1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
|
/*
* Copyright (c) 2010 SURFnet bv
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
* GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
* IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
* IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/*****************************************************************************
SecureDataManager.h
The secure data manager main class. Every token instance has a secure data
manager instance member that is used to decrypt and encrypt sensitive object
attributes such as key material. The secure data manager maintains a key blob
containing a 256-bit AES key that is used in this decryption and encryption
process. The key blob itself is encrypted using a PBE derived key that is
derived from the user PIN and a PBE key that is derived from the SO PIN. It
is up to the token to enforce access control based on which user is logged
in; authentication using the SO PIN is required to be able to change the
user PIN. The master key that is used to decrypt/encrypt sensitive attributes
is stored in memory under a mask that is changed every time the key is used.
*****************************************************************************/
#ifndef _SOFTHSM_V2_SECUREDATAMANAGER_H
#define _SOFTHSM_V2_SECUREDATAMANAGER_H
#include "config.h"
#include "ByteString.h"
#include "log.h"
#include "AESKey.h"
#include "RNG.h"
#include "SymmetricAlgorithm.h"
#include "MutexFactory.h"
class SecureDataManager
{
public:
// Constructors
// Constructs a new SecureDataManager for a blank token; actual
// initialisation is done by setting the SO PIN
SecureDataManager();
// Constructs a SecureDataManager using the specified SO PIN and user PIN
SecureDataManager(const ByteString& soPINBlob, const ByteString& userPINBlob);
// Destructor
virtual ~SecureDataManager();
// Set the SO PIN (requires either a blank SecureDataManager or the
// SO to have logged in previously)
bool setSOPIN(const ByteString& soPIN);
// Set the user PIN (requires either the SO or the user to have logged
// in previously)
bool setUserPIN(const ByteString& userPIN);
// Log in using the SO PIN
bool loginSO(const ByteString& soPIN);
bool isSOLoggedIn();
// Log in using the user PIN
bool loginUser(const ByteString& userPIN);
bool isUserLoggedIn();
// Re-authentication
bool reAuthenticateSO(const ByteString& soPIN);
bool reAuthenticateUser(const ByteString& userPIN);
// Log out
void logout();
// Decrypt the supplied data
bool decrypt(const ByteString& encrypted, ByteString& plaintext);
// Encrypt the supplied data
bool encrypt(const ByteString& plaintext, ByteString& encrypted);
// Returns the key blob for the SO PIN
ByteString getSOPINBlob();
// Returns the key blob for the user PIN
ByteString getUserPINBlob();
private:
// Initialise the object
void initObject();
// Generic login function
bool login(const ByteString& passphrase, const ByteString& encryptedKey);
// Generic re-authentication function
bool reAuthenticate(const ByteString& passphrase, const ByteString& encryptedKey);
// Generic function for creating an encrypted version of the key from the specified passphrase
bool pbeEncryptKey(const ByteString& passphrase, ByteString& encryptedKey);
// Unmask the key
void unmask(ByteString& key);
// Remask the key
void remask(ByteString& key);
// The user PIN encrypted key
ByteString userEncryptedKey;
// The SO PIN encrypted key
ByteString soEncryptedKey;
// Which users are logged in
bool soLoggedIn;
bool userLoggedIn;
// The masked version of the actual key
ByteString maskedKey;
// The "magic" data used to detect if a PIN was likely to be correct
ByteString magic;
// The mask; this is not a stack member but a heap member. This
// hopefully ensures that the mask ends up in a memory location
// that is not logically linked to the masked key
ByteString* mask;
// Random number generator instance
RNG* rng;
// AES instance
SymmetricAlgorithm* aes;
// Mutex
Mutex* dataMgrMutex;
};
#endif // !_SOFTHSM_V2_SECUREDATAMANAGER_H
|
