summaryrefslogtreecommitdiff
path: root/vendor/github.com/miekg/pkcs11
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/miekg/pkcs11')
-rw-r--r--vendor/github.com/miekg/pkcs11/.travis.yml14
-rw-r--r--vendor/github.com/miekg/pkcs11/README.md10
-rw-r--r--vendor/github.com/miekg/pkcs11/pkcs11.go11
-rw-r--r--vendor/github.com/miekg/pkcs11/release.go3
-rw-r--r--vendor/github.com/miekg/pkcs11/types.go12
-rw-r--r--vendor/github.com/miekg/pkcs11/zconst.go (renamed from vendor/github.com/miekg/pkcs11/const.go)196
6 files changed, 139 insertions, 107 deletions
diff --git a/vendor/github.com/miekg/pkcs11/.travis.yml b/vendor/github.com/miekg/pkcs11/.travis.yml
deleted file mode 100644
index 687044d83..000000000
--- a/vendor/github.com/miekg/pkcs11/.travis.yml
+++ /dev/null
@@ -1,14 +0,0 @@
-language: go
-sudo: required
-dist: trusty
-
-go:
- - 1.9
- - tip
-
-script:
- - go test -v ./...
-
-before_script:
- - sudo apt-get update
- - sudo apt-get -y install libsofthsm
diff --git a/vendor/github.com/miekg/pkcs11/README.md b/vendor/github.com/miekg/pkcs11/README.md
index 0a5c1b7b6..18a361a99 100644
--- a/vendor/github.com/miekg/pkcs11/README.md
+++ b/vendor/github.com/miekg/pkcs11/README.md
@@ -1,6 +1,6 @@
-# PKCS#11 [![Build Status](https://travis-ci.org/miekg/pkcs11.png?branch=master)](https://travis-ci.org/miekg/pkcs11) [![GoDoc](https://img.shields.io/badge/godoc-reference-blue.svg)](http://godoc.org/github.com/miekg/pkcs11)
+# PKCS#11
-This is a Go implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom were
+This is a Go implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom where
it makes sense. It has been tested with SoftHSM.
## SoftHSM
@@ -13,10 +13,10 @@ it makes sense. It has been tested with SoftHSM.
softhsm --init-token --slot 0 --label test --pin 1234
~~~
- * Then use `libsofthsm.so` as the pkcs11 module:
+ * Then use `libsofthsm2.so` as the pkcs11 module:
~~~ go
- p := pkcs11.New("/usr/lib/softhsm/libsofthsm.so")
+ p := pkcs11.New("/usr/lib/softhsm/libsofthsm2.so")
~~~
## Examples
@@ -24,7 +24,7 @@ it makes sense. It has been tested with SoftHSM.
A skeleton program would look somewhat like this (yes, pkcs#11 is verbose):
~~~ go
-p := pkcs11.New("/usr/lib/softhsm/libsofthsm.so")
+p := pkcs11.New("/usr/lib/softhsm/libsofthsm2.so")
err := p.Initialize()
if err != nil {
panic(err)
diff --git a/vendor/github.com/miekg/pkcs11/pkcs11.go b/vendor/github.com/miekg/pkcs11/pkcs11.go
index e21d23b73..e1b5824ec 100644
--- a/vendor/github.com/miekg/pkcs11/pkcs11.go
+++ b/vendor/github.com/miekg/pkcs11/pkcs11.go
@@ -2,6 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:generate go run const_generate.go
+
// Package pkcs11 is a wrapper around the PKCS#11 cryptographic library.
package pkcs11
@@ -14,7 +16,7 @@ package pkcs11
#cgo windows CFLAGS: -DPACKED_STRUCTURES
#cgo linux LDFLAGS: -ldl
#cgo darwin LDFLAGS: -ldl
-#cgo openbsd LDFLAGS: -ldl
+#cgo openbsd LDFLAGS:
#cgo freebsd LDFLAGS: -ldl
#include <stdlib.h>
@@ -770,9 +772,10 @@ static inline CK_VOID_PTR getAttributePval(CK_ATTRIBUTE_PTR a)
*/
import "C"
-import "strings"
-
-import "unsafe"
+import (
+ "strings"
+ "unsafe"
+)
// Ctx contains the current pkcs11 context.
type Ctx struct {
diff --git a/vendor/github.com/miekg/pkcs11/release.go b/vendor/github.com/miekg/pkcs11/release.go
index 4380f374d..d8b99f147 100644
--- a/vendor/github.com/miekg/pkcs11/release.go
+++ b/vendor/github.com/miekg/pkcs11/release.go
@@ -1,3 +1,4 @@
+//go:build release
// +build release
package pkcs11
@@ -5,7 +6,7 @@ package pkcs11
import "fmt"
// Release is current version of the pkcs11 library.
-var Release = R{1, 0, 3}
+var Release = R{1, 1, 1}
// R holds the version of this library.
type R struct {
diff --git a/vendor/github.com/miekg/pkcs11/types.go b/vendor/github.com/miekg/pkcs11/types.go
index 970db9061..60eadcb71 100644
--- a/vendor/github.com/miekg/pkcs11/types.go
+++ b/vendor/github.com/miekg/pkcs11/types.go
@@ -182,8 +182,20 @@ func NewAttribute(typ uint, x interface{}) *Attribute {
}
case int:
a.Value = uintToBytes(uint64(v))
+ case int16:
+ a.Value = uintToBytes(uint64(v))
+ case int32:
+ a.Value = uintToBytes(uint64(v))
+ case int64:
+ a.Value = uintToBytes(uint64(v))
case uint:
a.Value = uintToBytes(uint64(v))
+ case uint16:
+ a.Value = uintToBytes(uint64(v))
+ case uint32:
+ a.Value = uintToBytes(uint64(v))
+ case uint64:
+ a.Value = uintToBytes(uint64(v))
case string:
a.Value = []byte(v)
case []byte:
diff --git a/vendor/github.com/miekg/pkcs11/const.go b/vendor/github.com/miekg/pkcs11/zconst.go
index 408856146..41df5cfcf 100644
--- a/vendor/github.com/miekg/pkcs11/const.go
+++ b/vendor/github.com/miekg/pkcs11/zconst.go
@@ -2,48 +2,18 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-package pkcs11
-
-const (
- CKU_SO uint = 0
- CKU_USER uint = 1
- CKU_CONTEXT_SPECIFIC uint = 2
-)
-
-const (
- CKO_DATA uint = 0x00000000
- CKO_CERTIFICATE uint = 0x00000001
- CKO_PUBLIC_KEY uint = 0x00000002
- CKO_PRIVATE_KEY uint = 0x00000003
- CKO_SECRET_KEY uint = 0x00000004
- CKO_HW_FEATURE uint = 0x00000005
- CKO_DOMAIN_PARAMETERS uint = 0x00000006
- CKO_MECHANISM uint = 0x00000007
- CKO_OTP_KEY uint = 0x00000008
- CKO_VENDOR_DEFINED uint = 0x80000000
-)
-
-const (
- CKG_MGF1_SHA1 uint = 0x00000001
- CKG_MGF1_SHA224 uint = 0x00000005
- CKG_MGF1_SHA256 uint = 0x00000002
- CKG_MGF1_SHA384 uint = 0x00000003
- CKG_MGF1_SHA512 uint = 0x00000004
- CKG_MGF1_SHA3_224 uint = 0x00000006
- CKG_MGF1_SHA3_256 uint = 0x00000007
- CKG_MGF1_SHA3_384 uint = 0x00000008
- CKG_MGF1_SHA3_512 uint = 0x00000009
-)
-
-const (
- CKZ_DATA_SPECIFIED uint = 0x00000001
-)
+// Code generated by "go run const_generate.go"; DO NOT EDIT.
-// Generated with: awk '/#define CK[AFKMRC]/{ print $2 " = " $3 }' pkcs11t.h | sed -e 's/UL$//g' -e 's/UL)$/)/g'
+package pkcs11
-// All the flag (CKF_), attribute (CKA_), error code (CKR_), key type (CKK_), certificate type (CKC_) and
-// mechanism (CKM_) constants as defined in PKCS#11.
const (
+ CK_TRUE = 1
+ CK_FALSE = 0
+ CK_UNAVAILABLE_INFORMATION = ^uint(0)
+ CK_EFFECTIVELY_INFINITE = 0
+ CK_INVALID_HANDLE = 0
+ CKN_SURRENDER = 0
+ CKN_OTP_CHANGED = 1
CKF_TOKEN_PRESENT = 0x00000001
CKF_REMOVABLE_DEVICE = 0x00000002
CKF_HW_SLOT = 0x00000004
@@ -66,12 +36,34 @@ const (
CKF_SO_PIN_LOCKED = 0x00400000
CKF_SO_PIN_TO_BE_CHANGED = 0x00800000
CKF_ERROR_STATE = 0x01000000
+ CKU_SO = 0
+ CKU_USER = 1
+ CKU_CONTEXT_SPECIFIC = 2
+ CKS_RO_PUBLIC_SESSION = 0
+ CKS_RO_USER_FUNCTIONS = 1
+ CKS_RW_PUBLIC_SESSION = 2
+ CKS_RW_USER_FUNCTIONS = 3
+ CKS_RW_SO_FUNCTIONS = 4
CKF_RW_SESSION = 0x00000002
CKF_SERIAL_SESSION = 0x00000004
+ CKO_DATA = 0x00000000
+ CKO_CERTIFICATE = 0x00000001
+ CKO_PUBLIC_KEY = 0x00000002
+ CKO_PRIVATE_KEY = 0x00000003
+ CKO_SECRET_KEY = 0x00000004
+ CKO_HW_FEATURE = 0x00000005
+ CKO_DOMAIN_PARAMETERS = 0x00000006
+ CKO_MECHANISM = 0x00000007
+ CKO_OTP_KEY = 0x00000008
+ CKO_VENDOR_DEFINED = 0x80000000
+ CKH_MONOTONIC_COUNTER = 0x00000001
+ CKH_CLOCK = 0x00000002
+ CKH_USER_INTERFACE = 0x00000003
+ CKH_VENDOR_DEFINED = 0x80000000
CKK_RSA = 0x00000000
CKK_DSA = 0x00000001
CKK_DH = 0x00000002
- CKK_ECDSA = 0x00000003
+ CKK_ECDSA = 0x00000003 // Deprecated
CKK_EC = 0x00000003
CKK_X9_42_DH = 0x00000004
CKK_KEA = 0x00000005
@@ -83,7 +75,7 @@ const (
CKK_DES3 = 0x00000015
CKK_CAST = 0x00000016
CKK_CAST3 = 0x00000017
- CKK_CAST5 = 0x00000018
+ CKK_CAST5 = 0x00000018 // Deprecated
CKK_CAST128 = 0x00000018
CKK_RC5 = 0x00000019
CKK_IDEA = 0x0000001A
@@ -99,14 +91,14 @@ const (
CKK_ACTI = 0x00000024
CKK_CAMELLIA = 0x00000025
CKK_ARIA = 0x00000026
- CKK_SHA512_224_HMAC = 0x00000027
- CKK_SHA512_256_HMAC = 0x00000028
- CKK_SHA512_T_HMAC = 0x00000029
+ CKK_MD5_HMAC = 0x00000027
CKK_SHA_1_HMAC = 0x00000028
- CKK_SHA224_HMAC = 0x0000002E
+ CKK_RIPEMD128_HMAC = 0x00000029
+ CKK_RIPEMD160_HMAC = 0x0000002A
CKK_SHA256_HMAC = 0x0000002B
CKK_SHA384_HMAC = 0x0000002C
CKK_SHA512_HMAC = 0x0000002D
+ CKK_SHA224_HMAC = 0x0000002E
CKK_SEED = 0x0000002F
CKK_GOSTR3410 = 0x00000030
CKK_GOSTR3411 = 0x00000031
@@ -116,11 +108,26 @@ const (
CKK_SHA3_384_HMAC = 0x00000035
CKK_SHA3_512_HMAC = 0x00000036
CKK_VENDOR_DEFINED = 0x80000000
+ CK_CERTIFICATE_CATEGORY_UNSPECIFIED = 0
+ CK_CERTIFICATE_CATEGORY_TOKEN_USER = 1
+ CK_CERTIFICATE_CATEGORY_AUTHORITY = 2
+ CK_CERTIFICATE_CATEGORY_OTHER_ENTITY = 3
+ CK_SECURITY_DOMAIN_UNSPECIFIED = 0
+ CK_SECURITY_DOMAIN_MANUFACTURER = 1
+ CK_SECURITY_DOMAIN_OPERATOR = 2
+ CK_SECURITY_DOMAIN_THIRD_PARTY = 3
CKC_X_509 = 0x00000000
CKC_X_509_ATTR_CERT = 0x00000001
CKC_WTLS = 0x00000002
CKC_VENDOR_DEFINED = 0x80000000
CKF_ARRAY_ATTRIBUTE = 0x40000000
+ CK_OTP_FORMAT_DECIMAL = 0
+ CK_OTP_FORMAT_HEXADECIMAL = 1
+ CK_OTP_FORMAT_ALPHANUMERIC = 2
+ CK_OTP_FORMAT_BINARY = 3
+ CK_OTP_PARAM_IGNORED = 0
+ CK_OTP_PARAM_OPTIONAL = 1
+ CK_OTP_PARAM_MANDATORY = 2
CKA_CLASS = 0x00000000
CKA_TOKEN = 0x00000001
CKA_PRIVATE = 0x00000002
@@ -183,15 +190,16 @@ const (
CKA_MODIFIABLE = 0x00000170
CKA_COPYABLE = 0x00000171
CKA_DESTROYABLE = 0x00000172
- CKA_ECDSA_PARAMS = 0x00000180
+ CKA_ECDSA_PARAMS = 0x00000180 // Deprecated
CKA_EC_PARAMS = 0x00000180
CKA_EC_POINT = 0x00000181
- CKA_SECONDARY_AUTH = 0x00000200
- CKA_AUTH_PIN_FLAGS = 0x00000201
+ CKA_SECONDARY_AUTH = 0x00000200 // Deprecated
+ CKA_AUTH_PIN_FLAGS = 0x00000201 // Deprecated
CKA_ALWAYS_AUTHENTICATE = 0x00000202
CKA_WRAP_WITH_TRUSTED = 0x00000210
- CKA_WRAP_TEMPLATE = CKF_ARRAY_ATTRIBUTE | 0x00000211
- CKA_UNWRAP_TEMPLATE = CKF_ARRAY_ATTRIBUTE | 0x00000212
+ CKA_WRAP_TEMPLATE = (CKF_ARRAY_ATTRIBUTE | 0x00000211)
+ CKA_UNWRAP_TEMPLATE = (CKF_ARRAY_ATTRIBUTE | 0x00000212)
+ CKA_DERIVE_TEMPLATE = (CKF_ARRAY_ATTRIBUTE | 0x00000213)
CKA_OTP_FORMAT = 0x00000220
CKA_OTP_LENGTH = 0x00000221
CKA_OTP_TIME_INTERVAL = 0x00000222
@@ -226,7 +234,7 @@ const (
CKA_REQUIRED_CMS_ATTRIBUTES = 0x00000501
CKA_DEFAULT_CMS_ATTRIBUTES = 0x00000502
CKA_SUPPORTED_CMS_ATTRIBUTES = 0x00000503
- CKA_ALLOWED_MECHANISMS = CKF_ARRAY_ATTRIBUTE | 0x00000600
+ CKA_ALLOWED_MECHANISMS = (CKF_ARRAY_ATTRIBUTE | 0x00000600)
CKA_VENDOR_DEFINED = 0x80000000
CKM_RSA_PKCS_KEY_PAIR_GEN = 0x00000000
CKM_RSA_PKCS = 0x00000001
@@ -246,11 +254,10 @@ const (
CKM_DSA_KEY_PAIR_GEN = 0x00000010
CKM_DSA = 0x00000011
CKM_DSA_SHA1 = 0x00000012
- CKM_DSA_FIPS_G_GEN = 0x00000013
- CKM_DSA_SHA224 = 0x00000014
- CKM_DSA_SHA256 = 0x00000015
- CKM_DSA_SHA384 = 0x00000016
- CKM_DSA_SHA512 = 0x00000017
+ CKM_DSA_SHA224 = 0x00000013
+ CKM_DSA_SHA256 = 0x00000014
+ CKM_DSA_SHA384 = 0x00000015
+ CKM_DSA_SHA512 = 0x00000016
CKM_DSA_SHA3_224 = 0x00000018
CKM_DSA_SHA3_256 = 0x00000019
CKM_DSA_SHA3_384 = 0x0000001A
@@ -387,13 +394,13 @@ const (
CKM_CAST128_KEY_GEN = 0x00000320
CKM_CAST5_ECB = 0x00000321
CKM_CAST128_ECB = 0x00000321
- CKM_CAST5_CBC = 0x00000322
+ CKM_CAST5_CBC = 0x00000322 // Deprecated
CKM_CAST128_CBC = 0x00000322
- CKM_CAST5_MAC = 0x00000323
+ CKM_CAST5_MAC = 0x00000323 // Deprecated
CKM_CAST128_MAC = 0x00000323
- CKM_CAST5_MAC_GENERAL = 0x00000324
+ CKM_CAST5_MAC_GENERAL = 0x00000324 // Deprecated
CKM_CAST128_MAC_GENERAL = 0x00000324
- CKM_CAST5_CBC_PAD = 0x00000325
+ CKM_CAST5_CBC_PAD = 0x00000325 // Deprecated
CKM_CAST128_CBC_PAD = 0x00000325
CKM_RC5_KEY_GEN = 0x00000330
CKM_RC5_ECB = 0x00000331
@@ -441,9 +448,9 @@ const (
CKM_PBE_MD5_DES_CBC = 0x000003A1
CKM_PBE_MD5_CAST_CBC = 0x000003A2
CKM_PBE_MD5_CAST3_CBC = 0x000003A3
- CKM_PBE_MD5_CAST5_CBC = 0x000003A4
+ CKM_PBE_MD5_CAST5_CBC = 0x000003A4 // Deprecated
CKM_PBE_MD5_CAST128_CBC = 0x000003A4
- CKM_PBE_SHA1_CAST5_CBC = 0x000003A5
+ CKM_PBE_SHA1_CAST5_CBC = 0x000003A5 // Deprecated
CKM_PBE_SHA1_CAST128_CBC = 0x000003A5
CKM_PBE_SHA1_RC4_128 = 0x000003A6
CKM_PBE_SHA1_RC4_40 = 0x000003A7
@@ -522,7 +529,7 @@ const (
CKM_BATON_COUNTER = 0x00001034
CKM_BATON_SHUFFLE = 0x00001035
CKM_BATON_WRAP = 0x00001036
- CKM_ECDSA_KEY_PAIR_GEN = 0x00001040
+ CKM_ECDSA_KEY_PAIR_GEN = 0x00001040 // Deprecated
CKM_EC_KEY_PAIR_GEN = 0x00001040
CKM_ECDSA = 0x00001041
CKM_ECDSA_SHA1 = 0x00001042
@@ -551,9 +558,9 @@ const (
CKM_AES_CTR = 0x00001086
CKM_AES_GCM = 0x00001087
CKM_AES_CCM = 0x00001088
- CKM_AES_CMAC_GENERAL = 0x00001089
+ CKM_AES_CTS = 0x00001089
CKM_AES_CMAC = 0x0000108A
- CKM_AES_CTS = 0x0000108B
+ CKM_AES_CMAC_GENERAL = 0x0000108B
CKM_AES_XCBC_MAC = 0x0000108C
CKM_AES_XCBC_MAC_96 = 0x0000108D
CKM_AES_GMAC = 0x0000108E
@@ -704,33 +711,56 @@ const (
CKR_MUTEX_NOT_LOCKED = 0x000001A1
CKR_NEW_PIN_MODE = 0x000001B0
CKR_NEXT_OTP = 0x000001B1
- CKR_EXCEEDED_MAX_ITERATIONS = 0x000001C0
- CKR_FIPS_SELF_TEST_FAILED = 0x000001C1
- CKR_LIBRARY_LOAD_FAILED = 0x000001C2
- CKR_PIN_TOO_WEAK = 0x000001C3
- CKR_PUBLIC_KEY_INVALID = 0x000001C4
+ CKR_EXCEEDED_MAX_ITERATIONS = 0x000001B5
+ CKR_FIPS_SELF_TEST_FAILED = 0x000001B6
+ CKR_LIBRARY_LOAD_FAILED = 0x000001B7
+ CKR_PIN_TOO_WEAK = 0x000001B8
+ CKR_PUBLIC_KEY_INVALID = 0x000001B9
CKR_FUNCTION_REJECTED = 0x00000200
CKR_VENDOR_DEFINED = 0x80000000
CKF_LIBRARY_CANT_CREATE_OS_THREADS = 0x00000001
CKF_OS_LOCKING_OK = 0x00000002
CKF_DONT_BLOCK = 1
+ CKG_MGF1_SHA1 = 0x00000001
+ CKG_MGF1_SHA256 = 0x00000002
+ CKG_MGF1_SHA384 = 0x00000003
+ CKG_MGF1_SHA512 = 0x00000004
+ CKG_MGF1_SHA224 = 0x00000005
+ CKZ_DATA_SPECIFIED = 0x00000001
+ CKD_NULL = 0x00000001
+ CKD_SHA1_KDF = 0x00000002
+ CKD_SHA1_KDF_ASN1 = 0x00000003
+ CKD_SHA1_KDF_CONCATENATE = 0x00000004
+ CKD_SHA224_KDF = 0x00000005
+ CKD_SHA256_KDF = 0x00000006
+ CKD_SHA384_KDF = 0x00000007
+ CKD_SHA512_KDF = 0x00000008
+ CKD_CPDIVERSIFY_KDF = 0x00000009
+ CKD_SHA3_224_KDF = 0x0000000A
+ CKD_SHA3_256_KDF = 0x0000000B
+ CKD_SHA3_384_KDF = 0x0000000C
+ CKD_SHA3_512_KDF = 0x0000000D
+ CKP_PKCS5_PBKD2_HMAC_SHA1 = 0x00000001
+ CKP_PKCS5_PBKD2_HMAC_GOSTR3411 = 0x00000002
+ CKP_PKCS5_PBKD2_HMAC_SHA224 = 0x00000003
+ CKP_PKCS5_PBKD2_HMAC_SHA256 = 0x00000004
+ CKP_PKCS5_PBKD2_HMAC_SHA384 = 0x00000005
+ CKP_PKCS5_PBKD2_HMAC_SHA512 = 0x00000006
+ CKP_PKCS5_PBKD2_HMAC_SHA512_224 = 0x00000007
+ CKP_PKCS5_PBKD2_HMAC_SHA512_256 = 0x00000008
+ CKZ_SALT_SPECIFIED = 0x00000001
+ CK_OTP_VALUE = 0
+ CK_OTP_PIN = 1
+ CK_OTP_CHALLENGE = 2
+ CK_OTP_TIME = 3
+ CK_OTP_COUNTER = 4
+ CK_OTP_FLAGS = 5
+ CK_OTP_OUTPUT_LENGTH = 6
+ CK_OTP_OUTPUT_FORMAT = 7
CKF_NEXT_OTP = 0x00000001
CKF_EXCLUDE_TIME = 0x00000002
CKF_EXCLUDE_COUNTER = 0x00000004
CKF_EXCLUDE_CHALLENGE = 0x00000008
CKF_EXCLUDE_PIN = 0x00000010
CKF_USER_FRIENDLY_OTP = 0x00000020
- CKD_NULL = 0x00000001
- CKD_SHA1_KDF = 0x00000002
-)
-
-// Special return values defined in PKCS#11 v2.40 section 3.2.
-const (
- // CK_EFFECTIVELY_INFINITE may be returned in the CK_TOKEN_INFO fields ulMaxSessionCount and ulMaxRwSessionCount.
- // It indicates there is no practical limit on the number of sessions.
- CK_EFFECTIVELY_INFINITE = 0
-
- // CK_UNAVAILABLE_INFORMATION may be returned for several fields within CK_TOKEN_INFO. It indicates
- // the token is unable or unwilling to provide the requested information.
- CK_UNAVAILABLE_INFORMATION = ^uint(0)
)