1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017-2020, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <inttypes.h> 8 #include <pkcs11_ta.h> 9 #include <stdlib.h> 10 #include <string_ext.h> 11 #include <tee_internal_api_extensions.h> 12 #include <tee_internal_api.h> 13 #include <trace.h> 14 #include <util.h> 15 16 #include "attributes.h" 17 #include "handle.h" 18 #include "pkcs11_attributes.h" 19 #include "pkcs11_helpers.h" 20 #include "pkcs11_token.h" 21 #include "sanitize_object.h" 22 #include "serializer.h" 23 #include "token_capabilities.h" 24 25 /* Byte size of CKA_ID attribute when generated locally */ 26 #define PKCS11_CKA_DEFAULT_SIZE 16 27 28 static uint32_t pkcs11_func2ckfm(enum processing_func function) 29 { 30 switch (function) { 31 case PKCS11_FUNCTION_DIGEST: 32 return PKCS11_CKFM_DIGEST; 33 case PKCS11_FUNCTION_GENERATE: 34 return PKCS11_CKFM_GENERATE; 35 case PKCS11_FUNCTION_GENERATE_PAIR: 36 return PKCS11_CKFM_GENERATE_KEY_PAIR; 37 case PKCS11_FUNCTION_DERIVE: 38 return PKCS11_CKFM_DERIVE; 39 case PKCS11_FUNCTION_WRAP: 40 return PKCS11_CKFM_WRAP; 41 case PKCS11_FUNCTION_UNWRAP: 42 return PKCS11_CKFM_UNWRAP; 43 case PKCS11_FUNCTION_ENCRYPT: 44 return PKCS11_CKFM_ENCRYPT; 45 case PKCS11_FUNCTION_DECRYPT: 46 return PKCS11_CKFM_DECRYPT; 47 case PKCS11_FUNCTION_SIGN: 48 return PKCS11_CKFM_SIGN; 49 case PKCS11_FUNCTION_VERIFY: 50 return PKCS11_CKFM_VERIFY; 51 case PKCS11_FUNCTION_SIGN_RECOVER: 52 return PKCS11_CKFM_SIGN_RECOVER; 53 case PKCS11_FUNCTION_VERIFY_RECOVER: 54 return PKCS11_CKFM_VERIFY_RECOVER; 55 default: 56 return 0; 57 } 58 } 59 60 enum pkcs11_rc 61 check_mechanism_against_processing(struct pkcs11_session *session, 62 enum pkcs11_mechanism_id mechanism_type, 63 enum processing_func function, 64 enum processing_step step) 65 { 66 bool allowed = false; 67 68 switch (step) { 69 case PKCS11_FUNC_STEP_INIT: 70 switch (function) { 71 case PKCS11_FUNCTION_IMPORT: 72 case PKCS11_FUNCTION_COPY: 73 case PKCS11_FUNCTION_MODIFY: 74 case PKCS11_FUNCTION_DESTROY: 75 return PKCS11_CKR_OK; 76 default: 77 break; 78 } 79 /* 80 * Check that the returned PKCS11_CKFM_* flag from 81 * pkcs11_func2ckfm() is among the ones from 82 * mechanism_supported_flags(). 83 */ 84 allowed = mechanism_supported_flags(mechanism_type) & 85 pkcs11_func2ckfm(function); 86 break; 87 88 case PKCS11_FUNC_STEP_ONESHOT: 89 if (session->processing->always_authen && 90 !session->processing->relogged) 91 return PKCS11_CKR_USER_NOT_LOGGED_IN; 92 93 if (session->processing->updated) { 94 EMSG("Cannot perform one-shot on updated processing"); 95 return PKCS11_CKR_OPERATION_ACTIVE; 96 } 97 98 allowed = true; 99 break; 100 101 case PKCS11_FUNC_STEP_UPDATE: 102 if (session->processing->always_authen && 103 !session->processing->relogged) 104 return PKCS11_CKR_USER_NOT_LOGGED_IN; 105 106 allowed = !mechanism_is_one_shot_only(mechanism_type); 107 break; 108 109 case PKCS11_FUNC_STEP_FINAL: 110 if (session->processing->always_authen && 111 !session->processing->relogged) 112 return PKCS11_CKR_USER_NOT_LOGGED_IN; 113 114 return PKCS11_CKR_OK; 115 116 default: 117 TEE_Panic(step); 118 break; 119 } 120 121 if (!allowed) { 122 EMSG("Processing %#x/%s not permitted (%u/%u)", 123 (unsigned int)mechanism_type, id2str_proc(mechanism_type), 124 function, step); 125 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 126 } 127 128 return PKCS11_CKR_OK; 129 } 130 131 /* 132 * Object default boolean attributes as per PKCS#11 133 */ 134 static uint8_t *pkcs11_object_default_boolprop(uint32_t attribute) 135 { 136 static const uint8_t bool_true = 1; 137 static const uint8_t bool_false; 138 139 switch (attribute) { 140 /* As per PKCS#11 default value */ 141 case PKCS11_CKA_MODIFIABLE: 142 case PKCS11_CKA_COPYABLE: 143 case PKCS11_CKA_DESTROYABLE: 144 return (uint8_t *)&bool_true; 145 case PKCS11_CKA_TOKEN: 146 case PKCS11_CKA_PRIVATE: 147 case PKCS11_CKA_WRAP_WITH_TRUSTED: 148 case PKCS11_CKA_ALWAYS_AUTHENTICATE: 149 case PKCS11_CKA_SENSITIVE: 150 return (uint8_t *)&bool_false; 151 /* Token specific default value */ 152 case PKCS11_CKA_SIGN: 153 case PKCS11_CKA_VERIFY: 154 case PKCS11_CKA_DERIVE: 155 case PKCS11_CKA_ENCRYPT: 156 case PKCS11_CKA_DECRYPT: 157 case PKCS11_CKA_SIGN_RECOVER: 158 case PKCS11_CKA_VERIFY_RECOVER: 159 case PKCS11_CKA_WRAP: 160 case PKCS11_CKA_UNWRAP: 161 case PKCS11_CKA_EXTRACTABLE: 162 case PKCS11_CKA_TRUSTED: 163 return (uint8_t *)&bool_false; 164 default: 165 DMSG("No default for boolprop attribute %#"PRIx32, attribute); 166 return NULL; 167 } 168 } 169 170 /* 171 * Object expects several boolean attributes to be set to a default value 172 * or to a validate client configuration value. This function append the input 173 * attribute (id/size/value) in the serialized object. 174 */ 175 static enum pkcs11_rc pkcs11_import_object_boolprop(struct obj_attrs **out, 176 struct obj_attrs *templ, 177 uint32_t attribute) 178 { 179 enum pkcs11_rc rc = PKCS11_CKR_OK; 180 uint8_t bbool = 0; 181 uint32_t size = sizeof(uint8_t); 182 void *attr = NULL; 183 184 rc = get_attribute(templ, attribute, &bbool, &size); 185 if (rc) { 186 if (rc != PKCS11_RV_NOT_FOUND) 187 return rc; 188 attr = pkcs11_object_default_boolprop(attribute); 189 if (!attr) 190 return PKCS11_CKR_TEMPLATE_INCOMPLETE; 191 } else { 192 attr = &bbool; 193 } 194 195 /* Boolean attributes are 1byte in the ABI, no alignment issue */ 196 return add_attribute(out, attribute, attr, sizeof(uint8_t)); 197 } 198 199 static enum pkcs11_rc set_mandatory_boolprops(struct obj_attrs **out, 200 struct obj_attrs *temp, 201 uint32_t const *bp, 202 size_t bp_count) 203 { 204 enum pkcs11_rc rc = PKCS11_CKR_OK; 205 size_t n = 0; 206 207 for (n = 0; n < bp_count; n++) { 208 rc = pkcs11_import_object_boolprop(out, temp, bp[n]); 209 if (rc) 210 return rc; 211 } 212 213 return rc; 214 } 215 216 static enum pkcs11_rc set_mandatory_attributes(struct obj_attrs **out, 217 struct obj_attrs *temp, 218 uint32_t const *bp, 219 size_t bp_count) 220 { 221 enum pkcs11_rc rc = PKCS11_CKR_OK; 222 size_t n = 0; 223 224 for (n = 0; n < bp_count; n++) { 225 uint32_t size = 0; 226 void *value = NULL; 227 228 if (get_attribute_ptr(temp, bp[n], &value, &size)) 229 return PKCS11_CKR_TEMPLATE_INCOMPLETE; 230 231 rc = add_attribute(out, bp[n], value, size); 232 if (rc) 233 return rc; 234 } 235 236 return rc; 237 } 238 239 static enum pkcs11_rc get_default_value(enum pkcs11_attr_id id, void **value, 240 uint32_t *size) 241 { 242 /* should have been taken care of already */ 243 assert(!pkcs11_attr_is_boolean(id)); 244 245 if (id == PKCS11_CKA_PUBLIC_KEY_INFO) { 246 EMSG("Cannot provide default PUBLIC_KEY_INFO"); 247 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 248 } 249 250 /* All other attributes have an empty default value */ 251 *value = NULL; 252 *size = 0; 253 return PKCS11_CKR_OK; 254 } 255 256 static enum pkcs11_rc set_optional_attributes_with_def(struct obj_attrs **out, 257 struct obj_attrs *temp, 258 uint32_t const *bp, 259 size_t bp_count, 260 bool default_to_null) 261 { 262 enum pkcs11_rc rc = PKCS11_CKR_OK; 263 size_t n = 0; 264 265 for (n = 0; n < bp_count; n++) { 266 uint32_t size = 0; 267 void *value = NULL; 268 269 rc = get_attribute_ptr(temp, bp[n], &value, &size); 270 if (rc == PKCS11_RV_NOT_FOUND) { 271 if (default_to_null) { 272 rc = get_default_value(bp[n], &value, &size); 273 } else { 274 rc = PKCS11_CKR_OK; 275 continue; 276 } 277 } 278 if (rc) 279 return rc; 280 281 rc = add_attribute(out, bp[n], value, size); 282 if (rc) 283 return rc; 284 } 285 286 return rc; 287 } 288 289 static enum pkcs11_rc set_attributes_opt_or_null(struct obj_attrs **out, 290 struct obj_attrs *temp, 291 uint32_t const *bp, 292 size_t bp_count) 293 { 294 return set_optional_attributes_with_def(out, temp, bp, bp_count, true); 295 } 296 297 static enum pkcs11_rc set_optional_attributes(struct obj_attrs **out, 298 struct obj_attrs *temp, 299 uint32_t const *bp, 300 size_t bp_count) 301 { 302 return set_optional_attributes_with_def(out, temp, bp, bp_count, false); 303 } 304 305 /* 306 * Below are listed the mandated or optional expected attributes for 307 * PKCS#11 storage objects. 308 * 309 * Note: boolprops (mandated boolean attributes) PKCS11_CKA_ALWAYS_SENSITIVE, 310 * and PKCS11_CKA_NEVER_EXTRACTABLE are set by the token, not provided 311 * in the client template. 