Gitiles
Code Review Sign In
gerrit.nordix.org / onap / aaf / sshsm / 0c89b3ccba7c9b7332ab67ae1936aff51ca62367 / . / SoftHSMv2 / src / lib / P11Objects.cpp
blob: c58d4ec4ccc9daba1a8b8ddaa475d9253fd747c0 [file] [log] [blame]
NingSun0c89b3c2018-02-08 08:34:03 -0800[diff] [blame^]1/*
2 * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation)
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
18 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
20 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
21 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
22 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
23 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
24 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27/*****************************************************************************
28 P11Objects.cpp
29
30 This class respresent a PKCS#11 object
31 *****************************************************************************/
32
33#include "config.h"
34#include "P11Objects.h"
35#include <stdio.h>
36#include <stdlib.h>
37
38// Constructor
39P11Object::P11Object()
40{
41 initialized = false;
42 osobject = NULL;
43}
44
45// Destructor
46P11Object::~P11Object()
47{
48 std::map<CK_ATTRIBUTE_TYPE, P11Attribute*> cleanUp = attributes;
49 attributes.clear();
50
51 for (std::map<CK_ATTRIBUTE_TYPE, P11Attribute*>::iterator i = cleanUp.begin(); i != cleanUp.end(); i++)
52 {
53 if (i->second == NULL)
54 {
55 continue;
56 }
57
58 delete i->second;
59 i->second = NULL;
60 }
61}
62
63// Add attributes
64bool P11Object::init(OSObject *inobject)
65{
66 if (initialized) return true;
67 if (inobject == NULL) return false;
68
69 osobject = inobject;
70
71 // Create attributes
72 P11Attribute* attrClass = new P11AttrClass(osobject);
73 P11Attribute* attrToken = new P11AttrToken(osobject);
74 P11Attribute* attrPrivate = new P11AttrPrivate(osobject);
75 P11Attribute* attrModifiable = new P11AttrModifiable(osobject);
76 P11Attribute* attrLabel = new P11AttrLabel(osobject);
77 P11Attribute* attrCopyable = new P11AttrCopyable(osobject);
78 P11Attribute* attrDestroyable = new P11AttrDestroyable(osobject);
79
80 // Initialize the attributes
81 if
82 (
83 !attrClass->init() ||
84 !attrToken->init() ||
85 !attrPrivate->init() ||
86 !attrModifiable->init() ||
87 !attrLabel->init() ||
88 !attrCopyable->init() ||
89 !attrDestroyable->init()
90 )
91 {
92 ERROR_MSG("Could not initialize the attribute");
93 delete attrClass;
94 delete attrToken;
95 delete attrPrivate;
96 delete attrModifiable;
97 delete attrLabel;
98 delete attrCopyable;
99 delete attrDestroyable;
100 return false;
101 }
102
103 // Add them to the map
104 attributes[attrClass->getType()] = attrClass;
105 attributes[attrToken->getType()] = attrToken;
106 attributes[attrPrivate->getType()] = attrPrivate;
107 attributes[attrModifiable->getType()] = attrModifiable;
108 attributes[attrLabel->getType()] = attrLabel;
109 attributes[attrCopyable->getType()] = attrCopyable;
110 attributes[attrDestroyable->getType()] = attrDestroyable;
111
112 initialized = true;
113 return true;
114}
115
116CK_RV P11Object::loadTemplate(Token *token, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount)
117{
118 bool isPrivate = this->isPrivate();
119
120 // [PKCS#11 v2.40, C_GetAttributeValue]
121 // 1. If the specified attribute (i.e., the attribute specified by the
122 // type field) for the object cannot be revealed because the object
123 // is sensitive or unextractable, then the ulValueLen field in that
124 // triple is modified to hold the value CK_UNAVAILABLE_INFORMATION.
125 //
126 // 2. Otherwise, if the specified value for the object is invalid (the
127 // object does not possess such an attribute), then the ulValueLen
128 // field in that triple is modified to hold the value
129 // CK_UNAVAILABLE_INFORMATION.
130 //
131 // 3. Otherwise, if the pValue field has the value NULL_PTR, then the
132 // ulValueLen field is modified to hold the exact length of the
133 // specified attribute for the object.
134 //
135 // 4. Otherwise, if the length specified in ulValueLen is large enough
136 // to hold the value of the specified attribute for the object,
137 // then that attribute is copied into the buffer located at pValue,
138 // and the ulValueLen field is modified to hold the exact length of
139 // the attribute.
140 //
141 // 5. Otherwise, the ulValueLen field is modified to hold the value
142 // CK_UNAVAILABLE_INFORMATION.
143
144 bool invalid = false, sensitive = false, buffer_too_small = false;
145
146 // If case 3 or 4 applies to all the requested attributes, then the call will return CKR_OK.
147 for (CK_ULONG i = 0; i < ulAttributeCount; ++i)
148 {
149 P11Attribute* attr = attributes[pTemplate[i].type];
150
151 // case 2 of the attribute checks
152 if (attr == NULL) {
153 pTemplate[i].ulValueLen = CK_UNAVAILABLE_INFORMATION;
154 // If case 2 applies to any of the requested attributes, then the call should
155 // return the value CKR_ATTRIBUTE_TYPE_INVALID.
156 invalid = true;
157 continue;
158 }
159
160 // case 1,3,4 and 5 of the attribute checks are done while retrieving the attribute itself.
161 CK_RV retrieve_rv = attr->retrieve(token, isPrivate, pTemplate[i].pValue, &pTemplate[i].ulValueLen);
162 if (retrieve_rv == CKR_ATTRIBUTE_SENSITIVE) {
163 // If case 1 applies to any of the requested attributes, then the call should
164 // return the value CKR_ATTRIBUTE_SENSITIVE.
165 sensitive = true;
166 } else if (retrieve_rv == CKR_BUFFER_TOO_SMALL) {
167 // If case 5 applies to any of the requested attributes, then the call should
168 // return the value CKR_BUFFER_TOO_SMALL.
169 buffer_too_small = true;
170 } else if (retrieve_rv != CKR_OK) {
171 return CKR_GENERAL_ERROR;
172 }
173
174 }
175
176 // As usual if more than one of these error codes is applicable, Cryptoki may
177 // return any of them. Only if none of them applies to any of the requested
178 // attributes will CKR_OK be returned. We choose to return the errors in
179 // the following priority, which is probably the most useful order.
180 if (sensitive)
181 return CKR_ATTRIBUTE_SENSITIVE;
182 if (invalid)
183 return CKR_ATTRIBUTE_TYPE_INVALID;
184 if (buffer_too_small)
185 return CKR_BUFFER_TOO_SMALL;
186 return CKR_OK;
187}
188
189// Save template
190CK_RV P11Object::saveTemplate(Token *token, bool isPrivate, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, int op)
191{
192 if (osobject == NULL)
193 return CKR_GENERAL_ERROR;
194 if (osobject->startTransaction() == false)
195 return CKR_GENERAL_ERROR;
196
197 if (op == OBJECT_OP_SET)
198 {
199 if (!isModifiable())
200 {
201 osobject->abortTransaction();
202 return CKR_ACTION_PROHIBITED;
203 }
204 }
205
206 // [PKCS#11 v2.40, 4.1.3 Copying objects] OBJECT_OP_COPY
207 // If the CKA_COPYABLE attribute of the object to be copied is set
208 // to CK_FALSE, C_CopyObject returns CKR_ACTION_PROHIBITED.
209 if (op == OBJECT_OP_COPY)
210 {
211 if (!isCopyable())
212 {
213 osobject->abortTransaction();
214 return CKR_ACTION_PROHIBITED;
215 }
216 }
217
218 for (CK_ULONG i = 0; i < ulAttributeCount; i++)
219 {
220 // [PKCS#11 v2.40, 4.1.1 Creating objects] OBJECT_OP_CREATE | OBJECT_OP_SET | OBJECT_OP_COPY
221 // 1. If the supplied template specifies a value for an invalid attribute, then the attempt
222 // should fail with the error code CKR_ATTRIBUTE_TYPE_INVALID. An attribute
223 // is valid if it is either one of the attributes described in the Cryptoki specification or an
224 // additional vendor-specific attribute supported by the library and token.
