def __init__(self, backend, cipher, mode, operation):
self._backend = backend
# TODO: softhsm only supports AES/3DES with ECB/CBC
if not backend.cipher_supported(cipher, mode):
raise UnsupportedAlgorithm(
"cipher {0} in {1} mode is not supported "
"by this backend.".format(
cipher.name, mode.name if mode else mode),
_Reasons.UNSUPPORTED_CIPHER
)
if isinstance(cipher, KeyHandle):
self._key_handle = cipher.key
else:
self._key_handle = key_handle_from_bytes(cipher.key, backend)
self._cipher = cipher
self._mode = mode
self._operation = operation
self._buffer = b""
if isinstance(self._cipher, ciphers.BlockCipherAlgorithm):
self._block_size = self._cipher.block_size // 8
else:
self._block_size = 1
if isinstance(mode, modes.ModeWithInitializationVector):
iv_nonce = self._backend._ffi.new(
"CK_BYTE[]", mode.initialization_vector
)
iv_nonce_len = len(mode.initialization_vector)
elif isinstance(mode, modes.ModeWithNonce):
iv_nonce = self._backend._ffi.new("CK_BYTE[]", mode.nonce)
iv_nonce_len = len(mode.nonce)
else:
iv_nonce = self._backend._ffi.NULL
iv_nonce_len = 0
mech = self._backend._ffi.new("CK_MECHANISM *")
mech.mechanism = self._get_mechanism(cipher, mode)
mech.parameter = iv_nonce
mech.parameter_len = iv_nonce_len
self._session = self._backend._session_pool.acquire_and_init(
backend, self._operation["init"], mech, self._key_handle._handle
)
评论列表
文章目录