312 */ 313 314 /* PKCS#11 specification for any object (session/token) of the storage */ 315 static const uint32_t any_object_boolprops[] = { 316 PKCS11_CKA_TOKEN, PKCS11_CKA_PRIVATE, 317 PKCS11_CKA_MODIFIABLE, PKCS11_CKA_COPYABLE, PKCS11_CKA_DESTROYABLE, 318 }; 319 320 static const uint32_t any_object_opt_or_null[] = { 321 PKCS11_CKA_LABEL, 322 }; 323 324 /* PKCS#11 specification for raw data object (+any_object_xxx) */ 325 const uint32_t raw_data_opt_or_null[] = { 326 PKCS11_CKA_OBJECT_ID, PKCS11_CKA_APPLICATION, PKCS11_CKA_VALUE, 327 }; 328 329 /* PKCS#11 specification for any key object (+any_object_xxx) */ 330 static const uint32_t any_key_boolprops[] = { 331 PKCS11_CKA_DERIVE, 332 }; 333 334 static const uint32_t any_key_opt_or_null[] = { 335 PKCS11_CKA_ID, 336 PKCS11_CKA_START_DATE, PKCS11_CKA_END_DATE, 337 }; 338 339 static const uint32_t any_key_optional[] = { 340 PKCS11_CKA_ALLOWED_MECHANISMS, 341 }; 342 343 /* PKCS#11 specification for any symmetric key (+any_key_xxx) */ 344 static const uint32_t symm_key_boolprops[] = { 345 PKCS11_CKA_ENCRYPT, PKCS11_CKA_DECRYPT, 346 PKCS11_CKA_SIGN, PKCS11_CKA_VERIFY, 347 PKCS11_CKA_WRAP, PKCS11_CKA_UNWRAP, 348 PKCS11_CKA_SENSITIVE, PKCS11_CKA_EXTRACTABLE, 349 PKCS11_CKA_WRAP_WITH_TRUSTED, PKCS11_CKA_TRUSTED, 350 }; 351 352 static const uint32_t symm_key_opt_or_null[] = { 353 PKCS11_CKA_WRAP_TEMPLATE, PKCS11_CKA_UNWRAP_TEMPLATE, 354 PKCS11_CKA_DERIVE_TEMPLATE, 355 PKCS11_CKA_VALUE, PKCS11_CKA_VALUE_LEN, 356 }; 357 358 /* PKCS#11 specification for any asymmetric public key (+any_key_xxx) */ 359 static const uint32_t public_key_boolprops[] = { 360 PKCS11_CKA_ENCRYPT, PKCS11_CKA_VERIFY, PKCS11_CKA_VERIFY_RECOVER, 361 PKCS11_CKA_WRAP, 362 PKCS11_CKA_TRUSTED, 363 }; 364 365 static const uint32_t public_key_mandated[] = { 366 PKCS11_CKA_SUBJECT 367 }; 368 369 static const uint32_t public_key_opt_or_null[] = { 370 PKCS11_CKA_WRAP_TEMPLATE, PKCS11_CKA_PUBLIC_KEY_INFO, 371 }; 372 373 /* PKCS#11 specification for any asymmetric private key (+any_key_xxx) */ 374 static const uint32_t private_key_boolprops[] = { 375 PKCS11_CKA_DECRYPT, PKCS11_CKA_SIGN, PKCS11_CKA_SIGN_RECOVER, 376 PKCS11_CKA_UNWRAP, 377 PKCS11_CKA_SENSITIVE, PKCS11_CKA_EXTRACTABLE, 378 PKCS11_CKA_WRAP_WITH_TRUSTED, PKCS11_CKA_ALWAYS_AUTHENTICATE, 379 }; 380 381 static const uint32_t private_key_mandated[] = { 382 PKCS11_CKA_SUBJECT 383 }; 384 385 static const uint32_t private_key_opt_or_null[] = { 386 PKCS11_CKA_UNWRAP_TEMPLATE, PKCS11_CKA_PUBLIC_KEY_INFO, 387 }; 388 389 /* PKCS#11 specification for any RSA key (+public/private_key_xxx) */ 390 static const uint32_t rsa_public_key_mandated[] = { 391 PKCS11_CKA_MODULUS_BITS, 392 }; 393 394 static const uint32_t rsa_public_key_opt_or_null[] = { 395 PKCS11_CKA_MODULUS, PKCS11_CKA_PUBLIC_EXPONENT, 396 }; 397 398 static const uint32_t rsa_private_key_opt_or_null[] = { 399 PKCS11_CKA_MODULUS, PKCS11_CKA_PUBLIC_EXPONENT, 400 PKCS11_CKA_PRIVATE_EXPONENT, 401 PKCS11_CKA_PRIME_1, PKCS11_CKA_PRIME_2, 402 PKCS11_CKA_EXPONENT_1, PKCS11_CKA_EXPONENT_2, PKCS11_CKA_COEFFICIENT, 403 }; 404 405 /* PKCS#11 specification for any EC key (+public/private_key_xxx) */ 406 static const uint32_t ec_public_key_mandated[] = { 407 PKCS11_CKA_EC_PARAMS, 408 }; 409 410 static const uint32_t ec_public_key_opt_or_null[] = { 411 PKCS11_CKA_EC_POINT, 412 }; 413 414 static const uint32_t ec_private_key_mandated[] = { 415 PKCS11_CKA_EC_PARAMS, 416 }; 417 418 static const uint32_t ec_private_key_opt_or_null[] = { 419 PKCS11_CKA_VALUE, 420 }; 421 422 static enum pkcs11_rc create_storage_attributes(struct obj_attrs **out, 423 struct obj_attrs *temp) 424 { 425 enum pkcs11_class_id class = PKCS11_CKO_UNDEFINED_ID; 426 enum pkcs11_rc rc = PKCS11_CKR_OK; 427 428 rc = init_attributes_head(out); 429 if (rc) 430 return rc; 431 432 /* Object class is mandatory */ 433 class = get_class(temp); 434 if (class == PKCS11_CKO_UNDEFINED_ID) { 435 EMSG("Class attribute not found"); 436 437 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 438 } 439 rc = add_attribute(out, PKCS11_CKA_CLASS, &class, sizeof(uint32_t)); 440 if (rc) 441 return rc; 442 443 rc = set_mandatory_boolprops(out, temp, any_object_boolprops, 444 ARRAY_SIZE(any_object_boolprops)); 445 if (rc) 446 return rc; 447 448 return