pkcs15-tool.c - print Supported_algorithms from tokenInfo

Some cards can provide supported algorithms in tokenInfo
which contain ECDSA OID, and PKCS11 mechanism

Don't know how many Algo_refs were actually read,
and a ref of 0 may be valid. print at least one Algo_refs.

Print the mechanism from PKCS11, and print operations
Use the $(top_srcdir)/src/pkcs11/pkcs11-display.c  on Unix
Use the $(TOPDIR)\src\pkcs11\pkcs11-display.obj on Windows

pkcs15.tool.c treat ECDSA OID as inline

pkcs15-tool prints PKCS11 mechanisms using pkcs11-display.c
Automake now warns that the default will change, in the future
so "[subdir-objects]" is added to configure.ac

 Changes to be committed:
	modified:   configure.ac
	modified:   src/tools/Makefile.am
	modified:   src/tools/Makefile.mak
	modified:   src/tools/pkcs15-tool.c

configure.ac

@@ -27,7 +27,7 @@ AC_INIT([PRODUCT_NAME],[PACKAGE_VERSION_MAJOR.PACKAGE_VERSION_MINOR.PACKAGE_VERS
 AC_CONFIG_AUX_DIR([.])
 AC_CONFIG_HEADERS([config.h])
 AC_CONFIG_MACRO_DIR([m4])
-AM_INIT_AUTOMAKE(foreign 1.10)
+AM_INIT_AUTOMAKE(foreign 1.10 [subdir-objects])
 
 OPENSC_VERSION_MAJOR="PACKAGE_VERSION_MAJOR"
 OPENSC_VERSION_MINOR="PACKAGE_VERSION_MINOR"

src/tools/Makefile.am

@@ -52,7 +52,7 @@ piv_tool_SOURCES = piv-tool.c util.c
 piv_tool_LDADD = $(OPTIONAL_OPENSSL_LIBS)
 opensc_explorer_SOURCES = opensc-explorer.c util.c
 opensc_explorer_LDADD = $(OPTIONAL_READLINE_LIBS)
-pkcs15_tool_SOURCES = pkcs15-tool.c util.c
+pkcs15_tool_SOURCES = pkcs15-tool.c util.c ../pkcs11/pkcs11-display.c ../pkcs11/pkcs11-display.h
 pkcs15_tool_LDADD = $(OPTIONAL_OPENSSL_LIBS)
 pkcs11_tool_SOURCES = pkcs11-tool.c util.c
 pkcs11_tool_LDADD = \

src/tools/Makefile.mak

@@ -52,6 +52,11 @@ pkcs11-register.exe: pkcs11-register-cmdline.obj fread_to_eof.obj $(LIBS)
 	link $(LINKFLAGS) /pdb:$*.pdb /out:$@ $*.obj pkcs11-register-cmdline.obj fread_to_eof.obj versioninfo-tools.res $(LIBS) gdi32.lib shell32.lib User32.lib ws2_32.lib
 	mt -manifest exe.manifest -outputresource:$@;1
 
+pkcs15-tool.exe: pkcs15-tool.obj $(TOPDIR)\src\pkcs11\pkcs11-display.obj
+	cl $(COPTS) /c $*.c
+	link $(LINKFLAGS) /pdb:$*.pdb /out:$@ $*.obj $(TOPDIR)\src\pkcs11\pkcs11-display.obj $(OBJECTS) $(LIBS) $(OPENSSL_LIB) gdi32.lib shell32.lib User32.lib ws2_32.lib
+	mt -manifest exe.manifest -outputresource:$@;1
+
 .c.exe:
 	cl $(COPTS) /c $<
 	link $(LINKFLAGS) /pdb:$*.pdb /out:$@ $*.obj $(OBJECTS) $(LIBS) $(OPENSSL_LIB) gdi32.lib shell32.lib User32.lib ws2_32.lib

src/tools/pkcs15-tool.c

@@ -57,6 +57,7 @@ typedef unsigned __int32 uint32_t;
 #include "libopensc/pkcs15.h"
 #include "libopensc/asn1.h"
 #include "util.h"
+#include "pkcs11/pkcs11-display.h"
 
 static const char *app_name = "pkcs15-tool";
 
@@ -607,6 +608,8 @@ static void print_prkey_info(const struct sc_pkcs15_object *obj)
 	struct sc_pkcs15_prkey_info *prkey = (struct sc_pkcs15_prkey_info *) obj->data;
 	unsigned char guid[40];
 	size_t guid_len;
+	int i;
+	int last_algo_refs = 0;
 
 	if (compact) {
 		printf("\t%-3s", key_types[7 & obj->type]);
@@ -635,6 +638,16 @@ static void print_prkey_info(const struct sc_pkcs15_object *obj)
 	printf("\tAccess Flags   : [0x%02X]", prkey->access_flags);
 	print_key_access_flags(prkey->access_flags);
 	printf("\n");
+	printf("\tAlgo_refs      : ");
+	/* zero may be valid and don't know how many were read  print at least 1*/
+	for (i = 0; i< SC_MAX_SUPPORTED_ALGORITHMS; i++) {
+		if (prkey->algo_refs[i] != 0)
+			last_algo_refs = i;
+	}
+	for (i = 0; i< last_algo_refs + 1; i++) {
+		printf("%s%u", (i == 0) ? "" : ", ", prkey->algo_refs[i]);
+	}
+	printf("\n");
 
 	print_access_rules(obj->access_rules, SC_PKCS15_MAX_ACCESS_RULES);
 
@@ -1645,6 +1658,21 @@ static int list_apps(FILE *fout)
 	return 0;
 }
 
+
+static void print_supported_algo_info_operations(unsigned int operation)
+
+{
+	size_t i;
+	const char *operations[] = {
+		"compute_checksum", "compute_signature", "verify_checksum", "verify_signature",
+		"encipher", "decipher", "hash", "generate/derive_key"
+	};
+	const size_t operations_count = NELEMENTS(operations);
+	for (i = 0; i < operations_count; i++)
+		if (operation & (1 << i))
+			printf(", %s", operations[i]);
+}
+
 static void list_info(void)
 {
 	const char *flags[] = {
@@ -1655,6 +1683,7 @@ static void list_info(void)
 	};
 	char *last_update = sc_pkcs15_get_lastupdate(p15card);
 	int i, count = 0;
+	int idx;
 
 	printf("PKCS#15 Card [%s]:\n", p15card->tokeninfo->label);
 	printf("\tVersion        : %d\n", p15card->tokeninfo->version);
@@ -1675,6 +1704,34 @@ static void list_info(void)
 			count++;
 		}
 	}
+	printf("\n");
+	for (i = 0; i < SC_MAX_SUPPORTED_ALGORITHMS; i++) {
+		struct sc_supported_algo_info * sa = &p15card->tokeninfo->supported_algos[i];
+
+		if (sa->reference == 0 && sa->reference == 0 && sa->mechanism == 0
+				&& sa->operations == 0 && sa->algo_ref == 0)
+					break;
+		printf("\t\t sc_supported_algo_info[%d]:\n", i);
+		printf("\t\t\t reference  : %u (0x%02x)\n", sa->reference, sa->reference);
+		printf("\t\t\t mechanism  : [0x%02x] %s\n", sa->mechanism, lookup_enum(MEC_T, sa->mechanism));
+		if (sc_valid_oid(&sa->parameters)) {
+			printf("\t\t\t parameters:  %i", sa->parameters.value[0]);
+			for (idx = 1; idx < SC_MAX_OBJECT_ID_OCTETS && sa->parameters.value[idx] != -1 ; idx++)
+				printf(".%i", sa->parameters.value[idx]);
+			printf("\n");
+		}
+		printf("\t\t\t operations : [0x%2.2x]",sa->operations);
+		print_supported_algo_info_operations(sa->operations);
+		printf("\n");
+		if (sc_valid_oid((const struct sc_object_id*)&sa->algo_id)) {
+			printf("\t\t\t algo_id    : %i", sa->algo_id.value[0]);
+			for (idx = 1; idx < SC_MAX_OBJECT_ID_OCTETS && sa->algo_id.value[idx] != -1 ; idx++)
+				printf(".%i", sa->algo_id.value[idx]);
+			printf("\n");
+		}
+		printf("\t\t\t algo_ref   : [0x%02x]\n",sa->algo_ref);
+	}
+
 	printf((compact) ? "\n" : "\n\n");
 }