/*

 * COPYRIGHT (c) International Business Machines Corp. 2001-2017

 *

 * This program is provided under the terms of the Common Public License,

 * version 1.0 (CPL-1.0). Any use, reproduction or distribution for this

 * software constitutes recipient's acceptance of CPL-1.0 terms which can be

 * found in the file LICENSE file or at

 * https://opensource.org/licenses/cpl1.0.php

 */

// File:  mech_sha.c

//

// Mechanisms for SHA-1 related routines

//

// The following applies to the software SHA implementation:

//    Written 2 September 1992, Peter C. Gutmann.

//    This implementation placed in the public domain.

//

//    Modified 1 June 1993, Colin Plumb.

//    Modified for the new SHS based on Peter Gutmann's work,

//    18 July 1994, Colin Plumb.

//    Gutmann's work.

//    Renamed to SHA and comments updated a bit 1 November 1995, Colin Plumb.

//    These modifications placed in the public domain.

//

//    Comments to pgut1@cs.aukuni.ac.nz

//

#include <pthread.h>

#include <string.h>             // for memcmp() et al

#include <stdlib.h>

#include <memory.h>

#include "pkcs11types.h"

#include "defs.h"

#include "host_defs.h"

#include "h_extern.h"

#include "tok_spec_struct.h"

#include "trace.h"

#include <openssl/sha.h>

#include <openssl/crypto.h>

//

// Software SHA-1 implementation (OpenSSL based)

//

void sw_sha1_init(DIGEST_CONTEXT *ctx)

{

    ctx->context_len = sizeof(SHA_CTX);

    ctx->context = (CK_BYTE *) malloc(sizeof(SHA_CTX));

    if (ctx->context == NULL) {

        TRACE_ERROR("%s\n", ock_err(ERR_HOST_MEMORY));

        // TODO: propagate error up?

        return;

    }

    SHA1_Init((SHA_CTX *)ctx->context);

}

CK_RV sw_sha1_hash(DIGEST_CONTEXT *ctx, CK_BYTE *in_data,

                   CK_ULONG in_data_len, CK_BYTE *out_data,

                   CK_ULONG *out_data_len)

{

    if (!ctx || !out_data_len) {

        TRACE_ERROR("%s received bad argument(s)\n", __func__);

        return CKR_FUNCTION_FAILED;

    }

    if (*out_data_len < SHA1_HASH_SIZE) {

        TRACE_ERROR("%s\n", ock_err(ERR_BUFFER_TOO_SMALL));

        return CKR_BUFFER_TOO_SMALL;

    }

    if (ctx->context == NULL)

        return CKR_OPERATION_NOT_INITIALIZED;

    SHA1_Update((SHA_CTX *)ctx->context, in_data, in_data_len);

    SHA1_Final(out_data, (SHA_CTX *)ctx->context);

    *out_data_len = SHA1_HASH_SIZE;

    free(ctx->context);

    ctx->context = NULL;

    return CKR_OK;

}

CK_RV sw_sha1_update(DIGEST_CONTEXT *ctx, CK_BYTE *in_data,

                     CK_ULONG in_data_len)

{

    if (ctx->context == NULL)

        return CKR_OPERATION_NOT_INITIALIZED;

    SHA1_Update((SHA_CTX *)ctx->context, in_data, in_data_len);

    return CKR_OK;

}

CK_RV sw_sha1_final(DIGEST_CONTEXT *ctx, CK_BYTE *out_data,

                    CK_ULONG *out_data_len)

{

    if (ctx->context == NULL)

        return CKR_OPERATION_NOT_INITIALIZED;

    SHA1_Final(out_data, (SHA_CTX *)ctx->context);

    *out_data_len = SHA1_HASH_SIZE;

    free(ctx->context);

    ctx->context = NULL;

    return CKR_OK;

}

CK_RV sha_init(STDLL_TokData_t *tokdata, SESSION *sess, DIGEST_CONTEXT *ctx,

               CK_MECHANISM *mech)

{

    UNUSED(sess);

    if (token_specific.t_sha_init != NULL) {

        return token_specific.t_sha_init(tokdata, ctx, mech);

    } else {

        /* For current tokens, continue legacy of using software

         *  implemented SHA-1 if the token does not have its own

         *  SHA-1 implementation.

         *  Future tokens' crypto should be its own so that

         *  opencryptoki is not responsible for crypto. If token

         *  does not have SHA-1, then should be mechanism not

         *  supported. JML

         */

        if (mech->mechanism == CKM_SHA_1) {

            sw_sha1_init(ctx);

            return CKR_OK;

        } else {

            return CKR_MECHANISM_INVALID;

        }

    }

}

CK_RV sha_hash(STDLL_TokData_t *tokdata, SESSION *sess, CK_BBOOL length_only,

               DIGEST_CONTEXT *ctx, CK_BYTE *in_data, CK_ULONG in_data_len,

               CK_BYTE *out_data, CK_ULONG *out_data_len)

{

    CK_ULONG hsize;

    UNUSED(sess);

    if (!ctx || !out_data_len) {

        TRACE_ERROR("%s received bad argument(s)\n", __func__);

        return CKR_FUNCTION_FAILED;

    }

    switch (ctx->mech.mechanism) {

    case CKM_SHA_1:

        hsize = SHA1_HASH_SIZE;

        break;

    case CKM_SHA224:

    case CKM_SHA512_224:

        hsize = SHA224_HASH_SIZE;

        break;

    case CKM_SHA256:

    case CKM_SHA512_256:

        hsize = SHA256_HASH_SIZE;

        break;

    case CKM_SHA384:

        hsize = SHA384_HASH_SIZE;

        break;

    case CKM_SHA512:

        hsize = SHA512_HASH_SIZE;

        break;

    case CKM_IBM_SHA3_224:

        hsize = SHA3_224_HASH_SIZE;

        break;

    case CKM_IBM_SHA3_256:

        hsize = SHA3_256_HASH_SIZE;

        break;

    case CKM_IBM_SHA3_384:

        hsize = SHA3_384_HASH_SIZE;

        break;

    case CKM_IBM_SHA3_512:

        hsize = SHA3_512_HASH_SIZE;

        break;

    default:

        return CKR_MECHANISM_INVALID;

    }

    if (length_only == TRUE) {

        *out_data_len = hsize;

        return CKR_OK;

    }

    if (*out_data_len < hsize) {

        *out_data_len = hsize;

        TRACE_ERROR("%s\n", ock_err(ERR_BUFFER_TOO_SMALL));

        return CKR_BUFFER_TOO_SMALL;

    }

    if (ctx->context == NULL)

        return CKR_HOST_MEMORY;

    if (token_specific.t_sha != NULL) {

        return token_specific.t_sha(tokdata, ctx, in_data, in_data_len,

                                    out_data, out_data_len);

    } else {

        if (ctx->mech.mechanism == CKM_SHA_1)

            return sw_sha1_hash(ctx, in_data, in_data_len, out_data,

                                out_data_len);

        else

            return CKR_MECHANISM_INVALID;

    }

}

//

//

CK_RV sha_hash_update(STDLL_TokData_t *tokdata, SESSION *sess,

                      DIGEST_CONTEXT *ctx, CK_BYTE *in_data,

                      CK_ULONG in_data_len)

{

    UNUSED(sess);

    /* if no data to hash, just return */

    if (!in_data_len)

        return CKR_OK;

    if (token_specific.t_sha_update != NULL) {

        return token_specific.t_sha_update(tokdata, ctx, in_data, in_data_len);

    } else {

        if (ctx->mech.mechanism == CKM_SHA_1)

            return sw_sha1_update(ctx, in_data, in_data_len);

        else

            return CKR_MECHANISM_INVALID;

    }

}

CK_RV sha_hash_final(STDLL_TokData_t *tokdata, SESSION *sess,

                     CK_BYTE length_only, DIGEST_CONTEXT *ctx,

                     CK_BYTE *out_data, CK_ULONG *out_data_len)

{

    CK_ULONG hsize;

    UNUSED(sess);

    if (!out_data_len) {

        TRACE_ERROR("%s received bad argument(s)\n", __func__);

        return CKR_FUNCTION_FAILED;

    }

    switch (ctx->mech.mechanism) {

    case CKM_SHA_1:

        hsize = SHA1_HASH_SIZE;

        break;

    case CKM_SHA224:

    case CKM_SHA512_224:

        hsize = SHA224_HASH_SIZE;

        break;

    case CKM_SHA256:

    case CKM_SHA512_256:

        hsize = SHA256_HASH_SIZE;

        break;

    case CKM_SHA384:

        hsize = SHA384_HASH_SIZE;

        break;

    case CKM_SHA512:

        hsize = SHA512_HASH_SIZE;

        break;

    case CKM_IBM_SHA3_224:

        hsize = SHA3_224_HASH_SIZE;

        break;

    case CKM_IBM_SHA3_256:

        hsize = SHA3_256_HASH_SIZE;

        break;

    case CKM_IBM_SHA3_384:

        hsize = SHA3_384_HASH_SIZE;

        break;

    case CKM_IBM_SHA3_512:

        hsize = SHA3_512_HASH_SIZE;

        break;

    default:

        return CKR_MECHANISM_INVALID;

    }

    if (length_only == TRUE) {

        *out_data_len = hsize;

        return CKR_OK;

    }

    if (*out_data_len < hsize) {

        *out_data_len = hsize;

        TRACE_ERROR("%s\n", ock_err(ERR_BUFFER_TOO_SMALL));

        return CKR_BUFFER_TOO_SMALL;

    }

    if (token_specific.t_sha_final != NULL) {

        return token_specific.t_sha_final(tokdata, ctx, out_data, out_data_len);

    } else {

        if (ctx->mech.mechanism == CKM_SHA_1)

            return sw_sha1_final(ctx, out_data, out_data_len);

        else

            return CKR_MECHANISM_INVALID;

    }

}

// this routine gets called for these mechanisms actually:

// CKM_SHA_1_HMAC

// CKM_SHA_1_HMAC_GENERAL

// CKM_SHA224_HMAC

// CKM_SHA224_HMAC_GENERAL

// CKM_SHA256_HMAC

// CKM_SHA256_HMAC_GENERAL

// CKM_SHA384_HMAC

// CKM_SHA384_HMAC_GENERAL

// CKM_SHA512_HMAC

// CKM_SHA512_HMAC_GENERAL

// CKM_SHA512_224_HMAC

// CKM_SHA512_224_HMAC_GENERAL

// CKM_SHA512_256_HMAC

// CKM_SHA512_256_HMAC_GENERAL

// CKM_IBM_SHA3_224_HMAC

// CKM_IBM_SHA3_256_HMAC

// CKM_IBM_SHA3_384_HMAC

// CKM_IBM_SHA3_512_HMAC

//

CK_RV sha_hmac_sign(STDLL_TokData_t *tokdata,

                    SESSION *sess, CK_BBOOL length_only,

                    SIGN_VERIFY_CONTEXT *ctx, CK_BYTE *in_data,

                    CK_ULONG in_data_len, CK_BYTE *out_data,

                    CK_ULONG *out_data_len)

{

    OBJECT *key_obj = NULL;

    CK_ATTRIBUTE *attr = NULL;

    CK_BYTE hash[MAX_SHA_HASH_SIZE];

    DIGEST_CONTEXT digest_ctx;

    CK_MECHANISM digest_mech;

    CK_BYTE k_ipad[MAX_SHA_BLOCK_SIZE];

    CK_BYTE k_opad[MAX_SHA_BLOCK_SIZE];

    CK_ULONG key_bytes, hash_len, hmac_len, digest_hash_len, digest_block_size;

    CK_BBOOL general = FALSE;

    CK_ULONG i;

    CK_RV rc;

    if (!sess || !ctx || !out_data_len) {

        TRACE_ERROR("%s received bad argument(s)\n", __func__);

        return CKR_FUNCTION_FAILED;

    }

    digest_mech.ulParameterLen = 0;

    digest_mech.pParameter = NULL;

    rc = get_hmac_digest(ctx->mech.mechanism, &digest_mech.mechanism, &general);

    if (rc != 0) {

        TRACE_ERROR("get_hmac_digest failed");

        return rc;

    }

    rc = get_sha_block_size(digest_mech.mechanism, &digest_block_size);

    if (rc != 0) {

        TRACE_ERROR("get_sha_block_size failed");

        return rc;

    }

    rc = get_sha_size(digest_mech.mechanism, &digest_hash_len);

    if (rc != 0) {

        TRACE_ERROR("get_sha_size failed");

        return rc;

    }

    if (general == FALSE) {

        hmac_len = digest_hash_len;

    } else {

        hmac_len = *(CK_ULONG *)ctx->mech.pParameter;

        if (hmac_len > digest_hash_len)

            return CKR_MECHANISM_PARAM_INVALID;

        if (hmac_len == 0) {

            *out_data_len = 0;

            return CKR_OK;

        }

    }

    if (length_only == TRUE) {

        *out_data_len = hmac_len;

        return CKR_OK;

    }

    if (token_specific.t_hmac_sign != NULL)

        return token_specific.t_hmac_sign(tokdata, sess, in_data,

                                          in_data_len, out_data, out_data_len);

    /* Do manual hmac if token doesn't have an hmac crypto call.

