1 |
|
|
/* $OpenBSD: ssh-pkcs11.c,v 1.25 2017/05/31 09:15:42 deraadt Exp $ */ |
2 |
|
|
/* |
3 |
|
|
* Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 |
|
|
* |
5 |
|
|
* Permission to use, copy, modify, and distribute this software for any |
6 |
|
|
* purpose with or without fee is hereby granted, provided that the above |
7 |
|
|
* copyright notice and this permission notice appear in all copies. |
8 |
|
|
* |
9 |
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
10 |
|
|
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
11 |
|
|
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
12 |
|
|
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
13 |
|
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
14 |
|
|
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 |
|
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 |
|
|
*/ |
17 |
|
|
|
18 |
|
|
#include <sys/types.h> |
19 |
|
|
#include <sys/queue.h> |
20 |
|
|
#include <stdarg.h> |
21 |
|
|
#include <stdio.h> |
22 |
|
|
|
23 |
|
|
#include <string.h> |
24 |
|
|
#include <dlfcn.h> |
25 |
|
|
|
26 |
|
|
#include <openssl/x509.h> |
27 |
|
|
|
28 |
|
|
#define CRYPTOKI_COMPAT |
29 |
|
|
#include "pkcs11.h" |
30 |
|
|
|
31 |
|
|
#include "log.h" |
32 |
|
|
#include "misc.h" |
33 |
|
|
#include "sshkey.h" |
34 |
|
|
#include "ssh-pkcs11.h" |
35 |
|
|
#include "xmalloc.h" |
36 |
|
|
|
37 |
|
|
struct pkcs11_slotinfo { |
38 |
|
|
CK_TOKEN_INFO token; |
39 |
|
|
CK_SESSION_HANDLE session; |
40 |
|
|
int logged_in; |
41 |
|
|
}; |
42 |
|
|
|
43 |
|
|
struct pkcs11_provider { |
44 |
|
|
char *name; |
45 |
|
|
void *handle; |
46 |
|
|
CK_FUNCTION_LIST *function_list; |
47 |
|
|
CK_INFO info; |
48 |
|
|
CK_ULONG nslots; |
49 |
|
|
CK_SLOT_ID *slotlist; |
50 |
|
|
struct pkcs11_slotinfo *slotinfo; |
51 |
|
|
int valid; |
52 |
|
|
int refcount; |
53 |
|
|
TAILQ_ENTRY(pkcs11_provider) next; |
54 |
|
|
}; |
55 |
|
|
|
56 |
|
|
TAILQ_HEAD(, pkcs11_provider) pkcs11_providers; |
57 |
|
|
|
58 |
|
|
struct pkcs11_key { |
59 |
|
|
struct pkcs11_provider *provider; |
60 |
|
|
CK_ULONG slotidx; |
61 |
|
|
int (*orig_finish)(RSA *rsa); |
62 |
|
|
RSA_METHOD rsa_method; |
63 |
|
|
char *keyid; |
64 |
|
|
int keyid_len; |
65 |
|
|
}; |
66 |
|
|
|
67 |
|
|
int pkcs11_interactive = 0; |
68 |
|
|
|
69 |
|
|
int |
70 |
|
|
pkcs11_init(int interactive) |
71 |
|
|
{ |
72 |
|
|
pkcs11_interactive = interactive; |
73 |
|
|
TAILQ_INIT(&pkcs11_providers); |
74 |
|
|
return (0); |
75 |
|
|
} |
76 |
|
|
|
77 |
|
|
/* |
78 |
|
|
* finalize a provider shared libarary, it's no longer usable. |
79 |
|
|
* however, there might still be keys referencing this provider, |
80 |
|
|
* so the actuall freeing of memory is handled by pkcs11_provider_unref(). |
81 |
|
|
* this is called when a provider gets unregistered. |
82 |
|
|
*/ |
83 |
|
|
static void |
84 |
|
|
pkcs11_provider_finalize(struct pkcs11_provider *p) |
85 |
|
|
{ |
86 |
|
|
CK_RV rv; |
87 |
|
|
CK_ULONG i; |
88 |
|
|
|
89 |
|
|
debug("pkcs11_provider_finalize: %p refcount %d valid %d", |
90 |
|
|
p, p->refcount, p->valid); |
91 |
|
|
if (!p->valid) |
92 |
|
|
return; |
93 |
|
|
for (i = 0; i < p->nslots; i++) { |
94 |
|
|
if (p->slotinfo[i].session && |
95 |
|
|
