xref: /titanic_44/usr/src/lib/pkcs11/libpkcs11/common/metaVerify.c (revision d3a28a554b9205bf55157ee542394fa7ee72fe4b)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 /*
29  * Functions for Verifying Signatures and MACS
30  * (as defined in PKCS#11 spec section 11.13)
31  */
32 
33 #include "metaGlobal.h"
34 
35 
36 /*
37  * meta_VerifyInit
38  *
39  */
40 CK_RV
meta_VerifyInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)41 meta_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
42     CK_OBJECT_HANDLE hKey)
43 {
44 	CK_RV rv;
45 	meta_session_t *session;
46 	meta_object_t *key;
47 
48 	if (pMechanism == NULL)
49 		return (CKR_ARGUMENTS_BAD);
50 
51 	rv = meta_handle2session(hSession, &session);
52 	if (rv != CKR_OK)
53 		return (rv);
54 
55 	rv = meta_handle2object(hKey, &key);
56 	if (rv != CKR_OK) {
57 		REFRELEASE(session);
58 		return (rv);
59 	}
60 
61 	rv = meta_operation_init(CKF_VERIFY, session, pMechanism, key);
62 
63 	OBJRELEASE(key);
64 	REFRELEASE(session);
65 
66 	return (rv);
67 }
68 
69 
70 /*
71  * meta_Verify
72  *
73  */
74 CK_RV
meta_Verify(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pData,CK_ULONG ulDataLen,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)75 meta_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
76     CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen)
77 {
78 	CK_RV rv;
79 	meta_session_t *session;
80 
81 	rv = meta_handle2session(hSession, &session);
82 	if (rv != CKR_OK)
83 		return (rv);
84 
85 	/* Note: unlike other ops, both buffers are inputs, and required. */
86 	if (pData == NULL || pSignature == NULL) {
87 		meta_operation_cleanup(session, CKF_VERIFY, FALSE);
88 		REFRELEASE(session);
89 		return (CKR_ARGUMENTS_BAD);
90 	}
91 
92 	rv = meta_do_operation(CKF_VERIFY, MODE_SINGLE, session, NULL,
93 	    pData, ulDataLen, pSignature, &ulSignatureLen);
94 
95 	REFRELEASE(session);
96 
97 	return (rv);
98 }
99 
100 
101 /*
102  * meta_VerifyUpdate
103  *
104  */
105 CK_RV
meta_VerifyUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,CK_ULONG ulPartLen)106 meta_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
107     CK_ULONG ulPartLen)
108 {
109 	CK_RV rv;
110 	meta_session_t *session;
111 
112 	rv = meta_handle2session(hSession, &session);
113 	if (rv != CKR_OK)
114 		return (rv);
115 
116 	if (pPart == NULL) {
117 		meta_operation_cleanup(session, CKF_VERIFY, FALSE);
118 		REFRELEASE(session);
119 		return (CKR_ARGUMENTS_BAD);
120 	}
121 
122 	rv = meta_do_operation(CKF_VERIFY, MODE_UPDATE, session, NULL,
123 	    pPart, ulPartLen, NULL, NULL);
124 
125 	REFRELEASE(session);
126 
127 	return (rv);
128 }
129 
130 
131 /*
132  * meta_VerifyFinal
133  *
134  */
135 CK_RV
meta_VerifyFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)136 meta_VerifyFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
137     CK_ULONG ulSignatureLen)
138 {
139 	CK_RV rv;
140 	meta_session_t *session;
141 
142 	rv = meta_handle2session(hSession, &session);
143 	if (rv != CKR_OK)
144 		return (rv);
145 
146 	/*
147 	 * Unlike other ops the buffer is an input. Allow NULL if there's
148 	 * no more input.
149 	 */
150 	if (pSignature == NULL && ulSignatureLen != 0) {
151 		meta_operation_cleanup(session, CKF_VERIFY, FALSE);
152 		REFRELEASE(session);
153 		return (CKR_ARGUMENTS_BAD);
154 	}
155 
156 	rv = meta_do_operation(CKF_VERIFY, MODE_FINAL, session, NULL,
157 	    pSignature, ulSignatureLen, NULL, NULL);
158 
159 	REFRELEASE(session);
160 
161 	return (rv);
162 }
163 
164 
165 /*
166  * meta_VerifyRecoverInit
167  *
168  */
169 CK_RV
meta_VerifyRecoverInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)170 meta_VerifyRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
171     CK_OBJECT_HANDLE hKey)
172 {
173 	CK_RV rv;
174 	meta_session_t *session;
175 	meta_object_t *key;
176 
177 	if (pMechanism == NULL)
178 		return (CKR_ARGUMENTS_BAD);
179 
180 	rv = meta_handle2session(hSession, &session);
181 	if (rv != CKR_OK)
182 		return (rv);
183 
184 	rv = meta_handle2object(hKey, &key);
185 	if (rv != CKR_OK) {
186 		REFRELEASE(session);
187 		return (rv);
188 	}
189 
190 	rv = meta_operation_init(CKF_VERIFY_RECOVER, session, pMechanism, key);
191 
192 	OBJRELEASE(key);
193 	REFRELEASE(session);
194 
195 	return (rv);
196 }
197 
198 
199 /*
200  * meta_VerifyRecover
201  *
202  */
203 CK_RV
meta_VerifyRecover(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen,CK_BYTE_PTR pData,CK_ULONG_PTR pulDataLen)204 meta_VerifyRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
205     CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
206 {
207 	CK_RV rv;
208 	meta_session_t *session;
209 
210 	rv = meta_handle2session(hSession, &session);
211 	if (rv != CKR_OK)
212 		return (rv);
213 
214 	if (pSignature == NULL || pulDataLen == NULL) {
215 		meta_operation_cleanup(session, CKF_VERIFY_RECOVER, FALSE);
216 		REFRELEASE(session);
217 		return (CKR_ARGUMENTS_BAD);
218 	}
219 
220 	rv = meta_do_operation(CKF_VERIFY_RECOVER, MODE_SINGLE, session, NULL,
221 	    pSignature, ulSignatureLen, pData, pulDataLen);
222 
223 	REFRELEASE(session);
224 
225 	return (rv);
226 }
227