1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  *
25  * Copyright 2016 Jason King.
26  */
27 
28 #include <cryptoutil.h>
29 
30 /*
31  * Get the key type for the given mechanism
32  *
33  * All mechanisms in PKCS #11 v2.40 are listed here.
34  */
35 CK_RV
pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type,CK_KEY_TYPE * ktype)36 pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type, CK_KEY_TYPE *ktype)
37 {
38 
39 	CK_RV rv = CKR_OK;
40 
41 	switch (mech_type) {
42 
43 	case CKM_RSA_PKCS_KEY_PAIR_GEN:
44 	case CKM_RSA_PKCS:
45 	case CKM_RSA_9796:
46 	case CKM_RSA_X_509:
47 	case CKM_MD2_RSA_PKCS:
48 	case CKM_MD5_RSA_PKCS:
49 	case CKM_SHA1_RSA_PKCS:
50 	case CKM_SHA256_RSA_PKCS:
51 	case CKM_SHA384_RSA_PKCS:
52 	case CKM_SHA512_RSA_PKCS:
53 	case CKM_SHA256_RSA_PKCS_PSS:
54 	case CKM_SHA384_RSA_PKCS_PSS:
55 	case CKM_SHA512_RSA_PKCS_PSS:
56 	case CKM_SHA224_RSA_PKCS:
57 	case CKM_SHA224_RSA_PKCS_PSS:
58 	case CKM_RIPEMD128_RSA_PKCS:
59 	case CKM_RIPEMD160_RSA_PKCS:
60 	case CKM_RSA_PKCS_OAEP:
61 	case CKM_RSA_X9_31_KEY_PAIR_GEN:
62 	case CKM_RSA_X9_31:
63 	case CKM_SHA1_RSA_X9_31:
64 	case CKM_RSA_PKCS_PSS:
65 	case CKM_SHA1_RSA_PKCS_PSS:
66 	case CKM_RSA_PKCS_TPM_1_1:
67 	case CKM_RSA_PKCS_OAEP_TPM_1_1:
68 		*ktype = CKK_RSA;
69 		break;
70 
71 	case CKM_DSA_KEY_PAIR_GEN:
72 	case CKM_DSA:
73 	case CKM_DSA_SHA1:
74 	case CKM_DSA_PARAMETER_GEN:
75 	case CKM_FORTEZZA_TIMESTAMP:
76 	case CKM_DSA_SHA224:
77 	case CKM_DSA_SHA256:
78 	case CKM_DSA_SHA384:
79 	case CKM_DSA_SHA512:
80 		*ktype = CKK_DSA;
81 		break;
82 
83 	case CKM_DH_PKCS_PARAMETER_GEN:
84 	case CKM_DH_PKCS_KEY_PAIR_GEN:
85 	case CKM_DH_PKCS_DERIVE:
86 		*ktype = CKK_DH;
87 		break;
88 
89 	case CKM_ECDSA:
90 	case CKM_ECDSA_SHA1:
91 	case CKM_EC_KEY_PAIR_GEN:
92 	case CKM_ECDH1_DERIVE:
93 	case CKM_ECDH1_COFACTOR_DERIVE:
94 	case CKM_ECMQV_DERIVE:
95 		*ktype = CKK_EC;
96 		break;
97 
98 	case CKM_X9_42_DH_KEY_PAIR_GEN:
99 	case CKM_X9_42_DH_DERIVE:
100 	case CKM_X9_42_DH_HYBRID_DERIVE:
101 	case CKM_X9_42_MQV_DERIVE:
102 	case CKM_X9_42_DH_PARAMETER_GEN:
103 		*ktype = CKK_X9_42_DH;
104 		break;
105 
106 	case CKM_KEA_KEY_PAIR_GEN:
107 	case CKM_KEA_KEY_DERIVE:
108 		*ktype = CKK_KEA;
109 		break;
110 
