1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2003 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 #include <security/cryptoki.h> 30 #include "pkcs11Global.h" 31 #include "pkcs11Conf.h" 32 #include "pkcs11Session.h" 33 #include "pkcs11Slot.h" 34 35 /* 36 * C_EncryptInit will verify that the session handle is valid within 37 * the framework, that the mechanism is not disabled for the slot 38 * associated with this session, and then redirect to the underlying 39 * provider. Policy is checked for C_EncryptInit, and not C_Encrypt 40 * or C_EncryptUpdate, since C_EncryptInit is required to be called 41 * before C_Encrypt and C_EncryptUpdate. 42 */ 43 CK_RV 44 C_EncryptInit(CK_SESSION_HANDLE hSession, 45 CK_MECHANISM_PTR pMechanism, 46 CK_OBJECT_HANDLE hKey) 47 { 48 CK_RV rv; 49 pkcs11_session_t *sessp; 50 CK_SLOT_ID slotid; 51 52 /* Check for a fastpath */ 53 if (purefastpath || policyfastpath) { 54 if (policyfastpath && 55 pkcs11_is_dismech(fast_slot, pMechanism->mechanism)) { 56 return (CKR_MECHANISM_INVALID); 57 } 58 return (fast_funcs->C_EncryptInit(hSession, pMechanism, hKey)); 59 } 60 61 if (!pkcs11_initialized) { 62 return (CKR_CRYPTOKI_NOT_INITIALIZED); 63 } 64 65 /* Obtain the session pointer */ 66 HANDLE2SESSION(hSession, sessp, rv); 67 68 if (rv != CKR_OK) { 69 return (rv); 70 } 71 72 slotid = sessp->se_slotid; 73 74 /* Make sure this is not a disabled mechanism */ 75 if (pkcs11_is_dismech(slotid, pMechanism->mechanism)) { 76 return (CKR_MECHANISM_INVALID); 77 } 78 79 /* Initialize the digest with the underlying provider */ 80 rv = FUNCLIST(slotid)->C_EncryptInit(sessp->se_handle, 81 pMechanism, hKey); 82 83 /* Present consistent interface to the application */ 84 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 85 return (CKR_FUNCTION_FAILED); 86 } 87 88 return (rv); 89 } 90 91 /* 92 * C_Encrypt is a pure wrapper to the underlying provider. 93 * The only argument checked is whether or not hSession is valid. 94 */ 95 CK_RV 96 C_Encrypt(CK_SESSION_HANDLE hSession, 97 CK_BYTE_PTR pData, 98 CK_ULONG ulDataLen, 99 CK_BYTE_PTR pEncryptedData, 100 CK_ULONG_PTR pulEncryptedDataLen) 101 { 102 CK_RV rv; 103 pkcs11_session_t *sessp; 104 105 /* Check for a fastpath */ 106 if (purefastpath || policyfastpath) { 107 return (fast_funcs->C_Encrypt(hSession, pData, ulDataLen, 108 pEncryptedData, pulEncryptedDataLen)); 109 } 110 111 if (!pkcs11_initialized) { 112 return (CKR_CRYPTOKI_NOT_INITIALIZED); 113 } 114 115 /* Obtain the session pointer */ 116 HANDLE2SESSION(hSession, sessp, rv); 117 118 if (rv != CKR_OK) { 119 return (rv); 120 } 121 122 /* Initialize the digest with the underlying provider */ 123 rv = FUNCLIST(sessp->se_slotid)->C_Encrypt(sessp->se_handle, pData, 124 ulDataLen, pEncryptedData, pulEncryptedDataLen); 125 126 /* Present consistent interface to the application */ 127 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 128 return (CKR_FUNCTION_FAILED); 129 } 130 131 return (rv); 132 } 133 134 /* 135 * C_EncryptUpdate is a pure wrapper to the underlying provider. 136 * The only argument checked is whether or not hSession is valid. 