diff options
-rw-r--r-- | common/attrs.c | 22 | ||||
-rw-r--r-- | common/attrs.h | 9 | ||||
-rw-r--r-- | common/constants.c | 350 | ||||
-rw-r--r-- | common/constants.h | 8 | ||||
-rw-r--r-- | common/tests/test-constants.c | 18 | ||||
-rw-r--r-- | doc/manual/Makefile.am | 1 | ||||
-rw-r--r-- | doc/manual/p11-kit-sharing.xml | 5 | ||||
-rw-r--r-- | doc/manual/pkcs11.conf.xml | 19 | ||||
-rw-r--r-- | p11-kit/Makefile.am | 1 | ||||
-rw-r--r-- | p11-kit/log.c | 2022 | ||||
-rw-r--r-- | p11-kit/log.h | 53 | ||||
-rw-r--r-- | p11-kit/modules.c | 44 | ||||
-rw-r--r-- | p11-kit/tests/Makefile.am | 1 | ||||
-rw-r--r-- | p11-kit/tests/test-log.c | 125 | ||||
-rw-r--r-- | p11-kit/tests/test-mock.c | 4 |
15 files changed, 2646 insertions, 36 deletions
diff --git a/common/attrs.c b/common/attrs.c index c1e060a..88906f4 100644 --- a/common/attrs.c +++ b/common/attrs.c @@ -808,10 +808,10 @@ format_some_bytes (p11_buffer *buffer, p11_buffer_add (buffer, "\"", 1); } -static void -format_attribute (p11_buffer *buffer, - const CK_ATTRIBUTE *attr, - CK_OBJECT_CLASS klass) +void +p11_attr_format (p11_buffer *buffer, + const CK_ATTRIBUTE *attr, + CK_OBJECT_CLASS klass) { p11_buffer_add (buffer, "{ ", -1); format_attribute_type (buffer, attr->type); @@ -839,10 +839,10 @@ format_attribute (p11_buffer *buffer, p11_buffer_add (buffer, " }", -1); } -static void -format_attributes (p11_buffer *buffer, - const CK_ATTRIBUTE *attrs, - int count) +void +p11_attrs_format (p11_buffer *buffer, + const CK_ATTRIBUTE *attrs, + int count) { CK_BBOOL first = CK_TRUE; CK_OBJECT_CLASS klass; @@ -861,7 +861,7 @@ format_attributes (p11_buffer *buffer, else p11_buffer_add (buffer, ", ", 2); first = CK_FALSE; - format_attribute (buffer, attrs + i, klass); + p11_attr_format (buffer, attrs + i, klass); } p11_buffer_add (buffer, " ]", -1); } @@ -873,7 +873,7 @@ p11_attrs_to_string (const CK_ATTRIBUTE *attrs, p11_buffer buffer; if (!p11_buffer_init_null (&buffer, 128)) return_val_if_reached (NULL); - format_attributes (&buffer, attrs, count); + p11_attrs_format (&buffer, attrs, count); return p11_buffer_steal (&buffer, NULL); } @@ -884,6 +884,6 @@ p11_attr_to_string (const CK_ATTRIBUTE *attr, p11_buffer buffer; if (!p11_buffer_init_null (&buffer, 32)) return_val_if_reached (NULL); - format_attribute (&buffer, attr, klass); + p11_attr_format (&buffer, attr, klass); return p11_buffer_steal (&buffer, NULL); } diff --git a/common/attrs.h b/common/attrs.h index 233ac79..2780013 100644 --- a/common/attrs.h +++ b/common/attrs.h @@ -36,6 +36,7 @@ #ifndef P11_ATTRS_H_ #define P11_ATTRS_H_ +#include "buffer.h" #include "compat.h" #include "pkcs11.h" @@ -112,9 +113,17 @@ bool p11_attrs_matchn (const CK_ATTRIBUTE *attrs, char * p11_attrs_to_string (const CK_ATTRIBUTE *attrs, int count); +void p11_attrs_format (p11_buffer *buffer, + const CK_ATTRIBUTE *attrs, + int count); + char * p11_attr_to_string (const CK_ATTRIBUTE *attr, CK_OBJECT_CLASS klass); +void p11_attr_format (p11_buffer *buffer, + const CK_ATTRIBUTE *attr, + CK_OBJECT_CLASS klass); + bool p11_attr_equal (const void *one, const void *two); diff --git a/common/constants.c b/common/constants.c index 918d3e5..ef92810 100644 --- a/common/constants.c +++ b/common/constants.c @@ -260,6 +260,338 @@ const p11_constant p11_constant_categories[] = { { CKA_INVALID }, }; +const p11_constant p11_constant_users[] = { + CT (CKU_SO, NULL) + CT (CKU_USER, NULL) + CT (CKU_CONTEXT_SPECIFIC, NULL) + { CKA_INVALID }, +}; + +const p11_constant p11_constant_states[] = { + CT (CKS_RO_PUBLIC_SESSION, NULL) + CT (CKS_RO_USER_FUNCTIONS, NULL) + CT (CKS_RW_PUBLIC_SESSION, NULL) + CT (CKS_RW_USER_FUNCTIONS, NULL) + CT (CKS_RW_SO_FUNCTIONS, NULL) + { CKA_INVALID }, +}; + +const p11_constant p11_constant_returns[] = { + CT (CKR_OK, NULL) + CT (CKR_CANCEL, NULL) + CT (CKR_HOST_MEMORY, NULL) + CT (CKR_SLOT_ID_INVALID, NULL) + CT (CKR_GENERAL_ERROR, NULL) + CT (CKR_FUNCTION_FAILED, NULL) + CT (CKR_ARGUMENTS_BAD, NULL) + CT (CKR_NO_EVENT, NULL) + CT (CKR_NEED_TO_CREATE_THREADS, NULL) + CT (CKR_CANT_LOCK, NULL) + CT (CKR_ATTRIBUTE_READ_ONLY, NULL) + CT (CKR_ATTRIBUTE_SENSITIVE, NULL) + CT (CKR_ATTRIBUTE_TYPE_INVALID, NULL) + CT (CKR_ATTRIBUTE_VALUE_INVALID, NULL) + CT (CKR_DATA_INVALID, NULL) + CT (CKR_DATA_LEN_RANGE, NULL) + CT (CKR_DEVICE_ERROR, NULL) + CT (CKR_DEVICE_MEMORY, NULL) + CT (CKR_DEVICE_REMOVED, NULL) + CT (CKR_ENCRYPTED_DATA_INVALID, NULL) + CT (CKR_ENCRYPTED_DATA_LEN_RANGE, NULL) + CT (CKR_FUNCTION_CANCELED, NULL) + CT (CKR_FUNCTION_NOT_PARALLEL, NULL) + CT (CKR_FUNCTION_NOT_SUPPORTED, NULL) + CT (CKR_KEY_HANDLE_INVALID, NULL) + CT (CKR_KEY_SIZE_RANGE, NULL) + CT (CKR_KEY_TYPE_INCONSISTENT, NULL) + CT (CKR_KEY_NOT_NEEDED, NULL) + CT (CKR_KEY_CHANGED, NULL) + CT (CKR_KEY_NEEDED, NULL) + CT (CKR_KEY_INDIGESTIBLE, NULL) + CT (CKR_KEY_FUNCTION_NOT_PERMITTED, NULL) + CT (CKR_KEY_NOT_WRAPPABLE, NULL) + CT (CKR_KEY_UNEXTRACTABLE, NULL) + CT (CKR_MECHANISM_INVALID, NULL) + CT (CKR_MECHANISM_PARAM_INVALID, NULL) + CT (CKR_OBJECT_HANDLE_INVALID, NULL) + CT (CKR_OPERATION_ACTIVE, NULL) + CT (CKR_OPERATION_NOT_INITIALIZED, NULL) + CT (CKR_PIN_INCORRECT, NULL) + CT (CKR_PIN_INVALID, NULL) + CT (CKR_PIN_LEN_RANGE, NULL) + CT (CKR_PIN_EXPIRED, NULL) + CT (CKR_PIN_LOCKED, NULL) + CT (CKR_SESSION_CLOSED, NULL) + CT (CKR_SESSION_COUNT, NULL) + CT (CKR_SESSION_HANDLE_INVALID, NULL) + CT (CKR_SESSION_PARALLEL_NOT_SUPPORTED, NULL) + CT (CKR_SESSION_READ_ONLY, NULL) + CT (CKR_SESSION_EXISTS, NULL) + CT (CKR_SESSION_READ_ONLY_EXISTS, NULL) + CT (CKR_SESSION_READ_WRITE_SO_EXISTS, NULL) + CT (CKR_SIGNATURE_INVALID, NULL) + CT (CKR_SIGNATURE_LEN_RANGE, NULL) + CT (CKR_TEMPLATE_INCOMPLETE, NULL) + CT (CKR_TEMPLATE_INCONSISTENT, NULL) + CT (CKR_TOKEN_NOT_PRESENT, NULL) + CT (CKR_TOKEN_NOT_RECOGNIZED, NULL) + CT (CKR_TOKEN_WRITE_PROTECTED, NULL) + CT (CKR_UNWRAPPING_KEY_HANDLE_INVALID, NULL) + CT (CKR_UNWRAPPING_KEY_SIZE_RANGE, NULL) + CT (CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, NULL) + CT (CKR_USER_ALREADY_LOGGED_IN, NULL) + CT (CKR_USER_NOT_LOGGED_IN, NULL) + CT (CKR_USER_PIN_NOT_INITIALIZED, NULL) + CT (CKR_USER_TYPE_INVALID, NULL) + CT (CKR_USER_ANOTHER_ALREADY_LOGGED_IN, NULL) + CT (CKR_USER_TOO_MANY_TYPES, NULL) + CT (CKR_WRAPPED_KEY_INVALID, NULL) + CT (CKR_WRAPPED_KEY_LEN_RANGE, NULL) + CT (CKR_WRAPPING_KEY_HANDLE_INVALID, NULL) + CT (CKR_WRAPPING_KEY_SIZE_RANGE, NULL) + CT (CKR_WRAPPING_KEY_TYPE_INCONSISTENT, NULL) + CT (CKR_RANDOM_SEED_NOT_SUPPORTED, NULL) + CT (CKR_RANDOM_NO_RNG, NULL) + CT (CKR_DOMAIN_PARAMS_INVALID, NULL) + CT (CKR_BUFFER_TOO_SMALL, NULL) + CT (CKR_SAVED_STATE_INVALID, NULL) + CT (CKR_INFORMATION_SENSITIVE, NULL) + CT (CKR_STATE_UNSAVEABLE, NULL) + CT (CKR_CRYPTOKI_NOT_INITIALIZED, NULL) + CT (CKR_CRYPTOKI_ALREADY_INITIALIZED, NULL) + CT (CKR_MUTEX_BAD, NULL) + CT (CKR_MUTEX_NOT_LOCKED, NULL) + CT (CKR_FUNCTION_REJECTED, NULL) + { CKA_INVALID }, +}; + +const p11_constant p11_constant_mechanisms[] = { + CT (CKM_RSA_PKCS_KEY_PAIR_GEN, NULL) + CT (CKM_RSA_PKCS, NULL) + CT (CKM_RSA_9796, NULL) + CT (CKM_RSA_X_509, NULL) + CT (CKM_MD2_RSA_PKCS, NULL) + CT (CKM_MD5_RSA_PKCS, NULL) + CT (CKM_SHA1_RSA_PKCS, NULL) + CT (CKM_RIPEMD128_RSA_PKCS, NULL) + CT (CKM_RIPEMD160_RSA_PKCS, NULL) + CT (CKM_RSA_PKCS_OAEP, NULL) + CT (CKM_RSA_X9_31_KEY_PAIR_GEN, NULL) + CT (CKM_RSA_X9_31, NULL) + CT (CKM_SHA1_RSA_X9_31, NULL) + CT (CKM_RSA_PKCS_PSS, NULL) + CT (CKM_SHA1_RSA_PKCS_PSS, NULL) + CT (CKM_DSA_KEY_PAIR_GEN, NULL) + CT (CKM_DSA, NULL) + CT (CKM_DSA_SHA1, NULL) + CT (CKM_DH_PKCS_KEY_PAIR_GEN, NULL) + CT (CKM_DH_PKCS_DERIVE, NULL) + CT (CKM_X9_42_DH_KEY_PAIR_GEN, NULL) + CT (CKM_X9_42_DH_DERIVE, NULL) + CT (CKM_X9_42_DH_HYBRID_DERIVE, NULL) + CT (CKM_X9_42_MQV_DERIVE, NULL) + CT (CKM_SHA256_RSA_PKCS, NULL) + CT (CKM_SHA384_RSA_PKCS, NULL) + CT (CKM_SHA512_RSA_PKCS, NULL) + CT (CKM_SHA256_RSA_PKCS_PSS, NULL) + CT (CKM_SHA384_RSA_PKCS_PSS, NULL) + CT (CKM_SHA512_RSA_PKCS_PSS, NULL) + CT (CKM_RC2_KEY_GEN, NULL) + CT (CKM_RC2_ECB, NULL) + CT (CKM_RC2_CBC, NULL) + CT (CKM_RC2_MAC, NULL) + CT (CKM_RC2_MAC_GENERAL, NULL) + CT (CKM_RC2_CBC_PAD, NULL) + CT (CKM_RC4_KEY_GEN, NULL) + CT (CKM_RC4, NULL) + CT (CKM_DES_KEY_GEN, NULL) + CT (CKM_DES_ECB, NULL) + CT (CKM_DES_CBC, NULL) + CT (CKM_DES_MAC, NULL) + CT (CKM_DES_MAC_GENERAL, NULL) + CT (CKM_DES_CBC_PAD, NULL) + CT (CKM_DES2_KEY_GEN, NULL) + CT (CKM_DES3_KEY_GEN, NULL) + CT (CKM_DES3_ECB, NULL) + CT (CKM_DES3_CBC, NULL) + CT (CKM_DES3_MAC, NULL) + CT (CKM_DES3_MAC_GENERAL, NULL) + CT (CKM_DES3_CBC_PAD, NULL) + CT (CKM_CDMF_KEY_GEN, NULL) + CT (CKM_CDMF_ECB, NULL) + CT (CKM_CDMF_CBC, NULL) + CT (CKM_CDMF_MAC, NULL) + CT (CKM_CDMF_MAC_GENERAL, NULL) + CT (CKM_CDMF_CBC_PAD, NULL) + CT (CKM_DES_OFB64, NULL) + CT (CKM_DES_OFB8, NULL) + CT (CKM_DES_CFB64, NULL) + CT (CKM_DES_CFB8, NULL) + CT (CKM_MD2, NULL) + CT (CKM_MD2_HMAC, NULL) + CT (CKM_MD2_HMAC_GENERAL, NULL) + CT (CKM_MD5, NULL) + CT (CKM_MD5_HMAC, NULL) + CT (CKM_MD5_HMAC_GENERAL, NULL) + CT (CKM_SHA_1, NULL) + CT (CKM_SHA_1_HMAC, NULL) + CT (CKM_SHA_1_HMAC_GENERAL, NULL) + CT (CKM_RIPEMD128, NULL) + CT (CKM_RIPEMD128_HMAC, NULL) + CT (CKM_RIPEMD128_HMAC_GENERAL, NULL) + CT (CKM_RIPEMD160, NULL) + CT (CKM_RIPEMD160_HMAC, NULL) + CT (CKM_RIPEMD160_HMAC_GENERAL, NULL) + CT (CKM_SHA256, NULL) + CT (CKM_SHA256_HMAC, NULL) + CT (CKM_SHA256_HMAC_GENERAL, NULL) + CT (CKM_SHA384, NULL) + CT (CKM_SHA384_HMAC, NULL) + CT (CKM_SHA384_HMAC_GENERAL, NULL) + CT (CKM_SHA512, NULL) + CT (CKM_SHA512_HMAC, NULL) + CT (CKM_SHA512_HMAC_GENERAL, NULL) + CT (CKM_CAST_KEY_GEN, NULL) + CT (CKM_CAST_ECB, NULL) + CT (CKM_CAST_CBC, NULL) + CT (CKM_CAST_MAC, NULL) + CT (CKM_CAST_MAC_GENERAL, NULL) + CT (CKM_CAST_CBC_PAD, NULL) + CT (CKM_CAST3_KEY_GEN, NULL) + CT (CKM_CAST3_ECB, NULL) + CT (CKM_CAST3_CBC, NULL) + CT (CKM_CAST3_MAC, NULL) + CT (CKM_CAST3_MAC_GENERAL, NULL) + CT (CKM_CAST3_CBC_PAD, NULL) + CT (CKM_CAST5_KEY_GEN, NULL) + /* CT (CKM_CAST128_KEY_GEN) */ + CT (CKM_CAST5_ECB, NULL) + /* CT (CKM_CAST128_ECB) */ + CT (CKM_CAST5_CBC, NULL) + /* CT (CKM_CAST128_CBC) */ + CT (CKM_CAST5_MAC, NULL) + /* CT (CKM_CAST128_MAC) */ + CT (CKM_CAST5_MAC_GENERAL, NULL) + /* CT (CKM_CAST128_MAC_GENERAL) */ + CT (CKM_CAST5_CBC_PAD, NULL) + /* CT (CKM_CAST128_CBC_PAD) */ + CT (CKM_RC5_KEY_GEN, NULL) + CT (CKM_RC5_ECB, NULL) + CT (CKM_RC5_CBC, NULL) + CT (CKM_RC5_MAC, NULL) + CT (CKM_RC5_MAC_GENERAL, NULL) + CT (CKM_RC5_CBC_PAD, NULL) + CT (CKM_IDEA_KEY_GEN, NULL) + CT (CKM_IDEA_ECB, NULL) + CT (CKM_IDEA_CBC, NULL) + CT (CKM_IDEA_MAC, NULL) + CT (CKM_IDEA_MAC_GENERAL, NULL) + CT (CKM_IDEA_CBC_PAD, NULL) + CT (CKM_GENERIC_SECRET_KEY_GEN, NULL) + CT (CKM_CONCATENATE_BASE_AND_KEY, NULL) + CT (CKM_CONCATENATE_BASE_AND_DATA, NULL) + CT (CKM_CONCATENATE_DATA_AND_BASE, NULL) + CT (CKM_XOR_BASE_AND_DATA, NULL) + CT (CKM_EXTRACT_KEY_FROM_KEY, NULL) + CT (CKM_SSL3_PRE_MASTER_KEY_GEN, NULL) + CT (CKM_SSL3_MASTER_KEY_DERIVE, NULL) + CT (CKM_SSL3_KEY_AND_MAC_DERIVE, NULL) + CT (CKM_SSL3_MASTER_KEY_DERIVE_DH, NULL) + CT (CKM_TLS_PRE_MASTER_KEY_GEN, NULL) + CT (CKM_TLS_MASTER_KEY_DERIVE, NULL) + CT (CKM_TLS_KEY_AND_MAC_DERIVE, NULL) + CT (CKM_TLS_MASTER_KEY_DERIVE_DH, NULL) + /* CT (CKM_TLS_PRF) */ + CT (CKM_SSL3_MD5_MAC, NULL) + CT (CKM_SSL3_SHA1_MAC, NULL) + CT (CKM_MD5_KEY_DERIVATION, NULL) + CT (CKM_MD2_KEY_DERIVATION, NULL) + CT (CKM_SHA1_KEY_DERIVATION, NULL) + CT (CKM_SHA256_KEY_DERIVATION, NULL) + CT (CKM_SHA384_KEY_DERIVATION, NULL) + CT (CKM_SHA512_KEY_DERIVATION, NULL) + CT (CKM_PBE_MD2_DES_CBC, NULL) + CT (CKM_PBE_MD5_DES_CBC, NULL) + CT (CKM_PBE_MD5_CAST_CBC, NULL) + CT (CKM_PBE_MD5_CAST3_CBC, NULL) + CT (CKM_PBE_MD5_CAST5_CBC, NULL) + /* CT (CKM_PBE_MD5_CAST128_CBC) */ + CT (CKM_PBE_SHA1_CAST5_CBC, NULL) + /* CT (CKM_PBE_SHA1_CAST128_CBC) */ + CT (CKM_PBE_SHA1_RC4_128, NULL) + CT (CKM_PBE_SHA1_RC4_40, NULL) + CT (CKM_PBE_SHA1_DES3_EDE_CBC, NULL) + CT (CKM_PBE_SHA1_DES2_EDE_CBC, NULL) + CT (CKM_PBE_SHA1_RC2_128_CBC, NULL) + CT (CKM_PBE_SHA1_RC2_40_CBC, NULL) + CT (CKM_PKCS5_PBKD2, NULL) + CT (CKM_PBA_SHA1_WITH_SHA1_HMAC, NULL) + CT (CKM_WTLS_PRE_MASTER_KEY_GEN, NULL) + CT (CKM_WTLS_MASTER_KEY_DERIVE, NULL) + CT (CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC, NULL) + CT (CKM_WTLS_PRF, NULL) + CT (CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE, NULL) + CT (CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE, NULL) + CT (CKM_KEY_WRAP_LYNKS, NULL) + CT (CKM_KEY_WRAP_SET_OAEP, NULL) + CT (CKM_CMS_SIG, NULL) + CT (CKM_SKIPJACK_KEY_GEN, NULL) + CT (CKM_SKIPJACK_ECB64, NULL) + CT (CKM_SKIPJACK_CBC64, NULL) + CT (CKM_SKIPJACK_OFB64, NULL) + CT (CKM_SKIPJACK_CFB64, NULL) + CT (CKM_SKIPJACK_CFB32, NULL) + CT (CKM_SKIPJACK_CFB16, NULL) + CT (CKM_SKIPJACK_CFB8, NULL) + CT (CKM_SKIPJACK_WRAP, NULL) + CT (CKM_SKIPJACK_PRIVATE_WRAP, NULL) + CT (CKM_SKIPJACK_RELAYX, NULL) + CT (CKM_KEA_KEY_PAIR_GEN, NULL) + CT (CKM_KEA_KEY_DERIVE, NULL) + CT (CKM_FORTEZZA_TIMESTAMP, NULL) + CT (CKM_BATON_KEY_GEN, NULL) + CT (CKM_BATON_ECB128, NULL) + CT (CKM_BATON_ECB96, NULL) + CT (CKM_BATON_CBC128, NULL) + CT (CKM_BATON_COUNTER, NULL) + CT (CKM_BATON_SHUFFLE, NULL) + CT (CKM_BATON_WRAP, NULL) + CT (CKM_ECDSA_KEY_PAIR_GEN, NULL) + /* CT (CKM_EC_KEY_PAIR_GEN) */ + CT (CKM_ECDSA, NULL) + CT (CKM_ECDSA_SHA1, NULL) + CT (CKM_ECDH1_DERIVE, NULL) + CT (CKM_ECDH1_COFACTOR_DERIVE, NULL) + CT (CKM_ECMQV_DERIVE, NULL) + CT (CKM_JUNIPER_KEY_GEN, NULL) + CT (CKM_JUNIPER_ECB128, NULL) + CT (CKM_JUNIPER_CBC128, NULL) + CT (CKM_JUNIPER_COUNTER, NULL) + CT (CKM_JUNIPER_SHUFFLE, NULL) + CT (CKM_JUNIPER_WRAP, NULL) + CT (CKM_FASTHASH, NULL) + CT (CKM_AES_KEY_GEN, NULL) + CT (CKM_AES_ECB, NULL) + CT (CKM_AES_CBC, NULL) + CT (CKM_AES_MAC, NULL) + CT (CKM_AES_MAC_GENERAL, NULL) + CT (CKM_AES_CBC_PAD, NULL) + CT (CKM_BLOWFISH_KEY_GEN, NULL) + CT (CKM_BLOWFISH_CBC, NULL) + CT (CKM_TWOFISH_KEY_GEN, NULL) + CT (CKM_TWOFISH_CBC, NULL) + CT (CKM_DES_ECB_ENCRYPT_DATA, NULL) + CT (CKM_DES_CBC_ENCRYPT_DATA, NULL) + CT (CKM_DES3_ECB_ENCRYPT_DATA, NULL) + CT (CKM_DES3_CBC_ENCRYPT_DATA, NULL) + CT (CKM_AES_ECB_ENCRYPT_DATA, NULL) + CT (CKM_AES_CBC_ENCRYPT_DATA, NULL) + CT (CKM_DSA_PARAMETER_GEN, NULL) + CT (CKM_DH_PKCS_PARAMETER_GEN, NULL) + CT (CKM_X9_42_DH_PARAMETER_GEN, NULL) + { CKA_INVALID }, +}; + #undef CT struct { @@ -272,7 +604,11 @@ struct { { p11_constant_certs, ELEMS (p11_constant_certs) - 1 }, { p11_constant_keys, ELEMS (p11_constant_keys) - 1 }, { p11_constant_asserts, ELEMS (p11_constant_asserts) - 1 }, - { p11_constant_categories, ELEMS (p11_constant_categories) - 1 } + { p11_constant_categories, ELEMS (p11_constant_categories) - 1 }, + { p11_constant_mechanisms, ELEMS (p11_constant_mechanisms) - 1 }, + { p11_constant_states, ELEMS (p11_constant_states) - 1 }, + { p11_constant_users, ELEMS (p11_constant_users) - 1 }, + { p11_constant_returns, ELEMS (p11_constant_returns) - 1 }, }; static int @@ -328,6 +664,7 @@ p11_constant_reverse (bool nick) { const p11_constant *table; p11_dict *lookups; + void *string; int length = -1; int i, j; @@ -339,9 +676,14 @@ p11_constant_reverse (bool nick) length = tables[i].length; for (j = 0; j < length; j++) { - if (!p11_dict_set (lookups, - nick ? (void *)table[j].nick : (void *)table[j].name, - (void *)&table[j].value)) + if (nick) { + if (!table[j].nick) + continue; + string = (void *)table[j].nick; + } else { + string = (void *)table[j].name; + } + if (!p11_dict_set (lookups, string, (void *)&table[j].value)) return_val_if_reached (NULL); } } diff --git a/common/constants.h b/common/constants.h index 82a0879..5b0f3a5 100644 --- a/common/constants.h +++ b/common/constants.h @@ -71,4 +71,12 @@ extern const p11_constant p11_constant_asserts[]; extern const p11_constant p11_constant_categories[]; +extern const p11_constant p11_constant_mechanisms[]; + +extern const p11_constant p11_constant_states[]; + +extern const p11_constant p11_constant_users[]; + +extern const p11_constant p11_constant_returns[]; + #endif /* P11_CONSTANTS_H_ */ diff --git a/common/tests/test-constants.c b/common/tests/test-constants.c index 4cd4472..4c2f3eb 100644 --- a/common/tests/test-constants.c +++ b/common/tests/test-constants.c @@ -59,6 +59,10 @@ test_constants (CuTest *tc) p11_constant_keys, p11_constant_asserts, p11_constant_categories, + p11_constant_mechanisms, + p11_constant_users, + p11_constant_states, + p11_constant_returns, NULL }; @@ -74,16 +78,20 @@ test_constants (CuTest *tc) } } for (i = 0; constant[i].value != CKA_INVALID; i++) { - CuAssertPtrNotNull (tc, constant[i].nick); CuAssertPtrNotNull (tc, constant[i].name); - CuAssertStrEquals (tc, constant[i].nick, - p11_constant_nick (constant, constant[i].value)); + if (constant[i].nick) { + CuAssertStrEquals (tc, constant[i].nick, + p11_constant_nick (constant, constant[i].value)); + } + CuAssertStrEquals (tc, constant[i].name, p11_constant_name (constant, constant[i].value)); - check = p11_constant_resolve (nicks, constant[i].nick); - CuAssertIntEquals (tc, constant[i].value, check); + if (constant[i].nick) { + check = p11_constant_resolve (nicks, constant[i].nick); + CuAssertIntEquals (tc, constant[i].value, check); + } check = p11_constant_resolve (names, constant[i].name); CuAssertIntEquals (tc, constant[i].value, check); diff --git a/doc/manual/Makefile.am b/doc/manual/Makefile.am index 084e941..e306fb1 100644 --- a/doc/manual/Makefile.am +++ b/doc/manual/Makefile.am @@ -52,6 +52,7 @@ IGNORE_HFILES= \ conf.h \ debug.h \ dict.h \ + log.h \ mock.h \ modules.h \ pkcs11.h \ diff --git a/doc/manual/p11-kit-sharing.xml b/doc/manual/p11-kit-sharing.xml index 0989923..bf0ed01 100644 --- a/doc/manual/p11-kit-sharing.xml +++ b/doc/manual/p11-kit-sharing.xml @@ -94,6 +94,11 @@ <literal>C_CloseAllSessions</literal> function to be used without closing sessions for other callers of the same PKCS#11 module.</para> </listitem> + <listitem> + <para>Managed modules have ability to log PKCS#11 method calls for debugging + purposes. See the <link linkend="option-log-calls"><literal>log-calls = yes</literal></link> + module configuration option.</para> + </listitem> </itemizedlist> </section> </chapter> diff --git a/doc/manual/pkcs11.conf.xml b/doc/manual/pkcs11.conf.xml index 1051ee1..1ff2562 100644 --- a/doc/manual/pkcs11.conf.xml +++ b/doc/manual/pkcs11.conf.xml @@ -157,6 +157,15 @@ x-custom : text of trust policy information such as certificate anchors and black lists.</para> </listitem> </varlistentry> + <varlistentry id="option-log-calls"> + <term>log-calls:</term> + <listitem> + <para>Set to <literal>yes</literal> to write a log to stderr of all the + calls into the module. This is only supported for managed modules.</para> + + <para>This argument is optonal and defaults to <literal>no</literal>.</para> + </listitem> + </varlistentry> </variablelist> <para>Do not specify both <literal>enable-in</literal> and <literal>disable-in</literal> @@ -196,6 +205,16 @@ x-custom : text <para>This argument is optonal.</para> </listitem> </varlistentry> + <varlistentry> + <term>log-calls:</term> + <listitem> + <para>Set to <literal>yes</literal> to write a log to stderr of all the + calls into all configured modules. This is only supported for managed + modules.</para> + + <para>This argument is optional.</para> + </listitem> + </varlistentry> </variablelist> <para>Other fields may be present, but it is recommended that field names diff --git a/p11-kit/Makefile.am b/p11-kit/Makefile.am index ed20bf5..c0919a2 100644 --- a/p11-kit/Makefile.am +++ b/p11-kit/Makefile.am @@ -25,6 +25,7 @@ MODULE_SRCS = \ util.c \ conf.c conf.h \ iter.c \ + log.c log.h \ modules.c modules.h \ pkcs11.h \ pin.c \ diff --git a/p11-kit/log.c b/p11-kit/log.c new file mode 100644 index 0000000..19377b2 --- /dev/null +++ b/p11-kit/log.c @@ -0,0 +1,2022 @@ +/* + * Copyright (c) 2007, Stefan Walter + * Copyright (c) 2013, Red Hat Inc. + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Stef Walter <stef@memberwebs.com> + */ + +#include "config.h" + +#include "attrs.h" +#include "buffer.h" +#include "constants.h" +#include "debug.h" +#include "log.h" +#include "p11-kit.h" +#include "virtual.h" + +#include <sys/types.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <errno.h> +#include <stdarg.h> + +bool p11_log_force = false; +bool p11_log_output = true; + +typedef struct { + p11_virtual virt; + CK_X_FUNCTION_LIST *lower; + p11_destroyer destroyer; +} LogData; + +#define LOG_FLAG(buf, flags, had, flag) \ + if ((flags & flag) == flag) { \ + p11_buffer_add (buf, had ? " | " : " = ", 3); \ + p11_buffer_add (buf, #flag, -1); \ + had++; \ + } + +static void +log_CKM (p11_buffer *buf, + CK_MECHANISM_TYPE v) +{ + char temp[32]; + const char *string; + + string = p11_constant_name (p11_constant_mechanisms, v); + if (string == NULL) { + snprintf (temp, sizeof (temp), "CKM_0x%08lX", v); + p11_buffer_add (buf, temp, -1); + } else { + p11_buffer_add (buf, string, -1); + } +} + +static void +log_CKS (p11_buffer *buf, + CK_STATE v) +{ + char temp[32]; + const char *string; + + string = p11_constant_name (p11_constant_states, v); + if (string == NULL) { + snprintf (temp, sizeof (temp), "CKS_0x%08lX", v); + p11_buffer_add (buf, temp, -1); + } else { + p11_buffer_add (buf, string, -1); + } +} + +static void +log_CKU (p11_buffer *buf, + CK_USER_TYPE v) +{ + char temp[32]; + const char *string; + + string = p11_constant_name (p11_constant_users, v); + if (string == NULL) { + snprintf (temp, sizeof (temp), "CKU_0x%08lX", v); + p11_buffer_add (buf, temp, -1); + } else { + p11_buffer_add (buf, string, -1); + } +} + +static void +log_CKR (p11_buffer *buf, + CK_RV v) +{ + char temp[32]; + const char *string; + + string = p11_constant_name (p11_constant_returns, v); + if (string == NULL) { + snprintf (temp, sizeof (temp), "CKR_0x%08lX", v); + p11_buffer_add (buf, temp, -1); + } else { + p11_buffer_add (buf, string, -1); + } +} + +static void +log_some_bytes (p11_buffer *buf, + CK_BYTE_PTR arr, + CK_ULONG num) +{ + CK_ULONG i; + char temp[128]; + char *p, *e; + CK_BYTE ch; + + if(!arr) { + p11_buffer_add (buf, "NULL", 4); + return; + } else if (num == (CK_ULONG)-1) { + p11_buffer_add (buf, "????", 4); + return; + } + + temp[0] = '\"'; + p = temp + 1; + e = temp + (sizeof (temp) - 8); + + for(i = 0; i < num && p < e; ++i, ++p) { + ch = arr[i]; + if (ch == '\t') { + p[0] = '\\'; p[1] = 't'; + ++p; + } else if (ch == '\n') { + p[0] = '\\'; p[1] = 'n'; + ++p; + } else if (ch == '\r') { + p[0] = '\\'; p[1] = 'r'; + ++p; + } else if (ch >= 32 && ch < 127) { + *p = ch; + } else { + p[0] = '\\'; + p[1] = 'x'; + sprintf(p + 2, "%02X", ch); + p += 3; + } + } + + *p = 0; + if (p >= e) + strcpy (e, "..."); + strcat (p, "\""); + p11_buffer_add (buf, temp, -1); +} + +static void +log_pointer (p11_buffer *buf, + const char *pref, + const char *name, + CK_VOID_PTR val, + CK_RV status) +{ + char temp[32]; + + if (status != CKR_OK) + return; + + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (val == NULL) { + p11_buffer_add (buf, "NULL\n", 5); + } else { + snprintf (temp, sizeof (temp), "0x%08lX\n", (unsigned long)(size_t)val); + p11_buffer_add (buf, temp, -1); + } +} + +static void +log_attribute_types (p11_buffer *buf, + const char *pref, + const char *name, + CK_ATTRIBUTE_PTR arr, + CK_ULONG num, + CK_RV status) +{ + const char *string; + char temp[32]; + CK_ULONG i; + + if (status == CKR_BUFFER_TOO_SMALL) { + arr = NULL; + status = CKR_OK; + } + if (status != CKR_OK) + return; + + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (arr == NULL) { + snprintf (temp, sizeof (temp), "(%lu) NONE\n", num); + p11_buffer_add (buf, temp, -1); + } else { + snprintf (temp, sizeof (temp), "(%lu) [ ", num); + p11_buffer_add (buf, temp, -1); + for (i = 0; i < num; i++) { + if (i > 0) + p11_buffer_add (buf, ", ", 2); + string = p11_constant_name (p11_constant_types, arr[i].type); + if (string != NULL) { + p11_buffer_add (buf, string, -1); + } else { + snprintf (temp, sizeof (temp), "CKA_0x%08lX", arr[i].type); + p11_buffer_add (buf, temp, -1); + } + } + + p11_buffer_add (buf, " ]\n", 3); + } +} + +static void +log_attribute_array (p11_buffer *buf, + const char *pref, + const char *name, + CK_ATTRIBUTE_PTR arr, + CK_ULONG num, + CK_RV status) +{ + char temp[32]; + + if (status == CKR_BUFFER_TOO_SMALL) { + arr = NULL; + status = CKR_OK; + } + if (status != CKR_OK) + return; + + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (arr == NULL) { + snprintf (temp, sizeof (temp), "(%lu) NONE\n", num); + p11_buffer_add (buf, temp, -1); + } else { + p11_attrs_format (buf, arr, num); + p11_buffer_add (buf, "\n", 1); + } +} + +static void +log_bool (p11_buffer *buf, + const char *pref, + const char *name, + CK_BBOOL val, + CK_RV status) +{ + if (status == CKR_OK) { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + p11_buffer_add (buf, val ? "CK_TRUE" : "CK_FALSE", -1); + p11_buffer_add (buf, "\n", 1); + } +} + +static void +log_byte_array (p11_buffer *buf, + const char *pref, + const char *name, + CK_BYTE_PTR arr, + CK_ULONG_PTR num, + CK_RV status) +{ + char temp[32]; + + if (status == CKR_BUFFER_TOO_SMALL) { + arr = NULL; + status = CKR_OK; + } + + if (status != CKR_OK) + return; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (num == NULL) { + p11_buffer_add (buf, "(?) NOTHING\n", -1); + } else if (arr == NULL) { + snprintf (temp, sizeof (temp), "(%lu) NOTHING\n", *num); + p11_buffer_add (buf, temp, -1); + } else { + snprintf (temp, sizeof (temp), "(%lu) ", *num); + p11_buffer_add (buf, temp, -1); + log_some_bytes (buf, arr, *num); + p11_buffer_add (buf, "\n", 1); + } +} + +static void +log_info (p11_buffer *buf, + const char *pref, + const char *name, + CK_INFO_PTR info, + CK_RV status) +{ + char temp[32]; + + if (status != CKR_OK) + return; + if (info == NULL) { + log_pointer (buf, pref, name, info, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tcryptokiVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->cryptokiVersion.major, + (unsigned int)info->cryptokiVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tmanufacturerID: \"", -1); + p11_buffer_add (buf, info->manufacturerID, p11_kit_space_strlen (info->manufacturerID, sizeof (info->manufacturerID))); + p11_buffer_add (buf, "\"\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lX", info->flags); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tlibraryDescription: \"", -1); + p11_buffer_add (buf, info->libraryDescription, p11_kit_space_strlen (info->libraryDescription, sizeof (info->libraryDescription))); + p11_buffer_add (buf, "\"\n\tlibraryVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->libraryVersion.major, + (unsigned int)info->libraryVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_pInitArgs (p11_buffer *buf, + const char *pref, + const char *name, + CK_VOID_PTR pInitArgs, + CK_RV status) +{ + char temp[32]; + int had = 0; + + if (status != CKR_OK) + return; + if (pInitArgs == NULL) + log_pointer (buf, pref, name, pInitArgs, status); + else { + CK_C_INITIALIZE_ARGS *args = (CK_C_INITIALIZE_ARGS*)pInitArgs; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tCreateMutex: ", -1); + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)args->CreateMutex); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tDestroyMutex: ", -1); + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)args->DestroyMutex); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tLockMutex: ", -1); + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)args->LockMutex); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tUnlockMutex: ", -1); + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)args->UnlockMutex); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lX", args->flags); + LOG_FLAG (buf, args->flags, had, CKF_OS_LOCKING_OK); + p11_buffer_add (buf, "\n\treserved: ", -1); + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)args->pReserved); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_mechanism_info (p11_buffer *buf, + const char *pref, + const char *name, + CK_MECHANISM_INFO_PTR info, + CK_RV status) +{ + char temp[32]; + int had = 0; + + if (status != CKR_OK) + return; + if (info == NULL) { + log_pointer (buf, pref, name, info, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tulMinKeySize: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulMinKeySize); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tulMaxKeySize: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulMaxKeySize); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lX", info->flags); + p11_buffer_add (buf, temp, -1); + LOG_FLAG (buf, info->flags, had, CKF_HW); + LOG_FLAG (buf, info->flags, had, CKF_ENCRYPT); + LOG_FLAG (buf, info->flags, had, CKF_DECRYPT); + LOG_FLAG (buf, info->flags, had, CKF_DIGEST); + LOG_FLAG (buf, info->flags, had, CKF_SIGN); + LOG_FLAG (buf, info->flags, had, CKF_SIGN_RECOVER); + LOG_FLAG (buf, info->flags, had, CKF_VERIFY); + LOG_FLAG (buf, info->flags, had, CKF_VERIFY_RECOVER); + LOG_FLAG (buf, info->flags, had, CKF_GENERATE); + LOG_FLAG (buf, info->flags, had, CKF_GENERATE_KEY_PAIR); + LOG_FLAG (buf, info->flags, had, CKF_WRAP); + LOG_FLAG (buf, info->flags, had, CKF_UNWRAP); + LOG_FLAG (buf, info->flags, had, CKF_DERIVE); + LOG_FLAG (buf, info->flags, had, CKF_EXTENSION); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_mechanism (p11_buffer *buf, + const char *pref, + const char *name, + CK_MECHANISM_PTR mech, + CK_RV status) +{ + char temp[32]; + + if (status != CKR_OK) + return; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tmechanism: ", -1); + log_CKM (buf, mech->mechanism); + p11_buffer_add (buf, "\n\tpParameter: ", -1); + snprintf (temp, sizeof (temp), "(%lu) ", mech->ulParameterLen); + p11_buffer_add (buf, temp, -1); + log_some_bytes (buf, mech->pParameter, mech->ulParameterLen); + p11_buffer_add (buf, "\n }\n", -1); +} + +static void +log_mechanism_type (p11_buffer *buf, + const char *pref, + const char *name, + CK_MECHANISM_TYPE val, + CK_RV status) +{ + if (status != CKR_OK) + return; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + log_CKM (buf, val); + p11_buffer_add (buf, "\n", 1); +} + +static void +log_mechanism_type_array (p11_buffer *buf, + const char *pref, + const char *name, + CK_MECHANISM_TYPE_PTR arr, + CK_ULONG_PTR num, + CK_RV status) +{ + char temp[32]; + CK_ULONG i; + + if (status == CKR_BUFFER_TOO_SMALL) { + arr = NULL; + status = CKR_OK; + } + if (status != CKR_OK) + return; + + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (num == NULL) { + p11_buffer_add (buf, "(?) NO-VALUES\n", -1); + } else if (arr == NULL) { + snprintf (temp, sizeof (temp), "(%lu) NO-VALUES\n", *num); + p11_buffer_add (buf, temp, -1); + } else { + snprintf (temp, sizeof (temp), "(%lu) [ ", *num); + p11_buffer_add (buf, temp, -1); + for(i = 0; i < *num; ++i) { + if (i > 0) + p11_buffer_add (buf, ", ", 2); + log_CKM (buf, arr[i]); + } + p11_buffer_add (buf, " ]\n", 3); + } +} + +static void +log_session_info (p11_buffer *buf, + const char *pref, + const char *name, + CK_SESSION_INFO_PTR info, + CK_RV status) +{ + char temp[32]; + int had = 0; + + if (status != CKR_OK) + return; + if (info == NULL) { + log_pointer (buf, pref, name, info, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tslotID: ", -1); + snprintf (temp, sizeof (temp), "SL%lu", info->slotID); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tstate: ", -1); + log_CKS (buf, info->state); + p11_buffer_add (buf, "\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lX", info->flags); + p11_buffer_add (buf, temp, -1); + LOG_FLAG (buf, info->flags, had, CKF_SERIAL_SESSION); + LOG_FLAG (buf, info->flags, had, CKF_RW_SESSION); + p11_buffer_add (buf, "\n\tulDeviceError: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulDeviceError); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_slot_info (p11_buffer *buf, + const char *pref, + const char *name, + CK_SLOT_INFO_PTR info, + CK_RV status) +{ + char temp[32]; + int had = 0; + + if (status != CKR_OK) + return; + if (info == NULL) { + log_pointer (buf, pref, name, info, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tslotDescription: \"", -1); + p11_buffer_add (buf, info->slotDescription, p11_kit_space_strlen (info->slotDescription, sizeof (info->slotDescription))); + p11_buffer_add (buf, "\"\n\tmanufacturerID: \"", -1); + p11_buffer_add (buf, info->manufacturerID, p11_kit_space_strlen (info->manufacturerID, sizeof (info->manufacturerID))); + p11_buffer_add (buf, "\"\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->flags); + p11_buffer_add (buf, temp, -1); + LOG_FLAG (buf, info->flags, had, CKF_TOKEN_PRESENT); + LOG_FLAG (buf, info->flags, had, CKF_REMOVABLE_DEVICE); + LOG_FLAG (buf, info->flags, had, CKF_HW_SLOT); + p11_buffer_add (buf, "\n\thardwareVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->hardwareVersion.major, + (unsigned int)info->hardwareVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tfirmwareVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->firmwareVersion.major, + (unsigned int)info->firmwareVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_string (p11_buffer *buf, + const char *pref, + const char *name, + CK_UTF8CHAR_PTR str, + const CK_RV status) +{ + if (status != CKR_OK) + return; + if (str == NULL) { + log_pointer (buf, pref, name, str, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = \"", 4); + p11_buffer_add (buf, str, -1); + p11_buffer_add (buf, "\"\n", 2); + } +} + +static void +log_token_number (p11_buffer *buf, + CK_ULONG number) +{ + char temp[32]; + + if (number == 0) { + p11_buffer_add (buf, "CK_UNAVAILABLE_INFORMATION", -1); + } else if (number == (CK_ULONG)-1) { + p11_buffer_add (buf, "CK_EFFECTIVELY_INFINITE", -1); + } else { + snprintf (temp, sizeof (temp), "%lu", number); + p11_buffer_add (buf, temp, -1); + } +} + +static void +log_token_info (p11_buffer *buf, + const char *pref, + const char *name, + CK_TOKEN_INFO_PTR info, + CK_RV status) +{ + char temp[32]; + int had = 0; + + if (status != CKR_OK) + return; + if (info == NULL) { + log_pointer (buf, pref, name, info, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tlabel: \"", -1); + p11_buffer_add (buf, info->label, p11_kit_space_strlen (info->label, sizeof (info->label))); + p11_buffer_add (buf, "\"\n\tmanufacturerID: \"", -1); + p11_buffer_add (buf, info->manufacturerID, p11_kit_space_strlen (info->manufacturerID, sizeof (info->manufacturerID))); + p11_buffer_add (buf, "\"\n\tmodel: \"", -1); + p11_buffer_add (buf, info->model, p11_kit_space_strlen (info->model, sizeof (info->model))); + p11_buffer_add (buf, "\"\n\tserialNumber: \"", -1); + p11_buffer_add (buf, info->serialNumber, p11_kit_space_strlen (info->serialNumber, sizeof (info->serialNumber))); + p11_buffer_add (buf, "\"\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->flags); + p11_buffer_add (buf, temp, -1); + LOG_FLAG (buf, info->flags, had, CKF_RNG); + LOG_FLAG (buf, info->flags, had, CKF_WRITE_PROTECTED); + LOG_FLAG (buf, info->flags, had, CKF_LOGIN_REQUIRED); + LOG_FLAG (buf, info->flags, had, CKF_USER_PIN_INITIALIZED); + LOG_FLAG (buf, info->flags, had, CKF_RESTORE_KEY_NOT_NEEDED); + LOG_FLAG (buf, info->flags, had, CKF_CLOCK_ON_TOKEN); + LOG_FLAG (buf, info->flags, had, CKF_PROTECTED_AUTHENTICATION_PATH); + LOG_FLAG (buf, info->flags, had, CKF_DUAL_CRYPTO_OPERATIONS); + LOG_FLAG (buf, info->flags, had, CKF_TOKEN_INITIALIZED); + LOG_FLAG (buf, info->flags, had, CKF_SECONDARY_AUTHENTICATION); + LOG_FLAG (buf, info->flags, had, CKF_USER_PIN_COUNT_LOW); + LOG_FLAG (buf, info->flags, had, CKF_USER_PIN_FINAL_TRY); + LOG_FLAG (buf, info->flags, had, CKF_USER_PIN_LOCKED); + LOG_FLAG (buf, info->flags, had, CKF_USER_PIN_TO_BE_CHANGED); + LOG_FLAG (buf, info->flags, had, CKF_SO_PIN_COUNT_LOW); + LOG_FLAG (buf, info->flags, had, CKF_SO_PIN_FINAL_TRY); + LOG_FLAG (buf, info->flags, had, CKF_SO_PIN_LOCKED); + LOG_FLAG (buf, info->flags, had, CKF_SO_PIN_TO_BE_CHANGED); + if (!had) { + snprintf (temp, sizeof (temp), "%lu", info->flags); + p11_buffer_add (buf, temp, -1); + } + + p11_buffer_add (buf, "\n\tulMaxSessionCount: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulSessionCount: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulSessionCount); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tulMaxRwSessionCount: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulRwSessionCount: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulRwSessionCount); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tulMaxPinLen: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulMaxPinLen); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tulMinPinLen: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulMinPinLen); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tulTotalPublicMemory: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulFreePublicMemory: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulTotalPrivateMemory: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulFreePrivateMemory: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulFreePrivateMemory: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\thardwareVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->hardwareVersion.major, + (unsigned int)info->hardwareVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tfirmwareVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->firmwareVersion.major, + (unsigned int)info->firmwareVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tutcTime: ", -1); + p11_buffer_add (buf, (info->flags & CKF_CLOCK_ON_TOKEN) ? (const char*)info->utcTime : "", -1); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_ulong (p11_buffer *buf, + const char *pref, + const char *name, + CK_ULONG val, + const char* npref, + CK_RV status) +{ + char temp[32]; + + if (!npref) + npref = ""; + if (status == CKR_OK) { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + p11_buffer_add (buf, npref, -1); + snprintf (temp, sizeof (temp), "%lu", val); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n", 1); + } +} + +static void +log_ulong_array (p11_buffer *buf, + const char *pref, + const char *name, + CK_ULONG_PTR arr, + CK_ULONG_PTR num, + const char *npref, + CK_RV status) +{ + char temp[32]; + CK_ULONG i; + + if (status == CKR_BUFFER_TOO_SMALL) { + arr = NULL; + status = CKR_OK; + } + + if (status != CKR_OK) + return; + if (npref == NULL) + npref = ""; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (num == NULL) { + p11_buffer_add (buf, "(?) NO-VALUES\n", -1); + } else if (arr == NULL) { + snprintf (temp, sizeof (temp), "(%lu) NO-VALUES\n", *num); + p11_buffer_add (buf, temp, -1); + } else { + snprintf (temp, sizeof (temp), "(%lu) [ ", *num); + p11_buffer_add (buf, temp, -1); + for (i = 0; i < *num; ++i) { + if (i > 0) + p11_buffer_add (buf, ", ", 2); + p11_buffer_add (buf, npref, -1); + snprintf (temp, sizeof (temp), "%lu", arr[i]); + p11_buffer_add (buf, temp, -1); + } + p11_buffer_add (buf, " ]\n", 3); + } +} + +static void +log_ulong_pointer (p11_buffer *buf, + const char *pref, + const char *name, + CK_ULONG_PTR val, + const char *npref, + CK_RV status) +{ + char temp[32]; + + if (status != CKR_OK) + return; + if (npref == NULL) + npref = ""; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (val == NULL) { + p11_buffer_add (buf, "NULL\n", 5); + } else { + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)val); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, " = ", 3); + p11_buffer_add (buf, npref, -1); + snprintf (temp, sizeof (temp), "%lu", *val); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n", 1); + } +} + +static void +log_user_type (p11_buffer *buf, + const char *pref, + const char *name, + CK_USER_TYPE val, + CK_RV status) +{ + if (status != CKR_OK) + return; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + log_CKU (buf, val); + p11_buffer_add (buf, "\n", 1); +} + +static void +flush_buffer (p11_buffer *buf) +{ + if (p11_log_output) { + fwrite (buf->data, 1, buf->len, stderr); + fflush (stderr); + } + p11_buffer_reset (buf, 128); +} + +#define BEGIN_CALL(name) \ + { \ + LogData *_log = (LogData *)self; \ + const char* _name = "C_" #name; \ + p11_buffer _buf; \ + CK_X_##name _func = _log->lower->C_##name; \ + CK_RV _ret = CKR_OK; \ + p11_buffer_init_null (&_buf, 128); \ + return_val_if_fail (_func != NULL, CKR_DEVICE_ERROR); \ + p11_buffer_add (&_buf, _name, -1); \ + p11_buffer_add (&_buf, "\n", 1); \ + self = _log->lower; + +#define PROCESS_CALL(args) \ + flush_buffer (&_buf); \ + _ret = (_func) args; + +#define DONE_CALL \ + p11_buffer_add (&_buf, _name, -1); \ + p11_buffer_add (&_buf, " = ", 3); \ + log_CKR (&_buf, _ret); \ + p11_buffer_add (&_buf, "\n", 1); \ + flush_buffer (&_buf); \ + p11_buffer_uninit (&_buf); \ + return _ret; \ + } + +#define LIN " IN: " +#define LOUT " OUT: " + +#define IN_ATTRIBUTE_ARRAY(a, n) \ + log_attribute_types (&_buf, LIN, #a, a, n, CKR_OK); + +#define IN_BOOL(a) \ + log_bool (&_buf, LIN, #a, a, CKR_OK); + +#define IN_BYTE_ARRAY(a, n) \ + log_byte_array (&_buf, LIN, #a, a, &n, CKR_OK); + +#define IN_HANDLE(a) \ + log_ulong (&_buf, LIN, #a, a, "H", CKR_OK); + +#define IN_INIT_ARGS(a) \ + log_pInitArgs (&_buf, LIN, #a, a, CKR_OK); + +#define IN_POINTER(a) \ + log_pointer (&_buf, LIN, #a, a, CKR_OK); + +#define IN_MECHANISM(a) \ + log_mechanism (&_buf, LIN, #a, a, CKR_OK); + +#define IN_MECHANISM_TYPE(a) \ + log_mechanism_type (&_buf, LIN, #a, a, CKR_OK); + +#define IN_SESSION(a) \ + log_ulong (&_buf, LIN, #a, a, "S", CKR_OK); + +#define IN_SLOT_ID(a) \ + log_ulong (&_buf, LIN, #a, a, "SL", CKR_OK); + +#define IN_STRING(a) \ + log_string (&_buf, LIN, #a, a, CKR_OK); + +#define IN_ULONG(a) \ + log_ulong (&_buf, LIN, #a, a, NULL, CKR_OK); + +#define IN_ULONG_PTR(a) \ + log_ulong_pointer (&_buf, LIN, #a, a, NULL, CKR_OK); + +#define IN_USER_TYPE(a) \ + log_user_type (&_buf, LIN, #a, a, CKR_OK); + +#define OUT_ATTRIBUTE_ARRAY(a, n) \ + log_attribute_array (&_buf, LOUT, #a, a, n, _ret); + +#define OUT_BYTE_ARRAY(a, n) \ + log_byte_array(&_buf, LOUT, #a, a, n, _ret); + +#define OUT_HANDLE(a) \ + log_ulong_pointer (&_buf, LOUT, #a, a, "H", _ret); + +#define OUT_HANDLE_ARRAY(a, n) \ + log_ulong_array (&_buf, LOUT, #a, a, n, "H", _ret); + +#define OUT_INFO(a) \ + log_info (&_buf, LOUT, #a, a, _ret); + +#define OUT_MECHANISM_INFO(a) \ + log_mechanism_info (&_buf, LOUT, #a, a, _ret); + +#define OUT_MECHANISM_TYPE_ARRAY(a, n) \ + log_mechanism_type_array (&_buf, LOUT, #a, a, n, _ret); + +#define OUT_POINTER(a) \ + log_pointer (&_buf, LOUT, #a, a, _ret); + +#define OUT_SESSION(a) \ + log_ulong_pointer (&_buf, LOUT, #a, a, "S", _ret); + +#define OUT_SESSION_INFO(a) \ + log_session_info (&_buf, LOUT, #a, a, _ret); + +#define OUT_SLOT_ID_ARRAY(a, n) \ + log_ulong_array (&_buf, LOUT, #a, a, n, "SL", _ret); + +#define OUT_SLOT_ID(a) \ + log_ulong_pointer (&_buf, LOUT, #a, a, "SL", _ret); + +#define OUT_SLOT_INFO(a) \ + log_slot_info (&_buf, LOUT, #a, a, _ret); + +#define OUT_TOKEN_INFO(a) \ + log_token_info (&_buf, LOUT, #a, a, _ret); + +#define OUT_ULONG(a) \ + log_ulong_pointer (&_buf, LOUT, #a, a, NULL, _ret); + +#define OUT_ULONG_ARRAY(a, n) \ + log_ulong_array (&_buf, LOUT, #a, a, n, NULL, _ret); + + + +/* ---------------------------------------------------------------- */ + +static CK_RV +log_C_Initialize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR pInitArgs) +{ + BEGIN_CALL (Initialize) + IN_INIT_ARGS (pInitArgs) + PROCESS_CALL ((self, pInitArgs)) + DONE_CALL +} + +static CK_RV +log_C_Finalize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR pReserved) +{ + BEGIN_CALL (Finalize) + IN_POINTER (pReserved) + PROCESS_CALL ((self, pReserved)) + DONE_CALL +} + +static CK_RV +log_C_GetInfo (CK_X_FUNCTION_LIST *self, + CK_INFO_PTR pInfo) +{ + BEGIN_CALL (GetInfo) + PROCESS_CALL ((self, pInfo)) + OUT_INFO (pInfo) + DONE_CALL +} + +static CK_RV +log_C_GetSlotList (CK_X_FUNCTION_LIST *self, + CK_BBOOL tokenPresent, + CK_SLOT_ID_PTR pSlotList, + CK_ULONG_PTR pulCount) +{ + BEGIN_CALL (GetSlotList) + IN_BOOL (tokenPresent) + IN_ULONG_PTR (pulCount) + PROCESS_CALL ((self, tokenPresent, pSlotList, pulCount)) + OUT_SLOT_ID_ARRAY (pSlotList, pulCount) + DONE_CALL +} + +static CK_RV +log_C_GetSlotInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_SLOT_INFO_PTR pInfo) +{ + BEGIN_CALL (GetSlotInfo) + IN_SLOT_ID (slotID) + PROCESS_CALL ((self, slotID, pInfo)) + OUT_SLOT_INFO (pInfo) + DONE_CALL +} + +static CK_RV +log_C_GetTokenInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_TOKEN_INFO_PTR pInfo) +{ + BEGIN_CALL (GetTokenInfo) + IN_SLOT_ID (slotID) + PROCESS_CALL ((self, slotID, pInfo)) + OUT_TOKEN_INFO (pInfo) + DONE_CALL +} + +static CK_RV +log_C_GetMechanismList (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_MECHANISM_TYPE_PTR pMechanismList, + CK_ULONG_PTR pulCount) +{ + BEGIN_CALL (GetMechanismList) + IN_SLOT_ID (slotID) + IN_ULONG_PTR (pulCount) + PROCESS_CALL ((self, slotID, pMechanismList, pulCount)) + OUT_MECHANISM_TYPE_ARRAY (pMechanismList, pulCount) + DONE_CALL +} + +static CK_RV +log_C_GetMechanismInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_MECHANISM_TYPE type, + CK_MECHANISM_INFO_PTR pInfo) +{ + BEGIN_CALL (GetMechanismInfo) + IN_SLOT_ID (slotID) + IN_MECHANISM_TYPE (type) + PROCESS_CALL ((self, slotID, type, pInfo)) + OUT_MECHANISM_INFO (pInfo) + DONE_CALL +} + +static CK_RV +log_C_InitToken (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_UTF8CHAR_PTR pPin, + CK_ULONG ulPinLen, + CK_UTF8CHAR_PTR pLabel) +{ + BEGIN_CALL (InitToken) + IN_SLOT_ID (slotID) + IN_BYTE_ARRAY (pPin, ulPinLen) + IN_STRING (pLabel) + PROCESS_CALL ((self, slotID, pPin, ulPinLen, pLabel)) + DONE_CALL +} + +static CK_RV +log_C_WaitForSlotEvent (CK_X_FUNCTION_LIST *self, + CK_FLAGS flags, + CK_SLOT_ID_PTR pSlot, + CK_VOID_PTR pReserved) +{ + char temp[32]; + int had = 0; + + BEGIN_CALL (WaitForSlotEvent) + p11_buffer_add (&_buf, " IN: flags = ", -1); + snprintf (temp, sizeof (temp), "%lu", flags); + p11_buffer_add (&_buf, temp, -1); + LOG_FLAG (&_buf, flags, had, CKF_DONT_BLOCK); + p11_buffer_add (&_buf, "\n", 1); + PROCESS_CALL ((self, flags, pSlot, pReserved)) + OUT_SLOT_ID (pSlot) + OUT_POINTER (pReserved) + DONE_CALL +} + +static CK_RV +log_C_OpenSession (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_FLAGS flags, + CK_VOID_PTR pApplication, + CK_NOTIFY Notify, + CK_SESSION_HANDLE_PTR phSession) +{ + char temp[32]; + int had = 0; + + BEGIN_CALL (OpenSession) + IN_SLOT_ID (slotID) + p11_buffer_add (&_buf, " IN: flags = ", -1); + snprintf (temp, sizeof (temp), "%lu", flags); + p11_buffer_add (&_buf, temp, -1); + LOG_FLAG (&_buf, flags, had, CKF_SERIAL_SESSION); + LOG_FLAG (&_buf, flags, had, CKF_RW_SESSION); + p11_buffer_add (&_buf, "\n", 1); + IN_POINTER (pApplication); + IN_POINTER (Notify); + PROCESS_CALL ((self, slotID, flags, pApplication, Notify, phSession)); + OUT_SESSION (phSession) + DONE_CALL +} + +static CK_RV +log_C_CloseSession (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession) +{ + BEGIN_CALL (CloseSession) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession)) + DONE_CALL +} + +static CK_RV +log_C_CloseAllSessions (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID) +{ + BEGIN_CALL (CloseAllSessions) + IN_SLOT_ID (slotID) + PROCESS_CALL ((self, slotID)) + DONE_CALL +} + +static CK_RV +log_C_GetSessionInfo (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_SESSION_INFO_PTR pInfo) +{ + BEGIN_CALL (GetSessionInfo) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession, pInfo)) + OUT_SESSION_INFO (pInfo) + DONE_CALL +} + +static CK_RV +log_C_InitPIN (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_UTF8CHAR_PTR pPin, + CK_ULONG ulPinLen) +{ + BEGIN_CALL (InitPIN) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPin, ulPinLen) + PROCESS_CALL ((self, hSession, pPin, ulPinLen)) + DONE_CALL +} + +static CK_RV +log_C_SetPIN (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_UTF8CHAR_PTR pOldPin, + CK_ULONG ulOldLen, + CK_UTF8CHAR_PTR pNewPin, + CK_ULONG ulNewLen) +{ + BEGIN_CALL (SetPIN) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pOldPin, ulOldLen) + IN_BYTE_ARRAY (pNewPin, ulNewLen); + PROCESS_CALL ((self, hSession, pOldPin, ulOldLen, pNewPin, ulNewLen)) + DONE_CALL +} + +static CK_RV +log_C_GetOperationState (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pOperationState, + CK_ULONG_PTR pulOperationStateLen) +{ + BEGIN_CALL (GetOperationState) + IN_SESSION (hSession) + IN_ULONG_PTR (pulOperationStateLen) + PROCESS_CALL ((self, hSession, pOperationState, pulOperationStateLen)) + OUT_BYTE_ARRAY (pOperationState, pulOperationStateLen) + DONE_CALL +} + +static CK_RV +log_C_SetOperationState (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pOperationState, + CK_ULONG ulOperationStateLen, + CK_OBJECT_HANDLE hEncryptionKey, + CK_OBJECT_HANDLE hAuthenticationKey) +{ + BEGIN_CALL (SetOperationState) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pOperationState, ulOperationStateLen) + IN_HANDLE (hEncryptionKey) + IN_HANDLE (hAuthenticationKey) + PROCESS_CALL ((self, hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey)) + DONE_CALL +} + +static CK_RV +log_C_Login (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_USER_TYPE userType, + CK_UTF8CHAR_PTR pPin, + CK_ULONG ulPinLen) +{ + BEGIN_CALL (Login) + IN_SESSION (hSession) + IN_USER_TYPE (userType) + IN_BYTE_ARRAY (pPin, ulPinLen); + PROCESS_CALL ((self, hSession, userType, pPin, ulPinLen)) + DONE_CALL +} + +static CK_RV +log_C_Logout (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession) +{ + BEGIN_CALL (Logout) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession)) + DONE_CALL +} + +static CK_RV +log_C_CreateObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount, + CK_OBJECT_HANDLE_PTR phObject) +{ + BEGIN_CALL (CreateObject) + IN_SESSION (hSession) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, pTemplate, ulCount, phObject)) + OUT_HANDLE (phObject) + DONE_CALL +} + +static CK_RV +log_C_CopyObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount, + CK_OBJECT_HANDLE_PTR phNewObject) +{ + BEGIN_CALL (CopyObject) + IN_SESSION (hSession) + IN_HANDLE (hObject) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, hObject, pTemplate, ulCount, phNewObject)) + OUT_HANDLE (phNewObject) + DONE_CALL +} + + +static CK_RV +log_C_DestroyObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject) +{ + BEGIN_CALL (DestroyObject); + IN_SESSION (hSession) + IN_HANDLE (hObject) + PROCESS_CALL ((self, hSession, hObject)) + DONE_CALL +} + +static CK_RV +log_C_GetObjectSize (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ULONG_PTR size) +{ + BEGIN_CALL (GetObjectSize); + IN_SESSION (hSession) + IN_HANDLE (hObject) + PROCESS_CALL ((self, hSession, hObject, size)) + OUT_ULONG (size) + DONE_CALL +} + +static CK_RV +log_C_GetAttributeValue (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount) +{ + BEGIN_CALL (GetAttributeValue) + IN_SESSION (hSession) + IN_HANDLE (hObject) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, hObject, pTemplate, ulCount)) + OUT_ATTRIBUTE_ARRAY (pTemplate, ulCount) + DONE_CALL +} + +static CK_RV +log_C_SetAttributeValue (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount) +{ + BEGIN_CALL (SetAttributeValue) + IN_SESSION (hSession) + IN_HANDLE (hObject) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, hObject, pTemplate, ulCount)) + DONE_CALL +} + +static CK_RV +log_C_FindObjectsInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount) +{ + BEGIN_CALL (FindObjectsInit) + IN_SESSION (hSession) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, pTemplate, ulCount)) + DONE_CALL +} + +static CK_RV +log_C_FindObjects (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE_PTR object, + CK_ULONG max_object_count, + CK_ULONG_PTR object_count) +{ + BEGIN_CALL (FindObjects) + IN_SESSION (hSession) + IN_ULONG (max_object_count) + PROCESS_CALL ((self, hSession, object, max_object_count, object_count)) + OUT_HANDLE_ARRAY (object, object_count) + DONE_CALL +} + +static CK_RV +log_C_FindObjectsFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession) +{ + BEGIN_CALL (FindObjectsFinal) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession)) + DONE_CALL +} + +static CK_RV +log_C_EncryptInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (EncryptInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_Encrypt (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, + CK_ULONG ulDataLen, + CK_BYTE_PTR pEncryptedData, + CK_ULONG_PTR pulEncryptedDataLen) +{ + BEGIN_CALL (Encrypt) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pData, ulDataLen) + PROCESS_CALL ((self, hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen)) + OUT_BYTE_ARRAY (pEncryptedData, pulEncryptedDataLen) + DONE_CALL +} + +static CK_RV +log_C_EncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG_PTR pulEncryptedPartLen) +{ + BEGIN_CALL (EncryptUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen)) + OUT_BYTE_ARRAY (pEncryptedPart, pulEncryptedPartLen) + DONE_CALL +} + +static CK_RV +log_C_EncryptFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pLastEncryptedPart, + CK_ULONG_PTR pulLastEncryptedPartLen) +{ + BEGIN_CALL (EncryptFinal) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession, pLastEncryptedPart, pulLastEncryptedPartLen)) + OUT_BYTE_ARRAY (pLastEncryptedPart, pulLastEncryptedPartLen) + DONE_CALL +} + +static CK_RV +log_C_DecryptInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (DecryptInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_Decrypt (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pEncryptedData, + CK_ULONG ulEncryptedDataLen, + CK_BYTE_PTR pData, + CK_ULONG_PTR pulDataLen) +{ + BEGIN_CALL (Decrypt) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pEncryptedData, ulEncryptedDataLen) + PROCESS_CALL ((self, hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen)) + OUT_BYTE_ARRAY (pData, pulDataLen) + DONE_CALL +} + +static CK_RV +log_C_DecryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG ulEncryptedPartLen, + CK_BYTE_PTR pPart, + CK_ULONG_PTR pulPartLen) +{ + BEGIN_CALL (DecryptUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen) + PROCESS_CALL ((self, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen)) + OUT_BYTE_ARRAY (pPart, pulPartLen) + DONE_CALL +} + +static CK_RV +log_C_DecryptFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pLastPart, + CK_ULONG_PTR pulLastPartLen) +{ + BEGIN_CALL (DecryptFinal) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession, pLastPart, pulLastPartLen)) + OUT_BYTE_ARRAY (pLastPart, pulLastPartLen) + DONE_CALL +} + +static CK_RV +log_C_DigestInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism) +{ + BEGIN_CALL (DigestInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + PROCESS_CALL ((self, hSession, pMechanism)) + DONE_CALL +} + +static CK_RV +log_C_Digest (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, + CK_ULONG ulDataLen, + CK_BYTE_PTR pDigest, + CK_ULONG_PTR pulDigestLen) +{ + BEGIN_CALL (Digest) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pData, ulDataLen) + PROCESS_CALL ((self, hSession, pData, ulDataLen, pDigest, pulDigestLen)) + OUT_BYTE_ARRAY (pDigest, pulDigestLen) + DONE_CALL +} + +static CK_RV +log_C_DigestUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen) +{ + BEGIN_CALL (DigestUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen)) + DONE_CALL +} + +static CK_RV +log_C_DigestKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (DigestKey) + IN_SESSION (hSession) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, hKey)) + DONE_CALL +} + +static CK_RV +log_C_DigestFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pDigest, + CK_ULONG_PTR pulDigestLen) +{ + BEGIN_CALL (DigestFinal) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession, pDigest, pulDigestLen)) + OUT_BYTE_ARRAY (pDigest, pulDigestLen) + DONE_CALL +} + +static CK_RV +log_C_SignInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (SignInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_Sign (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, + CK_ULONG ulDataLen, + CK_BYTE_PTR pSignature, + CK_ULONG_PTR pulSignatureLen) +{ + BEGIN_CALL (Sign) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pData, ulDataLen) + PROCESS_CALL ((self, hSession, pData, ulDataLen, pSignature, pulSignatureLen)) + OUT_BYTE_ARRAY (pSignature, pulSignatureLen) + DONE_CALL +} + +static CK_RV +log_C_SignUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen) +{ + BEGIN_CALL (SignUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen)) + DONE_CALL +} + +static CK_RV +log_C_SignFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pSignature, + CK_ULONG_PTR pulSignatureLen) +{ + BEGIN_CALL (SignFinal) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession, pSignature, pulSignatureLen)) + OUT_BYTE_ARRAY (pSignature, pulSignatureLen) + DONE_CALL +} + +static CK_RV +log_C_SignRecoverInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (SignRecoverInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_SignRecover (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, + CK_ULONG ulDataLen, + CK_BYTE_PTR pSignature, + CK_ULONG_PTR pulSignatureLen) +{ + BEGIN_CALL (SignRecover) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pData, ulDataLen) + PROCESS_CALL ((self, hSession, pData, ulDataLen, pSignature, pulSignatureLen)) + OUT_BYTE_ARRAY (pSignature, pulSignatureLen) + DONE_CALL +} + +static CK_RV +log_C_VerifyInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (VerifyInit); + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_Verify (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, + CK_ULONG ulDataLen, + CK_BYTE_PTR pSignature, + CK_ULONG ulSignatureLen) +{ + BEGIN_CALL (Verify) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pData, ulDataLen) + IN_BYTE_ARRAY (pSignature, ulSignatureLen) + PROCESS_CALL ((self, hSession, pData, ulDataLen, pSignature, ulSignatureLen)) + DONE_CALL +} + +static CK_RV +log_C_VerifyUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen) +{ + BEGIN_CALL (VerifyUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen)) + DONE_CALL +} + +static CK_RV +log_C_VerifyFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pSignature, + CK_ULONG ulSignatureLen) +{ + BEGIN_CALL (VerifyFinal) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pSignature, ulSignatureLen); + PROCESS_CALL ((self, hSession, pSignature, ulSignatureLen)) + DONE_CALL +} + +static CK_RV +log_C_VerifyRecoverInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (VerifyRecoverInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_VerifyRecover (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pSignature, + CK_ULONG ulSignatureLen, + CK_BYTE_PTR pData, + CK_ULONG_PTR pulDataLen) +{ + BEGIN_CALL (VerifyRecover) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pSignature, ulSignatureLen) + PROCESS_CALL ((self, hSession, pSignature, ulSignatureLen, pData, pulDataLen)) + OUT_BYTE_ARRAY (pData, pulDataLen) + DONE_CALL +} + +static CK_RV +log_C_DigestEncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG_PTR pulEncryptedPartLen) +{ + BEGIN_CALL (DigestEncryptUpdate); + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen)) + OUT_BYTE_ARRAY (pEncryptedPart, pulEncryptedPartLen) + DONE_CALL +} + +static CK_RV +log_C_DecryptDigestUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG ulEncryptedPartLen, + CK_BYTE_PTR pPart, + CK_ULONG_PTR pulPartLen) +{ + BEGIN_CALL (DecryptDigestUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen) + PROCESS_CALL ((self, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen)) + OUT_BYTE_ARRAY (pPart, pulPartLen) + DONE_CALL +} + +static CK_RV +log_C_SignEncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG_PTR pulEncryptedPartLen) +{ + BEGIN_CALL (SignEncryptUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen)) + OUT_BYTE_ARRAY (pEncryptedPart, pulEncryptedPartLen) + DONE_CALL +} + +static CK_RV +log_C_DecryptVerifyUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG ulEncryptedPartLen, + CK_BYTE_PTR pPart, + CK_ULONG_PTR pulPartLen) +{ + BEGIN_CALL (DecryptVerifyUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen) + PROCESS_CALL ((self, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen)) + OUT_BYTE_ARRAY (pPart, pulPartLen) + DONE_CALL +} + +static CK_RV +log_C_GenerateKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount, + CK_OBJECT_HANDLE_PTR phKey) +{ + BEGIN_CALL (GenerateKey) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, pMechanism, pTemplate, ulCount, phKey)) + OUT_HANDLE (phKey) + DONE_CALL +} + +static CK_RV +log_C_GenerateKeyPair (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_ATTRIBUTE_PTR pPublicKeyTemplate, + CK_ULONG ulPublicKeyAttributeCount, + CK_ATTRIBUTE_PTR pPrivateKeyTemplate, + CK_ULONG ulPrivateKeyAttributeCount, + CK_OBJECT_HANDLE_PTR phPublicKey, + CK_OBJECT_HANDLE_PTR phPrivateKey) +{ + BEGIN_CALL (GenerateKeyPair) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_ATTRIBUTE_ARRAY (pPublicKeyTemplate, ulPublicKeyAttributeCount) + IN_ATTRIBUTE_ARRAY (pPrivateKeyTemplate, ulPrivateKeyAttributeCount) + PROCESS_CALL ((self, hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, + pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey)) + OUT_HANDLE (phPublicKey) + OUT_HANDLE (phPrivateKey) + DONE_CALL +} + +static CK_RV +log_C_WrapKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hWrappingKey, + CK_OBJECT_HANDLE hKey, + CK_BYTE_PTR pWrappedKey, + CK_ULONG_PTR pulWrappedKeyLen) +{ + BEGIN_CALL (WrapKey) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hWrappingKey) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen)) + OUT_BYTE_ARRAY (pWrappedKey, pulWrappedKeyLen) + DONE_CALL +} + +static CK_RV +log_C_UnwrapKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hUnwrappingKey, + CK_BYTE_PTR pWrappedKey, + CK_ULONG ulWrappedKeyLen, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulAttributeCount, + CK_OBJECT_HANDLE_PTR phKey) +{ + BEGIN_CALL (UnwrapKey) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hUnwrappingKey) + IN_BYTE_ARRAY (pWrappedKey, ulWrappedKeyLen) + IN_ATTRIBUTE_ARRAY (pTemplate, ulAttributeCount) + PROCESS_CALL ((self, hSession, pMechanism, hUnwrappingKey, pWrappedKey, + ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey)) + OUT_HANDLE (phKey) + DONE_CALL +} + +static CK_RV +log_C_DeriveKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hBaseKey, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulAttributeCount, + CK_OBJECT_HANDLE_PTR phObject) +{ + BEGIN_CALL (DeriveKey) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hBaseKey) + IN_ATTRIBUTE_ARRAY (pTemplate, ulAttributeCount) + PROCESS_CALL ((self, hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phObject)) + OUT_HANDLE (phObject) + DONE_CALL +} + +static CK_RV +log_C_SeedRandom (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pSeed, + CK_ULONG ulSeedLen) +{ + BEGIN_CALL (SeedRandom) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pSeed, ulSeedLen); + PROCESS_CALL ((self, hSession, pSeed, ulSeedLen)) + DONE_CALL +} + +static CK_RV +log_C_GenerateRandom (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pRandomData, + CK_ULONG ulRandomLen) +{ + BEGIN_CALL (GenerateRandom) + IN_SESSION (hSession) + IN_ULONG (ulRandomLen) + PROCESS_CALL ((self, hSession, pRandomData, ulRandomLen)) + OUT_BYTE_ARRAY (pRandomData, &ulRandomLen) + DONE_CALL +} + +static CK_X_FUNCTION_LIST log_functions = { + { -1, -1 }, + log_C_Initialize, + log_C_Finalize, + log_C_GetInfo, + log_C_GetSlotList, + log_C_GetSlotInfo, + log_C_GetTokenInfo, + log_C_GetMechanismList, + log_C_GetMechanismInfo, + log_C_InitToken, + log_C_InitPIN, + log_C_SetPIN, + log_C_OpenSession, + log_C_CloseSession, + log_C_CloseAllSessions, + log_C_GetSessionInfo, + log_C_GetOperationState, + log_C_SetOperationState, + log_C_Login, + log_C_Logout, + log_C_CreateObject, + log_C_CopyObject, + log_C_DestroyObject, + log_C_GetObjectSize, + log_C_GetAttributeValue, + log_C_SetAttributeValue, + log_C_FindObjectsInit, + log_C_FindObjects, + log_C_FindObjectsFinal, + log_C_EncryptInit, + log_C_Encrypt, + log_C_EncryptUpdate, + log_C_EncryptFinal, + log_C_DecryptInit, + log_C_Decrypt, + log_C_DecryptUpdate, + log_C_DecryptFinal, + log_C_DigestInit, + log_C_Digest, + log_C_DigestUpdate, + log_C_DigestKey, + log_C_DigestFinal, + log_C_SignInit, + log_C_Sign, + log_C_SignUpdate, + log_C_SignFinal, + log_C_SignRecoverInit, + log_C_SignRecover, + log_C_VerifyInit, + log_C_Verify, + log_C_VerifyUpdate, + log_C_VerifyFinal, + log_C_VerifyRecoverInit, + log_C_VerifyRecover, + log_C_DigestEncryptUpdate, + log_C_DecryptDigestUpdate, + log_C_SignEncryptUpdate, + log_C_DecryptVerifyUpdate, + log_C_GenerateKey, + log_C_GenerateKeyPair, + log_C_WrapKey, + log_C_UnwrapKey, + log_C_DeriveKey, + log_C_SeedRandom, + log_C_GenerateRandom, + log_C_WaitForSlotEvent, +}; + +void +p11_log_release (void *data) +{ + LogData *log = (LogData *)data; + + return_if_fail (data != NULL); + p11_virtual_uninit (&log->virt); + free (log); +} + +p11_virtual * +p11_log_subclass (p11_virtual *lower, + p11_destroyer destroyer) +{ + LogData *log; + + log = calloc (1, sizeof (LogData)); + return_val_if_fail (log != NULL, NULL); + + p11_virtual_init (&log->virt, &log_functions, lower, destroyer); + log->lower = &lower->funcs; + return &log->virt; +} diff --git a/p11-kit/log.h b/p11-kit/log.h new file mode 100644 index 0000000..d8169e8 --- /dev/null +++ b/p11-kit/log.h @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2013, Red Hat Inc. + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Stef Walter <stef@thewalter.net> + */ + +#ifndef P11_LOG_H_ +#define P11_LOG_H_ + +#include "virtual.h" + +p11_virtual * p11_log_subclass (p11_virtual *lower, + p11_destroyer destroyer); + +void p11_log_release (void *logger); + +extern bool p11_log_force; + +extern bool p11_log_output; + +#endif /* P11_LOG_H_ */ diff --git a/p11-kit/modules.c b/p11-kit/modules.c index b124e0e..33ae3b9 100644 --- a/p11-kit/modules.c +++ b/p11-kit/modules.c @@ -43,6 +43,7 @@ #include "debug.h" #include "dict.h" #include "library.h" +#include "log.h" #include "message.h" #include "modules.h" #include "path.h" @@ -1662,16 +1663,13 @@ managed_create_inlock (Module *mod) static bool lookup_managed_option (Module *mod, + bool supported, const char *option, bool def_value) { const char *string; - bool supported; bool value; - /* Whether managed stuff is supported or not */ - supported = p11_virtual_can_wrap (); - string = module_get_option_inlock (NULL, option); if (!string) string = module_get_option_inlock (mod, option); @@ -1684,13 +1682,21 @@ lookup_managed_option (Module *mod, value = _p11_conf_parse_boolean (string, def_value); if (!supported && value != supported) { - /* - * This is because libffi dependency was not built. The libffi dependency - * is highly recommended and building without it results in a large loss - * of functionality. - */ - p11_message ("the '%s' option for module '%s' is not supported on this system", - option, mod->name); + if (!p11_virtual_can_wrap ()) { + /* + * This is because libffi dependency was not built. The libffi dependency + * is highly recommended and building without it results in a large loss + * of functionality. + */ + p11_message ("the '%s' option for module '%s' is not supported on this system", + option, mod->name); + } else { + /* + * This is because the module is running in unmanaged mode, so turn off the + */ + p11_message ("the '%s' option for module '%s' is only supported for managed modules", + option, mod->name); + } return false; } @@ -1755,19 +1761,29 @@ prepare_module_inlock_reentrant (Module *mod, p11_destroyer destroyer; p11_virtual *virt; bool is_managed; + bool with_log; assert (module != NULL); - if (flags & P11_KIT_MODULE_UNMANAGED) + if (flags & P11_KIT_MODULE_UNMANAGED) { is_managed = false; - else - is_managed = lookup_managed_option (mod, "managed", true); + with_log = false; + } else { + is_managed = lookup_managed_option (mod, p11_virtual_can_wrap (), "managed", true); + with_log = lookup_managed_option (mod, is_managed, "log-calls", false); + } if (is_managed) { virt = managed_create_inlock (mod); return_val_if_fail (virt != NULL, CKR_HOST_MEMORY); destroyer = managed_free_inlock; + /* Add the logger if configured */ + if (p11_log_force || with_log) { + virt = p11_log_subclass (virt, destroyer); + destroyer = p11_log_release; + } + *module = p11_virtual_wrap (virt, destroyer); return_val_if_fail (*module != NULL, CKR_GENERAL_ERROR); diff --git a/p11-kit/tests/Makefile.am b/p11-kit/tests/Makefile.am index 0c5c246..f385d2a 100644 --- a/p11-kit/tests/Makefile.am +++ b/p11-kit/tests/Makefile.am @@ -33,6 +33,7 @@ if WITH_FFI CHECK_PROGS += \ test-virtual \ test-managed \ + test-log \ $(NULL) endif diff --git a/p11-kit/tests/test-log.c b/p11-kit/tests/test-log.c new file mode 100644 index 0000000..fc8c45c --- /dev/null +++ b/p11-kit/tests/test-log.c @@ -0,0 +1,125 @@ +/* + * Copyright (c) 2013 Red Hat Inc + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#include "config.h" +#include "CuTest.h" + +#include "dict.h" +#include "library.h" +#include "log.h" +#include "mock.h" +#include "modules.h" +#include "p11-kit.h" +#include "virtual.h" + +#include <errno.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +static CK_FUNCTION_LIST_PTR +setup_mock_module (CuTest *tc, + CK_SESSION_HANDLE *session) +{ + CK_FUNCTION_LIST_PTR module; + CK_RV rv; + + p11_lock (); + p11_log_force = true; + + rv = p11_module_load_inlock_reentrant (&mock_module, 0, &module); + CuAssertTrue (tc, rv == CKR_OK); + CuAssertPtrNotNull (tc, module); + CuAssertTrue (tc, p11_virtual_is_wrapper (module)); + + p11_unlock (); + + rv = p11_kit_module_initialize (module); + CuAssertTrue (tc, rv == CKR_OK); + + if (session) { + rv = (module->C_OpenSession) (MOCK_SLOT_ONE_ID, + CKF_RW_SESSION | CKF_SERIAL_SESSION, + NULL, NULL, session); + CuAssertTrue (tc, rv == CKR_OK); + } + + return module; +} + +static void +teardown_mock_module (CuTest *tc, + CK_FUNCTION_LIST_PTR module) +{ + CK_RV rv; + + rv = p11_kit_module_finalize (module); + CuAssertTrue (tc, rv == CKR_OK); + + p11_lock (); + + rv = p11_module_release_inlock_reentrant (module); + CuAssertTrue (tc, rv == CKR_OK); + + p11_unlock (); +} + +/* Bring in all the mock module tests */ +#include "test-mock.c" + +int +main (void) +{ + CuString *output = CuStringNew (); + CuSuite* suite = CuSuiteNew (); + int ret; + + putenv ("P11_KIT_STRICT=1"); + p11_library_init (); + mock_module_init (); + + test_mock_add_tests (suite); + + p11_kit_be_quiet (); + p11_log_output = false; + + CuSuiteRun (suite); + CuSuiteSummary (suite, output); + CuSuiteDetails (suite, output); + printf ("%s\n", output->buffer); + ret = suite->failCount; + CuSuiteDelete (suite); + CuStringDelete (output); + return ret; +} diff --git a/p11-kit/tests/test-mock.c b/p11-kit/tests/test-mock.c index ae1e028..3bc5406 100644 --- a/p11-kit/tests/test-mock.c +++ b/p11-kit/tests/test-mock.c @@ -66,7 +66,7 @@ test_get_slot_list (CuTest *tc) { CK_FUNCTION_LIST_PTR module; CK_SLOT_ID slot_list[8]; - CK_ULONG count; + CK_ULONG count = 0; CK_RV rv; module = setup_mock_module (tc, NULL); @@ -185,7 +185,7 @@ test_get_mechanism_list (CuTest *tc) { CK_FUNCTION_LIST_PTR module; CK_MECHANISM_TYPE mechs[8]; - CK_ULONG count; + CK_ULONG count = 0; CK_RV rv; module = setup_mock_module (tc, NULL); |