Code Review / aaf / sshsm.git / blob
? search:


19909e4071798f7b3d2c2b9ad3cdbb011d85478a
[aaf/sshsm.git] / SoftHSMv2 / src / lib / SoftHSM.h
1 /*
2  * Copyright (c) 2010 SURFnet bv
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  * 2. Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in the
12  *    documentation and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
16  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
18  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
20  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
21  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
22  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
23  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
24  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25  */
26
27 /*****************************************************************************
28  SoftHSM.h
29
30  This is the main class of the SoftHSM; it has the PKCS #11 interface and
31  dispatches all calls to the relevant components of the SoftHSM. The SoftHSM
32  class is a singleton implementation.
33  *****************************************************************************/
34
35 #include "config.h"
36 #include "log.h"
37 #include "cryptoki.h"
38 #include "SessionObjectStore.h"
39 #include "ObjectStore.h"
40 #include "SessionManager.h"
41 #include "SlotManager.h"
42 #include "HandleManager.h"
43 #include "RSAPublicKey.h"
44 #include "RSAPrivateKey.h"
45 #include "DSAPublicKey.h"
46 #include "DSAPrivateKey.h"
47 #include "ECPublicKey.h"
48 #include "ECPrivateKey.h"
49 #include "DHPublicKey.h"
50 #include "DHPrivateKey.h"
51 #include "GOSTPublicKey.h"
52 #include "GOSTPrivateKey.h"
53
54 #include <memory>
55
56 class SoftHSM
57 {
58 public:
59         // Return the one-and-only instance
60         static SoftHSM* i();
61
62         // This will destroy the one-and-only instance.
63         static void reset();
64
65         // Destructor
66         virtual ~SoftHSM();
67
68         // PKCS #11 functions
69         CK_RV C_Initialize(CK_VOID_PTR pInitArgs);
70         CK_RV C_Finalize(CK_VOID_PTR pReserved);
71         CK_RV C_GetInfo(CK_INFO_PTR pInfo);
72         CK_RV C_GetSlotList(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount);
73         CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo);
74         CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo);
75         CK_RV C_GetMechanismList(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount);
76         CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR pInfo);
77         CK_RV C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel);
78         CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen);
79         CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen);
80         CK_RV C_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication, CK_NOTIFY notify, CK_SESSION_HANDLE_PTR phSession);
81         CK_RV C_CloseSession(CK_SESSION_HANDLE hSession);
82         CK_RV C_CloseAllSessions(CK_SLOT_ID slotID);
83         CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo);
84         CK_RV C_GetOperationState(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen);
85         CK_RV C_SetOperationState(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen, CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey);
86         CK_RV C_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen);
87         CK_RV C_Logout(CK_SESSION_HANDLE hSession);
88         CK_RV C_CreateObject(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phObject);
89         CK_RV C_CopyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phNewObject);
90         CK_RV C_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject);
91         CK_RV C_GetObjectSize(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize);
92         CK_RV C_GetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount);
93         CK_RV C_SetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount);
94         CK_RV C_FindObjectsInit(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount);
95         CK_RV C_FindObjects(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject, CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount);
96         CK_RV C_FindObjectsFinal(CK_SESSION_HANDLE hSession);
97         CK_RV C_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
98         CK_RV C_Encrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen);
99         CK_RV C_EncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen);
100         CK_RV C_EncryptFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen);
101         CK_RV C_DecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
102         CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen);
103         CK_RV C_DecryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pDataLen);
104         CK_RV C_DecryptFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG_PTR pDataLen);
