aboutsummaryrefslogtreecommitdiffstats
path: root/SoftHSMv2/src/lib/access.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'SoftHSMv2/src/lib/access.cpp')
-rw-r--r--SoftHSMv2/src/lib/access.cpp101
1 files changed, 101 insertions, 0 deletions
diff --git a/SoftHSMv2/src/lib/access.cpp b/SoftHSMv2/src/lib/access.cpp
new file mode 100644
index 0000000..66473d1
--- /dev/null
+++ b/SoftHSMv2/src/lib/access.cpp
@@ -0,0 +1,101 @@
+/*
+ * Copyright (c) 2010 .SE (The Internet Infrastructure Foundation)
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+ * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*****************************************************************************
+ access.cpp
+
+ Implements the access rules.
+ *****************************************************************************/
+
+#include "access.h"
+#include <stdlib.h>
+#include <stdio.h>
+
+// Checks if a read operation is allowed on a given object type.
+//
+// Type of session
+// Type of object R/O Public | R/W Public | R/O User | R/W User | R/W SO
+// ------------------------------------------------------------------------------
+// Public session object OK | OK | OK | OK | OK
+// Private session object UNLI | UNLI | OK | OK | UNLI
+// Public token object OK | OK | OK | OK | OK
+// Private token object UNLI | UNLI | OK | OK | UNLI
+//
+// OK = CKR_OK
+// SRO = CKR_SESSION_READ_ONLY
+// UNLI = CKR_USER_NOT_LOGGED_IN
+
+// Can we do read operations?
+CK_RV haveRead(CK_STATE sessionState, CK_BBOOL /*isTokenObject*/, CK_BBOOL isPrivateObject)
+{
+ switch (sessionState)
+ {
+ case CKS_RO_PUBLIC_SESSION:
+ case CKS_RW_PUBLIC_SESSION:
+ case CKS_RW_SO_FUNCTIONS:
+ return isPrivateObject ? CKR_USER_NOT_LOGGED_IN : CKR_OK;
+ case CKS_RO_USER_FUNCTIONS:
+ case CKS_RW_USER_FUNCTIONS:
+ return CKR_OK;
+ }
+ return CKR_GENERAL_ERROR; // internal error, switch should have covered every state
+}
+
+// Checks if a write operation is allowed on a given object type.
+//
+// Type of session
+// Type of object R/O Public | R/W Public | R/O User | R/W User | R/W SO
+// ------------------------------------------------------------------------------
+// Public session object OK | OK | OK | OK | OK
+// Private session object UNLI | UNLI | OK | OK | UNLI
+// Public token object SRO | OK | SRO | OK | OK
+// Private token object SRO/UNLI | UNLI | SRO | OK | UNLI
+//
+// OK = CKR_OK
+// SRO = CKR_SESSION_READ_ONLY
+// UNLI = CKR_USER_NOT_LOGGED_IN
+// In the situation where both SRO and UNLI may be returned we favor SRO.
+
+// Can we do write operations?
+CK_RV haveWrite(CK_STATE sessionState, CK_BBOOL isTokenObject, CK_BBOOL isPrivateObject)
+{
+ switch (sessionState)
+ {
+ case CKS_RO_PUBLIC_SESSION:
+ if (isTokenObject)
+ return CKR_SESSION_READ_ONLY;
+ else
+ return isPrivateObject ? CKR_USER_NOT_LOGGED_IN : CKR_OK;
+ case CKS_RW_PUBLIC_SESSION:
+ case CKS_RW_SO_FUNCTIONS:
+ return isPrivateObject ? CKR_USER_NOT_LOGGED_IN : CKR_OK;
+ case CKS_RO_USER_FUNCTIONS:
+ return isTokenObject ? CKR_SESSION_READ_ONLY : CKR_OK;
+ case CKS_RW_USER_FUNCTIONS:
+ return CKR_OK;
+ }
+ return CKR_GENERAL_ERROR; // internal error, switch should have covered every state
+}