/* This function should test:
* RSA Key Generation, using CKM_PKCS_KEY_PAIR_GEN
* RSA Public-Key Wrap
* RSA Private-Key Unwrap
*
*/
CK_RV do_WrapUnwrapRSA(struct GENERATED_TEST_SUITE_INFO *tsuite)
{
int i;
CK_OBJECT_HANDLE publ_key, priv_key, secret_key, unwrapped_key;
CK_BYTE_PTR wrapped_key;
CK_ULONG wrapped_keylen, unwrapped_keylen;
CK_MECHANISM wrap_mech, keygen_mech;
char *s;
CK_SESSION_HANDLE session;
CK_FLAGS flags;
CK_SLOT_ID slot_id = SLOT_ID;
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
CK_ULONG user_pin_len;
CK_RV rc, loc_rc;
// begin test suite
testsuite_begin("%s Wrap Unwrap.", tsuite->name);
testcase_rw_session();
testcase_user_login();
// skip all tests if the slot doesn't support this mechanism
if (! mech_supported(slot_id, tsuite->mech.mechanism)){
testsuite_skip(tsuite->tvcount,
"Slot %u doesn't support %u",
(unsigned int) slot_id,
(unsigned int) tsuite->mech.mechanism );
goto testcase_cleanup;
}
// skip all tests if the slot doesn't support wrapping
else if (! wrap_supported(slot_id, tsuite->mech)) {
testsuite_skip(tsuite->tvcount,
"Slot %u doesn't support key wrapping",
(unsigned int) slot_id);
goto testcase_cleanup;
}
// skip all tests if the slot doesn't support unwrapping
else if (! unwrap_supported(slot_id, tsuite->mech)) {
testsuite_skip(tsuite->tvcount,
"Slot %u doesn't support key unwrapping",
(unsigned int) slot_id);
goto testcase_cleanup;
}
for (i = 0; i < tsuite->tvcount; i++) {
// wrap templates & unwrap templates
CK_ATTRIBUTE secret_value[] = {
{CKA_VALUE, NULL, 0}
};
CK_ATTRIBUTE unwrapped_value[] = {
{CKA_VALUE, NULL, 0}
};
CK_ULONG s_valuelen = 0;
CK_ATTRIBUTE secret_value_len[] = {
{CKA_VALUE_LEN,
&s_valuelen,
sizeof(s_valuelen)}
};
CK_ULONG u_valuelen = 0;
CK_ATTRIBUTE unwrapped_value_len[] = {
{CKA_VALUE_LEN,
&u_valuelen,
sizeof(u_valuelen)}
};
CK_ATTRIBUTE unwrap_tmpl[] = {
{CKA_CLASS, NULL, 0},
{CKA_KEY_TYPE, NULL, 0},
{CKA_VALUE_LEN, NULL, 0}
};
CK_ULONG unwrap_tmpl_len;
// get public exponent from test vector
if ( p11_ahex_dump(&s, tsuite->tv[i].publ_exp,
tsuite->tv[i].publ_exp_len) == NULL) {
testcase_error("p11_ahex_dump() failed");
rc = -1;
goto testcase_cleanup;
}
// begin test
testcase_begin("%s Wrap Unwrap with test vector %d, "
"\npubl_exp='%s', mod_bits='%lu', keylen='%lu', "
"keytype='%s'", tsuite->name, i, s,
tsuite->tv[i].modbits,
tsuite->tv[i].keylen,
p11_get_ckm(tsuite->tv[i].keytype.mechanism));
// free memory
free(s);
// get key gen mechanism
keygen_mech = tsuite->tv[i].keytype;
// get wrapping mechanism
wrap_mech = tsuite->mech;
// skip this test if the slot doesn't support this
// keygen mechanism
if (! mech_supported(slot_id,
keygen_mech.mechanism)) {
testcase_skip();
continue;
}
// initialize buffer lengths
wrapped_keylen = PKCS11_MAX_PIN_LEN;
// generate RSA key pair
rc = generate_RSA_PKCS_KeyPair(session,
tsuite->tv[i].modbits,
tsuite->tv[i].publ_exp,
tsuite->tv[i].publ_exp_len,
&publ_key,
&priv_key);
if (rc != CKR_OK) {
testcase_error("C_GenerateKeyPair() rc = %s",
p11_get_ckr(rc));
goto testcase_cleanup;
}
// generate secret key
rc = generate_SecretKey(session,
tsuite->tv[i].keylen,
&keygen_mech,
&secret_key);
if (rc != CKR_OK) {
testcase_error("generate_SecretKey(), rc=%s",
p11_get_ckr(rc));
goto error;
}
// extract CKA_CLASS and CKA_KEY_TYPE from generated key
// we will use this for unwrapping
// extract sizes first
rc = funcs->C_GetAttributeValue(session,
secret_key,
unwrap_tmpl,
2);
if (rc != CKR_OK) {
testcase_error("C_GetAttributeValue(), rc=%s",
p11_get_ckr(rc));
goto error;
}
// allocate memory for extraction
unwrap_tmpl[0].pValue = calloc(sizeof(CK_BYTE),
unwrap_tmpl[0].ulValueLen);
unwrap_tmpl[1].pValue = calloc(sizeof(CK_BYTE),
unwrap_tmpl[1].ulValueLen);
if ( (unwrap_tmpl[0].pValue == NULL) ||
(unwrap_tmpl[1].pValue == NULL) ) {
testcase_error("Error allocating %lu bytes"
"for unwrap template attributes",
unwrap_tmpl[0].ulValueLen +
unwrap_tmpl[1].ulValueLen);
rc = -1;
goto error;
}
// now extract values
rc = funcs->C_GetAttributeValue(session,
secret_key,
unwrap_tmpl,
2);
if (rc != CKR_OK) {
testcase_error("C_GetAttributeValue(), rc=%s",
p11_get_ckr(rc));
goto error;
}
// wrap key (length only)
rc = funcs->C_WrapKey(session,
&wrap_mech,
publ_key,
secret_key,
NULL,
&wrapped_keylen);
if (rc != CKR_OK) {
testcase_error("C_WrapKey(), rc=%s.",
p11_get_ckr(rc));
goto error;
}
// allocate memory for wrapped_key
wrapped_key = calloc(sizeof(CK_BYTE), wrapped_keylen);
if (wrapped_key == NULL) {
testcase_error("Can't allocate memory "
"for %lu bytes.",
sizeof(CK_BYTE) * wrapped_keylen);
rc = -1;
goto error;
}
// wrap key
rc = funcs->C_WrapKey(session,
&wrap_mech,
publ_key,
secret_key,
wrapped_key,
&wrapped_keylen);
if (rc != CKR_OK) {
testcase_error("C_WrapKey, rc=%s", p11_get_ckr(rc));
goto error;
}
unwrapped_keylen = tsuite->tv[i].keylen;
// variable key length specific case:
// According to PKCS#11 v2.2 section 12.1.12
// CKM_RSA_X_509 does not wrap the key type, key length,
// or any other information about the key; the application
// must convey these separately, and supply them when
// unwrapping the key.
if (keygen_mech.mechanism == CKM_AES_KEY_GEN) {
unwrapped_keylen = tsuite->tv[i].keylen;
unwrap_tmpl[2].type = CKA_VALUE_LEN;
unwrap_tmpl[2].ulValueLen = sizeof(unwrapped_keylen);
unwrap_tmpl[2].pValue = &unwrapped_keylen;
unwrap_tmpl_len = 3;
}
else {
unwrap_tmpl_len = 2;
}
// unwrap key
rc = funcs->C_UnwrapKey(session,
&wrap_mech,
priv_key,
wrapped_key,
wrapped_keylen,
unwrap_tmpl,
unwrap_tmpl_len,
&unwrapped_key);
if (rc != CKR_OK) {
testcase_error("C_UnwrapKey, rc=%s",
p11_get_ckr(rc));
goto error;
}
testcase_new_assertion();
// get secret CKA_VALUE_LEN (if applicable)
// then compare to expected value
if (keygen_mech.mechanism == CKM_GENERIC_SECRET_KEY_GEN
|| keygen_mech.mechanism == CKM_RC4_KEY_GEN
|| keygen_mech.mechanism == CKM_RC5_KEY_GEN
|| keygen_mech.mechanism == CKM_AES_KEY_GEN) {
rc = funcs->C_GetAttributeValue(session,
secret_key,
secret_value_len,
1);
if (rc != CKR_OK) {
testcase_error("C_GetAttributeValue(), rc=%s",
p11_get_ckr(rc));
goto error;
}
rc = funcs->C_GetAttributeValue(session,
unwrapped_key,
unwrapped_value_len,
1);
if (rc != CKR_OK) {
testcase_error("C_GetAttributeValue(), rc=%s",
p11_get_ckr(rc));
goto error;
}
// check results
if ( * ((CK_ULONG_PTR) secret_value_len[0].pValue) !=
* ((CK_ULONG_PTR) unwrapped_value_len[0].pValue)) {
testcase_fail("CKA_VALUE_LEN value differs "
"(original %lu, unwrapped %lu)",
*((CK_ULONG_PTR) secret_value_len),
*((CK_ULONG_PTR) unwrapped_value_len));
goto error;
}
}
// get size of secret key's CKA_VALUE
rc = funcs->C_GetAttributeValue(session, secret_key,
secret_value, 1);
if (rc != CKR_OK) {
testcase_error("C_GetAttributeValue(), rc=%s.",
p11_get_ckr(rc));
goto error;
}
// get size of unwrapped key's CKA_VALUE
rc = funcs->C_GetAttributeValue(session, unwrapped_key,
unwrapped_value, 1);
if (rc != CKR_OK) {
testcase_error("C_GetAttributeValue(), rc=%s.",
p11_get_ckr(rc));
goto error;
}
// allocate memory for extraction
secret_value[0].pValue = calloc(sizeof(CK_BYTE),
secret_value[0].ulValueLen);
if (secret_value[0].pValue == NULL) {
testcase_error("Error allocating %lu bytes "
"for Secret Key Value.",
secret_value[0].ulValueLen);
goto error;
}
unwrapped_value[0].pValue = calloc(sizeof(CK_BYTE),
unwrapped_value[0].ulValueLen);
if (unwrapped_value[0].pValue == NULL) {
testcase_error("Error allocating %lu bytes "
"for Unwrapped Key Value.",
unwrapped_value[0].ulValueLen);
goto error;
}
// get secret CKA_VALUE
rc = funcs->C_GetAttributeValue(session,
secret_key,
secret_value,
1);
if (rc != CKR_OK) {
testcase_error("C_GetAttributeValue(), rc=%s.",
p11_get_ckr(rc));
goto error;
}
// get unwrapped CKA_VALUE
rc = funcs->C_GetAttributeValue(session,
unwrapped_key,
unwrapped_value,
1);
if (rc != CKR_OK) {
testcase_error("C_GetAttributeValue(), rc=%s.",
p11_get_ckr(rc));
goto error;
}
// compare secret and unwrapped CKA_VALUE
if (memcmp(secret_value[0].pValue,
unwrapped_value[0].pValue,
secret_value[0].ulValueLen)) {
testcase_fail("Unwrapped key differs in CKA_VALUE.");
}
else {
testcase_pass("C_Wrap and C_Unwrap.");
}
// free memory
if (unwrap_tmpl[0].pValue) {
free(unwrap_tmpl[0].pValue);
}
if (unwrap_tmpl[1].pValue) {
free(unwrap_tmpl[1].pValue);
}
if (secret_value[0].pValue) {
free(secret_value[0].pValue);
}
if (unwrapped_value[0].pValue) {
free(unwrapped_value[0].pValue);
}
if (wrapped_key) {
free(wrapped_key);
}
// clean up
rc = funcs->C_DestroyObject(session, secret_key);
if (rc != CKR_OK) {
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(rc));
goto testcase_cleanup;
}
rc = funcs->C_DestroyObject(session, publ_key);
if (rc != CKR_OK) {
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(rc));
goto testcase_cleanup;
}
rc = funcs->C_DestroyObject(session, priv_key);
if (rc != CKR_OK) {
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(rc));
goto testcase_cleanup;
}
}
goto testcase_cleanup;
error:
loc_rc = funcs->C_DestroyObject(session, secret_key);
if (loc_rc != CKR_OK) {
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(loc_rc));
}
loc_rc = funcs->C_DestroyObject(session, publ_key);
if (loc_rc != CKR_OK) {
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(loc_rc));
}
loc_rc = funcs->C_DestroyObject(session, priv_key);
if (loc_rc != CKR_OK) {
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(loc_rc));
}
testcase_cleanup:
testcase_user_logout();
loc_rc = funcs->C_CloseAllSessions(slot_id);
if (loc_rc != CKR_OK) {
testcase_error("C_CloseAllSessions(), rc=%s.",
p11_get_ckr(rc));
}
return rc;
}
/* This function should test:
* RSA Key Generation, using CKM_PKCS_KEY_PAIR_GEN
* RSA Public-Key Wrap
* RSA Private-Key Unwrap
*
*/
CK_RV do_WrapUnwrapRSA(struct GENERATED_TEST_SUITE_INFO *tsuite)
{
int i = 0, j = 0;
CK_OBJECT_HANDLE publ_key, priv_key, secret_key, unwrapped_key;
CK_BYTE_PTR wrapped_key = NULL;
CK_ULONG wrapped_keylen, unwrapped_keylen;
CK_MECHANISM wrap_mech, keygen_mech, mech;
CK_BYTE clear[32];
CK_BYTE cipher[32];
CK_BYTE re_cipher[32];
CK_ULONG cipher_len = 32;
CK_ULONG re_cipher_len = 32;
char *s;
CK_SESSION_HANDLE session;
CK_FLAGS flags;
CK_SLOT_ID slot_id = SLOT_ID;
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
CK_ULONG user_pin_len;
CK_RV rc, loc_rc;
// begin test suite
testsuite_begin("%s Wrap Unwrap.", tsuite->name);
testcase_rw_session();
testcase_user_login();
// skip all tests if the slot doesn't support this mechanism
if (! mech_supported(slot_id, tsuite->mech.mechanism)){
testsuite_skip(tsuite->tvcount,
"Slot %u doesn't support %u",
(unsigned int) slot_id,
(unsigned int) tsuite->mech.mechanism );
goto testcase_cleanup;
}
// skip all tests if the slot doesn't support wrapping
else if (! wrap_supported(slot_id, tsuite->mech)) {
testsuite_skip(tsuite->tvcount,
"Slot %u doesn't support key wrapping",
(unsigned int) slot_id);
goto testcase_cleanup;
}
// skip all tests if the slot doesn't support unwrapping
else if (! unwrap_supported(slot_id, tsuite->mech)) {
testsuite_skip(tsuite->tvcount,
"Slot %u doesn't support key unwrapping",
(unsigned int) slot_id);
goto testcase_cleanup;
}
for (i = 0; i < tsuite->tvcount; i++) {
// wrap templates & unwrap templates
CK_ATTRIBUTE unwrap_tmpl[] = {
{CKA_CLASS, NULL, 0},
{CKA_KEY_TYPE, NULL, 0},
{CKA_VALUE_LEN, NULL, 0}
};
CK_ULONG unwrap_tmpl_len;
// get public exponent from test vector
if ( p11_ahex_dump(&s, tsuite->tv[i].publ_exp,
tsuite->tv[i].publ_exp_len) == NULL) {
testcase_error("p11_ahex_dump() failed");
rc = -1;
goto testcase_cleanup;
}
// begin test
testcase_begin("%s Wrap Unwrap with test vector %d, "
"\npubl_exp='%s', mod_bits='%lu', keylen='%lu', "
"keytype='%s'", tsuite->name, i, s,
tsuite->tv[i].modbits,
tsuite->tv[i].keylen,
p11_get_ckm(tsuite->tv[i].keytype.mechanism));
// free memory
free(s);
// get key gen mechanism
keygen_mech = tsuite->tv[i].keytype;
// get wrapping mechanism
wrap_mech = tsuite->mech;
// skip this test if the slot doesn't support this
// keygen mechanism
if (! mech_supported(slot_id,
keygen_mech.mechanism)) {
testcase_skip();
continue;
}
if (!keysize_supported(slot_id, tsuite->mech.mechanism,
tsuite->tv[i].modbits)) {
testcase_skip("Token in slot %ld cannot be used with "
"modbits.='%ld'",
SLOT_ID,tsuite->tv[i].modbits);
continue;
}
if (is_ep11_token(slot_id)) {
if (! is_valid_ep11_pubexp(tsuite->tv[i].publ_exp,
tsuite->tv[i].publ_exp_len)) {
testcase_skip("EP11 Token cannot "
"be used with publ_exp.='%s'",s);
continue;
}
}
// initialize buffer lengths
wrapped_keylen = PKCS11_MAX_PIN_LEN;
// generate RSA key pair
rc = generate_RSA_PKCS_KeyPair(session,
tsuite->tv[i].modbits,
tsuite->tv[i].publ_exp,
tsuite->tv[i].publ_exp_len,
&publ_key,
&priv_key);
if (rc != CKR_OK) {
testcase_error("C_GenerateKeyPair() rc = %s",
p11_get_ckr(rc));
goto testcase_cleanup;
}
// generate secret key
rc = generate_SecretKey(session,
tsuite->tv[i].keylen,
&keygen_mech,
&secret_key);
if (rc != CKR_OK) {
testcase_error("generate_SecretKey(), rc=%s",
p11_get_ckr(rc));
goto error;
}
// extract CKA_CLASS and CKA_KEY_TYPE from generated key
// we will use this for unwrapping
// extract sizes first
rc = funcs->C_GetAttributeValue(session,
secret_key,
unwrap_tmpl,
2);
if (rc != CKR_OK) {
testcase_error("C_GetAttributeValue(), rc=%s",
p11_get_ckr(rc));
goto error;
}
// allocate memory for extraction
unwrap_tmpl[0].pValue = calloc(sizeof(CK_BYTE),
unwrap_tmpl[0].ulValueLen);
unwrap_tmpl[1].pValue = calloc(sizeof(CK_BYTE),
unwrap_tmpl[1].ulValueLen);
if ( (unwrap_tmpl[0].pValue == NULL) ||
(unwrap_tmpl[1].pValue == NULL) ) {
testcase_error("Error allocating %lu bytes"
"for unwrap template attributes",
unwrap_tmpl[0].ulValueLen +
unwrap_tmpl[1].ulValueLen);
rc = -1;
goto error;
}
// now extract values
rc = funcs->C_GetAttributeValue(session,
secret_key,
unwrap_tmpl,
2);
if (rc != CKR_OK) {
testcase_error("C_GetAttributeValue(), rc=%s",
p11_get_ckr(rc));
goto error;
}
// wrap key (length only)
rc = funcs->C_WrapKey(session,
&wrap_mech,
publ_key,
secret_key,
NULL,
&wrapped_keylen);
if (rc != CKR_OK) {
testcase_error("C_WrapKey(), rc=%s.",
p11_get_ckr(rc));
goto error;
}
// allocate memory for wrapped_key
wrapped_key = calloc(sizeof(CK_BYTE), wrapped_keylen);
if (wrapped_key == NULL) {
testcase_error("Can't allocate memory "
"for %lu bytes.",
sizeof(CK_BYTE) * wrapped_keylen);
rc = -1;
goto error;
}
// wrap key
rc = funcs->C_WrapKey(session,
&wrap_mech,
publ_key,
secret_key,
wrapped_key,
&wrapped_keylen);
if (rc != CKR_OK) {
testcase_error("C_WrapKey, rc=%s", p11_get_ckr(rc));
goto error;
}
unwrapped_keylen = tsuite->tv[i].keylen;
// variable key length specific case:
// According to PKCS#11 v2.2 section 12.1.12
// CKM_RSA_X_509 does not wrap the key type, key length,
// or any other information about the key; the application
// must convey these separately, and supply them when
// unwrapping the key.
if (((keygen_mech.mechanism == CKM_AES_KEY_GEN) ||
(keygen_mech.mechanism == CKM_GENERIC_SECRET_KEY_GEN)) &&
(wrap_mech.mechanism == CKM_RSA_X_509)) {
unwrapped_keylen = tsuite->tv[i].keylen;
unwrap_tmpl[2].type = CKA_VALUE_LEN;
unwrap_tmpl[2].ulValueLen = sizeof(unwrapped_keylen);
unwrap_tmpl[2].pValue = &unwrapped_keylen;
unwrap_tmpl_len = 3;
}
else {
unwrap_tmpl_len = 2;
}
// unwrap key
rc = funcs->C_UnwrapKey(session,
&wrap_mech,
priv_key,
wrapped_key,
wrapped_keylen,
unwrap_tmpl,
unwrap_tmpl_len,
&unwrapped_key);
if (rc != CKR_OK) {
testcase_error("C_UnwrapKey, rc=%s",
p11_get_ckr(rc));
goto error;
}
testcase_new_assertion();
// encode/decode with secrect key and peer secret key
for (j = 0; j < 32; j++)
clear[j] = j;
switch (keygen_mech.mechanism) {
case CKM_AES_KEY_GEN:
mech.mechanism = CKM_AES_ECB;
break;
case CKM_GENERIC_SECRET_KEY_GEN:
case CKM_DES3_KEY_GEN:
mech.mechanism = CKM_DES3_ECB;
