mech_rsa.c

IBM的Linux上的PKCS#11实现

   if (length_only == TRUE) {
      *out_data_len = modulus_bytes;
      return CKR_OK;
   }

   if (*out_data_len < modulus_bytes) {
      *out_data_len = modulus_bytes;
      st_err_log(111, __FILE__, __LINE__);
      return CKR_BUFFER_TOO_SMALL;
   }

   rc = rsa_format_block( in_data, in_data_len, clear, modulus_bytes, PKCS_BT_2 );
   if (rc != CKR_OK){
      st_err_log(131, __FILE__, __LINE__);
      return rc;
   }
   rc = ckm_rsa_encrypt( clear, modulus_bytes, cipher, key_obj );
   if (rc == CKR_OK) {
      memcpy( out_data, cipher, modulus_bytes );
      *out_data_len = modulus_bytes;
   }
   else
      st_err_log(132, __FILE__, __LINE__);
   return rc;
}


//
//
CK_RV
rsa_pkcs_decrypt( SESSION           *sess,
                  CK_BBOOL           length_only,
                  ENCR_DECR_CONTEXT *ctx,
                  CK_BYTE           *in_data,
                  CK_ULONG           in_data_len,
                  CK_BYTE           *out_data,
                  CK_ULONG          *out_data_len )
{
   OBJECT          *key_obj  = NULL;
   CK_ATTRIBUTE    *attr     = NULL;
   CK_BYTE          out[256];  // 2048 bits
   CK_ULONG         i, modulus_bytes;
   CK_BBOOL         flag;
   CK_RV            rc;


   rc = object_mgr_find_in_map1( ctx->key, &key_obj );
   if (rc != CKR_OK){
      st_err_log(110, __FILE__, __LINE__);
      return rc;
   }
   modulus_bytes = rsa_get_key_len(key_obj);

   // check input data length restrictions
   //
   if (in_data_len != modulus_bytes){
      st_err_log(112, __FILE__, __LINE__);
      return CKR_ENCRYPTED_DATA_LEN_RANGE;
   }
   if (length_only == TRUE) {
      // this is not exact but it's the upper bound; otherwise we'll need
      // to do the RSA operation just to get the required length
      //
      *out_data_len = modulus_bytes - 11;
      return CKR_OK;
   }

   rc = ckm_rsa_decrypt( in_data, modulus_bytes, out, key_obj );
   if (rc == CKR_OK) {
      CK_ULONG len;

      // strip off the PKCS block formatting data
      //
      // 00 | BT | PADDING | 00 | DATA
      //
      for (i=2; i < in_data_len; i++) {
         if (out[i] == 0x0) {
            i++;  // point i at the first data byte
            break;
         }
      }

      if (i == in_data_len){
         st_err_log(14, __FILE__, __LINE__);
         return CKR_ENCRYPTED_DATA_INVALID;
      }
      len = in_data_len - i;

      if (len > *out_data_len) {
         *out_data_len = len;
         st_err_log(111, __FILE__, __LINE__);
         return CKR_BUFFER_TOO_SMALL;
      }

      memcpy( out_data, &out[i], len );
      *out_data_len = len;
   }
   else 
      st_err_log(133, __FILE__, __LINE__);

   if (rc == CKR_DATA_LEN_RANGE){
      st_err_log(109, __FILE__, __LINE__);
      return CKR_ENCRYPTED_DATA_LEN_RANGE;
   }
   return rc;
}


//
//
CK_RV
rsa_pkcs_sign( SESSION             *sess,
               CK_BBOOL             length_only,
               SIGN_VERIFY_CONTEXT *ctx,
               CK_BYTE             *in_data,
               CK_ULONG             in_data_len,
               CK_BYTE             *out_data,
               CK_ULONG            *out_data_len )
{
   OBJECT          *key_obj   = NULL;
   CK_ATTRIBUTE    *attr      = NULL;
   CK_BYTE          data[256], sig[256];  // max size: 256 bytes == 2048 bits
   CK_ULONG         modulus_bytes;
   CK_BBOOL         flag;
   CK_RV            rc;


   if (!sess || !ctx || !out_data_len){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   rc = object_mgr_find_in_map1( ctx->key, &key_obj );
   if (rc != CKR_OK){
      st_err_log(110, __FILE__, __LINE__);
      return rc;
   }
   modulus_bytes = rsa_get_key_len(key_obj);

   // check input data length restrictions
   //
   if (in_data_len > (modulus_bytes - 11)){
      st_err_log(109, __FILE__, __LINE__);
      return CKR_DATA_LEN_RANGE;
   }
   if (length_only == TRUE) {
      *out_data_len = modulus_bytes;
      return CKR_OK;
   }

   if (*out_data_len < modulus_bytes) {
      *out_data_len = modulus_bytes;
      st_err_log(111, __FILE__, __LINE__);
      return CKR_BUFFER_TOO_SMALL;
   }

   rc = rsa_format_block( in_data, in_data_len, data, modulus_bytes, PKCS_BT_1 );
   if (rc != CKR_OK){
      st_err_log(131, __FILE__, __LINE__);
      return rc;
   }
   // signing is a private key operation --> decrypt
   //
   rc = ckm_rsa_decrypt( data, modulus_bytes, sig, key_obj );
   if (rc == CKR_OK) {
      memcpy( out_data, sig, modulus_bytes );
      *out_data_len = modulus_bytes;
   }
   else
      st_err_log(133, __FILE__, __LINE__);
   return rc;
}


//
//
CK_RV
rsa_pkcs_verify( SESSION             * sess,
                 SIGN_VERIFY_CONTEXT * ctx,
                 CK_BYTE             * in_data,
                 CK_ULONG              in_data_len,
                 CK_BYTE             * signature,
                 CK_ULONG              sig_len )
{
   OBJECT          *key_obj  = NULL;
   CK_ATTRIBUTE    *attr     = NULL;
   CK_BYTE          out[256];  // 2048 bits
   CK_ULONG         i, modulus_bytes;
   CK_BBOOL         flag;
   CK_RV            rc;


   rc = object_mgr_find_in_map1( ctx->key, &key_obj );
   if (rc != CKR_OK){
      st_err_log(110, __FILE__, __LINE__);
      return rc;
   }
   flag = template_attribute_find( key_obj->template, CKA_MODULUS, &attr );
   if (flag == FALSE){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   else
      modulus_bytes = attr->ulValueLen;

   // check input data length restrictions
   //
   if (sig_len != modulus_bytes){
      st_err_log(46, __FILE__, __LINE__);
      return CKR_SIGNATURE_LEN_RANGE;
   }
   // verifying is a public key operation --> encrypt
   //
   rc = ckm_rsa_encrypt( signature, modulus_bytes, out, key_obj );
   if (rc == CKR_OK) {
      CK_ULONG len;

      // skip past the PKCS block formatting data
      //
      // 00 | BT | PADDING | 00 | DATA
      //
      for (i=2; i < modulus_bytes; i++) {
         if (out[i] == 0x0) {
            i++;  // point i at the first data byte
            break;
         }
      }

      len = modulus_bytes - i;

      if (len != in_data_len){
         st_err_log(47, __FILE__, __LINE__);
         return CKR_SIGNATURE_INVALID;
      }

      if (memcmp(in_data, &out[i], len) != 0){
         st_err_log(47, __FILE__, __LINE__);
         return CKR_SIGNATURE_INVALID;
      }
      return CKR_OK;
   }
   else
      st_err_log(132, __FILE__, __LINE__);

   return rc;
}


//
//
CK_RV
rsa_pkcs_verify_recover( SESSION             * sess,
                         CK_BBOOL              length_only,
                         SIGN_VERIFY_CONTEXT * ctx,
                         CK_BYTE             * signature,
                         CK_ULONG              sig_len,
                         CK_BYTE             * out_data,
                         CK_ULONG            * out_data_len )
{
   OBJECT          *key_obj  = NULL;
   CK_ATTRIBUTE    *attr     = NULL;
   CK_BYTE          out[256];  // 2048 bits
   CK_ULONG         i, modulus_bytes;
   CK_BBOOL         flag;
   CK_RV            rc;


   if (!sess || !ctx || !out_data_len){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   rc = object_mgr_find_in_map1( ctx->key, &key_obj );
   if (rc != CKR_OK){
      st_err_log(110, __FILE__, __LINE__);
      return rc;
   }
   flag = template_attribute_find( key_obj->template, CKA_MODULUS, &attr );
   if (flag == FALSE){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   else
      modulus_bytes = attr->ulValueLen;

   // check input data length restrictions
   //
   if (sig_len != modulus_bytes){
      st_err_log(46, __FILE__, __LINE__);
      return CKR_SIGNATURE_LEN_RANGE;
   }
   if (length_only == TRUE) {
      *out_data_len = modulus_bytes - 11;
      return CKR_OK;
   }

   // verify is a public key operation --> encrypt
   //
   rc = ckm_rsa_encrypt( signature, modulus_bytes, out, key_obj );
   if (rc == CKR_OK) {
      CK_ULONG len;

      // skip past the PKCS block formatting data
      //
      // 00 | BT | PADDING | 00 | DATA
      //
      for (i=2; i < modulus_bytes; i++) {
         if (out[i] == 0x0) {
            i++;  // point i at the first data byte
            break;
         }
      }

      len = modulus_bytes - i;

      if (*out_data_len < len) {
         *out_data_len = len;
         st_err_log(111, __FILE__, __LINE__);
         return CKR_BUFFER_TOO_SMALL;
      }

      memcpy( out_data, &out[i], len );
      *out_data_len = len;

      return CKR_OK;
   }
   else
      st_err_log(132, __FILE__, __LINE__);

   return rc;
}


//
//
CK_RV
rsa_x509_encrypt( SESSION           *sess,
                  CK_BBOOL           length_only,
                  ENCR_DECR_CONTEXT *ctx,
                  CK_BYTE           *in_data,
                  CK_ULONG           in_data_len,
                  CK_BYTE           *out_data,
                  CK_ULONG          *out_data_len )
{
   OBJECT          *key_obj  = NULL;
   CK_ATTRIBUTE    *attr     = NULL;
   CK_BYTE          clear[256], cipher[256];  // max size: 256 bytes == 2048 bits
   CK_ULONG         modulus_bytes;
   CK_BBOOL         flag;
   CK_RV            rc;


   rc = object_mgr_find_in_map1( ctx->key, &key_obj );
   if (rc != CKR_OK){
      st_err_log(110, __FILE__, __LINE__);
      return rc;
   }
   flag = template_attribute_find( key_obj->template, CKA_MODULUS, &attr );
   if (flag == FALSE){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
      return CKR_FUNCTION_FAILED;
   }
   else
      modulus_bytes = attr->ulValueLen;

   // CKM_RSA_X_509 requires input data length to be no bigger than the modulus
   //
   if (in_data_len > modulus_bytes){
      st_err_log(109, __FILE__, __LINE__);
      return CKR_DATA_LEN_RANGE;
   }
   if (length_only == TRUE) {
      *out_data_len = modulus_bytes;
      return CKR_OK;
   }

   if (*out_data_len < modulus_bytes) {
      *out_data_len = modulus_bytes;
      st_err_log(111, __FILE__, __LINE__);
      return CKR_BUFFER_TOO_SMALL;
   }

   // prepad with zeros
   //
   memset( clear, 0x0, modulus_bytes - in_data_len);
   memcpy( &clear[modulus_bytes - in_data_len], in_data, in_data_len );

   rc = ckm_rsa_encrypt( clear, modulus_bytes, cipher, key_obj );
   if (rc == CKR_OK) {
      memcpy( out_data, cipher, modulus_bytes );
      *out_data_len = modulus_bytes;
   }
   else
      st_err_log(132, __FILE__, __LINE__);

   return rc;
}


//
//
CK_RV
rsa_x509_decrypt( SESSION           *sess,
                  CK_BBOOL           length_only,
                  ENCR_DECR_CONTEXT *ctx,
                  CK_BYTE           *in_data,
                  CK_ULONG           in_data_len,
                  CK_BYTE           *out_data,
                  CK_ULONG          *out_data_len )
{
   OBJECT          *key_obj  = NULL;
   CK_ATTRIBUTE    *attr     = NULL;
   CK_BYTE          out[256];  // 2048 bits
   CK_ULONG         modulus_bytes;
   CK_BBOOL         flag;
   CK_RV            rc;


   rc = object_mgr_find_in_map1( ctx->key, &key_obj );
   if (rc != CKR_OK){
      st_err_log(110, __FILE__, __LINE__);
      return rc;
   }
#if 0
   flag = template_attribute_find( key_obj->template, CKA_MODULUS, &attr );
   if (flag == FALSE)
      return CKR_FUNCTION_FAILED;
   else
      modulus_bytes = attr->ulValueLen;
#else
   modulus_bytes = rsa_get_key_len(key_obj);
#endif

   // check input data length restrictions
   //
   if (in_data_len != modulus_bytes){
      st_err_log(112, __FILE__, __LINE__);
      return CKR_ENCRYPTED_DATA_LEN_RANGE;
   }
   if (length_only == TRUE) {
      *out_data_len = modulus_bytes;
      return CKR_OK;
   }