Some fixes/improvements, e.g. an ID now has to be entered in the same way as in pkcs15-init
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1217 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
24b517cda5
commit
4fb623d537
|
@ -111,7 +111,8 @@ static const char * opt_slot_label = NULL;
|
||||||
static CK_MECHANISM_TYPE opt_mechanism = NO_MECHANISM;
|
static CK_MECHANISM_TYPE opt_mechanism = NO_MECHANISM;
|
||||||
static const char * opt_file_to_write = NULL;
|
static const char * opt_file_to_write = NULL;
|
||||||
static const char * opt_object_type = NULL;
|
static const char * opt_object_type = NULL;
|
||||||
static int opt_object_id = -1;
|
static CK_BYTE opt_object_id[100];
|
||||||
|
static int opt_object_id_len = 0;
|
||||||
static char * opt_object_label = NULL;
|
static char * opt_object_label = NULL;
|
||||||
|
|
||||||
static sc_pkcs11_module_t *module = NULL;
|
static sc_pkcs11_module_t *module = NULL;
|
||||||
|
@ -162,6 +163,7 @@ static CK_MECHANISM_TYPE p11_name_to_mechanism(const char *);
|
||||||
static void p11_perror(const char *, CK_RV);
|
static void p11_perror(const char *, CK_RV);
|
||||||
static const char * CKR2Str(CK_ULONG res);
|
static const char * CKR2Str(CK_ULONG res);
|
||||||
static int p11_test(CK_SLOT_ID slot, CK_SESSION_HANDLE session);
|
static int p11_test(CK_SLOT_ID slot, CK_SESSION_HANDLE session);
|
||||||
|
static int hex_to_bin(const char *in, CK_BYTE *out, size_t *outlen);
|
||||||
|
|
||||||
/* win32 needs this in open(2) */
|
/* win32 needs this in open(2) */
|
||||||
#ifndef O_BINARY
|
#ifndef O_BINARY
|
||||||
|
@ -233,9 +235,9 @@ main(int argc, char * const argv[])
|
||||||
opt_object_type = optarg;
|
opt_object_type = optarg;
|
||||||
break;
|
break;
|
||||||
case 'd':
|
case 'd':
|
||||||
opt_object_id = atoi(optarg);
|
opt_object_id_len = sizeof(opt_object_id);
|
||||||
if (opt_object_id == 0 && optarg[0] != '0') {
|
if (!hex_to_bin(optarg, opt_object_id, &opt_object_id_len)) {
|
||||||
printf("id should be an integer, is \"%s\"\n", opt_object_id);
|
printf("Invalid ID \"%s\"\n", optarg);
|
||||||
print_usage_and_die();
|
print_usage_and_die();
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
@ -738,7 +740,7 @@ hash_data(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
|
||||||
close(fd);
|
close(fd);
|
||||||
}
|
}
|
||||||
|
|
||||||
#define FILL_ATTR(attr, typ, val, len) (attr).type=(typ); (attr).pValue=(val); (attr).ulValueLen=len;
|
#define FILL_ATTR(attr, typ, val, len) {(attr).type=(typ); (attr).pValue=(val); (attr).ulValueLen=len;}
|
||||||
|
|
||||||
void
|
void
|
||||||
gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
|
gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
|
||||||
|
@ -748,15 +750,19 @@ gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
|
||||||
CK_ULONG modulusBits = 768;
|
CK_ULONG modulusBits = 768;
|
||||||
CK_BYTE publicExponent[] = { 3 };
|
CK_BYTE publicExponent[] = { 3 };
|
||||||
CK_BBOOL true = TRUE;
|
CK_BBOOL true = TRUE;
|
||||||
|
CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY;
|
||||||
|
CK_OBJECT_CLASS privkey_class = CKO_PRIVATE_KEY;
|
||||||
CK_ATTRIBUTE publicKeyTemplate[20] = {
|
CK_ATTRIBUTE publicKeyTemplate[20] = {
|
||||||
|
{CKA_CLASS, &pubkey_class, sizeof(pubkey_class)},
|
||||||
{CKA_ENCRYPT, &true, sizeof(true)},
|
{CKA_ENCRYPT, &true, sizeof(true)},
|
||||||
{CKA_VERIFY, &true, sizeof(true)},
|
{CKA_VERIFY, &true, sizeof(true)},
|
||||||
{CKA_WRAP, &true, sizeof(true)},
|
{CKA_WRAP, &true, sizeof(true)},
|
||||||
{CKA_MODULUS_BITS, &modulusBits, sizeof(modulusBits)},
|
{CKA_MODULUS_BITS, &modulusBits, sizeof(modulusBits)},
|
||||||
{CKA_PUBLIC_EXPONENT, publicExponent, sizeof(publicExponent)}
|
{CKA_PUBLIC_EXPONENT, publicExponent, sizeof(publicExponent)}
|
||||||
};
|
};
|
||||||
int n_pubkey_attr = 5;
|
int n_pubkey_attr = 6;
|
||||||
CK_ATTRIBUTE privateKeyTemplate[20] = {
|
CK_ATTRIBUTE privateKeyTemplate[20] = {
|
||||||
|
{CKA_CLASS, &privkey_class, sizeof(privkey_class)},
|
||||||
{CKA_TOKEN, &true, sizeof(true)},
|
{CKA_TOKEN, &true, sizeof(true)},
|
||||||
{CKA_PRIVATE, &true, sizeof(true)},
|
{CKA_PRIVATE, &true, sizeof(true)},
|
||||||
{CKA_SENSITIVE, &true, sizeof(true)},
|
{CKA_SENSITIVE, &true, sizeof(true)},
|
||||||
|
@ -764,21 +770,25 @@ gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
|
||||||
{CKA_SIGN, &true, sizeof(true)},
|
{CKA_SIGN, &true, sizeof(true)},
|
||||||
{CKA_UNWRAP, &true, sizeof(true)}
|
{CKA_UNWRAP, &true, sizeof(true)}
|
||||||
};
|
};
|
||||||
int n_privkey_attr = 6;
|
int n_privkey_attr = 7;
|
||||||
CK_RV rv;
|
CK_RV rv;
|
||||||
|
|
||||||
if (opt_object_label != NULL) {
|
if (opt_object_label != NULL) {
|
||||||
FILL_ATTR(publicKeyTemplate[n_pubkey_attr++], CKA_LABEL,
|
FILL_ATTR(publicKeyTemplate[n_pubkey_attr], CKA_LABEL,
|
||||||
opt_object_label, strlen(opt_object_label));
|
opt_object_label, strlen(opt_object_label));
|
||||||
FILL_ATTR(privateKeyTemplate[n_privkey_attr++], CKA_LABEL,
|
FILL_ATTR(privateKeyTemplate[n_privkey_attr], CKA_LABEL,
|
||||||
opt_object_label, strlen(opt_object_label));
|
opt_object_label, strlen(opt_object_label));
|
||||||
|
n_pubkey_attr++;
|
||||||
|
n_privkey_attr++;
|
||||||
|
|
||||||
}
|
}
|
||||||
if (opt_object_id != -1) {
|
if (opt_object_id_len != 0) {
|
||||||
CK_BYTE id = (CK_BYTE) opt_object_id;
|
FILL_ATTR(publicKeyTemplate[n_pubkey_attr], CKA_ID,
|
||||||
FILL_ATTR(publicKeyTemplate[n_pubkey_attr++], CKA_ID,
|
opt_object_id, opt_object_id_len);
|
||||||
&id, sizeof(id));
|
FILL_ATTR(privateKeyTemplate[n_privkey_attr], CKA_ID,
|
||||||
FILL_ATTR(privateKeyTemplate[n_privkey_attr++], CKA_ID,
|
opt_object_id, opt_object_id_len);
|
||||||
&id, sizeof(id));
|
n_pubkey_attr++;
|
||||||
|
n_privkey_attr++;
|
||||||
}
|
}
|
||||||
|
|
||||||
rv = p11->C_GenerateKeyPair(session, &mechanism,
|
rv = p11->C_GenerateKeyPair(session, &mechanism,
|
||||||
|
@ -825,13 +835,14 @@ write_object(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
|
||||||
n_cert_attr = 4;
|
n_cert_attr = 4;
|
||||||
|
|
||||||
if (opt_object_label != NULL) {
|
if (opt_object_label != NULL) {
|
||||||
FILL_ATTR(cert_templ[n_cert_attr++], CKA_LABEL,
|
FILL_ATTR(cert_templ[n_cert_attr], CKA_LABEL,
|
||||||
opt_object_label, strlen(opt_object_label));
|
opt_object_label, strlen(opt_object_label));
|
||||||
|
n_cert_attr++;
|
||||||
}
|
}
|
||||||
if (opt_object_id != -1) {
|
if (opt_object_id_len != 0) {
|
||||||
CK_BYTE id = (CK_BYTE) opt_object_id;
|
FILL_ATTR(cert_templ[n_cert_attr], CKA_ID,
|
||||||
FILL_ATTR(cert_templ[n_cert_attr++], CKA_ID,
|
opt_object_id, opt_object_id_len);
|
||||||
&id, sizeof(id));
|
n_cert_attr++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@ -1072,7 +1083,7 @@ show_key(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj, int pub)
|
||||||
if ((id = getID(sess, obj, &size)) != NULL && size) {
|
if ((id = getID(sess, obj, &size)) != NULL && size) {
|
||||||
unsigned int n;
|
unsigned int n;
|
||||||
|
|
||||||
printf(" ID: 0x");
|
printf(" ID: ");
|
||||||
for (n = 0; n < size; n++)
|
for (n = 0; n < size; n++)
|
||||||
printf("%02x", id[n]);
|
printf("%02x", id[n]);
|
||||||
printf("\n");
|
printf("\n");
|
||||||
|
@ -2041,6 +2052,57 @@ p11_perror(const char *msg, CK_RV rv)
|
||||||
msg, CKR2Str(rv), (unsigned int) rv);
|
msg, CKR2Str(rv), (unsigned int) rv);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int hex_to_bin(const char *in, unsigned char *out, size_t *outlen)
|
||||||
|
{
|
||||||
|
int err = 0;
|
||||||
|
size_t left, count = 0;
|
||||||
|
|
||||||
|
if (in == NULL || *in == '\0') {
|
||||||
|
*outlen = 0;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
left = *outlen;
|
||||||
|
|
||||||
|
while (*in != '\0') {
|
||||||
|
int byte = 0, nybbles = 2;
|
||||||
|
char c;
|
||||||
|
|
||||||
|
while (nybbles-- && *in && *in != ':') {
|
||||||
|
byte <<= 4;
|
||||||
|
c = *in++;
|
||||||
|
if ('0' <= c && c <= '9')
|
||||||
|
c -= '0';
|
||||||
|
else
|
||||||
|
if ('a' <= c && c <= 'f')
|
||||||
|
c = c - 'a' + 10;
|
||||||
|
else
|
||||||
|
if ('A' <= c && c <= 'F')
|
||||||
|
c = c - 'A' + 10;
|
||||||
|
else {
|
||||||
|
printf("hex_to_bin(): invalid char '%c' in hex string\n", c);
|
||||||
|
*outlen = 0;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
byte |= c;
|
||||||
|
}
|
||||||
|
if (*in == ':')
|
||||||
|
in++;
|
||||||
|
if (left <= 0) {
|
||||||
|
printf("hex_to_bin(): hex string too long");
|
||||||
|
*outlen = 0;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
out[count++] = (unsigned char) byte;
|
||||||
|
left--;
|
||||||
|
c++;
|
||||||
|
}
|
||||||
|
|
||||||
|
out:
|
||||||
|
*outlen = count;
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
static struct mech_info p11_mechanisms[] = {
|
static struct mech_info p11_mechanisms[] = {
|
||||||
{ CKM_RSA_PKCS_KEY_PAIR_GEN, "RSA-PKCS-KEY-PAIR-GEN" },
|
{ CKM_RSA_PKCS_KEY_PAIR_GEN, "RSA-PKCS-KEY-PAIR-GEN" },
|
||||||
{ CKM_RSA_PKCS, "RSA-PKCS" },
|
{ CKM_RSA_PKCS, "RSA-PKCS" },
|
||||||
|
|
Loading…
Reference in New Issue