Wire Sysio Wire Sysion 1.0.0
Loading...
Searching...
No Matches
util_pkcs11.c
Go to the documentation of this file.
1/*
2 * Copyright 2015-2018 Yubico AB
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <ctype.h>
18#include <yubihsm.h>
19#include <pkcs11y.h>
20#include <string.h>
21#include <stdio.h>
22#include <stdlib.h>
23#include <pthread.h>
24
25#ifdef __WIN32
26#include <winsock.h>
27#else
28#include <arpa/inet.h>
29#endif
30
31#include <openssl/ec.h>
32#include <openssl/ecdsa.h>
33#include <openssl/rsa.h>
34#include <openssl/x509.h>
35
36#include "util_pkcs11.h"
37#include "debug_p11.h"
38#include "../common/util.h"
39#include "../common/openssl-compat.h"
40
41#define ASN1_OID 0x06
42static const uint8_t oid_secp224r1[] = {ASN1_OID, 0x05, 0x2b, 0x81,
43 0x04, 0x00, 0x21};
44static const uint8_t oid_secp256r1[] = {ASN1_OID, 0x08, 0x2a, 0x86, 0x48,
45 0xce, 0x3d, 0x03, 0x01, 0x07};
46static const uint8_t oid_secp384r1[] = {ASN1_OID, 0x05, 0x2b, 0x81,
47 0x04, 0x00, 0x22};
48static const uint8_t oid_secp521r1[] = {ASN1_OID, 0x05, 0x2b, 0x81,
49 0x04, 0x00, 0x23};
50static const uint8_t oid_secp256k1[] = {ASN1_OID, 0x05, 0x2b, 0x81,
51 0x04, 0x00, 0x0a};
52static const uint8_t oid_brainpool256r1[] = {ASN1_OID, 0x09, 0x2b, 0x24,
53 0x03, 0x03, 0x02, 0x08,
54 0x01, 0x01, 0x07};
55static const uint8_t oid_brainpool384r1[] = {ASN1_OID, 0x09, 0x2b, 0x24,
56 0x03, 0x03, 0x02, 0x08,
57 0x01, 0x01, 0x0b};
58static const uint8_t oid_brainpool512r1[] = {ASN1_OID, 0x09, 0x2b, 0x24,
59 0x03, 0x03, 0x02, 0x08,
60 0x01, 0x01, 0x0d};
61
62static void add_mech(CK_MECHANISM_TYPE *buf, CK_ULONG_PTR count,
63 CK_MECHANISM_TYPE item) {
64 for (CK_ULONG i = 0; i < *count; i++) {
65 if (buf[i] == item) {
66 return;
67 }
68 }
69 buf[*count] = item;
70 *count = *count + 1;
71}
72
73CK_RV get_mechanism_list(yubihsm_pkcs11_slot *slot,
74 CK_MECHANISM_TYPE_PTR pMechanismList,
75 CK_ULONG_PTR count) {
76
77 if (slot->n_algorithms == 0) {
78 slot->n_algorithms = sizeof(slot->algorithms) / sizeof(slot->algorithms[0]);
79 yh_rc yrc =
80 yh_util_get_device_info(slot->connector, NULL, NULL, NULL, NULL, NULL,
81 NULL, slot->algorithms, &slot->n_algorithms);
82 if (yrc != YHR_SUCCESS) {
83 return CKR_FUNCTION_FAILED;
84 }
85 }
86
87 CK_MECHANISM_TYPE buffer[128]; // NOTE: this is a bit hardcoded, but much more
88 // than what we might add below.
89 CK_ULONG items = 0;
90
91 for (size_t i = 0; i < slot->n_algorithms; i++) {
92 switch (slot->algorithms[i]) {
93 case YH_ALGO_RSA_PKCS1_SHA1:
94 add_mech(buffer, &items, CKM_RSA_PKCS);
95 add_mech(buffer, &items, CKM_SHA1_RSA_PKCS);
96 break;
97
98 case YH_ALGO_RSA_PKCS1_SHA256:
99 add_mech(buffer, &items, CKM_RSA_PKCS);
100 add_mech(buffer, &items, CKM_SHA256_RSA_PKCS);
101 break;
102
103 case YH_ALGO_RSA_PKCS1_SHA384:
104 add_mech(buffer, &items, CKM_RSA_PKCS);
105 add_mech(buffer, &items, CKM_SHA384_RSA_PKCS);
106 break;
107
108 case YH_ALGO_RSA_PKCS1_SHA512:
109 add_mech(buffer, &items, CKM_RSA_PKCS);
110 add_mech(buffer, &items, CKM_SHA512_RSA_PKCS);
111 break;
112
113 case YH_ALGO_RSA_PSS_SHA1:
114 add_mech(buffer, &items, CKM_RSA_PKCS_PSS);
115 add_mech(buffer, &items, CKM_SHA1_RSA_PKCS_PSS);
116 break;
117
118 case YH_ALGO_RSA_PSS_SHA256:
119 add_mech(buffer, &items, CKM_RSA_PKCS_PSS);
120 add_mech(buffer, &items, CKM_SHA256_RSA_PKCS_PSS);
121 break;
122
123 case YH_ALGO_RSA_PSS_SHA384:
124 add_mech(buffer, &items, CKM_RSA_PKCS_PSS);
125 add_mech(buffer, &items, CKM_SHA384_RSA_PKCS_PSS);
126 break;
127
128 case YH_ALGO_RSA_PSS_SHA512:
129 add_mech(buffer, &items, CKM_RSA_PKCS_PSS);
130 add_mech(buffer, &items, CKM_SHA512_RSA_PKCS_PSS);
131 break;
132
133 case YH_ALGO_RSA_2048:
134 case YH_ALGO_RSA_3072:
135 case YH_ALGO_RSA_4096:
136 add_mech(buffer, &items, CKM_RSA_PKCS_KEY_PAIR_GEN);
137 break;
138
139 case YH_ALGO_EC_P224:
140 case YH_ALGO_EC_P256:
141 case YH_ALGO_EC_P384:
142 case YH_ALGO_EC_P521:
143 case YH_ALGO_EC_K256:
144 case YH_ALGO_EC_BP256:
145 case YH_ALGO_EC_BP384:
146 case YH_ALGO_EC_BP512:
147 add_mech(buffer, &items, CKM_EC_KEY_PAIR_GEN);
148 break;
149
150 case YH_ALGO_HMAC_SHA1:
151 add_mech(buffer, &items, CKM_SHA_1_HMAC);
152 add_mech(buffer, &items, CKM_GENERIC_SECRET_KEY_GEN);
153 break;
154
155 case YH_ALGO_HMAC_SHA256:
156 add_mech(buffer, &items, CKM_SHA256_HMAC);
157 add_mech(buffer, &items, CKM_GENERIC_SECRET_KEY_GEN);
158 break;
159
160 case YH_ALGO_HMAC_SHA384:
161 add_mech(buffer, &items, CKM_SHA384_HMAC);
162 add_mech(buffer, &items, CKM_GENERIC_SECRET_KEY_GEN);
163 break;
164
165 case YH_ALGO_HMAC_SHA512:
166 add_mech(buffer, &items, CKM_SHA512_HMAC);
167 add_mech(buffer, &items, CKM_GENERIC_SECRET_KEY_GEN);
168 break;
169
170 case YH_ALGO_EC_ECDSA_SHA1:
171 add_mech(buffer, &items, CKM_ECDSA);
172 add_mech(buffer, &items, CKM_ECDSA_SHA1);
173 break;
174
175 case YH_ALGO_EC_ECDSA_SHA256:
176 add_mech(buffer, &items, CKM_ECDSA);
177 add_mech(buffer, &items, CKM_ECDSA_SHA256);
178 break;
179
180 case YH_ALGO_EC_ECDSA_SHA384:
181 add_mech(buffer, &items, CKM_ECDSA);
182 add_mech(buffer, &items, CKM_ECDSA_SHA384);
183 break;
184
185 case YH_ALGO_EC_ECDSA_SHA512:
186 add_mech(buffer, &items, CKM_ECDSA);
187 add_mech(buffer, &items, CKM_ECDSA_SHA512);
188 break;
189
190 case YH_ALGO_EC_ECDH:
191 add_mech(buffer, &items, CKM_ECDH1_DERIVE);
192 break;
193
194 case YH_ALGO_RSA_OAEP_SHA1:
195 case YH_ALGO_RSA_OAEP_SHA256:
196 case YH_ALGO_RSA_OAEP_SHA384:
197 case YH_ALGO_RSA_OAEP_SHA512:
198 add_mech(buffer, &items, CKM_RSA_PKCS_OAEP);
199 break;
200
201 case YH_ALGO_AES128_CCM_WRAP:
202 case YH_ALGO_AES192_CCM_WRAP:
203 case YH_ALGO_AES256_CCM_WRAP:
204 add_mech(buffer, &items, CKM_YUBICO_AES_CCM_WRAP);
205 add_mech(buffer, &items, CKM_GENERIC_SECRET_KEY_GEN);
206 break;
207
208 // NOTE: there are algorithms don't have corresponding mechanisms
209 default:
210 break;
211 }
212 }
213
214 // NOTE(adma): manually add digest mechanisms
215 add_mech(buffer, &items, CKM_SHA_1);
216 add_mech(buffer, &items, CKM_SHA256);
217 add_mech(buffer, &items, CKM_SHA384);
218 add_mech(buffer, &items, CKM_SHA512);
219
220 if (pMechanismList != NULL) {
221 if (items > *count) {
222 *count = items;
223
224 return CKR_BUFFER_TOO_SMALL;
225 }
226
227 memcpy(pMechanismList, buffer, sizeof(CK_MECHANISM_TYPE) * items);
228 }
229
230 *count = items;
231
232 return CKR_OK;
233}
234
235static void find_minmax_rsa_key_length_in_bits(yh_algorithm *algorithms,
236 size_t n_algorithms,
237 CK_ULONG *min, CK_ULONG *max) {
238
239 *min = 0;
240 *max = 0;
241
242 for (size_t i = 0; i < n_algorithms; i++) {
243 CK_ULONG size;
244
245 switch (algorithms[i]) {
246 case YH_ALGO_RSA_2048:
247 size = 2048;
248 break;
249 case YH_ALGO_RSA_3072:
250 size = 3072;
251 break;
252 case YH_ALGO_RSA_4096:
253 size = 4096;
254 break;
255 default:
256 size = 0;
257 }
258 if (size == 0) {
259 continue;
260 }
261 if (*min == 0 || *min > size) {
262 *min = size;
263 }
264 if (size > *max) {
265 *max = size;
266 }
267 }
268}
269
270static void find_minmax_ec_key_length_in_bits(yh_algorithm *algorithms,
271 size_t n_algorithms,
272 CK_ULONG *min, CK_ULONG *max) {
273
274 *min = 0;
275 *max = 0;
276
277 for (size_t i = 0; i < n_algorithms; i++) {
278 CK_ULONG size;
279 switch (algorithms[i]) {
280 case YH_ALGO_EC_P224:
281 size = 224;
282 break;
283 case YH_ALGO_EC_P256:
284 case YH_ALGO_EC_K256:
285 case YH_ALGO_EC_BP256:
286 size = 256;
287 break;
288 case YH_ALGO_EC_P384:
289 case YH_ALGO_EC_BP384:
290 size = 384;
291 break;
292 case YH_ALGO_EC_BP512:
293 size = 512;
294 break;
295 case YH_ALGO_EC_P521:
296 size = 521;
297 break;
298 default:
299 size = 0;
300 }
301 if (size == 0) {
302 continue;
303 }
304 if (*min == 0 || *min > size) {
305 *min = size;
306 }
307 if (size > *max) {
308 *max = size;
309 }
310 }
311}
312
313bool get_mechanism_info(yubihsm_pkcs11_slot *slot, CK_MECHANISM_TYPE type,
314 CK_MECHANISM_INFO_PTR pInfo) {
315
316 if (slot->n_algorithms == 0) {
317 slot->n_algorithms = sizeof(slot->algorithms) / sizeof(slot->algorithms[0]);
318 yh_rc yrc =
319 yh_util_get_device_info(slot->connector, NULL, NULL, NULL, NULL, NULL,
320 NULL, slot->algorithms, &slot->n_algorithms);
321 if (yrc != YHR_SUCCESS) {
322 return false;
323 }
324 }
325
326 pInfo->flags = 0;
327 switch (type) {
328 case CKM_RSA_PKCS:
329 pInfo->flags = CKF_DECRYPT;
330
331 case CKM_SHA1_RSA_PKCS:
332 case CKM_SHA256_RSA_PKCS:
333 case CKM_SHA384_RSA_PKCS:
334 case CKM_SHA512_RSA_PKCS:
335 find_minmax_rsa_key_length_in_bits(slot->algorithms, slot->n_algorithms,
336 &pInfo->ulMinKeySize,
337 &pInfo->ulMaxKeySize);
338 pInfo->flags |= CKF_HW | CKF_SIGN;
339 break;
340
341 case CKM_RSA_PKCS_PSS:
342 case CKM_SHA1_RSA_PKCS_PSS:
343 case CKM_SHA256_RSA_PKCS_PSS:
344 case CKM_SHA384_RSA_PKCS_PSS:
345 case CKM_SHA512_RSA_PKCS_PSS:
346 find_minmax_rsa_key_length_in_bits(slot->algorithms, slot->n_algorithms,
347 &pInfo->ulMinKeySize,
348 &pInfo->ulMaxKeySize);
349 pInfo->flags = CKF_HW | CKF_SIGN;
350 break;
351
352 case CKM_RSA_PKCS_OAEP:
353 find_minmax_rsa_key_length_in_bits(slot->algorithms, slot->n_algorithms,
354 &pInfo->ulMinKeySize,
355 &pInfo->ulMaxKeySize);
356 pInfo->flags = CKF_HW | CKF_DECRYPT;
357 break;
358
359 case CKM_RSA_PKCS_KEY_PAIR_GEN:
360 find_minmax_rsa_key_length_in_bits(slot->algorithms, slot->n_algorithms,
361 &pInfo->ulMinKeySize,
362 &pInfo->ulMaxKeySize);
363 pInfo->flags = CKF_HW | CKF_GENERATE_KEY_PAIR;
364 break;
365
366 case CKM_EC_KEY_PAIR_GEN:
367 find_minmax_ec_key_length_in_bits(slot->algorithms, slot->n_algorithms,
368 &pInfo->ulMinKeySize,
369 &pInfo->ulMaxKeySize);
370 pInfo->flags = CKF_HW | CKF_GENERATE_KEY_PAIR | CKF_EC_F_P |
371 CKF_EC_ECPARAMETERS | CKF_EC_UNCOMPRESS;
372 break;
373
374 case CKM_SHA_1_HMAC:
375 pInfo->ulMaxKeySize = 64 * 8;
376 pInfo->ulMinKeySize = 1;
377 pInfo->flags = CKF_HW | CKF_SIGN | CKF_VERIFY;
378 break;
379
380 case CKM_SHA256_HMAC:
381 pInfo->ulMaxKeySize = 64 * 8;
382 pInfo->ulMinKeySize = 1;
383 pInfo->flags = CKF_HW | CKF_SIGN | CKF_VERIFY;
384 break;
385
386 case CKM_SHA384_HMAC:
387 pInfo->ulMaxKeySize = 128 * 8;
388 pInfo->ulMinKeySize = 1;
389 pInfo->flags = CKF_HW | CKF_SIGN | CKF_VERIFY;
390 break;
391
392 case CKM_SHA512_HMAC:
393 pInfo->ulMaxKeySize = 128 * 8;
394 pInfo->ulMinKeySize = 1;
395 pInfo->flags = CKF_HW | CKF_SIGN | CKF_VERIFY;
396 break;
397
398 case CKM_ECDSA:
399 case CKM_ECDSA_SHA1:
400 case CKM_ECDSA_SHA256:
401 case CKM_ECDSA_SHA384:
402 case CKM_ECDSA_SHA512:
403 // should all ecdsa mechanisms have all keylengths? or should they be
404 // bounded to length of hash?
405 find_minmax_ec_key_length_in_bits(slot->algorithms, slot->n_algorithms,
406 &pInfo->ulMinKeySize,
407 &pInfo->ulMaxKeySize);
408 pInfo->flags = CKF_HW | CKF_SIGN | CKF_EC_F_P | CKF_EC_ECPARAMETERS |
409 CKF_EC_UNCOMPRESS;
410 break;
411
412 case CKM_ECDH1_DERIVE:
413 find_minmax_ec_key_length_in_bits(slot->algorithms, slot->n_algorithms,
414 &pInfo->ulMinKeySize,
415 &pInfo->ulMaxKeySize);
416 pInfo->flags = CKF_HW | CKF_DERIVE | CKF_EC_F_P | CKF_EC_ECPARAMETERS |
417 CKF_EC_UNCOMPRESS;
418 break;
419
420 case CKM_SHA_1:
421 pInfo->ulMaxKeySize = 0; // NOTE(adma): ignored
422 pInfo->ulMinKeySize = 0; // NOTE(adma): ignored
423 pInfo->flags = CKF_DIGEST;
424 break;
425
426 case CKM_SHA256:
427 pInfo->ulMaxKeySize = 0; // NOTE(adma): ignored
428 pInfo->ulMinKeySize = 0; // NOTE(adma): ignored
429 pInfo->flags = CKF_DIGEST;
430 break;
431
432 case CKM_SHA384:
433 pInfo->ulMaxKeySize = 0; // NOTE(adma): ignored
434 pInfo->ulMinKeySize = 0; // NOTE(adma): ignored
435 pInfo->flags = CKF_DIGEST;
436 break;
437
438 case CKM_SHA512:
439 pInfo->ulMaxKeySize = 0; // NOTE(adma): ignored
440 pInfo->ulMinKeySize = 0; // NOTE(adma): ignored
441 pInfo->flags = CKF_DIGEST;
442 break;
443
444 case CKM_YUBICO_AES_CCM_WRAP:
445 pInfo->ulMaxKeySize = 256;
446 pInfo->ulMinKeySize = 128;
447 pInfo->flags = CKF_HW | CKF_WRAP | CKF_UNWRAP | CKF_ENCRYPT | CKF_DECRYPT;
448 break;
449
450 case CKM_GENERIC_SECRET_KEY_GEN:
451 pInfo->ulMaxKeySize =
452 128 * 8; // NOTE: 128*8 is max key size for sha512-hmac keys
453 pInfo->ulMinKeySize = 1;
454 pInfo->flags = CKF_HW | CKF_GENERATE;
455 break;
456
457 default:
458 return false;
459 }
460
461 return true;
462}
463
464bool parse_hex(CK_UTF8CHAR_PTR hex, CK_ULONG hex_len, uint8_t *parsed) {
465
466 int j = 0;
467
468 for (CK_ULONG i = 0; i < hex_len; i += 2) {
469 if (isxdigit(hex[i]) == 0 || isxdigit(hex[i + 1]) == 0) {
470 return false;
471 }
472
473 if (isdigit(hex[i])) {
474 parsed[j] = (hex[i] - '0') << 4;
475 } else {
476 parsed[j] = (tolower(hex[i]) - 'a' + 10) << 4;
477 }
478
479 if (isdigit(hex[i + 1])) {
480 parsed[j] |= (hex[i + 1] - '0');
481 } else {
482 parsed[j] |= (tolower(hex[i + 1]) - 'a' + 10);
483 }
484
485 j++;
486 }
487
488 return true;
489}
490
491bool create_session(yubihsm_pkcs11_slot *slot, CK_FLAGS flags,
492 CK_SESSION_HANDLE_PTR phSession) {
493
494 bool authed = false;
495 yubihsm_pkcs11_session session;
496 memset(&session, 0, sizeof(session));
497 if (slot->pkcs11_sessions.head) {
498 yubihsm_pkcs11_session *s =
499 (yubihsm_pkcs11_session *) slot->pkcs11_sessions.head->data;
500 if (s->session_state & SESSION_AUTHENTICATED) {
501 authed = true;
502 }
503 }
504 if (flags & CKF_RW_SESSION) {
505 session.session_state =
506 authed ? SESSION_AUTHENTICATED_RW : SESSION_RESERVED_RW;
507 } else {
508 session.session_state =
509 authed ? SESSION_AUTHENTICATED_RO : SESSION_RESERVED_RO;
510 }
511 session.id = slot->max_session_id++;
512 session.slot = slot;
513 list_create(&session.ecdh_session_keys, sizeof(ecdh_session_key), NULL);
514 *phSession = (slot->id << 16) + session.id;
515 return list_append(&slot->pkcs11_sessions, (void *) &session);
516}
517
518static void get_label_attribute(yh_object_descriptor *object, CK_VOID_PTR value,
519 CK_ULONG_PTR length) {
520
521 *length = strlen(object->label);
522 memcpy(value, object->label, *length);
523 // NOTE(adma): we have seen some weird behvior with different
524 // PKCS#11 tools. We decided not to add '\0' for now. This *seems*
525 // to be a good solution ...
