[Cryptech-Commits] [sw/libhal] 02/02: More work on PIN/login/logout code. Access control still missing, committing now so Paul has a chance to look at the current RPC API.

git at cryptech.is git at cryptech.is
Thu Dec 24 06:20:07 UTC 2015


This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch rpc
in repository sw/libhal.

commit 7dfad9f2b40f32fb2f2d38c4637ae9faad4228d9
Author: Rob Austein <sra at hactrn.net>
Date:   Thu Dec 24 01:16:10 2015 -0500

    More work on PIN/login/logout code.  Access control still missing,
    committing now so Paul has a chance to look at the current RPC API.
---
 hal.h          | 52 +++++++++++++++++++++++++-----------------------
 hal_internal.h | 43 ++++++++++++++++++++--------------------
 ks.c           |  2 +-
 rpc_api.c      | 55 ++++++++++++++++++++++++++-------------------------
 rpc_client.c   | 53 +++++++++++++++++++++++++------------------------
 rpc_hash.c     | 12 ++++++------
 rpc_misc.c     | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++++-----
 rpc_pkey.c     | 56 ++++++++++++++++++++++++++--------------------------
 8 files changed, 196 insertions(+), 139 deletions(-)

diff --git a/hal.h b/hal.h
index d95e475..36b69dc 100644
--- a/hal.h
+++ b/hal.h
@@ -123,6 +123,7 @@
   DEFINE_HAL_ERROR(HAL_ERROR_KEY_NAME_IN_USE,           "Key name in use")                              \
   DEFINE_HAL_ERROR(HAL_ERROR_NO_KEY_SLOTS_AVAILABLE,    "No key slots available")                       \
   DEFINE_HAL_ERROR(HAL_ERROR_PIN_INCORRECT,             "PIN incorrect")                                \
+  DEFINE_HAL_ERROR(HAL_ERROR_NO_CLIENT_SLOTS_AVAILABLE, "No client slots available")                    \
   END_OF_HAL_ERROR_LIST
 
 /* Marker to forestall silly line continuation errors */
@@ -543,7 +544,8 @@ typedef struct { uint32_t handle; } hal_session_handle_t;
 
 typedef enum { HAL_USER_NONE, HAL_USER_NORMAL, HAL_USER_SO, HAL_USER_WHEEL } hal_user_t;
 
-extern hal_error_t hal_rpc_set_pin(const hal_user_t user,
+extern hal_error_t hal_rpc_set_pin(const hal_client_handle_t client,
+                                   const hal_user_t user,
                                    const char * const newpin, const size_t newpin_len);
 
 extern hal_error_t hal_rpc_login(const hal_client_handle_t client,
@@ -562,16 +564,16 @@ extern hal_error_t hal_rpc_get_random(void *buffer, const size_t length);
  * Combined hash and HMAC functions: pass NULL key for plain hashing.
  */
 
-typedef struct { uint32_t handle; } hal_rpc_hash_handle_t;
+typedef struct { uint32_t handle; } hal_hash_handle_t;
 
-extern const hal_rpc_hash_handle_t hal_rpc_hash_handle_none;
+extern const hal_hash_handle_t hal_hash_handle_none;
 
 extern hal_error_t hal_rpc_hash_get_digest_length(const hal_digest_algorithm_t alg, size_t *length);
 
 extern hal_error_t hal_rpc_hash_get_digest_algorithm_id(const hal_digest_algorithm_t alg,
                                                         uint8_t *id, size_t *len, const size_t len_max);
 
-extern hal_error_t hal_rpc_hash_get_algorithm(const hal_rpc_hash_handle_t hash, hal_digest_algorithm_t *alg);
+extern hal_error_t hal_rpc_hash_get_algorithm(const hal_hash_handle_t hash, hal_digest_algorithm_t *alg);
 
 /*
  * Once started, a hash or HMAC operation is bound to a particular
@@ -580,21 +582,21 @@ extern hal_error_t hal_rpc_hash_get_algorithm(const hal_rpc_hash_handle_t hash,
 
 extern hal_error_t hal_rpc_hash_initialize(const hal_client_handle_t client,
                                            const hal_session_handle_t session,
-                                           hal_rpc_hash_handle_t *hash,
+                                           hal_hash_handle_t *hash,
                                            const hal_digest_algorithm_t alg,
                                            const uint8_t * const key, const size_t key_length);
 
-extern hal_error_t hal_rpc_hash_update(const hal_rpc_hash_handle_t hash,
+extern hal_error_t hal_rpc_hash_update(const hal_hash_handle_t hash,
                                        const uint8_t * data, const size_t length);
 
-extern hal_error_t hal_rpc_hash_finalize(const hal_rpc_hash_handle_t hash,
+extern hal_error_t hal_rpc_hash_finalize(const hal_hash_handle_t hash,
                                          uint8_t *digest, const size_t length);
 
 /*
  * Public key functions.
  *
  * The _sign() and _verify() methods accept a hash OR an input string;
- * either "hash" should be hal_rpc_hash_handle_none or input should be NULL,
+ * either "hash" should be hal_hash_handle_none or input should be NULL,
  * but not both.
  *
  * Use of client and session handles here needs a bit more thought.
@@ -620,7 +622,7 @@ extern hal_error_t hal_rpc_hash_finalize(const hal_rpc_hash_handle_t hash,
 
 #define	HAL_RPC_PKEY_NAME_MAX 128
 
-typedef struct { uint32_t handle; } hal_rpc_pkey_handle_t;
+typedef struct { uint32_t handle; } hal_pkey_handle_t;
 
 typedef uint32_t hal_key_flags_t;
 
@@ -630,7 +632,7 @@ typedef uint32_t hal_key_flags_t;
 
 extern hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client,
                                      const hal_session_handle_t session,
-                                     hal_rpc_pkey_handle_t *pkey,
+                                     hal_pkey_handle_t *pkey,
                                      const hal_key_type_t type,
                                      const hal_curve_name_t curve,
                                      const uint8_t * const name, const size_t name_len,
@@ -639,13 +641,13 @@ extern hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client,
 
 extern hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client,
                                      const hal_session_handle_t session,
-                                     hal_rpc_pkey_handle_t *pkey,
+                                     hal_pkey_handle_t *pkey,
                                      const hal_key_type_t type,
                                      const uint8_t * const name, const size_t name_len);
 
 extern hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client,
                                              const hal_session_handle_t session,
-                                             hal_rpc_pkey_handle_t *pkey,
+                                             hal_pkey_handle_t *pkey,
                                              const uint8_t * const name, const size_t name_len,
                                              const unsigned key_length,
                                              const uint8_t * const public_exponent, const size_t public_exponent_len,
@@ -653,35 +655,35 @@ extern hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client,
 
 extern hal_error_t hal_rpc_pkey_generate_ec(const hal_client_handle_t client,
                                             const hal_session_handle_t session,
-                                            hal_rpc_pkey_handle_t *pkey,
+                                            hal_pkey_handle_t *pkey,
                                             const uint8_t * const name, const size_t name_len,
                                             const hal_curve_name_t curve,
                                             const hal_key_flags_t flags);
 
-extern hal_error_t hal_rpc_pkey_close(const hal_rpc_pkey_handle_t pkey);
+extern hal_error_t hal_rpc_pkey_close(const hal_pkey_handle_t pkey);
 
-extern hal_error_t hal_rpc_pkey_delete(const hal_rpc_pkey_handle_t pkey);
+extern hal_error_t hal_rpc_pkey_delete(const hal_pkey_handle_t pkey);
 
-extern hal_error_t hal_rpc_pkey_get_key_type(const hal_rpc_pkey_handle_t pkey,
+extern hal_error_t hal_rpc_pkey_get_key_type(const hal_pkey_handle_t pkey,
                                              hal_key_type_t *type);
 
-extern hal_error_t hal_rpc_pkey_get_key_flags(const hal_rpc_pkey_handle_t pkey,
+extern hal_error_t hal_rpc_pkey_get_key_flags(const hal_pkey_handle_t pkey,
                                               hal_key_flags_t *flags);
 
-extern size_t hal_rpc_pkey_get_public_key_len(const hal_rpc_pkey_handle_t pkey);
+extern size_t hal_rpc_pkey_get_public_key_len(const hal_pkey_handle_t pkey);
 
-extern hal_error_t hal_rpc_pkey_get_public_key(const hal_rpc_pkey_handle_t pkey,
+extern hal_error_t hal_rpc_pkey_get_public_key(const hal_pkey_handle_t pkey,
                                                uint8_t *der, size_t *der_len, const size_t der_max);
 
 extern hal_error_t hal_rpc_pkey_sign(const hal_session_handle_t session,
-                                     const hal_rpc_pkey_handle_t pkey,
-                                     const hal_rpc_hash_handle_t hash,
+                                     const hal_pkey_handle_t pkey,
+                                     const hal_hash_handle_t hash,
                                      const uint8_t * const input,  const size_t input_len,
                                      uint8_t * signature, size_t *signature_len, const size_t signature_max);
 
 extern hal_error_t hal_rpc_pkey_verify(const hal_session_handle_t session,
-                                       const hal_rpc_pkey_handle_t pkey,
-                                       const hal_rpc_hash_handle_t hash,
+                                       const hal_pkey_handle_t pkey,
+                                       const hal_hash_handle_t hash,
                                        const uint8_t * const input, const size_t input_len,
                                        const uint8_t * const signature, const size_t signature_len);
 
@@ -692,9 +694,9 @@ typedef struct {
   char name[HAL_RPC_PKEY_NAME_MAX];
   size_t name_len;
   /* ... */
-} hal_rpc_pkey_key_info_t;
+} hal_pkey_info_t;
 
-extern hal_error_t hal_rpc_pkey_list(hal_rpc_pkey_key_info_t *result,
+extern hal_error_t hal_rpc_pkey_list(hal_pkey_info_t *result,
                                      unsigned *result_len,
                                      const unsigned result_max);
 
diff --git a/hal_internal.h b/hal_internal.h
index 176e1c8..1c6489f 100644
--- a/hal_internal.h
+++ b/hal_internal.h
@@ -85,7 +85,8 @@
 
 typedef struct {
 
-  hal_error_t (*set_pin)(const hal_user_t user,
+  hal_error_t (*set_pin)(const hal_client_handle_t client,
+                         const hal_user_t user,
                          const char * const newpin, const size_t newpin_len);
 
   hal_error_t (*login)(const hal_client_handle_t client,
@@ -106,18 +107,18 @@ typedef struct {
   hal_error_t (*get_digest_algorithm_id)(const hal_digest_algorithm_t alg,
                                          uint8_t *id, size_t *len, const size_t len_max);
 
-  hal_error_t (*get_algorithm)(const hal_rpc_hash_handle_t hash, hal_digest_algorithm_t *alg);
+  hal_error_t (*get_algorithm)(const hal_hash_handle_t hash, hal_digest_algorithm_t *alg);
 
   hal_error_t (*initialize)(const hal_client_handle_t client,
                             const hal_session_handle_t session,
-                            hal_rpc_hash_handle_t *hash,
+                            hal_hash_handle_t *hash,
                             const hal_digest_algorithm_t alg,
                             const uint8_t * const key, const size_t key_length);
 
-  hal_error_t (*update)(const hal_rpc_hash_handle_t hash,
+  hal_error_t (*update)(const hal_hash_handle_t hash,
                         const uint8_t * data, const size_t length);
 
-  hal_error_t (*finalize)(const hal_rpc_hash_handle_t hash,
+  hal_error_t (*finalize)(const hal_hash_handle_t hash,
                           uint8_t *digest, const size_t length);
 } hal_rpc_hash_dispatch_t;
 
@@ -126,7 +127,7 @@ typedef struct {
 
   hal_error_t  (*load)(const hal_client_handle_t client,
                        const hal_session_handle_t session,
-                       hal_rpc_pkey_handle_t *pkey,
+                       hal_pkey_handle_t *pkey,
                        const hal_key_type_t type,
                        const hal_curve_name_t curve,
                        const uint8_t * const name, const size_t name_len,
@@ -135,13 +136,13 @@ typedef struct {
 
   hal_error_t  (*find)(const hal_client_handle_t client,
                        const hal_session_handle_t session,
-                       hal_rpc_pkey_handle_t *pkey,
+                       hal_pkey_handle_t *pkey,
                        const hal_key_type_t type,
                        const uint8_t * const name, const size_t name_len);
 
   hal_error_t  (*generate_rsa)(const hal_client_handle_t client,
                                const hal_session_handle_t session,
-                               hal_rpc_pkey_handle_t *pkey,
+                               hal_pkey_handle_t *pkey,
                                const uint8_t * const name, const size_t name_len,
                                const unsigned key_length,
                                const uint8_t * const public_exponent, const size_t public_exponent_len,
@@ -149,39 +150,39 @@ typedef struct {
 
   hal_error_t  (*generate_ec)(const hal_client_handle_t client,
                               const hal_session_handle_t session,
-                              hal_rpc_pkey_handle_t *pkey,
+                              hal_pkey_handle_t *pkey,
                               const uint8_t * const name, const size_t name_len,
                               const hal_curve_name_t curve,
                               const hal_key_flags_t flags);
 
-  hal_error_t  (*close)(const hal_rpc_pkey_handle_t pkey);
+  hal_error_t  (*close)(const hal_pkey_handle_t pkey);
 
-  hal_error_t  (*delete)(const hal_rpc_pkey_handle_t pkey);
+  hal_error_t  (*delete)(const hal_pkey_handle_t pkey);
 
