# ifndef CRYPTOKI_HXX
# define CRYPTOKI_HXX
/*! @file
@ id $ Id $
*/
// 1 2 3 4 5 6 7 8
// 45678901234567890123456789012345678901234567890123456789012345678901234567890
// interface
# include <pkcs11/cryptoki.h>
# include <string>
# include <vector>
# include <map>
# include <set>
// for inline implementations only
# include <sstream>
# include <cstdlib> // malloc/free
//! C++ Wrapper around Cryptoki API
namespace cryptoki {
# ifndef CRYPTOKI_FN_LOG
# if __GNUC__ >= 2
# define CRYPTOKI_FN_LOG(X) (std::string(X " failed in ") \
+ std : : string ( __PRETTY_FUNCTION__ ) )
# else
# define CRYPTOKI_FN_LOG(X) X " failed in \
" __FILE__ " : " CRYPTOKI_QUOTE(__LINE__)
# endif
# define UNDEF_CRYPTOKI_FN_LOG
# endif
template < int NUM , typename TYPE > std : : vector < TYPE > toVector ( TYPE in [ NUM ] ) {
return std : : vector < TYPE > ( in , in + NUM ) ;
}
# define CRYPTOKI_TO_VECTOR(ARRAY) \
toVector < sizeof ( ARRAY ) / sizeof ( ARRAY [ 0 ] ) > ( ARRAY )
//============================================================================
class exception : public std : : exception {
public :
exception ( const std : : string & reason ) throw ( ) :
_what ( " cryptoki: " + reason ) {
}
~ exception ( ) throw ( ) { }
const char * what ( ) const throw ( ) {
return _what . c_str ( ) ;
}
private :
std : : string _what ;
} ;
//----------------------------------------------------------------------------
class not_implemented : public exception {
public :
not_implemented ( const std : : string & reason ) throw ( ) :
exception ( " feature is not implemented: \n " + reason ) {
}
} ;
//----------------------------------------------------------------------------
class access_error : public exception {
public :
access_error ( const std : : string & reason ) throw ( ) :
exception ( " smardcard access error: \n " + reason ) {
}
} ;
class Slot ;
typedef std : : vector < Slot > SlotList ;
typedef std : : set < CK_MECHANISM_TYPE > MechanismList ;
typedef std : : vector < CK_ATTRIBUTE_TYPE > AttributeTypeList ;
struct Attribute {
Attribute ( CK_ATTRIBUTE & attr ) :
type ( attr . type ) , value ( ( char * ) attr . pValue , attr . ulValueLen ) {
free ( attr . pValue ) ;
attr . pValue = 0 ;
}
CK_ATTRIBUTE_TYPE type ;
std : : string value ;
} ;
typedef std : : map < CK_ATTRIBUTE_TYPE , Attribute > AttributeList ;
// //! Map Attribute Class to type
// /*! @todo to be completed ... */
// template<CK_ATTRIBUTE_TYPE Attribute> class AttributeType {};
// template<> class AttributeType<CKA_CLASS> {
// public: typedef CK_OBJECT_CLASS Type;
// public: typedef Type Param;
// };
// template<> class AttributeType<CKA_KEY_TYPE> {
// public: typedef CK_KEY_TYPE Type;
// public: typedef Type Param;
// };
// template<> class AttributeType<CKA_APPLICATION> {
// public: typedef CK_CHAR Type;
// public: typedef std::string Param;
// };
// template<> class AttributeType<CKA_VALUE> {
// public: typedef CKA_BYTE Type;
// public: typedef std::string Param;
// };
// template<> class AttributeType<> {
// public: typedef Type;
// public: typedef Type Param;
// };
template < std : : string : : size_type SIZE >
class FixString : public std : : string {
public :
FixString ( ) { }
FixString ( const char * const cStr ) {
* this = std : : string ( cStr , SIZE ) ;
size_type pos ( find_last_not_of ( " " ) ) ;
if ( pos ! = npos ) resize ( pos + 1 ) ; else resize ( 0 ) ;
}
FixString ( const unsigned char * const cStr ) {
* this = std : : string ( ( const char * ) cStr , SIZE ) ;
size_type pos ( find_last_not_of ( " " ) ) ;
if ( pos ! = npos ) resize ( pos + 1 ) ; else resize ( 0 ) ;
}
FixString & operator = ( const std : : string & other ) {
std : : string : : operator = ( other ) ;
return * this ;
}
FixString & operator = ( const char * const cStr ) {
* this = std : : string ( cStr , SIZE ) ;
size_type pos ( find_last_not_of ( " " ) ) ;
if ( pos ! = npos ) resize ( pos + 1 ) ; else resize ( 0 ) ;
return * this ;
}
FixString & operator = ( const unsigned char * const cStr ) {
* this = std : : string ( ( const char * ) cStr , SIZE ) ;
size_type pos ( find_last_not_of ( " " ) ) ;
if ( pos ! = npos ) resize ( pos + 1 ) ; else resize ( 0 ) ;
return * this ;
}
operator unsigned char * ( ) {
return ( unsigned char * ) begin ( ) . operator - > ( ) ;
}
FixString fix ( ) {
FixString cpy ( * this ) ;
cpy . resize ( SIZE , ' ' ) ;
return cpy ;
}
} ;
struct MechanismInfo {
CK_MECHANISM_TYPE id ;
std : : string name ;
CK_ULONG minKeySize ;
CK_ULONG maxKeySize ;
CK_FLAGS flags ;
MechanismInfo ( CK_MECHANISM_TYPE type ) : id ( type ) {
switch ( id ) {
case CKM_RSA_PKCS_KEY_PAIR_GEN : name = " CKM_RSA_PKCS_KEY_PAIR_GEN " ; break ;
case CKM_RSA_PKCS : name = " CKM_RSA_PKCS " ; break ;
case CKM_RSA_9796 : name = " CKM_RSA_9796 " ; break ;
case CKM_RSA_X_509 : name = " CKM_RSA_X_509 " ; break ;
case CKM_MD2_RSA_PKCS : name = " CKM_MD2_RSA_PKCS " ; break ;
case CKM_MD5_RSA_PKCS : name = " CKM_MD5_RSA_PKCS " ; break ;
case CKM_SHA1_RSA_PKCS : name = " CKM_SHA1_RSA_PKCS " ; break ;
case CKM_RIPEMD128_RSA_PKCS : name = " CKM_RIPEMD128_RSA_PKCS " ; break ;
case CKM_RIPEMD160_RSA_PKCS : name = " CKM_RIPEMD160_RSA_PKCS " ; break ;
case CKM_RSA_PKCS_OAEP : name = " CKM_RSA_PKCS_OAEP " ; break ;
case CKM_RSA_X9_31_KEY_PAIR_GEN : name = " CKM_RSA_X9_31_KEY_PAIR_GEN " ; break ;
case CKM_RSA_X9_31 : name = " CKM_RSA_X9_31 " ; break ;
case CKM_SHA1_RSA_X9_31 : name = " CKM_SHA1_RSA_X9_31 " ; break ;
case CKM_RSA_PKCS_PSS : name = " CKM_RSA_PKCS_PSS " ; break ;
case CKM_SHA1_RSA_PKCS_PSS : name = " CKM_SHA1_RSA_PKCS_PSS " ; break ;
case CKM_DSA_KEY_PAIR_GEN : name = " CKM_DSA_KEY_PAIR_GEN " ; break ;
case CKM_DSA : name = " CKM_DSA " ; break ;
case CKM_DSA_SHA1 : name = " CKM_DSA_SHA1 " ; break ;
case CKM_DH_PKCS_KEY_PAIR_GEN : name = " CKM_DH_PKCS_KEY_PAIR_GEN " ; break ;
case CKM_DH_PKCS_DERIVE : name = " CKM_DH_PKCS_DERIVE " ; break ;
case CKM_X9_42_DH_KEY_PAIR_GEN : name = " CKM_X9_42_DH_KEY_PAIR_GEN " ; break ;
case CKM_X9_42_DH_DERIVE : name = " CKM_X9_42_DH_DERIVE " ; break ;
case CKM_X9_42_DH_HYBRID_DERIVE : name = " CKM_X9_42_DH_HYBRID_DERIVE " ; break ;
case CKM_X9_42_MQV_DERIVE : name = " CKM_X9_42_MQV_DERIVE " ; break ;
case CKM_SHA256_RSA_PKCS : name = " CKM_SHA256_RSA_PKCS " ; break ;
case CKM_RC2_KEY_GEN : name = " CKM_RC2_KEY_GEN " ; break ;
case CKM_RC2_ECB : name = " CKM_RC2_ECB " ; break ;
case CKM_RC2_CBC : name = " CKM_RC2_CBC " ; break ;
case CKM_RC2_MAC : name = " CKM_RC2_MAC " ; break ;
case CKM_RC2_MAC_GENERAL : name = " CKM_RC2_MAC_GENERAL " ; break ;
case CKM_RC2_CBC_PAD : name = " CKM_RC2_CBC_PAD " ; break ;
case CKM_RC4_KEY_GEN : name = " CKM_RC4_KEY_GEN " ; break ;
case CKM_RC4 : name = " CKM_RC4 " ; break ;
case CKM_DES_KEY_GEN : name = " CKM_DES_KEY_GEN " ; break ;
case CKM_DES_ECB : name = " CKM_DES_ECB " ; break ;
case CKM_DES_CBC : name = " CKM_DES_CBC " ; break ;
case CKM_DES_MAC : name = " CKM_DES_MAC " ; break ;
case CKM_DES_MAC_GENERAL : name = " CKM_DES_MAC_GENERAL " ; break ;
case CKM_DES_CBC_PAD : name = " CKM_DES_CBC_PAD " ; break ;
case CKM_DES2_KEY_GEN : name = " CKM_DES2_KEY_GEN " ; break ;
case CKM_DES3_KEY_GEN : name = " CKM_DES3_KEY_GEN " ; break ;
case CKM_DES3_ECB : name = " CKM_DES3_ECB " ; break ;
case CKM_DES3_CBC : name = " CKM_DES3_CBC " ; break ;
case CKM_DES3_MAC : name = " CKM_DES3_MAC " ; break ;
case CKM_DES3_MAC_GENERAL : name = " CKM_DES3_MAC_GENERAL " ; break ;
case CKM_DES3_CBC_PAD : name = " CKM_DES3_CBC_PAD " ; break ;
case CKM_CDMF_KEY_GEN : name = " CKM_CDMF_KEY_GEN " ; break ;
case CKM_CDMF_ECB : name = " CKM_CDMF_ECB " ; break ;
case CKM_CDMF_CBC : name = " CKM_CDMF_CBC " ; break ;
case CKM_CDMF_MAC : name = " CKM_CDMF_MAC " ; break ;
case CKM_CDMF_MAC_GENERAL : name = " CKM_CDMF_MAC_GENERAL " ; break ;
case CKM_CDMF_CBC_PAD : name = " CKM_CDMF_CBC_PAD " ; break ;
case CKM_MD2 : name = " CKM_MD2 " ; break ;
case CKM_MD2_HMAC : name = " CKM_MD2_HMAC " ; break ;
case CKM_MD2_HMAC_GENERAL : name = " CKM_MD2_HMAC_GENERAL " ; break ;
case CKM_MD5 : name = " CKM_MD5 " ; break ;
case CKM_MD5_HMAC : name = " CKM_MD5_HMAC " ; break ;
case CKM_MD5_HMAC_GENERAL : name = " CKM_MD5_HMAC_GENERAL " ; break ;
case CKM_SHA_1 : name = " CKM_SHA_1 " ; break ;
case CKM_SHA_1_HMAC : name = " CKM_SHA_1_HMAC " ; break ;
case CKM_SHA_1_HMAC_GENERAL : name = " CKM_SHA_1_HMAC_GENERAL " ; break ;
case CKM_RIPEMD128 : name = " CKM_RIPEMD128 " ; break ;
case CKM_RIPEMD128_HMAC : name = " CKM_RIPEMD128_HMAC " ; break ;
case CKM_RIPEMD128_HMAC_GENERAL : name = " CKM_RIPEMD128_HMAC_GENERAL " ; break ;
case CKM_RIPEMD160 : name = " CKM_RIPEMD160 " ; break ;
case CKM_RIPEMD160_HMAC : name = " CKM_RIPEMD160_HMAC " ; break ;
case CKM_RIPEMD160_HMAC_GENERAL : name = " CKM_RIPEMD160_HMAC_GENERAL " ; break ;
case CKM_SHA256 : name = " CKM_SHA256 " ; break ;
case CKM_SHA256_HMAC : name = " CKM_SHA256_HMAC " ; break ;
case CKM_SHA256_HMAC_GENERAL : name = " CKM_SHA256_HMAC_GENERAL " ; break ;
case CKM_SHA384 : name = " CKM_SHA384 " ; break ;
case CKM_SHA384_HMAC : name = " CKM_SHA384_HMAC " ; break ;
case CKM_SHA384_HMAC_GENERAL : name = " CKM_SHA384_HMAC_GENERAL " ; break ;
case CKM_SHA512 : name = " CKM_SHA512 " ; break ;
case CKM_SHA512_HMAC : name = " CKM_SHA512_HMAC " ; break ;
case CKM_SHA512_HMAC_GENERAL : name = " CKM_SHA512_HMAC_GENERAL " ; break ;
case CKM_CAST_KEY_GEN : name = " CKM_CAST_KEY_GEN " ; break ;
case CKM_CAST_ECB : name = " CKM_CAST_ECB " ; break ;
case CKM_CAST_CBC : name = " CKM_CAST_CBC " ; break ;
case CKM_CAST_MAC : name = " CKM_CAST_MAC " ; break ;
case CKM_CAST_MAC_GENERAL : name = " CKM_CAST_MAC_GENERAL " ; break ;
