_mech(pMechanism->mechanism, &k_mech_type); 1450 if (rv != CKR_OK) { 1451 goto failed_exit; 1452 } 1453 1454 /* Create an object wrapper for the public key */ 1455 new_pub_objp = calloc(1, sizeof (kernel_object_t)); 1456 if (new_pub_objp == NULL) { 1457 rv = CKR_HOST_MEMORY; 1458 goto failed_exit; 1459 } 1460 1461 /* Create an object wrapper for the private key. */ 1462 new_pri_objp = calloc(1, sizeof (kernel_object_t)); 1463 if (new_pri_objp == NULL) { 1464 rv = CKR_HOST_MEMORY; 1465 goto failed_exit; 1466 } 1467 1468 /* 1469 * Special Case: if token does not support object creation, 1470 * but does support key generation by value, then create a session 1471 * object and initialize with values returned by token. 1472 */ 1473 pslot = slot_table[session_p->ses_slotid]; 1474 if (!pslot->sl_func_list.fl_object_create) { 1475 switch (pMechanism->mechanism) { 1476 case CKM_RSA_PKCS_KEY_PAIR_GEN: 1477 func = key_gen_rsa_by_value; 1478 break; 1479 1480 case CKM_DH_PKCS_KEY_PAIR_GEN: 1481 func = key_gen_dh_by_value; 1482 break; 1483 1484 case CKM_EC_KEY_PAIR_GEN: 1485 func = key_gen_ec_by_value; 1486 break; 1487 1488 default: 1489 rv = CKR_MECHANISM_INVALID; 1490 goto failed_exit; 1491 } 1492 rv = (*func)(pMechanism, pPublicKeyTemplate, 1493 ulPublicKeyAttributeCount, pPrivateKeyTemplate, 1494 ulPrivateKeyAttributeCount, session_p, k_mech_type, 1495 new_pub_objp, new_pri_objp); 1496 if (rv != CKR_OK) 1497 goto failed_exit; 1498 } else { 1499 crypto_object_generate_key_pair_t obj_kp; 1500 1501 /* Process the public key attributes. */ 1502 rv = process_object_attributes(pPublicKeyTemplate, 1503 ulPublicKeyAttributeCount, &obj_kp.kp_public_attributes, 1504 &is_token_obj1); 1505 if (rv != CKR_OK) { 1506 goto failed_exit; 1507 } 1508 1509 /* Cannot create a token object with a READ-ONLY session. */ 1510 if (is_token_obj1 && session_p->ses_RO) { 1511 free_object_attributes(obj_kp.kp_public_attributes, 1512 ulPublicKeyAttributeCount); 1513 rv = CKR_SESSION_READ_ONLY; 1514 goto failed_exit; 1515 } 1516 1517 /* Process the private key attributes. */ 1518 rv = process_object_attributes(pPrivateKeyTemplate, 1519 ulPrivateKeyAttributeCount, &obj_kp.kp_private_attributes, 1520 &is_token_obj2); 1521 if (rv != CKR_OK) { 1522 free_object_attributes(obj_kp.kp_public_attributes, 1523 ulPublicKeyAttributeCount); 1524 goto failed_exit; 1525 } 1526 1527 /* 1528 * The public key and the private key need to contain the same 1529 * attribute values for CKA_TOKEN. 1530 */ 1531 if (is_token_obj1 != is_token_obj2) { 1532 free_object_attributes(obj_kp.kp_public_attributes, 1533 ulPublicKeyAttributeCount); 1534 free_object_attributes(obj_kp.kp_private_attributes, 1535 ulPrivateKeyAttributeCount); 1536 rv = CKR_ATTRIBUTE_VALUE_INVALID; 1537 goto failed_exit; 1538 } 1539 1540 /* Call the CRYPTO_GENERATE_KEY_PAIR ioctl. */ 1541 obj_kp.kp_session = session_p-> k_session; 1542 obj_kp.kp_mechanism.cm_type = k_mech_type; 1543 obj_kp.kp_mechanism.cm_param = pMechanism->pParameter; 1544 obj_kp.kp_mechanism.cm_param_len = pMechanism->ulParameterLen; 1545 obj_kp.kp_public_count = ulPublicKeyAttributeCount; 1546 obj_kp.kp_private_count = ulPrivateKeyAttributeCount; 1547 1548 while ((r = ioctl(kernel_fd, CRYPTO_GENERATE_KEY_PAIR, 1549 &obj_kp)) < 0) { 1550 if (errno != EINTR) 1551 break; 1552 } 1553 if (r < 0) { 1554 rv = CKR_FUNCTION_FAILED; 1555 } else { 1556 rv = crypto2pkcs11_error_number(obj_kp.kp_return_value); 1557 } 1558 free_object_attributes(obj_kp.kp_public_attributes, 1559 ulPublicKeyAttributeCount); 1560 free_object_attributes(obj_kp.kp_private_attributes, 1561 ulPrivateKeyAttributeCount); 1562 1563 if (rv != CKR_OK) 1564 goto failed_exit; 1565 1566 /* Get the CKA_PRIVATE value for the key pair. */ 1567 rv = get_cka_private_value(session_p, obj_kp.kp_public_handle, 1568 &is_pri_obj1); 1569 if (rv != CKR_OK) { 1570 goto failed_exit; 1571 } 1572 1573 rv = get_cka_private_value(session_p, obj_kp.kp_private_handle, 1574 &is_pri_obj2); 1575 if (rv != CKR_OK) { 1576 goto failed_exit; 1577 } 1578 1579 /* 1580 * Store the kernel public key handle into the public key 1581 * object and finish the public key object initialization. 