1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017-2020, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <inttypes.h> 8 #include <pkcs11_ta.h> 9 #include <stdlib.h> 10 #include <string_ext.h> 11 #include <tee_internal_api_extensions.h> 12 #include <tee_internal_api.h> 13 #include <trace.h> 14 #include <util.h> 15 16 #include "attributes.h" 17 #include "handle.h" 18 #include "pkcs11_attributes.h" 19 #include "pkcs11_helpers.h" 20 #include "pkcs11_token.h" 21 #include "sanitize_object.h" 22 #include "serializer.h" 23 #include "token_capabilities.h" 24 25 /* Byte size of CKA_ID attribute when generated locally */ 26 #define PKCS11_CKA_DEFAULT_SIZE 16 27 28 static uint32_t pkcs11_func2ckfm(enum processing_func function) 29 { 30 switch (function) { 31 case PKCS11_FUNCTION_DIGEST: 32 return PKCS11_CKFM_DIGEST; 33 case PKCS11_FUNCTION_GENERATE: 34 return PKCS11_CKFM_GENERATE; 35 case PKCS11_FUNCTION_GENERATE_PAIR: 36 return PKCS11_CKFM_GENERATE_KEY_PAIR; 37 case PKCS11_FUNCTION_DERIVE: 38 return PKCS11_CKFM_DERIVE; 39 case PKCS11_FUNCTION_WRAP: 40 return PKCS11_CKFM_WRAP; 41 case PKCS11_FUNCTION_UNWRAP: 42 return PKCS11_CKFM_UNWRAP; 43 case PKCS11_FUNCTION_ENCRYPT: 44 return PKCS11_CKFM_ENCRYPT; 45 case PKCS11_FUNCTION_DECRYPT: 46 return PKCS11_CKFM_DECRYPT; 47 case PKCS11_FUNCTION_SIGN: 48 return PKCS11_CKFM_SIGN; 49 case PKCS11_FUNCTION_VERIFY: 50 return PKCS11_CKFM_VERIFY; 51 case PKCS11_FUNCTION_SIGN_RECOVER: 52 return PKCS11_CKFM_SIGN_RECOVER; 53 case PKCS11_FUNCTION_VERIFY_RECOVER: 54 return PKCS11_CKFM_VERIFY_RECOVER; 55 default: 56 return 0; 57 } 58 } 59 60 enum pkcs11_rc 61 check_mechanism_against_processing(struct pkcs11_session *session, 62 enum pkcs11_mechanism_id mechanism_type, 63 enum processing_func function, 64 enum processing_step step) 65 { 66 bool allowed = false; 67 68 switch (step) { 69 case PKCS11_FUNC_STEP_INIT: 70 switch (function) { 71 case PKCS11_FUNCTION_IMPORT: 72 case PKCS11_FUNCTION_COPY: 73 case PKCS11_FUNCTION_MODIFY: 74 case PKCS11_FUNCTION_DESTROY: 75 return PKCS11_CKR_OK; 76 default: 77 break; 78 } 79 /* 80 * Check that the returned PKCS11_CKFM_* flag from 81 * pkcs11_func2ckfm() is among the ones from 82 * mechanism_supported_flags(). 83 */ 84 allowed = mechanism_supported_flags(mechanism_type) & 85 pkcs11_func2ckfm(function); 86 break; 87 88 case PKCS11_FUNC_STEP_ONESHOT: 89 if (session->processing->always_authen && 90 !session->processing->relogged) 91 return PKCS11_CKR_USER_NOT_LOGGED_IN; 92 93 if (session->processing->updated) { 94 EMSG("Cannot perform one-shot on updated processing"); 95 return PKCS11_CKR_OPERATION_ACTIVE; 96 } 97 98 allowed = true; 99 break; 100 101 case PKCS11_FUNC_STEP_UPDATE: 102 if (session->processing->always_authen && 103 !session->processing->relogged) 104 return PKCS11_CKR_USER_NOT_LOGGED_IN; 105 106 allowed = !mechanism_is_one_shot_only(mechanism_type); 107 break; 108 109 case PKCS11_FUNC_STEP_UPDATE_KEY: 110 assert(function == PKCS11_FUNCTION_DIGEST); 111 112 if (session->processing->always_authen && 113 !session->processing->relogged) 114 return PKCS11_CKR_USER_NOT_LOGGED_IN; 115 116 allowed = true; 117 break; 118 119 case PKCS11_FUNC_STEP_FINAL: 120 if (session->processing->always_authen && 121 !session->processing->relogged) 122 return PKCS11_CKR_USER_NOT_LOGGED_IN; 123 124 return PKCS11_CKR_OK; 125 126 default: 127 TEE_Panic(step); 128 break; 129 } 130 131 if (!allowed) { 132 EMSG("Processing %#x/%s not permitted (%u/%u)", 133 (unsigned int)mechanism_type, id2str_proc(mechanism_type), 134 function, step); 135 return PKCS11_CKR_MECHANISM_INVALID; 136 } 137 138 return PKCS11_CKR_OK; 139 } 140 141 /* 142 * Object default boolean attributes as per PKCS#11 143 */ 144 static uint8_t *pkcs11_object_default_boolprop(uint32_t attribute) 145 { 146 static const uint8_t bool_true = 1; 147 static const uint8_t bool_false; 148 149 switch (attribute) { 150 /* As per PKCS#11 default value */ 151 case PKCS11_CKA_MODIFIABLE: 152 case PKCS11_CKA_COPYABLE: 153 case PKCS11_CKA_DESTROYABLE: 154 return (uint8_t *)&bool_true; 155 case PKCS11_CKA_TOKEN: 156 case PKCS11_CKA_PRIVATE: 157 case PKCS11_CKA_WRAP_WITH_TRUSTED: 158 case PKCS11_CKA_ALWAYS_AUTHENTICATE: 159 case PKCS11_CKA_SENSITIVE: 160 return (uint8_t *)&bool_false; 161 /* Token specific default value */ 162 case PKCS11_CKA_SIGN: 163 case PKCS11_CKA_VERIFY: 164 case PKCS11_CKA_DERIVE: 165 case PKCS11_CKA_ENCRYPT: 166 case PKCS11_CKA_DECRYPT: 167 case PKCS11_CKA_SIGN_RECOVER: 168 case PKCS11_CKA_VERIFY_RECOVER: 169 case PKCS11_CKA_WRAP: 170 case PKCS11_CKA_UNWRAP: 171 case PKCS11_CKA_EXTRACTABLE: 172 case PKCS11_CKA_TRUSTED: 173 return (uint8_t *)&bool_false; 174 default: 175 DMSG("No default for boolprop attribute %#"PRIx32, attribute); 176 return NULL; 177 } 178 } 179 180 /* 181 * Object expects several boolean attributes to be set to a default value 182 * or to a validate client configuration value. This function append the input 183 * attribute (id/size/value) in the serialized object. 184 */ 185 static enum pkcs11_rc pkcs11_import_object_boolprop(struct obj_attrs **out, 186 struct obj_attrs *templ, 187 uint32_t attribute) 188 { 189 enum pkcs11_rc rc = PKCS11_CKR_OK; 190 uint8_t bbool = 0; 191 uint32_t size = sizeof(uint8_t); 192 void *attr = NULL; 193 194 rc = get_attribute(templ, attribute, &bbool, &size); 195 if (rc) { 196 if (rc != PKCS11_RV_NOT_FOUND) 197 return rc; 198 attr = pkcs11_object_default_boolprop(attribute); 199 if (!attr) 200 return PKCS11_CKR_TEMPLATE_INCOMPLETE; 201 } else { 202 attr = &bbool; 203 } 204 205 /* Boolean attributes are 1byte in the ABI, no alignment issue */ 206 return add_attribute(out, attribute, attr, sizeof(uint8_t)); 207 } 208 209 static enum pkcs11_rc set_mandatory_boolprops(struct obj_attrs **out, 210 struct obj_attrs *temp, 211 uint32_t const *bp, 212 size_t bp_count) 213 { 214 enum pkcs11_rc rc = PKCS11_CKR_OK; 215 size_t n = 0; 216 217 for (n = 0; n < bp_count; n++) { 218 rc = pkcs11_import_object_boolprop(out, temp, bp[n]); 219 if (rc) 220 return rc; 221 } 222 223 return rc; 224 } 225 226 static enum pkcs11_rc set_mandatory_attributes(struct obj_attrs **out, 227 struct obj_attrs *temp, 228 uint32_t const *attrs, 229 size_t attrs_count) 230 { 231 enum pkcs11_rc rc = PKCS11_CKR_OK; 