Added multi-part signing/verification bindings

jacobprudhomme · jacobprudhomme · commit 7e2b18f43415 · 2025-03-28T13:35:50.000+01:00
Signed-off-by: Jacob Prud'homme &lt;2160185+jacobprudhomme@users.noreply.github.com&gt;
diff --git a/cryptoki/src/session/signing_macing.rs b/cryptoki/src/session/signing_macing.rs
@@ -56,6 +56,66 @@ impl Session {
         Ok(signature)
     }
 
+    /// Starts new multi-part signing operation
+    pub fn sign_initialize(&self, mechanism: &Mechanism, key: ObjectHandle) -> Result<()> {
+        let mut mechanism: CK_MECHANISM = mechanism.into();
+
+        unsafe {
+            Rv::from(get_pkcs11!(self.client(), C_SignInit)(
+                self.handle(),
+                &mut mechanism as CK_MECHANISM_PTR,
+                key.handle(),
+            ))
+            .into_result(Function::SignInit)?;
+        }
+
+        Ok(())
+    }
+
+    /// Continues an ongoing multi-part signing operation
+    pub fn sign_update(&self, data: &[u8]) -> Result<()> {
+        unsafe {
+            Rv::from(get_pkcs11!(self.client(), C_SignUpdate)(
+                self.handle(),
+                data.as_ptr() as *mut u8,
+                data.len().try_into()?,
+            ))
+            .into_result(Function::SignUpdate)?;
+        }
+
+        Ok(())
+    }
+
+    /// Finalizes ongoing multi-part signing operation
+    pub fn sign_finalize(&self) -> Result<Vec<u8>> {
+        let mut signature_len = 0;
+
+        // Get the output buffer length
+        unsafe {
+            Rv::from(get_pkcs11!(self.client(), C_SignFinal)(
+                self.handle(),
+                std::ptr::null_mut(),
+                &mut signature_len,
+            ))
+            .into_result(Function::SignFinal)?;
+        }
+
+        let mut signature = vec![0; signature_len.try_into()?];
+
+        unsafe {
+            Rv::from(get_pkcs11!(self.client(), C_SignFinal)(
+                self.handle(),
+                signature.as_mut_ptr(),
+                &mut signature_len,
+            ))
+            .into_result(Function::SignFinal)?;
+        }
+
+        signature.resize(signature_len.try_into()?, 0);
+
+        Ok(signature)
+    }
+
     /// Verify data in single-part
     pub fn verify(
         &self,
@@ -86,4 +146,48 @@ impl Session {
             .into_result(Function::Verify)
         }
     }
+
+    /// Starts new multi-part verifying operation
+    pub fn verify_initialize(&self, mechanism: &Mechanism, key: ObjectHandle) -> Result<()> {
+        let mut mechanism: CK_MECHANISM = mechanism.into();
+
+        unsafe {
+            Rv::from(get_pkcs11!(self.client(), C_VerifyInit)(
+                self.handle(),
+                &mut mechanism as CK_MECHANISM_PTR,
+                key.handle(),
+            ))
+            .into_result(Function::VerifyInit)?;
+        }
+
+        Ok(())
+    }
+
+    /// Continues an ongoing multi-part verifying operation
+    pub fn verify_update(&self, data: &[u8]) -> Result<()> {
+        unsafe {
+            Rv::from(get_pkcs11!(self.client(), C_VerifyUpdate)(
+                self.handle(),
+                data.as_ptr() as *mut u8,
+                data.len().try_into()?,
+            ))
+            .into_result(Function::VerifyUpdate)?;
+        }
+
+        Ok(())
+    }
+
+    /// Finalizes ongoing multi-part verifying operation
+    pub fn verify_finalize(&self, signature: &[u8]) -> Result<()> {
+        unsafe {
+            Rv::from(get_pkcs11!(self.client(), C_VerifyFinal)(
+                self.handle(),
+                signature.as_ptr() as *mut u8,
+                signature.len().try_into()?,
+            ))
+            .into_result(Function::VerifyFinal)?;
+        }
+
+        Ok(())
+    }
 }
