michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: /* michael@0: * This file implements audit logging required by FIPS 140-2 Security michael@0: * Level 2. michael@0: */ michael@0: michael@0: #include "prprf.h" michael@0: #include "softoken.h" michael@0: michael@0: /* michael@0: * Print the value of the returned object handle in the output buffer michael@0: * on a successful return of the PKCS #11 function. If the PKCS #11 michael@0: * function failed or the pointer to object handle is NULL (which is michael@0: * the case for C_DeriveKey with CKM_TLS_KEY_AND_MAC_DERIVE), an empty michael@0: * string is stored in the output buffer. michael@0: * michael@0: * out: the output buffer michael@0: * outlen: the length of the output buffer michael@0: * argName: the name of the "pointer to object handle" argument michael@0: * phObject: the pointer to object handle michael@0: * rv: the return value of the PKCS #11 function michael@0: */ michael@0: static void sftk_PrintReturnedObjectHandle(char *out, PRUint32 outlen, michael@0: const char *argName, CK_OBJECT_HANDLE_PTR phObject, CK_RV rv) michael@0: { michael@0: if ((rv == CKR_OK) && phObject) { michael@0: PR_snprintf(out, outlen, michael@0: " *%s=0x%08lX", argName, (PRUint32)*phObject); michael@0: } else { michael@0: PORT_Assert(outlen != 0); michael@0: out[0] = '\0'; michael@0: } michael@0: } michael@0: michael@0: /* michael@0: * MECHANISM_BUFSIZE needs to be large enough for sftk_PrintMechanism, michael@0: * which uses <= 49 bytes. michael@0: */ michael@0: #define MECHANISM_BUFSIZE 64 michael@0: michael@0: static void sftk_PrintMechanism(char *out, PRUint32 outlen, michael@0: CK_MECHANISM_PTR pMechanism) michael@0: { michael@0: if (pMechanism) { michael@0: /* michael@0: * If we change the format string, we need to make sure michael@0: * MECHANISM_BUFSIZE is still large enough. We allow michael@0: * 20 bytes for %p on a 64-bit platform. michael@0: */ michael@0: PR_snprintf(out, outlen, "%p {mechanism=0x%08lX, ...}", michael@0: pMechanism, (PRUint32)pMechanism->mechanism); michael@0: } else { michael@0: PR_snprintf(out, outlen, "%p", pMechanism); michael@0: } michael@0: } michael@0: michael@0: void sftk_AuditCreateObject(CK_SESSION_HANDLE hSession, michael@0: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, michael@0: CK_OBJECT_HANDLE_PTR phObject, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: char shObject[32]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: sftk_PrintReturnedObjectHandle(shObject, sizeof shObject, michael@0: "phObject", phObject, rv); michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_CreateObject(hSession=0x%08lX, pTemplate=%p, ulCount=%lu, " michael@0: "phObject=%p)=0x%08lX%s", michael@0: (PRUint32)hSession, pTemplate, (PRUint32)ulCount, michael@0: phObject, (PRUint32)rv, shObject); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_LOAD_KEY, msg); michael@0: } michael@0: michael@0: void sftk_AuditCopyObject(CK_SESSION_HANDLE hSession, michael@0: CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, michael@0: CK_OBJECT_HANDLE_PTR phNewObject, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: char shNewObject[32]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: sftk_PrintReturnedObjectHandle(shNewObject, sizeof shNewObject, michael@0: "phNewObject", phNewObject, rv); michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_CopyObject(hSession=0x%08lX, hObject=0x%08lX, " michael@0: "pTemplate=%p, ulCount=%lu, phNewObject=%p)=0x%08lX%s", michael@0: (PRUint32)hSession, (PRUint32)hObject, michael@0: pTemplate, (PRUint32)ulCount, phNewObject, (PRUint32)rv, shNewObject); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_COPY_KEY, msg); michael@0: } michael@0: michael@0: /* WARNING: hObject has been destroyed and can only be printed. */ michael@0: void sftk_AuditDestroyObject(CK_SESSION_HANDLE hSession, michael@0: CK_OBJECT_HANDLE hObject, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_DestroyObject(hSession=0x%08lX, hObject=0x%08lX)=0x%08lX", michael@0: (PRUint32)hSession, (PRUint32)hObject, (PRUint32)rv); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_DESTROY_KEY, msg); michael@0: } michael@0: michael@0: void sftk_AuditGetObjectSize(CK_SESSION_HANDLE