giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Indent sources 

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1426 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
aet 2003-09-06 17:56:21 +00:00
parent a02ef5e722
commit bbc64d01ff
15 changed files with 813 additions and 864 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
src/sslengines/engine_opensc.c
View File

@ -43,7 +43,8 @@ static sc_card_t *card = NULL;
static sc_pkcs15_card_t *p15card = NULL;
static char *sc_pin = NULL;
int opensc_finish(void) {
int opensc_finish(void)
{
if (p15card) {
sc_pkcs15_unbind(p15card);
p15card = NULL;
@ -59,7 +60,8 @@ int opensc_finish(void) {
return 1;
}
int opensc_init(void) {
int opensc_init(void)
{
int r = 0;
if (!quiet)
@ -83,30 +85,35 @@ err:
return 0;
}
int
opensc_rsa_finish(RSA* rsa) {
int opensc_rsa_finish(RSA * rsa)
{
struct sc_pkcs15_key_id *key_id;
key_id = (struct sc_pkcs15_key_id *) RSA_get_app_data(rsa);
free(key_id);
if(sc_pin) {free(sc_pin);}
if (sc_pin) {
free(sc_pin);
}
return 1;
}
BIGNUM *sc_bignum_t_to_BIGNUM(sc_pkcs15_bignum_t* bignum, BIGNUM* BN) {
BIGNUM *sc_bignum_t_to_BIGNUM(sc_pkcs15_bignum_t * bignum, BIGNUM * BN)
{
BN_bin2bn((unsigned char *) bignum->data, bignum->len, BN);
return BN;
}
void sc_set_pubkey_data(EVP_PKEY* key_out, sc_pkcs15_pubkey_t* pubkey) {
key_out->pkey.rsa->n=sc_bignum_t_to_BIGNUM(&(pubkey->u.rsa.modulus),BN_new());
key_out->pkey.rsa->e=sc_bignum_t_to_BIGNUM(&(pubkey->u.rsa.exponent),BN_new());
void sc_set_pubkey_data(EVP_PKEY * key_out, sc_pkcs15_pubkey_t * pubkey)
{
key_out->pkey.rsa->n =
sc_bignum_t_to_BIGNUM(&(pubkey->u.rsa.modulus), BN_new());
key_out->pkey.rsa->e =
sc_bignum_t_to_BIGNUM(&(pubkey->u.rsa.exponent), BN_new());
}
/* private key operations */
int
sc_prkey_op_init(const RSA *rsa, struct sc_pkcs15_object **key_obj_out)
int sc_prkey_op_init(const RSA * rsa, struct sc_pkcs15_object **key_obj_out)
{
int r;
struct sc_pkcs15_object *key_obj;
@ -136,8 +143,7 @@ sc_prkey_op_init(const RSA *rsa, struct sc_pkcs15_object **key_obj_out)
goto err;
}
key = (struct sc_pkcs15_prkey_info *) key_obj->data;
r = sc_pkcs15_find_pin_by_auth_id(p15card, &key_obj->auth_id,
&pin_obj);
r = sc_pkcs15_find_pin_by_auth_id(p15card, &key_obj->auth_id, &pin_obj);
if (r) {
fprintf(stderr, "Unable to find PIN object from SmartCard: %s",
sc_strerror(r));
@ -169,8 +175,8 @@ err:
}
EVP_PKEY *opensc_load_public_key(ENGINE * e, const char *s_key_id,
UI_METHOD *ui_method, void *callback_data) {
UI_METHOD * ui_method, void *callback_data)
{
int r;
struct sc_pkcs15_id *id;
struct sc_pkcs15_object *obj;
@ -194,10 +200,11 @@ EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
r = sc_pkcs15_find_cert_by_id(p15card, id, &obj);
if (r >= 0) {
if (!quiet)
printf("Reading certificate with ID '%s'\n", s_key_id);
printf("Reading certificate with ID '%s'\n",
s_key_id);
r = sc_pkcs15_read_certificate(p15card,
(sc_pkcs15_cert_info_t *) obj->data,
&cert);
(sc_pkcs15_cert_info_t *)
obj->data, &cert);
}
if (r >= 0)
pubkey = &cert->key;
@ -208,14 +215,17 @@ EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
return NULL;
}
if (r < 0) {
fprintf(stderr, "Public key enumeration failed: %s\n", sc_strerror(r));
fprintf(stderr, "Public key enumeration failed: %s\n",
sc_strerror(r));
return NULL;
}
/* now, set EVP_PKEY data from pubkey object */
key_out = EVP_PKEY_new();
if(!key_out)
{fprintf(stderr, "failed to create new EVP_PKEY\n"); return NULL;};
if (!key_out) {
fprintf(stderr, "failed to create new EVP_PKEY\n");
return NULL;
};
EVP_PKEY_assign_RSA(key_out, RSA_new_method(e));
#if 0
RSA_set_method(keyout->rsa, sc_get_rsa_method());
@ -231,27 +241,36 @@ EVP_PKEY *opensc_load_public_key(ENGINE *e, const char *s_key_id,
return key_out;
}
char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
char *get_pin(UI_METHOD * ui_method, char *sc_pin, int maxlen)
{
UI *ui;
ui = UI_new();
UI_set_method(ui, ui_method);
if (!UI_add_input_string(ui, "SmartCard Password: ", 0, sc_pin, 1, maxlen)) {
fprintf(stderr, "UI_add_input_string failed");
UI_free(ui); return NULL; }
UI_free(ui);
return NULL;
}
if (!UI_process(ui)) {
fprintf(stderr, "UI_process failed"); return NULL;}
fprintf(stderr, "UI_process failed");
return NULL;
}
UI_free(ui);
return sc_pin;
}
EVP_PKEY *opensc_load_private_key(ENGINE * e, const char *s_key_id,
UI_METHOD *ui_method, void *callback_data) {
UI_METHOD * ui_method, void *callback_data)
{
EVP_PKEY *key_out;
if (!quiet)
fprintf(stderr, "Loading private key!");
if(sc_pin) {free(sc_pin); sc_pin=NULL;}
if (sc_pin) {
free(sc_pin);
sc_pin = NULL;
}
key_out = opensc_load_public_key(e, s_key_id, ui_method, callback_data);
sc_pin = (char *) malloc(12);
get_pin(ui_method, sc_pin, 12); /* do this here, when storing sc_pin in RSA */
@ -301,8 +320,10 @@ sc_sign(int type, const u_char *m, unsigned int m_len,
/* FIXME: length of sigret correct? */
/* FIXME: check 'type' and modify flags accordingly */
flags |= SC_ALGORITHM_RSA_PAD_PKCS1;
if(type==NID_sha1) flags|=SC_ALGORITHM_RSA_HASH_SHA1;
if(type==NID_md5) flags|=SC_ALGORITHM_RSA_HASH_MD5;
if (type == NID_sha1)
flags |= SC_ALGORITHM_RSA_HASH_SHA1;
if (type == NID_md5)
flags |= SC_ALGORITHM_RSA_HASH_MD5;
r = sc_pkcs15_compute_signature(p15card, key_obj, flags,
m, m_len, sigret, RSA_size(rsa));
sc_unlock(card);

76
src/sslengines/engine_pkcs11.c
View File

@ -35,40 +35,46 @@
#define fail(msg) { fprintf(stderr,msg); return NULL;}
PKCS11_CTX *ctx;
char* pin;
char *pin = NULL;
int quiet = 1;
const char *module = PKCS11_DEFAULT_MODULE_NAME;
int set_module(const char *modulename) {
int set_module(const char *modulename)
{
module = modulename;
return 1;
}
char* get_pin(UI_METHOD* ui_method, char* sc_pin, int maxlen) {
char *get_pin(UI_METHOD * ui_method, char *sc_pin, int maxlen)
{
UI *ui;
ui = UI_new();
UI_set_method(ui, ui_method);
if (!UI_add_input_string(ui, "SmartCard PIN: ", 0, sc_pin, 1, maxlen)) {
fprintf(stderr, "UI_add_input_string failed\n");
UI_free(ui); return NULL; }
UI_free(ui);
return NULL;
}
if (!UI_process(ui)) {
fprintf(stderr, "UI_process failed\n"); return NULL;}
fprintf(stderr, "UI_process failed\n");
return NULL;
}
UI_free(ui);
return sc_pin;
}
int pkcs11_finish(ENGINE *engine) {
int pkcs11_finish(ENGINE * engine)
{
if (ctx) {
PKCS11_CTX_free(ctx);
}
return 1;
}
int pkcs11_init(ENGINE *engine) {
int pkcs11_init(ENGINE * engine)
{
if (!quiet)
fprintf(stderr, "initializing engine\n");
@ -77,17 +83,16 @@ int pkcs11_init(ENGINE *engine) {
fprintf(stderr, "unable to load module\n");
return 0;
}
return 1;
}
int
pkcs11_rsa_finish(RSA* rsa) {
if(pin) {free(pin);}
int pkcs11_rsa_finish(RSA * rsa)
{
if (pin) {
free(pin);
}
/* need to free RSA_ex_data? */
return 1;
}
static int hex_to_bin(const char *in, unsigned char *out, size_t * outlen)
@ -110,11 +115,9 @@ static int hex_to_bin(const char *in, unsigned char *out, size_t *outlen)
c = *in++;
if ('0' <= c && c <= '9')
c -= '0';
else
if ('a' <= c && c <= 'f')
else if ('a' <= c && c <= 'f')
c = c - 'a' + 10;
else
if ('A' <= c && c <= 'F')
else if ('A' <= c && c <= 'F')
c = c - 'A' + 10;
else {
printf("hex_to_bin(): invalid char '%c' in hex string\n", c);
@ -142,8 +145,8 @@ static int hex_to_bin(const char *in, unsigned char *out, size_t *outlen)
#define MAX_VALUE_LEN 200
EVP_PKEY *pkcs11_load_key(ENGINE * e, const char *s_slot_key_id,
UI_METHOD *ui_method, void *callback_data, int isPrivate) {
UI_METHOD * ui_method, void *callback_data, int isPrivate)
{
PKCS11_SLOT *slot_list, *slot;
PKCS11_TOKEN *tok;
PKCS11_KEY *keys, *selected_key = NULL;
@ -194,22 +197,20 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
printf("Slot number \"%s\" should be an integer\n", val);
return NULL;
}
}
else if (strncasecmp(s_slot_key_id, "id", p_sep1 - s_slot_key_id) == 0) {
} else if (strncasecmp(s_slot_key_id, "id", p_sep1 - s_slot_key_id)
== 0) {
if (!hex_to_bin(val, key_id, &key_id_len)) {
printf("Key id \"%s\" should be a hex string\n", val);
return NULL;
}
strcpy(buf, val);
s_key_id = buf;
}
else {
} else {
memcpy(val, s_slot_key_id, p_sep1 - s_slot_key_id);
val[p_sep1 - s_slot_key_id] = '\0';
printf("Now allowed in -key: \"%s\"\n", val);
return NULL;
}
s_slot_key_id = (*p_sep2 == '\0' ? p_sep2 : p_sep2 + 1);
}
@ -247,8 +248,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
if (slot_nr == -1) {
if (!(slot = PKCS11_find_token(ctx)))
fail("didn't find any tokens\n");
}
else if (slot_nr >= 0 && slot_nr < count)
} else if (slot_nr >= 0 && slot_nr < count)
slot = slot_list + slot_nr;
else {
printf("Invalid slot number: %d\n", slot_nr);
@ -277,8 +277,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
PKCS11_CERT *c = certs + n;
char *dn = NULL;
printf(" %2u %s", n+1,
c->label);
printf(" %2u %s", n + 1, c->label);
if (c->x509)
dn = X509_NAME_oneline(X509_get_subject_name(c->x509), NULL, 0);
if (dn) {
@ -314,9 +313,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
PKCS11_KEY *k = keys + n;
printf(" %2u %c%c %s\n", n + 1,
k->isPrivate? 'P' : ' ',
k->needLogin? 'L' : ' ',
k->label);
k->isPrivate ? 'P' : ' ', k->needLogin ? 'L' : ' ', k->label);
if (key_id_len != 0 && k->id_len == key_id_len &&
memcmp(k->id, key_id, key_id_len) == 0) {
@ -329,8 +326,7 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
if (s_key_id != NULL) {
printf("No key with ID \"%s\" found.\n", s_key_id);
return NULL;
}
else /* Take the first key that was found */
} else /* Take the first key that was found */
selected_key = &keys[0];
}
@ -346,8 +342,10 @@ EVP_PKEY *pkcs11_load_key(ENGINE *e, const char *s_slot_key_id,
}
EVP_PKEY *pkcs11_load_public_key(ENGINE * e, const char *s_key_id,
UI_METHOD *ui_method, void *callback_data) {
UI_METHOD * ui_method, void *callback_data)
{
EVP_PKEY *pk;
pk = pkcs11_load_key(e, s_key_id, ui_method, callback_data, 0);
if (pk == NULL)
fail("PKCS11_load_public_key returned NULL\n");
@ -355,8 +353,10 @@ EVP_PKEY *pkcs11_load_public_key(ENGINE *e, const char *s_key_id,
}
EVP_PKEY *pkcs11_load_private_key(ENGINE * e, const char *s_key_id,
UI_METHOD *ui_method, void *callback_data) {
UI_METHOD * ui_method, void *callback_data)
{
EVP_PKEY *pk;
pk = pkcs11_load_key(e, s_key_id, ui_method, callback_data, 1);
if (pk == NULL)
fail("PKCS11_get_private_key returned NULL\n");