     * Secure tokens should not do manual hmac.

     */

    memset(&digest_ctx, 0x0, sizeof(DIGEST_CONTEXT));

    rc = object_mgr_find_in_map1(tokdata, ctx->key, &key_obj, READ_LOCK);

    if (rc != CKR_OK) {

        TRACE_ERROR("Failed to acquire key from specified handle");

        if (rc == CKR_OBJECT_HANDLE_INVALID)

            return CKR_KEY_HANDLE_INVALID;

        else

            return rc;

    }

    rc = template_attribute_find(key_obj->template, CKA_VALUE, &attr);

    if (rc == FALSE) {

        TRACE_ERROR("Could not find CKA_VALUE in the template\n");

        rc = CKR_FUNCTION_FAILED;

        goto done;

    }

    key_bytes = attr->ulValueLen;

    // build (K XOR ipad), (K XOR opad)

    //

    if (key_bytes > digest_block_size) {

        rc = digest_mgr_init(tokdata, sess, &digest_ctx, &digest_mech);

        if (rc != CKR_OK) {

            TRACE_DEVEL("Digest Mgr Init failed.\n");

            goto done;

        }

        hash_len = digest_hash_len;

        rc = digest_mgr_digest(tokdata, sess, FALSE, &digest_ctx,

                               attr->pValue, attr->ulValueLen, hash, &hash_len);

        if (rc != CKR_OK) {

            TRACE_DEVEL("Digest Mgr Digest failed.\n");

            goto done;

        }

        memset(&digest_ctx, 0x0, sizeof(DIGEST_CONTEXT));

        for (i = 0; i < hash_len; i++) {

            k_ipad[i] = hash[i] ^ 0x36;

            k_opad[i] = hash[i] ^ 0x5C;

        }

        memset(&k_ipad[i], 0x36, digest_block_size - i);

        memset(&k_opad[i], 0x5C, digest_block_size - i);

    } else {

        CK_BYTE *key = attr->pValue;

        for (i = 0; i < key_bytes; i++) {

            k_ipad[i] = key[i] ^ 0x36;

            k_opad[i] = key[i] ^ 0x5C;

        }

        memset(&k_ipad[i], 0x36, digest_block_size - key_bytes);

        memset(&k_opad[i], 0x5C, digest_block_size - key_bytes);

    }

    // inner hash

    //

    rc = digest_mgr_init(tokdata, sess, &digest_ctx, &digest_mech);

    if (rc != CKR_OK) {

        TRACE_DEVEL("Digest Mgr Init failed.\n");

        goto done;

    }

    rc = digest_mgr_digest_update(tokdata, sess, &digest_ctx, k_ipad,

                                  digest_block_size);

    if (rc != CKR_OK) {

        TRACE_DEVEL("Digest Mgr Update failed.\n");

        goto done;

    }

    rc = digest_mgr_digest_update(tokdata, sess, &digest_ctx, in_data,

                                  in_data_len);

    if (rc != CKR_OK) {

        TRACE_DEVEL("Digest Mgr Update failed.\n");

        goto done;

    }

    hash_len = digest_hash_len;

    rc = digest_mgr_digest_final(tokdata, sess, FALSE, &digest_ctx, hash,

                                 &hash_len);

    if (rc != CKR_OK) {

        TRACE_DEVEL("Digest Mgr Final failed.\n");

        goto done;

    }

    memset(&digest_ctx, 0x0, sizeof(DIGEST_CONTEXT));

    // outer hash

    //

    rc = digest_mgr_init(tokdata, sess, &digest_ctx, &digest_mech);

    if (rc != CKR_OK) {

        TRACE_DEVEL("Digest Mgr Init failed.\n");

        goto done;

    }

    rc = digest_mgr_digest_update(tokdata, sess, &digest_ctx, k_opad,

                                  digest_block_size);

    if (rc != CKR_OK) {

        TRACE_DEVEL("Digest Mgr Update failed.\n");

        goto done;

    }

    rc = digest_mgr_digest_update(tokdata, sess, &digest_ctx, hash, hash_len);

    if (rc != CKR_OK) {

        TRACE_DEVEL("Digest Mgr Update failed.\n");

        goto done;

