- Remove sslengines/libpkcs11.h, it's almost identical
to libpkcs11's pkcs11.h. - Move default PKCS#11 library defines to pkcs11.h, so they can be used by 3rdparty applications as well. - Minor cleanups git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1407 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
5616dba08e
commit
86475ea7c0
|
@ -16,16 +16,6 @@
|
||||||
|
|
||||||
#define MAGIC 0xd00bed00
|
#define MAGIC 0xd00bed00
|
||||||
|
|
||||||
#if defined(_WIN32)
|
|
||||||
#define DEFAULT_MODULE_NAME "opensc-pkcs11";
|
|
||||||
#elif defined(HAVE_DLFCN_H) && defined(__APPLE__)
|
|
||||||
#define DEFAULT_MODULE_NAME "opensc-pkcs11.so";
|
|
||||||
#elif defined(__APPLE__)
|
|
||||||
#define DEFAULT_MODULE_NAME "opensc-pkcs11.bundle";
|
|
||||||
#else
|
|
||||||
#define DEFAULT_MODULE_NAME "opensc-pkcs11.so";
|
|
||||||
#endif
|
|
||||||
|
|
||||||
struct sc_pkcs11_module {
|
struct sc_pkcs11_module {
|
||||||
unsigned int _magic;
|
unsigned int _magic;
|
||||||
scdl_context_t *handle;
|
scdl_context_t *handle;
|
||||||
|
@ -46,7 +36,7 @@ C_LoadModule(const char *mspec, CK_FUNCTION_LIST_PTR_PTR funcs)
|
||||||
mod->_magic = MAGIC;
|
mod->_magic = MAGIC;
|
||||||
|
|
||||||
if (mspec == NULL)
|
if (mspec == NULL)
|
||||||
mspec = DEFAULT_MODULE_NAME;
|
mspec = PKCS11_DEFAULT_MODULE_NAME;
|
||||||
mod->handle = scdl_open(mspec);
|
mod->handle = scdl_open(mspec);
|
||||||
if (mod->handle == NULL)
|
if (mod->handle == NULL)
|
||||||
goto failed;
|
goto failed;
|
||||||
|
|
|
@ -21,6 +21,10 @@
|
||||||
#ifndef OPENSC_PKCS11_H
|
#ifndef OPENSC_PKCS11_H
|
||||||
#define OPENSC_PKCS11_H
|
#define OPENSC_PKCS11_H
|
||||||
|
|
||||||
|
#ifdef HAVE_CONFIG_H
|
||||||
|
#include <config.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifndef _WIN32
|
#ifndef _WIN32
|
||||||
#include <opensc/rsaref/unix.h>
|
#include <opensc/rsaref/unix.h>
|
||||||
#include <opensc/rsaref/pkcs11.h>
|
#include <opensc/rsaref/pkcs11.h>
|
||||||
|
@ -35,6 +39,16 @@
|
||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(_WIN32)
|
||||||
|
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11";
|
||||||
|
#elif defined(HAVE_DLFCN_H) && defined(__APPLE__)
|
||||||
|
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.so";
|
||||||
|
#elif defined(__APPLE__)
|
||||||
|
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.bundle";
|
||||||
|
#else
|
||||||
|
#define PKCS11_DEFAULT_MODULE_NAME "opensc-pkcs11.so";
|
||||||
|
#endif
|
||||||
|
|
||||||
typedef struct sc_pkcs11_module sc_pkcs11_module_t;
|
typedef struct sc_pkcs11_module sc_pkcs11_module_t;
|
||||||
|
|
||||||
extern sc_pkcs11_module_t *C_LoadModule(const char *name,
|
extern sc_pkcs11_module_t *C_LoadModule(const char *name,
|
||||||
|
|
|
@ -27,7 +27,7 @@ engine_pkcs11_la_SOURCES = \
|
||||||
hw_pkcs11.c engine_pkcs11.c engine_pkcs11.h \
|
hw_pkcs11.c engine_pkcs11.c engine_pkcs11.h \
|
||||||
p11_attr.c p11_cert.c p11_err.c p11_key.c \
|
p11_attr.c p11_cert.c p11_err.c p11_key.c \
|
||||||
p11_load.c p11_misc.c p11_rsa.c p11_slot.c \
|
p11_load.c p11_misc.c p11_rsa.c p11_slot.c \
|
||||||
pkcs11-internal.h libpkcs11.h
|
pkcs11-internal.h
|
||||||
engine_pkcs11_la_CFLAGS = $(OPENSSL_CFLAGS)
|
engine_pkcs11_la_CFLAGS = $(OPENSSL_CFLAGS)
|
||||||
engine_pkcs11_la_LIBADD = @LIBCRYPTOA@ ../pkcs11/libpkcs11.la
|
engine_pkcs11_la_LIBADD = @LIBCRYPTOA@ ../pkcs11/libpkcs11.la
|
||||||
engine_pkcs11_la_LDFLAGS = $(OPENSSL_LDFLAGS) -module -avoid-version
|
engine_pkcs11_la_LDFLAGS = $(OPENSSL_LDFLAGS) -module -avoid-version
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
* Copyright (c) 2002 Juha Yrjölä. All rights reserved.
|
* Copyright (c) 2002 Juha Yrjölä. All rights reserved.
|
||||||
* Copyright (c) 2001 Markus Friedl.
|
* Copyright (c) 2001 Markus Friedl.