set_attributes_opt_or_null(out, temp, any_object_opt_or_null, 449 ARRAY_SIZE(any_object_opt_or_null)); 450 } 451 452 static enum pkcs11_rc create_genkey_attributes(struct obj_attrs **out, 453 struct obj_attrs *temp) 454 { 455 uint32_t type = PKCS11_CKO_UNDEFINED_ID; 456 enum pkcs11_rc rc = PKCS11_CKR_OK; 457 458 rc = create_storage_attributes(out, temp); 459 if (rc) 460 return rc; 461 462 type = get_key_type(temp); 463 if (type == PKCS11_CKK_UNDEFINED_ID) { 464 EMSG("Key type attribute not found"); 465 466 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 467 } 468 rc = add_attribute(out, PKCS11_CKA_KEY_TYPE, &type, sizeof(uint32_t)); 469 if (rc) 470 return rc; 471 472 rc = set_mandatory_boolprops(out, temp, any_key_boolprops, 473 ARRAY_SIZE(any_key_boolprops)); 474 if (rc) 475 return rc; 476 477 rc = set_attributes_opt_or_null(out, temp, any_key_opt_or_null, 478 ARRAY_SIZE(any_key_opt_or_null)); 479 if (rc) 480 return rc; 481 482 return set_optional_attributes(out, temp, any_key_optional, 483 ARRAY_SIZE(any_key_optional)); 484 485 } 486 487 static enum pkcs11_rc create_symm_key_attributes(struct obj_attrs **out, 488 struct obj_attrs *temp) 489 { 490 enum pkcs11_rc rc = PKCS11_CKR_OK; 491 492 assert(get_class(temp) == PKCS11_CKO_SECRET_KEY); 493 494 rc = create_genkey_attributes(out, temp); 495 if (rc) 496 return rc; 497 498 assert(get_class(*out) == PKCS11_CKO_SECRET_KEY); 499 500 switch (get_key_type(*out)) { 501 case PKCS11_CKK_GENERIC_SECRET: 502 case PKCS11_CKK_AES: 503 case PKCS11_CKK_MD5_HMAC: 504 case PKCS11_CKK_SHA_1_HMAC: 505 case PKCS11_CKK_SHA256_HMAC: 506 case PKCS11_CKK_SHA384_HMAC: 507 case PKCS11_CKK_SHA512_HMAC: 508 case PKCS11_CKK_SHA224_HMAC: 509 break; 510 default: 511 EMSG("Invalid key type %#"PRIx32"/%s", 512 get_key_type(*out), id2str_key_type(get_key_type(*out))); 513 514 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 515 } 516 517 rc = set_mandatory_boolprops(out, temp, symm_key_boolprops, 518 ARRAY_SIZE(symm_key_boolprops)); 519 if (rc) 520 return rc; 521 522 return set_attributes_opt_or_null(out, temp, symm_key_opt_or_null, 523 ARRAY_SIZE(symm_key_opt_or_null)); 524 } 525 526 static enum pkcs11_rc create_data_attributes(struct obj_attrs **out, 527 struct obj_attrs *temp) 528 { 529 enum pkcs11_rc rc = PKCS11_CKR_OK; 530 531 assert(get_class(temp) == PKCS11_CKO_DATA); 532 533 rc = create_storage_attributes(out, temp); 534 if (rc) 535 return rc; 536 537 assert(get_class(*out) == PKCS11_CKO_DATA); 538 539 return set_attributes_opt_or_null(out, temp, raw_data_opt_or_null, 540 ARRAY_SIZE(raw_data_opt_or_null)); 541 } 542 543 static enum pkcs11_rc create_pub_key_attributes(struct obj_attrs **out, 544 struct obj_attrs *temp) 545 { 546 uint32_t const *mandated = NULL; 547 uint32_t const *opt_or_null = NULL; 548 size_t mandated_count = 0; 549 size_t opt_or_null_count = 0; 550 enum pkcs11_rc rc = PKCS11_CKR_OK; 551 552 assert(get_class(temp) == PKCS11_CKO_PUBLIC_KEY); 553 554 rc = create_genkey_attributes(out, temp); 555 if (rc) 556 return rc; 557 558 assert(get_class(*out) == PKCS11_CKO_PUBLIC_KEY); 559 560 rc = set_mandatory_boolprops(out, temp, public_key_boolprops, 561 ARRAY_SIZE(public_key_boolprops)); 562 if (rc) 563 return rc; 564 565 rc = set_mandatory_attributes(out, temp, public_key_mandated, 566 ARRAY_SIZE(public_key_mandated)); 567 if (rc) 568 return rc; 569 570 rc = set_attributes_opt_or_null(out, temp, 571 public_key_opt_or_null, 572 ARRAY_SIZE(public_key_opt_or_null)); 573 if (rc) 574 return rc; 575 576 switch (get_key_type(*out)) { 577 case PKCS11_CKK_RSA: 578 mandated = rsa_public_key_mandated; 579 opt_or_null = rsa_public_key_opt_or_null; 580 mandated_count = ARRAY_SIZE(rsa_public_key_mandated); 581 opt_or_null_count = ARRAY_SIZE(rsa_public_key_opt_or_null); 582 break; 583 case PKCS11_CKK_EC: 584 mandated = ec_public_key_mandated; 585 opt_or_null = ec_public_key_opt_or_null; 586 mandated_count = ARRAY_SIZE(ec_public_key_mandated); 587 opt_or_null_count = ARRAY_SIZE(ec_public_key_opt_or_null); 588 break; 589 default: 590 EMSG("Invalid key type %#"PRIx32"/%s", 591 get_key_type(*out), id2str_key_type(get_key_type(*out))); 592 593 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 594 } 595 596 rc = set_mandatory_attributes(out, temp, mandated, mandated_count); 597 if (rc) 598 return rc; 599 600 return set_attributes_opt_or_null(out, temp, opt_or_null, 601 opt_or_null_count); 602 } 603 604 static enum pkcs11_rc create_priv_key_attributes(struct obj_attrs **out, 605 struct obj_attrs *temp) 606 { 607 uint32_t const *mandated = NULL; 608 uint32_t const *opt_or_null = NULL; 609 size_t mandated_count = 0; 610 size_t opt_or_null_count = 0; 611 enum pkcs11_rc rc = PKCS11_CKR_OK; 612 613 assert(get_class(temp) == PKCS11_CKO_PRIVATE_KEY); 614 615 rc = create_genkey_attributes(out, temp); 616 if (rc) 617 return rc; 618 619 assert(get_class(*out) == PKCS11_CKO_PRIVATE_KEY); 620 621 rc = set_mandatory_boolprops(out, temp, private_key_boolprops, 622 ARRAY_SIZE(private_key_boolprops)); 623 if (rc) 624 return rc; 625 626 rc = set_mandatory_attributes(out, temp, private_key_mandated, 627 ARRAY_SIZE(private_key_mandated)); 628 if (rc) 629 return rc; 630 631 rc = set_attributes_opt_or_null(out, temp, private_key_opt_or_null, 632 ARRAY_SIZE(private_key_opt_or_null)); 633 if (rc) 634 return rc; 635 636 switch (get_key_type(*out)) { 637 case PKCS11_CKK_RSA: 638 opt_or_null = rsa_private_key_opt_or_null; 639 opt_or_null_count = ARRAY_SIZE(rsa_private_key_opt_or_null); 640 break; 641 case PKCS11_CKK_EC: 642 mandated = ec_private_key_mandated; 643 opt_or_null = ec_private_key_opt_or_null; 644 mandated_count = ARRAY_SIZE(ec_private_key_mandated); 645 opt_or_null_count = ARRAY_SIZE(ec_private_key_opt_or_null); 646 break; 647 default: 648 EMSG("Invalid key type %#"PRIx32"/%s", 649 get_key_type(*out), id2str_key_type(get_key_type(*out))); 650 651 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 652 } 653 654 rc = set_mandatory_attributes(out, temp, mandated, mandated_count); 655 if (rc) 656 return rc; 657 658 return set_attributes_opt_or_null(out, temp, opt_or_null, 659 opt_or_null_count); 660 } 661 662 /* 663 * Create an attribute list for a new object from a template and a parent 664 * object (optional) for an object generation function (generate, copy, 665 * derive...). 666 * 667 * PKCS#11 directives on the supplied template and expected return value: 668 * - template has an invalid attribute ID: ATTRIBUTE_TYPE_INVALID 669 * - template has an invalid value for an attribute: ATTRIBUTE_VALID_INVALID 670 * - template has value for a read-only attribute: ATTRIBUTE_READ_ONLY 671 * - template+default+parent => still miss an attribute: TEMPLATE_INCONSISTENT 672 * 673 * INFO on PKCS11_CMD_COPY_OBJECT: 674 * - parent PKCS11_CKA_COPYIABLE=false => return ACTION_PROHIBITED. 675 * - template can specify PKCS11_CKA_TOKEN, PKCS11_CKA_PRIVATE, 676 * PKCS11_CKA_MODIFIABLE, PKCS11_CKA_DESTROYABLE. 677 * - SENSITIVE can change from false to true, not from true to false. 678 * - LOCAL is the parent LOCAL 679 */ 680 enum pkcs11_rc 681 create_attributes_from_template(struct obj_attrs **out, void *template, 682 size_t template_size, 683 struct obj_attrs *parent __unused, 684 enum processing_func function, 685 enum pkcs11_mechanism_id mecha __unused) 686 { 687 struct obj_attrs *temp = NULL; 688 struct obj_attrs *attrs = NULL; 689 enum pkcs11_rc rc = PKCS11_CKR_OK; 690 uint8_t local = 0; 691 uint8_t always_sensitive = 0; 692 uint8_t never_extract = 0; 693 uint32_t mechanism_id = PKCS11_CKM_UNDEFINED_ID; 694 695 #ifdef DEBUG /* Sanity: check function argument */ 696 trace_attributes_from_api_head("template", template, template_size); 697 switch (function) { 698 case PKCS11_FUNCTION_IMPORT: 699 break; 700 default: 701 TEE_Panic(TEE_ERROR_NOT_SUPPORTED); 702 } 703 #endif 704 705 rc = sanitize_client_object(&temp, template, template_size); 706 if (rc) 707 goto out; 708 709 /* If class/type not defined, match from mechanism */ 710 if (get_class(temp) == PKCS11_UNDEFINED_ID && 711 get_key_type(temp) == PKCS11_UNDEFINED_ID) { 712 EMSG("Unable to define class/type from mechanism"); 713 rc = PKCS11_CKR_TEMPLATE_INCOMPLETE; 714 goto out; 715 } 716 717 if (!sanitize_consistent_class_and_type(temp)) { 718 EMSG("Inconsistent class/type"); 719 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 720 goto out; 721 } 722 723 switch (get_class(temp)) { 724 case