summaryrefslogtreecommitdiff
path: root/usr/lib/pkcs11/tpm_stdll/dig_mgr.c
diff options
context:
space:
mode:
authorGuido Trotter <ultrotter@debian.org>2011-09-10 09:20:39 +0100
committerGuido Trotter <ultrotter@debian.org>2011-09-10 09:20:39 +0100
commit84e0d7d3e77d7f757be6f58198957d3c9ed0e688 (patch)
treee7d833da14479bf0ecc69f4e771c208289818a15 /usr/lib/pkcs11/tpm_stdll/dig_mgr.c
opencryptoki (2.3.1+dfsg-3) unstable; urgency=low
* QA upload. * Fix pkcs11_startup module paths (Closes: #641080) # imported from the archive
Diffstat (limited to 'usr/lib/pkcs11/tpm_stdll/dig_mgr.c')
-rw-r--r--usr/lib/pkcs11/tpm_stdll/dig_mgr.c641
1 files changed, 641 insertions, 0 deletions
diff --git a/usr/lib/pkcs11/tpm_stdll/dig_mgr.c b/usr/lib/pkcs11/tpm_stdll/dig_mgr.c
new file mode 100644
index 0000000..fa20f91
--- /dev/null
+++ b/usr/lib/pkcs11/tpm_stdll/dig_mgr.c
@@ -0,0 +1,641 @@
+/*
+ Common Public License Version 0.5
+
+ THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF
+ THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE,
+ REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES
+ RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+ 1. DEFINITIONS
+
+ "Contribution" means:
+ a) in the case of the initial Contributor, the
+ initial code and documentation distributed under
+ this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+ i) changes to the Program, and
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program
+ originate from and are distributed by that
+ particular Contributor. A Contribution 'originates'
+ from a Contributor if it was added to the Program
+ by such Contributor itself or anyone acting on such
+ Contributor's behalf. Contributions do not include
+ additions to the Program which: (i) are separate
+ modules of software distributed in conjunction with
+ the Program under their own license agreement, and
+ (ii) are not derivative works of the Program.
+
+
+ "Contributor" means any person or entity that distributes
+ the Program.
+
+ "Licensed Patents " mean patent claims licensable by a
+ Contributor which are necessarily infringed by the use or
+ sale of its Contribution alone or when combined with the
+ Program.
+
+ "Program" means the Contributions distributed in
+ accordance with this Agreement.
+
+ "Recipient" means anyone who receives the Program under
+ this Agreement, including all Contributors.
+
+ 2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each
+ Contributor hereby grants Recipient a
+ non-exclusive, worldwide, royalty-free copyright
+ license to reproduce, prepare derivative works of,
+ publicly display, publicly perform, distribute and
+ sublicense the Contribution of such Contributor, if
+ any, and such derivative works, in source code and
+ object code form.
+
+ b) Subject to the terms of this Agreement, each
+ Contributor hereby grants Recipient a
+ non-exclusive, worldwide, royalty-free patent
+ license under Licensed Patents to make, use, sell,
+ offer to sell, import and otherwise transfer the
+ Contribution of such Contributor, if any, in source
+ code and object code form. This patent license
+ shall apply to the combination of the Contribution
+ and the Program if, at the time the Contribution is
+ added by the Contributor, such addition of the
+ Contribution causes such combination to be covered
+ by the Licensed Patents. The patent license shall
+ not apply to any other combinations which include
+ the Contribution. No hardware per se is licensed
+ hereunder.
+
+ c) Recipient understands that although each
+ Contributor grants the licenses to its
+ Contributions set forth herein, no assurances are
+ provided by any Contributor that the Program does
+ not infringe the patent or other intellectual
+ property rights of any other entity. Each
+ Contributor disclaims any liability to Recipient
+ for claims brought by any other entity based on
+ infringement of intellectual property rights or
+ otherwise. As a condition to exercising the rights
+ and licenses granted hereunder, each Recipient
+ hereby assumes sole responsibility to secure any
+ other intellectual property rights needed, if any.
+
+ For example, if a third party patent license is
+ required to allow Recipient to distribute the
+ Program, it is Recipient's responsibility to
+ acquire that license before distributing the
+ Program.
+
+ d) Each Contributor represents that to its
+ knowledge it has sufficient copyright rights in its
+ Contribution, if any, to grant the copyright
+ license set forth in this Agreement.
