summaryrefslogtreecommitdiff
path: root/module
diff options
context:
space:
mode:
Diffstat (limited to 'module')
-rw-r--r--module/Makefile.am15
-rw-r--r--module/cryptoki-constants.c493
-rw-r--r--module/cryptoki-log.c1551
-rw-r--r--module/export.map5
4 files changed, 2064 insertions, 0 deletions
diff --git a/module/Makefile.am b/module/Makefile.am
new file mode 100644
index 0000000..ed0a17b
--- /dev/null
+++ b/module/Makefile.am
@@ -0,0 +1,15 @@
+
+MODULE_SRCS = cryptoki-log.c
+EXTRA_DIST = cryptoki-constants.c export.map
+
+lib_LTLIBRARIES = cryptoki-log.la
+cryptoki_log_la_LDFLAGS = \
+ -module \
+ -version-info 0:0:0 \
+ -Wl,--no-undefined \
+ -Wl,--version-script=$(srcdir)/export.map
+cryptoki_log_la_CFLAGS = \
+ -I$(top_srcdir)/pkcs11 -I.
+cryptoki_log_la_SOURCES = $(MODULE_SRCS)
+
+
diff --git a/module/cryptoki-constants.c b/module/cryptoki-constants.c
new file mode 100644
index 0000000..8085421
--- /dev/null
+++ b/module/cryptoki-constants.c
@@ -0,0 +1,493 @@
+/*
+ * Copyright (c) 2007, Nate Nielsen
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above
+ * copyright notice, this list of conditions and the
+ * following disclaimer.
+ * * Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and
+ * the following disclaimer in the documentation and/or
+ * other materials provided with the distribution.
+ * * The names of contributors to this software may not be
+ * used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+ * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ *
+ *
+ * CONTRIBUTORS
+ * Nate Nielsen <nielsen@memberwebs.com>
+ *
+ */
+
+#define CT(x) case x: cklog("%s", #x); break;
+
+static void
+log_CKA(CK_ATTRIBUTE_TYPE v)
+{
+ switch(v) {
+ CT(CKA_CLASS)
+ CT(CKA_TOKEN)
+ CT(CKA_PRIVATE)
+ CT(CKA_LABEL)
+ CT(CKA_APPLICATION)
+ CT(CKA_VALUE)
+ CT(CKA_OBJECT_ID)
+ CT(CKA_CERTIFICATE_TYPE)
+ CT(CKA_ISSUER)
+ CT(CKA_SERIAL_NUMBER)
+ CT(CKA_AC_ISSUER)
+ CT(CKA_OWNER)
+ CT(CKA_ATTR_TYPES)
+ CT(CKA_TRUSTED)
+ CT(CKA_CERTIFICATE_CATEGORY)
+ CT(CKA_JAVA_MIDP_SECURITY_DOMAIN)
+ CT(CKA_URL)
+ CT(CKA_HASH_OF_SUBJECT_PUBLIC_KEY)
+ CT(CKA_HASH_OF_ISSUER_PUBLIC_KEY)
+ CT(CKA_CHECK_VALUE)
+ CT(CKA_KEY_TYPE)
+ CT(CKA_SUBJECT)
+ CT(CKA_ID)
+ CT(CKA_SENSITIVE)
+ CT(CKA_ENCRYPT)
+ CT(CKA_DECRYPT)
+ CT(CKA_WRAP)
+ CT(CKA_UNWRAP)
+ CT(CKA_SIGN)
+ CT(CKA_SIGN_RECOVER)
+ CT(CKA_VERIFY)
+ CT(CKA_VERIFY_RECOVER)
+ CT(CKA_DERIVE)
+ CT(CKA_START_DATE)
+ CT(CKA_END_DATE)
+ CT(CKA_MODULUS)
+ CT(CKA_MODULUS_BITS)
+ CT(CKA_PUBLIC_EXPONENT)
+ CT(CKA_PRIVATE_EXPONENT)
+ CT(CKA_PRIME_1)
+ CT(CKA_PRIME_2)
+ CT(CKA_EXPONENT_1)
+ CT(CKA_EXPONENT_2)
+ CT(CKA_COEFFICIENT)
+ CT(CKA_PRIME)
+ CT(CKA_SUBPRIME)
+ CT(CKA_BASE)
+ CT(CKA_PRIME_BITS)
+ CT(CKA_SUBPRIME_BITS)
+ /* CT(CKA_SUB_PRIME_BITS) */
+ CT(CKA_VALUE_BITS)
+ CT(CKA_VALUE_LEN)
+ CT(CKA_EXTRACTABLE)
+ CT(CKA_LOCAL)
+ CT(CKA_NEVER_EXTRACTABLE)
+ CT(CKA_ALWAYS_SENSITIVE)
+ CT(CKA_KEY_GEN_MECHANISM)
+ CT(CKA_MODIFIABLE)
+ CT(CKA_ECDSA_PARAMS)
+ /* CT(CKA_EC_PARAMS) */
+ CT(CKA_EC_POINT)
+ CT(CKA_SECONDARY_AUTH)
+ CT(CKA_AUTH_PIN_FLAGS)
+ CT(CKA_ALWAYS_AUTHENTICATE)
+ CT(CKA_WRAP_WITH_TRUSTED)
+ CT(CKA_WRAP_TEMPLATE)
+ CT(CKA_UNWRAP_TEMPLATE)
+ CT(CKA_HW_FEATURE_TYPE)
+ CT(CKA_RESET_ON_INIT)
+ CT(CKA_HAS_RESET)
+ CT(CKA_PIXEL_X)
+ CT(CKA_PIXEL_Y)
+ CT(CKA_RESOLUTION)
+ CT(CKA_CHAR_ROWS)
+ CT(CKA_CHAR_COLUMNS)
+ CT(CKA_COLOR)
+ CT(CKA_BITS_PER_PIXEL)
+ CT(CKA_CHAR_SETS)
+ CT(CKA_ENCODING_METHODS)
+ CT(CKA_MIME_TYPES)
+ CT(CKA_MECHANISM_TYPE)
+ CT(CKA_REQUIRED_CMS_ATTRIBUTES)
+ CT(CKA_DEFAULT_CMS_ATTRIBUTES)
+ CT(CKA_SUPPORTED_CMS_ATTRIBUTES)
+ CT(CKA_ALLOWED_MECHANISMS)
+ CT(CKA_VENDOR_DEFINED)
+ default:
+ cklog("CKA_0x%08X", v);
+ break;
+ }
+}
+
+static void
+log_CKM(CK_MECHANISM_TYPE v)
+{
+ switch(v) {
+ CT(CKM_RSA_PKCS_KEY_PAIR_GEN)
+ CT(CKM_RSA_PKCS)
+ CT(CKM_RSA_9796)
+ CT(CKM_RSA_X_509)
+ CT(CKM_MD2_RSA_PKCS)
+ CT(CKM_MD5_RSA_PKCS)
+ CT(CKM_SHA1_RSA_PKCS)
+ CT(CKM_RIPEMD128_RSA_PKCS)
+ CT(CKM_RIPEMD160_RSA_PKCS)
+ CT(CKM_RSA_PKCS_OAEP)
+ CT(CKM_RSA_X9_31_KEY_PAIR_GEN)
+ CT(CKM_RSA_X9_31)
+ CT(CKM_SHA1_RSA_X9_31)
+ CT(CKM_RSA_PKCS_PSS)
+ CT(CKM_SHA1_RSA_PKCS_PSS)
+ CT(CKM_DSA_KEY_PAIR_GEN)
+ CT(CKM_DSA)
+ CT(CKM_DSA_SHA1)
+ CT(CKM_DH_PKCS_KEY_PAIR_GEN)
+ CT(CKM_DH_PKCS_DERIVE)
+ CT(CKM_X9_42_DH_KEY_PAIR_GEN)
+ CT(CKM_X9_42_DH_DERIVE)
+ CT(CKM_X9_42_DH_HYBRID_DERIVE)
+ CT(CKM_X9_42_MQV_DERIVE)
+ CT(CKM_SHA256_RSA_PKCS)
+ CT(CKM_SHA384_RSA_PKCS)
+ CT(CKM_SHA512_RSA_PKCS)
+ CT(CKM_SHA256_RSA_PKCS_PSS)
+ CT(CKM_SHA384_RSA_PKCS_PSS)
+ CT(CKM_SHA512_RSA_PKCS_PSS)
+ CT(CKM_RC2_KEY_GEN)
+ CT(CKM_RC2_ECB)
+ CT(CKM_RC2_CBC)
+ CT(CKM_RC2_MAC)
+ CT(CKM_RC2_MAC_GENERAL)
+ CT(CKM_RC2_CBC_PAD)
+ CT(CKM_RC4_KEY_GEN)
+ CT(CKM_RC4)
+ CT(CKM_DES_KEY_GEN)
