1 // Copyright 2016, 2017 Thales e-Security, Inc 2 // 3 // Permission is hereby granted, free of charge, to any person obtaining 4 // a copy of this software and associated documentation files (the 5 // "Software"), to deal in the Software without restriction, including 6 // without limitation the rights to use, copy, modify, merge, publish, 7 // distribute, sublicense, and/or sell copies of the Software, and to 8 // permit persons to whom the Software is furnished to do so, subject to 9 // the following conditions: 10 // 11 // The above copyright notice and this permission notice shall be 12 // included in all copies or substantial portions of the Software. 13 // 14 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 15 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 16 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 17 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 18 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 19 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 20 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 21 22 package crypto11 23 24 import ( 25 "io" 26 ) 27 28 // NewRandomReader returns a reader for the random number generator on the token. 29 func (c *Context) NewRandomReader() (io.Reader, error) { 30 if c.closed.Get() { 31 return nil, errClosed 32 } 33 34 return pkcs11RandReader{c}, nil 35 } 36 37 // pkcs11RandReader is a random number reader that uses PKCS#11. 38 type pkcs11RandReader struct { 39 context *Context 40 } 41 42 // This implements the Reader interface for pkcs11RandReader. 43 func (r pkcs11RandReader) Read(data []byte) (n int, err error) { 44 var result []byte 45 46 if err = r.context.withSession(func(session *pkcs11Session) error { 47 result, err = r.context.ctx.GenerateRandom(session.handle, len(data)) 48 return err 49 }); err != nil { 50 return 0, err 51 } 52 copy(data, result) 53 return len(result), err 54 } 55