1 /* $NetBSD: evp-pkcs11.c,v 1.4 2023/06/19 21:41:43 christos Exp $ */
2
3 /*
4 * Copyright (c) 2015-2016, Secure Endpoints Inc.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * - Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 *
14 * - Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
22 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
24 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
26 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
28 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
30 * OF THE POSSIBILITY OF SUCH DAMAGE.
31 */
32
33 /* PKCS#11 provider */
34
35 #include <config.h>
36 #include <krb5/roken.h>
37 #include <assert.h>
38 #ifdef HAVE_DLFCN_H
39 #include <dlfcn.h>
40 #ifndef RTLD_LAZY
41 #define RTLD_LAZY 0
42 #endif
43 #ifndef RTLD_LOCAL
44 #define RTLD_LOCAL 0
45 #endif
46 #ifndef RTLD_GROUP
47 #define RTLD_GROUP 0
48 #endif
49 #ifndef RTLD_NODELETE
50 #define RTLD_NODELETE 0
51 #endif
52 #else
53 #error PKCS11 support requires dlfcn.h
54 #endif
55
56 #include <krb5/heimbase.h>
57
58 #include <evp.h>
59 #include <evp-hcrypto.h>
60 #include <evp-pkcs11.h>
61
62 #include <ref/pkcs11.h>
63
64 #if __sun && !defined(PKCS11_MODULE_PATH)
65 # ifdef _LP64
66 # define PKCS11_MODULE_PATH "/usr/lib/64/libpkcs11.so"
67 # else
68 # define PKCS11_MODULE_PATH "/usr/lib/libpkcs11.so"
69 # endif
70 #elif defined(__linux__)
71 /*
72 * XXX We should have an autoconf check for OpenCryptoki and such
73 * things. However, there's no AC_CHECK_OBJECT(), and we'd have to
74 * write one. Today I'm feeling lazy. Another possibility would be to
75 * have a symlink from the libdir we'll install into, and then we could
76 * dlopen() that on all platforms.
77 *
78 * XXX Also, we should pick an appropriate shared object based on 32- vs
79 * 64-bits.
80 */
81 # define PKCS11_MODULE_PATH "/usr/lib/pkcs11/PKCS11_API.so"
82 #endif
83
84 static CK_FUNCTION_LIST_PTR p11_module;
85
86 static int
87 p11_cleanup(EVP_CIPHER_CTX *ctx);
88
89 struct pkcs11_cipher_ctx {
90 CK_SESSION_HANDLE hSession;
91 CK_OBJECT_HANDLE hSecret;
92 };
93
94 struct pkcs11_md_ctx {
95 CK_SESSION_HANDLE hSession;
96 };
97
98 static void *pkcs11_module_handle;
99
100 static CK_RV
p11_module_load(CK_FUNCTION_LIST_PTR_PTR ppFunctionList)101 p11_module_load(CK_FUNCTION_LIST_PTR_PTR ppFunctionList)
102 {
103 CK_RV rv;
104 CK_RV (*C_GetFunctionList_fn)(CK_FUNCTION_LIST_PTR_PTR);
105
106 *ppFunctionList = NULL;
107
108 if (!issuid()) {
109 char *pkcs11ModulePath = getenv("PKCS11_MODULE_PATH");
110 if (pkcs11ModulePath != NULL) {
111 pkcs11_module_handle =
112 dlopen(pkcs11ModulePath,
113 RTLD_LAZY | RTLD_LOCAL | RTLD_GROUP | RTLD_NODELETE);
114 if (pkcs11_module_handle == NULL)
115 fprintf(stderr, "p11_module_load(%s): %s\n", pkcs11ModulePath, dlerror());
116 }
117 }
118 #ifdef PKCS11_MODULE_PATH
119 if (pkcs11_module_handle == NULL) {
120 pkcs11_module_handle =
121 dlopen(PKCS11_MODULE_PATH,
122 RTLD_LAZY | RTLD_LOCAL | RTLD_GROUP | RTLD_NODELETE);
123 if (pkcs11_module_handle == NULL)
124 fprintf(stderr, "p11_module_load(%s): %s\n", PKCS11_MODULE_PATH, dlerror());
125 }
126 #endif
127 if (pkcs11_module_handle == NULL)
128 return CKR_LIBRARY_LOAD_FAILED;
129
130 C_GetFunctionList_fn = (CK_RV (*)(CK_FUNCTION_LIST_PTR_PTR))
131 dlsym(pkcs11_module_handle, "C_GetFunctionList");
132 if (C_GetFunctionList_fn == NULL) {
133 dlclose(pkcs11_module_handle);
134 return CKR_LIBRARY_LOAD_FAILED;
135 }
136
137 rv = C_GetFunctionList_fn(ppFunctionList);
138 if (rv != CKR_OK) {
139 dlclose(pkcs11_module_handle);
140 return rv;
141 }
142
143 return CKR_OK;
144 }
145
146 static void
p11_module_load_once(void * context)147 p11_module_load_once(void *context)
148 {
149 p11_module_load((CK_FUNCTION_LIST_PTR_PTR)context);
150 }
151
152 static CK_RV
p11_module_init(void)153 p11_module_init(void)
154 {
155 static heim_base_once_t once = HEIM_BASE_ONCE_INIT;
156 CK_RV rv;
157
158 heim_base_once_f(&once, &p11_module, p11_module_load_once);
159
160 if (p11_module == NULL)
161 return CKR_LIBRARY_LOAD_FAILED;
162
163 /*
164 * Call C_Initialize() on every call, because it will be invalid after fork().
165 * Caching the initialization status using a once control and invalidating it
166 * on fork provided no measurable performance benefit on Solaris 11. Other
167 * approaches would not be thread-safe or would involve more intrusive code
168 * changes, such as exposing heimbase's atomics.
169 */
170 rv = p11_module->C_Initialize(NULL);
171 if (rv == CKR_CRYPTOKI_ALREADY_INITIALIZED)
172 rv = CKR_OK;
173
174 return rv;
175 }
176
177 static CK_RV
p11_session_init(CK_MECHANISM_TYPE mechanismType,CK_SESSION_HANDLE_PTR phSession,CK_FLAGS * pFlags)178 p11_session_init(CK_MECHANISM_TYPE mechanismType,
179 CK_SESSION_HANDLE_PTR phSession,
180 CK_FLAGS *pFlags)
181 {
182 CK_RV rv;
183 CK_ULONG i, ulSlotCount = 0;
184 CK_SLOT_ID_PTR pSlotList = NULL;
185 CK_MECHANISM_INFO info;
186
187 if (phSession != NULL)
188 *phSession = CK_INVALID_HANDLE;
189
190 *pFlags = 0;
191
192 rv = p11_module_init();
193 if (rv != CKR_OK)
194 goto cleanup;
195
196 assert(p11_module != NULL);
197
198 rv = p11_module->C_GetSlotList(CK_FALSE, NULL, &ulSlotCount);
199 if (rv != CKR_OK)
200 goto cleanup;
201
202 pSlotList = (CK_SLOT_ID_PTR)calloc(ulSlotCount, sizeof(CK_SLOT_ID));
203 if (pSlotList == NULL) {
204 rv = CKR_HOST_MEMORY;
205 goto cleanup;
206 }
207
208 rv = p11_module->C_GetSlotList(CK_FALSE, pSlotList, &ulSlotCount);
209 if (rv != CKR_OK)
210 goto cleanup;
211
212 /*
213 * Note that this approach of using the first slot that supports the desired
214 * mechanism may not always be what the user wants (for example it may prefer
215 * software to hardware crypto). We're going to assume that this code will be
216 * principally used on Solaris (which has a meta-slot provider that sorts by
217 * hardware first) or in situations where the user can configure the slots in
218 * order of provider preference. In the future we should make this configurable.
