VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/SecurityToken.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/Common/SecurityToken.h')
-rw-r--r--src/Common/SecurityToken.h126
1 files changed, 60 insertions, 66 deletions
diff --git a/src/Common/SecurityToken.h b/src/Common/SecurityToken.h
index 6b228895..0d671dcc 100644
--- a/src/Common/SecurityToken.h
+++ b/src/Common/SecurityToken.h
@@ -53,62 +53,55 @@
#define TC_SECURITY_TOKEN_KEYFILE_URL_SLOT L"slot"
#define TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"file"
+#include "Token.h"
+
namespace VeraCrypt
{
- struct SecurityTokenInfo
+ struct SecurityTokenInfo: TokenInfo
{
- CK_SLOT_ID SlotId;
+ virtual BOOL isEditable() const {return true;}
+
CK_FLAGS Flags;
- wstring Label;
string LabelUtf8;
};
- struct SecurityTokenKeyfilePath
+ struct SecurityTokenKeyfile: TokenKeyfile
{
- SecurityTokenKeyfilePath () { }
- SecurityTokenKeyfilePath (const wstring &path) : Path (path) { }
- operator wstring () const { return Path; }
- wstring Path;
- };
+ SecurityTokenKeyfile();
- struct SecurityTokenKeyfile
- {
- SecurityTokenKeyfile () : Handle(CK_INVALID_HANDLE), SlotId(CK_UNAVAILABLE_INFORMATION) { Token.SlotId = CK_UNAVAILABLE_INFORMATION; Token.Flags = 0; }
- SecurityTokenKeyfile (const SecurityTokenKeyfilePath &path);
+ SecurityTokenKeyfile(const TokenKeyfilePath& path);
+
+ operator TokenKeyfilePath () const;
- operator SecurityTokenKeyfilePath () const;
+ void GetKeyfileData(vector<byte>& keyfileData) const;
CK_OBJECT_HANDLE Handle;
- wstring Id;
- string IdUtf8;
- CK_SLOT_ID SlotId;
- SecurityTokenInfo Token;
};
- struct Pkcs11Exception : public Exception
+ struct Pkcs11Exception: public Exception
{
- Pkcs11Exception (CK_RV errorCode = (CK_RV) -1)
- : ErrorCode (errorCode),
- SubjectErrorCodeValid (false),
- SubjectErrorCode( (uint64) -1)
+ Pkcs11Exception(CK_RV errorCode = (CK_RV)-1)
+ : ErrorCode(errorCode),
+ SubjectErrorCodeValid(false),
+ SubjectErrorCode((uint64)-1)
{
}
- Pkcs11Exception (CK_RV errorCode, uint64 subjectErrorCode)
- : ErrorCode (errorCode),
- SubjectErrorCodeValid (true),
- SubjectErrorCode (subjectErrorCode)
+ Pkcs11Exception(CK_RV errorCode, uint64 subjectErrorCode)
+ : ErrorCode(errorCode),
+ SubjectErrorCodeValid(true),
+ SubjectErrorCode(subjectErrorCode)
{
}
#ifdef TC_HEADER_Platform_Exception
- virtual ~Pkcs11Exception () throw () { }
- TC_SERIALIZABLE_EXCEPTION (Pkcs11Exception);
+ virtual ~Pkcs11Exception() throw () { }
+ TC_SERIALIZABLE_EXCEPTION(Pkcs11Exception);
#else
- void Show (HWND parent) const;
+ void Show(HWND parent) const;
#endif
operator string () const;
- CK_RV GetErrorCode () const { return ErrorCode; }
+ CK_RV GetErrorCode() const { return ErrorCode; }
protected:
CK_RV ErrorCode;
@@ -135,24 +128,24 @@ namespace VeraCrypt
#else // !TC_HEADER_Platform_Exception
- struct SecurityTokenLibraryNotInitialized : public Exception
+ struct SecurityTokenLibraryNotInitialized: public Exception
{
- void Show (HWND parent) const { Error (SecurityTokenLibraryPath[0] == 0 ? "NO_PKCS11_MODULE_SPECIFIED" : "PKCS11_MODULE_INIT_FAILED", parent); }
+ void Show(HWND parent) const { Error(SecurityTokenLibraryPath[0] == 0 ? "NO_PKCS11_MODULE_SPECIFIED" : "PKCS11_MODULE_INIT_FAILED", parent); }
};
- struct InvalidSecurityTokenKeyfilePath : public Exception
+ struct InvalidSecurityTokenKeyfilePath: public Exception
{
- void Show (HWND parent) const { Error ("INVALID_TOKEN_KEYFILE_PATH", parent); }
+ void Show(HWND parent) const { Error("INVALID_TOKEN_KEYFILE_PATH", parent); }
};
- struct SecurityTokenKeyfileAlreadyExists : public Exception
+ struct SecurityTokenKeyfileAlreadyExists: public Exception
{
- void Show (HWND parent) const { Error ("TOKEN_KEYFILE_ALREADY_EXISTS", parent); }
+ void Show(HWND parent) const { Error("TOKEN_KEYFILE_ALREADY_EXISTS", parent); }
};
- struct SecurityTokenKeyfileNotFound : public Exception
+ struct SecurityTokenKeyfileNotFound: public Exception
{
- void Show (HWND parent) const { Error ("TOKEN_KEYFILE_NOT_FOUND", parent); }
+ void Show(HWND parent) const { Error("TOKEN_KEYFILE_NOT_FOUND", parent); }
};
#endif // !TC_HEADER_Platform_Exception
@@ -160,7 +153,7 @@ namespace VeraCrypt
struct Pkcs11Session
{
- Pkcs11Session () : Handle (CK_UNAVAILABLE_INFORMATION), UserLoggedIn (false) { }
+ Pkcs11Session(): Handle(CK_UNAVAILABLE_INFORMATION), UserLoggedIn(false) { }
CK_SESSION_HANDLE Handle;
bool UserLoggedIn;
@@ -168,47 +161,46 @@ namespace VeraCrypt
struct GetPinFunctor
{
- virtual ~GetPinFunctor () { }
- virtual void operator() (string &str) = 0;
- virtual void notifyIncorrectPin () = 0;
+ virtual ~GetPinFunctor() { }
+ virtual void operator() (string& str) = 0;
+ virtual void notifyIncorrectPin() = 0;
};
struct SendExceptionFunctor
{
- virtual ~SendExceptionFunctor () { }
- virtual void operator() (const Exception &e) = 0;
+ virtual ~SendExceptionFunctor() { }
+ virtual void operator() (const Exception& e) = 0;
};
class SecurityToken
{
public:
- static void CloseAllSessions () throw ();
- static void CloseLibrary ();
- static void CreateKeyfile (CK_SLOT_ID slotId, vector <byte> &keyfileData, const string &name);
- static void DeleteKeyfile (const SecurityTokenKeyfile &keyfile);
- static vector <SecurityTokenKeyfile> GetAvailableKeyfiles (CK_SLOT_ID *slotIdFilter = nullptr, const wstring keyfileIdFilter = wstring());
- static void GetKeyfileData (const SecurityTokenKeyfile &keyfile, vector <byte> &keyfileData);
- static list <SecurityTokenInfo> GetAvailableTokens ();
- static SecurityTokenInfo GetTokenInfo (CK_SLOT_ID slotId);
+ static void CloseAllSessions() throw ();
+ static void CloseLibrary();
+ static void CreateKeyfile(CK_SLOT_ID slotId, vector <byte>& keyfileData, const string& name);
+ static void DeleteKeyfile(const SecurityTokenKeyfile& keyfile);
+ static vector <SecurityTokenKeyfile> GetAvailableKeyfiles(CK_SLOT_ID* slotIdFilter = nullptr, const wstring keyfileIdFilter = wstring());
+ static list <SecurityTokenInfo> GetAvailableTokens();
+ static SecurityTokenInfo GetTokenInfo(CK_SLOT_ID slotId);
#ifdef TC_WINDOWS
- static void InitLibrary (const wstring &pkcs11LibraryPath, unique_ptr <GetPinFunctor> pinCallback, unique_ptr <SendExceptionFunctor> warningCallback);
+ static void InitLibrary(const wstring& pkcs11LibraryPath, unique_ptr <GetPinFunctor> pinCallback, unique_ptr <SendExceptionFunctor> warningCallback);
#else
- static void InitLibrary (const string &pkcs11LibraryPath, unique_ptr <GetPinFunctor> pinCallback, unique_ptr <SendExceptionFunctor> warningCallback);
+ static void InitLibrary(const string& pkcs11LibraryPath, unique_ptr <GetPinFunctor> pinCallback, unique_ptr <SendExceptionFunctor> warningCallback);
#endif
- static bool IsInitialized () { return Initialized; }
- static bool IsKeyfilePathValid (const wstring &securityTokenKeyfilePath);
+ static bool IsInitialized() { return Initialized; }
+ static bool IsKeyfilePathValid(const wstring& securityTokenKeyfilePath);
static const size_t MaxPasswordLength = 128;
protected:
- static void CloseSession (CK_SLOT_ID slotId);
- static vector <CK_OBJECT_HANDLE> GetObjects (CK_SLOT_ID slotId, CK_ATTRIBUTE_TYPE objectClass);
- static void GetObjectAttribute (CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector <byte> &attributeValue);
- static list <CK_SLOT_ID> GetTokenSlots ();
- static void Login (CK_SLOT_ID slotId, const char* pin);
- static void LoginUserIfRequired (CK_SLOT_ID slotId);
- static void OpenSession (CK_SLOT_ID slotId);
- static void CheckLibraryStatus ();
+ static void CloseSession(CK_SLOT_ID slotId);
+ static vector <CK_OBJECT_HANDLE> GetObjects(CK_SLOT_ID slotId, CK_ATTRIBUTE_TYPE objectClass);
+ static void GetObjectAttribute(CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector <byte>& attributeValue);
+ static list <CK_SLOT_ID> GetTokenSlots();
+ static void Login(CK_SLOT_ID slotId, const char* pin);
+ static void LoginUserIfRequired(CK_SLOT_ID slotId);
+ static void OpenSession(CK_SLOT_ID slotId);
+ static void CheckLibraryStatus();
static bool Initialized;
static unique_ptr <GetPinFunctor> PinCallback;
@@ -216,10 +208,12 @@ namespace VeraCrypt
#ifdef TC_WINDOWS
static HMODULE Pkcs11LibraryHandle;
#else
- static void *Pkcs11LibraryHandle;
+ static void* Pkcs11LibraryHandle;
#endif
static map <CK_SLOT_ID, Pkcs11Session> Sessions;
static unique_ptr <SendExceptionFunctor> WarningCallback;
+
+ friend void SecurityTokenKeyfile::GetKeyfileData(vector <byte>& keyfileData) const;
};
}