giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

- Remove sslengines/libpkcs11.h, it's almost identical 

to libpkcs11's pkcs11.h.
- Move default PKCS#11 library defines to pkcs11.h,
  so they can be used by 3rdparty applications as
  well.
- Minor cleanups


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1407 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
aet 2003-09-03 17:07:15 +00:00
parent 5616dba08e
commit 86475ea7c0
19 changed files with 91 additions and 207 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/pkcs11/libpkcs11.c
View File

@ -16,16 +16,6 @@
#define MAGIC 0xd00bed00
#if defined(_WIN32)
#define DEFAULT_MODULE_NAME "opensc-pkcs11";
#elif defined(HAVE_DLFCN_H) && defined(__APPLE__)
#define DEFAULT_MODULE_NAME "opensc-pkcs11.so";
#elif defined(__APPLE__)
#define DEFAULT_MODULE_NAME "opensc-pkcs11.bundle";
#else
#define DEFAULT_MODULE_NAME "opensc-pkcs11.so";
#endif
struct sc_pkcs11_module {
unsigned int _magic;
scdl_context_t *handle;
@ -46,7 +36,7 @@ C_LoadModule(const char *mspec, CK_FUNCTION_LIST_PTR_PTR funcs)
mod->_magic = MAGIC;
if (mspec == NULL)
mspec = DEFAULT_MODULE_NAME;
mspec = PKCS11_DEFAULT_MODULE_NAME;
mod->handle = scdl_open(mspec);
if (mod->handle == NULL)
goto failed;

14
src/pkcs11/pkcs11.h
View File

@ -21,6 +21,10 @@
#ifndef OPENSC_PKCS11_H
#define OPENSC_PKCS11_H
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#ifndef _WIN32
#include <opensc/rsaref/unix.h>
#include <opensc/rsaref/pkcs11.h>
@ -35,6 +39,16 @@
extern "C" {
#endif
#if defined(_WIN32)
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11";
#elif defined(HAVE_DLFCN_H) && defined(__APPLE__)
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.so";
#elif defined(__APPLE__)
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.bundle";
#else
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.so";
#endif
typedef struct sc_pkcs11_module sc_pkcs11_module_t;
extern sc_pkcs11_module_t *C_LoadModule(const char *name,

2
src/sslengines/Makefile.am
View File

@ -27,7 +27,7 @@ engine_pkcs11_la_SOURCES = \
hw_pkcs11.c engine_pkcs11.c engine_pkcs11.h \
p11_attr.c p11_cert.c p11_err.c p11_key.c \
p11_load.c p11_misc.c p11_rsa.c p11_slot.c \
pkcs11-internal.h libpkcs11.h
pkcs11-internal.h
engine_pkcs11_la_CFLAGS = $(OPENSSL_CFLAGS)
engine_pkcs11_la_LIBADD = @LIBCRYPTOA@ ../pkcs11/libpkcs11.la
engine_pkcs11_la_LDFLAGS = $(OPENSSL_LDFLAGS) -module -avoid-version

