17c478bdstevel@tonic-gate/*
27c478bdstevel@tonic-gate * CDDL HEADER START
37c478bdstevel@tonic-gate *
47c478bdstevel@tonic-gate * The contents of this file are subject to the terms of the
54c21f04izick * Common Development and Distribution License (the "License").
64c21f04izick * You may not use this file except in compliance with the License.
77c478bdstevel@tonic-gate *
87c478bdstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bdstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bdstevel@tonic-gate * See the License for the specific language governing permissions
117c478bdstevel@tonic-gate * and limitations under the License.
127c478bdstevel@tonic-gate *
137c478bdstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bdstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bdstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bdstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bdstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bdstevel@tonic-gate *
197c478bdstevel@tonic-gate * CDDL HEADER END
207c478bdstevel@tonic-gate */
217c478bdstevel@tonic-gate/*
22f9fbec1mcpowers * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
237c478bdstevel@tonic-gate * Use is subject to license terms.
24cd964fcMatt Barden * Copyright 2014 Nexenta Systems, Inc.  All rights reserved.
25a8793c7Jason King * Copyright (c) 2018, Joyent, Inc.
267c478bdstevel@tonic-gate */
277c478bdstevel@tonic-gate
287c478bdstevel@tonic-gate#include <stdlib.h>
297c478bdstevel@tonic-gate#include <strings.h>
307c478bdstevel@tonic-gate#include <sys/types.h>
317c478bdstevel@tonic-gate#include <security/cryptoki.h>
327c478bdstevel@tonic-gate#include "softObject.h"
337c478bdstevel@tonic-gate#include "softOps.h"
347c478bdstevel@tonic-gate#include "softSession.h"
357c478bdstevel@tonic-gate#include "softMAC.h"
367c478bdstevel@tonic-gate#include "softRSA.h"
377c478bdstevel@tonic-gate#include "softDSA.h"
38f9fbec1mcpowers#include "softEC.h"
397c478bdstevel@tonic-gate#include "softCrypt.h"
407c478bdstevel@tonic-gate
417c478bdstevel@tonic-gate/*
427c478bdstevel@tonic-gate * soft_sign_init()
437c478bdstevel@tonic-gate *
447c478bdstevel@tonic-gate * Arguments:
457c478bdstevel@tonic-gate *	session_p:	pointer to soft_session_t struct
467c478bdstevel@tonic-gate *	pMechanism:	pointer to CK_MECHANISM struct provided by application
477c478bdstevel@tonic-gate *	key_p:		pointer to key soft_object_t struct
487c478bdstevel@tonic-gate *
497c478bdstevel@tonic-gate * Description:
507c478bdstevel@tonic-gate *	called by C_SignInit(). This function calls the corresponding
517c478bdstevel@tonic-gate *	sign init routine based on the mechanism.
527c478bdstevel@tonic-gate *
537c478bdstevel@tonic-gate */
547c478bdstevel@tonic-gateCK_RV
557c478bdstevel@tonic-gatesoft_sign_init(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism,
567c478bdstevel@tonic-gate    soft_object_t *key_p)
577c478bdstevel@tonic-gate{
587c478bdstevel@tonic-gate
597c478bdstevel@tonic-gate	switch (pMechanism->mechanism) {
607c478bdstevel@tonic-gate
617c478bdstevel@tonic-gate	case CKM_SSL3_MD5_MAC:
627c478bdstevel@tonic-gate	case CKM_SSL3_SHA1_MAC:
637c478bdstevel@tonic-gate	case CKM_MD5_HMAC_GENERAL:
647c478bdstevel@tonic-gate	case CKM_MD5_HMAC:
657c478bdstevel@tonic-gate	case CKM_SHA_1_HMAC_GENERAL:
667c478bdstevel@tonic-gate	case CKM_SHA_1_HMAC:
67f66d273izick	case CKM_SHA256_HMAC_GENERAL:
68f66d273izick	case CKM_SHA256_HMAC:
69f66d273izick	case CKM_SHA384_HMAC_GENERAL:
70f66d273izick	case CKM_SHA384_HMAC:
71f66d273izick	case CKM_SHA512_HMAC_GENERAL:
72f66d273izick	case CKM_SHA512_HMAC:
737c478bdstevel@tonic-gate
747c478bdstevel@tonic-gate		return (soft_hmac_sign_verify_init_common(session_p,
757c478bdstevel@tonic-gate		    pMechanism, key_p, B_TRUE));
767c478bdstevel@tonic-gate
777c478bdstevel@tonic-gate	case CKM_RSA_X_509:
787c478bdstevel@tonic-gate	case CKM_RSA_PKCS:
797c478bdstevel@tonic-gate	case CKM_MD5_RSA_PKCS:
