git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@252 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
fabled
parent
6b07ff64f6
commit
51c572ac1d
|
|
@ -41,20 +41,26 @@ extern struct sc_pkcs11_object_ops pkcs15_pubkey_ops;
|
||||||
|
|
||||||
struct pkcs15_cert_object {
|
struct pkcs15_cert_object {
|
||||||
struct sc_pkcs11_object object;
|
struct sc_pkcs11_object object;
|
||||||
struct sc_pkcs15_cert_info *cert_info;
|
|
||||||
struct sc_pkcs15_cert *cert;
|
struct sc_pkcs15_object *certificate_object;
|
||||||
|
struct sc_pkcs15_cert_info *certificate_info;
|
||||||
|
struct sc_pkcs15_cert *certificate;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct pkcs15_prkey_object {
|
struct pkcs15_prkey_object {
|
||||||
struct sc_pkcs11_object object;
|
struct sc_pkcs11_object object;
|
||||||
|
|
||||||
|
struct sc_pkcs15_object *prkey_object;
|
||||||
struct sc_pkcs15_prkey_info *prkey_info;
|
struct sc_pkcs15_prkey_info *prkey_info;
|
||||||
struct pkcs15_cert_object *cert_object;
|
struct pkcs15_cert_object *cert_object;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct pkcs15_pubkey_object {
|
struct pkcs15_pubkey_object {
|
||||||
struct sc_pkcs11_object object;
|
struct sc_pkcs11_object object;
|
||||||
struct sc_pkcs15_rsa_pubkey *rsakey;
|
|
||||||
struct sc_pkcs15_cert_info *cert;
|
struct sc_pkcs15_object *certificate_object;
|
||||||
|
struct sc_pkcs15_cert_info *certificate_info;
|
||||||
|
struct sc_pkcs15_pubkey_rsa *rsakey;
|
||||||
};
|
};
|
||||||
|
|
||||||
/* PKCS#15 Framework */
|
/* PKCS#15 Framework */
|
||||||
|
|
@ -95,7 +101,7 @@ static void pkcs15_init_token_info(struct sc_pkcs15_card *card, CK_TOKEN_INFO_PT
|
||||||
|
|
||||||
static struct pkcs15_cert_object *pkcs15_add_cert_object(struct sc_pkcs11_slot *slot,
|
static struct pkcs15_cert_object *pkcs15_add_cert_object(struct sc_pkcs11_slot *slot,
|
||||||
struct sc_pkcs15_card *card,
|
struct sc_pkcs15_card *card,
|
||||||
struct sc_pkcs15_cert_info *cert)
|
struct sc_pkcs15_object *cert)
|
||||||
{
|
{
|
||||||
struct pkcs15_cert_object *object;
|
struct pkcs15_cert_object *object;
|
||||||
struct pkcs15_pubkey_object *obj2;
|
struct pkcs15_pubkey_object *obj2;
|
||||||
|
|
@ -103,44 +109,50 @@ static struct pkcs15_cert_object *pkcs15_add_cert_object(struct sc_pkcs11_slot *
|
||||||
/* Certificate object */
|
/* Certificate object */
|
||||||
object = (struct pkcs15_cert_object*) malloc(sizeof(struct pkcs15_cert_object));
|
object = (struct pkcs15_cert_object*) malloc(sizeof(struct pkcs15_cert_object));
|
||||||
object->object.ops = &pkcs15_cert_ops;
|
object->object.ops = &pkcs15_cert_ops;
|
||||||
object->cert_info = cert;
|
object->certificate_object = cert;
|
||||||
sc_pkcs15_read_certificate(card, cert, &object->cert);
|
object->certificate_info = (struct sc_pkcs15_cert_info*) cert->data;
|
||||||
|
sc_pkcs15_read_certificate(card, object->certificate_info, &object->certificate);
|
||||||
pool_insert(&slot->object_pool, object, NULL);
|
pool_insert(&slot->object_pool, object, NULL);
|
||||||
|
|
||||||
/* Corresponding public key */
|
/* Corresponding public key */
|
||||||
obj2 = (struct pkcs15_pubkey_object*) malloc(sizeof(struct pkcs15_pubkey_object));
|
obj2 = (struct pkcs15_pubkey_object*) malloc(sizeof(struct pkcs15_pubkey_object));
|
||||||
obj2->object.ops = &pkcs15_pubkey_ops;
|
obj2->object.ops = &pkcs15_pubkey_ops;
|
||||||
obj2->rsakey = &object->cert->key;
|
obj2->rsakey = &object->certificate->key;
|
||||||
obj2->cert = cert;
|
obj2->certificate_object = cert;
|
||||||
|
obj2->certificate_info = (struct sc_pkcs15_cert_info*) cert->data;
|
||||||
pool_insert(&slot->object_pool, obj2, NULL);
|
pool_insert(&slot->object_pool, obj2, NULL);
|
||||||
|
|
||||||
/* Mark as seen */
|
/* Mark as seen */
|
||||||
cert->com_attr.flags |= SC_PKCS15_CO_FLAG_OBJECT_SEEN;
|
cert->flags |= SC_PKCS15_CO_FLAG_OBJECT_SEEN;
|
||||||
|
|
||||||
return object;
|
return object;
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct pkcs15_prkey_object *pkcs15_add_prkey_object(struct sc_pkcs11_slot *slot,
|
static struct pkcs15_prkey_object *pkcs15_add_prkey_object(struct sc_pkcs11_slot *slot,
|
||||||
struct sc_pkcs15_card *card,
|
struct sc_pkcs15_card *card,
|
||||||
struct sc_pkcs15_prkey_info *prkey)
|
struct sc_pkcs15_object *prkey,
|
||||||
|
struct sc_pkcs15_object **certs,
|
||||||
|
int cert_count
|
||||||
|
)
|
||||||
{
|
{
|
||||||
struct pkcs15_prkey_object *object;
|
struct pkcs15_prkey_object *object;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
object = (struct pkcs15_prkey_object*) malloc(sizeof(struct pkcs15_prkey_object));
|
object = (struct pkcs15_prkey_object*) malloc(sizeof(struct pkcs15_prkey_object));
|
||||||
object->object.ops = &pkcs15_prkey_ops;
|
object->object.ops = &pkcs15_prkey_ops;
|
||||||
object->prkey_info = prkey;
|
object->prkey_object = prkey;
|
||||||
|
object->prkey_info = (struct sc_pkcs15_prkey_info*) prkey->data;
|
||||||
pool_insert(&slot->object_pool, object, NULL);
|
pool_insert(&slot->object_pool, object, NULL);
|
||||||
|
|
||||||
/* Mark as seen */
|
/* Mark as seen */
|
||||||
prkey->com_attr.flags |= SC_PKCS15_CO_FLAG_OBJECT_SEEN;
|
prkey->flags |= SC_PKCS15_CO_FLAG_OBJECT_SEEN;
|
||||||
|
|
||||||
/* Also add the related certificate if found */
|
/* Also add the related certificate if found */
|
||||||
for (i=0; i<card->cert_count; i++) {
|
for (i=0; i < cert_count; i++) {
|
||||||
if (sc_pkcs15_compare_id(&prkey->id,
|
if (sc_pkcs15_compare_id(&object->prkey_info->id,
|
||||||
&card->cert_info[i].id)) {
|
&((struct sc_pkcs15_cert_info*)certs[i]->data)->id)) {
|
||||||
debug(context, "Adding certificate %d relating to private key\n", i);
|
debug(context, "Adding certificate %d relating to private key\n", i);
|
||||||
object->cert_object = pkcs15_add_cert_object(slot, card, &card->cert_info[i]);
|
object->cert_object = pkcs15_add_cert_object(slot, card, certs[i]);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -152,39 +164,49 @@ static CK_RV pkcs15_create_tokens(struct sc_pkcs11_card *p11card)
|
||||||
{
|
{
|
||||||
struct sc_pkcs15_card *card = (struct sc_pkcs15_card*) p11card->fw_data;
|
struct sc_pkcs15_card *card = (struct sc_pkcs15_card*) p11card->fw_data;
|
||||||
struct sc_pkcs11_slot *slot;
|
struct sc_pkcs11_slot *slot;
|
||||||
|
|
||||||
|
struct sc_pkcs15_object
|
||||||
|
*auths[SC_PKCS15_MAX_PINS],
|
||||||
|
*certs[SC_PKCS15_MAX_CERTS],
|
||||||
|
*prkeys[SC_PKCS15_MAX_PRKEYS];
|
||||||
|
|
||||||
int i, j, rv, reader = p11card->reader;
|
int i, j, rv, reader = p11card->reader;
|
||||||
|
int auth_count, cert_count, prkey_count;
|
||||||
|
|
||||||
debug(context, "Enumerating PINS\n");
|
rv = auth_count = sc_pkcs15_get_objects(card, SC_PKCS15_TYPE_AUTH_PIN, auths, SC_PKCS15_MAX_PINS);
|
||||||
rv = sc_pkcs15_enum_pins(card);
|
|
||||||
if (rv < 0)
|
if (rv < 0)
|
||||||
return sc_to_cryptoki_error(rv, reader);
|
return sc_to_cryptoki_error(rv, reader);
|
||||||
|
debug(context, "Found %d authentication objects\n", auth_count);
|
||||||
|
|
||||||
debug(context, "Enumerating certs\n");
|
rv = cert_count = sc_pkcs15_get_objects(card, SC_PKCS15_TYPE_CERT_X509, certs, SC_PKCS15_MAX_CERTS);
|
||||||
rv = sc_pkcs15_enum_certificates(card);
|
|
||||||
if (rv < 0)
|
if (rv < 0)
|
||||||
return sc_to_cryptoki_error(rv, reader);
|
return sc_to_cryptoki_error(rv, reader);
|
||||||
|
debug(context, "Found %d certificates\n", cert_count);
|
||||||
|
|
||||||
debug(context, "Enumerating private keys\n");
|
rv = prkey_count = sc_pkcs15_get_objects(card, SC_PKCS15_TYPE_PRKEY_RSA, prkeys, SC_PKCS15_MAX_PRKEYS);
|
||||||
rv = sc_pkcs15_enum_private_keys(card);
|
|
||||||
if (rv < 0)
|
if (rv < 0)
|
||||||
return sc_to_cryptoki_error(rv, reader);
|
return sc_to_cryptoki_error(rv, reader);
|
||||||
|
debug(context, "Found %d private keys\n", prkey_count);
|
||||||
|
|
||||||
for (i = 0; i < card->pin_count; i++) {
|
for (i = 0; i < auth_count; i++) {
|
||||||
char tmp[33];
|
char tmp[33];
|
||||||
|
struct sc_pkcs15_pin_info *pin_info;
|
||||||
|
|
||||||
rv = slot_allocate(&slot, p11card);
|
rv = slot_allocate(&slot, p11card);
|
||||||
if (rv != CKR_OK)
|
if (rv != CKR_OK)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
pkcs15_init_token_info(card, &slot->token_info);
|
pkcs15_init_token_info(card, &slot->token_info);
|
||||||
slot->fw_data = &card->pin_info[i];
|
slot->fw_data = auths[i];
|
||||||
|
|
||||||
snprintf(tmp, sizeof(tmp), "%s (%s)", card->label, card->pin_info[i].com_attr.label);
|