41
src/sslengines/engine_opensc.c
View File

@ -2,7 +2,7 @@
* Copyright (c) 2002 Juha Yrjölä. All rights reserved.
* Copyright (c) 2001 Markus Friedl.
* Copyright (c) 2003 Kevin Stefanik
*
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@ -24,17 +24,17 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/objects.h>
#include "opensc/opensc.h"
#include "opensc/pkcs15.h"
#include <opensc/opensc.h>
#include <opensc/pkcs15.h>
#include "engine_opensc.h"
/* static state info one card/reader at a time */
static int quiet=1;
static int sc_reader_id= 0;
@ -61,15 +61,14 @@ int opensc_finish(void) {
int opensc_init(void) {
int r=0;
if(!quiet)
fprintf(stderr,"initializing engine");
r = sc_establish_context(&ctx, "openssl");
if (r)
goto err;
r = sc_connect_card(ctx->reader[sc_reader_id], 0, &card);
if (r)
goto err;
@ -185,7 +184,6 @@ EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
id->len = SC_PKCS15_MAX_ID_SIZE;
sc_pkcs15_hex_string_to_id(s_key_id, id);
r = sc_pkcs15_find_pubkey_by_id(p15card, id, &obj);
if (r >= 0) {
if (!quiet)
@ -216,7 +214,7 @@ EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
/* now, set EVP_PKEY data from pubkey object */
key_out=EVP_PKEY_new();
if(!key_out)
if(!key_out)
{fprintf(stderr, "failed to create new EVP_PKEY\n"); return NULL;};
EVP_PKEY_assign_RSA(key_out,RSA_new_method(e));
#if 0
@ -238,7 +236,7 @@ char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
ui=UI_new();
UI_set_method(ui,ui_method);
if(!UI_add_input_string(ui, "SmartCard Password: ", 0, sc_pin, 1, maxlen)) {
fprintf(stderr, "UI_add_input_string failed");
fprintf(stderr, "UI_add_input_string failed");
UI_free(ui); return NULL; }
if(!UI_process(ui)) {
fprintf(stderr, "UI_process failed"); return NULL;}
@ -251,10 +249,10 @@ EVP_PKEY *opensc_load_private_key(ENGINE *e, const char *s_key_id,
UI_METHOD *ui_method, void *callback_data) {
EVP_PKEY* key_out;
if(!quiet)
fprintf(stderr,"Loading private key!");
fprintf(stderr,"Loading private key!");
if(sc_pin) {free(sc_pin); sc_pin=NULL;}
key_out=opensc_load_public_key(e, s_key_id, ui_method, callback_data);
key_out=opensc_load_public_key(e, s_key_id, ui_method, callback_data);
sc_pin=malloc(12);
get_pin(ui_method,sc_pin,12); /* do this here, when storing sc_pin in RSA */
#if 0
@ -276,14 +274,14 @@ sc_private_decrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
int r;
if (padding != RSA_PKCS1_PADDING)
return -1;
return -1;
r = sc_prkey_op_init(rsa, &key_obj);
if (r)
return -1;
r = sc_pkcs15_decipher(p15card, key_obj, 0, from, flen, to, flen);
sc_unlock(card);
if (r < 0) {
fprintf(stderr,"sc_pkcs15_decipher() failed: %s", sc_strerror(r));
fprintf(stderr,"sc_pkcs15_decipher() failed: %s", sc_strerror(r));
goto err;
}
return r;
@ -298,7 +296,6 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
struct sc_pkcs15_object *key_obj;
int r;
unsigned long flags = 0;
if(!quiet)
fprintf(stderr,"signing with type %d\n", type);
@ -307,7 +304,7 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
return -1;
/* FIXME: length of sigret correct? */
/* FIXME: check 'type' and modify flags accordingly */
flags |= SC_ALGORITHM_RSA_PAD_PKCS1 ;
flags |= SC_ALGORITHM_RSA_PAD_PKCS1;
if(type==NID_sha1) flags|=SC_ALGORITHM_RSA_HASH_SHA1;
if(type==NID_md5) flags|=SC_ALGORITHM_RSA_HASH_MD5; /* SC_ALGORITHM_RSA_HASH_SHA1 */
r = sc_pkcs15_compute_signature(p15card, key_obj, flags,
@ -315,7 +312,7 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
sc_unlock(card);
if (r < 0) {
fprintf(stderr,"sc_pkcs15_compute_signature() failed: %s",
sc_strerror(r));
sc_strerror(r));
goto err;
}
*siglen = r;
@ -331,7 +328,3 @@ sc_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
fprintf(stderr,"Private key encryption not supported");
return -1;
}

9
src/sslengines/engine_opensc.h
View File

@ -5,14 +5,13 @@
int opensc_finish(void);
int opensc_init(void);
EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
UI_METHOD *ui_method, void *callback_data) ;
UI_METHOD *ui_method, void *callback_data);
EVP_PKEY *opensc_load_private_key(ENGINE *e, const char *s_key_id,
UI_METHOD *ui_method, void *callback_data) ;
UI_METHOD *ui_method, void *callback_data);
int sc_private_decrypt(int flen, const u_char *from, u_char *to,
RSA *rsa, int padding);
int sc_sign(int type, const u_char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
int sc_private_encrypt(int flen, const u_char *from, u_char *to,
int sc_private_encrypt(int flen, const u_char *from, u_char *to,
RSA *rsa, int padding);
int opensc_rsa_finish(RSA* rsa) ;
int opensc_rsa_finish(RSA* rsa);