break;
case CKM_DES_KEY_GEN:
mech.mechanism = CKM_DES_ECB;
break;
case CKM_CDMF_KEY_GEN:
mech.mechanism = CKM_CDMF_ECB;
break;
default:
testcase_error("unknowm mech");
goto error;
}
mech.ulParameterLen = 0;
mech.pParameter = NULL;
rc = funcs->C_EncryptInit(session, &mech, secret_key);
if (rc != CKR_OK) {
testcase_error("C_EncryptInit secret_key: rc = %s",
p11_get_ckr(rc));
goto error;
}
rc = funcs->C_Encrypt(session, clear, 32, cipher, &cipher_len);
if (rc != CKR_OK) {
testcase_error("C_Encrypt secret_key: rc = %s",
p11_get_ckr(rc));
goto error;
}
rc = funcs->C_DecryptInit(session,&mech,unwrapped_key);
if (rc != CKR_OK) {
testcase_error("C_DecryptInit unwrapped_key: rc = %s",
p11_get_ckr(rc));
goto error;
}
rc = funcs->C_Decrypt(session, cipher, cipher_len, re_cipher,
&re_cipher_len);
if (rc != CKR_OK) {
testcase_error("C_Decrypt unwrapped_key: rc = %s",
p11_get_ckr(rc));
testcase_fail("Unwrapped key differs in CKA_VALUE.");
goto error;
}
if (memcmp(clear, re_cipher, 32) != 0) {
testcase_fail("ERROR:data mismatch\n");
goto error;
} else
testcase_pass("C_Wrap and C_Unwrap.");
// clean up
if (wrapped_key)
free(wrapped_key);
rc = funcs->C_DestroyObject(session, secret_key);
if (rc != CKR_OK) {
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(rc));
goto testcase_cleanup;
}
rc = funcs->C_DestroyObject(session, publ_key);
if (rc != CKR_OK) {
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(rc));
goto testcase_cleanup;
}
rc = funcs->C_DestroyObject(session, priv_key);
if (rc != CKR_OK) {
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(rc));
goto testcase_cleanup;
}
}
goto testcase_cleanup;
error:
if (wrapped_key)
free(wrapped_key);
funcs->C_DestroyObject(session, secret_key);
funcs->C_DestroyObject(session, publ_key);
funcs->C_DestroyObject(session, priv_key);
testcase_cleanup:
testcase_user_logout();
loc_rc = funcs->C_CloseAllSessions(slot_id);
if (loc_rc != CKR_OK) {
testcase_error("C_CloseAllSessions(), rc=%s.",
p11_get_ckr(rc));
}
return rc;
}
/* This function should test:
* RSA Key Generation, using CKM_PKCS_KEY_PAIR_GEN
* RSA Public-Key Wrap
* RSA Private-Key Unwrap
*
*/
CK_RV do_WrapUnwrapRSA(struct GENERATED_TEST_SUITE_INFO *tsuite)
{
int i = 0, j = 0;
char *s = NULL;
CK_OBJECT_HANDLE publ_key, priv_key, secret_key, unwrapped_key;
CK_BYTE_PTR wrapped_key = NULL;
CK_ULONG wrapped_keylen, unwrapped_keylen = 0;
CK_MECHANISM wrap_mech, keygen_mech, mech;
CK_BYTE clear[32], cipher[32], re_cipher[32];
CK_ULONG cipher_len = 32, re_cipher_len = 32;
CK_RSA_PKCS_OAEP_PARAMS oaep_params;
CK_SESSION_HANDLE session;
CK_FLAGS flags;
CK_SLOT_ID slot_id = SLOT_ID;
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
CK_ULONG user_pin_len;
CK_RV rc, loc_rc;
CK_OBJECT_CLASS key_class = CKO_SECRET_KEY;
CK_KEY_TYPE key_type;
CK_ATTRIBUTE unwrap_tmpl[] = {
{CKA_CLASS, &key_class, sizeof(CK_OBJECT_CLASS)},
{CKA_KEY_TYPE, &key_type, sizeof(CK_KEY_TYPE)},
{CKA_VALUE_LEN, &unwrapped_keylen, sizeof(CK_ULONG)}
};
CK_ULONG unwrap_tmpl_len;
// begin test suite
testsuite_begin("%s Wrap Unwrap.", tsuite->name);
testcase_rw_session();
testcase_user_login();
/* create some data */
for (j = 0; j < 32; j++)
clear[j] = j;
// skip all tests if the slot doesn't support this mechanism
if (! mech_supported(slot_id, tsuite->mech.mechanism)){
testsuite_skip(tsuite->tvcount,
"Slot %u doesn't support %u",
(unsigned int) slot_id,
(unsigned int) tsuite->mech.mechanism );
goto testcase_cleanup;
}
// skip all tests if the slot doesn't support wrapping
else if (! wrap_supported(slot_id, tsuite->mech)) {
testsuite_skip(tsuite->tvcount,
"Slot %u doesn't support key wrapping",
(unsigned int) slot_id);
goto testcase_cleanup;
}
for (i = 0; i < tsuite->tvcount; i++) {
// skip if the slot doesn't support the keygen mechanism
if (!mech_supported(slot_id, tsuite->tv[i].keytype.mechanism)) {
testcase_skip("Slot %u doesn't support %u",
(unsigned int)slot_id,
(unsigned int)tsuite->tv[i].keytype.mechanism);
continue;
}
if (!keysize_supported(slot_id, tsuite->mech.mechanism,
tsuite->tv[i].modbits)) {
testcase_skip("Token in slot %ld cannot be used with "
"modbits.='%ld'",
SLOT_ID,tsuite->tv[i].modbits);
continue;
}
// get public exponent from test vector
if ( p11_ahex_dump(&s, tsuite->tv[i].publ_exp,
tsuite->tv[i].publ_exp_len) == NULL) {
testcase_error("p11_ahex_dump() failed");
rc = -1;
goto testcase_cleanup;
}
if (is_ep11_token(slot_id)) {
if (! is_valid_ep11_pubexp(tsuite->tv[i].publ_exp,
tsuite->tv[i].publ_exp_len)) {
testcase_skip("EP11 Token cannot "
"be used with publ_exp.='%s'",s);
continue;
}
}
// begin test
testcase_begin("%s Wrap Unwrap with test vector %d, "
"\npubl_exp='%s', mod_bits='%lu', keylen='%lu', "
"keytype='%s'", tsuite->name, i, s,
tsuite->tv[i].modbits, tsuite->tv[i].keylen,
p11_get_ckm(tsuite->tv[i].keytype.mechanism));
// free memory
if (s)
free(s);
// get key gen mechanism
keygen_mech = tsuite->tv[i].keytype;
// get wrapping mechanism
wrap_mech = tsuite->mech;
if (wrap_mech.mechanism == CKM_RSA_PKCS_OAEP) {
oaep_params = tsuite->tv[i].oaep_params;
wrap_mech.pParameter = &oaep_params;
wrap_mech.ulParameterLen = sizeof(CK_RSA_PKCS_OAEP_PARAMS);
}
// clear out buffers
memset (cipher, 0, sizeof(cipher));
memset (re_cipher, 0, sizeof(re_cipher));
// initialize buffer lengths
wrapped_keylen = PKCS11_MAX_PIN_LEN;
// generate RSA key pair
rc = generate_RSA_PKCS_KeyPair(session, tsuite->tv[i].modbits,
tsuite->tv[i].publ_exp,
tsuite->tv[i].publ_exp_len,
&publ_key, &priv_key);
if (rc != CKR_OK) {
testcase_error("C_GenerateKeyPair() rc = %s",
p11_get_ckr(rc));
goto testcase_cleanup;
}
// generate secret key
rc = generate_SecretKey(session, tsuite->tv[i].keylen,
&keygen_mech, &secret_key);
if (rc != CKR_OK) {
testcase_error("generate_SecretKey(), rc=%s",
p11_get_ckr(rc));
goto error;
}
/* Testcase Goals:
* 1. Encrypt data.
* 2. Use RSA to wrap the secret key we just used to encrypt.
* 3. Use RSA to unwrap the secret key.
* 4. Decrypt with the newly unwrapped key to get original data.
*
* The first assertion will be the success of RSA to wrap and
* unwrap the secret key.
* The second assertion will be the success of the unwrapped
* key to decrypt the original text.
* Note: Generic secret keys are not used for encrypt/decrypt
* by default. So they will not be included in second
* assertion.
