xref: /titanic_44/usr/src/lib/pkcs11/pkcs11_softtoken/common/softDecrypt.c (revision 12e72dbb846ce62628218fb4f2c85b03f0f2b0c3)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 #include <pthread.h>
29 #include <security/cryptoki.h>
30 #include "softGlobal.h"
31 #include "softSession.h"
32 #include "softObject.h"
33 #include "softOps.h"
34 
35 
36 CK_RV
37 C_DecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
38     CK_OBJECT_HANDLE hKey)
39 {
40 
41 	CK_RV		rv;
42 	soft_session_t	*session_p;
43 	soft_object_t	*key_p;
44 	boolean_t	lock_held = B_FALSE;
45 
46 	if (!softtoken_initialized)
47 		return (CKR_CRYPTOKI_NOT_INITIALIZED);
48 
49 	/* Obtain the session pointer. */
50 	rv = handle2session(hSession, &session_p);
51 	if (rv != CKR_OK)
52 		return (rv);
53 
54 	if (pMechanism == NULL) {
55 		rv = CKR_ARGUMENTS_BAD;
56 		goto clean_exit;
57 	}
58 
59 	/* Obtain the object pointer. */
60 	HANDLE2OBJECT(hKey, key_p, rv);
61 	if (rv != CKR_OK)
62 		goto clean_exit;
63 
64 	/* Check to see if key object allows for decryption. */
65 	if (!(key_p->bool_attr_mask & DECRYPT_BOOL_ON)) {
66 		rv = CKR_KEY_TYPE_INCONSISTENT;
67 		goto clean_exit1;
68 	}
69 
70 	(void) pthread_mutex_lock(&session_p->session_mutex);
71 	lock_held = B_TRUE;
72 
73 	/* Check to see if decrypt operation is already active. */
74 	if (session_p->decrypt.flags & CRYPTO_OPERATION_ACTIVE) {
75 		/* free the memory to avoid memory leak */
76 		soft_crypt_cleanup(session_p, B_FALSE, lock_held);
77 	}
78 
79 	/*
80 	 * This active flag will remain ON until application calls either
81 	 * C_Decrypt or C_DecryptFinal to actually obtain the final piece
82 	 * of plaintext.
83 	 */
84 	session_p->decrypt.flags = CRYPTO_OPERATION_ACTIVE;
85 
86 	(void) pthread_mutex_unlock(&session_p->session_mutex);
87 	lock_held = B_FALSE;
88 
89 	rv = soft_decrypt_init(session_p, pMechanism, key_p);
90 
91 	if (rv != CKR_OK) {
92 		(void) pthread_mutex_lock(&session_p->session_mutex);
93 		session_p->decrypt.flags &= ~CRYPTO_OPERATION_ACTIVE;
94 		lock_held = B_TRUE;
95 	}
96 
97 clean_exit1:
98 	OBJ_REFRELE(key_p);
99 clean_exit:
100 	SES_REFRELE(session_p, lock_held);
101 	return (rv);
102 }
103 
104 
105 CK_RV
106 C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
107     CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
108 {
109 
110 	CK_RV		rv;
111 	soft_session_t	*session_p;
112 	boolean_t	lock_held = B_FALSE;
113 
114 	if (!softtoken_initialized)
115 		return (CKR_CRYPTOKI_NOT_INITIALIZED);
116 
117 	/* Obatin the session pointer. */
118 	rv = handle2session(hSession, &session_p);
119 	if (rv != CKR_OK)
120 		return (rv);
121 
122 	/*
123 	 * Only check if input buffer is null.  How to handle zero input
124 	 * length depents on the mechanism in use.  For secret key mechanisms,
125 	 * unpadded ones yield zero length output, but padded ones always
126 	 * result in smaller than original, possibly zero, length output.
127 	 */
128 	if (pEncryptedData == NULL) {
129 		rv = CKR_ARGUMENTS_BAD;
130 		goto clean_exit;
131 	}
132 
133 	/*
134 	 * No need to check pData because application might
135 	 * just want to know the length of decrypted data.
