2 * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
18 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
20 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
21 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
22 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
23 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
24 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 /*****************************************************************************
30 This class respresent a PKCS#11 object
31 *****************************************************************************/
34 #include "P11Objects.h"
39 P11Object::P11Object()
46 P11Object::~P11Object()
48 std::map<CK_ATTRIBUTE_TYPE, P11Attribute*> cleanUp = attributes;
51 for (std::map<CK_ATTRIBUTE_TYPE, P11Attribute*>::iterator i = cleanUp.begin(); i != cleanUp.end(); i++)
53 if (i->second == NULL)
64 bool P11Object::init(OSObject *inobject)
66 if (initialized) return true;
67 if (inobject == NULL) return false;
72 P11Attribute* attrClass = new P11AttrClass(osobject);
73 P11Attribute* attrToken = new P11AttrToken(osobject);
74 P11Attribute* attrPrivate = new P11AttrPrivate(osobject);
75 P11Attribute* attrModifiable = new P11AttrModifiable(osobject);
76 P11Attribute* attrLabel = new P11AttrLabel(osobject);
77 P11Attribute* attrCopyable = new P11AttrCopyable(osobject);
78 P11Attribute* attrDestroyable = new P11AttrDestroyable(osobject);
80 // Initialize the attributes
85 !attrPrivate->init() ||
86 !attrModifiable->init() ||
88 !attrCopyable->init() ||
89 !attrDestroyable->init()
92 ERROR_MSG("Could not initialize the attribute");
96 delete attrModifiable;
99 delete attrDestroyable;
103 // Add them to the map
104 attributes[attrClass->getType()] = attrClass;
105 attributes[attrToken->getType()] = attrToken;
106 attributes[attrPrivate->getType()] = attrPrivate;
107 attributes[attrModifiable->getType()] = attrModifiable;
108 attributes[attrLabel->getType()] = attrLabel;
109 attributes[attrCopyable->getType()] = attrCopyable;
110 attributes[attrDestroyable->getType()] = attrDestroyable;
116 CK_RV P11Object::loadTemplate(Token *token, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount)
118 bool isPrivate = this->isPrivate();
120 // [PKCS#11 v2.40, C_GetAttributeValue]
121 // 1. If the specified attribute (i.e., the attribute specified by the
122 // type field) for the object cannot be revealed because the object
123 // is sensitive or unextractable, then the ulValueLen field in that
124 // triple is modified to hold the value CK_UNAVAILABLE_INFORMATION.
126 // 2. Otherwise, if the specified value for the object is invalid (the
127 // object does not possess such an attribute), then the ulValueLen
128 // field in that triple is modified to hold the value
129 // CK_UNAVAILABLE_INFORMATION.
131 // 3. Otherwise, if the pValue field has the value NULL_PTR, then the
132 // ulValueLen field is modified to hold the exact length of the
133 // specified attribute for the object.
135 // 4. Otherwise, if the length specified in ulValueLen is large enough
136 // to hold the value of the specified attribute for the object,
137 // then that attribute is copied into the buffer located at pValue,
138 // and the ulValueLen field is modified to hold the exact length of
141 // 5. Otherwise, the ulValueLen field is modified to hold the value
142 // CK_UNAVAILABLE_INFORMATION.
144 bool invalid = false, sensitive = false, buffer_too_small = false;
146 // If case 3 or 4 applies to all the requested attributes, then the call will return CKR_OK.
147 for (CK_ULONG i = 0; i < ulAttributeCount; ++i)
149 P11Attribute* attr = attributes[pTemplate[i].type];
151 // case 2 of the attribute checks
153 pTemplate[i].ulValueLen = CK_UNAVAILABLE_INFORMATION;
154 // If case 2 applies to any of the requested attributes, then the call should
155 // return the value CKR_ATTRIBUTE_TYPE_INVALID.
160 // case 1,3,4 and 5 of the attribute checks are done while retrieving the attribute itself.
161 CK_RV retrieve_rv = attr->retrieve(token, isPrivate, pTemplate[i].pValue, &pTemplate[i].ulValueLen);
162 if (retrieve_rv == CKR_ATTRIBUTE_SENSITIVE) {
163 // If case 1 applies to any of the requested attributes, then the call should
164 // return the value CKR_ATTRIBUTE_SENSITIVE.
166 } else if (retrieve_rv == CKR_BUFFER_TOO_SMALL) {
167 // If case 5 applies to any of the requested attributes, then the call should
168 // return the value CKR_BUFFER_TOO_SMALL.
169 buffer_too_small = true;
170 } else if (retrieve_rv != CKR_OK) {
171 return CKR_GENERAL_ERROR;
176 // As usual if more than one of these error codes is applicable, Cryptoki may
177 // return any of them. Only if none of them applies to any of the requested
178 // attributes will CKR_OK be returned. We choose to return the errors in
179 // the following priority, which is probably the most useful order.
181 return CKR_ATTRIBUTE_SENSITIVE;
183 return CKR_ATTRIBUTE_TYPE_INVALID;
184 if (buffer_too_small)
185 return CKR_BUFFER_TOO_SMALL;
190 CK_RV P11Object::saveTemplate(Token *token, bool isPrivate, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, int op)
192 if (osobject == NULL)
193 return CKR_GENERAL_ERROR;
194 if (osobject->startTransaction() == false)
195 return CKR_GENERAL_ERROR;
197 if (op == OBJECT_OP_SET)
201 osobject->abortTransaction();
202 return CKR_ACTION_PROHIBITED;
206 // [PKCS#11 v2.40, 4.1.3 Copying objects] OBJECT_OP_COPY
207 // If the CKA_COPYABLE attribute of the object to be copied is set
208 // to CK_FALSE, C_CopyObject returns CKR_ACTION_PROHIBITED.
209 if (op == OBJECT_OP_COPY)
213 osobject->abortTransaction();
214 return CKR_ACTION_PROHIBITED;
218 for (CK_ULONG i = 0; i < ulAttributeCount; i++)
220 // [PKCS#11 v2.40, 4.1.1 Creating objects] OBJECT_OP_CREATE | OBJECT_OP_SET | OBJECT_OP_COPY
221 // 1. If the supplied template specifies a value for an invalid attribute, then the attempt
222 // should fail with the error code CKR_ATTRIBUTE_TYPE_INVALID. An attribute
223 // is valid if it is either one of the attributes described in the Cryptoki specification or an
224 // additional vendor-specific attribute supported by the library and token.
225 P11Attribute* attr = attributes[pTemplate[i].type];
229 osobject->abortTransaction();
230 return CKR_ATTRIBUTE_TYPE_INVALID;
233 // Additonal checks are done while updating the attributes themselves.
234 CK_RV rv = attr->update(token,isPrivate, pTemplate[i].pValue, pTemplate[i].ulValueLen, op);
237 osobject->abortTransaction();
242 // [PKCS#11 v2.40, 4.1.1 Creating objects]
243 // 4. If the attribute values in the supplied template, together with any default attribute
244 // values and any attribute values contributed to the object by the object-creation
245 // function itself, are insufficient to fully specify the object to create, then the attempt
246 // should fail with the error code CKR_TEMPLATE_INCOMPLETE.
248 // All attributes that have to be specified are marked as such in the specification.
249 // The following checks are relevant here:
250 for (std::map<CK_ATTRIBUTE_TYPE, P11Attribute*>::iterator i = attributes.begin(); i != attributes.end(); i++)
252 CK_ULONG checks = i->second->getChecks();
254 // ck1 MUST be specified when object is created with C_CreateObject.
255 // ck3 MUST be specified when object is generated with C_GenerateKey or C_GenerateKeyPair.
256 // ck5 MUST be specified when object is unwrapped with C_UnwrapKey.
257 if (((checks & P11Attribute::ck1) == P11Attribute::ck1 && op == OBJECT_OP_CREATE) ||
258 ((checks & P11Attribute::ck3) == P11Attribute::ck3 && op == OBJECT_OP_GENERATE) ||
259 ((checks & P11Attribute::ck5) == P11Attribute::ck5 && op == OBJECT_OP_UNWRAP))
261 bool isSpecified = false;
263 for (CK_ULONG n = 0; n < ulAttributeCount; n++)
265 if (i->first == pTemplate[n].type)
274 ERROR_MSG("Mandatory attribute (0x%08X) was not specified in template", (unsigned int)i->first);
276 return CKR_TEMPLATE_INCOMPLETE;
281 // [PKCS#11 v2.40, 4.1.1 Creating objects]
282 // 5. If the attribute values in the supplied template, together with any default attribute
283 // values and any attribute values contributed to the object by the object-creation
284 // function itself, are inconsistent, then the attempt should fail with the error code
285 // CKR_TEMPLATE_INCONSISTENT. A set of attribute values is inconsistent if not
286 // all of its members can be satisfied simultaneously by the token, although each value
287 // individually is valid in Cryptoki. One example of an inconsistent template would be
288 // using a template which specifies two different values for the same attribute. Another
289 // example would be trying to create a secret key object with an attribute which is
290 // appropriate for various types of public keys or private keys, but not for secret keys.
291 // A final example would be a template with an attribute that violates some token
292 // specific requirement. Note that this final example of an inconsistent template is
293 // token-dependent—on a different token, such a template might not be inconsistent.
295 if (osobject->commitTransaction() == false)
297 return CKR_GENERAL_ERROR;
303 bool P11Object::isPrivate()
305 // Get the CKA_PRIVATE attribute, when the attribute is
306 // not present return the default value which we have
307 // chosen to be CK_FALSE.
308 if (!osobject->attributeExists(CKA_PRIVATE)) return false;
310 return osobject->getBooleanValue(CKA_PRIVATE, false);
313 bool P11Object::isCopyable()
315 // Get the CKA_COPYABLE attribute, when the attribute is not
316 // present return the default value which is CK_TRUE.
317 if (!osobject->attributeExists(CKA_COPYABLE)) return true;
319 return osobject->getBooleanValue(CKA_COPYABLE, true);
322 bool P11Object::isModifiable()
324 // Get the CKA_MODIFIABLE attribute, when the attribute is
325 // not present return the default value which is CK_TRUE.
326 if (!osobject->attributeExists(CKA_MODIFIABLE)) return true;
328 return osobject->getBooleanValue(CKA_MODIFIABLE, true);
332 P11DataObj::P11DataObj()
338 bool P11DataObj::init(OSObject *inobject)
340 if (initialized) return true;
341 if (inobject == NULL) return false;
343 // Set default values for attributes that will be introduced in the parent
344 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_DATA) {
345 OSAttribute setClass((unsigned long)CKO_DATA);
346 inobject->setAttribute(CKA_CLASS, setClass);
350 if (!P11Object::init(inobject)) return false;
353 P11Attribute* attrApplication = new P11AttrApplication(osobject);
354 P11Attribute* attrObjectID = new P11AttrObjectID(osobject);
355 // NOTE: There is no mention in the PKCS#11 v2.40 spec that for a Data
356 // Object the CKA_VALUE attribute may be modified after creation!
357 // Therefore we assume it is not allowed to change the CKA_VALUE
358 // attribute of a Data Object.
359 P11Attribute* attrValue = new P11AttrValue(osobject,0);
361 // Initialize the attributes
364 !attrApplication->init() ||
365 !attrObjectID->init() ||
369 ERROR_MSG("Could not initialize the attribute");
370 delete attrApplication;
376 // Add them to the map
377 attributes[attrApplication->getType()] = attrApplication;
378 attributes[attrObjectID->getType()] = attrObjectID;
379 attributes[attrValue->getType()] = attrValue;
386 P11CertificateObj::P11CertificateObj()
392 bool P11CertificateObj::init(OSObject *inobject)
394 if (initialized) return true;
395 if (inobject == NULL) return false;
397 // Set default values for attributes that will be introduced in the parent
398 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_CERTIFICATE) {
399 OSAttribute setClass((unsigned long)CKO_CERTIFICATE);
400 inobject->setAttribute(CKA_CLASS, setClass);
402 // Make certificates public
403 if (!inobject->attributeExists(CKA_PRIVATE)) {
404 OSAttribute setPrivate(false);
405 inobject->setAttribute(CKA_PRIVATE, setPrivate);
409 if (!P11Object::init(inobject)) return false;
412 P11Attribute* attrCertificateType = new P11AttrCertificateType(osobject);
413 P11Attribute* attrTrusted = new P11AttrTrusted(osobject);
414 P11Attribute* attrCertificateCategory = new P11AttrCertificateCategory(osobject);
415 // NOTE: Because these attributes are used in a certificate object
416 // where the CKA_VALUE containing the certificate data is not
417 // modifiable, we assume that this attribute is also not modifiable.
418 // There is also no explicit mention of these attributes being modifiable.
419 P11Attribute* attrCheckValue = new P11AttrCheckValue(osobject, 0);
420 P11Attribute* attrStartDate = new P11AttrStartDate(osobject,0);
421 P11Attribute* attrEndDate = new P11AttrEndDate(osobject,0);
422 // TODO: CKA_PUBLIC_KEY_INFO is accepted, but we do not calculate it.
