1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /*
5 * This file implements PKCS 11 on top of our existing security modules
6 *
7 * For more information about PKCS 11 See PKCS 11 Token Inteface Standard.
8 * This implementation has two slots:
9 * slot 1 is our generic crypto support. It does not require login
10 * (unless you've enabled FIPS). It supports Public Key ops, and all they
11 * bulk ciphers and hashes. It can also support Private Key ops for imported
12 * Private keys. It does not have any token storage.
13 * slot 2 is our private key support. It requires a login before use. It
14 * can store Private Keys and Certs as token objects. Currently only private
15 * keys and their associated Certificates are saved on the token.
16 *
17 * In this implementation, session objects are only visible to the session
18 * that created or generated them.
19 */
20 #include "seccomon.h"
21 #include "softoken.h"
22 #include "lowkeyi.h"
23 #include "pkcs11.h"
24 #include "pkcs11i.h"
25 #include "prenv.h"
26 #include "prprf.h"
27
28 #include <ctype.h>
29
30 #ifdef XP_UNIX
31 #define NSS_AUDIT_WITH_SYSLOG 1
32 #include <syslog.h>
33 #include <unistd.h>
34 #endif
35
36 #ifdef LINUX
37 #include <pthread.h>
38 #include <dlfcn.h>
39 #define LIBAUDIT_NAME "libaudit.so.0"
40 #ifndef AUDIT_CRYPTO_TEST_USER
41 #define AUDIT_CRYPTO_TEST_USER 2400 /* Crypto test results */
42 #define AUDIT_CRYPTO_PARAM_CHANGE_USER 2401 /* Crypto attribute change */
43 #define AUDIT_CRYPTO_LOGIN 2402 /* Logged in as crypto officer */
44 #define AUDIT_CRYPTO_LOGOUT 2403 /* Logged out from crypto */
45 #define AUDIT_CRYPTO_KEY_USER 2404 /* Create,delete,negotiate */
46 #define AUDIT_CRYPTO_FAILURE_USER 2405 /* Fail decrypt,encrypt,randomize */
47 #endif
48 static void *libaudit_handle;
49 static int (*audit_open_func)(void);
50 static void (*audit_close_func)(int fd);
51 static int (*audit_log_user_message_func)(int audit_fd, int type,
52 const char *message, const char *hostname, const char *addr,
53 const char *tty, int result);
54 static int (*audit_send_user_message_func)(int fd, int type,
55 const char *message);
56
57 static pthread_once_t libaudit_once_control = PTHREAD_ONCE_INIT;
58
59 static void
libaudit_init(void)60 libaudit_init(void)
61 {
62 libaudit_handle = dlopen(LIBAUDIT_NAME, RTLD_LAZY);
63 if (!libaudit_handle) {
64 return;
65 }
66 audit_open_func = dlsym(libaudit_handle, "audit_open");
67 audit_close_func = dlsym(libaudit_handle, "audit_close");
68 /*
69 * audit_send_user_message is the older function.
70 * audit_log_user_message, if available, is preferred.
71 */
72 audit_log_user_message_func = dlsym(libaudit_handle,
73 "audit_log_user_message");
74 if (!audit_log_user_message_func) {
75 audit_send_user_message_func = dlsym(libaudit_handle,
76 "audit_send_user_message");
77 }
78 if (!audit_open_func || !audit_close_func ||
79 (!audit_log_user_message_func && !audit_send_user_message_func)) {
80 dlclose(libaudit_handle);
81 libaudit_handle = NULL;
82 audit_open_func = NULL;
83 audit_close_func = NULL;
84 audit_log_user_message_func = NULL;
85 audit_send_user_message_func = NULL;
86 }
87 }
88 #endif /* LINUX */
89
90 /*
91 * ******************** Password Utilities *******************************
92 */
93 static PRBool isLoggedIn = PR_FALSE;
94 static PRBool isLevel2 = PR_TRUE;
95 PRBool sftk_fatalError = PR_FALSE;
96
97 /*
98 * This function returns
99 * - CKR_PIN_INVALID if the password/PIN is not a legal UTF8 string
100 * - CKR_PIN_LEN_RANGE if the password/PIN is too short or does not
101 * consist of characters from three or more character classes.
102 * - CKR_OK otherwise
103 *
104 * The minimum password/PIN length is FIPS_MIN_PIN Unicode characters.
105 * We define five character classes: digits (0-9), ASCII lowercase letters,
106 * ASCII uppercase letters, ASCII non-alphanumeric characters (such as
107 * space and punctuation marks), and non-ASCII characters. If an ASCII
108 * uppercase letter is the first character of the password/PIN, the
109 * uppercase letter is not counted toward its character class. Similarly,
110 * if a digit is the last character of the password/PIN, the digit is not
111 * counted toward its character class.
112 *
113 * Although NSC_SetPIN and NSC_InitPIN already do the maximum and minimum
114 * password/PIN length checks, they check the length in bytes as opposed
115 * to characters. To meet the minimum password/PIN guessing probability
116 * requirements in FIPS 140-2, we need to check the length in characters.
117 */
118 static CK_RV
sftk_newPinCheck(CK_CHAR_PTR pPin,CK_ULONG ulPinLen)119 sftk_newPinCheck(CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
120 {
121 unsigned int i;
122 int nchar = 0; /* number of characters */
123 int ntrail = 0; /* number of trailing bytes to follow */
124 int ndigit = 0; /* number of decimal digits */
125 int nlower = 0; /* number of ASCII lowercase letters */
126 int nupper = 0; /* number of ASCII uppercase letters */
127 int nnonalnum = 0; /* number of ASCII non-alphanumeric characters */
128 int nnonascii = 0; /* number of non-ASCII characters */
129 int nclass; /* number of character classes */
130
131 for (i = 0; i < ulPinLen; i++) {
132 unsigned int byte = pPin[i];
133
134 if (ntrail) {
135 if ((byte & 0xc0) != 0x80) {
136 /* illegal */
137 nchar = -1;
138 break;
139 }
140 if (--ntrail == 0) {
141 nchar++;
142 nnonascii++;
143 }
144 continue;
145 }
146 if ((byte & 0x80) == 0x00) {
147 /* single-byte (ASCII) character */
148 nchar++;
149 if (isdigit(byte)) {
150 if (i < ulPinLen - 1) {
151 ndigit++;
152 }
153 } else if (islower(byte)) {
154 nlower++;
155 } else if (isupper(byte)) {
156 if (i > 0) {
157 nupper++;
158 }
159 } else {
160 nnonalnum++;
161 }
162 } else if ((byte & 0xe0) == 0xc0) {
163 /* leading byte of two-byte character */
164 ntrail = 1;
165 } else if ((byte & 0xf0) == 0xe0) {
166 /* leading byte of three-byte character */
167 ntrail = 2;
168 } else if ((byte & 0xf8) == 0xf0) {
169 /* leading byte of four-byte character */
170 ntrail = 3;
171 } else {
172 /* illegal */
173 nchar = -1;
174 break;
175 }
176 }
177 if (nchar == -1) {
178 /* illegal UTF8 string */
179 return CKR_PIN_INVALID;
180 }
181 if (nchar < FIPS_MIN_PIN) {
182 return CKR_PIN_LEN_RANGE;
183 }
184 nclass = (ndigit != 0) + (nlower != 0) + (nupper != 0) +
185 (nnonalnum != 0) + (nnonascii != 0);
186 if (nclass < 3) {
187 return CKR_PIN_LEN_RANGE;
188 }
189 return CKR_OK;
190 }
191
192 /* FIPS required checks before any useful cryptographic services */
193 static CK_RV
sftk_fipsCheck(void)194 sftk_fipsCheck(void)
195 {
196 if (sftk_fatalError)
197 return CKR_DEVICE_ERROR;
198 if (isLevel2 && !isLoggedIn)
199 return CKR_USER_NOT_LOGGED_IN;
200 return CKR_OK;
201 }
202
203 #define SFTK_FIPSCHECK() \
204 CK_RV rv; \
205 if ((rv = sftk_fipsCheck()) != CKR_OK) \
206 return rv;
207
208 #define SFTK_FIPSFATALCHECK() \
209 if (sftk_fatalError) \
210 return CKR_DEVICE_ERROR;
211
212 /* grab an attribute out of a raw template */
213 void *
fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,CK_ATTRIBUTE_TYPE type)214 fc_getAttribute(CK_ATTRIBUTE_PTR pTemplate,
215 CK_ULONG ulCount, CK_ATTRIBUTE_TYPE type)
216 {
217 int i;
218
219 for (i = 0; i < (int)ulCount; i++) {
220 if (pTemplate[i].type == type) {
221 return pTemplate[i].pValue;
222 }
223 }
224 return NULL;
225 }
226
227 #define __PASTE(x, y) x##y
228
229 /* ------------- forward declare all the NSC_ functions ------------- */
230 #undef CK_NEED_ARG_LIST
231 #undef CK_PKCS11_FUNCTION_INFO
232
233 #define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(NS, name)
234 #define CK_NEED_ARG_LIST 1
235
236 #include "pkcs11f.h"
237
238 /* ------------- forward declare all the FIPS functions ------------- */
239 #undef CK_NEED_ARG_LIST
240 #undef CK_PKCS11_FUNCTION_INFO
241
242 #define CK_PKCS11_FUNCTION_INFO(name) CK_RV __PASTE(F, name)
243 #define CK_NEED_ARG_LIST 1
244
245 #include "pkcs11f.h"
246
247 /* ------------- build the CK_CRYPTO_TABLE ------------------------- */
248 static CK_FUNCTION_LIST sftk_fipsTable = {
249 { 1, 10 },
250
251 #undef CK_NEED_ARG_LIST
252 #undef CK_PKCS11_FUNCTION_INFO
253
254 #define CK_PKCS11_FUNCTION_INFO(name) \
255 __PASTE(F, name) \
256 ,
257
258 #include "pkcs11f.h"
259
260 };
261
262 #undef CK_NEED_ARG_LIST
263 #undef CK_PKCS11_FUNCTION_INFO
264
265 #undef __PASTE
266
267 /* CKO_NOT_A_KEY can be any object class that's not a key object. */
268 #define CKO_NOT_A_KEY CKO_DATA
269
270 #define SFTK_IS_KEY_OBJECT(objClass) \
271 (((objClass) == CKO_PUBLIC_KEY) || \
272 ((objClass) == CKO_PRIVATE_KEY) || \
273 ((objClass) == CKO_SECRET_KEY))
274
275 #define SFTK_IS_NONPUBLIC_KEY_OBJECT(objClass) \
276 (((objClass) == CKO_PRIVATE_KEY) || ((objClass) == CKO_SECRET_KEY))
277
278 static CK_RV
sftk_get_object_class_and_fipsCheck(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject,CK_OBJECT_CLASS * pObjClass)279 sftk_get_object_class_and_fipsCheck(CK_SESSION_HANDLE hSession,
280 CK_OBJECT_HANDLE hObject, CK_OBJECT_CLASS *pObjClass)
281 {
282 CK_RV rv;
283 CK_ATTRIBUTE class;
284 class.type = CKA_CLASS;
285 class.pValue = pObjClass;
286 class.ulValueLen = sizeof(*pObjClass);
287 rv = NSC_GetAttributeValue(hSession, hObject, &class, 1);
288 if ((rv == CKR_OK) && SFTK_IS_NONPUBLIC_KEY_OBJECT(*pObjClass)) {
289 rv = sftk_fipsCheck();
290 }
291 return rv;
292 }
293
294 #ifdef LINUX
295
296 int
sftk_mapLinuxAuditType(NSSAuditSeverity severity,NSSAuditType auditType)297 sftk_mapLinuxAuditType(NSSAuditSeverity severity, NSSAuditType auditType)
298 {
299 switch (auditType) {
300 case NSS_AUDIT_ACCESS_KEY:
301 case NSS_AUDIT_CHANGE_KEY:
302 case NSS_AUDIT_COPY_KEY:
303 case NSS_AUDIT_DERIVE_KEY:
304 case NSS_AUDIT_DESTROY_KEY:
305 case NSS_AUDIT_DIGEST_KEY:
306 case NSS_AUDIT_GENERATE_KEY:
307 case NSS_AUDIT_LOAD_KEY:
308 case NSS_AUDIT_UNWRAP_KEY:
309 case NSS_AUDIT_WRAP_KEY:
310 return AUDIT_CRYPTO_KEY_USER;
311 case NSS_AUDIT_CRYPT:
312 return (severity == NSS_AUDIT_ERROR) ? AUDIT_CRYPTO_FAILURE_USER : AUDIT_CRYPTO_KEY_USER;
313 case NSS_AUDIT_FIPS_STATE:
314 case NSS_AUDIT_INIT_PIN:
315 case NSS_AUDIT_INIT_TOKEN:
316 case NSS_AUDIT_SET_PIN:
317 return AUDIT_CRYPTO_PARAM_CHANGE_USER;
318 case NSS_AUDIT_SELF_TEST:
319 return AUDIT_CRYPTO_TEST_USER;
320 case NSS_AUDIT_LOGIN:
321 return AUDIT_CRYPTO_LOGIN;
322 case NSS_AUDIT_LOGOUT:
323 return AUDIT_CRYPTO_LOGOUT;
324 /* we skip the fault case here so we can get compiler
325 * warnings if new 'NSSAuditType's are added without
326 * added them to this list, defaults fall through */
327 }
328 /* default */
329 return AUDIT_CRYPTO_PARAM_CHANGE_USER;
330 }
331 #endif
332
333 /**********************************************************************
334 *
335 * FIPS 140 auditable event logging
336 *
337 **********************************************************************/
338
339 PRBool sftk_audit_enabled = PR_FALSE;
340
341 /*
342 * Each audit record must have the following information:
343 * - Date and time of the event
344 * - Type of event
345 * - user (subject) identity
346 * - outcome (success or failure) of the event
347 * - process ID
348 * - name (ID) of the object
349 * - for changes to data (except for authentication data and CSPs), the new
350 * and old values of the data
351 * - for authentication attempts, the origin of the attempt (e.g., terminal
352 * identifier)
353 * - for assuming a role, the type of role, and the location of the request
354 */
355 void
sftk_LogAuditMessage(NSSAuditSeverity severity,NSSAuditType auditType,const char * msg)356 sftk_LogAuditMessage(NSSAuditSeverity severity, NSSAuditType auditType,
357 const char *msg)
358 {
359 #ifdef NSS_AUDIT_WITH_SYSLOG
360 int level;
361
362 switch (severity) {
363 case NSS_AUDIT_ERROR:
364 level = LOG_ERR;
365 break;
366 case NSS_AUDIT_WARNING:
367 level = LOG_WARNING;
368 break;
369 default:
370 level = LOG_INFO;
371 break;
372 }
373 /* timestamp is provided by syslog in the message header */
374 syslog(level | LOG_USER /* facility */,
375 "NSS " SOFTOKEN_LIB_NAME "[pid=%d uid=%d]: %s",
376 (int)getpid(), (int)getuid(), msg);
377 #ifdef LINUX
378 if (pthread_once(&libaudit_once_control, libaudit_init) != 0) {
379 return;
380 }
381 if (libaudit_handle) {
382 int audit_fd;
383 int linuxAuditType;
384 int result = (severity != NSS_AUDIT_ERROR); /* 1=success; 0=failed */
385 char *message = PR_smprintf("NSS " SOFTOKEN_LIB_NAME ": %s", msg);
386 if (!message) {
387 return;
388 }
389 audit_fd = audit_open_func();
390 if (audit_fd < 0) {
391 PR_smprintf_free(message);
392 return;
393 }
394 linuxAuditType = sftk_mapLinuxAuditType(severity, auditType);
395 if (audit_log_user_message_func) {
396 audit_log_user_message_func(audit_fd, linuxAuditType, message,
397 NULL, NULL, NULL, result);
398 } else {
399 audit_send_user_message_func(audit_fd, linuxAuditType, message);
400 }
401 audit_close_func(audit_fd);
402 PR_smprintf_free(message);
403 }
404 #endif /* LINUX */
405 #else
406 /* do nothing */
407 #endif
408 }
409
410 /**********************************************************************
411 *
412 * Start of PKCS 11 functions
413 *
414 **********************************************************************/
415 /* return the function list */
416 CK_RV
FC_GetFunctionList(CK_FUNCTION_LIST_PTR * pFunctionList)417 FC_GetFunctionList(CK_FUNCTION_LIST_PTR *pFunctionList)
418 {
419
420 CHECK_FORK();
421
422 *pFunctionList = &sftk_fipsTable;
423 return CKR_OK;
424 }
425
426 /* sigh global so pkcs11 can read it */
427 PRBool nsf_init = PR_FALSE;
428
429 void
fc_log_init_error(CK_RV crv)430 fc_log_init_error(CK_RV crv)
431 {
432 if (sftk_audit_enabled) {
433 char msg[128];
434 PR_snprintf(msg, sizeof msg,
435 "C_Initialize()=0x%08lX "
436 "power-up self-tests failed",
437 (PRUint32)crv);
438 sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
439 }
440 }
441
442 /* FC_Initialize initializes the PKCS #11 library. */
443 CK_RV
FC_Initialize(CK_VOID_PTR pReserved)444 FC_Initialize(CK_VOID_PTR pReserved)
445 {
446 const char *envp;
447 CK_RV crv;
448
449 if ((envp = PR_GetEnv("NSS_ENABLE_AUDIT")) != NULL) {
450 sftk_audit_enabled = (atoi(envp) == 1);
451 }
452
453 /* At this point we should have already done post and integrity checks.
454 * if we haven't, it probably means the FIPS product has not been installed
455 * or the tests failed. Don't let an application try to enter FIPS mode */
456 crv = sftk_FIPSEntryOK();
457 if (crv != CKR_OK) {
458 sftk_fatalError = PR_TRUE;
459 fc_log_init_error(crv);
460 return crv;
461 }
462
463 sftk_ForkReset(pReserved, &crv);
464
465 if (nsf_init) {
466 return CKR_CRYPTOKI_ALREADY_INITIALIZED;
467 }
468
469 crv = nsc_CommonInitialize(pReserved, PR_TRUE);
470
471 /* not an 'else' rv can be set by either SFTK_LowInit or SFTK_SlotInit*/
472 if (crv != CKR_OK) {
473 sftk_fatalError = PR_TRUE;
474 return crv;
475 }
476
477 sftk_fatalError = PR_FALSE; /* any error has been reset */
478 nsf_init = PR_TRUE;
479 isLevel2 = PR_TRUE; /* assume level 2 unless we learn otherwise */
480
481 return CKR_OK;
482 }
483
484 /*FC_Finalize indicates that an application is done with the PKCS #11 library.*/
485 CK_RV
FC_Finalize(CK_VOID_PTR pReserved)486 FC_Finalize(CK_VOID_PTR pReserved)
487 {
488 CK_RV crv;
489
490 if (sftk_ForkReset(pReserved, &crv)) {
491 return crv;
492 }
493
494 if (!nsf_init) {
495 return CKR_OK;
496 }
497
498 crv = nsc_CommonFinalize(pReserved, PR_TRUE);
499
500 nsf_init = (PRBool) !(crv == CKR_OK);
501 return crv;
502 }
503
504 /* FC_GetInfo returns general information about PKCS #11. */
505 CK_RV
FC_GetInfo(CK_INFO_PTR pInfo)506 FC_GetInfo(CK_INFO_PTR pInfo)
507 {
508 CHECK_FORK();
509
510 return NSC_GetInfo(pInfo);
511 }
512
513 /* FC_GetSlotList obtains a list of slots in the system. */
514 CK_RV
FC_GetSlotList(CK_BBOOL tokenPresent,CK_SLOT_ID_PTR pSlotList,CK_ULONG_PTR pulCount)515 FC_GetSlotList(CK_BBOOL tokenPresent,
516 CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
517 {
518 CHECK_FORK();
519
520 return nsc_CommonGetSlotList(tokenPresent, pSlotList, pulCount,
521 NSC_FIPS_MODULE);
522 }
523
524 /* FC_GetSlotInfo obtains information about a particular slot in the system. */
525 CK_RV
FC_GetSlotInfo(CK_SLOT_ID slotID,CK_SLOT_INFO_PTR pInfo)526 FC_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
527 {
528 CHECK_FORK();
529
530 return NSC_GetSlotInfo(slotID, pInfo);
531 }
532
533 /*FC_GetTokenInfo obtains information about a particular token in the system.*/
534 CK_RV
FC_GetTokenInfo(CK_SLOT_ID slotID,CK_TOKEN_INFO_PTR pInfo)535 FC_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
536 {
537 CK_RV crv;
538
539 CHECK_FORK();
540
541 crv = NSC_GetTokenInfo(slotID, pInfo);
542 if (crv == CKR_OK) {
543 if ((pInfo->flags & CKF_LOGIN_REQUIRED) == 0) {
544 isLevel2 = PR_FALSE;
545 }
546 }
547 return crv;
548 }
549
550 /*FC_GetMechanismList obtains a list of mechanism types supported by a token.*/
551 CK_RV
FC_GetMechanismList(CK_SLOT_ID slotID,CK_MECHANISM_TYPE_PTR pMechanismList,CK_ULONG_PTR pusCount)552 FC_GetMechanismList(CK_SLOT_ID slotID,
553 CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pusCount)
554 {
555 CHECK_FORK();
556
557 SFTK_FIPSFATALCHECK();
558 if ((slotID == FIPS_SLOT_ID) || (slotID >= SFTK_MIN_FIPS_USER_SLOT_ID)) {
559 slotID = NETSCAPE_SLOT_ID;
560 }
561 /* FIPS Slots support all functions */
562 return NSC_GetMechanismList(slotID, pMechanismList, pusCount);
563 }
564
565 /* FC_GetMechanismInfo obtains information about a particular mechanism
566 * possibly supported by a token. */
567 CK_RV
FC_GetMechanismInfo(CK_SLOT_ID slotID,CK_MECHANISM_TYPE type,CK_MECHANISM_INFO_PTR pInfo)568 FC_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
569 CK_MECHANISM_INFO_PTR pInfo)
570 {
571 CHECK_FORK();
572
573 SFTK_FIPSFATALCHECK();
574 if ((slotID == FIPS_SLOT_ID) || (slotID >= SFTK_MIN_FIPS_USER_SLOT_ID)) {
575 slotID = NETSCAPE_SLOT_ID;
576 }
577 /* FIPS Slots support all functions */
578 return NSC_GetMechanismInfo(slotID, type, pInfo);
579 }
580
581 /* FC_InitToken initializes a token. */
582 CK_RV
FC_InitToken(CK_SLOT_ID slotID,CK_CHAR_PTR pPin,CK_ULONG usPinLen,CK_CHAR_PTR pLabel)583 FC_InitToken(CK_SLOT_ID slotID, CK_CHAR_PTR pPin,
584 CK_ULONG usPinLen, CK_CHAR_PTR pLabel)
585 {
586 CK_RV crv;
587
588 CHECK_FORK();
589
590 crv = NSC_InitToken(slotID, pPin, usPinLen, pLabel);
591 if (sftk_audit_enabled) {
592 char msg[128];
593 NSSAuditSeverity severity = (crv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
594 /* pLabel points to a 32-byte label, which is not null-terminated */
595 PR_snprintf(msg, sizeof msg,
596 "C_InitToken(slotID=%lu, pLabel=\"%.32s\")=0x%08lX",
597 (PRUint32)slotID, pLabel, (PRUint32)crv);
598 sftk_LogAuditMessage(severity, NSS_AUDIT_INIT_TOKEN, msg);
599 }
600 return crv;
601 }
602
603 /* FC_InitPIN initializes the normal user's PIN. */
604 CK_RV
FC_InitPIN(CK_SESSION_HANDLE hSession,CK_CHAR_PTR pPin,CK_ULONG ulPinLen)605 FC_InitPIN(CK_SESSION_HANDLE hSession,
606 CK_CHAR_PTR pPin, CK_ULONG ulPinLen)
607 {
608 CK_RV rv;
609
610 CHECK_FORK();
611
612 if (sftk_fatalError)
613 return CKR_DEVICE_ERROR;
614 /* NSC_InitPIN will only work once per database. We can either initialize
615 * it to level1 (pin len == 0) or level2. If we initialize to level 2, then
616 * we need to make sure the pin meets FIPS requirements */
617 if ((ulPinLen == 0) || ((rv = sftk_newPinCheck(pPin, ulPinLen)) == CKR_OK)) {
618 rv = NSC_InitPIN(hSession, pPin, ulPinLen);
619 if (rv == CKR_OK) {
620 isLevel2 = (ulPinLen > 0) ? PR_TRUE : PR_FALSE;
621 }
622 }
623 if (sftk_audit_enabled) {
624 char msg[128];
625 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
626 PR_snprintf(msg, sizeof msg,
627 "C_InitPIN(hSession=0x%08lX)=0x%08lX",
628 (PRUint32)hSession, (PRUint32)rv);
629 sftk_LogAuditMessage(severity, NSS_AUDIT_INIT_PIN, msg);
630 }
631 return rv;
632 }
633
634 /* FC_SetPIN modifies the PIN of user that is currently logged in. */
635 /* NOTE: This is only valid for the PRIVATE_KEY_SLOT */
636 CK_RV
FC_SetPIN(CK_SESSION_HANDLE hSession,CK_CHAR_PTR pOldPin,CK_ULONG usOldLen,CK_CHAR_PTR pNewPin,CK_ULONG usNewLen)637 FC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin,
638 CK_ULONG usOldLen, CK_CHAR_PTR pNewPin, CK_ULONG usNewLen)
639 {
640 CK_RV rv;
641
642 CHECK_FORK();
643
644 if ((rv = sftk_fipsCheck()) == CKR_OK &&
645 (rv = sftk_newPinCheck(pNewPin, usNewLen)) == CKR_OK) {
646 rv = NSC_SetPIN(hSession, pOldPin, usOldLen, pNewPin, usNewLen);
647 if (rv == CKR_OK) {
648 /* if we set the password in level1 we now go
649 * to level2. NOTE: we don't allow the user to
650 * go from level2 to level1 */
651 isLevel2 = PR_TRUE;
652 }
653 }
654 if (sftk_audit_enabled) {
655 char msg[128];
656 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
657 PR_snprintf(msg, sizeof msg,
658 "C_SetPIN(hSession=0x%08lX)=0x%08lX",
659 (PRUint32)hSession, (PRUint32)rv);
660 sftk_LogAuditMessage(severity, NSS_AUDIT_SET_PIN, msg);
661 }
662 return rv;
663 }
664
665 /* FC_OpenSession opens a session between an application and a token. */
666 CK_RV
FC_OpenSession(CK_SLOT_ID slotID,CK_FLAGS flags,CK_VOID_PTR pApplication,CK_NOTIFY Notify,CK_SESSION_HANDLE_PTR phSession)667 FC_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags,
668 CK_VOID_PTR pApplication, CK_NOTIFY Notify, CK_SESSION_HANDLE_PTR phSession)
669 {
670 SFTK_FIPSFATALCHECK();
671
672 CHECK_FORK();
673
674 return NSC_OpenSession(slotID, flags, pApplication, Notify, phSession);
675 }
676
677 /* FC_CloseSession closes a session between an application and a token. */
678 CK_RV
FC_CloseSession(CK_SESSION_HANDLE hSession)679 FC_CloseSession(CK_SESSION_HANDLE hSession)
680 {
681 CHECK_FORK();
682
683 return NSC_CloseSession(hSession);
684 }
685
686 /* FC_CloseAllSessions closes all sessions with a token. */
687 CK_RV
FC_CloseAllSessions(CK_SLOT_ID slotID)688 FC_CloseAllSessions(CK_SLOT_ID slotID)
689 {
690
691 CHECK_FORK();
692
693 return NSC_CloseAllSessions(slotID);
694 }
695
696 /* FC_GetSessionInfo obtains information about the session. */
697 CK_RV
FC_GetSessionInfo(CK_SESSION_HANDLE hSession,CK_SESSION_INFO_PTR pInfo)698 FC_GetSessionInfo(CK_SESSION_HANDLE hSession,
699 CK_SESSION_INFO_PTR pInfo)
700 {
701 CK_RV rv;
702 SFTK_FIPSFATALCHECK();
703
704 CHECK_FORK();
705
706 rv = NSC_GetSessionInfo(hSession, pInfo);
707 if (rv == CKR_OK) {
708 if ((isLoggedIn) && (pInfo->state == CKS_RO_PUBLIC_SESSION)) {
709 pInfo->state = CKS_RO_USER_FUNCTIONS;
710 }
711 if ((isLoggedIn) && (pInfo->state == CKS_RW_PUBLIC_SESSION)) {
712 pInfo->state = CKS_RW_USER_FUNCTIONS;
713 }
714 }
715 return rv;
716 }
717
718 /* FC_Login logs a user into a token. */
719 CK_RV
FC_Login(CK_SESSION_HANDLE hSession,CK_USER_TYPE userType,CK_CHAR_PTR pPin,CK_ULONG usPinLen)720 FC_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
721 CK_CHAR_PTR pPin, CK_ULONG usPinLen)
722 {
723 CK_RV rv;
724 PRBool successful;
725 if (sftk_fatalError)
726 return CKR_DEVICE_ERROR;
727 rv = NSC_Login(hSession, userType, pPin, usPinLen);
728 successful = (rv == CKR_OK) || (rv == CKR_USER_ALREADY_LOGGED_IN);
729 if (successful)
730 isLoggedIn = PR_TRUE;
731 if (sftk_audit_enabled) {
732 char msg[128];
733 NSSAuditSeverity severity;
734 severity = successful ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
735 PR_snprintf(msg, sizeof msg,
736 "C_Login(hSession=0x%08lX, userType=%lu)=0x%08lX",
737 (PRUint32)hSession, (PRUint32)userType, (PRUint32)rv);
738 sftk_LogAuditMessage(severity, NSS_AUDIT_LOGIN, msg);
739 }
740 return rv;
741 }
742
743 /* FC_Logout logs a user out from a token. */
744 CK_RV
FC_Logout(CK_SESSION_HANDLE hSession)745 FC_Logout(CK_SESSION_HANDLE hSession)
746 {
747 CK_RV rv;
748
749 CHECK_FORK();
750
751 if ((rv = sftk_fipsCheck()) == CKR_OK) {
752 rv = NSC_Logout(hSession);
753 isLoggedIn = PR_FALSE;
754 }
755 if (sftk_audit_enabled) {
756 char msg[128];
757 NSSAuditSeverity severity = (rv == CKR_OK) ? NSS_AUDIT_INFO : NSS_AUDIT_ERROR;
758 PR_snprintf(msg, sizeof msg,
759 "C_Logout(hSession=0x%08lX)=0x%08lX",
760 (PRUint32)hSession, (PRUint32)rv);
761 sftk_LogAuditMessage(severity, NSS_AUDIT_LOGOUT, msg);
762 }
763 return rv;
764 }
765
766 /* FC_CreateObject creates a new object. */
767 CK_RV
FC_CreateObject(CK_SESSION_HANDLE hSession,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,CK_OBJECT_HANDLE_PTR phObject)768 FC_CreateObject(CK_SESSION_HANDLE hSession,
769 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
770 CK_OBJECT_HANDLE_PTR phObject)
771 {
772 CK_OBJECT_CLASS *classptr;
773 CK_RV rv = CKR_OK;
774
775 CHECK_FORK();
776
777 classptr = (CK_OBJECT_CLASS *)fc_getAttribute(pTemplate, ulCount, CKA_CLASS);
778 if (classptr == NULL)
779 return CKR_TEMPLATE_INCOMPLETE;
780
781 if (*classptr == CKO_NETSCAPE_NEWSLOT || *classptr == CKO_NETSCAPE_DELSLOT) {
782 if (sftk_fatalError)
783 return CKR_DEVICE_ERROR;
784 } else {
785 rv = sftk_fipsCheck();
786 if (rv != CKR_OK)
787 return rv;
788 }
789
790 /* FIPS can't create keys from raw key material */
791 if (SFTK_IS_NONPUBLIC_KEY_OBJECT(*classptr)) {
792 rv = CKR_ATTRIBUTE_VALUE_INVALID;
793 } else {
794 rv = NSC_CreateObject(hSession, pTemplate, ulCount, phObject);
795 }
796 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(*classptr)) {
797 sftk_AuditCreateObject(hSession, pTemplate, ulCount, phObject, rv);
798 }
799 return rv;
800 }
801
802 /* FC_CopyObject copies an object, creating a new object for the copy. */
803 CK_RV
FC_CopyObject(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,CK_OBJECT_HANDLE_PTR phNewObject)804 FC_CopyObject(CK_SESSION_HANDLE hSession,
805 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
806 CK_OBJECT_HANDLE_PTR phNewObject)
807 {
808 CK_RV rv;
809 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
810
811 CHECK_FORK();
812
813 SFTK_FIPSFATALCHECK();
814 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
815 if (rv == CKR_OK) {
816 rv = NSC_CopyObject(hSession, hObject, pTemplate, ulCount, phNewObject);
817 }
818 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
819 sftk_AuditCopyObject(hSession,
820 hObject, pTemplate, ulCount, phNewObject, rv);
821 }
822 return rv;
823 }
824
825 /* FC_DestroyObject destroys an object. */
826 CK_RV
FC_DestroyObject(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject)827 FC_DestroyObject(CK_SESSION_HANDLE hSession,
828 CK_OBJECT_HANDLE hObject)
829 {
830 CK_RV rv;
831 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
832
833 CHECK_FORK();
834
835 SFTK_FIPSFATALCHECK();
836 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
837 if (rv == CKR_OK) {
838 rv = NSC_DestroyObject(hSession, hObject);
839 }
840 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
841 sftk_AuditDestroyObject(hSession, hObject, rv);
842 }
843 return rv;
844 }
845
846 /* FC_GetObjectSize gets the size of an object in bytes. */
847 CK_RV
FC_GetObjectSize(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject,CK_ULONG_PTR pulSize)848 FC_GetObjectSize(CK_SESSION_HANDLE hSession,
849 CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize)
850 {
851 CK_RV rv;
852 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
853
854 CHECK_FORK();
855
856 SFTK_FIPSFATALCHECK();
857 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
858 if (rv == CKR_OK) {
859 rv = NSC_GetObjectSize(hSession, hObject, pulSize);
860 }
861 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
862 sftk_AuditGetObjectSize(hSession, hObject, pulSize, rv);
863 }
864 return rv;
865 }
866
867 /* FC_GetAttributeValue obtains the value of one or more object attributes. */
868 CK_RV
FC_GetAttributeValue(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount)869 FC_GetAttributeValue(CK_SESSION_HANDLE hSession,
870 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
871 {
872 CK_RV rv;
873 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
874
875 CHECK_FORK();
876
877 SFTK_FIPSFATALCHECK();
878 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
879 if (rv == CKR_OK) {
880 rv = NSC_GetAttributeValue(hSession, hObject, pTemplate, ulCount);
881 }
882 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
883 sftk_AuditGetAttributeValue(hSession, hObject, pTemplate, ulCount, rv);
884 }
885 return rv;
886 }
887
888 /* FC_SetAttributeValue modifies the value of one or more object attributes */
889 CK_RV
FC_SetAttributeValue(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hObject,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount)890 FC_SetAttributeValue(CK_SESSION_HANDLE hSession,
891 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
892 {
893 CK_RV rv;
894 CK_OBJECT_CLASS objClass = CKO_NOT_A_KEY;
895
896 CHECK_FORK();
897
898 SFTK_FIPSFATALCHECK();
899 rv = sftk_get_object_class_and_fipsCheck(hSession, hObject, &objClass);
900 if (rv == CKR_OK) {
901 rv = NSC_SetAttributeValue(hSession, hObject, pTemplate, ulCount);
902 }
903 if (sftk_audit_enabled && SFTK_IS_KEY_OBJECT(objClass)) {
904 sftk_AuditSetAttributeValue(hSession, hObject, pTemplate, ulCount, rv);
905 }
906 return rv;
907 }
908
909 /* FC_FindObjectsInit initializes a search for token and session objects
910 * that match a template. */
911 CK_RV
FC_FindObjectsInit(CK_SESSION_HANDLE hSession,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG usCount)912 FC_FindObjectsInit(CK_SESSION_HANDLE hSession,
913 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG usCount)
914 {
915 /* let publically readable object be found */
916 unsigned int i;
917 CK_RV rv;
918 PRBool needLogin = PR_FALSE;
919
920 CHECK_FORK();
921
922 SFTK_FIPSFATALCHECK();
923
924 for (i = 0; i < usCount; i++) {
925 CK_OBJECT_CLASS class;
926 if (pTemplate[i].type != CKA_CLASS) {
927 continue;
928 }
929 if (pTemplate[i].ulValueLen != sizeof(CK_OBJECT_CLASS)) {
930 continue;
931 }
932 if (pTemplate[i].pValue == NULL) {
933 continue;
934 }
935 class = *(CK_OBJECT_CLASS *)pTemplate[i].pValue;
936 if ((class == CKO_PRIVATE_KEY) || (class == CKO_SECRET_KEY)) {
937 needLogin = PR_TRUE;
938 break;
939 }
940 }
941 if (needLogin) {
942 if ((rv = sftk_fipsCheck()) != CKR_OK)
943 return rv;
944 }
945 return NSC_FindObjectsInit(hSession, pTemplate, usCount);
946 }
947
948 /* FC_FindObjects continues a search for token and session objects
949 * that match a template, obtaining additional object handles. */
950 CK_RV
FC_FindObjects(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE_PTR phObject,CK_ULONG usMaxObjectCount,CK_ULONG_PTR pusObjectCount)951 FC_FindObjects(CK_SESSION_HANDLE hSession,
952 CK_OBJECT_HANDLE_PTR phObject, CK_ULONG usMaxObjectCount,
953 CK_ULONG_PTR pusObjectCount)
954 {
955 CHECK_FORK();
956
957 /* let publically readable object be found */
958 SFTK_FIPSFATALCHECK();
959 return NSC_FindObjects(hSession, phObject, usMaxObjectCount,
960 pusObjectCount);
961 }
962
963 /*
964 ************** Crypto Functions: Encrypt ************************
965 */
966
967 /* FC_EncryptInit initializes an encryption operation. */
968 CK_RV
FC_EncryptInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)969 FC_EncryptInit(CK_SESSION_HANDLE hSession,
970 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
971 {
972 SFTK_FIPSCHECK();
973 CHECK_FORK();
974
975 rv = NSC_EncryptInit(hSession, pMechanism, hKey);
976 if (sftk_audit_enabled) {
977 sftk_AuditCryptInit("Encrypt", hSession, pMechanism, hKey, rv);
978 }
979 return rv;
980 }
981
982 /* FC_Encrypt encrypts single-part data. */
983 CK_RV
FC_Encrypt(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pEncryptedData,CK_ULONG_PTR pusEncryptedDataLen)984 FC_Encrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
985 CK_ULONG usDataLen, CK_BYTE_PTR pEncryptedData,
986 CK_ULONG_PTR pusEncryptedDataLen)
987 {
988 SFTK_FIPSCHECK();
989 CHECK_FORK();
990
991 return NSC_Encrypt(hSession, pData, usDataLen, pEncryptedData,
992 pusEncryptedDataLen);
993 }
994
995 /* FC_EncryptUpdate continues a multiple-part encryption operation. */
996 CK_RV
FC_EncryptUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,CK_ULONG usPartLen,CK_BYTE_PTR pEncryptedPart,CK_ULONG_PTR pusEncryptedPartLen)997 FC_EncryptUpdate(CK_SESSION_HANDLE hSession,
998 CK_BYTE_PTR pPart, CK_ULONG usPartLen, CK_BYTE_PTR pEncryptedPart,
999 CK_ULONG_PTR pusEncryptedPartLen)
1000 {
1001 SFTK_FIPSCHECK();
1002 CHECK_FORK();
1003
1004 return NSC_EncryptUpdate(hSession, pPart, usPartLen, pEncryptedPart,
1005 pusEncryptedPartLen);
1006 }
1007
1008 /* FC_EncryptFinal finishes a multiple-part encryption operation. */
1009 CK_RV
FC_EncryptFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pLastEncryptedPart,CK_ULONG_PTR pusLastEncryptedPartLen)1010 FC_EncryptFinal(CK_SESSION_HANDLE hSession,
1011 CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pusLastEncryptedPartLen)
1012 {
1013 SFTK_FIPSCHECK();
1014 CHECK_FORK();
1015
1016 return NSC_EncryptFinal(hSession, pLastEncryptedPart,
1017 pusLastEncryptedPartLen);
1018 }
1019
1020 /*
1021 ************** Crypto Functions: Decrypt ************************
1022 */
1023
1024 /* FC_DecryptInit initializes a decryption operation. */
1025 CK_RV
FC_DecryptInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)1026 FC_DecryptInit(CK_SESSION_HANDLE hSession,
1027 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
1028 {
1029 SFTK_FIPSCHECK();
1030 CHECK_FORK();
1031
1032 rv = NSC_DecryptInit(hSession, pMechanism, hKey);
1033 if (sftk_audit_enabled) {
1034 sftk_AuditCryptInit("Decrypt", hSession, pMechanism, hKey, rv);
1035 }
1036 return rv;
1037 }
1038
1039 /* FC_Decrypt decrypts encrypted data in a single part. */
1040 CK_RV
FC_Decrypt(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pEncryptedData,CK_ULONG usEncryptedDataLen,CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen)1041 FC_Decrypt(CK_SESSION_HANDLE hSession,
1042 CK_BYTE_PTR pEncryptedData, CK_ULONG usEncryptedDataLen, CK_BYTE_PTR pData,
1043 CK_ULONG_PTR pusDataLen)
1044 {
1045 SFTK_FIPSCHECK();
1046 CHECK_FORK();
1047
1048 return NSC_Decrypt(hSession, pEncryptedData, usEncryptedDataLen, pData,
1049 pusDataLen);
1050 }
1051
1052 /* FC_DecryptUpdate continues a multiple-part decryption operation. */
1053 CK_RV
FC_DecryptUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pEncryptedPart,CK_ULONG usEncryptedPartLen,CK_BYTE_PTR pPart,CK_ULONG_PTR pusPartLen)1054 FC_DecryptUpdate(CK_SESSION_HANDLE hSession,
1055 CK_BYTE_PTR pEncryptedPart, CK_ULONG usEncryptedPartLen,
1056 CK_BYTE_PTR pPart, CK_ULONG_PTR pusPartLen)
1057 {
1058 SFTK_FIPSCHECK();
1059 CHECK_FORK();
1060
1061 return NSC_DecryptUpdate(hSession, pEncryptedPart, usEncryptedPartLen,
1062 pPart, pusPartLen);
1063 }
1064
1065 /* FC_DecryptFinal finishes a multiple-part decryption operation. */
1066 CK_RV
FC_DecryptFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pLastPart,CK_ULONG_PTR pusLastPartLen)1067 FC_DecryptFinal(CK_SESSION_HANDLE hSession,
1068 CK_BYTE_PTR pLastPart, CK_ULONG_PTR pusLastPartLen)
1069 {
1070 SFTK_FIPSCHECK();
1071 CHECK_FORK();
1072
1073 return NSC_DecryptFinal(hSession, pLastPart, pusLastPartLen);
1074 }
1075
1076 /*
1077 ************** Crypto Functions: Digest (HASH) ************************
1078 */
1079
1080 /* FC_DigestInit initializes a message-digesting operation. */
1081 CK_RV
FC_DigestInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism)1082 FC_DigestInit(CK_SESSION_HANDLE hSession,
1083 CK_MECHANISM_PTR pMechanism)
1084 {
1085 SFTK_FIPSFATALCHECK();
1086 CHECK_FORK();
1087
1088 return NSC_DigestInit(hSession, pMechanism);
1089 }
1090
1091 /* FC_Digest digests data in a single part. */
1092 CK_RV
FC_Digest(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pDigest,CK_ULONG_PTR pusDigestLen)1093 FC_Digest(CK_SESSION_HANDLE hSession,
1094 CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pDigest,
1095 CK_ULONG_PTR pusDigestLen)
1096 {
1097 SFTK_FIPSFATALCHECK();
1098 CHECK_FORK();
1099
1100 return NSC_Digest(hSession, pData, usDataLen, pDigest, pusDigestLen);
1101 }
1102
1103 /* FC_DigestUpdate continues a multiple-part message-digesting operation. */
1104 CK_RV
FC_DigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,CK_ULONG usPartLen)1105 FC_DigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1106 CK_ULONG usPartLen)
1107 {
1108 SFTK_FIPSFATALCHECK();
1109 CHECK_FORK();
1110
1111 return NSC_DigestUpdate(hSession, pPart, usPartLen);
1112 }
1113
1114 /* FC_DigestFinal finishes a multiple-part message-digesting operation. */
1115 CK_RV
FC_DigestFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pDigest,CK_ULONG_PTR pusDigestLen)1116 FC_DigestFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest,
1117 CK_ULONG_PTR pusDigestLen)
1118 {
1119 SFTK_FIPSFATALCHECK();
1120 CHECK_FORK();
1121
1122 return NSC_DigestFinal(hSession, pDigest, pusDigestLen);
1123 }
1124
1125 /*
1126 ************** Crypto Functions: Sign ************************
1127 */
1128
1129 /* FC_SignInit initializes a signature (private key encryption) operation,
1130 * where the signature is (will be) an appendix to the data,
1131 * and plaintext cannot be recovered from the signature */
1132 CK_RV
FC_SignInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)1133 FC_SignInit(CK_SESSION_HANDLE hSession,
1134 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
1135 {
1136 SFTK_FIPSCHECK();
1137 CHECK_FORK();
1138
1139 rv = NSC_SignInit(hSession, pMechanism, hKey);
1140 if (sftk_audit_enabled) {
1141 sftk_AuditCryptInit("Sign", hSession, pMechanism, hKey, rv);
1142 }
1143 return rv;
1144 }
1145
1146 /* FC_Sign signs (encrypts with private key) data in a single part,
1147 * where the signature is (will be) an appendix to the data,
1148 * and plaintext cannot be recovered from the signature */
1149 CK_RV
FC_Sign(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,CK_ULONG_PTR pusSignatureLen)1150 FC_Sign(CK_SESSION_HANDLE hSession,
1151 CK_BYTE_PTR pData, CK_ULONG usDataLen, CK_BYTE_PTR pSignature,
1152 CK_ULONG_PTR pusSignatureLen)
1153 {
1154 SFTK_FIPSCHECK();
1155 CHECK_FORK();
1156
1157 return NSC_Sign(hSession, pData, usDataLen, pSignature, pusSignatureLen);
1158 }
1159
1160 /* FC_SignUpdate continues a multiple-part signature operation,
1161 * where the signature is (will be) an appendix to the data,
1162 * and plaintext cannot be recovered from the signature */
1163 CK_RV
FC_SignUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,CK_ULONG usPartLen)1164 FC_SignUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1165 CK_ULONG usPartLen)
1166 {
1167 SFTK_FIPSCHECK();
1168 CHECK_FORK();
1169
1170 return NSC_SignUpdate(hSession, pPart, usPartLen);
1171 }
1172
1173 /* FC_SignFinal finishes a multiple-part signature operation,
1174 * returning the signature. */
1175 CK_RV
FC_SignFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,CK_ULONG_PTR pusSignatureLen)1176 FC_SignFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
1177 CK_ULONG_PTR pusSignatureLen)
1178 {
1179 SFTK_FIPSCHECK();
1180 CHECK_FORK();
1181
1182 return NSC_SignFinal(hSession, pSignature, pusSignatureLen);
1183 }
1184
1185 /*
1186 ************** Crypto Functions: Sign Recover ************************
1187 */
1188 /* FC_SignRecoverInit initializes a signature operation,
1189 * where the (digest) data can be recovered from the signature.
1190 * E.g. encryption with the user's private key */
1191 CK_RV
FC_SignRecoverInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)1192 FC_SignRecoverInit(CK_SESSION_HANDLE hSession,
1193 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
1194 {
1195 SFTK_FIPSCHECK();
1196 CHECK_FORK();
1197
1198 rv = NSC_SignRecoverInit(hSession, pMechanism, hKey);
1199 if (sftk_audit_enabled) {
1200 sftk_AuditCryptInit("SignRecover", hSession, pMechanism, hKey, rv);
1201 }
1202 return rv;
1203 }
1204
1205 /* FC_SignRecover signs data in a single operation
1206 * where the (digest) data can be recovered from the signature.
1207 * E.g. encryption with the user's private key */
1208 CK_RV
FC_SignRecover(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,CK_ULONG_PTR pusSignatureLen)1209 FC_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
1210 CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pusSignatureLen)
1211 {
1212 SFTK_FIPSCHECK();
1213 CHECK_FORK();
1214
1215 return NSC_SignRecover(hSession, pData, usDataLen, pSignature, pusSignatureLen);
1216 }
1217
1218 /*
1219 ************** Crypto Functions: verify ************************
1220 */
1221
1222 /* FC_VerifyInit initializes a verification operation,
1223 * where the signature is an appendix to the data,
1224 * and plaintext cannot be recovered from the signature (e.g. DSA) */
1225 CK_RV
FC_VerifyInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)1226 FC_VerifyInit(CK_SESSION_HANDLE hSession,
1227 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
1228 {
1229 SFTK_FIPSCHECK();
1230 CHECK_FORK();
1231
1232 rv = NSC_VerifyInit(hSession, pMechanism, hKey);
1233 if (sftk_audit_enabled) {
1234 sftk_AuditCryptInit("Verify", hSession, pMechanism, hKey, rv);
1235 }
1236 return rv;
1237 }
1238
1239 /* FC_Verify verifies a signature in a single-part operation,
1240 * where the signature is an appendix to the data,
1241 * and plaintext cannot be recovered from the signature */
1242 CK_RV
FC_Verify(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pData,CK_ULONG usDataLen,CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen)1243 FC_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData,
1244 CK_ULONG usDataLen, CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen)
1245 {
1246 /* make sure we're legal */
1247 SFTK_FIPSCHECK();
1248 CHECK_FORK();
1249
1250 return NSC_Verify(hSession, pData, usDataLen, pSignature, usSignatureLen);
1251 }
1252
1253 /* FC_VerifyUpdate continues a multiple-part verification operation,
1254 * where the signature is an appendix to the data,
1255 * and plaintext cannot be recovered from the signature */
1256 CK_RV
FC_VerifyUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,CK_ULONG usPartLen)1257 FC_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1258 CK_ULONG usPartLen)
1259 {
1260 SFTK_FIPSCHECK();
1261 CHECK_FORK();
1262
1263 return NSC_VerifyUpdate(hSession, pPart, usPartLen);
1264 }
1265
1266 /* FC_VerifyFinal finishes a multiple-part verification operation,
1267 * checking the signature. */
1268 CK_RV
FC_VerifyFinal(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen)1269 FC_VerifyFinal(CK_SESSION_HANDLE hSession,
1270 CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen)
1271 {
1272 SFTK_FIPSCHECK();
1273 CHECK_FORK();
1274
1275 return NSC_VerifyFinal(hSession, pSignature, usSignatureLen);
1276 }
1277
1278 /*
1279 ************** Crypto Functions: Verify Recover ************************
1280 */
1281
1282 /* FC_VerifyRecoverInit initializes a signature verification operation,
1283 * where the data is recovered from the signature.
1284 * E.g. Decryption with the user's public key */
1285 CK_RV
FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hKey)1286 FC_VerifyRecoverInit(CK_SESSION_HANDLE hSession,
1287 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey)
1288 {
1289 SFTK_FIPSCHECK();
1290 CHECK_FORK();
1291
1292 rv = NSC_VerifyRecoverInit(hSession, pMechanism, hKey);
1293 if (sftk_audit_enabled) {
1294 sftk_AuditCryptInit("VerifyRecover", hSession, pMechanism, hKey, rv);
1295 }
1296 return rv;
1297 }
1298
1299 /* FC_VerifyRecover verifies a signature in a single-part operation,
1300 * where the data is recovered from the signature.
1301 * E.g. Decryption with the user's public key */
1302 CK_RV
FC_VerifyRecover(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSignature,CK_ULONG usSignatureLen,CK_BYTE_PTR pData,CK_ULONG_PTR pusDataLen)1303 FC_VerifyRecover(CK_SESSION_HANDLE hSession,
1304 CK_BYTE_PTR pSignature, CK_ULONG usSignatureLen,
1305 CK_BYTE_PTR pData, CK_ULONG_PTR pusDataLen)
1306 {
1307 SFTK_FIPSCHECK();
1308 CHECK_FORK();
1309
1310 return NSC_VerifyRecover(hSession, pSignature, usSignatureLen, pData,
1311 pusDataLen);
1312 }
1313
1314 /*
1315 **************************** Key Functions: ************************
1316 */
1317
1318 /* FC_GenerateKey generates a secret key, creating a new key object. */
1319 CK_RV
FC_GenerateKey(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulCount,CK_OBJECT_HANDLE_PTR phKey)1320 FC_GenerateKey(CK_SESSION_HANDLE hSession,
1321 CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
1322 CK_OBJECT_HANDLE_PTR phKey)
1323 {
1324 CK_BBOOL *boolptr;
1325
1326 SFTK_FIPSCHECK();
1327 CHECK_FORK();
1328
1329 /* all secret keys must be sensitive, if the upper level code tries to say
1330 * otherwise, reject it. */
1331 boolptr = (CK_BBOOL *)fc_getAttribute(pTemplate, ulCount, CKA_SENSITIVE);
1332 if (boolptr != NULL) {
1333 if (!(*boolptr)) {
1334 return CKR_ATTRIBUTE_VALUE_INVALID;
1335 }
1336 }
1337
1338 rv = NSC_GenerateKey(hSession, pMechanism, pTemplate, ulCount, phKey);
1339 if (sftk_audit_enabled) {
1340 sftk_AuditGenerateKey(hSession, pMechanism, pTemplate, ulCount, phKey, rv);
1341 }
1342 return rv;
1343 }
1344
1345 /* FC_GenerateKeyPair generates a public-key/private-key pair,
1346 * creating new key objects. */
1347 CK_RV
FC_GenerateKeyPair(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_ATTRIBUTE_PTR pPublicKeyTemplate,CK_ULONG usPublicKeyAttributeCount,CK_ATTRIBUTE_PTR pPrivateKeyTemplate,CK_ULONG usPrivateKeyAttributeCount,CK_OBJECT_HANDLE_PTR phPublicKey,CK_OBJECT_HANDLE_PTR phPrivateKey)1348 FC_GenerateKeyPair(CK_SESSION_HANDLE hSession,
1349 CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate,
1350 CK_ULONG usPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
1351 CK_ULONG usPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey,
1352 CK_OBJECT_HANDLE_PTR phPrivateKey)
1353 {
1354 CK_BBOOL *boolptr;
1355 CK_RV crv;
1356
1357 SFTK_FIPSCHECK();
1358 CHECK_FORK();
1359
1360 /* all private keys must be sensitive, if the upper level code tries to say
1361 * otherwise, reject it. */
1362 boolptr = (CK_BBOOL *)fc_getAttribute(pPrivateKeyTemplate,
1363 usPrivateKeyAttributeCount, CKA_SENSITIVE);
1364 if (boolptr != NULL) {
1365 if (!(*boolptr)) {
1366 return CKR_ATTRIBUTE_VALUE_INVALID;
1367 }
1368 }
1369 crv = NSC_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate,
1370 usPublicKeyAttributeCount, pPrivateKeyTemplate,
1371 usPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
1372 if (crv == CKR_GENERAL_ERROR) {
1373 /* pairwise consistency check failed. */
1374 sftk_fatalError = PR_TRUE;
1375 }
1376 if (sftk_audit_enabled) {
1377 sftk_AuditGenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate,
1378 usPublicKeyAttributeCount, pPrivateKeyTemplate,
1379 usPrivateKeyAttributeCount, phPublicKey, phPrivateKey, crv);
1380 }
1381 return crv;
1382 }
1383
1384 /* FC_WrapKey wraps (i.e., encrypts) a key. */
1385 CK_RV
FC_WrapKey(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hWrappingKey,CK_OBJECT_HANDLE hKey,CK_BYTE_PTR pWrappedKey,CK_ULONG_PTR pulWrappedKeyLen)1386 FC_WrapKey(CK_SESSION_HANDLE hSession,
1387 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey,
1388 CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey,
1389 CK_ULONG_PTR pulWrappedKeyLen)
1390 {
1391 SFTK_FIPSCHECK();
1392 CHECK_FORK();
1393
1394 rv = NSC_WrapKey(hSession, pMechanism, hWrappingKey, hKey, pWrappedKey,
1395 pulWrappedKeyLen);
1396 if (sftk_audit_enabled) {
1397 sftk_AuditWrapKey(hSession, pMechanism, hWrappingKey, hKey, pWrappedKey,
1398 pulWrappedKeyLen, rv);
1399 }
1400 return rv;
1401 }
1402
1403 /* FC_UnwrapKey unwraps (decrypts) a wrapped key, creating a new key object. */
1404 CK_RV
FC_UnwrapKey(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hUnwrappingKey,CK_BYTE_PTR pWrappedKey,CK_ULONG ulWrappedKeyLen,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulAttributeCount,CK_OBJECT_HANDLE_PTR phKey)1405 FC_UnwrapKey(CK_SESSION_HANDLE hSession,
1406 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey,
1407 CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
1408 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
1409 CK_OBJECT_HANDLE_PTR phKey)
1410 {
1411 CK_BBOOL *boolptr;
1412
1413 SFTK_FIPSCHECK();
1414 CHECK_FORK();
1415
1416 /* all secret keys must be sensitive, if the upper level code tries to say
1417 * otherwise, reject it. */
1418 boolptr = (CK_BBOOL *)fc_getAttribute(pTemplate,
1419 ulAttributeCount, CKA_SENSITIVE);
1420 if (boolptr != NULL) {
1421 if (!(*boolptr)) {
1422 return CKR_ATTRIBUTE_VALUE_INVALID;
1423 }
1424 }
1425 rv = NSC_UnwrapKey(hSession, pMechanism, hUnwrappingKey, pWrappedKey,
1426 ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey);
1427 if (sftk_audit_enabled) {
1428 sftk_AuditUnwrapKey(hSession, pMechanism, hUnwrappingKey, pWrappedKey,
1429 ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey, rv);
1430 }
1431 return rv;
1432 }
1433
1434 /* FC_DeriveKey derives a key from a base key, creating a new key object. */
1435 CK_RV
FC_DeriveKey(CK_SESSION_HANDLE hSession,CK_MECHANISM_PTR pMechanism,CK_OBJECT_HANDLE hBaseKey,CK_ATTRIBUTE_PTR pTemplate,CK_ULONG ulAttributeCount,CK_OBJECT_HANDLE_PTR phKey)1436 FC_DeriveKey(CK_SESSION_HANDLE hSession,
1437 CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey,
1438 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
1439 CK_OBJECT_HANDLE_PTR phKey)
1440 {
1441 CK_BBOOL *boolptr;
1442
1443 SFTK_FIPSCHECK();
1444 CHECK_FORK();
1445
1446 /* all secret keys must be sensitive, if the upper level code tries to say
1447 * otherwise, reject it. */
1448 boolptr = (CK_BBOOL *)fc_getAttribute(pTemplate,
1449 ulAttributeCount, CKA_SENSITIVE);
1450 if (boolptr != NULL) {
1451 if (!(*boolptr)) {
1452 return CKR_ATTRIBUTE_VALUE_INVALID;
1453 }
1454 }
1455 rv = NSC_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate,
1456 ulAttributeCount, phKey);
1457 if (sftk_audit_enabled) {
1458 sftk_AuditDeriveKey(hSession, pMechanism, hBaseKey, pTemplate,
1459 ulAttributeCount, phKey, rv);
1460 }
1461 return rv;
1462 }
1463
1464 /*
1465 **************************** Radom Functions: ************************
1466 */
1467
1468 /* FC_SeedRandom mixes additional seed material into the token's random number
1469 * generator. */
1470 CK_RV
FC_SeedRandom(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pSeed,CK_ULONG usSeedLen)1471 FC_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed,
1472 CK_ULONG usSeedLen)
1473 {
1474 CK_RV crv;
1475
1476 SFTK_FIPSFATALCHECK();
1477 CHECK_FORK();
1478
1479 crv = NSC_SeedRandom(hSession, pSeed, usSeedLen);
1480 if (crv != CKR_OK) {
1481 sftk_fatalError = PR_TRUE;
1482 }
1483 return crv;
1484 }
1485
1486 /* FC_GenerateRandom generates random data. */
1487 CK_RV
FC_GenerateRandom(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pRandomData,CK_ULONG ulRandomLen)1488 FC_GenerateRandom(CK_SESSION_HANDLE hSession,
1489 CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen)
1490 {
1491 CK_RV crv;
1492
1493 CHECK_FORK();
1494
1495 SFTK_FIPSFATALCHECK();
1496 crv = NSC_GenerateRandom(hSession, pRandomData, ulRandomLen);
1497 if (crv != CKR_OK) {
1498 sftk_fatalError = PR_TRUE;
1499 if (sftk_audit_enabled) {
1500 char msg[128];
1501 PR_snprintf(msg, sizeof msg,
1502 "C_GenerateRandom(hSession=0x%08lX, pRandomData=%p, "
1503 "ulRandomLen=%lu)=0x%08lX "
1504 "self-test: continuous RNG test failed",
1505 (PRUint32)hSession, pRandomData,
1506 (PRUint32)ulRandomLen, (PRUint32)crv);
1507 sftk_LogAuditMessage(NSS_AUDIT_ERROR, NSS_AUDIT_SELF_TEST, msg);
1508 }
1509 }
1510 return crv;
1511 }
1512
1513 /* FC_GetFunctionStatus obtains an updated status of a function running
1514 * in parallel with an application. */
1515 CK_RV
FC_GetFunctionStatus(CK_SESSION_HANDLE hSession)1516 FC_GetFunctionStatus(CK_SESSION_HANDLE hSession)
1517 {
1518 SFTK_FIPSCHECK();
1519 CHECK_FORK();
1520
1521 return NSC_GetFunctionStatus(hSession);
1522 }
1523
1524 /* FC_CancelFunction cancels a function running in parallel */
1525 CK_RV
FC_CancelFunction(CK_SESSION_HANDLE hSession)1526 FC_CancelFunction(CK_SESSION_HANDLE hSession)
1527 {
1528 SFTK_FIPSCHECK();
1529 CHECK_FORK();
1530
1531 return NSC_CancelFunction(hSession);
1532 }
1533
1534 /*
1535 **************************** Version 1.1 Functions: ************************
1536 */
1537
1538 /* FC_GetOperationState saves the state of the cryptographic
1539 *operation in a session. */
1540 CK_RV
FC_GetOperationState(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pOperationState,CK_ULONG_PTR pulOperationStateLen)1541 FC_GetOperationState(CK_SESSION_HANDLE hSession,
1542 CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen)
1543 {
1544 SFTK_FIPSFATALCHECK();
1545 CHECK_FORK();
1546
1547 return NSC_GetOperationState(hSession, pOperationState, pulOperationStateLen);
1548 }
1549
1550 /* FC_SetOperationState restores the state of the cryptographic operation
1551 * in a session. */
1552 CK_RV
FC_SetOperationState(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pOperationState,CK_ULONG ulOperationStateLen,CK_OBJECT_HANDLE hEncryptionKey,CK_OBJECT_HANDLE hAuthenticationKey)1553 FC_SetOperationState(CK_SESSION_HANDLE hSession,
1554 CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen,
1555 CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey)
1556 {
1557 SFTK_FIPSFATALCHECK();
1558 CHECK_FORK();
1559
1560 return NSC_SetOperationState(hSession, pOperationState, ulOperationStateLen,
1561 hEncryptionKey, hAuthenticationKey);
1562 }
1563
1564 /* FC_FindObjectsFinal finishes a search for token and session objects. */
1565 CK_RV
FC_FindObjectsFinal(CK_SESSION_HANDLE hSession)1566 FC_FindObjectsFinal(CK_SESSION_HANDLE hSession)
1567 {
1568 /* let publically readable object be found */
1569 SFTK_FIPSFATALCHECK();
1570 CHECK_FORK();
1571
1572 return NSC_FindObjectsFinal(hSession);
1573 }
1574
1575 /* Dual-function cryptographic operations */
1576
1577 /* FC_DigestEncryptUpdate continues a multiple-part digesting and encryption
1578 * operation. */
1579 CK_RV
FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,CK_ULONG ulPartLen,CK_BYTE_PTR pEncryptedPart,CK_ULONG_PTR pulEncryptedPartLen)1580 FC_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1581 CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1582 CK_ULONG_PTR pulEncryptedPartLen)
1583 {
1584 SFTK_FIPSCHECK();
1585 CHECK_FORK();
1586
1587 return NSC_DigestEncryptUpdate(hSession, pPart, ulPartLen, pEncryptedPart,
1588 pulEncryptedPartLen);
1589 }
1590
1591 /* FC_DecryptDigestUpdate continues a multiple-part decryption and digesting
1592 * operation. */
1593 CK_RV
FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pEncryptedPart,CK_ULONG ulEncryptedPartLen,CK_BYTE_PTR pPart,CK_ULONG_PTR pulPartLen)1594 FC_DecryptDigestUpdate(CK_SESSION_HANDLE hSession,
1595 CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen,
1596 CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
1597 {
1598 SFTK_FIPSCHECK();
1599 CHECK_FORK();
1600
1601 return NSC_DecryptDigestUpdate(hSession, pEncryptedPart, ulEncryptedPartLen,
1602 pPart, pulPartLen);
1603 }
1604
1605 /* FC_SignEncryptUpdate continues a multiple-part signing and encryption
1606 * operation. */
1607 CK_RV
FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pPart,CK_ULONG ulPartLen,CK_BYTE_PTR pEncryptedPart,CK_ULONG_PTR pulEncryptedPartLen)1608 FC_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
1609 CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
1610 CK_ULONG_PTR pulEncryptedPartLen)
1611 {
1612 SFTK_FIPSCHECK();
1613 CHECK_FORK();
1614
1615 return NSC_SignEncryptUpdate(hSession, pPart, ulPartLen, pEncryptedPart,
1616 pulEncryptedPartLen);
1617 }
1618
1619 /* FC_DecryptVerifyUpdate continues a multiple-part decryption and verify
1620 * operation. */
1621 CK_RV
FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,CK_BYTE_PTR pEncryptedData,CK_ULONG ulEncryptedDataLen,CK_BYTE_PTR pData,CK_ULONG_PTR pulDataLen)1622 FC_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession,
1623 CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen,
1624 CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
1625 {
1626 SFTK_FIPSCHECK();
1627 CHECK_FORK();
1628
1629 return NSC_DecryptVerifyUpdate(hSession, pEncryptedData, ulEncryptedDataLen,
1630 pData, pulDataLen);
1631 }
1632
1633 /* FC_DigestKey continues a multi-part message-digesting operation,
1634 * by digesting the value of a secret key as part of the data already digested.
1635 */
1636 CK_RV
FC_DigestKey(CK_SESSION_HANDLE hSession,CK_OBJECT_HANDLE hKey)1637 FC_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey)
1638 {
1639 SFTK_FIPSCHECK();
1640 CHECK_FORK();
1641
1642 rv = NSC_DigestKey(hSession, hKey);
1643 if (sftk_audit_enabled) {
1644 sftk_AuditDigestKey(hSession, hKey, rv);
1645 }
1646 return rv;
1647 }
1648
1649 CK_RV
FC_WaitForSlotEvent(CK_FLAGS flags,CK_SLOT_ID_PTR pSlot,CK_VOID_PTR pReserved)1650 FC_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot,
1651 CK_VOID_PTR pReserved)
1652 {
1653 CHECK_FORK();
1654
1655 return NSC_WaitForSlotEvent(flags, pSlot, pReserved);
1656 }
1657