bool DeriveTests::compareSecret(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey1, CK_OBJECT_HANDLE hKey2) { CK_ATTRIBUTE keyAttribs[] = { { CKA_VALUE, NULL_PTR, 0 }, { CKA_CHECK_VALUE, NULL_PTR, 0 } }; CK_BYTE val1[128]; CK_BYTE check1[3]; keyAttribs[0].pValue = val1; keyAttribs[0].ulValueLen = sizeof(val1); keyAttribs[1].pValue = check1; keyAttribs[1].ulValueLen = sizeof(check1); CK_RV rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hKey1, keyAttribs, 2) ); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(keyAttribs[0].ulValueLen == 32); CPPUNIT_ASSERT(keyAttribs[1].ulValueLen == 3); CK_BYTE val2[128]; CK_BYTE check2[3]; keyAttribs[0].pValue = val2; keyAttribs[0].ulValueLen = sizeof(val2); keyAttribs[1].pValue = check2; keyAttribs[1].ulValueLen = sizeof(check2); rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hKey2, keyAttribs, 2) ); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(keyAttribs[0].ulValueLen == 32); CPPUNIT_ASSERT(keyAttribs[1].ulValueLen == 3); return memcmp(val1, val2, 32) == 0 && memcmp(check1, check2, 3) == 0; }
void DeriveTests::dhDerive(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hPublicKey, CK_OBJECT_HANDLE hPrivateKey, CK_OBJECT_HANDLE &hKey) { CK_ATTRIBUTE valAttrib = { CKA_VALUE, NULL_PTR, 0 }; CK_RV rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hPublicKey, &valAttrib, 1) ); CPPUNIT_ASSERT(rv == CKR_OK); valAttrib.pValue = (CK_BYTE_PTR)malloc(valAttrib.ulValueLen); rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hPublicKey, &valAttrib, 1) ); CPPUNIT_ASSERT(rv == CKR_OK); CK_MECHANISM mechanism = { CKM_DH_PKCS_DERIVE, NULL_PTR, 0 }; mechanism.pParameter = valAttrib.pValue; mechanism.ulParameterLen = valAttrib.ulValueLen; CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY; CK_KEY_TYPE keyType = CKK_GENERIC_SECRET; CK_BBOOL bFalse = CK_FALSE; CK_BBOOL bTrue = CK_TRUE; CK_ULONG secLen = 32; CK_ATTRIBUTE keyAttribs[] = { { CKA_CLASS, &keyClass, sizeof(keyClass) }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_PRIVATE, &bFalse, sizeof(bFalse) }, { CKA_SENSITIVE, &bFalse, sizeof(bFalse) }, { CKA_EXTRACTABLE, &bTrue, sizeof(bTrue) }, { CKA_VALUE_LEN, &secLen, sizeof(secLen) } }; hKey = CK_INVALID_HANDLE; rv = CRYPTOKI_F_PTR( C_DeriveKey(hSession, &mechanism, hPrivateKey, keyAttribs, sizeof(keyAttribs)/sizeof(CK_ATTRIBUTE), &hKey) ); free(valAttrib.pValue); CPPUNIT_ASSERT(rv == CKR_OK); }
CryptoPP::PK_Signer * initRSASigner (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject) { CK_RV ret = CKR_OK; CryptoPP::Integer modulus, privateExponent; CK_ATTRIBUTE rsaTemplate[]= { {CKA_MODULUS, NULL_PTR, 0}, {CKA_PRIVATE_EXPONENT, NULL_PTR, 0} }; try { ret = C_GetAttributeValue(hSession, hObject, &rsaTemplate[0], 2); if (ret != CKR_OK) return NULL; if (rsaTemplate[0].ulValueLen == (unsigned long)-1 || rsaTemplate[1].ulValueLen == (unsigned long)-1) return NULL; rsaTemplate[0].pValue = malloc(rsaTemplate[0].ulValueLen); rsaTemplate[1].pValue = malloc(rsaTemplate[1].ulValueLen); std::auto_ptr<byte> pValue1((byte *)rsaTemplate[0].pValue); std::auto_ptr<byte> pValue2((byte *)rsaTemplate[1].pValue); ret = C_GetAttributeValue(hSession, hObject, &rsaTemplate[0], 2); if (ret != CKR_OK) return NULL; modulus.Decode((byte *) rsaTemplate[0].pValue, rsaTemplate[0].ulValueLen, CryptoPP::Integer::SIGNED); privateExponent.Decode((byte *) rsaTemplate[1].pValue, rsaTemplate[1].ulValueLen, CryptoPP::Integer::SIGNED); if (rsaTemplate[1].ulValueLen > 0) { CryptoPP::RSA::PrivateKey key; key.SetModulus(modulus); key.SetPrivateExponent(privateExponent); return new CryptoPP::RSASSA_PKCS1v15_SHA_Signer(key); } } catch(...) { /* do nothing */ } return NULL; }
/* * PKCS_AcquirePublicKeyHandle * * Given an assymetric key keyblob, attempts to find the appropriate * public key. * * Methods of finding the public key: * - Public Key with data present: * Parses the key and creates a temporary session object. * - Public Key with handle: * The handle is type converted and returned. Validity of the handle is * not checked. * - Public Key with label: * Attempts to find a public key with the corresponding label. */ static KMF_RETURN PKCS_AcquirePublicKeyHandle(CK_SESSION_HANDLE ckSession, const KMF_X509_SPKI *pKey, CK_KEY_TYPE ckRequestedKeyType, CK_OBJECT_HANDLE *pckKeyHandle) { KMF_RETURN mrReturn = KMF_OK; /* Key searching variables */ CK_OBJECT_HANDLE ckKeyHandle = 0; CK_OBJECT_CLASS ckObjClass; CK_KEY_TYPE ckKeyType; CK_ATTRIBUTE ckTemplate[3]; CK_ULONG ckNumTemplates; static const CK_ULONG ckMaxTemplates = (sizeof (ckTemplate) / sizeof (CK_ATTRIBUTE)); CK_RV ckRv; /* Extract the data from the SPKI into individual fields */ mrReturn = PKCS_CreatePublicKey(pKey, ckSession, &ckKeyHandle); if (mrReturn != KMF_OK) return (mrReturn); /* Fetch the key class and algorithm from the object */ ckNumTemplates = 0; if (!PKCS_AddTemplate(ckTemplate, &ckNumTemplates, ckMaxTemplates, CKA_CLASS, (CK_BYTE *)&ckObjClass, sizeof (ckObjClass)) || !PKCS_AddTemplate(ckTemplate, &ckNumTemplates, ckMaxTemplates, CKA_KEY_TYPE, (CK_BYTE *)&ckKeyType, sizeof (ckKeyType))) { (void) C_DestroyObject(ckSession, ckKeyHandle); return (KMF_ERR_INTERNAL); } ckRv = C_GetAttributeValue(ckSession, ckKeyHandle, ckTemplate, ckNumTemplates); if (ckRv != CKR_OK) { (void) C_DestroyObject(ckSession, ckKeyHandle); return (ckRv); } /* Make sure the results match the expected values */ if ((ckKeyType != ckRequestedKeyType) || (ckObjClass != CKO_PUBLIC_KEY)) { (void) C_DestroyObject(ckSession, ckKeyHandle); return (KMF_ERR_BAD_KEY_FORMAT); } /* Set the return values */ *pckKeyHandle = ckKeyHandle; return (KMF_OK); }
static unsigned char *get_key_serial_number(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hIKey, unsigned char ksn[10]) { CK_ATTRIBUTE ksn_template[] = { { CKA_DUKPT_KEY_SERIAL_NUMBER, ksn, 10 } }; CK_RV rv = CKR_OK; rv = C_GetAttributeValue(hSession, hIKey, ksn_template, ARRAY_SIZE(ksn_template)); assert(rv == CKR_OK); return ksn; }
/* * Query pkcs11 attributes */ static int pkcs11_getattr_int(PKCS11_CTX * ctx, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE o, CK_ATTRIBUTE_TYPE type, void *value, size_t * size) { CK_ATTRIBUTE templ; int rv; templ.type = type; templ.pValue = value; templ.ulValueLen = *size; rv = CRYPTOKI_call(ctx, C_GetAttributeValue(session, o, &templ, 1)); CRYPTOKI_checkerr(PKCS11_F_PKCS11_GETATTR, rv); *size = templ.ulValueLen; return 0; }
