17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * CDDL HEADER START
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the
5f9fbec18Smcpowers * Common Development and Distribution License (the "License").
6f9fbec18Smcpowers * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate *
87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate * and limitations under the License.
127c478bd9Sstevel@tonic-gate *
137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate *
197c478bd9Sstevel@tonic-gate * CDDL HEADER END
207c478bd9Sstevel@tonic-gate */
217c478bd9Sstevel@tonic-gate /*
22f9fbec18Smcpowers * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
237c478bd9Sstevel@tonic-gate * Use is subject to license terms.
24cd964fceSMatt Barden * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
25*fb261280SJason King * Copyright 2018, Joyent, Inc.
267c478bd9Sstevel@tonic-gate */
277c478bd9Sstevel@tonic-gate
287c478bd9Sstevel@tonic-gate #include <stdlib.h>
297c478bd9Sstevel@tonic-gate #include <string.h>
307c478bd9Sstevel@tonic-gate #include <strings.h>
317c478bd9Sstevel@tonic-gate #include <sys/types.h>
327c478bd9Sstevel@tonic-gate #include <security/cryptoki.h>
337c478bd9Sstevel@tonic-gate #include "softObject.h"
347c478bd9Sstevel@tonic-gate #include "softOps.h"
357c478bd9Sstevel@tonic-gate #include "softSession.h"
367c478bd9Sstevel@tonic-gate #include "softMAC.h"
377c478bd9Sstevel@tonic-gate #include "softRSA.h"
387c478bd9Sstevel@tonic-gate #include "softDSA.h"
39f9fbec18Smcpowers #include "softEC.h"
407c478bd9Sstevel@tonic-gate #include "softCrypt.h"
417c478bd9Sstevel@tonic-gate
427c478bd9Sstevel@tonic-gate /*
437c478bd9Sstevel@tonic-gate * soft_verify_init()
447c478bd9Sstevel@tonic-gate *
457c478bd9Sstevel@tonic-gate * Arguments:
467c478bd9Sstevel@tonic-gate * session_p: pointer to soft_session_t struct
477c478bd9Sstevel@tonic-gate * pMechanism: pointer to CK_MECHANISM struct provided by application
487c478bd9Sstevel@tonic-gate * key_p: pointer to key soft_object_t struct
497c478bd9Sstevel@tonic-gate *
507c478bd9Sstevel@tonic-gate * Description:
517c478bd9Sstevel@tonic-gate * called by C_VerifyInit(). This function calls the corresponding
527c478bd9Sstevel@tonic-gate * verify init routine based on the mechanism.
537c478bd9Sstevel@tonic-gate *
547c478bd9Sstevel@tonic-gate */
557c478bd9Sstevel@tonic-gate CK_RV
soft_verify_init(soft_session_t * session_p,CK_MECHANISM_PTR pMechanism,soft_object_t * key_p)567c478bd9Sstevel@tonic-gate soft_verify_init(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism,
577c478bd9Sstevel@tonic-gate soft_object_t *key_p)
587c478bd9Sstevel@tonic-gate {
597c478bd9Sstevel@tonic-gate
607c478bd9Sstevel@tonic-gate switch (pMechanism->mechanism) {
617c478bd9Sstevel@tonic-gate
627c478bd9Sstevel@tonic-gate case CKM_SSL3_MD5_MAC:
637c478bd9Sstevel@tonic-gate case CKM_SSL3_SHA1_MAC:
647c478bd9Sstevel@tonic-gate case CKM_MD5_HMAC_GENERAL:
657c478bd9Sstevel@tonic-gate case CKM_MD5_HMAC:
667c478bd9Sstevel@tonic-gate case CKM_SHA_1_HMAC_GENERAL:
677c478bd9Sstevel@tonic-gate case CKM_SHA_1_HMAC:
