Convert from Cryptlib to libhal. Compiles, not yet tested otherwise.

1 files changed, 51 insertions, 2 deletions

diff --git a/schema.sql b/schema.sql
index 82d9482..0ff5562 100644
--- a/schema.sql
+++ b/schema.sql
@@ -51,6 +51,55 @@
 
 PRAGMA foreign_keys = ON;
 
+-- Values we have to store somewhere and for which we have no better
+-- place.  This is a table with exactly one row (enforced by the CHECK
+-- clause on the primary index).  All columns must either allow NULL
+-- or provide default values.
+
+CREATE TABLE IF NOT EXISTS global (
+       global_id                INTEGER PRIMARY KEY NOT NULL DEFAULT 1 CHECK (global_id = 1),
+
+       -- Key-encryption-key (KEK)
+       --
+       -- The KEK **really** should be somewhere else, like in RAM
+       -- protected by tamper detection circuitry, but we don't have
+       -- that yet.  Not obvious that a separate file would be more
+       -- secure, so keep it here until we do have a better place.
+
+       kek                      BLOB CHECK (kek IS NULL OR (typeof(kek) = "blob" AND length(kek) IN (16, 32))),
+
+       -- PBKDF2-based PIN storage and check values.
+       --
+       -- "so_pin" and "user_pin" are PBKDF2 output, so only
+       -- moderately sensitive.
+       --
+       -- Not obvious that PKCS #11 ever really allows "so_pin" to be
+       -- unset, so it may want a NOT NULL constraint, but in that
+       -- case we'll need to provide a default value, which doesn't
+       -- seem like much of an improvement.  "so_pin" probably
+       -- requires out-of-band initialization.  "user-pin" is allowed
+       -- to be unset, there's an error code specifically for that
+       -- situation.
+       --
+       -- Numeric minima for PBKDF2 iterations, length of PIN, and
+       -- length of PBKDF2 salt are somewhat arbitrary, and will
+       -- probably change over time (which is why they are minima).
+       -- Feel free to suggest better minima.
+
+       pbkdf2_iterations        INTEGER NOT NULL DEFAULT 100000,
+       so_pin                   BLOB,
+       user_pin                 BLOB,
+       so_pin_salt,             BLOB,
+       user_pin_salt            BLOB,
+       CHECK ((pbkdf2_iterations >= 100000)                                                               AND
+              (so_pin        IS NULL OR (typeof(so_pin)        = "blob" AND length(so_pin)        >= 32)) AND
+              (user_pin      IS NULL OR (typeof(user_pin)      = "blob" AND length(user_pin)      >= 32)) AND
+              (so_pin_salt   IS NULL OR (typeof(so_pin_salt)   = "blob" AND length(so_pin_salt)   >= 16)) AND
+              (user_pin_salt IS NULL OR (typeof(user_pin_salt) = "blob" AND length(user_pin_salt) >= 16)))
+);
+
+INSERT OR IGNORE INTO global DEFAULT VALUES;
+
 CREATE TEMPORARY TABLE IF NOT EXISTS session (
         session_id              INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
         session_handle          INTEGER NOT NULL UNIQUE
@@ -75,7 +124,7 @@ CREATE TEMPORARY TABLE IF NOT EXISTS object (
 
 CREATE TEMPORARY TABLE IF NOT EXISTS session_object (
         session_object_id       INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
-        keyid                   TEXT UNIQUE,
+        private_key             BLOB UNIQUE,
         object_id               INTEGER NOT NULL UNIQUE
                                 REFERENCES object
                                 ON DELETE CASCADE ON UPDATE CASCADE
@@ -92,7 +141,7 @@ CREATE TEMPORARY TABLE IF NOT EXISTS session_attribute (
 
 CREATE TABLE IF NOT EXISTS token_object (
         token_object_id         INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
-        keyid                   TEXT UNIQUE
+        private_key             BLOB UNIQUE
 );
 
 CREATE TABLE IF NOT EXISTS token_attribute (