pin_info = (struct sc_pkcs15_pin_info*) auths[i]->data;
|
||||||
|
|
||||||
|
snprintf(tmp, sizeof(tmp), "%s (%s)", card->label, auths[i]->label);
|
||||||
strcpy_bp(slot->token_info.label, tmp, 32);
|
strcpy_bp(slot->token_info.label, tmp, 32);
|
||||||
|
|
||||||
if (card->pin_info[i].magic == SC_PKCS15_PIN_MAGIC) {
|
if (pin_info->magic == SC_PKCS15_PIN_MAGIC) {
|
||||||
slot->token_info.ulMaxPinLen = card->pin_info[i].stored_length;
|
slot->token_info.ulMaxPinLen = pin_info->stored_length;
|
||||||
slot->token_info.ulMinPinLen = card->pin_info[i].min_length;
|
slot->token_info.ulMinPinLen = pin_info->min_length;
|
||||||
} else {
|
} else {
|
||||||
/* choose reasonable defaults */
|
/* choose reasonable defaults */
|
||||||
slot->token_info.ulMaxPinLen = 8;
|
slot->token_info.ulMaxPinLen = 8;
|
||||||
|
|
@ -195,11 +217,11 @@ static CK_RV pkcs15_create_tokens(struct sc_pkcs11_card *p11card)
|
||||||
debug(context, "Initialized token '%s'\n", tmp);
|
debug(context, "Initialized token '%s'\n", tmp);
|
||||||
|
|
||||||
/* Add all the private keys related to this pin */
|
/* Add all the private keys related to this pin */
|
||||||
for (j=0; j<card->prkey_count; j++) {
|
for (j=0; j < prkey_count; j++) {
|
||||||
if (sc_pkcs15_compare_id(&card->pin_info[i].auth_id,
|
if (sc_pkcs15_compare_id(&pin_info->auth_id,
|
||||||
&card->prkey_info[j].com_attr.auth_id)) {
|
&prkeys[j]->auth_id)) {
|
||||||
debug(context, "Adding private key %d to PIN %d\n", j, i);
|
debug(context, "Adding private key %d to PIN %d\n", j, i);
|
||||||
pkcs15_add_prkey_object(slot, card, &card->prkey_info[j]);
|
pkcs15_add_prkey_object(slot, card, prkeys[j], certs, cert_count);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -217,49 +239,21 @@ static CK_RV pkcs15_create_tokens(struct sc_pkcs11_card *p11card)
|
||||||
slot->token_info.flags = 0;
|
slot->token_info.flags = 0;
|
||||||
|
|
||||||
/* Add all the remaining private keys */
|
/* Add all the remaining private keys */
|
||||||
for (j=0; j<card->prkey_count; j++) {
|
for (j=0; j < prkey_count; j++) {
|
||||||
if (!(card->prkey_info[j].com_attr.flags & SC_PKCS15_CO_FLAG_OBJECT_SEEN)) {
|
if (!(prkeys[j]->flags & SC_PKCS15_CO_FLAG_OBJECT_SEEN)) {
|
||||||
debug(context, "Private key %d was not seen previously\n", j);
|
debug(context, "Private key %d was not seen previously\n", j);
|
||||||
pkcs15_add_prkey_object(slot, card, &card->prkey_info[j]);
|
pkcs15_add_prkey_object(slot, card, prkeys[j], certs, cert_count);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Add all the remaining certificates */
|
/* Add all the remaining certificates */
|
||||||
for (j=0; j<card->cert_count; j++) {
|
for (j=0; j < cert_count; j++) {
|
||||||
if (!(card->cert_info[j].com_attr.flags & SC_PKCS15_CO_FLAG_OBJECT_SEEN)) {
|
if (!(certs[j]->flags & SC_PKCS15_CO_FLAG_OBJECT_SEEN)) {
|
||||||
debug(context, "Certificate %d was not seen previously\n", j);
|
debug(context, "Certificate %d was not seen previously\n", j);
|
||||||
pkcs15_add_cert_object(slot, card, &card->cert_info[j]);
|
pkcs15_add_cert_object(slot, card, certs[j]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
for (i = 0; c < card->cert_count; c++) {
|
|
||||||
struct sc_pkcs15_cert *cert;
|
|
||||||
struct sc_pkcs15_cert_info *cinfo = &p15card->cert_info[c];
|
|
||||||
|
|
||||||
LOG("Reading '%s' certificate.\n", cinfo->com_attr.label);
|
|
||||||
r = sc_pkcs15_read_certificate(p15card, cinfo, &cert);
|
|
||||||
if (r)
|
|
||||||
return r;
|
|
||||||
LOG("Adding '%s' certificate object (id %X).\n",
|
|
||||||
cinfo->com_attr.label, cinfo->id);
|
|
||||||
slot_add_certificate_object(id, c, cinfo, cert);
|
|
||||||
|
|
||||||
for (i = 0; i < p15card->prkey_count; i++) {
|
|
||||||
struct sc_pkcs15_prkey_info *pinfo = &p15card->prkey_info[i];
|
|
||||||
if (sc_pkcs15_compare_id(&cinfo->id, &pinfo->id)) {
|
|
||||||
LOG("Adding '%s' private key object (id %X).\n",
|
|
||||||
pinfo->com_attr.label, pinfo->id.value[0]);
|
|
||||||
if (slot_add_private_key_object(id, i, pinfo, cert))
|
|
||||||
LOG("Private key addition failed.\n");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
sc_pkcs15_free_certificate(cert);
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
|
|
||||||
debug(context, "All tokens created\n");
|
debug(context, "All tokens created\n");
|
||||||
return CKR_OK;
|
return CKR_OK;
|
||||||
}
|
}
|
||||||
|
|
@ -320,9 +314,11 @@ static CK_RV pkcs15_login(struct sc_pkcs11_card *p11card,
|
||||||
{
|
{
|
||||||
int rc;
|
int rc;
|
||||||
struct sc_pkcs15_card *card = (struct sc_pkcs15_card*) p11card->fw_data;
|
struct sc_pkcs15_card *card = (struct sc_pkcs15_card*) p11card->fw_data;
|
||||||
struct sc_pkcs15_pin_info *pin = (struct sc_pkcs15_pin_info*) fw_token;
|
struct sc_pkcs15_object *auth_object = (struct sc_pkcs15_object*) fw_token;
|
||||||
|
struct sc_pkcs15_pin_info *pin = (struct sc_pkcs15_pin_info*) auth_object->data;
|
||||||
|
|
||||||
rc = sc_pkcs15_verify_pin(card, pin, pPin, ulPinLen);
|
rc = sc_pkcs15_verify_pin(card, pin, pPin, ulPinLen);
|
||||||
|
debug(context, "PIN verification returned %d\n", rc);
|
||||||
return sc_to_cryptoki_error(rc, p11card->reader);
|
return sc_to_cryptoki_error(rc, p11card->reader);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -350,7 +346,7 @@ struct sc_pkcs11_framework_ops framework_pkcs15 = {
|
||||||
void pkcs15_cert_release(void *obj)
|
void pkcs15_cert_release(void *obj)
|
||||||
{
|
{
|
||||||
struct pkcs15_cert_object *cert = (struct pkcs15_cert_object *) obj;
|
struct pkcs15_cert_object *cert = (struct pkcs15_cert_object *) obj;
|
||||||
sc_pkcs15_free_certificate(cert->cert);
|
sc_pkcs15_free_certificate(cert->certificate);
|
||||||
}
|
}
|
||||||
|
|
||||||
CK_RV pkcs15_cert_get_attribute(struct sc_pkcs11_session *session,
|
CK_RV pkcs15_cert_get_attribute(struct sc_pkcs11_session *session,
|
||||||
|
|
@ -374,29 +370,29 @@ CK_RV pkcs15_cert_get_attribute(struct sc_pkcs11_session *session,
|
||||||
*(CK_BBOOL*)attr->pValue = FALSE;
|
*(CK_BBOOL*)attr->pValue = FALSE;
|
||||||
break;
|
break;
|
||||||
case CKA_LABEL:
|
case CKA_LABEL:
|
||||||
check_attribute_buffer(attr, strlen(cert->cert_info->com_attr.label));
|
check_attribute_buffer(attr, strlen(cert->certificate_object->label));
|
||||||
memcpy(attr->pValue, cert->cert_info->com_attr.label, strlen(cert->cert_info->com_attr.label));
|
memcpy(attr->pValue, cert->certificate_object->label, strlen(cert->certificate_object->label));
|
||||||
break;
|
break;
|
||||||
case CKA_CERTIFICATE_TYPE:
|
case CKA_CERTIFICATE_TYPE:
|
||||||
check_attribute_buffer(attr, sizeof(CK_CERTIFICATE_TYPE));
|
check_attribute_buffer(attr, sizeof(CK_CERTIFICATE_TYPE));
|
||||||
*(CK_CERTIFICATE_TYPE*)attr->pValue = CKC_X_509;
|
*(CK_CERTIFICATE_TYPE*)attr->pValue = CKC_X_509;
|
||||||
break;
|
break;
|
||||||
case CKA_ID:
|
case CKA_ID:
|
||||||
if (cert->cert_info->authority) {
|
if (cert->certificate_info->authority) {
|
||||||
check_attribute_buffer(attr, 1);
|
check_attribute_buffer(attr, 1);
|
||||||
*(unsigned char*)attr->pValue = 0;
|
*(unsigned char*)attr->pValue = 0;
|
||||||
} else {
|
} else {
|
||||||
check_attribute_buffer(attr, cert->cert_info->id.len);
|
check_attribute_buffer(attr, cert->certificate_info->id.len);
|
||||||
memcpy(attr->pValue, cert->cert_info->id.value, cert->cert_info->id.len);
|
memcpy(attr->pValue, cert->certificate_info->id.value, cert->certificate_info->id.len);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case CKA_TRUSTED:
|
case CKA_TRUSTED:
|
||||||
check_attribute_buffer(attr, sizeof(CK_BBOOL));
|
check_attribute_buffer(attr, sizeof(CK_BBOOL));
|
||||||
*(CK_BBOOL*)attr->pValue = cert->cert_info->authority?TRUE:FALSE;
|
*(CK_BBOOL*)attr->pValue = cert->certificate_info->authority?TRUE:FALSE;
|
||||||
break;
|
break;
|
||||||
case CKA_VALUE:
|
case CKA_VALUE:
|
||||||
check_attribute_buffer(attr, cert->cert->data_len);
|
check_attribute_buffer(attr, cert->certificate->data_len);
|
||||||
memcpy(attr->pValue, cert->cert->data, cert->cert->data_len);
|
memcpy(attr->pValue, cert->certificate->data, cert->certificate->data_len);
|
||||||
break;
|
break;
|
||||||
/*
|
/*
|
||||||
case CKA_SUBJECT:
|
case CKA_SUBJECT:
|
||||||
|
|
@ -456,8 +452,8 @@ CK_RV pkcs15_prkey_get_attribute(struct sc_pkcs11_session *session,
|
||||||
*(CK_BBOOL*)attr->pValue = FALSE;
|
*(CK_BBOOL*)attr->pValue = FALSE;
|
||||||
break;
|
break;
|
||||||
case CKA_LABEL:
|
case CKA_LABEL:
|
||||||
check_attribute_buffer(attr, strlen(prkey->prkey_info->com_attr.label));
|
check_attribute_buffer(attr, strlen(prkey->prkey_object->label));
|
||||||
memcpy(attr->pValue, prkey->prkey_info->com_attr.label, strlen(prkey->prkey_info->com_attr.label));
|
memcpy(attr->pValue, prkey->prkey_object->label, strlen(prkey->prkey_object->label));
|
||||||
break;
|
break;
|
||||||
case CKA_KEY_TYPE:
|
case CKA_KEY_TYPE:
|
||||||
check_attribute_buffer(attr, sizeof(CK_KEY_TYPE));
|
check_attribute_buffer(attr, sizeof(CK_KEY_TYPE));
|
||||||
|
|
@ -472,10 +468,10 @@ CK_RV pkcs15_prkey_get_attribute(struct sc_pkcs11_session *session,
|
||||||
*(CK_MECHANISM_TYPE*)attr->pValue = CK_UNAVAILABLE_INFORMATION;
|
*(CK_MECHANISM_TYPE*)attr->pValue = CK_UNAVAILABLE_INFORMATION;
|
||||||
break;
|
break;
|
||||||
case CKA_MODULUS:
|
case CKA_MODULUS:
|
||||||
check_attribute_buffer(attr, prkey->cert_object->cert->key.modulus_len);
|
check_attribute_buffer(attr, prkey->cert_object->certificate->key.modulus_len);
|
||||||
memcpy(attr->pValue,
|
memcpy(attr->pValue,
|
||||||
prkey->cert_object->cert->key.modulus,
|
prkey->cert_object->certificate->key.modulus,
|
||||||
prkey->cert_object->cert->key.modulus_len);
|
prkey->cert_object->certificate->key.modulus_len);
|
||||||
break;
|
break;
|
||||||
case CKA_PUBLIC_EXPONENT:
|
case CKA_PUBLIC_EXPONENT:
|
||||||
case CKA_PRIVATE_EXPONENT:
|
case CKA_PRIVATE_EXPONENT:
|
||||||
|
|
@ -579,16 +575,16 @@ CK_RV pkcs15_pubkey_get_attribute(struct sc_pkcs11_session *session,
|
||||||
*(CK_BBOOL*)attr->pValue = FALSE;
|
*(CK_BBOOL*)attr->pValue = FALSE;
|
||||||
break;
|
break;
|
||||||
case CKA_LABEL:
|
case CKA_LABEL:
|
||||||
check_attribute_buffer(attr, strlen(pubkey->cert->com_attr.label));
|
check_attribute_buffer(attr, strlen(pubkey->certificate_object->label));
|
||||||
memcpy(attr->pValue, pubkey->cert->com_attr.label, strlen(pubkey->cert->com_attr.label));
|
memcpy(attr->pValue, pubkey->certificate_object->label, strlen(pubkey->certificate_object->label));
|
||||||
break;
|
break;
|
||||||
case CKA_KEY_TYPE:
|
case CKA_KEY_TYPE:
|
||||||
check_attribute_buffer(attr, sizeof(CK_KEY_TYPE));
|
check_attribute_buffer(attr, sizeof(CK_KEY_TYPE));
|
||||||
*(CK_KEY_TYPE*)attr->pValue = CKK_RSA;
|
*(CK_KEY_TYPE*)attr->pValue = CKK_RSA;
|
||||||
break;
|
break;
|
||||||
case CKA_ID:
|
case CKA_ID:
|
||||||
check_attribute_buffer(attr, pubkey->cert->id.len);
|
check_attribute_buffer(attr, pubkey->certificate_info->id.len);
|
||||||
memcpy(attr->pValue, pubkey->cert->id.value, pubkey->cert->id.len);
|
memcpy(attr->pValue, pubkey->certificate_info->id.value, pubkey->certificate_info->id.len);
|
||||||
break;
|
break;
|
||||||
case CKA_KEY_GEN_MECHANISM:
|
case CKA_KEY_GEN_MECHANISM:
|
||||||
check_attribute_buffer(attr, sizeof(CK_MECHANISM_TYPE));
|
check_attribute_buffer(attr, sizeof(CK_MECHANISM_TYPE));
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue