[Cryptech-Commits] [sw/pkcs11] 12/14: Add attribute database based on attributes.yaml. Simplify prototype definitions and move them to separate module.

git at cryptech.is git at cryptech.is
Mon Sep 14 21:44:03 UTC 2015


This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch ecdsa
in repository sw/pkcs11.

commit d4dd9a8becf0c8f28479f0e48cc7f6708f786ee4
Author: Rob Austein <sra at hactrn.net>
Date:   Sat Sep 12 00:40:01 2015 -0400

    Add attribute database based on attributes.yaml.
    Simplify prototype definitions and move them to separate module.
---
 py11/__init__.py   | 134 ++++++-----------------------------------------------
 py11/attributes.py | 105 +++++++++++++++++++++++++++++++++++++++++
 py11/prototypes.py |  85 +++++++++++++++++++++++++++++++++
 3 files changed, 203 insertions(+), 121 deletions(-)

diff --git a/py11/__init__.py b/py11/__init__.py
index 7acb7aa..b67ce8a 100644
--- a/py11/__init__.py
+++ b/py11/__init__.py
@@ -6,120 +6,23 @@ from ctypes      import *
 from .exceptions import *
 from .types      import *
 from .constants  import *
+from .attributes import *
+from .prototypes import *
 
-# Prototypes for the PKCS #11 public functions.
-#
-# We don't bother implementing C_GetFunctionList(), because it would
-# be extremely tedious and it's not all that useful to us in Python.
-# Instead, we emulate its behavior in the PKCS11 class.
-
-PKCS11_Prototypes = (
-  ("C_Initialize",           [CK_VOID_PTR]),
-  ("C_Finalize",             [CK_VOID_PTR]),
-  ("C_GetInfo",              [CK_INFO_PTR]),
-# ("C_GetFunctionList",      [CK_FUNCTION_LIST_PTR_PTR]),
-  ("C_GetSlotList",          [CK_BBOOL, CK_SLOT_ID_PTR, CK_ULONG_PTR]),
-  ("C_GetSlotInfo",          [CK_SLOT_ID, CK_SLOT_INFO_PTR]),
-  ("C_GetTokenInfo",         [CK_SLOT_ID, CK_TOKEN_INFO_PTR]),
-  ("C_GetMechanismList",     [CK_SLOT_ID, CK_MECHANISM_TYPE_PTR, CK_ULONG_PTR]),
-  ("C_GetMechanismInfo",     [CK_SLOT_ID, CK_MECHANISM_TYPE, CK_MECHANISM_INFO_PTR]),
-  ("C_InitToken",            [CK_SLOT_ID, CK_UTF8CHAR_PTR, CK_ULONG, CK_UTF8CHAR_PTR]),
-  ("C_InitPIN",              [CK_SESSION_HANDLE, CK_UTF8CHAR_PTR, CK_ULONG]),
-  ("C_SetPIN",               [CK_SESSION_HANDLE, CK_UTF8CHAR_PTR, CK_ULONG, CK_UTF8CHAR_PTR, CK_ULONG]),
-  ("C_OpenSession",          [CK_SLOT_ID, CK_FLAGS, CK_VOID_PTR, CK_NOTIFY, CK_SESSION_HANDLE_PTR]),
-  ("C_CloseSession",         [CK_SESSION_HANDLE]),
-  ("C_CloseAllSessions",     [CK_SLOT_ID]),
-  ("C_GetSessionInfo",       [CK_SESSION_HANDLE, CK_SESSION_INFO_PTR]),
-  ("C_GetOperationState",    [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_SetOperationState",    [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_OBJECT_HANDLE, CK_OBJECT_HANDLE]),
-  ("C_Login",                [CK_SESSION_HANDLE, CK_USER_TYPE, CK_UTF8CHAR_PTR, CK_ULONG]),
-  ("C_Logout",               [CK_SESSION_HANDLE]),
-  ("C_CreateObject",         [CK_SESSION_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR]),
-  ("C_CopyObject",           [CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR]),
-  ("C_DestroyObject",        [CK_SESSION_HANDLE, CK_OBJECT_HANDLE]),
-  ("C_GetObjectSize",        [CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ULONG_PTR]),
-  ("C_GetAttributeValue",    [CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG]),
-  ("C_SetAttributeValue",    [CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG]),
-  ("C_FindObjectsInit",      [CK_SESSION_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG]),
-  ("C_FindObjects",          [CK_SESSION_HANDLE, CK_OBJECT_HANDLE_PTR, CK_ULONG, CK_ULONG_PTR]),
-  ("C_FindObjectsFinal",     [CK_SESSION_HANDLE]),
-  ("C_EncryptInit",          [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE]),
-  ("C_Encrypt",              [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_EncryptUpdate",        [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_EncryptFinal",         [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_DecryptInit",          [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE]),
