Added mechanisms handling.
This commit is contained in:
+52
-6
@@ -4,6 +4,11 @@
|
||||
|
||||
#define YUBICO_MECHANISMS_NUM 5
|
||||
|
||||
#define MIN_RSA_KEY_SIZE 1024
|
||||
#define MAX_RSA_KEY_SIZE 2048
|
||||
#define MIN_ECC_KEY_SIZE 256
|
||||
#define MAX_ECC_KEY_SIZE 384
|
||||
|
||||
// TODO add a type in vendor_t for SLOT | READER
|
||||
static const CK_UTF8CHAR_PTR slot_description = "YubiKey Virtual Reader";
|
||||
static const CK_UTF8CHAR_PTR slot_manufacturer = "Yubico";
|
||||
@@ -14,7 +19,7 @@ static const CK_UTF8CHAR_PTR token_manufacturer = "Yubico";
|
||||
static const CK_UTF8CHAR_PTR token_model = "YubiKey MODEL";
|
||||
static const CK_FLAGS token_flags = CKF_RNG | CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | CKF_TOKEN_INITIALIZED;
|
||||
static const CK_BYTE_PTR token_serial = "1234";
|
||||
static const CK_MECHANISM_TYPE token_mechanisms[] = {
|
||||
static const CK_MECHANISM_TYPE token_mechanisms[] = { // KEEP ALIGNED WITH token_mechanism_infos
|
||||
CKM_RSA_PKCS_KEY_PAIR_GEN,
|
||||
CKM_RSA_PKCS,
|
||||
// CKM_RSA_PKCS_PSS,
|
||||
@@ -26,13 +31,11 @@ static const CK_MECHANISM_TYPE token_mechanisms[] = {
|
||||
CKM_SHA1_RSA_PKCS_PSS,
|
||||
CKM_SHA256_RSA_PKCS_PSS,
|
||||
// CKM_SHA384_RSA_PKCS_PSS,
|
||||
CKM_SHA256_RSA_PKCS_PSS,
|
||||
CKM_SHA512_RSA_PKCS_PSS,
|
||||
CKM_EC_KEY_PAIR_GEN,
|
||||
//CKM_ECDSA_KEY_PAIR_GEN, Same as CKM_EC_KEY_PAIR_GEN, deprecated in 2.11
|
||||
CKM_ECDSA,
|
||||
CKM_ECDSA_SHA1,
|
||||
CKM_ECDH1_DERIVE,
|
||||
// CKM_ECDH1_COFACTOR_DERIVE,
|
||||
CKM_SHA_1,
|
||||
CKM_SHA256,
|
||||
CKM_SHA384,
|
||||
@@ -41,6 +44,29 @@ static const CK_MECHANISM_TYPE token_mechanisms[] = {
|
||||
};
|
||||
static const CK_ULONG token_mechanisms_num = sizeof(token_mechanisms) / sizeof(CK_MECHANISM_TYPE);
|
||||
|
||||
static const CK_MECHANISM_INFO token_mechanism_infos[] = { // KEEP ALIGNED WITH token_mechanisms
|
||||
{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_GENERATE_KEY_PAIR}, // CKM_RSA_PKCS_KEY_PAIR_GEN
|
||||
{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_DECRYPT | CKF_SIGN}, // CKM_RSA_PKCS
|
||||
//{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_SIGN}, // CKM_RSA_PKCS_PSS
|
||||
{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_DECRYPT | CKF_SIGN}, // CKM_RSA_X_509
|
||||
{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_SIGN}, // CKM_SHA1_RSA_PKCS
|
||||
{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_SIGN}, // CKM_SHA256_RSA_PKCS
|
||||
//{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_SIGN}, // CKM_SHA384_RSA_PKCS
|
||||
{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_SIGN}, // CKM_SHA512_RSA_PKCS
|
||||
{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_SIGN}, // CKM_SHA1_RSA_PKCS_PSS
|
||||
{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_SIGN}, // CKM_SHA256_RSA_PKCS_PSS
|
||||
//{, , }, // CKM_SHA384_RSA_PKCS_PSS
|
||||
{MIN_RSA_KEY_SIZE, MAX_RSA_KEY_SIZE, CKF_HW | CKF_SIGN}, // CKM_SHA512_RSA_PKCS_PSS
|
||||
{MIN_ECC_KEY_SIZE, MAX_ECC_KEY_SIZE, CKF_HW | CKF_GENERATE_KEY_PAIR}, // CKM_EC_KEY_PAIR_GEN
|
||||
//{, , }, // CKM_ECDSA_KEY_PAIR_GEN Same as CKM_EC_KEY_PAIR_GEN deprecated in 2.11
|
||||
{MIN_ECC_KEY_SIZE, MAX_ECC_KEY_SIZE, CKF_HW | CKF_SIGN}, // CKM_ECDSA
|
||||
{MIN_ECC_KEY_SIZE, MAX_ECC_KEY_SIZE, CKF_HW | CKF_SIGN}, // CKM_ECDSA_SHA1
|
||||
{0, 0, CKF_DIGEST}, // CKM_SHA_1
|
||||
{0, 0, CKF_DIGEST}, // CKM_SHA256
|
||||
{0, 0, CKF_DIGEST}, // CKM_SHA384
|
||||
{0, 0, CKF_DIGEST} // CKM_SHA512
|
||||
};
|
||||
|
||||
|
||||
CK_RV YUBICO_get_slot_description(CK_UTF8CHAR_PTR str, CK_ULONG len) {
|
||||
|
||||
@@ -163,6 +189,26 @@ CK_RV YUBICO_get_token_mechanisms_num(CK_ULONG_PTR num) {
|
||||
|
||||
}
|
||||
|
||||
/*CK_RV YUBICO_get_token_mechanisms(void) {
|
||||
CK_RV YUBICO_get_token_mechanism_list(CK_MECHANISM_TYPE_PTR mec, CK_ULONG num) {
|
||||
|
||||
}*/
|
||||
if (token_mechanisms_num > num)
|
||||
return CKR_BUFFER_TOO_SMALL;
|
||||
|
||||
memcpy(mec, token_mechanisms, token_mechanisms_num * sizeof(CK_MECHANISM_TYPE));
|
||||
return CKR_OK;
|
||||
|
||||
}
|
||||
|
||||
CK_RV YUBICO_get_token_mechanism_info(CK_MECHANISM_TYPE mec, CK_MECHANISM_INFO_PTR info) {
|
||||
|
||||
CK_ULONG i;
|
||||
|
||||
for (i = 0; i < token_mechanisms_num; i++)
|
||||
if (token_mechanisms[i] == mec) {
|
||||
memcpy((CK_BYTE_PTR) info, (CK_BYTE_PTR) (token_mechanism_infos + i), sizeof(CK_MECHANISM_INFO));
|
||||
return CKR_OK;
|
||||
}
|
||||
|
||||
return CKR_MECHANISM_INVALID;
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user