diff --git a/pkg/core/cryptosuite/common/pkcs11/contextHandle.go b/pkg/core/cryptosuite/common/pkcs11/contextHandle.go index b1032ee354..e94171022d 100644 --- a/pkg/core/cryptosuite/common/pkcs11/contextHandle.go +++ b/pkg/core/cryptosuite/common/pkcs11/contextHandle.go @@ -15,7 +15,7 @@ import ( "github.com/hyperledger/fabric-sdk-go/pkg/common/logging" "github.com/hyperledger/fabric-sdk-go/pkg/util/concurrent/lazycache" "github.com/hyperledger/fabric-sdk-go/pkg/util/concurrent/lazyref" - "github.com/miekg/pkcs11" + mPkcs11 "github.com/miekg/pkcs11" "github.com/pkg/errors" ) @@ -57,34 +57,34 @@ func LoadContextAndLogin(lib, pin, label string) (*ContextHandle, error) { return pkcs11Context, err } -//ContextHandle encapsulate basic pkcs11.Ctx operations and manages sessions +//ContextHandle encapsulate basic mPkcs11.Ctx operations and manages sessions type ContextHandle struct { - ctx *pkcs11.Ctx + ctx *mPkcs11.Ctx slot uint pin string lib string label string - sessions chan pkcs11.SessionHandle + sessions chan mPkcs11.SessionHandle opts ctxOpts reloadNotification chan struct{} lock sync.RWMutex } -// NotifyCtxReload registers a channel to get notification when underlying pkcs11.Ctx is recreated +// NotifyCtxReload registers a channel to get notification when underlying mPkcs11.Ctx is recreated func (handle *ContextHandle) NotifyCtxReload(ch chan struct{}) { handle.reloadNotification = ch } //OpenSession opens a session between an application and a token. -func (handle *ContextHandle) OpenSession() (pkcs11.SessionHandle, error) { +func (handle *ContextHandle) OpenSession() (mPkcs11.SessionHandle, error) { handle.lock.RLock() defer handle.lock.RUnlock() - var session pkcs11.SessionHandle + var session mPkcs11.SessionHandle var err error for i := 0; i < handle.opts.openSessionRetry; i++ { - session, err = handle.ctx.OpenSession(handle.slot, pkcs11.CKF_SERIAL_SESSION|pkcs11.CKF_RW_SESSION) + session, err = handle.ctx.OpenSession(handle.slot, mPkcs11.CKF_SERIAL_SESSION|mPkcs11.CKF_RW_SESSION) if err != nil { logger.Warnf("OpenSession failed, retrying [%s]\n", err) } else { @@ -96,7 +96,7 @@ func (handle *ContextHandle) OpenSession() (pkcs11.SessionHandle, error) { } // Login logs a user into a token -func (handle *ContextHandle) Login(session pkcs11.SessionHandle) error { +func (handle *ContextHandle) Login(session mPkcs11.SessionHandle) error { handle.lock.RLock() defer handle.lock.RUnlock() @@ -104,8 +104,8 @@ func (handle *ContextHandle) Login(session pkcs11.SessionHandle) error { if handle.pin == "" { return errors.New("No PIN set") } - err := handle.ctx.Login(session, pkcs11.CKU_USER, handle.pin) - if err != nil && err != pkcs11.Error(pkcs11.CKR_USER_ALREADY_LOGGED_IN) { + err := handle.ctx.Login(session, mPkcs11.CKU_USER, handle.pin) + if err != nil && err != mPkcs11.Error(mPkcs11.CKR_USER_ALREADY_LOGGED_IN) { return errors.Errorf("Login failed [%s]", err) } return nil @@ -113,7 +113,7 @@ func (handle *ContextHandle) Login(session pkcs11.SessionHandle) error { //ReturnSession returns session back into the session pool //if pool is pull or session is invalid then discards session -func (handle *ContextHandle) ReturnSession(session pkcs11.SessionHandle) { +func (handle *ContextHandle) ReturnSession(session mPkcs11.SessionHandle) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -143,7 +143,7 @@ func (handle *ContextHandle) ReturnSession(session pkcs11.SessionHandle) { //GetSession returns session from session pool //if pool is empty or completely in use, creates new session //if new session is invalid recreates one after reloading ctx and re-login -func (handle *ContextHandle) GetSession() (session pkcs11.SessionHandle) { +func (handle *ContextHandle) GetSession() (session mPkcs11.SessionHandle) { handle.lock.RLock() select { case session = <-handle.sessions: @@ -166,7 +166,7 @@ func (handle *ContextHandle) GetSession() (session pkcs11.SessionHandle) { } // GetAttributeValue obtains the value of one or more object attributes. -func (handle *ContextHandle) GetAttributeValue(session pkcs11.SessionHandle, objectHandle pkcs11.ObjectHandle, attrs []*pkcs11.Attribute) ([]*pkcs11.Attribute, error) { +func (handle *ContextHandle) GetAttributeValue(session mPkcs11.SessionHandle, objectHandle mPkcs11.ObjectHandle, attrs []*mPkcs11.Attribute) ([]*mPkcs11.Attribute, error) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -175,7 +175,7 @@ func (handle *ContextHandle) GetAttributeValue(session pkcs11.SessionHandle, obj } // SetAttributeValue modifies the value of one or more object attributes -func (handle *ContextHandle) SetAttributeValue(session pkcs11.SessionHandle, objectHandle pkcs11.ObjectHandle, attrs []*pkcs11.Attribute) error { +func (handle *ContextHandle) SetAttributeValue(session mPkcs11.SessionHandle, objectHandle mPkcs11.ObjectHandle, attrs []*mPkcs11.Attribute) error { handle.lock.RLock() defer handle.lock.RUnlock() @@ -184,7 +184,7 @@ func (handle *ContextHandle) SetAttributeValue(session pkcs11.SessionHandle, obj } // GenerateKeyPair generates a public-key/private-key pair creating new key objects. -func (handle *ContextHandle) GenerateKeyPair(session pkcs11.SessionHandle, m []*pkcs11.Mechanism, public, private []*pkcs11.Attribute) (pkcs11.ObjectHandle, pkcs11.ObjectHandle, error) { +func (handle *ContextHandle) GenerateKeyPair(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, public, private []*mPkcs11.Attribute) (mPkcs11.ObjectHandle, mPkcs11.ObjectHandle, error) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -193,7 +193,7 @@ func (handle *ContextHandle) GenerateKeyPair(session pkcs11.SessionHandle, m []* } //GenerateKey generates a secret key, creating a new key object. -func (handle *ContextHandle) GenerateKey(session pkcs11.SessionHandle, m []*pkcs11.Mechanism, temp []*pkcs11.Attribute) (pkcs11.ObjectHandle, error) { +func (handle *ContextHandle) GenerateKey(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, temp []*mPkcs11.Attribute) (mPkcs11.ObjectHandle, error) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -202,7 +202,7 @@ func (handle *ContextHandle) GenerateKey(session pkcs11.SessionHandle, m []*pkcs } // FindObjectsInit initializes a search for token and session objects that match a template. -func (handle *ContextHandle) FindObjectsInit(session pkcs11.SessionHandle, temp []*pkcs11.Attribute) error { +func (handle *ContextHandle) FindObjectsInit(session