- Remove sslengines/libpkcs11.h, it's almost identical
to libpkcs11's pkcs11.h. - Move default PKCS#11 library defines to pkcs11.h, so they can be used by 3rdparty applications as well. - Minor cleanups git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1407 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
5616dba08e
commit
86475ea7c0
|
@ -16,16 +16,6 @@
|
|||
|
||||
#define MAGIC 0xd00bed00
|
||||
|
||||
#if defined(_WIN32)
|
||||
#define DEFAULT_MODULE_NAME "opensc-pkcs11";
|
||||
#elif defined(HAVE_DLFCN_H) && defined(__APPLE__)
|
||||
#define DEFAULT_MODULE_NAME "opensc-pkcs11.so";
|
||||
#elif defined(__APPLE__)
|
||||
#define DEFAULT_MODULE_NAME "opensc-pkcs11.bundle";
|
||||
#else
|
||||
#define DEFAULT_MODULE_NAME "opensc-pkcs11.so";
|
||||
#endif
|
||||
|
||||
struct sc_pkcs11_module {
|
||||
unsigned int _magic;
|
||||
scdl_context_t *handle;
|
||||
|
@ -46,7 +36,7 @@ C_LoadModule(const char *mspec, CK_FUNCTION_LIST_PTR_PTR funcs)
|
|||
mod->_magic = MAGIC;
|
||||
|
||||
if (mspec == NULL)
|
||||
mspec = DEFAULT_MODULE_NAME;
|
||||
mspec = PKCS11_DEFAULT_MODULE_NAME;
|
||||
mod->handle = scdl_open(mspec);
|
||||
if (mod->handle == NULL)
|
||||
goto failed;
|
||||
|
|
|
@ -21,6 +21,10 @@
|
|||
#ifndef OPENSC_PKCS11_H
|
||||
#define OPENSC_PKCS11_H
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifndef _WIN32
|
||||
#include <opensc/rsaref/unix.h>
|
||||
#include <opensc/rsaref/pkcs11.h>
|
||||
|
@ -35,6 +39,16 @@
|
|||
extern "C" {
|
||||
#endif
|
||||
|
||||
#if defined(_WIN32)
|
||||
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11";
|
||||
#elif defined(HAVE_DLFCN_H) && defined(__APPLE__)
|
||||
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.so";
|
||||
#elif defined(__APPLE__)
|
||||
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.bundle";
|
||||
#else
|
||||
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.so";
|
||||
#endif
|
||||
|
||||
typedef struct sc_pkcs11_module sc_pkcs11_module_t;
|
||||
|
||||
extern sc_pkcs11_module_t *C_LoadModule(const char *name,
|
||||
|
|
|
@ -27,7 +27,7 @@ engine_pkcs11_la_SOURCES = \
|
|||
hw_pkcs11.c engine_pkcs11.c engine_pkcs11.h \
|
||||
p11_attr.c p11_cert.c p11_err.c p11_key.c \
|
||||
p11_load.c p11_misc.c p11_rsa.c p11_slot.c \
|
||||
pkcs11-internal.h libpkcs11.h
|
||||
pkcs11-internal.h
|
||||
engine_pkcs11_la_CFLAGS = $(OPENSSL_CFLAGS)
|
||||
engine_pkcs11_la_LIBADD = @LIBCRYPTOA@ ../pkcs11/libpkcs11.la
|
||||
engine_pkcs11_la_LDFLAGS = $(OPENSSL_LDFLAGS) -module -avoid-version
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
* Copyright (c) 2002 Juha Yrjölä. All rights reserved.
|
||||
* Copyright (c) 2001 Markus Friedl.