225 P11Attribute* attr = attributes[pTemplate[i].type];
226
227 if (attr == NULL)
228 {
229 osobject->abortTransaction();
230 return CKR_ATTRIBUTE_TYPE_INVALID;
231 }
232
233 // Additonal checks are done while updating the attributes themselves.
234 CK_RV rv = attr->update(token,isPrivate, pTemplate[i].pValue, pTemplate[i].ulValueLen, op);
235 if (rv != CKR_OK)
236 {
237 osobject->abortTransaction();
238 return rv;
239 }
240 }
241
242 // [PKCS#11 v2.40, 4.1.1 Creating objects]
243 // 4. If the attribute values in the supplied template, together with any default attribute
244 // values and any attribute values contributed to the object by the object-creation
245 // function itself, are insufficient to fully specify the object to create, then the attempt
246 // should fail with the error code CKR_TEMPLATE_INCOMPLETE.
247
248 // All attributes that have to be specified are marked as such in the specification.
249 // The following checks are relevant here:
250 for (std::map<CK_ATTRIBUTE_TYPE, P11Attribute*>::iterator i = attributes.begin(); i != attributes.end(); i++)
251 {
252 CK_ULONG checks = i->second->getChecks();
253
254 // ck1 MUST be specified when object is created with C_CreateObject.
255 // ck3 MUST be specified when object is generated with C_GenerateKey or C_GenerateKeyPair.
256 // ck5 MUST be specified when object is unwrapped with C_UnwrapKey.
257 if (((checks & P11Attribute::ck1) == P11Attribute::ck1 && op == OBJECT_OP_CREATE) ||
258 ((checks & P11Attribute::ck3) == P11Attribute::ck3 && op == OBJECT_OP_GENERATE) ||
259 ((checks & P11Attribute::ck5) == P11Attribute::ck5 && op == OBJECT_OP_UNWRAP))
260 {
261 bool isSpecified = false;
262
263 for (CK_ULONG n = 0; n < ulAttributeCount; n++)
264 {
265 if (i->first == pTemplate[n].type)
266 {
267 isSpecified = true;
268 break;
269 }
270 }
271
272 if (!isSpecified)
273 {
274 ERROR_MSG("Mandatory attribute (0x%08X) was not specified in template", (unsigned int)i->first);
275
276 return CKR_TEMPLATE_INCOMPLETE;
277 }
278 }
279 }
280
281 // [PKCS#11 v2.40, 4.1.1 Creating objects]
282 // 5. If the attribute values in the supplied template, together with any default attribute
283 // values and any attribute values contributed to the object by the object-creation
284 // function itself, are inconsistent, then the attempt should fail with the error code
285 // CKR_TEMPLATE_INCONSISTENT. A set of attribute values is inconsistent if not
286 // all of its members can be satisfied simultaneously by the token, although each value
287 // individually is valid in Cryptoki. One example of an inconsistent template would be
288 // using a template which specifies two different values for the same attribute. Another
289 // example would be trying to create a secret key object with an attribute which is
290 // appropriate for various types of public keys or private keys, but not for secret keys.
291 // A final example would be a template with an attribute that violates some token
292 // specific requirement. Note that this final example of an inconsistent template is
293 // token-dependent—on a different token, such a template might not be inconsistent.
294
295 if (osobject->commitTransaction() == false)
296 {
297 return CKR_GENERAL_ERROR;
298 }
299
300 return CKR_OK;
301}
302
303bool P11Object::isPrivate()
304{
305 // Get the CKA_PRIVATE attribute, when the attribute is
306 // not present return the default value which we have
307 // chosen to be CK_FALSE.
308 if (!osobject->attributeExists(CKA_PRIVATE)) return false;
309
310 return osobject->getBooleanValue(CKA_PRIVATE, false);
311}
312
313bool P11Object::isCopyable()
314{
315 // Get the CKA_COPYABLE attribute, when the attribute is not
316 // present return the default value which is CK_TRUE.
317 if (!osobject->attributeExists(CKA_COPYABLE)) return true;
318
319 return osobject->getBooleanValue(CKA_COPYABLE, true);
320}
321
322bool P11Object::isModifiable()
323{
324 // Get the CKA_MODIFIABLE attribute, when the attribute is
325 // not present return the default value which is CK_TRUE.
326 if (!osobject->attributeExists(CKA_MODIFIABLE)) return true;
327
328 return osobject->getBooleanValue(CKA_MODIFIABLE, true);
329}
330
331// Constructor
332P11DataObj::P11DataObj()
333{
334 initialized = false;
335}
336
337// Add attributes
338bool P11DataObj::init(OSObject *inobject)
339{
340 if (initialized) return true;
341 if (inobject == NULL) return false;
342
343 // Set default values for attributes that will be introduced in the parent
344 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_DATA) {
345 OSAttribute setClass((unsigned long)CKO_DATA);
346 inobject->setAttribute(CKA_CLASS, setClass);
347 }
348
349 // Create parent
350 if (!P11Object::init(inobject)) return false;
351
352 // Create attributes
353 P11Attribute* attrApplication = new P11AttrApplication(osobject);
354 P11Attribute* attrObjectID = new P11AttrObjectID(osobject);
355 // NOTE: There is no mention in the PKCS#11 v2.40 spec that for a Data
356 // Object the CKA_VALUE attribute may be modified after creation!
357 // Therefore we assume it is not allowed to change the CKA_VALUE
358 // attribute of a Data Object.
359 P11Attribute* attrValue = new P11AttrValue(osobject,0);
360
361 // Initialize the attributes
362 if
363 (
364 !attrApplication->init() ||
365 !attrObjectID->init() ||
366 !attrValue->init()
367 )
368 {
369 ERROR_MSG("Could not initialize the attribute");
370 delete attrApplication;
371 delete attrObjectID;
372 delete attrValue;
373 return false;
374 }
375
376 // Add them to the map
377 attributes[attrApplication->getType()] = attrApplication;
378 attributes[attrObjectID->getType()] = attrObjectID;
379 attributes[attrValue->getType()] = attrValue;
380
381 initialized = true;
382 return true;
383}
384
385// Constructor
386P11CertificateObj::P11CertificateObj()
387{
388 initialized = false;
389}
390
391// Add attributes
392bool P11CertificateObj::init(OSObject *inobject)
393{
394 if (initialized) return true;
395 if (inobject == NULL) return false;
396
397 // Set default values for attributes that will be introduced in the parent
398 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_CERTIFICATE) {
399 OSAttribute setClass((unsigned long)CKO_CERTIFICATE);
400 inobject->setAttribute(CKA_CLASS, setClass);
401 }
402 // Make certificates public
403 if (!inobject->attributeExists(CKA_PRIVATE)) {
404 OSAttribute setPrivate(false);
405 inobject->setAttribute(CKA_PRIVATE, setPrivate);
406 }
407
408 // Create parent
409 if (!P11Object::init(inobject)) return false;
410
411 // Create attributes
412 P11Attribute* attrCertificateType = new P11AttrCertificateType(osobject);
413 P11Attribute* attrTrusted = new P11AttrTrusted(osobject);
414 P11Attribute* attrCertificateCategory = new P11AttrCertificateCategory(osobject);
415 // NOTE: Because these attributes are used in a certificate object
416 // where the CKA_VALUE containing the certificate data is not
417 // modifiable, we assume that this attribute is also not modifiable.
418 // There is also no explicit mention of these attributes being modifiable.
419 P11Attribute* attrCheckValue = new P11AttrCheckValue(osobject, 0);
420 P11Attribute* attrStartDate = new P11AttrStartDate(osobject,0);
421 P11Attribute* attrEndDate = new P11AttrEndDate(osobject,0);
422 // TODO: CKA_PUBLIC_KEY_INFO is accepted, but we do not calculate it.