void SymmetricAlgorithmTests::aesWrapUnwrap(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) { CK_MECHANISM mechanism = { mechanismType, NULL_PTR, 0 }; CK_BBOOL bFalse = CK_FALSE; CK_BBOOL bTrue = CK_TRUE; CK_OBJECT_CLASS secretClass = CKO_SECRET_KEY; CK_KEY_TYPE genKeyType = CKK_GENERIC_SECRET; CK_BYTE keyPtr[128]; CK_ULONG keyLen = mechanismType == CKM_AES_KEY_WRAP_PAD ? 125UL : 128UL; CK_ATTRIBUTE attribs[] = { { CKA_EXTRACTABLE, &bFalse, sizeof(bFalse) }, { CKA_CLASS, &secretClass, sizeof(secretClass) }, { CKA_KEY_TYPE, &genKeyType, sizeof(genKeyType) }, { CKA_TOKEN, &bFalse, sizeof(bFalse) }, { CKA_PRIVATE, &bTrue, sizeof(bTrue) }, { CKA_SENSITIVE, &bTrue, sizeof(bTrue) }, // Wrapping is allowed even on sensitive objects { CKA_VALUE, keyPtr, keyLen } }; CK_OBJECT_HANDLE hSecret; CK_RV rv; rv = C_GenerateRandom(hSession, keyPtr, keyLen); CPPUNIT_ASSERT(rv == CKR_OK); hSecret = CK_INVALID_HANDLE; rv = C_CreateObject(hSession, attribs, sizeof(attribs)/sizeof(CK_ATTRIBUTE), &hSecret); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(hSecret != CK_INVALID_HANDLE); CK_BYTE_PTR wrappedPtr = NULL_PTR; CK_ULONG wrappedLen = 0UL; CK_ULONG zero = 0UL; CK_ULONG rndKeyLen = keyLen; if (mechanismType == CKM_AES_KEY_WRAP_PAD) rndKeyLen = (keyLen + 7) & ~7; rv = C_WrapKey(hSession, &mechanism, hKey, hSecret, wrappedPtr, &wrappedLen); CPPUNIT_ASSERT(rv == CKR_KEY_UNEXTRACTABLE); rv = C_DestroyObject(hSession, hSecret); CPPUNIT_ASSERT(rv == CKR_OK); attribs[0].pValue = &bTrue; hSecret = CK_INVALID_HANDLE; rv = C_CreateObject(hSession, attribs, sizeof(attribs)/sizeof(CK_ATTRIBUTE), &hSecret); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(hSecret != CK_INVALID_HANDLE); // Estimate wrapped length rv = C_WrapKey(hSession, &mechanism, hKey, hSecret, wrappedPtr, &wrappedLen); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(wrappedLen == rndKeyLen + 8); wrappedPtr = (CK_BYTE_PTR) malloc(wrappedLen); CPPUNIT_ASSERT(wrappedPtr != NULL_PTR); rv = C_WrapKey(hSession, &mechanism, hKey, hSecret, wrappedPtr, &wrappedLen); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(wrappedLen == rndKeyLen + 8); // This should always fail because wrapped data have to be longer than 0 bytes zero = 0; rv = C_WrapKey(hSession, &mechanism, hKey, hSecret, wrappedPtr, &zero); CPPUNIT_ASSERT(rv == CKR_BUFFER_TOO_SMALL); CK_ATTRIBUTE nattribs[] = { { CKA_CLASS, &secretClass, sizeof(secretClass) }, { CKA_KEY_TYPE, &genKeyType, sizeof(genKeyType) }, { CKA_TOKEN, &bFalse, sizeof(bFalse) }, { CKA_PRIVATE, &bTrue, sizeof(bTrue) }, { CKA_ENCRYPT, &bFalse, sizeof(bFalse) }, { CKA_DECRYPT, &bTrue, sizeof(bTrue) }, { CKA_SIGN, &bFalse,sizeof(bFalse) }, { CKA_VERIFY, &bTrue, sizeof(bTrue) } }; CK_OBJECT_HANDLE hNew; hNew = CK_INVALID_HANDLE; rv = C_UnwrapKey(hSession, &mechanism, hKey, wrappedPtr, wrappedLen, nattribs, sizeof(nattribs)/sizeof(CK_ATTRIBUTE), &hNew); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(hNew != CK_INVALID_HANDLE); free(wrappedPtr); wrappedPtr = NULL_PTR; rv = C_DestroyObject(hSession, hSecret); CPPUNIT_ASSERT(rv == CKR_OK); #ifdef HAVE_AES_KEY_WRAP_PAD if (mechanismType != CKM_AES_KEY_WRAP_PAD) return; CK_OBJECT_HANDLE hRsa; hRsa = CK_INVALID_HANDLE; rv = generateRsaPrivateKey(hSession, CK_TRUE, CK_TRUE, hRsa); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(hRsa != CK_INVALID_HANDLE); CK_OBJECT_CLASS privateClass = CKO_PRIVATE_KEY; CK_KEY_TYPE rsaKeyType = CKK_RSA; CK_BYTE_PTR p2Ptr = NULL_PTR; CK_ULONG p2Len = 0UL; CK_ATTRIBUTE rsaAttribs[] = { { CKA_CLASS, &privateClass, sizeof(privateClass) }, { CKA_KEY_TYPE, &rsaKeyType, sizeof(rsaKeyType) }, { CKA_PRIME_2, NULL_PTR, 0UL } }; rv = C_GetAttributeValue(hSession, hRsa, rsaAttribs, sizeof(rsaAttribs)/sizeof(CK_ATTRIBUTE)); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(rsaAttribs[0].ulValueLen == sizeof(CK_OBJECT_CLASS)); CPPUNIT_ASSERT(*(CK_OBJECT_CLASS*)rsaAttribs[0].pValue == CKO_PRIVATE_KEY); CPPUNIT_ASSERT(rsaAttribs[1].ulValueLen == sizeof(CK_KEY_TYPE)); CPPUNIT_ASSERT(*(CK_KEY_TYPE*)rsaAttribs[1].pValue == CKK_RSA); p2Len = rsaAttribs[2].ulValueLen; p2Ptr = (CK_BYTE_PTR) malloc(2 * p2Len); CPPUNIT_ASSERT(p2Ptr != NULL_PTR); rsaAttribs[2].pValue = p2Ptr; rsaAttribs[2].ulValueLen = p2Len; rv = C_GetAttributeValue(hSession, hRsa, rsaAttribs, sizeof(rsaAttribs)/sizeof(CK_ATTRIBUTE)); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(rsaAttribs[2].ulValueLen == p2Len); rv = C_WrapKey(hSession, &mechanism, hKey, hRsa, wrappedPtr, &wrappedLen); CPPUNIT_ASSERT(rv == CKR_OK); wrappedPtr = (CK_BYTE_PTR) malloc(wrappedLen); CPPUNIT_ASSERT(wrappedPtr != NULL_PTR); rv = C_WrapKey(hSession, &mechanism, hKey, hRsa, wrappedPtr, &wrappedLen); CPPUNIT_ASSERT(rv == CKR_OK); rv = C_DestroyObject(hSession, hRsa); CPPUNIT_ASSERT(rv == CKR_OK); CK_ATTRIBUTE nRsaAttribs[] = { { CKA_CLASS, &privateClass, sizeof(privateClass) }, { CKA_KEY_TYPE, &rsaKeyType, sizeof(rsaKeyType) }, { CKA_TOKEN, &bFalse, sizeof(bFalse) }, { CKA_PRIVATE, &bTrue, sizeof(bTrue) }, { CKA_DECRYPT, &bTrue, sizeof(bTrue) }, { CKA_SIGN, &bFalse,sizeof(bFalse) }, { CKA_UNWRAP, &bTrue, sizeof(bTrue) }, { CKA_SENSITIVE, &bFalse, sizeof(bFalse) }, { CKA_EXTRACTABLE, &bTrue, sizeof(bTrue) } }; hRsa = CK_INVALID_HANDLE; rv = C_UnwrapKey(hSession, &mechanism, hKey, wrappedPtr, wrappedLen, nRsaAttribs, sizeof(nRsaAttribs)/sizeof(CK_ATTRIBUTE), &hRsa); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(hRsa != CK_INVALID_HANDLE); rsaAttribs[2].pValue = p2Ptr + p2Len; rv = C_GetAttributeValue(hSession, hRsa, rsaAttribs, sizeof(rsaAttribs)/sizeof(CK_ATTRIBUTE)); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(rsaAttribs[0].ulValueLen == sizeof(CK_OBJECT_CLASS)); CPPUNIT_ASSERT(*(CK_OBJECT_CLASS*)rsaAttribs[0].pValue == CKO_PRIVATE_KEY); CPPUNIT_ASSERT(rsaAttribs[1].ulValueLen == sizeof(CK_KEY_TYPE)); CPPUNIT_ASSERT(*(CK_KEY_TYPE*)rsaAttribs[1].pValue == CKK_RSA); CPPUNIT_ASSERT(rsaAttribs[2].ulValueLen == p2Len); CPPUNIT_ASSERT(memcmp(p2Ptr, p2Ptr + p2Len, p2Len) == 0); free(wrappedPtr); free(p2Ptr); rv = C_DestroyObject(hSession, hRsa); CPPUNIT_ASSERT(rv == CKR_OK); #endif }
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { static bool initialized = false; CK_SLOT_ID slot; CK_ULONG count = 0, type; CK_SLOT_ID_PTR slotlist = NULL; CK_RV rv; CK_SESSION_HANDLE session; CK_ATTRIBUTE attrs[2]; CK_OBJECT_HANDLE object; beid_set_fuzz_data(data, size, "3F00DF014031"); check_rv(C_Initialize(NULL)); do { slotlist = realloc(slotlist, sizeof(CK_SLOT_ID) * count); } while((rv = C_GetSlotList(CK_TRUE, slotlist, &count)) == CKR_BUFFER_TOO_SMALL); check_rv_late("C_GetSlotList"); assert(count > 0); check_rv(C_OpenSession(slotlist[0], CKF_SERIAL_SESSION, NULL, NULL, &session)); free(slotlist); slotlist = NULL; attrs[0].type = CKA_CLASS; attrs[0].pValue = &type; type = CKO_DATA; attrs[0].ulValueLen = sizeof(CK_ULONG); attrs[1].type = CKA_OBJECT_ID; attrs[1].pValue = "id"; attrs[1].ulValueLen = strlen("id"); check_rv(C_FindObjectsInit(session, attrs, 2)); char *label_str = NULL; char *value_str = NULL; char *objid_str = NULL; do { char junk[1024]; CK_ATTRIBUTE data[3] = { {CKA_LABEL, NULL_PTR, 0}, {CKA_VALUE, NULL_PTR, 0}, {CKA_OBJECT_ID, NULL_PTR, 0}, }; check_rv(C_FindObjects(session, &object, 1, &count)); if(!count) continue; free(label_str); free(value_str); free(objid_str); check_rv(C_GetAttributeValue(session, object, data, 3)); label_str = calloc(data[0].ulValueLen + 1, 1); data[0].pValue = label_str; value_str = calloc(data[1].ulValueLen + 1, 1); data[1].pValue = value_str; objid_str = calloc(data[2].ulValueLen + 1, 1); data[2].pValue = objid_str; check_rv(C_GetAttributeValue(session, object, data, 3)); snprintf(junk, sizeof(junk), "%s%s%s", label_str, value_str, objid_str); } while(count); printf("label: %s, objid: %s, value: %s\n", label_str, objid_str, value_str); free(label_str); free(value_str); free(objid_str); check_rv(C_CloseSession(session)); check_rv(C_Finalize(NULL)); return 0; }
void DeriveTests::symDerive(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey, CK_OBJECT_HANDLE &hDerive, CK_MECHANISM_TYPE mechType, CK_KEY_TYPE keyType) { CK_RV rv; CK_MECHANISM mechanism = { mechType, NULL_PTR, 0 }; CK_MECHANISM mechEncrypt = { CKM_VENDOR_DEFINED, NULL_PTR, 0 }; CK_KEY_DERIVATION_STRING_DATA param1; CK_DES_CBC_ENCRYPT_DATA_PARAMS param2; CK_AES_CBC_ENCRYPT_DATA_PARAMS param3; CK_BYTE data[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x30, 0x31, 0x32 }; CK_ULONG secLen = 0; switch (mechType) { case CKM_DES_ECB_ENCRYPT_DATA: case CKM_DES3_ECB_ENCRYPT_DATA: case CKM_AES_ECB_ENCRYPT_DATA: param1.pData = &data[0]; param1.ulLen = sizeof(data); mechanism.pParameter = ¶m1; mechanism.ulParameterLen = sizeof(param1); break; case CKM_DES_CBC_ENCRYPT_DATA: case CKM_DES3_CBC_ENCRYPT_DATA: memcpy(param2.iv, "12345678", 8); param2.pData = &data[0]; param2.length = sizeof(data); mechanism.pParameter = ¶m2; mechanism.ulParameterLen = sizeof(param2); break; case CKM_AES_CBC_ENCRYPT_DATA: memcpy(param3.iv, "1234567890ABCDEF", 16); param3.pData = &data[0]; param3.length = sizeof(data); mechanism.pParameter = ¶m3; mechanism.ulParameterLen = sizeof(param3); break; default: CPPUNIT_FAIL("Invalid mechanism"); } switch (keyType) { case CKK_GENERIC_SECRET: secLen = 32; break; case CKK_DES: mechEncrypt.mechanism = CKM_DES_ECB; break; case CKK_DES2: case CKK_DES3: mechEncrypt.mechanism = CKM_DES3_ECB; break; case CKK_AES: mechEncrypt.mechanism = CKM_AES_ECB; secLen = 32; break; default: CPPUNIT_FAIL("Invalid key type"); } CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY; CK_BBOOL bFalse = CK_FALSE; CK_BBOOL bTrue = CK_TRUE; CK_ATTRIBUTE keyAttribs[] = { { CKA_CLASS, &keyClass, sizeof(keyClass) }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_PRIVATE, &bFalse, sizeof(bFalse) }, { CKA_ENCRYPT, &bTrue, sizeof(bTrue) }, { CKA_DECRYPT, &bTrue, sizeof(bTrue) }, { CKA_SENSITIVE, &bFalse, sizeof(bFalse) }, { CKA_EXTRACTABLE, &bTrue, sizeof(bTrue) }, { CKA_VALUE_LEN, &secLen, sizeof(secLen) } }; hDerive = CK_INVALID_HANDLE; if (secLen > 0) { rv = CRYPTOKI_F_PTR( C_DeriveKey(hSession, &mechanism, hKey, keyAttribs, sizeof(keyAttribs)/sizeof(CK_ATTRIBUTE), &hDerive) ); } else { rv = CRYPTOKI_F_PTR( C_DeriveKey(hSession, &mechanism, hKey, keyAttribs, sizeof(keyAttribs)/sizeof(CK_ATTRIBUTE) - 1, &hDerive) ); } CPPUNIT_ASSERT(rv == CKR_OK); // Check that KCV has been set CK_ATTRIBUTE checkAttribs[] = { { CKA_CHECK_VALUE, NULL_PTR, 0 } }; CK_BYTE check[3]; checkAttribs[0].pValue = check; checkAttribs[0].ulValueLen = sizeof(check); rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hDerive, checkAttribs, 1) ); CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(checkAttribs[0].ulValueLen == 3); if (keyType == CKK_GENERIC_SECRET) return; CK_BYTE cipherText[300]; CK_ULONG ulCipherTextLen; CK_BYTE recoveredText[300]; CK_ULONG ulRecoveredTextLen; rv = CRYPTOKI_F_PTR( C_EncryptInit(hSession,&mechEncrypt,hDerive) ); CPPUNIT_ASSERT(rv==CKR_OK); ulCipherTextLen = sizeof(cipherText); rv = CRYPTOKI_F_PTR( C_Encrypt(hSession,data,sizeof(data),cipherText,&ulCipherTextLen) ); CPPUNIT_ASSERT(rv==CKR_OK); rv = CRYPTOKI_F_PTR( C_DecryptInit(hSession,&mechEncrypt,hDerive) ); CPPUNIT_ASSERT(rv==CKR_OK); ulRecoveredTextLen = sizeof(recoveredText); rv = CRYPTOKI_F_PTR( C_Decrypt(hSession,cipherText,ulCipherTextLen,recoveredText,&ulRecoveredTextLen) ); CPPUNIT_ASSERT(rv==CKR_OK); CPPUNIT_ASSERT(ulRecoveredTextLen==sizeof(data)); CPPUNIT_ASSERT(memcmp(data, recoveredText, sizeof(data)) == 0); }
void DeriveTests::ecdhDerive(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hPublicKey, CK_OBJECT_HANDLE hPrivateKey, CK_OBJECT_HANDLE &hKey, bool useRaw) { CK_ATTRIBUTE valAttrib = { CKA_EC_POINT, NULL_PTR, 0 }; CK_RV rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hPublicKey, &valAttrib, 1) ); CPPUNIT_ASSERT(rv == CKR_OK); valAttrib.pValue = (CK_BYTE_PTR)malloc(valAttrib.ulValueLen); rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hPublicKey, &valAttrib, 1) ); CPPUNIT_ASSERT(rv == CKR_OK); CK_ECDH1_DERIVE_PARAMS parms = { CKD_NULL, 0, NULL_PTR, 0, NULL_PTR }; // Use RAW or DER format if (useRaw) { size_t offset = 0; unsigned char* buf = (unsigned char*)valAttrib.pValue; if (valAttrib.ulValueLen > 2 && buf[0] == 0x04) { if (buf[1] < 0x80) { offset = 2; } else { if (valAttrib.ulValueLen > ((buf[1] & 0x7F) + (unsigned int)2)) { offset = 2 + (buf[1] & 0x7F); } } } parms.pPublicData = buf + offset; parms.ulPublicDataLen = valAttrib.ulValueLen - offset; } else { parms.pPublicData = (unsigned char*)valAttrib.pValue; parms.ulPublicDataLen = valAttrib.ulValueLen; } CK_MECHANISM mechanism = { CKM_ECDH1_DERIVE, NULL, 0 }; mechanism.pParameter = &parms; mechanism.ulParameterLen = sizeof(parms); CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY; CK_KEY_TYPE keyType = CKK_GENERIC_SECRET; CK_BBOOL bFalse = CK_FALSE; CK_BBOOL bTrue = CK_TRUE; CK_ULONG secLen = 32; CK_ATTRIBUTE keyAttribs[] = { { CKA_CLASS, &keyClass, sizeof(keyClass) }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_PRIVATE, &bFalse, sizeof(bFalse) }, { CKA_SENSITIVE, &bFalse, sizeof(bFalse) }, { CKA_EXTRACTABLE, &bTrue, sizeof(bTrue) }, { CKA_VALUE_LEN, &secLen, sizeof(secLen) } }; hKey = CK_INVALID_HANDLE; rv = CRYPTOKI_F_PTR( C_DeriveKey(hSession, &mechanism, hPrivateKey, keyAttribs, sizeof(keyAttribs)/sizeof(CK_ATTRIBUTE), &hKey) ); free(valAttrib.pValue); CPPUNIT_ASSERT(rv == CKR_OK); }
