summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/softoken/pkcs11.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/softoken/pkcs11.c')
-rw-r--r--security/nss/lib/softoken/pkcs11.c5581
1 files changed, 5581 insertions, 0 deletions
diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c
new file mode 100644
index 0000000000..9c0d93e317
--- /dev/null
+++ b/security/nss/lib/softoken/pkcs11.c
@@ -0,0 +1,5581 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+/*
+ * This file implements PKCS 11 on top of our existing security modules
+ *
+ * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
+ * This implementation has two slots:
+ * slot 1 is our generic crypto support. It does not require login.
+ * It supports Public Key ops, and all they bulk ciphers and hashes.
+ * It can also support Private Key ops for imported Private keys. It does
+ * not have any token storage.
+ * slot 2 is our private key support. It requires a login before use. It
+ * can store Private Keys and Certs as token objects. Currently only private
+ * keys and their associated Certificates are saved on the token.
+ *
+ * In this implementation, session objects are only visible to the session
+ * that created or generated them.
+ */
+#include "seccomon.h"
+#include "secitem.h"
+#include "pkcs11.h"
+#include "pkcs11i.h"
+#include "softoken.h"
+#include "lowkeyi.h"
+#include "blapi.h"
+#include "secder.h"
+#include "secport.h"
+#include "secrng.h"
+#include "prtypes.h"
+#include "nspr.h"
+#include "softkver.h"
+#include "secoid.h"
+#include "sftkdb.h"
+#include "utilpars.h"
+#include "ec.h"
+#include "secasn1.h"
+#include "secerr.h"
+#include "lgglue.h"
+#include "kem.h"
+
+PRBool parentForkedAfterC_Initialize;
+
+#ifndef NO_FORK_CHECK
+
+PRBool sftkForkCheckDisabled;
+
+#if defined(CHECK_FORK_PTHREAD) || defined(CHECK_FORK_MIXED)
+PRBool forked = PR_FALSE;
+#endif
+
+#if defined(CHECK_FORK_GETPID) || defined(CHECK_FORK_MIXED)
+#include <unistd.h>
+pid_t myPid;
+#endif
+
+#ifdef CHECK_FORK_MIXED
+#include <sys/systeminfo.h>
+PRBool usePthread_atfork;
+#endif
+
+#endif
+
+#ifdef XP_UNIX
+#define LIB_PARAM_DEFAULT_FILE_LOCATION "/etc/nss/params.config"
+#endif
+
+#define LIB_PARAM_DEFAULT " configdir='' certPrefix='' keyPrefix='' secmod='' flags=noCertDB,noModDB "
+/*
+ * ******************** Static data *******************************
+ */
+
+/* The next three strings must be exactly 32 characters long */
+static char *manufacturerID = "Mozilla Foundation ";
+static char manufacturerID_space[33];
+static char *libraryDescription = "NSS Internal Crypto Services ";
+static char libraryDescription_space[33];
+
+/*
+ * In FIPS mode, we disallow login attempts for 1 second after a login
+ * failure so that there are at most 60 login attempts per minute.
+ */
+static PRIntervalTime loginWaitTime;
+
+#define __PASTE(x, y) x##y
+
+/*
+ * we renamed all our internal functions, get the correct
+ * definitions for them...
+ */
+#undef CK_PKCS11_FUNCTION_INFO
+#undef CK_NEED_ARG_LIST
+
+#define CK_PKCS11_3_0 1
+#define CK_EXTERN extern
+#define CK_PKCS11_FUNCTION_INFO(func) \
+ CK_RV __PASTE(NS, func)
+#define CK_NEED_ARG_LIST 1
+
+#include "pkcs11f.h"
+
+#ifndef NSS_FIPS_DISABLE
+/* ------------- forward declare all the FIPS functions ------------- */
+#undef CK_NEED_ARG_LIST
+#undef CK_PKCS11_FUNCTION_INFO
+
+#define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F, name)
+#define CK_NEED_ARG_LIST 1
+
+#include "pkcs11f.h"
+#endif
+
+/* build the crypto module table */
+static CK_FUNCTION_LIST_3_0 sftk_funcList = {
+ { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR },
+
+#undef CK_PKCS11_FUNCTION_INFO
+#undef CK_NEED_ARG_LIST
+
+#define CK_PKCS11_FUNCTION_INFO(func) \
+ __PASTE(NS, func) \
+ ,
+#include "pkcs11f.h"
+
+};
+
+/* need a special version of get info for version 2 which returns the version
+ * 2.4 version number */
+CK_RV NSC_GetInfoV2(CK_INFO_PTR pInfo);
+CK_RV NSC_GetMechanismInfoV2(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo);
+
+/* build the crypto module table */
+static CK_FUNCTION_LIST sftk_funcList_v2 = {
+ { 2, 40 },
+
+#undef CK_PKCS11_3_0
+#define CK_PKCS_11_2_0_ONLY 1
+#undef CK_PKCS11_FUNCTION_INFO
+#undef CK_NEED_ARG_LIST
+#define C_GetInfo C_GetInfoV2
+#define C_GetMechanismInfo C_GetMechanismInfoV2
+
+#define CK_PKCS11_FUNCTION_INFO(func) \
+ __PASTE(NS, func) \
+ ,
+#include "pkcs11f.h"
+
+};
+
+#undef C_GetInfo
+#undef C_GetMechanismInfo
+#undef CK_PKCS_11_2_0_ONLY
+#undef CK_PKCS11_FUNCTION_INFO
+#undef CK_NEED_ARG_LIST
+
+#undef __PASTE
+
+CK_NSS_MODULE_FUNCTIONS sftk_module_funcList = {
+ { 1, 0 },
+ NSC_ModuleDBFunc
+};
+
+static CK_RV
+nsc_NSSGetFIPSStatus(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ULONG ulOperationType,
+ CK_ULONG *pulFIPSStatus);
+CK_NSS_FIPS_FUNCTIONS sftk_fips_funcList = {
+ { 1, 0 },
+ nsc_NSSGetFIPSStatus
+};
+
+CK_NSS_KEM_FUNCTIONS sftk_kem_funcList = {
+ { 1, 0 },
+ NSC_Encapsulate,
+ NSC_Decapsulate
+};
+
+/*
+ * Array is orderd by default first
+ */
+static CK_INTERFACE nss_interfaces[] = {
+ { (CK_UTF8CHAR_PTR) "PKCS 11", &sftk_funcList, NSS_INTERFACE_FLAGS },
+ { (CK_UTF8CHAR_PTR) "PKCS 11", &sftk_funcList_v2, NSS_INTERFACE_FLAGS },
+ { (CK_UTF8CHAR_PTR) "Vendor NSS Module Interface", &sftk_module_funcList, NSS_INTERFACE_FLAGS },
+ { (CK_UTF8CHAR_PTR) "Vendor NSS FIPS Interface", &sftk_fips_funcList, NSS_INTERFACE_FLAGS },
+ { (CK_UTF8CHAR_PTR) "Vendor NSS KEM Interface", &sftk_kem_funcList, NSS_INTERFACE_FLAGS }
+};
+/* must match the count of interfaces in nss_interfaces above */
+#define NSS_INTERFACE_COUNT 5
+
+/* List of DES Weak Keys */
+typedef unsigned char desKey[8];
+static const desKey sftk_desWeakTable[] = {
+#ifdef noParity
+ /* weak */
+ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+ { 0x1e, 0x1e, 0x1e, 0x1e, 0x0e, 0x0e, 0x0e, 0x0e },
+ { 0xe0, 0xe0, 0xe0, 0xe0, 0xf0, 0xf0, 0xf0, 0xf0 },
+ { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
+ /* semi-weak */
+ { 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe, 0x00, 0xfe },
+ { 0xfe, 0x00, 0xfe, 0x00, 0x00, 0xfe, 0x00, 0xfe },
+
+ { 0x1e, 0xe0, 0x1e, 0xe0, 0x0e, 0xf0, 0x0e, 0xf0 },
+ { 0xe0, 0x1e, 0xe0, 0x1e, 0xf0, 0x0e, 0xf0, 0x0e },
+
+ { 0x00, 0xe0, 0x00, 0xe0, 0x00, 0x0f, 0x00, 0x0f },
+ { 0xe0, 0x00, 0xe0, 0x00, 0xf0, 0x00, 0xf0, 0x00 },
+
+ { 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
+ { 0xfe, 0x1e, 0xfe, 0x1e, 0xfe, 0x0e, 0xfe, 0x0e },
+
+ { 0x00, 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e },
+ { 0x1e, 0x00, 0x1e, 0x00, 0x0e, 0x00, 0x0e, 0x00 },
+
+ { 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0, 0xfe },
+ { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf0, 0xfe, 0xf0 },
+#else
+ /* weak */
+ { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
+ { 0x1f, 0x1f, 0x1f, 0x1f, 0x0e, 0x0e, 0x0e, 0x0e },
+ { 0xe0, 0xe0, 0xe0, 0xe0, 0xf1, 0xf1, 0xf1, 0xf1 },
+ { 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe, 0xfe },
+
+ /* semi-weak */
+ { 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe },
+ { 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01, 0xfe, 0x01 },
+
+ { 0x1f, 0xe0, 0x1f, 0xe0, 0x0e, 0xf1, 0x0e, 0xf1 },
+ { 0xe0, 0x1f, 0xe0, 0x1f, 0xf1, 0x0e, 0xf1, 0x0e },
+
+ { 0x01, 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1 },
+ { 0xe0, 0x01, 0xe0, 0x01, 0xf1, 0x01, 0xf1, 0x01 },
+
+ { 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e, 0xfe },
+ { 0xfe, 0x1f, 0xfe, 0x1f, 0xfe, 0x0e, 0xfe, 0x0e },
+
+ { 0x01, 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e },
+ { 0x1f, 0x01, 0x1f, 0x01, 0x0e, 0x01, 0x0e, 0x01 },
+
+ { 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1, 0xfe },
+ { 0xfe, 0xe0, 0xfe, 0xe0, 0xfe, 0xf1, 0xfe, 0xf1 }
+#endif
+};
+
+static const int sftk_desWeakTableSize = sizeof(sftk_desWeakTable) /
+ sizeof(sftk_desWeakTable[0]);
+
+/* DES KEY Parity conversion table. Takes each byte/2 as an index, returns
+ * that byte with the proper parity bit set */
+static const unsigned char parityTable[256] = {
+ /* Even...0x00,0x02,0x04,0x06,0x08,0x0a,0x0c,0x0e */
+ /* E */ 0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e,
+ /* Odd....0x10,0x12,0x14,0x16,0x18,0x1a,0x1c,0x1e */
+ /* O */ 0x10, 0x13, 0x15, 0x16, 0x19, 0x1a, 0x1c, 0x1f,
+ /* Odd....0x20,0x22,0x24,0x26,0x28,0x2a,0x2c,0x2e */
+ /* O */ 0x20, 0x23, 0x25, 0x26, 0x29, 0x2a, 0x2c, 0x2f,
+ /* Even...0x30,0x32,0x34,0x36,0x38,0x3a,0x3c,0x3e */
+ /* E */ 0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e,
+ /* Odd....0x40,0x42,0x44,0x46,0x48,0x4a,0x4c,0x4e */
+ /* O */ 0x40, 0x43, 0x45, 0x46, 0x49, 0x4a, 0x4c, 0x4f,
+ /* Even...0x50,0x52,0x54,0x56,0x58,0x5a,0x5c,0x5e */
+ /* E */ 0x51, 0x52, 0x54, 0x57, 0x58, 0x5b, 0x5d, 0x5e,
+ /* Even...0x60,0x62,0x64,0x66,0x68,0x6a,0x6c,0x6e */
+ /* E */ 0x61, 0x62, 0x64, 0x67, 0x68, 0x6b, 0x6d, 0x6e,
+ /* Odd....0x70,0x72,0x74,0x76,0x78,0x7a,0x7c,0x7e */
+ /* O */ 0x70, 0x73, 0x75, 0x76, 0x79, 0x7a, 0x7c, 0x7f,
+ /* Odd....0x80,0x82,0x84,0x86,0x88,0x8a,0x8c,0x8e */
+ /* O */ 0x80, 0x83, 0x85, 0x86, 0x89, 0x8a, 0x8c, 0x8f,
+ /* Even...0x90,0x92,0x94,0x96,0x98,0x9a,0x9c,0x9e */
+ /* E */ 0x91, 0x92, 0x94, 0x97, 0x98, 0x9b, 0x9d, 0x9e,
+ /* Even...0xa0,0xa2,0xa4,0xa6,0xa8,0xaa,0xac,0xae */
+ /* E */ 0xa1, 0xa2, 0xa4, 0xa7, 0xa8, 0xab, 0xad, 0xae,
+ /* Odd....0xb0,0xb2,0xb4,0xb6,0xb8,0xba,0xbc,0xbe */
+ /* O */ 0xb0, 0xb3, 0xb5, 0xb6, 0xb9, 0xba, 0xbc, 0xbf,
+ /* Even...0xc0,0xc2,0xc4,0xc6,0xc8,0xca,0xcc,0xce */
+ /* E */ 0xc1, 0xc2, 0xc4, 0xc7, 0xc8, 0xcb, 0xcd, 0xce,
+ /* Odd....0xd0,0xd2,0xd4,0xd6,0xd8,0xda,0xdc,0xde */
+ /* O */ 0xd0, 0xd3, 0xd5, 0xd6, 0xd9, 0xda, 0xdc, 0xdf,
+ /* Odd....0xe0,0xe2,0xe4,0xe6,0xe8,0xea,0xec,0xee */
+ /* O */ 0xe0, 0xe3, 0xe5, 0xe6, 0xe9, 0xea, 0xec, 0xef,
+ /* Even...0xf0,0xf2,0xf4,0xf6,0xf8,0xfa,0xfc,0xfe */
+ /* E */ 0xf1, 0xf2, 0xf4, 0xf7, 0xf8, 0xfb, 0xfd, 0xfe
+};
+
+/* Mechanisms */
+struct mechanismList {
+ CK_MECHANISM_TYPE type;
+ CK_MECHANISM_INFO info;
+ PRBool privkey;
+};
+
+/*
+ * the following table includes a complete list of mechanism defined by
+ * PKCS #11 version 2.01. Those Mechanisms not supported by this PKCS #11
+ * module are ifdef'ed out.
+ */
+#define CKF_EN_DE CKF_ENCRYPT | CKF_DECRYPT
+#define CKF_WR_UN CKF_WRAP | CKF_UNWRAP
+#define CKF_SN_VR CKF_SIGN | CKF_VERIFY
+#define CKF_SN_RE CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER
+#define CKF_EN_DE_MSG CKF_ENCRYPT | CKF_DECRYPT | CKF_MESSAGE_ENCRYPT | CKF_MESSAGE_DECRYPT
+
+#define CKF_EN_DE_WR_UN CKF_EN_DE | CKF_WR_UN
+#define CKF_SN_VR_RE CKF_SN_VR | CKF_SN_RE
+#define CKF_DUZ_IT_ALL CKF_EN_DE_WR_UN | CKF_SN_VR_RE
+
+#define CKF_EC_PNU CKF_EC_F_P | CKF_EC_NAMEDCURVE | CKF_EC_UNCOMPRESS
+
+#define CKF_EC_BPNU CKF_EC_F_2M | CKF_EC_PNU
+
+#define CK_MAX 0xffffffff
+
+static const struct mechanismList mechanisms[] = {
+
+ /*
+ * PKCS #11 Mechanism List.
+ *
+ * The first argument is the PKCS #11 Mechanism we support.
+ * The second argument is Mechanism info structure. It includes:
+ * The minimum key size,
+ * in bits for RSA, DSA, DH, EC*, KEA, RC2 and RC4 * algs.
+ * in bytes for RC5, AES, Camellia, and CAST*
+ * ignored for DES*, IDEA and FORTEZZA based
+ * The maximum key size,
+ * in bits for RSA, DSA, DH, EC*, KEA, RC2 and RC4 * algs.
+ * in bytes for RC5, AES, Camellia, and CAST*
+ * ignored for DES*, IDEA and FORTEZZA based
+ * Flags
+ * What operations are supported by this mechanism.
+ * The third argument is a bool which tells if this mechanism is
+ * supported in the database token.
+ *
+ */
+
+ /* ------------------------- RSA Operations ---------------------------*/
+ { CKM_RSA_PKCS_KEY_PAIR_GEN, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_GENERATE_KEY_PAIR }, PR_TRUE },
+ { CKM_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_DUZ_IT_ALL }, PR_TRUE },
+ { CKM_RSA_PKCS_PSS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_RSA_PKCS_OAEP, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_EN_DE_WR_UN }, PR_TRUE },
+#ifdef SFTK_RSA9796_SUPPORTED
+ { CKM_RSA_9796, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_DUZ_IT_ALL }, PR_TRUE },
+#endif
+ { CKM_RSA_X_509, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_DUZ_IT_ALL }, PR_TRUE },
+ /* -------------- RSA Multipart Signing Operations -------------------- */
+ { CKM_MD2_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_MD5_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA1_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA224_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA256_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA384_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA512_RSA_PKCS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA1_RSA_PKCS_PSS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA224_RSA_PKCS_PSS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA256_RSA_PKCS_PSS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA384_RSA_PKCS_PSS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA512_RSA_PKCS_PSS, { RSA_MIN_MODULUS_BITS, CK_MAX, CKF_SN_VR }, PR_TRUE },
+ /* ------------------------- DSA Operations --------------------------- */
+ { CKM_DSA_KEY_PAIR_GEN, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_GENERATE_KEY_PAIR }, PR_TRUE },
+ { CKM_DSA, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_SN_VR }, PR_TRUE },
+ { CKM_DSA_PARAMETER_GEN, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_GENERATE }, PR_TRUE },
+ { CKM_DSA_SHA1, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_SN_VR }, PR_TRUE },
+ { CKM_DSA_SHA224, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_SN_VR }, PR_TRUE },
+ { CKM_DSA_SHA256, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_SN_VR }, PR_TRUE },
+ { CKM_DSA_SHA384, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_SN_VR }, PR_TRUE },
+ { CKM_DSA_SHA512, { DSA_MIN_P_BITS, DSA_MAX_P_BITS, CKF_SN_VR }, PR_TRUE },
+ /* -------------------- Diffie Hellman Operations --------------------- */
+ /* no diffie hellman yet */
+ { CKM_DH_PKCS_KEY_PAIR_GEN, { DH_MIN_P_BITS, DH_MAX_P_BITS, CKF_GENERATE_KEY_PAIR }, PR_TRUE },
+ { CKM_DH_PKCS_DERIVE, { DH_MIN_P_BITS, DH_MAX_P_BITS, CKF_DERIVE }, PR_TRUE },
+ /* -------------------- Elliptic Curve Operations --------------------- */
+ { CKM_EC_KEY_PAIR_GEN, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_GENERATE_KEY_PAIR | CKF_EC_BPNU }, PR_TRUE },
+ { CKM_ECDH1_DERIVE, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_DERIVE | CKF_EC_BPNU }, PR_TRUE },
+ { CKM_ECDSA, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_SN_VR | CKF_EC_BPNU }, PR_TRUE },
+ { CKM_ECDSA_SHA1, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_SN_VR | CKF_EC_BPNU }, PR_TRUE },
+ { CKM_ECDSA_SHA224, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_SN_VR | CKF_EC_BPNU }, PR_TRUE },
+ { CKM_ECDSA_SHA256, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_SN_VR | CKF_EC_BPNU }, PR_TRUE },
+ { CKM_ECDSA_SHA384, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_SN_VR | CKF_EC_BPNU }, PR_TRUE },
+ { CKM_ECDSA_SHA512, { EC_MIN_KEY_BITS, EC_MAX_KEY_BITS, CKF_SN_VR | CKF_EC_BPNU }, PR_TRUE },
+ /* ------------------------- RC2 Operations --------------------------- */
+ { CKM_RC2_KEY_GEN, { 1, 128, CKF_GENERATE }, PR_TRUE },
+ { CKM_RC2_ECB, { 1, 128, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_RC2_CBC, { 1, 128, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_RC2_MAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_RC2_MAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_RC2_CBC_PAD, { 1, 128, CKF_EN_DE_WR_UN }, PR_TRUE },
+ /* ------------------------- RC4 Operations --------------------------- */
+ { CKM_RC4_KEY_GEN, { 1, 256, CKF_GENERATE }, PR_FALSE },
+ { CKM_RC4, { 1, 256, CKF_EN_DE_WR_UN }, PR_FALSE },
+ /* ------------------------- DES Operations --------------------------- */
+ { CKM_DES_KEY_GEN, { 8, 8, CKF_GENERATE }, PR_TRUE },
+ { CKM_DES_ECB, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_DES_CBC, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_DES_MAC, { 8, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_DES_MAC_GENERAL, { 8, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_DES_CBC_PAD, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_DES2_KEY_GEN, { 24, 24, CKF_GENERATE }, PR_TRUE },
+ { CKM_DES3_KEY_GEN, { 24, 24, CKF_GENERATE }, PR_TRUE },
+ { CKM_DES3_ECB, { 24, 24, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_DES3_CBC, { 24, 24, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_DES3_MAC, { 24, 24, CKF_SN_VR }, PR_TRUE },
+ { CKM_DES3_MAC_GENERAL, { 24, 24, CKF_SN_VR }, PR_TRUE },
+ { CKM_DES3_CBC_PAD, { 24, 24, CKF_EN_DE_WR_UN }, PR_TRUE },
+ /* ------------------------- CDMF Operations --------------------------- */
+ { CKM_CDMF_KEY_GEN, { 8, 8, CKF_GENERATE }, PR_TRUE },
+ { CKM_CDMF_ECB, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CDMF_CBC, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CDMF_MAC, { 8, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_CDMF_MAC_GENERAL, { 8, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_CDMF_CBC_PAD, { 8, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ /* ------------------------- AES Operations --------------------------- */
+ { CKM_AES_KEY_GEN, { 16, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_AES_ECB, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_AES_CBC, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_AES_MAC, { 16, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_AES_MAC_GENERAL, { 16, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_AES_CMAC, { 16, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_AES_CMAC_GENERAL, { 16, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_AES_CBC_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_AES_CTS, { 16, 32, CKF_EN_DE }, PR_TRUE },
+ { CKM_AES_CTR, { 16, 32, CKF_EN_DE }, PR_TRUE },
+ { CKM_AES_GCM, { 16, 32, CKF_EN_DE_MSG }, PR_TRUE },
+ { CKM_AES_XCBC_MAC_96, { 12, 12, CKF_SN_VR }, PR_TRUE },
+ { CKM_AES_XCBC_MAC, { 16, 16, CKF_SN_VR }, PR_TRUE },
+ /* ------------------------- Camellia Operations --------------------- */
+ { CKM_CAMELLIA_KEY_GEN, { 16, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_CAMELLIA_ECB, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAMELLIA_CBC, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAMELLIA_MAC, { 16, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAMELLIA_MAC_GENERAL, { 16, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAMELLIA_CBC_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+/* ------------------------- SEED Operations --------------------------- */
+#ifndef NSS_DISABLE_DEPRECATED_SEED
+ { CKM_SEED_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_SEED_ECB, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_SEED_CBC, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_SEED_MAC, { 16, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_SEED_MAC_GENERAL, { 16, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_SEED_CBC_PAD, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+#endif
+/* ------------------------- ChaCha20 Operations ---------------------- */
+#ifndef NSS_DISABLE_CHACHAPOLY
+ { CKM_NSS_CHACHA20_KEY_GEN, { 32, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_CHACHA20_POLY1305, { 32, 32, CKF_EN_DE }, PR_TRUE },
+ { CKM_NSS_CHACHA20_CTR, { 32, 32, CKF_EN_DE }, PR_TRUE },
+ { CKM_CHACHA20_KEY_GEN, { 32, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_CHACHA20, { 32, 32, CKF_EN_DE }, PR_TRUE },
+ { CKM_CHACHA20_POLY1305, { 32, 32, CKF_EN_DE_MSG }, PR_TRUE },
+#endif /* NSS_DISABLE_CHACHAPOLY */
+ /* ------------------------- Hashing Operations ----------------------- */
+ { CKM_MD2, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_MD2_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_MD2_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_MD5, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_MD5_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_MD5_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA_1, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA_1_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA_1_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA224, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA224_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA224_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA256, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA256_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA256_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA384, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA384_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA384_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA512, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA512_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA512_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA3_224, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA3_224_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA3_224_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA3_256, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA3_256_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA3_256_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA3_384, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA3_384_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA3_384_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA3_512, { 0, 0, CKF_DIGEST }, PR_FALSE },
+ { CKM_SHA3_512_HMAC, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_SHA3_512_HMAC_GENERAL, { 1, 128, CKF_SN_VR }, PR_TRUE },
+ { CKM_TLS_PRF_GENERAL, { 0, 512, CKF_SN_VR }, PR_FALSE },
+ { CKM_TLS_MAC, { 0, 512, CKF_SN_VR }, PR_FALSE },
+ { CKM_NSS_TLS_PRF_GENERAL_SHA256,
+ { 0, 512, CKF_SN_VR },
+ PR_FALSE },
+ /* ------------------------- HKDF Operations -------------------------- */
+ { CKM_HKDF_DERIVE, { 1, 255 * 64, CKF_DERIVE }, PR_TRUE },
+ { CKM_HKDF_DATA, { 1, 255 * 64, CKF_DERIVE }, PR_TRUE },
+ { CKM_HKDF_KEY_GEN, { 20, 64, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_HKDF_SHA1, { 1, 128, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_HKDF_SHA256, { 1, 128, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_HKDF_SHA384, { 1, 128, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_HKDF_SHA512, { 1, 128, CKF_DERIVE }, PR_TRUE },
+/* ------------------------- CAST Operations --------------------------- */
+#ifdef NSS_SOFTOKEN_DOES_CAST
+ /* Cast operations are not supported ( yet? ) */
+ { CKM_CAST_KEY_GEN, { 1, 8, CKF_GENERATE }, PR_TRUE },
+ { CKM_CAST_ECB, { 1, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST_CBC, { 1, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST_MAC, { 1, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST_MAC_GENERAL, { 1, 8, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST_CBC_PAD, { 1, 8, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST3_KEY_GEN, { 1, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_CAST3_ECB, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST3_CBC, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST3_MAC, { 1, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST3_MAC_GENERAL, { 1, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST3_CBC_PAD, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST5_KEY_GEN, { 1, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_CAST5_ECB, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST5_CBC, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_CAST5_MAC, { 1, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST5_MAC_GENERAL, { 1, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_CAST5_CBC_PAD, { 1, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+#endif