807c478bdstevel@tonic-gate	case CKM_SHA1_RSA_PKCS:
81f66d273izick	case CKM_SHA256_RSA_PKCS:
82f66d273izick	case CKM_SHA384_RSA_PKCS:
83f66d273izick	case CKM_SHA512_RSA_PKCS:
847c478bdstevel@tonic-gate
857c478bdstevel@tonic-gate		return (soft_rsa_sign_verify_init_common(session_p, pMechanism,
867c478bdstevel@tonic-gate		    key_p, B_TRUE));
877c478bdstevel@tonic-gate
887c478bdstevel@tonic-gate	case CKM_DSA:
897c478bdstevel@tonic-gate	case CKM_DSA_SHA1:
907c478bdstevel@tonic-gate
917c478bdstevel@tonic-gate		return (soft_dsa_sign_verify_init_common(session_p, pMechanism,
927c478bdstevel@tonic-gate		    key_p, B_TRUE));
937c478bdstevel@tonic-gate
94f9fbec1mcpowers	case CKM_ECDSA:
95f9fbec1mcpowers	case CKM_ECDSA_SHA1:
96f9fbec1mcpowers
97f9fbec1mcpowers		return (soft_ecc_sign_verify_init_common(session_p, pMechanism,
98f9fbec1mcpowers		    key_p, B_TRUE));
99f9fbec1mcpowers
1007c478bdstevel@tonic-gate	case CKM_DES_MAC_GENERAL:
1017c478bdstevel@tonic-gate	case CKM_DES_MAC:
1027c478bdstevel@tonic-gate
1037c478bdstevel@tonic-gate		return (soft_des_sign_verify_init_common(session_p, pMechanism,
1047c478bdstevel@tonic-gate		    key_p, B_TRUE));
1057c478bdstevel@tonic-gate
106cd964fcMatt Barden	case CKM_AES_CMAC_GENERAL:
107cd964fcMatt Barden	case CKM_AES_CMAC:
108cd964fcMatt Barden
109cd964fcMatt Barden		return (soft_aes_sign_verify_init_common(session_p, pMechanism,
110cd964fcMatt Barden		    key_p, B_TRUE));
111cd964fcMatt Barden
1127c478bdstevel@tonic-gate	default:
1137c478bdstevel@tonic-gate		return (CKR_MECHANISM_INVALID);
1147c478bdstevel@tonic-gate	}
1157c478bdstevel@tonic-gate
1167c478bdstevel@tonic-gate}
1177c478bdstevel@tonic-gate
1187c478bdstevel@tonic-gate
1197c478bdstevel@tonic-gate/*
1207c478bdstevel@tonic-gate * soft_sign()
1217c478bdstevel@tonic-gate *
1227c478bdstevel@tonic-gate * Arguments:
1237c478bdstevel@tonic-gate *      session_p:	pointer to soft_session_t struct
1247c478bdstevel@tonic-gate *	pData:		pointer to the input data to be signed
1257c478bdstevel@tonic-gate *	ulDataLen:	length of the input data
1267c478bdstevel@tonic-gate *	pSignature:	pointer to the signature after signing
1277c478bdstevel@tonic-gate *	pulSignatureLen: pointer to the length of the signature
1287c478bdstevel@tonic-gate *
1297c478bdstevel@tonic-gate * Description:
1307c478bdstevel@tonic-gate *      called by C_Sign(). This function calls the corresponding
1317c478bdstevel@tonic-gate *	sign routine based on the mechanism.
1327c478bdstevel@tonic-gate *
1337c478bdstevel@tonic-gate */
1347c478bdstevel@tonic-gateCK_RV
1357c478bdstevel@tonic-gatesoft_sign(soft_session_t *session_p, CK_BYTE_PTR pData,
1367c478bdstevel@tonic-gate    CK_ULONG ulDataLen, CK_BYTE_PTR pSignature,
1377c478bdstevel@tonic-gate    CK_ULONG_PTR pulSignatureLen)
1387c478bdstevel@tonic-gate{
1397c478bdstevel@tonic-gate
1407c478bdstevel@tonic-gate	CK_MECHANISM_TYPE mechanism = session_p->sign.mech.mechanism;
1417c478bdstevel@tonic-gate	CK_RV rv = CKR_OK;
1427c478bdstevel@tonic-gate
1437c478bdstevel@tonic-gate	switch (mechanism) {
1447c478bdstevel@tonic-gate
1457c478bdstevel@tonic-gate	case CKM_SSL3_MD5_MAC:
1467c478bdstevel@tonic-gate	case CKM_SSL3_SHA1_MAC:
1477c478bdstevel@tonic-gate	case CKM_MD5_HMAC_GENERAL:
1487c478bdstevel@tonic-gate	case CKM_MD5_HMAC:
1497c478bdstevel@tonic-gate	case CKM_SHA_1_HMAC_GENERAL:
1507c478bdstevel@tonic-gate	case CKM_SHA_1_HMAC:
151f66d273izick	case CKM_SHA256_HMAC_GENERAL:
152f66d273izick	case CKM_SHA256_HMAC:
153f66d273izick	case CKM_SHA384_HMAC_GENERAL:
154f66d273izick	case CKM_SHA384_HMAC:
155f66d273izick	case CKM_SHA512_HMAC_GENERAL:
156f66d273izick	case CKM_SHA512_HMAC:
1577c478bdstevel@tonic-gate	{
158f66d273izick		CK_BYTE hmac[SHA512_DIGEST_LENGTH]; /* use the maximum size */
1597c478bdstevel@tonic-gate
1607c478bdstevel@tonic-gate		if (pSignature != NULL) {
1617c478bdstevel@tonic-gate			/* Pass local buffer to avoid overflow. */
