pkcs11 0.2.5-x86-mingw32 → 0.2.6-x86-mingw32
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +10 -0
- data/Gemfile +16 -0
- data/History.txt +5 -0
- data/README.rdoc +37 -56
- data/Rakefile +23 -8
- data/appveyor.yml +38 -0
- data/ext/include/pkcs11.h +287 -299
- data/ext/include/pkcs11f.h +900 -912
- data/ext/include/pkcs11t.h +1917 -1885
- data/ext/pk11.c +7 -7
- data/ext/pk11_const.c +1 -1
- data/ext/pk11_const_def.inc +538 -451
- data/ext/pk11_struct.doc +163 -43
- data/ext/pk11_struct_def.inc +62 -18
- data/ext/pk11_struct_impl.inc +62 -18
- data/ext/pk11_version.h +1 -1
- data/lib/2.0/pkcs11_ext.so +0 -0
- data/lib/2.1/pkcs11_ext.so +0 -0
- data/lib/2.2/pkcs11_ext.so +0 -0
- data/lib/2.3/pkcs11_ext.so +0 -0
- data/lib/2.4/pkcs11_ext.so +0 -0
- data/lib/pkcs11/helper.rb +2 -1
- data/pkcs11_luna/Manifest.txt +24 -0
- data/pkcs11_luna/README_LUNA.rdoc +103 -0
- data/test/helper.rb +7 -1
- data/test/test_pkcs11_thread.rb +1 -2
- metadata +75 -52
- checksums.yaml.gz.sig +0 -2
- data.tar.gz.sig +0 -1
- data/Manifest.txt +0 -57
- data/lib/1.9/pkcs11_ext.so +0 -0
- metadata.gz.sig +0 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9bbbe6c68fcd544767cbc079e4469ac07253efe3
|
4
|
+
data.tar.gz: 3e969a421ff2a650612a9e6dfce55ab50c6ddb64
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0cbc674c914e45e2abb41437ad5d54f591bbe6e9456f7cb9606cda7133c798c05433b949bc0b43389d6696670e3d933afff654eb46343f447fd05579c7a2e604
|
7
|
+
data.tar.gz: ac8ceec26eaeb40a76c5afab75a702f7630f0cd6495f5a38cc8d65cd326f6649103c204649cd5fb54c9ca07096b0400ebfb1f16d76f832ea02ed07d5e8f70364
|
data/.travis.yml
ADDED
data/Gemfile
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
# -*- ruby -*-
|
2
|
+
|
3
|
+
# DO NOT EDIT THIS FILE. Instead, edit Rakefile, and run `rake bundler:gemfile`.
|
4
|
+
|
5
|
+
source "https://rubygems.org/"
|
6
|
+
|
7
|
+
|
8
|
+
gem "yard", ">=0.6", :group => [:development, :test]
|
9
|
+
gem "rake-compiler", "~>1.0", :group => [:development, :test]
|
10
|
+
gem "rake-compiler-dock", "~>0.6.0", :group => [:development, :test]
|
11
|
+
gem "minitest", "~>5.7", :group => [:development, :test]
|
12
|
+
gem "hoe-bundler", "~>1.0", :group => [:development, :test]
|
13
|
+
gem "rdoc", "~>4.0", :group => [:development, :test]
|
14
|
+
gem "hoe", "~>3.16", :group => [:development, :test]
|
15
|
+
|
16
|
+
# vim: syntax=ruby
|
data/History.txt
CHANGED
data/README.rdoc
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
{<img src="https://travis-ci.org/larskanis/pkcs11.png?branch=master" alt="Build Status" />}[https://travis-ci.org/larskanis/pkcs11]
|
2
|
+
{<img src="https://ci.appveyor.com/api/projects/status/8m7ugl1ogijw1c8c?svg=true" alt="Build Status" />}[https://ci.appveyor.com/project/larskanis/pkcs11]
|
2
3
|
|
3
4
|
= PKCS #11/Ruby Interface
|
4
5
|
|
@@ -8,35 +9,29 @@
|
|
8
9
|
This module allows Ruby programs to interface with "RSA Security Inc.
|
9
10
|
PKCS #11 Cryptographic Token Interface (Cryptoki)".
|
10
11
|
PKCS #11 is the de-facto standard to access cryptographic devices.
|
11
|
-
You must have a PKCS #11 v2.
|
12
|
-
order to use this module. Tested implementations of PKCS#11 librarys
|
13
|
-
include:
|
12
|
+
You must have a PKCS #11 v2.x implementation library installed in order to use this module. Tested implementations of PKCS#11 librarys include:
|
14
13
|
* OpenSC[http://www.opensc-project.org] supported Smart Cards
|
15
|
-
* Safenet[http://www.safenet-inc.com] - Protect Server HSMs
|
14
|
+
* Safenet[http://www.safenet-inc.com] - Protect Server and Luna HSMs
|
16
15
|
* Mozilla_Soft_Token[https://developer.mozilla.org/en/PKCS11] which comes with every firefox installation
|
17
16
|
|
18
|
-
This module works on
|
17
|
+
This module works on Unix like operating systems and on Windows.
|
19
18
|
|
20
19
|
== Installation
|
21
20
|
|
22
|
-
gem install pkcs11
|
21
|
+
$ gem install pkcs11
|
23
22
|
|
24
|
-
This installs the PKCS#11 extension either by compiling (Unix) or by using the precompiled gem for
|
23
|
+
This installs the PKCS#11 extension either by compiling (Unix) or by using the precompiled gem for Windows.
|
25
24
|
|
26
25
|
== Usage
|
27
26
|
Cryptoki has a reputation to be complicated to implement and use.
|
28
27
|
While this seems to be true for C, it shouldn't for Ruby.
|
29
28
|
|
30
|
-
* {PKCS11.open} opens a PKCS#11 Unix *.so file or Windows-DLL with a suitable PKCS #11 implementation
|
31
|
-
and returns a {PKCS11::Library}.
|
29
|
+
* {PKCS11.open} opens a PKCS#11 Unix *.so file or Windows-DLL with a suitable PKCS #11 implementation and returns a {PKCS11::Library}.
|
32
30
|
* {PKCS11::Library#slots} returns a list of {PKCS11::Slot} for all slots accessable by the library.
|
33
|
-
* {PKCS11::Slot#open} opens a {PKCS11::Session} which is used for object handling
|
34
|
-
and cryptographic operations.
|
31
|
+
* {PKCS11::Slot#open} opens a {PKCS11::Session} which is used for object handling and cryptographic operations.
|
35
32
|
* {PKCS11::Object} represents a key, data or certificate object.
|
36
|
-
* all constants defined in PKCS#11 v2.
|
37
|
-
|
38
|
-
* also all PKCS#11 v2.20 structs are available in the module {PKCS11} as proper ruby classes
|
39
|
-
({PKCS11::CK_VERSION}, {PKCS11::CK_OTP_PARAMS} etc.)
|
33
|
+
* all constants defined in PKCS#11 v2.40 are available in the module {PKCS11} and contain the associated Integer value (CKA_KEY_TYPE, CKK_AES, CKM_SHA_1 etc.)
|
34
|
+
* also all PKCS#11 v2.40 structs are available in the module {PKCS11} as proper ruby classes ({PKCS11::CK_VERSION}, {PKCS11::CK_OTP_PARAMS} etc.)
|
40
35
|
|
41
36
|
=== Example
|
42
37
|
require "rubygems"
|
@@ -54,71 +49,56 @@ While this seems to be true for C, it shouldn't for Ruby.
|
|
54
49
|
end
|
55
50
|
|
56
51
|
This opens a {PKCS11::Library PKCS#11 library} and prints it's {PKCS11::CK_INFO information block}.
|
57
|
-
Then a {PKCS11::Session} to the first {PKCS11::Library#active_slots active slot} of the device is opened and
|
58
|
-
|
59
|
-
|
60
|
-
can be Integer (like PKCS11::CKA_LABEL) or, as in the sample, Symbol (:LABEL) which is internally
|
61
|
-
converted.
|
52
|
+
Then a {PKCS11::Session} to the first {PKCS11::Library#active_slots active slot} of the device is opened and a {PKCS11::Session#login login} is done on the user account.
|
53
|
+
Now, a 112 bit DES3 {PKCS11::Object key object} is generated and some plaintext is {PKCS11::Session#encrypt encrypted} with it.
|
54
|
+
A 8-byte zero IV is used.
|
55
|
+
In many cases method parameters can be Integer (like PKCS11::CKA_LABEL) or, as in the sample, Symbol (:LABEL) which is internally converted.
|
62
56
|
|
63
|
-
Many more usage examples can be found in the unit tests of the <tt>test</tt>
|
64
|
-
directory of the project or gem.
|
57
|
+
Many more usage examples can be found in the unit tests of the <tt>test</tt> directory of the project or gem.
|
65
58
|
|
66
|
-
Detail information for the API specification is provided by
|
67
|
-
Please refer the URL:
|
68
|
-
|
59
|
+
Detail information for the API specification is provided by the OASIS PKCS 11 Technical Committee.
|
60
|
+
Please refer the URL: https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=pkcs11
|
61
|
+
|
62
|
+
Browsable HTML can be found at http://www.cryptsoft.com/pkcs11doc.
|
69
63
|
|
70
64
|
=== Vendor extensions
|
71
65
|
Some vendors extend their libraries beyond the standard, in it's own way.
|
72
66
|
This can be used by vendor specific packages:
|
73
67
|
* Safenet ProtectServer: {file:pkcs11_protect_server/README_PROTECT_SERVER.rdoc}
|
68
|
+
* Safenet Luna: {file:pkcs11_luna/README_LUNA.rdoc}
|
74
69
|
|
75
70
|
=== Threading
|
76
71
|
|
77
72
|
The pkcs11 binding fully supports native, background Ruby threads.
|
78
|
-
This of course only applies to Rubinius and Ruby 1.9
|
79
|
-
earlier versions of Ruby do not support native threads.
|
80
|
-
|
81
|
-
According to the standard, calling the Cryptoki library from multiple threads simultaneously,
|
82
|
-
requires to open it with flag PKCS11::CKF_OS_LOCKING_OK.
|
83
|
-
Application-supplied synchronization primitives
|
84
|
-
(CreateMutex, DestroyMutex, LockMutex, UnlockMutex) are not supported.
|
85
|
-
|
86
|
-
|
87
|
-
== Cross compiling for Windows
|
88
|
-
|
89
|
-
Using rake-compiler a cross compiled pkcs11-gem can be build on a linux host for
|
90
|
-
the win32 platform. There are no runtime dependencies to any but the standard Windows DLLs.
|
91
|
-
|
92
|
-
Install mingw32. On a debian based system this should work:
|
93
|
-
|
94
|
-
apt-get install mingw32
|
73
|
+
This of course only applies to Rubinius and Ruby 1.9 or higher since earlier versions of Ruby do not support native threads.
|
95
74
|
|
96
|
-
|
75
|
+
According to the standard, calling the Cryptoki library from multiple threads simultaneously, requires to open it with flag PKCS11::CKF_OS_LOCKING_OK.
|
76
|
+
Application-supplied synchronization primitives (CreateMutex, DestroyMutex, LockMutex, UnlockMutex) are not supported.
|
97
77
|
|
98
|
-
port install i386-mingw32-gcc
|
99
78
|
|
100
|
-
|
79
|
+
== Compiling for Windows
|
101
80
|
|
102
|
-
|
81
|
+
The pkcs11 source gem can be built on Windows (with help of the RubyInstaller's DevKit[http://rubyinstaller.org/add-ons/devkit/] ) .
|
82
|
+
Use
|
103
83
|
|
104
|
-
|
84
|
+
$ gem install pkcs11 --platform=ruby
|
105
85
|
|
106
|
-
|
107
|
-
|
86
|
+
for installation.
|
87
|
+
In addition precompiled binary Windows gems are provided for convenience.
|
88
|
+
They are installed by default on Windows.
|
108
89
|
|
109
|
-
|
90
|
+
The binary Windows gems can be compiled per rake-compiler-dock[https://github.com/rake-compiler/rake-compiler-dock] :
|
110
91
|
|
111
|
-
|
92
|
+
$ rake gem:windows
|
112
93
|
|
113
|
-
If everything works, there should be pkcs11-VERSION-
|
114
|
-
directory.
|
94
|
+
If everything works, there should be some files kind of pkcs11-VERSION-ARCH-mingw32.gem in the pkg directory for installation.
|
115
95
|
|
116
96
|
|
117
97
|
== ToDo
|
118
98
|
|
119
|
-
* encoding support for Ruby 1.9
|
120
|
-
* support for proprietary extensions of
|
121
|
-
* PKCS#11 v2.
|
99
|
+
* encoding support for Ruby 1.9+
|
100
|
+
* support for proprietary extensions of other vendors
|
101
|
+
* full support for PKCS#11 v2.40
|
122
102
|
|
123
103
|
== Development Status
|
124
104
|
|
@@ -200,6 +180,7 @@ Otherwise it is considered as a bug in the binding.
|
|
200
180
|
* Ryosuke Kutsuna <ryosuke@deer-n-horse.jp>
|
201
181
|
* GOTOU Yuuzou <gotoyuzo@notwork.org>
|
202
182
|
* Lars Kanis <kanis@comcard.de>
|
183
|
+
* Jonathan Patchell <jonathan.patchell@safenet-inc.com>
|
203
184
|
|
204
185
|
== Copying
|
205
186
|
See MIT-LICENSE included in the package.
|
data/Rakefile
CHANGED
@@ -19,12 +19,20 @@ CLEAN.include GENERATED_FILES
|
|
19
19
|
CLEAN.include 'lib/pkcs11_ext.so'
|
20
20
|
CLEAN.include 'tmp'
