summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPetr Spacek <pspacek@redhat.com>2015-03-04 14:37:58 +0100
committerTomas Babej <tbabej@redhat.com>2015-03-06 10:58:10 +0100
commit4b33f2b51586384fdb1f0c77ff8d22a91fce8696 (patch)
tree0cff34379b0705088b03507479dc4d589ffb70f3
parent93c384fd1337cb42d276d5ebd219c6b90435861f (diff)
downloadfreeipa-4b33f2b51586384fdb1f0c77ff8d22a91fce8696.tar.gz
freeipa-4b33f2b51586384fdb1f0c77ff8d22a91fce8696.tar.xz
freeipa-4b33f2b51586384fdb1f0c77ff8d22a91fce8696.zip
p11helper: standardize indentation and other visual aspects of the code
https://fedorahosted.org/freeipa/ticket/4657 Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat
-rw-r--r--ipapython/ipap11helper/p11helper.c1333
1 files changed, 744 insertions, 589 deletions
diff --git a/ipapython/ipap11helper/p11helper.c b/ipapython/ipap11helper/p11helper.c
index fa858c9d5..b3cf6cd78 100644
--- a/ipapython/ipap11helper/p11helper.c
+++ b/ipapython/ipap11helper/p11helper.c
@@ -61,11 +61,11 @@
#define CKZ_DATA_SPECIFIED (0x00000001)
struct ck_rsa_pkcs_oaep_params {
- CK_MECHANISM_TYPE hash_alg;
- unsigned long mgf;
- unsigned long source;
- void *source_data;
- unsigned long source_data_len;
+ CK_MECHANISM_TYPE hash_alg;
+ unsigned long mgf;
+ unsigned long source;
+ void *source_data;
+ unsigned long source_data_len;
};
typedef struct ck_rsa_pkcs_oaep_params CK_RSA_PKCS_OAEP_PARAMS;
@@ -81,11 +81,10 @@ CK_BBOOL false = CK_FALSE;
* P11_Helper type
*/
typedef struct {
-PyObject_HEAD
-CK_SLOT_ID slot;
-CK_FUNCTION_LIST_PTR p11;
-CK_SESSION_HANDLE session;
-void *module_handle;
+ PyObject_HEAD CK_SLOT_ID slot;
+ CK_FUNCTION_LIST_PTR p11;
+ CK_SESSION_HANDLE session;
+ void *module_handle;
} P11_Helper;
typedef enum {
@@ -132,8 +131,8 @@ typedef enum {
} private_key_enum;
typedef struct {
-PyObject* py_obj;
-CK_BBOOL* bool;
+ PyObject *py_obj;
+ CK_BBOOL *bool;
} PyObj2Bool_mapping_t;
/**
@@ -150,11 +149,11 @@ static const CK_RSA_PKCS_OAEP_PARAMS CONST_RSA_PKCS_OAEP_PARAMS = {
/**
* ipap11helper Exceptions
*/
-static PyObject *ipap11helperException; //parent class for all exceptions
+static PyObject *ipap11helperException; // parent class for all exceptions
-static PyObject *ipap11helperError; //general error
-static PyObject *ipap11helperNotFound; //key not found
-static PyObject *ipap11helperDuplicationError; //key already exists
+static PyObject *ipap11helperError; // general error
+static PyObject *ipap11helperNotFound; // key not found
+static PyObject *ipap11helperDuplicationError; // key already exists
/***********************************************************************
* Support functions
@@ -166,17 +165,17 @@ static PyObject *ipap11helperDuplicationError; //key already exists
goto final; \
} while(0);
-CK_BBOOL* pyobj_to_bool(PyObject* pyobj) {
+CK_BBOOL *pyobj_to_bool(PyObject *pyobj) {
if (PyObject_IsTrue(pyobj))
return &true;
return &false;
}
-void convert_py2bool(PyObj2Bool_mapping_t* mapping, int length) {
+void convert_py2bool(PyObj2Bool_mapping_t *mapping, int length) {
int i;
for (i = 0; i < length; ++i) {
- PyObject* py_obj = mapping[i].py_obj;
+ PyObject *py_obj = mapping[i].py_obj;
if (py_obj != NULL) {
mapping[i].bool = pyobj_to_bool(py_obj);
}
@@ -189,14 +188,14 @@ void convert_py2bool(PyObj2Bool_mapping_t* mapping, int length) {
* :param l length: of returned string
* Returns NULL if an error occurs, else pointer to string
*/
-unsigned char* unicode_to_char_array(PyObject *unicode, Py_ssize_t *l) {
- unsigned char* result = NULL;
- PyObject* utf8_str = PyUnicode_AsUTF8String(unicode);
+unsigned char *unicode_to_char_array(PyObject *unicode, Py_ssize_t *l) {
+ unsigned char *result = NULL;
+ PyObject *utf8_str = PyUnicode_AsUTF8String(unicode);
if (utf8_str == NULL) {
PyErr_SetString(ipap11helperError, "Unable to encode UTF-8");
return NULL;
}
- unsigned char* bytes = (unsigned char*) PyString_AS_STRING(utf8_str);
+ unsigned char *bytes = (unsigned char *) PyString_AS_STRING(utf8_str);
if (bytes == NULL) {
PyErr_SetString(ipap11helperError, "Unable to get bytes from string");
*l = 0;
@@ -206,8 +205,8 @@ unsigned char* unicode_to_char_array(PyObject *unicode, Py_ssize_t *l) {
/* Copy string first, then DECREF
* https://docs.python.org/2/c-api/string.html#c.PyString_AS_STRING
*/
- result = (unsigned char *) PyMem_Malloc((size_t) *l);
- if (result == NULL){
+ result = (unsigned char *) PyMem_Malloc((size_t) * l);
+ if (result == NULL) {
Py_DECREF(utf8_str);
PyErr_NoMemory();
return NULL;
@@ -223,7 +222,7 @@ unsigned char* unicode_to_char_array(PyObject *unicode, Py_ssize_t *l) {
/**
* Convert utf-8 encoded char array to unicode object
*/
-PyObject* char_array_to_unicode(const char* array, unsigned long l) {
+PyObject *char_array_to_unicode(const char *array, unsigned long l) {
return PyUnicode_DecodeUTF8(array, l, "strict");
}
@@ -232,13 +231,14 @@ PyObject* char_array_to_unicode(const char* array, unsigned long l) {
* :return: 1 if everything is ok, 0 if an error occurs and set the error message
*/
int check_return_value(CK_RV rv, const char *message) {
- char* errmsg = NULL;
+ char *errmsg = NULL;
if (rv != CKR_OK) {
- if (asprintf(&errmsg, "Error at %s: 0x%x\n", message, (unsigned int) rv)
- == -1) {
+ if (asprintf
+ (&errmsg, "Error at %s: 0x%x\n", message, (unsigned int) rv)
+ == -1) {
PyErr_SetString(ipap11helperError,
- "DOUBLE ERROR: Creating the error message caused an error");
- return 0; //
+ "DOUBLE ERROR: Creating the error message caused an error");
+ return 0;
}
if (errmsg != NULL) {
PyErr_SetString(ipap11helperError, errmsg);
@@ -257,8 +257,10 @@ int check_return_value(CK_RV rv, const char *message) {
* @warning input variables should not be modified when template is in use
*/
int _fill_template_from_parts(CK_ATTRIBUTE_PTR attr, CK_ULONG_PTR template_len,
- CK_BYTE_PTR id, CK_ULONG id_len, CK_BYTE_PTR label, CK_ULONG label_len,
- CK_OBJECT_CLASS *class, CK_BBOOL *cka_wrap, CK_BBOOL *cka_unwrap) {
+ CK_BYTE_PTR id, CK_ULONG id_len,
+ CK_BYTE_PTR label, CK_ULONG label_len,
+ CK_OBJECT_CLASS *class, CK_BBOOL *cka_wrap,
+ CK_BBOOL *cka_unwrap) {
int cnt = 0;
if (label != NULL) {
attr->type = CKA_LABEL;
@@ -334,14 +336,15 @@ int _parse_uri(const char *uri_str, P11KitUri **urip) {
if (p11_kit_uri_any_unrecognized(uri)) {
PyErr_SetString(ipap11helperError, "PKCS#11 URI contains "
- "unsupported attributes");
+ "unsupported attributes");
goto cleanup;
}
*urip = uri;
return 1;
- cleanup: p11_kit_uri_free(uri);
+cleanup:
+ p11_kit_uri_free(uri);
return 0;
}
@@ -354,9 +357,9 @@ int _parse_uri(const char *uri_str, P11KitUri **urip) {
* :param objects_count: number of objects in objects array
* :return: 1 if success, otherwise return 0 and set the exception
*/
-int _find_key(P11_Helper* self, CK_ATTRIBUTE_PTR template,
- CK_ULONG template_len, CK_OBJECT_HANDLE **objects,
- unsigned int *objects_count) {
+int _find_key(P11_Helper *self, CK_ATTRIBUTE_PTR template,
+ CK_ULONG template_len, CK_OBJECT_HANDLE **objects,
+ unsigned int *objects_count) {
CK_OBJECT_HANDLE result_object;
CK_ULONG objectCount;
CK_OBJECT_HANDLE *result_objects = NULL;
@@ -370,7 +373,7 @@ int _find_key(P11_Helper* self, CK_ATTRIBUTE_PTR template,
return 0;
rv = self->p11->C_FindObjects(self->session, &result_object, 1,
- &objectCount);
+ &objectCount);
if (!check_return_value(rv, "Find key"))
return 0;
@@ -391,7 +394,7 @@ int _find_key(P11_Helper* self, CK_ATTRIBUTE_PTR template,
result_objects[count] = result_object;
count++;
rv = self->p11->C_FindObjects(self->session, &result_object, 1,
- &objectCount);
+ &objectCount);
if (!check_return_value(rv, "Check for duplicated key")) {
free(result_objects);
return 0;
@@ -422,32 +425,38 @@ int _find_key(P11_Helper* self, CK_ATTRIBUTE_PTR template,
* and set the exception
*
*/
-int _id_exists(P11_Helper* self, CK_BYTE_PTR id, CK_ULONG id_len,
- CK_OBJECT_CLASS class) {
+int _id_exists(P11_Helper *self, CK_BYTE_PTR id, CK_ULONG id_len,
+ CK_OBJECT_CLASS class) {
CK_RV rv;
CK_ULONG object_count = 0;
CK_OBJECT_HANDLE result_object = 0;
CK_OBJECT_CLASS class_sec = CKO_SECRET_KEY;
- CK_ATTRIBUTE template_pub_priv[] = { { CKA_ID, id, id_len },
- { CKA_CLASS, &class, sizeof(CK_OBJECT_CLASS) }, };
+ CK_ATTRIBUTE template_pub_priv[] = {
+ { CKA_ID, id, id_len },
+ { CKA_CLASS, &class, sizeof(CK_OBJECT_CLASS) }
+ };
- CK_ATTRIBUTE template_sec[] = { { CKA_ID, id, id_len },
- { CKA_CLASS, &class_sec, sizeof(CK_OBJECT_CLASS) }, };
+ CK_ATTRIBUTE template_sec[] = {
+ { CKA_ID, id, id_len },
+ { CKA_CLASS, &class_sec, sizeof(CK_OBJECT_CLASS) }
+ };
- CK_ATTRIBUTE template_id[] = { { CKA_ID, id, id_len },};
+ CK_ATTRIBUTE template_id[] = {
+ { CKA_ID, id, id_len }
+ };
/*
* Only one secret key with same ID is allowed
*/
- if (class == CKO_SECRET_KEY){
+ if (class == CKO_SECRET_KEY) {
rv = self->p11->C_FindObjectsInit(self->session, template_id, 1);
if (!check_return_value(rv, "id, label exists init"))
return -1;
rv = self->p11->C_FindObjects(self->session, &result_object, 1,
- &object_count);
+ &object_count);
if (!check_return_value(rv, "id, label exists"))
return -1;
@@ -466,13 +475,13 @@ int _id_exists(P11_Helper* self, CK_BYTE_PTR id, CK_ULONG id_len,
* Public and private keys can share one ID, but
*/
- /* test if secret key with same ID exists*/
+ /* test if secret key with same ID exists */
rv = self->p11->C_FindObjectsInit(self->session, template_sec, 2);
if (!check_return_value(rv, "id, label exists init"))
return -1;
rv = self->p11->C_FindObjects(self->session, &result_object, 1,
- &object_count);
+ &object_count);
if (!check_return_value(rv, "id, label exists"))
return -1;
@@ -485,7 +494,7 @@ int _id_exists(P11_Helper* self, CK_BYTE_PTR id, CK_ULONG id_len,
return 1;
}
- /* test if pub/private key with same id exists*/
+ /* test if pub/private key with same id exists */
object_count = 0;
rv = self->p11->C_FindObjectsInit(self->session, template_pub_priv, 2);
@@ -493,7 +502,7 @@ int _id_exists(P11_Helper* self, CK_BYTE_PTR id, CK_ULONG id_len,
return -1;
rv = self->p11->C_FindObjects(self->session, &result_object, 1,
- &object_count);
+ &object_count);
if (!check_return_value(rv, "id, label exists"))