|
||||||
* Copyright (c) 2003 Kevin Stefanik
|
* Copyright (c) 2003 Kevin Stefanik
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* Redistribution and use in source and binary forms, with or without
|
||||||
* modification, are permitted provided that the following conditions
|
* modification, are permitted provided that the following conditions
|
||||||
* are met:
|
* are met:
|
||||||
|
@ -24,17 +24,17 @@
|
||||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#ifdef HAVE_CONFIG_H
|
||||||
|
#include <config.h>
|
||||||
|
#endif
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/crypto.h>
|
#include <openssl/crypto.h>
|
||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include "opensc/opensc.h"
|
#include <opensc/opensc.h>
|
||||||
#include "opensc/pkcs15.h"
|
#include <opensc/pkcs15.h>
|
||||||
#include "engine_opensc.h"
|
#include "engine_opensc.h"
|
||||||
|
|
||||||
|
|
||||||
/* static state info one card/reader at a time */
|
/* static state info one card/reader at a time */
|
||||||
static int quiet=1;
|
static int quiet=1;
|
||||||
static int sc_reader_id= 0;
|
static int sc_reader_id= 0;
|
||||||
|
@ -61,15 +61,14 @@ int opensc_finish(void) {
|
||||||
|
|
||||||
int opensc_init(void) {
|
int opensc_init(void) {
|
||||||
int r=0;
|
int r=0;
|
||||||
|
|
||||||
if(!quiet)
|
if(!quiet)
|
||||||
fprintf(stderr,"initializing engine");
|
fprintf(stderr,"initializing engine");
|
||||||
|
|
||||||
r = sc_establish_context(&ctx, "openssl");
|
r = sc_establish_context(&ctx, "openssl");
|
||||||
if (r)
|
if (r)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
|
|
||||||
r = sc_connect_card(ctx->reader[sc_reader_id], 0, &card);
|
r = sc_connect_card(ctx->reader[sc_reader_id], 0, &card);
|
||||||
if (r)
|
if (r)
|
||||||
goto err;
|
goto err;
|
||||||
|
@ -185,7 +184,6 @@ EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
|
||||||
id->len = SC_PKCS15_MAX_ID_SIZE;
|
id->len = SC_PKCS15_MAX_ID_SIZE;
|
||||||
sc_pkcs15_hex_string_to_id(s_key_id, id);
|
sc_pkcs15_hex_string_to_id(s_key_id, id);
|
||||||
|
|
||||||
|
|
||||||
r = sc_pkcs15_find_pubkey_by_id(p15card, id, &obj);
|
r = sc_pkcs15_find_pubkey_by_id(p15card, id, &obj);
|
||||||
if (r >= 0) {
|
if (r >= 0) {
|
||||||
if (!quiet)
|
if (!quiet)
|
||||||
|
@ -216,7 +214,7 @@ EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
|
||||||
|
|
||||||
/* now, set EVP_PKEY data from pubkey object */
|
/* now, set EVP_PKEY data from pubkey object */
|
||||||
key_out=EVP_PKEY_new();
|
key_out=EVP_PKEY_new();
|
||||||
if(!key_out)
|
if(!key_out)
|
||||||
{fprintf(stderr, "failed to create new EVP_PKEY\n"); return NULL;};
|
{fprintf(stderr, "failed to create new EVP_PKEY\n"); return NULL;};
|
||||||
EVP_PKEY_assign_RSA(key_out,RSA_new_method(e));
|
EVP_PKEY_assign_RSA(key_out,RSA_new_method(e));
|
||||||
#if 0
|
#if 0
|
||||||
|
@ -238,7 +236,7 @@ char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
|
||||||
ui=UI_new();
|
ui=UI_new();
|
||||||
UI_set_method(ui,ui_method);
|
UI_set_method(ui,ui_method);
|
||||||
if(!UI_add_input_string(ui, "SmartCard Password: ", 0, sc_pin, 1, maxlen)) {
|
if(!UI_add_input_string(ui, "SmartCard Password: ", 0, sc_pin, 1, maxlen)) {
|
||||||
fprintf(stderr, "UI_add_input_string failed");
|
fprintf(stderr, "UI_add_input_string failed");
|
||||||
UI_free(ui); return NULL; }
|
UI_free(ui); return NULL; }
|
||||||
if(!UI_process(ui)) {
|
if(!UI_process(ui)) {
|
||||||
fprintf(stderr, "UI_process failed"); return NULL;}
|
fprintf(stderr, "UI_process failed"); return NULL;}
|
||||||
|
@ -251,10 +249,10 @@ EVP_PKEY *opensc_load_private_key(ENGINE *e, const char *s_key_id,
|
||||||
UI_METHOD *ui_method, void *callback_data) {
|
UI_METHOD *ui_method, void *callback_data) {
|
||||||
EVP_PKEY* key_out;
|
EVP_PKEY* key_out;
|
||||||
if(!quiet)
|
if(!quiet)
|
||||||
fprintf(stderr,"Loading private key!");
|
fprintf(stderr,"Loading private key!");
|
||||||
|
|
||||||
if(sc_pin) {free(sc_pin); sc_pin=NULL;}
|
if(sc_pin) {free(sc_pin); sc_pin=NULL;}
|
||||||
key_out=opensc_load_public_key(e, s_key_id, ui_method, callback_data);
|
key_out=opensc_load_public_key(e, s_key_id, ui_method, callback_data);
|
||||||
sc_pin=malloc(12);
|
sc_pin=malloc(12);
|
||||||
get_pin(ui_method,sc_pin,12); /* do this here, when storing sc_pin in RSA */
|
get_pin(ui_method,sc_pin,12); /* do this here, when storing sc_pin in RSA */
|
||||||
#if 0
|
#if 0
|
||||||
|
@ -276,14 +274,14 @@ sc_private_decrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
if (padding != RSA_PKCS1_PADDING)
|
if (padding != RSA_PKCS1_PADDING)
|
||||||
return -1;
|
return -1;
|
||||||
