Skip to content

Commit

Permalink
Simplify Token Info storage for memory db
Browse files Browse the repository at this point in the history
No need for object gimmicks, just keep a copy of the struct and remove a
bunch of now useless attributes.

Signed-off-by: Simo Sorce <[email protected]>
  • Loading branch information
simo5 committed Dec 10, 2024
1 parent b66714d commit 0305902
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 77 deletions.
6 changes: 1 addition & 5 deletions src/attribute.rs
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ macro_rules! attrmap_element {
};
}

static ATTRMAP: [Attrmap<'_>; 147] = [
static ATTRMAP: [Attrmap<'_>; 143] = [
attrmap_element!(CKA_CLASS; as NumType),
attrmap_element!(CKA_TOKEN; as BoolType),
attrmap_element!(CKA_PRIVATE; as BoolType),
Expand Down Expand Up @@ -169,10 +169,6 @@ static ATTRMAP: [Attrmap<'_>; 147] = [
attrmap_element!(CKA_HSS_KEYS_REMAINING; as NumType),
attrmap_element!(KRA_MAX_LOGIN_ATTEMPTS; as NumType),
attrmap_element!(KRA_LOGIN_ATTEMPTS; as NumType),
attrmap_element!(KRA_FLAGS; as NumType),
attrmap_element!(KRA_MANUFACTURER_ID; as StringType),
attrmap_element!(KRA_MODEL; as StringType),
attrmap_element!(KRA_SERIAL_NUMBER; as StringType),
attrmap_element!(CKA_VALIDATION_TYPE; as NumType),
attrmap_element!(CKA_VALIDATION_VERSION; as BytesType),
attrmap_element!(CKA_VALIDATION_LEVEL; as NumType),
Expand Down
4 changes: 0 additions & 4 deletions src/pkcs11/interface.rs
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,6 @@ pub const KRO_TOKEN_DATA: CK_OBJECT_CLASS = KRY_VENDOR_OFFSET + 1;
/* Attributes */
pub const KRA_MAX_LOGIN_ATTEMPTS: CK_ATTRIBUTE_TYPE = KRY_VENDOR_OFFSET + 1;
pub const KRA_LOGIN_ATTEMPTS: CK_ATTRIBUTE_TYPE = KRY_VENDOR_OFFSET + 2;
pub const KRA_FLAGS: CK_ATTRIBUTE_TYPE = KRY_VENDOR_OFFSET + 3;
pub const KRA_MANUFACTURER_ID: CK_ATTRIBUTE_TYPE = KRY_VENDOR_OFFSET + 4;
pub const KRA_MODEL: CK_ATTRIBUTE_TYPE = KRY_VENDOR_OFFSET + 5;
pub const KRA_SERIAL_NUMBER: CK_ATTRIBUTE_TYPE = KRY_VENDOR_OFFSET + 6;
/* + 10 taken by pkcs11/validation_draft.rs */

/* Errors */
Expand Down
76 changes: 8 additions & 68 deletions src/storage/memory.rs
Original file line number Diff line number Diff line change
Expand Up @@ -13,69 +13,10 @@ use crate::storage::aci::StorageACI;
use crate::storage::format::{StdStorageFormat, StorageRaw};
use crate::storage::{Storage, StorageDBInfo, StorageTokenInfo};

const TOKEN_INFO_UID: &str = "2";

pub fn token_info_uid() -> String {
TOKEN_INFO_UID.to_string()
}

pub fn object_to_token_info(obj: &Object) -> Result<StorageTokenInfo> {
if obj.get_attr_as_ulong(CKA_CLASS)? != KRO_TOKEN_DATA {
return Err(CKR_TOKEN_NOT_RECOGNIZED)?;
}
let label = obj
.get_attr_as_string(CKA_LABEL)
.map_err(|_| CKR_TOKEN_NOT_RECOGNIZED)?;
let manufacturer = obj
.get_attr_as_string(KRA_MANUFACTURER_ID)
.map_err(|_| CKR_TOKEN_NOT_RECOGNIZED)?;
let model = obj
.get_attr_as_string(KRA_MODEL)
.map_err(|_| CKR_TOKEN_NOT_RECOGNIZED)?;
let serial = obj
.get_attr_as_string(KRA_SERIAL_NUMBER)
.map_err(|_| CKR_TOKEN_NOT_RECOGNIZED)?;
let mut info = StorageTokenInfo {
label: [0; 32],
manufacturer: [0; 32],
model: [0; 16],
serial: [0; 16],
flags: obj
.get_attr_as_ulong(KRA_FLAGS)
.map_err(|_| CKR_TOKEN_NOT_RECOGNIZED)?,
};
copy_sized_string(label.as_bytes(), &mut info.label);
copy_sized_string(manufacturer.as_bytes(), &mut info.manufacturer);
copy_sized_string(model.as_bytes(), &mut info.model);
copy_sized_string(serial.as_bytes(), &mut info.serial);
Ok(info)
}

pub fn token_info_to_object(
info: &StorageTokenInfo,
obj: &mut Object,
) -> Result<()> {
obj.set_attr(Attribute::string_from_sized(CKA_LABEL, &info.label))?;
obj.set_attr(Attribute::string_from_sized(
KRA_MANUFACTURER_ID,
&info.manufacturer,
))?;
obj.set_attr(Attribute::string_from_sized(KRA_MODEL, &info.model))?;
obj.set_attr(Attribute::string_from_sized(
KRA_SERIAL_NUMBER,
&info.serial,
))?;

/* filter out runtime flags */
let flags = info.flags
& (CKF_LOGIN_REQUIRED | CKF_TOKEN_INITIALIZED | CKF_WRITE_PROTECTED);
obj.set_attr(Attribute::from_ulong(KRA_FLAGS, flags))?;
Ok(())
}

#[derive(Debug)]
struct MemoryStorage {
objects: HashMap<String, Object>,
token_info: StorageTokenInfo,
}

impl StorageRaw for MemoryStorage {
Expand Down Expand Up @@ -125,23 +66,22 @@ impl StorageRaw for MemoryStorage {
}

fn fetch_token_info(&self) -> Result<StorageTokenInfo> {
let obj = self.fetch_by_uid(&token_info_uid(), &[])?;
object_to_token_info(&obj)
Ok(self.token_info.clone())
}

fn store_token_info(&mut self, info: &StorageTokenInfo) -> Result<()> {
let mut obj = Object::new();
obj.set_attr(Attribute::from_string(CKA_UNIQUE_ID, token_info_uid()))?;
obj.set_attr(Attribute::from_bool(CKA_TOKEN, true))?;
obj.set_attr(Attribute::from_ulong(CKA_CLASS, KRO_TOKEN_DATA))?;
token_info_to_object(info, &mut obj)?;
self.store_obj(obj)
self.token_info.label = info.label;
self.token_info.manufacturer = info.manufacturer;
self.token_info.model = info.model;
self.token_info.serial = info.serial;
self.token_info.flags = info.flags;
}
}

pub fn raw_store() -> Box<dyn StorageRaw> {
Box::new(MemoryStorage {
objects: HashMap::new(),
token_info: StorageTokenInfo::default(),
})
}

Expand Down

0 comments on commit 0305902

Please sign in to comment.