1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * CDDL HEADER START 3*7c478bd9Sstevel@tonic-gate * 4*7c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*7c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*7c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*7c478bd9Sstevel@tonic-gate * with the License. 8*7c478bd9Sstevel@tonic-gate * 9*7c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*7c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*7c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 12*7c478bd9Sstevel@tonic-gate * and limitations under the License. 13*7c478bd9Sstevel@tonic-gate * 14*7c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*7c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*7c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*7c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*7c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*7c478bd9Sstevel@tonic-gate * 20*7c478bd9Sstevel@tonic-gate * CDDL HEADER END 21*7c478bd9Sstevel@tonic-gate */ 22*7c478bd9Sstevel@tonic-gate /* 23*7c478bd9Sstevel@tonic-gate * Copyright 2003 Sun Microsystems, Inc. All rights reserved. 24*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 25*7c478bd9Sstevel@tonic-gate */ 26*7c478bd9Sstevel@tonic-gate 27*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 28*7c478bd9Sstevel@tonic-gate 29*7c478bd9Sstevel@tonic-gate #include <security/cryptoki.h> 30*7c478bd9Sstevel@tonic-gate #include "pkcs11Global.h" 31*7c478bd9Sstevel@tonic-gate #include "pkcs11Session.h" 32*7c478bd9Sstevel@tonic-gate #include "pkcs11Slot.h" 33*7c478bd9Sstevel@tonic-gate 34*7c478bd9Sstevel@tonic-gate /* 35*7c478bd9Sstevel@tonic-gate * C_DigestEncryptUpdate is a pure wrapper to the underlying provider. 36*7c478bd9Sstevel@tonic-gate * Policy enforcement was done earlier by the mandatory calls to 37*7c478bd9Sstevel@tonic-gate * C_DigestInit and C_EncryptInit. 38*7c478bd9Sstevel@tonic-gate * 39*7c478bd9Sstevel@tonic-gate * The only argument checked is whether or not hSession is valid. 40*7c478bd9Sstevel@tonic-gate */ 41*7c478bd9Sstevel@tonic-gate CK_RV 42*7c478bd9Sstevel@tonic-gate C_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, 43*7c478bd9Sstevel@tonic-gate CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, 44*7c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulEncryptedPartLen) 45*7c478bd9Sstevel@tonic-gate { 46*7c478bd9Sstevel@tonic-gate CK_RV rv; 47*7c478bd9Sstevel@tonic-gate pkcs11_session_t *sessp; 48*7c478bd9Sstevel@tonic-gate 49*7c478bd9Sstevel@tonic-gate /* Check for a fastpath */ 50*7c478bd9Sstevel@tonic-gate if (purefastpath || policyfastpath) { 51*7c478bd9Sstevel@tonic-gate return (fast_funcs->C_DigestEncryptUpdate(hSession, pPart, 52*7c478bd9Sstevel@tonic-gate ulPartLen, pEncryptedPart, pulEncryptedPartLen)); 53*7c478bd9Sstevel@tonic-gate } 54*7c478bd9Sstevel@tonic-gate 55*7c478bd9Sstevel@tonic-gate if (!pkcs11_initialized) { 56*7c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED); 57*7c478bd9Sstevel@tonic-gate } 58*7c478bd9Sstevel@tonic-gate 59*7c478bd9Sstevel@tonic-gate /* Obtain the session pointer */ 60*7c478bd9Sstevel@tonic-gate HANDLE2SESSION(hSession, sessp, rv); 61*7c478bd9Sstevel@tonic-gate 62*7c478bd9Sstevel@tonic-gate if (rv != CKR_OK) { 63*7c478bd9Sstevel@tonic-gate return (rv); 64*7c478bd9Sstevel@tonic-gate } 65*7c478bd9Sstevel@tonic-gate 66*7c478bd9Sstevel@tonic-gate /* Pass data to the provider */ 67*7c478bd9Sstevel@tonic-gate rv = FUNCLIST(sessp->se_slotid)-> 68*7c478bd9Sstevel@tonic-gate C_DigestEncryptUpdate(sessp->se_handle, pPart, ulPartLen, 69*7c478bd9Sstevel@tonic-gate pEncryptedPart, pulEncryptedPartLen); 70*7c478bd9Sstevel@tonic-gate 71*7c478bd9Sstevel@tonic-gate /* Present consistent interface to the application */ 72*7c478bd9Sstevel@tonic-gate if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 73*7c478bd9Sstevel@tonic-gate return (CKR_FUNCTION_FAILED); 74*7c478bd9Sstevel@tonic-gate } 75*7c478bd9Sstevel@tonic-gate 76*7c478bd9Sstevel@tonic-gate return (rv); 77*7c478bd9Sstevel@tonic-gate 78*7c478bd9Sstevel@tonic-gate } 79*7c478bd9Sstevel@tonic-gate 80*7c478bd9Sstevel@tonic-gate /* 81*7c478bd9Sstevel@tonic-gate * C_DecryptDigestUpdate is a pure wrapper to the underlying provider. 