2 * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
18 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
20 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
21 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
22 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
23 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
24 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 /*****************************************************************************
30 This class respresent a PKCS#11 object
31 *****************************************************************************/
34 #include "P11Objects.h"
39 P11Object::P11Object()
46 P11Object::~P11Object()
48 std::map<CK_ATTRIBUTE_TYPE, P11Attribute*> cleanUp = attributes;
51 for (std::map<CK_ATTRIBUTE_TYPE, P11Attribute*>::iterator i = cleanUp.begin(); i != cleanUp.end(); i++)
53 if (i->second == NULL)
64 bool P11Object::init(OSObject *inobject)
66 if (initialized) return true;
67 if (inobject == NULL) return false;
72 P11Attribute* attrClass = new P11AttrClass(osobject);
73 P11Attribute* attrToken = new P11AttrToken(osobject);
74 P11Attribute* attrPrivate = new P11AttrPrivate(osobject);
75 P11Attribute* attrModifiable = new P11AttrModifiable(osobject);
76 P11Attribute* attrLabel = new P11AttrLabel(osobject);
77 P11Attribute* attrCopyable = new P11AttrCopyable(osobject);
78 P11Attribute* attrDestroyable = new P11AttrDestroyable(osobject);
80 // Initialize the attributes
85 !attrPrivate->init() ||
86 !attrModifiable->init() ||
88 !attrCopyable->init() ||
89 !attrDestroyable->init()
92 ERROR_MSG("Could not initialize the attribute");
96 delete attrModifiable;
99 delete attrDestroyable;
103 // Add them to the map
104 attributes[attrClass->getType()] = attrClass;
105 attributes[attrToken->getType()] = attrToken;
106 attributes[attrPrivate->getType()] = attrPrivate;
107 attributes[attrModifiable->getType()] = attrModifiable;
108 attributes[attrLabel->getType()] = attrLabel;
109 attributes[attrCopyable->getType()] = attrCopyable;
110 attributes[attrDestroyable->getType()] = attrDestroyable;
116 CK_RV P11Object::loadTemplate(Token *token, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount)
118 bool isPrivate = this->isPrivate();
120 // [PKCS#11 v2.40, C_GetAttributeValue]
121 // 1. If the specified attribute (i.e., the attribute specified by the
122 // type field) for the object cannot be revealed because the object
123 // is sensitive or unextractable, then the ulValueLen field in that
124 // triple is modified to hold the value CK_UNAVAILABLE_INFORMATION.
126 // 2. Otherwise, if the specified value for the object is invalid (the
127 // object does not possess such an attribute), then the ulValueLen
128 // field in that triple is modified to hold the value
129 // CK_UNAVAILABLE_INFORMATION.
131 // 3. Otherwise, if the pValue field has the value NULL_PTR, then the
132 // ulValueLen field is modified to hold the exact length of the
133 // specified attribute for the object.
135 // 4. Otherwise, if the length specified in ulValueLen is large enough
136 // to hold the value of the specified attribute for the object,
137 // then that attribute is copied into the buffer located at pValue,
138 // and the ulValueLen field is modified to hold the exact length of
141 // 5. Otherwise, the ulValueLen field is modified to hold the value
142 // CK_UNAVAILABLE_INFORMATION.
144 bool invalid = false, sensitive = false, buffer_too_small = false;
146 // If case 3 or 4 applies to all the requested attributes, then the call will return CKR_OK.
147 for (CK_ULONG i = 0; i < ulAttributeCount; ++i)
149 P11Attribute* attr = attributes[pTemplate[i].type];
151 // case 2 of the attribute checks
153 pTemplate[i].ulValueLen = CK_UNAVAILABLE_INFORMATION;
154 // If case 2 applies to any of the requested attributes, then the call should
155 // return the value CKR_ATTRIBUTE_TYPE_INVALID.
160 // case 1,3,4 and 5 of the attribute checks are done while retrieving the attribute itself.
161 CK_RV retrieve_rv = attr->retrieve(token, isPrivate, pTemplate[i].pValue, &pTemplate[i].ulValueLen);
162 if (retrieve_rv == CKR_ATTRIBUTE_SENSITIVE) {
163 // If case 1 applies to any of the requested attributes, then the call should
164 // return the value CKR_ATTRIBUTE_SENSITIVE.
166 } else if (retrieve_rv == CKR_BUFFER_TOO_SMALL) {
167 // If case 5 applies to any of the requested attributes, then the call should
168 // return the value CKR_BUFFER_TOO_SMALL.
169 buffer_too_small = true;
170 } else if (retrieve_rv != CKR_OK) {
171 return CKR_GENERAL_ERROR;
176 // As usual if more than one of these error codes is applicable, Cryptoki may
177 // return any of them. Only if none of them applies to any of the requested
178 // attributes will CKR_OK be returned. We choose to return the errors in
179 // the following priority, which is probably the most useful order.
181 return CKR_ATTRIBUTE_SENSITIVE;
183 return CKR_ATTRIBUTE_TYPE_INVALID;
184 if (buffer_too_small)
185 return CKR_BUFFER_TOO_SMALL;
190 CK_RV P11Object::saveTemplate(Token *token, bool isPrivate, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, int op)
192 if (osobject == NULL)
193 return CKR_GENERAL_ERROR;
194 if (osobject->startTransaction() == false)
195 return CKR_GENERAL_ERROR;
197 if (op == OBJECT_OP_SET)
201 osobject->abortTransaction();
202 return CKR_ACTION_PROHIBITED;
206 // [PKCS#11 v2.40, 4.1.3 Copying objects] OBJECT_OP_COPY
207 // If the CKA_COPYABLE attribute of the object to be copied is set
208 // to CK_FALSE, C_CopyObject returns CKR_ACTION_PROHIBITED.
209 if (op == OBJECT_OP_COPY)
213 osobject->abortTransaction();
214 return CKR_ACTION_PROHIBITED;
218 for (CK_ULONG i = 0; i < ulAttributeCount; i++)
220 // [PKCS#11 v2.40, 4.1.1 Creating objects] OBJECT_OP_CREATE | OBJECT_OP_SET | OBJECT_OP_COPY
221 // 1. If the supplied template specifies a value for an invalid attribute, then the attempt
222 // should fail with the error code CKR_ATTRIBUTE_TYPE_INVALID. An attribute
223 // is valid if it is either one of the attributes described in the Cryptoki specification or an
224 // additional vendor-specific attribute supported by the library and token.
225 P11Attribute* attr = attributes[pTemplate[i].type];
229 osobject->abortTransaction();
230 return CKR_ATTRIBUTE_TYPE_INVALID;
233 // Additonal checks are done while updating the attributes themselves.
