From df874a780108fa1390e4cb99144b9acb0667f76b Mon Sep 17 00:00:00 2001 From: Ingo Franzki Date: Fri, 4 Nov 2022 11:33:50 +0100 Subject: [PATCH 33/34] EP11: Supply CKA_PUBLIC_KEY_INFO with CKM_IBM_BTC_DERIVE of private key When deriving a private EC key with the CKM_IBM_BTC_DERIVE mechanism, also supply the SPKI in the CKA_PUBLIC_KEY_INFO attribute. To get the SPKI, use m_GetAttributeValue() with CKA_PUBLIC_KEY_INFO. On newer EP11 host libraries this returns the SPKI of the corresponding public key of the private key blob. In case the EP11 host library fails to get the SPKI from the blob, ignore and do not supply an SPKI. Signed-off-by: Ingo Franzki --- usr/lib/ep11_stdll/ep11_specific.c | 266 +++++++++++++++++++++++-------------- 1 file changed, 168 insertions(+), 98 deletions(-) diff --git a/usr/lib/ep11_stdll/ep11_specific.c b/usr/lib/ep11_stdll/ep11_specific.c index 9efce053..d4ece223 100644 --- a/usr/lib/ep11_stdll/ep11_specific.c +++ b/usr/lib/ep11_stdll/ep11_specific.c @@ -5316,7 +5316,148 @@ static CK_RV ep11tok_kyber_mech_post_process(STDLL_TokData_t *tokdata, return CKR_OK; } -CK_RV ep11tok_derive_key(STDLL_TokData_t * tokdata, SESSION * session, +static CK_RV ep11tok_btc_mech_pre_process(STDLL_TokData_t *tokdata, + OBJECT *key_obj, + CK_ATTRIBUTE **new_attrs, + CK_ULONG *new_attrs_len) +{ + CK_ATTRIBUTE *ec_params; + CK_ULONG i, privlen; + CK_RV rc; + + UNUSED(tokdata); + + /* + * CKM_IBM_BTC_DERIVE requires CKA_VALUE_LEN to specify the byte length + * of the to be derived EC key. CKA_VALUE_LEN is dependent on the + * curve used. + * CKA_VALUE_LEN can not be already in the user supplied template, + * since this is not allowed by the key template check routines. + */ + rc = template_attribute_get_non_empty(key_obj->template, CKA_EC_PARAMS, + &ec_params); + if (rc != CKR_OK) { + TRACE_ERROR("CKA_EC_PARAMS is required in derive template\n"); + return rc; + } + + for (i = 0; i < NUMEC; i++) { + if (der_ec_supported[i].data_size == ec_params->ulValueLen && + memcmp(ec_params->pValue, der_ec_supported[i].data, + ec_params->ulValueLen) == 0) { + privlen = (der_ec_supported[i].len_bits + 7) / 8; + rc = add_to_attribute_array(new_attrs, new_attrs_len, + CKA_VALUE_LEN, + (CK_BYTE_PTR)&privlen, + sizeof(privlen)); + if (rc != CKR_OK) { + TRACE_ERROR("Adding attribute failed type=CKA_VALUE_LEN " + "rc=0x%lx\n", rc); + return rc; + } + break; + } + } + + return CKR_OK; +} + +static CK_RV ep11tok_btc_mech_post_process(STDLL_TokData_t *tokdata, + SESSION *session, CK_MECHANISM *mech, + CK_ULONG class, CK_ULONG ktype, + OBJECT *key_obj, + CK_BYTE *blob, CK_ULONG bloblen, + CK_BYTE *csum, CK_ULONG cslen) +{ + CK_IBM_BTC_DERIVE_PARAMS *btc_params = NULL; + CK_BYTE *spki = NULL; + CK_ULONG spki_length = 0; + CK_BYTE buf[MAX_BLOBSIZE]; + CK_ATTRIBUTE get_attr[1] = {{ CKA_PUBLIC_KEY_INFO, &buf, sizeof(buf) }}; + CK_ATTRIBUTE *spki_attr = NULL; + CK_BBOOL allocated = FALSE; + CK_RV rc = CKR_OK; + + if (mech->ulParameterLen != sizeof(CK_IBM_BTC_DERIVE_PARAMS) || + mech->pParameter == NULL) { + TRACE_ERROR("%s Param NULL or len for %s wrong: %lu\n", + __func__, ep11_get_ckm(tokdata, mech->mechanism), + mech->ulParameterLen); + return CKR_MECHANISM_PARAM_INVALID; + } + + btc_params = (CK_IBM_BTC_DERIVE_PARAMS *)mech->pParameter; + + if (btc_params != NULL && btc_params->pChainCode != NULL && + cslen >= CK_IBM_BTC_CHAINCODE_LENGTH) { + memcpy(btc_params->pChainCode, csum, CK_IBM_BTC_CHAINCODE_LENGTH); + btc_params->ulChainCodeLen = CK_IBM_BTC_CHAINCODE_LENGTH; + } + + switch (class) { + case CKO_PUBLIC_KEY: + /* Derived blob is an SPKI, extract public EC key attributes */ + rc = ecdsa_priv_unwrap_get_data(key_obj->template, blob, bloblen); + if (rc != CKR_OK) { + TRACE_ERROR("%s ecdsa_priv_unwrap_get_data failed with " + "rc=0x%lx\n", __func__, rc); + return rc; + } + + /* Extract the SPKI and add CKA_PUBLIC_KEY_INFO to key */ + rc = publ_key_get_spki(key_obj->template, ktype, FALSE, + &spki, &spki_length); + if (rc != CKR_OK) { + TRACE_DEVEL("publ_key_get_spki failed\n"); + return rc; + } + + allocated = TRUE; + break; + + case CKO_PRIVATE_KEY: + RETRY_START(rc, tokdata) + rc = dll_m_GetAttributeValue(blob, bloblen, get_attr, 1, + target_info->target); + RETRY_END(rc, tokdata, session) + + /* Only newer EP11 libs support this, ignore if error */ + if (rc != CKR_OK) + return CKR_OK; + + spki = get_attr[0].pValue; + spki_length = get_attr[0].ulValueLen; + break; + + default: + /* do nothing */ + return CKR_OK; + } + + rc = build_attribute(CKA_PUBLIC_KEY_INFO, spki, spki_length, + &spki_attr); + if (rc != CKR_OK) { + TRACE_ERROR("%s build_attribute failed with rc=0x%lx\n", + __func__, rc); + goto out; + } + + rc = template_update_attribute(key_obj->template, spki_attr); + if (rc != CKR_OK) { + TRACE_ERROR("%s template_update_attribute failed with rc=0x%lx\n", + __func__, rc); + free(spki_attr); + goto out; + } + +out: + if (allocated && spki != NULL) + free(spki); + + return rc; +} + +CK_RV ep11tok_derive_key(STDLL_TokData_t *tokdata, SESSION *session, CK_MECHANISM_PTR mech, CK_OBJECT_HANDLE hBaseKey, CK_OBJECT_HANDLE_PTR handle, CK_ATTRIBUTE_PTR attrs, CK_ULONG attrs_len) @@ -5345,17 +5486,12 @@ CK_RV ep11tok_derive_key(STDLL_TokData_t * tokdata, SESSION * session, CK_ULONG ecpoint_len, field_len, key_len = 0; CK_ATTRIBUTE *new_attrs1 = NULL, *new_attrs2 = NULL; CK_ULONG new_attrs1_len = 0, new_attrs2_len = 0; - CK_ULONG privlen, i; + CK_ULONG privlen; int curve_type; CK_BBOOL allocated = FALSE; ep11_target_info_t* target_info; CK_ULONG used_firmware_API_version; CK_MECHANISM_PTR mech_orig = mech; - CK_ATTRIBUTE *ec_params; - CK_IBM_BTC_DERIVE_PARAMS *btc_params = NULL; - CK_BYTE *spki = NULL; - CK_ULONG spki_length = 0; - CK_ATTRIBUTE *spki_attr = NULL; struct EP11_KYBER_MECH mech_ep11; OBJECT *kyber_secret_obj = NULL; @@ -5476,18 +5612,6 @@ CK_RV ep11tok_derive_key(STDLL_TokData_t * tokdata, SESSION * session, } } - if (mech->mechanism == CKM_IBM_BTC_DERIVE) { - if (mech->ulParameterLen != sizeof(CK_IBM_BTC_DERIVE_PARAMS) || - mech->pParameter == NULL) { - TRACE_ERROR("%s Param NULL or len for %s wrong: %lu\n", - __func__, ep11_get_ckm(tokdata, mech->mechanism), - mech->ulParameterLen); - return CKR_MECHANISM_PARAM_INVALID; - } - - btc_params = (CK_IBM_BTC_DERIVE_PARAMS *)mech->pParameter; - } - rc = h_opaque_2_blob(tokdata, hBaseKey, &keyblob, &keyblobsize, &base_key_obj, READ_LOCK); if (rc != CKR_OK) { @@ -5605,46 +5729,24 @@ CK_RV ep11tok_derive_key(STDLL_TokData_t * tokdata, SESSION * session, goto error; } - if (mech->mechanism == CKM_IBM_BTC_DERIVE) { - /* - * CKM_IBM_BTC_DERIVE requires CKA_VALUE_LEN to specify the byte length - * of the to be derived EC key. CKA_VALUE_LEN is dependent on the - * curve used. - * CKA_VALUE_LEN can not be already in the user supplied template, - * since this is not allowed by the key template check routines. - */ - rc = template_attribute_get_non_empty(key_obj->template, CKA_EC_PARAMS, - &ec_params); - if (rc != CKR_OK) { - TRACE_ERROR("CKA_EC_PARAMS is required in derive template\n"); + switch (mech->mechanism) { + case CKM_IBM_BTC_DERIVE: + rc = ep11tok_btc_mech_pre_process(tokdata, key_obj, &new_attrs2, + &new_attrs2_len); + if (rc != CKR_OK) goto error; - } - - for (i = 0; i < NUMEC; i++) { - if (der_ec_supported[i].data_size == ec_params->ulValueLen && - memcmp(ec_params->pValue, der_ec_supported[i].data, - ec_params->ulValueLen) == 0) { - privlen = (der_ec_supported[i].len_bits + 7) / 8; - rc = add_to_attribute_array(&new_attrs2, &new_attrs2_len, - CKA_VALUE_LEN, - (CK_BYTE_PTR)&privlen, - sizeof(privlen)); - if (rc != CKR_OK) { - TRACE_ERROR("Adding attribute failed type=CKA_VALUE_LEN " - "rc=0x%lx\n", rc); - goto error; - } - break; - } - } - } + break; - if (mech->mechanism == CKM_IBM_KYBER) { + case CKM_IBM_KYBER: rc = ep11tok_kyber_mech_pre_process(tokdata, mech, &mech_ep11, &kyber_secret_obj); if (rc != CKR_OK) goto error; mech = &mech_ep11.mech; + break; + + default: + break; } trace_attributes(__func__, "Derive:", new_attrs2, new_attrs2_len); @@ -5695,47 +5797,6 @@ CK_RV ep11tok_derive_key(STDLL_TokData_t * tokdata, SESSION * session, } opaque_attr = NULL; - if (mech->mechanism == CKM_IBM_BTC_DERIVE && - btc_params != NULL && btc_params->pChainCode != NULL && - cslen >= CK_IBM_BTC_CHAINCODE_LENGTH) { - memcpy(btc_params->pChainCode, csum, CK_IBM_BTC_CHAINCODE_LENGTH); - btc_params->ulChainCodeLen = CK_IBM_BTC_CHAINCODE_LENGTH; - } - - if (mech->mechanism == CKM_IBM_BTC_DERIVE && class == CKO_PUBLIC_KEY) { - /* Derived blob is an SPKI, extract public EC key attributes */ - rc = ecdsa_priv_unwrap_get_data(key_obj->template, - newblob, newblobsize); - if (rc != CKR_OK) { - TRACE_ERROR("%s ecdsa_priv_unwrap_get_data failed with rc=0x%lx\n", - __func__, rc); - goto error; - } - - /* Extract the SPKI and add CKA_PUBLIC_KEY_INFO to key */ - rc = publ_key_get_spki(key_obj->template, ktype, FALSE, - &spki, &spki_length); - if (rc != CKR_OK) { - TRACE_DEVEL("publ_key_get_spki failed\n"); - goto error; - } - - rc = build_attribute(CKA_PUBLIC_KEY_INFO, spki, spki_length, &spki_attr); - if (rc != CKR_OK) { - TRACE_ERROR("%s build_attribute failed with rc=0x%lx\n", - __func__, rc); - goto error; - } - - rc = template_update_attribute(key_obj->template, spki_attr); - if (rc != CKR_OK) { - TRACE_ERROR("%s template_update_attribute failed with " - "rc=0x%lx\n", __func__, rc); - goto error; - } - spki_attr = NULL; - } - if (class == CKO_SECRET_KEY || class == CKO_PRIVATE_KEY) { rc = update_ep11_attrs_from_blob(tokdata, session, key_obj->template); if (rc != CKR_OK) { @@ -5745,10 +5806,23 @@ CK_RV ep11tok_derive_key(STDLL_TokData_t * tokdata, SESSION * session, } } - if (mech->mechanism == CKM_IBM_KYBER) { + switch (mech->mechanism) { + case CKM_IBM_BTC_DERIVE: + rc = ep11tok_btc_mech_post_process(tokdata, session, mech, class, ktype, + key_obj, newblob, newblobsize, + csum, cslen); + if (rc != CKR_OK) + goto error; + break; + + case CKM_IBM_KYBER: rc = ep11tok_kyber_mech_post_process(tokdata, mech_orig, csum, cslen); if (rc != CKR_OK) goto error; + break; + + default: + break; } if (class == CKO_SECRET_KEY && cslen >= EP11_CSUMSIZE) { @@ -5792,10 +5866,6 @@ error: free(opaque_attr); if (chk_attr != NULL) free(chk_attr); - if (spki_attr != NULL) - free(spki_attr); - if (spki != NULL) - free(spki); if (new_attrs) free_attribute_array(new_attrs, new_attrs_len); if (new_attrs1) -- 2.16.2.windows.1