[Python-modules-commits] [pykcs11] 01/04: New upstream version 1.3.3
Ludovic Rousseau
rousseau at moszumanska.debian.org
Tue Nov 1 16:33:15 UTC 2016
This is an automated email from the git hooks/post-receive script.
rousseau pushed a commit to branch master
in repository pykcs11.
commit b902638cb4dde04b854e376f07e151b274c12726
Author: Ludovic Rousseau <rousseau at debian.org>
Date: Tue Nov 1 13:52:56 2016 +0100
New upstream version 1.3.3
---
PKG-INFO | 4 +-
PyKCS11/LowLevel.py | 147 ++++++++++
PyKCS11/__init__.py | 88 ++++--
readme.txt | 16 +-
samples/LowLevel/InitTokenPin.py | 2 +-
samples/LowLevel/dumpit.py | 2 +-
samples/LowLevel/rand.py | 2 +-
samples/LowLevel/test.py | 8 +-
samples/LowLevel/test1.py | 2 +-
samples/dumpit.py | 17 +-
samples/encrypt.py | 4 +-
samples/events.py | 2 +-
samples/genkeypair_import_cert.py | 13 +-
samples/getinfo.py | 3 +-
samples/signature.py | 7 +-
setup.py | 4 +-
src/pykcs11.i | 65 +++-
src/pykcs11_wrap.cpp | 604 +++++++++++++++++++++++++++++++++++++-
18 files changed, 922 insertions(+), 68 deletions(-)
diff --git a/PKG-INFO b/PKG-INFO
index 5b79944..f78b5fd 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,8 +1,8 @@
Metadata-Version: 1.1
Name: PyKCS11
-Version: 1.3.2
+Version: 1.3.3
Summary: A Full PKCS#11 wrapper for Python
-Home-page: http://sourceforge.net/projects/pkcs11wrap/
+Home-page: https://bitbucket.org/PyKCS11/pykcs11
Author: Ludovic Rousseau
Author-email: ludovic.rousseau at free.fr
License: GPL
diff --git a/PyKCS11/LowLevel.py b/PyKCS11/LowLevel.py
index 6e851db..494828e 100644
--- a/PyKCS11/LowLevel.py
+++ b/PyKCS11/LowLevel.py
@@ -1631,6 +1631,18 @@ CKM_DSA = _LowLevel.CKM_DSA
_LowLevel.CKM_DSA_SHA1_swigconstant(_LowLevel)
CKM_DSA_SHA1 = _LowLevel.CKM_DSA_SHA1
+_LowLevel.CKM_DSA_SHA224_swigconstant(_LowLevel)
+CKM_DSA_SHA224 = _LowLevel.CKM_DSA_SHA224
+
+_LowLevel.CKM_DSA_SHA256_swigconstant(_LowLevel)
+CKM_DSA_SHA256 = _LowLevel.CKM_DSA_SHA256
+
+_LowLevel.CKM_DSA_SHA384_swigconstant(_LowLevel)
+CKM_DSA_SHA384 = _LowLevel.CKM_DSA_SHA384
+
+_LowLevel.CKM_DSA_SHA512_swigconstant(_LowLevel)
+CKM_DSA_SHA512 = _LowLevel.CKM_DSA_SHA512
+
_LowLevel.CKM_DH_PKCS_KEY_PAIR_GEN_swigconstant(_LowLevel)
CKM_DH_PKCS_KEY_PAIR_GEN = _LowLevel.CKM_DH_PKCS_KEY_PAIR_GEN
@@ -1673,6 +1685,42 @@ CKM_SHA224_RSA_PKCS = _LowLevel.CKM_SHA224_RSA_PKCS
_LowLevel.CKM_SHA224_RSA_PKCS_PSS_swigconstant(_LowLevel)
CKM_SHA224_RSA_PKCS_PSS = _LowLevel.CKM_SHA224_RSA_PKCS_PSS
+_LowLevel.CKM_SHA512_224_swigconstant(_LowLevel)
+CKM_SHA512_224 = _LowLevel.CKM_SHA512_224
+
+_LowLevel.CKM_SHA512_224_HMAC_swigconstant(_LowLevel)
+CKM_SHA512_224_HMAC = _LowLevel.CKM_SHA512_224_HMAC
+
+_LowLevel.CKM_SHA512_224_HMAC_GENERAL_swigconstant(_LowLevel)
+CKM_SHA512_224_HMAC_GENERAL = _LowLevel.CKM_SHA512_224_HMAC_GENERAL
+
+_LowLevel.CKM_SHA512_224_KEY_DERIVATION_swigconstant(_LowLevel)
+CKM_SHA512_224_KEY_DERIVATION = _LowLevel.CKM_SHA512_224_KEY_DERIVATION
+
+_LowLevel.CKM_SHA512_256_swigconstant(_LowLevel)
+CKM_SHA512_256 = _LowLevel.CKM_SHA512_256
+
+_LowLevel.CKM_SHA512_256_HMAC_swigconstant(_LowLevel)
+CKM_SHA512_256_HMAC = _LowLevel.CKM_SHA512_256_HMAC
+
+_LowLevel.CKM_SHA512_256_HMAC_GENERAL_swigconstant(_LowLevel)
+CKM_SHA512_256_HMAC_GENERAL = _LowLevel.CKM_SHA512_256_HMAC_GENERAL
+
+_LowLevel.CKM_SHA512_256_KEY_DERIVATION_swigconstant(_LowLevel)
+CKM_SHA512_256_KEY_DERIVATION = _LowLevel.CKM_SHA512_256_KEY_DERIVATION
+
+_LowLevel.CKM_SHA512_T_swigconstant(_LowLevel)
+CKM_SHA512_T = _LowLevel.CKM_SHA512_T
+
+_LowLevel.CKM_SHA512_T_HMAC_swigconstant(_LowLevel)
+CKM_SHA512_T_HMAC = _LowLevel.CKM_SHA512_T_HMAC
+
+_LowLevel.CKM_SHA512_T_HMAC_GENERAL_swigconstant(_LowLevel)
+CKM_SHA512_T_HMAC_GENERAL = _LowLevel.CKM_SHA512_T_HMAC_GENERAL
+
+_LowLevel.CKM_SHA512_T_KEY_DERIVATION_swigconstant(_LowLevel)
+CKM_SHA512_T_KEY_DERIVATION = _LowLevel.CKM_SHA512_T_KEY_DERIVATION
+
_LowLevel.CKM_RC2_KEY_GEN_swigconstant(_LowLevel)
CKM_RC2_KEY_GEN = _LowLevel.CKM_RC2_KEY_GEN
@@ -2117,6 +2165,36 @@ CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE = _LowLevel.CKM_WTLS_SERVER_KEY_AND_MAC_DERIV
_LowLevel.CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE_swigconstant(_LowLevel)
CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE = _LowLevel.CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE
+_LowLevel.CKM_TLS10_MAC_SERVER_swigconstant(_LowLevel)
+CKM_TLS10_MAC_SERVER = _LowLevel.CKM_TLS10_MAC_SERVER
+
+_LowLevel.CKM_TLS10_MAC_CLIENT_swigconstant(_LowLevel)
+CKM_TLS10_MAC_CLIENT = _LowLevel.CKM_TLS10_MAC_CLIENT
+
+_LowLevel.CKM_TLS12_MAC_swigconstant(_LowLevel)
+CKM_TLS12_MAC = _LowLevel.CKM_TLS12_MAC
+
+_LowLevel.CKM_TLS12_KDF_swigconstant(_LowLevel)
+CKM_TLS12_KDF = _LowLevel.CKM_TLS12_KDF
+
+_LowLevel.CKM_TLS12_MASTER_KEY_DERIVE_swigconstant(_LowLevel)
+CKM_TLS12_MASTER_KEY_DERIVE = _LowLevel.CKM_TLS12_MASTER_KEY_DERIVE
+
+_LowLevel.CKM_TLS12_KEY_AND_MAC_DERIVE_swigconstant(_LowLevel)
+CKM_TLS12_KEY_AND_MAC_DERIVE = _LowLevel.CKM_TLS12_KEY_AND_MAC_DERIVE
+
+_LowLevel.CKM_TLS12_MASTER_KEY_DERIVE_DH_swigconstant(_LowLevel)
+CKM_TLS12_MASTER_KEY_DERIVE_DH = _LowLevel.CKM_TLS12_MASTER_KEY_DERIVE_DH
+
+_LowLevel.CKM_TLS12_KEY_SAFE_DERIVE_swigconstant(_LowLevel)
+CKM_TLS12_KEY_SAFE_DERIVE = _LowLevel.CKM_TLS12_KEY_SAFE_DERIVE
+
+_LowLevel.CKM_TLS_MAC_swigconstant(_LowLevel)
+CKM_TLS_MAC = _LowLevel.CKM_TLS_MAC
+
+_LowLevel.CKM_TLS_KDF_swigconstant(_LowLevel)
+CKM_TLS_KDF = _LowLevel.CKM_TLS_KDF
+
_LowLevel.CKM_KEY_WRAP_LYNKS_swigconstant(_LowLevel)
CKM_KEY_WRAP_LYNKS = _LowLevel.CKM_KEY_WRAP_LYNKS
@@ -2249,6 +2327,9 @@ CKM_KEA_KEY_PAIR_GEN = _LowLevel.CKM_KEA_KEY_PAIR_GEN
_LowLevel.CKM_KEA_KEY_DERIVE_swigconstant(_LowLevel)
CKM_KEA_KEY_DERIVE = _LowLevel.CKM_KEA_KEY_DERIVE
+_LowLevel.CKM_KEA_DERIVE_swigconstant(_LowLevel)
+CKM_KEA_DERIVE = _LowLevel.CKM_KEA_DERIVE
+
_LowLevel.CKM_FORTEZZA_TIMESTAMP_swigconstant(_LowLevel)
CKM_FORTEZZA_TIMESTAMP = _LowLevel.CKM_FORTEZZA_TIMESTAMP
@@ -2285,6 +2366,18 @@ CKM_ECDSA = _LowLevel.CKM_ECDSA
_LowLevel.CKM_ECDSA_SHA1_swigconstant(_LowLevel)
CKM_ECDSA_SHA1 = _LowLevel.CKM_ECDSA_SHA1
+_LowLevel.CKM_ECDSA_SHA224_swigconstant(_LowLevel)
+CKM_ECDSA_SHA224 = _LowLevel.CKM_ECDSA_SHA224
+
+_LowLevel.CKM_ECDSA_SHA256_swigconstant(_LowLevel)
+CKM_ECDSA_SHA256 = _LowLevel.CKM_ECDSA_SHA256
+
+_LowLevel.CKM_ECDSA_SHA384_swigconstant(_LowLevel)
+CKM_ECDSA_SHA384 = _LowLevel.CKM_ECDSA_SHA384
+
+_LowLevel.CKM_ECDSA_SHA512_swigconstant(_LowLevel)
+CKM_ECDSA_SHA512 = _LowLevel.CKM_ECDSA_SHA512
+
_LowLevel.CKM_ECDH1_DERIVE_swigconstant(_LowLevel)
CKM_ECDH1_DERIVE = _LowLevel.CKM_ECDH1_DERIVE
@@ -2294,6 +2387,12 @@ CKM_ECDH1_COFACTOR_DERIVE = _LowLevel.CKM_ECDH1_COFACTOR_DERIVE
_LowLevel.CKM_ECMQV_DERIVE_swigconstant(_LowLevel)
CKM_ECMQV_DERIVE = _LowLevel.CKM_ECMQV_DERIVE
+_LowLevel.CKM_ECDH_AES_KEY_WRAP_swigconstant(_LowLevel)
+CKM_ECDH_AES_KEY_WRAP = _LowLevel.CKM_ECDH_AES_KEY_WRAP
+
+_LowLevel.CKM_RSA_AES_KEY_WRAP_swigconstant(_LowLevel)
+CKM_RSA_AES_KEY_WRAP = _LowLevel.CKM_RSA_AES_KEY_WRAP
+
_LowLevel.CKM_JUNIPER_KEY_GEN_swigconstant(_LowLevel)
CKM_JUNIPER_KEY_GEN = _LowLevel.CKM_JUNIPER_KEY_GEN
@@ -2348,6 +2447,18 @@ CKM_AES_CTS = _LowLevel.CKM_AES_CTS
_LowLevel.CKM_AES_CMAC_swigconstant(_LowLevel)
CKM_AES_CMAC = _LowLevel.CKM_AES_CMAC
+_LowLevel.CKM_AES_CMAC_GENERAL_swigconstant(_LowLevel)
+CKM_AES_CMAC_GENERAL = _LowLevel.CKM_AES_CMAC_GENERAL
+
+_LowLevel.CKM_AES_XCBC_MAC_swigconstant(_LowLevel)
+CKM_AES_XCBC_MAC = _LowLevel.CKM_AES_XCBC_MAC
+
+_LowLevel.CKM_AES_XCBC_MAC_96_swigconstant(_LowLevel)
+CKM_AES_XCBC_MAC_96 = _LowLevel.CKM_AES_XCBC_MAC_96
+
+_LowLevel.CKM_AES_GMAC_swigconstant(_LowLevel)
+CKM_AES_GMAC = _LowLevel.CKM_AES_GMAC
+
_LowLevel.CKM_BLOWFISH_KEY_GEN_swigconstant(_LowLevel)
CKM_BLOWFISH_KEY_GEN = _LowLevel.CKM_BLOWFISH_KEY_GEN
@@ -2429,6 +2540,12 @@ CKM_DH_PKCS_PARAMETER_GEN = _LowLevel.CKM_DH_PKCS_PARAMETER_GEN
_LowLevel.CKM_X9_42_DH_PARAMETER_GEN_swigconstant(_LowLevel)
CKM_X9_42_DH_PARAMETER_GEN = _LowLevel.CKM_X9_42_DH_PARAMETER_GEN
+_LowLevel.CKM_DSA_PROBABLISTIC_PARAMETER_GEN_swigconstant(_LowLevel)
+CKM_DSA_PROBABLISTIC_PARAMETER_GEN = _LowLevel.CKM_DSA_PROBABLISTIC_PARAMETER_GEN
+
+_LowLevel.CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN_swigconstant(_LowLevel)
+CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN = _LowLevel.CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN
+
_LowLevel.CKM_AES_OFB_swigconstant(_LowLevel)
CKM_AES_OFB = _LowLevel.CKM_AES_OFB
@@ -2441,6 +2558,15 @@ CKM_AES_CFB8 = _LowLevel.CKM_AES_CFB8
