diff options
Diffstat (limited to 'src/Common/SecurityToken.cpp')
| -rw-r--r-- | src/Common/SecurityToken.cpp | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/Common/SecurityToken.cpp b/src/Common/SecurityToken.cpp index ad8ed33e..2a8222e6 100644 --- a/src/Common/SecurityToken.cpp +++ b/src/Common/SecurityToken.cpp @@ -96,171 +96,171 @@ namespace VeraCrypt Initialized = false; } } void SecurityToken::CloseAllSessions() throw () { if (!Initialized) return; typedef pair <CK_SLOT_ID, Pkcs11Session> SessionMapPair; foreach(SessionMapPair p, Sessions) { try { CloseSession(p.first); } catch (...) {} } } void SecurityToken::CloseSession(CK_SLOT_ID slotId) { if (Sessions.find(slotId) == Sessions.end()) throw ParameterIncorrect(SRC_POS); Pkcs11Functions->C_CloseSession(Sessions[slotId].Handle); Sessions.erase(Sessions.find(slotId)); } - void SecurityToken::CreateKeyfile(CK_SLOT_ID slotId, vector <byte>& keyfileData, const string& name) + void SecurityToken::CreateKeyfile(CK_SLOT_ID slotId, vector <uint8>& keyfileData, const string& name) { if (name.empty()) throw ParameterIncorrect(SRC_POS); LoginUserIfRequired(slotId); foreach(const SecurityTokenKeyfile & keyfile, GetAvailableKeyfiles(&slotId)) { if (keyfile.IdUtf8 == name) throw SecurityTokenKeyfileAlreadyExists(); } CK_OBJECT_CLASS dataClass = CKO_DATA; CK_BBOOL trueVal = CK_TRUE; CK_ATTRIBUTE keyfileTemplate[] = { { CKA_CLASS, &dataClass, sizeof(dataClass) }, { CKA_TOKEN, &trueVal, sizeof(trueVal) }, { CKA_PRIVATE, &trueVal, sizeof(trueVal) }, { CKA_LABEL, (CK_UTF8CHAR*)name.c_str(), (CK_ULONG)name.size() }, { CKA_VALUE, &keyfileData.front(), (CK_ULONG)keyfileData.size() } }; CK_OBJECT_HANDLE keyfileHandle; CK_RV status = Pkcs11Functions->C_CreateObject(Sessions[slotId].Handle, keyfileTemplate, array_capacity(keyfileTemplate), &keyfileHandle); switch (status) { case CKR_DATA_LEN_RANGE: status = CKR_DEVICE_MEMORY; break; case CKR_SESSION_READ_ONLY: status = CKR_TOKEN_WRITE_PROTECTED; break; } if (status != CKR_OK) throw Pkcs11Exception(status); // Some tokens report success even if the new object was truncated to fit in the available memory - vector <byte> objectData; + vector <uint8> objectData; GetObjectAttribute(slotId, keyfileHandle, CKA_VALUE, objectData); - finally_do_arg(vector <byte> *, &objectData, { if (!finally_arg->empty()) burn(&finally_arg->front(), finally_arg->size()); }); + finally_do_arg(vector <uint8> *, &objectData, { if (!finally_arg->empty()) burn(&finally_arg->front(), finally_arg->size()); }); if (objectData.size() != keyfileData.size()) { Pkcs11Functions->C_DestroyObject(Sessions[slotId].Handle, keyfileHandle); throw Pkcs11Exception(CKR_DEVICE_MEMORY); } } void SecurityToken::DeleteKeyfile(const SecurityTokenKeyfile& keyfile) { LoginUserIfRequired(keyfile.Token->SlotId); CK_RV status = Pkcs11Functions->C_DestroyObject(Sessions[keyfile.Token->SlotId].Handle, keyfile.Handle); if (status != CKR_OK) throw Pkcs11Exception(status); } vector <SecurityTokenKeyfile> SecurityToken::GetAvailableKeyfiles(CK_SLOT_ID* slotIdFilter, const wstring keyfileIdFilter) { bool unrecognizedTokenPresent = false; vector <SecurityTokenKeyfile> keyfiles; foreach(const CK_SLOT_ID & slotId, GetTokenSlots()) { SecurityTokenInfo token; if (slotIdFilter && *slotIdFilter != slotId) continue; try { LoginUserIfRequired(slotId); token = GetTokenInfo(slotId); } catch (UserAbort&) { continue; } catch (Pkcs11Exception& e) { if (e.GetErrorCode() == CKR_TOKEN_NOT_RECOGNIZED) { unrecognizedTokenPresent = true; continue; } throw; } foreach(const CK_OBJECT_HANDLE & dataHandle, GetObjects(slotId, CKO_DATA)) { SecurityTokenKeyfile keyfile; keyfile.Handle = dataHandle; keyfile.Token->SlotId = slotId; keyfile.Token = shared_ptr<SecurityTokenInfo>(new SecurityTokenInfo(token)); - vector <byte> privateAttrib; + vector <uint8> privateAttrib; GetObjectAttribute(slotId, dataHandle, CKA_PRIVATE, privateAttrib); if (privateAttrib.size() == sizeof(CK_BBOOL) && *(CK_BBOOL*)&privateAttrib.front() != CK_TRUE) continue; - vector <byte> label; + vector <uint8> label; GetObjectAttribute(slotId, dataHandle, CKA_LABEL, label); label.push_back(0); keyfile.IdUtf8 = (char*)&label.front(); #if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE) keyfile.Id = Utf8StringToWide((const char*)&label.front()); #else keyfile.Id = StringConverter::ToWide((const char*)&label.front()); #endif if (keyfile.Id.empty() || (!keyfileIdFilter.empty() && keyfileIdFilter != keyfile.Id)) continue; keyfiles.push_back(keyfile); if (!keyfileIdFilter.empty()) break; } } if (keyfiles.empty() && unrecognizedTokenPresent) throw Pkcs11Exception(CKR_TOKEN_NOT_RECOGNIZED); return keyfiles; } list <SecurityTokenInfo> SecurityToken::GetAvailableTokens() { bool unrecognizedTokenPresent = false; list <SecurityTokenInfo> tokens; @@ -293,120 +293,120 @@ namespace VeraCrypt { CK_TOKEN_INFO info; CK_RV status = Pkcs11Functions->C_GetTokenInfo(slotId, &info); if (status != CKR_OK) throw Pkcs11Exception(status); SecurityTokenInfo token; token.SlotId = slotId; token.Flags = info.flags; char label[sizeof(info.label) + 1]; memset(label, 0, sizeof(label)); memcpy(label, info.label, sizeof(info.label)); token.LabelUtf8 = label; size_t lastSpace = token.LabelUtf8.find_last_not_of(' '); if (lastSpace == string::npos) token.LabelUtf8.clear(); else token.LabelUtf8 = token.LabelUtf8.substr(0, lastSpace + 1); #if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE) token.Label = Utf8StringToWide(token.LabelUtf8); #else token.Label = StringConverter::ToWide(token.LabelUtf8); #endif return token; } - void SecurityTokenKeyfile::GetKeyfileData(vector <byte>& keyfileData) const + void SecurityTokenKeyfile::GetKeyfileData(vector <uint8>& keyfileData) const { SecurityToken::LoginUserIfRequired(Token->SlotId); SecurityToken::GetObjectAttribute(Token->SlotId, Handle, CKA_VALUE, keyfileData); } vector <CK_OBJECT_HANDLE> SecurityToken::GetObjects(CK_SLOT_ID slotId, CK_ATTRIBUTE_TYPE objectClass) { if (Sessions.find(slotId) == Sessions.end()) throw ParameterIncorrect(SRC_POS); CK_ATTRIBUTE findTemplate; findTemplate.type = CKA_CLASS; findTemplate.pValue = &objectClass; findTemplate.ulValueLen = sizeof(objectClass); CK_RV status = Pkcs11Functions->C_FindObjectsInit(Sessions[slotId].Handle, &findTemplate, 1); if (status != CKR_OK) throw Pkcs11Exception(status); finally_do_arg(CK_SLOT_ID, slotId, { Pkcs11Functions->C_FindObjectsFinal(Sessions[finally_arg].Handle); }); CK_ULONG objectCount; vector <CK_OBJECT_HANDLE> objects; while (true) { CK_OBJECT_HANDLE object; CK_RV status = Pkcs11Functions->C_FindObjects(Sessions[slotId].Handle, &object, 1, &objectCount); if (status != CKR_OK) throw Pkcs11Exception(status); if (objectCount != 1) break; objects.push_back(object); } return objects; } - void SecurityToken::GetObjectAttribute(CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector <byte>& attributeValue) + void SecurityToken::GetObjectAttribute(CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector <uint8>& attributeValue) { attributeValue.clear(); if (Sessions.find(slotId) == Sessions.end()) throw ParameterIncorrect(SRC_POS); CK_ATTRIBUTE attribute; attribute.type = attributeType; attribute.pValue = NULL_PTR; CK_RV status = Pkcs11Functions->C_GetAttributeValue(Sessions[slotId].Handle, tokenObject, &attribute, 1); if (status != CKR_OK) throw Pkcs11Exception(status); if (attribute.ulValueLen == 0) return; - attributeValue = vector <byte>(attribute.ulValueLen); + attributeValue = vector <uint8>(attribute.ulValueLen); attribute.pValue = &attributeValue.front(); status = Pkcs11Functions->C_GetAttributeValue(Sessions[slotId].Handle, tokenObject, &attribute, 1); if (status != CKR_OK) throw Pkcs11Exception(status); } list <CK_SLOT_ID> SecurityToken::GetTokenSlots() { CheckLibraryStatus(); list <CK_SLOT_ID> slots; CK_ULONG slotCount; CK_RV status = Pkcs11Functions->C_GetSlotList(TRUE, NULL_PTR, &slotCount); if (status != CKR_OK) throw Pkcs11Exception(status); if (slotCount > 0) { vector <CK_SLOT_ID> slotArray(slotCount); status = Pkcs11Functions->C_GetSlotList(TRUE, &slotArray.front(), &slotCount); if (status != CKR_OK) throw Pkcs11Exception(status); for (size_t i = 0; i < slotCount; i++) { CK_SLOT_INFO slotInfo; status = Pkcs11Functions->C_GetSlotInfo(slotArray[i], &slotInfo); |