234 CK_RV rv = attr->update(token,isPrivate, pTemplate[i].pValue, pTemplate[i].ulValueLen, op);
237 osobject->abortTransaction();
242 // [PKCS#11 v2.40, 4.1.1 Creating objects]
243 // 4. If the attribute values in the supplied template, together with any default attribute
244 // values and any attribute values contributed to the object by the object-creation
245 // function itself, are insufficient to fully specify the object to create, then the attempt
246 // should fail with the error code CKR_TEMPLATE_INCOMPLETE.
248 // All attributes that have to be specified are marked as such in the specification.
249 // The following checks are relevant here:
250 for (std::map<CK_ATTRIBUTE_TYPE, P11Attribute*>::iterator i = attributes.begin(); i != attributes.end(); i++)
252 CK_ULONG checks = i->second->getChecks();
254 // ck1 MUST be specified when object is created with C_CreateObject.
255 // ck3 MUST be specified when object is generated with C_GenerateKey or C_GenerateKeyPair.
256 // ck5 MUST be specified when object is unwrapped with C_UnwrapKey.
257 if (((checks & P11Attribute::ck1) == P11Attribute::ck1 && op == OBJECT_OP_CREATE) ||
258 ((checks & P11Attribute::ck3) == P11Attribute::ck3 && op == OBJECT_OP_GENERATE) ||
259 ((checks & P11Attribute::ck5) == P11Attribute::ck5 && op == OBJECT_OP_UNWRAP))
261 bool isSpecified = false;
263 for (CK_ULONG n = 0; n < ulAttributeCount; n++)
265 if (i->first == pTemplate[n].type)
274 ERROR_MSG("Mandatory attribute (0x%08X) was not specified in template", (unsigned int)i->first);
276 return CKR_TEMPLATE_INCOMPLETE;
281 // [PKCS#11 v2.40, 4.1.1 Creating objects]
282 // 5. If the attribute values in the supplied template, together with any default attribute
283 // values and any attribute values contributed to the object by the object-creation
284 // function itself, are inconsistent, then the attempt should fail with the error code
285 // CKR_TEMPLATE_INCONSISTENT. A set of attribute values is inconsistent if not
286 // all of its members can be satisfied simultaneously by the token, although each value
287 // individually is valid in Cryptoki. One example of an inconsistent template would be
288 // using a template which specifies two different values for the same attribute. Another
289 // example would be trying to create a secret key object with an attribute which is
290 // appropriate for various types of public keys or private keys, but not for secret keys.
291 // A final example would be a template with an attribute that violates some token
292 // specific requirement. Note that this final example of an inconsistent template is
293 // token-dependent—on a different token, such a template might not be inconsistent.
295 if (osobject->commitTransaction() == false)
297 return CKR_GENERAL_ERROR;
303 bool P11Object::isPrivate()
305 // Get the CKA_PRIVATE attribute, when the attribute is
306 // not present return the default value which we have
307 // chosen to be CK_FALSE.
308 if (!osobject->attributeExists(CKA_PRIVATE)) return false;
310 return osobject->getBooleanValue(CKA_PRIVATE, false);
313 bool P11Object::isCopyable()
315 // Get the CKA_COPYABLE attribute, when the attribute is not
316 // present return the default value which is CK_TRUE.
317 if (!osobject->attributeExists(CKA_COPYABLE)) return true;
319 return osobject->getBooleanValue(CKA_COPYABLE, true);
322 bool P11Object::isModifiable()
324 // Get the CKA_MODIFIABLE attribute, when the attribute is
325 // not present return the default value which is CK_TRUE.
326 if (!osobject->attributeExists(CKA_MODIFIABLE)) return true;
328 return osobject->getBooleanValue(CKA_MODIFIABLE, true);
332 P11DataObj::P11DataObj()
338 bool P11DataObj::init(OSObject *inobject)
340 if (initialized) return true;
341 if (inobject == NULL) return false;
343 // Set default values for attributes that will be introduced in the parent
344 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_DATA) {
345 OSAttribute setClass((unsigned long)CKO_DATA);
346 inobject->setAttribute(CKA_CLASS, setClass);
350 if (!P11Object::init(inobject)) return false;
353 P11Attribute* attrApplication = new P11AttrApplication(osobject);
354 P11Attribute* attrObjectID = new P11AttrObjectID(osobject);
355 // NOTE: There is no mention in the PKCS#11 v2.40 spec that for a Data
356 // Object the CKA_VALUE attribute may be modified after creation!
357 // Therefore we assume it is not allowed to change the CKA_VALUE
358 // attribute of a Data Object.
359 P11Attribute* attrValue = new P11AttrValue(osobject,0);
361 // Initialize the attributes
364 !attrApplication->init() ||
365 !attrObjectID->init() ||
369 ERROR_MSG("Could not initialize the attribute");
370 delete attrApplication;
376 // Add them to the map
377 attributes[attrApplication->getType()] = attrApplication;
378 attributes[attrObjectID->getType()] = attrObjectID;
379 attributes[attrValue->getType()] = attrValue;
386 P11CertificateObj::P11CertificateObj()
392 bool P11CertificateObj::init(OSObject *inobject)
394 if (initialized) return true;
395 if (inobject == NULL) return false;
397 // Set default values for attributes that will be introduced in the parent
398 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_CERTIFICATE) {
399 OSAttribute setClass((unsigned long)CKO_CERTIFICATE);
400 inobject->setAttribute(CKA_CLASS, setClass);
402 // Make certificates public
403 if (!inobject->attributeExists(CKA_PRIVATE)) {
404 OSAttribute setPrivate(false);
405 inobject->setAttribute(CKA_PRIVATE, setPrivate);
409 if (!P11Object::init(inobject)) return false;
412 P11Attribute* attrCertificateType = new P11AttrCertificateType(osobject);
413 P11Attribute* attrTrusted = new P11AttrTrusted(osobject);
414 P11Attribute* attrCertificateCategory = new P11AttrCertificateCategory(osobject);
415 // NOTE: Because these attributes are used in a certificate object
416 // where the CKA_VALUE containing the certificate data is not
417 // modifiable, we assume that this attribute is also not modifiable.
418 // There is also no explicit mention of these attributes being modifiable.
419 P11Attribute* attrCheckValue = new P11AttrCheckValue(osobject, 0);
420 P11Attribute* attrStartDate = new P11AttrStartDate(osobject,0);
421 P11Attribute* attrEndDate = new P11AttrEndDate(osobject,0);
422 // TODO: CKA_PUBLIC_KEY_INFO is accepted, but we do not calculate it.
423 P11Attribute* attrPublicKeyInfo = new P11AttrPublicKeyInfo(osobject,0);
425 // Initialize the attributes
428 !attrCertificateType->init() ||
429 !attrTrusted->init() ||
430 !attrCertificateCategory->init() ||
431 !attrCheckValue->init() ||
432 !attrStartDate->init() ||
433 !attrEndDate->init() ||
434 !attrPublicKeyInfo->init()
437 ERROR_MSG("Could not initialize the attribute");
438 delete attrCertificateType;
440 delete attrCertificateCategory;
441 delete attrCheckValue;
442 delete attrStartDate;
444 delete attrPublicKeyInfo;
448 // Add them to the map
449 attributes[attrCertificateType->getType()] = attrCertificateType;
450 attributes[attrTrusted->getType()] = attrTrusted;
451 attributes[attrCertificateCategory->getType()] = attrCertificateCategory;
452 attributes[attrCheckValue->getType()] = attrCheckValue;
453 attributes[attrStartDate->getType()] = attrStartDate;
454 attributes[attrEndDate->getType()] = attrEndDate;
455 attributes[attrPublicKeyInfo->getType()] = attrPublicKeyInfo;
462 P11X509CertificateObj::P11X509CertificateObj()
468 bool P11X509CertificateObj::init(OSObject *inobject)
470 if (initialized) return true;
471 if (inobject == NULL) return false;
473 // Set default values for attributes that will be introduced in the parent
474 if (!inobject->attributeExists(CKA_CERTIFICATE_TYPE) || inobject->getUnsignedLongValue(CKA_CERTIFICATE_TYPE, CKC_VENDOR_DEFINED) != CKC_X_509) {
475 OSAttribute setCertType((unsigned long)CKC_X_509);
476 inobject->setAttribute(CKA_CERTIFICATE_TYPE, setCertType);
480 if (!P11CertificateObj::init(inobject)) return false;
483 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck1);
484 P11Attribute* attrID = new P11AttrID(osobject);
485 P11Attribute* attrIssuer = new P11AttrIssuer(osobject);
486 P11Attribute* attrSerialNumber = new P11AttrSerialNumber(osobject);
487 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck14);
488 P11Attribute* attrURL = new P11AttrURL(osobject);
489 P11Attribute* attrHashOfSubjectPublicKey = new P11AttrHashOfSubjectPublicKey(osobject);
490 P11Attribute* attrHashOfIssuerPublicKey = new P11AttrHashOfIssuerPublicKey(osobject);
491 P11Attribute* attrJavaMidpSecurityDomain = new P11AttrJavaMidpSecurityDomain(osobject);
492 P11Attribute* attrNameHashAlgorithm = new P11AttrNameHashAlgorithm(osobject);
494 // Initialize the attributes
497 !attrSubject->init() ||
499 !attrIssuer->init() ||
500 !attrSerialNumber->init() ||
501 !attrValue->init() ||
503 !attrHashOfSubjectPublicKey->init() ||
504 !attrHashOfIssuerPublicKey->init() ||
505 !attrJavaMidpSecurityDomain->init() ||
506 !attrNameHashAlgorithm->init()
509 ERROR_MSG("Could not initialize the attribute");
513 delete attrSerialNumber;
516 delete attrHashOfSubjectPublicKey;
517 delete attrHashOfIssuerPublicKey;
518 delete attrJavaMidpSecurityDomain;
519 delete attrNameHashAlgorithm;
523 // Add them to the map
524 attributes[attrSubject->getType()] = attrSubject;
525 attributes[attrID->getType()] = attrID;
526 attributes[attrIssuer->getType()] = attrIssuer;
527 attributes[attrSerialNumber->getType()] = attrSerialNumber;
528 attributes[attrValue->getType()] = attrValue;
529 attributes[attrURL->getType()] = attrURL;
530 attributes[attrHashOfSubjectPublicKey->getType()] = attrHashOfSubjectPublicKey;
531 attributes[attrHashOfIssuerPublicKey->getType()] = attrHashOfIssuerPublicKey;
532 attributes[attrJavaMidpSecurityDomain->getType()] = attrJavaMidpSecurityDomain;
533 attributes[attrNameHashAlgorithm->getType()] = attrNameHashAlgorithm;
539 P11OpenPGPPublicKeyObj::P11OpenPGPPublicKeyObj()
545 bool P11OpenPGPPublicKeyObj::init(OSObject *inobject)
547 if (initialized) return true;
548 if (inobject == NULL) return false;
550 // Set default values for attributes that will be introduced in the parent
551 if (!inobject->attributeExists(CKA_CERTIFICATE_TYPE) || inobject->getUnsignedLongValue(CKA_CERTIFICATE_TYPE, CKC_VENDOR_DEFINED) != CKC_OPENPGP) {
552 OSAttribute setCertType((unsigned long)CKC_OPENPGP);
553 inobject->setAttribute(CKA_CERTIFICATE_TYPE, setCertType);
557 if (!P11CertificateObj::init(inobject)) return false;
560 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck1);
561 P11Attribute* attrID = new P11AttrID(osobject);
562 P11Attribute* attrIssuer = new P11AttrIssuer(osobject);
563 P11Attribute* attrSerialNumber = new P11AttrSerialNumber(osobject);
564 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck14);
565 P11Attribute* attrURL = new P11AttrURL(osobject);
567 // Initialize the attributes
570 !attrSubject->init() ||
572 !attrIssuer->init() ||
573 !attrSerialNumber->init() ||
574 !attrValue->init() ||
578 ERROR_MSG("Could not initialize the attribute");
582 delete attrSerialNumber;
588 // Add them to the map
589 attributes[attrSubject->getType()] = attrSubject;
590 attributes[attrID->getType()] = attrID;
591 attributes[attrIssuer->getType()] = attrIssuer;
592 attributes[attrSerialNumber->getType()] = attrSerialNumber;
593 attributes[attrValue->getType()] = attrValue;
594 attributes[attrURL->getType()] = attrURL;
600 P11KeyObj::P11KeyObj()
606 bool P11KeyObj::init(OSObject *inobject)
608 if (initialized) return true;
609 if (inobject == NULL) return false;
612 if (!P11Object::init(inobject)) return false;
615 P11Attribute* attrKeyType = new P11AttrKeyType(osobject,P11Attribute::ck5);
616 P11Attribute* attrID = new P11AttrID(osobject);
617 P11Attribute* attrStartDate = new P11AttrStartDate(osobject,P11Attribute::ck8);
618 P11Attribute* attrEndDate = new P11AttrEndDate(osobject,P11Attribute::ck8);
619 P11Attribute* attrDerive = new P11AttrDerive(osobject);
620 P11Attribute* attrLocal = new P11AttrLocal(osobject,P11Attribute::ck6);
621 P11Attribute* attrKeyGenMechanism = new P11AttrKeyGenMechanism(osobject);
