6443649 softtoken should honor $HOME, avoid getpwuid

6884140 softtoken touches $HOME too soon
author: Peter Shoults <Peter.Shoults@Sun.COM> 2010-04-26 16:45:03 -0400
committer: Peter Shoults <Peter.Shoults@Sun.COM> 2010-04-26 16:45:03 -0400
commit: c5866e1dd55ab5acc06a0e2fb2d896f7fddc9695 (patch)
tree: 1d91f4d9d2f722585a1bc16a94c647468a12abd3 /usr/src/lib/pkcs11
parent: de22af4e795d4c10cbff9a60ec725aab46c03afe (diff)
download: illumos-joyent-c5866e1dd55ab5acc06a0e2fb2d896f7fddc9695.tar.gz
6 files changed, 74 insertions, 103 deletions
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/Makefile.com b/usr/src/lib/pkcs11/pkcs11_softtoken/Makefile.com
index f97fcfe1ad..5c20226bb8 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/Makefile.com
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/Makefile.com
@@ -19,8 +19,7 @@
 # CDDL HEADER END
 #
 #
-# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
-# Use is subject to license terms.
+# Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
 #
 # lib/pkcs11/pkcs11_softtoken/Makefile.com
 #
@@ -133,7 +132,7 @@ SRCS =	\
 
 # libelfsign needs a static pkcs11_softtoken
 LIBS    =       $(DYNLIB)
-LDLIBS  +=      -lc -lmd -lcryptoutil -lsoftcrypto
+LDLIBS  +=      -lc -lmd -lcryptoutil -lsoftcrypto -lgen
 
 CFLAGS 	+=      $(CCVERBOSE)
 
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystore.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystore.c
index a2356b0afb..cab06ce41d 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystore.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystore.c
@@ -19,8 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
+ * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
  */
 
 #include <crypt.h>
@@ -89,9 +88,11 @@ soft_gen_hashed_pin(CK_UTF8CHAR_PTR pPin, char **result, char **salt)
 		new_salt = B_TRUE;
 		/*
 		 * crypt_gensalt() will allocate memory to store the new salt.
-		 * on return.
+		 * on return.  Pass "$5" here to default to crypt_sha256 since
+		 * SHA256 is a FIPS 140-2 certified algorithm and we shouldn't
+		 * assume the system default is that strong.
 		 */
-		if ((*salt = crypt_gensalt(NULL, pw)) == NULL) {
+		if ((*salt = crypt_gensalt("$5", pw)) == NULL) {
 			return (-1);
 		}
 	}
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.c
index b28e9e9c5a..da498eff8e 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.c
@@ -19,8 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
+ * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
  */
 
 /*
@@ -38,6 +37,7 @@
 #include <sys/types.h>
 #include <dirent.h>
 #include <limits.h>
+#include <libgen.h>
 #include <strings.h>
 #include <security/cryptoki.h>
 #include <cryptoutil.h>
@@ -158,47 +158,34 @@ static char		keystore_path[MAXPATHLEN];
 static boolean_t	keystore_path_initialized = B_FALSE;
 static int		desc_fd = 0;
 
-
-static char *
-get_user_home_sunw_path(char *home_path)
-{
-	struct passwd pwd, *user_info;
-	char pwdbuf[PWD_BUFFER_SIZE];
-
-	(void) getpwuid_r(getuid(), &pwd, pwdbuf, PWD_BUFFER_SIZE, &user_info);
-
-	(void) snprintf(home_path, MAXPATHLEN, "%s/%s",
-	    user_info ? user_info->pw_dir : "", SUNW_PATH);
-
-	return (home_path);
-}
-
 static char *
 get_keystore_path()
 {
-	char *env_val;
-	char home_path[MAXPATHLEN];
+	char *home = getenv("HOME");
+	char *alt = getenv(ALTERNATE_KEYSTORE_PATH);
 