+ CT(CKM_DES_ECB)
+ CT(CKM_DES_CBC)
+ CT(CKM_DES_MAC)
+ CT(CKM_DES_MAC_GENERAL)
+ CT(CKM_DES_CBC_PAD)
+ CT(CKM_DES2_KEY_GEN)
+ CT(CKM_DES3_KEY_GEN)
+ CT(CKM_DES3_ECB)
+ CT(CKM_DES3_CBC)
+ CT(CKM_DES3_MAC)
+ CT(CKM_DES3_MAC_GENERAL)
+ CT(CKM_DES3_CBC_PAD)
+ CT(CKM_CDMF_KEY_GEN)
+ CT(CKM_CDMF_ECB)
+ CT(CKM_CDMF_CBC)
+ CT(CKM_CDMF_MAC)
+ CT(CKM_CDMF_MAC_GENERAL)
+ CT(CKM_CDMF_CBC_PAD)
+ CT(CKM_DES_OFB64)
+ CT(CKM_DES_OFB8)
+ CT(CKM_DES_CFB64)
+ CT(CKM_DES_CFB8)
+ CT(CKM_MD2)
+ CT(CKM_MD2_HMAC)
+ CT(CKM_MD2_HMAC_GENERAL)
+ CT(CKM_MD5)
+ CT(CKM_MD5_HMAC)
+ CT(CKM_MD5_HMAC_GENERAL)
+ CT(CKM_SHA_1)
+ CT(CKM_SHA_1_HMAC)
+ CT(CKM_SHA_1_HMAC_GENERAL)
+ CT(CKM_RIPEMD128)
+ CT(CKM_RIPEMD128_HMAC)
+ CT(CKM_RIPEMD128_HMAC_GENERAL)
+ CT(CKM_RIPEMD160)
+ CT(CKM_RIPEMD160_HMAC)
+ CT(CKM_RIPEMD160_HMAC_GENERAL)
+ CT(CKM_SHA256)
+ CT(CKM_SHA256_HMAC)
+ CT(CKM_SHA256_HMAC_GENERAL)
+ CT(CKM_SHA384)
+ CT(CKM_SHA384_HMAC)
+ CT(CKM_SHA384_HMAC_GENERAL)
+ CT(CKM_SHA512)
+ CT(CKM_SHA512_HMAC)
+ CT(CKM_SHA512_HMAC_GENERAL)
+ CT(CKM_CAST_KEY_GEN)
+ CT(CKM_CAST_ECB)
+ CT(CKM_CAST_CBC)
+ CT(CKM_CAST_MAC)
+ CT(CKM_CAST_MAC_GENERAL)
+ CT(CKM_CAST_CBC_PAD)
+ CT(CKM_CAST3_KEY_GEN)
+ CT(CKM_CAST3_ECB)
+ CT(CKM_CAST3_CBC)
+ CT(CKM_CAST3_MAC)
+ CT(CKM_CAST3_MAC_GENERAL)
+ CT(CKM_CAST3_CBC_PAD)
+ CT(CKM_CAST5_KEY_GEN)
+ /* CT(CKM_CAST128_KEY_GEN) */
+ CT(CKM_CAST5_ECB)
+ /* CT(CKM_CAST128_ECB) */
+ CT(CKM_CAST5_CBC)
+ /* CT(CKM_CAST128_CBC) */
+ CT(CKM_CAST5_MAC)
+ /* CT(CKM_CAST128_MAC) */
+ CT(CKM_CAST5_MAC_GENERAL)
+ /* CT(CKM_CAST128_MAC_GENERAL) */
+ CT(CKM_CAST5_CBC_PAD)
+ /* CT(CKM_CAST128_CBC_PAD) */
+ CT(CKM_RC5_KEY_GEN)
+ CT(CKM_RC5_ECB)
+ CT(CKM_RC5_CBC)
+ CT(CKM_RC5_MAC)
+ CT(CKM_RC5_MAC_GENERAL)
+ CT(CKM_RC5_CBC_PAD)
+ CT(CKM_IDEA_KEY_GEN)
+ CT(CKM_IDEA_ECB)
+ CT(CKM_IDEA_CBC)
+ CT(CKM_IDEA_MAC)
+ CT(CKM_IDEA_MAC_GENERAL)
+ CT(CKM_IDEA_CBC_PAD)
+ CT(CKM_GENERIC_SECRET_KEY_GEN)
+ CT(CKM_CONCATENATE_BASE_AND_KEY)
+ CT(CKM_CONCATENATE_BASE_AND_DATA)
+ CT(CKM_CONCATENATE_DATA_AND_BASE)
+ CT(CKM_XOR_BASE_AND_DATA)
+ CT(CKM_EXTRACT_KEY_FROM_KEY)
+ CT(CKM_SSL3_PRE_MASTER_KEY_GEN)
+ CT(CKM_SSL3_MASTER_KEY_DERIVE)
+ CT(CKM_SSL3_KEY_AND_MAC_DERIVE)
+ CT(CKM_SSL3_MASTER_KEY_DERIVE_DH)
+ CT(CKM_TLS_PRE_MASTER_KEY_GEN)
+ CT(CKM_TLS_MASTER_KEY_DERIVE)
+ CT(CKM_TLS_KEY_AND_MAC_DERIVE)
+ CT(CKM_TLS_MASTER_KEY_DERIVE_DH)
+ CT(CKM_TLS_PRF)
+ CT(CKM_SSL3_MD5_MAC)
+ CT(CKM_SSL3_SHA1_MAC)
+ CT(CKM_MD5_KEY_DERIVATION)
+ CT(CKM_MD2_KEY_DERIVATION)
+ CT(CKM_SHA1_KEY_DERIVATION)
+ CT(CKM_SHA256_KEY_DERIVATION)
+ CT(CKM_SHA384_KEY_DERIVATION)
+ CT(CKM_SHA512_KEY_DERIVATION)
+ CT(CKM_PBE_MD2_DES_CBC)
+ CT(CKM_PBE_MD5_DES_CBC)
+ CT(CKM_PBE_MD5_CAST_CBC)
+ CT(CKM_PBE_MD5_CAST3_CBC)
+ CT(CKM_PBE_MD5_CAST5_CBC)
+ /* CT(CKM_PBE_MD5_CAST128_CBC) */
+ CT(CKM_PBE_SHA1_CAST5_CBC)
+ /* CT(CKM_PBE_SHA1_CAST128_CBC) */
+ CT(CKM_PBE_SHA1_RC4_128)
+ CT(CKM_PBE_SHA1_RC4_40)
+ CT(CKM_PBE_SHA1_DES3_EDE_CBC)
+ CT(CKM_PBE_SHA1_DES2_EDE_CBC)
+ CT(CKM_PBE_SHA1_RC2_128_CBC)
+ CT(CKM_PBE_SHA1_RC2_40_CBC)
+ CT(CKM_PKCS5_PBKD2)
+ CT(CKM_PBA_SHA1_WITH_SHA1_HMAC)
+ CT(CKM_WTLS_PRE_MASTER_KEY_GEN)
+ CT(CKM_WTLS_MASTER_KEY_DERIVE)
+ CT(CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC)
+ CT(CKM_WTLS_PRF)
+ CT(CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE)
+ CT(CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE)
+ CT(CKM_KEY_WRAP_LYNKS)
+ CT(CKM_KEY_WRAP_SET_OAEP)
+ CT(CKM_CMS_SIG)
+ CT(CKM_SKIPJACK_KEY_GEN)
+ CT(CKM_SKIPJACK_ECB64)
+ CT(CKM_SKIPJACK_CBC64)
+ CT(CKM_SKIPJACK_OFB64)
+ CT(CKM_SKIPJACK_CFB64)
+ CT(CKM_SKIPJACK_CFB32)
+ CT(CKM_SKIPJACK_CFB16)
+ CT(CKM_SKIPJACK_CFB8)
+ CT(CKM_SKIPJACK_WRAP)
+ CT(CKM_SKIPJACK_PRIVATE_WRAP)
+ CT(CKM_SKIPJACK_RELAYX)
+ CT(CKM_KEA_KEY_PAIR_GEN)
+ CT(CKM_KEA_KEY_DERIVE)
+ CT(CKM_FORTEZZA_TIMESTAMP)
+ CT(CKM_BATON_KEY_GEN)
+ CT(CKM_BATON_ECB128)
+ CT(CKM_BATON_ECB96)
+ CT(CKM_BATON_CBC128)
+ CT(CKM_BATON_COUNTER)
+ CT(CKM_BATON_SHUFFLE)
+ CT(CKM_BATON_WRAP)
+ CT(CKM_ECDSA_KEY_PAIR_GEN)
+ /* CT(CKM_EC_KEY_PAIR_GEN) */
+ CT(CKM_ECDSA)
+ CT(CKM_ECDSA_SHA1)
+ CT(CKM_ECDH1_DERIVE)
+ CT(CKM_ECDH1_COFACTOR_DERIVE)
+ CT(CKM_ECMQV_DERIVE)
+ CT(CKM_JUNIPER_KEY_GEN)
+ CT(CKM_JUNIPER_ECB128)
+ CT(CKM_JUNIPER_CBC128)
+ CT(CKM_JUNIPER_COUNTER)
+ CT(CKM_JUNIPER_SHUFFLE)
+ CT(CKM_JUNIPER_WRAP)
+ CT(CKM_FASTHASH)
+ CT(CKM_AES_KEY_GEN)
+ CT(CKM_AES_ECB)
+ CT(CKM_AES_CBC)
+ CT(CKM_AES_MAC)
+ CT(CKM_AES_MAC_GENERAL)
+ CT(CKM_AES_CBC_PAD)
+ CT(CKM_BLOWFISH_KEY_GEN)
+ CT(CKM_BLOWFISH_CBC)
+ CT(CKM_TWOFISH_KEY_GEN)
+ CT(CKM_TWOFISH_CBC)
+ CT(CKM_DES_ECB_ENCRYPT_DATA)
+ CT(CKM_DES_CBC_ENCRYPT_DATA)
+ CT(CKM_DES3_ECB_ENCRYPT_DATA)
+ CT(CKM_DES3_CBC_ENCRYPT_DATA)
+ CT(CKM_AES_ECB_ENCRYPT_DATA)
+ CT(CKM_AES_CBC_ENCRYPT_DATA)
+ CT(CKM_DSA_PARAMETER_GEN)
+ CT(CKM_DH_PKCS_PARAMETER_GEN)
+ CT(CKM_X9_42_DH_PARAMETER_GEN)
+ CT(CKM_VENDOR_DEFINED)
+ default:
+ cklog("CKM_0x%08X", v);
+ break;
+ }
+}
+
+static void
+log_CKS(CK_STATE v)
+{
+ switch(v) {
+ CT(CKS_RO_PUBLIC_SESSION)
+ CT(CKS_RO_USER_FUNCTIONS)
+ CT(CKS_RW_PUBLIC_SESSION)
+ CT(CKS_RW_USER_FUNCTIONS)
+ CT(CKS_RW_SO_FUNCTIONS)
+ default:
+ cklog("CKS_0x%08X", v);
+ break;
+ }
+}
+
+static void
+log_CKU(CK_USER_TYPE v)
+{
+ switch(v) {
+ CT(CKU_SO)
+ CT(CKU_USER)
+ CT(CKU_CONTEXT_SPECIFIC)
+ default:
+ cklog("CKA_0x%08X", v);
+ break;
+ }
+}
+
+static void
+log_CKR(CK_RV v)
+{
+ switch(v) {
+ CT(CKR_OK)
+ CT(CKR_CANCEL)
+ CT(CKR_HOST_MEMORY)
+ CT(CKR_SLOT_ID_INVALID)
+ CT(CKR_GENERAL_ERROR)
+ CT(CKR_FUNCTION_FAILED)
+ CT(CKR_ARGUMENTS_BAD)
+ CT(CKR_NO_EVENT)
+ CT(CKR_NEED_TO_CREATE_THREADS)
+ CT(CKR_CANT_LOCK)
+ CT(CKR_ATTRIBUTE_READ_ONLY)
+ CT(CKR_ATTRIBUTE_SENSITIVE)
+ CT(CKR_ATTRIBUTE_TYPE_INVALID)
+ CT(CKR_ATTRIBUTE_VALUE_INVALID)
+ CT(CKR_DATA_INVALID)
+ CT(CKR_DATA_LEN_RANGE)
+ CT(CKR_DEVICE_ERROR)
+ CT(CKR_DEVICE_MEMORY)
+ CT(CKR_DEVICE_REMOVED)
+ CT(CKR_ENCRYPTED_DATA_INVALID)
+ CT(CKR_ENCRYPTED_DATA_LEN_RANGE)
+ CT(CKR_FUNCTION_CANCELED)
+ CT(CKR_FUNCTION_NOT_PARALLEL)
+ CT(CKR_FUNCTION_NOT_SUPPORTED)
+ CT(CKR_KEY_HANDLE_INVALID)
+ CT(CKR_KEY_SIZE_RANGE)
+ CT(CKR_KEY_TYPE_INCONSISTENT)
+ CT(CKR_KEY_NOT_NEEDED)
+ CT(CKR_KEY_CHANGED)
+ CT(CKR_KEY_NEEDED)
+ CT(CKR_KEY_INDIGESTIBLE)
+ CT(CKR_KEY_FUNCTION_NOT_PERMITTED)
+ CT(CKR_KEY_NOT_WRAPPABLE)
+ CT(CKR_KEY_UNEXTRACTABLE)
+ CT(CKR_MECHANISM_INVALID)
+ CT(CKR_MECHANISM_PARAM_INVALID)
+ CT(CKR_OBJECT_HANDLE_INVALID)
+ CT(CKR_OPERATION_ACTIVE)
+ CT(CKR_OPERATION_NOT_INITIALIZED)
+ CT(CKR_PIN_INCORRECT)
+ CT(CKR_PIN_INVALID)
+ CT(CKR_PIN_LEN_RANGE)
+ CT(CKR_PIN_EXPIRED)
+ CT(CKR_PIN_LOCKED)
+ CT(CKR_SESSION_CLOSED)
+ CT(CKR_SESSION_COUNT)
+ CT(CKR_SESSION_HANDLE_INVALID)
+ CT(CKR_SESSION_PARALLEL_NOT_SUPPORTED)
+ CT(CKR_SESSION_READ_ONLY)
+ CT(CKR_SESSION_EXISTS)
+ CT(CKR_SESSION_READ_ONLY_EXISTS)
+ CT(CKR_SESSION_READ_WRITE_SO_EXISTS)
+ CT(CKR_SIGNATURE_INVALID)
+ CT(CKR_SIGNATURE_LEN_RANGE)
+ CT(CKR_TEMPLATE_INCOMPLETE)
+ CT(CKR_TEMPLATE_INCONSISTENT)
+ CT(CKR_TOKEN_NOT_PRESENT)
+ CT(CKR_TOKEN_NOT_RECOGNIZED)
+ CT(CKR_TOKEN_WRITE_PROTECTED)
+ CT(CKR_UNWRAPPING_KEY_HANDLE_INVALID)
+ CT(CKR_UNWRAPPING_KEY_SIZE_RANGE)
+ CT(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT)
+ CT(CKR_USER_ALREADY_LOGGED_IN)
+ CT(CKR_USER_NOT_LOGGED_IN)
+ CT(CKR_USER_PIN_NOT_INITIALIZED)
+ CT(CKR_USER_TYPE_INVALID)
+ CT(CKR_USER_ANOTHER_ALREADY_LOGGED_IN)
+ CT(CKR_USER_TOO_MANY_TYPES)
+ CT(CKR_WRAPPED_KEY_INVALID)
+ CT(CKR_WRAPPED_KEY_LEN_RANGE)
+ CT(CKR_WRAPPING_KEY_HANDLE_INVALID)
+ CT(CKR_WRAPPING_KEY_SIZE_RANGE)
+ CT(CKR_WRAPPING_KEY_TYPE_INCONSISTENT)
+ CT(CKR_RANDOM_SEED_NOT_SUPPORTED)
+ CT(CKR_RANDOM_NO_RNG)
+ CT(CKR_DOMAIN_PARAMS_INVALID)
+ CT(CKR_BUFFER_TOO_SMALL)
+ CT(CKR_SAVED_STATE_INVALID)
+ CT(CKR_INFORMATION_SENSITIVE)
+ CT(CKR_STATE_UNSAVEABLE)
+ CT(CKR_CRYPTOKI_NOT_INITIALIZED)
+ CT(CKR_CRYPTOKI_ALREADY_INITIALIZED)
+ CT(CKR_MUTEX_BAD)
+ CT(CKR_MUTEX_NOT_LOCKED)
+ CT(CKR_FUNCTION_REJECTED)
+ CT(CKR_VENDOR_DEFINED)
+ default:
+ cklog("CKR_0x%08X", v);
+ break;
+ }
+}
diff --git a/module/cryptoki-log.c b/module/cryptoki-log.c
new file mode 100644
index 0000000..d978bc0
--- /dev/null
+++ b/module/cryptoki-log.c
@@ -0,0 +1,1551 @@
+/*
+ * Copyright (c) 2007, Nate Nielsen
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above
+ * copyright notice, this list of conditions and the
+ * following disclaimer.
+ * * Redistributions in binary form must reproduce the
+ * above copyright notice, this list of conditions and
+ * the following disclaimer in the documentation and/or
+ * other materials provided with the distribution.
+ * * The names of contributors to this software may not be
+ * used to endorse or promote products derived from this
+ * software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+ * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ *
+ *
+ * CONTRIBUTORS
+ * Nate Nielsen <nielsen@memberwebs.com>
+ *
+ */
+
+#include "config.h"
+
+#include "cryptoki.h"
+
+#include <sys/types.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <pthread.h>
+#include <unistd.h>
+#include <errno.h>
+#include <dlfcn.h>
+#include <stdarg.h>
+
+static void *module_handle = NULL;
+static CK_FUNCTION_LIST_PTR module_list = NULL;
+
+/* TODO: module fini should call finalize_common */
+
+
+/* protects all global variables, and session list */
+static pthread_mutex_t global_mutex = PTHREAD_MUTEX_INITIALIZER;
+static int use_locking = 1;
+static FILE* output_file = NULL;
+
+static void
+cklog (const char* msg, ...)
+{
+ va_list va;
+ va_start (va, msg);
+ vfprintf (output_file ? output_file : stderr, msg, va);
+ va_end (va);
+ if (output_file)
+ fflush (output_file);
+}
+
+
+#define LOG_FLAG(flags, had, flag) \
+ if ((flags & flag) == flag) { \
+ cklog ("%s%s", (had) ? "|" : " = ", #flag); \
+ had++; \
+ }
+
+/* The constant logging */
+#include "cryptoki-constants.c"
+
+static void
+log_some_bytes (CK_BYTE_PTR arr, CK_ULONG num)
+{
+ CK_ULONG i;
+ char buf[128];
+ char *p, *e;
+ CK_BYTE ch;
+
+ if(!arr) {
+ cklog ("NULL");
+ return;
+ } else if (num == (CK_ULONG)-1) {
+ cklog ("????");
+ return;
+ }
+
+ buf[0] = '\"';
+ p = buf + 1;
+ e = buf + (sizeof (buf) - 8);
+
+ for(i = 0; i < num && p < e; ++i, ++p) {
+ ch = arr[i];
+ if (ch == '\t') {
+ p[0] = '\\'; p[1] = 't';
+ ++p;
+ } else if (ch == '\n') {
+ p[0] = '\\'; p[1] = 'n';
+ ++p;
+ } else if (ch == '\r') {
+ p[0] = '\\'; p[1] = 'r';
+ ++p;
+ } else if (ch >= 32 && ch <= 127) {
+ *p = ch;
+ } else {
+ p[0] = '\\';
+ p[1] = 'x';
+ sprintf(p + 2, "%02X", ch);
+ p += 3;
+ }
+ }
+
+ *p = 0;
+ if (p >= e)
+ strcpy (e, "...");
+ strcat (p, "\"");
+ cklog ("%s", buf);
+}
+
+static void
+log_pointer (const char *pref, const char *name, CK_VOID_PTR val, CK_RV status)
+{
+ if (status != CKR_OK)
+ return;
+ if (val == NULL)
+ cklog ("%s%s = NULL\n", pref, name);
+ else
+ cklog ("%s%s = 0x%08X\n", pref, name, (CK_ULONG)val);
+}
+
+static void
+log_attribute_array (const char *pref, const char *name, CK_ATTRIBUTE_PTR arr,
+ CK_ULONG_PTR num, CK_RV status)
+{
+ CK_ULONG i;
+ if (status == CKR_BUFFER_TOO_SMALL) {
+ arr = NULL;
+ status = CKR_OK;
+ }
+ if (status != CKR_OK)
+ return;
+
+ cklog ("%s%s = ", pref, name);
+ if (num == NULL) {
+ cklog ("(?) NONE\n");
+ } else if (arr == NULL) {
+ cklog ("(%d) NONE\n", *num);
+ } else {
+ cklog ("(%d) [", *num);
+ for(i = 0; i < *num; ++i) {
+ if (i > 0)
+ cklog (",");
+ cklog (" { type: ");
+ log_CKA (arr[i].type);
+ cklog (", pValue: ");
+ if (arr[i].ulValueLen == (CK_ULONG)-1) {
+ cklog ("(-1) INVALID");
+ } else if (arr[i].pValue == NULL) {
+ cklog ("(%d) NULL", arr[i].ulValueLen);
+ } else {
+ cklog ("(%d) ", arr[i].ulValueLen);
+ log_some_bytes (arr[i].pValue, arr[i].ulValueLen);
+ }
+ cklog (" }");
+ }
+ cklog (" ]\n");
+ }
+}
+
+static void
+log_bool (const char *pref, const char *name, CK_BBOOL val, CK_RV status)
+{
+ if (status == CKR_OK)
+ cklog ("%s%s = %s\n", pref, name, val ? "CK_TRUE" : "CK_FALSE");
+}
+
+static void
+log_byte_array (const char *pref, const char *name, CK_BYTE_PTR arr,
+ CK_ULONG_PTR num, CK_RV status)
+{
+ if (status == CKR_BUFFER_TOO_SMALL) {
+ arr = NULL;
+ status = CKR_OK;
+ }
+
+ if (status != CKR_OK)
+ return;
+ cklog ("%s%s = ", pref, name);
+ if (num == NULL) {
+ cklog ("(?) NOTHING\n");
+ } else if (arr == NULL) {
+ cklog ("(%d) NOTHING\n", *num);
+ } else {
+ cklog ("(%d) ");
+ log_some_bytes (arr, *num);
+ cklog ("\n");
+ }
+}
+
+static void
+log_info (const char *pref, const char *name, CK_INFO_PTR info, CK_RV status)
+{
+ if (status != CKR_OK)
+ return;
+ if (info == NULL) {
+ log_pointer (pref, name, info, status);
+ } else {
+ cklog ("%s%s = { cryptokiVersion: %d.%d, manufacturerID: \"%0.32s\", flags: %X, "
+ "libraryDescription: \"%0.32s\", libraryVersion: %d.%d }\n",
+ pref, name, info->cryptokiVersion.major, info->cryptokiVersion.minor,
+ info->manufacturerID, info->flags, info->libraryDescription,
+ info->libraryVersion.major, info->libraryVersion.minor);
+ }
+}
+
+static void
+log_init_args (const char *pref, const char *name, CK_VOID_PTR init_args, CK_RV status)
+{
+ int had = 0;
+ if (status != CKR_OK)
+ return;
+ if (init_args == NULL)
+ log_pointer (pref, name, init_args, status);
+ else {
+ CK_C_INITIALIZE_ARGS *args = (CK_C_INITIALIZE_ARGS*)init_args;
+ cklog ("%s%s = { CreateMutex: 0x%08X, DestroyMutex: 0x%08X, LockMutex: 0x%08X"
+ "UnlockMutex: 0x%08X, flags: %X",
+ pref, name, (CK_ULONG)(args->CreateMutex), (CK_ULONG)(args->DestroyMutex),
+ (CK_ULONG)(args->LockMutex), (CK_ULONG)(args->UnlockMutex), args->flags);
+ LOG_FLAG (args->flags, had, CKF_OS_LOCKING_OK)
+ cklog (", pReserved: 0x%08X }\n", (CK_ULONG)args->pReserved);
+ }
+}
+
+static void
+log_mechanism_info (const char *pref, const char *name, CK_MECHANISM_INFO_PTR info, CK_RV status)
+{
+ int had = 0;
+ if (status != CKR_OK)
+ return;
+ if (info == NULL) {
+ log_pointer (pref, name, info, status);
+ } else {
+ cklog ("%s%s = { ulMinKeySize: %d, ulMaxKeySize: %d, flags: %X ",
+ pref, name, info->ulMinKeySize, info->ulMaxKeySize, info->flags);
+ LOG_FLAG (info->flags, had, CKF_HW);
+ LOG_FLAG (info->flags, had, CKF_ENCRYPT);
+ LOG_FLAG (info->flags, had, CKF_DECRYPT);
+ LOG_FLAG (info->flags, had, CKF_DIGEST);
+ LOG_FLAG (info->flags, had, CKF_SIGN);
+ LOG_FLAG (info->flags, had, CKF_SIGN_RECOVER);
+ LOG_FLAG (info->flags, had, CKF_VERIFY);
+ LOG_FLAG (info->flags, had, CKF_VERIFY_RECOVER);
+ LOG_FLAG (info->flags, had, CKF_GENERATE);
+ LOG_FLAG (info->flags, had, CKF_GENERATE_KEY_PAIR);
+ LOG_FLAG (info->flags, had, CKF_WRAP);
+ LOG_FLAG (info->flags, had, CKF_UNWRAP);
+ LOG_FLAG (info->flags, had, CKF_DERIVE);
+ LOG_FLAG (info->flags, had, CKF_EXTENSION);
+ cklog (" }\n");
+ }
+}
+
+static void
+log_mechanism (const char *pref, const char *name, CK_MECHANISM_PTR mech, CK_RV status)
+{
+ if (status != CKR_OK)
+ return;
+ cklog ("%s%s = { mechanism: ", pref, name);
+ log_CKM (mech->mechanism);
+ cklog (", pParameter: (%d) ", mech->ulParameterLen);
+ log_some_bytes (mech->pParameter, mech->ulParameterLen);
+ cklog ("\n");
+}
+
+static void
+log_mechanism_type (const char *pref, const char *name, CK_MECHANISM_TYPE val, CK_RV status)
+{
+ if (status != CKR_OK)
+ return;
+ cklog ("%s%s = ", pref, name);
+ log_CKM (val);
+ cklog ("\n");
+}
+
+static void
+log_mechanism_type_array (const char *pref, const char *name, CK_MECHANISM_TYPE_PTR arr,
+ CK_ULONG_PTR num, CK_RV status)
+{
+ CK_ULONG i;
+
+ if (status == CKR_BUFFER_TOO_SMALL) {
+ arr = NULL;
+ status = CKR_OK;
+ }
+ if (status != CKR_OK)
+ return;
+
+ cklog ("%s%s = ", pref, name);
+ if (num == NULL) {
+ cklog ("(?) NO-VALUES\n");
+ } else if (arr == NULL) {
+ cklog ("(%d) NO-VALUES\n", *num);
+ } else {
+ cklog ("(%d) [ ", *num);
+ for(i = 0; i < *num; ++i) {
+ if (i > 0)
+ cklog (", ");
+ log_CKM(arr[i]);
+ }
+ cklog ("]\n");
+ }
+}
+
+static void
+log_session_info (const char *pref, const char *name, CK_SESSION_INFO_PTR info, CK_RV status)
+{
+ int had = 0;
+ if (status != CKR_OK)
+ return;
+ if (info == NULL) {
+ log_pointer (pref, name, info, status);
+ } else {
+ cklog ("%s%s = { slotID: SL%d, state: ", pref, name, info->slotID);
+ log_CKS (info->state);
+ cklog (", flags: %d", info->flags);
+ LOG_FLAG (info->flags, had, CKF_SERIAL_SESSION);
+ LOG_FLAG (info->flags, had, CKF_RW_SESSION);
+ cklog (", ulDeviceError: %d }\n", info->ulDeviceError);
+ }
+}
+
+static void
+log_slot_info (const char *pref, const char *name, CK_SLOT_INFO_PTR info, CK_RV status)
+{
+ int had = 0;
+ if (status != CKR_OK)
+ return;
+ if (info == NULL) {
+ log_pointer (pref, name, info, status);
+ } else {
+ cklog ("%s%s = { slotDescription: \"%0.32s\", manufacturerID: \"%0.32s\", flags: %d",
+ pref, name, info->slotDescription, info->manufacturerID, info->flags);
+ LOG_FLAG (info->flags, had, CKF_TOKEN_PRESENT);
+ LOG_FLAG (info->flags, had, CKF_REMOVABLE_DEVICE);
+ LOG_FLAG (info->flags, had, CKF_HW_SLOT);
+ cklog (", hardwareVersion: %d.%d, firmwareVersion: %d.%d }\n",
+ info->hardwareVersion.major, info->hardwareVersion.minor,
+ info->firmwareVersion.major, info->firmwareVersion.minor);
+ }
+}
+
+static void
+log_string (const char *pref, const char *name, CK_UTF8CHAR_PTR str, const CK_RV status)
+{
+ if (status != CKR_OK)
+ return;
+ if (str == NULL)
+ log_pointer (pref, name, str, status);
+ else
+ cklog ("%s%s = \"%s\"\n", pref, name, str);
+}
+
+static void
+log_token_info (const char *pref, const char *name, CK_TOKEN_INFO_PTR info, CK_RV status)
+{
+ int had = 0;
+ if (status != CKR_OK)
+ return;
+ if (info == NULL) {
+ log_pointer (pref, name, info, status);
+ } else {
+ cklog ("%s%s = { label: \"%0.32s\", manufacturerID: \"%0.32s\", model: \"%0.32s\", "
+ "serialNumber: \"%0.16s\", flags: %d", pref, name, info->label,
+ info->manufacturerID, info->model, info->serialNumber, info->flags);
+ LOG_FLAG (info->flags, had, CKF_RNG);
+ LOG_FLAG (info->flags, had, CKF_WRITE_PROTECTED);
+ LOG_FLAG (info->flags, had, CKF_LOGIN_REQUIRED);
+ LOG_FLAG (info->flags, had, CKF_USER_PIN_INITIALIZED);
+ LOG_FLAG (info->flags, had, CKF_RESTORE_KEY_NOT_NEEDED);
+ LOG_FLAG (info->flags, had, CKF_CLOCK_ON_TOKEN);
+ LOG_FLAG (info->flags, had, CKF_PROTECTED_AUTHENTICATION_PATH);
+ LOG_FLAG (info->flags, had, CKF_DUAL_CRYPTO_OPERATIONS);
+ LOG_FLAG (info->flags, had, CKF_TOKEN_INITIALIZED);
+ LOG_FLAG (info->flags, had, CKF_SECONDARY_AUTHENTICATION);
+ LOG_FLAG (info->flags, had, CKF_USER_PIN_COUNT_LOW);
+ LOG_FLAG (info->flags, had, CKF_USER_PIN_FINAL_TRY);
+ LOG_FLAG (info->flags, had, CKF_USER_PIN_LOCKED);
+ LOG_FLAG (info->flags, had, CKF_USER_PIN_TO_BE_CHANGED);
+ LOG_FLAG (info->flags, had, CKF_SO_PIN_COUNT_LOW);
+ LOG_FLAG (info->flags, had, CKF_SO_PIN_FINAL_TRY);
+ LOG_FLAG (info->flags, had, CKF_SO_PIN_LOCKED);
+ LOG_FLAG (info->flags, had, CKF_SO_PIN_TO_BE_CHANGED);
+ if (!had)
+ cklog ("%d", info->flags);
+ cklog (", ulMaxSessionCount: %d, ulSessionCount: %d, ulMaxRwSessionCount: %d, "
+ "ulRwSessionCount: %d, ulMaxPinLen: %d, ulMinPinLen: %d, ulTotalPublicMemory: %d, "
+ "ulFreePublicMemory: %d, ulTotalPrivateMemory: %d, ulFreePrivateMemory: %d, "
+ "hardwareVersion: %d.%d, firmwareVersion: %d.%d, utcTime: %0.16s }\n",
+ info->ulMaxSessionCount, info->ulSessionCount, info->ulMaxRwSessionCount,
+ info->ulRwSessionCount, info->ulMaxPinLen, info->ulMinPinLen, info->ulTotalPublicMemory,
+ info->ulFreePublicMemory, info->ulTotalPrivateMemory, info->ulFreePrivateMemory,
+ info->hardwareVersion.major, info->hardwareVersion.minor, info->firmwareVersion.major,
+ info->firmwareVersion.minor, (info->flags & CKF_CLOCK_ON_TOKEN) ? (const char*)info->utcTime : "");
+ }
+}
+
+static void
+log_ulong (const char *pref, const char *name, CK_ULONG val, const char* npref, CK_RV status)
+{
+ if (!npref)
+ npref = "";
+ if (status == CKR_OK)
+ cklog ("%s%s = %s%d\n", pref, name, npref, val);
+}
+
+static void
+log_ulong_array (const char *pref, const char *name, CK_ULONG_PTR arr,
+ CK_ULONG_PTR num, const char *npref, CK_RV status)
+{
+ CK_ULONG i;
+
+ if (status == CKR_BUFFER_TOO_SMALL) {
+ arr = NULL;
+ status = CKR_OK;
+ }
+
+ if (status != CKR_OK)
+ return;
+ if (npref == NULL)
+ npref = "";
+ cklog ("%s%s = ", pref, name);
+ if (num == NULL) {
+ cklog ("(?) NO-VALUES\n");
+ } else if (arr == NULL) {
+ cklog ("(%d) NO-VALUES\n", *num);
+ } else {
+ cklog ("(%d) [", *num);
+ for(i = 0; i < *num; ++i)
+ cklog ("%s %s%d", i == 0 ? "" : ",", npref, arr[i]);
+ cklog (" ]\n");
+ }
+}
+
+static void
+log_ulong_pointer (const char *pref, const char *name, CK_ULONG_PTR val,
+ const char *npref, CK_RV status)
+{
+ if (status != CKR_OK)
+ return;
+ if (npref == NULL)
+ npref = "";
+ if (val == NULL)
+ cklog ("%s%s = NULL\n", pref, name);
+ else
+ cklog ("%s%s = 0x%08X = %s%d\n", pref, name, (CK_ULONG)val, npref, *val);
+}
+
+static void
+log_user_type (const char *pref, const char *name, CK_USER_TYPE val, CK_RV status)
+{
+ if (status != CKR_OK)
+ return;
+ cklog ("%s%s = ", pref, name);
+ log_CKU (val);
+ cklog ("\n");
+}
+
+#define LOCK_OUTPUT \
+ if (use_locking) pthread_mutex_lock (&global_mutex);
+
+#define UNLOCK_OUTPUT \
+ if (use_locking) pthread_mutex_unlock (&global_mutex);
+
+#define BEGIN_CALL(name) \
+ { \
+ CK_##name _func; const char* _name; CK_RV _ret = CKR_OK; \
+ if (!module_list) return CKR_CRYPTOKI_NOT_INITIALIZED; \
+ _func = module_list->name; \
+ _name = #name; \
+ if (!_func) { \
+ cklog ("module has no function for: %s\n", _name); \
+ return CKR_DEVICE_ERROR; \
+ } \
+ LOCK_OUTPUT \
+ cklog ("%s\n", _name);
+
+#define PROCESS_CALL(args) \
+ UNLOCK_OUTPUT \
+ _ret = (_func) args; \
+ LOCK_OUTPUT
+
+#define DONE_CALL \
+ cklog ("%s = ", _name); \
+ log_CKR (_ret); \
+ cklog ("\n"); \
+ UNLOCK_OUTPUT \
+ return _ret; \
+ }
+
+#define IN " IN: "
+#define OUT " OUT: "
+
+#define IN_ATTRIBUTE_ARRAY(a, n) \
+ log_attribute_array (IN, #a, a, n, CKR_OK);
+
+#define IN_BOOL(a) \
+ log_bool (IN, #a, a, CKR_OK);
+
+#define IN_BYTE_ARRAY(a, n) \
+ log_byte_array (IN, #a, a, &n, CKR_OK);
+
+#define IN_HANDLE(a) \
+ log_ulong (IN, #a, a, "H", CKR_OK);
+
+#define IN_INIT_ARGS(a) \
+ log_init_args (IN, #a, a, CKR_OK);
+
+#define IN_POINTER(a) \
+ log_pointer (IN, #a, a, CKR_OK);
+
+#define IN_MECHANISM(a) \
+ log_mechanism (IN, #a, a, CKR_OK);
+
+#define IN_MECHANISM_TYPE(a) \
+ log_mechanism_type (IN, #a, a, CKR_OK);
+
+#define IN_SESSION(a) \
+ log_ulong (IN, #a, a, "S", CKR_OK);
+
+#define IN_SLOT_ID(a) \
+ log_ulong (IN, #a, a, "SL", CKR_OK);
+
+#define IN_STRING(a) \
+ log_string (IN, #a, a, CKR_OK);
+
+#define IN_ULONG(a) \
+ log_ulong (IN, #a, a, NULL, CKR_OK);
+
+#define IN_ULONG_PTR(a) \
+ log_ulong_pointer (IN, #a, a, NULL, CKR_OK);
+
+#define IN_USER_TYPE(a) \
+ log_user_type (IN, #a, a, CKR_OK);
+
+#define OUT_ATTRIBUTE_ARRAY(a, n) \
+ log_attribute_array (OUT, #a, a, n, _ret);
+
+#define OUT_BYTE_ARRAY(a, n) \
+ log_byte_array(OUT, #a, a, n, _ret);
+
+#define OUT_HANDLE(a) \
+ log_ulong_pointer (OUT, #a, a, "H", _ret);
+
+#define OUT_HANDLE_ARRAY(a, n) \
+ log_ulong_array (OUT, #a, a, n, "H", _ret);
+
+#define OUT_INFO(a) \
+ log_info (OUT, #a, a, _ret);
+
+#define OUT_MECHANISM_INFO(a) \
+ log_mechanism_info (OUT, #a, a, _ret);
+
+#define OUT_MECHANISM_TYPE_ARRAY(a, n) \
+ log_mechanism_type_array (OUT, #a, a, n, _ret);
+
+#define OUT_POINTER(a) \
+ log_pointer (OUT, #a, a, _ret);
+
+#define OUT_SESSION(a) \
+ log_ulong_pointer (OUT, #a, a, "S", _ret);
+
+#define OUT_SESSION_INFO(a) \
+ log_session_info (OUT, #a, a, _ret);
+
+#define OUT_SLOT_ID_ARRAY(a, n) \
+ log_ulong_array (OUT, #a, a, n, "SL", _ret);
+
+#define OUT_SLOT_ID(a) \
+ log_ulong_pointer (OUT, #a, a, "SL", _ret);
+
+#define OUT_SLOT_INFO(a) \
+ log_slot_info (OUT, #a, a, _ret);
+
+#define OUT_TOKEN_INFO(a) \
+ log_token_info (OUT, #a, a, _ret);
+
+#define OUT_ULONG(a) \
+ log_ulong_pointer (OUT, #a, a, NULL, _ret);
+
+#define OUT_ULONG_ARRAY(a, n) \
+ log_ulong_array (OUT, #a, a, n, NULL, _ret);
+
+
+
+/* ---------------------------------------------------------------- */
+
+static CK_RV
+CL_C_Initialize (CK_VOID_PTR pInitArgs)
+{
+ CK_C_INITIALIZE_ARGS_PTR args;
+ CK_C_GetFunctionList func;
+ const char *module, *output;
+ CK_RV ret;
+
+ module_handle = NULL;
+ module_list = NULL;
+
+ /* Always need a relevant output file */
+ if (output_file && output_file != stderr)
+ fclose (output_file);
+ output_file = stderr;
+
+ output = getenv("CRYPTOKI_LOG_FILE");
+ if (output && !output[0])
+ output = NULL;
+ if (output) {
+ output_file = fopen (output, "ab");
+ if (!output_file) {
+ output_file = stderr;
+ cklog ("couldn't open log file: %s", output);
+ }
+ }
+ setlinebuf (output_file);
+
+ /* Load the other module */
+ module = getenv("CRYPTOKI_LOG_MODULE");
+ if (!module || !module[0]) {
+ cklog ("CRYPTOKI_LOG_MODULE not set\n");
+ return CKR_DEVICE_ERROR;
+ }
+
+ module_handle = dlopen (module, RTLD_NOW | RTLD_LOCAL);
+ if (!module_handle) {
+ cklog ("couldn't load module: %s: %s\n", module, dlerror ());
+ return CKR_DEVICE_ERROR;
+ }
+
+ func = (CK_C_GetFunctionList)dlsym (module_handle, "C_GetFunctionList");
+ if (!func) {
+ cklog ("couldn't find C_GetFunctionList function in module: %s: %s\n", module, dlerror ());
+ return CKR_DEVICE_ERROR;
+ }
+
+ ret = (func) (&module_list);
+ if (ret != CKR_OK) {
+ cklog ("C_GetFunctionList returned an error in module: %s: %d\n", module, ret);
+ return CKR_DEVICE_ERROR;
+ }
+
+ if (!module_list) {
+ cklog ("C_GetFunctionList returned a null function list in module: %s\n", module);
+ return CKR_DEVICE_ERROR;
+ }
+
+ if (pInitArgs != NULL) {
+ args = pInitArgs;
+ if (!(args->flags & CKF_OS_LOCKING_OK))
+ use_locking = 0;
+ }
+
+
+ cklog ("INITIALIZE cryptoki-log debugging (%s / %s locks / %s)\n",
+ module, use_locking ? "with" : "no", output ? output : "stderr");
+
+ BEGIN_CALL (C_Initialize)
+ IN_INIT_ARGS (pInitArgs)
+ PROCESS_CALL ((pInitArgs))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_Finalize (CK_VOID_PTR pReserved)
+{
+ BEGIN_CALL (C_Finalize)
+ IN_POINTER (pReserved)
+ PROCESS_CALL ((pReserved))
+ DONE_CALL
+
+ cklog ("FINALIZE cryptoki-log debugging\n");
+}
+
+static CK_RV
+CL_C_GetInfo (CK_INFO_PTR pInfo)
+{
+ BEGIN_CALL (C_GetInfo)
+ PROCESS_CALL ((pInfo))
+ OUT_INFO (pInfo)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list)
+{
+ /* This would be a strange call to receive */
+ return C_GetFunctionList (list);
+}
+
+static CK_RV
+CL_C_GetSlotList (CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount)
+{
+ BEGIN_CALL (C_GetSlotList)
+ IN_BOOL (tokenPresent)
+ IN_ULONG_PTR (pulCount)
+ PROCESS_CALL ((tokenPresent, pSlotList, pulCount))
+ OUT_SLOT_ID_ARRAY (pSlotList, pulCount)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GetSlotInfo (CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
+{
+ BEGIN_CALL (C_GetSlotInfo)
+ IN_SLOT_ID (slotID)
+ PROCESS_CALL ((slotID, pInfo))
+ OUT_SLOT_INFO (pInfo)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GetTokenInfo (CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
+{
+ BEGIN_CALL (C_GetTokenInfo)
+ IN_SLOT_ID (slotID)
+ PROCESS_CALL ((slotID, pInfo))
+ OUT_TOKEN_INFO (pInfo)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GetMechanismList (CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList,
+ CK_ULONG_PTR pulCount)
+{
+ BEGIN_CALL (C_GetMechanismList)
+ IN_SLOT_ID (slotID)
+ IN_ULONG_PTR (pulCount)
+ PROCESS_CALL ((slotID, pMechanismList, pulCount))
+ OUT_MECHANISM_TYPE_ARRAY (pMechanismList, pulCount)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GetMechanismInfo (CK_SLOT_ID slotID, CK_MECHANISM_TYPE type,
+ CK_MECHANISM_INFO_PTR pInfo)
+{
+ BEGIN_CALL (C_GetMechanismInfo)
+ IN_SLOT_ID (slotID)
+ IN_MECHANISM_TYPE (type)
+ PROCESS_CALL ((slotID, type, pInfo))
+ OUT_MECHANISM_INFO (pInfo)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_InitToken (CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen,
+ CK_UTF8CHAR_PTR pLabel)
+{
+ BEGIN_CALL (C_InitToken)
+ IN_SLOT_ID (slotID)
+ IN_BYTE_ARRAY (pPin, ulPinLen)
+ IN_STRING (pLabel)
+ PROCESS_CALL ((slotID, pPin, ulPinLen, pLabel))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_WaitForSlotEvent (CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, CK_VOID_PTR pReserved)
+{
+ int had = 0;
+ BEGIN_CALL (C_WaitForSlotEvent)
+ cklog (" IN: flags = %d", flags);
+ LOG_FLAG (flags, had, CKF_DONT_BLOCK);
+ cklog ("\n");
+ PROCESS_CALL ((flags, pSlot, pReserved))
+ OUT_SLOT_ID (pSlot)
+ OUT_POINTER (pReserved)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_OpenSession (CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication,
+ CK_NOTIFY Notify, CK_SESSION_HANDLE_PTR phSession)
+{
+ int had = 0;
+ BEGIN_CALL (C_OpenSession)
+ IN_SLOT_ID (slotID)
+ cklog (" IN: flags = %d", flags);
+ LOG_FLAG (flags, had, CKF_SERIAL_SESSION);
+ LOG_FLAG (flags, had, CKF_RW_SESSION);
+ cklog ("\n");
+ IN_POINTER (pApplication);
+ IN_POINTER (Notify);
+ PROCESS_CALL ((slotID, flags, pApplication, Notify, phSession));
+ OUT_SESSION (phSession)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_CloseSession (CK_SESSION_HANDLE hSession)
+{
+ BEGIN_CALL (C_CloseSession)
+ IN_SESSION (hSession)
+ PROCESS_CALL ((hSession))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_CloseAllSessions (CK_SLOT_ID slotID)
+{
+ BEGIN_CALL (C_CloseAllSessions)
+ IN_SLOT_ID (slotID)
+ PROCESS_CALL ((slotID))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GetFunctionStatus (CK_SESSION_HANDLE hSession)
+{
+ BEGIN_CALL (C_GetFunctionStatus)
+ IN_SESSION (hSession)
+ PROCESS_CALL ((hSession))
+ DONE_CALL
+}
+
+CK_RV
+CL_C_CancelFunction (CK_SESSION_HANDLE hSession)
+{
+ BEGIN_CALL (C_CancelFunction)
+ IN_SESSION (hSession)
+ PROCESS_CALL ((hSession))
+ DONE_CALL
+} CK_RV
+CL_C_GetSessionInfo (CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo)
+{
+ BEGIN_CALL (C_GetSessionInfo)
+ IN_SESSION (hSession)
+ PROCESS_CALL ((hSession, pInfo))
+ OUT_SESSION_INFO (pInfo)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_InitPIN (CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin,
+ CK_ULONG ulPinLen)
+{
+ BEGIN_CALL (C_InitPIN)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pPin, ulPinLen)
+ PROCESS_CALL ((hSession, pPin, ulPinLen))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_SetPIN (CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin,
+ CK_ULONG ulOldLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen)
+{
+ BEGIN_CALL (C_SetPIN)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pOldPin, ulOldLen)
+ IN_BYTE_ARRAY (pNewPin, ulNewLen);
+ PROCESS_CALL ((hSession, pOldPin, ulOldLen, pNewPin, ulNewLen))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GetOperationState (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState,
+ CK_ULONG_PTR pulOperationStateLen)
+{
+ BEGIN_CALL (C_GetOperationState)
+ IN_SESSION (hSession)
+ IN_ULONG_PTR (pulOperationStateLen)
+ PROCESS_CALL ((hSession, pOperationState, pulOperationStateLen))
+ OUT_BYTE_ARRAY (pOperationState, pulOperationStateLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_SetOperationState (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState,
+ CK_ULONG ulOperationStateLen, CK_OBJECT_HANDLE hEncryptionKey,
+ CK_OBJECT_HANDLE hAuthenticationKey)
+{
+ BEGIN_CALL (C_SetOperationState)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pOperationState, ulOperationStateLen)
+ IN_HANDLE (hEncryptionKey)
+ IN_HANDLE (hAuthenticationKey)
+ PROCESS_CALL ((hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_Login (CK_SESSION_HANDLE hSession, CK_USER_TYPE userType,
+ CK_UTF8CHAR_PTR pPin, CK_ULONG pPinLen)
+{
+ BEGIN_CALL (C_Login)
+ IN_SESSION (hSession)
+ IN_USER_TYPE (userType)
+ IN_BYTE_ARRAY (pPin, pPinLen);
+ PROCESS_CALL ((hSession, userType, pPin, pPinLen))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_Logout (CK_SESSION_HANDLE hSession)
+{
+ BEGIN_CALL (C_Logout)
+ IN_SESSION (hSession)
+ PROCESS_CALL ((hSession))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_CreateObject (CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phObject)
+{
+ BEGIN_CALL (C_CreateObject)
+ IN_SESSION (hSession)
+ IN_ATTRIBUTE_ARRAY (pTemplate, &ulCount)
+ PROCESS_CALL ((hSession, pTemplate, ulCount, phObject))
+ OUT_HANDLE (phObject)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_CopyObject (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phNewObject)
+{
+ BEGIN_CALL (C_CopyObject)
+ IN_SESSION (hSession)
+ IN_HANDLE (hObject)
+ IN_ATTRIBUTE_ARRAY (pTemplate, &ulCount)
+ PROCESS_CALL ((hSession, hObject, pTemplate, ulCount, phNewObject))
+ OUT_HANDLE (phNewObject)
+ DONE_CALL
+}
+
+
+static CK_RV
+CL_C_DestroyObject (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
+{
+ BEGIN_CALL (C_DestroyObject);
+ IN_SESSION (hSession)
+ IN_HANDLE (hObject)
+ PROCESS_CALL ((hSession, hObject))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GetObjectSize (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
+ CK_ULONG_PTR pulSize)
+{
+ BEGIN_CALL (C_GetObjectSize);
+ IN_SESSION (hSession)
+ IN_HANDLE (hObject)
+ PROCESS_CALL ((hSession, hObject, pulSize))
+ OUT_ULONG (pulSize)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GetAttributeValue (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ BEGIN_CALL (C_GetAttributeValue)
+ IN_SESSION (hSession)
+ IN_HANDLE (hObject)
+ IN_ATTRIBUTE_ARRAY (pTemplate, &ulCount)
+ PROCESS_CALL ((hSession, hObject, pTemplate, ulCount))
+ OUT_ATTRIBUTE_ARRAY (pTemplate, &ulCount)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_SetAttributeValue (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount)
+{
+ BEGIN_CALL (C_SetAttributeValue)
+ IN_SESSION (hSession)
+ IN_HANDLE (hObject)
+ IN_ATTRIBUTE_ARRAY (pTemplate, &ulCount)
+ PROCESS_CALL ((hSession, hObject, pTemplate, ulCount))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_FindObjectsInit (CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount)
+{
+ BEGIN_CALL (C_FindObjectsInit)
+ IN_SESSION (hSession)
+ IN_ATTRIBUTE_ARRAY (pTemplate, &ulCount)
+ PROCESS_CALL ((hSession, pTemplate, ulCount))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_FindObjects (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject,
+ CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount)
+{
+ BEGIN_CALL (C_FindObjects)
+ IN_SESSION (hSession)
+ IN_ULONG (ulMaxObjectCount)
+ PROCESS_CALL ((hSession, phObject, ulMaxObjectCount, pulObjectCount))
+ OUT_HANDLE_ARRAY (phObject, pulObjectCount)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_FindObjectsFinal (CK_SESSION_HANDLE hSession)
+{
+ BEGIN_CALL (C_FindObjectsFinal)
+ IN_SESSION (hSession)
+ PROCESS_CALL ((hSession))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_EncryptInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ BEGIN_CALL (C_EncryptInit)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_HANDLE (hKey)
+ PROCESS_CALL ((hSession, pMechanism, hKey))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
+ CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen)
+{
+ BEGIN_CALL (C_Encrypt)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pData, ulDataLen)
+ PROCESS_CALL ((hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen))
+ OUT_BYTE_ARRAY (pEncryptedData, pulEncryptedDataLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_EncryptUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR pulEncryptedPartLen)
+{
+ BEGIN_CALL (C_EncryptUpdate)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pPart, ulPartLen)
+ PROCESS_CALL ((hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen))
+ OUT_BYTE_ARRAY (pEncryptedPart, pulEncryptedPartLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_EncryptFinal (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastEncryptedPart,
+ CK_ULONG_PTR pulLastEncryptedPartLen)
+{
+ BEGIN_CALL (C_EncryptFinal)
+ IN_SESSION (hSession)
+ PROCESS_CALL ((hSession, pLastEncryptedPart, pulLastEncryptedPartLen))
+ OUT_BYTE_ARRAY (pLastEncryptedPart, pulLastEncryptedPartLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DecryptInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ BEGIN_CALL (C_DecryptInit)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_HANDLE (hKey)
+ PROCESS_CALL ((hSession, pMechanism, hKey))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_Decrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
+ CK_ULONG pulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
+{
+ BEGIN_CALL (C_Decrypt)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pEncryptedData, pulEncryptedDataLen)
+ PROCESS_CALL ((hSession, pEncryptedData, pulEncryptedDataLen, pData, pulDataLen))
+ OUT_BYTE_ARRAY (pData, pulDataLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DecryptUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen)
+{
+ BEGIN_CALL (C_DecryptUpdate)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen)
+ PROCESS_CALL ((hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen))
+ OUT_BYTE_ARRAY (pPart, pulPartLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DecryptFinal (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastPart,
+ CK_ULONG_PTR pulLastPartLen)
+{
+ BEGIN_CALL (C_DecryptFinal)
+ IN_SESSION (hSession)
+ PROCESS_CALL ((hSession, pLastPart, pulLastPartLen))
+ OUT_BYTE_ARRAY (pLastPart, pulLastPartLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DigestInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism)
+{
+ BEGIN_CALL (C_DigestInit)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ PROCESS_CALL ((hSession, pMechanism))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_Digest (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
+ CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
+{
+ BEGIN_CALL (C_Digest)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pData, ulDataLen)
+ PROCESS_CALL ((hSession, pData, ulDataLen, pDigest, pulDigestLen))
+ OUT_BYTE_ARRAY (pDigest, pulDigestLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DigestUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
+{
+ BEGIN_CALL (C_DigestUpdate)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pPart, ulPartLen)
+ PROCESS_CALL ((hSession, pPart, ulPartLen))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DigestKey (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey)
+{
+ BEGIN_CALL (C_DigestKey)
+ IN_SESSION (hSession)
+ IN_HANDLE (hKey)
+ PROCESS_CALL ((hSession, hKey))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DigestFinal (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest,
+ CK_ULONG_PTR pulDigestLen)
+{
+ BEGIN_CALL (C_DigestFinal)
+ IN_SESSION (hSession)
+ PROCESS_CALL ((hSession, pDigest, pulDigestLen))
+ OUT_BYTE_ARRAY (pDigest, pulDigestLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_SignInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ BEGIN_CALL (C_SignInit)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_HANDLE (hKey)
+ PROCESS_CALL ((hSession, pMechanism, hKey))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_Sign (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen)
+{
+ BEGIN_CALL (C_Sign)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pData, ulDataLen)
+ PROCESS_CALL ((hSession, pData, ulDataLen, pSignature, pulSignatureLen))
+ OUT_BYTE_ARRAY (pSignature, pulSignatureLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_SignUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
+{
+ BEGIN_CALL (C_SignUpdate)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pPart, ulPartLen)
+ PROCESS_CALL ((hSession, pPart, ulPartLen))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_SignFinal (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
+ CK_ULONG_PTR pulSignatureLen)
+{
+ BEGIN_CALL (C_SignFinal)
+ IN_SESSION (hSession)
+ PROCESS_CALL ((hSession, pSignature, pulSignatureLen))
+ OUT_BYTE_ARRAY (pSignature, pulSignatureLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_SignRecoverInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ BEGIN_CALL (C_SignRecoverInit)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_HANDLE (hKey)
+ PROCESS_CALL ((hSession, pMechanism, hKey))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_SignRecover (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen)
+{
+ BEGIN_CALL (C_SignRecover)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pData, ulDataLen)
+ PROCESS_CALL ((hSession, pData, ulDataLen, pSignature, pulSignatureLen))
+ OUT_BYTE_ARRAY (pSignature, pulSignatureLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_VerifyInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ BEGIN_CALL (C_VerifyInit);
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_HANDLE (hKey)
+ PROCESS_CALL ((hSession, pMechanism, hKey))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_Verify (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen,
+ CK_BYTE_PTR pSignature, CK_ULONG pulSignatureLen)
+{
+ BEGIN_CALL (C_Verify)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pData, ulDataLen)
+ IN_BYTE_ARRAY (pSignature, pulSignatureLen)
+ PROCESS_CALL ((hSession, pData, ulDataLen, pSignature, pulSignatureLen))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_VerifyUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen)
+{
+ BEGIN_CALL (C_VerifyUpdate)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pPart, ulPartLen)
+ PROCESS_CALL ((hSession, pPart, ulPartLen))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_VerifyFinal (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
+ CK_ULONG pulSignatureLen)
+{
+ BEGIN_CALL (C_VerifyFinal)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pSignature, pulSignatureLen);
+ PROCESS_CALL ((hSession, pSignature, pulSignatureLen))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_VerifyRecoverInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hKey)
+{
+ BEGIN_CALL (C_VerifyRecoverInit)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_HANDLE (hKey)
+ PROCESS_CALL ((hSession, pMechanism, hKey))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_VerifyRecover (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
+ CK_ULONG pulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
+{
+ BEGIN_CALL (C_VerifyRecover)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pSignature, pulSignatureLen)
+ PROCESS_CALL ((hSession, pSignature, pulSignatureLen, pData, pulDataLen))
+ OUT_BYTE_ARRAY (pData, pulDataLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DigestEncryptUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR ulEncryptedPartLen)
+{
+ BEGIN_CALL (C_DigestEncryptUpdate);
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pPart, ulPartLen)
+ PROCESS_CALL ((hSession, pPart, ulPartLen, pEncryptedPart, ulEncryptedPartLen))
+ OUT_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DecryptDigestUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
+{
+ BEGIN_CALL (C_DecryptDigestUpdate)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen)
+ PROCESS_CALL ((hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen))
+ OUT_BYTE_ARRAY (pPart, pulPartLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_SignEncryptUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart,
+ CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG_PTR ulEncryptedPartLen)
+{
+ BEGIN_CALL (C_SignEncryptUpdate)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pPart, ulPartLen)
+ PROCESS_CALL ((hSession, pPart, ulPartLen, pEncryptedPart, ulEncryptedPartLen))
+ OUT_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DecryptVerifyUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart,
+ CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart,
+ CK_ULONG_PTR pulPartLen)
+{
+ BEGIN_CALL (C_DecryptVerifyUpdate)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen)
+ PROCESS_CALL ((hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen))
+ OUT_BYTE_ARRAY (pPart, pulPartLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GenerateKey (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
+ CK_OBJECT_HANDLE_PTR phKey)
+{
+ BEGIN_CALL (C_GenerateKey)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_ATTRIBUTE_ARRAY (pTemplate, &ulCount)
+ PROCESS_CALL ((hSession, pMechanism, pTemplate, ulCount, phKey))
+ OUT_HANDLE (phKey)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GenerateKeyPair (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount,
+ CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount,
+ CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey)
+{
+ BEGIN_CALL (C_GenerateKeyPair)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_ATTRIBUTE_ARRAY (pPublicKeyTemplate, &ulPublicKeyAttributeCount)
+ IN_ATTRIBUTE_ARRAY (pPrivateKeyTemplate, &ulPrivateKeyAttributeCount)
+ PROCESS_CALL ((hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount,
+ pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey))
+ OUT_HANDLE (phPublicKey)
+ OUT_HANDLE (phPrivateKey)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_WrapKey (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
+ CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen)
+{
+ BEGIN_CALL (C_WrapKey)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_HANDLE (hWrappingKey)
+ IN_HANDLE (hKey)
+ PROCESS_CALL ((hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen))
+ OUT_BYTE_ARRAY (pWrappedKey, pulWrappedKeyLen)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_UnwrapKey (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE pUnwrappingKey, CK_BYTE_PTR pWrappedKey,
+ CK_ULONG pulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey)
+{
+ BEGIN_CALL (C_UnwrapKey)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_HANDLE (pUnwrappingKey)
+ IN_BYTE_ARRAY (pWrappedKey, pulWrappedKeyLen)
+ IN_ATTRIBUTE_ARRAY (pTemplate, &ulCount)
+ PROCESS_CALL ((hSession, pMechanism, pUnwrappingKey, pWrappedKey,
+ pulWrappedKeyLen, pTemplate, ulCount, phKey))
+ OUT_HANDLE (phKey)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_DeriveKey (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism,
+ CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate,
+ CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey)
+{
+ BEGIN_CALL (C_DeriveKey)
+ IN_SESSION (hSession)
+ IN_MECHANISM (pMechanism)
+ IN_HANDLE (hBaseKey)
+ IN_ATTRIBUTE_ARRAY (pTemplate, &ulCount)
+ PROCESS_CALL ((hSession, pMechanism, hBaseKey, pTemplate, ulCount, phKey))
+ OUT_HANDLE (phKey)
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_SeedRandom (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen)
+{
+ BEGIN_CALL (C_SeedRandom)
+ IN_SESSION (hSession)
+ IN_BYTE_ARRAY (pSeed, ulSeedLen);
+ PROCESS_CALL ((hSession, pSeed, ulSeedLen))
+ DONE_CALL
+}
+
+static CK_RV
+CL_C_GenerateRandom (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pRandomData,
+ CK_ULONG ulRandomLen)
+{
+ BEGIN_CALL (C_GenerateRandom)
+ IN_SESSION (hSession)
+ IN_ULONG (ulRandomLen)
+ PROCESS_CALL ((hSession, pRandomData, ulRandomLen))
+ OUT_BYTE_ARRAY (pRandomData, &ulRandomLen)
+ DONE_CALL
+}
+
+static struct CK_FUNCTION_LIST functionList = {
+ { 2, 11 }, /* version */
+ CL_C_Initialize,
+ CL_C_Finalize,
+ CL_C_GetInfo,
+ CL_C_GetFunctionList,
+ CL_C_GetSlotList,
+ CL_C_GetSlotInfo,
+ CL_C_GetTokenInfo,
+ CL_C_GetMechanismList,
+ CL_C_GetMechanismInfo,
+ CL_C_InitToken,
+ CL_C_InitPIN,
+ CL_C_SetPIN,
+ CL_C_OpenSession,
+ CL_C_CloseSession,
+ CL_C_CloseAllSessions,
+ CL_C_GetSessionInfo,
+ CL_C_GetOperationState,
+ CL_C_SetOperationState,
+ CL_C_Login,
+ CL_C_Logout,
+ CL_C_CreateObject,
+ CL_C_CopyObject,
+ CL_C_DestroyObject,
+ CL_C_GetObjectSize,
+ CL_C_GetAttributeValue,
+ CL_C_SetAttributeValue,
+ CL_C_FindObjectsInit,
+ CL_C_FindObjects,
+ CL_C_FindObjectsFinal,
+ CL_C_EncryptInit,
+ CL_C_Encrypt,
+ CL_C_EncryptUpdate,
+ CL_C_EncryptFinal,
+ CL_C_DecryptInit,
+ CL_C_Decrypt,
+ CL_C_DecryptUpdate,
+ CL_C_DecryptFinal,
+ CL_C_DigestInit,
+ CL_C_Digest,
+ CL_C_DigestUpdate,
+ CL_C_DigestKey,
+ CL_C_DigestFinal,
+ CL_C_SignInit,
+ CL_C_Sign,
+ CL_C_SignUpdate,
+ CL_C_SignFinal,
+ CL_C_SignRecoverInit,
+ CL_C_SignRecover,
+ CL_C_VerifyInit,
+ CL_C_Verify,
+ CL_C_VerifyUpdate,
+ CL_C_VerifyFinal,
+ CL_C_VerifyRecoverInit,
+ CL_C_VerifyRecover,
+ CL_C_DigestEncryptUpdate,
+ CL_C_DecryptDigestUpdate,
+ CL_C_SignEncryptUpdate,
+ CL_C_DecryptVerifyUpdate,
+ CL_C_GenerateKey,
+ CL_C_GenerateKeyPair,
+ CL_C_WrapKey,
+ CL_C_UnwrapKey,
+ CL_C_DeriveKey,
+ CL_C_SeedRandom,
+ CL_C_GenerateRandom,
+ CL_C_GetFunctionStatus,
+ CL_C_CancelFunction,
+ CL_C_WaitForSlotEvent
+};
+
+CK_RV
+C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list)
+{
+ if (!list)
+ return CKR_ARGUMENTS_BAD;
+
+ *list = &functionList;
+ return CKR_OK;
+}
diff --git a/module/export.map b/module/export.map
new file mode 100644
index 0000000..5e9476c
--- /dev/null
+++ b/module/export.map
@@ -0,0 +1,5 @@
+{
+ global: C_GetFunctionList;
+ local: *;
+};
+