|
21
21
|
|
22
|
+
Hoe.plugin :bundler
|
23
|
+
|
24
|
+
# Build a Manifest file to satisfy hoe.
|
25
|
+
IO.write("Manifest.txt", `git ls-files`)
|
26
|
+
|
22
27
|
hoe = Hoe.spec 'pkcs11' do
|
23
28
|
developer('Ryosuke Kutsuna', 'ryosuke@deer-n-horse.jp')
|
24
29
|
developer('GOTOU Yuuzou', 'gotoyuzo@notwork.org')
|
25
30
|
developer('Lars Kanis', 'kanis@comcard.de')
|
26
31
|
extra_dev_deps << ['yard', '>= 0.6']
|
27
|
-
extra_dev_deps << ['rake-compiler', '
|
32
|
+
extra_dev_deps << ['rake-compiler', '~> 1.0']
|
33
|
+
extra_dev_deps << ['rake-compiler-dock', '~> 0.6.0']
|
34
|
+
extra_dev_deps << ['minitest', '~> 5.7']
|
35
|
+
extra_dev_deps << ['hoe-bundler', '~> 1.0']
|
28
36
|
|
29
37
|
self.urls = ['http://github.com/larskanis/pkcs11']
|
30
38
|
self.summary = 'PKCS#11 binding for Ruby'
|
@@ -33,18 +41,16 @@ hoe = Hoe.spec 'pkcs11' do
|
|
33
41
|
self.readme_file = 'README.rdoc'
|
34
42
|
self.extra_rdoc_files << self.readme_file << 'ext/pk11.c'
|
35
43
|
spec_extras[:extensions] = 'ext/extconf.rb'
|
36
|
-
spec_extras[:files] =
|
44
|
+
spec_extras[:files] = `git ls-files`.split("\n").reject{|f| f=~/^pkcs11_/ }
|
37
45
|
spec_extras[:files] += GENERATED_FILES
|
38
46
|
spec_extras[:has_rdoc] = 'yard'
|
39
|
-
self.rdoc_locations << "
|
47
|
+
self.rdoc_locations << "http://www.rubydoc.info/gems/pkcs11"
|
40
48
|
end
|
41
49
|
|
42
|
-
ENV['RUBY_CC_VERSION'] ||= '1.8.7:1.9.3:2.0.0:2.1.1:2.2.0'
|
43
|
-
|
44
50
|
Rake::ExtensionTask.new('pkcs11_ext', hoe.spec) do |ext|
|
45
51
|
ext.ext_dir = 'ext'
|
46
52
|
ext.cross_compile = true # enable cross compilation (requires cross compile toolchain)
|
47
|
-
ext.cross_platform = ['
|
53
|
+
ext.cross_platform = ['x86-mingw32', 'x64-mingw32', 'x86-linux', 'x86_64-linux']
|
48
54
|
end
|
49
55
|
|
50
56
|
file 'ext/extconf.rb' => ['ext/pk11_struct_def.inc', 'ext/pk11_thread_funcs.c']
|
@@ -77,8 +83,16 @@ ENV['RUBY_CC_VERSION'].to_s.split(':').each do |ruby_version|
|
|
77
83
|
end
|
78
84
|
end
|
79
85
|
|
86
|
+
desc "Build windows and Linux binary gems per rake-compiler-dock."
|
87
|
+
task "gem:native" do
|
88
|
+
require "rake_compiler_dock"
|
89
|
+
RakeCompilerDock.sh <<-EOT
|
90
|
+
rake cross native gem MAKE='nice make -j`nproc`'
|
91
|
+
EOT
|
92
|
+
end
|
93
|
+
|
80
94
|
task :docs_of_vendor_extensions do
|
81
|
-
Dir['
|
95
|
+
Dir['pkcs11_luna', 'pkcs11_protect_server'].each do |dir|
|
82
96
|
chdir(dir) do
|
83
97
|
sh "rake doc_files"
|
84
98
|
end
|
@@ -87,7 +101,8 @@ end
|
|
87
101
|
|
88
102
|
desc "Generate static HTML documentation with YARD"
|
89
103
|
task :yardoc=>['ext/pk11_struct.doc', :docs_of_vendor_extensions] do
|
90
|
-
|
104
|
+
luna_docs = "pkcs11_luna/lib/**/*.rb pkcs11_luna/ext/*.c pkcs11_luna/ext/*.doc"
|
105
|
+
sh "yardoc --title \"PKCS#11/Ruby Interface\" --no-private lib/**/*.rb ext/*.c ext/*.doc pkcs11_protect_server/lib/**/*.rb pkcs11_protect_server/ext/*.c pkcs11_protect_server/ext/*.doc #{luna_docs} - pkcs11_protect_server/README_PROTECT_SERVER.rdoc pkcs11_luna/README_LUNA.rdoc"
|
91
106
|
end
|
92
107
|
|
93
108
|
desc "Publish YARD to wherever you want."
|
data/appveyor.yml
ADDED
@@ -0,0 +1,38 @@
|
|
1
|
+
install:
