1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017-2020, Linaro Limited 4 */ 5 6 #include <assert.h> 7 #include <inttypes.h> 8 #include <pkcs11_ta.h> 9 #include <stdlib.h> 10 #include <string_ext.h> 11 #include <tee_internal_api_extensions.h> 12 #include <tee_internal_api.h> 13 #include <trace.h> 14 #include <util.h> 15 16 #include "attributes.h" 17 #include "handle.h" 18 #include "pkcs11_attributes.h" 19 #include "pkcs11_helpers.h" 20 #include "pkcs11_token.h" 21 #include "sanitize_object.h" 22 #include "serializer.h" 23 #include "token_capabilities.h" 24 25 /* Byte size of CKA_ID attribute when generated locally */ 26 #define PKCS11_CKA_DEFAULT_SIZE 16 27 28 static uint32_t pkcs11_func2ckfm(enum processing_func function) 29 { 30 switch (function) { 31 case PKCS11_FUNCTION_DIGEST: 32 return PKCS11_CKFM_DIGEST; 33 case PKCS11_FUNCTION_GENERATE: 34 return PKCS11_CKFM_GENERATE; 35 case PKCS11_FUNCTION_GENERATE_PAIR: 36 return PKCS11_CKFM_GENERATE_KEY_PAIR; 37 case PKCS11_FUNCTION_DERIVE: 38 return PKCS11_CKFM_DERIVE; 39 case PKCS11_FUNCTION_WRAP: 40 return PKCS11_CKFM_WRAP; 41 case PKCS11_FUNCTION_UNWRAP: 42 return PKCS11_CKFM_UNWRAP; 43 case PKCS11_FUNCTION_ENCRYPT: 44 return PKCS11_CKFM_ENCRYPT; 45 case PKCS11_FUNCTION_DECRYPT: 46 return PKCS11_CKFM_DECRYPT; 47 case PKCS11_FUNCTION_SIGN: 48 return PKCS11_CKFM_SIGN; 49 case PKCS11_FUNCTION_VERIFY: 50 return PKCS11_CKFM_VERIFY; 51 case PKCS11_FUNCTION_SIGN_RECOVER: 52 return PKCS11_CKFM_SIGN_RECOVER; 53 case PKCS11_FUNCTION_VERIFY_RECOVER: 54 return PKCS11_CKFM_VERIFY_RECOVER; 55 default: 56 return 0; 57 } 58 } 59 60 enum pkcs11_rc 61 check_mechanism_against_processing(struct pkcs11_session *session, 62 enum pkcs11_mechanism_id mechanism_type, 63 enum processing_func function, 64 enum processing_step step) 65 { 66 bool allowed = false; 67 68 switch (step) { 69 case PKCS11_FUNC_STEP_INIT: 70 switch (function) { 71 case PKCS11_FUNCTION_IMPORT: 72 case PKCS11_FUNCTION_COPY: 73 case PKCS11_FUNCTION_MODIFY: 74 case PKCS11_FUNCTION_DESTROY: 75 return PKCS11_CKR_OK; 76 default: 77 break; 78 } 79 /* 80 * Check that the returned PKCS11_CKFM_* flag from 81 * pkcs11_func2ckfm() is among the ones from 82 * mechanism_supported_flags(). 83 */ 84 allowed = mechanism_supported_flags(mechanism_type) & 85 pkcs11_func2ckfm(function); 86 break; 87 88 case PKCS11_FUNC_STEP_ONESHOT: 89 if (session->processing->always_authen && 90 !session->processing->relogged) 91 return PKCS11_CKR_USER_NOT_LOGGED_IN; 92 93 if (session->processing->updated) { 94 EMSG("Cannot perform one-shot on updated processing"); 95 return PKCS11_CKR_OPERATION_ACTIVE; 96 } 97 98 allowed = true; 99 break; 100 101 case PKCS11_FUNC_STEP_UPDATE: 102 if (session->processing->always_authen && 103 !session->processing->relogged) 104 return PKCS11_CKR_USER_NOT_LOGGED_IN; 105 106 allowed = !mechanism_is_one_shot_only(mechanism_type); 107 break; 108 109 case PKCS11_FUNC_STEP_UPDATE_KEY: 110 assert(function == PKCS11_FUNCTION_DIGEST); 111 112 if (session->processing->always_authen && 113 !session->processing->relogged) 114 return PKCS11_CKR_USER_NOT_LOGGED_IN; 115 116 allowed = true; 117 break; 118 119 case PKCS11_FUNC_STEP_FINAL: 120 if (session->processing->always_authen && 121 !session->processing->relogged) 122 return PKCS11_CKR_USER_NOT_LOGGED_IN; 123 124 return PKCS11_CKR_OK; 125 126 default: 127 TEE_Panic(step); 128 break; 129 } 130 131 if (!allowed) { 132 EMSG("Processing %#x/%s not permitted (%u/%u)", 133 (unsigned int)mechanism_type, id2str_proc(mechanism_type), 134 function, step); 135 return PKCS11_CKR_MECHANISM_INVALID; 136 } 137 138 return PKCS11_CKR_OK; 139 } 140 141 /* 142 * Object default boolean attributes as per PKCS#11 143 */ 144 static uint8_t *pkcs11_object_default_boolprop(uint32_t attribute) 145 { 146 static const uint8_t bool_true = 1; 147 static const uint8_t bool_false; 148 149 switch (attribute) { 150 /* As per PKCS#11 default value */ 151 case PKCS11_CKA_MODIFIABLE: 152 case PKCS11_CKA_COPYABLE: 153 case PKCS11_CKA_DESTROYABLE: 154 return (uint8_t *)&bool_true; 155 case PKCS11_CKA_TOKEN: 156 case PKCS11_CKA_PRIVATE: 157 case PKCS11_CKA_WRAP_WITH_TRUSTED: 158 case PKCS11_CKA_ALWAYS_AUTHENTICATE: 159 case PKCS11_CKA_SENSITIVE: 160 return (uint8_t *)&bool_false; 161 /* Token specific default value */ 162 case PKCS11_CKA_SIGN: 163 case PKCS11_CKA_VERIFY: 164 case PKCS11_CKA_DERIVE: 165 case PKCS11_CKA_ENCRYPT: 166 case PKCS11_CKA_DECRYPT: 167 case PKCS11_CKA_SIGN_RECOVER: 168 case PKCS11_CKA_VERIFY_RECOVER: 169 case PKCS11_CKA_WRAP: 170 case PKCS11_CKA_UNWRAP: 171 case PKCS11_CKA_EXTRACTABLE: 172 case PKCS11_CKA_TRUSTED: 173 return (uint8_t *)&bool_false; 174 default: 175 DMSG("No default for boolprop attribute %#"PRIx32, attribute); 176 return NULL; 177 } 178 } 179 180 /* 181 * Object expects several boolean attributes to be set to a default value 182 * or to a validate client configuration value. This function append the input 183 * attribute (id/size/value) in the serialized object. 184 */ 185 static enum pkcs11_rc pkcs11_import_object_boolprop(struct obj_attrs **out, 186 struct obj_attrs *templ, 187 uint32_t attribute) 188 { 189 enum pkcs11_rc rc = PKCS11_CKR_OK; 190 uint8_t bbool = 0; 191 uint32_t size = sizeof(uint8_t); 192 void *attr = NULL; 193 194 rc = get_attribute(templ, attribute, &bbool, &size); 195 if (rc) { 196 if (rc != PKCS11_RV_NOT_FOUND) 197 return rc; 198 attr = pkcs11_object_default_boolprop(attribute); 199 if (!attr) 200 return PKCS11_CKR_TEMPLATE_INCOMPLETE; 201 } else { 202 attr = &bbool; 203 } 204 205 /* Boolean attributes are 1byte in the ABI, no alignment issue */ 206 return add_attribute(out, attribute, attr, sizeof(uint8_t)); 207 } 208 209 static enum pkcs11_rc set_mandatory_boolprops(struct obj_attrs **out, 210 struct obj_attrs *temp, 211 uint32_t const *bp, 212 size_t bp_count) 213 { 214 enum pkcs11_rc rc = PKCS11_CKR_OK; 215 size_t n = 0; 216 217 for (n = 0; n < bp_count; n++) { 218 rc = pkcs11_import_object_boolprop(out, temp, bp[n]); 219 if (rc) 220 return rc; 221 } 222 223 return rc; 224 } 225 226 static enum pkcs11_rc set_mandatory_attributes(struct obj_attrs **out, 227 struct obj_attrs *temp, 228 uint32_t const *attrs, 229 size_t attrs_count) 230 { 231 enum pkcs11_rc rc = PKCS11_CKR_OK; 232 size_t n = 0; 233 234 for (n = 0; n < attrs_count; n++) { 235 uint32_t size = 0; 236 void *value = NULL; 237 238 if (get_attribute_ptr(temp, attrs[n], &value, &size)) 239 return PKCS11_CKR_TEMPLATE_INCOMPLETE; 240 241 rc = add_attribute(out, attrs[n], value, size); 242 if (rc) 243 return rc; 244 } 245 246 return rc; 247 } 248 249 static enum pkcs11_rc get_default_value(enum pkcs11_attr_id id, void **value, 250 uint32_t *size) 251 { 252 /* should have been taken care of already */ 253 assert(!pkcs11_attr_is_boolean(id)); 254 255 if (id == PKCS11_CKA_PUBLIC_KEY_INFO) { 256 EMSG("Cannot provide default PUBLIC_KEY_INFO"); 257 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 258 } 259 260 /* All other attributes have an empty default value */ 261 *value = NULL; 262 *size = 0; 263 return PKCS11_CKR_OK; 264 } 265 266 static enum pkcs11_rc set_optional_attributes_with_def(struct obj_attrs **out, 267 struct obj_attrs *temp, 268 uint32_t const *attrs, 269 size_t attrs_count, 270 bool default_to_null) 271 { 272 enum pkcs11_rc rc = PKCS11_CKR_OK; 273 size_t n = 0; 274 275 for (n = 0; n < attrs_count; n++) { 276 uint32_t size = 0; 277 void *value = NULL; 278 279 rc = get_attribute_ptr(temp, attrs[n], &value, &size); 280 if (rc == PKCS11_RV_NOT_FOUND) { 281 if (default_to_null) { 282 rc = get_default_value(attrs[n], &value, &size); 283 } else { 284 rc = PKCS11_CKR_OK; 285 continue; 286 } 287 } 288 if (rc) 289 return rc; 290 291 rc = add_attribute(out, attrs[n], value, size); 292 if (rc) 293 return rc; 294 } 295 296 return rc; 297 } 298 299 static enum pkcs11_rc set_attributes_opt_or_null(struct obj_attrs **out, 300 struct obj_attrs *temp, 301 uint32_t const *attrs, 302 size_t attrs_count) 303 { 304 return set_optional_attributes_with_def(out, temp, attrs, attrs_count, 305 true /* defaults to empty */); 306 } 307 308 static enum pkcs11_rc set_optional_attributes(struct obj_attrs **out, 309 struct obj_attrs *temp, 310 uint32_t const *attrs, 311 size_t attrs_count) 312 { 313 return set_optional_attributes_with_def(out, temp, attrs, attrs_count, 314 false /* no default value */); 315 } 316 317 /* 318 * Below are listed the mandated or optional expected attributes for 319 * PKCS#11 storage objects. 320 * 321 * Note: boolprops (mandated boolean attributes) PKCS11_CKA_ALWAYS_SENSITIVE, 322 * and PKCS11_CKA_NEVER_EXTRACTABLE are set by the token, not provided 323 * in the client template. 324 */ 325 326 /* PKCS#11 specification for any object (session/token) of the storage */ 327 static const uint32_t any_object_boolprops[] = { 328 PKCS11_CKA_TOKEN, PKCS11_CKA_PRIVATE, 329 PKCS11_CKA_MODIFIABLE, PKCS11_CKA_COPYABLE, PKCS11_CKA_DESTROYABLE, 330 }; 331 332 static const uint32_t any_object_opt_or_null[] = { 333 PKCS11_CKA_LABEL, 334 }; 335 336 /* PKCS#11 specification for raw data object (+any_object_xxx) */ 337 const uint32_t raw_data_opt_or_null[] = { 338 PKCS11_CKA_OBJECT_ID, PKCS11_CKA_APPLICATION, PKCS11_CKA_VALUE, 339 }; 340 341 /* PKCS#11 specification for any key object (+any_object_xxx) */ 342 static const uint32_t any_key_boolprops[] = { 343 PKCS11_CKA_DERIVE, 344 }; 345 346 static const uint32_t any_key_opt_or_null[] = { 347 PKCS11_CKA_ID, 348 PKCS11_CKA_START_DATE, PKCS11_CKA_END_DATE, 349 }; 350 351 static const uint32_t any_key_optional[] = { 352 PKCS11_CKA_ALLOWED_MECHANISMS, 353 }; 354 355 /* PKCS#11 specification for any symmetric key (+any_key_xxx) */ 356 static const uint32_t symm_key_boolprops[] = { 357 PKCS11_CKA_ENCRYPT, PKCS11_CKA_DECRYPT, 358 PKCS11_CKA_SIGN, PKCS11_CKA_VERIFY, 359 PKCS11_CKA_WRAP, PKCS11_CKA_UNWRAP, 360 PKCS11_CKA_SENSITIVE, PKCS11_CKA_EXTRACTABLE, 361 PKCS11_CKA_WRAP_WITH_TRUSTED, PKCS11_CKA_TRUSTED, 362 }; 363 364 static const uint32_t symm_key_opt_or_null[] = { 365 PKCS11_CKA_WRAP_TEMPLATE, PKCS11_CKA_UNWRAP_TEMPLATE, 366 PKCS11_CKA_DERIVE_TEMPLATE, PKCS11_CKA_VALUE, 367 }; 368 369 static const uint32_t symm_key_optional[] = { 370 PKCS11_CKA_VALUE_LEN, 371 }; 372 373 /* PKCS#11 specification for any asymmetric public key (+any_key_xxx) */ 374 static const uint32_t public_key_boolprops[] = { 375 PKCS11_CKA_ENCRYPT, PKCS11_CKA_VERIFY, PKCS11_CKA_VERIFY_RECOVER, 376 PKCS11_CKA_WRAP, 377 PKCS11_CKA_TRUSTED, 378 }; 379 380 static const uint32_t public_key_mandated[] = { 381 PKCS11_CKA_SUBJECT 382 }; 383 384 static const uint32_t public_key_opt_or_null[] = { 385 PKCS11_CKA_WRAP_TEMPLATE, PKCS11_CKA_PUBLIC_KEY_INFO, 386 }; 387 388 /* PKCS#11 specification for any asymmetric private key (+any_key_xxx) */ 389 static const uint32_t private_key_boolprops[] = { 390 PKCS11_CKA_DECRYPT, PKCS11_CKA_SIGN, PKCS11_CKA_SIGN_RECOVER, 391 PKCS11_CKA_UNWRAP, 392 PKCS11_CKA_SENSITIVE, PKCS11_CKA_EXTRACTABLE, 393 PKCS11_CKA_WRAP_WITH_TRUSTED, PKCS11_CKA_ALWAYS_AUTHENTICATE, 394 }; 395 396 static const uint32_t private_key_mandated[] = { 397 PKCS11_CKA_SUBJECT 398 }; 399 400 static const uint32_t private_key_opt_or_null[] = { 401 PKCS11_CKA_UNWRAP_TEMPLATE, PKCS11_CKA_PUBLIC_KEY_INFO, 402 }; 403 404 /* PKCS#11 specification for any RSA key (+public/private_key_xxx) */ 405 static const uint32_t rsa_public_key_mandated[] = { 406 PKCS11_CKA_MODULUS_BITS, 407 }; 408 409 static const uint32_t rsa_public_key_opt_or_null[] = { 410 PKCS11_CKA_MODULUS, PKCS11_CKA_PUBLIC_EXPONENT, 411 }; 412 413 static const uint32_t rsa_private_key_opt_or_null[] = { 414 PKCS11_CKA_MODULUS, PKCS11_CKA_PUBLIC_EXPONENT, 415 PKCS11_CKA_PRIVATE_EXPONENT, 416 PKCS11_CKA_PRIME_1, PKCS11_CKA_PRIME_2, 417 PKCS11_CKA_EXPONENT_1, PKCS11_CKA_EXPONENT_2, PKCS11_CKA_COEFFICIENT, 418 }; 419 420 /* PKCS#11 specification for any EC key (+public/private_key_xxx) */ 421 static const uint32_t ec_public_key_mandated[] = { 422 PKCS11_CKA_EC_PARAMS, 423 }; 424 425 static const uint32_t ec_public_key_opt_or_null[] = { 426 PKCS11_CKA_EC_POINT, 427 }; 428 429 static const uint32_t ec_private_key_mandated[] = { 430 PKCS11_CKA_EC_PARAMS, 431 }; 432 433 static const uint32_t ec_private_key_opt_or_null[] = { 434 PKCS11_CKA_VALUE, 435 }; 436 437 static enum pkcs11_rc create_storage_attributes(struct obj_attrs **out, 438 struct obj_attrs *temp) 439 { 440 enum pkcs11_class_id class = PKCS11_CKO_UNDEFINED_ID; 441 enum pkcs11_rc rc = PKCS11_CKR_OK; 442 443 rc = init_attributes_head(out); 444 if (rc) 445 return