case CKM_CAST_CBC_PAD : name = " CKM_CAST_CBC_PAD " ; break ;
case CKM_CAST3_KEY_GEN : name = " CKM_CAST3_KEY_GEN " ; break ;
case CKM_CAST3_ECB : name = " CKM_CAST3_ECB " ; break ;
case CKM_CAST3_CBC : name = " CKM_CAST3_CBC " ; break ;
case CKM_CAST3_MAC : name = " CKM_CAST3_MAC " ; break ;
case CKM_CAST3_MAC_GENERAL : name = " CKM_CAST3_MAC_GENERAL " ; break ;
case CKM_CAST3_CBC_PAD : name = " CKM_CAST3_CBC_PAD " ; break ;
//case CKM_CAST5_KEY_GEN: name="CKM_CAST5_KEY_GEN"; break;
case CKM_CAST128_KEY_GEN : name = " CKM_CAST5_KEY_GEN or CKM_CAST128_KEY_GEN " ; break ;
//case CKM_CAST5_ECB: name="CKM_CAST5_ECB"; break;
case CKM_CAST128_ECB : name = " CKM_CAST5_ECB or CKM_CAST128_ECB " ; break ;
//case CKM_CAST5_CBC: name="CKM_CAST5_CBC"; break;
case CKM_CAST128_CBC : name = " CKM_CAST5_CBC or CKM_CAST128_CBC " ; break ;
//case CKM_CAST5_MAC: name="CKM_CAST5_MAC"; break;
case CKM_CAST128_MAC : name = " CKM_CAST5_MAC or CKM_CAST128_MAC " ; break ;
//case CKM_CAST5_MAC_GENERAL: name="CKM_CAST5_MAC_GENERAL"; break;
case CKM_CAST128_MAC_GENERAL :
name = " CKM_CAST5_MAC_GENERAL or CKM_CAST128_MAC_GENERAL " ; break ;
//case CKM_CAST5_CBC_PAD: name="CKM_CAST5_CBC_PAD"; break;
case CKM_CAST128_CBC_PAD : name = " CKM_CAST5_CBC_PAD or CKM_CAST128_CBC_PAD " ; break ;
case CKM_RC5_KEY_GEN : name = " CKM_RC5_KEY_GEN " ; break ;
case CKM_RC5_ECB : name = " CKM_RC5_ECB " ; break ;
case CKM_RC5_CBC : name = " CKM_RC5_CBC " ; break ;
case CKM_RC5_MAC : name = " CKM_RC5_MAC " ; break ;
case CKM_RC5_MAC_GENERAL : name = " CKM_RC5_MAC_GENERAL " ; break ;
case CKM_RC5_CBC_PAD : name = " CKM_RC5_CBC_PAD " ; break ;
case CKM_IDEA_KEY_GEN : name = " CKM_IDEA_KEY_GEN " ; break ;
case CKM_IDEA_ECB : name = " CKM_IDEA_ECB " ; break ;
case CKM_IDEA_CBC : name = " CKM_IDEA_CBC " ; break ;
case CKM_IDEA_MAC : name = " CKM_IDEA_MAC " ; break ;
case CKM_IDEA_MAC_GENERAL : name = " CKM_IDEA_MAC_GENERAL " ; break ;
case CKM_IDEA_CBC_PAD : name = " CKM_IDEA_CBC_PAD " ; break ;
case CKM_GENERIC_SECRET_KEY_GEN : name = " CKM_GENERIC_SECRET_KEY_GEN " ; break ;
case CKM_CONCATENATE_BASE_AND_KEY :
name = " CKM_CONCATENATE_BASE_AND_KEY " ; break ;
case CKM_CONCATENATE_BASE_AND_DATA :
name = " CKM_CONCATENATE_BASE_AND_DATA " ; break ;
case CKM_CONCATENATE_DATA_AND_BASE :
name = " CKM_CONCATENATE_DATA_AND_BASE " ; break ;
case CKM_XOR_BASE_AND_DATA : name = " CKM_XOR_BASE_AND_DATA " ; break ;
case CKM_EXTRACT_KEY_FROM_KEY : name = " CKM_EXTRACT_KEY_FROM_KEY " ; break ;
case CKM_SSL3_PRE_MASTER_KEY_GEN : name = " CKM_SSL3_PRE_MASTER_KEY_GEN " ; break ;
case CKM_SSL3_MASTER_KEY_DERIVE : name = " CKM_SSL3_MASTER_KEY_DERIVE " ; break ;
case CKM_SSL3_KEY_AND_MAC_DERIVE : name = " CKM_SSL3_KEY_AND_MAC_DERIVE " ; break ;
case CKM_SSL3_MASTER_KEY_DERIVE_DH :
name = " CKM_SSL3_MASTER_KEY_DERIVE_DH " ; break ;
case CKM_TLS_PRE_MASTER_KEY_GEN : name = " CKM_TLS_PRE_MASTER_KEY_GEN " ; break ;
case CKM_TLS_MASTER_KEY_DERIVE : name = " CKM_TLS_MASTER_KEY_DERIVE " ; break ;
case CKM_TLS_KEY_AND_MAC_DERIVE : name = " CKM_TLS_KEY_AND_MAC_DERIVE " ; break ;
case CKM_TLS_MASTER_KEY_DERIVE_DH : name = " CKM_TLS_MASTER_KEY_DERIVE_DH " ; break ;
case CKM_SSL3_MD5_MAC : name = " CKM_SSL3_MD5_MAC " ; break ;
case CKM_SSL3_SHA1_MAC : name = " CKM_SSL3_SHA1_MAC " ; break ;
case CKM_MD5_KEY_DERIVATION : name = " CKM_MD5_KEY_DERIVATION " ; break ;
case CKM_MD2_KEY_DERIVATION : name = " CKM_MD2_KEY_DERIVATION " ; break ;
case CKM_SHA1_KEY_DERIVATION : name = " CKM_SHA1_KEY_DERIVATION " ; break ;
case CKM_SHA256_KEY_DERIVATION : name = " CKM_SHA256_KEY_DERIVATION " ; break ;
case CKM_PBE_MD2_DES_CBC : name = " CKM_PBE_MD2_DES_CBC " ; break ;
case CKM_PBE_MD5_DES_CBC : name = " CKM_PBE_MD5_DES_CBC " ; break ;
case CKM_PBE_MD5_CAST_CBC : name = " CKM_PBE_MD5_CAST_CBC " ; break ;
case CKM_PBE_MD5_CAST3_CBC : name = " CKM_PBE_MD5_CAST3_CBC " ; break ;
//case CKM_PBE_MD5_CAST5_CBC: name="CKM_PBE_MD5_CAST5_CBC"; break;
case CKM_PBE_MD5_CAST128_CBC :
name = " CKM_PBE_MD5_CAST5_CBC or CKM_PBE_MD5_CAST128_CBC " ; break ;
//case CKM_PBE_SHA1_CAST5_CBC: name="CKM_PBE_SHA1_CAST5_CBC"; break;
case CKM_PBE_SHA1_CAST128_CBC :
name = " CKM_PBE_SHA1_CAST5_CBC or CKM_PBE_SHA1_CAST128_CBC " ; break ;
case CKM_PBE_SHA1_RC4_128 : name = " CKM_PBE_SHA1_RC4_128 " ; break ;
case CKM_PBE_SHA1_RC4_40 : name = " CKM_PBE_SHA1_RC4_40 " ; break ;
case CKM_PBE_SHA1_DES3_EDE_CBC : name = " CKM_PBE_SHA1_DES3_EDE_CBC " ; break ;
case CKM_PBE_SHA1_DES2_EDE_CBC : name = " CKM_PBE_SHA1_DES2_EDE_CBC " ; break ;
case CKM_PBE_SHA1_RC2_128_CBC : name = " CKM_PBE_SHA1_RC2_128_CBC " ; break ;
case CKM_PBE_SHA1_RC2_40_CBC : name = " CKM_PBE_SHA1_RC2_40_CBC " ; break ;
case CKM_PKCS5_PBKD2 : name = " CKM_PKCS5_PBKD2 " ; break ;
case CKM_PBA_SHA1_WITH_SHA1_HMAC : name = " CKM_PBA_SHA1_WITH_SHA1_HMAC " ; break ;