(rv = p->function_list->C_CloseSession( |
96 |
|
|
p->slotinfo[i].session)) != CKR_OK) |
97 |
|
|
error("C_CloseSession failed: %lu", rv); |
98 |
|
|
} |
99 |
|
|
if ((rv = p->function_list->C_Finalize(NULL)) != CKR_OK) |
100 |
|
|
error("C_Finalize failed: %lu", rv); |
101 |
|
|
p->valid = 0; |
102 |
|
|
p->function_list = NULL; |
103 |
|
|
#ifdef HAVE_DLOPEN |
104 |
|
|
dlclose(p->handle); |
105 |
|
|
#endif |
106 |
|
|
} |
107 |
|
|
|
108 |
|
|
/* |
109 |
|
|
* remove a reference to the provider. |
110 |
|
|
* called when a key gets destroyed or when the provider is unregistered. |
111 |
|
|
*/ |
112 |
|
|
static void |
113 |
|
|
pkcs11_provider_unref(struct pkcs11_provider *p) |
114 |
|
|
{ |
115 |
|
|
debug("pkcs11_provider_unref: %p refcount %d", p, p->refcount); |
116 |
|
|
if (--p->refcount <= 0) { |
117 |
|
|
if (p->valid) |
118 |
|
|
error("pkcs11_provider_unref: %p still valid", p); |
119 |
|
|
free(p->slotlist); |
120 |
|
|
free(p->slotinfo); |
121 |
|
|
free(p); |
122 |
|
|
} |
123 |
|
|
} |
124 |
|
|
|
125 |
|
|
/* unregister all providers, keys might still point to the providers */ |
126 |
|
|
void |
127 |
|
|
pkcs11_terminate(void) |
128 |
|
|
{ |
129 |
|
|
struct pkcs11_provider *p; |
130 |
|
|
|
131 |
|
|
while ((p = TAILQ_FIRST(&pkcs11_providers)) != NULL) { |
132 |
|
|
TAILQ_REMOVE(&pkcs11_providers, p, next); |
133 |
|
|
pkcs11_provider_finalize(p); |
134 |
|
|
pkcs11_provider_unref(p); |
135 |
|
|
} |
136 |
|
|
} |
137 |
|
|
|
138 |
|
|
/* lookup provider by name */ |
139 |
|
|
static struct pkcs11_provider * |
140 |
|
|
pkcs11_provider_lookup(char *provider_id) |
141 |
|
|
{ |
142 |
|
|
struct pkcs11_provider *p; |
143 |
|
|
|
144 |
|
|
TAILQ_FOREACH(p, &pkcs11_providers, next) { |
145 |
|
|
debug("check %p %s", p, p->name); |
146 |
|
|
if (!strcmp(provider_id, p->name)) |
147 |
|
|
return (p); |
148 |
|
|
} |
149 |
|
|
return (NULL); |
150 |
|
|
} |
151 |
|
|
|
152 |
|
|
/* unregister provider by name */ |
153 |
|
|
int |
154 |
|
|
pkcs11_del_provider(char *provider_id) |
155 |
|
|
{ |
156 |
|
|
struct pkcs11_provider *p; |
157 |
|
|
|
158 |
|
|
if ((p = pkcs11_provider_lookup(provider_id)) != NULL) { |
159 |
|
|
TAILQ_REMOVE(&pkcs11_providers, p, next); |
160 |
|
|
pkcs11_provider_finalize(p); |
161 |
|
|
pkcs11_provider_unref(p); |
162 |
|
|
return (0); |
163 |
|
|
} |
164 |
|
|
return (-1); |
165 |
|
|
} |
166 |
|
|
|
167 |
|
|
/* openssl callback for freeing an RSA key */ |
168 |
|
|
static int |
169 |
|
|
pkcs11_rsa_finish(RSA *rsa) |
170 |
|
|
{ |
171 |
|
|
struct pkcs11_key *k11; |
172 |
|
|
int rv = -1; |
173 |
|
|
|
174 |
|
|
if ((k11 = RSA_get_app_data(rsa)) != NULL) { |
175 |
|
|
if (k11->orig_finish) |
176 |
|
|
rv = k11->orig_finish(rsa); |
177 |
|
|
if (k11->provider) |
178 |
|
|
pkcs11_provider_unref(k11->provider); |
179 |
|
|
free(k11->keyid); |
180 |
|
|
free(k11); |
181 |
|
|
} |
182 |
|
|
return (rv); |
183 |
|
|
} |
184 |
|
|
|
185 |
|
|
/* find a single 'obj' for given attributes */ |
186 |
|
|
static int |
187 |
|
|
pkcs11_find(struct pkcs11_provider *p, CK_ULONG slotidx, CK_ATTRIBUTE *attr, |
188 |
|
|
CK_ULONG nattr, CK_OBJECT_HANDLE *obj) |
189 |
|
|
{ |
190 |
|
|
CK_FUNCTION_LIST *f; |
191 |
|
|
CK_SESSION_HANDLE session; |
