mech_aes.c

IBM的Linux上的PKCS#11实现

   }
   rc = template_attribute_find( key->template, CKA_KEY_TYPE, &attr );
   if (rc == FALSE){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   keytype = *(CK_KEY_TYPE *)attr->pValue;

   rc = template_attribute_find( key->template, CKA_VALUE, &attr );
   if (rc == FALSE){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   
   memcpy( key_value, attr->pValue, attr->ulValueLen );

   context = (AES_CONTEXT *)ctx->context;

   // there will never be more than one block in the context buffer
   // so the amount of output is as follows:
   //    if less than 1 block stored, we generate one block of output
   //    if a full block is stored, we generate two blocks of output (one pad block)
   //
   if (context->len == AES_BLOCK_SIZE)
      out_len = 2 * AES_BLOCK_SIZE;
   else
      out_len = AES_BLOCK_SIZE;

   if (length_only == TRUE) {
      *out_data_len = out_len;
      return CKR_OK;
   }
   else {
      memcpy( clear, context->data, context->len );

      add_pkcs_padding( clear + context->len,
                        AES_BLOCK_SIZE,
                        context->len,
                        out_len );

      rc = ckm_aes_cbc_encrypt( clear,     out_len,
                                out_data,  out_data_len,
                                ctx->mech.pParameter,
                                key_value, attr->ulValueLen );
      if (rc != CKR_OK) 
         st_err_log(105, __FILE__, __LINE__);
      
      return rc;
   }
}


//
//
CK_RV
aes_cbc_pad_decrypt_final( SESSION           *sess,
                           CK_BBOOL           length_only,
                           ENCR_DECR_CONTEXT *ctx,
                           CK_BYTE           *out_data,
                           CK_ULONG          *out_data_len )
{
   AES_CONTEXT    *context   = NULL;
   OBJECT         *key       = NULL;
   CK_ATTRIBUTE   *attr      = NULL;
   CK_BYTE         clear[AES_BLOCK_SIZE];
   CK_BYTE         key_value[AES_KEY_SIZE_256];
   CK_KEY_TYPE     keytype;
   CK_ULONG        out_len;
   CK_RV           rc;

   if (!sess || !ctx || !out_data_len){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   rc = object_mgr_find_in_map1( ctx->key, &key );
   if (rc != CKR_OK){
      st_err_log(110, __FILE__, __LINE__);
      return rc;
   }
   rc = template_attribute_find( key->template, CKA_KEY_TYPE, &attr );
   if (rc == FALSE){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   keytype = *(CK_KEY_TYPE *)attr->pValue;

   rc = template_attribute_find( key->template, CKA_VALUE, &attr );
   if (rc == FALSE){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   
   memcpy( key_value, attr->pValue, attr->ulValueLen );

   context = (AES_CONTEXT *)ctx->context;

   // there had better be a full block in the context buffer
   //
   if (context->len != AES_BLOCK_SIZE){
      st_err_log(112, __FILE__, __LINE__);
      return CKR_ENCRYPTED_DATA_LEN_RANGE;
   }
   // we don't know a priori how much data we'll be returning.  we won't
   // know until after we decrypt it and strip the padding.  it's possible
   // that we'll return nothing (the final block might be a padding block).
   //
   out_len = AES_BLOCK_SIZE;  // upper bound on what we'll return

   if (length_only == TRUE) {
      *out_data_len = out_len;
      return CKR_OK;
   }
   else {
      rc = ckm_aes_cbc_decrypt( context->data, AES_BLOCK_SIZE,
                                 clear,        &out_len,
                                 ctx->mech.pParameter,
                                 key_value, attr->ulValueLen );

      if (rc == CKR_OK) {
         strip_pkcs_padding( clear, out_len, &out_len );

         if (out_len != 0)
            memcpy( out_data, clear, out_len );

         *out_data_len = out_len;
      }
      else
         st_err_log(106, __FILE__, __LINE__);
      return rc;
   }
}


//
// mechanisms
//


//
//
CK_RV
ckm_aes_key_gen( TEMPLATE *tmpl )
{

   CK_ATTRIBUTE     * value_attr    = NULL;
   CK_ATTRIBUTE     * key_type_attr = NULL;
   CK_ATTRIBUTE     * class_attr    = NULL;
   CK_ATTRIBUTE     * local_attr    = NULL;
   CK_ATTRIBUTE     * val_len_attr  = NULL;
   CK_BYTE          * aes_key       = NULL;
   CK_ULONG           rc	    = CKR_OK;
   CK_ULONG	      key_size;
   CK_BBOOL	      found	    = FALSE;


   found = template_attribute_find( tmpl, CKA_VALUE_LEN, &val_len_attr );
   if (found == FALSE)
      return CKR_TEMPLATE_INCONSISTENT;
      
   key_size = *(CK_ULONG *)val_len_attr->pValue;
   if (key_size != AES_KEY_SIZE_128 &&
       key_size != AES_KEY_SIZE_192 &&
       key_size != AES_KEY_SIZE_256) {
	   return CKR_ATTRIBUTE_VALUE_INVALID;
   }
   
   if ((aes_key = (CK_BYTE *)malloc(key_size)) == NULL) {
      st_err_log(1, __FILE__, __LINE__);
      return CKR_HOST_MEMORY;
   }
   
   rc = token_specific.t_aes_key_gen(aes_key, key_size);
   
   if (rc != CKR_OK)
      return rc;

   value_attr    = (CK_ATTRIBUTE *)malloc(sizeof(CK_ATTRIBUTE) + key_size );
   key_type_attr = (CK_ATTRIBUTE *)malloc(sizeof(CK_ATTRIBUTE) + sizeof(CK_KEY_TYPE) );
   class_attr    = (CK_ATTRIBUTE *)malloc(sizeof(CK_ATTRIBUTE) + sizeof(CK_OBJECT_CLASS) );
   local_attr    = (CK_ATTRIBUTE *)malloc(sizeof(CK_ATTRIBUTE) + sizeof(CK_BBOOL) );

   if (!value_attr || !key_type_attr || !class_attr || !local_attr) {
      if (value_attr)    free( value_attr );
      if (key_type_attr) free( key_type_attr );
      if (class_attr)    free( class_attr );
      if (local_attr)    free( local_attr );

      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }

   value_attr->type         = CKA_VALUE;
   value_attr->ulValueLen   = key_size;
   value_attr->pValue       = (CK_BYTE *)value_attr + sizeof(CK_ATTRIBUTE);
   memcpy( value_attr->pValue, aes_key, key_size );
   
   free(aes_key);

   key_type_attr->type         = CKA_KEY_TYPE;
   key_type_attr->ulValueLen   = sizeof(CK_KEY_TYPE);
   key_type_attr->pValue       = (CK_BYTE *)key_type_attr + sizeof(CK_ATTRIBUTE);
   *(CK_KEY_TYPE *)key_type_attr->pValue = CKK_AES;

   class_attr->type         = CKA_CLASS;
   class_attr->ulValueLen   = sizeof(CK_OBJECT_CLASS);
   class_attr->pValue       = (CK_BYTE *)class_attr + sizeof(CK_ATTRIBUTE);
   *(CK_OBJECT_CLASS *)class_attr->pValue = CKO_SECRET_KEY;

   local_attr->type         = CKA_LOCAL;
   local_attr->ulValueLen   = sizeof(CK_BBOOL);
   local_attr->pValue       = (CK_BYTE *)local_attr + sizeof(CK_ATTRIBUTE);
   *(CK_BBOOL *)local_attr->pValue = TRUE;

   template_update_attribute( tmpl, value_attr );
   template_update_attribute( tmpl, key_type_attr );
   template_update_attribute( tmpl, class_attr );
   template_update_attribute( tmpl, local_attr );

