xref: /illumos-gate/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.c (revision a8793c76)

/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */
/*
 * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
 * Copyright 2018, Joyent, Inc.
 */

/*
 * Functions used for manipulating the keystore
 */

#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <time.h>
#include <unistd.h>
#include <pwd.h>
#include <sys/types.h>
#include <dirent.h>
#include <limits.h>
#include <libgen.h>
#include <strings.h>
#include <security/cryptoki.h>
#include <cryptoutil.h>
#include "softGlobal.h"
#include "softObject.h"
#include "softSession.h"
#include "softKeystore.h"
#include "softKeystoreUtil.h"

#define	MAXPATHLEN	1024
#define	SUNW_PATH	".sunw"		/* top level Sun directory */
#define	KEYSTORE_PATH	"pkcs11_softtoken"	/* keystore directory */
#define	PUB_OBJ_DIR	"public"	/* directory for public objects */
#define	PRI_OBJ_DIR	"private"	/* directory for private objects */
#define	DS_FILE		"objstore_info"	/* keystore description file */
#define	TMP_DS_FILE	"t_info"	/* temp name for keystore desc. file */
#define	OBJ_PREFIX	"obj"	/* prefix of the keystore object file names */
#define	OBJ_PREFIX_LEN	sizeof (OBJ_PREFIX) - 1	/* length of prefix */
#define	TMP_OBJ_PREFIX	"t_o"	/* prefix of the temp object file names */

/*
 * KEYSTORE DESCRIPTION FILE:
 *
 * The following describes the content of the keystore description file
 *
 * The order AND data type of the fields are very important.
 * All the code in this file assume that they are in the order specified
 * below.  If either order of the fields or their data type changed,
 * you must make sure the ALL the pre-define values are still valid
 *
 * 1) PKCS#11 release number.  It's 2.20 in this release (uchar_t[32])
 * 2) keystore version number: used for synchronizing when different
 *    processes access the keystore at the same time.  It is incremented
 *    when there is a change to the keystore. (uint_32)
 * 3) monotonic-counter: last counter value for name of token object file.
 *    used for assigning unique name to each token (uint_32)
 * 4) salt used for generating encryption key (uint_16)
 * 5) salt used for generating key used for doing HMAC (uint_16)
 * 6) Length of salt used for generating hashed pin (length of salt
 *    is variable)
 * 7) Salt used for generating hashed pin.
 * 8) Hashed pin len (length of hashed pin could be variable, the offset of
 *    where this value lives in the file is calculated at run time)
 * 9) Hashed pin
 *
 */

/* Keystore description file pre-defined values */
#define	KS_PKCS11_VER		"2.20"
#define	KS_PKCS11_OFFSET	0
#define	KS_PKCS11_VER_SIZE	32

#define	KS_VER_OFFSET		(KS_PKCS11_OFFSET + KS_PKCS11_VER_SIZE)
#define	KS_VER_SIZE	4	/* size in bytes of keystore version value */

#define	KS_COUNTER_OFFSET	(KS_VER_OFFSET + KS_VER_SIZE)
#define	KS_COUNTER_SIZE	4	/* size in bytes of the monotonic counter */

#define	KS_KEY_SALT_OFFSET	(KS_COUNTER_OFFSET + KS_COUNTER_SIZE)
#define	KS_KEY_SALT_SIZE	PBKD2_SALT_SIZE

#define	KS_HMAC_SALT_OFFSET	(KS_KEY_SALT_OFFSET + KS_KEY_SALT_SIZE)
#define	KS_HMAC_SALT_SIZE	PBKD2_SALT_SIZE

/* Salt for hashed pin */
#define	KS_HASHED_PIN_SALT_LEN_OFFSET (KS_HMAC_SALT_OFFSET + KS_HMAC_SALT_SIZE)
#define	KS_HASHED_PIN_SALT_LEN_SIZE 8 /* stores length of hashed pin salt */

#define	KS_HASHED_PIN_SALT_OFFSET \
		(KS_HASHED_PIN_SALT_LEN_OFFSET + KS_HASHED_PIN_SALT_LEN_SIZE)

/*
 * hashed pin
 *
 * hashed_pin length offset will be calculated at run time since
 * there's the hashed pin salt size is variable.
 *
 * The offset will be calculated at run time by calling the
 * function calculate_hashed_pin_offset()
 */
static off_t	ks_hashed_pinlen_offset = -1;
#define	KS_HASHED_PINLEN_SIZE	8

/* End of Keystore description file pre-defined values */

/*
 * Metadata for each object
 *
 * The order AND data type of all the fields is very important.
 * All the code in this file assume that they are in the order specified
 * below.  If either order of the fields or their data type is changed,
 * you must make sure the following pre-define value is still valid
 * Each object will have the meta data at the beginning of the object file.
 *
 * 1) object_version: used by softtoken to see if the object
 *    has been modified since it last reads it. (uint_32)
 * 2) iv: initialization vector for encrypted data in the object.  This
 *    value will be 0 for public objects.  (uchar_t[16])
 * 3) obj_hmac: keyed hash as verifier to detect private object
 *    being tampered this value will be 0 for public objects (uchar_t[16])
 */

/* Object metadata pre-defined values */
#define	OBJ_VER_OFFSET	0
#define	OBJ_VER_SIZE	4	/* size of object version in bytes */
#define	OBJ_IV_OFFSET	(OBJ_VER_OFFSET + OBJ_VER_SIZE)
#define	OBJ_IV_SIZE	16
#define	OBJ_HMAC_OFFSET	(OBJ_IV_OFFSET + OBJ_IV_SIZE)
#define	OBJ_HMAC_SIZE	16	/* MD5 HMAC keyed hash */
#define	OBJ_DATA_OFFSET	(OBJ_HMAC_OFFSET + OBJ_HMAC_SIZE)
/* End of object metadata pre-defined values */

#define	ALTERNATE_KEYSTORE_PATH	"SOFTTOKEN_DIR"

static soft_object_t	*enc_key = NULL;
static soft_object_t	*hmac_key = NULL;
static char		keystore_path[MAXPATHLEN];
static boolean_t	keystore_path_initialized = B_FALSE;
static int		desc_fd = 0;

static char *
get_keystore_path()
{
	char *home = getenv("HOME");
	char *alt = getenv(ALTERNATE_KEYSTORE_PATH);

	if (keystore_path_initialized) {
		return (keystore_path);
	}

	bzero(keystore_path, sizeof (keystore_path));
	/*
	 * If it isn't set or is set to the empty string use the
	 * default location.  We need to check for the empty string
	 * because some users "unset" environment variables by giving
	 * them no value, this isn't the same thing as removing it
	 * from the environment.
	 *
	 * We don't want that to attempt to open /.sunw/pkcs11_sofftoken
	 */
	if ((alt != NULL) && (strcmp(alt, "") != 0)) {
		(void) snprintf(keystore_path, MAXPATHLEN, "%s/%s",
		    alt, KEYSTORE_PATH);
		keystore_path_initialized = B_TRUE;
	} else if ((home != NULL) && (strcmp(home, "") != 0)) {
		/* alternate path not specified, try user's home dir */
		(void) snprintf(keystore_path, MAXPATHLEN, "%s/%s/%s",
		    home, SUNW_PATH, KEYSTORE_PATH);
		keystore_path_initialized = B_TRUE;
	}
	return (keystore_path);
}

static char *
get_pub_obj_path(char *name)
{
	bzero(name, sizeof (name));
	(void) snprintf(name, MAXPATHLEN, "%s/%s",
	    get_keystore_path(), PUB_OBJ_DIR);
	return (name);
}

static char *
get_pri_obj_path(char *name)
{
	bzero(name, sizeof (name));
	(void) snprintf(name, MAXPATHLEN, "%s/%s",
	    get_keystore_path(), PRI_OBJ_DIR);
	return (name);
}

static char *
get_desc_file_path(char *name)
{
	bzero(name, sizeof (name));
	(void) snprintf(name, MAXPATHLEN, "%s/%s",
	    get_keystore_path(), DS_FILE);
	return (name);
}

static char *
get_tmp_desc_file_path(char *name)
{
	bzero(name, sizeof (name));
	(void) snprintf(name, MAXPATHLEN, "%s/%s",
	    get_keystore_path(), TMP_DS_FILE);
	return (name);
}

/*
 * Calculates the offset for hashed_pin length and hashed pin
 *
 * Returns 0 if successful, -1 if there's any error.
 *
 * If successful, global variables "ks_hashed_pinlen_offset" will be set.
 *
 */
static int
calculate_hashed_pin_offset(int fd)
{
	uint64_t salt_length;

	if (lseek(fd, KS_HASHED_PIN_SALT_LEN_OFFSET, SEEK_SET)
	    != KS_HASHED_PIN_SALT_LEN_OFFSET) {
		return (-1);
	}

	if (readn_nointr(fd, (char *)&salt_length,
	    KS_HASHED_PIN_SALT_LEN_SIZE) != KS_HASHED_PIN_SALT_LEN_SIZE) {
		return (-1);
	}
	salt_length = SWAP64(salt_length);

	ks_hashed_pinlen_offset = KS_HASHED_PIN_SALT_LEN_OFFSET
	    + KS_HASHED_PIN_SALT_LEN_SIZE + salt_length;

	return (0);

}

/*
 * acquire or release read/write lock on a specific file
 *
 * read_lock: true for read lock; false for write lock
 * set_lock:  true to set a lock; false to release a lock
 */
static int
lock_file(int fd, boolean_t read_lock, boolean_t set_lock)
{

	flock_t lock_info;
	int r;

	lock_info.l_whence = SEEK_SET;
	lock_info.l_start = 0;
	lock_info.l_len = 0; /* l_len == 0 means until end of  file */

	if (read_lock) {
		lock_info.l_type = F_RDLCK;
	} else {
		lock_info.l_type = F_WRLCK;
	}

	if (set_lock) {
		while ((r = fcntl(fd, F_SETLKW, &lock_info)) == -1) {
			if (errno != EINTR)
				break;
		}
		if (r == -1) {
			return (-1);
		}
	} else {
		lock_info.l_type = F_UNLCK;
		while ((r = fcntl(fd, F_SETLKW, &lock_info)) == -1) {
			if (errno != EINTR)
				break;
		}
		if (r == -1) {
			return (-1);
		}
	}

	return (0);
}

int
create_keystore()
{
	int fd, buf;
	uint64_t hashed_pin_len, hashed_pin_salt_len, ulong_buf;
	uchar_t ver_buf[KS_PKCS11_VER_SIZE];
	char pub_obj_path[MAXPATHLEN], pri_obj_path[MAXPATHLEN],
	    ks_desc_file[MAXPATHLEN];
	CK_BYTE salt[KS_KEY_SALT_SIZE];
	char *hashed_pin = NULL, *hashed_pin_salt = NULL;
	char *alt;

	/* keystore doesn't exist, create keystore directory */
	if (mkdir(get_keystore_path(), S_IRUSR|S_IWUSR|S_IXUSR) < 0) {
		if (errno == EEXIST) {
			return (0);
		}

		if (errno == EACCES) {
			return (-1);
		}

		/* can't create keystore directory */
		if (errno == ENOENT) { /* part of the path doesn't exist */
			char keystore[MAXPATHLEN];
			/*
			 * try to create $HOME/.sunw/pkcs11_softtoken if it
			 * doesn't exist.  If it is a alternate path provided
			 * by the user, it should have existed.  Will not
			 * create for them.
			 */
			alt = getenv(ALTERNATE_KEYSTORE_PATH);
			if ((alt == NULL) || (strcmp(alt, "") == 0)) {
				char *home = getenv("HOME");

				if (home == NULL || strcmp(home, "") == 0) {
					return (-1);
				}
				/* create $HOME/.sunw/pkcs11_softtoken */
				(void) snprintf(keystore, sizeof (keystore),
				    "%s/%s/%s", home, SUNW_PATH, KEYSTORE_PATH);
				if (mkdirp(keystore,
				    S_IRUSR|S_IWUSR|S_IXUSR) < 0) {
					return (-1);
				}
			} else {
				return (-1);
			}
		}
	}

	/* create keystore description file */
	fd = open_nointr(get_desc_file_path(ks_desc_file),
	    O_RDWR|O_CREAT|O_EXCL|O_NONBLOCK, S_IRUSR|S_IWUSR);
	if (fd < 0) {
		if (errno == EEXIST) {
			return (0);
		} else {
			/* can't create keystore description file */
			(void) rmdir(get_keystore_path());
			return (-1);
		}
	}

	if (lock_file(fd, B_FALSE, B_TRUE) != 0) {
		(void) unlink(ks_desc_file);
		(void) close(fd);
		(void) rmdir(get_keystore_path());
		return (-1);
	}

	if (mkdir(get_pub_obj_path(pub_obj_path),
	    S_IRUSR|S_IWUSR|S_IXUSR) < 0) {
		/* can't create directory for public objects */
		(void) lock_file(fd, B_FALSE, B_FALSE);
		(void) unlink(ks_desc_file);
		(void) close(fd);
		(void) rmdir(get_keystore_path());
		return (-1);
	}

	if (mkdir(get_pri_obj_path(pri_obj_path),
	    S_IRUSR|S_IWUSR|S_IXUSR) < 0) {
		/* can't create directory for private objects */
		(void) lock_file(fd, B_FALSE, B_FALSE);
		(void) unlink(ks_desc_file);
		(void) close(fd);
		(void) rmdir(get_keystore_path());
		(void) rmdir(pub_obj_path);
		return (-1);
	}


	/* write file format release number */
	bzero(ver_buf, sizeof (ver_buf));
	(void) strcpy((char *)ver_buf, KS_PKCS11_VER);
	if ((writen_nointr(fd, (char *)ver_buf, sizeof (ver_buf)))
	    != sizeof (ver_buf)) {
		goto cleanup;
	}

	/* write version number, version = 0 since keystore just created */
	buf = SWAP32(0);
	if (writen_nointr(fd, (void *)&buf, KS_VER_SIZE) != KS_VER_SIZE) {
		goto cleanup;
	}

	/* write monotonic-counter.  Counter for keystore objects start at 1 */
	buf = SWAP32(1);
	if (writen_nointr(fd, (void *)&buf, KS_COUNTER_SIZE)
	    != KS_COUNTER_SIZE) {
		goto cleanup;
	}

	/* initial encryption key salt should be all NULL */
	bzero(salt, sizeof (salt));
	if (writen_nointr(fd, (void *)salt, KS_KEY_SALT_SIZE)
	    != KS_KEY_SALT_SIZE) {
		goto cleanup;
	}

	/* initial HMAC key salt should also be all NULL */
	if (writen_nointr(fd, (void *)salt, KS_HMAC_SALT_SIZE)
	    != KS_HMAC_SALT_SIZE) {
		goto cleanup;
	}

	/* generate the hashed pin salt, and MD5 hashed pin of default pin */
	if (soft_gen_hashed_pin((CK_CHAR_PTR)SOFT_DEFAULT_PIN, &hashed_pin,
	    &hashed_pin_salt) < 0) {
		goto cleanup;
	}

	if ((hashed_pin_salt == NULL) || (hashed_pin == NULL)) {
		goto cleanup;
	}

	hashed_pin_salt_len = (uint64_t)strlen(hashed_pin_salt);
	hashed_pin_len = (uint64_t)strlen(hashed_pin);

	/* write hashed pin salt length */
	ulong_buf = SWAP64(hashed_pin_salt_len);
	if (writen_nointr(fd, (void *)&ulong_buf, KS_HASHED_PIN_SALT_LEN_SIZE)
	    != KS_HASHED_PIN_SALT_LEN_SIZE) {
		goto cleanup;
	}

	if (writen_nointr(fd, (void *)hashed_pin_salt,
	    hashed_pin_salt_len) != hashed_pin_salt_len) {
		goto cleanup;
	}

	/* write MD5 hashed pin of the default pin */
	ulong_buf = SWAP64(hashed_pin_len);
	if (writen_nointr(fd, (void *)&ulong_buf, KS_HASHED_PINLEN_SIZE)
	    != KS_HASHED_PINLEN_SIZE) {
		goto cleanup;
	}

	if (writen_nointr(fd, (void *)hashed_pin, hashed_pin_len)
	    != hashed_pin_len) {
		goto cleanup;
	}

	(void) lock_file(fd, B_FALSE, B_FALSE);

	(void) close(fd);
	freezero(hashed_pin_salt, hashed_pin_salt_len);
	return (0);

cleanup:
	(void) lock_file(fd, B_FALSE, B_FALSE);
	(void) unlink(ks_desc_file);
	(void) close(fd);
	(void) rmdir(get_keystore_path());
	(void) rmdir(pub_obj_path);
	(void) rmdir(pri_obj_path);
	return (-1);
}

/*
 * Determines if the file referenced by "fd" has the same
 * inode as the file referenced by "fname".
 *
 * The argument "same" contains the result of determining
 * if the inode is the same or not
 *
 * Returns 0 if there's no error.
 * Returns 1 if there's any error with opening the file.
 *
 *
 */
static int
is_inode_same(int fd, char *fname, boolean_t *same)
{
	struct stat fn_stat, fd_stat;

	if (fstat(fd, &fd_stat) != 0) {
		return (-1);
	}

	if (stat(fname, &fn_stat) != 0) {
		return (-1);
	}

	/* It's the same file if both st_ino and st_dev match */
	if ((fd_stat.st_ino == fn_stat.st_ino) &&
	    (fd_stat.st_dev == fn_stat.st_dev)) {
		*same = B_TRUE;
	} else {
		*same = B_FALSE;
	}
	return (0);
}

static int
acquire_file_lock(int *fd, char *fname, mode_t mode)
{
	boolean_t read_lock = B_TRUE, same_inode;

	if ((mode == O_RDWR) || (mode == O_WRONLY)) {
		read_lock = B_FALSE;
	}

	if (lock_file(*fd, read_lock, B_TRUE) != 0) {
		return (-1);
	}

	/*
	 * make sure another process did not modify the file
	 * while we were trying to get the lock
	 */
	if (is_inode_same(*fd, fname, &same_inode) != 0) {
		(void) lock_file(*fd, B_TRUE, B_FALSE); /* unlock file */
		return (-1);
	}

	while (!same_inode) {
		/*
		 * need to unlock file, close, re-open the file,
		 * and re-acquire the lock
		 */

		/* unlock file */
		if (lock_file(*fd, B_TRUE, B_FALSE) != 0) {
			return (-1);
		}

		(void) close(*fd);

		/* re-open */
		*fd = open_nointr(fname, mode|O_NONBLOCK);
		if (*fd < 0) {
			return (-1);
		}

		/* acquire lock again */
		if (lock_file(*fd, read_lock, B_TRUE) != 0) {
			return (-1);
		}

		if (is_inode_same(*fd, fname, &same_inode) != 0) {
			(void) lock_file(*fd, B_TRUE, B_FALSE); /* unlock */
			return (-1);
		}

	}

	return (0);
}

/*
 * Open the keystore description file in the specified mode.
 * If the keystore doesn't exist, the "do_create_keystore"
 * argument determines if the keystore should be created
 */
static int
open_and_lock_keystore_desc(mode_t mode, boolean_t do_create_keystore,
    boolean_t lock_held)
{

	int fd;
	char *fname, ks_desc_file[MAXPATHLEN];

	/* open the keystore description file in requested mode */
	fname = get_desc_file_path(ks_desc_file);
	fd = open_nointr(fname, mode|O_NONBLOCK);
	if (fd < 0) {
		if ((errno == ENOENT) && (do_create_keystore)) {
			if (create_keystore() < 0) {
				goto done;
			}
			fd = open_nointr(fname, mode|O_NONBLOCK);
			if (fd < 0) {
				goto done;
			}
		} else {
			goto done;
		}
	}

	if (lock_held) {
		/* already hold the lock */
		return (fd);
	}

	if (acquire_file_lock(&fd, fname, mode) != 0) {
		if (fd > 0) {
			(void) close(fd);
		}
		return (-1);
	}

done:
	return (fd);
}


/*
 * Set or remove read or write lock on keystore description file
 *
 * read_lock: true for read lock, false for write lock
 * set_lock: true for set a lock, false to remove a lock
 */
static int
lock_desc_file(boolean_t read_lock, boolean_t set_lock)
{

	char ks_desc_file[MAXPATHLEN];

	if (set_lock) {
		int oflag;

		/*
		 * make sure desc_fd is not already used.  If used, it means
		 * some other lock is already set on the file
		 */
		if (desc_fd > 0) {
			return (-1);
		}

		(void) get_desc_file_path(ks_desc_file);

		if (read_lock) {
			oflag = O_RDONLY;
		} else {
			oflag = O_WRONLY;
		}
		if ((desc_fd = open_and_lock_keystore_desc(oflag,
		    B_FALSE, B_FALSE)) < 0) {
			return (-1);
		}
	} else {
		/* make sure we have a valid fd */
		if (desc_fd <= 0) {
			return (-1);
		}

		if (lock_file(desc_fd, read_lock, B_FALSE) == 1) {
			return (-1);
		}

		(void) close(desc_fd);
		desc_fd = 0;

	}
	return (0);
}

static int
open_and_lock_object_file(ks_obj_handle_t *ks_handle, int oflag,
    boolean_t lock_held)
{
	char obj_fname[MAXPATHLEN];
	int fd;

	if (ks_handle->public) {
		char pub_obj_path[MAXPATHLEN];
		(void) snprintf(obj_fname, MAXPATHLEN, "%s/%s",
		    get_pub_obj_path(pub_obj_path), ks_handle->name);
	} else {
		char pri_obj_path[MAXPATHLEN];
		(void) snprintf(obj_fname, MAXPATHLEN, "%s/%s",
		    get_pri_obj_path(pri_obj_path), ks_handle->name);
	}

	fd = open_nointr(obj_fname, oflag|O_NONBLOCK);
	if (fd < 0) {
		return (-1);
	}

	if (lock_held) {
		/* already hold the lock */
		return (fd);
	}

	if (acquire_file_lock(&fd, obj_fname, oflag) != 0) {
		if (fd > 0) {
			(void) close(fd);
		}
		return (-1);
	}


	return (fd);
}


/*
 * Update file version number in a temporary file that's
 * a copy of the keystore description file.
 * The update is NOT made to the original keystore description
 * file.  It makes the update in a tempoary file.
 *
 * Name of the temporary file is assumed to be provided, but
 * the file is assumed to not exist.
 *
 * return 0 if creating temp file is successful, returns -1 otherwise
 */
static int
create_updated_keystore_version(int fd, char *tmp_fname)
{
	int version, tmp_fd;
	char buf[BUFSIZ];
	size_t nread;

	/* first, create the tempoary file */
	tmp_fd = open_nointr(tmp_fname,
	    O_WRONLY|O_CREAT|O_EXCL|O_NONBLOCK, S_IRUSR|S_IWUSR);
	if (tmp_fd < 0) {
		return (-1);
	}

	/*
	 * copy everything from keystore version to temp file except
	 * the keystore version.  Keystore version is updated
	 *
	 */

	/* pkcs11 version */
	if (readn_nointr(fd, buf, KS_PKCS11_VER_SIZE) != KS_PKCS11_VER_SIZE) {
		goto cleanup;
	}

	if (writen_nointr(tmp_fd, buf, KS_PKCS11_VER_SIZE) !=
	    KS_PKCS11_VER_SIZE) {
		goto cleanup;
	}

	/* version number, it needs to be updated */

	/* read the current version number */
	if (readn_nointr(fd, &version, KS_VER_SIZE) != KS_VER_SIZE) {
		goto cleanup;
	}

	version = SWAP32(version);
	version++;
	version = SWAP32(version);

	/* write the updated value to the tmp file */
	if (writen_nointr(tmp_fd, (void *)&version, KS_VER_SIZE)
	    != KS_VER_SIZE) {
		goto cleanup;
	}

	/* read rest of information, nothing needs to be updated */
	nread = readn_nointr(fd, buf, BUFSIZ);
	while (nread > 0) {
		if (writen_nointr(tmp_fd, buf, nread) != nread) {
			goto cleanup;
		}
		nread = readn_nointr(fd, buf, BUFSIZ);
	}

	(void) close(tmp_fd);
	return (0);	/* no error */

cleanup:
	(void) close(tmp_fd);
	(void) remove(tmp_fname);
	return (-1);
}

static CK_RV
get_all_objs_in_dir(DIR *dirp, ks_obj_handle_t *ks_handle,
    ks_obj_t **result_obj_list, boolean_t lock_held)
{
	struct dirent *dp;
	ks_obj_t *obj;
	CK_RV rv;

	while ((dp = readdir(dirp)) != NULL) {

		if (strncmp(dp->d_name, OBJ_PREFIX, OBJ_PREFIX_LEN) != 0)
			continue;

		(void) strcpy((char *)ks_handle->name, dp->d_name);
		rv = soft_keystore_get_single_obj(ks_handle, &obj, lock_held);
		if (rv != CKR_OK) {
			return (rv);
		}
		if (obj != NULL) {
			if (*result_obj_list == NULL) {
				*result_obj_list = obj;
			} else {
				obj->next = *result_obj_list;
				*result_obj_list = obj;
			}
		}
	}
	return (CKR_OK);
}

/*
 * This function prepares the obj data for encryption by prepending
 * the FULL path of the file that will be used for storing
 * the object.  Having full path of the file as part of
 * of the data for the object will prevent an attacker from
 * copying a "bad" object into the keystore undetected.
 *
 * This function will always allocate:
 *	MAXPATHLEN + buf_len
 * amount of data.  If the full path of the filename doesn't occupy
 * the whole MAXPATHLEN, the rest of the space will just be empty.
 * It is the caller's responsibility to free the buffer allocated here.
 *
 * The allocated buffer is returned in the variable "prepared_buf"
 * if there's no error.
 *
 * Returns 0 if there's no error, -1 otherwise.
 */
static int
prepare_data_for_encrypt(char *obj_path, unsigned char *buf, CK_ULONG buf_len,
    unsigned char **prepared_buf, CK_ULONG *prepared_len)
{
	*prepared_len = MAXPATHLEN + buf_len;
	*prepared_buf = malloc(*prepared_len);
	if (*prepared_buf == NULL) {
		return (-1);
	}

	/*
	 * only zero out the space for the path name.  I could zero out
	 * the whole buffer, but that will be a waste of processing
	 * cycle since the rest of the buffer will be 100% filled all
	 * the time
	 */
	bzero(*prepared_buf, MAXPATHLEN);
	(void) memcpy(*prepared_buf, obj_path, strlen(obj_path));
	(void) memcpy(*prepared_buf + MAXPATHLEN, buf, buf_len);
	return (0);
}

/*
 * retrieves the hashed pin from the keystore
 */
static CK_RV
get_hashed_pin(int fd, char **hashed_pin)
{
	uint64_t hashed_pin_size;

	if (ks_hashed_pinlen_offset == -1) {
		if (calculate_hashed_pin_offset(fd) != 0) {
			return (CKR_FUNCTION_FAILED);
		}
	}

	/* first, get size of the hashed pin */
	if (lseek(fd, ks_hashed_pinlen_offset, SEEK_SET)
	    != ks_hashed_pinlen_offset) {
		return (CKR_FUNCTION_FAILED);
	}

	if (readn_nointr(fd, (char *)&hashed_pin_size,
	    KS_HASHED_PINLEN_SIZE) != KS_HASHED_PINLEN_SIZE) {
		return (CKR_FUNCTION_FAILED);
	}

	hashed_pin_size = SWAP64(hashed_pin_size);

	*hashed_pin = malloc(hashed_pin_size + 1);
	if (*hashed_pin == NULL) {
		return (CKR_HOST_MEMORY);
	}

	if ((readn_nointr(fd, *hashed_pin, hashed_pin_size))
	    != (ssize_t)hashed_pin_size) {
		freezero(*hashed_pin, hashed_pin_size + 1);
		*hashed_pin = NULL;
		return (CKR_FUNCTION_FAILED);
	}
	(*hashed_pin)[hashed_pin_size] = '\0';
	return (CKR_OK);
}


/*
 *	FUNCTION: soft_keystore_lock
 *
 *	ARGUMENTS:
 *		set_lock: TRUE to set readlock on the keystore object file,
 *		          FALSE to remove readlock on keystore object file.
 *
 *	RETURN VALUE:
 *
 *		0: success
 *		-1: failure
 *
 *	DESCRIPTION:
 *
 *		set or remove readlock on the keystore description file.
 */
int
soft_keystore_readlock(boolean_t set_lock)
{

	return (lock_desc_file(B_TRUE, set_lock));
}


/*
 *	FUNCTION: soft_keystore_writelock
 *
 *	ARGUMENTS:
 *		set_lock: TRUE to set writelock on the keystore description file
 *			FALSE to remove write lock on keystore description file.
 *
 *	RETURN VALUE:
 *
 *		0: no error
 *		1: some error occurred
 *
 *	DESCRIPTION:
 *		set/reset writelock on the keystore description file.
 */
int
soft_keystore_writelock(boolean_t set_lock)
{
	return (lock_desc_file(B_FALSE, set_lock));

}

/*
 *
 *	FUNCTION: soft_keystore_lock_object
 *
 *	ARGUMENTS:
 *
 *		ks_handle: handle of the keystore object file to be accessed.
 *		read_lock: TRUE to set readlock on the keystore object file,
 *			  FALSE to set writelock on keystore object file.
 *
 *	RETURN VALUE:
 *
 *		If no error, file descriptor of locked file will be returned
 *		-1: some error occurred
 *
 *	DESCRIPTION:
 *
 *		set readlock or writelock on the keystore object file.
 */
int
soft_keystore_lock_object(ks_obj_handle_t *ks_handle, boolean_t read_lock)
{
	int fd;
	int oflag;

	if (read_lock) {
		oflag = O_RDONLY;
	} else {
		oflag = O_WRONLY;
	}

	if ((fd = open_and_lock_object_file(ks_handle, oflag, B_FALSE)) < 0) {
		return (-1);
	}

	return (fd);
}

/*
 *	FUNCTION: soft_keystore_unlock_object
 *
 *	ARGUMENTS:
 *		fd: file descriptor returned from soft_keystore_lock_object
 *
 *	RETURN VALUE:
 *		0: no error
 *		1: some error occurred while getting the pin
 *
 *	DESCRIPTION:
 *		set/reset writelock on the keystore object file.
 */
int
soft_keystore_unlock_object(int fd)
{
	if (lock_file(fd, B_TRUE, B_FALSE) != 0) {
		return (1);
	}

	(void) close(fd);
	return (0);
}



/*
 *	FUNCTION: soft_keystore_get_version
 *
 *	ARGUMENTS:
 *		version: pointer to caller allocated memory for storing
 *			 the version of the keystore.
 *		lock_held: TRUE if the lock is held by caller.
 *
 *	RETURN VALUE:
 *
 *		0: no error
 *		-1: some error occurred while getting the version number
 *
 *	DESCRIPTION:
 *		get the version number of the keystore from keystore
 *		description file.
 */
int
soft_keystore_get_version(uint_t *version, boolean_t lock_held)
{
	int fd, ret_val = 0;
	uint_t buf;

	if ((fd = open_and_lock_keystore_desc(O_RDONLY,
	    B_FALSE, lock_held)) < 0) {
		return (-1);
	}

	if (lseek(fd, KS_VER_OFFSET, SEEK_SET) != KS_VER_OFFSET) {
		ret_val = -1;
		goto cleanup;
	}

	if (readn_nointr(fd, (char *)&buf, KS_VER_SIZE) != KS_VER_SIZE) {
		ret_val = -1;
		goto cleanup;
	}
	*version = SWAP32(buf);

cleanup:

	if (!lock_held) {
		if (lock_file(fd, B_TRUE, B_FALSE) < 0) {
			ret_val = -1;
		}
	}

	(void) close(fd);
	return (ret_val);
}

/*
 *	FUNCTION: soft_keystore_get_object_version
 *
 *	ARGUMENTS:
 *
 *		ks_handle: handle of the key store object to be accessed.
 *		version:
 *			pointer to caller allocated memory for storing
 *			the version of the object.
 *		lock_held: TRUE if the lock is held by caller.
 *
 *	RETURN VALUE:
 *
 *		0: no error
 *		-1: some error occurred while getting the pin
 *
 *	DESCRIPTION:
 *		get the version number of the specified token object.
 */
int
soft_keystore_get_object_version(ks_obj_handle_t *ks_handle,
    uint_t *version, boolean_t lock_held)
{
	int fd, ret_val = 0;
	uint_t tmp;

	if ((fd = open_and_lock_object_file(ks_handle, O_RDONLY,
	    lock_held)) < 0) {
		return (-1);
	}

	/*
	 * read version.  Version is always first item in object file
	 * so, no need to do lseek
	 */
	if (readn_nointr(fd, (char *)&tmp, OBJ_VER_SIZE) != OBJ_VER_SIZE) {
		ret_val = -1;
		goto cleanup;
	}

	*version = SWAP32(tmp);

cleanup:
	if (!lock_held) {
		if (lock_file(fd, B_TRUE, B_FALSE) < 0) {
			ret_val = -1;
		}
	}


	(void) close(fd);
	return (ret_val);
}

/*
 *		FUNCTION: soft_keystore_getpin
 *
 *		ARGUMENTS:
 *			hashed_pin: pointer to caller allocated memory
 *				for storing the pin to be returned.
 *			lock_held: TRUE if the lock is held by caller.
 *
 *		RETURN VALUE:
 *
 *			0: no error
 *			-1: some error occurred while getting the pin
 *
 *		DESCRIPTION:
 *
 *			Reads the MD5 hash from the keystore description
 *			file and return it to the caller in the provided
 *			buffer. If there is no PIN in the description file
 *			because the file is just created, this function
 *			will get a MD5 digest of the string "changeme",
 *			store it in the file, and also return this
 *			string to the caller.
 */
int
soft_keystore_getpin(char **hashed_pin, boolean_t lock_held)
{
	int fd, ret_val = -1;
	CK_RV rv;

	if ((fd = open_and_lock_keystore_desc(O_RDONLY, B_FALSE,
	    lock_held)) < 0) {
		return (-1);
	}

	rv = get_hashed_pin(fd, hashed_pin);
	if (rv == CKR_OK) {
		ret_val = 0;
	}

cleanup:
	if (!lock_held) {
		if (lock_file(fd, B_TRUE, B_FALSE) < 0) {
			ret_val = -1;
		}
	}

	(void) close(fd);
	return (ret_val);
}


/*
 * Generate a 16-byte Initialization Vector (IV).
 */
CK_RV
soft_gen_iv(CK_BYTE *iv)
{
	return (pkcs11_get_nzero_urandom(iv, 16) < 0 ?
	    CKR_DEVICE_ERROR : CKR_OK);
}


/*
 * This function reads all the data until the end of the file, and
 * put the data into the "buf" in argument.  Memory for buf will
 * be allocated in this function.  It is the caller's responsibility
 * to free it.  The number of bytes read will be returned
 * in the argument "bytes_read"
 *
 * returns CKR_OK if no error.  Other CKR error codes if there's an error
 */
static CK_RV
read_obj_data(int old_fd, char **buf, ssize_t *bytes_read)
{

	ssize_t nread, loop_count;
	char *buf1 = NULL;

	*buf = malloc(BUFSIZ);
	if (*buf == NULL) {
		return (CKR_HOST_MEMORY);
	}

	nread = readn_nointr(old_fd, *buf, BUFSIZ);
	if (nread < 0) {
		free(*buf);
		return (CKR_FUNCTION_FAILED);
	}
	loop_count = 1;
	while (nread == (loop_count * BUFSIZ)) {
		ssize_t nread_tmp;

		loop_count++;
		/* more than BUFSIZ of data */
		buf1 = realloc(*buf, loop_count * BUFSIZ);
		if (buf1 == NULL) {
			free(*buf);
			return (CKR_HOST_MEMORY);
		}