r = sc_prkey_op_init(rsa, &key_obj);
|
r = sc_prkey_op_init(rsa, &key_obj);
|
||||||
if (r)
|
if (r)
|
||||||
return -1;
|
return -1;
|
||||||
r = sc_pkcs15_decipher(p15card, key_obj, 0, from, flen, to, flen);
|
r = sc_pkcs15_decipher(p15card, key_obj, 0, from, flen, to, flen);
|
||||||
sc_unlock(card);
|
sc_unlock(card);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
fprintf(stderr,"sc_pkcs15_decipher() failed: %s", sc_strerror(r));
|
fprintf(stderr,"sc_pkcs15_decipher() failed: %s", sc_strerror(r));
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
return r;
|
return r;
|
||||||
|
@ -298,7 +296,6 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
|
||||||
struct sc_pkcs15_object *key_obj;
|
struct sc_pkcs15_object *key_obj;
|
||||||
int r;
|
int r;
|
||||||
unsigned long flags = 0;
|
unsigned long flags = 0;
|
||||||
|
|
||||||
|
|
||||||
if(!quiet)
|
if(!quiet)
|
||||||
fprintf(stderr,"signing with type %d\n", type);
|
fprintf(stderr,"signing with type %d\n", type);
|
||||||
|
@ -307,7 +304,7 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
|
||||||
return -1;
|
return -1;
|
||||||
/* FIXME: length of sigret correct? */
|
/* FIXME: length of sigret correct? */
|
||||||
/* FIXME: check 'type' and modify flags accordingly */
|
/* FIXME: check 'type' and modify flags accordingly */
|
||||||
flags |= SC_ALGORITHM_RSA_PAD_PKCS1 ;
|
flags |= SC_ALGORITHM_RSA_PAD_PKCS1;
|
||||||
if(type==NID_sha1) flags|=SC_ALGORITHM_RSA_HASH_SHA1;
|
if(type==NID_sha1) flags|=SC_ALGORITHM_RSA_HASH_SHA1;
|
||||||
if(type==NID_md5) flags|=SC_ALGORITHM_RSA_HASH_MD5; /* SC_ALGORITHM_RSA_HASH_SHA1 */
|
if(type==NID_md5) flags|=SC_ALGORITHM_RSA_HASH_MD5; /* SC_ALGORITHM_RSA_HASH_SHA1 */
|
||||||
r = sc_pkcs15_compute_signature(p15card, key_obj, flags,
|
r = sc_pkcs15_compute_signature(p15card, key_obj, flags,
|
||||||
|
@ -315,7 +312,7 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
|
||||||
sc_unlock(card);
|
sc_unlock(card);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
fprintf(stderr,"sc_pkcs15_compute_signature() failed: %s",
|
fprintf(stderr,"sc_pkcs15_compute_signature() failed: %s",
|
||||||
sc_strerror(r));
|
sc_strerror(r));
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
*siglen = r;
|
*siglen = r;
|
||||||
|
@ -331,7 +328,3 @@ sc_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
|
||||||
fprintf(stderr,"Private key encryption not supported");
|
fprintf(stderr,"Private key encryption not supported");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -5,14 +5,13 @@
|
||||||
int opensc_finish(void);
|
int opensc_finish(void);
|
||||||
int opensc_init(void);
|
int opensc_init(void);
|
||||||
EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
|
EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
|
||||||
UI_METHOD *ui_method, void *callback_data) ;
|
UI_METHOD *ui_method, void *callback_data);
|
||||||
EVP_PKEY *opensc_load_private_key(ENGINE *e, const char *s_key_id,
|
EVP_PKEY *opensc_load_private_key(ENGINE *e, const char *s_key_id,
|
||||||
UI_METHOD *ui_method, void *callback_data) ;
|
UI_METHOD *ui_method, void *callback_data);
|
||||||
int sc_private_decrypt(int flen, const u_char *from, u_char *to,
|
int sc_private_decrypt(int flen, const u_char *from, u_char *to,
|
||||||
RSA *rsa, int padding);
|
RSA *rsa, int padding);
|
||||||
int sc_sign(int type, const u_char *m, unsigned int m_len,
|
int sc_sign(int type, const u_char *m, unsigned int m_len,
|
||||||
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
|
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
|
||||||
int sc_private_encrypt(int flen, const u_char *from, u_char *to,
|
int sc_private_encrypt(int flen, const u_char *from, u_char *to,
|
||||||
RSA *rsa, int padding);
|
RSA *rsa, int padding);
|
||||||
int opensc_rsa_finish(RSA* rsa) ;
|
int opensc_rsa_finish(RSA* rsa);
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
* Copyright (c) 2001 Markus Friedl.
|
* Copyright (c) 2001 Markus Friedl.
|
||||||
* Copyright (c) 2002 Olaf Kirch
|
* Copyright (c) 2002 Olaf Kirch
|
||||||
* Copyright (c) 2003 Kevin Stefanik
|
* Copyright (c) 2003 Kevin Stefanik
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* Redistribution and use in source and binary forms, with or without
|
||||||
* modification, are permitted provided that the following conditions
|
* modification, are permitted provided that the following conditions
|
||||||
* are met:
|
* are met:
|
||||||
|
@ -25,14 +25,11 @@
|
||||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include "pkcs11-internal.h"
|
||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <config.h>
|
|
||||||
#include <openssl/crypto.h>
|
#include <openssl/crypto.h>
|
||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include "pkcs11-internal.h"
|
|
||||||
#include "engine_pkcs11.h"
|
#include "engine_pkcs11.h"
|
||||||
|
|
||||||
#define fail(msg) { fprintf(stderr,msg); return NULL;}
|
#define fail(msg) { fprintf(stderr,msg); return NULL;}
|
||||||
|
@ -41,11 +38,7 @@ PKCS11_CTX *ctx;
|
||||||
char* pin;
|
char* pin;
|
||||||
int quiet=1;
|
int quiet=1;
|
||||||
|
|
||||||
#ifndef _WIN32
|
const char *module = PKCS11_DEFAULT_MODULE_NAME;
|
||||||
const char *module = "opensc-pkcs11.so";
|
|
||||||
#else
|
|
||||||
const char *module = "opensc-pkcs11"; /* no need to add .dll */
|
|
||||||
#endif
|
|
||||||
|
|
||||||
int set_module(const char *modulename) {
|
int set_module(const char *modulename) {
|
||||||
module=modulename;
|
module=modulename;
|
||||||
|
@ -57,7 +50,7 @@ char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
|
||||||
ui=UI_new();
|
ui=UI_new();
|
||||||
UI_set_method(ui,ui_method);
|
UI_set_method(ui,ui_method);
|
||||||
if(!UI_add_input_string(ui, "SmartCard PIN: ", 0, sc_pin, 1, maxlen)) {
|
if(!UI_add_input_string(ui, "SmartCard PIN: ", 0, sc_pin, 1, maxlen)) {
|
||||||
fprintf(stderr, "UI_add_input_string failed\n");
|
fprintf(stderr, "UI_add_input_string failed\n");
|
||||||
UI_free(ui); return NULL; }
|
UI_free(ui); return NULL; }
|
||||||
if(!UI_process(ui)) {
|
if(!UI_process(ui)) {
|
||||||
fprintf(stderr, "UI_process failed\n"); return NULL;}
|
fprintf(stderr, "UI_process failed\n"); return NULL;}
|
||||||
|
@ -67,7 +60,7 @@ char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
|
||||||
}
|
}
|
||||||
|
|
||||||
int pkcs11_finish(ENGINE *engine) {
|
int pkcs11_finish(ENGINE *engine) {
|
||||||
|
|
||||||
if (ctx) {
|
if (ctx) {
|
||||||
PKCS11_CTX_free(ctx);
|
PKCS11_CTX_free(ctx);
|
||||||
}
|
}
|
||||||
|
@ -90,34 +83,13 @@ int pkcs11_init(ENGINE *engine) {
|
||||||
|
|
||||||
int
|
int
|
||||||
pkcs11_rsa_finish(RSA* rsa) {
|
pkcs11_rsa_finish(RSA* rsa) {
|
||||||
|
|
||||||
if(pin) {free(pin);}
|
if(pin) {free(pin);}
|
||||||
/* need to free RSA_ex_data? */
|
/* need to free RSA_ex_data? */
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static int hex2byte(const char *hex)
|
|
||||||
{
|
|
||||||
int b = 0;
|
|
||||||
if (hex[0]>='0' && hex[0]<='9')
|
|
||||||
b = hex[0] - '0';
|
|
||||||
else if (hex[0]>='a'&&hex[0]<='f')
|
|
||||||
b = hex[0] - 'a' + 10;
|
|
||||||
else if (hex[0]>='A'&&hex[0]<='F')
|
|
||||||
b = hex[0] - 'A' + 10;
|
|
||||||
else
|
|
||||||
return -1;
|
|
||||||
b *= 16;
|
|
||||||
if (hex[1]>='0' && hex[1]<='9')
|
|
||||||
return b + hex[1] - '0';
|
|
||||||
else if (hex[1]>='a'&&hex[1]<='f')
|
|
||||||
return b + hex[1] - 'a' + 10;
|
|
||||||
else if (hex[1]>='A'&&hex[1]<='F')
|
|
||||||
return b + hex[1] - 'A' + 10;
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int hex_to_bin(const char *in, unsigned char *out, size_t *outlen)
|
static int hex_to_bin(const char *in, unsigned char *out, size_t *outlen)
|
||||||
{
|
{
|
||||||
size_t left, count = 0;
|
size_t left, count = 0;
|
||||||
|
@ -184,7 +156,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
||||||
int slot_nr = -1;
|
int slot_nr = -1;
|
||||||
char flags[64];
|
char flags[64];
|
||||||
int logged_in = 0;
|
int logged_in = 0;
|
||||||
|
|
||||||
/* if(pin) {free(pin); pin=NULL;} // keep cached key? */
|
/* if(pin) {free(pin); pin=NULL;} // keep cached key? */
|
||||||
|
|
||||||
/* Parse s_slot_key_id: [slot:<slotNr>][;][id:<keyID>] or NULL,
|
/* Parse s_slot_key_id: [slot:<slotNr>][;][id:<keyID>] or NULL,
|
||||||
|
@ -287,7 +259,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
||||||
tok = slot->token;
|
tok = slot->token;
|
||||||
|
|
||||||
if (!tok->initialized) {
|
if (!tok->initialized) {
|
||||||
printf("Found uninitialized token; \n");
|
printf("Found uninitialized token; \n");
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -327,7 +299,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
||||||
break;
|
break;
|
||||||
if (pin == NULL) {
|
if (pin == NULL) {
|
||||||
pin=malloc(12);
|
pin=malloc(12);
|
||||||
get_pin(ui_method,pin,12);
|
get_pin(ui_method,pin,12);
|
||||||
}
|
}
|
||||||
if (PKCS11_login(slot, 0, pin))
|
if (PKCS11_login(slot, 0, pin))
|
||||||
fail("Card login failed\n");
|
fail("Card login failed\n");
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
* Copyright (c) 2002 Juha Yrjölä. All rights reserved.
|
* Copyright (c) 2002 Juha Yrjölä. All rights reserved.
|
||||||
* Copyright (c) 2001 Markus Friedl.
|
* Copyright (c) 2001 Markus Friedl.
|
||||||
* Copyright (c) 2003 Kevin Stefanik
|
* Copyright (c) 2003 Kevin Stefanik
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* Redistribution and use in source and binary forms, with or without
|
||||||
* modification, are permitted provided that the following conditions
|
* modification, are permitted provided that the following conditions
|
||||||
* are met:
|
* are met:
|
||||||
|
@ -24,15 +24,13 @@
|
||||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/crypto.h>
|
#include <openssl/crypto.h>
|
||||||
#include <openssl/objects.h>
|
#include <openssl/objects.h>
|
||||||
#include <openssl/engine.h>
|
#include <openssl/engine.h>
|
||||||
|
|
||||||
int set_module(const char *modulename) ;
|
int set_module(const char *modulename);
|
||||||
|
|
||||||
int pkcs11_finish(ENGINE *engine);
|
int pkcs11_finish(ENGINE *engine);
|
||||||
|
|
||||||
|
@ -40,12 +38,11 @@ int pkcs11_init(ENGINE *engine);
|
||||||
|
|
||||||
int pkcs11_rsa_finish(RSA* rsa);
|
int pkcs11_rsa_finish(RSA* rsa);
|
||||||
|
|
||||||
|
|
||||||
EVP_PKEY *pkcs11_load_public_key(ENGINE *e, const char *s_key_id,
|
EVP_PKEY *pkcs11_load_public_key(ENGINE *e, const char *s_key_id,
|
||||||
UI_METHOD *ui_method, void *callback_data);
|
UI_METHOD *ui_method, void *callback_data);
|
||||||
|
|
||||||
EVP_PKEY *pkcs11_load_private_key(ENGINE *e, const char *s_key_id,
|
EVP_PKEY *pkcs11_load_private_key(ENGINE *e, const char *s_key_id,
|
||||||
UI_METHOD *ui_method, void *callback_data) ;
|
UI_METHOD *ui_method, void *callback_data);
|
||||||
|
|
||||||
/* defined in p11_rsa.c */
|
/* defined in p11_rsa.c */
|
||||||
RSA_METHOD * pkcs11_get_rsa_method();
|
RSA_METHOD * pkcs11_get_rsa_method();
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/* crypto/engine/hw_opensc.c */
|
/* crypto/engine/hw_opensc.c */
|
||||||
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
|
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
|
||||||
* project 2000.
|
* project 2000.
|
||||||
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
|
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
|
||||||
* project 2003.
|
* project 2003.
|
||||||
*/
|
*/
|
||||||
/* ====================================================================
|
/* ====================================================================
|
||||||
|
@ -13,7 +13,7 @@
|
||||||
* are met:
|
* are met:
|
||||||
*
|
*
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer.
|
* notice, this list of conditions and the following disclaimer.
|
||||||
*
|
*
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer in
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
@ -59,21 +59,19 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*#include "cryptlib.h"*/
|
#ifdef HAVE_CONFIG_H
|
||||||
|
#include <config.h>
|
||||||
|
#endif
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/engine.h>
|
#include <openssl/engine.h>
|
||||||
#ifndef ENGINE_CMD_BASE
|
#ifndef ENGINE_CMD_BASE
|
||||||
#error did not get engine.h
|
#error did not get engine.h
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include <openssl/crypto.h>
|
#include <openssl/crypto.h>
|
||||||
#include <openssl/dso.h>
|
#include <openssl/dso.h>
|
||||||
|
#include <opensc/opensc.h>
|
||||||
#include "opensc/opensc.h"
|
#include <opensc/pkcs15.h>
|
||||||
#include "opensc/pkcs15.h"
|
|
||||||
|
|
||||||
#include "engine_opensc.h"
|
#include "engine_opensc.h"
|
||||||
|
|
||||||
#define OPENSC_ENGINE_ID "opensc"
|
#define OPENSC_ENGINE_ID "opensc"
|
||||||
|
@ -81,7 +79,6 @@
|
||||||
|
|
||||||
#define CMD_SO_PATH ENGINE_CMD_BASE
|
#define CMD_SO_PATH ENGINE_CMD_BASE
|
||||||
|
|
||||||
|
|
||||||
static int opensc_engine_destroy(ENGINE *e);
|
static int opensc_engine_destroy(ENGINE *e);
|
||||||
static int opensc_engine_init(ENGINE *e);
|
static int opensc_engine_init(ENGINE *e);
|
||||||
static int opensc_engine_finish(ENGINE *e);
|
static int opensc_engine_finish(ENGINE *e);
|
||||||
|
@ -104,8 +101,7 @@ static int opensc_engine_finish(ENGINE *e) {
|
||||||
return opensc_finish();
|
return opensc_finish();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int
|
||||||
static int
|
|
||||||
opensc_engine_init(ENGINE *e)
|
opensc_engine_init(ENGINE *e)
|
||||||
{
|
{
|
||||||
return opensc_init();
|
return opensc_init();
|
||||||
|
@ -130,20 +126,19 @@ static int opensc_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
|
||||||
/* set up default rsa_meth_st with overloaded rsa functions */
|
/* set up default rsa_meth_st with overloaded rsa functions */
|
||||||
/* the actual implementation needs to be in another object */
|
/* the actual implementation needs to be in another object */
|
||||||
|
|
||||||
static int (*orig_finish)(RSA* rsa) ;
|
static int (*orig_finish)(RSA* rsa);
|
||||||
|
|
||||||
static int
|
static int
|
||||||
opensc_engine_rsa_finish(RSA* rsa) {
|
opensc_engine_rsa_finish(RSA* rsa) {
|
||||||
|
|
||||||
opensc_rsa_finish(rsa);
|
opensc_rsa_finish(rsa);
|
||||||
|
|
||||||
if (orig_finish)
|
if (orig_finish)
|
||||||
orig_finish(rsa);
|
orig_finish(rsa);
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static RSA_METHOD * sc_get_rsa_method(void)
|
static RSA_METHOD * sc_get_rsa_method(void)
|
||||||
{
|
{
|
||||||
static RSA_METHOD smart_rsa;
|
static RSA_METHOD smart_rsa;
|
||||||
|
@ -168,7 +163,6 @@ static RSA_METHOD * sc_get_rsa_method(void)
|
||||||
return &smart_rsa;
|
return &smart_rsa;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* This internal function is used by ENGINE_opensc() and possibly by the
|
/* This internal function is used by ENGINE_opensc() and possibly by the
|
||||||
* "dynamic" ENGINE support too */
|
* "dynamic" ENGINE support too */
|
||||||
static int bind_helper(ENGINE *e)
|
static int bind_helper(ENGINE *e)
|
||||||
|
@ -212,7 +206,5 @@ static int bind_fn(ENGINE *e, const char *id)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
IMPLEMENT_DYNAMIC_CHECK_FN()
|
IMPLEMENT_DYNAMIC_CHECK_FN()
|
||||||
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
|
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
/* crypto/engine/hw_pkcs11.c */
|
/* crypto/engine/hw_pkcs11.c */
|
||||||
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
|
/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
|
||||||
* project 2000.
|
* project 2000.
|
||||||
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
|
* Copied/modified by Kevin Stefanik (kstef@mtppi.org) for the OpenSC
|
||||||
* project 2003.
|
* project 2003.
|
||||||
*/
|
*/
|
||||||
/* ====================================================================
|
/* ====================================================================
|
||||||
|
@ -13,7 +13,7 @@
|
||||||
* are met:
|
* are met:
|
||||||
*
|
*
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer.
|
* notice, this list of conditions and the following disclaimer.
|
||||||
*
|
*
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer in
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
@ -59,19 +59,15 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*#include "cryptlib.h"*/
|
#include "pkcs11-internal.h"
|
||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/engine.h>
|
#include <openssl/engine.h>
|
||||||
#ifndef ENGINE_CMD_BASE
|
#ifndef ENGINE_CMD_BASE
|
||||||
#error did not get engine.h
|
#error did not get engine.h
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
#include <openssl/crypto.h>
|
#include <openssl/crypto.h>
|
||||||
#include <openssl/dso.h>
|
#include <openssl/dso.h>
|
||||||
|
|
||||||
#include "engine_pkcs11.h"
|
#include "engine_pkcs11.h"
|
||||||
|
|
||||||
#define PKCS11_ENGINE_ID "pkcs11"
|
#define PKCS11_ENGINE_ID "pkcs11"
|
||||||
|
@ -80,7 +76,6 @@
|
||||||
#define CMD_SO_PATH ENGINE_CMD_BASE
|
#define CMD_SO_PATH ENGINE_CMD_BASE
|
||||||
#define CMD_MODULE_PATH (ENGINE_CMD_BASE+1)
|
#define CMD_MODULE_PATH (ENGINE_CMD_BASE+1)
|
||||||
|
|
||||||
|
|
||||||
static int pkcs11_engine_destroy(ENGINE *e);
|
static int pkcs11_engine_destroy(ENGINE *e);
|
||||||
static int pkcs11_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
|
static int pkcs11_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)());
|
||||||
|
|
||||||
|
@ -100,8 +95,6 @@ static const ENGINE_CMD_DEFN pkcs11_cmd_defns[] = {
|
||||||
{0, NULL, NULL, 0}
|
{0, NULL, NULL, 0}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* Destructor */
|
/* Destructor */
|
||||||
static int pkcs11_engine_destroy(ENGINE *e)
|
static int pkcs11_engine_destroy(ENGINE *e)
|
||||||
{
|
{
|
||||||
|
@ -124,22 +117,19 @@ static int pkcs11_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
|
||||||
/* set up default rsa_meth_st with overloaded rsa functions */
|
/* set up default rsa_meth_st with overloaded rsa functions */
|
||||||
/* the actual implementation needs to be in another object */
|
/* the actual implementation needs to be in another object */
|
||||||
|
|
||||||
static int (*orig_finish)(RSA* rsa) ;
|
static int (*orig_finish)(RSA* rsa);
|
||||||
|
|
||||||
static int
|
static int
|
||||||
pkcs11_engine_rsa_finish(RSA* rsa) {
|
pkcs11_engine_rsa_finish(RSA* rsa) {
|
||||||
|
|
||||||
pkcs11_rsa_finish(rsa);
|
pkcs11_rsa_finish(rsa);
|
||||||
|
|
||||||
if (orig_finish)
|
if (orig_finish)
|
||||||
orig_finish(rsa);
|
orig_finish(rsa);
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/* This internal function is used by ENGINE_pkcs11() and possibly by the
|
/* This internal function is used by ENGINE_pkcs11() and possibly by the
|
||||||
* "dynamic" ENGINE support too */
|
* "dynamic" ENGINE support too */
|
||||||
static int bind_helper(ENGINE *e)
|
static int bind_helper(ENGINE *e)
|
||||||
|
@ -183,7 +173,5 @@ static int bind_fn(ENGINE *e, const char *id)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
IMPLEMENT_DYNAMIC_CHECK_FN()
|
IMPLEMENT_DYNAMIC_CHECK_FN()
|
||||||
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
|
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
|
||||||
|
|
||||||
|
|
|
@ -1,28 +0,0 @@
|
||||||
/*
|
|
||||||
*
|
|
||||||
* libpkcs11.h: OpenSC project's PKCS#11 link library header
|
|
||||||
*
|
|
||||||
* Copyright (C) 2002 Timo Teräs <timo.teras@iki.fi>
|
|
||||||
*
|
|
||||||
* This library is free software; you can redistribute it and/or
|
|
||||||
* modify it under the terms of the GNU Lesser General Public
|
|
||||||
* License as published by the Free Software Foundation; either
|
|
||||||
* version 2.1 of the License, or (at your option) any later version.
|
|
||||||
*
|
|
||||||
* This library is distributed in the hope that it will be useful,
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
||||||
* Lesser General Public License for more details.
