|
Packit |
8681c6 |
/*
|
|
Packit |
8681c6 |
* COPYRIGHT (c) International Business Machines Corp. 2005-2017
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
* This program is provided under the terms of the Common Public License,
|
|
Packit |
8681c6 |
* version 1.0 (CPL-1.0). Any use, reproduction or distribution for this
|
|
Packit |
8681c6 |
* software constitutes recipient's acceptance of CPL-1.0 terms which can be
|
|
Packit |
8681c6 |
* found in the file LICENSE file or at
|
|
Packit |
8681c6 |
* https://opensource.org/licenses/cpl1.0.php
|
|
Packit |
8681c6 |
*/
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* File: sess_mgmt.c */
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#include <windows.h>
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#include <stdio.h>
|
|
Packit |
8681c6 |
#include <stdlib.h>
|
|
Packit |
8681c6 |
#include <string.h>
|
|
Packit |
8681c6 |
#include <memory.h>
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#include "pkcs11types.h"
|
|
Packit |
8681c6 |
#include "regress.h"
|
|
Packit |
8681c6 |
#include "mech_to_str.h"
|
|
Packit |
8681c6 |
#include "common.c"
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
void dump_session_info(CK_SESSION_INFO * info)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
printf(" CK_SESSION_INFO:\n");
|
|
Packit |
8681c6 |
printf(" slotID: %ld\n", info->slotID);
|
|
Packit |
8681c6 |
printf(" state: ");
|
|
Packit |
8681c6 |
switch (info->state) {
|
|
Packit |
8681c6 |
case CKS_RO_PUBLIC_SESSION:
|
|
Packit |
8681c6 |
printf("CKS_RO_PUBLIC_SESSION\n");
|
|
Packit |
8681c6 |
break;
|
|
Packit |
8681c6 |
case CKS_RW_PUBLIC_SESSION:
|
|
Packit |
8681c6 |
printf("CKS_RW_PUBLIC_SESSION\n");
|
|
Packit |
8681c6 |
break;
|
|
Packit |
8681c6 |
case CKS_RO_USER_FUNCTIONS:
|
|
Packit |
8681c6 |
printf("CKS_RO_USER_FUNCTIONS\n");
|
|
Packit |
8681c6 |
break;
|
|
Packit |
8681c6 |
case CKS_RW_USER_FUNCTIONS:
|
|
Packit |
8681c6 |
printf("CKS_RW_USER_FUNCTIONS\n");
|
|
Packit |
8681c6 |
break;
|
|
Packit |
8681c6 |
case CKS_RW_SO_FUNCTIONS:
|
|
Packit |
8681c6 |
printf("CKS_RW_SO_FUNCTIONS\n");
|
|
Packit |
8681c6 |
break;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
printf(" flags: %p\n", (void *) info->flags);
|
|
Packit |
8681c6 |
printf(" ulDeviceError: %ld\n", info->ulDeviceError);
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_RV do_OpenSession(void)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE handle;
|
|
Packit |
8681c6 |
CK_RV rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("do_OpenSession...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION; // read-only session
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &handle);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(handle);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("Looks okay...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_RV do_OpenSession2(void)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE h1, h2;
|
|
Packit |
8681c6 |
CK_RV rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("do_OpenSession2...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION; // read-only session
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h1;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h2;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(h1);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(h2);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("Looks okay...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_RV do_CloseAllSessions(void)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE h1, h2, h3;
|
|
Packit |
8681c6 |
CK_RV rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("do_CloseAllSessions...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION; // read-only session
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h1;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h2;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h3;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseAllSessions(slot_id);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseAllSessions", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("Looks okay...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_RV do_GetSessionInfo(void)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE h1, h2, h3;
|
|
Packit |
8681c6 |
CK_SESSION_INFO info;
|
|
Packit |
8681c6 |
CK_RV rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("do_GetSessionInfo...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION; // read-only session
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h1;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h2;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h3;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetSessionInfo(h1, &info;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetSessionInfo #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
dump_session_info(&info;;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetSessionInfo(h2, &info;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetSessionInfo #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
dump_session_info(&info;;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetSessionInfo(h2, &info;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetSessionInfo #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
dump_session_info(&info;;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseAllSessions(slot_id);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseAllSessions", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("Looks okay...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// This is a messy function but it does alot of tests:
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
// 1) Create 1 RO session and 2 RW sessions
|
|
Packit |
8681c6 |
// 2) Log the USER into session #1. Verify that all 3 become USER sessions.