423 P11Attribute* attrPublicKeyInfo = new P11AttrPublicKeyInfo(osobject,0);
425 // Initialize the attributes
428 !attrCertificateType->init() ||
429 !attrTrusted->init() ||
430 !attrCertificateCategory->init() ||
431 !attrCheckValue->init() ||
432 !attrStartDate->init() ||
433 !attrEndDate->init() ||
434 !attrPublicKeyInfo->init()
437 ERROR_MSG("Could not initialize the attribute");
438 delete attrCertificateType;
440 delete attrCertificateCategory;
441 delete attrCheckValue;
442 delete attrStartDate;
444 delete attrPublicKeyInfo;
448 // Add them to the map
449 attributes[attrCertificateType->getType()] = attrCertificateType;
450 attributes[attrTrusted->getType()] = attrTrusted;
451 attributes[attrCertificateCategory->getType()] = attrCertificateCategory;
452 attributes[attrCheckValue->getType()] = attrCheckValue;
453 attributes[attrStartDate->getType()] = attrStartDate;
454 attributes[attrEndDate->getType()] = attrEndDate;
455 attributes[attrPublicKeyInfo->getType()] = attrPublicKeyInfo;
462 P11X509CertificateObj::P11X509CertificateObj()
468 bool P11X509CertificateObj::init(OSObject *inobject)
470 if (initialized) return true;
471 if (inobject == NULL) return false;
473 // Set default values for attributes that will be introduced in the parent
474 if (!inobject->attributeExists(CKA_CERTIFICATE_TYPE) || inobject->getUnsignedLongValue(CKA_CERTIFICATE_TYPE, CKC_VENDOR_DEFINED) != CKC_X_509) {
475 OSAttribute setCertType((unsigned long)CKC_X_509);
476 inobject->setAttribute(CKA_CERTIFICATE_TYPE, setCertType);
480 if (!P11CertificateObj::init(inobject)) return false;
483 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck1);
484 P11Attribute* attrID = new P11AttrID(osobject);
485 P11Attribute* attrIssuer = new P11AttrIssuer(osobject);
486 P11Attribute* attrSerialNumber = new P11AttrSerialNumber(osobject);
487 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck14);
488 P11Attribute* attrURL = new P11AttrURL(osobject);
489 P11Attribute* attrHashOfSubjectPublicKey = new P11AttrHashOfSubjectPublicKey(osobject);
490 P11Attribute* attrHashOfIssuerPublicKey = new P11AttrHashOfIssuerPublicKey(osobject);
491 P11Attribute* attrJavaMidpSecurityDomain = new P11AttrJavaMidpSecurityDomain(osobject);
492 P11Attribute* attrNameHashAlgorithm = new P11AttrNameHashAlgorithm(osobject);
494 // Initialize the attributes
497 !attrSubject->init() ||
499 !attrIssuer->init() ||
500 !attrSerialNumber->init() ||
501 !attrValue->init() ||
503 !attrHashOfSubjectPublicKey->init() ||
504 !attrHashOfIssuerPublicKey->init() ||
505 !attrJavaMidpSecurityDomain->init() ||
506 !attrNameHashAlgorithm->init()
509 ERROR_MSG("Could not initialize the attribute");
513 delete attrSerialNumber;
516 delete attrHashOfSubjectPublicKey;
517 delete attrHashOfIssuerPublicKey;
518 delete attrJavaMidpSecurityDomain;
519 delete attrNameHashAlgorithm;
523 // Add them to the map
524 attributes[attrSubject->getType()] = attrSubject;
525 attributes[attrID->getType()] = attrID;
526 attributes[attrIssuer->getType()] = attrIssuer;
527 attributes[attrSerialNumber->getType()] = attrSerialNumber;
528 attributes[attrValue->getType()] = attrValue;
529 attributes[attrURL->getType()] = attrURL;
530 attributes[attrHashOfSubjectPublicKey->getType()] = attrHashOfSubjectPublicKey;
531 attributes[attrHashOfIssuerPublicKey->getType()] = attrHashOfIssuerPublicKey;
532 attributes[attrJavaMidpSecurityDomain->getType()] = attrJavaMidpSecurityDomain;
533 attributes[attrNameHashAlgorithm->getType()] = attrNameHashAlgorithm;
539 P11OpenPGPPublicKeyObj::P11OpenPGPPublicKeyObj()
545 bool P11OpenPGPPublicKeyObj::init(OSObject *inobject)
547 if (initialized) return true;
548 if (inobject == NULL) return false;
550 // Set default values for attributes that will be introduced in the parent
551 if (!inobject->attributeExists(CKA_CERTIFICATE_TYPE) || inobject->getUnsignedLongValue(CKA_CERTIFICATE_TYPE, CKC_VENDOR_DEFINED) != CKC_OPENPGP) {
552 OSAttribute setCertType((unsigned long)CKC_OPENPGP);
553 inobject->setAttribute(CKA_CERTIFICATE_TYPE, setCertType);
557 if (!P11CertificateObj::init(inobject)) return false;
560 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck1);
561 P11Attribute* attrID = new P11AttrID(osobject);
562 P11Attribute* attrIssuer = new P11AttrIssuer(osobject);
563 P11Attribute* attrSerialNumber = new P11AttrSerialNumber(osobject);
564 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck14);
565 P11Attribute* attrURL = new P11AttrURL(osobject);
567 // Initialize the attributes
570 !attrSubject->init() ||
572 !attrIssuer->init() ||
573 !attrSerialNumber->init() ||
574 !attrValue->init() ||
578 ERROR_MSG("Could not initialize the attribute");
582 delete attrSerialNumber;
588 // Add them to the map
589 attributes[attrSubject->getType()] = attrSubject;
590 attributes[attrID->getType()] = attrID;
591 attributes[attrIssuer->getType()] = attrIssuer;
592 attributes[attrSerialNumber->getType()] = attrSerialNumber;
593 attributes[attrValue->getType()] = attrValue;
594 attributes[attrURL->getType()] = attrURL;
600 P11KeyObj::P11KeyObj()
606 bool P11KeyObj::init(OSObject *inobject)
608 if (initialized) return true;
609 if (inobject == NULL) return false;
612 if (!P11Object::init(inobject)) return false;
615 P11Attribute* attrKeyType = new P11AttrKeyType(osobject,P11Attribute::ck5);
616 P11Attribute* attrID = new P11AttrID(osobject);
617 P11Attribute* attrStartDate = new P11AttrStartDate(osobject,P11Attribute::ck8);
618 P11Attribute* attrEndDate = new P11AttrEndDate(osobject,P11Attribute::ck8);
619 P11Attribute* attrDerive = new P11AttrDerive(osobject);
620 P11Attribute* attrLocal = new P11AttrLocal(osobject,P11Attribute::ck6);
621 P11Attribute* attrKeyGenMechanism = new P11AttrKeyGenMechanism(osobject);