82*7c478bd9Sstevel@tonic-gate * Policy enforcement was done earlier by the mandatory calls to 83*7c478bd9Sstevel@tonic-gate * C_DigestInit and C_DecryptInit. 84*7c478bd9Sstevel@tonic-gate * 85*7c478bd9Sstevel@tonic-gate * The only argument checked is whether or not hSession is valid. 86*7c478bd9Sstevel@tonic-gate */ 87*7c478bd9Sstevel@tonic-gate CK_RV 88*7c478bd9Sstevel@tonic-gate C_DecryptDigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, 89*7c478bd9Sstevel@tonic-gate CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 90*7c478bd9Sstevel@tonic-gate { 91*7c478bd9Sstevel@tonic-gate CK_RV rv; 92*7c478bd9Sstevel@tonic-gate pkcs11_session_t *sessp; 93*7c478bd9Sstevel@tonic-gate 94*7c478bd9Sstevel@tonic-gate /* Check for a fastpath */ 95*7c478bd9Sstevel@tonic-gate if (purefastpath || policyfastpath) { 96*7c478bd9Sstevel@tonic-gate return (fast_funcs->C_DecryptDigestUpdate(hSession, 97*7c478bd9Sstevel@tonic-gate pEncryptedPart, ulEncryptedPartLen, pPart, 98*7c478bd9Sstevel@tonic-gate pulPartLen)); 99*7c478bd9Sstevel@tonic-gate } 100*7c478bd9Sstevel@tonic-gate 101*7c478bd9Sstevel@tonic-gate if (!pkcs11_initialized) { 102*7c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED); 103*7c478bd9Sstevel@tonic-gate } 104*7c478bd9Sstevel@tonic-gate 105*7c478bd9Sstevel@tonic-gate /* Obtain the session pointer */ 106*7c478bd9Sstevel@tonic-gate HANDLE2SESSION(hSession, sessp, rv); 107*7c478bd9Sstevel@tonic-gate 108*7c478bd9Sstevel@tonic-gate if (rv != CKR_OK) { 109*7c478bd9Sstevel@tonic-gate return (rv); 110*7c478bd9Sstevel@tonic-gate } 111*7c478bd9Sstevel@tonic-gate 112*7c478bd9Sstevel@tonic-gate /* Pass data to the provider */ 113*7c478bd9Sstevel@tonic-gate rv = FUNCLIST(sessp->se_slotid)-> 114*7c478bd9Sstevel@tonic-gate C_DecryptDigestUpdate(sessp->se_handle, pEncryptedPart, 115*7c478bd9Sstevel@tonic-gate ulEncryptedPartLen, pPart, pulPartLen); 116*7c478bd9Sstevel@tonic-gate 117*7c478bd9Sstevel@tonic-gate /* Present consistent interface to the application */ 118*7c478bd9Sstevel@tonic-gate if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 119*7c478bd9Sstevel@tonic-gate return (CKR_FUNCTION_FAILED); 120*7c478bd9Sstevel@tonic-gate } 121*7c478bd9Sstevel@tonic-gate 122*7c478bd9Sstevel@tonic-gate return (rv); 123*7c478bd9Sstevel@tonic-gate } 124*7c478bd9Sstevel@tonic-gate 125*7c478bd9Sstevel@tonic-gate /* 126*7c478bd9Sstevel@tonic-gate * C_SignEncryptUpdate is a pure wrapper to the underlying provider. 127*7c478bd9Sstevel@tonic-gate * Policy enforcement was done earlier by the mandatory calls to 128*7c478bd9Sstevel@tonic-gate * C_SignInit and C_EncryptInit. 129*7c478bd9Sstevel@tonic-gate * 130*7c478bd9Sstevel@tonic-gate * The only argument checked is whether or not hSession is valid. 131*7c478bd9Sstevel@tonic-gate */ 132*7c478bd9Sstevel@tonic-gate CK_RV 133*7c478bd9Sstevel@tonic-gate C_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, 134*7c478bd9Sstevel@tonic-gate CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, 135*7c478bd9Sstevel@tonic-gate CK_ULONG_PTR pulEncryptedPartLen) 136*7c478bd9Sstevel@tonic-gate { 137*7c478bd9Sstevel@tonic-gate CK_RV rv; 138*7c478bd9Sstevel@tonic-gate pkcs11_session_t *sessp; 139*7c478bd9Sstevel@tonic-gate 140*7c478bd9Sstevel@tonic-gate /* Check for a fastpath */ 141*7c478bd9Sstevel@tonic-gate if (purefastpath || policyfastpath) { 142*7c478bd9Sstevel@tonic-gate return (fast_funcs->C_SignEncryptUpdate(hSession, pPart, 