Engine for the ICSF backend
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

3444 lines
89 KiB

  1. /* hw_pkcs11.c (replace hw_trustway.c) */
  2. /*
  3. * PKCS#11 engine for the OpenSSL project 2002
  4. * Developped by Bull Trustway R&D Networking & Security
  5. * Introduced and tested with Bull TrustWay CC2000 crypto hardware
  6. * Afchine.Madjlessi@bull.net Bull S.A. France
  7. * http://www.servers.bull.com/trustway
  8. *
  9. * ChangLog:
  10. * * 6/30/2010 Updates to compile stand-alone and against openssl 1.0
  11. * * 8/15/2005 Fixes suggested by opencryptoki-engines list
  12. * * 1/1/2004 Modified to support digests, ciphers and openCryptoki
  13. * http://www.sf.net/projects/opencryptoki
  14. * - Serge Hallyn <serue@us.ibm.com>
  15. * - Kent Yoder <yoder1@us.ibm.com>
  16. * - Peter Waltenberg <pwalten@au1.ibm.com>
  17. * (C) International Business Machines Corporation 2004, 2005, 2010
  18. */
  19. #include <assert.h>
  20. #include <stdlib.h>
  21. #include <string.h>
  22. #include <stdio.h>
  23. #include <pthread.h>
  24. #include <dlfcn.h>
  25. #include <sys/types.h>
  26. #include <unistd.h>
  27. #include <openssl/e_os2.h>
  28. #include <openssl/engine.h>
  29. #include <openssl/err.h>
  30. #include <openssl/bn.h>
  31. #include <openssl/pem.h>
  32. #include <openssl/rsa.h>
  33. #include <openssl/rand.h>
  34. #include <openssl/objects.h>
  35. #include <openssl/x509.h>
  36. #include <openssl/md5.h>
  37. #include <openssl/ripemd.h>
  38. #ifndef OPENSSL_NO_HW
  39. #ifndef OPENSSL_NO_HW_PKCS11
  40. #include "cryptoki.h"
  41. #include "e_pkcs11_err.h"
  42. #include "e_pkcs11.h"
  43. /* SHA224, CAMELLIA */
  44. #include "pkcs-11v2-20a3.h"
  45. #if OPENSSL_VERSION_NUMBER < 0x10100000L
  46. #define OLDER_OPENSSL
  47. #endif
  48. /* Constants used when creating the ENGINE */
  49. static const char *engine_pkcs11_id = "ibmpkcs11";
  50. static const char *engine_pkcs11_name = "PKCS#11 hardware engine support";
  51. static int bind_pkcs11(ENGINE *e);
  52. /* ENGINE level stuff */
  53. static int pkcs11_init(ENGINE *e);
  54. static int pkcs11_finish(ENGINE *e);
  55. static int pkcs11_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
  56. static int pkcs11_destroy(ENGINE *e);
  57. #ifndef OPENSSL_NO_RSA
  58. /* RSA stuff */
  59. static int pkcs11_RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
  60. RSA *rsa, int padding);
  61. static int pkcs11_RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
  62. RSA *rsa, int padding);
  63. static int pkcs11_RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
  64. RSA *rsa, int padding);
  65. static int pkcs11_RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
  66. RSA *rsa, int padding);
  67. static int pkcs11_RSA_init(RSA *rsa);
  68. static int pkcs11_RSA_finish(RSA *rsa);
  69. #ifdef OLDER_OPENSSL
  70. static int pkcs11_RSA_sign(int type, const unsigned char *m, unsigned int m_len,
  71. unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
  72. /* this API changed in OpenSSL version 1.0.0 */
  73. #if (OPENSSL_VERSION_NUMBER < 0x10000000L)
  74. static int pkcs11_RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
  75. unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
  76. #else
  77. static int pkcs11_RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
  78. const unsigned char *sigbuf, unsigned int siglen, const RSA *rsa);
  79. #endif
  80. #endif
  81. static int pkcs11_RSA_generate_key(RSA *rsa, int bits, BIGNUM *bn_e, BN_GENCB *cb);
  82. static EVP_PKEY *pkcs11_load_privkey(ENGINE*, const char* pubkey_file,
  83. UI_METHOD *ui_method, void *callback_data);
  84. static EVP_PKEY *pkcs11_load_pubkey(ENGINE*, const char* pubkey_file,
  85. UI_METHOD *ui_method, void *callback_data);
  86. CK_OBJECT_HANDLE pkcs11_FindOrCreateKey(CK_SESSION_HANDLE h, RSA* rsa, CK_OBJECT_CLASS oKey, CK_BBOOL fKeyCreate);
  87. /* exported functions (not member of ENGINE inteface) */
  88. RSA* pkcs11_RSA_generate_tmp_key(int bits,unsigned long e_value,void (*callback)(int,int,void *),void *cb_arg);
  89. #endif
  90. /* RAND stuff */
  91. static void pkcs11_rand_seed(const void *buf, int num);
  92. static void pkcs11_rand_add(const void *buf, int num, double add_entropy);
  93. static void pkcs11_rand_cleanup(void);
  94. static int pkcs11_rand_bytes(unsigned char *buf, int num);
  95. static int pkcs11_rand_status(void);
  96. /* cipher function prototypes */
  97. static inline int pkcs11_init_key(EVP_CIPHER_CTX * ctx, const unsigned char *key,
  98. const unsigned char *iv, int enc, int alg);
  99. static inline int pkcs11_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out,
  100. const unsigned char *in, size_t inlen);
  101. static int pkcs11_cipher_cleanup(EVP_CIPHER_CTX *ctx);
  102. static int pkcs11_des_init_key(EVP_CIPHER_CTX * ctx, const unsigned char *key,
  103. const unsigned char *iv, int enc);
  104. static int pkcs11_tdes_init_key(EVP_CIPHER_CTX * ctx, const unsigned char *key,
  105. const unsigned char *iv, int enc);
  106. static int pkcs11_aes_init_key(EVP_CIPHER_CTX * ctx, const unsigned char *key,
  107. const unsigned char *iv, int enc);
  108. /* End cipher function prototypes */
  109. /* Digest function prototypes */
  110. static inline int pkcs11_digest_init(EVP_MD_CTX *ctx, int alg);
  111. static int pkcs11_digest_update(EVP_MD_CTX *ctx, const void *in, size_t len);
  112. static int pkcs11_digest_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
  113. static int pkcs11_digest_finish(EVP_MD_CTX *ctx, unsigned char *md);
  114. static inline int pkcs11_digest_cleanup(EVP_MD_CTX *ctx);
  115. static inline int pkcs11_sha1_init(EVP_MD_CTX *ctx);
  116. static inline int pkcs11_sha224_init(EVP_MD_CTX *ctx);
  117. static inline int pkcs11_sha256_init(EVP_MD_CTX *ctx);
  118. static inline int pkcs11_sha384_init(EVP_MD_CTX *ctx);
  119. static inline int pkcs11_sha512_init(EVP_MD_CTX *ctx);
  120. static inline int pkcs11_md5_init(EVP_MD_CTX *ctx);
  121. static inline int pkcs11_ripemd_init(EVP_MD_CTX *ctx);
  122. /* End digest function prototypes */
  123. static int pre_init_pkcs11(ENGINE *e);
  124. static int pkcs11_engine_ciphers(ENGINE * e, const EVP_CIPHER ** cipher,
  125. const int **nids, int nid);
  126. static int pkcs11_engine_digests(ENGINE * e, const EVP_MD ** digest,
  127. const int **nids, int nid);
  128. /* The definitions for control commands specific to this engine */
  129. #define PKCS11_CMD_SO_PATH ENGINE_CMD_BASE
  130. #define PKCS11_CMD_SLOT_ID (ENGINE_CMD_BASE + 1)
  131. static const ENGINE_CMD_DEFN pkcs11_cmd_defns[] =
  132. {
  133. { PKCS11_CMD_SO_PATH,
  134. "SO_PATH",
  135. "Specifies the path to the 'pkcs#11' shared library",
  136. ENGINE_CMD_FLAG_STRING
  137. },
  138. { PKCS11_CMD_SLOT_ID,
  139. "SLOT_ID",
  140. "Specifies the slot containing the token to use",
  141. ENGINE_CMD_FLAG_NUMERIC
  142. },
  143. {0, NULL, NULL, 0}
  144. };
  145. #ifdef OPENSSL_NO_DYNAMIC_ENGINE
  146. static ENGINE *engine_pkcs11(void)
  147. {
  148. ENGINE *ret = ENGINE_new();
  149. if(!ret) {
  150. return NULL;
  151. }
  152. if(!bind_helper(ret)) {
  153. ENGINE_free(ret);
  154. return NULL;
  155. }
  156. return ret;
  157. }
  158. void ENGINE_load_pkcs11(void)
  159. {
  160. ENGINE *toadd = engine_pkcs11();
  161. if(!toadd) return;
  162. ENGINE_add(toadd);
  163. ENGINE_free(toadd);
  164. ERR_clear_error();
  165. }
  166. #else
  167. static int bind_helper(ENGINE *e, const char *id)
  168. {
  169. if((NULL != id) && (strcmp(id, engine_pkcs11_id) != 0))
  170. return 0;
  171. return(bind_pkcs11(e));
  172. }
  173. IMPLEMENT_DYNAMIC_CHECK_FN()
  174. IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
  175. #endif
  176. /*
  177. * Comments on approaches:
  178. * At the moment, ciphers and digests are treated differently.
  179. *
  180. * For ciphers, we use cipher_init to initialize the cryptoki
  181. * cipher action, and update to encrypt. There is no finalize
  182. * or cleanup.
  183. *
  184. * For digests, we use digest_init to initialize a context
  185. * struct, digest_update to call C_DigestUpdate on the data that
  186. * we are receiving, digest_finish to call C_DigestFinal(), and
  187. * cleanup() to free the context struct.
  188. */
  189. /*
  190. * Each cipher action requires a new session. We store the
  191. * session and its token in the context->cipher_data void* using
  192. * this struct
  193. */
  194. struct token_session {
  195. struct _token *token;
  196. CK_SESSION_HANDLE session;
  197. };
  198. /*
  199. * For digests:
  200. * We call digest_init to start the context, digest_update
  201. * to start computing the digest on the data that is being
  202. * received and digest_finish to finish the digest operation.
  203. */
  204. struct pkcs11_digest_ctx {
  205. int alg;
  206. int len;
  207. struct _token *token;
  208. CK_SESSION_HANDLE session;
  209. };
  210. /********/
  211. #define CIPHER_DATA(ctx) ((struct token_session *)(ctx->cipher_data))
  212. #define MD_DATA(ctx) ((struct pkcs11_digest_ctx *)(ctx->md_data))
  213. static int num_cipher_nids = 0;
  214. static int num_digest_nids = 0;
  215. #ifdef OLDER_OPENSSL
  216. const EVP_CIPHER pkcs11_des_ecb = {
  217. NID_des_ecb, /* NID */
  218. 8, /* Block size */
  219. 8, /* Key len */
  220. 8, /* IV len */
  221. EVP_CIPH_ECB_MODE, /* flags */
  222. pkcs11_des_init_key, /* init */
  223. pkcs11_cipher, /* do_cipher */
  224. pkcs11_cipher_cleanup, /* cleanup */
  225. sizeof(struct token_session),
  226. EVP_CIPHER_set_asn1_iv,
  227. EVP_CIPHER_get_asn1_iv,
  228. NULL, /* misc ctrl ops */
  229. NULL /* app data (ctx->cipher_data) */
  230. };
  231. const EVP_CIPHER pkcs11_des_cbc = {
  232. NID_des_cbc, /* NID */
  233. 8, /* Block size */
  234. 8, /* Key len */
  235. 8, /* IV len */
  236. EVP_CIPH_CBC_MODE, /* flags */
  237. pkcs11_des_init_key, /* init */
  238. pkcs11_cipher, /* do_cipher */
  239. pkcs11_cipher_cleanup, /* cleanup */
  240. sizeof(struct token_session), /* sizeof(ctx->cipher_data) */
  241. EVP_CIPHER_set_asn1_iv,
  242. EVP_CIPHER_get_asn1_iv,
  243. NULL, /* misc ctrl ops */
  244. NULL /* app data (ctx->cipher_data) */
  245. };
  246. #else
  247. #define DECLARE_DES_EVP(lmode, umode) \
  248. static EVP_CIPHER *des_##lmode = NULL; \
  249. static const EVP_CIPHER *pkcs11_des_##lmode(void) \
  250. { \
  251. if (des_##lmode == NULL) { \
  252. EVP_CIPHER *cipher; \
  253. if (( cipher = EVP_CIPHER_meth_new(NID_des_##lmode, \
  254. 8, 8)) == NULL \
  255. || !EVP_CIPHER_meth_set_iv_length(cipher, 8) \
  256. || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_##umode##_MODE)\
  257. || !EVP_CIPHER_meth_set_init(cipher, pkcs11_des_init_key) \
  258. || !EVP_CIPHER_meth_set_do_cipher(cipher, pkcs11_cipher) \
  259. || !EVP_CIPHER_meth_set_cleanup(cipher, pkcs11_cipher_cleanup)\
  260. || !EVP_CIPHER_meth_set_impl_ctx_size(cipher, sizeof( \
  261. struct token_session))\
  262. || !EVP_CIPHER_meth_set_set_asn1_params(cipher, \
  263. EVP_CIPHER_set_asn1_iv) \
  264. || !EVP_CIPHER_meth_set_get_asn1_params(cipher, \
  265. EVP_CIPHER_get_asn1_iv)) { \
  266. EVP_CIPHER_meth_free(cipher); \
  267. cipher = NULL; \
  268. } \
  269. des_##lmode = cipher; \
  270. } \
  271. return des_##lmode; \
  272. } \
  273. \
  274. static void pkcs11_des_##lmode##_destroy(void) \
  275. { \
  276. EVP_CIPHER_meth_free(des_##lmode); \
  277. des_##lmode = NULL; \
  278. }
  279. DECLARE_DES_EVP(ecb, ECB)
  280. DECLARE_DES_EVP(cbc, CBC)
  281. #endif
  282. #ifdef OLDER_OPENSSL
  283. const EVP_CIPHER pkcs11_tdes_ecb = {
  284. NID_des_ede3_ecb, /* NID */
  285. 8, /* Block size */
  286. 24, /* Key len */
  287. 8, /* IV len */
  288. EVP_CIPH_ECB_MODE, /* flags */
  289. pkcs11_tdes_init_key, /* init */
  290. pkcs11_cipher, /* do_cipher */
  291. pkcs11_cipher_cleanup, /* cleanup */
  292. sizeof(struct token_session), /* sizeof(ctx->cipher_data) */
  293. EVP_CIPHER_set_asn1_iv,
  294. EVP_CIPHER_get_asn1_iv,
  295. NULL, /* misc ctrl ops */
  296. NULL /* app data (ctx->cipher_data) */
  297. };
  298. const EVP_CIPHER pkcs11_tdes_cbc = {
  299. NID_des_ede3_cbc, /* NID */
  300. 8, /* Block size */
  301. 24, /* Key len */
  302. 8, /* IV len */
  303. EVP_CIPH_CBC_MODE, /* flags */
  304. pkcs11_tdes_init_key, /* init */
  305. pkcs11_cipher, /* do_cipher */
  306. pkcs11_cipher_cleanup, /* cleanup */
  307. sizeof(struct token_session), /* sizeof(ctx->cipher_data) */
  308. EVP_CIPHER_set_asn1_iv,
  309. EVP_CIPHER_get_asn1_iv,
  310. NULL, /* misc ctrl ops */
  311. NULL /* app data (ctx->cipher_data) */
  312. };
  313. #else
  314. #define DECLARE_TDES_EVP(lmode, umode) \
  315. static EVP_CIPHER *tdes_##lmode = NULL; \
  316. static const EVP_CIPHER *pkcs11_tdes_##lmode(void) \
  317. { \
  318. if (tdes_##lmode == NULL) { \
  319. EVP_CIPHER *cipher; \
  320. if (( cipher = EVP_CIPHER_meth_new(NID_des_ede3_##lmode, \
  321. 8, 24)) == NULL \
  322. || !EVP_CIPHER_meth_set_iv_length(cipher, 8) \
  323. || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_##umode##_MODE)\
  324. || !EVP_CIPHER_meth_set_init(cipher, pkcs11_tdes_init_key) \
  325. || !EVP_CIPHER_meth_set_do_cipher(cipher, pkcs11_cipher) \
  326. || !EVP_CIPHER_meth_set_cleanup(cipher, pkcs11_cipher_cleanup)\
  327. || !EVP_CIPHER_meth_set_impl_ctx_size(cipher, sizeof( \
  328. struct token_session))\
  329. || !EVP_CIPHER_meth_set_set_asn1_params(cipher, \
  330. EVP_CIPHER_set_asn1_iv) \
  331. || !EVP_CIPHER_meth_set_get_asn1_params(cipher, \
  332. EVP_CIPHER_get_asn1_iv)) { \
  333. EVP_CIPHER_meth_free(cipher); \
  334. cipher = NULL; \
  335. } \
  336. tdes_##lmode = cipher; \
  337. } \
  338. return tdes_##lmode; \
  339. } \
  340. \
  341. static void pkcs11_tdes_##lmode##_destroy(void) \
  342. { \
  343. EVP_CIPHER_meth_free(tdes_##lmode); \
  344. tdes_##lmode = NULL; \
  345. }
  346. DECLARE_TDES_EVP(ecb, ECB)
  347. DECLARE_TDES_EVP(cbc, CBC)
  348. #endif
  349. #ifdef OLDER_OPENSSL
  350. /* AES ECB */
  351. const EVP_CIPHER pkcs11_aes_128_ecb = {
  352. NID_aes_128_cbc, /* NID */
  353. 16, /* Block size */
  354. 16, /* Key len */
  355. 16, /* IV len */
  356. EVP_CIPH_ECB_MODE, /* flags */
  357. pkcs11_aes_init_key, /* init */
  358. pkcs11_cipher, /* do_cipher */
  359. pkcs11_cipher_cleanup, /* cleanup */
  360. sizeof(struct token_session), /* sizeof(ctx->cipher_data) */
  361. EVP_CIPHER_set_asn1_iv,
  362. EVP_CIPHER_get_asn1_iv,
  363. NULL, /* misc ctrl ops */
  364. NULL /* app data (ctx->cipher_data) */
  365. };
  366. const EVP_CIPHER pkcs11_aes_192_ecb = {
  367. NID_aes_192_ecb, /* NID */
  368. 16, /* Block size */
  369. 24, /* Key len */
  370. 16, /* IV len */
  371. EVP_CIPH_ECB_MODE, /* flags */
  372. pkcs11_aes_init_key, /* init */
  373. pkcs11_cipher, /* do_cipher */
  374. pkcs11_cipher_cleanup, /* cleanup */
  375. sizeof(struct token_session), /* sizeof(ctx->cipher_data) */
  376. EVP_CIPHER_set_asn1_iv,
  377. EVP_CIPHER_get_asn1_iv,
  378. NULL, /* misc ctrl ops */
  379. NULL /* app data (ctx->cipher_data) */
  380. };
  381. const EVP_CIPHER pkcs11_aes_256_ecb = {
  382. NID_aes_256_ecb, /* NID */
  383. 16, /* Block size */
  384. 32, /* Key len */
  385. 16, /* IV len */
  386. EVP_CIPH_ECB_MODE, /* flags */
  387. pkcs11_aes_init_key, /* init */
  388. pkcs11_cipher, /* do_cipher */
  389. pkcs11_cipher_cleanup, /* cleanup */
  390. sizeof(struct token_session), /* sizeof(ctx->cipher_data) */
  391. EVP_CIPHER_set_asn1_iv,
  392. EVP_CIPHER_get_asn1_iv,
  393. NULL, /* misc ctrl ops */
  394. NULL /* app data (ctx->cipher_data) */
  395. };
  396. /* AES CBC */
  397. const EVP_CIPHER pkcs11_aes_128_cbc = {
  398. NID_aes_128_cbc, /* NID */
  399. 16, /* Block size */
  400. 16, /* Key len */
  401. 16, /* IV len */
  402. EVP_CIPH_CBC_MODE, /* flags */
  403. pkcs11_aes_init_key, /* init */
  404. pkcs11_cipher, /* do_cipher */
  405. pkcs11_cipher_cleanup, /* cleanup */
  406. sizeof(struct token_session), /* sizeof(ctx->cipher_data) */
  407. EVP_CIPHER_set_asn1_iv,
  408. EVP_CIPHER_get_asn1_iv,
  409. NULL, /* misc ctrl ops */
  410. NULL /* app data (ctx->cipher_data) */
  411. };
  412. const EVP_CIPHER pkcs11_aes_192_cbc = {
  413. NID_aes_192_cbc, /* NID */
  414. 16, /* Block size */
  415. 24, /* Key len */
  416. 16, /* IV len */
  417. EVP_CIPH_CBC_MODE, /* flags */
  418. pkcs11_aes_init_key, /* init */
  419. pkcs11_cipher, /* do_cipher */
  420. pkcs11_cipher_cleanup, /* cleanup */
  421. sizeof(struct token_session), /* sizeof(ctx->cipher_data) */
  422. EVP_CIPHER_set_asn1_iv,
  423. EVP_CIPHER_get_asn1_iv,
  424. NULL, /* misc ctrl ops */
  425. NULL /* app data (ctx->cipher_data) */
  426. };
  427. const EVP_CIPHER pkcs11_aes_256_cbc = {
  428. NID_aes_256_cbc, /* NID */
  429. 16, /* Block size */
  430. 32, /* Key len */
  431. 16, /* IV len */
  432. EVP_CIPH_CBC_MODE, /* flags */
  433. pkcs11_aes_init_key, /* init */
  434. pkcs11_cipher, /* do_cipher */
  435. pkcs11_cipher_cleanup, /* cleanup */
  436. sizeof(struct token_session), /* sizeof(ctx->cipher_data) */
  437. EVP_CIPHER_set_asn1_iv,
  438. EVP_CIPHER_get_asn1_iv,
  439. NULL, /* misc ctrl ops */
  440. NULL /* app data (ctx->cipher_data) */
  441. };
  442. #else
  443. #define EVP_CIPHER_keylen_AES_128 16
  444. #define EVP_CIPHER_keylen_AES_192 24
  445. #define EVP_CIPHER_keylen_AES_256 32
  446. #define DECLARE_AES_EVP(ksize, lmode, umode) \
  447. static EVP_CIPHER *aes_##ksize##_##lmode = NULL; \
  448. static const EVP_CIPHER *pkcs11_aes_##ksize##_##lmode(void) \
  449. { \
  450. if (aes_##ksize##_##lmode == NULL) { \
  451. EVP_CIPHER *cipher; \
  452. if (( cipher = EVP_CIPHER_meth_new(NID_aes_##ksize##_##lmode, \
  453. 8, \
  454. EVP_CIPHER_keylen_AES_##ksize)) == NULL \
  455. || !EVP_CIPHER_meth_set_iv_length(cipher, 16) \
  456. || !EVP_CIPHER_meth_set_flags(cipher, EVP_CIPH_##umode##_MODE)\
  457. || !EVP_CIPHER_meth_set_init(cipher, pkcs11_aes_init_key) \
  458. || !EVP_CIPHER_meth_set_do_cipher(cipher, pkcs11_cipher) \
  459. || !EVP_CIPHER_meth_set_cleanup(cipher, pkcs11_cipher_cleanup)\
  460. || !EVP_CIPHER_meth_set_impl_ctx_size(cipher, sizeof( \
  461. struct token_session))\
  462. || !EVP_CIPHER_meth_set_set_asn1_params(cipher, \
  463. EVP_CIPHER_set_asn1_iv) \
  464. || !EVP_CIPHER_meth_set_get_asn1_params(cipher, \
  465. EVP_CIPHER_get_asn1_iv)) { \
  466. EVP_CIPHER_meth_free(cipher); \
  467. cipher = NULL; \
  468. } \
  469. aes_##ksize##_##lmode = cipher; \
  470. } \
  471. return aes_##ksize##_##lmode; \
  472. } \
  473. \
  474. static void pkcs11_aes_##ksize##_##lmode##_destroy(void) \
  475. { \
  476. EVP_CIPHER_meth_free(aes_##ksize##_##lmode); \
  477. aes_##ksize##_##lmode = NULL; \
  478. }
  479. DECLARE_AES_EVP(128, cbc, CBC)
  480. DECLARE_AES_EVP(192, cbc, CBC)
  481. DECLARE_AES_EVP(256, cbc, CBC)
  482. DECLARE_AES_EVP(128, ecb, ECB)
  483. DECLARE_AES_EVP(192, ecb, ECB)
  484. DECLARE_AES_EVP(256, ecb, ECB)
  485. #endif
  486. /* Message Digests */
  487. const EVP_MD pkcs11_sha1 = {
  488. NID_sha1,
  489. NID_sha1WithRSAEncryption,
  490. SHA_DIGEST_LENGTH,
  491. EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
  492. pkcs11_sha1_init,
  493. pkcs11_digest_update,
  494. pkcs11_digest_finish, /* final */
  495. pkcs11_digest_copy,
  496. pkcs11_digest_cleanup, /* cleanup */
  497. EVP_PKEY_RSA_method,
  498. SHA_CBLOCK,
  499. sizeof(struct pkcs11_digest_ctx)
  500. };
  501. const EVP_MD pkcs11_sha224 = {
  502. NID_sha224,
  503. NID_sha224WithRSAEncryption,
  504. SHA224_DIGEST_LENGTH,
  505. EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
  506. pkcs11_sha224_init,
  507. pkcs11_digest_update,
  508. pkcs11_digest_finish, /* final */
  509. pkcs11_digest_copy,
  510. pkcs11_digest_cleanup, /* cleanup */
  511. EVP_PKEY_RSA_method,
  512. SHA256_CBLOCK,
  513. sizeof(struct pkcs11_digest_ctx)
  514. };
  515. const EVP_MD pkcs11_sha256 = {
  516. NID_sha256,
  517. NID_sha256WithRSAEncryption,
  518. SHA256_DIGEST_LENGTH,
  519. EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
  520. pkcs11_sha256_init,
  521. pkcs11_digest_update,
  522. pkcs11_digest_finish, /* final */
  523. pkcs11_digest_copy,
  524. pkcs11_digest_cleanup, /* cleanup */
  525. EVP_PKEY_RSA_method,
  526. SHA256_CBLOCK,
  527. sizeof(struct pkcs11_digest_ctx)
  528. };
  529. const EVP_MD pkcs11_sha384 = {
  530. NID_sha384,
  531. NID_sha384WithRSAEncryption,
  532. SHA384_DIGEST_LENGTH,
  533. EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
  534. pkcs11_sha384_init,
  535. pkcs11_digest_update,
  536. pkcs11_digest_finish, /* final */
  537. pkcs11_digest_copy,
  538. pkcs11_digest_cleanup, /* cleanup */
  539. EVP_PKEY_RSA_method,
  540. SHA512_CBLOCK,
  541. sizeof(struct pkcs11_digest_ctx)
  542. };
  543. const EVP_MD pkcs11_sha512 = {
  544. NID_sha512,
  545. NID_sha512WithRSAEncryption,
  546. SHA512_DIGEST_LENGTH,
  547. EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
  548. pkcs11_sha512_init,
  549. pkcs11_digest_update,
  550. pkcs11_digest_finish, /* final */
  551. pkcs11_digest_copy,
  552. pkcs11_digest_cleanup, /* cleanup */
  553. EVP_PKEY_RSA_method,
  554. SHA512_CBLOCK,
  555. sizeof(struct pkcs11_digest_ctx)
  556. };
  557. const EVP_MD pkcs11_md5 = {
  558. NID_md5,
  559. NID_md5WithRSAEncryption,
  560. MD5_DIGEST_LENGTH,
  561. 0,
  562. pkcs11_md5_init,
  563. pkcs11_digest_update,
  564. pkcs11_digest_finish, /* final */
  565. pkcs11_digest_copy,
  566. pkcs11_digest_cleanup, /* cleanup */
  567. EVP_PKEY_RSA_method,
  568. MD5_CBLOCK,
  569. sizeof(struct pkcs11_digest_ctx)
  570. };
  571. const EVP_MD pkcs11_ripemd = {
  572. NID_ripemd160,
  573. NID_ripemd160WithRSA,
  574. RIPEMD160_DIGEST_LENGTH,
  575. 0, /* flags */
  576. pkcs11_ripemd_init,
  577. pkcs11_digest_update,
  578. pkcs11_digest_finish, /* final */
  579. pkcs11_digest_copy,
  580. pkcs11_digest_cleanup, /* cleanup */
  581. EVP_PKEY_RSA_method,
  582. RIPEMD160_CBLOCK,
  583. sizeof(struct pkcs11_digest_ctx)
  584. };
  585. /********/
  586. #ifndef OPENSSL_NO_RSA
  587. #ifdef OLDER_OPENSSL
  588. static RSA_METHOD pkcs11_rsa =
  589. {
  590. "PKCS#11 RSA",
  591. pkcs11_RSA_public_encrypt, /* rsa_pub_encrypt */
  592. pkcs11_RSA_public_decrypt, /* rsa_pub_decrypt */
  593. pkcs11_RSA_private_encrypt, /* rsa_priv_encrypt */
  594. pkcs11_RSA_private_decrypt, /* rsa_priv_decrypt */
  595. NULL, /* rsa_mod_exp */
  596. NULL, /* bn_mod_exp */
  597. pkcs11_RSA_init, /* init */
  598. pkcs11_RSA_finish, /* finish */
  599. RSA_FLAG_SIGN_VER, /* flags */
  600. NULL, /* app_data */
  601. pkcs11_RSA_sign, /* rsa_sign */
  602. pkcs11_RSA_verify, /* rsa_verify */
  603. pkcs11_RSA_generate_key /* rsa_generate_key */
  604. };
  605. #else
  606. static RSA_METHOD *pkcs11_rsa = NULL;
  607. #endif
  608. /*RSA_METHOD *PKCS11_RSA(void)
  609. {
  610. return(&pkcs11_rsa);
  611. }*/
  612. #endif
  613. extern const char *RAND_version;
  614. static RAND_METHOD pkcs11_random =
  615. {
  616. /* "PKCS11 RAND method", */
  617. pkcs11_rand_seed,
  618. pkcs11_rand_bytes,
  619. pkcs11_rand_cleanup,
  620. pkcs11_rand_add,
  621. pkcs11_rand_bytes,
  622. pkcs11_rand_status
  623. };
  624. RAND_METHOD *PKCS11_RAND(void)
  625. {
  626. return(&pkcs11_random);
  627. }
  628. static CK_FUNCTION_LIST_PTR pFunctionList = NULL;
  629. /* These are the static string constants for the DSO file name and the function
  630. * symbol names to bind to.
  631. */
  632. static unsigned char PKCS11_KEY_ID[] = "OpenSSL PKCS#11";
  633. /* String used to detect a CC2000 Bull TrustWay crypto card */
  634. #define BULL_TRUSTWAY_LIBRARY_DESCRIPTION "Bull CC2000 PKCS#11 Library "
  635. static CK_BBOOL Bull_TrustWay = FALSE;
  636. #undef BULL_CC2000 /* use Bull CC2000 hardware crypto */
  637. #undef BULL_CRYPTOBOX /* use Bull CryptoBox remote hardware crypto */
  638. #undef GPKCS11 /* use GPKCS11 software crypto */
  639. #if defined(BULL_CC2000)
  640. static const char def_PKCS11_LIBNAME[] = "gpkcs11cc2000";
  641. #elif defined(BULL_CRYPTOBOX)
  642. static const char def_PKCS11_LIBNAME[] = "cryptobox_clnt";
  643. extern CK_RV C_InitializeRpc (CK_CHAR_PTR, CK_CHAR_PTR, CK_ULONG_PTR);
  644. #elif defined(GPKCS11)
  645. static const char def_PKCS11_LIBNAME[] = "gpkcs11";
  646. #elif defined(OPENCRYPTOKI)
  647. static char *def_PKCS11_LIBNAME = "libopencryptoki.so";
  648. #else
  649. static const char def_PKCS11_LIBNAME[] = "pkcs11";
  650. #endif
  651. static const char PKCS11_GET_FUNCTION_LIST[] = "C_GetFunctionList";
  652. /* Size of an SSL signature: MD5+SHA1. up to allow SHA512 */
  653. //#define SSL_SIG_LENGTH 64
  654. #define SSL_SIG_LENGTH 36
  655. #define KEY_STORE 1
  656. static CK_BBOOL true = TRUE;
  657. static CK_BBOOL false = FALSE;
  658. static CK_SLOT_ID SLOTID = 0XFFFFFFFF;
  659. #ifndef OPENSSL_NO_RSA
  660. /* Where in the CRYPTO_EX_DATA stack we stick our per-key contexts */
  661. static int rsaPubKey = -1;
  662. static int rsaPrivKey = -1;
  663. static int deletePubKeyOnFree = -1;
  664. static int deletePrivKeyOnFree = -1;
  665. static int pkcs11Session = -1;
  666. #endif
  667. static int PKCS11_Initialized = 0;
  668. #ifdef PKCS11_DEBUG
  669. #define DBG_fprintf(args...) do { fprintf(stderr, args); fflush(stderr); } while (0)
  670. #else
  671. #define DBG_fprintf(args...)
  672. #endif
  673. void pkcs11_atfork_init(void)
  674. {
  675. DBG_fprintf("pkcs11_atfork_init: called (pid %d)\n", getpid());
  676. PKCS11_Initialized = 0;
  677. }
  678. #define pkcs11_die(func, reason, rv) \
  679. { \
  680. char tmpbuf[20]; \
  681. PKCS11err(func, reason); \
  682. sprintf(tmpbuf, "%lx", rv); \
  683. ERR_add_error_data(2, "PKCS11 CK_RV=0X", tmpbuf); \
  684. }
  685. struct token_session *pkcs11_getSession(void)
  686. {
  687. CK_RV rv;
  688. struct token_session *wrapper;
  689. if (!pkcs11_token) {
  690. PKCS11err(PKCS11_F_GETSESSION, PKCS11_R_NO_SLOT_SELECTED);
  691. return NULL;
  692. }
  693. wrapper = OPENSSL_malloc(sizeof (struct token_session));
  694. if (!wrapper) {
  695. PKCS11err(PKCS11_F_GETSESSION, PKCS11_R_MALLOC_FAILURE);
  696. return NULL;
  697. }
  698. wrapper->token = pkcs11_token;
  699. if (!PKCS11_Initialized) {
  700. rv = pFunctionList->C_Initialize(NULL);
  701. if (rv != CKR_OK && rv != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
  702. pkcs11_die(PKCS11_F_GETSESSION, PKCS11_R_INITIALIZE, rv);
  703. return NULL;
  704. }
  705. PKCS11_Initialized = 1;
  706. }
  707. rv = pFunctionList->C_OpenSession(wrapper->token->slot_id,
  708. CKF_SERIAL_SESSION | CKF_RW_SESSION,
  709. NULL_PTR,
  710. NULL_PTR,
  711. &wrapper->session);
  712. if (rv != CKR_OK) {
  713. pkcs11_die(PKCS11_F_GETSESSION, PKCS11_R_OPENSESSION, rv);
  714. return NULL;
  715. }
  716. return wrapper;
  717. }
  718. char *alg_to_string(int alg_type)
  719. {
  720. switch (alg_type) {
  721. case alg_des:
  722. return "des";
  723. case alg_tdes:
  724. return "tdes";
  725. case alg_aes:
  726. return "aes";
  727. case alg_rsa:
  728. return "rsa";
  729. case alg_sha:
  730. return "sha";
  731. case alg_md5:
  732. return "md5";
  733. case alg_ripemd:
  734. return "ripemd";
  735. default:
  736. return "invalid algorithm";
  737. }
  738. }
  739. /* This internal function is used by ENGINE_pkcs11() and possibly by the
  740. * "dynamic" ENGINE support too */
  741. static int bind_pkcs11(ENGINE *e)
  742. {
  743. DBG_fprintf("%s\n", __FUNCTION__);
  744. if (!ENGINE_set_id(e, engine_pkcs11_id) ||
  745. !ENGINE_set_name(e, engine_pkcs11_name) ||
  746. !ENGINE_set_RAND(e, &pkcs11_random) ||
  747. !ENGINE_set_init_function(e, pkcs11_init) ||
  748. !ENGINE_set_ciphers(e, pkcs11_engine_ciphers) ||
  749. !ENGINE_set_digests(e, pkcs11_engine_digests) ||
  750. !ENGINE_set_destroy_function(e, pkcs11_destroy) ||
  751. !ENGINE_set_finish_function(e, pkcs11_finish) ||
  752. !ENGINE_set_ctrl_function(e, pkcs11_ctrl) ||
  753. !ENGINE_set_cmd_defns(e, pkcs11_cmd_defns))
  754. return 0;
  755. /* Ensure the pkcs11 error handling is set up */
  756. ERR_load_pkcs11_strings();
  757. pre_init_pkcs11(e);
  758. return 1;
  759. }
  760. #ifdef ENGINE_DYNAMIC_SUPPORT
  761. static int bind_helper(ENGINE *e, const char *id)
  762. {
  763. DBG_fprintf("%s\n", __FUNCTION__);
  764. if(id && (strcmp(id, engine_pkcs11_id) != 0))
  765. return 0;
  766. if(!bind_pkcs11(e))
  767. return 0;
  768. return 1;
  769. }
  770. IMPLEMENT_DYNAMIC_CHECK_FN()
  771. IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
  772. #else
  773. static ENGINE *engine_pkcs11(void)
  774. {
  775. DBG_fprintf("%s\n", __FUNCTION__);
  776. ENGINE *ret = ENGINE_new();
  777. if(!ret)
  778. return NULL;
  779. if(!bind_pkcs11(ret))
  780. {
  781. ENGINE_free(ret);
  782. return NULL;
  783. }
  784. pre_init_pkcs11(ret);
  785. return ret;
  786. }
  787. void ENGINE_load_pkcs11(void)
  788. {
  789. DBG_fprintf("%s\n", __FUNCTION__);
  790. ENGINE *e_pkcs11 = engine_pkcs11();
  791. if(!e_pkcs11) return;
  792. ENGINE_add(e_pkcs11);
  793. ENGINE_free(e_pkcs11);
  794. ERR_clear_error();
  795. }
  796. #endif
  797. #define PKCS11_MAX_ALGS 20
  798. static int
  799. get_pkcs11_ciphers(const int **retnids)
  800. {
  801. static int nids[PKCS11_MAX_ALGS];
  802. int i, count = 0, *pkcs11_implemented_ciphers;
  803. if (pkcs11_token)
  804. pkcs11_implemented_ciphers = pkcs11_token->pkcs11_implemented_ciphers;
  805. else {
  806. PKCS11err(PKCS11_F_GET_PKCS11_CIPHERS, PKCS11_R_NO_SLOT_SELECTED);
  807. return 0;
  808. }
  809. memset(nids, 0, sizeof(nids));
  810. *retnids = NULL;
  811. for (i=0; i<NUM_NID; i++) {
  812. if (pkcs11_implemented_ciphers[i])
  813. nids[count++] = i;
  814. }
  815. if (count)
  816. *retnids = nids;
  817. return count;
  818. }
  819. static int
  820. get_pkcs11_digests(const int **retnids)
  821. {
  822. static int nids[PKCS11_MAX_ALGS];
  823. int i, count = 0, *pkcs11_implemented_digests;
  824. if (pkcs11_token)
  825. pkcs11_implemented_digests = pkcs11_token->pkcs11_implemented_digests;
  826. else {
  827. PKCS11err(PKCS11_F_GET_PKCS11_DIGESTS, PKCS11_R_NO_SLOT_SELECTED);
  828. return 0;
  829. }
  830. memset(nids, 0, sizeof(nids));
  831. *retnids = NULL;
  832. for (i=0; i<NUM_NID; i++) {
  833. if (pkcs11_implemented_digests[i])
  834. nids[count++] = i;
  835. }
  836. if (count)
  837. *retnids = nids;
  838. return count;
  839. }
  840. /*
  841. * ENGINE calls this to find out how to deal with
  842. * a particular NID in the ENGINE.
  843. */
  844. static int pkcs11_engine_ciphers(ENGINE * e, const EVP_CIPHER ** cipher,
  845. const int **nids, int nid)
  846. {
  847. if (!cipher)
  848. return get_pkcs11_ciphers(nids);
  849. if (!pkcs11_token) {
  850. PKCS11err(PKCS11_F_ENGINE_CIPHERS, PKCS11_R_NO_SLOT_SELECTED);
  851. return 0;
  852. }
  853. /* If the algorithm requested was not added to the list at
  854. * engine init time, don't return a reference to that structure.
  855. */
  856. if (pkcs11_token->pkcs11_implemented_ciphers[nid]) {
  857. switch (nid) {
  858. case NID_aes_128_ecb:
  859. #ifdef OLDER_OPENSSL
  860. *cipher = &pkcs11_aes_128_ecb;
  861. #else
  862. *cipher = pkcs11_aes_128_ecb();
  863. #endif
  864. break;
  865. case NID_aes_192_ecb:
  866. #ifdef OLDER_OPENSSL
  867. *cipher = &pkcs11_aes_192_ecb;
  868. #else
  869. *cipher = pkcs11_aes_192_ecb();
  870. #endif
  871. break;
  872. case NID_aes_256_ecb:
  873. #ifdef OLDER_OPENSSL
  874. *cipher = &pkcs11_aes_256_ecb;
  875. #else
  876. *cipher = pkcs11_aes_256_ecb();
  877. #endif
  878. break;
  879. case NID_aes_128_cbc:
  880. #ifdef OLDER_OPENSSL
  881. *cipher = &pkcs11_aes_128_cbc;
  882. #else
  883. *cipher = pkcs11_aes_128_cbc();
  884. #endif
  885. break;
  886. case NID_aes_192_cbc:
  887. #ifdef OLDER_OPENSSL
  888. *cipher = &pkcs11_aes_192_cbc;
  889. #else
  890. *cipher = pkcs11_aes_192_cbc();
  891. #endif
  892. break;
  893. case NID_aes_256_cbc:
  894. #ifdef OLDER_OPENSSL
  895. *cipher = &pkcs11_aes_256_cbc;
  896. #else
  897. *cipher = pkcs11_aes_256_cbc();
  898. #endif
  899. break;
  900. case NID_des_ecb:
  901. #ifdef OLDER_OPENSSL
  902. *cipher = &pkcs11_des_ecb;
  903. #else
  904. *cipher = pkcs11_des_ecb();
  905. #endif
  906. break;
  907. case NID_des_cbc:
  908. #ifdef OLDER_OPENSSL
  909. *cipher = &pkcs11_des_cbc;
  910. #else
  911. *cipher = pkcs11_des_cbc();
  912. #endif
  913. break;
  914. case NID_des_ede3_ecb:
  915. #ifdef OLDER_OPENSSL
  916. *cipher = &pkcs11_tdes_ecb;
  917. #else
  918. *cipher = pkcs11_tdes_ecb();
  919. #endif
  920. break;
  921. case NID_des_ede3_cbc:
  922. #ifdef OLDER_OPENSSL
  923. *cipher = &pkcs11_tdes_cbc;
  924. #else
  925. *cipher = pkcs11_tdes_cbc();
  926. #endif
  927. break;
  928. default:
  929. *cipher = NULL;
  930. break;
  931. }
  932. }
  933. return (*cipher != NULL);
  934. }
  935. static int pkcs11_engine_digests(ENGINE * e, const EVP_MD ** digest,
  936. const int **nids, int nid)
  937. {
  938. if (!digest)
  939. return get_pkcs11_digests(nids);
  940. if (!pkcs11_token) {
  941. PKCS11err(PKCS11_F_ENGINE_DIGESTS, PKCS11_R_NO_SLOT_SELECTED);
  942. return 0;
  943. }
  944. if (pkcs11_token->pkcs11_implemented_digests[nid]) {
  945. switch (nid) {
  946. case NID_ripemd160:
  947. *digest = &pkcs11_ripemd;
  948. break;
  949. case NID_md5:
  950. *digest = &pkcs11_md5;
  951. break;
  952. case NID_sha1:
  953. *digest = &pkcs11_sha1;
  954. break;
  955. case NID_sha224:
  956. *digest = &pkcs11_sha224;
  957. break;
  958. case NID_sha256:
  959. *digest = &pkcs11_sha256;
  960. break;
  961. case NID_sha384:
  962. *digest = &pkcs11_sha384;
  963. break;
  964. case NID_sha512:
  965. *digest = &pkcs11_sha512;
  966. break;
  967. default:
  968. *digest = NULL;
  969. break;
  970. }
  971. }
  972. return (*digest != NULL);
  973. }
  974. void *pkcs11_dso = NULL;
  975. /* These are the static string constants for the DSO file name and the function
  976. * symbol names to bind to.
  977. */
  978. static const char *PKCS11_LIBNAME = NULL;
  979. static const char *get_PKCS11_LIBNAME(void)
  980. {
  981. if(PKCS11_LIBNAME)
  982. return PKCS11_LIBNAME;
  983. return def_PKCS11_LIBNAME;
  984. }
  985. static void free_PKCS11_LIBNAME(void)
  986. {
  987. if(PKCS11_LIBNAME)
  988. OPENSSL_free((void*)PKCS11_LIBNAME);
  989. PKCS11_LIBNAME = NULL;
  990. }
  991. static long set_PKCS11_LIBNAME(const char *name)
  992. {
  993. free_PKCS11_LIBNAME();
  994. return ((PKCS11_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0);
  995. }
  996. /* Add new NID's based on this slot's token */
  997. void pkcs11_regToken(ENGINE *e, struct _token *tok)
  998. {
  999. CK_RV rv;
  1000. CK_ULONG mech_cnt;
  1001. CK_MECHANISM_TYPE_PTR mech_list;
  1002. int i;
  1003. DBG_fprintf("%s\n", __FUNCTION__);
  1004. if (!tok)
  1005. return;
  1006. rv = pFunctionList->C_GetMechanismList(tok->slot_id, NULL_PTR, &mech_cnt);
  1007. if (rv != CKR_OK) {
  1008. pkcs11_die(PKCS11_F_ADDTOKEN, PKCS11_R_GETMECHANISMLIST, rv);
  1009. goto err;
  1010. }
  1011. /* Bounds check mech_cnt ? */
  1012. mech_list = (CK_MECHANISM_TYPE_PTR) OPENSSL_malloc(mech_cnt * sizeof(CK_MECHANISM_TYPE));
