rust-cryptoki/cryptoki/src/context/session_management.rs at 02deaf7feeab7e4e9734d5c5907e3f2a8de342d5 · wiktor-k/rust-cryptoki · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
// Copyright 2021 Contributors to the Parsec project.
// SPDX-License-Identifier: Apache-2.0
//! Session management functions

use cryptoki_sys::{CKF_RW_SESSION, CKF_SERIAL_SESSION};

use crate::context::Pkcs11;
use crate::error::{Result, Rv};
use crate::session::Session;
use crate::slot::Slot;

use super::Function;

impl Pkcs11 {
    #[inline(always)]
    fn open_session(&self, slot_id: Slot, read_write: bool) -> Result<Session<'_>> {
        let mut session_handle = 0;

        let flags = if read_write {
            CKF_SERIAL_SESSION | CKF_RW_SESSION
        } else {
            CKF_SERIAL_SESSION
        };
        unsafe {
            Rv::from(get_pkcs11!(self, C_OpenSession)(
                slot_id.into(),
                flags,
                // TODO: abstract those types or create new functions for callbacks
                std::ptr::null_mut(),
                None,
                &mut session_handle,
            ))
            .into_result(Function::OpenSession)?;
        }

        Ok(Session::new(session_handle, self))
    }

    /// Open a new Read-Only session
    ///
    /// For a Read-Write session, use `open_rw_session`
    ///
    /// Note: No callback is set when opening the session.
    ///
    /// # Examples
    ///
    /// ```rust
    /// # fn main() -> testresult::TestResult {
    /// use cryptoki::session::Session;
    /// use cryptoki::context::Pkcs11;
    ///
    /// let mut client = Pkcs11::new(
    ///     std::env::var("TEST_PKCS11_MODULE")
    ///        .unwrap_or_else(|_| "/usr/local/lib/softhsm/libsofthsm2.so".to_string()),
    /// )?;
    /// client.initialize(cryptoki::context::CInitializeArgs::OsThreads)?;
    ///
    /// // Use the first slot
    /// let slot = client.get_all_slots()?[0];
    /// let session = client.open_ro_session(slot)?;
    /// # let _ = session; Ok(()) }
    /// ```
    pub fn open_ro_session(&self, slot_id: Slot) -> Result<Session<'_>> {
        self.open_session(slot_id, false)
    }

    /// Open a new Read/Write session
    ///
    /// Note: No callback is set when opening the session.
    pub fn open_rw_session(&self, slot_id: Slot) -> Result<Session<'_>> {
        self.open_session(slot_id, true)
    }
}