|
|
Packit |
8681c6 |
// 3) Try to login again, this time to session #2. Verify that it fails
|
|
Packit |
8681c6 |
// 4) Logout session #1
|
|
Packit |
8681c6 |
// 5) Try to logout from session #2. Verify that this fails.
|
|
Packit |
8681c6 |
// 6) Try to log the SO into session #1. Verify that it fails (RO session exists)
|
|
Packit |
8681c6 |
// 7) Try to log the SO into session #2. Verify that it fails (RO session exists)
|
|
Packit |
8681c6 |
// 8) Close all sessions
|
|
Packit |
8681c6 |
// 9) Creaate 2 RW sessions
|
|
Packit |
8681c6 |
// A) Log the SO into one. Verify that both are now SO sessions.
|
|
Packit |
8681c6 |
// B) Create a 3rd RW session. Verify that it immediately becomes an SO session
|
|
Packit |
8681c6 |
// C) Try to create a RO session. Verify that it fails (SO session exists)
|
|
Packit |
8681c6 |
// D) Close all sessions and return
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
CK_RV do_LoginLogout(void)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE h1, h2, h3, h4;
|
|
Packit |
8681c6 |
CK_SESSION_INFO info;
|
|
Packit |
8681c6 |
CK_RV rc;
|
|
Packit |
8681c6 |
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
|
|
Packit |
8681c6 |
CK_ULONG user_pin_len;
|
|
Packit |
8681c6 |
CK_BYTE so_pin[PKCS11_MAX_PIN_LEN];
|
|
Packit |
8681c6 |
CK_ULONG so_pin_len;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("do_LoginLogout...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (get_user_pin(user_pin))
|
|
Packit |
8681c6 |
return CKR_FUNCTION_FAILED;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
user_pin_len = (CK_ULONG) strlen((char *) user_pin);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (get_so_pin(so_pin))
|
|
Packit |
8681c6 |
return CKR_FUNCTION_FAILED;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
so_pin_len = (CK_ULONG) strlen((char *) so_pin);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION; // read-only session
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// create 3 sessions. 1 RO, two RW
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h1;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h2;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h3;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// log the first session in. all sessions should become USER sessions
|
|
Packit |
8681c6 |
rc = funcs->C_Login(h1, CKU_USER, user_pin, user_pin_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_Login #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetSessionInfo(h1, &info;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetSessionInfo #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
dump_session_info(&info;;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetSessionInfo(h2, &info;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetSessionInfo #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
dump_session_info(&info;;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetSessionInfo(h2, &info;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetSessionInfo #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
dump_session_info(&info;;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, try to log in session #2. this should fail (already logged in)
|
|
Packit |
8681c6 |
rc = funcs->C_Login(h2, CKU_USER, user_pin, user_pin_len);
|
|
Packit |
8681c6 |
if (rc != CKR_USER_ALREADY_LOGGED_IN) {
|
|
Packit |
8681c6 |
show_error(" C_Login #2", rc);
|
|
Packit |
8681c6 |
PRINT_ERR(" Expected CKR_USER_ALREADY_LOGGED_IN\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, try to logout twice
|
|
Packit |
8681c6 |
rc = funcs->C_Logout(h1);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_Logout #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_Logout(h2);
|
|
Packit |
8681c6 |
if (rc != CKR_USER_NOT_LOGGED_IN) {
|
|
Packit |
8681c6 |
show_error(" C_Logout #2", rc);
|
|
Packit |
8681c6 |
PRINT_ERR(" Expected CKR_USER_NOT_LOGGED_IN\n");
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, try to log the SO in. this should fail since H1 is a RO session
|
|
Packit |
8681c6 |
rc = funcs->C_Login(h1, CKU_SO, so_pin, so_pin_len);
|
|
Packit |
8681c6 |
if (rc != CKR_SESSION_READ_ONLY_EXISTS) {
|
|
Packit |
8681c6 |
show_error(" C_Login #4", rc);
|
|
Packit |
8681c6 |
PRINT_ERR(" Expected CKR_SESSION_READ_ONLY_EXISTS\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_Login(h2, CKU_SO, so_pin, so_pin_len);
|
|
Packit |
8681c6 |
if (rc != CKR_SESSION_READ_ONLY_EXISTS) {
|
|
Packit |
8681c6 |
show_error(" C_Login #5", rc);
|
|
Packit |
8681c6 |
PRINT_ERR(" Expected CKR_SESSION_READ_ONLY_EXISTS\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// log completely out
|
|
Packit |
8681c6 |
rc = funcs->C_CloseAllSessions(slot_id);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseAllSessions #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, start two RW sessions
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h1;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #4", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h2;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #5", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, try to log the SO in. this should work
|
|
Packit |
8681c6 |
rc = funcs->C_Login(h1, CKU_SO, so_pin, so_pin_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_Login #6", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetSessionInfo(h1, &info;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetSessionInfo #4", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
dump_session_info(&info;;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetSessionInfo(h2, &info;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetSessionInfo #5", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
dump_session_info(&info;;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, create a 3rd RW session.
