1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 *
25 * Copyright 2016 Jason King.
26 */
27
28#include <cryptoutil.h>
29
30/*
31 * Get the key type for the given mechanism
32 *
33 * All mechanisms in PKCS #11 v2.40 are listed here.
34 */
35CK_RV
36pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type, CK_KEY_TYPE *ktype)
37{
38
39	CK_RV rv = CKR_OK;
40
41	switch (mech_type) {
42
43	case CKM_RSA_PKCS_KEY_PAIR_GEN:
44	case CKM_RSA_PKCS:
45	case CKM_RSA_9796:
46	case CKM_RSA_X_509:
47	case CKM_MD2_RSA_PKCS:
48	case CKM_MD5_RSA_PKCS:
49	case CKM_SHA1_RSA_PKCS:
50	case CKM_SHA256_RSA_PKCS:
51	case CKM_SHA384_RSA_PKCS:
52	case CKM_SHA512_RSA_PKCS:
53	case CKM_SHA256_RSA_PKCS_PSS:
54	case CKM_SHA384_RSA_PKCS_PSS:
55	case CKM_SHA512_RSA_PKCS_PSS:
56	case CKM_SHA224_RSA_PKCS:
57	case CKM_SHA224_RSA_PKCS_PSS:
58	case CKM_RIPEMD128_RSA_PKCS:
59	case CKM_RIPEMD160_RSA_PKCS:
60	case CKM_RSA_PKCS_OAEP:
61	case CKM_RSA_X9_31_KEY_PAIR_GEN:
62	case CKM_RSA_X9_31:
63	case CKM_SHA1_RSA_X9_31:
64	case CKM_RSA_PKCS_PSS:
65	case CKM_SHA1_RSA_PKCS_PSS:
66	case CKM_RSA_PKCS_TPM_1_1:
67	case CKM_RSA_PKCS_OAEP_TPM_1_1:
68		*ktype = CKK_RSA;
69		break;
70
71	case CKM_DSA_KEY_PAIR_GEN:
72	case CKM_DSA:
73	case CKM_DSA_SHA1:
74	case CKM_DSA_PARAMETER_GEN:
75	case CKM_FORTEZZA_TIMESTAMP:
76	case CKM_DSA_SHA224:
77	case CKM_DSA_SHA256:
78	case CKM_DSA_SHA384:
79	case CKM_DSA_SHA512:
80		*ktype = CKK_DSA;
81		break;
82
83	case CKM_DH_PKCS_PARAMETER_GEN:
84	case CKM_DH_PKCS_KEY_PAIR_GEN:
85	case CKM_DH_PKCS_DERIVE:
86		*ktype = CKK_DH;
87		break;
88
89	case CKM_ECDSA:
90	case CKM_ECDSA_SHA1:
91	case CKM_EC_KEY_PAIR_GEN:
92	case CKM_ECDH1_DERIVE:
93	case CKM_ECDH1_COFACTOR_DERIVE:
94	case CKM_ECMQV_DERIVE:
95		*ktype = CKK_EC;
96		break;
97
98	case CKM_X9_42_DH_KEY_PAIR_GEN:
99	case CKM_X9_42_DH_DERIVE:
100	case CKM_X9_42_DH_HYBRID_DERIVE:
101	case CKM_X9_42_MQV_DERIVE:
102	case CKM_X9_42_DH_PARAMETER_GEN:
103		*ktype = CKK_X9_42_DH;
104		break;
105
106	case CKM_KEA_KEY_PAIR_GEN:
107	case CKM_KEA_KEY_DERIVE:
108		*ktype = CKK_KEA;
109		break;
110
111	case CKM_MD2:
112	case CKM_MD2_HMAC:
113	case CKM_MD2_HMAC_GENERAL:
114	case CKM_MD5:
115	case CKM_MD5_HMAC:
116	case CKM_MD5_HMAC_GENERAL:
117	case CKM_SHA_1:
118	case CKM_SHA_1_HMAC:
119	case CKM_SHA_1_HMAC_GENERAL:
120	case CKM_SHA256:
121	case CKM_SHA256_HMAC:
122	case CKM_SHA256_HMAC_GENERAL:
123	case CKM_SHA224:
124	case CKM_SHA224_HMAC:
125	case CKM_SHA224_HMAC_GENERAL:
126	case CKM_SHA384:
127	case CKM_SHA384_HMAC:
128	case CKM_SHA384_HMAC_GENERAL:
129	case CKM_SHA512:
130	case CKM_SHA512_HMAC:
131	case CKM_SHA512_HMAC_GENERAL:
132	case CKM_GENERIC_SECRET_KEY_GEN:
133	case CKM_FASTHASH:
134	case CKM_PKCS5_PBKD2:
135	case CKM_PBA_SHA1_WITH_SHA1_HMAC:
136	case CKM_SSL3_MD5_MAC:
137	case CKM_SSL3_SHA1_MAC:
138	case CKM_SSL3_PRE_MASTER_KEY_GEN:
139	case CKM_SSL3_MASTER_KEY_DERIVE:
140	case CKM_SSL3_KEY_AND_MAC_DERIVE:
141	case CKM_SSL3_MASTER_KEY_DERIVE_DH:
142	case CKM_TLS_PRE_MASTER_KEY_GEN:
143	case CKM_TLS_MASTER_KEY_DERIVE:
144	case CKM_TLS_KEY_AND_MAC_DERIVE:
145	case CKM_TLS_MASTER_KEY_DERIVE_DH:
146	case CKM_TLS_PRF:
147	case CKM_WTLS_PRE_MASTER_KEY_GEN:
148	case CKM_WTLS_MASTER_KEY_DERIVE:
149	case CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC:
150	case CKM_WTLS_PRF:
151	case CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE:
152	case CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE:
153	case CKM_CONCATENATE_BASE_AND_KEY:
154	case CKM_CONCATENATE_BASE_AND_DATA:
155	case CKM_CONCATENATE_DATA_AND_BASE:
156	case CKM_XOR_BASE_AND_DATA:
157	case CKM_EXTRACT_KEY_FROM_KEY:
158	case CKM_RIPEMD128:
159	case CKM_RIPEMD128_HMAC:
160	case CKM_RIPEMD128_HMAC_GENERAL:
161	case CKM_RIPEMD160:
162	case CKM_RIPEMD160_HMAC:
163	case CKM_RIPEMD160_HMAC_GENERAL:
164	case CKM_SHA1_KEY_DERIVATION:
165	case CKM_SHA256_KEY_DERIVATION:
166	case CKM_SHA384_KEY_DERIVATION:
167	case CKM_SHA512_KEY_DERIVATION:
168	case CKM_SHA224_KEY_DERIVATION:
169	case CKM_MD5_KEY_DERIVATION:
170	case CKM_MD2_KEY_DERIVATION:
171	/* not sure the following 2 should be CKK_DES or not */
172	case CKM_KEY_WRAP_LYNKS: /* wrap/unwrap secret key w/ DES key */
173	case CKM_KEY_WRAP_SET_OAEP:  /* wrap/unwarp DES key w/ RSA key */
174	case CKM_SHA512_224:
175	case CKM_SHA512_224_HMAC:
176	case CKM_SHA512_224_HMAC_GENERAL:
177	case CKM_SHA512_224_KEY_DERIVATION:
178	case CKM_SHA512_256:
179	case CKM_SHA512_256_HMAC:
180	case CKM_SHA512_256_HMAC_GENERAL:
181	case CKM_SHA512_256_KEY_DERIVATION:
182	case CKM_SHA512_T:
183	case CKM_SHA512_T_HMAC:
184	case CKM_SHA512_T_HMAC_GENERAL:
185	case CKM_SHA512_T_KEY_DERIVATION:
186	case CKM_TLS10_MAC_SERVER:
187	case CKM_TLS10_MAC_CLIENT:
188	case CKM_TLS12_MAC:
189	case CKM_TLS12_MASTER_KEY_DERIVE:
190	case CKM_TLS12_KEY_AND_MAC_DERIVE:
191	case CKM_TLS12_MASTER_KEY_DERIVE_DH:
192	case CKM_TLS12_KEY_SAFE_DERIVE:
193	case CKM_TLS_MAC:
194	case CKM_TLS_KDF:
195		*ktype = CKK_GENERIC_SECRET;
196		break;
197
198	case CKM_RC2_KEY_GEN:
199	case CKM_RC2_ECB:
200	case CKM_RC2_CBC:
201	case CKM_RC2_MAC:
202	case CKM_RC2_MAC_GENERAL:
203	case CKM_RC2_CBC_PAD:
204	case CKM_PBE_SHA1_RC2_128_CBC:
205	case CKM_PBE_SHA1_RC2_40_CBC:
206		*ktype = CKK_RC2;
207		break;
208
209	case CKM_RC4_KEY_GEN:
210	case CKM_RC4:
211	case CKM_PBE_SHA1_RC4_128:
212	case CKM_PBE_SHA1_RC4_40:
213		*ktype = CKK_RC4;
214		break;
215
216	case CKM_DES_KEY_GEN:
217	case CKM_DES_ECB:
218	case CKM_DES_CBC:
219	case CKM_DES_MAC:
220	case CKM_DES_MAC_GENERAL:
221	case CKM_DES_CBC_PAD:
222	case CKM_PBE_MD2_DES_CBC:
223	case CKM_PBE_MD5_DES_CBC:
224	case CKM_DES_OFB64:
225	case CKM_DES_OFB8:
226	case CKM_DES_CFB64:
227	case CKM_DES_CFB8:
228	case CKM_DES_ECB_ENCRYPT_DATA:
229	case CKM_DES_CBC_ENCRYPT_DATA:
230		*ktype = CKK_DES;
231		break;
232
233	case CKM_DES2_KEY_GEN:
234	case CKM_PBE_SHA1_DES2_EDE_CBC:
235		*ktype = CKK_DES2;
236		break;
237
238	case CKM_DES3_KEY_GEN:
239	case CKM_DES3_ECB:
240	case CKM_DES3_CBC:
241	case CKM_DES3_MAC:
242	case CKM_DES3_MAC_GENERAL:
243	case CKM_DES3_CBC_PAD:
244	case CKM_PBE_SHA1_DES3_EDE_CBC:
245	case CKM_DES3_ECB_ENCRYPT_DATA:
246	case CKM_DES3_CBC_ENCRYPT_DATA:
247		*ktype = CKK_DES3;
248		break;
249
250	case CKM_CAST_KEY_GEN:
251	case CKM_CAST_ECB:
252	case CKM_CAST_CBC:
253	case CKM_CAST_MAC:
254	case CKM_CAST_MAC_GENERAL:
255	case CKM_CAST_CBC_PAD:
256	case CKM_PBE_MD5_CAST_CBC:
257		*ktype = CKK_CAST;
258		break;
259
260	case CKM_CAST3_KEY_GEN:
261	case CKM_CAST3_ECB:
262	case CKM_CAST3_CBC:
263	case CKM_CAST3_MAC:
264	case CKM_CAST3_MAC_GENERAL:
265	case CKM_CAST3_CBC_PAD:
266	case CKM_PBE_MD5_CAST3_CBC:
267		*ktype = CKK_CAST3;
268		break;
269
270	case CKM_CAST128_KEY_GEN:
271	case CKM_CAST128_ECB:
272	case CKM_CAST128_CBC:
273	case CKM_CAST128_MAC:
274	case CKM_CAST128_MAC_GENERAL:
275	case CKM_CAST128_CBC_PAD:
276	case CKM_PBE_MD5_CAST128_CBC:
277	case CKM_PBE_SHA1_CAST128_CBC:
278		*ktype = CKK_CAST128;
279		break;
280
281	case CKM_RC5_KEY_GEN:
282	case CKM_RC5_ECB:
283	case CKM_RC5_CBC:
284	case CKM_RC5_MAC:
285	case CKM_RC5_MAC_GENERAL:
286	case CKM_RC5_CBC_PAD:
287		*ktype = CKK_RC5;
288		break;
289
290	case CKM_IDEA_KEY_GEN:
291	case CKM_IDEA_ECB:
292	case CKM_IDEA_CBC:
293	case CKM_IDEA_MAC:
294	case CKM_IDEA_MAC_GENERAL:
295	case CKM_IDEA_CBC_PAD:
296		*ktype = CKK_IDEA;
297		break;
298
299	case CKM_SKIPJACK_KEY_GEN:
300	case CKM_SKIPJACK_ECB64:
301	case CKM_SKIPJACK_CBC64:
302	case CKM_SKIPJACK_OFB64:
303	case CKM_SKIPJACK_CFB64:
304	case CKM_SKIPJACK_CFB32:
305	case CKM_SKIPJACK_CFB16:
306	case CKM_SKIPJACK_CFB8:
307	case CKM_SKIPJACK_WRAP:
308	case CKM_SKIPJACK_PRIVATE_WRAP:
309	case CKM_SKIPJACK_RELAYX:
310		*ktype = CKK_SKIPJACK;
311		break;
312
313	case CKM_BATON_KEY_GEN:
314	case CKM_BATON_ECB128:
315	case CKM_BATON_ECB96:
316	case CKM_BATON_CBC128:
317	case CKM_BATON_COUNTER:
318	case CKM_BATON_SHUFFLE:
319	case CKM_BATON_WRAP:
320		*ktype = CKK_BATON;
321		break;
322
323	case CKM_JUNIPER_KEY_GEN:
324	case CKM_JUNIPER_ECB128:
325	case CKM_JUNIPER_CBC128:
326	case CKM_JUNIPER_COUNTER:
327	case CKM_JUNIPER_SHUFFLE:
328	case CKM_JUNIPER_WRAP:
329		*ktype = CKK_JUNIPER;
330		break;
331
332	case CKM_CDMF_KEY_GEN:
333	case CKM_CDMF_ECB:
334	case CKM_CDMF_CBC:
335	case CKM_CDMF_MAC:
336	case CKM_CDMF_MAC_GENERAL:
337	case CKM_CDMF_CBC_PAD:
338		*ktype = CKK_CDMF;
339		break;
340
341	case CKM_AES_KEY_GEN:
342	case CKM_AES_ECB:
343	case CKM_AES_CBC:
344	case CKM_AES_MAC:
345	case CKM_AES_MAC_GENERAL:
346	case CKM_AES_CBC_PAD:
347	case CKM_AES_CTR:
348	case CKM_AES_GCM:
349	case CKM_AES_CCM:
350	case CKM_AES_CTS:
351	case CKM_AES_CMAC:
352	case CKM_AES_CMAC_GENERAL:
353	case CKM_AES_XCBC_MAC:
354	case CKM_AES_XCBC_MAC_96:
355	case CKM_AES_GMAC:
356	case CKM_AES_ECB_ENCRYPT_DATA:
357	case CKM_AES_CBC_ENCRYPT_DATA:
358	case CKM_AES_OFB:
359	case CKM_AES_CFB8:
360	case CKM_AES_CFB64:
361	case CKM_AES_CFB128:
362	case CKM_AES_CFB1:
363	case CKM_AES_KEY_WRAP:
364	case CKM_AES_KEY_WRAP_PAD:
365		*ktype = CKK_AES;
366		break;
367
368	case CKM_BLOWFISH_KEY_GEN:
369	case CKM_BLOWFISH_CBC:
370	case CKM_BLOWFISH_CBC_PAD:
371		*ktype = CKK_BLOWFISH;
372		break;
373
374	case CKM_TWOFISH_KEY_GEN:
375	case CKM_TWOFISH_CBC:
376	case CKM_TWOFISH_CBC_PAD:
377		*ktype = CKK_TWOFISH;
378		break;
379
380	case CKM_SECURID_KEY_GEN:
381	case CKM_SECURID:
382		*ktype = CKK_SECURID;
383		break;
384
385	case CKM_HOTP_KEY_GEN:
386	case CKM_HOTP:
387		*ktype = CKK_HOTP;
388		break;
389
390	case CKM_ACTI:
391	case CKM_ACTI_KEY_GEN:
392		*ktype = CKK_ACTI;
393		break;
394
395	case CKM_CAMELLIA_KEY_GEN:
396	case CKM_CAMELLIA_ECB:
397	case CKM_CAMELLIA_CBC:
398	case CKM_CAMELLIA_MAC:
399	case CKM_CAMELLIA_MAC_GENERAL:
400	case CKM_CAMELLIA_CBC_PAD:
401	case CKM_CAMELLIA_ECB_ENCRYPT_DATA:
402	case CKM_CAMELLIA_CBC_ENCRYPT_DATA:
403	case CKM_CAMELLIA_CTR:
404		*ktype = CKK_CAMELLIA;
405		break;
406
407	case CKM_ARIA_KEY_GEN:
408	case CKM_ARIA_ECB:
409	case CKM_ARIA_CBC:
410	case CKM_ARIA_MAC:
411	case CKM_ARIA_MAC_GENERAL:
412	case CKM_ARIA_CBC_PAD:
413	case CKM_ARIA_ECB_ENCRYPT_DATA:
414	case CKM_ARIA_CBC_ENCRYPT_DATA:
415		*ktype = CKK_ARIA;
416		break;
417
418	case CKM_GOSTR3410:
419	case CKM_GOSTR3410_WITH_GOSTR3411:
420	case CKM_GOSTR3410_KEY_WRAP:
421	case CKM_GOSTR3410_DERIVE:
422		*ktype = CKK_GOSTR3410;
423		break;
424
425	case CKM_GOSTR3411:
426	case CKM_GOSTR3411_HMAC:
427		*ktype = CKK_GOSTR3411;
428		break;
429
430	case CKM_GOST28147_KEY_GEN:
431	case CKM_GOST28147_ECB:
432	case CKM_GOST28147:
433	case CKM_GOST28147_MAC:
434	case CKM_GOST28147_KEY_WRAP:
435		*ktype = CKK_GOST28147;
436		break;
437
438	default:
439		rv = CKR_MECHANISM_INVALID;
440		break;
441	}
442
443	return (rv);
444}
445