FLAG ECCTest_out() { CK_RV rv = 0; CK_SLOT_ID SlotId = 0; CK_SESSION_HANDLE hSession = 0; CK_OBJECT_HANDLE hECCPubKey = 0; CK_OBJECT_HANDLE hECCPriKey = 0; CK_BBOOL isTrue = TRUE; CK_ULONG ECCPubKeyClass = CKO_PUBLIC_KEY; CK_ULONG ECCPriKeyClass = CKO_PRIVATE_KEY; CK_BYTE Id[] = "MY_ECC_KEY"; CK_ATTRIBUTE ECCPubKey[] = { {CKA_CLASS, &ECCPubKeyClass, sizeof(ECCPubKeyClass)}, {CKA_ID, &Id, strlen(Id)}, {CKA_TOKEN, &isTrue, sizeof(isTrue)} }; CK_ATTRIBUTE ECCPriKey[] = { {CKA_CLASS, &ECCPriKeyClass, sizeof(ECCPriKeyClass)}, {CKA_ID, &Id, strlen(Id)}, {CKA_TOKEN, &isTrue, sizeof(isTrue)} }; CK_ATTRIBUTE CreateECCPubKey[] = { {CKA_CLASS, NULL_PTR, 0}, {CKA_MODULUS_BITS, NULL_PTR, 0}, {CKA_ID, NULL_PTR, 0}, {CKA_EC_POINT, NULL_PTR, 0} }; CK_ATTRIBUTE CreateECCPriKey[] = { {CKA_CLASS, NULL_PTR, 0}, {CKA_ID, NULL_PTR, 0}, {CKA_MODULUS_BITS, NULL_PTR, 0}, {CKA_VALUE, NULL_PTR, 0} }; CK_MECHANISM ECCGenKey = {CKM_ECDSA_KEY_PAIR_GEN, NULL_PTR, 0}; CK_MECHANISM mECCEncrypt = {CKM_ECDSA_PKCS, NULL_PTR, 0}; CK_BYTE indata[160] = {0x00}; CK_BYTE outdata[300] = {0x00}; CK_BYTE temp[300] = {0x00}; CK_ULONG outlength = 0; CK_ULONG templength = 0; printf("ECC Outside Encrypt and Decrypt!\n"); rv = C_OpenSession(SlotId, CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL_PTR, NULL, &hSession); #ifdef DEVICE_KEY C_Login(hSession, CKU_SO, "11111111", 8); #endif rv = C_GenerateKeyPair(hSession, &ECCGenKey, ECCPubKey, 3, ECCPriKey, 3, &hECCPubKey, &hECCPriKey); rv = C_CloseSession(hSession); rv = C_OpenSession(SlotId, CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL_PTR, NULL, &hSession); #ifdef DEVICE_KEY C_Login(hSession, CKU_SO, "11111111", 8); #endif rv = C_GetAttributeValue(hSession, hECCPubKey, CreateECCPubKey, 4); if (rv == 0) { CreateECCPubKey[0].pValue = malloc(CreateECCPubKey[0].ulValueLen); if (CreateECCPubKey[0].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); return -1; } CreateECCPubKey[1].pValue = malloc(CreateECCPubKey[1].ulValueLen); if (CreateECCPubKey[1].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); FreeAttribute(CreateECCPubKey, 1); return -1; } CreateECCPubKey[2].pValue = malloc(CreateECCPubKey[2].ulValueLen); if (CreateECCPubKey[2].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); FreeAttribute(CreateECCPubKey, 2); return -1; } CreateECCPubKey[3].pValue = malloc(CreateECCPubKey[3].ulValueLen); if (CreateECCPubKey[3].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); FreeAttribute(CreateECCPubKey, 3); return -1; } rv = C_GetAttributeValue(hSession, hECCPubKey, CreateECCPubKey, 4); rv = C_DestroyObject(hSession, hECCPubKey); rv = C_CreateObject(hSession, CreateECCPubKey, 4, &hECCPubKey); } FreeAttribute(CreateECCPubKey, 4); memset(indata, 0x33, 110); memset(outdata, 0x00, 300); memset(temp, 0x00, 300); rv = C_EncryptInit(hSession, &mECCEncrypt, hECCPubKey); rv = C_Encrypt(hSession, indata, 110, outdata, &outlength); rv = C_GetAttributeValue(hSession, hECCPriKey, CreateECCPriKey, 4); if (rv == 0) { CreateECCPriKey[0].pValue = malloc(CreateECCPriKey[0].ulValueLen); if (CreateECCPriKey[0].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); return -1; } CreateECCPriKey[1].pValue = malloc(CreateECCPriKey[1].ulValueLen); if (CreateECCPriKey[1].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); FreeAttribute(CreateECCPriKey, 1); return -1; } CreateECCPriKey[2].pValue = malloc(CreateECCPriKey[2].ulValueLen); if (CreateECCPriKey[2].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); FreeAttribute(CreateECCPriKey, 2); return -1; } CreateECCPriKey[3].pValue = malloc(CreateECCPriKey[3].ulValueLen); if (CreateECCPriKey[3].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); FreeAttribute(CreateECCPriKey, 3); return -1; } rv = C_GetAttributeValue(hSession, hECCPriKey, CreateECCPriKey, 4); rv = C_DestroyObject(hSession, hECCPriKey); rv = C_CreateObject(hSession, CreateECCPriKey, 4, &hECCPriKey); } FreeAttribute(CreateECCPriKey, 4); rv = C_DecryptInit(hSession, &mECCEncrypt, hECCPriKey); rv = C_Decrypt(hSession, outdata, outlength, temp, &templength); #ifdef DEVICE_KEY C_Logout(hSession); #endif rv = C_CloseSession(hSession); if (memcmp(indata, temp, 110) == 0 && templength == 110) { printf("OK ECC OUT!\n"); } else { printf("ERROR ECC OUT!\n"); } return 0; }
FLAG ECCTest_in() { CK_RV rv = 0; CK_SLOT_ID SlotId = 0; CK_SESSION_HANDLE hSession = 0; CK_ULONG ECCPubKeyClass = CKO_PUBLIC_KEY; CK_ULONG ECCPriKeyClass = CKO_PRIVATE_KEY; CK_BYTE ECCPubLabel[] = "ECC_PUBLIC_KEY_7"; CK_BYTE ECCPriLabel[] = "ECC_PRIVATE_KEY_7"; CK_BBOOL isFalse = TRUE; #if 0 /* CKA_LABEL TEST*/ CK_ATTRUBUTE ECCKeyLabel = { CAK_LABEL,//type ECCPub//value //value_len }; #endif /* END CAK_LABEL TEST*/ CK_ATTRIBUTE ECCPubKey[] = { {CKA_CLASS, &ECCPubKeyClass, sizeof(ECCPubKeyClass)}, {CKA_LABEL, &ECCPubLabel, sizeof(ECCPubLabel)}, {CKA_TOKEN, &isFalse, sizeof(isFalse)} }; CK_ATTRIBUTE ECCPriKey[] = { {CKA_CLASS, &ECCPriKeyClass, sizeof(ECCPriKeyClass)}, {CKA_LABEL, &ECCPriLabel, sizeof(ECCPriLabel)}, {CKA_TOKEN, &isFalse, sizeof(isFalse)} }; CK_ATTRIBUTE CreateECCPriKey[] = { {CKA_CLASS, NULL_PTR, 0}, {CKA_MODULUS_BITS, NULL_PTR, 0}, {CKA_VALUE, NULL_PTR, 0} }; CK_MECHANISM ECCGenKey = {CKM_ECDSA_KEY_PAIR_GEN, NULL_PTR, 0}; CK_MECHANISM mECCEncrypt = {CKM_ECDSA_PKCS, NULL_PTR, 0}; CK_OBJECT_HANDLE hECCPubKey = 0; CK_OBJECT_HANDLE hECCPriKey = 0; CK_BYTE indata[160] = {0x00}; CK_BYTE outdata[300] = {0x00}; CK_BYTE temp[300] = {0x00}; CK_ULONG outlength = 0; CK_ULONG templength = 0; memset(indata, 0x31, 40); memset(outdata, 0x00, 300); memset(temp, 0x00, 300); printf("ECC Inside Encrypt and Decrypt!