From 9b35715fa135516c160a9d10ed563ffa088b5725 Mon Sep 17 00:00:00 2001 From: Elise Chouleur Date: Fri, 25 Oct 2024 10:55:12 +0200 Subject: [PATCH 1/4] Modify Pkcs11::new to be able to load an external library OR self Signed-off-by: Elise Chouleur --- cryptoki/src/context/mod.rs | 23 +++++++++++++++++++--- cryptoki/src/context/session_management.rs | 6 +++--- cryptoki/src/session/object_management.rs | 18 ++++++++--------- cryptoki/tests/common.rs | 6 +++--- 4 files changed, 35 insertions(+), 18 deletions(-) diff --git a/cryptoki/src/context/mod.rs b/cryptoki/src/context/mod.rs index 4d526053..334e085e 100644 --- a/cryptoki/src/context/mod.rs +++ b/cryptoki/src/context/mod.rs @@ -85,15 +85,32 @@ pub struct Pkcs11 { initialized: Arc>, } +#[derive(Debug)] +/// Type of library to load in the instantiation of a new Pkcs11 context. +pub enum LibLoadingType> { + /// Load current executable, the PKCS11 implementation is contained in the current executable + OpenSelf, + /// Open dynamic library specify in input + Open(P), +} + impl Pkcs11 { /// Instantiate a new context from the path of a PKCS11 dynamic library implementation. - pub fn new

(filename: P) -> Result + pub fn new

(filename: LibLoadingType

) -> Result where P: AsRef, { unsafe { - let pkcs11_lib = - cryptoki_sys::Pkcs11::new(filename.as_ref()).map_err(Error::LibraryLoading)?; + let pkcs11_lib = match filename { + LibLoadingType::OpenSelf => { + #[cfg(not(windows))] + let this_lib = libloading::os::unix::Library::this(); + #[cfg(windows)] + let this_lib = libloading::os::windows::Library::this(); + cryptoki_sys::Pkcs11::from_library(this_lib)? + } + LibLoadingType::Open(filename) => cryptoki_sys::Pkcs11::new(filename.as_ref()).map_err(Error::LibraryLoading)? + }; let mut list = mem::MaybeUninit::uninit(); Rv::from(pkcs11_lib.C_GetFunctionList(list.as_mut_ptr())) diff --git a/cryptoki/src/context/session_management.rs b/cryptoki/src/context/session_management.rs index ee393039..6097d796 100644 --- a/cryptoki/src/context/session_management.rs +++ b/cryptoki/src/context/session_management.rs @@ -47,12 +47,12 @@ impl Pkcs11 { /// ```rust /// # fn main() -> testresult::TestResult { /// use cryptoki::session::Session; - /// use cryptoki::context::Pkcs11; + /// use cryptoki::context::{LibLoadingType, Pkcs11}; /// - /// let mut client = Pkcs11::new( + /// let mut client = Pkcs11::new(LibLoadingType::Open( /// std::env::var("PKCS11_SOFTHSM2_MODULE") /// .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()), - /// )?; + /// ))?; /// client.initialize(cryptoki::context::CInitializeArgs::OsThreads)?; /// /// // Use the first slot diff --git a/cryptoki/src/session/object_management.rs b/cryptoki/src/session/object_management.rs index 9c56eca4..b74ae9fc 100644 --- a/cryptoki/src/session/object_management.rs +++ b/cryptoki/src/session/object_management.rs @@ -29,7 +29,7 @@ const MAX_OBJECT_COUNT: NonZeroUsize = unsafe { NonZeroUsize::new_unchecked(10) /// /// ```no_run /// use cryptoki::context::CInitializeArgs; -/// use cryptoki::context::Pkcs11; +/// use cryptoki::context::{Pkcs11, LibLoadingType}; /// use cryptoki::error::Error; /// use cryptoki::object::Attribute; /// use cryptoki::object::AttributeType; @@ -38,10 +38,10 @@ const MAX_OBJECT_COUNT: NonZeroUsize = unsafe { NonZeroUsize::new_unchecked(10) /// use std::env; /// /// # fn main() -> testresult::TestResult { -/// # let pkcs11 = Pkcs11::new( +/// # let pkcs11 = Pkcs11::new(LibLoadingType::Open( /// # env::var("PKCS11_SOFTHSM2_MODULE") /// # .unwrap_or_else(|_| "/usr/local/lib/libsofthsm2.so".to_string()), -/// # )?; +/// # ))?; /// # /// # pkcs11.initialize(CInitializeArgs::OsThreads)?; /// # let slot = pkcs11.get_slots_with_token()?.remove(0); @@ -278,13 +278,13 @@ impl Session { /// ```rust /// # fn main() -> testresult::TestResult { /// # use cryptoki::session::Session; - /// # use cryptoki::context::Pkcs11; + /// # use cryptoki::context::{LibLoadingType, Pkcs11}; /// # use cryptoki::object::{Attribute, AttributeType, CertificateType, ObjectClass, ObjectHandle}; /// # - /// # let mut client = Pkcs11::new( + /// # let mut client = Pkcs11::new(LibLoadingType::Open( /// # std::env::var("PKCS11_SOFTHSM2_MODULE") /// # .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()), - /// # )?; + /// # ))?; /// # client.initialize(cryptoki::context::CInitializeArgs::OsThreads)?; /// # /// # // Use the first slot @@ -392,7 +392,7 @@ impl Session { /// types. If you wish, you may create a hash table simply by: /// /// ```no_run - /// use cryptoki::context::Pkcs11; + /// use cryptoki::context::{LibLoadingType, Pkcs11}; /// use cryptoki::context::CInitializeArgs; /// use cryptoki::object::AttributeType; /// use cryptoki::session::UserType; @@ -400,10 +400,10 @@ impl Session { /// use std::collections::HashMap; /// use std::env; /// - /// let mut pkcs11 = Pkcs11::new( + /// let mut pkcs11 = Pkcs11::new(LibLoadingType::Open( /// env::var("PKCS11_SOFTHSM2_MODULE") /// .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()), - /// ) + /// )) /// .unwrap(); /// /// pkcs11.initialize(CInitializeArgs::OsThreads).unwrap(); diff --git a/cryptoki/tests/common.rs b/cryptoki/tests/common.rs index 95e4202d..4326430e 100644 --- a/cryptoki/tests/common.rs +++ b/cryptoki/tests/common.rs @@ -1,6 +1,6 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 -use cryptoki::context::{CInitializeArgs, Pkcs11}; +use cryptoki::context::{CInitializeArgs, LibLoadingType, Pkcs11}; use cryptoki::session::UserType; use cryptoki::slot::Slot; use cryptoki::types::AuthPin; @@ -12,10 +12,10 @@ pub static USER_PIN: &str = "fedcba"; pub static SO_PIN: &str = "abcdef"; pub fn get_pkcs11() -> Pkcs11 { - Pkcs11::new( + Pkcs11::new(LibLoadingType::Open( env::var("PKCS11_SOFTHSM2_MODULE") .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()), - ) + )) .unwrap() } From 0697c1b65de0f815c4d4d90e0ff970a0f62689ba Mon Sep 17 00:00:00 2001 From: Elise Chouleur Date: Fri, 25 Oct 2024 19:36:48 +0200 Subject: [PATCH 2/4] Rather use another new function than changing new input Signed-off-by: Elise Chouleur --- cryptoki/src/context/mod.rs | 67 +++++++++++----------- cryptoki/src/context/session_management.rs | 4 +- cryptoki/src/session/object_management.rs | 12 ++-- cryptoki/tests/common.rs | 6 +- 4 files changed, 44 insertions(+), 45 deletions(-) diff --git a/cryptoki/src/context/mod.rs b/cryptoki/src/context/mod.rs index 334e085e..673c34b6 100644 --- a/cryptoki/src/context/mod.rs +++ b/cryptoki/src/context/mod.rs @@ -85,49 +85,48 @@ pub struct Pkcs11 { initialized: Arc>, } -#[derive(Debug)] -/// Type of library to load in the instantiation of a new Pkcs11 context. -pub enum LibLoadingType> { - /// Load current executable, the PKCS11 implementation is contained in the current executable - OpenSelf, - /// Open dynamic library specify in input - Open(P), -} - impl Pkcs11 { /// Instantiate a new context from the path of a PKCS11 dynamic library implementation. - pub fn new

(filename: LibLoadingType

) -> Result + pub fn new

(filename: P) -> Result where P: AsRef, { unsafe { - let pkcs11_lib = match filename { - LibLoadingType::OpenSelf => { - #[cfg(not(windows))] - let this_lib = libloading::os::unix::Library::this(); - #[cfg(windows)] - let this_lib = libloading::os::windows::Library::this(); - cryptoki_sys::Pkcs11::from_library(this_lib)? - } - LibLoadingType::Open(filename) => cryptoki_sys::Pkcs11::new(filename.as_ref()).map_err(Error::LibraryLoading)? - }; - let mut list = mem::MaybeUninit::uninit(); - - Rv::from(pkcs11_lib.C_GetFunctionList(list.as_mut_ptr())) - .into_result(Function::GetFunctionList)?; - - let list_ptr = *list.as_ptr(); - - Ok(Pkcs11 { - impl_: Arc::new(Pkcs11Impl { - _pkcs11_lib: pkcs11_lib, - function_list: *list_ptr, - }), - initialized: Arc::new(RwLock::new(false)), - }) + let pkcs11_lib = + cryptoki_sys::Pkcs11::new(filename.as_ref()).map_err(Error::LibraryLoading)?; + Self::_new(pkcs11_lib) + } + } + + /// Instantiate a new context from current executable, the PKCS11 implementation is contained in the current executable + pub fn new_from_self() -> Result { + unsafe { + #[cfg(not(windows))] + let this_lib = libloading::os::unix::Library::this(); + #[cfg(windows)] + let this_lib = libloading::os::windows::Library::this(); + let pkcs11_lib = cryptoki_sys::Pkcs11::from_library(this_lib)?; + Self::_new(pkcs11_lib) } } + unsafe fn _new(pkcs11_lib: cryptoki_sys::Pkcs11) -> Result { + let mut list = mem::MaybeUninit::uninit(); + + Rv::from(pkcs11_lib.C_GetFunctionList(list.as_mut_ptr())) + .into_result(Function::GetFunctionList)?; + + let list_ptr = *list.as_ptr(); + + Ok(Pkcs11 { + impl_: Arc::new(Pkcs11Impl { + _pkcs11_lib: pkcs11_lib, + function_list: *list_ptr, + }), + initialized: Arc::new(RwLock::new(false)), + }) + } + /// Initialize the PKCS11 library pub fn initialize(&self, init_args: CInitializeArgs) -> Result<()> { let mut init_lock = self diff --git a/cryptoki/src/context/session_management.rs b/cryptoki/src/context/session_management.rs index 6097d796..80cc09c2 100644 --- a/cryptoki/src/context/session_management.rs +++ b/cryptoki/src/context/session_management.rs @@ -49,10 +49,10 @@ impl Pkcs11 { /// use cryptoki::session::Session; /// use cryptoki::context::{LibLoadingType, Pkcs11}; /// - /// let mut client = Pkcs11::new(LibLoadingType::Open( + /// let mut client = Pkcs11::new( /// std::env::var("PKCS11_SOFTHSM2_MODULE") /// .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()), - /// ))?; + /// )?; /// client.initialize(cryptoki::context::CInitializeArgs::OsThreads)?; /// /// // Use the first slot diff --git a/cryptoki/src/session/object_management.rs b/cryptoki/src/session/object_management.rs index b74ae9fc..f46afaf2 100644 --- a/cryptoki/src/session/object_management.rs +++ b/cryptoki/src/session/object_management.rs @@ -38,10 +38,10 @@ const MAX_OBJECT_COUNT: NonZeroUsize = unsafe { NonZeroUsize::new_unchecked(10) /// use std::env; /// /// # fn main() -> testresult::TestResult { -/// # let pkcs11 = Pkcs11::new(LibLoadingType::Open( +/// # let pkcs11 = Pkcs11::new( /// # env::var("PKCS11_SOFTHSM2_MODULE") /// # .unwrap_or_else(|_| "/usr/local/lib/libsofthsm2.so".to_string()), -/// # ))?; +/// # )?; /// # /// # pkcs11.initialize(CInitializeArgs::OsThreads)?; /// # let slot = pkcs11.get_slots_with_token()?.remove(0); @@ -281,10 +281,10 @@ impl Session { /// # use cryptoki::context::{LibLoadingType, Pkcs11}; /// # use cryptoki::object::{Attribute, AttributeType, CertificateType, ObjectClass, ObjectHandle}; /// # - /// # let mut client = Pkcs11::new(LibLoadingType::Open( + /// # let mut client = Pkcs11::new( /// # std::env::var("PKCS11_SOFTHSM2_MODULE") /// # .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()), - /// # ))?; + /// # )?; /// # client.initialize(cryptoki::context::CInitializeArgs::OsThreads)?; /// # /// # // Use the first slot @@ -400,10 +400,10 @@ impl Session { /// use std::collections::HashMap; /// use std::env; /// - /// let mut pkcs11 = Pkcs11::new(LibLoadingType::Open( + /// let mut pkcs11 = Pkcs11::new( /// env::var("PKCS11_SOFTHSM2_MODULE") /// .