526}
527
528static void get_id_attribute(yh_object_descriptor *object, CK_VOID_PTR value,
529 CK_ULONG_PTR length) {
530 uint16_t *ptr = value;
531 *ptr = ntohs(object->id);
532 *length = sizeof(uint16_t);
533}
534
535static void get_capability_attribute(yh_object_descriptor *object,
536 const char *capability, bool val,
537 CK_VOID_PTR value, CK_ULONG_PTR length,
538 yh_object_type *type) {
539
540 if ((type == NULL &&
541 yh_check_capability(&object->capabilities, capability) == val) ||
542 (type != NULL && *type == object->type &&
543 yh_check_capability(&object->capabilities, capability) == val)) {
544
545 *((CK_BBOOL *) value) = CK_TRUE;
546 } else {
547 *((CK_BBOOL *) value) = CK_FALSE;
548 }
549 *length = sizeof(CK_BBOOL);
550}
551
552static CK_RV get_attribute_opaque(CK_ATTRIBUTE_TYPE type,
553 yh_object_descriptor *object,
554 CK_VOID_PTR value, CK_ULONG_PTR length,
555 yh_session *session) {
556
557 if (object->type != YH_OPAQUE) {
558 return CKR_FUNCTION_FAILED;
559 }
560
561 switch (type) {
562 case CKA_CLASS:
563 if (object->algorithm == YH_ALGO_OPAQUE_X509_CERTIFICATE) {
564 *((CK_OBJECT_CLASS *) value) = CKO_CERTIFICATE;
565 } else {
566 *((CK_OBJECT_CLASS *) value) = CKO_DATA;
567 }
568 *length = sizeof(CK_OBJECT_CLASS);
569 break;
570
571 // NOTE(adma): Storage Objects attributes
572
573 case CKA_TOKEN:
574 case CKA_PRIVATE:
575 case CKA_DESTROYABLE:
576 *((CK_BBOOL *) value) = CK_TRUE;
577 *length = sizeof(CK_BBOOL);
578 break;
579
580 case CKA_MODIFIABLE:
581 case CKA_COPYABLE:
582 *((CK_BBOOL *) value) = CK_FALSE;
583 *length = sizeof(CK_BBOOL);
584 break;
585
586 case CKA_LABEL:
587 get_label_attribute(object, value, length);
588 break;
589
590 case CKA_ID:
591 get_id_attribute(object, value, length);
592 break;
593
594 // NOTE(adma): Data Objects attributes
595
596 case CKA_APPLICATION: {
597 char *str = "Opaque object";
598 strcpy((char *) value, str);
599 *length = strlen(str);
600 } break;
601
602 case CKA_OBJECT_ID:
603 *((CK_BYTE_PTR *) value) = NULL;
604 *length = 0;
605 break;
606
607 case CKA_VALUE:
608 if (yh_util_get_opaque(session, object->id, value, (size_t *) length) !=
609 YHR_SUCCESS) {
610 *length = CK_UNAVAILABLE_INFORMATION;
611 return CKR_ATTRIBUTE_TYPE_INVALID;
612 }
613 break;
614
615 case CKA_CERTIFICATE_TYPE:
616 if (object->algorithm == YH_ALGO_OPAQUE_X509_CERTIFICATE) {
617 *((CK_CERTIFICATE_TYPE *) value) = CKC_X_509;
618 *length = sizeof(CK_CERTIFICATE_TYPE);
619 } else {
620 *length = CK_UNAVAILABLE_INFORMATION;
621 return CKR_ATTRIBUTE_TYPE_INVALID;
622 }
623 break;
624
625 default:
626 *length = CK_UNAVAILABLE_INFORMATION;
627 return CKR_ATTRIBUTE_TYPE_INVALID;
628 }
629
630 return CKR_OK;
631}
632
633static CK_RV get_attribute_secret_key(CK_ATTRIBUTE_TYPE type,
634 yh_object_descriptor *object,
635 CK_VOID_PTR value, CK_ULONG_PTR length) {
636 yh_object_type objtype;
637 switch (type) {
638 case CKA_CLASS:
639 *((CK_OBJECT_CLASS *) value) = CKO_SECRET_KEY;
640 *length = sizeof(CK_OBJECT_CLASS);
641 break;
642
643 // NOTE(adma): Storage Objects attributes
644
645 case CKA_TOKEN:
646 case CKA_PRIVATE:
647 case CKA_DESTROYABLE:
648 *((CK_BBOOL *) value) = CK_TRUE;
649 *length = sizeof(CK_BBOOL);
650 break;
651
652 case CKA_MODIFIABLE:
653 case CKA_COPYABLE:
654 *((CK_BBOOL *) value) = CK_FALSE;
655 *length = sizeof(CK_BBOOL);
656 break;
657
658 case CKA_LABEL:
659 get_label_attribute(object, value, length);
660 break;
661
662 // NOTE(adma): Key Objects attributes
663
664 case CKA_KEY_TYPE:
665 if (object->type == YH_WRAP_KEY) {
666 switch (object->algorithm) {
667 case YH_ALGO_AES128_CCM_WRAP:
668 *((CK_KEY_TYPE *) value) = CKK_YUBICO_AES128_CCM_WRAP;
669 break;
670
671 case YH_ALGO_AES192_CCM_WRAP:
672 *((CK_KEY_TYPE *) value) = CKK_YUBICO_AES192_CCM_WRAP;
673 break;
674
675 case YH_ALGO_AES256_CCM_WRAP:
676 *((CK_KEY_TYPE *) value) = CKK_YUBICO_AES256_CCM_WRAP;
677 break;
678
679 default:
680 return CKR_FUNCTION_FAILED;
681 }
682 } else if (object->type == YH_HMAC_KEY) {
683 switch (object->algorithm) {
684 case YH_ALGO_HMAC_SHA1:
685 *((CK_KEY_TYPE *) value) = CKK_SHA_1_HMAC;
686 break;
687
688 case YH_ALGO_HMAC_SHA256:
689 *((CK_KEY_TYPE *) value) = CKK_SHA256_HMAC;
690 break;
691
692 case YH_ALGO_HMAC_SHA384:
693 *((CK_KEY_TYPE *) value) = CKK_SHA384_HMAC;
694 break;
695
696 case YH_ALGO_HMAC_SHA512:
697 *((CK_KEY_TYPE *) value) = CKK_SHA512_HMAC;
698 break;
699
700 default:
701 return CKR_FUNCTION_FAILED;
702 }
703 } else {
704 return CKR_FUNCTION_FAILED;
705 }
706 *length = sizeof(CK_KEY_TYPE);
707 break;
708
709 case CKA_ID:
710 get_id_attribute(object, value, length);
711 break;
712
713 // case CKA_START_DATE:
714 // case CKA_END_DATE:
715
716 case CKA_DERIVE:
717 *((CK_BBOOL *) value) = CK_FALSE;
718 *length = sizeof(CK_BBOOL);
719 break;
720
721 case CKA_LOCAL:
722 if (object->origin == YH_ORIGIN_GENERATED) {
723 *((CK_BBOOL *) value) = CK_TRUE;
724 } else {
725 *((CK_BBOOL *) value) = CK_FALSE;
726 }
727 *length = sizeof(CK_BBOOL);
728 break;
729
730 // case CKA_KEY_GEN_MECHANISM:
731 // case CKA_ALLOWED_MECHANISMS:
732
733 // NOTE(adma): Secret Key Objects attributes
734
735 case CKA_SENSITIVE:
736 case CKA_ALWAYS_SENSITIVE:
737 *((CK_BBOOL *) value) = CK_TRUE;
738 *length = sizeof(CK_BBOOL);
739 break;
740
741 case CKA_SIGN:
742 objtype = YH_HMAC_KEY;
743 get_capability_attribute(object, "sign-hmac", true, value, length,
744 &objtype);
745 break;
746
747 case CKA_VERIFY:
748 objtype = YH_HMAC_KEY;
749 get_capability_attribute(object, "verify-hmac", true, value, length,
750 &objtype);
751 break;
752
753 case CKA_DECRYPT:
754 objtype = YH_WRAP_KEY;
755 get_capability_attribute(object, "unwrap-data", true, value, length,
756 &objtype);
757 break;
758
759 case CKA_ENCRYPT:
760 objtype = YH_WRAP_KEY;
761 get_capability_attribute(object, "wrap-data", true, value, length,
762 &objtype);
763 break;
764
765 case CKA_TRUSTED:
766 case CKA_WRAP_WITH_TRUSTED:
767 *((CK_BBOOL *) value) = CK_FALSE;
768 *length = sizeof(CK_BBOOL);
769 break;
770
771 case CKA_WRAP:
772 objtype = YH_WRAP_KEY;
773 get_capability_attribute(object, "export-wrapped", true, value, length,
774 &objtype);
775 break;
776
777 case CKA_UNWRAP:
778 objtype = YH_WRAP_KEY;
779 get_capability_attribute(object, "import-wrapped", true, value, length,
780 &objtype);
781 break;
782
783 case CKA_EXTRACTABLE:
784 get_capability_attribute(object, "exportable-under-wrap", true, value,
785 length, NULL);
786 break;
787
788 case CKA_NEVER_EXTRACTABLE:
789 get_capability_attribute(object, "exportable-under-wrap", false, value,
790 length, NULL);
791 break;
792
793 case CKA_WRAP_TEMPLATE:
794 case CKA_UNWRAP_TEMPLATE:
795 *((CK_ATTRIBUTE_PTR *) value) = NULL;
796 *length = 0;
797 break;
798
799 default:
800 *length = CK_UNAVAILABLE_INFORMATION;
801 return CKR_ATTRIBUTE_TYPE_INVALID;
802 }
803
804 return CKR_OK;
805}
806
807static CK_RV get_attribute_private_key(CK_ATTRIBUTE_TYPE type,
808 yh_object_descriptor *object,
809 CK_VOID_PTR value, CK_ULONG_PTR length,
810 yh_session *session) {
811 switch (type) {
812 case CKA_CLASS:
813 *((CK_OBJECT_CLASS *) value) = CKO_PRIVATE_KEY;
814 *length = sizeof(CK_OBJECT_CLASS);
815 break;
816
817 // NOTE(adma): Storage Objects attributes
818
819 case CKA_TOKEN:
820 case CKA_PRIVATE:
821 case CKA_DESTROYABLE:
822 *((CK_BBOOL *) value) = CK_TRUE;
823 *length = sizeof(CK_BBOOL);
824 break;
825
826 case CKA_MODIFIABLE:
827 case CKA_COPYABLE:
828 *((CK_BBOOL *) value) = CK_FALSE;
829 *length = sizeof(CK_BBOOL);
830 break;
831
832 case CKA_LABEL:
833 get_label_attribute(object, value, length);
834 break;
835
836 // NOTE(adma): Key Objects attributes
837
838 case CKA_KEY_TYPE:
839 if (object->type == YH_ASYMMETRIC_KEY) {
840 if (yh_is_rsa(object->algorithm)) {
841 *((CK_KEY_TYPE *) value) = CKK_RSA;
842 } else {
843 *((CK_KEY_TYPE *) value) = CKK_EC;
844 }
845
846 *length = sizeof(CK_KEY_TYPE);
847 } else {
848 return CKR_FUNCTION_FAILED;
849 }
850 break;
851
852 case CKA_ID:
853 get_id_attribute(object, value, length);
854 break;
855
856 // case CKA_START_DATE:
857 // case CKA_END_DATE:
858
859 case CKA_DERIVE:
860 if (object->type == YH_ASYMMETRIC_KEY &&
861 yh_is_rsa(object->algorithm) == false &&
862 yh_check_capability(&object->capabilities, "derive-ecdh") == true) {
863
864 *((CK_BBOOL *) value) = CK_TRUE;
865 } else {
866 *((CK_BBOOL *) value) = CK_FALSE;
867 }
868 *length = sizeof(CK_BBOOL);
869 break;
870
871 case CKA_LOCAL:
872 if (object->origin == YH_ORIGIN_GENERATED) {
873 *((CK_BBOOL *) value) = CK_TRUE;
874 } else {
875 *((CK_BBOOL *) value) = CK_FALSE;
876 }
877 *length = sizeof(CK_BBOOL);
878 break;
879
880 // case CKA_KEY_GEN_MECHANISM:
881 // case CKA_ALLOWED_MECHANISMS:
882
883 // NOTE(adma): Key Objects attributes
884
885 case CKA_SUBJECT:
886 case CKA_PUBLIC_KEY_INFO:
887 *((CK_BYTE_PTR *) value) = NULL;
888 *length = 0;
889 break;
890
891 case CKA_SENSITIVE:
892 case CKA_ALWAYS_SENSITIVE:
893 *((CK_BBOOL *) value) = CK_TRUE;
894 *length = sizeof(CK_BBOOL);
895 break;
896
897 case CKA_DECRYPT:
898 if (object->type == YH_ASYMMETRIC_KEY && yh_is_rsa(object->algorithm)) {
899 get_capability_attribute(object, "decrypt-pkcs,decrypt-oaep", true,
900 value, length, NULL);
901 } else {
902 *((CK_BBOOL *) value) = CK_FALSE;
903 *length = sizeof(CK_BBOOL);
904 }
905 break;
906
907 case CKA_SIGN:
908 if (object->type == YH_ASYMMETRIC_KEY &&
909 yh_is_rsa(object->algorithm) == true) {
910 get_capability_attribute(object, "sign-pkcs,sign-pss", true, value,
911 length, NULL);
912 } else if (object->type == YH_ASYMMETRIC_KEY &&
913 yh_is_ec(object->algorithm) == true) {
914 get_capability_attribute(object, "sign-ecdsa", true, value, length,
915 NULL);
916 } else {
917 *((CK_BBOOL *) value) = CK_FALSE;
918 *length = sizeof(CK_BBOOL);
919 }
920 break;
921
922 case CKA_SIGN_RECOVER:
923 case CKA_UNWRAP:
924 case CKA_WRAP_WITH_TRUSTED:
925 case CKA_ALWAYS_AUTHENTICATE:
926 *((CK_BBOOL *) value) = CK_FALSE;
927 *length = sizeof(CK_BBOOL);
928 break;
929
930 case CKA_EXTRACTABLE:
931 get_capability_attribute(object, "exportable-under-wrap", true, value,
932 length, NULL);
933 break;
934
935 case CKA_NEVER_EXTRACTABLE:
936 get_capability_attribute(object, "exportable-under-wrap", false, value,
937 length, NULL);
938 break;
939
940 case CKA_UNWRAP_TEMPLATE:
941 *((CK_ATTRIBUTE_PTR *) value) = NULL;
942 *length = 0;
943 break;
944
945 case CKA_EC_PARAMS: {
946 const uint8_t *oid;
947 switch (object->algorithm) {
948 case YH_ALGO_EC_P224:
949 oid = oid_secp224r1;
950 *length = sizeof(oid_secp224r1);
951 break;
952 case YH_ALGO_EC_P256:
953 oid = oid_secp256r1;
954 *length = sizeof(oid_secp256r1);
955 break;
956 case YH_ALGO_EC_P384:
957 oid = oid_secp384r1;
958 *length = sizeof(oid_secp384r1);
959 break;
960 case YH_ALGO_EC_P521:
961 oid = oid_secp521r1;
962 *length = sizeof(oid_secp521r1);
963 break;
964 case YH_ALGO_EC_K256:
965 oid = oid_secp256k1;
966 *length = sizeof(oid_secp256k1);
967 break;
968 case YH_ALGO_EC_BP256:
969 oid = oid_brainpool256r1;
970 *length = sizeof(oid_brainpool256r1);
971 break;
972 case YH_ALGO_EC_BP384:
973 oid = oid_brainpool384r1;
974 *length = sizeof(oid_brainpool384r1);
975 break;
976 case YH_ALGO_EC_BP512:
977 oid = oid_brainpool512r1;
978 *length = sizeof(oid_brainpool512r1);
979 break;
980 default:
981 return CKR_ATTRIBUTE_TYPE_INVALID;
982 }
983 memcpy(value, oid, *length);
984 } break;
985
986 case CKA_MODULUS: {
987 switch (object->algorithm) {
988 case YH_ALGO_RSA_2048:
989 case YH_ALGO_RSA_3072:
990 case YH_ALGO_RSA_4096: {
991 uint8_t resp[2048];
992 size_t resp_len = sizeof(resp);
993
994 if (yh_util_get_public_key(session, object->id, resp, &resp_len,
995 NULL) != YHR_SUCCESS) {
996 *length = CK_UNAVAILABLE_INFORMATION;
997 return CKR_ATTRIBUTE_TYPE_INVALID;
998 }
999
1000 *length = resp_len;
1001 memcpy(value, resp, *length);
1002
1003 } break;
1004
1005 default:
1006 *length = CK_UNAVAILABLE_INFORMATION;
1007 return CKR_ATTRIBUTE_TYPE_INVALID;
1008 }
1009 break;
1010 }
1011
1012 case CKA_PUBLIC_EXPONENT:
1013 switch (object->algorithm) {
1014 case YH_ALGO_RSA_2048:
1015 case YH_ALGO_RSA_3072:
1016 case YH_ALGO_RSA_4096: {
1017 uint8_t *p = (uint8_t *) value;
1018 p[0] = 0x01;
1019 p[1] = 0x00;
1020 p[2] = 0x01;
1021 *length = 3;
1022 break;
1023 }
1024 default:
1025 *length = CK_UNAVAILABLE_INFORMATION;
1026 return CKR_ATTRIBUTE_TYPE_INVALID;
1027 }
1028 break;
1029
1030 case CKA_VALUE: // CKK_EC has the private values in CKA_VALUE
1031 case CKA_PRIVATE_EXPONENT: // CKK_RSA has the private exponent in
1032 // CKA_PRIVATE_EXPONENT
1033 *length = CK_UNAVAILABLE_INFORMATION;
1034 return CKR_ATTRIBUTE_SENSITIVE;
1035
1036 default:
1037 *length = CK_UNAVAILABLE_INFORMATION;
1038 return CKR_ATTRIBUTE_TYPE_INVALID;
1039 }
1040
1041 return CKR_OK;
1042}
1043
1044static bool load_public_key(yh_session *session, uint16_t id, EVP_PKEY *key) {
1045
1046 uint8_t data[1024];
1047 size_t data_len = sizeof(data) - 1;
1048
1049 RSA *rsa = NULL;
1050 BIGNUM *e = NULL;
1051 BIGNUM *n = NULL;
1052 EC_KEY *ec_key = NULL;
1053 EC_GROUP *ec_group = NULL;
1054 EC_POINT *ec_point = NULL;
1055 yh_algorithm algo;
1056
1057 yh_rc yrc = yh_util_get_public_key(session, id, data + 1, &data_len, &algo);
1058 if (yrc != YHR_SUCCESS) {
1059 return false;
1060 }
1061
1062 if (yh_is_rsa(algo)) {
1063 rsa = RSA_new();
1064 e = BN_new();
1065 if (rsa == NULL || e == NULL) {
1066 goto l_p_k_failure;
1067 }
1068
1069 if (BN_hex2bn(&e, "10001") == 0) {
1070 goto l_p_k_failure;
1071 }
1072
1073 n = BN_bin2bn(data + 1, data_len, NULL);
1074 if (n == NULL) {
1075 goto l_p_k_failure;
1076 }
1077
1078 if (RSA_set0_key(rsa, n, e, NULL) == 0) {
1079 goto l_p_k_failure;
1080 }
1081
1082 if (EVP_PKEY_assign_RSA(key, rsa) == 0) {
1083 goto l_p_k_failure;
1084 }
1085 } else {
1086 ec_key = EC_KEY_new();
1087 if (ec_key == NULL) {
1088 goto l_p_k_failure;
1089 }
1090
1091 ec_group = EC_GROUP_new_by_curve_name(algo2nid(algo));
1092 if (ec_group == NULL) {
1093 goto l_p_k_failure;
1094 }
1095
1096 // NOTE: this call is important since it makes it a named curve instead of
1097 // encoded parameters
1098 EC_GROUP_set_asn1_flag(ec_group, algo2nid(algo));
1099
1100 if (EC_KEY_set_group(ec_key, ec_group) == 0) {
1101 goto l_p_k_failure;
1102 }
1103
1104 ec_point = EC_POINT_new(ec_group);
1105 if (ec_point == NULL) {
1106 goto l_p_k_failure;
1107 }
1108
1109 data[0] = 0x04;
1110 data_len++;
1111 if (EC_POINT_oct2point(ec_group, ec_point, data, data_len, NULL) == 0) {
1112 goto l_p_k_failure;
1113 }
1114
1115 if (EC_KEY_set_public_key(ec_key, ec_point) == 0) {
1116 goto l_p_k_failure;
1117 }
1118
1119 if (EVP_PKEY_assign_EC_KEY(key, ec_key) == 0) {
1120 goto l_p_k_failure;
1121 }
1122
1123 EC_POINT_free(ec_point);
1124 EC_GROUP_free(ec_group);
1125 }
1126
1127 return true;
1128
1129l_p_k_failure:
1130 if (ec_point != NULL) {
1131 EC_POINT_free(ec_point);
1132 }
1133
1134 if (ec_group != NULL) {
1135 EC_GROUP_free(ec_group);
1136 }
1137
1138 if (ec_key != NULL) {
1139 EC_KEY_free(ec_key);
1140 }
1141
1142 if (rsa != NULL) {
1143 RSA_free(rsa);
1144 }
1145
1146 if (key != NULL) {
1147 EVP_PKEY_free(key);
1148 }
1149
1150 return false;
1151}
1152
1153static CK_RV get_attribute_public_key(CK_ATTRIBUTE_TYPE type,
1154 yh_object_descriptor *object,
1155 CK_VOID_PTR value, CK_ULONG_PTR length,
1156 yh_session *session) {
1157 switch (type) {
1158 case CKA_CLASS:
1159 *((CK_OBJECT_CLASS *) value) = CKO_PUBLIC_KEY;
1160 *length = sizeof(CK_OBJECT_CLASS);
1161 break;
1162
1163 // NOTE(adma): Storage Objects attributes
1164
1165 case CKA_TOKEN:
1166 case CKA_DESTROYABLE:
1167 case CKA_EXTRACTABLE:
1168 *((CK_BBOOL *) value) = CK_TRUE;
1169 *length = sizeof(CK_BBOOL);
1170 break;
1171
1172 case CKA_PRIVATE:
1173 case CKA_MODIFIABLE:
1174 case CKA_COPYABLE:
1175 case CKA_DERIVE:
1176 case CKA_SENSITIVE:
1177 case CKA_ALWAYS_SENSITIVE:
1178 case CKA_SIGN:
1179 case CKA_SIGN_RECOVER:
1180 case CKA_UNWRAP:
1181 case CKA_WRAP:
1182 case CKA_WRAP_WITH_TRUSTED:
1183 case CKA_ALWAYS_AUTHENTICATE:
1184 case CKA_NEVER_EXTRACTABLE:
1185 *((CK_BBOOL *) value) = CK_FALSE;
1186 *length = sizeof(CK_BBOOL);
1187 break;
1188
1189 case CKA_ENCRYPT:
1190 if (object->type == (0x80 | YH_ASYMMETRIC_KEY) &&
1191 yh_is_rsa(object->algorithm)) {
1192 get_capability_attribute(object, "decrypt-pkcs,decrypt-oaep", true,
1193 value, length, NULL);
1194 } else {
1195 *((CK_BBOOL *) value) = CK_FALSE;
1196 *length = sizeof(CK_BBOOL);
1197 }
1198 break;
1199
1200 case CKA_VERIFY:
1201 if (object->type == (0x80 | YH_ASYMMETRIC_KEY) &&
1202 yh_is_rsa(object->algorithm) == true) {
1203 get_capability_attribute(object, "sign-pkcs,sign-pss", true, value,
1204 length, NULL);
1205 } else if (object->type == (0x80 | YH_ASYMMETRIC_KEY) &&
1206 yh_is_ec(object->algorithm) == true) {
1207 get_capability_attribute(object, "sign-ecdsa", true, value, length,
1208 NULL);
1209 } else {
1210 *((CK_BBOOL *) value) = CK_FALSE;
1211 *length = sizeof(CK_BBOOL);
1212 }
1213 break;
1214
1215 case CKA_LABEL:
1216 get_label_attribute(object, value, length);
1217 break;
1218
1219 // NOTE(adma): Key Objects attributes
1220
1221 case CKA_KEY_TYPE:
1222 if (object->type == (0x80 | YH_ASYMMETRIC_KEY)) {
1223 switch (object->algorithm) {
1224 case YH_ALGO_RSA_2048:
1225 case YH_ALGO_RSA_3072:
1226 case YH_ALGO_RSA_4096:
1227 *((CK_KEY_TYPE *) value) = CKK_RSA;
1228 break;
1229
1230 case YH_ALGO_EC_P224:
1231 case YH_ALGO_EC_K256:
1232 case YH_ALGO_EC_P256:
1233 case YH_ALGO_EC_P384:
1234 case YH_ALGO_EC_P521:
1235 case YH_ALGO_EC_BP256:
1236 case YH_ALGO_EC_BP384:
1237 case YH_ALGO_EC_BP512:
1238 *((CK_KEY_TYPE *) value) = CKK_EC;
1239 break;
1240
1241 default:
1242 *((CK_KEY_TYPE *) value) = CKK_VENDOR_DEFINED; // TODO: argh
1243 }
1244
1245 *length = sizeof(CK_KEY_TYPE);
1246 } else if (object->type == YH_HMAC_KEY) {
1247 switch (object->algorithm) {
1248 case YH_ALGO_HMAC_SHA1:
1249 *((CK_KEY_TYPE *) value) = CKK_SHA_1_HMAC;
1250 break;
1251
1252 case YH_ALGO_HMAC_SHA256:
1253 *((CK_KEY_TYPE *) value) = CKK_SHA256_HMAC;
1254 break;
1255
1256 case YH_ALGO_HMAC_SHA384:
1257 *((CK_KEY_TYPE *) value) = CKK_SHA384_HMAC;
1258 break;
1259
1260 case YH_ALGO_HMAC_SHA512:
1261 *((CK_KEY_TYPE *) value) = CKK_SHA512_HMAC;
1262 break;
1263
1264 default:
1265 *((CK_KEY_TYPE *) value) = CKK_VENDOR_DEFINED; // TODO: argh
1266 }
1267 *length = sizeof(CK_KEY_TYPE);
1268 } else {
1269 return CKR_FUNCTION_FAILED;
1270 }
1271 break;
1272
1273 case CKA_ID:
1274 get_id_attribute(object, value, length);
1275 break;
1276
1277 // case CKA_START_DATE:
1278 // case CKA_END_DATE:
1279
1280 case CKA_LOCAL:
1281 if (object->origin == YH_ORIGIN_GENERATED) {
1282 *((CK_BBOOL *) value) = CK_TRUE;
1283 } else {
1284 *((CK_BBOOL *) value) = CK_FALSE;
1285 }
1286 *length = sizeof(CK_BBOOL);
1287 break;
1288
1289 // case CKA_KEY_GEN_MECHANISM:
1290 // case CKA_ALLOWED_MECHANISMS:
1291
1292 // NOTE(adma): Key Objects attributes
1293
1294 case CKA_SUBJECT:
1295 case CKA_PUBLIC_KEY_INFO:
1296 case CKA_UNWRAP_TEMPLATE:
1297 *((CK_BYTE_PTR *) value) = NULL;
1298 *length = 0;
1299 break;
1300
1301 case CKA_MODULUS_BITS:
1302 switch (object->algorithm) {
1303 case YH_ALGO_RSA_2048:
1304 *((CK_ULONG *) value) = 2048;
1305 break;
1306
1307 case YH_ALGO_RSA_3072:
1308 *((CK_ULONG *) value) = 3072;
1309 break;
1310
1311 case YH_ALGO_RSA_4096:
1312 *((CK_ULONG *) value) = 4096;
1313 break;
1314
1315 default:
1316 *((CK_ULONG *) value) = 0;
1317 }
1318 *length = sizeof(CK_ULONG);
1319 break;
1320
1321 case CKA_EC_PARAMS: {
1322 const uint8_t *oid;
1323 switch (object->algorithm) {
1324 case YH_ALGO_EC_P224:
1325 oid = oid_secp224r1;
1326 *length = sizeof(oid_secp224r1);
1327 break;
1328 case YH_ALGO_EC_P256:
1329 oid = oid_secp256r1;
1330 *length = sizeof(oid_secp256r1);
1331 break;
1332 case YH_ALGO_EC_P384:
1333 oid = oid_secp384r1;
1334 *length = sizeof(oid_secp384r1);
1335 break;
1336 case YH_ALGO_EC_P521:
1337 oid = oid_secp521r1;
1338 *length = sizeof(oid_secp521r1);
1339 break;
1340 case YH_ALGO_EC_K256:
1341 oid = oid_secp256k1;
1342 *length = sizeof(oid_secp256k1);
1343 break;
1344 case YH_ALGO_EC_BP256:
1345 oid = oid_brainpool256r1;
1346 *length = sizeof(oid_brainpool256r1);
1347 break;
1348 case YH_ALGO_EC_BP384:
1349 oid = oid_brainpool384r1;
1350 *length = sizeof(oid_brainpool384r1);
1351 break;
1352 case YH_ALGO_EC_BP512:
1353 oid = oid_brainpool512r1;
1354 *length = sizeof(oid_brainpool512r1);
1355 break;
1356 default:
1357 return CKR_ATTRIBUTE_TYPE_INVALID;
1358 }
1359 memcpy(value, oid, *length);
1360 break;
1361 }
1362
1363 case CKA_EC_POINT: {
1364 uint8_t resp[2048];
1365 size_t resplen = sizeof(resp);
1366
1367 if (yh_util_get_public_key(session, object->id, resp, &resplen, NULL) ==
1368 YHR_SUCCESS) {
1369 uint8_t *p = value;
1370 *p++ = 0x04;
1371 if (resplen + 1 >= 0x80) {
1372 *p++ = 0x81;
1373 }
1374 *p++ = resplen + 1;
1375 *p++ = 0x04;
1376 memcpy(p, resp, resplen);
1377 p += resplen;
1378 *length = p - (uint8_t *) value;
1379 } else {
1380 *length = CK_UNAVAILABLE_INFORMATION;
1381 return CKR_ATTRIBUTE_TYPE_INVALID;
1382 }
1383 break;
1384 }
1385
1386 case CKA_MODULUS: {
1387 switch (object->algorithm) {
1388 case YH_ALGO_RSA_2048:
1389 case YH_ALGO_RSA_3072:
1390 case YH_ALGO_RSA_4096: {
1391 uint8_t resp[2048];
1392 size_t resp_len = sizeof(resp);
1393
1394 if (yh_util_get_public_key(session, object->id, resp, &resp_len,
1395 NULL) != YHR_SUCCESS) {
1396 *length = CK_UNAVAILABLE_INFORMATION;
1397 return CKR_ATTRIBUTE_TYPE_INVALID;
1398 }
1399
1400 *length = resp_len;
1401 memcpy(value, resp, *length);
1402
1403 } break;
1404
1405 default:
1406 *length = CK_UNAVAILABLE_INFORMATION;
1407 return CKR_ATTRIBUTE_TYPE_INVALID;
1408 }
1409 break;
1410 }
1411
1412 case CKA_PUBLIC_EXPONENT:
1413 switch (object->algorithm) {
1414 case YH_ALGO_RSA_2048:
1415 case YH_ALGO_RSA_3072:
1416 case YH_ALGO_RSA_4096: {
1417 uint8_t *p = (uint8_t *) value;
1418 p[0] = 0x01;
1419 p[1] = 0x00;
1420 p[2] = 0x01;
1421 *length = 3;
1422 break;
1423 }
1424 default:
1425 *length = CK_UNAVAILABLE_INFORMATION;
1426 return CKR_ATTRIBUTE_TYPE_INVALID;
1427 }
1428 break;
1429
1430 case CKA_VALUE: {
1431 EVP_PKEY *pkey = EVP_PKEY_new();
1432 if (pkey == NULL) {
1433 *length = CK_UNAVAILABLE_INFORMATION;
1434 return CKR_FUNCTION_FAILED;
1435 }
1436
1437 if (load_public_key(session, object->id, pkey) == false) {
1438 EVP_PKEY_free(pkey);
1439 *length = CK_UNAVAILABLE_INFORMATION;
1440 return CKR_ATTRIBUTE_TYPE_INVALID;
1441 }
1442
1443 *length = i2d_PUBKEY(pkey, (unsigned char **) &value);
1444 EVP_PKEY_free(pkey);
1445 } break;
1446
1447 default:
1448 *length = CK_UNAVAILABLE_INFORMATION;
1449 return CKR_ATTRIBUTE_TYPE_INVALID;
1450 }
1451
1452 return CKR_OK;
1453}
1454
1455CK_RV get_attribute(CK_ATTRIBUTE_TYPE type, yh_object_descriptor *object,
1456 CK_VOID_PTR value, CK_ULONG_PTR length,
1457 yh_session *session) {
1458
1459 CK_BYTE tmp[2048];
1460 CK_VOID_PTR ptr;
1461 if (value == NULL) {
1462 // NOTE(adma): we just need the length, use a scratchpad for the data
1463 ptr = tmp;
1464 *length = sizeof(tmp);
1465 } else {
1466 // NOTE(adma): otherwise actually save the data
1467 ptr = value;
1468 }
1469
1470 switch (object->type) {
1471 case YH_OPAQUE:
1472 return get_attribute_opaque(type, object, ptr, length, session);
1473
1474 case YH_WRAP_KEY:
1475 case YH_HMAC_KEY:
1476 return get_attribute_secret_key(type, object, ptr, length);
1477
1478 case YH_ASYMMETRIC_KEY:
1479 return get_attribute_private_key(type, object, ptr, length, session);
1480 case 0x80 | YH_ASYMMETRIC_KEY:
1481 return get_attribute_public_key(type, object, ptr, length, session);
1482
1483 case YH_TEMPLATE:
1484 case YH_AUTHENTICATION_KEY:
1485 case YH_OTP_AEAD_KEY:
1486 // TODO: do something good here.
1487 break;
1488 } // TODO(adma): try to check common attributes in some convenience function
1489
1490 return CKR_OK;
1491}
1492
1493CK_RV get_attribute_ecsession_key(CK_ATTRIBUTE_TYPE type, ecdh_session_key *key,
1494 CK_VOID_PTR value, CK_ULONG_PTR length) {
1495
1496 CK_BYTE tmp[2048];
1497 CK_VOID_PTR ptr;
1498 if (value == NULL) {
1499 ptr = tmp;
1500 *length = sizeof(tmp);
1501 } else {
1502 ptr = value;
1503 }
1504
1505 switch (type) {
1506 case CKA_CLASS:
1507 *((CK_OBJECT_CLASS *) ptr) = CKO_SECRET_KEY;
1508 *length = sizeof(CK_OBJECT_CLASS);
1509 break;
1510
1511 case CKA_KEY_TYPE:
1512 *((CK_KEY_TYPE *) ptr) = CKK_GENERIC_SECRET;
1513 *length = sizeof(CK_KEY_TYPE);
1514 break;
1515
1516 case CKA_ID: {
1517 CK_OBJECT_HANDLE *id = ptr;
1518 *id = key->id;
1519 *length = sizeof(CK_OBJECT_HANDLE);
1520 break;
1521 }
1522
1523 case CKA_LABEL:
1524 *length = strlen(key->label);
1525 memcpy(ptr, key->label, *length);
1526 break;
1527
1528 case CKA_LOCAL:
1529 case CKA_TOKEN:
1530 *((CK_BBOOL *) ptr) = CK_FALSE;
1531 *length = sizeof(CK_BBOOL);
1532 break;
1533
1534 case CKA_DESTROYABLE:
1535 case CKA_EXTRACTABLE:
1536 *((CK_BBOOL *) ptr) = CK_TRUE;
1537 *length = sizeof(CK_BBOOL);
1538 break;
1539
1540 case CKA_DERIVE:
1541 case CKA_NEVER_EXTRACTABLE:
1542 case CKA_SENSITIVE:
1543 case CKA_ALWAYS_SENSITIVE:
1544 case CKA_MODIFIABLE:
1545 case CKA_COPYABLE:
1546 case CKA_SIGN:
1547 case CKA_SIGN_RECOVER:
1548 case CKA_ALWAYS_AUTHENTICATE:
1549 case CKA_UNWRAP:
1550 case CKA_WRAP:
1551 case CKA_WRAP_WITH_TRUSTED:
1552 case CKA_VERIFY:
1553 case CKA_ENCRYPT:
1554 *((CK_BBOOL *) ptr) = CK_FALSE;
1555 *length = sizeof(CK_BBOOL);
1556 break;
1557
1558 case CKA_VALUE:
1559 memcpy(ptr, key->ecdh_key, key->len);
1560 *length = key->len;
1561 break;
1562
1563 default:
1564 *length = CK_UNAVAILABLE_INFORMATION;
1565 return CKR_ATTRIBUTE_TYPE_INVALID;
1566 }
1567
1568 return CKR_OK;
1569}
1570
1571void delete_object_from_cache(yubihsm_pkcs11_object_desc *objects,
1572 CK_OBJECT_HANDLE objHandle) {
1573 uint16_t id = objHandle & 0xffff;
1574 uint8_t type = objHandle >> 16;
1575 uint8_t sequence = objHandle >> 24;
1576
1577 for (uint16_t i = 0; i < YH_MAX_ITEMS_COUNT; i++) {
1578 if (objects[i].object.id == id &&
1579 (objects[i].object.type & 0x7f) == (type & 0x7f) &&
1580 objects[i].object.sequence == sequence) {
1581 memset(&objects[i], 0, sizeof(yubihsm_pkcs11_object_desc));
1582 return;
1583 }
1584 }
1585}
1586
1587yubihsm_pkcs11_object_desc *get_object_desc(yh_session *session,
1588 yubihsm_pkcs11_object_desc *objects,
1589 CK_OBJECT_HANDLE objHandle) {
1590
1591 yubihsm_pkcs11_object_desc *object = NULL;
1592 uint16_t id = objHandle & 0xffff;
1593 uint8_t type = objHandle >> 16;
1594 uint8_t sequence = objHandle >> 24;
1595
1596 for (uint16_t i = 0; i < YH_MAX_ITEMS_COUNT; i++) {
1597 if (objects[i].object.id == id &&
1598 (objects[i].object.type & 0x7f) == (type & 0x7f) &&
1599 objects[i].object.sequence == sequence) {
1600 object = &objects[i];
1601 break;
1602 }
1603 }
1604
1605 if (!object) {
1606 uint16_t low;
1607 struct timeval *low_time = NULL;
1608
1609 for (uint16_t i = 0; i < YH_MAX_ITEMS_COUNT; i++) {
1610 if (objects[i].tv.tv_sec == 0) {
1611 low = i;
1612 low_time = &objects[i].tv;
1613 break;
1614 } else {
1615 if (!low_time || objects[i].tv.tv_sec < low_time->tv_sec ||
1616 (objects[i].tv.tv_sec == low_time->tv_sec &&
1617 objects[i].tv.tv_usec < low_time->tv_usec)) {
1618
1619 low_time = &objects[i].tv;
1620 low = i;
1621 }
1622 }
1623 }
1624 object = &objects[low];
1625 memset(object, 0, sizeof(yubihsm_pkcs11_object_desc));
1626 }
1627
1628 if (!object->filled) {
1629 uint16_t real_type =
1630 type & ~0x80; // NOTE(adma): public key are not real objects
1631 yh_rc rc = yh_util_get_object_info(session, id, real_type, &object->object);
1632 if (rc != YHR_SUCCESS) {
1633 return NULL;
1634 }
1635
1636 object->filled = true;
1637 }
1638
1639 object->object.type = type;
1640
1641 gettimeofday(&object->tv, NULL);
1642
1643 return object;
1644}
1645
1646bool check_sign_mechanism(yubihsm_pkcs11_slot *slot,
1647 CK_MECHANISM_PTR pMechanism) {
1648
1649 CK_MECHANISM_TYPE mechanisms[128];
1650 CK_ULONG count = 128;
1651
1652 if (is_RSA_sign_mechanism(pMechanism->mechanism) == false &&
1653 is_ECDSA_sign_mechanism(pMechanism->mechanism) == false &&
1654 is_HMAC_sign_mechanism(pMechanism->mechanism) == false) {
1655
1656 return false;
1657 }
1658
1659 if (get_mechanism_list(slot, mechanisms, &count) != CKR_OK) {
1660 return false;
1661 }
1662
1663 for (CK_ULONG i = 0; i < count; i++) {
1664 if (pMechanism->mechanism == mechanisms[i]) {
1665 return true;
1666 }
1667 }
1668
1669 return false;
1670}
1671
1677
1678bool check_decrypt_mechanism(yubihsm_pkcs11_slot *slot,
1679 CK_MECHANISM_PTR pMechanism) {
1680
1681 CK_MECHANISM_TYPE mechanisms[128];
1682 CK_ULONG count = 128;
1683
1684 if (is_RSA_decrypt_mechanism(pMechanism->mechanism) == false &&
1685 pMechanism->mechanism != CKM_YUBICO_AES_CCM_WRAP) {
1686 return false;
1687 }
1688
1689 if (get_mechanism_list(slot, mechanisms, &count) != CKR_OK) {
1690 return false;
1691 }
1692
1693 for (CK_ULONG i = 0; i < count; i++) {
1694 if (pMechanism->mechanism == mechanisms[i]) {
1695 return true;
1696 }
1697 }
1698
1699 return false;
1700}
1701
1702bool check_encrypt_mechanism(yubihsm_pkcs11_slot *slot,
1703 CK_MECHANISM_PTR pMechanism) {
1704
1705 CK_MECHANISM_TYPE mechanisms[128];
1706 CK_ULONG count = 128;
1707
1708 if (pMechanism->mechanism != CKM_YUBICO_AES_CCM_WRAP) {
1709 return false;
1710 }
1711
1712 if (get_mechanism_list(slot, mechanisms, &count) != CKR_OK) {
1713 return false;
1714 }
1715
1716 for (CK_ULONG i = 0; i < count; i++) {
1717 if (pMechanism->mechanism == mechanisms[i]) {
1718 return true;
1719 }
1720 }
1721
1722 return false;
1723}
1724
1725bool check_digest_mechanism(CK_MECHANISM_PTR pMechanism) {
1726
1727 switch (pMechanism->mechanism) {
1728 case CKM_SHA_1:
1729 case CKM_SHA256:
1730 case CKM_SHA384:
1731 case CKM_SHA512:
1732 break;
1733 default:
1734 return false;
1735 }
1736
1737 return true;
1738}
1739
1740bool check_wrap_mechanism(yubihsm_pkcs11_slot *slot,
1741 CK_MECHANISM_PTR pMechanism) {
1742
1743 CK_MECHANISM_TYPE mechanisms[128];
1744 CK_ULONG count = 128;
1745
1746 if (pMechanism->mechanism != CKM_YUBICO_AES_CCM_WRAP) {
1747 return false;
1748 }
1749
1750 if (get_mechanism_list(slot, mechanisms, &count) != CKR_OK) {
1751 return false;
1752 }
1753
1754 for (CK_ULONG i = 0; i < count; i++) {
1755 if (pMechanism->mechanism == mechanisms[i]) {
1756 return true;
1757 }
1758 }
1759
1760 return false;
1761}
1762
1763CK_RV apply_sign_mechanism_init(yubihsm_pkcs11_op_info *op_info) {
1764
1765 const EVP_MD *md = NULL;
1766
1767 op_info->buffer_length = 0;
1768
1769 switch (op_info->mechanism.mechanism) {
1770 case CKM_RSA_PKCS:
1771 case CKM_RSA_PKCS_PSS:
1772 case CKM_ECDSA:
1773 case CKM_SHA_1_HMAC:
1774 case CKM_SHA256_HMAC:
1775 case CKM_SHA384_HMAC:
1776 case CKM_SHA512_HMAC:
1777 // NOTE(adma): no hash required for these mechanisms
1778 op_info->op.sign.md_ctx = NULL;
1779 return CKR_OK;
1780
1781 case CKM_SHA1_RSA_PKCS:
1782 case CKM_SHA1_RSA_PKCS_PSS:
1783 case CKM_ECDSA_SHA1:
1784 md = EVP_sha1();
1785 break;
1786
1787 case CKM_SHA256_RSA_PKCS:
1788 case CKM_SHA256_RSA_PKCS_PSS:
1789 case CKM_ECDSA_SHA256:
1790 md = EVP_sha256();
1791 break;
1792
1793 case CKM_SHA384_RSA_PKCS:
1794 case CKM_SHA384_RSA_PKCS_PSS:
1795 case CKM_ECDSA_SHA384:
1796 md = EVP_sha384();
1797 break;
1798
1799 case CKM_SHA512_RSA_PKCS:
1800 case CKM_SHA512_RSA_PKCS_PSS:
1801 case CKM_ECDSA_SHA512:
1802 md = EVP_sha512();
1803 break;
1804
1805 default:
1806 DBG_ERR("Mechanism %lu not supported", op_info->mechanism.mechanism);
1807 return CKR_MECHANISM_INVALID;
1808 }
1809
1810 op_info->op.sign.md_ctx = EVP_MD_CTX_create();
1811
1812 if (EVP_DigestInit_ex(op_info->op.sign.md_ctx, md, NULL) == 0) {
1813 EVP_MD_CTX_destroy(op_info->op.sign.md_ctx);
1814 op_info->op.sign.md_ctx = NULL;
1815 return CKR_FUNCTION_FAILED;
1816 }
1817
1818 return CKR_OK;
1819}
1820
1821CK_RV apply_verify_mechanism_init(yubihsm_pkcs11_op_info *op_info) {
1822
1823 const EVP_MD *md = NULL;
1824
1825 op_info->buffer_length = 0;
1826 op_info->op.verify.padding = 0;
1827 op_info->op.verify.saltLen = 0;
1828 op_info->op.verify.mgf1md = NULL;
1829 op_info->op.verify.md = NULL;
1830 op_info->op.verify.md_ctx = NULL;
1831
1832 switch (op_info->mechanism.mechanism) {
1833 case CKM_RSA_PKCS:
1834 case CKM_RSA_PKCS_PSS:
1835 case CKM_ECDSA:
1836 case CKM_SHA_1_HMAC:
1837 case CKM_SHA256_HMAC:
1838 case CKM_SHA384_HMAC:
1839 case CKM_SHA512_HMAC:
1840 // NOTE(adma): no hash required for these mechanisms
1841 return CKR_OK;
1842
1843 case CKM_SHA1_RSA_PKCS:
1844 case CKM_SHA1_RSA_PKCS_PSS:
1845 case CKM_ECDSA_SHA1:
1846 md = EVP_sha1();
1847 break;
1848
1849 case CKM_SHA256_RSA_PKCS:
1850 case CKM_SHA256_RSA_PKCS_PSS:
1851 case CKM_ECDSA_SHA256:
1852 md = EVP_sha256();
1853 break;
1854
1855 case CKM_SHA384_RSA_PKCS:
1856 case CKM_SHA384_RSA_PKCS_PSS:
1857 case CKM_ECDSA_SHA384:
1858 md = EVP_sha384();
1859 break;
1860
1861 case CKM_SHA512_RSA_PKCS:
1862 case CKM_SHA512_RSA_PKCS_PSS:
1863 case CKM_ECDSA_SHA512:
1864 md = EVP_sha512();
1865 break;
1866
1867 default:
1868 DBG_ERR("Mechanism %lu not supported", op_info->mechanism.mechanism);
1869 return CKR_MECHANISM_INVALID;
1870 }
1871
1872 op_info->op.verify.md = md;
1873 op_info->op.verify.md_ctx = EVP_MD_CTX_create();
1874 if (op_info->op.verify.md_ctx == NULL) {
1875 return CKR_FUNCTION_FAILED;
1876 }
1877 if (EVP_DigestInit(op_info->op.verify.md_ctx, md) == 0) {
1878 return CKR_FUNCTION_FAILED;
1879 }
1880
1881 return CKR_OK;
1882}
1883
1884CK_RV apply_decrypt_mechanism_init(yubihsm_pkcs11_op_info *op_info) {
1885
1886 op_info->buffer_length = 0;
1887 op_info->op.decrypt.finalized = false;
1888
1889 switch (op_info->mechanism.mechanism) {
1890 case CKM_RSA_PKCS:
1891 case CKM_RSA_PKCS_OAEP:
1892 case CKM_YUBICO_AES_CCM_WRAP:
1893 return CKR_OK;
1894 default:
1895 DBG_ERR("Mechanism %lu not supported", op_info->mechanism.mechanism);
1896 return CKR_MECHANISM_INVALID;
1897 }
1898
1899 return CKR_OK;
1900}
1901
1902CK_RV apply_digest_mechanism_init(yubihsm_pkcs11_op_info *op_info) {
1903
1904 const EVP_MD *md = NULL;
1905
1906 op_info->buffer_length = 0;
1907
1908 switch (op_info->mechanism.mechanism) {
1909 case CKM_SHA_1:
1910 md = EVP_sha1();
1911 break;
1912
1913 case CKM_SHA256:
1914 md = EVP_sha256();
1915 break;
1916
1917 case CKM_SHA384:
1918 md = EVP_sha384();
1919 break;
1920
1921 case CKM_SHA512:
1922 md = EVP_sha512();
1923 break;
1924
1925 default:
1926 DBG_ERR("Mechanism %lu not supported", op_info->mechanism.mechanism);
1927 return CKR_MECHANISM_INVALID;
1928 }
1929
1930 op_info->op.digest.md_ctx = EVP_MD_CTX_create();
1931
1932 op_info->op.digest.is_multipart = false;
1933
1934 if (EVP_DigestInit_ex(op_info->op.digest.md_ctx, md, NULL) == 0) {
1935 EVP_MD_CTX_destroy(op_info->op.digest.md_ctx);
1936 op_info->op.digest.md_ctx = NULL;
1937 return CKR_FUNCTION_FAILED;
1938 }
1939
1940 return CKR_OK;
1941}
1942
1943CK_RV apply_sign_mechanism_update(yubihsm_pkcs11_op_info *op_info,
1944 CK_BYTE_PTR in, CK_ULONG in_len) {
1945
1946 switch (op_info->mechanism.mechanism) {
1947 case CKM_RSA_PKCS:
1948 // NOTE(adma): Specs say there should be enough space for PKCS#1 padding
1949 if (op_info->buffer_length + in_len >
1950 (op_info->op.sign.key_len + 7) / 8 - 11) {
1951 return CKR_DATA_LEN_RANGE;
1952 }
1953
1954 memcpy(op_info->buffer + op_info->buffer_length, in, in_len);
1955 op_info->buffer_length += in_len;
1956 break;
1957
1958 case CKM_ECDSA:
1959 if (op_info->buffer_length + in_len > 128) {
1960 // NOTE(adma): Specs say ECDSA only supports data up to 1024 bit
1961 return CKR_DATA_LEN_RANGE;
1962 }
1963
1964 memcpy(op_info->buffer + op_info->buffer_length, in, in_len);
1965 op_info->buffer_length += in_len;
1966 break;
1967
1968 case CKM_RSA_PKCS_PSS:
1969 case CKM_SHA_1_HMAC:
1970 case CKM_SHA256_HMAC:
1971 case CKM_SHA384_HMAC:
1972 case CKM_SHA512_HMAC:
1973 if (op_info->buffer_length + in_len > sizeof(op_info->buffer)) {
1974 return CKR_DATA_LEN_RANGE;
1975 }
1976
1977 memcpy(op_info->buffer + op_info->buffer_length, in, in_len);
1978 op_info->buffer_length += in_len;
1979 break;
1980
1981 case CKM_SHA1_RSA_PKCS:
1982 case CKM_SHA256_RSA_PKCS:
1983 case CKM_SHA384_RSA_PKCS:
1984 case CKM_SHA512_RSA_PKCS:
1985 case CKM_SHA1_RSA_PKCS_PSS:
1986 case CKM_SHA256_RSA_PKCS_PSS:
1987 case CKM_SHA384_RSA_PKCS_PSS:
1988 case CKM_SHA512_RSA_PKCS_PSS:
1989 case CKM_ECDSA_SHA1:
1990 case CKM_ECDSA_SHA256:
1991 case CKM_ECDSA_SHA384:
1992 case CKM_ECDSA_SHA512:
1993 if (EVP_DigestUpdate(op_info->op.sign.md_ctx, in, in_len) != 1) {
1994 EVP_MD_CTX_destroy(op_info->op.sign.md_ctx);
1995 op_info->op.sign.md_ctx = NULL;
1996 return CKR_FUNCTION_FAILED;
1997 }
1998 break;
1999
2000 default:
2001 return CKR_FUNCTION_FAILED;
2002 }
2003
2004 return CKR_OK;
2005}
2006
2007CK_RV apply_verify_mechanism_update(yubihsm_pkcs11_op_info *op_info,
2008 CK_BYTE_PTR in, CK_ULONG in_len) {
2009
2010 switch (op_info->mechanism.mechanism) {
2011 case CKM_SHA_1_HMAC:
2012 case CKM_SHA256_HMAC:
2013 case CKM_SHA384_HMAC:
2014 case CKM_SHA512_HMAC:
2015 case CKM_RSA_PKCS:
2016 case CKM_RSA_PKCS_PSS:
2017 case CKM_ECDSA:
2018 // NOTE(adma): no hash required for these mechanisms
2019 if (op_info->buffer_length + in_len > sizeof(op_info->buffer)) {
2020 return CKR_DATA_LEN_RANGE;
2021 }
2022
2023 memcpy(op_info->buffer + op_info->buffer_length, in, in_len);
2024 op_info->buffer_length += in_len;
2025 break;
2026
2027 case CKM_SHA1_RSA_PKCS:
2028 case CKM_SHA1_RSA_PKCS_PSS:
2029 case CKM_ECDSA_SHA1:
2030 case CKM_SHA256_RSA_PKCS:
2031 case CKM_SHA256_RSA_PKCS_PSS:
2032 case CKM_ECDSA_SHA256:
2033 case CKM_SHA384_RSA_PKCS:
2034 case CKM_SHA384_RSA_PKCS_PSS:
2035 case CKM_ECDSA_SHA384:
2036 case CKM_SHA512_RSA_PKCS:
2037 case CKM_SHA512_RSA_PKCS_PSS:
2038 case CKM_ECDSA_SHA512:
2039 if (EVP_DigestUpdate(op_info->op.verify.md_ctx, in, in_len) != 1) {
2040 EVP_MD_CTX_destroy(op_info->op.verify.md_ctx);
2041 op_info->op.sign.md_ctx = NULL;
2042 return CKR_FUNCTION_FAILED;
2043 }
2044 break;
2045
2046 default:
2047 return CKR_FUNCTION_FAILED;
2048 }
2049
2050 return CKR_OK;
2051}
2052
2053CK_RV apply_decrypt_mechanism_update(yubihsm_pkcs11_op_info *op_info,
2054 CK_BYTE_PTR in, CK_ULONG in_len) {
2055
2056 switch (op_info->mechanism.mechanism) {
2057 case CKM_RSA_PKCS:
2058 case CKM_RSA_PKCS_OAEP:
2059 case CKM_YUBICO_AES_CCM_WRAP:
2060 if (op_info->buffer_length + in_len > sizeof(op_info->buffer)) {
2061 return CKR_DATA_LEN_RANGE;
2062 }
2063
2064 memcpy(op_info->buffer + op_info->buffer_length, in, in_len);
2065 op_info->buffer_length += in_len;
2066 break;
2067
2068 default:
2069 return CKR_FUNCTION_FAILED;
2070 }
2071
2072 return CKR_OK;
2073}
2074
2075CK_RV apply_encrypt_mechanism_update(yubihsm_pkcs11_op_info *op_info,
2076 CK_BYTE_PTR in, CK_ULONG in_len) {
2077
2078 switch (op_info->mechanism.mechanism) {
2079 case CKM_YUBICO_AES_CCM_WRAP:
2080 if (op_info->buffer_length + in_len > sizeof(op_info->buffer)) {
2081 return CKR_DATA_LEN_RANGE;
2082 }
2083
2084 memcpy(op_info->buffer + op_info->buffer_length, in, in_len);
2085 op_info->buffer_length += in_len;
2086 break;
2087
2088 default:
2089 return CKR_FUNCTION_FAILED;
2090 }
2091
2092 return CKR_OK;
2093}
2094
2095CK_RV apply_digest_mechanism_update(yubihsm_pkcs11_op_info *op_info,
2096 CK_BYTE_PTR in, CK_ULONG in_len) {
2097
2098 switch (op_info->mechanism.mechanism) {
2099 case CKM_SHA_1:
2100 case CKM_SHA256:
2101 case CKM_SHA384:
2102 case CKM_SHA512:
2103 if (EVP_DigestUpdate(op_info->op.digest.md_ctx, in, in_len) != 1) {
2104 EVP_MD_CTX_destroy(op_info->op.digest.md_ctx);
2105 op_info->op.digest.md_ctx = NULL;
2106 return CKR_FUNCTION_FAILED;
2107 }
2108 break;
2109
2110 default:
2111 return CKR_FUNCTION_FAILED;
2112 }
2113
2114 return CKR_OK;
2115}
2116
2117CK_RV apply_sign_mechanism_finalize(yubihsm_pkcs11_op_info *op_info) {
2118
2119 if (is_hashed_mechanism(op_info->mechanism.mechanism)) {
2120 int ret;
2121 ret = EVP_DigestFinal_ex(op_info->op.sign.md_ctx, op_info->buffer,
2122 &op_info->buffer_length);
2123
2124 EVP_MD_CTX_destroy(op_info->op.sign.md_ctx);
2125 op_info->op.sign.md_ctx = NULL;
2126
2127 if (ret != 1) {
2128 return CKR_FUNCTION_FAILED;
2129 }
2130 }
2131
2132 if (is_ECDSA_sign_mechanism(op_info->mechanism.mechanism)) {
2133 if (op_info->buffer_length < op_info->op.sign.sig_len / 2) {
2134 uint16_t padding =
2135 (op_info->op.sign.sig_len / 2) - op_info->buffer_length;
2136 memmove(op_info->buffer + padding, op_info->buffer,
2137 op_info->buffer_length);
2138 memset(op_info->buffer, 0, padding);
2139 op_info->buffer_length += padding;
2140 } else if (op_info->buffer_length > op_info->op.sign.sig_len / 2) {
2141 op_info->buffer_length = op_info->op.sign.sig_len / 2;
2142 }
2143 }
2144
2145 // TODO(adma): check if more steps are need for PSS or ECDSA
2146
2147 return CKR_OK;
2148}
2149
2150CK_RV apply_verify_mechanism_finalize(yubihsm_pkcs11_op_info *op_info
2151 __attribute((unused))) {
2152
2153 return CKR_OK;
2154}
2155
2156CK_RV apply_decrypt_mechanism_finalize(yubihsm_pkcs11_op_info *op_info
