From ca4983b925e0e3be61365db3190b556d67abed13 Mon Sep 17 00:00:00 2001 From: Joe Rozner Date: Fri, 20 Dec 2024 19:30:12 -0800 Subject: [PATCH] Add support for vendor defined attributes --- cryptoki/src/object.rs | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/cryptoki/src/object.rs b/cryptoki/src/object.rs index 19c74de5..2742a8ef 100644 --- a/cryptoki/src/object.rs +++ b/cryptoki/src/object.rs @@ -15,7 +15,6 @@ use std::mem::size_of; use std::ops::Deref; #[derive(Debug, Copy, Clone, Ord, PartialOrd, Eq, PartialEq, Hash)] -#[non_exhaustive] /// Type of an attribute pub enum AttributeType { /// DER-encoding of the attribute certificate's issuer @@ -128,6 +127,8 @@ pub enum AttributeType { Value, /// Length in bytes of the value ValueLen, + /// Vendor defined attribute + VendorDefined(CK_ATTRIBUTE_TYPE), /// Determines if a key supports verifying Verify, /// Determines if a key supports verifying where the data can be recovered from the signature @@ -254,6 +255,7 @@ impl AttributeType { CKA_UNWRAP_TEMPLATE => String::from(stringify!(CKA_UNWRAP_TEMPLATE)), CKA_DERIVE_TEMPLATE => String::from(stringify!(CKA_DERIVE_TEMPLATE)), CKA_ALLOWED_MECHANISMS => String::from(stringify!(CKA_ALLOWED_MECHANISMS)), + CKA_VENDOR_DEFINED => String::from(stringify!(CKA_VENDOR_DEFINED)), _ => format!("unknown ({val:08x})"), } } @@ -324,6 +326,7 @@ impl From for CK_ATTRIBUTE_TYPE { AttributeType::Url => CKA_URL, AttributeType::Value => CKA_VALUE, AttributeType::ValueLen => CKA_VALUE_LEN, + AttributeType::VendorDefined(val) => val, AttributeType::Verify => CKA_VERIFY, AttributeType::VerifyRecover => CKA_VERIFY_RECOVER, AttributeType::Wrap => CKA_WRAP, @@ -396,6 +399,7 @@ impl TryFrom for AttributeType { CKA_VERIFY_RECOVER => Ok(AttributeType::VerifyRecover), CKA_WRAP => Ok(AttributeType::Wrap), CKA_WRAP_WITH_TRUSTED => Ok(AttributeType::WrapWithTrusted), + 0x8000_0000..=0xffff_ffff => Ok(AttributeType::VendorDefined(attribute_type)), attr_type => { error!("Attribute type {} not supported.", attr_type); Err(Error::NotSupported) @@ -405,7 +409,6 @@ impl TryFrom for AttributeType { } #[derive(Debug, Clone, PartialEq, Eq)] -#[non_exhaustive] /// Attribute value pub enum Attribute { /// DER-encoding of the attribute certificate's issuer @@ -518,6 +521,8 @@ pub enum Attribute { Value(Vec), /// Length in bytes of the value ValueLen(Ulong), + /// Vendor defined value + VendorDefined((CK_ATTRIBUTE_TYPE, Vec)), /// Determines if a key supports verifying Verify(bool), /// Determines if a key supports verifying where the data can be recovered from the signature @@ -587,6 +592,7 @@ impl Attribute { Attribute::Url(_) => AttributeType::Url, Attribute::Value(_) => AttributeType::Value, Attribute::ValueLen(_) => AttributeType::ValueLen, + Attribute::VendorDefined((num, _)) => AttributeType::VendorDefined(*num), Attribute::Verify(_) => AttributeType::Verify, Attribute::VerifyRecover(_) => AttributeType::VerifyRecover, Attribute::Wrap(_) => AttributeType::Wrap, @@ -658,6 +664,7 @@ impl Attribute { Attribute::AllowedMechanisms(mechanisms) => { size_of::() * mechanisms.len() } + Attribute::VendorDefined((_, bytes)) => bytes.len(), } } @@ -730,6 +737,7 @@ impl Attribute { | Attribute::Subject(bytes) | Attribute::Url(bytes) | Attribute::Value(bytes) + | Attribute::VendorDefined((_, bytes)) | Attribute::Id(bytes) => bytes.as_ptr() as *mut c_void, // Unique types Attribute::CertificateType(certificate_type) => { @@ -929,7 +937,8 @@ impl TryFrom for Attribute { )?)) } } - } + }, + AttributeType::VendorDefined(t) => Ok(Attribute::VendorDefined((t, val.to_vec()))), } } }