232 size_t n = 0; 233 234 for (n = 0; n < attrs_count; n++) { 235 uint32_t size = 0; 236 void *value = NULL; 237 238 if (get_attribute_ptr(temp, attrs[n], &value, &size)) 239 return PKCS11_CKR_TEMPLATE_INCOMPLETE; 240 241 rc = add_attribute(out, attrs[n], value, size); 242 if (rc) 243 return rc; 244 } 245 246 return rc; 247 } 248 249 static enum pkcs11_rc get_default_value(enum pkcs11_attr_id id, void **value, 250 uint32_t *size) 251 { 252 /* should have been taken care of already */ 253 assert(!pkcs11_attr_is_boolean(id)); 254 255 /* All other attributes have an empty default value */ 256 *value = NULL; 257 *size = 0; 258 return PKCS11_CKR_OK; 259 } 260 261 static enum pkcs11_rc set_optional_attributes_with_def(struct obj_attrs **out, 262 struct obj_attrs *temp, 263 uint32_t const *attrs, 264 size_t attrs_count, 265 bool default_to_null) 266 { 267 enum pkcs11_rc rc = PKCS11_CKR_OK; 268 size_t n = 0; 269 270 for (n = 0; n < attrs_count; n++) { 271 uint32_t size = 0; 272 void *value = NULL; 273 274 rc = get_attribute_ptr(temp, attrs[n], &value, &size); 275 if (rc == PKCS11_RV_NOT_FOUND) { 276 if (default_to_null) { 277 rc = get_default_value(attrs[n], &value, &size); 278 } else { 279 rc = PKCS11_CKR_OK; 280 continue; 281 } 282 } 283 if (rc) 284 return rc; 285 286 rc = add_attribute(out, attrs[n], value, size); 287 if (rc) 288 return rc; 289 } 290 291 return rc; 292 } 293 294 static enum pkcs11_rc set_attributes_opt_or_null(struct obj_attrs **out, 295 struct obj_attrs *temp, 296 uint32_t const *attrs, 297 size_t attrs_count) 298 { 299 return set_optional_attributes_with_def(out, temp, attrs, attrs_count, 300 true /* defaults to empty */); 301 } 302 303 static enum pkcs11_rc set_optional_attributes(struct obj_attrs **out, 304 struct obj_attrs *temp, 305 uint32_t const *attrs, 306 size_t attrs_count) 307 { 308 return set_optional_attributes_with_def(out, temp, attrs, attrs_count, 309 false /* no default value */); 310 } 311 312 /* 313 * Below are listed the mandated or optional expected attributes for 314 * PKCS#11 storage objects. 315 * 316 * Note: boolprops (mandated boolean attributes) PKCS11_CKA_ALWAYS_SENSITIVE, 317 * and PKCS11_CKA_NEVER_EXTRACTABLE are set by the token, not provided 318 * in the client template. 319 */ 320 321 /* PKCS#11 specification for any object (session/token) of the storage */ 322 static const uint32_t any_object_boolprops[] = { 323 PKCS11_CKA_TOKEN, PKCS11_CKA_PRIVATE, 324 PKCS11_CKA_MODIFIABLE, PKCS11_CKA_COPYABLE, PKCS11_CKA_DESTROYABLE, 325 }; 326 327 static const uint32_t any_object_opt_or_null[] = { 328 PKCS11_CKA_LABEL, 329 }; 330 331 /* PKCS#11 specification for raw data object (+any_object_xxx) */ 332 const uint32_t raw_data_opt_or_null[] = { 333 PKCS11_CKA_OBJECT_ID, PKCS11_CKA_APPLICATION, PKCS11_CKA_VALUE, 334 }; 335 336 /* PKCS#11 specification for any key object (+any_object_xxx) */ 337 static const uint32_t any_key_boolprops[] = { 338 PKCS11_CKA_DERIVE, 339 }; 340 341 static const uint32_t any_key_opt_or_null[] = { 342 PKCS11_CKA_ID, 343 PKCS11_CKA_START_DATE, PKCS11_CKA_END_DATE, 344 }; 345 346 static const uint32_t any_key_optional[] = { 347 PKCS11_CKA_ALLOWED_MECHANISMS, 348 }; 349 350 /* PKCS#11 specification for any symmetric key (+any_key_xxx) */ 351 static const uint32_t symm_key_boolprops[] = { 352 PKCS11_CKA_ENCRYPT, PKCS11_CKA_DECRYPT, 353 PKCS11_CKA_SIGN, PKCS11_CKA_VERIFY, 354 PKCS11_CKA_WRAP, PKCS11_CKA_UNWRAP, 355 PKCS11_CKA_SENSITIVE, PKCS11_CKA_EXTRACTABLE, 356 PKCS11_CKA_WRAP_WITH_TRUSTED, PKCS11_CKA_TRUSTED, 357 }; 358 359 static const uint32_t symm_key_opt_or_null[] = { 360 PKCS11_CKA_WRAP_TEMPLATE, PKCS11_CKA_UNWRAP_TEMPLATE, 361 PKCS11_CKA_DERIVE_TEMPLATE, PKCS11_CKA_VALUE, 362 }; 363 364 static const uint32_t symm_key_optional[] = { 365 PKCS11_CKA_VALUE_LEN, 366 }; 367 368 /* PKCS#11 specification for any asymmetric public key (+any_key_xxx) */ 369 static const uint32_t public_key_boolprops[] = { 370 PKCS11_CKA_ENCRYPT, PKCS11_CKA_VERIFY, PKCS11_CKA_VERIFY_RECOVER, 371 PKCS11_CKA_WRAP, 372 PKCS11_CKA_TRUSTED, 373 }; 374 375 static const uint32_t public_key_mandated[] = { 376 }; 377 378 static const uint32_t public_key_opt_or_null[] = { 379 PKCS11_CKA_SUBJECT, PKCS11_CKA_WRAP_TEMPLATE, 380 PKCS11_CKA_PUBLIC_KEY_INFO, 381 }; 382 383 /* PKCS#11 specification for any asymmetric private key (+any_key_xxx) */ 384 static const uint32_t private_key_boolprops[] = { 385 PKCS11_CKA_DECRYPT, PKCS11_CKA_SIGN, PKCS11_CKA_SIGN_RECOVER, 386 PKCS11_CKA_UNWRAP, 387 PKCS11_CKA_SENSITIVE, PKCS11_CKA_EXTRACTABLE, 388 PKCS11_CKA_WRAP_WITH_TRUSTED, PKCS11_CKA_ALWAYS_AUTHENTICATE, 389 }; 390 391 static const uint32_t private_key_mandated[] = { 392 }; 393 394 static const uint32_t private_key_opt_or_null[] = { 395 PKCS11_CKA_SUBJECT, PKCS11_CKA_UNWRAP_TEMPLATE, 396 PKCS11_CKA_PUBLIC_KEY_INFO, 397 }; 398 399 /* PKCS#11 specification for any RSA key (+public/private_key_xxx) */ 400 static const uint32_t rsa_public_key_mandated[] = { 401 PKCS11_CKA_MODULUS_BITS, 402 }; 403 404 static const uint32_t rsa_public_key_opt_or_null[] = { 405 PKCS11_CKA_MODULUS, PKCS11_CKA_PUBLIC_EXPONENT, 406 }; 407 408 static const uint32_t rsa_private_key_opt_or_null[] = { 409 PKCS11_CKA_MODULUS, PKCS11_CKA_PUBLIC_EXPONENT, 410 PKCS11_CKA_PRIVATE_EXPONENT, 411 PKCS11_CKA_PRIME_1, PKCS11_CKA_PRIME_2, 412 PKCS11_CKA_EXPONENT_1, PKCS11_CKA_EXPONENT_2, PKCS11_CKA_COEFFICIENT, 413 }; 414 415 /* PKCS#11 specification for any EC key (+public/private_key_xxx) */ 416 static const uint32_t ec_public_key_mandated[] = { 417 PKCS11_CKA_EC_PARAMS, 418 }; 419 420 static const uint32_t ec_public_key_opt_or_null[] = { 421 PKCS11_CKA_EC_POINT, 422 }; 423 424 static const uint32_t ec_private_key_mandated[] = { 425 PKCS11_CKA_EC_PARAMS, 426 }; 427 428 static const uint32_t ec_private_key_opt_or_null[] = { 429 PKCS11_CKA_VALUE, 430 }; 431 432 static enum pkcs11_rc create_storage_attributes(struct obj_attrs **out, 433 struct obj_attrs *temp) 434 { 435 enum pkcs11_class_id class = PKCS11_CKO_UNDEFINED_ID; 436 enum pkcs11_rc rc = PKCS11_CKR_OK; 437 438 rc = init_attributes_head(out); 439 if (rc) 440 return rc; 441 442 /* Object class is mandatory */ 443 class = get_class(temp); 444 if (class == PKCS11_CKO_UNDEFINED_ID) { 445 EMSG("Class