  1013. if (mech_list == NULL) {
  1014. pkcs11_die(PKCS11_F_ADDTOKEN, PKCS11_R_MALLOC_FAILURE, rv);
  1015. goto err;
  1016. }
  1017. rv = pFunctionList->C_GetMechanismList(tok->slot_id, mech_list, &mech_cnt);
  1018. if (rv != CKR_OK) {
  1019. pkcs11_die(PKCS11_F_ADDTOKEN, PKCS11_R_GETMECHANISMLIST, rv);
  1020. goto err_free;
  1021. }
  1022. /* Check which mechanisms are performed in hardware */
  1023. for( i = 0; i < mech_cnt; i++ ) {
  1024. switch (mech_list[i]) {
  1025. case CKM_RSA_PKCS_KEY_PAIR_GEN:
  1026. case CKM_RSA_PKCS:
  1027. case CKM_RSA_9796:
  1028. case CKM_RSA_X_509:
  1029. case CKM_RSA_PKCS_OAEP:
  1030. case CKM_RSA_X9_31:
  1031. case CKM_RSA_X9_31_KEY_PAIR_GEN:
  1032. case CKM_MD5_RSA_PKCS:
  1033. #ifndef OPENSSL_NO_RSA
  1034. DBG_fprintf("%s: registering RSA\n", __FUNCTION__);
  1035. #ifdef OLDER_OPENSSL
  1036. ENGINE_set_RSA(e, &pkcs11_rsa);
  1037. #else
  1038. ENGINE_set_RSA(e, pkcs11_rsa);
  1039. pkcs11_rsa = RSA_meth_new("PKCS#11 RSA", 0);
  1040. RSA_meth_set_pub_enc(pkcs11_rsa,
  1041. pkcs11_RSA_public_encrypt);
  1042. RSA_meth_set_pub_dec(pkcs11_rsa,
  1043. pkcs11_RSA_public_decrypt);
  1044. RSA_meth_set_priv_enc(pkcs11_rsa,
  1045. pkcs11_RSA_private_encrypt);
  1046. RSA_meth_set_priv_dec(pkcs11_rsa,
  1047. pkcs11_RSA_private_decrypt);
  1048. RSA_meth_set_init(pkcs11_rsa,
  1049. pkcs11_RSA_init);
  1050. RSA_meth_set_finish(pkcs11_rsa,
  1051. pkcs11_RSA_finish);
  1052. // RSA_meth_set_sign(pkcs11_rsa,
  1053. // pkcs11_RSA_sign);
  1054. // RSA_meth_set_verify(pkcs11_rsa,
  1055. // pkcs11_RSA_verify);
  1056. RSA_meth_set_keygen(pkcs11_rsa,
  1057. pkcs11_RSA_generate_key);
  1058. #endif
  1059. ENGINE_set_load_privkey_function(e, pkcs11_load_privkey);
  1060. ENGINE_set_load_pubkey_function(e, pkcs11_load_pubkey);
  1061. #endif
  1062. break;
  1063. case CKM_DH_PKCS_KEY_PAIR_GEN:
  1064. case CKM_DH_PKCS_DERIVE:
  1065. case CKM_X9_42_DH_KEY_PAIR_GEN:
  1066. case CKM_X9_42_DH_DERIVE:
  1067. case CKM_X9_42_DH_HYBRID_DERIVE:
  1068. case CKM_DH_PKCS_PARAMETER_GEN:
  1069. case CKM_X9_42_DH_PARAMETER_GEN:
  1070. break;
  1071. case CKM_DES_ECB:
  1072. tok->pkcs11_implemented_ciphers[NID_des_ecb] = 1;
  1073. num_cipher_nids++;
  1074. break;
  1075. case CKM_DES_CBC:
  1076. case CKM_DES_CBC_PAD:
  1077. tok->pkcs11_implemented_ciphers[NID_des_cbc] = 1;
  1078. num_cipher_nids++;
  1079. break;
  1080. case CKM_DES_KEY_GEN:
  1081. case CKM_DES_MAC:
  1082. case CKM_DES_MAC_GENERAL:
  1083. break;
  1084. case CKM_DES3_ECB:
  1085. tok->pkcs11_implemented_ciphers[NID_des_ede3_ecb] = 1;
  1086. num_cipher_nids++;
  1087. break;
  1088. case CKM_DES3_CBC:
  1089. case CKM_DES3_CBC_PAD:
  1090. tok->pkcs11_implemented_ciphers[NID_des_ede3_cbc] = 1;
  1091. num_cipher_nids++;
  1092. break;
  1093. case CKM_DES3_KEY_GEN:
  1094. case CKM_DES3_MAC:
  1095. case CKM_DES3_MAC_GENERAL:
  1096. break;
  1097. case CKM_SHA_1:
  1098. tok->pkcs11_implemented_digests[NID_sha1] = 1;
  1099. num_digest_nids++;
  1100. break;
  1101. case CKM_SHA_1_HMAC:
  1102. case CKM_SHA_1_HMAC_GENERAL:
  1103. tok->pkcs11_implemented_digests[NID_hmacWithSHA1] = 1;
  1104. num_digest_nids++;
  1105. break;
  1106. case CKM_PBA_SHA1_WITH_SHA1_HMAC:
  1107. case CKM_SHA1_KEY_DERIVATION:
  1108. case CKM_SHA1_RSA_PKCS:
  1109. tok->pkcs11_implemented_digests[NID_sha1WithRSAEncryption] = 1;
  1110. num_digest_nids++;
  1111. break;
  1112. case CKM_SHA224:
  1113. tok->pkcs11_implemented_digests[NID_sha224] = 1;
  1114. num_digest_nids++;
  1115. break;
  1116. case CKM_SHA224_KEY_DERIVATION:
  1117. case CKM_SHA224_RSA_PKCS:
  1118. tok->pkcs11_implemented_digests[NID_sha224WithRSAEncryption] = 1;
  1119. num_digest_nids++;
  1120. break;
  1121. case CKM_SHA256:
  1122. tok->pkcs11_implemented_digests[NID_sha256] = 1;
  1123. num_digest_nids++;
  1124. break;
  1125. case CKM_SHA256_KEY_DERIVATION:
  1126. case CKM_SHA256_RSA_PKCS:
  1127. tok->pkcs11_implemented_digests[NID_sha256WithRSAEncryption] = 1;
  1128. num_digest_nids++;
  1129. break;
  1130. case CKM_SHA384:
  1131. tok->pkcs11_implemented_digests[NID_sha384] = 1;
  1132. num_digest_nids++;
  1133. break;
  1134. case CKM_SHA384_KEY_DERIVATION:
  1135. case CKM_SHA384_RSA_PKCS:
  1136. tok->pkcs11_implemented_digests[NID_sha384WithRSAEncryption] = 1;
  1137. num_digest_nids++;
  1138. break;
  1139. case CKM_SHA512:
  1140. tok->pkcs11_implemented_digests[NID_sha512] = 1;
  1141. num_digest_nids++;
  1142. break;
  1143. case CKM_SHA512_KEY_DERIVATION:
  1144. case CKM_SHA512_RSA_PKCS:
  1145. tok->pkcs11_implemented_digests[NID_sha512WithRSAEncryption] = 1;
  1146. num_digest_nids++;
  1147. break;
  1148. case CKM_AES_ECB:
  1149. tok->pkcs11_implemented_ciphers[NID_aes_128_ecb] = 1;
  1150. tok->pkcs11_implemented_ciphers[NID_aes_192_ecb] = 1;
  1151. tok->pkcs11_implemented_ciphers[NID_aes_256_ecb] = 1;
  1152. num_cipher_nids += 3;
  1153. break;
  1154. case CKM_AES_KEY_GEN:
  1155. break;
  1156. case CKM_AES_CBC_PAD:
  1157. case CKM_AES_CBC:
  1158. tok->pkcs11_implemented_ciphers[NID_aes_128_cbc] = 1;
  1159. tok->pkcs11_implemented_ciphers[NID_aes_192_cbc] = 1;
  1160. tok->pkcs11_implemented_ciphers[NID_aes_256_cbc] = 1;
  1161. num_cipher_nids += 3;
  1162. break;
  1163. case CKM_AES_MAC:
  1164. case CKM_AES_MAC_GENERAL:
  1165. break;
  1166. case CKM_MD5:
  1167. tok->pkcs11_implemented_digests[NID_md5] = 1;
  1168. num_digest_nids++;
  1169. break;
  1170. case CKM_MD5_HMAC:
  1171. case CKM_MD5_HMAC_GENERAL:
  1172. case CKM_SSL3_PRE_MASTER_KEY_GEN:
  1173. case CKM_SSL3_MASTER_KEY_DERIVE:
  1174. case CKM_SSL3_KEY_AND_MAC_DERIVE:
  1175. case CKM_SSL3_MD5_MAC:
  1176. case CKM_SSL3_SHA1_MAC:
  1177. break;
  1178. case CKM_RIPEMD160:
  1179. tok->pkcs11_implemented_digests[NID_ripemd160] = 1;
  1180. num_digest_nids++;
  1181. break;
  1182. case CKM_RIPEMD160_HMAC:
  1183. case CKM_RIPEMD160_HMAC_GENERAL:
  1184. break;
  1185. default:
  1186. DBG_fprintf("The token in slot %lx has reported that it can "
  1187. "perform\nmechanism 0x%lx, which is not available to "
  1188. "accelerate in openssl.\n", tok->slot_id, mech_list[i]);
  1189. break;
  1190. }
  1191. }
  1192. err_free:
  1193. OPENSSL_free(mech_list);
  1194. err:
  1195. return;
  1196. }
  1197. /* Add a new token struct to the list
  1198. * This is called during the bind_pkcs11, in other words after openSSL has
  1199. * decided to use us for some operation.
  1200. */
  1201. struct _token *pkcs11_addToken(CK_SLOT_ID slot_id)
  1202. {
  1203. struct _token *new_tok = (struct _token *) OPENSSL_malloc(sizeof(struct _token));
  1204. if (new_tok == NULL) {
  1205. PKCS11err(PKCS11_F_ADDTOKEN, PKCS11_R_MALLOC_FAILURE);
  1206. return NULL;
  1207. }
  1208. memset(new_tok, 0, sizeof(struct _token));
  1209. new_tok->slot_id = slot_id;
  1210. new_tok->token_next = pkcs11_token_list;
  1211. pkcs11_token_list = new_tok;
  1212. return new_tok;
  1213. }
  1214. /*
  1215. * pre_init_pkcs11: this is called at openSSL startup. Here is where we
  1216. * try to convince openSSL to use us. If it decides not to, there is no
  1217. * guarantee that we will ever be asked to clean up. So everything we
  1218. * do must be self-contained.
  1219. */
  1220. static int pre_init_pkcs11(ENGINE *e)
  1221. {
  1222. CK_C_GetFunctionList p;
  1223. CK_RV rv = CKR_OK;
  1224. CK_INFO Info;
  1225. CK_SLOT_ID_PTR pSlotList;
  1226. CK_ULONG ulSlotCount;
  1227. CK_SLOT_INFO slotInfo;
  1228. struct _token *tok;
  1229. int i;
  1230. if(pkcs11_dso)
  1231. {
  1232. PKCS11err(PKCS11_F_PREINIT, PKCS11_R_ALREADY_LOADED);
  1233. goto err;
  1234. }
  1235. /* Attempt to load PKCS#11 library */
  1236. pkcs11_dso = dlopen(get_PKCS11_LIBNAME(), RTLD_NOW);
  1237. if(pkcs11_dso == NULL)
  1238. {
  1239. PKCS11err(PKCS11_F_PREINIT, PKCS11_R_DSO_FAILURE);
  1240. goto err;
  1241. }
  1242. /* get the C_GetFunctionList function from the loaded library */
  1243. p = (CK_C_GetFunctionList)dlsym(pkcs11_dso, PKCS11_GET_FUNCTION_LIST);
  1244. if ( !p )
  1245. {
  1246. PKCS11err(PKCS11_F_PREINIT, PKCS11_R_DSO_FAILURE);
  1247. goto err;
  1248. }
  1249. /* get the full function list from the loaded library */
  1250. rv = p(&pFunctionList);
  1251. if (rv != CKR_OK)
  1252. {
  1253. pkcs11_die(PKCS11_F_PREINIT, PKCS11_R_DSO_FAILURE, rv);
  1254. goto err;
  1255. }
  1256. #ifdef BULL_CRYPTOBOX
  1257. /* the address of the CryptoBox is in /etc/CryptoBox */
  1258. rv = C_InitializeRpc (NULL, NULL, NULL);
  1259. if (rv != CKR_OK)
  1260. goto err;
  1261. #endif
  1262. /* Initialize Cryptoki */
  1263. rv = pFunctionList->C_Initialize(NULL_PTR);
  1264. if ((rv != CKR_OK) && (rv != CKR_CRYPTOKI_ALREADY_INITIALIZED))
  1265. {
  1266. pkcs11_die(PKCS11_F_PREINIT, PKCS11_R_INITIALIZE, rv);
  1267. goto err;
  1268. }
  1269. rv = pFunctionList->C_GetInfo(&Info);
  1270. if (rv != CKR_OK)
  1271. {
  1272. pkcs11_die(PKCS11_F_PREINIT, PKCS11_R_GETINFO, rv);
  1273. pFunctionList->C_Finalize(NULL);
  1274. goto err;
  1275. }
  1276. if (strncmp((char *)Info.libraryDescription, BULL_TRUSTWAY_LIBRARY_DESCRIPTION, 32))
  1277. {
  1278. rv = pFunctionList->C_GetSlotList(TRUE, NULL_PTR, &ulSlotCount);
  1279. if ((rv != CKR_OK) || (ulSlotCount == 0))
  1280. {
  1281. pkcs11_die(PKCS11_F_PREINIT, PKCS11_R_GETSLOTLIST, rv);
  1282. }
  1283. else
  1284. {
  1285. pSlotList = (CK_SLOT_ID_PTR) OPENSSL_malloc(ulSlotCount * sizeof(CK_SLOT_ID));
  1286. if ( pSlotList != NULL)
  1287. {
  1288. rv = pFunctionList->C_GetSlotList(TRUE, pSlotList, &ulSlotCount);
  1289. if (rv != CKR_OK)
  1290. {
  1291. pkcs11_die(PKCS11_F_PREINIT, PKCS11_R_GETSLOTLIST, rv);
  1292. pFunctionList->C_Finalize(NULL);
  1293. OPENSSL_free(pSlotList);
  1294. goto err;
  1295. }
  1296. /* Check each slot to see if there's a hardware token present.
