1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107
|
/*
* Copyright (c) 2015-2016 Yubico AB
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef YKCS11_H
#define YKCS11_H
#include "pkcs11y.h"
#include "obj_types.h"
#include "openssl_types.h"
#include "vendors.h"
#define YKCS11_OP_BUFSIZE 4096
typedef struct {
vendor_id_t vid;
CK_TOKEN_INFO info;
piv_obj_id_t *objects; // List of objects in the token
CK_ULONG n_objects; // TOTAL number of objects in the token
CK_ULONG n_certs; // Number of certificate objects in the token (portion of n_objects)
} ykcs11_token_t;
typedef struct {
vendor_id_t vid;
CK_SLOT_INFO info;
ykcs11_token_t *token;
} ykcs11_slot_t;
typedef struct {
CK_SESSION_HANDLE handle;
CK_SESSION_INFO info; /* slotid, state, flags, deviceerror */
ykcs11_slot_t *slot;
} ykcs11_session_t;
typedef enum {
YKCS11_NOOP,
YKCS11_GEN,
YKCS11_SIGN,
YKCS11_HASH,
YKCS11_DECRYPT
} ykcs11_op_type_t;
typedef struct {
CK_BBOOL rsa; // RSA or EC key
CK_BYTE key_id; // Key id
CK_ULONG key_len; // Length in bits
CK_ULONG vendor_defined; // Additional parameters (touch and PIN policy)
} gen_info_t;
typedef struct {
ykcs11_md_ctx_t *md_ctx; // Digest context
CK_BYTE_PTR key; // Raw public key (needed for PSS)
CK_BYTE algo; // Algo for ykpiv // TODO: infer this from the key length?
CK_ULONG key_id; // Key id for ykpiv // TODO: make this a BYTE and store the id {0, 1, 2, 3}
CK_ULONG key_len; // Length in bits
} sign_info_t;
typedef struct {
CK_BYTE todo;
} hash_info_t;
typedef struct {
CK_BYTE todo;
} decrypt_info_t;
typedef union {
gen_info_t gen;
sign_info_t sign;
hash_info_t hash;
decrypt_info_t decrypt;
} op_t;
typedef struct {
ykcs11_op_type_t type;
CK_MECHANISM mechanism;
op_t op;
CK_BYTE buf[YKCS11_OP_BUFSIZE];
CK_ULONG buf_len;
} op_info_t;
#endif
|