Crypt-HSM
view release on metacpan or search on metacpan
lib/Crypt/HSM.xs view on Meta::CPAN
return item->value;
}
#define map_get(table, name, type) S_map_get(aTHX_ table, sizeof table / sizeof *table, name, type)
static const entry* S_map_reverse_find(pTHX_ const map table, size_t table_size, UV value) {
size_t i;
for (i = 0; i < table_size; ++i) {
if (table[i].value == value)
return &table[i];
}
return NULL;
}
#define map_reverse_find(table, value) S_map_reverse_find(aTHX_ table, sizeof table / sizeof *table, value)
static const map errors = {
{ STR_WITH_LEN("ok"), CKR_OK },
{ STR_WITH_LEN("cancel"), CKR_CANCEL },
{ STR_WITH_LEN("host memory"), CKR_HOST_MEMORY },
{ STR_WITH_LEN("slot id invalid"), CKR_SLOT_ID_INVALID },
{ STR_WITH_LEN("general error"), CKR_GENERAL_ERROR },
{ STR_WITH_LEN("function failed"), CKR_FUNCTION_FAILED },
{ STR_WITH_LEN("arguments bad"), CKR_ARGUMENTS_BAD },
{ STR_WITH_LEN("no event"), CKR_NO_EVENT },
{ STR_WITH_LEN("need to create threads"), CKR_NEED_TO_CREATE_THREADS },
{ STR_WITH_LEN("cant lock"), CKR_CANT_LOCK },
{ STR_WITH_LEN("attribute read only"), CKR_ATTRIBUTE_READ_ONLY },
{ STR_WITH_LEN("attribute sensitive"), CKR_ATTRIBUTE_SENSITIVE },
{ STR_WITH_LEN("attribute type invalid"), CKR_ATTRIBUTE_TYPE_INVALID },
{ STR_WITH_LEN("attribute value invalid"), CKR_ATTRIBUTE_VALUE_INVALID },
{ STR_WITH_LEN("action prohibited"), CKR_ACTION_PROHIBITED },
{ STR_WITH_LEN("data invalid"), CKR_DATA_INVALID },
{ STR_WITH_LEN("data len range"), CKR_DATA_LEN_RANGE },
{ STR_WITH_LEN("device error"), CKR_DEVICE_ERROR },
{ STR_WITH_LEN("device memory"), CKR_DEVICE_MEMORY },
{ STR_WITH_LEN("device removed"), CKR_DEVICE_REMOVED },
{ STR_WITH_LEN("encrypted data invalid"), CKR_ENCRYPTED_DATA_INVALID },
{ STR_WITH_LEN("encrypted data len range"), CKR_ENCRYPTED_DATA_LEN_RANGE },
{ STR_WITH_LEN("aead decrypt failed"), CKR_AEAD_DECRYPT_FAILED },
{ STR_WITH_LEN("function canceled"), CKR_FUNCTION_CANCELED },
{ STR_WITH_LEN("function not parallel"), CKR_FUNCTION_NOT_PARALLEL },
{ STR_WITH_LEN("function not supported"), CKR_FUNCTION_NOT_SUPPORTED },
{ STR_WITH_LEN("key handle invalid"), CKR_KEY_HANDLE_INVALID },
{ STR_WITH_LEN("key size range"), CKR_KEY_SIZE_RANGE },
{ STR_WITH_LEN("key type inconsistent"), CKR_KEY_TYPE_INCONSISTENT },
{ STR_WITH_LEN("key not needed"), CKR_KEY_NOT_NEEDED },
{ STR_WITH_LEN("key changed"), CKR_KEY_CHANGED },
{ STR_WITH_LEN("key needed"), CKR_KEY_NEEDED },
{ STR_WITH_LEN("key indigestible"), CKR_KEY_INDIGESTIBLE },
{ STR_WITH_LEN("key function not permitted"), CKR_KEY_FUNCTION_NOT_PERMITTED },
{ STR_WITH_LEN("key not wrappable"), CKR_KEY_NOT_WRAPPABLE },
{ STR_WITH_LEN("key unextractable"), CKR_KEY_UNEXTRACTABLE },
{ STR_WITH_LEN("mechanism invalid"), CKR_MECHANISM_INVALID },
{ STR_WITH_LEN("mechanism param invalid"), CKR_MECHANISM_PARAM_INVALID },