192 |
|
|
CK_ULONG nfound = 0; |
193 |
|
|
CK_RV rv; |
194 |
|
|
int ret = -1; |
195 |
|
|
|
196 |
|
|
f = p->function_list; |
197 |
|
|
session = p->slotinfo[slotidx].session; |
198 |
|
|
if ((rv = f->C_FindObjectsInit(session, attr, nattr)) != CKR_OK) { |
199 |
|
|
error("C_FindObjectsInit failed (nattr %lu): %lu", nattr, rv); |
200 |
|
|
return (-1); |
201 |
|
|
} |
202 |
|
|
if ((rv = f->C_FindObjects(session, obj, 1, &nfound)) != CKR_OK || |
203 |
|
|
nfound != 1) { |
204 |
|
|
debug("C_FindObjects failed (nfound %lu nattr %lu): %lu", |
205 |
|
|
nfound, nattr, rv); |
206 |
|
|
} else |
207 |
|
|
ret = 0; |
208 |
|
|
if ((rv = f->C_FindObjectsFinal(session)) != CKR_OK) |
209 |
|
|
error("C_FindObjectsFinal failed: %lu", rv); |
210 |
|
|
return (ret); |
211 |
|
|
} |
212 |
|
|
|
213 |
|
|
/* openssl callback doing the actual signing operation */ |
214 |
|
|
static int |
215 |
|
|
pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, |
216 |
|
|
int padding) |
217 |
|
|
{ |
218 |
|
|
struct pkcs11_key *k11; |
219 |
|
|
struct pkcs11_slotinfo *si; |
220 |
|
|
CK_FUNCTION_LIST *f; |
221 |
|
|
CK_OBJECT_HANDLE obj; |
222 |
|
|
CK_ULONG tlen = 0; |
223 |
|
|
CK_RV rv; |
224 |
|
|
CK_OBJECT_CLASS private_key_class = CKO_PRIVATE_KEY; |
225 |
|
|
CK_BBOOL true_val = CK_TRUE; |
226 |
|
|
CK_MECHANISM mech = { |
227 |
|
|
CKM_RSA_PKCS, NULL_PTR, 0 |
228 |
|
|
}; |
229 |
|
|
CK_ATTRIBUTE key_filter[] = { |
230 |
|
|
{CKA_CLASS, &private_key_class, sizeof(private_key_class) }, |
231 |
|
|
{CKA_ID, NULL, 0}, |
232 |
|
|
{CKA_SIGN, &true_val, sizeof(true_val) } |
233 |
|
|
}; |
234 |
|
|
char *pin = NULL, prompt[1024]; |
235 |
|
|
int rval = -1; |
236 |
|
|
|
237 |
|
|
if ((k11 = RSA_get_app_data(rsa)) == NULL) { |
238 |
|
|
error("RSA_get_app_data failed for rsa %p", rsa); |
239 |
|
|
return (-1); |
240 |
|
|
} |
241 |
|
|
if (!k11->provider || !k11->provider->valid) { |
242 |
|
|
error("no pkcs11 (valid) provider for rsa %p", rsa); |
243 |
|
|
return (-1); |
244 |
|
|
} |
245 |
|
|
f = k11->provider->function_list; |
246 |
|
|
si = &k11->provider->slotinfo[k11->slotidx]; |
247 |
|
|
if ((si->token.flags & CKF_LOGIN_REQUIRED) && !si->logged_in) { |
248 |
|
|
if (!pkcs11_interactive) { |
249 |
|
|
error("need pin entry%s", (si->token.flags & |
250 |
|
|
CKF_PROTECTED_AUTHENTICATION_PATH) ? |
251 |
|
|
" on reader keypad" : ""); |
252 |
|
|
return (-1); |
253 |
|
|
} |
254 |
|
|
if (si->token.flags & CKF_PROTECTED_AUTHENTICATION_PATH) |
255 |
|
|
verbose("Deferring PIN entry to reader keypad."); |
256 |
|
|
else { |
257 |
|
|
snprintf(prompt, sizeof(prompt), |
258 |
|
|
"Enter PIN for '%s': ", si->token.label); |
259 |
|
|
pin = read_passphrase(prompt, RP_ALLOW_EOF); |
260 |
|
|
if (pin == NULL) |
261 |
|
|
return (-1); /* bail out */ |
262 |
|
|
} |
263 |
|
|
rv = f->C_Login(si->session, CKU_USER, (u_char *)pin, |
264 |
|
|
(pin != NULL) ? strlen(pin) : 0); |
265 |
|
|
if (pin != NULL) { |
266 |
|
|
explicit_bzero(pin, strlen(pin)); |
267 |
|
|
free(pin); |
268 |
|
|
} |
269 |
|
|
if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) { |
270 |
|
|
error("C_Login failed: %lu", rv); |
271 |
|
|
return (-1); |
272 |
|
|
} |
273 |
|
|
si->logged_in = 1; |
274 |
|
|
} |
275 |
|
|
key_filter[1].pValue = k11->keyid; |
276 |
|
|
key_filter[1].ulValueLen = k11->keyid_len; |
277 |
|
|
/* try to find object w/CKA_SIGN first, retry w/o */ |
278 |
|
|
if (pkcs11_find(k11->provider, k11->slotidx, key_filter, 3, &obj) < 0 && |
279 |
|
|
pkcs11_find(k11->provider, k11->slotidx, key_filter, 2, &obj) < 0) { |
280 |
|
|
error("cannot find private key"); |
281 |
|
|
} else if ((rv = f->C_SignInit(si->session, &mech, obj)) != CKR_OK) { |
282 |
|
|
error("C_SignInit failed: %lu", rv); |
283 |
|
|
} else { |
284 |
|
|
/* XXX handle CKR_BUFFER_TOO_SMALL */ |
285 |
|
|
tlen = RSA_size(rsa); |
286 |
|
|
rv = f->C_Sign(si->session, (CK_BYTE *)from, flen, to, &tlen); |
287 |
|
|
if (rv == CKR_OK) |
288 |
|
|
rval = tlen; |
289 |
|
|
else |
290 |
|
|
error("C_Sign failed: %lu", rv); |
291 |
|
|
} |
292 |
|
|
return (rval); |
293 |
|
|
} |
294 |
|
|
|
295 |
|
|
static int |
296 |
|
|
pkcs11_rsa_private_decrypt(int flen, const u_char *from, u_char *to, RSA *rsa, |
297 |
|
|
int padding) |
298 |
|
|
{ |
299 |
|
|
return (-1); |
300 |
|
|
} |
301 |
|
|
|
302 |
|
|
/* redirect private key operations for rsa key to pkcs11 token */ |
303 |
|
|
static int |
304 |
|
|
pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, |
305 |
|
|
CK_ATTRIBUTE *keyid_attrib, RSA *rsa) |
306 |
|
|
{ |
307 |
|
|
struct pkcs11_key *k11; |
308 |
|
|
const RSA_METHOD *def = RSA_get_default_method(); |
309 |
|
|
|
310 |
|
|
k11 = xcalloc(1, sizeof(*k11)); |
311 |
|
|
k11->provider = provider; |
312 |
|
|
provider->refcount++; /* provider referenced by RSA key */ |
313 |
|
|
k11->slotidx = slotidx; |
314 |
|
|
/* identify key object on smartcard */ |
315 |
|
|
k11->keyid_len = keyid_attrib->ulValueLen; |
316 |
|
|
if (k11->keyid_len > 0) { |
317 |
|
|
k11->keyid = xmalloc(k11->keyid_len); |
318 |
|
|
memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); |
319 |
|
|
} |
320 |
|
|
k11->orig_finish = def->finish; |
321 |
|
|
memcpy(&k11->rsa_method, def, sizeof(k11->rsa_method)); |
322 |
|
|
k11->rsa_method.name = "pkcs11"; |
323 |
|
|
k11->rsa_method.rsa_priv_enc = pkcs11_rsa_private_encrypt; |
324 |
|
|
k11->rsa_method.rsa_priv_dec = pkcs11_rsa_private_decrypt; |
325 |
|
|
k11->rsa_method.finish = pkcs11_rsa_finish; |
326 |
|
|
RSA_set_method(rsa, &k11->rsa_method); |
327 |
|
|
RSA_set_app_data(rsa, k11); |
328 |
|
|
return (0); |
329 |
|
|
} |
330 |
|
|
|
331 |
|
|
/* remove trailing spaces */ |
332 |
|
|
static void |
333 |
|
|
rmspace(u_char *buf, size_t len) |
334 |
|
|
{ |
335 |
|
|
size_t i; |
336 |
|
|
|
337 |
|
|
if (!len) |
338 |
|
|
return; |
339 |
|
|
for (i = len - 1; i > 0; i--) |
340 |
|
|
if (i == len - 1 || buf[i] == ' ') |
341 |
|
|
buf[i] = '\0'; |
342 |
|
|
else |
343 |
|
|
break; |
344 |
|
|
} |
345 |
|
|
|
346 |
|
|
/* |
347 |
|
|
* open a pkcs11 session and login if required. |
348 |
|
|
* if pin == NULL we delay login until key use |
349 |
|
|
*/ |
350 |
|
|
static int |
351 |
|
|
pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin) |
352 |
|
|
{ |
353 |
|
|
CK_RV rv; |
354 |
|
|
CK_FUNCTION_LIST *f; |
355 |
|
|
CK_SESSION_HANDLE session; |
356 |
|
|
int login_required; |
357 |
|
|
|
358 |
|
|
f = p->function_list; |
359 |
|
|