137 */ 138 CK_RV 139 C_EncryptUpdate(CK_SESSION_HANDLE hSession, 140 CK_BYTE_PTR pPart, 141 CK_ULONG ulPartLen, 142 CK_BYTE_PTR pEncryptedPart, 143 CK_ULONG_PTR pulEncryptedPartLen) 144 { 145 CK_RV rv; 146 pkcs11_session_t *sessp; 147 148 /* Check for a fastpath */ 149 if (purefastpath || policyfastpath) { 150 return (fast_funcs->C_EncryptUpdate(hSession, pPart, ulPartLen, 151 pEncryptedPart, pulEncryptedPartLen)); 152 } 153 154 if (!pkcs11_initialized) { 155 return (CKR_CRYPTOKI_NOT_INITIALIZED); 156 } 157 158 /* Obtain the session pointer */ 159 HANDLE2SESSION(hSession, sessp, rv); 160 161 if (rv != CKR_OK) { 162 return (rv); 163 } 164 165 /* Initialize the digest with the underlying provider */ 166 rv = FUNCLIST(sessp->se_slotid)->C_EncryptUpdate(sessp->se_handle, 167 pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen); 168 169 /* Present consistent interface to the application */ 170 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 171 return (CKR_FUNCTION_FAILED); 172 } 173 174 return (rv); 175 } 176 177 /* 178 * C_EncryptFinal is a pure wrapper to the underlying provider. 179 * The only argument checked is whether or not hSession is valid. 180 */ 181 CK_RV 182 C_EncryptFinal(CK_SESSION_HANDLE hSession, 183 CK_BYTE_PTR pLastEncryptedPart, 184 CK_ULONG_PTR pulLastEncryptedPartLen) 185 { 186 CK_RV rv; 187 pkcs11_session_t *sessp; 188 189 /* Check for a fastpath */ 190 if (purefastpath || policyfastpath) { 191 return (fast_funcs->C_EncryptFinal(hSession, 192 pLastEncryptedPart, pulLastEncryptedPartLen)); 193 } 194 195 if (!pkcs11_initialized) { 196 return (CKR_CRYPTOKI_NOT_INITIALIZED); 197 } 198 199 /* Obtain the session pointer */ 200 HANDLE2SESSION(hSession, sessp, rv); 201 202 if (rv != CKR_OK) { 203 return (rv); 204 } 205 206 /* Initialize the digest with the underlying provider */ 207 rv = FUNCLIST(sessp->se_slotid)->C_EncryptFinal(sessp->se_handle, 208 pLastEncryptedPart, pulLastEncryptedPartLen); 209 210 /* Present consistent interface to the application */ 211 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 212 return (CKR_FUNCTION_FAILED); 213 } 214 215 return (rv); 216 } 217 218 /* 219 * C_DecryptInit will verify that the session handle is valid within 220 * the framework, that the mechanism is not disabled for the slot 221 * associated with this session, and then redirect to the underlying 222 * provider. Policy is checked for C_DecryptInit, and not C_Decrypt 223 * or C_DecryptUpdate, since C_DecryptInit is required to be called 224 * before C_Decrypt and C_DecryptUpdate. 225 */ 226 CK_RV 227 C_DecryptInit(CK_SESSION_HANDLE hSession, 228 CK_MECHANISM_PTR pMechanism, 229 CK_OBJECT_HANDLE hKey) 230 { 231 CK_RV rv; 232 pkcs11_session_t *sessp; 233 CK_SLOT_ID slotid; 234 235 /* Check for a fastpath */ 236 if (purefastpath || policyfastpath) { 237 if (policyfastpath && 238 pkcs11_is_dismech(fast_slot, pMechanism->mechanism)) { 239 return (CKR_MECHANISM_INVALID); 240 } 241 return (fast_funcs->C_DecryptInit(hSession, pMechanism, hKey)); 242 } 243 244 if (!pkcs11_initialized) { 245 return (CKR_CRYPTOKI_NOT_INITIALIZED); 246 } 247 248 /* Obtain the session pointer */ 249 HANDLE2SESSION(hSession, sessp, rv); 250 251 if (rv != CKR_OK) { 252 return (rv); 253 } 254 255 slotid = sessp->se_slotid; 256 257 /* Make sure this is not a disabled mechanism */ 258 if (pkcs11_is_dismech(slotid, pMechanism->mechanism)) { 259 return (CKR_MECHANISM_INVALID); 260 } 261 262 /* Initialize the digest with the underlying provider */ 263 rv = FUNCLIST(slotid)->C_DecryptInit(sessp->se_handle, 264 pMechanism, hKey); 265 266 /* Present consistent interface to the application */ 267 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 268 return (CKR_FUNCTION_FAILED); 269 } 270 271 return (rv); 272 } 273 274 /* 275 * C_Decrypt is a pure wrapper to the underlying provider. 