|
|
Packit |
8681c6 |
// verify that it is automatically an SO session
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h3;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #6", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetSessionInfo(h3, &info;;
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetSessionInfo #6", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
dump_session_info(&info;;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, try to create a 4th session. RO this time. Should fail
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &h4;;
|
|
Packit |
8681c6 |
if (rc != CKR_SESSION_READ_WRITE_SO_EXISTS) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #6", rc);
|
|
Packit |
8681c6 |
PRINT_ERR(" Expected CKR_SESSION_READ_WRITE_SO_EXISTS\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// we're done...close all sessions
|
|
Packit |
8681c6 |
rc = funcs->C_CloseAllSessions(slot_id);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseAllSessions #2: %d", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("Looks okay...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_RV do_OperationState1(void)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE session1, session2;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
|
|
Packit |
8681c6 |
CK_ULONG user_pin_len;
|
|
Packit |
8681c6 |
CK_RV rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_BYTE original[1024];
|
|
Packit |
8681c6 |
CK_BYTE crypt1[1024];
|
|
Packit |
8681c6 |
CK_BYTE crypt2[1024];
|
|
Packit |
8681c6 |
CK_BYTE trash1[8];
|
|
Packit |
8681c6 |
CK_BYTE trash2[8];
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_BYTE *op_state = NULL;
|
|
Packit |
8681c6 |
CK_ULONG op_state_len;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_ULONG orig_len, crypt1_len, crypt2_len, trash1_len, trash2_len;
|
|
Packit |
8681c6 |
CK_ULONG i;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_ULONG key_len = 16;
|
|
Packit |
8681c6 |
CK_ATTRIBUTE key_gen_tmpl[] = {
|
|
Packit |
8681c6 |
{CKA_VALUE_LEN, &key_len, sizeof(CK_ULONG)}
|
|
Packit |
8681c6 |
};
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_MECHANISM mech;
|
|
Packit |
8681c6 |
CK_OBJECT_HANDLE h_key;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("do_OperationState1...\n");
|
|
Packit |
8681c6 |
slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
// here's the goal:
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
// All the hash values should be the same
|
|
Packit |
8681c6 |
// 1) session #1 starts a multi-part encryption
|
|
Packit |
8681c6 |
// 2) save session #1 operation state
|
|
Packit |
8681c6 |
// 3) session #1 passes garbage to encrypt update
|
|
Packit |
8681c6 |
// 4) session #2's operation state is set to what we saved
|
|
Packit |
8681c6 |
// 5) sessoin #2 finishes the encryption operation
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
// Session #2's results should be the same as the single-part version
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// create two USER RW sessions
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session1);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session2);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (get_user_pin(user_pin))
|
|
Packit |
8681c6 |
return CKR_FUNCTION_FAILED;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
user_pin_len = (CK_ULONG) strlen((char *) user_pin);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_Login(session1, CKU_USER, user_pin, user_pin_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_Login #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
orig_len = sizeof(original);
|
|
Packit |
8681c6 |
for (i = 0; i < orig_len; i++)
|
|
Packit |
8681c6 |
original[i] = i % 255;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
trash1_len = sizeof(trash1);
|
|
Packit |
8681c6 |
memcpy(trash1, "asdflkjasdlkjadslkj", trash1_len);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// first generate a AES key
|
|
Packit |
8681c6 |
mech.mechanism = CKM_AES_KEY_GEN;
|
|
Packit |
8681c6 |
mech.ulParameterLen = 0;
|
|
Packit |
8681c6 |
mech.pParameter = NULL;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (!mech_supported(slot_id, mech.mechanism)) {
|
|
Packit |
8681c6 |
printf("Mechanism %s not supported. (skipped)\n",
|
|
Packit |
8681c6 |
mech_to_str(mech.mechanism));
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session1);
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session2);
|
|
Packit |
8681c6 |
return 0;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GenerateKey(session1, &mech, key_gen_tmpl, 1, &h_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GenerateKey #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// now encrypt the original data all at once using CBC
|
|
Packit |
8681c6 |
mech.mechanism = CKM_AES_CBC;
|
|
Packit |
8681c6 |
mech.ulParameterLen = 16;
|
|
Packit |
8681c6 |
mech.pParameter = "1234qwerasdfyxcv";
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_EncryptInit(session1, &mech, h_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_EncryptInit #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
crypt1_len = sizeof(crypt1);
|
|
Packit |
8681c6 |
rc = funcs->C_Encrypt(session1, original, orig_len, crypt1, &crypt1_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_Encrypt #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, begin encrypting multipart
|
|
Packit |
8681c6 |
rc = funcs->C_EncryptInit(session1, &mech, h_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_EncryptInit #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
crypt2_len = sizeof(crypt2);
|
|
Packit |
8681c6 |
rc = funcs->C_EncryptUpdate(session1, original, orig_len / 2,
|
|
Packit |
8681c6 |
crypt2, &crypt2_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_EncryptUpdate #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// save session #1's operation state
|
|
Packit |
8681c6 |
rc = funcs->C_GetOperationState(session1, NULL, &op_state_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetOperationState #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
op_state = (CK_BYTE *) malloc(op_state_len);
|
|
Packit |
8681c6 |
if (!op_state) {
|
|
Packit |
8681c6 |
show_error(" HOST MEMORY ERROR", (CK_ULONG) CKR_HOST_MEMORY);
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetOperationState(session1, op_state, &op_state_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetOperationState #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, encrypt some garbage. this will affect the CBC even if
|
|
Packit |
8681c6 |
// we throw the encrypted garbage away
|
|
Packit |
8681c6 |
trash2_len = sizeof(trash2);
|
|
Packit |
8681c6 |
rc = funcs->C_EncryptUpdate(session1, trash1, trash1_len,
|
|
Packit |
8681c6 |
trash2, &trash2_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_EncryptUpdate #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// restore session #1's operation state that we just saved back
|
|
Packit |
8681c6 |
// into session #2 and continue with the encryption
|
|
Packit |
8681c6 |
rc = funcs->C_SetOperationState(session2, op_state, op_state_len, h_key, 0);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_SetOperationState #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
free(op_state);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, encrypt the rest of the original data
|
|
Packit |
8681c6 |
i = crypt2_len;
|
|
Packit |
8681c6 |
crypt2_len = sizeof(crypt2) - crypt2_len;
|
|
Packit |
8681c6 |
rc = funcs->C_EncryptUpdate(session2,
|
|
Packit |
8681c6 |
original + orig_len / 2, orig_len / 2,
|
|
Packit |
8681c6 |
crypt2 + i, &crypt2_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_EncryptUpdate #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
crypt2_len += i;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
trash2_len = sizeof(trash2);
|
|
Packit |
8681c6 |
rc = funcs->C_EncryptFinal(session2, trash2, &trash2_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_EncryptFinal #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (crypt2_len != crypt1_len) {
|
|
Packit |
8681c6 |
PRINT_ERR(" ERROR: Lengths don't match\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (memcmp(crypt1, crypt2, crypt1_len) != 0) {
|
|
Packit |
8681c6 |
PRINT_ERR(" ERROR: crypt1 != crypt2\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(session1);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(session2);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("Looks okay...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_RV do_OperationState2(void)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE session1, session2, session3;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
|
|
Packit |
8681c6 |
CK_ULONG user_pin_len;
|
|
Packit |
8681c6 |
CK_RV rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_BYTE original[1024];
|
|
Packit |
8681c6 |
CK_BYTE digest1[16];
|
|
Packit |
8681c6 |
CK_BYTE digest2[16];
|
|
Packit |
8681c6 |
CK_BYTE digest3[16];
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_ULONG orig_len;