return -1;
@@ -518,8 +527,8 @@ int _id_exists(P11_Helper* self, CK_BYTE_PTR id, CK_ULONG id_len,
* Warning: do not dealloc param values, it is static variables
*/
int _set_wrapping_mech_parameters(CK_MECHANISM_TYPE mech_type,
- CK_MECHANISM *mech){
- switch(mech_type){
+ CK_MECHANISM *mech) {
+ switch (mech_type) {
case CKM_RSA_PKCS:
case CKM_AES_KEY_WRAP:
case CKM_AES_KEY_WRAP_PAD:
@@ -531,12 +540,13 @@ int _set_wrapping_mech_parameters(CK_MECHANISM_TYPE mech_type,
/* Use the same configuration as openSSL
* https://www.openssl.org/docs/crypto/RSA_public_encrypt.html
*/
- mech->pParameter = (void*) &CONST_RSA_PKCS_OAEP_PARAMS;
- mech->ulParameterLen = sizeof(CONST_RSA_PKCS_OAEP_PARAMS);
+ mech->pParameter = (void *) &CONST_RSA_PKCS_OAEP_PARAMS;
+ mech->ulParameterLen = sizeof(CONST_RSA_PKCS_OAEP_PARAMS);
break;
default:
- PyErr_SetString(ipap11helperError, "Unsupported wrapping mechanism");
+ PyErr_SetString(ipap11helperError,
+ "Unsupported wrapping mechanism");
return 0;
}
mech->mechanism = mech_type;
@@ -548,12 +558,12 @@ int _set_wrapping_mech_parameters(CK_MECHANISM_TYPE mech_type,
* P11_Helper object
*/
-static void P11_Helper_dealloc(P11_Helper* self) {
- self->ob_type->tp_free((PyObject*) self);
+static void P11_Helper_dealloc(P11_Helper *self) {
+ self->ob_type->tp_free((PyObject *) self);
}
-static PyObject *
-P11_Helper_new(PyTypeObject *type, PyObject *args, PyObject *kwds) {
+static PyObject *P11_Helper_new(PyTypeObject *type, PyObject *args,
+ PyObject *kwds) {
P11_Helper *self;
self = (P11_Helper *) type->tp_alloc(type, 0);
@@ -569,17 +579,17 @@ P11_Helper_new(PyTypeObject *type, PyObject *args, PyObject *kwds) {
}
static int P11_Helper_init(P11_Helper *self, PyObject *args, PyObject *kwds) {
- const char* user_pin = NULL;
- const char* library_path = NULL;
+ const char *user_pin = NULL;
+ const char *library_path = NULL;
CK_RV rv;
void *module_handle = NULL;
- /* Parse method args*/
+ /* Parse method args */
if (!PyArg_ParseTuple(args, "iss", &self->slot, &user_pin, &library_path))
return -1;
CK_C_GetFunctionList pGetFunctionList = loadLibrary(library_path,
- &module_handle);
+ &module_handle);
if (!pGetFunctionList) {
PyErr_SetString(ipap11helperError, "Could not load the library.");
return -1;
@@ -603,29 +613,30 @@ static int P11_Helper_init(P11_Helper *self, PyObject *args, PyObject *kwds) {
*Start session
*/
rv = self->p11->C_OpenSession(self->slot,
- CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &self->session);
+ CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL,
+ NULL, &self->session);
if (!check_return_value(rv, "open session"))
return -1;
/*
* Login
*/
- rv = self->p11->C_Login(self->session, CKU_USER, (CK_BYTE*) user_pin,
- strlen((char *) user_pin));
+ rv = self->p11->C_Login(self->session, CKU_USER, (CK_BYTE *) user_pin,
+ strlen((char *) user_pin));
if (!check_return_value(rv, "log in"))
return -1;
return 0;
}
-static PyMemberDef P11_Helper_members[] = { { NULL } /* Sentinel */
+static PyMemberDef P11_Helper_members[] = {
+ { NULL } /* Sentinel */
};
/*
* Finalize operations with pkcs11 library
*/
-static PyObject *
-P11_Helper_finalize(P11_Helper* self) {
+static PyObject *P11_Helper_finalize(P11_Helper *self) {
CK_RV rv;
if (self->p11 == NULL)
@@ -671,22 +682,23 @@ P11_Helper_finalize(P11_Helper* self) {
*
*:return: master key handle
*/
-static PyObject *
-P11_Helper_generate_master_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
-
- PyObj2Bool_mapping_t attrs[] = { { NULL, &true }, //sec_en_cka_copyable
- { NULL, &false }, //sec_en_cka_decrypt
- { NULL, &false }, //sec_en_cka_derive
- { NULL, &false }, //sec_en_cka_encrypt
- { NULL, &true }, //sec_en_cka_extractable
- { NULL, &true }, //sec_en_cka_modifiable
- { NULL, &true }, //sec_en_cka_private
- { NULL, &true }, //sec_en_cka_sensitive
- { NULL, &false }, //sec_en_cka_sign
- { NULL, &true }, //sec_en_cka_unwrap
- { NULL, &false }, //sec_en_cka_verify
- { NULL, &true }, //sec_en_cka_wrap
- { NULL, &false } //sec_en_cka_wrap_with_trusted
+static PyObject *P11_Helper_generate_master_key(P11_Helper *self,
+ PyObject *args,
+ PyObject *kwds) {
+ PyObj2Bool_mapping_t attrs[] = {
+ { NULL, &true }, // sec_en_cka_copyable
+ { NULL, &false }, // sec_en_cka_decrypt
+ { NULL, &false }, // sec_en_cka_derive
+ { NULL, &false }, // sec_en_cka_encrypt
+ { NULL, &true }, // sec_en_cka_extractable
+ { NULL, &true }, // sec_en_cka_modifiable
+ { NULL, &true }, // sec_en_cka_private
+ { NULL, &true }, // sec_en_cka_sensitive
+ { NULL, &false }, // sec_en_cka_sign
+ { NULL, &true }, // sec_en_cka_unwrap
+ { NULL, &false }, // sec_en_cka_verify
+ { NULL, &true }, // sec_en_cka_wrap
+ { NULL, &false } // sec_en_cka_wrap_with_trusted
};
CK_ULONG key_length = 16;
@@ -701,43 +713,51 @@ P11_Helper_generate_master_key(P11_Helper* self, PyObject *args, PyObject *kwds)
int r;
int error = 0;
static char *kwlist[] = { "subject", "id", "key_length", "cka_copyable",
- "cka_decrypt", "cka_derive", "cka_encrypt", "cka_extractable",
- "cka_modifiable", "cka_private", "cka_sensitive", "cka_sign",
- "cka_unwrap", "cka_verify", "cka_wrap", "cka_wrap_with_trusted",
- NULL };
+ "cka_decrypt", "cka_derive", "cka_encrypt", "cka_extractable",
+ "cka_modifiable", "cka_private", "cka_sensitive", "cka_sign",
+ "cka_unwrap", "cka_verify", "cka_wrap", "cka_wrap_with_trusted",
+ NULL
+ };
//TODO check long overflow
if (!PyArg_ParseTupleAndKeywords(args, kwds, "Us#|kOOOOOOOOOOOOO", kwlist,
- &label_unicode, &id, &id_length, &key_length,
- &attrs[sec_en_cka_copyable].py_obj,
- &attrs[sec_en_cka_decrypt].py_obj, &attrs[sec_en_cka_derive].py_obj,
- &attrs[sec_en_cka_encrypt].py_obj,
- &attrs[sec_en_cka_extractable].py_obj,
- &attrs[sec_en_cka_modifiable].py_obj,
- &attrs[sec_en_cka_private].py_obj,
- &attrs[sec_en_cka_sensitive].py_obj, &attrs[sec_en_cka_sign].py_obj,
- &attrs[sec_en_cka_unwrap].py_obj, &attrs[sec_en_cka_verify].py_obj,
- &attrs[sec_en_cka_wrap].py_obj,
- &attrs[sec_en_cka_wrap_with_trusted].py_obj)) {
+ &label_unicode, &id, &id_length,
+ &key_length,
+ &attrs[sec_en_cka_copyable].py_obj,
+ &attrs[sec_en_cka_decrypt].py_obj,
+ &attrs[sec_en_cka_derive].py_obj,
+ &attrs[sec_en_cka_encrypt].py_obj,
+ &attrs[sec_en_cka_extractable].py_obj,
+ &attrs[sec_en_cka_modifiable].py_obj,
+ &attrs[sec_en_cka_private].py_obj,
+ &attrs[sec_en_cka_sensitive].py_obj,
+ &attrs[sec_en_cka_sign].py_obj,
+ &attrs[sec_en_cka_unwrap].py_obj,
+ &attrs[sec_en_cka_verify].py_obj,
+ &attrs[sec_en_cka_wrap].py_obj,
+ &attrs
+ [sec_en_cka_wrap_with_trusted].py_obj)) {
return NULL;
}
- label = (unsigned char*) unicode_to_char_array(label_unicode,
- &label_length);
- if (label == NULL) GOTO_FAIL;
+ label = (unsigned char *) unicode_to_char_array(label_unicode,
+ &label_length);
+ if (label == NULL)
+ GOTO_FAIL;
- CK_MECHANISM mechanism = { //TODO param?
- CKM_AES_KEY_GEN, NULL_PTR, 0 };
+ CK_MECHANISM mechanism = { //TODO param?
+ CKM_AES_KEY_GEN, NULL_PTR, 0
+ };
if ((key_length != 16) && (key_length != 24) && (key_length != 32)) {
PyErr_SetString(ipap11helperError,
- "generate_master_key: key length allowed values are: 16, 24 and 32");
+ "generate_master_key: key length allowed values are: 16, 24 and 32");
GOTO_FAIL;
}
r = _id_exists(self, id, id_length, CKO_SECRET_KEY);
if (r == 1) {
PyErr_SetString(ipap11helperDuplicationError,
- "Master key with same ID already exists");
+ "Master key with same ID already exists");
GOTO_FAIL;
} else if (r == -1) {
GOTO_FAIL;
@@ -751,7 +771,7 @@ P11_Helper_generate_master_key(P11_Helper* self, PyObject *args, PyObject *kwds)
{ CKA_LABEL, label, label_length },
{ CKA_TOKEN, &true, sizeof(CK_BBOOL) },
{ CKA_VALUE_LEN, &key_length, sizeof(key_length) },
- //{CKA_COPYABLE, attrs[sec_en_cka_copyable].bool, sizeof(CK_BBOOL)}, //TODO Softhsm doesn't support it
+ //{ CKA_COPYABLE, attrs[sec_en_cka_copyable].bool, sizeof(CK_BBOOL) }, //TODO Softhsm doesn't support it
{ CKA_DECRYPT, attrs[sec_en_cka_decrypt].bool, sizeof(CK_BBOOL) },
{ CKA_DERIVE, attrs[sec_en_cka_derive].bool, sizeof(CK_BBOOL) },
{ CKA_ENCRYPT, attrs[sec_en_cka_encrypt].bool, sizeof(CK_BBOOL) },
@@ -767,14 +787,17 @@ P11_Helper_generate_master_key(P11_Helper* self, PyObject *args, PyObject *kwds)
};
rv = self->p11->C_GenerateKey(self->session, &mechanism, symKeyTemplate,
- sizeof(symKeyTemplate) / sizeof(CK_ATTRIBUTE), &master_key);
- if (!check_return_value(rv, "generate master key")){
+ sizeof(symKeyTemplate) /
+ sizeof(CK_ATTRIBUTE), &master_key);
+ if (!check_return_value(rv, "generate master key")) {
GOTO_FAIL;
}
final:
- if (label != NULL) PyMem_Free(label);
+ if (label != NULL)
+ PyMem_Free(label);
- if (error) return NULL;
+ if (error)
+ return NULL;
return Py_BuildValue("k", master_key);
}
@@ -783,123 +806,125 @@ final:
*
* :returns: tuple (public_key_handle, private_key_handle)
*/
-static PyObject *
-P11_Helper_generate_replica_key_pair(P11_Helper* self, PyObject *args,
- PyObject *kwds) {
+static PyObject *P11_Helper_generate_replica_key_pair(P11_Helper *self,
+ PyObject *args,
+ PyObject *kwds) {
CK_RV rv;
int r;
CK_ULONG modulus_bits = 2048;
CK_BYTE *id = NULL;
int id_length = 0;
- PyObject* label_unicode = NULL;
+ PyObject *label_unicode = NULL;
Py_ssize_t label_length = 0;
CK_BYTE *label = NULL;
int error = 0;
- PyObj2Bool_mapping_t attrs_pub[] = { { NULL, &true }, //pub_en_cka_copyable
- { NULL, &false }, //pub_en_cka_derive
- { NULL, &false }, //pub_en_cka_encrypt
- { NULL, &true }, //pub_en_cka_modifiable
- { NULL, &true }, //pub_en_cka_private
- { NULL, &false }, //pub_en_cka_trusted
- { NULL, &false }, //pub_en_cka_verify
- { NULL, &false }, //pub_en_cka_verify_recover
- { NULL, &true }, //pub_en_cka_wrap
- };
-
- PyObj2Bool_mapping_t attrs_priv[] = { { NULL, &false }, //priv_en_cka_always_authenticate
- { NULL, &true }, //priv_en_cka_copyable
- { NULL, &false }, //priv_en_cka_decrypt
- { NULL, &false }, //priv_en_cka_derive
- { NULL, &false }, //priv_en_cka_extractable
- { NULL, &true }, //priv_en_cka_modifiable
- { NULL, &true }, //priv_en_cka_private
- { NULL, &true }, //priv_en_cka_sensitive
- { NULL, &false }, //priv_en_cka_sign
- { NULL, &false }, //priv_en_cka_sign_recover
- { NULL, &true }, //priv_en_cka_unwrap
- { NULL, &false } //priv_en_cka_wrap_with_trusted
+ PyObj2Bool_mapping_t attrs_pub[] = {
+ { NULL, &true }, // pub_en_cka_copyable
+ { NULL, &false }, // pub_en_cka_derive
+ { NULL, &false }, // pub_en_cka_encrypt
+ { NULL, &true }, // pub_en_cka_modifiable
+ { NULL, &true }, // pub_en_cka_private
+ { NULL, &false }, // pub_en_cka_trusted
+ { NULL, &false }, // pub_en_cka_verify
+ { NULL, &false }, // pub_en_cka_verify_recover
+ { NULL, &true }, // pub_en_cka_wrap
+ };
+
+ PyObj2Bool_mapping_t attrs_priv[] = {
+ { NULL, &false }, // priv_en_cka_always_authenticate
+ { NULL, &true }, // priv_en_cka_copyable
+ { NULL, &false }, // priv_en_cka_decrypt
+ { NULL, &false }, // priv_en_cka_derive
+ { NULL, &false }, // priv_en_cka_extractable
+ { NULL, &true }, // priv_en_cka_modifiable
+ { NULL, &true }, // priv_en_cka_private
+ { NULL, &true }, // priv_en_cka_sensitive
+ { NULL, &false }, // priv_en_cka_sign
+ { NULL, &false }, // priv_en_cka_sign_recover
+ { NULL, &true }, // priv_en_cka_unwrap
+ { NULL, &false } // priv_en_cka_wrap_with_trusted
};
static char *kwlist[] = { "label", "id", "modulus_bits",
- /* public key kw */
- "pub_cka_copyable", "pub_cka_derive", "pub_cka_encrypt",
- "pub_cka_modifiable", "pub_cka_private", "pub_cka_trusted",
- "pub_cka_verify", "pub_cka_verify_recover", "pub_cka_wrap",
- /* private key kw*/
- "priv_cka_always_authenticate", "priv_cka_copyable",
- "priv_cka_decrypt", "priv_cka_derive", "priv_cka_extractable",
- "priv_cka_modifiable", "priv_cka_private", "priv_cka_sensitive",
- "priv_cka_sign", "priv_cka_sign_recover", "priv_cka_unwrap",
- "priv_cka_wrap_with_trusted", NULL };
+ /* public key kw */
+ "pub_cka_copyable", "pub_cka_derive", "pub_cka_encrypt",
+ "pub_cka_modifiable", "pub_cka_private", "pub_cka_trusted",
+ "pub_cka_verify", "pub_cka_verify_recover", "pub_cka_wrap",
+ /* private key kw */
+ "priv_cka_always_authenticate", "priv_cka_copyable",
+ "priv_cka_decrypt", "priv_cka_derive", "priv_cka_extractable",
+ "priv_cka_modifiable", "priv_cka_private", "priv_cka_sensitive",
+ "priv_cka_sign", "priv_cka_sign_recover", "priv_cka_unwrap",
+ "priv_cka_wrap_with_trusted", NULL
+ };
if (!PyArg_ParseTupleAndKeywords(args, kwds, "Us#|kOOOOOOOOOOOOOOOOOOOOO",
- kwlist, &label_unicode, &id, &id_length, &modulus_bits,
- /* public key kw */
- &attrs_pub[pub_en_cka_copyable].py_obj,
- &attrs_pub[pub_en_cka_derive].py_obj,
- &attrs_pub[pub_en_cka_encrypt].py_obj,
- &attrs_pub[pub_en_cka_modifiable].py_obj,
- &attrs_pub[pub_en_cka_private].py_obj,
- &attrs_pub[pub_en_cka_trusted].py_obj,
- &attrs_pub[pub_en_cka_verify].py_obj,
- &attrs_pub[pub_en_cka_verify_recover].py_obj,
- &attrs_pub[pub_en_cka_wrap].py_obj,
- /* private key kw*/
- &attrs_priv[priv_en_cka_always_authenticate].py_obj,
- &attrs_priv[priv_en_cka_copyable].py_obj,
- &attrs_priv[priv_en_cka_decrypt].py_obj,
- &attrs_priv[priv_en_cka_derive].py_obj,
- &attrs_priv[priv_en_cka_extractable].py_obj,
- &attrs_priv[priv_en_cka_modifiable].py_obj,
- &attrs_priv[priv_en_cka_private].py_obj,
- &attrs_priv[priv_en_cka_sensitive].py_obj,
- &attrs_priv[priv_en_cka_sign].py_obj,
- &attrs_priv[priv_en_cka_sign_recover].py_obj,
- &attrs_priv[priv_en_cka_unwrap].py_obj,
- &attrs_priv[priv_en_cka_wrap_with_trusted].py_obj)) {
+ kwlist, &label_unicode, &id, &id_length,
+ &modulus_bits,
+ /* public key kw */
+ &attrs_pub[pub_en_cka_copyable].py_obj,
+ &attrs_pub[pub_en_cka_derive].py_obj,
+ &attrs_pub[pub_en_cka_encrypt].py_obj,
+ &attrs_pub[pub_en_cka_modifiable].py_obj,
+ &attrs_pub[pub_en_cka_private].py_obj,
+ &attrs_pub[pub_en_cka_trusted].py_obj,
+ &attrs_pub[pub_en_cka_verify].py_obj,
+ &attrs_pub[pub_en_cka_verify_recover].py_obj,
+ &attrs_pub[pub_en_cka_wrap].py_obj,
+ /* private key kw */
+ &attrs_priv[priv_en_cka_always_authenticate].py_obj,
+ &attrs_priv[priv_en_cka_copyable].py_obj,
+ &attrs_priv[priv_en_cka_decrypt].py_obj,
+ &attrs_priv[priv_en_cka_derive].py_obj,
+ &attrs_priv[priv_en_cka_extractable].py_obj,
+ &attrs_priv[priv_en_cka_modifiable].py_obj,
+ &attrs_priv[priv_en_cka_private].py_obj,
+ &attrs_priv[priv_en_cka_sensitive].py_obj,
+ &attrs_priv[priv_en_cka_sign].py_obj,
+ &attrs_priv[priv_en_cka_sign_recover].py_obj,
+ &attrs_priv[priv_en_cka_unwrap].py_obj,
+ &attrs_priv[priv_en_cka_wrap_with_trusted].py_obj)) {
return NULL;
}
label = unicode_to_char_array(label_unicode, &label_length);
- if (label == NULL) GOTO_FAIL;
+ if (label == NULL)
+ GOTO_FAIL;
CK_OBJECT_HANDLE public_key, private_key;
- CK_MECHANISM mechanism = {
- CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0 };
+ CK_MECHANISM mechanism = { CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0 };
r = _id_exists(self, id, id_length, CKO_PRIVATE_KEY);
if (r == 1) {
PyErr_SetString(ipap11helperDuplicationError,
- "Private key with same ID already exists");
+ "Private key with same ID already exists");
GOTO_FAIL;
- } else if (r == -1) {
+ } else if (r == -1)
GOTO_FAIL;
- }
r = _id_exists(self, id, id_length, CKO_PUBLIC_KEY);
if (r == 1) {
PyErr_SetString(ipap11helperDuplicationError,
- "Public key with same ID already exists");
+ "Public key with same ID already exists");
GOTO_FAIL;
- } else if (r == -1) {
+ } else if (r == -1)
GOTO_FAIL;
- }
/* Process keyword boolean arguments */
convert_py2bool(attrs_pub,
- sizeof(attrs_pub) / sizeof(PyObj2Bool_mapping_t));
+ sizeof(attrs_pub) / sizeof(PyObj2Bool_mapping_t));
convert_py2bool(attrs_priv,
- sizeof(attrs_priv) / sizeof(PyObj2Bool_mapping_t));
+ sizeof(attrs_priv) / sizeof(PyObj2Bool_mapping_t));
- CK_BYTE public_exponent[] = { 1, 0, 1 }; /* 65537 (RFC 6376 section 3.3.1)*/
+ CK_BYTE public_exponent[] = { 1, 0, 1 }; /* 65537 (RFC 6376 section 3.3.1) */
CK_ATTRIBUTE publicKeyTemplate[] = {
{ CKA_ID, id, id_length },
{ CKA_LABEL, label, label_length },
{ CKA_TOKEN, &true, sizeof(true) },
{ CKA_MODULUS_BITS, &modulus_bits, sizeof(modulus_bits) },
{ CKA_PUBLIC_EXPONENT, public_exponent, 3 },
- //{CKA_COPYABLE, attrs_pub[pub_en_cka_copyable].bool, sizeof(CK_BBOOL)}, //TODO Softhsm doesn't support it
+ //{ CKA_COPYABLE, attrs_pub[pub_en_cka_copyable].bool, sizeof(CK_BBOOL) }, //TODO Softhsm doesn't support it
{ CKA_DERIVE, attrs_pub[pub_en_cka_derive].bool, sizeof(CK_BBOOL) },
{ CKA_ENCRYPT, attrs_pub[pub_en_cka_encrypt].bool, sizeof(CK_BBOOL) },
{ CKA_MODIFIABLE, attrs_pub[pub_en_cka_modifiable].bool, sizeof(CK_BBOOL) },
@@ -914,7 +939,7 @@ P11_Helper_generate_replica_key_pair(P11_Helper* self, PyObject *args,
{ CKA_LABEL, label, label_length },
{ CKA_TOKEN, &true, sizeof(true) },
{ CKA_ALWAYS_AUTHENTICATE, attrs_priv[priv_en_cka_always_authenticate].bool, sizeof(CK_BBOOL) },
- //{CKA_COPYABLE, attrs_priv[priv_en_cka_copyable].bool, sizeof(CK_BBOOL)}, //TODO Softhsm doesn't support it
+ //{ CKA_COPYABLE, attrs_priv[priv_en_cka_copyable].bool, sizeof(CK_BBOOL) }, //TODO Softhsm doesn't support it
{ CKA_DECRYPT, attrs_priv[priv_en_cka_decrypt].bool, sizeof(CK_BBOOL) },
{ CKA_DERIVE, attrs_priv[priv_en_cka_derive].bool, sizeof(CK_BBOOL) },
{ CKA_EXTRACTABLE, attrs_priv[priv_en_cka_extractable].bool, sizeof(CK_BBOOL) },
@@ -928,26 +953,29 @@ P11_Helper_generate_replica_key_pair(P11_Helper* self, PyObject *args,
};
rv = self->p11->C_GenerateKeyPair(self->session, &mechanism,
- publicKeyTemplate, sizeof(publicKeyTemplate) / sizeof(CK_ATTRIBUTE),
- privateKeyTemplate,
- sizeof(privateKeyTemplate) / sizeof(CK_ATTRIBUTE), &public_key,
- &private_key);
- if (!check_return_value(rv, "generate key pair")){
+ publicKeyTemplate,
+ sizeof(publicKeyTemplate) / sizeof(CK_ATTRIBUTE),
+ privateKeyTemplate,
+ sizeof(privateKeyTemplate) / sizeof(CK_ATTRIBUTE),
+ &public_key,
+ &private_key);
+ if (!check_return_value(rv, "generate key pair"))
GOTO_FAIL;
- }
final:
- if (label != NULL) PyMem_Free(label);
+ if (label != NULL)
+ PyMem_Free(label);
- if (error) return NULL;
+ if (error)
+ return NULL;
return Py_BuildValue("(kk)", public_key, private_key);
}
/**
* Find key
*/
-static PyObject *
-P11_Helper_find_keys(P11_Helper* self, PyObject *args, PyObject *kwds) {
+static PyObject *P11_Helper_find_keys(P11_Helper *self, PyObject *args,
+ PyObject *kwds) {
CK_OBJECT_CLASS class = CKO_VENDOR_DEFINED;
CK_OBJECT_CLASS *class_ptr = &class;
CK_BYTE *id = NULL;
@@ -970,18 +998,20 @@ P11_Helper_find_keys(P11_Helper* self, PyObject *args, PyObject *kwds) {
int error = 0;
static char *kwlist[] = { "objclass", "label", "id", "cka_wrap",
- "cka_unwrap", "uri", NULL };
+ "cka_unwrap", "uri", NULL
+ };
//TODO check long overflow
if (!PyArg_ParseTupleAndKeywords(args, kwds, "|iUz#OOs", kwlist, &class,
- &label_unicode, &id, &id_length, &cka_wrap_bool, &cka_unwrap_bool,
- &uri_str)) {
+ &label_unicode, &id, &id_length,
+ &cka_wrap_bool, &cka_unwrap_bool,
+ &uri_str)) {
GOTO_FAIL;
}
if (label_unicode != NULL) {
- label = (unsigned char*) unicode_to_char_array(label_unicode,
- &label_length); //TODO verify signed/unsigned
- if (label == NULL) GOTO_FAIL;
+ label = (unsigned char *) unicode_to_char_array(label_unicode, &label_length); //TODO verify signed/unsigned
+ if (label == NULL)
+ GOTO_FAIL;
}
if (cka_wrap_bool != NULL) {
@@ -1004,8 +1034,9 @@ P11_Helper_find_keys(P11_Helper* self, PyObject *args, PyObject *kwds) {
class_ptr = NULL;
if (uri_str == NULL)
- _fill_template_from_parts(template, &template_len, id, id_length, label,
- label_length, class_ptr, ckawrap, ckaunwrap);
+ _fill_template_from_parts(template, &template_len, id, id_length,
+ label, label_length, class_ptr, ckawrap,
+ ckaunwrap);
else {
if (!_parse_uri(uri_str, &uri)) {
GOTO_FAIL;
@@ -1015,40 +1046,44 @@ P11_Helper_find_keys(P11_Helper* self, PyObject *args, PyObject *kwds) {
* Template contains pointers to values inside URI! */
}
- if (!_find_key(self, template, template_len, &objects, &objects_len)){
+ if (!_find_key(self, template, template_len, &objects, &objects_len)) {
GOTO_FAIL;
}
result_list = PyList_New(objects_len);
if (result_list == NULL) {
PyErr_SetString(ipap11helperError,
- "Unable to create list with results");
+ "Unable to create list with results");
GOTO_FAIL;
}
for (int i = 0; i < objects_len; ++i) {
if (PyList_SetItem(result_list, i, Py_BuildValue("k", objects[i]))
- == -1) {
+ == -1) {
PyErr_SetString(ipap11helperError,
- "Unable to add to value to result list");
+ "Unable to add to value to result list");
Py_DECREF(result_list);
GOTO_FAIL;
}
}
final:
- if (label != NULL) PyMem_Free(label);
- if (objects != NULL) free(objects);
- if (uri != NULL) p11_kit_uri_free(uri);
-
- if (error) return NULL;
+ if (label != NULL)
+ PyMem_Free(label);
+ if (objects != NULL)
+ free(objects);
+ if (uri != NULL)
+ p11_kit_uri_free(uri);
+
+ if (error)
+ return NULL;
return result_list;
}
/**
* delete key
*/
-static PyObject *
-P11_Helper_delete_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
+static PyObject *P11_Helper_delete_key(P11_Helper *self, PyObject *args,
+ PyObject *kwds) {
CK_RV rv;
CK_OBJECT_HANDLE key_handle = 0;
static char *kwlist[] = { "key_handle", NULL };
@@ -1067,8 +1102,8 @@ P11_Helper_delete_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
/**
* export RSA public key
*/
-static PyObject *
-P11_Helper_export_RSA_public_key(P11_Helper* self, CK_OBJECT_HANDLE object) {
+static PyObject *P11_Helper_export_RSA_public_key(P11_Helper *self,
+ CK_OBJECT_HANDLE object) {
CK_RV rv;
PyObject *ret = NULL;
@@ -1084,64 +1119,70 @@ P11_Helper_export_RSA_public_key(P11_Helper* self, CK_OBJECT_HANDLE object) {
CK_KEY_TYPE key_type = CKK_RSA;
int error = 0;
- CK_ATTRIBUTE obj_template[] = { { CKA_MODULUS, NULL_PTR, 0 }, {
- CKA_PUBLIC_EXPONENT, NULL_PTR, 0 }, { CKA_CLASS, &class,
- sizeof(class) }, { CKA_KEY_TYPE, &key_type, sizeof(key_type) } };
+ CK_ATTRIBUTE obj_template[] = {
+ { CKA_MODULUS, NULL_PTR, 0 },
+ { CKA_PUBLIC_EXPONENT, NULL_PTR, 0 },
+ { CKA_CLASS, &class, sizeof(class) },
+ { CKA_KEY_TYPE, &key_type, sizeof(key_type) }
+ };
- rv = self->p11->C_GetAttributeValue(self->session, object, obj_template, 4);
- if (!check_return_value(rv, "get RSA public key values - prepare")){
+ rv = self->p11->C_GetAttributeValue(self->session, object, obj_template,
+ 4); // FIXME: sizeof
+ if (!check_return_value(rv, "get RSA public key values - prepare"))
GOTO_FAIL;
- }
- /* Set proper size for attributes*/
- modulus = (CK_BYTE_PTR) PyMem_Malloc(
- obj_template[0].ulValueLen * sizeof(CK_BYTE));
- if (modulus == NULL){
+ /* Set proper size for attributes */
+ modulus =
+ (CK_BYTE_PTR) PyMem_Malloc(obj_template[0].ulValueLen *
+ sizeof(CK_BYTE));
+ if (modulus == NULL) {
PyErr_NoMemory();
GOTO_FAIL;
}
obj_template[0].pValue = modulus;
- exponent = (CK_BYTE_PTR) PyMem_Malloc(
- obj_template[1].ulValueLen * sizeof(CK_BYTE));
- if (exponent == NULL){
+ exponent =
+ (CK_BYTE_PTR) PyMem_Malloc(obj_template[1].ulValueLen *
+ sizeof(CK_BYTE));
+ if (exponent == NULL) {
PyErr_NoMemory();
GOTO_FAIL;
}
obj_template[1].pValue = exponent;
- rv = self->p11->C_GetAttributeValue(self->session, object, obj_template, 4);
- if (!check_return_value(rv, "get RSA public key values")){
+ rv = self->p11->C_GetAttributeValue(self->session, object, obj_template,
+ 4); // FIXME: fixeof
+ if (!check_return_value(rv, "get RSA public key values")) {
GOTO_FAIL;
}
/* Check if the key is RSA public key */
if (class != CKO_PUBLIC_KEY) {
PyErr_SetString(ipap11helperError,
- "export_RSA_public_key: required public key class");
+ "export_RSA_public_key: required public key class");
GOTO_FAIL;
}
if (key_type != CKK_RSA) {
PyErr_SetString(ipap11helperError,
- "export_RSA_public_key: required RSA key type");
+ "export_RSA_public_key: required RSA key type");
GOTO_FAIL;
}
rsa = RSA_new();
pkey = EVP_PKEY_new();
n = BN_bin2bn((const unsigned char *) modulus,
- obj_template[0].ulValueLen * sizeof(CK_BYTE), NULL);
+ obj_template[0].ulValueLen * sizeof(CK_BYTE), NULL);
if (n == NULL) {
PyErr_SetString(ipap11helperError,
- "export_RSA_public_key: internal error: unable to convert modulus");
+ "export_RSA_public_key: internal error: unable to convert modulus");
GOTO_FAIL;
}
e = BN_bin2bn((const unsigned char *) exponent,
- obj_template[1].ulValueLen * sizeof(CK_BYTE), NULL);
+ obj_template[1].ulValueLen * sizeof(CK_BYTE), NULL);
if (e == NULL) {
PyErr_SetString(ipap11helperError,
- "export_RSA_public_key: internal error: unable to convert exponent");
+ "export_RSA_public_key: internal error: unable to convert exponent");
GOTO_FAIL;
}
@@ -1151,7 +1192,7 @@ P11_Helper_export_RSA_public_key(P11_Helper* self, CK_OBJECT_HANDLE object) {
if (EVP_PKEY_set1_RSA(pkey, rsa) == 0) {
PyErr_SetString(ipap11helperError,
- "export_RSA_public_key: internal error: EVP_PKEY_set1_RSA failed");
+ "export_RSA_public_key: internal error: EVP_PKEY_set1_RSA failed");
GOTO_FAIL;
}
@@ -1160,7 +1201,7 @@ P11_Helper_export_RSA_public_key(P11_Helper* self, CK_OBJECT_HANDLE object) {
final:
if (rsa != NULL) {
- RSA_free(rsa); // this free also 'n' and 'e'
+ RSA_free(rsa); // this frees also 'n' and 'e'
} else {
if (n != NULL)
BN_free(n);
@@ -1168,12 +1209,17 @@ final:
BN_free(e);
}
- if (pkey != NULL) EVP_PKEY_free(pkey);
- if (pp != NULL) free(pp);
- if (modulus != NULL) PyMem_Free(modulus);
- if (exponent != NULL) PyMem_Free(exponent);
+ if (pkey != NULL)
+ EVP_PKEY_free(pkey);
+ if (pp != NULL)
+ free(pp);
+ if (modulus != NULL)
+ PyMem_Free(modulus);
+ if (exponent != NULL)
+ PyMem_Free(exponent);
- if (error) return NULL;
+ if (error)
+ return NULL;
return ret;
}
@@ -1182,8 +1228,8 @@ final:
*
* Export public key in SubjectPublicKeyInfo (RFC5280) DER encoded format
*/
-static PyObject *
-P11_Helper_export_public_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
+static PyObject *P11_Helper_export_public_key(P11_Helper *self,
+ PyObject *args, PyObject *kwds) {
CK_RV rv;
CK_OBJECT_HANDLE object = 0;
CK_OBJECT_CLASS class = CKO_PUBLIC_KEY;
@@ -1194,16 +1240,20 @@ P11_Helper_export_public_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
return NULL;
}
- CK_ATTRIBUTE obj_template[] = { { CKA_CLASS, &class, sizeof(class) }, {
- CKA_KEY_TYPE, &key_type, sizeof(key_type) } };
+ CK_ATTRIBUTE obj_template[] = {
+ { CKA_CLASS, &class, sizeof(class) },
+ { CKA_KEY_TYPE, &key_type, sizeof(key_type) }
+ };
- rv = self->p11->C_GetAttributeValue(self->session, object, obj_template, 2);
- if (!check_return_value(rv, "export_public_key: get RSA public key values"))
+ rv = self->p11->C_GetAttributeValue(self->session, object, obj_template,
+ 2);
+ if (!check_return_value
+ (rv, "export_public_key: get RSA public key values"))
return NULL;
if (class != CKO_PUBLIC_KEY) {
PyErr_SetString(ipap11helperError,
- "export_public_key: required public key class");
+ "export_public_key: required public key class");
return NULL;
}
@@ -1213,7 +1263,7 @@ P11_Helper_export_public_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
break;
default:
PyErr_SetString(ipap11helperError,
- "export_public_key: unsupported key type");
+ "export_public_key: unsupported key type");
}
return NULL;
@@ -1223,13 +1273,21 @@ P11_Helper_export_public_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
* Import RSA public key
*
*/
-static PyObject *
-P11_Helper_import_RSA_public_key(P11_Helper* self, CK_UTF8CHAR *label,
- Py_ssize_t label_length, CK_BYTE *id, Py_ssize_t id_length,
- EVP_PKEY *pkey, CK_BBOOL* cka_copyable, CK_BBOOL* cka_derive,
- CK_BBOOL* cka_encrypt, CK_BBOOL* cka_modifiable, CK_BBOOL* cka_private,
- CK_BBOOL* cka_trusted, CK_BBOOL* cka_verify,
- CK_BBOOL* cka_verify_recover, CK_BBOOL* cka_wrap) {
+static PyObject *P11_Helper_import_RSA_public_key(P11_Helper *self,
+ CK_UTF8CHAR * label,
+ Py_ssize_t label_length,
+ CK_BYTE * id,
+ Py_ssize_t id_length,
+ EVP_PKEY * pkey,
+ CK_BBOOL *cka_copyable,
+ CK_BBOOL *cka_derive,
+ CK_BBOOL *cka_encrypt,
+ CK_BBOOL *cka_modifiable,
+ CK_BBOOL *cka_private,
+ CK_BBOOL *cka_trusted,
+ CK_BBOOL *cka_verify,
+ CK_BBOOL *cka_verify_recover,
+ CK_BBOOL *cka_wrap) {
CK_RV rv;
CK_OBJECT_CLASS class = CKO_PUBLIC_KEY;
CK_KEY_TYPE keyType = CKK_RSA;
@@ -1249,32 +1307,32 @@ P11_Helper_import_RSA_public_key(P11_Helper* self, CK_UTF8CHAR *label,
rsa = EVP_PKEY_get1_RSA(pkey);
if (rsa == NULL) {
PyErr_SetString(ipap11helperError,
- "import_RSA_public_key: EVP_PKEY_get1_RSA error");
+ "import_RSA_public_key: EVP_PKEY_get1_RSA error");
GOTO_FAIL;
}
/* convert BIGNUM to binary array */
modulus = (CK_BYTE_PTR) PyMem_Malloc(BN_num_bytes(rsa->n));
- if (modulus == NULL){
+ if (modulus == NULL) {
PyErr_NoMemory();
GOTO_FAIL;
}
modulus_len = BN_bn2bin(rsa->n, (unsigned char *) modulus);
if (modulus == NULL) {
PyErr_SetString(ipap11helperError,
- "import_RSA_public_key: BN_bn2bin modulus error");
+ "import_RSA_public_key: BN_bn2bin modulus error");
GOTO_FAIL;
}
exponent = (CK_BYTE_PTR) PyMem_Malloc(BN_num_bytes(rsa->e));
- if (exponent == NULL){
+ if (exponent == NULL) {
PyErr_NoMemory();
GOTO_FAIL;
}
exponent_len = BN_bn2bin(rsa->e, (unsigned char *) exponent);
if (exponent == NULL) {
PyErr_SetString(ipap11helperError,
- "import_RSA_public_key: BN_bn2bin exponent error");
+ "import_RSA_public_key: BN_bn2bin exponent error");
GOTO_FAIL;
}
@@ -1286,7 +1344,7 @@ P11_Helper_import_RSA_public_key(P11_Helper* self, CK_UTF8CHAR *label,
{ CKA_LABEL, label, label_length },
{ CKA_MODULUS, modulus, modulus_len },
{ CKA_PUBLIC_EXPONENT, exponent, exponent_len },
- //{CKA_COPYABLE, cka_copyable, sizeof(CK_BBOOL)}, //TODO Softhsm doesn't support it
+ //{ CKA_COPYABLE, cka_copyable, sizeof(CK_BBOOL) }, //TODO Softhsm doesn't support it
{ CKA_DERIVE, cka_derive, sizeof(CK_BBOOL) },
{ CKA_ENCRYPT, cka_encrypt, sizeof(CK_BBOOL) },
{ CKA_MODIFIABLE, cka_modifiable, sizeof(CK_BBOOL) },
@@ -1294,20 +1352,26 @@ P11_Helper_import_RSA_public_key(P11_Helper* self, CK_UTF8CHAR *label,
{ CKA_TRUSTED, cka_trusted, sizeof(CK_BBOOL) },
{ CKA_VERIFY, cka_verify, sizeof(CK_BBOOL) },
{ CKA_VERIFY_RECOVER, cka_verify_recover, sizeof(CK_BBOOL) },
- { CKA_WRAP, cka_wrap, sizeof(CK_BBOOL) }, };
+ { CKA_WRAP, cka_wrap, sizeof(CK_BBOOL) }
+ };
CK_OBJECT_HANDLE object;
rv = self->p11->C_CreateObject(self->session, template,
- sizeof(template) / sizeof(CK_ATTRIBUTE), &object);
+ sizeof(template) / sizeof(CK_ATTRIBUTE),
+ &object);
if (!check_return_value(rv, "create public key object"))