68f66d273dSizick case CKM_SHA256_HMAC_GENERAL:
69f66d273dSizick case CKM_SHA256_HMAC:
70f66d273dSizick case CKM_SHA384_HMAC_GENERAL:
71f66d273dSizick case CKM_SHA384_HMAC:
72f66d273dSizick case CKM_SHA512_HMAC_GENERAL:
73f66d273dSizick case CKM_SHA512_HMAC:
747c478bd9Sstevel@tonic-gate
757c478bd9Sstevel@tonic-gate return (soft_hmac_sign_verify_init_common(session_p,
767c478bd9Sstevel@tonic-gate pMechanism, key_p, B_FALSE));
777c478bd9Sstevel@tonic-gate
787c478bd9Sstevel@tonic-gate case CKM_RSA_X_509:
797c478bd9Sstevel@tonic-gate case CKM_RSA_PKCS:
807c478bd9Sstevel@tonic-gate case CKM_MD5_RSA_PKCS:
817c478bd9Sstevel@tonic-gate case CKM_SHA1_RSA_PKCS:
82f66d273dSizick case CKM_SHA256_RSA_PKCS:
83f66d273dSizick case CKM_SHA384_RSA_PKCS:
84f66d273dSizick case CKM_SHA512_RSA_PKCS:
857c478bd9Sstevel@tonic-gate
867c478bd9Sstevel@tonic-gate return (soft_rsa_sign_verify_init_common(session_p, pMechanism,
877c478bd9Sstevel@tonic-gate key_p, B_FALSE));
887c478bd9Sstevel@tonic-gate
897c478bd9Sstevel@tonic-gate case CKM_DSA:
907c478bd9Sstevel@tonic-gate case CKM_DSA_SHA1:
917c478bd9Sstevel@tonic-gate
927c478bd9Sstevel@tonic-gate return (soft_dsa_sign_verify_init_common(session_p, pMechanism,
937c478bd9Sstevel@tonic-gate key_p, B_FALSE));
947c478bd9Sstevel@tonic-gate
95f9fbec18Smcpowers case CKM_ECDSA:
96f9fbec18Smcpowers case CKM_ECDSA_SHA1:
97f9fbec18Smcpowers
98f9fbec18Smcpowers return (soft_ecc_sign_verify_init_common(session_p, pMechanism,
99f9fbec18Smcpowers key_p, B_FALSE));
100f9fbec18Smcpowers
1017c478bd9Sstevel@tonic-gate case CKM_DES_MAC_GENERAL:
1027c478bd9Sstevel@tonic-gate case CKM_DES_MAC:
1037c478bd9Sstevel@tonic-gate
1047c478bd9Sstevel@tonic-gate return (soft_des_sign_verify_init_common(session_p, pMechanism,
1057c478bd9Sstevel@tonic-gate key_p, B_FALSE));
1067c478bd9Sstevel@tonic-gate
107cd964fceSMatt Barden case CKM_AES_CMAC_GENERAL:
108cd964fceSMatt Barden case CKM_AES_CMAC:
109cd964fceSMatt Barden
110cd964fceSMatt Barden return (soft_aes_sign_verify_init_common(session_p, pMechanism,
111cd964fceSMatt Barden key_p, B_FALSE));
112cd964fceSMatt Barden
1137c478bd9Sstevel@tonic-gate default:
1147c478bd9Sstevel@tonic-gate return (CKR_MECHANISM_INVALID);
1157c478bd9Sstevel@tonic-gate }
1167c478bd9Sstevel@tonic-gate
1177c478bd9Sstevel@tonic-gate }
1187c478bd9Sstevel@tonic-gate
1197c478bd9Sstevel@tonic-gate
1207c478bd9Sstevel@tonic-gate /*
1217c478bd9Sstevel@tonic-gate * soft_verify()
1227c478bd9Sstevel@tonic-gate *
1237c478bd9Sstevel@tonic-gate * Arguments:
1247c478bd9Sstevel@tonic-gate * session_p: pointer to soft_session_t struct
1257c478bd9Sstevel@tonic-gate * pData: pointer to the input data
1267c478bd9Sstevel@tonic-gate * ulDataLen: length of the input data
1277c478bd9Sstevel@tonic-gate * pSignature: pointer to the signature
1287c478bd9Sstevel@tonic-gate * ulSignatureLen: length of the signature
1297c478bd9Sstevel@tonic-gate *
1307c478bd9Sstevel@tonic-gate * Description:
1317c478bd9Sstevel@tonic-gate * called by C_Verify(). This function calls the corresponding
1327c478bd9Sstevel@tonic-gate * verify routine based on the mechanism.
1337c478bd9Sstevel@tonic-gate *
1347c478bd9Sstevel@tonic-gate */
1357c478bd9Sstevel@tonic-gate CK_RV
soft_verify(soft_session_t * session_p,CK_BYTE_PTR pData,CK_ULONG ulDataLen,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)1367c478bd9Sstevel@tonic-gate soft_verify(soft_session_t *session_p, CK_BYTE_PTR pData,
1377c478bd9Sstevel@tonic-gate CK_ULONG ulDataLen, CK_BYTE_PTR pSignature,
1387c478bd9Sstevel@tonic-gate CK_ULONG ulSignatureLen)
1397c478bd9Sstevel@tonic-gate {
1407c478bd9Sstevel@tonic-gate
1417c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE mechanism = session_p->verify.mech.mechanism;
1427c478bd9Sstevel@tonic-gate CK_RV rv = CKR_OK;
1437c478bd9Sstevel@tonic-gate
1447c478bd9Sstevel@tonic-gate switch (mechanism) {
1457c478bd9Sstevel@tonic-gate
1467c478bd9Sstevel@tonic-gate case CKM_SSL3_MD5_MAC:
1477c478bd9Sstevel@tonic-gate case CKM_SSL3_SHA1_MAC:
1487c478bd9Sstevel@tonic-gate case CKM_MD5_HMAC_GENERAL:
1497c478bd9Sstevel@tonic-gate case CKM_MD5_HMAC:
1507c478bd9Sstevel@tonic-gate case CKM_SHA_1_HMAC_GENERAL:
1517c478bd9Sstevel@tonic-gate case CKM_SHA_1_HMAC:
152f66d273dSizick case CKM_SHA256_HMAC_GENERAL:
153f66d273dSizick case CKM_SHA256_HMAC:
154f66d273dSizick case CKM_SHA384_HMAC_GENERAL:
155f66d273dSizick case CKM_SHA384_HMAC:
156f66d273dSizick case CKM_SHA512_HMAC_GENERAL:
157f66d273dSizick case CKM_SHA512_HMAC:
1587c478bd9Sstevel@tonic-gate {
1597c478bd9Sstevel@tonic-gate CK_ULONG len;
160f66d273dSizick CK_BYTE hmac[SHA512_DIGEST_LENGTH]; /* use the maximum size */
1617c478bd9Sstevel@tonic-gate soft_hmac_ctx_t *hmac_ctx;
1627c478bd9Sstevel@tonic-gate
1637c478bd9Sstevel@tonic-gate hmac_ctx = (soft_hmac_ctx_t *)session_p->verify.context;
1647c478bd9Sstevel@tonic-gate len = hmac_ctx->hmac_len;
1657c478bd9Sstevel@tonic-gate
1667c478bd9Sstevel@tonic-gate rv = soft_hmac_sign_verify_common(session_p, pData,
1677c478bd9Sstevel@tonic-gate ulDataLen, hmac, &len, B_FALSE);
1687c478bd9Sstevel@tonic-gate
1697c478bd9Sstevel@tonic-gate if (rv == CKR_OK) {
1707c478bd9Sstevel@tonic-gate if (len != ulSignatureLen) {
1717c478bd9Sstevel@tonic-gate rv = CKR_SIGNATURE_LEN_RANGE;
1727c478bd9Sstevel@tonic-gate }
1737c478bd9Sstevel@tonic-gate
1747c478bd9Sstevel@tonic-gate if (memcmp(hmac, pSignature, len) != 0) {
1757c478bd9Sstevel@tonic-gate rv = CKR_SIGNATURE_INVALID;
1767c478bd9Sstevel@tonic-gate }
1777c478bd9Sstevel@tonic-gate }
1787c478bd9Sstevel@tonic-gate
1797c478bd9Sstevel@tonic-gate return (rv);
1807c478bd9Sstevel@tonic-gate }
1817c478bd9Sstevel@tonic-gate case CKM_DES_MAC_GENERAL:
1827c478bd9Sstevel@tonic-gate case CKM_DES_MAC:
1837c478bd9Sstevel@tonic-gate {
1847c478bd9Sstevel@tonic-gate CK_ULONG len;
1857c478bd9Sstevel@tonic-gate CK_BYTE signature[DES_BLOCK_LEN]; /* use the maximum size */
1867c478bd9Sstevel@tonic-gate soft_des_ctx_t *des_ctx;
1877c478bd9Sstevel@tonic-gate
1887c478bd9Sstevel@tonic-gate des_ctx = (soft_des_ctx_t *)session_p->verify.context;
1897c478bd9Sstevel@tonic-gate len = des_ctx->mac_len;
1907c478bd9Sstevel@tonic-gate
1917c478bd9Sstevel@tonic-gate /* Pass local buffer to avoid overflow. */
1927c478bd9Sstevel@tonic-gate rv = soft_des_sign_verify_common(session_p, pData,
1937c478bd9Sstevel@tonic-gate ulDataLen, signature, &len, B_FALSE, B_FALSE);
1947c478bd9Sstevel@tonic-gate
1957c478bd9Sstevel@tonic-gate if (rv == CKR_OK) {
1967c478bd9Sstevel@tonic-gate if (len != ulSignatureLen) {
1977c478bd9Sstevel@tonic-gate rv = CKR_SIGNATURE_LEN_RANGE;
1987c478bd9Sstevel@tonic-gate }
1997c478bd9Sstevel@tonic-gate
2007c478bd9Sstevel@tonic-gate if (memcmp(signature, pSignature, len) != 0) {
2017c478bd9Sstevel@tonic-gate rv = CKR_SIGNATURE_INVALID;
2027c478bd9Sstevel@tonic-gate }
2037c478bd9Sstevel@tonic-gate }
2047c478bd9Sstevel@tonic-gate
2057c478bd9Sstevel@tonic-gate return (rv);
