"Fossies" - the Fresh Open Source Software Archive

Member "src/Common/SecurityToken.h" (10 Oct 2018, 6809 Bytes) of package /windows/misc/VeraCrypt_1.23-Hotfix-2_Source.zip:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "SecurityToken.h" see the Fossies "Dox" file reference documentation.

    1 /*
    2  Derived from source code of TrueCrypt 7.1a, which is
    3  Copyright (c) 2008-2012 TrueCrypt Developers Association and which is governed
    4  by the TrueCrypt License 3.0.
    5 
    6  Modifications and additions to the original source code (contained in this file)
    7  and all other portions of this file are Copyright (c) 2013-2017 IDRIX
    8  and are governed by the Apache License 2.0 the full text of which is
    9  contained in the file License.txt included in VeraCrypt binary and source
   10  code distribution packages.
   11 */
   12 
   13 #ifndef TC_HEADER_Common_SecurityToken
   14 #define TC_HEADER_Common_SecurityToken
   15 
   16 #include "Platform/PlatformBase.h"
   17 #if defined (TC_WINDOWS) && !defined (TC_PROTOTYPE)
   18 #   include "Exception.h"
   19 #else
   20 #   include "Platform/Exception.h"
   21 #endif
   22 
   23 #ifndef NULL_PTR
   24 #   define NULL_PTR 0
   25 #endif
   26 #define CK_PTR *
   27 #define CK_CALLBACK_FUNCTION(RET_TYPE, NAME) RET_TYPE (* NAME)
   28 
   29 #ifdef TC_WINDOWS
   30 
   31 #   include <windows.h>
   32 
   33 #   define CK_DEFINE_FUNCTION(RET_TYPE, NAME) RET_TYPE __declspec(dllexport) NAME
   34 #   define CK_DECLARE_FUNCTION(RET_TYPE, NAME) RET_TYPE __declspec(dllimport) NAME
   35 #   define CK_DECLARE_FUNCTION_POINTER(RET_TYPE, NAME) RET_TYPE __declspec(dllimport) (* NAME)
   36 
   37 #   pragma pack(push, cryptoki, 1)
   38 #   include <pkcs11.h>
   39 #   pragma pack(pop, cryptoki)
   40 
   41 #else // !TC_WINDOWS
   42 
   43 #   define CK_DEFINE_FUNCTION(RET_TYPE, NAME) RET_TYPE NAME
   44 #   define CK_DECLARE_FUNCTION(RET_TYPE, NAME) RET_TYPE NAME
   45 #   define CK_DECLARE_FUNCTION_POINTER(RET_TYPE, NAME) RET_TYPE (* NAME)
   46 
   47 #   include <pkcs11.h>
   48 
   49 #endif // !TC_WINDOWS
   50 
   51 
   52 #define TC_SECURITY_TOKEN_KEYFILE_URL_PREFIX L"token://"
   53 #define TC_SECURITY_TOKEN_KEYFILE_URL_SLOT L"slot"
   54 #define TC_SECURITY_TOKEN_KEYFILE_URL_FILE L"file"
   55 
   56 namespace VeraCrypt
   57 {
   58     struct SecurityTokenInfo
   59     {
   60         CK_SLOT_ID SlotId;
   61         CK_FLAGS Flags;
   62         wstring Label;
   63         string LabelUtf8;
   64     };
   65 
   66     struct SecurityTokenKeyfilePath
   67     {
   68         SecurityTokenKeyfilePath () { }
   69         SecurityTokenKeyfilePath (const wstring &path) : Path (path) { }
   70         operator wstring () const { return Path; }
   71         wstring Path;
   72     };
   73 
   74     struct SecurityTokenKeyfile
   75     {
   76         SecurityTokenKeyfile () : Handle(CK_INVALID_HANDLE), SlotId(CK_UNAVAILABLE_INFORMATION) { Token.SlotId = CK_UNAVAILABLE_INFORMATION; Token.Flags = 0; }
   77         SecurityTokenKeyfile (const SecurityTokenKeyfilePath &path);
   78 
   79         operator SecurityTokenKeyfilePath () const;
   80 
   81         CK_OBJECT_HANDLE Handle;
   82         wstring Id;
   83         string IdUtf8;
   84         CK_SLOT_ID SlotId;
   85         SecurityTokenInfo Token;
   86     };
   87 
   88     struct Pkcs11Exception : public Exception
   89     {
   90         Pkcs11Exception (CK_RV errorCode = (CK_RV) -1)
   91             : ErrorCode (errorCode),
   92             SubjectErrorCodeValid (false),
   93             SubjectErrorCode( (uint64) -1)
   94         {
   95         }
   96 
   97         Pkcs11Exception (CK_RV errorCode, uint64 subjectErrorCode)
   98             : ErrorCode (errorCode),
   99             SubjectErrorCodeValid (true),
  100             SubjectErrorCode (subjectErrorCode)
  101         {
  102         }
  103 
  104 #ifdef TC_HEADER_Platform_Exception
  105         virtual ~Pkcs11Exception () throw () { }
  106         TC_SERIALIZABLE_EXCEPTION (Pkcs11Exception);
  107 #else
  108         void Show (HWND parent) const;
  109 #endif
  110         operator string () const;
  111         CK_RV GetErrorCode () const { return ErrorCode; }
  112 
  113     protected:
  114         CK_RV ErrorCode;
  115         bool SubjectErrorCodeValid;
  116         uint64 SubjectErrorCode;
  117     };
  118 
  119 
  120 #ifdef TC_HEADER_Platform_Exception
  121 
  122 #define TC_EXCEPTION(NAME) TC_EXCEPTION_DECL(NAME,Exception)
  123 
  124 #undef TC_EXCEPTION_SET
  125 #define TC_EXCEPTION_SET \
  126     TC_EXCEPTION_NODECL (Pkcs11Exception); \
  127     TC_EXCEPTION (InvalidSecurityTokenKeyfilePath); \
  128     TC_EXCEPTION (SecurityTokenLibraryNotInitialized); \
  129     TC_EXCEPTION (SecurityTokenKeyfileAlreadyExists); \
  130     TC_EXCEPTION (SecurityTokenKeyfileNotFound);
  131 
  132     TC_EXCEPTION_SET;
  133 
  134 #undef TC_EXCEPTION
  135 
  136 #else // !TC_HEADER_Platform_Exception
  137 
  138     struct SecurityTokenLibraryNotInitialized : public Exception
  139     {
  140         void Show (HWND parent) const { Error (SecurityTokenLibraryPath[0] == 0 ? "NO_PKCS11_MODULE_SPECIFIED" : "PKCS11_MODULE_INIT_FAILED", parent); }
  141     };
  142 
  143     struct InvalidSecurityTokenKeyfilePath : public Exception
  144     {
  145         void Show (HWND parent) const { Error ("INVALID_TOKEN_KEYFILE_PATH", parent); }
  146     };
  147 
  148     struct SecurityTokenKeyfileAlreadyExists : public Exception
  149     {
  150         void Show (HWND parent) const { Error ("TOKEN_KEYFILE_ALREADY_EXISTS", parent); }
  151     };
  152 
  153     struct SecurityTokenKeyfileNotFound : public Exception
  154     {
  155         void Show (HWND parent) const { Error ("TOKEN_KEYFILE_NOT_FOUND", parent); }
  156     };
  157 
  158 #endif // !TC_HEADER_Platform_Exception
  159 
  160 
  161     struct Pkcs11Session
  162     {
  163         Pkcs11Session () : Handle (CK_UNAVAILABLE_INFORMATION), UserLoggedIn (false) { }
  164 
  165         CK_SESSION_HANDLE Handle;
  166         bool UserLoggedIn;
  167     };
  168 
  169     struct GetPinFunctor
  170     {
  171         virtual ~GetPinFunctor () { }
  172         virtual void operator() (string &str) = 0;
  173         virtual void notifyIncorrectPin () = 0;
  174     };
  175 
  176     struct SendExceptionFunctor
  177     {
  178         virtual ~SendExceptionFunctor () { }
  179         virtual void operator() (const Exception &e) = 0;
  180     };
  181 
  182     class SecurityToken
  183     {
  184     public:
  185         static void CloseAllSessions () throw ();
  186         static void CloseLibrary ();
  187         static void CreateKeyfile (CK_SLOT_ID slotId, vector <byte> &keyfileData, const string &name);
  188         static void DeleteKeyfile (const SecurityTokenKeyfile &keyfile);
  189         static vector <SecurityTokenKeyfile> GetAvailableKeyfiles (CK_SLOT_ID *slotIdFilter = nullptr, const wstring keyfileIdFilter = wstring());
  190         static void GetKeyfileData (const SecurityTokenKeyfile &keyfile, vector <byte> &keyfileData);
  191         static list <SecurityTokenInfo> GetAvailableTokens ();
  192         static SecurityTokenInfo GetTokenInfo (CK_SLOT_ID slotId);
  193 #ifdef TC_WINDOWS
  194         static void InitLibrary (const wstring &pkcs11LibraryPath, auto_ptr <GetPinFunctor> pinCallback, auto_ptr <SendExceptionFunctor> warningCallback);
  195 #else
  196         static void InitLibrary (const string &pkcs11LibraryPath, auto_ptr <GetPinFunctor> pinCallback, auto_ptr <SendExceptionFunctor> warningCallback);
  197 #endif
  198         static bool IsInitialized () { return Initialized; }
  199         static bool IsKeyfilePathValid (const wstring &securityTokenKeyfilePath);
  200 
  201         static const size_t MaxPasswordLength = 128;
  202 
  203     protected:
  204         static void CloseSession (CK_SLOT_ID slotId);
  205         static vector <CK_OBJECT_HANDLE> GetObjects (CK_SLOT_ID slotId, CK_ATTRIBUTE_TYPE objectClass);
  206         static void GetObjectAttribute (CK_SLOT_ID slotId, CK_OBJECT_HANDLE tokenObject, CK_ATTRIBUTE_TYPE attributeType, vector <byte> &attributeValue);
  207         static list <CK_SLOT_ID> GetTokenSlots ();
  208         static void Login (CK_SLOT_ID slotId, const char* pin);
  209         static void LoginUserIfRequired (CK_SLOT_ID slotId);
  210         static void OpenSession (CK_SLOT_ID slotId);
  211         static void CheckLibraryStatus ();
  212 
  213         static bool Initialized;
  214         static auto_ptr <GetPinFunctor> PinCallback;
  215         static CK_FUNCTION_LIST_PTR Pkcs11Functions;
  216 #ifdef TC_WINDOWS
  217         static HMODULE Pkcs11LibraryHandle;
  218 #else
  219         static void *Pkcs11LibraryHandle;
  220 #endif
  221         static map <CK_SLOT_ID, Pkcs11Session> Sessions;
  222         static auto_ptr <SendExceptionFunctor> WarningCallback;
  223     };
  224 }
  225 
  226 #endif // TC_HEADER_Common_SecurityToken