1627c478bdstevel@tonic-gate			rv = soft_hmac_sign_verify_common(session_p, pData,
1637c478bdstevel@tonic-gate			    ulDataLen, hmac, pulSignatureLen, B_TRUE);
1647c478bdstevel@tonic-gate		} else {
1657c478bdstevel@tonic-gate			/* Pass original pSignature, let callee to handle it. */
1667c478bdstevel@tonic-gate			rv = soft_hmac_sign_verify_common(session_p, pData,
1677c478bdstevel@tonic-gate			    ulDataLen, pSignature, pulSignatureLen, B_TRUE);
1687c478bdstevel@tonic-gate		}
1697c478bdstevel@tonic-gate
1707c478bdstevel@tonic-gate		if ((rv == CKR_OK) && (pSignature != NULL))
1717c478bdstevel@tonic-gate			(void) memcpy(pSignature, hmac, *pulSignatureLen);
1727c478bdstevel@tonic-gate
1737c478bdstevel@tonic-gate		return (rv);
1747c478bdstevel@tonic-gate	}
1757c478bdstevel@tonic-gate	case CKM_DES_MAC_GENERAL:
1767c478bdstevel@tonic-gate	case CKM_DES_MAC:
1777c478bdstevel@tonic-gate	{
1787c478bdstevel@tonic-gate		CK_BYTE signature[DES_BLOCK_LEN]; /* use the maximum size */
1797c478bdstevel@tonic-gate
1807c478bdstevel@tonic-gate		if (pSignature != NULL) {
1817c478bdstevel@tonic-gate			/* Pass local buffer to avoid overflow. */
1827c478bdstevel@tonic-gate			rv = soft_des_sign_verify_common(session_p, pData,
183f9fbec1mcpowers			    ulDataLen, signature, pulSignatureLen, B_TRUE,
184f9fbec1mcpowers			    B_FALSE);
1857c478bdstevel@tonic-gate		} else {
1867c478bdstevel@tonic-gate			/* Pass NULL, let callee to handle it. */
1877c478bdstevel@tonic-gate			rv = soft_des_sign_verify_common(session_p, pData,
188f9fbec1mcpowers			    ulDataLen, NULL, pulSignatureLen, B_TRUE, B_FALSE);
1897c478bdstevel@tonic-gate		}
1907c478bdstevel@tonic-gate
1917c478bdstevel@tonic-gate		if ((rv == CKR_OK) && (pSignature != NULL))
1927c478bdstevel@tonic-gate			(void) memcpy(pSignature, signature, *pulSignatureLen);
1937c478bdstevel@tonic-gate
1947c478bdstevel@tonic-gate		return (rv);
1957c478bdstevel@tonic-gate	}
196cd964fcMatt Barden	case CKM_AES_CMAC_GENERAL:
197cd964fcMatt Barden	case CKM_AES_CMAC:
198cd964fcMatt Barden	{
199cd964fcMatt Barden		CK_BYTE signature[AES_BLOCK_LEN];
200cd964fcMatt Barden
201cd964fcMatt Barden		if (pSignature != NULL) {
202cd964fcMatt Barden			/* Pass local buffer to avoid overflow. */
203cd964fcMatt Barden			rv = soft_aes_sign_verify_common(session_p, pData,
204cd964fcMatt Barden			    ulDataLen, signature, pulSignatureLen, B_TRUE,
205cd964fcMatt Barden			    B_FALSE);
206cd964fcMatt Barden		} else {
207cd964fcMatt Barden			/* Pass NULL, let callee handle it. */
208cd964fcMatt Barden			rv = soft_aes_sign_verify_common(session_p, pData,
209cd964fcMatt Barden			    ulDataLen, NULL, pulSignatureLen, B_TRUE, B_FALSE);
210cd964fcMatt Barden		}
211cd964fcMatt Barden
212cd964fcMatt Barden		if ((rv == CKR_OK) && (pSignature != NULL))
213cd964fcMatt Barden			(void) memcpy(pSignature, signature, *pulSignatureLen);
214cd964fcMatt Barden
215cd964fcMatt Barden		return (rv);
216cd964fcMatt Barden	}
2177c478bdstevel@tonic-gate	case CKM_RSA_X_509:
2187c478bdstevel@tonic-gate	case CKM_RSA_PKCS:
2197c478bdstevel@tonic-gate
2207c478bdstevel@tonic-gate		return (soft_rsa_sign_common(session_p, pData, ulDataLen,
2217c478bdstevel@tonic-gate		    pSignature, pulSignatureLen, mechanism));
2227c478bdstevel@tonic-gate
2237c478bdstevel@tonic-gate	case CKM_MD5_RSA_PKCS:
2247c478bdstevel@tonic-gate	case CKM_SHA1_RSA_PKCS:
225f66d273izick	case CKM_SHA256_RSA_PKCS:
226f66d273izick	case CKM_SHA384_RSA_PKCS:
227f66d273izick	case CKM_SHA512_RSA_PKCS:
2287c478bdstevel@tonic-gate
2297c478bdstevel@tonic-gate		return (soft_rsa_digest_sign_common(session_p, pData, ulDataLen,
2307c478bdstevel@tonic-gate		    pSignature, pulSignatureLen, mechanism, B_FALSE));
2317c478bdstevel@tonic-gate
2327c478bdstevel@tonic-gate	case CKM_DSA:
2337c478bdstevel@tonic-gate
2347c478bdstevel@tonic-gate		return (soft_dsa_sign(session_p, pData, ulDataLen,
2357c478bdstevel@tonic-gate		    pSignature, pulSignatureLen));
