/*

 * COPYRIGHT (c) International Business Machines Corp. 2001-2017

 *

 * This program is provided under the terms of the Common Public License,

 * version 1.0 (CPL-1.0). Any use, reproduction or distribution for this

 * software constitutes recipient's acceptance of CPL-1.0 terms which can be

 * found in the file LICENSE file or at

 * https://opensource.org/licenses/cpl1.0.php

 */

// loadsave.c

//

// routines associated with loading/saving files

//

//

#define _GNU_SOURCE

#include <pthread.h>

#include <stdio.h>

#include <stdlib.h>

#include <string.h>

#include <strings.h>

#include <unistd.h>

#include <alloca.h>

#include <sys/types.h>

#include <sys/stat.h>

#include <sys/ipc.h>

#include <sys/file.h>

#include <errno.h>

#include <syslog.h>

#include <pwd.h>

#include <grp.h>

#include <openssl/evp.h>

#include <endian.h>

#include "pkcs11types.h"

#include "defs.h"

#include "host_defs.h"

#include "h_extern.h"

#include "tok_spec_struct.h"

#include "pkcs32.h"

#include "sw_crypt.h"

#include "trace.h"

#include "ock_syslog.h"

#include "slotmgr.h" // for ock_snprintf

extern void set_perm(int);

CK_RV restore_private_token_object_old(STDLL_TokData_t *tokdata, CK_BYTE *data,

                                       CK_ULONG len, OBJECT *pObj);

CK_RV reload_token_object_old(STDLL_TokData_t *tokdata, OBJECT *obj);

CK_RV save_public_token_object_old(STDLL_TokData_t *tokdata, OBJECT *obj);

CK_RV load_public_token_objects_old(STDLL_TokData_t *tokdata);

static int get_token_object_path(char *buf, size_t buflen,

                                 STDLL_TokData_t *tokdata, char *path)

{

    if (ock_snprintf(buf, buflen, "%s/" PK_LITE_OBJ_DIR "/%s",

                     tokdata->data_store, path) != 0) {

        TRACE_ERROR("buffer overflow for object path %s", path);

        return -1;

    }

    return 0;

}

static FILE *open_token_object_path(char *buf, size_t buflen,

                                    STDLL_TokData_t *tokdata, char *path,

                                    char *mode)

{

    if (get_token_object_path(buf, buflen, tokdata, path) < 0)

        return NULL;

    return fopen(buf, mode);

}

static int get_token_data_store_path(char *buf, size_t buflen,

                                     STDLL_TokData_t *tokdata, char *path)

{

    if (ock_snprintf(buf, buflen, "%s/%s", tokdata->data_store, path)) {

        TRACE_ERROR("buffer overflow for path %s", path);

        return -1;

    }

    return 0;

}

static FILE *open_token_data_store_path(char *buf, size_t buflen,

                                        STDLL_TokData_t *tokdata, char *path,

                                        char *mode)

{

    if (get_token_data_store_path(buf, buflen, tokdata, path) < 0)

        return NULL;

    return fopen(buf, mode);

}

static FILE *open_token_object_index(char *buf, size_t buflen,

                                     STDLL_TokData_t *tokdata, char *mode)

{

    return open_token_object_path(buf, buflen, tokdata, PK_LITE_OBJ_IDX, mode);

}

static FILE *open_token_nvdat(char *buf, size_t buflen,

                              STDLL_TokData_t *tokdata, char *mode)

{

    if (ock_snprintf(buf, buflen, "%s/" PK_LITE_NV, tokdata->data_store)) {

        TRACE_ERROR("NVDAT.TOK file name buffer overflow\n");

        return NULL;

    }

    return fopen(buf, mode);

}

char *get_pk_dir(STDLL_TokData_t *tokdata, char *fname, size_t len)

{

    int snres;

    struct passwd *pw = NULL;

    if (token_specific.data_store.per_user && (pw = getpwuid(getuid())) != NULL)

        snres = ock_snprintf(fname, len, "%s/%s", tokdata->pk_dir, pw->pw_name);

    else

        snres = ock_snprintf(fname, len, "%s", tokdata->pk_dir);

    return snres != 0 ? NULL : fname;

}

void set_perm(int file)

{

    struct group *grp;

    if (token_specific.data_store.per_user) {

        /* In the TPM token, with per user data stores, we don't share

         * the token object amongst a group. In fact, we want to

         * restrict access to a single user */

        fchmod(file, S_IRUSR | S_IWUSR);

    } else {

        // Set absolute permissions or rw-rw----

        fchmod(file, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP);

        grp = getgrnam("pkcs11");       // Obtain the group id

        if (grp) {

            // set ownership to root, and pkcs11 group

            if (fchown(file, getuid(), grp->gr_gid) != 0) {

                goto error;

            }

        } else {

            goto error;

        }

    }

    return;

error:

    TRACE_DEVEL("Unable to set permissions on file.\n");

}

//

// Note: The token lock (XProcLock) must be held when calling this function.

// The object must hold the READ lock when this function is called.

//

CK_RV save_token_object(STDLL_TokData_t *tokdata, OBJECT *obj)

{

    FILE *fp = NULL;

    char line[256];

    char fname[PATH_MAX];

    CK_RV rc;

    // write token object

    if (object_is_private(obj) == TRUE)

        rc = save_private_token_object(tokdata, obj);

    else

        rc = save_public_token_object(tokdata, obj);

    if (rc != CKR_OK)

        return rc;

    // update the index file if it exists

    fp = open_token_object_index(fname, sizeof(fname), tokdata, "r");

    if (fp) {

        set_perm(fileno(fp));

        while (fgets(line, 50, fp)) {

            line[strlen(line) - 1] = 0;

            if (strcmp(line, (char *)obj->name) == 0) {

                fclose(fp);

                // object is already in the list

                return CKR_OK;

            }

        }

        fclose(fp);

    }

    // we didn't find it...either the index file doesn't exist or this

    // is a new object...

    //

    fp = fopen(fname, "a");

    if (!fp) {

        TRACE_ERROR("fopen(%s): %s\n", fname, strerror(errno));

        return CKR_FUNCTION_FAILED;

    }

    set_perm(fileno(fp));

    fprintf(fp, "%s\n", obj->name);

    fclose(fp);

    return CKR_OK;

}

//

// Note: The token lock (XProcLock) must be held when calling this function.

//

CK_RV delete_token_object(STDLL_TokData_t *tokdata, OBJECT *obj)

{

    FILE *fp1, *fp2;

    char objidx[PATH_MAX], idxtmp[PATH_MAX], fname[PATH_MAX], line[256];

    // FIXME:  on UNIX, we need to make sure these guys aren't symlinks

    //         before we blindly write to these files...

    //

    // remove the object from the index file

    //

    fp1 = open_token_object_index(objidx, sizeof(objidx), tokdata, "r");

    fp2 = open_token_object_path(idxtmp, sizeof(idxtmp),

                                 tokdata, "IDX.TMP", "w");

    if (!fp1 || !fp2) {

        if (fp1)

            fclose(fp1);

        if (fp2)

            fclose(fp2);

        TRACE_ERROR("fopen failed\n");

        return CKR_FUNCTION_FAILED;

    }

    set_perm(fileno(fp2));

    while (fgets(line, 50, fp1)) {

        line[strlen(line) - 1] = 0;

        if (strcmp(line, (char *)obj->name) == 0)

            continue;

        else

            fprintf(fp2, "%s\n", line);

    }

    fclose(fp1);

    fclose(fp2);

    fp2 = fopen(objidx, "w");

    fp1 = fopen(idxtmp, "r");

    if (!fp1 || !fp2) {

        if (fp1)

            fclose(fp1);

        if (fp2)

            fclose(fp2);

        TRACE_ERROR("fopen failed\n");

        return CKR_FUNCTION_FAILED;

    }

    set_perm(fileno(fp2));

    while (fgets(line, 50, fp1)) {

        fprintf(fp2, "%s", line);

    }

    fclose(fp1);

    fclose(fp2);

    if (get_token_object_path(fname, sizeof(fname), tokdata,

                              (char *) obj->name) < 0)

       TRACE_DEVEL("file name buffer overflow in obj unlink\n");

    else

        unlink(fname);

    return CKR_OK;

}

CK_RV delete_token_data(STDLL_TokData_t *tokdata)

{

    CK_RV rc = CKR_OK;

    char *cmd = NULL;

    // Construct a string to delete the token objects.