PKCS11_CKO_DATA: 725 rc = create_data_attributes(&attrs, temp); 726 break; 727 case PKCS11_CKO_SECRET_KEY: 728 rc = create_symm_key_attributes(&attrs, temp); 729 break; 730 case PKCS11_CKO_PUBLIC_KEY: 731 rc = create_pub_key_attributes(&attrs, temp); 732 break; 733 case PKCS11_CKO_PRIVATE_KEY: 734 rc = create_priv_key_attributes(&attrs, temp); 735 break; 736 default: 737 DMSG("Invalid object class %#"PRIx32"/%s", 738 get_class(temp), id2str_class(get_class(temp))); 739 740 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 741 break; 742 } 743 if (rc) 744 goto out; 745 746 if (get_attribute(attrs, PKCS11_CKA_LOCAL, NULL, NULL) != 747 PKCS11_RV_NOT_FOUND) { 748 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 749 goto out; 750 } 751 752 if (get_attribute(attrs, PKCS11_CKA_KEY_GEN_MECHANISM, NULL, NULL) != 753 PKCS11_RV_NOT_FOUND) { 754 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 755 goto out; 756 } 757 758 switch (function) { 759 case PKCS11_FUNCTION_IMPORT: 760 default: 761 local = PKCS11_FALSE; 762 break; 763 } 764 rc = add_attribute(&attrs, PKCS11_CKA_LOCAL, &local, sizeof(local)); 765 if (rc) 766 goto out; 767 768 switch (get_class(attrs)) { 769 case PKCS11_CKO_SECRET_KEY: 770 case PKCS11_CKO_PRIVATE_KEY: 771 case PKCS11_CKO_PUBLIC_KEY: 772 always_sensitive = PKCS11_FALSE; 773 never_extract = PKCS11_FALSE; 774 775 rc = add_attribute(&attrs, PKCS11_CKA_ALWAYS_SENSITIVE, 776 &always_sensitive, sizeof(always_sensitive)); 777 if (rc) 778 goto out; 779 780 rc = add_attribute(&attrs, PKCS11_CKA_NEVER_EXTRACTABLE, 781 &never_extract, sizeof(never_extract)); 782 if (rc) 783 goto out; 784 785 /* Keys mandate attribute PKCS11_CKA_KEY_GEN_MECHANISM */ 786 mechanism_id = PKCS11_CK_UNAVAILABLE_INFORMATION; 787 rc = add_attribute(&attrs, PKCS11_CKA_KEY_GEN_MECHANISM, 788 &mechanism_id, sizeof(mechanism_id)); 789 if (rc) 790 goto out; 791 break; 792 793 default: 794 break; 795 } 796 797 *out = attrs; 798 799 #ifdef DEBUG 800 trace_attributes("object", attrs); 801 #endif 802 803 out: 804 TEE_Free(temp); 805 if (rc) 806 TEE_Free(attrs); 807 808 return rc; 809 } 810 811 static enum pkcs11_rc check_attrs_misc_integrity(struct obj_attrs *head) 812 { 813 if (get_bool(head, PKCS11_CKA_NEVER_EXTRACTABLE) && 814 get_bool(head, PKCS11_CKA_EXTRACTABLE)) { 815 DMSG("Never/Extractable attributes mismatch %d/%d", 816 get_bool(head, PKCS11_CKA_NEVER_EXTRACTABLE), 817 get_bool(head, PKCS11_CKA_EXTRACTABLE)); 818 819 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 820 } 821 822 if (get_bool(head, PKCS11_CKA_ALWAYS_SENSITIVE) && 823 !get_bool(head, PKCS11_CKA_SENSITIVE)) { 824 DMSG("Sensitive/always attributes mismatch %d/%d", 825 get_bool(head, PKCS11_CKA_SENSITIVE), 826 get_bool(head, PKCS11_CKA_ALWAYS_SENSITIVE)); 827 828 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 829 } 830 831 return PKCS11_CKR_OK; 832 } 833 834 /* 835 * Check access to object against authentication to token 836 */ 837 enum pkcs11_rc check_access_attrs_against_token(struct pkcs11_session *session, 838 struct obj_attrs *head) 839 { 840 bool private = true; 841 842 switch (get_class(head)) { 843 case PKCS11_CKO_SECRET_KEY: 844 case PKCS11_CKO_PUBLIC_KEY: 845 case PKCS11_CKO_DATA: 846 private = get_bool(head, PKCS11_CKA_PRIVATE); 847 break; 848 case PKCS11_CKO_PRIVATE_KEY: 849 break; 850 default: 851 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 852 } 853 854 if (private && pkcs11_session_is_public(session)) { 855 DMSG("Private object access from a public session"); 856 857 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 858 } 859 860 return PKCS11_CKR_OK; 861 } 862 863 /* 864 * Check the attributes of a to-be-created object matches the token state 865 */ 866 enum pkcs11_rc check_created_attrs_against_token(struct pkcs11_session *session, 867 struct obj_attrs *head) 868 { 869 enum pkcs11_rc rc = PKCS11_CKR_OK; 870 871 rc = check_attrs_misc_integrity(head); 872 if (rc) 873 return rc; 874 875 if (get_bool(head, PKCS11_CKA_TRUSTED) && 876 !pkcs11_session_is_so(session)) { 877 DMSG("Can't create trusted object"); 878 879 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 880 } 881 882 if (get_bool(head, PKCS11_CKA_TOKEN) && 883 !pkcs11_session_is_read_write(session)) { 884 DMSG("Can't create persistent object"); 885 886 return PKCS11_CKR_SESSION_READ_ONLY; 887 } 888 889 /* 890 * TODO: START_DATE and END_DATE: complies with current time? 891 */ 892 return PKCS11_CKR_OK; 893 } 894 895 #define DMSG_BAD_BBOOL(attr, proc, head) \ 896 do { \ 897 uint32_t __maybe_unused _attr = (attr); \ 898 uint8_t __maybe_unused _bvalue = 0; \ 899 enum pkcs11_rc __maybe_unused _rc = PKCS11_CKR_OK; \ 900 \ 901 _rc = get_attribute((head), _attr, &_bvalue, NULL); \ 902 DMSG("%s issue for %s: %sfound, value %"PRIu8, \ 903 id2str_attr(_attr), id2str_proc((proc)), \ 904 _rc ? "not " : "", _bvalue); \ 905 } while (0) 906 907 static bool __maybe_unused check_attr_bval(uint32_t proc_id __maybe_unused, 908 struct obj_attrs *head, 909 uint32_t attribute, bool val) 910 { 911 uint8_t bbool = 0; 912 uint32_t sz = sizeof(bbool); 913 914 if (!get_attribute(head, attribute, &bbool, &sz) && !!bbool == val) 915 return true; 916 917 DMSG_BAD_BBOOL(attribute, proc_id, head); 918 return false; 919 } 920 921 /* 922 * Check the attributes of a new secret match the processing/mechanism 923 * used to create it. 924 * 925 * @proc_id - PKCS11_CKM_xxx 926 * @head - head of the attributes of the to-be-created object. 927 */ 928 enum pkcs11_rc check_created_attrs_against_processing(uint32_t proc_id, 929 struct obj_attrs *head) 930 { 931 /* 932 * Processings that do not create secrets are not expected to call 933 * this function which would panic. 934 */ 935 switch (proc_id) { 936 case PKCS11_PROCESSING_IMPORT: 937 assert(check_attr_bval(proc_id, head, PKCS11_CKA_LOCAL, false)); 938 break; 939 default: 940 TEE_Panic(proc_id); 941 break; 942 } 943 944 return PKCS11_CKR_OK; 945 } 946 947 static void get_key_min_max_sizes(enum pkcs11_key_type key_type, 948 uint32_t *min_key_size, 949 uint32_t *max_key_size) 950 { 951 enum pkcs11_mechanism_id mechanism = PKCS11_CKM_UNDEFINED_ID; 952 953 switch (key_type) { 954 case PKCS11_CKK_AES: 955 mechanism = PKCS11_CKM_AES_KEY_GEN; 956 break; 957 case PKCS11_CKK_MD5_HMAC: 958 mechanism = PKCS11_CKM_MD5_HMAC; 959 break; 960 case PKCS11_CKK_SHA_1_HMAC: 961 mechanism = PKCS11_CKM_SHA_1_HMAC; 962 break; 963 case PKCS11_CKK_SHA256_HMAC: 964 mechanism = PKCS11_CKM_SHA256_HMAC; 965 break; 966 case PKCS11_CKK_SHA224_HMAC: 967 mechanism = PKCS11_CKM_SHA224_HMAC; 968 break; 969 case PKCS11_CKK_SHA384_HMAC: 970 mechanism = PKCS11_CKM_SHA384_HMAC; 971 break; 972 case PKCS11_CKK_SHA512_HMAC: 973 mechanism = PKCS11_CKM_SHA512_HMAC; 974 break; 975 default: 976 TEE_Panic(key_type); 977 break; 978 } 979 980 mechanism_supported_key_sizes(mechanism, min_key_size, 981 max_key_size); 982 } 983 984 enum pkcs11_rc check_created_attrs(struct obj_attrs *key1, 985 struct obj_attrs *key2) 986 { 987 enum pkcs11_rc rc = PKCS11_CKR_OK; 988 struct obj_attrs *secret = NULL; 989 uint32_t max_key_size = 0; 990 uint32_t min_key_size = 0; 991 uint32_t key_length = 0; 992 993 switch (get_class(key1)) { 994 case PKCS11_CKO_SECRET_KEY: 995 secret = key1; 996 break; 997 default: 998 return PKCS11_CKR_ATTRIBUTE_VALUE_INVALID; 999 } 1000 1001 if (key2) 1002 return PKCS11_CKR_ATTRIBUTE_VALUE_INVALID; 1003 1004 if (secret) { 1005 switch (get_key_type(secret)) { 1006 case PKCS11_CKK_AES: 1007 case PKCS11_CKK_GENERIC_SECRET: 1008 case PKCS11_CKK_MD5_HMAC: 1009 case PKCS11_CKK_SHA_1_HMAC: 1010 case PKCS11_CKK_SHA224_HMAC: 1011 case PKCS11_CKK_SHA256_HMAC: 1012 case PKCS11_CKK_SHA384_HMAC: 1013 case PKCS11_CKK_SHA512_HMAC: 1014 break; 1015 default: 1016 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 1017 } 1018 1019 /* Get key size */ 1020 rc = get_u32_attribute(secret, PKCS11_CKA_VALUE_LEN, 1021 &key_length); 1022 if (rc) 1023 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 1024 } 1025 1026 get_key_min_max_sizes(get_key_type(key1), &min_key_size, &max_key_size); 1027 if (key_length < min_key_size || key_length > max_key_size) { 1028 EMSG("Length %"PRIu32" vs range [%"PRIu32" %"PRIu32"]", 1029 key_length, min_key_size, max_key_size); 1030 1031 return PKCS11_CKR_KEY_SIZE_RANGE; 1032 } 1033 1034 return PKCS11_CKR_OK; 1035 } 1036 1037 /* Check processing ID against attribute ALLOWED_MECHANISMS if any */ 1038 