1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5 /*
6 * This file implements audit logging required by FIPS 140-2 Security
7 * Level 2.
8 */
9
10 #include "prprf.h"
11 #include "softoken.h"
12
13 /*
14 * Print the value of the returned object handle in the output buffer
15 * on a successful return of the PKCS #11 function. If the PKCS #11
16 * function failed or the pointer to object handle is NULL (which is
17 * the case for C_DeriveKey with CKM_TLS_KEY_AND_MAC_DERIVE), an empty
18 * string is stored in the output buffer.
19 *
20 * out: the output buffer
21 * outlen: the length of the output buffer
22 * argName: the name of the "pointer to object handle" argument
23 * phObject: the pointer to object handle
24 * rv: the return value of the PKCS #11 function
25 */
26 static void
sftk_PrintReturnedObjectHandle(char * out,PRUint32 outlen,const char * argName,CK_OBJECT_HANDLE_PTR phObject,CK_RV rv)27 sftk_PrintReturnedObjectHandle(char *out, PRUint32 outlen,
28 const char *argName, CK_OBJECT_HANDLE_PTR phObject, CK_RV rv)
29 {
30 if ((rv == CKR_OK) && phObject) {
31 PR_snprintf(out, outlen,
32 " *%s=0x%08lX", argName, (PRUint32)*phObject);
33 } else {
34 PORT_Assert(outlen != 0);
35 out[0] = '\0';
36 }
37 }
38
39 /*
40 * MECHANISM_BUFSIZE needs to be large enough for sftk_PrintMechanism,
41 * which uses <= 49 bytes.
42 */
43 #define MECHANISM_BUFSIZE 64
44
45 static void
sftk_PrintMechanism(char * out,PRUint32 outlen,CK_MECHANISM_PTR pMechanism)46 sftk_PrintMechanism(char *out, PRUint32 outlen,
47 CK_MECHANISM_PTR pMechanism)
48 {
49 if (pMechanism) {
50 /*
51 * If we change the format string, we need to make sure
52 * MECHANISM_BUFSIZE is still large enough. We allow
53 * 20 bytes for %p on a 64-bit platform.
54 */
55 PR_snprintf(out, outlen, "%p {mechanism=0x%08lX, ...}",
56 pMechanism, (PRUint32)pMechanism->mechanism);
57 } else {
58 PR_snprintf(out, outlen, "%p", pMechanism);
59 }
60 }
61
62 void
sftk_AuditCreateObject(CK_SESSION_HANDLE hSession,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,CK_OBJECT_HANDLE_PTR phObject,CK_RV rv)63 sftk_AuditCreateObject(CK_SESSION_HANDLE hSession,
64 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
65 CK_OBJECT_HANDLE_PTR phObject, CK_RV rv)
66 {
67 char msg[256];
68 char shObject[32];
69 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
70
71 sftk_PrintReturnedObjectHandle(shObject, sizeof shObject,
72 "phObject", phObject, rv);
73 PR_snprintf(msg, sizeof msg,
74 "C_CreateObject(hSession=0x%08lX, pTemplate=%p, ulCount=%lu, "
75 "phObject=%p)=0x%08lX%s",
76 (PRUint32)hSession, pTemplate, (PRUint32)ulCount,
77 phObject, (PRUint32)rv, shObject);
78 sftk_LogAuditMessage(severity, NSS_AUDIT_LOAD_KEY, msg);
79 }
80
81 void
sftk_AuditCopyObject(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,CK_OBJECT_HANDLE_PTR phNewObject,CK_RV rv)82 sftk_AuditCopyObject(CK_SESSION_HANDLE hSession,
83 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
84 CK_OBJECT_HANDLE_PTR phNewObject, CK_RV rv)
85 {
86 char msg[256];
87 char shNewObject[32];
88 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
89
90 sftk_PrintReturnedObjectHandle(shNewObject, sizeof shNewObject,
91 "phNewObject", phNewObject, rv);
92 PR_snprintf(msg, sizeof msg,
93 "C_CopyObject(hSession=0x%08lX, hObject=0x%08lX, "
94 "pTemplate=%p, ulCount=%lu, phNewObject=%p)=0x%08lX%s",
95 (PRUint32)hSession, (PRUint32)hObject,
96 pTemplate, (PRUint32)ulCount, phNewObject, (PRUint32)rv, shNewObject);
97 sftk_LogAuditMessage(severity, NSS_AUDIT_COPY_KEY, msg);
98 }
99
100 /* WARNING: hObject has been destroyed and can only be printed. */
101 void
sftk_AuditDestroyObject(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject,CK_RV rv)102 sftk_AuditDestroyObject(CK_SESSION_HANDLE hSession,
103 CK_OBJECT_HANDLE hObject, CK_RV rv)
104 {
105 char msg[256];
106 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
107
108 PR_snprintf(msg, sizeof msg,
109 "C_DestroyObject(hSession=0x%08lX, hObject=0x%08lX)=0x%08lX",
110 (PRUint32)hSession, (PRUint32)hObject, (PRUint32)rv);
111 sftk_LogAuditMessage(severity, NSS_AUDIT_DESTROY_KEY, msg);
112 }
113
114 void
sftk_AuditGetObjectSize(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject,CK_ULONG_PTR pulSize,CK_RV rv)115 sftk_AuditGetObjectSize(CK_SESSION_HANDLE hSession,
116 CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize, CK_RV rv)
117 {
118 char msg[256];
119 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
120
121 PR_snprintf(msg, sizeof msg,
122 "C_GetObjectSize(hSession=0x%08lX, hObject=0x%08lX, "
123 "pulSize=%p)=0x%08lX",
124 (PRUint32)hSession, (PRUint32)hObject,
125 pulSize, (PRUint32)rv);
126 sftk_LogAuditMessage(severity, NSS_AUDIT_ACCESS_KEY, msg);
127 }
128
129 void
sftk_AuditGetAttributeValue(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,CK_RV rv)130 sftk_AuditGetAttributeValue(CK_SESSION_HANDLE hSession,
131 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
132 CK_ULONG ulCount, CK_RV rv)
133 {
134 char msg[256];
135 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
136
137 PR_snprintf(msg, sizeof msg,
138 "C_GetAttributeValue(hSession=0x%08lX, hObject=0x%08lX, "
139 "pTemplate=%p, ulCount=%lu)=0x%08lX",
140 (PRUint32)hSession, (PRUint32)hObject,
141 pTemplate, (PRUint32)ulCount, (PRUint32)rv);
142 sftk_LogAuditMessage(severity, NSS_AUDIT_ACCESS_KEY, msg);
143 }
144
145 void
sftk_AuditSetAttributeValue(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,CK_RV rv)146 sftk_AuditSetAttributeValue(CK_SESSION_HANDLE hSession,
147 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
148 CK_ULONG ulCount, CK_RV rv)
149 {
150 char msg[256];
151 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
152
153 PR_snprintf(msg, sizeof msg,
154 "C_SetAttributeValue(hSession=0x%08lX, hObject=0x%08lX, "
155 "pTemplate=%p, ulCount=%lu)=0x%08lX",
156 (PRUint32)hSession, (PRUint32)hObject,
157 pTemplate, (PRUint32)ulCount, (PRUint32)rv);
158 sftk_LogAuditMessage(severity, NSS_AUDIT_CHANGE_KEY, msg);
159 }
160
161 void
sftk_AuditCryptInit(const char * opName,CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey,CK_RV rv)162 sftk_AuditCryptInit(const char *opName, CK_SESSION_HANDLE hSession,
163 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey, CK_RV rv)
164 {
165 char msg[256];
166 char mech[MECHANISM_BUFSIZE];
167 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
168
169 sftk_PrintMechanism(mech, sizeof mech, pMechanism);
170 PR_snprintf(msg, sizeof msg,
171 "C_%sInit(hSession=0x%08lX, pMechanism=%s, "
172 "hKey=0x%08lX)=0x%08lX",
173 opName, (PRUint32)hSession, mech,
174 (PRUint32)hKey, (PRUint32)rv);
175 sftk_LogAuditMessage(severity, NSS_AUDIT_CRYPT, msg);
176 }
177
178 void
sftk_AuditGenerateKey(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,CK_OBJECT_HANDLE_PTR phKey,CK_RV rv)179 sftk_AuditGenerateKey(CK_SESSION_HANDLE hSession,
180 CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate,
181 CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey, CK_RV rv)
182 {
183 char msg[256];
184 char mech[MECHANISM_BUFSIZE];
185 char shKey[32];
186 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
187
188 sftk_PrintMechanism(mech, sizeof mech, pMechanism);
189 sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv);
190 PR_snprintf(msg, sizeof msg,
191 "C_GenerateKey(hSession=0x%08lX, pMechanism=%s, "
192 "pTemplate=%p, ulCount=%lu, phKey=%p)=0x%08lX%s",
193 (PRUint32)hSession, mech,
194 pTemplate, (PRUint32)ulCount, phKey, (PRUint32)rv, shKey);
195 sftk_LogAuditMessage(severity, NSS_AUDIT_GENERATE_KEY, msg);
196 }
197
198 void
sftk_AuditGenerateKeyPair(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pPublicKeyTemplate,CK_ULONG ulPublicKeyAttributeCount,CK_ATTRIBUTE_PTR pPrivateKeyTemplate,CK_ULONG ulPrivateKeyAttributeCount,CK_OBJECT_HANDLE_PTR phPublicKey,CK_OBJECT_HANDLE_PTR phPrivateKey,CK_RV rv)199 sftk_AuditGenerateKeyPair(CK_SESSION_HANDLE hSession,
200 CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
201 CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
202 CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
203 CK_OBJECT_HANDLE_PTR phPrivateKey, CK_RV rv)
204 {
205 char msg[512];
206 char mech[MECHANISM_BUFSIZE];
207 char shPublicKey[32];
208 char shPrivateKey[32];
209 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
210
211 sftk_PrintMechanism(mech, sizeof mech, pMechanism);
212 sftk_PrintReturnedObjectHandle(shPublicKey, sizeof shPublicKey,
213 "phPublicKey", phPublicKey, rv);
214 sftk_PrintReturnedObjectHandle(shPrivateKey, sizeof shPrivateKey,
215 "phPrivateKey", phPrivateKey, rv);
216 PR_snprintf(msg, sizeof msg,
217 "C_GenerateKeyPair(hSession=0x%08lX, pMechanism=%s, "
218 "pPublicKeyTemplate=%p, ulPublicKeyAttributeCount=%lu, "
219 "pPrivateKeyTemplate=%p, ulPrivateKeyAttributeCount=%lu, "
220 "phPublicKey=%p, phPrivateKey=%p)=0x%08lX%s%s",
221 (PRUint32)hSession, mech,
222 pPublicKeyTemplate, (PRUint32)ulPublicKeyAttributeCount,
223 pPrivateKeyTemplate, (PRUint32)ulPrivateKeyAttributeCount,
224 phPublicKey, phPrivateKey, (PRUint32)rv, shPublicKey, shPrivateKey);
225 sftk_LogAuditMessage(severity, NSS_AUDIT_GENERATE_KEY, msg);
226 }
227
228 void
sftk_AuditWrapKey(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hWrappingKey,CK_OBJECT_HANDLE hKey,CK_BYTE_PTR pWrappedKey,CK_ULONG_PTR pulWrappedKeyLen,CK_RV rv)229 sftk_AuditWrapKey(CK_SESSION_HANDLE hSession,
230 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
231 CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
232 CK_ULONG_PTR pulWrappedKeyLen, CK_RV rv)
233 {
234 char msg[256];
235 char mech[MECHANISM_BUFSIZE];
236 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
237
238 sftk_PrintMechanism(mech, sizeof mech, pMechanism);
239 PR_snprintf(msg, sizeof msg,
240 "C_WrapKey(hSession=0x%08lX, pMechanism=%s, hWrappingKey=0x%08lX, "
241 "hKey=0x%08lX, pWrappedKey=%p, pulWrappedKeyLen=%p)=0x%08lX",
242 (PRUint32)hSession, mech, (PRUint32)hWrappingKey,
243 (PRUint32)hKey, pWrappedKey, pulWrappedKeyLen, (PRUint32)rv);
244 sftk_LogAuditMessage(severity, NSS_AUDIT_WRAP_KEY, msg);
245 }
246
247 void
sftk_AuditUnwrapKey(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hUnwrappingKey,CK_BYTE_PTR pWrappedKey,CK_ULONG ulWrappedKeyLen,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulAttributeCount,CK_OBJECT_HANDLE_PTR phKey,CK_RV rv)248 sftk_AuditUnwrapKey(CK_SESSION_HANDLE hSession,
249 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
250 CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
251 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
252 CK_OBJECT_HANDLE_PTR phKey, CK_RV rv)
253 {
254 char msg[256];
255 char mech[MECHANISM_BUFSIZE];
256 char shKey[32];
257 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
258
259 sftk_PrintMechanism(mech, sizeof mech, pMechanism);
260 sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv);
261 PR_snprintf(msg, sizeof msg,
262 "C_UnwrapKey(hSession=0x%08lX, pMechanism=%s, "
263 "hUnwrappingKey=0x%08lX, pWrappedKey=%p, ulWrappedKeyLen=%lu, "
264 "pTemplate=%p, ulAttributeCount=%lu, phKey=%p)=0x%08lX%s",
265 (PRUint32)hSession, mech,
266 (PRUint32)hUnwrappingKey, pWrappedKey, (PRUint32)ulWrappedKeyLen,
267 pTemplate, (PRUint32)ulAttributeCount, phKey, (PRUint32)rv, shKey);
268 sftk_LogAuditMessage(severity, NSS_AUDIT_UNWRAP_KEY, msg);
269 }
270
271 void
sftk_AuditDeriveKey(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hBaseKey,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulAttributeCount,CK_OBJECT_HANDLE_PTR phKey,CK_RV rv)272 sftk_AuditDeriveKey(CK_SESSION_HANDLE hSession,
273 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
274 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
275 CK_OBJECT_HANDLE_PTR phKey, CK_RV rv)
276 {
277 char msg[512];
278 char mech[MECHANISM_BUFSIZE];
279 char shKey[32];
280 char sTlsKeys[128];
281 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
282
283 sftk_PrintMechanism(mech, sizeof mech, pMechanism);
284 sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv);
285 if ((rv == CKR_OK) &&
286 (pMechanism->mechanism == CKM_TLS_KEY_AND_MAC_DERIVE)) {
287 CK_SSL3_KEY_MAT_PARAMS *param =
288 (CK_SSL3_KEY_MAT_PARAMS *)pMechanism->pParameter;
289 CK_SSL3_KEY_MAT_OUT *keymat = param->pReturnedKeyMaterial;
290 PR_snprintf(sTlsKeys, sizeof sTlsKeys,
291 " hClientMacSecret=0x%08lX hServerMacSecret=0x%08lX"
292 " hClientKey=0x%08lX hServerKey=0x%08lX",
293 (PRUint32)keymat->hClientMacSecret,
294 (PRUint32)keymat->hServerMacSecret,
295 (PRUint32)keymat->hClientKey,
296 (PRUint32)keymat->hServerKey);
297 } else {
298 sTlsKeys[0] = '\0';
299 }
300 PR_snprintf(msg, sizeof msg,
301 "C_DeriveKey(hSession=0x%08lX, pMechanism=%s, "
302 "hBaseKey=0x%08lX, pTemplate=%p, ulAttributeCount=%lu, "
303 "phKey=%p)=0x%08lX%s%s",
304 (PRUint32)hSession, mech,
305 (PRUint32)hBaseKey, pTemplate, (PRUint32)ulAttributeCount,
306 phKey, (PRUint32)rv, shKey, sTlsKeys);
307 sftk_LogAuditMessage(severity, NSS_AUDIT_DERIVE_KEY, msg);
308 }
309
310 void
sftk_AuditDigestKey(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hKey,CK_RV rv)311 sftk_AuditDigestKey(CK_SESSION_HANDLE hSession,
312 CK_OBJECT_HANDLE hKey, CK_RV rv)
313 {
314 char msg[256];
315 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
316
317 PR_snprintf(msg, sizeof msg,
318 "C_DigestKey(hSession=0x%08lX, hKey=0x%08lX)=0x%08lX",
319 (PRUint32)hSession, (PRUint32)hKey, (PRUint32)rv);
320 sftk_LogAuditMessage(severity, NSS_AUDIT_DIGEST_KEY, msg);
321 }
322