-  hal_error_t  (*get_key_type)(const hal_rpc_pkey_handle_t pkey,
+  hal_error_t  (*get_key_type)(const hal_pkey_handle_t pkey,
                                hal_key_type_t *key_type);
 
-  hal_error_t  (*get_key_flags)(const hal_rpc_pkey_handle_t pkey,
+  hal_error_t  (*get_key_flags)(const hal_pkey_handle_t pkey,
                                 hal_key_flags_t *flags);
 
-  size_t (*get_public_key_len)(const hal_rpc_pkey_handle_t pkey);
+  size_t (*get_public_key_len)(const hal_pkey_handle_t pkey);
 
-  hal_error_t  (*get_public_key)(const hal_rpc_pkey_handle_t pkey,
+  hal_error_t  (*get_public_key)(const hal_pkey_handle_t pkey,
                                  uint8_t *der, size_t *der_len, const size_t der_max);
 
   hal_error_t  (*sign)(const hal_session_handle_t session,
-                       const hal_rpc_pkey_handle_t pkey,
-                       const hal_rpc_hash_handle_t hash,
+                       const hal_pkey_handle_t pkey,
+                       const hal_hash_handle_t hash,
                        const uint8_t * const input,  const size_t input_len,
                        uint8_t * signature, size_t *signature_len, const size_t signature_max);
 
   hal_error_t  (*verify)(const hal_session_handle_t session,
-                         const hal_rpc_pkey_handle_t pkey,
-                         const hal_rpc_hash_handle_t hash,
+                         const hal_pkey_handle_t pkey,
+                         const hal_hash_handle_t hash,
                          const uint8_t * const input, const size_t input_len,
                          const uint8_t * const signature, const size_t signature_len);
 
-  hal_error_t  (*list)(hal_rpc_pkey_key_info_t *result,
+  hal_error_t  (*list)(hal_pkey_info_t *result,
                        unsigned *result_len,
                        const unsigned result_max);
 
@@ -310,7 +311,7 @@ extern hal_error_t hal_ks_delete(const hal_key_type_t type,
                                  const uint8_t * const name, const size_t name_len,
                                  int *hint);
 
-extern hal_error_t hal_ks_list(hal_rpc_pkey_key_info_t *result,
+extern hal_error_t hal_ks_list(hal_pkey_info_t *result,
                                unsigned *result_len,
                                const unsigned result_max);
 
diff --git a/ks.c b/ks.c
index 7466b75..a856bbf 100644
--- a/ks.c
+++ b/ks.c
@@ -240,7 +240,7 @@ hal_error_t hal_ks_delete(const hal_key_type_t type,
   return hal_ks_del_keydb(*hint);
 }
 
-hal_error_t hal_ks_list(hal_rpc_pkey_key_info_t *result,
+hal_error_t hal_ks_list(hal_pkey_info_t *result,
                         unsigned *result_len,
                         const unsigned result_max)
 {
diff --git a/rpc_api.c b/rpc_api.c
index 3f4a6ac..08ba4cd 100644
--- a/rpc_api.c
+++ b/rpc_api.c
@@ -62,7 +62,7 @@ static const hal_rpc_pkey_dispatch_t * const pkey_dispatch = &hal_rpc_local_pkey
 
 #endif
 
-const hal_rpc_hash_handle_t hal_rpc_hash_handle_none = {0};
+const hal_hash_handle_t hal_hash_handle_none = {0};
 
 static inline int check_pkey_type(const hal_key_type_t type)
 {
@@ -125,12 +125,13 @@ hal_error_t hal_rpc_get_random(void *buffer, const size_t length)
 
 #warning Perhaps we should be enforcing a minimum PIN length here
 
-hal_error_t hal_rpc_set_pin(const hal_user_t user,
+hal_error_t hal_rpc_set_pin(const hal_client_handle_t client,
+                            const hal_user_t user,
 			    const char * const newpin, const size_t newpin_len)
 {
   if (newpin == NULL || newpin_len == 0 || (user != HAL_USER_NORMAL && user != HAL_USER_SO && user != HAL_USER_WHEEL))
     return HAL_ERROR_BAD_ARGUMENTS;
-  return misc_dispatch->set_pin(user, newpin, newpin_len);
+  return misc_dispatch->set_pin(client, user, newpin, newpin_len);
 }
 
 hal_error_t hal_rpc_login(const hal_client_handle_t client,
@@ -160,16 +161,16 @@ hal_error_t hal_rpc_hash_get_digest_algorithm_id(const hal_digest_algorithm_t al
   return hash_dispatch->get_digest_algorithm_id(alg, id, len, len_max);
 }
 
-hal_error_t hal_rpc_hash_get_algorithm(const hal_rpc_hash_handle_t hash, hal_digest_algorithm_t *alg)
+hal_error_t hal_rpc_hash_get_algorithm(const hal_hash_handle_t hash, hal_digest_algorithm_t *alg)
 {
-  if (hash.handle == hal_rpc_hash_handle_none.handle || alg == NULL)
+  if (hash.handle == hal_hash_handle_none.handle || alg == NULL)
     return HAL_ERROR_BAD_ARGUMENTS;
   return hash_dispatch->get_algorithm(hash, alg);
 }
 
 hal_error_t hal_rpc_hash_initialize(const hal_client_handle_t client,
 				    const hal_session_handle_t session,
-				    hal_rpc_hash_handle_t *hash,
+				    hal_hash_handle_t *hash,
 				    const hal_digest_algorithm_t alg,
 				    const uint8_t * const key, const size_t key_len)
 {
@@ -178,27 +179,27 @@ hal_error_t hal_rpc_hash_initialize(const hal_client_handle_t client,
   return hash_dispatch->initialize(client, session, hash, alg, key, key_len);
 }
 
-hal_error_t hal_rpc_hash_update(const hal_rpc_hash_handle_t hash,
+hal_error_t hal_rpc_hash_update(const hal_hash_handle_t hash,
 				const uint8_t * data, const size_t length)
 {
-  if (hash.handle == hal_rpc_hash_handle_none.handle || data == NULL)
+  if (hash.handle == hal_hash_handle_none.handle || data == NULL)
     return HAL_ERROR_BAD_ARGUMENTS;
   if (length == 0)
     return HAL_OK;
   return hash_dispatch->update(hash, data, length);
 }
 
-hal_error_t hal_rpc_hash_finalize(const hal_rpc_hash_handle_t hash,
+hal_error_t hal_rpc_hash_finalize(const hal_hash_handle_t hash,
 				  uint8_t *digest, const size_t length)
 {
-  if (hash.handle == hal_rpc_hash_handle_none.handle || digest == NULL || length == 0)
+  if (hash.handle == hal_hash_handle_none.handle || digest == NULL || length == 0)
     return HAL_ERROR_BAD_ARGUMENTS;
   return hash_dispatch->finalize(hash, digest, length);
 }
 
 hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client,
 			      const hal_session_handle_t session,
-			      hal_rpc_pkey_handle_t *pkey,
+			      hal_pkey_handle_t *pkey,
 			      const hal_key_type_t type,
 			      const hal_curve_name_t curve,
 			      const uint8_t * const name, const size_t name_len,
@@ -215,7 +216,7 @@ hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client,
 
 hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client,
 			      const hal_session_handle_t session,
-			      hal_rpc_pkey_handle_t *pkey,
+			      hal_pkey_handle_t *pkey,
 			      const hal_key_type_t type,
 			      const uint8_t * const name, const size_t name_len)
 {
@@ -226,7 +227,7 @@ hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client,
 
 hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client,
 				      const hal_session_handle_t session,
-				      hal_rpc_pkey_handle_t *pkey,
+				      hal_pkey_handle_t *pkey,
 				      const uint8_t * const name, const size_t name_len,
 				      const unsigned key_len,
 				      const uint8_t * const exp, const size_t exp_len,
@@ -240,7 +241,7 @@ hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client,
 
 hal_error_t hal_rpc_pkey_generate_ec(const hal_client_handle_t client,
 				     const hal_session_handle_t session,
-				     hal_rpc_pkey_handle_t *pkey,
+				     hal_pkey_handle_t *pkey,
 				     const uint8_t * const name, const size_t name_len,
 				     const hal_curve_name_t curve,
 				     const hal_key_flags_t flags)
@@ -251,17 +252,17 @@ hal_error_t hal_rpc_pkey_generate_ec(const hal_client_handle_t client,
   return pkey_dispatch->generate_ec(client, session, pkey, name, name_len, curve, flags);
 }
 
-hal_error_t hal_rpc_pkey_close(const hal_rpc_pkey_handle_t pkey)
+hal_error_t hal_rpc_pkey_close(const hal_pkey_handle_t pkey)
 {
   return pkey_dispatch->close(pkey);
 }
 
-hal_error_t hal_rpc_pkey_delete(const hal_rpc_pkey_handle_t pkey)
+hal_error_t hal_rpc_pkey_delete(const hal_pkey_handle_t pkey)
 {
   return pkey_dispatch->delete(pkey);
 }
 
-hal_error_t hal_rpc_pkey_get_key_type(const hal_rpc_pkey_handle_t pkey,
+hal_error_t hal_rpc_pkey_get_key_type(const hal_pkey_handle_t pkey,
 				      hal_key_type_t *type)
 {
   if (type == NULL)
@@ -269,7 +270,7 @@ hal_error_t hal_rpc_pkey_get_key_type(const hal_rpc_pkey_handle_t pkey,
   return pkey_dispatch->get_key_type(pkey, type);
 }
 
-hal_error_t hal_rpc_pkey_get_key_flags(const hal_rpc_pkey_handle_t pkey,
+hal_error_t hal_rpc_pkey_get_key_flags(const hal_pkey_handle_t pkey,
 				       hal_key_flags_t *flags)
 {
   if (flags == NULL)
@@ -277,12 +278,12 @@ hal_error_t hal_rpc_pkey_get_key_flags(const hal_rpc_pkey_handle_t pkey,
   return pkey_dispatch->get_key_flags(pkey, flags);
 }
 
-size_t hal_rpc_pkey_get_public_key_len(const hal_rpc_pkey_handle_t pkey)
+size_t hal_rpc_pkey_get_public_key_len(const hal_pkey_handle_t pkey)
 {
   return pkey_dispatch->get_public_key_len(pkey);
 }
 
-hal_error_t hal_rpc_pkey_get_public_key(const hal_rpc_pkey_handle_t pkey,
+hal_error_t hal_rpc_pkey_get_public_key(const hal_pkey_handle_t pkey,
 					uint8_t *der, size_t *der_len, const size_t der_max)
 {
   if (der == NULL || der_len == NULL || der_max == 0)
@@ -291,30 +292,30 @@ hal_error_t hal_rpc_pkey_get_public_key(const hal_rpc_pkey_handle_t pkey,
 }
 
 hal_error_t hal_rpc_pkey_sign(const hal_session_handle_t session,
-			      const hal_rpc_pkey_handle_t pkey,
-			      const hal_rpc_hash_handle_t hash,
+			      const hal_pkey_handle_t pkey,
+			      const hal_hash_handle_t hash,
 			      const uint8_t * const input,  const size_t input_len,
 			      uint8_t * signature, size_t *signature_len, const size_t signature_max)
 {
   if (signature == NULL || signature_len == NULL || signature_max == 0 ||
-      (hash.handle == hal_rpc_hash_handle_none.handle) == (input == NULL || input_len == 0))
+      (hash.handle == hal_hash_handle_none.handle) == (input == NULL || input_len == 0))
     return HAL_ERROR_BAD_ARGUMENTS;
   return pkey_dispatch->sign(session, pkey, hash, input,  input_len, signature, signature_len, signature_max);
 }
 
 hal_error_t hal_rpc_pkey_verify(const hal_session_handle_t session,
-				const hal_rpc_pkey_handle_t pkey,
-				const hal_rpc_hash_handle_t hash,
+				const hal_pkey_handle_t pkey,
+				const hal_hash_handle_t hash,
 				const uint8_t * const input, const size_t input_len,
 				const uint8_t * const signature, const size_t signature_len)
 {
   if (signature == NULL || signature_len == 0 ||
-      (hash.handle == hal_rpc_hash_handle_none.handle) == (input == NULL || input_len == 0))
+      (hash.handle == hal_hash_handle_none.handle) == (input == NULL || input_len == 0))
     return HAL_ERROR_BAD_ARGUMENTS;
   return pkey_dispatch->verify(session, pkey, hash, input, input_len, signature, signature_len);
 }
 
-hal_error_t hal_rpc_pkey_list(hal_rpc_pkey_key_info_t *result,
+hal_error_t hal_rpc_pkey_list(hal_pkey_info_t *result,
 			      unsigned *result_len,
 			      const unsigned result_max)
 {
diff --git a/rpc_client.c b/rpc_client.c
index baac5ba..1fcc914 100644
--- a/rpc_client.c
+++ b/rpc_client.c
@@ -47,7 +47,8 @@ static hal_error_t get_random(void *buffer, const size_t length)
   return HAL_ERROR_IMPOSSIBLE;
 }
 
-static hal_error_t set_pin(const hal_user_t user,
+static hal_error_t set_pin(const hal_client_handle_t client,
+                           const hal_user_t user,
                            const char * const newpin, const size_t newpin_len)
 {
   return HAL_ERROR_IMPOSSIBLE;
@@ -76,27 +77,27 @@ static hal_error_t hash_get_digest_algorithm_id(const hal_digest_algorithm_t alg
   return HAL_ERROR_IMPOSSIBLE;
 }
 