+#if NSS_SOFTOKEN_DOES_RC5
+ /* ------------------------- RC5 Operations --------------------------- */
+ { CKM_RC5_KEY_GEN, { 1, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_RC5_ECB, { 1, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_RC5_CBC, { 1, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_RC5_MAC, { 1, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_RC5_MAC_GENERAL, { 1, 32, CKF_SN_VR }, PR_TRUE },
+ { CKM_RC5_CBC_PAD, { 1, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+#endif
+#ifdef NSS_SOFTOKEN_DOES_IDEA
+ /* ------------------------- IDEA Operations -------------------------- */
+ { CKM_IDEA_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_IDEA_ECB, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_IDEA_CBC, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_IDEA_MAC, { 16, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_IDEA_MAC_GENERAL, { 16, 16, CKF_SN_VR }, PR_TRUE },
+ { CKM_IDEA_CBC_PAD, { 16, 16, CKF_EN_DE_WR_UN }, PR_TRUE },
+#endif
+ /* --------------------- Secret Key Operations ------------------------ */
+ { CKM_GENERIC_SECRET_KEY_GEN, { 1, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_CONCATENATE_BASE_AND_KEY, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_CONCATENATE_BASE_AND_DATA, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_CONCATENATE_DATA_AND_BASE, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_XOR_BASE_AND_DATA, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_EXTRACT_KEY_FROM_KEY, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_DES3_ECB_ENCRYPT_DATA, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_DES3_CBC_ENCRYPT_DATA, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_AES_ECB_ENCRYPT_DATA, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_AES_CBC_ENCRYPT_DATA, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_CAMELLIA_ECB_ENCRYPT_DATA, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_CAMELLIA_CBC_ENCRYPT_DATA, { 1, 32, CKF_DERIVE }, PR_FALSE },
+#ifndef NSS_DISABLE_DEPRECATED_SEED
+ { CKM_SEED_ECB_ENCRYPT_DATA, { 1, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_SEED_CBC_ENCRYPT_DATA, { 1, 32, CKF_DERIVE }, PR_FALSE },
+#endif
+ /* ---------------------- SSL Key Derivations ------------------------- */
+ { CKM_SSL3_PRE_MASTER_KEY_GEN, { 48, 48, CKF_GENERATE }, PR_FALSE },
+ { CKM_SSL3_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_SSL3_MASTER_KEY_DERIVE_DH, { 8, 128, CKF_DERIVE }, PR_FALSE },
+ { CKM_SSL3_KEY_AND_MAC_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_SSL3_MD5_MAC, { 0, 16, CKF_DERIVE }, PR_FALSE },
+ { CKM_SSL3_SHA1_MAC, { 0, 20, CKF_DERIVE }, PR_FALSE },
+ { CKM_MD5_KEY_DERIVATION, { 0, 16, CKF_DERIVE }, PR_FALSE },
+ { CKM_MD2_KEY_DERIVATION, { 0, 16, CKF_DERIVE }, PR_FALSE },
+ { CKM_SHA1_KEY_DERIVATION, { 0, 20, CKF_DERIVE }, PR_FALSE },
+ { CKM_SHA224_KEY_DERIVATION, { 0, 28, CKF_DERIVE }, PR_FALSE },
+ { CKM_SHA256_KEY_DERIVATION, { 0, 32, CKF_DERIVE }, PR_FALSE },
+ { CKM_SHA384_KEY_DERIVATION, { 0, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_SHA512_KEY_DERIVATION, { 0, 64, CKF_DERIVE }, PR_FALSE },
+ { CKM_TLS_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_TLS12_MASTER_KEY_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_NSS_TLS_MASTER_KEY_DERIVE_SHA256,
+ { 48, 48, CKF_DERIVE },
+ PR_FALSE },
+ { CKM_TLS_MASTER_KEY_DERIVE_DH, { 8, 128, CKF_DERIVE }, PR_FALSE },
+ { CKM_TLS12_MASTER_KEY_DERIVE_DH, { 8, 128, CKF_DERIVE }, PR_FALSE },
+ { CKM_NSS_TLS_MASTER_KEY_DERIVE_DH_SHA256,
+ { 8, 128, CKF_DERIVE },
+ PR_FALSE },
+ { CKM_TLS_KEY_AND_MAC_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_TLS12_KEY_AND_MAC_DERIVE, { 48, 48, CKF_DERIVE }, PR_FALSE },
+ { CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256,
+ { 48, 48, CKF_DERIVE },
+ PR_FALSE },
+ { CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE,
+ { 48, 128, CKF_DERIVE },
+ PR_FALSE },
+ { CKM_NSS_TLS_EXTENDED_MASTER_KEY_DERIVE_DH,
+ { 48, 128, CKF_DERIVE },
+ PR_FALSE },
+ /* ---------------------- PBE Key Derivations ------------------------ */
+ { CKM_PBE_MD2_DES_CBC, { 8, 8, CKF_DERIVE }, PR_TRUE },
+ { CKM_PBE_MD5_DES_CBC, { 8, 8, CKF_DERIVE }, PR_TRUE },
+ /* ------------------ NSS PBE Key Derivations ------------------- */
+ { CKM_NSS_PBE_SHA1_DES_CBC, { 8, 8, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_PBE_SHA1_FAULTY_3DES_CBC, { 24, 24, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_DES3_EDE_CBC, { 24, 24, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_DES2_EDE_CBC, { 24, 24, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_RC2_40_CBC, { 40, 40, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_RC2_128_CBC, { 128, 128, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_RC4_40, { 40, 40, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBE_SHA1_RC4_128, { 128, 128, CKF_GENERATE }, PR_TRUE },
+ { CKM_PBA_SHA1_WITH_SHA1_HMAC, { 20, 20, CKF_GENERATE }, PR_TRUE },
+ { CKM_PKCS5_PBKD2, { 1, 256, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_PBE_SHA1_HMAC_KEY_GEN, { 20, 20, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_PBE_MD5_HMAC_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_PBE_MD2_HMAC_KEY_GEN, { 16, 16, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_PKCS12_PBE_SHA224_HMAC_KEY_GEN, { 28, 28, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_PKCS12_PBE_SHA256_HMAC_KEY_GEN, { 32, 32, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_PKCS12_PBE_SHA384_HMAC_KEY_GEN, { 48, 48, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_PKCS12_PBE_SHA512_HMAC_KEY_GEN, { 64, 64, CKF_GENERATE }, PR_TRUE },
+ /* ------------------ NIST 800-108 Key Derivations ------------------- */
+ { CKM_SP800_108_COUNTER_KDF, { 0, CK_MAX, CKF_DERIVE }, PR_TRUE },
+ { CKM_SP800_108_FEEDBACK_KDF, { 0, CK_MAX, CKF_DERIVE }, PR_TRUE },
+ { CKM_SP800_108_DOUBLE_PIPELINE_KDF, { 0, CK_MAX, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_SP800_108_COUNTER_KDF_DERIVE_DATA, { 0, CK_MAX, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_SP800_108_FEEDBACK_KDF_DERIVE_DATA, { 0, CK_MAX, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_SP800_108_DOUBLE_PIPELINE_KDF_DERIVE_DATA, { 0, CK_MAX, CKF_DERIVE }, PR_TRUE },
+ /* ------------------ AES Key Wrap (also encrypt) ------------------- */
+ { CKM_NSS_AES_KEY_WRAP, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_NSS_AES_KEY_WRAP_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_AES_KEY_WRAP, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_AES_KEY_WRAP_PAD, { 16, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ { CKM_AES_KEY_WRAP_KWP, { 1, 32, CKF_EN_DE_WR_UN }, PR_TRUE },
+ /* --------------------------- J-PAKE -------------------------------- */
+ { CKM_NSS_JPAKE_ROUND1_SHA1, { 0, 0, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND1_SHA256, { 0, 0, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND1_SHA384, { 0, 0, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND1_SHA512, { 0, 0, CKF_GENERATE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND2_SHA1, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND2_SHA256, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND2_SHA384, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_ROUND2_SHA512, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_FINAL_SHA1, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_FINAL_SHA256, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_FINAL_SHA384, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_JPAKE_FINAL_SHA512, { 0, 0, CKF_DERIVE }, PR_TRUE },
+ /* -------------------- Constant Time TLS MACs ----------------------- */
+ { CKM_NSS_HMAC_CONSTANT_TIME, { 0, 0, CKF_DIGEST }, PR_TRUE },
+ { CKM_NSS_SSL3_MAC_CONSTANT_TIME, { 0, 0, CKF_DIGEST }, PR_TRUE },
+ /* -------------------- IPSEC ----------------------- */
+ { CKM_NSS_IKE_PRF_PLUS_DERIVE, { 8, 255 * 64, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_IKE_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_IKE1_PRF_DERIVE, { 8, 64, CKF_DERIVE }, PR_TRUE },
+ { CKM_NSS_IKE1_APP_B_PRF_DERIVE, { 8, 255 * 64, CKF_DERIVE }, PR_TRUE },
+ /* -------------------- Kyber Operations ----------------------- */
+ { CKM_NSS_KYBER_KEY_PAIR_GEN, { 0, 0, CKF_GENERATE_KEY_PAIR }, PR_TRUE },
+ { CKM_NSS_KYBER, { 0, 0, 0 }, PR_TRUE },
+};
+static const CK_ULONG mechanismCount = sizeof(mechanisms) / sizeof(mechanisms[0]);
+
+/* sigh global so fipstokn can read it */
+PRBool nsc_init = PR_FALSE;
+
+#if defined(CHECK_FORK_PTHREAD) || defined(CHECK_FORK_MIXED)
+
+#include <pthread.h>
+
+static void
+ForkedChild(void)
+{
+ if (nsc_init || nsf_init) {
+ forked = PR_TRUE;
+ }
+}
+
+#endif
+
+static char *
+sftk_setStringName(const char *inString, char *buffer, int buffer_length, PRBool nullTerminate)
+{
+ int full_length, string_length;
+
+ full_length = nullTerminate ? buffer_length - 1 : buffer_length;
+ string_length = PORT_Strlen(inString);
+ /*
+ * shorten the string, respecting utf8 encoding
+ * to do so, we work backward from the end
+ * bytes looking from the end are either:
+ * - ascii [0x00,0x7f]
+ * - the [2-n]th byte of a multibyte sequence
+ * [0x3F,0xBF], i.e, most significant 2 bits are '10'
+ * - the first byte of a multibyte sequence [0xC0,0xFD],
+ * i.e, most significant 2 bits are '11'
+ *
+ * When the string is too long, we lop off any trailing '10' bytes,
+ * if any. When these are all eliminated we lop off
+ * one additional byte. Thus if we lopped any '10'
+ * we'll be lopping a '11' byte (the first byte of the multibyte sequence),
+ * otherwise we're lopping off an ascii character.
+ *
+ * To test for '10' bytes, we first AND it with
+ * 11000000 (0xc0) so that we get 10000000 (0x80) if and only if
+ * the byte starts with 10. We test for equality.
+ */
+ while (string_length > full_length) {
+ /* need to shorten */
+ while (string_length > 0 &&
+ ((inString[string_length - 1] & (char)0xc0) == (char)0x80)) {
+ /* lop off '10' byte */
+ string_length--;
+ }
+ /*
+ * test string_length in case bad data is received
+ * and string consisted of all '10' bytes,
+ * avoiding any infinite loop
+ */
+ if (string_length) {
+ /* remove either '11' byte or an asci byte */
+ string_length--;
+ }
+ }
+ PORT_Memset(buffer, ' ', full_length);
+ if (nullTerminate) {
+ buffer[full_length] = 0;
+ }
+ PORT_Memcpy(buffer, inString, string_length);
+ return buffer;
+}
+/*
+ * Configuration utils
+ */
+static CK_RV
+sftk_configure(const char *man, const char *libdes)
+{
+
+ /* make sure the internationalization was done correctly... */
+ if (man) {
+ manufacturerID = sftk_setStringName(man, manufacturerID_space,
+ sizeof(manufacturerID_space), PR_TRUE);
+ }
+ if (libdes) {
+ libraryDescription = sftk_setStringName(libdes,
+ libraryDescription_space, sizeof(libraryDescription_space),
+ PR_TRUE);
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * ******************** Password Utilities *******************************
+ */
+
+/*
+ * see if the key DB password is enabled
+ */
+static PRBool
+sftk_hasNullPassword(SFTKSlot *slot, SFTKDBHandle *keydb)
+{
+ PRBool pwenabled;
+
+ pwenabled = PR_FALSE;
+ if (sftkdb_HasPasswordSet(keydb) == SECSuccess) {
+ PRBool tokenRemoved = PR_FALSE;
+ SECStatus rv = sftkdb_CheckPasswordNull(keydb, &tokenRemoved);
+ if (tokenRemoved) {
+ sftk_CloseAllSessions(slot, PR_FALSE);
+ }
+ return (rv == SECSuccess);
+ }
+
+ return pwenabled;
+}
+
+/*
+ * ******************** Object Creation Utilities ***************************
+ */
+
+/* Make sure a given attribute exists. If it doesn't, initialize it to
+ * value and len
+ */
+CK_RV
+sftk_defaultAttribute(SFTKObject *object, CK_ATTRIBUTE_TYPE type,
+ const void *value, unsigned int len)
+{
+ if (!sftk_hasAttribute(object, type)) {
+ return sftk_AddAttributeType(object, type, value, len);
+ }
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Data Object
+ */
+static CK_RV
+sftk_handleDataObject(SFTKSession *session, SFTKObject *object)
+{
+ CK_RV crv;
+
+ /* first reject private and token data objects */
+ if (sftk_isTrue(object, CKA_PRIVATE) || sftk_isTrue(object, CKA_TOKEN)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* now just verify the required date fields */
+ crv = sftk_defaultAttribute(object, CKA_APPLICATION, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_VALUE, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Certificate Object
+ */
+static CK_RV
+sftk_handleCertObject(SFTKSession *session, SFTKObject *object)
+{
+ CK_CERTIFICATE_TYPE type;
+ SFTKAttribute *attribute;
+ CK_RV crv;
+
+ /* certificates must have a type */
+ if (!sftk_hasAttribute(object, CKA_CERTIFICATE_TYPE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* we can't store any certs private */
+ if (sftk_isTrue(object, CKA_PRIVATE)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* We only support X.509 Certs for now */
+ attribute = sftk_FindAttribute(object, CKA_CERTIFICATE_TYPE);
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+ type = *(CK_CERTIFICATE_TYPE *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+
+ if (type != CKC_X_509) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* X.509 Certificate */
+
+ /* make sure we have a cert */
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* in PKCS #11, Subject is a required field */
+ if (!sftk_hasAttribute(object, CKA_SUBJECT)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* in PKCS #11, Issuer is a required field */
+ if (!sftk_hasAttribute(object, CKA_ISSUER)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* in PKCS #11, Serial is a required field */
+ if (!sftk_hasAttribute(object, CKA_SERIAL_NUMBER)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* add it to the object */
+ object->objectInfo = NULL;
+ object->infoFree = (SFTKFree)NULL;
+
+ /* now just verify the required date fields */
+ crv = sftk_defaultAttribute(object, CKA_ID, NULL, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *certHandle = sftk_getCertDB(slot);
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(certHandle, object, &object->handle);
+ sftk_freeDB(certHandle);
+ return crv;
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Trust Object
+ */
+static CK_RV
+sftk_handleTrustObject(SFTKSession *session, SFTKObject *object)
+{
+ /* we can't store any certs private */
+ if (sftk_isTrue(object, CKA_PRIVATE)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* certificates must have a type */
+ if (!sftk_hasAttribute(object, CKA_ISSUER)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_SERIAL_NUMBER)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_CERT_SHA1_HASH)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_CERT_MD5_HASH)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *certHandle = sftk_getCertDB(slot);
+ CK_RV crv;
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(certHandle, object, &object->handle);
+ sftk_freeDB(certHandle);
+ return crv;
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Trust Object
+ */
+static CK_RV
+sftk_handleSMimeObject(SFTKSession *session, SFTKObject *object)
+{
+
+ /* we can't store any certs private */
+ if (sftk_isTrue(object, CKA_PRIVATE)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* certificates must have a type */
+ if (!sftk_hasAttribute(object, CKA_SUBJECT)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_NSS_EMAIL)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *certHandle;
+ CK_RV crv;
+
+ PORT_Assert(slot);
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ certHandle = sftk_getCertDB(slot);
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(certHandle, object, &object->handle);
+ sftk_freeDB(certHandle);
+ return crv;
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Trust Object
+ */
+static CK_RV
+sftk_handleCrlObject(SFTKSession *session, SFTKObject *object)
+{
+
+ /* we can't store any certs private */
+ if (sftk_isTrue(object, CKA_PRIVATE)) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* certificates must have a type */
+ if (!sftk_hasAttribute(object, CKA_SUBJECT)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *certHandle = sftk_getCertDB(slot);
+ CK_RV crv;
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(certHandle, object, &object->handle);
+ sftk_freeDB(certHandle);
+ return crv;
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * check the consistancy and initialize a Public Key Object
+ */
+static CK_RV
+sftk_handlePublicKeyObject(SFTKSession *session, SFTKObject *object,
+ CK_KEY_TYPE key_type)
+{
+ CK_BBOOL encrypt = CK_TRUE;
+ CK_BBOOL recover = CK_TRUE;
+ CK_BBOOL wrap = CK_TRUE;
+ CK_BBOOL derive = CK_FALSE;
+ CK_BBOOL verify = CK_TRUE;
+ CK_RV crv;
+
+ switch (key_type) {
+ case CKK_RSA:
+ crv = sftk_ConstrainAttribute(object, CKA_MODULUS,
+ RSA_MIN_MODULUS_BITS, 0, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_PUBLIC_EXPONENT, 2, 0, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ break;
+ case CKK_DSA:
+ crv = sftk_ConstrainAttribute(object, CKA_SUBPRIME,
+ DSA_MIN_Q_BITS, DSA_MAX_Q_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_PRIME,
+ DSA_MIN_P_BITS, DSA_MAX_P_BITS, 64);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_BASE, 2, DSA_MAX_P_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_VALUE, 2, DSA_MAX_P_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ encrypt = CK_FALSE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+ case CKK_DH:
+ crv = sftk_ConstrainAttribute(object, CKA_PRIME,
+ DH_MIN_P_BITS, DH_MAX_P_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_BASE, 2, DH_MAX_P_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_ConstrainAttribute(object, CKA_VALUE, 2, DH_MAX_P_BITS, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ verify = CK_FALSE;
+ derive = CK_TRUE;
+ encrypt = CK_FALSE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+ case CKK_EC:
+ if (!sftk_hasAttribute(object, CKA_EC_PARAMS)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_EC_POINT)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ derive = CK_TRUE; /* for ECDH */
+ verify = CK_TRUE; /* for ECDSA */
+ encrypt = CK_FALSE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+ case CKK_NSS_KYBER:
+ if (!sftk_hasAttribute(object, CKA_NSS_PARAMETER_SET)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ derive = CK_FALSE;
+ verify = CK_FALSE;
+ encrypt = CK_FALSE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+ default:
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+ /* make sure the required fields exist */
+ crv = sftk_defaultAttribute(object, CKA_SUBJECT, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_ENCRYPT, &encrypt, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_VERIFY, &verify, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_VERIFY_RECOVER,
+ &recover, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_WRAP, &wrap, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_DERIVE, &derive, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ object->objectInfo = sftk_GetPubKey(object, key_type, &crv);
+ if (object->objectInfo == NULL) {
+ return crv;
+ }
+ object->infoFree = (SFTKFree)nsslowkey_DestroyPublicKey;
+
+ /* Check that an imported EC key is valid */
+ if (key_type == CKK_EC) {
+ NSSLOWKEYPublicKey *pubKey = (NSSLOWKEYPublicKey *)object->objectInfo;
+ SECStatus rv = EC_ValidatePublicKey(&pubKey->u.ec.ecParams,
+ &pubKey->u.ec.publicValue);
+
+ if (rv != SECSuccess) {
+ return CKR_TEMPLATE_INCONSISTENT;
+ }
+ }
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *certHandle = sftk_getCertDB(slot);
+
+ if (certHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(certHandle, object, &object->handle);
+ sftk_freeDB(certHandle);
+ return crv;
+ }
+
+ return CKR_OK;
+}
+
+static NSSLOWKEYPrivateKey *
+sftk_mkPrivKey(SFTKObject *object, CK_KEY_TYPE key, CK_RV *rvp);
+
+static SECStatus
+sftk_verifyRSAPrivateKey(SFTKObject *object, PRBool fillIfNeeded);
+
+/*
+ * check the consistancy and initialize a Private Key Object
+ */
+static CK_RV
+sftk_handlePrivateKeyObject(SFTKSession *session, SFTKObject *object, CK_KEY_TYPE key_type)
+{
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_BBOOL encrypt = CK_TRUE;
+ CK_BBOOL sign = CK_FALSE;
+ CK_BBOOL recover = CK_TRUE;
+ CK_BBOOL wrap = CK_TRUE;
+ CK_BBOOL derive = CK_TRUE;
+ CK_BBOOL ckfalse = CK_FALSE;
+ PRBool createObjectInfo = PR_TRUE;
+ PRBool fillPrivateKey = PR_FALSE;
+ int missing_rsa_mod_component = 0;
+ int missing_rsa_exp_component = 0;
+ int missing_rsa_crt_component = 0;
+
+ SECItem mod;
+ CK_RV crv;
+ SECStatus rv;
+
+ switch (key_type) {
+ case CKK_RSA:
+ if (!sftk_hasAttribute(object, CKA_MODULUS)) {
+ missing_rsa_mod_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_PUBLIC_EXPONENT)) {
+ missing_rsa_exp_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_PRIVATE_EXPONENT)) {
+ missing_rsa_exp_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_PRIME_1)) {
+ missing_rsa_mod_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_PRIME_2)) {
+ missing_rsa_mod_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_EXPONENT_1)) {
+ missing_rsa_crt_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_EXPONENT_2)) {
+ missing_rsa_crt_component++;
+ }
+ if (!sftk_hasAttribute(object, CKA_COEFFICIENT)) {
+ missing_rsa_crt_component++;
+ }
+ if (missing_rsa_mod_component || missing_rsa_exp_component ||
+ missing_rsa_crt_component) {
+ /* we are missing a component, see if we have enough to rebuild
+ * the rest */
+ int have_exp = 2 - missing_rsa_exp_component;
+ int have_component = 5 -
+ (missing_rsa_exp_component + missing_rsa_mod_component);
+
+ if ((have_exp == 0) || (have_component < 3)) {
+ /* nope, not enough to reconstruct the private key */
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ fillPrivateKey = PR_TRUE;
+ }
+ /*verify the parameters for consistency*/
+ rv = sftk_verifyRSAPrivateKey(object, fillPrivateKey);
+ if (rv != SECSuccess) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* make sure Netscape DB attribute is set correctly */
+ crv = sftk_Attribute2SSecItem(NULL, &mod, object, CKA_MODULUS);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_forceAttribute(object, CKA_NSS_DB,
+ sftk_item_expand(&mod));
+ if (mod.data)
+ SECITEM_ZfreeItem(&mod, PR_FALSE);
+ if (crv != CKR_OK)
+ return crv;
+
+ sign = CK_TRUE;
+ derive = CK_FALSE;
+ break;
+ case CKK_DSA:
+ if (!sftk_hasAttribute(object, CKA_SUBPRIME)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ sign = CK_TRUE;
+ derive = CK_FALSE;
+ /* fall through */
+ case CKK_DH:
+ if (!sftk_hasAttribute(object, CKA_PRIME)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_BASE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ /* allow subprime to be set after the fact */
+ crv = sftk_defaultAttribute(object, CKA_SUBPRIME, NULL, 0);
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ encrypt = CK_FALSE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+ case CKK_EC:
+ if (!sftk_hasAttribute(object, CKA_EC_PARAMS)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ encrypt = CK_FALSE;
+ sign = CK_TRUE;
+ recover = CK_FALSE;
+ wrap = CK_FALSE;
+ break;
+ case CKK_NSS_JPAKE_ROUND1:
+ if (!sftk_hasAttribute(object, CKA_PRIME) ||
+ !sftk_hasAttribute(object, CKA_SUBPRIME) ||