46
src/sslengines/engine_pkcs11.c
View File

@ -3,7 +3,7 @@
* Copyright (c) 2001 Markus Friedl.
* Copyright (c) 2002 Olaf Kirch
* Copyright (c) 2003 Kevin Stefanik
*
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@ -25,14 +25,11 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "pkcs11-internal.h"
#include <stdio.h>
#include <string.h>
#include <config.h>
#include <openssl/crypto.h>
#include <openssl/objects.h>
#include "pkcs11-internal.h"
#include "engine_pkcs11.h"
#define fail(msg) { fprintf(stderr,msg); return NULL;}
@ -41,11 +38,7 @@ PKCS11_CTX *ctx;
char* pin;
int quiet=1;
#ifndef _WIN32
const char *module = "opensc-pkcs11.so";
#else
const char *module = "opensc-pkcs11"; /* no need to add .dll */
#endif
const char *module = PKCS11_DEFAULT_MODULE_NAME;
int set_module(const char *modulename) {
module=modulename;
@ -57,7 +50,7 @@ char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
ui=UI_new();
UI_set_method(ui,ui_method);
if(!UI_add_input_string(ui, "SmartCard PIN: ", 0, sc_pin, 1, maxlen)) {
fprintf(stderr, "UI_add_input_string failed\n");
fprintf(stderr, "UI_add_input_string failed\n");
UI_free(ui); return NULL; }
if(!UI_process(ui)) {
fprintf(stderr, "UI_process failed\n"); return NULL;}
@ -67,7 +60,7 @@ char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
}
int pkcs11_finish(ENGINE *engine) {
if (ctx) {
PKCS11_CTX_free(ctx);
}
@ -90,34 +83,13 @@ int pkcs11_init(ENGINE *engine) {
int
pkcs11_rsa_finish(RSA* rsa) {
if(pin) {free(pin);}
/* need to free RSA_ex_data? */
return 1;
}
static int hex2byte(const char *hex)
{
int b = 0;
if (hex[0]>='0' && hex[0]<='9')
b = hex[0] - '0';
else if (hex[0]>='a'&&hex[0]<='f')
b = hex[0] - 'a' + 10;
else if (hex[0]>='A'&&hex[0]<='F')
b = hex[0] - 'A' + 10;
else
return -1;
b *= 16;
if (hex[1]>='0' && hex[1]<='9')
return b + hex[1] - '0';
else if (hex[1]>='a'&&hex[1]<='f')
return b + hex[1] - 'a' + 10;
else if (hex[1]>='A'&&hex[1]<='F')
return b + hex[1] - 'A' + 10;
return -1;
}
static int hex_to_bin(const char *in, unsigned char *out, size_t *outlen)
{
size_t left, count = 0;
@ -184,7 +156,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
int slot_nr = -1;
char flags[64];
int logged_in = 0;
/* if(pin) {free(pin); pin=NULL;} // keep cached key? */
/* Parse s_slot_key_id: [slot:<slotNr>][;][id:<keyID>] or NULL,
@ -287,7 +259,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
tok = slot->token;
if (!tok->initialized) {
printf("Found uninitialized token; \n");
printf("Found uninitialized token; \n");
return NULL;
}
@ -327,7 +299,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
break;
if (pin == NULL) {
pin=malloc(12);
get_pin(ui_method,pin,12);
get_pin(ui_method,pin,12);
}
if (PKCS11_login(slot, 0, pin))
fail("Card login failed\n");