case CKM_KEY_WRAP_LYNKS : name = " CKM_KEY_WRAP_LYNKS " ; break ;
case CKM_KEY_WRAP_SET_OAEP : name = " CKM_KEY_WRAP_SET_OAEP " ; break ;
case CKM_SKIPJACK_KEY_GEN : name = " CKM_SKIPJACK_KEY_GEN " ; break ;
case CKM_SKIPJACK_ECB64 : name = " CKM_SKIPJACK_ECB64 " ; break ;
case CKM_SKIPJACK_CBC64 : name = " CKM_SKIPJACK_CBC64 " ; break ;
case CKM_SKIPJACK_OFB64 : name = " CKM_SKIPJACK_OFB64 " ; break ;
case CKM_SKIPJACK_CFB64 : name = " CKM_SKIPJACK_CFB64 " ; break ;
case CKM_SKIPJACK_CFB32 : name = " CKM_SKIPJACK_CFB32 " ; break ;
case CKM_SKIPJACK_CFB16 : name = " CKM_SKIPJACK_CFB16 " ; break ;
case CKM_SKIPJACK_CFB8 : name = " CKM_SKIPJACK_CFB8 " ; break ;
case CKM_SKIPJACK_WRAP : name = " CKM_SKIPJACK_WRAP " ; break ;
case CKM_SKIPJACK_PRIVATE_WRAP : name = " CKM_SKIPJACK_PRIVATE_WRAP " ; break ;
case CKM_SKIPJACK_RELAYX : name = " CKM_SKIPJACK_RELAYX " ; break ;
case CKM_KEA_KEY_PAIR_GEN : name = " CKM_KEA_KEY_PAIR_GEN " ; break ;
case CKM_KEA_KEY_DERIVE : name = " CKM_KEA_KEY_DERIVE " ; break ;
case CKM_FORTEZZA_TIMESTAMP : name = " CKM_FORTEZZA_TIMESTAMP " ; break ;
case CKM_BATON_KEY_GEN : name = " CKM_BATON_KEY_GEN " ; break ;
case CKM_BATON_ECB128 : name = " CKM_BATON_ECB128 " ; break ;
case CKM_BATON_ECB96 : name = " CKM_BATON_ECB96 " ; break ;
case CKM_BATON_CBC128 : name = " CKM_BATON_CBC128 " ; break ;
case CKM_BATON_COUNTER : name = " CKM_BATON_COUNTER " ; break ;
case CKM_BATON_SHUFFLE : name = " CKM_BATON_SHUFFLE " ; break ;
case CKM_BATON_WRAP : name = " CKM_BATON_WRAP " ; break ;
//case CKM_ECDSA_KEY_PAIR_GEN: name="CKM_ECDSA_KEY_PAIR_GEN"; break;
case CKM_EC_KEY_PAIR_GEN :
name = " CKM_ECDSA_KEY_PAIR_GEN or CKM_EC_KEY_PAIR_GEN " ; break ;
case CKM_ECDSA : name = " CKM_ECDSA " ; break ;
case CKM_ECDSA_SHA1 : name = " CKM_ECDSA_SHA1 " ; break ;
case CKM_ECDH1_DERIVE : name = " CKM_ECDH1_DERIVE " ; break ;
case CKM_ECDH1_COFACTOR_DERIVE : name = " CKM_ECDH1_COFACTOR_DERIVE " ; break ;
case CKM_ECMQV_DERIVE : name = " CKM_ECMQV_DERIVE " ; break ;
case CKM_JUNIPER_KEY_GEN : name = " CKM_JUNIPER_KEY_GEN " ; break ;
case CKM_JUNIPER_ECB128 : name = " CKM_JUNIPER_ECB128 " ; break ;
case CKM_JUNIPER_CBC128 : name = " CKM_JUNIPER_CBC128 " ; break ;
case CKM_JUNIPER_COUNTER : name = " CKM_JUNIPER_COUNTER " ; break ;
case CKM_JUNIPER_SHUFFLE : name = " CKM_JUNIPER_SHUFFLE " ; break ;
case CKM_JUNIPER_WRAP : name = " CKM_JUNIPER_WRAP " ; break ;
case CKM_FASTHASH : name = " CKM_FASTHASH " ; break ;
case CKM_AES_KEY_GEN : name = " CKM_AES_KEY_GEN " ; break ;
case CKM_AES_ECB : name = " CKM_AES_ECB " ; break ;
case CKM_AES_CBC : name = " CKM_AES_CBC " ; break ;
case CKM_AES_MAC : name = " CKM_AES_MAC " ; break ;
case CKM_AES_MAC_GENERAL : name = " CKM_AES_MAC_GENERAL " ; break ;
case CKM_AES_CBC_PAD : name = " CKM_AES_CBC_PAD " ; break ;
case CKM_DSA_PARAMETER_GEN : name = " CKM_DSA_PARAMETER_GEN " ; break ;
case CKM_DH_PKCS_PARAMETER_GEN : name = " CKM_DH_PKCS_PARAMETER_GEN " ; break ;
case CKM_X9_42_DH_PARAMETER_GEN : name = " CKM_X9_42_DH_PARAMETER_GEN " ; break ;
case CKM_VENDOR_DEFINED : name = " CKM_VENDOR_DEFINED " ; break ;
default : {
std : : stringstream ss ;
ss < < " unknown mechanism: " < < id ;
throw exception ( ss . str ( ) ) ;
}
}
}
} ;
struct SlotInfo {
FixString < 64 > slotDescription ;
FixString < 32 > manufacturerID ;
CK_FLAGS flags ;
CK_VERSION hardwareVersion ;
CK_VERSION firmwareVersion ;
} ;
struct TokenInfo {
FixString < 32 > label ;
FixString < 32 > manufacturerID ;
FixString < 16 > model ;
FixString < 16 > serialNumber ;
CK_FLAGS flags ;
CK_ULONG maxSessionCount ;
CK_ULONG sessionCount ;
CK_ULONG maxRwSessionCount ;
CK_ULONG rwSessionCount ;
CK_ULONG maxPinLen ;
CK_ULONG minPinLen ;
CK_ULONG totalPublicMemory ;
CK_ULONG freePublicMemory ;
CK_ULONG totalPrivateMemory ;
CK_ULONG freePrivateMemory ;
CK_VERSION hardwareVersion ;
CK_VERSION firmwareVersion ;
FixString < 16 > utcTime ;
} ;
struct Info {
CK_VERSION cryptokiVersion ;
FixString < 32 > manufacturerID ;
CK_FLAGS flags ;
FixString < 32 > libraryDescription ;
CK_VERSION libraryVersion ;
} ;
//! to be instanciated before first use
class Init {
private :
friend class Slot ;
friend class Session ;
friend class Object ;
bool _exc ;
CK_RV _res ;
CK_FUNCTION_LIST * _fn ;
Init ( const Init & ) ; // forbidden
Init & operator = ( const Init & ) ; // forbidden
//! Initialize Funcion List for this Instance
bool functionList ( const std : : string & library ) ;
bool check ( CK_RV result , const std : : string & context = " " ) ;
/*! @return error text of last cryptoki call */
std : : string error ( CK_RV res ) ;
public :
//! Initialize for a given library (default cryptoki)
/*! Please notem, that you must not instanciate more than one
Init per unique function list !