111 	case CKM_MD2:
112 	case CKM_MD2_HMAC:
113 	case CKM_MD2_HMAC_GENERAL:
114 	case CKM_MD5:
115 	case CKM_MD5_HMAC:
116 	case CKM_MD5_HMAC_GENERAL:
117 	case CKM_SHA_1:
118 	case CKM_SHA_1_HMAC:
119 	case CKM_SHA_1_HMAC_GENERAL:
120 	case CKM_SHA256:
121 	case CKM_SHA256_HMAC:
122 	case CKM_SHA256_HMAC_GENERAL:
123 	case CKM_SHA224:
124 	case CKM_SHA224_HMAC:
125 	case CKM_SHA224_HMAC_GENERAL:
126 	case CKM_SHA384:
127 	case CKM_SHA384_HMAC:
128 	case CKM_SHA384_HMAC_GENERAL:
129 	case CKM_SHA512:
130 	case CKM_SHA512_HMAC:
131 	case CKM_SHA512_HMAC_GENERAL:
132 	case CKM_GENERIC_SECRET_KEY_GEN:
133 	case CKM_FASTHASH:
134 	case CKM_PKCS5_PBKD2:
135 	case CKM_PBA_SHA1_WITH_SHA1_HMAC:
136 	case CKM_SSL3_MD5_MAC:
137 	case CKM_SSL3_SHA1_MAC:
138 	case CKM_SSL3_PRE_MASTER_KEY_GEN:
139 	case CKM_SSL3_MASTER_KEY_DERIVE:
140 	case CKM_SSL3_KEY_AND_MAC_DERIVE:
141 	case CKM_SSL3_MASTER_KEY_DERIVE_DH:
142 	case CKM_TLS_PRE_MASTER_KEY_GEN:
143 	case CKM_TLS_MASTER_KEY_DERIVE:
144 	case CKM_TLS_KEY_AND_MAC_DERIVE:
145 	case CKM_TLS_MASTER_KEY_DERIVE_DH:
146 	case CKM_TLS_PRF:
147 	case CKM_WTLS_PRE_MASTER_KEY_GEN:
148 	case CKM_WTLS_MASTER_KEY_DERIVE:
149 	case CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC:
150 	case CKM_WTLS_PRF:
151 	case CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE:
152 	case CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE:
153 	case CKM_CONCATENATE_BASE_AND_KEY:
154 	case CKM_CONCATENATE_BASE_AND_DATA:
155 	case CKM_CONCATENATE_DATA_AND_BASE:
156 	case CKM_XOR_BASE_AND_DATA:
157 	case CKM_EXTRACT_KEY_FROM_KEY:
158 	case CKM_RIPEMD128:
159 	case CKM_RIPEMD128_HMAC:
160 	case CKM_RIPEMD128_HMAC_GENERAL:
161 	case CKM_RIPEMD160:
162 	case CKM_RIPEMD160_HMAC:
163 	case CKM_RIPEMD160_HMAC_GENERAL:
164 	case CKM_SHA1_KEY_DERIVATION:
165 	case CKM_SHA256_KEY_DERIVATION:
166 	case CKM_SHA384_KEY_DERIVATION:
167 	case CKM_SHA512_KEY_DERIVATION:
168 	case CKM_SHA224_KEY_DERIVATION:
169 	case CKM_MD5_KEY_DERIVATION:
170 	case CKM_MD2_KEY_DERIVATION:
171 	/* not sure the following 2 should be CKK_DES or not */
172 	case CKM_KEY_WRAP_LYNKS: /* wrap/unwrap secret key w/ DES key */
173 	case CKM_KEY_WRAP_SET_OAEP:  /* wrap/unwarp DES key w/ RSA key */