rc; 446 447 /* Object class is mandatory */ 448 class = get_class(temp); 449 if (class == PKCS11_CKO_UNDEFINED_ID) { 450 EMSG("Class attribute not found"); 451 452 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 453 } 454 rc = add_attribute(out, PKCS11_CKA_CLASS, &class, sizeof(uint32_t)); 455 if (rc) 456 return rc; 457 458 rc = set_mandatory_boolprops(out, temp, any_object_boolprops, 459 ARRAY_SIZE(any_object_boolprops)); 460 if (rc) 461 return rc; 462 463 return set_attributes_opt_or_null(out, temp, any_object_opt_or_null, 464 ARRAY_SIZE(any_object_opt_or_null)); 465 } 466 467 static enum pkcs11_rc create_genkey_attributes(struct obj_attrs **out, 468 struct obj_attrs *temp) 469 { 470 uint32_t type = PKCS11_CKO_UNDEFINED_ID; 471 enum pkcs11_rc rc = PKCS11_CKR_OK; 472 473 rc = create_storage_attributes(out, temp); 474 if (rc) 475 return rc; 476 477 type = get_key_type(temp); 478 if (type == PKCS11_CKK_UNDEFINED_ID) { 479 EMSG("Key type attribute not found"); 480 481 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 482 } 483 rc = add_attribute(out, PKCS11_CKA_KEY_TYPE, &type, sizeof(uint32_t)); 484 if (rc) 485 return rc; 486 487 rc = set_mandatory_boolprops(out, temp, any_key_boolprops, 488 ARRAY_SIZE(any_key_boolprops)); 489 if (rc) 490 return rc; 491 492 rc = set_attributes_opt_or_null(out, temp, any_key_opt_or_null, 493 ARRAY_SIZE(any_key_opt_or_null)); 494 if (rc) 495 return rc; 496 497 return set_optional_attributes(out, temp, any_key_optional, 498 ARRAY_SIZE(any_key_optional)); 499 500 } 501 502 static enum pkcs11_rc create_symm_key_attributes(struct obj_attrs **out, 503 struct obj_attrs *temp) 504 { 505 enum pkcs11_rc rc = PKCS11_CKR_OK; 506 507 assert(get_class(temp) == PKCS11_CKO_SECRET_KEY); 508 509 rc = create_genkey_attributes(out, temp); 510 if (rc) 511 return rc; 512 513 assert(get_class(*out) == PKCS11_CKO_SECRET_KEY); 514 515 switch (get_key_type(*out)) { 516 case PKCS11_CKK_GENERIC_SECRET: 517 case PKCS11_CKK_AES: 518 case PKCS11_CKK_MD5_HMAC: 519 case PKCS11_CKK_SHA_1_HMAC: 520 case PKCS11_CKK_SHA256_HMAC: 521 case PKCS11_CKK_SHA384_HMAC: 522 case PKCS11_CKK_SHA512_HMAC: 523 case PKCS11_CKK_SHA224_HMAC: 524 break; 525 default: 526 EMSG("Invalid key type %#"PRIx32"/%s", 527 get_key_type(*out), id2str_key_type(get_key_type(*out))); 528 529 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 530 } 531 532 rc = set_mandatory_boolprops(out, temp, symm_key_boolprops, 533 ARRAY_SIZE(symm_key_boolprops)); 534 if (rc) 535 return rc; 536 537 rc = set_attributes_opt_or_null(out, temp, symm_key_opt_or_null, 538 ARRAY_SIZE(symm_key_opt_or_null)); 539 if (rc) 540 return rc; 541 542 return set_optional_attributes(out, temp, symm_key_optional, 543 ARRAY_SIZE(symm_key_optional)); 544 } 545 546 static enum pkcs11_rc create_data_attributes(struct obj_attrs **out, 547 struct obj_attrs *temp) 548 { 549 enum pkcs11_rc rc = PKCS11_CKR_OK; 550 551 assert(get_class(temp) == PKCS11_CKO_DATA); 552 553 rc = create_storage_attributes(out, temp); 554 if (rc) 555 return rc; 556 557 assert(get_class(*out) == PKCS11_CKO_DATA); 558 559 return set_attributes_opt_or_null(out, temp, raw_data_opt_or_null, 560 ARRAY_SIZE(raw_data_opt_or_null)); 561 } 562 563 static enum pkcs11_rc create_pub_key_attributes(struct obj_attrs **out, 564 struct obj_attrs *temp) 565 { 566 uint32_t const *mandated = NULL; 567 uint32_t const *opt_or_null = NULL; 568 size_t mandated_count = 0; 569 size_t opt_or_null_count = 0; 570 enum pkcs11_rc rc = PKCS11_CKR_OK; 571 572 assert(get_class(temp) == PKCS11_CKO_PUBLIC_KEY); 573 574 rc = create_genkey_attributes(out, temp); 575 if (rc) 576 return rc; 577 578 assert(get_class(*out) == PKCS11_CKO_PUBLIC_KEY); 579 580 rc = set_mandatory_boolprops(out, temp, public_key_boolprops, 581 ARRAY_SIZE(public_key_boolprops)); 582 if (rc) 583 return rc; 584 585 rc = set_mandatory_attributes(out, temp, public_key_mandated, 586 ARRAY_SIZE(public_key_mandated)); 587 if (rc) 588 return rc; 589 590 rc = set_attributes_opt_or_null(out, temp, 591 public_key_opt_or_null, 592 ARRAY_SIZE(public_key_opt_or_null)); 593 if (rc) 594 return rc; 595 596 switch (get_key_type(*out)) { 597 case PKCS11_CKK_RSA: 598 mandated = rsa_public_key_mandated; 599 opt_or_null = rsa_public_key_opt_or_null; 600 mandated_count = ARRAY_SIZE(rsa_public_key_mandated); 601 opt_or_null_count = ARRAY_SIZE(rsa_public_key_opt_or_null); 602 break; 603 case PKCS11_CKK_EC: 604 mandated = ec_public_key_mandated; 605 opt_or_null = ec_public_key_opt_or_null; 606 mandated_count = ARRAY_SIZE(ec_public_key_mandated); 607 opt_or_null_count = ARRAY_SIZE(ec_public_key_opt_or_null); 608 break; 609 default: 610 EMSG("Invalid key type %#"PRIx32"/%s", 611 get_key_type(*out), id2str_key_type(get_key_type(*out))); 612 613 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 614 } 615 616 rc = set_mandatory_attributes(out, temp, mandated, mandated_count); 617 if (rc) 618 return rc; 619 620 return set_attributes_opt_or_null(out, temp, opt_or_null, 621 opt_or_null_count); 622 } 623 624 static enum pkcs11_rc create_priv_key_attributes(struct obj_attrs **out, 625 struct obj_attrs *temp) 626 { 627 uint32_t const *mandated = NULL; 628 uint32_t const *opt_or_null = NULL; 629 size_t mandated_count = 0; 630 size_t opt_or_null_count = 0; 631 enum pkcs11_rc rc = PKCS11_CKR_OK; 632 633 assert(get_class(temp) == PKCS11_CKO_PRIVATE_KEY); 634 635 rc = create_genkey_attributes(out, temp); 636 if (rc) 637 return rc; 638 639 assert(get_class(*out) == PKCS11_CKO_PRIVATE_KEY); 640 641 rc = set_mandatory_boolprops(out, temp, private_key_boolprops, 642 ARRAY_SIZE(private_key_boolprops)); 643 if (rc) 644 return rc; 645 646 rc = set_mandatory_attributes(out, temp, private_key_mandated, 647 ARRAY_SIZE(private_key_mandated)); 648 if (rc) 649 return rc; 650 651 rc = set_attributes_opt_or_null(out, temp, private_key_opt_or_null, 652 ARRAY_SIZE(private_key_opt_or_null)); 653 if (rc) 654 return rc; 655 656 switch (get_key_type(*out)) { 657 case PKCS11_CKK_RSA: 658 opt_or_null = rsa_private_key_opt_or_null; 659 opt_or_null_count = ARRAY_SIZE(rsa_private_key_opt_or_null); 660 break; 661 case PKCS11_CKK_EC: 662 mandated = ec_private_key_mandated; 663 opt_or_null = ec_private_key_opt_or_null; 664 mandated_count = ARRAY_SIZE(ec_private_key_mandated); 665 opt_or_null_count = ARRAY_SIZE(ec_private_key_opt_or_null); 666 break; 667 default: 668 EMSG("Invalid key type %#"PRIx32"/%s", 669 get_key_type(*out), id2str_key_type(get_key_type(*out))); 670 671 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 672 } 673 674 rc = set_mandatory_attributes(out, temp, mandated, mandated_count); 675 if (rc) 676 return rc; 677 678 return set_attributes_opt_or_null(out, temp, opt_or_null, 679 opt_or_null_count); 680 } 681 682 static enum pkcs11_rc 683 sanitize_symm_key_attributes(struct obj_attrs **temp, 684 enum processing_func function) 685 { 686 enum pkcs11_rc rc = PKCS11_CKR_OK; 687 uint32_t a_size = 0; 688 689 assert(get_class(*temp) == PKCS11_CKO_SECRET_KEY); 690 691 rc = get_attribute_ptr(*temp, PKCS11_CKA_VALUE, NULL, &a_size); 692 693 switch (get_key_type(*temp)) { 694 case PKCS11_CKK_GENERIC_SECRET: 695 case PKCS11_CKK_AES: 696 case PKCS11_CKK_MD5_HMAC: 697 case PKCS11_CKK_SHA_1_HMAC: 698 case PKCS11_CKK_SHA256_HMAC: 699 case PKCS11_CKK_SHA384_HMAC: 700 case PKCS11_CKK_SHA512_HMAC: 701 case PKCS11_CKK_SHA224_HMAC: 702 switch (function) { 703 case PKCS11_FUNCTION_IMPORT: 704 /* CKA_VALUE is a mandatory with C_CreateObject */ 705 if (rc || a_size == 0) 706 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 707 708 if (get_attribute_ptr(*temp, PKCS11_CKA_VALUE_LEN, NULL, 709 NULL) != PKCS11_RV_NOT_FOUND) 710 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 711 712 return add_attribute(temp, PKCS11_CKA_VALUE_LEN, 713 &a_size, sizeof(uint32_t)); 714 case PKCS11_FUNCTION_GENERATE: 715 if (rc != PKCS11_RV_NOT_FOUND) 716 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 717 break; 718 default: 719 break; 720 } 721 break; 722 default: 723 EMSG("Invalid key type %#"PRIx32"/%s", 724 get_key_type(*temp), id2str_key_type(get_key_type(*temp))); 725 726 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 727 } 728 729 return PKCS11_CKR_OK; 730 } 731 732 /* 733 * Create an attribute list for a new object from a template and a parent 734 * object (optional) for an object generation function (generate, copy, 735 * derive...). 736 * 737 * PKCS#11 directives on the supplied template and expected return value: 738 * - template has an invalid attribute ID: ATTRIBUTE_TYPE_INVALID 739 * - template has an invalid value for an attribute: ATTRIBUTE_VALID_INVALID 740 * - template has value for a read-only attribute: ATTRIBUTE_READ_ONLY 741 * - template+default+parent => still miss an attribute: TEMPLATE_INCONSISTENT 742 * 743 * INFO on PKCS11_CMD_COPY_OBJECT: 744 * - parent PKCS11_CKA_COPYIABLE=false => return ACTION_PROHIBITED. 745 * - template can specify PKCS11_CKA_TOKEN, PKCS11_CKA_PRIVATE, 746 * PKCS11_CKA_MODIFIABLE, PKCS11_CKA_DESTROYABLE. 747 * - SENSITIVE can change from false to true, not from true to false. 748 * - LOCAL is the parent LOCAL 749 */ 750 enum pkcs11_rc 751 create_attributes_from_template(struct obj_attrs **out, void *template, 752 size_t template_size, 753 struct obj_attrs *parent, 754 enum processing_func function, 755 enum pkcs11_mechanism_id mecha, 756 enum pkcs11_class_id template_class __unused) 757 { 758 struct obj_attrs *temp = NULL; 759 struct obj_attrs *attrs = NULL; 760 enum pkcs11_rc rc = PKCS11_CKR_OK; 761 uint8_t local = 0; 762 uint8_t always_sensitive = 0; 763 uint8_t never_extract = 0; 764 uint32_t class = PKCS11_UNDEFINED_ID; 765 uint32_t type = PKCS11_UNDEFINED_ID; 766 uint32_t mechanism_id = PKCS11_CKM_UNDEFINED_ID; 767 768 #ifdef DEBUG /* Sanity: check function argument */ 769 trace_attributes_from_api_head("template", template, template_size); 770 switch (function) { 771 case PKCS11_FUNCTION_GENERATE: 772 case PKCS11_FUNCTION_IMPORT: 773 case PKCS11_FUNCTION_MODIFY: 774 case PKCS11_FUNCTION_DERIVE: 775 case PKCS11_FUNCTION_COPY: 776 break; 777 default: 778 TEE_Panic(TEE_ERROR_NOT_SUPPORTED); 779 } 780 #endif 781 782 /* 783 * For PKCS11_FUNCTION_GENERATE, find the class and type 784 * based on the mechanism. These will be passed as hint 785 * sanitize_client_object() and added in temp if not 786 * already present 787 */ 788 if (function == PKCS11_FUNCTION_GENERATE) { 789 switch (mecha) { 790 case PKCS11_CKM_GENERIC_SECRET_KEY_GEN: 791 class = PKCS11_CKO_SECRET_KEY; 792 type = PKCS11_CKK_GENERIC_SECRET; 793 break; 794 case PKCS11_CKM_AES_KEY_GEN: 795 class = PKCS11_CKO_SECRET_KEY; 796 type = PKCS11_CKK_AES; 797 break; 798 default: 799 TEE_Panic(TEE_ERROR_NOT_SUPPORTED); 800 } 801 } 802 803 /* 804 * Check and remove duplicates if any and create a new temporary 805 * template 806 */ 807 rc = sanitize_client_object(&temp, template, template_size, class, 808 type); 809 if (rc) 810 goto out; 811 812 /* 813 * For function type modify and copy return the created template 814 * from here. Rest of the code below is for creating objects 815 * or generating keys. 816 */ 817 switch (function) { 818 case PKCS11_FUNCTION_MODIFY: 819 case PKCS11_FUNCTION_COPY: 820 *out = temp; 821 return rc; 822 default: 823 break; 824 } 825 826 /* 827 * Check if class and type in temp are consistent with the mechanism 828 */ 829 switch (mecha) { 830 case PKCS11_CKM_GENERIC_SECRET_KEY_GEN: 831 if (get_class(temp) != PKCS11_CKO_SECRET_KEY || 832 get_key_type(temp) != PKCS11_CKK_GENERIC_SECRET) { 833 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 834 goto out; 835 } 836 break; 837 case PKCS11_CKM_AES_KEY_GEN: 838 if (get_class(temp) != PKCS11_CKO_SECRET_KEY || 839 get_key_type(temp) != PKCS11_CKK_AES) { 840 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 841 goto out; 842 } 843 break; 844 default: 845 break; 846 } 847 848 if (!sanitize_consistent_class_and_type(temp)) { 849 EMSG("Inconsistent class/type"); 850 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 851 goto out; 852 } 853 854 switch (get_class(temp)) { 855 case PKCS11_CKO_DATA: 856 rc = create_data_attributes(&attrs, temp); 857 break; 858 case PKCS11_CKO_SECRET_KEY: 859 rc = sanitize_symm_key_attributes(&temp, function); 860 if (rc) 861 goto out; 862 rc = create_symm_key_attributes(&attrs, temp); 863 break; 864 case PKCS11_CKO_PUBLIC_KEY: 865 rc = create_pub_key_attributes(&attrs, temp); 866 break; 867 case PKCS11_CKO_PRIVATE_KEY: 868 rc = create_priv_key_attributes(&attrs, temp); 869 break; 870 default: 871 DMSG("Invalid