622 P11Attribute* attrAllowedMechanisms = new P11AttrAllowedMechanisms(osobject);
624 // Initialize the attributes
627 !attrKeyType->init() ||
629 !attrStartDate->init() ||
630 !attrEndDate->init() ||
631 !attrDerive->init() ||
632 !attrLocal->init() ||
633 !attrKeyGenMechanism->init() ||
634 !attrAllowedMechanisms->init()
637 ERROR_MSG("Could not initialize the attribute");
640 delete attrStartDate;
644 delete attrKeyGenMechanism;
645 delete attrAllowedMechanisms;
649 // Add them to the map
650 attributes[attrKeyType->getType()] = attrKeyType;
651 attributes[attrID->getType()] = attrID;
652 attributes[attrStartDate->getType()] = attrStartDate;
653 attributes[attrEndDate->getType()] = attrEndDate;
654 attributes[attrDerive->getType()] = attrDerive;
655 attributes[attrLocal->getType()] = attrLocal;
656 attributes[attrKeyGenMechanism->getType()] = attrKeyGenMechanism;
657 attributes[attrAllowedMechanisms->getType()] = attrAllowedMechanisms;
664 P11PublicKeyObj::P11PublicKeyObj()
670 bool P11PublicKeyObj::init(OSObject *inobject)
672 if (initialized) return true;
673 if (inobject == NULL) return false;
675 // Set default values for attributes that will be introduced in the parent
676 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_PUBLIC_KEY) {
677 OSAttribute setClass((unsigned long)CKO_PUBLIC_KEY);
678 inobject->setAttribute(CKA_CLASS, setClass);
680 // Make public keys public
681 if (!inobject->attributeExists(CKA_PRIVATE)) {
682 OSAttribute setPrivate(false);
683 inobject->setAttribute(CKA_PRIVATE, setPrivate);
687 if (!P11KeyObj::init(inobject)) return false;
689 if (initialized) return true;
692 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck8);
693 P11Attribute* attrEncrypt = new P11AttrEncrypt(osobject);
694 P11Attribute* attrVerify = new P11AttrVerify(osobject);
695 P11Attribute* attrVerifyRecover = new P11AttrVerifyRecover(osobject);
696 P11Attribute* attrWrap = new P11AttrWrap(osobject);
697 P11Attribute* attrTrusted = new P11AttrTrusted(osobject);
698 P11Attribute* attrWrapTemplate = new P11AttrWrapTemplate(osobject);
699 // TODO: CKA_PUBLIC_KEY_INFO is accepted, but we do not calculate it
700 P11Attribute* attrPublicKeyInfo = new P11AttrPublicKeyInfo(osobject,0);
702 // Initialize the attributes
705 !attrSubject->init() ||
706 !attrEncrypt->init() ||
707 !attrVerify->init() ||
708 !attrVerifyRecover->init() ||
710 !attrTrusted->init() ||
711 !attrWrapTemplate->init() ||
712 !attrPublicKeyInfo->init()
715 ERROR_MSG("Could not initialize the attribute");
719 delete attrVerifyRecover;
722 delete attrWrapTemplate;
723 delete attrPublicKeyInfo;
727 // Add them to the map
728 attributes[attrSubject->getType()] = attrSubject;
729 attributes[attrEncrypt->getType()] = attrEncrypt;
730 attributes[attrVerify->getType()] = attrVerify;
731 attributes[attrVerifyRecover->getType()] = attrVerifyRecover;
732 attributes[attrWrap->getType()] = attrWrap;
733 attributes[attrTrusted->getType()] = attrTrusted;
734 attributes[attrWrapTemplate->getType()] = attrWrapTemplate;
735 attributes[attrPublicKeyInfo->getType()] = attrPublicKeyInfo;
742 P11RSAPublicKeyObj::P11RSAPublicKeyObj()
748 bool P11RSAPublicKeyObj::init(OSObject *inobject)
750 if (initialized) return true;
751 if (inobject == NULL) return false;
753 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_RSA) {
754 OSAttribute setKeyType((unsigned long)CKK_RSA);
755 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
759 if (!P11PublicKeyObj::init(inobject)) return false;
762 P11Attribute* attrModulus = new P11AttrModulus(osobject);
763 P11Attribute* attrModulusBits = new P11AttrModulusBits(osobject);
764 P11Attribute* attrPublicExponent = new P11AttrPublicExponent(osobject,P11Attribute::ck1);
766 // Initialize the attributes
769 !attrModulus->init() ||
770 !attrModulusBits->init() ||
771 !attrPublicExponent->init()
774 ERROR_MSG("Could not initialize the attribute");
776 delete attrModulusBits;
777 delete attrPublicExponent;
781 // Add them to the map
782 attributes[attrModulus->getType()] = attrModulus;
783 attributes[attrModulusBits->getType()] = attrModulusBits;
784 attributes[attrPublicExponent->getType()] = attrPublicExponent;
791 P11DSAPublicKeyObj::P11DSAPublicKeyObj()
797 bool P11DSAPublicKeyObj::init(OSObject *inobject)
799 if (initialized) return true;
800 if (inobject == NULL) return false;
802 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DSA) {
803 OSAttribute setKeyType((unsigned long)CKK_DSA);
804 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
808 if (!P11PublicKeyObj::init(inobject)) return false;
811 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck3);
812 P11Attribute* attrSubPrime = new P11AttrSubPrime(osobject,P11Attribute::ck3);
813 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck3);
814 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4);
816 // Initialize the attributes
819 !attrPrime->init() ||
820 !attrSubPrime->init() ||
825 ERROR_MSG("Could not initialize the attribute");
833 // Add them to the map
834 attributes[attrPrime->getType()] = attrPrime;
835 attributes[attrSubPrime->getType()] = attrSubPrime;
836 attributes[attrBase->getType()] = attrBase;
837 attributes[attrValue->getType()] = attrValue;
844 P11ECPublicKeyObj::P11ECPublicKeyObj()
850 bool P11ECPublicKeyObj::init(OSObject *inobject)
852 if (initialized) return true;
853 if (inobject == NULL) return false;
855 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_EC) {
856 OSAttribute setKeyType((unsigned long)CKK_EC);
857 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
861 if (!P11PublicKeyObj::init(inobject)) return false;
864 P11Attribute* attrEcParams = new P11AttrEcParams(osobject,P11Attribute::ck3);
865 P11Attribute* attrEcPoint = new P11AttrEcPoint(osobject);
867 // Initialize the attributes
870 !attrEcParams->init() ||
