aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--GNUmakefile5
-rw-r--r--py11/__init__.py5
-rw-r--r--py11/attribute_map.py54
-rw-r--r--py11/attributes.py16
-rwxr-xr-xscripts/build-py11-attributes66
5 files changed, 129 insertions, 17 deletions
diff --git a/GNUmakefile b/GNUmakefile
index aa95233..4f8193e 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -53,7 +53,7 @@ ifndef OBJCOPY
OBJCOPY := objcopy
endif
-all: libpkcs11.so p11util
+all: libpkcs11.so p11util py11/attribute_map.py
clean:
rm -rf pkcs11.o pkcs11.so libpkcs11.so* p11util p11util.o schema.h attributes.h
@@ -67,6 +67,9 @@ schema.h: schema.sql scripts/convert-schema.sed GNUmakefile
attributes.h: attributes.yaml scripts/build-attributes GNUmakefile
python scripts/build-attributes attributes.yaml attributes.h
+py11/attribute_map.py: attributes.yaml scripts/build-py11-attributes GNUmakefile
+ python scripts/build-py11-attributes attributes.yaml py11/attribute_map.py
+
pkcs11.o: pkcs11.c sql_common.h schema.h attributes.h
${CC} ${CFLAGS} -c $<
diff --git a/py11/__init__.py b/py11/__init__.py
index b67ce8a..da0c946 100644
--- a/py11/__init__.py
+++ b/py11/__init__.py
@@ -1,7 +1,6 @@
# An attempt at a Python interface to PKCS 11 using the scary ctypes
# module from the Python standard library.
-from struct import pack, unpack
from ctypes import *
from .exceptions import *
from .types import *
@@ -12,7 +11,7 @@ from .prototypes import *
class PKCS11 (object):
- def __init__(self, so_name = "libpkcs11.so", attributes_initializer = "attributes.yaml"):
+ def __init__(self, so_name = "libpkcs11.so"):
self.so_name = so_name
self.so = CDLL(so_name)
def raise_on_failure(rv):
@@ -22,7 +21,7 @@ class PKCS11 (object):
func = getattr(self.so, name)
func.restype = raise_on_failure
func.argtypes = args
- self.adb = AttributeDB(attributes_initializer)
+ self.adb = AttributeDB()
def __getattr__(self, name):
return getattr(self.so, name)
diff --git a/py11/attribute_map.py b/py11/attribute_map.py
new file mode 100644
index 0000000..b689d6e
--- /dev/null
+++ b/py11/attribute_map.py
@@ -0,0 +1,54 @@
+# This file was generated automatically from attributes.yaml by build-py11-attributes. Do not edit this file directly.
+
+attribute_map = {
+ 'CKA_COEFFICIENT': 'biginteger',
+ 'CKA_MECHANISM_TYPE': 'CK_MECHANISM_TYPE',
+ 'CKA_ID': 'bytearray',
+ 'CKA_VALUE': 'biginteger',
+ 'CKA_KEY_GEN_MECHANISM': 'CK_MECHANISM_TYPE',
+ 'CKA_LABEL': 'rfc2279string',
+ 'CKA_KEY_TYPE': 'CK_KEY_TYPE',
+ 'CKA_PRIME_2': 'biginteger',
+ 'CKA_APPLICATION': 'rfc2279string',
+ 'CKA_VERIFY': 'CK_BBOOL',
+ 'CKA_HASH_OF_ISSUER_PUBLIC_KEY': 'bytearray',
+ 'CKA_SIGN': 'CK_BBOOL',
+ 'CKA_MODULUS': 'biginteger',
+ 'CKA_START_DATE': 'CK_DATE',
+ 'CKA_CERTIFICATE_CATEGORY': 'CK_ULONG',
+ 'CKA_PRIVATE_EXPONENT': 'biginteger',
+ 'CKA_ALWAYS_SENSITIVE': 'CK_BBOOL',
+ 'CKA_LOCAL': 'CK_BBOOL',
+ 'CKA_PUBLIC_EXPONENT': 'biginteger',
+ 'CKA_SENSITIVE': 'CK_BBOOL',
+ 'CKA_WRAP_WITH_TRUSTED': 'CK_BBOOL',
+ 'CKA_EXTRACTABLE': 'CK_BBOOL',
+ 'CKA_SUBJECT': 'bytearray',
+ 'CKA_VERIFY_RECOVER': 'CK_BBOOL',
+ 'CKA_EXPONENT_1': 'biginteger',
+ 'CKA_TOKEN': 'CK_BBOOL',
+ 'CKA_DECRYPT': 'CK_BBOOL',
+ 'CKA_EC_PARAMS': 'bytearray',
+ 'CKA_END_DATE': 'CK_DATE',
+ 'CKA_JAVA_MIDP_SECURITY_DOMAIN': 'CK_ULONG',
+ 'CKA_MODIFIABLE': 'CK_BBOOL',
+ 'CKA_CHECK_VALUE': 'bytearray',
+ 'CKA_URL': 'rfc2279string',
+ 'CKA_SERIAL_NUMBER': 'bytearray',
+ 'CKA_MODULUS_BITS': 'CK_ULONG',
+ 'CKA_WRAP': 'CK_BBOOL',
+ 'CKA_SIGN_RECOVER': 'CK_BBOOL',
+ 'CKA_TRUSTED': 'CK_BBOOL',
+ 'CKA_DERIVE': 'CK_BBOOL',
+ 'CKA_UNWRAP': 'CK_BBOOL',
+ 'CKA_NEVER_EXTRACTABLE': 'CK_BBOOL',
+ 'CKA_PRIVATE': 'CK_BBOOL',
+ 'CKA_ENCRYPT': 'CK_BBOOL',
+ 'CKA_EXPONENT_2': 'biginteger',
+ 'CKA_PRIME_1': 'biginteger',
+ 'CKA_EC_POINT': 'bytearray',
+ 'CKA_ISSUER': 'bytearray',
+ 'CKA_CERTIFICATE_TYPE': 'CK_CERTIFICATE_TYPE',
+ 'CKA_CLASS': 'CK_OBJECT_CLASS',
+ 'CKA_OBJECT_ID': 'bytearray',
+ 'CKA_HASH_OF_SUBJECT_PUBLIC_KEY': 'bytearray'}
diff --git a/py11/attributes.py b/py11/attributes.py
index 00af79c..7c90768 100644
--- a/py11/attributes.py
+++ b/py11/attributes.py
@@ -48,24 +48,14 @@ class Attribute_biginteger(Attribute):
class AttributeDB(object):
- def __init__(self, initializer = None):
+ def __init__(self):
+ from .attribute_map import attribute_map
self.db = {}
- if isinstance(initializer, str):
- initializer = self.parse_yaml(initializer)
- for attribute_name, type_name in initializer:
+ for attribute_name, type_name in attribute_map.iteritems():
a = Attribute.new(attribute_name, type_name)
self.db[a.name] = a
self.db[a.code] = a
- @staticmethod
- def parse_yaml(yaml_filename):
- from yaml import safe_load
- with open(yaml_filename) as f:
- for y in safe_load(f):
- for k, v in y.iteritems():
- if k.startswith("CKA_") and "type" in v:
- yield k, v["type"]
-
def encode(self, k, v):
return self.db[k].encode(v) if k in self.db else v
diff --git a/scripts/build-py11-attributes b/scripts/build-py11-attributes
new file mode 100755
index 0000000..c14aa45
--- /dev/null
+++ b/scripts/build-py11-attributes
@@ -0,0 +1,66 @@
+#!/usr/bin/env python
+
+"""
+Generate a Python file based on a YAML description of PKCS #11
+attributes. See comments in attributes.yaml for details.
+
+For use in Python we don't care about most of the annotations
+in the YAML file, just the attribute name and data type.
+"""
+
+# Author: Rob Austein
+# Copyright (c) 2015, SUNET
+#
+# Redistribution and use in source and binary forms, with or
+# without modification, are permitted provided that the following
+# conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in
+# the documentation and/or other materials provided with the
+# distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# This requires a third-party YAML parser. On Debian-family Linux,
+# you can install this with:
+#
+# sudo apt-get install python-yaml
+
+import os
+import sys
+import yaml
+import argparse
+
+parser = argparse.ArgumentParser(description = __doc__, formatter_class = argparse.ArgumentDefaultsHelpFormatter)
+parser.add_argument("yaml_file", help = "Input YAML file", nargs = "?", type = argparse.FileType("r"), default = sys.stdin)
+parser.add_argument("output_file", help = "Output .py file", nargs = "?", type = argparse.FileType("w"), default = sys.stdout)
+args = parser.parse_args()
+
+attribute_map = dict(
+ (k, v["type"])
+ for y in yaml.safe_load(args.yaml_file)
+ for k, v in y.iteritems()
+ if k.startswith("CKA_") and "type" in v)
+
+args.output_file.write('''\
+# This file was generated automatically from %(input)s by %(script)s. Do not edit this file directly.
+
+attribute_map = %(attribute_map)s
+''' % dict(script = os.path.basename(sys.argv[0]),
+ input = args.yaml_file.name,
+ attribute_map = repr(attribute_map).replace(",", ",\n").replace("{", "{\n ")))