|
|
Packit |
8681c6 |
CK_ULONG digest1_len, digest2_len, digest3_len;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_BYTE *op_state1 = NULL;
|
|
Packit |
8681c6 |
CK_BYTE *op_state2 = NULL;
|
|
Packit |
8681c6 |
CK_ULONG op_state1_len;
|
|
Packit |
8681c6 |
CK_ULONG op_state2_len;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_ULONG i;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_MECHANISM mech;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("do_OperationState2...\n");
|
|
Packit |
8681c6 |
slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
// here's the goal:
|
|
Packit |
8681c6 |
// 1) session #1 digests the first 499 bytes
|
|
Packit |
8681c6 |
// 2) session #2 digests the first 27 bytes
|
|
Packit |
8681c6 |
// 3) session #3 digests the whole thing
|
|
Packit |
8681c6 |
// 3) we save both operation states
|
|
Packit |
8681c6 |
// 4) we set the operation states to the 'other' session thereby
|
|
Packit |
8681c6 |
// switching sessions. Session #2 picks up where session #1 was
|
|
Packit |
8681c6 |
// saved, session #1 picks up where session #2 was saved.
|
|
Packit |
8681c6 |
// 5) session #1 digests the final (1024 - 27) bytes
|
|
Packit |
8681c6 |
// 6) session #2 digests the final (1024 - 499) bytes
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
// All the hash values should be the same
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// create three USER RW sessions
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session1);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session2);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session3);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (get_user_pin(user_pin))
|
|
Packit |
8681c6 |
return CKR_FUNCTION_FAILED;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
user_pin_len = (CK_ULONG) strlen((char *) user_pin);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_Login(session1, CKU_USER, user_pin, user_pin_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_Login #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
orig_len = sizeof(original);
|
|
Packit |
8681c6 |
for (i = 0; i < orig_len; i++)
|
|
Packit |
8681c6 |
original[i] = i % 255;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
mech.mechanism = CKM_MD5;
|
|
Packit |
8681c6 |
mech.pParameter = NULL;
|
|
Packit |
8681c6 |
mech.ulParameterLen = 0;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (!mech_supported(slot_id, mech.mechanism)) {
|
|
Packit |
8681c6 |
printf("Mechanism %s not supported. (skipped)\n",
|
|
Packit |
8681c6 |
mech_to_str(mech.mechanism));
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session1);
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session2);
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session3);
|
|
Packit |
8681c6 |
return 0;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DigestInit(session1, &mech);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestInit #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DigestInit(session2, &mech);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestInit #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DigestInit(session3, &mech);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestInit #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DigestUpdate(session1, original, 499);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestUpdate #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DigestUpdate(session2, original, 27);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestUpdate #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
orig_len = sizeof(original);
|
|
Packit |
8681c6 |
digest3_len = sizeof(digest3);
|
|
Packit |
8681c6 |
rc = funcs->C_Digest(session3, original, orig_len, digest3, &digest3_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_Digest #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// save the operation states of sessions 1 and 2
|
|
Packit |
8681c6 |
rc = funcs->C_GetOperationState(session1, NULL, &op_state1_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetOperationState #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
op_state1 = (CK_BYTE *) malloc(op_state1_len);
|
|
Packit |
8681c6 |
if (!op_state1) {
|
|
Packit |
8681c6 |
show_error(" HOST MEMORY ERROR", (CK_ULONG) CKR_HOST_MEMORY);
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetOperationState(session1, op_state1, &op_state1_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetOperationState #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetOperationState(session2, NULL, &op_state2_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetOperationState #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
op_state2 = (CK_BYTE *) malloc(op_state2_len);
|
|
Packit |
8681c6 |
if (!op_state2) {
|
|
Packit |
8681c6 |
show_error(" HOST MEMORY ERROR", (CK_ULONG) CKR_HOST_MEMORY);
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetOperationState(session2, op_state2, &op_state2_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetOperationState #4", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// switch the states
|
|
Packit |
8681c6 |
rc = funcs->C_SetOperationState(session1, op_state2, op_state2_len, 0, 0);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_SetOperationState #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_SetOperationState(session2, op_state1, op_state1_len, 0, 0);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_SetOperationState #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, finish the digest operations
|
|
Packit |
8681c6 |
rc = funcs->C_DigestUpdate(session2, original + 499, (orig_len - 499));
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestUpdate #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DigestUpdate(session1, original + 27, orig_len - 27);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestUpdate #4", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
digest1_len = sizeof(digest1);
|
|
Packit |
8681c6 |
rc = funcs->C_DigestFinal(session1, digest1, &digest1_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestFinal #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
digest2_len = sizeof(digest2);
|
|
Packit |
8681c6 |
rc = funcs->C_DigestFinal(session2, digest2, &digest2_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestFinal #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (digest1_len != digest2_len || digest1_len != digest3_len) {
|
|
Packit |
8681c6 |
PRINT_ERR(" ERROR: digested lengths don't match\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (memcmp(digest1, digest2, digest1_len) != 0) {
|
|
Packit |
8681c6 |
PRINT_ERR(" ERROR: digest1 != digest2\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (memcmp(digest1, digest3, digest1_len) != 0) {
|
|
Packit |
8681c6 |
PRINT_ERR(" ERROR: digest1 != digest3\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(session1);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(session2);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #4", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(session3);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #5", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("Looks okay...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
free(op_state1);
|
|
Packit |
8681c6 |
free(op_state2);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_RV do_OperationState3(void)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE session1, session2, session3;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
|
|
Packit |
8681c6 |
CK_ULONG user_pin_len;
|
|
Packit |
8681c6 |
CK_RV rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_BYTE original[1024];
|
|
Packit |
8681c6 |
CK_BYTE digest1[16];
|
|
Packit |
8681c6 |
CK_BYTE digest2[16];
|
|
Packit |
8681c6 |
CK_BYTE digest3[16];
|
|
Packit |
8681c6 |
CK_BYTE junk[1024];
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_ULONG orig_len, junk_len;
|
|
Packit |
8681c6 |
CK_ULONG digest1_len, digest2_len, digest3_len;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_BYTE *op_state2 = NULL;
|
|
Packit |
8681c6 |
CK_ULONG op_state2_len;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_ULONG i;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_ULONG key_len = 16;
|
|
Packit |
8681c6 |
CK_ATTRIBUTE key_gen_tmpl[] = {
|
|
Packit |
8681c6 |
{CKA_VALUE_LEN, &key_len, sizeof(CK_ULONG)}
|
|
Packit |
8681c6 |
};
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_MECHANISM mech1, mech2;
|
|
Packit |
8681c6 |
CK_OBJECT_HANDLE key;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("do_OperationState3...\n");
|
|
Packit |
8681c6 |
slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
// here's the goal:
|
|
Packit |
8681c6 |
// 1) session #1 starts a multi-part encrypt
|
|
Packit |
8681c6 |
// 2) session #2 starts a multi-part digest
|
|
Packit |
8681c6 |
// 3) session #3 digests the whole thing
|
|
Packit |
8681c6 |
// 4) assign session #2's operating state to session #1
|
|
Packit |
8681c6 |
// 5) session #1 tries C_EncryptUpdate. Should fail.
