26 #define ENCRYPT_CHECKSIZE 16
34 #define STORAGE_ALIGN_SIZE 8
35 #define CONTEXT_INFO_ALIGN_SIZE \
36 roundUp( sizeof( CONTEXT_INFO ), STORAGE_ALIGN_SIZE )
37 #define ALIGN_CONTEXT_PTR( basePtr, type ) \
38 ( type * ) ( ( BYTE * ) ( basePtr ) + CONTEXT_INFO_ALIGN_SIZE )
52 BOOLEAN isClonedContext = ( contextInfoPtr->ctxConv != NULL ) ? \
63 diff =
ptr_diff( contextInfoPtr->ctxConv->key,
64 contextInfoPtr->ctxConv );
68 contextInfoPtr->ctxConv->key = \
69 ptr_align( (
BYTE * ) contextInfoPtr->ctxConv +
sizeof(
CONV_INFO ),
73 if( !isClonedContext )
78 newDiff =
ptr_diff( contextInfoPtr->ctxConv->key,
79 contextInfoPtr->ctxConv );
88 NULL, &stateStorageSize, 0 );
91 memmove( (
BYTE * ) contextInfoPtr->ctxConv + newDiff,
92 (
BYTE * ) contextInfoPtr->ctxConv + diff, stateStorageSize );
104 storageAlignSize == 0 ) || \
106 storageAlignSize >= 4 && storageAlignSize <= 128 ) );
108 switch( contextInfoPtr->type )
114 return( initContextConvStorage( contextInfoPtr, storageAlignSize ) );
117 contextInfoPtr->ctxHash = \
118 ALIGN_CONTEXT_PTR( contextInfoPtr,
HASH_INFO );
119 contextInfoPtr->ctxHash->hashInfo = \
120 ptr_align( (
BYTE * ) contextInfoPtr->ctxConv +
sizeof(
HASH_INFO ),
125 contextInfoPtr->ctxMAC = \
126 ALIGN_CONTEXT_PTR( contextInfoPtr,
MAC_INFO );
127 contextInfoPtr->ctxMAC->macInfo = \
128 ptr_align( (
BYTE * ) contextInfoPtr->ctxConv +
sizeof(
MAC_INFO ),
133 contextInfoPtr->ctxPKC = \
134 ALIGN_CONTEXT_PTR( contextInfoPtr, PKC_INFO );
138 contextInfoPtr->ctxGeneric = \
180 if( capabilityInfoPtr->generateKeyFunction == NULL )
259 const CAPABILITY_INFO *capabilityInfoPtr = contextInfoPtr->capabilityInfo;
270 !
needsIV( contextInfoPtr->ctxConv->mode ) ||
273 memcpy( savedData, data, savedDataLength );
274 status = contextInfoPtr->encryptFunction( contextInfoPtr, data,
278 zeroise( savedData, savedDataLength );
298 if( !memcmp( savedData, data, savedDataLength ) )
303 zeroise( savedData, savedDataLength );
313 const CAPABILITY_INFO *capabilityInfoPtr = contextInfoPtr->capabilityInfo;
330 status = contextInfoPtr->encryptFunction( contextInfoPtr, data,
333 clearTempBignums( contextInfoPtr->ctxPKC );
339 ( ( !isDLP && !isECC ) && \
343 memcpy( savedData, ( isDLP || isECC ) ? \
346 status = contextInfoPtr->encryptFunction( contextInfoPtr, data,
349 clearTempBignums( contextInfoPtr->ctxPKC );
361 if( !memcmp( savedData, dlpParams->outParam,
410 REQUIRES( messageDataPtr == NULL && messageValue == 0 );
413 if( capabilityInfo->endFunction != NULL )
414 capabilityInfo->endFunction( contextInfoPtr );
418 freeContextBignums( contextInfoPtr->ctxPKC,
419 contextInfoPtr->
flags );
436 return( getContextAttribute( contextInfoPtr,
437 (
int * ) messageDataPtr,
440 return( getContextAttributeS( contextInfoPtr,
448 if( messageValue == CRYPT_IATTRIBUTE_INITIALISED )
451 return( setContextAttribute( contextInfoPtr,
452 *( (
int * ) messageDataPtr ),
459 return( setContextAttributeS( contextInfoPtr, msgData->data,
460 msgData->
length, messageValue ) );
463 return( deleteContextAttribute( contextInfoPtr, messageValue ) );
472 ( messageValue == 0 || \
473 isReadPtr( messageDataPtr, messageValue ) ) ) || \
480 status = encryptDataPKC( contextInfoPtr, messageDataPtr,
483 status = encryptDataConv( contextInfoPtr, messageDataPtr,
492 !