38
src/sslengines/hw_opensc.c
View File

@ -96,12 +96,12 @@ static const ENGINE_CMD_DEFN opensc_cmd_defns[] = {
{0, NULL, NULL, 0}
};
static int opensc_engine_finish(ENGINE *e) {
static int opensc_engine_finish(ENGINE * e)
{
return opensc_finish();
}
static int
opensc_engine_init(ENGINE *e)
static int opensc_engine_init(ENGINE * e)
{
return opensc_init();
}
@ -114,27 +114,25 @@ static int opensc_engine_destroy(ENGINE *e)
static int opensc_engine_ctrl(ENGINE * e, int cmd, long i, void *p, void (*f) ())
{
switch(cmd)
{
switch (cmd) {
default:
break;
}
return 0;
}
/* set up default rsa_meth_st with overloaded rsa functions */
/* the actual implementation needs to be in another object */
static int (*orig_finish) (RSA * rsa);
static int
opensc_engine_rsa_finish(RSA* rsa) {
static int opensc_engine_rsa_finish(RSA * rsa)
{
opensc_rsa_finish(rsa);
if (orig_finish)
orig_finish(rsa);
return 1;
}
static RSA_METHOD *sc_get_rsa_method(void)
@ -165,8 +163,7 @@ static RSA_METHOD * sc_get_rsa_method(void)
* "dynamic" ENGINE support too */
static int bind_helper(ENGINE * e)
{
if(
!ENGINE_set_id(e, OPENSC_ENGINE_ID) ||
if (!ENGINE_set_id(e, OPENSC_ENGINE_ID) ||
!ENGINE_set_destroy_function(e, opensc_engine_destroy) ||
!ENGINE_set_init_function(e, opensc_engine_init) ||
!ENGINE_set_finish_function(e, opensc_engine_finish) ||
@ -187,8 +184,7 @@ static int bind_helper(ENGINE *e)
!ENGINE_set_BN_mod_exp(e, BN_mod_exp) ||
#endif
!ENGINE_set_load_pubkey_function(e, opensc_load_public_key) ||
!ENGINE_set_load_privkey_function(e, opensc_load_private_key) )
{
!ENGINE_set_load_privkey_function(e, opensc_load_private_key)) {
return 0;
} else {
return 1;
@ -197,12 +193,16 @@ static int bind_helper(ENGINE *e)
static int bind_fn(ENGINE * e, const char *id)
{
if(id && (strcmp(id, OPENSC_ENGINE_ID) != 0))
{fprintf(stderr, "bad engine id");return 0;}
if(!bind_helper(e))
{fprintf(stderr, "bind failed"); return 0;}
if (id && (strcmp(id, OPENSC_ENGINE_ID) != 0)) {
fprintf(stderr, "bad engine id");
return 0;
}
if (!bind_helper(e)) {
fprintf(stderr, "bind failed");
return 0;
}
return 1;
}
IMPLEMENT_DYNAMIC_CHECK_FN()
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
IMPLEMENT_DYNAMIC_CHECK_FN();
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn);

30
src/sslengines/hw_pkcs11.c
View File

@ -104,8 +104,7 @@ static int pkcs11_engine_destroy(ENGINE *e)
static int pkcs11_engine_ctrl(ENGINE * e, int cmd, long i, void *p, void (*f) ())
{
/*int initialised = ((pkcs11_dso == NULL) ? 0 : 1); */
switch(cmd)
{
switch (cmd) {
case CMD_MODULE_PATH:
return set_module((const char *) p);
@ -114,13 +113,14 @@ static int pkcs11_engine_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
}
return 0;
}
/* set up default rsa_meth_st with overloaded rsa functions */
/* the actual implementation needs to be in another object */
static int (*orig_finish) (RSA * rsa);
static int
pkcs11_engine_rsa_finish(RSA* rsa) {
static int pkcs11_engine_rsa_finish(RSA * rsa)
{
pkcs11_rsa_finish(rsa);
@ -134,8 +134,7 @@ pkcs11_engine_rsa_finish(RSA* rsa) {
* "dynamic" ENGINE support too */
static int bind_helper(ENGINE * e)
{
if(
!ENGINE_set_id(e, PKCS11_ENGINE_ID) ||
if (!ENGINE_set_id(e, PKCS11_ENGINE_ID) ||
!ENGINE_set_destroy_function(e, pkcs11_engine_destroy) ||
!ENGINE_set_init_function(e, pkcs11_init) ||
!ENGINE_set_finish_function(e, pkcs11_finish) ||
@ -156,8 +155,7 @@ static int bind_helper(ENGINE *e)
!ENGINE_set_BN_mod_exp(e, BN_mod_exp) ||
#endif
!ENGINE_set_load_pubkey_function(e, pkcs11_load_public_key) ||
!ENGINE_set_load_privkey_function(e, pkcs11_load_private_key) )
{
!ENGINE_set_load_privkey_function(e, pkcs11_load_private_key)) {
return 0;
} else {
return 1;
@ -166,12 +164,16 @@ static int bind_helper(ENGINE *e)
static int bind_fn(ENGINE * e, const char *id)
{
if(id && (strcmp(id, PKCS11_ENGINE_ID) != 0))
{fprintf(stderr, "bad engine id");return 0;}
if(!bind_helper(e))
{fprintf(stderr, "bind failed"); return 0;}
if (id && (strcmp(id, PKCS11_ENGINE_ID) != 0)) {
fprintf(stderr, "bad engine id");
return 0;
}
if (!bind_helper(e)) {
fprintf(stderr, "bind failed");
return 0;
}
return 1;
}
IMPLEMENT_DYNAMIC_CHECK_FN()
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
IMPLEMENT_DYNAMIC_CHECK_FN();
IMPLEMENT_DYNAMIC_BIND_FN(bind_fn);