2157 __attribute((unused))) {
2158
2159 op_info->op.decrypt.finalized = true;
2160 return CKR_OK;
2161}
2162
2163CK_RV apply_digest_mechanism_finalize(yubihsm_pkcs11_op_info *op_info) {
2164
2165 int ret;
2166 ret = EVP_DigestFinal_ex(op_info->op.digest.md_ctx, op_info->buffer,
2167 &op_info->buffer_length);
2168
2169 EVP_MD_CTX_destroy(op_info->op.digest.md_ctx);
2170 op_info->op.digest.md_ctx = NULL;
2171
2172 if (ret != 1) {
2173 return CKR_FUNCTION_FAILED;
2174 }
2175
2176 return CKR_OK;
2177}
2178
2179static bool apply_DER_encoding_to_ECSIG(uint8_t *signature,
2180 uint16_t *signature_len) {
2181 ECDSA_SIG *sig = ECDSA_SIG_new();
2182 BIGNUM *r = NULL;
2183 BIGNUM *s = NULL;
2184 bool ret = false;
2185
2186 if (sig == NULL) {
2187 return false;
2188 }
2189
2190 r = BN_bin2bn(signature, *signature_len / 2, NULL);
2191 s = BN_bin2bn(signature + *signature_len / 2, *signature_len / 2, NULL);
2192 if (r == NULL || s == NULL) {
2193 goto adete_out;
2194 }
2195
2196 if (ECDSA_SIG_set0(sig, r, s) == 0) {
2197 goto adete_out;
2198 }
2199
2200 r = s = NULL;
2201
2202 unsigned char *pp = signature;
2203 *signature_len = i2d_ECDSA_SIG(sig, &pp);
2204
2205 if (*signature_len == 0) {
2206 goto adete_out;
2207 } else {
2208 ret = true;
2209 }
2210
2211adete_out:
2212 if (sig != NULL) {
2213 ECDSA_SIG_free(sig);
2214 }
2215 if (r != NULL) {
2216 BN_free(r);
2217 }
2218 if (s != NULL) {
2219 BN_free(s);
2220 }
2221
2222 return ret;
2223}
2224
2225CK_RV perform_verify(yh_session *session, yubihsm_pkcs11_op_info *op_info,
2226 uint8_t *signature, uint16_t signature_len) {
2227
2228 if (is_HMAC_sign_mechanism(op_info->mechanism.mechanism)) {
2229 yh_rc yrc;
2230 bool verified = false;
2231
2232 yrc = yh_util_verify_hmac(session, op_info->op.verify.key_id, signature,
2233 signature_len, op_info->buffer,
2234 op_info->buffer_length, &verified);
2235
2236 if (yrc != YHR_SUCCESS) {
2237 return CKR_FUNCTION_FAILED;
2238 }
2239
2240 if (verified == false) {
2241 return CKR_SIGNATURE_INVALID;
2242 }
2243
2244 return CKR_OK;
2245 } else {
2246 CK_RV rv;
2247 EVP_PKEY *key = EVP_PKEY_new();
2248 uint8_t md_data[EVP_MAX_MD_SIZE];
2249 uint8_t *md = md_data;
2250 unsigned int md_len = sizeof(md_data);
2251 EVP_PKEY_CTX *ctx = NULL;
2252
2253 if (key == NULL) {
2254 rv = CKR_FUNCTION_FAILED;
2255 goto pv_failure;
2256 }
2257
2258 if (load_public_key(session, op_info->op.verify.key_id, key) == false) {
2259 rv = CKR_FUNCTION_FAILED;
2260 goto pv_failure;
2261 }
2262
2263 ctx = EVP_PKEY_CTX_new(key, NULL);
2264 if (ctx == NULL) {
2265 rv = CKR_FUNCTION_FAILED;
2266 goto pv_failure;
2267 }
2268 if (EVP_PKEY_verify_init(ctx) <= 0) {
2269 rv = CKR_FUNCTION_FAILED;
2270 goto pv_failure;
2271 }
2272
2273 int res;
2274 unsigned char data[2048];
2275 if (is_hashed_mechanism(op_info->mechanism.mechanism)) {
2276 if (EVP_DigestFinal_ex(op_info->op.verify.md_ctx, md, &md_len) <= 0) {
2277 rv = CKR_FUNCTION_FAILED;
2278 goto pv_failure;
2279 }
2280 } else if (EVP_PKEY_base_id(key) == EVP_PKEY_RSA) {
2281 const EVP_MD *md_type;
2282 int di_len;
2283
2284 if (op_info->mechanism.mechanism == CKM_RSA_PKCS_PSS) {
2285 md = op_info->buffer;
2286 md_len = op_info->buffer_length;
2287 } else {
2288 parse_NID(op_info->buffer, op_info->buffer_length, &md_type, &di_len);
2289 if (md_type == EVP_md_null()) {
2290 rv = CKR_DATA_INVALID;
2291 goto pv_failure;
2292 }
2293
2294 op_info->op.verify.md = md_type;
2295 md = op_info->buffer + di_len;
2296 md_len = op_info->buffer_length - di_len;
2297 }
2298 } else if (EVP_PKEY_base_id(key) == EVP_PKEY_EC) {
2299 md = op_info->buffer;
2300 md_len = op_info->buffer_length;
2301 if (md_len == 20) {
2302 op_info->op.verify.md = EVP_sha1();
2303 } else if (md_len == 32) {
2304 op_info->op.verify.md = EVP_sha256();
2305 } else if (md_len == 48) {
2306 op_info->op.verify.md = EVP_sha384();
2307 } else if (md_len == 64) {
2308 op_info->op.verify.md = EVP_sha512();
2309 } else {
2310 rv = CKR_FUNCTION_FAILED;
2311 goto pv_failure;
2312 }
2313 } else {
2314 rv = CKR_FUNCTION_FAILED;
2315 goto pv_failure;
2316 }
2317 if (EVP_PKEY_CTX_set_signature_md(ctx, op_info->op.verify.md) <= 0) {
2318 rv = CKR_FUNCTION_FAILED;
2319 goto pv_failure;
2320 }
2321 if (op_info->op.verify.padding) {
2322 if (EVP_PKEY_CTX_set_rsa_padding(ctx, op_info->op.verify.padding) <= 0) {
2323 rv = CKR_FUNCTION_FAILED;
2324 goto pv_failure;
2325 }
2326 if (op_info->op.verify.padding == RSA_PKCS1_PSS_PADDING) {
2327 if (EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, op_info->op.verify.saltLen) <=
2328 0) {
2329 rv = CKR_FUNCTION_FAILED;
2330 goto pv_failure;
2331 }
2332 if (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, op_info->op.verify.mgf1md) <= 0) {
2333 rv = CKR_FUNCTION_FAILED;
2334 goto pv_failure;
2335 }
2336 }
2337 }
2338 if (is_ECDSA_sign_mechanism(op_info->mechanism.mechanism)) {
2339 memcpy(data, signature, signature_len);
2340 signature = data;
2341 if (apply_DER_encoding_to_ECSIG(signature, &signature_len) == false) {
2342 DBG_ERR("Failed to apply DER encoding to ECDSA signature");
2343 rv = CKR_FUNCTION_FAILED;
2344 goto pv_failure;
2345 }
2346 }
2347 res = EVP_PKEY_verify(ctx, signature, signature_len, md, md_len);
2348
2349 if (res == 1) {
2350 rv = CKR_OK;
2351 } else if (res == 0) {
2352 rv = CKR_SIGNATURE_INVALID;
2353 } else {
2354 rv = CKR_FUNCTION_FAILED;
2355 }
2356
2357 pv_failure:
2358 if (ctx != NULL) {
2359 EVP_PKEY_CTX_free(ctx);
2360 ctx = NULL;
2361 }
2362
2363 if (key != NULL) {
2364 EVP_PKEY_free(key);
2365 key = NULL;
2366 }
2367
2368 return rv;
2369 }
2370
2371 return CKR_FUNCTION_FAILED;
2372}
2373
2374static bool strip_DER_encoding_from_ECSIG(uint8_t *signature,
2375 size_t *signature_len,
2376 size_t sig_len) {
2377
2378 ECDSA_SIG *sig;
2379 const unsigned char *pp = (const unsigned char *) signature;
2380 int r_len, s_len;
2381 const BIGNUM *r, *s;
2382
2383 sig = ECDSA_SIG_new();
2384 if (sig == NULL) {
2385 return false;
2386 }
2387
2388 if (d2i_ECDSA_SIG(&sig, &pp, *signature_len) == NULL) {
2389 ECDSA_SIG_free(sig);
2390 return false;
2391 }
2392
2393 // since we're going to copy the data out again in signature we need to clear
2394 // it
2395 memset(signature, 0, *signature_len);
2396
2397 ECDSA_SIG_get0(sig, &r, &s);
2398
2399 r_len = BN_num_bytes(r);
2400 s_len = BN_num_bytes(s);
2401 BN_bn2bin(r, signature + sig_len / 2 - r_len);
2402 BN_bn2bin(s, signature + sig_len - s_len);
2403
2404 *signature_len = sig_len;
2405
2406 ECDSA_SIG_free(sig);
2407 return true;
2408}
2409
2410CK_RV perform_signature(yh_session *session, yubihsm_pkcs11_op_info *op_info,
2411 uint8_t *signature, uint16_t *signature_len) {
2412
2413 yh_rc yrc;
2414 size_t outlen = sizeof(op_info->buffer);
2415
2416 if (is_RSA_sign_mechanism(op_info->mechanism.mechanism)) {
2417 if (is_PSS_sign_mechanism(op_info->mechanism.mechanism)) {
2418 yrc = yh_util_sign_pss(session, op_info->op.sign.key_id, op_info->buffer,
2419 op_info->buffer_length, op_info->buffer, &outlen,
2420 op_info->mechanism.pss.salt_len,
2421 op_info->mechanism.pss.mgf1Algo);
2422 } else {
2423 yrc = yh_util_sign_pkcs1v1_5(session, op_info->op.sign.key_id,
2424 is_hashed_mechanism(
2425 op_info->mechanism.mechanism),
2426 op_info->buffer, op_info->buffer_length,
2427 op_info->buffer, &outlen);
2428 }
2429 } else if (is_ECDSA_sign_mechanism(op_info->mechanism.mechanism)) {
2430 yrc = yh_util_sign_ecdsa(session, op_info->op.sign.key_id, op_info->buffer,
2431 op_info->buffer_length, op_info->buffer, &outlen);
2432 } else if (is_HMAC_sign_mechanism(op_info->mechanism.mechanism)) {
2433 yrc = yh_util_sign_hmac(session, op_info->op.sign.key_id, op_info->buffer,
2434 op_info->buffer_length, op_info->buffer, &outlen);
2435
2436 } else {
2437 DBG_ERR("Mechanism %lu not supported", op_info->mechanism.mechanism);
2438 return CKR_MECHANISM_INVALID;
2439 }
2440
2441 if (yrc != YHR_SUCCESS) {
2442 return CKR_FUNCTION_FAILED;
2443 }
2444
2445 if (is_ECDSA_sign_mechanism(op_info->mechanism.mechanism)) {
2446 // NOTE(adma): ECDSA, we must remove the DER encoding and only
2447 // return R,S as required by the specs
2448 if (strip_DER_encoding_from_ECSIG(op_info->buffer, &outlen,
2449 op_info->op.sign.sig_len) == false) {
2450 return CKR_FUNCTION_FAILED;
2451 }
2452 }
2453
2454 if (outlen > *signature_len) {
2455 return CKR_BUFFER_TOO_SMALL;
2456 }
2457 memcpy(signature, op_info->buffer, outlen);
2458 *signature_len = outlen;
2459
2460 return CKR_OK;
2461}
2462
2463CK_RV perform_decrypt(yh_session *session, yubihsm_pkcs11_op_info *op_info,
2464 uint8_t *data, uint16_t *data_len) {
2465
2466 yh_rc yrc;
2467 size_t outlen = sizeof(op_info->buffer);
2468
2469 if (op_info->mechanism.mechanism == CKM_RSA_PKCS) {
2470 yrc = yh_util_decrypt_pkcs1v1_5(session, op_info->op.decrypt.key_id,
2471 op_info->buffer, op_info->buffer_length,
2472 op_info->buffer, &outlen);
2473 } else if (op_info->mechanism.mechanism == CKM_RSA_PKCS_OAEP) {
2474 yrc =
2475 yh_util_decrypt_oaep(session, op_info->op.decrypt.key_id, op_info->buffer,
2476 op_info->buffer_length, op_info->buffer, &outlen,
2477 op_info->mechanism.oaep.label,
2478 op_info->mechanism.oaep.label_len,
2479 op_info->mechanism.oaep.mgf1Algo);
2480 } else if (op_info->mechanism.mechanism == CKM_YUBICO_AES_CCM_WRAP) {
2481 yrc =
2482 yh_util_unwrap_data(session, op_info->op.decrypt.key_id, op_info->buffer,
2483 op_info->buffer_length, op_info->buffer, &outlen);
2484 } else {
2485 DBG_ERR("Mechanism %lu not supported", op_info->mechanism.mechanism);
2486 return CKR_MECHANISM_INVALID;
2487 }
2488
2489 if (yrc != YHR_SUCCESS) {
2490 DBG_ERR("Decryption failed: %s", yh_strerror(yrc));
2491 return CKR_FUNCTION_FAILED;
2492 }
2493
2494 if (outlen > *data_len) {
2495 DBG_ERR("Data won't fit in buffer %zu > %d", outlen, *data_len);
2496 *data_len = outlen;
2497 return CKR_BUFFER_TOO_SMALL;
2498 }
2499 memcpy(data, op_info->buffer, outlen);
2500 *data_len = outlen;
2501
2502 return CKR_OK;
2503}
2504
2505CK_RV perform_encrypt(yh_session *session, yubihsm_pkcs11_op_info *op_info,
2506 uint8_t *data, uint16_t *data_len) {
2507
2508 yh_rc yrc;
2509 size_t outlen = sizeof(op_info->buffer);
2510
2511 if (op_info->mechanism.mechanism == CKM_YUBICO_AES_CCM_WRAP) {
2512 yrc =
2513 yh_util_wrap_data(session, op_info->op.decrypt.key_id, op_info->buffer,
2514 op_info->buffer_length, op_info->buffer, &outlen);
2515 } else {
2516 DBG_ERR("Mechanism %lu not supported", op_info->mechanism.mechanism);
2517 return CKR_MECHANISM_INVALID;
2518 }
2519
2520 if (yrc != YHR_SUCCESS) {
2521 return CKR_FUNCTION_FAILED;
2522 }
2523
2524 if (outlen > *data_len) {
2525 return CKR_BUFFER_TOO_SMALL;
2526 }
2527 memcpy(data, op_info->buffer, outlen);
2528 *data_len = outlen;
2529
2530 return CKR_OK;
2531}
2532
2533CK_RV perform_digest(yubihsm_pkcs11_op_info *op_info, uint8_t *digest,
2534 uint16_t *digest_len) {
2535
2536 if (op_info->buffer_length > *digest_len) {
2537 return CKR_BUFFER_TOO_SMALL;
2538 }
2539
2540 memcpy(digest, op_info->buffer, op_info->buffer_length);
2541 *digest_len = op_info->buffer_length;
2542
2543 return CKR_OK;
2544}
2545
2546bool sign_mechanism_cleanup(yubihsm_pkcs11_op_info *op_info) {
2547
2548 if (op_info->op.sign.md_ctx != NULL) {
2549 EVP_MD_CTX_destroy(op_info->op.sign.md_ctx);
2550 op_info->op.sign.md_ctx = NULL;
2551 }
2552
2553 return true;
2554}
2555
2556bool verify_mechanism_cleanup(yubihsm_pkcs11_op_info *op_info) {
2557
2558 if (op_info->op.verify.md_ctx != NULL) {
2559 EVP_MD_CTX_destroy(op_info->op.verify.md_ctx);
2560 op_info->op.verify.md_ctx = NULL;
2561 }
2562
2563 return true;
2564}
2565
2566bool decrypt_mechanism_cleanup(yubihsm_pkcs11_op_info *op_info) {
2567
2568 (void) op_info;
2569
2570 return true;
2571}
2572
2573bool digest_mechanism_cleanup(yubihsm_pkcs11_op_info *op_info) {
2574
2575 if (op_info->op.digest.md_ctx != NULL) {
2576 EVP_MD_CTX_destroy(op_info->op.digest.md_ctx);
2577 op_info->op.digest.md_ctx = NULL;
2578 }
2579
2580 return true;
2581}
2582
2583CK_ULONG get_digest_bytelength(CK_MECHANISM_TYPE m) {
2584
2585 switch (m) {
2586 case CKM_SHA_1:
2587 return 20;
2588
2589 case CKM_SHA256:
2590 return 32;
2591
2592 case CKM_SHA384:
2593 return 48;
2594
2595 case CKM_SHA512:
2596 return 64;
2597
2598 default:
2599 break;
2600 }
2601
2602 return 0;
2603}
2604
2605bool is_RSA_sign_mechanism(CK_MECHANISM_TYPE m) {
2606
2607 switch (m) {
2608 case CKM_RSA_PKCS:
2609 case CKM_SHA1_RSA_PKCS:
2610 case CKM_SHA256_RSA_PKCS:
2611 case CKM_SHA384_RSA_PKCS:
2612 case CKM_SHA512_RSA_PKCS:
2613 case CKM_RSA_PKCS_PSS:
2614 case CKM_SHA1_RSA_PKCS_PSS:
2615 case CKM_SHA256_RSA_PKCS_PSS:
2616 case CKM_SHA512_RSA_PKCS_PSS:
2617 case CKM_SHA384_RSA_PKCS_PSS:
2618 return true;
2619
2620 default:
2621 break;
2622 }
2623
2624 return false;
2625}
2626
2627bool is_RSA_decrypt_mechanism(CK_MECHANISM_TYPE m) {
2628
2629 switch (m) {
2630 case CKM_RSA_PKCS:
2631 case CKM_SHA1_RSA_PKCS:
2632 case CKM_SHA256_RSA_PKCS:
2633 case CKM_SHA384_RSA_PKCS:
2634 case CKM_SHA512_RSA_PKCS:
2635 case CKM_RSA_PKCS_OAEP:
2636 return true;
2637
2638 default:
2639 break;
2640 }
2641
2642 return false;
2643}
2644
2645bool is_hashed_mechanism(CK_MECHANISM_TYPE m) {
2646
2647 switch (m) {
2648 case CKM_SHA1_RSA_PKCS:
2649 case CKM_SHA256_RSA_PKCS:
2650 case CKM_SHA384_RSA_PKCS:
2651 case CKM_SHA512_RSA_PKCS:
2652 case CKM_SHA1_RSA_PKCS_PSS:
2653 case CKM_SHA256_RSA_PKCS_PSS:
2654 case CKM_SHA384_RSA_PKCS_PSS:
2655 case CKM_SHA512_RSA_PKCS_PSS:
2656 case CKM_ECDSA_SHA1:
2657 case CKM_ECDSA_SHA256:
2658 case CKM_ECDSA_SHA384:
2659 case CKM_ECDSA_SHA512:
2660 case CKM_SHA_1:
2661 case CKM_SHA256:
2662 case CKM_SHA384:
2663 case CKM_SHA512:
2664 return true;
2665
2666 default:
2667 break;
2668 }
2669
2670 return false;
2671}
2672
2673bool is_PKCS1v1_5_sign_mechanism(CK_MECHANISM_TYPE m) {
2674
2675 switch (m) {
2676 case CKM_RSA_PKCS:
2677 case CKM_SHA1_RSA_PKCS:
2678 case CKM_SHA256_RSA_PKCS:
2679 case CKM_SHA384_RSA_PKCS:
2680 case CKM_SHA512_RSA_PKCS:
2681 return true;
2682
2683 default:
2684 break;
2685 }
2686
2687 return false;
2688}
2689
2690bool is_ECDSA_sign_mechanism(CK_MECHANISM_TYPE m) {
2691
2692 switch (m) {
2693 case CKM_ECDSA:
2694 case CKM_ECDSA_SHA1:
2695 case CKM_ECDSA_SHA256:
2696 case CKM_ECDSA_SHA384:
2697 case CKM_ECDSA_SHA512:
2698 return true;
2699
2700 default:
2701 break;
2702 }
2703
2704 return false;
2705}
2706
2707bool is_PSS_sign_mechanism(CK_MECHANISM_TYPE m) {
2708
2709 switch (m) {
2710 case CKM_RSA_PKCS_PSS:
2711 case CKM_SHA1_RSA_PKCS_PSS:
2712 case CKM_SHA256_RSA_PKCS_PSS:
2713 case CKM_SHA384_RSA_PKCS_PSS:
2714 case CKM_SHA512_RSA_PKCS_PSS:
2715 return true;
2716
2717 default:
2718 break;
2719 }
2720
2721 return false;
2722}
2723
2724bool is_HMAC_sign_mechanism(CK_MECHANISM_TYPE m) {
2725
2726 switch (m) {
2727 case CKM_SHA_1_HMAC:
2728 case CKM_SHA256_HMAC:
2729 case CKM_SHA384_HMAC:
2730 case CKM_SHA512_HMAC:
2731 return true;
2732
2733 default:
2734 break;
2735 }
2736
2737 return false;
2738}
2739
2740static void free_pkcs11_slot(void *data) {
2741 yubihsm_pkcs11_slot *slot = (yubihsm_pkcs11_slot *) data;
2742 free(slot->connector_name);
2743 if (slot->device_session) {
2744 if (yh_destroy_session(&slot->device_session) != YHR_SUCCESS) {
2745 DBG_ERR("Failed destroying session");
2746 }
2747 }
2748 if (slot->connector) {
2749 yh_disconnect(slot->connector);
2750 }
2751 list_destroy(&slot->pkcs11_sessions);
2752}
2753
2754static bool compare_slot(void *data, void *item) {
2755 uint16_t *a = data;
2756 uint16_t b = ((yubihsm_pkcs11_slot *) item)->id;
2757 return *a == b;
2758}
2759
2760static bool compare_session(void *data, void *item) {
2761 uint16_t *a = data;
2762 uint16_t b = ((yubihsm_pkcs11_session *) item)->id;
2763 return *a == b;
2764}
2765
2766yubihsm_pkcs11_slot *get_slot(yubihsm_pkcs11_context *ctx, CK_ULONG id) {
2767
2768 ListItem *item = list_get(&ctx->slots, &id, compare_slot);
2769 if (item) {
2770 yubihsm_pkcs11_slot *slot = (yubihsm_pkcs11_slot *) item->data;
2771 if (slot->mutex != NULL) {
2772 if (ctx->lock_mutex(slot->mutex) != CKR_OK) {
2773 return NULL;
2774 }
2775 }
2776 return slot;
2777 }
2778
2779 return NULL;
2780}
2781
2782void release_slot(yubihsm_pkcs11_context *ctx, yubihsm_pkcs11_slot *slot) {
2783
2784 if (slot->mutex != NULL) {
2785 ctx->unlock_mutex(slot->mutex);
2786 }
2787}
2788
2789CK_RV get_session(yubihsm_pkcs11_context *ctx, CK_SESSION_HANDLE hSession,
2790 yubihsm_pkcs11_session **session, int session_state) {
2791 uint16_t slot_id = hSession >> 16;
2792 uint16_t session_id = hSession & 0xffff;
2793
2794 yubihsm_pkcs11_slot *slot = get_slot(ctx, slot_id);
2795 if (slot == NULL) {
2796 DBG_ERR("Slot %d doesn't exist", slot_id);
2797 return CKR_SESSION_HANDLE_INVALID;
2798 }
2799
2800 ListItem *item =
2801 list_get(&slot->pkcs11_sessions, &session_id, compare_session);
2802 if (item == NULL) {
2803 release_slot(ctx, slot);
2804 DBG_ERR("Session %d doesn't exist", session_id);
2805 return CKR_SESSION_HANDLE_INVALID;
2806 }
2807
2808 *session = (yubihsm_pkcs11_session *) item->data;
2809 int state = (int) (*session)->session_state;
2810 if (session_state == 0 || ((session_state & state) == state)) {
2811 // NOTE(thorduri): slot is locked.
2812 return CKR_OK;
2813 }
2814
2815 CK_RV rv = CKR_SESSION_HANDLE_INVALID;
2816 if (session_state == SESSION_AUTHENTICATED) {
2817 rv = CKR_USER_NOT_LOGGED_IN;
2818 DBG_ERR("Session user not logged in");
2819 } else if (session_state == SESSION_AUTHENTICATED_RW) {
2820 rv = CKR_SESSION_READ_ONLY;
2821 DBG_ERR("Session read only");
2822 } else if (session_state == SESSION_NOT_AUTHENTICATED) {
2823 rv = CKR_USER_ALREADY_LOGGED_IN;
2824 DBG_ERR("Session user already logged in");
2825 }
2826
2827 release_slot(ctx, slot);
2828 return rv;
2829}
2830
2831bool delete_session(yubihsm_pkcs11_context *ctx,
2832 CK_SESSION_HANDLE_PTR phSession) {
2833 uint16_t slot_id = *phSession >> 16;
2834 uint16_t session_id = *phSession & 0xffff;
2835 yubihsm_pkcs11_slot *slot = get_slot(ctx, slot_id);
2836 bool ret = false;
2837
2838 if (slot) {
2839 ListItem *item =
2840 list_get(&slot->pkcs11_sessions, &session_id, compare_session);
2841 if (item) {
2842 list_delete(&slot->pkcs11_sessions, item);
2843 ret = true;
2844 }
2845 release_slot(ctx, slot);
2846 }
2847 return ret;
2848}
2849
2855
2856static CK_RV native_create_mutex(void **mutex) {
2857
2858#ifdef __WIN32
2859 CRITICAL_SECTION *mtx = calloc(1, sizeof(CRITICAL_SECTION));
2860 if (mtx == NULL) {
2861 return CKR_GENERAL_ERROR;
2862 }
2863 InitializeCriticalSection(mtx);
2864#else
2865 pthread_mutex_t *mtx = calloc(1, sizeof(pthread_mutex_t));
2866 if (mtx == NULL) {
2867 return CKR_GENERAL_ERROR;
2868 }
2869
2870 pthread_mutex_init(mtx, NULL);
2871#endif
2872
2873 *mutex = mtx;
2874 return CKR_OK;
2875}
2876
2877static CK_RV native_destroy_mutex(void *mutex) {
2878
2879#ifdef __WIN32
2880 DeleteCriticalSection(mutex);
2881#else
2882 pthread_mutex_destroy(mutex);
2883#endif
2884
2885 free(mutex);
2886
2887 return CKR_OK;
2888}
2889
2890static CK_RV native_lock_mutex(void *mutex) {
2891
2892#ifdef __WIN32
2893 EnterCriticalSection(mutex);
2894#else
2895 if (pthread_mutex_lock(mutex) != 0) {
2896 return CKR_GENERAL_ERROR;
2897 }
2898#endif
2899
2900 return CKR_OK;
2901}
2902
2903static CK_RV native_unlock_mutex(void *mutex) {
2904
2905#ifdef __WIN32
2906 LeaveCriticalSection(mutex);
2907#else
2908 if (pthread_mutex_unlock(mutex) != 0) {
2909 return CKR_GENERAL_ERROR;
2910 }
2911#endif
2912
2913 return CKR_OK;
2914}
2915
2916void set_native_locking(yubihsm_pkcs11_context *ctx) {
2917
2918 ctx->create_mutex = native_create_mutex;
2919 ctx->destroy_mutex = native_destroy_mutex;
2920 ctx->lock_mutex = native_lock_mutex;
2921 ctx->unlock_mutex = native_unlock_mutex;
2922}
2923
2924bool add_connectors(yubihsm_pkcs11_context *ctx, int n_connectors,
2925 char **connector_names, yh_connector **connectors) {
2926 if (ctx->slots.head == NULL) {
2927 list_create(&ctx->slots, sizeof(yubihsm_pkcs11_slot), free_pkcs11_slot);
2928 }
2929
2930 for (int i = 0; i < n_connectors; i++) {
2931 yubihsm_pkcs11_slot slot;
2932 memset(&slot, 0, sizeof(yubihsm_pkcs11_slot));
2933 slot.id = i;
2934 slot.connector_name = strdup(connector_names[i]);
2935 slot.max_session_id = 1;
2936 if (!slot.connector_name) {
2937 return false;
2938 }
2939 slot.connector = connectors[i];
2940 if (ctx->create_mutex != NULL) {
2941 if (ctx->create_mutex(&slot.mutex) != CKR_OK) {
2942 return false;
2943 }
2944 }
2945 list_create(&slot.pkcs11_sessions, sizeof(yubihsm_pkcs11_session), NULL);
2946 if (list_append(&ctx->slots, (void *) &slot) != true) {
2947 return false;
2948 }
2949 }
2950 return true;
2951}
2952
2953CK_RV set_template_attribute(yubihsm_pkcs11_attribute *attribute, void *value) {
2954 if (*attribute == ATTRIBUTE_NOT_SET) {
2955 if ((*(CK_BBOOL *) value) == true) {
2956 *attribute = ATTRIBUTE_TRUE;
2957 } else {
2958 *attribute = ATTRIBUTE_FALSE;
2959 }
2960 return CKR_OK;
2961 } else {
2962 return CKR_TEMPLATE_INCONSISTENT;
2963 }
2964}
2965
2966static CK_RV check_bool_attribute(void *value, bool check) {
2967 CK_BBOOL b_val = *(CK_BBOOL *) value;
2968 if (check == true && b_val == CK_TRUE) {
2969 return CKR_OK;
2970 } else if (check == false && b_val == CK_FALSE) {
2971 return CKR_OK;
2972 }
2973 return CKR_ATTRIBUTE_VALUE_INVALID;
2974}
2975
2976CK_RV parse_rsa_template(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
2977 yubihsm_pkcs11_object_template *template) {
2978
2979 uint8_t *e = NULL;
2980 uint16_t primelen = 0;
2981 CK_RV rv;
2982
2983 for (CK_ULONG i = 0; i < ulCount; i++) {
2984 switch (pTemplate[i].type) {
2985
2986 case CKA_PRIME_1:
2987 if (template->obj.rsa.p == NULL) {
2988 template->obj.rsa.p = (CK_BYTE_PTR) pTemplate[i].pValue;
2989 if (pTemplate[i].ulValueLen % 2 != 0) {
2990 pTemplate[i].ulValueLen--;
2991 template->obj.rsa.p++;
2992 }
2993 if (primelen == 0 || primelen == pTemplate[i].ulValueLen) {
2994 primelen = pTemplate[i].ulValueLen;
2995 } else {
2996 return CKR_TEMPLATE_INCONSISTENT;
2997 }
2998 } else {
2999 return CKR_TEMPLATE_INCONSISTENT;
3000 }
3001 break;
3002
3003 case CKA_PRIME_2:
3004 if (template->obj.rsa.q == NULL) {
3005 template->obj.rsa.q = (CK_BYTE_PTR) pTemplate[i].pValue;
3006 if (pTemplate[i].ulValueLen % 2 != 0) {
3007 pTemplate[i].ulValueLen--;
3008 template->obj.rsa.q++;
3009 }
3010 if (primelen == 0 || primelen == pTemplate[i].ulValueLen) {
3011 primelen = pTemplate[i].ulValueLen;
3012 } else {
3013 return CKR_TEMPLATE_INCONSISTENT;
3014 }
3015 } else {
3016 return CKR_TEMPLATE_INCONSISTENT;
3017 }
3018 break;
3019
3020 case CKA_PUBLIC_EXPONENT:
3021 if (e == NULL) {
3022 e = (CK_BYTE_PTR) pTemplate[i].pValue;
3023 if (pTemplate[i].ulValueLen != 3 ||
3024 memcmp(e, "\x01\x00\x01", 3) != 0) {
3025 return CKR_ATTRIBUTE_VALUE_INVALID;
3026 }
3027 } else {
3028 return CKR_TEMPLATE_INCONSISTENT;
3029 }
3030 break;
3031
3032 case CKA_SIGN:
3033 if ((rv = set_template_attribute(&template->sign,
3034 pTemplate[i].pValue)) != CKR_OK) {
3035 return rv;
3036 }
3037 break;
3038
3039 case CKA_DECRYPT:
3040 if ((rv = set_template_attribute(&template->decrypt,
3041 pTemplate[i].pValue)) != CKR_OK) {
3042 return rv;
3043 }
3044 break;
3045
3046 case CKA_TOKEN:
3047 case CKA_PRIVATE:
3048 case CKA_SENSITIVE:
3049 if ((rv = check_bool_attribute(pTemplate[i].pValue, true)) != CKR_OK) {
3050 return rv;
3051 }
3052 break;
3053
3054 case CKA_MODULUS:
3055 case CKA_PRIVATE_EXPONENT:
3056 case CKA_EXPONENT_1:
3057 case CKA_EXPONENT_2:
3058 case CKA_COEFFICIENT:
3059 case CKA_CLASS:
3060 case CKA_KEY_TYPE:
3061 case CKA_SUBJECT:
3062 case CKA_ID:
3063 case CKA_LABEL:
3064 case CKA_EXTRACTABLE:
3065 break;
3066
3067 default:
3068 return CKR_ATTRIBUTE_TYPE_INVALID;
3069 }
3070 }
3071 if (e && template->obj.rsa.p && template->obj.rsa.q) {
3072 template->objlen = primelen;
3073 switch (primelen) {
3074 case 128:
3075 template->algorithm = YH_ALGO_RSA_2048;
3076 break;
3077 case 192:
3078 template->algorithm = YH_ALGO_RSA_3072;
3079 break;
3080 case 256:
3081 template->algorithm = YH_ALGO_RSA_4096;
3082 break;
3083 default:
3084 return CKR_ATTRIBUTE_VALUE_INVALID;
3085 }
3086 } else {
3087 return CKR_TEMPLATE_INCONSISTENT;
3088 }
3089
3090 return CKR_OK;
3091}
3092
3093static CK_RV parse_ecparams(uint8_t *ecparams, uint16_t ecparams_len,
3094 yh_algorithm *algorithm, uint16_t *key_len) {
3095 EC_GROUP *group = EC_GROUP_new(EC_GFp_simple_method());
3096 const uint8_t *param_ptr = ecparams;
3097 int curve = 0;
3098 if (group == NULL) {
3099 return CKR_FUNCTION_FAILED;
3100 }
3101 if (d2i_ECPKParameters(&group, &param_ptr, ecparams_len) != NULL) {
3102 curve = EC_GROUP_get_curve_name(group);
3103 }
3104 EC_GROUP_free(group);
3105 switch (curve) {
3106 case NID_secp224r1:
3107 *algorithm = YH_ALGO_EC_P224;
3108 *key_len = 28;
3109 break;
3110 case NID_X9_62_prime256v1:
3111 *algorithm = YH_ALGO_EC_P256;
3112 *key_len = 32;
3113 break;
3114 case NID_secp384r1:
3115 *algorithm = YH_ALGO_EC_P384;
3116 *key_len = 48;
3117 break;
3118 case NID_secp521r1:
3119 *algorithm = YH_ALGO_EC_P521;
3120 *key_len = 66;
3121 break;
3122 case NID_secp256k1:
3123 *algorithm = YH_ALGO_EC_K256;
3124 *key_len = 32;
3125 break;
3126#ifdef NID_brainpoolP256r1
3127 case NID_brainpoolP256r1:
3128 *algorithm = YH_ALGO_EC_BP256;
3129 *key_len = 32;
3130 break;
3131#endif
3132#ifdef NID_brainpoolP384r1
3133 case NID_brainpoolP384r1:
3134 *algorithm = YH_ALGO_EC_BP384;
3135 *key_len = 48;
3136 break;
3137#endif
3138#ifdef NID_brainpoolP512r1
3139 case NID_brainpoolP512r1:
3140 *algorithm = YH_ALGO_EC_BP512;
3141 *key_len = 64;
3142 break;
3143#endif
3144 default:
3145 return CKR_CURVE_NOT_SUPPORTED;
3146 }
3147 return CKR_OK;
3148}
3149
3150CK_RV parse_ec_template(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
3151 yubihsm_pkcs11_object_template *template) {
3152
3153 uint8_t *ecparams = NULL;
3154 uint16_t ecparams_len;
3155 CK_RV rv;
3156
3157 for (CK_ULONG i = 0; i < ulCount; i++) {
3158 switch (pTemplate[i].type) {
3159
3160 case CKA_VALUE:
3161 if (template->obj.buf == NULL) {
3162 template->obj.buf = (CK_BYTE_PTR) pTemplate[i].pValue;
3163 template->objlen = pTemplate[i].ulValueLen;
3164 } else {
3165 return CKR_TEMPLATE_INCONSISTENT;
3166 }
3167 break;
3168
3169 case CKA_EC_PARAMS:
3170 if (ecparams == NULL) {
3171 ecparams = (CK_BYTE_PTR) pTemplate[i].pValue;
3172 ecparams_len = pTemplate[i].ulValueLen;
3173 } else {
3174 return CKR_TEMPLATE_INCONSISTENT;
3175 }
3176 break;
3177
3178 case CKA_SIGN:
3179 if ((rv = set_template_attribute(&template->sign,
3180 pTemplate[i].pValue)) != CKR_OK) {
3181 return rv;
3182 }
3183 break;
3184
3185 case CKA_DERIVE:
3186 if ((rv = set_template_attribute(&template->derive,
3187 pTemplate[i].pValue)) != CKR_OK) {
3188 return rv;
3189 }
3190 break;
3191
3192 case CKA_TOKEN:
3193 case CKA_PRIVATE:
3194 case CKA_SENSITIVE:
3195 if ((rv = check_bool_attribute(pTemplate[i].pValue, true)) != CKR_OK) {
3196 return rv;
3197 }
3198 break;
3199
3200 case CKA_CLASS:
3201 case CKA_KEY_TYPE:
3202 case CKA_SUBJECT:
3203 case CKA_ID:
3204 case CKA_LABEL:
3205 case CKA_EXTRACTABLE:
3206 break;
3207
3208 default:
3209 return CKR_ATTRIBUTE_TYPE_INVALID;
3210 }
3211 }
3212 if (ecparams && template->obj.buf) {
3213 uint16_t key_len;
3214 CK_RV rv =
3215 parse_ecparams(ecparams, ecparams_len, &template->algorithm, &key_len);
3216 if (rv != CKR_OK) {
3217 return rv;
3218 }
3219 if (key_len != template->objlen) {
3220 return CKR_ATTRIBUTE_VALUE_INVALID;
3221 }
3222 } else {
3223 return CKR_TEMPLATE_INCONSISTENT;
3224 }
3225
3226 return CKR_OK;
3227}
3228
3229CK_RV parse_hmac_template(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
3230 yubihsm_pkcs11_object_template *template,
3231 bool generate) {
3232
3233 CK_RV rv;
3234
3235 for (CK_ULONG i = 0; i < ulCount; i++) {
3236 switch (pTemplate[i].type) {
3237
3238 case CKA_VALUE:
3239 if (generate == false && template->obj.buf == NULL) {
3240 // TODO: consider hanshing the key here if it's longer than blocklen
3241 template->obj.buf = (CK_BYTE_PTR) pTemplate[i].pValue;
3242 template->objlen = pTemplate[i].ulValueLen;
3243 } else {
3244 return CKR_TEMPLATE_INCONSISTENT;
3245 }
3246 break;
3247
3248 case CKA_SIGN:
3249 if ((rv = set_template_attribute(&template->sign,
3250 pTemplate[i].pValue)) != CKR_OK) {
3251 return rv;
3252 }
3253 break;
3254
3255 case CKA_VERIFY:
3256 if ((rv = set_template_attribute(&template->verify,
3257 pTemplate[i].pValue)) != CKR_OK) {
3258 return rv;
3259 }
3260 break;
3261
3262 case CKA_KEY_TYPE:
3263 switch (*((CK_ULONG_PTR) pTemplate[i].pValue)) {
3264 case CKK_SHA_1_HMAC:
3265 template->algorithm = YH_ALGO_HMAC_SHA1;
3266 break;
3267 case CKK_SHA256_HMAC:
3268 template->algorithm = YH_ALGO_HMAC_SHA256;
3269 break;
3270 case CKK_SHA384_HMAC:
3271 template->algorithm = YH_ALGO_HMAC_SHA384;
3272 break;
3273 case CKK_SHA512_HMAC:
3274 template->algorithm = YH_ALGO_HMAC_SHA512;
3275 break;
3276 default:
3277 return CKR_TEMPLATE_INCONSISTENT;
3278 }
3279 break;
3280
3281 case CKA_TOKEN:
3282 if ((rv = check_bool_attribute(pTemplate[i].pValue, true)) != CKR_OK) {
3283 return rv;
3284 }
3285 break;
3286
3287 case CKA_CLASS:
3288 case CKA_SUBJECT:
3289 case CKA_ID:
3290 case CKA_LABEL:
3291 case CKA_EXTRACTABLE:
3292 break;
3293
3294 default:
3295 return CKR_ATTRIBUTE_TYPE_INVALID;
3296 }
3297 }
3298 if (template->algorithm && (generate == true || template->obj.buf)) {
3299 return CKR_OK;
3300 } else {
3301 return CKR_TEMPLATE_INCONSISTENT;
3302 }
3303}
3304
3305CK_RV parse_rsa_generate_template(CK_ATTRIBUTE_PTR pPublicKeyTemplate,
3306 CK_ULONG ulPublicKeyAttributeCount,
3307 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
3308 CK_ULONG ulPrivateKeyAttributeCount,
3309 yubihsm_pkcs11_object_template *template) {
3310
3311 uint8_t *e = NULL;
3312 bool label_set = FALSE;
3313 CK_RV rv;
3314
3315 memset(template->label, 0, sizeof(template->label));
3316
3317 for (CK_ULONG i = 0; i < ulPublicKeyAttributeCount; i++) {
3318 switch (pPublicKeyTemplate[i].type) {
3319 case CKA_CLASS:
3320 if (*((CK_ULONG_PTR) pPublicKeyTemplate[i].pValue) != CKO_PUBLIC_KEY) {
3321 DBG_ERR("CKA_CLASS inconsistent in PublicKeyTemplate");
3322 return CKR_TEMPLATE_INCONSISTENT;
3323 }
3324 break;
3325
3326 case CKA_KEY_TYPE:
3327 if (*((CK_ULONG_PTR) pPublicKeyTemplate[i].pValue) != CKK_RSA) {
3328 DBG_ERR("CKA_KEY_TYPE inconsistent in PublicKeyTemplate");
3329 return CKR_TEMPLATE_INCONSISTENT;
3330 }
3331 break;
3332
3333 case CKA_ID:
3334 if (template->id == 0) {
3335 int id = parse_id_value(pPublicKeyTemplate[i].pValue,
3336 pPublicKeyTemplate[i].ulValueLen);
3337 if (id == -1) {
3338 DBG_ERR("CKA_ID invalid in PublicKeyTemplate");
3339 return CKR_ATTRIBUTE_VALUE_INVALID;
3340 }
3341 template->id = id;
3342 } else {
3343 DBG_ERR("CKA_ID inconsistent in PublicKeyTemplate");
3344 return CKR_TEMPLATE_INCONSISTENT;
3345 }
3346 break;
3347
3348 case CKA_PUBLIC_EXPONENT:
3349 if (e == NULL) {
3350 e = (CK_BYTE_PTR) pPublicKeyTemplate[i].pValue;
3351 if (!((pPublicKeyTemplate[i].ulValueLen == 3 &&
3352 memcmp(e, "\x01\x00\x01", 3) == 0) ||
3353 (pPublicKeyTemplate[i].ulValueLen == 4 &&
3354 memcmp(e, "\x00\x01\x00\x01", 4) == 0))) {
3355 DBG_ERR("CKA_PUBLIC_EXPONENT invalid in PublicKeyTemplate");
3356 return CKR_ATTRIBUTE_VALUE_INVALID;
3357 }
3358 } else {
3359 DBG_ERR("CKA_PUBLIC_EXPONENT inconsistent in PublicKeyTemplate");
3360 return CKR_TEMPLATE_INCONSISTENT;
3361 }
3362 break;
3363
3364 case CKA_MODULUS_BITS:
3365 switch (*((CK_ULONG_PTR) pPublicKeyTemplate[i].pValue)) {
3366 case 2048:
3367 template->algorithm = YH_ALGO_RSA_2048;
3368 break;
3369
3370 case 3072:
3371 template->algorithm = YH_ALGO_RSA_3072;
3372 break;
3373
3374 case 4096:
3375 template->algorithm = YH_ALGO_RSA_4096;
3376 break;
3377
3378 default:
3379 DBG_ERR("CKA_MODULUS_BITS wrong length in PublicKeyTemplate (%lu)",
3380 *((CK_ULONG_PTR) pPublicKeyTemplate[i].pValue));
3381 return CKR_ATTRIBUTE_VALUE_INVALID;
3382 }
3383 break;
3384
3385 case CKA_LABEL:
3386 if (pPublicKeyTemplate[i].ulValueLen > YH_OBJ_LABEL_LEN) {
3387 DBG_ERR("CKA_LABEL invalid in PublicKeyTemplate");
3388 return CKR_ATTRIBUTE_VALUE_INVALID;
3389 }
3390
3391 memcpy(template->label, pPublicKeyTemplate[i].pValue,
3392 pPublicKeyTemplate[i].ulValueLen);
3393
3394 label_set = TRUE;
3395
3396 break;
3397
3398 case CKA_TOKEN:
3399 if ((rv = check_bool_attribute(pPublicKeyTemplate[i].pValue, true)) !=
3400 CKR_OK) {
3401 DBG_ERR("Boolean truth check failed for attribute 0x%lx",
3402 pPublicKeyTemplate[i].type);
3403 return rv;
3404 }
3405 break;
3406
3407 case CKA_MODIFIABLE:
3408 case CKA_DECRYPT:
3409 case CKA_SIGN:
3410 case CKA_UNWRAP:
3411 if ((rv = check_bool_attribute(pPublicKeyTemplate[i].pValue, false)) !=
3412 CKR_OK) {
3413 DBG_ERR("Boolean false check failed for attribute 0x%lx",
3414 pPublicKeyTemplate[i].type);
3415 return rv;
3416 }
3417 break;
3418
3419 case CKA_WRAP:
3420 case CKA_VERIFY:
3421 case CKA_ENCRYPT:
3422 case CKA_EXTRACTABLE:
3423 case CKA_PRIVATE:
3424 case CKA_COPYABLE:
3425 case CKA_DESTROYABLE:
3426 break;
3427
3428 default:
3429 DBG_ERR("invalid attribute type in PublicKeyTemplate: 0x%lx",
3430 pPublicKeyTemplate[i].type);
3431 return CKR_ATTRIBUTE_TYPE_INVALID;
