[Cryptech-Commits] [sw/libhal] 01/02: Add mixed-mode key support, for PKCS #11 "session" (ie, not "token") keys.

git at cryptech.is git at cryptech.is
Sat May 14 07:12:15 UTC 2016


This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch rpc
in repository sw/libhal.

commit 598e75956634f33ede687da796d5b6c583048a5e
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Sat May 14 02:59:32 2016 -0400

    Add mixed-mode key support, for PKCS #11 "session" (ie, not "token") keys.
---
 hal.h          |   7 +-
 hal_internal.h |  35 +++++--
 rpc_api.c      |  10 +-
 rpc_client.c   | 281 +++++++++++++++++++++++++++++++++++++++++++++------------
 rpc_hash.c     |   7 +-
 rpc_misc.c     |   8 +-
 rpc_pkey.c     |  30 ++++--
 rpc_server.c   |   8 +-
 8 files changed, 303 insertions(+), 83 deletions(-)

diff --git a/hal.h b/hal.h
index 9f25e62..6fbfb9f 100644
--- a/hal.h
+++ b/hal.h
@@ -648,6 +648,7 @@ typedef uint32_t hal_key_flags_t;
 #define	HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE	(1 << 0)
 #define	HAL_KEY_FLAG_USAGE_KEYENCIPHERMENT      (1 << 1)
 #define	HAL_KEY_FLAG_USAGE_DATAENCIPHERMENT	(1 << 2)
+#define	HAL_KEY_FLAG_PROXIMATE                  (1 << 3)
 
 extern hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client,
                                      const hal_session_handle_t session,
@@ -662,7 +663,8 @@ extern hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client,
                                      const hal_session_handle_t session,
                                      hal_pkey_handle_t *pkey,
                                      const hal_key_type_t type,
-                                     const uint8_t * const name, const size_t name_len);
+                                     const uint8_t * const name, const size_t name_len,
+                                     const hal_key_flags_t flags);
 
 extern hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client,
                                              const hal_session_handle_t session,
@@ -717,7 +719,8 @@ typedef struct {
 
 extern hal_error_t hal_rpc_pkey_list(hal_pkey_info_t *result,
                                      unsigned *result_len,
-                                     const unsigned result_max);
+                                     const unsigned result_max,
+                                     hal_key_flags_t flags);
 
 extern hal_error_t hal_rpc_client_init(void);
 extern hal_error_t hal_rpc_client_close(void);
diff --git a/hal_internal.h b/hal_internal.h
index 8c0b0bc..c460ed8 100644
--- a/hal_internal.h
+++ b/hal_internal.h
@@ -40,6 +40,12 @@
 #include "verilog_constants.h"
 
 /*
+ * Everything in this file is part of the internal API, that is,
+ * subject to change without notice.  Nothing outside of libhal itself
+ * should be looking at this file.
+ */
+
+/*
  * Longest hash block and digest we support at the moment.
  */
 
@@ -47,12 +53,6 @@
 #define HAL_MAX_HASH_DIGEST_LENGTH      SHA512_DIGEST_LEN
 
 /*
- * Everything in this file is part of the internal API, that is,
- * subject to change without notice.  Nothing outside of libhal itself
- * should be looking at this file.
- */
-
-/*
  * Dispatch structures for RPC implementation.
  *
  * The breakdown of which functions go into which dispatch vectors is
@@ -81,6 +81,17 @@
  *   taking a hash context instead of a literal hash value, in which
  *   case we have to extract the hash value from the context and
  *   supply it to the pkey RPC client code as a literal value.
+ *
+ * ...Except that for PKCS #11 we also have to handle the case of
+ * "session keys", ie, keys which are not stored on the HSM.
+ * Apparently people really do use these, mostly for public keys, in
+ * order to conserve expensive memory on the HSM.  So this is another
+ * feature of mixed mode: keys with HAL_KEY_FLAG_PROXIMATE set live on
+ * the host, not in the HSM, and the mixed-mode pkey handlers deal
+ * with the routing.  In the other two modes we ignore the flag and
+ * send everything where we were going to send it anyway.  Restricting
+ * the fancy key handling to mixed mode lets us drop this complexity
+ * out entirely for applications which have no use for it.
  */
 
 typedef struct {
@@ -145,7 +156,8 @@ typedef struct {
                        const hal_session_handle_t session,
                        hal_pkey_handle_t *pkey,
                        const hal_key_type_t type,
-                       const uint8_t * const name, const size_t name_len);
+                       const uint8_t * const name, const size_t name_len,
+                       const hal_key_flags_t flags);
 
   hal_error_t  (*generate_rsa)(const hal_client_handle_t client,
                                const hal_session_handle_t session,
@@ -191,7 +203,8 @@ typedef struct {
 
   hal_error_t  (*list)(hal_pkey_info_t *result,
                        unsigned *result_len,
-                       const unsigned result_max);
+                       const unsigned result_max,
+                       hal_key_flags_t flags);
 
 } hal_rpc_pkey_dispatch_t;
 
@@ -201,6 +214,12 @@ extern const hal_rpc_hash_dispatch_t hal_rpc_local_hash_dispatch, hal_rpc_remote
 extern const hal_rpc_pkey_dispatch_t hal_rpc_local_pkey_dispatch, hal_rpc_remote_pkey_dispatch, hal_rpc_mixed_pkey_dispatch, *hal_rpc_pkey_dispatch;
 
 /*
+ * See code in rpc_pkey.c for how this flag fits into the pkey handle.
+ */
+
+#define	HAL_PKEY_HANDLE_PROXIMATE_FLAG	(1 << 31)
+
+/*
  * Keystore API.
  *
  * The original design for this subsystem used two separate tables,
diff --git a/rpc_api.c b/rpc_api.c
index b2701a5..ca33a3e 100644
--- a/rpc_api.c
+++ b/rpc_api.c
@@ -210,11 +210,12 @@ hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client,
 			      const hal_session_handle_t session,
 			      hal_pkey_handle_t *pkey,
 			      const hal_key_type_t type,
-			      const uint8_t * const name, const size_t name_len)
+			      const uint8_t * const name, const size_t name_len,
+                              const hal_key_flags_t flags)
 {
   if (pkey == NULL || name == NULL || name_len == 0 || !check_pkey_type(type))
     return HAL_ERROR_BAD_ARGUMENTS;
-  return hal_rpc_pkey_dispatch->find(client, session, pkey, type, name, name_len);
+  return hal_rpc_pkey_dispatch->find(client, session, pkey, type, name, name_len, flags);
 }
 
 hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client,
@@ -309,11 +310,12 @@ hal_error_t hal_rpc_pkey_verify(const hal_session_handle_t session,
 
 hal_error_t hal_rpc_pkey_list(hal_pkey_info_t *result,
 			      unsigned *result_len,
-			      const unsigned result_max)
+			      const unsigned result_max,
+                              hal_key_flags_t flags)
 {
   if (result == NULL || result_len == NULL || result_max == 0)
     return HAL_ERROR_BAD_ARGUMENTS;
-  return hal_rpc_pkey_dispatch->list(result, result_len, result_max);
+  return hal_rpc_pkey_dispatch->list(result, result_len, result_max, flags);
 }
 
 /*
diff --git a/rpc_client.c b/rpc_client.c
index 5aededc..21c4327 100644
--- a/rpc_client.c
+++ b/rpc_client.c
@@ -338,14 +338,14 @@ static hal_error_t hash_finalize(const hal_hash_handle_t hash,
   return rpc_ret;
 }
 
-static hal_error_t pkey_load(const hal_client_handle_t client,
-                             const hal_session_handle_t session,
-                             hal_pkey_handle_t *pkey,
-                             const hal_key_type_t type,
-                             const hal_curve_name_t curve,
-                             const uint8_t * const name, const size_t name_len,
-                             const uint8_t * const der, const size_t der_len,
-                             const hal_key_flags_t flags)
+static hal_error_t pkey_remote_load(const hal_client_handle_t client,
+                                    const hal_session_handle_t session,
+                                    hal_pkey_handle_t *pkey,
+                                    const hal_key_type_t type,
+                                    const hal_curve_name_t curve,
+                                    const uint8_t * const name, const size_t name_len,
+                                    const uint8_t * const der, const size_t der_len,
+                                    const hal_key_flags_t flags)
 {
   uint8_t outbuf[nargs(8) + pad(name_len) + pad(der_len)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(2)], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
@@ -371,13 +371,14 @@ static hal_error_t pkey_load(const hal_client_handle_t client,
   return rpc_ret;
 }
 
-static hal_error_t pkey_find(const hal_client_handle_t client,
-                             const hal_session_handle_t session,
-                             hal_pkey_handle_t *pkey,
-                             const hal_key_type_t type,
-                             const uint8_t * const name, const size_t name_len)
+static hal_error_t pkey_remote_find(const hal_client_handle_t client,
+                                    const hal_session_handle_t session,
+                                    hal_pkey_handle_t *pkey,
+                                    const hal_key_type_t type,
+                                    const uint8_t * const name, const size_t name_len,
+                                    const hal_key_flags_t flags)
 {
-  uint8_t outbuf[nargs(5) + pad(name_len)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
+  uint8_t outbuf[nargs(6) + pad(name_len)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(2)], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
   size_t ilen = sizeof(inbuf);
   hal_error_t rpc_ret;
@@ -387,6 +388,7 @@ static hal_error_t pkey_find(const hal_client_handle_t client,
   check(hal_xdr_encode_int(&optr, olimit, session.handle));
   check(hal_xdr_encode_int(&optr, olimit, type));
   check(hal_xdr_encode_buffer(&optr, olimit, name, name_len));
+  check(hal_xdr_encode_int(&optr, olimit, flags));
   check(hal_rpc_send(outbuf, optr - outbuf));
 
   check(hal_rpc_recv(inbuf, &ilen));
@@ -398,13 +400,13 @@ static hal_error_t pkey_find(const hal_client_handle_t client,
   return rpc_ret;
 }
 
-static hal_error_t pkey_generate_rsa(const hal_client_handle_t client,
-                                     const hal_session_handle_t session,
-                                     hal_pkey_handle_t *pkey,
-                                     const uint8_t * const name, const size_t name_len,
-                                     const unsigned key_len,
-                                     const uint8_t * const exp, const size_t exp_len,
-                                     const hal_key_flags_t flags)
+static hal_error_t pkey_remote_generate_rsa(const hal_client_handle_t client,
+                                            const hal_session_handle_t session,
+                                            hal_pkey_handle_t *pkey,
+                                            const uint8_t * const name, const size_t name_len,
+                                            const unsigned key_len,
+                                            const uint8_t * const exp, const size_t exp_len,
+                                            const hal_key_flags_t flags)
 {
   uint8_t outbuf[nargs(7) + pad(name_len) + pad(exp_len)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(2)], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
@@ -429,12 +431,12 @@ static hal_error_t pkey_generate_rsa(const hal_client_handle_t client,
   return rpc_ret;
 }
 
-static hal_error_t pkey_generate_ec(const hal_client_handle_t client,
-                                    const hal_session_handle_t session,
-                                    hal_pkey_handle_t *pkey,
-                                    const uint8_t * const name, const size_t name_len,
-                                    const hal_curve_name_t curve,
-                                    const hal_key_flags_t flags)
+static hal_error_t pkey_remote_generate_ec(const hal_client_handle_t client,
+                                           const hal_session_handle_t session,
+                                           hal_pkey_handle_t *pkey,
+                                           const uint8_t * const name, const size_t name_len,
+                                           const hal_curve_name_t curve,
+                                           const hal_key_flags_t flags)
 {
   uint8_t outbuf[nargs(6) + pad(name_len)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(2)], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
@@ -458,7 +460,7 @@ static hal_error_t pkey_generate_ec(const hal_client_handle_t client,
   return rpc_ret;
 }
 
-static hal_error_t pkey_close(const hal_pkey_handle_t pkey)
+static hal_error_t pkey_remote_close(const hal_pkey_handle_t pkey)
 {
   uint8_t outbuf[nargs(2)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(1)], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
@@ -475,7 +477,7 @@ static hal_error_t pkey_close(const hal_pkey_handle_t pkey)
   return rpc_ret;
 }
 
-static hal_error_t pkey_delete(const hal_pkey_handle_t pkey)
+static hal_error_t pkey_remote_delete(const hal_pkey_handle_t pkey)
 {
   uint8_t outbuf[nargs(2)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(1)], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
@@ -492,8 +494,8 @@ static hal_error_t pkey_delete(const hal_pkey_handle_t pkey)
   return rpc_ret;
 }
 
-static hal_error_t pkey_get_key_type(const hal_pkey_handle_t pkey,
-                                     hal_key_type_t *type)
+static hal_error_t pkey_remote_get_key_type(const hal_pkey_handle_t pkey,
+                                            hal_key_type_t *type)
 {
   uint8_t outbuf[nargs(2)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(2)], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
@@ -515,8 +517,8 @@ static hal_error_t pkey_get_key_type(const hal_pkey_handle_t pkey,
   return rpc_ret;
 }
 
-static hal_error_t pkey_get_key_flags(const hal_pkey_handle_t pkey,
-                                      hal_key_flags_t *flags)
+static hal_error_t pkey_remote_get_key_flags(const hal_pkey_handle_t pkey,
+                                             hal_key_flags_t *flags)
 {
   uint8_t outbuf[nargs(2)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(2)], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
@@ -538,7 +540,7 @@ static hal_error_t pkey_get_key_flags(const hal_pkey_handle_t pkey,
   return rpc_ret;
 }
 
-static size_t pkey_get_public_key_len(const hal_pkey_handle_t pkey)
+static size_t pkey_remote_get_public_key_len(const hal_pkey_handle_t pkey)
 {
   uint8_t outbuf[nargs(2)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(2)], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
@@ -561,8 +563,8 @@ static size_t pkey_get_public_key_len(const hal_pkey_handle_t pkey)
     return 0;
 }
 
-static hal_error_t pkey_get_public_key(const hal_pkey_handle_t pkey,
-                                       uint8_t *der, size_t *der_len, const size_t der_max)
+static hal_error_t pkey_remote_get_public_key(const hal_pkey_handle_t pkey,
+                                              uint8_t *der, size_t *der_len, const size_t der_max)
 {
   uint8_t outbuf[nargs(3)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(2) + pad(der_max)], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
@@ -651,11 +653,12 @@ static hal_error_t hal_xdr_decode_pkey_info(uint8_t **iptr, const uint8_t * cons
   return HAL_OK;
 }
 
-static hal_error_t pkey_list(hal_pkey_info_t *result,
-                             unsigned *result_len,
-                             const unsigned result_max)
+static hal_error_t pkey_remote_list(hal_pkey_info_t *result,
+                                    unsigned *result_len,
+                                    const unsigned result_max,
+                                    hal_key_flags_t flags)
 {
-  uint8_t outbuf[nargs(2)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
+  uint8_t outbuf[nargs(3)], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(2) + pad(result_max * sizeof(hal_pkey_info_t))], *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
   size_t ilen = sizeof(inbuf);
   uint32_t len;
@@ -663,6 +666,7 @@ static hal_error_t pkey_list(hal_pkey_info_t *result,
 
   check(hal_xdr_encode_int(&optr, olimit, RPC_FUNC_PKEY_LIST));
   check(hal_xdr_encode_int(&optr, olimit, result_max));
+  check(hal_xdr_encode_int(&optr, olimit, flags));
   check(hal_rpc_send(outbuf, optr - outbuf));
 
   check(hal_rpc_recv(inbuf, &ilen));
@@ -696,9 +700,17 @@ static hal_error_t pkey_mixed_sign(const hal_session_handle_t session,
                                    const uint8_t * const input,  const size_t input_len,
                                    uint8_t * signature, size_t *signature_len, const size_t signature_max)
 {
+  hal_error_t  (* const sign)(const hal_session_handle_t session,
+                              const hal_pkey_handle_t pkey,
+                              const hal_hash_handle_t hash,
+                              const uint8_t * const input,  const size_t input_len,
+                              uint8_t * signature, size_t *signature_len, const size_t signature_max)
+    = ((pkey.handle & HAL_PKEY_HANDLE_PROXIMATE_FLAG) == 0
+       ? hal_rpc_remote_pkey_dispatch.sign
+       : hal_rpc_local_pkey_dispatch.sign);
+
   if (input != NULL)
-    return pkey_remote_sign(session, pkey, hash, input, input_len,
-                            signature, signature_len, signature_max);
+    return sign(session, pkey, hash, input, input_len, signature, signature_len, signature_max);
 
   hal_digest_algorithm_t alg;
   size_t digest_len;
@@ -713,8 +725,7 @@ static hal_error_t pkey_mixed_sign(const hal_session_handle_t session,
   if ((err = hal_rpc_hash_finalize(hash, digest, digest_len)) != HAL_OK)
     return err;
 
-  return pkey_remote_sign(session, pkey, hal_hash_handle_none, digest, digest_len,
-                          signature, signature_len, signature_max);
+  return sign(session, pkey, hal_hash_handle_none, digest, digest_len, signature, signature_len, signature_max);
 }
 
 static hal_error_t pkey_mixed_verify(const hal_session_handle_t session,
@@ -723,9 +734,17 @@ static hal_error_t pkey_mixed_verify(const hal_session_handle_t session,
                                      const uint8_t * const input, const size_t input_len,
                                      const uint8_t * const signature, const size_t signature_len)
 {
+  hal_error_t  (* const verify)(const hal_session_handle_t session,
+                                const hal_pkey_handle_t pkey,
+                                const hal_hash_handle_t hash,
+                                const uint8_t * const input, const size_t input_len,
+                                const uint8_t * const signature, const size_t signature_len)
+    = ((pkey.handle & HAL_PKEY_HANDLE_PROXIMATE_FLAG) == 0
+       ? hal_rpc_remote_pkey_dispatch.verify
+       : hal_rpc_local_pkey_dispatch.verify);
+
   if (input != NULL)
-    return pkey_remote_verify(session, pkey, hash, input, input_len,
-                              signature, signature_len);
+    return verify(session, pkey, hash, input, input_len, signature, signature_len);
 
   hal_digest_algorithm_t alg;
   size_t digest_len;
@@ -740,8 +759,124 @@ static hal_error_t pkey_mixed_verify(const hal_session_handle_t session,
   if ((err = hal_rpc_hash_finalize(hash, digest, digest_len)) != HAL_OK)
     return err;
 
-  return pkey_remote_verify(session, pkey, hal_hash_handle_none, digest, digest_len,
-                            signature, signature_len);
+  return verify(session, pkey, hal_hash_handle_none, digest, digest_len, signature, signature_len);
+}
+
+static hal_error_t pkey_mixed_load(const hal_client_handle_t client,
+				   const hal_session_handle_t session,
+				   hal_pkey_handle_t *pkey,
+				   const hal_key_type_t type,
+				   const hal_curve_name_t curve,
+				   const uint8_t * const name, const size_t name_len,
+				   const uint8_t * const der, const size_t der_len,
+				   const hal_key_flags_t flags)
+{
+  return ((flags & HAL_KEY_FLAG_PROXIMATE) == 0
+	  ? hal_rpc_remote_pkey_dispatch.load
+	  : hal_rpc_local_pkey_dispatch.load
+	  )(client, session, pkey, type, curve, name, name_len, der, der_len, flags);
+}
+
+static hal_error_t pkey_mixed_find(const hal_client_handle_t client,
+				   const hal_session_handle_t session,
+				   hal_pkey_handle_t *pkey,
+				   const hal_key_type_t type,
+				   const uint8_t * const name, const size_t name_len,
+				   const hal_key_flags_t flags)
+{
+  return ((flags & HAL_KEY_FLAG_PROXIMATE) == 0
+	  ? hal_rpc_remote_pkey_dispatch.find
+	  : hal_rpc_local_pkey_dispatch.find
+	  )(client, session, pkey, type, name, name_len, flags);
+}
+
+static hal_error_t pkey_mixed_generate_rsa(const hal_client_handle_t client,
+					   const hal_session_handle_t session,
+					   hal_pkey_handle_t *pkey,
+					   const uint8_t * const name, const size_t name_len,
+					   const unsigned key_length,
+					   const uint8_t * const public_exponent, const size_t public_exponent_len,
+					   const hal_key_flags_t flags)
+{
+  return ((flags & HAL_KEY_FLAG_PROXIMATE) == 0
+	  ? hal_rpc_remote_pkey_dispatch.generate_rsa
+	  : hal_rpc_local_pkey_dispatch.generate_rsa
+	  )(client, session, pkey, name, name_len, key_length, public_exponent, public_exponent_len, flags);
+}
+
+static hal_error_t pkey_mixed_generate_ec(const hal_client_handle_t client,
+					  const hal_session_handle_t session,
+					  hal_pkey_handle_t *pkey,
+					  const uint8_t * const name, const size_t name_len,
+					  const hal_curve_name_t curve,
+					  const hal_key_flags_t flags)
+{
+  return ((flags & HAL_KEY_FLAG_PROXIMATE) == 0
+	  ? hal_rpc_remote_pkey_dispatch.generate_ec
+	  : hal_rpc_local_pkey_dispatch.generate_ec
+	  )(client, session, pkey, name, name_len, curve, flags);
+}
+
+static hal_error_t pkey_mixed_close(const hal_pkey_handle_t pkey)
+{
+  return ((pkey.handle & HAL_PKEY_HANDLE_PROXIMATE_FLAG) == 0
+	  ? hal_rpc_remote_pkey_dispatch.close
+	  : hal_rpc_local_pkey_dispatch.close
+	  )(pkey);
+}
+
+static hal_error_t pkey_mixed_delete(const hal_pkey_handle_t pkey)
+{
+  return ((pkey.handle & HAL_PKEY_HANDLE_PROXIMATE_FLAG) == 0
+	  ? hal_rpc_remote_pkey_dispatch.delete
+	  : hal_rpc_local_pkey_dispatch.delete
+	  )(pkey);
+}
+
+static hal_error_t pkey_mixed_get_key_type(const hal_pkey_handle_t pkey,
+					   hal_key_type_t *key_type)
+{
+  return ((pkey.handle & HAL_PKEY_HANDLE_PROXIMATE_FLAG) == 0
+	  ? hal_rpc_remote_pkey_dispatch.get_key_type
+	  : hal_rpc_local_pkey_dispatch.get_key_type
+	  )(pkey, key_type);
+}
+
+static hal_error_t pkey_mixed_get_key_flags(const hal_pkey_handle_t pkey,
+					    hal_key_flags_t *flags)
+{
+  return ((pkey.handle & HAL_PKEY_HANDLE_PROXIMATE_FLAG) == 0
+	  ? hal_rpc_remote_pkey_dispatch.get_key_flags
+	  : hal_rpc_local_pkey_dispatch.get_key_flags
+	  )(pkey, flags);
+}
+
+static size_t pkey_mixed_get_public_key_len(const hal_pkey_handle_t pkey)
+{
+  return ((pkey.handle & HAL_PKEY_HANDLE_PROXIMATE_FLAG) == 0
+	  ? hal_rpc_remote_pkey_dispatch.get_public_key_len
+	  : hal_rpc_local_pkey_dispatch.get_public_key_len
+	  )(pkey);
+}
+
+static hal_error_t pkey_mixed_get_public_key(const hal_pkey_handle_t pkey,
+					     uint8_t *der, size_t *der_len, const size_t der_max)
+{
+  return ((pkey.handle & HAL_PKEY_HANDLE_PROXIMATE_FLAG) == 0
+	  ? hal_rpc_remote_pkey_dispatch.get_public_key
+	  : hal_rpc_local_pkey_dispatch.get_public_key
+	  )(pkey, der, der_len, der_max);
+}
+
+static hal_error_t pkey_mixed_list(hal_pkey_info_t *result,
+				   unsigned *result_len,
+				   const unsigned result_max,
+                                   hal_key_flags_t flags)
+{
+  return ((flags & HAL_KEY_FLAG_PROXIMATE) == 0
+	  ? hal_rpc_remote_pkey_dispatch.list
+	  : hal_rpc_local_pkey_dispatch.list
+	  )(result, result_len, result_max, flags);
 }
 
 /*
@@ -749,26 +884,54 @@ static hal_error_t pkey_mixed_verify(const hal_session_handle_t session,
  */
 
 const hal_rpc_misc_dispatch_t hal_rpc_remote_misc_dispatch = {
-  set_pin, login, logout, logout_all, is_logged_in, get_random, get_version
+  set_pin,
+  login,
+  logout,
+  logout_all,
+  is_logged_in,
+  get_random,
+  get_version
 };
 
 const hal_rpc_hash_dispatch_t hal_rpc_remote_hash_dispatch = {
-  hash_get_digest_len, hash_get_digest_algorithm_id, hash_get_algorithm,
-  hash_initialize, hash_update, hash_finalize
+  hash_get_digest_len,
+  hash_get_digest_algorithm_id,
+  hash_get_algorithm,
+  hash_initialize,
+  hash_update,
+  hash_finalize
 };
 
 const hal_rpc_pkey_dispatch_t hal_rpc_remote_pkey_dispatch = {
-  pkey_load, pkey_find, pkey_generate_rsa, pkey_generate_ec, pkey_close, pkey_delete,
-  pkey_get_key_type, pkey_get_key_flags, pkey_get_public_key_len, pkey_get_public_key,
-  pkey_remote_sign, pkey_remote_verify,
-  pkey_list
+  pkey_remote_load,
+  pkey_remote_find,
+  pkey_remote_generate_rsa,
+  pkey_remote_generate_ec,
+  pkey_remote_close,
+  pkey_remote_delete,
+  pkey_remote_get_key_type,
+  pkey_remote_get_key_flags,
+  pkey_remote_get_public_key_len,
+  pkey_remote_get_public_key,
+  pkey_remote_sign,
+  pkey_remote_verify,
+  pkey_remote_list
 };
 
 const hal_rpc_pkey_dispatch_t hal_rpc_mixed_pkey_dispatch = {
-  pkey_load, pkey_find, pkey_generate_rsa, pkey_generate_ec, pkey_close, pkey_delete,
-  pkey_get_key_type, pkey_get_key_flags, pkey_get_public_key_len, pkey_get_public_key,
-  pkey_mixed_sign, pkey_mixed_verify,
-  pkey_list
+  pkey_mixed_load,
+  pkey_mixed_find,
+  pkey_mixed_generate_rsa,
+  pkey_mixed_generate_ec,
+  pkey_mixed_close,
+  pkey_mixed_delete,
+  pkey_mixed_get_key_type,
+  pkey_mixed_get_key_flags,
+  pkey_mixed_get_public_key_len,
+  pkey_mixed_get_public_key,
+  pkey_mixed_sign,
+  pkey_mixed_verify,
+  pkey_mixed_list
 };
 
 #endif /* RPC_CLIENT != RPC_CLIENT_LOCAL */
diff --git a/rpc_hash.c b/rpc_hash.c
index 3c4c79b..7cae484 100644
--- a/rpc_hash.c
+++ b/rpc_hash.c
@@ -303,7 +303,12 @@ static hal_error_t finalize(const hal_hash_handle_t handle,
 }
 
 const hal_rpc_hash_dispatch_t hal_rpc_local_hash_dispatch = {
-  get_digest_length, get_digest_algorithm_id, get_algorithm, initialize, update, finalize
+  get_digest_length,
+  get_digest_algorithm_id,
+  get_algorithm,
+  initialize,
+  update,
+  finalize
 };
 
 /*
diff --git a/rpc_misc.c b/rpc_misc.c
index c0558da..9b5ed1b 100644
--- a/rpc_misc.c
+++ b/rpc_misc.c
@@ -225,7 +225,13 @@ static hal_error_t logout_all(void)
 }
 
 const hal_rpc_misc_dispatch_t hal_rpc_local_misc_dispatch = {
-  set_pin, login, logout, logout_all, is_logged_in, get_random, get_version
+  set_pin,
+  login,
+  logout,
+  logout_all,
+  is_logged_in,
+  get_random,
+  get_version
 };
 
 /*
diff --git a/rpc_pkey.c b/rpc_pkey.c
index 3ae8f2a..bcf4905 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -76,6 +76,10 @@ static pkey_slot_t pkey_handle[HAL_STATIC_PKEY_STATE_BLOCKS];
  * handle consisting of the index into the table and a counter whose
  * sole purpose is to keep the same handle from reoccurring anytime
  * soon, to help identify use-after-free bugs in calling code.
+ *
+ * The high order bit of the pkey handle is left free for
+ * HAL_PKEY_HANDLE_PROXIMATE_FLAG, which is used by the mixed-mode
+ * handlers to route calls to the appropriate destination.
  */
 
 static inline pkey_slot_t *alloc_slot(void)
@@ -83,7 +87,9 @@ static inline pkey_slot_t *alloc_slot(void)
 #if HAL_STATIC_PKEY_STATE_BLOCKS > 0
   static uint16_t next_glop = 0;
   uint32_t glop = ++next_glop << 16;
-  next_glop %= 0xFFFF;
+  next_glop %= 0x7FFF;
+
+  assert((glop & HAL_PKEY_HANDLE_PROXIMATE_FLAG) == 0);
 
   for (int i = 0; i < sizeof(pkey_handle)/sizeof(*pkey_handle); i++) {
     if (pkey_handle[i].name_len > 0)
@@ -243,7 +249,8 @@ static hal_error_t find(const hal_client_handle_t client,
                         const hal_session_handle_t session,
                         hal_pkey_handle_t *pkey,
                         const hal_key_type_t type,
-                        const uint8_t * const name, const size_t name_len)
+                        const uint8_t * const name, const size_t name_len,
+                        const hal_key_flags_t flags)
 {
   pkey_slot_t *slot;
   hal_error_t err;
@@ -819,15 +826,26 @@ static hal_error_t verify(const hal_session_handle_t session,
 
 static hal_error_t list(hal_pkey_info_t *result,
                         unsigned *result_len,
-                        const unsigned result_max)
+                        const unsigned result_max,
+                        hal_key_flags_t flags)
 {
   return hal_ks_list(result, result_len, result_max);
 }
 
 const hal_rpc_pkey_dispatch_t hal_rpc_local_pkey_dispatch = {
-  load, find, generate_rsa, generate_ec, close, delete,
-  get_key_type, get_key_flags, get_public_key_len, get_public_key,
-  sign, verify, list
+  load,
+  find,
+  generate_rsa,
+  generate_ec,
+  close,
+  delete,
+  get_key_type,
+  get_key_flags,
+  get_public_key_len,
+  get_public_key,
+  sign,
+  verify,
+  list
 };
 
 /*
diff --git a/rpc_server.c b/rpc_server.c
index 65f3dfc..d64603c 100644
--- a/rpc_server.c
+++ b/rpc_server.c
@@ -320,15 +320,17 @@ static hal_error_t pkey_find(uint8_t **iptr, const uint8_t * const ilimit,
     uint32_t type;
     uint8_t *name;
     uint32_t name_len;
+    hal_key_flags_t flags;
     hal_error_t ret;
 
     check(hal_xdr_decode_int(iptr, ilimit, &client.handle));
     check(hal_xdr_decode_int(iptr, ilimit, &session.handle));
     check(hal_xdr_decode_int(iptr, ilimit, &type));
     check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &name, &name_len));
+    check(hal_xdr_decode_int(iptr, ilimit, &flags));
 
     /* call the local function */
-    ret = hal_rpc_local_pkey_dispatch.find(client, session, &pkey, type, name, name_len);
+    ret = hal_rpc_local_pkey_dispatch.find(client, session, &pkey, type, name, name_len, flags);
     if (ret == HAL_OK)
         check(hal_xdr_encode_int(optr, olimit, pkey.handle));
     return ret;
@@ -567,15 +569,17 @@ static hal_error_t pkey_list(uint8_t **iptr, const uint8_t * const ilimit,
 {
     uint8_t *optr_orig = *optr;
     uint32_t result_max;
+    hal_key_flags_t flags;
     hal_error_t ret;
 
     check(hal_xdr_decode_int(iptr, ilimit, &result_max));
+    check(hal_xdr_decode_int(iptr, ilimit, &flags));
 
     hal_pkey_info_t result[result_max];
     unsigned result_len;
 
     /* call the local function */
-    ret = hal_rpc_local_pkey_dispatch.list(result, &result_len, result_max);
+    ret = hal_rpc_local_pkey_dispatch.list(result, &result_len, result_max, flags);
     if (ret == HAL_OK) {
         int i;
         check(hal_xdr_encode_int(optr, olimit, result_len));



More information about the Commits mailing list