LCOV - code coverage report
Current view: top level - builds/gnutls/coverage/gnutls-git/lib - pkcs11_int.c (source / functions) Hit Total Coverage
Test: GnuTLS-3.6.14 Code Coverage Lines: 68 75 90.7 %
Date: 2020-10-30 04:50:48 Functions: 24 26 92.3 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :  * GnuTLS PKCS#11 support
       3             :  * Copyright (C) 2010-2012 Free Software Foundation, Inc.
       4             :  * Copyright (C) 2008, Joe Orton <joe@manyfish.co.uk>
       5             :  * 
       6             :  * Authors: Nikos Mavrogiannopoulos, Stef Walter
       7             :  *
       8             :  * Inspired and some parts (pkcs11_login) based on neon PKCS #11 support 
       9             :  * by Joe Orton. More ideas came from the pkcs11-helper library by 
      10             :  * Alon Bar-Lev.
      11             :  *
      12             :  * The GnuTLS is free software; you can redistribute it and/or
      13             :  * modify it under the terms of the GNU Lesser General Public License
      14             :  * as published by the Free Software Foundation; either version 2.1 of
      15             :  * the License, or (at your option) any later version.
      16             :  *
      17             :  * This library is distributed in the hope that it will be useful, but
      18             :  * WITHOUT ANY WARRANTY; without even the implied warranty of
      19             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
      20             :  * Lesser General Public License for more details.
      21             :  *
      22             :  * You should have received a copy of the GNU Lesser General Public License
      23             :  * along with this program.  If not, see <https://www.gnu.org/licenses/>
      24             :  */
      25             : 
      26             : #include "gnutls_int.h"
      27             : #include <gnutls/pkcs11.h>
      28             : #include <stdio.h>
      29             : #include <string.h>
      30             : #include "errors.h"
      31             : #include <datum.h>
      32             : 
      33             : #include <pin.h>
      34             : #include <pkcs11_int.h>
      35             : #include <p11-kit/p11-kit.h>
      36             : #include <p11-kit/pkcs11.h>
      37             : #include <p11-kit/pin.h>
      38             : 
      39             : ck_rv_t
      40        3040 : pkcs11_get_slot_list(struct ck_function_list * module,
      41             :                      unsigned char token_present, ck_slot_id_t * slot_list,
      42             :                      unsigned long *count)
      43             : {
      44        3040 :         return (module)->C_GetSlotList(token_present, slot_list, count);
      45             : }
      46             : 
      47             : ck_rv_t
      48         137 : pkcs11_get_module_info(struct ck_function_list * module,
      49             :                        struct ck_info * info)
      50             : {
      51         137 :         return (module)->C_GetInfo(info);
      52             : }
      53             : 
      54             : ck_rv_t
      55        2092 : pkcs11_get_slot_info(struct ck_function_list * module,
      56             :                      ck_slot_id_t slot_id, struct ck_slot_info * info)
      57             : {
      58        2092 :         return (module)->C_GetSlotInfo(slot_id, info);
      59             : }
      60             : 
      61             : ck_rv_t
      62        4987 : pkcs11_get_token_info(struct ck_function_list * module,
      63             :                       ck_slot_id_t slot_id, struct ck_token_info * info)
      64             : {
      65        4987 :         return (module)->C_GetTokenInfo(slot_id, info);
      66             : }
      67             : 
      68             : ck_rv_t
      69         915 : pkcs11_find_objects_init(struct ck_function_list * module,
      70             :                          ck_session_handle_t sess,
      71             :                          struct ck_attribute * templ, unsigned long count)
      72             : {
      73         915 :         return (module)->C_FindObjectsInit(sess, templ, count);
      74             : }
      75             : 
      76             : ck_rv_t
      77        1215 : pkcs11_find_objects(struct ck_function_list * module,
      78             :                     ck_session_handle_t sess,
      79             :                     ck_object_handle_t * objects,
      80             :                     unsigned long max_object_count,
      81             :                     unsigned long *object_count)
      82             : {
      83        1215 :         return (module)->C_FindObjects(sess, objects, max_object_count,
      84             :                                        object_count);
      85             : }
      86             : 
      87         912 : ck_rv_t pkcs11_find_objects_final(struct pkcs11_session_info * sinfo)
      88             : {
      89         912 :         return (sinfo->module)->C_FindObjectsFinal(sinfo->pks);
      90             : }
      91             : 
      92        1476 : ck_rv_t pkcs11_close_session(struct pkcs11_session_info * sinfo)
      93             : {
      94        1476 :         sinfo->init = 0;
      95        1476 :         return (sinfo->module)->C_CloseSession(sinfo->pks);
      96             : }
      97             : 
      98             : ck_rv_t
      99           3 : pkcs11_set_attribute_value(struct ck_function_list * module,
     100             :                            ck_session_handle_t sess,
     101             :                            ck_object_handle_t object,
     102             :                            struct ck_attribute * templ,
     103             :                            unsigned long count)
     104             : {
     105           3 :         return (module)->C_SetAttributeValue(sess, object, templ, count);
     106             : }
     107             : 
     108             : ck_rv_t
     109        5049 : pkcs11_get_attribute_value(struct ck_function_list * module,
     110             :                            ck_session_handle_t sess,
     111             :                            ck_object_handle_t object,
     112             :                            struct ck_attribute * templ,
     113             :                            unsigned long count)
     114             : {
     115        5049 :         return (module)->C_GetAttributeValue(sess, object, templ, count);
     116             : }
     117             : 
     118             : /* Returns only a single attribute value, but allocates its data 
     119             :  * Only the type needs to be set.
     120             :  */
     121             : ck_rv_t
     122         552 : pkcs11_get_attribute_avalue(struct ck_function_list * module,
     123             :                            ck_session_handle_t sess,
     124             :                            ck_object_handle_t object,
     125             :                            ck_attribute_type_t type,
     126             :                            gnutls_datum_t *res)
     127             : {
     128         552 :         ck_rv_t rv;
     129         552 :         struct ck_attribute templ;
     130         552 :         void *t;
     131             : 
     132         552 :         res->data = NULL;
     133         552 :         res->size = 0;
     134             : 
     135         552 :         templ.type = type;
     136         552 :         templ.value = NULL;
     137         552 :         templ.value_len = 0;
     138         552 :         rv = (module)->C_GetAttributeValue(sess, object, &templ, 1);
     139         552 :         if (rv == CKR_OK) {
     140             :                 /* PKCS#11 v2.20 requires sensitive values to set a length
     141             :                  * of -1. In that case an error should have been returned,
     142             :                  * but some implementations return CKR_OK instead. */
     143         452 :                 if (templ.value_len == (unsigned long)-1)
     144             :                         return CKR_ATTRIBUTE_SENSITIVE;
     145             : 
     146         450 :                 if (templ.value_len == 0)
     147             :                         return rv;
     148             : 
     149         372 :                 templ.type = type;
     150         372 :                 t = gnutls_malloc(templ.value_len);
     151         372 :                 if (t == NULL)
     152           0 :                         return gnutls_assert_val(CKR_HOST_MEMORY);
     153         372 :                 templ.value = t;
     154         372 :                 rv = (module)->C_GetAttributeValue(sess, object, &templ, 1);
     155         372 :                 if (rv != CKR_OK) {
     156           0 :                         gnutls_free(t);
     157           0 :                         return rv;
     158             :                 }
     159         372 :                 res->data = t;
     160         372 :                 res->size = templ.value_len;
     161             :         }
     162             :         return rv;
     163             : }
     164             : 
     165             : ck_rv_t
     166         283 : pkcs11_get_mechanism_list(struct ck_function_list * module,
     167             :                           ck_slot_id_t slot_id,
     168             :                           ck_mechanism_type_t * mechanism_list,
     169             :                           unsigned long *count)
     170             : {
     171         283 :         return (module)->C_GetMechanismList(slot_id, mechanism_list,
     172             :                                             count);
     173             : }
     174             : 
     175             : ck_rv_t
     176         216 : pkcs11_get_mechanism_info(struct ck_function_list *module,
     177             :                           ck_slot_id_t slot_id,
     178             :                           ck_mechanism_type_t mechanism,
     179             :                           struct ck_mechanism_info *ptr)
     180             : {
     181         216 :         return (module)->C_GetMechanismInfo(slot_id, mechanism,
     182             :                                             ptr);
     183             : }
     184             : 
     185             : ck_rv_t
     186         250 : pkcs11_sign_init(struct ck_function_list * module,
     187             :                  ck_session_handle_t sess,
     188             :                  struct ck_mechanism * mechanism, ck_object_handle_t key)
     189             : {
     190         250 :         return (module)->C_SignInit(sess, mechanism, key);
     191             : }
     192             : 
     193             : ck_rv_t
     194         496 : pkcs11_sign(struct ck_function_list * module,
     195             :             ck_session_handle_t sess,
     196             :             unsigned char *data,
     197             :             unsigned long data_len,
     198             :             unsigned char *signature, unsigned long *signature_len)
     199             : {
     200         496 :         return (module)->C_Sign(sess, data, data_len, signature,
     201             :                                 signature_len);
     202             : }
     203             : 
     204             : ck_rv_t
     205           1 : pkcs11_generate_key(struct ck_function_list * module,
     206             :                     ck_session_handle_t sess,
     207             :                     struct ck_mechanism * mechanism,
     208             :                     struct ck_attribute * templ,
     209             :                     unsigned long count,
     210             :                     ck_object_handle_t * key)
     211             : {
     212           1 :         return (module)->C_GenerateKey(sess, mechanism, templ, count, key);
     213             : }
     214             : 
     215             : ck_rv_t
     216           9 : pkcs11_generate_key_pair(struct ck_function_list * module,
     217             :                          ck_session_handle_t sess,
     218             :                          struct ck_mechanism * mechanism,
     219             :                          struct ck_attribute * pub_templ,
     220             :                          unsigned long pub_templ_count,
     221             :                          struct ck_attribute * priv_templ,
     222             :                          unsigned long priv_templ_count,
     223             :                          ck_object_handle_t * pub_ctx,
     224             :                          ck_object_handle_t * priv_ctx)
     225             : {
     226           9 :         return (module)->C_GenerateKeyPair(sess, mechanism, pub_templ,
     227             :                                            pub_templ_count, priv_templ,
     228             :                                            priv_templ_count, pub_ctx, priv_ctx);
     229             : }
     230             : 
     231             : ck_rv_t
     232           2 : pkcs11_decrypt_init(struct ck_function_list * module,
     233             :                     ck_session_handle_t sess,
     234             :                     struct ck_mechanism * mechanism,
     235             :                     ck_object_handle_t key_ctx)
     236             : {
     237           2 :         return (module)->C_DecryptInit(sess, mechanism, key_ctx);
     238             : }
     239             : 
     240             : ck_rv_t
     241           2 : pkcs11_decrypt(struct ck_function_list * module,
     242             :                ck_session_handle_t sess,
     243             :                unsigned char *encrypted_data,
     244             :                unsigned long encrypted_data_len,
     245             :                unsigned char *data, unsigned long *data_len)
     246             : {
     247           2 :         return (module)->C_Decrypt(sess, encrypted_data,
     248             :                                    encrypted_data_len, data, data_len);
     249             : }
     250             : 
     251             : ck_rv_t
     252         154 : pkcs11_create_object(struct ck_function_list * module,
     253             :                      ck_session_handle_t sess,
     254             :                      struct ck_attribute * templ,
     255             :                      unsigned long count, ck_object_handle_t * ctx)
     256             : {
     257         154 :         return (module)->C_CreateObject(sess, templ, count, ctx);
     258             : }
     259             : 
     260             : ck_rv_t
     261          25 : pkcs11_destroy_object(struct ck_function_list * module,
     262             :                       ck_session_handle_t sess, ck_object_handle_t ctx)
     263             : {
     264          25 :         return (module)->C_DestroyObject(sess, ctx);
     265             : }
     266             : 
     267             : ck_rv_t
     268         100 : pkcs11_init_token(struct ck_function_list * module,
     269             :                   ck_slot_id_t slot_id, unsigned char *pin,
     270             :                   unsigned long pin_len, unsigned char *label)
     271             : {
     272         100 :         return (module)->C_InitToken(slot_id, pin, pin_len, label);
     273             : }
     274             : 
     275             : ck_rv_t
     276          15 : pkcs11_init_pin(struct ck_function_list * module,
     277             :                 ck_session_handle_t sess,
     278             :                 unsigned char *pin, unsigned long pin_len)
     279             : {
     280          15 :         return (module)->C_InitPIN(sess, pin, pin_len);
     281             : }
     282             : 
     283             : ck_rv_t
     284           4 : pkcs11_set_pin(struct ck_function_list * module,
     285             :                ck_session_handle_t sess,
     286             :                const char *old_pin,
     287             :                unsigned long old_len,
     288             :                const char *new_pin, unsigned long new_len)
     289             : {
     290           4 :         return (module)->C_SetPIN(sess, (uint8_t *) old_pin, old_len,
     291             :                                   (uint8_t *) new_pin, new_len);
     292             : }
     293             : 
     294             : ck_rv_t
     295           0 : _gnutls_pkcs11_get_random(struct ck_function_list * module,
     296             :                   ck_session_handle_t sess, void *data, size_t len)
     297             : {
     298           0 :         return (module)->C_GenerateRandom(sess, data, len);
     299             : }
     300             : 
     301           0 : const char *pkcs11_strerror(ck_rv_t rv)
     302             : {
     303           0 :         return p11_kit_strerror(rv);
     304             : }

Generated by: LCOV version 1.14