105         CK_RV C_DigestInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism);
106         CK_RV C_Digest(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen);
107         CK_RV C_DigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen);
108         CK_RV C_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject);
109         CK_RV C_DigestFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen);
110         CK_RV C_SignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
111         CK_RV C_Sign(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen);
112         CK_RV C_SignUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen);
113         CK_RV C_SignFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen);
114         CK_RV C_SignRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
115         CK_RV C_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen);
116         CK_RV C_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
117         CK_RV C_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen);
118         CK_RV C_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen);
119         CK_RV C_VerifyFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen);
120         CK_RV C_VerifyRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
121         CK_RV C_VerifyRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen);
122         CK_RV C_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen);
123         CK_RV C_DecryptDigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pDecryptedPart, CK_ULONG_PTR pulDecryptedPartLen);
124         CK_RV C_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen);
125         CK_RV C_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen);
126         CK_RV C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey);
127         CK_RV C_GenerateKeyPair
128         (
129                 CK_SESSION_HANDLE hSession,
130                 CK_MECHANISM_PTR pMechanism,
131                 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
132                 CK_ULONG ulPublicKeyAttributeCount,
133                 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
134                 CK_ULONG ulPrivateKeyAttributeCount,
135                 CK_OBJECT_HANDLE_PTR phPublicKey,
136                 CK_OBJECT_HANDLE_PTR phPrivateKey
137         );
138         CK_RV C_WrapKey
139         (
140                 CK_SESSION_HANDLE hSession,
141                 CK_MECHANISM_PTR pMechanism,
142                 CK_OBJECT_HANDLE hWrappingKey,
143                 CK_OBJECT_HANDLE hKey,
144                 CK_BYTE_PTR pWrappedKey,
145                 CK_ULONG_PTR pulWrappedKeyLen
146         );
147         CK_RV C_UnwrapKey
148         (
149                 CK_SESSION_HANDLE hSession,
150                 CK_MECHANISM_PTR pMechanism,
151                 CK_OBJECT_HANDLE hUnwrappingKey,
152                 CK_BYTE_PTR pWrappedKey,
153                 CK_ULONG ulWrappedKeyLen,
154                 CK_ATTRIBUTE_PTR pTemplate,
155                 CK_ULONG ulCount,
156                 CK_OBJECT_HANDLE_PTR hKey
157         );
158         CK_RV C_DeriveKey
159         (
160                 CK_SESSION_HANDLE hSession,
161                 CK_MECHANISM_PTR pMechanism,
162                 CK_OBJECT_HANDLE hBaseKey,
163                 CK_ATTRIBUTE_PTR pTemplate,
164                 CK_ULONG ulCount,
165                 CK_OBJECT_HANDLE_PTR phKey
166         );
167         CK_RV C_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen);
168         CK_RV C_GenerateRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen);
169         CK_RV C_GetFunctionStatus(CK_SESSION_HANDLE hSession);
170         CK_RV C_CancelFunction(CK_SESSION_HANDLE hSession);
171         CK_RV C_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, CK_VOID_PTR pReserved);
172
173 private:
174         // Constructor
175         SoftHSM();
176
177         // The one-and-only instance
178 #ifdef HAVE_CXX11
179         static std::unique_ptr<SoftHSM> instance;
180 #else
181         static std::auto_ptr<SoftHSM> instance;
182 #endif
183
184         // Is the SoftHSM PKCS #11 library initialised?
185         bool isInitialised;
186         bool isRemovable;
187
188         SessionObjectStore* sessionObjectStore;
189         ObjectStore* objectStore;
190         SlotManager* slotManager;
191         SessionManager* sessionManager;
192         HandleManager* handleManager;
193
194         // Encrypt/Decrypt variants
195         CK_RV SymEncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
196         CK_RV AsymEncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
197         CK_RV SymDecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
198         CK_RV AsymDecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
199
200         // Sign/Verify variants
201         CK_RV MacSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
202         CK_RV AsymSignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
203         CK_RV MacVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
204         CK_RV AsymVerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey);
205
206         // Key generation
207         CK_RV generateDES
208         (
209                 CK_SESSION_HANDLE hSession,
210                 CK_ATTRIBUTE_PTR pTemplate,
211                 CK_ULONG ulCount,
212                 CK_OBJECT_HANDLE_PTR phKey,
213                 CK_BBOOL isOnToken,
214                 CK_BBOOL isPrivate
215         );
216         CK_RV generateDES2
217         (
218                 CK_SESSION_HANDLE hSession,
219                 CK_ATTRIBUTE_PTR pTemplate,
220                 CK_ULONG ulCount,
221                 CK_OBJECT_HANDLE_PTR phKey,
222                 CK_BBOOL isOnToken,
223                 CK_BBOOL isPrivate
224         );
225         CK_RV generateDES3
226         (
227                 CK_SESSION_HANDLE hSession,
228                 CK_ATTRIBUTE_PTR pTemplate,
229                 CK_ULONG ulCount,
230                 CK_OBJECT_HANDLE_PTR phKey,
231                 CK_BBOOL isOnToken,
232                 CK_BBOOL isPrivate
233         );
234         CK_RV generateAES
235         (
236                 CK_SESSION_HANDLE hSession,
237                 CK_ATTRIBUTE_PTR pTemplate,
238                 CK_ULONG ulCount,
239                 CK_OBJECT_HANDLE_PTR phKey,
240                 CK_BBOOL isOnToken,
241                 CK_BBOOL isPrivate
242         );
243         CK_RV generateRSA
244         (CK_SESSION_HANDLE hSession,
245                 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
246                 CK_ULONG ulPublicKeyAttributeCount,
247                 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
248                 CK_ULONG ulPrivateKeyAttributeCount,
249                 CK_OBJECT_HANDLE_PTR phPublicKey,
250                 CK_OBJECT_HANDLE_PTR phPrivateKey,
251                 CK_BBOOL isPublicKeyOnToken,
252                 CK_BBOOL isPublicKeyPrivate,
253                 CK_BBOOL isPrivateKeyOnToken,
254                 CK_BBOOL isPrivateKeyPrivate
255         );
256         CK_RV generateDSA
257         (
258                 CK_SESSION_HANDLE hSession,
259                 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
260                 CK_ULONG ulPublicKeyAttributeCount,
261                 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
262                 CK_ULONG ulPrivateKeyAttributeCount,
263                 CK_OBJECT_HANDLE_PTR phPublicKey,
264                 CK_OBJECT_HANDLE_PTR phPrivateKey,
265                 CK_BBOOL isPublicKeyOnToken,
266                 CK_BBOOL isPublicKeyPrivate,
267                 CK_BBOOL isPrivateKeyOnToken,
268                 CK_BBOOL isPrivateKeyPrivate
269         );
270         CK_RV generateDSAParameters
271         (
272                 CK_SESSION_HANDLE hSession,
273                 CK_ATTRIBUTE_PTR pTemplate,
274                 CK_ULONG ulCount,
275                 CK_OBJECT_HANDLE_PTR phKey,
276                 CK_BBOOL isOnToken,
277                 CK_BBOOL isPrivate
278         );
279         CK_RV generateEC
280         (
281                 CK_SESSION_HANDLE hSession,
282                 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
283                 CK_ULONG ulPublicKeyAttributeCount,
284                 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
285                 CK_ULONG ulPrivateKeyAttributeCount,
286                 CK_OBJECT_HANDLE_PTR phPublicKey,
287                 CK_OBJECT_HANDLE_PTR phPrivateKey,
288                 CK_BBOOL isPublicKeyOnToken,
289                 CK_BBOOL isPublicKeyPrivate,
290                 CK_BBOOL isPrivateKeyOnToken,
291                 CK_BBOOL isPrivateKeyPrivate
292         );
293         CK_RV generateDH
294         (
295                 CK_SESSION_HANDLE hSession,
296                 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
297                 CK_ULONG ulPublicKeyAttributeCount,
298                 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
299                 CK_ULONG ulPrivateKeyAttributeCount,
300                 CK_OBJECT_HANDLE_PTR phPublicKey,
301                 CK_OBJECT_HANDLE_PTR phPrivateKey,
302                 CK_BBOOL isPublicKeyOnToken,
303                 CK_BBOOL isPublicKeyPrivate,
304                 CK_BBOOL isPrivateKeyOnToken,
305                 CK_BBOOL isPrivateKeyPrivate
306         );
307         CK_RV generateDHParameters
308         (
309                 CK_SESSION_HANDLE hSession,
310                 CK_ATTRIBUTE_PTR pTemplate,
311                 CK_ULONG ulCount,
312                 CK_OBJECT_HANDLE_PTR phKey,
313                 CK_BBOOL isOnToken,
314                 CK_BBOOL isPrivate
315         );
316         CK_RV generateGOST
317         (
318                 CK_SESSION_HANDLE hSession,
319                 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
320                 CK_ULONG ulPublicKeyAttributeCount,
321                 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
322                 CK_ULONG ulPrivateKeyAttributeCount,
323                 CK_OBJECT_HANDLE_PTR phPublicKey,
324                 CK_OBJECT_HANDLE_PTR phPrivateKey,
325                 CK_BBOOL isPublicKeyOnToken,
326                 CK_BBOOL isPublicKeyPrivate,
327                 CK_BBOOL isPrivateKeyOnToken,
328                 CK_BBOOL isPrivateKeyPrivate
329         );
330         CK_RV deriveDH
331         (
332                 CK_SESSION_HANDLE hSession,
333                 CK_MECHANISM_PTR pMechanism,
334                 CK_OBJECT_HANDLE hBaseKey,
335                 CK_ATTRIBUTE_PTR pTemplate,
336                 CK_ULONG ulCount,
337                 CK_OBJECT_HANDLE_PTR phKey,
338                 CK_KEY_TYPE keyType,
339                 CK_BBOOL isOnToken,
340                 CK_BBOOL isPrivate
341         );
342         CK_RV deriveECDH
343         (
344                 CK_SESSION_HANDLE hSession,
345                 CK_MECHANISM_PTR pMechanism,
346                 CK_OBJECT_HANDLE hBaseKey,
347                 CK_ATTRIBUTE_PTR pTemplate,
348                 CK_ULONG ulCount,
349                 CK_OBJECT_HANDLE_PTR phKey,
350                 CK_KEY_TYPE keyType,
351                 CK_BBOOL isOnToken,
352                 CK_BBOOL isPrivate
353         );
354         CK_RV deriveSymmetric
355         (
356                 CK_SESSION_HANDLE hSession,
357                 CK_MECHANISM_PTR pMechanism,
358                 CK_OBJECT_HANDLE hBaseKey,
359                 CK_ATTRIBUTE_PTR pTemplate,
360                 CK_ULONG ulCount,
361                 CK_OBJECT_HANDLE_PTR phKey,
362                 CK_KEY_TYPE keyType,
363                 CK_BBOOL isOnToken,
364                 CK_BBOOL isPrivate
365         );
366         CK_RV CreateObject
367         (
368                 CK_SESSION_HANDLE hSession,
369                 CK_ATTRIBUTE_PTR pTemplate,
370                 CK_ULONG ulCount,
371                 CK_OBJECT_HANDLE_PTR phObject,
372                 int op
373         );
374
375         CK_RV getRSAPrivateKey(RSAPrivateKey* privateKey, Token* token, OSObject* key);
376         CK_RV getRSAPublicKey(RSAPublicKey* publicKey, Token* token, OSObject* key);
377         CK_RV getDSAPrivateKey(DSAPrivateKey* privateKey, Token* token, OSObject* key);
378         CK_RV getDSAPublicKey(DSAPublicKey* publicKey, Token* token, OSObject* key);
379         CK_RV getECPrivateKey(ECPrivateKey* privateKey, Token* token, OSObject* key);
380         CK_RV getECPublicKey(ECPublicKey* publicKey, Token* token, OSObject* key);
381         CK_RV getDHPrivateKey(DHPrivateKey* privateKey, Token* token, OSObject* key);
382         CK_RV getDHPublicKey(DHPublicKey* publicKey, DHPrivateKey* privateKey, ByteString& pubParams);
383         CK_RV getECDHPublicKey(ECPublicKey* publicKey, ECPrivateKey* privateKey, ByteString& pubData);
384         CK_RV getGOSTPrivateKey(GOSTPrivateKey* privateKey, Token* token, OSObject* key);
385         CK_RV getGOSTPublicKey(GOSTPublicKey* publicKey, Token* token, OSObject* key);
386         CK_RV getSymmetricKey(SymmetricKey* skey, Token* token, OSObject* key);
387
388         ByteString getECDHPubData(ByteString& pubData);
389
390         bool setRSAPrivateKey(OSObject* key, const ByteString &ber, Token* token, bool isPrivate) const;
391         bool setDSAPrivateKey(OSObject* key, const ByteString &ber, Token* token, bool isPrivate) const;
392         bool setDHPrivateKey(OSObject* key, const ByteString &ber, Token* token, bool isPrivate) const;
393         bool setECPrivateKey(OSObject* key, const ByteString &ber, Token* token, bool isPrivate) const;
394
395
396         CK_RV WrapKeyAsym
397         (
398                 CK_MECHANISM_PTR pMechanism,
399                 Token *token,
400                 OSObject *wrapKey,
401                 ByteString &keydata,
402                 ByteString &wrapped
403         );
404
405         CK_RV WrapKeySym
406         (
407                 CK_MECHANISM_PTR pMechanism,
408                 Token *token,
409                 OSObject *wrapKey,
410                 ByteString &keydata,
411                 ByteString &wrapped
412         );
413
414         CK_RV UnwrapKeyAsym
415         (
416                 CK_MECHANISM_PTR pMechanism,
417                 ByteString &wrapped,
418                 Token* token,
419                 OSObject *unwrapKey,
420                 ByteString &keydata
421         );
422
423         CK_RV UnwrapKeySym
424         (
425                 CK_MECHANISM_PTR pMechanism,
426                 ByteString &wrapped,
427                 Token* token,
428                 OSObject *unwrapKey,
429                 ByteString &keydata
430         );
431
432         CK_RV MechParamCheckRSAPKCSOAEP(CK_MECHANISM_PTR pMechanism);
433
434         static bool isMechanismPermitted(OSObject* key, CK_MECHANISM_PTR pMechanism);
435 };
436
A repository for softhsm modifications and hardware security plugin.