diff options
| author | Jason King <jason.king@joyent.com> | 2018-02-14 23:16:03 +0000 |
|---|---|---|
| committer | Richard Lowe <richlowe@richlowe.net> | 2018-10-15 15:36:58 +0000 |
| commit | cc543d0f9e35a75cc302a4cb152756d233299564 (patch) | |
| tree | e2305c6a4cf6818b6d645e78dd4904a684488ad6 /usr/src/lib/libcryptoutil/common/util.c | |
| parent | e239895e13556da6878ec1eda7d795ea494fa359 (diff) | |
| download | illumos-gate-cc543d0f9e35a75cc302a4cb152756d233299564.tar.gz | |
9876 Move crypto2pkcs11_error_number to libcryptoutil
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Igor Kozhukhov <igor@dilos.org>
Reviewed by: Andy Fiddaman <omnios@citrus-it.co.uk>
Reviewed by: C Fraire <cfraire@me.com>
Approved by: Richard Lowe <richlowe@richlowe.net>
Diffstat (limited to 'usr/src/lib/libcryptoutil/common/util.c')
| -rw-r--r-- | usr/src/lib/libcryptoutil/common/util.c | 119 |
1 files changed, 114 insertions, 5 deletions
diff --git a/usr/src/lib/libcryptoutil/common/util.c b/usr/src/lib/libcryptoutil/common/util.c index 6fbf175d77..e7368dc4e7 100644 --- a/usr/src/lib/libcryptoutil/common/util.c +++ b/usr/src/lib/libcryptoutil/common/util.c @@ -21,14 +21,111 @@ /* * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. + * Copyright 2018, Joyent, Inc. */ -#pragma ident "%Z%%M% %I% %E% SMI" - #include <cryptoutil.h> #include <strings.h> #include <stdio.h> #include <tzfile.h> +#include <sys/crypto/common.h> + +/* + * In order to fit everything on one line, the 'CRYPTO_' prefix + * has been dropped from the KCF #defines, e.g. + * CRYPTO_SUCCESS becomes SUCCESS. + */ + +static CK_RV error_number_table[CRYPTO_LAST_ERROR + 1] = { +CKR_OK, /* SUCCESS */ +CKR_CANCEL, /* CANCEL */ +CKR_HOST_MEMORY, /* HOST_MEMORY */ +CKR_GENERAL_ERROR, /* GENERAL_ERROR */ +CKR_FUNCTION_FAILED, /* FAILED */ +CKR_ARGUMENTS_BAD, /* ARGUMENTS_BAD */ +CKR_ATTRIBUTE_READ_ONLY, /* ATTRIBUTE_READ_ONLY */ +CKR_ATTRIBUTE_SENSITIVE, /* ATTRIBUTE_SENSITIVE */ +CKR_ATTRIBUTE_TYPE_INVALID, /* ATTRIBUTE_TYPE_INVALID */ +CKR_ATTRIBUTE_VALUE_INVALID, /* ATTRIBUTE_VALUE_INVALID */ +CKR_FUNCTION_FAILED, /* CANCELED */ +CKR_DATA_INVALID, /* DATA_INVALID */ +CKR_DATA_LEN_RANGE, /* DATA_LEN_RANGE */ +CKR_DEVICE_ERROR, /* DEVICE_ERROR */ +CKR_DEVICE_MEMORY, /* DEVICE_MEMORY */ +CKR_DEVICE_REMOVED, /* DEVICE_REMOVED */ +CKR_ENCRYPTED_DATA_INVALID, /* ENCRYPTED_DATA_INVALID */ +CKR_ENCRYPTED_DATA_LEN_RANGE, /* ENCRYPTED_DATA_LEN_RANGE */ +CKR_KEY_HANDLE_INVALID, /* KEY_HANDLE_INVALID */ +CKR_KEY_SIZE_RANGE, /* KEY_SIZE_RANGE */ +CKR_KEY_TYPE_INCONSISTENT, /* KEY_TYPE_INCONSISTENT */ +CKR_KEY_NOT_NEEDED, /* KEY_NOT_NEEDED */ +CKR_KEY_CHANGED, /* KEY_CHANGED */ +CKR_KEY_NEEDED, /* KEY_NEEDED */ +CKR_KEY_INDIGESTIBLE, /* KEY_INDIGESTIBLE */ +CKR_KEY_FUNCTION_NOT_PERMITTED, /* KEY_FUNCTION_NOT_PERMITTED */ +CKR_KEY_NOT_WRAPPABLE, /* KEY_NOT_WRAPPABLE */ +CKR_KEY_UNEXTRACTABLE, /* KEY_UNEXTRACTABLE */ +CKR_MECHANISM_INVALID, /* MECHANISM_INVALID */ +CKR_MECHANISM_PARAM_INVALID, /* MECHANISM_PARAM_INVALID */ +CKR_OBJECT_HANDLE_INVALID, /* OBJECT_HANDLE_INVALID */ +CKR_OPERATION_ACTIVE, /* OPERATION_ACTIVE */ +CKR_OPERATION_NOT_INITIALIZED, /* OPERATION_NOT_INITIALIZED */ +CKR_PIN_INCORRECT, /* PIN_INCORRECT */ +CKR_PIN_INVALID, /* PIN_INVALID */ +CKR_PIN_LEN_RANGE, /* PIN_LEN_RANGE */ +CKR_PIN_EXPIRED, /* PIN_EXPIRED */ +CKR_PIN_LOCKED, /* PIN_LOCKED */ +CKR_SESSION_CLOSED, /* SESSION_CLOSED */ +CKR_SESSION_COUNT, /* SESSION_COUNT */ +CKR_SESSION_HANDLE_INVALID, /* SESSION_HANDLE_INVALID */ +CKR_SESSION_READ_ONLY, /* SESSION_READ_ONLY */ +CKR_SESSION_EXISTS, /* SESSION_EXISTS */ +CKR_SESSION_READ_ONLY_EXISTS, /* SESSION_READ_ONLY_EXISTS */ +CKR_SESSION_READ_WRITE_SO_EXISTS, /* SESSION_READ_WRITE_SO_EXISTS */ +CKR_SIGNATURE_INVALID, /* SIGNATURE_INVALID */ +CKR_SIGNATURE_LEN_RANGE, /* SIGNATURE_LEN_RANGE */ +CKR_TEMPLATE_INCOMPLETE, /* TEMPLATE_INCOMPLETE */ +CKR_TEMPLATE_INCONSISTENT, /* TEMPLATE_INCONSISTENT */ +CKR_UNWRAPPING_KEY_HANDLE_INVALID, /* UNWRAPPING_KEY_HANDLE_INVALID */ +CKR_UNWRAPPING_KEY_SIZE_RANGE, /* UNWRAPPING_KEY_SIZE_RANGE */ +CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, /* UNWRAPPING_KEY_TYPE_INCONSISTENT */ +CKR_USER_ALREADY_LOGGED_IN, /* USER_ALREADY_LOGGED_IN */ +CKR_USER_NOT_LOGGED_IN, /* USER_NOT_LOGGED_IN */ +CKR_USER_PIN_NOT_INITIALIZED, /* USER_PIN_NOT_INITIALIZED */ +CKR_USER_TYPE_INVALID, /* USER_TYPE_INVALID */ +CKR_USER_ANOTHER_ALREADY_LOGGED_IN, /* USER_ANOTHER_ALREADY_LOGGED_IN */ +CKR_USER_TOO_MANY_TYPES, /* USER_TOO_MANY_TYPES */ +CKR_WRAPPED_KEY_INVALID, /* WRAPPED_KEY_INVALID */ +CKR_WRAPPED_KEY_LEN_RANGE, /* WRAPPED_KEY_LEN_RANGE */ +CKR_WRAPPING_KEY_HANDLE_INVALID, /* WRAPPING_KEY_HANDLE_INVALID */ +CKR_WRAPPING_KEY_SIZE_RANGE, /* WRAPPING_KEY_SIZE_RANGE */ +CKR_WRAPPING_KEY_TYPE_INCONSISTENT, /* WRAPPING_KEY_TYPE_INCONSISTENT */ +CKR_RANDOM_SEED_NOT_SUPPORTED, /* RANDOM_SEED_NOT_SUPPORTED */ +CKR_RANDOM_NO_RNG, /* RANDOM_NO_RNG */ +CKR_DOMAIN_PARAMS_INVALID, /* DOMAIN_PARAMS_INVALID */ +CKR_BUFFER_TOO_SMALL, /* BUFFER_TOO_SMALL */ +CKR_INFORMATION_SENSITIVE, /* INFORMATION_SENSITIVE */ +CKR_FUNCTION_NOT_SUPPORTED, /* NOT_SUPPORTED */ +CKR_GENERAL_ERROR, /* QUEUED */ +CKR_GENERAL_ERROR, /* BUFFER_TOO_BIG */ +CKR_OPERATION_NOT_INITIALIZED, /* INVALID_CONTEXT */ +CKR_GENERAL_ERROR, /* INVALID_MAC */ +CKR_GENERAL_ERROR, /* MECH_NOT_SUPPORTED */ +CKR_GENERAL_ERROR, /* INCONSISTENT_ATTRIBUTE */ +CKR_GENERAL_ERROR, /* NO_PERMISSION */ +CKR_SLOT_ID_INVALID, /* INVALID_PROVIDER_ID */ +CKR_GENERAL_ERROR, /* VERSION_MISMATCH */ +CKR_GENERAL_ERROR, /* BUSY */ +CKR_GENERAL_ERROR, /* UNKNOWN_PROVIDER */ +CKR_GENERAL_ERROR, /* MODVERIFICATION_FAILED */ +CKR_GENERAL_ERROR, /* OLD_CTX_TEMPLATE */ +CKR_GENERAL_ERROR, /* WEAK_KEY */ +CKR_GENERAL_ERROR /* FIPS140_ERROR */ +}; + +#if CRYPTO_LAST_ERROR != CRYPTO_FIPS140_ERROR +#error "Crypto to PKCS11 error mapping table needs to be updated!" +#endif /* * This function returns a fullpath based on the "dir" and "filepath" input @@ -96,16 +193,16 @@ str2lifetime(char *ltimestr, uint32_t *ltime) return (-1); if (!strcasecmp(timetok, "second") || - !strcasecmp(timetok, "seconds")) { + !strcasecmp(timetok, "seconds")) { *ltime = num; } else if (!strcasecmp(timetok, "minute") || - !strcasecmp(timetok, "minutes")) { + !strcasecmp(timetok, "minutes")) { *ltime = num * SECSPERMIN; } else if (!strcasecmp(timetok, "day") || !strcasecmp(timetok, "days")) { *ltime = num * SECSPERDAY; } else if (!strcasecmp(timetok, "hour") || - !strcasecmp(timetok, "hours")) { + !strcasecmp(timetok, "hours")) { *ltime = num * SECSPERHOUR; } else { *ltime = 0; @@ -114,3 +211,15 @@ str2lifetime(char *ltimestr, uint32_t *ltime) return (0); } + +/* + * Map KCF error codes into PKCS11 error codes. + */ +CK_RV +crypto2pkcs11_error_number(uint_t n) +{ + if (n >= sizeof (error_number_table) / sizeof (error_number_table[0])) + return (CKR_GENERAL_ERROR); + + return (error_number_table[n]); +} |