#include <isc/lang.h>#include <isc/magic.h>#include <isc/types.h>#include <pkcs11/cryptoki.h>Go to the source code of this file.
Definition in file pk11.h.
| #define PK11_FATALCHECK | ( | func, | |||
| args | ) |
Value:
((void) (((rv = (func) args) == CKR_OK) || \ ((pk11_error_fatalcheck)(__FILE__, __LINE__, #func, rv), 0)))
Definition at line 26 of file pk11.h.
Referenced by choose_slots().
| #define SES_MAGIC ISC_MAGIC('P','K','S','S') |
| #define TOK_MAGIC ISC_MAGIC('P','K','T','K') |
| typedef struct pk11_context pk11_context_t |
| typedef struct pk11_object pk11_object_t |
| enum pk11_optype_t |
| void pk11_set_lib_name | ( | const char * | lib_name | ) |
| isc_result_t pk11_initialize | ( | isc_mem_t * | mctx, | |
| const char * | engine | |||
| ) |
Initialize PKCS#11 device.
mctx: memory context to attach to pk11_mctx. engine: PKCS#11 provider (aka library) path/name.
returns: ISC_R_SUCCESS PK11_R_NOPROVIDER: can't load the provider PK11_R_INITFAILED: C_Initialize() failed PK11_R_NORANDOMSERVICE: can't find required random service PK11_R_NODIGESTSERVICE: can't find required digest service PK11_R_NOAESSERVICE: can't find required AES service
Definition at line 276 of file pk11.c.
References allocsize, choose_slots(), CKR_OK, initialize(), initialized, ISC_LIST_INIT, isc_mem_attach(), isc_once_do, ISC_R_SUCCESS, ISC_TRUE, lib_name, LOCK, once, PK11_R_INITFAILED, PK11_R_NOAESSERVICE, PK11_R_NODIGESTSERVICE, PK11_R_NOPROVIDER, PK11_R_NORANDOMSERVICE, pkcs_C_Initialize(), RUNTIME_CHECK, and UNLOCK.
Referenced by pk11_get_session().
| isc_result_t pk11_get_session | ( | pk11_context_t * | ctx, | |
| pk11_optype_t | optype, | |||
| isc_boolean_t | need_services, | |||
| isc_boolean_t | rw, | |||
| isc_boolean_t | logon, | |||
| const char * | pin, | |||
| CK_SLOT_ID | slot | |||
| ) |
Initialize PKCS#11 device and acquire a session.
need_services: if ISC_TRUE, this session requires full PKCS#11 API support including random and digest services, and the lack of these services will cause the session not to be initialized. If ISC_FALSE, the function will return an error code indicating the missing service, but the session will be usable for other purposes. rw: if ISC_TRUE, session will be read/write (useful for generating or destroying keys); otherwise read-only. login: indicates whether to log in to the device pin: optional PIN, overriding any PIN currently associated with the slot: device slot ID
Definition at line 430 of file pk11.c.
References CK_INVALID_HANDLE, pk11_context::handle, ISC_LINK_INIT, ISC_LIST_APPEND, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_LIST_UNLINK, ISC_R_NOMEMORY, ISC_R_NOTFOUND, ISC_R_RANGE, ISC_R_SUCCESS, LOCK, OP_AES, OP_ANY, OP_DIGEST, OP_RAND, pk11_token::operations, PINLEN, pk11_initialize(), pk11_mem_get(), PK11_R_NOAESSERVICE, PK11_R_NODIGESTSERVICE, PK11_R_NORANDOMSERVICE, SES_MAGIC, pk11_context::session, setup_session(), token, token_login(), UNLOCK, and UNUSED.
Referenced by pk11_rand_bytes(), and pk11_rand_seed_fromfile().
| void pk11_return_session | ( | pk11_context_t * | ctx | ) |
Release an active PKCS#11 session for reuse.
Definition at line 548 of file pk11.c.
References CK_INVALID_HANDLE, pk11_context::handle, ISC_LIST_APPEND, ISC_LIST_UNLINK, LOCK, pk11_mem_put(), pk11_context::session, and UNLOCK.