GOTO_FAIL;
final:
- if (rsa != NULL) RSA_free(rsa);
- if (modulus != NULL) PyMem_Free(modulus);
- if (exponent != NULL) PyMem_Free(exponent);
-
- if (error) return NULL;
+ if (rsa != NULL)
+ RSA_free(rsa);
+ if (modulus != NULL)
+ PyMem_Free(modulus);
+ if (exponent != NULL)
+ PyMem_Free(exponent);
+
+ if (error)
+ return NULL;
return Py_BuildValue("k", object);
}
@@ -1315,8 +1379,8 @@ final:
* Import RSA public key
*
*/
-static PyObject *
-P11_Helper_import_public_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
+static PyObject *P11_Helper_import_public_key(P11_Helper *self,
+ PyObject *args, PyObject *kwds) {
int r;
PyObject *ret = NULL;
PyObject *label_unicode = NULL;
@@ -1329,45 +1393,49 @@ P11_Helper_import_public_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
EVP_PKEY *pkey = NULL;
int error = 0;
- PyObj2Bool_mapping_t attrs_pub[] = { { NULL, &true }, //pub_en_cka_copyable
- { NULL, &false }, //pub_en_cka_derive
- { NULL, &false }, //pub_en_cka_encrypt
- { NULL, &true }, //pub_en_cka_modifiable
- { NULL, &true }, //pub_en_cka_private
- { NULL, &false }, //pub_en_cka_trusted
- { NULL, &true }, //pub_en_cka_verify
- { NULL, &true }, //pub_en_cka_verify_recover
- { NULL, &false }, //pub_en_cka_wrap
- };
+ PyObj2Bool_mapping_t attrs_pub[] = {
+ { NULL, &true }, // pub_en_cka_copyable
+ { NULL, &false }, // pub_en_cka_derive
+ { NULL, &false }, // pub_en_cka_encrypt
+ { NULL, &true }, // pub_en_cka_modifiable
+ { NULL, &true }, // pub_en_cka_private
+ { NULL, &false }, // pub_en_cka_trusted
+ { NULL, &true }, // pub_en_cka_verify
+ { NULL, &true }, // pub_en_cka_verify_recover
+ { NULL, &false }, // pub_en_cka_wrap
+ };
static char *kwlist[] = { "label", "id", "data",
- /* public key attributes */
- "cka_copyable", "cka_derive", "cka_encrypt", "cka_modifiable",
- "cka_private", "cka_trusted", "cka_verify", "cka_verify_recover",
- "cka_wrap", NULL };
+ /* public key attributes */
+ "cka_copyable", "cka_derive", "cka_encrypt", "cka_modifiable",
+ "cka_private", "cka_trusted", "cka_verify", "cka_verify_recover",
+ "cka_wrap", NULL
+ };
if (!PyArg_ParseTupleAndKeywords(args, kwds, "Us#s#|OOOOOOOOO", kwlist,
- &label_unicode, &id, &id_length, &data, &data_length,
- /* public key attributes */
- &attrs_pub[pub_en_cka_copyable].py_obj,
- &attrs_pub[pub_en_cka_derive].py_obj,
- &attrs_pub[pub_en_cka_encrypt].py_obj,
- &attrs_pub[pub_en_cka_modifiable].py_obj,
- &attrs_pub[pub_en_cka_private].py_obj,
- &attrs_pub[pub_en_cka_trusted].py_obj,
- &attrs_pub[pub_en_cka_verify].py_obj,
- &attrs_pub[pub_en_cka_verify_recover].py_obj,
- &attrs_pub[pub_en_cka_wrap].py_obj)) {
+ &label_unicode, &id, &id_length, &data,
+ &data_length,
+ /* public key attributes */
+ &attrs_pub[pub_en_cka_copyable].py_obj,
+ &attrs_pub[pub_en_cka_derive].py_obj,
+ &attrs_pub[pub_en_cka_encrypt].py_obj,
+ &attrs_pub[pub_en_cka_modifiable].py_obj,
+ &attrs_pub[pub_en_cka_private].py_obj,
+ &attrs_pub[pub_en_cka_trusted].py_obj,
+ &attrs_pub[pub_en_cka_verify].py_obj,
+ &attrs_pub[pub_en_cka_verify_recover].py_obj,
+ &attrs_pub[pub_en_cka_wrap].py_obj)) {
return NULL;
}
- label = (unsigned char*) unicode_to_char_array(label_unicode,
- &label_length);
- if (label == NULL) GOTO_FAIL;
+ label = (unsigned char *) unicode_to_char_array(label_unicode,
+ &label_length);
+ if (label == NULL)
+ GOTO_FAIL;
r = _id_exists(self, id, id_length, CKO_PUBLIC_KEY);
if (r == 1) {
PyErr_SetString(ipap11helperDuplicationError,
- "Public key with same ID already exists");
+ "Public key with same ID already exists");
GOTO_FAIL;
} else if (r == -1) {
GOTO_FAIL;
@@ -1375,27 +1443,28 @@ P11_Helper_import_public_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
/* Process keyword boolean arguments */
convert_py2bool(attrs_pub,
- sizeof(attrs_pub) / sizeof(PyObj2Bool_mapping_t));
+ sizeof(attrs_pub) / sizeof(PyObj2Bool_mapping_t));
/* decode from ASN1 DER */
pkey = d2i_PUBKEY(NULL, (const unsigned char **) &data, data_length);
if (pkey == NULL) {
PyErr_SetString(ipap11helperError,
- "import_public_key: d2i_PUBKEY error");
+ "import_public_key: d2i_PUBKEY error");
GOTO_FAIL;
}
switch (pkey->type) {
case EVP_PKEY_RSA:
ret = P11_Helper_import_RSA_public_key(self, label, label_length,
- id, id_length, pkey, attrs_pub[pub_en_cka_copyable].bool,
- attrs_pub[pub_en_cka_derive].bool,
- attrs_pub[pub_en_cka_encrypt].bool,
- attrs_pub[pub_en_cka_modifiable].bool,
- attrs_pub[pub_en_cka_private].bool,
- attrs_pub[pub_en_cka_trusted].bool,
- attrs_pub[pub_en_cka_verify].bool,
- attrs_pub[pub_en_cka_verify_recover].bool,
- attrs_pub[pub_en_cka_wrap].bool);
+ id, id_length, pkey,
+ attrs_pub[pub_en_cka_copyable].bool,
+ attrs_pub[pub_en_cka_derive].bool,
+ attrs_pub[pub_en_cka_encrypt].bool,
+ attrs_pub[pub_en_cka_modifiable].bool,
+ attrs_pub[pub_en_cka_private].bool,
+ attrs_pub[pub_en_cka_trusted].bool,
+ attrs_pub[pub_en_cka_verify].bool,
+ attrs_pub[pub_en_cka_verify_recover].bool,
+ attrs_pub[pub_en_cka_wrap].bool);
break;
case EVP_PKEY_DSA:
error = 1;
@@ -1410,10 +1479,13 @@ P11_Helper_import_public_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
PyErr_SetString(ipap11helperError, "Unsupported key type");
}
final:
- if (pkey != NULL) EVP_PKEY_free(pkey);
- if (label != NULL) PyMem_Free(label);
+ if (pkey != NULL)
+ EVP_PKEY_free(pkey);
+ if (label != NULL)
+ PyMem_Free(label);
- if (error) return NULL;
+ if (error)
+ return NULL;
return ret;
}
@@ -1421,8 +1493,9 @@ final:
* Export wrapped key
*
*/
-static PyObject *
-P11_Helper_export_wrapped_key(P11_Helper* self, PyObject *args, PyObject *kwds) {
+static PyObject *P11_Helper_export_wrapped_key(P11_Helper *self,
+ PyObject *args,
+ PyObject *kwds) {
CK_RV rv;
CK_OBJECT_HANDLE object_key = 0;
CK_OBJECT_HANDLE object_wrapping_key = 0;
@@ -1437,42 +1510,44 @@ P11_Helper_export_wrapped_key(P11_Helper* self, PyObject *args, PyObject *kwds)
//TODO check long overflow
//TODO export method
if (!PyArg_ParseTupleAndKeywords(args, kwds, "kkk|", kwlist, &object_key,
- &object_wrapping_key, &wrapping_mech.mechanism)) {
+ &object_wrapping_key,
+ &wrapping_mech.mechanism))
GOTO_FAIL;
- }
// fill mech parameters
- if (!_set_wrapping_mech_parameters(wrapping_mech.mechanism, &wrapping_mech)){
+ if (!_set_wrapping_mech_parameters(wrapping_mech.mechanism, &wrapping_mech))
GOTO_FAIL;
- }
rv = self->p11->C_WrapKey(self->session, &wrapping_mech,
- object_wrapping_key, object_key, NULL, &wrapped_key_len);
- if (!check_return_value(rv, "key wrapping: get buffer length")){
+ object_wrapping_key, object_key, NULL,
+ &wrapped_key_len);
+ if (!check_return_value(rv, "key wrapping: get buffer length"))
GOTO_FAIL;
- }
+
wrapped_key = PyMem_Malloc(wrapped_key_len);
- if (wrapped_key == NULL){
+ if (wrapped_key == NULL) {
PyErr_NoMemory();
GOTO_FAIL;
}
if (wrapped_key == NULL) {
rv = CKR_HOST_MEMORY;
- if (!check_return_value(rv, "key wrapping: buffer allocation")){
+ if (!check_return_value(rv, "key wrapping: buffer allocation"))
GOTO_FAIL;
- }
}
rv = self->p11->C_WrapKey(self->session, &wrapping_mech,
- object_wrapping_key, object_key, wrapped_key, &wrapped_key_len);
- if (!check_return_value(rv, "key wrapping: wrapping")){
+ object_wrapping_key, object_key, wrapped_key,
+ &wrapped_key_len);
+ if (!check_return_value(rv, "key wrapping: wrapping"))
GOTO_FAIL;
- }
+
result = Py_BuildValue("s#", wrapped_key, wrapped_key_len);
final:
- if (wrapped_key != NULL) PyMem_Free(wrapped_key);
+ if (wrapped_key != NULL)
+ PyMem_Free(wrapped_key);
- if (error) return NULL;
+ if (error)
+ return NULL;
return result;
}
@@ -1481,9 +1556,9 @@ final:
* Import wrapped secret key
*
*/
-static PyObject *
-P11_Helper_import_wrapped_secret_key(P11_Helper* self, PyObject *args,
- PyObject *kwds) {
+static PyObject *P11_Helper_import_wrapped_secret_key(P11_Helper *self,
+ PyObject *args,
+ PyObject *kwds) {
CK_RV rv;
int r;
CK_BYTE_PTR wrapped_key = NULL;
@@ -1500,62 +1575,69 @@ P11_Helper_import_wrapped_secret_key(P11_Helper* self, PyObject *args,
CK_KEY_TYPE key_type = CKK_RSA;
int error = 0;
- PyObj2Bool_mapping_t attrs[] = { { NULL, &true }, //sec_en_cka_copyable
- { NULL, &false }, //sec_en_cka_decrypt
- { NULL, &false }, //sec_en_cka_derive
- { NULL, &false }, //sec_en_cka_encrypt
- { NULL, &true }, //sec_en_cka_extractable
- { NULL, &true }, //sec_en_cka_modifiable
- { NULL, &true }, //sec_en_cka_private
- { NULL, &true }, //sec_en_cka_sensitive
- { NULL, &false }, //sec_en_cka_sign
- { NULL, &true }, //sec_en_cka_unwrap
- { NULL, &false }, //sec_en_cka_verify
- { NULL, &true }, //sec_en_cka_wrap
- { NULL, &false } //sec_en_cka_wrap_with_trusted
+ PyObj2Bool_mapping_t attrs[] = {
+ { NULL, &true }, // sec_en_cka_copyable
+ { NULL, &false }, // sec_en_cka_decrypt
+ { NULL, &false }, // sec_en_cka_derive
+ { NULL, &false }, // sec_en_cka_encrypt
+ { NULL, &true }, // sec_en_cka_extractable
+ { NULL, &true }, // sec_en_cka_modifiable
+ { NULL, &true }, // sec_en_cka_private
+ { NULL, &true }, // sec_en_cka_sensitive
+ { NULL, &false }, // sec_en_cka_sign
+ { NULL, &true }, // sec_en_cka_unwrap
+ { NULL, &false }, // sec_en_cka_verify
+ { NULL, &true }, // sec_en_cka_wrap
+ { NULL, &false } // sec_en_cka_wrap_with_trusted
};
static char *kwlist[] = { "label", "id", "data", "unwrapping_key",
- "wrapping_mech", "key_type",
- // secret key attrs
- "cka_copyable", "cka_decrypt", "cka_derive", "cka_encrypt",
- "cka_extractable", "cka_modifiable", "cka_private", "cka_sensitive",
- "cka_sign", "cka_unwrap", "cka_verify", "cka_wrap",
- "cka_wrap_with_trusted", NULL };
+ "wrapping_mech", "key_type",
+ // secret key attrs
+ "cka_copyable", "cka_decrypt", "cka_derive", "cka_encrypt",
+ "cka_extractable", "cka_modifiable", "cka_private", "cka_sensitive",
+ "cka_sign", "cka_unwrap", "cka_verify", "cka_wrap",
+ "cka_wrap_with_trusted", NULL
+ };
if (!PyArg_ParseTupleAndKeywords(args, kwds, "Us#s#kkk|OOOOOOOOOOOOO",
- kwlist, &label_unicode, &id, &id_length, &wrapped_key,
- &wrapped_key_len, &unwrapping_key_object, &wrapping_mech.mechanism,
- &key_type,
- // secret key attrs
- &attrs[sec_en_cka_copyable].py_obj,
- &attrs[sec_en_cka_decrypt].py_obj, &attrs[sec_en_cka_derive].py_obj,
- &attrs[sec_en_cka_encrypt].py_obj,
- &attrs[sec_en_cka_extractable].py_obj,
- &attrs[sec_en_cka_modifiable].py_obj,
- &attrs[sec_en_cka_private].py_obj,
- &attrs[sec_en_cka_sensitive].py_obj, &attrs[sec_en_cka_sign].py_obj,
- &attrs[sec_en_cka_unwrap].py_obj, &attrs[sec_en_cka_verify].py_obj,
- &attrs[sec_en_cka_wrap].py_obj,
- &attrs[sec_en_cka_wrap_with_trusted].py_obj)) {
+ kwlist, &label_unicode, &id, &id_length,
+ &wrapped_key, &wrapped_key_len,
+ &unwrapping_key_object,
+ &wrapping_mech.mechanism, &key_type,
+ // secret key attrs
+ &attrs[sec_en_cka_copyable].py_obj,
+ &attrs[sec_en_cka_decrypt].py_obj,
+ &attrs[sec_en_cka_derive].py_obj,
+ &attrs[sec_en_cka_encrypt].py_obj,
+ &attrs[sec_en_cka_extractable].py_obj,
+ &attrs[sec_en_cka_modifiable].py_obj,
+ &attrs[sec_en_cka_private].py_obj,
+ &attrs[sec_en_cka_sensitive].py_obj,
+ &attrs[sec_en_cka_sign].py_obj,
+ &attrs[sec_en_cka_unwrap].py_obj,
+ &attrs[sec_en_cka_verify].py_obj,
+ &attrs[sec_en_cka_wrap].py_obj,
+ &attrs[sec_en_cka_wrap_with_trusted].py_obj)) {
return NULL;
}
- if (!_set_wrapping_mech_parameters(wrapping_mech.mechanism, &wrapping_mech)){
+ if (!_set_wrapping_mech_parameters(wrapping_mech.mechanism, &wrapping_mech))
return NULL;
- }
- label = (unsigned char*) unicode_to_char_array(label_unicode,
- &label_length);
- if (label == NULL) GOTO_FAIL;
+ label = (unsigned char *) unicode_to_char_array(label_unicode,
+ &label_length);
+ if (label == NULL)
+ GOTO_FAIL;
r = _id_exists(self, id, id_length, key_class);
if (r == 1) {
PyErr_SetString(ipap11helperDuplicationError,
- "Secret key with same ID already exists");
+ "Secret key with same ID already exists");
GOTO_FAIL;
- } else if (r == -1) {
+
+ } else if (r == -1)
GOTO_FAIL;
- }
+
/* Process keyword boolean arguments */
convert_py2bool(attrs, sizeof(attrs) / sizeof(PyObj2Bool_mapping_t));
@@ -1566,7 +1648,7 @@ P11_Helper_import_wrapped_secret_key(P11_Helper* self, PyObject *args,
{ CKA_ID, id, id_length },
{ CKA_LABEL, label, label_length },
{ CKA_TOKEN, &true, sizeof(CK_BBOOL) },
- //{CKA_COPYABLE, attrs[sec_en_cka_copyable].bool, sizeof(CK_BBOOL)}, //TODO Softhsm doesn't support it
+ //{ CKA_COPYABLE, attrs[sec_en_cka_copyable].bool, sizeof(CK_BBOOL) }, //TODO Softhsm doesn't support it
{ CKA_DECRYPT, attrs[sec_en_cka_decrypt].bool, sizeof(CK_BBOOL) },
{ CKA_DERIVE, attrs[sec_en_cka_derive].bool, sizeof(CK_BBOOL) },
{ CKA_ENCRYPT, attrs[sec_en_cka_encrypt].bool, sizeof(CK_BBOOL) },
@@ -1582,26 +1664,30 @@ P11_Helper_import_wrapped_secret_key(P11_Helper* self, PyObject *args,
};
rv = self->p11->C_UnwrapKey(self->session, &wrapping_mech,
- unwrapping_key_object, wrapped_key, wrapped_key_len, template,
- sizeof(template) / sizeof(CK_ATTRIBUTE), &unwrapped_key_object);
- if (!check_return_value(rv, "import_wrapped_key: key unwrapping")) {
+ unwrapping_key_object, wrapped_key,
+ wrapped_key_len, template,
+ sizeof(template) / sizeof(CK_ATTRIBUTE),
+ &unwrapped_key_object);
+ if (!check_return_value(rv, "import_wrapped_key: key unwrapping"))
GOTO_FAIL;
- }
+
final:
- if (label != NULL) PyMem_Free(label);
+ if (label != NULL)
+ PyMem_Free(label);
- if (error) return NULL;
- return Py_BuildValue("k", unwrapped_key_object);
+ if (error)
+ return NULL;
+ return Py_BuildValue("k", unwrapped_key_object);
}
/**
* Import wrapped private key
*
*/
-static PyObject *
-P11_Helper_import_wrapped_private_key(P11_Helper* self, PyObject *args,
- PyObject *kwds) {
+static PyObject *P11_Helper_import_wrapped_private_key(P11_Helper *self,
+ PyObject *args,
+ PyObject *kwds) {
CK_RV rv;
int r;
CK_BYTE_PTR wrapped_key = NULL;
@@ -1618,55 +1704,59 @@ P11_Helper_import_wrapped_private_key(P11_Helper* self, PyObject *args,
CK_KEY_TYPE key_type = CKK_RSA;
int error = 0;
- PyObj2Bool_mapping_t attrs_priv[] = { { NULL, &false }, //priv_en_cka_always_authenticate
- { NULL, &true }, //priv_en_cka_copyable
- { NULL, &false }, //priv_en_cka_decrypt
- { NULL, &false }, //priv_en_cka_derive
- { NULL, &true }, //priv_en_cka_extractable
- { NULL, &true }, //priv_en_cka_modifiable
- { NULL, &true }, //priv_en_cka_private
- { NULL, &true }, //priv_en_cka_sensitive
- { NULL, &true }, //priv_en_cka_sign
- { NULL, &true }, //priv_en_cka_sign_recover
- { NULL, &false }, //priv_en_cka_unwrap
- { NULL, &false } //priv_en_cka_wrap_with_trusted
+ PyObj2Bool_mapping_t attrs_priv[] = {
+ { NULL, &false }, // priv_en_cka_always_authenticate
+ { NULL, &true }, // priv_en_cka_copyable
+ { NULL, &false }, // priv_en_cka_decrypt
+ { NULL, &false }, // priv_en_cka_derive
+ { NULL, &true }, // priv_en_cka_extractable
+ { NULL, &true }, // priv_en_cka_modifiable
+ { NULL, &true }, // priv_en_cka_private
+ { NULL, &true }, // priv_en_cka_sensitive
+ { NULL, &true }, // priv_en_cka_sign
+ { NULL, &true }, // priv_en_cka_sign_recover
+ { NULL, &false }, // priv_en_cka_unwrap
+ { NULL, &false } // priv_en_cka_wrap_with_trusted
};
static char *kwlist[] = { "label", "id", "data", "unwrapping_key",
- "wrapping_mech", "key_type",
- // private key attrs
- "cka_always_authenticate", "cka_copyable", "cka_decrypt",
- "cka_derive", "cka_extractable", "cka_modifiable", "cka_private",
- "cka_sensitive", "cka_sign", "cka_sign_recover", "cka_unwrap",
- "cka_wrap_with_trusted", NULL };
+ "wrapping_mech", "key_type",
+ // private key attrs
+ "cka_always_authenticate", "cka_copyable", "cka_decrypt",
+ "cka_derive", "cka_extractable", "cka_modifiable", "cka_private",
+ "cka_sensitive", "cka_sign", "cka_sign_recover", "cka_unwrap",
+ "cka_wrap_with_trusted", NULL
+ };
if (!PyArg_ParseTupleAndKeywords(args, kwds, "Us#s#kkk|OOOOOOOOOOOO",
- kwlist, &label_unicode, &id, &id_length, &wrapped_key,
- &wrapped_key_len, &unwrapping_key_object, &wrapping_mech.mechanism,
- &key_type,
- // private key attrs
- &attrs_priv[priv_en_cka_always_authenticate].py_obj,
- &attrs_priv[priv_en_cka_copyable].py_obj,
- &attrs_priv[priv_en_cka_decrypt].py_obj,
- &attrs_priv[priv_en_cka_derive].py_obj,
- &attrs_priv[priv_en_cka_extractable].py_obj,
- &attrs_priv[priv_en_cka_modifiable].py_obj,
- &attrs_priv[priv_en_cka_private].py_obj,
- &attrs_priv[priv_en_cka_sensitive].py_obj,
- &attrs_priv[priv_en_cka_sign].py_obj,
- &attrs_priv[priv_en_cka_sign_recover].py_obj,
- &attrs_priv[priv_en_cka_unwrap].py_obj,
- &attrs_priv[priv_en_cka_wrap_with_trusted].py_obj)) {
+ kwlist, &label_unicode, &id, &id_length,
+ &wrapped_key, &wrapped_key_len,
+ &unwrapping_key_object,
+ &wrapping_mech.mechanism, &key_type,
+ // private key attrs
+ &attrs_priv[priv_en_cka_always_authenticate].py_obj,
+ &attrs_priv[priv_en_cka_copyable].py_obj,
+ &attrs_priv[priv_en_cka_decrypt].py_obj,
+ &attrs_priv[priv_en_cka_derive].py_obj,
+ &attrs_priv[priv_en_cka_extractable].py_obj,
+ &attrs_priv[priv_en_cka_modifiable].py_obj,
+ &attrs_priv[priv_en_cka_private].py_obj,
+ &attrs_priv[priv_en_cka_sensitive].py_obj,
+ &attrs_priv[priv_en_cka_sign].py_obj,
+ &attrs_priv[priv_en_cka_sign_recover].py_obj,
+ &attrs_priv[priv_en_cka_unwrap].py_obj,
+ &attrs_priv[priv_en_cka_wrap_with_trusted].py_obj)) {
return NULL;
}
- label = (unsigned char*) unicode_to_char_array(label_unicode,
- &label_length);
- if (label == NULL) GOTO_FAIL;
+ label = (unsigned char *) unicode_to_char_array(label_unicode,
+ &label_length);
+ if (label == NULL)
+ GOTO_FAIL;
r = _id_exists(self, id, id_length, CKO_SECRET_KEY);
if (r == 1) {
PyErr_SetString(ipap11helperDuplicationError,
- "Secret key with same ID already exists");
+ "Secret key with same ID already exists");
GOTO_FAIL;
} else if (r == -1) {
GOTO_FAIL;
@@ -1674,38 +1764,42 @@ P11_Helper_import_wrapped_private_key(P11_Helper* self, PyObject *args,
/* Process keyword boolean arguments */
convert_py2bool(attrs_priv,
- sizeof(attrs_priv) / sizeof(PyObj2Bool_mapping_t));
+ sizeof(attrs_priv) / sizeof(PyObj2Bool_mapping_t));
CK_ATTRIBUTE template[] = {
- { CKA_CLASS, &key_class, sizeof(key_class) },
- { CKA_KEY_TYPE, &key_type, sizeof(key_type) },
- { CKA_ID, id, id_length },
- { CKA_LABEL, label, label_length },
- { CKA_TOKEN, &true, sizeof(CK_BBOOL) },
- { CKA_ALWAYS_AUTHENTICATE, attrs_priv[priv_en_cka_always_authenticate].bool, sizeof(CK_BBOOL) },
- //{CKA_COPYABLE, attrs_priv[priv_en_cka_copyable].bool, sizeof(CK_BBOOL)}, //TODO Softhsm doesn't support it
- { CKA_DECRYPT, attrs_priv[priv_en_cka_decrypt].bool, sizeof(CK_BBOOL) },
- { CKA_DERIVE, attrs_priv[priv_en_cka_derive].bool, sizeof(CK_BBOOL) },
- { CKA_EXTRACTABLE, attrs_priv[priv_en_cka_extractable].bool, sizeof(CK_BBOOL) },
- { CKA_MODIFIABLE, attrs_priv[priv_en_cka_modifiable].bool, sizeof(CK_BBOOL) },
- { CKA_PRIVATE, attrs_priv[priv_en_cka_private].bool, sizeof(CK_BBOOL) },
- { CKA_SENSITIVE, attrs_priv[priv_en_cka_sensitive].bool, sizeof(CK_BBOOL) },
- { CKA_SIGN, attrs_priv[priv_en_cka_sign].bool, sizeof(CK_BBOOL) },
- { CKA_SIGN_RECOVER, attrs_priv[priv_en_cka_sign].bool, sizeof(CK_BBOOL) },
- { CKA_UNWRAP, attrs_priv[priv_en_cka_unwrap].bool, sizeof(CK_BBOOL) },
- { CKA_WRAP_WITH_TRUSTED, attrs_priv[priv_en_cka_wrap_with_trusted].bool, sizeof(CK_BBOOL) }
+ { CKA_CLASS, &key_class, sizeof(key_class) },
+ { CKA_KEY_TYPE, &key_type, sizeof(key_type) },
+ { CKA_ID, id, id_length },
+ { CKA_LABEL, label, label_length },
+ { CKA_TOKEN, &true, sizeof(CK_BBOOL) },
+ { CKA_ALWAYS_AUTHENTICATE, attrs_priv[priv_en_cka_always_authenticate].bool, sizeof(CK_BBOOL) },
+ //{ CKA_COPYABLE, attrs_priv[priv_en_cka_copyable].bool, sizeof(CK_BBOOL) }, //TODO Softhsm doesn't support it
+ { CKA_DECRYPT, attrs_priv[priv_en_cka_decrypt].bool, sizeof(CK_BBOOL) },
+ { CKA_DERIVE, attrs_priv[priv_en_cka_derive].bool, sizeof(CK_BBOOL) },
+ { CKA_EXTRACTABLE, attrs_priv[priv_en_cka_extractable].bool, sizeof(CK_BBOOL) },
+ { CKA_MODIFIABLE, attrs_priv[priv_en_cka_modifiable].bool, sizeof(CK_BBOOL) },
+ { CKA_PRIVATE, attrs_priv[priv_en_cka_private].bool, sizeof(CK_BBOOL) },
+ { CKA_SENSITIVE, attrs_priv[priv_en_cka_sensitive].bool, sizeof(CK_BBOOL) },
+ { CKA_SIGN, attrs_priv[priv_en_cka_sign].bool, sizeof(CK_BBOOL) },
+ { CKA_SIGN_RECOVER, attrs_priv[priv_en_cka_sign].bool, sizeof(CK_BBOOL) },
