diff options
| author | izick <none@none> | 2005-10-11 09:48:17 -0700 |
|---|---|---|
| committer | izick <none@none> | 2005-10-11 09:48:17 -0700 |
| commit | f66d273d14eede3a1bb803a39414588d8f143a98 (patch) | |
| tree | fb49f3bd8b354ac0bd09ac4547c7ff307fa352cd /usr/src/lib/libcryptoutil | |
| parent | 04755704f18cda4928299108c358d38435b94617 (diff) | |
| download | illumos-gate-f66d273d14eede3a1bb803a39414588d8f143a98.tar.gz | |
PSARC 2005/572 PKCS#11 v2.20
4920408 PKCS#11 v2.20 support for the Crypto Framework
6287425 residual bzero's in hmac part of sha2
6287428 add sha2 to the i.kcfconfbase upgrade script
Diffstat (limited to 'usr/src/lib/libcryptoutil')
| -rw-r--r-- | usr/src/lib/libcryptoutil/common/mechkeytype.c | 49 | ||||
| -rw-r--r-- | usr/src/lib/libcryptoutil/common/mechstr.c | 38 |
2 files changed, 84 insertions, 3 deletions
diff --git a/usr/src/lib/libcryptoutil/common/mechkeytype.c b/usr/src/lib/libcryptoutil/common/mechkeytype.c index ab26d9567c..64018de320 100644 --- a/usr/src/lib/libcryptoutil/common/mechkeytype.c +++ b/usr/src/lib/libcryptoutil/common/mechkeytype.c @@ -20,7 +20,7 @@ * CDDL HEADER END */ /* - * Copyright 2003 Sun Microsystems, Inc. All rights reserved. + * Copyright 2005 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -31,7 +31,7 @@ /* * Get the key type for the given mechanism * - * All mechanisms in PKCS #11 v2.11 are listed here. + * All mechanisms in PKCS #11 v2.20 are listed here. */ CK_RV pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type, CK_KEY_TYPE *ktype) @@ -48,6 +48,12 @@ pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type, CK_KEY_TYPE *ktype) case CKM_MD2_RSA_PKCS: case CKM_MD5_RSA_PKCS: case CKM_SHA1_RSA_PKCS: + case CKM_SHA256_RSA_PKCS: + case CKM_SHA384_RSA_PKCS: + case CKM_SHA512_RSA_PKCS: + case CKM_SHA256_RSA_PKCS_PSS: + case CKM_SHA384_RSA_PKCS_PSS: + case CKM_SHA512_RSA_PKCS_PSS: case CKM_RIPEMD128_RSA_PKCS: case CKM_RIPEMD160_RSA_PKCS: case CKM_RSA_PKCS_OAEP: @@ -104,6 +110,15 @@ pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type, CK_KEY_TYPE *ktype) case CKM_SHA_1: case CKM_SHA_1_HMAC: case CKM_SHA_1_HMAC_GENERAL: + case CKM_SHA256: + case CKM_SHA256_HMAC: + case CKM_SHA256_HMAC_GENERAL: + case CKM_SHA384: + case CKM_SHA384_HMAC: + case CKM_SHA384_HMAC_GENERAL: + case CKM_SHA512: + case CKM_SHA512_HMAC: + case CKM_SHA512_HMAC_GENERAL: case CKM_GENERIC_SECRET_KEY_GEN: case CKM_FASTHASH: case CKM_PKCS5_PBKD2: @@ -118,6 +133,13 @@ pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type, CK_KEY_TYPE *ktype) case CKM_TLS_MASTER_KEY_DERIVE: case CKM_TLS_KEY_AND_MAC_DERIVE: case CKM_TLS_MASTER_KEY_DERIVE_DH: + case CKM_TLS_PRF: + case CKM_WTLS_PRE_MASTER_KEY_GEN: + case CKM_WTLS_MASTER_KEY_DERIVE: + case CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC: + case CKM_WTLS_PRF: + case CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE: + case CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE: case CKM_CONCATENATE_BASE_AND_KEY: case CKM_CONCATENATE_BASE_AND_DATA: case CKM_CONCATENATE_DATA_AND_BASE: @@ -130,6 +152,9 @@ pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type, CK_KEY_TYPE *ktype) case CKM_RIPEMD160_HMAC: case CKM_RIPEMD160_HMAC_GENERAL: case CKM_SHA1_KEY_DERIVATION: + case CKM_SHA256_KEY_DERIVATION: + case CKM_SHA384_KEY_DERIVATION: + case CKM_SHA512_KEY_DERIVATION: case CKM_MD5_KEY_DERIVATION: case CKM_MD2_KEY_DERIVATION: /* not sure the following 2 should be CKK_DES or not */ @@ -164,6 +189,12 @@ pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type, CK_KEY_TYPE *ktype) case CKM_DES_CBC_PAD: case CKM_PBE_MD2_DES_CBC: case CKM_PBE_MD5_DES_CBC: + case CKM_DES_OFB64: + case CKM_DES_OFB8: + case CKM_DES_CFB64: + case CKM_DES_CFB8: + case CKM_DES_ECB_ENCRYPT_DATA: + case CKM_DES_CBC_ENCRYPT_DATA: *ktype = CKK_DES; break; @@ -179,6 +210,8 @@ pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type, CK_KEY_TYPE *ktype) case CKM_DES3_MAC_GENERAL: case CKM_DES3_CBC_PAD: case CKM_PBE_SHA1_DES3_EDE_CBC: + case CKM_DES3_ECB_ENCRYPT_DATA: + case CKM_DES3_CBC_ENCRYPT_DATA: *ktype = CKK_DES3; break; @@ -279,9 +312,21 @@ pkcs11_mech2keytype(CK_MECHANISM_TYPE mech_type, CK_KEY_TYPE *ktype) case CKM_AES_MAC: case CKM_AES_MAC_GENERAL: case CKM_AES_CBC_PAD: + case CKM_AES_ECB_ENCRYPT_DATA: + case CKM_AES_CBC_ENCRYPT_DATA: *ktype = CKK_AES; break; + case CKM_BLOWFISH_KEY_GEN: + case CKM_BLOWFISH_CBC: + *ktype = CKK_BLOWFISH; + break; + + case CKM_TWOFISH_KEY_GEN: + case CKM_TWOFISH_CBC: + *ktype = CKK_TWOFISH; + break; + default: rv = CKR_MECHANISM_INVALID; break; diff --git a/usr/src/lib/libcryptoutil/common/mechstr.c b/usr/src/lib/libcryptoutil/common/mechstr.c index fc3ab9c16f..3523332c9c 100644 --- a/usr/src/lib/libcryptoutil/common/mechstr.c +++ b/usr/src/lib/libcryptoutil/common/mechstr.c @@ -20,7 +20,7 @@ * CDDL HEADER END */ /* - * Copyright 2004 Sun Microsystems, Inc. All rights reserved. + * Copyright 2005 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -53,6 +53,9 @@ static const struct { { "CKM_MD2_RSA_PKCS", CKM_MD2_RSA_PKCS }, { "CKM_MD5_RSA_PKCS", CKM_MD5_RSA_PKCS }, { "CKM_SHA1_RSA_PKCS", CKM_SHA1_RSA_PKCS }, + { "CKM_SHA256_RSA_PKCS", CKM_SHA256_RSA_PKCS }, + { "CKM_SHA384_RSA_PKCS", CKM_SHA384_RSA_PKCS }, + { "CKM_SHA512_RSA_PKCS", CKM_SHA512_RSA_PKCS }, { "CKM_RIPEMD128_RSA_PKCS", CKM_RIPEMD128_RSA_PKCS }, { "CKM_RIPEMD160_RSA_PKCS", CKM_RIPEMD160_RSA_PKCS }, { "CKM_RSA_PKCS_OAEP", CKM_RSA_PKCS_OAEP }, @@ -70,6 +73,12 @@ static const struct { { "CKM_X9_42_DH_DERIVE", CKM_X9_42_DH_DERIVE }, { "CKM_X9_42_DH_HYBRID_DERIVE", CKM_X9_42_DH_HYBRID_DERIVE }, { "CKM_X9_42_MQV_DERIVE", CKM_X9_42_MQV_DERIVE }, + { "CKM_SHA256_RSA_PKCS", CKM_SHA256_RSA_PKCS }, + { "CKM_SHA384_RSA_PKCS", CKM_SHA384_RSA_PKCS }, + { "CKM_SHA512_RSA_PKCS", CKM_SHA512_RSA_PKCS }, + { "CKM_SHA256_RSA_PKCS_PSS", CKM_SHA256_RSA_PKCS_PSS }, + { "CKM_SHA384_RSA_PKCS_PSS", CKM_SHA384_RSA_PKCS_PSS }, + { "CKM_SHA512_RSA_PKCS_PSS", CKM_SHA512_RSA_PKCS_PSS }, { "CKM_RC2_KEY_GEN", CKM_RC2_KEY_GEN }, { "CKM_RC2_ECB", CKM_RC2_ECB }, { "CKM_RC2_CBC", CKM_RC2_CBC }, @@ -97,6 +106,10 @@ static const struct { { "CKM_CDMF_MAC", CKM_CDMF_MAC }, { "CKM_CDMF_MAC_GENERAL", CKM_CDMF_MAC_GENERAL }, { "CKM_CDMF_CBC_PAD", CKM_CDMF_CBC_PAD }, + { "CKM_DES_OFB64", CKM_DES_OFB64 }, + { "CKM_DES_OFB8", CKM_DES_OFB8 }, + { "CKM_DES_CFB64", CKM_DES_CFB64 }, + { "CKM_DES_CFB8", CKM_DES_CFB8 }, { "CKM_MD2", CKM_MD2 }, { "CKM_MD2_HMAC", CKM_MD2_HMAC }, { "CKM_MD2_HMAC_GENERAL", CKM_MD2_HMAC_GENERAL }, @@ -112,6 +125,15 @@ static const struct { { "CKM_RIPEMD160", CKM_RIPEMD160 }, { "CKM_RIPEMD160_HMAC", CKM_RIPEMD160_HMAC }, { "CKM_RIPEMD160_HMAC_GENERAL", CKM_RIPEMD160_HMAC_GENERAL }, + { "CKM_SHA256", CKM_SHA256 }, + { "CKM_SHA256_HMAC", CKM_SHA256_HMAC }, + { "CKM_SHA256_HMAC_GENERAL", CKM_SHA256_HMAC_GENERAL }, + { "CKM_SHA384", CKM_SHA384 }, + { "CKM_SHA384_HMAC", CKM_SHA384_HMAC }, + { "CKM_SHA384_HMAC_GENERAL", CKM_SHA384_HMAC_GENERAL }, + { "CKM_SHA512", CKM_SHA512 }, + { "CKM_SHA512_HMAC", CKM_SHA512_HMAC }, + { "CKM_SHA512_HMAC_GENERAL", CKM_SHA512_HMAC_GENERAL }, { "CKM_CAST_KEY_GEN", CKM_CAST_KEY_GEN }, { "CKM_CAST_ECB", CKM_CAST_ECB }, { "CKM_CAST_CBC", CKM_CAST_CBC }, @@ -162,11 +184,15 @@ static const struct { { "CKM_TLS_MASTER_KEY_DERIVE", CKM_TLS_MASTER_KEY_DERIVE }, { "CKM_TLS_KEY_AND_MAC_DERIVE", CKM_TLS_KEY_AND_MAC_DERIVE }, { "CKM_TLS_MASTER_KEY_DERIVE_DH", CKM_TLS_MASTER_KEY_DERIVE_DH }, + { "CKM_TLS_PRF", CKM_TLS_PRF }, { "CKM_SSL3_MD5_MAC", CKM_SSL3_MD5_MAC }, { "CKM_SSL3_SHA1_MAC", CKM_SSL3_SHA1_MAC }, { "CKM_MD5_KEY_DERIVATION", CKM_MD5_KEY_DERIVATION }, { "CKM_MD2_KEY_DERIVATION", CKM_MD2_KEY_DERIVATION }, { "CKM_SHA1_KEY_DERIVATION", CKM_SHA1_KEY_DERIVATION }, + { "CKM_SHA256_KEY_DERIVATION", CKM_SHA256_KEY_DERIVATION }, + { "CKM_SHA384_KEY_DERIVATION", CKM_SHA384_KEY_DERIVATION }, + { "CKM_SHA512_KEY_DERIVATION", CKM_SHA512_KEY_DERIVATION }, { "CKM_PBE_MD2_DES_CBC", CKM_PBE_MD2_DES_CBC }, { "CKM_PBE_MD5_DES_CBC", CKM_PBE_MD5_DES_CBC }, { "CKM_PBE_MD5_CAST_CBC", CKM_PBE_MD5_CAST_CBC }, @@ -226,6 +252,16 @@ static const struct { { "CKM_AES_MAC", CKM_AES_MAC }, { "CKM_AES_MAC_GENERAL", CKM_AES_MAC_GENERAL }, { "CKM_AES_CBC_PAD", CKM_AES_CBC_PAD }, + { "CKM_BLOWFISH_KEY_GEN", CKM_BLOWFISH_KEY_GEN }, + { "CKM_BLOWFISH_CBC", CKM_BLOWFISH_CBC }, + { "CKM_TWOFISH_KEY_GEN", CKM_TWOFISH_KEY_GEN }, + { "CKM_TWOFISH_CBC", CKM_TWOFISH_CBC }, + { "CKM_DES_ECB_ENCRYPT_DATA", CKM_DES_ECB_ENCRYPT_DATA }, + { "CKM_DES_CBC_ENCRYPT_DATA", CKM_DES_CBC_ENCRYPT_DATA }, + { "CKM_DES3_ECB_ENCRYPT_DATA", CKM_DES3_ECB_ENCRYPT_DATA }, + { "CKM_DES3_CBC_ENCRYPT_DATA", CKM_DES3_CBC_ENCRYPT_DATA }, + { "CKM_AES_ECB_ENCRYPT_DATA", CKM_AES_ECB_ENCRYPT_DATA }, + { "CKM_AES_CBC_ENCRYPT_DATA", CKM_AES_CBC_ENCRYPT_DATA }, { "CKM_DSA_PARAMETER_GEN", CKM_DSA_PARAMETER_GEN }, { "CKM_DH_PKCS_PARAMETER_GEN", CKM_DH_PKCS_PARAMETER_GEN }, { "CKM_X9_42_DH_PARAMETER_GEN", CKM_X9_42_DH_PARAMETER_GEN }, |