423 P11Attribute* attrPublicKeyInfo = new P11AttrPublicKeyInfo(osobject,0);
424
425 // Initialize the attributes
426 if
427 (
428 !attrCertificateType->init() ||
429 !attrTrusted->init() ||
430 !attrCertificateCategory->init() ||
431 !attrCheckValue->init() ||
432 !attrStartDate->init() ||
433 !attrEndDate->init() ||
434 !attrPublicKeyInfo->init()
435 )
436 {
437 ERROR_MSG("Could not initialize the attribute");
438 delete attrCertificateType;
439 delete attrTrusted;
440 delete attrCertificateCategory;
441 delete attrCheckValue;
442 delete attrStartDate;
443 delete attrEndDate;
444 delete attrPublicKeyInfo;
445 return false;
446 }
447
448 // Add them to the map
449 attributes[attrCertificateType->getType()] = attrCertificateType;
450 attributes[attrTrusted->getType()] = attrTrusted;
451 attributes[attrCertificateCategory->getType()] = attrCertificateCategory;
452 attributes[attrCheckValue->getType()] = attrCheckValue;
453 attributes[attrStartDate->getType()] = attrStartDate;
454 attributes[attrEndDate->getType()] = attrEndDate;
455 attributes[attrPublicKeyInfo->getType()] = attrPublicKeyInfo;
456
457 initialized = true;
458 return true;
459}
460
461// Constructor
462P11X509CertificateObj::P11X509CertificateObj()
463{
464 initialized = false;
465}
466
467// Add attributes
468bool P11X509CertificateObj::init(OSObject *inobject)
469{
470 if (initialized) return true;
471 if (inobject == NULL) return false;
472
473 // Set default values for attributes that will be introduced in the parent
474 if (!inobject->attributeExists(CKA_CERTIFICATE_TYPE) || inobject->getUnsignedLongValue(CKA_CERTIFICATE_TYPE, CKC_VENDOR_DEFINED) != CKC_X_509) {
475 OSAttribute setCertType((unsigned long)CKC_X_509);
476 inobject->setAttribute(CKA_CERTIFICATE_TYPE, setCertType);
477 }
478
479 // Create parent
480 if (!P11CertificateObj::init(inobject)) return false;
481
482 // Create attributes
483 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck1);
484 P11Attribute* attrID = new P11AttrID(osobject);
485 P11Attribute* attrIssuer = new P11AttrIssuer(osobject);
486 P11Attribute* attrSerialNumber = new P11AttrSerialNumber(osobject);
487 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck14);
488 P11Attribute* attrURL = new P11AttrURL(osobject);
489 P11Attribute* attrHashOfSubjectPublicKey = new P11AttrHashOfSubjectPublicKey(osobject);
490 P11Attribute* attrHashOfIssuerPublicKey = new P11AttrHashOfIssuerPublicKey(osobject);
491 P11Attribute* attrJavaMidpSecurityDomain = new P11AttrJavaMidpSecurityDomain(osobject);
492 P11Attribute* attrNameHashAlgorithm = new P11AttrNameHashAlgorithm(osobject);
493
494 // Initialize the attributes
495 if
496 (
497 !attrSubject->init() ||
498 !attrID->init() ||
499 !attrIssuer->init() ||
500 !attrSerialNumber->init() ||
501 !attrValue->init() ||
502 !attrURL->init() ||
503 !attrHashOfSubjectPublicKey->init() ||
504 !attrHashOfIssuerPublicKey->init() ||
505 !attrJavaMidpSecurityDomain->init() ||
506 !attrNameHashAlgorithm->init()
507 )
508 {
509 ERROR_MSG("Could not initialize the attribute");
510 delete attrSubject;
511 delete attrID;
512 delete attrIssuer;
513 delete attrSerialNumber;
514 delete attrValue;
515 delete attrURL;
516 delete attrHashOfSubjectPublicKey;
517 delete attrHashOfIssuerPublicKey;
518 delete attrJavaMidpSecurityDomain;
519 delete attrNameHashAlgorithm;
520 return false;
521 }
522
523 // Add them to the map
524 attributes[attrSubject->getType()] = attrSubject;
525 attributes[attrID->getType()] = attrID;
526 attributes[attrIssuer->getType()] = attrIssuer;
527 attributes[attrSerialNumber->getType()] = attrSerialNumber;
528 attributes[attrValue->getType()] = attrValue;
529 attributes[attrURL->getType()] = attrURL;
530 attributes[attrHashOfSubjectPublicKey->getType()] = attrHashOfSubjectPublicKey;
531 attributes[attrHashOfIssuerPublicKey->getType()] = attrHashOfIssuerPublicKey;
532 attributes[attrJavaMidpSecurityDomain->getType()] = attrJavaMidpSecurityDomain;
533 attributes[attrNameHashAlgorithm->getType()] = attrNameHashAlgorithm;
534
535 return true;
536}
537
538// Constructor
539P11OpenPGPPublicKeyObj::P11OpenPGPPublicKeyObj()
540{
541 initialized = false;
542}
543
544// Add attributes
545bool P11OpenPGPPublicKeyObj::init(OSObject *inobject)
546{
547 if (initialized) return true;
548 if (inobject == NULL) return false;
549
550 // Set default values for attributes that will be introduced in the parent
551 if (!inobject->attributeExists(CKA_CERTIFICATE_TYPE) || inobject->getUnsignedLongValue(CKA_CERTIFICATE_TYPE, CKC_VENDOR_DEFINED) != CKC_OPENPGP) {
552 OSAttribute setCertType((unsigned long)CKC_OPENPGP);
553 inobject->setAttribute(CKA_CERTIFICATE_TYPE, setCertType);
554 }
555
556 // Create parent
557 if (!P11CertificateObj::init(inobject)) return false;
558
559 // Create attributes
560 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck1);
561 P11Attribute* attrID = new P11AttrID(osobject);
562 P11Attribute* attrIssuer = new P11AttrIssuer(osobject);
563 P11Attribute* attrSerialNumber = new P11AttrSerialNumber(osobject);
564 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck14);
565 P11Attribute* attrURL = new P11AttrURL(osobject);
566
567 // Initialize the attributes
568 if
569 (
570 !attrSubject->init() ||
571 !attrID->init() ||
572 !attrIssuer->init() ||
573 !attrSerialNumber->init() ||
574 !attrValue->init() ||
575 !attrURL->init()
576 )
577 {
578 ERROR_MSG("Could not initialize the attribute");
579 delete attrSubject;
580 delete attrID;
581 delete attrIssuer;
582 delete attrSerialNumber;
583 delete attrValue;
584 delete attrURL;
585 return false;
586 }
587
588 // Add them to the map
589 attributes[attrSubject->getType()] = attrSubject;
590 attributes[attrID->getType()] = attrID;
591 attributes[attrIssuer->getType()] = attrIssuer;
592 attributes[attrSerialNumber->getType()] = attrSerialNumber;
593 attributes[attrValue->getType()] = attrValue;
594 attributes[attrURL->getType()] = attrURL;
595
596 return true;
597}
598
599// Constructor
600P11KeyObj::P11KeyObj()
601{
602 initialized = false;
603}
604
605// Add attributes
606bool P11KeyObj::init(OSObject *inobject)
607{
608 if (initialized) return true;
609 if (inobject == NULL) return false;
610
611 // Create parent
612 if (!P11Object::init(inobject)) return false;
613
614 // Create attributes
615 P11Attribute* attrKeyType = new P11AttrKeyType(osobject,P11Attribute::ck5);
616 P11Attribute* attrID = new P11AttrID(osobject);
617 P11Attribute* attrStartDate = new P11AttrStartDate(osobject,P11Attribute::ck8);
618 P11Attribute* attrEndDate = new P11AttrEndDate(osobject,P11Attribute::ck8);
619 P11Attribute* attrDerive = new P11AttrDerive(osobject);
620 P11Attribute* attrLocal = new P11AttrLocal(osobject,P11Attribute::ck6);
621 P11Attribute* attrKeyGenMechanism = new P11AttrKeyGenMechanism(osobject);
622 P11Attribute* attrAllowedMechanisms = new P11AttrAllowedMechanisms(osobject);
623
624 // Initialize the attributes
625 if
626 (
627 !attrKeyType->init() ||
628 !attrID->init() ||
629 !attrStartDate->init() ||
630 !attrEndDate->init() ||
631 !attrDerive->init() ||
632 !attrLocal->init() ||
633 !attrKeyGenMechanism->init() ||
634 !attrAllowedMechanisms->init()
635 )
636 {
637 ERROR_MSG("Could not initialize the attribute");
638 delete attrKeyType;
639 delete attrID;
640 delete attrStartDate;
641 delete attrEndDate;
642 delete attrDerive;
643 delete attrLocal;
644 delete attrKeyGenMechanism;
645 delete attrAllowedMechanisms;
646 return false;
647 }
648
649 // Add them to the map
650 attributes[attrKeyType->getType()] = attrKeyType;
651 attributes[attrID->getType()] = attrID;
652 attributes[attrStartDate->getType()] = attrStartDate;
653 attributes[attrEndDate->getType()] = attrEndDate;
654 attributes[attrDerive->getType()] = attrDerive;
655 attributes[attrLocal->getType()] = attrLocal;
656 attributes[attrKeyGenMechanism->getType()] = attrKeyGenMechanism;
657 attributes[attrAllowedMechanisms->getType()] = attrAllowedMechanisms;
658
659 initialized = true;
660 return true;
661}
662
663// Constructor
664P11PublicKeyObj::P11PublicKeyObj()
665{
666 initialized = false;
667}
668
669// Add attributes
670bool P11PublicKeyObj::init(OSObject *inobject)
671{
672 if (initialized) return true;
673 if (inobject == NULL) return false;
674
675 // Set default values for attributes that will be introduced in the parent
676 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_PUBLIC_KEY) {
677 OSAttribute setClass((unsigned long)CKO_PUBLIC_KEY);
678 inobject->setAttribute(CKA_CLASS, setClass);
679 }
680 // Make public keys public
681 if (!inobject->attributeExists(CKA_PRIVATE)) {
682 OSAttribute setPrivate(false);
683 inobject->setAttribute(CKA_PRIVATE, setPrivate);
684 }
685
686 // Create parent
687 if (!P11KeyObj::init(inobject)) return false;
688
689 if (initialized) return true;
690
691 // Create attributes
692 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck8);
693 P11Attribute* attrEncrypt = new P11AttrEncrypt(osobject);
694 P11Attribute* attrVerify = new P11AttrVerify(osobject);
695 P11Attribute* attrVerifyRecover = new P11AttrVerifyRecover(osobject);
696 P11Attribute* attrWrap = new P11AttrWrap(osobject);
697 P11Attribute* attrTrusted = new P11AttrTrusted(osobject);
698 P11Attribute* attrWrapTemplate = new P11AttrWrapTemplate(osobject);
699 // TODO: CKA_PUBLIC_KEY_INFO is accepted, but we do not calculate it
700 P11Attribute* attrPublicKeyInfo = new P11AttrPublicKeyInfo(osobject,0);
701
702 // Initialize the attributes
703 if
704 (
705 !attrSubject->init() ||
706 !attrEncrypt->init() ||
707 !attrVerify->init() ||
708 !attrVerifyRecover->init() ||
709 !attrWrap->init() ||
710 !attrTrusted->init() ||
711 !attrWrapTemplate->init() ||
712 !attrPublicKeyInfo->init()
713 )
714 {
715 ERROR_MSG("Could not initialize the attribute");
716 delete attrSubject;
717 delete attrEncrypt;
718 delete attrVerify;
719 delete attrVerifyRecover;
720 delete attrWrap;
721 delete attrTrusted;
722 delete attrWrapTemplate;
723 delete attrPublicKeyInfo;
724 return false;
725 }
726
727 // Add them to the map
728 attributes[attrSubject->getType()] = attrSubject;
729 attributes[attrEncrypt->getType()] = attrEncrypt;
730 attributes[attrVerify->getType()] = attrVerify;
731 attributes[attrVerifyRecover->getType()] = attrVerifyRecover;
732 attributes[attrWrap->getType()] = attrWrap;
733 attributes[attrTrusted->getType()] = attrTrusted;
734 attributes[attrWrapTemplate->getType()] = attrWrapTemplate;
735 attributes[attrPublicKeyInfo->getType()] = attrPublicKeyInfo;
736
737 initialized = true;
738 return true;
739}
740
741// Constructor
742P11RSAPublicKeyObj::P11RSAPublicKeyObj()
743{
744 initialized = false;
745}
746
747// Add attributes
748bool P11RSAPublicKeyObj::init(OSObject *inobject)
749{
750 if (initialized) return true;
751 if (inobject == NULL) return false;
752
753 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_RSA) {
754 OSAttribute setKeyType((unsigned long)CKK_RSA);
755 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
756 }
757
758 // Create parent
759 if (!P11PublicKeyObj::init(inobject)) return false;
760
761 // Create attributes
762 P11Attribute* attrModulus = new P11AttrModulus(osobject);
763 P11Attribute* attrModulusBits = new P11AttrModulusBits(osobject);
764 P11Attribute* attrPublicExponent = new P11AttrPublicExponent(osobject,P11Attribute::ck1);
765
766 // Initialize the attributes
767 if
768 (
769 !attrModulus->init() ||
770 !attrModulusBits->init() ||
771 !attrPublicExponent->init()
772 )
773 {
774 ERROR_MSG("Could not initialize the attribute");
775 delete attrModulus;
776 delete attrModulusBits;
777 delete attrPublicExponent;
778 return false;
779 }
780
781 // Add them to the map
782 attributes[attrModulus->getType()] = attrModulus;
783 attributes[attrModulusBits->getType()] = attrModulusBits;
784 attributes[attrPublicExponent->getType()] = attrPublicExponent;
785
786 initialized = true;
787 return true;
788}
789
790// Constructor
791P11DSAPublicKeyObj::P11DSAPublicKeyObj()
792{
793 initialized = false;
794}
795
796// Add attributes
797bool P11DSAPublicKeyObj::init(OSObject *inobject)
798{
799 if (initialized) return true;
800 if (inobject == NULL) return false;
801
802 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DSA) {
803 OSAttribute setKeyType((unsigned long)CKK_DSA);
804 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
805 }
806
807 // Create parent
808 if (!P11PublicKeyObj::init(inobject)) return false;
809
810 // Create attributes
811 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck3);
812 P11Attribute* attrSubPrime = new P11AttrSubPrime(osobject,P11Attribute::ck3);
813 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck3);
814 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4);
815
816 // Initialize the attributes
817 if
818 (
819 !attrPrime->init() ||
820 !attrSubPrime->init() ||
821 !attrBase->init() ||
822 !attrValue->init()
823 )
824 {
825 ERROR_MSG("Could not initialize the attribute");
826 delete attrPrime;
827 delete attrSubPrime;
828 delete attrBase;
829 delete attrValue;
830 return false;
831 }
832
833 // Add them to the map
834 attributes[attrPrime->getType()] = attrPrime;
835 attributes[attrSubPrime->getType()] = attrSubPrime;
836 attributes[attrBase->getType()] = attrBase;
837 attributes[attrValue->getType()] = attrValue;
838
839 initialized = true;
840 return true;
841}
842
843// Constructor
844P11ECPublicKeyObj::P11ECPublicKeyObj()
845{
846 initialized = false;
847}
848
849// Add attributes
850bool P11ECPublicKeyObj::init(OSObject *inobject)
851{
852 if (initialized) return true;
853 if (inobject == NULL) return false;
854
855 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_EC) {
856 OSAttribute setKeyType((unsigned long)CKK_EC);
857 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
858 }
859
860 // Create parent
861 if (!P11PublicKeyObj::init(inobject)) return false;
862
863 // Create attributes
864 P11Attribute* attrEcParams = new P11AttrEcParams(osobject,P11Attribute::ck3);
865 P11Attribute* attrEcPoint = new P11AttrEcPoint(osobject);
866
867 // Initialize the attributes
868 if
869 (
870 !attrEcParams->init() ||
871 !attrEcPoint->init()
872 )
873 {
874 ERROR_MSG("Could not initialize the attribute");
875 delete attrEcParams;
876 delete attrEcPoint;
877 return false;
878 }
879
880 // Add them to the map
881 attributes[attrEcParams->getType()] = attrEcParams;
882 attributes[attrEcPoint->getType()] = attrEcPoint;
883
884 initialized = true;
885 return true;
886}
887
888// Constructor
889P11DHPublicKeyObj::P11DHPublicKeyObj()
890{
891 initialized = false;
892}
893
894// Add attributes
895bool P11DHPublicKeyObj::init(OSObject *inobject)
896{
897 if (initialized) return true;
898 if (inobject == NULL) return false;
899
900 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DH) {
901 OSAttribute setKeyType((unsigned long)CKK_DH);
902 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
903 }
904
905 // Create parent
906 if (!P11PublicKeyObj::init(inobject)) return false;
907
908 // Create attributes
909 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck3);
910 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck3);
911 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4);
912
913 // Initialize the attributes
914 if
915 (
916 !attrPrime->init() ||
917 !attrBase->init() ||
918 !attrValue->init()
919 )
920 {
921 ERROR_MSG("Could not initialize the attribute");
922 delete attrPrime;
923 delete attrBase;
924 delete attrValue;
925 return false;
926 }
927
928 // Add them to the map
929 attributes[attrPrime->getType()] = attrPrime;
930 attributes[attrBase->getType()] = attrBase;
931 attributes[attrValue->getType()] = attrValue;
932
933 initialized = true;
934 return true;
935}
936
937// Constructor
938P11GOSTPublicKeyObj::P11GOSTPublicKeyObj()
939{
940 initialized = false;
941}
942
943// Add attributes
944bool P11GOSTPublicKeyObj::init(OSObject *inobject)
945{
946 if (initialized) return true;
947 if (inobject == NULL) return false;
948
949 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_GOSTR3410) {
950 OSAttribute setKeyType((unsigned long)CKK_GOSTR3410);
951 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
952 }
953
954 // Create parent
955 if (!P11PublicKeyObj::init(inobject)) return false;
956
957 // Create attributes
958 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4);
959 P11Attribute* attrGostR3410Params = new P11AttrGostR3410Params(osobject,P11Attribute::ck3);
960 P11Attribute* attrGostR3411Params = new P11AttrGostR3411Params(osobject,P11Attribute::ck3);
961 P11Attribute* attrGost28147Params = new P11AttrGost28147Params(osobject,P11Attribute::ck8);
962
963 // Initialize the attributes
964 if
965 (
966 !attrValue->init() ||
967 !attrGostR3410Params->init() ||
968 !attrGostR3411Params->init() ||
969 !attrGost28147Params->init()
970 )
971 {
972 ERROR_MSG("Could not initialize the attribute");
973 delete attrValue;
974 delete attrGostR3410Params;
975 delete attrGostR3411Params;
976 delete attrGost28147Params;
977 return false;
978 }
979
980 // Add them to the map
981 attributes[attrValue->getType()] = attrValue;
982 attributes[attrGostR3410Params->getType()] = attrGostR3410Params;
983 attributes[attrGostR3411Params->getType()] = attrGostR3411Params;
984 attributes[attrGost28147Params->getType()] = attrGost28147Params;
985
986 initialized = true;
987 return true;
988}
989
990//constructor
991P11PrivateKeyObj::P11PrivateKeyObj()
992{
993 initialized = false;
994}
995
996// Add attributes
997bool P11PrivateKeyObj::init(OSObject *inobject)
998{
999 if (initialized) return true;
1000 if (inobject == NULL) return false;
1001
1002 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_PRIVATE_KEY) {
1003 OSAttribute setClass((unsigned long)CKO_PRIVATE_KEY);
1004 inobject->setAttribute(CKA_CLASS, setClass);
1005 }
1006
1007 // Create parent
1008 if (!P11KeyObj::init(inobject)) return false;
1009
1010 // Create attributes
1011 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck8);
1012 P11Attribute* attrSensitive = new P11AttrSensitive(osobject);
1013 P11Attribute* attrDecrypt = new P11AttrDecrypt(osobject);
1014 P11Attribute* attrSign = new P11AttrSign(osobject);
1015 P11Attribute* attrSignRecover = new P11AttrSignRecover(osobject);
1016 P11Attribute* attrUnwrap = new P11AttrUnwrap(osobject);
1017 P11Attribute* attrExtractable = new P11AttrExtractable(osobject);
1018 P11Attribute* attrAlwaysSensitive = new P11AttrAlwaysSensitive(osobject);
1019 P11Attribute* attrNeverExtractable = new P11AttrNeverExtractable(osobject);
1020 P11Attribute* attrWrapWithTrusted = new P11AttrWrapWithTrusted(osobject);
1021 P11Attribute* attrUnwrapTemplate = new P11AttrUnwrapTemplate(osobject);
1022 // TODO: CKA_ALWAYS_AUTHENTICATE is accepted, but we do not use it
1023 P11Attribute* attrAlwaysAuthenticate = new P11AttrAlwaysAuthenticate(osobject);
1024 // TODO: CKA_PUBLIC_KEY_INFO is accepted, but we do not calculate it
1025 P11Attribute* attrPublicKeyInfo = new P11AttrPublicKeyInfo(osobject,P11Attribute::ck8);
1026
1027 // Initialize the attributes
1028 if
1029 (
1030 !attrSubject->init() ||
1031 !attrSensitive->init() ||
1032 !attrDecrypt->init() ||
1033 !attrSign->init() ||
1034 !attrSignRecover->init() ||
1035 !attrUnwrap->init() ||
1036 !attrExtractable->init() ||
1037 !attrAlwaysSensitive->init() ||
1038 !attrNeverExtractable->init() ||
1039 !attrWrapWithTrusted->init() ||
1040 !attrUnwrapTemplate->init() ||
1041 !attrAlwaysAuthenticate->init() ||
1042 !attrPublicKeyInfo->init()
1043 )
1044 {
1045 ERROR_MSG("Could not initialize the attribute");
1046 delete attrSubject;
1047 delete attrSensitive;
1048 delete attrDecrypt;
1049 delete attrSign;
1050 delete attrSignRecover;
1051 delete attrUnwrap;
1052 delete attrExtractable;
1053 delete attrAlwaysSensitive;
1054 delete attrNeverExtractable;
1055 delete attrWrapWithTrusted;
1056 delete attrUnwrapTemplate;
1057 delete attrAlwaysAuthenticate;
1058 delete attrPublicKeyInfo;
1059 return false;
1060 }
1061
1062 // Add them to the map
1063 attributes[attrSubject->getType()] = attrSubject;
1064 attributes[attrSensitive->getType()] = attrSensitive;
1065 attributes[attrDecrypt->getType()] = attrDecrypt;
1066 attributes[attrSign->getType()] = attrSign;
1067 attributes[attrSignRecover->getType()] = attrSignRecover;
1068 attributes[attrUnwrap->getType()] = attrUnwrap;
1069 attributes[attrExtractable->getType()] = attrExtractable;
1070 attributes[attrAlwaysSensitive->getType()] = attrAlwaysSensitive;
1071 attributes[attrNeverExtractable->getType()] = attrNeverExtractable;
1072 attributes[attrWrapWithTrusted->getType()] = attrWrapWithTrusted;
1073 attributes[attrUnwrapTemplate->getType()] = attrUnwrapTemplate;
1074 attributes[attrAlwaysAuthenticate->getType()] = attrAlwaysAuthenticate;
1075 attributes[attrPublicKeyInfo->getType()] = attrPublicKeyInfo;
1076
1077 initialized = true;
1078 return true;
1079}
1080
1081// Constructor
1082P11RSAPrivateKeyObj::P11RSAPrivateKeyObj()
1083{
1084 initialized = false;
1085}
1086
