/*

 * COPYRIGHT (c) International Business Machines Corp. 2001-2017

 *

 * This program is provided under the terms of the Common Public License,

 * version 1.0 (CPL-1.0). Any use, reproduction or distribution for this

 * software constitutes recipient's acceptance of CPL-1.0 terms which can be

 * found in the file LICENSE file or at

 * https://opensource.org/licenses/cpl1.0.php

 */

// File:  dp_obj.c

//

// Domain Parameter Object functions

#include <pthread.h>

#include <stdlib.h>

#include <string.h>             // for memcmp() et al

#include "pkcs11types.h"

#include "defs.h"

#include "host_defs.h"

#include "h_extern.h"

#include "trace.h"

#include "tok_spec_struct.h"

// dp_object_check_required_attributes()

//

// Check required common attributes for domain parameter objects

//

CK_RV dp_object_check_required_attributes(TEMPLATE *tmpl, CK_ULONG mode)

{

    CK_ATTRIBUTE *attr = NULL;

    CK_BBOOL found;

    found = template_attribute_find(tmpl, CKA_KEY_TYPE, &attr);

    if (!found) {

        if (mode == MODE_CREATE) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

    }

    return template_check_required_base_attributes(tmpl, mode);

}

CK_RV dp_dsa_check_required_attributes(TEMPLATE *tmpl, CK_ULONG mode)

{

    CK_ATTRIBUTE *attr = NULL;

    CK_BBOOL found;

    if (mode == MODE_CREATE) {

        found = template_attribute_find(tmpl, CKA_PRIME, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

        found = template_attribute_find(tmpl, CKA_SUBPRIME, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

        found = template_attribute_find(tmpl, CKA_BASE, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

    } else if (mode == MODE_KEYGEN) {

        found = template_attribute_find(tmpl, CKA_PRIME_BITS, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

    }

    return dp_object_check_required_attributes(tmpl, mode);

}

CK_RV dp_dh_check_required_attributes(TEMPLATE *tmpl, CK_ULONG mode)

{

    CK_ATTRIBUTE *attr = NULL;

    CK_BBOOL found;

    if (mode == MODE_CREATE) {

        found = template_attribute_find(tmpl, CKA_PRIME, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

        found = template_attribute_find(tmpl, CKA_BASE, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

    } else if (mode == MODE_KEYGEN) {

        found = template_attribute_find(tmpl, CKA_PRIME_BITS, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

    }

    return dp_object_check_required_attributes(tmpl, mode);

}

CK_RV dp_x9dh_check_required_attributes(TEMPLATE *tmpl, CK_ULONG mode)

{

    CK_ATTRIBUTE *attr = NULL;

    CK_BBOOL found;

    if (mode == MODE_CREATE) {

        found = template_attribute_find(tmpl, CKA_PRIME, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

        found = template_attribute_find(tmpl, CKA_SUBPRIME, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

        found = template_attribute_find(tmpl, CKA_BASE, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

    } else if (mode == MODE_KEYGEN) {

        found = template_attribute_find(tmpl, CKA_PRIME_BITS, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

        found = template_attribute_find(tmpl, CKA_SUBPRIME_BITS, &attr);

        if (!found) {

            TRACE_ERROR("%s\n", ock_err(ERR_TEMPLATE_INCOMPLETE));

            return CKR_TEMPLATE_INCOMPLETE;

        }

    }

    return dp_object_check_required_attributes(tmpl, mode);

}

// dp_object_set_default_attributes()

//

CK_RV dp_object_set_default_attributes(TEMPLATE *tmpl, CK_ULONG mode)

{

    CK_ATTRIBUTE *local_attr = NULL;

    UNUSED(mode);

    local_attr =

        (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE) + sizeof(CK_BBOOL));

    if (!local_attr) {

        TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));

        return CKR_HOST_MEMORY;

    }

    local_attr->type = CKA_LOCAL;

    local_attr->ulValueLen = sizeof(CK_BBOOL);

    local_attr->pValue = (CK_BYTE *) local_attr + sizeof(CK_ATTRIBUTE);

    *(CK_BBOOL *) local_attr->pValue = FALSE;

    template_update_attribute(tmpl, local_attr);

    return CKR_OK;

}

// dp_object_validate_attribute()

//

CK_RV dp_object_validate_attribute(TEMPLATE *tmpl, CK_ATTRIBUTE *attr,

                                   CK_ULONG mode)

{

    switch (attr->type) {

    case CKA_KEY_TYPE:

        if (mode == MODE_CREATE)

            return CKR_OK;

        TRACE_ERROR("%s\n", ock_err(ERR_ATTRIBUTE_READ_ONLY));

        return CKR_ATTRIBUTE_READ_ONLY;

    case CKA_LOCAL:

        if (mode == MODE_CREATE || mode == MODE_KEYGEN) {

            TRACE_ERROR("%s: %lx\n", ock_err(ERR_ATTRIBUTE_TYPE_INVALID),

                        attr->type);

            return CKR_ATTRIBUTE_TYPE_INVALID;

        }

        return CKR_OK;

    default:

        return template_validate_base_attribute(tmpl, attr, mode);

    }

}

//

//

CK_RV dp_dsa_validate_attribute(TEMPLATE *tmpl, CK_ATTRIBUTE *attr,

                                CK_ULONG mode)

{

    switch (attr->type) {

    case CKA_PRIME:

        if (mode == MODE_KEYGEN) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    case CKA_PRIME_BITS:

        if (mode == MODE_CREATE) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    case CKA_BASE:

        if (mode == MODE_KEYGEN) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    case CKA_SUBPRIME:

        if (mode == MODE_KEYGEN) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    default:

        return dp_object_validate_attribute(tmpl, attr, mode);

    }

}

//

//

CK_RV dp_dh_validate_attribute(TEMPLATE *tmpl, CK_ATTRIBUTE *attr,

                               CK_ULONG mode)

{

    switch (attr->type) {

    case CKA_PRIME:

        if (mode == MODE_KEYGEN) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    case CKA_PRIME_BITS:

        if (mode == MODE_CREATE) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    case CKA_BASE:

        if (mode == MODE_KEYGEN) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    default:

        return dp_object_validate_attribute(tmpl, attr, mode);

    }

}

//

//

CK_RV dp_x9dh_validate_attribute(TEMPLATE *tmpl, CK_ATTRIBUTE *attr,

                                 CK_ULONG mode)

{

    switch (attr->type) {

    case CKA_PRIME:

        if (mode == MODE_KEYGEN) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    case CKA_PRIME_BITS:

        if (mode == MODE_CREATE) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    case CKA_BASE:

        if (mode == MODE_KEYGEN) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    case CKA_SUBPRIME:

        if (mode == MODE_KEYGEN) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    case CKA_SUBPRIME_BITS:

        if (mode == MODE_CREATE) {

            TRACE_ERROR("%s\n", ock_err(ERR_DOMAIN_PARAMS_INVALID));

            return CKR_DOMAIN_PARAMS_INVALID;

        }

        return CKR_OK;

    default:

        return dp_object_validate_attribute(tmpl, attr, mode);

    }

}

CK_RV dp_dsa_set_default_attributes(TEMPLATE *tmpl, CK_ULONG mode)

{

    CK_RV rc;

    CK_ATTRIBUTE *prime_attr;

    CK_ATTRIBUTE *subprime_attr;

    CK_ATTRIBUTE *base_attr;

    CK_ATTRIBUTE *primebits_attr;

    CK_ATTRIBUTE *type_attr;

    rc = dp_object_set_default_attributes(tmpl, mode);

    if (rc != CKR_OK)

        return rc;

    prime_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    subprime_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    base_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    primebits_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    type_attr =

        (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE) + sizeof(CK_KEY_TYPE));

    if (!prime_attr || !subprime_attr || !base_attr || !primebits_attr

        || !type_attr) {

        if (prime_attr)

            free(prime_attr);

        if (subprime_attr)

            free(subprime_attr);

        if (base_attr)

            free(base_attr);

        if (primebits_attr)

            free(primebits_attr);

        if (type_attr)

            free(type_attr);

        TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));

        return CKR_HOST_MEMORY;

    }

    prime_attr->type = CKA_PRIME;

    prime_attr->ulValueLen = 0;

    prime_attr->pValue = NULL;

    subprime_attr->type = CKA_SUBPRIME;

    subprime_attr->ulValueLen = 0;

    subprime_attr->pValue = NULL;

    base_attr->type = CKA_BASE;

    base_attr->ulValueLen = 0;

    base_attr->pValue = NULL;

    primebits_attr->type = CKA_PRIME_BITS;

    primebits_attr->ulValueLen = 0;

    primebits_attr->pValue = NULL;

#if 0

    primebits_attr->ulValueLen = sizeof(CK_ULONG);

    primebits_attr->pValue = (CK_ULONG *) primebits_attr + sizeof(CK_ATTRIBUTE);

    *(CK_ULONG *) primebits_attr->pValue = 0;

#endif

    type_attr->type = CKA_KEY_TYPE;

    type_attr->ulValueLen = sizeof(CK_KEY_TYPE);

    type_attr->pValue = (CK_BYTE *) type_attr + sizeof(CK_ATTRIBUTE);

    *(CK_KEY_TYPE *) type_attr->pValue = CKK_DSA;

    template_update_attribute(tmpl, prime_attr);

    template_update_attribute(tmpl, subprime_attr);

    template_update_attribute(tmpl, base_attr);

    template_update_attribute(tmpl, primebits_attr);

    template_update_attribute(tmpl, type_attr);

    return CKR_OK;

}

CK_RV dp_dh_set_default_attributes(TEMPLATE *tmpl, CK_ULONG mode)

{

    CK_RV rc;

    CK_ATTRIBUTE *prime_attr;

    CK_ATTRIBUTE *base_attr;

    CK_ATTRIBUTE *primebits_attr;

    CK_ATTRIBUTE *type_attr;

    rc = dp_object_set_default_attributes(tmpl, mode);

    if (rc != CKR_OK)

        return rc;

    prime_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    base_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    primebits_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    type_attr =

        (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE) + sizeof(CK_KEY_TYPE));

    if (!prime_attr || !base_attr || !primebits_attr || !type_attr) {

        if (prime_attr)

            free(prime_attr);

        if (base_attr)

            free(base_attr);

        if (primebits_attr)

            free(primebits_attr);

        if (type_attr)

            free(type_attr);

        TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));

        return CKR_HOST_MEMORY;

    }

    prime_attr->type = CKA_PRIME;

    prime_attr->ulValueLen = 0;

    prime_attr->pValue = NULL;

    base_attr->type = CKA_BASE;

    base_attr->ulValueLen = 0;

    base_attr->pValue = NULL;

    primebits_attr->type = CKA_PRIME_BITS;

    primebits_attr->ulValueLen = 0;

    primebits_attr->pValue = NULL;

    type_attr->type = CKA_KEY_TYPE;

    type_attr->ulValueLen = sizeof(CK_KEY_TYPE);

    type_attr->pValue = (CK_BYTE *) type_attr + sizeof(CK_ATTRIBUTE);

    *(CK_KEY_TYPE *) type_attr->pValue = CKK_DH;

    template_update_attribute(tmpl, prime_attr);

    template_update_attribute(tmpl, base_attr);

    template_update_attribute(tmpl, primebits_attr);

    template_update_attribute(tmpl, type_attr);

    return CKR_OK;

}

CK_RV dp_x9dh_set_default_attributes(TEMPLATE *tmpl, CK_ULONG mode)

{

    CK_RV rc;

    CK_ATTRIBUTE *prime_attr;

    CK_ATTRIBUTE *subprime_attr;

    CK_ATTRIBUTE *base_attr;

    CK_ATTRIBUTE *primebits_attr;

    CK_ATTRIBUTE *subprimebits_attr;

    CK_ATTRIBUTE *type_attr;

    rc = dp_object_set_default_attributes(tmpl, mode);

    if (rc != CKR_OK)

        return rc;

    prime_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    subprime_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    base_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    primebits_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    subprimebits_attr = (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE));

    type_attr =

        (CK_ATTRIBUTE *) malloc(sizeof(CK_ATTRIBUTE) + sizeof(CK_KEY_TYPE));

    if (!prime_attr || !subprime_attr || !base_attr ||

        !primebits_attr || !subprimebits_attr || !type_attr) {

        if (prime_attr)

            free(prime_attr);

        if (subprime_attr)

            free(subprime_attr);

        if (base_attr)

            free(base_attr);

        if (primebits_attr)

            free(primebits_attr);

        if (subprimebits_attr)

            free(subprimebits_attr);

        if (type_attr)

            free(type_attr);

        TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));

        return CKR_HOST_MEMORY;

    }

    prime_attr->type = CKA_PRIME;

    prime_attr->ulValueLen = 0;

    prime_attr->pValue = NULL;

    subprime_attr->type = CKA_SUBPRIME;

    subprime_attr->ulValueLen = 0;

    subprime_attr->pValue = NULL;

    base_attr->type = CKA_BASE;

    base_attr->ulValueLen = 0;

    base_attr->pValue = NULL;

    primebits_attr->type = CKA_PRIME_BITS;

    primebits_attr->ulValueLen = 0;

    primebits_attr->pValue = NULL;

    subprimebits_attr->type = CKA_SUBPRIME_BITS;

    subprimebits_attr->ulValueLen = 0;

    subprimebits_attr->pValue = NULL;

    type_attr->type = CKA_KEY_TYPE;

    type_attr->ulValueLen = sizeof(CK_KEY_TYPE);

    type_attr->pValue = (CK_BYTE *) type_attr + sizeof(CK_ATTRIBUTE);

    *(CK_KEY_TYPE *) type_attr->pValue = CKK_DSA;

    template_update_attribute(tmpl, prime_attr);

    template_update_attribute(tmpl, subprime_attr);

    template_update_attribute(tmpl, base_attr);

    template_update_attribute(tmpl, primebits_attr);

    template_update_attribute(tmpl, subprimebits_attr);

    template_update_attribute(tmpl, type_attr);

    return CKR_OK;

}