-  ("C_Decrypt",              [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_DecryptUpdate",        [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_DecryptFinal",         [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_DigestInit",           [CK_SESSION_HANDLE, CK_MECHANISM_PTR]),
-  ("C_Digest",               [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_DigestUpdate",         [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG]),
-  ("C_DigestKey",            [CK_SESSION_HANDLE, CK_OBJECT_HANDLE]),
-  ("C_DigestFinal",          [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_SignInit",             [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE]),
-  ("C_Sign",                 [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_SignUpdate",           [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG]),
-  ("C_SignFinal",            [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_SignRecoverInit",      [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE]),
-  ("C_SignRecover",          [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_VerifyInit",           [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE]),
-  ("C_Verify",               [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG]),
-  ("C_VerifyUpdate",         [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG]),
-  ("C_VerifyFinal",          [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG]),
-  ("C_VerifyRecoverInit",    [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE]),
-  ("C_VerifyRecover",        [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_DigestEncryptUpdate",  [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_DecryptDigestUpdate",  [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_SignEncryptUpdate",    [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_DecryptVerifyUpdate",  [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_GenerateKey",          [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR]),
-  ("C_GenerateKeyPair",      [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_ATTRIBUTE_PTR, CK_ULONG,
-                              CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR, CK_OBJECT_HANDLE_PTR]),
-  ("C_WrapKey",              [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE, CK_OBJECT_HANDLE,
-                              CK_BYTE_PTR, CK_ULONG_PTR]),
-  ("C_UnwrapKey",            [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE, CK_BYTE_PTR, CK_ULONG,
-                              CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR]),
-  ("C_DeriveKey",            [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG,
-                              CK_OBJECT_HANDLE_PTR]),
-  ("C_SeedRandom",           [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG]),
-  ("C_GenerateRandom",       [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG]),
-  ("C_GetFunctionStatus",    [CK_SESSION_HANDLE]),
-  ("C_CancelFunction",       [CK_SESSION_HANDLE]),
-  ("C_WaitForSlotEvent",     [CK_FLAGS, CK_SLOT_ID_PTR, CK_VOID_PTR]))
-
-
-# Need to convert attributes between a sane Pythonic representation
-# and something ctypes can handle.  Pythoninc representation would be
-# an iteraable of two element sequences, or perhaps a dict.
-
-def attributes_to_ctypes(dict_or_iterable):
-  if isinstance(dict_or_iterable, dict):
-    dict_or_iterable = dict_or_iterable.iteritems()
-  items = tuple(dict_or_iterable)
-  a = (CK_ATTRIBUTE * len(items))()
-  for i, kv in enumerate(items):
-    k, v = kv
-    if isinstance(v, bool):
-      v = pack("B", int(v))
-    elif isinstance(v, (int, long)):
-      v = pack("L", v)
-    a[i].type = k
-    a[i].pValue = create_string_buffer(v)
-    a[i].ulValueLen = len(v)
-  return a
 
 class PKCS11 (object):
 