2067c478bd9Sstevel@tonic-gate }
207cd964fceSMatt Barden case CKM_AES_CMAC_GENERAL:
208cd964fceSMatt Barden case CKM_AES_CMAC:
209cd964fceSMatt Barden {
210cd964fceSMatt Barden CK_ULONG len;
211cd964fceSMatt Barden CK_BYTE signature[AES_BLOCK_LEN];
212*fb261280SJason King aes_ctx_t *aes_ctx;
213cd964fceSMatt Barden
214*fb261280SJason King aes_ctx = (aes_ctx_t *)session_p->verify.context;
215*fb261280SJason King len = aes_ctx->ac_mac_len;
216cd964fceSMatt Barden
217cd964fceSMatt Barden /* Pass local buffer to avoid overflow. */
218cd964fceSMatt Barden rv = soft_aes_sign_verify_common(session_p, pData,
219cd964fceSMatt Barden ulDataLen, signature, &len, B_FALSE, B_FALSE);
220cd964fceSMatt Barden
221cd964fceSMatt Barden if (rv == CKR_OK) {
222cd964fceSMatt Barden if (len != ulSignatureLen) {
223cd964fceSMatt Barden rv = CKR_SIGNATURE_LEN_RANGE;
224cd964fceSMatt Barden }
225cd964fceSMatt Barden
226cd964fceSMatt Barden if (memcmp(signature, pSignature, len) != 0) {
227cd964fceSMatt Barden rv = CKR_SIGNATURE_INVALID;
228cd964fceSMatt Barden }
229cd964fceSMatt Barden }
230cd964fceSMatt Barden
231cd964fceSMatt Barden return (rv);
232cd964fceSMatt Barden }
2337c478bd9Sstevel@tonic-gate case CKM_RSA_X_509:
2347c478bd9Sstevel@tonic-gate case CKM_RSA_PKCS:
2357c478bd9Sstevel@tonic-gate
2367c478bd9Sstevel@tonic-gate return (soft_rsa_verify_common(session_p, pData, ulDataLen,
2377c478bd9Sstevel@tonic-gate pSignature, ulSignatureLen, mechanism));
2387c478bd9Sstevel@tonic-gate
2397c478bd9Sstevel@tonic-gate case CKM_MD5_RSA_PKCS:
2407c478bd9Sstevel@tonic-gate case CKM_SHA1_RSA_PKCS:
241f66d273dSizick case CKM_SHA256_RSA_PKCS:
242f66d273dSizick case CKM_SHA384_RSA_PKCS:
243f66d273dSizick case CKM_SHA512_RSA_PKCS:
2447c478bd9Sstevel@tonic-gate
2457c478bd9Sstevel@tonic-gate return (soft_rsa_digest_verify_common(session_p, pData,
2467c478bd9Sstevel@tonic-gate ulDataLen, pSignature, ulSignatureLen, mechanism, B_FALSE));
2477c478bd9Sstevel@tonic-gate
2487c478bd9Sstevel@tonic-gate case CKM_DSA:
2497c478bd9Sstevel@tonic-gate
2507c478bd9Sstevel@tonic-gate return (soft_dsa_verify(session_p, pData, ulDataLen,
2517c478bd9Sstevel@tonic-gate pSignature, ulSignatureLen));
2527c478bd9Sstevel@tonic-gate
2537c478bd9Sstevel@tonic-gate case CKM_DSA_SHA1:
2547c478bd9Sstevel@tonic-gate
2557c478bd9Sstevel@tonic-gate return (soft_dsa_digest_verify_common(session_p, pData,
2567c478bd9Sstevel@tonic-gate ulDataLen, pSignature, ulSignatureLen, B_FALSE));
2577c478bd9Sstevel@tonic-gate
258f9fbec18Smcpowers case CKM_ECDSA:
259f9fbec18Smcpowers
260f9fbec18Smcpowers return (soft_ecc_verify(session_p, pData, ulDataLen,
261f9fbec18Smcpowers pSignature, ulSignatureLen));
262f9fbec18Smcpowers
263f9fbec18Smcpowers case CKM_ECDSA_SHA1:
264f9fbec18Smcpowers
265f9fbec18Smcpowers return (soft_ecc_digest_verify_common(session_p, pData,
266f9fbec18Smcpowers ulDataLen, pSignature, ulSignatureLen, B_FALSE));
267f9fbec18Smcpowers
2687c478bd9Sstevel@tonic-gate default:
2697c478bd9Sstevel@tonic-gate return (CKR_MECHANISM_INVALID);
2707c478bd9Sstevel@tonic-gate }
2717c478bd9Sstevel@tonic-gate }
2727c478bd9Sstevel@tonic-gate
2737c478bd9Sstevel@tonic-gate
2747c478bd9Sstevel@tonic-gate /*
2757c478bd9Sstevel@tonic-gate * soft_verify_update()
2767c478bd9Sstevel@tonic-gate *
2777c478bd9Sstevel@tonic-gate * Arguments:
2787c478bd9Sstevel@tonic-gate * session_p: pointer to soft_session_t struct
2797c478bd9Sstevel@tonic-gate * pPart: pointer to the input data
2807c478bd9Sstevel@tonic-gate * ulPartLen: length of the input data
2817c478bd9Sstevel@tonic-gate *
2827c478bd9Sstevel@tonic-gate * Description:
2837c478bd9Sstevel@tonic-gate * called by C_VerifyUpdate(). This function calls the corresponding
2847c478bd9Sstevel@tonic-gate * verify update routine based on the mechanism.
