Bunch of generic compiler warning and C++ fixes
before indenting the sources, apparently OpenSSL engines are not under a heavy development anymore. git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1425 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
ba1a685c8e
commit
a02ef5e722
|
@ -86,7 +86,7 @@ err:
|
|||
int
|
||||
opensc_rsa_finish(RSA* rsa) {
|
||||
struct sc_pkcs15_key_id *key_id;
|
||||
key_id = RSA_get_app_data(rsa);
|
||||
key_id = (struct sc_pkcs15_key_id *) RSA_get_app_data(rsa);
|
||||
free(key_id);
|
||||
if(sc_pin) {free(sc_pin);}
|
||||
return 1;
|
||||
|
@ -135,7 +135,7 @@ sc_prkey_op_init(const RSA *rsa, struct sc_pkcs15_object **key_obj_out)
|
|||
sc_strerror(r));
|
||||
goto err;
|
||||
}
|
||||
key = key_obj->data;
|
||||
key = (struct sc_pkcs15_prkey_info *) key_obj->data;
|
||||
r = sc_pkcs15_find_pin_by_auth_id(p15card, &key_obj->auth_id,
|
||||
&pin_obj);
|
||||
if (r) {
|
||||
|
@ -143,7 +143,7 @@ sc_prkey_op_init(const RSA *rsa, struct sc_pkcs15_object **key_obj_out)
|
|||
sc_strerror(r));
|
||||
goto err;
|
||||
}
|
||||
pin = pin_obj->data;
|
||||
pin = (struct sc_pkcs15_pin_info *) pin_obj->data;
|
||||
|
||||
r = sc_lock(card);
|
||||
if (r) {
|
||||
|
@ -151,7 +151,7 @@ sc_prkey_op_init(const RSA *rsa, struct sc_pkcs15_object **key_obj_out)
|
|||
goto err;
|
||||
}
|
||||
if (sc_pin != NULL) {
|
||||
r = sc_pkcs15_verify_pin(p15card, pin, sc_pin,
|
||||
r = sc_pkcs15_verify_pin(p15card, pin, (const u8 *) sc_pin,
|
||||
strlen(sc_pin));
|
||||
if (r) {
|
||||
sc_unlock(card);
|
||||
|
@ -180,7 +180,7 @@ EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
|
|||
|
||||
if(!quiet)
|
||||
fprintf(stderr,"Loading public key!\n");
|
||||
id=malloc(sizeof(struct sc_pkcs15_id));
|
||||
id = (struct sc_pkcs15_id *) malloc(sizeof(struct sc_pkcs15_id));
|
||||
id->len = SC_PKCS15_MAX_ID_SIZE;
|
||||
sc_pkcs15_hex_string_to_id(s_key_id, id);
|
||||
|
||||
|
@ -253,12 +253,8 @@ EVP_PKEY *opensc_load_private_key(ENGINE *e, const char *s_key_id,
|
|||
|
||||
if(sc_pin) {free(sc_pin); sc_pin=NULL;}
|
||||
key_out=opensc_load_public_key(e, s_key_id, ui_method, callback_data);
|
||||
sc_pin=malloc(12);
|
||||
sc_pin=(char *) malloc(12);
|
||||
get_pin(ui_method,sc_pin,12); /* do this here, when storing sc_pin in RSA */
|
||||
#if 0
|
||||
memset(sc_pin,0x0,12);
|
||||
free(sc_pin);
|
||||
#endif
|
||||
if(!key_out) {
|
||||
fprintf(stderr,"Failed to get private key");
|
||||
return NULL;
|
||||
|
@ -306,7 +302,7 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
|
|||
/* FIXME: check 'type' and modify flags accordingly */
|
||||
flags |= SC_ALGORITHM_RSA_PAD_PKCS1;
|
||||
if(type==NID_sha1) flags|=SC_ALGORITHM_RSA_HASH_SHA1;
|
||||
if(type==NID_md5) flags|=SC_ALGORITHM_RSA_HASH_MD5; /* SC_ALGORITHM_RSA_HASH_SHA1 */
|
||||
if(type==NID_md5) flags|=SC_ALGORITHM_RSA_HASH_MD5;
|
||||
r = sc_pkcs15_compute_signature(p15card, key_obj, flags,
|
||||
m, m_len, sigret, RSA_size(rsa));
|
||||
sc_unlock(card);
|
||||
|
|
|
@ -1,9 +1,13 @@
|
|||
#ifndef _ENGINE_OPENSC_H
|
||||
#define _ENGINE_OPENSC_H