2367c478bdstevel@tonic-gate
2377c478bdstevel@tonic-gate	case CKM_DSA_SHA1:
2387c478bdstevel@tonic-gate
2397c478bdstevel@tonic-gate		return (soft_dsa_digest_sign_common(session_p, pData, ulDataLen,
2407c478bdstevel@tonic-gate		    pSignature, pulSignatureLen, B_FALSE));
2417c478bdstevel@tonic-gate
242f9fbec1mcpowers	case CKM_ECDSA:
243f9fbec1mcpowers
244f9fbec1mcpowers		return (soft_ecc_sign(session_p, pData, ulDataLen,
245f9fbec1mcpowers		    pSignature, pulSignatureLen));
246f9fbec1mcpowers
247f9fbec1mcpowers	case CKM_ECDSA_SHA1:
248f9fbec1mcpowers
249f9fbec1mcpowers		return (soft_ecc_digest_sign_common(session_p, pData, ulDataLen,
250f9fbec1mcpowers		    pSignature, pulSignatureLen, B_FALSE));
251f9fbec1mcpowers
2527c478bdstevel@tonic-gate	default:
2537c478bdstevel@tonic-gate		return (CKR_MECHANISM_INVALID);
2547c478bdstevel@tonic-gate	}
2557c478bdstevel@tonic-gate}
2567c478bdstevel@tonic-gate
2577c478bdstevel@tonic-gate
2587c478bdstevel@tonic-gate/*
2597c478bdstevel@tonic-gate * soft_sign_update()
2607c478bdstevel@tonic-gate *
2617c478bdstevel@tonic-gate * Arguments:
2627c478bdstevel@tonic-gate *      session_p:	pointer to soft_session_t struct
2637c478bdstevel@tonic-gate *      pPart:		pointer to the input data to be signed
2647c478bdstevel@tonic-gate *      ulPartLen:	length of the input data
2657c478bdstevel@tonic-gate *
2667c478bdstevel@tonic-gate * Description:
2677c478bdstevel@tonic-gate *      called by C_SignUpdate(). This function calls the corresponding
2687c478bdstevel@tonic-gate *	sign update routine based on the mechanism.
2697c478bdstevel@tonic-gate *
2707c478bdstevel@tonic-gate */
2717c478bdstevel@tonic-gateCK_RV
2727c478bdstevel@tonic-gatesoft_sign_update(soft_session_t *session_p, CK_BYTE_PTR pPart,
2737c478bdstevel@tonic-gate    CK_ULONG ulPartLen)
2747c478bdstevel@tonic-gate{
2757c478bdstevel@tonic-gate	CK_MECHANISM_TYPE	mechanism = session_p->sign.mech.mechanism;
2767c478bdstevel@tonic-gate
2777c478bdstevel@tonic-gate	switch (mechanism) {
2787c478bdstevel@tonic-gate
2797c478bdstevel@tonic-gate	case CKM_SSL3_MD5_MAC:
2807c478bdstevel@tonic-gate	case CKM_SSL3_SHA1_MAC:
2817c478bdstevel@tonic-gate	case CKM_MD5_HMAC_GENERAL:
2827c478bdstevel@tonic-gate	case CKM_MD5_HMAC:
2837c478bdstevel@tonic-gate	case CKM_SHA_1_HMAC_GENERAL:
2847c478bdstevel@tonic-gate	case CKM_SHA_1_HMAC:
285f66d273izick	case CKM_SHA256_HMAC_GENERAL:
286f66d273izick	case CKM_SHA256_HMAC:
287f66d273izick	case CKM_SHA384_HMAC_GENERAL:
288f66d273izick	case CKM_SHA384_HMAC:
289f66d273izick	case CKM_SHA512_HMAC_GENERAL:
290f66d273izick	case CKM_SHA512_HMAC:
2917c478bdstevel@tonic-gate
2927c478bdstevel@tonic-gate		return (soft_hmac_sign_verify_update(session_p, pPart,
2937c478bdstevel@tonic-gate		    ulPartLen, B_TRUE));
2947c478bdstevel@tonic-gate
2957c478bdstevel@tonic-gate	case CKM_DES_MAC_GENERAL:
2967c478bdstevel@tonic-gate	case CKM_DES_MAC:
2977c478bdstevel@tonic-gate
2987c478bdstevel@tonic-gate		return (soft_des_mac_sign_verify_update(session_p, pPart,
2997c478bdstevel@tonic-gate		    ulPartLen));
3007c478bdstevel@tonic-gate
301cd964fcMatt Barden	case CKM_AES_CMAC_GENERAL:
302cd964fcMatt Barden	case CKM_AES_CMAC:
303cd964fcMatt Barden
304cd964fcMatt Barden		return (soft_aes_mac_sign_verify_update(session_p, pPart,
305cd964fcMatt Barden		    ulPartLen));
306cd964fcMatt Barden
3077c478bdstevel@tonic-gate	case CKM_MD5_RSA_PKCS:
3087c478bdstevel@tonic-gate	case CKM_SHA1_RSA_PKCS:
309f66d273izick	case CKM_SHA256_RSA_PKCS:
310f66d273izick	case CKM_SHA384_RSA_PKCS:
311f66d273izick	case CKM_SHA512_RSA_PKCS:
3127c478bdstevel@tonic-gate		/*
3137c478bdstevel@tonic-gate		 * The MD5/SHA1 digest value is accumulated in the context
3147c478bdstevel@tonic-gate		 * of the multiple-part digesting operation. In the final
3157c478bdstevel@tonic-gate		 * operation, the digest is encoded and then perform RSA
3167c478bdstevel@tonic-gate		 * signing.
3177c478bdstevel@tonic-gate		 */
3187c478bdstevel@tonic-gate	case CKM_DSA_SHA1:
319f9fbec1mcpowers	case CKM_ECDSA_SHA1:
3207c478bdstevel@tonic-gate
3217c478bdstevel@tonic-gate		return (soft_digest_update(session_p, pPart, ulPartLen));
3227c478bdstevel@tonic-gate
3237c478bdstevel@tonic-gate	default:
3247c478bdstevel@tonic-gate		/* PKCS11: The mechanism only supports single-part operation. */
3257c478bdstevel@tonic-gate		return (CKR_MECHANISM_INVALID);
3267c478bdstevel@tonic-gate	}
3277c478bdstevel@tonic-gate}
3287c478bdstevel@tonic-gate
3297c478bdstevel@tonic-gate
3307c478bdstevel@tonic-gate/*
3317c478bdstevel@tonic-gate * soft_sign_final()
3327c478bdstevel@tonic-gate *
3337c478bdstevel@tonic-gate * Arguments:
3347c478bdstevel@tonic-gate *      session_p:	pointer to soft_session_t struct
3357c478bdstevel@tonic-gate *      pSignature:	pointer to the signature after signing
3367c478bdstevel@tonic-gate *      pulSignatureLen: pointer to the	length of the signature
3377c478bdstevel@tonic-gate *
3387c478bdstevel@tonic-gate * Description:
3397c478bdstevel@tonic-gate *      called by C_SignFinal(). This function calls the corresponding
3407c478bdstevel@tonic-gate *	sign final routine based on the mechanism.
3417c478bdstevel@tonic-gate *
3427c478bdstevel@tonic-gate */
3437c478bdstevel@tonic-gateCK_RV
3447c478bdstevel@tonic-gatesoft_sign_final(soft_session_t *session_p, CK_BYTE_PTR pSignature,
3457c478bdstevel@tonic-gate    CK_ULONG_PTR pulSignatureLen)
3467c478bdstevel@tonic-gate{
3477c478bdstevel@tonic-gate
3487c478bdstevel@tonic-gate	CK_MECHANISM_TYPE mechanism = session_p->sign.mech.mechanism;
3497c478bdstevel@tonic-gate	CK_RV rv = CKR_OK;
3507c478bdstevel@tonic-gate
3517c478bdstevel@tonic-gate	switch (mechanism) {
3527c478bdstevel@tonic-gate
3537c478bdstevel@tonic-gate	case CKM_SSL3_MD5_MAC:
3547c478bdstevel@tonic-gate	case CKM_SSL3_SHA1_MAC:
3557c478bdstevel@tonic-gate	case CKM_MD5_HMAC_GENERAL:
3567c478bdstevel@tonic-gate	case CKM_MD5_HMAC:
3577c478bdstevel@tonic-gate	case CKM_SHA_1_HMAC_GENERAL:
3587c478bdstevel@tonic-gate	case CKM_SHA_1_HMAC:
359f66d273izick	case CKM_SHA256_HMAC_GENERAL:
360f66d273izick	case CKM_SHA256_HMAC:
361f66d273izick	case CKM_SHA384_HMAC_GENERAL:
362f66d273izick	case CKM_SHA384_HMAC:
363f66d273izick	case CKM_SHA512_HMAC_GENERAL:
364f66d273izick	case CKM_SHA512_HMAC:
3657c478bdstevel@tonic-gate	{
366f66d273izick		CK_BYTE hmac[SHA512_DIGEST_LENGTH]; /* use the maximum size */
3677c478bdstevel@tonic-gate
3687c478bdstevel@tonic-gate		if (pSignature != NULL) {
3697c478bdstevel@tonic-gate			/* Pass local buffer to avoid overflow */
3707c478bdstevel@tonic-gate			rv = soft_hmac_sign_verify_common(session_p, NULL,
3717c478bdstevel@tonic-gate			    0, hmac, pulSignatureLen, B_TRUE);
3727c478bdstevel@tonic-gate		} else {
3737c478bdstevel@tonic-gate			/* Pass original pSignature, let callee to handle it. */
3747c478bdstevel@tonic-gate			rv = soft_hmac_sign_verify_common(session_p, NULL,
3757c478bdstevel@tonic-gate			    0, pSignature, pulSignatureLen, B_TRUE);
3767c478bdstevel@tonic-gate		}
3777c478bdstevel@tonic-gate
3787c478bdstevel@tonic-gate		if ((rv == CKR_OK) && (pSignature != NULL))
3797c478bdstevel@tonic-gate			(void) memcpy(pSignature, hmac, *pulSignatureLen);
3807c478bdstevel@tonic-gate
3817c478bdstevel@tonic-gate		return (rv);
3827c478bdstevel@tonic-gate	}
3837c478bdstevel@tonic-gate	case CKM_DES_MAC_GENERAL:
3847c478bdstevel@tonic-gate	case CKM_DES_MAC:
3857c478bdstevel@tonic-gate	{
