Source code for pycryptoki.ca_extensions.session

"""
Module to work with sessions, specifically dealing with ca_extension functions
"""

import logging
from ctypes import byref, string_at, sizeof

from pycryptoki.cryptoki import (
    CK_ULONG,
    CK_SESSION_HANDLE,
    CA_GetSessionInfo,
    CA_GetApplicationID,
    CK_APPLICATION_ID,
    CK_SLOT_ID,
    CA_OpenApplicationIDV2,
    CA_CloseApplicationIDV2,
    CA_SetApplicationIDV2)
from pycryptoki.defines import CKR_OK
from pycryptoki.exceptions import make_error_handle_function

LOG = logging.getLogger(__name__)



[docs]def ca_get_session_info(session):
    """
    ca extension function that returns session information

    :param session: session handle
    :return: tuple of return code and session info dict
    """
    session_info = {}
    h_session = CK_SESSION_HANDLE(session)
    aid_hi = CK_ULONG()
    aid_lo = CK_ULONG()
    container = CK_ULONG()
    auth_level = CK_ULONG()
    ret = CA_GetSessionInfo(
        h_session, byref(aid_hi), byref(aid_lo), byref(container), byref(auth_level)
    )
    if ret != CKR_OK:
        return ret, None

    session_info["aidHigh"] = aid_hi.value
    session_info["aidLow"] = aid_lo.value
    session_info["containerNumber"] = container.value
    session_info["authenticationLevel"] = auth_level.value

    return ret, session_info



ca_get_session_info_ex = make_error_handle_function(ca_get_session_info)



[docs]def ca_get_application_id():
    """
    Get the current process's AccessID.

    :return: retcode, bytestring tuple.
    """
    dest = CK_APPLICATION_ID()
    rv = CA_GetApplicationID(byref(dest))
    if rv != CKR_OK:
        return rv, None
    return rv, string_at(dest.id, sizeof(dest.id))



ca_get_application_id_ex = make_error_handle_function(ca_get_application_id)



[docs]def ca_open_application_id_v2(slot, appid):
    """
    Open the given AccessID for the target slot.

    :param slot: Slot #.
    :param appid: bytestring of length 16.
    :return: Retcode.
    """
    access_id = CK_APPLICATION_ID(appid)
    return CA_OpenApplicationIDV2(CK_SLOT_ID(slot), byref(access_id))



ca_open_application_id_v2_ex = make_error_handle_function(ca_open_application_id_v2)



[docs]def ca_close_application_id_v2(slot, appid):
    """
    Close the AccessID associated with the given slot.

    :param slot: Slot #.
    :param appid: bytestring of length 16.
    :return: Retcode.
    """
    access_id = CK_APPLICATION_ID(appid)
    return CA_CloseApplicationIDV2(CK_SLOT_ID(slot), byref(access_id))



ca_close_application_id_v2_ex = make_error_handle_function(ca_close_application_id_v2)



[docs]def ca_set_application_id_v2(appid):
    """
    Set the Current process's AccessID.

    :param appid: bytestring of length 16
    :return: Retcode
    """
    access_id = CK_APPLICATION_ID(appid)
    return CA_SetApplicationIDV2(byref(access_id))


ca_set_application_id_v2_ex = make_error_handle_function(ca_set_application_id_v2)