9
src/sslengines/engine_pkcs11.h
View File

@ -2,7 +2,7 @@
* Copyright (c) 2002 Juha Yrjölä. All rights reserved.
* Copyright (c) 2001 Markus Friedl.
* Copyright (c) 2003 Kevin Stefanik
*
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
@ -24,15 +24,13 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdio.h>
#include <string.h>
#include <openssl/crypto.h>
#include <openssl/objects.h>
#include <openssl/engine.h>
int set_module(const char *modulename) ;
int set_module(const char *modulename);
int pkcs11_finish(ENGINE *engine);
@ -40,12 +38,11 @@ int pkcs11_init(ENGINE *engine);
int pkcs11_rsa_finish(RSA* rsa);
EVP_PKEY *pkcs11_load_public_key(ENGINE *e, const char *s_key_id,
UI_METHOD *ui_method, void *callback_data);
EVP_PKEY *pkcs11_load_private_key(ENGINE *e, const char *s_key_id,
UI_METHOD *ui_method, void *callback_data) ;
UI_METHOD *ui_method, void *callback_data);
/* defined in p11_rsa.c */
RSA_METHOD * pkcs11_get_rsa_method();

32
src/sslengines/hw_opensc.c
View File

@ -1,7 +1,7 @@
/* crypto/engine/hw_opensc.c */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
* project 2003.
*/
/* ====================================================================
@ -13,7 +13,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@ -59,21 +59,19 @@
*
*/
/*#include "cryptlib.h"*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <string.h>
#include <openssl/engine.h>
#ifndef ENGINE_CMD_BASE
#ifndef ENGINE_CMD_BASE
#error did not get engine.h
#endif
#include <openssl/crypto.h>
#include <openssl/dso.h>
#include "opensc/opensc.h"
#include "opensc/pkcs15.h"
#include <opensc/opensc.h>
#include <opensc/pkcs15.h>
#include "engine_opensc.h"
#define OPENSC_ENGINE_ID "opensc"
@ -81,7 +79,6 @@
#define CMD_SO_PATH ENGINE_CMD_BASE
static int opensc_engine_destroy(ENGINE *e);
static int opensc_engine_init(ENGINE *e);
static int opensc_engine_finish(ENGINE *e);
@ -104,8 +101,7 @@ static int opensc_engine_finish(ENGINE *e) {
return opensc_finish();
}
static int
static int
opensc_engine_init(ENGINE *e)
{
return opensc_init();
@ -130,20 +126,19 @@ static int opensc_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
/* set up default rsa_meth_st with overloaded rsa functions */
/* the actual implementation needs to be in another object */
static int (*orig_finish)(RSA* rsa) ;
static int (*orig_finish)(RSA* rsa);
static int
opensc_engine_rsa_finish(RSA* rsa) {
opensc_rsa_finish(rsa);
opensc_rsa_finish(rsa);
if (orig_finish)
orig_finish(rsa);
return 1;
}
static RSA_METHOD * sc_get_rsa_method(void)
{
static RSA_METHOD smart_rsa;
@ -168,7 +163,6 @@ static RSA_METHOD * sc_get_rsa_method(void)
return &smart_rsa;
}
/* This internal function is used by ENGINE_opensc() and possibly by the
* "dynamic" ENGINE support too */
static int bind_helper(ENGINE *e)
@ -212,7 +206,5 @@ static int bind_fn(ENGINE *e, const char *id)
return 1;
}
IMPLEMENT_DYNAMIC_CHECK_FN()
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)