+ !sftk_hasAttribute(object, CKA_BASE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ /* fall through */
+ case CKK_NSS_JPAKE_ROUND2:
+ /* CKA_NSS_JPAKE_SIGNERID and CKA_NSS_JPAKE_PEERID are checked in
+ the J-PAKE code. */
+ encrypt = sign = recover = wrap = CK_FALSE;
+ derive = CK_TRUE;
+ createObjectInfo = PR_FALSE;
+ break;
+ case CKK_NSS_KYBER:
+ if (!sftk_hasAttribute(object, CKA_KEY_TYPE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ encrypt = sign = recover = wrap = CK_FALSE;
+ break;
+ default:
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ crv = sftk_defaultAttribute(object, CKA_SUBJECT, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_SENSITIVE, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_EXTRACTABLE, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_DECRYPT, &encrypt, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_SIGN, &sign, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_SIGN_RECOVER, &recover,
+ sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_UNWRAP, &wrap, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_DERIVE, &derive, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ /* the next two bits get modified only in the key gen and token cases */
+ crv = sftk_forceAttribute(object, CKA_ALWAYS_SENSITIVE,
+ &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_forceAttribute(object, CKA_NEVER_EXTRACTABLE,
+ &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ /* should we check the non-token RSA private keys? */
+
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *keyHandle = sftk_getKeyDB(slot);
+
+ if (keyHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(keyHandle, object, &object->handle);
+ sftk_freeDB(keyHandle);
+ return crv;
+ } else if (createObjectInfo) {
+ object->objectInfo = sftk_mkPrivKey(object, key_type, &crv);
+ if (object->objectInfo == NULL)
+ return crv;
+ object->infoFree = (SFTKFree)nsslowkey_DestroyPrivateKey;
+ }
+ return CKR_OK;
+}
+
+/* forward declare the DES formating function for handleSecretKey */
+void sftk_FormatDESKey(unsigned char *key, int length);
+
+/* Validate secret key data, and set defaults */
+static CK_RV
+validateSecretKey(SFTKSession *session, SFTKObject *object,
+ CK_KEY_TYPE key_type, PRBool isFIPS)
+{
+ CK_RV crv;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_BBOOL ckfalse = CK_FALSE;
+ SFTKAttribute *attribute = NULL;
+ unsigned long requiredLen;
+
+ crv = sftk_defaultAttribute(object, CKA_SENSITIVE,
+ isFIPS ? &cktrue : &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_EXTRACTABLE,
+ &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_ENCRYPT, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_DECRYPT, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_SIGN, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_VERIFY, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_WRAP, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_UNWRAP, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ if (!sftk_hasAttribute(object, CKA_VALUE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ /* the next two bits get modified only in the key gen and token cases */
+ crv = sftk_forceAttribute(object, CKA_ALWAYS_SENSITIVE,
+ &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_forceAttribute(object, CKA_NEVER_EXTRACTABLE,
+ &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ /* some types of keys have a value length */
+ crv = CKR_OK;
+ switch (key_type) {
+ /* force CKA_VALUE_LEN to be set */
+ case CKK_GENERIC_SECRET:
+ case CKK_RC2:
+ case CKK_RC4:
+#if NSS_SOFTOKEN_DOES_RC5
+ case CKK_RC5:
+#endif
+#ifdef NSS_SOFTOKEN_DOES_CAST
+ case CKK_CAST:
+ case CKK_CAST3:
+ case CKK_CAST5:
+#endif
+#if NSS_SOFTOKEN_DOES_IDEA
+ case CKK_IDEA:
+#endif
+ attribute = sftk_FindAttribute(object, CKA_VALUE);
+ /* shouldn't happen */
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+ crv = sftk_forceAttribute(object, CKA_VALUE_LEN,
+ &attribute->attrib.ulValueLen, sizeof(CK_ULONG));
+ sftk_FreeAttribute(attribute);
+ break;
+ /* force the value to have the correct parity */
+ case CKK_DES:
+ case CKK_DES2:
+ case CKK_DES3:
+ case CKK_CDMF:
+ attribute = sftk_FindAttribute(object, CKA_VALUE);
+ /* shouldn't happen */
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+ requiredLen = sftk_MapKeySize(key_type);
+ if (attribute->attrib.ulValueLen != requiredLen) {
+ sftk_FreeAttribute(attribute);
+ return CKR_KEY_SIZE_RANGE;
+ }
+ sftk_FormatDESKey((unsigned char *)attribute->attrib.pValue,
+ attribute->attrib.ulValueLen);
+ sftk_FreeAttribute(attribute);
+ break;
+ case CKK_AES:
+ attribute = sftk_FindAttribute(object, CKA_VALUE);
+ /* shouldn't happen */
+ if (attribute == NULL)
+ return CKR_TEMPLATE_INCOMPLETE;
+ if (attribute->attrib.ulValueLen != 16 &&
+ attribute->attrib.ulValueLen != 24 &&
+ attribute->attrib.ulValueLen != 32) {
+ sftk_FreeAttribute(attribute);
+ return CKR_KEY_SIZE_RANGE;
+ }
+ crv = sftk_forceAttribute(object, CKA_VALUE_LEN,
+ &attribute->attrib.ulValueLen, sizeof(CK_ULONG));
+ sftk_FreeAttribute(attribute);
+ break;
+ default:
+ break;
+ }
+
+ return crv;
+}
+
+/*
+ * check the consistancy and initialize a Secret Key Object
+ */
+static CK_RV
+sftk_handleSecretKeyObject(SFTKSession *session, SFTKObject *object,
+ CK_KEY_TYPE key_type, PRBool isFIPS)
+{
+ CK_RV crv;
+
+ /* First validate and set defaults */
+ crv = validateSecretKey(session, object, key_type, isFIPS);
+ if (crv != CKR_OK)
+ goto loser;
+
+ /* If the object is a TOKEN object, store in the database */
+ if (sftk_isTrue(object, CKA_TOKEN)) {
+ SFTKSlot *slot = session->slot;
+ SFTKDBHandle *keyHandle = sftk_getKeyDB(slot);
+
+ if (keyHandle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ crv = sftkdb_write(keyHandle, object, &object->handle);
+ sftk_freeDB(keyHandle);
+ return crv;
+ }
+
+loser:
+
+ return crv;
+}
+
+/*
+ * check the consistancy and initialize a Key Object
+ */
+static CK_RV
+sftk_handleKeyObject(SFTKSession *session, SFTKObject *object)
+{
+ SFTKAttribute *attribute;
+ CK_KEY_TYPE key_type;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_RV crv;
+
+ /* verify the required fields */
+ if (!sftk_hasAttribute(object, CKA_KEY_TYPE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* now verify the common fields */
+ crv = sftk_defaultAttribute(object, CKA_ID, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_START_DATE, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_END_DATE, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ /* CKA_DERIVE is common to all keys, but it's default value is
+ * key dependent */
+ crv = sftk_defaultAttribute(object, CKA_LOCAL, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ /* get the key type */
+ attribute = sftk_FindAttribute(object, CKA_KEY_TYPE);
+ if (!attribute) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+
+ switch (object->objclass) {
+ case CKO_PUBLIC_KEY:
+ return sftk_handlePublicKeyObject(session, object, key_type);
+ case CKO_PRIVATE_KEY:
+ return sftk_handlePrivateKeyObject(session, object, key_type);
+ case CKO_SECRET_KEY:
+ /* make sure the required fields exist */
+ return sftk_handleSecretKeyObject(session, object, key_type,
+ (PRBool)(sftk_isFIPS(session->slot->slotID)));
+ default:
+ break;
+ }
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+}
+
+/*
+ * check the consistancy and Verify a DSA Parameter Object
+ */
+static CK_RV
+sftk_handleDSAParameterObject(SFTKSession *session, SFTKObject *object)
+{
+ SFTKAttribute *primeAttr = NULL;
+ SFTKAttribute *subPrimeAttr = NULL;
+ SFTKAttribute *baseAttr = NULL;
+ SFTKAttribute *seedAttr = NULL;
+ SFTKAttribute *hAttr = NULL;
+ SFTKAttribute *attribute;
+ CK_RV crv = CKR_TEMPLATE_INCOMPLETE;
+ PQGParams params;
+ PQGVerify vfy, *verify = NULL;
+ SECStatus result, rv;
+ /* This bool keeps track of whether or not we need verify parameters.
+ * If a P, Q and G or supplied, we dont' need verify parameters, as we
+ * have PQ and G.
+ * - If G is not supplied, the presumption is that we want to
+ * verify P and Q only.
+ * - If counter is supplied, it is presumed we want to verify PQ because
+ * the counter is only used in verification.
+ * - If H is supplied, is is presumed we want to verify G because H is
+ * only used to verify G.
+ * - Any verification step must have the SEED (counter or H could be
+ * missing depending on exactly what we want to verify). If SEED is supplied,
+ * the code just goes ahead and runs verify (other errors are parameter
+ * errors are detected by the PQG_VerifyParams function). If SEED is not
+ * supplied, but we determined that we are trying to verify (because needVfy
+ * is set, go ahead and return CKR_TEMPLATE_INCOMPLETE.
+ */
+ PRBool needVfy = PR_FALSE;
+
+ primeAttr = sftk_FindAttribute(object, CKA_PRIME);
+ if (primeAttr == NULL)
+ goto loser;
+ params.prime.data = primeAttr->attrib.pValue;
+ params.prime.len = primeAttr->attrib.ulValueLen;
+
+ subPrimeAttr = sftk_FindAttribute(object, CKA_SUBPRIME);
+ if (subPrimeAttr == NULL)
+ goto loser;
+ params.subPrime.data = subPrimeAttr->attrib.pValue;
+ params.subPrime.len = subPrimeAttr->attrib.ulValueLen;
+
+ baseAttr = sftk_FindAttribute(object, CKA_BASE);
+ if (baseAttr != NULL) {
+ params.base.data = baseAttr->attrib.pValue;
+ params.base.len = baseAttr->attrib.ulValueLen;
+ } else {
+ params.base.data = NULL;
+ params.base.len = 0;
+ needVfy = PR_TRUE; /* presumably only including PQ so we can verify
+ * them. */
+ }
+
+ attribute = sftk_FindAttribute(object, CKA_NSS_PQG_COUNTER);
+ if (attribute != NULL) {
+ vfy.counter = *(CK_ULONG *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+ needVfy = PR_TRUE; /* included a count so we can verify PQ */
+ } else {
+ vfy.counter = -1;
+ }
+
+ hAttr = sftk_FindAttribute(object, CKA_NSS_PQG_H);
+ if (hAttr != NULL) {
+ vfy.h.data = hAttr->attrib.pValue;
+ vfy.h.len = hAttr->attrib.ulValueLen;
+ needVfy = PR_TRUE; /* included H so we can verify G */
+ } else {
+ vfy.h.data = NULL;
+ vfy.h.len = 0;
+ }
+ seedAttr = sftk_FindAttribute(object, CKA_NSS_PQG_SEED);
+ if (seedAttr != NULL) {
+ vfy.seed.data = seedAttr->attrib.pValue;
+ vfy.seed.len = seedAttr->attrib.ulValueLen;
+
+ verify = &vfy;
+ } else if (needVfy) {
+ goto loser; /* Verify always needs seed, if we need verify and not seed
+ * then fail */
+ }
+
+ crv = CKR_FUNCTION_FAILED;
+ rv = PQG_VerifyParams(&params, verify, &result);
+ if (rv == SECSuccess) {
+ crv = (result == SECSuccess) ? CKR_OK : CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+
+loser:
+ if (hAttr)
+ sftk_FreeAttribute(hAttr);
+ if (seedAttr)
+ sftk_FreeAttribute(seedAttr);
+ if (baseAttr)
+ sftk_FreeAttribute(baseAttr);
+ if (subPrimeAttr)
+ sftk_FreeAttribute(subPrimeAttr);
+ if (primeAttr)
+ sftk_FreeAttribute(primeAttr);
+
+ return crv;
+}
+
+/*
+ * check the consistancy and initialize a Key Parameter Object
+ */
+static CK_RV
+sftk_handleKeyParameterObject(SFTKSession *session, SFTKObject *object)
+{
+ SFTKAttribute *attribute;
+ CK_KEY_TYPE key_type;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_RV crv;
+
+ /* verify the required fields */
+ if (!sftk_hasAttribute(object, CKA_KEY_TYPE)) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+
+ /* now verify the common fields */
+ crv = sftk_defaultAttribute(object, CKA_LOCAL, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ /* get the key type */
+ attribute = sftk_FindAttribute(object, CKA_KEY_TYPE);
+ if (!attribute) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ key_type = *(CK_KEY_TYPE *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+
+ switch (key_type) {
+ case CKK_DSA:
+ return sftk_handleDSAParameterObject(session, object);
+
+ default:
+ break;
+ }
+ return CKR_KEY_TYPE_INCONSISTENT;
+}
+
+/*
+ * Handle Object does all the object consistancy checks, automatic attribute
+ * generation, attribute defaulting, etc. If handleObject succeeds, the object
+ * will be assigned an object handle, and the object installed in the session
+ * or stored in the DB.
+ */
+CK_RV
+sftk_handleObject(SFTKObject *object, SFTKSession *session)
+{
+ SFTKSlot *slot = session->slot;
+ SFTKAttribute *attribute;
+ CK_BBOOL ckfalse = CK_FALSE;
+ CK_BBOOL cktrue = CK_TRUE;
+ PRBool isLoggedIn, needLogin;
+ CK_RV crv;
+
+ /* make sure all the base object types are defined. If not set the
+ * defaults */
+ crv = sftk_defaultAttribute(object, CKA_TOKEN, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_PRIVATE, &ckfalse, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_LABEL, NULL, 0);
+ if (crv != CKR_OK)
+ return crv;
+ crv = sftk_defaultAttribute(object, CKA_MODIFIABLE, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK)
+ return crv;
+
+ PZ_Lock(slot->slotLock);
+ isLoggedIn = slot->isLoggedIn;
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+
+ /* don't create a private object if we aren't logged in */
+ if (!isLoggedIn && needLogin && sftk_isTrue(object, CKA_PRIVATE)) {
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+
+ if (((session->info.flags & CKF_RW_SESSION) == 0) &&
+ (sftk_isTrue(object, CKA_TOKEN))) {
+ return CKR_SESSION_READ_ONLY;
+ }
+
+ /* Assign a unique SESSION object handle to every new object,
+ * whether it is a session object or a token object.
+ * At this point, all new objects are structured as session objects.
+ * Objects with the CKA_TOKEN attribute true will be turned into
+ * token objects and will have a token object handle assigned to
+ * them by a call to sftk_mkHandle in the handler for each object
+ * class, invoked below.
+ *
+ * It may be helpful to note/remember that
+ * sftk_narrowToXxxObject uses sftk_isToken,
+ * sftk_isToken examines the sign bit of the object's handle, but
+ * sftk_isTrue(...,CKA_TOKEN) examines the CKA_TOKEN attribute.
+ */
+ object->handle = sftk_getNextHandle(slot);
+
+ /* get the object class */
+ attribute = sftk_FindAttribute(object, CKA_CLASS);
+ if (attribute == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ object->objclass = *(CK_OBJECT_CLASS *)attribute->attrib.pValue;
+ sftk_FreeAttribute(attribute);
+
+ /* Now handle the specific object class.
+ * At this point, all objects are session objects, and the session
+ * number must be passed to the object class handlers.
+ */
+ switch (object->objclass) {
+ case CKO_DATA:
+ crv = sftk_handleDataObject(session, object);
+ break;
+ case CKO_CERTIFICATE:
+ crv = sftk_handleCertObject(session, object);
+ break;
+ case CKO_NSS_TRUST:
+ crv = sftk_handleTrustObject(session, object);
+ break;
+ case CKO_NSS_CRL:
+ crv = sftk_handleCrlObject(session, object);
+ break;
+ case CKO_NSS_SMIME:
+ crv = sftk_handleSMimeObject(session, object);
+ break;
+ case CKO_PRIVATE_KEY:
+ case CKO_PUBLIC_KEY:
+ case CKO_SECRET_KEY:
+ crv = sftk_handleKeyObject(session, object);
+ break;
+ case CKO_DOMAIN_PARAMETERS:
+ crv = sftk_handleKeyParameterObject(session, object);
+ break;
+ default:
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ break;
+ }
+
+ /* can't fail from here on out unless the pk_handlXXX functions have
+ * failed the request */
+ if (crv != CKR_OK) {
+ return crv;
+ }
+
+ /* Now link the object into the slot and session structures.
+ * If the object has a true CKA_TOKEN attribute, the above object
+ * class handlers will have set the sign bit in the object handle,
+ * causing the following test to be true.
+ */
+ if (sftk_isToken(object->handle)) {
+ sftk_convertSessionToToken(object);
+ } else {
+ object->slot = slot;
+ sftk_AddObject(session, object);
+ }
+
+ return CKR_OK;
+}
+
+/*
+ * ******************** Public Key Utilities ***************************
+ */
+/* Generate a low public key structure from an object */
+NSSLOWKEYPublicKey *
+sftk_GetPubKey(SFTKObject *object, CK_KEY_TYPE key_type,
+ CK_RV *crvp)
+{
+ NSSLOWKEYPublicKey *pubKey;
+ PLArenaPool *arena;
+ CK_RV crv;
+
+ if (object->objclass != CKO_PUBLIC_KEY) {
+ *crvp = CKR_KEY_TYPE_INCONSISTENT;
+ return NULL;
+ }
+
+ if (sftk_isToken(object->handle)) {
+ /* ferret out the token object handle */
+ }
+
+ /* If we already have a key, use it */
+ if (object->objectInfo) {
+ *crvp = CKR_OK;
+ return (NSSLOWKEYPublicKey *)object->objectInfo;
+ }
+
+ /* allocate the structure */
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+
+ pubKey = (NSSLOWKEYPublicKey *)
+ PORT_ArenaAlloc(arena, sizeof(NSSLOWKEYPublicKey));
+ if (pubKey == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+
+ /* fill in the structure */
+ pubKey->arena = arena;
+ switch (key_type) {
+ case CKK_RSA:
+ pubKey->keyType = NSSLOWKEYRSAKey;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.rsa.modulus,
+ object, CKA_MODULUS);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.rsa.publicExponent,
+ object, CKA_PUBLIC_EXPONENT);
+ break;
+ case CKK_DSA:
+ pubKey->keyType = NSSLOWKEYDSAKey;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dsa.params.prime,
+ object, CKA_PRIME);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dsa.params.subPrime,
+ object, CKA_SUBPRIME);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dsa.params.base,
+ object, CKA_BASE);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dsa.publicValue,
+ object, CKA_VALUE);
+ break;
+ case CKK_DH:
+ pubKey->keyType = NSSLOWKEYDHKey;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dh.prime,
+ object, CKA_PRIME);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dh.base,
+ object, CKA_BASE);
+ if (crv != CKR_OK)
+ break;
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.dh.publicValue,
+ object, CKA_VALUE);
+ break;
+ case CKK_EC:
+ pubKey->keyType = NSSLOWKEYECKey;
+ crv = sftk_Attribute2SSecItem(arena,
+ &pubKey->u.ec.ecParams.DEREncoding,
+ object, CKA_EC_PARAMS);
+ if (crv != CKR_OK)
+ break;
+
+ /* Fill out the rest of the ecParams structure
+ * based on the encoded params
+ */
+ if (EC_FillParams(arena, &pubKey->u.ec.ecParams.DEREncoding,
+ &pubKey->u.ec.ecParams) != SECSuccess) {
+ crv = CKR_DOMAIN_PARAMS_INVALID;
+ break;
+ }
+
+ crv = sftk_Attribute2SSecItem(arena, &pubKey->u.ec.publicValue,
+ object, CKA_EC_POINT);
+ if (crv == CKR_OK) {
+ unsigned int keyLen = EC_GetPointSize(&pubKey->u.ec.ecParams);
+
+ /* special note: We can't just use the first byte to distinguish
+ * between EC_POINT_FORM_UNCOMPRESSED and SEC_ASN1_OCTET_STRING.
+ * Both are 0x04. */
+
+ /* Handle the non-DER encoded case.
+ * Some curves are always pressumed to be non-DER.
+ */
+ if (pubKey->u.ec.ecParams.type != ec_params_named ||
+ (pubKey->u.ec.publicValue.len == keyLen &&
+ pubKey->u.ec.publicValue.data[0] == EC_POINT_FORM_UNCOMPRESSED)) {
+ break; /* key was not DER encoded, no need to unwrap */
+ }
+
+ /* handle the encoded case */
+ if ((pubKey->u.ec.publicValue.data[0] == SEC_ASN1_OCTET_STRING) &&
+ pubKey->u.ec.publicValue.len > keyLen) {
+ SECItem publicValue;
+ SECStatus rv;
+
+ rv = SEC_QuickDERDecodeItem(arena, &publicValue,
+ SEC_ASN1_GET(SEC_OctetStringTemplate),
+ &pubKey->u.ec.publicValue);
+ /* nope, didn't decode correctly */
+ if ((rv != SECSuccess) || (publicValue.len != keyLen)) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ break;
+ }
+ /* we don't handle compressed points except in the case of ECCurve25519 */
+ if (publicValue.data[0] != EC_POINT_FORM_UNCOMPRESSED) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ break;
+ }
+ /* replace our previous with the decoded key */
+ pubKey->u.ec.publicValue = publicValue;
+ break;
+ }
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ break;
+ case CKK_NSS_KYBER:
+ crv = CKR_OK;
+ break;
+ default:
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ *crvp = crv;
+ if (crv != CKR_OK) {
+ PORT_FreeArena(arena, PR_TRUE);
+ return NULL;
+ }
+
+ object->objectInfo = pubKey;
+ object->infoFree = (SFTKFree)nsslowkey_DestroyPublicKey;
+ return pubKey;
+}
+
+/* make a private key from a verified object */
+static NSSLOWKEYPrivateKey *
+sftk_mkPrivKey(SFTKObject *object, CK_KEY_TYPE key_type, CK_RV *crvp)
+{
+ NSSLOWKEYPrivateKey *privKey;
+ SFTKItemTemplate itemTemplate[SFTK_MAX_ITEM_TEMPLATE];
+ int itemTemplateCount = 0;
+ PLArenaPool *arena;
+ CK_RV crv = CKR_OK;
+ SECStatus rv;
+
+ arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
+ if (arena == NULL) {
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+
+ privKey = (NSSLOWKEYPrivateKey *)
+ PORT_ArenaZAlloc(arena, sizeof(NSSLOWKEYPrivateKey));
+ if (privKey == NULL) {
+ PORT_FreeArena(arena, PR_FALSE);
+ *crvp = CKR_HOST_MEMORY;
+ return NULL;
+ }
+
+ /* in future this would be a switch on key_type */
+ privKey->arena = arena;
+ switch (key_type) {
+ case CKK_RSA:
+ privKey->keyType = NSSLOWKEYRSAKey;
+
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.modulus, CKA_MODULUS);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.publicExponent, CKA_PUBLIC_EXPONENT);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.privateExponent, CKA_PRIVATE_EXPONENT);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.prime1, CKA_PRIME_1);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.prime2, CKA_PRIME_2);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.exponent1, CKA_EXPONENT_1);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.exponent2, CKA_EXPONENT_2);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.rsa.coefficient, CKA_COEFFICIENT);
+ itemTemplateCount++;
+ rv = DER_SetUInteger(privKey->arena, &privKey->u.rsa.version,
+ NSSLOWKEY_PRIVATE_KEY_INFO_VERSION);
+ if (rv != SECSuccess)
+ crv = CKR_HOST_MEMORY;
+ break;
+
+ case CKK_DSA:
+ privKey->keyType = NSSLOWKEYDSAKey;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dsa.params.prime, CKA_PRIME);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dsa.params.subPrime, CKA_SUBPRIME);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dsa.params.base, CKA_BASE);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dsa.privateValue, CKA_VALUE);
+ itemTemplateCount++;
+ /* privKey was zero'd so public value is already set to NULL, 0
+ * if we don't set it explicitly */
+ break;
+
+ case CKK_DH:
+ privKey->keyType = NSSLOWKEYDHKey;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dh.prime, CKA_PRIME);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dh.base, CKA_BASE);
+ itemTemplateCount++;
+ SFTK_SET_ITEM_TEMPLATE(itemTemplate, itemTemplateCount,
+ &privKey->u.dh.privateValue, CKA_VALUE);
+ itemTemplateCount++;
+ /* privKey was zero'd so public value is already set to NULL, 0
+ * if we don't set it explicitly */
+ break;
+
+ case CKK_EC:
+ privKey->keyType = NSSLOWKEYECKey;
+ crv = sftk_Attribute2SSecItem(arena,
+ &privKey->u.ec.ecParams.DEREncoding,
+ object, CKA_EC_PARAMS);
+ if (crv != CKR_OK)
+ break;
+
+ /* Fill out the rest of the ecParams structure
+ * based on the encoded params
+ */
+ if (EC_FillParams(arena, &privKey->u.ec.ecParams.DEREncoding,
+ &privKey->u.ec.ecParams) != SECSuccess) {
+ crv = CKR_DOMAIN_PARAMS_INVALID;
+ break;
+ }
+ crv = sftk_Attribute2SSecItem(arena, &privKey->u.ec.privateValue,
+ object, CKA_VALUE);
+ if (crv != CKR_OK)
+ break;
+
+ if (sftk_hasAttribute(object, CKA_NSS_DB)) {
+ crv = sftk_Attribute2SSecItem(arena, &privKey->u.ec.publicValue,
+ object, CKA_NSS_DB);
+ if (crv != CKR_OK)
+ break;
+ /* privKey was zero'd so public value is already set to NULL, 0
+ * if we don't set it explicitly */
+ }
+ rv = DER_SetUInteger(privKey->arena, &privKey->u.ec.version,
+ NSSLOWKEY_EC_PRIVATE_KEY_VERSION);
+ if (rv != SECSuccess) {
+ crv = CKR_HOST_MEMORY;
+/* The following ifdef is needed for Linux arm distros and
+ * Android as gcc 4.6 has a bug when targeting arm (but not
+ * thumb). The bug has been fixed in gcc 4.7.