hSession, michael@0: CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_GetObjectSize(hSession=0x%08lX, hObject=0x%08lX, " michael@0: "pulSize=%p)=0x%08lX", michael@0: (PRUint32)hSession, (PRUint32)hObject, michael@0: pulSize, (PRUint32)rv); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_ACCESS_KEY, msg); michael@0: } michael@0: michael@0: void sftk_AuditGetAttributeValue(CK_SESSION_HANDLE hSession, michael@0: CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, michael@0: CK_ULONG ulCount, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_GetAttributeValue(hSession=0x%08lX, hObject=0x%08lX, " michael@0: "pTemplate=%p, ulCount=%lu)=0x%08lX", michael@0: (PRUint32)hSession, (PRUint32)hObject, michael@0: pTemplate, (PRUint32)ulCount, (PRUint32)rv); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_ACCESS_KEY, msg); michael@0: } michael@0: michael@0: void sftk_AuditSetAttributeValue(CK_SESSION_HANDLE hSession, michael@0: CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, michael@0: CK_ULONG ulCount, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_SetAttributeValue(hSession=0x%08lX, hObject=0x%08lX, " michael@0: "pTemplate=%p, ulCount=%lu)=0x%08lX", michael@0: (PRUint32)hSession, (PRUint32)hObject, michael@0: pTemplate, (PRUint32)ulCount, (PRUint32)rv); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_CHANGE_KEY, msg); michael@0: } michael@0: michael@0: void sftk_AuditCryptInit(const char *opName, CK_SESSION_HANDLE hSession, michael@0: CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: char mech[MECHANISM_BUFSIZE]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: sftk_PrintMechanism(mech, sizeof mech, pMechanism); michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_%sInit(hSession=0x%08lX, pMechanism=%s, " michael@0: "hKey=0x%08lX)=0x%08lX", michael@0: opName, (PRUint32)hSession, mech, michael@0: (PRUint32)hKey, (PRUint32)rv); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_CRYPT, msg); michael@0: } michael@0: michael@0: void sftk_AuditGenerateKey(CK_SESSION_HANDLE hSession, michael@0: CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, michael@0: CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: char mech[MECHANISM_BUFSIZE]; michael@0: char shKey[32]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: sftk_PrintMechanism(mech, sizeof mech, pMechanism); michael@0: sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv); michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_GenerateKey(hSession=0x%08lX, pMechanism=%s, " michael@0: "pTemplate=%p, ulCount=%lu, phKey=%p)=0x%08lX%s", michael@0: (PRUint32)hSession, mech, michael@0: pTemplate, (PRUint32)ulCount, phKey, (PRUint32)rv, shKey); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_GENERATE_KEY, msg); michael@0: } michael@0: michael@0: void sftk_AuditGenerateKeyPair(CK_SESSION_HANDLE hSession, michael@0: CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate, michael@0: CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate, michael@0: CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey, michael@0: CK_OBJECT_HANDLE_PTR phPrivateKey, CK_RV rv) michael@0: { michael@0: char msg[512]; michael@0: char mech[MECHANISM_BUFSIZE]; michael@0: char shPublicKey[32]; michael@0: char shPrivateKey[32]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: sftk_PrintMechanism(mech, sizeof mech, pMechanism); michael@0: sftk_PrintReturnedObjectHandle(shPublicKey, sizeof shPublicKey, michael@0: "phPublicKey", phPublicKey, rv); michael@0: sftk_PrintReturnedObjectHandle(shPrivateKey, sizeof shPrivateKey, michael@0: "phPrivateKey", phPrivateKey, rv); michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_GenerateKeyPair(hSession=0x%08lX, pMechanism=%s, " michael@0: "pPublicKeyTemplate=%p, ulPublicKeyAttributeCount=%lu, " michael@0: "pPrivateKeyTemplate=%p, ulPrivateKeyAttributeCount=%lu, " michael@0: "phPublicKey=%p, phPrivateKey=%p)=0x%08lX%s%s", michael@0: (PRUint32)hSession, mech, michael@0: pPublicKeyTemplate, (PRUint32)ulPublicKeyAttributeCount, michael@0: pPrivateKeyTemplate, (PRUint32)ulPrivateKeyAttributeCount, michael@0: phPublicKey, phPrivateKey, (PRUint32)rv, shPublicKey, shPrivateKey); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_GENERATE_KEY, msg); michael@0: } michael@0: michael@0: void sftk_AuditWrapKey(CK_SESSION_HANDLE hSession, michael@0: CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey, michael@0: CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey, michael@0: CK_ULONG_PTR pulWrappedKeyLen, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: char mech[MECHANISM_BUFSIZE]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: sftk_PrintMechanism(mech, sizeof mech, pMechanism); michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_WrapKey(hSession=0x%08lX, pMechanism=%s, hWrappingKey=0x%08lX, " michael@0: "hKey=0x%08lX, pWrappedKey=%p, pulWrappedKeyLen=%p)=0x%08lX", michael@0: (PRUint32)hSession, mech, (PRUint32)hWrappingKey, michael@0: (PRUint32)hKey, pWrappedKey, pulWrappedKeyLen, (PRUint32)rv); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_WRAP_KEY, msg); michael@0: } michael@0: michael@0: void sftk_AuditUnwrapKey(CK_SESSION_HANDLE hSession, michael@0: CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey, michael@0: CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen, michael@0: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, michael@0: CK_OBJECT_HANDLE_PTR phKey, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: char mech[MECHANISM_BUFSIZE]; michael@0: char shKey[32]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: sftk_PrintMechanism(mech, sizeof mech, pMechanism); michael@0: sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv); michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_UnwrapKey(hSession=0x%08lX, pMechanism=%s, " michael@0: "hUnwrappingKey=0x%08lX, pWrappedKey=%p, ulWrappedKeyLen=%lu, " michael@0: "pTemplate=%p, ulAttributeCount=%lu, phKey=%p)=0x%08lX%s", michael@0: (PRUint32)hSession, mech, michael@0: (PRUint32)hUnwrappingKey, pWrappedKey, (PRUint32)ulWrappedKeyLen, michael@0: pTemplate, (PRUint32)ulAttributeCount, phKey, (PRUint32)rv, shKey); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_UNWRAP_KEY, msg); michael@0: } michael@0: michael@0: void sftk_AuditDeriveKey(CK_SESSION_HANDLE hSession, michael@0: CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey, michael@0: CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, michael@0: CK_OBJECT_HANDLE_PTR phKey, CK_RV rv) michael@0: { michael@0: char msg[512]; michael@0: char mech[MECHANISM_BUFSIZE]; michael@0: char shKey[32]; michael@0: char sTlsKeys[128]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: sftk_PrintMechanism(mech, sizeof mech, pMechanism); michael@0: sftk_PrintReturnedObjectHandle(shKey, sizeof shKey, "phKey", phKey, rv); michael@0: if ((rv == CKR_OK) && michael@0: (pMechanism->mechanism == CKM_TLS_KEY_AND_MAC_DERIVE)) { michael@0: CK_SSL3_KEY_MAT_PARAMS *param = michael@0: (CK_SSL3_KEY_MAT_PARAMS *)pMechanism->pParameter; michael@0: CK_SSL3_KEY_MAT_OUT *keymat = param->pReturnedKeyMaterial; michael@0: PR_snprintf(sTlsKeys, sizeof sTlsKeys, michael@0: " hClientMacSecret=0x%08lX hServerMacSecret=0x%08lX" michael@0: " hClientKey=0x%08lX hServerKey=0x%08lX", michael@0: (PRUint32)keymat->hClientMacSecret, michael@0: (PRUint32)keymat->hServerMacSecret, michael@0: (PRUint32)keymat->hClientKey, michael@0: (PRUint32)keymat->hServerKey); michael@0: } else { michael@0: sTlsKeys[0] = '\0'; michael@0: } michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_DeriveKey(hSession=0x%08lX, pMechanism=%s, " michael@0: "hBaseKey=0x%08lX, pTemplate=%p, ulAttributeCount=%lu, " michael@0: "phKey=%p)=0x%08lX%s%s", michael@0: (PRUint32)hSession, mech, michael@0: (PRUint32)hBaseKey, pTemplate,(PRUint32)ulAttributeCount, michael@0: phKey, (PRUint32)rv, shKey, sTlsKeys); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_DERIVE_KEY, msg); michael@0: } michael@0: michael@0: void sftk_AuditDigestKey(CK_SESSION_HANDLE hSession, michael@0: CK_OBJECT_HANDLE hKey, CK_RV rv) michael@0: { michael@0: char msg[256]; michael@0: NSSAuditSeverity severity = (rv == CKR_OK) ? michael@0: NSS_AUDIT_INFO : NSS_AUDIT_ERROR; michael@0: michael@0: PR_snprintf(msg, sizeof msg, michael@0: "C_DigestKey(hSession=0x%08lX, hKey=0x%08lX)=0x%08lX", michael@0: (PRUint32)hSession, (PRUint32)hKey, (PRUint32)rv); michael@0: sftk_LogAuditMessage(severity, NSS_AUDIT_DIGEST_KEY, msg); michael@0: }