26
src/sslengines/hw_pkcs11.c
View File

@ -1,7 +1,7 @@
/* crypto/engine/hw_pkcs11.c */
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
* project 2000.
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
* project 2003.
*/
/* ====================================================================
@ -13,7 +13,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@ -59,19 +59,15 @@
*
*/
/*#include "cryptlib.h"*/
#include "pkcs11-internal.h"
#include <stdio.h>
#include <string.h>
#include <openssl/engine.h>
#ifndef ENGINE_CMD_BASE
#ifndef ENGINE_CMD_BASE
#error did not get engine.h
#endif
#include <openssl/crypto.h>
#include <openssl/dso.h>
#include "engine_pkcs11.h"
#define PKCS11_ENGINE_ID "pkcs11"
@ -80,7 +76,6 @@
#define CMD_SO_PATH ENGINE_CMD_BASE
#define CMD_MODULE_PATH (ENGINE_CMD_BASE+1)
static int pkcs11_engine_destroy(ENGINE *e);
static int pkcs11_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
@ -100,8 +95,6 @@ static const ENGINE_CMD_DEFN pkcs11_cmd_defns[] = {
{0, NULL, NULL, 0}
};
/* Destructor */
static int pkcs11_engine_destroy(ENGINE *e)
{
@ -124,22 +117,19 @@ static int pkcs11_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
/* set up default rsa_meth_st with overloaded rsa functions */
/* the actual implementation needs to be in another object */
static int (*orig_finish)(RSA* rsa) ;
static int (*orig_finish)(RSA* rsa);
static int
pkcs11_engine_rsa_finish(RSA* rsa) {
pkcs11_rsa_finish(rsa);
pkcs11_rsa_finish(rsa);
if (orig_finish)
orig_finish(rsa);
return 1;
}
/* This internal function is used by ENGINE_pkcs11() and possibly by the
* "dynamic" ENGINE support too */
static int bind_helper(ENGINE *e)
@ -183,7 +173,5 @@ static int bind_fn(ENGINE *e, const char *id)
return 1;
}
IMPLEMENT_DYNAMIC_CHECK_FN()
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)

28
src/sslengines/libpkcs11.h
View File

@ -1,28 +0,0 @@
/*
*
* libpkcs11.h: OpenSC project's PKCS#11 link library header
*
* Copyright (C) 2002 Timo Teräs <timo.teras@iki.fi>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
extern void *C_LoadModule(const char *name,
CK_FUNCTION_LIST_PTR_PTR);
extern CK_RV C_UnloadModule(void *);

5
src/sslengines/p11_attr.c
View File

@ -7,15 +7,14 @@
* Copyright (C) 2002, Olaf Kirch <okir@lst.de>
*/
#include "pkcs11-internal.h"
#include <assert.h>
#include <string.h>
#include "pkcs11-internal.h"
static int pkcs11_getattr_int(PKCS11_CTX *, CK_SESSION_HANDLE,
CK_OBJECT_HANDLE, CK_ATTRIBUTE_TYPE,
void *, size_t *);
/*
* Query pkcs11 attributes
*/
@ -25,7 +24,7 @@ pkcs11_getattr_int(PKCS11_CTX *ctx, CK_SESSION_HANDLE session,
{
CK_ATTRIBUTE templ;
int rv;
templ.type = type;
templ.pValue = value;
templ.ulValueLen = *size;

2
src/sslengines/p11_cert.c
View File

@ -4,8 +4,8 @@
* Copyright (C) 2002, Olaf Kirch <okir@lst.de>
*/
#include <string.h>
#include "pkcs11-internal.h"
#include <string.h>
static int pkcs11_find_certs(PKCS11_TOKEN *);
static int pkcs11_next_cert(PKCS11_CTX *, PKCS11_TOKEN *,

3
src/sslengines/p11_err.c
View File

@ -9,7 +9,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@ -205,4 +205,3 @@ ERR_load_PKCS11_strings(void)
#endif
}
}

4
src/sslengines/p11_key.c
View File

@ -9,7 +9,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@ -55,8 +55,8 @@
*
*/
#include <string.h>
#include "pkcs11-internal.h"
#include <string.h>
static int pkcs11_find_keys(PKCS11_TOKEN *, unsigned int);
static int pkcs11_next_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,

15
src/sslengines/p11_load.c
View File

@ -9,7 +9,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@ -55,13 +55,9 @@
*
*/
#include <string.h>
#include "pkcs11-internal.h"
#include "libpkcs11.h"
#include <string.h>
#ifndef PKCS11_MODULE_DIR
#define PKCS11_MODULE_DIR "/usr/lib/pkcs11"
#endif
/* I don't think the comment below applies...? _KLS */
/* Currently, when we dlclose the pkcs11 module, this will
* also unload all sorts of other libraries, e.g. the pcsc-lite
@ -71,11 +67,8 @@
* but is not anymore. The typical ``watch me walk over the edge
* of that cliff there'' thing.
*/
#undef DLCLOSE_OKAY
#ifndef DLCLOSE_OKAY
/*static const char * the_module = NULL;*/
static void * the_handler = NULL;
#endif
/*
* Create a new context
*/
@ -174,5 +167,3 @@ PKCS11_CTX_free(PKCS11_CTX *ctx)
OPENSSL_free(ctx->_private);
OPENSSL_free(ctx);
}

