aboutsummaryrefslogtreecommitdiff
path: root/pkcs11.c
diff options
context:
space:
mode:
Diffstat (limited to 'pkcs11.c')
-rw-r--r--pkcs11.c135
1 files changed, 31 insertions, 104 deletions
diff --git a/pkcs11.c b/pkcs11.c
index de639ab..de96a79 100644
--- a/pkcs11.c
+++ b/pkcs11.c
@@ -87,17 +87,23 @@
#endif
/*
- * Version numbers. Placeholders for now.
- *
- * Software version number is just the version of this PKCS #11
- * implementation. Probably.
+ * Manufacturer ID, version numbers (hardware, firmware, software), etc.
+ * Some of this really should be coming from RPC queries.
*/
-#warning Figure out hardware and software version numbers
-#define P11_VERSION_SW_MAJOR 0
-#define P11_VERSION_SW_MINOR 1
+#warning Figure out IDs and version numbers
+#define P11_MANUFACTURER_ID "Cryptech Project"
+#define P11_TOKEN_LABEL "Cryptech Token"
+#define P11_BOARD_MODEL "Alpha Board"
+#define P11_BOARD_SERIAL "007"
+#define P11_LIBRARY_DESCRIPTION "libcryptech-pkcs11.so"
+#define P11_SLOT_DESCRIPTION "Cryptech Alpha slot"
#define P11_VERSION_HW_MAJOR 0
-#define P11_VERSION_HW_MINOR 1
+#define P11_VERSION_HW_MINOR 3
+#define P11_VERSION_FW_MAJOR 3
+#define P11_VERSION_FW_MINOR 0
+#define P11_VERSION_SW_MAJOR 3
+#define P11_VERSION_SW_MINOR 0
/*
* Debugging control.
@@ -1108,12 +1114,6 @@ static inline handle_flavor_t p11_object_flavor_from_cka_token(const CK_BBOOL *b
return (bbool != NULL && *bbool) ? handle_flavor_token_object : handle_flavor_session_object;
}
-static inline hal_key_flags_t p11_object_hal_flags(const CK_OBJECT_HANDLE handle)
-{
- return handle_flavor(handle) == handle_flavor_token_object ? HAL_KEY_FLAG_TOKEN : 0;
-}
-
-
/*
* Open the HSM pkey object (if any) corresponding to the PKCS #11 handle.
*/
@@ -2677,19 +2677,10 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID,
* right token, so hard-wire something for now.
*/
- psnprintf(pInfo->label, sizeof(pInfo->label),
- "Cryptech Token");
-
- psnprintf(pInfo->manufacturerID, sizeof(pInfo->manufacturerID),
- "Cryptech Project");
-
- psnprintf(pInfo->model, sizeof(pInfo->model),
- "%04x%04x%04x%04x",
- P11_VERSION_HW_MAJOR, P11_VERSION_HW_MINOR,
- P11_VERSION_SW_MAJOR, P11_VERSION_SW_MINOR);
-
- psnprintf(pInfo->serialNumber, sizeof(pInfo->serialNumber),
- "007");
+ psnprintf(pInfo->label, sizeof(pInfo->label), P11_TOKEN_LABEL);
+ psnprintf(pInfo->manufacturerID, sizeof(pInfo->manufacturerID), P11_MANUFACTURER_ID);
+ psnprintf(pInfo->model, sizeof(pInfo->model), P11_BOARD_MODEL);
+ psnprintf(pInfo->serialNumber, sizeof(pInfo->serialNumber), P11_BOARD_SERIAL);
pInfo->flags = CKF_RNG | CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | CKF_TOKEN_INITIALIZED;
@@ -2729,17 +2720,14 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID,
pInfo->ulFreePrivateMemory = CK_UNAVAILABLE_INFORMATION;
pInfo->hardwareVersion.major = P11_VERSION_HW_MAJOR;
pInfo->hardwareVersion.minor = P11_VERSION_HW_MINOR;
- pInfo->firmwareVersion.major = P11_VERSION_SW_MAJOR;
- pInfo->firmwareVersion.minor = P11_VERSION_SW_MINOR;
+ pInfo->firmwareVersion.major = P11_VERSION_FW_MAJOR;
+ pInfo->firmwareVersion.minor = P11_VERSION_FW_MINOR;
-#warning Need to sort out hardware clock
-#if 0
/*
- * Eventually we expect cryptech devices to have their own hardware
- * clocks. Not implemented yet.
+ * Eventually we expect Cryptech devices to have their own hardware
+ * clocks, in which case we'd set CKF_CLOCK_ON_TOKEN and
+ * pInfo->utcTime. Hardware not implemented yet, so not here either.
*/
- pInfo->utcTime;
-#endif
return CKR_OK;
}
@@ -4253,12 +4241,6 @@ CK_RV C_GenerateRandom(CK_SESSION_HANDLE hSession,
* Supply information about a particular mechanism. We may want a
* more generic structure for this, for the moment, just answer the
* questions that applications we care about are asking.
- *
- * Not really sure whether I should be setting CKF_HW here or not, RSA
- * is a mix of hardware and software at the moment, but I'm also a
- * little unclear on what "the device" means in this context, so let's
- * just say that if it's implemented by libhal or the Verilog hiding
- * behind libhal, it's implemented in hardware.
*/
CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID,
@@ -4285,61 +4267,6 @@ CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID,
if (p11_uninitialized())
return CKR_CRYPTOKI_NOT_INITIALIZED;
-#if 0
- /*
- * Perhaps revisit this after adding an RPC call to let us check
- * which cores are available. For now, given that we now have
- * software core support for these hash algorithms, this test isn't
- * particularly useful.
- */
-
- hal_digest_algorithm_t algorithm = HAL_DIGEST_ALGORITHM_NONE;
- CK_RV rv = CKR_OK;
-
- switch (type) {
-
- case CKM_SHA_1:
- case CKM_SHA1_RSA_PKCS:
- case CKM_SHA_1_HMAC:
- algorithm = HAL_DIGEST_ALGORITHM_SHA1;
- break;
-
- case CKM_SHA224:
- case CKM_SHA224_RSA_PKCS:
- case CKM_SHA224_HMAC:
- case CKM_ECDSA_SHA224:
- algorithm = HAL_DIGEST_ALGORITHM_SHA224;
- break;
-
- case CKM_SHA256:
- case CKM_SHA256_RSA_PKCS:
- case CKM_SHA256_HMAC:
- case CKM_ECDSA_SHA256:
- algorithm = HAL_DIGEST_ALGORITHM_SHA256;
- break;
-
- case CKM_SHA384:
- case CKM_SHA384_RSA_PKCS:
- case CKM_SHA384_HMAC:
- case CKM_ECDSA_SHA384:
- algorithm = HAL_DIGEST_ALGORITHM_SHA384;
- break;
-
- case CKM_SHA512:
- case CKM_SHA512_RSA_PKCS:
- case CKM_SHA512_HMAC:
- case CKM_ECDSA_SHA512:
- algorithm = HAL_DIGEST_ALGORITHM_SHA512;
- break;
-
- default:
- break;
- }
-
- if (algorithm != HAL_DIGEST_ALGORITHM_NONE && (rv = digest_available(algorithm)) != CKR_OK)
- return rv;
-#endif
-
switch (type) {
case CKM_RSA_PKCS_KEY_PAIR_GEN:
@@ -4450,8 +4377,8 @@ CK_RV C_GetInfo(CK_INFO_PTR pInfo)
memset(pInfo, 0, sizeof(*pInfo));
pInfo->cryptokiVersion.major = 2;
pInfo->cryptokiVersion.minor = 30;
- psnprintf(pInfo->manufacturerID, sizeof(pInfo->manufacturerID), "cryptech.is project");
- psnprintf(pInfo->libraryDescription, sizeof(pInfo->libraryDescription), "cryptech.is pkcs11");
+ psnprintf(pInfo->manufacturerID, sizeof(pInfo->manufacturerID), P11_MANUFACTURER_ID);
+ psnprintf(pInfo->libraryDescription, sizeof(pInfo->libraryDescription), P11_LIBRARY_DESCRIPTION);
pInfo->libraryVersion.major = P11_VERSION_SW_MAJOR;
pInfo->libraryVersion.minor = P11_VERSION_SW_MINOR;
@@ -4473,13 +4400,13 @@ CK_RV C_GetSlotInfo(CK_SLOT_ID slotID,
return CKR_CRYPTOKI_NOT_INITIALIZED;
memset(pInfo, 0, sizeof(*pInfo));
- psnprintf(pInfo->slotDescription, sizeof(pInfo->slotDescription), "cryptech.is slot on alpha");
- psnprintf(pInfo->manufacturerID, sizeof(pInfo->manufacturerID), "cryptech.is project");
+ psnprintf(pInfo->slotDescription, sizeof(pInfo->slotDescription), P11_SLOT_DESCRIPTION);
+ psnprintf(pInfo->manufacturerID, sizeof(pInfo->manufacturerID), P11_MANUFACTURER_ID);
pInfo->flags = CKF_TOKEN_PRESENT | CKF_HW_SLOT;
- pInfo->hardwareVersion.major = 0;
- pInfo->hardwareVersion.minor = 2;
- pInfo->firmwareVersion.major = P11_VERSION_HW_MAJOR;
- pInfo->firmwareVersion.minor = P11_VERSION_HW_MINOR;
+ pInfo->hardwareVersion.major = P11_VERSION_HW_MAJOR;
+ pInfo->hardwareVersion.minor = P11_VERSION_HW_MINOR;
+ pInfo->firmwareVersion.major = P11_VERSION_FW_MAJOR;
+ pInfo->firmwareVersion.minor = P11_VERSION_FW_MINOR;
return CKR_OK;
}