136 	 */
137 	if (pulDataLen == NULL) {
138 		rv = CKR_ARGUMENTS_BAD;
139 		goto clean_exit;
140 	}
141 
142 	(void) pthread_mutex_lock(&session_p->session_mutex);
143 	lock_held = B_TRUE;
144 
145 	/* Application must call C_DecryptInit before calling C_Decrypt. */
146 	if (!(session_p->decrypt.flags & CRYPTO_OPERATION_ACTIVE)) {
147 		SES_REFRELE(session_p, lock_held);
148 		return (CKR_OPERATION_NOT_INITIALIZED);
149 	}
150 
151 	/*
152 	 * C_Decrypt must be called without intervening C_DecryptUpdate
153 	 * calls.
154 	 */
155 	if (session_p->decrypt.flags & CRYPTO_OPERATION_UPDATE) {
156 		/*
157 		 * C_Decrypt can not be used to terminate a multi-part
158 		 * operation, so we'll leave the active decrypt operation
159 		 * flag on and let the application continue with the
160 		 * decrypt update operation.
161 		 */
162 		SES_REFRELE(session_p, lock_held);
163 		return (CKR_FUNCTION_FAILED);
164 	}
165 
166 	(void) pthread_mutex_unlock(&session_p->session_mutex);
167 	lock_held = B_FALSE;
168 
169 	rv = soft_decrypt(session_p, pEncryptedData, ulEncryptedDataLen,
170 	    pData, pulDataLen);
171 
172 	if ((rv == CKR_BUFFER_TOO_SMALL) ||
173 	    (pData == NULL && rv == CKR_OK)) {
174 		/*
175 		 * We will not terminate the active decrypt operation flag,
176 		 * when the application-supplied buffer is too small, or
177 		 * the application asks for the length of buffer to hold
178 		 * the plaintext.
179 		 */
180 		SES_REFRELE(session_p, lock_held);
181 		return (rv);
182 	}
183 
184 	/*
185 	 * Normal exit.
186 	 * Terminates the active encrypt operation.
187 	 * Application needs to call C_EncryptInit again for next
188 	 * encrypt operation.
189 	 */
190 	(void) pthread_mutex_lock(&session_p->session_mutex);
191 	session_p->decrypt.flags = 0;
192 	lock_held = B_TRUE;
193 	SES_REFRELE(session_p, lock_held);
194 	return (rv);
195 
196 clean_exit:
197 	soft_crypt_cleanup(session_p, B_FALSE, lock_held);
198 
199 	return (rv);
200 }
201 
202 
203 CK_RV
204 C_DecryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart,
205     CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
206     CK_ULONG_PTR pulPartLen)
207 {
208 
209 	CK_RV		rv;
210 	soft_session_t	*session_p;
211 	boolean_t	lock_held = B_FALSE;
212 
213 	if (!softtoken_initialized)
214 		return (CKR_CRYPTOKI_NOT_INITIALIZED);
215 
216 	/* Obtain the session pointer. */
217 	rv = handle2session(hSession, &session_p);
218 	if (rv != CKR_OK)
219 		return (rv);
220 
221 	/*
222 	 * Only check if input buffer is null.  How to handle zero input
223 	 * length depents on the mechanism in use.  For secret key mechanisms,
224 	 * unpadded ones yeild zero length output, but padded ones always
225 	 * result in smaller than original, possibly zero, length output.
226 	 */
227 	if (pEncryptedPart == NULL) {
228 		rv = CKR_ARGUMENTS_BAD;
229 		goto clean_exit;
230 	}
231 
232 	/*
233 	 * Only check if pulPartLen is NULL.
234 	 * No need to check if pPart is NULL because application
235 	 * might just ask for the length of buffer to hold the
236 	 * recovered data.
237 	 */
238 	if (pulPartLen == NULL) {
239 		rv = CKR_ARGUMENTS_BAD;
240 		goto clean_exit;
241 	}
242 
243 	(void) pthread_mutex_lock(&session_p->session_mutex);
244 	lock_held = B_TRUE;
245 
246 	/*
247 	 * Application must call C_DecryptInit before calling
248 	 * C_DecryptUpdate.
249 	 */
250 	if (!(session_p->decrypt.flags & CRYPTO_OPERATION_ACTIVE)) {
251 		SES_REFRELE(session_p, lock_held);
252 		return (CKR_OPERATION_NOT_INITIALIZED);
253 	}
254 
255 	session_p->decrypt.flags |= CRYPTO_OPERATION_UPDATE;
256 
257 	(void) pthread_mutex_unlock(&session_p->session_mutex);
258 	lock_held = B_FALSE;
259 
260 	rv = soft_decrypt_update(session_p, pEncryptedPart,
261 	    ulEncryptedPartLen, pPart, pulPartLen);
262 
263 	/*
264 	 * If CKR_OK or CKR_BUFFER_TOO_SMALL, don't terminate the
265 	 * current decryption operation.
266 	 */
267 	if ((rv == CKR_OK) || (rv == CKR_BUFFER_TOO_SMALL)) {
268 		SES_REFRELE(session_p, lock_held);
269 		return (rv);
270 	}
271 
272 clean_exit:
273 	/*
274 	 * After an error occurred, terminate the current decrypt
275 	 * operation by resetting the active and update flags.
276 	 */
277 	soft_crypt_cleanup(session_p, B_FALSE, lock_held);
278 
279 	return (rv);
280 }
281 
282 CK_RV
283 C_DecryptFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastPart,
284     CK_ULONG_PTR pulLastPartLen)
285 {
286 
287 	CK_RV		rv;
288 	soft_session_t	*session_p;
289 	boolean_t	lock_held = B_FALSE;
290 
291 	if (!softtoken_initialized)
292 		return (CKR_CRYPTOKI_NOT_INITIALIZED);
293 
294 	/* Obtain the session pointer. */
295 	rv = handle2session(hSession, &session_p);
296 	if (rv != CKR_OK)
297 		return (rv);
298 
299 	if (pulLastPartLen == NULL) {
300 		rv = CKR_ARGUMENTS_BAD;
301 		goto clean_exit;
302 	}
303 
304 	(void) pthread_mutex_lock(&session_p->session_mutex);
305 	lock_held = B_TRUE;
306 
307 	/*
308 	 * Application must call C_DecryptInit before calling
309 	 * C_DecryptFinal.
310 	 */
311 	if (!(session_p->decrypt.flags & CRYPTO_OPERATION_ACTIVE)) {
312 		SES_REFRELE(session_p, lock_held);
313 		return (CKR_OPERATION_NOT_INITIALIZED);
314 	}
315 
316 	(void) pthread_mutex_unlock(&session_p->session_mutex);
317 	lock_held = B_FALSE;
318 
319 	rv = soft_decrypt_final(session_p, pLastPart, pulLastPartLen);
320 
321 	if ((rv == CKR_BUFFER_TOO_SMALL) ||
322 	    (pLastPart == NULL && rv == CKR_OK)) {
323 		/*
324 		 * We will not terminate the active decrypt operation flag,
325 		 * when the application-supplied buffer is too small, or
326 		 * the application asks for the length of buffer to hold
327 		 * the plaintext.
328 		 */
329 		SES_REFRELE(session_p, lock_held);
330 		return (rv);
331 	}
332 
333 	/* Terminates the active encrypt operation. */
334 	(void) pthread_mutex_lock(&session_p->session_mutex);
335 	session_p->decrypt.flags = 0;
336 	lock_held = B_TRUE;
337 	SES_REFRELE(session_p, lock_held);
338 	return (rv);
339 
340 clean_exit:
341 	/* Terminates the active decrypt operation */
342 	soft_crypt_cleanup(session_p, B_FALSE, lock_held);
343 
344 	return (rv);
345 }
346