diff options
author | Magnus Ahltorp <map@kth.se> | 2015-04-10 09:58:16 +0200 |
---|---|---|
committer | Magnus Ahltorp <map@kth.se> | 2015-04-10 10:29:05 +0200 |
commit | ca7025237f020718ce90b3aec3e4e00712f6f7d3 (patch) | |
tree | 1e6b7762524cf57cd573105ad31a6aefc4df0fc2 /c_src/pkcs11.c | |
parent | 77b9929c5e6613802f89740c9aa93665381a5b44 (diff) |
Add hsmhelper
Diffstat (limited to 'c_src/pkcs11.c')
-rw-r--r-- | c_src/pkcs11.c | 155 |
1 files changed, 155 insertions, 0 deletions
diff --git a/c_src/pkcs11.c b/c_src/pkcs11.c new file mode 100644 index 0000000..23b947a --- /dev/null +++ b/c_src/pkcs11.c @@ -0,0 +1,155 @@ +/* + * Copyright (c) 2014, NORDUnet A/S. + * See LICENSE for licensing information. + */ + +#include <stdio.h> +#include <err.h> +#include <stdlib.h> +#include <string.h> + +#include <dlfcn.h> + +#include "hsmhelper.h" + +void *pkcs11_library; + +static CK_FUNCTION_LIST_PTR pk; + +void +init(char *library_path) +{ + CK_RV result; + + pkcs11_library = dlopen(library_path, RTLD_NOW); + CK_C_GetFunctionList C_GetFunctionList = dlsym(pkcs11_library, "C_GetFunctionList"); + result = C_GetFunctionList(&pk); + if (result != CKR_OK) { + errx(1, "C_GetFunctionList error: %lu", result); + } + + result = pk->C_Initialize(NULL); + if (result != CKR_OK) { + errx(1, "C_Initialize error: %lu", result); + } +} + +void +finalize(CK_SLOT_ID slotID) +{ + CK_RV result; + + result = pk->C_CloseAllSessions(slotID); + if (result != CKR_OK) { + errx(1, "C_CloseAllSessions error: %lu", result); + } + + result = pk->C_Finalize(NULL); + if (result != CKR_OK) { + errx(1, "C_Finalize error: %lu", result); + } +} + + +CK_SESSION_HANDLE +open_session(CK_SLOT_ID slotID) +{ + CK_RV result; + CK_SESSION_HANDLE hSession; + + result = pk->C_OpenSession (slotID, CKF_SERIAL_SESSION, NULL, NULL, &hSession); + if (result != CKR_OK) { + errx(1, "C_OpenSession error: %lu", result); + } + + return hSession; +} + +void +login(CK_SESSION_HANDLE hSession, char *pin) +{ + CK_RV result; + + result = pk->C_Login(hSession, CKU_USER, (CK_UTF8CHAR_PTR)pin, strlen(pin)); + if (result != CKR_OK) { + errx(1, "C_Login error: %lu", result); + } +} + +CK_OBJECT_HANDLE +find_key(CK_SESSION_HANDLE hSession, CK_OBJECT_CLASS class, char *label) +{ + CK_RV result; + + CK_ATTRIBUTE template[2]; + template[0].type = CKA_CLASS; + template[0].pValue = &class; + template[0].ulValueLen = sizeof(class); + + template[1].type = CKA_LABEL; + template[1].pValue = label; + template[1].ulValueLen = strlen(label); + + CK_ULONG ulCount = 2; + + result = pk->C_FindObjectsInit(hSession, + template, + ulCount + ) ; + if (result != CKR_OK) { + errx(1, "C_FindObjectsInit error: %lu", result); + } + + CK_OBJECT_HANDLE hObject = 0; + CK_ULONG ulMaxObjectCount = 1; + CK_ULONG ulObjectCount; + + result = pk->C_FindObjects(hSession, &hObject, ulMaxObjectCount, + &ulObjectCount); + if (result != CKR_OK) { + errx(1, "C_FindObjects error: %lu", result); + } + + if (ulObjectCount < 1) { + errx(1, "could not find key: %s", label); + } + + result = pk->C_FindObjectsFinal (hSession); + if (result != CKR_OK) { + errx(1, "C_FindObjectsFinal error: %lu", result); + } + + return hObject; +} + +void +sign(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey, + CK_BYTE_PTR pData, CK_ULONG ulDataLen, + CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen, + CK_MECHANISM_TYPE mechanism_type) +{ + CK_RV result; + + CK_MECHANISM mechanism; + mechanism.mechanism = mechanism_type; + mechanism.pParameter = NULL; + mechanism.ulParameterLen = 0; + + result = pk->C_SignInit(hSession, + &mechanism, + hKey); + if (result != CKR_OK) { + errx(1, "C_SignInit error: %lu", result); + } + + result = pk->C_Sign(hSession, + pData, + ulDataLen, + pSignature, + pulSignatureLen); + + if (result != CKR_OK) { + errx(1, "C_Sign error: %lu", result); + } + +} |