\n"); rv = C_OpenSession(SlotId, CKF_SERIAL_SESSION|CKF_RW_SESSION, NULL_PTR, NULL, &hSession); #ifdef DEVICE_KEY C_Login(hSession, CKU_SO, "11111111", 8); #endif rv = C_GenerateKeyPair(hSession, &ECCGenKey, ECCPubKey, 3, ECCPriKey, 3, &hECCPubKey, &hECCPriKey); rv = C_EncryptInit(hSession, &mECCEncrypt, hECCPubKey); rv = C_Encrypt(hSession, indata, 40, outdata, &outlength); rv = C_DecryptInit(hSession, &mECCEncrypt, hECCPriKey); rv = C_Decrypt(hSession, outdata, outlength, temp, &templength); if (memcmp(indata, temp, 40) == 0 && templength == 40) { printf("OK ECC IN!\n"); } else { printf("ERROR ECC IN!\n"); } printf("ECC Crossing Encrypt and Decrypt!\n"); memset(indata, 0x33, 110); memset(outdata, 0x00, 300); memset(temp, 0x00, 300); rv = C_GetAttributeValue(hSession, hECCPriKey, CreateECCPriKey, 3); if (rv == 0) { CreateECCPriKey[0].pValue = malloc(CreateECCPriKey[0].ulValueLen); if (CreateECCPriKey[0].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); return -1; } CreateECCPriKey[1].pValue = malloc(CreateECCPriKey[1].ulValueLen); if (CreateECCPriKey[1].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); FreeAttribute(CreateECCPriKey, 1); return -1; } CreateECCPriKey[2].pValue = malloc(CreateECCPriKey[2].ulValueLen); if (CreateECCPriKey[2].pValue == NULL) { printf("ECCTest_out->malloc ERROR!\n"); FreeAttribute(CreateECCPriKey, 2); return -1; } rv = C_GetAttributeValue(hSession, hECCPriKey, CreateECCPriKey, 3); rv = C_CreateObject(hSession, CreateECCPriKey, 3, &hECCPriKey); } FreeAttribute(CreateECCPriKey, 3); rv = C_EncryptInit(hSession, &mECCEncrypt, hECCPubKey); rv = C_Encrypt(hSession, indata, 110, outdata, &outlength); rv = C_DecryptInit(hSession, &mECCEncrypt, hECCPriKey); rv = C_Decrypt(hSession, outdata, outlength, temp, &templength); if (memcmp(indata, temp, 110) == 0 && templength == 110) { printf("OK ECC Crossing!\n"); } else { printf("ERROR ECC Crossing!\n"); } #ifdef DEVICE_KEY C_Logout(hSession); #endif C_CloseSession(hSession); return 0; }
HRESULT Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_FindObjectEnum::FindObjects___SZARRAY_MicrosoftSPOTCryptokiCryptokiObject__I4( CLR_RT_StackFrame& stack ) { TINYCLR_HEADER(); CLR_RT_HeapBlock* pThis = stack.This(); CLR_RT_HeapBlock* pSession = pThis[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_FindObjectEnum::FIELD__m_session].Dereference(); CLR_RT_HeapBlock ref, *pRef; CK_SESSION_HANDLE hSession; CK_ULONG cntObj = (CK_ULONG)stack.Arg1().NumericByRef().u4; CK_OBJECT_HANDLE objs[128]; CK_OBJECT_CLASS objType = CKO_DATA; CLR_INT32 i; CLR_RT_TypeDef_Index objIndex = g_CLR_RT_WellKnownTypes.m_CryptokiObject; BOOL isKey = FALSE; CK_ATTRIBUTE attribs[] = { { CKA_CLASS, &objType, sizeof(objType) }, }; FAULT_ON_NULL(pSession); if(cntObj > ARRAYSIZE(objs)) TINYCLR_SET_AND_LEAVE(CLR_E_OUT_OF_RANGE); hSession = pSession[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_Session::FIELD__m_handle].NumericByRef().u4; CRYPTOKI_CHECK_RESULT(stack, C_FindObjects(hSession, objs, cntObj, &cntObj )); CRYPTOKI_CHECK_RESULT(stack, C_GetAttributeValue(hSession, objs[0], attribs, ARRAYSIZE(attribs))); SwapEndianAndAssignIfBEc32(objType, objType); switch(objType) { case CKO_CERTIFICATE: objIndex = g_CLR_RT_WellKnownTypes.m_CryptokiCertificate; break; case CKO_PRIVATE_KEY: case CKO_PUBLIC_KEY: case CKO_SECRET_KEY: case CKO_OTP_KEY: objIndex = g_CLR_RT_WellKnownTypes.m_CryptoKey; isKey = TRUE; break; } TINYCLR_CHECK_HRESULT(CLR_RT_HeapBlock_Array::CreateInstance(ref, (CLR_UINT32)cntObj, objIndex)); if(cntObj == 0) { stack.SetResult_Object(ref.DereferenceArray()); TINYCLR_SET_AND_LEAVE(S_OK); } pRef = (CLR_RT_HeapBlock*)ref.DereferenceArray()->GetFirstElement(); for(i=0; i<(INT32)cntObj; i++) { CLR_RT_HeapBlock *pObject; TINYCLR_CHECK_HRESULT(g_CLR_RT_ExecutionEngine.NewObjectFromIndex( *pRef, objIndex )); pObject = pRef->Dereference(); pObject[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_CryptokiObject::FIELD__m_handle ].SetInteger((CLR_INT32)objs[i]); pObject[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_SessionContainer::FIELD__m_session ].SetObjectReference(pSession); pObject[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_SessionContainer::FIELD__m_ownsSession ].SetBoolean(false); pObject[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_SessionContainer::FIELD__m_isDisposed ].SetBoolean(false); pObject[Library_security_pkcs11_native_Microsoft_SPOT_Cryptoki_SessionContainer::FIELD__m_isSessionClosing].SetBoolean(false); if(isKey) { CK_ULONG keySize = (CK_ULONG)-1; CK_ULONG keyType = (CK_ULONG)-1; CK_ATTRIBUTE attribs[] = { { CKA_VALUE_BITS, &keySize, sizeof(keySize) }, { CKA_KEY_TYPE , &keyType, sizeof(keyType) }, }; pObject[Library_security_pkcs11_native_System_Security_Cryptography_CryptoKey::FIELD__m_keyType].NumericByRef().s4 = SwapEndianIfBEc32(keyType); C_GetAttributeValue(hSession, objs[i], attribs, ARRAYSIZE(attribs)); pObject[Library_security_pkcs11_native_System_Security_Cryptography_CryptoKey::FIELD__m_length].NumericByRef().u4 = SwapEndianIfBEc32(keySize); switch(objType) { case CKO_PRIVATE_KEY: pObject[Library_security_pkcs11_native_System_Security_Cryptography_CryptoKey::FIELD__m_privateKeyHandle].NumericByRef().u4 = objs[i]; break; case CKO_PUBLIC_KEY: case CKO_SECRET_KEY: default: pObject[Library_security_pkcs11_native_System_Security_Cryptography_CryptoKey::FIELD__m_privateKeyHandle].NumericByRef().u4 = CK_OBJECT_HANDLE_INVALID; break; } } else if(objType == CKO_CERTIFICATE) { CK_ULONG keySize = (CK_ULONG)-1; CK_ULONG keyType = (CK_ULONG)-1; BOOL isPrivate = FALSE; CK_ATTRIBUTE attribs[] = { { CKA_VALUE_BITS, &keySize, sizeof(keySize)}, { CKA_KEY_TYPE , &keyType, sizeof(keyType)}, { CKA_PRIVATE , &isPrivate, sizeof(isPrivate)}, }; C_GetAttributeValue(hSession, objs[i], attribs, ARRAYSIZE(attribs)); pObject[Library_security_pkcs11_native_System_Security_Cryptography_CryptoKey::FIELD__m_keyType].NumericByRef().s4 = SwapEndianIfBEc32(keyType); pObject[Library_security_pkcs11_native_System_Security_Cryptography_CryptoKey::FIELD__m_length].NumericByRef().u4 = SwapEndianIfBEc32(keySize); if(isPrivate == TRUE) { pObject[Library_security_pkcs11_native_System_Security_Cryptography_CryptoKey::FIELD__m_privateKeyHandle].NumericByRef().u4 = objs[i]; } else { pObject[Library_security_pkcs11_native_System_Security_Cryptography_CryptoKey::FIELD__m_privateKeyHandle].NumericByRef().u4 = CK_OBJECT_HANDLE_INVALID; } } pRef++; } stack.SetResult_Object(ref.DereferenceArray()); TINYCLR_NOCLEANUP(); }
CK_RV dump_object (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object) { CK_RV err; CK_OBJECT_CLASS obj_class; CK_ATTRIBUTE attr_class = { CKA_CLASS, &obj_class, sizeof (obj_class) }; err = C_GetAttributeValue (session, object, &attr_class, 1); if (err) return err; printf (" Object Class: %lu = ", obj_class); switch (obj_class) { #define MAX_CERT_LEN 4096 case CKO_CERTIFICATE: { CK_CERTIFICATE_TYPE cert_type; CK_BBOOL cert_token; CK_BBOOL cert_private; CK_BBOOL cert_modifiable; CK_BYTE cert_label[MAX_CERT_LEN]; CK_BBOOL cert_trusted; CK_ULONG cert_cc; CK_BYTE cert_check[3]; CK_DATE cert_sdate; CK_DATE cert_edate; CK_BYTE cert_subject[MAX_CERT_LEN]; CK_BYTE cert_id[MAX_CERT_LEN]; CK_BYTE cert_issuer[MAX_CERT_LEN]; CK_BYTE cert_serial[MAX_CERT_LEN]; CK_BYTE cert_value[MAX_CERT_LEN]; CK_ULONG cert_jm; /* Note that the order is encoded below in the various length checks. */ CK_ATTRIBUTE cert_attr[] = { { CKA_CERTIFICATE_TYPE, &cert_type, sizeof (cert_type) }, { CKA_TOKEN, &cert_token, sizeof (cert_token) }, { CKA_PRIVATE, &cert_private, sizeof (cert_private) }, { CKA_MODIFIABLE, &cert_modifiable, sizeof (cert_modifiable) }, { CKA_LABEL, &cert_label, sizeof (cert_label) }, { CKA_TRUSTED, &cert_trusted, sizeof (cert_trusted) }, { CKA_CERTIFICATE_CATEGORY, &cert_cc, sizeof (cert_cc) }, { CKA_CHECK_VALUE, &cert_check, sizeof (cert_check) }, { CKA_START_DATE, &cert_sdate, sizeof (cert_sdate) }, { CKA_END_DATE, &cert_edate, sizeof (cert_edate) }, { CKA_SUBJECT, &cert_subject, sizeof (cert_subject) }, { CKA_ID, &cert_id, sizeof (cert_id) }, { CKA_ISSUER, &cert_issuer, sizeof (cert_issuer) }, { CKA_SERIAL_NUMBER, &cert_serial, sizeof (cert_serial) }, { CKA_VALUE, cert_value, sizeof (cert_value) }, { CKA_URL, NULL, 0 }, { CKA_HASH_OF_SUBJECT_PUBLIC_KEY, NULL, 0 }, { CKA_HASH_OF_ISSUER_PUBLIC_KEY, NULL, 0 }, { CKA_JAVA_MIDP_SECURITY_DOMAIN, &cert_jm, sizeof (cert_jm) } }; printf ("CKO_CERTIFICATE\n"); err = C_GetAttributeValue (session, object, cert_attr, DIM (cert_attr)); if (err) return err; fail_if_err ((cert_attr[0].ulValueLen != sizeof (cert_type)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Type: %lu = ", cert_type); switch (cert_type) { case CKC_X_509: printf ("CKC_X_509"); break; case CKC_WTLS: printf ("CKC_WTLS"); break; case CKC_X_509_ATTR_CERT: printf ("CKC_X_509_ATTR_CERT"); break; default: printf ("(unknown"); break; } printf ("\n"); fail_if_err ((cert_attr[1].ulValueLen != sizeof (cert_token)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Token: %s\n", cert_token ? "true" : "false"); fail_if_err ((cert_attr[2].ulValueLen != sizeof (cert_private)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Private: %s\n", cert_private ? "true" : "false"); fail_if_err ((cert_attr[3].ulValueLen != sizeof (cert_modifiable)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Modifiable: %s\n", cert_modifiable ? "true" : "false"); printf (" Certificate Label: Length %lu\n", cert_attr[4].ulValueLen); err = dump_one (&cert_attr[4], cert_label, sizeof (cert_label)); fail_if_err (err); fail_if_err ((cert_attr[5].ulValueLen != sizeof (cert_trusted)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Trusted: %s\n", cert_trusted ? "true" : "false"); fail_if_err ((cert_attr[6].ulValueLen != sizeof (cert_cc)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Category: %lu = ", cert_cc); switch (cert_cc) { case 0: printf ("unspecified"); break; case 1: printf ("token user"); break; case 2: printf ("authority"); break; case 3: printf ("other entity"); break; default: printf ("(unknown)"); break; } printf ("\n"); fail_if_err ((cert_attr[7].ulValueLen != sizeof (cert_check)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Check Value: %02x%02x%02x\n", cert_check[0], cert_check[1], cert_check[2]); if (cert_attr[8].ulValueLen && cert_attr[9].ulValueLen) { fail_if_err ((cert_attr[8].ulValueLen != sizeof (cert_sdate)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Start Date: %.4s/%.2s/%.2s\n", cert_sdate.year, cert_sdate.month, cert_sdate.day); fail_if_err ((cert_attr[9].ulValueLen != sizeof (cert_edate)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate End Date: %.4s/%.2s/%.2s\n", cert_edate.year, cert_edate.month, cert_edate.day); } printf (" Certificate Subject: Length %lu\n", cert_attr[10].ulValueLen); err = dump_one (&cert_attr[10], cert_subject, sizeof (cert_subject)); fail_if_err (err); printf (" Certificate ID: Length %lu\n", cert_attr[11].ulValueLen); err = dump_one (&cert_attr[11], cert_id, sizeof (cert_id)); fail_if_err (err); printf (" Certificate Issuer: Length %lu\n", cert_attr[12].ulValueLen); err = dump_one (&cert_attr[12], cert_issuer, sizeof (cert_issuer)); fail_if_err (err); printf (" Certificate Serial Number: Length %lu\n", cert_attr[13].ulValueLen); err = dump_one (&cert_attr[13], cert_serial, sizeof (cert_serial)); fail_if_err (err); printf (" Certificate Value: Length %lu\n", cert_attr[14].ulValueLen); err = dump_one (&cert_attr[14], cert_value, sizeof (cert_value)); fail_if_err (err); fail_if_err ((cert_attr[15].ulValueLen != 0) ? CKR_GENERAL_ERROR : 0); fail_if_err ((cert_attr[16].ulValueLen != 0) ? CKR_GENERAL_ERROR : 0); fail_if_err ((cert_attr[17].ulValueLen != 0) ? CKR_GENERAL_ERROR : 0); fail_if_err ((cert_attr[18].ulValueLen != sizeof (cert_jm)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Java MIDP Security Domain: %lu = ", cert_jm); switch (cert_jm) { case 0: printf ("unspecified"); break; case 1: printf ("manufacturer"); break; case 2: printf ("operator"); break; case 3: printf ("third party"); break; default: printf ("(unknown)"); break; } printf ("\n"); } break; case CKO_PRIVATE_KEY: { CK_KEY_TYPE key_type; CK_BBOOL key_token; CK_BBOOL key_private; CK_BBOOL key_modifiable; CK_BYTE key_label[MAX_CERT_LEN]; CK_BYTE key_id[MAX_CERT_LEN]; CK_DATE key_sdate; CK_DATE key_edate; CK_BBOOL key_derive; CK_BBOOL key_local; CK_MECHANISM_TYPE key_gen; CK_MECHANISM_TYPE key_mechanisms[1]; /* FIXME, hard-coded constant. */ CK_BYTE key_subject[MAX_CERT_LEN]; CK_BBOOL key_sensitive; CK_BBOOL key_decrypt; CK_BBOOL key_sign; CK_BBOOL key_sign_recover; CK_BBOOL key_unwrap; CK_BBOOL key_extractable; CK_BBOOL key_always_sensitive; CK_BBOOL key_never_extractable; CK_BBOOL key_wrap_with_trusted; CK_BBOOL key_always_authenticate; CK_BYTE key_modulus[MAX_CERT_LEN]; CK_BYTE key_public_exp[MAX_CERT_LEN]; /* Note that the order is encoded below in the various length checks. */ CK_ATTRIBUTE key_attr[] = { { CKA_KEY_TYPE, &key_type, sizeof (key_type) }, { CKA_TOKEN, &key_token, sizeof (key_token) }, { CKA_PRIVATE, &key_private, sizeof (key_private) }, { CKA_MODIFIABLE, &key_modifiable, sizeof (key_modifiable) }, { CKA_LABEL, &key_label, sizeof (key_label) }, { CKA_ID, &key_id, sizeof (key_id) }, { CKA_START_DATE, &key_sdate, sizeof (key_sdate) }, { CKA_END_DATE, &key_edate, sizeof (key_edate) }, { CKA_DERIVE, &key_derive, sizeof (key_derive) }, { CKA_LOCAL, &key_local, sizeof (key_local) }, { CKA_KEY_GEN_MECHANISM, &key_gen, sizeof (key_gen) }, { CKA_ALLOWED_MECHANISMS, &key_mechanisms, sizeof (key_mechanisms) }, { CKA_SUBJECT, &key_subject, sizeof (key_subject) }, { CKA_SENSITIVE, &key_sensitive, sizeof (key_sensitive) }, { CKA_DECRYPT, &key_decrypt, sizeof (key_decrypt) }, { CKA_SIGN, &key_sign, sizeof (key_sign) }, { CKA_SIGN_RECOVER, &key_sign_recover, sizeof (key_sign_recover) }, { CKA_UNWRAP, &key_unwrap, sizeof (key_unwrap) }, { CKA_EXTRACTABLE, &key_extractable, sizeof (key_extractable) }, { CKA_ALWAYS_SENSITIVE, &key_always_sensitive, sizeof (key_always_sensitive) }, { CKA_NEVER_EXTRACTABLE, &key_never_extractable, sizeof (key_never_extractable) }, { CKA_WRAP_WITH_TRUSTED, &key_wrap_with_trusted, sizeof (key_wrap_with_trusted) }, { CKA_UNWRAP_TEMPLATE, NULL, 0 }, { CKA_ALWAYS_AUTHENTICATE, &key_always_authenticate, sizeof (key_always_authenticate) }, { CKA_MODULUS, &key_modulus, sizeof (key_modulus) }, { CKA_PUBLIC_EXPONENT, &key_public_exp, sizeof (key_public_exp) } }; printf ("CKO_PRIVATE_KEY\n"); err = C_GetAttributeValue (session, object, key_attr, DIM (key_attr)); if (err) return err; fail_if_err ((key_attr[0].ulValueLen != sizeof (key_type)) ? CKR_GENERAL_ERROR : 0); printf (" Key Type: %lu = ", key_type); switch (key_type) { case CKK_RSA: printf ("CKK_RSA"); break; case CKK_DSA: printf ("CKK_DSA"); break; default: printf ("(unknown"); break; } printf ("\n"); fail_if_err ((key_attr[1].ulValueLen != sizeof (key_token)) ? CKR_GENERAL_ERROR : 0); printf (" Key Token: %s\n", key_token ? "true" : "false"); fail_if_err ((key_attr[2].ulValueLen != sizeof (key_private)) ? CKR_GENERAL_ERROR : 0); printf (" Key Private: %s\n", key_private ? "true" : "false"); fail_if_err ((key_attr[3].ulValueLen != sizeof (key_modifiable)) ? CKR_GENERAL_ERROR : 0); printf (" Key Modifiable: %s\n", key_modifiable ? "true" : "false"); printf (" Key Label: Length %lu\n", key_attr[4].ulValueLen); err = dump_one (&key_attr[4], key_label, sizeof (key_label)); fail_if_err (err); printf (" Key ID: Length %lu\n", key_attr[5].ulValueLen); err = dump_one (&key_attr[5], key_id, sizeof (key_id)); fail_if_err (err); if (key_attr[6].ulValueLen && key_attr[7].ulValueLen) { fail_if_err ((key_attr[6].ulValueLen != sizeof (key_sdate)) ? CKR_GENERAL_ERROR : 0); printf (" Key Start Date: %.4s/%.2s/%.2s\n", key_sdate.year, key_sdate.month, key_sdate.day); fail_if_err ((key_attr[7].ulValueLen != sizeof (key_edate)) ? CKR_GENERAL_ERROR : 0); printf (" Key End Date: %.4s/%.2s/%.2s\n", key_edate.year, key_edate.month, key_edate.day); } fail_if_err ((key_attr[8].ulValueLen != sizeof (key_derive)) ? CKR_GENERAL_ERROR : 0); printf (" Key Derive: %s\n", key_derive ? "true" : "false"); fail_if_err ((key_attr[9].ulValueLen != sizeof (key_local)) ? CKR_GENERAL_ERROR : 0); printf (" Key Local: %s\n", key_local ? "true" : "false"); fail_if_err ((key_attr[10].ulValueLen != sizeof (key_gen)) ? CKR_GENERAL_ERROR : 0); /* FIXME: Print Mechanism. */ printf (" Key Gen Mechanism: %lu\n", key_gen); /* FIXME: Print supported mechanisms. 11 */ printf (" Key Subject: Length %lu\n", key_attr[12].ulValueLen); err = dump_one (&key_attr[12], key_subject, sizeof (key_subject)); fail_if_err (err); fail_if_err ((key_attr[13].ulValueLen != sizeof (key_sensitive)) ? CKR_GENERAL_ERROR : 0); printf (" Key Sensitive: %s\n", key_sensitive ? "true" : "false"); fail_if_err ((key_attr[14].ulValueLen != sizeof (key_decrypt)) ? CKR_GENERAL_ERROR : 0); printf (" Key Decrypt: %s\n", key_decrypt ? "true" : "false"); fail_if_err ((key_attr[15].ulValueLen != sizeof (key_sign)) ? CKR_GENERAL_ERROR : 0); printf (" Key Sign: %s\n", key_sign ? "true" : "false"); fail_if_err ((key_attr[16].ulValueLen != sizeof (key_sign_recover)) ? CKR_GENERAL_ERROR : 0); printf (" Key Sign Recover: %s\n", key_sign_recover ? "true" : "false"); fail_if_err ((key_attr[17].ulValueLen != sizeof (key_unwrap)) ? CKR_GENERAL_ERROR : 0); printf (" Key Unwrap: %s\n", key_unwrap ? "true" : "false"); fail_if_err ((key_attr[18].ulValueLen != sizeof (key_extractable)) ? CKR_GENERAL_ERROR : 0); printf (" Key Extractable: %s\n", key_extractable ? "true" : "false"); fail_if_err ((key_attr[19].ulValueLen != sizeof (key_always_sensitive)) ? CKR_GENERAL_ERROR : 0); printf (" Key Always Sensitive: %s\n", key_always_sensitive ? "true" : "false"); fail_if_err ((key_attr[20].ulValueLen != sizeof (key_never_extractable)) ? CKR_GENERAL_ERROR : 0); printf (" Key Never Extractable: %s\n", key_never_extractable ? "true" : "false"); fail_if_err ((key_attr[21].ulValueLen != sizeof (key_wrap_with_trusted)) ? CKR_GENERAL_ERROR : 0); printf (" Key Wrap With Trusted: %s\n", key_wrap_with_trusted ? "true" : "false"); fail_if_err ((key_attr[22].ulValueLen != 0) ? CKR_GENERAL_ERROR : 0); fail_if_err ((key_attr[23].ulValueLen != sizeof (key_always_authenticate)) ? CKR_GENERAL_ERROR : 0); printf (" Key Always Authenticate: %s\n", key_always_authenticate ? "true" : "false"); printf (" Key Modulus: Length %lu\n", key_attr[24].ulValueLen); err = dump_one (&key_attr[24], key_modulus, sizeof (key_modulus)); fail_if_err (err); printf (" Key Subject: Length %lu\n", key_attr[25].ulValueLen); err = dump_one (&key_attr[25], key_public_exp, sizeof (key_public_exp)); fail_if_err (err); } break; default: printf ("(unknown)\n"); } return 0; }