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()), - /// )) + /// ) /// .unwrap(); /// /// pkcs11.initialize(CInitializeArgs::OsThreads).unwrap(); diff --git a/cryptoki/tests/common.rs b/cryptoki/tests/common.rs index 4326430e..95e4202d 100644 --- a/cryptoki/tests/common.rs +++ b/cryptoki/tests/common.rs @@ -1,6 +1,6 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 -use cryptoki::context::{CInitializeArgs, LibLoadingType, Pkcs11}; +use cryptoki::context::{CInitializeArgs, Pkcs11}; use cryptoki::session::UserType; use cryptoki::slot::Slot; use cryptoki::types::AuthPin; @@ -12,10 +12,10 @@ pub static USER_PIN: &str = "fedcba"; pub static SO_PIN: &str = "abcdef"; pub fn get_pkcs11() -> Pkcs11 { - Pkcs11::new(LibLoadingType::Open( + Pkcs11::new( env::var("PKCS11_SOFTHSM2_MODULE") .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()), - )) + ) .unwrap() } From 1e65dd31010374050dd18c8798c5a893c8f63228 Mon Sep 17 00:00:00 2001 From: Elise Chouleur Date: Fri, 25 Oct 2024 19:45:44 +0200 Subject: [PATCH 3/4] forget to remove some inclusions in examples Signed-off-by: Elise Chouleur --- cryptoki/src/context/session_management.rs | 2 +- cryptoki/src/session/object_management.rs | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cryptoki/src/context/session_management.rs b/cryptoki/src/context/session_management.rs index 80cc09c2..ee393039 100644 --- a/cryptoki/src/context/session_management.rs +++ b/cryptoki/src/context/session_management.rs @@ -47,7 +47,7 @@ impl Pkcs11 { /// ```rust /// # fn main() -> testresult::TestResult { /// use cryptoki::session::Session; - /// use cryptoki::context::{LibLoadingType, Pkcs11}; + /// use cryptoki::context::Pkcs11; /// /// let mut client = Pkcs11::new( /// std::env::var("PKCS11_SOFTHSM2_MODULE") diff --git a/cryptoki/src/session/object_management.rs b/cryptoki/src/session/object_management.rs index f46afaf2..9c56eca4 100644 --- a/cryptoki/src/session/object_management.rs +++ b/cryptoki/src/session/object_management.rs @@ -29,7 +29,7 @@ const MAX_OBJECT_COUNT: NonZeroUsize = unsafe { NonZeroUsize::new_unchecked(10) /// /// ```no_run /// use cryptoki::context::CInitializeArgs; -/// use cryptoki::context::{Pkcs11, LibLoadingType}; +/// use cryptoki::context::Pkcs11; /// use cryptoki::error::Error; /// use cryptoki::object::Attribute; /// use cryptoki::object::AttributeType; @@ -278,7 +278,7 @@ impl Session { /// ```rust /// # fn main() -> testresult::TestResult { /// # use cryptoki::session::Session; - /// # use cryptoki::context::{LibLoadingType, Pkcs11}; + /// # use cryptoki::context::Pkcs11; /// # use cryptoki::object::{Attribute, AttributeType, CertificateType, ObjectClass, ObjectHandle}; /// # /// # let mut client = Pkcs11::new( @@ -392,7 +392,7 @@ impl Session { /// types. If you wish, you may create a hash table simply by: /// /// ```no_run - /// use cryptoki::context::{LibLoadingType, Pkcs11}; + /// use cryptoki::context::Pkcs11; /// use cryptoki::context::CInitializeArgs; /// use cryptoki::object::AttributeType; /// use cryptoki::session::UserType; From a8e8498de9d4fd94a6f147c7d17810dfa0fcc060 Mon Sep 17 00:00:00 2001 From: Elise Chouleur Date: Sat, 26 Oct 2024 00:47:15 +0200 Subject: [PATCH 4/4] forgot windows returns Signed-off-by: Elise Chouleur --- cryptoki/src/context/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cryptoki/src/context/mod.rs b/cryptoki/src/context/mod.rs index 673c34b6..60f4681a 100644 --- a/cryptoki/src/context/mod.rs +++ b/cryptoki/src/context/mod.rs @@ -104,7 +104,7 @@ impl Pkcs11 { #[cfg(not(windows))] let this_lib = libloading::os::unix::Library::this(); #[cfg(windows)] - let this_lib = libloading::os::windows::Library::this(); + let this_lib = libloading::os::windows::Library::this()?; let pkcs11_lib = cryptoki_sys::Pkcs11::from_library(this_lib)?; Self::_new(pkcs11_lib) }