4
src/sslengines/p11_misc.c
View File

@ -9,7 +9,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@ -55,9 +55,9 @@
*
*/
#include "pkcs11-internal.h"
#include <string.h>
#include <openssl/crypto.h>
#include "pkcs11-internal.h"
void *
pkcs11_malloc(size_t size)

8
src/sslengines/p11_rsa.c
View File

@ -9,7 +9,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@ -60,12 +60,11 @@
* PKCS11 token
*/
#include "pkcs11-internal.h"
#include <string.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include "pkcs11-internal.h"
static int pkcs11_get_rsa_public(PKCS11_KEY *, EVP_PKEY *);
static int pkcs11_get_rsa_private(PKCS11_KEY *, EVP_PKEY *);
RSA_METHOD * pkcs11_get_rsa_method();
@ -75,7 +74,6 @@ RSA_METHOD * pkcs11_get_rsa_method();
#define key_getattr_bn(k, t, bn) \
pkcs11_getattr_bn(KEY2TOKEN(key), PRIVKEY(key)->object, t, bn)
/*
* Get RSA key material
*/
@ -128,7 +126,7 @@ pkcs11_rsa_decrypt(int flen, const unsigned char *from, unsigned char *to,
PKCS11_KEY *key = (PKCS11_KEY *) RSA_get_app_data(rsa);
if (padding != RSA_PKCS1_PADDING)
return -1;
return -1;
if (key == NULL)
return -1;

6
src/sslengines/p11_slot.c
View File

@ -9,7 +9,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@ -55,9 +55,9 @@
*
*/
#include "pkcs11-internal.h"
#include <string.h>
#include <openssl/buffer.h>
#include "pkcs11-internal.h"
static int pkcs11_init_slot(PKCS11_CTX *, PKCS11_SLOT *, CK_SLOT_ID);
static int pkcs11_check_token(PKCS11_CTX *, PKCS11_SLOT *);
@ -82,7 +82,7 @@ PKCS11_enumerate_slots(PKCS11_CTX *ctx,
rv = priv->method->C_GetSlotList(FALSE, slotid, &nslots);
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_SLOTS, rv);
slots = (PKCS11_SLOT *) pkcs11_malloc(nslots
slots = (PKCS11_SLOT *) pkcs11_malloc(nslots
* sizeof(PKCS11_SLOT));
for (n = 0; n < nslots; n++) {
if (pkcs11_init_slot(ctx, &slots[n], slotid[n])) {

32
src/sslengines/pkcs11-internal.h
View File

@ -9,7 +9,7 @@
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
@ -58,36 +58,19 @@
#ifndef HEADER_PKCS11_INTERNAL_H
#define HEADER_PKCS11_INTERNAL_H
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/x509.h>
#include <opensc/pkcs11.h>
#ifdef __cplusplus
extern "C" {
#endif
/* PKCS11 specific weirdo macros */
#define CK_PTR *
#define NULL_PTR 0
#define CK_DEFINE_FUNCTION(returnType, name) \
returnType name
#define CK_DECLARE_FUNCTION(returnType, name) \
returnType name
#define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
returnType (*name)
#define CK_CALLBACK_FUNCTION(returnType, name) \
returnType (*name)
#ifndef _WIN32
#include "opensc/rsaref/pkcs11.h"
#else
#pragma pack(push, cryptoki, 1)
#include "opensc/rsaref/pkcs11.h"
#pragma pack(pop, cryptoki)
#endif
/* get some structures for local code to handle pkcs11 data readily */
/* Use the first free lib ID available */
#define ERR_LIB_PKCS11 42
@ -302,8 +285,6 @@ typedef struct pkcs11_cert_private {
} PKCS11_CERT_private;
#define PRIVCERT(cert) ((PKCS11_CERT_private *) cert->_private)
/*
* Mapping Cryptoki error codes to those used internally
* by this code.
@ -364,4 +345,3 @@ extern PKCS11_KEY_ops pkcs11_rsa_ops;
}
#endif
#endif