diff options
author | Carl Lundin <53273776+lundinc2@users.noreply.github.com> | 2020-06-30 16:54:25 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-06-30 16:54:25 -0700 |
commit | 0bcbf43fee889df413137678094a8bb314591ed7 (patch) | |
tree | 70c5d7d639aaa327344ace86d9e9b3603f148a76 | |
parent | d95edc9733238d1321bc99cb9b309900840686d9 (diff) | |
download | freertos-git-0bcbf43fee889df413137678094a8bb314591ed7.tar.gz |
Sync PKCS #11 changes. (#113)
9 files changed, 1097 insertions, 841 deletions
diff --git a/FreeRTOS-Plus/Demo/FreeRTOS-IoT-Libraries-LTS-Beta1/pkcs11/pkcs11_mqtt_tls_mutual_auth/iot_pkcs11_config.h b/FreeRTOS-Plus/Demo/FreeRTOS-IoT-Libraries-LTS-Beta1/pkcs11/pkcs11_mqtt_tls_mutual_auth/iot_pkcs11_config.h index e212afa30..97337d7ea 100755 --- a/FreeRTOS-Plus/Demo/FreeRTOS-IoT-Libraries-LTS-Beta1/pkcs11/pkcs11_mqtt_tls_mutual_auth/iot_pkcs11_config.h +++ b/FreeRTOS-Plus/Demo/FreeRTOS-IoT-Libraries-LTS-Beta1/pkcs11/pkcs11_mqtt_tls_mutual_auth/iot_pkcs11_config.h @@ -1,24 +1,23 @@ /* - * FreeRTOS Kernel V10.3.0 + * FreeRTOS V1.4.8 * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. * - * Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: + * Permission is hereby granted, free of charge, to any person obtaining a copy of + * this software and associated documentation files (the "Software"), to deal in + * the Software without restriction, including without limitation the rights to + * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of + * the Software, and to permit persons to whom the Software is furnished to do so, + * subject to the following conditions: * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - * SOFTWARE. + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR + * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER + * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. * * http://aws.amazon.com/freertos * http://www.FreeRTOS.org @@ -33,101 +32,106 @@ #ifndef _AWS_PKCS11_CONFIG_H_ #define _AWS_PKCS11_CONFIG_H_ -/* A non-standard version of C_INITIALIZE should be used by this port. */ -/* #define pkcs11configC_INITIALIZE_ALT */ +/** +* @brief PKCS #11 default user PIN. +* +* The PKCS #11 standard specifies the presence of a user PIN. That feature is +* sensible for applications that have an interactive user interface and memory +* protections. However, since typical microcontroller applications lack one or +* both of those, the user PIN is assumed to be used herein for interoperability +* purposes only, and not as a security feature. +* + * Note: Do not cast this to a pointer! The library calls sizeof to get the length + * of this string. +*/ +#define configPKCS11_DEFAULT_USER_PIN "0000" /** - * @brief PKCS #11 default user PIN. - * - * The PKCS #11 standard specifies the presence of a user PIN. That feature is - * sensible for applications that have an interactive user interface and memory - * protections. However, since typical microcontroller applications lack one or - * both of those, the user PIN is assumed to be used herein for interoperability - * purposes only, and not as a security feature. - */ -#define configPKCS11_DEFAULT_USER_PIN "0000" +* @brief Maximum length (in characters) for a PKCS #11 CKA_LABEL +* attribute. +*/ +#define pkcs11configMAX_LABEL_LENGTH 32 /** - * @brief Maximum length (in characters) for a PKCS #11 CKA_LABEL - * attribute. - */ -#define pkcs11configMAX_LABEL_LENGTH 32 +* @brief Maximum number of token objects that can be stored +* by the PKCS #11 module. +*/ +#define pkcs11configMAX_NUM_OBJECTS 6 /** - * @brief Maximum number of token objects that can be stored + * @brief Maximum number of sessions that can be stored * by the PKCS #11 module. */ -#define pkcs11configMAX_NUM_OBJECTS 6 +#define pkcs11configMAX_SESSIONS 10 /** - * @brief Set to 1 if a PAL destroy object is implemented. - * - * If set to 0, no PAL destroy object is implemented, and this functionality - * is implemented in the common PKCS #11 layer. - */ -#define pkcs11configPAL_DESTROY_SUPPORTED 0 +* @brief Set to 1 if a PAL destroy object is implemented. +* +* If set to 0, no PAL destroy object is implemented, and this functionality +* is implemented in the common PKCS #11 layer. +*/ +#define pkcs11configPAL_DESTROY_SUPPORTED 0 /** - * @brief Set to 1 if OTA image verification via PKCS #11 module is supported. - * - * If set to 0, OTA code signing certificate is built in via - * aws_ota_codesigner_certificate.h. - */ -#define pkcs11configOTA_SUPPORTED 0 +* @brief Set to 1 if OTA image verification via PKCS #11 module is supported. +* +* If set to 0, OTA code signing certificate is built in via +* aws_ota_codesigner_certificate.h. +*/ +#define pkcs11configOTA_SUPPORTED 0 /** - * @brief Set to 1 if PAL supports storage for JITP certificate, - * code verify certificate, and trusted server root certificate. - * - * If set to 0, PAL does not support storage mechanism for these, and - * they are accessed via headers compiled into the code. - */ -#define pkcs11configJITP_CODEVERIFY_ROOT_CERT_SUPPORTED 0 +* @brief Set to 1 if PAL supports storage for JITP certificate, +* code verify certificate, and trusted server root certificate. +* +* If set to 0, PAL does not support storage mechanism for these, and +* they are accessed via headers compiled into the code. +*/ +#define pkcs11configJITP_CODEVERIFY_ROOT_CERT_SUPPORTED 0 /** - * @brief The PKCS #11 label for device private key. - * - * Private key for connection to AWS IoT endpoint. The corresponding - * public key should be registered with the AWS IoT endpoint. - */ -#define pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS "Device Priv TLS Key" +* @brief The PKCS #11 label for device private key. +* +* Private key for connection to AWS IoT endpoint. The corresponding +* public key should be registered with the AWS IoT endpoint. +*/ +#define pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS "Device Priv TLS Key" /** - * @brief The PKCS #11 label for device public key. - * - * The public key corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. - */ -#define pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS "Device Pub TLS Key" +* @brief The PKCS #11 label for device public key. +* +* The public key corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. +*/ +#define pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS "Device Pub TLS Key" /** - * @brief The PKCS #11 label for the device certificate. - * - * Device certificate corresponding to - * pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. - */ -#define pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS "Device Cert" +* @brief The PKCS #11 label for the device certificate. +* +* Device certificate corresponding to pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS. +*/ +#define pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS "Device Cert" /** - * @brief The PKCS #11 label for the object to be used for code verification. - * - * Used by over-the-air update code to verify an incoming signed image. - */ -#define pkcs11configLABEL_CODE_VERIFICATION_KEY "Code Verify Key" +* @brief The PKCS #11 label for the object to be used for code verification. +* +* Used by over-the-air update code to verify an incoming signed image. +*/ +#define pkcs11configLABEL_CODE_VERIFICATION_KEY "Code Verify Key" /** - * @brief The PKCS #11 label for Just-In-Time-Provisioning. - * - * The certificate corresponding to the issuer of the device certificate - * (pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS) when using the JITR or - * JITP flow. - */ -#define pkcs11configLABEL_JITP_CERTIFICATE "JITP Cert" +* @brief The PKCS #11 label for Just-In-Time-Provisioning. +* +* The certificate corresponding to the issuer of the device certificate +* (pkcs11configLABEL_DEVICE_CERTIFICATE_FOR_TLS) when using the JITR or +* JITP flow. +*/ +#define pkcs11configLABEL_JITP_CERTIFICATE "JITP Cert" /** - * @brief The PKCS #11 label for the AWS Trusted Root Certificate. - * - * @see aws_default_root_certificates.h - */ -#define pkcs11configLABEL_ROOT_CERTIFICATE "Root Cert" +* @brief The PKCS #11 label for the AWS Trusted Root Certificate. +* +* @see aws_default_root_certificates.h +*/ +#define pkcs11configLABEL_ROOT_CERTIFICATE "Root Cert" #endif /* _AWS_PKCS11_CONFIG_H_ include guard. */ diff --git a/FreeRTOS-Plus/Demo/FreeRTOS-IoT-Libraries-LTS-Beta1/pkcs11/pkcs11_mqtt_tls_mutual_auth/mbedtls_config.h b/FreeRTOS-Plus/Demo/FreeRTOS-IoT-Libraries-LTS-Beta1/pkcs11/pkcs11_mqtt_tls_mutual_auth/mbedtls_config.h index 20817cd12..20817cd12 100755..100644 --- a/FreeRTOS-Plus/Demo/FreeRTOS-IoT-Libraries-LTS-Beta1/pkcs11/pkcs11_mqtt_tls_mutual_auth/mbedtls_config.h +++ b/FreeRTOS-Plus/Demo/FreeRTOS-IoT-Libraries-LTS-Beta1/pkcs11/pkcs11_mqtt_tls_mutual_auth/mbedtls_config.h diff --git a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos/iot_network_pkcs11_freertos.c b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos/iot_network_pkcs11_freertos.c index 2b107d57d..de79266ba 100755..100644 --- a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos/iot_network_pkcs11_freertos.c +++ b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos/iot_network_pkcs11_freertos.c @@ -48,10 +48,15 @@ /* FreeRTOS-IoT-Libraries-LTS-Beta1 includes. */ #include "iot_error.h" #include "platform/iot_network_freertos.h" -#include "mbedtls/threading.h" +#include "threading_alt.h" #include "iot_pkcs11.h" #include "iot_tls.h" +#if !defined( MBEDTLS_CONFIG_FILE ) +#include "mbedtls/config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif /* Configure logs for the functions in this file. */ #ifdef IOT_LOG_LEVEL_NETWORK diff --git a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/include/iot_pkcs11_pal.h b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/include/iot_pkcs11_pal.h index b41e73958..2d6c48965 100755 --- a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/include/iot_pkcs11_pal.h +++ b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/include/iot_pkcs11_pal.h @@ -41,6 +41,8 @@ /** * @functions_page{pkcs11_pal,PKCS #11 PAL, PKCS #11 PAL} * @functions_brief{PKCS #11 PAL Layer} + * - @function_name{pkcs11_pal_function_initialize} + * @function_brief{pkcs11_pal_function_initialize} * - @function_name{pkcs11_pal_function_saveobject} * @function_brief{pkcs11_pal_function_saveobject} * - @function_name{pkcs11_pal_function_destroyobject} @@ -72,6 +74,19 @@ */ /** + * @brief Initializes the PKCS #11 PAL. + * + * This is always called first in C_Initialize if the module is not already + * initialized. + * + * @return CKR_OK on success. + * CKR_FUNCTION_FAILED on failure. + */ +/* @[declare_pkcs11_pal_initialize] */ +CK_RV PKCS11_PAL_Initialize( void ); +/* @[declare_pkcs11_pal_initialize] */ + +/** * @brief Saves an object in non-volatile storage. * * Port-specific file write for cryptographic information. @@ -85,8 +100,8 @@ */ /* @[declare_pkcs11_pal_saveobject] */ CK_OBJECT_HANDLE PKCS11_PAL_SaveObject( CK_ATTRIBUTE_PTR pxLabel, - uint8_t * pucData, - uint32_t ulDataSize ); + CK_BYTE_PTR pucData, + CK_ULONG ulDataSize ); /* @[declare_pkcs11_pal_saveobject] */ /** @@ -104,7 +119,7 @@ CK_RV PKCS11_PAL_DestroyObject( CK_OBJECT_HANDLE xHandle ); * Port-specific object handle retrieval. * * - * @param[in] pLabel Pointer to the label of the object + * @param[in] pxLabel Pointer to the label of the object * who's handle should be found. * @param[in] usLength The length of the label, in bytes. * @@ -112,8 +127,8 @@ CK_RV PKCS11_PAL_DestroyObject( CK_OBJECT_HANDLE xHandle ); * Returns eInvalidHandle if unsuccessful. */ /* @[declare_pkcs11_pal_findobject] */ -CK_OBJECT_HANDLE PKCS11_PAL_FindObject( uint8_t * pLabel, - uint8_t usLength ); +CK_OBJECT_HANDLE PKCS11_PAL_FindObject( CK_BYTE_PTR pxLabel, + CK_ULONG usLength ); /* @[declare_pkcs11_pal_findobject] */ @@ -141,23 +156,23 @@ CK_OBJECT_HANDLE PKCS11_PAL_FindObject( uint8_t * pLabel, * error. */ /* @[declare_pkcs11_pal_getobjectvalue] */ -BaseType_t PKCS11_PAL_GetObjectValue( CK_OBJECT_HANDLE xHandle, - uint8_t ** ppucData, - uint32_t * pulDataSize, - CK_BBOOL * pIsPrivate ); +CK_RV PKCS11_PAL_GetObjectValue( CK_OBJECT_HANDLE xHandle, + CK_BYTE_PTR * ppucData, + CK_ULONG_PTR pulDataSize, + CK_BBOOL * pIsPrivate ); /* @[declare_pkcs11_pal_getobjectvalue] */ /** * @brief Cleanup after PKCS11_GetObjectValue(). * - * @param[in] pucBuffer The buffer to free. + * @param[in] pucData The buffer to free. * (*ppucData from PKCS11_PAL_GetObjectValue()) - * @param[in] ulBufferSize The length of the buffer to free. + * @param[in] ulDatasize The length of the buffer to free. * (*pulDataSize from PKCS11_PAL_GetObjectValue()) */ /* @[declare_pkcs11_pal_getobjectvaluecleanup] */ -void PKCS11_PAL_GetObjectValueCleanup( uint8_t * pucBuffer, - uint32_t ulBufferSize ); +void PKCS11_PAL_GetObjectValueCleanup( CK_BYTE_PTR pucData, + CK_ULONG ulDataSize ); /* @[declare_pkcs11_pal_getobjectvaluecleanup] */ #endif /* IOT_PKCS11_PAL include guard. */ diff --git a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/src/iot_pkcs11_mbedtls.c b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/src/iot_pkcs11_mbedtls.c index d2d628555..2fcea4681 100644 --- a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/src/iot_pkcs11_mbedtls.c +++ b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/src/iot_pkcs11_mbedtls.c @@ -1,5 +1,5 @@ /* - * FreeRTOS PKCS #11 V2.1.0 + * FreeRTOS PKCS #11 V2.0.3 * Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Permission is hereby granted, free of charge, to any person obtaining a copy of @@ -32,6 +32,8 @@ /* FreeRTOS includes. */ #include "FreeRTOS.h" + +/* PKCS #11 includes. */ #include "iot_pkcs11_config.h" #include "iot_pkcs11.h" #include "iot_pkcs11_pal.h" @@ -54,9 +56,10 @@ #include <stdio.h> #include <string.h> +/*-----------------------------------------------------------*/ /** - * @brief Default macro to not suppress EC operations. + * @brief Default EC operations to ON. * */ #ifndef pkcs11configSUPPRESS_ECDSA_MECHANISM @@ -64,13 +67,13 @@ #endif /** - * @brief Represents string to be logged when mbed TLS returned error + * @brief Represents string to be logged when mbedTLS returned error * does not contain a high-level code. */ static const char * pNoHighLevelMbedTlsCodeStr = "<No-High-Level-Code>"; /** - * @brief Represents string to be logged when mbed TLS returned error + * @brief Represents string to be logged when mbedTLS returned error * does not contain a low-level code. */ static const char * pNoLowLevelMbedTlsCodeStr = "<No-Low-Level-Code>"; @@ -96,14 +99,14 @@ static const char * pNoLowLevelMbedTlsCodeStr = "<No-Low-Level-Code>"; * @brief Macro for logging in PKCS #11. * */ -#define PKCS11_PRINT( X ) vLoggingPrintf X +#define PKCS11_PRINT( X ) configPRINTF( X ) /** * @ingroup pkcs11_macros * @brief Macro for logging warnings in PKCS #11. * */ -#define PKCS11_WARNING_PRINT( X ) /* vLoggingPrintf X */ +#define PKCS11_WARNING_PRINT( X ) /* configPRINTF( X ) */ /** * @ingroup pkcs11_macros @@ -122,7 +125,7 @@ static const char * pNoLowLevelMbedTlsCodeStr = "<No-Low-Level-Code>"; /** * @ingroup pkcs11_macros - * @brief Mmax key length of a key. + * @brief Max key length of a key. * TODO: How long is a typical RSA key anyhow? */ #define MAX_LENGTH_KEY 3000 @@ -153,21 +156,28 @@ static const char * pNoLowLevelMbedTlsCodeStr = "<No-Low-Level-Code>"; #define VERIFY_IN_TEMPLATE ( 1U << 4 ) /**< Bit set for verify in template. */ /** + * @ingroup pkcs11_macros + * @brief Macro to signify an invalid PKCS #11 key type. + */ +#define PKCS11_INVALID_KEY_TYPE ( ( CK_KEY_TYPE ) 0xFFFFFFFFUL ) + +/** * @ingroup pkcs11_datatypes * @brief PKCS #11 object container. * - * Maps a PKCS #11 object handle to it's label + * Maps a PKCS #11 object handle to it's label. * */ typedef struct P11Object_t { CK_OBJECT_HANDLE xHandle; /**< @brief The "PAL Handle". */ + CK_ULONG xLabelSize; /**< @brief Size of label. */ CK_BYTE xLabel[ pkcs11configMAX_LABEL_LENGTH + 1 ]; /**< @brief Plus 1 for the null terminator. */ } P11Object_t; /** * @ingroup pkcs11_datatypes - * @brief PKCS #11 object container list + * @brief PKCS #11 object container list. * * This structure helps the iot_pkcs11_mbedtls.c maintain a mapping of all objects in one place. * Because some objects exist in device NVM and must be called by their "PAL Handles", and other @@ -177,6 +187,7 @@ typedef struct P11Object_t typedef struct P11ObjectList_t { SemaphoreHandle_t xMutex; /**< @brief Mutex that protects write operations to the xObjects array. */ + StaticSemaphore_t xMutexBuffer; /**< @brief Mutex buffer in order to avoid calling Malloc. */ P11Object_t xObjects[ pkcs11configMAX_NUM_OBJECTS ]; /**< @brief List of PKCS #11 objects. */ } P11ObjectList_t; @@ -190,15 +201,12 @@ typedef struct P11Struct_t CK_BBOOL xIsInitialized; /**< @brief Indicates whether PKCS #11 module has been initialized with a call to C_Initialize. */ mbedtls_ctr_drbg_context xMbedDrbgCtx; /**< @brief CTR-DRBG context for PKCS #11 module - used to generate pseudo-random numbers. */ mbedtls_entropy_context xMbedEntropyContext; /**< @brief Entropy context for PKCS #11 module - used to collect entropy for RNG. */ + SemaphoreHandle_t xSessionMutex; /**< @brief Mutex that protects write operations to the pxSession array. */ + StaticSemaphore_t xSessionMutexBuffer; /**< @brief Mutex buffer in order to avoid calling Malloc. */ P11ObjectList_t xObjectList; /**< @brief List of PKCS #11 objects that have been found/created since module initialization. * The array position indicates the "App Handle" */ -} P11Struct_t, * P11Context_t; +} P11Struct_t; -/** - * @brief The global PKCS #11 module object. - * Entropy/randomness and object lists are shared across PKCS #11 sessions. - */ -static P11Struct_t xP11Context; /** * @ingroup pkcs11_datatypes @@ -210,7 +218,7 @@ typedef struct P11Session CK_BBOOL xOpened; /**< @brief Set to CK_TRUE upon opening PKCS #11 session. */ CK_MECHANISM_TYPE xOperationDigestMechanism; /**< @brief Indicates if a digest operation is in progress. */ CK_BYTE * pxFindObjectLabel; /**< @brief Pointer to the label for the search in progress. Should be NULL if no search in progress. */ - uint8_t xFindObjectLabelLength; /**< @brief Find object length flag. */ + CK_ULONG xFindObjectLabelLen; /**< @brief Size of current search label. */ CK_MECHANISM_TYPE xOperationVerifyMechanism; /**< @brief The mechanism of verify operation in progress. Set during C_VerifyInit. */ SemaphoreHandle_t xVerifyMutex; /**< @brief Protects the verification key from being modified while in use. */ mbedtls_pk_context xVerifyKey; /**< @brief Verification key. Set during C_VerifyInit. */ @@ -218,43 +226,93 @@ typedef struct P11Session SemaphoreHandle_t xSignMutex; /**< @brief Protects the signing key from being modified while in use. */ mbedtls_pk_context xSignKey; /**< @brief Signing key. Set during C_SignInit. */ mbedtls_sha256_context xSHA256Context; /**< @brief Context for in progress digest operation. */ -} P11Session_t, * P11SessionPtr_t; +} P11Session_t; + +/*-----------------------------------------------------------*/ +/** + * @brief The global PKCS #11 module object. + * Entropy/randomness and object lists are shared across PKCS #11 sessions. + */ +static P11Struct_t xP11Context; +/** + * @brief The global PKCS #11 session list. + */ +static P11Session_t pxP11Sessions[ pkcs11configMAX_SESSIONS ] = { 0 }; /** - * @brief Helper definitions. + * @brief Helper to check if the current session is initialized and valid. */ -#define PKCS11_MODULE_IS_INITIALIZED ( ( xP11Context.xIsInitialized == CK_TRUE ) ? CK_TRUE : CK_FALSE ) /**< Checks if PKCS #11 module is initialized. */ -#define PKCS11_SESSION_IS_OPEN( xSessionHandle ) ( ( ( ( ( P11SessionPtr_t ) xSessionHandle )->xOpened ) == CK_TRUE ) ? CKR_OK : CKR_SESSION_CLOSED ) /**< Checks if the current session is open */ -#define PKCS11_SESSION_IS_VALID( xSessionHandle ) ( ( ( P11SessionPtr_t ) xSessionHandle != NULL ) ? PKCS11_SESSION_IS_OPEN( xSessionHandle ) : CKR_SESSION_HANDLE_INVALID ) /**< Checks if the current session is valid */ -#define PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSessionHandle ) ( PKCS11_MODULE_IS_INITIALIZED ? PKCS11_SESSION_IS_VALID( xSessionHandle ) : CKR_CRYPTOKI_NOT_INITIALIZED ) /**< Checks if the current session is valid and initialized. */ -/*-----------------------------------------------------------*/ -/*--------- See iot_pkcs11_pal.c for definitions ------------*/ +static CK_RV prvCheckValidSessionAndModule( const P11Session_t * pxSession ) +{ + CK_RV xResult = CKR_OK; + /** MISRA Rule 10.5 - Cannot cast from unsigned to signed. + * The rule 10.5 is violated because type of the boolean macros defined by PKCS #11 + * are 0 and 1, which results in a signed integer, meanwhile the underlying + * type of CK_BBOOL is an unsigned char. + * + * This means that our implementation conforms to the exception provided by MISRA + * To quote MISRA: "An integer constant expression with the value 0 or 1 of either signedness + * may be cast to a type which is defined as essentially Boolean. + * This allows the implementation of non-C99 Boolean models." + */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xP11Context.xIsInitialized == ( CK_BBOOL ) CK_FALSE ) + { + xResult = CKR_CRYPTOKI_NOT_INITIALIZED; + } + else if( pxSession == NULL ) + { + xResult = CKR_SESSION_HANDLE_INVALID; + } + /* coverity[misra_c_2012_rule_10_5_violation] */ + else if( pxSession->xOpened == ( CK_BBOOL ) CK_FALSE ) + { + xResult = CKR_SESSION_HANDLE_INVALID; + } + else + { + /* Session is initialized and valid. */ + } + return xResult; +} /** * @brief Maps an opaque caller session handle into its internal state structure. */ -P11SessionPtr_t prvSessionPointerFromHandle( CK_SESSION_HANDLE xSession ) +static P11Session_t * prvSessionPointerFromHandle( CK_SESSION_HANDLE xSession ) { - return ( P11SessionPtr_t ) xSession; /*lint !e923 Allow casting integer type to pointer for handle. */ + P11Session_t * pxSession = NULL; + + if( ( xSession >= 1UL ) && ( xSession <= pkcs11configMAX_SESSIONS ) ) + { + /* Decrement by 1, invalid handles in PKCS #11 are defined to be 0. */ + pxSession = &pxP11Sessions[ xSession - 1UL ]; + } + + return pxSession; } /** * @brief Determines if an operation is in progress. */ -static CK_BBOOL prvOperationActive( P11SessionPtr_t pxSession ) +static CK_BBOOL prvOperationActive( const P11Session_t * pxSession ) { - CK_BBOOL xResult = CK_FALSE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xResult = ( CK_BBOOL ) CK_FALSE; if( ( pxSession->xOperationDigestMechanism != pkcs11NO_OPERATION ) || ( pxSession->xOperationSignMechanism != pkcs11NO_OPERATION ) || ( pxSession->xOperationVerifyMechanism != pkcs11NO_OPERATION ) || ( pxSession->pxFindObjectLabel != NULL ) ) { - xResult = CK_TRUE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + xResult = ( CK_BBOOL ) CK_TRUE; } return xResult; @@ -395,104 +453,33 @@ static CK_BBOOL prvOperationActive( P11SessionPtr_t pxSession ) * @function_snippet{pkcs11_mbedtls,c_generate_random,this} * @copydoc C_GenerateRandom */ - -/** - * @brief PKCS#11 interface functions implemented by this Cryptoki module. - */ -static CK_FUNCTION_LIST prvP11FunctionList = -{ - { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, - C_Initialize, - C_Finalize, - NULL, /*C_GetInfo */ - C_GetFunctionList, - C_GetSlotList, - NULL, /*C_GetSlotInfo*/ - C_GetTokenInfo, - NULL, /*C_GetMechanismList*/ - C_GetMechanismInfo, - C_InitToken, - NULL, /*C_InitPIN*/ - NULL, /*C_SetPIN*/ - C_OpenSession, - C_CloseSession, - NULL, /*C_CloseAllSessions*/ - NULL, /*C_GetSessionInfo*/ - NULL, /*C_GetOperationState*/ - NULL, /*C_SetOperationState*/ - C_Login, /*C_Login*/ - NULL, /*C_Logout*/ - C_CreateObject, - NULL, /*C_CopyObject*/ - C_DestroyObject, - NULL, /*C_GetObjectSize*/ - C_GetAttributeValue, - NULL, /*C_SetAttributeValue*/ - C_FindObjectsInit, - C_FindObjects, - C_FindObjectsFinal, - NULL, /*C_EncryptInit*/ - NULL, /*C_Encrypt*/ - NULL, /*C_EncryptUpdate*/ - NULL, /*C_EncryptFinal*/ - NULL, /*C_DecryptInit*/ - NULL, /*C_Decrypt*/ - NULL, /*C_DecryptUpdate*/ - NULL, /*C_DecryptFinal*/ - C_DigestInit, - NULL, /*C_Digest*/ - C_DigestUpdate, - NULL, /* C_DigestKey*/ - C_DigestFinal, - C_SignInit, - C_Sign, - NULL, /*C_SignUpdate*/ - NULL, /*C_SignFinal*/ - NULL, /*C_SignRecoverInit*/ - NULL, /*C_SignRecover*/ - C_VerifyInit, - C_Verify, - NULL, /*C_VerifyUpdate*/ - NULL, /*C_VerifyFinal*/ - NULL, /*C_VerifyRecoverInit*/ - NULL, /*C_VerifyRecover*/ - NULL, /*C_DigestEncryptUpdate*/ - NULL, /*C_DecryptDigestUpdate*/ - NULL, /*C_SignEncryptUpdate*/ - NULL, /*C_DecryptVerifyUpdate*/ - NULL, /*C_GenerateKey*/ - C_GenerateKeyPair, - NULL, /*C_WrapKey*/ - NULL, /*C_UnwrapKey*/ - NULL, /*C_DeriveKey*/ - NULL, /*C_SeedRandom*/ - C_GenerateRandom, - NULL, /*C_GetFunctionStatus*/ - NULL, /*C_CancelFunction*/ - NULL /*C_WaitForSlotEvent*/ -}; - /*-----------------------------------------------------------*/ /** * @brief Initialize mbedTLS * @note: Before prvMbedTLS_Initialize can be called, CRYPTO_Init() - * must be called to initialize the mbedTLS mutex & heap management functions. + * must be called to initialize the mbedTLS mutex functions. */ -CK_RV prvMbedTLS_Initialize( void ) +static CK_RV prvMbedTLS_Initialize( void ) { CK_RV xResult = CKR_OK; - if( xP11Context.xIsInitialized == CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xP11Context.xIsInitialized == ( CK_BBOOL ) CK_TRUE ) { xResult = CKR_CRYPTOKI_ALREADY_INITIALIZED; } else { - memset( &xP11Context, 0, sizeof( xP11Context ) ); - xP11Context.xObjectList.xMutex = xSemaphoreCreateMutex(); + ( void ) memset( &xP11Context, 0, sizeof( xP11Context ) ); + xP11Context.xObjectList.xMutex = xSemaphoreCreateMutexStatic( + &xP11Context.xObjectList.xMutexBuffer ); + + xP11Context.xSessionMutex = xSemaphoreCreateMutexStatic( + &xP11Context.xSessionMutexBuffer ); - if( xP11Context.xObjectList.xMutex == NULL ) + if( ( xP11Context.xObjectList.xMutex == NULL ) || ( xP11Context.xSessionMutex == NULL ) ) { xResult = CKR_HOST_MEMORY; } @@ -514,7 +501,9 @@ CK_RV prvMbedTLS_Initialize( void ) } else { - xP11Context.xIsInitialized = CK_TRUE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + xP11Context.xIsInitialized = ( CK_BBOOL ) CK_TRUE; } } @@ -525,12 +514,12 @@ CK_RV prvMbedTLS_Initialize( void ) * @brief Searches a template for the CKA_CLASS attribute. * */ -CK_RV prvGetObjectClass( CK_ATTRIBUTE_PTR pxTemplate, - CK_ULONG ulCount, - CK_OBJECT_CLASS * pxClass ) +static CK_RV prvGetObjectClass( const CK_ATTRIBUTE * pxTemplate, + CK_ULONG ulCount, + CK_OBJECT_CLASS * pxClass ) { CK_RV xResult = CKR_TEMPLATE_INCOMPLETE; - uint32_t ulIndex = 0; + CK_ULONG ulIndex = 0; /* Search template for class attribute. */ for( ulIndex = 0; ulIndex < ulCount; ulIndex++ ) @@ -552,14 +541,16 @@ CK_RV prvGetObjectClass( CK_ATTRIBUTE_PTR pxTemplate, * @brief Parses attribute values for a certificate. * */ -static CK_RV prvCertAttParse( CK_ATTRIBUTE_PTR pxAttribute, +static CK_RV prvCertAttParse( CK_ATTRIBUTE * pxAttribute, CK_CERTIFICATE_TYPE * pxCertificateType, CK_BYTE_PTR * ppxCertificateValue, CK_ULONG * pxCertificateLength, - CK_ATTRIBUTE_PTR * ppxLabel ) + CK_ATTRIBUTE ** ppxLabel ) { CK_RV xResult = CKR_OK; - CK_BBOOL xBool = CK_FALSE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xBool = ( CK_BBOOL ) CK_FALSE; switch( pxAttribute->type ) { @@ -594,7 +585,9 @@ static CK_RV prvCertAttParse( CK_ATTRIBUTE_PTR pxAttribute, case ( CKA_TOKEN ): ( void ) memcpy( &xBool, pxAttribute->pValue, sizeof( CK_BBOOL ) ); - if( xBool != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xBool != ( CK_BBOOL ) CK_TRUE ) { PKCS11_PRINT( ( "ERROR: Only token key object is supported. \r\n" ) ); xResult = CKR_ATTRIBUTE_VALUE_INVALID; @@ -620,8 +613,8 @@ static CK_RV prvCertAttParse( CK_ATTRIBUTE_PTR pxAttribute, * @brief Parses attribute values for a RSA Key. * */ -static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, - mbedtls_pk_context * pxMbedContext ) +static CK_RV prvRsaKeyAttParse( const CK_ATTRIBUTE * pxAttribute, + const mbedtls_pk_context * pxMbedContext ) { CK_RV xResult = CKR_OK; int32_t lMbedReturn = 0; @@ -640,7 +633,9 @@ static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, case ( CKA_TOKEN ): ( void ) memcpy( &xBool, pxAttribute->pValue, pxAttribute->ulValueLen ); - if( xBool != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xBool != ( CK_BBOOL ) CK_TRUE ) { PKCS11_PRINT( ( "Only RSA private keys with signing permissions supported. \r\n" ) ); xResult = CKR_ATTRIBUTE_VALUE_INVALID; @@ -713,8 +708,9 @@ static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, if( lMbedReturn != 0 ) { - PKCS11_PRINT( ( "mbedTLS create private RSA key failed with error %s : %s \r\n", - mbedtlsHighLevelCodeOrDefault( lMbedReturn ), + PKCS11_PRINT( ( "mbedTLS create private RSA key failed with error %s : ", + mbedtlsHighLevelCodeOrDefault( lMbedReturn ) ) ); + PKCS11_PRINT( ( "%s \r\n", mbedtlsLowLevelCodeOrDefault( lMbedReturn ) ) ); xResult = CKR_FUNCTION_FAILED; } @@ -727,46 +723,42 @@ static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, * */ #if ( pkcs11configSUPPRESS_ECDSA_MECHANISM != 1 ) - static CK_RV prvEcPrivKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, - mbedtls_pk_context * pxMbedContext ) + static CK_RV prvEcPrivKeyAttParse( const CK_ATTRIBUTE * pxAttribute, + const mbedtls_pk_context * pxMbedContext ) { - CK_BBOOL xBool = CK_FALSE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xBool = ( CK_BBOOL ) CK_FALSE; int32_t lMbedReturn = 0; CK_RV xResult = CKR_OK; mbedtls_ecp_keypair * pxKeyPair = ( mbedtls_ecp_keypair * ) pxMbedContext->pk_ctx; - switch( pxAttribute->type ) + if( pxAttribute->type == CKA_SIGN ) { - case ( CKA_SIGN ): - ( void ) memcpy( &xBool, pxAttribute->pValue, sizeof( CK_BBOOL ) ); - - if( xBool == CK_FALSE ) - { - xResult = CKR_ATTRIBUTE_VALUE_INVALID; - PKCS11_PRINT( ( "ERROR: Only EC private keys with signing privileges are supported. \r\n" ) ); - } - - break; - - case ( CKA_VALUE ): - lMbedReturn = mbedtls_mpi_read_binary( &pxKeyPair->d, - pxAttribute->pValue, - pxAttribute->ulValueLen ); - - if( lMbedReturn != 0 ) - { - xResult = CKR_FUNCTION_FAILED; - PKCS11_PRINT( ( "mbedTLS mpi read binary failed with error %s : %s \r\n", - mbedtlsHighLevelCodeOrDefault( lMbedReturn ), - mbedtlsLowLevelCodeOrDefault( lMbedReturn ) ) ); - } + ( void ) memcpy( &xBool, pxAttribute->pValue, sizeof( CK_BBOOL ) ); - break; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xBool == ( CK_BBOOL ) CK_FALSE ) + { + xResult = CKR_ATTRIBUTE_VALUE_INVALID; + PKCS11_PRINT( ( "ERROR: Only EC private keys with signing privileges are supported. \r\n" ) ); + } + } + else + { + lMbedReturn = mbedtls_mpi_read_binary( &pxKeyPair->d, + pxAttribute->pValue, + pxAttribute->ulValueLen ); - default: - PKCS11_PRINT( ( "Unknown attribute found for an EC private key. %d \r\n", pxAttribute->type ) ); - xResult = CKR_ATTRIBUTE_TYPE_INVALID; - break; + if( lMbedReturn != 0 ) + { + xResult = CKR_FUNCTION_FAILED; + PKCS11_PRINT( ( "mbedTLS mpi read binary failed with error %s : ", + mbedtlsHighLevelCodeOrDefault( lMbedReturn ) ) ); + PKCS11_PRINT( ( "%s \r\n", + mbedtlsLowLevelCodeOrDefault( lMbedReturn ) ) ); + } } return xResult; @@ -778,49 +770,43 @@ static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, * */ #if ( pkcs11configSUPPRESS_ECDSA_MECHANISM != 1 ) - static CK_RV prvEcPubKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, - mbedtls_pk_context * pxMbedContext ) + static CK_RV prvEcPubKeyAttParse( const CK_ATTRIBUTE * pxAttribute, + const mbedtls_pk_context * pxMbedContext ) { - CK_BBOOL xBool = CK_FALSE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xBool = ( CK_BBOOL ) CK_FALSE; int32_t lMbedReturn = 0; CK_RV xResult = CKR_OK; mbedtls_ecp_keypair * pxKeyPair = ( mbedtls_ecp_keypair * ) pxMbedContext->pk_ctx; - switch( pxAttribute->type ) + if( pxAttribute->type == CKA_VERIFY ) { - case ( CKA_VERIFY ): - ( void ) memcpy( &xBool, pxAttribute->pValue, pxAttribute->ulValueLen ); - - if( xBool == CK_FALSE ) - { - xResult = CKR_ATTRIBUTE_VALUE_INVALID; - PKCS11_PRINT( ( "Only EC public keys with verify permissions supported. \r\n" ) ); - } - - break; - - case ( CKA_EC_POINT ): - /* The first 2 bytes are for ASN1 type/length encoding. */ - lMbedReturn = mbedtls_ecp_point_read_binary( &pxKeyPair->grp, - &pxKeyPair->Q, - ( ( uint8_t * ) ( pxAttribute->pValue ) + 2 ), - ( pxAttribute->ulValueLen - 2 ) ); - - if( lMbedReturn != 0 ) - { - xResult = CKR_FUNCTION_FAILED; - PKCS11_PRINT( ( "mbedTLS ecp point read binary failed with %s : ", - mbedtlsHighLevelCodeOrDefault( lMbedReturn ) ) ); - PKCS11_PRINT( ( " %s \r\n", - mbedtlsLowLevelCodeOrDefault( lMbedReturn ) ) ); - } + ( void ) memcpy( &xBool, pxAttribute->pValue, pxAttribute->ulValueLen ); - break; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xBool == ( CK_BBOOL ) CK_FALSE ) + { + xResult = CKR_ATTRIBUTE_VALUE_INVALID; + PKCS11_PRINT( ( "Only EC public keys with verify permissions supported. \r\n" ) ); + } + } + else + { + lMbedReturn = mbedtls_ecp_point_read_binary( &pxKeyPair->grp, + &pxKeyPair->Q, + ( ( uint8_t * ) ( pxAttribute->pValue ) + 2U ), + ( pxAttribute->ulValueLen - 2U ) ); - default: - PKCS11_PRINT( ( "Unknown attribute found for an EC public key. %d \r\n", pxAttribute->type ) ); - xResult = CKR_ATTRIBUTE_TYPE_INVALID; - break; + if( lMbedReturn != 0 ) + { + xResult = CKR_FUNCTION_FAILED; + PKCS11_PRINT( ( "mbedTLS ecp point read binary failed with %s : ", + mbedtlsHighLevelCodeOrDefault( lMbedReturn ) ) ); + PKCS11_PRINT( ( "%s \r\n", + mbedtlsLowLevelCodeOrDefault( lMbedReturn ) ) ); + } } return xResult; @@ -832,12 +818,17 @@ static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, * */ #if ( pkcs11configSUPPRESS_ECDSA_MECHANISM != 1 ) - static CK_RV prvEcKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, - mbedtls_pk_context * pxMbedContext, + static CK_RV prvEcKeyAttParse( const CK_ATTRIBUTE * pxAttribute, + const mbedtls_pk_context * pxMbedContext, CK_BBOOL xIsPrivate ) { CK_RV xResult = CKR_OK; - CK_BBOOL xBool = CK_FALSE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xBool = ( CK_BBOOL ) CK_FALSE; + const CK_BYTE pxEcCurve[] = pkcs11DER_ENCODED_OID_P256; + const CK_BYTE * pxEcAttVal = NULL; + const CK_BBOOL * pxEcBoolAtt = NULL; /* Common EC key attributes. */ switch( pxAttribute->type ) @@ -849,9 +840,12 @@ static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, break; case ( CKA_TOKEN ): - ( void ) memcpy( &xBool, ( void * ) pxAttribute->pValue, sizeof( CK_BBOOL ) ); + pxEcBoolAtt = ( CK_BBOOL * ) pxAttribute->pValue; + ( void ) memcpy( &xBool, pxEcBoolAtt, sizeof( CK_BBOOL ) ); - if( xBool != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xBool != ( CK_BBOOL ) CK_TRUE ) { PKCS11_PRINT( ( "ERROR: Only token key creation is supported. \r\n" ) ); xResult = CKR_ATTRIBUTE_VALUE_INVALID; @@ -860,9 +854,9 @@ static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, break; case ( CKA_EC_PARAMS ): + pxEcAttVal = ( CK_BYTE * ) pxAttribute->pValue; - if( memcmp( ( CK_BYTE[] ) pkcs11DER_ENCODED_OID_P256, - ( void * ) pxAttribute->pValue, pxAttribute->ulValueLen ) ) + if( memcmp( pxEcCurve, pxEcAttVal, pxAttribute->ulValueLen ) != 0 ) { xResult = CKR_TEMPLATE_INCONSISTENT; PKCS11_PRINT( ( "ERROR: Only elliptic curve P-256 is supported.\r\n" ) ); @@ -873,7 +867,9 @@ static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, case ( CKA_VERIFY ): case ( CKA_EC_POINT ): - if( xIsPrivate == CK_FALSE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xIsPrivate == ( CK_BBOOL ) CK_FALSE ) { xResult = prvEcPubKeyAttParse( pxAttribute, pxMbedContext ); } @@ -887,7 +883,9 @@ static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, case ( CKA_SIGN ): case ( CKA_VALUE ): - if( xIsPrivate == CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xIsPrivate == ( CK_BBOOL ) CK_TRUE ) { xResult = prvEcPrivKeyAttParse( pxAttribute, pxMbedContext ); } @@ -923,22 +921,22 @@ static CK_RV prvRsaKeyAttParse( CK_ATTRIBUTE_PTR pxAttribute, * @param[out] pxAppHandle Pointer to the application handle to be provided. * CK_INVALID_HANDLE if no object found. */ -void prvFindObjectInListByLabel( uint8_t * pcLabel, - size_t xLabelLength, - CK_OBJECT_HANDLE_PTR pxPalHandle, - CK_OBJECT_HANDLE_PTR pxAppHandle ) +static void prvFindObjectInListByLabel( const CK_BYTE_PTR pcLabel, + CK_ULONG xLabelLength, + CK_OBJECT_HANDLE_PTR pxPalHandle, + CK_OBJECT_HANDLE_PTR pxAppHandle ) { - uint8_t ucIndex; + uint32_t ulIndex; *pxPalHandle = CK_INVALID_HANDLE; *pxAppHandle = CK_INVALID_HANDLE; - for( ucIndex = 0; ucIndex < pkcs11configMAX_NUM_OBJECTS; ucIndex++ ) + for( ulIndex = 0; ulIndex < pkcs11configMAX_NUM_OBJECTS; ulIndex++ ) { - if( 0 == memcmp( pcLabel, xP11Context.xObjectList.xObjects[ ucIndex ].xLabel, xLabelLength ) ) + if( 0 == memcmp( pcLabel, xP11Context.xObjectList.xObjects[ ulIndex ].xLabel, xLabelLength ) ) { - *pxPalHandle = xP11Context.xObjectList.xObjects[ ucIndex ].xHandle; - *pxAppHandle = ucIndex + 1UL; /* Zero is not a valid handle, so let's offset by 1. */ + *pxPalHandle = xP11Context.xObjectList.xObjects[ ulIndex ].xHandle; + *pxAppHandle = ulIndex + 1UL; /* Zero is not a valid handle, so let's offset by 1. */ break; } } @@ -955,8 +953,8 @@ void prvFindObjectInListByLabel( uint8_t * pcLabel, */ static void prvFindObjectInListByHandle( CK_OBJECT_HANDLE xAppHandle, CK_OBJECT_HANDLE_PTR pxPalHandle, - uint8_t ** ppcLabel, - size_t * pxLabelLength ) + CK_BYTE_PTR * ppcLabel, + CK_ULONG_PTR pxLabelLength ) { uint32_t ulIndex = xAppHandle - 1UL; @@ -964,12 +962,12 @@ static void prvFindObjectInListByHandle( CK_OBJECT_HANDLE xAppHandle, *pxLabelLength = 0; *pxPalHandle = CK_INVALID_HANDLE; - if( ulIndex < pkcs11configMAX_NUM_OBJECTS ) /* Check that handle is in bounds. */ + if( ulIndex < pkcs11configMAX_NUM_OBJECTS ) { if( xP11Context.xObjectList.xObjects[ ulIndex ].xHandle != CK_INVALID_HANDLE ) { *ppcLabel = xP11Context.xObjectList.xObjects[ ulIndex ].xLabel; - *pxLabelLength = strlen( ( const char * ) xP11Context.xObjectList.xObjects[ ulIndex ].xLabel ) + 1UL; + *pxLabelLength = xP11Context.xObjectList.xObjects[ ulIndex ].xLabelSize; *pxPalHandle = xP11Context.xObjectList.xObjects[ ulIndex ].xHandle; } } @@ -987,9 +985,9 @@ static CK_RV prvDeleteObjectFromList( CK_OBJECT_HANDLE xAppHandle ) { CK_RV xResult = CKR_OK; BaseType_t xGotSemaphore = pdFALSE; - uint32_t lIndex = xAppHandle - 1; + uint32_t ulIndex = xAppHandle - 1UL; - if( lIndex >= pkcs11configMAX_NUM_OBJECTS ) + if( ulIndex >= pkcs11configMAX_NUM_OBJECTS ) { xResult = CKR_OBJECT_HANDLE_INVALID; } @@ -1001,9 +999,9 @@ static CK_RV prvDeleteObjectFromList( CK_OBJECT_HANDLE xAppHandle ) if( xGotSemaphore == pdTRUE ) { - if( xP11Context.xObjectList.xObjects[ lIndex ].xHandle != CK_INVALID_HANDLE ) + if( xP11Context.xObjectList.xObjects[ ulIndex ].xHandle != CK_INVALID_HANDLE ) { - memset( &xP11Context.xObjectList.xObjects[ lIndex ], 0, sizeof( P11Object_t ) ); + ( void ) memset( &xP11Context.xObjectList.xObjects[ ulIndex ], 0, sizeof( P11Object_t ) ); } else { @@ -1030,54 +1028,61 @@ static CK_RV prvDeleteObjectFromList( CK_OBJECT_HANDLE xAppHandle ) * @param[in] xLabelLength Length of the PKCS #11 label. * */ -CK_RV prvAddObjectToList( CK_OBJECT_HANDLE xPalHandle, - CK_OBJECT_HANDLE_PTR pxAppHandle, - uint8_t * pcLabel, - size_t xLabelLength ) +static CK_RV prvAddObjectToList( CK_OBJECT_HANDLE xPalHandle, + CK_OBJECT_HANDLE_PTR pxAppHandle, + const CK_BYTE_PTR pcLabel, + CK_ULONG xLabelLength ) { - CK_RV xResult = CKR_OK; + CK_RV xResult = CKR_HOST_MEMORY; BaseType_t xGotSemaphore; - CK_BBOOL xObjectFound = CK_FALSE; - int32_t lInsertIndex = -1; - int32_t lSearchIndex = pkcs11configMAX_NUM_OBJECTS - 1; - xGotSemaphore = xSemaphoreTake( xP11Context.xObjectList.xMutex, portMAX_DELAY ); + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xObjectFound = ( CK_BBOOL ) CK_FALSE; + uint32_t ulSearchIndex = 0; - if( xGotSemaphore == pdTRUE ) + if( pdTRUE == xGotSemaphore ) { - for( lSearchIndex = pkcs11configMAX_NUM_OBJECTS - 1; lSearchIndex >= 0; lSearchIndex-- ) + for( ulSearchIndex = 0; ulSearchIndex < pkcs11configMAX_NUM_OBJECTS; ulSearchIndex++ ) { - if( xP11Context.xObjectList.xObjects[ lSearchIndex ].xHandle == xPalHandle ) + if( xResult == CKR_OK ) { - /* Object already exists in list. */ - xObjectFound = CK_TRUE; break; } - else if( xP11Context.xObjectList.xObjects[ lSearchIndex ].xHandle == CK_INVALID_HANDLE ) + + if( xP11Context.xObjectList.xObjects[ ulSearchIndex ].xHandle == xPalHandle ) { - lInsertIndex = lSearchIndex; + /* Object already exists in list. */ + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + xResult = CKR_OK; + xObjectFound = ( CK_BBOOL ) CK_TRUE; + } + else if( xP11Context.xObjectList.xObjects[ ulSearchIndex ].xHandle == CK_INVALID_HANDLE ) + { + xResult = CKR_OK; } else { - /* Ignore other object handles. */ + /* Cannot find a free object. */ } } - if( xObjectFound == CK_FALSE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( ( xResult == CKR_OK ) && ( xObjectFound == ( CK_BBOOL ) CK_FALSE ) ) { - if( lInsertIndex != -1 ) + if( xLabelLength < pkcs11configMAX_LABEL_LENGTH ) { - if( xLabelLength < pkcs11configMAX_LABEL_LENGTH ) - { - xP11Context.xObjectList.xObjects[ lInsertIndex ].xHandle = xPalHandle; - ( void ) memcpy( xP11Context.xObjectList.xObjects[ lInsertIndex ].xLabel, pcLabel, xLabelLength ); - *pxAppHandle = lInsertIndex + 1; - } - else - { - xResult = CKR_DATA_LEN_RANGE; - } + xP11Context.xObjectList.xObjects[ ulSearchIndex - 1UL ].xHandle = xPalHandle; + ( void ) memcpy( xP11Context.xObjectList.xObjects[ ulSearchIndex - 1UL ].xLabel, pcLabel, xLabelLength ); + xP11Context.xObjectList.xObjects[ ulSearchIndex - 1UL ].xLabelSize = xLabelLength; + *pxAppHandle = ulSearchIndex; + } + else + { + xResult = CKR_DATA_LEN_RANGE; } } @@ -1097,7 +1102,7 @@ CK_RV prvAddObjectToList( CK_OBJECT_HANDLE xPalHandle, */ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, CK_OBJECT_HANDLE_PTR pxObject, - CK_ATTRIBUTE_PTR pxLabel, + CK_ATTRIBUTE * pxLabel, CK_KEY_TYPE xKeyType, CK_BBOOL xIsPrivate ) { @@ -1115,11 +1120,15 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, xResult = CKR_HOST_MEMORY; } - if( ( xResult == CKR_OK ) && ( xIsPrivate == CK_TRUE ) ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( ( xResult == CKR_OK ) && ( xIsPrivate == ( CK_BBOOL ) CK_TRUE ) ) { lDerKeyLength = mbedtls_pk_write_key_der( pxMbedContext, pxDerKey, MAX_PUBLIC_KEY_SIZE ); } - else if( ( xResult == CKR_OK ) && ( xIsPrivate == CK_FALSE ) ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + else if( ( xResult == CKR_OK ) && ( xIsPrivate == ( CK_BBOOL ) CK_FALSE ) ) { lDerKeyLength = mbedtls_pk_write_pubkey_der( pxMbedContext, pxDerKey, MAX_PUBLIC_KEY_SIZE ); } @@ -1132,18 +1141,22 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, { if( lDerKeyLength < 0 ) { - PKCS11_PRINT( ( "mbedTLS sign failed with error %s : %s \r\n", - mbedtlsHighLevelCodeOrDefault( lDerKeyLength ), + PKCS11_PRINT( ( "mbedTLS sign failed with error %s : ", + mbedtlsHighLevelCodeOrDefault( lDerKeyLength ) ) ); + PKCS11_PRINT( ( "%s \r\n", mbedtlsLowLevelCodeOrDefault( lDerKeyLength ) ) ); xResult = CKR_FUNCTION_FAILED; } else { + /* Cast to unsigned int as the result was not negative. */ ulActualKeyLength = ( uint32_t ) lDerKeyLength; } } - if( ( xResult == CKR_OK ) && ( xIsPrivate == CK_TRUE ) && ( xKeyType == CKK_EC ) ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( ( xResult == CKR_OK ) && ( xIsPrivate == ( CK_BBOOL ) CK_TRUE ) && ( xKeyType == CKK_EC ) ) { /* * mbedtls_pk_write_key_der appends empty public @@ -1161,11 +1174,11 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, uint8_t emptyPubKey[ 6 ] = { 0xa1, 0x04, 0x03, 0x02, 0x00, 0x00 }; lCompare = memcmp( &pxDerKey[ MAX_LENGTH_KEY - 6 ], emptyPubKey, 6 ); - if( ( lCompare == 0 ) && ( ulActualKeyLength >= 6 ) ) + if( ( lCompare == 0 ) && ( ulActualKeyLength >= 6UL ) ) { /* Do not write the last 6 bytes to key storage. */ - pxDerKey[ MAX_LENGTH_KEY - lDerKeyLength + 1 ] -= 6; - ulActualKeyLength -= 6; + pxDerKey[ MAX_LENGTH_KEY - lDerKeyLength + 1 ] -= ( uint8_t ) 6; + ulActualKeyLength -= 6UL; } } @@ -1193,21 +1206,25 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, #if ( pkcs11configPAL_DESTROY_SUPPORTED != 1 ) - CK_RV PKCS11_PAL_DestroyObject( CK_OBJECT_HANDLE xAppHandle ) - { - uint8_t * pcLabel = NULL; - size_t xLabelLength = 0; - uint32_t ulObjectLength = 0; - CK_BBOOL xIsPrivate = CK_TRUE; + CK_RV PKCS11_PAL_DestroyObject( CK_OBJECT_HANDLE xHandle ) + { + CK_BYTE_PTR pcLabel = NULL; + CK_ULONG xLabelLength = 0; + CK_ULONG ulObjectLength = 0; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xIsPrivate = ( CK_BBOOL ) CK_TRUE; CK_RV xResult = CKR_OK; - uint8_t * pxObject = NULL; + CK_BYTE_PTR pxObject = NULL; CK_ATTRIBUTE xLabel = { 0 }; CK_OBJECT_HANDLE xPalHandle = CK_INVALID_HANDLE; CK_OBJECT_HANDLE xPalHandle2 = CK_INVALID_HANDLE; CK_OBJECT_HANDLE xAppHandle2 = CK_INVALID_HANDLE; CK_BYTE_PTR pxZeroedData = NULL; + CK_BYTE pxPubKeyLabel[] = { pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS }; + CK_BYTE pxPrivKeyLabel[] = { pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS }; - prvFindObjectInListByHandle( xAppHandle, &xPalHandle, &pcLabel, &xLabelLength ); + prvFindObjectInListByHandle( xHandle, &xPalHandle, &pcLabel, &xLabelLength ); if( pcLabel != NULL ) { @@ -1221,7 +1238,7 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, if( NULL != pxZeroedData ) { /* Zero out the object. */ - memset( pxZeroedData, 0x0, ulObjectLength ); + ( void ) memset( pxZeroedData, 0x0, ulObjectLength ); /* Create an object label attribute. */ xLabel.type = CKA_LABEL; xLabel.pValue = pcLabel; @@ -1251,11 +1268,17 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, { if( 0 == strncmp( xLabel.pValue, pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS, xLabel.ulValueLen ) ) { - prvFindObjectInListByLabel( ( uint8_t * ) pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS, strlen( ( char * ) pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS ), &xPalHandle, &xAppHandle2 ); + /* Remove NULL terminator in comparison. */ + prvFindObjectInListByLabel( pxPubKeyLabel, strlen( pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS ) - 1UL, &xPalHandle, &xAppHandle2 ); } else if( 0 == strncmp( xLabel.pValue, pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS, xLabel.ulValueLen ) ) { - prvFindObjectInListByLabel( ( uint8_t * ) pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS, strlen( ( char * ) pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS ), &xPalHandle, &xAppHandle2 ); + /* Remove NULL terminator in comparison. */ + prvFindObjectInListByLabel( pxPrivKeyLabel, strlen( pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS ) - 1UL, &xPalHandle, &xAppHandle2 ); + } + else + { + PKCS11_WARNING_PRINT( ( "Warning: Trying to destroy an object with an unknown label. \r\n" ) ); } if( xPalHandle != CK_INVALID_HANDLE ) @@ -1265,10 +1288,10 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, if( xResult != CKR_OK ) { - PKCS11_WARNING_PRINT( ( "Warning: Failed to remove xAppHandle2 from object list when destroying object memory." ) ); + PKCS11_WARNING_PRINT( ( "Warning: Failed to remove xAppHandle2 from object list when destroying object memory. \r\n" ) ); } - xResult = prvDeleteObjectFromList( xAppHandle ); + xResult = prvDeleteObjectFromList( xHandle ); } PKCS11_PAL_GetObjectValueCleanup( pxObject, ulObjectLength ); @@ -1279,8 +1302,6 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, /*-------------------------------------------------------------*/ -#if !defined( pkcs11configC_INITIALIZE_ALT ) - /** * @brief Initializes Cryptoki. * @@ -1293,7 +1314,7 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, * Thread protection for the rest of PKCS #11 functions * default to FreeRTOS primitives. * - * @param[in] pvInitArgs This parameter is ignored. + * @param[in] pInitArgs This parameter is ignored. * * @return CKR_OK if successful. * CKR_CRYPTOKI_ALREADY_INITIALIZED if C_Initialize was previously called. @@ -1302,43 +1323,50 @@ static CK_RV prvSaveDerKeyToPal( mbedtls_pk_context * pxMbedContext, * for more information. */ /* @[declare_pkcs11_mbedtls_c_initialize] */ - CK_DECLARE_FUNCTION( CK_RV, C_Initialize )( CK_VOID_PTR pvInitArgs ) - { /*lint !e9072 It's OK to have different parameter name. */ - ( void ) ( pvInitArgs ); +CK_DECLARE_FUNCTION( CK_RV, C_Initialize )( CK_VOID_PTR pInitArgs ) +{ + ( void ) ( pInitArgs ); - CK_RV xResult = CKR_OK; + CK_RV xResult = CKR_OK; - if( xP11Context.xIsInitialized != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xP11Context.xIsInitialized != ( CK_BBOOL ) CK_TRUE ) + { + xResult = PKCS11_PAL_Initialize(); + + if( xResult == CKR_OK ) { xResult = prvMbedTLS_Initialize(); } - else - { - xResult = CKR_CRYPTOKI_ALREADY_INITIALIZED; - } - - return xResult; } + else + { + xResult = CKR_CRYPTOKI_ALREADY_INITIALIZED; + } + + return xResult; +} /* @[declare_pkcs11_mbedtls_c_initialize] */ -#endif /* if !defined( pkcs11configC_INITIALIZE_ALT ) */ /** * @brief Clean up miscellaneous Cryptoki-associated resources. */ /* @[declare_pkcs11_mbedtls_c_finalize] */ -CK_DECLARE_FUNCTION( CK_RV, C_Finalize )( CK_VOID_PTR pvReserved ) +CK_DECLARE_FUNCTION( CK_RV, C_Finalize )( CK_VOID_PTR pReserved ) { - /*lint !e9072 It's OK to have different parameter name. */ CK_RV xResult = CKR_OK; - if( pvReserved != NULL ) + if( pReserved != NULL ) { xResult = CKR_ARGUMENTS_BAD; } if( xResult == CKR_OK ) { - if( xP11Context.xIsInitialized == CK_FALSE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xP11Context.xIsInitialized == ( CK_BBOOL ) CK_FALSE ) { xResult = CKR_CRYPTOKI_NOT_INITIALIZED; } @@ -1346,22 +1374,17 @@ CK_DECLARE_FUNCTION( CK_RV, C_Finalize )( CK_VOID_PTR pvReserved ) if( xResult == CKR_OK ) { - if( NULL != &xP11Context.xMbedEntropyContext ) - { - mbedtls_entropy_free( &xP11Context.xMbedEntropyContext ); - } - - if( NULL != &xP11Context.xMbedDrbgCtx ) - { - mbedtls_ctr_drbg_free( &xP11Context.xMbedDrbgCtx ); - } + mbedtls_entropy_free( &xP11Context.xMbedEntropyContext ); + mbedtls_ctr_drbg_free( &xP11Context.xMbedDrbgCtx ); if( xP11Context.xObjectList.xMutex != NULL ) { vSemaphoreDelete( xP11Context.xObjectList.xMutex ); } - xP11Context.xIsInitialized = CK_FALSE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + xP11Context.xIsInitialized = ( CK_BBOOL ) CK_FALSE; } return xResult; @@ -1376,7 +1399,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_Finalize )( CK_VOID_PTR pvReserved ) * * @warning Do not overwrite the function list. * - * \param[in] ppxFunctionList Pointer to the location where + * \param[in] ppFunctionList Pointer to the location where * pointer to function list will be placed. * * @return CKR_OK if successful. @@ -1384,17 +1407,90 @@ CK_DECLARE_FUNCTION( CK_RV, C_Finalize )( CK_VOID_PTR pvReserved ) * for more information. */ /* @[declare_pkcs11_mbedtls_c_getfunctionlist] */ -CK_DECLARE_FUNCTION( CK_RV, C_GetFunctionList )( CK_FUNCTION_LIST_PTR_PTR ppxFunctionList ) -{ /*lint !e9072 It's OK to have different parameter name. */ +CK_DECLARE_FUNCTION( CK_RV, C_GetFunctionList )( CK_FUNCTION_LIST_PTR_PTR ppFunctionList ) +{ CK_RV xResult = CKR_OK; - if( NULL == ppxFunctionList ) + static CK_FUNCTION_LIST prvP11FunctionList = + { + { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, + C_Initialize, + C_Finalize, + NULL, /*C_GetInfo */ + C_GetFunctionList, + C_GetSlotList, + NULL, /*C_GetSlotInfo*/ + C_GetTokenInfo, + NULL, /*C_GetMechanismList*/ + C_GetMechanismInfo, + C_InitToken, + NULL, /*C_InitPIN*/ + NULL, /*C_SetPIN*/ + C_OpenSession, + C_CloseSession, + NULL, /*C_CloseAllSessions*/ + NULL, /*C_GetSessionInfo*/ + NULL, /*C_GetOperationState*/ + NULL, /*C_SetOperationState*/ + C_Login, /*C_Login*/ + NULL, /*C_Logout*/ + C_CreateObject, + NULL, /*C_CopyObject*/ + C_DestroyObject, + NULL, /*C_GetObjectSize*/ + C_GetAttributeValue, + NULL, /*C_SetAttributeValue*/ + C_FindObjectsInit, + C_FindObjects, + C_FindObjectsFinal, + NULL, /*C_EncryptInit*/ + NULL, /*C_Encrypt*/ + NULL, /*C_EncryptUpdate*/ + NULL, /*C_EncryptFinal*/ + NULL, /*C_DecryptInit*/ + NULL, /*C_Decrypt*/ + NULL, /*C_DecryptUpdate*/ + NULL, /*C_DecryptFinal*/ + C_DigestInit, + NULL, /*C_Digest*/ + C_DigestUpdate, + NULL, /* C_DigestKey*/ + C_DigestFinal, + C_SignInit, + C_Sign, + NULL, /*C_SignUpdate*/ + NULL, /*C_SignFinal*/ + NULL, /*C_SignRecoverInit*/ + NULL, /*C_SignRecover*/ + C_VerifyInit, + C_Verify, + NULL, /*C_VerifyUpdate*/ + NULL, /*C_VerifyFinal*/ + NULL, /*C_VerifyRecoverInit*/ + NULL, /*C_VerifyRecover*/ + NULL, /*C_DigestEncryptUpdate*/ + NULL, /*C_DecryptDigestUpdate*/ + NULL, /*C_SignEncryptUpdate*/ + NULL, /*C_DecryptVerifyUpdate*/ + NULL, /*C_GenerateKey*/ + C_GenerateKeyPair, + NULL, /*C_WrapKey*/ + NULL, /*C_UnwrapKey*/ + NULL, /*C_DeriveKey*/ + NULL, /*C_SeedRandom*/ + C_GenerateRandom, + NULL, /*C_GetFunctionStatus*/ + NULL, /*C_CancelFunction*/ + NULL /*C_WaitForSlotEvent*/ + }; + + if( NULL == ppFunctionList ) { xResult = CKR_ARGUMENTS_BAD; } else { - *ppxFunctionList = &prvP11FunctionList; + *ppFunctionList = &prvP11FunctionList; } return xResult; @@ -1406,8 +1502,8 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetFunctionList )( CK_FUNCTION_LIST_PTR_PTR ppxFun * * This port does not implement the concept of separate slots/tokens. * - * \param[in] xTokenPresent This parameter is unused by this port. - * \param[in] pxSlotList Pointer to an array of slot IDs. + * \param[in] tokenPresent This parameter is unused by this port. + * \param[in] pSlotList Pointer to an array of slot IDs. * At this time, only 1 slot is implemented. * \param[in,out] pulCount Length of the slot list pxSlotList. Updated * to contain the actual number of slots written @@ -1418,17 +1514,19 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetFunctionList )( CK_FUNCTION_LIST_PTR_PTR ppxFun * for more information. */ /* @[declare_pkcs11_mbedtls_c_getslotlist] */ -CK_DECLARE_FUNCTION( CK_RV, C_GetSlotList )( CK_BBOOL xTokenPresent, - CK_SLOT_ID_PTR pxSlotList, +CK_DECLARE_FUNCTION( CK_RV, C_GetSlotList )( CK_BBOOL tokenPresent, + CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount ) -{ /*lint !e9072 It's OK to have different parameter name. */ +{ CK_RV xResult = CKR_OK; /* Since the mbedTLS implementation of PKCS#11 does not depend * on a physical token, this parameter is ignored. */ - ( void ) ( xTokenPresent ); + ( void ) ( tokenPresent ); - if( PKCS11_MODULE_IS_INITIALIZED != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xP11Context.xIsInitialized != ( CK_BBOOL ) CK_TRUE ) { xResult = CKR_CRYPTOKI_NOT_INITIALIZED; } @@ -1440,7 +1538,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetSlotList )( CK_BBOOL xTokenPresent, if( xResult == CKR_OK ) { - if( NULL == pxSlotList ) + if( NULL == pSlotList ) { *pulCount = 1; } @@ -1452,7 +1550,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetSlotList )( CK_BBOOL xTokenPresent, } else { - pxSlotList[ 0 ] = pkcs11SLOT_ID; + pSlotList[ 0 ] = pkcs11SLOT_ID; *pulCount = 1; } } @@ -1466,7 +1564,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetSlotList )( CK_BBOOL xTokenPresent, /** * @brief Obtains information about a particular token. * - * @param[in] xSlotID This parameter is unused in this port. + * @param[in] slotID This parameter is unused in this port. * @param[out] pInfo This parameter is unused in this port. * * C_GetTokenInfo() is only implemented for compatibility with other ports. @@ -1477,11 +1575,11 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetSlotList )( CK_BBOOL xTokenPresent, * @return CKR_OK. */ /* @[declare_pkcs11_mbedtls_c_gettokeninfo] */ -CK_DECLARE_FUNCTION( CK_RV, C_GetTokenInfo )( CK_SLOT_ID xSlotID, +CK_DECLARE_FUNCTION( CK_RV, C_GetTokenInfo )( CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo ) { /* Avoid compiler warnings about unused variables. */ - ( void ) xSlotID; + ( void ) slotID; ( void ) pInfo; return CKR_OK; @@ -1491,7 +1589,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetTokenInfo )( CK_SLOT_ID xSlotID, /** * @brief Obtains information about a particular mechanism. * - * \param[in] xSlotID This parameter is unused in this port. + * \param[in] slotID This parameter is unused in this port. * \param[in] type The cryptographic capability for which support * information is being queried. * \param[out] pInfo Algorithm sizes and flags for the requested @@ -1500,12 +1598,12 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetTokenInfo )( CK_SLOT_ID xSlotID, * @return CKR_OK if the mechanism is supported. Otherwise, CKR_MECHANISM_INVALID. */ /* @[declare_pkcs11_mbedtls_c_getmechanisminfo] */ -CK_DECLARE_FUNCTION( CK_RV, C_GetMechanismInfo )( CK_SLOT_ID xSlotID, +CK_DECLARE_FUNCTION( CK_RV, C_GetMechanismInfo )( CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR pInfo ) { /* Disable unused parameter warning. */ - ( void ) xSlotID; + ( void ) slotID; CK_RV xResult = CKR_MECHANISM_INVALID; @@ -1583,12 +1681,12 @@ CK_DECLARE_FUNCTION( CK_RV, C_InitToken )( CK_SLOT_ID slotID, * C_Initialize() before calling C_OpenSession(). * * - * \param[in] xSlotID This parameter is unused in this port. - * \param[in] xFlags Session flags - CKF_SERIAL_SESSION is a + * \param[in] slotID This parameter is unused in this port. + * \param[in] flags Session flags - CKF_SERIAL_SESSION is a * mandatory flag. - * \param[in] pvApplication This parameter is unused in this port. - * \param[in] xNotify This parameter is unused in this port. - * \param[in] pxSession Pointer to the location that the created + * \param[in] pApplication This parameter is unused in this port. + * \param[in] Notify This parameter is unused in this port. + * \param[in] phSession Pointer to the location that the created * session's handle will be placed. * * @return CKR_OK if successful. @@ -1596,33 +1694,40 @@ CK_DECLARE_FUNCTION( CK_RV, C_InitToken )( CK_SLOT_ID slotID, * for more information. */ /* @[declare_pkcs11_mbedtls_c_opensession] */ -CK_DECLARE_FUNCTION( CK_RV, C_OpenSession )( CK_SLOT_ID xSlotID, - CK_FLAGS xFlags, - CK_VOID_PTR pvApplication, - CK_NOTIFY xNotify, - CK_SESSION_HANDLE_PTR pxSession ) -{ /*lint !e9072 It's OK to have different parameter name. */ +CK_DECLARE_FUNCTION( CK_RV, C_OpenSession )( CK_SLOT_ID slotID, + CK_FLAGS flags, + CK_VOID_PTR pApplication, + CK_NOTIFY Notify, + CK_SESSION_HANDLE_PTR phSession ) +{ CK_RV xResult = CKR_OK; - P11SessionPtr_t pxSessionObj = NULL; + P11Session_t * pxSessionObj = NULL; + uint32_t ulSessionCount = 0; + + ( void ) ( slotID ); + ( void ) ( pApplication ); - ( void ) ( xSlotID ); - ( void ) ( pvApplication ); - ( void ) ( xNotify ); + /* Allow unused parameters to be cast to void to silence compiler warnings. + * Even if they are a function pointer. */ + /* coverity[misra_c_2012_rule_11_1_violation] */ + ( void ) Notify; /* Check that the PKCS #11 module is initialized. */ - if( PKCS11_MODULE_IS_INITIALIZED != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xP11Context.xIsInitialized != ( CK_BBOOL ) CK_TRUE ) { xResult = CKR_CRYPTOKI_NOT_INITIALIZED; } /* Check arguments. */ - if( NULL == pxSession ) + if( NULL == phSession ) { xResult = CKR_ARGUMENTS_BAD; } /* For legacy reasons, the CKF_SERIAL_SESSION bit MUST always be set. */ - if( ( CKR_OK == xResult ) && ( 0 == ( CKF_SERIAL_SESSION & xFlags ) ) ) + if( ( CKR_OK == xResult ) && ( 0UL == ( CKF_SERIAL_SESSION & flags ) ) ) { xResult = CKR_SESSION_PARALLEL_NOT_SUPPORTED; } @@ -1632,19 +1737,36 @@ CK_DECLARE_FUNCTION( CK_RV, C_OpenSession )( CK_SLOT_ID xSlotID, */ if( CKR_OK == xResult ) { - pxSessionObj = ( P11SessionPtr_t ) pvPortMalloc( sizeof( struct P11Session ) ); /*lint !e9087 Allow casting void* to other types. */ + /* Get next open session slot. */ + if( xSemaphoreTake( xP11Context.xSessionMutex, portMAX_DELAY ) == pdTRUE ) + { + for( ulSessionCount = 0; ulSessionCount < pkcs11configMAX_SESSIONS; ++ulSessionCount ) + { + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( pxP11Sessions[ ulSessionCount ].xOpened == ( CK_BBOOL ) CK_FALSE ) + { + xResult = CKR_OK; + pxSessionObj = &pxP11Sessions[ ulSessionCount ]; + /* coverity[misra_c_2012_rule_10_5_violation] */ + pxSessionObj->xOpened = ( CK_BBOOL ) CK_TRUE; + break; + } + else + { + /* No available session. */ + xResult = CKR_SESSION_COUNT; + } + } - if( NULL == pxSessionObj ) + ( void ) xSemaphoreGive( xP11Context.xSessionMutex ); + } + else { - xResult = CKR_HOST_MEMORY; + xResult = CKR_FUNCTION_FAILED; } - /* - * Zero out the session structure. - */ if( CKR_OK == xResult ) { - memset( pxSessionObj, 0, sizeof( P11Session_t ) ); pxSessionObj->xSignMutex = xSemaphoreCreateMutex(); if( NULL == pxSessionObj->xSignMutex ) @@ -1667,8 +1789,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_OpenSession )( CK_SLOT_ID xSlotID, * Assign the session. */ pxSessionObj->ulState = - ( 0UL != ( xFlags & CKF_RW_SESSION ) ) ? CKS_RW_PUBLIC_SESSION : CKS_RO_PUBLIC_SESSION; - pxSessionObj->xOpened = CK_TRUE; + ( 0UL != ( flags & CKF_RW_SESSION ) ) ? CKS_RW_PUBLIC_SESSION : CKS_RO_PUBLIC_SESSION; } /* @@ -1683,6 +1804,8 @@ CK_DECLARE_FUNCTION( CK_RV, C_OpenSession )( CK_SLOT_ID xSlotID, if( CKR_OK != xResult ) { + PKCS11_PRINT( ( "Failed to open a new session with error %d \r\n", xResult ) ); + if( pxSessionObj != NULL ) { if( pxSessionObj->xSignMutex != NULL ) @@ -1695,12 +1818,15 @@ CK_DECLARE_FUNCTION( CK_RV, C_OpenSession )( CK_SLOT_ID xSlotID, vSemaphoreDelete( pxSessionObj->xVerifyMutex ); } - vPortFree( pxSessionObj ); + ( void ) memset( pxSessionObj, 0, sizeof( P11Session_t ) ); + *phSession = CK_INVALID_HANDLE; } } else { - *pxSession = ( CK_SESSION_HANDLE ) pxSessionObj; /*lint !e923 Allow casting pointer to integer type for handle. */ + /* Increment by one, as invalid handles in PKCS #11 are 0. */ + ++ulSessionCount; + *phSession = ulSessionCount; } return xResult; @@ -1710,7 +1836,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_OpenSession )( CK_SLOT_ID xSlotID, /** * @brief Closes a session. * - * @param[in] xSession The session handle to + * @param[in] hSession The session handle to * be terminated. * * @return CKR_OK if successful. @@ -1718,22 +1844,27 @@ CK_DECLARE_FUNCTION( CK_RV, C_OpenSession )( CK_SLOT_ID xSlotID, * for more information. */ /* @[declare_pkcs11_mbedtls_c_closesession] */ -CK_DECLARE_FUNCTION( CK_RV, C_CloseSession )( CK_SESSION_HANDLE xSession ) +CK_DECLARE_FUNCTION( CK_RV, C_CloseSession )( CK_SESSION_HANDLE hSession ) { - /*lint !e9072 It's OK to have different parameter name. */ - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - P11SessionPtr_t pxSession = prvSessionPointerFromHandle( xSession ); + P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = CKR_OK; - if( xResult == CKR_OK ) + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xP11Context.xIsInitialized == ( CK_BBOOL ) CK_FALSE ) + { + xResult = CKR_CRYPTOKI_NOT_INITIALIZED; + } + else if( pxSession == NULL ) + { + xResult = CKR_SESSION_HANDLE_INVALID; + } + /* coverity[misra_c_2012_rule_10_5_violation] */ + else if( pxSession->xOpened == ( CK_BBOOL ) CK_TRUE ) { /* * Tear down the session. */ - - if( NULL != pxSession->xSignKey.pk_ctx ) - { - mbedtls_pk_free( &pxSession->xSignKey ); - } + mbedtls_pk_free( &pxSession->xSignKey ); if( NULL != pxSession->xSignMutex ) { @@ -1741,10 +1872,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_CloseSession )( CK_SESSION_HANDLE xSession ) } /* Free the public key context if it exists. */ - if( NULL != pxSession->xVerifyKey.pk_ctx ) - { - mbedtls_pk_free( &pxSession->xVerifyKey ); - } + mbedtls_pk_free( &pxSession->xVerifyKey ); if( NULL != pxSession->xVerifyMutex ) { @@ -1753,11 +1881,12 @@ CK_DECLARE_FUNCTION( CK_RV, C_CloseSession )( CK_SESSION_HANDLE xSession ) mbedtls_sha256_free( &pxSession->xSHA256Context ); - vPortFree( pxSession ); + /* memset clears the open flag, so there is no need to set it to CK_FALSE */ + ( void ) memset( pxSession, 0, sizeof( P11Session_t ) ); } else { - xResult = CKR_SESSION_HANDLE_INVALID; + /* MISRA */ } return xResult; @@ -1801,7 +1930,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_Login )( CK_SESSION_HANDLE hSession, * @param[in] pxObject Pointer to PKCS #11 object. * @return CKR_OK. */ -static CK_RV prvCreateCertificate( CK_ATTRIBUTE_PTR pxTemplate, +static CK_RV prvCreateCertificate( CK_ATTRIBUTE * pxTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR pxObject ) { @@ -1811,7 +1940,7 @@ static CK_RV prvCreateCertificate( CK_ATTRIBUTE_PTR pxTemplate, CK_ATTRIBUTE_PTR pxLabel = NULL; CK_OBJECT_HANDLE xPalHandle = CK_INVALID_HANDLE; CK_CERTIFICATE_TYPE xCertificateType = 0; - uint32_t ulIndex = 0; + CK_ULONG ulIndex = 0; /* Search for the pointer to the certificate VALUE. */ for( ulIndex = 0; ulIndex < ulCount; ulIndex++ ) @@ -1844,13 +1973,16 @@ static CK_RV prvCreateCertificate( CK_ATTRIBUTE_PTR pxTemplate, if( xResult == CKR_OK ) { xResult = prvAddObjectToList( xPalHandle, pxObject, pxLabel->pValue, pxLabel->ulValueLen ); - /* TODO: If this fails, should the object be wiped back out of flash? But what if that fails?!?!? */ + } + + if( xResult != CKR_OK ) + { + xResult = PKCS11_PAL_DestroyObject( *pxObject ); } return xResult; } -#define PKCS11_INVALID_KEY_TYPE ( ( CK_KEY_TYPE ) 0xFFFFFFFF ) /**< @brief Macro to signify an invalid PKCS #11 key type. */ /** * @brief Helper to search an attribute for the key type attribute. @@ -1861,7 +1993,7 @@ static CK_RV prvCreateCertificate( CK_ATTRIBUTE_PTR pxTemplate, * */ static void prvGetKeyType( CK_KEY_TYPE * pxKeyType, - CK_ATTRIBUTE_PTR pxTemplate, + const CK_ATTRIBUTE * pxTemplate, CK_ULONG ulCount ) { uint32_t ulIndex; @@ -1889,12 +2021,12 @@ static void prvGetKeyType( CK_KEY_TYPE * pxKeyType, * @param[in] ulCount length of templates array. * */ -static void prvGetLabel( CK_ATTRIBUTE_PTR * ppxLabel, - CK_ATTRIBUTE_PTR pxTemplate, +static void prvGetLabel( CK_ATTRIBUTE ** ppxLabel, + CK_ATTRIBUTE * pxTemplate, CK_ULONG ulCount ) { CK_ATTRIBUTE xAttribute; - uint32_t ulIndex; + CK_ULONG ulIndex; *ppxLabel = NULL; @@ -1926,24 +2058,30 @@ static void prvGetLabel( CK_ATTRIBUTE_PTR * ppxLabel, #if ( pkcs11configSUPPRESS_ECDSA_MECHANISM != 1 ) static CK_RV prvGetExistingKeyComponent( CK_OBJECT_HANDLE_PTR pxPalHandle, mbedtls_pk_context * pxMbedContext, - CK_ATTRIBUTE_PTR pxLabel ) + const CK_ATTRIBUTE * pxLabel ) { - uint8_t * pucData = NULL; - size_t xDataLength = 0; - CK_BBOOL xIsPrivate = CK_TRUE; + CK_BYTE_PTR pucData = NULL; + CK_ULONG ulDataLength = 0; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xIsPrivate = ( CK_BBOOL ) CK_TRUE; CK_RV xResult = CKR_OK; int32_t lMbedResult = 0; + CK_BYTE pxPubKeyLabel[] = { pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS }; + CK_BYTE pxPrivKeyLabel[] = { pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS }; *pxPalHandle = CK_INVALID_HANDLE; if( 0 == strncmp( pxLabel->pValue, pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS, pxLabel->ulValueLen ) ) { - *pxPalHandle = PKCS11_PAL_FindObject( ( uint8_t * ) pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS, ( uint8_t ) pxLabel->ulValueLen ); + *pxPalHandle = PKCS11_PAL_FindObject( pxPubKeyLabel, pxLabel->ulValueLen ); } else if( 0 == strncmp( pxLabel->pValue, pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS, pxLabel->ulValueLen ) ) { - *pxPalHandle = PKCS11_PAL_FindObject( ( uint8_t * ) pkcs11configLABEL_DEVICE_PRIVATE_KEY_FOR_TLS, ( uint8_t ) pxLabel->ulValueLen ); - xIsPrivate = CK_FALSE; + *pxPalHandle = PKCS11_PAL_FindObject( pxPrivKeyLabel, pxLabel->ulValueLen ); + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + xIsPrivate = ( CK_BBOOL ) CK_FALSE; } else { @@ -1952,27 +2090,30 @@ static void prvGetLabel( CK_ATTRIBUTE_PTR * ppxLabel, if( *pxPalHandle != CK_INVALID_HANDLE ) { - xResult = PKCS11_PAL_GetObjectValue( *pxPalHandle, &pucData, ( uint32_t * ) &xDataLength, &xIsPrivate ); + xResult = PKCS11_PAL_GetObjectValue( *pxPalHandle, &pucData, &ulDataLength, &xIsPrivate ); } if( xResult == CKR_OK ) { - if( xIsPrivate == CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xIsPrivate == ( CK_BBOOL ) CK_TRUE ) { - lMbedResult = mbedtls_pk_parse_key( pxMbedContext, pucData, xDataLength, NULL, 0 ); + lMbedResult = mbedtls_pk_parse_key( pxMbedContext, pucData, ulDataLength, NULL, 0 ); } else { - lMbedResult = mbedtls_pk_parse_public_key( pxMbedContext, pucData, xDataLength ); + lMbedResult = mbedtls_pk_parse_public_key( pxMbedContext, pucData, ulDataLength ); } - PKCS11_PAL_GetObjectValueCleanup( pucData, xDataLength ); + PKCS11_PAL_GetObjectValueCleanup( pucData, ulDataLength ); } - if( lMbedResult != 0UL ) + if( lMbedResult != 0 ) { - PKCS11_PRINT( ( "mbedTLS pk parse failed with error %s : %s \r\n", - mbedtlsHighLevelCodeOrDefault( lMbedResult ), + PKCS11_PRINT( ( "mbedTLS pk parse failed with error %s : ", + mbedtlsHighLevelCodeOrDefault( lMbedResult ) ) ); + PKCS11_PRINT( ( "%s \r\n", mbedtlsLowLevelCodeOrDefault( lMbedResult ) ) ); *pxPalHandle = CK_INVALID_HANDLE; } @@ -1991,7 +2132,7 @@ static void prvGetLabel( CK_ATTRIBUTE_PTR * ppxLabel, * */ #if ( pkcs11configSUPPRESS_ECDSA_MECHANISM != 1 ) - static CK_RV prvCreateECKey( CK_ATTRIBUTE_PTR pxTemplate, + static CK_RV prvCreateECKey( CK_ATTRIBUTE * pxTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR pxObject, CK_BBOOL xIsPrivate ) @@ -2046,8 +2187,9 @@ static void prvGetLabel( CK_ATTRIBUTE_PTR * ppxLabel, if( lMbedTLSReturn != 0 ) { - PKCS11_PRINT( ( "mbedTLS ECP curve load failed with error %s : %s \r\n", - mbedtlsHighLevelCodeOrDefault( lMbedTLSReturn ), + PKCS11_PRINT( ( "mbedTLS ECP curve load failed with error %s : ", + mbedtlsHighLevelCodeOrDefault( lMbedTLSReturn ) ) ); + PKCS11_PRINT( ( "%s \r\n", mbedtlsLowLevelCodeOrDefault( lMbedTLSReturn ) ) ); xResult = CKR_FUNCTION_FAILED; } @@ -2097,7 +2239,7 @@ static void prvGetLabel( CK_ATTRIBUTE_PTR * ppxLabel, * @param[in] pxObject PKCS #11 object handle. * */ -static CK_RV prvCreateRsaPrivateKey( CK_ATTRIBUTE_PTR pxTemplate, +static CK_RV prvCreateRsaPrivateKey( CK_ATTRIBUTE * pxTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR pxObject ) { @@ -2148,7 +2290,9 @@ static CK_RV prvCreateRsaPrivateKey( CK_ATTRIBUTE_PTR pxTemplate, pxObject, pxLabel, CKK_RSA, - CK_TRUE ); + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + ( CK_BBOOL ) CK_TRUE ); } /* Clean up the mbedTLS key context. */ @@ -2165,9 +2309,9 @@ static CK_RV prvCreateRsaPrivateKey( CK_ATTRIBUTE_PTR pxTemplate, * @param[in] pxObject PKCS #11 object handle. * */ -CK_RV prvCreatePrivateKey( CK_ATTRIBUTE_PTR pxTemplate, - CK_ULONG ulCount, - CK_OBJECT_HANDLE_PTR pxObject ) +static CK_RV prvCreatePrivateKey( CK_ATTRIBUTE * pxTemplate, + CK_ULONG ulCount, + CK_OBJECT_HANDLE_PTR pxObject ) { CK_RV xResult = CKR_OK; CK_KEY_TYPE xKeyType; @@ -2188,7 +2332,9 @@ CK_RV prvCreatePrivateKey( CK_ATTRIBUTE_PTR pxTemplate, xResult = prvCreateECKey( pxTemplate, ulCount, pxObject, - CK_TRUE ); + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + ( CK_BBOOL ) CK_TRUE ); } #endif /* if ( pkcs11configSUPPRESS_ECDSA_MECHANISM != 1 ) */ else @@ -2208,18 +2354,18 @@ CK_RV prvCreatePrivateKey( CK_ATTRIBUTE_PTR pxTemplate, * @param[in] pxObject PKCS #11 object handle. * */ -static CK_RV prvCreatePublicKey( CK_ATTRIBUTE_PTR pxTemplate, +static CK_RV prvCreatePublicKey( CK_ATTRIBUTE * pxTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR pxObject ) { + CK_KEY_TYPE xKeyType = 0; + CK_RV xResult = CKR_OK; + #if ( pkcs11configSUPPRESS_ECDSA_MECHANISM == 1 ) /* Suppress unused parameter warning if ECDSA is suppressed. */ ( void ) pxObject; #endif /* if ( pkcs11configSUPPRESS_ECDSA_MECHANISM == 1 ) */ - CK_KEY_TYPE xKeyType = 0; - CK_RV xResult = CKR_OK; - prvGetKeyType( &xKeyType, pxTemplate, ulCount ); if( xKeyType == CKK_RSA ) @@ -2230,7 +2376,9 @@ static CK_RV prvCreatePublicKey( CK_ATTRIBUTE_PTR pxTemplate, #if ( pkcs11configSUPPRESS_ECDSA_MECHANISM != 1 ) else if( xKeyType == CKK_EC ) /* CKK_EC = CKK_ECDSA. */ { - xResult = prvCreateECKey( pxTemplate, ulCount, pxObject, CK_FALSE ); + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + xResult = prvCreateECKey( pxTemplate, ulCount, pxObject, ( CK_BBOOL ) CK_FALSE ); } #endif /* if ( pkcs11configSUPPRESS_ECDSA_MECHANISM != 1 ) */ else @@ -2246,11 +2394,11 @@ static CK_RV prvCreatePublicKey( CK_ATTRIBUTE_PTR pxTemplate, /** * @brief Creates an object. * - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[in] pxTemplate List of attributes of the object to + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[in] pTemplate List of attributes of the object to * be created. - * @param[in] ulCount Number of attributes in pxTemplate. - * @param[out] pxObject Pointer to the location where the created + * @param[in] ulCount Number of attributes in pTemplate. + * @param[out] phObject Pointer to the location where the created * object's handle will be placed. * * <table> @@ -2295,24 +2443,25 @@ static CK_RV prvCreatePublicKey( CK_ATTRIBUTE_PTR pxTemplate, * for more information. */ /* @[declare_pkcs11_mbedtls_c_createobject] */ -CK_DECLARE_FUNCTION( CK_RV, C_CreateObject )( CK_SESSION_HANDLE xSession, - CK_ATTRIBUTE_PTR pxTemplate, +CK_DECLARE_FUNCTION( CK_RV, C_CreateObject )( CK_SESSION_HANDLE hSession, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, - CK_OBJECT_HANDLE_PTR pxObject ) + CK_OBJECT_HANDLE_PTR phObject ) { - /*lint !e9072 It's OK to have different parameter name. */ - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); CK_OBJECT_CLASS xClass = 0; - if( ( NULL == pxTemplate ) || - ( NULL == pxObject ) ) + const P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); + + if( ( NULL == pTemplate ) || + ( NULL == phObject ) ) { xResult = CKR_ARGUMENTS_BAD; } if( xResult == CKR_OK ) { - xResult = prvGetObjectClass( pxTemplate, ulCount, &xClass ); + xResult = prvGetObjectClass( pTemplate, ulCount, &xClass ); } if( xResult == CKR_OK ) @@ -2320,15 +2469,15 @@ CK_DECLARE_FUNCTION( CK_RV, C_CreateObject )( CK_SESSION_HANDLE xSession, switch( xClass ) { case CKO_CERTIFICATE: - xResult = prvCreateCertificate( pxTemplate, ulCount, pxObject ); + xResult = prvCreateCertificate( pTemplate, ulCount, phObject ); break; case CKO_PRIVATE_KEY: - xResult = prvCreatePrivateKey( pxTemplate, ulCount, pxObject ); + xResult = prvCreatePrivateKey( pTemplate, ulCount, phObject ); break; case CKO_PUBLIC_KEY: - xResult = prvCreatePublicKey( pxTemplate, ulCount, pxObject ); + xResult = prvCreatePublicKey( pTemplate, ulCount, phObject ); break; default: @@ -2344,8 +2493,8 @@ CK_DECLARE_FUNCTION( CK_RV, C_CreateObject )( CK_SESSION_HANDLE xSession, /** * @brief Destroys an object. * - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[in] xObject Handle of the object to be destroyed. + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[in] hObject Handle of the object to be destroyed. * * @warning In this implementation, if either the device public key or the device * private key (labels pkcs11configLABEL_DEVICE_PUBLIC_KEY_FOR_TLS and @@ -2357,14 +2506,15 @@ CK_DECLARE_FUNCTION( CK_RV, C_CreateObject )( CK_SESSION_HANDLE xSession, * for more information. */ /* @[declare_pkcs11_mbedtls_c_destroyobject] */ -CK_DECLARE_FUNCTION( CK_RV, C_DestroyObject )( CK_SESSION_HANDLE xSession, - CK_OBJECT_HANDLE xObject ) +CK_DECLARE_FUNCTION( CK_RV, C_DestroyObject )( CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject ) { - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); + const P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); if( xResult == CKR_OK ) { - xResult = PKCS11_PAL_DestroyObject( xObject ); + xResult = PKCS11_PAL_DestroyObject( hObject ); } return xResult; @@ -2373,9 +2523,9 @@ CK_DECLARE_FUNCTION( CK_RV, C_DestroyObject )( CK_SESSION_HANDLE xSession, /** * @brief Obtains an attribute value of an object. - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[in] xObject PKCS #11 object handle to be queried. - * @param[in,out] pxTemplate Attribute template. + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[in] hObject PKCS #11 object handle to be queried. + * @param[in,out] pTemplate Attribute template. * pxTemplate.pValue should be set to the attribute * to be queried. pxTemplate.ulValueLen should be * set to the length of the buffer allocated at @@ -2411,41 +2561,49 @@ CK_DECLARE_FUNCTION( CK_RV, C_DestroyObject )( CK_SESSION_HANDLE xSession, * for more information. */ /* @[declare_pkcs11_mbedtls_c_getattributevalue] */ -CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, - CK_OBJECT_HANDLE xObject, - CK_ATTRIBUTE_PTR pxTemplate, +CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount ) { - /*lint !e9072 It's OK to have different parameter name. */ - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - CK_BBOOL xIsPrivate = CK_TRUE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xIsPrivate = ( CK_BBOOL ) CK_TRUE; CK_ULONG iAttrib; mbedtls_pk_context xKeyContext = { 0 }; mbedtls_pk_type_t xKeyType; - mbedtls_ecp_keypair * pxKeyPair; + const mbedtls_ecp_keypair * pxKeyPair; CK_KEY_TYPE xPkcsKeyType = ( CK_KEY_TYPE ) ~0UL; CK_OBJECT_CLASS xClass; - uint8_t * pxObjectValue = NULL; - uint32_t ulLength = 0; - uint8_t ucP256Oid[] = pkcs11DER_ENCODED_OID_P256; + CK_BYTE_PTR pxObjectValue = NULL; + CK_ULONG ulLength = 0; + const CK_BYTE ucP256Oid[] = pkcs11DER_ENCODED_OID_P256; int32_t lMbedTLSResult = 0; CK_OBJECT_HANDLE xPalHandle = CK_INVALID_HANDLE; - size_t xSize; - uint8_t * pcLabel = NULL; + CK_ULONG xSize = 0; + size_t xMbedSize = 0; + CK_BYTE_PTR pcLabel = NULL; + const P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); - if( ( NULL == pxTemplate ) || ( 0 == ulCount ) ) + if( ( CKR_OK == xResult ) && ( ( ( NULL == pTemplate ) ) || ( 0UL == ulCount ) ) ) { xResult = CKR_ARGUMENTS_BAD; } + if( ( CKR_OK == xResult ) && ( CK_INVALID_HANDLE == hObject ) ) + { + xResult = CKR_OBJECT_HANDLE_INVALID; + } + if( xResult == CKR_OK ) { /* * Copy the object into a buffer. */ - prvFindObjectInListByHandle( xObject, &xPalHandle, &pcLabel, &xSize ); /*pcLabel and xSize are ignored. */ + prvFindObjectInListByHandle( hObject, &xPalHandle, &pcLabel, &xSize ); /*pcLabel and xSize are ignored. */ if( xPalHandle != CK_INVALID_HANDLE ) { @@ -2465,7 +2623,9 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, if( 0 == mbedtls_pk_parse_key( &xKeyContext, pxObjectValue, ulLength, NULL, 0 ) ) { - if( xIsPrivate == CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xIsPrivate == ( CK_BBOOL ) CK_TRUE ) { xClass = CKO_PRIVATE_KEY; } @@ -2488,21 +2648,26 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, if( xResult == CKR_OK ) { - for( iAttrib = 0; ( iAttrib < ulCount ) && ( CKR_OK == xResult ); iAttrib++ ) + for( iAttrib = 0; iAttrib < ulCount; iAttrib++ ) { - switch( pxTemplate[ iAttrib ].type ) + if( xResult != CKR_OK ) + { + break; + } + + switch( pTemplate[ iAttrib ].type ) { case CKA_CLASS: - if( pxTemplate[ iAttrib ].pValue == NULL ) + if( pTemplate[ iAttrib ].pValue == NULL ) { - pxTemplate[ iAttrib ].ulValueLen = sizeof( CK_OBJECT_CLASS ); + pTemplate[ iAttrib ].ulValueLen = sizeof( CK_OBJECT_CLASS ); } else { - if( pxTemplate[ iAttrib ].ulValueLen >= sizeof( CK_OBJECT_CLASS ) ) + if( pTemplate[ iAttrib ].ulValueLen >= sizeof( CK_OBJECT_CLASS ) ) { - ( void ) memcpy( pxTemplate[ iAttrib ].pValue, &xClass, sizeof( CK_OBJECT_CLASS ) ); + ( void ) memcpy( pTemplate[ iAttrib ].pValue, &xClass, sizeof( CK_OBJECT_CLASS ) ); } else { @@ -2514,24 +2679,26 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, case CKA_VALUE: - if( xIsPrivate == CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xIsPrivate == ( CK_BBOOL ) CK_TRUE ) { - pxTemplate[ iAttrib ].ulValueLen = CK_UNAVAILABLE_INFORMATION; + pTemplate[ iAttrib ].ulValueLen = CK_UNAVAILABLE_INFORMATION; xResult = CKR_ATTRIBUTE_SENSITIVE; } else { - if( pxTemplate[ iAttrib ].pValue == NULL ) + if( pTemplate[ iAttrib ].pValue == NULL ) { - pxTemplate[ iAttrib ].ulValueLen = ulLength; + pTemplate[ iAttrib ].ulValueLen = ulLength; } - else if( pxTemplate[ iAttrib ].ulValueLen < ulLength ) + else if( pTemplate[ iAttrib ].ulValueLen < ulLength ) { xResult = CKR_BUFFER_TOO_SMALL; } else { - ( void ) memcpy( pxTemplate[ iAttrib ].pValue, pxObjectValue, ulLength ); + ( void ) memcpy( pTemplate[ iAttrib ].pValue, pxObjectValue, ulLength ); } } @@ -2539,11 +2706,11 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, case CKA_KEY_TYPE: - if( pxTemplate[ iAttrib ].pValue == NULL ) + if( pTemplate[ iAttrib ].pValue == NULL ) { - pxTemplate[ iAttrib ].ulValueLen = sizeof( CK_KEY_TYPE ); + pTemplate[ iAttrib ].ulValueLen = sizeof( CK_KEY_TYPE ); } - else if( pxTemplate[ iAttrib ].ulValueLen < sizeof( CK_KEY_TYPE ) ) + else if( pTemplate[ iAttrib ].ulValueLen < sizeof( CK_KEY_TYPE ) ) { xResult = CKR_BUFFER_TOO_SMALL; } @@ -2573,7 +2740,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, break; } - ( void ) memcpy( pxTemplate[ iAttrib ].pValue, &xPkcsKeyType, sizeof( CK_KEY_TYPE ) ); + ( void ) memcpy( pTemplate[ iAttrib ].pValue, &xPkcsKeyType, sizeof( CK_KEY_TYPE ) ); } break; @@ -2588,17 +2755,17 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, /* TODO: Add check that is key, is ec key. */ - pxTemplate[ iAttrib ].ulValueLen = sizeof( ucP256Oid ); + pTemplate[ iAttrib ].ulValueLen = sizeof( ucP256Oid ); - if( pxTemplate[ iAttrib ].pValue != NULL ) + if( pTemplate[ iAttrib ].pValue != NULL ) { - if( pxTemplate[ iAttrib ].ulValueLen < sizeof( ucP256Oid ) ) + if( pTemplate[ iAttrib ].ulValueLen < sizeof( ucP256Oid ) ) { xResult = CKR_BUFFER_TOO_SMALL; } else { - ( void ) memcpy( pxTemplate[ iAttrib ].pValue, ucP256Oid, sizeof( ucP256Oid ) ); + ( void ) memcpy( pTemplate[ iAttrib ].pValue, ucP256Oid, sizeof( ucP256Oid ) ); } } @@ -2606,20 +2773,25 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, case CKA_EC_POINT: - if( pxTemplate[ iAttrib ].pValue == NULL ) + if( pTemplate[ iAttrib ].pValue == NULL ) { - pxTemplate[ iAttrib ].ulValueLen = 67; /* TODO: Is this large enough?*/ + pTemplate[ iAttrib ].ulValueLen = 67; /* TODO: Is this large enough?*/ } else { pxKeyPair = ( mbedtls_ecp_keypair * ) xKeyContext.pk_ctx; - *( ( uint8_t * ) pxTemplate[ iAttrib ].pValue ) = 0x04; /* Mark the point as uncompressed. */ + *( ( uint8_t * ) pTemplate[ iAttrib ].pValue ) = 0x04; /* Mark the point as uncompressed. */ + + /* Copy xSize value to avoid casting a CK_ULONG size pointer + * to a size_t sized pointer. */ + xMbedSize = xSize; lMbedTLSResult = mbedtls_ecp_tls_write_point( &pxKeyPair->grp, &pxKeyPair->Q, MBEDTLS_ECP_PF_UNCOMPRESSED, - &xSize, - ( uint8_t * ) pxTemplate[ iAttrib ].pValue + 1, - pxTemplate[ iAttrib ].ulValueLen - 1 ); + &xMbedSize, + ( uint8_t * ) pTemplate[ iAttrib ].pValue + 1, + pTemplate[ iAttrib ].ulValueLen - 1UL ); + xSize = xMbedSize; if( lMbedTLSResult < 0 ) { @@ -2634,7 +2806,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, } else { - pxTemplate[ iAttrib ].ulValueLen = xSize + 1; + pTemplate[ iAttrib ].ulValueLen = xSize + 1UL; } } @@ -2642,6 +2814,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, default: xResult = CKR_ATTRIBUTE_TYPE_INVALID; + break; } } @@ -2666,35 +2839,35 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE xSession, * C_FindObjectsInit(), C_FindObjects(), and C_FindObjectsFinal() with the * same session across different tasks may lead to unexpected results. * - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[in] pxTemplate Pointer to a template which specifies + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[in] pTemplate Pointer to a template which specifies * the object attributes to match. * In this port, the only searchable attribute * is object label. All other attributes will * be ignored. - * @param[in] ulCount The number of attributes in pxTemplate. + * @param[in] ulCount The number of attributes in pTemplate. * * @return CKR_OK if successful. * Else, see <a href="https://tiny.amazon.com/wtscrttv">PKCS #11 specification</a> * for more information. */ /* @[declare_pkcs11_mbedtls_c_findobjectsinit] */ -CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsInit )( CK_SESSION_HANDLE xSession, - CK_ATTRIBUTE_PTR pxTemplate, +CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsInit )( CK_SESSION_HANDLE hSession, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount ) { - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - P11SessionPtr_t pxSession = prvSessionPointerFromHandle( xSession ); + P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); CK_BYTE * pxFindObjectLabel = NULL; uint32_t ulIndex; CK_ATTRIBUTE xAttribute; - if( NULL == pxTemplate ) + if( NULL == pTemplate ) { xResult = CKR_ARGUMENTS_BAD; } - if( ( ulCount != 1 ) && ( ulCount != 2 ) ) + if( ( ulCount != 1UL ) && ( ulCount != 2UL ) ) { xResult = CKR_ARGUMENTS_BAD; PKCS11_PRINT( ( "ERROR: Find objects does not support searching by %d attributes. \r\n", ulCount ) ); @@ -2702,7 +2875,9 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsInit )( CK_SESSION_HANDLE xSession, if( xResult == CKR_OK ) { - if( prvOperationActive( pxSession ) == CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( prvOperationActive( pxSession ) == ( CK_BBOOL ) CK_TRUE ) { xResult = CKR_OPERATION_ACTIVE; PKCS11_PRINT( ( "ERROR: Find object operation already in progress. \r\n" ) ); @@ -2712,12 +2887,16 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsInit )( CK_SESSION_HANDLE xSession, /* Malloc space to save template information. */ if( xResult == CKR_OK ) { - pxFindObjectLabel = pvPortMalloc( pxTemplate->ulValueLen + 1 ); /* Add 1 to guarantee null termination for PAL. */ + /* Plus one to leave room for a NULL terminator. */ + pxFindObjectLabel = pvPortMalloc( pTemplate->ulValueLen + 1UL ); + pxSession->xFindObjectLabelLen = pTemplate->ulValueLen; + pxSession->pxFindObjectLabel = pxFindObjectLabel; if( pxFindObjectLabel != NULL ) { - ( void ) memset( pxFindObjectLabel, 0, pxTemplate->ulValueLen + 1 ); + /* Plus one so buffer is guaranteed to end with a NULL terminator. */ + ( void ) memset( pxFindObjectLabel, 0, pTemplate->ulValueLen + 1UL ); } else { @@ -2734,7 +2913,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsInit )( CK_SESSION_HANDLE xSession, for( ulIndex = 0; ulIndex < ulCount; ulIndex++ ) /* TODO: Re-evaluate the need for this for loop... we are making bad assumptions if 2 objects have the same label anyhow! */ { - xAttribute = pxTemplate[ ulIndex ]; + xAttribute = pTemplate[ ulIndex ]; if( xAttribute.type == CKA_LABEL ) { @@ -2753,6 +2932,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsInit )( CK_SESSION_HANDLE xSession, { vPortFree( pxFindObjectLabel ); pxSession->pxFindObjectLabel = NULL; + pxSession->xFindObjectLabelLen = 0; } return xResult; @@ -2769,10 +2949,10 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsInit )( CK_SESSION_HANDLE xSession, * C_FindObjectsInit(), C_FindObjects(), and C_FindObjectsFinal() with the * same session across different tasks may lead to unexpected results. * - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[out] pxObject Points to the handle of the object to + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[out] phObject Points to the handle of the object to * be found. - * @param[in] ulMaxObjectCount The size of the pxObject object handle + * @param[in] ulMaxObjectCount The size of the phObject object handle * array. In this port, this value should * always be set to 1, as searching for * multiple objects is not supported. @@ -2789,27 +2969,27 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsInit )( CK_SESSION_HANDLE xSession, * for more information. */ /* @[declare_pkcs11_mbedtls_c_findobjects] */ -CK_DECLARE_FUNCTION( CK_RV, C_FindObjects )( CK_SESSION_HANDLE xSession, - CK_OBJECT_HANDLE_PTR pxObject, +CK_DECLARE_FUNCTION( CK_RV, C_FindObjects )( CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE_PTR phObject, CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount ) { - /*lint !e9072 It's OK to have different parameter name. */ - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - - P11SessionPtr_t pxSession = prvSessionPointerFromHandle( xSession ); - - uint8_t * pucObjectValue = NULL; - uint32_t xObjectLength = 0; - CK_BBOOL xIsPrivate = CK_TRUE; + P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); + + CK_BYTE_PTR pucObjectValue = NULL; + CK_ULONG xObjectLength = 0; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xIsPrivate = ( CK_BBOOL ) CK_TRUE; CK_BYTE xByte = 0; CK_OBJECT_HANDLE xPalHandle = CK_INVALID_HANDLE; - uint32_t ulIndex; + CK_ULONG ulIndex; /* * Check parameters. */ - if( ( NULL == pxObject ) || + if( ( NULL == phObject ) || ( NULL == pulObjectCount ) ) { xResult = CKR_ARGUMENTS_BAD; @@ -2832,12 +3012,12 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjects )( CK_SESSION_HANDLE xSession, if( xResult == CKR_OK ) { /* Try to find the object in module's list first. */ - prvFindObjectInListByLabel( pxSession->pxFindObjectLabel, strlen( ( const char * ) pxSession->pxFindObjectLabel ), &xPalHandle, pxObject ); + prvFindObjectInListByLabel( pxSession->pxFindObjectLabel, pxSession->xFindObjectLabelLen, &xPalHandle, phObject ); /* Check with the PAL if the object was previously stored. */ - if( *pxObject == CK_INVALID_HANDLE ) + if( *phObject == CK_INVALID_HANDLE ) { - xPalHandle = PKCS11_PAL_FindObject( pxSession->pxFindObjectLabel, ( uint8_t ) strlen( ( const char * ) pxSession->pxFindObjectLabel ) ); + xPalHandle = PKCS11_PAL_FindObject( pxSession->pxFindObjectLabel, pxSession->xFindObjectLabelLen ); } if( xPalHandle != CK_INVALID_HANDLE ) @@ -2850,19 +3030,19 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjects )( CK_SESSION_HANDLE xSession, { xByte = pucObjectValue[ ulIndex ]; - if( xByte != 0 ) + if( xByte != 0UL ) { break; } } - if( xByte == 0 ) /* Deleted objects are overwritten completely w/ zero. */ + if( xByte == 0UL ) /* Deleted objects are overwritten completely w/ zero. */ { - *pxObject = CK_INVALID_HANDLE; + *phObject = CK_INVALID_HANDLE; } else { - xResult = prvAddObjectToList( xPalHandle, pxObject, pxSession->pxFindObjectLabel, strlen( ( const char * ) pxSession->pxFindObjectLabel ) ); + xResult = prvAddObjectToList( xPalHandle, phObject, pxSession->pxFindObjectLabel, pxSession->xFindObjectLabelLen ); *pulObjectCount = 1; } @@ -2885,6 +3065,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjects )( CK_SESSION_HANDLE xSession, { vPortFree( pxSession->pxFindObjectLabel ); pxSession->pxFindObjectLabel = NULL; + pxSession->xFindObjectLabelLen = 0; } } @@ -2903,18 +3084,17 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjects )( CK_SESSION_HANDLE xSession, * same session across different tasks may lead to unexpected results. * * - * @param[in] xSession Handle of a valid PKCS #11 session. + * @param[in] hSession Handle of a valid PKCS #11 session. * * @return CKR_OK if successful. * Else, see <a href="https://tiny.amazon.com/wtscrttv">PKCS #11 specification</a> * for more information. */ /* @[declare_pkcs11_mbedtls_c_findobjectsfinal] */ -CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsFinal )( CK_SESSION_HANDLE xSession ) -{ /*lint !e9072 It's OK to have different parameter name. */ - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - - P11SessionPtr_t pxSession = prvSessionPointerFromHandle( xSession ); +CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsFinal )( CK_SESSION_HANDLE hSession ) +{ + P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); /* * Check parameters. @@ -2934,6 +3114,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsFinal )( CK_SESSION_HANDLE xSession ) */ vPortFree( pxSession->pxFindObjectLabel ); pxSession->pxFindObjectLabel = NULL; + pxSession->xFindObjectLabelLen = 0; } return xResult; @@ -2950,7 +3131,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsFinal )( CK_SESSION_HANDLE xSession ) * same session across different tasks may lead to unexpected results. * * - * @param[in] xSession Handle of a valid PKCS #11 session. + * @param[in] hSession Handle of a valid PKCS #11 session. * @param[in] pMechanism Digesting mechanism. This port only supports * the mechanism CKM_SHA256. * @@ -2959,11 +3140,11 @@ CK_DECLARE_FUNCTION( CK_RV, C_FindObjectsFinal )( CK_SESSION_HANDLE xSession ) * for more information. */ /* @[declare_pkcs11_mbedtls_c_digestinit] */ -CK_DECLARE_FUNCTION( CK_RV, C_DigestInit )( CK_SESSION_HANDLE xSession, +CK_DECLARE_FUNCTION( CK_RV, C_DigestInit )( CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism ) { - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - P11SessionPtr_t pxSession = prvSessionPointerFromHandle( xSession ); + P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); if( pMechanism == NULL ) { @@ -2972,7 +3153,9 @@ CK_DECLARE_FUNCTION( CK_RV, C_DigestInit )( CK_SESSION_HANDLE xSession, if( xResult == CKR_OK ) { - if( prvOperationActive( pxSession ) == CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( prvOperationActive( pxSession ) == ( CK_BBOOL ) CK_TRUE ) { xResult = CKR_OPERATION_ACTIVE; } @@ -3018,7 +3201,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_DigestInit )( CK_SESSION_HANDLE xSession, * same session across different tasks may lead to unexpected results. * * - * @param[in] xSession Handle of a valid PKCS #11 session. + * @param[in] hSession Handle of a valid PKCS #11 session. * @param[in] pPart Pointer to the data to be added to the digest. * @param[in] ulPartLen Length of the data located at pPart. * @@ -3027,12 +3210,12 @@ CK_DECLARE_FUNCTION( CK_RV, C_DigestInit )( CK_SESSION_HANDLE xSession, * for more information. */ /* @[declare_pkcs11_mbedtls_c_digestupdate] */ -CK_DECLARE_FUNCTION( CK_RV, C_DigestUpdate )( CK_SESSION_HANDLE xSession, +CK_DECLARE_FUNCTION( CK_RV, C_DigestUpdate )( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen ) { - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - P11SessionPtr_t pxSession = prvSessionPointerFromHandle( xSession ); + P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); if( pPart == NULL ) { @@ -3077,7 +3260,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_DigestUpdate )( CK_SESSION_HANDLE xSession, * same session across different tasks may lead to unexpected results. * * - * @param[in] xSession Handle of a valid PKCS #11 session. + * @param[in] hSession Handle of a valid PKCS #11 session. * @param[out] pDigest Pointer to the location that receives * the message digest. Memory must be allocated * by the caller. Caller is responsible for allocating memory. @@ -3096,13 +3279,13 @@ CK_DECLARE_FUNCTION( CK_RV, C_DigestUpdate )( CK_SESSION_HANDLE xSession, * for more information. */ /* @[declare_pkcs11_mbedtls_c_digestfinal] */ -CK_DECLARE_FUNCTION( CK_RV, C_DigestFinal )( CK_SESSION_HANDLE xSession, +CK_DECLARE_FUNCTION( CK_RV, C_DigestFinal )( CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen ) { - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); + P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); - P11SessionPtr_t pxSession = prvSessionPointerFromHandle( xSession ); if( pulDigestLen == NULL ) { @@ -3123,11 +3306,11 @@ CK_DECLARE_FUNCTION( CK_RV, C_DigestFinal )( CK_SESSION_HANDLE xSession, if( pDigest == NULL ) { /* Supply the required buffer size. */ - *pulDigestLen = pkcs11SHA256_DIGEST_LENGTH; + *pulDigestLen = ( CK_ULONG ) pkcs11SHA256_DIGEST_LENGTH; } else { - if( *pulDigestLen < pkcs11SHA256_DIGEST_LENGTH ) + if( *pulDigestLen < ( CK_ULONG ) pkcs11SHA256_DIGEST_LENGTH ) { xResult = CKR_BUFFER_TOO_SMALL; } @@ -3163,46 +3346,50 @@ CK_DECLARE_FUNCTION( CK_RV, C_DigestFinal )( CK_SESSION_HANDLE xSession, * tasks may lead to unexpected results. * * - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[in] pxMechanism Mechanism used to sign. + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[in] pMechanism Mechanism used to sign. * This port supports the following mechanisms: * - CKM_RSA_PKCS for RSA signatures * - CKM_ECDSA for elliptic curve signatures * Note that neither of these mechanisms perform * hash operations. - * @param[in] xKey The handle of the private key to be used for + * @param[in] hKey The handle of the private key to be used for * signature. Key must be compatible with the - * mechanism chosen by pxMechanism. + * mechanism chosen by pMechanism. * * @return CKR_OK if successful. * Else, see <a href="https://tiny.amazon.com/wtscrttv">PKCS #11 specification</a> * for more information. */ /* @[declare_pkcs11_mbedtls_c_signinit] */ -CK_DECLARE_FUNCTION( CK_RV, C_SignInit )( CK_SESSION_HANDLE xSession, - CK_MECHANISM_PTR pxMechanism, - CK_OBJECT_HANDLE xKey ) +CK_DECLARE_FUNCTION( CK_RV, C_SignInit )( CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey ) { - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - CK_BBOOL xIsPrivate = CK_TRUE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xIsPrivate = ( CK_BBOOL ) CK_TRUE; CK_OBJECT_HANDLE xPalHandle; - uint8_t * pxLabel = NULL; - size_t xLabelLength = 0; + CK_BYTE_PTR pxLabel = NULL; + CK_ULONG xLabelLength = 0; mbedtls_pk_type_t xKeyType; - /*lint !e9072 It's OK to have different parameter name. */ - P11SessionPtr_t pxSession = prvSessionPointerFromHandle( xSession ); - uint8_t * pulKeyData = NULL; - uint32_t ulKeyDataLength = 0; + P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); + CK_BYTE_PTR pulKeyData = NULL; + CK_ULONG ulKeyDataLength = 0; int32_t lMbedTLSResult = 0; - if( NULL == pxMechanism ) + + if( NULL == pMechanism ) { PKCS11_PRINT( ( "ERROR: Null signing mechanism provided. \r\n" ) ); xResult = CKR_ARGUMENTS_BAD; } - if( ( xResult == CKR_OK ) && ( prvOperationActive( pxSession ) == CK_TRUE ) ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( ( xResult == CKR_OK ) && ( prvOperationActive( pxSession ) == ( CK_BBOOL ) CK_TRUE ) ) { xResult = CKR_OPERATION_ACTIVE; } @@ -3210,7 +3397,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_SignInit )( CK_SESSION_HANDLE xSession, /* Retrieve key value from storage. */ if( xResult == CKR_OK ) { - prvFindObjectInListByHandle( xKey, + prvFindObjectInListByHandle( hKey, &xPalHandle, &pxLabel, &xLabelLength ); @@ -3230,7 +3417,9 @@ CK_DECLARE_FUNCTION( CK_RV, C_SignInit )( CK_SESSION_HANDLE xSession, /* Check that a private key was retrieved. */ if( xResult == CKR_OK ) { - if( xIsPrivate != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xIsPrivate != ( CK_BBOOL ) CK_TRUE ) { PKCS11_PRINT( ( "ERROR: Sign operation attempted with public key. \r\n" ) ); xResult = CKR_KEY_TYPE_INCONSISTENT; @@ -3246,18 +3435,16 @@ CK_DECLARE_FUNCTION( CK_RV, C_SignInit )( CK_SESSION_HANDLE xSession, { /* Free the private key context if it exists. * TODO: Check if the key is the same as was used previously. */ - if( NULL != pxSession->xSignKey.pk_ctx ) - { - mbedtls_pk_free( &pxSession->xSignKey ); - } + mbedtls_pk_free( &pxSession->xSignKey ); mbedtls_pk_init( &pxSession->xSignKey ); lMbedTLSResult = mbedtls_pk_parse_key( &pxSession->xSignKey, pulKeyData, ulKeyDataLength, NULL, 0 ); if( lMbedTLSResult != 0 ) { - PKCS11_PRINT( ( "mbedTLS unable to parse private key for signing. %s : %s \r\n", - mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ), + PKCS11_PRINT( ( "mbedTLS unable to parse private key for signing. %s : ", + mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ) ) ); + PKCS11_PRINT( ( "%s \r\n", mbedtlsLowLevelCodeOrDefault( lMbedTLSResult ) ) ); xResult = CKR_KEY_HANDLE_INVALID; } @@ -3279,7 +3466,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_SignInit )( CK_SESSION_HANDLE xSession, { xKeyType = mbedtls_pk_get_type( &pxSession->xSignKey ); - if( pxMechanism->mechanism == CKM_RSA_PKCS ) + if( pMechanism->mechanism == CKM_RSA_PKCS ) { if( xKeyType != MBEDTLS_PK_RSA ) { @@ -3287,7 +3474,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_SignInit )( CK_SESSION_HANDLE xSession, xResult = CKR_KEY_TYPE_INCONSISTENT; } } - else if( pxMechanism->mechanism == CKM_ECDSA ) + else if( pMechanism->mechanism == CKM_ECDSA ) { if( ( xKeyType != MBEDTLS_PK_ECDSA ) && ( xKeyType != MBEDTLS_PK_ECKEY ) ) { @@ -3297,14 +3484,14 @@ CK_DECLARE_FUNCTION( CK_RV, C_SignInit )( CK_SESSION_HANDLE xSession, } else { - PKCS11_PRINT( ( "ERROR: Unsupported mechanism type %d \r\n", pxMechanism->mechanism ) ); + PKCS11_PRINT( ( "ERROR: Unsupported mechanism type %d \r\n", pMechanism->mechanism ) ); xResult = CKR_MECHANISM_INVALID; } } if( xResult == CKR_OK ) { - pxSession->xOperationSignMechanism = pxMechanism->mechanism; + pxSession->xOperationSignMechanism = pMechanism->mechanism; } return xResult; @@ -3321,12 +3508,12 @@ CK_DECLARE_FUNCTION( CK_RV, C_SignInit )( CK_SESSION_HANDLE xSession, * tasks may lead to unexpected results. * * - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[in] pucData Data to be signed. + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[in] pData Data to be signed. * Note: Some applications may require this data to * be hashed before passing to C_Sign(). - * @param[in] ulDataLen Length of pucData, in bytes. - * @param[out] pucSignature Buffer where signature will be placed. + * @param[in] ulDataLen Length of pucData, in bytes. + * @param[out] pSignature Buffer where signature will be placed. * Caller is responsible for allocating memory. * Providing NULL for this input will cause * pulSignatureLen to be updated for length of @@ -3343,22 +3530,26 @@ CK_DECLARE_FUNCTION( CK_RV, C_SignInit )( CK_SESSION_HANDLE xSession, * for more information. */ /* @[declare_pkcs11_mbedtls_c_sign] */ -CK_DECLARE_FUNCTION( CK_RV, C_Sign )( CK_SESSION_HANDLE xSession, - CK_BYTE_PTR pucData, +CK_DECLARE_FUNCTION( CK_RV, C_Sign )( CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, CK_ULONG ulDataLen, - CK_BYTE_PTR pucSignature, + CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen ) -{ /*lint !e9072 It's OK to have different parameter name. */ - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - P11SessionPtr_t pxSessionObj = prvSessionPointerFromHandle( xSession ); +{ + P11Session_t * pxSessionObj = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSessionObj ); + CK_ULONG xSignatureLength = 0; - CK_ULONG xExpectedInputLength = 0; - CK_BYTE_PTR pxSignatureBuffer = pucSignature; - CK_BBOOL xSignatureGenerated = CK_FALSE; + size_t xExpectedInputLength = 0; + CK_BYTE_PTR pxSignatureBuffer = pSignature; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xSignatureGenerated = ( CK_BBOOL ) CK_FALSE; uint8_t ecSignature[ pkcs11ECDSA_P256_SIGNATURE_LENGTH + 15 ]; /*TODO: Figure out this length. */ int32_t lMbedTLSResult; - if( ( NULL == pulSignatureLen ) || ( NULL == pucData ) ) + + if( ( NULL == pulSignatureLen ) || ( NULL == pData ) ) { xResult = CKR_ARGUMENTS_BAD; } @@ -3386,7 +3577,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_Sign )( CK_SESSION_HANDLE xSession, if( xResult == CKR_OK ) { /* Calling application is trying to determine length needed for signature buffer. */ - if( NULL != pucSignature ) + if( NULL != pSignature ) { /* Check that the signature buffer is long enough. */ if( *pulSignatureLen < xSignatureLength ) @@ -3410,23 +3601,26 @@ CK_DECLARE_FUNCTION( CK_RV, C_Sign )( CK_SESSION_HANDLE xSession, { lMbedTLSResult = mbedtls_pk_sign( &pxSessionObj->xSignKey, MBEDTLS_MD_NONE, - pucData, + pData, ulDataLen, pxSignatureBuffer, - ( size_t * ) &xExpectedInputLength, + &xExpectedInputLength, mbedtls_ctr_drbg_random, &xP11Context.xMbedDrbgCtx ); - if( lMbedTLSResult != CKR_OK ) + if( lMbedTLSResult != 0 ) { - PKCS11_PRINT( ( "mbedTLS sign failed with error %s : %s \r\n", - mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ), + PKCS11_PRINT( ( "mbedTLS sign failed with error %s : ", + mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ) ) ); + PKCS11_PRINT( ( "%s \r\n", mbedtlsLowLevelCodeOrDefault( lMbedTLSResult ) ) ); xResult = CKR_FUNCTION_FAILED; } ( void ) xSemaphoreGive( pxSessionObj->xSignMutex ); - xSignatureGenerated = CK_TRUE; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + xSignatureGenerated = ( CK_BBOOL ) CK_TRUE; } else { @@ -3439,9 +3633,11 @@ CK_DECLARE_FUNCTION( CK_RV, C_Sign )( CK_SESSION_HANDLE xSession, if( xResult == CKR_OK ) { /* If this an EC signature, reformat from ASN.1 encoded to 64-byte R & S components */ - if( ( pxSessionObj->xOperationSignMechanism == CKM_ECDSA ) && ( xSignatureGenerated == CK_TRUE ) ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( ( pxSessionObj->xOperationSignMechanism == CKM_ECDSA ) && ( xSignatureGenerated == ( CK_BBOOL ) CK_TRUE ) ) { - lMbedTLSResult = PKI_mbedTLSSignatureToPkcs11Signature( pucSignature, ecSignature ); + lMbedTLSResult = PKI_mbedTLSSignatureToPkcs11Signature( pSignature, ecSignature ); if( lMbedTLSResult != 0 ) { @@ -3475,12 +3671,12 @@ CK_DECLARE_FUNCTION( CK_RV, C_Sign )( CK_SESSION_HANDLE xSession, * tasks may lead to unexpected results. * * - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[in] pxMechanism Mechanism used to verify signature. + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[in] pMechanism Mechanism used to verify signature. * This port supports the following mechanisms: * - CKM_RSA_X_509 for RSA verifications * - CKM_ECDSA for elliptic curve verifications - * @param[in] xKey The handle of the public key to be used for + * @param[in] hKey The handle of the public key to be used for * verification. Key must be compatible with the * mechanism chosen by pxMechanism. * @@ -3489,29 +3685,33 @@ CK_DECLARE_FUNCTION( CK_RV, C_Sign )( CK_SESSION_HANDLE xSession, * for more information. */ /* @[declare_pkcs11_mbedtls_c_verifyinit] */ -CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE xSession, - CK_MECHANISM_PTR pxMechanism, - CK_OBJECT_HANDLE xKey ) +CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey ) { - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - CK_BBOOL xIsPrivate = CK_TRUE; - P11SessionPtr_t pxSession; - uint8_t * keyData = NULL; - uint32_t ulKeyDataLength = 0; + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + CK_BBOOL xIsPrivate = ( CK_BBOOL ) CK_TRUE; + P11Session_t * pxSession; + CK_BYTE_PTR pucKeyData = NULL; + CK_ULONG ulKeyDataLength = 0; mbedtls_pk_type_t xKeyType; CK_OBJECT_HANDLE xPalHandle = CK_INVALID_HANDLE; - uint8_t * pxLabel = NULL; - size_t xLabelLength = 0; + CK_BYTE_PTR pxLabel = NULL; + CK_ULONG xLabelLength = 0; - pxSession = prvSessionPointerFromHandle( xSession ); + pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); - if( NULL == pxMechanism ) + if( NULL == pMechanism ) { PKCS11_PRINT( ( "ERROR: Null verification mechanism provided. \r\n" ) ); xResult = CKR_ARGUMENTS_BAD; } - if( ( xResult == CKR_OK ) && ( prvOperationActive( pxSession ) == CK_TRUE ) ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( ( xResult == CKR_OK ) && ( prvOperationActive( pxSession ) == ( CK_BBOOL ) CK_TRUE ) ) { xResult = CKR_OPERATION_ACTIVE; } @@ -3519,14 +3719,14 @@ CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE xSession, /* Retrieve key value from storage. */ if( xResult == CKR_OK ) { - prvFindObjectInListByHandle( xKey, + prvFindObjectInListByHandle( hKey, &xPalHandle, &pxLabel, &xLabelLength ); if( xPalHandle != CK_INVALID_HANDLE ) { - xResult = PKCS11_PAL_GetObjectValue( xPalHandle, &keyData, &ulKeyDataLength, &xIsPrivate ); + xResult = PKCS11_PAL_GetObjectValue( xPalHandle, &pucKeyData, &ulKeyDataLength, &xIsPrivate ); if( xResult != CKR_OK ) { @@ -3542,7 +3742,9 @@ CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE xSession, /* Check that a public key was retrieved. */ if( xResult == CKR_OK ) { - if( xIsPrivate != CK_FALSE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xIsPrivate != ( CK_BBOOL ) CK_FALSE ) { PKCS11_PRINT( ( "ERROR: Verify operation attempted with private key. \r\n" ) ); xResult = CKR_KEY_TYPE_INCONSISTENT; @@ -3555,16 +3757,13 @@ CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE xSession, { /* Free the public key context if it exists. * TODO: Check if the key is the same as used by last verify operation. */ - if( NULL != pxSession->xVerifyKey.pk_ctx ) - { - mbedtls_pk_free( &pxSession->xVerifyKey ); - } + mbedtls_pk_free( &pxSession->xVerifyKey ); mbedtls_pk_init( &pxSession->xVerifyKey ); - if( 0 != mbedtls_pk_parse_public_key( &pxSession->xVerifyKey, keyData, ulKeyDataLength ) ) + if( 0 != mbedtls_pk_parse_public_key( &pxSession->xVerifyKey, pucKeyData, ulKeyDataLength ) ) { - if( 0 != mbedtls_pk_parse_key( &pxSession->xVerifyKey, keyData, ulKeyDataLength, NULL, 0 ) ) + if( 0 != mbedtls_pk_parse_key( &pxSession->xVerifyKey, pucKeyData, ulKeyDataLength, NULL, 0 ) ) { PKCS11_PRINT( ( "ERROR: Unable to parse public key for verification. \r\n" ) ); xResult = CKR_KEY_HANDLE_INVALID; @@ -3572,7 +3771,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE xSession, } ( void ) xSemaphoreGive( pxSession->xVerifyMutex ); - PKCS11_PAL_GetObjectValueCleanup( keyData, ulKeyDataLength ); + PKCS11_PAL_GetObjectValueCleanup( pucKeyData, ulKeyDataLength ); } else { @@ -3585,7 +3784,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE xSession, { xKeyType = mbedtls_pk_get_type( &pxSession->xSignKey ); - if( pxMechanism->mechanism == CKM_RSA_X_509 ) + if( pMechanism->mechanism == CKM_RSA_X_509 ) { if( xKeyType != MBEDTLS_PK_RSA ) { @@ -3593,7 +3792,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE xSession, xResult = CKR_KEY_TYPE_INCONSISTENT; } } - else if( pxMechanism->mechanism == CKM_ECDSA ) + else if( pMechanism->mechanism == CKM_ECDSA ) { if( ( xKeyType != MBEDTLS_PK_ECDSA ) && ( xKeyType != MBEDTLS_PK_ECKEY ) ) { @@ -3603,14 +3802,14 @@ CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE xSession, } else { - PKCS11_PRINT( ( "ERROR: Unsupported mechanism type %d \r\n", pxMechanism->mechanism ) ); + PKCS11_PRINT( ( "ERROR: Unsupported mechanism type %d \r\n", pMechanism->mechanism ) ); xResult = CKR_MECHANISM_INVALID; } } if( xResult == CKR_OK ) { - pxSession->xOperationVerifyMechanism = pxMechanism->mechanism; + pxSession->xOperationVerifyMechanism = pMechanism->mechanism; } return xResult; @@ -3627,12 +3826,12 @@ CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE xSession, * tasks may lead to unexpected results. * * - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[in] pucData Data who's signature is to be verified. + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[in] pData Data who's signature is to be verified. * Note: In this implementation, this is generally * expected to be the hash of the data. * @param[in] ulDataLen Length of pucData. - * @param[in] pucSignature The signature to be verified. + * @param[in] pSignature The signature to be verified. * @param[in] ulSignatureLen Length of pucSignature in bytes. * * @return CKR_OK if successful. @@ -3640,21 +3839,21 @@ CK_DECLARE_FUNCTION( CK_RV, C_VerifyInit )( CK_SESSION_HANDLE xSession, * for more information. */ /* @[declare_pkcs11_mbedtls_c_verify] */ -CK_DECLARE_FUNCTION( CK_RV, C_Verify )( CK_SESSION_HANDLE xSession, - CK_BYTE_PTR pucData, +CK_DECLARE_FUNCTION( CK_RV, C_Verify )( CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, CK_ULONG ulDataLen, - CK_BYTE_PTR pucSignature, + CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen ) { - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); - P11SessionPtr_t pxSessionObj; + P11Session_t * pxSessionObj; int32_t lMbedTLSResult; - pxSessionObj = prvSessionPointerFromHandle( xSession ); /*lint !e9072 It's OK to have different parameter name. */ + pxSessionObj = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSessionObj ); /* Check parameters. */ - if( ( NULL == pucData ) || - ( NULL == pucSignature ) ) + if( ( NULL == pData ) || + ( NULL == pSignature ) ) { xResult = CKR_ARGUMENTS_BAD; } @@ -3706,16 +3905,16 @@ CK_DECLARE_FUNCTION( CK_RV, C_Verify )( CK_SESSION_HANDLE xSession, { if( 0 != mbedtls_pk_verify( &pxSessionObj->xVerifyKey, MBEDTLS_MD_SHA256, - pucData, + pData, ulDataLen, - pucSignature, + pSignature, ulSignatureLen ) ) { xResult = CKR_SIGNATURE_INVALID; } } - xSemaphoreGive( pxSessionObj->xVerifyMutex ); + ( void ) xSemaphoreGive( pxSessionObj->xVerifyMutex ); } else { @@ -3733,18 +3932,19 @@ CK_DECLARE_FUNCTION( CK_RV, C_Verify )( CK_SESSION_HANDLE xSession, mbedtls_mpi_init( &xR ); mbedtls_mpi_init( &xS ); - lMbedTLSResult = mbedtls_mpi_read_binary( &xR, &pucSignature[ 0 ], 32 ); + lMbedTLSResult = mbedtls_mpi_read_binary( &xR, &pSignature[ 0 ], 32 ); if( lMbedTLSResult == 0 ) { - lMbedTLSResult = mbedtls_mpi_read_binary( &xS, &pucSignature[ 32 ], 32 ); + lMbedTLSResult = mbedtls_mpi_read_binary( &xS, &pSignature[ 32 ], 32 ); } if( lMbedTLSResult != 0 ) { xResult = CKR_SIGNATURE_INVALID; - PKCS11_PRINT( ( "Failed to parse EC signature: %s : %s \r\n", - mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ), + PKCS11_PRINT( ( "Failed to parse EC signature: %s : ", + mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ) ) ); + PKCS11_PRINT( ( "%s \r\n", mbedtlsLowLevelCodeOrDefault( lMbedTLSResult ) ) ); } @@ -3756,16 +3956,17 @@ CK_DECLARE_FUNCTION( CK_RV, C_Verify )( CK_SESSION_HANDLE xSession, if( NULL != pxSessionObj->xVerifyKey.pk_ctx ) { pxEcdsaContext = pxSessionObj->xVerifyKey.pk_ctx; - lMbedTLSResult = mbedtls_ecdsa_verify( &pxEcdsaContext->grp, pucData, ulDataLen, &pxEcdsaContext->Q, &xR, &xS ); + lMbedTLSResult = mbedtls_ecdsa_verify( &pxEcdsaContext->grp, pData, ulDataLen, &pxEcdsaContext->Q, &xR, &xS ); } - xSemaphoreGive( pxSessionObj->xVerifyMutex ); + ( void ) xSemaphoreGive( pxSessionObj->xVerifyMutex ); if( lMbedTLSResult != 0 ) { xResult = CKR_SIGNATURE_INVALID; - PKCS11_PRINT( ( "Failed to parse EC signature: %s : %s \r\n", - mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ), + PKCS11_PRINT( ( "Failed to parse EC signature: %s : ", + mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ) ) ); + PKCS11_PRINT( ( "%s \r\n", mbedtlsLowLevelCodeOrDefault( lMbedTLSResult ) ) ); } } @@ -3801,8 +4002,8 @@ CK_DECLARE_FUNCTION( CK_RV, C_Verify )( CK_SESSION_HANDLE xSession, * are in the key generation template. * @return CKR_OK if successful. */ -static CK_RV prvCheckGenerateKeyPairPrivateTemplate( CK_ATTRIBUTE_PTR * ppxLabel, - CK_ATTRIBUTE_PTR pxAttribute, +static CK_RV prvCheckGenerateKeyPairPrivateTemplate( CK_ATTRIBUTE ** ppxLabel, + CK_ATTRIBUTE * pxAttribute, uint32_t * pulAttributeMap ) { CK_RV xResult = CKR_OK; @@ -3830,7 +4031,9 @@ static CK_RV prvCheckGenerateKeyPairPrivateTemplate( CK_ATTRIBUTE_PTR * ppxLabel case ( CKA_SIGN ): ( void ) memcpy( &xBool, pxAttribute->pValue, sizeof( CK_BBOOL ) ); - if( xBool != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xBool != ( CK_BBOOL ) CK_TRUE ) { PKCS11_PRINT( ( "ERROR: Generating private keys that cannot sign is not supported. \r\n" ) ); xResult = CKR_TEMPLATE_INCONSISTENT; @@ -3842,7 +4045,9 @@ static CK_RV prvCheckGenerateKeyPairPrivateTemplate( CK_ATTRIBUTE_PTR * ppxLabel case ( CKA_PRIVATE ): ( void ) memcpy( &xBool, pxAttribute->pValue, sizeof( CK_BBOOL ) ); - if( xBool != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xBool != ( CK_BBOOL ) CK_TRUE ) { PKCS11_PRINT( ( "ERROR: Private must be set to true in order to generate a private key. \r\n" ) ); xResult = CKR_TEMPLATE_INCONSISTENT; @@ -3854,7 +4059,9 @@ static CK_RV prvCheckGenerateKeyPairPrivateTemplate( CK_ATTRIBUTE_PTR * ppxLabel case ( CKA_TOKEN ): ( void ) memcpy( &xBool, pxAttribute->pValue, sizeof( CK_BBOOL ) ); - if( xBool != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xBool != ( CK_BBOOL ) CK_TRUE ) { PKCS11_PRINT( ( "ERROR: Generating private keys that are false for attribute CKA_TOKEN is not supported. \r\n" ) ); xResult = CKR_TEMPLATE_INCONSISTENT; @@ -3882,14 +4089,15 @@ static CK_RV prvCheckGenerateKeyPairPrivateTemplate( CK_ATTRIBUTE_PTR * ppxLabel * * @return CKR_OK if successful. */ -static CK_RV prvCheckGenerateKeyPairPublicTemplate( CK_ATTRIBUTE_PTR * ppxLabel, - CK_ATTRIBUTE_PTR pxAttribute, +static CK_RV prvCheckGenerateKeyPairPublicTemplate( CK_ATTRIBUTE ** ppxLabel, + CK_ATTRIBUTE * pxAttribute, uint32_t * pulAttributeMap ) { CK_RV xResult = CKR_OK; CK_BBOOL xBool; CK_KEY_TYPE xKeyType; - CK_BYTE xEcParams[] = pkcs11DER_ENCODED_OID_P256; + const CK_BYTE pxEcParams[] = pkcs11DER_ENCODED_OID_P256; + const CK_BYTE * pxEcAttVal; switch( pxAttribute->type ) { @@ -3899,7 +4107,7 @@ static CK_RV prvCheckGenerateKeyPairPublicTemplate( CK_ATTRIBUTE_PTR * ppxLabel, break; case ( CKA_KEY_TYPE ): - ( void ) memcpy( &xKeyType, ( void * ) pxAttribute->pValue, sizeof( CK_KEY_TYPE ) ); + ( void ) memcpy( &xKeyType, ( CK_KEY_TYPE * ) pxAttribute->pValue, sizeof( CK_KEY_TYPE ) ); if( xKeyType != CKK_EC ) { @@ -3910,8 +4118,9 @@ static CK_RV prvCheckGenerateKeyPairPublicTemplate( CK_ATTRIBUTE_PTR * ppxLabel, break; case ( CKA_EC_PARAMS ): + pxEcAttVal = ( CK_BYTE * ) pxAttribute->pValue; - if( memcmp( xEcParams, pxAttribute->pValue, sizeof( xEcParams ) ) != 0 ) + if( memcmp( pxEcParams, pxEcAttVal, sizeof( pxEcParams ) ) != 0 ) { PKCS11_PRINT( ( "ERROR: Only P-256 key generation is supported. \r\n" ) ); xResult = CKR_TEMPLATE_INCONSISTENT; @@ -3923,7 +4132,9 @@ static CK_RV prvCheckGenerateKeyPairPublicTemplate( CK_ATTRIBUTE_PTR * ppxLabel, case ( CKA_VERIFY ): ( void ) memcpy( &xBool, pxAttribute->pValue, sizeof( CK_BBOOL ) ); - if( xBool != CK_TRUE ) + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xBool != ( CK_BBOOL ) CK_TRUE ) { PKCS11_PRINT( ( "ERROR: Generating public keys that are false for attribute CKA_VERIFY is not supported. \r\n" ) ); xResult = CKR_TEMPLATE_INCONSISTENT; @@ -3932,6 +4143,19 @@ static CK_RV prvCheckGenerateKeyPairPublicTemplate( CK_ATTRIBUTE_PTR * ppxLabel, *pulAttributeMap |= VERIFY_IN_TEMPLATE; break; + case ( CKA_TOKEN ): + ( void ) memcpy( &xBool, pxAttribute->pValue, sizeof( CK_BBOOL ) ); + + /* See explanation in prvCheckValidSessionAndModule for this exception. */ + /* coverity[misra_c_2012_rule_10_5_violation] */ + if( xBool != ( CK_BBOOL ) CK_TRUE ) + { + PKCS11_PRINT( ( "ERROR: Generating public keys that are false for attribute CKA_TOKEN is not supported. \r\n" ) ); + xResult = CKR_TEMPLATE_INCONSISTENT; + } + + break; + default: xResult = CKR_TEMPLATE_INCONSISTENT; break; @@ -3947,10 +4171,10 @@ static CK_RV prvCheckGenerateKeyPairPublicTemplate( CK_ATTRIBUTE_PTR * ppxLabel, * This port only supports generating elliptic curve P-256 * key pairs. * - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[in] pxMechanism Pointer to a mechanism. At this time, + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[in] pMechanism Pointer to a mechanism. At this time, * CKM_EC_KEY_PAIR_GEN is the only supported mechanism. - * @param[in] pxPublicKeyTemplate Pointer to a list of attributes that the generated + * @param[in] pPublicKeyTemplate Pointer to a list of attributes that the generated * public key should possess. * Public key template must have the following attributes: * - CKA_LABEL @@ -3968,8 +4192,8 @@ static CK_RV prvCheckGenerateKeyPairPublicTemplate( CK_ATTRIBUTE_PTR * ppxLabel, * generation is supported. * - CKA_TOKEN * - Must be set to CK_TRUE. - * @param[in] ulPublicKeyAttributeCount Number of attributes in pxPublicKeyTemplate. - * @param[in] pxPrivateKeyTemplate Pointer to a list of attributes that the generated + * @param[in] ulPublicKeyAttributeCount Number of attributes in pPublicKeyTemplate. + * @param[in] pPrivateKeyTemplate Pointer to a list of attributes that the generated * private key should possess. * Private key template must have the following attributes: * - CKA_LABEL @@ -3987,9 +4211,9 @@ static CK_RV prvCheckGenerateKeyPairPublicTemplate( CK_ATTRIBUTE_PTR * ppxLabel, * - CKA_TOKEN * - Must be set to CK_TRUE. * - * @param[in] ulPrivateKeyAttributeCount Number of attributes in pxPrivateKeyTemplate. - * @param[out] pxPublicKey Pointer to the handle of the public key to be created. - * @param[out] pxPrivateKey Pointer to the handle of the private key to be created. + * @param[in] ulPrivateKeyAttributeCount Number of attributes in pPrivateKeyTemplate. + * @param[out] phPublicKey Pointer to the handle of the public key to be created. + * @param[out] phPrivateKey Pointer to the handle of the private key to be created. * * \note Not all attributes specified by the PKCS #11 standard are supported. * \note CKA_LOCAL attribute is not supported. @@ -3999,16 +4223,15 @@ static CK_RV prvCheckGenerateKeyPairPublicTemplate( CK_ATTRIBUTE_PTR * ppxLabel, * for more information. */ /* @[declare_pkcs11_mbedtls_c_generatekeypair] */ -CK_DECLARE_FUNCTION( CK_RV, C_GenerateKeyPair )( CK_SESSION_HANDLE xSession, - CK_MECHANISM_PTR pxMechanism, - CK_ATTRIBUTE_PTR pxPublicKeyTemplate, +CK_DECLARE_FUNCTION( CK_RV, C_GenerateKeyPair )( CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, - CK_ATTRIBUTE_PTR pxPrivateKeyTemplate, + CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, - CK_OBJECT_HANDLE_PTR pxPublicKey, - CK_OBJECT_HANDLE_PTR pxPrivateKey ) + CK_OBJECT_HANDLE_PTR phPublicKey, + CK_OBJECT_HANDLE_PTR phPrivateKey ) { - CK_RV xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); uint8_t * pucDerFile = pvPortMalloc( pkcs11KEY_GEN_MAX_DER_SIZE ); int32_t lMbedResult = 0; uint32_t ulIndex = 0; @@ -4021,6 +4244,9 @@ CK_DECLARE_FUNCTION( CK_RV, C_GenerateKeyPair )( CK_SESSION_HANDLE xSession, uint32_t xPrivateRequiredAttributeMap = ( LABEL_IN_TEMPLATE | PRIVATE_IN_TEMPLATE | SIGN_IN_TEMPLATE ); uint32_t xAttributeMap = 0; + const P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + CK_RV xResult = prvCheckValidSessionAndModule( pxSession ); + #if ( pkcs11configSUPPRESS_ECDSA_MECHANISM == 1 ) if( xResult == CKR_OK ) { @@ -4030,11 +4256,11 @@ CK_DECLARE_FUNCTION( CK_RV, C_GenerateKeyPair )( CK_SESSION_HANDLE xSession, if( xResult == CKR_OK ) { - if( ( pxPublicKeyTemplate == NULL ) || - ( pxPrivateKeyTemplate == NULL ) || - ( pxPublicKey == NULL ) || - ( pxPrivateKey == NULL ) || - ( pxMechanism == NULL ) ) + if( ( pPublicKeyTemplate == NULL ) || + ( pPrivateKeyTemplate == NULL ) || + ( phPublicKey == NULL ) || + ( phPrivateKey == NULL ) || + ( pMechanism == NULL ) ) { xResult = CKR_ARGUMENTS_BAD; } @@ -4050,7 +4276,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GenerateKeyPair )( CK_SESSION_HANDLE xSession, if( xResult == CKR_OK ) { - if( CKM_EC_KEY_PAIR_GEN != pxMechanism->mechanism ) + if( CKM_EC_KEY_PAIR_GEN != pMechanism->mechanism ) { xResult = CKR_MECHANISM_INVALID; } @@ -4061,7 +4287,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GenerateKeyPair )( CK_SESSION_HANDLE xSession, for( ulIndex = 0; ulIndex < ulPrivateKeyAttributeCount; ++ulIndex ) { xResult = prvCheckGenerateKeyPairPrivateTemplate( &pxPrivateLabel, - &pxPrivateKeyTemplate[ ulIndex ], + &pPrivateKeyTemplate[ ulIndex ], &xAttributeMap ); if( xResult != CKR_OK ) @@ -4083,7 +4309,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GenerateKeyPair )( CK_SESSION_HANDLE xSession, for( ulIndex = 0; ulIndex < ulPublicKeyAttributeCount; ++ulIndex ) { xResult = prvCheckGenerateKeyPairPublicTemplate( &pxPublicLabel, - &pxPublicKeyTemplate[ ulIndex ], + &pPublicKeyTemplate[ ulIndex ], &xAttributeMap ); if( xResult != CKR_OK ) @@ -4150,15 +4376,15 @@ CK_DECLARE_FUNCTION( CK_RV, C_GenerateKeyPair )( CK_SESSION_HANDLE xSession, if( ( xPalPublic != CK_INVALID_HANDLE ) && ( xPalPrivate != CK_INVALID_HANDLE ) ) { - xResult = prvAddObjectToList( xPalPrivate, pxPrivateKey, pxPrivateLabel->pValue, pxPrivateLabel->ulValueLen ); + xResult = prvAddObjectToList( xPalPrivate, phPrivateKey, pxPrivateLabel->pValue, pxPrivateLabel->ulValueLen ); if( xResult == CKR_OK ) { - xResult = prvAddObjectToList( xPalPublic, pxPublicKey, pxPublicLabel->pValue, pxPublicLabel->ulValueLen ); + xResult = prvAddObjectToList( xPalPublic, phPublicKey, pxPublicLabel->pValue, pxPublicLabel->ulValueLen ); if( xResult != CKR_OK ) { - PKCS11_PAL_DestroyObject( *pxPrivateKey ); + ( void ) PKCS11_PAL_DestroyObject( *phPrivateKey ); } } } @@ -4174,8 +4400,8 @@ CK_DECLARE_FUNCTION( CK_RV, C_GenerateKeyPair )( CK_SESSION_HANDLE xSession, /** * @brief Generates random data. * - * @param[in] xSession Handle of a valid PKCS #11 session. - * @param[out] pucRandomData Pointer to location that random data will be placed. + * @param[in] hSession Handle of a valid PKCS #11 session. + * @param[out] RandomData Pointer to location that random data will be placed. * It is the responsiblity of the application to allocate * this memory. * @param[in] ulRandomLen Length of data (in bytes) to be generated. @@ -4185,24 +4411,26 @@ CK_DECLARE_FUNCTION( CK_RV, C_GenerateKeyPair )( CK_SESSION_HANDLE xSession, * for more information. */ /* @[declare_pkcs11_mbedtls_c_generate_random] */ -CK_DECLARE_FUNCTION( CK_RV, C_GenerateRandom )( CK_SESSION_HANDLE xSession, - CK_BYTE_PTR pucRandomData, +CK_DECLARE_FUNCTION( CK_RV, C_GenerateRandom )( CK_SESSION_HANDLE hSession, + CK_BYTE_PTR RandomData, CK_ULONG ulRandomLen ) { CK_RV xResult = CKR_OK; int32_t lMbedResult = 0; - xResult = PKCS11_SESSION_VALID_AND_MODULE_INITIALIZED( xSession ); + const P11Session_t * pxSession = prvSessionPointerFromHandle( hSession ); + + xResult = prvCheckValidSessionAndModule( pxSession ); - if( ( NULL == pucRandomData ) || - ( ulRandomLen == 0 ) ) + if( ( NULL == RandomData ) || + ( ulRandomLen == 0UL ) ) { xResult = CKR_ARGUMENTS_BAD; } if( xResult == CKR_OK ) { - lMbedResult = mbedtls_ctr_drbg_random( &xP11Context.xMbedDrbgCtx, pucRandomData, ulRandomLen ); + lMbedResult = mbedtls_ctr_drbg_random( &xP11Context.xMbedDrbgCtx, RandomData, ulRandomLen ); if( lMbedResult != 0 ) { diff --git a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/src/iot_pkcs11_pal.c b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/src/iot_pkcs11_pal.c index e1a9f1bde..1ed5a522c 100755 --- a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/src/iot_pkcs11_pal.c +++ b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/src/iot_pkcs11_pal.c @@ -35,7 +35,6 @@ /*-----------------------------------------------------------*/ #include "FreeRTOS.h" -#include "FreeRTOSIPConfig.h" #include "iot_pkcs11.h" #include "iot_pkcs11_config.h" @@ -58,7 +57,7 @@ * @brief PKCS #11 logging macro. * */ -#define PKCS11_PAL_PRINT( X ) vLoggingPrintf X +#define PKCS11_PAL_PRINT( X ) configPRINTF( X ) /** * @ingroup pkcs11_enums @@ -152,10 +151,14 @@ void prvLabelToFilenameHandle( uint8_t * pcLabel, /*-----------------------------------------------------------*/ +CK_RV PKCS11_PAL_Initialize( void ) +{ + return CKR_OK; +} CK_OBJECT_HANDLE PKCS11_PAL_SaveObject( CK_ATTRIBUTE_PTR pxLabel, - uint8_t * pucData, - uint32_t ulDataSize ) + CK_BYTE_PTR pucData, + CK_ULONG ulDataSize ) { uint32_t ulStatus = 0; HANDLE hFile = INVALID_HANDLE_VALUE; @@ -211,8 +214,8 @@ CK_OBJECT_HANDLE PKCS11_PAL_SaveObject( CK_ATTRIBUTE_PTR pxLabel, /*-----------------------------------------------------------*/ -CK_OBJECT_HANDLE PKCS11_PAL_FindObject( uint8_t * pLabel, - uint8_t usLength ) +CK_OBJECT_HANDLE PKCS11_PAL_FindObject( CK_BYTE_PTR pxLabel, + CK_ULONG usLength ) { /* Avoid compiler warnings about unused variables. */ ( void ) usLength; @@ -221,7 +224,7 @@ CK_OBJECT_HANDLE PKCS11_PAL_FindObject( uint8_t * pLabel, char * pcFileName = NULL; /* Converts a label to its respective filename and handle. */ - prvLabelToFilenameHandle( pLabel, + prvLabelToFilenameHandle( pxLabel, &pcFileName, &xHandle ); @@ -236,9 +239,9 @@ CK_OBJECT_HANDLE PKCS11_PAL_FindObject( uint8_t * pLabel, /*-----------------------------------------------------------*/ CK_RV PKCS11_PAL_GetObjectValue( CK_OBJECT_HANDLE xHandle, - uint8_t ** ppucData, - uint32_t * pulDataSize, - CK_BBOOL * pIsPrivate ) + CK_BYTE_PTR * ppucData, + CK_ULONG_PTR pulDataSize, + CK_BBOOL * pIsPrivate ) { CK_RV ulReturn = CKR_OK; uint32_t ulDriverReturn = 0; @@ -340,8 +343,8 @@ CK_RV PKCS11_PAL_GetObjectValue( CK_OBJECT_HANDLE xHandle, /*-----------------------------------------------------------*/ -void PKCS11_PAL_GetObjectValueCleanup( uint8_t * pucData, - uint32_t ulDataSize ) +void PKCS11_PAL_GetObjectValueCleanup( CK_BYTE_PTR pucData, + CK_ULONG ulDataSize ) { /* Unused parameters. */ ( void ) ulDataSize; diff --git a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/pkcs11/include/iot_pkcs11.h b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/pkcs11/include/iot_pkcs11.h index dd95d1a7d..5308e1f68 100755 --- a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/pkcs11/include/iot_pkcs11.h +++ b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/pkcs11/include/iot_pkcs11.h @@ -80,19 +80,19 @@ /** * @brief Length of a SHA256 digest, in bytes. */ -#define pkcs11SHA256_DIGEST_LENGTH 32 +#define pkcs11SHA256_DIGEST_LENGTH 32UL /** * @brief Length of a curve P-256 ECDSA signature, in bytes. * PKCS #11 EC signatures are represented as a 32-bit R followed * by a 32-bit S value, and not ASN.1 encoded. */ -#define pkcs11ECDSA_P256_SIGNATURE_LENGTH 64 +#define pkcs11ECDSA_P256_SIGNATURE_LENGTH 64UL /** * @brief Key strength for elliptic-curve P-256. */ -#define pkcs11ECDSA_P256_KEY_BITS 256 +#define pkcs11ECDSA_P256_KEY_BITS 256UL /** * @brief Public exponent for RSA. @@ -103,12 +103,12 @@ * @brief The number of bits in the RSA-2048 modulus. * */ -#define pkcs11RSA_2048_MODULUS_BITS 2048 +#define pkcs11RSA_2048_MODULUS_BITS 2048UL /** * @brief Length of PKCS #11 signature for RSA 2048 key, in bytes. */ -#define pkcs11RSA_2048_SIGNATURE_LENGTH ( pkcs11RSA_2048_MODULUS_BITS / 8 ) +#define pkcs11RSA_2048_SIGNATURE_LENGTH ( pkcs11RSA_2048_MODULUS_BITS / 8UL ) /** * @brief Length of RSA signature data before padding. @@ -116,7 +116,7 @@ * This is calculated by adding the SHA-256 hash len (32) to the 19 bytes in * pkcs11STUFF_APPENDED_TO_RSA_SIG = 51 bytes total. */ -#define pkcs11RSA_SIGNATURE_INPUT_LENGTH 51 +#define pkcs11RSA_SIGNATURE_INPUT_LENGTH 51UL /** * @brief Elliptic-curve object identifiers. @@ -127,7 +127,7 @@ /** * @brief Maximum length of storage for PKCS #11 label, in bytes. */ -#define pkcs11MAX_LABEL_LENGTH 32 /* 31 characters + 1 null terminator. */ +#define pkcs11MAX_LABEL_LENGTH 32UL /* 31 characters + 1 null terminator. */ /** * @brief OID for curve P-256. diff --git a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/utils/include/iot_pki_utils.h b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/utils/include/iot_pki_utils.h index a9836d6f8..c066d6824 100755 --- a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/utils/include/iot_pki_utils.h +++ b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/utils/include/iot_pki_utils.h @@ -67,8 +67,8 @@ * \return 0 on success, -1 on failure. */ /* @[declare_pkcs11_utils_pkimbedtlssignaturetopkcs11signature] */ -int PKI_mbedTLSSignatureToPkcs11Signature( uint8_t * pxSignaturePKCS, - uint8_t * pxMbedSignature ); +BaseType_t PKI_mbedTLSSignatureToPkcs11Signature( uint8_t * pxSignaturePKCS, + const uint8_t * pxMbedSignature ); /* @[declare_pkcs11_utils_pkimbedtlssignaturetopkcs11signature] */ @@ -96,7 +96,7 @@ int PKI_mbedTLSSignatureToPkcs11Signature( uint8_t * pxSignaturePKCS, * */ /* @[declare_pkcs11_utils_pkipkcs11signaturetombedtlssignature] */ -int PKI_pkcs11SignatureTombedTLSSignature( uint8_t * pucSig, - size_t * pxSigLen ); +BaseType_t PKI_pkcs11SignatureTombedTLSSignature( uint8_t * pucSig, + size_t * pxSigLen ); /* @[declare_pkcs11_utils_pkipkcs11signaturetombedtlssignature] */ #endif /* ifndef _IOT_PKI_UTILS_H_ */ diff --git a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/utils/src/iot_pki_utils.c b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/utils/src/iot_pki_utils.c index 642d4565a..d56fa0ceb 100755 --- a/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/utils/src/iot_pki_utils.c +++ b/FreeRTOS-Plus/Source/FreeRTOS-IoT-Libraries-LTS-Beta1/abstractions/platform/freertos_plus/standard/utils/src/iot_pki_utils.c @@ -42,11 +42,11 @@ /* Convert the EC signature from DER encoded to PKCS #11 format. */ /* @[declare pkcs11_utils_pkipkcs11signaturetombedtlssignature] */ -int PKI_mbedTLSSignatureToPkcs11Signature( uint8_t * pxSignaturePKCS, - uint8_t * pxMbedSignature ) +BaseType_t PKI_mbedTLSSignatureToPkcs11Signature( uint8_t * pxSignaturePKCS, + const uint8_t * pxMbedSignature ) { - int xReturn = 0; - uint8_t * pxNextLength; + BaseType_t xReturn = 0; + const uint8_t * pxNextLength; uint8_t ucSigComponentLength; if( ( pxSignaturePKCS == NULL ) || ( pxMbedSignature == NULL ) ) @@ -67,26 +67,27 @@ int PKI_mbedTLSSignatureToPkcs11Signature( uint8_t * pxSignaturePKCS, /* The new signature will be 64 bytes long (32 bytes for R, 32 bytes for S). * Zero this buffer out in case a component is shorter than 32 bytes. */ - memset( pxSignaturePKCS, 0, 64 ); + ( void ) memset( pxSignaturePKCS, 0, 64 ); /********* R Component. *********/ /* R components are represented by mbedTLS as 33 bytes when the first bit is zero to avoid any sign confusion. */ - if( ucSigComponentLength == 33 ) + if( ucSigComponentLength == 33UL ) { /* Chop off the leading zero. The first 4 bytes were SEQUENCE, LENGTH, INTEGER, LENGTH, 0x00 padding. */ - memcpy( pxSignaturePKCS, &pxMbedSignature[ 5 ], 32 ); - pxNextLength = pxMbedSignature + 5 /* SEQUENCE, LENGTH, INTEGER, LENGTH, leading zero */ + 32 /*(R) */ + 1 /*(S's integer tag) */; + ( void ) memcpy( pxSignaturePKCS, &pxMbedSignature[ 5 ], 32 ); + /* SEQUENCE, LENGTH, INTEGER, LENGTH, leading zero, R, S's integer tag */ + pxNextLength = pxMbedSignature + 5 + 32 + 1; } else { /* The R component is 32 bytes or less. Copy so that it is properly represented as a 32 byte value, * leaving leading 0 pads at beginning if necessary. */ - memcpy( &pxSignaturePKCS[ 32 - ucSigComponentLength ], /* If the R component is less than 32 bytes, leave the leading zeros. */ - &pxMbedSignature[ 4 ], /* SEQUENCE, LENGTH, INTEGER, LENGTH, (R component begins as the 5th byte) */ - ucSigComponentLength ); - pxNextLength = pxMbedSignature + 4 + ucSigComponentLength + 1; /* Move the pointer to get rid of - * SEQUENCE, LENGTH, INTEGER, LENGTH, R Component, S integer tag. */ + ( void ) memcpy( &pxSignaturePKCS[ 32UL - ucSigComponentLength ], /* If the R component is less than 32 bytes, leave the leading zeros. */ + &pxMbedSignature[ 4 ], /* SEQUENCE, LENGTH, INTEGER, LENGTH, (R component begins as the 5th byte) */ + ucSigComponentLength ); + pxNextLength = pxMbedSignature + 4 + ucSigComponentLength + 1; /* Move the pointer to get rid of + * SEQUENCE, LENGTH, INTEGER, LENGTH, R Component, S integer tag. */ } /********** S Component. ***********/ @@ -94,19 +95,19 @@ int PKI_mbedTLSSignatureToPkcs11Signature( uint8_t * pxSignaturePKCS, /* Now pxNextLength is pointing to the length of the S component. */ ucSigComponentLength = pxNextLength[ 0 ]; - if( ucSigComponentLength == 33 ) + if( ucSigComponentLength == 33UL ) { - memcpy( &pxSignaturePKCS[ 32 ], - &pxNextLength[ 2 ], /*LENGTH (of S component), 0x00 padding, S component is 3rd byte - we want to skip the leading zero. */ - 32 ); + ( void ) memcpy( &pxSignaturePKCS[ 32 ], + &pxNextLength[ 2 ], /*LENGTH (of S component), 0x00 padding, S component is 3rd byte - we want to skip the leading zero. */ + 32 ); } else { /* The S component is 32 bytes or less. Copy so that it is properly represented as a 32 byte value, * leaving leading 0 pads at beginning if necessary. */ - memcpy( &pxSignaturePKCS[ 64 - ucSigComponentLength ], - &pxNextLength[ 1 ], - ucSigComponentLength ); + ( void ) memcpy( &pxSignaturePKCS[ 64UL - ucSigComponentLength ], + &pxNextLength[ 1 ], + ucSigComponentLength ); } } @@ -118,21 +119,21 @@ int PKI_mbedTLSSignatureToPkcs11Signature( uint8_t * pxSignaturePKCS, /* Convert an EC signature from PKCS #11 format to DER encoded. */ /* @[declare pkcs11_utils_pkimbedtlssignaturetopkcs11signature] */ -int PKI_pkcs11SignatureTombedTLSSignature( uint8_t * pucSig, - size_t * pxSigLen ) +BaseType_t PKI_pkcs11SignatureTombedTLSSignature( uint8_t * pucSig, + size_t * pxSigLen ) { - int xResult = 0; + BaseType_t xReturn = 0; uint8_t * pucSigPtr; uint8_t ucTemp[ 64 ] = { 0 }; /* A temporary buffer for the pre-formatted signature. */ if( ( pucSig == NULL ) || ( pxSigLen == NULL ) ) { - xResult = FAILURE; + xReturn = FAILURE; } - if( xResult == 0 ) + if( xReturn == 0 ) { - memcpy( ucTemp, pucSig, 64 ); + ( void ) memcpy( ucTemp, pucSig, 64 ); /* The ASN.1 encoded signature has the format @@ -152,19 +153,19 @@ int PKI_pkcs11SignatureTombedTLSSignature( uint8_t * pucSig, /* If the first bit is one, pre-append a 00 byte. * This prevents the number from being interpreted as negative. */ - if( ucTemp[ 0 ] & 0x80 ) + if( ( ucTemp[ 0 ] & 0x80UL ) == 0x80UL ) { - pucSig[ 1 ]++; /* Increment the length of the structure to account for the 0x00 pad. */ - pucSig[ 3 ] = 0x21; /* Increment the length of the R value to account for the 0x00 pad. */ - pucSig[ 4 ] = 0x0; /* Write the 0x00 pad. */ - memcpy( &pucSig[ 5 ], ucTemp, 32 ); /* Copy the 32-byte R value. */ - pucSigPtr = pucSig + 33; /* Increment the pointer to compensate for padded R length. */ + pucSig[ 1 ]++; /* Increment the length of the structure to account for the 0x00 pad. */ + pucSig[ 3 ] = 0x21; /* Increment the length of the R value to account for the 0x00 pad. */ + pucSig[ 4 ] = 0x0; /* Write the 0x00 pad. */ + ( void ) memcpy( &pucSig[ 5 ], ucTemp, 32 ); /* Copy the 32-byte R value. */ + pucSigPtr = pucSig + 33; /* Increment the pointer to compensate for padded R length. */ } else { - pucSig[ 3 ] = 0x20; /* R length with be 32 bytes. */ - memcpy( &pucSig[ 4 ], ucTemp, 32 ); /* Copy 32 bytes of R into the signature buffer. */ - pucSigPtr = pucSig + 32; /* Increment the pointer for 32 byte R length. */ + pucSig[ 3 ] = 0x20; /* R length with be 32 bytes. */ + ( void ) memcpy( &pucSig[ 4 ], ucTemp, 32 ); /* Copy 32 bytes of R into the signature buffer. */ + pucSigPtr = pucSig + 32; /* Increment the pointer for 32 byte R length. */ } pucSigPtr += 4; /* Increment the pointer to offset the SEQUENCE, LENGTH, R-INTEGER, LENGTH. */ @@ -175,27 +176,27 @@ int PKI_pkcs11SignatureTombedTLSSignature( uint8_t * pucSig, /* If the first bit is one, pre-append a 00 byte. * This prevents the number from being interpreted as negative. */ - if( ucTemp[ 32 ] & 0x80 ) + if( ( ucTemp[ 32 ] & 0x80UL ) == 0x80UL ) { - pucSig[ 1 ]++; /* Increment the length of the structure to account for the 0x00 pad. */ - pucSigPtr[ 0 ] = 0x21; /* Increment the length of the S value to account for the 0x00 pad. */ - pucSigPtr[ 1 ] = 0x00; /* Write the 0x00 pad. */ - pucSigPtr += 2; /* pucSigPtr was pointing at the S-length. Increment by 2 to hop over length and 0 padding. */ + pucSig[ 1 ]++; /* Increment the length of the structure to account for the 0x00 pad. */ + pucSigPtr[ 0 ] = 0x21; /* Increment the length of the S value to account for the 0x00 pad. */ + pucSigPtr[ 1 ] = 0x00; /* Write the 0x00 pad. */ + pucSigPtr += 2; /* pucSigPtr was pointing at the S-length. Increment by 2 to hop over length and 0 padding. */ - memcpy( pucSigPtr, &ucTemp[ 32 ], 32 ); /* Copy the S value. */ + ( void ) memcpy( pucSigPtr, &ucTemp[ 32 ], 32 ); /* Copy the S value. */ } else { - pucSigPtr[ 0 ] = 0x20; /* S length will be 32 bytes. */ - pucSigPtr++; /* Hop pointer over the length byte. */ - memcpy( pucSigPtr, &ucTemp[ 32 ], 32 ); /* Copy the S value. */ + pucSigPtr[ 0 ] = 0x20; /* S length will be 32 bytes. */ + pucSigPtr++; /* Hop pointer over the length byte. */ + ( void ) memcpy( pucSigPtr, &ucTemp[ 32 ], 32 ); /* Copy the S value. */ } /* The total signature length is the length of the R and S integers plus 2 bytes for * the SEQUENCE and LENGTH wrapping the entire struct. */ - *pxSigLen = pucSig[ 1 ] + 2; + *pxSigLen = pucSig[ 1 ] + 2UL; } - return xResult; + return xReturn; } /* @[declare pkcs11_utils_pkimbedtlssignaturetopkcs11signature] */ |