_LowLevel.CKM_AES_CFB128_swigconstant(_LowLevel)
CKM_AES_CFB128 = _LowLevel.CKM_AES_CFB128
+_LowLevel.CKM_AES_CFB1_swigconstant(_LowLevel)
+CKM_AES_CFB1 = _LowLevel.CKM_AES_CFB1
+
+_LowLevel.CKM_AES_KEY_WRAP_swigconstant(_LowLevel)
+CKM_AES_KEY_WRAP = _LowLevel.CKM_AES_KEY_WRAP
+
+_LowLevel.CKM_AES_KEY_WRAP_PAD_swigconstant(_LowLevel)
+CKM_AES_KEY_WRAP_PAD = _LowLevel.CKM_AES_KEY_WRAP_PAD
+
_LowLevel.CKM_RSA_PKCS_TPM_1_1_swigconstant(_LowLevel)
CKM_RSA_PKCS_TPM_1_1 = _LowLevel.CKM_RSA_PKCS_TPM_1_1
@@ -2831,6 +2957,27 @@ CKD_CPDIVERSIFY_KDF = _LowLevel.CKD_CPDIVERSIFY_KDF
_LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA1_swigconstant(_LowLevel)
CKP_PKCS5_PBKD2_HMAC_SHA1 = _LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA1
+_LowLevel.CKP_PKCS5_PBKD2_HMAC_GOSTR3411_swigconstant(_LowLevel)
+CKP_PKCS5_PBKD2_HMAC_GOSTR3411 = _LowLevel.CKP_PKCS5_PBKD2_HMAC_GOSTR3411
+
+_LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA224_swigconstant(_LowLevel)
+CKP_PKCS5_PBKD2_HMAC_SHA224 = _LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA224
+
+_LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA256_swigconstant(_LowLevel)
+CKP_PKCS5_PBKD2_HMAC_SHA256 = _LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA256
+
+_LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA384_swigconstant(_LowLevel)
+CKP_PKCS5_PBKD2_HMAC_SHA384 = _LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA384
+
+_LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA512_swigconstant(_LowLevel)
+CKP_PKCS5_PBKD2_HMAC_SHA512 = _LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA512
+
+_LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA512_224_swigconstant(_LowLevel)
+CKP_PKCS5_PBKD2_HMAC_SHA512_224 = _LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA512_224
+
+_LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA512_256_swigconstant(_LowLevel)
+CKP_PKCS5_PBKD2_HMAC_SHA512_256 = _LowLevel.CKP_PKCS5_PBKD2_HMAC_SHA512_256
+
_LowLevel.CKZ_SALT_SPECIFIED_swigconstant(_LowLevel)
CKZ_SALT_SPECIFIED = _LowLevel.CKZ_SALT_SPECIFIED
class CPKCS11Lib(_object):
diff --git a/PyKCS11/__init__.py b/PyKCS11/__init__.py
index 40fa88c..d88fe5e 100644
--- a/PyKCS11/__init__.py
+++ b/PyKCS11/__init__.py
@@ -122,7 +122,7 @@ class CK_OBJECT_HANDLE(PyKCS11.LowLevel.CK_OBJECT_HANDLE):
dico = dict()
for key, attr in zip(all_attributes, attributes):
- if attr == None:
+ if attr is None:
continue
if key == CKA_CLASS:
dico[PyKCS11.CKA[key]] = PyKCS11.CKO[attr]
@@ -442,9 +442,9 @@ class PyKCS11Lib(object):
@return: a L{PyKCS11Lib} object
@raise PyKCS11Error(-1): when the load fails
"""
- if pkcs11dll_filename == None:
+ if pkcs11dll_filename is None:
pkcs11dll_filename = os.getenv("PYKCS11LIB")
- if pkcs11dll_filename == None:
+ if pkcs11dll_filename is None:
raise PyKCS11Error(-1, "No PKCS11 library specified (set PYKCS11LIB env variable)")
rv = self.lib.Load(pkcs11dll_filename, True)
if rv == 0:
@@ -589,11 +589,7 @@ class PyKCS11Lib(object):
if rv != CKR_OK:
raise PyKCS11Error(rv)
- s = Session()
- s.lib = self.lib
- s.slot = slot
- s.session = se
- return s
+ return Session(self, slot, se)
def getMechanismList(self, slot):
"""
@@ -678,11 +674,38 @@ class Mechanism(object):
MechanismSHA1 = Mechanism(CKM_SHA_1, None)
MechanismRSAPKCS1 = Mechanism(CKM_RSA_PKCS, None)
MechanismRSAGENERATEKEYPAIR = Mechanism(CKM_RSA_PKCS_KEY_PAIR_GEN, None)
+MechanismAESGENERATEKEY = Mechanism(CKM_AES_KEY_GEN, None)
class Session(object):
""" Manage L{PyKCS11Lib.openSession} objects """
+ def __init__(self, pykcs11, slot, session):
+ """
+ @param pykcs11: PyKCS11 library object
+ @type pykcs11: PyKCS11Lib
+ @param slot: slot number
+ @type slot: integer
+ @param session: session handle
+ @type session: instance of CK_SESSION_HANDLE
+ """
+ if not isinstance(pykcs11, PyKCS11Lib):
+ raise TypeError("pykcs11 must be a PyKCS11Lib")
+ if not isinstance(session, LowLevel.CK_SESSION_HANDLE):
+ raise TypeError("session must be a CK_SESSION_HANDLE")
+
+ # hold the PyKCS11Lib reference, so that it's not Garbage Collection'd
+ self.pykcs11 = pykcs11
+ self.slot = slot
+ self.session = session
+
+ @property
+ def lib(self):
+ """
+ Get the low level lib of the owning PyKCS11Lib
+ """