|
2
|
+
- SET PATH=C:\Ruby%ruby_version%\bin;%PATH%
|
3
|
+
- SET PATH=C:\MinGW\msys\1.0\bin;%PATH%
|
4
|
+
- SET RAKEOPT=-rdevkit
|
5
|
+
- ruby --version
|
6
|
+
- gem --version
|
7
|
+
- bundle install
|
8
|
+
|
9
|
+
# When running ruby-x86, we make use of the softokn3.dll that is part of the
|
10
|
+
# pre-installed firefox. The test helper will find it automatically.
|
11
|
+
# When running ruby-x64, we equally need a 64 bit softokn3.dll to test against.
|
12
|
+
# However it is not part of any installed software on appveyor, nor is it
|
13
|
+
# officially released as a windows binary, so we download and install a 64 bit
|
14
|
+
# firefox version and use it's softokn3.dll.
|
15
|
+
- ps: |
|
16
|
+
if ($env:isx64 -eq "1")
|
17
|
+
{
|
18
|
+
$(new-object net.webclient).DownloadFile('http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/40.0b4/win64/en-US/Firefox%20Setup%2040.0b4.exe', 'C:\firefox-setup.exe')
|
19
|
+
cmd /c C:\firefox-setup.exe -ms
|
20
|
+
$env:SOFTOKN_PATH = 'C:\Program Files\Mozilla Firefox\softokn3.dll'
|
21
|
+
$env:PATH = 'C:\Program Files\Mozilla Firefox;' + $env:PATH
|
22
|
+
}
|
23
|
+
|
24
|
+
build: off
|
25
|
+
|
26
|
+
test_script:
|
27
|
+
- bundle exec rake compile test gem
|
28
|
+
|
29
|
+
environment:
|
30
|
+
matrix:
|
31
|
+
- ruby_version: "193"
|
32
|
+
#- ruby_version: "200"
|
33
|
+
#- ruby_version: "200-x64"
|
34
|
+
#- ruby_version: "21"
|
35
|
+
#- ruby_version: "21-x64"
|
36
|
+
- ruby_version: "22"
|
37
|
+
- ruby_version: "22-x64"
|
38
|
+
isx64: "1"
|
data/ext/include/pkcs11.h
CHANGED
@@ -1,299 +1,287 @@
|
|
1
|
-
/*
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
*
|
16
|
-
*
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
*
|
28
|
-
*
|
29
|
-
*
|
30
|
-
*
|
31
|
-
*
|
32
|
-
*
|
33
|
-
*
|
34
|
-
*
|
35
|
-
*
|
36
|
-
*
|
37
|
-
*
|
38
|
-
*
|
39
|
-
*
|
40
|
-
*
|
41
|
-
*
|
42
|
-
*
|
43
|
-
* #pragma pack(
|
44
|
-
*
|
45
|
-
*
|
46
|
-
*
|
47
|
-
*
|
48
|
-
*
|
49
|
-
*
|
50
|
-
*
|
51
|
-
*
|
52
|
-
*
|
53
|
-
*
|
54
|
-
*
|
55
|
-
*
|
56
|
-
*
|
57
|
-
*
|
58
|
-
*
|
59
|
-
*
|
60
|
-
*
|
61
|
-
*
|
62
|
-
*
|
63
|
-
*
|
64
|
-
*
|
65
|
-
*
|
66
|
-
*
|
67
|
-
*
|
68
|
-
*
|
69
|
-
*
|
70
|
-
*
|
71
|
-
*
|
72
|
-
*
|
73
|
-
*
|
74
|
-
*
|
75
|
-
*
|
76
|
-
*
|
77
|
-
*
|
78
|
-
*
|
79
|
-
*
|
80
|
-
*
|
81
|
-
*
|
82
|
-
*
|
83
|
-
*
|
84
|
-
*
|
85
|
-
*
|
86
|
-
*
|
87
|
-
*
|
88
|
-
*
|
89
|
-
*
|
90
|
-
*
|
91
|
-
*
|
92
|
-
*
|
93
|
-
*
|
94
|
-
*
|
95
|
-
*
|
96
|
-
*
|
97
|
-
*
|
98
|
-
*
|
99
|
-
*
|
100
|
-
* #define CK_DEFINE_FUNCTION(returnType, name) \
|
101
|
-
* returnType
|
102
|
-
*
|
103
|
-
*
|
104
|
-
*
|
105
|
-
*
|
106
|
-
*
|
107
|
-
*
|
108
|
-
*
|
109
|
-
*
|
110
|
-
*
|
111
|
-
*
|
112
|
-
*
|
113
|
-
*
|
114
|
-
*
|
115
|
-
*
|
116
|
-
*
|
117
|
-
*
|
118
|
-
*
|
119
|
-
*
|
120
|
-
*
|
121
|
-
*
|
122
|
-
*
|
123
|
-
* )
|
124
|
-
*
|
125
|
-
*
|
126
|
-
*
|
127
|
-
*
|
128
|
-
* #define CK_DECLARE_FUNCTION(returnType, name) \
|
129
|
-
* returnType
|
130
|
-
*
|
131
|
-
*
|
132
|
-
*
|
133
|
-
*
|
134
|
-
*
|
135
|
-
*
|
136
|
-
*
|
137
|
-
*
|
138
|
-
*
|
139
|
-
*
|
140
|
-
*
|
141
|
-
*
|
142
|
-
*
|
143
|
-
*
|
144
|
-
*
|
145
|
-
*
|
146
|
-
*
|
147
|
-
*
|
148
|
-
*
|
149
|
-
*
|
150
|
-
*
|
151
|
-
*
|
152
|
-
*
|
153
|
-
*
|
154
|
-
*
|
155
|
-
*
|
156
|
-
*
|
157
|
-
*
|
158
|
-
*
|
159
|
-
*
|
160
|
-
*
|
161
|
-
*
|
162
|
-
*
|
163
|
-
*
|
164
|
-
*
|
165
|
-
* #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
|
166
|
-
* returnType
|
167
|
-
*
|
168
|
-
*
|
169
|
-
*
|
170
|
-
*
|
171
|
-
*
|
172
|
-
*
|
173
|
-
*
|
174
|
-
*
|
175
|
-
*
|
176
|
-
*
|
177
|
-
*
|
178
|
-
*
|
179
|
-
*
|
180
|
-
*
|
181
|
-
*
|
182
|
-
*
|
183
|
-
*
|
184
|
-
*
|
185
|
-
*
|
186
|
-
* CK_CALLBACK_FUNCTION(
|
187
|
-
*
|
188
|
-
*
|
189
|
-
*
|
190
|
-
* be
|
191
|
-
*
|
192
|
-
*
|
193
|
-
*
|
194
|
-
*
|
195
|
-
*
|
196
|
-
*
|
197
|
-
*
|
198
|
-
*
|
199
|
-
*
|
200
|
-
*
|
201
|
-
*
|
202
|
-
*
|
203
|
-
*
|
204
|
-
*
|
205
|
-
*
|
206
|
-
*
|
207
|
-
*
|
208
|
-
*
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
*
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
*
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
#
|
245
|
-
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
|
252
|
-
|
253
|
-
|
254
|
-
|
255
|
-
|
256
|
-
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
*
|
261
|
-
|
262
|
-
|
263
|
-
|
264
|
-
#
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
*
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
|
283
|
-
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
};
|
289
|
-
|
290
|
-
#undef CK_PKCS11_FUNCTION_INFO
|
291
|
-
|
292
|
-
|
293
|
-
#undef __PASTE
|
294
|
-
|
295
|
-
#ifdef __cplusplus
|
296
|
-
}
|
297
|
-
#endif
|
298
|
-
|
299
|
-
#endif
|
1
|
+
/*
|
2
|
+
* Copyright (C) OASIS Open 2014. All rights reserved.