622 P11Attribute* attrAllowedMechanisms = new P11AttrAllowedMechanisms(osobject);
624 // Initialize the attributes
627 !attrKeyType->init() ||
629 !attrStartDate->init() ||
630 !attrEndDate->init() ||
631 !attrDerive->init() ||
632 !attrLocal->init() ||
633 !attrKeyGenMechanism->init() ||
634 !attrAllowedMechanisms->init()
637 ERROR_MSG("Could not initialize the attribute");
640 delete attrStartDate;
644 delete attrKeyGenMechanism;
645 delete attrAllowedMechanisms;
649 // Add them to the map
650 attributes[attrKeyType->getType()] = attrKeyType;
651 attributes[attrID->getType()] = attrID;
652 attributes[attrStartDate->getType()] = attrStartDate;
653 attributes[attrEndDate->getType()] = attrEndDate;
654 attributes[attrDerive->getType()] = attrDerive;
655 attributes[attrLocal->getType()] = attrLocal;
656 attributes[attrKeyGenMechanism->getType()] = attrKeyGenMechanism;
657 attributes[attrAllowedMechanisms->getType()] = attrAllowedMechanisms;
664 P11PublicKeyObj::P11PublicKeyObj()
670 bool P11PublicKeyObj::init(OSObject *inobject)
672 if (initialized) return true;
673 if (inobject == NULL) return false;
675 // Set default values for attributes that will be introduced in the parent
676 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_PUBLIC_KEY) {
677 OSAttribute setClass((unsigned long)CKO_PUBLIC_KEY);
678 inobject->setAttribute(CKA_CLASS, setClass);
680 // Make public keys public
681 if (!inobject->attributeExists(CKA_PRIVATE)) {
682 OSAttribute setPrivate(false);
683 inobject->setAttribute(CKA_PRIVATE, setPrivate);
687 if (!P11KeyObj::init(inobject)) return false;
689 if (initialized) return true;
692 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck8);
693 P11Attribute* attrEncrypt = new P11AttrEncrypt(osobject);
694 P11Attribute* attrVerify = new P11AttrVerify(osobject);
695 P11Attribute* attrVerifyRecover = new P11AttrVerifyRecover(osobject);
696 P11Attribute* attrWrap = new P11AttrWrap(osobject);
697 P11Attribute* attrTrusted = new P11AttrTrusted(osobject);
698 P11Attribute* attrWrapTemplate = new P11AttrWrapTemplate(osobject);
699 // TODO: CKA_PUBLIC_KEY_INFO is accepted, but we do not calculate it
700 P11Attribute* attrPublicKeyInfo = new P11AttrPublicKeyInfo(osobject,0);
702 // Initialize the attributes
705 !attrSubject->init() ||
706 !attrEncrypt->init() ||
707 !attrVerify->init() ||
708 !attrVerifyRecover->init() ||
710 !attrTrusted->init() ||
711 !attrWrapTemplate->init() ||
712 !attrPublicKeyInfo->init()
715 ERROR_MSG("Could not initialize the attribute");
719 delete attrVerifyRecover;
722 delete attrWrapTemplate;
723 delete attrPublicKeyInfo;
727 // Add them to the map
728 attributes[attrSubject->getType()] = attrSubject;
729 attributes[attrEncrypt->getType()] = attrEncrypt;
730 attributes[attrVerify->getType()] = attrVerify;
731 attributes[attrVerifyRecover->getType()] = attrVerifyRecover;
732 attributes[attrWrap->getType()] = attrWrap;
733 attributes[attrTrusted->getType()] = attrTrusted;
734 attributes[attrWrapTemplate->getType()] = attrWrapTemplate;
735 attributes[attrPublicKeyInfo->getType()] = attrPublicKeyInfo;
742 P11RSAPublicKeyObj::P11RSAPublicKeyObj()
748 bool P11RSAPublicKeyObj::init(OSObject *inobject)
750 if (initialized) return true;
751 if (inobject == NULL) return false;
753 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_RSA) {
754 OSAttribute setKeyType((unsigned long)CKK_RSA);
755 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
759 if (!P11PublicKeyObj::init(inobject)) return false;
762 P11Attribute* attrModulus = new P11AttrModulus(osobject);
763 P11Attribute* attrModulusBits = new P11AttrModulusBits(osobject);
764 P11Attribute* attrPublicExponent = new P11AttrPublicExponent(osobject,P11Attribute::ck1);
766 // Initialize the attributes
769 !attrModulus->init() ||
770 !attrModulusBits->init() ||
771 !attrPublicExponent->init()
774 ERROR_MSG("Could not initialize the attribute");
776 delete attrModulusBits;
777 delete attrPublicExponent;
781 // Add them to the map
782 attributes[attrModulus->getType()] = attrModulus;
783 attributes[attrModulusBits->getType()] = attrModulusBits;
784 attributes[attrPublicExponent->getType()] = attrPublicExponent;
791 P11DSAPublicKeyObj::P11DSAPublicKeyObj()
797 bool P11DSAPublicKeyObj::init(OSObject *inobject)
799 if (initialized) return true;
800 if (inobject == NULL) return false;
802 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DSA) {
803 OSAttribute setKeyType((unsigned long)CKK_DSA);
804 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
808 if (!P11PublicKeyObj::init(inobject)) return false;
811 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck3);
812 P11Attribute* attrSubPrime = new P11AttrSubPrime(osobject,P11Attribute::ck3);
813 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck3);
814 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4);
816 // Initialize the attributes
819 !attrPrime->init() ||
820 !attrSubPrime->init() ||
825 ERROR_MSG("Could not initialize the attribute");
833 // Add them to the map
834 attributes[attrPrime->getType()] = attrPrime;
835 attributes[attrSubPrime->getType()] = attrSubPrime;
836 attributes[attrBase->getType()] = attrBase;
837 attributes[attrValue->getType()] = attrValue;
844 P11ECPublicKeyObj::P11ECPublicKeyObj()
850 bool P11ECPublicKeyObj::init(OSObject *inobject)
852 if (initialized) return true;
853 if (inobject == NULL) return false;
855 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_EC) {
856 OSAttribute setKeyType((unsigned long)CKK_EC);
857 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
861 if (!P11PublicKeyObj::init(inobject)) return false;
864 P11Attribute* attrEcParams = new P11AttrEcParams(osobject,P11Attribute::ck3);
865 P11Attribute* attrEcPoint = new P11AttrEcPoint(osobject);
867 // Initialize the attributes
870 !attrEcParams->init() ||
874 ERROR_MSG("Could not initialize the attribute");
880 // Add them to the map
881 attributes[attrEcParams->getType()] = attrEcParams;
882 attributes[attrEcPoint->getType()] = attrEcPoint;
889 P11DHPublicKeyObj::P11DHPublicKeyObj()
895 bool P11DHPublicKeyObj::init(OSObject *inobject)
897 if (initialized) return true;
898 if (inobject == NULL) return false;
900 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DH) {
901 OSAttribute setKeyType((unsigned long)CKK_DH);
902 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
906 if (!P11PublicKeyObj::init(inobject)) return false;
909 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck3);
910 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck3);
911 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4);
913 // Initialize the attributes
916 !attrPrime->init() ||
921 ERROR_MSG("Could not initialize the attribute");
928 // Add them to the map
929 attributes[attrPrime->getType()] = attrPrime;
930 attributes[attrBase->getType()] = attrBase;
931 attributes[attrValue->getType()] = attrValue;
938 P11GOSTPublicKeyObj::P11GOSTPublicKeyObj()
944 bool P11GOSTPublicKeyObj::init(OSObject *inobject)
946 if (initialized) return true;
947 if (inobject == NULL) return false;
949 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_GOSTR3410) {
950 OSAttribute setKeyType((unsigned long)CKK_GOSTR3410);
951 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
955 if (!P11PublicKeyObj::init(inobject)) return false;
958 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4);
959 P11Attribute* attrGostR3410Params = new P11AttrGostR3410Params(osobject,P11Attribute::ck3);
960 P11Attribute* attrGostR3411Params = new P11AttrGostR3411Params(osobject,P11Attribute::ck3);
961 P11Attribute* attrGost28147Params = new P11AttrGost28147Params(osobject,P11Attribute::ck8);
963 // Initialize the attributes
966 !attrValue->init() ||
967 !attrGostR3410Params->init() ||
968 !attrGostR3411Params->init() ||
969 !attrGost28147Params->init()
972 ERROR_MSG("Could not initialize the attribute");
974 delete attrGostR3410Params;
975 delete attrGostR3411Params;
976 delete attrGost28147Params;
980 // Add them to the map
981 attributes[attrValue->getType()] = attrValue;
982 attributes[attrGostR3410Params->getType()] = attrGostR3410Params;
983 attributes[attrGostR3411Params->getType()] = attrGostR3411Params;
984 attributes[attrGost28147Params->getType()] = attrGost28147Params;
991 P11PrivateKeyObj::P11PrivateKeyObj()
997 bool P11PrivateKeyObj::init(OSObject *inobject)
999 if (initialized) return true;
1000 if (inobject == NULL) return false;
1002 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_PRIVATE_KEY) {
1003 OSAttribute setClass((unsigned long)CKO_PRIVATE_KEY);
1004 inobject->setAttribute(CKA_CLASS, setClass);
1008 if (!P11KeyObj::init(inobject)) return false;
1010 // Create attributes
1011 P11Attribute* attrSubject = new P11AttrSubject(osobject,P11Attribute::ck8);
1012 P11Attribute* attrSensitive = new P11AttrSensitive(osobject);
1013 P11Attribute* attrDecrypt = new P11AttrDecrypt(osobject);
1014 P11Attribute* attrSign = new P11AttrSign(osobject);
1015 P11Attribute* attrSignRecover = new P11AttrSignRecover(osobject);
1016 P11Attribute* attrUnwrap = new P11AttrUnwrap(osobject);
1017 P11Attribute* attrExtractable = new P11AttrExtractable(osobject);
1018 P11Attribute* attrAlwaysSensitive = new P11AttrAlwaysSensitive(osobject);
1019 P11Attribute* attrNeverExtractable = new P11AttrNeverExtractable(osobject);
1020 P11Attribute* attrWrapWithTrusted = new P11AttrWrapWithTrusted(osobject);
1021 P11Attribute* attrUnwrapTemplate = new P11AttrUnwrapTemplate(osobject);
1022 // TODO: CKA_ALWAYS_AUTHENTICATE is accepted, but we do not use it
1023 P11Attribute* attrAlwaysAuthenticate = new P11AttrAlwaysAuthenticate(osobject);
1024 // TODO: CKA_PUBLIC_KEY_INFO is accepted, but we do not calculate it
1025 P11Attribute* attrPublicKeyInfo = new P11AttrPublicKeyInfo(osobject,P11Attribute::ck8);
1027 // Initialize the attributes
1030 !attrSubject->init() ||
1031 !attrSensitive->init() ||
1032 !attrDecrypt->init() ||
1033 !attrSign->init() ||
1034 !attrSignRecover->init() ||
1035 !attrUnwrap->init() ||
1036 !attrExtractable->init() ||
1037 !attrAlwaysSensitive->init() ||
1038 !attrNeverExtractable->init() ||
1039 !attrWrapWithTrusted->init() ||
1040 !attrUnwrapTemplate->init() ||
1041 !attrAlwaysAuthenticate->init() ||
1042 !attrPublicKeyInfo->init()
1045 ERROR_MSG("Could not initialize the attribute");
1047 delete attrSensitive;
1050 delete attrSignRecover;
1052 delete attrExtractable;
1053 delete attrAlwaysSensitive;
1054 delete attrNeverExtractable;
1055 delete attrWrapWithTrusted;
1056 delete attrUnwrapTemplate;
1057 delete attrAlwaysAuthenticate;
1058 delete attrPublicKeyInfo;
1062 // Add them to the map
1063 attributes[attrSubject->getType()] = attrSubject;
1064 attributes[attrSensitive->getType()] = attrSensitive;
1065 attributes[attrDecrypt->getType()] = attrDecrypt;
1066 attributes[attrSign->getType()] = attrSign;
1067 attributes[attrSignRecover->getType()] = attrSignRecover;
1068 attributes[attrUnwrap->getType()] = attrUnwrap;
1069 attributes[attrExtractable->getType()] = attrExtractable;
1070 attributes[attrAlwaysSensitive->getType()] = attrAlwaysSensitive;
1071 attributes[attrNeverExtractable->getType()] = attrNeverExtractable;
1072 attributes[attrWrapWithTrusted->getType()] = attrWrapWithTrusted;
1073 attributes[attrUnwrapTemplate->getType()] = attrUnwrapTemplate;
1074 attributes[attrAlwaysAuthenticate->getType()] = attrAlwaysAuthenticate;
1075 attributes[attrPublicKeyInfo->getType()] = attrPublicKeyInfo;
1082 P11RSAPrivateKeyObj::P11RSAPrivateKeyObj()
1084 initialized = false;
