To make use of the library in a real product and to properly test functions a implementation of a token in pure software is included. It uses the OpenSSL crypto routines as a backend.
Currently ist supports the following Mechanisms:
CKM_RSA_PKCS_KEY_PAIR_GEN CKM_RSA_PKCS CKM_RSA_X_509 CKM_SHA_1 CKM_MD5 CKM_MD2 CKM_DSA_KEY_PAIR_GEN CKM_DSA CKM_RC4_KEY_GEN CKM_RC2_KEY_GEN CKM_DES_KEY_GEN CKM_DES3_KEY_GEN CKM_IDEA_KEY_GEN CKM_SSL3_PRE_MASTER_KEY_GEN CKM_SSL3_MASTER_KEY_DERIVE CKM_SSL3_KEY_AND_MAC_DERIVE CKM_SSL3_MD5_MAC CKM_SSL3_SHA1_MAC CKM_RC2_ECB CKM_RC2_CBC CKM_RC4 CKM_DES_ECB CKM_DES_CBC CKM_IDEA_ECB CKM_IDEA_CBC CKM_DES3_ECB CKM_DES3_CBC
It also contains a persistent storage to hold keys and certificates.
Only the central structures are listed here to aid in understanding how the whole gpkcs11 internal interface works. There are additional structrures to hold the state of cryptographic functions that are defined in ceay_token.h.
CK_I_CEAY_IMPL_DATA Structure
typedef struct CK_I_CEAY_IMPL_DATA {
CK_I_HASHTABLE_PTR persistent_cache;
CK_I_HASHTABLE_PTR session_list;
CK_ULONG user_trial_count;
CK_ULONG so_trial_count;
} CK_I_CEAY_IMPL_DATA;
persistent_cache;
session_list;
user_trial_count;
so_trial_count;
CK_I_CEAY_SESS_IMPL_DATA Structure
typedef struct CK_I_CEAY_SESS_IMPL_DATA
{
CK_CHAR_PTR so_pin;
CK_ULONG so_pin_len;
CK_CHAR_PTR user_pin;
CK_ULONG user_pin_len;
} CK_I_CEAY_SESS_IMPL_DATA;
so_pin
so_pin_len
user_pin
user_pin_len
Go to the first, previous, next, last section, table of contents.