{ STR_WITH_LEN("object handle invalid"), CKR_OBJECT_HANDLE_INVALID },
{ STR_WITH_LEN("operation active"), CKR_OPERATION_ACTIVE },
{ STR_WITH_LEN("operation not initialized"), CKR_OPERATION_NOT_INITIALIZED },
{ STR_WITH_LEN("pin incorrect"), CKR_PIN_INCORRECT },
{ STR_WITH_LEN("pin invalid"), CKR_PIN_INVALID },
{ STR_WITH_LEN("pin len range"), CKR_PIN_LEN_RANGE },
{ STR_WITH_LEN("pin expired"), CKR_PIN_EXPIRED },
{ STR_WITH_LEN("pin locked"), CKR_PIN_LOCKED },
{ STR_WITH_LEN("session closed"), CKR_SESSION_CLOSED },
{ STR_WITH_LEN("session count"), CKR_SESSION_COUNT },
{ STR_WITH_LEN("session handle invalid"), CKR_SESSION_HANDLE_INVALID },
{ STR_WITH_LEN("session parallel not supported"), CKR_SESSION_PARALLEL_NOT_SUPPORTED },
{ STR_WITH_LEN("session read only"), CKR_SESSION_READ_ONLY },
{ STR_WITH_LEN("session exists"), CKR_SESSION_EXISTS },
{ STR_WITH_LEN("session read only exists"), CKR_SESSION_READ_ONLY_EXISTS },
{ STR_WITH_LEN("session read write so exists"), CKR_SESSION_READ_WRITE_SO_EXISTS },
{ STR_WITH_LEN("signature invalid"), CKR_SIGNATURE_INVALID },
{ STR_WITH_LEN("signature len range"), CKR_SIGNATURE_LEN_RANGE },
{ STR_WITH_LEN("template incomplete"), CKR_TEMPLATE_INCOMPLETE },
{ STR_WITH_LEN("template inconsistent"), CKR_TEMPLATE_INCONSISTENT },
{ STR_WITH_LEN("token not present"), CKR_TOKEN_NOT_PRESENT },
{ STR_WITH_LEN("token not recognized"), CKR_TOKEN_NOT_RECOGNIZED },
{ STR_WITH_LEN("token write protected"), CKR_TOKEN_WRITE_PROTECTED },
{ STR_WITH_LEN("unwrapping key handle invalid"), CKR_UNWRAPPING_KEY_HANDLE_INVALID },
{ STR_WITH_LEN("unwrapping key size range"), CKR_UNWRAPPING_KEY_SIZE_RANGE },
{ STR_WITH_LEN("unwrapping key type inconsistent"), CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT },
{ STR_WITH_LEN("user already logged in"), CKR_USER_ALREADY_LOGGED_IN },
{ STR_WITH_LEN("user not logged in"), CKR_USER_NOT_LOGGED_IN },
{ STR_WITH_LEN("user pin not initialized"), CKR_USER_PIN_NOT_INITIALIZED },
{ STR_WITH_LEN("user type invalid"), CKR_USER_TYPE_INVALID },
{ STR_WITH_LEN("user another already logged in"), CKR_USER_ANOTHER_ALREADY_LOGGED_IN },
{ STR_WITH_LEN("user too many types"), CKR_USER_TOO_MANY_TYPES },
{ STR_WITH_LEN("wrapped key invalid"), CKR_WRAPPED_KEY_INVALID },
{ STR_WITH_LEN("wrapped key len range"), CKR_WRAPPED_KEY_LEN_RANGE },
{ STR_WITH_LEN("wrapping key handle invalid"), CKR_WRAPPING_KEY_HANDLE_INVALID },
{ STR_WITH_LEN("wrapping key size range"), CKR_WRAPPING_KEY_SIZE_RANGE },
{ STR_WITH_LEN("wrapping key type inconsistent"), CKR_WRAPPING_KEY_TYPE_INCONSISTENT },
{ STR_WITH_LEN("random seed not supported"), CKR_RANDOM_SEED_NOT_SUPPORTED },
{ STR_WITH_LEN("random no rng"), CKR_RANDOM_NO_RNG },
{ STR_WITH_LEN("domain params invalid"), CKR_DOMAIN_PARAMS_INVALID },
{ STR_WITH_LEN("curve not supported"), CKR_CURVE_NOT_SUPPORTED },
{ STR_WITH_LEN("buffer too small"), CKR_BUFFER_TOO_SMALL },