@ param fn function list to be used within this instance
@ param exc wether exceptions should be thrown */
Init ( const std : : string & library = " onepin-opensc-pkcs11.so " , bool exc = true ) ;
/*! @name C Like Error Handling
You are strongly recommended not to disable exception
handling . If you disable it , you must check after every
operation whether it was successful or not . These methods
provide all you need for that . */
//@{
/*! @return @c true if last cryptoki on this object call was successful */
operator bool ( ) ;
/*! @return error text of last cryptoki call */
std : : string error ( ) ;
//@}
Info info ( ) {
Info inf ;
CK_INFO cInf ;
//! calls @c C_GetInfo
if ( ! check ( _fn - > C_GetInfo ( & cInf ) , CRYPTOKI_FN_LOG ( " C_GetInfo " ) ) )
return inf ;
inf . cryptokiVersion = cInf . cryptokiVersion ;
inf . manufacturerID = cInf . manufacturerID ;
inf . flags = cInf . flags ;
inf . libraryDescription = cInf . libraryDescription ;
inf . libraryVersion = cInf . libraryVersion ;
return inf ;
}
//! Get a list of available slots
/*! @param tokenPresent whether a token must be inserted into the reader
@ return list of matching slots */
SlotList slotList ( bool tokenPresent = true ) ;
} ;
//! Slot and Token Management
class Slot {
private :
friend class Init ;
friend class Session ;
friend class Object ;
Init * _init ;
CK_SLOT_ID _slot ;
CK_RV _res ;
Slot ( Init & init , CK_SLOT_ID slot ) :
_init ( & init ) , _slot ( slot ) , _res ( CKR_OK ) {
}
bool check ( CK_RV result , const std : : string & context = " " ) {
_res = result ;
if ( _init - > _exc & & ! * this )
if ( context . size ( ) )
throw access_error ( context + " : " + error ( ) ) ;
else
throw access_error ( error ( ) ) ;
return _res = = CKR_OK ;
}
public :
/*! @name C Like Error Handling
You are strongly recommended not to disable exception
handling . If you disable it , you must check after every
operation whether it was successful or not . These methods
provide all you need for that . */
//@{
/*! @return @c true if last cryptoki on this object call was successful */
operator bool ( ) {
return _res = = CKR_OK ;
}
/*! @return error text of last cryptoki call */
std : : string error ( ) {
return _init - > error ( _res ) ;
}
//@}
MechanismInfo mechanisminfo ( CK_MECHANISM_TYPE mechanism ) {
MechanismInfo info ( mechanism ) ;
CK_MECHANISM_INFO cInfo ;
//! calls @c C_GetMechanismInfo
check ( _init - > _fn - > C_GetMechanismInfo ( _slot , mechanism , & cInfo ) ,
CRYPTOKI_FN_LOG ( " C_GetMechanismInfo " ) ) ;
info . minKeySize = cInfo . ulMinKeySize ;
info . maxKeySize = cInfo . ulMaxKeySize ;
info . flags = cInfo . flags ;
return info ;
}
MechanismList mechanismlist ( ) {
MechanismList res ;
CK_ULONG count ( 0 ) ;
//! calls @c C_GetMechanismList
if ( ! check ( _init - > _fn - > C_GetMechanismList ( _slot , 0 , & count ) ,
CRYPTOKI_FN_LOG ( " C_GetMechanismList " ) ) | | ! count ) return res ;
CK_MECHANISM_TYPE * mechanisms = 0 ;
try {
mechanisms = new CK_MECHANISM_TYPE [ count ] ;
if ( ! check ( _init - > _fn - > C_GetMechanismList ( _slot , mechanisms , & count ) ,
CRYPTOKI_FN_LOG ( " C_GetMechanismList " ) ) ) {
delete [ ] mechanisms ;
return res ;
}
for ( CK_ULONG i ( 0 ) ; i < count ; + + i )
res . insert ( mechanisms [ i ] ) ;
} catch ( . . . ) {
delete [ ] mechanisms ;
throw ;
}
delete [ ] mechanisms ;
return res ;
}
SlotInfo slotinfo ( ) {
SlotInfo info ;
CK_SLOT_INFO cInfo ;
//! calls @c C_GetSlotInfo
if ( ! check ( _init - > _fn - > C_GetSlotInfo ( _slot , & cInfo ) ,
CRYPTOKI_FN_LOG ( " C_GetSlotInfo " ) ) ) return info ;
info . slotDescription = cInfo . slotDescription ;
info . manufacturerID = cInfo . manufacturerID ;
info . flags = cInfo . flags ;
info . hardwareVersion = cInfo . hardwareVersion ;
info . firmwareVersion = cInfo . firmwareVersion ;
return info ;
}
TokenInfo tokeninfo ( ) {
TokenInfo info ;
//! calls @c C_GetTokenInfo
CK_TOKEN_INFO cInfo ;
if ( ! check ( _init - > _fn - > C_GetTokenInfo ( _slot , & cInfo ) ,
CRYPTOKI_FN_LOG ( " C_GetTokenInfo " ) ) ) return info ;
info . label = cInfo . label ;
info . manufacturerID = cInfo . manufacturerID ;
info . model = cInfo . model ;
info . serialNumber = cInfo . serialNumber ;
info . flags = cInfo . flags ;
info . maxSessionCount = cInfo . ulMaxSessionCount ;
info . sessionCount = cInfo . ulSessionCount ;
info . maxRwSessionCount = cInfo . ulMaxRwSessionCount ;
info . rwSessionCount = cInfo . ulRwSessionCount ;
info . maxPinLen = cInfo . ulMaxPinLen ;
info . minPinLen = cInfo . ulMinPinLen ;
info . totalPublicMemory = cInfo . ulTotalPublicMemory ;
info . freePublicMemory = cInfo . ulFreePublicMemory ;
info . totalPrivateMemory = cInfo . ulTotalPrivateMemory ;
info . freePrivateMemory = cInfo . ulFreePrivateMemory ;
info . hardwareVersion = cInfo . hardwareVersion ;
info . firmwareVersion = cInfo . firmwareVersion ;
info . utcTime = cInfo . utcTime ;
return info ;
}
/*! @bug does not compile:
@ code
bool inittoken ( std : : string pin , FixString < 32 > label ) {
//! calls @c C_InitToken
return check ( _init - > _fn - > C_InitToken
( _slot ,
( unsigned char * ) pin . begin ( ) . operator - > ( ) , pin . size ( ) ,
( unsigned char * ) label . fix ( ) . begin ( ) . operator - > ( ) )
CRYPTOKI_FN_LOG ( " C_InitToken " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
class SlotEventListener {
public : virtual void slotEvent ( ) = 0 ;
}
bool registerforslotevent ( SlotEventListener & ) {
//! calls @c C_WaitForSlotEvent
return check ( _init - > _fn - > C_WaitForSlotEvent ( CK_FLAGS , & _slot , CK_VOID_PTR ) ,
CRYPTOKI_FN_LOG ( " C_WaitForSlotEvent " ) ) ;
}
@ endcode */
} ;
//! Session Management
//! Not implemented: CK_RV C_CloseAllSessions(CK_SLOT_ID);
class Session {
private :
friend class Object ;
Slot & _slot ;
CK_SESSION_HANDLE _session ;
CK_RV _res ;
Session ( ) ; // forbidden
Session ( const Session & ) ; // forbidden
Session & operator = ( const Session & ) ; // forbidden
bool check ( CK_RV result , const std : : string & context = " " ) {
_res = result ;
if ( _slot . _init - > _exc & & ! * this )
if ( context . size ( ) )
throw access_error ( context + " : " + error ( ) ) ;
else
throw access_error ( error ( ) ) ;
return _res = = CKR_OK ;
}
public :
//! Opens a new session.
/*! @param slot slot to open a session on */
Session ( Slot & slot ) : _slot ( slot ) , _session ( 0 ) , _res ( CKR_OK ) {
//! calls @c C_OpenSession
check ( _slot . _init - > _fn - > C_OpenSession ( _slot . _slot , 0 , 0 , 0 , & _session ) ,
CRYPTOKI_FN_LOG ( " C_OpenSession " ) ) ;
//! @todo pass parameter
}
//! Closes actual session
~ Session ( ) {
try {
//! calls @c C_CloseSession
check ( _slot . _init - > _fn - > C_CloseSession ( _session ) ,
CRYPTOKI_FN_LOG ( " C_CloseSession " ) ) ;
} catch ( . . . ) {
if ( ! std : : uncaught_exception ( ) ) throw ;
}
}
/*! @name C Like Error Handling
You are strongly recommended not to disable exception
handling . If you disable it , you must check after every
operation whether it was successful or not . These methods
provide all you need for that . */
//@{
/*! @return @c true if last cryptoki on this object call was successful */
operator bool ( ) {
return _res = = CKR_OK ;
}
/*! @return error text of last cryptoki call */
std : : string error ( ) {
return _slot . _init - > error ( _res ) ;
}
//@}
/*! @name Low Level Cryptoki Functions
Direct access to the low level cryptoki API . Better use the
comfort methods . */
//@{
bool cancel ( ) {
//! calls @c C_CancelFunction
return check ( _slot . _init - > _fn - > C_CancelFunction ( _session ) ,
CRYPTOKI_FN_LOG ( " C_CancelFunction " ) ) ;
}
std : : string decrypt ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok (seems so ...)
//! calls @c C_Decrypt
check ( _slot . _init - > _fn - > C_Decrypt
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_Decrypt " ) ) ;
res . resize ( size ) ;
return res ;
}
std : : string decryptdigestupdate ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_DecryptDigestUpdate
check ( _slot . _init - > _fn - > C_DecryptDigestUpdate
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_DecryptDigestUpdate " ) ) ;
res . resize ( size ) ;
return res ;
}
bool decryptfinal ( ) {
//! calls @c C_DecryptFinal
return check ( _slot . _init - > _fn - > C_DecryptFinal ( _session , 0 , 0 ) ,
CRYPTOKI_FN_LOG ( " C_DecryptFinal " ) ) ;
//! @todo does this work?
}
std : : string decryptupdate ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_DecryptUpdate
check ( _slot . _init - > _fn - > C_DecryptUpdate
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_DecryptUpdate " ) ) ;
res . resize ( size ) ;
return res ;
}
std : : string decryptverifyupdate ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_DecryptVerifyUpdate
check ( _slot . _init - > _fn - > C_DecryptVerifyUpdate
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_DecryptVerifyUpdate " ) ) ;
res . resize ( size ) ;
return res ;
}
std : : string digest ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_Digest
check ( _slot . _init - > _fn - > C_Digest
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_Digest " ) ) ;
res . resize ( size ) ;
return res ;
}
std : : string digestencryptupdate ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_DigestEncryptUpdate
check ( _slot . _init - > _fn - > C_DigestEncryptUpdate
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_DigestEncryptUpdate " ) ) ;
res . resize ( size ) ;
return res ;
}
/*! @todo Not implemented:
@ code
bool digestfinal ( ) {
//! calls @c C_DigestFinal
return check ( _slot . _init - > _fn - > C_DigestFinal ( _session , CK_BYTE_PTR , CK_ULONG_PTR ) ,
CRYPTOKI_FN_LOG ( " C_DigestFinal " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool digestinit ( ) {
//! calls @c C_DigestInit
return check ( _slot . _init - > _fn - > C_DigestInit ( _session , CK_MECHANISM_PTR ) ,
CRYPTOKI_FN_LOG ( " C_DigestInit " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool digestupdate ( ) {
//! calls @c C_DigestUpdate
return check ( _slot . _init - > _fn - > C_DigestUpdate ( _session , CK_BYTE_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_DigestUpdate " ) ) ;
}
@ endcode */
std : : string encrypt ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_Encrypt
check ( _slot . _init - > _fn - > C_Encrypt
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_Encrypt " ) ) ;
res . resize ( size ) ;
return res ;
}
/*! @todo Not implemented:
@ code
bool encryptfinal ( ) {
//! calls @c C_EncryptFinal
return check ( _slot . _init - > _fn - > C_EncryptFinal ( _session , CK_BYTE_PTR , CK_ULONG_PTR ) ,
CRYPTOKI_FN_LOG ( " C_EncryptFinal " ) ) ;
}
@ endcode */
std : : string encryptupdate ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_EncryptUpdate
check ( _slot . _init - > _fn - > C_EncryptUpdate
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_EncryptUpdate " ) ) ;
res . resize ( size ) ;
return res ;
}
/*! @todo Not implemented:
@ code
bool finalize ( ) {
//! calls @c C_Finalize
return check ( _slot . _init - > _fn - > C_Finalize ( CK_VOID_PTR ) ,
CRYPTOKI_FN_LOG ( " C_Finalize " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool findobjectsfinal ( ) {
//! calls @c C_FindObjectsFinal
return check ( _slot . _init - > _fn - > C_FindObjectsFinal ( _session ) ,
CRYPTOKI_FN_LOG ( " C_FindObjectsFinal " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool findobjectsinit ( ) {
//! calls @c C_FindObjectsInit
return check ( _slot . _init - > _fn - > C_FindObjectsInit ( _session , CK_ATTRIBUTE_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_FindObjectsInit " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool generaterandom ( ) {
//! calls @c C_GenerateRandom
return check ( _slot . _init - > _fn - > C_GenerateRandom ( _session , CK_BYTE_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_GenerateRandom " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool getfunctionstatus ( ) {
//! calls @c C_GetFunctionStatus
return check ( _slot . _init - > _fn - > C_GetFunctionStatus ( _session ) ,
CRYPTOKI_FN_LOG ( " C_GetFunctionStatus " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool getoperationstate ( ) {
//! calls @c C_GetOperationState
return check ( _slot . _init - > _fn - > C_GetOperationState ( _session , CK_BYTE_PTR , CK_ULONG_PTR ) ,