874 ERROR_MSG("Could not initialize the attribute");
880 // Add them to the map
881 attributes[attrEcParams->getType()] = attrEcParams;
882 attributes[attrEcPoint->getType()] = attrEcPoint;
889 P11DHPublicKeyObj::P11DHPublicKeyObj()
895 bool P11DHPublicKeyObj::init(OSObject *inobject)
897 if (initialized) return true;
898 if (inobject == NULL) return false;
900 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DH) {
901 OSAttribute setKeyType((unsigned long)CKK_DH);
902 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
906 if (!P11PublicKeyObj::init(inobject)) return false;
909 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck3);
910 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck3);
911 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4);
913 // Initialize the attributes
916 !attrPrime->init() ||
921 ERROR_MSG("Could not initialize the attribute");
928 // Add them to the map
929 attributes[attrPrime->getType()] = attrPrime;
930 attributes[attrBase->getType()] = attrBase;
931 attributes[attrValue->getType()] = attrValue;
938 P11GOSTPublicKeyObj::P11GOSTPublicKeyObj()
944 bool P11GOSTPublicKeyObj::init(OSObject *inobject)
946 if (initialized) return true;
947 if (inobject == NULL) return false;
949 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_GOSTR3410) {
950 OSAttribute setKeyType((unsigned long)CKK_GOSTR3410);
951 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
955 if (!P11PublicKeyObj::init(inobject)) return false;
958 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4);
959 P11Attribute* attrGostR3410Params = new P11AttrGostR3410Params(osobject,P11Attribute::ck3);
960 P11Attribute* attrGostR3411Params = new P11AttrGostR3411Params(osobject,P11Attribute::ck3);
961 P11Attribute* attrGost28147Params = new P11AttrGost28147Params(osobject,P11Attribute::ck8);
963 // Initialize the attributes
966 !attrValue->init() ||
967 !attrGostR3410Params->init() ||
968 !attrGostR3411Params->init() ||
969 !attrGost28147Params->init()
972 ERROR_MSG("Could not initialize the attribute");
974 delete attrGostR3410Params;
975 delete attrGostR3411Params;
976 delete attrGost28147Params;
980 // Add them to the map
981 attributes[attrValue->getType()] = attrValue;
982 attributes[attrGostR3410Params->getType()] = attrGostR3410Params;
983 attributes[attrGostR3411Params->getType()] = attrGostR3411Params;
984 attributes[attrGost28147Params->getType()] = attrGost28147Params;
991 P11PrivateKeyObj::P11PrivateKeyObj()
997 bool P11PrivateKeyObj::init(OSObject *inobject)
999 if (initialized) return true;
1000 if (inobject == NULL) return false;
1002 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_PRIVATE_KEY) {
1003 OSAttribute setClass((unsigned long)CKO_PRIVATE_KEY);
1004 inobject->setAttribute(CKA_CLASS, setClass);
1008 if (!P11KeyObj::init(inobject)) return false;
1010 // Create attributes
1011 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck8);
1012 P11Attribute* attrSensitive = new P11AttrSensitive(osobject);
1013 P11Attribute* attrDecrypt = new P11AttrDecrypt(osobject);
1014 P11Attribute* attrSign = new P11AttrSign(osobject);
1015 P11Attribute* attrSignRecover = new P11AttrSignRecover(osobject);
1016 P11Attribute* attrUnwrap = new P11AttrUnwrap(osobject);
1017 P11Attribute* attrExtractable = new P11AttrExtractable(osobject);
1018 P11Attribute* attrAlwaysSensitive = new P11AttrAlwaysSensitive(osobject);
1019 P11Attribute* attrNeverExtractable = new P11AttrNeverExtractable(osobject);
1020 P11Attribute* attrWrapWithTrusted = new P11AttrWrapWithTrusted(osobject);
1021 P11Attribute* attrUnwrapTemplate = new P11AttrUnwrapTemplate(osobject);
1022 // TODO: CKA_ALWAYS_AUTHENTICATE is accepted, but we do not use it
1023 P11Attribute* attrAlwaysAuthenticate = new P11AttrAlwaysAuthenticate(osobject);
1024 // TODO: CKA_PUBLIC_KEY_INFO is accepted, but we do not calculate it
1025 P11Attribute* attrPublicKeyInfo = new P11AttrPublicKeyInfo(osobject,P11Attribute::ck8);
1027 // Initialize the attributes
1030 !attrSubject->init() ||
1031 !attrSensitive->init() ||
1032 !attrDecrypt->init() ||
1033 !attrSign->init() ||
1034 !attrSignRecover->init() ||
1035 !attrUnwrap->init() ||
1036 !attrExtractable->init() ||
1037 !attrAlwaysSensitive->init() ||
1038 !attrNeverExtractable->init() ||
1039 !attrWrapWithTrusted->init() ||
1040 !attrUnwrapTemplate->init() ||
1041 !attrAlwaysAuthenticate->init() ||
1042 !attrPublicKeyInfo->init()
1045 ERROR_MSG("Could not initialize the attribute");
1047 delete attrSensitive;
1050 delete attrSignRecover;
1052 delete attrExtractable;
1053 delete attrAlwaysSensitive;
1054 delete attrNeverExtractable;
1055 delete attrWrapWithTrusted;
1056 delete attrUnwrapTemplate;
1057 delete attrAlwaysAuthenticate;
1058 delete attrPublicKeyInfo;
1062 // Add them to the map
1063 attributes[attrSubject->getType()] = attrSubject;
1064 attributes[attrSensitive->getType()] = attrSensitive;
1065 attributes[attrDecrypt->getType()] = attrDecrypt;
1066 attributes[attrSign->getType()] = attrSign;
1067 attributes[attrSignRecover->getType()] = attrSignRecover;
1068 attributes[attrUnwrap->getType()] = attrUnwrap;
1069 attributes[attrExtractable->getType()] = attrExtractable;
1070 attributes[attrAlwaysSensitive->getType()] = attrAlwaysSensitive;
1071 attributes[attrNeverExtractable->getType()] = attrNeverExtractable;
1072 attributes[attrWrapWithTrusted->getType()] = attrWrapWithTrusted;
1073 attributes[attrUnwrapTemplate->getType()] = attrUnwrapTemplate;
1074 attributes[attrAlwaysAuthenticate->getType()] = attrAlwaysAuthenticate;
1075 attributes[attrPublicKeyInfo->getType()] = attrPublicKeyInfo;
1082 P11RSAPrivateKeyObj::P11RSAPrivateKeyObj()
1084 initialized = false;
1088 bool P11RSAPrivateKeyObj::init(OSObject *inobject)
1090 if (initialized) return true;
