pkcs11helpers

package

v0.0.0-...-0e5e1e9 Latest Latest Go to latest Published: Dec 18, 2024 License: MPL-2.0 Imports: 10 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/letsencrypt/boulder

Documentation ¶

Index ¶

Constants
Variables
func NewSessionWithMock() (*Session, *MockCtx)
type MockCtx
- func NewMock() *MockCtx
type PKCtx
type Session
- func Initialize(module string, slot uint, pin string) (*Session, error)

Constants ¶

View Source

const (
	RSAKey keyType = iota
	ECDSAKey
)

Variables ¶

View Source

var ErrNoObject = errors.New("no objects found matching provided template")

Functions ¶

func NewSessionWithMock ¶

func NewSessionWithMock() (*Session, *MockCtx)

Types ¶

type MockCtx ¶

type MockCtx struct {
	GenerateKeyPairFunc   func(pkcs11.SessionHandle, []*pkcs11.Mechanism, []*pkcs11.Attribute, []*pkcs11.Attribute) (pkcs11.ObjectHandle, pkcs11.ObjectHandle, error)
	GetAttributeValueFunc func(pkcs11.SessionHandle, pkcs11.ObjectHandle, []*pkcs11.Attribute) ([]*pkcs11.Attribute, error)
	SignInitFunc          func(pkcs11.SessionHandle, []*pkcs11.Mechanism, pkcs11.ObjectHandle) error
	SignFunc              func(pkcs11.SessionHandle, []byte) ([]byte, error)
	GenerateRandomFunc    func(pkcs11.SessionHandle, int) ([]byte, error)
	FindObjectsInitFunc   func(sh pkcs11.SessionHandle, temp []*pkcs11.Attribute) error
	FindObjectsFunc       func(sh pkcs11.SessionHandle, max int) ([]pkcs11.ObjectHandle, bool, error)
	FindObjectsFinalFunc  func(sh pkcs11.SessionHandle) error
}

func NewMock ¶

func NewMock() *MockCtx

func (MockCtx) FindObjects ¶

func (mc MockCtx) FindObjects(sh pkcs11.SessionHandle, max int) ([]pkcs11.ObjectHandle, bool, error)

func (MockCtx) FindObjectsFinal ¶

func (mc MockCtx) FindObjectsFinal(sh pkcs11.SessionHandle) error

func (MockCtx) FindObjectsInit ¶

func (mc MockCtx) FindObjectsInit(sh pkcs11.SessionHandle, temp []*pkcs11.Attribute) error

func (MockCtx) GenerateKeyPair ¶

func (mc MockCtx) GenerateKeyPair(s pkcs11.SessionHandle, m []*pkcs11.Mechanism, a1 []*pkcs11.Attribute, a2 []*pkcs11.Attribute) (pkcs11.ObjectHandle, pkcs11.ObjectHandle, error)

func (MockCtx) GenerateRandom ¶

func (mc MockCtx) GenerateRandom(s pkcs11.SessionHandle, c int) ([]byte, error)

func (MockCtx) GetAttributeValue ¶

func (mc MockCtx) GetAttributeValue(s pkcs11.SessionHandle, o pkcs11.ObjectHandle, a []*pkcs11.Attribute) ([]*pkcs11.Attribute, error)

func (MockCtx) Sign ¶

func (mc MockCtx) Sign(s pkcs11.SessionHandle, m []byte) ([]byte, error)

func (MockCtx) SignInit ¶

func (mc MockCtx) SignInit(s pkcs11.SessionHandle, m []*pkcs11.Mechanism, o pkcs11.ObjectHandle) error

type PKCtx ¶

type PKCtx interface {
	GenerateKeyPair(pkcs11.SessionHandle, []*pkcs11.Mechanism, []*pkcs11.Attribute, []*pkcs11.Attribute) (pkcs11.ObjectHandle, pkcs11.ObjectHandle, error)
	GetAttributeValue(pkcs11.SessionHandle, pkcs11.ObjectHandle, []*pkcs11.Attribute) ([]*pkcs11.Attribute, error)
	SignInit(pkcs11.SessionHandle, []*pkcs11.Mechanism, pkcs11.ObjectHandle) error
	Sign(pkcs11.SessionHandle, []byte) ([]byte, error)
	GenerateRandom(pkcs11.SessionHandle, int) ([]byte, error)
	FindObjectsInit(sh pkcs11.SessionHandle, temp []*pkcs11.Attribute) error
	FindObjects(sh pkcs11.SessionHandle, max int) ([]pkcs11.ObjectHandle, bool, error)
	FindObjectsFinal(sh pkcs11.SessionHandle) error
}

type Session ¶

type Session struct {
	Module  PKCtx
	Session pkcs11.SessionHandle
}

Session represents a session with a given PKCS#11 module. It is not safe for concurrent access.

func Initialize ¶

func Initialize(module string, slot uint, pin string) (*Session, error)

func (*Session) FindObject ¶

func (s *Session) FindObject(tmpl []*pkcs11.Attribute) (pkcs11.ObjectHandle, error)

FindObject looks up a PKCS#11 object handle based on the provided template. In the case where zero or more than one objects are found to match the template an error is returned.

func (*Session) GenerateKeyPair ¶

func (s *Session) GenerateKeyPair(m []*pkcs11.Mechanism, pubAttrs []*pkcs11.Attribute, privAttrs []*pkcs11.Attribute) (pkcs11.ObjectHandle, pkcs11.ObjectHandle, error)

func (*Session) GetAttributeValue ¶

func (s *Session) GetAttributeValue(object pkcs11.ObjectHandle, attributes []*pkcs11.Attribute) ([]*pkcs11.Attribute, error)

func (*Session) GetECDSAPublicKey ¶

func (s *Session) GetECDSAPublicKey(object pkcs11.ObjectHandle) (*ecdsa.PublicKey, error)

func (*Session) GetRSAPublicKey ¶

func (s *Session) GetRSAPublicKey(object pkcs11.ObjectHandle) (*rsa.PublicKey, error)

func (*Session) NewSigner ¶

func (s *Session) NewSigner(label string, publicKey crypto.PublicKey) (crypto.Signer, error)

NewSigner constructs an x509Signer for the private key object associated with the given label and public key.

func (*Session) Sign ¶

func (s *Session) Sign(object pkcs11.ObjectHandle, keyType keyType, digest []byte, hash crypto.Hash) ([]byte, error)

Source Files ¶

View all Source files

helpers.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL