Developer's Guide
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ex-pkcs11-10.c
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <memory.h>
#include "pkcs11.h"
#include "pkcs11p6r.h"
// *** For this example to work Example #1 must be run successfully first. ***
// Copy the following files from example 1 into example 9: PKCS11, PKCS11.sig, pkcs11baseKey.txt,
// so that they don't have to be created for each example. Make sure example 1 has the Thales token
// define, if not change the p6pkcs11.conf file and re-run that example.
//
// Also the FutureX HSM token must be defined in the p6pkcs11.conf file. See "FutureX HSM Integration"
// in PKCS11 documentation. FutureX HSM tokens are initialized via a Web application.
//
// ***
// Example 1 initializes the token with the Security Officer and normal user accounts.
//
//
int main(int argc,char *argv[])
{
CK_C_INITIALIZE_ARGS initArgs;
CK_SLOT_INFO oneSlot;
CK_SLOT_ID_PTR pSlotList = NULL_PTR;
CK_ULONG ulSlotCount = 0;
CK_ULONG i = 0;
CK_ULONG j = 0;
CK_CHAR_PTR pEncoded = NULL;
CK_CHAR_PTR pDecoded = NULL;
const unsigned char* pError = NULL;
const unsigned char* pMech = NULL;
CK_VOID_PTR pMutex = NULL;
CK_RV rv = 0;
int match = 0;
static unsigned char binaryData[] = { 0x55, 0x73, 0xAC, 0x2D, 0x43 };
// [A] We must first initialize the entire PKCS 11 library
memset( &initArgs, 0, sizeof( CK_C_INITIALIZE_ARGS ));
initArgs.flags = CKF_OS_LOCKING_OK;
if (CKR_OK != (rv = C_Initialize( &initArgs ))) {
printf( "PKCS11 example10: failed C_Initialize (error:%lx)", rv );
return -1;
}
// [B] What slots are defined (see p6pkcs11.conf file)
if (CKR_OK == (rv = C_GetSlotList( CK_FALSE, NULL_PTR, &ulSlotCount )))
{
if (NULL_PTR == (pSlotList = (CK_SLOT_ID_PTR) malloc( ulSlotCount * sizeof( CK_SLOT_ID )))) {
printf( "PKCS11 example10: memory allocation failed" );
return -2;
}
// -> select the FutureX token in a slot by its description
if (CKR_OK == (rv = C_GetSlotList( CK_FALSE, pSlotList, &ulSlotCount )))
{
for( i=0; i < ulSlotCount; i++ )
{
if (CKR_OK == (rv = C_GetSlotInfo( pSlotList[i], (CK_SLOT_INFO_PTR)&oneSlot )))
{
// -> slot description field is a fixed 64 characters long and is not NULL terminated, Futurex slot description
match = strncmp( (const char*)oneSlot.slotDescription, "Futurex Cryptoki Slot #0 ", 64 );
if (0 == match)
{
// -> none of these FutureX vendor extension functions need a session so they are not talking to the HSM but running locally
// -> Futurex API exposes C types not standard PKCS11 types
// [C] Hex Functions
// -> the first parameter has to indicate a FutureX token in the P6R PKCS 11 configuration
pEncoded = Futurex_C_FX_HexEncode( pSlotList[i], (const CK_CHAR_PTR)binaryData, (CK_LONG)5 );
pDecoded = Futurex_C_FX_HexDecode( pSlotList[i], pEncoded );
for( j=0; j < 5; j++ )
{
if (binaryData[j] != pDecoded[j]) {
printf( "PKCS11 example10: HEX functions did not work as expected" );
}
}
if (NULL != pEncoded) Futurex_C_FX_MemFree( pSlotList[i], pEncoded );
if (NULL != pDecoded) Futurex_C_FX_MemFree( pSlotList[i], pDecoded );
// [D] Error string operations, these are not freed
pError = Futurex_C_FX_GetErrorString( pSlotList[i], CKR_ATTRIBUTE_VALUE_INVALID );
match = -1;
if (NULL != pError) match = strncmp( (const char*)pError, (const char*)"ATTRIBUTE_VALUE_INVALID", 23 );
if (0 != match && NULL != pError) {
printf( "PKCS11 example10: GetErrorString [%s] instead of expected value", pError );
}
pMech = Futurex_C_FX_GetMechanismString( pSlotList[i], CKM_RSA_PKCS_KEY_PAIR_GEN );
match = -1;
if (NULL != pMech) match = strncmp( (const char*)pMech, (const char*)"CKM_RSA_PKCS_KEY_PAIR_GEN", 25 );
if (0 != match && NULL != pError) {
printf( "PKCS11 example10: GetMechanismString [%s] instead of expected value", pMech );
}
// [E] Test out Mutex functions
if ( NULL != (pMutex = Futurex_C_FX_GenericCreateMutex( pSlotList[i] )))
{
CK_BBOOL bLocked = CK_FALSE;
CK_BBOOL bUnlocked = CK_FALSE;
CK_BBOOL bFreeLock = CK_FALSE;
bLocked = Futurex_C_FX_GenericLockMutex( pSlotList[i], pMutex );
if (!bLocked) {
printf( "PKCS11 example10: GenericLockMutex failed" );
}
bUnlocked = Futurex_C_FX_GenericUnlockMutex( pSlotList[i], pMutex );
if (!bUnlocked) {
printf( "PKCS11 example10: GenericUnlockMutex failed" );
}
bFreeLock = Futurex_C_FX_GenericDestroyMutex( pSlotList[i], pMutex );
if (!bFreeLock) {
printf( "PKCS11 example10: GenericDestroyMutex failed" );
}
}
else printf( "PKCS11 example10: GenericCreateMutex failed" );
// [F] Misc
Futurex_C_FX_SleepMS( pSlotList[i], 5000 );
Futurex_C_FX_ThreadID( pSlotList[i] );
if (CKR_OK != (rv = Futurex_C_FX_ReloadTokenInfo( pSlotList[i], 0 ))) {
printf( "PKCS11 example10: failed ReloadTokenInfo (error:%lx)", rv );
}
}
}
}
}
}
// [G] At the end we must tell the library we are done
if (NULL_PTR != pSlotList) free( pSlotList );
if (CKR_OK != (rv = C_Finalize( NULL_PTR ))) {
printf( "PKCS11 example10: failed C_Finalize %lx", rv );
return -3;
}
return 0;
}