{ STR_WITH_LEN("saved state invalid"), CKR_SAVED_STATE_INVALID },
{ STR_WITH_LEN("information sensitive"), CKR_INFORMATION_SENSITIVE },
{ STR_WITH_LEN("state unsaveable"), CKR_STATE_UNSAVEABLE },
{ STR_WITH_LEN("cryptoki not initialized"), CKR_CRYPTOKI_NOT_INITIALIZED },
{ STR_WITH_LEN("cryptoki already initialized"), CKR_CRYPTOKI_ALREADY_INITIALIZED },
{ STR_WITH_LEN("mutex bad"), CKR_MUTEX_BAD },
{ STR_WITH_LEN("mutex not locked"), CKR_MUTEX_NOT_LOCKED },
{ STR_WITH_LEN("new pin mode"), CKR_NEW_PIN_MODE },
{ STR_WITH_LEN("next otp"), CKR_NEXT_OTP },
{ STR_WITH_LEN("exceeded max iterations"), CKR_EXCEEDED_MAX_ITERATIONS },
{ STR_WITH_LEN("fips self test failed"), CKR_FIPS_SELF_TEST_FAILED },
{ STR_WITH_LEN("library load failed"), CKR_LIBRARY_LOAD_FAILED },
{ STR_WITH_LEN("pin too weak"), CKR_PIN_TOO_WEAK },
{ STR_WITH_LEN("public key invalid"), CKR_PUBLIC_KEY_INVALID },
{ STR_WITH_LEN("function rejected"), CKR_FUNCTION_REJECTED },
{ STR_WITH_LEN("token resource exceeded"), CKR_TOKEN_RESOURCE_EXCEEDED },
{ STR_WITH_LEN("operation cancel failed"), CKR_OPERATION_CANCEL_FAILED },
{ STR_WITH_LEN("key exhausted"), CKR_KEY_EXHAUSTED },
{ STR_WITH_LEN("pending"), CKR_PENDING },
{ STR_WITH_LEN("session async not supported"), CKR_SESSION_ASYNC_NOT_SUPPORTED },
{ STR_WITH_LEN("seed random required"), CKR_SEED_RANDOM_REQUIRED },
{ STR_WITH_LEN("operation not validated"), CKR_OPERATION_NOT_VALIDATED },
{ STR_WITH_LEN("token not initialized"), CKR_TOKEN_NOT_INITIALIZED },
{ STR_WITH_LEN("parameter set not supported"), CKR_PARAMETER_SET_NOT_SUPPORTED },
{ STR_WITH_LEN("vendor defined"), CKR_VENDOR_DEFINED },
};
static void S_croak_with(pTHX_ const char* message, CK_RV result) {
const entry* item = map_reverse_find(errors, result);
const char* reason = item ? item->key : "unknown";
croak("%s: %s", message, reason);
}
#define croak_with(message, result) S_croak_with(aTHX_ message, result)
static const map slot_flags = {
{ STR_WITH_LEN("token-present"), CKF_TOKEN_PRESENT },
{ STR_WITH_LEN("removable-device"), CKF_REMOVABLE_DEVICE },
{ STR_WITH_LEN("hw-slot"), CKF_HW_SLOT },
};
static const map token_flags = {
{ STR_WITH_LEN("rng"), CKF_RNG },
{ STR_WITH_LEN("write-protected"), CKF_WRITE_PROTECTED },
{ STR_WITH_LEN("login-required"), CKF_LOGIN_REQUIRED },
{ STR_WITH_LEN("user-pin-initialized"), CKF_USER_PIN_INITIALIZED },
{ STR_WITH_LEN("restore-key-not-needed"), CKF_RESTORE_KEY_NOT_NEEDED },
{ STR_WITH_LEN("clock-on-token"), CKF_CLOCK_ON_TOKEN },
{ STR_WITH_LEN("protected-authentication-path"), CKF_PROTECTED_AUTHENTICATION_PATH },
{ STR_WITH_LEN("dual-crypto-operations"), CKF_DUAL_CRYPTO_OPERATIONS },
{ STR_WITH_LEN("token-initialized"), CKF_TOKEN_INITIALIZED },
{ STR_WITH_LEN("secondary-authentication"), CKF_SECONDARY_AUTHENTICATION },
{ STR_WITH_LEN("user-pin-count-low"), CKF_USER_PIN_COUNT_LOW },
{ STR_WITH_LEN("user-pin-final-try"), CKF_USER_PIN_FINAL_TRY },
{ STR_WITH_LEN("user-pin-locked"), CKF_USER_PIN_LOCKED },
{ STR_WITH_LEN("user-pin-to-be-changed"), CKF_USER_PIN_TO_BE_CHANGED },
{ STR_WITH_LEN("so-pin-count-low"), CKF_SO_PIN_COUNT_LOW },
{ STR_WITH_LEN("so-pin-final-try"), CKF_SO_PIN_FINAL_TRY },
{ STR_WITH_LEN("so-pin-locked"), CKF_SO_PIN_LOCKED },
{ STR_WITH_LEN("so-pin-to-be-changed"), CKF_SO_PIN_TO_BE_CHANGED },
{ STR_WITH_LEN("error-state"), CKF_ERROR_STATE },
{ STR_WITH_LEN("seed-random-required"), CKF_SEED_RANDOM_REQUIRED },
{ STR_WITH_LEN("async-session-supported"), CKF_ASYNC_SESSION_SUPPORTED },
};
static const map session_flags = {
{ STR_WITH_LEN("rw-session"), CKF_RW_SESSION },
{ STR_WITH_LEN("serial-session"), CKF_SERIAL_SESSION },
{ STR_WITH_LEN("async-session"), CKF_ASYNC_SESSION },
};
static const map mechanism_flags = {
{ STR_WITH_LEN("hw"), CKF_HW },
{ STR_WITH_LEN("message-encrypt"), CKF_MESSAGE_ENCRYPT },
{ STR_WITH_LEN("message-decrypt"), CKF_MESSAGE_DECRYPT },
{ STR_WITH_LEN("message-sign"), CKF_MESSAGE_SIGN },
{ STR_WITH_LEN("message-verify"), CKF_MESSAGE_VERIFY },
{ STR_WITH_LEN("multi-message"), CKF_MULTI_MESSAGE },
{ STR_WITH_LEN("multi-messge"), CKF_MULTI_MESSGE },
{ STR_WITH_LEN("find-objects"), CKF_FIND_OBJECTS },
{ STR_WITH_LEN("encrypt"), CKF_ENCRYPT },
{ STR_WITH_LEN("decrypt"), CKF_DECRYPT },
{ STR_WITH_LEN("digest"), CKF_DIGEST },
{ STR_WITH_LEN("sign"), CKF_SIGN },
{ STR_WITH_LEN("sign-recover"), CKF_SIGN_RECOVER },
{ STR_WITH_LEN("verify"), CKF_VERIFY },
{ STR_WITH_LEN("verify-recover"), CKF_VERIFY_RECOVER },
{ STR_WITH_LEN("generate"), CKF_GENERATE },
{ STR_WITH_LEN("generate-key-pair"), CKF_GENERATE_KEY_PAIR },
{ STR_WITH_LEN("wrap"), CKF_WRAP },
{ STR_WITH_LEN("unwrap"), CKF_UNWRAP },
{ STR_WITH_LEN("derive"), CKF_DERIVE },
{ STR_WITH_LEN("ec-f-p"), CKF_EC_F_P },
{ STR_WITH_LEN("ec-f-2m"), CKF_EC_F_2M },
{ STR_WITH_LEN("ec-ecparameters"), CKF_EC_ECPARAMETERS },
{ STR_WITH_LEN("ec-oid"), CKF_EC_OID },
{ STR_WITH_LEN("ec-namedcurve"), CKF_EC_NAMEDCURVE },
{ STR_WITH_LEN("ec-uncompress"), CKF_EC_UNCOMPRESS },
{ STR_WITH_LEN("ec-compress"), CKF_EC_COMPRESS },
{ STR_WITH_LEN("ec-curvename"), CKF_EC_CURVENAME },
{ STR_WITH_LEN("extension"), CKF_EXTENSION },
};
static const map state_flags = {
{ STR_WITH_LEN("ro-public-session"), CKS_RO_PUBLIC_SESSION },
{ STR_WITH_LEN("ro-user-functions"), CKS_RO_USER_FUNCTIONS },
{ STR_WITH_LEN("rw-public-session"), CKS_RW_PUBLIC_SESSION },
{ STR_WITH_LEN("rw-user-functions"), CKS_RW_USER_FUNCTIONS },
{ STR_WITH_LEN("rw-so-functions"), CKS_RW_SO_FUNCTIONS },
};
static const map wait_flags = {
{ STR_WITH_LEN("dont-block"), CKF_DONT_BLOCK },
};
static UV S_get_flags(pTHX_ const map table, size_t table_size, SV* input) {
if (SvROK(input) && SvTYPE(SvRV(input)) == SVt_PVAV) {
size_t i;
UV result = 0;
( run in 1.184 second using v1.01-cache-2.11-cpan-39bf76dae61 )