2857c478bd9Sstevel@tonic-gate *
2867c478bd9Sstevel@tonic-gate */
2877c478bd9Sstevel@tonic-gate CK_RV
soft_verify_update(soft_session_t * session_p,CK_BYTE_PTR pPart,CK_ULONG ulPartLen)2887c478bd9Sstevel@tonic-gate soft_verify_update(soft_session_t *session_p, CK_BYTE_PTR pPart,
2897c478bd9Sstevel@tonic-gate CK_ULONG ulPartLen)
2907c478bd9Sstevel@tonic-gate {
2917c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE mechanism = session_p->verify.mech.mechanism;
2927c478bd9Sstevel@tonic-gate
2937c478bd9Sstevel@tonic-gate switch (mechanism) {
2947c478bd9Sstevel@tonic-gate
2957c478bd9Sstevel@tonic-gate case CKM_SSL3_MD5_MAC:
2967c478bd9Sstevel@tonic-gate case CKM_SSL3_SHA1_MAC:
2977c478bd9Sstevel@tonic-gate case CKM_MD5_HMAC_GENERAL:
2987c478bd9Sstevel@tonic-gate case CKM_MD5_HMAC:
2997c478bd9Sstevel@tonic-gate case CKM_SHA_1_HMAC_GENERAL:
3007c478bd9Sstevel@tonic-gate case CKM_SHA_1_HMAC:
301f66d273dSizick case CKM_SHA256_HMAC_GENERAL:
302f66d273dSizick case CKM_SHA256_HMAC:
303f66d273dSizick case CKM_SHA384_HMAC_GENERAL:
304f66d273dSizick case CKM_SHA384_HMAC:
305f66d273dSizick case CKM_SHA512_HMAC_GENERAL:
306f66d273dSizick case CKM_SHA512_HMAC:
3077c478bd9Sstevel@tonic-gate
3087c478bd9Sstevel@tonic-gate return (soft_hmac_sign_verify_update(session_p, pPart,
3097c478bd9Sstevel@tonic-gate ulPartLen, B_FALSE));
3107c478bd9Sstevel@tonic-gate
3117c478bd9Sstevel@tonic-gate case CKM_DES_MAC_GENERAL:
3127c478bd9Sstevel@tonic-gate case CKM_DES_MAC:
3137c478bd9Sstevel@tonic-gate
3147c478bd9Sstevel@tonic-gate return (soft_des_mac_sign_verify_update(session_p, pPart,
315f9fbec18Smcpowers ulPartLen));
3167c478bd9Sstevel@tonic-gate
317cd964fceSMatt Barden case CKM_AES_CMAC_GENERAL:
318cd964fceSMatt Barden case CKM_AES_CMAC:
319cd964fceSMatt Barden
320cd964fceSMatt Barden return (soft_aes_mac_sign_verify_update(session_p, pPart,
321cd964fceSMatt Barden ulPartLen));
322cd964fceSMatt Barden
3237c478bd9Sstevel@tonic-gate case CKM_MD5_RSA_PKCS:
3247c478bd9Sstevel@tonic-gate case CKM_SHA1_RSA_PKCS:
325f66d273dSizick case CKM_SHA256_RSA_PKCS:
326f66d273dSizick case CKM_SHA384_RSA_PKCS:
327f66d273dSizick case CKM_SHA512_RSA_PKCS:
3287c478bd9Sstevel@tonic-gate /*
3297c478bd9Sstevel@tonic-gate * The MD5/SHA1 digest value is accumulated in the context
3307c478bd9Sstevel@tonic-gate * of the multiple-part digesting operation. In the final
3317c478bd9Sstevel@tonic-gate * operation, the digest is encoded and then perform RSA
3327c478bd9Sstevel@tonic-gate * verification.