    //

    // META This should be fine since the open session checking

    // should occur at the API not the STDLL

    //

    // TODO: Implement delete_all_files_in_dir() */

    if (asprintf(&cmd, "%s %s/%s/* > /dev/null 2>&1", DEL_CMD,

                 tokdata->data_store, PK_LITE_OBJ_DIR) < 0) {

        rc = CKR_HOST_MEMORY;

        goto done;

    }

    if (system(cmd))

        TRACE_ERROR("system() failed.\n");

done:

    free(cmd);

    return rc;

}

CK_RV init_data_store(STDLL_TokData_t *tokdata, char *directory,

                      char *data_store, size_t len)

{

    char *pkdir;

    int pklen;

    if (tokdata->pk_dir != NULL) {

        free(tokdata->pk_dir);

        tokdata->pk_dir = NULL;

    }

    if ((pkdir = secure_getenv("PKCS_APP_STORE")) != NULL) {

        pklen = strlen(pkdir) + 1024;

        tokdata->pk_dir = (char *) calloc(pklen, 1);

        if (!(tokdata->pk_dir))

            return CKR_HOST_MEMORY;

        if (ock_snprintf(tokdata->pk_dir, pklen, "%s/%s", pkdir, SUB_DIR) != 0)

            return CKR_FUNCTION_FAILED;

        return get_pk_dir(tokdata, data_store, len) ? CKR_OK : CKR_FUNCTION_FAILED;

    }

    if (directory) {

        pklen = strlen(directory) + 1;

        tokdata->pk_dir = (char *) calloc(pklen, 1);

        if (!(tokdata->pk_dir))

            return CKR_HOST_MEMORY;

        if (ock_snprintf(tokdata->pk_dir, pklen, "%s", directory) != 0)

            return CKR_FUNCTION_FAILED;

    } else {

        pklen = strlen(PK_DIR) + 1;

        tokdata->pk_dir = (char *) calloc(pklen, 1);

        if (!(tokdata->pk_dir))

            return CKR_HOST_MEMORY;

        if (ock_snprintf(tokdata->pk_dir, pklen, "%s", PK_DIR) != 0)

            return CKR_FUNCTION_FAILED;

    }

    return get_pk_dir(tokdata, data_store, len) ? CKR_OK : CKR_FUNCTION_FAILED;

}

void final_data_store(STDLL_TokData_t * tokdata)

{

    if (tokdata->pk_dir != NULL) {

        free(tokdata->pk_dir);

        tokdata->pk_dir = NULL;

    }

}

/******************************************************************************

 * tokversion < 3.12 object store

 */

static CK_RV get_encryption_info(CK_ULONG *p_key_len, CK_ULONG *p_block_size)

{

    CK_ULONG key_len = 0L;

    CK_ULONG block_size = 0L;

    switch (token_specific.data_store.encryption_algorithm) {

    case CKM_DES3_CBC:

        key_len = 3 * DES_KEY_SIZE;

        block_size = DES_BLOCK_SIZE;

        break;

    case CKM_AES_CBC:

        key_len = AES_KEY_SIZE_256;

        block_size = AES_BLOCK_SIZE;

        break;

    default:

        TRACE_ERROR("%s\n", ock_err(ERR_MECHANISM_INVALID));

        return ERR_MECHANISM_INVALID;

    }

    if (p_key_len)

        *p_key_len = key_len;

    if (p_block_size)

        *p_block_size = block_size;

    return CKR_OK;

}

static CK_BYTE *duplicate_initial_vector(const CK_BYTE *iv)

{

    CK_ULONG block_size = 0L;

    CK_BYTE *initial_vector = NULL;

    if (iv == NULL)

        goto done;

    if (get_encryption_info(NULL, &block_size) != CKR_OK)

        goto done;

    initial_vector = malloc(block_size);

    if (initial_vector == NULL) {

        goto done;

    }

    memcpy(initial_vector, iv, block_size);

done:

    return initial_vector;

}

static CK_RV encrypt_data(STDLL_TokData_t *tokdata, CK_BYTE *key,

                          CK_ULONG keylen, const CK_BYTE *iv,

                          CK_BYTE *clear, CK_ULONG clear_len,

                          CK_BYTE *cipher, CK_ULONG *p_cipher_len)

{

#ifndef  CLEARTEXT

    CK_RV rc = CKR_OK;

    CK_BYTE *initial_vector = NULL;

    OBJECT *keyobj = NULL;

    CK_KEY_TYPE keyType;

    CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;

    CK_ATTRIBUTE key_tmpl[] = {

        {CKA_CLASS, &keyClass, sizeof(keyClass)}

        ,

        {CKA_KEY_TYPE, &keyType, sizeof(keyType)}

        ,

        {CKA_VALUE, key, keylen}

    };

    switch (token_specific.data_store.encryption_algorithm) {

    case CKM_DES3_CBC:

        keyType = CKK_DES3;

        break;

    case CKM_AES_CBC:

        keyType = CKK_AES;

        break;

    default:

        TRACE_ERROR("%s\n", ock_err(ERR_MECHANISM_INVALID));

        return ERR_MECHANISM_INVALID;

    }

    rc = object_create_skel(tokdata, key_tmpl, 3, MODE_CREATE,

                            CKO_SECRET_KEY, keyType, &keyobj);

    if (rc != CKR_OK) {

        TRACE_DEVEL("object_create_skel failed.\n");

        return rc;

    }

    initial_vector = duplicate_initial_vector(iv);

    if (initial_vector == NULL) {

        TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));

        return ERR_HOST_MEMORY;

    }

    switch (token_specific.data_store.encryption_algorithm) {

    case CKM_DES3_CBC:

        rc = ckm_des3_cbc_encrypt(tokdata, clear, clear_len,

                                  cipher, p_cipher_len, initial_vector, keyobj);

        break;

    case CKM_AES_CBC:

        rc = ckm_aes_cbc_encrypt(tokdata, clear, clear_len,

                                 cipher, p_cipher_len, initial_vector, keyobj);

        break;

    default:

        TRACE_ERROR("%s\n", ock_err(ERR_MECHANISM_INVALID));

        rc = ERR_MECHANISM_INVALID;

    }

    if (initial_vector)

        free(initial_vector);

    return rc;

#else

    memcpy(cipher, clear, clear_len);

    return CKR_OK;

#endif

}

static CK_RV encrypt_data_with_clear_key(STDLL_TokData_t *tokdata,

                                         CK_BYTE *key, CK_ULONG keylen,

                                         const CK_BYTE *iv,

                                         CK_BYTE *clear, CK_ULONG clear_len,

                                         CK_BYTE *cipher,

                                         CK_ULONG *p_cipher_len)

{

#ifndef CLEARTEXT

    CK_RV rc = CKR_OK;

    CK_BYTE *initial_vector = NULL;

    if (!token_specific.secure_key_token &&

        token_specific.data_store.encryption_algorithm != CKM_DES3_CBC) {

        return encrypt_data(tokdata, key, keylen, iv, clear, clear_len,

                            cipher, p_cipher_len);

    }

    /* Fall back to a software alternative if key is secure, or

     * if token's data store encryption algorithm is 3DES_CBC */

    initial_vector = duplicate_initial_vector(iv);

    if (initial_vector == NULL) {

        TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));

        return ERR_HOST_MEMORY;

    }

    switch (token_specific.data_store.encryption_algorithm) {

    case CKM_DES3_CBC:

        rc = sw_des3_cbc_encrypt(clear, clear_len,

                                 cipher, p_cipher_len, initial_vector, key);

        break;

    case CKM_AES_CBC:

        rc = sw_aes_cbc_encrypt(clear, clear_len, cipher, p_cipher_len,

                                initial_vector, key, keylen);

        break;

    default:

        TRACE_ERROR("%s\n", ock_err(ERR_MECHANISM_INVALID));

        rc = ERR_MECHANISM_INVALID;

    }

    if (initial_vector)

        free(initial_vector);

    return rc;

#else

    memcpy(cipher, clear, clear_len);

    return CKR_OK;