    }

    hash_len = digest_hash_len;

    rc = digest_mgr_digest_final(tokdata, sess, FALSE, &digest_ctx, hash,

                                 &hash_len);

    if (rc != CKR_OK) {

        TRACE_DEVEL("Digest Mgr Final failed.\n");

        goto done;

    }

    memcpy(out_data, hash, hmac_len);

    *out_data_len = hmac_len;

done:

    object_put(tokdata, key_obj, TRUE);

    key_obj = NULL;

    return rc;

}

// this routine gets called for these mechanisms actually:

// CKM_SHA_1_HMAC

// CKM_SHA_1_HMAC_GENERAL

// CKM_SHA224_HMAC

// CKM_SHA224_HMAC_GENERAL

// CKM_SHA256_HMAC

// CKM_SHA256_HMAC_GENERAL

// CKM_SHA384_HMAC

// CKM_SHA384_HMAC_GENERAL

// CKM_SHA512_HMAC

// CKM_SHA512_HMAC_GENERAL

// CKM_SHA512_224_HMAC

// CKM_SHA512_224_HMAC_GENERAL

// CKM_SHA512_256_HMAC

// CKM_SHA512_256_HMAC_GENERAL

// CKM_IBM_SHA3_224_HMAC

// CKM_IBM_SHA3_256_HMAC

// CKM_IBM_SHA3_384_HMAC

// CKM_IBM_SHA3_512_HMAC

//

CK_RV sha_hmac_verify(STDLL_TokData_t *tokdata, SESSION *sess,

                      SIGN_VERIFY_CONTEXT *ctx,

                      CK_BYTE *in_data, CK_ULONG in_data_len,

                      CK_BYTE *signature, CK_ULONG sig_len)

{

    CK_BYTE hmac[MAX_SHA_HASH_SIZE];

    SIGN_VERIFY_CONTEXT hmac_ctx;

    CK_ULONG hmac_len, len, digest_mech, digest_hash_len;

    CK_BBOOL general = FALSE;

    CK_RV rc;

    if (!sess || !ctx || !in_data || !signature) {

        TRACE_ERROR("%s received bad argument(s)\n", __func__);

        return CKR_FUNCTION_FAILED;

    }

    if (token_specific.t_hmac_verify != NULL)

        return token_specific.t_hmac_verify(tokdata, sess, in_data,

                                            in_data_len, signature, sig_len);

    /* Do manual hmac verify  if token doesn't have an hmac crypto call.

     * Secure tokens should not do manual hmac.

     */

    rc = get_hmac_digest(ctx->mech.mechanism, &digest_mech, &general);

    if (rc != 0) {

        TRACE_ERROR("get_hmac_digest failed");

        return rc;

    }

    rc = get_sha_size(digest_mech, &digest_hash_len);

    if (rc != 0) {

        TRACE_ERROR("get_sha_size failed");

        return rc;

    }

    if (general == FALSE) {

        hmac_len = digest_hash_len;

    } else {

        hmac_len = *(CK_ULONG *)ctx->mech.pParameter;

        if (hmac_len > digest_hash_len)

            return CKR_MECHANISM_PARAM_INVALID;

    }

    memset(&hmac_ctx, 0, sizeof(SIGN_VERIFY_CONTEXT));

    rc = sign_mgr_init(tokdata, sess, &hmac_ctx, &ctx->mech, FALSE, ctx->key);

    if (rc != CKR_OK) {

        TRACE_DEVEL("Sign Mgr Init failed.\n");

        goto done;

    }

    len = hmac_len;

    rc = sign_mgr_sign(tokdata, sess, FALSE, &hmac_ctx, in_data, in_data_len,

                       hmac, &len;;

    if (rc != CKR_OK) {

        TRACE_DEVEL("Sign Mgr Sign failed.\n");

        goto done;

    }

    if ((len != hmac_len) || (len != sig_len)) {

        TRACE_ERROR("%s\n", ock_err(ERR_SIGNATURE_LEN_RANGE));

        rc = CKR_SIGNATURE_LEN_RANGE;

        goto done;

    }

    if (CRYPTO_memcmp(hmac, signature, hmac_len) != 0) {

        TRACE_ERROR("%s\n", ock_err(ERR_SIGNATURE_INVALID));

        rc = CKR_SIGNATURE_INVALID;

    }

done:

    sign_mgr_cleanup(&hmac_ctx);

    return rc;

}

CK_RV hmac_sign_init(STDLL_TokData_t *tokdata, SESSION *sess,

                     CK_MECHANISM *mech, CK_OBJECT_HANDLE hkey)

{

    if (token_specific.t_hmac_sign_init != NULL)

        return token_specific.t_hmac_sign_init(tokdata, sess, mech, hkey);

    /* Return ok with the intention that the local hmac

     * implementation will get used instead.