-	if (!keystore_path_initialized) {
-		env_val = getenv(ALTERNATE_KEYSTORE_PATH);
-		bzero(keystore_path, sizeof (keystore_path));
-		/*
-		 * If it isn't set or is set to the empty string use the
-		 * default location.  We need to check for the empty string
-		 * because some users "unset" environment variables by giving
-		 * them no value, this isn't the same thing as removing it
-		 * from the environment.
-		 *
-		 * We don't want that to attempt to open /.sunw/pkcs11_sofftoken
-		 */
-		if ((env_val == NULL) || (strcmp(env_val, "") == 0)) {
-			/* alternate path not specified, use user's home dir */
-			(void) snprintf(keystore_path, MAXPATHLEN, "%s/%s",
-			    get_user_home_sunw_path(home_path), KEYSTORE_PATH);
-		} else {
-			(void) snprintf(keystore_path, MAXPATHLEN, "%s/%s",
-			    env_val, KEYSTORE_PATH);
-		}
+	if (keystore_path_initialized) {
+		return (keystore_path);
+	}
+
+	bzero(keystore_path, sizeof (keystore_path));
+	/*
+	 * If it isn't set or is set to the empty string use the
+	 * default location.  We need to check for the empty string
+	 * because some users "unset" environment variables by giving
+	 * them no value, this isn't the same thing as removing it
+	 * from the environment.
+	 *
+	 * We don't want that to attempt to open /.sunw/pkcs11_sofftoken
+	 */
+	if ((alt != NULL) && (strcmp(alt, "") != 0)) {
+		(void) snprintf(keystore_path, MAXPATHLEN, "%s/%s",
+		    alt, KEYSTORE_PATH);
+		keystore_path_initialized = B_TRUE;
+	} else if ((home != NULL) && (strcmp(home, "") != 0)) {
+		/* alternate path not specified, try user's home dir */
+		(void) snprintf(keystore_path, MAXPATHLEN, "%s/%s/%s",
+		    home, SUNW_PATH, KEYSTORE_PATH);
 		keystore_path_initialized = B_TRUE;
 	}
 	return (keystore_path);
@@ -316,7 +303,7 @@ lock_file(int fd, boolean_t read_lock, boolean_t set_lock)
 	return (0);
 }
 
-static int
+int
 create_keystore()
 {
 	int fd, buf;
@@ -326,7 +313,7 @@ create_keystore()
 	    ks_desc_file[MAXPATHLEN];
 	CK_BYTE salt[KS_KEY_SALT_SIZE];
 	char *hashed_pin = NULL, *hashed_pin_salt = NULL;
-	char *env_val;
+	char *alt;
 
 	/* keystore doesn't exist, create keystore directory */
 	if (mkdir(get_keystore_path(), S_IRUSR|S_IWUSR|S_IXUSR) < 0) {
@@ -340,24 +327,24 @@ create_keystore()
 
 		/* can't create keystore directory */
 		if (errno == ENOENT) { /* part of the path doesn't exist */
+			char keystore[MAXPATHLEN];
 			/*
-			 * try to create $HOME/.sunw if it doesn't
-			 * exist.  If it is a alternate path provided by the
-			 * user, it should have existed.  Will not
+			 * try to create $HOME/.sunw/pkcs11_softtoken if it
+			 * doesn't exist.  If it is a alternate path provided
+			 * by the user, it should have existed.  Will not
 			 * create for them.
 			 */
-			env_val = getenv(ALTERNATE_KEYSTORE_PATH);
-			if ((env_val == NULL) || (strcmp(env_val, "") == 0)) {
-				char sunw_path[MAXPATHLEN];
+			alt = getenv(ALTERNATE_KEYSTORE_PATH);
+			if ((alt == NULL) || (strcmp(alt, "") == 0)) {
+				char *home = getenv("HOME");
 
-				/* create $HOME/.sunw */
-				if (mkdir(get_user_home_sunw_path(sunw_path),
-				    S_IRUSR|S_IWUSR|S_IXUSR) < 0) {
+				if (home == NULL || strcmp(home, "") == 0) {
 					return (-1);
 				}
-
 				/* create $HOME/.sunw/pkcs11_softtoken */
-				if (mkdir(get_keystore_path(),
+				(void) snprintf(keystore, sizeof (keystore),
+				    "%s/%s/$s", home, SUNW_PATH, KEYSTORE_PATH);
+				if (mkdirp(keystore,
 				    S_IRUSR|S_IWUSR|S_IXUSR) < 0) {
 					return (-1);
 				}
@@ -1048,7 +1035,7 @@ soft_keystore_get_version(uint_t *version, boolean_t lock_held)
 	uint_t buf;
 
 	if ((fd = open_and_lock_keystore_desc(O_RDONLY,
-	    B_TRUE, lock_held)) < 0) {
+	    B_FALSE, lock_held)) < 0) {
 		return (-1);
 	}
 
@@ -1158,7 +1145,7 @@ soft_keystore_getpin(char **hashed_pin, boolean_t lock_held)
 	int fd, ret_val = -1;
 	CK_RV rv;
 
-	if ((fd = open_and_lock_keystore_desc(O_RDONLY, B_TRUE,
+	if ((fd = open_and_lock_keystore_desc(O_RDONLY, B_FALSE,
 	    lock_held)) < 0) {
 		return (-1);
 	}
@@ -1471,7 +1458,7 @@ soft_keystore_setpin(uchar_t *oldpin, uchar_t *newpin, boolean_t lock_held)
 		user_logged_in = B_TRUE;
 	}
 
-	if ((fd = open_and_lock_keystore_desc(O_RDWR, B_FALSE,
+	if ((fd = open_and_lock_keystore_desc(O_RDWR, B_TRUE,
 	    lock_held)) < 0) {
 		return (-1);
 	}
@@ -1925,7 +1912,7 @@ soft_keystore_get_objs(ks_search_type_t search_type,
 	 * objects won't get added/deleted/modified while we are
 	 * doing the search
 	 */
-	if ((ks_fd = open_and_lock_keystore_desc(O_RDONLY, B_TRUE,
+	if ((ks_fd = open_and_lock_keystore_desc(O_RDONLY, B_FALSE,
 	    B_FALSE)) < 0) {
 		return (CKR_FUNCTION_FAILED);
 	}
@@ -2230,7 +2217,7 @@ soft_keystore_put_new_obj(uchar_t *buf, size_t len, boolean_t public,
 	}
 
 	/* open keystore, and set write lock */
-	if ((fd = open_and_lock_keystore_desc(O_RDWR, B_TRUE,
+	if ((fd = open_and_lock_keystore_desc(O_RDWR, B_FALSE,
 	    lock_held)) < 0) {
 		return (-1);
 	}
@@ -2793,7 +2780,7 @@ soft_keystore_get_pin_salt(char **salt)
 	int fd, ret_val = -1;
 	uint64_t hashed_pin_salt_size;
 
-	if ((fd = open_and_lock_keystore_desc(O_RDONLY, B_TRUE,
+	if ((fd = open_and_lock_keystore_desc(O_RDONLY, B_FALSE,
 	    B_FALSE)) < 0) {
 		return (-1);
 	}
@@ -2867,7 +2854,7 @@ soft_keystore_pin_initialized(boolean_t *initialized, char **hashed_pin,
 	CK_BYTE crypt_salt[KS_KEY_SALT_SIZE], tmp_buf[KS_KEY_SALT_SIZE];
 	CK_RV ret_val = CKR_OK;
 
-	if ((fd = open_and_lock_keystore_desc(O_RDONLY, B_TRUE,
+	if ((fd = open_and_lock_keystore_desc(O_RDONLY, B_FALSE,
 	    lock_held)) < 0) {
 		return (CKR_FUNCTION_FAILED);
 	}
@@ -2941,7 +2928,8 @@ soft_keystore_exists()
  *		reading of token objects until they are needed or never at
  *		all if they are not used.
  *
- *		It is only called by soft_keystore_status() when the
+ *		Primary use is from C_InitToken().
+ *		It is also called by soft_keystore_status() when the
  *		"desired_state" is not the the current load state of keystore.
  *
  */
@@ -2999,12 +2987,12 @@ soft_keystore_init(int desired_state)
 			break;
 		}
 
-		soft_slot.keystore_load_status = KEYSTORE_VERSION_OK;
-		if (desired_state <= KEYSTORE_VERSION_OK)
+		soft_slot.keystore_load_status = KEYSTORE_LOAD;
+		if (desired_state <= KEYSTORE_LOAD)
 			break;
 
 	/* FALLTHRU */
-	case KEYSTORE_VERSION_OK:
+	case KEYSTORE_LOAD:
 		/* Load all the public token objects from keystore */
 		if (soft_get_token_objects_from_keystore(PUB_TOKENOBJS)
 		    != CKR_OK) {
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.h b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.h
index 1642932ab7..d807b1dc0c 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.h
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeystoreUtil.h
@@ -19,15 +19,12 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
+ * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
  */
 
 #ifndef _SOFTKEYSTOREUTIL_H
 #define	_SOFTKEYSTOREUTIL_H
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 /*
  * Structures and function prototypes for the keystore
  */
@@ -41,7 +38,7 @@ extern "C" {
 /* Keystore State values */
 #define	KEYSTORE_UNINITIALIZED	0
 #define	KEYSTORE_PRESENT	1
-#define	KEYSTORE_VERSION_OK	2
+#define	KEYSTORE_LOAD		2
 #define	KEYSTORE_INITIALIZED	3
 #define	KEYSTORE_UNAVAILABLE	4
 
@@ -100,6 +97,8 @@ int soft_keystore_get_pin_salt(char **salt);
 CK_RV soft_keystore_pin_initialized(boolean_t *initialized, char **hashed_pin,
     boolean_t lock_held);
 boolean_t soft_keystore_status(int desired_state);
+int soft_keystore_init(int desired_state);
+int create_keystore();
 
 #ifdef __cplusplus
 }
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSession.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSession.c
index 62660c4949..7b0901508a 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSession.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSession.c
@@ -19,12 +19,9 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
+ * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
  */
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #include <pthread.h>
 #include <security/cryptoki.h>
 #include "softGlobal.h"
@@ -321,7 +318,7 @@ C_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin,
 		return (rv);
 
 	/* Check the load status of keystore */
-	if (!soft_keystore_status(KEYSTORE_VERSION_OK)) {
+	if (!soft_keystore_status(KEYSTORE_LOAD)) {
 		SES_REFRELE(session_p, lock_held);
 		return (CKR_DEVICE_REMOVED);
 	}
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSlotToken.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSlotToken.c
index d7f5f27fc3..3665fcf754 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSlotToken.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softSlotToken.c
@@ -19,8 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
+ * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
  */
 
 #include <strings.h>
@@ -306,12 +305,6 @@ C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
 CK_RV
 C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
 {
-
-	ulong_t	token_flag = 0;
-	boolean_t pin_initialized = B_FALSE;
-	char	*ks_cryptpin = NULL;
-	CK_RV rv = CKR_OK;
-
 	if (!softtoken_initialized)
 		return (CKR_CRYPTOKI_NOT_INITIALIZED);
 
@@ -322,25 +315,16 @@ C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
 	if (pInfo == NULL)
 		return (CKR_ARGUMENTS_BAD);
 
-	if (!soft_keystore_status(KEYSTORE_VERSION_OK))
-		return (CKR_DEVICE_REMOVED);
-
+	pInfo->flags = SOFT_TOKEN_FLAGS;
+	if (soft_slot.keystore_load_status == KEYSTORE_UNAVAILABLE) {
+		pInfo->flags |= CKF_WRITE_PROTECTED;
+	}
 	/* Provide information about a token in the provided buffer */
 	(void) strncpy((char *)pInfo->label, SOFT_TOKEN_LABEL, 32);
 	(void) strncpy((char *)pInfo->manufacturerID, SOFT_MANUFACTURER_ID, 32);
 	(void) strncpy((char *)pInfo->model, TOKEN_MODEL, 16);
 	(void) strncpy((char *)pInfo->serialNumber, SOFT_TOKEN_SERIAL, 16);
 
-	rv = soft_keystore_pin_initialized(&pin_initialized, &ks_cryptpin,
-	    B_FALSE);
-	if (rv != CKR_OK)
-		return (rv);
-	if (!pin_initialized)
-		token_flag = CKF_USER_PIN_TO_BE_CHANGED;
-	if (ks_cryptpin)
-		free(ks_cryptpin);
-
-	pInfo->flags = SOFT_TOKEN_FLAGS | token_flag;
 	pInfo->ulMaxSessionCount = CK_EFFECTIVELY_INFINITE;
 	pInfo->ulSessionCount = soft_session_cnt;
 	pInfo->ulMaxRwSessionCount = CK_EFFECTIVELY_INFINITE;
@@ -463,7 +447,10 @@ C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen,
 	if (!softtoken_initialized)
 		return (CKR_CRYPTOKI_NOT_INITIALIZED);
 
-	return (CKR_FUNCTION_NOT_SUPPORTED);
+	if (create_keystore() != 0)
+		return (CKR_FUNCTION_FAILED);
+
+	return (CKR_OK);
 }
 
 /*ARGSUSED*/
@@ -497,7 +484,7 @@ C_SetPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin,
 	if (rv != CKR_OK)
 		return (rv);
 
-	if (!soft_keystore_status(KEYSTORE_VERSION_OK)) {
+	if (!soft_keystore_status(KEYSTORE_LOAD)) {
 		SES_REFRELE(session_p, lock_held);
 		return (CKR_DEVICE_REMOVED);
 	}
author	Peter Shoults <Peter.Shoults@Sun.COM>	2010-04-26 16:45:03 -0400
committer	Peter Shoults <Peter.Shoults@Sun.COM>	2010-04-26 16:45:03 -0400
commit	c5866e1dd55ab5acc06a0e2fb2d896f7fddc9695 (patch)
tree	1d91f4d9d2f722585a1bc16a94c647468a12abd3 /usr/src/lib/pkcs11
parent	de22af4e795d4c10cbff9a60ec725aab46c03afe (diff)
download	illumos-joyent-c5866e1dd55ab5acc06a0e2fb2d896f7fddc9695.tar.gz