|
|
||||||
*
|
|
||||||
* You should have received a copy of the GNU Lesser General Public
|
|
||||||
* License along with this library; if not, write to the Free Software
|
|
||||||
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
||||||
*/
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
extern void *C_LoadModule(const char *name,
|
|
||||||
CK_FUNCTION_LIST_PTR_PTR);
|
|
||||||
extern CK_RV C_UnloadModule(void *);
|
|
||||||
|
|
||||||
|
|
|
@ -7,15 +7,14 @@
|
||||||
* Copyright (C) 2002, Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002, Olaf Kirch <okir@lst.de>
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include "pkcs11-internal.h"
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include "pkcs11-internal.h"
|
|
||||||
|
|
||||||
static int pkcs11_getattr_int(PKCS11_CTX *, CK_SESSION_HANDLE,
|
static int pkcs11_getattr_int(PKCS11_CTX *, CK_SESSION_HANDLE,
|
||||||
CK_OBJECT_HANDLE, CK_ATTRIBUTE_TYPE,
|
CK_OBJECT_HANDLE, CK_ATTRIBUTE_TYPE,
|
||||||
void *, size_t *);
|
void *, size_t *);
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Query pkcs11 attributes
|
* Query pkcs11 attributes
|
||||||
*/
|
*/
|
||||||
|
@ -25,7 +24,7 @@ pkcs11_getattr_int(PKCS11_CTX *ctx, CK_SESSION_HANDLE session,
|
||||||
{
|
{
|
||||||
CK_ATTRIBUTE templ;
|
CK_ATTRIBUTE templ;
|
||||||
int rv;
|
int rv;
|
||||||
|
|
||||||
templ.type = type;
|
templ.type = type;
|
||||||
templ.pValue = value;
|
templ.pValue = value;
|
||||||
templ.ulValueLen = *size;
|
templ.ulValueLen = *size;
|
||||||
|
|
|
@ -4,8 +4,8 @@
|
||||||
* Copyright (C) 2002, Olaf Kirch <okir@lst.de>
|
* Copyright (C) 2002, Olaf Kirch <okir@lst.de>
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <string.h>
|
|
||||||
#include "pkcs11-internal.h"
|
#include "pkcs11-internal.h"
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
static int pkcs11_find_certs(PKCS11_TOKEN *);
|
static int pkcs11_find_certs(PKCS11_TOKEN *);
|
||||||
static int pkcs11_next_cert(PKCS11_CTX *, PKCS11_TOKEN *,
|
static int pkcs11_next_cert(PKCS11_CTX *, PKCS11_TOKEN *,
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
* are met:
|
* are met:
|
||||||
*
|
*
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer.
|
* notice, this list of conditions and the following disclaimer.
|
||||||
*
|
*
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer in
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
@ -205,4 +205,3 @@ ERR_load_PKCS11_strings(void)
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
* are met:
|
* are met:
|
||||||
*
|
*
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer.
|
* notice, this list of conditions and the following disclaimer.
|
||||||
*
|
*
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer in
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
@ -55,8 +55,8 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <string.h>
|
|
||||||
#include "pkcs11-internal.h"
|
#include "pkcs11-internal.h"
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
static int pkcs11_find_keys(PKCS11_TOKEN *, unsigned int);
|
static int pkcs11_find_keys(PKCS11_TOKEN *, unsigned int);
|
||||||
static int pkcs11_next_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
|
static int pkcs11_next_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
* are met:
|
* are met:
|
||||||
*
|
*
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer.
|
* notice, this list of conditions and the following disclaimer.
|
||||||
*
|
*
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer in
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
@ -55,13 +55,9 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <string.h>
|
|
||||||
#include "pkcs11-internal.h"
|
#include "pkcs11-internal.h"
|
||||||
#include "libpkcs11.h"
|
#include <string.h>
|
||||||
|
|
||||||
#ifndef PKCS11_MODULE_DIR
|
|
||||||
#define PKCS11_MODULE_DIR "/usr/lib/pkcs11"
|
|
||||||
#endif
|
|
||||||
/* I don't think the comment below applies...? _KLS */
|
/* I don't think the comment below applies...? _KLS */
|
||||||
/* Currently, when we dlclose the pkcs11 module, this will
|
/* Currently, when we dlclose the pkcs11 module, this will
|
||||||
* also unload all sorts of other libraries, e.g. the pcsc-lite
|
* also unload all sorts of other libraries, e.g. the pcsc-lite
|
||||||
|
@ -71,11 +67,8 @@
|
||||||
* but is not anymore. The typical ``watch me walk over the edge
|
* but is not anymore. The typical ``watch me walk over the edge
|
||||||
* of that cliff there'' thing.
|
* of that cliff there'' thing.
|
||||||
*/
|
*/
|
||||||
#undef DLCLOSE_OKAY
|
|
||||||
#ifndef DLCLOSE_OKAY
|
|
||||||
/*static const char * the_module = NULL;*/
|
|
||||||
static void * the_handler = NULL;
|
static void * the_handler = NULL;
|
||||||
#endif
|
|
||||||
/*
|
/*
|
||||||
* Create a new context
|
* Create a new context
|
||||||
*/
|
*/
|
||||||
|
@ -174,5 +167,3 @@ PKCS11_CTX_free(PKCS11_CTX *ctx)
|
||||||
OPENSSL_free(ctx->_private);
|
OPENSSL_free(ctx->_private);
|
||||||
OPENSSL_free(ctx);
|
OPENSSL_free(ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
* are met:
|
* are met:
|
||||||
*
|
*
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer.
|
* notice, this list of conditions and the following disclaimer.
|
||||||
*
|
*
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer in
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
@ -55,9 +55,9 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include "pkcs11-internal.h"
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/crypto.h>
|
#include <openssl/crypto.h>
|
||||||
#include "pkcs11-internal.h"
|
|
||||||
|
|
||||||
void *
|
void *
|
||||||
pkcs11_malloc(size_t size)
|
pkcs11_malloc(size_t size)
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
* are met:
|
* are met:
|
||||||
*
|
*
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer.
|
* notice, this list of conditions and the following disclaimer.