1087// Add attributes
1088bool P11RSAPrivateKeyObj::init(OSObject *inobject)
1089{
1090 if (initialized) return true;
1091 if (inobject == NULL) return false;
1092
1093 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_RSA) {
1094 OSAttribute setKeyType((unsigned long)CKK_RSA);
1095 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1096 }
1097
1098 // Create parent
1099 if (!P11PrivateKeyObj::init(inobject)) return false;
1100
1101 // Create attributes
1102 P11Attribute* attrModulus = new P11AttrModulus(osobject,P11Attribute::ck6);
1103 P11Attribute* attrPublicExponent = new P11AttrPublicExponent(osobject,P11Attribute::ck4|P11Attribute::ck6);
1104 P11Attribute* attrPrivateExponent = new P11AttrPrivateExponent(osobject);
1105 P11Attribute* attrPrime1 = new P11AttrPrime1(osobject);
1106 P11Attribute* attrPrime2 = new P11AttrPrime2(osobject);
1107 P11Attribute* attrExponent1 = new P11AttrExponent1(osobject);
1108 P11Attribute* attrExponent2 = new P11AttrExponent2(osobject);
1109 P11Attribute* attrCoefficient = new P11AttrCoefficient(osobject);
1110
1111 // Initialize the attributes
1112 if
1113 (
1114 !attrModulus->init() ||
1115 !attrPublicExponent->init() ||
1116 !attrPrivateExponent->init() ||
1117 !attrPrime1->init() ||
1118 !attrPrime2->init() ||
1119 !attrExponent1->init() ||
1120 !attrExponent2->init() ||
1121 !attrCoefficient->init()
1122 )
1123 {
1124 ERROR_MSG("Could not initialize the attribute");
1125 delete attrModulus;
1126 delete attrPublicExponent;
1127 delete attrPrivateExponent;
1128 delete attrPrime1;
1129 delete attrPrime2;
1130 delete attrExponent1;
1131 delete attrExponent2;
1132 delete attrCoefficient;
1133 return false;
1134 }
1135
1136 // Add them to the map
1137 attributes[attrModulus->getType()] = attrModulus;
1138 attributes[attrPublicExponent->getType()] = attrPublicExponent;
1139 attributes[attrPrivateExponent->getType()] = attrPrivateExponent;
1140 attributes[attrPrime1->getType()] = attrPrime1;
1141 attributes[attrPrime2->getType()] = attrPrime2;
1142 attributes[attrExponent1->getType()] = attrExponent1;
1143 attributes[attrExponent2->getType()] = attrExponent2;
1144 attributes[attrCoefficient->getType()] = attrCoefficient;
1145
1146 initialized = true;
1147 return true;
1148}
1149
1150// Constructor
1151P11DSAPrivateKeyObj::P11DSAPrivateKeyObj()
1152{
1153 initialized = false;
1154}
1155
1156// Add attributes
1157bool P11DSAPrivateKeyObj::init(OSObject *inobject)
1158{
1159 if (initialized) return true;
1160 if (inobject == NULL) return false;
1161
1162 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DSA) {
1163 OSAttribute setKeyType((unsigned long)CKK_DSA);
1164 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1165 }
1166
1167 // Create parent
1168 if (!P11PrivateKeyObj::init(inobject)) return false;
1169
1170 // Create attributes
1171 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4|P11Attribute::ck6);
1172 P11Attribute* attrSubPrime = new P11AttrSubPrime(osobject,P11Attribute::ck4|P11Attribute::ck6);
1173 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4|P11Attribute::ck6);
1174 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1175
1176 // Initialize the attributes
1177 if
1178 (
1179 !attrPrime->init() ||
1180 !attrSubPrime->init() ||
1181 !attrBase->init() ||
1182 !attrValue->init()
1183 )
1184 {
1185 ERROR_MSG("Could not initialize the attribute");
1186 delete attrPrime;
1187 delete attrSubPrime;
1188 delete attrBase;
1189 delete attrValue;
1190 return false;
1191 }
1192
1193 // Add them to the map
1194 attributes[attrPrime->getType()] = attrPrime;
1195 attributes[attrSubPrime->getType()] = attrSubPrime;
1196 attributes[attrBase->getType()] = attrBase;
1197 attributes[attrValue->getType()] = attrValue;
1198
1199 initialized = true;
1200 return true;
1201}
1202
1203// Constructor
1204P11ECPrivateKeyObj::P11ECPrivateKeyObj()
1205{
1206 initialized = false;
1207}
1208
1209// Add attributes
1210bool P11ECPrivateKeyObj::init(OSObject *inobject)
1211{
1212 if (initialized) return true;
1213 if (inobject == NULL) return false;
1214
1215 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_EC) {
1216 OSAttribute setKeyType((unsigned long)CKK_EC);
1217 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1218 }
1219
1220 // Create parent
1221 if (!P11PrivateKeyObj::init(inobject)) return false;
1222
1223 // Create attributes
1224 P11Attribute* attrEcParams = new P11AttrEcParams(osobject,P11Attribute::ck4|P11Attribute::ck6);
1225 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1226
1227 // Initialize the attributes
1228 if
1229 (
1230 !attrEcParams->init() ||
1231 !attrValue->init()
1232 )
1233 {
1234 ERROR_MSG("Could not initialize the attribute");
1235 delete attrEcParams;
1236 delete attrValue;
1237 return false;
1238 }
1239
1240 // Add them to the map
1241 attributes[attrEcParams->getType()] = attrEcParams;
1242 attributes[attrValue->getType()] = attrValue;
1243
1244 initialized = true;
1245 return true;
1246}
1247
1248// Constructor
1249P11DHPrivateKeyObj::P11DHPrivateKeyObj()
1250{
1251 initialized = false;
1252}
1253
1254// Add attributes
1255bool P11DHPrivateKeyObj::init(OSObject *inobject)
1256{
1257 if (initialized) return true;
1258 if (inobject == NULL) return false;
1259
1260 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DH) {
1261 OSAttribute setKeyType((unsigned long)CKK_DH);
1262 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1263 }
1264
1265 // Create parent
1266 if (!P11PrivateKeyObj::init(inobject)) return false;
1267
1268 // Create attributes
1269 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4|P11Attribute::ck6);
1270 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4|P11Attribute::ck6);
1271 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1272 P11Attribute* attrValueBits = new P11AttrValueBits(osobject);
1273
1274 // Initialize the attributes
1275 if
1276 (
1277 !attrPrime->init() ||
1278 !attrBase->init() ||
1279 !attrValue->init() ||
1280 !attrValueBits->init()
1281 )
1282 {
1283 ERROR_MSG("Could not initialize the attribute");
1284 delete attrPrime;
1285 delete attrBase;
1286 delete attrValue;
1287 delete attrValueBits;
1288 return false;
1289 }
1290
1291 // Add them to the map
1292 attributes[attrPrime->getType()] = attrPrime;
1293 attributes[attrBase->getType()] = attrBase;
1294 attributes[attrValue->getType()] = attrValue;
1295 attributes[attrValueBits->getType()] = attrValueBits;
1296
1297 initialized = true;
1298 return true;
1299}
1300
1301// Constructor
1302P11GOSTPrivateKeyObj::P11GOSTPrivateKeyObj()
1303{
1304 initialized = false;
1305}
1306
1307// Add attributes
1308bool P11GOSTPrivateKeyObj::init(OSObject *inobject)
1309{
1310 if (initialized) return true;
1311 if (inobject == NULL) return false;
1312
1313 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_GOSTR3410) {
1314 OSAttribute setKeyType((unsigned long)CKK_GOSTR3410);
1315 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1316 }
1317
1318 // Create parent