174 	case CKM_SHA512_224:
175 	case CKM_SHA512_224_HMAC:
176 	case CKM_SHA512_224_HMAC_GENERAL:
177 	case CKM_SHA512_224_KEY_DERIVATION:
178 	case CKM_SHA512_256:
179 	case CKM_SHA512_256_HMAC:
180 	case CKM_SHA512_256_HMAC_GENERAL:
181 	case CKM_SHA512_256_KEY_DERIVATION:
182 	case CKM_SHA512_T:
183 	case CKM_SHA512_T_HMAC:
184 	case CKM_SHA512_T_HMAC_GENERAL:
185 	case CKM_SHA512_T_KEY_DERIVATION:
186 	case CKM_TLS10_MAC_SERVER:
187 	case CKM_TLS10_MAC_CLIENT:
188 	case CKM_TLS12_MAC:
189 	case CKM_TLS12_MASTER_KEY_DERIVE:
190 	case CKM_TLS12_KEY_AND_MAC_DERIVE:
191 	case CKM_TLS12_MASTER_KEY_DERIVE_DH:
192 	case CKM_TLS12_KEY_SAFE_DERIVE:
193 	case CKM_TLS_MAC:
194 	case CKM_TLS_KDF:
195 		*ktype = CKK_GENERIC_SECRET;
196 		break;
197 
198 	case CKM_RC2_KEY_GEN:
199 	case CKM_RC2_ECB:
200 	case CKM_RC2_CBC:
201 	case CKM_RC2_MAC:
202 	case CKM_RC2_MAC_GENERAL:
203 	case CKM_RC2_CBC_PAD:
204 	case CKM_PBE_SHA1_RC2_128_CBC:
205 	case CKM_PBE_SHA1_RC2_40_CBC:
206 		*ktype = CKK_RC2;
207 		break;
208 
209 	case CKM_RC4_KEY_GEN:
210 	case CKM_RC4:
211 	case CKM_PBE_SHA1_RC4_128:
212 	case CKM_PBE_SHA1_RC4_40:
213 		*ktype = CKK_RC4;
214 		break;
215 
216 	case CKM_DES_KEY_GEN:
217 	case CKM_DES_ECB:
218 	case CKM_DES_CBC:
219 	case CKM_DES_MAC:
220 	case CKM_DES_MAC_GENERAL:
221 	case CKM_DES_CBC_PAD:
222 	case CKM_PBE_MD2_DES_CBC:
223 	case CKM_PBE_MD5_DES_CBC:
224 	case CKM_DES_OFB64:
225 	case CKM_DES_OFB8:
226 	case CKM_DES_CFB64:
227 	case CKM_DES_CFB8:
228 	case CKM_DES_ECB_ENCRYPT_DATA:
229 	case CKM_DES_CBC_ENCRYPT_DATA:
230 		*ktype = CKK_DES;
231 		break;
232 
233 	case CKM_DES2_KEY_GEN:
234 	case CKM_PBE_SHA1_DES2_EDE_CBC:
235 		*ktype = CKK_DES2;
236 		break;
237 
238 	case CKM_DES3_KEY_GEN:
239 	case CKM_DES3_ECB:
240 	case CKM_DES3_CBC:
241 	case CKM_DES3_MAC:
242 	case CKM_DES3_MAC_GENERAL:
243 	case CKM_DES3_CBC_PAD:
244 	case CKM_PBE_SHA1_DES3_EDE_CBC:
245 	case CKM_DES3_ECB_ENCRYPT_DATA:
246 	case CKM_DES3_CBC_ENCRYPT_DATA:
247 		*ktype = CKK_DES3;
248 		break;
249 
250 	case CKM_CAST_KEY_GEN:
251 	case CKM_CAST_ECB:
252 	case CKM_CAST_CBC:
253 	case CKM_CAST_MAC:
254 	case CKM_CAST_MAC_GENERAL:
255 	case CKM_CAST_CBC_PAD:
256 	case CKM_PBE_MD5_CAST_CBC:
257 		*ktype = CKK_CAST;
