template.c

IBM的Linux上的PKCS#11实现

               return CKR_ATTRIBUTE_VALUE_INVALID;  // unknown key type
         }

      case CKO_PRIVATE_KEY:
         switch (subclass)
         {
            case CKK_RSA:
               return rsa_priv_set_default_attributes( tmpl, mode );

            case CKK_DSA:
               return dsa_priv_set_default_attributes( tmpl, mode );

            case CKK_ECDSA:
               return ecdsa_priv_set_default_attributes( tmpl, mode );

            case CKK_DH:
               return dh_priv_set_default_attributes( tmpl, mode );

            case CKK_KEA:
               return kea_priv_set_default_attributes( tmpl, mode );

            default:
               st_err_log(9, __FILE__, __LINE__); 
               return CKR_ATTRIBUTE_VALUE_INVALID;  // unknown key type
         }

      case CKO_SECRET_KEY:
         switch (subclass)
         {
            case CKK_GENERIC_SECRET:
               return generic_secret_set_default_attributes( tmpl, mode );

            case CKK_RC2:
               return rc2_set_default_attributes( tmpl, mode );

            case CKK_RC4:
               return rc4_set_default_attributes( tmpl, mode );

            case CKK_RC5:
               return rc5_set_default_attributes( tmpl, mode );

            case CKK_DES:
               return des_set_default_attributes( tmpl, mode );

            case CKK_DES2:
               return des2_set_default_attributes( tmpl, mode );

            case CKK_DES3:
               return des3_set_default_attributes( tmpl, mode );

            case CKK_CAST:
               return cast_set_default_attributes( tmpl, mode );

            case CKK_CAST3:
               return cast3_set_default_attributes( tmpl, mode );

            case CKK_CAST5:
               return cast5_set_default_attributes( tmpl, mode );

            case CKK_IDEA:
               return idea_set_default_attributes( tmpl, mode );

#if !(NOCDMF)
            case CKK_CDMF:
               return cdmf_set_default_attributes( tmpl, mode );
#endif

            case CKK_SKIPJACK:
               return skipjack_set_default_attributes( tmpl, mode );

            case CKK_BATON:
               return baton_set_default_attributes( tmpl, mode );

            case CKK_JUNIPER:
               return juniper_set_default_attributes( tmpl, mode );

	    case CKK_AES:
	       return aes_set_default_attributes( tmpl, mode );

            default:
               st_err_log(9, __FILE__, __LINE__); 
               return CKR_ATTRIBUTE_VALUE_INVALID;  // unknown key type
         }

      case CKO_HW_FEATURE:
	 switch (subclass) 
	 {
	    case CKH_CLOCK:
	       return clock_set_default_attributes( tmpl, mode );

	    case CKH_MONOTONIC_COUNTER:
	       return counter_set_default_attributes( tmpl, mode );

	    default:
	       st_err_log(9, __FILE__, __LINE__);
	       return CKR_ATTRIBUTE_VALUE_INVALID;
	 }

      case CKO_DOMAIN_PARAMETERS:
	 switch (subclass)
	 {
	    case CKK_DSA:
	       return dp_dsa_set_default_attributes( tmpl, mode );
		    
	    case CKK_DH:
	       return dp_dh_set_default_attributes( tmpl, mode );
	       
   	    case CKK_X9_42_DH:
	       return dp_x9dh_set_default_attributes( tmpl, mode );

	    default:
	       st_err_log(9, __FILE__, __LINE__);
	       return CKR_ATTRIBUTE_VALUE_INVALID;
	 }

      default:
         st_err_log(9, __FILE__, __LINE__); 
         return CKR_ATTRIBUTE_VALUE_INVALID;
   }
}