3867c478bdstevel@tonic-gate		CK_BYTE signature[DES_BLOCK_LEN]; /* use the maximum size */
3877c478bdstevel@tonic-gate
3887c478bdstevel@tonic-gate		if (pSignature != NULL) {
3897c478bdstevel@tonic-gate			/* Pass local buffer to avoid overflow. */
3907c478bdstevel@tonic-gate			rv = soft_des_sign_verify_common(session_p, NULL, 0,
391f9fbec1mcpowers			    signature, pulSignatureLen, B_TRUE, B_TRUE);
3927c478bdstevel@tonic-gate		} else {
3937c478bdstevel@tonic-gate			/* Pass NULL, let callee to handle it. */
3947c478bdstevel@tonic-gate			rv = soft_des_sign_verify_common(session_p, NULL, 0,
395f9fbec1mcpowers			    NULL, pulSignatureLen, B_TRUE, B_TRUE);
3967c478bdstevel@tonic-gate		}
3977c478bdstevel@tonic-gate
3987c478bdstevel@tonic-gate		if ((rv == CKR_OK) && (pSignature != NULL))
3997c478bdstevel@tonic-gate			(void) memcpy(pSignature, signature, *pulSignatureLen);
4007c478bdstevel@tonic-gate
4017c478bdstevel@tonic-gate		return (rv);
4027c478bdstevel@tonic-gate	}
403cd964fcMatt Barden	case CKM_AES_CMAC_GENERAL:
404cd964fcMatt Barden	case CKM_AES_CMAC:
405cd964fcMatt Barden	{
406cd964fcMatt Barden		CK_BYTE signature[AES_BLOCK_LEN]; /* use the maximum size */
407cd964fcMatt Barden
408cd964fcMatt Barden		if (pSignature != NULL) {
409cd964fcMatt Barden			/* Pass local buffer to avoid overflow. */
410cd964fcMatt Barden			rv = soft_aes_sign_verify_common(session_p, NULL, 0,
411cd964fcMatt Barden			    signature, pulSignatureLen, B_TRUE, B_TRUE);
412cd964fcMatt Barden		} else {
413cd964fcMatt Barden			/* Pass NULL, let callee handle it. */
414cd964fcMatt Barden			rv = soft_aes_sign_verify_common(session_p, NULL, 0,
415cd964fcMatt Barden			    NULL, pulSignatureLen, B_TRUE, B_TRUE);
416cd964fcMatt Barden		}
417cd964fcMatt Barden
418cd964fcMatt Barden		if ((rv == CKR_OK) && (pSignature != NULL))
419cd964fcMatt Barden			(void) memcpy(pSignature, signature, *pulSignatureLen);
420cd964fcMatt Barden
421cd964fcMatt Barden		return (rv);
422cd964fcMatt Barden	}
4237c478bdstevel@tonic-gate	case CKM_MD5_RSA_PKCS:
4247c478bdstevel@tonic-gate	case CKM_SHA1_RSA_PKCS:
425f66d273izick	case CKM_SHA256_RSA_PKCS:
426f66d273izick	case CKM_SHA384_RSA_PKCS:
427f66d273izick	case CKM_SHA512_RSA_PKCS:
4287c478bdstevel@tonic-gate
4297c478bdstevel@tonic-gate		return (soft_rsa_digest_sign_common(session_p, NULL, 0,
4307c478bdstevel@tonic-gate		    pSignature, pulSignatureLen, mechanism, B_TRUE));
4317c478bdstevel@tonic-gate
4327c478bdstevel@tonic-gate	case CKM_DSA_SHA1:
4337c478bdstevel@tonic-gate
4347c478bdstevel@tonic-gate		return (soft_dsa_digest_sign_common(session_p, NULL, 0,
4357c478bdstevel@tonic-gate		    pSignature, pulSignatureLen, B_TRUE));
4367c478bdstevel@tonic-gate
437f9fbec1mcpowers	case CKM_ECDSA_SHA1:
438f9fbec1mcpowers
439f9fbec1mcpowers		return (soft_ecc_digest_sign_common(session_p, NULL, 0,
440f9fbec1mcpowers		    pSignature, pulSignatureLen, B_TRUE));
441f9fbec1mcpowers
4427c478bdstevel@tonic-gate	default:
4437c478bdstevel@tonic-gate		/* PKCS11: The mechanism only supports single-part operation. */
4447c478bdstevel@tonic-gate		return (CKR_MECHANISM_INVALID);
4457c478bdstevel@tonic-gate	}
4467c478bdstevel@tonic-gate}
4477c478bdstevel@tonic-gate
4487c478bdstevel@tonic-gate
4497c478bdstevel@tonic-gateCK_RV
4507c478bdstevel@tonic-gatesoft_sign_recover_init(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism,
4517c478bdstevel@tonic-gate    soft_object_t *key_p)
4527c478bdstevel@tonic-gate{
4537c478bdstevel@tonic-gate
4547c478bdstevel@tonic-gate	switch (pMechanism->mechanism) {