|
|
Packit |
8681c6 |
// 6) session #1 finishes the multi-part digest
|
|
Packit |
8681c6 |
// 7) session #2 finishes the multi-part digest
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
// All the hash values should be the same
|
|
Packit |
8681c6 |
//
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// create three USER RW sessions
|
|
Packit |
8681c6 |
flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session1);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session2);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_OpenSession(slot_id, flags, NULL, NULL, &session3);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_OpenSession #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (get_user_pin(user_pin))
|
|
Packit |
8681c6 |
return CKR_FUNCTION_FAILED;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
user_pin_len = (CK_ULONG) strlen((char *) user_pin);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_Login(session1, CKU_USER, user_pin, user_pin_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_Login #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
orig_len = sizeof(original);
|
|
Packit |
8681c6 |
for (i = 0; i < orig_len; i++)
|
|
Packit |
8681c6 |
original[i] = i % 255;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
mech1.mechanism = CKM_AES_KEY_GEN;
|
|
Packit |
8681c6 |
mech1.pParameter = NULL;
|
|
Packit |
8681c6 |
mech1.ulParameterLen = 0;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (!mech_supported(slot_id, mech1.mechanism)) {
|
|
Packit |
8681c6 |
printf("Mechanism %s not supported. (skipped)\n",
|
|
Packit |
8681c6 |
mech_to_str(mech1.mechanism));
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session1);
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session2);
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session3);
|
|
Packit |
8681c6 |
return 0;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GenerateKey(session1, &mech1, key_gen_tmpl, 1, &key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GenerateKey #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
mech1.mechanism = CKM_AES_ECB;
|
|
Packit |
8681c6 |
mech1.pParameter = NULL;
|
|
Packit |
8681c6 |
mech1.ulParameterLen = 0;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (!mech_supported(slot_id, mech1.mechanism)) {
|
|
Packit |
8681c6 |
printf("Mechanism %s not supported. (skipped)\n",
|
|
Packit |
8681c6 |
mech_to_str(mech1.mechanism));
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session1);
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session2);
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session3);
|
|
Packit |
8681c6 |
return 0;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_EncryptInit(session1, &mech1, key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_EncryptInit #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
mech2.mechanism = CKM_MD5;
|
|
Packit |
8681c6 |
mech2.pParameter = NULL;
|
|
Packit |
8681c6 |
mech2.ulParameterLen = 0;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (!mech_supported(slot_id, mech2.mechanism)) {
|
|
Packit |
8681c6 |
printf("Mechanism %s not supported. (skipped)\n",
|
|
Packit |
8681c6 |
mech_to_str(mech2.mechanism));
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session1);
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session2);
|
|
Packit |
8681c6 |
funcs->C_CloseSession(session3);
|
|
Packit |
8681c6 |
return 0;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DigestInit(session2, &mech2);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestInit #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DigestInit(session3, &mech2);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestInit #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DigestUpdate(session2, original, 499);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestUpdate #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
orig_len = sizeof(original);
|
|
Packit |
8681c6 |
digest3_len = sizeof(digest3);
|
|
Packit |
8681c6 |
rc = funcs->C_Digest(session3, original, orig_len, digest3, &digest3_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_Digest #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetOperationState(session2, NULL, &op_state2_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetOperationState #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
op_state2 = (CK_BYTE *) malloc(op_state2_len);
|
|
Packit |
8681c6 |
if (!op_state2) {
|
|
Packit |
8681c6 |
show_error(" HOST MEMORY ERROR #1", (CK_ULONG) CKR_HOST_MEMORY);
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetOperationState(session2, op_state2, &op_state2_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_GetOperationState #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_SetOperationState(session1, op_state2, op_state2_len, 0, 0);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_SetOperationState #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// session #1 should not be set to do digest not encryption
|
|
Packit |
8681c6 |
junk_len = sizeof(junk);
|
|
Packit |
8681c6 |
rc = funcs->C_EncryptUpdate(session1, original, 499, junk, &junk_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OPERATION_NOT_INITIALIZED) {
|
|
Packit |
8681c6 |
show_error(" C_EncryptUpdate #1", rc);
|
|
Packit |
8681c6 |
PRINT_ERR(" Expected CKR_OPERATION_NOT_INITIALIZED\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// now, finish the digest operations
|
|
Packit |
8681c6 |
rc = funcs->C_DigestUpdate(session1, original + 499, (orig_len - 499));
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestUpdate #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DigestUpdate(session2, original + 499, (orig_len - 499));
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestUpdate #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
digest1_len = sizeof(digest1);
|
|
Packit |
8681c6 |
rc = funcs->C_DigestFinal(session1, digest1, &digest1_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestFinal #1", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
digest2_len = sizeof(digest2);
|
|
Packit |
8681c6 |
rc = funcs->C_DigestFinal(session2, digest2, &digest2_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_DigestFinal #2", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (digest1_len != digest2_len || digest1_len != digest3_len) {
|
|
Packit |
8681c6 |
PRINT_ERR(" ERROR: digested lengths don't match\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (memcmp(digest1, digest2, digest1_len) != 0) {
|
|
Packit |
8681c6 |
PRINT_ERR(" ERROR: digest1 != digest2\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (memcmp(digest1, digest3, digest1_len) != 0) {
|
|
Packit |
8681c6 |
PRINT_ERR(" ERROR: digest1 != digest3\n");
|
|
Packit |
8681c6 |
return -1;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(session1);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #3", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(session2);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #4", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CloseSession(session3);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
show_error(" C_CloseSession #5", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("Looks okay...\n");
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
free(op_state2);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_RV sess_mgmt_functions()
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
SYSTEMTIME t1, t2;
|
|
Packit |
8681c6 |
CK_RV rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
GetSystemTime(&t1;;
|
|
Packit |
8681c6 |
rc = do_OpenSession();
|
|
Packit |
8681c6 |
if (rc && !no_stop)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
GetSystemTime(&t2;;
|
|
Packit |
8681c6 |
process_time(t1, t2);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
GetSystemTime(&t1;;
|
|
Packit |
8681c6 |
rc = do_OpenSession2();
|
|
Packit |
8681c6 |
if (rc && !no_stop)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
GetSystemTime(&t2;;
|
|
Packit |
8681c6 |
process_time(t1, t2);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
GetSystemTime(&t1;;
|
|
Packit |
8681c6 |
rc = do_CloseAllSessions();
|
|
Packit |
8681c6 |
if (rc && !no_stop)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
GetSystemTime(&t2;;
|
|
Packit |
8681c6 |
process_time(t1, t2);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
GetSystemTime(&t1;;
|
|
Packit |
8681c6 |
rc = do_GetSessionInfo();
|
|
Packit |
8681c6 |
if (rc && !no_stop)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
GetSystemTime(&t2;;
|
|
Packit |
8681c6 |
process_time(t1, t2);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
GetSystemTime(&t1;;
|
|
Packit |
8681c6 |
rc = do_LoginLogout();
|
|
Packit |
8681c6 |
if (rc && !no_stop)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
GetSystemTime(&t2;;
|
|
Packit |
8681c6 |
process_time(t1, t2);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
GetSystemTime(&t1;;
|
|
Packit |
8681c6 |
rc = do_OperationState1();
|
|
Packit |
8681c6 |
if (rc && !no_stop)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
GetSystemTime(&t2;;
|
|
Packit |
8681c6 |
process_time(t1, t2);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
GetSystemTime(&t1;;
|
|
Packit |
8681c6 |
rc = do_OperationState2();
|
|
Packit |
8681c6 |
if (rc && !no_stop)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
GetSystemTime(&t2;;
|
|
Packit |
8681c6 |
process_time(t1, t2);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
GetSystemTime(&t1;;
|
|
Packit |
8681c6 |
rc = do_OperationState3();
|
|
Packit |
8681c6 |
if (rc && !no_stop)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
GetSystemTime(&t2;;
|
|
Packit |
8681c6 |
process_time(t1, t2);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
int main(int argc, char **argv)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_C_INITIALIZE_ARGS cinit_args;
|
|
Packit |
8681c6 |
int rc;
|
|
Packit |
8681c6 |
CK_RV rv;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = do_ParseArgs(argc, argv);
|
|
Packit |
8681c6 |
if (rc != 1)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("Using slot #%lu...\n\n", SLOT_ID);
|
|
Packit |
8681c6 |
printf("With option: no_init: %d\n", no_init);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = do_GetFunctionList();
|
|
Packit |
8681c6 |
if (!rc) {
|
|
Packit |
8681c6 |
PRINT_ERR("ERROR do_GetFunctionList() Failed , rc = 0x%0x\n", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
memset(&cinit_args, 0x0, sizeof(cinit_args));
|
|
Packit |
8681c6 |
cinit_args.flags = CKF_OS_LOCKING_OK;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// SAB Add calls to ALL functions before the C_Initialize gets hit
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
funcs->C_Initialize(&cinit_args);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE hsess = 0;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_GetFunctionStatus(hsess);
|
|
Packit |
8681c6 |
if (rc != CKR_FUNCTION_NOT_PARALLEL)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CancelFunction(hsess);
|
|
Packit |
8681c6 |
if (rc != CKR_FUNCTION_NOT_PARALLEL)
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rv = sess_mgmt_functions();
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* make sure we return non-zero if rv is non-zero */
|
|
Packit |
8681c6 |
return ((rv == 0) || (rv % 256) ? (int)rv : -1);
|
|
Packit |
8681c6 |
}
|