1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
use crate::get_pkcs11;
use crate::types::function::Rv;
use crate::types::mechanism::Mechanism;
use crate::types::object::ObjectHandle;
use crate::types::session::Session;
use crate::Result;
use cryptoki_sys::*;
use std::convert::TryInto;
impl<'a> Session<'a> {
pub fn sign(&self, mechanism: &Mechanism, key: ObjectHandle, data: &[u8]) -> Result<Vec<u8>> {
let mut mechanism: CK_MECHANISM = mechanism.into();
let mut signature_len = 0;
unsafe {
Rv::from(get_pkcs11!(self.client(), C_SignInit)(
self.handle(),
&mut mechanism as CK_MECHANISM_PTR,
key.handle(),
))
.into_result()?;
}
unsafe {
Rv::from(get_pkcs11!(self.client(), C_Sign)(
self.handle(),
data.as_ptr() as *mut u8,
data.len().try_into()?,
std::ptr::null_mut(),
&mut signature_len,
))
.into_result()?;
}
let mut signature = vec![0; signature_len.try_into()?];
unsafe {
Rv::from(get_pkcs11!(self.client(), C_Sign)(
self.handle(),
data.as_ptr() as *mut u8,
data.len().try_into()?,
signature.as_mut_ptr(),
&mut signature_len,
))
.into_result()?;
}
signature.resize(signature_len.try_into()?, 0);
Ok(signature)
}
pub fn verify(
&self,
mechanism: &Mechanism,
key: ObjectHandle,
data: &[u8],
signature: &[u8],
) -> Result<()> {
let mut mechanism: CK_MECHANISM = mechanism.into();
unsafe {
Rv::from(get_pkcs11!(self.client(), C_VerifyInit)(
self.handle(),
&mut mechanism as CK_MECHANISM_PTR,
key.handle(),
))
.into_result()?;
}
unsafe {
Rv::from(get_pkcs11!(self.client(), C_Verify)(
self.handle(),
data.as_ptr() as *mut u8,
data.len().try_into()?,
signature.as_ptr() as *mut u8,
signature.len().try_into()?,
))
.into_result()
}
}
}