276 * The only argument checked is whether or not hSession is valid. 277 */ 278 CK_RV 279 C_Decrypt(CK_SESSION_HANDLE hSession, 280 CK_BYTE_PTR pEncryptedData, 281 CK_ULONG ulEncryptedDataLen, 282 CK_BYTE_PTR pData, 283 CK_ULONG_PTR pulDataLen) 284 { 285 CK_RV rv; 286 pkcs11_session_t *sessp; 287 288 /* Check for a fastpath */ 289 if (purefastpath || policyfastpath) { 290 return (fast_funcs->C_Decrypt(hSession, pEncryptedData, 291 ulEncryptedDataLen, pData, pulDataLen)); 292 } 293 294 if (!pkcs11_initialized) { 295 return (CKR_CRYPTOKI_NOT_INITIALIZED); 296 } 297 298 /* Obtain the session pointer */ 299 HANDLE2SESSION(hSession, sessp, rv); 300 301 if (rv != CKR_OK) { 302 return (rv); 303 } 304 305 /* Initialize the digest with the underlying provider */ 306 rv = FUNCLIST(sessp->se_slotid)->C_Decrypt(sessp->se_handle, 307 pEncryptedData, ulEncryptedDataLen, pData, pulDataLen); 308 309 /* Present consistent interface to the application */ 310 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 311 return (CKR_FUNCTION_FAILED); 312 } 313 314 return (rv); 315 } 316 317 /* 318 * C_DecryptUpdate is a pure wrapper to the underlying provider. 319 * The only argument checked is whether or not hSession is valid. 320 */ 321 CK_RV 322 C_DecryptUpdate(CK_SESSION_HANDLE hSession, 323 CK_BYTE_PTR pEncryptedPart, 324 CK_ULONG ulEncryptedPartLen, 325 CK_BYTE_PTR pPart, 326 CK_ULONG_PTR pulPartLen) 327 { 328 CK_RV rv; 329 pkcs11_session_t *sessp; 330 331 /* Check for a fastpath */ 332 if (purefastpath || policyfastpath) { 333 return (fast_funcs->C_DecryptUpdate(hSession, pEncryptedPart, 334 ulEncryptedPartLen, pPart, pulPartLen)); 335 } 336 337 if (!pkcs11_initialized) { 338 return (CKR_CRYPTOKI_NOT_INITIALIZED); 339 } 340 341 /* Obtain the session pointer */ 342 HANDLE2SESSION(hSession, sessp, rv); 343 344 if (rv != CKR_OK) { 345 return (rv); 346 } 347 348 /* Initialize the digest with the underlying provider */ 349 rv = FUNCLIST(sessp->se_slotid)->C_DecryptUpdate(sessp->se_handle, 350 pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen); 351 352 /* Present consistent interface to the application */ 353 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 354 return (CKR_FUNCTION_FAILED); 355 } 356 357 return (rv); 358 } 359 360 /* 361 * C_DecryptFinal is a pure wrapper to the underlying provider. 362 * The only argument checked is whether or not hSession is valid. 363 */ 364 CK_RV 365 C_DecryptFinal(CK_SESSION_HANDLE hSession, 366 CK_BYTE_PTR pLastPart, 367 CK_ULONG_PTR pulLastPartLen) 368 { 369 CK_RV rv; 370 pkcs11_session_t *sessp; 371 372 /* Check for a fastpath */ 373 if (purefastpath || policyfastpath) { 374 return (fast_funcs->C_DecryptFinal(hSession, pLastPart, 375 pulLastPartLen)); 376 } 377 378 if (!pkcs11_initialized) { 379 return (CKR_CRYPTOKI_NOT_INITIALIZED); 380 } 381 382 /* Obtain the session pointer */ 383 HANDLE2SESSION(hSession, sessp, rv); 384 385 if (rv != CKR_OK) { 386 return (rv); 387 } 388 389 /* Initialize the digest with the underlying provider */ 390 rv = FUNCLIST(sessp->se_slotid)->C_DecryptFinal(sessp->se_handle, 391 pLastPart, pulLastPartLen); 392 393 /* Present consistent interface to the application */ 394 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 395 return (CKR_FUNCTION_FAILED); 396 } 397 398 return (rv); 399 } 400
Indexes created Sat Nov 28 01:19:25 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.