andre@0: /* This Source Code Form is subject to the terms of the Mozilla Public andre@0: * License, v. 2.0. If a copy of the MPL was not distributed with this andre@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ andre@0: /* andre@0: * This file PK11Contexts which are used in multipart hashing, andre@0: * encryption/decryption, and signing/verication operations. andre@0: */ andre@0: andre@0: #include "seccomon.h" andre@0: #include "secmod.h" andre@0: #include "nssilock.h" andre@0: #include "secmodi.h" andre@0: #include "secmodti.h" andre@0: #include "pkcs11.h" andre@0: #include "pk11func.h" andre@0: #include "secitem.h" andre@0: #include "secoid.h" andre@0: #include "sechash.h" andre@0: #include "secerr.h" andre@0: andre@0: static const SECItem pk11_null_params = { 0 }; andre@0: andre@0: /********************************************************************** andre@0: * andre@0: * Now Deal with Crypto Contexts andre@0: * andre@0: **********************************************************************/ andre@0: andre@0: /* andre@0: * the monitors... andre@0: */ andre@0: void andre@0: PK11_EnterContextMonitor(PK11Context *cx) { andre@0: /* if we own the session and our slot is ThreadSafe, only monitor andre@0: * the Context */ andre@0: if ((cx->ownSession) && (cx->slot->isThreadSafe)) { andre@0: /* Should this use monitors instead? */ andre@0: PZ_Lock(cx->sessionLock); andre@0: } else { andre@0: PK11_EnterSlotMonitor(cx->slot); andre@0: } andre@0: } andre@0: andre@0: void andre@0: PK11_ExitContextMonitor(PK11Context *cx) { andre@0: /* if we own the session and our slot is ThreadSafe, only monitor andre@0: * the Context */ andre@0: if ((cx->ownSession) && (cx->slot->isThreadSafe)) { andre@0: /* Should this use monitors instead? */ andre@0: PZ_Unlock(cx->sessionLock); andre@0: } else { andre@0: PK11_ExitSlotMonitor(cx->slot); andre@0: } andre@0: } andre@0: andre@0: /* andre@0: * Free up a Cipher Context andre@0: */ andre@0: void andre@0: PK11_DestroyContext(PK11Context *context, PRBool freeit) andre@0: { andre@0: pk11_CloseSession(context->slot,context->session,context->ownSession); andre@0: /* initialize the critical fields of the context */ andre@0: if (context->savedData != NULL ) PORT_Free(context->savedData); andre@0: if (context->key) PK11_FreeSymKey(context->key); andre@0: if (context->param && context->param != &pk11_null_params) andre@0: SECITEM_FreeItem(context->param, PR_TRUE); andre@0: if (context->sessionLock) PZ_DestroyLock(context->sessionLock); andre@0: PK11_FreeSlot(context->slot); andre@0: if (freeit) PORT_Free(context); andre@0: } andre@0: andre@0: /* andre@0: * save the current context. Allocate Space if necessary. andre@0: */ andre@0: static unsigned char * andre@0: pk11_saveContextHelper(PK11Context *context, unsigned char *buffer, andre@0: unsigned long *savedLength) andre@0: { andre@0: CK_RV crv; andre@0: andre@0: /* If buffer is NULL, this will get the length */ andre@0: crv = PK11_GETTAB(context->slot)->C_GetOperationState(context->session, andre@0: (CK_BYTE_PTR)buffer, andre@0: savedLength); andre@0: if (!buffer || (crv == CKR_BUFFER_TOO_SMALL)) { andre@0: /* the given buffer wasn't big enough (or was NULL), but we andre@0: * have the length, so try again with a new buffer and the andre@0: * correct length andre@0: */ andre@0: unsigned long bufLen = *savedLength; andre@0: buffer = PORT_Alloc(bufLen); andre@0: if (buffer == NULL) { andre@0: return (unsigned char *)NULL; andre@0: } andre@0: crv = PK11_GETTAB(context->slot)->C_GetOperationState( andre@0: context->session, andre@0: (CK_BYTE_PTR)buffer, andre@0: savedLength); andre@0: if (crv != CKR_OK) { andre@0: PORT_ZFree(buffer, bufLen); andre@0: } andre@0: } andre@0: if (crv != CKR_OK) { andre@0: PORT_SetError( PK11_MapError(crv) ); andre@0: return (unsigned char *)NULL; andre@0: } andre@0: return buffer; andre@0: } andre@0: andre@0: void * andre@0: pk11_saveContext(PK11Context *context, void *space, unsigned long *savedLength) andre@0: { andre@0: return pk11_saveContextHelper(context, andre@0: (unsigned char *)space, savedLength); andre@0: } andre@0: andre@0: /* andre@0: * restore the current context andre@0: */ andre@0: SECStatus andre@0: pk11_restoreContext(PK11Context *context,void *space, unsigned long savedLength) andre@0: { andre@0: CK_RV crv; andre@0: CK_OBJECT_HANDLE objectID = (context->key) ? context->key->objectID: andre@0: CK_INVALID_HANDLE; andre@0: andre@0: PORT_Assert(space != NULL); andre@0: if (space == NULL) { andre@0: PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); andre@0: return SECFailure; andre@0: } andre@0: crv = PK11_GETTAB(context->slot)->C_SetOperationState(context->session, andre@0: (CK_BYTE_PTR)space, savedLength, objectID, 0); andre@0: if (crv != CKR_OK) { andre@0: PORT_SetError( PK11_MapError(crv)); andre@0: return SECFailure; andre@0: } andre@0: return SECSuccess; andre@0: } andre@0: andre@0: SECStatus pk11_Finalize(PK11Context *context); andre@0: andre@0: /* andre@0: * Context initialization. Used by all flavors of CreateContext andre@0: */ andre@0: static SECStatus andre@0: pk11_context_init(PK11Context *context, CK_MECHANISM *mech_info) andre@0: { andre@0: CK_RV crv; andre@0: PK11SymKey *symKey = context->key; andre@0: SECStatus rv = SECSuccess; andre@0: andre@0: switch (context->operation) { andre@0: case CKA_ENCRYPT: andre@0: crv=PK11_GETTAB(context->slot)->C_EncryptInit(context->session, andre@0: mech_info, symKey->objectID); andre@0: break; andre@0: case CKA_DECRYPT: andre@0: if (context->fortezzaHack) { andre@0: CK_ULONG count = 0;; andre@0: /* generate the IV for fortezza */ andre@0: crv=PK11_GETTAB(context->slot)->C_EncryptInit(context->session, andre@0: mech_info, symKey->objectID); andre@0: if (crv != CKR_OK) break; andre@0: PK11_GETTAB(context->slot)->C_EncryptFinal(context->session, andre@0: NULL, &count); andre@0: } andre@0: crv=PK11_GETTAB(context->slot)->C_DecryptInit(context->session, andre@0: mech_info, symKey->objectID); andre@0: break; andre@0: case CKA_SIGN: andre@0: crv=PK11_GETTAB(context->slot)->C_SignInit(context->session, andre@0: mech_info, symKey->objectID); andre@0: break; andre@0: case CKA_VERIFY: andre@0: crv=PK11_GETTAB(context->slot)->C_SignInit(context->session, andre@0: mech_info, symKey->objectID); andre@0: break; andre@0: case CKA_DIGEST: andre@0: crv=PK11_GETTAB(context->slot)->C_DigestInit(context->session, andre@0: mech_info); andre@0: break; andre@0: default: andre@0: crv = CKR_OPERATION_NOT_INITIALIZED; andre@0: break; andre@0: } andre@0: andre@0: if (crv != CKR_OK) { andre@0: PORT_SetError( PK11_MapError(crv) ); andre@0: return SECFailure; andre@0: } andre@0: andre@0: /* andre@0: * handle session starvation case.. use our last session to multiplex andre@0: */ andre@0: if (!context->ownSession) { andre@0: context->savedData = pk11_saveContext(context,context->savedData, andre@0: &context->savedLength); andre@0: if (context->savedData == NULL) rv = SECFailure; andre@0: /* clear out out session for others to use */ andre@0: pk11_Finalize(context); andre@0: } andre@0: return rv; andre@0: } andre@0: andre@0: andre@0: /* andre@0: * Common Helper Function do come up with a new context. andre@0: */ andre@0: static PK11Context *pk11_CreateNewContextInSlot(CK_MECHANISM_TYPE type, andre@0: PK11SlotInfo *slot, CK_ATTRIBUTE_TYPE operation, PK11SymKey *symKey, andre@0: SECItem *param) andre@0: { andre@0: CK_MECHANISM mech_info; andre@0: PK11Context *context; andre@0: SECStatus rv; andre@0: andre@0: PORT_Assert(slot != NULL); andre@0: if (!slot || (!symKey && ((operation != CKA_DIGEST) || andre@0: (type == CKM_SKIPJACK_CBC64)))) { andre@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); andre@0: return NULL; andre@0: } andre@0: context = (PK11Context *) PORT_Alloc(sizeof(PK11Context)); andre@0: if (context == NULL) { andre@0: return NULL; andre@0: } andre@0: andre@0: /* now deal with the fortezza hack... the fortezza hack is an attempt andre@0: * to get around the issue of the card not allowing you to do a FORTEZZA andre@0: * LoadIV/Encrypt, which was added because such a combination could be andre@0: * use to circumvent the key escrow system. Unfortunately SSL needs to andre@0: * do this kind of operation, so in SSL we do a loadIV (to verify it), andre@0: * Then GenerateIV, and through away the first 8 bytes on either side andre@0: * of the connection.*/ andre@0: context->fortezzaHack = PR_FALSE; andre@0: if (type == CKM_SKIPJACK_CBC64) { andre@0: if (symKey->origin == PK11_OriginFortezzaHack) { andre@0: context->fortezzaHack = PR_TRUE; andre@0: } andre@0: } andre@0: andre@0: /* initialize the critical fields of the context */ andre@0: context->operation = operation; andre@0: context->key = symKey ? PK11_ReferenceSymKey(symKey) : NULL; andre@0: context->slot = PK11_ReferenceSlot(slot); andre@0: context->session = pk11_GetNewSession(slot,&context->ownSession); andre@0: context->cx = symKey ? symKey->cx : NULL; andre@0: /* get our session */ andre@0: context->savedData = NULL; andre@0: andre@0: /* save the parameters so that some digesting stuff can do multiple andre@0: * begins on a single context */ andre@0: context->type = type; andre@0: if (param) { andre@0: if (param->len > 0) { andre@0: context->param = SECITEM_DupItem(param); andre@0: } else { andre@0: context->param = (SECItem *)&pk11_null_params; andre@0: } andre@0: } else { andre@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); andre@0: context->param = NULL; andre@0: } andre@0: context->init = PR_FALSE; andre@0: context->sessionLock = PZ_NewLock(nssILockPK11cxt); andre@0: if ((context->param == NULL) || (context->sessionLock == NULL)) { andre@0: PK11_DestroyContext(context,PR_TRUE); andre@0: return NULL; andre@0: } andre@0: andre@0: mech_info.mechanism = type; andre@0: mech_info.pParameter = param->data; andre@0: mech_info.ulParameterLen = param->len; andre@0: PK11_EnterContextMonitor(context); andre@0: rv = pk11_context_init(context,&mech_info); andre@0: PK11_ExitContextMonitor(context); andre@0: andre@0: if (rv != SECSuccess) { andre@0: PK11_DestroyContext(context,PR_TRUE); andre@0: return NULL; andre@0: } andre@0: context->init = PR_TRUE; andre@0: return context; andre@0: } andre@0: andre@0: andre@0: /* andre@0: * put together the various PK11_Create_Context calls used by different andre@0: * parts of libsec. andre@0: */ andre@0: PK11Context * andre@0: __PK11_CreateContextByRawKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, andre@0: PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key, andre@0: SECItem *param, void *wincx) andre@0: { andre@0: PK11SymKey *symKey = NULL; andre@0: PK11Context *context = NULL; andre@0: andre@0: /* first get a slot */ andre@0: if (slot == NULL) { andre@0: slot = PK11_GetBestSlot(type,wincx); andre@0: if (slot == NULL) { andre@0: PORT_SetError( SEC_ERROR_NO_MODULE ); andre@0: goto loser; andre@0: } andre@0: } else { andre@0: PK11_ReferenceSlot(slot); andre@0: } andre@0: andre@0: /* now import the key */ andre@0: symKey = PK11_ImportSymKey(slot, type, origin, operation, key, wincx); andre@0: if (symKey == NULL) goto loser; andre@0: andre@0: context = PK11_CreateContextBySymKey(type, operation, symKey, param); andre@0: andre@0: loser: andre@0: if (symKey) { andre@0: PK11_FreeSymKey(symKey); andre@0: } andre@0: if (slot) { andre@0: PK11_FreeSlot(slot); andre@0: } andre@0: andre@0: return context; andre@0: } andre@0: andre@0: PK11Context * andre@0: PK11_CreateContextByRawKey(PK11SlotInfo *slot, CK_MECHANISM_TYPE type, andre@0: PK11Origin origin, CK_ATTRIBUTE_TYPE operation, SECItem *key, andre@0: SECItem *param, void *wincx) andre@0: { andre@0: return __PK11_CreateContextByRawKey(slot, type, origin, operation, andre@0: key, param, wincx); andre@0: } andre@0: andre@0: andre@0: /* andre@0: * Create a context from a key. We really should make sure we aren't using andre@0: * the same key in multiple session! andre@0: */ andre@0: PK11Context * andre@0: PK11_CreateContextBySymKey(CK_MECHANISM_TYPE type,CK_ATTRIBUTE_TYPE operation, andre@0: PK11SymKey *symKey, SECItem *param) andre@0: { andre@0: PK11SymKey *newKey; andre@0: PK11Context *context; andre@0: andre@0: /* if this slot doesn't support the mechanism, go to a slot that does */ andre@0: newKey = pk11_ForceSlot(symKey,type,operation); andre@0: if (newKey == NULL) { andre@0: PK11_ReferenceSymKey(symKey); andre@0: } else { andre@0: symKey = newKey; andre@0: } andre@0: andre@0: andre@0: /* Context Adopts the symKey.... */ andre@0: context = pk11_CreateNewContextInSlot(type, symKey->slot, operation, symKey, andre@0: param); andre@0: PK11_FreeSymKey(symKey); andre@0: return context; andre@0: } andre@0: andre@0: /* andre@0: * Digest contexts don't need keys, but the do need to find a slot. andre@0: * Macing should use PK11_CreateContextBySymKey. andre@0: */ andre@0: PK11Context * andre@0: PK11_CreateDigestContext(SECOidTag hashAlg) andre@0: { andre@0: /* digesting has to work without authentication to the slot */ andre@0: CK_MECHANISM_TYPE type; andre@0: PK11SlotInfo *slot; andre@0: PK11Context *context; andre@0: SECItem param; andre@0: andre@0: type = PK11_AlgtagToMechanism(hashAlg); andre@0: slot = PK11_GetBestSlot(type, NULL); andre@0: if (slot == NULL) { andre@0: PORT_SetError( SEC_ERROR_NO_MODULE ); andre@0: return NULL; andre@0: } andre@0: andre@0: /* maybe should really be PK11_GenerateNewParam?? */ andre@0: param.data = NULL; andre@0: param.len = 0; andre@0: param.type = 0; andre@0: andre@0: context = pk11_CreateNewContextInSlot(type, slot, CKA_DIGEST, NULL, ¶m); andre@0: PK11_FreeSlot(slot); andre@0: return context; andre@0: } andre@0: andre@0: /* andre@0: * create a new context which is the clone of the state of old context. andre@0: */ andre@0: PK11Context * PK11_CloneContext(PK11Context *old) andre@0: { andre@0: PK11Context *newcx; andre@0: PRBool needFree = PR_FALSE; andre@0: SECStatus rv = SECSuccess; andre@0: void *data; andre@0: unsigned long len; andre@0: andre@0: newcx = pk11_CreateNewContextInSlot(old->type, old->slot, old->operation, andre@0: old->key, old->param); andre@0: if (newcx == NULL) return NULL; andre@0: andre@0: /* now clone the save state. First we need to find the save state andre@0: * of the old session. If the old context owns it's session, andre@0: * the state needs to be saved, otherwise the state is in saveData. */ andre@0: if (old->ownSession) { andre@0: PK11_EnterContextMonitor(old); andre@0: data=pk11_saveContext(old,NULL,&len); andre@0: PK11_ExitContextMonitor(old); andre@0: needFree = PR_TRUE; andre@0: } else { andre@0: data = old->savedData; andre@0: len = old->savedLength; andre@0: } andre@0: andre@0: if (data == NULL) { andre@0: PK11_DestroyContext(newcx,PR_TRUE); andre@0: return NULL; andre@0: } andre@0: andre@0: /* now copy that state into our new context. Again we have different andre@0: * work if the new context owns it's own session. If it does, we andre@0: * restore the state gathered above. If it doesn't, we copy the andre@0: * saveData pointer... */ andre@0: if (newcx->ownSession) { andre@0: PK11_EnterContextMonitor(newcx); andre@0: rv = pk11_restoreContext(newcx,data,len); andre@0: PK11_ExitContextMonitor(newcx); andre@0: } else { andre@0: PORT_Assert(newcx->savedData != NULL); andre@0: if ((newcx->savedData == NULL) || (newcx->savedLength < len)) { andre@0: PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); andre@0: rv = SECFailure; andre@0: } else { andre@0: PORT_Memcpy(newcx->savedData,data,len); andre@0: newcx->savedLength = len; andre@0: } andre@0: } andre@0: andre@0: if (needFree) PORT_Free(data); andre@0: andre@0: if (rv != SECSuccess) { andre@0: PK11_DestroyContext(newcx,PR_TRUE); andre@0: return NULL; andre@0: } andre@0: return newcx; andre@0: } andre@0: andre@0: /* andre@0: * save the current context state into a variable. Required to make FORTEZZA andre@0: * work. andre@0: */ andre@0: SECStatus andre@0: PK11_SaveContext(PK11Context *cx,unsigned char *save,int *len, int saveLength) andre@0: { andre@0: unsigned char * data = NULL; andre@0: CK_ULONG length = saveLength; andre@0: andre@0: if (cx->ownSession) { andre@0: PK11_EnterContextMonitor(cx); andre@0: data = pk11_saveContextHelper(cx, save, &length); andre@0: PK11_ExitContextMonitor(cx); andre@0: if (data) *len = length; andre@0: } else if ((unsigned) saveLength >= cx->savedLength) { andre@0: data = (unsigned char*)cx->savedData; andre@0: if (cx->savedData) { andre@0: PORT_Memcpy(save,cx->savedData,cx->savedLength); andre@0: } andre@0: *len = cx->savedLength; andre@0: } andre@0: if (data != NULL) { andre@0: if (cx->ownSession) { andre@0: PORT_ZFree(data, length); andre@0: } andre@0: return SECSuccess; andre@0: } else { andre@0: return SECFailure; andre@0: } andre@0: } andre@0: andre@0: /* same as above, but may allocate the return buffer. */ andre@0: unsigned char * andre@0: PK11_SaveContextAlloc(PK11Context *cx, andre@0: unsigned char *preAllocBuf, unsigned int pabLen, andre@0: unsigned int *stateLen) andre@0: { andre@0: unsigned char *stateBuf = NULL; andre@0: unsigned long length = (unsigned long)pabLen; andre@0: andre@0: if (cx->ownSession) { andre@0: PK11_EnterContextMonitor(cx); andre@0: stateBuf = pk11_saveContextHelper(cx, preAllocBuf, &length); andre@0: PK11_ExitContextMonitor(cx); andre@0: *stateLen = (stateBuf != NULL) ? length : 0; andre@0: } else { andre@0: if (pabLen < cx->savedLength) { andre@0: stateBuf = (unsigned char *)PORT_Alloc(cx->savedLength); andre@0: if (!stateBuf) { andre@0: return (unsigned char *)NULL; andre@0: } andre@0: } else { andre@0: stateBuf = preAllocBuf; andre@0: } andre@0: if (cx->savedData) { andre@0: PORT_Memcpy(stateBuf, cx->savedData, cx->savedLength); andre@0: } andre@0: *stateLen = cx->savedLength; andre@0: } andre@0: return stateBuf; andre@0: } andre@0: andre@0: /* andre@0: * restore the context state into a new running context. Also required for andre@0: * FORTEZZA . andre@0: */ andre@0: SECStatus andre@0: PK11_RestoreContext(PK11Context *cx,unsigned char *save,int len) andre@0: { andre@0: SECStatus rv = SECSuccess; andre@0: if (cx->ownSession) { andre@0: PK11_EnterContextMonitor(cx); andre@0: pk11_Finalize(cx); andre@0: rv = pk11_restoreContext(cx,save,len); andre@0: PK11_ExitContextMonitor(cx); andre@0: } else { andre@0: PORT_Assert(cx->savedData != NULL); andre@0: if ((cx->savedData == NULL) || (cx->savedLength < (unsigned) len)) { andre@0: PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); andre@0: rv = SECFailure; andre@0: } else { andre@0: PORT_Memcpy(cx->savedData,save,len); andre@0: cx->savedLength = len; andre@0: } andre@0: } andre@0: return rv; andre@0: } andre@0: andre@0: /* andre@0: * This is to get FIPS compliance until we can convert andre@0: * libjar to use PK11_ hashing functions. It returns PR_FALSE andre@0: * if we can't get a PK11 Context. andre@0: */ andre@0: PRBool andre@0: PK11_HashOK(SECOidTag algID) { andre@0: PK11Context *cx; andre@0: andre@0: cx = PK11_CreateDigestContext(algID); andre@0: if (cx == NULL) return PR_FALSE; andre@0: PK11_DestroyContext(cx, PR_TRUE); andre@0: return PR_TRUE; andre@0: } andre@0: andre@0: andre@0: andre@0: /* andre@0: * start a new digesting or Mac'ing operation on this context andre@0: */ andre@0: SECStatus PK11_DigestBegin(PK11Context *cx) andre@0: { andre@0: CK_MECHANISM mech_info; andre@0: SECStatus rv; andre@0: andre@0: if (cx->init == PR_TRUE) { andre@0: return SECSuccess; andre@0: } andre@0: andre@0: /* andre@0: * make sure the old context is clear first andre@0: */ andre@0: PK11_EnterContextMonitor(cx); andre@0: pk11_Finalize(cx); andre@0: andre@0: mech_info.mechanism = cx->type; andre@0: mech_info.pParameter = cx->param->data; andre@0: mech_info.ulParameterLen = cx->param->len; andre@0: rv = pk11_context_init(cx,&mech_info); andre@0: PK11_ExitContextMonitor(cx); andre@0: andre@0: if (rv != SECSuccess) { andre@0: return SECFailure; andre@0: } andre@0: cx->init = PR_TRUE; andre@0: return SECSuccess; andre@0: } andre@0: andre@0: SECStatus andre@0: PK11_HashBuf(SECOidTag hashAlg, unsigned char *out, const unsigned char *in, andre@0: PRInt32 len) { andre@0: PK11Context *context; andre@0: unsigned int max_length; andre@0: unsigned int out_length; andre@0: SECStatus rv; andre@0: andre@0: /* len will be passed to PK11_DigestOp as unsigned. */ andre@0: if (len < 0) { andre@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); andre@0: return SECFailure; andre@0: } andre@0: andre@0: context = PK11_CreateDigestContext(hashAlg); andre@0: if (context == NULL) return SECFailure; andre@0: andre@0: rv = PK11_DigestBegin(context); andre@0: if (rv != SECSuccess) { andre@0: PK11_DestroyContext(context, PR_TRUE); andre@0: return rv; andre@0: } andre@0: andre@0: rv = PK11_DigestOp(context, in, len); andre@0: if (rv != SECSuccess) { andre@0: PK11_DestroyContext(context, PR_TRUE); andre@0: return rv; andre@0: } andre@0: andre@0: /* XXX This really should have been an argument to this function! */ andre@0: max_length = HASH_ResultLenByOidTag(hashAlg); andre@0: PORT_Assert(max_length); andre@0: if (!max_length) andre@0: max_length = HASH_LENGTH_MAX; andre@0: andre@0: rv = PK11_DigestFinal(context,out,&out_length,max_length); andre@0: PK11_DestroyContext(context, PR_TRUE); andre@0: return rv; andre@0: } andre@0: andre@0: andre@0: /* andre@0: * execute a bulk encryption operation andre@0: */ andre@0: SECStatus andre@0: PK11_CipherOp(PK11Context *context, unsigned char * out, int *outlen, andre@0: int maxout, const unsigned char *in, int inlen) andre@0: { andre@0: CK_RV crv = CKR_OK; andre@0: CK_ULONG length = maxout; andre@0: CK_ULONG offset =0; andre@0: SECStatus rv = SECSuccess; andre@0: unsigned char *saveOut = out; andre@0: unsigned char *allocOut = NULL; andre@0: andre@0: /* if we ran out of session, we need to restore our previously stored andre@0: * state. andre@0: */ andre@0: PK11_EnterContextMonitor(context); andre@0: if (!context->ownSession) { andre@0: rv = pk11_restoreContext(context,context->savedData, andre@0: context->savedLength); andre@0: if (rv != SECSuccess) { andre@0: PK11_ExitContextMonitor(context); andre@0: return rv; andre@0: } andre@0: } andre@0: andre@0: /* andre@0: * The fortezza hack is to send 8 extra bytes on the first encrypted and andre@0: * lose them on the first decrypt. andre@0: */ andre@0: if (context->fortezzaHack) { andre@0: unsigned char random[8]; andre@0: if (context->operation == CKA_ENCRYPT) { andre@0: PK11_ExitContextMonitor(context); andre@0: rv = PK11_GenerateRandom(random,sizeof(random)); andre@0: PK11_EnterContextMonitor(context); andre@0: andre@0: /* since we are offseting the output, we can't encrypt back into andre@0: * the same buffer... allocate a temporary buffer just for this andre@0: * call. */ andre@0: allocOut = out = (unsigned char*)PORT_Alloc(maxout); andre@0: if (out == NULL) { andre@0: PK11_ExitContextMonitor(context); andre@0: return SECFailure; andre@0: } andre@0: crv = PK11_GETTAB(context->slot)->C_EncryptUpdate(context->session, andre@0: random,sizeof(random),out,&length); andre@0: andre@0: out += length; andre@0: maxout -= length; andre@0: offset = length; andre@0: } else if (context->operation == CKA_DECRYPT) { andre@0: length = sizeof(random); andre@0: crv = PK11_GETTAB(context->slot)->C_DecryptUpdate(context->session, andre@0: (CK_BYTE_PTR)in,sizeof(random),random,&length); andre@0: inlen -= length; andre@0: in += length; andre@0: context->fortezzaHack = PR_FALSE; andre@0: } andre@0: } andre@0: andre@0: switch (context->operation) { andre@0: case CKA_ENCRYPT: andre@0: length = maxout; andre@0: crv=PK11_GETTAB(context->slot)->C_EncryptUpdate(context->session, andre@0: (CK_BYTE_PTR)in, inlen, andre@0: out, &length); andre@0: length += offset; andre@0: break; andre@0: case CKA_DECRYPT: andre@0: length = maxout; andre@0: crv=PK11_GETTAB(context->slot)->C_DecryptUpdate(context->session, andre@0: (CK_BYTE_PTR)in, inlen, andre@0: out, &length); andre@0: break; andre@0: default: andre@0: crv = CKR_OPERATION_NOT_INITIALIZED; andre@0: break; andre@0: } andre@0: andre@0: if (crv != CKR_OK) { andre@0: PORT_SetError( PK11_MapError(crv) ); andre@0: *outlen = 0; andre@0: rv = SECFailure; andre@0: } else { andre@0: *outlen = length; andre@0: } andre@0: andre@0: if (context->fortezzaHack) { andre@0: if (context->operation == CKA_ENCRYPT) { andre@0: PORT_Assert(allocOut); andre@0: PORT_Memcpy(saveOut, allocOut, length); andre@0: PORT_Free(allocOut); andre@0: } andre@0: context->fortezzaHack = PR_FALSE; andre@0: } andre@0: andre@0: /* andre@0: * handle session starvation case.. use our last session to multiplex andre@0: */ andre@0: if (!context->ownSession) { andre@0: context->savedData = pk11_saveContext(context,context->savedData, andre@0: &context->savedLength); andre@0: if (context->savedData == NULL) rv = SECFailure; andre@0: andre@0: /* clear out out session for others to use */ andre@0: pk11_Finalize(context); andre@0: } andre@0: PK11_ExitContextMonitor(context); andre@0: return rv; andre@0: } andre@0: andre@0: /* andre@0: * execute a digest/signature operation andre@0: */ andre@0: SECStatus andre@0: PK11_DigestOp(PK11Context *context, const unsigned char * in, unsigned inLen) andre@0: { andre@0: CK_RV crv = CKR_OK; andre@0: SECStatus rv = SECSuccess; andre@0: andre@0: if (inLen == 0) { andre@0: return SECSuccess; andre@0: } andre@0: if (!in) { andre@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); andre@0: return SECFailure; andre@0: } andre@0: andre@0: /* if we ran out of session, we need to restore our previously stored andre@0: * state. andre@0: */ andre@0: context->init = PR_FALSE; andre@0: PK11_EnterContextMonitor(context); andre@0: if (!context->ownSession) { andre@0: rv = pk11_restoreContext(context,context->savedData, andre@0: context->savedLength); andre@0: if (rv != SECSuccess) { andre@0: PK11_ExitContextMonitor(context); andre@0: return rv; andre@0: } andre@0: } andre@0: andre@0: switch (context->operation) { andre@0: /* also for MAC'ing */ andre@0: case CKA_SIGN: andre@0: crv=PK11_GETTAB(context->slot)->C_SignUpdate(context->session, andre@0: (unsigned char *)in, andre@0: inLen); andre@0: break; andre@0: case CKA_VERIFY: andre@0: crv=PK11_GETTAB(context->slot)->C_VerifyUpdate(context->session, andre@0: (unsigned char *)in, andre@0: inLen); andre@0: break; andre@0: case CKA_DIGEST: andre@0: crv=PK11_GETTAB(context->slot)->C_DigestUpdate(context->session, andre@0: (unsigned char *)in, andre@0: inLen); andre@0: break; andre@0: default: andre@0: crv = CKR_OPERATION_NOT_INITIALIZED; andre@0: break; andre@0: } andre@0: andre@0: if (crv != CKR_OK) { andre@0: PORT_SetError( PK11_MapError(crv) ); andre@0: rv = SECFailure; andre@0: } andre@0: andre@0: /* andre@0: * handle session starvation case.. use our last session to multiplex andre@0: */ andre@0: if (!context->ownSession) { andre@0: context->savedData = pk11_saveContext(context,context->savedData, andre@0: &context->savedLength); andre@0: if (context->savedData == NULL) rv = SECFailure; andre@0: andre@0: /* clear out out session for others to use */ andre@0: pk11_Finalize(context); andre@0: } andre@0: PK11_ExitContextMonitor(context); andre@0: return rv; andre@0: } andre@0: andre@0: /* andre@0: * Digest a key if possible./ andre@0: */ andre@0: SECStatus andre@0: PK11_DigestKey(PK11Context *context, PK11SymKey *key) andre@0: { andre@0: CK_RV crv = CKR_OK; andre@0: SECStatus rv = SECSuccess; andre@0: PK11SymKey *newKey = NULL; andre@0: andre@0: if (!context || !key) { andre@0: PORT_SetError(SEC_ERROR_INVALID_ARGS); andre@0: return SECFailure; andre@0: } andre@0: andre@0: /* if we ran out of session, we need to restore our previously stored andre@0: * state. andre@0: */ andre@0: if (context->slot != key->slot) { andre@0: newKey = pk11_CopyToSlot(context->slot,CKM_SSL3_SHA1_MAC,CKA_SIGN,key); andre@0: } else { andre@0: newKey = PK11_ReferenceSymKey(key); andre@0: } andre@0: andre@0: context->init = PR_FALSE; andre@0: PK11_EnterContextMonitor(context); andre@0: if (!context->ownSession) { andre@0: rv = pk11_restoreContext(context,context->savedData, andre@0: context->savedLength); andre@0: if (rv != SECSuccess) { andre@0: PK11_ExitContextMonitor(context); andre@0: PK11_FreeSymKey(newKey); andre@0: return rv; andre@0: } andre@0: } andre@0: andre@0: andre@0: if (newKey == NULL) { andre@0: crv = CKR_KEY_TYPE_INCONSISTENT; andre@0: if (key->data.data) { andre@0: crv=PK11_GETTAB(context->slot)->C_DigestUpdate(context->session, andre@0: key->data.data,key->data.len); andre@0: } andre@0: } else { andre@0: crv=PK11_GETTAB(context->slot)->C_DigestKey(context->session, andre@0: newKey->objectID); andre@0: } andre@0: andre@0: if (crv != CKR_OK) { andre@0: PORT_SetError( PK11_MapError(crv) ); andre@0: rv = SECFailure; andre@0: } andre@0: andre@0: /* andre@0: * handle session starvation case.. use our last session to multiplex andre@0: */ andre@0: if (!context->ownSession) { andre@0: context->savedData = pk11_saveContext(context,context->savedData, andre@0: &context->savedLength); andre@0: if (context->savedData == NULL) rv = SECFailure; andre@0: andre@0: /* clear out out session for others to use */ andre@0: pk11_Finalize(context); andre@0: } andre@0: PK11_ExitContextMonitor(context); andre@0: if (newKey) PK11_FreeSymKey(newKey); andre@0: return rv; andre@0: } andre@0: andre@0: /* andre@0: * externally callable version of the lowercase pk11_finalize(). andre@0: */ andre@0: SECStatus andre@0: PK11_Finalize(PK11Context *context) { andre@0: SECStatus rv; andre@0: andre@0: PK11_EnterContextMonitor(context); andre@0: rv = pk11_Finalize(context); andre@0: PK11_ExitContextMonitor(context); andre@0: return rv; andre@0: } andre@0: andre@0: /* andre@0: * clean up a cipher operation, so the session can be used by andre@0: * someone new. andre@0: */ andre@0: SECStatus andre@0: pk11_Finalize(PK11Context *context) andre@0: { andre@0: CK_ULONG count = 0; andre@0: CK_RV crv; andre@0: unsigned char stackBuf[256]; andre@0: unsigned char *buffer = NULL; andre@0: andre@0: if (!context->ownSession) { andre@0: return SECSuccess; andre@0: } andre@0: andre@0: finalize: andre@0: switch (context->operation) { andre@0: case CKA_ENCRYPT: andre@0: crv=PK11_GETTAB(context->slot)->C_EncryptFinal(context->session, andre@0: buffer, &count); andre@0: break; andre@0: case CKA_DECRYPT: andre@0: crv = PK11_GETTAB(context->slot)->C_DecryptFinal(context->session, andre@0: buffer, &count); andre@0: break; andre@0: case CKA_SIGN: andre@0: crv=PK11_GETTAB(context->slot)->C_SignFinal(context->session, andre@0: buffer, &count); andre@0: break; andre@0: case CKA_VERIFY: andre@0: crv=PK11_GETTAB(context->slot)->C_VerifyFinal(context->session, andre@0: buffer, count); andre@0: break; andre@0: case CKA_DIGEST: andre@0: crv=PK11_GETTAB(context->slot)->C_DigestFinal(context->session, andre@0: buffer, &count); andre@0: break; andre@0: default: andre@0: crv = CKR_OPERATION_NOT_INITIALIZED; andre@0: break; andre@0: } andre@0: andre@0: if (crv != CKR_OK) { andre@0: if (buffer != stackBuf) { andre@0: PORT_Free(buffer); andre@0: } andre@0: if (crv == CKR_OPERATION_NOT_INITIALIZED) { andre@0: /* if there's no operation, it is finalized */ andre@0: return SECSuccess; andre@0: } andre@0: PORT_SetError( PK11_MapError(crv) ); andre@0: return SECFailure; andre@0: } andre@0: andre@0: /* try to finalize the session with a buffer */ andre@0: if (buffer == NULL) { andre@0: if (count <= sizeof stackBuf) { andre@0: buffer = stackBuf; andre@0: } else { andre@0: buffer = PORT_Alloc(count); andre@0: if (buffer == NULL) { andre@0: PORT_SetError(SEC_ERROR_NO_MEMORY); andre@0: return SECFailure; andre@0: } andre@0: } andre@0: goto finalize; andre@0: } andre@0: if (buffer != stackBuf) { andre@0: PORT_Free(buffer); andre@0: } andre@0: return SECSuccess; andre@0: } andre@0: andre@0: /* andre@0: * Return the final digested or signed data... andre@0: * this routine can either take pre initialized data, or allocate data andre@0: * either out of an arena or out of the standard heap. andre@0: */ andre@0: SECStatus andre@0: PK11_DigestFinal(PK11Context *context,unsigned char *data, andre@0: unsigned int *outLen, unsigned int length) andre@0: { andre@0: CK_ULONG len; andre@0: CK_RV crv; andre@0: SECStatus rv; andre@0: andre@0: andre@0: /* if we ran out of session, we need to restore our previously stored andre@0: * state. andre@0: */ andre@0: PK11_EnterContextMonitor(context); andre@0: if (!context->ownSession) { andre@0: rv = pk11_restoreContext(context,context->savedData, andre@0: context->savedLength); andre@0: if (rv != SECSuccess) { andre@0: PK11_ExitContextMonitor(context); andre@0: return rv; andre@0: } andre@0: } andre@0: andre@0: len = length; andre@0: switch (context->operation) { andre@0: case CKA_SIGN: andre@0: crv=PK11_GETTAB(context->slot)->C_SignFinal(context->session, andre@0: data,&len); andre@0: break; andre@0: case CKA_VERIFY: andre@0: crv=PK11_GETTAB(context->slot)->C_VerifyFinal(context->session, andre@0: data,len); andre@0: break; andre@0: case CKA_DIGEST: andre@0: crv=PK11_GETTAB(context->slot)->C_DigestFinal(context->session, andre@0: data,&len); andre@0: break; andre@0: case CKA_ENCRYPT: andre@0: crv=PK11_GETTAB(context->slot)->C_EncryptFinal(context->session, andre@0: data, &len); andre@0: break; andre@0: case CKA_DECRYPT: andre@0: crv = PK11_GETTAB(context->slot)->C_DecryptFinal(context->session, andre@0: data, &len); andre@0: break; andre@0: default: andre@0: crv = CKR_OPERATION_NOT_INITIALIZED; andre@0: break; andre@0: } andre@0: PK11_ExitContextMonitor(context); andre@0: andre@0: *outLen = (unsigned int) len; andre@0: context->init = PR_FALSE; /* allow Begin to start up again */ andre@0: andre@0: andre@0: if (crv != CKR_OK) { andre@0: PORT_SetError( PK11_MapError(crv) ); andre@0: return SECFailure; andre@0: } andre@0: return SECSuccess; andre@0: } andre@0: