45cf0b7c2ad1437e8a381ce0c0af875aa0c2523c
[strongswan.git] / src / libstrongswan / plugins / pkcs11 / pkcs11_rng.c
1 /*
2 * Copyright (C) 2011 Tobias Brunner
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "pkcs11_rng.h"
17
18 #include <debug.h>
19
20 #include "pkcs11_manager.h"
21
22 typedef struct private_pkcs11_rng_t private_pkcs11_rng_t;
23
24 /**
25 * Private data of an pkcs11_rng_t object.
26 */
27 struct private_pkcs11_rng_t {
28
29 /**
30 * Public interface.
31 */
32 pkcs11_rng_t public;
33
34 /**
35 * PKCS#11 library
36 */
37 pkcs11_library_t *lib;
38
39 /**
40 * Mechanism for this rng
41 */
42 CK_SESSION_HANDLE session;
43
44 };
45
46 METHOD(rng_t, get_bytes, void,
47 private_pkcs11_rng_t *this, size_t bytes, u_int8_t *buffer)
48 {
49 CK_RV rv;
50 rv = this->lib->f->C_GenerateRandom(this->session, buffer, bytes);
51 if (rv != CKR_OK)
52 {
53 DBG1(DBG_CFG, "C_GenerateRandom() failed: %N", ck_rv_names, rv);
54 abort();
55 }
56 }
57
58 METHOD(rng_t, allocate_bytes, void,
59 private_pkcs11_rng_t *this, size_t bytes, chunk_t *chunk)
60 {
61 *chunk = chunk_alloc(bytes);
62 get_bytes(this, chunk->len, chunk->ptr);
63 }
64
65 METHOD(rng_t, destroy, void,
66 private_pkcs11_rng_t *this)
67 {
68 this->lib->f->C_CloseSession(this->session);
69 free(this);
70 }
71
72 /**
73 * Find a token with its own RNG
74 */
75 static pkcs11_library_t *find_token(CK_SESSION_HANDLE *session)
76 {
77 enumerator_t *tokens;
78 pkcs11_manager_t *manager;
79 pkcs11_library_t *current, *found = NULL;
80 CK_SLOT_ID slot;
81
82 manager = lib->get(lib, "pkcs11-manager");
83 if (!manager)
84 {
85 return NULL;
86 }
87 tokens = manager->create_token_enumerator(manager);
88 while (tokens->enumerate(tokens, &current, &slot))
89 {
90 CK_TOKEN_INFO info;
91 CK_RV rv;
92 rv = current->f->C_GetTokenInfo(slot, &info);
93 if (rv != CKR_OK)
94 {
95 continue;
96 }
97 if (info.flags & CKF_RNG)
98 {
99 if (current->f->C_OpenSession(slot, CKF_SERIAL_SESSION,
100 NULL, NULL, session) == CKR_OK)
101 {
102 found = current;
103 break;
104 }
105 }
106 }
107 tokens->destroy(tokens);
108 return found;
109 }
110
111 /*
112 * Described in header.
113 */
114 pkcs11_rng_t *pkcs11_rng_create(rng_quality_t quality)
115 {
116 private_pkcs11_rng_t *this;
117
118 INIT(this,
119 .public = {
120 .rng = {
121 .get_bytes = _get_bytes,
122 .allocate_bytes = _allocate_bytes,
123 .destroy = _destroy,
124 },
125 },
126 );
127
128 this->lib = find_token(&this->session);
129 if (!this->lib)
130 {
131 free(this);
132 return NULL;
133 }
134
135 return &this->public;
136 }
137