+ * http://gcc.gnu.org/bugzilla/show_bug.cgi?id=56561
+ */
+#if defined(__arm__) && !defined(__thumb__) && defined(__GNUC__)
+ *crvp = CKR_HOST_MEMORY;
+ break;
+#endif
+ }
+ break;
+
+ case CKK_NSS_KYBER:
+ break;
+
+ default:
+ crv = CKR_KEY_TYPE_INCONSISTENT;
+ break;
+ }
+ if (crv == CKR_OK && itemTemplateCount != 0) {
+ PORT_Assert(itemTemplateCount > 0);
+ PORT_Assert(itemTemplateCount <= SFTK_MAX_ITEM_TEMPLATE);
+ crv = sftk_MultipleAttribute2SecItem(arena, object, itemTemplate,
+ itemTemplateCount);
+ }
+ *crvp = crv;
+ if (crv != CKR_OK) {
+ PORT_FreeArena(arena, PR_TRUE);
+ return NULL;
+ }
+ return privKey;
+}
+
+/*
+ * If a partial RSA private key is present, fill in the rest if necessary,
+ * and then verify the parameters are well-formed
+ */
+static SECStatus
+sftk_verifyRSAPrivateKey(SFTKObject *object, PRBool fillIfNeeded)
+{
+ RSAPrivateKey tmpKey = { 0 };
+ SFTKAttribute *modulus = NULL;
+ SFTKAttribute *prime1 = NULL;
+ SFTKAttribute *prime2 = NULL;
+ SFTKAttribute *privateExponent = NULL;
+ SFTKAttribute *publicExponent = NULL;
+ SFTKAttribute *exponent1 = NULL;
+ SFTKAttribute *exponent2 = NULL;
+ SFTKAttribute *coefficient = NULL;
+ SECStatus rv;
+ CK_RV crv;
+
+ /* first fill in the components that we have. Populate only uses
+ * the non-crt components, so only fill those in */
+ tmpKey.arena = NULL;
+ modulus = sftk_FindAttribute(object, CKA_MODULUS);
+ if (modulus) {
+ tmpKey.modulus.data = modulus->attrib.pValue;
+ tmpKey.modulus.len = modulus->attrib.ulValueLen;
+ }
+ prime1 = sftk_FindAttribute(object, CKA_PRIME_1);
+ if (prime1) {
+ tmpKey.prime1.data = prime1->attrib.pValue;
+ tmpKey.prime1.len = prime1->attrib.ulValueLen;
+ }
+ prime2 = sftk_FindAttribute(object, CKA_PRIME_2);
+ if (prime2) {
+ tmpKey.prime2.data = prime2->attrib.pValue;
+ tmpKey.prime2.len = prime2->attrib.ulValueLen;
+ }
+ privateExponent = sftk_FindAttribute(object, CKA_PRIVATE_EXPONENT);
+ if (privateExponent) {
+ tmpKey.privateExponent.data = privateExponent->attrib.pValue;
+ tmpKey.privateExponent.len = privateExponent->attrib.ulValueLen;
+ }
+ publicExponent = sftk_FindAttribute(object, CKA_PUBLIC_EXPONENT);
+ if (publicExponent) {
+ tmpKey.publicExponent.data = publicExponent->attrib.pValue;
+ tmpKey.publicExponent.len = publicExponent->attrib.ulValueLen;
+ }
+ exponent1 = sftk_FindAttribute(object, CKA_EXPONENT_1);
+ if (exponent1) {
+ tmpKey.exponent1.data = exponent1->attrib.pValue;
+ tmpKey.exponent1.len = exponent1->attrib.ulValueLen;
+ }
+ exponent2 = sftk_FindAttribute(object, CKA_EXPONENT_2);
+ if (exponent2) {
+ tmpKey.exponent2.data = exponent2->attrib.pValue;
+ tmpKey.exponent2.len = exponent2->attrib.ulValueLen;
+ }
+ coefficient = sftk_FindAttribute(object, CKA_COEFFICIENT);
+ if (coefficient) {
+ tmpKey.coefficient.data = coefficient->attrib.pValue;
+ tmpKey.coefficient.len = coefficient->attrib.ulValueLen;
+ }
+
+ if (fillIfNeeded) {
+ /*
+ * populate requires one exponent plus 2 other components to work.
+ * we expected our caller to check that first. If that didn't happen,
+ * populate will simply return an error here.
+ */
+ rv = RSA_PopulatePrivateKey(&tmpKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ }
+ rv = RSA_PrivateKeyCheck(&tmpKey);
+ if (rv != SECSuccess) {
+ goto loser;
+ }
+ /* now that we have a fully populated key, set all our attribute values */
+ rv = SECFailure;
+ if (!modulus || modulus->attrib.pValue != tmpKey.modulus.data) {
+ crv = sftk_forceAttribute(object, CKA_MODULUS,
+ sftk_item_expand(&tmpKey.modulus));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!publicExponent ||
+ publicExponent->attrib.pValue != tmpKey.publicExponent.data) {
+ crv = sftk_forceAttribute(object, CKA_PUBLIC_EXPONENT,
+ sftk_item_expand(&tmpKey.publicExponent));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!privateExponent ||
+ privateExponent->attrib.pValue != tmpKey.privateExponent.data) {
+ crv = sftk_forceAttribute(object, CKA_PRIVATE_EXPONENT,
+ sftk_item_expand(&tmpKey.privateExponent));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!prime1 || prime1->attrib.pValue != tmpKey.prime1.data) {
+ crv = sftk_forceAttribute(object, CKA_PRIME_1,
+ sftk_item_expand(&tmpKey.prime1));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!prime2 || prime2->attrib.pValue != tmpKey.prime2.data) {
+ crv = sftk_forceAttribute(object, CKA_PRIME_2,
+ sftk_item_expand(&tmpKey.prime2));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!exponent1 || exponent1->attrib.pValue != tmpKey.exponent1.data) {
+ crv = sftk_forceAttribute(object, CKA_EXPONENT_1,
+ sftk_item_expand(&tmpKey.exponent1));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!exponent2 || exponent2->attrib.pValue != tmpKey.exponent2.data) {
+ crv = sftk_forceAttribute(object, CKA_EXPONENT_2,
+ sftk_item_expand(&tmpKey.exponent2));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ if (!coefficient || coefficient->attrib.pValue != tmpKey.coefficient.data) {
+ crv = sftk_forceAttribute(object, CKA_COEFFICIENT,
+ sftk_item_expand(&tmpKey.coefficient));
+ if (crv != CKR_OK)
+ goto loser;
+ }
+ rv = SECSuccess;
+
+/* we're done (one way or the other), clean up all our stuff */
+loser:
+ if (tmpKey.arena) {
+ PORT_FreeArena(tmpKey.arena, PR_TRUE);
+ }
+ if (modulus) {
+ sftk_FreeAttribute(modulus);
+ }
+ if (prime1) {
+ sftk_FreeAttribute(prime1);
+ }
+ if (prime2) {
+ sftk_FreeAttribute(prime2);
+ }
+ if (privateExponent) {
+ sftk_FreeAttribute(privateExponent);
+ }
+ if (publicExponent) {
+ sftk_FreeAttribute(publicExponent);
+ }
+ if (exponent1) {
+ sftk_FreeAttribute(exponent1);
+ }
+ if (exponent2) {
+ sftk_FreeAttribute(exponent2);
+ }
+ if (coefficient) {
+ sftk_FreeAttribute(coefficient);
+ }
+ return rv;
+}
+
+/* Generate a low private key structure from an object */
+NSSLOWKEYPrivateKey *
+sftk_GetPrivKey(SFTKObject *object, CK_KEY_TYPE key_type, CK_RV *crvp)
+{
+ NSSLOWKEYPrivateKey *priv = NULL;
+
+ if (object->objclass != CKO_PRIVATE_KEY) {
+ *crvp = CKR_KEY_TYPE_INCONSISTENT;
+ return NULL;
+ }
+ if (object->objectInfo) {
+ *crvp = CKR_OK;
+ return (NSSLOWKEYPrivateKey *)object->objectInfo;
+ }
+
+ priv = sftk_mkPrivKey(object, key_type, crvp);
+ object->objectInfo = priv;
+ object->infoFree = (SFTKFree)nsslowkey_DestroyPrivateKey;
+ return priv;
+}
+
+/* populate a public key object from a lowpublic keys structure */
+CK_RV
+sftk_PutPubKey(SFTKObject *publicKey, SFTKObject *privateKey, CK_KEY_TYPE keyType, NSSLOWKEYPublicKey *pubKey)
+{
+ CK_OBJECT_CLASS classType = CKO_PUBLIC_KEY;
+ CK_BBOOL cktrue = CK_TRUE;
+ CK_RV crv = CKR_OK;
+ sftk_DeleteAttributeType(publicKey, CKA_CLASS);
+ sftk_DeleteAttributeType(publicKey, CKA_KEY_TYPE);
+ sftk_DeleteAttributeType(publicKey, CKA_VALUE);
+
+ switch (keyType) {
+ case CKK_RSA:
+ sftk_DeleteAttributeType(publicKey, CKA_MODULUS);
+ sftk_DeleteAttributeType(publicKey, CKA_PUBLIC_EXPONENT);
+ /* format the keys */
+ /* fill in the RSA dependent paramenters in the public key */
+ crv = sftk_AddAttributeType(publicKey, CKA_MODULUS,
+ sftk_item_expand(&pubKey->u.rsa.modulus));
+ if (crv != CKR_OK) {
+ break;
+ }
+ crv = sftk_AddAttributeType(publicKey, CKA_PUBLIC_EXPONENT,
+ sftk_item_expand(&pubKey->u.rsa.publicExponent));
+ break;
+ case CKK_DSA:
+ sftk_DeleteAttributeType(publicKey, CKA_PRIME);
+ sftk_DeleteAttributeType(publicKey, CKA_SUBPRIME);
+ sftk_DeleteAttributeType(publicKey, CKA_BASE);
+ crv = sftk_AddAttributeType(publicKey, CKA_PRIME,
+ sftk_item_expand(&pubKey->u.dsa.params.prime));
+ if (crv != CKR_OK) {
+ break;
+ }
+ crv = sftk_AddAttributeType(publicKey, CKA_SUBPRIME,
+ sftk_item_expand(&pubKey->u.dsa.params.subPrime));
+ if (crv != CKR_OK) {
+ break;
+ }
+ crv = sftk_AddAttributeType(publicKey, CKA_BASE,
+ sftk_item_expand(&pubKey->u.dsa.params.base));
+ if (crv != CKR_OK) {
+ break;
+ }
+ crv = sftk_AddAttributeType(publicKey, CKA_VALUE,
+ sftk_item_expand(&pubKey->u.dsa.publicValue));
+ break;
+ case CKK_DH:
+ sftk_DeleteAttributeType(publicKey, CKA_PRIME);
+ sftk_DeleteAttributeType(publicKey, CKA_BASE);
+ crv = sftk_AddAttributeType(publicKey, CKA_PRIME,
+ sftk_item_expand(&pubKey->u.dh.prime));
+ if (crv != CKR_OK) {
+ break;
+ }
+ crv = sftk_AddAttributeType(publicKey, CKA_BASE,
+ sftk_item_expand(&pubKey->u.dh.base));
+ if (crv != CKR_OK) {
+ break;
+ }
+ crv = sftk_AddAttributeType(publicKey, CKA_VALUE,
+ sftk_item_expand(&pubKey->u.dh.publicValue));
+ break;
+ case CKK_EC:
+ sftk_DeleteAttributeType(publicKey, CKA_EC_PARAMS);
+ sftk_DeleteAttributeType(publicKey, CKA_EC_POINT);
+ crv = sftk_AddAttributeType(publicKey, CKA_EC_PARAMS,
+ sftk_item_expand(&pubKey->u.ec.ecParams.DEREncoding));
+ if (crv != CKR_OK) {
+ break;
+ }
+ crv = sftk_AddAttributeType(publicKey, CKA_EC_POINT,
+ sftk_item_expand(&pubKey->u.ec.publicValue));
+ break;
+ default:
+ return CKR_KEY_TYPE_INCONSISTENT;
+ }
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_AddAttributeType(publicKey, CKA_CLASS, &classType,
+ sizeof(CK_OBJECT_CLASS));
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ crv = sftk_AddAttributeType(publicKey, CKA_KEY_TYPE, &keyType,
+ sizeof(CK_KEY_TYPE));
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ /* now handle the operator attributes */
+ if (sftk_isTrue(privateKey, CKA_DECRYPT)) {
+ crv = sftk_forceAttribute(publicKey, CKA_ENCRYPT, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ }
+ if (sftk_isTrue(privateKey, CKA_SIGN)) {
+ crv = sftk_forceAttribute(publicKey, CKA_VERIFY, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ }
+ if (sftk_isTrue(privateKey, CKA_SIGN_RECOVER)) {
+ crv = sftk_forceAttribute(publicKey, CKA_VERIFY_RECOVER, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ }
+ if (sftk_isTrue(privateKey, CKA_DERIVE)) {
+ crv = sftk_forceAttribute(publicKey, CKA_DERIVE, &cktrue, sizeof(CK_BBOOL));
+ if (crv != CKR_OK) {
+ return crv;
+ }
+ }
+ return crv;
+}
+
+/*
+ **************************** Symetric Key utils ************************
+ */
+/*
+ * set the DES key with parity bits correctly
+ */
+void
+sftk_FormatDESKey(unsigned char *key, int length)
+{
+ int i;
+
+ /* format the des key */
+ for (i = 0; i < length; i++) {
+ key[i] = parityTable[key[i] >> 1];
+ }
+}
+
+/*
+ * check a des key (des2 or des3 subkey) for weak keys.
+ */
+PRBool
+sftk_CheckDESKey(unsigned char *key)
+{
+ int i;
+
+ /* format the des key with parity */
+ sftk_FormatDESKey(key, 8);
+
+ for (i = 0; i < sftk_desWeakTableSize; i++) {
+ if (PORT_Memcmp(key, sftk_desWeakTable[i], 8) == 0) {
+ return PR_TRUE;
+ }
+ }
+ return PR_FALSE;
+}
+
+/*
+ * check if a des or triple des key is weak.
+ */
+PRBool
+sftk_IsWeakKey(unsigned char *key, CK_KEY_TYPE key_type)
+{
+
+ switch (key_type) {
+ case CKK_DES:
+ return sftk_CheckDESKey(key);
+ case CKM_DES2_KEY_GEN:
+ if (sftk_CheckDESKey(key))
+ return PR_TRUE;
+ return sftk_CheckDESKey(&key[8]);
+ case CKM_DES3_KEY_GEN:
+ if (sftk_CheckDESKey(key))
+ return PR_TRUE;
+ if (sftk_CheckDESKey(&key[8]))
+ return PR_TRUE;
+ return sftk_CheckDESKey(&key[16]);
+ default:
+ break;
+ }
+ return PR_FALSE;
+}
+
+/**********************************************************************
+ *
+ * Start of PKCS 11 functions
+ *
+ **********************************************************************/
+
+/* return the function list */
+CK_RV
+NSC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
+{
+ *pFunctionList = (CK_FUNCTION_LIST_PTR)&sftk_funcList_v2;
+ return CKR_OK;
+}
+
+/* return the function list */
+CK_RV
+C_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
+{
+#ifdef NSS_FIPS_DISABLED
+ return NSC_GetFunctionList(pFunctionList);
+#else
+ if (NSS_GetSystemFIPSEnabled()) {
+ return FC_GetFunctionList(pFunctionList);
+ } else {
+ return NSC_GetFunctionList(pFunctionList);
+ }
+#endif
+}
+
+CK_RV
+NSC_GetInterfaceList(CK_INTERFACE_PTR interfaces, CK_ULONG_PTR pulCount)
+{
+ CK_ULONG count = *pulCount;
+ *pulCount = NSS_INTERFACE_COUNT;
+ if (interfaces == NULL) {
+ return CKR_OK;
+ }
+ if (count < NSS_INTERFACE_COUNT) {
+ return CKR_BUFFER_TOO_SMALL;
+ }
+ PORT_Memcpy(interfaces, nss_interfaces, sizeof(nss_interfaces));
+ return CKR_OK;
+}
+
+CK_RV
+C_GetInterfaceList(CK_INTERFACE_PTR interfaces, CK_ULONG_PTR pulCount)
+{
+#ifdef NSS_FIPS_DISABLED
+ return NSC_GetInterfaceList(interfaces, pulCount);
+#else
+ if (NSS_GetSystemFIPSEnabled()) {
+ return FC_GetInterfaceList(interfaces, pulCount);
+ } else {
+ return NSC_GetInterfaceList(interfaces, pulCount);
+ }
+#endif
+}
+
+/*
+ * Get the requested interface, use the nss_interfaces array so we can
+ * easily add new interfaces as they occur.
+ */
+CK_RV
+NSC_GetInterface(CK_UTF8CHAR_PTR pInterfaceName, CK_VERSION_PTR pVersion,
+ CK_INTERFACE_PTR_PTR ppInterface, CK_FLAGS flags)
+{
+ int i;
+ for (i = 0; i < NSS_INTERFACE_COUNT; i++) {
+ CK_INTERFACE_PTR interface = &nss_interfaces[i];
+ if (pInterfaceName && PORT_Strcmp((char *)pInterfaceName, (char *)interface->pInterfaceName) != 0) {
+ continue;
+ }
+ if (pVersion && PORT_Memcmp(pVersion, (CK_VERSION *)interface->pFunctionList, sizeof(CK_VERSION)) != 0) {
+ continue;
+ }
+ if (flags & ((interface->flags & flags) != flags)) {
+ continue;
+ }
+ *ppInterface = interface;
+ return CKR_OK;
+ }
+ return CKR_ARGUMENTS_BAD;
+}
+
+CK_RV
+C_GetInterface(CK_UTF8CHAR_PTR pInterfaceName, CK_VERSION_PTR pVersion,
+ CK_INTERFACE_PTR_PTR ppInterface, CK_FLAGS flags)
+{
+#ifdef NSS_FIPS_DISABLED
+ return NSC_GetInterface(pInterfaceName, pVersion, ppInterface, flags);
+#else
+ if (NSS_GetSystemFIPSEnabled()) {
+ return FC_GetInterface(pInterfaceName, pVersion, ppInterface, flags);
+ } else {
+ return NSC_GetInterface(pInterfaceName, pVersion, ppInterface, flags);
+ }
+#endif
+}
+
+static PLHashNumber
+sftk_HashNumber(const void *key)
+{
+ return (PLHashNumber)((char *)key - (char *)NULL);
+}
+
+/*
+ * eventually I'd like to expunge all occurances of XXX_SLOT_ID and
+ * just go with the info in the slot. This is one place, however,
+ * where it might be a little difficult.
+ */
+const char *
+sftk_getDefTokName(CK_SLOT_ID slotID)
+{
+ static char buf[33];
+
+ switch (slotID) {
+ case NETSCAPE_SLOT_ID:
+ return "NSS Generic Crypto Services ";
+ case PRIVATE_KEY_SLOT_ID:
+ return "NSS Certificate DB ";
+ case FIPS_SLOT_ID:
+ return "NSS FIPS 140-2 Certificate DB ";
+ default:
+ break;
+ }
+ snprintf(buf, sizeof(buf), "NSS Application Token %08x ", (unsigned int)slotID);
+ return buf;
+}
+
+const char *
+sftk_getDefSlotName(CK_SLOT_ID slotID)
+{
+ static char buf[65];
+
+ switch (slotID) {
+ case NETSCAPE_SLOT_ID:
+ return "NSS Internal Cryptographic Services ";
+ case PRIVATE_KEY_SLOT_ID:
+ return "NSS User Private Key and Certificate Services ";
+ case FIPS_SLOT_ID:
+ return "NSS FIPS 140-2 User Private Key Services ";
+ default:
+ break;
+ }
+ snprintf(buf, sizeof(buf),
+ "NSS Application Slot %08x ",
+ (unsigned int)slotID);
+ return buf;
+}
+
+static CK_ULONG nscSlotCount[2] = { 0, 0 };
+static CK_SLOT_ID_PTR nscSlotList[2] = { NULL, NULL };
+static CK_ULONG nscSlotListSize[2] = { 0, 0 };
+static PLHashTable *nscSlotHashTable[2] = { NULL, NULL };
+
+static unsigned int
+sftk_GetModuleIndex(CK_SLOT_ID slotID)
+{
+ if (sftk_isFIPS(slotID)) {
+ return NSC_FIPS_MODULE;
+ }
+ return NSC_NON_FIPS_MODULE;
+}
+
+/* look up a slot structure from the ID (used to be a macro when we only
+ * had two slots) */
+/* if all is true, return the slot even if it has been 'unloaded' */
+/* if all is false, only return the slots which are present */
+SFTKSlot *
+sftk_SlotFromID(CK_SLOT_ID slotID, PRBool all)
+{
+ SFTKSlot *slot;
+ unsigned int index = sftk_GetModuleIndex(slotID);
+
+ if (nscSlotHashTable[index] == NULL)
+ return NULL;
+ slot = (SFTKSlot *)PL_HashTableLookupConst(nscSlotHashTable[index],
+ (void *)(uintptr_t)slotID);
+ /* cleared slots shouldn't 'show up' */
+ if (slot && !all && !slot->present)
+ slot = NULL;
+ return slot;
+}
+
+CK_SLOT_ID
+sftk_SlotIDFromSessionHandle(CK_SESSION_HANDLE handle)
+{
+ CK_ULONG slotIDIndex = (handle >> 24) & 0x7f;
+ CK_ULONG moduleIndex = (handle >> 31) & 1;
+
+ if (slotIDIndex >= nscSlotCount[moduleIndex]) {
+ return (CK_SLOT_ID)-1;
+ }
+ return nscSlotList[moduleIndex][slotIDIndex];
+}
+
+SFTKSlot *
+sftk_SlotFromSessionHandle(CK_SESSION_HANDLE handle)
+{
+ return sftk_SlotFromID(sftk_SlotIDFromSessionHandle(handle), PR_FALSE);
+}
+
+static CK_RV
+sftk_RegisterSlot(SFTKSlot *slot, unsigned int moduleIndex)
+{
+ PLHashEntry *entry;
+ unsigned int index;
+
+ index = sftk_GetModuleIndex(slot->slotID);
+
+ /* make sure the slotID for this module is valid */
+ if (moduleIndex != index) {
+ return CKR_SLOT_ID_INVALID;
+ }
+
+ if (nscSlotList[index] == NULL) {
+ nscSlotListSize[index] = NSC_SLOT_LIST_BLOCK_SIZE;
+ nscSlotList[index] = (CK_SLOT_ID *)
+ PORT_ZAlloc(nscSlotListSize[index] * sizeof(CK_SLOT_ID));
+ if (nscSlotList[index] == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ }
+ if (nscSlotCount[index] >= nscSlotListSize[index]) {
+ CK_SLOT_ID *oldNscSlotList = nscSlotList[index];
+ CK_ULONG oldNscSlotListSize = nscSlotListSize[index];
+ nscSlotListSize[index] += NSC_SLOT_LIST_BLOCK_SIZE;
+ nscSlotList[index] = (CK_SLOT_ID *)PORT_Realloc(oldNscSlotList,
+ nscSlotListSize[index] * sizeof(CK_SLOT_ID));
+ if (nscSlotList[index] == NULL) {
+ /* evidently coverity doesn't know realloc does not
+ * free var if it fails ! */
+ /* coverity [use_after_free : FALSE] */
+ nscSlotList[index] = oldNscSlotList;
+ nscSlotListSize[index] = oldNscSlotListSize;
+ return CKR_HOST_MEMORY;
+ }
+ }
+
+ if (nscSlotHashTable[index] == NULL) {
+ nscSlotHashTable[index] = PL_NewHashTable(64, sftk_HashNumber,
+ PL_CompareValues, PL_CompareValues, NULL, 0);
+ if (nscSlotHashTable[index] == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ }
+
+ entry = PL_HashTableAdd(nscSlotHashTable[index], (void *)(uintptr_t)slot->slotID, slot);
+ if (entry == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ slot->index = (nscSlotCount[index] & 0x7f) | ((index << 7) & 0x80);
+ nscSlotList[index][nscSlotCount[index]++] = slot->slotID;
+
+ return CKR_OK;
+}
+
+/*
+ * ths function has all the common initialization that happens whenever we
+ * create a new slot or repurpose an old slot (only valid for slotID's 4
+ * and greater).
+ *
+ * things that are not reinitialized are:
+ * slotID (can't change)
+ * slotDescription (can't change once defined)
+ * the locks and hash tables (difficult to change in running code, and
+ * unnecessary. hash tables and list are cleared on shutdown, but they
+ * are cleared in a 'friendly' way).
+ * session and object ID counters -- so any old sessions and objects in the
+ * application will get properly notified that the world has changed.
+ *
+ * things that are reinitialized:
+ * database (otherwise what would the point be;).
+ * state variables related to databases.
+ * session count stat info.
+ * tokenDescription.
+ *
+ * NOTE: slotID's 4 and greater show up as removable devices.
+ *
+ */
+CK_RV
+SFTK_SlotReInit(SFTKSlot *slot, char *configdir, char *updatedir,
+ char *updateID, sftk_token_parameters *params,
+ unsigned int moduleIndex)
+{
+ PRBool needLogin = !params->noKeyDB;
+ CK_RV crv;
+
+ slot->hasTokens = PR_FALSE;
+ slot->sessionIDConflict = 0;
+ slot->sessionCount = 0;
+ slot->rwSessionCount = 0;
+ slot->needLogin = PR_FALSE;
+ slot->isLoggedIn = PR_FALSE;
+ slot->ssoLoggedIn = PR_FALSE;
+ slot->DB_loaded = PR_FALSE;
+ slot->certDB = NULL;
+ slot->keyDB = NULL;
+ slot->minimumPinLen = 0;
+ slot->readOnly = params->readOnly;
+ sftk_setStringName(params->tokdes ? params->tokdes : sftk_getDefTokName(slot->slotID), slot->tokDescription,
+ sizeof(slot->tokDescription), PR_TRUE);
+ sftk_setStringName(params->updtokdes ? params->updtokdes : " ",
+ slot->updateTokDescription,
+ sizeof(slot->updateTokDescription), PR_TRUE);
+
+ if ((!params->noCertDB) || (!params->noKeyDB)) {
+ SFTKDBHandle *certHandle = NULL;
+ SFTKDBHandle *keyHandle = NULL;
+ crv = sftk_DBInit(params->configdir ? params->configdir : configdir,
+ params->certPrefix, params->keyPrefix,
+ params->updatedir ? params->updatedir : updatedir,
+ params->updCertPrefix, params->updKeyPrefix,
+ params->updateID ? params->updateID : updateID,
+ params->readOnly, params->noCertDB, params->noKeyDB,
+ params->forceOpen,
+ moduleIndex == NSC_FIPS_MODULE,
+ &certHandle, &keyHandle);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ slot->certDB = certHandle;
+ slot->keyDB = keyHandle;
+ }
+ if (needLogin) {
+ /* if the data base is initialized with a null password,remember that */
+ slot->needLogin =
+ (PRBool)!sftk_hasNullPassword(slot, slot->keyDB);
+ if ((params->minPW >= 0) && (params->minPW <= SFTK_MAX_PIN)) {
+ slot->minimumPinLen = params->minPW;
+ }
+ if ((slot->minimumPinLen == 0) && (params->pwRequired)) {
+ slot->minimumPinLen = 1;
+ }
+ /* Make sure the pin len is set to the Minimum allowed value for fips
+ * when in FIPS mode. NOTE: we don't set it if the database has not
+ * been initialized yet so that we can init into level1 mode if needed
+ */
+ if ((sftkdb_HasPasswordSet(slot->keyDB) == SECSuccess) &&
+ (moduleIndex == NSC_FIPS_MODULE) &&
+ (slot->minimumPinLen < FIPS_MIN_PIN)) {
+ slot->minimumPinLen = FIPS_MIN_PIN;
+ }
+ }
+
+ slot->present = PR_TRUE;
+ return CKR_OK;
+
+loser:
+ SFTK_ShutdownSlot(slot);
+ return crv;
+}
+
+/*
+ * initialize one of the slot structures. figure out which by the ID
+ */
+CK_RV
+SFTK_SlotInit(char *configdir, char *updatedir, char *updateID,
+ sftk_token_parameters *params, unsigned int moduleIndex)
+{
+ unsigned int i;
+ CK_SLOT_ID slotID = params->slotID;
+ SFTKSlot *slot;
+ CK_RV crv = CKR_HOST_MEMORY;
+
+ /*
+ * first we initialize everything that is 'permanent' with this slot.
+ * that is everything we aren't going to shutdown if we close this slot
+ * and open it up again with different databases */
+
+ slot = PORT_ZNew(SFTKSlot);
+
+ if (slot == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+
+ slot->optimizeSpace = params->optimizeSpace;
+ if (slot->optimizeSpace) {
+ slot->sessObjHashSize = SPACE_SESSION_OBJECT_HASH_SIZE;
+ slot->sessHashSize = SPACE_SESSION_HASH_SIZE;
+ slot->numSessionLocks = 1;
+ } else {
+ slot->sessObjHashSize = TIME_SESSION_OBJECT_HASH_SIZE;
+ slot->sessHashSize = TIME_SESSION_HASH_SIZE;
+ slot->numSessionLocks = slot->sessHashSize / BUCKETS_PER_SESSION_LOCK;
+ }
+ slot->sessionLockMask = slot->numSessionLocks - 1;
+
+ slot->slotLock = PZ_NewLock(nssILockSession);
+ if (slot->slotLock == NULL)
+ goto mem_loser;
+ slot->sessionLock = PORT_ZNewArray(PZLock *, slot->numSessionLocks);
+ if (slot->sessionLock == NULL)
+ goto mem_loser;
+ for (i = 0; i < slot->numSessionLocks; i++) {
+ slot->sessionLock[i] = PZ_NewLock(nssILockSession);
+ if (slot->sessionLock[i] == NULL)
+ goto mem_loser;
+ }
+ slot->objectLock = PZ_NewLock(nssILockObject);
+ if (slot->objectLock == NULL)
+ goto mem_loser;
+ slot->pwCheckLock = PR_NewLock();
+ if (slot->pwCheckLock == NULL)
+ goto mem_loser;
+ slot->head = PORT_ZNewArray(SFTKSession *, slot->sessHashSize);
+ if (slot->head == NULL)
+ goto mem_loser;
+ slot->sessObjHashTable = PORT_ZNewArray(SFTKObject *, slot->sessObjHashSize);
+ if (slot->sessObjHashTable == NULL)
+ goto mem_loser;
+ slot->tokObjHashTable = PL_NewHashTable(64, sftk_HashNumber, PL_CompareValues,
+ SECITEM_HashCompare, NULL, 0);
+ if (slot->tokObjHashTable == NULL)
+ goto mem_loser;
+
+ slot->sessionIDCount = 0;
+ slot->sessionObjectHandleCount = NSC_MIN_SESSION_OBJECT_HANDLE;
+ slot->slotID = slotID;
+ sftk_setStringName(params->slotdes ? params->slotdes : sftk_getDefSlotName(slotID), slot->slotDescription,
+ sizeof(slot->slotDescription), PR_TRUE);
+ crv = sftk_InitSession(&slot->moduleObjects, slot, slotID, NULL, NULL,
+ CKF_SERIAL_SESSION);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ /* call the reinit code to set everything that changes between token
+ * init calls */
+ crv = SFTK_SlotReInit(slot, configdir, updatedir, updateID,
+ params, moduleIndex);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ if (sftk_isFIPS(slotID)) {
+ crv = sftk_CreateValidationObjects(slot);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ }
+ crv = sftk_RegisterSlot(slot, moduleIndex);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ return CKR_OK;
+
+mem_loser:
+ crv = CKR_HOST_MEMORY;
+loser:
+ SFTK_DestroySlotData(slot);
+ return crv;
+}
+
+CK_RV
+sftk_CloseAllSessions(SFTKSlot *slot, PRBool logout)
+{
+ SFTKSession *session;
+ unsigned int i;
+ SFTKDBHandle *handle;
+
+ /* first log out the card */
+ /* special case - if we are in a middle of upgrade, we want to close the
+ * sessions to fake a token removal to tell the upper level code we have
+ * switched from one database to another, but we don't want to
+ * explicity logout in case we can continue the upgrade with the
+ * existing password if possible.
+ */
+ if (logout) {
+ handle = sftk_getKeyDB(slot);
+ SKIP_AFTER_FORK(PZ_Lock(slot->slotLock));
+ slot->isLoggedIn = PR_FALSE;
+ if (slot->needLogin && handle) {
+ sftkdb_ClearPassword(handle);
+ }
+ SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock));
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+ }
+
+ /* now close all the current sessions */
+ /* NOTE: If you try to open new sessions before NSC_CloseAllSessions
+ * completes, some of those new sessions may or may not be closed by
+ * NSC_CloseAllSessions... but any session running when this code starts
+ * will guarrenteed be close, and no session will be partially closed */
+ for (i = 0; i < slot->sessHashSize; i++) {
+ PZLock *lock = SFTK_SESSION_LOCK(slot, i);
+ do {
+ SKIP_AFTER_FORK(PZ_Lock(lock));
+ session = slot->head[i];
+ /* hand deque */
+ /* this duplicates function of NSC_close session functions, but
+ * because we know that we are freeing all the sessions, we can
+ * do more efficient processing */
+ if (session) {
+ slot->head[i] = session->next;
+ if (session->next)
+ session->next->prev = NULL;
+ session->next = session->prev = NULL;
+ SKIP_AFTER_FORK(PZ_Unlock(lock));
+ SKIP_AFTER_FORK(PZ_Lock(slot->slotLock));
+ --slot->sessionCount;
+ SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock));
+ if (session->info.flags & CKF_RW_SESSION) {
+ (void)PR_ATOMIC_DECREMENT(&slot->rwSessionCount);
+ }
+ } else {
+ SKIP_AFTER_FORK(PZ_Unlock(lock));
+ }
+ if (session) {
+ sftk_DestroySession(session);
+ }
+ } while (session != NULL);
+ }
+ return CKR_OK;
+}
+
+/*
+ * shut down the databases.
+ * we get the slot lock (which also protects slot->certDB and slot->keyDB)
+ * and clear the values so the new users will not find the databases.
+ * once things are clear, we can release our references to the databases.
+ * The databases will close when the last reference is released.
+ *
+ * We use reference counts so that we don't crash if someone shuts down
+ * a token that another thread is actively using.
+ */
+static void
+sftk_DBShutdown(SFTKSlot *slot)
+{
+ SFTKDBHandle *certHandle;
+ SFTKDBHandle *keyHandle;
+ SKIP_AFTER_FORK(PZ_Lock(slot->slotLock));
+ certHandle = slot->certDB;
+ slot->certDB = NULL;
+ keyHandle = slot->keyDB;
+ slot->keyDB = NULL;
+ SKIP_AFTER_FORK(PZ_Unlock(slot->slotLock));
+ if (certHandle) {
+ sftk_freeDB(certHandle);
+ }
+ if (keyHandle) {
+ sftk_freeDB(keyHandle);
+ }
+}
+
+CK_RV
+SFTK_ShutdownSlot(SFTKSlot *slot)
+{
+ /* make sure no new PK11 calls work except C_GetSlotInfo */
+ slot->present = PR_FALSE;
+
+ /* close all outstanding sessions
+ * the sessHashSize variable guarentees we have all the session
+ * mechanism set up */
+ if (slot->head) {
+ sftk_CloseAllSessions(slot, PR_TRUE);
+ }
+
+ /* clear all objects.. session objects are cleared as a result of
+ * closing all the sessions. We just need to clear the token object
+ * cache. slot->tokObjHashTable guarentees we have the token
+ * infrastructure set up. */
+ if (slot->tokObjHashTable) {
+ SFTK_ClearTokenKeyHashTable(slot);
+ }
+
+ /* clear the slot description for the next guy */
+ PORT_Memset(slot->tokDescription, 0, sizeof(slot->tokDescription));
+
+ /* now shut down the databases. */
+ sftk_DBShutdown(slot);
+ return CKR_OK;
+}
+
+/*
+ * initialize one of the slot structures. figure out which by the ID
+ */
+CK_RV
+SFTK_DestroySlotData(SFTKSlot *slot)
+{
+ unsigned int i;
+
+ SFTK_ShutdownSlot(slot);
+
+ sftk_ClearSession(&slot->moduleObjects);
+
+ if (slot->tokObjHashTable) {
+ PL_HashTableDestroy(slot->tokObjHashTable);
+ slot->tokObjHashTable = NULL;
+ }
+
+ if (slot->sessObjHashTable) {
+ PORT_Free(slot->sessObjHashTable);
+ slot->sessObjHashTable = NULL;
+ }
+ slot->sessObjHashSize = 0;
+
+ if (slot->head) {
+ PORT_Free(slot->head);
+ slot->head = NULL;
+ }
+ slot->sessHashSize = 0;
+
+ /* OK everything has been disassembled, now we can finally get rid
+ * of the locks */
+ SKIP_AFTER_FORK(PZ_DestroyLock(slot->slotLock));
+ slot->slotLock = NULL;
+ if (slot->sessionLock) {
+ for (i = 0; i < slot->numSessionLocks; i++) {
+ if (slot->sessionLock[i]) {
+ SKIP_AFTER_FORK(PZ_DestroyLock(slot->sessionLock[i]));
+ slot->sessionLock[i] = NULL;
+ }
+ }
+ PORT_Free(slot->sessionLock);
+ slot->sessionLock = NULL;
+ }
+ if (slot->objectLock) {
+ SKIP_AFTER_FORK(PZ_DestroyLock(slot->objectLock));
+ slot->objectLock = NULL;
+ }
+ if (slot->pwCheckLock) {
+ SKIP_AFTER_FORK(PR_DestroyLock(slot->pwCheckLock));
+ slot->pwCheckLock = NULL;
+ }
+ PORT_Free(slot);
+ return CKR_OK;
+}
+
+/*
+ * handle the SECMOD.db
+ */
+char **
+NSC_ModuleDBFunc(unsigned long function, char *parameters, void *args)
+{
+#ifndef NSS_DISABLE_DBM
+ char *secmod = NULL;
+ char *appName = NULL;
+ char *filename = NULL;
+ NSSDBType dbType = NSS_DB_TYPE_NONE;
+ PRBool rw;
+ static char *success = "Success";
+#endif /* NSS_DISABLE_DBM */
+ char **rvstr = NULL;
+
+ rvstr = NSSUTIL_DoModuleDBFunction(function, parameters, args);
+ if (rvstr != NULL) {
+ return rvstr;
+ }
+
+ if (PORT_GetError() != SEC_ERROR_LEGACY_DATABASE) {
+ return NULL;
+ }
+
+#ifndef NSS_DISABLE_DBM
+ /* The legacy database uses the old dbm, which is only linked with the
+ * legacy DB handler, which is only callable from softoken */
+
+ secmod = _NSSUTIL_GetSecmodName(parameters, &dbType, &appName,
+ &filename, &rw);
+
+ switch (function) {
+ case SECMOD_MODULE_DB_FUNCTION_FIND:
+ if (secmod == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ if (rw && (dbType != NSS_DB_TYPE_LEGACY) &&
+ (dbType != NSS_DB_TYPE_MULTIACCESS)) {
+ /* if we get here, we are trying to update the local database */
+ /* force data from the legacy DB */
+ char *oldSecmod = NULL;
+ char *oldAppName = NULL;
+ char *oldFilename = NULL;
+ PRBool oldrw;
+ char **strings = NULL;
+ int i;
+
+ dbType = NSS_DB_TYPE_LEGACY;
+ oldSecmod = _NSSUTIL_GetSecmodName(parameters, &dbType, &oldAppName,
+ &oldFilename, &oldrw);
+ strings = sftkdbCall_ReadSecmodDB(appName, oldFilename, oldSecmod,
+ (char *)parameters, oldrw);
+ if (strings) {
+ /* write out the strings */
+ for (i = 0; strings[i]; i++) {
+ NSSUTIL_DoModuleDBFunction(SECMOD_MODULE_DB_FUNCTION_ADD,
+ parameters, strings[i]);
+ }
+ sftkdbCall_ReleaseSecmodDBData(oldAppName, oldFilename, oldSecmod,
+ (char **)strings, oldrw);
+ } else {
+ /* write out a dummy record */
+ NSSUTIL_DoModuleDBFunction(SECMOD_MODULE_DB_FUNCTION_ADD,
+ parameters, " ");
+ }
+ if (oldSecmod) {
+ PR_smprintf_free(oldSecmod);
+ }
+ if (oldAppName) {
+ PORT_Free(oldAppName);
+ }
+ if (oldFilename) {
+ PORT_Free(oldFilename);
+ }
+ rvstr = NSSUTIL_DoModuleDBFunction(function, parameters, args);
+ break;
+ }
+ rvstr = sftkdbCall_ReadSecmodDB(appName, filename, secmod,
+ (char *)parameters, rw);
+ break;
+ case SECMOD_MODULE_DB_FUNCTION_ADD:
+ if (secmod == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ rvstr = (sftkdbCall_AddSecmodDB(appName, filename, secmod,
+ (char *)args, rw) == SECSuccess)
+ ? &success
+ : NULL;
+ break;
+ case SECMOD_MODULE_DB_FUNCTION_DEL:
+ if (secmod == NULL) {
+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
+ goto loser;
+ }
+ rvstr = (sftkdbCall_DeleteSecmodDB(appName, filename, secmod,
+ (char *)args, rw) == SECSuccess)
+ ? &success
+ : NULL;
+ break;
+ case SECMOD_MODULE_DB_FUNCTION_RELEASE:
+ rvstr = (sftkdbCall_ReleaseSecmodDBData(appName, filename, secmod,
+ (char **)args, rw) == SECSuccess)
+ ? &success
+ : NULL;
+ break;
+ }
+
+loser:
+ if (secmod)
+ PR_smprintf_free(secmod);
+ if (appName)
+ PORT_Free(appName);
+ if (filename)
+ PORT_Free(filename);
+#endif /* NSS_DISABLE_DBM */
+ return rvstr;
+}
+
+static void
+nscFreeAllSlots(unsigned int moduleIndex)
+{
+ /* free all the slots */
+ SFTKSlot *slot = NULL;
+ CK_SLOT_ID slotID;
+ int i;
+
+ if (nscSlotList[moduleIndex]) {
+ CK_ULONG tmpSlotCount = nscSlotCount[moduleIndex];
+ CK_SLOT_ID_PTR tmpSlotList = nscSlotList[moduleIndex];
+ PLHashTable *tmpSlotHashTable = nscSlotHashTable[moduleIndex];
+
+ /* first close all the session */
+ for (i = 0; i < (int)tmpSlotCount; i++) {
+ slotID = tmpSlotList[i];
+ (void)NSC_CloseAllSessions(slotID);
+ }
+
+ /* now clear out the statics */
+ nscSlotList[moduleIndex] = NULL;
+ nscSlotCount[moduleIndex] = 0;
+ nscSlotHashTable[moduleIndex] = NULL;
+ nscSlotListSize[moduleIndex] = 0;
+
+ for (i = 0; i < (int)tmpSlotCount; i++) {
+ slotID = tmpSlotList[i];
+ slot = (SFTKSlot *)
+ PL_HashTableLookup(tmpSlotHashTable, (void *)(uintptr_t)slotID);
+ PORT_Assert(slot);
+ if (!slot)
+ continue;
+ SFTK_DestroySlotData(slot);
+ PL_HashTableRemove(tmpSlotHashTable, (void *)(uintptr_t)slotID);
+ }
+ PORT_Free(tmpSlotList);
+ PL_HashTableDestroy(tmpSlotHashTable);
+ }
+}
+
+static void
+sftk_closePeer(PRBool isFIPS)
+{
+ CK_SLOT_ID slotID = isFIPS ? PRIVATE_KEY_SLOT_ID : FIPS_SLOT_ID;
+ SFTKSlot *slot;
+ unsigned int moduleIndex = isFIPS ? NSC_NON_FIPS_MODULE : NSC_FIPS_MODULE;
+ PLHashTable *tmpSlotHashTable = nscSlotHashTable[moduleIndex];
+
+ slot = (SFTKSlot *)PL_HashTableLookup(tmpSlotHashTable, (void *)(uintptr_t)slotID);
+ if (slot == NULL) {
+ return;
+ }
+ sftk_DBShutdown(slot);
+ return;
+}
+
+extern void sftk_PBELockInit(void);
+extern void sftk_PBELockShutdown(void);
+
+/* Parse the library parameters from the first occurance in the following src.:
+ * 1. C_INITIALIZED_ARGS - lib params are included in LibraryParameters field
+ * 2. NSS_LIB_PARAMS - env. var. containing the lib. params.
+ * 3. NSS_LIB_PARAMS_FILE - env. var. pointion to a file with lib. params.
+ * 4. /etc/nss/params.config - default lib. param. file location [Linux only]
+ * 5. LIB_PARAM_DEFAULT - string ensureing the pressence at all times
+ * "configdir='' certPrefix='' keyPrefix='' secmod='' flags=noCertDB,noModDB"
+ */
+static CK_RV
+sftk_getParameters(CK_C_INITIALIZE_ARGS *init_args, PRBool isFIPS,
+ sftk_parameters *paramStrings)
+{
+ CK_RV crv;
+ char *libParams;
+ const char *filename;
+ PRFileDesc *file_dc;
+ PRBool free_mem = PR_FALSE;
+
+ if (!init_args || !init_args->LibraryParameters) {
+ /* Library parameters were not provided via C_Initialize_args*/
+
+ /* Enviromental value has precedence to configuration filename */
+ libParams = PR_GetEnvSecure("NSS_LIB_PARAMS");
+
+ if (!libParams) {
+ /* Load from config filename or use default */
+ filename = PR_GetEnvSecure("NSS_LIB_PARAMS_FILE");
+#ifdef XP_UNIX
+ /* Use default configuration file for Linux only */
+ if (!filename)
+ filename = LIB_PARAM_DEFAULT_FILE_LOCATION;
+#endif
+ if (filename) {
+ file_dc = PR_OpenFile(filename, PR_RDONLY, 444);
+ if (file_dc) {
+ /* file opened */
+ PRInt32 len = PR_Available(file_dc);
+ libParams = PORT_NewArray(char, len + 1);
+ if (libParams) {
+ /* memory allocated */
+ if (PR_Read(file_dc, libParams, len) == -1) {
+ PR_Free(libParams);
+ } else {
+ free_mem = PR_TRUE;
+ libParams[len] = '\0';
+ }
+ }
+
+ PR_Close(file_dc);
+ }
+ }
+ }
+
+ if (!libParams)
+ libParams = LIB_PARAM_DEFAULT;
+
+ } else {
+ /* Use parameters provided with C_Initialize_args */
+ libParams = (char *)init_args->LibraryParameters;
+ }
+
+ crv = sftk_parseParameters(libParams, paramStrings, isFIPS);
+ if (crv != CKR_OK) {
+ crv = CKR_ARGUMENTS_BAD;
+ goto loser;
+ }
+
+ crv = CKR_OK;
+loser:
+ if (free_mem)
+ PR_Free(libParams);
+
+ return crv;
+}
+
+/* NSC_Initialize initializes the Cryptoki library. */
+CK_RV
+nsc_CommonInitialize(CK_VOID_PTR pReserved, PRBool isFIPS)
+{
+ CK_RV crv = CKR_OK;
+ SECStatus rv;
+ CK_C_INITIALIZE_ARGS *init_args = (CK_C_INITIALIZE_ARGS *)pReserved;
+ PRBool destroy_freelist_on_error = PR_TRUE;
+ int i;
+ unsigned int moduleIndex = isFIPS ? NSC_FIPS_MODULE : NSC_NON_FIPS_MODULE;
+
+ if (isFIPS) {
+ loginWaitTime = PR_SecondsToInterval(1);
+ }
+
+ ENABLE_FORK_CHECK();
+
+ sftk_PBELockInit();
+
+ rv = SECOID_Init();
+ if (rv != SECSuccess) {
+ crv = CKR_DEVICE_ERROR;
+ return crv;
+ }
+
+ rv = RNG_RNGInit(); /* initialize random number generator */
+ if (rv != SECSuccess) {
+ crv = CKR_DEVICE_ERROR;
+ return crv;
+ }
+ rv = BL_Init(); /* initialize freebl engine */
+ if (rv != SECSuccess) {
+ crv = CKR_DEVICE_ERROR;
+ return crv;
+ }
+
+ /* NOTE:
+ * we should be getting out mutexes from this list, not statically binding
+ * them from NSPR. This should happen before we allow the internal to split
+ * off from the rest on NSS.
+ */
+
+ /* initialize the key and cert db's */
+ if (init_args && (!(init_args->flags & CKF_OS_LOCKING_OK))) {
+ if (init_args->CreateMutex && init_args->DestroyMutex &&
+ init_args->LockMutex && init_args->UnlockMutex) {
+ /* softoken always uses NSPR (ie. OS locking), and doesn't know how
+ * to use the lock functions provided by the application.
+ */
+ crv = CKR_CANT_LOCK;
+ return crv;
+ }
+ if (init_args->CreateMutex || init_args->DestroyMutex ||
+ init_args->LockMutex || init_args->UnlockMutex) {
+ /* only some of the lock functions were provided by the
+ * application. This is invalid per PKCS#11 spec.
+ */
+ crv = CKR_ARGUMENTS_BAD;
+ return crv;
+ }
+ }
+
+ sftk_parameters paramStrings;
+
+ /* load and parse the library parameters */
+ crv = sftk_getParameters(init_args, isFIPS, &paramStrings);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ crv = sftk_configure(paramStrings.man, paramStrings.libdes);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ /* if we have a peer already open, have him close his DB's so we
+ * don't clobber each other. */
+ if ((isFIPS && nsc_init) || (!isFIPS && nsf_init)) {
+ sftk_closePeer(isFIPS);
+ if (sftk_audit_enabled) {
+ if (isFIPS && nsc_init) {
+ sftk_LogAuditMessage(NSS_AUDIT_INFO, NSS_AUDIT_FIPS_STATE,
+ "enabled FIPS mode");
+ } else {
+ sftk_LogAuditMessage(NSS_AUDIT_INFO, NSS_AUDIT_FIPS_STATE,
+ "disabled FIPS mode");
+ }
+ }
+ /* if we have a peer open, we don't want to destroy the freelist
+ * from under the peer if we fail, the free list will be
+ * destroyed in that case when the C_Finalize is called for
+ * the peer */
+ destroy_freelist_on_error = PR_FALSE;
+ }
+ /* allow us to create objects in SFTK_SlotInit */
+ sftk_InitFreeLists();
+
+ for (i = 0; i < paramStrings.token_count; i++) {
+ crv = SFTK_SlotInit(paramStrings.configdir,
+ paramStrings.updatedir, paramStrings.updateID,
+ &paramStrings.tokens[i], moduleIndex);
+ if (crv != CKR_OK) {
+ nscFreeAllSlots(moduleIndex);
+ break;
+ }
+ }
+
+loser:
+
+ sftk_freeParams(&paramStrings);
+
+ if (destroy_freelist_on_error && (CKR_OK != crv)) {
+ /* idempotent. If the list are already freed, this is a noop */
+ sftk_CleanupFreeLists();
+ }
+
+#ifndef NO_FORK_CHECK
+ if (CKR_OK == crv) {
+#if defined(CHECK_FORK_MIXED)
+ /* Before Solaris 10, fork handlers are not unregistered at dlclose()
+ * time. So, we only use pthread_atfork on Solaris 10 and later. For
+ * earlier versions, we use PID checks.
+ */
+ char buf[200];
+ int major = 0, minor = 0;
+
+ long rv = sysinfo(SI_RELEASE, buf, sizeof(buf));
+ if (rv > 0 && rv < sizeof(buf)) {
+ if (2 == sscanf(buf, "%d.%d", &major, &minor)) {
+ /* Are we on Solaris 10 or greater ? */
+ if (major > 5 || (5 == major && minor >= 10)) {
+ /* we are safe to use pthread_atfork */
+ usePthread_atfork = PR_TRUE;
+ }
+ }
+ }
+ if (usePthread_atfork) {
+ pthread_atfork(NULL, NULL, ForkedChild);
+ } else {
+ myPid = getpid();
+ }
+
+#elif defined(CHECK_FORK_PTHREAD)
+ pthread_atfork(NULL, NULL, ForkedChild);
+#elif defined(CHECK_FORK_GETPID)
+ myPid = getpid();
+#else
+#error Incorrect fork check method.
+#endif
+ }
+#endif
+ return crv;
+}
+
+CK_RV
+NSC_Initialize(CK_VOID_PTR pReserved)
+{
+ CK_RV crv;
+
+ sftk_ForkReset(pReserved, &crv);
+
+ if (nsc_init) {
+ return CKR_CRYPTOKI_ALREADY_INITIALIZED;
+ }
+ crv = nsc_CommonInitialize(pReserved, PR_FALSE);
+ nsc_init = (PRBool)(crv == CKR_OK);
+ return crv;
+}
+
+/* NSC_Finalize indicates that an application is done with the
+ * Cryptoki library.*/
+CK_RV
+nsc_CommonFinalize(CK_VOID_PTR pReserved, PRBool isFIPS)
+{
+ /* propagate the fork status to freebl and util */
+ BL_SetForkState(parentForkedAfterC_Initialize);
+ UTIL_SetForkState(parentForkedAfterC_Initialize);
+
+ nscFreeAllSlots(isFIPS ? NSC_FIPS_MODULE : NSC_NON_FIPS_MODULE);
+
+ /* don't muck with the globals if our peer is still initialized */
+ if (isFIPS && nsc_init) {
+ return CKR_OK;
+ }
+ if (!isFIPS && nsf_init) {
+ return CKR_OK;
+ }
+
+ sftk_CleanupFreeLists();
+ sftkdb_Shutdown();
+
+ /* This function does not discard all our previously aquired entropy. */
+ RNG_RNGShutdown();
+
+ /* tell freeBL to clean up after itself */
+ BL_Cleanup();
+
+ /* reset fork status in freebl. We must do this before BL_Unload so that
+ * this call doesn't force freebl to be reloaded. */
+ BL_SetForkState(PR_FALSE);
+
+#ifndef NSS_STATIC_SOFTOKEN
+ /* unload freeBL shared library from memory. This may only decrement the
+ * OS refcount if it's been loaded multiple times, eg. by libssl */
+ BL_Unload();
+#endif
+
+ /* clean up the default OID table */
+ SECOID_Shutdown();
+
+ sftk_PBELockShutdown();
+
+ /* reset fork status in util */
+ UTIL_SetForkState(PR_FALSE);
+
+ nsc_init = PR_FALSE;
+
+#ifndef NO_FORK_CHECK
+#ifdef CHECK_FORK_MIXED
+ if (!usePthread_atfork) {
+ myPid = 0; /* allow CHECK_FORK in the next softoken initialization to
+ * succeed */
+ } else {
+ forked = PR_FALSE; /* allow reinitialization */
+ }
+#elif defined(CHECK_FORK_GETPID)
+ myPid = 0; /* allow reinitialization */
+#elif defined(CHECK_FORK_PTHREAD)
+ forked = PR_FALSE; /* allow reinitialization */
+#endif
+#endif
+ return CKR_OK;
+}
+
+/* Hard-reset the entire softoken PKCS#11 module if the parent process forked
+ * while it was initialized. */
+PRBool
+sftk_ForkReset(CK_VOID_PTR pReserved, CK_RV *crv)
+{
+#ifndef NO_FORK_CHECK
+ if (PARENT_FORKED()) {
+ parentForkedAfterC_Initialize = PR_TRUE;
+ if (nsc_init) {
+ /* finalize non-FIPS token */
+ *crv = nsc_CommonFinalize(pReserved, PR_FALSE);
+ PORT_Assert(CKR_OK == *crv);
+ nsc_init = (PRBool) !(*crv == CKR_OK);
+ }
+ if (nsf_init) {
+ /* finalize FIPS token */
+ *crv = nsc_CommonFinalize(pReserved, PR_TRUE);
+ PORT_Assert(CKR_OK == *crv);
+ nsf_init = (PRBool) !(*crv == CKR_OK);
+ }
+ parentForkedAfterC_Initialize = PR_FALSE;
+ return PR_TRUE;
+ }
+#endif
+ return PR_FALSE;
+}
+
+/* NSC_Finalize indicates that an application is done with the
+ * Cryptoki library.*/
+CK_RV
+NSC_Finalize(CK_VOID_PTR pReserved)
+{
+ CK_RV crv;
+
+ /* reset entire PKCS#11 module upon fork */
+ if (sftk_ForkReset(pReserved, &crv)) {
+ return crv;
+ }
+
+ if (!nsc_init) {
+ return CKR_OK;
+ }
+
+ crv = nsc_CommonFinalize(pReserved, PR_FALSE);
+
+ nsc_init = (PRBool) !(crv == CKR_OK);
+
+ return crv;
+}
+
+extern const char __nss_softokn_version[];
+
+/* NSC_GetInfo returns general information about Cryptoki. */
+CK_RV
+NSC_GetInfo(CK_INFO_PTR pInfo)
+{
+#define NSS_VERSION_VARIABLE __nss_softokn_version
+#include "verref.h"
+
+ CHECK_FORK();
+
+ pInfo->cryptokiVersion.major = CRYPTOKI_VERSION_MAJOR;
+ pInfo->cryptokiVersion.minor = CRYPTOKI_VERSION_MINOR;
+ PORT_Memcpy(pInfo->manufacturerID, manufacturerID, 32);
+ pInfo->libraryVersion.major = SOFTOKEN_VMAJOR;
+ pInfo->libraryVersion.minor = SOFTOKEN_VMINOR;
+ PORT_Memcpy(pInfo->libraryDescription, libraryDescription, 32);
+ pInfo->flags = 0;
+ return CKR_OK;
+}
+
+/* NSC_GetInfo returns general information about Cryptoki. */
+CK_RV
+NSC_GetInfoV2(CK_INFO_PTR pInfo)
+{
+ CHECK_FORK();
+
+ pInfo->cryptokiVersion.major = 2;
+ pInfo->cryptokiVersion.minor = 40;
+ PORT_Memcpy(pInfo->manufacturerID, manufacturerID, 32);
+ pInfo->libraryVersion.major = SOFTOKEN_VMAJOR;
+ pInfo->libraryVersion.minor = SOFTOKEN_VMINOR;
+ PORT_Memcpy(pInfo->libraryDescription, libraryDescription, 32);
+ pInfo->flags = 0;
+ return CKR_OK;
+}
+
+/* NSC_GetSlotList obtains a list of slots in the system. */
+CK_RV
+nsc_CommonGetSlotList(CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount,
+ unsigned int moduleIndex)
+{
+ *pulCount = nscSlotCount[moduleIndex];
+ if (pSlotList != NULL) {
+ PORT_Memcpy(pSlotList, nscSlotList[moduleIndex],
+ nscSlotCount[moduleIndex] * sizeof(CK_SLOT_ID));
+ }
+ return CKR_OK;
+}
+
+/* NSC_GetSlotList obtains a list of slots in the system. */
+CK_RV
+NSC_GetSlotList(CK_BBOOL tokenPresent,
+ CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
+{
+ CHECK_FORK();
+ return nsc_CommonGetSlotList(tokenPresent, pSlotList, pulCount,
+ NSC_NON_FIPS_MODULE);
+}
+
+/* NSC_GetSlotInfo obtains information about a particular slot in the system. */
+CK_RV
+NSC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
+{
+ SFTKSlot *slot = sftk_SlotFromID(slotID, PR_TRUE);
+
+ CHECK_FORK();
+
+ if (slot == NULL)
+ return CKR_SLOT_ID_INVALID;
+
+ PORT_Memcpy(pInfo->manufacturerID, manufacturerID,
+ sizeof(pInfo->manufacturerID));
+ PORT_Memcpy(pInfo->slotDescription, slot->slotDescription,
+ sizeof(pInfo->slotDescription));
+ pInfo->flags = (slot->present) ? CKF_TOKEN_PRESENT : 0;
+
+ /* all user defined slots are defined as removable */
+ if (slotID >= SFTK_MIN_USER_SLOT_ID) {
+ pInfo->flags |= CKF_REMOVABLE_DEVICE;
+ } else {
+ /* In the case where we are doing a merge update, we need
+ * the DB slot to be removable so the token name can change
+ * appropriately. */
+ SFTKDBHandle *handle = sftk_getKeyDB(slot);
+ if (handle) {
+ if (sftkdb_InUpdateMerge(handle)) {
+ pInfo->flags |= CKF_REMOVABLE_DEVICE;
+ }
+ sftk_freeDB(handle);
+ }
+ }
+
+ /* If there is no key database, this is for example the case when NSS was
+ * initialized with NSS_NoDbInit(), then there won't be any point in
+ * requesting a PIN. Set the CKF_USER_PIN_INITIALIZED bit so that
+ * PK11_NeedUserInit() doesn't indicate that a PIN is needed.
+ */
+ if (slot->keyDB == NULL) {
+ pInfo->flags |= CKF_USER_PIN_INITIALIZED;
+ }
+
+ /* ok we really should read it out of the keydb file. */
+ /* pInfo->hardwareVersion.major = NSSLOWKEY_DB_FILE_VERSION; */
+ pInfo->hardwareVersion.major = SOFTOKEN_VMAJOR;
+ pInfo->hardwareVersion.minor = SOFTOKEN_VMINOR;
+ pInfo->firmwareVersion.major = SOFTOKEN_VPATCH;
+ pInfo->firmwareVersion.minor = SOFTOKEN_VBUILD;
+ return CKR_OK;
+}
+
+/*
+ * check the current state of the 'needLogin' flag in case the database has
+ * been changed underneath us.
+ */
+static PRBool
+sftk_checkNeedLogin(SFTKSlot *slot, SFTKDBHandle *keyHandle)
+{
+ PRBool needLogin;
+ if (sftkdb_PWCached(keyHandle) == SECSuccess) {
+ PZ_Lock(slot->slotLock);
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+ } else {
+ needLogin = (PRBool)!sftk_hasNullPassword(slot, keyHandle);
+ PZ_Lock(slot->slotLock);
+ slot->needLogin = needLogin;
+ PZ_Unlock(slot->slotLock);
+ }
+ return needLogin;
+}
+
+static PRBool
+sftk_isBlank(const char *s, int len)
+{
+ int i;
+ for (i = 0; i < len; i++) {
+ if (s[i] != ' ') {
+ return PR_FALSE;
+ }
+ }
+ return PR_TRUE;
+}
+
+/* NSC_GetTokenInfo obtains information about a particular token in
+ * the system. */
+CK_RV
+NSC_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
+{
+ SFTKSlot *slot;
+ SFTKDBHandle *handle;
+
+ CHECK_FORK();
+
+ if (!nsc_init && !nsf_init)
+ return CKR_CRYPTOKI_NOT_INITIALIZED;
+ slot = sftk_SlotFromID(slotID, PR_FALSE);
+ if (slot == NULL)
+ return CKR_SLOT_ID_INVALID;
+
+ PORT_Memcpy(pInfo->manufacturerID, manufacturerID, 32);
+ PORT_Memcpy(pInfo->model, "NSS 3 ", 16);
+ PORT_Memcpy(pInfo->serialNumber, "0000000000000000", 16);
+ PORT_Memcpy(pInfo->utcTime, "0000000000000000", 16);
+ pInfo->ulMaxSessionCount = 0; /* arbitrarily large */
+ pInfo->ulMaxRwSessionCount = 0; /* arbitarily large */
+ PZ_Lock(slot->slotLock); /* Protect sessionCount / rwSessioncount */
+ pInfo->ulSessionCount = slot->sessionCount;
+ pInfo->ulRwSessionCount = slot->rwSessionCount;
+ PZ_Unlock(slot->slotLock); /* Unlock before sftk_getKeyDB */
+ pInfo->firmwareVersion.major = 0;
+ pInfo->firmwareVersion.minor = 0;
+ PORT_Memcpy(pInfo->label, slot->tokDescription, sizeof(pInfo->label));
+ handle = sftk_getKeyDB(slot);
+ pInfo->flags = CKF_RNG | CKF_DUAL_CRYPTO_OPERATIONS;
+ if (handle == NULL) {
+ pInfo->flags |= CKF_WRITE_PROTECTED;
+ pInfo->ulMaxPinLen = 0;
+ pInfo->ulMinPinLen = 0;
+ pInfo->ulTotalPublicMemory = 0;
+ pInfo->ulFreePublicMemory = 0;
+ pInfo->ulTotalPrivateMemory = 0;
+ pInfo->ulFreePrivateMemory = 0;
+ pInfo->hardwareVersion.major = 4;
+ pInfo->hardwareVersion.minor = 0;
+ } else {
+ /*
+ * we have three possible states which we may be in:
+ * (1) No DB password has been initialized. This also means we
+ * have no keys in the key db.
+ * (2) Password initialized to NULL. This means we have keys, but
+ * the user has chosen not use a password.
+ * (3) Finally we have an initialized password whicn is not NULL, and
+ * we will need to prompt for it.
+ */
+ if (sftkdb_HasPasswordSet(handle) == SECFailure) {
+ pInfo->flags |= CKF_LOGIN_REQUIRED;
+ } else if (!sftk_checkNeedLogin(slot, handle)) {
+ pInfo->flags |= CKF_USER_PIN_INITIALIZED;
+ } else {
+ pInfo->flags |= CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED;
+ /*
+ * if we are doing a merge style update, and we need to get the password
+ * of our source database (the database we are updating from), make sure we
+ * return a token name that will match the database we are prompting for.
+ */
+ if (sftkdb_NeedUpdateDBPassword(handle)) {
+ /* if we have an update tok description, use it. otherwise
+ * use the updateID for this database */
+ if (!sftk_isBlank(slot->updateTokDescription,
+ sizeof(pInfo->label))) {
+ PORT_Memcpy(pInfo->label, slot->updateTokDescription,
+ sizeof(pInfo->label));
+ } else {
+ /* build from updateID */
+ const char *updateID = sftkdb_GetUpdateID(handle);
+ if (updateID) {
+ sftk_setStringName(updateID, (char *)pInfo->label,
+ sizeof(pInfo->label), PR_FALSE);
+ }
+ }
+ }
+ }
+ pInfo->ulMaxPinLen = SFTK_MAX_PIN;
+ pInfo->ulMinPinLen = (CK_ULONG)slot->minimumPinLen;
+ pInfo->ulTotalPublicMemory = 1;
+ pInfo->ulFreePublicMemory = 1;
+ pInfo->ulTotalPrivateMemory = 1;
+ pInfo->ulFreePrivateMemory = 1;
+#ifdef SHDB_FIXME
+ pInfo->hardwareVersion.major = CERT_DB_FILE_VERSION;
+ pInfo->hardwareVersion.minor = handle->version;
+#else
+ pInfo->hardwareVersion.major = 0;
+ pInfo->hardwareVersion.minor = 0;
+#endif
+ sftk_freeDB(handle);
+ }
+ /*
+ * CKF_LOGIN_REQUIRED CKF_USER_PIN_INITIALIZED how CKF_TOKEN_INITIALIZED
+ * should be set
+ * 0 0 1
+ * 1 0 0
+ * 0 1 1
+ * 1 1 1
+ */
+ if (!(pInfo->flags & CKF_LOGIN_REQUIRED) ||
+ (pInfo->flags & CKF_USER_PIN_INITIALIZED)) {
+ pInfo->flags |= CKF_TOKEN_INITIALIZED;
+ }
+ return CKR_OK;
+}
+
+/* NSC_GetMechanismList obtains a list of mechanism types
+ * supported by a token. */
+CK_RV
+NSC_GetMechanismList(CK_SLOT_ID slotID,
+ CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount)
+{
+ CK_ULONG i;
+
+ CHECK_FORK();
+
+ switch (slotID) {
+ /* default: */
+ case NETSCAPE_SLOT_ID:
+ *pulCount = mechanismCount;
+ if (pMechanismList != NULL) {
+ for (i = 0; i < mechanismCount; i++) {
+ pMechanismList[i] = mechanisms[i].type;
+ }
+ }
+ break;
+ default:
+ *pulCount = 0;
+ for (i = 0; i < mechanismCount; i++) {
+ if (mechanisms[i].privkey) {
+ (*pulCount)++;
+ if (pMechanismList != NULL) {
+ *pMechanismList++ = mechanisms[i].type;
+ }
+ }
+ }
+ break;
+ }
+ return CKR_OK;
+}
+
+/* NSC_GetMechanismInfo obtains information about a particular mechanism
+ * possibly supported by a token. */
+CK_RV
+NSC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo)
+{
+ PRBool isPrivateKey;
+ CK_ULONG i;
+
+ CHECK_FORK();
+
+ switch (slotID) {
+ case NETSCAPE_SLOT_ID:
+ isPrivateKey = PR_FALSE;
+ break;
+ default:
+ isPrivateKey = PR_TRUE;
+ break;
+ }
+ for (i = 0; i < mechanismCount; i++) {
+ if (type == mechanisms[i].type) {
+ if (isPrivateKey && !mechanisms[i].privkey) {
+ return CKR_MECHANISM_INVALID;
+ }
+ PORT_Memcpy(pInfo, &mechanisms[i].info, sizeof(CK_MECHANISM_INFO));
+ return CKR_OK;
+ }
+ }
+ return CKR_MECHANISM_INVALID;
+}
+
+/*
+ * If we are using the V2 interface, strip out the message flags
+ */
+#define SFTK_MESSAGE_FLAGS (CKF_MESSAGE_ENCRYPT | CKF_MESSAGE_DECRYPT | CKF_MESSAGE_SIGN | CKF_MESSAGE_VERIFY)
+CK_RV
+NSC_GetMechanismInfoV2(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo)
+{
+ CK_RV crv;
+ crv = NSC_GetMechanismInfo(slotID, type, pInfo);
+ if (crv == CKR_OK) {
+ pInfo->flags = pInfo->flags & ~SFTK_MESSAGE_FLAGS;
+ }
+ return crv;
+}
+
+CK_RV
+sftk_MechAllowsOperation(CK_MECHANISM_TYPE type, CK_ATTRIBUTE_TYPE op)
+{
+ CK_ULONG i;
+ CK_FLAGS flags = sftk_AttributeToFlags(op);
+
+ if (flags == 0) {
+ return CKR_ARGUMENTS_BAD;
+ }
+ for (i = 0; i < mechanismCount; i++) {
+ if (type == mechanisms[i].type) {
+ return (flags & mechanisms[i].info.flags) ? CKR_OK
+ : CKR_MECHANISM_INVALID;
+ }
+ }
+ return CKR_MECHANISM_INVALID;
+}
+
+/* NSC_InitToken initializes a token. */
+CK_RV
+NSC_InitToken(CK_SLOT_ID slotID, CK_CHAR_PTR pPin,
+ CK_ULONG ulPinLen, CK_CHAR_PTR pLabel)
+{
+ SFTKSlot *slot = sftk_SlotFromID(slotID, PR_FALSE);
+ SFTKDBHandle *handle;
+ SECStatus rv;
+ unsigned int i;
+ SFTKObject *object;
+
+ CHECK_FORK();
+
+ if (slot == NULL)
+ return CKR_SLOT_ID_INVALID;
+
+ /* don't initialize the database if we aren't talking to a token
+ * that uses the key database.
+ */
+ if (slotID == NETSCAPE_SLOT_ID) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ /* first, delete all our loaded key and cert objects from our
+ * internal list. */
+ PZ_Lock(slot->objectLock);
+ for (i = 0; i < slot->sessObjHashSize; i++) {
+ do {
+ object = slot->sessObjHashTable[i];
+ /* hand deque */
+ /* this duplicates function of NSC_close session functions, but
+ * because we know that we are freeing all the sessions, we can
+ * do more efficient processing */
+ if (object) {
+ slot->sessObjHashTable[i] = object->next;
+
+ if (object->next)
+ object->next->prev = NULL;
+ object->next = object->prev = NULL;
+ }
+ if (object)
+ sftk_FreeObject(object);
+ } while (object != NULL);
+ }
+ slot->DB_loaded = PR_FALSE;
+ PZ_Unlock(slot->objectLock);
+
+ /* then clear out the key database */
+ handle = sftk_getKeyDB(slot);
+ if (handle == NULL) {
+ return CKR_TOKEN_WRITE_PROTECTED;
+ }
+
+ rv = sftkdb_ResetKeyDB(handle);
+ /* clear the password */
+ sftkdb_ClearPassword(handle);
+ /* update slot->needLogin (should be true now since no password is set) */
+ sftk_checkNeedLogin(slot, handle);
+ sftk_freeDB(handle);
+ if (rv != SECSuccess) {
+ return CKR_DEVICE_ERROR;
+ }
+
+ return CKR_OK;
+}
+
+/* NSC_InitPIN initializes the normal user's PIN. */
+CK_RV
+NSC_InitPIN(CK_SESSION_HANDLE hSession,
+ CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
+{
+ SFTKSession *sp = NULL;
+ SFTKSlot *slot;
+ SFTKDBHandle *handle = NULL;
+ char newPinStr[SFTK_MAX_PIN + 1];
+ SECStatus rv;
+ CK_RV crv = CKR_SESSION_HANDLE_INVALID;
+ PRBool tokenRemoved = PR_FALSE;
+
+ CHECK_FORK();
+
+ sp = sftk_SessionFromHandle(hSession);
+ if (sp == NULL) {
+ goto loser;
+ }
+
+ slot = sftk_SlotFromSession(sp);
+ if (slot == NULL) {
+ goto loser;
+ }
+
+ handle = sftk_getKeyDB(slot);
+ if (handle == NULL) {
+ crv = CKR_PIN_LEN_RANGE;
+ goto loser;
+ }
+
+ if (sp->info.state != CKS_RW_SO_FUNCTIONS) {
+ crv = CKR_USER_NOT_LOGGED_IN;
+ goto loser;
+ }
+
+ sftk_FreeSession(sp);
+ sp = NULL;
+
+ /* make sure the pins aren't too long */
+ if (ulPinLen > SFTK_MAX_PIN) {
+ crv = CKR_PIN_LEN_RANGE;
+ goto loser;
+ }
+ if (ulPinLen < (CK_ULONG)slot->minimumPinLen) {
+ crv = CKR_PIN_LEN_RANGE;
+ goto loser;
+ }
+
+ if (sftkdb_HasPasswordSet(handle) != SECFailure) {
+ crv = CKR_DEVICE_ERROR;
+ goto loser;
+ }
+
+ /* convert to null terminated string */
+ PORT_Memcpy(newPinStr, pPin, ulPinLen);
+ newPinStr[ulPinLen] = 0;
+
+ /* build the hashed pins which we pass around */
+
+ /* change the data base */
+ rv = sftkdb_ChangePassword(handle, NULL, newPinStr, &tokenRemoved);
+ if (tokenRemoved) {
+ sftk_CloseAllSessions(slot, PR_FALSE);
+ }
+ PORT_Memset(newPinStr, 0, ulPinLen);
+ sftk_freeDB(handle);
+ handle = NULL;
+
+ /* Now update our local copy of the pin */
+ if (rv == SECSuccess) {
+ if (ulPinLen == 0) {
+ PZ_Lock(slot->slotLock);
+ slot->needLogin = PR_FALSE;
+ PZ_Unlock(slot->slotLock);
+ }
+ /* database has been initialized, now force min password in FIPS
+ * mode. NOTE: if we are in level1, we may not have a password, but
+ * forcing it now will prevent an insufficient password from being set.
+ */
+ if ((sftk_GetModuleIndex(slot->slotID) == NSC_FIPS_MODULE) &&
+ (slot->minimumPinLen < FIPS_MIN_PIN)) {
+ slot->minimumPinLen = FIPS_MIN_PIN;
+ }
+ return CKR_OK;
+ }
+ crv = CKR_PIN_INCORRECT;
+
+loser:
+ if (sp) {
+ sftk_FreeSession(sp);
+ }
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+ return crv;
+}
+
+/* NSC_SetPIN modifies the PIN of user that is currently logged in. */
+/* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
+CK_RV
+NSC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
+ CK_ULONG ulOldLen, CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen)
+{
+ SFTKSession *sp = NULL;
+ SFTKSlot *slot;
+ SFTKDBHandle *handle = NULL;
+ char newPinStr[SFTK_MAX_PIN + 1], oldPinStr[SFTK_MAX_PIN + 1];
+ SECStatus rv;
+ CK_RV crv = CKR_SESSION_HANDLE_INVALID;
+ PRBool needLogin;
+ PRBool tokenRemoved = PR_FALSE;
+
+ CHECK_FORK();
+
+ sp = sftk_SessionFromHandle(hSession);
+ if (sp == NULL) {
+ goto loser;
+ }
+
+ slot = sftk_SlotFromSession(sp);
+ if (!slot) {
+ goto loser;
+ }
+
+ handle = sftk_getKeyDB(slot);
+ if (handle == NULL) {
+ sftk_FreeSession(sp);
+ return CKR_PIN_LEN_RANGE; /* XXX FIXME wrong return value */
+ }
+
+ PZ_Lock(slot->slotLock);
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+ if (needLogin && sp->info.state != CKS_RW_USER_FUNCTIONS) {
+ crv = CKR_USER_NOT_LOGGED_IN;
+ goto loser;
+ }
+
+ sftk_FreeSession(sp);
+ sp = NULL;
+
+ /* make sure the pins aren't too long */
+ if ((ulNewLen > SFTK_MAX_PIN) || (ulOldLen > SFTK_MAX_PIN)) {
+ crv = CKR_PIN_LEN_RANGE;
+ goto loser;
+ }
+ /* check the length of new pin, unless both old and new passwords
+ * are empty */
+ if ((ulNewLen != 0 || ulOldLen != 0) &&
+ ulNewLen < (CK_ULONG)slot->minimumPinLen) {
+ crv = CKR_PIN_LEN_RANGE;
+ goto loser;
+ }
+
+ /* convert to null terminated string */
+ PORT_Memcpy(newPinStr, pNewPin, ulNewLen);
+ newPinStr[ulNewLen] = 0;
+ PORT_Memcpy(oldPinStr, pOldPin, ulOldLen);
+ oldPinStr[ulOldLen] = 0;
+
+ /* change the data base password */
+ PR_Lock(slot->pwCheckLock);
+ rv = sftkdb_ChangePassword(handle, oldPinStr, newPinStr, &tokenRemoved);
+ PORT_Memset(newPinStr, 0, ulNewLen);
+ PORT_Memset(oldPinStr, 0, ulOldLen);
+ if (tokenRemoved) {
+ sftk_CloseAllSessions(slot, PR_FALSE);
+ }
+ if ((rv != SECSuccess) && (sftk_isFIPS(slot->slotID))) {
+ PR_Sleep(loginWaitTime);
+ }
+ PR_Unlock(slot->pwCheckLock);
+
+ /* Now update our local copy of the pin */
+ if (rv == SECSuccess) {
+ PZ_Lock(slot->slotLock);
+ slot->needLogin = (PRBool)(ulNewLen != 0);
+ slot->isLoggedIn = (PRBool)(sftkdb_PWCached(handle) == SECSuccess);
+ PZ_Unlock(slot->slotLock);
+ /* Reset login flags. */
+ if (ulNewLen == 0) {
+ PZ_Lock(slot->slotLock);
+ slot->isLoggedIn = PR_FALSE;
+ slot->ssoLoggedIn = PR_FALSE;
+ PZ_Unlock(slot->slotLock);
+
+ tokenRemoved = PR_FALSE;
+ rv = sftkdb_CheckPasswordNull(handle, &tokenRemoved);
+ if (tokenRemoved) {
+ sftk_CloseAllSessions(slot, PR_FALSE);
+ }
+ }
+ sftk_update_all_states(slot);
+ sftk_freeDB(handle);
+ return CKR_OK;
+ }
+ crv = CKR_PIN_INCORRECT;
+loser:
+ if (sp) {
+ sftk_FreeSession(sp);
+ }
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+ return crv;
+}
+
+/* NSC_OpenSession opens a session between an application and a token. */
+CK_RV
+NSC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
+ CK_VOID_PTR pApplication, CK_NOTIFY Notify, CK_SESSION_HANDLE_PTR phSession)
+{
+ SFTKSlot *slot;
+ CK_SESSION_HANDLE sessionID;
+ SFTKSession *session;
+ SFTKSession *sameID;
+
+ CHECK_FORK();
+
+ slot = sftk_SlotFromID(slotID, PR_FALSE);
+ if (slot == NULL)
+ return CKR_SLOT_ID_INVALID;
+
+ /* new session (we only have serial sessions) */
+ session = sftk_NewSession(slotID, Notify, pApplication,
+ flags | CKF_SERIAL_SESSION);
+ if (session == NULL)
+ return CKR_HOST_MEMORY;
+
+ if (slot->readOnly && (flags & CKF_RW_SESSION)) {
+ /* NETSCAPE_SLOT_ID is Read ONLY */
+ session->info.flags &= ~CKF_RW_SESSION;
+ }
+ PZ_Lock(slot->slotLock);
+ ++slot->sessionCount;
+ PZ_Unlock(slot->slotLock);
+ if (session->info.flags & CKF_RW_SESSION) {
+ (void)PR_ATOMIC_INCREMENT(&slot->rwSessionCount);
+ }
+
+ do {
+ PZLock *lock;
+ do {
+ sessionID = (PR_ATOMIC_INCREMENT(&slot->sessionIDCount) & 0xffffff) | (slot->index << 24);
+ } while (sessionID == CK_INVALID_HANDLE);
+ lock = SFTK_SESSION_LOCK(slot, sessionID);
+ PZ_Lock(lock);
+ sftkqueue_find(sameID, sessionID, slot->head, slot->sessHashSize);
+ if (sameID == NULL) {
+ session->handle = sessionID;
+ sftk_update_state(slot, session);
+ sftkqueue_add(session, sessionID, slot->head, slot->sessHashSize);
+ } else {
+ slot->sessionIDConflict++; /* for debugging */
+ }
+ PZ_Unlock(lock);
+ } while (sameID != NULL);
+
+ *phSession = sessionID;
+ return CKR_OK;
+}
+
+/* NSC_CloseSession closes a session between an application and a token. */
+CK_RV
+NSC_CloseSession(CK_SESSION_HANDLE hSession)
+{
+ SFTKSlot *slot;
+ SFTKSession *session;
+ PRBool sessionFound;
+ PZLock *lock;
+
+ CHECK_FORK();
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ slot = sftk_SlotFromSession(session);
+ sessionFound = PR_FALSE;
+
+ /* lock */
+ lock = SFTK_SESSION_LOCK(slot, hSession);
+ PZ_Lock(lock);
+ if (sftkqueue_is_queued(session, hSession, slot->head, slot->sessHashSize)) {
+ sessionFound = PR_TRUE;
+ sftkqueue_delete(session, hSession, slot->head, slot->sessHashSize);
+ }
+ PZ_Unlock(lock);
+
+ if (sessionFound) {
+ SFTKDBHandle *handle;
+ handle = sftk_getKeyDB(slot);
+ PZ_Lock(slot->slotLock);
+ if (--slot->sessionCount == 0) {
+ slot->isLoggedIn = PR_FALSE;
+ if (slot->needLogin && handle) {
+ sftkdb_ClearPassword(handle);
+ }
+ }
+ PZ_Unlock(slot->slotLock);
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+ if (session->info.flags & CKF_RW_SESSION) {
+ (void)PR_ATOMIC_DECREMENT(&slot->rwSessionCount);
+ }
+ sftk_DestroySession(session);
+ session = NULL;
+ }
+
+ return CKR_OK;
+}
+
+/* NSC_CloseAllSessions closes all sessions with a token. */
+CK_RV
+NSC_CloseAllSessions(CK_SLOT_ID slotID)
+{
+ SFTKSlot *slot;
+
+#ifndef NO_FORK_CHECK
+ /* skip fork check if we are being called from C_Initialize or C_Finalize */
+ if (!parentForkedAfterC_Initialize) {
+ CHECK_FORK();
+ }
+#endif
+
+ slot = sftk_SlotFromID(slotID, PR_FALSE);
+ if (slot == NULL)
+ return CKR_SLOT_ID_INVALID;
+
+ return sftk_CloseAllSessions(slot, PR_TRUE);
+}
+
+/* NSC_GetSessionInfo obtains information about the session. */
+CK_RV
+NSC_GetSessionInfo(CK_SESSION_HANDLE hSession,
+ CK_SESSION_INFO_PTR pInfo)
+{
+ SFTKSession *session;
+
+ CHECK_FORK();
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+
+ PORT_Memcpy(pInfo, &session->info, sizeof(CK_SESSION_INFO));
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/* NSC_Login logs a user into a token. */
+CK_RV
+NSC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
+{
+ SFTKSlot *slot;
+ SFTKSession *session;
+ SFTKDBHandle *handle;
+ CK_FLAGS sessionFlags;
+ SECStatus rv;
+ CK_RV crv;
+ char pinStr[SFTK_MAX_PIN + 1];
+ PRBool tokenRemoved = PR_FALSE;
+ PRBool isLoggedIn;
+ PRBool needLogin;
+
+ CHECK_FORK();
+
+ /* get the slot */
+ slot = sftk_SlotFromSessionHandle(hSession);
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ /* make sure the session is valid */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ sessionFlags = session->info.flags;
+ sftk_FreeSession(session);
+ session = NULL;
+
+ /* can't log into the Netscape Slot */
+ if (slot->slotID == NETSCAPE_SLOT_ID) {
+ return CKR_USER_TYPE_INVALID;
+ }
+
+ PZ_Lock(slot->slotLock);
+ isLoggedIn = slot->isLoggedIn;
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+
+ if (isLoggedIn)
+ return CKR_USER_ALREADY_LOGGED_IN;
+ if (!needLogin) {
+ return ulPinLen ? CKR_PIN_INCORRECT : CKR_OK;
+ }
+ slot->ssoLoggedIn = PR_FALSE;
+
+ if (ulPinLen > SFTK_MAX_PIN)
+ return CKR_PIN_LEN_RANGE;
+
+ /* convert to null terminated string */
+ if (ulPinLen) {
+ PORT_Memcpy(pinStr, pPin, ulPinLen);
+ }
+ pinStr[ulPinLen] = 0;
+
+ handle = sftk_getKeyDB(slot);
+ if (handle == NULL) {
+ PORT_Memset(pinStr, 0, ulPinLen);
+ return CKR_USER_TYPE_INVALID;
+ }
+
+ /*
+ * Deal with bootstrap. We allow the SSO to login in with a NULL
+ * password if and only if we haven't initialized the KEY DB yet.
+ * We only allow this on a RW session.
+ */
+ rv = sftkdb_HasPasswordSet(handle);
+ if (rv == SECFailure) {
+ /* allow SSO's to log in only if there is not password on the
+ * key database */
+ if (((userType == CKU_SO) && (sessionFlags & CKF_RW_SESSION))
+ /* fips always needs to authenticate, even if there isn't a db */
+ || (sftk_isFIPS(slot->slotID))) {
+ /* should this be a fixed password? */
+ if (ulPinLen == 0) {
+ sftkdb_ClearPassword(handle);
+ PZ_Lock(slot->slotLock);
+ slot->isLoggedIn = PR_TRUE;
+ slot->ssoLoggedIn = (PRBool)(userType == CKU_SO);
+ PZ_Unlock(slot->slotLock);
+ sftk_update_all_states(slot);
+ crv = CKR_OK;
+ goto done;
+ }
+ crv = CKR_PIN_INCORRECT;
+ goto done;
+ }
+ crv = CKR_USER_TYPE_INVALID;
+ goto done;
+ }
+
+ /* don't allow the SSO to log in if the user is already initialized */
+ if (userType != CKU_USER) {
+ crv = CKR_USER_TYPE_INVALID;
+ goto done;
+ }
+
+ /* build the hashed pins which we pass around */
+ PR_Lock(slot->pwCheckLock);
+ rv = sftkdb_CheckPassword(handle, pinStr, &tokenRemoved);
+ if (tokenRemoved) {
+ sftk_CloseAllSessions(slot, PR_FALSE);
+ }
+ if ((rv != SECSuccess) && (sftk_isFIPS(slot->slotID))) {
+ PR_Sleep(loginWaitTime);
+ }
+ PR_Unlock(slot->pwCheckLock);
+ if (rv == SECSuccess) {
+ PZ_Lock(slot->slotLock);
+ /* make sure the login state matches the underlying
+ * database state */
+ slot->isLoggedIn = sftkdb_PWCached(handle) == SECSuccess ? PR_TRUE : PR_FALSE;
+ PZ_Unlock(slot->slotLock);
+
+ sftk_freeDB(handle);
+ handle = NULL;
+
+ /* update all sessions */
+ sftk_update_all_states(slot);
+ return CKR_OK;
+ }
+
+ crv = CKR_PIN_INCORRECT;
+done:
+ PORT_Memset(pinStr, 0, ulPinLen);
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+ return crv;
+}
+
+CK_RV
+NSC_LoginUser(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
+ CK_CHAR_PTR pPin, CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pUsername,
+ CK_ULONG ulUsernameLen)
+{
+ /* softoken currently does not support additional users */
+ return CKR_OPERATION_NOT_INITIALIZED;
+}
+
+/* NSC_Logout logs a user out from a token. */
+CK_RV
+NSC_Logout(CK_SESSION_HANDLE hSession)
+{
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SFTKSession *session;
+ SFTKDBHandle *handle;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ sftk_FreeSession(session);
+ session = NULL;
+
+ if (!slot->isLoggedIn)
+ return CKR_USER_NOT_LOGGED_IN;
+
+ handle = sftk_getKeyDB(slot);
+ PZ_Lock(slot->slotLock);
+ slot->isLoggedIn = PR_FALSE;
+ slot->ssoLoggedIn = PR_FALSE;
+ if (slot->needLogin && handle) {
+ sftkdb_ClearPassword(handle);
+ }
+ PZ_Unlock(slot->slotLock);
+ if (handle) {
+ sftk_freeDB(handle);
+ }
+
+ sftk_update_all_states(slot);
+ return CKR_OK;
+}
+
+/*
+ * Create or remove a new slot on the fly.
+ * When creating a slot, "slot" is the slot that the request came from. The
+ * resulting slot will live in the same module as "slot".
+ * When removing a slot, "slot" is the slot to be removed.
+ * "object" is the creation object that specifies the module spec for the slot
+ * to add or remove.
+ */
+static CK_RV
+sftk_CreateNewSlot(SFTKSlot *slot, CK_OBJECT_CLASS class,
+ SFTKObject *object)
+{
+ PRBool isValidUserSlot = PR_FALSE;
+ PRBool isValidFIPSUserSlot = PR_FALSE;
+ PRBool isValidSlot = PR_FALSE;
+ PRBool isFIPS = PR_FALSE;
+ unsigned int moduleIndex = NSC_NON_FIPS_MODULE;
+ SFTKAttribute *attribute;
+ sftk_parameters paramStrings;
+ char *paramString;
+ CK_SLOT_ID slotID = 0;
+ SFTKSlot *newSlot = NULL;
+ CK_RV crv = CKR_OK;
+
+ if (class != CKO_NSS_DELSLOT && class != CKO_NSS_NEWSLOT) {
+ return CKR_ATTRIBUTE_VALUE_INVALID;
+ }
+ if (class == CKO_NSS_NEWSLOT && slot->slotID == FIPS_SLOT_ID) {
+ isFIPS = PR_TRUE;
+ }
+ attribute = sftk_FindAttribute(object, CKA_NSS_MODULE_SPEC);
+ if (attribute == NULL) {
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ paramString = (char *)attribute->attrib.pValue;
+ crv = sftk_parseParameters(paramString, &paramStrings, isFIPS);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ /* enforce only one at a time */
+ if (paramStrings.token_count != 1) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+
+ slotID = paramStrings.tokens[0].slotID;
+
+ /* stay within the valid ID space */
+ isValidUserSlot = (slotID >= SFTK_MIN_USER_SLOT_ID &&
+ slotID <= SFTK_MAX_USER_SLOT_ID);
+ isValidFIPSUserSlot = (slotID >= SFTK_MIN_FIPS_USER_SLOT_ID &&
+ slotID <= SFTK_MAX_FIPS_USER_SLOT_ID);
+
+ if (class == CKO_NSS_DELSLOT) {
+ if (slot->slotID == slotID) {
+ isValidSlot = isValidUserSlot || isValidFIPSUserSlot;
+ }
+ } else {
+ /* only the crypto or FIPS slots can create new slot objects */
+ if (slot->slotID == NETSCAPE_SLOT_ID) {
+ isValidSlot = isValidUserSlot;
+ moduleIndex = NSC_NON_FIPS_MODULE;
+ } else if (slot->slotID == FIPS_SLOT_ID) {
+ isValidSlot = isValidFIPSUserSlot;
+ moduleIndex = NSC_FIPS_MODULE;
+ }
+ }
+
+ if (!isValidSlot) {
+ crv = CKR_ATTRIBUTE_VALUE_INVALID;
+ goto loser;
+ }
+
+ /* unload any existing slot at this id */
+ newSlot = sftk_SlotFromID(slotID, PR_TRUE);
+ if (newSlot && newSlot->present) {
+ crv = SFTK_ShutdownSlot(newSlot);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+ }
+
+ /* if we were just planning on deleting the slot, then do so now */
+ if (class == CKO_NSS_DELSLOT) {
+ /* sort of a unconventional use of this error code, be we are
+ * overusing CKR_ATTRIBUTE_VALUE_INVALID, and it does apply */
+ crv = newSlot ? CKR_OK : CKR_SLOT_ID_INVALID;
+ goto loser; /* really exit */
+ }
+
+ if (newSlot) {
+ crv = SFTK_SlotReInit(newSlot, paramStrings.configdir,
+ paramStrings.updatedir, paramStrings.updateID,
+ &paramStrings.tokens[0], moduleIndex);
+ } else {
+ crv = SFTK_SlotInit(paramStrings.configdir,
+ paramStrings.updatedir, paramStrings.updateID,
+ &paramStrings.tokens[0], moduleIndex);
+ }
+
+loser:
+ sftk_freeParams(&paramStrings);
+ sftk_FreeAttribute(attribute);
+
+ return crv;
+}
+
+/* NSC_CreateObject creates a new object. */
+CK_RV
+NSC_CreateObject(CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phObject)
+{
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SFTKSession *session;
+ SFTKObject *object;
+ /* make sure class isn't randomly CKO_NSS_NEWSLOT or
+ * CKO_NETSCPE_DELSLOT. */
+ CK_OBJECT_CLASS class = CKO_VENDOR_DEFINED;
+ CK_RV crv;
+ int i;
+
+ CHECK_FORK();
+
+ *phObject = CK_INVALID_HANDLE;
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * now lets create an object to hang the attributes off of
+ */
+ object = sftk_NewObject(slot); /* fill in the handle later */
+ if (object == NULL) {
+ return CKR_HOST_MEMORY;
+ }
+ object->isFIPS = PR_FALSE; /* if we created the object on the fly,
+ * it's not a FIPS object */
+
+ /*
+ * load the template values into the object
+ */
+ for (i = 0; i < (int)ulCount; i++) {
+ crv = sftk_AddAttributeType(object, sftk_attr_expand(&pTemplate[i]));
+ if (crv != CKR_OK) {
+ sftk_FreeObject(object);
+ return crv;
+ }
+ if ((pTemplate[i].type == CKA_CLASS) && pTemplate[i].pValue) {
+ class = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
+ }
+ }
+
+ /* get the session */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ sftk_FreeObject(object);
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ /*
+ * handle pseudo objects (CKO_NEWSLOT)
+ */
+ if ((class == CKO_NSS_NEWSLOT) || (class == CKO_NSS_DELSLOT)) {
+ crv = sftk_CreateNewSlot(slot, class, object);
+ goto done;
+ }
+
+ /*
+ * handle the base object stuff
+ */
+ crv = sftk_handleObject(object, session);
+ *phObject = object->handle;
+done:
+ sftk_FreeSession(session);
+ sftk_FreeObject(object);
+
+ return crv;
+}
+
+/* NSC_CopyObject copies an object, creating a new object for the copy. */
+CK_RV
+NSC_CopyObject(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject)
+{
+ SFTKObject *destObject, *srcObject;
+ SFTKSession *session;
+ CK_RV crv = CKR_OK;
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ int i;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /* Get srcObject so we can find the class */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ srcObject = sftk_ObjectFromHandle(hObject, session);
+ if (srcObject == NULL) {
+ sftk_FreeSession(session);
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+ /*
+ * create an object to hang the attributes off of
+ */
+ destObject = sftk_NewObject(slot); /* fill in the handle later */
+ if (destObject == NULL) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(srcObject);
+ return CKR_HOST_MEMORY;
+ }
+
+ /*
+ * load the template values into the object
+ */
+ for (i = 0; i < (int)ulCount; i++) {
+ if (sftk_modifyType(pTemplate[i].type, srcObject->objclass) == SFTK_NEVER) {
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ break;
+ }
+ crv = sftk_AddAttributeType(destObject, sftk_attr_expand(&pTemplate[i]));
+ if (crv != CKR_OK) {
+ break;
+ }
+ }
+ if (crv != CKR_OK) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(srcObject);
+ sftk_FreeObject(destObject);
+ return crv;
+ }
+
+ /* sensitive can only be changed to CK_TRUE */
+ if (sftk_hasAttribute(destObject, CKA_SENSITIVE)) {
+ if (!sftk_isTrue(destObject, CKA_SENSITIVE)) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(srcObject);
+ sftk_FreeObject(destObject);
+ return CKR_ATTRIBUTE_READ_ONLY;
+ }
+ }
+
+ /*
+ * now copy the old attributes from the new attributes
+ */
+ /* don't create a token object if we aren't in a rw session */
+ /* we need to hold the lock to copy a consistant version of
+ * the object. */
+ crv = sftk_CopyObject(destObject, srcObject);
+
+ destObject->objclass = srcObject->objclass;
+ sftk_FreeObject(srcObject);
+ if (crv != CKR_OK) {
+ sftk_FreeObject(destObject);
+ sftk_FreeSession(session);
+ return crv;
+ }
+
+ crv = sftk_handleObject(destObject, session);
+ *phNewObject = destObject->handle;
+ sftk_FreeSession(session);
+ sftk_FreeObject(destObject);
+
+ return crv;
+}
+
+/* NSC_GetObjectSize gets the size of an object in bytes. */
+CK_RV
+NSC_GetObjectSize(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize)
+{
+ CHECK_FORK();
+
+ *pulSize = 0;
+ return CKR_OK;
+}
+
+static CK_RV
+nsc_GetTokenAttributeValue(SFTKSession *session, CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ SFTKSlot *slot = sftk_SlotFromSession(session);
+ SFTKDBHandle *dbHandle = sftk_getDBForTokenObject(slot, hObject);
+ SFTKDBHandle *keydb = NULL;
+ CK_RV crv;
+
+ if (dbHandle == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ crv = sftkdb_GetAttributeValue(dbHandle, hObject, pTemplate, ulCount);
+
+ /* make sure we don't export any sensitive information */
+ keydb = sftk_getKeyDB(slot);
+ if (dbHandle == keydb) {
+ CK_ULONG i;
+ for (i = 0; i < ulCount; i++) {
+ if (sftk_isSensitive(pTemplate[i].type, CKO_PRIVATE_KEY)) {
+ crv = CKR_ATTRIBUTE_SENSITIVE;
+ if (pTemplate[i].pValue && (pTemplate[i].ulValueLen != -1)) {
+ PORT_Memset(pTemplate[i].pValue, 0,
+ pTemplate[i].ulValueLen);
+ }
+ pTemplate[i].ulValueLen = -1;
+ }
+ }
+ }
+
+ sftk_freeDB(dbHandle);
+ if (keydb) {
+ sftk_freeDB(keydb);
+ }
+ return crv;
+}
+
+/* NSC_GetAttributeValue obtains the value of one or more object attributes. */
+CK_RV
+NSC_GetAttributeValue(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SFTKSession *session;
+ SFTKObject *object;
+ SFTKAttribute *attribute;
+ PRBool sensitive, isLoggedIn, needLogin;
+ CK_RV crv;
+ int i;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * make sure we're allowed
+ */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ /* short circuit everything for token objects */
+ if (sftk_isToken(hObject)) {
+ crv = nsc_GetTokenAttributeValue(session, hObject, pTemplate, ulCount);
+ sftk_FreeSession(session);
+ return crv;
+ }
+
+ /* handle the session object */
+ object = sftk_ObjectFromHandle(hObject, session);
+ sftk_FreeSession(session);
+ if (object == NULL) {
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ PZ_Lock(slot->slotLock);
+ isLoggedIn = slot->isLoggedIn;
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+
+ /* don't read a private object if we aren't logged in */
+ if (!isLoggedIn && needLogin && sftk_isTrue(object, CKA_PRIVATE)) {
+ sftk_FreeObject(object);
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+
+ crv = CKR_OK;
+ sensitive = sftk_isTrue(object, CKA_SENSITIVE);
+ for (i = 0; i < (int)ulCount; i++) {
+ /* Make sure that this attribute is retrievable */
+ if (sensitive && sftk_isSensitive(pTemplate[i].type, object->objclass)) {
+ crv = CKR_ATTRIBUTE_SENSITIVE;
+ pTemplate[i].ulValueLen = -1;
+ continue;
+ }
+ attribute = sftk_FindAttribute(object, pTemplate[i].type);
+ if (attribute == NULL) {
+ crv = CKR_ATTRIBUTE_TYPE_INVALID;
+ pTemplate[i].ulValueLen = -1;
+ continue;
+ }
+ if (pTemplate[i].pValue != NULL) {
+ PORT_Memcpy(pTemplate[i].pValue, attribute->attrib.pValue,
+ attribute->attrib.ulValueLen);
+ }
+ pTemplate[i].ulValueLen = attribute->attrib.ulValueLen;
+ sftk_FreeAttribute(attribute);
+ }
+
+ sftk_FreeObject(object);
+ return crv;
+}
+
+/* NSC_SetAttributeValue modifies the value of one or more object attributes */
+CK_RV
+NSC_SetAttributeValue(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ SFTKSession *session;
+ SFTKAttribute *attribute;
+ SFTKObject *object;
+ PRBool isToken, isLoggedIn, needLogin;
+ CK_RV crv = CKR_OK;
+ CK_BBOOL legal;
+ int i;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ /*
+ * make sure we're allowed
+ */
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+
+ object = sftk_ObjectFromHandle(hObject, session);
+ if (object == NULL) {
+ sftk_FreeSession(session);
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+
+ PZ_Lock(slot->slotLock);
+ isLoggedIn = slot->isLoggedIn;
+ needLogin = slot->needLogin;
+ PZ_Unlock(slot->slotLock);
+
+ /* don't modify a private object if we aren't logged in */
+ if (!isLoggedIn && needLogin && sftk_isTrue(object, CKA_PRIVATE)) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(object);
+ return CKR_USER_NOT_LOGGED_IN;
+ }
+
+ /* don't modify a token object if we aren't in a rw session */
+ isToken = sftk_isTrue(object, CKA_TOKEN);
+ if (((session->info.flags & CKF_RW_SESSION) == 0) && isToken) {
+ sftk_FreeSession(session);
+ sftk_FreeObject(object);
+ return CKR_SESSION_READ_ONLY;
+ }
+ sftk_FreeSession(session);
+
+ /* only change modifiable objects */
+ if (!sftk_isTrue(object, CKA_MODIFIABLE)) {
+ sftk_FreeObject(object);
+ return CKR_ATTRIBUTE_READ_ONLY;
+ }
+
+ for (i = 0; i < (int)ulCount; i++) {
+ /* Make sure that this attribute is changeable */
+ switch (sftk_modifyType(pTemplate[i].type, object->objclass)) {
+ case SFTK_NEVER:
+ case SFTK_ONCOPY:
+ default:
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ break;
+
+ case SFTK_SENSITIVE:
+ legal = (pTemplate[i].type == CKA_EXTRACTABLE) ? CK_FALSE : CK_TRUE;
+ if ((*(CK_BBOOL *)pTemplate[i].pValue) != legal) {
+ crv = CKR_ATTRIBUTE_READ_ONLY;
+ }
+ break;
+ case SFTK_ALWAYS:
+ break;
+ }
+ if (crv != CKR_OK)
+ break;
+
+ /* find the old attribute */
+ attribute = sftk_FindAttribute(object, pTemplate[i].type);
+ if (attribute == NULL) {
+ crv = CKR_ATTRIBUTE_TYPE_INVALID;
+ break;
+ }
+ sftk_FreeAttribute(attribute);
+ crv = sftk_forceAttribute(object, sftk_attr_expand(&pTemplate[i]));
+ if (crv != CKR_OK)
+ break;
+ }
+
+ sftk_FreeObject(object);
+ return crv;
+}
+
+static CK_RV
+sftk_expandSearchList(SFTKSearchResults *search, int count)
+{
+ search->array_size += count;
+ search->handles = (CK_OBJECT_HANDLE *)PORT_Realloc(search->handles,
+ sizeof(CK_OBJECT_HANDLE) * search->array_size);
+ return search->handles ? CKR_OK : CKR_HOST_MEMORY;
+}
+
+static CK_RV
+sftk_searchDatabase(SFTKDBHandle *handle, SFTKSearchResults *search,
+ const CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
+{
+ CK_RV crv;
+ int objectListSize = search->array_size - search->size;
+ CK_OBJECT_HANDLE *array = &search->handles[search->size];
+ SDBFind *find;
+ CK_ULONG count;
+
+ crv = sftkdb_FindObjectsInit(handle, pTemplate, ulCount, &find);
+ if (crv != CKR_OK)
+ return crv;
+ do {
+ crv = sftkdb_FindObjects(handle, find, array, objectListSize, &count);
+ if ((crv != CKR_OK) || (count == 0))
+ break;
+ search->size += count;
+ objectListSize -= count;
+ if (objectListSize > 0)
+ break;
+ crv = sftk_expandSearchList(search, NSC_SEARCH_BLOCK_SIZE);
+ objectListSize = NSC_SEARCH_BLOCK_SIZE;
+ array = &search->handles[search->size];
+ } while (crv == CKR_OK);
+ sftkdb_FindObjectsFinal(handle, find);
+
+ return crv;
+}
+
+/* softoken used to search the SMimeEntries automatically instead of
+ * doing this in pk11wrap. This code should really be up in
+ * pk11wrap so that it will work with other tokens other than softoken.
+ */
+CK_RV
+sftk_emailhack(SFTKSlot *slot, SFTKDBHandle *handle,
+ SFTKSearchResults *search, CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount)
+{
+ PRBool isCert = PR_FALSE;
+ int emailIndex = -1;
+ unsigned int i;
+ SFTKSearchResults smime_search;
+ CK_ATTRIBUTE smime_template[2];
+ CK_OBJECT_CLASS smime_class = CKO_NSS_SMIME;
+ SFTKAttribute *attribute = NULL;
+ SFTKObject *object = NULL;
+ CK_RV crv = CKR_OK;
+
+ smime_search.handles = NULL; /* paranoia, some one is bound to add a goto
+ * loser before this gets initialized */
+
+ /* see if we are looking for email certs */
+ for (i = 0; i < ulCount; i++) {
+ if (pTemplate[i].type == CKA_CLASS) {
+ if ((pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS) ||
+ (*(CK_OBJECT_CLASS *)pTemplate[i].pValue) != CKO_CERTIFICATE)) {
+ /* not a cert, skip out */
+ break;
+ }
+ isCert = PR_TRUE;
+ } else if (pTemplate[i].type == CKA_NSS_EMAIL) {
+ emailIndex = i;
+ }
+ if (isCert && (emailIndex != -1))
+ break;
+ }
+
+ if (!isCert || (emailIndex == -1)) {
+ return CKR_OK;
+ }
+
+ /* we are doing a cert and email search, find the SMimeEntry */
+ smime_template[0].type = CKA_CLASS;
+ smime_template[0].pValue = &smime_class;
+ smime_template[0].ulValueLen = sizeof(smime_class);
+ smime_template[1] = pTemplate[emailIndex];
+
+ smime_search.handles = (CK_OBJECT_HANDLE *)
+ PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * NSC_SEARCH_BLOCK_SIZE);
+ if (smime_search.handles == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ smime_search.index = 0;
+ smime_search.size = 0;
+ smime_search.array_size = NSC_SEARCH_BLOCK_SIZE;
+
+ crv = sftk_searchDatabase(handle, &smime_search, smime_template, 2);
+ if (crv != CKR_OK || smime_search.size == 0) {
+ goto loser;
+ }
+
+ /* get the SMime subject */
+ object = sftk_NewTokenObject(slot, NULL, smime_search.handles[0]);
+ if (object == NULL) {
+ crv = CKR_HOST_MEMORY; /* is there any other reason for this failure? */
+ goto loser;
+ }
+ attribute = sftk_FindAttribute(object, CKA_SUBJECT);
+ if (attribute == NULL) {
+ crv = CKR_ATTRIBUTE_TYPE_INVALID;
+ goto loser;
+ }
+
+ /* now find the certs with that subject */
+ pTemplate[emailIndex] = attribute->attrib;
+ /* now add the appropriate certs to the search list */
+ crv = sftk_searchDatabase(handle, search, pTemplate, ulCount);
+ pTemplate[emailIndex] = smime_template[1]; /* restore the user's template*/
+
+loser:
+ if (attribute) {
+ sftk_FreeAttribute(attribute);
+ }
+ if (object) {
+ sftk_FreeObject(object);
+ }
+ if (smime_search.handles) {
+ PORT_Free(smime_search.handles);
+ }
+
+ return crv;
+}
+
+static void
+sftk_pruneSearch(CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount,
+ PRBool *searchCertDB, PRBool *searchKeyDB)
+{
+ CK_ULONG i;
+
+ *searchCertDB = PR_TRUE;
+ *searchKeyDB = PR_TRUE;
+ for (i = 0; i < ulCount; i++) {
+ if (pTemplate[i].type == CKA_CLASS && pTemplate[i].pValue != NULL) {
+ CK_OBJECT_CLASS class = *((CK_OBJECT_CLASS *)pTemplate[i].pValue);
+ if (class == CKO_PRIVATE_KEY || class == CKO_SECRET_KEY) {
+ *searchCertDB = PR_FALSE;
+ } else {
+ *searchKeyDB = PR_FALSE;
+ }
+ break;
+ }
+ }
+}
+
+static CK_RV
+sftk_searchTokenList(SFTKSlot *slot, SFTKSearchResults *search,
+ CK_ATTRIBUTE *pTemplate, CK_ULONG ulCount,
+ PRBool isLoggedIn)
+{
+ CK_RV crv = CKR_OK;
+ CK_RV crv2;
+ PRBool searchCertDB;
+ PRBool searchKeyDB;
+
+ sftk_pruneSearch(pTemplate, ulCount, &searchCertDB, &searchKeyDB);
+
+ if (searchCertDB) {
+ SFTKDBHandle *certHandle = sftk_getCertDB(slot);
+ crv = sftk_searchDatabase(certHandle, search, pTemplate, ulCount);
+ crv2 = sftk_emailhack(slot, certHandle, search, pTemplate, ulCount);
+ if (crv == CKR_OK)
+ crv = crv2;
+ sftk_freeDB(certHandle);
+ }
+
+ if (crv == CKR_OK && isLoggedIn && searchKeyDB) {
+ SFTKDBHandle *keyHandle = sftk_getKeyDB(slot);
+ crv = sftk_searchDatabase(keyHandle, search, pTemplate, ulCount);
+ sftk_freeDB(keyHandle);
+ }
+ return crv;
+}
+
+/* NSC_FindObjectsInit initializes a search for token and session objects
+ * that match a template. */
+CK_RV
+NSC_FindObjectsInit(CK_SESSION_HANDLE hSession,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ SFTKSearchResults *search = NULL, *freeSearch = NULL;
+ SFTKSession *session = NULL;
+ SFTKSlot *slot = sftk_SlotFromSessionHandle(hSession);
+ CK_RV crv = CKR_OK;
+ PRBool isLoggedIn;
+
+ CHECK_FORK();
+
+ if (slot == NULL) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL) {
+ crv = CKR_SESSION_HANDLE_INVALID;
+ goto loser;
+ }
+
+ search = (SFTKSearchResults *)PORT_Alloc(sizeof(SFTKSearchResults));
+ if (search == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ search->handles = (CK_OBJECT_HANDLE *)
+ PORT_Alloc(sizeof(CK_OBJECT_HANDLE) * NSC_SEARCH_BLOCK_SIZE);
+ if (search->handles == NULL) {
+ crv = CKR_HOST_MEMORY;
+ goto loser;
+ }
+ search->index = 0;
+ search->size = 0;
+ search->array_size = NSC_SEARCH_BLOCK_SIZE;
+
+ PZ_Lock(slot->slotLock);
+ isLoggedIn = (PRBool)((!slot->needLogin) || slot->isLoggedIn);
+ PZ_Unlock(slot->slotLock);
+
+ crv = sftk_searchTokenList(slot, search, pTemplate, ulCount, isLoggedIn);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ /* build list of found objects in the session */
+ crv = sftk_searchObjectList(search, slot->sessObjHashTable,
+ slot->sessObjHashSize, slot->objectLock,
+ pTemplate, ulCount, isLoggedIn);
+ if (crv != CKR_OK) {
+ goto loser;
+ }
+
+ if ((freeSearch = session->search) != NULL) {
+ session->search = NULL;
+ sftk_FreeSearch(freeSearch);
+ }
+ session->search = search;
+ sftk_FreeSession(session);
+ return CKR_OK;
+
+loser:
+ if (search) {
+ sftk_FreeSearch(search);
+ }
+ if (session) {
+ sftk_FreeSession(session);
+ }
+ return crv;
+}
+
+/* NSC_FindObjects continues a search for token and session objects
+ * that match a template, obtaining additional object handles. */
+CK_RV
+NSC_FindObjects(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE_PTR phObject, CK_ULONG ulMaxObjectCount,
+ CK_ULONG_PTR pulObjectCount)
+{
+ SFTKSession *session;
+ SFTKSearchResults *search;
+ int transfer;
+ int left;
+
+ CHECK_FORK();
+
+ *pulObjectCount = 0;
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ if (session->search == NULL) {
+ sftk_FreeSession(session);
+ return CKR_OK;
+ }
+ search = session->search;
+ left = session->search->size - session->search->index;
+ transfer = ((int)ulMaxObjectCount > left) ? left : ulMaxObjectCount;
+ if (transfer > 0) {
+ PORT_Memcpy(phObject, &search->handles[search->index],
+ transfer * sizeof(CK_OBJECT_HANDLE));
+ } else {
+ *phObject = CK_INVALID_HANDLE;
+ }
+
+ search->index += transfer;
+ if (search->index == search->size) {
+ session->search = NULL;
+ sftk_FreeSearch(search);
+ }
+ *pulObjectCount = transfer;
+ sftk_FreeSession(session);
+ return CKR_OK;
+}
+
+/* NSC_FindObjectsFinal finishes a search for token and session objects. */
+CK_RV
+NSC_FindObjectsFinal(CK_SESSION_HANDLE hSession)
+{
+ SFTKSession *session;
+ SFTKSearchResults *search;
+
+ CHECK_FORK();
+
+ session = sftk_SessionFromHandle(hSession);
+ if (session == NULL)
+ return CKR_SESSION_HANDLE_INVALID;
+ search = session->search;
+ session->search = NULL;
+ sftk_FreeSession(session);
+ if (search != NULL) {
+ sftk_FreeSearch(search);
+ }
+ return CKR_OK;
+}
+
+CK_RV
+NSC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
+ CK_VOID_PTR pReserved)
+{
+ CHECK_FORK();
+
+ return CKR_FUNCTION_NOT_SUPPORTED;
+}
+
+static CK_RV
+nsc_NSSGetFIPSStatus(CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hObject,
+ CK_ULONG ulOperationType,
+ CK_ULONG *pulFIPSStatus)
+{
+ CK_ULONG sessionState = CKS_NSS_UNINITIALIZED;
+ CK_ULONG objectState = CKS_NSS_UNINITIALIZED;
+ PRBool needSession = PR_FALSE;
+ PRBool needObject = PR_FALSE;
+ SFTKSession *session;
+ SFTKObject *object;
+
+ *pulFIPSStatus = CKS_NSS_FIPS_NOT_OK;
+
+ /* first determine what we need to look up */
+ switch (ulOperationType) {
+ case CKT_NSS_SESSION_CHECK:
+ case CKT_NSS_SESSION_LAST_CHECK:
+ needSession = PR_TRUE;
+ needObject = PR_FALSE;
+ break;
+ case CKT_NSS_OBJECT_CHECK:
+ needSession = PR_FALSE;
+ needObject = PR_TRUE;
+ break;
+ case CKT_NSS_BOTH_CHECK:
+ needSession = PR_TRUE;
+ needObject = PR_TRUE;
+ break;
+ default:
+ return CKR_ARGUMENTS_BAD;
+ }
+
+ /* we always need the session handle, the object handle is only
+ * meaningful if there is a session */
+ session = sftk_SessionFromHandle(hSession);
+ if (!session) {
+ return CKR_SESSION_HANDLE_INVALID;
+ }
+ if (needSession) {
+ if (CKT_NSS_SESSION_LAST_CHECK == ulOperationType) {
+ sessionState = session->lastOpWasFIPS ? CKS_NSS_FIPS_OK : CKS_NSS_FIPS_NOT_OK;
+ } else {
+ if (session->enc_context) {
+ sessionState = session->enc_context->isFIPS ? CKS_NSS_FIPS_OK : CKS_NSS_FIPS_NOT_OK;
+ }
+ if (sessionState != CKS_NSS_FIPS_NOT_OK && session->hash_context) {
+ sessionState = session->hash_context->isFIPS ? CKS_NSS_FIPS_OK : CKS_NSS_FIPS_NOT_OK;
+ }
+ /* sessionState is set to CKS_NSS_UNINITIALIZED if neither
+ * context exists */
+ }
+ }
+
+ if (needObject) {
+ object = sftk_ObjectFromHandle(hObject, session);
+ if (!object) {
+ sftk_FreeSession(session);
+ return CKR_OBJECT_HANDLE_INVALID;
+ }
+ objectState = object->isFIPS ? CKS_NSS_FIPS_OK : CKS_NSS_FIPS_NOT_OK;
+ sftk_FreeObject(object);
+ }
+
+ sftk_FreeSession(session);
+
+ /* If we didn't fetch the state, then it is uninitialized.
+ * The session state can also be uninitialized if there are no active
+ * crypto operations on the session. Turns out the rules for combining
+ * the states are the same whether or not the state was uninitialzed
+ * because we didn't fetch it or because there wasn't a state to fetch.
+ */
+
+ /* if the object State is uninitialized, return the state of the session. */
+ if (objectState == CKS_NSS_UNINITIALIZED) {
+ /* if they are both uninitalized, return CKS_FIPS_NOT_OK */
+ if (sessionState == CKS_NSS_UNINITIALIZED) {
+ /* *pulFIPSStatus already set to CKS_FIPS_NOT_OK */
+ return CKR_OK;
+ }
+ *pulFIPSStatus = sessionState;
+ return CKR_OK;
+ }
+ /* objectState is initialized, if sessionState is uninitialized, we can
+ * just return objectState */
+ if (sessionState == CKS_NSS_UNINITIALIZED) {
+ *pulFIPSStatus = objectState;
+ return CKR_OK;
+ }
+
+ /* they are are not equal, one must be CKS_FIPS_NOT_OK, so we return that
+ * value CKS_FIPS_NOT_OK */
+ if (objectState != sessionState) {
+ /* *pulFIPSStatus already set to CKS_FIPS_NOT_OK */
+ return CKR_OK;
+ }
+
+ /* objectState and sessionState or the same, so we can return either */
+ *pulFIPSStatus = sessionState;
+ return CKR_OK;
+}