KMF_RETURN PKCS_EncryptData(KMF_HANDLE_T kmfh, KMF_ALGORITHM_INDEX AlgorithmId, KMF_X509_SPKI *keyp, KMF_DATA *plaintext, KMF_DATA *ciphertext) { KMF_RETURN rv = KMF_OK; CK_RV ckRv; CK_MECHANISM ckMechanism; CK_MECHANISM_TYPE mechtype; CK_KEY_TYPE keytype; CK_OBJECT_HANDLE ckKeyHandle = 0; CK_SESSION_HANDLE ckSession = NULL; CK_ULONG out_len = 0, in_len = 0, total_encrypted = 0; uint8_t *in_data, *out_data; int i, blocks, block_size; CK_ATTRIBUTE ckTemplate[2]; CK_ULONG ckNumTemplates; CK_ULONG ckMaxTemplates = (sizeof (ckTemplate) / sizeof (CK_ATTRIBUTE)); if (get_pk11_data(AlgorithmId, &keytype, &mechtype, NULL, 0)) return (KMF_ERR_BAD_ALGORITHM); rv = kmf_create_pk11_session(&ckSession, mechtype, CKF_ENCRYPT); if (rv != KMF_OK) return (rv); /* Get the public key used in encryption */ rv = PKCS_AcquirePublicKeyHandle(ckSession, keyp, keytype, &ckKeyHandle); if (rv != KMF_OK) { (void) C_CloseSession(ckSession); return (rv); } /* Get the modulus length */ ckNumTemplates = 0; if (!PKCS_AddTemplate(ckTemplate, &ckNumTemplates, ckMaxTemplates, CKA_MODULUS, (CK_BYTE *)NULL, sizeof (CK_ULONG))) { if (ckKeyHandle != 0) (void) C_DestroyObject(ckSession, ckKeyHandle); (void) C_CloseSession(ckSession); return (KMF_ERR_INTERNAL); } ckRv = C_GetAttributeValue(ckSession, ckKeyHandle, ckTemplate, ckNumTemplates); if (ckRv != CKR_OK) { if (ckKeyHandle != 0) (void) C_DestroyObject(ckSession, ckKeyHandle); kmfh->lasterr.kstype = KMF_KEYSTORE_PK11TOKEN; kmfh->lasterr.errcode = ckRv; (void) C_CloseSession(ckSession); return (KMF_ERR_INTERNAL); } out_len = ckTemplate[0].ulValueLen; if (out_len > ciphertext->Length) { if (ckKeyHandle != 0) (void) C_DestroyObject(ckSession, ckKeyHandle); (void) C_CloseSession(ckSession); return (KMF_ERR_BUFFER_SIZE); } ckMechanism.mechanism = mechtype; ckMechanism.pParameter = NULL_PTR; ckMechanism.ulParameterLen = 0; /* Compute the fixed input data length for single-part encryption */ block_size = out_len - 11; in_data = plaintext->Data; out_data = ciphertext->Data; blocks = plaintext->Length/block_size; for (i = 0; i < blocks; i++) { ckRv = C_EncryptInit(ckSession, &ckMechanism, ckKeyHandle); if (ckRv != CKR_OK) { if (ckKeyHandle != 0) (void) C_DestroyObject(ckSession, ckKeyHandle); kmfh->lasterr.kstype = KMF_KEYSTORE_PK11TOKEN; kmfh->lasterr.errcode = ckRv; (void) C_CloseSession(ckSession); return (KMF_ERR_INTERNAL); } ckRv = C_Encrypt(ckSession, (CK_BYTE_PTR)in_data, block_size, (CK_BYTE_PTR)out_data, &out_len); if (ckRv != CKR_OK) { if (ckKeyHandle != 0) (void) C_DestroyObject(ckSession, ckKeyHandle); kmfh->lasterr.kstype = KMF_KEYSTORE_PK11TOKEN; kmfh->lasterr.errcode = ckRv; (void) C_CloseSession(ckSession); return (KMF_ERR_INTERNAL); } out_data += out_len; total_encrypted += out_len; in_data += block_size; } if (plaintext->Length % block_size) { /* Encrypt the remaining data */ ckRv = C_EncryptInit(ckSession, &ckMechanism, ckKeyHandle); if (ckRv != CKR_OK) { if (ckKeyHandle != 0) (void) C_DestroyObject(ckSession, ckKeyHandle); kmfh->lasterr.kstype = KMF_KEYSTORE_PK11TOKEN; kmfh->lasterr.errcode = ckRv; (void) C_CloseSession(ckSession); return (KMF_ERR_INTERNAL); } in_len = plaintext->Length % block_size; ckRv = C_Encrypt(ckSession, (CK_BYTE_PTR)in_data, in_len, (CK_BYTE_PTR)out_data, &out_len); if (ckRv != CKR_OK) { if (ckKeyHandle != 0) (void) C_DestroyObject(ckSession, ckKeyHandle); kmfh->lasterr.kstype = KMF_KEYSTORE_PK11TOKEN; kmfh->lasterr.errcode = ckRv; (void) C_CloseSession(ckSession); return (KMF_ERR_INTERNAL); } out_data += out_len; total_encrypted += out_len; in_data += in_len; } ciphertext->Length = total_encrypted; if (ckKeyHandle != 0) (void) C_DestroyObject(ckSession, ckKeyHandle); (void) C_CloseSession(ckSession); return (rv); }
/* * Utility routine for verifying generic data using * the cryptographic framework (PKCS#11). * There are situations where we want to force this * operation to happen in a specific keystore. * For example: * libelfsign.so.1 verifies signatures on crypto libraries. * We must use pkcs11 functions to verify the pkcs11 * plugins in order to keep the validation within the * Cryptographic Framework's FIPS-140 boundary. To avoid * a circular dependency, pksc11_softtoken.so.1 is * interposed by libkcfd.so.1 via kcfd, which prevents * libpkcs11.so.1's interfaces from being used when libkmf.so.1 * is called from kcfd. * * This also saves code and time because verify operations * only use public keys and do not need acccess to any * keystore specific functions. */ KMF_RETURN PKCS_VerifyData(KMF_HANDLE_T handle, KMF_ALGORITHM_INDEX AlgorithmId, KMF_X509_SPKI *keyp, KMF_DATA *data, KMF_DATA *signature) { KMF_RETURN rv = KMF_OK; CK_RV ckRv; KMF_HANDLE *kmfh = (KMF_HANDLE *)handle; CK_MECHANISM ckMechanism; CK_MECHANISM_TYPE mechtype, hashmech; CK_OBJECT_HANDLE ckKeyHandle = 0; CK_KEY_TYPE pk11keytype; CK_SESSION_HANDLE ckSession = 0; CK_ATTRIBUTE subprime = { CKA_SUBPRIME, NULL, 0 }; CK_BYTE *dataptr; CK_ULONG datalen; KMF_DATA hashData = { 0, NULL }; uchar_t digest[1024]; if (AlgorithmId == KMF_ALGID_NONE) return (KMF_ERR_BAD_ALGORITHM); if (get_pk11_data(AlgorithmId, &pk11keytype, &mechtype, &hashmech, 1)) return (KMF_ERR_BAD_ALGORITHM); /* * Verify in metaslot/softtoken since only the public key is needed * and not all hardware tokens support the combined [hash]-RSA/DSA/EC * mechanisms. */ rv = kmf_create_pk11_session(&ckSession, mechtype, 0); if (rv != KMF_OK) return (rv); /* Fetch the verifying key */ rv = PKCS_AcquirePublicKeyHandle(ckSession, keyp, pk11keytype, &ckKeyHandle); if (rv != KMF_OK) { (void) C_CloseSession(ckSession); return (rv); } dataptr = data->Data; datalen = data->Length; /* * For some mechanisms, we must compute the hash separately * and then do the verify. */ if (hashmech != 0 && (mechtype == CKM_ECDSA || mechtype == CKM_DSA || mechtype == CKM_RSA_PKCS)) { hashData.Data = digest; hashData.Length = sizeof (digest); rv = PKCS_DigestData(handle, ckSession, hashmech, data, &hashData, (mechtype == CKM_RSA_PKCS)); if (rv) goto cleanup; dataptr = hashData.Data; datalen = hashData.Length; } if (mechtype == CKM_DSA && hashmech == CKM_SHA256) { /* * FIPS 186-3 says that when using DSA * the hash must be truncated to the size of the * subprime. */ ckRv = C_GetAttributeValue(ckSession, ckKeyHandle, &subprime, 1); if (ckRv != CKR_OK) { kmfh->lasterr.kstype = KMF_KEYSTORE_PK11TOKEN; kmfh->lasterr.errcode = ckRv; rv = KMF_ERR_INTERNAL; goto cleanup; } datalen = subprime.ulValueLen; } ckMechanism.mechanism = mechtype; ckMechanism.pParameter = NULL; ckMechanism.ulParameterLen = 0; ckRv = C_VerifyInit(ckSession, &ckMechanism, ckKeyHandle); if (ckRv != CKR_OK) { kmfh->lasterr.kstype = KMF_KEYSTORE_PK11TOKEN; kmfh->lasterr.errcode = ckRv; rv = KMF_ERR_INTERNAL; goto cleanup; } ckRv = C_Verify(ckSession, dataptr, datalen, (CK_BYTE *)signature->Data, (CK_ULONG)signature->Length); if (ckRv != CKR_OK) { kmfh->lasterr.kstype = KMF_KEYSTORE_PK11TOKEN; kmfh->lasterr.errcode = ckRv; rv = KMF_ERR_INTERNAL; } cleanup: if (ckKeyHandle != 0) (void) C_DestroyObject(ckSession, ckKeyHandle); (void) C_CloseSession(ckSession); return (rv); }