1 /* 2 * This file and its contents are supplied under the terms of the 3 * Common Development and Distribution License ("CDDL"), version 1.0. 4 * You may only use this file in accordance with the terms of version 5 * 1.0 of the CDDL. 6 * 7 * A full copy of the text of the CDDL should have accompanied this 8 * source. A copy of the CDDL is also available via the Internet at 9 * http://www.illumos.org/license/CDDL. 10 */ 11 12 /* 13 * Copyright 2015 Nexenta Systems, Inc. All rights reserved. 14 */ 15 16 /* 17 * Helper functions for SMB1 signing using PKCS#11 18 * 19 * There are two implementations of these functions: 20 * This one (for user space) and another for kernel. 21 * See: uts/common/fs/smbsrv/smb_sign_kcf.c 22 */ 23 24 #include <stdlib.h> 25 #include <smbsrv/smb_kproto.h> 26 #include <smbsrv/smb_signing.h> 27 #include <security/cryptoki.h> 28 #include <security/pkcs11.h> 29 30 /* 31 * SMB1 signing helpers: 32 * (getmech, init, update, final) 33 */ 34 35 int 36 smb_md5_getmech(smb_sign_mech_t *mech) 37 { 38 mech->mechanism = CKM_MD5; 39 mech->pParameter = NULL; 40 mech->ulParameterLen = 0; 41 return (0); 42 } 43 44 /* 45 * Start PKCS#11 session. 46 */ 47 int 48 smb_md5_init(smb_sign_ctx_t *ctxp, smb_sign_mech_t *mech) 49 { 50 CK_RV rv; 51 52 rv = SUNW_C_GetMechSession(mech->mechanism, ctxp); 53 if (rv != CKR_OK) 54 return (-1); 55 56 rv = C_DigestInit(*ctxp, mech); 57 58 return (rv == CKR_OK ? 0 : -1); 59 } 60 61 /* 62 * Digest one segment 63 */ 64 int 65 smb_md5_update(smb_sign_ctx_t ctx, void *buf, size_t len) 66 { 67 CK_RV rv; 68 69 rv = C_DigestUpdate(ctx, buf, len); 70 if (rv != CKR_OK) 71 (void) C_CloseSession(ctx); 72 73 return (rv == CKR_OK ? 0 : -1); 74 } 75 76 /* 77 * Get the final digest. 78 */ 79 int 80 smb_md5_final(smb_sign_ctx_t ctx, uint8_t *digest16) 81 { 82 CK_ULONG len = MD5_DIGEST_LENGTH; 83 CK_RV rv; 84 85 rv = C_DigestFinal(ctx, digest16, &len); 86 (void) C_CloseSession(ctx); 87 88 return (rv == CKR_OK ? 0 : -1); 89 } 90