+ return self.pykcs11.lib
+
def closeSession(self):
"""
C_CloseSession
@@ -822,11 +845,11 @@ class Session(object):
rv = self.lib.C_DigestInit(self.session, m)
if rv != CKR_OK:
raise PyKCS11Error(rv)
- #first call get digest size
+ # first call get digest size
rv = self.lib.C_Digest(self.session, data1, digest)
if rv != CKR_OK:
raise PyKCS11Error(rv)
- #second call get actual digest data
+ # second call get actual digest data
rv = self.lib.C_Digest(self.session, data1, digest)
if rv != CKR_OK:
raise PyKCS11Error(rv)
@@ -871,11 +894,11 @@ class Session(object):
rv = self.lib.C_SignInit(self.session, m, key)
if rv != CKR_OK:
raise PyKCS11Error(rv)
- #first call get signature size
+ # first call get signature size
rv = self.lib.C_Sign(self.session, data1, signature)
if rv != CKR_OK:
raise PyKCS11Error(rv)
- #second call get actual signature data
+ # second call get actual signature data
rv = self.lib.C_Sign(self.session, data1, signature)
if rv != CKR_OK:
raise PyKCS11Error(rv)
@@ -964,11 +987,11 @@ class Session(object):
rv = self.lib.C_EncryptInit(self.session, m, key)
if rv != CKR_OK:
raise PyKCS11Error(rv)
- #first call get encrypted size
+ # first call get encrypted size
rv = self.lib.C_Encrypt(self.session, data1, encrypted)
if rv != CKR_OK:
raise PyKCS11Error(rv)
- #second call get actual encrypted data
+ # second call get actual encrypted data
rv = self.lib.C_Encrypt(self.session, data1, encrypted)
if rv != CKR_OK:
raise PyKCS11Error(rv)
@@ -1013,11 +1036,11 @@ class Session(object):
rv = self.lib.C_DecryptInit(self.session, m, key)
if rv != CKR_OK:
raise PyKCS11Error(rv)
- #first call get decrypted size
+ # first call get decrypted size
rv = self.lib.C_Decrypt(self.session, data1, decrypted)
if rv != CKR_OK:
raise PyKCS11Error(rv)
- #second call get actual decrypted data
+ # second call get actual decrypted data
rv = self.lib.C_Decrypt(self.session, data1, decrypted)
if rv != CKR_OK:
raise PyKCS11Error(rv)
@@ -1051,11 +1074,11 @@ class Session(object):
ps = to_param_string(mecha.param)
m.pParameter = ps
m.ulParameterLen = len(mecha.param)
- #first call get wrapped size
+ # first call get wrapped size
rv = self.lib.C_WrapKey(self.session, m, wrappingKey, key, wrapped)
if rv != CKR_OK:
raise PyKCS11Error(rv)
- #second call get actual wrapped key data
+ # second call get actual wrapped key data
rv = self.lib.C_WrapKey(self.session, m, wrappingKey, key, wrapped)
if rv != CKR_OK:
raise PyKCS11Error(rv)
@@ -1157,7 +1180,8 @@ class Session(object):
CKA_UNWRAP,
CKA_VERIFY,
CKA_VERIFY_RECOVER,
- CKA_WRAP):
+ CKA_WRAP,
+ CKA_WRAP_WITH_TRUSTED):
return True
return False
@@ -1195,6 +1219,30 @@ class Session(object):
raise PyKCS11Error(-2)
return t
+ def generateKey(self, template, mecha=MechanismAESGENERATEKEY):
+ """
+ generate a secret key
+
+ @param template: template for the secret key
+ @param mecha: mechanism to use
+ @return: handle of the generated key
+ @rtype: PyKCS11.LowLevel.CK_OBJECT_HANDLE
+ """
+ t = self._template2ckattrlist(template)
+ ck_handle = PyKCS11.LowLevel.CK_OBJECT_HANDLE()
+ m = PyKCS11.LowLevel.CK_MECHANISM()
+ ps = None # must be declared here or may be deallocated too early
+ m.mechanism = mecha.mechanism
+ if (mecha.param):
+ # Convert the parameter to a string representation so SWIG gets a char*
+ ps = to_param_string(mecha.param)
+ m.pParameter = ps
+ m.ulParameterLen = len(mecha.param)
+ rv = self.lib.C_GenerateKey(self.session, m, t, ck_handle)
+ if rv != CKR_OK:
+ raise PyKCS11Error(rv)
+ return ck_handle
+
def generateKeyPair(self, templatePub, templatePriv, mecha=MechanismRSAGENERATEKEYPAIR):
"""
generate a key pair
@@ -1210,7 +1258,7 @@ class Session(object):
ck_pub_handle = PyKCS11.LowLevel.CK_OBJECT_HANDLE()
ck_prv_handle = PyKCS11.LowLevel.CK_OBJECT_HANDLE()
m = PyKCS11.LowLevel.CK_MECHANISM()
- ps = None # must be declared here or may be deallocated too early
+ ps = None # must be declared here or may be deallocated too early
m.mechanism = mecha.mechanism
if (mecha.param):
# Convert the parameter to a string representation so SWIG gets a char*
diff --git a/readme.txt b/readme.txt
index 0b6fe69..b8a69e6 100644
--- a/readme.txt
+++ b/readme.txt
@@ -84,6 +84,18 @@ that doesn't come with the standard distribution.
