1 /* (C) COPYRIGHT International Business Machines Corp. 2001, 2002, 2005 */
2 /*
3  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
4  * Use is subject to license terms.
5  */
6 
7 #include "tpmtok_int.h"
8 
9 CK_BBOOL	initialized = FALSE;
10 
11 pthread_mutex_t  native_mutex;
12 pthread_mutex_t   pkcs_mutex, obj_list_mutex,
13 	sess_list_mutex, login_mutex;
14 
15 void *xproclock;
16 
17 DL_NODE  *sess_list	= NULL;
18 DL_NODE  *sess_obj_list  = NULL;
19 DL_NODE  *publ_token_obj_list = NULL;
20 DL_NODE  *priv_token_obj_list = NULL;
21 DL_NODE  *object_map	= NULL;
22 
23 CK_STATE  global_login_state = 0;
24 
25 LW_SHM_TYPE *global_shm;
26 
27 CK_ULONG next_session_handle = 1;
28 CK_ULONG next_object_handle = 1;
29 
30 TOKEN_DATA  *nv_token_data = NULL;
31 
32 extern CK_RV LW_Initialize();
33 extern CK_RV SC_GetFunctionList();
34 extern CK_RV SC_GetTokenInfo();
35 extern CK_RV SC_GetMechanismList();
36 extern CK_RV SC_GetMechanismInfo();
37 extern CK_RV SC_InitToken();
38 extern CK_RV SC_InitPIN();
39 extern CK_RV SC_SetPIN();
40 extern CK_RV SC_OpenSession();
41 extern CK_RV SC_CloseSession();
42 extern CK_RV SC_CloseAllSessions();
43 extern CK_RV SC_GetSessionInfo();
44 extern CK_RV SC_GetOperationState();
45 extern CK_RV SC_SetOperationState();
46 extern CK_RV SC_Login();
47 extern CK_RV SC_Logout();
48 extern CK_RV SC_CreateObject();
49 extern CK_RV SC_CopyObject();
50 extern CK_RV SC_DestroyObject();
51 extern CK_RV SC_GetObjectSize();
52 extern CK_RV SC_GetAttributeValue();
53 extern CK_RV SC_SetAttributeValue();
54 extern CK_RV SC_FindObjectsInit();
55 extern CK_RV SC_FindObjects();
56 extern CK_RV SC_FindObjectsFinal();
57 extern CK_RV SC_EncryptInit();
58 extern CK_RV SC_Encrypt();
59 extern CK_RV SC_EncryptUpdate();
60 extern CK_RV SC_EncryptFinal();
61 extern CK_RV SC_DecryptInit();
62 extern CK_RV SC_Decrypt();
63 extern CK_RV SC_DecryptUpdate();
64 extern CK_RV SC_DecryptFinal();
65 extern CK_RV SC_DigestInit();
66 extern CK_RV SC_Digest();
67 extern CK_RV SC_DigestUpdate();
68 extern CK_RV SC_DigestKey();
69 extern CK_RV SC_DigestFinal();
70 extern CK_RV SC_SignInit();
71 extern CK_RV SC_Sign();
72 extern CK_RV SC_SignUpdate();
73 extern CK_RV SC_SignFinal();
74 extern CK_RV SC_SignRecoverInit();
75 extern CK_RV SC_SignRecover();
76 extern CK_RV SC_VerifyInit();
77 extern CK_RV SC_Verify();
78 extern CK_RV SC_VerifyUpdate();
79 extern CK_RV SC_VerifyFinal();
80 extern CK_RV SC_VerifyRecoverInit();
81 extern CK_RV SC_VerifyRecover();
82 extern CK_RV SC_DigestEncryptUpdate();
83 extern CK_RV SC_DecryptDigestUpdate();
84 extern CK_RV SC_SignEncryptUpdate();
85 extern CK_RV SC_DecryptVerifyUpdate();
86 extern CK_RV SC_GenerateKey();
87 extern CK_RV SC_GenerateKeyPair();
88 extern CK_RV SC_WrapKey();
89 extern CK_RV SC_UnwrapKey();
90 extern CK_RV SC_DeriveKey();
91 extern CK_RV SC_SeedRandom();
92 extern CK_RV SC_GenerateRandom();
93 extern CK_RV SC_GetFunctionStatus();
94 extern CK_RV SC_CancelFunction();
95 extern CK_RV SC_WaitForSlotEvent();
96 
97 CK_BYTE  ber_rsaEncryption[] = {
98     0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01
99 };
100 CK_BYTE  ber_md5WithRSAEncryption[] = {
101     0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04