     * For those tokens not supporting HMAC at all,

     * will need to return CKR_MECHANISM_INVALID.

     */

    return CKR_OK;

}

CK_RV hmac_sign_update(STDLL_TokData_t *tokdata, SESSION *sess,

                       CK_BYTE *in_data, CK_ULONG in_data_len)

{

    SIGN_VERIFY_CONTEXT *ctx = &sess->sign_ctx;

    if (!sess || !ctx) {

        TRACE_ERROR("%s received bad argument(s)\n", __func__);

        return CKR_FUNCTION_FAILED;

    }

    if (token_specific.t_hmac_sign_update != NULL)

        return token_specific.t_hmac_sign_update(tokdata, sess,

                                                 in_data, in_data_len);

    TRACE_ERROR("hmac-update is not supported\n");

    return CKR_MECHANISM_INVALID;

}

CK_RV hmac_sign_final(STDLL_TokData_t *tokdata, SESSION *sess,

                      CK_BYTE *signature, CK_ULONG *sig_len)

{

    SIGN_VERIFY_CONTEXT *ctx = &sess->sign_ctx;

    if (!sess || !ctx) {

        TRACE_ERROR("%s received bad argument(s)\n", __func__);

        return CKR_FUNCTION_FAILED;

    }

    if (token_specific.t_hmac_sign_final != NULL)

        return token_specific.t_hmac_sign_final(tokdata, sess,

                                                signature, sig_len);

    TRACE_ERROR("hmac-final is not supported\n");

    return CKR_MECHANISM_INVALID;

}

CK_RV hmac_verify_init(STDLL_TokData_t *tokdata, SESSION *sess,

                       CK_MECHANISM *mech, CK_OBJECT_HANDLE hkey)

{

    if (token_specific.t_hmac_verify_init != NULL)

        return token_specific.t_hmac_verify_init(tokdata, sess, mech, hkey);

    /* Return ok with the intention that the local hmac

     * implementation will get used instead.

     * For those tokens not supporting HMAC at all,

     * will need to return CKR_MECHANISM_INVALID.

     */

    return CKR_OK;

}

CK_RV hmac_verify_update(STDLL_TokData_t *tokdata, SESSION *sess,

                         CK_BYTE *in_data, CK_ULONG in_data_len)

{

    SIGN_VERIFY_CONTEXT *ctx = &sess->sign_ctx;

    if (!sess || !ctx) {

        TRACE_ERROR("%s received bad argument(s)\n", __func__);

        return CKR_FUNCTION_FAILED;

    }

    if (token_specific.t_hmac_verify_update != NULL)

        return token_specific.t_hmac_verify_update(tokdata, sess,

                                                   in_data, in_data_len);

    TRACE_ERROR("hmac-update is not supported\n");

    return CKR_MECHANISM_INVALID;

}

CK_RV hmac_verify_final(STDLL_TokData_t *tokdata, SESSION *sess,

                        CK_BYTE *signature, CK_ULONG sig_len)

{

    SIGN_VERIFY_CONTEXT *ctx = &sess->sign_ctx;

    if (!sess || !ctx) {

        TRACE_ERROR("%s received bad argument(s)\n", __func__);

        return CKR_FUNCTION_FAILED;

    }

    if (token_specific.t_hmac_verify_final != NULL)

        return token_specific.t_hmac_verify_final(tokdata, sess,

                                                  signature, sig_len);

    TRACE_ERROR("hmac-final is not supported\n");

    return CKR_MECHANISM_INVALID;

}

CK_RV ckm_generic_secret_key_gen(STDLL_TokData_t *tokdata, TEMPLATE *tmpl)

{

    if (token_specific.t_generic_secret_key_gen == NULL) {

        TRACE_ERROR("%s\n", ock_err(ERR_MECHANISM_INVALID));

        return CKR_MECHANISM_INVALID;

    }

    return token_specific.t_generic_secret_key_gen(tokdata, tmpl);

}