  1297. */
  1298. for (i = 0; i < ulSlotCount; i++)
  1299. {
  1300. rv = pFunctionList->C_GetSlotInfo(pSlotList[i], &slotInfo);
  1301. if (rv != CKR_OK)
  1302. {
  1303. pkcs11_die(PKCS11_F_PREINIT, PKCS11_R_GETSLOTINFO,
  1304. rv);
  1305. pFunctionList->C_Finalize(NULL);
  1306. OPENSSL_free(pSlotList);
  1307. goto err;
  1308. }
  1309. /* we're mallocing memory here that may need to be freed
  1310. * if openssl chooses not to use us. We'll free it in
  1311. * the library destructor, pkcs11_engine_destructor */
  1312. tok = pkcs11_addToken(pSlotList[i]);
  1313. pkcs11_regToken(e, tok);
  1314. }
  1315. OPENSSL_free(pSlotList);
  1316. }
  1317. }
  1318. }
  1319. else
  1320. {
  1321. /* Bull Trustway CC2000 crypto hardware detected */
  1322. Bull_TrustWay = TRUE;
  1323. SLOTID = 0xFFFFFFFF;
  1324. }
  1325. /* Finish with Cryptoki: We will restart if openSSL calls one of our
  1326. * functions */
  1327. pFunctionList->C_Finalize(NULL);
  1328. dlclose(pkcs11_dso);
  1329. pkcs11_dso = NULL;
  1330. return 1;
  1331. err:
  1332. if(pkcs11_dso)
  1333. dlclose(pkcs11_dso);
  1334. pkcs11_dso = NULL;
  1335. return 0;
  1336. }
  1337. /* initialization function */
  1338. /* This is called when openSSL has decided to use us, and warns us to
  1339. * initialize. pkcs11_finish will be called when all is done. */
  1340. static int pkcs11_init(ENGINE *e)
  1341. {
  1342. CK_C_GetFunctionList p;
  1343. CK_RV rv = CKR_OK;
  1344. CK_INFO Info;
  1345. CK_SLOT_ID_PTR pSlotList;
  1346. CK_ULONG ulSlotCount;
  1347. CK_SLOT_INFO slotInfo;
  1348. int i;
  1349. if(pkcs11_dso)
  1350. {
  1351. PKCS11err(PKCS11_F_INIT, PKCS11_R_ALREADY_LOADED);
  1352. goto err;
  1353. }
  1354. /* Attempt to load PKCS#11 library */
  1355. pkcs11_dso = dlopen(get_PKCS11_LIBNAME(), RTLD_NOW);
  1356. if(pkcs11_dso == NULL)
  1357. {
  1358. PKCS11err(PKCS11_F_INIT, PKCS11_R_DSO_FAILURE);
  1359. goto err;
  1360. }
  1361. /* get the C_GetFunctionList function from the loaded library */
  1362. p = (CK_C_GetFunctionList)dlsym(pkcs11_dso, PKCS11_GET_FUNCTION_LIST);
  1363. if ( !p )
  1364. {
  1365. PKCS11err(PKCS11_F_INIT, PKCS11_R_DSO_FAILURE);
  1366. goto err;
  1367. }
  1368. /* get the full function list from the loaded library */
  1369. rv = p(&pFunctionList);
  1370. if (rv != CKR_OK)
  1371. {
  1372. pkcs11_die(PKCS11_F_INIT, PKCS11_R_DSO_FAILURE, rv);
  1373. goto err;
  1374. }
  1375. #ifdef BULL_CRYPTOBOX
  1376. /* the address of the CryptoBox is in /etc/CryptoBox */
  1377. rv = C_InitializeRpc (NULL, NULL, NULL);
  1378. if (rv != CKR_OK)
  1379. goto err;
  1380. #endif
  1381. rv = pFunctionList->C_Initialize(NULL_PTR);
  1382. if ((rv != CKR_OK) && (rv != CKR_CRYPTOKI_ALREADY_INITIALIZED))
  1383. {
  1384. pkcs11_die(PKCS11_F_INIT, PKCS11_R_INITIALIZE, rv);
  1385. goto err;
  1386. }
  1387. rv = pFunctionList->C_GetInfo(&Info);
  1388. if (rv != CKR_OK)
  1389. {
  1390. pkcs11_die(PKCS11_F_INIT, PKCS11_R_GETINFO, rv);
  1391. pFunctionList->C_Finalize(NULL);
  1392. goto err;
  1393. }
  1394. if (strncmp((char *)Info.libraryDescription, BULL_TRUSTWAY_LIBRARY_DESCRIPTION, 32))
  1395. {
  1396. rv = pFunctionList->C_GetSlotList(TRUE, NULL_PTR, &ulSlotCount);
  1397. if ((rv != CKR_OK) || (ulSlotCount == 0))
  1398. {
  1399. pkcs11_die(PKCS11_F_INIT, PKCS11_R_GETSLOTLIST, rv);
  1400. }
  1401. else
  1402. {
  1403. pSlotList = (CK_SLOT_ID_PTR) OPENSSL_malloc(ulSlotCount * sizeof(CK_SLOT_ID));
  1404. if ( pSlotList != NULL)
  1405. {
  1406. rv = pFunctionList->C_GetSlotList(TRUE, pSlotList, &ulSlotCount);
  1407. if (rv != CKR_OK)
  1408. {
  1409. pkcs11_die(PKCS11_F_INIT, PKCS11_R_GETSLOTLIST, rv);
  1410. pFunctionList->C_Finalize(NULL);
  1411. OPENSSL_free(pSlotList);
  1412. goto err;
  1413. }
  1414. /* Check each slot to see if there's a hardware token present.
  1415. */
  1416. for (i = 0; i < ulSlotCount; i++)
  1417. {
  1418. rv = pFunctionList->C_GetSlotInfo(pSlotList[i], &slotInfo);
  1419. if (rv != CKR_OK)
  1420. {
  1421. pkcs11_die(PKCS11_F_INIT, PKCS11_R_GETSLOTINFO, rv);
  1422. pFunctionList->C_Finalize(NULL);
  1423. OPENSSL_free(pSlotList);
  1424. goto err;
  1425. }
  1426. pkcs11_addToken(pSlotList[i]);
  1427. }
  1428. OPENSSL_free(pSlotList);
  1429. }
  1430. }
  1431. }
  1432. else
  1433. {
  1434. /* Bull Trustway CC2000 crypto hardware detected */
  1435. Bull_TrustWay = TRUE;
  1436. SLOTID = 0xFFFFFFFF;
  1437. }
  1438. #ifndef OPENSSL_NO_RSA
  1439. /* Everything's fine. */
  1440. if (rsaPubKey == -1)
  1441. rsaPubKey = RSA_get_ex_new_index(0, NULL, NULL, NULL, NULL);
  1442. if (rsaPrivKey == -1)
  1443. rsaPrivKey = RSA_get_ex_new_index(0, NULL, NULL, NULL, NULL);
  1444. if (deletePubKeyOnFree == -1)
  1445. deletePubKeyOnFree = RSA_get_ex_new_index(0, NULL, NULL, NULL, NULL);
  1446. if (deletePrivKeyOnFree == -1)
  1447. deletePrivKeyOnFree = RSA_get_ex_new_index(0, NULL, NULL, NULL, NULL);
  1448. if (pkcs11Session == -1)
  1449. pkcs11Session = RSA_get_ex_new_index(0, NULL, NULL, NULL, NULL);
  1450. #endif
  1451. if (pkcs11_token_list == NULL)
  1452. PKCS11err(PKCS11_F_INIT, PKCS11_R_NOTOKENS);
  1453. PKCS11_Initialized = 1;
  1454. /* TODO: This should only be done on linux systems */
  1455. pthread_atfork(NULL, NULL, (void(*)())pkcs11_atfork_init);
  1456. return 1;
  1457. err:
  1458. if(pkcs11_dso)
  1459. dlclose(pkcs11_dso);
  1460. pkcs11_dso = NULL;
  1461. return 0;
  1462. }
  1463. /* Destructor (complements the "ENGINE_pkcs11()" constructor) */
  1464. /* XXX HUH? Can we just DSO_load once, then??? */
  1465. static int pkcs11_destroy(ENGINE *e)
  1466. {
  1467. DBG_fprintf("%s: called\n", __FUNCTION__);
  1468. #ifndef OLDER_OPENSSL
  1469. pkcs11_des_ecb_destroy();
  1470. pkcs11_des_cbc_destroy();
  1471. pkcs11_tdes_ecb_destroy();
  1472. pkcs11_tdes_cbc_destroy();
  1473. pkcs11_aes_128_cbc_destroy();
  1474. pkcs11_aes_192_cbc_destroy();
  1475. pkcs11_aes_256_cbc_destroy();
  1476. pkcs11_aes_128_ecb_destroy();
  1477. pkcs11_aes_192_ecb_destroy();
  1478. pkcs11_aes_256_ecb_destroy();
  1479. #endif
  1480. free_PKCS11_LIBNAME();
  1481. ERR_unload_pkcs11_strings();
  1482. return 1;
  1483. }
  1484. /* termination function */
  1485. static int pkcs11_finish(ENGINE *e)
  1486. {
  1487. struct _token *tmp;
  1488. if(pkcs11_dso == NULL)
  1489. {
  1490. PKCS11err(PKCS11_F_FINISH, PKCS11_R_NOT_LOADED);
  1491. goto err;
  1492. }
  1493. assert(pFunctionList != NULL);
  1494. while (pkcs11_token_list) {
  1495. tmp = pkcs11_token_list->token_next;
  1496. OPENSSL_free(pkcs11_token_list);
  1497. pkcs11_token_list = tmp;
  1498. }
  1499. pFunctionList->C_Finalize(NULL);
  1500. if(dlclose(pkcs11_dso))
  1501. { PKCS11err(PKCS11_F_FINISH, PKCS11_R_DSO_FAILURE);
  1502. goto err;
  1503. }
  1504. pkcs11_dso = NULL;
  1505. pFunctionList = NULL;
  1506. return 1;
  1507. err:
  1508. pkcs11_dso = NULL;
  1509. pFunctionList = NULL;
  1510. return 0;
  1511. }
  1512. static int pkcs11_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
  1513. {
  1514. int initialized = ((pkcs11_dso == NULL) ? 0 : 1);
  1515. struct _token *tok;
  1516. switch(cmd)
  1517. {
  1518. case PKCS11_CMD_SO_PATH:
  1519. if(p == NULL)
  1520. {
  1521. PKCS11err(PKCS11_F_CTRL, ERR_R_PASSED_NULL_PARAMETER);
  1522. return 0;
  1523. }
  1524. if(initialized)
  1525. {
  1526. PKCS11err(PKCS11_F_CTRL, PKCS11_R_ALREADY_LOADED);
  1527. return 0;
  1528. }
  1529. return set_PKCS11_LIBNAME((const char*)p);
  1530. case PKCS11_CMD_SLOT_ID:
  1531. tok = pkcs11_token_list;
  1532. while (tok) {
  1533. if (tok->slot_id == i) {
  1534. pkcs11_token = tok;
  1535. DBG_fprintf("slot %ld selected\n", i);
  1536. return 1;
  1537. }
  1538. tok = tok->token_next;
  1539. }
  1540. PKCS11err(PKCS11_F_CTRL, PKCS11_R_TOKEN_NOT_AVAILABLE);
  1541. return 0;
  1542. default:
  1543. break;
  1544. }
  1545. PKCS11err(PKCS11_F_CTRL,PKCS11_R_CTRL_COMMAND_NOT_IMPLEMENTED);
  1546. return 0;
  1547. }
  1548. #ifndef OPENSSL_NO_RSA
  1549. CK_OBJECT_HANDLE pkcs11_FindOrCreateKey(CK_SESSION_HANDLE h,
  1550. RSA *rsa,
  1551. CK_OBJECT_CLASS oKey,
  1552. CK_BBOOL fKeyCreate)
  1553. {
  1554. CK_RV rv;
  1555. CK_OBJECT_HANDLE hKey = CK_INVALID_HANDLE;
  1556. CK_ULONG Matches;
  1557. CK_KEY_TYPE kType = CKK_RSA;
  1558. CK_ULONG ulKeyAttributeCount;
  1559. #ifndef OLDER_OPENSSL
  1560. const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
  1561. #endif
  1562. CK_ATTRIBUTE pubKeyTemplate[] =
  1563. {
  1564. {CKA_CLASS, &oKey, sizeof(CK_OBJECT_CLASS)},
  1565. {CKA_KEY_TYPE, &kType, sizeof(CK_KEY_TYPE)},
  1566. {CKA_MODULUS, (void *)NULL, 0},
  1567. {CKA_PUBLIC_EXPONENT, (void *)NULL, 0},
  1568. };
  1569. CK_ATTRIBUTE privKeyTemplate[] =
  1570. {
  1571. {CKA_CLASS, &oKey, sizeof(CK_OBJECT_CLASS)},
  1572. {CKA_KEY_TYPE, &kType, sizeof(CK_KEY_TYPE)},
  1573. {CKA_MODULUS, (void *)NULL, 0},
  1574. {CKA_PUBLIC_EXPONENT, (void *)NULL, 0},
  1575. {CKA_PRIVATE_EXPONENT, (void *)NULL, 0},
  1576. {CKA_PRIME_1, (void *)NULL, 0},
  1577. {CKA_PRIME_2, (void *)NULL, 0},
  1578. {CKA_EXPONENT_1, (void *)NULL, 0},
  1579. {CKA_EXPONENT_2, (void *)NULL, 0},
  1580. {CKA_COEFFICIENT, (void *)NULL, 0}
  1581. };
  1582. long deletePubKey;
  1583. DBG_fprintf("%s\n", __FUNCTION__);
  1584. if (oKey == CKO_PUBLIC_KEY) {
  1585. DBG_fprintf("looking up a public key\n");
  1586. #ifdef OLDER_OPENSSL
  1587. pubKeyTemplate[2].ulValueLen = BN_num_bytes(rsa->n);
  1588. pubKeyTemplate[3].ulValueLen = BN_num_bytes(rsa->e);
  1589. #else
  1590. RSA_get0_key(rsa, &n, &e, NULL);
  1591. pubKeyTemplate[2].ulValueLen = BN_num_bytes(n);
  1592. pubKeyTemplate[3].ulValueLen = BN_num_bytes(e);
  1593. #endif
  1594. pubKeyTemplate[2].pValue = (CK_VOID_PTR)OPENSSL_malloc(
  1595. (size_t)pubKeyTemplate[2].ulValueLen);
  1596. pubKeyTemplate[3].pValue = (CK_VOID_PTR)OPENSSL_malloc(
  1597. (size_t)pubKeyTemplate[3].ulValueLen);
  1598. #ifdef OLDER_OPENSSL
  1599. BN_bn2bin(rsa->n, pubKeyTemplate[2].pValue);
  1600. BN_bn2bin(rsa->e, pubKeyTemplate[3].pValue);
  1601. #else
  1602. BN_bn2bin(n, pubKeyTemplate[2].pValue);
  1603. BN_bn2bin(e, pubKeyTemplate[3].pValue);
  1604. #endif
  1605. ulKeyAttributeCount = 4;
  1606. rv = pFunctionList->C_FindObjectsInit(h, pubKeyTemplate, ulKeyAttributeCount);
  1607. } else {
  1608. DBG_fprintf("looking up a private key\n");
  1609. #ifdef OLDER_OPENSSL
  1610. privKeyTemplate[2].ulValueLen = BN_num_bytes(rsa->n);
  1611. privKeyTemplate[4].ulValueLen = BN_num_bytes(rsa->d);
  1612. privKeyTemplate[5].ulValueLen = BN_num_bytes(rsa->p);
  1613. privKeyTemplate[6].ulValueLen = BN_num_bytes(rsa->q);
  1614. privKeyTemplate[7].ulValueLen = BN_num_bytes(rsa->dmp1);
  1615. privKeyTemplate[8].ulValueLen = BN_num_bytes(rsa->dmq1);
  1616. privKeyTemplate[9].ulValueLen = BN_num_bytes(rsa->iqmp);
  1617. #else
  1618. RSA_get0_key(rsa, &n, NULL, &d);
  1619. RSA_get0_factors(rsa, &p, &q);
  1620. RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
  1621. privKeyTemplate[2].ulValueLen = BN_num_bytes(n);
  1622. privKeyTemplate[4].ulValueLen = BN_num_bytes(d);
  1623. privKeyTemplate[5].ulValueLen = BN_num_bytes(p);
  1624. privKeyTemplate[6].ulValueLen = BN_num_bytes(q);
  1625. privKeyTemplate[7].ulValueLen = BN_num_bytes(dmp1);
  1626. privKeyTemplate[8].ulValueLen = BN_num_bytes(dmq1);
  1627. privKeyTemplate[9].ulValueLen = BN_num_bytes(iqmp);
  1628. #endif
  1629. privKeyTemplate[2].pValue = (CK_VOID_PTR)OPENSSL_malloc(
  1630. (size_t)privKeyTemplate[2].ulValueLen);
  1631. privKeyTemplate[4].pValue = (CK_VOID_PTR)OPENSSL_malloc(
  1632. (size_t)privKeyTemplate[4].ulValueLen);
  1633. privKeyTemplate[5].pValue = (CK_VOID_PTR)OPENSSL_malloc(
  1634. (size_t)privKeyTemplate[5].ulValueLen);
  1635. privKeyTemplate[6].pValue = (CK_VOID_PTR)OPENSSL_malloc(
  1636. (size_t)privKeyTemplate[6].ulValueLen);
  1637. privKeyTemplate[7].pValue = (CK_VOID_PTR)OPENSSL_malloc(
  1638. (size_t)privKeyTemplate[7].ulValueLen);
  1639. privKeyTemplate[8].pValue = (CK_VOID_PTR)OPENSSL_malloc(
  1640. (size_t)privKeyTemplate[8].ulValueLen);
  1641. privKeyTemplate[9].pValue = (CK_VOID_PTR)OPENSSL_malloc(
  1642. (size_t)privKeyTemplate[9].ulValueLen);
  1643. #ifdef OLDER_OPENSSL
  1644. BN_bn2bin(rsa->n, privKeyTemplate[2].pValue);
  1645. BN_bn2bin(rsa->d, privKeyTemplate[4].pValue);
  1646. BN_bn2bin(rsa->p, privKeyTemplate[5].pValue);
  1647. BN_bn2bin(rsa->q, privKeyTemplate[6].pValue);
  1648. BN_bn2bin(rsa->dmp1, privKeyTemplate[7].pValue);
  1649. BN_bn2bin(rsa->dmq1, privKeyTemplate[8].pValue);
  1650. BN_bn2bin(rsa->iqmp, privKeyTemplate[9].pValue);
  1651. #else
  1652. BN_bn2bin(n, privKeyTemplate[2].pValue);
  1653. BN_bn2bin(d, privKeyTemplate[4].pValue);
  1654. BN_bn2bin(p, privKeyTemplate[5].pValue);
  1655. BN_bn2bin(q, privKeyTemplate[6].pValue);
  1656. BN_bn2bin(dmp1, privKeyTemplate[7].pValue);
  1657. BN_bn2bin(dmq1, privKeyTemplate[8].pValue);
  1658. BN_bn2bin(iqmp, privKeyTemplate[9].pValue);
  1659. #endif
  1660. ulKeyAttributeCount = 10;
  1661. rv = pFunctionList->C_FindObjectsInit(h, privKeyTemplate, ulKeyAttributeCount);
  1662. }
  1663. if (rv != CKR_OK)
  1664. {
  1665. pkcs11_die(PKCS11_F_FINDORCREATEKEY, PKCS11_R_FINDOBJECTSINIT, rv);
  1666. goto err;
  1667. }
  1668. rv = pFunctionList->C_FindObjects(h, &hKey, 1, &Matches);
  1669. if (rv != CKR_OK)
  1670. {
  1671. pkcs11_die(PKCS11_F_FINDORCREATEKEY, PKCS11_R_FINDOBJECTS, rv);
  1672. goto err;
  1673. }
  1674. rv = pFunctionList->C_FindObjectsFinal(h);
  1675. if (rv != CKR_OK)
  1676. {
  1677. pkcs11_die(PKCS11_F_FINDORCREATEKEY, PKCS11_R_FINDOBJECTSFINAL, rv);
  1678. goto err;
  1679. }
  1680. /* Assume there should be no more than one match */
  1681. if (Matches == 0)
  1682. {
  1683. DBG_fprintf("matches was 0, creating this key\n");
  1684. #ifdef OLDER_OPENSSL
  1685. DBG_fprintf("rsa->n is %d bytes\n", BN_num_bytes(rsa->n));
  1686. #else
  1687. DBG_fprintf("rsa->n is %d bytes\n", BN_num_bytes(n));
  1688. #endif
  1689. if (fKeyCreate &&
  1690. #ifdef OLDER_OPENSSL
  1691. BN_num_bytes(rsa->n)
  1692. #else
  1693. BN_num_bytes(n)
  1694. #endif
  1695. ) {
  1696. if (oKey == CKO_PUBLIC_KEY)
  1697. rv = pFunctionList->C_CreateObject(h, pubKeyTemplate,
  1698. ulKeyAttributeCount, &hKey);
  1699. else
  1700. rv = pFunctionList->C_CreateObject(h, privKeyTemplate,
  1701. ulKeyAttributeCount, &hKey);
  1702. if (rv != CKR_OK)
  1703. {
  1704. DBG_fprintf("error creating key object.\n");
  1705. pkcs11_die(PKCS11_F_FINDORCREATEKEY, PKCS11_R_CREATEOBJECT, rv);
  1706. goto err;
  1707. }
  1708. else
  1709. {
  1710. DBG_fprintf("key obj created\n");
  1711. deletePubKey = TRUE;
  1712. if (oKey == CKO_PUBLIC_KEY)
  1713. RSA_set_ex_data(rsa, deletePubKeyOnFree,
  1714. (void *)deletePubKey);
  1715. else
  1716. RSA_set_ex_data(rsa, deletePrivKeyOnFree,
  1717. (void *)deletePubKey);
  1718. }
  1719. }
  1720. else
  1721. {
  1722. PKCS11err(PKCS11_F_FINDORCREATEKEY, PKCS11_R_OBJECT_NOT_FOUND);
  1723. goto err;
  1724. }
  1725. }
  1726. if (oKey == CKO_PUBLIC_KEY)
  1727. RSA_set_ex_data(rsa, rsaPubKey, (char *)hKey);
  1728. if (oKey == CKO_PRIVATE_KEY)
  1729. RSA_set_ex_data(rsa, rsaPrivKey, (char *)hKey);
  1730. err:
  1731. if (oKey == CKO_PUBLIC_KEY) {
  1732. if (pubKeyTemplate[2].pValue != NULL)
  1733. {
  1734. OPENSSL_free(pubKeyTemplate[2].pValue);
  1735. pubKeyTemplate[2].pValue = NULL;
  1736. }
  1737. if (pubKeyTemplate[3].pValue != NULL)
  1738. {
  1739. OPENSSL_free(pubKeyTemplate[3].pValue);
  1740. pubKeyTemplate[3].pValue = NULL;
  1741. }
  1742. } else {
  1743. if (privKeyTemplate[2].pValue != NULL)
  1744. {
  1745. OPENSSL_free(privKeyTemplate[2].pValue);
  1746. privKeyTemplate[2].pValue = NULL;
  1747. }
  1748. if (privKeyTemplate[3].pValue != NULL)
  1749. {
  1750. OPENSSL_free(privKeyTemplate[3].pValue);
  1751. privKeyTemplate[3].pValue = NULL;
  1752. }
  1753. if (privKeyTemplate[4].pValue != NULL)
  1754. {
  1755. OPENSSL_free(privKeyTemplate[4].pValue);
  1756. privKeyTemplate[4].pValue = NULL;
  1757. }
  1758. }
  1759. return hKey;
  1760. }
  1761. /*----------------------------------------------------------------*/
  1762. /* pkcs11_RSA_public_encrypt */
  1763. /* */
  1764. /* This function implements RSA public encryption. 'from_len'
  1765. bytes taken from 'from' and encrypted and put into 'to'. 'to' needs
  1766. to be at least RSA_size(rsa) bytes long. The number of bytes
  1767. written into 'to' is returned. -1 is returned on an error. The
  1768. operation performed is to = from^rsa->e mod rsa->n. */
  1769. /* for PKCS11, use C_EncryptInit + C_Encrypt */
  1770. /*----------------------------------------------------------------*/
  1771. static int pkcs11_RSA_public_encrypt(int flen,
  1772. const unsigned char *from,
  1773. unsigned char *to,
  1774. RSA *rsa,
  1775. int padding)
  1776. {
  1777. CK_ULONG bytesEncrypted=0;
  1778. CK_RV rv;
  1779. CK_MECHANISM Mechanism_rsa = {CKM_RSA_PKCS, NULL, 0};
  1780. CK_MECHANISM *pMechanism = &Mechanism_rsa;
  1781. CK_OBJECT_HANDLE hPublicKey = CK_INVALID_HANDLE;
  1782. struct token_session *wrapper = NULL;
  1783. CK_SESSION_HANDLE session;
  1784. DBG_fprintf("%s\n", __FUNCTION__);
  1785. if (padding != RSA_PKCS1_PADDING)
  1786. {
  1787. PKCS11err(PKCS11_F_RSA_PUB_ENC, PKCS11_R_UNKNOWN_PADDING_TYPE);
  1788. return -1;
  1789. }
  1790. session = (CK_SESSION_HANDLE)RSA_get_ex_data(rsa, pkcs11Session);
  1791. if (session == CK_INVALID_HANDLE || !session) {
  1792. wrapper = pkcs11_getSession();
  1793. if (!wrapper)
  1794. return 0;
  1795. DBG_fprintf("%d: created new session\n", __LINE__);
  1796. session = wrapper->session;
  1797. RSA_set_ex_data(rsa, pkcs11Session, (void *)session);
  1798. }
  1799. hPublicKey = (CK_OBJECT_HANDLE)RSA_get_ex_data(rsa, rsaPubKey);
  1800. if (hPublicKey == CK_INVALID_HANDLE)
  1801. hPublicKey = pkcs11_FindOrCreateKey(session, rsa, CKO_PUBLIC_KEY, true);
  1802. if (hPublicKey != CK_INVALID_HANDLE)
  1803. {
  1804. rv = pFunctionList->C_EncryptInit(session, pMechanism, hPublicKey);
  1805. if (rv != CKR_OK)
  1806. {
  1807. pkcs11_die(PKCS11_F_RSA_PUB_ENC, PKCS11_R_ENCRYPTINIT, rv);
  1808. bytesEncrypted = -1;
  1809. goto out;
  1810. }
  1811. rv = pFunctionList->C_Encrypt(session, (unsigned char *)from,
  1812. flen, NULL_PTR, &bytesEncrypted);
  1813. if (rv != CKR_OK)
  1814. {
  1815. pkcs11_die(PKCS11_F_RSA_PUB_ENC, PKCS11_R_ENCRYPT, rv);
  1816. bytesEncrypted = -1;
  1817. goto out;
  1818. }
  1819. rv = pFunctionList->C_Encrypt(session, (unsigned char *)from,
  1820. flen, to, &bytesEncrypted);
  1821. if (rv != CKR_OK)
  1822. {
  1823. pkcs11_die(PKCS11_F_RSA_PUB_ENC, PKCS11_R_ENCRYPT, rv);
  1824. bytesEncrypted = -1;
  1825. goto out;
  1826. }
  1827. }
  1828. out:
  1829. OPENSSL_free(wrapper);
  1830. return bytesEncrypted;
  1831. }
  1832. /*----------------------------------------------------------------*/
  1833. /* pkcs11_RSA_private_encrypt */
  1834. /* This function implements RSA private encryption.
  1835. That corresponds to a signature and only the RSA_PKCS1_PADDING
  1836. is supported.
  1837. flen : bytes taken from 'from' and encrypted and put into 'to'.
  1838. to : needs to be at least bytes long.
  1839. ret : returns the number of bytes written into 'to' or -1 if an error.
  1840. for PKCS11 use C_SignInit + C_Sign */
  1841. /*----------------------------------------------------------------*/
  1842. static int pkcs11_RSA_private_encrypt(int flen,
  1843. const unsigned char *from,
  1844. unsigned char *to,
  1845. RSA *rsa,
  1846. int padding)
  1847. {
  1848. CK_ULONG ulSignatureLen=0;
  1849. CK_RV rv;
  1850. CK_MECHANISM Mechanism_rsa = {CKM_RSA_PKCS, NULL, 0};
  1851. CK_MECHANISM *pMechanism = &Mechanism_rsa;
  1852. CK_OBJECT_HANDLE hPrivateKey= CK_INVALID_HANDLE;
  1853. struct token_session *wrapper = NULL;
  1854. CK_SESSION_HANDLE session;
  1855. DBG_fprintf("%s\n", __FUNCTION__);
  1856. if (padding != RSA_PKCS1_PADDING)
  1857. {
  1858. PKCS11err(PKCS11_F_RSA_PRIV_ENC, PKCS11_R_UNKNOWN_PADDING_TYPE);
  1859. return -1;
  1860. }
  1861. session = (CK_SESSION_HANDLE)RSA_get_ex_data(rsa, pkcs11Session);
  1862. if (session == CK_INVALID_HANDLE || !session) {
  1863. wrapper = pkcs11_getSession();
  1864. if (!wrapper)
  1865. return 0;
  1866. DBG_fprintf("%d: created new session\n", __LINE__);
  1867. session = wrapper->session;
  1868. RSA_set_ex_data(rsa, pkcs11Session, (void *)session);
  1869. }
  1870. hPrivateKey = (CK_OBJECT_HANDLE)RSA_get_ex_data(rsa, rsaPrivKey);
  1871. if (hPrivateKey == CK_INVALID_HANDLE)
  1872. hPrivateKey = pkcs11_FindOrCreateKey(session, rsa, CKO_PRIVATE_KEY, true);
  1873. if (hPrivateKey != CK_INVALID_HANDLE)
  1874. {
  1875. rv = pFunctionList->C_SignInit(session, pMechanism, hPrivateKey);
  1876. if (rv != CKR_OK)
  1877. {
  1878. pkcs11_die(PKCS11_F_RSA_PRIV_ENC, PKCS11_R_SIGNINIT, rv);
  1879. ulSignatureLen = -1;
  1880. goto out;
  1881. }
  1882. rv = pFunctionList->C_Sign(session, (unsigned char *)from,
  1883. flen, NULL_PTR, &ulSignatureLen);
  1884. if (rv != CKR_OK)
  1885. {
  1886. pkcs11_die(PKCS11_F_RSA_PRIV_ENC, PKCS11_R_SIGN, rv);
  1887. ulSignatureLen = -1;
  1888. goto out;
  1889. }
  1890. rv = pFunctionList->C_Sign(session, (unsigned char *)from,
  1891. flen, to, &ulSignatureLen);
  1892. if (rv != CKR_OK)
  1893. {
  1894. pkcs11_die(PKCS11_F_RSA_PRIV_ENC, PKCS11_R_SIGN, rv);
  1895. ulSignatureLen = -1;
  1896. goto out;
  1897. }
  1898. }
  1899. out:
  1900. OPENSSL_free(wrapper);
  1901. return ulSignatureLen;
  1902. }
  1903. /*----------------------------------------------------------------*/
  1904. /* pkcs11_RSA_private_decrypt */
  1905. /* */
  1906. /*This function implements RSA private decryption.
  1907. flen : bytes are taken from 'from' and decrypted.
  1908. The decrypted data is put into 'to'.
  1909. ret : returns the number of bytes -1 if an error.
  1910. The operation performed is to = from^rsa->d mod rsa->n.*/
  1911. /* for PKCS11 use C_DecryptInit + C_Decrypt */
  1912. /*----------------------------------------------------------------*/
  1913. static int pkcs11_RSA_private_decrypt(int flen,
  1914. const unsigned char *from,
  1915. unsigned char *to,
  1916. RSA *rsa,
  1917. int padding)
  1918. {
  1919. CK_ULONG bytesDecrypted = flen;
  1920. CK_RV rv;
  1921. CK_MECHANISM Mechanism_rsa = {CKM_RSA_PKCS, NULL, 0};
  1922. CK_MECHANISM *pMechanism = &Mechanism_rsa;
  1923. CK_OBJECT_HANDLE hPrivateKey;
  1924. struct token_session *wrapper = NULL;
  1925. CK_SESSION_HANDLE session;
  1926. DBG_fprintf("%s\n", __FUNCTION__);
  1927. if (padding != RSA_PKCS1_PADDING)
  1928. {
  1929. PKCS11err(PKCS11_F_RSA_PRIV_DEC, PKCS11_R_UNKNOWN_PADDING_TYPE);
  1930. return -1;
  1931. }
  1932. session = (CK_SESSION_HANDLE)RSA_get_ex_data(rsa, pkcs11Session);
  1933. if (session == CK_INVALID_HANDLE || !session) {
  1934. wrapper = pkcs11_getSession();
  1935. if (!wrapper)
  1936. return 0;
  1937. DBG_fprintf("%d: created new session\n", __LINE__);
  1938. session = wrapper->session;
  1939. RSA_set_ex_data(rsa, pkcs11Session, (void *)session);
  1940. }
  1941. hPrivateKey = (CK_OBJECT_HANDLE)RSA_get_ex_data(rsa, rsaPrivKey);
  1942. if (hPrivateKey == CK_INVALID_HANDLE)
  1943. hPrivateKey = pkcs11_FindOrCreateKey(session, rsa, CKO_PRIVATE_KEY, true);
  1944. if (hPrivateKey != CK_INVALID_HANDLE)
  1945. {
  1946. rv = pFunctionList->C_DecryptInit(session, pMechanism, hPrivateKey);
  1947. if (rv != CKR_OK)
  1948. {
  1949. pkcs11_die(PKCS11_F_RSA_PRIV_DEC, PKCS11_R_DECRYPTINIT, rv);
  1950. bytesDecrypted = -1;
  1951. goto out;
  1952. }
  1953. rv = pFunctionList->C_Decrypt(session, (unsigned char *)from,
  1954. flen, to, &bytesDecrypted);
  1955. if (rv != CKR_OK)
  1956. {
  1957. pkcs11_die(PKCS11_F_RSA_PRIV_DEC, PKCS11_R_DECRYPT, rv);
  1958. bytesDecrypted = -1;
  1959. goto out;
  1960. }
  1961. }
  1962. out:
  1963. OPENSSL_free(wrapper);
  1964. return bytesDecrypted;
  1965. }
  1966. /*----------------------------------------------------------------*/
  1967. /* pkcs11_RSA_public_decrypt */
  1968. /* */
  1969. /* This function implements RSA public decryption, the rsaKey
  1970. variable is the public key (but can be a private key).
  1971. This function should be processed as a pkcs11
  1972. verify-recover function
  1973. flen : bytes are taken from 'from' and decrypted.
  1974. to : The decrypted data.
  1975. ret : The number of bytes encrypted. -1 is returned to indicate an error.
  1976. The operation performed is to = from^rsa->e mod rsa->n.*/
  1977. /* for PKCS11 use C_VerifyRecoverInit + C_VerifyRecover */
  1978. /*'from' points to signature and 'flen' contains its length*/
  1979. /*----------------------------------------------------------------*/
  1980. static int pkcs11_RSA_public_decrypt(int flen,
  1981. const unsigned char *from,
  1982. unsigned char *to,
  1983. RSA *rsa,
  1984. int padding)
  1985. {
  1986. CK_ULONG bytesDecrypted = 0;
  1987. CK_RV rv;
  1988. CK_MECHANISM Mechanism_rsa = {CKM_RSA_PKCS, NULL, 0};
  1989. CK_MECHANISM *pMechanism = &Mechanism_rsa;
  1990. CK_OBJECT_HANDLE hPublicKey = CK_INVALID_HANDLE;
  1991. struct token_session *wrapper = NULL;
  1992. CK_SESSION_HANDLE session;
  1993. DBG_fprintf("%s\n", __FUNCTION__);
  1994. if (padding != RSA_PKCS1_PADDING)
  1995. {
  1996. PKCS11err(PKCS11_F_RSA_PUB_DEC, PKCS11_R_UNKNOWN_PADDING_TYPE);
  1997. return -1;
  1998. }
  1999. session = (CK_SESSION_HANDLE)RSA_get_ex_data(rsa, pkcs11Session);
  2000. if (session == CK_INVALID_HANDLE || !session) {
  2001. wrapper = pkcs11_getSession();
  2002. if (!wrapper)
  2003. return 0;
  2004. DBG_fprintf("%d: created new session\n", __LINE__);
  2005. session = wrapper->session;
  2006. RSA_set_ex_data(rsa, pkcs11Session, (void *)session);
  2007. }
  2008. hPublicKey = (CK_OBJECT_HANDLE)RSA_get_ex_data(rsa, rsaPubKey);
  2009. if (hPublicKey == CK_INVALID_HANDLE)