219 */
220 for (i = 0; i < ulSlotCount; i++) {
221 rv = p11_module->C_GetMechanismInfo(pSlotList[i], mechanismType, &info);
222 if (rv == CKR_OK) {
223 *pFlags = info.flags;
224 break;
225 }
226 }
227
228 if (i == ulSlotCount) {
229 rv = CKR_MECHANISM_INVALID;
230 goto cleanup;
231 }
232
233 if (phSession != NULL) {
234 rv = p11_module->C_OpenSession(pSlotList[i], CKF_SERIAL_SESSION, NULL, NULL, phSession);
235 if (rv != CKR_OK)
236 goto cleanup;
237 }
238
239 cleanup:
240 free(pSlotList);
241
242 return rv;
243 }
244
245 static int
p11_mech_available_p(CK_MECHANISM_TYPE mechanismType,CK_FLAGS reqFlags)246 p11_mech_available_p(CK_MECHANISM_TYPE mechanismType, CK_FLAGS reqFlags)
247 {
248 CK_RV rv;
249 CK_FLAGS flags;
250
251 rv = p11_session_init(mechanismType, NULL, &flags);
252 if (rv != CKR_OK)
253 return 0;
254
255 return (flags & reqFlags) == reqFlags;
256 }
257
258 static CK_KEY_TYPE
p11_key_type_for_mech(CK_MECHANISM_TYPE mechanismType)259 p11_key_type_for_mech(CK_MECHANISM_TYPE mechanismType)
260 {
261 CK_KEY_TYPE keyType = 0;
262
263 switch (mechanismType) {
264 case CKM_RC2_CBC:
265 keyType = CKK_RC2;
266 break;
267 case CKM_RC4:
268 keyType = CKK_RC4;
269 break;
270 case CKM_DES_CBC:
271 keyType = CKK_DES;
272 break;
273 case CKM_DES3_CBC:
274 keyType = CKK_DES3;
275 break;
276 case CKM_AES_CBC:
277 case CKM_AES_CFB8:
278 keyType = CKK_AES;
279 break;
280 case CKM_CAMELLIA_CBC:
281 keyType = CKK_CAMELLIA;
282 break;
283 default:
284 assert(0 && "Unknown PKCS#11 mechanism type");
285 break;
286 }
287
288 return keyType;
289 }
290
291 static int
p11_key_init(EVP_CIPHER_CTX * ctx,const unsigned char * key,const unsigned char * iv,int encp)292 p11_key_init(EVP_CIPHER_CTX *ctx,
293 const unsigned char *key,
294 const unsigned char *iv,
295 int encp)
296 {
297 CK_RV rv;
298 CK_BBOOL bFalse = CK_FALSE;
299 CK_BBOOL bTrue = CK_TRUE;
300 CK_MECHANISM_TYPE mechanismType = (CK_MECHANISM_TYPE)ctx->cipher->app_data;
301 CK_KEY_TYPE keyType = p11_key_type_for_mech(mechanismType);
302 CK_OBJECT_CLASS objectClass = CKO_SECRET_KEY;
303 CK_ATTRIBUTE_TYPE op = encp ? CKA_ENCRYPT : CKA_DECRYPT;
304 CK_ATTRIBUTE attributes[] = {
305 { CKA_EXTRACTABLE, &bFalse, sizeof(bFalse) },
306 { CKA_CLASS, &objectClass, sizeof(objectClass) },
307 { CKA_KEY_TYPE, &keyType, sizeof(keyType) },
308 { CKA_TOKEN, &bFalse, sizeof(bFalse) },
309 { CKA_PRIVATE, &bFalse, sizeof(bFalse) },
310 { CKA_SENSITIVE, &bTrue, sizeof(bTrue) },
311 { CKA_VALUE, (void *)key, ctx->key_len },
312 { op, &bTrue, sizeof(bTrue) }
313 };
314 CK_MECHANISM mechanism = {
315 mechanismType,
316 ctx->cipher->iv_len ? ctx->iv : NULL,
317 ctx->cipher->iv_len
318 };
319 struct pkcs11_cipher_ctx *p11ctx = (struct pkcs11_cipher_ctx *)ctx->cipher_data;
320 CK_FLAGS flags;
321
322 rv = CKR_OK;
323
324 if (p11ctx->hSession != CK_INVALID_HANDLE && key != NULL)
325 p11_cleanup(ctx); /* refresh session with new key */
326
327 if (p11ctx->hSession == CK_INVALID_HANDLE) {
328 rv = p11_session_init(mechanismType, &p11ctx->hSession, &flags);
329 if (rv != CKR_OK)
330 goto cleanup;
331
332 if ((flags & (CKF_ENCRYPT|CKF_DECRYPT)) != (CKF_ENCRYPT|CKF_DECRYPT)) {
333 rv = CKR_MECHANISM_INVALID;
334 goto cleanup;
335 }
336 }
337
338 if (key != NULL) {
339 assert(p11_module != NULL);
340 assert(p11ctx->hSecret == CK_INVALID_HANDLE);
341
342 rv = p11_module->C_CreateObject(p11ctx->hSession, attributes,
343 sizeof(attributes) / sizeof(attributes[0]),
344 &p11ctx->hSecret);
345 if (rv != CKR_OK)
346 goto cleanup;
347 }
348
349 if (p11ctx->hSecret != CK_INVALID_HANDLE) {
350 if (op == CKA_ENCRYPT)
351 rv = p11_module->C_EncryptInit(p11ctx->hSession, &mechanism, p11ctx->hSecret);
352 else
353 rv = p11_module->C_DecryptInit(p11ctx->hSession, &mechanism, p11ctx->hSecret);
354 if (rv != CKR_OK)
355 goto cleanup;
356 }
357
358 cleanup:
359 if (rv != CKR_OK)
360 p11_cleanup(ctx);
361
362 return rv == CKR_OK;
363 }
364
365 static int
p11_do_cipher(EVP_CIPHER_CTX * ctx,unsigned char * out,const unsigned char * in,unsigned int size)366 p11_do_cipher(EVP_CIPHER_CTX *ctx,
367 unsigned char *out,
368 const unsigned char *in,
369 unsigned int size)
370 {
371 struct pkcs11_cipher_ctx *p11ctx = (struct pkcs11_cipher_ctx *)ctx->cipher_data;
372 CK_RV rv;
373 CK_ULONG ulCipherTextLen = size;
374
375 assert(p11_module != NULL);
376 assert(EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_STREAM_CIPHER ||
377 (size % ctx->cipher->block_size) == 0);
378
379 if (ctx->encrypt)
380 rv = p11_module->C_EncryptUpdate(p11ctx->hSession, (unsigned char *)in, size, out, &ulCipherTextLen);
381 else
382 rv = p11_module->C_DecryptUpdate(p11ctx->hSession, (unsigned char *)in, size, out, &ulCipherTextLen);
383
384 return rv == CKR_OK;
385 }
386
387 static int
p11_cleanup(EVP_CIPHER_CTX * ctx)388 p11_cleanup(EVP_CIPHER_CTX *ctx)
389 {
390 struct pkcs11_cipher_ctx *p11ctx = (struct pkcs11_cipher_ctx *)ctx->cipher_data;
391
392 if (p11ctx->hSecret != CK_INVALID_HANDLE) {
393 p11_module->C_DestroyObject(p11ctx->hSession, p11ctx->hSecret);
394 p11ctx->hSecret = CK_INVALID_HANDLE;
395 }
396 if (p11ctx->hSession != CK_INVALID_HANDLE) {
397 p11_module->C_CloseSession(p11ctx->hSession);
398 p11ctx->hSession = CK_INVALID_HANDLE;
399 }
400
401 return 1;
402 }
403
404 static int
405 p11_md_cleanup(EVP_MD_CTX *ctx);
406
407 static int
p11_md_hash_init(CK_MECHANISM_TYPE mechanismType,EVP_MD_CTX * ctx)408 p11_md_hash_init(CK_MECHANISM_TYPE mechanismType, EVP_MD_CTX *ctx)
409 {
410 struct pkcs11_md_ctx *p11ctx = (struct pkcs11_md_ctx *)ctx;
411 CK_RV rv;
412 CK_FLAGS flags;
413 CK_MECHANISM mechanism = { mechanismType, NULL, 0 };
414
415 if (p11ctx->hSession != CK_INVALID_HANDLE)
416 p11_md_cleanup(ctx);
417
418 rv = p11_session_init(mechanismType, &p11ctx->hSession, &flags);
419 if (rv != CKR_OK)
420 goto cleanup;
421
422 if ((flags & CKF_DIGEST) != CKF_DIGEST) {
423 rv = CKR_MECHANISM_INVALID;
424 goto cleanup;
425 }
426
427 assert(p11_module != NULL);
428
429 rv = p11_module->C_DigestInit(p11ctx->hSession, &mechanism);
430
431 cleanup:
432 return rv == CKR_OK;
433 }
434
435 static int
p11_md_update(EVP_MD_CTX * ctx,const void * data,size_t length)436 p11_md_update(EVP_MD_CTX *ctx, const void *data, size_t length)
437 {
438 struct pkcs11_md_ctx *p11ctx = (struct pkcs11_md_ctx *)ctx;
439 CK_RV rv;
440
441 assert(p11_module != NULL);
442 assert(data != NULL || length == 0);
443
444 rv = p11_module->C_DigestUpdate(p11ctx->hSession,
445 data ? (CK_BYTE_PTR)data : (CK_BYTE_PTR)"",
446 length);
447
448 return rv == CKR_OK;
449 }
450
451 static int
p11_md_final(void * digest,EVP_MD_CTX * ctx)452 p11_md_final(void *digest, EVP_MD_CTX *ctx)
453 {
454 struct pkcs11_md_ctx *p11ctx = (struct pkcs11_md_ctx *)ctx;
455 CK_RV rv;
456 CK_ULONG digestLen = 0;
457
458 assert(p11_module != NULL);
459
460 rv = p11_module->C_DigestFinal(p11ctx->hSession, NULL, &digestLen);
461 if (rv == CKR_OK)
462 rv = p11_module->C_DigestFinal(p11ctx->hSession, digest, &digestLen);
463
464 return rv == CKR_OK;
465 }
466
467 static int
p11_md_cleanup(EVP_MD_CTX * ctx)468 p11_md_cleanup(EVP_MD_CTX *ctx)
469 {
470 struct pkcs11_md_ctx *p11ctx = (struct pkcs11_md_ctx *)ctx;
471 CK_RV rv;
472
473 assert(p11_module != NULL);
474
475 rv = p11_module->C_CloseSession(p11ctx->hSession);
476 if (rv == CKR_OK)
477 p11ctx->hSession = CK_INVALID_HANDLE;
478
479 return rv == CKR_OK;
480 }
481
482 #define PKCS11_CIPHER_ALGORITHM(name, mechanismType, block_size, \
483 key_len, iv_len, flags) \
484 \
485 static EVP_CIPHER \
486 pkcs11_##name = { \
487 0, \
488 block_size, \
489 key_len, \
490 iv_len, \
491 (flags) | EVP_CIPH_ALWAYS_CALL_INIT, \
492 p11_key_init, \
493 p11_do_cipher, \
494 p11_cleanup, \
495 sizeof(struct pkcs11_cipher_ctx), \
496 NULL, \
497 NULL, \
498 NULL, \
499 (void *)mechanismType \
500 }; \
501 \
502 const EVP_CIPHER * \
503 hc_EVP_pkcs11_##name(void) \
504 { \
505 if (p11_mech_available_p(mechanismType, CKF_ENCRYPT|CKF_DECRYPT)) \
506 return &pkcs11_##name; \
507 else \
508 return NULL; \
509 } \
510 \
511 static void \
512 pkcs11_hcrypto_##name##_init_once(void *context) \
513 { \
514 const EVP_CIPHER *cipher; \
515 \
516 cipher = hc_EVP_pkcs11_ ##name(); \
517 if (cipher == NULL && HCRYPTO_FALLBACK) \
518 cipher = hc_EVP_hcrypto_ ##name(); \
519 \
520 *((const EVP_CIPHER **)context) = cipher; \
521 } \
522 \
523 const EVP_CIPHER * \
524 hc_EVP_pkcs11_hcrypto_##name(void) \
525 { \
526 static const EVP_CIPHER *__cipher; \
527 static heim_base_once_t __init = HEIM_BASE_ONCE_INIT; \
528 \
529 heim_base_once_f(&__init, &__cipher, \
530 pkcs11_hcrypto_##name##_init_once); \
531 \
532 return __cipher; \
533 }
534
535 #define PKCS11_MD_ALGORITHM(name, mechanismType, hash_size, block_size) \
536 \
537 static int p11_##name##_init(EVP_MD_CTX *ctx) \
538 { \
539 return p11_md_hash_init(mechanismType, ctx); \
540 } \
541 \
542 const EVP_MD * \
543 hc_EVP_pkcs11_##name(void) \
544 { \
545 static struct hc_evp_md name = { \
546 hash_size, \
547 block_size, \
548 sizeof(struct pkcs11_md_ctx), \
549 p11_##name##_init, \
550 p11_md_update, \
551 p11_md_final, \
552 p11_md_cleanup \
553 }; \
554 \
555 if (p11_mech_available_p(mechanismType, CKF_DIGEST)) \
556 return &name; \
557 else \
558 return NULL; \
559 } \
560 \
561 static void \
562 pkcs11_hcrypto_##name##_init_once(void *context) \
563 { \
564 const EVP_MD *md; \
565 \
566 md = hc_EVP_pkcs11_ ##name(); \
567 if (md == NULL && HCRYPTO_FALLBACK) \
568 md = hc_EVP_hcrypto_ ##name(); \
569 \
570 *((const EVP_MD **)context) = md; \
571 } \
572 \
573 const EVP_MD * \
574 hc_EVP_pkcs11_hcrypto_##name(void) \
575 { \
576 static const EVP_MD *__md; \
577 static heim_base_once_t __init = HEIM_BASE_ONCE_INIT; \
578 \
579 heim_base_once_f(&__init, &__md, \
580 pkcs11_hcrypto_##name##_init_once); \
581 \
582 return __md; \
583 }
584
585 #define PKCS11_MD_ALGORITHM_UNAVAILABLE(name) \
586 \
587 const EVP_MD * \
588 hc_EVP_pkcs11_##name(void) \
589 { \
590 return NULL; \
591 } \
592 \
593 const EVP_MD * \
594 hc_EVP_pkcs11_hcrypto_##name(void) \
595 { \
596 return hc_EVP_hcrypto_ ##name(); \
597 }
598
599 /**
600 * The triple DES cipher type (PKCS#11 provider)
601 *
602 * @return the DES-EDE3-CBC EVP_CIPHER pointer.
603 *
604 * @ingroup hcrypto_evp
605 */
606
607 PKCS11_CIPHER_ALGORITHM(des_ede3_cbc,
608 CKM_DES3_CBC,
609 8,
610 24,
611 8,
612 EVP_CIPH_CBC_MODE)
613
614 /**
615 * The DES cipher type (PKCS#11 provider)
616 *
617 * @return the DES-CBC EVP_CIPHER pointer.
618 *
619 * @ingroup hcrypto_evp
620 */
621
622 PKCS11_CIPHER_ALGORITHM(des_cbc,
623 CKM_DES_CBC,
624 8,
625 8,
626 8,
627 EVP_CIPH_CBC_MODE)
628
629 /**
630 * The AES-128 cipher type (PKCS#11 provider)
631 *
632 * @return the AES-128-CBC EVP_CIPHER pointer.
633 *
634 * @ingroup hcrypto_evp
635 */
636
637 PKCS11_CIPHER_ALGORITHM(aes_128_cbc,
638 CKM_AES_CBC,
639 16,
640 16,
641 16,
642 EVP_CIPH_CBC_MODE)
643
644 /**
645 * The AES-192 cipher type (PKCS#11 provider)
646 *
647 * @return the AES-192-CBC EVP_CIPHER pointer.
648 *
649 * @ingroup hcrypto_evp
650 */
651
652 PKCS11_CIPHER_ALGORITHM(aes_192_cbc,
653 CKM_AES_CBC,
654 16,
655 24,
656 16,
657 EVP_CIPH_CBC_MODE)
658
659 /**
660 * The AES-256 cipher type (PKCS#11 provider)
661 *
662 * @return the AES-256-CBC EVP_CIPHER pointer.
663 *
664 * @ingroup hcrypto_evp
665 */
666
667 PKCS11_CIPHER_ALGORITHM(aes_256_cbc,
668 CKM_AES_CBC,
669 16,
670 32,
671 16,
672 EVP_CIPH_CBC_MODE)
673
674 /**
675 * The AES-128 CFB8 cipher type (PKCS#11 provider)
676 *
677 * @return the AES-128-CFB8 EVP_CIPHER pointer.
678 *
679 * @ingroup hcrypto_evp
680 */
681
682 PKCS11_CIPHER_ALGORITHM(aes_128_cfb8,
683 CKM_AES_CFB8,
684 16,
685 16,
686 16,
687 EVP_CIPH_CFB8_MODE)
688
689 /**
690 * The AES-192 CFB8 cipher type (PKCS#11 provider)
691 *
692 * @return the AES-192-CFB8 EVP_CIPHER pointer.
693 *
694 * @ingroup hcrypto_evp
695 */
696
697 PKCS11_CIPHER_ALGORITHM(aes_192_cfb8,
698 CKM_AES_CFB8,
699 16,
700 24,
701 16,
702 EVP_CIPH_CFB8_MODE)
703
704 /**
705 * The AES-256 CFB8 cipher type (PKCS#11 provider)
706 *
707 * @return the AES-256-CFB8 EVP_CIPHER pointer.
