Skip to content

Commit

Permalink
Merge 2019 Mar
Browse files Browse the repository at this point in the history
Changes:
  * PKA attribute support

Change-Id: Ic4e552573e4763f0c24c6e712701fa1405213fa1
  • Loading branch information
Ashley Straw committed Mar 27, 2019
1 parent 574018c commit d8aa871
Show file tree
Hide file tree
Showing 7 changed files with 463 additions and 399 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -113,3 +113,4 @@ target/
#eclipse
.project
.pydevproject
.settings
4 changes: 2 additions & 2 deletions docs/conf.py
Original file line number Diff line number Diff line change
Expand Up @@ -59,9 +59,9 @@
# built documents.
#
# The short X.Y version.
version = '2.1'
version = '2.2'
# The full version, including alpha/beta/rc tags.
release = '2.1.3'
release = '2.2.1'

# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
Expand Down
28 changes: 26 additions & 2 deletions pycryptoki/attributes.py
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,9 @@

from six import b, string_types, integer_types, binary_type

from pycryptoki.conversions import from_bytestring
from .cryptoki import CK_ATTRIBUTE, CK_BBOOL, CK_ATTRIBUTE_TYPE, CK_ULONG, CK_BYTE, CK_CHAR
from pycryptoki.conversions import (from_bytestring, from_hex, to_bytestring)
from .cryptoki import (CK_ATTRIBUTE, CK_BBOOL, CK_ATTRIBUTE_TYPE, CK_ULONG, CK_BYTE, CK_CHAR,
CK_KEY_STATUS)
from .defines import CKA_EKM_UID, CKA_GENERIC_1, CKA_GENERIC_2, CKA_GENERIC_3
from .defines import (
CKA_USAGE_LIMIT,
Expand Down Expand Up @@ -84,6 +85,8 @@
CKA_X9_31_GENERATED,
CKA_VALUE,
CKA_BYTES_REMAINING,
CKA_FAILED_KEY_AUTH_COUNT,
CKA_KEY_STATUS
)

LOG = logging.getLogger(__name__)
Expand Down Expand Up @@ -231,6 +234,24 @@ def to_ck_date(val, reverse=False):
return cast(pointer(date_val), c_void_p), CK_ULONG(sizeof(date_val))


@ret_type(CK_KEY_STATUS)
def to_pka_key_status(val, reverse=False):
"""Transform a Per Key Authorization Key Status object into
a PKCS11 readable byte string
:param val: Value to convert
:param reverse: Whether to convert from C -> Python
:return: (:class:`ctypes.c_void_p` ptr to :class:`pycryptoki.cryptoki.CK_KEY_STATUS` object,
:class:`ctypes.c_ulong` size of array)
"""
if reverse:
interm = from_hex(to_byte_array(val, reverse))
bytestr = bytearray(to_bytestring(interm))

return CK_KEY_STATUS.from_buffer(bytestr)

return to_byte_array(val, reverse)

@ret_type(CK_BYTE)
def to_byte_array(val, reverse=False):
"""Converts an arbitrarily sized integer, list, or byte array
Expand Down Expand Up @@ -328,6 +349,7 @@ def to_sub_attributes(val, reverse=False):
CKA_USAGE_COUNT: to_long,
CKA_USAGE_LIMIT: to_long,
CKA_BYTES_REMAINING: to_long,
CKA_FAILED_KEY_AUTH_COUNT: to_long,
# int, bool
CKA_TOKEN: to_bool,
CKA_PRIVATE: to_bool,
Expand Down Expand Up @@ -381,6 +403,8 @@ def to_sub_attributes(val, reverse=False):
# Dict
CKA_UNWRAP_TEMPLATE: to_sub_attributes,
CKA_DERIVE_TEMPLATE: to_sub_attributes,
#pka
CKA_KEY_STATUS: to_pka_key_status
}
)

Expand Down
9 changes: 9 additions & 0 deletions pycryptoki/cryptoki.py
Original file line number Diff line number Diff line change
Expand Up @@ -996,6 +996,15 @@ class CK_UTILIZATION_COUNTER(Structure):
]
CK_UTILIZATION_COUNTER_PTR = POINTER(CK_UTILIZATION_COUNTER)

#pka
class CK_KEY_STATUS(Structure):
_fields_ = [
('flags', CK_BYTE),
('failedAuthCountLimit', CK_BYTE),
('reserved1', CK_BYTE),
('reserved2', CK_BYTE)
]

class CK_SFNT_CA_FUNCTION_LIST(Structure):
pass

Expand Down
32 changes: 23 additions & 9 deletions pycryptoki/defines.py
Original file line number Diff line number Diff line change
Expand Up @@ -559,15 +559,24 @@
LUNA_TTYPE_RSA_1863_AUX_PRIME_KEY_GEN_TEST = 0x00000013
LUNA_TTYPE_RSA_1863_ONLY_PRIME_KEY_GEN_TEST = 0x00000014
LUNA_TTYPE_X9_42_DOMAIN_PARAMETER_GENERATION_TEST = 0x00000015
LUNA_TTYPE_ACCESS_ENTROPY_TEST = 0x00000016
LUNA_TTYPE_ENTROPY_CRC_ERR_INJECTION_TEST = 0x00000017
LUNA_TTYPE_ENTROPY_HW_ERR_INJECTION_TEST = 0x00000018
LUNA_TTYPE_ENTROPY_FRO_DEGRADATION_TEST = 0x00000019
LUNA_TTYPE_ENTROPY_CONTINUOUS_TEST = 0x0000001a
LUNA_TTYPE_DRBG_TEST = 0x0000001b
LUNA_TTYPE_AES_KEY_WRAP_TEST = 0x0000001c
LUNA_TTYPE_DRBG_CRC_ERR_INJECTION_TEST = 0x0000001d
LUNA_TTYPE_AES_KEY_WRAP_PAD_TEST = 0x0000001e
LUNA_TTYPE_KEY_WRAP_TEST = 0x00000016
LUNA_TTYPE_ACCESS_ENTROPY_TEST = 0x00000017
LUNA_TTYPE_ENTROPY_CRC_ERR_INJECTION_TEST = 0x00000018
LUNA_TTYPE_ENTROPY_HW_ERR_INJECTION_TEST = 0x00000019
LUNA_TTYPE_ENTROPY_FRO_DEGRADATION_TEST = 0x0000001a
LUNA_TTYPE_ENTROPY_CONTINUOUS_TEST = 0x0000001b
LUNA_TTYPE_DRBG_TEST = 0x0000001c
LUNA_TTYPE_AES_KEY_WRAP_TEST = 0x0000001d
LUNA_TTYPE_DRBG_CRC_ERR_INJECTION_TEST = 0x0000001e
LUNA_TTYPE_AES_KEY_WRAP_PAD_TEST = 0x0000001f
LUNA_TTYPE_PERF_MEASUREMENT = 0x00000020
LUNA_TTYPE_SW_HMAC = 0x00000021
LUNA_TTYPE_SENTRY_ON_OFF = 0x00000022
LUNA_ECDSA_KEY_TEST_W_EXTRA_BITS = 0x00000023
LUNA_TTYPE_ERROR_INJECT_EXIT = 0x00000024
LUNA_TTYPE_ERROR_INJECT_RAISE = 0x00000025
LUNA_TTYPE_ERROR_INJECT_OOPS = 0x00000026
LUNA_TTYPE_ERROR_INJECT_HANG = 0x00000027
LUNA_CTYPE_KCV = 0x00000000
LUNA_CTYPE_MOFN = 0x00000001
HA_CMD_GET_LOGIN_CHALLENGE = 0x01
Expand Down Expand Up @@ -2026,3 +2035,8 @@
CK_MODIFY_USAGE_COUNT_COMMAND_TYPE_INCREMENT = 0x00000001
CK_MODIFY_USAGE_COUNT_COMMAND_TYPE_SET = 0x00000002
CKP_PKCS5_PBKD2_HMAC_SM3 = 0x80000B01
CK_KEY_STATUS_F_AUTH_DATA_SET = 0x01
CK_KEY_STATUS_F_LOCKED_DUE_TO_FAILED_AUTH = 0x02
CK_KEY_STATUS_F_LOCKED_DUE_TO_DATE = 0x04
CK_KEY_STATUS_F_LOCKED_DUE_TO_DES3_BLOCK_COUNTER = 0x08
CK_KEY_STATUS_F_LOCKED_DUE_TO_USAGE_COUNTER = 0x10
Loading

0 comments on commit d8aa871

Please sign in to comment.