static void
sc_pkcs11_signature_release(sc_pkcs11_operation_t *operation)
{
struct signature_data *data;
data = (struct signature_data *) operation->priv_data;
sc_pkcs11_release_operation(&data->md);
memset(data, 0, sizeof(*data));
free(data);
}
/*
* Initialize a signature operation
*/
static CK_RV
sc_pkcs11_signature_init(sc_pkcs11_operation_t *operation,
struct sc_pkcs11_object *key)
{
struct hash_signature_info *info;
struct signature_data *data;
CK_RV rv;
int can_do_it = 0;
LOG_FUNC_CALLED(context);
if (!(data = calloc(1, sizeof(*data))))
LOG_FUNC_RETURN(context, CKR_HOST_MEMORY);
data->info = NULL;
data->key = key;
if (key->ops->can_do) {
rv = key->ops->can_do(operation->session, key, operation->type->mech, CKF_SIGN);
if (rv == CKR_OK) {
/* Mechanism recognised and can be performed by pkcs#15 card */
can_do_it = 1;
}
else if (rv == CKR_FUNCTION_NOT_SUPPORTED) {
/* Mechanism not recognised by pkcs#15 card */
can_do_it = 0;
}
else {
/* Mechanism recognised but cannot be performed by pkcs#15 card, or some general error. */
free(data);
LOG_FUNC_RETURN(context, rv);
}
}
/* If this is a signature with hash operation,
* and card cannot perform itself signature with hash operation,
* set up the hash operation */
info = (struct hash_signature_info *) operation->type->mech_data;
if (info != NULL && !can_do_it) {
/* Initialize hash operation */
data->md = sc_pkcs11_new_operation(operation->session, info->hash_type);
if (data->md == NULL)
rv = CKR_HOST_MEMORY;
else
rv = info->hash_type->md_init(data->md);
if (rv != CKR_OK) {
sc_pkcs11_release_operation(&data->md);
free(data);
LOG_FUNC_RETURN(context, rv);
}
data->info = info;
}
operation->priv_data = data;
LOG_FUNC_RETURN(context, CKR_OK);
}
CK_RV session_stop_operation(struct sc_pkcs11_session * session, int type)
{
if (type < 0 || type >= SC_PKCS11_OPERATION_MAX)
return CKR_ARGUMENTS_BAD;
if (session->operation[type] == NULL)
return CKR_OPERATION_NOT_INITIALIZED;
sc_pkcs11_release_operation(&session->operation[type]);
return CKR_OK;
}
/*
* Initialize a signature operation
*/
static CK_RV
sc_pkcs11_verify_init(sc_pkcs11_operation_t *operation,
struct sc_pkcs11_object *key)
{
struct hash_signature_info *info;
struct signature_data *data;
int rv;
if (!(data = calloc(1, sizeof(*data))))
return CKR_HOST_MEMORY;
data->info = NULL;
data->key = key;
/* If this is a verify with hash operation, set up the
* hash operation */
info = (struct hash_signature_info *) operation->type->mech_data;
if (info != NULL) {
/* Initialize hash operation */
data->md = sc_pkcs11_new_operation(operation->session,
info->hash_type);
if (data->md == NULL)
rv = CKR_HOST_MEMORY;
else
rv = info->hash_type->md_init(data->md);
if (rv != CKR_OK) {
sc_pkcs11_release_operation(&data->md);
free(data);
return rv;
}
data->info = info;
}
operation->priv_data = data;
return CKR_OK;
}