   return CKR_OK;
}


//
//
CK_RV
ckm_aes_ecb_encrypt( CK_BYTE     * in_data,
                     CK_ULONG      in_data_len,
                     CK_BYTE     * out_data,
                     CK_ULONG    * out_data_len,
                     CK_BYTE     * key_value,
		     CK_ULONG      key_len )
{
   CK_ULONG         rc;

   if (!in_data || !out_data || !key_value){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   if (*out_data_len < in_data_len){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }

   rc = token_specific.t_aes_ecb(in_data,in_data_len,
				 out_data,out_data_len,
				 key_value,key_len,1);
   
   if (rc != CKR_OK)
      st_err_log(120, __FILE__, __LINE__);
   return rc;
}


//
//
CK_RV
ckm_aes_ecb_decrypt( CK_BYTE     * in_data,
                     CK_ULONG      in_data_len,
                     CK_BYTE     * out_data,
                     CK_ULONG    * out_data_len,
                     CK_BYTE     * key_value,
	             CK_ULONG      key_len )
{
   CK_ULONG         rc;


   if (!in_data || !out_data || !key_value){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   if (*out_data_len < in_data_len){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   
   rc = token_specific.t_aes_ecb(in_data,in_data_len,
		      		 out_data,out_data_len,
				 key_value,key_len,0);
   
   if (rc != CKR_OK)
      st_err_log(120, __FILE__, __LINE__);

   return rc;
}


//
//
CK_RV
ckm_aes_cbc_encrypt( CK_BYTE     * in_data,
                     CK_ULONG      in_data_len,
                     CK_BYTE     * out_data,
                     CK_ULONG    * out_data_len,
                     CK_BYTE     * init_v,
                     CK_BYTE     * key_value,
	             CK_ULONG      key_len )
{
   CK_ULONG         rc;

   if (!in_data || !out_data || !init_v || !key_value){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   if (*out_data_len < in_data_len){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   
   rc = token_specific.t_aes_cbc(in_data, in_data_len,
		      		 out_data,out_data_len,
			       	 key_value,key_len,
				 init_v,1);

   if (rc != CKR_OK)
      st_err_log(119, __FILE__, __LINE__);
   return rc;
}


//
//
CK_RV
ckm_aes_cbc_decrypt( CK_BYTE     * in_data,
                     CK_ULONG      in_data_len,
                     CK_BYTE     * out_data,
                     CK_ULONG    * out_data_len,
                     CK_BYTE     * init_v,
                     CK_BYTE     * key_value,
	             CK_ULONG      key_len )
{
   CK_ULONG         rc;

   if (!in_data || !out_data || !init_v || !key_value){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   if (*out_data_len < in_data_len){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   
   rc = token_specific.t_aes_cbc(in_data, in_data_len,
		      		 out_data, out_data_len,
			       	 key_value,key_len,
				 init_v,0);
   
   if (rc != CKR_OK)
      st_err_log(119, __FILE__, __LINE__);
   return rc;
}

//
//
CK_RV
ckm_aes_wrap_format( CK_BBOOL    length_only,
                     CK_BYTE  ** data,
                     CK_ULONG  * data_len )
{
   CK_BYTE   * ptr = NULL;
   CK_ULONG    len1, len2;


   len1 = *data_len;

   // if the input key data isn't a multiple of the blocksize,
   // we pad with NULLs to the next blocksize multiple.
   //
   if (len1 % AES_BLOCK_SIZE != 0) {
      len2 = AES_BLOCK_SIZE * ((len1 / AES_BLOCK_SIZE) + 1);

      if (length_only == FALSE) {
         ptr = (CK_BYTE *)realloc(*data, len2);
         if (!ptr){
            st_err_log(0, __FILE__, __LINE__);
            return CKR_HOST_MEMORY;
         }
         else
            memset( ptr + len1, 0x0, (len2 - len1) );

         *data     = ptr;
         *data_len = len2;
      }
   }

   return CKR_OK;
}