Skip to content
This repository has been archived by the owner on Dec 8, 2022. It is now read-only.

PKCS 11 Multi Acc Auth #2338

Merged
merged 1 commit into from
Aug 10, 2020
Merged

PKCS 11 Multi Acc Auth #2338

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 10 additions & 2 deletions libraries/abstractions/pkcs11/mbedtls/iot_pkcs11_mbedtls.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,6 @@
#include "mbedtls_error.h"

/* C runtime includes. */
#include <stdio.h>
#include <string.h>

/*-----------------------------------------------------------*/
Expand Down Expand Up @@ -1172,18 +1171,26 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext,
CK_OBJECT_HANDLE xPalHandle = CK_INVALID_HANDLE;
uint32_t ulDerBufSize = 0;

/* See explanation in prvCheckValidSessionAndModule for this exception. */
/* coverity[misra_c_2012_rule_10_5_violation] */
if( ( xKeyType == CKK_EC ) && ( xIsPrivate == ( CK_BBOOL ) CK_TRUE ) )
{
ulDerBufSize = pkcs11_MAX_EC_PRIVATE_KEY_DER_SIZE;
}
/* See explanation in prvCheckValidSessionAndModule for this exception. */
/* coverity[misra_c_2012_rule_10_5_violation] */
else if( ( xKeyType == CKK_EC ) && ( xIsPrivate == ( CK_BBOOL ) CK_FALSE ) )
{
ulDerBufSize = pkcs11_MAX_EC_PUBLIC_KEY_DER_SIZE;
}
/* See explanation in prvCheckValidSessionAndModule for this exception. */
/* coverity[misra_c_2012_rule_10_5_violation] */
else if( ( xKeyType == CKK_RSA ) && ( xIsPrivate == ( CK_BBOOL ) CK_TRUE ) )
{
ulDerBufSize = pkcs11_MAX_PRIVATE_KEY_DER_SIZE;
}
/* See explanation in prvCheckValidSessionAndModule for this exception. */
/* coverity[misra_c_2012_rule_10_5_violation] */
else if( ( xKeyType == CKK_RSA ) && ( xIsPrivate == ( CK_BBOOL ) CK_FALSE ) )
{
ulDerBufSize = pkcs11_MAX_PUBLIC_KEY_DER_SIZE;
Expand Down Expand Up @@ -1211,7 +1218,7 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext,
}
/* See explanation in prvCheckValidSessionAndModule for this exception. */
/* coverity[misra_c_2012_rule_10_5_violation] */
else if( ( xResult == CKR_OK ) && ( xIsPrivate == ( CK_BBOOL ) CK_FALSE ) )
else if( ( xResult == CKR_OK ) )
{
lDerKeyLength = mbedtls_pk_write_pubkey_der( pxMbedContext, pxDerKey, ulDerBufSize );
}
Expand Down Expand Up @@ -2762,6 +2769,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE hSession,

break;

case CKA_PUBLIC_KEY_INFO:
case CKA_VALUE:

/* See explanation in prvCheckValidSessionAndModule for this exception. */
Expand Down
110 changes: 55 additions & 55 deletions libraries/abstractions/pkcs11/test/MBT_C_GenerateKeyPair.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,19 +60,19 @@ void C_GenerateKeyPair_normal_behavior()

CK_ATTRIBUTE publicKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
};

CK_ATTRIBUTE privateKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
};

pPublicKeyTempalte = publicKeyTemplate;
Expand Down Expand Up @@ -123,19 +123,19 @@ void C_GenerateKeyPair_exceptional_behavior_1()

CK_ATTRIBUTE publicKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
};

CK_ATTRIBUTE privateKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
};

pPublicKeyTempalte = publicKeyTemplate;
Expand Down Expand Up @@ -170,19 +170,19 @@ void C_GenerateKeyPair_exceptional_behavior_2()

CK_ATTRIBUTE publicKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
};

CK_ATTRIBUTE privateKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
};

pPublicKeyTempalte = publicKeyTemplate;
Expand Down Expand Up @@ -217,19 +217,19 @@ void C_GenerateKeyPair_exceptional_behavior_3()

CK_ATTRIBUTE publicKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
};

CK_ATTRIBUTE privateKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
};

pPublicKeyTempalte = publicKeyTemplate;
Expand Down Expand Up @@ -264,20 +264,20 @@ void C_GenerateKeyPair_exceptional_behavior_4()

CK_ATTRIBUTE publicKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_VERIFY, &xCkFalse, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_VERIFY, &xGlobalCkFalse, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
};

CK_ATTRIBUTE privateKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
};

pPublicKeyTempalte = publicKeyTemplate;
Expand Down Expand Up @@ -312,19 +312,19 @@ void C_GenerateKeyPair_exceptional_behavior_5()

CK_ATTRIBUTE publicKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_VERIFY, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_EC_PARAMS, xEcParams, sizeof( xEcParams ) },
{ CKA_LABEL, pubLabel, strlen( pubLabel ) }
};

CK_ATTRIBUTE privateKeyTemplate[] =
{
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
{ CKA_KEY_TYPE, &xKeyType, sizeof( xKeyType ) },
{ CKA_TOKEN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_PRIVATE, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_SIGN, &xGlobalCkTrue, sizeof( CK_BBOOL ) },
{ CKA_LABEL, privLabel, strlen( privLabel ) }
};

pPublicKeyTempalte = publicKeyTemplate;
Expand Down
12 changes: 6 additions & 6 deletions libraries/abstractions/pkcs11/test/MBT_C_GetAttributeValue.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
void C_GetAttributeValue_normal_behavior()
{
CK_SESSION_HANDLE hSession = xGlobalSession;
CK_OBJECT_HANDLE hObject = xPrivateKey;
CK_OBJECT_HANDLE hObject = xGlobalPrivateKeyHandle;
CK_ATTRIBUTE_PTR pTemplate;
CK_ULONG ulCount = 1;

Expand All @@ -57,7 +57,7 @@ void C_GetAttributeValue_normal_behavior()
void C_GetAttributeValue_exceptional_behavior_0()
{
CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE;
CK_OBJECT_HANDLE hObject = xPrivateKey;
CK_OBJECT_HANDLE hObject = xGlobalPrivateKeyHandle;
CK_ATTRIBUTE_PTR pTemplate;
CK_ULONG ulCount = 1;

Expand Down Expand Up @@ -97,7 +97,7 @@ void C_GetAttributeValue_exceptional_behavior_1()
void C_GetAttributeValue_exceptional_behavior_2()
{
CK_SESSION_HANDLE hSession = xGlobalSession;
CK_OBJECT_HANDLE hObject = xPrivateKey;
CK_OBJECT_HANDLE hObject = xGlobalPrivateKeyHandle;
CK_ATTRIBUTE_PTR pTemplate;
CK_ULONG ulCount = 1;

Expand All @@ -117,7 +117,7 @@ void C_GetAttributeValue_exceptional_behavior_2()
void C_GetAttributeValue_exceptional_behavior_3()
{
CK_SESSION_HANDLE hSession = xGlobalSession;
CK_OBJECT_HANDLE hObject = xPrivateKey;
CK_OBJECT_HANDLE hObject = xGlobalPrivateKeyHandle;
CK_ATTRIBUTE_PTR pTemplate;
CK_ULONG ulCount = 1;

Expand All @@ -137,7 +137,7 @@ void C_GetAttributeValue_exceptional_behavior_3()
void C_GetAttributeValue_exceptional_behavior_4()
{
CK_SESSION_HANDLE hSession = xGlobalSession;
CK_OBJECT_HANDLE hObject = xPrivateKey;
CK_OBJECT_HANDLE hObject = xGlobalPrivateKeyHandle;
CK_ATTRIBUTE_PTR pTemplate = NULL_PTR;
CK_ULONG ulCount = 1;

Expand All @@ -149,7 +149,7 @@ void C_GetAttributeValue_exceptional_behavior_4()
void C_GetAttributeValue_exceptional_behavior_5()
{
CK_SESSION_HANDLE hSession = xGlobalSession;
CK_OBJECT_HANDLE hObject = xPrivateKey;
CK_OBJECT_HANDLE hObject = xGlobalPrivateKeyHandle;
CK_ATTRIBUTE_PTR pTemplate;
CK_ULONG ulCount = 1;

Expand Down
10 changes: 5 additions & 5 deletions libraries/abstractions/pkcs11/test/MBT_C_Sign.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ void C_Sign_normal_behavior()
CK_BYTE_PTR pSignature;
CK_ULONG_PTR pulSignatureLen;

if( xMechanismType == CKM_RSA_PKCS )
if( xGlobalMechanismType == CKM_RSA_PKCS )
{
vAppendSHA256AlgorithmIdentifierSequence( rsaHashedMessage, rsaHashPlusOid );
pData = rsaHashPlusOid;
Expand Down Expand Up @@ -74,7 +74,7 @@ void C_Sign_exceptional_behavior_0()
CK_BYTE_PTR pSignature;
CK_ULONG_PTR pulSignatureLen;

if( xMechanismType == CKM_RSA_PKCS )
if( xGlobalMechanismType == CKM_RSA_PKCS )
{
vAppendSHA256AlgorithmIdentifierSequence( rsaHashedMessage, rsaHashPlusOid );
pData = rsaHashPlusOid;
Expand Down Expand Up @@ -104,7 +104,7 @@ void C_Sign_exceptional_behavior_1()
CK_BYTE_PTR pSignature;
CK_ULONG_PTR pulSignatureLen;

if( xMechanismType == CKM_RSA_PKCS )
if( xGlobalMechanismType == CKM_RSA_PKCS )
{
vAppendSHA256AlgorithmIdentifierSequence( rsaHashedMessage, rsaHashPlusOid );
pData = rsaHashPlusOid;
Expand Down Expand Up @@ -134,7 +134,7 @@ void C_Sign_exceptional_behavior_2()
CK_BYTE_PTR pSignature;
CK_ULONG_PTR pulSignatureLen;

if( xMechanismType == CKM_RSA_PKCS )
if( xGlobalMechanismType == CKM_RSA_PKCS )
{
vAppendSHA256AlgorithmIdentifierSequence( rsaHashedMessage, rsaHashPlusOid );
pData = rsaHashPlusOid;
Expand Down Expand Up @@ -177,7 +177,7 @@ void C_Sign_exceptional_behavior_4()
CK_BYTE_PTR pSignature;
CK_ULONG_PTR pulSignatureLen;

if( xMechanismType == CKM_RSA_PKCS )
if( xGlobalMechanismType == CKM_RSA_PKCS )
{
vAppendSHA256AlgorithmIdentifierSequence( rsaHashedMessage, rsaHashPlusOid );
pData = rsaHashPlusOid;
Expand Down
Loading