+
+ 3. REQUIREMENTS
+
+ A Contributor may choose to distribute the Program in
+ object code form under its own license agreement, provided
+ that:
+ a) it complies with the terms and conditions of
+ this Agreement; and
+
+ b) its license agreement:
+ i) effectively disclaims on behalf of all
+ Contributors all warranties and conditions, express
+ and implied, including warranties or conditions of
+ title and non-infringement, and implied warranties
+ or conditions of merchantability and fitness for a
+ particular purpose;
+
+ ii) effectively excludes on behalf of all
+ Contributors all liability for damages, including
+ direct, indirect, special, incidental and
+ consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from
+ this Agreement are offered by that Contributor
+ alone and not by any other party; and
+
+ iv) states that source code for the Program is
+ available from such Contributor, and informs
+ licensees how to obtain it in a reasonable manner
+ on or through a medium customarily used for
+ software exchange.
+
+ When the Program is made available in source code form:
+ a) it must be made available under this Agreement;
+ and
+ b) a copy of this Agreement must be included with
+ each copy of the Program.
+
+ Contributors may not remove or alter any copyright notices
+ contained within the Program.
+
+ Each Contributor must identify itself as the originator of
+ its Contribution, if any, in a manner that reasonably
+ allows subsequent Recipients to identify the originator of
+ the Contribution.
+
+
+ 4. COMMERCIAL DISTRIBUTION
+
+ Commercial distributors of software may accept certain
+ responsibilities with respect to end users, business
+ partners and the like. While this license is intended to
+ facilitate the commercial use of the Program, the
+ Contributor who includes the Program in a commercial
+ product offering should do so in a manner which does not
+ create potential liability for other Contributors.
+ Therefore, if a Contributor includes the Program in a
+ commercial product offering, such Contributor ("Commercial
+ Contributor") hereby agrees to defend and indemnify every
+ other Contributor ("Indemnified Contributor") against any
+ losses, damages and costs (collectively "Losses") arising
+ from claims, lawsuits and other legal actions brought by a
+ third party against the Indemnified Contributor to the
+ extent caused by the acts or omissions of such Commercial
+ Contributor in connection with its distribution of the
+ Program in a commercial product offering. The obligations
+ in this section do not apply to any claims or Losses
+ relating to any actual or alleged intellectual property
+ infringement. In order to qualify, an Indemnified
+ Contributor must: a) promptly notify the Commercial
+ Contributor in writing of such claim, and b) allow the
+ Commercial Contributor to control, and cooperate with the
+ Commercial Contributor in, the defense and any related
+ settlement negotiations. The Indemnified Contributor may
+ participate in any such claim at its own expense.
+
+
+ For example, a Contributor might include the Program in a
+ commercial product offering, Product X. That Contributor
+ is then a Commercial Contributor. If that Commercial
+ Contributor then makes performance claims, or offers
+ warranties related to Product X, those performance claims
+ and warranties are such Commercial Contributor's
+ responsibility alone. Under this section, the Commercial
+ Contributor would have to defend claims against the other
+ Contributors related to those performance claims and
+ warranties, and if a court requires any other Contributor
+ to pay any damages as a result, the Commercial Contributor
+ must pay those damages.
+
+
+ 5. NO WARRANTY
+
+ EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE
+ PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR
+ IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR
+ CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR
+ FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely
+ responsible for determining the appropriateness of using
+ and distributing the Program and assumes all risks
+ associated with its exercise of rights under this
+ Agreement, including but not limited to the risks and
+ costs of program errors, compliance with applicable laws,
+ damage to or loss of data, programs or equipment, and
+ unavailability or interruption of operations.
+
+ 6. DISCLAIMER OF LIABILITY
+ EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER
+ RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION
+ LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF
+ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE
+ OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGES.
+
+ 7. GENERAL
+
+ If any provision of this Agreement is invalid or
+ unenforceable under applicable law, it shall not affect
+ the validity or enforceability of the remainder of the
+ terms of this Agreement, and without further action by the
+ parties hereto, such provision shall be reformed to the
+ minimum extent necessary to make such provision valid and
+ enforceable.
+
+
+ If Recipient institutes patent litigation against a
+ Contributor with respect to a patent applicable to
+ software (including a cross-claim or counterclaim in a
+ lawsuit), then any patent licenses granted by that
+ Contributor to such Recipient under this Agreement shall
+ terminate as of the date such litigation is filed. In
+ addition, If Recipient institutes patent litigation
+ against any entity (including a cross-claim or
+ counterclaim in a lawsuit) alleging that the Program
+ itself (excluding combinations of the Program with other
+ software or hardware) infringes such Recipient's
+ patent(s), then such Recipient's rights granted under
+ Section 2(b) shall terminate as of the date such
+ litigation is filed.
+
+ All Recipient's rights under this Agreement shall
+ terminate if it fails to comply with any of the material
+ terms or conditions of this Agreement and does not cure
+ such failure in a reasonable period of time after becoming
+ aware of such noncompliance. If all Recipient's rights
+ under this Agreement terminate, Recipient agrees to cease
+ use and distribution of the Program as soon as reasonably
+ practicable. However, Recipient's obligations under this
+ Agreement and any licenses granted by Recipient relating
+ to the Program shall continue and survive.
+
+ Everyone is permitted to copy and distribute copies of
+ this Agreement, but in order to avoid inconsistency the
+ Agreement is copyrighted and may only be modified in the
+ following manner. The Agreement Steward reserves the right
+ to publish new versions (including revisions) of this
+ Agreement from time to time. No one other than the
+ Agreement Steward has the right to modify this Agreement.
+
+ IBM is the initial Agreement Steward. IBM may assign the
+ responsibility to serve as the Agreement Steward to a
+ suitable separate entity. Each new version of the
+ Agreement will be given a distinguishing version number.
+ The Program (including Contributions) may always be
+ distributed subject to the version of the Agreement under
+ which it was received. In addition, after a new version of
+ the Agreement is published, Contributor may elect to
+ distribute the Program (including its Contributions) under
+ the new version. Except as expressly stated in Sections
+ 2(a) and 2(b) above, Recipient receives no rights or
+ licenses to the intellectual property of any Contributor
+ under this Agreement, whether expressly, by implication,
+ estoppel or otherwise. All rights in the Program not
+ expressly granted under this Agreement are reserved.
+
+
+ This Agreement is governed by the laws of the State of New
+ York and the intellectual property laws of the United
+ States of America. No party to this Agreement will bring a
+ legal action under this Agreement more than one year after
+ the cause of action arose. Each party waives its rights to
+ a jury trial in any resulting litigation.
+
+
+
+*/
+
+/* (C) COPYRIGHT International Business Machines Corp. 2001,2002 */
+
+
+// File: dig_mgr.c
+//
+// Digest manager routines
+//
+
+#include <pthread.h>
+#include <string.h> // for memcmp() et al
+#include <stdlib.h>
+
+#include "pkcs11types.h"
+#include "pkcs11/stdll.h"
+#include "defs.h"
+#include "host_defs.h"
+#include "h_extern.h"
+#include "tok_spec_struct.h"
+
+
+//
+//
+CK_RV
+digest_mgr_init( SESSION *sess,
+ DIGEST_CONTEXT *ctx,
+ CK_MECHANISM *mech )
+{
+ CK_BYTE * ptr = NULL;
+
+
+ if (!sess || !ctx){
+ st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
+ return CKR_FUNCTION_FAILED;
+ }
+ if (ctx->active != FALSE){
+ st_err_log(31, __FILE__, __LINE__);
+ return CKR_OPERATION_ACTIVE;
+ }
+
+ // is the mechanism supported? is the parameter present if required?
+ //
+ switch (mech->mechanism) {
+ case CKM_SHA_1:
+ {
+ if (mech->ulParameterLen != 0){
+ st_err_log(29, __FILE__, __LINE__);
+ return CKR_MECHANISM_PARAM_INVALID;
+ }
+
+ ctx->context = NULL;
+ ckm_sha1_init( ctx );
+
+ if (!ctx->context) {
+ st_err_log(1, __FILE__, __LINE__);
+ return CKR_HOST_MEMORY;
+ }
+ }
+ break;
+
+ case CKM_MD2:
+ {
+ if (mech->ulParameterLen != 0){
+ st_err_log(29, __FILE__, __LINE__);
+ return CKR_MECHANISM_PARAM_INVALID;
+ }
+ ctx->context_len = sizeof(MD2_CONTEXT);
+ ctx->context = (CK_BYTE *)malloc(sizeof(MD2_CONTEXT));
+ if (!ctx->context){
+ st_err_log(1, __FILE__, __LINE__);
+ return CKR_HOST_MEMORY;
+ }
+ memset( ctx->context, 0x0, sizeof(MD2_CONTEXT) );
+ }
+ break;
+
+ case CKM_MD5:
+ {
+ if (mech->ulParameterLen != 0){
+ st_err_log(29, __FILE__, __LINE__);
+ return CKR_MECHANISM_PARAM_INVALID;
+ }
+ ctx->context_len = sizeof(MD5_CONTEXT);
+ ctx->context = (CK_BYTE *)malloc(sizeof(MD5_CONTEXT));
+ if (!ctx->context){
+ st_err_log(1, __FILE__, __LINE__);
+ return CKR_HOST_MEMORY;
+ }
+ ckm_md5_init( (MD5_CONTEXT *)ctx->context );
+ }
+ break;
+
+ default:
+ st_err_log(28, __FILE__, __LINE__);
+ return CKR_MECHANISM_INVALID;
+ }
+
+
+ if (mech->ulParameterLen > 0) {
+ ptr = (CK_BYTE *)malloc(mech->ulParameterLen);
+ if (!ptr){
+ st_err_log(1, __FILE__, __LINE__);
+ return CKR_HOST_MEMORY;
+ }
+ memcpy( ptr, mech->pParameter, mech->ulParameterLen );
+ }
+
+ ctx->mech.ulParameterLen = mech->ulParameterLen;
+ ctx->mech.mechanism = mech->mechanism;
+ ctx->mech.pParameter = ptr;
+ ctx->multi = FALSE;
+ ctx->active = TRUE;
+
+ return CKR_OK;
+}
+
+
+//
+//
+CK_RV
+digest_mgr_cleanup( DIGEST_CONTEXT *ctx )
+{
+ if (!ctx){
+ st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
+ return CKR_FUNCTION_FAILED;
+ }
+ ctx->mech.ulParameterLen = 0;
+ ctx->mech.mechanism = 0;
+ ctx->multi = FALSE;
+ ctx->active = FALSE;
+ ctx->context_len = 0;
+
+ if (ctx->mech.pParameter) {
+ free( ctx->mech.pParameter );
+ ctx->mech.pParameter = NULL;
+ }
+
+ if (ctx->context != NULL) {
+ free( ctx->context );
+ ctx->context = NULL;
+ }
+
+ return CKR_OK;
+}
+
+
+
+//
+//
+CK_RV
+digest_mgr_digest( SESSION *sess,
+ CK_BBOOL length_only,
+ DIGEST_CONTEXT *ctx,
+ CK_BYTE *in_data,
+ CK_ULONG in_data_len,
+ CK_BYTE *out_data,
+ CK_ULONG *out_data_len )
+{
+
+ if (!sess || !ctx){
+ st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
+ return CKR_FUNCTION_FAILED;
+ }
+ if (ctx->active == FALSE){
+ st_err_log(32, __FILE__, __LINE__);
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ // if the caller just wants the encrypted length, there is no reason to
+ // specify the input data. I just need the data length
+ //
+ if ((length_only == FALSE) && (!in_data || !out_data)){
+ st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
+ return CKR_FUNCTION_FAILED;
+ }
+
+ if (ctx->multi == TRUE){
+ st_err_log(31, __FILE__, __LINE__);
+ return CKR_OPERATION_ACTIVE;
+ }
+ switch (ctx->mech.mechanism) {
+ case CKM_SHA_1:
+ return sha1_hash( sess, length_only, ctx,
+ in_data, in_data_len,
+ out_data, out_data_len );
+
+#if !(NOMD2 )
+ case CKM_MD2:
+ return md2_hash( sess, length_only, ctx,
+ in_data, in_data_len,
+ out_data, out_data_len );
+#endif
+
+ case CKM_MD5:
+ return md5_hash( sess, length_only, ctx,
+ in_data, in_data_len,
+ out_data, out_data_len );
+
+ default:
+ st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
+ return CKR_FUNCTION_FAILED; // shouldn't happen
+ }
+
+ st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
+ return CKR_FUNCTION_FAILED;
+}
+
+
+//
+//
+CK_RV
+digest_mgr_digest_update( SESSION *sess,
+ DIGEST_CONTEXT *ctx,
+ CK_BYTE *data,
+ CK_ULONG data_len )
+{
+ if (!sess || !ctx){
+ st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
+ return CKR_FUNCTION_FAILED;
+ }
+ if (ctx->active == FALSE){
+ st_err_log(32, __FILE__, __LINE__);
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ ctx->multi = TRUE;
+
+ switch (ctx->mech.mechanism) {
+ case CKM_SHA_1:
+ return sha1_hash_update( sess, ctx, data, data_len );
+
+#if !(NOMD2)
+ case CKM_MD2:
+ return md2_hash_update( sess, ctx, data, data_len );
+#endif
+
+ case CKM_MD5:
+ return md5_hash_update( sess, ctx, data, data_len );
+
+ default:
+ st_err_log(28, __FILE__, __LINE__);
+ return CKR_MECHANISM_INVALID;
+ }
+
+ st_err_log(28, __FILE__, __LINE__);
+ return CKR_MECHANISM_INVALID; // shouldn't happen!
+}
+
+
+//
+//
+CK_RV
+digest_mgr_digest_key( SESSION * sess,
+ DIGEST_CONTEXT * ctx,
+ CK_OBJECT_HANDLE key_handle )
+{
+ CK_ATTRIBUTE * attr = NULL;
+ OBJECT * key_obj = NULL;
+ CK_OBJECT_CLASS class;
+ CK_RV rc;
+
+
+ if (!sess || !ctx){
+ st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
+ return CKR_FUNCTION_FAILED;
+ }
+
+ rc = object_mgr_find_in_map1( key_handle, &key_obj );
+ if (rc != CKR_OK){
+ st_err_log(18, __FILE__, __LINE__);
+ return CKR_KEY_HANDLE_INVALID;
+ }
+ // only allow digesting of CKO_SECRET keys
+ //
+ rc = template_attribute_find( key_obj->template, CKA_CLASS, &attr );
+ if (rc == FALSE) {
+ st_err_log(24, __FILE__, __LINE__);
+ return CKR_KEY_INDIGESTIBLE;
+ }
+ else
+ class = *(CK_OBJECT_CLASS *)attr->pValue;
+
+ if (class != CKO_SECRET_KEY){
+ st_err_log(24, __FILE__, __LINE__);
+ return CKR_KEY_INDIGESTIBLE;
+ }
+
+ // every secret key has a CKA_VALUE attribute
+ //
+ rc = template_attribute_find( key_obj->template, CKA_VALUE, &attr );
+ if (!rc){
+ st_err_log(24, __FILE__, __LINE__);
+ return CKR_KEY_INDIGESTIBLE;
+ }
+ rc = digest_mgr_digest_update( sess,
+ ctx,
+ attr->pValue,
+ attr->ulValueLen );
+ if (rc != CKR_OK){
+ st_err_log(24, __FILE__, __LINE__);
+ }
+ return rc;
+}
+
+
+//
+//
+CK_RV
+digest_mgr_digest_final( SESSION *sess,
+ CK_BBOOL length_only,
+ DIGEST_CONTEXT *ctx,
+ CK_BYTE *hash,
+ CK_ULONG *hash_len )
+{
+ if (!sess || !ctx){
+ st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
+ return CKR_FUNCTION_FAILED;
+ }
+ if (ctx->active == FALSE){
+ st_err_log(32, __FILE__, __LINE__);
+ return CKR_OPERATION_NOT_INITIALIZED;
+ }
+
+ /* XXX KEY - Turn off the multi flag to tell the next layer that this
+ * is the final part of a multi part operation.
+ */
+ ctx->multi = FALSE;
+
+ switch (ctx->mech.mechanism) {
+ case CKM_SHA_1:
+ return sha1_hash_final( sess, length_only,
+ ctx,
+ hash, hash_len );
+
+#if !(NOMD2)
+ case CKM_MD2:
+ return md2_hash_final( sess, length_only,
+ ctx,
+ hash, hash_len );
+#endif
+
+ case CKM_MD5:
+ return md5_hash_final( sess, length_only,
+ ctx,
+ hash, hash_len );
+
+ default:
+ st_err_log(28, __FILE__, __LINE__);
+ return CKR_MECHANISM_INVALID; // shouldn't happen
+ }
+
+ st_err_log(28, __FILE__, __LINE__);
+ return CKR_MECHANISM_INVALID;
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 18:32:29 +0000