static bool parent_key_complies_allowed_processings(uint32_t proc_id, 1039 struct obj_attrs *head) 1040 { 1041 char *attr = NULL; 1042 uint32_t size = 0; 1043 uint32_t proc = 0; 1044 size_t count = 0; 1045 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR; 1046 1047 rc = get_attribute_ptr(head, PKCS11_CKA_ALLOWED_MECHANISMS, 1048 (void *)&attr, &size); 1049 if (rc == PKCS11_RV_NOT_FOUND) 1050 return true; 1051 if (rc) { 1052 EMSG("unexpected attributes state"); 1053 TEE_Panic(TEE_ERROR_BAD_STATE); 1054 } 1055 1056 for (count = size / sizeof(uint32_t); count; count--) { 1057 TEE_MemMove(&proc, attr, sizeof(uint32_t)); 1058 attr += sizeof(uint32_t); 1059 1060 if (proc == proc_id) 1061 return true; 1062 } 1063 1064 DMSG("can't find %s in allowed list", id2str_proc(proc_id)); 1065 return false; 1066 } 1067 1068 static enum pkcs11_attr_id func_to_attr(enum processing_func func) 1069 { 1070 switch (func) { 1071 case PKCS11_FUNCTION_ENCRYPT: 1072 return PKCS11_CKA_ENCRYPT; 1073 case PKCS11_FUNCTION_DECRYPT: 1074 return PKCS11_CKA_DECRYPT; 1075 case PKCS11_FUNCTION_SIGN: 1076 return PKCS11_CKA_SIGN; 1077 case PKCS11_FUNCTION_VERIFY: 1078 return PKCS11_CKA_VERIFY; 1079 case PKCS11_FUNCTION_WRAP: 1080 return PKCS11_CKA_WRAP; 1081 case PKCS11_FUNCTION_UNWRAP: 1082 return PKCS11_CKA_UNWRAP; 1083 case PKCS11_FUNCTION_DERIVE: 1084 return PKCS11_CKA_DERIVE; 1085 default: 1086 return PKCS11_CKA_UNDEFINED_ID; 1087 } 1088 } 1089 1090 enum pkcs11_rc 1091 check_parent_attrs_against_processing(enum pkcs11_mechanism_id proc_id, 1092 enum processing_func function, 1093 struct obj_attrs *head) 1094 { 1095 enum pkcs11_class_id key_class = get_class(head); 1096 enum pkcs11_key_type key_type = get_key_type(head); 1097 enum pkcs11_attr_id attr = func_to_attr(function); 1098 1099 if (!get_bool(head, attr)) { 1100 DMSG("%s not permitted", id2str_attr(attr)); 1101 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1102 } 1103 1104 /* Check processing complies with parent key family */ 1105 switch (proc_id) { 1106 case PKCS11_CKM_AES_ECB: 1107 case PKCS11_CKM_AES_CBC: 1108 case PKCS11_CKM_AES_CBC_PAD: 1109 case PKCS11_CKM_AES_CTS: 1110 case PKCS11_CKM_AES_CTR: 1111 if (key_class == PKCS11_CKO_SECRET_KEY && 1112 key_type == PKCS11_CKK_AES) 1113 break; 1114 1115 DMSG("%s invalid key %s/%s", id2str_proc(proc_id), 1116 id2str_class(key_class), id2str_key_type(key_type)); 1117 1118 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1119 1120 case PKCS11_CKM_MD5_HMAC: 1121 case PKCS11_CKM_SHA_1_HMAC: 1122 case PKCS11_CKM_SHA224_HMAC: 1123 case PKCS11_CKM_SHA256_HMAC: 1124 case PKCS11_CKM_SHA384_HMAC: 1125 case PKCS11_CKM_SHA512_HMAC: 1126 if (key_class != PKCS11_CKO_SECRET_KEY) 1127 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1128 1129 if (key_type == PKCS11_CKK_GENERIC_SECRET) 1130 break; 1131 1132 switch (proc_id) { 1133 case PKCS11_CKM_MD5_HMAC: 1134 if (key_type == PKCS11_CKK_MD5_HMAC) 1135 break; 1136 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1137 case PKCS11_CKM_SHA_1_HMAC: 1138 if (key_type == PKCS11_CKK_SHA_1_HMAC) 1139 break; 1140 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1141 case PKCS11_CKM_SHA224_HMAC: 1142 if (key_type == PKCS11_CKK_SHA224_HMAC) 1143 break; 1144 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1145 case PKCS11_CKM_SHA256_HMAC: 1146 if (key_type == PKCS11_CKK_SHA256_HMAC) 1147 break; 1148 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1149 case PKCS11_CKM_SHA384_HMAC: 1150 if (key_type == PKCS11_CKK_SHA384_HMAC) 1151 break; 1152 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1153 case PKCS11_CKM_SHA512_HMAC: 1154 if (key_type == PKCS11_CKK_SHA512_HMAC) 1155 break; 1156 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1157 default: 1158 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1159 } 1160 break; 1161 1162 default: 1163 DMSG("Invalid processing %#"PRIx32"/%s", proc_id, 1164 id2str_proc(proc_id)); 1165 1166 return PKCS11_CKR_MECHANISM_INVALID; 1167 } 1168 1169 if (!parent_key_complies_allowed_processings(proc_id, head)) { 1170 DMSG("Allowed mechanism failed"); 1171 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1172 } 1173 1174 return PKCS11_CKR_OK; 1175 } 1176