login_required = p->slotinfo[slotidx].token.flags & CKF_LOGIN_REQUIRED; |
360 |
|
|
if (pin && login_required && !strlen(pin)) { |
361 |
|
|
error("pin required"); |
362 |
|
|
return (-1); |
363 |
|
|
} |
364 |
|
|
if ((rv = f->C_OpenSession(p->slotlist[slotidx], CKF_RW_SESSION| |
365 |
|
|
CKF_SERIAL_SESSION, NULL, NULL, &session)) |
366 |
|
|
!= CKR_OK) { |
367 |
|
|
error("C_OpenSession failed: %lu", rv); |
368 |
|
|
return (-1); |
369 |
|
|
} |
370 |
|
|
if (login_required && pin) { |
371 |
|
|
rv = f->C_Login(session, CKU_USER, |
372 |
|
|
(u_char *)pin, strlen(pin)); |
373 |
|
|
if (rv != CKR_OK && rv != CKR_USER_ALREADY_LOGGED_IN) { |
374 |
|
|
error("C_Login failed: %lu", rv); |
375 |
|
|
if ((rv = f->C_CloseSession(session)) != CKR_OK) |
376 |
|
|
error("C_CloseSession failed: %lu", rv); |
377 |
|
|
return (-1); |
378 |
|
|
} |
379 |
|
|
p->slotinfo[slotidx].logged_in = 1; |
380 |
|
|
} |
381 |
|
|
p->slotinfo[slotidx].session = session; |
382 |
|
|
return (0); |
383 |
|
|
} |
384 |
|
|
|
385 |
|
|
/* |
386 |
|
|
* lookup public keys for token in slot identified by slotidx, |
387 |
|
|
* add 'wrapped' public keys to the 'keysp' array and increment nkeys. |
388 |
|
|
* keysp points to an (possibly empty) array with *nkeys keys. |
389 |
|
|
*/ |
390 |
|
|
static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG, |
391 |
|
|
CK_ATTRIBUTE [], CK_ATTRIBUTE [3], struct sshkey ***, int *) |
392 |
|
|
__attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE)))); |
393 |
|
|
|
394 |
|
|
static int |
395 |
|
|
pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, |
396 |
|
|
struct sshkey ***keysp, int *nkeys) |
397 |
|
|
{ |
398 |
|
|
CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY; |
399 |
|
|
CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE; |
400 |
|
|
CK_ATTRIBUTE pubkey_filter[] = { |
401 |
|
|
{ CKA_CLASS, &pubkey_class, sizeof(pubkey_class) } |
402 |
|
|
}; |
403 |
|
|
CK_ATTRIBUTE cert_filter[] = { |
404 |
|
|
{ CKA_CLASS, &cert_class, sizeof(cert_class) } |
405 |
|
|
}; |
406 |
|
|
CK_ATTRIBUTE pubkey_attribs[] = { |
407 |
|
|
{ CKA_ID, NULL, 0 }, |
408 |
|
|
{ CKA_MODULUS, NULL, 0 }, |
409 |
|
|
{ CKA_PUBLIC_EXPONENT, NULL, 0 } |
410 |
|
|
}; |
411 |
|
|
CK_ATTRIBUTE cert_attribs[] = { |
412 |
|
|
{ CKA_ID, NULL, 0 }, |
413 |
|
|
{ CKA_SUBJECT, NULL, 0 }, |
414 |
|
|
{ CKA_VALUE, NULL, 0 } |
415 |
|
|
}; |
416 |
|
|
|
417 |
|
|
if (pkcs11_fetch_keys_filter(p, slotidx, pubkey_filter, pubkey_attribs, |
418 |
|
|
keysp, nkeys) < 0 || |
419 |
|
|
pkcs11_fetch_keys_filter(p, slotidx, cert_filter, cert_attribs, |
420 |
|
|
keysp, nkeys) < 0) |
421 |
|
|
return (-1); |
422 |
|
|
return (0); |
423 |
|
|
} |
424 |
|
|
|
425 |
|
|
static int |
426 |
|
|
pkcs11_key_included(struct sshkey ***keysp, int *nkeys, struct sshkey *key) |
427 |
|
|
{ |
428 |
|
|
int i; |
429 |
|
|
|
430 |
|
|
for (i = 0; i < *nkeys; i++) |
431 |
|
|
if (sshkey_equal(key, (*keysp)[i])) |
432 |
|
|
return (1); |
433 |
|
|
return (0); |
434 |
|
|
} |
435 |
|
|
|
436 |
|
|
static int |
437 |
|
|
pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx, |
438 |
|
|
CK_ATTRIBUTE filter[], CK_ATTRIBUTE attribs[3], |
439 |
|
|
struct sshkey ***keysp, int *nkeys) |
440 |
|
|
{ |
441 |
|
|
struct sshkey *key; |