3337c478bd9Sstevel@tonic-gate */
3347c478bd9Sstevel@tonic-gate case CKM_DSA_SHA1:
335f9fbec18Smcpowers case CKM_ECDSA_SHA1:
3367c478bd9Sstevel@tonic-gate
3377c478bd9Sstevel@tonic-gate return (soft_digest_update(session_p, pPart, ulPartLen));
3387c478bd9Sstevel@tonic-gate
3397c478bd9Sstevel@tonic-gate default:
3407c478bd9Sstevel@tonic-gate /* PKCS11: The mechanism only supports single-part operation. */
3417c478bd9Sstevel@tonic-gate return (CKR_MECHANISM_INVALID);
3427c478bd9Sstevel@tonic-gate }
3437c478bd9Sstevel@tonic-gate }
3447c478bd9Sstevel@tonic-gate
3457c478bd9Sstevel@tonic-gate
3467c478bd9Sstevel@tonic-gate /*
3477c478bd9Sstevel@tonic-gate * soft_verify_final()
3487c478bd9Sstevel@tonic-gate *
3497c478bd9Sstevel@tonic-gate * Arguments:
3507c478bd9Sstevel@tonic-gate * session_p: pointer to soft_session_t struct
3517c478bd9Sstevel@tonic-gate * pSignature: pointer to the signature
3527c478bd9Sstevel@tonic-gate * ulSignatureLen: length of the signature
3537c478bd9Sstevel@tonic-gate *
3547c478bd9Sstevel@tonic-gate * Description:
3557c478bd9Sstevel@tonic-gate * called by C_VerifyFinal(). This function calls the corresponding
3567c478bd9Sstevel@tonic-gate * verify final routine based on the mechanism.
3577c478bd9Sstevel@tonic-gate *
3587c478bd9Sstevel@tonic-gate */
3597c478bd9Sstevel@tonic-gate CK_RV
soft_verify_final(soft_session_t * session_p,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen)3607c478bd9Sstevel@tonic-gate soft_verify_final(soft_session_t *session_p, CK_BYTE_PTR pSignature,
3617c478bd9Sstevel@tonic-gate CK_ULONG ulSignatureLen)
3627c478bd9Sstevel@tonic-gate {
3637c478bd9Sstevel@tonic-gate
3647c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE mechanism = session_p->verify.mech.mechanism;
3657c478bd9Sstevel@tonic-gate CK_RV rv = CKR_OK;
3667c478bd9Sstevel@tonic-gate
3677c478bd9Sstevel@tonic-gate switch (mechanism) {
3687c478bd9Sstevel@tonic-gate
3697c478bd9Sstevel@tonic-gate case CKM_SSL3_MD5_MAC:
3707c478bd9Sstevel@tonic-gate case CKM_SSL3_SHA1_MAC:
3717c478bd9Sstevel@tonic-gate case CKM_MD5_HMAC_GENERAL:
3727c478bd9Sstevel@tonic-gate case CKM_MD5_HMAC:
3737c478bd9Sstevel@tonic-gate case CKM_SHA_1_HMAC_GENERAL:
3747c478bd9Sstevel@tonic-gate case CKM_SHA_1_HMAC:
375f66d273dSizick case CKM_SHA256_HMAC_GENERAL:
376f66d273dSizick case CKM_SHA256_HMAC:
377f66d273dSizick case CKM_SHA384_HMAC_GENERAL:
378f66d273dSizick case CKM_SHA384_HMAC:
379f66d273dSizick case CKM_SHA512_HMAC_GENERAL:
380f66d273dSizick case CKM_SHA512_HMAC:
3817c478bd9Sstevel@tonic-gate {
3827c478bd9Sstevel@tonic-gate CK_ULONG len;
383f66d273dSizick CK_BYTE hmac[SHA512_DIGEST_LENGTH];
3847c478bd9Sstevel@tonic-gate soft_hmac_ctx_t *hmac_ctx;
3857c478bd9Sstevel@tonic-gate
3867c478bd9Sstevel@tonic-gate hmac_ctx = (soft_hmac_ctx_t *)session_p->verify.context;
3877c478bd9Sstevel@tonic-gate len = hmac_ctx->hmac_len;
3887c478bd9Sstevel@tonic-gate
3897c478bd9Sstevel@tonic-gate rv = soft_hmac_sign_verify_common(session_p, NULL, 0,
3907c478bd9Sstevel@tonic-gate hmac, &len, B_FALSE);
3917c478bd9Sstevel@tonic-gate
3927c478bd9Sstevel@tonic-gate if (rv == CKR_OK) {
3937c478bd9Sstevel@tonic-gate if (len != ulSignatureLen) {