History
"""""""
+1.3.3 - November 2016, Ludovic Rousseau
+ - PKCS#11 definitions: sync with Cryptoki version 2.40
+ . add missing CKM_* and CKP_* defines
+ - Add generateKey() with default mechanism CKM_AES_KEY_GEN
+ - Make sure the PyKCS11Lib is referenced as long as Session object is live
+ - Fix OverflowError on Windows
+ - Attribute CKA_WRAP_WITH_TRUSTED is bool
+ - samples
+ . dumpit: ask to enter the PIN on the pinpad if needed
+ . getinfo & dumpit: add --slot= parameter
+ - some minor improvements
+
1.3.2 - January 2016, Ludovic Rousseau
- Add wrappers for C_Verify, C_WrapKey, C_UnwrapKey
- PKCS#11 definitions: sync with Cryptoki version 2.30
@@ -101,10 +113,10 @@ History
- CKA_DERIVE is a CK_BBOOL and not byte array
- Add digest() and encrypt method to Session class
- Add samples:
- . key-pair genearation
+ . key-pair generation
. key-pair generation + certificate import
. printing public key modulus
- . computing signatur
+ . computing signature
- small bugs fixed
1.3.0 - July 2014, Ludovic Rousseau
diff --git a/samples/LowLevel/InitTokenPin.py b/samples/LowLevel/InitTokenPin.py
index a3d0ecc..67d4deb 100755
--- a/samples/LowLevel/InitTokenPin.py
+++ b/samples/LowLevel/InitTokenPin.py
@@ -32,7 +32,7 @@ pin = "123456"
puk = "12345678"
Label = "PyKCS#11 Initialized Token "
-print("Load of " + lib + ": " + str(a.Load(lib, 1)))
+print("Load of " + lib + ": " + str(a.Load(lib, True)))
print("C_GetInfo: " + hex(a.C_GetInfo(info)))
print("Library manufacturerID: " + info.GetManufacturerID())
del info
diff --git a/samples/LowLevel/dumpit.py b/samples/LowLevel/dumpit.py
index b449c00..d40e60d 100755
--- a/samples/LowLevel/dumpit.py
+++ b/samples/LowLevel/dumpit.py
@@ -31,7 +31,7 @@ tokenInfo = CK_TOKEN_INFO()
slotList = ckintlist()
pin = "12345678"
-print("Load of " + lib + ": " + str(a.Load(lib, 1)))
+print("Load of " + lib + ": " + str(a.Load(lib, True)))
print("C_GetInfo:", hex(a.C_GetInfo(info)))
print("Library manufacturerID:", info.GetManufacturerID())
del info
diff --git a/samples/LowLevel/rand.py b/samples/LowLevel/rand.py
index de91b56..2f321aa 100755
--- a/samples/LowLevel/rand.py
+++ b/samples/LowLevel/rand.py
@@ -29,7 +29,7 @@ slotList = PyKCS11.LowLevel.ckintlist()
rand = PyKCS11.LowLevel.ckbytelist(20)
seed = PyKCS11.LowLevel.ckbytelist(5)
-print("Load of " + lib + ": " + str(a.Load(lib, 1)))
+print("Load of " + lib + ": " + str(a.Load(lib, True)))
print("C_GetInfo: " + hex(a.C_GetInfo(info)))
print("Library manufacturerID: " + info.GetManufacturerID())
del info
diff --git a/samples/LowLevel/test.py b/samples/LowLevel/test.py
index 54c6739..445aa77 100755
--- a/samples/LowLevel/test.py
+++ b/samples/LowLevel/test.py
@@ -30,7 +30,7 @@ tokenInfo = PyKCS11.LowLevel.CK_TOKEN_INFO()
slotList = PyKCS11.LowLevel.ckintlist()
pin = "12345678"
-print("Load of " + lib + ": " + str(a.Load(lib, 1)))
+print("Load of " + lib + ": " + str(a.Load(lib, True)))
print("C_GetInfo: " + hex(a.C_GetInfo(info)))
print("Library manufacturerID: " + info.GetManufacturerID())
del info
@@ -57,8 +57,8 @@ for x in range(len(slotList)):
print("C_OpenSession(): " + hex(a.C_OpenSession(slotList[0], PyKCS11.LowLevel.CKF_SERIAL_SESSION, session)))
print("C_Login(): " + hex(a.C_Login(session, PyKCS11.LowLevel.CKU_USER, pin)))
-SearchResult = PyKCS11.ckobjlist(10)
-SearchTemplate = PyKCS11.ckattrlist(2)
+SearchResult = PyKCS11.LowLevel.ckobjlist(10)
+SearchTemplate = PyKCS11.LowLevel.ckattrlist(2)
SearchTemplate[0].SetNum(PyKCS11.LowLevel.CKA_CLASS, PyKCS11.LowLevel.CKO_CERTIFICATE)
SearchTemplate[1].SetBool(PyKCS11.LowLevel.CKA_TOKEN, True)
@@ -68,7 +68,7 @@ print("C_FindObjectsFinal: " + hex(a.C_FindObjectsFinal(session)))
for x in SearchResult:
print("object: " + hex(x.value()))
- valTemplate = PyKCS11.ckattrlist(2)
+ valTemplate = PyKCS11.LowLevel.ckattrlist(2)
valTemplate[0].SetType(PyKCS11.LowLevel.CKA_LABEL)
# valTemplate[0].Reserve(128)
valTemplate[1].SetType(PyKCS11.LowLevel.CKA_CLASS)
diff --git a/samples/LowLevel/test1.py b/samples/LowLevel/test1.py
index 9aadddc..ffd08e1 100755
--- a/samples/LowLevel/test1.py
+++ b/samples/LowLevel/test1.py
@@ -30,7 +30,7 @@ tokenInfo = PyKCS11.LowLevel.CK_TOKEN_INFO()
slotList = PyKCS11.LowLevel.ckintlist()
pin = "1234"
-print("Load of " + lib + ": " + str(a.Load(lib, 1)))
+print("Load of " + lib + ": " + str(a.Load(lib, True)))
print("C_GetInfo: " + hex(a.C_GetInfo(info)))
print("Library manufacturerID: " + info.GetManufacturerID())
del info
diff --git a/samples/dumpit.py b/samples/dumpit.py
index 66b15e6..de1371f 100755
--- a/samples/dumpit.py
+++ b/samples/dumpit.py
@@ -58,12 +58,13 @@ def usage():
print("[-p pin][--pin=pin] (use --pin=NULL for pinpad)", end=' ')
print("[-c lib][--lib=lib]", end=' ')
print("[-S][--sign]", end=' ')
+ print("[-s slot][--slot=slot]", end=' ')
print("[-d][--decrypt]", end=' ')
print("[-h][--help]", end=' ')
print()
try:
- opts, args = getopt.getopt(sys.argv[1:], "p:c:Sdh", ["pin=", "lib=", "sign", "decrypt", "help"])
+ opts, args = getopt.getopt(sys.argv[1:], "p:c:Sdhs:", ["pin=", "lib=", "sign", "decrypt", "slot=", "help"])
except getopt.GetoptError:
# print help information and exit:
usage()
@@ -72,6 +73,7 @@ except getopt.GetoptError:
pin_available = False
decrypt = sign = False
lib = None
+slot = None
for o, a in opts:
if o in ("-h", "--help"):
usage()
@@ -88,6 +90,8 @@ for o, a in opts:
sign = True
elif o in ("-d", "--decrypt"):
decrypt = True
+ elif o in ("-s", "--slot"):
+ slot = int(a)
red = blue = magenta = normal = ""
if sys.stdout.isatty() and platform.system().lower() != 'windows':
@@ -106,7 +110,11 @@ info = pkcs11.getInfo()
print("Library manufacturerID:", info.manufacturerID)
slots = pkcs11.getSlotList()
-print("Available Slots:", len(slots))
+print("Available Slots:", len(slots), slots)
+
+if slot is not None:
+ slots = [slots[slot]]
+ print("Using slot:", slots[0])
for s in slots:
try:
@@ -125,6 +133,9 @@ for s in slots:
print("Opened session 0x%08X" % session.session.value())
if pin_available:
try:
+ if (pin is None) and \
+ (PyKCS11.CKF_PROTECTED_AUTHENTICATION_PATH & t.flags):
+ print("\nEnter your PIN for %s on the pinpad" % t.label.strip())
session.login(pin=pin)
except PyKCS11.PyKCS11Error as e:
print("login failed, exception:", e)
@@ -222,7 +233,7 @@ for s in slots:
print("Dumping attributes:")
for q, a in zip(all_attributes, attributes):
- if a == None:
+ if a is None:
# undefined (CKR_ATTRIBUTE_TYPE_INVALID) attribute
continue
if q == PyKCS11.CKA_CLASS:
diff --git a/samples/encrypt.py b/samples/encrypt.py
index ea10562..eb7edeb 100755
--- a/samples/encrypt.py
+++ b/samples/encrypt.py
@@ -32,8 +32,8 @@ session.login("1234")
message = "48656c6c6f20776f726c640d0a"
# get first public and private keys
-pubKey = session.findObjects([(CKA_CLASS, CKO_PUBLIC_KEY)])[0];
-privKey = session.findObjects([(CKA_CLASS, CKO_PRIVATE_KEY)])[0];
+pubKey = session.findObjects([(CKA_CLASS, CKO_PUBLIC_KEY)])[0]
+privKey = session.findObjects([(CKA_CLASS, CKO_PRIVATE_KEY)])[0]
enc = session.encrypt(pubKey, binascii.unhexlify(message))
dec = session.decrypt(privKey, enc)
diff --git a/samples/events.py b/samples/events.py
index 05c7538..c0ca452 100755
--- a/samples/events.py
+++ b/samples/events.py
@@ -34,7 +34,7 @@ if __name__ == '__main__':
try:
opts, args = getopt.getopt(sys.argv[1:], "p:c:ho",
- ["pin=", "lib=", "help", "opensession"])
+ ["pin=", "lib=", "help", "opensession"])
except getopt.GetoptError:
# print help information and exit:
usage()
diff --git a/samples/genkeypair_import_cert.py b/samples/genkeypair_import_cert.py
old mode 100644
new mode 100755
index ddb2baf..1afb68f
--- a/samples/genkeypair_import_cert.py
+++ b/samples/genkeypair_import_cert.py
@@ -28,7 +28,7 @@ pin = '1111'
session.login(pin, PyKCS11.CKU_USER)
-############# key-pair generation ##########################
+# ############ key-pair generation ##########################
# The first step in the process is to create the key-templates. See PKCS#11
# `10.8 Public key objects` to learn which attributes are available. Section
# 10.9 covers private keys.
@@ -68,7 +68,7 @@ private_template = [
]
session.generateKeyPair(public_template, private_template)
-############## the keys were generated and stored on the card ###############
+# ############# the keys were generated and stored on the card ###############
# At this point your keys are in the card, the private key is marked as
@@ -105,10 +105,10 @@ cert_template = [
(PyKCS11.CKA_ENCRYPT, PyKCS11.CK_TRUE),
(PyKCS11.CKA_VERIFY, PyKCS11.CK_TRUE),
(PyKCS11.CKA_MODIFIABLE, PyKCS11.CK_TRUE),
- (PyKCS11.CKA_VALUE, cert), # must be BER-encoded
+ (PyKCS11.CKA_VALUE, cert), # must be BER-encoded
- (PyKCS11.CKA_SUBJECT, subject), # must be set and DER, see Table 24, X.509 Certificate Object Attributes
- (PyKCS11.CKA_ID, key_id) # must be set, and DER see Table 24, X.509 Certificate Object Attributes
+ (PyKCS11.CKA_SUBJECT, subject), # must be set and DER, see Table 24, X.509 Certificate Object Attributes
+ (PyKCS11.CKA_ID, key_id) # must be set, and DER see Table 24, X.509 Certificate Object Attributes
]
@@ -117,7 +117,6 @@ session.logout()
session.closeSession()
-
# At this point the certificate is on the card too. Some GUI tools
# might display it as invalid, in that case make sure that the
-# entire certificate chain is available in the certificate store.
\ No newline at end of file
+# entire certificate chain is available in the certificate store.
diff --git a/samples/getinfo.py b/samples/getinfo.py
index e2e5d1b..70d17ef 100755
--- a/samples/getinfo.py
+++ b/samples/getinfo.py
@@ -137,8 +137,9 @@ if __name__ == '__main__':
if len(slots) == 0:
sys.exit(2)
- if slot:
+ if slot is not None:
slots = [slots[slot]]
+ print("Using slot:", slots[0])
for slot in slots:
try:
diff --git a/samples/signature.py b/samples/signature.py
index eaafa23..15bb602 100755
--- a/samples/signature.py
+++ b/samples/signature.py
@@ -35,15 +35,14 @@ keyID = (0x44,)
toSign = "48656c6c6f20776f726c640d0a"
# find private key and compute signature
-privKey = session.findObjects([(CKA_CLASS, CKO_PRIVATE_KEY), (CKA_ID, keyID)])[0];
+privKey = session.findObjects([(CKA_CLASS, CKO_PRIVATE_KEY), (CKA_ID, keyID)])[0]
signature = session.sign(privKey, binascii.unhexlify(toSign), Mechanism(CKM_SHA1_RSA_PKCS, None))
print "\nsignature: " + binascii.hexlify(bytearray(signature))
# find public key and verify signature
-pubKey = session.findObjects([(CKA_CLASS, CKO_PUBLIC_KEY), (CKA_ID, keyID)])[0];
+pubKey = session.findObjects([(CKA_CLASS, CKO_PUBLIC_KEY), (CKA_ID, keyID)])[0]
result = session.verify(pubKey, binascii.unhexlify(toSign), signature, Mechanism(CKM_SHA1_RSA_PKCS, None))
-print "\nverified: "
-print result
+print "\nVerified:", result
# logout
session.logout()
diff --git a/setup.py b/setup.py
index 9224bbd..1ff6626 100755
--- a/setup.py
+++ b/setup.py
@@ -55,7 +55,7 @@ else:
libraries_val = []
setup(name="PyKCS11",
- version="1.3.2",
+ version="1.3.3",
description="A Full PKCS#11 wrapper for Python",
keywords="crypto,pki,pkcs11,c++",
classifiers=classifiers,
@@ -65,7 +65,7 @@ setup(name="PyKCS11",
author_email="paipai at tiscali.it",
maintainer="Ludovic Rousseau",
maintainer_email="ludovic.rousseau at free.fr",
- url="http://sourceforge.net/projects/pkcs11wrap/",
+ url="https://bitbucket.org/PyKCS11/pykcs11",
download_url="http://sourceforge.net/projects/pkcs11wrap/files/pykcs11/",
license="GPL",
ext_modules=[
diff --git a/src/pykcs11.i b/src/pykcs11.i
index 928b4b8..18d2481 100644
--- a/src/pykcs11.i
+++ b/src/pykcs11.i
@@ -309,12 +309,12 @@ typedef unsigned long CK_RV;
#define CKO_DOMAIN_PARAMETERS 0x00000006
#define CKO_MECHANISM 0x00000007
#define CKO_OTP_KEY 0x00000008
-#define CKO_VENDOR_DEFINED 0x80000000L
+#define CKO_VENDOR_DEFINED 0x80000000UL
#define CKH_MONOTONIC_COUNTER 0x00000001
#define CKH_CLOCK 0x00000002
#define CKH_USER_INTERFACE 0x00000003
-#define CKH_VENDOR_DEFINED 0x80000000L
+#define CKH_VENDOR_DEFINED 0x80000000UL
#define CKK_RSA 0x00000000
#define CKK_DSA 0x00000001
@@ -358,12 +358,12 @@ typedef unsigned long CK_RV;
#define CKK_GOSTR3410 0x00000030
#define CKK_GOSTR3411 0x00000031
#define CKK_GOST28147 0x00000032
-#define CKK_VENDOR_DEFINED 0x80000000L
+#define CKK_VENDOR_DEFINED 0x80000000UL
#define CKC_X_509 0x00000000
#define CKC_X_509_ATTR_CERT 0x00000001
#define CKC_WTLS 0x00000002
-#define CKC_VENDOR_DEFINED 0x80000000L
+#define CKC_VENDOR_DEFINED 0x80000000UL
#define CKA_CLASS 0x00000000
#define CKA_TOKEN 0x00000001
@@ -467,7 +467,7 @@ typedef unsigned long CK_RV;
#define CKA_DEFAULT_CMS_ATTRIBUTES 0x00000502
#define CKA_SUPPORTED_CMS_ATTRIBUTES 0x00000503
#define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE|0x00000600)
-#define CKA_VENDOR_DEFINED 0x80000000L
+#define CKA_VENDOR_DEFINED 0x80000000UL
#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000
#define CKM_RSA_PKCS 0x00000001
@@ -487,6 +487,10 @@ typedef unsigned long CK_RV;
#define CKM_DSA_KEY_PAIR_GEN 0x00000010
#define CKM_DSA 0x00000011
#define CKM_DSA_SHA1 0x00000012
+#define CKM_DSA_SHA224 0x00000013
+#define CKM_DSA_SHA256 0x00000014
+#define CKM_DSA_SHA384 0x00000015
+#define CKM_DSA_SHA512 0x00000016
#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020
#define CKM_DH_PKCS_DERIVE 0x00000021
#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030
@@ -501,6 +505,18 @@ typedef unsigned long CK_RV;
#define CKM_SHA512_RSA_PKCS_PSS 0x00000045
#define CKM_SHA224_RSA_PKCS 0x00000046
#define CKM_SHA224_RSA_PKCS_PSS 0x00000047
+#define CKM_SHA512_224 0x00000048
+#define CKM_SHA512_224_HMAC 0x00000049
+#define CKM_SHA512_224_HMAC_GENERAL 0x0000004A
+#define CKM_SHA512_224_KEY_DERIVATION 0x0000004B
+#define CKM_SHA512_256 0x0000004C
+#define CKM_SHA512_256_HMAC 0x0000004D
+#define CKM_SHA512_256_HMAC_GENERAL 0x0000004E
+#define CKM_SHA512_256_KEY_DERIVATION 0x0000004F
+#define CKM_SHA512_T 0x00000050
+#define CKM_SHA512_T_HMAC 0x00000051
+#define CKM_SHA512_T_HMAC_GENERAL 0x00000052
+#define CKM_SHA512_T_KEY_DERIVATION 0x00000053
#define CKM_RC2_KEY_GEN 0x00000100
#define CKM_RC2_ECB 0x00000101
#define CKM_RC2_CBC 0x00000102
@@ -649,6 +665,16 @@ typedef unsigned long CK_RV;
#define CKM_WTLS_PRF 0x000003D3
#define CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE 0x000003D4
#define CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE 0x000003D5
+#define CKM_TLS10_MAC_SERVER 0x000003D6
+#define CKM_TLS10_MAC_CLIENT 0x000003D7
+#define CKM_TLS12_MAC 0x000003D8
+#define CKM_TLS12_KDF 0x000003D9
+#define CKM_TLS12_MASTER_KEY_DERIVE 0x000003E0
+#define CKM_TLS12_KEY_AND_MAC_DERIVE 0x000003E1
+#define CKM_TLS12_MASTER_KEY_DERIVE_DH 0x000003E2
+#define CKM_TLS12_KEY_SAFE_DERIVE 0x000003E3
+#define CKM_TLS_MAC 0x000003E4
+#define CKM_TLS_KDF 0x000003E5
#define CKM_KEY_WRAP_LYNKS 0x00000400
#define CKM_KEY_WRAP_SET_OAEP 0x00000401
#define CKM_CMS_SIG 0x00000500
@@ -693,6 +719,7 @@ typedef unsigned long CK_RV;
#define CKM_SKIPJACK_RELAYX 0x0000100a
#define CKM_KEA_KEY_PAIR_GEN 0x00001010
#define CKM_KEA_KEY_DERIVE 0x00001011
+#define CKM_KEA_DERIVE 0x00001012
#define CKM_FORTEZZA_TIMESTAMP 0x00001020
#define CKM_BATON_KEY_GEN 0x00001030
#define CKM_BATON_ECB128 0x00001031
@@ -705,9 +732,15 @@ typedef unsigned long CK_RV;
#define CKM_EC_KEY_PAIR_GEN 0x00001040
#define CKM_ECDSA 0x00001041
#define CKM_ECDSA_SHA1 0x00001042
+#define CKM_ECDSA_SHA224 0x00001043
+#define CKM_ECDSA_SHA256 0x00001044
+#define CKM_ECDSA_SHA384 0x00001045
+#define CKM_ECDSA_SHA512 0x00001046
#define CKM_ECDH1_DERIVE 0x00001050
#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051
#define CKM_ECMQV_DERIVE 0x00001052
+#define CKM_ECDH_AES_KEY_WRAP 0x00001053
+#define CKM_RSA_AES_KEY_WRAP 0x00001054
#define CKM_JUNIPER_KEY_GEN 0x00001060
#define CKM_JUNIPER_ECB128 0x00001061
#define CKM_JUNIPER_CBC128 0x00001062
@@ -726,6 +759,10 @@ typedef unsigned long CK_RV;
#define CKM_AES_CCM 0x00001088
#define CKM_AES_CTS 0x00001089
#define CKM_AES_CMAC 0x0000108A
+#define CKM_AES_CMAC_GENERAL 0x0000108B
+#define CKM_AES_XCBC_MAC 0x0000108C
+#define CKM_AES_XCBC_MAC_96 0x0000108D
+#define CKM_AES_GMAC 0x0000108E
#define CKM_BLOWFISH_KEY_GEN 0x00001090
#define CKM_BLOWFISH_CBC 0x00001091
#define CKM_TWOFISH_KEY_GEN 0x00001092
@@ -753,13 +790,18 @@ typedef unsigned long CK_RV;
#define CKM_DSA_PARAMETER_GEN 0x00002000
#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001
#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002
+#define CKM_DSA_PROBABLISTIC_PARAMETER_GEN 0x00002003
+#define CKM_DSA_SHAWE_TAYLOR_PARAMETER_GEN 0x00002004
#define CKM_AES_OFB 0x00002104
#define CKM_AES_CFB64 0x00002105
#define CKM_AES_CFB8 0x00002106
#define CKM_AES_CFB128 0x00002107
+#define CKM_AES_CFB1 0x00002108
+#define CKM_AES_KEY_WRAP 0x00002109
+#define CKM_AES_KEY_WRAP_PAD 0x0000210A
#define CKM_RSA_PKCS_TPM_1_1 0x00004001
#define CKM_RSA_PKCS_OAEP_TPM_1_1 0x00004002
-#define CKM_VENDOR_DEFINED 0x80000000L
+#define CKM_VENDOR_DEFINED 0x80000000UL
#define CKF_HW 0x00000001
#define CKF_ENCRYPT 0x00000100
@@ -780,7 +822,7 @@ typedef unsigned long CK_RV;
#define CKF_EC_NAMEDCURVE 0x00800000
#define CKF_EC_UNCOMPRESS 0x01000000
#define CKF_EC_COMPRESS 0x02000000
-#define CKF_EXTENSION 0x80000000L
+#define CKF_EXTENSION 0x80000000UL
#define CKR_OK 0x00000000
#define CKR_CANCEL 0x00000001
@@ -869,7 +911,7 @@ typedef unsigned long CK_RV;
#define CKR_NEW_PIN_MODE 0x000001B0
#define CKR_NEXT_OTP 0x000001B1
#define CKR_FUNCTION_REJECTED 0x00000200
-#define CKR_VENDOR_DEFINED 0x80000000L
+#define CKR_VENDOR_DEFINED 0x80000000UL
#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001
#define CKF_OS_LOCKING_OK 0x00000002
@@ -894,6 +936,13 @@ typedef unsigned long CK_RV;
#define CKD_CPDIVERSIFY_KDF 0x00000009
#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
+#define CKP_PKCS5_PBKD2_HMAC_GOSTR3411 0x00000002
+#define CKP_PKCS5_PBKD2_HMAC_SHA224 0x00000003
+#define CKP_PKCS5_PBKD2_HMAC_SHA256 0x00000004
+#define CKP_PKCS5_PBKD2_HMAC_SHA384 0x00000005
+#define CKP_PKCS5_PBKD2_HMAC_SHA512 0x00000006
+#define CKP_PKCS5_PBKD2_HMAC_SHA512_224 0x00000007
+#define CKP_PKCS5_PBKD2_HMAC_SHA512_256 0x00000008
#define CKZ_SALT_SPECIFIED 0x00000001
diff --git a/src/pykcs11_wrap.cpp b/src/pykcs11_wrap.cpp
index 54f49a2..528b7fa 100644
--- a/src/pykcs11_wrap.cpp
+++ b/src/pykcs11_wrap.cpp
@@ -16348,7 +16348,7 @@ SWIGINTERN PyObject *CKO_VENDOR_DEFINED_swigconstant(PyObject *SWIGUNUSEDPARM(se
if (!PyArg_ParseTuple(args,(char*)"O:swigconstant", &module)) return NULL;
d = PyModule_GetDict(module);
if (!d) return NULL;
- SWIG_Python_SetConstant(d, "CKO_VENDOR_DEFINED",SWIG_From_long(static_cast< long >(0x80000000L)));
+ SWIG_Python_SetConstant(d, "CKO_VENDOR_DEFINED",SWIG_From_unsigned_SS_long(static_cast< unsigned long >(0x80000000UL)));
return SWIG_Py_Void();
}
@@ -16392,7 +16392,7 @@ SWIGINTERN PyObject *CKH_VENDOR_DEFINED_swigconstant(PyObject *SWIGUNUSEDPARM(se
if (!PyArg_ParseTuple(args,(char*)"O:swigconstant", &module)) return NULL;
d = PyModule_GetDict(module);
if (!d) return NULL;
- SWIG_Python_SetConstant(d, "CKH_VENDOR_DEFINED",SWIG_From_long(static_cast< long >(0x80000000L)));
+ SWIG_Python_SetConstant(d, "CKH_VENDOR_DEFINED",SWIG_From_unsigned_SS_long(static_cast< unsigned long >(0x80000000UL)));
return SWIG_Py_Void();
}
@@ -16865,7 +16865,7 @@ SWIGINTERN PyObject *CKK_VENDOR_DEFINED_swigconstant(PyObject *SWIGUNUSEDPARM(se
if (!PyArg_ParseTuple(args,(char*)"O:swigconstant", &module)) return NULL;
d = PyModule_GetDict(module);
if (!d) return NULL;
- SWIG_Python_SetConstant(d, "CKK_VENDOR_DEFINED",SWIG_From_long(static_cast< long >(0x80000000L)));
+ SWIG_Python_SetConstant(d, "CKK_VENDOR_DEFINED",SWIG_From_unsigned_SS_long(static_cast< unsigned long >(0x80000000UL)));
return SWIG_Py_Void();
}
@@ -16909,7 +16909,7 @@ SWIGINTERN PyObject *CKC_VENDOR_DEFINED_swigconstant(PyObject *SWIGUNUSEDPARM(se
if (!PyArg_ParseTuple(args,(char*)"O:swigconstant", &module)) return NULL;
d = PyModule_GetDict(module);
if (!d) return NULL;
- SWIG_Python_SetConstant(d, "CKC_VENDOR_DEFINED",SWIG_From_long(static_cast< long >(0x80000000L)));
+ SWIG_Python_SetConstant(d, "CKC_VENDOR_DEFINED",SWIG_From_unsigned_SS_long(static_cast< unsigned long >(0x80000000UL)));
return SWIG_Py_Void();
}
... 758 lines suppressed ...
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/pykcs11.git
More information about the Python-modules-commits
mailing list