1582 */ 1583 new_pub_objp->is_lib_obj = B_FALSE; 1584 new_pub_objp->k_handle = obj_kp.kp_public_handle; 1585 new_pub_objp->session_handle = (CK_SESSION_HANDLE)session_p; 1586 new_pub_objp->extra_attrlistp = NULL; 1587 1588 if (is_pri_obj1) 1589 new_pub_objp->bool_attr_mask |= PRIVATE_BOOL_ON; 1590 else 1591 new_pub_objp->bool_attr_mask &= ~PRIVATE_BOOL_ON; 1592 1593 if (is_token_obj1) 1594 new_pub_objp->bool_attr_mask |= TOKEN_BOOL_ON; 1595 else 1596 new_pub_objp->bool_attr_mask &= ~TOKEN_BOOL_ON; 1597 1598 (void) pthread_mutex_init(&new_pub_objp->object_mutex, NULL); 1599 new_pub_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 1600 1601 /* 1602 * Store the kernel private key handle into the private key 1603 * object and finish the private key object initialization. 1604 */ 1605 new_pri_objp->is_lib_obj = B_FALSE; 1606 new_pri_objp->k_handle = obj_kp.kp_private_handle; 1607 new_pri_objp->session_handle = (CK_SESSION_HANDLE)session_p; 1608 new_pri_objp->extra_attrlistp = NULL; 1609 1610 if (is_pri_obj2) 1611 new_pri_objp->bool_attr_mask |= PRIVATE_BOOL_ON; 1612 else 1613 new_pri_objp->bool_attr_mask &= ~PRIVATE_BOOL_ON; 1614 1615 if (is_token_obj2) 1616 new_pri_objp->bool_attr_mask |= TOKEN_BOOL_ON; 1617 else 1618 new_pri_objp->bool_attr_mask &= ~TOKEN_BOOL_ON; 1619 1620 } 1621 (void) pthread_mutex_init(&new_pri_objp->object_mutex, NULL); 1622 new_pri_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 1623 1624 /* 1625 * Add the new pub/pri objects to the slot's token list if they are 1626 * token objects. Otherwise, add them to the session's object list. 1627 */ 1628 if (is_token_obj1) { /* is_token_obj1 == is_token_obj2 */ 1629 pslot = slot_table[session_p->ses_slotid]; 1630 kernel_add_token_object_to_slot(new_pub_objp, pslot); 1631 kernel_add_token_object_to_slot(new_pri_objp, pslot); 1632 } else { 1633 kernel_add_object_to_session(new_pub_objp, session_p); 1634 kernel_add_object_to_session(new_pri_objp, session_p); 1635 } 1636 1637 *phPublicKey = (CK_OBJECT_HANDLE)new_pub_objp; 1638 *phPrivateKey = (CK_OBJECT_HANDLE)new_pri_objp; 1639 REFRELE(session_p, ses_lock_held); 1640 return (rv); 1641 1642 failed_exit: 1643 if (new_pub_objp != NULL) { 1644 (void) free(new_pub_objp); 1645 } 1646 if (new_pri_objp != NULL) { 1647 (void) free(new_pri_objp); 1648 } 1649 REFRELE(session_p, ses_lock_held); 1650 return (rv); 1651 } 1652 1653 1654 CK_RV 1655 C_WrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1656 CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, 1657 CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen) 1658 { 1659 CK_RV rv = CKR_OK; 1660 kernel_session_t *session_p; 1661 boolean_t ses_lock_held = B_FALSE; 1662 kernel_object_t *wrappingkey_p; 1663 kernel_object_t *key_p; 1664 crypto_mech_type_t k_mech_type; 1665 crypto_object_wrap_key_t obj_wrapkey; 1666 int r; 1667 1668 if (!kernel_initialized) 1669 return (CKR_CRYPTOKI_NOT_INITIALIZED); 1670 1671 if (pulWrappedKeyLen == NULL || pMechanism == NULL) { 1672 return (CKR_ARGUMENTS_BAD); 1673 } 1674 1675 /* 1676 * Obtain the session pointer. Also, increment the session 1677 * reference count. 1678 */ 1679 rv = handle2session(hSession, &session_p); 1680 if (rv != CKR_OK) 1681 return (rv); 1682 1683 /* Get the kernel's internal mechanism number. */ 1684 rv = kernel_mech(pMechanism->mechanism, &k_mech_type); 1685 if (rv != CKR_OK) { 1686 REFRELE(session_p, ses_lock_held); 1687 return (rv); 1688 } 1689 1690 /* Obtain the wrapping key object pointer. */ 1691 HANDLE2OBJECT(hWrappingKey, wrappingkey_p, rv); 1692 if (rv != CKR_OK) { 1693 REFRELE(session_p, ses_lock_held); 1694 return (rv); 1695 } 1696 1697 /* Obtain the to_be_wrapped key object pointer. */ 1698 HANDLE2OBJECT(hKey, key_p, rv); 1699 if (rv != CKR_OK) { 1700 OBJ_REFRELE(wrappingkey_p); 1701 REFRELE(session_p, ses_lock_held); 1702 return (rv); 1703 } 1704 1705 /* Make the CRYPTO_OBJECT_WRAP_KEY ioctl call. */ 1706 obj_wrapkey.wk_session = session_p->k_session; 1707 obj_wrapkey.wk_mechanism.cm_type = k_mech_type; 1708 obj_wrapkey.wk_mechanism.cm_param = pMechanism->pParameter; 1709 obj_wrapkey.wk_mechanism.cm_param_len = pMechanism->ulParameterLen; 1710 obj_wrapkey.wk_wrapping_key.ck_format = CRYPTO_KEY_REFERENCE; 1711 obj_wrapkey.wk_wrapping_key.ck_obj_id = wrappingkey_p->k_handle; 1712 obj_wrapkey.wk_object_handle = key_p->k_handle; 1713 obj_wrapkey.wk_wrapped_key_len = *pulWrappedKeyLen; 1714 obj_wrapkey.wk_wrapped_key = (char *)pWrappedKey; 1715 1716 while ((r = ioctl(kernel_fd, CRYPTO_WRAP_KEY, &obj_wrapkey)) < 0) { 1717 if (errno != EINTR) 1718 break; 1719 } 1720 if (r < 0) { 1721 rv = CKR_FUNCTION_FAILED; 1722 } else { 1723 rv = crypto2pkcs11_error_number(obj_wrapkey.wk_return_value); 1724 } 1725 1726 /* 1727 * Besides rv == CKR_OK, we will set the value of pulWrappedKeyLen 1728 * when the applciation-supplied wrapped key buffer is too small. 1729 * The situation that the application only asks for the length of 1730 * the wrapped key is covered in rv == CKR_OK. 1731 */ 1732 if (rv == CKR_OK || rv == CKR_BUFFER_TOO_SMALL) { 1733 *pulWrappedKeyLen = obj_wrapkey.wk_wrapped_key_len; 1734 } 1735 1736 OBJ_REFRELE(key_p); 1737 OBJ_REFRELE(wrappingkey_p); 1738 REFRELE(session_p, ses_lock_held); 1739 return (rv); 1740 } 1741 1742 1743 CK_RV 1744 C_UnwrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 1745 CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey, 1746 CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate, 1747 CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey) 1748 { 1749 CK_RV rv = CKR_OK; 1750 kernel_session_t *session_p; 1751 kernel_object_t *unwrappingkey_p; 1752 kernel_object_t *new_objp = NULL; 1753 kernel_slot_t *pslot; 1754 boolean_t ses_lock_held = B_FALSE; 1755 CK_BBOOL is_pri_obj; 1756 CK_BBOOL is_token_obj = FALSE; 1757 CK_MECHANISM_INFO info; 1758 uint32_t k_mi_flags; 1759 CK_BYTE *clear_key_val = NULL; 1760 CK_ULONG ulDataLen; 1761 CK_ATTRIBUTE_PTR newTemplate = NULL; 1762 crypto_mech_type_t k_mech_type; 1763 crypto_object_unwrap_key_t obj_unwrapkey; 1764 int r; 1765 1766 if (!kernel_initialized) 1767 return (CKR_CRYPTOKI_NOT_INITIALIZED); 1768 1769 if (pMechanism == NULL || pWrappedKey == NULL || phKey == NULL) { 1770 return (CKR_ARGUMENTS_BAD); 1771 } 1772 1773 if ((pTemplate == NULL) && (ulAttributeCount != 0)) { 1774 return (CKR_ARGUMENTS_BAD); 1775 } 1776 1777 /* Obtain the session pointer. */ 1778 rv = handle2session(hSession, &session_p); 1779 if (rv != CKR_OK) 1780 return (rv); 1781 1782 /* Obtain the wrapping key object pointer. */ 1783 HANDLE2OBJECT(hUnwrappingKey, unwrappingkey_p, rv); 1784 if (rv != CKR_OK) { 1785 REFRELE(session_p, ses_lock_held); 1786 return (rv); 1787 } 1788 1789 /* 1790 * If the HW provider doesn't support C_UnwrapKey, we will try 1791 * to emulate it in the library. 1792 */ 1793 pslot = slot_table[session_p->ses_slotid]; 1794 if ((!pslot->sl_func_list.fl_object_create) && 1795 (!pslot->sl_func_list.fl_key_unwrap)) { 1796 rv = get_mechanism_info(pslot, pMechanism->mechanism, &info, 1797 &k_mi_flags); 1798 if (rv != CKR_OK) { 1799 goto failed_exit; 1800 } 1801 1802 /* 1803 * If the mechanism flag doesn't have CKF_UNWRAP, and it's 1804 * an unwrapping of a secret key object, then help this 1805 * out with a decryption followed by an object creation. 1806 */ 1807 if (!