4557c478bdstevel@tonic-gate
4567c478bdstevel@tonic-gate	case CKM_RSA_X_509:
4577c478bdstevel@tonic-gate	case CKM_RSA_PKCS:
4587c478bdstevel@tonic-gate
4597c478bdstevel@tonic-gate		return (soft_rsa_sign_verify_init_common(session_p, pMechanism,
4607c478bdstevel@tonic-gate		    key_p, B_TRUE));
4617c478bdstevel@tonic-gate
4627c478bdstevel@tonic-gate	default:
4637c478bdstevel@tonic-gate		return (CKR_MECHANISM_INVALID);
4647c478bdstevel@tonic-gate	}
4657c478bdstevel@tonic-gate}
4667c478bdstevel@tonic-gate
4677c478bdstevel@tonic-gate
4687c478bdstevel@tonic-gateCK_RV
4697c478bdstevel@tonic-gatesoft_sign_recover(soft_session_t *session_p, CK_BYTE_PTR pData,
4707c478bdstevel@tonic-gate    CK_ULONG ulDataLen, CK_BYTE_PTR pSignature,
4717c478bdstevel@tonic-gate    CK_ULONG_PTR pulSignatureLen)
4727c478bdstevel@tonic-gate{
4737c478bdstevel@tonic-gate
4747c478bdstevel@tonic-gate	CK_MECHANISM_TYPE mechanism = session_p->sign.mech.mechanism;
4757c478bdstevel@tonic-gate
4767c478bdstevel@tonic-gate	switch (mechanism) {
4777c478bdstevel@tonic-gate
4787c478bdstevel@tonic-gate	case CKM_RSA_X_509:
4797c478bdstevel@tonic-gate	case CKM_RSA_PKCS:
4807c478bdstevel@tonic-gate
4817c478bdstevel@tonic-gate		return (soft_rsa_sign_common(session_p, pData, ulDataLen,
4827c478bdstevel@tonic-gate		    pSignature, pulSignatureLen, mechanism));
4837c478bdstevel@tonic-gate
4847c478bdstevel@tonic-gate	default:
4857c478bdstevel@tonic-gate		return (CKR_MECHANISM_INVALID);
4867c478bdstevel@tonic-gate	}
4877c478bdstevel@tonic-gate}
4887c478bdstevel@tonic-gate
4897c478bdstevel@tonic-gate/*
4907c478bdstevel@tonic-gate * This function frees the allocated active crypto context.
4917c478bdstevel@tonic-gate * It is only called by the first tier of sign/verify routines
4927c478bdstevel@tonic-gate * and the caller of this function may or may not hold the session mutex.
4937c478bdstevel@tonic-gate */
4947c478bdstevel@tonic-gatevoid
4957c478bdstevel@tonic-gatesoft_sign_verify_cleanup(soft_session_t *session_p, boolean_t sign,
4967c478bdstevel@tonic-gate    boolean_t lock_held)
4977c478bdstevel@tonic-gate{
4987c478bdstevel@tonic-gate
4997c478bdstevel@tonic-gate	crypto_active_op_t *active_op;
5007c478bdstevel@tonic-gate	boolean_t lock_true = B_TRUE;
5017c478bdstevel@tonic-gate
5027c478bdstevel@tonic-gate	if (!lock_held)
5037c478bdstevel@tonic-gate		(void) pthread_mutex_lock(&session_p->session_mutex);
5047c478bdstevel@tonic-gate
5057c478bdstevel@tonic-gate	active_op = (sign) ? &(session_p->sign) : &(session_p->verify);
5067c478bdstevel@tonic-gate
5077c478bdstevel@tonic-gate	switch (active_op->mech.mechanism) {
5087c478bdstevel@tonic-gate
5097c478bdstevel@tonic-gate	case CKM_MD5_RSA_PKCS:
5107c478bdstevel@tonic-gate	case CKM_SHA1_RSA_PKCS:
511f66d273izick	case CKM_SHA256_RSA_PKCS:
512f66d273izick	case CKM_SHA384_RSA_PKCS:
513f66d273izick	case CKM_SHA512_RSA_PKCS:
5147c478bdstevel@tonic-gate		if (session_p->digest.context != NULL) {
5157c478bdstevel@tonic-gate			free(session_p->digest.context);
5167c478bdstevel@tonic-gate			session_p->digest.context = NULL;
5177c478bdstevel@tonic-gate			session_p->digest.flags = 0;
5187c478bdstevel@tonic-gate		}
5194c21f04izick		/* FALLTHRU */
5207c478bdstevel@tonic-gate
5217c478bdstevel@tonic-gate	case CKM_RSA_PKCS:
5227c478bdstevel@tonic-gate	case CKM_RSA_X_509:
5234c21f04izick	{
5244c21f04izick		soft_rsa_ctx_t *rsa_ctx =
5254c21f04izick		    (soft_rsa_ctx_t *)active_op->context;
5264c21f04izick
5274c21f04izick		if (rsa_ctx != NULL && rsa_ctx->key != NULL) {