// template_attribute_find()
//
// find the attribute in the list and return its value
//
CK_BBOOL
template_attribute_find( TEMPLATE           * tmpl,
                         CK_ATTRIBUTE_TYPE    type,
                         CK_ATTRIBUTE      ** attr )
{
   DL_NODE      * node = NULL;
   CK_ATTRIBUTE * a    = NULL;

   if (!tmpl || !attr)
      return FALSE;

   node = tmpl->attribute_list;

   while (node != NULL) {
      a = (CK_ATTRIBUTE *)node->data;

      if (type == a->type) {
         *attr = a;
         return TRUE;
      }

      node = node->next;
   }

   *attr = NULL;
   return FALSE;
}


// template_attribute_find_multiple()
//
// find the attributes in the list and return their values
//
void
template_attribute_find_multiple( TEMPLATE             * tmpl,
                                  ATTRIBUTE_PARSE_LIST * parselist,
                                  CK_ULONG               plcount )
{
   CK_ATTRIBUTE  * attr = NULL;
   CK_ULONG        i;

   for (i = 0; i < plcount; i++) {
     parselist[i].found = template_attribute_find( tmpl, parselist[i].type, &attr );

     if (parselist[i].found && parselist[i].ptr != NULL)
       memcpy(parselist[i].ptr, attr->pValue, parselist[i].len );
   }
}


// template_check_required_attributes()
//
CK_RV
template_check_required_attributes( TEMPLATE  * tmpl,
                                    CK_ULONG    class,
                                    CK_ULONG    subclass,
                                    CK_ULONG    mode )
{
   if (class == CKO_DATA)
      return data_object_check_required_attributes( tmpl, mode );

   else if (class == CKO_CERTIFICATE)
   {
      if (subclass == CKC_X_509)
         return cert_x509_check_required_attributes( tmpl, mode );
      else
         return cert_vendor_check_required_attributes( tmpl, mode );
   }
   else if (class == CKO_PUBLIC_KEY)
   {
      switch (subclass)
      {
         case CKK_RSA:
            return rsa_publ_check_required_attributes( tmpl, mode );

         case CKK_DSA:
            return dsa_publ_check_required_attributes( tmpl, mode );

         case CKK_ECDSA:
            return ecdsa_publ_check_required_attributes( tmpl, mode );

         case CKK_DH:
            return dh_publ_check_required_attributes( tmpl, mode );

         case CKK_KEA:
            return kea_publ_check_required_attributes( tmpl, mode );

         default:
            st_err_log(9, __FILE__, __LINE__); 
            return CKR_ATTRIBUTE_VALUE_INVALID;  // unknown key type
      }
   }
   else if (class == CKO_PRIVATE_KEY)
   {
      switch (subclass)
      {
         case CKK_RSA:
            return rsa_priv_check_required_attributes( tmpl, mode );

         case CKK_DSA:
            return dsa_priv_check_required_attributes( tmpl, mode );

         case CKK_ECDSA:
            return ecdsa_priv_check_required_attributes( tmpl, mode );

         case CKK_DH:
            return dh_priv_check_required_attributes( tmpl, mode );

         case CKK_KEA:
            return kea_priv_check_required_attributes( tmpl, mode );

         default:
            st_err_log(9, __FILE__, __LINE__); 
            return CKR_ATTRIBUTE_VALUE_INVALID;  // unknown key type
      }
   }
   else if (class == CKO_SECRET_KEY)
   {
      switch (subclass)
      {
         case CKK_GENERIC_SECRET:
            return generic_secret_check_required_attributes( tmpl, mode );

         case CKK_RC2:
            return rc2_check_required_attributes( tmpl, mode );

         case CKK_RC4:
            return rc4_check_required_attributes( tmpl, mode );

         case CKK_RC5:
            return rc5_check_required_attributes( tmpl, mode );

         case CKK_DES:
            return des_check_required_attributes( tmpl, mode );

         case CKK_DES2:
            return des2_check_required_attributes( tmpl, mode );

         case CKK_DES3:
            return des3_check_required_attributes( tmpl, mode );

         case CKK_CAST:
            return cast_check_required_attributes( tmpl, mode );

         case CKK_CAST3:
            return cast3_check_required_attributes( tmpl, mode );

         case CKK_CAST5:
            return cast5_check_required_attributes( tmpl, mode );

         case CKK_IDEA:
            return idea_check_required_attributes( tmpl, mode );

#if !(NOCDMF)
         case CKK_CDMF:
            return cdmf_check_required_attributes( tmpl, mode );
#endif

         case CKK_SKIPJACK:
            return skipjack_check_required_attributes( tmpl, mode );

         case CKK_BATON:
            return baton_check_required_attributes( tmpl, mode );

         case CKK_JUNIPER:
            return juniper_check_required_attributes( tmpl, mode );

	 case CKK_AES:
	    return aes_check_required_attributes( tmpl, mode );

         default:
            st_err_log(9, __FILE__, __LINE__); 
            return CKR_ATTRIBUTE_VALUE_INVALID;  // unknown key type
      }
   }
   else if (class == CKO_HW_FEATURE)
   {
      switch (subclass)
      {
         case CKH_CLOCK:
            return clock_check_required_attributes( tmpl, mode );

         case CKH_MONOTONIC_COUNTER:
            return counter_check_required_attributes( tmpl, mode );

         default:
            st_err_log(9, __FILE__, __LINE__);
            return CKR_ATTRIBUTE_VALUE_INVALID;
      }
   }
   else if (class == CKO_DOMAIN_PARAMETERS)
   {
      switch (subclass)
      {
         case CKK_DSA:
            return dp_dsa_check_required_attributes( tmpl, mode );

	 case CKK_DH:
            return dp_dh_check_required_attributes( tmpl, mode );

         case CKK_X9_42_DH:
            return dp_x9dh_check_required_attributes( tmpl, mode );

         default:
            st_err_log(9, __FILE__, __LINE__);
            return CKR_ATTRIBUTE_VALUE_INVALID;
      }
   }

   st_err_log(9, __FILE__, __LINE__); 
   return CKR_ATTRIBUTE_VALUE_INVALID;   // default fallthru
}


// template_check_required_base_attributes()
//
// check to make sure that attributes required by Cryptoki are
// present.  does not check to see if the attribute makes sense
// for the particular object (that is done in the 'validate' routines)
//
CK_RV
template_check_required_base_attributes( TEMPLATE * tmpl,
                                         CK_ULONG   mode )
{
   CK_ATTRIBUTE  * attr;
   CK_BBOOL        found;

   found = template_attribute_find( tmpl, CKA_CLASS, &attr );
   if (mode == MODE_CREATE && found == FALSE)
      return CKR_TEMPLATE_INCOMPLETE;

   return CKR_OK;
}


// template_compare()
//
CK_BBOOL
template_compare( CK_ATTRIBUTE  * t1,
                  CK_ULONG        ulCount,
                  TEMPLATE      * t2 )
{
   CK_ATTRIBUTE  * attr1 = NULL;
   CK_ATTRIBUTE  * attr2 = NULL;
   CK_ULONG        i;
   CK_RV           rc;

   if (!t1 || !t2)
      return FALSE;

   attr1 = t1;

   for (i=0; i < ulCount; i++) {
      rc = template_attribute_find( t2, attr1->type, &attr2 );
      if (rc == FALSE)
         return FALSE;

      if (attr1->ulValueLen != attr2->ulValueLen)
         return FALSE;

      if (memcmp(attr1->pValue, attr2->pValue, attr1->ulValueLen) != 0)
         return FALSE;

      attr1++;
   }

   return TRUE;
}


// template_copy()
//
// This doesn't copy the template items verbatim.  The new template is in
// the reverse order of the old one.  This should not have any effect.
//
// This is very similar to template_merge().  template_merge() can also
// be used to copy a list (of unique attributes) but is slower because for
// each attribute, it must search through the list.
//
CK_RV
template_copy( TEMPLATE *dest, TEMPLATE *src )
{
   DL_NODE  *node;

   if (!dest || !src){
      st_err_log(4, __FILE__, __LINE__, __FUNCTION__); 
      return CKR_FUNCTION_FAILED;
   }
   node = src->attribute_list;

   while (node) {
      CK_ATTRIBUTE *attr     = (CK_ATTRIBUTE *)node->data;
      CK_ATTRIBUTE *new_attr = NULL;
      CK_ULONG      len;

      len = sizeof(CK_ATTRIBUTE) + attr->ulValueLen;