|
3
|
+
* OASIS trademark, IPR and other policies apply.
|
4
|
+
* http://www.oasis-open.org/policies-guidelines/ipr
|
5
|
+
*/
|
6
|
+
|
7
|
+
#ifndef _PKCS11_H_
|
8
|
+
#define _PKCS11_H_ 1
|
9
|
+
|
10
|
+
#ifdef __cplusplus
|
11
|
+
extern "C" {
|
12
|
+
#endif
|
13
|
+
|
14
|
+
/* Before including this file (pkcs11.h) (or pkcs11t.h by
|
15
|
+
* itself), 6 platform-specific macros must be defined. These
|
16
|
+
* macros are described below, and typical definitions for them
|
17
|
+
* are also given. Be advised that these definitions can depend
|
18
|
+
* on both the platform and the compiler used (and possibly also
|
19
|
+
* on whether a Cryptoki library is linked statically or
|
20
|
+
* dynamically).
|
21
|
+
*
|
22
|
+
* In addition to defining these 6 macros, the packing convention
|
23
|
+
* for Cryptoki structures should be set. The Cryptoki
|
24
|
+
* convention on packing is that structures should be 1-byte
|
25
|
+
* aligned.
|
26
|
+
*
|
27
|
+
* If you're using Microsoft Developer Studio 5.0 to produce
|
28
|
+
* Win32 stuff, this might be done by using the following
|
29
|
+
* preprocessor directive before including pkcs11.h or pkcs11t.h:
|
30
|
+
*
|
31
|
+
* #pragma pack(push, cryptoki, 1)
|
32
|
+
*
|
33
|
+
* and using the following preprocessor directive after including
|
34
|
+
* pkcs11.h or pkcs11t.h:
|
35
|
+
*
|
36
|
+
* #pragma pack(pop, cryptoki)
|
37
|
+
*
|
38
|
+
* If you're using an earlier version of Microsoft Developer
|
39
|
+
* Studio to produce Win16 stuff, this might be done by using
|
40
|
+
* the following preprocessor directive before including
|
41
|
+
* pkcs11.h or pkcs11t.h:
|
42
|
+
*
|
43
|
+
* #pragma pack(1)
|
44
|
+
*
|
45
|
+
* In a UNIX environment, you're on your own for this. You might
|
46
|
+
* not need to do (or be able to do!) anything.
|
47
|
+
*
|
48
|
+
*
|
49
|
+
* Now for the macros:
|
50
|
+
*
|
51
|
+
*
|
52
|
+
* 1. CK_PTR: The indirection string for making a pointer to an
|
53
|
+
* object. It can be used like this:
|
54
|
+
*
|
55
|
+
* typedef CK_BYTE CK_PTR CK_BYTE_PTR;
|
56
|
+
*
|
57
|
+
* If you're using Microsoft Developer Studio 5.0 to produce
|
58
|
+
* Win32 stuff, it might be defined by:
|
59
|
+
*
|
60
|
+
* #define CK_PTR *
|
61
|
+
*
|
62
|
+
* If you're using an earlier version of Microsoft Developer
|
63
|
+
* Studio to produce Win16 stuff, it might be defined by:
|
64
|
+
*
|
65
|
+
* #define CK_PTR far *
|
66
|
+
*
|
67
|
+
* In a typical UNIX environment, it might be defined by:
|
68
|
+
*
|
69
|
+
* #define CK_PTR *
|
70
|
+
*
|
71
|
+
*
|
72
|
+
* 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes
|
73
|
+
* an exportable Cryptoki library function definition out of a
|
74
|
+
* return type and a function name. It should be used in the
|
75
|
+
* following fashion to define the exposed Cryptoki functions in
|
76
|
+
* a Cryptoki library:
|
77
|
+
*
|
78
|
+
* CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
|
79
|
+
* CK_VOID_PTR pReserved
|
80
|
+
* )
|
81
|
+
* {
|
82
|
+
* ...
|
83
|
+
* }
|
84
|
+
*
|
85
|
+
* If you're using Microsoft Developer Studio 5.0 to define a
|
86
|
+
* function in a Win32 Cryptoki .dll, it might be defined by:
|
87
|
+
*
|
88
|
+
* #define CK_DEFINE_FUNCTION(returnType, name) \
|
89
|
+
* returnType __declspec(dllexport) name
|
90
|
+
*
|
91
|
+
* If you're using an earlier version of Microsoft Developer
|
92
|
+
* Studio to define a function in a Win16 Cryptoki .dll, it
|
93
|
+
* might be defined by:
|
94
|
+
*
|
95
|
+
* #define CK_DEFINE_FUNCTION(returnType, name) \
|
96
|
+
* returnType __export _far _pascal name
|
97
|
+
*
|
98
|
+
* In a UNIX environment, it might be defined by:
|
99
|
+
*
|
100
|
+
* #define CK_DEFINE_FUNCTION(returnType, name) \
|
101
|
+
* returnType name
|
102
|
+
*
|
103
|
+
*
|
104
|
+
* 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes
|
105
|
+
* an importable Cryptoki library function declaration out of a
|
106
|
+
* return type and a function name. It should be used in the
|
107
|
+
* following fashion:
|
108
|
+
*
|
109
|
+
* extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)(
|
110
|
+
* CK_VOID_PTR pReserved
|
111
|
+
* );
|
112
|
+
*
|
113
|
+
* If you're using Microsoft Developer Studio 5.0 to declare a
|
114
|
+
* function in a Win32 Cryptoki .dll, it might be defined by:
|
115
|
+
*
|
116
|
+
* #define CK_DECLARE_FUNCTION(returnType, name) \
|
117
|
+
* returnType __declspec(dllimport) name
|
118
|
+
*
|
119
|
+
* If you're using an earlier version of Microsoft Developer
|
120
|
+
* Studio to declare a function in a Win16 Cryptoki .dll, it
|
121
|
+
* might be defined by:
|
122
|
+
*
|
123
|
+
* #define CK_DECLARE_FUNCTION(returnType, name) \
|
124
|
+
* returnType __export _far _pascal name
|
125
|
+
*
|
126
|
+
* In a UNIX environment, it might be defined by:
|
127
|
+
*
|
128
|
+
* #define CK_DECLARE_FUNCTION(returnType, name) \
|
129
|
+
* returnType name
|
130
|
+
*
|
131
|
+
*
|
132
|
+
* 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro
|
133
|
+
* which makes a Cryptoki API function pointer declaration or
|
134
|
+
* function pointer type declaration out of a return type and a
|
135
|
+
* function name. It should be used in the following fashion:
|
136
|
+
*
|
137
|
+
* // Define funcPtr to be a pointer to a Cryptoki API function
|
138
|
+
* // taking arguments args and returning CK_RV.
|
139
|
+
* CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args);
|
140
|
+
*
|
141
|
+
* or
|
142
|
+
*
|
143
|
+
* // Define funcPtrType to be the type of a pointer to a
|
144
|
+
* // Cryptoki API function taking arguments args and returning
|
145
|
+
* // CK_RV, and then define funcPtr to be a variable of type
|
146
|
+
* // funcPtrType.
|
147
|
+
* typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args);
|
148
|
+
* funcPtrType funcPtr;
|
149
|
+
*
|
150
|
+
* If you're using Microsoft Developer Studio 5.0 to access
|
151
|
+
* functions in a Win32 Cryptoki .dll, in might be defined by:
|
152
|
+
*
|
153
|
+
* #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
|
154
|
+
* returnType __declspec(dllimport) (* name)
|
155
|
+
*
|
156
|
+
* If you're using an earlier version of Microsoft Developer
|
157
|
+
* Studio to access functions in a Win16 Cryptoki .dll, it might
|
158
|
+
* be defined by:
|
159
|
+
*
|
160
|
+
* #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
|
161
|
+
* returnType __export _far _pascal (* name)
|
162
|
+
*
|
163
|
+
* In a UNIX environment, it might be defined by:
|
164
|
+
*
|
165
|
+
* #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
|
166
|
+
* returnType (* name)
|
167
|
+
*
|
168
|
+
*
|
169
|
+
* 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes
|
170
|
+
* a function pointer type for an application callback out of
|
171
|
+
* a return type for the callback and a name for the callback.
|
172
|
+
* It should be used in the following fashion:
|
173
|
+
*
|
174
|
+
* CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args);
|
175
|
+
*
|
176
|
+
* to declare a function pointer, myCallback, to a callback
|
177
|
+
* which takes arguments args and returns a CK_RV. It can also
|
178
|
+
* be used like this:
|
179
|
+
*
|
180
|
+
* typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args);
|
181
|
+
* myCallbackType myCallback;
|
182
|
+
*
|
183
|
+
* If you're using Microsoft Developer Studio 5.0 to do Win32
|
184
|
+
* Cryptoki development, it might be defined by:
|
185
|
+
*
|
186
|
+
* #define CK_CALLBACK_FUNCTION(returnType, name) \
|
187
|
+
* returnType (* name)
|
188
|
+
*
|
189
|
+
* If you're using an earlier version of Microsoft Developer
|
190
|
+
* Studio to do Win16 development, it might be defined by:
|
191
|
+
*
|
192
|
+
* #define CK_CALLBACK_FUNCTION(returnType, name) \
|
193
|
+
* returnType _far _pascal (* name)
|
194
|
+
*
|
195
|
+
* In a UNIX environment, it might be defined by:
|
196
|
+
*
|
197
|
+
* #define CK_CALLBACK_FUNCTION(returnType, name) \
|
198
|
+
* returnType (* name)
|
199
|
+
*
|
200
|
+
*
|
201
|
+
* 6. NULL_PTR: This macro is the value of a NULL pointer.
|
202
|
+
*
|
203
|
+
* In any ANSI/ISO C environment (and in many others as well),
|
204
|
+
* this should best be defined by
|
205
|
+
*
|
206
|
+
* #ifndef NULL_PTR
|
207
|
+
* #define NULL_PTR 0
|
208
|
+
* #endif
|
209
|
+
*/
|
210
|
+
|
211
|
+
|
212
|
+
/* All the various Cryptoki types and #define'd values are in the
|
213
|
+
* file pkcs11t.h. */
|
214
|
+
#include "pkcs11t.h"
|
215
|
+
|
216
|
+
#define __PASTE(x,y) x##y
|
217
|
+
|
218
|
+
|
219
|
+
/* ==============================================================
|
220
|
+
* Define the "extern" form of all the entry points.
|
221
|
+
* ==============================================================
|
222
|
+
*/
|
223
|
+
|
224
|
+
#define CK_NEED_ARG_LIST 1
|
225
|
+
#define CK_PKCS11_FUNCTION_INFO(name) \
|
226
|
+
extern CK_DECLARE_FUNCTION(CK_RV, name)
|
227
|
+
|
228
|
+
/* pkcs11f.h has all the information about the Cryptoki
|
229
|
+
* function prototypes. */
|
230
|
+
#include "pkcs11f.h"
|
231
|
+
|
232
|
+
#undef CK_NEED_ARG_LIST
|
233
|
+
#undef CK_PKCS11_FUNCTION_INFO
|
234
|
+
|
235
|
+
|
236
|
+
/* ==============================================================
|
237
|
+
* Define the typedef form of all the entry points. That is, for
|
238
|
+
* each Cryptoki function C_XXX, define a type CK_C_XXX which is
|
239
|
+
* a pointer to that kind of function.
|
240
|
+
* ==============================================================
|
241
|
+
*/
|
242
|
+
|
243
|
+
#define CK_NEED_ARG_LIST 1
|
244
|
+
#define CK_PKCS11_FUNCTION_INFO(name) \
|
245
|
+
typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name))
|
246
|
+
|
247
|
+
/* pkcs11f.h has all the information about the Cryptoki
|
248
|
+
* function prototypes. */
|
249
|
+
#include "pkcs11f.h"
|
250
|
+
|
251
|
+
#undef CK_NEED_ARG_LIST
|
252
|
+
#undef CK_PKCS11_FUNCTION_INFO
|
253
|
+
|
254
|
+
|
255
|
+
/* ==============================================================
|
256
|
+
* Define structed vector of entry points. A CK_FUNCTION_LIST
|
257
|
+
* contains a CK_VERSION indicating a library's Cryptoki version
|
258
|
+
* and then a whole slew of function pointers to the routines in
|
259
|
+
* the library. This type was declared, but not defined, in
|
260
|
+
* pkcs11t.h.
|
261
|
+
* ==============================================================
|
262
|
+
*/
|
263
|
+
|
264
|
+
#define CK_PKCS11_FUNCTION_INFO(name) \
|
265
|
+
__PASTE(CK_,name) name;
|
266
|
+
|
267
|
+
struct CK_FUNCTION_LIST {
|
268
|
+
|
269
|
+
CK_VERSION version; /* Cryptoki version */
|
270
|
+
|
271
|
+
/* Pile all the function pointers into the CK_FUNCTION_LIST. */
|
272
|
+
/* pkcs11f.h has all the information about the Cryptoki
|
273
|
+
* function prototypes. */
|
274
|
+
#include "pkcs11f.h"
|
275
|
+
|
276
|
+
};
|
277
|
+
|
278
|
+
#undef CK_PKCS11_FUNCTION_INFO
|
279
|
+
|
280
|
+
|
281
|
+
#undef __PASTE
|
282
|
+
|
283
|
+
#ifdef __cplusplus
|
284
|
+
}
|
285
|
+
#endif
|
286
|
+
|
287
|
+
#endif
|