FreeRTOS: PKCS11
PKCS11 Cryptoki Library
Return to main page ↑
C_DigestFinal

Finishes a multiple-part digesting operation.

CK_DECLARE_FUNCTION( CK_RV, C_DigestFinal )( CK_SESSION_HANDLE hSession,
CK_BYTE_PTR pDigest,
CK_ULONG_PTR pulDigestLen )
{
P11Session_t * pxSession = prvSessionPointerFromHandle( hSession );
CK_RV xResult = prvCheckValidSessionAndModule( pxSession );
if( pulDigestLen == NULL )
{
xResult = CKR_ARGUMENTS_BAD;
}
if( xResult == CKR_OK )
{
if( pxSession->xOperationDigestMechanism != CKM_SHA256 )
{
xResult = CKR_OPERATION_NOT_INITIALIZED;
pxSession->xOperationDigestMechanism = pkcs11NO_OPERATION;
}
}
if( xResult == CKR_OK )
{
if( pDigest == NULL )
{
/* Supply the required buffer size. */
*pulDigestLen = ( CK_ULONG ) pkcs11SHA256_DIGEST_LENGTH;
}
else
{
if( *pulDigestLen < ( CK_ULONG ) pkcs11SHA256_DIGEST_LENGTH )
{
xResult = CKR_BUFFER_TOO_SMALL;
}
else
{
if( 0 != mbedtls_sha256_finish_ret( &pxSession->xSHA256Context, pDigest ) )
{
xResult = CKR_FUNCTION_FAILED;
}
pxSession->xOperationDigestMechanism = pkcs11NO_OPERATION;
}
}
}
if( ( xResult != CKR_OK ) && ( xResult != CKR_BUFFER_TOO_SMALL ) && ( xResult != CKR_SESSION_HANDLE_INVALID ) )
{
pxSession->xOperationDigestMechanism = pkcs11NO_OPERATION;
mbedtls_sha256_free( &pxSession->xSHA256Context );
}
return xResult;
}
See also
C_DigestInit(), C_DigestUpdate()
Note
Digest parameters are shared by a session. Calling C_DigestInit(), C_DigestUpdate(), and C_DigestFinal() with the same session across different tasks may lead to unexpected results.
Parameters
[in]hSessionHandle of a valid PKCS #11 session.
[out]pDigestPointer to the location that receives the message digest. Memory must be allocated by the caller. Caller is responsible for allocating memory. Providing NULL for this input will cause pulDigestLen to be updated for length of buffer required.
[in,out]pulDigestLenPoints to the location that holds the length of the message digest. If pDigest is NULL, this value is updated to contain the length of the buffer needed to hold the digest. Else it is updated to contain the actual length of the digest placed in pDigest.
Returns
CKR_OK if successful. Else, see PKCS #11 specification for more information.
CK_DECLARE_FUNCTION
#define CK_DECLARE_FUNCTION(returnType, name)
Macro for defining a PKCS #11 functions.
Definition: iot_pkcs11.h:66
P11Session_t::xOperationDigestMechanism
CK_MECHANISM_TYPE xOperationDigestMechanism
Indicates if a digest operation is in progress.
Definition: iot_pkcs11_mbedtls.c:220
pkcs11SHA256_DIGEST_LENGTH
#define pkcs11SHA256_DIGEST_LENGTH
Length of a SHA256 digest, in bytes.
Definition: iot_pkcs11.h:83
P11Session_t::xSHA256Context
mbedtls_sha256_context xSHA256Context
Context for in progress digest operation.
Definition: iot_pkcs11_mbedtls.c:229
prvSessionPointerFromHandle
static P11Session_t * prvSessionPointerFromHandle(CK_SESSION_HANDLE xSession)
Maps an opaque caller session handle into its internal state structure.
Definition: iot_pkcs11_mbedtls.c:287
prvCheckValidSessionAndModule
static CK_RV prvCheckValidSessionAndModule(const P11Session_t *pxSession)
Helper to check if the current session is initialized and valid.
Definition: iot_pkcs11_mbedtls.c:248
P11Session_t
Session structure.
Definition: iot_pkcs11_mbedtls.c:217
C_DigestFinal
CK_RV C_DigestFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen)
Finishes a multiple-part digesting operation.
Definition: iot_pkcs11_mbedtls.c:3284
pkcs11NO_OPERATION
#define pkcs11NO_OPERATION
Indicates that no PKCS #11 operation is underway for given session.
Definition: iot_pkcs11_mbedtls.c:117