143*7c478bd9Sstevel@tonic-gate ulPartLen, pEncryptedPart, pulEncryptedPartLen)); 144*7c478bd9Sstevel@tonic-gate } 145*7c478bd9Sstevel@tonic-gate 146*7c478bd9Sstevel@tonic-gate if (!pkcs11_initialized) { 147*7c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED); 148*7c478bd9Sstevel@tonic-gate } 149*7c478bd9Sstevel@tonic-gate 150*7c478bd9Sstevel@tonic-gate /* Obtain the session pointer */ 151*7c478bd9Sstevel@tonic-gate HANDLE2SESSION(hSession, sessp, rv); 152*7c478bd9Sstevel@tonic-gate 153*7c478bd9Sstevel@tonic-gate if (rv != CKR_OK) { 154*7c478bd9Sstevel@tonic-gate return (rv); 155*7c478bd9Sstevel@tonic-gate } 156*7c478bd9Sstevel@tonic-gate 157*7c478bd9Sstevel@tonic-gate /* Pass data to the provider */ 158*7c478bd9Sstevel@tonic-gate rv = FUNCLIST(sessp->se_slotid)-> 159*7c478bd9Sstevel@tonic-gate C_SignEncryptUpdate(sessp->se_handle, pPart, ulPartLen, 160*7c478bd9Sstevel@tonic-gate pEncryptedPart, pulEncryptedPartLen); 161*7c478bd9Sstevel@tonic-gate 162*7c478bd9Sstevel@tonic-gate /* Present consistent interface to the application */ 163*7c478bd9Sstevel@tonic-gate if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 164*7c478bd9Sstevel@tonic-gate return (CKR_FUNCTION_FAILED); 165*7c478bd9Sstevel@tonic-gate } 166*7c478bd9Sstevel@tonic-gate 167*7c478bd9Sstevel@tonic-gate return (rv); 168*7c478bd9Sstevel@tonic-gate } 169*7c478bd9Sstevel@tonic-gate 170*7c478bd9Sstevel@tonic-gate /* 171*7c478bd9Sstevel@tonic-gate * C_DecryptVerifyUpdate is a pure wrapper to the underlying provider. 172*7c478bd9Sstevel@tonic-gate * Policy enforcement was done earlier by the mandatory calls to 173*7c478bd9Sstevel@tonic-gate * C_SignInit and C_EncryptInit. 174*7c478bd9Sstevel@tonic-gate * 175*7c478bd9Sstevel@tonic-gate * The only argument checked is whether or not hSession is valid. 176*7c478bd9Sstevel@tonic-gate */ 177*7c478bd9Sstevel@tonic-gate CK_RV 178*7c478bd9Sstevel@tonic-gate C_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, 179*7c478bd9Sstevel@tonic-gate CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) 180*7c478bd9Sstevel@tonic-gate { 181*7c478bd9Sstevel@tonic-gate CK_RV rv; 182*7c478bd9Sstevel@tonic-gate pkcs11_session_t *sessp; 183*7c478bd9Sstevel@tonic-gate 184*7c478bd9Sstevel@tonic-gate /* Check for a fastpath */ 185*7c478bd9Sstevel@tonic-gate if (purefastpath || policyfastpath) { 186*7c478bd9Sstevel@tonic-gate return (fast_funcs->C_DecryptVerifyUpdate(hSession, 187*7c478bd9Sstevel@tonic-gate pEncryptedPart, ulEncryptedPartLen, pPart, 188*7c478bd9Sstevel@tonic-gate pulPartLen)); 189*7c478bd9Sstevel@tonic-gate } 190*7c478bd9Sstevel@tonic-gate 191*7c478bd9Sstevel@tonic-gate if (!pkcs11_initialized) { 192*7c478bd9Sstevel@tonic-gate return (CKR_CRYPTOKI_NOT_INITIALIZED); 193*7c478bd9Sstevel@tonic-gate } 194*7c478bd9Sstevel@tonic-gate 195*7c478bd9Sstevel@tonic-gate /* Obtain the session pointer */ 196*7c478bd9Sstevel@tonic-gate HANDLE2SESSION(hSession, sessp, rv); 197*7c478bd9Sstevel@tonic-gate 198*7c478bd9Sstevel@tonic-gate if (rv != CKR_OK) { 199*7c478bd9Sstevel@tonic-gate return (rv); 200*7c478bd9Sstevel@tonic-gate } 201*7c478bd9Sstevel@tonic-gate 202*7c478bd9Sstevel@tonic-gate /* Pass data to the provider */ 203*7c478bd9Sstevel@tonic-gate rv = FUNCLIST(sessp->se_slotid)-> 204*7c478bd9Sstevel@tonic-gate C_DecryptVerifyUpdate(sessp->se_handle, pEncryptedPart, 205*7c478bd9Sstevel@tonic-gate ulEncryptedPartLen, pPart, pulPartLen); 206*7c478bd9Sstevel@tonic-gate 207*7c478bd9Sstevel@tonic-gate /* Present consistent interface to the application */ 208*7c478bd9Sstevel@tonic-gate if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 209*7c478bd9Sstevel@tonic-gate return (CKR_FUNCTION_FAILED); 210*7c478bd9Sstevel@tonic-gate } 211*7c478bd9Sstevel@tonic-gate 212*7c478bd9Sstevel@tonic-gate return (rv); 213*7c478bd9Sstevel@tonic-gate } 214