-  def __init__(self, so_name = "libpkcs11.so"):
+  def __init__(self, so_name = "libpkcs11.so", attributes_initializer = "attributes.yaml"):
     self.so_name = so_name
     self.so = CDLL(so_name)
     def raise_on_failure(rv):
       if rv != CKR_OK:
         raise CKR_Exception.ckr_map[rv]
-    for name, args in PKCS11_Prototypes:
+    for name, args in Prototypes.iteritems():
       func = getattr(self.so, name)
       func.restype = raise_on_failure
       func.argtypes = args
+    self.adb = AttributeDB(attributes_initializer)
 
   def __getattr__(self, name):
     return getattr(self.so, name)
@@ -164,41 +67,30 @@ class PKCS11 (object):
     self.so.C_Login(session, user, pin, len(pin))
 
   def C_GetAttributeValue(self, session_handle, object_handle, attributes):
-    if not isinstance(attributes, (list, tuple)):
-      attributes = tuple(attributes)
-    if not all(isinstance(a, (int, long)) for a in attributes):
-      raise TypeError
-    template = (CK_ATTRIBUTE * len(attributes))()
-    for i in xrange(len(attributes)):
-      template[i].type = attributes[i]
-      template[i].pValue = None
-      template[i].ulValueLen = 0
+    template = self.adb.getvalue_create_template(attributes)
     self.so.C_GetAttributeValue(session_handle, object_handle, template, len(template))
-    for t in template:
-      t.pValue = create_string_buffer(t.ulValueLen)
+    self.adb.getvalue_allocate_template(template)
     self.so.C_GetAttributeValue(session_handle, object_handle, template, len(template))
-    return dict((t.type, t.pValue[:t.ulValueLen]) for t in template)
+    return self.adb.from_ctypes(template)
 
   def C_FindObjectsInit(self, session, template):
     if template:
-      self.so.C_FindObjectsInit(session, attributes_to_ctypes(template), len(template))
+      self.so.C_FindObjectsInit(session, self.adb.to_ctypes(template), len(template))
     else:
       self.so.C_FindObjectsInit(session, None, 0)
 
   def C_FindObjects(self, session, chunk_size = 10):
     objects = (CK_OBJECT_HANDLE * chunk_size)()
-    count   = CK_ULONG()
-    while True:
+    count   = CK_ULONG(1)
+    while count.value > 0:
       self.so.C_FindObjects(session, objects, len(objects), byref(count))
       for i in xrange(count.value):
         yield objects[i]
-      if count.value == 0:
-        break
 
   def C_GenerateKeyPair(self, session, mechanism_type, public_template, private_template):
     mechanism = CK_MECHANISM(mechanism_type, None, 0)
-    public_template  = attributes_to_ctypes(public_template)
-    private_template = attributes_to_ctypes(private_template)
+    public_template  = self.adb.to_ctypes(public_template)
+    private_template = self.adb.to_ctypes(private_template)
     public_handle  = CK_OBJECT_HANDLE()
     private_handle = CK_OBJECT_HANDLE()
     self.so.C_GenerateKeyPair(session, byref(mechanism),
diff --git a/py11/attributes.py b/py11/attributes.py
new file mode 100644
index 0000000..00af79c
--- /dev/null
+++ b/py11/attributes.py
@@ -0,0 +1,105 @@
+# An attempt at a Python interface to PKCS 11 using the scary ctypes
+# module from the Python standard library.
+
+from struct     import pack, unpack
+from ctypes     import *
+from .types     import *
+from .constants import *
+
+class Attribute(object):
+
+  @classmethod
+  def new(cls, attribute_name, type_name):
+    from . import constants
+    from . import types
+    assert attribute_name.startswith("CKA_")
+    attribute_number = getattr(constants, attribute_name)
+    type_class = getattr(types, type_name, str)
+    if type_class is CK_BBOOL:
+      cls = Attribute_CK_BBOOL
+    elif type_class is CK_ULONG:
+      cls = Attribute_CK_ULONG
+    elif type_name == "biginteger":
+      cls = Attribute_biginteger
+    return cls(attribute_name, attribute_number, type_name, type_class)
+
+  def __init__(self, attribute_name, attribute_number, type_name, type_class):
+    assert attribute_name.startswith("CKA_")
+    self.name = attribute_name
+    self.code = attribute_number
+    self.type_name = type_name
+    self.type_class = type_class
+
+  def encode(self, x): return x
+  def decode(self, x): return x
+
+class Attribute_CK_BBOOL(Attribute):
+  def encode(self, x): return chr(int(x))
+  def decode(self, x): return bool(ord(x))
+
+class Attribute_CK_ULONG(Attribute):
+  def encode(self, x): return pack("L", x)
+  def decode(self, x): return unpack("L", x)[0]
+
+class Attribute_biginteger(Attribute):
+  def encode(self, x): return ("%*x" % (((x.bit_length() + 7) / 8) * 2, x)).decode("hex")
+  def decode(self, x): return long(x.encode("hex"), 16)
+
+
+class AttributeDB(object):
+
+  def __init__(self, initializer = None):
+    self.db = {}
+    if isinstance(initializer, str):
+      initializer = self.parse_yaml(initializer)
+    for attribute_name, type_name in initializer:
+      a = Attribute.new(attribute_name, type_name)
+      self.db[a.name] = a
+      self.db[a.code] = a
+
+  @staticmethod
+  def parse_yaml(yaml_filename):
+    from yaml import safe_load
+    with open(yaml_filename) as f:
+      for y in safe_load(f):
+        for k, v in y.iteritems():
+          if k.startswith("CKA_") and "type" in v:
+            yield k, v["type"]
+
+  def encode(self, k, v):
+    return self.db[k].encode(v) if k in self.db else v
+
+  def decode(self, k, v):
+    return self.db[k].decode(v) if k in self.db else v
+
+  def getvalue_create_template(self, attributes):
+    attributes = tuple(self.db[a].code for a in attributes)
+    template = (CK_ATTRIBUTE * len(attributes))()
+    for i in xrange(len(attributes)):
+      template[i].type = attributes[i]
+      template[i].pValue = None
+      template[i].ulValueLen = 0
+    return template
+
+  def getvalue_allocate_template(self, template):
+    for t in template:
+      t.pValue = create_string_buffer(t.ulValueLen)
+
+  def from_ctypes(self, template):
+    return dict((t.type, self.decode(t.type, t.pValue[:t.ulValueLen]))
+                for t in template)
+
+  def to_ctypes(self, attributes):
+    attributes = tuple(attributes.iteritems()
+                       if isinstance(attributes, dict) else
+                       attributes)
+    template = (CK_ATTRIBUTE * len(attributes))()
+    for i, kv in enumerate(attributes):
+      k, v = kv
+      if k in self.db:
+        a = self.db[k]
+        k, v = a.code, a.encode(v)
+      template[i].type = k
+      template[i].pValue = create_string_buffer(v)
+      template[i].ulValueLen = len(v)
+    return template
diff --git a/py11/prototypes.py b/py11/prototypes.py
new file mode 100644
index 0000000..7951515
--- /dev/null
+++ b/py11/prototypes.py
@@ -0,0 +1,85 @@
+# An attempt at a Python interface to PKCS 11 using the scary ctypes
+# module from the Python standard library.
+
+from ctypes      import *
+from .types      import *
+
+# Prototypes for the PKCS #11 public functions.
+#
+# We don't bother implementing C_GetFunctionList(), because it would
+# be extremely tedious and it's not all that useful to us in Python.
+# Instead, we emulate its behavior in the PKCS11 class.
+
+Prototypes = dict(
+  C_Initialize           = [CK_VOID_PTR],
+  C_Finalize             = [CK_VOID_PTR],
+  C_GetInfo              = [CK_INFO_PTR],
+# C_GetFunctionList      = [CK_FUNCTION_LIST_PTR_PTR],
+  C_GetSlotList          = [CK_BBOOL, CK_SLOT_ID_PTR, CK_ULONG_PTR],
+  C_GetSlotInfo          = [CK_SLOT_ID, CK_SLOT_INFO_PTR],
+  C_GetTokenInfo         = [CK_SLOT_ID, CK_TOKEN_INFO_PTR],
+  C_GetMechanismList     = [CK_SLOT_ID, CK_MECHANISM_TYPE_PTR, CK_ULONG_PTR],
+  C_GetMechanismInfo     = [CK_SLOT_ID, CK_MECHANISM_TYPE, CK_MECHANISM_INFO_PTR],
+  C_InitToken            = [CK_SLOT_ID, CK_UTF8CHAR_PTR, CK_ULONG, CK_UTF8CHAR_PTR],
+  C_InitPIN              = [CK_SESSION_HANDLE, CK_UTF8CHAR_PTR, CK_ULONG],
+  C_SetPIN               = [CK_SESSION_HANDLE, CK_UTF8CHAR_PTR, CK_ULONG, CK_UTF8CHAR_PTR, CK_ULONG],
+  C_OpenSession          = [CK_SLOT_ID, CK_FLAGS, CK_VOID_PTR, CK_NOTIFY, CK_SESSION_HANDLE_PTR],
+  C_CloseSession         = [CK_SESSION_HANDLE],
+  C_CloseAllSessions     = [CK_SLOT_ID],
+  C_GetSessionInfo       = [CK_SESSION_HANDLE, CK_SESSION_INFO_PTR],
+  C_GetOperationState    = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_SetOperationState    = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_OBJECT_HANDLE, CK_OBJECT_HANDLE],
+  C_Login                = [CK_SESSION_HANDLE, CK_USER_TYPE, CK_UTF8CHAR_PTR, CK_ULONG],
+  C_Logout               = [CK_SESSION_HANDLE],
+  C_CreateObject         = [CK_SESSION_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR],
+  C_CopyObject           = [CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR],
+  C_DestroyObject        = [CK_SESSION_HANDLE, CK_OBJECT_HANDLE],
+  C_GetObjectSize        = [CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ULONG_PTR],
+  C_GetAttributeValue    = [CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG],
+  C_SetAttributeValue    = [CK_SESSION_HANDLE, CK_OBJECT_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG],
+  C_FindObjectsInit      = [CK_SESSION_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG],
+  C_FindObjects          = [CK_SESSION_HANDLE, CK_OBJECT_HANDLE_PTR, CK_ULONG, CK_ULONG_PTR],
+  C_FindObjectsFinal     = [CK_SESSION_HANDLE],
+  C_EncryptInit          = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE],
+  C_Encrypt              = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_EncryptUpdate        = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_EncryptFinal         = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_DecryptInit          = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE],
+  C_Decrypt              = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_DecryptUpdate        = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_DecryptFinal         = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_DigestInit           = [CK_SESSION_HANDLE, CK_MECHANISM_PTR],
+  C_Digest               = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_DigestUpdate         = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG],
+  C_DigestKey            = [CK_SESSION_HANDLE, CK_OBJECT_HANDLE],
+  C_DigestFinal          = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_SignInit             = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE],
+  C_Sign                 = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_SignUpdate           = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG],
+  C_SignFinal            = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_SignRecoverInit      = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE],
+  C_SignRecover          = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_VerifyInit           = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE],
+  C_Verify               = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG],
+  C_VerifyUpdate         = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG],
+  C_VerifyFinal          = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG],
+  C_VerifyRecoverInit    = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE],
+  C_VerifyRecover        = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_DigestEncryptUpdate  = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_DecryptDigestUpdate  = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_SignEncryptUpdate    = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_DecryptVerifyUpdate  = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR],
+  C_GenerateKey          = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR],
+  C_GenerateKeyPair      = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_ATTRIBUTE_PTR, CK_ULONG,
+                            CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR, CK_OBJECT_HANDLE_PTR],
+  C_WrapKey              = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE, CK_OBJECT_HANDLE,
+                            CK_BYTE_PTR, CK_ULONG_PTR],
+  C_UnwrapKey            = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE, CK_BYTE_PTR, CK_ULONG,
+                            CK_ATTRIBUTE_PTR, CK_ULONG, CK_OBJECT_HANDLE_PTR],
+  C_DeriveKey            = [CK_SESSION_HANDLE, CK_MECHANISM_PTR, CK_OBJECT_HANDLE, CK_ATTRIBUTE_PTR, CK_ULONG,
+                            CK_OBJECT_HANDLE_PTR],
+  C_SeedRandom           = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG],
+  C_GenerateRandom       = [CK_SESSION_HANDLE, CK_BYTE_PTR, CK_ULONG],
+  C_GetFunctionStatus    = [CK_SESSION_HANDLE],
+  C_CancelFunction       = [CK_SESSION_HANDLE],
+  C_WaitForSlotEvent     = [CK_FLAGS, CK_SLOT_ID_PTR, CK_VOID_PTR])



More information about the Commits mailing list