3947c478bd9Sstevel@tonic-gate rv = CKR_SIGNATURE_LEN_RANGE;
3957c478bd9Sstevel@tonic-gate }
3967c478bd9Sstevel@tonic-gate
3977c478bd9Sstevel@tonic-gate if (memcmp(hmac, pSignature, len) != 0) {
3987c478bd9Sstevel@tonic-gate rv = CKR_SIGNATURE_INVALID;
3997c478bd9Sstevel@tonic-gate }
4007c478bd9Sstevel@tonic-gate }
4017c478bd9Sstevel@tonic-gate
4027c478bd9Sstevel@tonic-gate return (rv);
4037c478bd9Sstevel@tonic-gate }
4047c478bd9Sstevel@tonic-gate case CKM_DES_MAC_GENERAL:
4057c478bd9Sstevel@tonic-gate case CKM_DES_MAC:
4067c478bd9Sstevel@tonic-gate {
4077c478bd9Sstevel@tonic-gate CK_ULONG len;
4087c478bd9Sstevel@tonic-gate CK_BYTE signature[DES_BLOCK_LEN]; /* use the maximum size */
4097c478bd9Sstevel@tonic-gate soft_des_ctx_t *des_ctx;
4107c478bd9Sstevel@tonic-gate
4117c478bd9Sstevel@tonic-gate des_ctx = (soft_des_ctx_t *)session_p->verify.context;
4127c478bd9Sstevel@tonic-gate len = des_ctx->mac_len;
4137c478bd9Sstevel@tonic-gate
4147c478bd9Sstevel@tonic-gate /* Pass local buffer to avoid overflow. */
4157c478bd9Sstevel@tonic-gate rv = soft_des_sign_verify_common(session_p, NULL, 0,
416f9fbec18Smcpowers signature, &len, B_FALSE, B_TRUE);
4177c478bd9Sstevel@tonic-gate
4187c478bd9Sstevel@tonic-gate if (rv == CKR_OK) {
4197c478bd9Sstevel@tonic-gate if (len != ulSignatureLen) {
4207c478bd9Sstevel@tonic-gate rv = CKR_SIGNATURE_LEN_RANGE;
4217c478bd9Sstevel@tonic-gate }
4227c478bd9Sstevel@tonic-gate
4237c478bd9Sstevel@tonic-gate if (memcmp(signature, pSignature, len) != 0) {
4247c478bd9Sstevel@tonic-gate rv = CKR_SIGNATURE_INVALID;
4257c478bd9Sstevel@tonic-gate }
4267c478bd9Sstevel@tonic-gate }
4277c478bd9Sstevel@tonic-gate
4287c478bd9Sstevel@tonic-gate return (rv);
4297c478bd9Sstevel@tonic-gate }
430cd964fceSMatt Barden case CKM_AES_CMAC_GENERAL:
431cd964fceSMatt Barden case CKM_AES_CMAC:
432cd964fceSMatt Barden {
433cd964fceSMatt Barden CK_ULONG len;
434cd964fceSMatt Barden CK_BYTE signature[AES_BLOCK_LEN];
435*fb261280SJason King aes_ctx_t *aes_ctx;
436cd964fceSMatt Barden
437*fb261280SJason King aes_ctx = (aes_ctx_t *)session_p->verify.context;
438*fb261280SJason King len = aes_ctx->ac_mac_len;
439cd964fceSMatt Barden
440cd964fceSMatt Barden /* Pass local buffer to avoid overflow. */
441cd964fceSMatt Barden rv = soft_aes_sign_verify_common(session_p, NULL, 0,
442cd964fceSMatt Barden signature, &len, B_FALSE, B_TRUE);
443cd964fceSMatt Barden
444cd964fceSMatt Barden if (rv == CKR_OK) {
445cd964fceSMatt Barden if (len != ulSignatureLen) {
446cd964fceSMatt Barden rv = CKR_SIGNATURE_LEN_RANGE;
447cd964fceSMatt Barden }
448cd964fceSMatt Barden
449cd964fceSMatt Barden if (memcmp(signature, pSignature, len) != 0) {
450cd964fceSMatt Barden rv = CKR_SIGNATURE_INVALID;
451cd964fceSMatt Barden }
452cd964fceSMatt Barden }
453cd964fceSMatt Barden
454cd964fceSMatt Barden return (rv);
455cd964fceSMatt Barden }
4567c478bd9Sstevel@tonic-gate case CKM_MD5_RSA_PKCS:
4577c478bd9Sstevel@tonic-gate case CKM_SHA1_RSA_PKCS:
458f66d273dSizick case CKM_SHA256_RSA_PKCS:
459f66d273dSizick case CKM_SHA384_RSA_PKCS:
460f66d273dSizick case CKM_SHA512_RSA_PKCS:
4617c478bd9Sstevel@tonic-gate