442 |
|
|
RSA *rsa; |
443 |
|
|
X509 *x509; |
444 |
|
|
EVP_PKEY *evp; |
445 |
|
|
int i; |
446 |
|
|
const u_char *cp; |
447 |
|
|
CK_RV rv; |
448 |
|
|
CK_OBJECT_HANDLE obj; |
449 |
|
|
CK_ULONG nfound; |
450 |
|
|
CK_SESSION_HANDLE session; |
451 |
|
|
CK_FUNCTION_LIST *f; |
452 |
|
|
|
453 |
|
|
f = p->function_list; |
454 |
|
|
session = p->slotinfo[slotidx].session; |
455 |
|
|
/* setup a filter the looks for public keys */ |
456 |
|
|
if ((rv = f->C_FindObjectsInit(session, filter, 1)) != CKR_OK) { |
457 |
|
|
error("C_FindObjectsInit failed: %lu", rv); |
458 |
|
|
return (-1); |
459 |
|
|
} |
460 |
|
|
while (1) { |
461 |
|
|
/* XXX 3 attributes in attribs[] */ |
462 |
|
|
for (i = 0; i < 3; i++) { |
463 |
|
|
attribs[i].pValue = NULL; |
464 |
|
|
attribs[i].ulValueLen = 0; |
465 |
|
|
} |
466 |
|
|
if ((rv = f->C_FindObjects(session, &obj, 1, &nfound)) != CKR_OK |
467 |
|
|
|| nfound == 0) |
468 |
|
|
break; |
469 |
|
|
/* found a key, so figure out size of the attributes */ |
470 |
|
|
if ((rv = f->C_GetAttributeValue(session, obj, attribs, 3)) |
471 |
|
|
!= CKR_OK) { |
472 |
|
|
error("C_GetAttributeValue failed: %lu", rv); |
473 |
|
|
continue; |
474 |
|
|
} |
475 |
|
|
/* |
476 |
|
|
* Allow CKA_ID (always first attribute) to be empty, but |
477 |
|
|
* ensure that none of the others are zero length. |
478 |
|
|
* XXX assumes CKA_ID is always first. |
479 |
|
|
*/ |
480 |
|
|
if (attribs[1].ulValueLen == 0 || |
481 |
|
|
attribs[2].ulValueLen == 0) { |
482 |
|
|
continue; |
483 |
|
|
} |
484 |
|
|
/* allocate buffers for attributes */ |
485 |
|
|
for (i = 0; i < 3; i++) { |
486 |
|
|
if (attribs[i].ulValueLen > 0) { |
487 |
|
|
attribs[i].pValue = xmalloc( |
488 |
|
|
attribs[i].ulValueLen); |
489 |
|
|
} |
490 |
|
|
} |
491 |
|
|
|
492 |
|
|
/* |
493 |
|
|
* retrieve ID, modulus and public exponent of RSA key, |
494 |
|
|
* or ID, subject and value for certificates. |
495 |
|
|
*/ |
496 |
|
|
rsa = NULL; |
497 |
|
|
if ((rv = f->C_GetAttributeValue(session, obj, attribs, 3)) |
498 |
|
|
!= CKR_OK) { |
499 |
|
|
error("C_GetAttributeValue failed: %lu", rv); |
500 |
|
|
} else if (attribs[1].type == CKA_MODULUS ) { |
501 |
|
|
if ((rsa = RSA_new()) == NULL) { |
502 |
|
|
error("RSA_new failed"); |
503 |
|
|
} else { |
504 |
|
|
rsa->n = BN_bin2bn(attribs[1].pValue, |
505 |
|
|
attribs[1].ulValueLen, NULL); |
506 |
|
|
rsa->e = BN_bin2bn(attribs[2].pValue, |
507 |
|
|
attribs[2].ulValueLen, NULL); |
508 |
|
|
} |
509 |
|
|
} else { |
510 |
|
|
cp = attribs[2].pValue; |
511 |
|
|
if ((x509 = X509_new()) == NULL) { |
512 |
|
|
error("X509_new failed"); |
513 |
|
|
} else if (d2i_X509(&x509, &cp, attribs[2].ulValueLen) |
514 |
|
|
== NULL) { |
515 |
|
|
error("d2i_X509 failed"); |
516 |
|
|
} else if ((evp = X509_get_pubkey(x509)) == NULL || |
517 |
|
|
evp->type != EVP_PKEY_RSA || |
518 |
|
|
evp->pkey.rsa == NULL) { |
519 |
|
|
debug("X509_get_pubkey failed or no rsa"); |
520 |
|
|
} else if ((rsa = RSAPublicKey_dup(evp->pkey.rsa)) |
521 |
|
|
== NULL) { |
522 |
|
|
error("RSAPublicKey_dup"); |
523 |
|
|
} |
524 |
|
|
if (x509) |
525 |
|
|
X509_free(x509); |
526 |
|
|
} |
527 |
|
|
if (rsa && rsa->n && rsa->e && |
528 |
|
|
pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) { |
529 |
|
|
if ((key = sshkey_new(KEY_UNSPEC)) == NULL) |
530 |
|
|
fatal("sshkey_new failed"); |
531 |
|
|
key->rsa = rsa; |
532 |
|
|
key->type = KEY_RSA; |
533 |
|
|
key->flags |= SSHKEY_FLAG_EXT; |
534 |
|
|
if (pkcs11_key_included(keysp, nkeys, key)) { |
535 |
|
|
sshkey_free(key); |
536 |
|
|
} else { |
537 |
|
|
/* expand key array and add key */ |
538 |
|
|
*keysp = xrecallocarray(*keysp, *nkeys, |
539 |
|
|
*nkeys + 1, sizeof(struct sshkey *)); |
540 |
|
|
(*keysp)[*nkeys] = key; |
541 |
|
|
*nkeys = *nkeys + 1; |
542 |
|
|
debug("have %d keys", *nkeys); |
543 |
|
|
} |
544 |
|
|
} else if (rsa) { |
545 |
|
|
RSA_free(rsa); |
546 |
|
|
} |
547 |
|
|
for (i = 0; i < 3; i++) |
548 |
|
|
free(attribs[i].pValue); |
549 |
|
|
} |
550 |
|
|
if ((rv = f->C_FindObjectsFinal(session)) != CKR_OK) |
551 |
|
|
error("C_FindObjectsFinal failed: %lu", rv); |
552 |
|
|
return (0); |
553 |
|
|
} |
554 |
|
|
|
555 |
|
|
#ifdef HAVE_DLOPEN |
556 |
|
|
/* register a new provider, fails if provider already exists */ |
557 |
|
|
int |
558 |
|
|
pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp) |
559 |
|
|
{ |
560 |
|
|
int nkeys, need_finalize = 0; |
561 |
|
|
struct pkcs11_provider *p = NULL; |
562 |
|
|
void *handle = NULL; |
563 |
|
|
CK_RV (*getfunctionlist)(CK_FUNCTION_LIST **); |
564 |
|
|
CK_RV rv; |
565 |
|
|
CK_FUNCTION_LIST *f = NULL; |
566 |
|
|
CK_TOKEN_INFO *token; |
567 |
|
|
CK_ULONG i; |
568 |
|
|
|
569 |
|
|
*keyp = NULL; |
570 |
|
|
if (pkcs11_provider_lookup(provider_id) != NULL) { |
571 |
|
|
debug("%s: provider already registered: %s", |
572 |
|
|
__func__, provider_id); |
573 |
|
|
goto fail; |
574 |
|
|
} |
575 |
|
|
/* open shared pkcs11-libarary */ |
576 |
|
|
if ((handle = dlopen(provider_id, RTLD_NOW)) == NULL) { |
577 |
|
|
error("dlopen %s failed: %s", provider_id, dlerror()); |
578 |
|
|
goto fail; |
579 |
|
|
} |
580 |
|
|
if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) { |
581 |
|
|
error("dlsym(C_GetFunctionList) failed: %s", dlerror()); |
582 |
|
|
goto fail; |
583 |
|
|
} |
584 |
|
|
p = xcalloc(1, sizeof(*p)); |
585 |
|
|
p->name = xstrdup(provider_id); |
586 |
|
|
p->handle = handle; |
587 |
|
|
/* setup the pkcs11 callbacks */ |
588 |
|
|
if ((rv = (*getfunctionlist)(&f)) != CKR_OK) { |
589 |
|
|
error("C_GetFunctionList for provider %s failed: %lu", |
590 |
|
|
provider_id, rv); |
591 |
|
|
goto fail; |
592 |
|
|
} |
593 |
|
|
p->function_list = f; |
594 |
|
|
if ((rv = f->C_Initialize(NULL)) != CKR_OK) { |
595 |
|
|
error("C_Initialize for provider %s failed: %lu", |
596 |
|
|
provider_id, rv); |
597 |
|
|
goto fail; |
598 |
|
|
} |
599 |
|
|
need_finalize = 1; |
600 |
|
|
if ((rv = f->C_GetInfo(&p->info)) != CKR_OK) { |
601 |
|
|
error("C_GetInfo for provider %s failed: %lu", |
602 |
|
|
provider_id, rv); |
603 |
|
|
goto fail; |
604 |
|
|
} |
605 |
|
|
rmspace(p->info.manufacturerID, sizeof(p->info.manufacturerID)); |
606 |
|
|
rmspace(p->info.libraryDescription, sizeof(p->info.libraryDescription)); |
607 |
|
|
debug("provider %s: manufacturerID <%s> cryptokiVersion %d.%d" |
608 |
|
|
" libraryDescription <%s> libraryVersion %d.%d", |
609 |
|
|
provider_id, |
610 |
|
|
p->info.manufacturerID, |
611 |
|
|
p->info.cryptokiVersion.major, |
612 |
|
|
p->info.cryptokiVersion.minor, |
613 |
|
|
p->info.libraryDescription, |
614 |
|
|
p->info.libraryVersion.major, |
615 |
|
|
p->info.libraryVersion.minor); |
616 |
|
|
if ((rv = f->C_GetSlotList(CK_TRUE, NULL, &p->nslots)) != CKR_OK) { |
617 |
|
|
error("C_GetSlotList failed: %lu", rv); |
618 |
|
|
goto fail; |
619 |
|
|
} |
620 |
|
|
if (p->nslots == 0) { |
621 |
|
|
debug("%s: provider %s returned no slots", __func__, |
622 |
|
|
provider_id); |
623 |
|
|
goto fail; |
624 |
|
|
} |
625 |
|
|
p->slotlist = xcalloc(p->nslots, sizeof(CK_SLOT_ID)); |
626 |
|
|
if ((rv = f->C_GetSlotList(CK_TRUE, p->slotlist, &p->nslots)) |
627 |
|
|
!= CKR_OK) { |
628 |
|
|
error("C_GetSlotList for provider %s failed: %lu", |
629 |
|
|
provider_id, rv); |
630 |
|
|
goto fail; |
631 |
|
|
} |
632 |
|
|
p->slotinfo = xcalloc(p->nslots, sizeof(struct pkcs11_slotinfo)); |
633 |
|
|
p->valid = 1; |
634 |
|
|
nkeys = 0; |
635 |
|
|
for (i = 0; i < p->nslots; i++) { |
636 |
|
|
token = &p->slotinfo[i].token; |
637 |
|
|
if ((rv = f->C_GetTokenInfo(p->slotlist[i], token)) |
638 |
|
|
!= CKR_OK) { |
639 |
|
|
error("C_GetTokenInfo for provider %s slot %lu " |
640 |
|
|
"failed: %lu", provider_id, (unsigned long)i, rv); |
641 |
|
|
continue; |
642 |
|
|
} |
643 |
|
|
if ((token->flags & CKF_TOKEN_INITIALIZED) == 0) { |
644 |
|
|
debug2("%s: ignoring uninitialised token in " |
645 |
|
|
"provider %s slot %lu", __func__, |
646 |
|
|
provider_id, (unsigned long)i); |
647 |
|
|
continue; |
648 |
|
|
} |
649 |
|
|
rmspace(token->label, sizeof(token->label)); |
650 |
|
|
rmspace(token->manufacturerID, sizeof(token->manufacturerID)); |
651 |
|
|
rmspace(token->model, sizeof(token->model)); |
652 |
|
|
rmspace(token->serialNumber, sizeof(token->serialNumber)); |
653 |
|
|
debug("provider %s slot %lu: label <%s> manufacturerID <%s> " |
654 |
|
|
"model <%s> serial <%s> flags 0x%lx", |
655 |
|
|
provider_id, (unsigned long)i, |
656 |
|
|
token->label, token->manufacturerID, token->model, |
657 |
|
|
token->serialNumber, token->flags); |
658 |
|
|
/* open session, login with pin and retrieve public keys */ |
659 |
|
|
if (pkcs11_open_session(p, i, pin) == 0) |
660 |
|
|
pkcs11_fetch_keys(p, i, keyp, &nkeys); |
661 |
|
|
} |
662 |
|
|
if (nkeys > 0) { |
663 |
|
|
TAILQ_INSERT_TAIL(&pkcs11_providers, p, next); |
664 |
|
|
p->refcount++; /* add to provider list */ |
665 |
|
|
return (nkeys); |
666 |
|
|
} |
667 |
|
|
debug("%s: provider %s returned no keys", __func__, provider_id); |
668 |
|
|
/* don't add the provider, since it does not have any keys */ |
669 |
|
|
fail: |
670 |
|
|
if (need_finalize && (rv = f->C_Finalize(NULL)) != CKR_OK) |
671 |
|
|
error("C_Finalize for provider %s failed: %lu", |
672 |
|
|
provider_id, rv); |
673 |
|
|
if (p) { |
674 |
|
|
free(p->slotlist); |
675 |
|
|
free(p->slotinfo); |
676 |
|
|
free(p); |
677 |
|
|
} |
678 |
|
|
if (handle) |
679 |
|
|
dlclose(handle); |
680 |
|
|
return (-1); |
681 |
|
|
} |
682 |
|
|
#else |
683 |
|
|
int |
684 |
|
|
pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp) |
685 |
|
|
{ |
686 |
|
|
error("dlopen() not supported"); |
687 |
|
|
return (-1); |
688 |
|
|
} |
689 |
|
|
#endif |