-
Notifications
You must be signed in to change notification settings - Fork 22
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #12 from gemalto/merge_sep_16
Merge sep 16
- Loading branch information
Showing
33 changed files
with
768 additions
and
92 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,98 @@ | ||
""" | ||
Methods responsible for retrieving hsm info from the K7 card | ||
""" | ||
import logging | ||
from ctypes import c_ulong, byref, cast, POINTER | ||
from pycryptoki.cryptoki import (CA_GetNumberOfAllowedContainers, CA_RetrieveLicenseList, | ||
CA_GetHSMStorageInformation, CA_GetTSV) | ||
from pycryptoki.exceptions import make_error_handle_function | ||
from pycryptoki.defines import CKR_OK | ||
|
||
LOG = logging.getLogger(__name__) | ||
|
||
|
||
def ca_retrieve_license_list(slot): | ||
"""Gets the license info for a given slot id | ||
:param int slot_id: Slot index to get the license id's | ||
:returns: (A python list representing the license id's) | ||
:rtype: list | ||
""" | ||
|
||
license_len = c_ulong() | ||
ret = CA_RetrieveLicenseList(slot, byref(license_len), None) | ||
if ret == CKR_OK: | ||
licenses = (c_ulong * license_len.value)() | ||
ret = CA_RetrieveLicenseList(slot, license_len, cast(licenses, POINTER(c_ulong))) | ||
LOG.info("Getting license id. slot=%s", slot) | ||
if ret != CKR_OK: | ||
return ret, [] | ||
else: | ||
return ret, [] | ||
return ret, [(licenses[x], licenses[x + 1]) for x in range(0, license_len.value, 2)] | ||
|
||
|
||
ca_retrieve_license_list_ex = make_error_handle_function(ca_retrieve_license_list) | ||
|
||
|
||
def ca_retrieve_allowed_containers(slot): | ||
"""Gets the maximum allowed container number for a given slot id | ||
:param int slot_id: Slot index to get the maximum allowed container number | ||
:returns: (ret code, A unsigned integer representing the maximum allowed container number) | ||
:rtype: unsigned integer | ||
""" | ||
|
||
allowed_partition_number = c_ulong() | ||
ret = CA_GetNumberOfAllowedContainers(slot, byref(allowed_partition_number)) | ||
LOG.info("Getting allowed maximum container number. slot=%s", slot) | ||
return ret, allowed_partition_number | ||
|
||
|
||
ca_retrieve_allowed_containers_ex = make_error_handle_function(ca_retrieve_allowed_containers) | ||
|
||
|
||
def ca_retrieve_hsm_storage_info(slot): | ||
"""Gets the hsm storage info for a given slot id | ||
:param int slot_id: Slot index to get the hsm storage info | ||
:returns: (ret code, hsm_storage_info dictionary) | ||
:rtype: dictionary | ||
""" | ||
|
||
hsm_storage_info = {} | ||
|
||
container_overhead = c_ulong() | ||
total_hsm_storage = c_ulong() | ||
used_hsm_storage = c_ulong() | ||
free_hsm_storage = c_ulong() | ||
ret = CA_GetHSMStorageInformation(slot, byref(container_overhead), byref(total_hsm_storage), | ||
byref(used_hsm_storage), byref(free_hsm_storage)) | ||
LOG.info("Getting allowed maximum container number. slot=%s", slot) | ||
|
||
if ret == CKR_OK: | ||
hsm_storage_info['ContainerOverhead'] = container_overhead | ||
hsm_storage_info['TotalHsmStorage'] = total_hsm_storage | ||
hsm_storage_info['UsedHsmStorage'] = used_hsm_storage | ||
hsm_storage_info['FreeHsmStorage'] = free_hsm_storage | ||
return ret, hsm_storage_info | ||
|
||
|
||
ca_retrieve_hsm_storage_info_ex = make_error_handle_function(ca_retrieve_hsm_storage_info) | ||
|
||
|
||
def ca_get_tsv(slot): | ||
"""Get the TSV(Module State Vector) for a given slot id | ||
:param int slot_id: Slot index to get the TSV(Module State Vector) | ||
:returns: (ret code, TSV) | ||
:rtype: tuple | ||
""" | ||
|
||
tsv = c_ulong() | ||
ret = CA_GetTSV(slot, byref(tsv)) | ||
LOG.info("Getting Module state vector. slot=%s", slot) | ||
return ret, tsv | ||
|
||
|
||
ca_get_tsv_ex = make_error_handle_function(ca_get_tsv) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
""" | ||
Module to work with objects, specifically dealing with ca_extension functions | ||
""" | ||
|
||
import logging | ||
from ctypes import byref, cast, c_ubyte | ||
from _ctypes import POINTER | ||
|
||
from pycryptoki.attributes import to_byte_array | ||
from pycryptoki.ca_extensions.session import ca_get_session_info_ex | ||
from pycryptoki.cryptoki import CK_ULONG, CK_SLOT_ID, CA_GetObjectHandle, CA_DestroyMultipleObjects | ||
from pycryptoki.defines import CKR_OK | ||
from pycryptoki.exceptions import make_error_handle_function | ||
from pycryptoki.common_utils import AutoCArray | ||
|
||
|
||
LOG = logging.getLogger(__name__) | ||
|
||
|
||
def ca_get_object_handle(slot, session, objectouid): | ||
""" | ||
Calls CA_GetObjectHandle to get the object handle from OUID | ||
:param slot: partition slot number | ||
:param session: session id that was opened to run the function | ||
:param objectouid: OUID, a string of the hex value that maps to object handle | ||
:return: a tuple containing the return code and the object handle mapping the given OUID | ||
""" | ||
objecttype = CK_ULONG() | ||
objecthandle = CK_ULONG() | ||
# ulContainerNumber is required which is of type CK_ULONG | ||
container_number = ca_get_session_info_ex(session)['containerNumber'] | ||
ouid, size_ouid = to_byte_array(int(objectouid, 16)) | ||
c_ouid = cast(ouid, POINTER(c_ubyte)) | ||
|
||
ret = CA_GetObjectHandle(CK_SLOT_ID(slot), | ||
container_number, | ||
c_ouid, | ||
byref(objecttype), | ||
byref(objecthandle)) | ||
if ret != CKR_OK: | ||
return ret, None | ||
|
||
return ret, objecthandle.value | ||
|
||
|
||
ca_get_object_handle_ex = make_error_handle_function(ca_get_object_handle) | ||
|
||
|
||
def ca_destroy_multiple_objects(h_session, objects): | ||
"""Delete multiple objects corresponding to given object handles | ||
:param int h_session: Session handle | ||
:param list objects: The handles of the objects to delete | ||
:returns: Return code | ||
""" | ||
handles_count = len(objects) | ||
handles = AutoCArray(data=objects, ctype=CK_ULONG) | ||
ret = CA_DestroyMultipleObjects(h_session, handles_count, handles.array, byref(CK_ULONG())) | ||
return ret | ||
|
||
|
||
ca_destroy_multiple_objects_ex = make_error_handle_function(ca_destroy_multiple_objects) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
""" | ||
Module to work with sessions, specifically dealing with ca_extension functions | ||
""" | ||
|
||
import logging | ||
from ctypes import byref | ||
|
||
from pycryptoki.cryptoki import CK_ULONG, CK_SESSION_HANDLE, CA_GetSessionInfo | ||
from pycryptoki.defines import CKR_OK | ||
from pycryptoki.exceptions import make_error_handle_function | ||
|
||
|
||
LOG = logging.getLogger(__name__) | ||
|
||
|
||
def ca_get_session_info(session): | ||
""" | ||
ca extension function that returns session information | ||
:param session: session handle | ||
:return: tuple of return code and session info dict | ||
""" | ||
session_info = {} | ||
h_session = CK_SESSION_HANDLE(session) | ||
aid_hi = CK_ULONG() | ||
aid_lo = CK_ULONG() | ||
container = CK_ULONG() | ||
auth_level = CK_ULONG() | ||
ret = CA_GetSessionInfo(h_session, byref(aid_hi), byref(aid_lo), byref(container), byref(auth_level)) | ||
if ret != CKR_OK: | ||
return ret, None | ||
|
||
session_info['aidHigh'] = aid_hi.value | ||
session_info['aidLow'] = aid_lo.value | ||
session_info['containerNumber'] = container.value | ||
session_info['authenticationLevel'] = auth_level.value | ||
|
||
return ret, session_info | ||
|
||
|
||
ca_get_session_info_ex = make_error_handle_function(ca_get_session_info) |
Oops, something went wrong.