#endif

}

static CK_RV decrypt_data(STDLL_TokData_t *tokdata,

                          CK_BYTE *key, CK_ULONG keylen, const CK_BYTE *iv,

                          CK_BYTE *cipher, CK_ULONG cipher_len,

                          CK_BYTE *clear, CK_ULONG *p_clear_len)

{

#ifndef  CLEARTEXT

    CK_RV rc = CKR_OK;

    CK_BYTE *initial_vector = NULL;

    OBJECT *keyobj = NULL;

    CK_KEY_TYPE keyType;

    CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;

    CK_ATTRIBUTE key_tmpl[] = {

        { CKA_CLASS, &keyClass, sizeof(keyClass) },

        { CKA_KEY_TYPE, &keyType, sizeof(keyType) },

        { CKA_VALUE, key, keylen }

    };

    switch (token_specific.data_store.encryption_algorithm) {

    case CKM_DES3_CBC:

        keyType = CKK_DES3;

        break;

    case CKM_AES_CBC:

        keyType = CKK_AES;

        break;

    default:

        TRACE_ERROR("%s\n", ock_err(ERR_MECHANISM_INVALID));

        return ERR_MECHANISM_INVALID;

    }

    rc = object_create_skel(tokdata, key_tmpl, 3, MODE_CREATE,

                            CKO_SECRET_KEY, keyType, &keyobj);

    if (rc != CKR_OK) {

        TRACE_DEVEL("object_create_skel failed.\n");

        return rc;

    }

    initial_vector = duplicate_initial_vector(iv);

    if (initial_vector == NULL) {

        TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));

        return ERR_HOST_MEMORY;

    }

    switch (token_specific.data_store.encryption_algorithm) {

    case CKM_DES3_CBC:

        rc = ckm_des3_cbc_decrypt(tokdata, cipher, cipher_len,

                                  clear, p_clear_len, initial_vector, keyobj);

        break;

    case CKM_AES_CBC:

        rc = ckm_aes_cbc_decrypt(tokdata, cipher, cipher_len,

                                 clear, p_clear_len, initial_vector, keyobj);

        break;

    default:

        TRACE_ERROR("%s\n", ock_err(ERR_MECHANISM_INVALID));

        rc = ERR_MECHANISM_INVALID;

    }

    if (initial_vector)

        free(initial_vector);

    return rc;

#else

    memcpy(clear, cipher, cipher_len);

    return CKR_OK;

#endif

}

static CK_RV decrypt_data_with_clear_key(STDLL_TokData_t *tokdata,

                                         CK_BYTE *key, CK_ULONG keylen,

                                         const CK_BYTE *iv,

                                         CK_BYTE *cipher, CK_ULONG cipher_len,

                                         CK_BYTE *clear,

                                         CK_ULONG *p_clear_len)

{

#ifndef CLEARTEXT

    CK_RV rc = CKR_OK;

    CK_BYTE *initial_vector = NULL;

    if (!token_specific.secure_key_token &&

        token_specific.data_store.encryption_algorithm != CKM_DES3_CBC) {

        return decrypt_data(tokdata, key, keylen, iv, cipher,

                            cipher_len, clear, p_clear_len);

    }

    /* Fall back to a software alternative if key is secure, or

     * if token's data store encryption algorithm is 3DES_CBC */

    initial_vector = duplicate_initial_vector(iv);

    if (initial_vector == NULL) {

        TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));

        return ERR_HOST_MEMORY;

    }

    switch (token_specific.data_store.encryption_algorithm) {

    case CKM_DES3_CBC:

        rc = sw_des3_cbc_decrypt(cipher, cipher_len, clear, p_clear_len,

                                 initial_vector, key);

        break;

    case CKM_AES_CBC:

        rc = sw_aes_cbc_decrypt(cipher, cipher_len, clear, p_clear_len,

                                 initial_vector, key, keylen);

        break;

    default:

        TRACE_ERROR("%s\n", ock_err(ERR_MECHANISM_INVALID));

        rc = ERR_MECHANISM_INVALID;

    }

    if (initial_vector)

        free(initial_vector);

    return rc;

#else

    memcpy(clear, cipher, cipher_len);

    return CKR_OK;

#endif

}

//

//

CK_RV load_token_data_old(STDLL_TokData_t *tokdata, CK_SLOT_ID slot_id)

{

    FILE *fp = NULL;

    char fname[PATH_MAX];

    TOKEN_DATA td;

    CK_RV rc;

    rc = XProcLock(tokdata);

    if (rc != CKR_OK) {

        TRACE_ERROR("Failed to get Process Lock.\n");

        goto out_nolock;

    }

    fp = open_token_nvdat(fname, sizeof(fname), tokdata, "r");

    if (!fp) {

        /* Better error checking added */

        if (errno == ENOENT) {

            init_token_data(tokdata, slot_id);

            fp = fopen(fname, "r");

            if (!fp) {

                // were really hosed here since the created

                // did not occur

                TRACE_ERROR("fopen(%s): %s\n", fname, strerror(errno));

                rc = CKR_FUNCTION_FAILED;

                goto out_unlock;

            }

        } else {

            /* Could not open file for some unknown reason */

            TRACE_ERROR("fopen(%s): %s\n", fname, strerror(errno));

            rc = CKR_FUNCTION_FAILED;

            goto out_unlock;

        }

    }

    set_perm(fileno(fp));

    /* Load generic token data */

    if (!fread(&td, sizeof(TOKEN_DATA_OLD), 1, fp)) {

        TRACE_ERROR("fread(%s): %s\n", fname,

                    ferror(fp) ? strerror(errno) : "failed");

        rc = CKR_FUNCTION_FAILED;

        goto out_unlock;

    }

    memcpy(tokdata->nv_token_data, &td, sizeof(TOKEN_DATA_OLD));

    /* Load token-specific data */

    if (token_specific.t_load_token_data) {

        rc = token_specific.t_load_token_data(tokdata, slot_id, fp);

        if (rc)

            goto out_unlock;

    }

    rc = CKR_OK;

out_unlock:

    if (fp)

        fclose(fp);

    if (rc == CKR_OK) {

        rc = XProcUnLock(tokdata);

        if (rc != CKR_OK)

            TRACE_ERROR("Failed to release Process Lock.\n");

    } else {

        /* return error that occurred first */

        XProcUnLock(tokdata);

    }

out_nolock:

    return rc;

}

//

//

CK_RV save_token_data_old(STDLL_TokData_t *tokdata, CK_SLOT_ID slot_id)

{

    FILE *fp = NULL;

    TOKEN_DATA td;

    CK_RV rc;

    char fname[PATH_MAX];

    rc = XProcLock(tokdata);

    if (rc != CKR_OK) {

        TRACE_ERROR("Failed to get Process Lock.\n");

        goto out_nolock;

    }

    fp = open_token_nvdat(fname, sizeof(fname), tokdata, "w");

    if (!fp) {

        TRACE_ERROR("fopen(%s): %s\n", fname, strerror(errno));

        rc = CKR_FUNCTION_FAILED;

        goto done;

    }

    set_perm(fileno(fp));

    /* Write generic token data */

    memcpy(&td, tokdata->nv_token_data, sizeof(TOKEN_DATA_OLD));

    if (!fwrite(&td, sizeof(TOKEN_DATA_OLD), 1, fp)) {

        TRACE_ERROR("fwrite(%s): %s\n", fname,

                    ferror(fp) ? strerror(errno) : "failed");

        rc = CKR_FUNCTION_FAILED;

        goto done;

    }

    /* Write token-specific data */

    if (token_specific.t_save_token_data) {

        rc = token_specific.t_save_token_data(tokdata, slot_id, fp);

        if (rc)

            goto done;

    }

    rc = CKR_OK;

done:

    if (fp)

        fclose(fp);

    if (rc == CKR_OK) {

        rc = XProcUnLock(tokdata);

        if (rc != CKR_OK)

            TRACE_ERROR("Failed to release Process Lock.\n");

    } else {

        /* return error that occurred first */

        XProcUnLock(tokdata);

    }

out_nolock:

    return rc;

}

//

// Note: The token lock (XProcLock) must be held when calling this function.

//

static CK_RV save_private_token_object_old(STDLL_TokData_t *tokdata, OBJECT *obj)

{

    FILE *fp = NULL;

    CK_BYTE *obj_data = NULL;

    CK_BYTE *clear = NULL;

    CK_BYTE *cipher = NULL;

    CK_BYTE *ptr = NULL;

    char fname[PATH_MAX];

    CK_BYTE hash_sha[SHA1_HASH_SIZE];

    CK_BYTE *key = NULL;

    CK_ULONG key_len = 0L;

    CK_ULONG block_size = 0L;

    CK_ULONG obj_data_len, clear_len, cipher_len;

    CK_ULONG padded_len;

    CK_BBOOL flag;

    CK_RV rc;

    CK_ULONG_32 obj_data_len_32;

    CK_ULONG_32 total_len;

    rc = object_flatten(obj, &obj_data, &obj_data_len);

    obj_data_len_32 = obj_data_len;

    if (rc != CKR_OK) {

        goto error;

    }

    //

    // format for the object file:

    //    private flag

    //    ---- begin encrypted part        <--+

    //       length of object data            |

    //       object data                      +---- sensitive part

    //       SHA of (object data)             |

    //    ---- end encrypted part          <--+

    //

    compute_sha1(tokdata, obj_data, obj_data_len, hash_sha);

    // encrypt the sensitive object data.  need to be careful.

    // if I use the normal high-level encryption routines I'll need to

    // create a tepmorary key object containing the master key, perform the

    // encryption, then destroy the key object.  There is a race condition

    // here if the application is multithreaded (if a thread-switch occurs,

    // the other application thread could do a FindObject and be able to

    // access the master key object.

    //

    // So I have to use the low-level encryption routines.

    //

    if ((rc = get_encryption_info(&key_len, &block_size)) != CKR_OK)

        goto error;

    // Duplicate key

    key = malloc(key_len);

    if (!key)

        goto oom_error;

    memcpy(key, tokdata->master_key, key_len);

    clear_len = sizeof(CK_ULONG_32) + obj_data_len_32 + SHA1_HASH_SIZE;

    cipher_len = padded_len = block_size * (clear_len / block_size + 1);

    clear = malloc(padded_len);

    cipher = malloc(padded_len);

    if (!clear || !cipher)

        goto oom_error;

    // Build data that will be encrypted

    ptr = clear;

    memcpy(ptr, &obj_data_len_32, sizeof(CK_ULONG_32));

    ptr += sizeof(CK_ULONG_32);

    memcpy(ptr, obj_data, obj_data_len_32);

    ptr += obj_data_len_32;

    memcpy(ptr, hash_sha, SHA1_HASH_SIZE);

    add_pkcs_padding(clear + clear_len, block_size, clear_len, padded_len);

    rc = encrypt_data_with_clear_key(tokdata, key, key_len,

                                     token_specific.data_store.

                                     obj_initial_vector, clear, padded_len,

                                     cipher, &cipher_len);

    if (rc != CKR_OK) {

        goto error;

    }

    if (ock_snprintf(fname, PATH_MAX, "%s/%s/%.8s", tokdata->data_store,

                     PK_LITE_OBJ_DIR, (char *)obj->name) != 0) {

        TRACE_ERROR("private token object old name buffer overflow\n");

        rc = CKR_FUNCTION_FAILED;

        goto error;

    }

    fp = fopen(fname, "w");

    if (!fp) {

        TRACE_ERROR("fopen(%s): %s\n", fname, strerror(errno));

        rc = CKR_FUNCTION_FAILED;

        goto error;

    }

    set_perm(fileno(fp));

    total_len = sizeof(CK_ULONG_32) + sizeof(CK_BBOOL) + cipher_len;

    flag = TRUE;

    (void) fwrite(&total_len, sizeof(CK_ULONG_32), 1, fp);

    (void) fwrite(&flag, sizeof(CK_BBOOL), 1, fp);

    (void) fwrite(cipher, cipher_len, 1, fp);

    fclose(fp);

    free(obj_data);

    free(clear);

    free(cipher);

    free(key);

    return CKR_OK;

oom_error:

    rc = CKR_HOST_MEMORY;

error:

    if (fp)