3432 }
3433 }
3434
3435 for (CK_ULONG i = 0; i < ulPrivateKeyAttributeCount; i++) {
3436 switch (pPrivateKeyTemplate[i].type) {
3437 case CKA_CLASS:
3438 if (*((CK_ULONG_PTR) pPrivateKeyTemplate[i].pValue) !=
3439 CKO_PRIVATE_KEY) {
3440 DBG_ERR("CKA_CLASS inconsistent in PrivateKeyTemplate");
3441 return CKR_TEMPLATE_INCONSISTENT;
3442 }
3443 break;
3444
3445 case CKA_KEY_TYPE:
3446 if (*((CK_ULONG_PTR) pPrivateKeyTemplate[i].pValue) != CKK_RSA) {
3447 DBG_ERR("CKA_KEY_TYPE inconsistent in PrivateKeyTemplate");
3448 return CKR_TEMPLATE_INCONSISTENT;
3449 }
3450 break;
3451
3452 case CKA_ID: {
3453 int id = parse_id_value(pPrivateKeyTemplate[i].pValue,
3454 pPrivateKeyTemplate[i].ulValueLen);
3455 if (id == -1) {
3456 DBG_ERR("CKA_ID invalid in PrivateKeyTemplate");
3457 return CKR_ATTRIBUTE_VALUE_INVALID;
3458 }
3459 if (template->id != 0 && template->id != id) {
3460 DBG_ERR("CKA_ID inconsistent in PrivateKeyTemplate");
3461 return CKR_TEMPLATE_INCONSISTENT;
3462 } else {
3463 template->id = id;
3464 }
3465 } break;
3466
3467 case CKA_DECRYPT:
3468 if ((rv = set_template_attribute(&template->decrypt,
3469 pPrivateKeyTemplate[i].pValue)) !=
3470 CKR_OK) {
3471 DBG_ERR("CKA_DECRYPT inconsistent in PrivateKeyTemplate");
3472 return rv;
3473 }
3474 break;
3475
3476 case CKA_SIGN:
3477 if ((rv = set_template_attribute(&template->sign,
3478 pPrivateKeyTemplate[i].pValue)) !=
3479 CKR_OK) {
3480 DBG_ERR("CKA_SIGN inconsistent in PrivateKeyTemplate");
3481 return rv;
3482 }
3483 break;
3484
3485 case CKA_EXTRACTABLE:
3486 if ((rv = set_template_attribute(&template->exportable,
3487 pPrivateKeyTemplate[i].pValue)) !=
3488 CKR_OK) {
3489 DBG_ERR("CKA_EXTRACTABLE inconsistent in PrivateKeyTemplate");
3490 return rv;
3491 }
3492 break;
3493
3494 case CKA_LABEL:
3495 if (pPrivateKeyTemplate[i].ulValueLen > YH_OBJ_LABEL_LEN) {
3496 DBG_ERR("CKA_LABEL invalid in PrivateKeyTemplate");
3497 return CKR_ATTRIBUTE_VALUE_INVALID;
3498 }
3499
3500 if (label_set == TRUE) {
3501 if (memcmp(template->label, pPrivateKeyTemplate[i].pValue,
3502 pPrivateKeyTemplate[i].ulValueLen) != 0) {
3503 DBG_ERR("CKA_LABEL inconsistent in PrivateKeyTemplate");
3504 return CKR_TEMPLATE_INCONSISTENT;
3505 }
3506 } else {
3507 memcpy(template->label, pPrivateKeyTemplate[i].pValue,
3508 pPrivateKeyTemplate[i].ulValueLen);
3509 }
3510 break;
3511
3512 case CKA_TOKEN:
3513 case CKA_SENSITIVE:
3514 case CKA_PRIVATE:
3515 case CKA_DESTROYABLE:
3516 if ((rv = check_bool_attribute(pPrivateKeyTemplate[i].pValue, true)) !=
3517 CKR_OK) {
3518 DBG_ERR("Boolean truth check failed for attribute 0x%lx",
3519 pPrivateKeyTemplate[i].type);
3520 return rv;
3521 }
3522 break;
3523
3524 case CKA_WRAP:
3525 case CKA_MODIFIABLE:
3526 case CKA_COPYABLE:
3527 case CKA_ENCRYPT:
3528 case CKA_VERIFY:
3529 if ((rv = check_bool_attribute(pPrivateKeyTemplate[i].pValue, false)) !=
3530 CKR_OK) {
3531 DBG_ERR("Boolean false check failed for attribute 0x%lx",
3532 pPrivateKeyTemplate[i].type);
3533 return rv;
3534 }
3535 break;
3536
3537 case CKA_UNWRAP:
3538 case CKA_SUBJECT:
3539 break;
3540
3541 default:
3542 DBG_ERR("invalid attribute type in PrivateKeyTemplate: 0x%lx",
3543 pPrivateKeyTemplate[i].type);
3544 return CKR_ATTRIBUTE_TYPE_INVALID;
3545 }
3546 }
3547
3548 if (template->algorithm == 0) {
3549 DBG_ERR("No RSA bitlength set");
3550 return CKR_TEMPLATE_INCOMPLETE;
3551 }
3552
3553 return CKR_OK;
3554}
3555
3556int parse_id_value(void *value, CK_ULONG len) {
3557 switch (len) {
3558 case 0:
3559 return 0;
3560 case 1:
3561 return *(uint8_t *) value;
3562 case 2:
3563 return ntohs(*(uint16_t *) value);
3564 default:
3565 DBG_INFO("Supplied id is long, truncating it (was %lu bytes)", len);
3566 return ntohs(*(uint16_t *) value);
3567 }
3568}
3569
3570CK_RV parse_ec_generate_template(CK_ATTRIBUTE_PTR pPublicKeyTemplate,
3571 CK_ULONG ulPublicKeyAttributeCount,
3572 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
3573 CK_ULONG ulPrivateKeyAttributeCount,
3574 yubihsm_pkcs11_object_template *template) {
3575
3576 uint8_t *ecparams = NULL;
3577 uint16_t ecparams_len = 0;
3578 bool label_set = FALSE;
3579 CK_RV rv;
3580
3581 memset(template->label, 0, sizeof(template->label));
3582
3583 for (CK_ULONG i = 0; i < ulPublicKeyAttributeCount; i++) {
3584 switch (pPublicKeyTemplate[i].type) {
3585 case CKA_CLASS:
3586 if (*((CK_ULONG_PTR) pPublicKeyTemplate[i].pValue) != CKO_PUBLIC_KEY) {
3587 DBG_ERR("CKA_CLASS inconsistent in PublicKeyTemplate");
3588 return CKR_TEMPLATE_INCONSISTENT;
3589 }
3590 break;
3591
3592 case CKA_KEY_TYPE:
3593 if (*((CK_ULONG_PTR) pPublicKeyTemplate[i].pValue) != CKK_EC) {
3594 DBG_ERR("CKA_KEY_TYPE inconsistent in PublicKeyTemplate");
3595 return CKR_TEMPLATE_INCONSISTENT;
3596 }
3597 break;
3598
3599 case CKA_ID:
3600 if (template->id == 0) {
3601 int id = parse_id_value(pPublicKeyTemplate[i].pValue,
3602 pPublicKeyTemplate[i].ulValueLen);
3603 if (id == -1) {
3604 DBG_ERR("CKA_ID invalid in PublicKeyTemplate");
3605 return CKR_ATTRIBUTE_VALUE_INVALID;
3606 }
3607 template->id = id;
3608 } else {
3609 DBG_ERR("CKA_ID inconsistent in PublicKeyTemplate");
3610 return CKR_TEMPLATE_INCONSISTENT;
3611 }
3612 break;
3613
3614 case CKA_EC_PARAMS:
3615 if (ecparams == NULL) {
3616 ecparams = (CK_BYTE_PTR) pPublicKeyTemplate[i].pValue;
3617 ecparams_len = pPublicKeyTemplate[i].ulValueLen;
3618 } else {
3619 DBG_ERR("CKA_PUBLIC_EXPONENT inconsistent in PublicKeyTemplate");
3620 return CKR_TEMPLATE_INCONSISTENT;
3621 }
3622 break;
3623
3624 case CKA_LABEL:
3625 if (pPublicKeyTemplate[i].ulValueLen > YH_OBJ_LABEL_LEN) {
3626 DBG_ERR("CKA_LABEL invalid in PublicKeyTemplate");
3627 return CKR_ATTRIBUTE_VALUE_INVALID;
3628 }
3629
3630 memcpy(template->label, pPublicKeyTemplate[i].pValue,
3631 pPublicKeyTemplate[i].ulValueLen);
3632
3633 label_set = TRUE;
3634
3635 break;
3636
3637 case CKA_TOKEN:
3638 if ((rv = check_bool_attribute(pPublicKeyTemplate[i].pValue, true)) !=
3639 CKR_OK) {
3640 DBG_ERR("Boolean truth check failed for attribute 0x%lx",
3641 pPublicKeyTemplate[i].type);
3642 return rv;
3643 }
3644 break;
3645
3646 case CKA_MODIFIABLE:
3647 case CKA_DECRYPT:
3648 case CKA_SIGN:
3649 case CKA_WRAP:
3650 case CKA_UNWRAP:
3651 if ((rv = check_bool_attribute(pPublicKeyTemplate[i].pValue, false)) !=
3652 CKR_OK) {
3653 DBG_ERR("Boolean false check failed for attribute 0x%lx",
3654 pPublicKeyTemplate[i].type);
3655 return rv;
3656 }
3657 break;
3658
3659 case CKA_VERIFY:
3660 case CKA_ENCRYPT:
3661 case CKA_COPYABLE:
3662 case CKA_PRIVATE:
3663 case CKA_EXTRACTABLE:
3664 case CKA_DERIVE:
3665 break;
3666
3667 default:
3668 DBG_ERR("invalid attribute type in PublicKeyTemplate: 0x%lx\n",
3669 pPublicKeyTemplate[i].type);
3670 return CKR_ATTRIBUTE_TYPE_INVALID;
3671 }
3672 }
3673
3674 for (CK_ULONG i = 0; i < ulPrivateKeyAttributeCount; i++) {
3675 switch (pPrivateKeyTemplate[i].type) {
3676 case CKA_CLASS:
3677 if (*((CK_ULONG_PTR) pPrivateKeyTemplate[i].pValue) !=
3678 CKO_PRIVATE_KEY) {
3679 DBG_ERR("CKA_CLASS inconsistent in PrivateKeyTemplate");
3680 return CKR_TEMPLATE_INCONSISTENT;
3681 }
3682 break;
3683
3684 case CKA_KEY_TYPE:
3685 if (*((CK_ULONG_PTR) pPrivateKeyTemplate[i].pValue) != CKK_EC) {
3686 DBG_ERR("CKA_KEY_TYPE inconsistent in PrivateKeyTemplate");
3687 return CKR_TEMPLATE_INCONSISTENT;
3688 }
3689 break;
3690
3691 case CKA_ID: {
3692 int id = parse_id_value(pPrivateKeyTemplate[i].pValue,
3693 pPrivateKeyTemplate[i].ulValueLen);
3694 if (id == -1) {
3695 DBG_ERR("CKA_ID invalid in PrivateKeyTemplate");
3696 return CKR_ATTRIBUTE_VALUE_INVALID;
3697 }
3698 if (template->id != 0 && template->id != id) {
3699 DBG_ERR("CKA_ID inconsistent in PrivateKeyTemplate");
3700 return CKR_TEMPLATE_INCONSISTENT;
3701 } else {
3702 template->id = id;
3703 }
3704 } break;
3705
3706 case CKA_SIGN:
3707 if ((rv = set_template_attribute(&template->sign,
3708 pPrivateKeyTemplate[i].pValue)) !=
3709 CKR_OK) {
3710 DBG_ERR("CKA_SIGN inconsistent in PrivateKeyTemplate");
3711 return rv;
3712 }
3713 break;
3714
3715 case CKA_EXTRACTABLE:
3716 if ((rv = set_template_attribute(&template->exportable,
3717 pPrivateKeyTemplate[i].pValue)) !=
3718 CKR_OK) {
3719 DBG_ERR("CKA_EXTRACTABLE inconsistent in PrivateKeyTemplate");
3720 return rv;
3721 }
3722 break;
3723
3724 case CKA_DERIVE:
3725 if ((rv = set_template_attribute(&template->derive,
3726 pPrivateKeyTemplate[i].pValue)) !=
3727 CKR_OK) {
3728 DBG_ERR("CKA_DERIVE inconsistent in PrivateKeyTemplate");
3729 return rv;
3730 }
3731 break;
3732
3733 case CKA_LABEL:
3734 if (pPrivateKeyTemplate[i].ulValueLen > YH_OBJ_LABEL_LEN) {
3735 DBG_ERR("CKA_LABEL invalid in PrivateKeyTemplate");
3736 return CKR_ATTRIBUTE_VALUE_INVALID;
3737 }
3738
3739 if (label_set == TRUE) {
3740 if (memcmp(template->label, pPrivateKeyTemplate[i].pValue,
3741 pPrivateKeyTemplate[i].ulValueLen) != 0) {
3742 DBG_ERR("CKA_LABEL inconsistent in PrivateKeyTemplate");
3743 return CKR_TEMPLATE_INCONSISTENT;
3744 }
3745 } else {
3746 memcpy(template->label, pPrivateKeyTemplate[i].pValue,
3747 pPrivateKeyTemplate[i].ulValueLen);
3748 }
3749 break;
3750
3751 case CKA_TOKEN:
3752 case CKA_SENSITIVE:
3753 case CKA_PRIVATE:
3754 case CKA_DESTROYABLE:
3755 if ((rv = check_bool_attribute(pPrivateKeyTemplate[i].pValue, true)) !=
3756 CKR_OK) {
3757 DBG_ERR("Boolean truth check failed for attribute 0x%lx",
3758 pPrivateKeyTemplate[i].type);
3759 return rv;
3760 }
3761 break;
3762
3763 case CKA_UNWRAP:
3764 case CKA_WRAP:
3765 case CKA_MODIFIABLE:
3766 case CKA_COPYABLE:
3767 case CKA_ENCRYPT:
3768 case CKA_VERIFY:
3769 if ((rv = check_bool_attribute(pPrivateKeyTemplate[i].pValue, false)) !=
3770 CKR_OK) {
3771 DBG_ERR("Boolean false check failed for attribute 0x%lx",
3772 pPrivateKeyTemplate[i].type);
3773 return rv;
3774 }
3775 break;
3776
3777 case CKA_SUBJECT:
3778 case CKA_DECRYPT:
3779 break;
3780
3781 default:
3782 return CKR_ATTRIBUTE_TYPE_INVALID;
3783 }
3784 }
3785
3786 if (ecparams == NULL) {
3787 DBG_ERR("CKA_ECPARAMS not set");
3788 return CKR_TEMPLATE_INCOMPLETE;
3789 }
3790
3791 uint16_t key_len;
3792 rv = parse_ecparams(ecparams, ecparams_len, &template->algorithm, &key_len);
3793 if (rv != CKR_OK) {
3794 DBG_ERR("Failed to parse CKA_ECPARAMS");
3795 return rv;
3796 }
3797
3798 return CKR_OK;
3799}
3800
3801CK_RV parse_wrap_template(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
3802 yubihsm_pkcs11_object_template *template,
3803 bool generate) {
3804
3805 CK_RV rv;
3806
3807 for (CK_ULONG i = 0; i < ulCount; i++) {
3808 switch (pTemplate[i].type) {
3809
3810 case CKA_VALUE:
3811 if (generate == false && template->obj.buf == NULL) {
3812 template->obj.buf = (CK_BYTE_PTR) pTemplate[i].pValue;
3813 template->objlen = pTemplate[i].ulValueLen;
3814 } else {
3815 return CKR_TEMPLATE_INCONSISTENT;
3816 }
3817 break;
3818
3819 case CKA_WRAP:
3820 if ((rv = set_template_attribute(&template->wrap,
3821 pTemplate[i].pValue)) != CKR_OK) {
3822 return rv;
3823 }
3824 break;
3825
3826 case CKA_UNWRAP:
3827 if ((rv = set_template_attribute(&template->unwrap,
3828 pTemplate[i].pValue)) != CKR_OK) {
3829 return rv;
3830 }
3831 break;
3832
3833 case CKA_ENCRYPT:
3834 if ((rv = set_template_attribute(&template->encrypt,
3835 pTemplate[i].pValue)) != CKR_OK) {
3836 return rv;
3837 }
3838 break;
3839
3840 case CKA_DECRYPT:
3841 if ((rv = set_template_attribute(&template->decrypt,
3842 pTemplate[i].pValue)) != CKR_OK) {
3843 return rv;
3844 }
3845 break;
3846
3847 case CKA_TOKEN:
3848 if ((rv = check_bool_attribute(pTemplate[i].pValue, true)) != CKR_OK) {
3849 return rv;
3850 }
3851 break;
3852
3853 case CKA_KEY_TYPE:
3854 case CKA_CLASS:
3855 case CKA_SUBJECT:
3856 case CKA_ID:
3857 case CKA_LABEL:
3858 case CKA_EXTRACTABLE:
3859 break;
3860
3861 default:
3862 return CKR_ATTRIBUTE_TYPE_INVALID;
3863 }
3864 }
3865 if (generate == true || template->obj.buf) {
3866 return CKR_OK;
3867 } else {
3868 return CKR_TEMPLATE_INCONSISTENT;
3869 }
3870}
3871
3872CK_RV populate_template(int type, void *object, CK_ATTRIBUTE_PTR pTemplate,
3873 CK_ULONG ulCount, yh_session *session) {
3874
3875 CK_RV rv = CKR_OK;
3876
3877 for (CK_ULONG i = 0; i < ulCount; i++) {
3878 DBG_INFO("Getting attribute 0x%lx", pTemplate[i].type);
3879
3880 CK_VOID_PTR object_ptr;
3881 if (pTemplate[i].pValue == NULL) {
3882 // NOTE(adma): just asking for the length
3883 object_ptr = NULL;
3884 DBG_INFO("Retrieving length");
3885 } else {
3886 // NOTE(adma): actually get the attribute
3887 object_ptr = pTemplate[i].pValue;
3888 DBG_INFO("Retrieving attribute");
3889 }
3890
3891 CK_RV attribute_rc;
3892 if (type == ECDH_KEY_TYPE) {
3893 ecdh_session_key *key = object;
3894 attribute_rc =
3895 get_attribute_ecsession_key(pTemplate[i].type, key, object_ptr,
3896 &pTemplate[i].ulValueLen);
3897 } else {
3898 yubihsm_pkcs11_object_desc *desc = object;
3899 attribute_rc = get_attribute(pTemplate[i].type, &desc->object, object_ptr,
3900 &pTemplate[i].ulValueLen, session);
3901 }
3902
3903 if (attribute_rc != CKR_OK) {
3904 rv = attribute_rc;
3905 if (attribute_rc == CKR_ATTRIBUTE_TYPE_INVALID) {
3906 DBG_ERR("Unable to get attribute");
3907 } else if (attribute_rc == CKR_BUFFER_TOO_SMALL) {
3908 DBG_ERR("Skipping attribute because buffer is too small");
3909 } else {
3910 DBG_ERR("Get attribute failed. %s", yh_strerror(attribute_rc));
3911 }
3912 } else {
3913 DBG_INFO("Attribute/length successfully returned with length %lu",
3914 pTemplate[i].ulValueLen);
3915 }
3916
3917 // NOTE(adma): Array of attributes like CKA_WRAP_TEMPLATE are special
3918 // cases.
3919 /* In the special case of an attribute whose value is an array of
3920 * attributes, for example CKA_WRAP_TEMPLATE, where it is passed in with
3921 * pValue not NULL, then if the pValue of elements within the array is
3922 * NULL_PTR then the ulValueLen of elements within the array will be set
3923 * to the required length. If the pValue of elements within the array is
3924 * not NULL_PTR, then the ulValueLen element of attributes within the
3925 * array MUST reflect the space that the corresponding pValue points to,
3926 * and pValue is filled in if there is sufficient room. Therefore it is
3927 * important to initialize the contents of a buffer before calling
3928 * C_GetAttributeValue to get such an array value. If any ulValueLen
3929 * within the array isn't large enough, it will be set to
3930 * CK_UNAVAILABLE_INFORMATION and the function will return
3931 * CKR_BUFFER_TOO_SMALL, as it does if an attribute in the pTemplate
3932 * argument has ulValueLen too small. Note that any attribute whose value
3933 * is an array of attributes is identifiable by virtue of the attribute
3934 * type having the CKF_ARRAY_ATTRIBUTE bit set.*/
3935 }
3936
3937 return rv;
3938}
3939
3940CK_RV validate_derive_key_attribute(CK_ATTRIBUTE_TYPE type, void *value) {
3941 switch (type) {
3942 case CKA_TOKEN:
3943 if (*((CK_BBOOL *) value) == CK_TRUE) {
3944 DBG_ERR("Derived key can only be a session object");
3945 return CKR_ATTRIBUTE_VALUE_INVALID;
3946 }
3947 break;
3948
3949 case CKA_CLASS:
3950 if (*((CK_ULONG_PTR) value) != CKO_SECRET_KEY) {
3951 DBG_ERR("Derived key class is unsupported");
3952 return CKR_ATTRIBUTE_VALUE_INVALID;
3953 }
3954 break;
3955
3956 case CKA_KEY_TYPE:
3957 if (*((CK_ULONG_PTR) value) != CKK_GENERIC_SECRET) {
3958 DBG_ERR("Derived key type is unsupported");
3959 return CKR_ATTRIBUTE_VALUE_INVALID;
3960 }
3961 break;
3962
3963 case CKA_EXTRACTABLE:
3964 if (*((CK_BBOOL *) value) == CK_FALSE) {
3965 DBG_ERR("The derived key will be extractable");
3966 return CKR_ATTRIBUTE_VALUE_INVALID;
3967 }
3968 break;
3969
3970 default:
3971 DBG_WARN("ECDH key derive template contains the ignored attribute: %lx",
3972 type);
3973 break;
3974 }
3975
3976 return CKR_OK;
3977}
p
const mie::Vuint & p
Definition bn.cpp:27
r
const mie::Vuint & r
Definition bn.cpp:28
id
uint64_t id
Definition code_cache.cpp:0
DBG_ERR
#define DBG_ERR(...)
Definition debug_lib.h:76
DBG_INFO
#define DBG_INFO(...)
Definition debug_lib.h:63
debug_p11.h
DBG_WARN
#define DBG_WARN(...)