+ { CKA_UNWRAP, attrs_priv[priv_en_cka_unwrap].bool, sizeof(CK_BBOOL) },
+ { CKA_WRAP_WITH_TRUSTED, attrs_priv[priv_en_cka_wrap_with_trusted].bool, sizeof(CK_BBOOL) }
};
rv = self->p11->C_UnwrapKey(self->session, &wrapping_mech,
- unwrapping_key_object, wrapped_key, wrapped_key_len, template,
- sizeof(template) / sizeof(CK_ATTRIBUTE), &unwrapped_key_object);
+ unwrapping_key_object, wrapped_key,
+ wrapped_key_len, template,
+ sizeof(template) / sizeof(CK_ATTRIBUTE),
+ &unwrapped_key_object);
if (!check_return_value(rv, "import_wrapped_key: key unwrapping")) {
GOTO_FAIL;
}
final:
- if (label != NULL) PyMem_Free(label);
+ if (label != NULL)
+ PyMem_Free(label);
- if (error) return NULL;
+ if (error)
+ return NULL;
return PyLong_FromUnsignedLong(unwrapped_key_object);
}
@@ -1713,8 +1807,8 @@ final:
/*
* Set object attributes
*/
-static PyObject *
-P11_Helper_set_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
+static PyObject *P11_Helper_set_attribute(P11_Helper *self, PyObject *args,
+ PyObject *kwds) {
PyObject *ret = Py_None;
PyObject *value = NULL;
CK_ULONG object = 0;
@@ -1726,8 +1820,8 @@ P11_Helper_set_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
int error = 0;
static char *kwlist[] = { "key_object", "attr", "value", NULL };
- if (!PyArg_ParseTupleAndKeywords(args, kwds, "kkO|", kwlist, &object, &attr,
- &value)) {
+ if (!PyArg_ParseTupleAndKeywords
+ (args, kwds, "kkO|", kwlist, &object, &attr, &value)) {
return NULL;
}
@@ -1763,7 +1857,7 @@ P11_Helper_set_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
GOTO_FAIL;
}
if (PyString_AsStringAndSize(value, (char **) &attribute.pValue,
- &len) == -1) {
+ &len) == -1) {
GOTO_FAIL;
}
attribute.ulValueLen = len;
@@ -1774,8 +1868,9 @@ P11_Helper_set_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
GOTO_FAIL;
}
label = unicode_to_char_array(value, &len);
- /* check for conversion error */
- if (label == NULL) GOTO_FAIL;
+ /* check for conversion error */
+ if (label == NULL)
+ GOTO_FAIL;
attribute.pValue = label;
attribute.ulValueLen = len;
break;
@@ -1799,18 +1894,20 @@ P11_Helper_set_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
if (!check_return_value(rv, "set_attribute"))
GOTO_FAIL;
final:
- if (label != NULL) PyMem_Free(label);
+ if (label != NULL)
+ PyMem_Free(label);
Py_XINCREF(ret);
- if (error) return NULL;
+ if (error)
+ return NULL;
return ret;
}
/*
* Get object attributes
*/
-static PyObject *
-P11_Helper_get_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
+static PyObject *P11_Helper_get_attribute(P11_Helper *self, PyObject *args,
+ PyObject *kwds) {
PyObject *ret = NULL;
void *value = NULL;
CK_ULONG object = 0;
@@ -1821,7 +1918,7 @@ P11_Helper_get_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
static char *kwlist[] = { "key_object", "attr", NULL };
if (!PyArg_ParseTupleAndKeywords(args, kwds, "kk|", kwlist, &object,
- &attr)) {
+ &attr)) {
return NULL;
}
@@ -1833,7 +1930,7 @@ P11_Helper_get_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
rv = self->p11->C_GetAttributeValue(self->session, object, template, 1);
// attribute doesn't exists
if (rv == CKR_ATTRIBUTE_TYPE_INVALID
- || template[0].ulValueLen == (unsigned long) -1) {
+ || template[0].ulValueLen == (unsigned long) -1) {
PyErr_SetString(ipap11helperNotFound, "attribute does not exist");
GOTO_FAIL;
}
@@ -1841,7 +1938,7 @@ P11_Helper_get_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
GOTO_FAIL;
}
value = PyMem_Malloc(template[0].ulValueLen);
- if (value == NULL){
+ if (value == NULL) {
PyErr_NoMemory();
GOTO_FAIL;
}
@@ -1875,14 +1972,14 @@ P11_Helper_get_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
case CKA_WRAP:
case CKA_WRAP_WITH_TRUSTED:
/* booleans */
- ret = PyBool_FromLong(*(CK_BBOOL*) value);
+ ret = PyBool_FromLong(*(CK_BBOOL *) value);
break;
case CKA_LABEL:
/* unicode string */
ret = char_array_to_unicode(value, template[0].ulValueLen);
break;
- case CKA_MODULUS:
- case CKA_PUBLIC_EXPONENT:
+ case CKA_MODULUS:
+ case CKA_PUBLIC_EXPONENT:
case CKA_ID:
/* byte arrays */
ret = Py_BuildValue("s#", value, template[0].ulValueLen);
@@ -1897,89 +1994,143 @@ P11_Helper_get_attribute(P11_Helper* self, PyObject *args, PyObject *kwds) {
}
final:
- if (value != NULL) PyMem_Free(value);
+ if (value != NULL)
+ PyMem_Free(value);
- if (error) return NULL;
+ if (error)
+ return NULL;
return ret;
}
-static PyMethodDef P11_Helper_methods[] = { { "finalize",
- (PyCFunction) P11_Helper_finalize, METH_NOARGS,
- "Finalize operations with pkcs11 library" }, { "generate_master_key",
- (PyCFunction) P11_Helper_generate_master_key, METH_VARARGS
- | METH_KEYWORDS, "Generate master key" }, {
+static PyMethodDef P11_Helper_methods[] = {
+ {
+ "finalize",
+ (PyCFunction) P11_Helper_finalize,
+ METH_NOARGS,
+ "Finalize operations with pkcs11 library"
+ },
+ {
+ "generate_master_key",
+ (PyCFunction) P11_Helper_generate_master_key,
+ METH_VARARGS | METH_KEYWORDS,
+ "Generate master key"
+ },
+ {
"generate_replica_key_pair",
- (PyCFunction) P11_Helper_generate_replica_key_pair, METH_VARARGS
- | METH_KEYWORDS, "Generate replica key pair" }, { "find_keys",
- (PyCFunction) P11_Helper_find_keys, METH_VARARGS | METH_KEYWORDS,
- "Find keys" }, { "delete_key", (PyCFunction) P11_Helper_delete_key,
- METH_VARARGS | METH_KEYWORDS, "Delete key" }, {
- "export_public_key", (PyCFunction) P11_Helper_export_public_key,
- METH_VARARGS | METH_KEYWORDS, "Export public key" }, {
- "import_public_key", (PyCFunction) P11_Helper_import_public_key,
- METH_VARARGS | METH_KEYWORDS, "Import public key" }, {
- "export_wrapped_key", (PyCFunction) P11_Helper_export_wrapped_key,
- METH_VARARGS | METH_KEYWORDS, "Export wrapped private key" }, {
+ (PyCFunction) P11_Helper_generate_replica_key_pair,
+ METH_VARARGS | METH_KEYWORDS,
+ "Generate replica key pair"
+ },
+ {
+ "find_keys",
+ (PyCFunction) P11_Helper_find_keys,
+ METH_VARARGS | METH_KEYWORDS,
+ "Find keys"
+ },
+ {
+ "delete_key",
+ (PyCFunction) P11_Helper_delete_key,
+ METH_VARARGS | METH_KEYWORDS,
+ "Delete key"
+ },
+ {
+ "export_public_key",
+ (PyCFunction) P11_Helper_export_public_key,
+ METH_VARARGS | METH_KEYWORDS,
+ "Export public key"
+ },
+ {
+ "import_public_key",
+ (PyCFunction) P11_Helper_import_public_key,
+ METH_VARARGS | METH_KEYWORDS,
+ "Import public key"
+ },
+ {
+ "export_wrapped_key",
+ (PyCFunction) P11_Helper_export_wrapped_key,
+ METH_VARARGS | METH_KEYWORDS,
+ "Export wrapped private key"
+ },
+ {
"import_wrapped_secret_key",
- (PyCFunction) P11_Helper_import_wrapped_secret_key, METH_VARARGS
- | METH_KEYWORDS, "Import wrapped secret key" }, {
+ (PyCFunction) P11_Helper_import_wrapped_secret_key,
+ METH_VARARGS | METH_KEYWORDS,
+ "Import wrapped secret key"
+ },
+ {
"import_wrapped_private_key",
- (PyCFunction) P11_Helper_import_wrapped_private_key, METH_VARARGS
- | METH_KEYWORDS, "Import wrapped private key" }, {
- "set_attribute", (PyCFunction) P11_Helper_set_attribute, METH_VARARGS
- | METH_KEYWORDS, "Set attribute" }, { "get_attribute",
- (PyCFunction) P11_Helper_get_attribute, METH_VARARGS | METH_KEYWORDS,
- "Get attribute" }, { NULL } /* Sentinel */
+ (PyCFunction) P11_Helper_import_wrapped_private_key,
+ METH_VARARGS | METH_KEYWORDS,
+ "Import wrapped private key"
+ },
+ {
+ "set_attribute",
+ (PyCFunction) P11_Helper_set_attribute,
+ METH_VARARGS | METH_KEYWORDS,
+ "Set attribute"
+ },
+ {
+ "get_attribute",
+ (PyCFunction) P11_Helper_get_attribute,
+ METH_VARARGS | METH_KEYWORDS,
+ "Get attribute"
+ },
+ {
+ /* Sentinel */
+ NULL
+ }
};
-static PyTypeObject P11_HelperType = { PyObject_HEAD_INIT(NULL) 0, /*ob_size*/
-"_ipap11helper.P11_Helper", /*tp_name*/
-sizeof(P11_Helper), /*tp_basicsize*/
-0, /*tp_itemsize*/
-(destructor) P11_Helper_dealloc, /*tp_dealloc*/
-0, /*tp_print*/
-0, /*tp_getattr*/
-0, /*tp_setattr*/
-0, /*tp_compare*/
-0, /*tp_repr*/
-0, /*tp_as_number*/
-0, /*tp_as_sequence*/
-0, /*tp_as_mapping*/
-0, /*tp_hash */
-0, /*tp_call*/
-0, /*tp_str*/
-0, /*tp_getattro*/
-0, /*tp_setattro*/
-0, /*tp_as_buffer*/
-Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, /*tp_flags*/
-"P11_Helper objects", /* tp_doc */
-0, /* tp_traverse */
-0, /* tp_clear */
-0, /* tp_richcompare */
-0, /* tp_weaklistoffset */
-0, /* tp_iter */
-0, /* tp_iternext */
-P11_Helper_methods, /* tp_methods */
-P11_Helper_members, /* tp_members */
-0, /* tp_getset */
-0, /* tp_base */
-0, /* tp_dict */
-0, /* tp_descr_get */
-0, /* tp_descr_set */
-0, /* tp_dictoffset */
-(initproc) P11_Helper_init, /* tp_init */
-0, /* tp_alloc */
-P11_Helper_new, /* tp_new */
+static PyTypeObject P11_HelperType = {
+ PyObject_HEAD_INIT(NULL) 0, /* ob_size */
+ "_ipap11helper.P11_Helper", /* tp_name */
+ sizeof(P11_Helper), /* tp_basicsize */
+ 0, /* tp_itemsize */
+ (destructor) P11_Helper_dealloc, /* tp_dealloc */
+ 0, /* tp_print */
+ 0, /* tp_getattr */
+ 0, /* tp_setattr */
+ 0, /* tp_compare */
+ 0, /* tp_repr */
+ 0, /* tp_as_number */
+ 0, /* tp_as_sequence */
+ 0, /* tp_as_mapping */
+ 0, /* tp_hash */
+ 0, /* tp_call */
+ 0, /* tp_str */
+ 0, /* tp_getattro */
+ 0, /* tp_setattro */
+ 0, /* tp_as_buffer */
+ Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE, /* tp_flags */
+ "P11_Helper objects", /* tp_doc */
+ 0, /* tp_traverse */
+ 0, /* tp_clear */
+ 0, /* tp_richcompare */
+ 0, /* tp_weaklistoffset */
+ 0, /* tp_iter */
+ 0, /* tp_iternext */
+ P11_Helper_methods, /* tp_methods */
+ P11_Helper_members, /* tp_members */
+ 0, /* tp_getset */
+ 0, /* tp_base */
+ 0, /* tp_dict */
+ 0, /* tp_descr_get */
+ 0, /* tp_descr_set */
+ 0, /* tp_dictoffset */
+ (initproc) P11_Helper_init, /* tp_init */
+ 0, /* tp_alloc */
+ P11_Helper_new, /* tp_new */
};
-static PyMethodDef module_methods[] = { { NULL } /* Sentinel */
+static PyMethodDef module_methods[] = {
+ { NULL } /* Sentinel */
};
-#ifndef PyMODINIT_FUNC /* declarations for DLL import/export */
+#ifndef PyMODINIT_FUNC /* declarations for DLL import/export */
#define PyMODINIT_FUNC void
#endif
PyMODINIT_FUNC init_ipap11helper(void) {
- PyObject* m;
+ PyObject *m;
if (PyType_Ready(&P11_HelperType) < 0)
return;
@@ -1988,7 +2139,7 @@ PyMODINIT_FUNC init_ipap11helper(void) {
* Setting up P11_Helper module
*/
m = Py_InitModule3("_ipap11helper", module_methods,
- "Example module that creates an extension type.");
+ "Example module that creates an extension type.");
if (m == NULL)
return;
@@ -2003,22 +2154,23 @@ PyMODINIT_FUNC init_ipap11helper(void) {
* Setting up P11_Helper Exceptions
*/
ipap11helperException = PyErr_NewException("_ipap11helper.Exception", NULL,
- NULL);
+ NULL);
Py_INCREF(ipap11helperException);
PyModule_AddObject(m, "Exception", ipap11helperException);
ipap11helperError = PyErr_NewException("_ipap11helper.Error",
- ipap11helperException, NULL);
+ ipap11helperException, NULL);
Py_INCREF(ipap11helperError);
PyModule_AddObject(m, "Error", ipap11helperError);
ipap11helperNotFound = PyErr_NewException("_ipap11helper.NotFound",
- ipap11helperException, NULL);
+ ipap11helperException, NULL);
Py_INCREF(ipap11helperNotFound);
PyModule_AddObject(m, "NotFound", ipap11helperNotFound);
- ipap11helperDuplicationError = PyErr_NewException(
- "_ipap11helper.DuplicationError", ipap11helperException, NULL);
+ ipap11helperDuplicationError =
+ PyErr_NewException("_ipap11helper.DuplicationError",
+ ipap11helperException, NULL);
Py_INCREF(ipap11helperDuplicationError);
PyModule_AddObject(m, "DuplicationError", ipap11helperDuplicationError);
@@ -2026,23 +2178,23 @@ PyMODINIT_FUNC init_ipap11helper(void) {
* Setting up module attributes
*/
- /* Key Classes*/
+ /* Key Classes */
PyObject *P11_Helper_CLASS_PUBKEY_obj = PyInt_FromLong(CKO_PUBLIC_KEY);
PyObject_SetAttrString(m, "KEY_CLASS_PUBLIC_KEY",
- P11_Helper_CLASS_PUBKEY_obj);
+ P11_Helper_CLASS_PUBKEY_obj);
Py_XDECREF(P11_Helper_CLASS_PUBKEY_obj);
PyObject *P11_Helper_CLASS_PRIVKEY_obj = PyInt_FromLong(CKO_PRIVATE_KEY);
PyObject_SetAttrString(m, "KEY_CLASS_PRIVATE_KEY",
- P11_Helper_CLASS_PRIVKEY_obj);
+ P11_Helper_CLASS_PRIVKEY_obj);
Py_XDECREF(P11_Helper_CLASS_PRIVKEY_obj);
PyObject *P11_Helper_CLASS_SECRETKEY_obj = PyInt_FromLong(CKO_SECRET_KEY);
PyObject_SetAttrString(m, "KEY_CLASS_SECRET_KEY",
- P11_Helper_CLASS_SECRETKEY_obj);
+ P11_Helper_CLASS_SECRETKEY_obj);
Py_XDECREF(P11_Helper_CLASS_SECRETKEY_obj);
- /* Key types*/
+ /* Key types */
PyObject *P11_Helper_KEY_TYPE_RSA_obj = PyInt_FromLong(CKK_RSA);
PyObject_SetAttrString(m, "KEY_TYPE_RSA", P11_Helper_KEY_TYPE_RSA_obj);
Py_XDECREF(P11_Helper_KEY_TYPE_RSA_obj);
@@ -2051,44 +2203,45 @@ PyMODINIT_FUNC init_ipap11helper(void) {
PyObject_SetAttrString(m, "KEY_TYPE_AES", P11_Helper_KEY_TYPE_AES_obj);
Py_XDECREF(P11_Helper_KEY_TYPE_AES_obj);
- /* Wrapping mech type*/
+ /* Wrapping mech type */
PyObject *P11_Helper_MECH_RSA_PKCS_obj = PyInt_FromLong(CKM_RSA_PKCS);
PyObject_SetAttrString(m, "MECH_RSA_PKCS", P11_Helper_MECH_RSA_PKCS_obj);
Py_XDECREF(P11_Helper_MECH_RSA_PKCS_obj);
- PyObject *P11_Helper_MECH_RSA_PKCS_OAEP_obj = PyInt_FromLong(
- CKM_RSA_PKCS_OAEP);
+ PyObject *P11_Helper_MECH_RSA_PKCS_OAEP_obj =
+ PyInt_FromLong(CKM_RSA_PKCS_OAEP);
PyObject_SetAttrString(m, "MECH_RSA_PKCS_OAEP",
- P11_Helper_MECH_RSA_PKCS_OAEP_obj);
+ P11_Helper_MECH_RSA_PKCS_OAEP_obj);
Py_XDECREF(P11_Helper_MECH_RSA_PKCS_OAEP_obj);
- PyObject *P11_Helper_MECH_AES_KEY_WRAP_obj = PyInt_FromLong(
- CKM_AES_KEY_WRAP);
+ PyObject *P11_Helper_MECH_AES_KEY_WRAP_obj =
+ PyInt_FromLong(CKM_AES_KEY_WRAP);
PyObject_SetAttrString(m, "MECH_AES_KEY_WRAP",
- P11_Helper_MECH_AES_KEY_WRAP_obj);
+ P11_Helper_MECH_AES_KEY_WRAP_obj);
Py_XDECREF(P11_Helper_MECH_AES_KEY_WRAP_obj);
- PyObject *P11_Helper_MECH_AES_KEY_WRAP_PAD_obj = PyInt_FromLong(
- CKM_AES_KEY_WRAP_PAD);
+ PyObject *P11_Helper_MECH_AES_KEY_WRAP_PAD_obj =
+ PyInt_FromLong(CKM_AES_KEY_WRAP_PAD);
PyObject_SetAttrString(m, "MECH_AES_KEY_WRAP_PAD",
- P11_Helper_MECH_AES_KEY_WRAP_PAD_obj);
+ P11_Helper_MECH_AES_KEY_WRAP_PAD_obj);
Py_XDECREF(P11_Helper_MECH_AES_KEY_WRAP_PAD_obj);
/* Key attributes */
- PyObject *P11_Helper_ATTR_CKA_ALWAYS_AUTHENTICATE_obj = PyInt_FromLong(
- CKA_ALWAYS_AUTHENTICATE);
+ PyObject *P11_Helper_ATTR_CKA_ALWAYS_AUTHENTICATE_obj =
+ PyInt_FromLong(CKA_ALWAYS_AUTHENTICATE);
PyObject_SetAttrString(m, "CKA_ALWAYS_AUTHENTICATE",
- P11_Helper_ATTR_CKA_ALWAYS_AUTHENTICATE_obj);
+ P11_Helper_ATTR_CKA_ALWAYS_AUTHENTICATE_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_ALWAYS_AUTHENTICATE_obj);
- PyObject *P11_Helper_ATTR_CKA_ALWAYS_SENSITIVE_obj = PyInt_FromLong(
- CKA_ALWAYS_SENSITIVE);
+ PyObject *P11_Helper_ATTR_CKA_ALWAYS_SENSITIVE_obj =
+ PyInt_FromLong(CKA_ALWAYS_SENSITIVE);
PyObject_SetAttrString(m, "CKA_ALWAYS_SENSITIVE",
- P11_Helper_ATTR_CKA_ALWAYS_SENSITIVE_obj);
+ P11_Helper_ATTR_CKA_ALWAYS_SENSITIVE_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_ALWAYS_SENSITIVE_obj);
PyObject *P11_Helper_ATTR_CKA_COPYABLE_obj = PyInt_FromLong(CKA_COPYABLE);
- PyObject_SetAttrString(m, "CKA_COPYABLE", P11_Helper_ATTR_CKA_COPYABLE_obj);
+ PyObject_SetAttrString(m, "CKA_COPYABLE",
+ P11_Helper_ATTR_CKA_COPYABLE_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_COPYABLE_obj);
PyObject *P11_Helper_ATTR_CKA_DECRYPT_obj = PyInt_FromLong(CKA_DECRYPT);
@@ -2103,10 +2256,10 @@ PyMODINIT_FUNC init_ipap11helper(void) {
PyObject_SetAttrString(m, "CKA_ENCRYPT", P11_Helper_ATTR_CKA_ENCRYPT_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_ENCRYPT_obj);
- PyObject *P11_Helper_ATTR_CKA_EXTRACTABLE_obj = PyInt_FromLong(
- CKA_EXTRACTABLE);
+ PyObject *P11_Helper_ATTR_CKA_EXTRACTABLE_obj =
+ PyInt_FromLong(CKA_EXTRACTABLE);
PyObject_SetAttrString(m, "CKA_EXTRACTABLE",
- P11_Helper_ATTR_CKA_EXTRACTABLE_obj);
+ P11_Helper_ATTR_CKA_EXTRACTABLE_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_EXTRACTABLE_obj);
PyObject *P11_Helper_ATTR_CKA_ID_obj = PyInt_FromLong(CKA_ID);
@@ -2114,27 +2267,28 @@ PyMODINIT_FUNC init_ipap11helper(void) {
Py_XDECREF(P11_Helper_ATTR_CKA_ID_obj);
PyObject *P11_Helper_ATTR_CKA_KEY_TYPE_obj = PyInt_FromLong(CKA_KEY_TYPE);
- PyObject_SetAttrString(m, "CKA_KEY_TYPE", P11_Helper_ATTR_CKA_KEY_TYPE_obj);
+ PyObject_SetAttrString(m, "CKA_KEY_TYPE",
+ P11_Helper_ATTR_CKA_KEY_TYPE_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_KEY_TYPE_obj);
PyObject *P11_Helper_ATTR_CKA_LOCAL_obj = PyInt_FromLong(CKA_LOCAL);
PyObject_SetAttrString(m, "CKA_LOCAL", P11_Helper_ATTR_CKA_LOCAL_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_LOCAL_obj);
- PyObject *P11_Helper_ATTR_CKA_MODIFIABLE_obj = PyInt_FromLong(
- CKA_MODIFIABLE);
+ PyObject *P11_Helper_ATTR_CKA_MODIFIABLE_obj =
+ PyInt_FromLong(CKA_MODIFIABLE);
PyObject_SetAttrString(m, "CKA_MODIFIABLE",
- P11_Helper_ATTR_CKA_MODIFIABLE_obj);
+ P11_Helper_ATTR_CKA_MODIFIABLE_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_MODIFIABLE_obj);
PyObject *P11_Helper_ATTR_CKA_MODULUS_obj = PyInt_FromLong(CKA_MODULUS);
PyObject_SetAttrString(m, "CKA_MODULUS", P11_Helper_ATTR_CKA_MODULUS_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_MODULUS_obj);
- PyObject *P11_Helper_ATTR_CKA_NEVER_EXTRACTABLE_obj = PyInt_FromLong(
- CKA_NEVER_EXTRACTABLE);
+ PyObject *P11_Helper_ATTR_CKA_NEVER_EXTRACTABLE_obj =
+ PyInt_FromLong(CKA_NEVER_EXTRACTABLE);
PyObject_SetAttrString(m, "CKA_NEVER_EXTRACTABLE",
- P11_Helper_ATTR_CKA_NEVER_EXTRACTABLE_obj);
+ P11_Helper_ATTR_CKA_NEVER_EXTRACTABLE_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_NEVER_EXTRACTABLE_obj);
PyObject *P11_Helper_ATTR_CKA_PRIVATE_obj = PyInt_FromLong(CKA_PRIVATE);
@@ -2142,24 +2296,25 @@ PyMODINIT_FUNC init_ipap11helper(void) {
Py_XDECREF(P11_Helper_ATTR_CKA_PRIVATE_obj);
PyObject *P11_Helper_ATTR_CKA_PUBLIC_EXPONENT_obj
- = PyInt_FromLong(CKA_PUBLIC_EXPONENT);
+ = PyInt_FromLong(CKA_PUBLIC_EXPONENT);
PyObject_SetAttrString(m, "CKA_PUBLIC_EXPONENT",
- P11_Helper_ATTR_CKA_PUBLIC_EXPONENT_obj);
+ P11_Helper_ATTR_CKA_PUBLIC_EXPONENT_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_PUBLIC_EXPONENT_obj);
- PyObject *P11_Helper_ATTR_CKA_SENSITIVE_obj = PyInt_FromLong(CKA_SENSITIVE);
+ PyObject *P11_Helper_ATTR_CKA_SENSITIVE_obj =
+ PyInt_FromLong(CKA_SENSITIVE);
PyObject_SetAttrString(m, "CKA_SENSITIVE",
- P11_Helper_ATTR_CKA_SENSITIVE_obj);
+ P11_Helper_ATTR_CKA_SENSITIVE_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_SENSITIVE_obj);
PyObject *P11_Helper_ATTR_CKA_SIGN_obj = PyInt_FromLong(CKA_SIGN);
PyObject_SetAttrString(m, "CKA_SIGN", P11_Helper_ATTR_CKA_SIGN_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_SIGN_obj);
- PyObject *P11_Helper_ATTR_CKA_SIGN_RECOVER_obj = PyInt_FromLong(
- CKA_SIGN_RECOVER);
+ PyObject *P11_Helper_ATTR_CKA_SIGN_RECOVER_obj =
+ PyInt_FromLong(CKA_SIGN_RECOVER);
PyObject_SetAttrString(m, "CKA_SIGN_RECOVER",
- P11_Helper_ATTR_CKA_SIGN_RECOVER_obj);
+ P11_Helper_ATTR_CKA_SIGN_RECOVER_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_SIGN_RECOVER_obj);
PyObject *P11_Helper_ATTR_CKA_TRUSTED_obj = PyInt_FromLong(CKA_TRUSTED);
@@ -2170,10 +2325,10 @@ PyMODINIT_FUNC init_ipap11helper(void) {
PyObject_SetAttrString(m, "CKA_VERIFY", P11_Helper_ATTR_CKA_VERIFY_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_VERIFY_obj);
- PyObject *P11_Helper_ATTR_CKA_VERIFY_RECOVER_obj = PyInt_FromLong(
- CKA_VERIFY_RECOVER);
+ PyObject *P11_Helper_ATTR_CKA_VERIFY_RECOVER_obj =
+ PyInt_FromLong(CKA_VERIFY_RECOVER);
PyObject_SetAttrString(m, "CKA_VERIFY_RECOVER",
- P11_Helper_ATTR_CKA_VERIFY_RECOVER_obj);
+ P11_Helper_ATTR_CKA_VERIFY_RECOVER_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_VERIFY_RECOVER_obj);
PyObject *P11_Helper_ATTR_CKA_UNWRAP_obj = PyInt_FromLong(CKA_UNWRAP);
@@ -2184,10 +2339,10 @@ PyMODINIT_FUNC init_ipap11helper(void) {
PyObject_SetAttrString(m, "CKA_WRAP", P11_Helper_ATTR_CKA_WRAP_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_WRAP_obj);
- PyObject *P11_Helper_ATTR_CKA_WRAP_WITH_TRUSTED_obj = PyInt_FromLong(
- CKA_WRAP_WITH_TRUSTED);
+ PyObject *P11_Helper_ATTR_CKA_WRAP_WITH_TRUSTED_obj =
+ PyInt_FromLong(CKA_WRAP_WITH_TRUSTED);
PyObject_SetAttrString(m, "CKA_WRAP_WITH_TRUSTED",
- P11_Helper_ATTR_CKA_WRAP_WITH_TRUSTED_obj);
+ P11_Helper_ATTR_CKA_WRAP_WITH_TRUSTED_obj);
Py_XDECREF(P11_Helper_ATTR_CKA_WRAP_WITH_TRUSTED_obj);
PyObject *P11_Helper_ATTR_CKA_TOKEN_obj = PyInt_FromLong(CKA_TOKEN);
generated by cgit (git 2.34.1) at 2024-11-06 17:20:55 +0000