attribute not found"); 446 447 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 448 } 449 rc = add_attribute(out, PKCS11_CKA_CLASS, &class, sizeof(uint32_t)); 450 if (rc) 451 return rc; 452 453 rc = set_mandatory_boolprops(out, temp, any_object_boolprops, 454 ARRAY_SIZE(any_object_boolprops)); 455 if (rc) 456 return rc; 457 458 return set_attributes_opt_or_null(out, temp, any_object_opt_or_null, 459 ARRAY_SIZE(any_object_opt_or_null)); 460 } 461 462 static enum pkcs11_rc create_genkey_attributes(struct obj_attrs **out, 463 struct obj_attrs *temp) 464 { 465 uint32_t type = PKCS11_CKO_UNDEFINED_ID; 466 enum pkcs11_rc rc = PKCS11_CKR_OK; 467 468 rc = create_storage_attributes(out, temp); 469 if (rc) 470 return rc; 471 472 type = get_key_type(temp); 473 if (type == PKCS11_CKK_UNDEFINED_ID) { 474 EMSG("Key type attribute not found"); 475 476 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 477 } 478 rc = add_attribute(out, PKCS11_CKA_KEY_TYPE, &type, sizeof(uint32_t)); 479 if (rc) 480 return rc; 481 482 rc = set_mandatory_boolprops(out, temp, any_key_boolprops, 483 ARRAY_SIZE(any_key_boolprops)); 484 if (rc) 485 return rc; 486 487 rc = set_attributes_opt_or_null(out, temp, any_key_opt_or_null, 488 ARRAY_SIZE(any_key_opt_or_null)); 489 if (rc) 490 return rc; 491 492 return set_optional_attributes(out, temp, any_key_optional, 493 ARRAY_SIZE(any_key_optional)); 494 495 } 496 497 static enum pkcs11_rc create_symm_key_attributes(struct obj_attrs **out, 498 struct obj_attrs *temp) 499 { 500 enum pkcs11_rc rc = PKCS11_CKR_OK; 501 502 assert(get_class(temp) == PKCS11_CKO_SECRET_KEY); 503 504 rc = create_genkey_attributes(out, temp); 505 if (rc) 506 return rc; 507 508 assert(get_class(*out) == PKCS11_CKO_SECRET_KEY); 509 510 switch (get_key_type(*out)) { 511 case PKCS11_CKK_GENERIC_SECRET: 512 case PKCS11_CKK_AES: 513 case PKCS11_CKK_MD5_HMAC: 514 case PKCS11_CKK_SHA_1_HMAC: 515 case PKCS11_CKK_SHA256_HMAC: 516 case PKCS11_CKK_SHA384_HMAC: 517 case PKCS11_CKK_SHA512_HMAC: 518 case PKCS11_CKK_SHA224_HMAC: 519 break; 520 default: 521 EMSG("Invalid key type %#"PRIx32"/%s", 522 get_key_type(*out), id2str_key_type(get_key_type(*out))); 523 524 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 525 } 526 527 rc = set_mandatory_boolprops(out, temp, symm_key_boolprops, 528 ARRAY_SIZE(symm_key_boolprops)); 529 if (rc) 530 return rc; 531 532 rc = set_attributes_opt_or_null(out, temp, symm_key_opt_or_null, 533 ARRAY_SIZE(symm_key_opt_or_null)); 534 if (rc) 535 return rc; 536 537 return set_optional_attributes(out, temp, symm_key_optional, 538 ARRAY_SIZE(symm_key_optional)); 539 } 540 541 static enum pkcs11_rc create_data_attributes(struct obj_attrs **out, 542 struct obj_attrs *temp) 543 { 544 enum pkcs11_rc rc = PKCS11_CKR_OK; 545 546 assert(get_class(temp) == PKCS11_CKO_DATA); 547 548 rc = create_storage_attributes(out, temp); 549 if (rc) 550 return rc; 551 552 assert(get_class(*out) == PKCS11_CKO_DATA); 553 554 return set_attributes_opt_or_null(out, temp, raw_data_opt_or_null, 555 ARRAY_SIZE(raw_data_opt_or_null)); 556 } 557 558 static enum pkcs11_rc create_pub_key_attributes(struct obj_attrs **out, 559 struct obj_attrs *temp) 560 { 561 uint32_t const *mandated = NULL; 562 uint32_t const *opt_or_null = NULL; 563 size_t mandated_count = 0; 564 size_t opt_or_null_count = 0; 565 enum pkcs11_rc rc = PKCS11_CKR_OK; 566 567 assert(get_class(temp) == PKCS11_CKO_PUBLIC_KEY); 568 569 rc = create_genkey_attributes(out, temp); 570 if (rc) 571 return rc; 572 573 assert(get_class(*out) == PKCS11_CKO_PUBLIC_KEY); 574 575 rc = set_mandatory_boolprops(out, temp, public_key_boolprops, 576 ARRAY_SIZE(public_key_boolprops)); 577 if (rc) 578 return rc; 579 580 rc = set_mandatory_attributes(out, temp, public_key_mandated, 581 ARRAY_SIZE(public_key_mandated)); 582 if (rc) 583 return rc; 584 585 rc = set_attributes_opt_or_null(out, temp, 586 public_key_opt_or_null, 587 ARRAY_SIZE(public_key_opt_or_null)); 588 if (rc) 589 return rc; 590 591 switch (get_key_type(*out)) { 592 case PKCS11_CKK_RSA: 593 mandated = rsa_public_key_mandated; 594 opt_or_null = rsa_public_key_opt_or_null; 595 mandated_count = ARRAY_SIZE(rsa_public_key_mandated); 596 opt_or_null_count = ARRAY_SIZE(rsa_public_key_opt_or_null); 597 break; 598 case PKCS11_CKK_EC: 599 mandated = ec_public_key_mandated; 600 opt_or_null = ec_public_key_opt_or_null; 601 mandated_count = ARRAY_SIZE(ec_public_key_mandated); 602 opt_or_null_count = ARRAY_SIZE(ec_public_key_opt_or_null); 603 break; 604 default: 605 EMSG("Invalid key type %#"PRIx32"/%s", 606 get_key_type(*out), id2str_key_type(get_key_type(*out))); 607 608 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 609 } 610 611 rc = set_mandatory_attributes(out, temp, mandated, mandated_count); 612 if (rc) 613 return rc; 614 615 return set_attributes_opt_or_null(out, temp, opt_or_null, 616 opt_or_null_count); 617 } 618 619 static enum pkcs11_rc create_priv_key_attributes(struct obj_attrs **out, 620 struct obj_attrs *temp) 621 { 622 uint32_t const *mandated = NULL; 623 uint32_t const *opt_or_null = NULL; 624 size_t mandated_count = 0; 625 size_t opt_or_null_count = 0; 626 enum pkcs11_rc rc = PKCS11_CKR_OK; 627 628 assert(get_class(temp) == PKCS11_CKO_PRIVATE_KEY); 629 630 rc = create_genkey_attributes(out, temp); 631 if (rc) 632 return rc; 633 634 assert(get_class(*out) == PKCS11_CKO_PRIVATE_KEY); 635 636 rc = set_mandatory_boolprops(out, temp, private_key_boolprops, 637 ARRAY_SIZE(private_key_boolprops)); 638 if (rc) 639 return rc; 640 641 rc = set_mandatory_attributes(out, temp, private_key_mandated, 642 ARRAY_SIZE(private_key_mandated)); 643 if (rc) 644 return rc; 645 646 rc = set_attributes_opt_or_null(out, temp, private_key_opt_or_null, 647 ARRAY_SIZE(private_key_opt_or_null)); 648 if (rc) 649 return rc; 650 651 switch (get_key_type(*out)) { 652 case PKCS11_CKK_RSA: 653 opt_or_null = rsa_private_key_opt_or_null; 654 opt_or_null_count = ARRAY_SIZE(rsa_private_key_opt_or_null); 655 break; 656 case PKCS11_CKK_EC: 657 mandated = ec_private_key_mandated; 658 opt_or_null = ec_private_key_opt_or_null; 659 mandated_count = ARRAY_SIZE(ec_private_key_mandated); 660 opt_or_null_count = ARRAY_SIZE(ec_private_key_opt_or_null); 661 break; 662 default: 663 EMSG("Invalid key