102 };
103 CK_BYTE  ber_sha1WithRSAEncryption[] = {
104     0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05
105 };
106 
107 CK_BYTE  ber_AlgMd5[] =    {
108     0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
109     0x02, 0x05, 0x05, 0x00
110 };
111 CK_BYTE  ber_AlgSha1[] =   {
112     0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05,
113     0x00
114 };
115 CK_BYTE  ber_AlgIdRSAEncryption[] = {
116     0x30, 0x0D, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
117     0x01, 0x01, 0x01, 0x05, 0x00
118 };
119 
120 CK_ULONG ber_rsaEncryptionLen = sizeof (ber_rsaEncryption);
121 CK_ULONG ber_md5WithRSAEncryptionLen = sizeof (ber_md5WithRSAEncryption);
122 CK_ULONG ber_sha1WithRSAEncryptionLen = sizeof (ber_sha1WithRSAEncryption);
123 
124 CK_ULONG ber_AlgMd5Len =    sizeof (ber_AlgMd5);
125 CK_ULONG ber_AlgSha1Len =   sizeof (ber_AlgSha1);
126 CK_ULONG ber_AlgIdRSAEncryptionLen = sizeof (ber_AlgIdRSAEncryption);
127 
128 MECH_LIST_ELEMENT mech_list[] = {
129 	{ CKM_RSA_PKCS_KEY_PAIR_GEN,	{512, 2048, CKF_HW |
130 	    CKF_GENERATE_KEY_PAIR } },
131 	{ CKM_RSA_PKCS, {512, 2048, CKF_HW   | CKF_ENCRYPT | CKF_DECRYPT |
132 	    CKF_WRAP	 | CKF_UNWRAP  | CKF_SIGN | CKF_VERIFY  |
133 	    CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER } },
134 
135 	{ CKM_RSA_PKCS_OAEP,	{512, 2048, CKF_HW   | CKF_ENCRYPT |
136 	    CKF_DECRYPT | CKF_WRAP	 | CKF_UNWRAP  |
137 	    CKF_SIGN | CKF_VERIFY | CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER }},
138 
139 #if 0
140 	/* No RSA_X_509 support for now... */
141 	{ CKM_RSA_X_509, {512, 2048, CKF_HW  |
142 	    CKF_ENCRYPT	| CKF_DECRYPT |
143 	    CKF_WRAP	 | CKF_UNWRAP  |
144 	    CKF_SIGN	 | CKF_VERIFY  |
145 	    CKF_SIGN_RECOVER | CKF_VERIFY_RECOVER } },
146 #endif
147 
148 	{CKM_MD5_RSA_PKCS,
149 	{512, 2048, CKF_HW	| CKF_SIGN    | CKF_VERIFY } },
150 
151 	{ CKM_SHA1_RSA_PKCS,
152 	{512, 2048, CKF_HW	| CKF_SIGN    | CKF_VERIFY } },
153 
154 	{CKM_SHA_1,
155 	{0,    0, CKF_DIGEST } },
156 
157 	{CKM_SHA_1_HMAC,
158 	{0,    0, CKF_SIGN | CKF_VERIFY } },
159 
160 	{CKM_SHA_1_HMAC_GENERAL,
161 	{0,    0, CKF_SIGN | CKF_VERIFY } },
162 
163 	{CKM_MD5,
164 	{0,    0, CKF_DIGEST } },
165 
166 	{CKM_MD5_HMAC,
167 	{0,    0, CKF_SIGN | CKF_VERIFY } },
168 
169 	{CKM_MD5_HMAC_GENERAL,
170 	{0,    0, CKF_SIGN | CKF_VERIFY } },
171 };
172 
173 CK_ULONG  mech_list_len = (sizeof (mech_list) / sizeof (MECH_LIST_ELEMENT));
174 
175 /*
176  * default SO pin hash values
177  *
178  * default SO pin = "87654321"
179  */
180 CK_BYTE default_so_pin_md5[MD5_DIGEST_LENGTH] = {
181 	0x5E, 0x86, 0x67, 0xA4, 0x39, 0xC6, 0x8F, 0x51,
182 	0x45, 0xDD, 0x2F, 0xCB, 0xEC, 0xF0, 0x22, 0x09
183 };
184 
185 CK_BYTE default_so_pin_sha[SHA1_DIGEST_LENGTH] = {
186 	0xA7, 0xD5, 0x79, 0xBA, 0x76, 0x39, 0x80, 0x70,
187 	0xEA, 0xE6, 0x54, 0xC3, 0x0F, 0xF1, 0x53, 0xA4,
188 	0xC2, 0x73, 0x27, 0x2A
189 };
190 
191 /* SH - 1 of "12345678" */
192 CK_BYTE default_user_pin_sha[SHA1_DIGEST_LENGTH] = {
193 	0x7c, 0x22, 0x2f, 0xb2, 0x92, 0x7d, 0x82, 0x8a,
194 	0xf2, 0x2f, 0x59, 0x21, 0x34, 0xe8, 0x93, 0x24,
195 	0x80, 0x63, 0x7c, 0x0d
196 };
197 
198 CK_BYTE user_pin_md5[MD5_DIGEST_LENGTH];
199 CK_BYTE so_pin_md5[MD5_DIGEST_LENGTH];
200