object class %#"PRIx32"/%s", 872 get_class(temp), id2str_class(get_class(temp))); 873 874 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 875 break; 876 } 877 if (rc) 878 goto out; 879 880 if (get_attribute_ptr(temp, PKCS11_CKA_LOCAL, NULL, NULL) != 881 PKCS11_RV_NOT_FOUND) { 882 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 883 goto out; 884 } 885 886 if (get_attribute_ptr(temp, PKCS11_CKA_KEY_GEN_MECHANISM, NULL, NULL) != 887 PKCS11_RV_NOT_FOUND) { 888 rc = PKCS11_CKR_TEMPLATE_INCONSISTENT; 889 goto out; 890 } 891 892 switch (function) { 893 case PKCS11_FUNCTION_GENERATE: 894 local = PKCS11_TRUE; 895 break; 896 case PKCS11_FUNCTION_IMPORT: 897 case PKCS11_FUNCTION_DERIVE: 898 default: 899 local = PKCS11_FALSE; 900 break; 901 } 902 rc = add_attribute(&attrs, PKCS11_CKA_LOCAL, &local, sizeof(local)); 903 if (rc) 904 goto out; 905 906 switch (get_class(attrs)) { 907 case PKCS11_CKO_SECRET_KEY: 908 case PKCS11_CKO_PRIVATE_KEY: 909 case PKCS11_CKO_PUBLIC_KEY: 910 always_sensitive = PKCS11_FALSE; 911 never_extract = PKCS11_FALSE; 912 913 switch (function) { 914 case PKCS11_FUNCTION_DERIVE: 915 always_sensitive = 916 get_bool(parent, PKCS11_CKA_ALWAYS_SENSITIVE) && 917 get_bool(attrs, PKCS11_CKA_SENSITIVE); 918 never_extract = 919 get_bool(parent, PKCS11_CKA_NEVER_EXTRACTABLE) && 920 !get_bool(attrs, PKCS11_CKA_EXTRACTABLE); 921 break; 922 case PKCS11_FUNCTION_GENERATE: 923 always_sensitive = get_bool(attrs, 924 PKCS11_CKA_SENSITIVE); 925 never_extract = !get_bool(attrs, 926 PKCS11_CKA_EXTRACTABLE); 927 break; 928 default: 929 break; 930 } 931 932 rc = add_attribute(&attrs, PKCS11_CKA_ALWAYS_SENSITIVE, 933 &always_sensitive, sizeof(always_sensitive)); 934 if (rc) 935 goto out; 936 937 rc = add_attribute(&attrs, PKCS11_CKA_NEVER_EXTRACTABLE, 938 &never_extract, sizeof(never_extract)); 939 if (rc) 940 goto out; 941 942 /* Keys mandate attribute PKCS11_CKA_KEY_GEN_MECHANISM */ 943 if (local) 944 mechanism_id = mecha; 945 else 946 mechanism_id = PKCS11_CK_UNAVAILABLE_INFORMATION; 947 948 rc = add_attribute(&attrs, PKCS11_CKA_KEY_GEN_MECHANISM, 949 &mechanism_id, sizeof(mechanism_id)); 950 if (rc) 951 goto out; 952 break; 953 954 default: 955 break; 956 } 957 958 *out = attrs; 959 960 #ifdef DEBUG 961 trace_attributes("object", attrs); 962 #endif 963 964 out: 965 TEE_Free(temp); 966 if (rc) 967 TEE_Free(attrs); 968 969 return rc; 970 } 971 972 static enum pkcs11_rc check_attrs_misc_integrity(struct obj_attrs *head) 973 { 974 if (get_bool(head, PKCS11_CKA_NEVER_EXTRACTABLE) && 975 get_bool(head, PKCS11_CKA_EXTRACTABLE)) { 976 DMSG("Never/Extractable attributes mismatch %d/%d", 977 get_bool(head, PKCS11_CKA_NEVER_EXTRACTABLE), 978 get_bool(head, PKCS11_CKA_EXTRACTABLE)); 979 980 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 981 } 982 983 if (get_bool(head, PKCS11_CKA_ALWAYS_SENSITIVE) && 984 !get_bool(head, PKCS11_CKA_SENSITIVE)) { 985 DMSG("Sensitive/always attributes mismatch %d/%d", 986 get_bool(head, PKCS11_CKA_SENSITIVE), 987 get_bool(head, PKCS11_CKA_ALWAYS_SENSITIVE)); 988 989 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 990 } 991 992 return PKCS11_CKR_OK; 993 } 994 995 bool object_is_private(struct obj_attrs *head) 996 { 997 return get_bool(head, PKCS11_CKA_PRIVATE); 998 } 999 1000 bool object_is_token(struct obj_attrs *head) 1001 { 1002 return get_bool(head, PKCS11_CKA_TOKEN); 1003 } 1004 1005 bool object_is_modifiable(struct obj_attrs *head) 1006 { 1007 return get_bool(head, PKCS11_CKA_MODIFIABLE); 1008 } 1009 1010 bool object_is_copyable(struct obj_attrs *head) 1011 { 1012 return get_bool(head, PKCS11_CKA_COPYABLE); 1013 } 1014 1015 /* 1016 * Check access to object against authentication to token 1017 */ 1018 enum pkcs11_rc check_access_attrs_against_token(struct pkcs11_session *session, 1019 struct obj_attrs *head) 1020 { 1021 bool private = true; 1022 1023 switch (get_class(head)) { 1024 case PKCS11_CKO_SECRET_KEY: 1025 case PKCS11_CKO_PRIVATE_KEY: 1026 case PKCS11_CKO_PUBLIC_KEY: 1027 case PKCS11_CKO_DATA: 1028 private = object_is_private(head); 1029 break; 1030 default: 1031 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1032 } 1033 1034 if (private && (pkcs11_session_is_public(session) || 1035 pkcs11_session_is_so(session))) { 1036 DMSG("Private object access from a public or SO session"); 1037 1038 return PKCS11_CKR_USER_NOT_LOGGED_IN; 1039 } 1040 1041 return PKCS11_CKR_OK; 1042 } 1043 1044 /* 1045 * Check the attributes of a to-be-created object matches the token state 1046 */ 1047 enum pkcs11_rc check_created_attrs_against_token(struct pkcs11_session *session, 1048 struct obj_attrs *head) 1049 { 1050 enum pkcs11_rc rc = PKCS11_CKR_OK; 1051 1052 rc = check_attrs_misc_integrity(head); 1053 if (rc) 1054 return rc; 1055 1056 if (get_bool(head, PKCS11_CKA_TRUSTED) && 1057 !pkcs11_session_is_so(session)) { 1058 DMSG("Can't create trusted object"); 1059 1060 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1061 } 1062 1063 if (get_bool(head, PKCS11_CKA_TOKEN) && 1064 !pkcs11_session_is_read_write(session)) { 1065 DMSG("Can't create persistent object"); 1066 1067 return PKCS11_CKR_SESSION_READ_ONLY; 1068 } 1069 1070 /* 1071 * TODO: START_DATE and END_DATE: complies with current time? 1072 */ 1073 return PKCS11_CKR_OK; 1074 } 1075 1076 #define DMSG_BAD_BBOOL(attr, proc, head) \ 1077 do { \ 1078 uint32_t __maybe_unused _attr = (attr); \ 1079 uint8_t __maybe_unused _bvalue = 0; \ 1080 enum pkcs11_rc __maybe_unused _rc = PKCS11_CKR_OK; \ 1081 \ 1082 _rc = get_attribute((head), _attr, &_bvalue, NULL); \ 1083 DMSG("%s issue for %s: %sfound, value %"PRIu8, \ 1084 id2str_attr(_attr), id2str_proc((proc)), \ 1085 _rc ? "not " : "", _bvalue); \ 1086 } while (0) 1087 1088 static bool __maybe_unused check_attr_bval(uint32_t proc_id __maybe_unused, 1089 struct obj_attrs *head, 1090 uint32_t attribute, bool val) 1091 { 1092 uint8_t bbool = 0; 1093 uint32_t sz = sizeof(bbool); 1094 1095 if (!get_attribute(head, attribute, &bbool, &sz) && !!bbool == val) 1096 return true; 1097 1098 DMSG_BAD_BBOOL(attribute, proc_id, head); 1099 return false; 1100 } 1101 1102 /* 1103 * Check the attributes of a new secret match the processing/mechanism 1104 * used to create it. 1105 * 1106 * @proc_id - PKCS11_CKM_xxx 1107 * @head - head of the attributes of the to-be-created object. 1108 */ 1109 enum pkcs11_rc check_created_attrs_against_processing(uint32_t proc_id, 1110 struct obj_attrs *head) 1111 { 1112 /* 1113 * Processings that do not create secrets are not expected to call 1114 * this function which would panic. 1115 */ 1116 switch (proc_id) { 1117 case PKCS11_PROCESSING_IMPORT: 1118 case PKCS11_CKM_AES_ECB_ENCRYPT_DATA: 1119 case PKCS11_CKM_AES_CBC_ENCRYPT_DATA: 1120 assert(check_attr_bval(proc_id, head, PKCS11_CKA_LOCAL, false)); 1121 break; 1122 case PKCS11_CKM_GENERIC_SECRET_KEY_GEN: 1123 case PKCS11_CKM_AES_KEY_GEN: 1124 assert(check_attr_bval(proc_id, head, PKCS11_CKA_LOCAL, true)); 1125 break; 1126 default: 1127 TEE_Panic(proc_id); 1128 break; 1129 } 1130 1131 switch (proc_id) { 1132 case PKCS11_CKM_GENERIC_SECRET_KEY_GEN: 1133 assert(get_key_type(head) == PKCS11_CKK_GENERIC_SECRET); 1134 break; 1135 case PKCS11_CKM_AES_KEY_GEN: 1136 assert(get_key_type(head) == PKCS11_CKK_AES); 1137 break; 1138 case PKCS11_PROCESSING_IMPORT: 1139 default: 1140 break; 1141 } 1142 1143 return PKCS11_CKR_OK; 1144 } 1145 1146 /* Return min and max key size supported for a key_type in bytes */ 1147 static void get_key_min_max_sizes(enum pkcs11_key_type key_type, 1148 uint32_t *min_key_size, 1149 uint32_t *max_key_size) 1150 { 1151 enum pkcs11_mechanism_id mechanism = PKCS11_CKM_UNDEFINED_ID; 1152 1153 switch (key_type) { 1154 case PKCS11_CKK_GENERIC_SECRET: 1155 mechanism = PKCS11_CKM_GENERIC_SECRET_KEY_GEN; 1156 break; 1157 case PKCS11_CKK_AES: 1158 mechanism = PKCS11_CKM_AES_KEY_GEN; 1159 break; 1160 case PKCS11_CKK_MD5_HMAC: 1161 mechanism = PKCS11_CKM_MD5_HMAC; 1162 break; 1163 case PKCS11_CKK_SHA_1_HMAC: 1164 mechanism = PKCS11_CKM_SHA_1_HMAC; 1165 break; 1166 case PKCS11_CKK_SHA224_HMAC: 1167 mechanism = PKCS11_CKM_SHA224_HMAC; 1168 break; 1169 case PKCS11_CKK_SHA256_HMAC: 1170 mechanism = PKCS11_CKM_SHA256_HMAC; 1171 break; 1172 case PKCS11_CKK_SHA384_HMAC: 1173 mechanism = PKCS11_CKM_SHA384_HMAC; 1174 break; 1175 case PKCS11_CKK_SHA512_HMAC: 1176 mechanism = PKCS11_CKM_SHA512_HMAC; 1177 break; 1178 default: 1179 TEE_Panic(key_type); 1180 break; 1181 } 1182 1183 mechanism_supported_key_sizes_bytes(mechanism, min_key_size, 1184 max_key_size); 1185 } 1186 1187 enum pkcs11_rc check_created_attrs(struct obj_attrs *key1, 1188 struct obj_attrs *key2) 1189 { 1190 enum pkcs11_rc rc = PKCS11_CKR_OK; 1191 struct obj_attrs *secret = NULL; 1192 uint32_t max_key_size = 0; 1193 uint32_t min_key_size = 0; 1194 uint32_t key_length = 0; 1195 1196 switch (get_class(key1)) { 1197 case PKCS11_CKO_SECRET_KEY: 1198 secret = key1; 1199 break; 1200 default: 1201 return PKCS11_CKR_ATTRIBUTE_VALUE_INVALID; 1202 } 1203 1204 if (key2) 1205 return PKCS11_CKR_ATTRIBUTE_VALUE_INVALID; 1206 1207 if (secret) { 1208 switch (get_key_type(secret)) { 1209 case PKCS11_CKK_AES: 1210 case PKCS11_CKK_GENERIC_SECRET: 1211 case PKCS11_CKK_MD5_HMAC: 1212 case PKCS11_CKK_SHA_1_HMAC: 1213 case PKCS11_CKK_SHA224_HMAC: 1214 case PKCS11_CKK_SHA256_HMAC: 1215 case PKCS11_CKK_SHA384_HMAC: 1216 case PKCS11_CKK_SHA512_HMAC: 1217 break; 1218 default: 1219 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 1220 } 1221 1222 /* Get key size */ 1223 rc = get_u32_attribute(secret, PKCS11_CKA_VALUE_LEN, 1224 &key_length); 1225 if (rc) 1226 return PKCS11_CKR_TEMPLATE_INCOMPLETE; 1227 } 1228 1229 get_key_min_max_sizes(get_key_type(key1), &min_key_size, &max_key_size); 1230 if (key_length < min_key_size || key_length > max_key_size) { 1231 EMSG("Length %"PRIu32" vs range [%"PRIu32" %"PRIu32"]", 1232 key_length, min_key_size, max_key_size); 1233 1234 return PKCS11_CKR_KEY_SIZE_RANGE; 1235 } 1236 1237 if (secret && get_key_type(secret) == PKCS11_CKK_AES) { 1238 if (key_length != 16 && key_length != 24 && key_length != 32) 1239 return PKCS11_CKR_KEY_SIZE_RANGE; 1240 } 1241 1242 return PKCS11_CKR_OK; 1243 } 1244 1245 /* Check processing ID against attribute ALLOWED_MECHANISMS if any */ 1246 static bool parent_key_complies_allowed_processings(uint32_t proc_id, 1247 struct obj_attrs *head) 1248 { 1249 char *attr = NULL; 1250 uint32_t size = 0; 1251 uint32_t proc = 0; 1252 size_t count = 0; 1253 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR; 1254 1255 rc = get_attribute_ptr(head, PKCS11_CKA_ALLOWED_MECHANISMS, 1256 (void *)&attr, &size); 1257 if (rc == PKCS11_RV_NOT_FOUND) 1258 return true; 1259 if (rc) { 1260 EMSG("unexpected attributes state"); 1261 TEE_Panic(TEE_ERROR_BAD_STATE); 1262 } 1263 1264 for (count = size / sizeof(uint32_t); count; count--) { 1265 TEE_MemMove(&proc, attr, sizeof(uint32_t)); 1266 attr += sizeof(uint32_t); 1267 1268 if (proc == proc_id) 1269 return true; 1270 } 1271 1272 DMSG("can't find %s in allowed list", id2str_proc(proc_id)); 1273 return false; 1274 } 1275 1276 static enum pkcs11_attr_id func_to_attr(enum processing_func func) 1277 { 1278 switch (func) { 1279 case PKCS11_FUNCTION_ENCRYPT: 1280 return PKCS11_CKA_ENCRYPT; 1281 case PKCS11_FUNCTION_DECRYPT: 1282 return PKCS11_CKA_DECRYPT; 1283 case PKCS11_FUNCTION_SIGN: 1284 return PKCS11_CKA_SIGN; 1285 case PKCS11_FUNCTION_VERIFY: 1286 return PKCS11_CKA_VERIFY; 1287 case PKCS11_FUNCTION_WRAP: 1288 return PKCS11_CKA_WRAP; 1289 case PKCS11_FUNCTION_UNWRAP: 1290 return PKCS11_CKA_UNWRAP; 1291 case PKCS11_FUNCTION_DERIVE: 1292 return PKCS11_CKA_DERIVE; 1293 default: 1294 return PKCS11_CKA_UNDEFINED_ID; 1295 } 1296 } 1297 1298 enum pkcs11_rc 1299 check_parent_attrs_against_processing(enum pkcs11_mechanism_id proc_id, 1300 enum processing_func function, 1301 struct obj_attrs *head) 1302 { 1303 enum pkcs11_class_id key_class = get_class(head); 1304 enum pkcs11_key_type key_type = get_key_type(head); 1305 enum pkcs11_attr_id attr = func_to_attr(function); 1306 1307 if (!get_bool(head, attr)) { 1308 DMSG("%s not permitted", id2str_attr(attr)); 1309 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1310 } 1311 1312 /* Check processing complies with parent key family */ 1313 switch (proc_id) { 1314 case PKCS11_CKM_AES_ECB: 1315 case PKCS11_CKM_AES_CBC: 1316 case PKCS11_CKM_AES_CBC_PAD: 1317 case PKCS11_CKM_AES_CTS: 1318 case PKCS11_CKM_AES_CTR: 1319 if (key_class == PKCS11_CKO_SECRET_KEY && 1320 key_type == PKCS11_CKK_AES) 1321 break; 1322 1323 DMSG("%s invalid key %s/%s", id2str_proc(proc_id), 1324 id2str_class(key_class), id2str_key_type(key_type)); 1325 1326 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1327 1328 case PKCS11_CKM_AES_ECB_ENCRYPT_DATA: 1329 case PKCS11_CKM_AES_CBC_ENCRYPT_DATA: 1330 if (key_class != PKCS11_CKO_SECRET_KEY && 1331 key_type != PKCS11_CKK_AES) 1332 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1333 1334 if (get_bool(head, PKCS11_CKA_ENCRYPT)) { 1335 /* 1336 * Intentionally refuse to proceed despite 1337 * PKCS#11 specifications v2.40 and v3.0 not expecting 1338 * this behavior to avoid potential security issue 1339 * where keys derived by these mechanisms can be 1340 * revealed by doing data encryption using parent key. 1341 */ 1342 return PKCS11_CKR_FUNCTION_FAILED; 1343 } 1344 1345 break; 1346 case PKCS11_CKM_MD5_HMAC: 1347 case PKCS11_CKM_SHA_1_HMAC: 1348 case PKCS11_CKM_SHA224_HMAC: 1349 case PKCS11_CKM_SHA256_HMAC: 1350 case PKCS11_CKM_SHA384_HMAC: 1351 case PKCS11_CKM_SHA512_HMAC: 1352 if (key_class != PKCS11_CKO_SECRET_KEY) 1353 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1354 1355 if (key_type == PKCS11_CKK_GENERIC_SECRET) 1356 break; 1357 1358 switch (proc_id) { 1359 case PKCS11_CKM_MD5_HMAC: 1360 if (key_type == PKCS11_CKK_MD5_HMAC) 1361 break; 1362 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1363 case PKCS11_CKM_SHA_1_HMAC: 1364 if (key_type == PKCS11_CKK_SHA_1_HMAC) 1365 break; 1366 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1367 case PKCS11_CKM_SHA224_HMAC: 1368 if (key_type == PKCS11_CKK_SHA224_HMAC) 1369 break; 1370 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1371 case PKCS11_CKM_SHA256_HMAC: 1372 if (key_type == PKCS11_CKK_SHA256_HMAC) 1373 break; 1374 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1375 case PKCS11_CKM_SHA384_HMAC: 1376 if (key_type == PKCS11_CKK_SHA384_HMAC) 1377 break; 1378 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1379 case PKCS11_CKM_SHA512_HMAC: 1380 if (key_type == PKCS11_CKK_SHA512_HMAC) 1381 break; 1382 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1383 default: 1384 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1385 } 1386 break; 1387 1388 default: 1389 DMSG("Invalid processing %#"PRIx32"/%s", proc_id, 1390 id2str_proc(proc_id)); 1391 1392 return PKCS11_CKR_MECHANISM_INVALID; 1393 } 1394 1395 if (!parent_key_complies_allowed_processings(proc_id, head)) { 1396 DMSG("Allowed mechanism failed"); 1397 return PKCS11_CKR_KEY_FUNCTION_NOT_PERMITTED; 1398 } 1399 1400 return PKCS11_CKR_OK; 1401 } 1402 1403 bool attribute_is_exportable(struct pkcs11_attribute_head *req_attr, 1404 struct pkcs11_object *obj) 1405 { 1406 uint8_t boolval = 0; 1407 uint32_t boolsize = 0; 1408 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR; 1409 enum pkcs11_class_id key_class = get_class(obj->attributes); 1410 1411 if (key_class != PKCS11_CKO_SECRET_KEY && 1412 key_class != PKCS11_CKO_PRIVATE_KEY) 1413 return true; 1414 1415 switch (req_attr->id) { 1416 case PKCS11_CKA_PRIVATE_EXPONENT: 1417 case PKCS11_CKA_PRIME_1: 1418 case PKCS11_CKA_PRIME_2: 1419 case PKCS11_CKA_EXPONENT_1: 1420 case PKCS11_CKA_EXPONENT_2: 1421 case PKCS11_CKA_COEFFICIENT: 1422 case PKCS11_CKA_VALUE: 1423 boolsize = sizeof(boolval); 1424 rc = get_attribute(obj->attributes, PKCS11_CKA_EXTRACTABLE, 1425 &boolval, &boolsize); 1426 if (rc || boolval == PKCS11_FALSE) 1427 return false; 1428 1429 boolsize = sizeof(boolval); 1430 rc = get_attribute(obj->attributes, PKCS11_CKA_SENSITIVE, 1431 &boolval, &boolsize); 1432 if (rc || boolval == PKCS11_TRUE) 1433 return false; 1434 break; 1435 default: 1436 break; 1437 } 1438 1439 return true; 1440 } 1441 1442 static bool attr_is_modifiable_any_key(struct pkcs11_attribute_head *attr) 1443 { 1444 switch (attr->id) { 1445 case PKCS11_CKA_ID: 1446 case PKCS11_CKA_START_DATE: 1447 case PKCS11_CKA_END_DATE: 1448 case PKCS11_CKA_DERIVE: 1449 return true; 1450 default: 1451 return false; 1452 } 1453 } 1454 1455 static bool attr_is_modifiable_secret_key(struct pkcs11_attribute_head *attr, 1456 struct pkcs11_session *session, 1457 struct pkcs11_object *obj) 1458 { 1459 switch (attr->id) { 1460 case PKCS11_CKA_ENCRYPT: 1461 case PKCS11_CKA_DECRYPT: 1462 case PKCS11_CKA_SIGN: 1463 case PKCS11_CKA_VERIFY: 1464 case PKCS11_CKA_WRAP: 1465 case PKCS11_CKA_UNWRAP: 1466 return true; 1467 /* Can't be modified once set to CK_FALSE - 12 in Table 10 */ 1468 case PKCS11_CKA_EXTRACTABLE: 1469 return get_bool(obj->attributes, attr->id); 1470 /* Can't be modified once set to CK_TRUE - 11 in Table 10 */ 1471 case PKCS11_CKA_SENSITIVE: 1472 case PKCS11_CKA_WRAP_WITH_TRUSTED: 1473 return !get_bool(obj->attributes, attr->id); 1474 /* Change in CKA_TRUSTED can only be done by SO */ 1475 case PKCS11_CKA_TRUSTED: 1476 return pkcs11_session_is_so(session); 1477 case PKCS11_CKA_NEVER_EXTRACTABLE: 1478 case PKCS11_CKA_ALWAYS_SENSITIVE: 1479 return false; 1480 default: 1481 return false; 1482 } 1483 } 1484 1485 static bool attr_is_modifiable_public_key(struct pkcs11_attribute_head *attr, 1486 struct pkcs11_session *session, 1487 struct pkcs11_object *obj __unused) 1488 { 1489 switch (attr->id) { 1490 case PKCS11_CKA_SUBJECT: 1491 case PKCS11_CKA_ENCRYPT: 1492 case PKCS11_CKA_VERIFY: 1493 case PKCS11_CKA_VERIFY_RECOVER: 1494 case PKCS11_CKA_WRAP: 1495 return true; 1496 case PKCS11_CKA_TRUSTED: 1497 /* Change in CKA_TRUSTED can only be done by SO */ 1498 return pkcs11_session_is_so(session); 1499 default: 1500 return false; 1501 } 1502 } 1503 1504 static bool attr_is_modifiable_private_key(struct pkcs11_attribute_head *attr, 1505 struct pkcs11_session *sess __unused, 1506 struct pkcs11_object *obj) 1507 { 1508 switch (attr->id) { 1509 case PKCS11_CKA_SUBJECT: 1510 case PKCS11_CKA_DECRYPT: 1511 case PKCS11_CKA_SIGN: 1512 case PKCS11_CKA_SIGN_RECOVER: 1513 case PKCS11_CKA_UNWRAP: 1514 /* 1515 * TBD: Revisit if we don't support PKCS11_CKA_PUBLIC_KEY_INFO 1516 * Specification mentions that if this attribute is 1517 * supplied as part of a template for C_CreateObject, C_CopyObject or 1518 * C_SetAttributeValue for a private key, the token MUST verify 1519 * correspondence between the private key data and the public key data 1520 * as supplied in CKA_PUBLIC_KEY_INFO. This needs to be 1521 * taken care of when this object type will be implemented 1522 */ 1523 case PKCS11_CKA_PUBLIC_KEY_INFO: 1524 return true; 1525 /* Can't be modified once set to CK_FALSE - 12 in Table 10 */ 1526 case PKCS11_CKA_EXTRACTABLE: 1527 return get_bool(obj->attributes, attr->id); 1528 /* Can't be modified once set to CK_TRUE - 11 in Table 10 */ 1529 case PKCS11_CKA_SENSITIVE: 1530 case PKCS11_CKA_WRAP_WITH_TRUSTED: 1531 return !get_bool(obj->attributes, attr->id); 1532 case PKCS11_CKA_NEVER_EXTRACTABLE: 1533 case PKCS11_CKA_ALWAYS_SENSITIVE: 1534 return false; 1535 default: 1536 return false; 1537 } 1538 } 1539 1540 static bool attribute_is_modifiable(struct pkcs11_session *session, 1541 struct pkcs11_attribute_head *req_attr, 1542 struct pkcs11_object *obj, 1543 enum pkcs11_class_id class, 1544 enum processing_func function) 1545 { 1546 /* Check modifiable attributes common to any object */ 1547 switch (req_attr->id) { 1548 case PKCS11_CKA_LABEL: 1549 return true; 1550 case PKCS11_CKA_TOKEN: 1551 case PKCS11_CKA_MODIFIABLE: 1552 case PKCS11_CKA_DESTROYABLE: 1553 case PKCS11_CKA_PRIVATE: 1554 return function == PKCS11_FUNCTION_COPY; 1555 case PKCS11_CKA_COPYABLE: 1556 /* 1557 * Specification mentions that if the attribute value is false 1558 * it can't be set to true. Reading this we assume that it 1559 * should be possible to modify this attribute even though this 1560 * is not marked as modifiable in Table 10 if done in right 1561 * direction i.e from TRUE -> FALSE. 1562 */ 1563 return get_bool(obj->attributes, req_attr->id); 1564 default: 1565 break; 1566 } 1567 1568 /* Attribute checking based on class type */ 1569 switch (class) { 1570 case PKCS11_CKO_SECRET_KEY: 1571 case PKCS11_CKO_PUBLIC_KEY: 1572 case PKCS11_CKO_PRIVATE_KEY: 1573 if (attr_is_modifiable_any_key(req_attr)) 1574 return true; 1575 if (class == PKCS11_CKO_SECRET_KEY && 1576 attr_is_modifiable_secret_key(req_attr, session, obj)) 1577 return true; 1578 if (class == PKCS11_CKO_PUBLIC_KEY && 1579 attr_is_modifiable_public_key(req_attr, session, obj)) 1580 return true; 1581 if (class == PKCS11_CKO_PRIVATE_KEY && 1582 attr_is_modifiable_private_key(req_attr, session, obj)) 1583 return true; 1584 break; 1585 case PKCS11_CKO_DATA: 1586 /* None of the data object attributes are modifiable */ 1587 return false; 1588 default: 1589 break; 1590 } 1591 1592 return false; 1593 } 1594 1595 enum pkcs11_rc check_attrs_against_modification(struct pkcs11_session *session, 1596 struct obj_attrs *head, 1597 struct pkcs11_object *obj, 1598 enum processing_func function) 1599 { 1600 enum pkcs11_class_id class = PKCS11_CKO_UNDEFINED_ID; 1601 char *cur = NULL; 1602 char *end = NULL; 1603 size_t len = 0; 1604 1605 class = get_class(obj->attributes); 1606 1607 cur = (char *)head + sizeof(struct obj_attrs); 1608 end = cur + head->attrs_size; 1609 1610 for (; cur < end; cur += len) { 1611 /* Structure aligned copy of the pkcs11_ref in the object */ 1612 struct pkcs11_attribute_head cli_ref = { }; 1613 1614 TEE_MemMove(&cli_ref, cur, sizeof(cli_ref)); 1615 len = sizeof(cli_ref) + cli_ref.size; 1616 1617 /* 1618 * Check 1 - Check if attribute belongs to the object 1619 * The obj->attributes has all the attributes in 1620 * it which are allowed for an object. 1621 */ 1622 if (get_attribute_ptr(obj->attributes, cli_ref.id, NULL, 1623 NULL) == PKCS11_RV_NOT_FOUND) 1624 return PKCS11_CKR_ATTRIBUTE_TYPE_INVALID; 1625 1626 /* Check 2 - Is attribute modifiable */ 1627 if (!attribute_is_modifiable(session, &cli_ref, obj, class, 1628 function)) 1629 return PKCS11_CKR_ATTRIBUTE_READ_ONLY; 1630 1631 /* 1632 * Checks for modification in PKCS11_CKA_TOKEN and 1633 * PKCS11_CKA_PRIVATE are required for PKCS11_FUNCTION_COPY 1634 * only, so skip them for PKCS11_FUNCTION_MODIFY. 1635 */ 1636 if (function == PKCS11_FUNCTION_MODIFY) 1637 continue; 1638 1639 /* 1640 * An attempt to copy an object to a token will fail for 1641 * RO session 1642 */ 1643 if (cli_ref.id == PKCS11_CKA_TOKEN && 1644 get_bool(head, PKCS11_CKA_TOKEN)) { 1645 if (!pkcs11_session_is_read_write(session)) { 1646 DMSG("Can't copy to token in a RO session"); 1647 return PKCS11_CKR_SESSION_READ_ONLY; 1648 } 1649 } 1650 1651 if (cli_ref.id == PKCS11_CKA_PRIVATE) { 1652 bool parent_priv = 1653 get_bool(obj->attributes, cli_ref.id); 1654 bool obj_priv = get_bool(head, cli_ref.id); 1655 1656 /* 1657 * If PKCS11_CKA_PRIVATE is being set to TRUE from 1658 * FALSE, user has to be logged in 1659 */ 1660 if (!parent_priv && obj_priv) { 1661 if ((pkcs11_session_is_public(session) || 1662 pkcs11_session_is_so(session))) 1663 return PKCS11_CKR_USER_NOT_LOGGED_IN; 1664 } 1665 1666 /* 1667 * Restriction added - Even for Copy, do not allow 1668 * modification of CKA_PRIVATE from TRUE to FALSE 1669 */ 1670 if (parent_priv && !obj_priv) 1671 return PKCS11_CKR_TEMPLATE_INCONSISTENT; 1672 } 1673 } 1674 1675 return PKCS11_CKR_OK; 1676 } 1677 1678 static enum pkcs11_rc set_secret_key_data(struct obj_attrs **head, void *data, 1679 size_t key_size) 1680 { 1681 uint32_t size = sizeof(uint32_t); 1682 uint32_t key_length = 0; 1683 enum pkcs11_rc rc = PKCS11_CKR_GENERAL_ERROR; 1684 1685 /* Get key size if present in template */ 1686 rc = get_attribute(*head, PKCS11_CKA_VALUE_LEN, &key_length, &size); 1687 if (rc && rc != PKCS11_RV_NOT_FOUND) 1688 return rc; 1689 1690 if (key_length) { 1691 if (key_size < key_length) 1692 return PKCS11_CKR_DATA_LEN_RANGE; 1693 } else { 1694 key_length = key_size; 1695 rc = set_attribute(head, PKCS11_CKA_VALUE_LEN, &key_length, 1696 sizeof(uint32_t)); 1697 if (rc) 1698 return rc; 1699 } 1700 1701 /* Now we can check the VALUE_LEN field */ 1702 rc = check_created_attrs(*head, NULL); 1703 if (rc) 1704 return rc; 1705 1706 /* Remove the default empty value attribute if found */ 1707 rc = remove_empty_attribute(head, PKCS11_CKA_VALUE); 1708 if (rc != PKCS11_CKR_OK && rc != PKCS11_RV_NOT_FOUND) 1709 return PKCS11_CKR_GENERAL_ERROR; 1710 1711 return add_attribute(head, PKCS11_CKA_VALUE, data, key_length); 1712 } 1713 1714 enum pkcs11_rc set_key_data(struct obj_attrs **head, void *data, 1715 size_t key_size) 1716 { 1717 switch (get_class(*head)) { 1718 case PKCS11_CKO_SECRET_KEY: 1719 return set_secret_key_data(head, data, key_size); 1720 default: 1721 return PKCS11_CKR_GENERAL_ERROR; 1722 } 1723 } 1724