CRYPTOKI_FN_LOG ( " C_GetOperationState " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool getsessioninfo ( ) {
//! calls @c C_GetSessionInfo
return check ( _slot . _init - > _fn - > C_GetSessionInfo ( _session , CK_SESSION_INFO_PTR ) ,
CRYPTOKI_FN_LOG ( " C_GetSessionInfo " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool initpin ( ) {
//! calls @c C_InitPIN
return check ( _slot . _init - > _fn - > C_InitPIN ( _session , CK_CHAR_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_InitPIN " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool login ( ) {
//! calls @c C_Login
return check ( _slot . _init - > _fn - > C_Login ( _session , CK_USER_TYPE , CK_CHAR_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_Login " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool logout ( ) {
//! calls @c C_Logout
return check ( _slot . _init - > _fn - > C_Logout ( _session ) ,
CRYPTOKI_FN_LOG ( " C_Logout " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool seedrandom ( ) {
//! calls @c C_SeedRandom
return check ( _slot . _init - > _fn - > C_SeedRandom ( _session , CK_BYTE_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_SeedRandom " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool setpin ( ) {
//! calls @c C_SetPIN
return check ( _slot . _init - > _fn - > C_SetPIN ( _session , CK_CHAR_PTR , CK_ULONG , CK_CHAR_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_SetPIN " ) ) ;
}
@ endcode */
std : : string sign ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_Sign
check ( _slot . _init - > _fn - > C_Sign
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_Sign " ) ) ;
res . resize ( size ) ;
return res ;
}
std : : string signencryptupdate ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_SignEncryptUpdate
check ( _slot . _init - > _fn - > C_SignEncryptUpdate
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_SignEncryptUpdate " ) ) ;
res . resize ( size ) ;
return res ;
}
/*! @todo Not implemented:
@ code
bool signfinal ( ) {
//! calls @c C_SignFinal
return check ( _slot . _init - > _fn - > C_SignFinal ( _session , CK_BYTE_PTR , CK_ULONG_PTR ) ,
CRYPTOKI_FN_LOG ( " C_SignFinal " ) ) ;
}
@ endcode */
std : : string signrecover ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_SignRecover
check ( _slot . _init - > _fn - > C_SignRecover
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_SignRecover " ) ) ;
res . resize ( size ) ;
return res ;
}
/*! @todo Not implemented:
@ code
bool signupdate ( ) {
//! calls @c C_SignUpdate
return check ( _slot . _init - > _fn - > C_SignUpdate ( _session , CK_BYTE_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_SignUpdate " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool verify ( ) {
//! calls @c C_Verify
return check ( _slot . _init - > _fn - > C_Verify ( _session , CK_BYTE_PTR , CK_ULONG ,
CK_BYTE_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_Verify " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool verifyfinal ( ) {
//! calls @c C_VerifyFinal
return check ( _slot . _init - > _fn - > C_VerifyFinal ( _session , CK_BYTE_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_VerifyFinal " ) ) ;
}
@ endcode */
std : : string verifyrecover ( std : : string in ) {
std : : string res ;
res . resize ( in . size ( ) ) ;
CK_ULONG size ( res . size ( ) ) ; //! @todo check if size is ok
//! calls @c C_VerifyRecover
check ( _slot . _init - > _fn - > C_VerifyRecover
( _session ,
( unsigned char * ) in . begin ( ) . operator - > ( ) , in . size ( ) ,
( unsigned char * ) res . begin ( ) . operator - > ( ) , & size ) ,
CRYPTOKI_FN_LOG ( " C_VerifyRecover " ) ) ;
res . resize ( size ) ;
return res ;
}
/*! @todo Not implemented:
@ code
bool verifyupdate ( ) {
//! calls @c C_VerifyUpdate
return check ( _slot . _init - > _fn - > C_VerifyUpdate ( _session , CK_BYTE_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_VerifyUpdate " ) ) ;
}
@ endcode */
//@}
} ;
class Object {
private :
friend class Session ;
CK_OBJECT_HANDLE _object ;
Session & _session ;
CK_RV _res ;
bool check ( CK_RV result , const std : : string & context = " " ) {
_res = result ;
if ( _session . _slot . _init - > _exc & & ! * this )
if ( context . size ( ) )
throw access_error ( context + " : " + error ( ) ) ;
else
throw access_error ( error ( ) ) ;
return _res = = CKR_OK ;
}
Object ( ) ; //! forbidden
Object ( Session & session ) : _session ( session ) , _res ( CKR_OK ) {
//! @todo _object = ???
}
public :
/*! @name C Like Error Handling
You are strongly recommended not to disable exception
handling . If you disable it , you must check after every
operation whether it was successful or not . These methods
provide all you need for that . */
//@{
/*! @return @c true if last cryptoki on this object call was successful */
operator bool ( ) {
return _res = = CKR_OK ;
}
/*! @return error text of last cryptoki call */
std : : string error ( ) {
return _session . _slot . _init - > error ( _res ) ;
}
//@}
/*! @name Low Level Cryptoki Functions
Direct access to the low level cryptoki API . Better use the
comfort methods . */
//@{
/*! @todo Not implemented:
@ code
bool copyobject ( ) {
//! calls @c C_CopyObject
return check ( _session . _slot . _init - > _fn - > C_CopyObject ( _session , CK_OBJECT_HANDLE ,
CK_ATTRIBUTE_PTR , CK_ULONG , CK_OBJECT_HANDLE_PTR ) ,
CRYPTOKI_FN_LOG ( " C_CopyObject " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool createobject ( ) {
//! calls @c C_CreateObject
return check ( _session . _slot . _init - > _fn - > C_CreateObject ( _session , CK_ATTRIBUTE_PTR , CK_ULONG ,
CK_OBJECT_HANDLE_PTR ) ,
CRYPTOKI_FN_LOG ( " C_CreateObject " ) ) ;
}
@ endcode */
bool decryptinit ( CK_MECHANISM_TYPE type , std : : string param ,
const Object & key ) {
CK_MECHANISM mech = {
type , param . begin ( ) . operator - > ( ) , param . size ( )
} ;
//! calls @c C_DecryptInit
return check ( _session . _slot . _init - > _fn - > C_DecryptInit
( _session , & mech , key . _object ) ,