|
||||||
*
|
*
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer in
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
@ -60,12 +60,11 @@
|
||||||
* PKCS11 token
|
* PKCS11 token
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include "pkcs11-internal.h"
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/rsa.h>
|
#include <openssl/rsa.h>
|
||||||
|
|
||||||
#include "pkcs11-internal.h"
|
|
||||||
|
|
||||||
static int pkcs11_get_rsa_public(PKCS11_KEY *, EVP_PKEY *);
|
static int pkcs11_get_rsa_public(PKCS11_KEY *, EVP_PKEY *);
|
||||||
static int pkcs11_get_rsa_private(PKCS11_KEY *, EVP_PKEY *);
|
static int pkcs11_get_rsa_private(PKCS11_KEY *, EVP_PKEY *);
|
||||||
RSA_METHOD * pkcs11_get_rsa_method();
|
RSA_METHOD * pkcs11_get_rsa_method();
|
||||||
|
@ -75,7 +74,6 @@ RSA_METHOD * pkcs11_get_rsa_method();
|
||||||
#define key_getattr_bn(k, t, bn) \
|
#define key_getattr_bn(k, t, bn) \
|
||||||
pkcs11_getattr_bn(KEY2TOKEN(key), PRIVKEY(key)->object, t, bn)
|
pkcs11_getattr_bn(KEY2TOKEN(key), PRIVKEY(key)->object, t, bn)
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Get RSA key material
|
* Get RSA key material
|
||||||
*/
|
*/
|
||||||
|
@ -128,7 +126,7 @@ pkcs11_rsa_decrypt(int flen, const unsigned char *from, unsigned char *to,
|
||||||
PKCS11_KEY *key = (PKCS11_KEY *) RSA_get_app_data(rsa);
|
PKCS11_KEY *key = (PKCS11_KEY *) RSA_get_app_data(rsa);
|
||||||
|
|
||||||
if (padding != RSA_PKCS1_PADDING)
|
if (padding != RSA_PKCS1_PADDING)
|
||||||
return -1;
|
return -1;
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
* are met:
|
* are met:
|
||||||
*
|
*
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer.
|
* notice, this list of conditions and the following disclaimer.
|
||||||
*
|
*
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer in
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
@ -55,9 +55,9 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include "pkcs11-internal.h"
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <openssl/buffer.h>
|
#include <openssl/buffer.h>
|
||||||
#include "pkcs11-internal.h"
|
|
||||||
|
|
||||||
static int pkcs11_init_slot(PKCS11_CTX *, PKCS11_SLOT *, CK_SLOT_ID);
|
static int pkcs11_init_slot(PKCS11_CTX *, PKCS11_SLOT *, CK_SLOT_ID);
|
||||||
static int pkcs11_check_token(PKCS11_CTX *, PKCS11_SLOT *);
|
static int pkcs11_check_token(PKCS11_CTX *, PKCS11_SLOT *);
|
||||||
|
@ -82,7 +82,7 @@ PKCS11_enumerate_slots(PKCS11_CTX *ctx,
|
||||||
rv = priv->method->C_GetSlotList(FALSE, slotid, &nslots);
|
rv = priv->method->C_GetSlotList(FALSE, slotid, &nslots);
|
||||||
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_SLOTS, rv);
|
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_SLOTS, rv);
|
||||||
|
|
||||||
slots = (PKCS11_SLOT *) pkcs11_malloc(nslots
|
slots = (PKCS11_SLOT *) pkcs11_malloc(nslots
|
||||||
* sizeof(PKCS11_SLOT));
|
* sizeof(PKCS11_SLOT));
|
||||||
for (n = 0; n < nslots; n++) {
|
for (n = 0; n < nslots; n++) {
|
||||||
if (pkcs11_init_slot(ctx, &slots[n], slotid[n])) {
|
if (pkcs11_init_slot(ctx, &slots[n], slotid[n])) {
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
* are met:
|
* are met:
|
||||||
*
|
*
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer.
|
* notice, this list of conditions and the following disclaimer.
|
||||||
*
|
*
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
* notice, this list of conditions and the following disclaimer in
|
* notice, this list of conditions and the following disclaimer in
|
||||||
|
@ -58,36 +58,19 @@
|
||||||
#ifndef HEADER_PKCS11_INTERNAL_H
|
#ifndef HEADER_PKCS11_INTERNAL_H
|
||||||
#define HEADER_PKCS11_INTERNAL_H
|
#define HEADER_PKCS11_INTERNAL_H
|
||||||
|
|
||||||
|
#ifdef HAVE_CONFIG_H
|
||||||
|
#include <config.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
#include <openssl/bio.h>
|
#include <openssl/bio.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/x509.h>
|
#include <openssl/x509.h>
|
||||||
|
#include <opensc/pkcs11.h>
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* PKCS11 specific weirdo macros */
|
|
||||||
#define CK_PTR *
|
|
||||||
#define NULL_PTR 0
|
|
||||||
#define CK_DEFINE_FUNCTION(returnType, name) \
|
|
||||||
returnType name
|
|
||||||
#define CK_DECLARE_FUNCTION(returnType, name) \
|
|
||||||
returnType name
|
|
||||||
#define CK_DECLARE_FUNCTION_POINTER(returnType, name) \
|
|
||||||
returnType (*name)
|
|
||||||
#define CK_CALLBACK_FUNCTION(returnType, name) \
|
|
||||||
returnType (*name)
|
|
||||||
|
|
||||||
|
|
||||||
#ifndef _WIN32
|
|
||||||
#include "opensc/rsaref/pkcs11.h"
|
|
||||||
#else
|
|
||||||
#pragma pack(push, cryptoki, 1)
|
|
||||||
#include "opensc/rsaref/pkcs11.h"
|
|
||||||
#pragma pack(pop, cryptoki)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
|
|
||||||
/* get some structures for local code to handle pkcs11 data readily */
|
/* get some structures for local code to handle pkcs11 data readily */
|
||||||
/* Use the first free lib ID available */
|
/* Use the first free lib ID available */
|
||||||
#define ERR_LIB_PKCS11 42
|
#define ERR_LIB_PKCS11 42
|
||||||
|
@ -302,8 +285,6 @@ typedef struct pkcs11_cert_private {
|
||||||
} PKCS11_CERT_private;
|
} PKCS11_CERT_private;
|
||||||
#define PRIVCERT(cert) ((PKCS11_CERT_private *) cert->_private)
|
#define PRIVCERT(cert) ((PKCS11_CERT_private *) cert->_private)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Mapping Cryptoki error codes to those used internally
|
* Mapping Cryptoki error codes to those used internally
|
||||||
* by this code.
|
* by this code.
|
||||||
|
@ -364,4 +345,3 @@ extern PKCS11_KEY_ops pkcs11_rsa_ops;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue