Add of DigestInit.

This commit is contained in:
Alessio Di Mauro
2015-08-25 15:55:52 +02:00
parent 5f306a8d1c
commit 5a2c00deb7
3 changed files with 77 additions and 6 deletions
+37
View File
@@ -30,6 +30,14 @@ static const CK_MECHANISM_TYPE generation_mechanisms[] = {
CKM_EC_KEY_PAIR_GEN
};
// Supported mechanisms for hashing
static const CK_MECHANISM_TYPE hash_mechanisms[] = {
CKM_SHA_1,
CKM_SHA256,
CKM_SHA384,
CKM_SHA512
};
CK_RV check_sign_mechanism(const ykcs11_session_t *s, const CK_MECHANISM_PTR m) {
CK_ULONG i;
@@ -470,3 +478,32 @@ CK_RV check_pvtkey_template(op_info_t *op_info, CK_ATTRIBUTE_PTR templ, CK_ULONG
return CKR_OK;
}
CK_RV check_hash_mechanism(const ykcs11_session_t *s, CK_MECHANISM_PTR m) {
CK_ULONG i;
CK_BBOOL supported = CK_FALSE;
token_vendor_t token;
CK_MECHANISM_INFO info;
// Check if the mechanism is supported by the module
for (i = 0; i < sizeof(hash_mechanisms) / sizeof(CK_MECHANISM_TYPE); i++) {
if (m->mechanism == hash_mechanisms[i]) {
supported = CK_TRUE;
break;
}
}
if (supported == CK_FALSE)
return CKR_MECHANISM_INVALID;
// Check if the mechanism is supported by the token
token = get_token_vendor(s->slot->token->vid);
if (token.get_token_mechanism_info(m->mechanism, &info) != CKR_OK)
return CKR_MECHANISM_INVALID;
// TODO: also check that parametes make sense if any? And key size is in [min max]
return CKR_OK;
}
+2
View File
@@ -16,4 +16,6 @@ CK_RV check_generation_mechanism(const ykcs11_session_t *s, CK_MECHANISM_PTR m);
CK_RV check_pubkey_template(op_info_t *op_info, CK_ATTRIBUTE_PTR templ, CK_ULONG n);
CK_RV check_pvtkey_template(op_info_t *op_info, CK_ATTRIBUTE_PTR templ, CK_ULONG n);
CK_RV check_hash_mechanism(const ykcs11_session_t *s, CK_MECHANISM_PTR m);
#endif
+38 -6
View File
@@ -217,8 +217,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo)(
)
{
DIN;
CK_VERSION ver = {0, 0};
token_vendor_t token;
CK_BYTE buf[64];
if (piv_state == NULL) {
@@ -246,8 +244,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo)(
return CKR_TOKEN_NOT_RECOGNIZED;
}
token = get_token_vendor(slots[slotID].token->vid);
memcpy(pInfo, &slots[slotID].token->info, sizeof(CK_TOKEN_INFO));
// Overwrite values that are application specific
@@ -686,7 +682,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_Login)(
)
{
DIN;
CK_ULONG tries;
CK_ULONG tries = 0;
if (piv_state == NULL) {
DBG(("libykpiv is not initialized or already finalized"));
@@ -1219,7 +1215,43 @@ CK_DEFINE_FUNCTION(CK_RV, C_DigestInit)(
)
{
DIN;
DBG(("TODO!!!"));
if (piv_state == NULL) {
DBG(("libykpiv is not initialized or already finalized"));
return CKR_CRYPTOKI_NOT_INITIALIZED;
}
if (session.handle != YKCS11_SESSION_ID) {
DBG(("Session is not open"));
return CKR_SESSION_CLOSED;
}
if (hSession != session.handle) {
DBG(("Unknown session %lu", hSession));
return CKR_SESSION_HANDLE_INVALID;
}
if (op_info.type != YKCS11_NOOP) {
DBG(("Other operation in process"));
return CKR_OPERATION_ACTIVE;
}
if (pMechanism == NULL_PTR) {
DBG(("Wrong/Missing parameter"));
return CKR_ARGUMENTS_BAD;
}
DBG(("Trying to hash some data with mechanism %lu", pMechanism->mechanism));
// Check if mechanism is supported
if (check_hash_mechanism(&session, pMechanism) != CKR_OK) {
DBG(("Mechanism %lu is not supported either by the token or the module", pMechanism->mechanism));
return CKR_MECHANISM_INVALID;
}
memcpy(&op_info.mechanism, pMechanism, sizeof(CK_MECHANISM));
op_info.type = YKCS11_HASH;
DOUT;
return CKR_OK;
}