(k_mi_flags & CRYPTO_FG_UNWRAP) && 1808 (k_mi_flags & CRYPTO_FG_DECRYPT) && 1809 (is_secret_key_template(pTemplate, ulAttributeCount))) { 1810 1811 /* First allocate space for the recovered key value */ 1812 clear_key_val = malloc(ulWrappedKeyLen); 1813 if (clear_key_val == NULL) { 1814 rv = CKR_HOST_MEMORY; 1815 goto failed_exit; 1816 } 1817 1818 rv = kernel_decrypt_init(session_p, unwrappingkey_p, 1819 pMechanism); 1820 if (rv != CKR_OK) { 1821 goto failed_exit; 1822 } 1823 1824 ulDataLen = ulWrappedKeyLen; 1825 rv = kernel_decrypt(session_p, pWrappedKey, 1826 ulWrappedKeyLen, clear_key_val, &ulDataLen); 1827 if (rv != CKR_OK) { 1828 goto failed_exit; 1829 } 1830 1831 newTemplate = grow_template(pTemplate, ulAttributeCount, 1832 ulAttributeCount + 1); 1833 if (newTemplate == NULL) { 1834 rv = CKR_HOST_MEMORY; 1835 goto failed_exit; 1836 } 1837 /* Now add the CKA_VALUE attribute to template */ 1838 newTemplate[ulAttributeCount].type = CKA_VALUE; 1839 newTemplate[ulAttributeCount].pValue = clear_key_val; 1840 newTemplate[ulAttributeCount].ulValueLen = ulDataLen; 1841 1842 /* Finally create the key, based on the new template */ 1843 rv = kernel_add_object(newTemplate, 1844 ulAttributeCount + 1, phKey, session_p); 1845 (void) free(clear_key_val); 1846 (void) free(newTemplate); 1847 OBJ_REFRELE(unwrappingkey_p); 1848 REFRELE(session_p, ses_lock_held); 1849 return (rv); 1850 } else { 1851 rv = CKR_FUNCTION_FAILED; 1852 goto failed_exit; 1853 } 1854 } 1855 1856 /* 1857 * If we come here, the HW provider must have registered the unwrapkey 1858 * entry. Therefore, the unwrap key will be performed in the HW 1859 * provider. 1860 */ 1861 rv = kernel_mech(pMechanism->mechanism, &k_mech_type); 1862 if (rv != CKR_OK) { 1863 goto failed_exit; 1864 } 1865 1866 /* Create an object wrapper for the new key in the library first */ 1867 new_objp = calloc(1, sizeof (kernel_object_t)); 1868 if (new_objp == NULL) { 1869 rv = CKR_HOST_MEMORY; 1870 goto failed_exit; 1871 } 1872 1873 /* Process the attributes */ 1874 rv = process_object_attributes(pTemplate, ulAttributeCount, 1875 &obj_unwrapkey.uk_attributes, &is_token_obj); 1876 if (rv != CKR_OK) { 1877 goto failed_exit; 1878 } 1879 1880 /* Cannot create a token object with a READ-ONLY session. */ 1881 if (is_token_obj && session_p->ses_RO) { 1882 free_object_attributes(obj_unwrapkey.uk_attributes, 1883 ulAttributeCount); 1884 rv = CKR_SESSION_READ_ONLY; 1885 goto failed_exit; 1886 } 1887 1888 /* Make the CRYPTO_UNWRAP_KEY ioctl call. */ 1889 obj_unwrapkey.uk_session = session_p->k_session; 1890 obj_unwrapkey.uk_mechanism.cm_type = k_mech_type; 1891 obj_unwrapkey.uk_mechanism.cm_param = pMechanism->pParameter; 1892 obj_unwrapkey.uk_mechanism.cm_param_len = pMechanism->ulParameterLen; 1893 obj_unwrapkey.uk_unwrapping_key.ck_format = CRYPTO_KEY_REFERENCE; 1894 obj_unwrapkey.uk_unwrapping_key.ck_obj_id = unwrappingkey_p->k_handle; 1895 obj_unwrapkey.uk_wrapped_key = (char *)pWrappedKey; 1896 obj_unwrapkey.uk_wrapped_key_len = ulWrappedKeyLen; 1897 obj_unwrapkey.uk_count = ulAttributeCount; 1898 1899 while ((r = ioctl(kernel_fd, CRYPTO_UNWRAP_KEY, &obj_unwrapkey)) < 0) { 1900 if (errno != EINTR) 1901 break; 1902 } 1903 if (r < 0) { 1904 rv = CKR_FUNCTION_FAILED; 1905 } else { 1906 rv = crypto2pkcs11_error_number(obj_unwrapkey.uk_return_value); 1907 } 1908 1909 free_object_attributes(obj_unwrapkey.uk_attributes, ulAttributeCount); 1910 if (rv != CKR_OK) { 1911 goto failed_exit; 1912 } 1913 1914 /* Get the CKA_PRIVATE value for the unwrapped key. */ 1915 rv = get_cka_private_value(session_p, obj_unwrapkey.uk_object_handle, 1916 &is_pri_obj); 1917 if (rv != CKR_OK) { 1918 goto failed_exit; 1919 } 1920 1921 /* 1922 * Store the kernel object handle in the new key object wrapper and 1923 * initialize it. 1924 */ 1925 new_objp->k_handle = obj_unwrapkey.uk_object_handle; 1926 new_objp->is_lib_obj = B_FALSE; 1927 new_objp->session_handle = (CK_SESSION_HANDLE)session_p; 1928 new_objp->extra_attrlistp = NULL; 1929 1930 if (is_pri_obj) 1931 new_objp->bool_attr_mask |= PRIVATE_BOOL_ON; 1932 else 1933 new_objp->bool_attr_mask &= ~PRIVATE_BOOL_ON; 1934 1935 if (is_token_obj) 1936 new_objp->bool_attr_mask |= TOKEN_BOOL_ON; 1937 else 1938 new_objp->bool_attr_mask &= ~TOKEN_BOOL_ON; 1939 1940 (void) pthread_mutex_init(&new_objp->object_mutex, NULL); 1941 new_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 1942 1943 /* 1944 * Add the new object to the slot's token object list if it is a 1945 * a token object. Otherwise, add it to the session's object list. 1946 */ 1947 if (is_token_obj) { 1948 pslot = slot_table[session_p->ses_slotid]; 1949 kernel_add_token_object_to_slot(new_objp, pslot); 1950 } else { 1951 kernel_add_object_to_session(new_objp, session_p); 1952 } 1953 1954 *phKey = (CK_OBJECT_HANDLE)new_objp; 1955 OBJ_REFRELE(unwrappingkey_p); 1956 REFRELE(session_p, ses_lock_held); 1957 return (rv); 1958 1959 failed_exit: 1960 OBJ_REFRELE(unwrappingkey_p); 1961 if (new_objp != NULL) 1962 (void) free(new_objp); 1963 1964 if (clear_key_val != NULL) 1965 (void) free(clear_key_val); 1966 1967 if (newTemplate != NULL) 1968 (void) free(newTemplate); 1969 1970 REFRELE(session_p, ses_lock_held); 1971 return (rv); 1972 } 1973 1974 /* 1975 * Get sufficient attributes from a base key to pass by value in a 1976 * crypto_key structure. Storage for attributes is allocated. 1977 * For EC public keys, it is CKA_EC_PARAMS and CKA_EC_POINT. 1978 * For EC private keys, it is CKA_EC_PARAMS and CKA_VALUE. 1979 */ 1980 static int 1981 get_base_key_attributes(kernel_object_t *base_key, crypto_key_t *key_by_value) 1982 { 1983 CK_ATTRIBUTE tmp; 1984 crypto_object_attribute_t *attrs = NULL; 1985 biginteger_t *big; 1986 int i, count = 0, rv; 1987 1988 switch (base_key->key_type) { 1989 case CKK_EC: 1990 count = 2; 1991 attrs = malloc(count * sizeof (crypto_object_attribute_t)); 1992 if (attrs == NULL) { 1993 rv = CKR_HOST_MEMORY; 1994 goto out; 1995 } 1996 bzero(attrs, count * sizeof (crypto_object_attribute_t)); 1997 1998 (void) pthread_mutex_lock(&base_key->object_mutex); 1999 2000 if (!base_key->is_lib_obj) { 2001 rv = CRYPTO_ARGUMENTS_BAD; 2002 goto out; 2003 } 2004 2005 if (base_key->class != CKO_PUBLIC_KEY && 2006 base_key->class != CKO_PRIVATE_KEY) { 2007 rv = CRYPTO_ARGUMENTS_BAD; 2008 goto out; 2009 } 2010 2011 /* 2012 * Both public and private EC keys should have 2013 * a CKA_EC_PARAMS attribute. 2014 */ 2015 tmp.type = CKA_EC_PARAMS; 2016 tmp.pValue = NULL; 2017 2018 /* get size of attribute */ 2019 rv = kernel_get_attribute(base_key, &tmp); 2020 if (rv != CKR_OK) { 2021 goto out; 2022 } 2023 2024 tmp.pValue = malloc(tmp.ulValueLen); 2025 if (tmp.pValue == NULL) { 2026 rv = CKR_HOST_MEMORY; 2027 goto out; 2028 } 2029 rv = kernel_get_attribute(base_key, &tmp); 2030 if (rv != CKR_OK) { 2031 free(tmp.pValue); 2032 goto out; 2033 } 2034 attrs[0].oa_type = tmp.type; 2035 attrs[0].oa_value = tmp.pValue; 2036 attrs[0].oa_value_len = tmp.ulValueLen; 2037 2038 switch (base_key->class) { 2039 case CKO_PUBLIC_KEY: 2040 big = OBJ_PUB_EC_POINT(base_key); 2041 tmp.type = CKA_EC_POINT; 2042 break; 2043 2044 case CKO_PRIVATE_KEY: 2045 big = OBJ_PRI_EC_VALUE(base_key); 2046 tmp.type = CKA_VALUE; 2047 break; 2048 2049 default: 2050 rv = CKR_ATTRIBUTE_TYPE_INVALID; 2051 goto out; 2052 } 2053 tmp.ulValueLen = big->big_value_len; 2054 tmp.pValue = malloc(tmp.ulValueLen); 2055 if (tmp.pValue == NULL) { 2056 rv = CKR_HOST_MEMORY; 2057 goto out; 2058 } 2059 rv = kernel_get_attribute(base_key, &tmp); 2060 if (rv != CKR_OK) { 2061 free(tmp.pValue); 2062 goto out; 2063 } 2064 attrs[1].oa_type = tmp.type; 2065 attrs[1].oa_value = tmp.pValue; 2066 attrs[1].oa_value_len = tmp.ulValueLen; 2067 key_by_value->ck_attrs = attrs; 2068 key_by_value->ck_count = 2; 2069 break; 2070 2071 case CKK_DH: 2072 count = 3; 2073 attrs = malloc(count * sizeof (crypto_object_attribute_t)); 2074 if (attrs == NULL) { 2075 rv = CKR_HOST_MEMORY; 2076 goto out; 2077 } 2078 bzero(attrs, count * sizeof (crypto_object_attribute_t)); 2079 2080 (void) pthread_mutex_lock(&base_key->object_mutex); 2081 2082 if (!base_key->is_lib_obj) { 2083 rv = CRYPTO_ARGUMENTS_BAD; 2084 goto out; 2085 } 2086 2087 if (base_key->class != CKO_PRIVATE_KEY) { 2088 rv = CRYPTO_ARGUMENTS_BAD; 2089 goto out; 2090 } 2091 tmp.type = CKA_BASE; 2092 tmp.pValue = NULL; 2093 2094 /* get size of attribute */ 2095 rv = kernel_get_attribute(base_key, &tmp); 2096 if (rv != CKR_OK) { 2097 goto out; 2098 } 2099 2100 tmp.pValue = malloc(tmp.ulValueLen); 2101 if (tmp.pValue == NULL) { 2102 rv = CKR_HOST_MEMORY; 2103 goto out; 2104 } 2105 rv = kernel_get_attribute(base_key, &tmp); 2106 if (rv != CKR_OK) { 2107 free(tmp.pValue); 2108 goto out; 2109 } 2110 attrs[0].oa_type = tmp.type; 2111 attrs[0].oa_value = tmp.pValue; 2112 attrs[0].oa_value_len = tmp.ulValueLen; 2113 2114 tmp.type = CKA_PRIME; 2115 tmp.pValue = NULL; 2116 2117 /* get size of attribute */ 2118 rv = kernel_get_attribute(base_key, &tmp); 2119 if (rv != CKR_OK) { 2120 goto out; 2121 } 2122 2123 tmp.pValue = malloc(tmp.ulValueLen); 2124 if (tmp.pValue == NULL) { 2125 rv = CKR_HOST_MEMORY; 2126 goto out; 2127 } 2128 rv = kernel_get_attribute(base_key, &tmp); 2129 if (rv != CKR_OK) { 2130 free(tmp.pValue); 2131 goto out; 2132 } 2133 attrs[1].oa_type = tmp.type; 2134 attrs[1].oa_value = tmp.pValue; 2135 attrs[1].oa_value_len = tmp.ulValueLen; 2136 2137 big = OBJ_PRI_DH_VALUE(base_key); 2138 tmp.type = CKA_VALUE; 2139 2140 tmp.ulValueLen = big->big_value_len; 2141 tmp.pValue = malloc(tmp.ulValueLen); 2142 if (tmp.pValue == NULL) { 2143 rv = CKR_HOST_MEMORY; 2144 goto out; 2145 } 2146 rv = kernel_get_attribute(base_key, &tmp); 2147 if (rv != CKR_OK) { 2148 free(tmp.pValue); 2149 goto out; 2150 } 2151 attrs[2].oa_type = tmp.type; 2152 attrs[2].oa_value = tmp.pValue; 2153 attrs[2].oa_value_len = tmp.ulValueLen; 2154 key_by_value->ck_attrs = attrs; 2155 key_by_value->ck_count = 3; 2156 break; 2157 2158 default: 2159 rv = CKR_ATTRIBUTE_TYPE_INVALID; 2160 goto out; 2161 } 2162 (void) pthread_mutex_unlock(&base_key->object_mutex); 2163 return (CKR_OK); 2164 2165 out: 2166 (void) pthread_mutex_unlock(&base_key->object_mutex); 2167 if (attrs != NULL) { 2168 for (i = 0; i < count; i++) { 2169 if (attrs[i].oa_value != NULL) 2170 free(attrs[i].oa_value); 2171 } 2172 free(attrs); 2173 } 2174 return (rv); 2175 } 2176 2177 CK_RV 2178 derive_key_by_value(CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, 2179 CK_ULONG ulAttributeCount, kernel_session_t *session_p, 2180 crypto_mech_type_t k_mech_type, kernel_object_t *basekey_p, 2181 kernel_object_t *new_objp) 2182 { 2183 crypto_nostore_derive_key_t obj_ndk; 2184 char *key_buf = NULL; 2185 CK_ATTRIBUTE_PTR newTemplate = NULL; 2186 CK_BBOOL is_token_obj = FALSE; 2187 CK_RV rv = CKR_OK; 2188 CK_ULONG secret_class = CKO_SECRET_KEY; 2189 ulong_t key_len = 0; 2190 uint_t attr_count = 0; 2191 boolean_t removed; 2192 boolean_t has_class; 2193 int r, n; 2194 2195 obj_ndk.ndk_in_count = 0; 2196 obj_ndk.ndk_out_count = 0; 2197 obj_ndk.ndk_base_key.ck_count = 0; 2198 2199 rv = get_key_len_from_template(pMechanism, pTemplate, ulAttributeCount, 2200 basekey_p, &key_len); 2201 if (rv != CKR_OK) { 2202 goto failed_exit; 2203 } 2204 2205 if ((key_buf = malloc(key_len)) == NULL) { 2206 rv = CKR_HOST_MEMORY; 2207 goto failed_exit; 2208 } 2209 2210 has_class = attribute_in_template(CKA_CLASS, pTemplate, 2211 ulAttributeCount); 2212 2213 attr_count = ulAttributeCount + 1; 2214 if (!has_class) 2215 attr_count++; 2216 2217 newTemplate = grow_template(pTemplate, ulAttributeCount, attr_count); 2218 if (newTemplate == NULL) { 2219 rv = CKR_HOST_MEMORY; 2220 goto failed_exit; 2221 } 2222 2223 n = ulAttributeCount; 2224 if (!has_class) { 2225 newTemplate[n].type = CKA_CLASS; 2226 newTemplate[n].pValue = (caddr_t)&secret_class; 2227 newTemplate[n].ulValueLen = sizeof (secret_class); 2228 n++; 2229 } 2230 2231 /* Add CKA_VALUE to the