Add pReserved and other PKCS#11 flags for initialize

Signed-off-by: Alexandru Placinta <[email protected]>

Author: placintaalexandru

cryptoki/src/context/general_purpose.rs

@@ -11,7 +11,7 @@ use std::fmt::Display;
 
 // See public docs on stub in parent mod.rs
 #[inline(always)]
-pub(super) fn initialize(ctx: &Pkcs11, init_args: CInitializeArgs) -> Result<()> {
+pub(super) fn initialize<T>(ctx: &Pkcs11, init_args: CInitializeArgs<T>) -> Result<()> {
     // if no args are specified, library expects NULL
     let mut init_args = CK_C_INITIALIZE_ARGS::from(init_args);
     let init_args_ptr = &mut init_args;

cryptoki/src/context/locking.rs

@@ -2,32 +2,121 @@
 // SPDX-License-Identifier: Apache-2.0
 //! Locking related type
 
-use cryptoki_sys::{CKF_OS_LOCKING_OK, CK_FLAGS};
+use cryptoki_sys::{
+    CKF_LIBRARY_CANT_CREATE_OS_THREADS, CKF_OS_LOCKING_OK, CK_CREATEMUTEX, CK_DESTROYMUTEX,
+    CK_FLAGS, CK_LOCKMUTEX, CK_UNLOCKMUTEX,
+};
 
-use std::ptr;
+use std::{os::raw::c_void, ptr};
 
-/// Argument for the initialize function
+/// Provides function pointers for mutex-handling to ensure safe multi-threaded access.
+#[derive(Copy, Clone, Debug)]
+pub struct CustomMutexHandling {
+    create_mutex: CK_CREATEMUTEX,
+    destroy_mutex: CK_DESTROYMUTEX,
+    lock_mutex: CK_LOCKMUTEX,
+    unlock_mutex: CK_UNLOCKMUTEX,
+}
+
+/// Flags to set for the initialize function
 #[derive(Copy, Clone, Debug)]
-pub enum CInitializeArgs {
-    /// The library can use the native OS library for locking
+pub enum CInitializeFlags {
+    /// The library won’t be accessed from multiple threads simultaneously
+    None,
+    /// The library may not create its own threads
+    NoOsThreads,
+    /// The library can use the native OS library for locking or the custom
     OsThreads,
-    // TODO: add variants for custom mutexes here and no multithreading, safety implications for
-    // that.
+    /// The library needs to use the supplied function pointers
+    /// for mutex-handling to ensure safe multi-threaded access.
+    CustomMutexHandling(CustomMutexHandling),
+    /// The library needs to use either the native operating system primitives
+    /// or the supplied function pointers for mutex-handling to ensure safe
+    /// multi-threaded access
+    OsThreadsOrCustomMutexHandling(CustomMutexHandling),
+}
+
+#[derive(Debug)]
+/// Argument for the initialize function
+pub struct CInitializeArgs<T> {
+    flags: CInitializeFlags,
+    p_reserved: Option<Box<T>>,
+}
+
+impl<T> CInitializeArgs<T> {
+    /// Create a new `CInitializeArgs` with the given flags
+    pub fn new(flags: CInitializeFlags) -> Self {
+        Self {
+            flags,
+            p_reserved: None,
+        }
+    }
+
+    /// Create a new `CInitializeArgs` with the given flags and reserved pointer
+    pub fn new_with_reserved(flags: CInitializeFlags, p_reserved: Box<T>) -> Self {
+        Self {
+            flags,
+            p_reserved: Some(p_reserved),
+        }
+    }
 }
 
-impl From<CInitializeArgs> for cryptoki_sys::CK_C_INITIALIZE_ARGS {
-    fn from(c_initialize_args: CInitializeArgs) -> Self {
+impl<T> From<CInitializeArgs<T>> for cryptoki_sys::CK_C_INITIALIZE_ARGS {
+    fn from(c_initialize_args: CInitializeArgs<T>) -> Self {
         let mut flags = CK_FLAGS::default();
-        match c_initialize_args {
-            CInitializeArgs::OsThreads => {
+        let p_reserved = c_initialize_args
+            .p_reserved
+            .map(Box::into_raw)
+            .unwrap_or_else(ptr::null_mut) as *mut c_void;
+
+        match c_initialize_args.flags {
+            CInitializeFlags::None => Self {
+                CreateMutex: None,
+                DestroyMutex: None,
+                LockMutex: None,
+                UnlockMutex: None,
+                flags,
+                pReserved: p_reserved,
+            },
+            CInitializeFlags::NoOsThreads => {
+                flags |= CKF_LIBRARY_CANT_CREATE_OS_THREADS;
+                Self {
+                    flags,
+                    CreateMutex: None,
+                    DestroyMutex: None,
+                    LockMutex: None,
+                    UnlockMutex: None,
+                    pReserved: p_reserved,
+                }
+            }
+            CInitializeFlags::OsThreads => {
                 flags |= CKF_OS_LOCKING_OK;
                 Self {
                     flags,
                     CreateMutex: None,
                     DestroyMutex: None,
                     LockMutex: None,
                     UnlockMutex: None,
-                    pReserved: ptr::null_mut(),
+                    pReserved: p_reserved,
+                }
+            }
+            CInitializeFlags::CustomMutexHandling(custom_mutex_handling) => Self {
+                flags,
+                CreateMutex: custom_mutex_handling.create_mutex,
+                DestroyMutex: custom_mutex_handling.destroy_mutex,
+                LockMutex: custom_mutex_handling.lock_mutex,
+                UnlockMutex: custom_mutex_handling.unlock_mutex,
+                pReserved: p_reserved,
+            },
+            CInitializeFlags::OsThreadsOrCustomMutexHandling(custom_mutex_handling) => {
+                flags |= CKF_OS_LOCKING_OK;
+                Self {
+                    flags,
+                    CreateMutex: custom_mutex_handling.create_mutex,
+                    DestroyMutex: custom_mutex_handling.destroy_mutex,
+                    LockMutex: custom_mutex_handling.lock_mutex,
+                    UnlockMutex: custom_mutex_handling.unlock_mutex,
+                    pReserved: p_reserved,
                 }
             }
         }

cryptoki/src/context/mod.rs

@@ -189,7 +189,7 @@ impl Pkcs11 {
     }
 
     /// Initialize the PKCS11 library
-    pub fn initialize(&self, init_args: CInitializeArgs) -> Result<()> {
+    pub fn initialize<T>(&self, init_args: CInitializeArgs<T>) -> Result<()> {
         let mut init_lock = self
             .initialized
             .as_ref()