1319 if (!P11PrivateKeyObj::init(inobject)) return false;
1320
1321 // Create attributes
1322 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1323 P11Attribute* attrGostR3410Params = new P11AttrGostR3410Params(osobject,P11Attribute::ck4|P11Attribute::ck6);
1324 P11Attribute* attrGostR3411Params = new P11AttrGostR3411Params(osobject,P11Attribute::ck4|P11Attribute::ck6);
1325 P11Attribute* attrGost28147Params = new P11AttrGost28147Params(osobject,P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck8);
1326
1327 // Initialize the attributes
1328 if
1329 (
1330 !attrValue->init() ||
1331 !attrGostR3410Params->init() ||
1332 !attrGostR3411Params->init() ||
1333 !attrGost28147Params->init()
1334 )
1335 {
1336 ERROR_MSG("Could not initialize the attribute");
1337 delete attrValue;
1338 delete attrGostR3410Params;
1339 delete attrGostR3411Params;
1340 delete attrGost28147Params;
1341 return false;
1342 }
1343
1344 // Add them to the map
1345 attributes[attrValue->getType()] = attrValue;
1346 attributes[attrGostR3410Params->getType()] = attrGostR3410Params;
1347 attributes[attrGostR3411Params->getType()] = attrGostR3411Params;
1348 attributes[attrGost28147Params->getType()] = attrGost28147Params;
1349
1350 initialized = true;
1351 return true;
1352}
1353
1354// Constructor
1355P11SecretKeyObj::P11SecretKeyObj()
1356{
1357 initialized = false;
1358}
1359
1360// Add attributes
1361bool P11SecretKeyObj::init(OSObject *inobject)
1362{
1363 if (initialized) return true;
1364 if (inobject == NULL) return false;
1365
1366 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_SECRET_KEY) {
1367 OSAttribute setClass((unsigned long)CKO_SECRET_KEY);
1368 inobject->setAttribute(CKA_CLASS, setClass);
1369 }
1370
1371 // Create parent
1372 if (!P11KeyObj::init(inobject)) return false;
1373
1374 // Create attributes
1375 P11Attribute* attrSensitive = new P11AttrSensitive(osobject);
1376 P11Attribute* attrEncrypt = new P11AttrEncrypt(osobject);
1377 P11Attribute* attrDecrypt = new P11AttrDecrypt(osobject);
1378 P11Attribute* attrSign = new P11AttrSign(osobject);
1379 P11Attribute* attrVerify = new P11AttrVerify(osobject);
1380 P11Attribute* attrWrap = new P11AttrWrap(osobject);
1381 P11Attribute* attrUnwrap = new P11AttrUnwrap(osobject);
1382 P11Attribute* attrExtractable = new P11AttrExtractable(osobject);
1383 P11Attribute* attrAlwaysSensitive = new P11AttrAlwaysSensitive(osobject);
1384 P11Attribute* attrNeverExtractable = new P11AttrNeverExtractable(osobject);
1385 P11Attribute* attrCheckValue = new P11AttrCheckValue(osobject, P11Attribute::ck8);
1386 P11Attribute* attrWrapWithTrusted = new P11AttrWrapWithTrusted(osobject);
1387 P11Attribute* attrTrusted = new P11AttrTrusted(osobject);
1388 P11Attribute* attrWrapTemplate = new P11AttrWrapTemplate(osobject);
1389 P11Attribute* attrUnwrapTemplate = new P11AttrUnwrapTemplate(osobject);
1390
1391 // Initialize the attributes
1392 if
1393 (
1394 !attrSensitive->init() ||
1395 !attrEncrypt->init() ||
1396 !attrDecrypt->init() ||
1397 !attrSign->init() ||
1398 !attrVerify->init() ||
1399 !attrWrap->init() ||
1400 !attrUnwrap->init() ||
1401 !attrExtractable->init() ||
1402 !attrAlwaysSensitive->init() ||
1403 !attrNeverExtractable->init() ||
1404 !attrCheckValue->init() ||
1405 !attrWrapWithTrusted->init() ||
1406 !attrTrusted->init() ||
1407 !attrWrapTemplate->init() ||
1408 !attrUnwrapTemplate->init()
1409 )
1410 {
1411 ERROR_MSG("Could not initialize the attribute");
1412 delete attrSensitive;
1413 delete attrEncrypt;
1414 delete attrDecrypt;
1415 delete attrSign;
1416 delete attrVerify;
1417 delete attrWrap;
1418 delete attrUnwrap;
1419 delete attrExtractable;
1420 delete attrAlwaysSensitive;
1421 delete attrNeverExtractable;
1422 delete attrCheckValue;
1423 delete attrWrapWithTrusted;
1424 delete attrTrusted;
1425 delete attrWrapTemplate;
1426 delete attrUnwrapTemplate;
1427 return false;
1428 }
1429
1430 // Add them to the map
1431 attributes[attrSensitive->getType()] = attrSensitive;
1432 attributes[attrEncrypt->getType()] = attrEncrypt;
1433 attributes[attrDecrypt->getType()] = attrDecrypt;
1434 attributes[attrSign->getType()] = attrSign;
1435 attributes[attrVerify->getType()] = attrVerify;
1436 attributes[attrWrap->getType()] = attrWrap;
1437 attributes[attrUnwrap->getType()] = attrUnwrap;
1438 attributes[attrExtractable->getType()] = attrExtractable;
1439 attributes[attrAlwaysSensitive->getType()] = attrAlwaysSensitive;
1440 attributes[attrNeverExtractable->getType()] = attrNeverExtractable;
1441 attributes[attrCheckValue->getType()] = attrCheckValue;
1442 attributes[attrWrapWithTrusted->getType()] = attrWrapWithTrusted;
1443 attributes[attrTrusted->getType()] = attrTrusted;
1444 attributes[attrWrapTemplate->getType()] = attrWrapTemplate;
1445 attributes[attrUnwrapTemplate->getType()] = attrUnwrapTemplate;
1446
1447 initialized = true;
1448 return true;
1449}
1450
1451// Constructor
1452P11GenericSecretKeyObj::P11GenericSecretKeyObj()
1453{
1454 initialized = false;
1455 keytype = CKK_VENDOR_DEFINED;
1456}
1457
1458// Add attributes
1459bool P11GenericSecretKeyObj::init(OSObject *inobject)
1460{
1461 if (initialized) return true;
1462 if (inobject == NULL) return false;
1463
1464 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != keytype) {
1465 OSAttribute setKeyType(keytype);
1466 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1467 }
1468
1469 // Create parent
1470 if (!P11SecretKeyObj::init(inobject)) return false;
1471
1472 // Create attributes
1473 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1474 P11Attribute* attrValueLen = new P11AttrValueLen(osobject);
1475
1476 // Initialize the attributes
1477 if
1478 (
1479 !attrValue->init() ||
1480 !attrValueLen->init()
1481 )
1482 {
1483 ERROR_MSG("Could not initialize the attribute");
1484 delete attrValue;
1485 delete attrValueLen;
1486 return false;
1487 }
1488
1489 // Add them to the map
1490 attributes[attrValue->getType()] = attrValue;
1491 attributes[attrValueLen->getType()] = attrValueLen;
1492
1493 initialized = true;
1494 return true;
1495}
1496
1497// Set Key Type
1498bool P11GenericSecretKeyObj::setKeyType(CK_KEY_TYPE inKeytype)
1499{
1500 if (!initialized)
1501 {
1502 keytype = inKeytype;
1503 return true;
1504 }
1505 else
1506 return false;
1507}
1508
1509// Get Key Type
1510CK_KEY_TYPE P11GenericSecretKeyObj::getKeyType()
1511{
1512 return keytype;
1513}
1514
1515// Constructor
1516P11AESSecretKeyObj::P11AESSecretKeyObj()
1517{
1518 initialized = false;
1519}
1520
1521// Add attributes
1522bool P11AESSecretKeyObj::init(OSObject *inobject)
1523{
1524 if (initialized) return true;
1525 if (inobject == NULL) return false;
1526
1527 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_AES) {
1528 OSAttribute setKeyType((unsigned long)CKK_AES);
1529 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1530 }
1531
1532 // Create parent
1533 if (!P11SecretKeyObj::init(inobject)) return false;
1534
1535 // Create attributes
1536 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1537 P11Attribute* attrValueLen = new P11AttrValueLen(osobject,P11Attribute::ck6);
1538
1539 // Initialize the attributes
1540 if
1541 (
1542 !attrValue->init() ||
1543 !attrValueLen->init()
1544 )
1545 {
1546 ERROR_MSG("Could not initialize the attribute");
1547 delete attrValue;
1548 delete attrValueLen;
1549 return false;
1550 }
1551
1552 // Add them to the map
1553 attributes[attrValue->getType()] = attrValue;
1554 attributes[attrValueLen->getType()] = attrValueLen;
1555
1556 initialized = true;
1557 return true;
1558}
1559
1560// Constructor
1561P11DESSecretKeyObj::P11DESSecretKeyObj()
1562{
1563 initialized = false;
1564 keytype = CKK_VENDOR_DEFINED;
1565}
1566
1567// Add attributes
1568bool P11DESSecretKeyObj::init(OSObject *inobject)
1569{
1570 if (initialized) return true;
1571 if (inobject == NULL) return false;
1572
1573 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != keytype) {
1574 OSAttribute setKeyType(keytype);
1575 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1576 }
1577
1578 // Create parent
1579 if (!P11SecretKeyObj::init(inobject)) return false;
1580
1581 // Create attributes
1582 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1583
1584 // Initialize the attributes
1585 if (!attrValue->init())
1586 {
1587 ERROR_MSG("Could not initialize the attribute");
1588 delete attrValue;
1589 return false;
1590 }
1591
1592 // Add them to the map
1593 attributes[attrValue->getType()] = attrValue;
1594
1595 initialized = true;
1596 return true;
1597}
1598
1599// Set Key Type
1600bool P11DESSecretKeyObj::setKeyType(CK_KEY_TYPE inKeytype)
1601{
1602 if (!initialized)
1603 {
1604 keytype = inKeytype;
1605 return true;
1606 }
1607 else
1608 return false;
1609}
1610
1611// Get Key Type
1612CK_KEY_TYPE P11DESSecretKeyObj::getKeyType()
1613{
1614 return keytype;
1615}
1616
1617// Constructor
1618P11GOSTSecretKeyObj::P11GOSTSecretKeyObj()
1619{
1620 initialized = false;
1621}
1622
1623// Add attributes
1624bool P11GOSTSecretKeyObj::init(OSObject *inobject)
1625{
1626 if (initialized) return true;
1627 if (inobject == NULL) return false;
1628
1629 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_GOST28147) {
1630 OSAttribute setKeyType((unsigned long)CKK_GOST28147);
1631 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1632 }
1633
1634 // Create parent
1635 if (!P11SecretKeyObj::init(inobject)) return false;
1636
1637 // Create attributes
1638 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1639 P11Attribute* attrGost28147Params = new P11AttrGost28147Params(osobject,P11Attribute::ck1|P11Attribute::ck3|P11Attribute::ck5);
1640
1641 // Initialize the attributes
1642 if
1643 (
1644 !attrValue->init() ||
1645 !attrGost28147Params->init()
1646 )
1647 {
1648 ERROR_MSG("Could not initialize the attribute");
1649 delete attrValue;
1650 delete attrGost28147Params;
1651 return false;
1652 }
1653
1654 // Add them to the map
1655 attributes[attrValue->getType()] = attrValue;
1656 attributes[attrGost28147Params->getType()] = attrGost28147Params;
1657
1658 initialized = true;
1659 return true;
1660}
1661
1662// Constructor
1663P11DomainObj::P11DomainObj()
1664{
1665 initialized = false;
1666}
1667
1668// Add attributes
1669bool P11DomainObj::init(OSObject *inobject)
1670{
1671 if (initialized) return true;
1672 if (inobject == NULL) return false;
1673
1674 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_DOMAIN_PARAMETERS) {
1675 OSAttribute setClass((unsigned long)CKO_DOMAIN_PARAMETERS);
1676 inobject->setAttribute(CKA_CLASS, setClass);
1677 }
1678
1679 // Create parent
1680 if (!P11Object::init(inobject)) return false;
1681
1682 // Create attributes
1683 P11Attribute* attrKeyType = new P11AttrKeyType(osobject);
1684 P11Attribute* attrLocal = new P11AttrLocal(osobject);
1685
1686 // Initialize the attributes
1687 if
1688 (
1689 !attrKeyType->init() ||
1690 !attrLocal->init()
1691 )
1692 {
1693 ERROR_MSG("Could not initialize the attribute");
1694 delete attrKeyType;
1695 delete attrLocal;
1696 return false;
1697 }
1698
1699 // Add them to the map
1700 attributes[attrKeyType->getType()] = attrKeyType;
1701 attributes[attrLocal->getType()] = attrLocal;
1702
1703 initialized = true;
1704 return true;
1705}
1706
1707// Constructor
1708P11DSADomainObj::P11DSADomainObj()
1709{
1710 initialized = false;
1711}
1712
1713// Add attributes
1714bool P11DSADomainObj::init(OSObject *inobject)
1715{
1716 if (initialized) return true;
1717 if (inobject == NULL) return false;
1718
1719 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DSA) {
1720 OSAttribute setKeyType((unsigned long)CKK_DSA);
1721 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1722 }
1723
1724 // Create parent
1725 if (!P11DomainObj::init(inobject)) return false;
1726
1727 // Create attributes
1728 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4);
1729 P11Attribute* attrSubPrime = new P11AttrSubPrime(osobject,P11Attribute::ck4);
1730 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4);
1731 P11Attribute* attrPrimeBits = new P11AttrPrimeBits(osobject);
1732
1733 // Initialize the attributes
1734 if
1735 (
1736 !attrPrime->init() ||
1737 !attrSubPrime->init() ||
1738 !attrBase->init() ||
1739 !attrPrimeBits->init()
1740 )
1741 {
1742 ERROR_MSG("Could not initialize the attribute");
1743 delete attrPrime;
1744 delete attrSubPrime;
1745 delete attrBase;
1746 delete attrPrimeBits;
1747 return false;
1748 }
1749
1750 // Add them to the map
1751 attributes[attrPrime->getType()] = attrPrime;
1752 attributes[attrSubPrime->getType()] = attrSubPrime;
1753 attributes[attrBase->getType()] = attrBase;
1754 attributes[attrPrimeBits->getType()] = attrPrimeBits;
1755
1756 initialized = true;
1757 return true;
1758}
1759
1760// Constructor
1761P11DHDomainObj::P11DHDomainObj()
1762{
1763 initialized = false;
1764}
1765
1766// Add attributes
1767bool P11DHDomainObj::init(OSObject *inobject)
1768{
1769 if (initialized) return true;
1770 if (inobject == NULL) return false;
1771
1772 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DH) {
1773 OSAttribute setKeyType((unsigned long)CKK_DH);
1774 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1775 }
1776
1777 // Create parent
1778 if (!P11DomainObj::init(inobject)) return false;
1779
1780 // Create attributes
1781 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4);
1782 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4);
1783 P11Attribute* attrPrimeBits = new P11AttrPrimeBits(osobject);
1784
1785 // Initialize the attributes
1786 if
1787 (
1788 !attrPrime->init() ||
1789 !attrBase->init() ||
1790 !attrPrimeBits->init()
1791 )
1792 {
1793 ERROR_MSG("Could not initialize the attribute");
1794 delete attrPrime;
1795 delete attrBase;
1796 delete attrPrimeBits;
1797 return false;
1798 }
1799
1800 // Add them to the map
1801 attributes[attrPrime->getType()] = attrPrime;
1802 attributes[attrBase->getType()] = attrBase;
1803 attributes[attrPrimeBits->getType()] = attrPrimeBits;
1804
1805 initialized = true;
1806 return true;
1807}