template */ 2232 newTemplate[n].type = CKA_VALUE; 2233 newTemplate[n].pValue = (caddr_t)key_buf; 2234 newTemplate[n].ulValueLen = key_len; 2235 2236 rv = process_object_attributes(newTemplate, attr_count - 1, 2237 &obj_ndk.ndk_in_attributes, &is_token_obj); 2238 if (rv != CKR_OK) { 2239 goto failed_exit; 2240 } 2241 obj_ndk.ndk_in_count = attr_count - 1; 2242 2243 rv = process_object_attributes(&newTemplate[attr_count - 1], 2244 1, &obj_ndk.ndk_out_attributes, &is_token_obj); 2245 if (rv != CKR_OK) { 2246 goto failed_exit; 2247 } 2248 obj_ndk.ndk_out_count = 1; 2249 2250 /* Cannot create a token object with a READ-ONLY session. */ 2251 if (is_token_obj && session_p->ses_RO) { 2252 rv = CKR_SESSION_READ_ONLY; 2253 goto failed_exit; 2254 } 2255 2256 obj_ndk.ndk_session = session_p->k_session; 2257 obj_ndk.ndk_mechanism.cm_type = k_mech_type; 2258 obj_ndk.ndk_mechanism.cm_param = pMechanism->pParameter; 2259 obj_ndk.ndk_mechanism.cm_param_len = pMechanism->ulParameterLen; 2260 2261 /* 2262 * Obtain the attributes of base key and pass them by value. 2263 */ 2264 rv = get_base_key_attributes(basekey_p, &obj_ndk.ndk_base_key); 2265 if (rv != CKR_OK) { 2266 goto failed_exit; 2267 } 2268 2269 obj_ndk.ndk_base_key.ck_format = CRYPTO_KEY_ATTR_LIST; 2270 2271 while ((r = ioctl(kernel_fd, CRYPTO_NOSTORE_DERIVE_KEY, 2272 &obj_ndk)) < 0) { 2273 if (errno != EINTR) 2274 break; 2275 } 2276 if (r < 0) { 2277 rv = CKR_FUNCTION_FAILED; 2278 } else { 2279 rv = crypto2pkcs11_error_number(obj_ndk.ndk_return_value); 2280 } 2281 free_attributes(obj_ndk.ndk_in_attributes, &obj_ndk.ndk_in_count); 2282 free_attributes((caddr_t)obj_ndk.ndk_base_key.ck_attrs, 2283 &obj_ndk.ndk_base_key.ck_count); 2284 if (rv != CKR_OK) { 2285 goto failed_exit; 2286 } 2287 2288 rv = get_object_attributes(&newTemplate[attr_count - 1], 2289 1, obj_ndk.ndk_out_attributes); 2290 free_attributes(obj_ndk.ndk_out_attributes, &obj_ndk.ndk_out_count); 2291 if (rv != CRYPTO_SUCCESS) { 2292 goto failed_exit; 2293 } 2294 2295 removed = remove_one_attribute(newTemplate, CKA_VALUE_LEN, 2296 attr_count, B_FALSE); 2297 2298 rv = kernel_build_object(newTemplate, removed ? attr_count - 1 : 2299 attr_count, new_objp, session_p, KERNEL_GEN_KEY); 2300 if (rv != CRYPTO_SUCCESS) { 2301 goto failed_exit; 2302 } 2303 2304 free(key_buf); 2305 free(newTemplate); 2306 new_objp->is_lib_obj = B_TRUE; 2307 new_objp->session_handle = (CK_SESSION_HANDLE)session_p; 2308 return (CKR_OK); 2309 2310 failed_exit: 2311 if (key_buf != NULL) 2312 free(key_buf); 2313 if (newTemplate != NULL) 2314 free(newTemplate); 2315 free_attributes(obj_ndk.ndk_in_attributes, &obj_ndk.ndk_in_count); 2316 free_attributes(obj_ndk.ndk_out_attributes, &obj_ndk.ndk_out_count); 2317 free_attributes((caddr_t)obj_ndk.ndk_base_key.ck_attrs, 2318 &obj_ndk.ndk_base_key.ck_count); 2319 return (rv); 2320 } 2321 2322 CK_RV 2323 C_DeriveKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 2324 CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate, 2325 CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey) 2326 { 2327 CK_RV rv = CKR_OK; 2328 kernel_session_t *session_p; 2329 kernel_object_t *basekey_p; 2330 kernel_object_t *new_objp; 2331 kernel_slot_t *pslot; 2332 boolean_t ses_lock_held = B_FALSE; 2333 CK_BBOOL is_pri_obj; 2334 CK_BBOOL is_token_obj = FALSE; 2335 crypto_mech_type_t k_mech_type; 2336 int r; 2337 2338 if (!kernel_initialized) 2339 return (CKR_CRYPTOKI_NOT_INITIALIZED); 2340 2341 /* Obtain the session pointer. */ 2342 rv = handle2session(hSession, &session_p); 2343 if (rv != CKR_OK) 2344 return (rv); 2345 2346 if (pMechanism == NULL) { 2347 REFRELE(session_p, ses_lock_held); 2348 return (CKR_ARGUMENTS_BAD); 2349 } 2350 2351 if ((pTemplate == NULL && ulAttributeCount != 0) || 2352 (pTemplate != NULL && ulAttributeCount == 0)) { 2353 REFRELE(session_p, ses_lock_held); 2354 return (CKR_ARGUMENTS_BAD); 2355 } 2356 2357 /* Obtain the base key object pointer. */ 2358 HANDLE2OBJECT(hBaseKey, basekey_p, rv); 2359 if (rv != CKR_OK) { 2360 REFRELE(session_p, ses_lock_held); 2361 return (rv); 2362 } 2363 2364 /* Get the kernel's internal mechanism number. */ 2365 rv = kernel_mech(pMechanism->mechanism, &k_mech_type); 2366 if (rv != CKR_OK) { 2367 goto failed_exit; 2368 } 2369 2370 /* Create an object wrapper in the library for the generated key. */ 2371 new_objp = calloc(1, sizeof (kernel_object_t)); 2372 if (new_objp == NULL) { 2373 rv = CKR_HOST_MEMORY; 2374 goto failed_exit; 2375 } 2376 2377 /* 2378 * Special Case: if token does not support object creation, 2379 * but does support key derivation by value, then create a session 2380 * object and initialize with values returned by token. 2381 */ 2382 pslot = slot_table[session_p->ses_slotid]; 2383 if (!pslot->sl_func_list.fl_object_create) { 2384 rv = derive_key_by_value(pMechanism, pTemplate, 2385 ulAttributeCount, session_p, k_mech_type, basekey_p, 2386 new_objp); 2387 if (rv != CKR_OK) 2388 goto failed_exit; 2389 } else { 2390 crypto_derive_key_t obj_dk; 2391 2392 rv = process_object_attributes(pTemplate, ulAttributeCount, 2393 &obj_dk.dk_attributes, &is_token_obj); 2394 if (rv != CKR_OK) { 2395 goto failed_exit; 2396 } 2397 2398 /* Cannot create a token object with a READ-ONLY session. */ 2399 if (is_token_obj && session_p->ses_RO) { 2400 free_object_attributes(obj_dk.dk_attributes, 2401 ulAttributeCount); 2402 rv = CKR_SESSION_READ_ONLY; 2403 goto failed_exit; 2404 } 2405 2406 obj_dk.dk_session = session_p->k_session; 2407 obj_dk.dk_mechanism.cm_type = k_mech_type; 2408 obj_dk.dk_mechanism.cm_param = pMechanism->pParameter; 2409 obj_dk.dk_mechanism.cm_param_len = pMechanism->ulParameterLen; 2410 obj_dk.dk_base_key.ck_format = CRYPTO_KEY_REFERENCE; 2411 obj_dk.dk_base_key.ck_obj_id = basekey_p->k_handle; 2412 obj_dk.dk_count = ulAttributeCount; 2413 2414 while ((r = ioctl(kernel_fd, CRYPTO_DERIVE_KEY, &obj_dk)) < 0) { 2415 if (errno != EINTR) 2416 break; 2417 } 2418 if (r < 0) { 2419 rv = CKR_FUNCTION_FAILED; 2420 } else { 2421 rv = crypto2pkcs11_error_number(obj_dk.dk_return_value); 2422 } 2423 2424 free_object_attributes(obj_dk.dk_attributes, ulAttributeCount); 2425 if (rv != CKR_OK) { 2426 goto failed_exit; 2427 } 2428 2429 /* Get the CKA_PRIVATE value for the derived key. */ 2430 rv = get_cka_private_value(session_p, obj_dk.dk_object_handle, 2431 &is_pri_obj); 2432 if (rv != CKR_OK) { 2433 goto failed_exit; 2434 } 2435 2436 /* 2437 * Store the kernel object handle into the new derived key 2438 * object and finish the object initialization. 2439 */ 2440 new_objp->is_lib_obj = B_FALSE; 2441 new_objp->k_handle = obj_dk.dk_object_handle; 2442 new_objp->session_handle = (CK_SESSION_HANDLE)session_p; 2443 new_objp->extra_attrlistp = NULL; 2444 2445 if (is_pri_obj) 2446 new_objp->bool_attr_mask |= PRIVATE_BOOL_ON; 2447 else 2448 new_objp->bool_attr_mask &= ~PRIVATE_BOOL_ON; 2449 2450 if (is_token_obj) 2451 new_objp->bool_attr_mask |= TOKEN_BOOL_ON; 2452 else 2453 new_objp->bool_attr_mask &= ~TOKEN_BOOL_ON; 2454 } 2455 (void) pthread_mutex_init(&new_objp->object_mutex, NULL); 2456 new_objp->magic_marker = KERNELTOKEN_OBJECT_MAGIC; 2457 2458 /* 2459 * Add the new derived object to the slot's token list if it is a 2460 * token object. Otherwise, add it to the session's object list. 2461 */ 2462 if (is_token_obj) { 2463 pslot = slot_table[session_p->ses_slotid]; 2464 kernel_add_token_object_to_slot(new_objp, pslot); 2465 } else { 2466 kernel_add_object_to_session(new_objp, session_p); 2467 } 2468 2469 *phKey = (CK_OBJECT_HANDLE)new_objp; 2470 OBJ_REFRELE(basekey_p); 2471 REFRELE(session_p, ses_lock_held); 2472 return (rv); 2473 2474 failed_exit: 2475 OBJ_REFRELE(basekey_p); 2476 if (new_objp != NULL) { 2477 (void) free(new_objp); 2478 } 2479 2480 REFRELE(session_p, ses_lock_held); 2481 return (rv); 2482 } 2483