1088 bool P11RSAPrivateKeyObj::init(OSObject *inobject)
1090 if (initialized) return true;
1091 if (inobject == NULL) return false;
1093 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_RSA) {
1094 OSAttribute setKeyType((unsigned long)CKK_RSA);
1095 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1099 if (!P11PrivateKeyObj::init(inobject)) return false;
1101 // Create attributes
1102 P11Attribute* attrModulus = new P11AttrModulus(osobject,P11Attribute::ck6);
1103 P11Attribute* attrPublicExponent = new P11AttrPublicExponent(osobject,P11Attribute::ck4|P11Attribute::ck6);
1104 P11Attribute* attrPrivateExponent = new P11AttrPrivateExponent(osobject);
1105 P11Attribute* attrPrime1 = new P11AttrPrime1(osobject);
1106 P11Attribute* attrPrime2 = new P11AttrPrime2(osobject);
1107 P11Attribute* attrExponent1 = new P11AttrExponent1(osobject);
1108 P11Attribute* attrExponent2 = new P11AttrExponent2(osobject);
1109 P11Attribute* attrCoefficient = new P11AttrCoefficient(osobject);
1111 // Initialize the attributes
1114 !attrModulus->init() ||
1115 !attrPublicExponent->init() ||
1116 !attrPrivateExponent->init() ||
1117 !attrPrime1->init() ||
1118 !attrPrime2->init() ||
1119 !attrExponent1->init() ||
1120 !attrExponent2->init() ||
1121 !attrCoefficient->init()
1124 ERROR_MSG("Could not initialize the attribute");
1126 delete attrPublicExponent;
1127 delete attrPrivateExponent;
1130 delete attrExponent1;
1131 delete attrExponent2;
1132 delete attrCoefficient;
1136 // Add them to the map
1137 attributes[attrModulus->getType()] = attrModulus;
1138 attributes[attrPublicExponent->getType()] = attrPublicExponent;
1139 attributes[attrPrivateExponent->getType()] = attrPrivateExponent;
1140 attributes[attrPrime1->getType()] = attrPrime1;
1141 attributes[attrPrime2->getType()] = attrPrime2;
1142 attributes[attrExponent1->getType()] = attrExponent1;
1143 attributes[attrExponent2->getType()] = attrExponent2;
1144 attributes[attrCoefficient->getType()] = attrCoefficient;
1151 P11DSAPrivateKeyObj::P11DSAPrivateKeyObj()
1153 initialized = false;
1157 bool P11DSAPrivateKeyObj::init(OSObject *inobject)
1159 if (initialized) return true;
1160 if (inobject == NULL) return false;
1162 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DSA) {
1163 OSAttribute setKeyType((unsigned long)CKK_DSA);
1164 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1168 if (!P11PrivateKeyObj::init(inobject)) return false;
1170 // Create attributes
1171 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4|P11Attribute::ck6);
1172 P11Attribute* attrSubPrime = new P11AttrSubPrime(osobject,P11Attribute::ck4|P11Attribute::ck6);
1173 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4|P11Attribute::ck6);
1174 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1176 // Initialize the attributes
1179 !attrPrime->init() ||
1180 !attrSubPrime->init() ||
1181 !attrBase->init() ||
1185 ERROR_MSG("Could not initialize the attribute");
1187 delete attrSubPrime;
1193 // Add them to the map
1194 attributes[attrPrime->getType()] = attrPrime;
1195 attributes[attrSubPrime->getType()] = attrSubPrime;
1196 attributes[attrBase->getType()] = attrBase;
1197 attributes[attrValue->getType()] = attrValue;
1204 P11ECPrivateKeyObj::P11ECPrivateKeyObj()
1206 initialized = false;
1210 bool P11ECPrivateKeyObj::init(OSObject *inobject)
1212 if (initialized) return true;
1213 if (inobject == NULL) return false;
1215 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_EC) {
1216 OSAttribute setKeyType((unsigned long)CKK_EC);
1217 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1221 if (!P11PrivateKeyObj::init(inobject)) return false;
1223 // Create attributes
1224 P11Attribute* attrEcParams = new P11AttrEcParams(osobject,P11Attribute::ck4|P11Attribute::ck6);
1225 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1227 // Initialize the attributes
1230 !attrEcParams->init() ||
1234 ERROR_MSG("Could not initialize the attribute");
1235 delete attrEcParams;
1240 // Add them to the map
1241 attributes[attrEcParams->getType()] = attrEcParams;
1242 attributes[attrValue->getType()] = attrValue;
1249 P11DHPrivateKeyObj::P11DHPrivateKeyObj()
1251 initialized = false;
1255 bool P11DHPrivateKeyObj::init(OSObject *inobject)
1257 if (initialized) return true;
1258 if (inobject == NULL) return false;
1260 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DH) {
1261 OSAttribute setKeyType((unsigned long)CKK_DH);
1262 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1266 if (!P11PrivateKeyObj::init(inobject)) return false;
1268 // Create attributes
1269 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4|P11Attribute::ck6);
1270 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4|P11Attribute::ck6);
1271 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1272 P11Attribute* attrValueBits = new P11AttrValueBits(osobject);
1274 // Initialize the attributes
1277 !attrPrime->init() ||
1278 !attrBase->init() ||
1279 !attrValue->init() ||
1280 !attrValueBits->init()
1283 ERROR_MSG("Could not initialize the attribute");
1287 delete attrValueBits;
1291 // Add them to the map
1292 attributes[attrPrime->getType()] = attrPrime;
1293 attributes[attrBase->getType()] = attrBase;
1294 attributes[attrValue->getType()] = attrValue;
1295 attributes[attrValueBits->getType()] = attrValueBits;
1302 P11GOSTPrivateKeyObj::P11GOSTPrivateKeyObj()
1304 initialized = false;
1308 bool P11GOSTPrivateKeyObj::init(OSObject *inobject)
1310 if (initialized) return true;
1311 if (inobject == NULL) return false;
1313 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_GOSTR3410) {
1314 OSAttribute setKeyType((unsigned long)CKK_GOSTR3410);
1315 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1319 if (!P11PrivateKeyObj::init(inobject)) return false;
1321 // Create attributes
1322 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1323 P11Attribute* attrGostR3410Params = new P11AttrGostR3410Params(osobject,P11Attribute::ck4|P11Attribute::ck6);
1324 P11Attribute* attrGostR3411Params = new P11AttrGostR3411Params(osobject,P11Attribute::ck4|P11Attribute::ck6);
1325 P11Attribute* attrGost28147Params = new P11AttrGost28147Params(osobject,P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck8);
1327 // Initialize the attributes
1330 !attrValue->init() ||
1331 !attrGostR3410Params->init() ||
1332 !attrGostR3411Params->init() ||
1333 !attrGost28147Params->init()
1336 ERROR_MSG("Could not initialize the attribute");
1338 delete attrGostR3410Params;
1339 delete attrGostR3411Params;
1340 delete attrGost28147Params;
1344 // Add them to the map
1345 attributes[attrValue->getType()] = attrValue;
1346 attributes[attrGostR3410Params->getType()] = attrGostR3410Params;
1347 attributes[attrGostR3411Params->getType()] = attrGostR3411Params;
1348 attributes[attrGost28147Params->getType()] = attrGost28147Params;
1355 P11SecretKeyObj::P11SecretKeyObj()
1357 initialized = false;
1361 bool P11SecretKeyObj::init(OSObject *inobject)
1363 if (initialized) return true;
1364 if (inobject == NULL) return false;
1366 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_SECRET_KEY) {
1367 OSAttribute setClass((unsigned long)CKO_SECRET_KEY);
1368 inobject->setAttribute(CKA_CLASS, setClass);
1372 if (!P11KeyObj::init(inobject)) return false;
1374 // Create attributes
1375 P11Attribute* attrSensitive = new P11AttrSensitive(osobject);
1376 P11Attribute* attrEncrypt = new P11AttrEncrypt(osobject);
1377 P11Attribute* attrDecrypt = new P11AttrDecrypt(osobject);
1378 P11Attribute* attrSign = new P11AttrSign(osobject);
1379 P11Attribute* attrVerify = new P11AttrVerify(osobject);
1380 P11Attribute* attrWrap = new P11AttrWrap(osobject);
1381 P11Attribute* attrUnwrap = new P11AttrUnwrap(osobject);
1382 P11Attribute* attrExtractable = new P11AttrExtractable(osobject);
1383 P11Attribute* attrAlwaysSensitive = new P11AttrAlwaysSensitive(osobject);
1384 P11Attribute* attrNeverExtractable = new P11AttrNeverExtractable(osobject);
1385 P11Attribute* attrCheckValue = new P11AttrCheckValue(osobject, P11Attribute::ck8);
1386 P11Attribute* attrWrapWithTrusted = new P11AttrWrapWithTrusted(osobject);
1387 P11Attribute* attrTrusted = new P11AttrTrusted(osobject);
1388 P11Attribute* attrWrapTemplate = new P11AttrWrapTemplate(osobject);
1389 P11Attribute* attrUnwrapTemplate = new P11AttrUnwrapTemplate(osobject);
1391 // Initialize the attributes
1394 !attrSensitive->init() ||
1395 !attrEncrypt->init() ||
1396 !attrDecrypt->init() ||
1397 !attrSign->init() ||
1398 !attrVerify->init() ||
1399 !attrWrap->init() ||
1400 !attrUnwrap->init() ||
1401 !attrExtractable->init() ||
1402 !attrAlwaysSensitive->init() ||
1403 !attrNeverExtractable->init() ||
1404 !attrCheckValue->init() ||
1405 !attrWrapWithTrusted->init() ||
1406 !attrTrusted->init() ||
1407 !attrWrapTemplate->init() ||
1408 !attrUnwrapTemplate->init()
1411 ERROR_MSG("Could not initialize the attribute");
1412 delete attrSensitive;
1419 delete attrExtractable;
1420 delete attrAlwaysSensitive;
1421 delete attrNeverExtractable;
1422 delete attrCheckValue;
1423 delete attrWrapWithTrusted;
1425 delete attrWrapTemplate;
1426 delete attrUnwrapTemplate;
1430 // Add them to the map
1431 attributes[attrSensitive->getType()] = attrSensitive;
1432 attributes[attrEncrypt->getType()] = attrEncrypt;
1433 attributes[attrDecrypt->getType()] = attrDecrypt;
1434 attributes[attrSign->getType()] = attrSign;
1435 attributes[attrVerify->getType()] = attrVerify;
1436 attributes[attrWrap->getType()] = attrWrap;
1437 attributes[attrUnwrap->getType()] = attrUnwrap;
1438 attributes[attrExtractable->getType()] = attrExtractable;
1439 attributes[attrAlwaysSensitive->getType()] = attrAlwaysSensitive;
1440 attributes[attrNeverExtractable->getType()] = attrNeverExtractable;
1441 attributes[attrCheckValue->getType()] = attrCheckValue;
1442 attributes[attrWrapWithTrusted->getType()] = attrWrapWithTrusted;
1443 attributes[attrTrusted->getType()] = attrTrusted;
1444 attributes[attrWrapTemplate->getType()] = attrWrapTemplate;
1445 attributes[attrUnwrapTemplate->getType()] = attrUnwrapTemplate;
1452 P11GenericSecretKeyObj::P11GenericSecretKeyObj()
1454 initialized = false;
1455 keytype = CKK_VENDOR_DEFINED;
1459 bool P11GenericSecretKeyObj::init(OSObject *inobject)
1461 if (initialized) return true;
1462 if (inobject == NULL) return false;
1464 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != keytype) {
1465 OSAttribute setKeyType(keytype);
1466 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1470 if (!P11SecretKeyObj::init(inobject)) return false;
1472 // Create attributes
1473 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1474 P11Attribute* attrValueLen = new P11AttrValueLen(osobject);
1476 // Initialize the attributes
1479 !attrValue->init() ||
1480 !attrValueLen->init()
1483 ERROR_MSG("Could not initialize the attribute");
1485 delete attrValueLen;
1489 // Add them to the map
1490 attributes[attrValue->getType()] = attrValue;
1491 attributes[attrValueLen->getType()] = attrValueLen;
1498 bool P11GenericSecretKeyObj::setKeyType(CK_KEY_TYPE inKeytype)
1502 keytype = inKeytype;
1510 CK_KEY_TYPE P11GenericSecretKeyObj::getKeyType()
1516 P11AESSecretKeyObj::P11AESSecretKeyObj()
1518 initialized = false;
1522 bool P11AESSecretKeyObj::init(OSObject *inobject)
1524 if (initialized) return true;
1525 if (inobject == NULL) return false;
1527 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_AES) {
1528 OSAttribute setKeyType((unsigned long)CKK_AES);
1529 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1533 if (!P11SecretKeyObj::init(inobject)) return false;
1535 // Create attributes
1536 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1537 P11Attribute* attrValueLen = new P11AttrValueLen(osobject,P11Attribute::ck6);
1539 // Initialize the attributes
1542 !attrValue->init() ||
1543 !attrValueLen->init()
1546 ERROR_MSG("Could not initialize the attribute");
1548 delete attrValueLen;
1552 // Add them to the map
1553 attributes[attrValue->getType()] = attrValue;
1554 attributes[attrValueLen->getType()] = attrValueLen;
1561 P11DESSecretKeyObj::P11DESSecretKeyObj()
1563 initialized = false;
1564 keytype = CKK_VENDOR_DEFINED;
1568 bool P11DESSecretKeyObj::init(OSObject *inobject)
1570 if (initialized) return true;
1571 if (inobject == NULL) return false;
1573 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != keytype) {
1574 OSAttribute setKeyType(keytype);
1575 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1579 if (!P11SecretKeyObj::init(inobject)) return false;
1581 // Create attributes
1582 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1584 // Initialize the attributes
1585 if (!attrValue->init())
1587 ERROR_MSG("Could not initialize the attribute");
1592 // Add them to the map
1593 attributes[attrValue->getType()] = attrValue;
1600 bool P11DESSecretKeyObj::setKeyType(CK_KEY_TYPE inKeytype)
1604 keytype = inKeytype;
1612 CK_KEY_TYPE P11DESSecretKeyObj::getKeyType()
1618 P11GOSTSecretKeyObj::P11GOSTSecretKeyObj()
1620 initialized = false;
1624 bool P11GOSTSecretKeyObj::init(OSObject *inobject)
1626 if (initialized) return true;
1627 if (inobject == NULL) return false;
1629 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_GOST28147) {
1630 OSAttribute setKeyType((unsigned long)CKK_GOST28147);
1631 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1635 if (!P11SecretKeyObj::init(inobject)) return false;
1637 // Create attributes
1638 P11Attribute* attrValue = new P11AttrValue(osobject,P11Attribute::ck1|P11Attribute::ck4|P11Attribute::ck6|P11Attribute::ck7);
1639 P11Attribute* attrGost28147Params = new P11AttrGost28147Params(osobject,P11Attribute::ck1|P11Attribute::ck3|P11Attribute::ck5);
1641 // Initialize the attributes
1644 !attrValue->init() ||
1645 !attrGost28147Params->init()
1648 ERROR_MSG("Could not initialize the attribute");
1650 delete attrGost28147Params;
1654 // Add them to the map
1655 attributes[attrValue->getType()] = attrValue;
1656 attributes[attrGost28147Params->getType()] = attrGost28147Params;
1663 P11DomainObj::P11DomainObj()
1665 initialized = false;
1669 bool P11DomainObj::init(OSObject *inobject)
1671 if (initialized) return true;
1672 if (inobject == NULL) return false;
1674 if (!inobject->attributeExists(CKA_CLASS) || inobject->getUnsignedLongValue(CKA_CLASS, CKO_VENDOR_DEFINED) != CKO_DOMAIN_PARAMETERS) {
1675 OSAttribute setClass((unsigned long)CKO_DOMAIN_PARAMETERS);
1676 inobject->setAttribute(CKA_CLASS, setClass);
1680 if (!P11Object::init(inobject)) return false;
1682 // Create attributes
1683 P11Attribute* attrKeyType = new P11AttrKeyType(osobject);
1684 P11Attribute* attrLocal = new P11AttrLocal(osobject);
1686 // Initialize the attributes
1689 !attrKeyType->init() ||
1693 ERROR_MSG("Could not initialize the attribute");
1699 // Add them to the map
1700 attributes[attrKeyType->getType()] = attrKeyType;
1701 attributes[attrLocal->getType()] = attrLocal;
1708 P11DSADomainObj::P11DSADomainObj()
1710 initialized = false;
1714 bool P11DSADomainObj::init(OSObject *inobject)
1716 if (initialized) return true;
1717 if (inobject == NULL) return false;
1719 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DSA) {
1720 OSAttribute setKeyType((unsigned long)CKK_DSA);
1721 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1725 if (!P11DomainObj::init(inobject)) return false;
1727 // Create attributes
1728 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4);
1729 P11Attribute* attrSubPrime = new P11AttrSubPrime(osobject,P11Attribute::ck4);
1730 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4);
1731 P11Attribute* attrPrimeBits = new P11AttrPrimeBits(osobject);
1733 // Initialize the attributes
1736 !attrPrime->init() ||
1737 !attrSubPrime->init() ||
1738 !attrBase->init() ||
1739 !attrPrimeBits->init()
1742 ERROR_MSG("Could not initialize the attribute");
1744 delete attrSubPrime;
1746 delete attrPrimeBits;
1750 // Add them to the map
1751 attributes[attrPrime->getType()] = attrPrime;
1752 attributes[attrSubPrime->getType()] = attrSubPrime;
1753 attributes[attrBase->getType()] = attrBase;
1754 attributes[attrPrimeBits->getType()] = attrPrimeBits;
1761 P11DHDomainObj::P11DHDomainObj()
1763 initialized = false;
1767 bool P11DHDomainObj::init(OSObject *inobject)
1769 if (initialized) return true;
1770 if (inobject == NULL) return false;
1772 if (!inobject->attributeExists(CKA_KEY_TYPE) || inobject->getUnsignedLongValue(CKA_KEY_TYPE, CKK_VENDOR_DEFINED) != CKK_DH) {
1773 OSAttribute setKeyType((unsigned long)CKK_DH);
1774 inobject->setAttribute(CKA_KEY_TYPE, setKeyType);
1778 if (!P11DomainObj::init(inobject)) return false;
1780 // Create attributes
1781 P11Attribute* attrPrime = new P11AttrPrime(osobject,P11Attribute::ck4);
1782 P11Attribute* attrBase = new P11AttrBase(osobject,P11Attribute::ck4);
1783 P11Attribute* attrPrimeBits = new P11AttrPrimeBits(osobject);
1785 // Initialize the attributes
1788 !attrPrime->init() ||
1789 !attrBase->init() ||
1790 !attrPrimeBits->init()
1793 ERROR_MSG("Could not initialize the attribute");
1796 delete attrPrimeBits;
1800 // Add them to the map
1801 attributes[attrPrime->getType()] = attrPrime;
1802 attributes[attrBase->getType()] = attrBase;
1803 attributes[attrPrimeBits->getType()] = attrPrimeBits;
Code Review / aaf / sshsm.git / blob