|
||||
* Copyright (c) 2003 Kevin Stefanik
|
||||
*
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
|
@ -24,17 +24,17 @@
|
|||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/objects.h>
|
||||
#include "opensc/opensc.h"
|
||||
#include "opensc/pkcs15.h"
|
||||
#include <opensc/opensc.h>
|
||||
#include <opensc/pkcs15.h>
|
||||
#include "engine_opensc.h"
|
||||
|
||||
|
||||
/* static state info one card/reader at a time */
|
||||
static int quiet=1;
|
||||
static int sc_reader_id= 0;
|
||||
|
@ -61,15 +61,14 @@ int opensc_finish(void) {
|
|||
|
||||
int opensc_init(void) {
|
||||
int r=0;
|
||||
|
||||
|
||||
if(!quiet)
|
||||
fprintf(stderr,"initializing engine");
|
||||
|
||||
r = sc_establish_context(&ctx, "openssl");
|
||||
if (r)
|
||||
goto err;
|
||||
|
||||
|
||||
|
||||
r = sc_connect_card(ctx->reader[sc_reader_id], 0, &card);
|
||||
if (r)
|
||||
goto err;
|
||||
|
@ -185,7 +184,6 @@ EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
|
|||
id->len = SC_PKCS15_MAX_ID_SIZE;
|
||||
sc_pkcs15_hex_string_to_id(s_key_id, id);
|
||||
|
||||
|
||||
r = sc_pkcs15_find_pubkey_by_id(p15card, id, &obj);
|
||||
if (r >= 0) {
|
||||
if (!quiet)
|
||||
|
@ -216,7 +214,7 @@ EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
|
|||
|
||||
/* now, set EVP_PKEY data from pubkey object */
|
||||
key_out=EVP_PKEY_new();
|
||||
if(!key_out)
|
||||
if(!key_out)
|
||||
{fprintf(stderr, "failed to create new EVP_PKEY\n"); return NULL;};
|
||||
EVP_PKEY_assign_RSA(key_out,RSA_new_method(e));
|
||||
#if 0
|
||||
|
@ -238,7 +236,7 @@ char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
|
|||
ui=UI_new();
|
||||
UI_set_method(ui,ui_method);
|
||||
if(!UI_add_input_string(ui, "SmartCard Password: ", 0, sc_pin, 1, maxlen)) {
|
||||
fprintf(stderr, "UI_add_input_string failed");
|
||||
fprintf(stderr, "UI_add_input_string failed");
|
||||
UI_free(ui); return NULL; }
|
||||
if(!UI_process(ui)) {
|
||||
fprintf(stderr, "UI_process failed"); return NULL;}
|
||||
|
@ -251,10 +249,10 @@ EVP_PKEY *opensc_load_private_key(ENGINE *e, const char *s_key_id,
|
|||
UI_METHOD *ui_method, void *callback_data) {
|
||||
EVP_PKEY* key_out;
|
||||
if(!quiet)
|
||||
fprintf(stderr,"Loading private key!");
|
||||
|
||||
fprintf(stderr,"Loading private key!");
|
||||
|
||||
if(sc_pin) {free(sc_pin); sc_pin=NULL;}
|
||||
key_out=opensc_load_public_key(e, s_key_id, ui_method, callback_data);
|
||||
key_out=opensc_load_public_key(e, s_key_id, ui_method, callback_data);
|
||||
sc_pin=malloc(12);
|
||||
get_pin(ui_method,sc_pin,12); /* do this here, when storing sc_pin in RSA */
|
||||
#if 0
|
||||
|
@ -276,14 +274,14 @@ sc_private_decrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
|
|||
int r;
|
||||
|
||||
if (padding != RSA_PKCS1_PADDING)
|
||||
return -1;
|
||||
return -1;
|
||||
r = sc_prkey_op_init(rsa, &key_obj);
|
||||
if (r)
|
||||
return -1;
|
||||
r = sc_pkcs15_decipher(p15card, key_obj, 0, from, flen, to, flen);
|
||||
sc_unlock(card);
|
||||
if (r < 0) {
|
||||
fprintf(stderr,"sc_pkcs15_decipher() failed: %s", sc_strerror(r));
|
||||
fprintf(stderr,"sc_pkcs15_decipher() failed: %s", sc_strerror(r));
|
||||
goto err;
|
||||
}
|
||||
return r;
|
||||
|
@ -298,7 +296,6 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
|
|||
struct sc_pkcs15_object *key_obj;
|
||||
int r;
|
||||
unsigned long flags = 0;
|
||||
|
||||
|
||||
if(!quiet)
|
||||
fprintf(stderr,"signing with type %d\n", type);
|
||||
|
@ -307,7 +304,7 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
|
|||
return -1;
|
||||
/* FIXME: length of sigret correct? */
|
||||
/* FIXME: check 'type' and modify flags accordingly */
|
||||
flags |= SC_ALGORITHM_RSA_PAD_PKCS1 ;
|
||||
flags |= SC_ALGORITHM_RSA_PAD_PKCS1;
|
||||
if(type==NID_sha1) flags|=SC_ALGORITHM_RSA_HASH_SHA1;
|
||||
if(type==NID_md5) flags|=SC_ALGORITHM_RSA_HASH_MD5; /* SC_ALGORITHM_RSA_HASH_SHA1 */
|
||||
r = sc_pkcs15_compute_signature(p15card, key_obj, flags,
|
||||
|
@ -315,7 +312,7 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
|
|||
sc_unlock(card);
|
||||
if (r < 0) {
|
||||
fprintf(stderr,"sc_pkcs15_compute_signature() failed: %s",
|
||||
sc_strerror(r));
|
||||
sc_strerror(r));
|
||||
goto err;
|
||||
}
|
||||
*siglen = r;
|
||||
|
@ -331,7 +328,3 @@ sc_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
|
|||
fprintf(stderr,"Private key encryption not supported");
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -5,14 +5,13 @@
|
|||
int opensc_finish(void);
|
||||
int opensc_init(void);
|
||||
EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
|
||||
UI_METHOD *ui_method, void *callback_data) ;
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
EVP_PKEY *opensc_load_private_key(ENGINE *e, const char *s_key_id,
|
||||
UI_METHOD *ui_method, void *callback_data) ;
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
int sc_private_decrypt(int flen, const u_char *from, u_char *to,
|
||||
RSA *rsa, int padding);
|
||||
int sc_sign(int type, const u_char *m, unsigned int m_len,
|
||||
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
|
||||
int sc_private_encrypt(int flen, const u_char *from, u_char *to,
|
||||
int sc_private_encrypt(int flen, const u_char *from, u_char *to,
|
||||
RSA *rsa, int padding);
|
||||
int opensc_rsa_finish(RSA* rsa) ;
|
||||
|
||||
int opensc_rsa_finish(RSA* rsa);
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
* Copyright (c) 2001 Markus Friedl.
|
||||
* Copyright (c) 2002 Olaf Kirch
|
||||
* Copyright (c) 2003 Kevin Stefanik
|
||||
*
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
|
@ -25,14 +25,11 @@
|
|||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
|
||||
|
||||
#include "pkcs11-internal.h"
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <config.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/objects.h>
|
||||
#include "pkcs11-internal.h"
|
||||
#include "engine_pkcs11.h"
|
||||
|
||||
#define fail(msg) { fprintf(stderr,msg); return NULL;}
|
||||
|
@ -41,11 +38,7 @@ PKCS11_CTX *ctx;
|
|||
char* pin;
|
||||
int quiet=1;
|
||||
|
||||
#ifndef _WIN32
|
||||
const char *module = "opensc-pkcs11.so";
|
||||
#else
|
||||
const char *module = "opensc-pkcs11"; /* no need to add .dll */
|
||||
#endif
|
||||
const char *module = PKCS11_DEFAULT_MODULE_NAME;
|
||||
|
||||
int set_module(const char *modulename) {
|
||||
module=modulename;
|
||||
|
@ -57,7 +50,7 @@ char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
|
|||
ui=UI_new();
|
||||
UI_set_method(ui,ui_method);
|
||||
if(!UI_add_input_string(ui, "SmartCard PIN: ", 0, sc_pin, 1, maxlen)) {
|
||||
fprintf(stderr, "UI_add_input_string failed\n");
|
||||
fprintf(stderr, "UI_add_input_string failed\n");
|
||||
UI_free(ui); return NULL; }
|
||||
if(!UI_process(ui)) {
|
||||
fprintf(stderr, "UI_process failed\n"); return NULL;}
|
||||
|
@ -67,7 +60,7 @@ char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
|
|||
}
|
||||
|
||||
int pkcs11_finish(ENGINE *engine) {
|
||||
|
||||
|
||||
if (ctx) {
|
||||
PKCS11_CTX_free(ctx);
|
||||
}
|
||||
|
@ -90,34 +83,13 @@ int pkcs11_init(ENGINE *engine) {
|
|||
|
||||
int
|
||||
pkcs11_rsa_finish(RSA* rsa) {
|
||||
|
||||
|
||||
if(pin) {free(pin);}
|
||||
/* need to free RSA_ex_data? */
|
||||
return 1;
|
||||
|
||||
}
|
||||
|
||||
static int hex2byte(const char *hex)
|
||||
{
|
||||
int b = 0;
|
||||
if (hex[0]>='0' && hex[0]<='9')
|
||||
b = hex[0] - '0';
|
||||
else if (hex[0]>='a'&&hex[0]<='f')
|
||||
b = hex[0] - 'a' + 10;
|
||||
else if (hex[0]>='A'&&hex[0]<='F')
|
||||
b = hex[0] - 'A' + 10;
|
||||
else
|
||||
return -1;
|
||||
b *= 16;
|
||||
if (hex[1]>='0' && hex[1]<='9')
|
||||
return b + hex[1] - '0';
|
||||
else if (hex[1]>='a'&&hex[1]<='f')
|
||||
return b + hex[1] - 'a' + 10;
|
||||
else if (hex[1]>='A'&&hex[1]<='F')
|
||||
return b + hex[1] - 'A' + 10;
|
||||
return -1;
|
||||
}
|
||||
|
||||
static int hex_to_bin(const char *in, unsigned char *out, size_t *outlen)
|
||||
{
|
||||
size_t left, count = 0;
|
||||
|
@ -184,7 +156,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
|||
int slot_nr = -1;
|
||||
char flags[64];
|
||||
int logged_in = 0;
|
||||
|
||||
|
||||
/* if(pin) {free(pin); pin=NULL;} // keep cached key? */
|
||||
|
||||
/* Parse s_slot_key_id: [slot:<slotNr>][;][id:<keyID>] or NULL,
|
||||
|
@ -287,7 +259,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
|||
tok = slot->token;
|
||||
|
||||
if (!tok->initialized) {
|
||||
printf("Found uninitialized token; \n");
|
||||
printf("Found uninitialized token; \n");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
@ -327,7 +299,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
|||
break;
|
||||
if (pin == NULL) {
|
||||
pin=malloc(12);
|
||||
get_pin(ui_method,pin,12);
|
||||
get_pin(ui_method,pin,12);
|
||||
}
|
||||
if (PKCS11_login(slot, 0, pin))
|
||||
fail("Card login failed\n");
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
* Copyright (c) 2002 Juha Yrjölä. All rights reserved.
|
||||
* Copyright (c) 2001 Markus Friedl.
|
||||
* Copyright (c) 2003 Kevin Stefanik
|
||||
*
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
|
@ -24,15 +24,13 @@
|
|||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
int set_module(const char *modulename) ;
|
||||
int set_module(const char *modulename);
|
||||
|
||||
int pkcs11_finish(ENGINE *engine);
|
||||
|
||||
|
@ -40,12 +38,11 @@ int pkcs11_init(ENGINE *engine);
|
|||
|
||||
int pkcs11_rsa_finish(RSA* rsa);
|
||||
|
||||
|
||||
EVP_PKEY *pkcs11_load_public_key(ENGINE *e, const char *s_key_id,
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
|
||||
EVP_PKEY *pkcs11_load_private_key(ENGINE *e, const char *s_key_id,
|
||||
UI_METHOD *ui_method, void *callback_data) ;
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
|
||||
/* defined in p11_rsa.c */
|
||||
RSA_METHOD * pkcs11_get_rsa_method();
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* crypto/engine/hw_opensc.c */
|
||||
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
|
||||
* project 2000.
|
||||
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
|
||||
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
|
||||
* project 2003.
|
||||
*/
|
||||
/* ====================================================================
|
||||
|
@ -13,7 +13,7 @@
|
|||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
|
@ -59,21 +59,19 @@
|
|||
*
|
||||
*/
|
||||
|
||||
/*#include "cryptlib.h"*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <openssl/engine.h>
|
||||
#ifndef ENGINE_CMD_BASE
|
||||
#ifndef ENGINE_CMD_BASE
|
||||
#error did not get engine.h
|
||||
#endif
|
||||
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/dso.h>
|
||||
|
||||
#include "opensc/opensc.h"
|
||||
#include "opensc/pkcs15.h"
|
||||
|
||||
#include <opensc/opensc.h>
|
||||
#include <opensc/pkcs15.h>
|
||||
#include "engine_opensc.h"
|
||||
|
||||
#define OPENSC_ENGINE_ID "opensc"
|
||||
|
@ -81,7 +79,6 @@
|
|||
|
||||
#define CMD_SO_PATH ENGINE_CMD_BASE
|
||||
|
||||
|
||||
static int opensc_engine_destroy(ENGINE *e);
|
||||
static int opensc_engine_init(ENGINE *e);
|
||||
static int opensc_engine_finish(ENGINE *e);
|
||||
|
@ -104,8 +101,7 @@ static int opensc_engine_finish(ENGINE *e) {
|
|||
return opensc_finish();
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
static int
|
||||
opensc_engine_init(ENGINE *e)
|
||||
{
|
||||
return opensc_init();
|
||||
|
@ -130,20 +126,19 @@ static int opensc_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
|
|||
/* set up default rsa_meth_st with overloaded rsa functions */
|
||||
/* the actual implementation needs to be in another object */
|
||||
|
||||
static int (*orig_finish)(RSA* rsa) ;
|
||||
static int (*orig_finish)(RSA* rsa);
|
||||
|
||||
static int
|
||||
opensc_engine_rsa_finish(RSA* rsa) {
|
||||
|
||||
opensc_rsa_finish(rsa);
|
||||
|
||||
opensc_rsa_finish(rsa);
|
||||
|
||||
if (orig_finish)
|
||||
orig_finish(rsa);
|
||||
return 1;
|
||||
|
||||
}
|
||||
|
||||
|
||||
static RSA_METHOD * sc_get_rsa_method(void)
|
||||
{
|
||||
static RSA_METHOD smart_rsa;
|
||||
|
@ -168,7 +163,6 @@ static RSA_METHOD * sc_get_rsa_method(void)
|
|||
return &smart_rsa;
|
||||
}
|
||||
|
||||
|
||||
/* This internal function is used by ENGINE_opensc() and possibly by the
|
||||
* "dynamic" ENGINE support too */
|
||||
static int bind_helper(ENGINE *e)
|
||||
|
@ -212,7 +206,5 @@ static int bind_fn(ENGINE *e, const char *id)
|
|||
return 1;
|
||||
}
|
||||
|
||||
|
||||
IMPLEMENT_DYNAMIC_CHECK_FN()
|
||||
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* crypto/engine/hw_pkcs11.c */
|
||||
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
|
||||
* project 2000.
|
||||
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
|
||||
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
|
||||
* project 2003.
|
||||
*/
|
||||
/* ====================================================================
|
||||
|
@ -13,7 +13,7 @@
|
|||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
|
@ -59,19 +59,15 @@
|
|||
*
|
||||
*/
|
||||
|
||||
/*#include "cryptlib.h"*/
|
||||
|
||||
#include "pkcs11-internal.h"
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <openssl/engine.h>
|
||||
#ifndef ENGINE_CMD_BASE
|
||||
#ifndef ENGINE_CMD_BASE
|
||||
#error did not get engine.h
|
||||
#endif
|
||||
|
||||
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/dso.h>
|
||||
|
||||
#include "engine_pkcs11.h"
|
||||
|
||||
#define PKCS11_ENGINE_ID "pkcs11"
|
||||
|
@ -80,7 +76,6 @@
|
|||
#define CMD_SO_PATH ENGINE_CMD_BASE
|
||||
#define CMD_MODULE_PATH (ENGINE_CMD_BASE+1)
|
||||
|
||||
|
||||
static int pkcs11_engine_destroy(ENGINE *e);
|
||||
static int pkcs11_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
|
||||
|
||||
|
@ -100,8 +95,6 @@ static const ENGINE_CMD_DEFN pkcs11_cmd_defns[] = {
|
|||
{0, NULL, NULL, 0}
|
||||
};
|
||||
|
||||
|
||||
|
||||
/* Destructor */
|
||||
static int pkcs11_engine_destroy(ENGINE *e)
|
||||
{
|
||||
|
@ -124,22 +117,19 @@ static int pkcs11_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
|
|||
/* set up default rsa_meth_st with overloaded rsa functions */
|
||||
/* the actual implementation needs to be in another object */
|
||||
|
||||
static int (*orig_finish)(RSA* rsa) ;
|
||||
static int (*orig_finish)(RSA* rsa);
|
||||
|
||||
static int
|
||||
pkcs11_engine_rsa_finish(RSA* rsa) {
|
||||
|
||||
pkcs11_rsa_finish(rsa);
|
||||
|
||||
pkcs11_rsa_finish(rsa);
|
||||
|
||||
if (orig_finish)
|
||||
orig_finish(rsa);
|
||||
return 1;
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
/* This internal function is used by ENGINE_pkcs11() and possibly by the
|
||||
* "dynamic" ENGINE support too */
|
||||
static int bind_helper(ENGINE *e)
|
||||
|
@ -183,7 +173,5 @@ static int bind_fn(ENGINE *e, const char *id)
|
|||
return 1;
|
||||
}
|
||||
|
||||
|
||||
IMPLEMENT_DYNAMIC_CHECK_FN()
|
||||
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
|
||||
|
||||
|
|
|
@ -1,28 +0,0 @@
|
|||
/*
|
||||
*
|
||||
* libpkcs11.h: OpenSC project's PKCS#11 link library header
|
||||
*
|
||||
* Copyright (C) 2002 Timo Teräs <timo.teras@iki.fi>
|
||||
*
|
||||
* This library is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU Lesser General Public
|
||||
* License as published by the Free Software Foundation; either
|
||||
* version 2.1 of the License, or (at your option) any later version.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public
|
||||
* License along with this library; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
*/
|
||||
|
||||
|
||||
|
||||
extern void *C_LoadModule(const char *name,
|
||||
CK_FUNCTION_LIST_PTR_PTR);
|
||||
extern CK_RV C_UnloadModule(void *);
|
||||
|
||||
|
|
@ -7,15 +7,14 @@
|
|||
* Copyright (C) 2002, Olaf Kirch <okir@lst.de>
|
||||
*/
|
||||
|
||||
#include "pkcs11-internal.h"
|
||||
#include <assert.h>
|
||||
#include <string.h>
|
||||
#include "pkcs11-internal.h"
|
||||
|
||||
static int pkcs11_getattr_int(PKCS11_CTX *, CK_SESSION_HANDLE,
|
||||
CK_OBJECT_HANDLE, CK_ATTRIBUTE_TYPE,
|
||||
void *, size_t *);
|
||||
|
||||
|
||||
/*
|
||||
* Query pkcs11 attributes
|
||||
*/
|
||||
|
@ -25,7 +24,7 @@ pkcs11_getattr_int(PKCS11_CTX *ctx, CK_SESSION_HANDLE session,
|
|||
{
|
||||
CK_ATTRIBUTE templ;
|
||||
int rv;
|
||||
|
||||
|
||||
templ.type = type;
|
||||
templ.pValue = value;
|
||||
templ.ulValueLen = *size;
|
||||
|
|
|
@ -4,8 +4,8 @@
|
|||
* Copyright (C) 2002, Olaf Kirch <okir@lst.de>
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
#include "pkcs11-internal.h"
|
||||
#include <string.h>
|
||||
|
||||
static int pkcs11_find_certs(PKCS11_TOKEN *);
|
||||
static int pkcs11_next_cert(PKCS11_CTX *, PKCS11_TOKEN *,
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
|
@ -205,4 +205,3 @@ ERR_load_PKCS11_strings(void)
|
|||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
|
@ -55,8 +55,8 @@
|
|||
*
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
#include "pkcs11-internal.h"
|
||||
#include <string.h>
|
||||
|
||||
static int pkcs11_find_keys(PKCS11_TOKEN *, unsigned int);
|
||||
static int pkcs11_next_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
|
@ -55,13 +55,9 @@
|
|||
*
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
#include "pkcs11-internal.h"
|
||||
#include "libpkcs11.h"
|
||||
#include <string.h>
|
||||
|
||||
#ifndef PKCS11_MODULE_DIR
|
||||
#define PKCS11_MODULE_DIR "/usr/lib/pkcs11"
|
||||
#endif
|
||||
/* I don't think the comment below applies...? _KLS */
|
||||
/* Currently, when we dlclose the pkcs11 module, this will
|
||||
* also unload all sorts of other libraries, e.g. the pcsc-lite
|
||||
|
@ -71,11 +67,8 @@
|
|||
* but is not anymore. The typical ``watch me walk over the edge
|
||||
* of that cliff there'' thing.
|
||||
*/
|
||||
#undef DLCLOSE_OKAY
|
||||
#ifndef DLCLOSE_OKAY
|
||||
/*static const char * the_module = NULL;*/
|
||||
static void * the_handler = NULL;
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Create a new context
|
||||
*/
|
||||
|
@ -174,5 +167,3 @@ PKCS11_CTX_free(PKCS11_CTX *ctx)
|
|||
OPENSSL_free(ctx->_private);
|
||||
OPENSSL_free(ctx);
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
|
@ -55,9 +55,9 @@
|
|||
*
|
||||
*/
|
||||
|
||||
#include "pkcs11-internal.h"
|
||||
#include <string.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include "pkcs11-internal.h"
|
||||
|
||||
void *
|
||||
pkcs11_malloc(size_t size)
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
|
@ -60,12 +60,11 @@
|
|||
* PKCS11 token
|
||||
*/
|
||||
|
||||
#include "pkcs11-internal.h"
|
||||
#include <string.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/rsa.h>
|
||||
|
||||
#include "pkcs11-internal.h"
|
||||
|
||||
static int pkcs11_get_rsa_public(PKCS11_KEY *, EVP_PKEY *);
|
||||
static int pkcs11_get_rsa_private(PKCS11_KEY *, EVP_PKEY *);
|
||||
RSA_METHOD * pkcs11_get_rsa_method();
|
||||
|
@ -75,7 +74,6 @@ RSA_METHOD * pkcs11_get_rsa_method();
|
|||
#define key_getattr_bn(k, t, bn) \
|
||||
pkcs11_getattr_bn(KEY2TOKEN(key), PRIVKEY(key)->object, t, bn)
|
||||
|
||||
|
||||
/*
|
||||
* Get RSA key material
|
||||
*/
|
||||
|
@ -128,7 +126,7 @@ pkcs11_rsa_decrypt(int flen, const unsigned char *from, unsigned char *to,
|
|||
PKCS11_KEY *key = (PKCS11_KEY *) RSA_get_app_data(rsa);
|
||||
|
||||
if (padding != RSA_PKCS1_PADDING)
|
||||
return -1;
|
||||
return -1;
|
||||
if (key == NULL)
|
||||
return -1;
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
|
@ -55,9 +55,9 @@
|
|||
*
|
||||
*/
|
||||
|
||||
#include "pkcs11-internal.h"
|
||||
#include <string.h>
|
||||
#include <openssl/buffer.h>
|
||||
#include "pkcs11-internal.h"
|
||||
|
||||
static int pkcs11_init_slot(PKCS11_CTX *, PKCS11_SLOT *, CK_SLOT_ID);
|
||||
static int pkcs11_check_token(PKCS11_CTX *, PKCS11_SLOT *);
|
||||
|
@ -82,7 +82,7 @@ PKCS11_enumerate_slots(PKCS11_CTX *ctx,
|
|||
rv = priv->method->C_GetSlotList(FALSE, slotid, &nslots);
|
||||
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_SLOTS, rv);
|
||||
|
||||
slots = (PKCS11_SLOT *) pkcs11_malloc(nslots
|
||||
slots = (PKCS11_SLOT *) pkcs11_malloc(nslots
|
||||
* sizeof(PKCS11_SLOT));
|
||||
for (n = 0; n < nslots; n++) {
|
||||
if (pkcs11_init_slot(ctx, &slots[n], slotid[n])) {
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
|
@ -58,36 +58,19 @@
|
|||
#ifndef HEADER_PKCS11_INTERNAL_H
|
||||
#define HEADER_PKCS11_INTERNAL_H
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <opensc/pkcs11.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* PKCS11 specific weirdo macros */
|
||||
#define CK_PTR *
|
||||
#define NULL_PTR 0
|
||||
#define CK_DEFINE_FUNCTION(returnType, name) \
|
||||
returnType name
|
||||
#define CK_DECLARE_FUNCTION(returnType, name) \
|
||||
returnType name
|
||||
#define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
|
||||
returnType (*name)
|
||||
#define CK_CALLBACK_FUNCTION(returnType, name) \
|
||||
returnType (*name)
|
||||
|
||||
|
||||
#ifndef _WIN32
|
||||
#include "opensc/rsaref/pkcs11.h"
|
||||
#else
|
||||
#pragma pack(push, cryptoki, 1)
|
||||
#include "opensc/rsaref/pkcs11.h"
|
||||
#pragma pack(pop, cryptoki)
|
||||
#endif
|
||||
|
||||
|
||||
/* get some structures for local code to handle pkcs11 data readily */
|
||||
/* Use the first free lib ID available */
|
||||
#define ERR_LIB_PKCS11 42
|
||||
|
@ -302,8 +285,6 @@ typedef struct pkcs11_cert_private {
|
|||
} PKCS11_CERT_private;
|
||||
#define PRIVCERT(cert) ((PKCS11_CERT_private *) cert->_private)
|
||||
|
||||
|
||||
|
||||
/*
|
||||
* Mapping Cryptoki error codes to those used internally
|
||||
* by this code.
|
||||
|
@ -364,4 +345,3 @@ extern PKCS11_KEY_ops pkcs11_rsa_ops;
|
|||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
|
Loading…
Reference in New Issue