Definition debug_p11.h:36
session
CK_SESSION_HANDLE session
Definition ecdh_derive_test.c:45
count
int * count
Definition gmock_stress_test.cc:177
BIGNUM
bignum_st BIGNUM
Definition bigint.hpp:7
yh_strerror
const char * yh_strerror(yh_rc err)
Definition error.c:65
list_append
bool list_append(List *list, void *item)
Definition list.c:78
list_delete
void list_delete(List *list, ListItem *item)
Definition list.c:117
list_get
ListItem * list_get(List *list, void *data, CompareItemFn compare_item_fn)
Definition list.c:105
list_create
void list_create(List *list, int item_size, FreeItemFn free_item_fn)
Definition list.c:24
list_destroy
void list_destroy(List *list)
Definition list.c:33
CLI::detail::str
return str
Definition CLI11.hpp:1359
fc::ecc::signature
fc::array< char, 72 > signature
Definition elliptic.hpp:25
fc::min
const T & min(const T &a, const T &b)
Definition utility.hpp:140
ECDSA_SIG_get0
void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
Definition openssl-compat.c:80
RSA_set0_key
int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
Definition openssl-compat.c:13
ECDSA_SIG_set0
int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
Definition openssl-compat.c:64
CKA_NEVER_EXTRACTABLE
#define CKA_NEVER_EXTRACTABLE
Definition pkcs11.h:417
CKA_TOKEN
#define CKA_TOKEN
Definition pkcs11.h:364
CKR_GENERAL_ERROR
#define CKR_GENERAL_ERROR
Definition pkcs11.h:1096
CKR_MECHANISM_INVALID
#define CKR_MECHANISM_INVALID
Definition pkcs11.h:1126
CKM_RSA_PKCS
#define CKM_RSA_PKCS
Definition pkcs11.h:470
CKM_ECDSA_SHA1
#define CKM_ECDSA_SHA1
Definition pkcs11.h:647
CKR_ATTRIBUTE_TYPE_INVALID
#define CKR_ATTRIBUTE_TYPE_INVALID
Definition pkcs11.h:1104
CKO_PUBLIC_KEY
#define CKO_PUBLIC_KEY
Definition pkcs11.h:302
CKF_EC_UNCOMPRESS
#define CKF_EC_UNCOMPRESS
Definition pkcs11.h:725
CKR_DATA_INVALID
#define CKR_DATA_INVALID
Definition pkcs11.h:1106
CKK_SHA256_HMAC
#define CKK_SHA256_HMAC
Definition pkcs11.h:345
CK_FALSE
#define CK_FALSE
Definition pkcs11.h:1202
CKM_SHA_1_HMAC
#define CKM_SHA_1_HMAC
Definition pkcs11.h:533
CKR_ATTRIBUTE_SENSITIVE
#define CKR_ATTRIBUTE_SENSITIVE
Definition pkcs11.h:1103
CKC_X_509
#define CKC_X_509
Definition pkcs11.h:356
CKF_DIGEST
#define CKF_DIGEST
Definition pkcs11.h:709
CKF_DERIVE
#define CKF_DERIVE
Definition pkcs11.h:718
CKA_PRIVATE_EXPONENT
#define CKA_PRIVATE_EXPONENT
Definition pkcs11.h:401
CK_SESSION_HANDLE_PTR
ck_session_handle_t * CK_SESSION_HANDLE_PTR
Definition pkcs11.h:1227
CKA_ID
#define CKA_ID
Definition pkcs11.h:385
CKA_OBJECT_ID
#define CKA_OBJECT_ID
Definition pkcs11.h:369
CK_MECHANISM_TYPE_PTR
ck_mechanism_type_t * CK_MECHANISM_TYPE_PTR
Definition pkcs11.h:1242
CKA_APPLICATION
#define CKA_APPLICATION
Definition pkcs11.h:367
CKF_VERIFY
#define CKF_VERIFY
Definition pkcs11.h:712
CK_ULONG_PTR
CK_ULONG * CK_ULONG_PTR
Definition pkcs11.h:1199
CKM_ECDH1_DERIVE
#define CKM_ECDH1_DERIVE
Definition pkcs11.h:652
value
#define value
Definition pkcs11.h:157
CK_ULONG
unsigned long int CK_ULONG
Definition pkcs11.h:1194
CKO_SECRET_KEY
#define CKO_SECRET_KEY
Definition pkcs11.h:304
CKK_RSA
#define CKK_RSA
Definition pkcs11.h:319
CKA_PUBLIC_EXPONENT
#define CKA_PUBLIC_EXPONENT
Definition pkcs11.h:400
CKA_MODIFIABLE
#define CKA_MODIFIABLE
Definition pkcs11.h:420
CKM_RSA_PKCS_KEY_PAIR_GEN
#define CKM_RSA_PKCS_KEY_PAIR_GEN
Definition pkcs11.h:469
CKR_SESSION_READ_ONLY
#define CKR_SESSION_READ_ONLY
Definition pkcs11.h:1140
CKR_SIGNATURE_INVALID
#define CKR_SIGNATURE_INVALID
Definition pkcs11.h:1144
CKR_OK
#define CKR_OK
Definition pkcs11.h:1092
CKR_SESSION_HANDLE_INVALID
#define CKR_SESSION_HANDLE_INVALID
Definition pkcs11.h:1138
CKO_CERTIFICATE
#define CKO_CERTIFICATE
Definition pkcs11.h:301
CKA_PUBLIC_KEY_INFO
#define CKA_PUBLIC_KEY_INFO
Definition pkcs11.h:407
CKF_RW_SESSION
#define CKF_RW_SESSION
Definition pkcs11.h:293
CKM_SHA256
#define CKM_SHA256
Definition pkcs11.h:541
CKA_MODULUS
#define CKA_MODULUS
Definition pkcs11.h:398
CK_BYTE
unsigned char CK_BYTE
Definition pkcs11.h:1190
CKA_PRIVATE
#define CKA_PRIVATE
Definition pkcs11.h:365
CKA_PRIME_1
#define CKA_PRIME_1
Definition pkcs11.h:402
CKF_WRAP
#define CKF_WRAP
Definition pkcs11.h:716
CKA_EC_POINT
#define CKA_EC_POINT
Definition pkcs11.h:425
CKA_SENSITIVE
#define CKA_SENSITIVE
Definition pkcs11.h:386
CKF_EC_F_P
#define CKF_EC_F_P
Definition pkcs11.h:721
CKF_GENERATE_KEY_PAIR
#define CKF_GENERATE_KEY_PAIR
Definition pkcs11.h:715
CKA_SIGN_RECOVER
#define CKA_SIGN_RECOVER
Definition pkcs11.h:392
CKM_SHA512_RSA_PKCS_PSS
#define CKM_SHA512_RSA_PKCS_PSS
Definition pkcs11.h:498
CKM_ECDSA_SHA512
#define CKM_ECDSA_SHA512
Definition pkcs11.h:651
CKM_RSA_PKCS_OAEP
#define CKM_RSA_PKCS_OAEP
Definition pkcs11.h:478
CKM_SHA512_RSA_PKCS
#define CKM_SHA512_RSA_PKCS
Definition pkcs11.h:495
CKA_EXPONENT_1
#define CKA_EXPONENT_1
Definition pkcs11.h:404
CKA_SIGN
#define CKA_SIGN
Definition pkcs11.h:391
CKA_EXPONENT_2
#define CKA_EXPONENT_2
Definition pkcs11.h:405
CK_UNAVAILABLE_INFORMATION
#define CK_UNAVAILABLE_INFORMATION
Definition pkcs11.h:265
CK_TRUE
#define CK_TRUE
Definition pkcs11.h:1203
CKA_VALUE
#define CKA_VALUE
Definition pkcs11.h:368
CK_BYTE_PTR
CK_BYTE * CK_BYTE_PTR
Definition pkcs11.h:1196
CKF_ENCRYPT
#define CKF_ENCRYPT
Definition pkcs11.h:707
CKA_LOCAL
#define CKA_LOCAL
Definition pkcs11.h:416
CKF_EC_ECPARAMETERS
#define CKF_EC_ECPARAMETERS
Definition pkcs11.h:723
CKM_SHA256_HMAC
#define CKM_SHA256_HMAC
Definition pkcs11.h:542
CKA_VERIFY
#define CKA_VERIFY
Definition pkcs11.h:393
CK_VOID_PTR
void * CK_VOID_PTR
Definition pkcs11.h:1200
CKO_DATA
#define CKO_DATA
Definition pkcs11.h:300
CKO_PRIVATE_KEY
#define CKO_PRIVATE_KEY
Definition pkcs11.h:303
CKM_GENERIC_SECRET_KEY_GEN
#define CKM_GENERIC_SECRET_KEY_GEN
Definition pkcs11.h:586
CKR_FUNCTION_FAILED
#define CKR_FUNCTION_FAILED
Definition pkcs11.h:1097
CKM_SHA384
#define CKM_SHA384
Definition pkcs11.h:544
CKA_COPYABLE
#define CKA_COPYABLE
Definition pkcs11.h:421
CKA_PRIME_2
#define CKA_PRIME_2
Definition pkcs11.h:403
CKM_EC_KEY_PAIR_GEN
#define CKM_EC_KEY_PAIR_GEN
Definition pkcs11.h:645
CKM_SHA384_HMAC
#define CKM_SHA384_HMAC
Definition pkcs11.h:545
CKR_TEMPLATE_INCONSISTENT
#define CKR_TEMPLATE_INCONSISTENT
Definition pkcs11.h:1147
CKR_DATA_LEN_RANGE
#define CKR_DATA_LEN_RANGE
Definition pkcs11.h:1107
CKA_UNWRAP
#define CKA_UNWRAP
Definition pkcs11.h:390
CKM_SHA1_RSA_PKCS
#define CKM_SHA1_RSA_PKCS
Definition pkcs11.h:475
CKM_SHA512
#define CKM_SHA512
Definition pkcs11.h:547
CKA_TRUSTED
#define CKA_TRUSTED
Definition pkcs11.h:376
CK_BBOOL
unsigned char CK_BBOOL
Definition pkcs11.h:1193
CKA_WRAP_WITH_TRUSTED
#define CKA_WRAP_WITH_TRUSTED
Definition pkcs11.h:429
CKR_BUFFER_TOO_SMALL
#define CKR_BUFFER_TOO_SMALL
Definition pkcs11.h:1169
CKA_DECRYPT
#define CKA_DECRYPT
Definition pkcs11.h:388
CKA_KEY_TYPE
#define CKA_KEY_TYPE
Definition pkcs11.h:383
CKA_ALWAYS_AUTHENTICATE
#define CKA_ALWAYS_AUTHENTICATE
Definition pkcs11.h:428
TRUE
#define TRUE
Definition pkcs11.h:1209
FALSE
#define FALSE
Definition pkcs11.h:1206
CKR_USER_ALREADY_LOGGED_IN
#define CKR_USER_ALREADY_LOGGED_IN
Definition pkcs11.h:1154
CKK_SHA384_HMAC
#define CKK_SHA384_HMAC
Definition pkcs11.h:346
CKF_SIGN
#define CKF_SIGN
Definition pkcs11.h:710
CKF_GENERATE
#define CKF_GENERATE
Definition pkcs11.h:714
CKK_GENERIC_SECRET
#define CKK_GENERIC_SECRET
Definition pkcs11.h:326
CKA_COEFFICIENT
#define CKA_COEFFICIENT
Definition pkcs11.h:406
CKA_DESTROYABLE
#define CKA_DESTROYABLE
Definition pkcs11.h:422
CKM_ECDSA
#define CKM_ECDSA
Definition pkcs11.h:646
CKM_ECDSA_SHA384
#define CKM_ECDSA_SHA384
Definition pkcs11.h:650
CKA_DERIVE
#define CKA_DERIVE
Definition pkcs11.h:395
CKR_ATTRIBUTE_VALUE_INVALID
#define CKR_ATTRIBUTE_VALUE_INVALID
Definition pkcs11.h:1105
CKK_VENDOR_DEFINED
#define CKK_VENDOR_DEFINED
Definition pkcs11.h:352
slot_id
#define slot_id
Definition pkcs11.h:146
CKR_USER_NOT_LOGGED_IN
#define CKR_USER_NOT_LOGGED_IN
Definition pkcs11.h:1155
CKA_ALWAYS_SENSITIVE
#define CKA_ALWAYS_SENSITIVE
Definition pkcs11.h:418
CKF_UNWRAP
#define CKF_UNWRAP
Definition pkcs11.h:717
CKA_CERTIFICATE_TYPE
#define CKA_CERTIFICATE_TYPE
Definition pkcs11.h:370
CKM_ECDSA_SHA256
#define CKM_ECDSA_SHA256
Definition pkcs11.h:649
CKF_DECRYPT
#define CKF_DECRYPT
Definition pkcs11.h:708
CKA_MODULUS_BITS
#define CKA_MODULUS_BITS
Definition pkcs11.h:399
CKA_LABEL
#define CKA_LABEL
Definition pkcs11.h:366
CKA_EXTRACTABLE
#define CKA_EXTRACTABLE
Definition pkcs11.h:415
CKR_TEMPLATE_INCOMPLETE
#define CKR_TEMPLATE_INCOMPLETE
Definition pkcs11.h:1146
CKM_SHA256_RSA_PKCS_PSS
#define CKM_SHA256_RSA_PKCS_PSS
Definition pkcs11.h:496
CKA_ENCRYPT
#define CKA_ENCRYPT
Definition pkcs11.h:387
CKM_RSA_PKCS_PSS
#define CKM_RSA_PKCS_PSS
Definition pkcs11.h:482
CKM_SHA1_RSA_PKCS_PSS
#define CKM_SHA1_RSA_PKCS_PSS
Definition pkcs11.h:483
CKM_SHA384_RSA_PKCS
#define CKM_SHA384_RSA_PKCS
Definition pkcs11.h:494
CKA_UNWRAP_TEMPLATE
#define CKA_UNWRAP_TEMPLATE
Definition pkcs11.h:451
CKR_CURVE_NOT_SUPPORTED
#define CKR_CURVE_NOT_SUPPORTED
Definition pkcs11.h:1168
CKM_SHA512_HMAC
#define CKM_SHA512_HMAC
Definition pkcs11.h:548
CKM_SHA256_RSA_PKCS
#define CKM_SHA256_RSA_PKCS
Definition pkcs11.h:493
CKM_SHA384_RSA_PKCS_PSS
#define CKM_SHA384_RSA_PKCS_PSS
Definition pkcs11.h:497
CKK_EC
#define CKK_EC
Definition pkcs11.h:323
CKA_WRAP_TEMPLATE
#define CKA_WRAP_TEMPLATE
Definition pkcs11.h:450
CKF_HW
#define CKF_HW
Definition pkcs11.h:706
CKK_SHA_1_HMAC
#define CKK_SHA_1_HMAC
Definition pkcs11.h:344
CK_UTF8CHAR_PTR
CK_UTF8CHAR * CK_UTF8CHAR_PTR
Definition pkcs11.h:1198
CKM_SHA_1
#define CKM_SHA_1
Definition pkcs11.h:532
CKA_EC_PARAMS
#define CKA_EC_PARAMS
Definition pkcs11.h:424
CKA_WRAP
#define CKA_WRAP
Definition pkcs11.h:389
CKA_CLASS
#define CKA_CLASS
Definition pkcs11.h:363
CKK_SHA512_HMAC
#define CKK_SHA512_HMAC
Definition pkcs11.h:347
CKA_SUBJECT
#define CKA_SUBJECT
Definition pkcs11.h:384
CKK_YUBICO_AES192_CCM_WRAP
#define CKK_YUBICO_AES192_CCM_WRAP
Definition pkcs11y.h:28
CKK_YUBICO_AES128_CCM_WRAP
#define CKK_YUBICO_AES128_CCM_WRAP
Definition pkcs11y.h:26
CKM_YUBICO_AES_CCM_WRAP
#define CKM_YUBICO_AES_CCM_WRAP
Definition pkcs11y.h:33
CKK_YUBICO_AES256_CCM_WRAP
#define CKK_YUBICO_AES256_CCM_WRAP
Definition pkcs11y.h:30
a
const GenericPointer< typename T::ValueType > T2 T::AllocatorType & a
Definition pointer.h:1181
uint16_t
unsigned short uint16_t
Definition stdint.h:125
uint8_t
unsigned char uint8_t
Definition stdint.h:124
List::head
ListItem * head
Definition list.h:38
ListItem::data
void * data
Definition list.h:31
ck_attribute
Definition pkcs11.h:455
ck_mechanism_info
Definition pkcs11.h:700
ck_mechanism
Definition pkcs11.h:694
ck_mechanism::mechanism
ck_mechanism_type_t mechanism
Definition pkcs11.h:695
ck_slot_info::flags
ck_flags_t flags
Definition pkcs11.h:215
decrypt_info::finalized
bool finalized
Definition yubihsm_pkcs11.h:81
decrypt_info::key_id
uint16_t key_id
Definition yubihsm_pkcs11.h:79
digest_info::md_ctx
EVP_MD_CTX * md_ctx
Definition yubihsm_pkcs11.h:73
digest_info::is_multipart
bool is_multipart
Definition yubihsm_pkcs11.h:75
ecdh_session_key
Definition yubihsm_pkcs11.h:122
mechanism::oaep
struct mechanism::@110::@112 oaep
mechanism::pss
struct mechanism::@110::@113 pss
mechanism::mechanism
CK_MECHANISM_TYPE mechanism
Definition yubihsm_pkcs11.h:108
sign_info::md_ctx
EVP_MD_CTX * md_ctx
Definition yubihsm_pkcs11.h:66
sign_info::key_id
uint16_t key_id
Definition yubihsm_pkcs11.h:67
sign_info::sig_len
uint16_t sig_len
Definition yubihsm_pkcs11.h:69
sign_info::key_len
CK_ULONG key_len
Definition yubihsm_pkcs11.h:68
verify_info::key_id
uint16_t key_id
Definition yubihsm_pkcs11.h:94
verify_info::padding
int padding
Definition yubihsm_pkcs11.h:91
verify_info::saltLen
unsigned long saltLen
Definition yubihsm_pkcs11.h:92
verify_info::md_ctx
EVP_MD_CTX * md_ctx
Definition yubihsm_pkcs11.h:89
verify_info::md
const EVP_MD * md
Definition yubihsm_pkcs11.h:90
verify_info::mgf1md
const EVP_MD * mgf1md
Definition yubihsm_pkcs11.h:93
yh_connector
Definition internal.h:37
yh_object_descriptor
Definition yubihsm.h:540
yh_object_descriptor::algorithm
yh_algorithm algorithm
Object algorithm.
Definition yubihsm.h:552
yh_object_descriptor::id
uint16_t id
Object ID.
Definition yubihsm.h:544
yh_object_descriptor::capabilities
yh_capabilities capabilities
Object capabilities.
Definition yubihsm.h:542
yh_object_descriptor::origin
uint8_t origin
Object origin.
Definition yubihsm.h:556
yh_object_descriptor::label
char label[YH_OBJ_LABEL_LEN+1]
Object label.
Definition yubihsm.h:558
yh_object_descriptor::type
yh_object_type type
Object type.