-static hal_error_t hash_get_algorithm(const hal_rpc_hash_handle_t hash, hal_digest_algorithm_t *alg)
+static hal_error_t hash_get_algorithm(const hal_hash_handle_t hash, hal_digest_algorithm_t *alg)
 {
   return HAL_ERROR_IMPOSSIBLE;
 }
 
 static hal_error_t hash_initialize(const hal_client_handle_t client,
                                    const hal_session_handle_t session,
-                                   hal_rpc_hash_handle_t *hash,
+                                   hal_hash_handle_t *hash,
                                    const hal_digest_algorithm_t alg,
                                    const uint8_t * const key, const size_t key_len)
 {
   return HAL_ERROR_IMPOSSIBLE;
 }
 
-static hal_error_t hash_update(const hal_rpc_hash_handle_t hash,
+static hal_error_t hash_update(const hal_hash_handle_t hash,
                                const uint8_t * data, const size_t length)
 {
   return HAL_ERROR_IMPOSSIBLE;
 }
 
-static hal_error_t hash_finalize(const hal_rpc_hash_handle_t hash,
+static hal_error_t hash_finalize(const hal_hash_handle_t hash,
                                  uint8_t *digest, const size_t length)
 {
   return HAL_ERROR_IMPOSSIBLE;
@@ -104,7 +105,7 @@ static hal_error_t hash_finalize(const hal_rpc_hash_handle_t hash,
 
 static hal_error_t pkey_load(const hal_client_handle_t client,
                              const hal_session_handle_t session,
-                             hal_rpc_pkey_handle_t *pkey,
+                             hal_pkey_handle_t *pkey,
                              const hal_key_type_t type,
                              const hal_curve_name_t curve,
                              const uint8_t * const name, const size_t name_len,
@@ -116,7 +117,7 @@ static hal_error_t pkey_load(const hal_client_handle_t client,
 
 static hal_error_t pkey_find(const hal_client_handle_t client,
                              const hal_session_handle_t session,
-                             hal_rpc_pkey_handle_t *pkey,
+                             hal_pkey_handle_t *pkey,
                              const hal_key_type_t type,
                              const uint8_t * const name, const size_t name_len)
 {
@@ -125,7 +126,7 @@ static hal_error_t pkey_find(const hal_client_handle_t client,
 
 static hal_error_t pkey_generate_rsa(const hal_client_handle_t client,
                                      const hal_session_handle_t session,
-                                     hal_rpc_pkey_handle_t *pkey,
+                                     hal_pkey_handle_t *pkey,
                                      const uint8_t * const name, const size_t name_len,
                                      const unsigned key_len,
                                      const uint8_t * const exp, const size_t exp_len,
@@ -136,7 +137,7 @@ static hal_error_t pkey_generate_rsa(const hal_client_handle_t client,
 
 static hal_error_t pkey_generate_ec(const hal_client_handle_t client,
                                     const hal_session_handle_t session,
-                                    hal_rpc_pkey_handle_t *pkey,
+                                    hal_pkey_handle_t *pkey,
                                     const uint8_t * const name, const size_t name_len,
                                     const hal_curve_name_t curve,
                                     const hal_key_flags_t flags)
@@ -144,42 +145,42 @@ static hal_error_t pkey_generate_ec(const hal_client_handle_t client,
   return HAL_ERROR_IMPOSSIBLE;
 }
 
-static hal_error_t pkey_close(const hal_rpc_pkey_handle_t pkey)
+static hal_error_t pkey_close(const hal_pkey_handle_t pkey)
 {
   return HAL_ERROR_IMPOSSIBLE;
 }
 
-static hal_error_t pkey_delete(const hal_rpc_pkey_handle_t pkey)
+static hal_error_t pkey_delete(const hal_pkey_handle_t pkey)
 {
   return HAL_ERROR_IMPOSSIBLE;
 }
 
-static hal_error_t pkey_get_key_type(const hal_rpc_pkey_handle_t pkey,
+static hal_error_t pkey_get_key_type(const hal_pkey_handle_t pkey,
                                      hal_key_type_t *type)
 {
   return HAL_ERROR_IMPOSSIBLE;
 }
 
-static hal_error_t pkey_get_key_flags(const hal_rpc_pkey_handle_t pkey,
+static hal_error_t pkey_get_key_flags(const hal_pkey_handle_t pkey,
                                       hal_key_flags_t *flags)
 {
   return HAL_ERROR_IMPOSSIBLE;
 }
 
-static size_t pkey_get_public_key_len(const hal_rpc_pkey_handle_t pkey)
+static size_t pkey_get_public_key_len(const hal_pkey_handle_t pkey)
 {
   return 0;
 }
 
-static hal_error_t pkey_get_public_key(const hal_rpc_pkey_handle_t pkey,
+static hal_error_t pkey_get_public_key(const hal_pkey_handle_t pkey,
                                        uint8_t *der, size_t *der_len, const size_t der_max)
 {
   return HAL_ERROR_IMPOSSIBLE;
 }
 
 static hal_error_t pkey_remote_sign(const hal_session_handle_t session,
-                                    const hal_rpc_pkey_handle_t pkey,
-                                    const hal_rpc_hash_handle_t hash,
+                                    const hal_pkey_handle_t pkey,
+                                    const hal_hash_handle_t hash,
                                     const uint8_t * const input,  const size_t input_len,
                                     uint8_t * signature, size_t *signature_len, const size_t signature_max)
 {
@@ -187,15 +188,15 @@ static hal_error_t pkey_remote_sign(const hal_session_handle_t session,
 }
 
 static hal_error_t pkey_remote_verify(const hal_session_handle_t session,
-                                      const hal_rpc_pkey_handle_t pkey,
-                                      const hal_rpc_hash_handle_t hash,
+                                      const hal_pkey_handle_t pkey,
+                                      const hal_hash_handle_t hash,
                                       const uint8_t * const input, const size_t input_len,
                                       const uint8_t * const signature, const size_t signature_len)
 {
   return HAL_ERROR_IMPOSSIBLE;
 }
 
-static hal_error_t pkey_list(hal_rpc_pkey_key_info_t *result,
+static hal_error_t pkey_list(hal_pkey_info_t *result,
                              unsigned *result_len,
                              const unsigned result_max)
 {
@@ -211,8 +212,8 @@ static hal_error_t pkey_list(hal_rpc_pkey_key_info_t *result,
  */
 
 static hal_error_t pkey_mixed_sign(const hal_session_handle_t session,
-                                   const hal_rpc_pkey_handle_t pkey,
-                                   const hal_rpc_hash_handle_t hash,
+                                   const hal_pkey_handle_t pkey,
+                                   const hal_hash_handle_t hash,
                                    const uint8_t * const input,  const size_t input_len,
                                    uint8_t * signature, size_t *signature_len, const size_t signature_max)
 {
@@ -233,13 +234,13 @@ static hal_error_t pkey_mixed_sign(const hal_session_handle_t session,
   if ((err = hal_rpc_hash_finalize(hash, digest, digest_len)) != HAL_OK)
     return err;
 
