lib/pkcs11_int.c

   1 /*
   2  * GnuTLS PKCS#11 support
   3  * Copyright (C) 2010-2012 Free Software Foundation, Inc.
   4  * Copyright (C) 2008, Joe Orton <joe@manyfish.co.uk>
   5  *
   6  * Authors: Nikos Mavrogiannopoulos, Stef Walter
   7  *
   8  * Inspired and some parts (pkcs11_login) based on neon PKCS #11 support
   9  * by Joe Orton. More ideas came from the pkcs11-helper library by
  10  * Alon Bar-Lev.
  11  *
  12  * The GnuTLS is free software; you can redistribute it and/or
  13  * modify it under the terms of the GNU Lesser General Public License
  14  * as published by the Free Software Foundation; either version 2.1 of
  15  * the License, or (at your option) any later version.
  16  *
  17  * This library is distributed in the hope that it will be useful, but
  18  * WITHOUT ANY WARRANTY; without even the implied warranty of
  19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  20  * Lesser General Public License for more details.
  21  *
  22  * You should have received a copy of the GNU Lesser General Public License
  23  * along with this program.  If not, see <http://www.gnu.org/licenses/>
  24  */
  25
  26 #include <gnutls_int.h>
  27 #include <gnutls/pkcs11.h>
  28 #include <stdio.h>
  29 #include <string.h>
  30 #include <gnutls_errors.h>
  31 #include <gnutls_datum.h>
  32
  33 #include <pin.h>
  34 #include <pkcs11_int.h>
  35 #include <p11-kit/p11-kit.h>
  36 #include <p11-kit/pin.h>
  37
  38 ck_rv_t
  39 pkcs11_get_slot_list(struct ck_function_list * module,
  40                      unsigned char token_present, ck_slot_id_t * slot_list,
  41                      unsigned long *count)
  42 {
  43         return (module)->C_GetSlotList(token_present, slot_list, count);
  44 }
  45
  46 ck_rv_t
  47 pkcs11_get_module_info(struct ck_function_list * module,
  48                        struct ck_info * info)
  49 {
  50         return (module)->C_GetInfo(info);
  51 }
  52
  53 ck_rv_t
  54 pkcs11_get_slot_info(struct ck_function_list * module,
  55                      ck_slot_id_t slot_id, struct ck_slot_info * info)
  56 {
  57         return (module)->C_GetSlotInfo(slot_id, info);
  58 }
  59
  60 ck_rv_t
  61 pkcs11_get_token_info(struct ck_function_list * module,
  62                       ck_slot_id_t slot_id, struct ck_token_info * info)
  63 {
  64         return (module)->C_GetTokenInfo(slot_id, info);
  65 }
  66
  67 ck_rv_t
  68 pkcs11_find_objects_init(struct ck_function_list * module,
  69                          ck_session_handle_t sess,
  70                          struct ck_attribute * templ, unsigned long count)
  71 {
  72         return (module)->C_FindObjectsInit(sess, templ, count);
  73 }
  74
  75 ck_rv_t
  76 pkcs11_find_objects(struct ck_function_list * module,
  77                     ck_session_handle_t sess,
  78                     ck_object_handle_t * objects,
  79                     unsigned long max_object_count,
  80                     unsigned long *object_count)
  81 {
  82         return (module)->C_FindObjects(sess, objects, max_object_count,
  83                                        object_count);
  84 }
  85
  86 ck_rv_t pkcs11_find_objects_final(struct pkcs11_session_info * sinfo)
  87 {
  88         return (sinfo->module)->C_FindObjectsFinal(sinfo->pks);
  89 }
  90
  91 ck_rv_t pkcs11_close_session(struct pkcs11_session_info * sinfo)
  92 {
  93         sinfo->init = 0;
  94         return (sinfo->module)->C_CloseSession(sinfo->pks);
  95 }
  96
  97 ck_rv_t
  98 pkcs11_get_attribute_value(struct ck_function_list * module,
  99                            ck_session_handle_t sess,
 100                            ck_object_handle_t object,
 101                            struct ck_attribute * templ,
 102                            unsigned long count)
 103 {
 104         return (module)->C_GetAttributeValue(sess, object, templ, count);
 105 }
 106
 107 ck_rv_t
 108 pkcs11_get_mechanism_list(struct ck_function_list * module,
 109                           ck_slot_id_t slot_id,
 110                           ck_mechanism_type_t * mechanism_list,
 111                           unsigned long *count)
 112 {
 113         return (module)->C_GetMechanismList(slot_id, mechanism_list,
 114                                             count);
 115 }
 116
 117 ck_rv_t
 118 pkcs11_sign_init(struct ck_function_list * module,
 119                  ck_session_handle_t sess,
 120                  struct ck_mechanism * mechanism, ck_object_handle_t key)
 121 {
 122         return (module)->C_SignInit(sess, mechanism, key);
 123 }
 124
 125 ck_rv_t
 126 pkcs11_sign(struct ck_function_list * module,
 127             ck_session_handle_t sess,
 128             unsigned char *data,
 129             unsigned long data_len,
 130             unsigned char *signature, unsigned long *signature_len)
 131 {
 132         return (module)->C_Sign(sess, data, data_len, signature,
 133                                 signature_len);
 134 }
 135
 136 ck_rv_t
 137 pkcs11_generate_key_pair(struct ck_function_list * module,
 138                          ck_session_handle_t sess,
 139                          struct ck_mechanism * mechanism,
 140                          struct ck_attribute * pub_templ,
 141                          unsigned long pub_templ_count,
 142                          struct ck_attribute * priv_templ,
 143                          unsigned long priv_templ_count,
 144                          ck_object_handle_t * pub,
 145                          ck_object_handle_t * priv)
 146 {
 147         return (module)->C_GenerateKeyPair(sess, mechanism, pub_templ,
 148                                            pub_templ_count, priv_templ,
 149                                            priv_templ_count, pub, priv);
 150 }
 151
 152 ck_rv_t
 153 pkcs11_decrypt_init(struct ck_function_list * module,
 154                     ck_session_handle_t sess,
 155                     struct ck_mechanism * mechanism,
 156                     ck_object_handle_t key)
 157 {
 158         return (module)->C_DecryptInit(sess, mechanism, key);
 159 }
 160
 161 ck_rv_t
 162 pkcs11_decrypt(struct ck_function_list * module,
 163                ck_session_handle_t sess,
 164                unsigned char *encrypted_data,
 165                unsigned long encrypted_data_len,
 166                unsigned char *data, unsigned long *data_len)
 167 {
 168         return (module)->C_Decrypt(sess, encrypted_data,
 169                                    encrypted_data_len, data, data_len);
 170 }
 171
 172 ck_rv_t
 173 pkcs11_create_object(struct ck_function_list * module,
 174                      ck_session_handle_t sess,
 175                      struct ck_attribute * templ,
 176                      unsigned long count, ck_object_handle_t * object)
 177 {
 178         return (module)->C_CreateObject(sess, templ, count, object);
 179 }
 180
 181 ck_rv_t
 182 pkcs11_destroy_object(struct ck_function_list * module,
 183                       ck_session_handle_t sess, ck_object_handle_t object)
 184 {
 185         return (module)->C_DestroyObject(sess, object);
 186 }
 187
 188 ck_rv_t
 189 pkcs11_init_token(struct ck_function_list * module,
 190                   ck_slot_id_t slot_id, unsigned char *pin,
 191                   unsigned long pin_len, unsigned char *label)
 192 {
 193         return (module)->C_InitToken(slot_id, pin, pin_len, label);
 194 }
 195
 196 ck_rv_t
 197 pkcs11_init_pin(struct ck_function_list * module,
 198                 ck_session_handle_t sess,
 199                 unsigned char *pin, unsigned long pin_len)
 200 {
 201         return (module)->C_InitPIN(sess, pin, pin_len);
 202 }
 203
 204 ck_rv_t
 205 pkcs11_set_pin(struct ck_function_list * module,
 206                ck_session_handle_t sess,
 207                const char *old_pin,
 208                unsigned long old_len,
 209                const char *new_pin, unsigned long new_len)
 210 {
 211         return (module)->C_SetPIN(sess, (uint8_t *) old_pin, old_len,
 212                                   (uint8_t *) new_pin, new_len);
 213 }
 214
 215 ck_rv_t
 216 _gnutls_pkcs11_get_random(struct ck_function_list * module,
 217                   ck_session_handle_t sess, void *data, size_t len)
 218 {
 219         return (module)->C_GenerateRandom(sess, data, len);
 220 }
 221
 222 const char *pkcs11_strerror(ck_rv_t rv)
 223 {
 224         return p11_kit_strerror(rv);
 225 }