5284c21f04izick			soft_cleanup_object(rsa_ctx->key);
5294c21f04izick			free(rsa_ctx->key);
5304c21f04izick		}
5314c21f04izick		break;
5324c21f04izick
5334c21f04izick	}
5344c21f04izick	case CKM_DSA_SHA1:
5354c21f04izick		if (session_p->digest.context != NULL) {
5364c21f04izick			free(session_p->digest.context);
5374c21f04izick			session_p->digest.context = NULL;
5384c21f04izick			session_p->digest.flags = 0;
5394c21f04izick		}
5404c21f04izick
5414c21f04izick		/* FALLTHRU */
5427c478bdstevel@tonic-gate	case CKM_DSA:
5434c21f04izick	{
5444c21f04izick		soft_dsa_ctx_t *dsa_ctx =
5454c21f04izick		    (soft_dsa_ctx_t *)active_op->context;
5464c21f04izick
5474c21f04izick		if (dsa_ctx != NULL && dsa_ctx->key != NULL) {
5484c21f04izick			soft_cleanup_object(dsa_ctx->key);
5494c21f04izick			free(dsa_ctx->key);
5504c21f04izick		}
5517c478bdstevel@tonic-gate		break;
5527c478bdstevel@tonic-gate
5534c21f04izick	}
5547c478bdstevel@tonic-gate	case CKM_SSL3_MD5_MAC:
5557c478bdstevel@tonic-gate	case CKM_SSL3_SHA1_MAC:
5567c478bdstevel@tonic-gate	case CKM_MD5_HMAC_GENERAL:
5577c478bdstevel@tonic-gate	case CKM_MD5_HMAC:
5587c478bdstevel@tonic-gate	case CKM_SHA_1_HMAC_GENERAL:
5597c478bdstevel@tonic-gate	case CKM_SHA_1_HMAC:
560f66d273izick	case CKM_SHA256_HMAC_GENERAL:
561f66d273izick	case CKM_SHA256_HMAC:
562f66d273izick	case CKM_SHA384_HMAC_GENERAL:
563f66d273izick	case CKM_SHA384_HMAC:
564f66d273izick	case CKM_SHA512_HMAC_GENERAL:
565f66d273izick	case CKM_SHA512_HMAC:
566a8793c7Jason King		if (active_op->context != NULL) {
567a8793c7Jason King			explicit_bzero(active_op->context,
568a8793c7Jason King			    sizeof (soft_hmac_ctx_t));
569a8793c7Jason King		}
5707c478bdstevel@tonic-gate		break;
5717c478bdstevel@tonic-gate	case CKM_DES_MAC_GENERAL:
5727c478bdstevel@tonic-gate	case CKM_DES_MAC:
5737c478bdstevel@tonic-gate		if (session_p->encrypt.context != NULL) {
5747c478bdstevel@tonic-gate			free(session_p->encrypt.context);
5757c478bdstevel@tonic-gate			session_p->encrypt.context = NULL;
5767c478bdstevel@tonic-gate			session_p->encrypt.flags = 0;
5777c478bdstevel@tonic-gate		}
578a8793c7Jason King		if (active_op->context != NULL) {
579a8793c7Jason King			explicit_bzero(active_op->context,
580a8793c7Jason King			    sizeof (soft_des_ctx_t));
581a8793c7Jason King		}
5827c478bdstevel@tonic-gate		break;
5837c478bdstevel@tonic-gate
584cd964fcMatt Barden	case CKM_AES_CMAC_GENERAL:
585cd964fcMatt Barden	case CKM_AES_CMAC:
586cd964fcMatt Barden		if (session_p->encrypt.context != NULL) {
587fb26128Jason King			soft_aes_free_ctx(session_p->encrypt.context);
588cd964fcMatt Barden			session_p->encrypt.context = NULL;
589cd964fcMatt Barden			session_p->encrypt.flags = 0;
590cd964fcMatt Barden		}
591a8793c7Jason King		if (active_op->context != NULL) {
592a8793c7Jason King			explicit_bzero(active_op->context,
593fb26128Jason King			    sizeof (soft_aes_sign_ctx_t));
594a8793c7Jason King		}
595cd964fcMatt Barden		break;
596cd964fcMatt Barden
5977c478bdstevel@tonic-gate	}
5987c478bdstevel@tonic-gate
5997c478bdstevel@tonic-gate	if (active_op->context != NULL) {
6007c478bdstevel@tonic-gate		free(active_op->context);
6017c478bdstevel@tonic-gate		active_op->context = NULL;
6027c478bdstevel@tonic-gate	}
6037c478bdstevel@tonic-gate
6047c478bdstevel@tonic-gate	active_op->flags = 0;
6057c478bdstevel@tonic-gate
6067c478bdstevel@tonic-gate	if (!lock_held)
6077c478bdstevel@tonic-gate		SES_REFRELE(session_p, lock_true);
6087c478bdstevel@tonic-gate}
609