-  return pkey_remote_sign(session, pkey, hal_rpc_hash_handle_none, digest, digest_len,
+  return pkey_remote_sign(session, pkey, hal_hash_handle_none, digest, digest_len,
                           signature, signature_len, signature_max);
 }
 
 static hal_error_t pkey_mixed_verify(const hal_session_handle_t session,
-                                     const hal_rpc_pkey_handle_t pkey,
-                                     const hal_rpc_hash_handle_t hash,
+                                     const hal_pkey_handle_t pkey,
+                                     const hal_hash_handle_t hash,
                                      const uint8_t * const input, const size_t input_len,
                                      const uint8_t * const signature, const size_t signature_len)
 {
@@ -260,7 +261,7 @@ static hal_error_t pkey_mixed_verify(const hal_session_handle_t session,
   if ((err = hal_rpc_hash_finalize(hash, digest, digest_len)) != HAL_OK)
     return err;
 
-  return pkey_remote_verify(session, pkey, hal_rpc_hash_handle_none, digest, digest_len,
+  return pkey_remote_verify(session, pkey, hal_hash_handle_none, digest, digest_len,
                             signature, signature_len);
 }
 
diff --git a/rpc_hash.c b/rpc_hash.c
index 407e581..c6eab3a 100644
--- a/rpc_hash.c
+++ b/rpc_hash.c
@@ -49,7 +49,7 @@
 typedef struct {
   hal_client_handle_t client_handle;
   hal_session_handle_t session_handle;
-  hal_rpc_hash_handle_t hash_handle;
+  hal_hash_handle_t hash_handle;
   union {
     hal_hash_state_t *hash;
     hal_hmac_state_t *hmac;
@@ -121,7 +121,7 @@ static inline handle_slot_t *alloc_handle(const int is_hmac)
  * the right glop.  Returns slot pointer on success, NULL otherwise.
  */
 
-static inline handle_slot_t *find_handle(const hal_rpc_hash_handle_t handle)
+static inline handle_slot_t *find_handle(const hal_hash_handle_t handle)
 {
 #if HAL_STATIC_HASH_STATE_BLOCKS > 0 || HAL_STATIC_HMAC_STATE_BLOCKS > 0
   const int i = (int) (handle.handle & 0xFFFF);
@@ -211,7 +211,7 @@ static hal_error_t get_digest_algorithm_id(const hal_digest_algorithm_t alg,
   return HAL_OK;
 }
 
-static hal_error_t get_algorithm(const hal_rpc_hash_handle_t handle, hal_digest_algorithm_t *alg)
+static hal_error_t get_algorithm(const hal_hash_handle_t handle, hal_digest_algorithm_t *alg)
 {
   handle_slot_t *slot = find_handle(handle);
   const hal_hash_descriptor_t *descriptor = slot_to_descriptor(slot);
@@ -228,7 +228,7 @@ static hal_error_t get_algorithm(const hal_rpc_hash_handle_t handle, hal_digest_
 
 static hal_error_t initialize(const hal_client_handle_t client,
                               const hal_session_handle_t session,
-                              hal_rpc_hash_handle_t *hash,
+                              hal_hash_handle_t *hash,
                               const hal_digest_algorithm_t alg,
                               const uint8_t * const key, const size_t key_len)
 {
@@ -253,7 +253,7 @@ static hal_error_t initialize(const hal_client_handle_t client,
     return hal_hmac_initialize(NULL, descriptor, &slot->state.hmac, NULL, 0, key, key_len);
 }
 
-static hal_error_t update(const hal_rpc_hash_handle_t handle,
+static hal_error_t update(const hal_hash_handle_t handle,
                           const uint8_t * data, const size_t length)
 {
   handle_slot_t *slot = find_handle(handle);
@@ -267,7 +267,7 @@ static hal_error_t update(const hal_rpc_hash_handle_t handle,
     return hal_hmac_update(slot->state.hmac, data, length);
 }
 
-static hal_error_t finalize(const hal_rpc_hash_handle_t handle,
+static hal_error_t finalize(const hal_hash_handle_t handle,
                             uint8_t *digest, const size_t length)
 {
   handle_slot_t *slot = find_handle(handle);
diff --git a/rpc_misc.c b/rpc_misc.c
index 2f1c9ad..695e0df 100644
--- a/rpc_misc.c
+++ b/rpc_misc.c
@@ -72,6 +72,11 @@ static hal_error_t get_random(void *buffer, const size_t length)
 
 #warning PIN code not yet fully implemented
 
+typedef struct {
+  hal_client_handle_t handle;
+  hal_user_t logged_in;
+} client_slot_t;
+
 #ifndef HAL_PIN_MINIMUM_ITERATIONS
 #define HAL_PIN_MINIMUM_ITERATIONS 10000
 #endif
@@ -80,13 +85,50 @@ static hal_error_t get_random(void *buffer, const size_t length)
 #define HAL_PIN_DEFAULT_ITERATIONS 20000
 #endif
 
-static hal_error_t set_pin(const hal_user_t user,
+#ifndef HAL_STATIC_CLIENT_STATE_BLOCKS
+#define HAL_STATIC_CLIENT_STATE_BLOCKS	10
+#endif
+
+#if HAL_STATIC_CLIENT_STATE_BLOCKS > 0
+static client_slot_t client_handle[HAL_STATIC_CLIENT_STATE_BLOCKS];
+#endif
+
+/*
+ * Client handles are supplied by the application, we don't get to
+ * pick them, we just store them and associate a login state with
+ * them.  HAL_USER_NONE indicates an empty slot in the table.
+ */
+
+static inline client_slot_t *alloc_slot(void)
+{
+#if HAL_STATIC_CLIENT_STATE_BLOCKS > 0
+  for (int i = 0; i < sizeof(client_handle)/sizeof(*client_handle); i++)
+    if (client_handle[i].logged_in == HAL_USER_NONE)
+      return &client_handle[i];
+#endif
+
+  return NULL;
+}
+
+static inline client_slot_t *find_handle(const hal_client_handle_t handle)
+{
+#if HAL_STATIC_CLIENT_STATE_BLOCKS > 0
+  for (int i = 0; i < sizeof(client_handle)/sizeof(*client_handle); i++)
+    if (client_handle[i].logged_in != HAL_USER_NONE && client_handle[i].handle.handle == handle.handle)
+      return &client_handle[i];
+#endif
+
+  return NULL;
+}
+
+static hal_error_t set_pin(const hal_client_handle_t client,
+                           const hal_user_t user,
                            const char * const newpin, const size_t newpin_len)
 {
   assert(newpin != NULL && newpin_len != 0);
 
 #warning Need access control to decide who is allowed to set this PIN
-#warning Need length checks on supplied PIN
+#warning Need length checks (here or in caller) on supplied PIN
 
   const hal_ks_pin_t *pp;
   hal_error_t err;
@@ -136,15 +178,25 @@ static hal_error_t login(const hal_client_handle_t client,
   if (diff != 0)
     return HAL_ERROR_PIN_INCORRECT;
 
-#warning Do something with client table here
+  client_slot_t *slot = find_handle(client);
+
+  if (slot != NULL && (slot = alloc_slot()) == NULL)
+    return HAL_ERROR_NO_CLIENT_SLOTS_AVAILABLE;
+
+  slot->handle = client;
+  slot->logged_in = user;
 
   return HAL_OK;
 }
 
 static hal_error_t logout(const hal_client_handle_t client)
 {
-#warning And do something else with client table here
-  return HAL_ERROR_IMPOSSIBLE;
+  client_slot_t *slot = find_handle(client);
+
+  if (slot != NULL)
+    slot->logged_in = HAL_USER_NONE;
+
+  return HAL_OK;
 }
 
 const hal_rpc_misc_dispatch_t hal_rpc_remote_misc_dispatch = {
diff --git a/rpc_pkey.c b/rpc_pkey.c
index fdbc7cc..e7331ab 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -42,7 +42,7 @@
 typedef struct {
   hal_client_handle_t client_handle;
   hal_session_handle_t session_handle;
-  hal_rpc_pkey_handle_t pkey_handle;
+  hal_pkey_handle_t pkey_handle;
   hal_key_type_t type;
   hal_curve_name_t curve;
   hal_key_flags_t flags;
@@ -102,7 +102,7 @@ static inline pkey_slot_t *alloc_slot(void)
  * the right glop.  Returns slot pointer on success, NULL otherwise.
  */
 
-static inline pkey_slot_t *find_handle(const hal_rpc_pkey_handle_t handle)
+static inline pkey_slot_t *find_handle(const hal_pkey_handle_t handle)
 {
 #if HAL_STATIC_PKEY_STATE_BLOCKS > 0
   const int i = (int) (handle.handle & 0xFFFF);
@@ -119,7 +119,7 @@ static inline pkey_slot_t *find_handle(const hal_rpc_pkey_handle_t handle)
  * basic) ASN.1 encoding, which we perform inline.
  */
 
-static hal_error_t pkcs1_construct_digestinfo(const hal_rpc_hash_handle_t handle,
+static hal_error_t pkcs1_construct_digestinfo(const hal_hash_handle_t handle,
                                               uint8_t *digest_info, size_t *digest_info_len, const size_t digest_info_max)
 {
   assert(digest_info != NULL && digest_info_len != NULL);
@@ -205,7 +205,7 @@ static hal_error_t pkcs1_5_pad(const uint8_t * const data, const size_t data_len
 
 static hal_error_t load(const hal_client_handle_t client,
                         const hal_session_handle_t session,
-                        hal_rpc_pkey_handle_t *pkey,
+                        hal_pkey_handle_t *pkey,
                         const hal_key_type_t type,
                         const hal_curve_name_t curve,
                         const uint8_t * const name, const size_t name_len,
@@ -241,7 +241,7 @@ static hal_error_t load(const hal_client_handle_t client,
 
 static hal_error_t find(const hal_client_handle_t client,
                         const hal_session_handle_t session,
-                        hal_rpc_pkey_handle_t *pkey,
+                        hal_pkey_handle_t *pkey,
                         const hal_key_type_t type,
                         const uint8_t * const name, const size_t name_len)
 {
@@ -272,7 +272,7 @@ static hal_error_t find(const hal_client_handle_t client,
 
 static hal_error_t generate_rsa(const hal_client_handle_t client,
                                 const hal_session_handle_t session,
-                                hal_rpc_pkey_handle_t *pkey,
+                                hal_pkey_handle_t *pkey,
                                 const uint8_t * const name, const size_t name_len,
                                 const unsigned key_length,
                                 const uint8_t * const public_exponent, const size_t public_exponent_len,
@@ -325,7 +325,7 @@ static hal_error_t generate_rsa(const hal_client_handle_t client,
 
 static hal_error_t generate_ec(const hal_client_handle_t client,
                                const hal_session_handle_t session,
-                               hal_rpc_pkey_handle_t *pkey,
+                               hal_pkey_handle_t *pkey,
                                const uint8_t * const name, const size_t name_len,
                                const hal_curve_name_t curve,
                                const hal_key_flags_t flags)
@@ -373,7 +373,7 @@ static hal_error_t generate_ec(const hal_client_handle_t client,
  * Discard key handle, leaving key intact.
  */
 
-static hal_error_t close(const hal_rpc_pkey_handle_t pkey)
+static hal_error_t close(const hal_pkey_handle_t pkey)
 {
   pkey_slot_t *slot;
 
@@ -389,7 +389,7 @@ static hal_error_t close(const hal_rpc_pkey_handle_t pkey)
  * Delete a key from the store, given its key handle.
  */
 
-static hal_error_t delete(const hal_rpc_pkey_handle_t pkey)
+static hal_error_t delete(const hal_pkey_handle_t pkey)
 {
   pkey_slot_t *slot = find_handle(pkey);
 
@@ -408,7 +408,7 @@ static hal_error_t delete(const hal_rpc_pkey_handle_t pkey)
  * Get type of key associated with handle.
  */
 
-static hal_error_t get_key_type(const hal_rpc_pkey_handle_t pkey,
+static hal_error_t get_key_type(const hal_pkey_handle_t pkey,
                                 hal_key_type_t *type)
 {
   if (type == NULL)
@@ -428,7 +428,7 @@ static hal_error_t get_key_type(const hal_rpc_pkey_handle_t pkey,
  * Get flags of key associated with handle.
  */
 
-static hal_error_t get_key_flags(const hal_rpc_pkey_handle_t pkey,
+static hal_error_t get_key_flags(const hal_pkey_handle_t pkey,
                                  hal_key_flags_t *flags)
 {
   if (flags == NULL)
@@ -448,7 +448,7 @@ static hal_error_t get_key_flags(const hal_rpc_pkey_handle_t pkey,
  * Get length of public key associated with handle.
  */
 
-static size_t get_public_key_len(const hal_rpc_pkey_handle_t pkey)
+static size_t get_public_key_len(const hal_pkey_handle_t pkey)
 {
   pkey_slot_t *slot = find_handle(pkey);
 
@@ -497,7 +497,7 @@ static size_t get_public_key_len(const hal_rpc_pkey_handle_t pkey)
  * Get public key associated with handle.
  */
 