Definition yubihsm.h:550
yh_session
Definition internal.h:25
yubihsm_pkcs11_context
Definition yubihsm_pkcs11.h:141
yubihsm_pkcs11_context::unlock_mutex
CK_UNLOCKMUTEX unlock_mutex
Definition yubihsm_pkcs11.h:146
yubihsm_pkcs11_context::lock_mutex
CK_LOCKMUTEX lock_mutex
Definition yubihsm_pkcs11.h:145
yubihsm_pkcs11_context::destroy_mutex
CK_DESTROYMUTEX destroy_mutex
Definition yubihsm_pkcs11.h:144
yubihsm_pkcs11_context::create_mutex
CK_CREATEMUTEX create_mutex
Definition yubihsm_pkcs11.h:143
yubihsm_pkcs11_context::slots
List slots
Definition yubihsm_pkcs11.h:142
yubihsm_pkcs11_object_desc
Definition yubihsm_pkcs11.h:41
yubihsm_pkcs11_object_desc::object
yh_object_descriptor object
Definition yubihsm_pkcs11.h:44
yubihsm_pkcs11_object_desc::tv
struct timeval tv
Definition yubihsm_pkcs11.h:42
yubihsm_pkcs11_object_template
Definition yubihsm_pkcs11.h:177
yubihsm_pkcs11_object_template::sign
yubihsm_pkcs11_attribute sign
Definition yubihsm_pkcs11.h:181
yubihsm_pkcs11_object_template::decrypt
yubihsm_pkcs11_attribute decrypt
Definition yubihsm_pkcs11.h:183
yubihsm_pkcs11_object_template::wrap
yubihsm_pkcs11_attribute wrap
Definition yubihsm_pkcs11.h:187
yubihsm_pkcs11_object_template::label
char label[YH_OBJ_LABEL_LEN+1]
Definition yubihsm_pkcs11.h:180
yubihsm_pkcs11_object_template::exportable
yubihsm_pkcs11_attribute exportable
Definition yubihsm_pkcs11.h:185
yubihsm_pkcs11_object_template::derive
yubihsm_pkcs11_attribute derive
Definition yubihsm_pkcs11.h:184
yubihsm_pkcs11_object_template::rsa
struct yubihsm_pkcs11_object_template::@114::@115 rsa
yubihsm_pkcs11_object_template::verify
yubihsm_pkcs11_attribute verify
Definition yubihsm_pkcs11.h:186
yubihsm_pkcs11_object_template::encrypt
yubihsm_pkcs11_attribute encrypt
Definition yubihsm_pkcs11.h:182
yubihsm_pkcs11_object_template::obj
union yubihsm_pkcs11_object_template::@114 obj
yubihsm_pkcs11_object_template::unwrap
yubihsm_pkcs11_attribute unwrap
Definition yubihsm_pkcs11.h:188
yubihsm_pkcs11_object_template::buf
uint8_t * buf
Definition yubihsm_pkcs11.h:195
yubihsm_pkcs11_object_template::algorithm
yh_algorithm algorithm
Definition yubihsm_pkcs11.h:178
yubihsm_pkcs11_object_template::id
uint16_t id
Definition yubihsm_pkcs11.h:179
yubihsm_pkcs11_object_template::objlen
uint16_t objlen
Definition yubihsm_pkcs11.h:189
yubihsm_pkcs11_op_info
Definition yubihsm_pkcs11.h:133
yubihsm_pkcs11_op_info::mechanism
mechanism mechanism
Definition yubihsm_pkcs11.h:135
yubihsm_pkcs11_op_info::op
op op
Definition yubihsm_pkcs11.h:136
yubihsm_pkcs11_op_info::buffer_length
unsigned int buffer_length
Definition yubihsm_pkcs11.h:138
yubihsm_pkcs11_op_info::buffer
uint8_t buffer[YUBIHSM_PKCS11_OP_BUFSIZE]
Definition yubihsm_pkcs11.h:137
yubihsm_pkcs11_session
Definition yubihsm_pkcs11.h:163
yubihsm_pkcs11_slot
Definition yubihsm_pkcs11.h:150
yubihsm_pkcs11_slot::mutex
void * mutex
Definition yubihsm_pkcs11.h:160
yubihsm_pkcs11_slot::id
uint16_t id
Definition yubihsm_pkcs11.h:151
yubihsm_pkcs11_slot::connector
yh_connector * connector
Definition yubihsm_pkcs11.h:154
yubihsm_pkcs11_slot::connector_name
char * connector_name
Definition yubihsm_pkcs11.h:153
yubihsm_pkcs11_slot::pkcs11_sessions
List pkcs11_sessions
Definition yubihsm_pkcs11.h:156
yubihsm_pkcs11_slot::n_algorithms
size_t n_algorithms
Definition yubihsm_pkcs11.h:159
yubihsm_pkcs11_slot::device_session
yh_session * device_session
Definition yubihsm_pkcs11.h:155
yubihsm_pkcs11_slot::max_session_id
uint16_t max_session_id
Definition yubihsm_pkcs11.h:152
yubihsm_pkcs11_slot::algorithms
yh_algorithm algorithms[YH_MAX_ALGORITHM_COUNT]
Definition yubihsm_pkcs11.h:158
op::digest
digest_info digest
Definition yubihsm_pkcs11.h:101
op::decrypt
decrypt_info decrypt
Definition yubihsm_pkcs11.h:103
op::verify
verify_info verify
Definition yubihsm_pkcs11.h:102
op::sign
sign_info sign
Definition yubihsm_pkcs11.h:100
algo2nid
int algo2nid(yh_algorithm algo)
Definition util.c:335
parse_NID
void parse_NID(uint8_t *data, uint16_t data_len, const EVP_MD **md_type, int *digestinfo_len)
Definition util.c:452
is_PKCS1v1_5_sign_mechanism
bool is_PKCS1v1_5_sign_mechanism(CK_MECHANISM_TYPE m)
Definition util_pkcs11.c:2673
is_ECDSA_sign_mechanism
bool is_ECDSA_sign_mechanism(CK_MECHANISM_TYPE m)
Definition util_pkcs11.c:2690
set_template_attribute
CK_RV set_template_attribute(yubihsm_pkcs11_attribute *attribute, void *value)
Definition util_pkcs11.c:2953
get_mechanism_list
CK_RV get_mechanism_list(yubihsm_pkcs11_slot *slot, CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR count)
Definition util_pkcs11.c:73
add_connectors
bool add_connectors(yubihsm_pkcs11_context *ctx, int n_connectors, char **connector_names, yh_connector **connectors)
Definition util_pkcs11.c:2924
apply_verify_mechanism_finalize
CK_RV apply_verify_mechanism_finalize(yubihsm_pkcs11_op_info *op_info __attribute((unused)))
Definition util_pkcs11.c:2150
decrypt_mechanism_cleanup
bool decrypt_mechanism_cleanup(yubihsm_pkcs11_op_info *op_info)
Definition util_pkcs11.c:2566
verify_mechanism_cleanup
bool verify_mechanism_cleanup(yubihsm_pkcs11_op_info *op_info)
Definition util_pkcs11.c:2556
populate_template
CK_RV populate_template(int type, void *object, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, yh_session *session)
Definition util_pkcs11.c:3872
check_encrypt_mechanism
bool check_encrypt_mechanism(yubihsm_pkcs11_slot *slot, CK_MECHANISM_PTR pMechanism)
Definition util_pkcs11.c:1702
parse_ec_generate_template
CK_RV parse_ec_generate_template(CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, yubihsm_pkcs11_object_template *template)
Definition util_pkcs11.c:3570
apply_verify_mechanism_init
CK_RV apply_verify_mechanism_init(yubihsm_pkcs11_op_info *op_info)
Definition util_pkcs11.c:1821
perform_digest
CK_RV perform_digest(yubihsm_pkcs11_op_info *op_info, uint8_t *digest, uint16_t *digest_len)
Definition util_pkcs11.c:2533
is_PSS_sign_mechanism
bool is_PSS_sign_mechanism(CK_MECHANISM_TYPE m)
Definition util_pkcs11.c:2707
release_slot
void release_slot(yubihsm_pkcs11_context *ctx, yubihsm_pkcs11_slot *slot)
Definition util_pkcs11.c:2782
apply_decrypt_mechanism_finalize
CK_RV apply_decrypt_mechanism_finalize(yubihsm_pkcs11_op_info *op_info __attribute((unused)))
Definition util_pkcs11.c:2156
parse_rsa_generate_template
CK_RV parse_rsa_generate_template(CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, yubihsm_pkcs11_object_template *template)
Definition util_pkcs11.c:3305
is_HMAC_sign_mechanism
bool is_HMAC_sign_mechanism(CK_MECHANISM_TYPE m)
Definition util_pkcs11.c:2724
is_hashed_mechanism
bool is_hashed_mechanism(CK_MECHANISM_TYPE m)
Definition util_pkcs11.c:2645
ASN1_OID
#define ASN1_OID
Definition util_pkcs11.c:41
get_session
CK_RV get_session(yubihsm_pkcs11_context *ctx, CK_SESSION_HANDLE hSession, yubihsm_pkcs11_session **session, int session_state)
Definition util_pkcs11.c:2789
parse_hex
bool parse_hex(CK_UTF8CHAR_PTR hex, CK_ULONG hex_len, uint8_t *parsed)
Definition util_pkcs11.c:464
apply_digest_mechanism_init
CK_RV apply_digest_mechanism_init(yubihsm_pkcs11_op_info *op_info)
Definition util_pkcs11.c:1902
perform_signature
CK_RV perform_signature(yh_session *session, yubihsm_pkcs11_op_info *op_info, uint8_t *signature, uint16_t *signature_len)
Definition util_pkcs11.c:2410
validate_derive_key_attribute
CK_RV validate_derive_key_attribute(CK_ATTRIBUTE_TYPE type, void *value)
Definition util_pkcs11.c:3940
apply_encrypt_mechanism_update
CK_RV apply_encrypt_mechanism_update(yubihsm_pkcs11_op_info *op_info, CK_BYTE_PTR in, CK_ULONG in_len)
Definition util_pkcs11.c:2075
get_attribute_ecsession_key
CK_RV get_attribute_ecsession_key(CK_ATTRIBUTE_TYPE type, ecdh_session_key *key, CK_VOID_PTR value, CK_ULONG_PTR length)
Definition util_pkcs11.c:1493
check_decrypt_mechanism
bool check_decrypt_mechanism(yubihsm_pkcs11_slot *slot, CK_MECHANISM_PTR pMechanism)
Definition util_pkcs11.c:1678
check_digest_mechanism
bool check_digest_mechanism(CK_MECHANISM_PTR pMechanism)
Definition util_pkcs11.c:1725
parse_wrap_template
CK_RV parse_wrap_template(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, yubihsm_pkcs11_object_template *template, bool generate)
Definition util_pkcs11.c:3801
parse_id_value
int parse_id_value(void *value, CK_ULONG len)
Definition util_pkcs11.c:3556
parse_ec_template
CK_RV parse_ec_template(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, yubihsm_pkcs11_object_template *template)
Definition util_pkcs11.c:3150
sign_mechanism_cleanup
bool sign_mechanism_cleanup(yubihsm_pkcs11_op_info *op_info)
Definition util_pkcs11.c:2546
create_session
bool create_session(yubihsm_pkcs11_slot *slot, CK_FLAGS flags, CK_SESSION_HANDLE_PTR phSession)
Definition util_pkcs11.c:491
apply_sign_mechanism_finalize
CK_RV apply_sign_mechanism_finalize(yubihsm_pkcs11_op_info *op_info)
Definition util_pkcs11.c:2117
get_slot
yubihsm_pkcs11_slot * get_slot(yubihsm_pkcs11_context *ctx, CK_ULONG id)
Definition util_pkcs11.c:2766
parse_hmac_template
CK_RV parse_hmac_template(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, yubihsm_pkcs11_object_template *template, bool generate)
Definition util_pkcs11.c:3229
is_RSA_sign_mechanism
bool is_RSA_sign_mechanism(CK_MECHANISM_TYPE m)
Definition util_pkcs11.c:2605
apply_sign_mechanism_update
CK_RV apply_sign_mechanism_update(yubihsm_pkcs11_op_info *op_info, CK_BYTE_PTR in, CK_ULONG in_len)
Definition util_pkcs11.c:1943
set_native_locking
void set_native_locking(yubihsm_pkcs11_context *ctx)
Definition util_pkcs11.c:2916
apply_decrypt_mechanism_update
CK_RV apply_decrypt_mechanism_update(yubihsm_pkcs11_op_info *op_info, CK_BYTE_PTR in, CK_ULONG in_len)
Definition util_pkcs11.c:2053
check_wrap_mechanism
bool check_wrap_mechanism(yubihsm_pkcs11_slot *slot, CK_MECHANISM_PTR pMechanism)
Definition util_pkcs11.c:1740
get_object_desc
yubihsm_pkcs11_object_desc * get_object_desc(yh_session *session, yubihsm_pkcs11_object_desc *objects, CK_OBJECT_HANDLE objHandle)
Definition util_pkcs11.c:1587
delete_session
bool delete_session(yubihsm_pkcs11_context *ctx, CK_SESSION_HANDLE_PTR phSession)
Definition util_pkcs11.c:2831
apply_digest_mechanism_update
CK_RV apply_digest_mechanism_update(yubihsm_pkcs11_op_info *op_info, CK_BYTE_PTR in, CK_ULONG in_len)
Definition util_pkcs11.c:2095
check_verify_mechanism
bool check_verify_mechanism(yubihsm_pkcs11_slot *slot, CK_MECHANISM_PTR pMechanism)
Definition util_pkcs11.c:1672
perform_decrypt
CK_RV perform_decrypt(yh_session *session, yubihsm_pkcs11_op_info *op_info, uint8_t *data, uint16_t *data_len)
Definition util_pkcs11.c:2463
is_RSA_decrypt_mechanism
bool is_RSA_decrypt_mechanism(CK_MECHANISM_TYPE m)
Definition util_pkcs11.c:2627
apply_decrypt_mechanism_init
CK_RV apply_decrypt_mechanism_init(yubihsm_pkcs11_op_info *op_info)
Definition util_pkcs11.c:1884
apply_digest_mechanism_finalize
CK_RV apply_digest_mechanism_finalize(yubihsm_pkcs11_op_info *op_info)
Definition util_pkcs11.c:2163
get_mechanism_info
bool get_mechanism_info(yubihsm_pkcs11_slot *slot, CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR pInfo)
Definition util_pkcs11.c:313
release_session
void release_session(yubihsm_pkcs11_context *ctx, yubihsm_pkcs11_session *session)
Definition util_pkcs11.c:2850
perform_verify
CK_RV perform_verify(yh_session *session, yubihsm_pkcs11_op_info *op_info, uint8_t *signature, uint16_t signature_len)
Definition util_pkcs11.c:2225
parse_rsa_template
CK_RV parse_rsa_template(CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, yubihsm_pkcs11_object_template *template)
Definition util_pkcs11.c:2976
delete_object_from_cache
void delete_object_from_cache(yubihsm_pkcs11_object_desc *objects, CK_OBJECT_HANDLE objHandle)
Definition util_pkcs11.c:1571
get_digest_bytelength
CK_ULONG get_digest_bytelength(CK_MECHANISM_TYPE m)
Definition util_pkcs11.c:2583
get_attribute
CK_RV get_attribute(CK_ATTRIBUTE_TYPE type, yh_object_descriptor *object, CK_VOID_PTR value, CK_ULONG_PTR length, yh_session *session)
Definition util_pkcs11.c:1455
apply_sign_mechanism_init
CK_RV apply_sign_mechanism_init(yubihsm_pkcs11_op_info *op_info)
Definition util_pkcs11.c:1763
digest_mechanism_cleanup
bool digest_mechanism_cleanup(yubihsm_pkcs11_op_info *op_info)
Definition util_pkcs11.c:2573
apply_verify_mechanism_update
CK_RV apply_verify_mechanism_update(yubihsm_pkcs11_op_info *op_info, CK_BYTE_PTR in, CK_ULONG in_len)
Definition util_pkcs11.c:2007
check_sign_mechanism
bool check_sign_mechanism(yubihsm_pkcs11_slot *slot, CK_MECHANISM_PTR pMechanism)
Definition util_pkcs11.c:1646
perform_encrypt
CK_RV perform_encrypt(yh_session *session, yubihsm_pkcs11_op_info *op_info, uint8_t *data, uint16_t *data_len)
Definition util_pkcs11.c:2505
util_pkcs11.h
yh_is_rsa
bool yh_is_rsa(yh_algorithm algorithm)
Definition yubihsm.c:4245
yh_destroy_session
yh_rc yh_destroy_session(yh_session **session)
Definition yubihsm.c:890
yh_is_ec
bool yh_is_ec(yh_algorithm algorithm)
Definition yubihsm.c:4260
yh_util_sign_ecdsa
yh_rc yh_util_sign_ecdsa(yh_session *session, uint16_t key_id, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
Definition yubihsm.c:1411
yh_util_unwrap_data
yh_rc yh_util_unwrap_data(yh_session *session, uint16_t key_id, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
Definition yubihsm.c:3716
yh_util_get_opaque
yh_rc yh_util_get_opaque(yh_session *session, uint16_t object_id, uint8_t *out, size_t *out_len)
Definition yubihsm.c:2636
yh_util_decrypt_pkcs1v1_5
yh_rc yh_util_decrypt_pkcs1v1_5(yh_session *session, uint16_t key_id, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
Definition yubihsm.c:2059
yh_util_get_device_info
yh_rc yh_util_get_device_info(yh_connector *connector, uint8_t *major, uint8_t *minor, uint8_t *patch, uint32_t *serial, uint8_t *log_total, uint8_t *log_used, yh_algorithm *algorithms, size_t *n_algorithms)
Definition yubihsm.c:938
yh_util_get_object_info
yh_rc yh_util_get_object_info(yh_session *session, uint16_t id, yh_object_type type, yh_object_descriptor *object)
Definition yubihsm.c:1128
yh_util_wrap_data
yh_rc yh_util_wrap_data(yh_session *session, uint16_t key_id, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
Definition yubihsm.c:3667
yh_util_sign_hmac
yh_rc yh_util_sign_hmac(yh_session *session, uint16_t key_id, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
Definition yubihsm.c:1520
yh_util_sign_pss
yh_rc yh_util_sign_pss(yh_session *session, uint16_t key_id, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len, size_t salt_len, yh_algorithm mgf1Algo)
Definition yubihsm.c:1346
yh_util_sign_pkcs1v1_5
yh_rc yh_util_sign_pkcs1v1_5(yh_session *session, uint16_t key_id, bool hashed, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
Definition yubihsm.c:1287
yh_util_get_public_key
yh_rc yh_util_get_public_key(yh_session *session, uint16_t id, uint8_t *data, size_t *data_len, yh_algorithm *algorithm)
Definition yubihsm.c:1216
yh_util_decrypt_oaep
yh_rc yh_util_decrypt_oaep(yh_session *session, uint16_t key_id, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len, const uint8_t *label, size_t label_len, yh_algorithm mgf1Algo)
Definition yubihsm.c:2107
yh_disconnect
yh_rc yh_disconnect(yh_connector *connector)
Definition yubihsm.c:4097
yh_util_verify_hmac
yh_rc yh_util_verify_hmac(yh_session *session, uint16_t key_id, const uint8_t *signature, size_t signature_len, const uint8_t *data, size_t data_len, bool *verified)
Definition yubihsm.c:1939
yh_check_capability
bool yh_check_capability(const yh_capabilities *capabilities, const char *capability)
Definition yubihsm.c:4198
YH_ORIGIN_GENERATED
#define YH_ORIGIN_GENERATED
The object was generated on the device.
Definition yubihsm.h:692
type
yh_object_type type
Definition yubihsm.h:672
yh_object_type
yh_object_type
Definition yubihsm.h:359
YH_OTP_AEAD_KEY
@ YH_OTP_AEAD_KEY
OTP AEAD Key is a secret key used to decrypt Yubico OTP values.
Definition yubihsm.h:376
YH_WRAP_KEY
@ YH_WRAP_KEY
Definition yubihsm.h:369
YH_OPAQUE
@ YH_OPAQUE
Definition yubihsm.h:362
YH_HMAC_KEY
@ YH_HMAC_KEY
HMAC Key is a secret key used when computing and verifying HMAC signatures.
Definition yubihsm.h:371
YH_TEMPLATE
@ YH_TEMPLATE
Definition yubihsm.h:374
YH_ASYMMETRIC_KEY
@ YH_ASYMMETRIC_KEY
Asymmetric Key is the private key of an asymmetric key-pair.
Definition yubihsm.h:366
YH_AUTHENTICATION_KEY
@ YH_AUTHENTICATION_KEY
Authentication Key is used to establish Sessions with a device.
Definition yubihsm.h:364
YH_MAX_ITEMS_COUNT
#define YH_MAX_ITEMS_COUNT
Max items the device may hold.
Definition yubihsm.h:103
YH_OBJ_LABEL_LEN
#define YH_OBJ_LABEL_LEN
Max length of object labels.
Definition yubihsm.h:123
yh_algorithm
yh_algorithm
Definition yubihsm.h:390
YH_ALGO_EC_P521
@ YH_ALGO_EC_P521
ecp521
Definition yubihsm.h:418
YH_ALGO_RSA_PSS_SHA384
@ YH_ALGO_RSA_PSS_SHA384
rsa-pss-sha384
Definition yubihsm.h:404
YH_ALGO_EC_ECDH
@ YH_ALGO_EC_ECDH
ecdh
Definition yubihsm.h:438
YH_ALGO_RSA_PKCS1_SHA256
@ YH_ALGO_RSA_PKCS1_SHA256
rsa-pkcs1-sha256
Definition yubihsm.h:394
YH_ALGO_RSA_PKCS1_SHA1
@ YH_ALGO_RSA_PKCS1_SHA1
rsa-pkcs1-sha1
Definition yubihsm.h:392
YH_ALGO_RSA_PSS_SHA512
@ YH_ALGO_RSA_PSS_SHA512
rsa-pss-sha512
Definition yubihsm.h:406
YH_ALGO_EC_BP384
@ YH_ALGO_EC_BP384
ecbp384
Definition yubihsm.h:424
YH_ALGO_RSA_PSS_SHA1
@ YH_ALGO_RSA_PSS_SHA1
rsa-pss-sha1
Definition yubihsm.h:400
YH_ALGO_EC_ECDSA_SHA256
@ YH_ALGO_EC_ECDSA_SHA256
ecdsa-sha256
Definition yubihsm.h:476
YH_ALGO_EC_P384
@ YH_ALGO_EC_P384
ecp384
Definition yubihsm.h:416
YH_ALGO_EC_ECDSA_SHA512
@ YH_ALGO_EC_ECDSA_SHA512
ecdsa-sha512
Definition yubihsm.h:480
YH_ALGO_RSA_OAEP_SHA256
@ YH_ALGO_RSA_OAEP_SHA256
rsa-oaep-sha256
Definition yubihsm.h:442
YH_ALGO_OPAQUE_X509_CERTIFICATE
@ YH_ALGO_OPAQUE_X509_CERTIFICATE
opaque-x509-certificate
Definition yubihsm.h:452
YH_ALGO_EC_ECDSA_SHA384
@ YH_ALGO_EC_ECDSA_SHA384
ecdsa-sha384
Definition yubihsm.h:478
YH_ALGO_HMAC_SHA512
@ YH_ALGO_HMAC_SHA512
hmac-sha512
Definition yubihsm.h:434
YH_ALGO_HMAC_SHA384
@ YH_ALGO_HMAC_SHA384
hmac-sha384
Definition yubihsm.h:432
YH_ALGO_RSA_PKCS1_SHA512
@ YH_ALGO_RSA_PKCS1_SHA512
rsa-pkcs1-sha512
Definition yubihsm.h:398
YH_ALGO_AES256_CCM_WRAP
@ YH_ALGO_AES256_CCM_WRAP
aes256-ccm-wrap
Definition yubihsm.h:474
YH_ALGO_HMAC_SHA1
@ YH_ALGO_HMAC_SHA1
hmac-sha1
Definition yubihsm.h:428
YH_ALGO_RSA_OAEP_SHA512
@ YH_ALGO_RSA_OAEP_SHA512
rsa-oaep-sha512
Definition yubihsm.h:446
YH_ALGO_RSA_2048
@ YH_ALGO_RSA_2048
rsa2048
Definition yubihsm.h:408
YH_ALGO_HMAC_SHA256
@ YH_ALGO_HMAC_SHA256
hmac-sha256
Definition yubihsm.h:430
YH_ALGO_RSA_OAEP_SHA384
@ YH_ALGO_RSA_OAEP_SHA384
rsa-oaep-sha384
Definition yubihsm.h:444
YH_ALGO_AES192_CCM_WRAP
@ YH_ALGO_AES192_CCM_WRAP
aes192-ccm-wrap
Definition yubihsm.h:472
YH_ALGO_EC_BP512
@ YH_ALGO_EC_BP512
ecbp512
Definition yubihsm.h:426
YH_ALGO_EC_BP256
@ YH_ALGO_EC_BP256
ecbp256
Definition yubihsm.h:422
YH_ALGO_RSA_PSS_SHA256
@ YH_ALGO_RSA_PSS_SHA256
rsa-pss-sha256
Definition yubihsm.h:402
YH_ALGO_EC_K256
@ YH_ALGO_EC_K256
eck256
Definition yubihsm.h:420
YH_ALGO_AES128_CCM_WRAP
@ YH_ALGO_AES128_CCM_WRAP
aes128-ccm-wrap
Definition yubihsm.h:448
YH_ALGO_EC_P256
@ YH_ALGO_EC_P256
ecp256
Definition yubihsm.h:414
YH_ALGO_RSA_4096
@ YH_ALGO_RSA_4096
rsa4096
Definition yubihsm.h:412
YH_ALGO_EC_ECDSA_SHA1
@ YH_ALGO_EC_ECDSA_SHA1
ecdsa-sha1
Definition yubihsm.h:436
YH_ALGO_RSA_OAEP_SHA1
@ YH_ALGO_RSA_OAEP_SHA1
rsa-oaep-sha1
Definition yubihsm.h:440
YH_ALGO_EC_P224
@ YH_ALGO_EC_P224
ecp224
Definition yubihsm.h:484
YH_ALGO_RSA_PKCS1_SHA384
@ YH_ALGO_RSA_PKCS1_SHA384
rsa-pkcs1-sha384
Definition yubihsm.h:396
YH_ALGO_RSA_3072
@ YH_ALGO_RSA_3072
rsa3072
Definition yubihsm.h:410
algorithm
yh_algorithm algorithm
Definition yubihsm.h:619
yh_rc
yh_rc
Definition yubihsm.h:170
YHR_SUCCESS
@ YHR_SUCCESS
Returned value when function was successful.
Definition yubihsm.h:172
slot
yubihsm_pkcs11_slot * slot
Definition yubihsm_pkcs11.c:518
pInfo
CK_SLOT_ID CK_SLOT_INFO_PTR pInfo
Definition yubihsm_pkcs11.c:504
ulPrivateKeyAttributeCount
CK_SESSION_HANDLE CK_MECHANISM_PTR CK_ATTRIBUTE_PTR CK_ULONG CK_ATTRIBUTE_PTR CK_ULONG ulPrivateKeyAttributeCount
Definition yubihsm_pkcs11.c:4538
hSession
CK_SESSION_HANDLE hSession
Definition yubihsm_pkcs11.c:780
ret
CK_RV ret
Definition yubihsm_pkcs11.c:973
ulCount
CK_SESSION_HANDLE CK_ATTRIBUTE_PTR CK_ULONG ulCount
Definition yubihsm_pkcs11.c:1204
phSession
CK_SLOT_ID CK_FLAGS CK_VOID_PTR CK_NOTIFY CK_SESSION_HANDLE_PTR phSession
Definition yubihsm_pkcs11.c:810
s
char * s
Definition yubihsm_pkcs11.c:524
j
uint16_t j
Definition yubihsm_pkcs11.c:465
template
yubihsm_pkcs11_object_template template
Definition yubihsm_pkcs11.c:1242
len
size_t len
Definition yubihsm_pkcs11.c:4771
pMechanismList
CK_SLOT_ID CK_MECHANISM_TYPE_PTR pMechanismList
Definition yubihsm_pkcs11.c:686
buf
uint8_t buf[2048]
Definition yubihsm_pkcs11.c:4770
object
yh_object_descriptor object
Definition yubihsm_pkcs11.c:1544
key_len
session operation op sign key_len
Definition yubihsm_pkcs11.c:3475
rc
yh_rc rc
Definition yubihsm_pkcs11.c:1308
yrc
yh_rc yrc
Definition yubihsm_pkcs11.c:606
rv
CK_RV rv
Definition yubihsm_pkcs11.c:569
pPrivateKeyTemplate
CK_SESSION_HANDLE CK_MECHANISM_PTR CK_ATTRIBUTE_PTR CK_ULONG CK_ATTRIBUTE_PTR pPrivateKeyTemplate
Definition yubihsm_pkcs11.c:4538
pTemplate
CK_SESSION_HANDLE CK_ATTRIBUTE_PTR pTemplate
Definition yubihsm_pkcs11.c:1204
ulPublicKeyAttributeCount
CK_SESSION_HANDLE CK_MECHANISM_PTR CK_ATTRIBUTE_PTR CK_ULONG ulPublicKeyAttributeCount
Definition yubihsm_pkcs11.c:4537
digest_len
session operation op digest digest_len
Definition yubihsm_pkcs11.c:3126
pMechanism
CK_SESSION_HANDLE CK_MECHANISM_PTR pMechanism
Definition yubihsm_pkcs11.c:2319
memset
memset(pInfo->slotDescription, ' ', 64)
pPublicKeyTemplate
CK_SESSION_HANDLE CK_MECHANISM_PTR CK_ATTRIBUTE_PTR pPublicKeyTemplate
Definition yubihsm_pkcs11.c:4537
flags
pInfo flags
Definition yubihsm_pkcs11.c:540
memcpy
memcpy((char *) pInfo->slotDescription, s, l)
in_len
size_t in_len
Definition yubihsm_pkcs11.c:4978
SESSION_AUTHENTICATED_RW
@ SESSION_AUTHENTICATED_RW
Definition yubihsm_pkcs11.h:34
SESSION_AUTHENTICATED_RO
@ SESSION_AUTHENTICATED_RO
Definition yubihsm_pkcs11.h:33
SESSION_RESERVED_RO
@ SESSION_RESERVED_RO
Definition yubihsm_pkcs11.h:31
SESSION_RESERVED_RW
@ SESSION_RESERVED_RW
Definition yubihsm_pkcs11.h:32
SESSION_NOT_AUTHENTICATED
#define SESSION_NOT_AUTHENTICATED
Definition yubihsm_pkcs11.h:39
SESSION_AUTHENTICATED
#define SESSION_AUTHENTICATED
Definition yubihsm_pkcs11.h:37
yubihsm_pkcs11_attribute
yubihsm_pkcs11_attribute
Definition yubihsm_pkcs11.h:171
ATTRIBUTE_NOT_SET
@ ATTRIBUTE_NOT_SET
Definition yubihsm_pkcs11.h:172
ATTRIBUTE_TRUE
@ ATTRIBUTE_TRUE
Definition yubihsm_pkcs11.h:174
ATTRIBUTE_FALSE
@ ATTRIBUTE_FALSE
Definition yubihsm_pkcs11.h:173
ECDH_KEY_TYPE
#define ECDH_KEY_TYPE
Definition yubihsm_pkcs11.h:28