*/
if (keygen_mech.mechanism != CKM_GENERIC_SECRET_KEY_GEN) {
switch (keygen_mech.mechanism) {
case CKM_AES_KEY_GEN:
mech.mechanism = CKM_AES_ECB;
key_type = CKK_AES;
break;
case CKM_DES3_KEY_GEN:
mech.mechanism = CKM_DES3_ECB;
key_type = CKK_DES3;
break;
case CKM_DES_KEY_GEN:
mech.mechanism = CKM_DES_ECB;
key_type = CKK_DES;
break;
case CKM_CDMF_KEY_GEN:
mech.mechanism = CKM_CDMF_ECB;
key_type = CKK_CDMF;
break;
default:
testcase_error("unknown mech");
goto error;
}
mech.ulParameterLen = 0;
mech.pParameter = NULL;
rc = funcs->C_EncryptInit(session, &mech, secret_key);
if (rc != CKR_OK) {
testcase_error("C_EncryptInit secret_key "
": rc = %s", p11_get_ckr(rc));
goto error;
}
rc = funcs->C_Encrypt(session, clear, 32, cipher,
&cipher_len);
if (rc != CKR_OK) {
testcase_error("C_Encrypt secret_key: rc = %s",
p11_get_ckr(rc));
goto error;
}
} else
key_type = CKK_GENERIC_SECRET;
testcase_new_assertion(); /* assertion #1 */
// wrap key (length only)
rc = funcs->C_WrapKey(session, &wrap_mech, publ_key, secret_key,
NULL, &wrapped_keylen);
if (rc != CKR_OK) {
testcase_error("C_WrapKey(), rc=%s.", p11_get_ckr(rc));
goto error;
}
// allocate memory for wrapped_key
wrapped_key = calloc(sizeof(CK_BYTE), wrapped_keylen);
if (wrapped_key == NULL) {
testcase_error("Can't allocate memory for %lu bytes.",
sizeof(CK_BYTE) * wrapped_keylen);
rc = CKR_HOST_MEMORY;
goto error;
}
// wrap key
rc = funcs->C_WrapKey(session, &wrap_mech, publ_key, secret_key,
wrapped_key, &wrapped_keylen);
if (rc != CKR_OK) {
testcase_fail("C_WrapKey, rc=%s", p11_get_ckr(rc));
goto error;
}
/* variable key length specific case:
* According to PKCS#11 v2.2 section 12.1.12
* CKM_RSA_X_509 does not wrap the key type, key length,
* or any other information about the key; the application
* must convey these separately, and supply them when
* unwrapping the key.
*/
if (((keygen_mech.mechanism == CKM_AES_KEY_GEN) ||
(keygen_mech.mechanism == CKM_GENERIC_SECRET_KEY_GEN)) &&
(wrap_mech.mechanism == CKM_RSA_X_509)) {
unwrapped_keylen = tsuite->tv[i].keylen;
unwrap_tmpl_len = 3;
}
else {
unwrap_tmpl_len = 2;
}
// unwrap key
rc = funcs->C_UnwrapKey(session, &wrap_mech, priv_key,
wrapped_key, wrapped_keylen,
unwrap_tmpl, unwrap_tmpl_len,
&unwrapped_key);
if (rc != CKR_OK) {
testcase_fail("C_UnwrapKey, rc=%s",
p11_get_ckr(rc));
goto error;
} else
testcase_pass("wrapped and unwrapped key successful.");
/* now decrypt the message with the unwrapped key */
if (keygen_mech.mechanism != CKM_GENERIC_SECRET_KEY_GEN) {
rc = funcs->C_DecryptInit(session,&mech,unwrapped_key);
if (rc != CKR_OK) {
testcase_error("C_DecryptInit unwrapped_key: "
" rc = %s", p11_get_ckr(rc));
goto error;
}
rc = funcs->C_Decrypt(session, cipher, cipher_len,
re_cipher, &re_cipher_len);
if (rc != CKR_OK) {
testcase_error("C_Decrypt unwrapped_key: "
"rc = %s", p11_get_ckr(rc));
goto error;
}
testcase_new_assertion();
if (memcmp(clear, re_cipher, 32) != 0) {
testcase_fail("ERROR:data mismatch\n");
goto error;
} else
testcase_pass("Decrypted data is correct.");
}
// clean up
if (wrapped_key) {
free(wrapped_key);
wrapped_key = NULL;
}
rc = funcs->C_DestroyObject(session, secret_key);
if (rc != CKR_OK)
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(rc));
rc = funcs->C_DestroyObject(session, publ_key);
if (rc != CKR_OK)
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(rc));
rc = funcs->C_DestroyObject(session, priv_key);
if (rc != CKR_OK)
testcase_error("C_DestroyObject(), rc=%s.",
p11_get_ckr(rc));
}
goto testcase_cleanup;
error:
if (wrapped_key) {
free(wrapped_key);
wrapped_key = NULL;
}
funcs->C_DestroyObject(session, secret_key);
funcs->C_DestroyObject(session, publ_key);
funcs->C_DestroyObject(session, priv_key);
testcase_cleanup:
testcase_user_logout();
loc_rc = funcs->C_CloseAllSessions(slot_id);
if (loc_rc != CKR_OK) {
testcase_error("C_CloseAllSessions(), rc=%s.",
p11_get_ckr(rc));
}
return rc;
}