1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2004 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 /* 30 * Functions for Verifying Signatures and MACS 31 * (as defined in PKCS#11 spec section 11.13) 32 */ 33 34 #include "metaGlobal.h" 35 36 37 /* 38 * meta_VerifyInit 39 * 40 */ 41 CK_RV 42 meta_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 43 CK_OBJECT_HANDLE hKey) 44 { 45 CK_RV rv; 46 meta_session_t *session; 47 meta_object_t *key; 48 49 if (pMechanism == NULL) 50 return (CKR_ARGUMENTS_BAD); 51 52 rv = meta_handle2session(hSession, &session); 53 if (rv != CKR_OK) 54 return (rv); 55 56 rv = meta_handle2object(hKey, &key); 57 if (rv != CKR_OK) { 58 REFRELEASE(session); 59 return (rv); 60 } 61 62 rv = meta_operation_init(OP_VERIFY, session, pMechanism, key); 63 64 OBJRELEASE(key); 65 REFRELEASE(session); 66 67 return (rv); 68 } 69 70 71 /* 72 * meta_Verify 73 * 74 */ 75 CK_RV 76 meta_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, 77 CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) 78 { 79 CK_RV rv; 80 meta_session_t *session; 81 82 rv = meta_handle2session(hSession, &session); 83 if (rv != CKR_OK) 84 return (rv); 85 86 /* Note: unlike other ops, both buffers are inputs, and required. */ 87 if (pData == NULL || pSignature == NULL) { 88 meta_operation_cleanup(session, OP_VERIFY, FALSE); 89 REFRELEASE(session); 90 return (CKR_ARGUMENTS_BAD); 91 } 92 93 rv = meta_do_operation(OP_VERIFY, MODE_SINGLE, session, NULL, 94 pData, ulDataLen, pSignature, &ulSignatureLen); 95 96 REFRELEASE(session); 97 98 return (rv); 99 } 100 101 102 /* 103 * meta_VerifyUpdate 104 * 105 */ 106 CK_RV 107 meta_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, 108 CK_ULONG ulPartLen) 109 { 110 CK_RV rv; 111 meta_session_t *session; 112 113 rv = meta_handle2session(hSession, &session); 114 if (rv != CKR_OK) 115 return (rv); 116 117 if (pPart == NULL) { 118 meta_operation_cleanup(session, OP_VERIFY, FALSE); 119 REFRELEASE(session); 120 return (CKR_ARGUMENTS_BAD); 121 } 122 123 rv = meta_do_operation(OP_VERIFY, MODE_UPDATE, session, NULL, 124 pPart, ulPartLen, NULL, NULL); 125 126 REFRELEASE(session); 127 128 return (rv); 129 } 130 131 132 /* 133 * meta_VerifyFinal 134 * 135 */ 136 CK_RV 137 meta_VerifyFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, 138 CK_ULONG ulSignatureLen) 139 { 140 CK_RV rv; 141 meta_session_t *session; 142 143 rv = meta_handle2session(hSession, &session); 144 if (rv != CKR_OK) 145 return (rv); 146 147 /* 148 * Unlike other ops the buffer is an input. Allow NULL if there's 149 * no more input. 150 */ 151 if (pSignature == NULL && ulSignatureLen != 0) { 152 meta_operation_cleanup(session, OP_VERIFY, FALSE); 153 REFRELEASE(session); 154 return (CKR_ARGUMENTS_BAD); 155 } 156 157 rv = meta_do_operation(OP_VERIFY, MODE_FINAL, session, NULL, 158 pSignature, ulSignatureLen, NULL, NULL); 159 160 REFRELEASE(session); 161 162 return (rv); 163 } 164 165 166 /* 167 * meta_VerifyRecoverInit 168 * 169 */ 170 CK_RV 171 meta_VerifyRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 172 CK_OBJECT_HANDLE hKey) 173 { 174 CK_RV rv; 175 meta_session_t *session; 176 meta_object_t *key; 177 178 if (pMechanism == NULL) 179 return (CKR_ARGUMENTS_BAD); 180 181 rv = meta_handle2session(hSession, &session); 182 if (rv != CKR_OK) 183 return (rv); 184 185 rv = meta_handle2object(hKey, &key); 186 if (rv != CKR_OK) { 187 REFRELEASE(session); 188 return (rv); 189 } 190 191 rv = meta_operation_init(OP_VERIFYRECOVER, session, pMechanism, key); 192 193 OBJRELEASE(key); 194 REFRELEASE(session); 195 196 return (rv); 197 } 198 199 200 /* 201 * meta_VerifyRecover 202 * 203 */ 204 CK_RV 205 meta_VerifyRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, 206 CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) 207 { 208 CK_RV rv; 209 meta_session_t *session; 210 211 rv = meta_handle2session(hSession, &session); 212 if (rv != CKR_OK) 213 return (rv); 214 215 if (pSignature == NULL || pulDataLen == NULL) { 216 meta_operation_cleanup(session, OP_VERIFYRECOVER, FALSE); 217 REFRELEASE(session); 218 return (CKR_ARGUMENTS_BAD); 219 } 220 221 rv = meta_do_operation(OP_VERIFYRECOVER, MODE_SINGLE, session, NULL, 222 pSignature, ulSignatureLen, pData, pulDataLen); 223 224 REFRELEASE(session); 225 226 return (rv); 227 } 228