1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 2003 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 #include <security/cryptoki.h> 30 #include "pkcs11Global.h" 31 #include "pkcs11Conf.h" 32 #include "pkcs11Session.h" 33 #include "pkcs11Slot.h" 34 35 /* 36 * C_GenerateKey will verify that the session handle is valid within 37 * the framework, that the mechanism is not disabled for the slot 38 * associated with this session, and then redirect to the underlying 39 * provider. 40 */ 41 CK_RV 42 C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 43 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey) 44 { 45 CK_RV rv; 46 pkcs11_session_t *sessp; 47 CK_SLOT_ID slotid; 48 49 /* Check for a fastpath */ 50 if (purefastpath || policyfastpath) { 51 if (policyfastpath && 52 pkcs11_is_dismech(fast_slot, pMechanism->mechanism)) { 53 return (CKR_MECHANISM_INVALID); 54 } 55 return (fast_funcs->C_GenerateKey(hSession, pMechanism, 56 pTemplate, ulCount, phKey)); 57 } 58 59 if (!pkcs11_initialized) { 60 return (CKR_CRYPTOKI_NOT_INITIALIZED); 61 } 62 63 /* Obtain the session pointer */ 64 HANDLE2SESSION(hSession, sessp, rv); 65 66 if (rv != CKR_OK) { 67 return (rv); 68 } 69 70 slotid = sessp->se_slotid; 71 72 /* Make sure this is not a disabled mechanism */ 73 if (pkcs11_is_dismech(slotid, pMechanism->mechanism)) { 74 return (CKR_MECHANISM_INVALID); 75 } 76 77 /* Initialize the digest with the underlying provider */ 78 rv = FUNCLIST(slotid)->C_GenerateKey(sessp->se_handle, 79 pMechanism, pTemplate, ulCount, phKey); 80 81 /* Present consistent interface to the application */ 82 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 83 return (CKR_FUNCTION_FAILED); 84 } 85 86 return (rv); 87 88 } 89 90 /* 91 * C_GenerateKeyPair will verify that the session handle is valid within 92 * the framework, that the mechanism is not disabled for the slot 93 * associated with this session, and then redirect to the underlying 94 * provider. 95 */ 96 CK_RV 97 C_GenerateKeyPair(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 98 CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, 99 CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, 100 CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey) 101 { 102 CK_RV rv; 103 pkcs11_session_t *sessp; 104 CK_SLOT_ID slotid; 105 106 107 /* Check for a fastpath */ 108 if (purefastpath || policyfastpath) { 109 if (policyfastpath && 110 pkcs11_is_dismech(fast_slot, pMechanism->mechanism)) { 111 return (CKR_MECHANISM_INVALID); 112 } 113 return (fast_funcs->C_GenerateKeyPair(hSession, pMechanism, 114 pPublicKeyTemplate, ulPublicKeyAttributeCount, 115 pPrivateKeyTemplate, ulPrivateKeyAttributeCount, 116 phPublicKey, phPrivateKey)); 117 } 118 119 if (!pkcs11_initialized) { 120 return (CKR_CRYPTOKI_NOT_INITIALIZED); 121 } 122 123 /* Obtain the session pointer */ 124 HANDLE2SESSION(hSession, sessp, rv); 125 126 if (rv != CKR_OK) { 127 return (rv); 128 } 129 130 slotid = sessp->se_slotid; 131 132 /* Make sure this is not a disabled mechanism */ 133 if (pkcs11_is_dismech(slotid, pMechanism->mechanism)) { 134 return (CKR_MECHANISM_INVALID); 135 } 136 137 /* Initialize the digest with the underlying provider */ 138 rv = FUNCLIST(slotid)->C_GenerateKeyPair(sessp->se_handle, 139 pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, 140 pPrivateKeyTemplate, ulPrivateKeyAttributeCount, 141 phPublicKey, phPrivateKey); 142 143 /* Present consistent interface to the application */ 144 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 145 return (CKR_FUNCTION_FAILED); 146 } 147 148 return (rv); 149 } 150 151 /* 152 * C_WrapKey will verify that the session handle is valid within 153 * the framework, that the mechanism is not disabled for the slot 154 * associated with this session, and then redirect to the underlying 155 * provider. 156 */ 157 CK_RV 158 C_WrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 159 CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, 160 CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen) 161 { 162 CK_RV rv; 163 pkcs11_session_t *sessp; 164 CK_SLOT_ID slotid; 165 166 /* Check for a fastpath */ 167 if (purefastpath || policyfastpath) { 168 if (policyfastpath && 169 pkcs11_is_dismech(fast_slot, pMechanism->mechanism)) { 170 return (CKR_MECHANISM_INVALID); 171 } 172 return (fast_funcs->C_WrapKey(hSession, pMechanism, 173 hWrappingKey, hKey, pWrappedKey, 174 pulWrappedKeyLen)); 175 } 176 177 if (!pkcs11_initialized) { 178 return (CKR_CRYPTOKI_NOT_INITIALIZED); 179 } 180 181 /* Obtain the session pointer */ 182 HANDLE2SESSION(hSession, sessp, rv); 183 184 if (rv != CKR_OK) { 185 return (rv); 186 } 187 188 slotid = sessp->se_slotid; 189 190 /* Make sure this is not a disabled mechanism */ 191 if (pkcs11_is_dismech(slotid, pMechanism->mechanism)) { 192 return (CKR_MECHANISM_INVALID); 193 } 194 195 /* Initialize the digest with the underlying provider */ 196 rv = FUNCLIST(slotid)->C_WrapKey(sessp->se_handle, 197 pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen); 198 199 /* Present consistent interface to the application */ 200 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 201 return (CKR_FUNCTION_FAILED); 202 } 203 204 return (rv); 205 } 206 207 /* 208 * C_UnwrapKey will verify that the session handle is valid within 209 * the framework, that the mechanism is not disabled for the slot 210 * associated with this session, and then redirect to the underlying 211 * provider. 212 */ 213 CK_RV 214 C_UnwrapKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 215 CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey, 216 CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate, 217 CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey) 218 { 219 CK_RV rv; 220 pkcs11_session_t *sessp; 221 CK_SLOT_ID slotid; 222 223 /* Check for a fastpath */ 224 if (purefastpath || policyfastpath) { 225 if (policyfastpath && 226 pkcs11_is_dismech(fast_slot, pMechanism->mechanism)) { 227 return (CKR_MECHANISM_INVALID); 228 } 229 return (fast_funcs->C_UnwrapKey(hSession, pMechanism, 230 hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, 231 pTemplate, ulAttributeCount, phKey)); 232 } 233 234 if (!pkcs11_initialized) { 235 return (CKR_CRYPTOKI_NOT_INITIALIZED); 236 } 237 238 /* Obtain the session pointer */ 239 HANDLE2SESSION(hSession, sessp, rv); 240 241 if (rv != CKR_OK) { 242 return (rv); 243 } 244 245 slotid = sessp->se_slotid; 246 247 /* Make sure this is not a disabled mechanism */ 248 if (pkcs11_is_dismech(slotid, pMechanism->mechanism)) { 249 return (CKR_MECHANISM_INVALID); 250 } 251 252 /* Initialize the digest with the underlying provider */ 253 rv = FUNCLIST(slotid)->C_UnwrapKey(sessp->se_handle, 254 pMechanism, hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, 255 pTemplate, ulAttributeCount, phKey); 256 257 /* Present consistent interface to the application */ 258 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 259 return (CKR_FUNCTION_FAILED); 260 } 261 262 return (rv); 263 } 264 265 /* 266 * C_DeriveKey will verify that the session handle is valid within 267 * the framework, that the mechanism is not disabled for the slot 268 * associated with this session, and then redirect to the underlying 269 * provider. 270 */ 271 CK_RV 272 C_DeriveKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, 273 CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate, 274 CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey) 275 { 276 CK_RV rv; 277 pkcs11_session_t *sessp; 278 CK_SLOT_ID slotid; 279 280 /* Check for a fastpath */ 281 if (purefastpath || policyfastpath) { 282 if (policyfastpath && 283 pkcs11_is_dismech(fast_slot, pMechanism->mechanism)) { 284 return (CKR_MECHANISM_INVALID); 285 } 286 return (fast_funcs->C_DeriveKey(hSession, pMechanism, 287 hBaseKey, pTemplate, ulAttributeCount, phKey)); 288 } 289 290 if (!pkcs11_initialized) { 291 return (CKR_CRYPTOKI_NOT_INITIALIZED); 292 } 293 294 /* Obtain the session pointer */ 295 HANDLE2SESSION(hSession, sessp, rv); 296 297 if (rv != CKR_OK) { 298 return (rv); 299 } 300 301 slotid = sessp->se_slotid; 302 303 /* Make sure this is not a disabled mechanism */ 304 if (pkcs11_is_dismech(slotid, pMechanism->mechanism)) { 305 return (CKR_MECHANISM_INVALID); 306 } 307 308 /* Initialize the digest with the underlying provider */ 309 rv = FUNCLIST(slotid)->C_DeriveKey(sessp->se_handle, 310 pMechanism, hBaseKey, pTemplate, ulAttributeCount, phKey); 311 312 /* Present consistent interface to the application */ 313 if (rv == CKR_FUNCTION_NOT_SUPPORTED) { 314 return (CKR_FUNCTION_FAILED); 315 } 316 317 return (rv); 318 } 319
Indexes created Wed Nov 25 22:49:30 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.