|
1 /* |
|
2 * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved. |
|
3 * |
|
4 */ |
|
5 |
|
6 /* |
|
7 * Redistribution and use in source and binary forms, with or without |
|
8 * modification, are permitted provided that the following conditions |
|
9 * are met: |
|
10 * |
|
11 * 1. Redistributions of source code must retain the above copyright |
|
12 * notice, this list of conditions and the following disclaimer. |
|
13 * |
|
14 * 2. Redistributions in binary form must reproduce the above copyright |
|
15 * notice, this list of conditions and the following disclaimer in |
|
16 * the documentation and/or other materials provided with the |
|
17 * distribution. |
|
18 * |
|
19 * 3. All advertising materials mentioning features or use of this |
|
20 * software must display the following acknowledgment: |
|
21 * "This product includes software developed by the OpenSSL Project |
|
22 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
|
23 * |
|
24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
|
25 * endorse or promote products derived from this software without |
|
26 * prior written permission. For written permission, please contact |
|
27 * [email protected]. |
|
28 * |
|
29 * 5. Products derived from this software may not be called "OpenSSL" |
|
30 * nor may "OpenSSL" appear in their names without prior written |
|
31 * permission of the OpenSSL Project. |
|
32 * |
|
33 * 6. Redistributions of any form whatsoever must retain the following |
|
34 * acknowledgment: |
|
35 * "This product includes software developed by the OpenSSL Project |
|
36 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
|
37 * |
|
38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
|
39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
|
42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
|
44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|
45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
|
47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
|
49 * OF THE POSSIBILITY OF SUCH DAMAGE. |
|
50 */ |
|
51 |
|
52 #include <stdio.h> |
|
53 #include <stdlib.h> |
|
54 #include <string.h> |
|
55 #include <sys/types.h> |
|
56 #include <sys/wait.h> |
|
57 #include <sys/mman.h> |
|
58 #include <unistd.h> |
|
59 #include <strings.h> |
|
60 #include <libgen.h> |
|
61 #include <pthread.h> |
|
62 #include <assert.h> |
|
63 #include <errno.h> |
|
64 |
|
65 #include <openssl/crypto.h> |
|
66 |
|
67 #ifndef OPENSSL_NO_HW |
|
68 #ifndef OPENSSL_NO_HW_PK11 |
|
69 |
|
70 #include <security/cryptoki.h> |
|
71 #include <security/pkcs11.h> |
|
72 #include "e_pk11.h" |
|
73 #include "e_pk11_uri.h" |
|
74 |
|
75 /* |
|
76 * The keystore used is always from the pubkey slot so we need to know which one |
|
77 * was selected so that we can get the information needed for the URI |
|
78 * processing. |
|
79 */ |
|
80 extern CK_SLOT_ID pubkey_SLOTID; |
|
81 extern CK_FUNCTION_LIST_PTR pFuncList; |
|
82 |
|
83 /* |
|
84 * Cached PIN so that child can use it during the re-login. Note that we do not |
|
85 * cache the PIN by default. |
|
86 */ |
|
87 static char *token_pin; |
|
88 |
|
89 static int mlock_pin_in_memory(char *pin); |
|
90 static char *run_askpass(char *dialog); |
|
91 |
|
92 /* |
|
93 * Get the PIN. Either run the command and use its standard output as a PIN to |
|
94 * fill in the PKCS11 URI structure, or read the PIN from the terminal. Using |
|
95 * the external command is of higher precedence. The memory for PIN is allocated |
|
96 * in this function and the PIN is always NULL terminated. The caller must take |
|
97 * care of freeing the memory used for the PIN. The maximum PIN length accepted |
|
98 * is PK11_MAX_PIN_LEN. |
|
99 * |
|
100 * The function is used also during the re-initialization of the engine after |
|
101 * the fork. |
|
102 * |
|
103 * The function must not be called under the protection of the mutex "uri_lock" |
|
104 * because the lock is acquired in the prefork function. |
|
105 * |
|
106 * Returns: |
|
107 * 0 in case of troubles (and sets "*pin" to NULL) |
|
108 * 1 if we got the PIN |
|
109 */ |
|
110 #define EXEC_SPEC "exec:" |
|
111 #define BUILTIN_SPEC "builtin" |
|
112 int |
|
113 pk11_get_pin(char *dialog, char **pin) |
|
114 { |
|
115 /* Initialize as an error. */ |
|
116 *pin = NULL; |
|
117 |
|
118 if (strcmp(dialog, BUILTIN_SPEC) == 0) |
|
119 { |
|
120 /* The getpassphrase() function is not MT safe. */ |
|
121 (void) pthread_mutex_lock(uri_lock); |
|
122 /* Note that OpenSSL is not localized at all. */ |
|
123 *pin = getpassphrase("Enter token PIN: "); |
|
124 if (*pin == NULL) |
|
125 { |
|
126 PK11err(PK11_F_GET_PIN, PK11_R_COULD_NOT_READ_PIN); |
|
127 (void) pthread_mutex_unlock(uri_lock); |
|
128 goto err; |
|
129 } |
|
130 else |
|
131 { |
|
132 char *pw; |
|
133 |
|
134 /* |
|
135 * getpassphrase() uses an internal buffer to hold the |
|
136 * entered password. Note that it terminates the buffer |
|
137 * with '\0'. |
|
138 */ |
|
139 if ((pw = strdup(*pin)) == NULL) |
|
140 { |
|
141 PK11err(PK11_F_GET_PIN, PK11_R_MALLOC_FAILURE); |
|
142 (void) pthread_mutex_unlock(uri_lock); |
|
143 goto err; |
|
144 } |
|
145 /* Zero the internal buffer to get rid of the PIN. */ |
|
146 memset(*pin, 0, strlen(*pin)); |
|
147 *pin = pw; |
|
148 (void) pthread_mutex_unlock(uri_lock); |
|
149 } |
|
150 } |
|
151 else |
|
152 { |
|
153 /* |
|
154 * This is the "exec:" case. We will get the PIN from the output |
|
155 * of an external command. |
|
156 */ |
|
157 if (strncmp(dialog, EXEC_SPEC, strlen(EXEC_SPEC)) == 0) |
|
158 { |
|
159 dialog += strlen(EXEC_SPEC); |
|
160 if ((*pin = run_askpass(dialog)) == NULL) |
|
161 goto err; |
|
162 } |
|
163 else |
|
164 { |
|
165 /* |
|
166 * Invalid specification in the passphrasedialog |
|
167 * keyword. |
|
168 */ |
|
169 PK11err(PK11_F_GET_PIN, PK11_R_BAD_PASSPHRASE_SPEC); |
|
170 goto err; |
|
171 } |
|
172 } |
|
173 |
|
174 return (1); |
|
175 err: |
|
176 return (0); |
|
177 } |
|
178 |
|
179 /* |
|
180 * Process the PKCS#11 URI and get the PIN. It uses information from the |
|
181 * passphrasedialog keyword to get the PIN. If passphrasedialog is not present |
|
182 * it is not considered an error since it depends on the token attributes |
|
183 * whether C_Login() is required. The function expects an allocated 'uri_struct' |
|
184 * structure. |
|
185 * |
|
186 * Returns: |
|
187 * 0 if URI is not valid at all, or if we could not get the PIN |
|
188 * 1 if all is OK |
|
189 * 2 if the URI is not the PKCS#11 URI. In that case, put the string |
|
190 * pointer to the filename to "*file". Note that the pointer just points |
|
191 * inside of the "uristr", possibly skipping the file:// prefix if present. |
|
192 */ |
|
193 int |
|
194 pk11_process_pkcs11_uri(const char *uristr, pkcs11_uri *uri_struct, |
|
195 const char **file) |
|
196 { |
|
197 char *uristr2, *l1, *l2, *tok, *name; |
|
198 |
|
199 /* Check the "file://" case. */ |
|
200 if (strncmp(uristr, FILE_URI_PREFIX, strlen(FILE_URI_PREFIX)) == 0) |
|
201 { |
|
202 *file = uristr + strlen(FILE_URI_PREFIX); |
|
203 return (2); |
|
204 } |
|
205 |
|
206 /* This is the "pkcs11:" case. */ |
|
207 if (strncmp(uristr, PK11_URI_PREFIX, strlen(PK11_URI_PREFIX)) != 0) |
|
208 { |
|
209 /* Not PKCS#11 URI at all, could be a filename. */ |
|
210 *file = (const char *)uristr; |
|
211 return (2); |
|
212 } |
|
213 else |
|
214 { |
|
215 /* Dup the string and skip over the pkcs11: prefix then. */ |
|
216 uristr2 = strdup(uristr + strlen(PK11_URI_PREFIX)); |
|
217 if (uristr2 == NULL) |
|
218 { |
|
219 PK11err(PK11_F_CHECK_TOKEN_ATTRS, |
|
220 PK11_R_MALLOC_FAILURE); |
|
221 goto err; |
|
222 } |
|
223 } |
|
224 |
|
225 /* Initialize the structure. */ |
|
226 memset(uri_struct, 0, sizeof (*uri_struct)); |
|
227 |
|
228 /* |
|
229 * Using strtok_r() would silently skip over multiple semicolons. We |
|
230 * must check that before moving on. We must also avoid ';' as the first |
|
231 * and the last character in the URI. |
|
232 */ |
|
233 if (strstr(uristr2, ";;") != NULL || uristr2[0] == ';' || |
|
234 (strlen(uristr2) > 0 && uristr2[strlen(uristr2) - 1] == ';')) |
|
235 goto bad_uri; |
|
236 |
|
237 tok = strtok_r(uristr2, ";", &l1); |
|
238 for (; tok != NULL; tok = strtok_r(NULL, ";", &l1)) |
|
239 { |
|
240 /* "tok" is not empty so there will be something in "name". */ |
|
241 name = strtok_r(tok, "=", &l2); |
|
242 /* Check whether there is '=' at all. */ |
|
243 if (l2 == NULL) |
|
244 goto bad_uri; |
|
245 |
|
246 /* |
|
247 * Fill out the URI structure. We do not accept duplicit |
|
248 * attributes. |
|
249 */ |
|
250 if (strcmp(name, PK11_TOKEN) == 0) |
|
251 if (uri_struct->token == NULL) |
|
252 { |
|
253 if ((uri_struct->token = strdup(l2)) == NULL) |
|
254 goto no_mem; |
|
255 } |
|
256 else |
|
257 goto bad_uri; |
|
258 else if (strcmp(name, PK11_MANUF) == 0) |
|
259 if (uri_struct->manuf == NULL) |
|
260 { |
|
261 if ((uri_struct->manuf = strdup(l2)) == NULL) |
|
262 goto no_mem; |
|
263 } |
|
264 else |
|
265 goto bad_uri; |
|
266 else if (strcmp(name, PK11_SERIAL) == 0) |
|
267 if (uri_struct->serial == NULL) |
|
268 { |
|
269 if ((uri_struct->serial = strdup(l2)) == NULL) |
|
270 goto no_mem; |
|
271 } |
|
272 else |
|
273 goto bad_uri; |
|
274 else if (strcmp(name, PK11_MODEL) == 0) |
|
275 if (uri_struct->model == NULL) |
|
276 { |
|
277 if ((uri_struct->model = strdup(l2)) == NULL) |
|
278 goto no_mem; |
|
279 } |
|
280 else |
|
281 goto bad_uri; |
|
282 else if (strcmp(name, PK11_OBJECT) == 0) |
|
283 if (uri_struct->object == NULL) |
|
284 { |
|
285 if ((uri_struct->object = strdup(l2)) == NULL) |
|
286 goto no_mem; |
|
287 } |
|
288 else |
|
289 goto bad_uri; |
|
290 else if (strcmp(name, PK11_OBJECTTYPE) == 0) |
|
291 if (uri_struct->objecttype == NULL) |
|
292 { |
|
293 uri_struct->objecttype = strdup(l2); |
|
294 if (uri_struct->objecttype == NULL) |
|
295 goto no_mem; |
|
296 } |
|
297 else |
|
298 goto bad_uri; |
|
299 else if (strcmp(name, PK11_ASKPASS) == 0) |
|
300 if (uri_struct->askpass == NULL) |
|
301 { |
|
302 if ((uri_struct->askpass = strdup(l2)) == NULL) |
|
303 goto no_mem; |
|
304 } |
|
305 else |
|
306 goto bad_uri; |
|
307 else |
|
308 goto bad_uri; |
|
309 } |
|
310 |
|
311 /* The "object" token is mandatory in the PKCS#11 URI. */ |
|
312 if (uri_struct->object == NULL) |
|
313 { |
|
314 PK11err(PK11_F_LOAD_PRIVKEY, PK11_R_MISSING_OBJECT_LABEL); |
|
315 goto err; |
|
316 } |
|
317 |
|
318 free(uristr2); |
|
319 return (1); |
|
320 bad_uri: |
|
321 PK11err(PK11_F_LOAD_PRIVKEY, PK11_R_INVALID_PKCS11_URI); |
|
322 if (uristr2 != NULL) |
|
323 free(uristr2); |
|
324 return (0); |
|
325 no_mem: |
|
326 PK11err(PK11_F_LOAD_PRIVKEY, PK11_R_MALLOC_FAILURE); |
|
327 err: |
|
328 pk11_free_pkcs11_uri(uri_struct, CK_FALSE); |
|
329 if (uristr2 != NULL) |
|
330 free(uristr2); |
|
331 return (0); |
|
332 } |
|
333 |
|
334 /* |
|
335 * Free the PKCS11 URI structure and anything that might be inside. |
|
336 */ |
|
337 void |
|
338 pk11_free_pkcs11_uri(pkcs11_uri *uri_struct, CK_BBOOL free_uri_itself) |
|
339 { |
|
340 if (uri_struct->token != NULL) |
|
341 free(uri_struct->token); |
|
342 if (uri_struct->manuf != NULL) |
|
343 free(uri_struct->manuf); |
|
344 if (uri_struct->serial != NULL) |
|
345 free(uri_struct->serial); |
|
346 if (uri_struct->model != NULL) |
|
347 free(uri_struct->model); |
|
348 if (uri_struct->object != NULL) |
|
349 free(uri_struct->object); |
|
350 if (uri_struct->objecttype != NULL) |
|
351 free(uri_struct->objecttype); |
|
352 if (uri_struct->askpass != NULL) |
|
353 free(uri_struct->askpass); |
|
354 |
|
355 if (free_uri_itself == CK_TRUE) |
|
356 OPENSSL_free(uri_struct); |
|
357 } |
|
358 |
|
359 /* |
|
360 * While our keystore is always the one used by the pubkey slot (which is |
|
361 * usually the Metaslot) we must make sure that those URI attributes that |
|
362 * specify the keystore match the real attributes of our slot keystore. Note |
|
363 * that one can use the METASLOT_OBJECTSTORE_TOKEN environment variable to |
|
364 * change the Metaslot's keystore from the softtoken to something else (see |
|
365 * libpkcs11(3LIB)). The user might want to use such attributes in the PKCS#11 |
|
366 * URI to make sure that the intended keystore is used. |
|
367 * |
|
368 * Returns: |
|
369 * 1 on success |
|
370 * 0 on failure |
|
371 */ |
|
372 int |
|
373 pk11_check_token_attrs(pkcs11_uri *uri_struct) |
|
374 { |
|
375 CK_RV rv; |
|
376 static CK_TOKEN_INFO_PTR token_info = NULL; |
|
377 |
|
378 (void) pthread_mutex_lock(uri_lock); |
|
379 if (token_info == NULL) |
|
380 { |
|
381 token_info = OPENSSL_malloc(sizeof (CK_TOKEN_INFO)); |
|
382 if (token_info == NULL) |
|
383 { |
|
384 PK11err(PK11_F_CHECK_TOKEN_ATTRS, |
|
385 PK11_R_MALLOC_FAILURE); |
|
386 goto err; |
|
387 } |
|
388 |
|
389 rv = pFuncList->C_GetTokenInfo(pubkey_SLOTID, token_info); |
|
390 if (rv != CKR_OK) |
|
391 { |
|
392 PK11err_add_data(PK11_F_CHECK_TOKEN_ATTRS, |
|
393 PK11_R_GETTOKENINFO, rv); |
|
394 goto err; |
|
395 } |
|
396 } |
|
397 |
|
398 if (uri_struct->token != NULL) |
|
399 if (strncmp(uri_struct->token, (char *)token_info->label, |
|
400 strlen(uri_struct->token) > 32 ? 32 : |
|
401 strlen(uri_struct->token)) != 0) |
|
402 { |
|
403 goto urierr; |
|
404 } |
|
405 |
|
406 if (uri_struct->manuf != NULL) |
|
407 if (strncmp(uri_struct->manuf, |
|
408 (char *)token_info->manufacturerID, |
|
409 strlen(uri_struct->manuf) > 32 ? 32 : |
|
410 strlen(uri_struct->manuf)) != 0) |
|
411 goto urierr; |
|
412 |
|
413 if (uri_struct->model != NULL) |
|
414 if (strncmp(uri_struct->model, (char *)token_info->model, |
|
415 strlen(uri_struct->model) > 16 ? 16 : |
|
416 strlen(uri_struct->model)) != 0) |
|
417 goto urierr; |
|
418 |
|
419 if (uri_struct->serial != NULL) |
|
420 if (strncmp(uri_struct->serial, |
|
421 (char *)token_info->serialNumber, |
|
422 strlen(uri_struct->serial) > 16 ? 16 : |
|
423 strlen(uri_struct->serial)) != 0) |
|
424 goto urierr; |
|
425 |
|
426 (void) pthread_mutex_unlock(uri_lock); |
|
427 return (1); |
|
428 |
|
429 urierr: |
|
430 PK11err(PK11_F_CHECK_TOKEN_ATTRS, PK11_R_TOKEN_ATTRS_DO_NOT_MATCH); |
|
431 /* Correct error already set above for the "err" label. */ |
|
432 err: |
|
433 (void) pthread_mutex_unlock(uri_lock); |
|
434 return (0); |
|
435 } |
|
436 |
|
437 /* |
|
438 * Return the process PIN caching policy. We initialize it just once so if the |
|
439 * process change OPENSSL_PKCS11_PIN_CACHING_POLICY during the operation it will |
|
440 * not have any affect on the policy. |
|
441 * |
|
442 * We assume that the "uri_lock" mutex is already locked. |
|
443 * |
|
444 * Returns the caching policy number. |
|
445 */ |
|
446 int |
|
447 pk11_get_pin_caching_policy(void) |
|
448 { |
|
449 char *value = NULL; |
|
450 static int policy = POLICY_NOT_INITIALIZED; |
|
451 |
|
452 if (policy != POLICY_NOT_INITIALIZED) |
|
453 return (policy); |
|
454 |
|
455 value = getenv("OPENSSL_PKCS11_PIN_CACHING_POLICY"); |
|
456 |
|
457 if (value == NULL || strcmp(value, "none") == 0) |
|
458 { |
|
459 policy = POLICY_NONE; |
|
460 goto done; |
|
461 } |
|
462 |
|
463 if (strcmp(value, "memory") == 0) |
|
464 { |
|
465 policy = POLICY_MEMORY; |
|
466 goto done; |
|
467 } |
|
468 |
|
469 if (strcmp(value, "mlocked-memory") == 0) |
|
470 { |
|
471 policy = POLICY_MLOCKED_MEMORY; |
|
472 goto done; |
|
473 } |
|
474 |
|
475 return (POLICY_WRONG_VALUE); |
|
476 done: |
|
477 return (policy); |
|
478 } |
|
479 |
|
480 /* |
|
481 * Cache the PIN in memory once. We already know that we have either "memory" or |
|
482 * "mlocked-memory" keyword correctly set. |
|
483 * |
|
484 * Returns: |
|
485 * 1 on success |
|
486 * 0 on failure |
|
487 */ |
|
488 int |
|
489 pk11_cache_pin(char *pin) |
|
490 { |
|
491 (void) pthread_mutex_lock(uri_lock); |
|
492 /* We set the PIN only once since all URIs must have it the same. */ |
|
493 if (token_pin != NULL) |
|
494 goto ok; |
|
495 |
|
496 if (pk11_get_pin_caching_policy() == POLICY_MEMORY) |
|
497 if ((token_pin = strdup(pin)) == NULL) |
|
498 { |
|
499 PK11err(PK11_F_CACHE_PIN, PK11_R_MALLOC_FAILURE); |
|
500 goto err; |
|
501 } |
|
502 else |
|
503 if (pk11_get_pin_caching_policy() == POLICY_MLOCKED_MEMORY) |
|
504 { |
|
505 if (mlock_pin_in_memory(pin) == 0) |
|
506 goto err; |
|
507 } |
|
508 |
|
509 ok: |
|
510 (void) pthread_mutex_unlock(uri_lock); |
|
511 return (1); |
|
512 err: |
|
513 (void) pthread_mutex_unlock(uri_lock); |
|
514 return (0); |
|
515 } |
|
516 |
|
517 /* |
|
518 * Cache the PIN in mlock(3C)ed memory. If mlock(3C) fails we will not resort to |
|
519 * the normal memory caching. |
|
520 * |
|
521 * Note that this function must be called under the protection of the "uri_lock" |
|
522 * mutex. |
|
523 * |
|
524 * Returns: |
|
525 * 1 on success |
|
526 * 0 on failure |
|
527 */ |
|
528 static int |
|
529 mlock_pin_in_memory(char *pin) |
|
530 { |
|
531 void *addr = NULL; |
|
532 long pagesize = 0; |
|
533 |
|
534 /* mlock(3C) locks pages so we need one whole page for the PIN. */ |
|
535 if ((pagesize = sysconf(_SC_PAGESIZE)) == -1) |
|
536 { |
|
537 PK11err(PK11_F_MLOCK_PIN_IN_MEMORY, PK11_R_SYSCONF_FAILED); |
|
538 goto err; |
|
539 } |
|
540 |
|
541 /* This will ensure we have a page aligned pointer... */ |
|
542 if ((addr = mmap(0, pagesize, PROT_READ | PROT_WRITE, |
|
543 MAP_PRIVATE | MAP_ANON, -1, 0)) == MAP_FAILED) |
|
544 { |
|
545 PK11err(PK11_F_MLOCK_PIN_IN_MEMORY, PK11_R_MMAP_FAILED); |
|
546 goto err; |
|
547 } |
|
548 |
|
549 /* ...because "addr" must be page aligned here. */ |
|
550 if (mlock(addr, pagesize) == -1) |
|
551 { |
|
552 /* |
|
553 * Missing the PRIV_PROC_LOCK_MEMORY privilege might be a common |
|
554 * problem so distinguish this situation from other issues. |
|
555 */ |
|
556 if (errno == EPERM) |
|
557 PK11err(PK11_F_MLOCK_PIN_IN_MEMORY, |
|
558 PK11_R_PRIV_PROC_LOCK_MEMORY_MISSING); |
|
559 else |
|
560 PK11err(PK11_F_MLOCK_PIN_IN_MEMORY, |
|
561 PK11_R_MLOCK_FAILED); |
|
562 |
|
563 /* |
|
564 * We already have a problem here so there is no need to check |
|
565 * that we could unmap the page. The PIN is not there yet |
|
566 * anyway. |
|
567 */ |
|
568 (void) munmap(addr, pagesize); |
|
569 goto err; |
|
570 } |
|
571 |
|
572 /* Copy the PIN to the mlocked memory. */ |
|
573 token_pin = (char *)addr; |
|
574 strlcpy(token_pin, pin, PK11_MAX_PIN_LEN + 1); |
|
575 return (1); |
|
576 err: |
|
577 return (0); |
|
578 } |
|
579 |
|
580 /* |
|
581 * Log in to the keystore if we are supposed to do that at all. Take care of |
|
582 * reading and caching the PIN etc. Log in only once even when called from |
|
583 * multiple threads. |
|
584 * |
|
585 * Returns: |
|
586 * 1 on success |
|
587 * 0 on failure |
|
588 */ |
|
589 int |
|
590 pk11_token_login(CK_SESSION_HANDLE session, CK_BBOOL *login_done, |
|
591 pkcs11_uri *uri_struct, CK_BBOOL is_private) |
|
592 { |
|
593 CK_RV rv; |
|
594 |
|
595 if ((pubkey_token_flags & CKF_TOKEN_INITIALIZED) == 0) |
|
596 { |
|
597 PK11err(PK11_F_TOKEN_LOGIN, |
|
598 PK11_R_TOKEN_NOT_INITIALIZED); |
|
599 goto err; |
|
600 } |
|
601 |
|
602 /* |
|
603 * If login is required or needed but the PIN has not been even |
|
604 * initialized we can bail out right now. Note that we are supposed to |
|
605 * always log in if we are going to access private keys. However, we may |
|
606 * need to log in even for accessing public keys in case that the |
|
607 * CKF_LOGIN_REQUIRED flag is set. |
|
608 */ |
|
609 if ((pubkey_token_flags & CKF_LOGIN_REQUIRED || |
|
610 is_private == CK_TRUE) && ~pubkey_token_flags & |
|
611 CKF_USER_PIN_INITIALIZED) |
|
612 { |
|
613 PK11err(PK11_F_TOKEN_LOGIN, PK11_R_TOKEN_PIN_NOT_SET); |
|
614 goto err; |
|
615 } |
|
616 |
|
617 /* |
|
618 * Note on locking: it is possible that more than one thread gets into |
|
619 * pk11_get_pin() so we must deal with that. We cannot avoid it since we |
|
620 * cannot guard fork() in there with a lock because we could end up in |
|
621 * a dead lock in the child. Why? Remember we are in a multithreaded |
|
622 * environment so we must lock all mutexes in the prefork function to |
|
623 * avoid a situation in which a thread that did not call fork() held a |
|
624 * lock, making future unlocking impossible. We lock right before |
|
625 * C_Login(). |
|
626 */ |
|
627 if (pubkey_token_flags & CKF_LOGIN_REQUIRED || is_private == CK_TRUE) |
|
628 { |
|
629 if (*login_done == CK_FALSE && |
|
630 uri_struct->askpass == NULL) |
|
631 { |
|
632 PK11err(PK11_F_TOKEN_LOGIN, |
|
633 PK11_R_TOKEN_PIN_NOT_PROVIDED); |
|
634 goto err; |
|
635 } |
|
636 |
|
637 if (*login_done == CK_FALSE && |
|
638 uri_struct->askpass != NULL) |
|
639 { |
|
640 if (pk11_get_pin(uri_struct->askpass, |
|
641 &uri_struct->pin) == 0) |
|
642 { |
|
643 PK11err(PK11_F_TOKEN_LOGIN, |
|
644 PK11_R_TOKEN_PIN_NOT_PROVIDED); |
|
645 goto err; |
|
646 } |
|
647 } |
|
648 |
|
649 /* |
|
650 * Note that what we are logging into is the keystore from |
|
651 * pubkey_SLOTID because we work with OP_RSA session type here. |
|
652 * That also means that we can work with only one keystore in |
|
653 * the engine. |
|
654 * |
|
655 * We must make sure we do not try to login more than once. |
|
656 * Also, see the comment above on locking strategy. |
|
657 */ |
|
658 (void) pthread_mutex_lock(uri_lock); |
|
659 if (*login_done == CK_FALSE) |
|
660 { |
|
661 if ((rv = pFuncList->C_Login(session, |
|
662 CKU_USER, (CK_UTF8CHAR*)uri_struct->pin, |
|
663 strlen(uri_struct->pin))) != CKR_OK) |
|
664 { |
|
665 PK11err_add_data(PK11_F_TOKEN_LOGIN, |
|
666 PK11_R_TOKEN_LOGIN_FAILED, rv); |
|
667 goto err_locked; |
|
668 } |
|
669 |
|
670 *login_done = CK_TRUE; |
|
671 |
|
672 /* |
|
673 * Cache the passphrasedialog for possible child (which |
|
674 * would need to relogin). |
|
675 */ |
|
676 if (passphrasedialog == NULL && |
|
677 uri_struct->askpass != NULL) |
|
678 { |
|
679 passphrasedialog = |
|
680 strdup(uri_struct->askpass); |
|
681 |
|
682 if (passphrasedialog == NULL) |
|
683 { |
|
684 PK11err_add_data(PK11_F_TOKEN_LOGIN, |
|
685 PK11_R_MALLOC_FAILURE, rv); |
|
686 goto err_locked; |
|
687 } |
|
688 } |
|
689 |
|
690 /* |
|
691 * Check the PIN caching policy. Note that user might |
|
692 * have provided a PIN even when no PIN was required - |
|
693 * in that case we always remove the PIN from memory. |
|
694 */ |
|
695 if (pk11_get_pin_caching_policy() == |
|
696 POLICY_WRONG_VALUE) |
|
697 { |
|
698 PK11err(PK11_F_TOKEN_LOGIN, |
|
699 PK11_R_PIN_CACHING_POLICY_INVALID); |
|
700 goto err_locked; |
|
701 } |
|
702 |
|
703 if (pk11_get_pin_caching_policy() != POLICY_NONE) |
|
704 if (pk11_cache_pin(uri_struct->pin) == 0) |
|
705 goto err_locked; |
|
706 } |
|
707 (void) pthread_mutex_unlock(uri_lock); |
|
708 } |
|
709 else |
|
710 { |
|
711 /* |
|
712 * If token does not require login we take it as the |
|
713 * login was done. |
|
714 */ |
|
715 *login_done = CK_TRUE; |
|
716 } |
|
717 |
|
718 /* |
|
719 * If we raced at pk11_get_pin() we must make sure that all threads that |
|
720 * called pk11_get_pin() will erase the PIN from memory, not just the |
|
721 * one that called C_Login(). Note that if we were supposed to cache the |
|
722 * PIN it was already cached by now so filling "uri_struct.pin" with |
|
723 * zero bytes is always OK since pk11_cache_pin() makes a copy of it. |
|
724 */ |
|
725 if (uri_struct->pin != NULL) |
|
726 memset(uri_struct->pin, 0, strlen(uri_struct->pin)); |
|
727 |
|
728 return (1); |
|
729 |
|
730 err_locked: |
|
731 (void) pthread_mutex_unlock(uri_lock); |
|
732 err: |
|
733 /* Always get rid of the PIN. */ |
|
734 if (uri_struct->pin != NULL) |
|
735 memset(uri_struct->pin, 0, strlen(uri_struct->pin)); |
|
736 return (0); |
|
737 } |
|
738 |
|
739 /* |
|
740 * Log in to the keystore in the child if we were logged in in the parent. There |
|
741 * are similarities in the code with pk11_token_login() but still it is quite |
|
742 * different so we need a separate function for this. |
|
743 * |
|
744 * Note that this function is called under the locked session mutex when fork is |
|
745 * detected. That means that C_Login() will be called from the child just once. |
|
746 * |
|
747 * Returns: |
|
748 * 1 on success |
|
749 * 0 on failure |
|
750 */ |
|
751 int |
|
752 pk11_token_relogin(CK_SESSION_HANDLE session) |
|
753 { |
|
754 CK_RV rv; |
|
755 |
|
756 /* |
|
757 * We are in the child so check if we should login to the token again. |
|
758 * Note that it is enough to log in to the token through one session |
|
759 * only, all already open and all future sessions can access the token |
|
760 * then. |
|
761 */ |
|
762 if (passphrasedialog != NULL) |
|
763 { |
|
764 char *pin = NULL; |
|
765 |
|
766 /* If we cached the PIN then use it. */ |
|
767 if (token_pin != NULL) |
|
768 pin = token_pin; |
|
769 else if (pk11_get_pin(passphrasedialog, &pin) == 0) |
|
770 goto err; |
|
771 |
|
772 (void) pthread_mutex_lock(uri_lock); |
|
773 if ((rv = pFuncList->C_Login(session, CKU_USER, |
|
774 (CK_UTF8CHAR_PTR)pin, strlen(pin))) != CKR_OK) |
|
775 { |
|
776 PK11err_add_data(PK11_F_TOKEN_RELOGIN, |
|
777 PK11_R_TOKEN_LOGIN_FAILED, rv); |
|
778 (void) pthread_mutex_unlock(uri_lock); |
|
779 goto err; |
|
780 } |
|
781 (void) pthread_mutex_unlock(uri_lock); |
|
782 |
|
783 /* Forget the PIN now if we did not cache it before. */ |
|
784 if (pin != token_pin) |
|
785 { |
|
786 memset(pin, 0, strlen(pin)); |
|
787 OPENSSL_free(pin); |
|
788 } |
|
789 } |
|
790 |
|
791 return (1); |
|
792 err: |
|
793 return (0); |
|
794 } |
|
795 |
|
796 /* |
|
797 * This function forks and runs an external command. It would be nice if we |
|
798 * could use popen(3C)/pclose(3C) for that but unfortunately we need to be able |
|
799 * to get rid of the PIN from the memory. With p(open|close) function calls we |
|
800 * cannot control the stdio's memory used for buffering and our tests showed |
|
801 * that the PIN really stays there even after pclose(). |
|
802 * |
|
803 * Returns: |
|
804 * allocated buffer on success |
|
805 * NULL on failure |
|
806 */ |
|
807 static char * |
|
808 run_askpass(char *dialog) |
|
809 { |
|
810 pid_t pid; |
|
811 int n, p[2]; |
|
812 char *buf = NULL; |
|
813 |
|
814 if (pipe(p) == -1) |
|
815 { |
|
816 PK11err(PK11_F_RUN_ASKPASS, PK11_R_PIPE_FAILED); |
|
817 return (NULL); |
|
818 } |
|
819 |
|
820 switch (pid = fork()) |
|
821 { |
|
822 case -1: |
|
823 PK11err(PK11_F_RUN_ASKPASS, PK11_R_FORK_FAILED); |
|
824 return (NULL); |
|
825 /* child */ |
|
826 case 0: |
|
827 /* |
|
828 * This should make sure that dup2() will not fail on |
|
829 * file descriptor shortage. |
|
830 */ |
|
831 close(p[0]); |
|
832 (void) dup2(p[1], 1); |
|
833 close(p[1]); |
|
834 /* |
|
835 * Note that we cannot use PK11err() here since we are |
|
836 * in the child. However, parent will get read() error |
|
837 * so do not worry. |
|
838 */ |
|
839 (void) execl(dialog, basename(dialog), NULL); |
|
840 exit(1); |
|
841 /* parent */ |
|
842 default: |
|
843 /* +1 is for the terminating '\0' */ |
|
844 buf = (char *)OPENSSL_malloc(PK11_MAX_PIN_LEN + 1); |
|
845 if (buf == NULL) |
|
846 { |
|
847 PK11err(PK11_F_RUN_ASKPASS, |
|
848 PK11_R_MALLOC_FAILURE); |
|
849 return (NULL); |
|
850 } |
|
851 |
|
852 close(p[1]); |
|
853 n = read(p[0], buf, PK11_MAX_PIN_LEN); |
|
854 if (n == -1 || n == 0) |
|
855 { |
|
856 PK11err(PK11_F_RUN_ASKPASS, |
|
857 PK11_R_PIN_NOT_READ_FROM_COMMAND); |
|
858 OPENSSL_free(buf); |
|
859 return (NULL); |
|
860 } |
|
861 buf[n] = '\0'; |
|
862 |
|
863 (void) waitpid(pid, NULL, 0); |
|
864 } |
|
865 |
|
866 return (buf); |
|
867 } |
|
868 |
|
869 #endif /* OPENSSL_NO_HW_PK11 */ |
|
870 #endif /* OPENSSL_NO_HW */ |