[Cryptech-Commits] [sw/pkcs11] 01/05: Start cleaning up info functions.

git at cryptech.is git at cryptech.is
Sat May 20 22:15:20 UTC 2017


This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch master
in repository sw/pkcs11.

commit 49af8650a34cb4ee603cc924ca9e3945e2a792db
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Fri May 19 17:53:19 2017 -0400

    Start cleaning up info functions.
---
 pkcs11.c | 135 +++++++++++++++------------------------------------------------
 1 file changed, 31 insertions(+), 104 deletions(-)

diff --git a/pkcs11.c b/pkcs11.c
index de639ab..de96a79 100644
--- a/pkcs11.c
+++ b/pkcs11.c
@@ -87,17 +87,23 @@
 #endif
 
 /*
- * Version numbers.  Placeholders for now.
- *
- * Software version number is just the version of this PKCS #11
- * implementation.  Probably.
+ * Manufacturer ID, version numbers (hardware, firmware, software), etc.
+ * Some of this really should be coming from RPC queries.
  */
 
-#warning Figure out hardware and software version numbers
-#define P11_VERSION_SW_MAJOR    0
-#define P11_VERSION_SW_MINOR    1
+#warning Figure out IDs and version numbers
+#define P11_MANUFACTURER_ID     "Cryptech Project"
+#define P11_TOKEN_LABEL		"Cryptech Token"
+#define P11_BOARD_MODEL		"Alpha Board"
+#define P11_BOARD_SERIAL	"007"
+#define P11_LIBRARY_DESCRIPTION	"libcryptech-pkcs11.so"
+#define	P11_SLOT_DESCRIPTION	"Cryptech Alpha slot"
 #define P11_VERSION_HW_MAJOR    0
-#define P11_VERSION_HW_MINOR    1
+#define P11_VERSION_HW_MINOR    3
+#define P11_VERSION_FW_MAJOR    3
+#define P11_VERSION_FW_MINOR    0
+#define P11_VERSION_SW_MAJOR    3
+#define P11_VERSION_SW_MINOR    0
 
 /*
  * Debugging control.
@@ -1108,12 +1114,6 @@ static inline handle_flavor_t p11_object_flavor_from_cka_token(const CK_BBOOL *b
   return (bbool != NULL && *bbool) ? handle_flavor_token_object : handle_flavor_session_object;
 }
 
-static inline hal_key_flags_t p11_object_hal_flags(const CK_OBJECT_HANDLE handle)
-{
-  return handle_flavor(handle) == handle_flavor_token_object ? HAL_KEY_FLAG_TOKEN : 0;
-}
-
-
 /*
  * Open the HSM pkey object (if any) corresponding to the PKCS #11 handle.
  */
@@ -2677,19 +2677,10 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID,
    * right token, so hard-wire something for now.
    */
 
-  psnprintf(pInfo->label, sizeof(pInfo->label),
-            "Cryptech Token");
-
-  psnprintf(pInfo->manufacturerID, sizeof(pInfo->manufacturerID),
-            "Cryptech Project");
-
-  psnprintf(pInfo->model, sizeof(pInfo->model),
-            "%04x%04x%04x%04x",
-            P11_VERSION_HW_MAJOR, P11_VERSION_HW_MINOR,
-            P11_VERSION_SW_MAJOR, P11_VERSION_SW_MINOR);
-
-  psnprintf(pInfo->serialNumber, sizeof(pInfo->serialNumber),
-            "007");
+  psnprintf(pInfo->label,          sizeof(pInfo->label),          P11_TOKEN_LABEL);
+  psnprintf(pInfo->manufacturerID, sizeof(pInfo->manufacturerID), P11_MANUFACTURER_ID);
+  psnprintf(pInfo->model,          sizeof(pInfo->model),          P11_BOARD_MODEL);
+  psnprintf(pInfo->serialNumber,   sizeof(pInfo->serialNumber),   P11_BOARD_SERIAL);
 
   pInfo->flags = CKF_RNG | CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | CKF_TOKEN_INITIALIZED;
 
@@ -2729,17 +2720,14 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID,
   pInfo->ulFreePrivateMemory    = CK_UNAVAILABLE_INFORMATION;
   pInfo->hardwareVersion.major  = P11_VERSION_HW_MAJOR;
   pInfo->hardwareVersion.minor  = P11_VERSION_HW_MINOR;
-  pInfo->firmwareVersion.major  = P11_VERSION_SW_MAJOR;
-  pInfo->firmwareVersion.minor  = P11_VERSION_SW_MINOR;
+  pInfo->firmwareVersion.major  = P11_VERSION_FW_MAJOR;
+  pInfo->firmwareVersion.minor  = P11_VERSION_FW_MINOR;
 
-#warning Need to sort out hardware clock
-#if 0
   /*
-   * Eventually we expect cryptech devices to have their own hardware
-   * clocks.  Not implemented yet.
+   * Eventually we expect Cryptech devices to have their own hardware
+   * clocks, in which case we'd set CKF_CLOCK_ON_TOKEN and
+   * pInfo->utcTime.  Hardware not implemented yet, so not here either.
    */
-  pInfo->utcTime;
-#endif
 
   return CKR_OK;
 }
@@ -4253,12 +4241,6 @@ CK_RV C_GenerateRandom(CK_SESSION_HANDLE hSession,
  * Supply information about a particular mechanism.  We may want a
  * more generic structure for this, for the moment, just answer the
  * questions that applications we care about are asking.
- *
- * Not really sure whether I should be setting CKF_HW here or not, RSA
- * is a mix of hardware and software at the moment, but I'm also a
- * little unclear on what "the device" means in this context, so let's
- * just say that if it's implemented by libhal or the Verilog hiding
- * behind libhal, it's implemented in hardware.
  */
 
 CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID,
@@ -4285,61 +4267,6 @@ CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID,
   if (p11_uninitialized())
     return CKR_CRYPTOKI_NOT_INITIALIZED;
 
-#if 0
-  /*
-   * Perhaps revisit this after adding an RPC call to let us check
-   * which cores are available.  For now, given that we now have
-   * software core support for these hash algorithms, this test isn't
-   * particularly useful.
-   */
-
-  hal_digest_algorithm_t algorithm = HAL_DIGEST_ALGORITHM_NONE;
-  CK_RV rv = CKR_OK;
-
-  switch (type) {
-
-  case CKM_SHA_1:
-  case CKM_SHA1_RSA_PKCS:
-  case CKM_SHA_1_HMAC:
-    algorithm = HAL_DIGEST_ALGORITHM_SHA1;
-    break;
-
-  case CKM_SHA224:
-  case CKM_SHA224_RSA_PKCS:
-  case CKM_SHA224_HMAC:
-  case CKM_ECDSA_SHA224:
-    algorithm = HAL_DIGEST_ALGORITHM_SHA224;
-    break;
-
-  case CKM_SHA256:
-  case CKM_SHA256_RSA_PKCS:
-  case CKM_SHA256_HMAC:
-  case CKM_ECDSA_SHA256:
-    algorithm = HAL_DIGEST_ALGORITHM_SHA256;
-    break;
-
-  case CKM_SHA384:
-  case CKM_SHA384_RSA_PKCS:
-  case CKM_SHA384_HMAC:
-  case CKM_ECDSA_SHA384:
-    algorithm = HAL_DIGEST_ALGORITHM_SHA384;
-    break;
-
-  case CKM_SHA512:
-  case CKM_SHA512_RSA_PKCS:
-  case CKM_SHA512_HMAC:
-  case CKM_ECDSA_SHA512:
-    algorithm = HAL_DIGEST_ALGORITHM_SHA512;
-    break;
-
-  default:
-    break;
-  }
-
-  if (algorithm != HAL_DIGEST_ALGORITHM_NONE && (rv = digest_available(algorithm)) != CKR_OK)
-    return rv;
-#endif
-
   switch (type) {
 
   case CKM_RSA_PKCS_KEY_PAIR_GEN:
@@ -4450,8 +4377,8 @@ CK_RV C_GetInfo(CK_INFO_PTR pInfo)
   memset(pInfo, 0, sizeof(*pInfo));
   pInfo->cryptokiVersion.major = 2;
   pInfo->cryptokiVersion.minor = 30;
-  psnprintf(pInfo->manufacturerID,     sizeof(pInfo->manufacturerID),           "cryptech.is project");
-  psnprintf(pInfo->libraryDescription, sizeof(pInfo->libraryDescription),       "cryptech.is pkcs11");
+  psnprintf(pInfo->manufacturerID,     sizeof(pInfo->manufacturerID),     P11_MANUFACTURER_ID);
+  psnprintf(pInfo->libraryDescription, sizeof(pInfo->libraryDescription), P11_LIBRARY_DESCRIPTION);
   pInfo->libraryVersion.major = P11_VERSION_SW_MAJOR;
   pInfo->libraryVersion.minor = P11_VERSION_SW_MINOR;
 
@@ -4473,13 +4400,13 @@ CK_RV C_GetSlotInfo(CK_SLOT_ID slotID,
     return CKR_CRYPTOKI_NOT_INITIALIZED;
 
   memset(pInfo, 0, sizeof(*pInfo));
-  psnprintf(pInfo->slotDescription, sizeof(pInfo->slotDescription), "cryptech.is slot on alpha");
-  psnprintf(pInfo->manufacturerID,  sizeof(pInfo->manufacturerID),  "cryptech.is project");
+  psnprintf(pInfo->slotDescription, sizeof(pInfo->slotDescription), P11_SLOT_DESCRIPTION);
+  psnprintf(pInfo->manufacturerID,  sizeof(pInfo->manufacturerID),  P11_MANUFACTURER_ID);
   pInfo->flags = CKF_TOKEN_PRESENT | CKF_HW_SLOT;
-  pInfo->hardwareVersion.major = 0;
-  pInfo->hardwareVersion.minor = 2;
-  pInfo->firmwareVersion.major = P11_VERSION_HW_MAJOR;
-  pInfo->firmwareVersion.minor = P11_VERSION_HW_MINOR;
+  pInfo->hardwareVersion.major = P11_VERSION_HW_MAJOR;
+  pInfo->hardwareVersion.minor = P11_VERSION_HW_MINOR;
+  pInfo->firmwareVersion.major = P11_VERSION_FW_MAJOR;
+  pInfo->firmwareVersion.minor = P11_VERSION_FW_MINOR;
   return CKR_OK;
 }
 



More information about the Commits mailing list