-static hal_error_t get_public_key(const hal_rpc_pkey_handle_t pkey,
+static hal_error_t get_public_key(const hal_pkey_handle_t pkey,
                                   uint8_t *der, size_t *der_len, const size_t der_max)
 {
   pkey_slot_t *slot = find_handle(pkey);
@@ -557,7 +557,7 @@ static hal_error_t get_public_key(const hal_rpc_pkey_handle_t pkey,
 
 static hal_error_t sign_rsa(uint8_t *keybuf, const size_t keybuf_len,
                             const uint8_t * const der, const size_t der_len,
-                            const hal_rpc_hash_handle_t hash,
+                            const hal_hash_handle_t hash,
                             const uint8_t * input, size_t input_len,
                             uint8_t * signature, size_t *signature_len, const size_t signature_max)
 {
@@ -565,7 +565,7 @@ static hal_error_t sign_rsa(uint8_t *keybuf, const size_t keybuf_len,
   hal_error_t err;
 
   assert(signature != NULL && signature_len != NULL);
-  assert((hash.handle == hal_rpc_hash_handle_none.handle) != (input == NULL || input_len == 0));
+  assert((hash.handle == hal_hash_handle_none.handle) != (input == NULL || input_len == 0));
 
   if ((err = hal_rsa_private_key_from_der(&key, keybuf, keybuf_len, der, der_len)) != HAL_OK ||
       (err = hal_rsa_key_get_modulus(key, NULL, signature_len, 0))         != HAL_OK)
@@ -589,7 +589,7 @@ static hal_error_t sign_rsa(uint8_t *keybuf, const size_t keybuf_len,
 
 static hal_error_t sign_ecdsa(uint8_t *keybuf, const size_t keybuf_len,
                               const uint8_t * const der, const size_t der_len,
-                              const hal_rpc_hash_handle_t hash,
+                              const hal_hash_handle_t hash,
                               const uint8_t * input, size_t input_len,
                               uint8_t * signature, size_t *signature_len, const size_t signature_max)
 {
@@ -597,7 +597,7 @@ static hal_error_t sign_ecdsa(uint8_t *keybuf, const size_t keybuf_len,
   hal_error_t err;
 
   assert(signature != NULL && signature_len != NULL);
-  assert((hash.handle == hal_rpc_hash_handle_none.handle) != (input == NULL || input_len == 0));
+  assert((hash.handle == hal_hash_handle_none.handle) != (input == NULL || input_len == 0));
 
   if ((err = hal_ecdsa_private_key_from_der(&key, keybuf, keybuf_len, der, der_len)) != HAL_OK)
     return err;
@@ -625,8 +625,8 @@ static hal_error_t sign_ecdsa(uint8_t *keybuf, const size_t keybuf_len,
 }
 
 static hal_error_t sign(const hal_session_handle_t session,
-                        const hal_rpc_pkey_handle_t pkey,
-                        const hal_rpc_hash_handle_t hash,
+                        const hal_pkey_handle_t pkey,
+                        const hal_hash_handle_t hash,
                         const uint8_t * const input,  const size_t input_len,
                         uint8_t * signature, size_t *signature_len, const size_t signature_max)
 {
@@ -637,7 +637,7 @@ static hal_error_t sign(const hal_session_handle_t session,
 
   hal_error_t (*signer)(uint8_t *keybuf, const size_t keybuf_len,
                         const uint8_t * const der, const size_t der_len,
-                        const hal_rpc_hash_handle_t hash,
+                        const hal_hash_handle_t hash,
                         const uint8_t * const input,  const size_t input_len,
                         uint8_t * signature, size_t *signature_len, const size_t signature_max);
 
@@ -677,7 +677,7 @@ static hal_error_t sign(const hal_session_handle_t session,
 
 static hal_error_t verify_rsa(uint8_t *keybuf, const size_t keybuf_len,
                               const uint8_t * const der, const size_t der_len,
-                              const hal_rpc_hash_handle_t hash,
+                              const hal_hash_handle_t hash,
                               const uint8_t * input, size_t input_len,
                               const uint8_t * const signature, const size_t signature_len)
 {
@@ -686,7 +686,7 @@ static hal_error_t verify_rsa(uint8_t *keybuf, const size_t keybuf_len,
   hal_error_t err;
 
   assert(signature != NULL && signature_len > 0);
-  assert((hash.handle == hal_rpc_hash_handle_none.handle) != (input == NULL || input_len == 0));
+  assert((hash.handle == hal_hash_handle_none.handle) != (input == NULL || input_len == 0));
 
   if ((err = hal_rsa_private_key_from_der(&key, keybuf, keybuf_len, der, der_len)) != HAL_OK)
     return err;
@@ -713,7 +713,7 @@ static hal_error_t verify_rsa(uint8_t *keybuf, const size_t keybuf_len,
 
 static hal_error_t verify_ecdsa(uint8_t *keybuf, const size_t keybuf_len,
                                 const uint8_t * const der, const size_t der_len,
-                                const hal_rpc_hash_handle_t hash,
+                                const hal_hash_handle_t hash,
                                 const uint8_t * input, size_t input_len,
                                 const uint8_t * const signature, const size_t signature_len)
 {
@@ -722,7 +722,7 @@ static hal_error_t verify_ecdsa(uint8_t *keybuf, const size_t keybuf_len,
   hal_error_t err;
 
   assert(signature != NULL && signature_len > 0);
-  assert((hash.handle == hal_rpc_hash_handle_none.handle) != (input == NULL || input_len == 0));
+  assert((hash.handle == hal_hash_handle_none.handle) != (input == NULL || input_len == 0));
 
   if ((err = hal_ecdsa_private_key_from_der(&key, keybuf, keybuf_len, der, der_len)) != HAL_OK)
     return err;
@@ -745,8 +745,8 @@ static hal_error_t verify_ecdsa(uint8_t *keybuf, const size_t keybuf_len,
 }
 
 static hal_error_t verify(const hal_session_handle_t session,
-                          const hal_rpc_pkey_handle_t pkey,
-                          const hal_rpc_hash_handle_t hash,
+                          const hal_pkey_handle_t pkey,
+                          const hal_hash_handle_t hash,
                           const uint8_t * const input, const size_t input_len,
                           const uint8_t * const signature, const size_t signature_len)
 {
@@ -757,7 +757,7 @@ static hal_error_t verify(const hal_session_handle_t session,
 
   hal_error_t (*verifier)(uint8_t *keybuf, const size_t keybuf_len,
                           const uint8_t * const der, const size_t der_len,
-                          const hal_rpc_hash_handle_t hash,
+                          const hal_hash_handle_t hash,
                           const uint8_t * const input,  const size_t input_len,
                           const uint8_t * const signature, const size_t signature_len);
 
@@ -795,7 +795,7 @@ static hal_error_t verify(const hal_session_handle_t session,
  * List keys in the key store.
  */
 
-static hal_error_t list(hal_rpc_pkey_key_info_t *result,
+static hal_error_t list(hal_pkey_info_t *result,
                         unsigned *result_len,
                         const unsigned result_max)
 {



More information about the Commits mailing list