type %#"PRIx32"/%s", 664 get_key_type(*out), id2str_key_type(get_key_type(*out))); 665 666 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 667 } 668 669 rc = set_mandatory_attributes(out, temp, mandated, mandated_count); 670 if (rc) 671 return rc; 672 673 return set_attributes_opt_or_null(out, temp, opt_or_null, 674 opt_or_null_count); 675 } 676 677 static enum pkcs11_rc 678 sanitize_symm_key_attributes(struct obj_attrs **temp, 679 enum processing_func function) 680 { 681 enum pkcs11_rc rc = PKCS11_CKR_OK; 682 uint32_t a_size = 0; 683 684 assert(get_class(*temp) == PKCS11_CKO_SECRET_KEY); 685 686 rc = get_attribute_ptr(*temp, PKCS11_CKA_VALUE, NULL, &a_size); 687 688 switch (get_key_type(*temp)) { 689 case PKCS11_CKK_GENERIC_SECRET: 690 case PKCS11_CKK_AES: 691 case PKCS11_CKK_MD5_HMAC: 692 case PKCS11_CKK_SHA_1_HMAC: 693 case PKCS11_CKK_SHA256_HMAC: 694 case PKCS11_CKK_SHA384_HMAC: 695 case PKCS11_CKK_SHA512_HMAC: 696 case PKCS11_CKK_SHA224_HMAC: 697 switch (function) { 698 case PKCS11_FUNCTION_IMPORT: 699 /* CKA_VALUE is a mandatory with C_CreateObject */ 700 if (rc || a_size == 0) 701 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 702 703 if (get_attribute_ptr(*temp, PKCS11_CKA_VALUE_LEN, NULL, 704 NULL) != PKCS11_RV_NOT_FOUND) 705 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 706 707 return add_attribute(temp, PKCS11_CKA_VALUE_LEN, 708 &a_size, sizeof(uint32_t)); 709 case PKCS11_FUNCTION_GENERATE: 710 if (rc != PKCS11_RV_NOT_FOUND) 711 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 712 break; 713 default: 714 break; 715 } 716 break; 717 default: 718 EMSG("Invalid key type %#"PRIx32"/%s", 719 get_key_type(*temp), id2str_key_type(get_key_type(*temp))); 720 721 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 722 } 723 724 return PKCS11_CKR_OK; 725 } 726 727 /* 728 * Create an attribute list for a new object from a template and a parent 729 * object (optional) for an object generation function (generate, copy, 730 * derive...). 731 * 732 * PKCS#11 directives on the supplied template and expected return value: 733 * - template has an invalid attribute ID: ATTRIBUTE_TYPE_INVALID 734 * - template has an invalid value for an attribute: ATTRIBUTE_VALID_INVALID 735 * - template has value for a read-only attribute: ATTRIBUTE_READ_ONLY 736 * - template+default+parent => still miss an attribute: TEMPLATE_INCONSISTENT 737 * 738 * INFO on PKCS11_CMD_COPY_OBJECT: 739 * - parent PKCS11_CKA_COPYIABLE=false => return ACTION_PROHIBITED. 740 * - template can specify PKCS11_CKA_TOKEN, PKCS11_CKA_PRIVATE, 741 * PKCS11_CKA_MODIFIABLE, PKCS11_CKA_DESTROYABLE. 742 * - SENSITIVE can change from false to true, not from true to false. 743 * - LOCAL is the parent LOCAL 744 */ 745 enum pkcs11_rc 746 create_attributes_from_template(struct obj_attrs **out, void *template, 747 size_t template_size, 748 struct obj_attrs *parent, 749 enum processing_func function, 750 enum pkcs11_mechanism_id mecha, 751 enum pkcs11_class_id template_class __unused) 752 { 753 struct obj_attrs *temp = NULL; 754 struct obj_attrs *attrs = NULL; 755 enum pkcs11_rc rc = PKCS11_CKR_OK; 756 uint8_t local = 0; 757 uint8_t always_sensitive = 0; 758 uint8_t never_extract = 0; 759 uint32_t class = PKCS11_UNDEFINED_ID; 760 uint32_t type = PKCS11_UNDEFINED_ID; 761 uint32_t mechanism_id = PKCS11_CKM_UNDEFINED_ID; 762 763 #ifdef DEBUG /* Sanity: check function argument */ 764 trace_attributes_from_api_head("template", template, template_size); 765 switch (function) { 766 case PKCS11_FUNCTION_GENERATE: 767 case PKCS11_FUNCTION_IMPORT: 768 case PKCS11_FUNCTION_MODIFY: 769 case PKCS11_FUNCTION_DERIVE: 770 case PKCS11_FUNCTION_COPY: 771 break; 772 default: 773 TEE_Panic(TEE_ERROR_NOT_SUPPORTED); 774 } 775 #endif 776 777 /* 778 * For PKCS11_FUNCTION_GENERATE, find the class and type 779 * based on the mechanism. These will be passed as hint 780 * sanitize_client_object() and added in temp if not 781 * already present 782 */ 783 if (function == PKCS11_FUNCTION_GENERATE) { 784 switch (mecha) { 785 case PKCS11_CKM_GENERIC_SECRET_KEY_GEN: 786 class = PKCS11_CKO_SECRET_KEY; 787 type = PKCS11_CKK_GENERIC_SECRET; 788 break; 789 case PKCS11_CKM_AES_KEY_GEN: 790 class = PKCS11_CKO_SECRET_KEY; 791 type = PKCS11_CKK_AES; 792 break; 793 default: 794 TEE_Panic(TEE_ERROR_NOT_SUPPORTED); 795 } 796 } 797 798 /* 799 * Check and remove duplicates if any and create a new temporary 800 * template 801 */ 802 rc = sanitize_client_object(&temp, template, template_size, class, 803 type); 804 if (rc) 805 goto out; 806 807 /* 808 * For function type modify and copy return the created template 809 * from here. Rest of the code below is for creating objects 810 * or generating keys. 811 */ 812 switch (function) { 813 case PKCS11_FUNCTION_MODIFY: 814 case PKCS11_FUNCTION_COPY: 815 *out = temp; 816 return rc; 817 default: 818 break; 819 } 820 821 /* 822 * Check if class and type in temp are consistent with the mechanism 823 */ 824 switch (mecha) { 825 case PKCS11_CKM_GENERIC_SECRET_KEY_GEN: 826 if (get_class(temp) != PKCS11_CKO_SECRET_KEY || 827 get_key_type(temp) != PKCS11_CKK_GENERIC_SECRET) { 828 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 829 goto out; 830 } 831 break; 832 case PKCS11_CKM_AES_KEY_GEN: 833 if (get_class(temp) != PKCS11_CKO_SECRET_KEY || 834 get_key_type(temp) != PKCS11_CKK_AES) { 835 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 836 goto out; 837 } 838 break; 839 default: 840 break; 841 } 842 843 if (!sanitize_consistent_class_and_type(temp)) { 844 EMSG("Inconsistent class/type"); 845 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 846 goto out; 847 } 848 849 switch (get_class(temp)) { 850 case PKCS11_CKO_DATA: 851 rc = create_data_attributes(&attrs, temp); 852 break; 853 case PKCS11_CKO_SECRET_KEY: 854 rc = sanitize_symm_key_attributes(&temp, function); 855 if (rc) 856 goto out; 857 rc = create_symm_key_attributes(&attrs, temp); 858 break; 859 case PKCS11_CKO_PUBLIC_KEY: 860 rc = create_pub_key_attributes(&attrs, temp); 861 break; 862 case PKCS11_CKO_PRIVATE_KEY: 863 rc = create_priv_key_attributes(&attrs, temp); 864 break; 865 default: 866 DMSG("Invalid object class %#"PRIx32"/%s", 867 get_class(temp), id2str_class(get_class(temp))); 868 869 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 870 break; 871 } 872 if (rc) 873 goto out; 874 875 if (get_attribute_ptr(temp, PKCS11_CKA_LOCAL, NULL, NULL) != 876 PKCS11_RV_NOT_FOUND) { 877 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 878 goto out; 879 } 880 881 if (get_attribute_ptr(temp, PKCS11_CKA_KEY_GEN_MECHANISM, NULL, NULL) != 882 PKCS11_RV_NOT_FOUND) { 883 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 884 goto out; 885 } 886 887 switch (function) { 888 case PKCS11_FUNCTION_GENERATE: 889 local = PKCS11_TRUE; 890 break; 891 case PKCS11_FUNCTION_IMPORT: 892 case PKCS11_FUNCTION_DERIVE: 893 default: 894 local = PKCS11_FALSE; 895 break; 896 } 897 rc = add_attribute(&attrs, PKCS11_CKA_LOCAL, &local, sizeof(local)); 898 if (rc) 899 goto out; 900 901 switch (get_class(attrs)) { 902 case PKCS11_CKO_SECRET_KEY: 903 case PKCS11_CKO_PRIVATE_KEY: 904 case PKCS11_CKO_PUBLIC_KEY: 905 always_sensitive = PKCS11_FALSE; 906 never_extract = PKCS11_FALSE; 907 908 switch (function) { 909 case PKCS11_FUNCTION_DERIVE: 910 always_sensitive = 911 get_bool(parent, PKCS11_CKA_ALWAYS_SENSITIVE) && 912 get_bool(attrs, PKCS11_CKA_SENSITIVE); 913 never_extract = 914 get_bool(parent, PKCS11_CKA_NEVER_EXTRACTABLE) && 915 !get_bool(attrs, PKCS11_CKA_EXTRACTABLE); 916 break; 917 case PKCS11_FUNCTION_GENERATE: 918 always_sensitive = get_bool(attrs, 919 PKCS11_CKA_SENSITIVE); 920 never_extract = !get_bool(attrs, 921 PKCS11_CKA_EXTRACTABLE); 922 break; 923 default: 924 break; 925 } 926 927 rc = add_attribute(&attrs, PKCS11_CKA_ALWAYS_SENSITIVE, 928 &always_sensitive, sizeof(always_sensitive)); 929 if (rc) 930 goto out; 931 932 rc = add_attribute(&attrs, PKCS11_CKA_NEVER_EXTRACTABLE, 933 &never_extract, sizeof(never_extract)); 934 if (rc) 935 goto out; 936 937 /* Keys mandate attribute PKCS11_CKA_KEY_GEN_MECHANISM */ 938 if (local) 939 mechanism_id = mecha; 940 else 941 mechanism_id = PKCS11_CK_UNAVAILABLE_INFORMATION; 942 943 rc = add_attribute(&attrs, PKCS11_CKA_KEY_GEN_MECHANISM, 944 &mechanism_id, sizeof(mechanism_id)); 945 if (rc) 946 goto out; 947 break; 948 949 default: 950 break; 951 } 952 953 *out = attrs; 954 955 #ifdef DEBUG 956 trace_attributes("object", attrs); 957 #endif 958 959 out: 960 TEE_Free(temp); 961 if (rc) 962 TEE_Free(attrs); 963 964 return rc; 965 } 966 967 static enum pkcs11_rc check_attrs_misc_integrity(struct obj_attrs *head) 968 { 969 if (get_bool(head, PKCS11_CKA_NEVER_EXTRACTABLE) && 970 get_bool(head, PKCS11_CKA_EXTRACTABLE)) { 971 DMSG("Never/Extractable attributes mismatch %d/%d", 972 get_bool(head, PKCS11_CKA_NEVER_EXTRACTABLE), 973 get_bool(head, PKCS11_CKA_EXTRACTABLE)); 974 975 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 976 } 977 978 if (get_bool(head, PKCS11_CKA_ALWAYS_SENSITIVE) && 979 !get_bool(head, PKCS11_CKA_SENSITIVE)) { 980 DMSG("Sensitive/always attributes mismatch %d/%d", 981 get_bool(head, PKCS11_CKA_SENSITIVE), 982 get_bool(head, PKCS11_CKA_ALWAYS_SENSITIVE)); 983 984 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 985 } 986 987 return PKCS11_CKR_OK; 988 } 989 990 bool object_is_private(struct obj_attrs *head) 991 { 992 return get_bool(head, PKCS11_CKA_PRIVATE); 993 } 994 995 bool object_is_token(struct obj_attrs *head) 996 { 997 return get_bool(head, PKCS11_CKA_TOKEN); 998 } 999 1000 bool object_is_modifiable(struct obj_attrs *head) 1001 { 1002 return get_bool(head, PKCS11_CKA_MODIFIABLE); 1003 } 1004 1005 bool object_is_copyable(struct obj_attrs *head) 1006 { 1007 return get_bool(head, PKCS11_CKA_COPYABLE); 1008 } 1009 1010 /* 1011 * Check access to object against authentication to token 1012 */ 1013 enum pkcs11_rc check_access_attrs_against_token(struct pkcs11_session *session, 1014 struct obj_attrs *head) 1015 { 1016 bool private = true; 1017 1018 switch (get_class(head)) { 1019 case PKCS11_CKO_SECRET_KEY: 1020 case PKCS11_CKO_PRIVATE_KEY: 1021 case PKCS11_CKO_PUBLIC_KEY: 1022 case PKCS11_CKO_DATA: 1023 private = object_is_private(head); 1024 break; 1025 default: 1026 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1027 } 1028 1029 if (private && (pkcs11_session_is_public(session) || 1030 pkcs11_session_is_so(session))) { 1031 DMSG("Private object access from a public or SO session"); 1032 1033 return PKCS11_CKR_USER_NOT_LOGGED_IN; 1034 } 1035 1036 return PKCS11_CKR_OK; 1037 } 1038 1039 /* 1040 * Check the attributes of a to-be-created object matches the token state 1041 */ 1042 enum pkcs11_rc check_created_attrs_against_token(struct pkcs11_session *session, 1043 struct obj_attrs *head) 1044 { 1045 enum pkcs11_rc rc = PKCS11_CKR_OK; 1046 1047 rc = check_attrs_misc_integrity(head); 1048 if (rc) 1049 return rc; 1050 1051 if (get_bool(head, PKCS11_CKA_TRUSTED) && 1052 !pkcs11_session_is_so(session)) { 1053 DMSG("Can't create trusted object"); 1054 1055 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1056 } 1057 1058 if (get_bool(head, PKCS11_CKA_TOKEN) && 1059 !pkcs11_session_is_read_write(session)) { 1060 DMSG("Can't create persistent object"); 1061 1062 return PKCS11_CKR_SESSION_READ_ONLY; 1063 } 1064 1065 /* 1066 * TODO: START_DATE and END_DATE: complies with current time? 1067 */ 1068 return PKCS11_CKR_OK; 1069 } 1070 1071 #define DMSG_BAD_BBOOL(attr, proc, head) \ 1072 do { \ 1073 uint32_t __maybe_unused _attr = (attr); \ 1074 uint8_t __maybe_unused _bvalue = 0; \ 1075 enum pkcs11_rc __maybe_unused _rc = PKCS11_CKR_OK; \ 1076 \ 1077 _rc = get_attribute((head), _attr, &_bvalue, NULL); \ 1078 DMSG("%s issue for %s: %sfound, value %"PRIu8, \ 1079 id2str_attr(_attr), id2str_proc((proc)), \ 1080 _rc ? "not " : "", _bvalue); \ 1081 } while (0) 1082 1083 static bool __maybe_unused check_attr_bval(uint32_t proc_id __maybe_unused, 1084 struct obj_attrs *head, 1085 uint32_t attribute, bool val) 1086 { 1087 uint8_t bbool = 0; 1088 uint32_t sz = sizeof(bbool); 1089 1090 if (!get_attribute(head, attribute, &bbool, &sz) && !!bbool == val) 1091 return true; 1092 1093 DMSG_BAD_BBOOL(attribute, proc_id, head); 1094 return false; 1095 } 1096 1097 /* 1098 * Check the attributes of a new secret match the processing/mechanism 1099 * used to create it. 1100 * 1101 * @proc_id - PKCS11_CKM_xxx 1102 * @head - head of the attributes of the to-be-created object. 1103 */ 1104 enum pkcs11_rc check_created_attrs_against_processing(uint32_t proc_id, 1105 struct obj_attrs *head) 1106 { 1107 /* 1108 * Processings that do not create secrets are not expected to call 1109 * this function which would panic. 1110 */ 1111 switch (proc_id) { 1112 case PKCS11_PROCESSING_IMPORT: 1113 case PKCS11_CKM_AES_ECB_ENCRYPT_DATA: 1114 case PKCS11_CKM_AES_CBC_ENCRYPT_DATA: 1115 assert(check_attr_bval(proc_id, head, PKCS11_CKA_LOCAL, false)); 1116 break; 1117 case PKCS11_CKM_GENERIC_SECRET_KEY_GEN: 1118 case PKCS11_CKM_AES_KEY_GEN: 1119 assert(check_attr_bval(proc_id, head, PKCS11_CKA_LOCAL, true)); 1120 break; 1121 default: 1122 TEE_Panic(proc_id); 1123 break; 1124 } 1125 1126 switch (proc_id) { 1127 case PKCS11_CKM_GENERIC_SECRET_KEY_GEN: 1128 assert(get_key_type(head) == PKCS11_CKK_GENERIC_SECRET); 1129 break; 1130 case PKCS11_CKM_AES_KEY_GEN: 1131 assert(get_key_type(head) == PKCS11_CKK_AES); 1132 break; 1133 case PKCS11_PROCESSING_IMPORT: 1134 default: 1135 break; 1136 } 1137 1138 return PKCS11_CKR_OK; 1139 } 1140 1141 /* Return min and max key size supported for a key_type in bytes */ 1142 static void get_key_min_max_sizes(enum pkcs11_key_type key_type, 1143 uint32_t *min_key_size, 1144 uint32_t *max_key_size) 1145 { 1146 enum pkcs11_mechanism_id mechanism = PKCS11_CKM_UNDEFINED_ID; 1147 1148 switch (key_type) { 1149 case PKCS11_CKK_GENERIC_SECRET: 1150 mechanism = PKCS11_CKM_GENERIC_SECRET_KEY_GEN; 1151 break; 1152 case PKCS11_CKK_AES: 1153 mechanism = PKCS11_CKM_AES_KEY_GEN; 1154 break; 1155 case PKCS11_CKK_MD5_HMAC: 1156 mechanism = PKCS11_CKM_MD5_HMAC; 1157 break; 1158 case PKCS11_CKK_SHA_1_HMAC: 1159 mechanism = PKCS11_CKM_SHA_1_HMAC; 1160 break; 1161 case PKCS11_CKK_SHA224_HMAC: 1162 mechanism = PKCS11_CKM_SHA224_HMAC; 1163 break; 1164 case PKCS11_CKK_SHA256_HMAC: 1165 mechanism = PKCS11_CKM_SHA256_HMAC; 1166 break; 1167 case PKCS11_CKK_SHA384_HMAC: 1168 mechanism = PKCS11_CKM_SHA384_HMAC; 1169 break; 1170 case PKCS11_CKK_SHA512_HMAC: 1171 mechanism = PKCS11_CKM_SHA512_HMAC; 1172 break; 1173 default: 1174 TEE_Panic(key_type); 1175 break; 1176 } 1177 1178 mechanism_supported_key_sizes_bytes(mechanism, min_key_size, 1179 max_key_size); 1180 } 1181 1182 enum pkcs11_rc check_created_attrs(struct obj_attrs *key1, 1183 struct obj_attrs *key2) 1184 { 1185 enum pkcs11_rc rc = PKCS11_CKR_OK; 1186 struct obj_attrs *secret = NULL; 1187 uint32_t max_key_size = 0; 1188 uint32_t min_key_size = 0; 1189 uint32_t key_length = 0; 1190 1191 switch (get_class(key1)) { 1192 case PKCS11_CKO_SECRET_KEY: 1193 secret = key1; 1194 break; 1195 default: 1196 return PKCS11_CKR_ATTRIBUTE_VALUE_INVALID; 1197 } 1198 1199 if (key2) 1200 return PKCS11_CKR_ATTRIBUTE_VALUE_INVALID; 1201 1202 if (secret) { 1203 switch (get_key_type(secret)) { 1204 case PKCS11_CKK_AES: 1205 case PKCS11_CKK_GENERIC_SECRET: 1206 case PKCS11_CKK_MD5_HMAC: 1207 case PKCS11_CKK_SHA_1_HMAC: 1208 case PKCS11_CKK_SHA224_HMAC: 1209 case PKCS11_CKK_SHA256_HMAC: 1210 case PKCS11_CKK_SHA384_HMAC: 1211 case PKCS11_CKK_SHA512_HMAC: 1212 break; 1213 default: 1214 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 1215 } 1216 1217 /* Get key size */ 1218 rc = get_u32_attribute(secret, PKCS11_CKA_VALUE_LEN, 1219 &key_length); 1220 if (rc) 1221 return PKCS11_CKR_TEMPLATE_INCOMPLETE; 1222 } 1223 1224 get_key_min_max_sizes(get_key_type(key1), &min_key_size, &max_key_size); 1225 if (key_length < min_key_size || key_length > max_key_size) { 1226 EMSG("Length %"PRIu32" vs range [%"PRIu32" %"PRIu32"]", 1227 key_length, min_key_size, max_key_size); 1228 1229 return PKCS11_CKR_KEY_SIZE_RANGE; 1230 } 1231 1232 if (secret && get_key_type(secret) == PKCS11_CKK_AES) { 1233 if (key_length != 16 && key_length != 24 && key_length != 32) 1234 return PKCS11_CKR_KEY_SIZE_RANGE; 1235 } 1236 1237 return PKCS11_CKR_OK; 1238 } 1239 1240 /* Check processing ID against attribute ALLOWED_MECHANISMS if any */ 1241 static bool parent_key_complies_allowed_processings(uint32_t proc_id, 1242 struct obj_attrs *head) 1243 { 1244 char *attr = NULL; 1245 uint32_t size = 0; 1246 uint32_t proc = 0; 1247 size_t count = 0; 1248 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR; 1249 1250 rc = get_attribute_ptr(head, PKCS11_CKA_ALLOWED_MECHANISMS, 1251 (void *)&attr, &size); 1252 if (rc == PKCS11_RV_NOT_FOUND) 1253 return true; 1254 if (rc) { 1255 EMSG("unexpected attributes state"); 1256 TEE_Panic(TEE_ERROR_BAD_STATE); 1257 } 1258 1259 for (count = size / sizeof(uint32_t); count; count--) { 1260 TEE_MemMove(&proc, attr, sizeof(uint32_t)); 1261 attr += sizeof(uint32_t); 1262 1263 if (proc == proc_id) 1264 return true; 1265 } 1266 1267 DMSG("can't find %s in allowed list", id2str_proc(proc_id)); 1268 return false; 1269 } 1270 1271 static enum pkcs11_attr_id func_to_attr(enum processing_func func) 1272 { 1273 switch (func) { 1274 case PKCS11_FUNCTION_ENCRYPT: 1275 return PKCS11_CKA_ENCRYPT; 1276 case PKCS11_FUNCTION_DECRYPT: 1277 return PKCS11_CKA_DECRYPT; 1278 case PKCS11_FUNCTION_SIGN: 1279 return PKCS11_CKA_SIGN; 1280 case PKCS11_FUNCTION_VERIFY: 1281 return PKCS11_CKA_VERIFY; 1282 case PKCS11_FUNCTION_WRAP: 1283 return PKCS11_CKA_WRAP; 1284 case PKCS11_FUNCTION_UNWRAP: 1285 return PKCS11_CKA_UNWRAP; 1286 case PKCS11_FUNCTION_DERIVE: 1287 return PKCS11_CKA_DERIVE; 1288 default: 1289 return PKCS11_CKA_UNDEFINED_ID; 1290 } 1291 } 1292 1293 enum pkcs11_rc 1294 check_parent_attrs_against_processing(enum pkcs11_mechanism_id proc_id, 1295 enum processing_func function, 1296 struct obj_attrs *head) 1297 { 1298 enum pkcs11_class_id key_class = get_class(head); 1299 enum pkcs11_key_type key_type = get_key_type(head); 1300 enum pkcs11_attr_id attr = func_to_attr(function); 1301 1302 if (!get_bool(head, attr)) { 1303 DMSG("%s not permitted", id2str_attr(attr)); 1304 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1305 } 1306 1307 /* Check processing complies with parent key family */ 1308 switch (proc_id) { 1309 case PKCS11_CKM_AES_ECB: 1310 case PKCS11_CKM_AES_CBC: 1311 case PKCS11_CKM_AES_CBC_PAD: 1312 case PKCS11_CKM_AES_CTS: 1313 case PKCS11_CKM_AES_CTR: 1314 if (key_class == PKCS11_CKO_SECRET_KEY && 1315 key_type == PKCS11_CKK_AES) 1316 break; 1317 1318 DMSG("%s invalid key %s/%s", id2str_proc(proc_id), 1319 id2str_class(key_class), id2str_key_type(key_type)); 1320 1321 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1322 1323 case PKCS11_CKM_AES_ECB_ENCRYPT_DATA: 1324 case PKCS11_CKM_AES_CBC_ENCRYPT_DATA: 1325 if (key_class != PKCS11_CKO_SECRET_KEY && 1326 key_type != PKCS11_CKK_AES) 1327 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1328 1329 if (get_bool(head, PKCS11_CKA_ENCRYPT)) { 1330 /* 1331 * Intentionally refuse to proceed despite 1332 * PKCS#11 specifications v2.40 and v3.0 not expecting 1333 * this behavior to avoid potential security issue 1334 * where keys derived by these mechanisms can be 1335 * revealed by doing data encryption using parent key. 1336 */ 1337 return PKCS11_CKR_FUNCTION_FAILED; 1338 } 1339 1340 break; 1341 case PKCS11_CKM_MD5_HMAC: 1342 case PKCS11_CKM_SHA_1_HMAC: 1343 case PKCS11_CKM_SHA224_HMAC: 1344 case PKCS11_CKM_SHA256_HMAC: 1345 case PKCS11_CKM_SHA384_HMAC: 1346 case PKCS11_CKM_SHA512_HMAC: 1347 if (key_class != PKCS11_CKO_SECRET_KEY) 1348 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1349 1350 if (key_type == PKCS11_CKK_GENERIC_SECRET) 1351 break; 1352 1353 switch (proc_id) { 1354 case PKCS11_CKM_MD5_HMAC: 1355 if (key_type == PKCS11_CKK_MD5_HMAC) 1356 break; 1357 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1358 case PKCS11_CKM_SHA_1_HMAC: 1359 if (key_type == PKCS11_CKK_SHA_1_HMAC) 1360 break; 1361 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1362 case PKCS11_CKM_SHA224_HMAC: 1363 if (key_type == PKCS11_CKK_SHA224_HMAC) 1364 break; 1365 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1366 case PKCS11_CKM_SHA256_HMAC: 1367 if (key_type == PKCS11_CKK_SHA256_HMAC) 1368 break; 1369 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1370 case PKCS11_CKM_SHA384_HMAC: 1371 if (key_type == PKCS11_CKK_SHA384_HMAC) 1372 break; 1373 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1374 case PKCS11_CKM_SHA512_HMAC: 1375 if (key_type == PKCS11_CKK_SHA512_HMAC) 1376 break; 1377 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1378 default: 1379 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1380 } 1381 break; 1382 1383 default: 1384 DMSG("Invalid processing %#"PRIx32"/%s", proc_id, 1385 id2str_proc(proc_id)); 1386 1387 return PKCS11_CKR_MECHANISM_INVALID; 1388 } 1389 1390 if (!parent_key_complies_allowed_processings(proc_id, head)) { 1391 DMSG("Allowed mechanism failed"); 1392 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1393 } 1394 1395 return PKCS11_CKR_OK; 1396 } 1397 1398 bool attribute_is_exportable(struct pkcs11_attribute_head *req_attr, 1399 struct pkcs11_object *obj) 1400 { 1401 uint8_t boolval = 0; 1402 uint32_t boolsize = 0; 1403 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR; 1404 enum pkcs11_class_id key_class = get_class(obj->attributes); 1405 1406 if (key_class != PKCS11_CKO_SECRET_KEY && 1407 key_class != PKCS11_CKO_PRIVATE_KEY) 1408 return true; 1409 1410 switch (req_attr->id) { 1411 case PKCS11_CKA_PRIVATE_EXPONENT: 1412 case PKCS11_CKA_PRIME_1: 1413 case PKCS11_CKA_PRIME_2: 1414 case PKCS11_CKA_EXPONENT_1: 1415 case PKCS11_CKA_EXPONENT_2: 1416 case PKCS11_CKA_COEFFICIENT: 1417 case PKCS11_CKA_VALUE: 1418 boolsize = sizeof(boolval); 1419 rc = get_attribute(obj->attributes, PKCS11_CKA_EXTRACTABLE, 1420 &boolval, &boolsize); 1421 if (rc || boolval == PKCS11_FALSE) 1422 return false; 1423 1424 boolsize = sizeof(boolval); 1425 rc = get_attribute(obj->attributes, PKCS11_CKA_SENSITIVE, 1426 &boolval, &boolsize); 1427 if (rc || boolval == PKCS11_TRUE) 1428 return false; 1429 break; 1430 default: 1431 break; 1432 } 1433 1434 return true; 1435 } 1436 1437 static bool attr_is_modifiable_any_key(struct pkcs11_attribute_head *attr) 1438 { 1439 switch (attr->id) { 1440 case PKCS11_CKA_ID: 1441 case PKCS11_CKA_START_DATE: 1442 case PKCS11_CKA_END_DATE: 1443 case PKCS11_CKA_DERIVE: 1444 return true; 1445 default: 1446 return false; 1447 } 1448 } 1449 1450 static bool attr_is_modifiable_secret_key(struct pkcs11_attribute_head *attr, 1451 struct pkcs11_session *session, 1452 struct pkcs11_object *obj) 1453 { 1454 switch (attr->id) { 1455 case PKCS11_CKA_ENCRYPT: 1456 case PKCS11_CKA_DECRYPT: 1457 case PKCS11_CKA_SIGN: 1458 case PKCS11_CKA_VERIFY: 1459 case PKCS11_CKA_WRAP: 1460 case PKCS11_CKA_UNWRAP: 1461 return true; 1462 /* Can't be modified once set to CK_FALSE - 12 in Table 10 */ 1463 case PKCS11_CKA_EXTRACTABLE: 1464 return get_bool(obj->attributes, attr->id); 1465 /* Can't be modified once set to CK_TRUE - 11 in Table 10 */ 1466 case PKCS11_CKA_SENSITIVE: 1467 case PKCS11_CKA_WRAP_WITH_TRUSTED: 1468 return !get_bool(obj->attributes, attr->id); 1469 /* Change in CKA_TRUSTED can only be done by SO */ 1470 case PKCS11_CKA_TRUSTED: 1471 return pkcs11_session_is_so(session); 1472 case PKCS11_CKA_NEVER_EXTRACTABLE: 1473 case PKCS11_CKA_ALWAYS_SENSITIVE: 1474 return false; 1475 default: 1476 return false; 1477 } 1478 } 1479 1480 static bool attr_is_modifiable_public_key(struct pkcs11_attribute_head *attr, 1481 struct pkcs11_session *session, 1482 struct pkcs11_object *obj __unused) 1483 { 1484 switch (attr->id) { 1485 case PKCS11_CKA_SUBJECT: 1486 case PKCS11_CKA_ENCRYPT: 1487 case PKCS11_CKA_VERIFY: 1488 case PKCS11_CKA_VERIFY_RECOVER: 1489 case PKCS11_CKA_WRAP: 1490 return true; 1491 case PKCS11_CKA_TRUSTED: 1492 /* Change in CKA_TRUSTED can only be done by SO */ 1493 return pkcs11_session_is_so(session); 1494 default: 1495 return false; 1496 } 1497 } 1498 1499 static bool attr_is_modifiable_private_key(struct pkcs11_attribute_head *attr, 1500 struct pkcs11_session *sess __unused, 1501 struct pkcs11_object *obj) 1502 { 1503 switch (attr->id) { 1504 case PKCS11_CKA_SUBJECT: 1505 case PKCS11_CKA_DECRYPT: 1506 case PKCS11_CKA_SIGN: 1507 case PKCS11_CKA_SIGN_RECOVER: 1508 case PKCS11_CKA_UNWRAP: 1509 /* 1510 * TBD: Revisit if we don't support PKCS11_CKA_PUBLIC_KEY_INFO 1511 * Specification mentions that if this attribute is 1512 * supplied as part of a template for C_CreateObject, C_CopyObject or 1513 * C_SetAttributeValue for a private key, the token MUST verify 1514 * correspondence between the private key data and the public key data 1515 * as supplied in CKA_PUBLIC_KEY_INFO. This needs to be 1516 * taken care of when this object type will be implemented 1517 */ 1518 case PKCS11_CKA_PUBLIC_KEY_INFO: 1519 return true; 1520 /* Can't be modified once set to CK_FALSE - 12 in Table 10 */ 1521 case PKCS11_CKA_EXTRACTABLE: 1522 return get_bool(obj->attributes, attr->id); 1523 /* Can't be modified once set to CK_TRUE - 11 in Table 10 */ 1524 case PKCS11_CKA_SENSITIVE: 1525 case PKCS11_CKA_WRAP_WITH_TRUSTED: 1526 return !get_bool(obj->attributes, attr->id); 1527 case PKCS11_CKA_NEVER_EXTRACTABLE: 1528 case PKCS11_CKA_ALWAYS_SENSITIVE: 1529 return false; 1530 default: 1531 return false; 1532 } 1533 } 1534 1535 static bool attribute_is_modifiable(struct pkcs11_session *session, 1536 struct pkcs11_attribute_head *req_attr, 1537 struct pkcs11_object *obj, 1538 enum pkcs11_class_id class, 1539 enum processing_func function) 1540 { 1541 /* Check modifiable attributes common to any object */ 1542 switch (req_attr->id) { 1543 case PKCS11_CKA_LABEL: 1544 return true; 1545 case PKCS11_CKA_TOKEN: 1546 case PKCS11_CKA_MODIFIABLE: 1547 case PKCS11_CKA_DESTROYABLE: 1548 case PKCS11_CKA_PRIVATE: 1549 return function == PKCS11_FUNCTION_COPY; 1550 case PKCS11_CKA_COPYABLE: 1551 /* 1552 * Specification mentions that if the attribute value is false 1553 * it can't be set to true. Reading this we assume that it 1554 * should be possible to modify this attribute even though this 1555 * is not marked as modifiable in Table 10 if done in right 1556 * direction i.e from TRUE -> FALSE. 1557 */ 1558 return get_bool(obj->attributes, req_attr->id); 1559 default: 1560 break; 1561 } 1562 1563 /* Attribute checking based on class type */ 1564 switch (class) { 1565 case PKCS11_CKO_SECRET_KEY: 1566 case PKCS11_CKO_PUBLIC_KEY: 1567 case PKCS11_CKO_PRIVATE_KEY: 1568 if (attr_is_modifiable_any_key(req_attr)) 1569 return true; 1570 if (class == PKCS11_CKO_SECRET_KEY && 1571 attr_is_modifiable_secret_key(req_attr, session, obj)) 1572 return true; 1573 if (class == PKCS11_CKO_PUBLIC_KEY && 1574 attr_is_modifiable_public_key(req_attr, session, obj)) 1575 return true; 1576 if (class == PKCS11_CKO_PRIVATE_KEY && 1577 attr_is_modifiable_private_key(req_attr, session, obj)) 1578 return true; 1579 break; 1580 case PKCS11_CKO_DATA: 1581 /* None of the data object attributes are modifiable */ 1582 return false; 1583 default: 1584 break; 1585 } 1586 1587 return false; 1588 } 1589 1590 enum pkcs11_rc check_attrs_against_modification(struct pkcs11_session *session, 1591 struct obj_attrs *head, 1592 struct pkcs11_object *obj, 1593 enum processing_func function) 1594 { 1595 enum pkcs11_class_id class = PKCS11_CKO_UNDEFINED_ID; 1596 char *cur = NULL; 1597 char *end = NULL; 1598 size_t len = 0; 1599 1600 class = get_class(obj->attributes); 1601 1602 cur = (char *)head + sizeof(struct obj_attrs); 1603 end = cur + head->attrs_size; 1604 1605 for (; cur < end; cur += len) { 1606 /* Structure aligned copy of the pkcs11_ref in the object */ 1607 struct pkcs11_attribute_head cli_ref = { }; 1608 1609 TEE_MemMove(&cli_ref, cur, sizeof(cli_ref)); 1610 len = sizeof(cli_ref) + cli_ref.size; 1611 1612 /* 1613 * Check 1 - Check if attribute belongs to the object 1614 * The obj->attributes has all the attributes in 1615 * it which are allowed for an object. 1616 */ 1617 if (get_attribute_ptr(obj->attributes, cli_ref.id, NULL, 1618 NULL) == PKCS11_RV_NOT_FOUND) 1619 return PKCS11_CKR_ATTRIBUTE_TYPE_INVALID; 1620 1621 /* Check 2 - Is attribute modifiable */ 1622 if (!attribute_is_modifiable(session, &cli_ref, obj, class, 1623 function)) 1624 return PKCS11_CKR_ATTRIBUTE_READ_ONLY; 1625 1626 /* 1627 * Checks for modification in PKCS11_CKA_TOKEN and 1628 * PKCS11_CKA_PRIVATE are required for PKCS11_FUNCTION_COPY 1629 * only, so skip them for PKCS11_FUNCTION_MODIFY. 1630 */ 1631 if (function == PKCS11_FUNCTION_MODIFY) 1632 continue; 1633 1634 /* 1635 * An attempt to copy an object to a token will fail for 1636 * RO session 1637 */ 1638 if (cli_ref.id == PKCS11_CKA_TOKEN && 1639 get_bool(head, PKCS11_CKA_TOKEN)) { 1640 if (!pkcs11_session_is_read_write(session)) { 1641 DMSG("Can't copy to token in a RO session"); 1642 return PKCS11_CKR_SESSION_READ_ONLY; 1643 } 1644 } 1645 1646 if (cli_ref.id == PKCS11_CKA_PRIVATE) { 1647 bool parent_priv = 1648 get_bool(obj->attributes, cli_ref.id); 1649 bool obj_priv = get_bool(head, cli_ref.id); 1650 1651 /* 1652 * If PKCS11_CKA_PRIVATE is being set to TRUE from 1653 * FALSE, user has to be logged in 1654 */ 1655 if (!parent_priv && obj_priv) { 1656 if ((pkcs11_session_is_public(session) || 1657 pkcs11_session_is_so(session))) 1658 return PKCS11_CKR_USER_NOT_LOGGED_IN; 1659 } 1660 1661 /* 1662 * Restriction added - Even for Copy, do not allow 1663 * modification of CKA_PRIVATE from TRUE to FALSE 1664 */ 1665 if (parent_priv && !obj_priv) 1666 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 1667 } 1668 } 1669 1670 return PKCS11_CKR_OK; 1671 } 1672 1673 static enum pkcs11_rc set_secret_key_data(struct obj_attrs **head, void *data, 1674 size_t key_size) 1675 { 1676 uint32_t size = sizeof(uint32_t); 1677 uint32_t key_length = 0; 1678 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR; 1679 1680 /* Get key size if present in template */ 1681 rc = get_attribute(*head, PKCS11_CKA_VALUE_LEN, &key_length, &size); 1682 if (rc && rc != PKCS11_RV_NOT_FOUND) 1683 return rc; 1684 1685 if (key_length) { 1686 if (key_size < key_length) 1687 return PKCS11_CKR_DATA_LEN_RANGE; 1688 } else { 1689 key_length = key_size; 1690 rc = set_attribute(head, PKCS11_CKA_VALUE_LEN, &key_length, 1691 sizeof(uint32_t)); 1692 if (rc) 1693 return rc; 1694 } 1695 1696 /* Now we can check the VALUE_LEN field */ 1697 rc = check_created_attrs(*head, NULL); 1698 if (rc) 1699 return rc; 1700 1701 /* Remove the default empty value attribute if found */ 1702 rc = remove_empty_attribute(head, PKCS11_CKA_VALUE); 1703 if (rc != PKCS11_CKR_OK && rc != PKCS11_RV_NOT_FOUND) 1704 return PKCS11_CKR_GENERAL_ERROR; 1705 1706 return add_attribute(head, PKCS11_CKA_VALUE, data, key_length); 1707 } 1708 1709 enum pkcs11_rc set_key_data(struct obj_attrs **head, void *data, 1710 size_t key_size) 1711 { 1712 switch (get_class(*head)) { 1713 case PKCS11_CKO_SECRET_KEY: 1714 return set_secret_key_data(head, data, key_size); 1715 default: 1716 return PKCS11_CKR_GENERAL_ERROR; 1717 } 1718 } 1719