|
||||
|
||||
#include <openssl/rsa.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
int opensc_finish(void);
|
||||
int opensc_init(void);
|
||||
|
||||
EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
|
||||
UI_METHOD *ui_method, void *callback_data);
|
||||
EVP_PKEY *opensc_load_private_key(ENGINE *e, const char *s_key_id,
|
||||
|
@ -15,3 +19,5 @@ int sc_sign(int type, const u_char *m, unsigned int m_len,
|
|||
int sc_private_encrypt(int flen, const u_char *from, u_char *to,
|
||||
RSA *rsa, int padding);
|
||||
int opensc_rsa_finish(RSA* rsa);
|
||||
|
||||
#endif
|
||||
|
|
|
@ -142,7 +142,7 @@ static int hex_to_bin(const char *in, unsigned char *out, size_t *outlen)
|
|||
#define MAX_VALUE_LEN 200
|
||||
|
||||
EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
||||
UI_METHOD *ui_method, void *callback_data, int private) {
|
||||
UI_METHOD *ui_method, void *callback_data, int isPrivate) {
|
||||
|
||||
PKCS11_SLOT *slot_list, *slot;
|
||||
PKCS11_TOKEN *tok;
|
||||
|
@ -152,13 +152,11 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
|||
unsigned int count, n, m;
|
||||
unsigned char key_id[MAX_VALUE_LEN / 2];
|
||||
char *s_key_id = NULL, buf[MAX_VALUE_LEN];
|
||||
int key_id_len = sizeof(key_id);
|
||||
size_t key_id_len = sizeof(key_id);
|
||||
int slot_nr = -1;
|
||||
char flags[64];
|
||||
int logged_in = 0;
|
||||
|
||||
/* if(pin) {free(pin); pin=NULL;} // keep cached key? */
|
||||
|
||||
/* Parse s_slot_key_id: [slot:<slotNr>][;][id:<keyID>] or NULL,
|
||||
with slotNr in decimal (0 = first slot, ...), and keyID in hex.
|
||||
E.g. "slot=1" or "id=46" or "slot=1;id=46 */
|
||||
|
@ -263,7 +261,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
|||
return NULL;
|
||||
}
|
||||
|
||||
if (private && !tok->userPinSet && !tok->readOnly) {
|
||||
if (isPrivate && !tok->userPinSet && !tok->readOnly) {
|
||||
printf("Found slot without user PIN\n");
|
||||
return NULL;
|
||||
}
|
||||
|
@ -298,7 +296,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
|||
if (logged_in || !tok->loginRequired)
|
||||
break;
|
||||
if (pin == NULL) {
|
||||
pin=malloc(12);
|
||||
pin=(char *) malloc(12);
|
||||
get_pin(ui_method,pin,12);
|
||||
}
|
||||
if (PKCS11_login(slot, 0, pin))
|
||||
|
@ -316,7 +314,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
|||
PKCS11_KEY *k = keys + n;
|
||||
|
||||
printf(" %2u %c%c %s\n", n+1,
|
||||
k->private? 'P' : ' ',
|
||||
k->isPrivate? 'P' : ' ',
|
||||
k->needLogin? 'L' : ' ',
|
||||
k->label);
|
||||
|
||||
|
@ -336,7 +334,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
|
|||
selected_key = &keys[0];
|
||||
}
|
||||
|
||||
if(private) {
|
||||
if(isPrivate) {
|
||||
pk = PKCS11_get_private_key(selected_key);
|
||||
} else {
|
||||
/*pk = PKCS11_get_public_key(&keys[0]);
|
||||
|
|
|
@ -24,6 +24,9 @@
|
|||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifndef _ENGINE_PKCS11_H
|
||||
#define _ENGINE_PKCS11_H
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <openssl/crypto.h>
|
||||
|
@ -45,4 +48,6 @@ EVP_PKEY *pkcs11_load_private_key(ENGINE *e, const char *s_key_id,
