xref: /optee_os-3.20.0/ta/pkcs11/src/pkcs11_attributes.c

1255 static enum pkcs11_rc check_attrs_misc_integrity(struct obj_attrs *head)  in check_attrs_misc_integrity()  argument
1257 	if (get_bool(head, PKCS11_CKA_NEVER_EXTRACTABLE) &&  in check_attrs_misc_integrity()
1258 	    get_bool(head, PKCS11_CKA_EXTRACTABLE)) {  in check_attrs_misc_integrity()
1260 		     get_bool(head, PKCS11_CKA_NEVER_EXTRACTABLE),  in check_attrs_misc_integrity()
1261 		     get_bool(head, PKCS11_CKA_EXTRACTABLE));  in check_attrs_misc_integrity()
1266 	if (get_bool(head, PKCS11_CKA_ALWAYS_SENSITIVE) &&  in check_attrs_misc_integrity()
1267 	    !get_bool(head, PKCS11_CKA_SENSITIVE)) {  in check_attrs_misc_integrity()
1269 		     get_bool(head, PKCS11_CKA_SENSITIVE),  in check_attrs_misc_integrity()
1270 		     get_bool(head, PKCS11_CKA_ALWAYS_SENSITIVE));  in check_attrs_misc_integrity()
1278 bool object_is_private(struct obj_attrs *head)  in object_is_private()  argument
1280 	return get_bool(head, PKCS11_CKA_PRIVATE);  in object_is_private()
1283 bool object_is_token(struct obj_attrs *head)  in object_is_token()  argument
1285 	return get_bool(head, PKCS11_CKA_TOKEN);  in object_is_token()
1288 bool object_is_modifiable(struct obj_attrs *head)  in object_is_modifiable()  argument
1290 	return get_bool(head, PKCS11_CKA_MODIFIABLE);  in object_is_modifiable()
1293 bool object_is_copyable(struct obj_attrs *head)  in object_is_copyable()  argument
1295 	return get_bool(head, PKCS11_CKA_COPYABLE);  in object_is_copyable()
1302 						struct obj_attrs *head)  in check_access_attrs_against_token()  argument
1306 	switch (get_class(head)) {  in check_access_attrs_against_token()
1312 		private = object_is_private(head);  in check_access_attrs_against_token()
1332 						 struct obj_attrs *head)  in check_created_attrs_against_token()  argument
1336 	rc = check_attrs_misc_integrity(head);  in check_created_attrs_against_token()
1340 	if (get_bool(head, PKCS11_CKA_TRUSTED) &&  in check_created_attrs_against_token()
1347 	if (get_bool(head, PKCS11_CKA_TOKEN) &&  in check_created_attrs_against_token()
1360 #define DMSG_BAD_BBOOL(attr, proc, head)				\  argument
1366 		_rc = get_attribute((head), _attr, &_bvalue, NULL);	\
1373 					   struct obj_attrs *head,  in check_attr_bval()  argument
1379 	if (!get_attribute(head, attribute, &bbool, &sz) && !!bbool == val)  in check_attr_bval()
1382 	DMSG_BAD_BBOOL(attribute, proc_id, head);  in check_attr_bval()
1394 						      struct obj_attrs *head)  in check_created_attrs_against_processing()  argument
1408 		assert(check_attr_bval(proc_id, head, PKCS11_CKA_LOCAL, false));  in check_created_attrs_against_processing()
1415 		assert(check_attr_bval(proc_id, head, PKCS11_CKA_LOCAL, true));  in check_created_attrs_against_processing()
1424 		assert(get_key_type(head) == PKCS11_CKK_GENERIC_SECRET);  in check_created_attrs_against_processing()
1427 		assert(get_key_type(head) == PKCS11_CKK_AES);  in check_created_attrs_against_processing()
1430 		assert(get_key_type(head) == PKCS11_CKK_EC_EDWARDS);  in check_created_attrs_against_processing()
1433 		assert(get_key_type(head) == PKCS11_CKK_EC);  in check_created_attrs_against_processing()
1436 		assert(get_key_type(head) == PKCS11_CKK_RSA);  in check_created_attrs_against_processing()
1623 						    struct obj_attrs *head)  in parent_key_complies_allowed_processings()  argument
1631 	rc = get_attribute_ptr(head, PKCS11_CKA_ALLOWED_MECHANISMS,  in parent_key_complies_allowed_processings()
1677 				      struct obj_attrs *head)  in check_parent_attrs_against_processing()  argument
1679 	enum pkcs11_class_id key_class = get_class(head);  in check_parent_attrs_against_processing()
1680 	enum pkcs11_key_type key_type = get_key_type(head);  in check_parent_attrs_against_processing()
1683 	if (!get_bool(head, attr)) {  in check_parent_attrs_against_processing()
1716 		if (get_bool(head, PKCS11_CKA_ENCRYPT)) {  in check_parent_attrs_against_processing()
1857 	if (!parent_key_complies_allowed_processings(proc_id, head)) {  in check_parent_attrs_against_processing()
2114 						struct obj_attrs *head,  in check_attrs_against_modification()  argument
2125 	cur = (char *)head + sizeof(struct obj_attrs);  in check_attrs_against_modification()
2126 	end = cur + head->attrs_size;  in check_attrs_against_modification()
2162 		    get_bool(head, PKCS11_CKA_TOKEN)) {  in check_attrs_against_modification()
2172 			bool obj_priv = get_bool(head, cli_ref.id);  in check_attrs_against_modification()
2196 static enum pkcs11_rc set_secret_key_data(struct obj_attrs **head, void *data,  in set_secret_key_data()  argument
2204 	rc = get_attribute(*head, PKCS11_CKA_VALUE_LEN, &key_length, &size);  in set_secret_key_data()
2213 		rc = set_attribute(head, PKCS11_CKA_VALUE_LEN, &key_length,  in set_secret_key_data()
2220 	rc = check_created_attrs(*head, NULL);  in set_secret_key_data()
2225 	rc = remove_empty_attribute(head, PKCS11_CKA_VALUE);  in set_secret_key_data()
2229 	return add_attribute(head, PKCS11_CKA_VALUE, data, key_length);  in set_secret_key_data()
2232 static enum pkcs11_rc set_private_key_data_rsa(struct obj_attrs **head,  in set_private_key_data_rsa()  argument
2250 	rc = get_u32_attribute(*head, PKCS11_CKA_MODULUS_BITS, &key_bits);  in set_private_key_data_rsa()
2254 	if (remove_empty_attribute(head, PKCS11_CKA_MODULUS) ||  in set_private_key_data_rsa()
2255 	    remove_empty_attribute(head, PKCS11_CKA_PUBLIC_EXPONENT) ||  in set_private_key_data_rsa()
2256 	    remove_empty_attribute(head, PKCS11_CKA_PRIVATE_EXPONENT) ||  in set_private_key_data_rsa()
2257 	    remove_empty_attribute(head, PKCS11_CKA_PRIME_1) ||  in set_private_key_data_rsa()
2258 	    remove_empty_attribute(head, PKCS11_CKA_PRIME_2))  in set_private_key_data_rsa()
2300 	rc = add_attribute(head, PKCS11_CKA_MODULUS, buffer, size);  in set_private_key_data_rsa()
2316 	rc = add_attribute(head, PKCS11_CKA_PUBLIC_EXPONENT, buffer, size);  in set_private_key_data_rsa()
2332 	rc = add_attribute(head, PKCS11_CKA_PRIVATE_EXPONENT, buffer, size);  in set_private_key_data_rsa()
2348 	rc = add_attribute(head, PKCS11_CKA_PRIME_1, buffer, size);  in set_private_key_data_rsa()
2364 	rc = add_attribute(head, PKCS11_CKA_PRIME_2, buffer, size);  in set_private_key_data_rsa()
2377 enum pkcs11_rc set_key_data(struct obj_attrs **head, void *data,  in set_key_data()  argument
2380 	switch (get_class(*head)) {  in set_key_data()
2382 		return set_secret_key_data(head, data, key_size);  in set_key_data()
2384 		if (get_key_type(*head) == PKCS11_CKK_RSA)  in set_key_data()
2385 			return set_private_key_data_rsa(head, data, key_size);  in set_key_data()
2394 static enum pkcs11_rc alloc_copy_attribute_value(struct obj_attrs *head,  in alloc_copy_attribute_value()  argument
2401 	rc = get_attribute_ptr(head, PKCS11_CKA_VALUE, &value, sz);  in alloc_copy_attribute_value()
2416 encode_rsa_private_key_der(struct obj_attrs *head, void **data, uint32_t *sz)  in encode_rsa_private_key_der()  argument
2445 	rc = get_attribute_ptr(head, PKCS11_CKA_MODULUS, &n, &n_len);  in encode_rsa_private_key_der()
2449 	rc = get_attribute_ptr(head, PKCS11_CKA_PRIME_1, &p, &p_len);  in encode_rsa_private_key_der()
2453 	rc = get_attribute_ptr(head, PKCS11_CKA_PRIME_2, &q, &q_len);  in encode_rsa_private_key_der()
2457 	rc = get_attribute_ptr(head, PKCS11_CKA_PRIVATE_EXPONENT, &d, &d_len);  in encode_rsa_private_key_der()
2461 	rc = get_attribute_ptr(head, PKCS11_CKA_PUBLIC_EXPONENT, &e, &e_len);  in encode_rsa_private_key_der()
2513 enum pkcs11_rc alloc_key_data_to_wrap(struct obj_attrs *head, void **data,  in alloc_key_data_to_wrap()  argument
2518 	switch (get_class(head)) {  in alloc_key_data_to_wrap()
2520 		rc = alloc_copy_attribute_value(head, data, sz);  in alloc_key_data_to_wrap()
2523 		if (get_key_type(head) == PKCS11_CKK_RSA)  in alloc_key_data_to_wrap()
2524 			rc = encode_rsa_private_key_der(head, data, sz);  in alloc_key_data_to_wrap()

Last Index update Sun Aug 20 00:18:20 CST 2023