24
src/sslengines/p11_attr.c
View File

@ -12,15 +12,15 @@
#include <string.h>
static int pkcs11_getattr_int(PKCS11_CTX *, CK_SESSION_HANDLE,
CK_OBJECT_HANDLE, CK_ATTRIBUTE_TYPE,
void *, size_t *);
CK_OBJECT_HANDLE, CK_ATTRIBUTE_TYPE, void *, size_t *);
/*
* Query pkcs11 attributes
*/
static int
pkcs11_getattr_int(PKCS11_CTX * ctx, CK_SESSION_HANDLE session,
CK_OBJECT_HANDLE o, CK_ATTRIBUTE_TYPE type, void *value, size_t *size)
CK_OBJECT_HANDLE o, CK_ATTRIBUTE_TYPE type, void *value,
size_t * size)
{
CK_ATTRIBUTE templ;
int rv;
@ -81,8 +81,7 @@ pkcs11_getattr_bn(PKCS11_TOKEN *token, CK_OBJECT_HANDLE object,
/*
* Add attributes to template
*/
void
pkcs11_addattr(CK_ATTRIBUTE_PTR ap, int type, const void *data, size_t size)
void pkcs11_addattr(CK_ATTRIBUTE_PTR ap, int type, const void *data, size_t size)
{
ap->type = type;
ap->pValue = malloc(size);
@ -91,22 +90,19 @@ pkcs11_addattr(CK_ATTRIBUTE_PTR ap, int type, const void *data, size_t size)
}
/* In PKCS11, virtually every integer is a CK_ULONG */
void
pkcs11_addattr_int(CK_ATTRIBUTE_PTR ap, int type, unsigned long value)
void pkcs11_addattr_int(CK_ATTRIBUTE_PTR ap, int type, unsigned long value)
{
CK_ULONG ulValue = value;
pkcs11_addattr(ap, type, &ulValue, sizeof(ulValue));
}
void
pkcs11_addattr_s(CK_ATTRIBUTE_PTR ap, int type, const char *s)
void pkcs11_addattr_s(CK_ATTRIBUTE_PTR ap, int type, const char *s)
{
pkcs11_addattr(ap, type, s, s ? strlen(s) + 1 : 0);
}
void
pkcs11_addattr_bn(CK_ATTRIBUTE_PTR ap, int type, const BIGNUM *bn)
void pkcs11_addattr_bn(CK_ATTRIBUTE_PTR ap, int type, const BIGNUM * bn)
{
unsigned char temp[1024];
unsigned int n;
@ -116,8 +112,7 @@ pkcs11_addattr_bn(CK_ATTRIBUTE_PTR ap, int type, const BIGNUM *bn)
pkcs11_addattr(ap, type, temp, n);
}
void
pkcs11_addattr_obj(CK_ATTRIBUTE_PTR ap, int type, pkcs11_i2d_fn enc, void *obj)
void pkcs11_addattr_obj(CK_ATTRIBUTE_PTR ap, int type, pkcs11_i2d_fn enc, void *obj)
{
unsigned char *p;
@ -127,8 +122,7 @@ pkcs11_addattr_obj(CK_ATTRIBUTE_PTR ap, int type, pkcs11_i2d_fn enc, void *obj)
enc(obj, &p);
}
void
pkcs11_zap_attrs(CK_ATTRIBUTE_PTR ap, unsigned int n)
void pkcs11_zap_attrs(CK_ATTRIBUTE_PTR ap, unsigned int n)
{
while (n--) {
if (ap[n].pValue)

33
src/sslengines/p11_cert.c
View File

@ -8,8 +8,7 @@
#include <string.h>
static int pkcs11_find_certs(PKCS11_TOKEN *);
static int pkcs11_next_cert(PKCS11_CTX *, PKCS11_TOKEN *,
CK_SESSION_HANDLE);
static int pkcs11_next_cert(PKCS11_CTX *, PKCS11_TOKEN *, CK_SESSION_HANDLE);
static int pkcs11_init_cert(PKCS11_CTX * ctx, PKCS11_TOKEN * token,
CK_SESSION_HANDLE session, CK_OBJECT_HANDLE o,
PKCS11_CERT **);
@ -28,8 +27,7 @@ static CK_ATTRIBUTE cert_search_attrs[] = {
*/
int
PKCS11_enumerate_certs(PKCS11_TOKEN * token,
PKCS11_CERT **certp,
unsigned int *countp)
PKCS11_CERT ** certp, unsigned int *countp)
{
PKCS11_TOKEN_private *priv = PRIVTOKEN(token);
@ -48,8 +46,7 @@ PKCS11_enumerate_certs(PKCS11_TOKEN *token,
/*
* Find certificate matching a key
*/
PKCS11_CERT *
PKCS11_find_certificate(PKCS11_KEY *key)
PKCS11_CERT *PKCS11_find_certificate(PKCS11_KEY * key)
{
PKCS11_KEY_private *kpriv;
PKCS11_CERT_private *cpriv;
@ -71,8 +68,7 @@ PKCS11_find_certificate(PKCS11_KEY *key)
/*
* Find all certs of a given type (public or private)
*/
int
pkcs11_find_certs(PKCS11_TOKEN *token)
int pkcs11_find_certs(PKCS11_TOKEN * token)
{
PKCS11_SLOT *slot = TOKEN2SLOT(token);
PKCS11_CTX *ctx = TOKEN2CTX(token);
@ -99,8 +95,7 @@ pkcs11_find_certs(PKCS11_TOKEN *token)
}
int
pkcs11_next_cert(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
CK_SESSION_HANDLE session)
pkcs11_next_cert(PKCS11_CTX * ctx, PKCS11_TOKEN * token, CK_SESSION_HANDLE session)
{
CK_OBJECT_HANDLE obj;
CK_ULONG count;
@ -121,8 +116,7 @@ pkcs11_next_cert(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
int
pkcs11_init_cert(PKCS11_CTX * ctx, PKCS11_TOKEN * token,
CK_SESSION_HANDLE session, CK_OBJECT_HANDLE obj,
PKCS11_CERT **ret)
CK_SESSION_HANDLE session, CK_OBJECT_HANDLE obj, PKCS11_CERT ** ret)
{
PKCS11_TOKEN_private *tpriv;
PKCS11_CERT_private *kpriv;
@ -133,8 +127,7 @@ pkcs11_init_cert(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
size_t size;
size = sizeof(cert_type);
if (pkcs11_getattr_var(token, obj, CKA_CERTIFICATE_TYPE,
&cert_type, &size))
if (pkcs11_getattr_var(token, obj, CKA_CERTIFICATE_TYPE, &cert_type, &size))
return -1;
/* Ignore any certs we don't understand */
@ -143,7 +136,8 @@ pkcs11_init_cert(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
tpriv = PRIVTOKEN(token);
tpriv->certs = (PKCS11_CERT *) OPENSSL_realloc(tpriv->certs,
(tpriv->ncerts + 1) * sizeof(PKCS11_CERT));
(tpriv->ncerts +
1) * sizeof(PKCS11_CERT));
cert = tpriv->certs + tpriv->ncerts++;
memset(cert, 0, sizeof(*cert));
@ -179,8 +173,7 @@ pkcs11_init_cert(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
/*
* Destroy all certs
*/
void
pkcs11_destroy_certs(PKCS11_TOKEN *token)
void pkcs11_destroy_certs(PKCS11_TOKEN * token)
{
PKCS11_TOKEN_private *priv = PRIVTOKEN(token);
@ -223,8 +216,7 @@ pkcs11_store_certificate(PKCS11_TOKEN *token, X509 *x509, char *label,
/* Now build the template */
pkcs11_addattr_int(attrs + n++, CKA_CLASS, CKO_CERTIFICATE);
pkcs11_addattr_int(attrs + n++, CKA_CERTIFICATE_TYPE, CKC_X_509);
pkcs11_addattr_obj(attrs + n++, CKA_VALUE,
(pkcs11_i2d_fn) i2d_X509, x509);
pkcs11_addattr_obj(attrs + n++, CKA_VALUE, (pkcs11_i2d_fn) i2d_X509, x509);
if (label)
pkcs11_addattr_s(attrs + n++, CKA_LABEL, label);
if (id && id_len)
@ -239,6 +231,5 @@ pkcs11_store_certificate(PKCS11_TOKEN *token, X509 *x509, char *label,
CRYPTOKI_checkerr(PKCS11_F_PKCS11_STORE_CERTIFICATE, rv);
/* Gobble the key object */
return pkcs11_init_cert(ctx, token, session,
object, ret_cert);
return pkcs11_init_cert(ctx, token, session, object, ret_cert);
}

28
src/sslengines/p11_err.c
View File

@ -94,7 +94,6 @@ static ERR_STRING_DATA PKCS11_str_reasons[] = {
{PKCS11_SYMBOL_NOT_FOUND_ERROR, "Symbol not found in PKCS#11 module"},
{PKCS11_NOT_SUPPORTED, "Not supported"},
{PKCS11_NO_SESSION, "No session open"},
{CKR_CANCEL, "Cancel"},
{CKR_HOST_MEMORY, "Host memory error"},
{CKR_SLOT_ID_INVALID, "Invalid slot ID"},
@ -141,13 +140,11 @@ static ERR_STRING_DATA PKCS11_str_reasons[] = {
{CKR_SESSION_CLOSED, "Session closed"},
{CKR_SESSION_COUNT, "Session count"},
{CKR_SESSION_HANDLE_INVALID, "Session handle invalid"},
{CKR_SESSION_PARALLEL_NOT_SUPPORTED,
"Session parallel not supported" },
{CKR_SESSION_PARALLEL_NOT_SUPPORTED, "Session parallel not supported"},
{CKR_SESSION_READ_ONLY, "Session read only"},
{CKR_SESSION_EXISTS, "Session exists"},
{CKR_SESSION_READ_ONLY_EXISTS, "Read-only session exists"},
{CKR_SESSION_READ_WRITE_SO_EXISTS,
"Read/write SO session exists" },
{CKR_SESSION_READ_WRITE_SO_EXISTS, "Read/write SO session exists"},
{CKR_SIGNATURE_INVALID, "Signature invalid"},
{CKR_SIGNATURE_LEN_RANGE, "Signature len range"},
{CKR_TEMPLATE_INCOMPLETE, "Incomplete template"},
@ -155,25 +152,20 @@ static ERR_STRING_DATA PKCS11_str_reasons[] = {
{CKR_TOKEN_NOT_PRESENT, "No PKCS#11 token present"},
{CKR_TOKEN_NOT_RECOGNIZED, "PKCS#11 token not recognized"},
{CKR_TOKEN_WRITE_PROTECTED, "Token write protected"},
{CKR_UNWRAPPING_KEY_HANDLE_INVALID,
"Unwrapping key handle invalid" },
{CKR_UNWRAPPING_KEY_HANDLE_INVALID, "Unwrapping key handle invalid"},
{CKR_UNWRAPPING_KEY_SIZE_RANGE, "Unwrapping key size range"},
{CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT,
"Unwrapping key type inconsistent" },
{CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, "Unwrapping key type inconsistent"},
{CKR_USER_ALREADY_LOGGED_IN, "User already logged in"},
{CKR_USER_NOT_LOGGED_IN, "User not logged in"},
{CKR_USER_PIN_NOT_INITIALIZED, "User pin not initialized"},
{CKR_USER_TYPE_INVALID, "User type invalid"},
{CKR_USER_ANOTHER_ALREADY_LOGGED_IN,
"User another is already logged in" },
{CKR_USER_ANOTHER_ALREADY_LOGGED_IN, "User another is already logged in"},
{CKR_USER_TOO_MANY_TYPES, "User too many types"},
{CKR_WRAPPED_KEY_INVALID, "Wrapped key invalid"},
{CKR_WRAPPED_KEY_LEN_RANGE, "Wrapped key len range"},
{CKR_WRAPPING_KEY_HANDLE_INVALID,
"Wrapping key handle invalid" },
{CKR_WRAPPING_KEY_HANDLE_INVALID, "Wrapping key handle invalid"},
{CKR_WRAPPING_KEY_SIZE_RANGE, "Wrapping key size range"},
{CKR_WRAPPING_KEY_TYPE_INCONSISTENT,
"Wrapping key type inconsistent" },
{CKR_WRAPPING_KEY_TYPE_INCONSISTENT, "Wrapping key type inconsistent"},
{CKR_RANDOM_SEED_NOT_SUPPORTED, "Random seed not supported"},
{CKR_RANDOM_NO_RNG, "Random no rng"},
{CKR_DOMAIN_PARAMS_INVALID, "Domain params invalid"},
@ -182,8 +174,7 @@ static ERR_STRING_DATA PKCS11_str_reasons[] = {
{CKR_INFORMATION_SENSITIVE, "Information sensitive"},
{CKR_STATE_UNSAVEABLE, "State unsaveable"},
{CKR_CRYPTOKI_NOT_INITIALIZED, "Cryptoki not initialized"},
{CKR_CRYPTOKI_ALREADY_INITIALIZED,
"Cryptoki already initialized" },
{CKR_CRYPTOKI_ALREADY_INITIALIZED, "Cryptoki already initialized"},
{CKR_MUTEX_BAD, "Mutex bad"},
{CKR_MUTEX_NOT_LOCKED, "Mutex not locked"},
{CKR_VENDOR_DEFINED, "Vendor defined"},
@ -191,8 +182,7 @@ static ERR_STRING_DATA PKCS11_str_reasons[] = {
};
#endif
void
ERR_load_PKCS11_strings(void)
void ERR_load_PKCS11_strings(void)
{
static int init = 1;

49
src/sslengines/p11_key.c
View File

@ -65,11 +65,9 @@ static int pkcs11_init_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
CK_SESSION_HANDLE session, CK_OBJECT_HANDLE o,
CK_OBJECT_CLASS type, PKCS11_KEY **);
static int pkcs11_store_private_key(PKCS11_TOKEN *, EVP_PKEY *, char *,
unsigned char *, unsigned int,
PKCS11_KEY **);
unsigned char *, unsigned int, PKCS11_KEY **);
static int pkcs11_store_public_key(PKCS11_TOKEN *, EVP_PKEY *, char *,
unsigned char *, unsigned int,
PKCS11_KEY **);
unsigned char *, unsigned int, PKCS11_KEY **);
static CK_OBJECT_CLASS key_search_class;
static CK_ATTRIBUTE key_search_attrs[] = {
@ -82,9 +80,7 @@ static CK_ATTRIBUTE key_search_attrs[] = {
* For now, we enumerate just the private keys.
*/
int
PKCS11_enumerate_keys(PKCS11_TOKEN *token,
PKCS11_KEY **keyp,
unsigned int *countp)
PKCS11_enumerate_keys(PKCS11_TOKEN * token, PKCS11_KEY ** keyp, unsigned int *countp)
{
PKCS11_TOKEN_private *priv = PRIVTOKEN(token);
@ -108,8 +104,7 @@ PKCS11_enumerate_keys(PKCS11_TOKEN *token,
/*
* Store a private key on the token
*/
int
PKCS11_store_private_key(PKCS11_TOKEN *token, EVP_PKEY *pk, char *label)
int PKCS11_store_private_key(PKCS11_TOKEN * token, EVP_PKEY * pk, char *label)
{
if (pkcs11_store_private_key(token, pk, label, NULL, 0, NULL))
return -1;
@ -123,8 +118,7 @@ PKCS11_store_private_key(PKCS11_TOKEN *token, EVP_PKEY *pk, char *label)
*/
int
PKCS11_generate_key(PKCS11_TOKEN * token,
int algorithm, unsigned int bits,
char *label)
int algorithm, unsigned int bits, char *label)
{
PKCS11_KEY *key_obj;
EVP_PKEY *pk;
@ -133,8 +127,7 @@ PKCS11_generate_key(PKCS11_TOKEN *token,
int rc;
if (algorithm != EVP_PKEY_RSA) {
PKCS11err(PKCS11_F_PKCS11_GENERATE_KEY,
PKCS11_NOT_SUPPORTED);
PKCS11err(PKCS11_F_PKCS11_GENERATE_KEY, PKCS11_NOT_SUPPORTED);
return -1;
}
@ -142,8 +135,7 @@ PKCS11_generate_key(PKCS11_TOKEN *token,
rsa = RSA_generate_key(bits, 0x10001, NULL, err);
BIO_free(err);
if (rsa == NULL) {
PKCS11err(PKCS11_F_PKCS11_GENERATE_KEY,
PKCS11_KEYGEN_FAILED);
PKCS11err(PKCS11_F_PKCS11_GENERATE_KEY, PKCS11_KEYGEN_FAILED);
return -1;
}
@ -165,8 +157,7 @@ PKCS11_generate_key(PKCS11_TOKEN *token,
/*
* Get the key type
*/
int
PKCS11_get_key_type(PKCS11_KEY *key)
int PKCS11_get_key_type(PKCS11_KEY * key)
{
PKCS11_KEY_private *priv = PRIVKEY(key);
@ -177,8 +168,7 @@ PKCS11_get_key_type(PKCS11_KEY *key)
* Create a key object that will allow an OpenSSL application
* to use the token via an EVP_PKEY
*/
EVP_PKEY *
PKCS11_get_private_key(PKCS11_KEY *key)
EVP_PKEY *PKCS11_get_private_key(PKCS11_KEY * key)
{
PKCS11_KEY_private *priv = PRIVKEY(key);
EVP_PKEY *pk;
@ -196,8 +186,7 @@ PKCS11_get_private_key(PKCS11_KEY *key)
/*
* Find all keys of a given type (public or private)
*/
int
pkcs11_find_keys(PKCS11_TOKEN *token, unsigned int type)
int pkcs11_find_keys(PKCS11_TOKEN * token, unsigned int type)
{
PKCS11_SLOT *slot = TOKEN2SLOT(token);
PKCS11_CTX *ctx = TOKEN2CTX(token);
@ -247,8 +236,7 @@ pkcs11_next_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
int
pkcs11_init_key(PKCS11_CTX * ctx, PKCS11_TOKEN * token,
CK_SESSION_HANDLE session, CK_OBJECT_HANDLE obj,
CK_OBJECT_CLASS type,
PKCS11_KEY **ret)
CK_OBJECT_CLASS type, PKCS11_KEY ** ret)
{
PKCS11_TOKEN_private *tpriv;
PKCS11_KEY_private *kpriv;
@ -274,7 +262,8 @@ pkcs11_init_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
tpriv = PRIVTOKEN(token);
tpriv->keys = (PKCS11_KEY *) OPENSSL_realloc(tpriv->keys,
(tpriv->nkeys + 1) * sizeof(PKCS11_KEY));
(tpriv->nkeys +
1) * sizeof(PKCS11_KEY));
key = tpriv->keys + tpriv->nkeys++;
memset(key, 0, sizeof(*key));
@ -305,8 +294,7 @@ pkcs11_init_key(PKCS11_CTX *ctx, PKCS11_TOKEN *token,
/*
* Destroy all keys
*/
void
pkcs11_destroy_keys(PKCS11_TOKEN *token)
void pkcs11_destroy_keys(PKCS11_TOKEN * token)
{
PKCS11_TOKEN_private *priv = PRIVTOKEN(token);
@ -363,8 +351,7 @@ pkcs11_store_private_key(PKCS11_TOKEN *token, EVP_PKEY *pk, char *label,
if (id && id_len)
pkcs11_addattr(attrs + n++, CKA_ID, id, id_len);
} else {
PKCS11err(PKCS11_F_PKCS11_STORE_PRIVATE_KEY,
PKCS11_NOT_SUPPORTED);
PKCS11err(PKCS11_F_PKCS11_STORE_PRIVATE_KEY, PKCS11_NOT_SUPPORTED);
return -1;
}
@ -415,8 +402,7 @@ pkcs11_store_public_key(PKCS11_TOKEN *token, EVP_PKEY *pk, char *label,
if (id && id_len)
pkcs11_addattr(attrs + n++, CKA_ID, id, id_len);
} else {
PKCS11err(PKCS11_F_PKCS11_STORE_PUBLIC_KEY,
PKCS11_NOT_SUPPORTED);
PKCS11err(PKCS11_F_PKCS11_STORE_PUBLIC_KEY, PKCS11_NOT_SUPPORTED);
return -1;
}
@ -429,6 +415,5 @@ pkcs11_store_public_key(PKCS11_TOKEN *token, EVP_PKEY *pk, char *label,
CRYPTOKI_checkerr(PKCS11_F_PKCS11_STORE_PUBLIC_KEY, rv);
/* Gobble the key object */
return pkcs11_init_key(ctx, token, session,
object, CKO_PUBLIC_KEY, ret_key);
return pkcs11_init_key(ctx, token, session, object, CKO_PUBLIC_KEY, ret_key);
}

12
src/sslengines/p11_load.c
View File

@ -63,8 +63,7 @@ static void *handle = NULL;
/*
* Create a new context
*/
PKCS11_CTX *
PKCS11_CTX_new(void)
PKCS11_CTX *PKCS11_CTX_new(void)
{
PKCS11_CTX_private *priv;
PKCS11_CTX *ctx;
@ -85,8 +84,7 @@ PKCS11_CTX_new(void)
/*
* Load the shared library, and initialize it.
*/
int
PKCS11_CTX_load(PKCS11_CTX *ctx, const char *name)
int PKCS11_CTX_load(PKCS11_CTX * ctx, const char *name)
{
PKCS11_CTX_private *priv = PRIVCTX(ctx);
CK_INFO ck_info;
@ -119,8 +117,7 @@ PKCS11_CTX_load(PKCS11_CTX *ctx, const char *name)
/*
* Unload the shared library
*/
void
PKCS11_CTX_unload(PKCS11_CTX *ctx)
void PKCS11_CTX_unload(PKCS11_CTX * ctx)
{
PKCS11_CTX_private *priv;
priv = PRIVCTX(ctx);
@ -138,8 +135,7 @@ PKCS11_CTX_unload(PKCS11_CTX *ctx)
/*
* Free a context
*/
void
PKCS11_CTX_free(PKCS11_CTX *ctx)
void PKCS11_CTX_free(PKCS11_CTX * ctx)
{
PKCS11_CTX_unload(ctx); /* Make sure */
OPENSSL_free(ctx->manufacturer);

9
src/sslengines/p11_misc.c
View File

@ -59,8 +59,7 @@
#include <string.h>
#include <openssl/crypto.h>
void *
pkcs11_malloc(size_t size)
void *pkcs11_malloc(size_t size)
{
void *p = OPENSSL_malloc(size);
memset(p, 0, size);
@ -71,8 +70,7 @@ pkcs11_malloc(size_t size)
* so when strduping them we must make sure
* we stop at the end of the buffer, and while we're
* at it it's nice to remove the padding */
char *
pkcs11_strdup(char *mem, size_t size)
char *pkcs11_strdup(char *mem, size_t size)
{
char *res;
@ -87,8 +85,7 @@ pkcs11_strdup(char *mem, size_t size)
/*
* Dup memory
*/
void *
memdup(const void *src, size_t size)
void *memdup(const void *src, size_t size)
{
void *dst;

12
src/sslengines/p11_rsa.c
View File

@ -77,8 +77,7 @@ RSA_METHOD * pkcs11_get_rsa_method(void);
/*
* Get RSA key material
*/
int
pkcs11_get_rsa_private(PKCS11_KEY *key, EVP_PKEY *pk)
int pkcs11_get_rsa_private(PKCS11_KEY * key, EVP_PKEY * pk)
{
CK_BBOOL sensitive, extractable;
RSA *rsa;
@ -112,8 +111,7 @@ pkcs11_get_rsa_private(PKCS11_KEY *key, EVP_PKEY *pk)
return -1;
}
int
pkcs11_get_rsa_public(PKCS11_KEY *key, EVP_PKEY *pk)
int pkcs11_get_rsa_public(PKCS11_KEY * key, EVP_PKEY * pk)
{
/* TBD */
return 0;
@ -175,7 +173,8 @@ pkcs11_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
* by OpenSSL). The library assumes that the memory passed
* by the caller is always big enough */
sigsize = BN_num_bytes(rsa->n);
rv = CRYPTOKI_call(ctx, C_Sign(session, (CK_BYTE *) m, m_len, sigret, &sigsize));
rv = CRYPTOKI_call(ctx,
C_Sign(session, (CK_BYTE *) m, m_len, sigret, &sigsize));
if (rv)
goto fail;
@ -213,8 +212,7 @@ pkcs11_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
/*
* Overload the default OpenSSL methods for RSA
*/
RSA_METHOD *
pkcs11_get_rsa_method(void)
RSA_METHOD *pkcs11_get_rsa_method(void)
{
static RSA_METHOD ops;

48
src/sslengines/p11_slot.c
View File

@ -67,9 +67,7 @@ static void pkcs11_destroy_token(PKCS11_TOKEN *);
* Enumerate slots
*/
int
PKCS11_enumerate_slots(PKCS11_CTX *ctx,
PKCS11_SLOT **slotp,
unsigned int *countp)
PKCS11_enumerate_slots(PKCS11_CTX * ctx, PKCS11_SLOT ** slotp, unsigned int *countp)
{
PKCS11_CTX_private *priv = PRIVCTX(ctx);
@ -82,8 +80,7 @@ PKCS11_enumerate_slots(PKCS11_CTX *ctx,
rv = priv->method->C_GetSlotList(FALSE, slotid, &nslots);
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_SLOTS, rv);
slots = (PKCS11_SLOT *) pkcs11_malloc(nslots
* sizeof(PKCS11_SLOT));
slots = (PKCS11_SLOT *) pkcs11_malloc(nslots * sizeof(PKCS11_SLOT));
for (n = 0; n < nslots; n++) {
if (pkcs11_init_slot(ctx, &slots[n], slotid[n])) {
while (n--)
@ -104,8 +101,7 @@ PKCS11_enumerate_slots(PKCS11_CTX *ctx,
/*
* Find a slot with a token that looks "valuable"
*/
PKCS11_SLOT *
PKCS11_find_token(PKCS11_CTX *ctx)
PKCS11_SLOT *PKCS11_find_token(PKCS11_CTX * ctx)
{
PKCS11_SLOT *slot_list, *slot, *best;
PKCS11_TOKEN *tok;
@ -130,8 +126,7 @@ PKCS11_find_token(PKCS11_CTX *ctx)
/*
* Open a session with this slot
*/
int
PKCS11_open_session(PKCS11_SLOT *slot, int rw)
int PKCS11_open_session(PKCS11_SLOT * slot, int rw)
{
PKCS11_SLOT_private *priv = PRIVSLOT(slot);
PKCS11_CTX *ctx = SLOT2CTX(slot);
@ -143,8 +138,9 @@ PKCS11_open_session(PKCS11_SLOT *slot, int rw)
}
rv = CRYPTOKI_call(ctx,
C_OpenSession(priv->id,
CKF_SERIAL_SESSION | (rw? CKF_RW_SESSION : 0),
NULL, NULL, &priv->session));
CKF_SERIAL_SESSION | (rw ? CKF_RW_SESSION :
0), NULL, NULL,
&priv->session));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_OPEN_SESSION, rv);
priv->haveSession = 1;
@ -154,8 +150,7 @@ PKCS11_open_session(PKCS11_SLOT *slot, int rw)
/*
* Authenticate with the card
*/
int
PKCS11_login(PKCS11_SLOT *slot, int so, char *pin)
int PKCS11_login(PKCS11_SLOT * slot, int so, char *pin)
{
PKCS11_SLOT_private *priv = PRIVSLOT(slot);
PKCS11_CTX *ctx = priv->parent;
@ -188,8 +183,7 @@ PKCS11_login(PKCS11_SLOT *slot, int so, char *pin)
/*
* Log out
*/
int
PKCS11_logout(PKCS11_SLOT *slot)
int PKCS11_logout(PKCS11_SLOT * slot)
{
PKCS11_SLOT_private *priv = PRIVSLOT(slot);
PKCS11_CTX *ctx = priv->parent;
@ -213,8 +207,7 @@ PKCS11_logout(PKCS11_SLOT *slot)
/*
* Initialize the token
*/
int
PKCS11_init_token(PKCS11_TOKEN *token, char *pin, char *label)
int PKCS11_init_token(PKCS11_TOKEN * token, char *pin, char *label)
{
PKCS11_SLOT_private *priv = PRIVSLOT(TOKEN2SLOT(token));
PKCS11_CTX_private *cpriv;
@ -224,7 +217,8 @@ PKCS11_init_token(PKCS11_TOKEN *token, char *pin, char *label)
if (!label)
label = "PKCS#11 Token";
rv = CRYPTOKI_call(ctx, C_InitToken(priv->id,
(CK_UTF8CHAR *) pin, strlen(pin), (CK_UTF8CHAR *) label));
(CK_UTF8CHAR *) pin, strlen(pin),
(CK_UTF8CHAR *) label));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_INIT_TOKEN, rv);
cpriv = PRIVCTX(ctx);
@ -239,8 +233,7 @@ PKCS11_init_token(PKCS11_TOKEN *token, char *pin, char *label)
/*
* Set the User PIN
*/
int
PKCS11_init_pin(PKCS11_TOKEN *token, char *pin)
int PKCS11_init_pin(PKCS11_TOKEN * token, char *pin)
{
PKCS11_SLOT_private *priv = PRIVSLOT(TOKEN2SLOT(token));
PKCS11_CTX *ctx = priv->parent;
@ -261,8 +254,7 @@ PKCS11_init_pin(PKCS11_TOKEN *token, char *pin)
/*
* Helper functions
*/
int
pkcs11_init_slot(PKCS11_CTX *ctx, PKCS11_SLOT *slot, CK_SLOT_ID id)
int pkcs11_init_slot(PKCS11_CTX * ctx, PKCS11_SLOT * slot, CK_SLOT_ID id)
{
PKCS11_SLOT_private *priv;
CK_SLOT_INFO info;
@ -286,8 +278,7 @@ pkcs11_init_slot(PKCS11_CTX *ctx, PKCS11_SLOT *slot, CK_SLOT_ID id)
return 0;
}
void
pkcs11_destroy_all_slots(PKCS11_CTX *ctx)
void pkcs11_destroy_all_slots(PKCS11_CTX * ctx)
{
PKCS11_CTX_private *priv = PRIVCTX(ctx);
@ -298,8 +289,7 @@ pkcs11_destroy_all_slots(PKCS11_CTX *ctx)
priv->nslots = -1;
}
void
pkcs11_destroy_slot(PKCS11_CTX *ctx, PKCS11_SLOT *slot)
void pkcs11_destroy_slot(PKCS11_CTX * ctx, PKCS11_SLOT * slot)
{
PKCS11_SLOT_private *priv = PRIVSLOT(slot);
@ -314,8 +304,7 @@ pkcs11_destroy_slot(PKCS11_CTX *ctx, PKCS11_SLOT *slot)
memset(slot, 0, sizeof(*slot));
}
int
pkcs11_check_token(PKCS11_CTX *ctx, PKCS11_SLOT *slot)
int pkcs11_check_token(PKCS11_CTX * ctx, PKCS11_SLOT * slot)
{
PKCS11_SLOT_private *priv = PRIVSLOT(slot);
PKCS11_TOKEN_private *tpriv;
@ -355,8 +344,7 @@ pkcs11_check_token(PKCS11_CTX *ctx, PKCS11_SLOT *slot)
return 0;
}
void
pkcs11_destroy_token(PKCS11_TOKEN *token)
void pkcs11_destroy_token(PKCS11_TOKEN * token)
{
/* XXX destroy keys associated with this token */
OPENSSL_free(token->label);

27
src/sslengines/pkcs11-internal.h
View File

@ -87,12 +87,6 @@ ERR_PUT_error(ERR_LIB_PKCS11,(f),(r),__FILE__,__LINE__)
*
* - no support for any operations that alter the card,
* i.e. readonly-login
*
* Rather than include the complete PKCS#11 type definition
* header file here, I'm defining my own bunch of types,
* leaving out those that are not needed.
* I also hope that they will be more in line with OpenSSL
* coding style.
*/
/* PKCS11 key object (public or private) */
@ -158,8 +152,7 @@ extern int PKCS11_login(PKCS11_SLOT *, int so, char *pin);
extern int PKCS11_logout(PKCS11_SLOT *);
/* Get a list of all keys associated with this token */
extern int PKCS11_enumerate_keys(PKCS11_TOKEN *,
PKCS11_KEY **, unsigned int *);
extern int PKCS11_enumerate_keys(PKCS11_TOKEN *, PKCS11_KEY **, unsigned int *);
/* Get the key type (as EVP_PKEY_XXX) */
extern int PKCS11_get_key_type(PKCS11_KEY *);
@ -171,21 +164,17 @@ extern EVP_PKEY * PKCS11_get_private_key(PKCS11_KEY *);
extern PKCS11_CERT *PKCS11_find_certificate(PKCS11_KEY *);
/* Get a list of all certificates associated with this token */
extern int PKCS11_enumerate_certs(PKCS11_TOKEN *,
PKCS11_CERT **, unsigned int *);
extern int PKCS11_enumerate_certs(PKCS11_TOKEN *, PKCS11_CERT **, unsigned int *);
/* Initialize a token */
extern int PKCS11_init_token(PKCS11_TOKEN *,
char *pin, char *label);
extern int PKCS11_init_token(PKCS11_TOKEN *, char *pin, char *label);
/* Initialize the user PIN on a token */
extern int PKCS11_init_pin(PKCS11_TOKEN *, char *pin);
/* Store various objects on the token */
extern int PKCS11_generate_key(PKCS11_TOKEN *, int,
unsigned int, char *);
extern int PKCS11_store_private_key(PKCS11_TOKEN *,
EVP_PKEY *, char *);
extern int PKCS11_generate_key(PKCS11_TOKEN *, int, unsigned int, char *);
extern int PKCS11_store_private_key(PKCS11_TOKEN *, EVP_PKEY *, char *);
/* Load PKCS11 error strings */
extern void ERR_load_PKCS11_strings(void);
@ -240,8 +229,7 @@ typedef struct pkcs11_ctx_private {
typedef struct pkcs11_slot_private {
PKCS11_CTX *parent;
unsigned char haveSession,
loggedIn;
unsigned char haveSession, loggedIn;
CK_SLOT_ID id;
CK_SESSION_HANDLE session;
} PKCS11_SLOT_private;
@ -333,8 +321,7 @@ extern void pkcs11_addattr(CK_ATTRIBUTE_PTR, int, const void *, size_t);
extern void pkcs11_addattr_int(CK_ATTRIBUTE_PTR, int, unsigned long);
extern void pkcs11_addattr_s(CK_ATTRIBUTE_PTR, int, const char *);
extern void pkcs11_addattr_bn(CK_ATTRIBUTE_PTR, int, const BIGNUM *);
extern void pkcs11_addattr_obj(CK_ATTRIBUTE_PTR, int,
pkcs11_i2d_fn, void *);
extern void pkcs11_addattr_obj(CK_ATTRIBUTE_PTR, int, pkcs11_i2d_fn, void *);
extern void pkcs11_zap_attrs(CK_ATTRIBUTE_PTR, unsigned int);
extern void *memdup(const void *, size_t);