4627c478bd9Sstevel@tonic-gate return (soft_rsa_digest_verify_common(session_p, NULL, 0,
4637c478bd9Sstevel@tonic-gate pSignature, ulSignatureLen, mechanism, B_TRUE));
4647c478bd9Sstevel@tonic-gate
4657c478bd9Sstevel@tonic-gate case CKM_DSA_SHA1:
4667c478bd9Sstevel@tonic-gate
4677c478bd9Sstevel@tonic-gate return (soft_dsa_digest_verify_common(session_p, NULL, 0,
4687c478bd9Sstevel@tonic-gate pSignature, ulSignatureLen, B_TRUE));
4697c478bd9Sstevel@tonic-gate
470f9fbec18Smcpowers case CKM_ECDSA_SHA1:
471f9fbec18Smcpowers
472f9fbec18Smcpowers return (soft_ecc_digest_verify_common(session_p, NULL, 0,
473f9fbec18Smcpowers pSignature, ulSignatureLen, B_TRUE));
474f9fbec18Smcpowers
4757c478bd9Sstevel@tonic-gate default:
4767c478bd9Sstevel@tonic-gate /* PKCS11: The mechanism only supports single-part operation. */
4777c478bd9Sstevel@tonic-gate return (CKR_MECHANISM_INVALID);
4787c478bd9Sstevel@tonic-gate
4797c478bd9Sstevel@tonic-gate }
4807c478bd9Sstevel@tonic-gate }
4817c478bd9Sstevel@tonic-gate
4827c478bd9Sstevel@tonic-gate
4837c478bd9Sstevel@tonic-gate CK_RV
soft_verify_recover_init(soft_session_t * session_p,CK_MECHANISM_PTR pMechanism,soft_object_t * key_p)4847c478bd9Sstevel@tonic-gate soft_verify_recover_init(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism,
4857c478bd9Sstevel@tonic-gate soft_object_t *key_p)
4867c478bd9Sstevel@tonic-gate {
4877c478bd9Sstevel@tonic-gate
4887c478bd9Sstevel@tonic-gate switch (pMechanism->mechanism) {
4897c478bd9Sstevel@tonic-gate
4907c478bd9Sstevel@tonic-gate case CKM_RSA_X_509:
4917c478bd9Sstevel@tonic-gate case CKM_RSA_PKCS:
4927c478bd9Sstevel@tonic-gate
4937c478bd9Sstevel@tonic-gate return (soft_rsa_sign_verify_init_common(session_p, pMechanism,
4947c478bd9Sstevel@tonic-gate key_p, B_FALSE));
4957c478bd9Sstevel@tonic-gate
4967c478bd9Sstevel@tonic-gate default:
4977c478bd9Sstevel@tonic-gate return (CKR_MECHANISM_INVALID);
4987c478bd9Sstevel@tonic-gate }
4997c478bd9Sstevel@tonic-gate }
5007c478bd9Sstevel@tonic-gate
5017c478bd9Sstevel@tonic-gate
5027c478bd9Sstevel@tonic-gate CK_RV
soft_verify_recover(soft_session_t * session_p,CK_BYTE_PTR pSignature,CK_ULONG ulSignatureLen,CK_BYTE_PTR pData,CK_ULONG_PTR pulDataLen)5037c478bd9Sstevel@tonic-gate soft_verify_recover(soft_session_t *session_p, CK_BYTE_PTR pSignature,
5047c478bd9Sstevel@tonic-gate CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
5057c478bd9Sstevel@tonic-gate {
5067c478bd9Sstevel@tonic-gate
5077c478bd9Sstevel@tonic-gate CK_MECHANISM_TYPE mechanism = session_p->verify.mech.mechanism;
5087c478bd9Sstevel@tonic-gate
5097c478bd9Sstevel@tonic-gate switch (mechanism) {
5107c478bd9Sstevel@tonic-gate
5117c478bd9Sstevel@tonic-gate case CKM_RSA_X_509:
5127c478bd9Sstevel@tonic-gate case CKM_RSA_PKCS:
5137c478bd9Sstevel@tonic-gate
5147c478bd9Sstevel@tonic-gate return (soft_rsa_verify_recover(session_p, pSignature,
5157c478bd9Sstevel@tonic-gate ulSignatureLen, pData, pulDataLen));
5167c478bd9Sstevel@tonic-gate
5177c478bd9Sstevel@tonic-gate default:
5187c478bd9Sstevel@tonic-gate return (CKR_MECHANISM_INVALID);
5197c478bd9Sstevel@tonic-gate }
5207c478bd9Sstevel@tonic-gate }
521