feat: support vendor defined mechanisms

Signed-off-by: Direktor799 <[email protected]>
parallaxsecond · Nov 7, 2024 · 0d4698c · 0d4698c
1 parent b63539d
commit 0d4698c
Show file tree

Hide file tree

Showing 2 changed files with 69 additions and 0 deletions.
diff --git a/cryptoki/src/mechanism/mod.rs b/cryptoki/src/mechanism/mod.rs
@@ -8,6 +8,7 @@ pub mod elliptic_curve;
 pub mod hkdf;
 mod mechanism_info;
 pub mod rsa;
+pub mod vendor_defined;
 
 use crate::error::Error;
 use cryptoki_sys::*;
@@ -18,6 +19,7 @@ use std::fmt::Formatter;
 use std::mem::size_of;
 use std::ops::Deref;
 use std::ptr::null_mut;
+use vendor_defined::VendorDefinedMechanism;
 
 use crate::mechanism::rsa::PkcsOaepParams;
 pub use mechanism_info::MechanismInfo;
@@ -298,6 +300,28 @@ impl MechanismType {
     /// HKDF-DATA mechanism
     pub const HKDF_DATA: MechanismType = MechanismType { val: CKM_HKDF_DATA };
 
+    /// Create vendor defined mechanism
+    ///
+    /// # Arguments
+    ///
+    /// * `adding` - The adding based on `CKM_VENDOR_DEFINED`
+    ///
+    /// Usually vendors defines custom mechanism like this:
+    /// ```c
+    /// #define CKM_SOME_CUSTOM_MECH (CKM_VENDOR_DEFINED | 0x00000001UL)
+    /// ```
+    ///
+    /// It maps to
+    /// ```rust
+    /// pub const CKM_SOME_CUSTOM_MECH: MechanismType =
+    ///     MechanismType::new_vendor_defined(0x00000001);
+    /// ```
+    pub const fn new_vendor_defined(adding: u64) -> MechanismType {
+        MechanismType {
+            val: CKM_VENDOR_DEFINED | adding,
+        }
+    }
+
     pub(crate) fn stringify(mech: CK_MECHANISM_TYPE) -> String {
         match mech {
             CKM_RSA_PKCS_KEY_PAIR_GEN => String::from(stringify!(CKM_RSA_PKCS_KEY_PAIR_GEN)),
@@ -937,6 +961,9 @@ pub enum Mechanism<'a> {
     HkdfDerive(hkdf::HkdfParams<'a>),
     /// HKDF-DATA mechanism
     HkdfData(hkdf::HkdfParams<'a>),
+
+    /// Vendor defined mechanism
+    VendorDefined(VendorDefinedMechanism<'a>),
 }
 
 impl Mechanism<'_> {
@@ -1008,6 +1035,10 @@ impl Mechanism<'_> {
             Mechanism::HkdfKeyGen => MechanismType::HKDF_KEY_GEN,
             Mechanism::HkdfDerive(_) => MechanismType::HKDF_DERIVE,
             Mechanism::HkdfData(_) => MechanismType::HKDF_DATA,
+
+            Mechanism::VendorDefined(vm) => MechanismType {
+                val: vm.inner.mechanism,
+            },
         }
     }
 }
@@ -1087,6 +1118,8 @@ impl From<&Mechanism<'_>> for CK_MECHANISM {
                 pParameter: null_mut(),
                 ulParameterLen: 0,
             },
+            // Vendor defined mechanisms
+            Mechanism::VendorDefined(vm) => vm.inner,
         }
     }
 }

diff --git a/cryptoki/src/mechanism/vendor_defined.rs b/cryptoki/src/mechanism/vendor_defined.rs
@@ -0,0 +1,36 @@
+// Copyright 2024 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+//! Mechanism types are defined with the objects and mechanism descriptions that use them.
+//! Vendor defined values for this type may also be specified.
+//! See: <https://docs.oasis-open.org/pkcs11/pkcs11-base/v3.0/os/pkcs11-base-v3.0-os.html#_Toc29976545>
+
+use std::{marker::PhantomData, ptr::null_mut};
+
+use cryptoki_sys::CK_MECHANISM;
+
+use super::{make_mechanism, MechanismType};
+
+/// Vendor defined mechanism.
+#[derive(Debug, Clone, Copy)]
+pub struct VendorDefinedMechanism<'a> {
+    pub(crate) inner: CK_MECHANISM,
+    /// Marker type to ensure we don't outlive the data
+    _marker: PhantomData<&'a [u8]>,
+}
+
+impl<'a> VendorDefinedMechanism<'a> {
+    /// Create a new vendor defined mechanism.
+    pub fn new<T>(mechanism_type: MechanismType, params: Option<&'a T>) -> Self {
+        Self {
+            inner: match params {
+                Some(params) => make_mechanism(mechanism_type.val, params),
+                None => CK_MECHANISM {
+                    mechanism: mechanism_type.val,
+                    pParameter: null_mut(),
+                    ulParameterLen: 0,
+                },
+            },
+            _marker: PhantomData,
+        }
+    }
+}