needsIV( contextInfoPtr->ctxConv->mode ) ||
495 status = contextInfoPtr->decryptFunction( contextInfoPtr,
496 messageDataPtr, messageValue );
499 clearTempBignums( contextInfoPtr->ctxPKC );
504 status = capabilityInfo->signFunction( contextInfoPtr,
505 messageDataPtr, messageValue );
507 clearTempBignums( contextInfoPtr->ctxPKC );
512 status = capabilityInfo->sigCheckFunction( contextInfoPtr,
513 messageDataPtr, messageValue );
515 clearTempBignums( contextInfoPtr->ctxPKC );
527 status = capabilityInfo->encryptFunction( contextInfoPtr,
528 messageDataPtr, messageValue );
529 if( messageValue > 0 )
545 CONTEXT_FLAG_HASH_INITED;
569 switch( messageValue )
580 compareDataConstTime( msgData->data,
581 contextInfoPtr->ctxHash->hash,
586 compareDataConstTime( msgData->data,
587 contextInfoPtr->ctxMAC->mac,
601 contextInfoPtr, icv, msgData->
length );
604 if( compareDataConstTime( msgData->data, icv,
615 !memcmp( msgData->data, contextInfoPtr->ctxPKC->keyID,
626 !memcmp( msgData->data, contextInfoPtr->ctxPKC->pgp2KeyID,
637 !memcmp( msgData->data, contextInfoPtr->ctxPKC->openPgpKeyID,
652 return( checkContext( contextInfoPtr, messageValue ) );
657 switch( messageValue )
667 int storageAlignSize;
678 NULL, &storageAlignSize, 0 );
681 status = initContextStorage( contextInfoPtr, storageAlignSize );
689 contextInfoPtr->
ownerHandle = *( (
int * ) messageDataPtr );
702 static const int actionFlags = \
723 status = contextInfoPtr->generateKeyFunction( contextInfoPtr );
735 CRYPT_IATTRIBUTE_ACTIONPERMS ) );
741 const int ivSize = capabilityInfo->
blockSize;
747 if( !
needsIV( contextInfoPtr->ctxConv->mode ) || \
754 &msgData, CRYPT_IATTRIBUTE_RANDOM_NONCE );
756 status = capabilityInfo->initParamsFunction( contextInfoPtr,
772 IN_FLAGS_Z( CREATEOBJECT )
const int objectFlags )
784 const int createFlags = objectFlags | \
786 CREATEOBJECT_FLAG_SECUREMALLOC : 0 );
787 int sideChannelProtectionLevel, storageSize;
788 int stateStorageSize = 0, stateStorageAlignSize = 0;
807 &sideChannelProtectionLevel,
814 NULL, &stateStorageSize, 0 );
817 NULL, &stateStorageAlignSize, 0 );
823 switch( contextType )
828 if( capabilityInfoPtr->encryptFunction != NULL || \
829 capabilityInfoPtr->encryptCBCFunction != NULL || \
830 capabilityInfoPtr->encryptCFBFunction != NULL || \
831 capabilityInfoPtr->encryptOFBFunction != NULL || \
832 capabilityInfoPtr->encryptGCMFunction != NULL )
835 if( capabilityInfoPtr->decryptFunction != NULL || \
836 capabilityInfoPtr->decryptCBCFunction != NULL || \
837 capabilityInfoPtr->decryptCFBFunction != NULL || \
838 capabilityInfoPtr->decryptOFBFunction != NULL || \
839 capabilityInfoPtr->decryptGCMFunction != NULL )
847 storageSize =
sizeof( PKC_INFO );
855 if( capabilityInfoPtr->encryptFunction != NULL )
858 if( capabilityInfoPtr->decryptFunction != NULL )
861 if( capabilityInfoPtr->signFunction != NULL )
864 if( capabilityInfoPtr->sigCheckFunction != NULL )
892 if( actionFlags <= 0 )
896 DEBUG_DIAG((
"No actions available for this capability" ));
937 status = krnlCreateObject( iCryptContext, (
void ** ) &contextInfoPtr,
939 ( stateStorageSize + stateStorageAlignSize ),
941 iCryptOwner, actionFlags,
942 contextMessageFunction );
949 contextInfoPtr->
type = contextType;
951 contextInfoPtr->deviceObject = \
954 status = initContextStorage( contextInfoPtr, stateStorageAlignSize );
964 if( sideChannelProtectionLevel > 0 )
969 status = initContextBignums( contextInfoPtr->ctxPKC,
970 sideChannelProtectionLevel,
986 if( capabilityInfoPtr->encryptCBCFunction != NULL )
989 contextInfoPtr->encryptFunction = \
990 capabilityInfoPtr->encryptCBCFunction;
991 contextInfoPtr->decryptFunction = \
992 capabilityInfoPtr->decryptCBCFunction;
1003 if( capabilityInfoPtr->encryptCFBFunction != NULL )
1006 contextInfoPtr->encryptFunction = \
1007 capabilityInfoPtr->encryptCFBFunction;
1008 contextInfoPtr->decryptFunction = \
1009 capabilityInfoPtr->decryptCFBFunction;
1013 if( capabilityInfoPtr->encryptOFBFunction != NULL )
1016 contextInfoPtr->encryptFunction = \
1017 capabilityInfoPtr->encryptOFBFunction;
1018 contextInfoPtr->decryptFunction = \
1019 capabilityInfoPtr->decryptOFBFunction;
1024 contextInfoPtr->encryptFunction = \
1025 capabilityInfoPtr->encryptFunction;
1026 contextInfoPtr->decryptFunction = \
1027 capabilityInfoPtr->decryptFunction;
1035 contextInfoPtr->encryptFunction = capabilityInfoPtr->encryptFunction;
1036 contextInfoPtr->decryptFunction = capabilityInfoPtr->decryptFunction;
1041 initKeyHandling( contextInfoPtr );
1046 initKeyID( contextInfoPtr );
1047 initKeyRead( contextInfoPtr );
1048 initKeyWrite( contextInfoPtr );
1052 ( contextInfoPtr->loadKeyFunction != NULL && \
1053 contextInfoPtr->generateKeyFunction != NULL ) );
1057 ( contextInfoPtr->encryptFunction != NULL && \
1058 contextInfoPtr->decryptFunction != NULL ) );
1060 ( contextInfoPtr->ctxPKC->writePublicKeyFunction != NULL && \
1061 contextInfoPtr->ctxPKC->writePrivateKeyFunction != NULL && \
1062 contextInfoPtr->ctxPKC->readPublicKeyFunction != NULL && \
1063 contextInfoPtr->ctxPKC->readPrivateKeyFunction != NULL ) );
1068 if( objectFlags & CREATEOBJECT_FLAG_DUMMY )
1085 CRYPT_IATTRIBUTE_INITIALISED );
1115 capabilityInfoPtr = findCapabilityInfo( auxDataPtr, createInfo->arg1 );
1116 if( capabilityInfoPtr == NULL )
1120 status = createContextFromCapability( &iCryptContext,
1121 createInfo->cryptOwner,
1122 capabilityInfoPtr, auxValue );