summaryrefslogtreecommitdiffstats
path: root/SoftHSMv2/src/lib/data_mgr/SecureDataManager.h
blob: 93d99bc1676155b10599aef3017a29763f11d1f7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
/*
 * Copyright (c) 2010 SURFnet bv
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

/*****************************************************************************
 SecureDataManager.h

 The secure data manager main class. Every token instance has a secure data
 manager instance member that is used to decrypt and encrypt sensitive object
 attributes such as key material. The secure data manager maintains a key blob
 containing a 256-bit AES key that is used in this decryption and encryption
 process. The key blob itself is encrypted using a PBE derived key that is
 derived from the user PIN and a PBE key that is derived from the SO PIN. It
 is up to the token to enforce access control based on which user is logged
 in; authentication using the SO PIN is required to be able to change the
 user PIN. The master key that is used to decrypt/encrypt sensitive attributes
 is stored in memory under a mask that is changed every time the key is used.
 *****************************************************************************/

#ifndef _SOFTHSM_V2_SECUREDATAMANAGER_H
#define _SOFTHSM_V2_SECUREDATAMANAGER_H

#include "config.h"
#include "ByteString.h"
#include "log.h"
#include "AESKey.h"
#include "RNG.h"
#include "SymmetricAlgorithm.h"
#include "MutexFactory.h"

class SecureDataManager
{
public:
	// Constructors

	// Constructs a new SecureDataManager for a blank token; actual
	// initialisation is done by setting the SO PIN
	SecureDataManager();

	// Constructs a SecureDataManager using the specified SO PIN and user PIN
	SecureDataManager(const ByteString& soPINBlob, const ByteString& userPINBlob);

	// Destructor
	virtual ~SecureDataManager();

	// Set the SO PIN (requires either a blank SecureDataManager or the
	// SO to have logged in previously)
	bool setSOPIN(const ByteString& soPIN);

	// Set the user PIN (requires either the SO or the user to have logged
	// in previously)
	bool setUserPIN(const ByteString& userPIN);

	// Log in using the SO PIN
	bool loginSO(const ByteString& soPIN);
	bool isSOLoggedIn();

	// Log in using the user PIN
	bool loginUser(const ByteString& userPIN);
	bool isUserLoggedIn();

	// Re-authentication
	bool reAuthenticateSO(const ByteString& soPIN);
	bool reAuthenticateUser(const ByteString& userPIN);

	// Log out
	void logout();

	// Decrypt the supplied data
	bool decrypt(const ByteString& encrypted, ByteString& plaintext);

	// Encrypt the supplied data
	bool encrypt(const ByteString& plaintext, ByteString& encrypted);

	// Returns the key blob for the SO PIN
	ByteString getSOPINBlob();

	// Returns the key blob for the user PIN
	ByteString getUserPINBlob();

private:
	// Initialise the object
	void initObject();

	// Generic login function
	bool login(const ByteString& passphrase, const ByteString& encryptedKey);

	// Generic re-authentication function
	bool reAuthenticate(const ByteString& passphrase, const ByteString& encryptedKey);

	// Generic function for creating an encrypted version of the key from the specified passphrase
	bool pbeEncryptKey(const ByteString& passphrase, ByteString& encryptedKey);

	// Unmask the key
	void unmask(ByteString& key);

	// Remask the key
	void remask(ByteString& key);

	// The user PIN encrypted key
	ByteString userEncryptedKey;

	// The SO PIN encrypted key
	ByteString soEncryptedKey;

	// Which users are logged in
	bool soLoggedIn;
	bool userLoggedIn;

	// The masked version of the actual key
	ByteString maskedKey;

	// The "magic" data used to detect if a PIN was likely to be correct
	ByteString magic;

	// The mask; this is not a stack member but a heap member. This
	// hopefully ensures that the mask ends up in a memory location
	// that is not logically linked to the masked key
	ByteString* mask;

	// Random number generator instance
	RNG* rng;

	// AES instance
	SymmetricAlgorithm* aes;

	// Mutex
	Mutex* dataMgrMutex;
};

#endif // !_SOFTHSM_V2_SECUREDATAMANAGER_H