CRYPTOKI_FN_LOG ( " C_DecryptInit " ) ) ;
}
/*! @todo Not implemented:
@ code
bool derivekey ( ) {
//! calls @c C_DeriveKey
return check ( _session . _slot . _init - > _fn - > C_DeriveKey ( _session , CK_MECHANISM_PTR , CK_OBJECT_HANDLE ,
CK_ATTRIBUTE_PTR , CK_ULONG , CK_OBJECT_HANDLE_PTR ) ,
CRYPTOKI_FN_LOG ( " C_DeriveKey " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool destroyobject ( ) {
//! calls @c C_DestroyObject
return check ( _session . _slot . _init - > _fn - > C_DestroyObject ( _session , CK_OBJECT_HANDLE ) ,
CRYPTOKI_FN_LOG ( " C_DestroyObject " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool digestkey ( ) {
//! calls @c C_DigestKey
return check ( _session . _slot . _init - > _fn - > C_DigestKey ( _session , CK_OBJECT_HANDLE ) ,
CRYPTOKI_FN_LOG ( " C_DigestKey " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool encryptinit ( ) {
//! calls @c C_EncryptInit
return check ( _session . _slot . _init - > _fn - > C_EncryptInit ( _session , CK_MECHANISM_PTR , CK_OBJECT_HANDLE ) ,
CRYPTOKI_FN_LOG ( " C_EncryptInit " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool findobjects ( ) {
//! calls @c C_FindObjects
return check ( _session . _slot . _init - > _fn - > C_FindObjects ( _session , CK_OBJECT_HANDLE_PTR , CK_ULONG ,
CK_ULONG_PTR ) ,
CRYPTOKI_FN_LOG ( " C_FindObjects " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool generatekey ( ) {
//! calls @c C_GenerateKey
return check ( _session . _slot . _init - > _fn - > C_GenerateKey ( _session , CK_MECHANISM_PTR , CK_ATTRIBUTE_PTR ,
CK_ULONG , CK_OBJECT_HANDLE_PTR ) ,
CRYPTOKI_FN_LOG ( " C_GenerateKey " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool generatekeypair ( ) {
//! calls @c C_GenerateKeyPair
return check ( _session . _slot . _init - > _fn - > C_GenerateKeyPair ( _session , CK_MECHANISM_PTR , CK_ATTRIBUTE_PTR ,
CK_ULONG , CK_ATTRIBUTE_PTR , CK_ULONG ,
CK_OBJECT_HANDLE_PTR , CK_OBJECT_HANDLE_PTR ) ,
CRYPTOKI_FN_LOG ( " C_GenerateKeyPair " ) ) ;
}
@ endcode */
AttributeList getattributevalue ( const AttributeTypeList & attributes ) {
AttributeList res ;
CK_ATTRIBUTE * attrs ( new CK_ATTRIBUTE [ attributes . size ( ) ] ) ;
AttributeTypeList : : const_iterator it ( attributes . begin ( ) ) ;
for ( AttributeTypeList : : size_type i ( 0 ) ; it ! = attributes . end ( ) ; + + it , + + i )
attrs [ i ] = ( CK_ATTRIBUTE ) { * it , 0 , 0 } ;
try {
//! calls @c C_GetAttributeValue
if ( check ( _session . _slot . _init - > _fn - > C_GetAttributeValue
( _session , _object , attrs , attributes . size ( ) ) ,
CRYPTOKI_FN_LOG ( " C_GetAttributeValue " ) ) ) {
for ( AttributeTypeList : : size_type i ( 0 ) ; i < attributes . size ( ) ; + + i )
if ( attrs [ i ] . ulValueLen > 0 )
attrs [ i ] . pValue = malloc ( attrs [ i ] . ulValueLen ) ;
check ( _session . _slot . _init - > _fn - > C_GetAttributeValue
( _session , _object , attrs , attributes . size ( ) ) ,
CRYPTOKI_FN_LOG ( " C_GetAttributeValue " ) ) ;
}
for ( AttributeTypeList : : size_type i ( 0 ) ; i < attributes . size ( ) ; + + i )
if ( attrs [ i ] . ulValueLen > 0 )
res . insert ( std : : make_pair ( attrs [ i ] . type , Attribute ( attrs [ i ] ) ) ) ;
return res ;
} catch ( . . . ) {
for ( AttributeTypeList : : size_type i ( 0 ) ; i < attributes . size ( ) ; + + i )
free ( attrs [ i ] . pValue ) ;
delete [ ] attrs ;
throw ;
}
}
/*! @todo Not implemented:
@ code
bool getobjectsize ( ) {
//! calls @c C_GetObjectSize
return check ( _session . _slot . _init - > _fn - > C_GetObjectSize ( _session , CK_OBJECT_HANDLE , CK_ULONG_PTR ) ,
CRYPTOKI_FN_LOG ( " C_GetObjectSize " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool setattributevalue ( ) {
//! calls @c C_SetAttributeValue
return check ( _session . _slot . _init - > _fn - > C_SetAttributeValue ( _session , CK_OBJECT_HANDLE ,
CK_ATTRIBUTE_PTR , CK_ULONG ) ,
CRYPTOKI_FN_LOG ( " C_SetAttributeValue " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool setoperationstate ( ) {
//! calls @c C_SetOperationState
return check ( _session . _slot . _init - > _fn - > C_SetOperationState ( _session , CK_BYTE_PTR , CK_ULONG ,
CK_OBJECT_HANDLE , CK_OBJECT_HANDLE ) ,
CRYPTOKI_FN_LOG ( " C_SetOperationState " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool signinit ( ) {
//! calls @c C_SignInit
return check ( _session . _slot . _init - > _fn - > C_SignInit ( _session , CK_MECHANISM_PTR , CK_OBJECT_HANDLE ) ,
CRYPTOKI_FN_LOG ( " C_SignInit " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool signrecoverinit ( ) {
//! calls @c C_SignRecoverInit
return check ( _session . _slot . _init - > _fn - > C_SignRecoverInit ( _session , CK_MECHANISM_PTR , CK_OBJECT_HANDLE ) ,
CRYPTOKI_FN_LOG ( " C_SignRecoverInit " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool unwrapkey ( ) {
//! calls @c C_UnwrapKey
return check ( _session . _slot . _init - > _fn - > C_UnwrapKey ( _session , CK_MECHANISM_PTR , CK_OBJECT_HANDLE ,
CK_BYTE_PTR , CK_ULONG , CK_ATTRIBUTE_PTR , CK_ULONG ,
CK_OBJECT_HANDLE_PTR ) ,
CRYPTOKI_FN_LOG ( " C_UnwrapKey " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool verifyinit ( ) {
//! calls @c C_VerifyInit
return check ( _session . _slot . _init - > _fn - > C_VerifyInit ( _session , CK_MECHANISM_PTR , CK_OBJECT_HANDLE ) ,
CRYPTOKI_FN_LOG ( " C_VerifyInit " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool verifyrecoverinit ( ) {
//! calls @c C_VerifyRecoverInit
return check ( _session . _slot . _init - > _fn - > C_VerifyRecoverInit ( _session , CK_MECHANISM_PTR , CK_OBJECT_HANDLE ) ,
CRYPTOKI_FN_LOG ( " C_VerifyRecoverInit " ) ) ;
}
@ endcode */
/*! @todo Not implemented:
@ code
bool wrapkey ( ) {
//! calls @c C_WrapKey
return check ( _session . _slot . _init - > _fn - > C_WrapKey ( _session , CK_MECHANISM_PTR , CK_OBJECT_HANDLE ,
CK_OBJECT_HANDLE , CK_BYTE_PTR , CK_ULONG_PTR ) ,
CRYPTOKI_FN_LOG ( " C_WrapKey " ) ) ;
}
@ endcode */
//@}
} ;
# endif
# ifdef UNDEF_CRYPTOKI_FN_LOG // cleanup if it was set in here
# undef CRYPTOKI_FN_LOG
# undef CRYPTOKI_QUOTE
# endif
}