Referenced by pk11_rand_bytes(), and pk11_rand_seed_fromfile().
| isc_result_t pk11_finalize | ( | void | ) |
Shut down PKCS#11 device and free all sessions.
Definition at line 336 of file pk11.c.
References free_all_sessions(), initialized, ISC_FALSE, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_LIST_UNLINK, isc_mem_detach(), NULL_PTR, pk11_mem_put(), pkcs_C_Finalize(), and token.
| isc_result_t pk11_rand_bytes | ( | unsigned char * | buf, | |
| int | num | |||
| ) |
Definition at line 372 of file pk11.c.
References CK_INVALID_HANDLE, CKR_OK, DST_R_CRYPTOFAILURE, ISC_FALSE, ISC_R_SUCCESS, OP_RAND, pk11_get_session(), PK11_R_NOAESSERVICE, PK11_R_NODIGESTSERVICE, pk11_return_session(), pkcs_C_GenerateRandom(), RUNTIME_CHECK, and pk11_context::session.
Referenced by dst__entropy_getdata().
| void pk11_rand_seed_fromfile | ( | const char * | randomfile | ) |
Definition at line 398 of file pk11.c.
References CK_INVALID_HANDLE, cleanup(), ISC_FALSE, ISC_R_SUCCESS, isc_stdio_close(), isc_stdio_open(), isc_stdio_read(), OP_RAND, pk11_get_session(), PK11_R_NOAESSERVICE, PK11_R_NODIGESTSERVICE, pk11_return_session(), pkcs_C_SeedRandom(), RUNTIME_CHECK, seed, SEEDSIZE, and pk11_context::session.
Referenced by isc_entropy_usebestsource().
| isc_result_t pk11_parse_uri | ( | pk11_object_t * | obj, | |
| const char * | label, | |||
| isc_mem_t * | mctx, | |||
| pk11_optype_t | optype | |||
| ) |
Definition at line 1098 of file pk11.c.
References CKA_ID, CKA_LABEL, DST_RET, ISC_FALSE, ISC_LIST_HEAD, ISC_LIST_NEXT, isc_mem_get, isc_mem_put, ISC_R_EOF, ISC_R_NOMEMORY, ISC_R_NOTFOUND, ISC_R_RANGE, ISC_R_SUCCESS, isc_stdio_close(), isc_stdio_open(), isc_stdio_read(), ISC_TRUE, OP_DH, OP_DSA, OP_EC, OP_RSA, percent_decode(), PINLEN, pk11_attribute_bytype(), PK11_R_NOPROVIDER, pk11strcmp(), push_attribute(), CK_ATTRIBUTE::pValue, pk11_object::reqlogon, pk11_object::slot, token, and CK_ATTRIBUTE::type.
| ISC_PLATFORM_NORETURN_PRE void pk11_error_fatalcheck | ( | const char * | file, | |
| int | line, | |||
| const char * | funcname, | |||
| CK_RV | rv | |||
| ) |
| void pk11_dump_tokens | ( | void | ) |
Definition at line 1268 of file pk11.c.
References ISC_FALSE, ISC_LIST_HEAD, ISC_LIST_NEXT, ISC_TRUE, OP_DH, OP_DIGEST, OP_DSA, OP_EC, OP_RAND, OP_RSA, pk11_token::operations, and token.
| CK_RV pkcs_C_Initialize | ( | CK_VOID_PTR | pReserved | ) |
Definition at line 43 of file pk11_api.c.
References CKR_LIBRARY_ALREADY_INITIALIZED, CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, hPK11, and pk11_get_lib_name().
Referenced by pk11_initialize().
| CK_RV pkcs_C_Finalize | ( | CK_VOID_PTR | pReserved | ) |
Definition at line 60 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_OK, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
Referenced by pk11_finalize().
| CK_RV pkcs_C_GetSlotList | ( | CK_BBOOL | tokenPresent, | |
| CK_SLOT_ID_PTR | pSlotList, | |||
| CK_ULONG_PTR | pulCount | |||
| ) |
Definition at line 77 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
Referenced by choose_slots().
| CK_RV pkcs_C_GetTokenInfo | ( | CK_SLOT_ID | slotID, | |
| CK_TOKEN_INFO_PTR | pInfo | |||
| ) |
Definition at line 95 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
Referenced by choose_slots().
| CK_RV pkcs_C_GetMechanismInfo | ( | CK_SLOT_ID | slotID, | |
| CK_MECHANISM_TYPE | type, | |||
| CK_MECHANISM_INFO_PTR | pInfo | |||
| ) |
Definition at line 111 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
Referenced by choose_slots().
| CK_RV pkcs_C_OpenSession | ( | CK_SLOT_ID | slotID, | |
| CK_FLAGS | flags, | |||
| CK_VOID_PTR | pApplication, | |||
| CK_RV(*)(CK_SESSION_HANDLE hSession, CK_NOTIFICATION event, CK_VOID_PTR pApplication) | Notify, | |||
| CK_SESSION_HANDLE_PTR | phSession | |||
| ) |
Definition at line 130 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, hPK11, and pk11_get_lib_name().
Referenced by setup_session().
| CK_RV pkcs_C_CloseSession | ( | CK_SESSION_HANDLE | hSession | ) |
Definition at line 154 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
Referenced by free_session_list().
| CK_RV pkcs_C_Login | ( | CK_SESSION_HANDLE | hSession, | |
| CK_USER_TYPE | userType, | |||
| CK_CHAR_PTR | pPin, | |||
| CK_ULONG | usPinLen | |||
| ) |
Definition at line 170 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
Referenced by token_login().
| CK_RV pkcs_C_Logout | ( | CK_SESSION_HANDLE | hSession | ) |
Definition at line 188 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_CreateObject | ( | CK_SESSION_HANDLE | hSession, | |
| CK_ATTRIBUTE_PTR | pTemplate, | |||
| CK_ULONG | usCount, | |||
| CK_OBJECT_HANDLE_PTR | phObject | |||
| ) |
Definition at line 204 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_DestroyObject | ( | CK_SESSION_HANDLE | hSession, | |
| CK_OBJECT_HANDLE | hObject | |||
| ) |
Definition at line 222 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_GetAttributeValue | ( | CK_SESSION_HANDLE | hSession, | |
| CK_OBJECT_HANDLE | hObject, | |||
| CK_ATTRIBUTE_PTR | pTemplate, | |||
| CK_ULONG | usCount | |||
| ) |
Definition at line 238 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_SetAttributeValue | ( | CK_SESSION_HANDLE | hSession, | |
| CK_OBJECT_HANDLE | hObject, | |||
| CK_ATTRIBUTE_PTR | pTemplate, | |||
| CK_ULONG | usCount | |||
| ) |
Definition at line 257 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_FindObjectsInit | ( | CK_SESSION_HANDLE | hSession, | |
| CK_ATTRIBUTE_PTR | pTemplate, | |||
| CK_ULONG | usCount | |||
| ) |
Definition at line 276 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_FindObjects | ( | CK_SESSION_HANDLE | hSession, | |
| CK_OBJECT_HANDLE_PTR | phObject, | |||
| CK_ULONG | usMaxObjectCount, | |||
| CK_ULONG_PTR | pusObjectCount | |||
| ) |
Definition at line 294 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_FindObjectsFinal | ( | CK_SESSION_HANDLE | hSession | ) |
Definition at line 312 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_EncryptInit | ( | CK_SESSION_HANDLE | hSession, | |
| CK_MECHANISM_PTR | pMechanism, | |||
| CK_OBJECT_HANDLE | hKey | |||
| ) |
Definition at line 330 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_Encrypt | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | pData, | |||
| CK_ULONG | ulDataLen, | |||
| CK_BYTE_PTR | pEncryptedData, | |||
| CK_ULONG_PTR | pulEncryptedDataLen | |||
| ) |
Definition at line 348 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_DigestInit | ( | CK_SESSION_HANDLE | hSession, | |
| CK_MECHANISM_PTR | pMechanism | |||
| ) |
Definition at line 368 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_DigestUpdate | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | pPart, | |||
| CK_ULONG | ulPartLen | |||
| ) |
Definition at line 384 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_DigestFinal | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | pDigest, | |||
| CK_ULONG_PTR | pulDigestLen | |||
| ) |
Definition at line 402 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_SignInit | ( | CK_SESSION_HANDLE | hSession, | |
| CK_MECHANISM_PTR | pMechanism, | |||
| CK_OBJECT_HANDLE | hKey | |||
| ) |
Definition at line 420 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_Sign | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | pData, | |||
| CK_ULONG | ulDataLen, | |||
| CK_BYTE_PTR | pSignature, | |||
| CK_ULONG_PTR | pulSignatureLen | |||
| ) |
Definition at line 438 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_SignUpdate | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | pPart, | |||
| CK_ULONG | ulPartLen | |||
| ) |
Definition at line 457 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_SignFinal | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | pSignature, | |||
| CK_ULONG_PTR | pulSignatureLen | |||
| ) |
Definition at line 475 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_VerifyInit | ( | CK_SESSION_HANDLE | hSession, | |
| CK_MECHANISM_PTR | pMechanism, | |||
| CK_OBJECT_HANDLE | hKey | |||
| ) |
Definition at line 493 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_Verify | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | pData, | |||
| CK_ULONG | ulDataLen, | |||
| CK_BYTE_PTR | pSignature, | |||
| CK_ULONG | ulSignatureLen | |||
| ) |
Definition at line 511 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_VerifyUpdate | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | pPart, | |||
| CK_ULONG | ulPartLen | |||
| ) |
Definition at line 530 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_VerifyFinal | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | pSignature, | |||
| CK_ULONG | ulSignatureLen | |||
| ) |
Definition at line 548 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_GenerateKey | ( | CK_SESSION_HANDLE | hSession, | |
| CK_MECHANISM_PTR | pMechanism, | |||
| CK_ATTRIBUTE_PTR | pTemplate, | |||
| CK_ULONG | ulCount, | |||
| CK_OBJECT_HANDLE_PTR | phKey | |||
| ) |
Definition at line 566 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_GenerateKeyPair | ( | CK_SESSION_HANDLE | hSession, | |
| CK_MECHANISM_PTR | pMechanism, | |||
| CK_ATTRIBUTE_PTR | pPublicKeyTemplate, | |||
| CK_ULONG | usPublicKeyAttributeCount, | |||
| CK_ATTRIBUTE_PTR | pPrivateKeyTemplate, | |||
| CK_ULONG | usPrivateKeyAttributeCount, | |||
| CK_OBJECT_HANDLE_PTR | phPrivateKey, | |||
| CK_OBJECT_HANDLE_PTR | phPublicKey | |||
| ) |
Definition at line 585 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_DeriveKey | ( | CK_SESSION_HANDLE | hSession, | |
| CK_MECHANISM_PTR | pMechanism, | |||
| CK_OBJECT_HANDLE | hBaseKey, | |||
| CK_ATTRIBUTE_PTR | pTemplate, | |||
| CK_ULONG | ulAttributeCount, | |||
| CK_OBJECT_HANDLE_PTR | phKey | |||
| ) |
Definition at line 616 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
| CK_RV pkcs_C_SeedRandom | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | pSeed, | |||
| CK_ULONG | ulSeedLen | |||
| ) |
Definition at line 640 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
Referenced by pk11_rand_seed_fromfile().
| CK_RV pkcs_C_GenerateRandom | ( | CK_SESSION_HANDLE | hSession, | |
| CK_BYTE_PTR | RandomData, | |||
| CK_ULONG | ulRandomLen | |||
| ) |
Definition at line 658 of file pk11_api.c.
References CKR_LIBRARY_FAILED_TO_LOAD, CKR_SYMBOL_RESOLUTION_FAILED, and hPK11.
Referenced by pk11_rand_bytes().