mPkcs11.SessionHandle, temp []*mPkcs11.Attribute) error { handle.lock.RLock() defer handle.lock.RUnlock() @@ -212,7 +212,7 @@ func (handle *ContextHandle) FindObjectsInit(session pkcs11.SessionHandle, temp // FindObjects continues a search for token and session objects that match a template, obtaining additional object // handles. The returned boolean indicates if the list would have been larger than max. -func (handle *ContextHandle) FindObjects(session pkcs11.SessionHandle, max int) ([]pkcs11.ObjectHandle, bool, error) { +func (handle *ContextHandle) FindObjects(session mPkcs11.SessionHandle, max int) ([]mPkcs11.ObjectHandle, bool, error) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -221,7 +221,7 @@ func (handle *ContextHandle) FindObjects(session pkcs11.SessionHandle, max int) } //FindObjectsFinal finishes a search for token and session objects. -func (handle *ContextHandle) FindObjectsFinal(session pkcs11.SessionHandle) error { +func (handle *ContextHandle) FindObjectsFinal(session mPkcs11.SessionHandle) error { handle.lock.RLock() defer handle.lock.RUnlock() @@ -230,7 +230,7 @@ func (handle *ContextHandle) FindObjectsFinal(session pkcs11.SessionHandle) erro } //Encrypt encrypts single-part data. -func (handle *ContextHandle) Encrypt(session pkcs11.SessionHandle, message []byte) ([]byte, error) { +func (handle *ContextHandle) Encrypt(session mPkcs11.SessionHandle, message []byte) ([]byte, error) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -239,7 +239,7 @@ func (handle *ContextHandle) Encrypt(session pkcs11.SessionHandle, message []byt } //EncryptInit initializes an encryption operation. -func (handle *ContextHandle) EncryptInit(session pkcs11.SessionHandle, m []*pkcs11.Mechanism, o pkcs11.ObjectHandle) error { +func (handle *ContextHandle) EncryptInit(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, o mPkcs11.ObjectHandle) error { handle.lock.RLock() defer handle.lock.RUnlock() @@ -248,7 +248,7 @@ func (handle *ContextHandle) EncryptInit(session pkcs11.SessionHandle, m []*pkcs } //DecryptInit initializes a decryption operation. -func (handle *ContextHandle) DecryptInit(session pkcs11.SessionHandle, m []*pkcs11.Mechanism, o pkcs11.ObjectHandle) error { +func (handle *ContextHandle) DecryptInit(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, o mPkcs11.ObjectHandle) error { handle.lock.RLock() defer handle.lock.RUnlock() @@ -257,7 +257,7 @@ func (handle *ContextHandle) DecryptInit(session pkcs11.SessionHandle, m []*pkcs } //Decrypt decrypts encrypted data in a single part. -func (handle *ContextHandle) Decrypt(session pkcs11.SessionHandle, cypher []byte) ([]byte, error) { +func (handle *ContextHandle) Decrypt(session mPkcs11.SessionHandle, cypher []byte) ([]byte, error) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -268,7 +268,7 @@ func (handle *ContextHandle) Decrypt(session pkcs11.SessionHandle, cypher []byte // SignInit initializes a signature (private key encryption) // operation, where the signature is (will be) an appendix to // the data, and plaintext cannot be recovered from the signature. -func (handle *ContextHandle) SignInit(session pkcs11.SessionHandle, m []*pkcs11.Mechanism, o pkcs11.ObjectHandle) error { +func (handle *ContextHandle) SignInit(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, o mPkcs11.ObjectHandle) error { handle.lock.RLock() defer handle.lock.RUnlock() @@ -277,7 +277,7 @@ func (handle *ContextHandle) SignInit(session pkcs11.SessionHandle, m []*pkcs11. // Sign signs (encrypts with private key) data in a single part, where the signature // is (will be) an appendix to the data, and plaintext cannot be recovered from the signature. -func (handle *ContextHandle) Sign(session pkcs11.SessionHandle, message []byte) ([]byte, error) { +func (handle *ContextHandle) Sign(session mPkcs11.SessionHandle, message []byte) ([]byte, error) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -287,7 +287,7 @@ func (handle *ContextHandle) Sign(session pkcs11.SessionHandle, message []byte) // VerifyInit initializes a verification operation, where the // signature is an appendix to the data, and plaintext cannot // be recovered from the signature (e.g. DSA). -func (handle *ContextHandle) VerifyInit(session pkcs11.SessionHandle, m []*pkcs11.Mechanism, key pkcs11.ObjectHandle) error { +func (handle *ContextHandle) VerifyInit(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, key mPkcs11.ObjectHandle) error { handle.lock.RLock() defer handle.lock.RUnlock() @@ -297,7 +297,7 @@ func (handle *ContextHandle) VerifyInit(session pkcs11.SessionHandle, m []*pkcs1 // Verify verifies a signature in a single-part operation, // where the signature is an appendix to the data, and plaintext // cannot be recovered from the signature. -func (handle *ContextHandle) Verify(session pkcs11.SessionHandle, data []byte, signature []byte) error { +func (handle *ContextHandle) Verify(session mPkcs11.SessionHandle, data []byte, signature []byte) error { handle.lock.RLock() defer handle.lock.RUnlock() @@ -305,7 +305,7 @@ func (handle *ContextHandle) Verify(session pkcs11.SessionHandle, data []byte, s } // CreateObject creates a new object. -func (handle *ContextHandle) CreateObject(session pkcs11.SessionHandle, temp []*pkcs11.Attribute) (pkcs11.ObjectHandle, error) { +func (handle *ContextHandle) CreateObject(session mPkcs11.SessionHandle, temp []*mPkcs11.Attribute) (mPkcs11.ObjectHandle, error) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -313,7 +313,7 @@ func (handle *ContextHandle) CreateObject(session pkcs11.SessionHandle, temp []* } // CopyObject creates a copy of an object. -func (handle *ContextHandle) CopyObject(sh pkcs11.SessionHandle, o pkcs11.ObjectHandle, temp []*pkcs11.Attribute) (pkcs11.ObjectHandle, error) { +func (handle *ContextHandle) CopyObject(sh mPkcs11.SessionHandle, o mPkcs11.ObjectHandle, temp []*mPkcs11.Attribute) (mPkcs11.ObjectHandle, error) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -321,7 +321,7 @@ func (handle *ContextHandle) CopyObject(sh pkcs11.SessionHandle, o pkcs11.Object } // DestroyObject destroys an object. -func (handle *ContextHandle) DestroyObject(sh pkcs11.SessionHandle, oh pkcs11.ObjectHandle) error { +func (handle *ContextHandle) DestroyObject(sh mPkcs11.SessionHandle, oh mPkcs11.ObjectHandle) error { handle.lock.RLock() defer handle.lock.RUnlock() @@ -329,7 +329,7 @@ func (handle *ContextHandle) DestroyObject(sh pkcs11.SessionHandle, oh pkcs11.Ob } //FindKeyPairFromSKI finds key pair by SKI -func (handle *ContextHandle) FindKeyPairFromSKI(session pkcs11.SessionHandle, ski []byte, keyType bool) (*pkcs11.ObjectHandle, error) { +func (handle *ContextHandle) FindKeyPairFromSKI(session mPkcs11.SessionHandle, ski []byte, keyType bool) (*mPkcs11.ObjectHandle, error) { handle.lock.RLock() defer handle.lock.RUnlock() @@ -339,7 +339,7 @@ func (handle *ContextHandle) FindKeyPairFromSKI(session pkcs11.SessionHandle, sk //validateSession validates given session //if session is invalid recreates one after reloading ctx and re-login //care should be taken since handle.lock should be read locked before calling this function -func (handle *ContextHandle) validateSession(currentSession pkcs11.SessionHandle) pkcs11.SessionHandle { +func (handle *ContextHandle) validateSession(currentSession mPkcs11.SessionHandle) mPkcs11.SessionHandle { handle.lock.RLock() @@ -347,13 +347,13 @@ func (handle *ContextHandle) validateSession(currentSession pkcs11.SessionHandle switch e { case errSlotIDChanged, - pkcs11.Error(pkcs11.CKR_OBJECT_HANDLE_INVALID), - pkcs11.Error(pkcs11.CKR_SESSION_HANDLE_INVALID), - pkcs11.Error(pkcs11.CKR_SESSION_CLOSED), - pkcs11.Error(pkcs11.CKR_TOKEN_NOT_PRESENT), - pkcs11.Error(pkcs11.CKR_DEVICE_ERROR), - pkcs11.Error(pkcs11.CKR_GENERAL_ERROR), - pkcs11.Error(pkcs11.CKR_USER_NOT_LOGGED_IN): + mPkcs11.Error(mPkcs11.CKR_OBJECT_HANDLE_INVALID), + mPkcs11.Error(mPkcs11.CKR_SESSION_HANDLE_INVALID), + mPkcs11.Error(mPkcs11.CKR_SESSION_CLOSED), + mPkcs11.Error(mPkcs11.CKR_TOKEN_NOT_PRESENT), + mPkcs11.Error(mPkcs11.CKR_DEVICE_ERROR), + mPkcs11.Error(mPkcs11.CKR_GENERAL_ERROR), + mPkcs11.Error(mPkcs11.CKR_USER_NOT_LOGGED_IN): logger.Warnf("Found error condition [%s], attempting to recreate pkcs11 context and re-login....", e) @@ -387,8 +387,8 @@ func (handle *ContextHandle) validateSession(currentSession pkcs11.SessionHandle logger.Debugf("Recreated new pkcs11 session %+v on slot %d\n", newSession, slot) //login with new session - err = newCtx.Login(newSession, pkcs11.CKU_USER, handle.pin) - if err != nil && err != pkcs11.Error(pkcs11.CKR_USER_ALREADY_LOGGED_IN) { + err = newCtx.Login(newSession, mPkcs11.CKU_USER, handle.pin) + if err != nil && err != mPkcs11.Error(mPkcs11.CKR_USER_ALREADY_LOGGED_IN) { logger.Warnf("Unable to login with new session :%s", newSession) return 0 } @@ -397,13 +397,13 @@ func (handle *ContextHandle) validateSession(currentSession pkcs11.SessionHandle handle.ctx = newCtx handle.slot = slot - handle.sessions = make(chan pkcs11.SessionHandle, handle.opts.sessionCacheSize) + handle.sessions = make(chan mPkcs11.SessionHandle, handle.opts.sessionCacheSize) logger.Infof("Able to login with recreated session successfully") return newSession - case pkcs11.Error(pkcs11.CKR_DEVICE_MEMORY), - pkcs11.Error(pkcs11.CKR_DEVICE_REMOVED): + case mPkcs11.Error(mPkcs11.CKR_DEVICE_MEMORY), + mPkcs11.Error(mPkcs11.CKR_DEVICE_REMOVED): handle.lock.RUnlock() panic(fmt.Sprintf("PKCS11 Session failure: [%s]", e)) @@ -415,7 +415,7 @@ func (handle *ContextHandle) validateSession(currentSession pkcs11.SessionHandle } //detectErrorCondition checks if given session handle has errors -func (handle *ContextHandle) detectErrorCondition(currentSession pkcs11.SessionHandle) error { +func (handle *ContextHandle) detectErrorCondition(currentSession mPkcs11.SessionHandle) error { var e error slot, ok := handle.findSlot(handle.ctx) if !ok || slot != handle.slot { @@ -444,7 +444,7 @@ func (handle *ContextHandle) sendNotification() { } } -//disposePKCS11Ctx disposes pkcs11.Ctx object +//disposePKCS11Ctx disposes mPkcs11.Ctx object func (handle *ContextHandle) disposePKCS11Ctx() { //ignore error on close all sessions err := handle.ctx.CloseAllSessions(handle.slot) @@ -465,9 +465,9 @@ func (handle *ContextHandle) disposePKCS11Ctx() { handle.ctx.Destroy() } -//createNewPKCS11Ctx creates new pkcs11.Ctx -func (handle *ContextHandle) createNewPKCS11Ctx() *pkcs11.Ctx { - newCtx := pkcs11.New(handle.lib) +//createNewPKCS11Ctx creates new mPkcs11.Ctx +func (handle *ContextHandle) createNewPKCS11Ctx() *mPkcs11.Ctx { + newCtx := mPkcs11.New(handle.lib) if newCtx == nil { logger.Warn("Failed to recreate new context for given library") return nil @@ -476,7 +476,7 @@ func (handle *ContextHandle) createNewPKCS11Ctx() *pkcs11.Ctx { //initialize new context err := newCtx.Initialize() if err != nil { - if err != pkcs11.Error(pkcs11.CKR_CRYPTOKI_ALREADY_INITIALIZED) { + if err != mPkcs11.Error(mPkcs11.CKR_CRYPTOKI_ALREADY_INITIALIZED) { logger.Warn("Failed to initialize context:", err) return nil } @@ -486,7 +486,7 @@ func (handle *ContextHandle) createNewPKCS11Ctx() *pkcs11.Ctx { } //findSlot finds slot for given pkcs11 ctx and label -func (handle *ContextHandle) findSlot(ctx *pkcs11.Ctx) (uint, bool) { +func (handle *ContextHandle) findSlot(ctx *mPkcs11.Ctx) (uint, bool) { var found bool var slot uint @@ -515,11 +515,11 @@ func (handle *ContextHandle) findSlot(ctx *pkcs11.Ctx) (uint, bool) { return slot, found } -func createNewSession(ctx *pkcs11.Ctx, slot uint) (pkcs11.SessionHandle, error) { - var newSession pkcs11.SessionHandle +func createNewSession(ctx *mPkcs11.Ctx, slot uint) (mPkcs11.SessionHandle, error) { + var newSession mPkcs11.SessionHandle var err error for i := 0; i < 10; i++ { - newSession, err = ctx.OpenSession(slot, pkcs11.CKF_SERIAL_SESSION|pkcs11.CKF_RW_SESSION) + newSession, err = ctx.OpenSession(slot, mPkcs11.CKF_SERIAL_SESSION|mPkcs11.CKF_RW_SESSION) if err != nil { logger.Warnf("OpenSession failed, retrying [%s]\n", err) } else { @@ -603,13 +603,13 @@ func loadLibInitializer() lazycache.EntryInitializer { return &ContextHandle{}, errors.New("No PKCS11 library default") } - ctx := pkcs11.New(ctxKey.lib) + ctx := mPkcs11.New(ctxKey.lib) if ctx == nil { return &ContextHandle{}, errors.Errorf("Instantiate failed [%s]", ctxKey.lib) } err := ctx.Initialize() - if err != nil && err != pkcs11.Error(pkcs11.CKR_CRYPTOKI_ALREADY_INITIALIZED) { + if err != nil && err != mPkcs11.Error(mPkcs11.CKR_CRYPTOKI_ALREADY_INITIALIZED) { logger.Warn("Failed to initialize context:", err) return &ContextHandle{}, errors.WithMessage(err, "Failed to initialize pkcs11 ctx") } @@ -634,7 +634,7 @@ func loadLibInitializer() lazycache.EntryInitializer { if !found { return &ContextHandle{}, errors.Errorf("Could not find token with label %s", ctxKey.label) } - sessions := make(chan pkcs11.SessionHandle, ctxKey.opts.sessionCacheSize) + sessions := make(chan mPkcs11.SessionHandle, ctxKey.opts.sessionCacheSize) return &ContextHandle{ctx: ctx, slot: slot, pin: ctxKey.pin, lib: ctxKey.lib, label: ctxKey.label, sessions: sessions, opts: ctxKey.opts}, nil } } diff --git a/pkg/core/cryptosuite/common/pkcs11/contextHandle_test.go b/pkg/core/cryptosuite/common/pkcs11/contextHandle_test.go index 8842ee8a2c..ca0426366a 100644 --- a/pkg/core/cryptosuite/common/pkcs11/contextHandle_test.go +++ b/pkg/core/cryptosuite/common/pkcs11/contextHandle_test.go @@ -14,7 +14,7 @@ import ( "os" "strings" - "github.com/miekg/pkcs11" + mPkcs11 "github.com/miekg/pkcs11" "github.com/stretchr/testify/assert" ) @@ -89,7 +89,7 @@ func TestContextHandleFeatures(t *testing.T) { assert.Equal(t, 4, len(handle.sessions)) //reset session pool after test - handle.sessions = make(chan pkcs11.SessionHandle, handle.opts.sessionCacheSize) + handle.sessions = make(chan mPkcs11.SessionHandle, handle.opts.sessionCacheSize) //force reload handle, err = ReloadPKCS11ContextHandle(lib, label, pin) @@ -156,7 +156,7 @@ func TestMultipleContextHandleInstances(t *testing.T) { assert.Equal(t, 4, len(handle.sessions)) //reset session pool after test - handle.sessions = make(chan pkcs11.SessionHandle, handle.opts.sessionCacheSize) + handle.sessions = make(chan mPkcs11.SessionHandle, handle.opts.sessionCacheSize) } handle1, err := LoadPKCS11ContextHandle(lib, label, pin) @@ -228,7 +228,7 @@ func TestContextHandleInstance(t *testing.T) { //Open session should fail it is destroyed by previous instance err = handle1.ctx.CloseAllSessions(handle.slot) - assert.Error(t, err, pkcs11.CKR_CRYPTOKI_NOT_INITIALIZED) + assert.Error(t, err, mPkcs11.CKR_CRYPTOKI_NOT_INITIALIZED) }) } @@ -266,11 +266,11 @@ func TestContextHandleOpts(t *testing.T) { //session3 should be closed _, e = handle.ctx.GetSessionInfo(session3) - assert.Equal(t, pkcs11.Error(pkcs11.CKR_SESSION_HANDLE_INVALID), e) + assert.Equal(t, mPkcs11.Error(mPkcs11.CKR_SESSION_HANDLE_INVALID), e) //session4 should be closed _, e = handle.ctx.GetSessionInfo(session4) - assert.Equal(t, pkcs11.Error(pkcs11.CKR_SESSION_HANDLE_INVALID), e) + assert.Equal(t, mPkcs11.Error(mPkcs11.CKR_SESSION_HANDLE_INVALID), e) } @@ -331,17 +331,17 @@ func TestContextRefreshOnInvalidSession(t *testing.T) { assert.True(t, receivedNotification) //reset session pool after test - handle.sessions = make(chan pkcs11.SessionHandle, handle.opts.sessionCacheSize) + handle.sessions = make(chan mPkcs11.SessionHandle, handle.opts.sessionCacheSize) } func TestSessionsFromDifferentPKCS11Ctx(t *testing.T) { //Testing if session created by a ctx can be validated by of some other ctx created using same lib/label/pin - ctxAndSession := func(label string) (*pkcs11.Ctx, pkcs11.SessionHandle) { - ctx := pkcs11.New(lib) + ctxAndSession := func(label string) (*mPkcs11.Ctx, mPkcs11.SessionHandle) { + ctx := mPkcs11.New(lib) assert.NotNil(t, ctx) err := ctx.Initialize() - assert.False(t, err != nil && err != pkcs11.Error(pkcs11.CKR_CRYPTOKI_ALREADY_INITIALIZED)) + assert.False(t, err != nil && err != mPkcs11.Error(mPkcs11.CKR_CRYPTOKI_ALREADY_INITIALIZED)) var found bool var slot uint