708 *
709 * @ingroup hcrypto_evp
710 */
711
712 PKCS11_CIPHER_ALGORITHM(aes_256_cfb8,
713 CKM_AES_CFB8,
714 16,
715 32,
716 16,
717 EVP_CIPH_CFB8_MODE)
718
719 /**
720 * The RC2 cipher type - PKCS#11
721 *
722 * @return the RC2 EVP_CIPHER pointer.
723 *
724 * @ingroup hcrypto_evp
725 */
726
727 PKCS11_CIPHER_ALGORITHM(rc2_cbc,
728 CKM_RC2_CBC,
729 8,
730 16,
731 8,
732 EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH)
733
734 /**
735 * The RC2-40 cipher type - PKCS#11
736 *
737 * @return the RC2-40 EVP_CIPHER pointer.
738 *
739 * @ingroup hcrypto_evp
740 */
741
742 PKCS11_CIPHER_ALGORITHM(rc2_40_cbc,
743 CKM_RC2_CBC,
744 8,
745 5,
746 8,
747 EVP_CIPH_CBC_MODE)
748
749 /**
750 * The RC2-64 cipher type - PKCS#11
751 *
752 * @return the RC2-64 EVP_CIPHER pointer.
753 *
754 * @ingroup hcrypto_evp
755 */
756
757 PKCS11_CIPHER_ALGORITHM(rc2_64_cbc,
758 CKM_RC2_CBC,
759 8,
760 8,
761 8,
762 EVP_CIPH_CBC_MODE)
763
764 /**
765 * The Camellia-128 cipher type - PKCS#11
766 *
767 * @return the Camellia-128 EVP_CIPHER pointer.
768 *
769 * @ingroup hcrypto_evp
770 */
771
772 PKCS11_CIPHER_ALGORITHM(camellia_128_cbc,
773 CKM_CAMELLIA_CBC,
774 16,
775 16,
776 16,
777 EVP_CIPH_CBC_MODE)
778
779 /**
780 * The Camellia-198 cipher type - PKCS#11
781 *
782 * @return the Camellia-198 EVP_CIPHER pointer.
783 *
784 * @ingroup hcrypto_evp
785 */
786
787 PKCS11_CIPHER_ALGORITHM(camellia_192_cbc,
788 CKM_CAMELLIA_CBC,
789 16,
790 24,
791 16,
792 EVP_CIPH_CBC_MODE)
793
794 /**
795 * The Camellia-256 cipher type - PKCS#11
796 *
797 * @return the Camellia-256 EVP_CIPHER pointer.
798 *
799 * @ingroup hcrypto_evp
800 */
801
802 PKCS11_CIPHER_ALGORITHM(camellia_256_cbc,
803 CKM_CAMELLIA_CBC,
804 16,
805 32,
806 16,
807 EVP_CIPH_CBC_MODE)
808
809 /**
810 * The RC4 cipher type (PKCS#11 provider)
811 *
812 * @return the RC4 EVP_CIPHER pointer.
813 *
814 * @ingroup hcrypto_evp
815 */
816
817 PKCS11_CIPHER_ALGORITHM(rc4,
818 CKM_RC4,
819 1,
820 16,
821 0,
822 EVP_CIPH_STREAM_CIPHER | EVP_CIPH_VARIABLE_LENGTH)
823
824 /**
825 * The RC4-40 cipher type (PKCS#11 provider)
826 *
827 * @return the RC4 EVP_CIPHER pointer.
828 *
829 * @ingroup hcrypto_evp
830 */
831
832 PKCS11_CIPHER_ALGORITHM(rc4_40,
833 CKM_RC4,
834 1,
835 5,
836 0,
837 EVP_CIPH_STREAM_CIPHER | EVP_CIPH_VARIABLE_LENGTH)
838
839 #ifdef CKM_MD4 /* non-standard extension */
840 PKCS11_MD_ALGORITHM(md4, CKM_MD4, 16, 64)
841 #else
842 PKCS11_MD_ALGORITHM_UNAVAILABLE(md4)
843 #endif
844 PKCS11_MD_ALGORITHM(md5, CKM_MD5, 16, 64)
845 PKCS11_MD_ALGORITHM(sha1, CKM_SHA_1, 20, 64)
846 PKCS11_MD_ALGORITHM(sha256, CKM_SHA256, 32, 64)
847 PKCS11_MD_ALGORITHM(sha384, CKM_SHA384, 48, 128)
848 PKCS11_MD_ALGORITHM(sha512, CKM_SHA512, 64, 128)
849