258 		break;
259 
260 	case CKM_CAST3_KEY_GEN:
261 	case CKM_CAST3_ECB:
262 	case CKM_CAST3_CBC:
263 	case CKM_CAST3_MAC:
264 	case CKM_CAST3_MAC_GENERAL:
265 	case CKM_CAST3_CBC_PAD:
266 	case CKM_PBE_MD5_CAST3_CBC:
267 		*ktype = CKK_CAST3;
268 		break;
269 
270 	case CKM_CAST128_KEY_GEN:
271 	case CKM_CAST128_ECB:
272 	case CKM_CAST128_CBC:
273 	case CKM_CAST128_MAC:
274 	case CKM_CAST128_MAC_GENERAL:
275 	case CKM_CAST128_CBC_PAD:
276 	case CKM_PBE_MD5_CAST128_CBC:
277 	case CKM_PBE_SHA1_CAST128_CBC:
278 		*ktype = CKK_CAST128;
279 		break;
280 
281 	case CKM_RC5_KEY_GEN:
282 	case CKM_RC5_ECB:
283 	case CKM_RC5_CBC:
284 	case CKM_RC5_MAC:
285 	case CKM_RC5_MAC_GENERAL:
286 	case CKM_RC5_CBC_PAD:
287 		*ktype = CKK_RC5;
288 		break;
289 
290 	case CKM_IDEA_KEY_GEN:
291 	case CKM_IDEA_ECB:
292 	case CKM_IDEA_CBC:
293 	case CKM_IDEA_MAC:
294 	case CKM_IDEA_MAC_GENERAL:
295 	case CKM_IDEA_CBC_PAD:
296 		*ktype = CKK_IDEA;
297 		break;
298 
299 	case CKM_SKIPJACK_KEY_GEN:
300 	case CKM_SKIPJACK_ECB64:
301 	case CKM_SKIPJACK_CBC64:
302 	case CKM_SKIPJACK_OFB64:
303 	case CKM_SKIPJACK_CFB64:
304 	case CKM_SKIPJACK_CFB32:
305 	case CKM_SKIPJACK_CFB16:
306 	case CKM_SKIPJACK_CFB8:
307 	case CKM_SKIPJACK_WRAP:
308 	case CKM_SKIPJACK_PRIVATE_WRAP:
309 	case CKM_SKIPJACK_RELAYX:
310 		*ktype = CKK_SKIPJACK;
311 		break;
312 
313 	case CKM_BATON_KEY_GEN:
314 	case CKM_BATON_ECB128:
315 	case CKM_BATON_ECB96:
316 	case CKM_BATON_CBC128:
317 	case CKM_BATON_COUNTER:
318 	case CKM_BATON_SHUFFLE:
319 	case CKM_BATON_WRAP:
320 		*ktype = CKK_BATON;
321 		break;
322 
323 	case CKM_JUNIPER_KEY_GEN:
324 	case CKM_JUNIPER_ECB128:
325 	case CKM_JUNIPER_CBC128:
326 	case CKM_JUNIPER_COUNTER:
327 	case CKM_JUNIPER_SHUFFLE:
328 	case CKM_JUNIPER_WRAP:
329 		*ktype = CKK_JUNIPER;
330 		break;
331 
332 	case CKM_CDMF_KEY_GEN:
333 	case CKM_CDMF_ECB:
334 	case CKM_CDMF_CBC:
335 	case CKM_CDMF_MAC:
336 	case CKM_CDMF_MAC_GENERAL:
337 	case CKM_CDMF_CBC_PAD:
338 		*ktype = CKK_CDMF;
339 		break;
340 
341 	case CKM_AES_KEY_GEN:
342 	case CKM_AES_ECB:
343 	case CKM_AES_CBC:
344 	case CKM_AES_MAC:
345 	case CKM_AES_MAC_GENERAL:
346 	case CKM_AES_CBC_PAD:
347 	case CKM_AES_CTR:
348 	case CKM_AES_GCM:
349 	case CKM_AES_CCM:
350 	case CKM_AES_CTS:
351 	case CKM_AES_CMAC:
352 	case CKM_AES_CMAC_GENERAL:
353 	case CKM_AES_XCBC_MAC:
354 	case CKM_AES_XCBC_MAC_96:
355 	case CKM_AES_GMAC:
356 	case CKM_AES_ECB_ENCRYPT_DATA:
357 	case CKM_AES_CBC_ENCRYPT_DATA:
358 	case CKM_AES_OFB:
359 	case CKM_AES_CFB8:
360 	case CKM_AES_CFB64:
361 	case CKM_AES_CFB128:
362 	case CKM_AES_CFB1:
363 	case CKM_AES_KEY_WRAP:
364 	case CKM_AES_KEY_WRAP_PAD:
365 		*ktype = CKK_AES;
366 		break;
367 
368 	case CKM_BLOWFISH_KEY_GEN:
369 	case CKM_BLOWFISH_CBC:
370 	case CKM_BLOWFISH_CBC_PAD:
371 		*ktype = CKK_BLOWFISH;
372 		break;
373 
374 	case CKM_TWOFISH_KEY_GEN:
375 	case CKM_TWOFISH_CBC:
376 	case CKM_TWOFISH_CBC_PAD:
377 		*ktype = CKK_TWOFISH;
378 		break;
379 
380 	case CKM_SECURID_KEY_GEN:
381 	case CKM_SECURID:
382 		*ktype = CKK_SECURID;
383 		break;
384 
385 	case CKM_HOTP_KEY_GEN:
386 	case CKM_HOTP:
387 		*ktype = CKK_HOTP;
388 		break;
389 
390 	case CKM_ACTI:
391 	case CKM_ACTI_KEY_GEN:
392 		*ktype = CKK_ACTI;
393 		break;
394 
395 	case CKM_CAMELLIA_KEY_GEN:
396 	case CKM_CAMELLIA_ECB:
397 	case CKM_CAMELLIA_CBC:
398 	case CKM_CAMELLIA_MAC:
399 	case CKM_CAMELLIA_MAC_GENERAL:
400 	case CKM_CAMELLIA_CBC_PAD:
401 	case CKM_CAMELLIA_ECB_ENCRYPT_DATA:
402 	case CKM_CAMELLIA_CBC_ENCRYPT_DATA:
403 	case CKM_CAMELLIA_CTR:
404 		*ktype = CKK_CAMELLIA;
405 		break;
406 
407 	case CKM_ARIA_KEY_GEN:
408 	case CKM_ARIA_ECB:
409 	case CKM_ARIA_CBC:
410 	case CKM_ARIA_MAC:
411 	case CKM_ARIA_MAC_GENERAL:
412 	case CKM_ARIA_CBC_PAD:
413 	case CKM_ARIA_ECB_ENCRYPT_DATA:
414 	case CKM_ARIA_CBC_ENCRYPT_DATA:
415 		*ktype = CKK_ARIA;
416 		break;
417 
418 	case CKM_GOSTR3410:
419 	case CKM_GOSTR3410_WITH_GOSTR3411:
420 	case CKM_GOSTR3410_KEY_WRAP:
421 	case CKM_GOSTR3410_DERIVE:
422 		*ktype = CKK_GOSTR3410;
423 		break;
424 
425 	case CKM_GOSTR3411:
426 	case CKM_GOSTR3411_HMAC:
427 		*ktype = CKK_GOSTR3411;
428 		break;
429 
430 	case CKM_GOST28147_KEY_GEN:
431 	case CKM_GOST28147_ECB:
432 	case CKM_GOST28147:
433 	case CKM_GOST28147_MAC:
434 	case CKM_GOST28147_KEY_WRAP:
435 		*ktype = CKK_GOST28147;
436 		break;
437 
438 	default:
439 		rv = CKR_MECHANISM_INVALID;
440 		break;
441 	}
442 
443 	return (rv);
444 }
445