|
|||
UI_METHOD *ui_method, void *callback_data);
|
||||
|
||||
/* defined in p11_rsa.c */
|
||||
RSA_METHOD * pkcs11_get_rsa_method();
|
||||
RSA_METHOD * pkcs11_get_rsa_method(void);
|
||||
|
||||
#endif
|
||||
|
|
|
@ -97,7 +97,6 @@ static const ENGINE_CMD_DEFN opensc_cmd_defns[] = {
|
|||
};
|
||||
|
||||
static int opensc_engine_finish(ENGINE *e) {
|
||||
/*opensc_close();*/
|
||||
return opensc_finish();
|
||||
}
|
||||
|
||||
|
@ -115,7 +114,6 @@ static int opensc_engine_destroy(ENGINE *e)
|
|||
|
||||
static int opensc_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
|
||||
{
|
||||
/*int initialised = ((opensc_dso == NULL) ? 0 : 1);*/
|
||||
switch(cmd)
|
||||
{
|
||||
default:
|
||||
|
|
|
@ -123,7 +123,7 @@ pkcs11_addattr_obj(CK_ATTRIBUTE_PTR ap, int type, pkcs11_i2d_fn enc, void *obj)
|
|||
|
||||
ap->type = type;
|
||||
ap->ulValueLen = enc(obj, NULL);
|
||||
ap->pValue = p = malloc(ap->ulValueLen);
|
||||
ap->pValue = p = (unsigned char *) malloc(ap->ulValueLen);
|
||||
enc(obj, &p);
|
||||
}
|
||||
|
||||
|
|
|
@ -155,12 +155,12 @@ pkcs11_init_cert(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
|
|||
cert->label = BUF_strdup(label);
|
||||
size = sizeof(data);
|
||||
if (!pkcs11_getattr_var(token, obj, CKA_VALUE, data, &size)) {
|
||||
unsigned char *p = data;
|
||||
unsigned char *p = (unsigned char *) data;
|
||||
|
||||
cert->x509 = d2i_X509(NULL, &p, size);
|
||||
}
|
||||
cert->id_len = sizeof(id);
|
||||
if (!pkcs11_getattr_var(token, obj, CKA_ID, id, &cert->id_len)) {
|
||||
if (!pkcs11_getattr_var(token, obj, CKA_ID, id, (size_t *) &cert->id_len)) {
|
||||
cert->id = (unsigned char *) malloc(cert->id_len);
|
||||
memcpy(cert->id, id, cert->id_len);
|
||||
}
|
||||
|
|
|
@ -285,11 +285,11 @@ pkcs11_init_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
|
|||
if (!pkcs11_getattr_s(token, obj, CKA_LABEL, label, sizeof(label)))
|
||||
key->label = BUF_strdup(label);
|
||||
key->id_len = sizeof(id);
|
||||
if (!pkcs11_getattr_var(token, obj, CKA_ID, id, &key->id_len)) {
|
||||
if (!pkcs11_getattr_var(token, obj, CKA_ID, id, (size_t *) &key->id_len)) {
|
||||
key->id = (unsigned char *) malloc(key->id_len);
|
||||
memcpy(key->id, id, key->id_len);
|
||||
}
|
||||
key->private = (type == CKO_PRIVATE_KEY);
|
||||
key->isPrivate = (type == CKO_PRIVATE_KEY);
|
||||
|
||||
/* Initialize internal information */
|
||||
kpriv->id_len = sizeof(kpriv->id);
|
||||
|
|
|
@ -58,22 +58,13 @@
|
|||
#include "pkcs11-internal.h"
|
||||
#include <string.h>
|
||||
|
||||
/* I don't think the comment below applies...? _KLS */
|
||||
/* Currently, when we dlclose the pkcs11 module, this will
|
||||
* also unload all sorts of other libraries, e.g. the pcsc-lite
|
||||
* library. This library installs an exit handler using atexit.
|
||||
* So when we return from main(), we end up with an exit handler
|
||||
* pointing to some area of memory where libpcsc-lite used to be,
|
||||
* but is not anymore. The typical ``watch me walk over the edge
|
||||
* of that cliff there'' thing.
|
||||
*/
|
||||
static void *handle = NULL;
|
||||
|
||||
/*
|
||||
* Create a new context
|
||||
*/
|
||||
PKCS11_CTX *
|
||||
PKCS11_CTX_new()
|
||||
PKCS11_CTX_new(void)
|
||||
{
|
||||
PKCS11_CTX_private *priv;
|
||||
PKCS11_CTX *ctx;
|
||||
|
@ -110,17 +101,6 @@ PKCS11_CTX_load(PKCS11_CTX *ctx, const char *name)
|
|||
PKCS11err(PKCS11_F_PKCS11_CTX_LOAD, PKCS11_LOAD_MODULE_ERROR);
|
||||
return -1;
|
||||
}
|
||||
#if 0
|
||||
priv->method = PKCS11_NEW(PKCS11_method);
|
||||
base = (caddr_t) (priv->method);
|
||||
for (sym = pkcs11_symbols; sym->name; sym++) {
|
||||
if (!bind_symbol(priv, sym->name, (void **) (base + sym->offset))) {
|
||||
PKCS11err(PKCS11_F_PKCS11_CTX_LOAD,
|
||||
PKCS11_SYMBOL_NOT_FOUND_ERROR);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Tell the PKCS11 to initialize itself */
|
||||
rv = priv->method->C_Initialize(NULL);
|
||||
|
|
|
@ -78,7 +78,7 @@ pkcs11_strdup(char *mem, size_t size)
|
|||
|
||||
while (size && mem[size-1] == ' ')
|
||||
size--;
|
||||
res = OPENSSL_malloc(size+1);
|
||||
res = (char *) OPENSSL_malloc(size+1);
|
||||
memcpy(res, mem, size);
|
||||
res[size] = '\0';
|
||||
return res;
|
||||
|
|
|
@ -67,7 +67,7 @@
|
|||
|
||||
static int pkcs11_get_rsa_public(PKCS11_KEY *, EVP_PKEY *);
|
||||
static int pkcs11_get_rsa_private(PKCS11_KEY *, EVP_PKEY *);
|
||||
RSA_METHOD * pkcs11_get_rsa_method();
|
||||
RSA_METHOD * pkcs11_get_rsa_method(void);
|
||||
|
||||
#define key_getattr(k, t, p, s) \
|
||||
pkcs11_getattr(KEY2TOKEN(key), PRIVKEY(key)->object, t, p, s)
|
||||
|
@ -175,7 +175,7 @@ pkcs11_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
|
|||
* by OpenSSL). The library assumes that the memory passed
|
||||
* by the caller is always big enough */
|
||||
sigsize = BN_num_bytes(rsa->n);
|
||||
rv = CRYPTOKI_call(ctx, C_Sign(session, m, m_len, sigret, &sigsize));
|
||||
rv = CRYPTOKI_call(ctx, C_Sign(session, (CK_BYTE *) m, m_len, sigret, &sigsize));
|
||||
if (rv)
|
||||
goto fail;
|
||||
|
||||
|
@ -194,14 +194,15 @@ fail: PKCS11err(PKCS11_F_PKCS11_RSA_SIGN, pkcs11_map_err(rv));
|
|||
*/
|
||||
static int
|
||||
pkcs11_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
|
||||
unsigned char *signature, unsigned int siglen, RSA *rsa)
|
||||
unsigned char *signature, unsigned int siglen, const RSA *rsa)
|
||||
{
|
||||
RSA *r = (RSA *) rsa; /* Ugly hack to get rid of compiler warning */
|
||||
int res;
|
||||
|
||||
if (rsa->flags & RSA_FLAG_SIGN_VER) {
|
||||
rsa->flags &= ~RSA_FLAG_SIGN_VER;
|
||||
res = RSA_verify(type, m, m_len, signature, siglen, rsa);
|
||||
rsa->flags |= RSA_FLAG_SIGN_VER;
|
||||
if (r->flags & RSA_FLAG_SIGN_VER) {
|
||||
r->flags &= ~RSA_FLAG_SIGN_VER;
|
||||
res = RSA_verify(type, m, m_len, signature, siglen, r);
|
||||
r->flags |= RSA_FLAG_SIGN_VER;
|
||||
} else {
|
||||
PKCS11err(PKCS11_F_PKCS11_RSA_VERIFY, PKCS11_NOT_SUPPORTED);
|
||||
res = 0;
|
||||
|
@ -213,7 +214,7 @@ pkcs11_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
|
|||
* Overload the default OpenSSL methods for RSA
|
||||
*/
|
||||
RSA_METHOD *
|
||||
pkcs11_get_rsa_method()
|
||||
pkcs11_get_rsa_method(void)
|
||||
{
|
||||
static RSA_METHOD ops;
|
||||
|
||||
|
|
|
@ -179,7 +179,7 @@ PKCS11_login(PKCS11_SLOT *slot, int so, char *pin)
|
|||
|
||||
rv = CRYPTOKI_call(ctx, C_Login(priv->session,
|
||||
so? CKU_SO : CKU_USER,
|
||||
pin, strlen(pin)));
|
||||
(CK_UTF8CHAR *) pin, strlen(pin)));
|
||||
CRYPTOKI_checkerr(PKCS11_F_PKCS11_LOGIN, rv);
|
||||
priv->loggedIn = 1;
|
||||
return 0;
|
||||
|
@ -224,7 +224,7 @@ PKCS11_init_token(PKCS11_TOKEN *token, char *pin, char *label)
|
|||
if (!label)
|
||||
label = "PKCS#11 Token";
|
||||
rv = CRYPTOKI_call(ctx, C_InitToken(priv->id,
|
||||
pin, strlen(pin), label));
|
||||
(CK_UTF8CHAR *) pin, strlen(pin), (CK_UTF8CHAR *) label));
|
||||
CRYPTOKI_checkerr(PKCS11_F_PKCS11_INIT_TOKEN, rv);
|
||||
|
||||
cpriv = PRIVCTX(ctx);
|
||||
|
@ -252,7 +252,7 @@ PKCS11_init_pin(PKCS11_TOKEN *token, char *pin)
|
|||
}
|
||||
|
||||
len = pin? strlen(pin) : 0;
|
||||
rv = CRYPTOKI_call(ctx, C_InitPIN(priv->session, pin, len));
|
||||
rv = CRYPTOKI_call(ctx, C_InitPIN(priv->session, (CK_UTF8CHAR *) pin, len));
|
||||
CRYPTOKI_checkerr(PKCS11_F_PKCS11_INIT_PIN, rv);
|
||||
|
||||
return pkcs11_check_token(ctx, TOKEN2SLOT(token));
|
||||
|
@ -345,7 +345,7 @@ pkcs11_check_token(PKCS11_CTX *ctx, PKCS11_SLOT *slot)
|
|||
|
||||
token->label = PKCS11_DUP(info.label);
|
||||
token->manufacturer = PKCS11_DUP(info.manufacturerID);
|
||||
token->model = PKCS11_DUP(info. model);
|
||||
token->model = PKCS11_DUP(info.model);
|
||||
token->initialized = (info.flags & CKF_TOKEN_INITIALIZED)? 1 : 0;
|
||||
token->loginRequired = (info.flags & CKF_LOGIN_REQUIRED)? 1 : 0;
|
||||
token->userPinSet = (info.flags & CKF_USER_PIN_INITIALIZED)? 1 : 0;
|
||||
|
|
|
@ -55,8 +55,8 @@
|
|||
*
|
||||
*/
|
||||
|
||||
#ifndef HEADER_PKCS11_INTERNAL_H
|
||||
#define HEADER_PKCS11_INTERNAL_H
|
||||
#ifndef _PKCS11_INTERNAL_H
|
||||
#define _PKCS11_INTERNAL_H
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
|
@ -100,7 +100,7 @@ typedef struct PKCS11_key_st {
|
|||
char * label;
|
||||
unsigned char * id;
|
||||
int id_len;
|
||||
unsigned char private; /* private key present? */
|
||||
unsigned char isPrivate; /* private key present? */
|
||||
unsigned char needLogin; /* login to read private key? */
|
||||
EVP_PKEY * evp_key; /* initially NULL, need to call PKCS11_load_key */
|
||||
void * _private;
|
||||
|
@ -142,7 +142,7 @@ typedef struct PKCS11_ctx_st {
|
|||
void * _private;
|
||||
} PKCS11_CTX;
|
||||
|
||||
extern PKCS11_CTX * PKCS11_CTX_new();
|
||||
extern PKCS11_CTX * PKCS11_CTX_new(void);
|
||||
extern int PKCS11_CTX_load(PKCS11_CTX *, const char *ident);
|
||||
extern void PKCS11_CTX_unload(PKCS11_CTX *);
|
||||
extern void PKCS11_CTX_free(PKCS11_CTX *);
|
||||
|
@ -309,7 +309,7 @@ typedef struct pkcs11_cert_private {
|
|||
#define PKCS11_NEW(type) \
|
||||
((type *) pkcs11_malloc(sizeof(type)))
|
||||
#define PKCS11_DUP(s) \
|
||||
pkcs11_strdup(s, sizeof(s))
|
||||
pkcs11_strdup((char *) s, sizeof(s))
|
||||
|
||||
extern int PKCS11_open_session(PKCS11_SLOT *, int);
|
||||
extern void pkcs11_destroy_all_slots(PKCS11_CTX *);
|
||||
|
|
Loading…
Reference in New Issue