1091 if (inobject == NULL) return false;
1093 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_RSA) {
1094 OSAttribute setKeyType((unsigned long)CKK_RSA);
1095 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1099 if (!P11PrivateKeyObj::init(inobject)) return false;
1101 // Create attributes
1102 P11Attribute* attrModulus = new P11AttrModulus(osobject,P11Attribute::ck6);
1103 P11Attribute* attrPublicExponent = new P11AttrPublicExponent(osobject,P11Attribute::ck4|P11Attribute::ck6);
1104 P11Attribute* attrPrivateExponent = new P11AttrPrivateExponent(osobject);
1105 P11Attribute* attrPrime1 = new P11AttrPrime1(osobject);
1106 P11Attribute* attrPrime2 = new P11AttrPrime2(osobject);
1107 P11Attribute* attrExponent1 = new P11AttrExponent1(osobject);
1108 P11Attribute* attrExponent2 = new P11AttrExponent2(osobject);
1109 P11Attribute* attrCoefficient = new P11AttrCoefficient(osobject);
1110 P11Attribute* attrPrivateHandle = new P11AttrPrivateHandle(osobject);
1112 // Initialize the attributes
1115 !attrModulus->init() ||
1116 !attrPublicExponent->init() ||
1117 !attrPrivateExponent->init() ||
1118 !attrPrime1->init() ||
1119 !attrPrime2->init() ||
1120 !attrExponent1->init() ||
1121 !attrExponent2->init() ||
1122 !attrPrivateHandle->init() ||
1123 !attrCoefficient->init()
1126 ERROR_MSG("Could not initialize the attribute");
1128 delete attrPublicExponent;
1129 delete attrPrivateExponent;
1132 delete attrExponent1;
1133 delete attrExponent2;
1134 delete attrCoefficient;
1135 delete attrPrivateHandle;
1139 // Add them to the map
1140 attributes[attrModulus->getType()] = attrModulus;
1141 attributes[attrPublicExponent->getType()] = attrPublicExponent;
1142 attributes[attrPrivateExponent->getType()] = attrPrivateExponent;
1143 attributes[attrPrime1->getType()] = attrPrime1;
1144 attributes[attrPrime2->getType()] = attrPrime2;
1145 attributes[attrExponent1->getType()] = attrExponent1;
1146 attributes[attrExponent2->getType()] = attrExponent2;
1147 attributes[attrCoefficient->getType()] = attrCoefficient;
1148 attributes[attrPrivateHandle->getType()] = attrPrivateHandle;
1155 P11DSAPrivateKeyObj::P11DSAPrivateKeyObj()
1157 initialized = false;
1161 bool P11DSAPrivateKeyObj::init(OSObject *inobject)
1163 if (initialized) return true;
1164 if (inobject == NULL) return false;
1166 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DSA) {
1167 OSAttribute setKeyType((unsigned long)CKK_DSA);
1168 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1172 if (!P11PrivateKeyObj::init(inobject)) return false;
1174 // Create attributes
1175 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4|P11Attribute::ck6);
1176 P11Attribute* attrSubPrime = new P11AttrSubPrime(osobject,P11Attribute::ck4|P11Attribute::ck6);
1177 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4|P11Attribute::ck6);
1178 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1180 // Initialize the attributes
1183 !attrPrime->init() ||
1184 !attrSubPrime->init() ||
1185 !attrBase->init() ||
1189 ERROR_MSG("Could not initialize the attribute");
1191 delete attrSubPrime;
1197 // Add them to the map
1198 attributes[attrPrime->getType()] = attrPrime;
1199 attributes[attrSubPrime->getType()] = attrSubPrime;
1200 attributes[attrBase->getType()] = attrBase;
1201 attributes[attrValue->getType()] = attrValue;
1208 P11ECPrivateKeyObj::P11ECPrivateKeyObj()
1210 initialized = false;
1214 bool P11ECPrivateKeyObj::init(OSObject *inobject)
1216 if (initialized) return true;
1217 if (inobject == NULL) return false;
1219 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_EC) {
1220 OSAttribute setKeyType((unsigned long)CKK_EC);
1221 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1225 if (!P11PrivateKeyObj::init(inobject)) return false;
1227 // Create attributes
1228 P11Attribute* attrEcParams = new P11AttrEcParams(osobject,P11Attribute::ck4|P11Attribute::ck6);
1229 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1230 P11Attribute* attrPrivateHandle = new P11AttrPrivateHandle(osobject);
1232 // Initialize the attributes
1235 !attrEcParams->init() ||
1236 !attrPrivateHandle->init() ||
1240 ERROR_MSG("Could not initialize the attribute");
1241 delete attrEcParams;
1243 delete attrPrivateHandle;
1247 // Add them to the map
1248 attributes[attrEcParams->getType()] = attrEcParams;
1249 attributes[attrValue->getType()] = attrValue;
1250 attributes[attrPrivateHandle->getType()] = attrPrivateHandle;
1257 P11DHPrivateKeyObj::P11DHPrivateKeyObj()
1259 initialized = false;
1263 bool P11DHPrivateKeyObj::init(OSObject *inobject)
1265 if (initialized) return true;
1266 if (inobject == NULL) return false;
1268 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DH) {
1269 OSAttribute setKeyType((unsigned long)CKK_DH);
1270 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1274 if (!P11PrivateKeyObj::init(inobject)) return false;
1276 // Create attributes
1277 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4|P11Attribute::ck6);
1278 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4|P11Attribute::ck6);
1279 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1280 P11Attribute* attrValueBits = new P11AttrValueBits(osobject);
1282 // Initialize the attributes
1285 !attrPrime->init() ||
1286 !attrBase->init() ||
1287 !attrValue->init() ||
1288 !attrValueBits->init()
1291 ERROR_MSG("Could not initialize the attribute");
1295 delete attrValueBits;
1299 // Add them to the map
1300 attributes[attrPrime->getType()] = attrPrime;
1301 attributes[attrBase->getType()] = attrBase;
1302 attributes[attrValue->getType()] = attrValue;
1303 attributes[attrValueBits->getType()] = attrValueBits;
1310 P11GOSTPrivateKeyObj::P11GOSTPrivateKeyObj()
1312 initialized = false;
1316 bool P11GOSTPrivateKeyObj::init(OSObject *inobject)
1318 if (initialized) return true;
1319 if (inobject == NULL) return false;
1321 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_GOSTR3410) {
1322 OSAttribute setKeyType((unsigned long)CKK_GOSTR3410);
1323 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1327 if (!P11PrivateKeyObj::init(inobject)) return false;
1329 // Create attributes
1330 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1331 P11Attribute* attrGostR3410Params = new P11AttrGostR3410Params(osobject,P11Attribute::ck4|P11Attribute::ck6);
1332 P11Attribute* attrGostR3411Params = new P11AttrGostR3411Params(osobject,P11Attribute::ck4|P11Attribute::ck6);
1333 P11Attribute* attrGost28147Params = new P11AttrGost28147Params(osobject,P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck8);
1335 // Initialize the attributes
1338 !attrValue->init() ||
1339 !attrGostR3410Params->init() ||
1340 !attrGostR3411Params->init() ||
1341 !attrGost28147Params->init()
1344 ERROR_MSG("Could not initialize the attribute");
1346 delete attrGostR3410Params;
1347 delete attrGostR3411Params;
1348 delete attrGost28147Params;
1352 // Add them to the map
1353 attributes[attrValue->getType()] = attrValue;
1354 attributes[attrGostR3410Params->getType()] = attrGostR3410Params;
1355 attributes[attrGostR3411Params->getType()] = attrGostR3411Params;
1356 attributes[attrGost28147Params->getType()] = attrGost28147Params;
1363 P11SecretKeyObj::P11SecretKeyObj()
1365 initialized = false;
1369 bool P11SecretKeyObj::init(OSObject *inobject)
1371 if (initialized) return true;
1372 if (inobject == NULL) return false;
1374 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_SECRET_KEY) {
1375 OSAttribute setClass((unsigned long)CKO_SECRET_KEY);
1376 inobject->setAttribute(CKA_CLASS, setClass);
1380 if (!P11KeyObj::init(inobject)) return false;
1382 // Create attributes
1383 P11Attribute* attrSensitive = new P11AttrSensitive(osobject);
1384 P11Attribute* attrEncrypt = new P11AttrEncrypt(osobject);
1385 P11Attribute* attrDecrypt = new P11AttrDecrypt(osobject);
1386 P11Attribute* attrSign = new P11AttrSign(osobject);
1387 P11Attribute* attrVerify = new P11AttrVerify(osobject);
1388 P11Attribute* attrWrap = new P11AttrWrap(osobject);
1389 P11Attribute* attrUnwrap = new P11AttrUnwrap(osobject);
1390 P11Attribute* attrExtractable = new P11AttrExtractable(osobject);
1391 P11Attribute* attrAlwaysSensitive = new P11AttrAlwaysSensitive(osobject);
1392 P11Attribute* attrNeverExtractable = new P11AttrNeverExtractable(osobject);
1393 P11Attribute* attrCheckValue = new P11AttrCheckValue(osobject, P11Attribute::ck8);
1394 P11Attribute* attrWrapWithTrusted = new P11AttrWrapWithTrusted(osobject);
1395 P11Attribute* attrTrusted = new P11AttrTrusted(osobject);
1396 P11Attribute* attrWrapTemplate = new P11AttrWrapTemplate(osobject);
1397 P11Attribute* attrUnwrapTemplate = new P11AttrUnwrapTemplate(osobject);
1399 // Initialize the attributes
1402 !attrSensitive->init() ||
1403 !attrEncrypt->init() ||
1404 !attrDecrypt->init() ||
1405 !attrSign->init() ||
1406 !attrVerify->init() ||
1407 !attrWrap->init() ||
1408 !attrUnwrap->init() ||
1409 !attrExtractable->init() ||
1410 !attrAlwaysSensitive->init() ||
1411 !attrNeverExtractable->init() ||
1412 !attrCheckValue->init() ||
1413 !attrWrapWithTrusted->init() ||
1414 !attrTrusted->init() ||
1415 !attrWrapTemplate->init() ||
1416 !attrUnwrapTemplate->init()
1419 ERROR_MSG("Could not initialize the attribute");
1420 delete attrSensitive;
1427 delete attrExtractable;
1428 delete attrAlwaysSensitive;
1429 delete attrNeverExtractable;
1430 delete attrCheckValue;
1431 delete attrWrapWithTrusted;
1433 delete attrWrapTemplate;
1434 delete attrUnwrapTemplate;
1438 // Add them to the map
1439 attributes[attrSensitive->getType()] = attrSensitive;
1440 attributes[attrEncrypt->getType()] = attrEncrypt;
1441 attributes[attrDecrypt->getType()] = attrDecrypt;
1442 attributes[attrSign->getType()] = attrSign;
1443 attributes[attrVerify->getType()] = attrVerify;
1444 attributes[attrWrap->getType()] = attrWrap;
1445 attributes[attrUnwrap->getType()] = attrUnwrap;
1446 attributes[attrExtractable->getType()] = attrExtractable;
1447 attributes[attrAlwaysSensitive->getType()] = attrAlwaysSensitive;
1448 attributes[attrNeverExtractable->getType()] = attrNeverExtractable;
1449 attributes[attrCheckValue->getType()] = attrCheckValue;
1450 attributes[attrWrapWithTrusted->getType()] = attrWrapWithTrusted;
1451 attributes[attrTrusted->getType()] = attrTrusted;
1452 attributes[attrWrapTemplate->getType()] = attrWrapTemplate;
1453 attributes[attrUnwrapTemplate->getType()] = attrUnwrapTemplate;
1460 P11GenericSecretKeyObj::P11GenericSecretKeyObj()
1462 initialized = false;
1463 keytype = CKK_VENDOR_DEFINED;
1467 bool P11GenericSecretKeyObj::init(OSObject *inobject)
1469 if (initialized) return true;
1470 if (inobject == NULL) return false;
1472 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != keytype) {
1473 OSAttribute setKeyType(keytype);
1474 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1478 if (!P11SecretKeyObj::init(inobject)) return false;
1480 // Create attributes
1481 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1482 P11Attribute* attrValueLen = new P11AttrValueLen(osobject);
1484 // Initialize the attributes
1487 !attrValue->init() ||
1488 !attrValueLen->init()
1491 ERROR_MSG("Could not initialize the attribute");
1493 delete attrValueLen;
1497 // Add them to the map
1498 attributes[attrValue->getType()] = attrValue;
1499 attributes[attrValueLen->getType()] = attrValueLen;
1506 bool P11GenericSecretKeyObj::setKeyType(CK_KEY_TYPE inKeytype)
1510 keytype = inKeytype;
1518 CK_KEY_TYPE P11GenericSecretKeyObj::getKeyType()
1524 P11AESSecretKeyObj::P11AESSecretKeyObj()
1526 initialized = false;
1530 bool P11AESSecretKeyObj::init(OSObject *inobject)
1532 if (initialized) return true;
1533 if (inobject == NULL) return false;
1535 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_AES) {
1536 OSAttribute setKeyType((unsigned long)CKK_AES);
1537 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1541 if (!P11SecretKeyObj::init(inobject)) return false;
1543 // Create attributes
1544 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1545 P11Attribute* attrValueLen = new P11AttrValueLen(osobject,P11Attribute::ck6);
1547 // Initialize the attributes
1550 !attrValue->init() ||
1551 !attrValueLen->init()
1554 ERROR_MSG("Could not initialize the attribute");
1556 delete attrValueLen;
1560 // Add them to the map
1561 attributes[attrValue->getType()] = attrValue;
1562 attributes[attrValueLen->getType()] = attrValueLen;
1569 P11DESSecretKeyObj::P11DESSecretKeyObj()
1571 initialized = false;
1572 keytype = CKK_VENDOR_DEFINED;
1576 bool P11DESSecretKeyObj::init(OSObject *inobject)
1578 if (initialized) return true;
1579 if (inobject == NULL) return false;
1581 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != keytype) {
1582 OSAttribute setKeyType(keytype);
1583 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1587 if (!P11SecretKeyObj::init(inobject)) return false;
1589 // Create attributes
1590 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1592 // Initialize the attributes
1593 if (!attrValue->init())
1595 ERROR_MSG("Could not initialize the attribute");
1600 // Add them to the map
1601 attributes[attrValue->getType()] = attrValue;
1608 bool P11DESSecretKeyObj::setKeyType(CK_KEY_TYPE inKeytype)
1612 keytype = inKeytype;
1620 CK_KEY_TYPE P11DESSecretKeyObj::getKeyType()
1626 P11GOSTSecretKeyObj::P11GOSTSecretKeyObj()
1628 initialized = false;
1632 bool P11GOSTSecretKeyObj::init(OSObject *inobject)
1634 if (initialized) return true;
1635 if (inobject == NULL) return false;
1637 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_GOST28147) {
1638 OSAttribute setKeyType((unsigned long)CKK_GOST28147);
1639 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1643 if (!P11SecretKeyObj::init(inobject)) return false;
1645 // Create attributes
1646 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1647 P11Attribute* attrGost28147Params = new P11AttrGost28147Params(osobject,P11Attribute::ck1|P11Attribute::ck3|P11Attribute::ck5);
1649 // Initialize the attributes
1652 !attrValue->init() ||
1653 !attrGost28147Params->init()
1656 ERROR_MSG("Could not initialize the attribute");
1658 delete attrGost28147Params;
1662 // Add them to the map
1663 attributes[attrValue->getType()] = attrValue;
1664 attributes[attrGost28147Params->getType()] = attrGost28147Params;
1671 P11DomainObj::P11DomainObj()
1673 initialized = false;
1677 bool P11DomainObj::init(OSObject *inobject)
1679 if (initialized) return true;
1680 if (inobject == NULL) return false;
1682 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_DOMAIN_PARAMETERS) {
1683 OSAttribute setClass((unsigned long)CKO_DOMAIN_PARAMETERS);
1684 inobject->setAttribute(CKA_CLASS, setClass);
1688 if (!P11Object::init(inobject)) return false;
1690 // Create attributes
1691 P11Attribute* attrKeyType = new P11AttrKeyType(osobject);
1692 P11Attribute* attrLocal = new P11AttrLocal(osobject);
1694 // Initialize the attributes
1697 !attrKeyType->init() ||
1701 ERROR_MSG("Could not initialize the attribute");
1707 // Add them to the map
1708 attributes[attrKeyType->getType()] = attrKeyType;
1709 attributes[attrLocal->getType()] = attrLocal;
1716 P11DSADomainObj::P11DSADomainObj()
1718 initialized = false;
1722 bool P11DSADomainObj::init(OSObject *inobject)
1724 if (initialized) return true;
1725 if (inobject == NULL) return false;
1727 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DSA) {
1728 OSAttribute setKeyType((unsigned long)CKK_DSA);
1729 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1733 if (!P11DomainObj::init(inobject)) return false;
1735 // Create attributes
1736 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4);
1737 P11Attribute* attrSubPrime = new P11AttrSubPrime(osobject,P11Attribute::ck4);
1738 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4);
1739 P11Attribute* attrPrimeBits = new P11AttrPrimeBits(osobject);
1741 // Initialize the attributes
1744 !attrPrime->init() ||
1745 !attrSubPrime->init() ||
1746 !attrBase->init() ||
1747 !attrPrimeBits->init()
1750 ERROR_MSG("Could not initialize the attribute");
1752 delete attrSubPrime;
1754 delete attrPrimeBits;
1758 // Add them to the map
1759 attributes[attrPrime->getType()] = attrPrime;
1760 attributes[attrSubPrime->getType()] = attrSubPrime;
1761 attributes[attrBase->getType()] = attrBase;
1762 attributes[attrPrimeBits->getType()] = attrPrimeBits;
1769 P11DHDomainObj::P11DHDomainObj()
1771 initialized = false;
1775 bool P11DHDomainObj::init(OSObject *inobject)
1777 if (initialized) return true;
1778 if (inobject == NULL) return false;
1780 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DH) {
1781 OSAttribute setKeyType((unsigned long)CKK_DH);
1782 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1786 if (!P11DomainObj::init(inobject)) return false;
1788 // Create attributes
1789 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4);
1790 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4);
1791 P11Attribute* attrPrimeBits = new P11AttrPrimeBits(osobject);
1793 // Initialize the attributes
1796 !attrPrime->init() ||
1797 !attrBase->init() ||
1798 !attrPrimeBits->init()
1801 ERROR_MSG("Could not initialize the attribute");
1804 delete attrPrimeBits;
1808 // Add them to the map
1809 attributes[attrPrime->getType()] = attrPrime;
1810 attributes[attrBase->getType()] = attrBase;
1811 attributes[attrPrimeBits->getType()] = attrPrimeBits;
Code Review / aaf / sshsm.git / blob