diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c index 872cc17e..fb5c4825 100644 --- a/src/pkcs11/framework-pkcs15.c +++ b/src/pkcs11/framework-pkcs15.c @@ -73,7 +73,7 @@ struct pkcs15_cert_object { struct pkcs15_any_object base; struct sc_pkcs15_cert_info * cert_info; - struct sc_pkcs15_cert * cert_data; + struct sc_pkcs15_cert * cert_data; }; #define cert_flags base.base.flags #define cert_p15obj base.p15_object @@ -110,7 +110,7 @@ struct pkcs15_data_object { struct pkcs15_any_object base; struct sc_pkcs15_data_info *info; - struct sc_pkcs15_data *value; + struct sc_pkcs15_data *value; }; #define data_flags base.base.flags #define data_p15obj base.p15_object @@ -160,7 +160,7 @@ static CK_RV pkcs15_bind(struct sc_pkcs11_card *p11card) static CK_RV pkcs15_unbind(struct sc_pkcs11_card *p11card) { - struct pkcs15_fw_data *fw_data = (struct pkcs15_fw_data *) p11card->fw_data; + struct pkcs15_fw_data *fw_data = (struct pkcs15_fw_data *) p11card->fw_data; unsigned int i; int rc; @@ -177,7 +177,7 @@ static CK_RV pkcs15_unbind(struct sc_pkcs11_card *p11card) unlock_card(fw_data); rc = sc_pkcs15_unbind(fw_data->p15_card); - return sc_to_cryptoki_error(rc, p11card->reader); + return sc_to_cryptoki_error(rc, p11card->reader); } static void pkcs15_init_token_info(struct sc_pkcs15_card *card, CK_TOKEN_INFO_PTR pToken) @@ -259,14 +259,14 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_cert_info *p15_info; struct sc_pkcs15_cert *p15_cert; struct pkcs15_cert_object *object; - struct pkcs15_pubkey_object *obj2; + struct pkcs15_pubkey_object *obj2; int rv; p15_info = (struct sc_pkcs15_cert_info *) cert->data; if ((rv = sc_pkcs15_read_certificate(fw_data->p15_card, p15_info, &p15_cert) < 0)) return rv; - /* Certificate object */ + /* Certificate object */ rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object, cert, &pkcs15_cert_ops, sizeof(struct pkcs15_cert_object)); @@ -276,7 +276,7 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, object->cert_info = p15_info; object->cert_data = p15_cert; - /* Corresponding public key */ + /* Corresponding public key */ rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &obj2, NULL, &pkcs15_pubkey_ops, sizeof(struct pkcs15_pubkey_object)); @@ -314,7 +314,7 @@ __pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data, if ((rv = sc_pkcs15_read_pubkey(fw_data->p15_card, pubkey, &p15_key)) < 0) return rv; - /* Public key object */ + /* Public key object */ rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object, pubkey, &pkcs15_pubkey_ops, sizeof(struct pkcs15_pubkey_object)); @@ -380,7 +380,7 @@ pkcs15_create_pkcs11_objects(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_object *p15_object[MAX_OBJECTS]; int i, count, rv; - rv = count = sc_pkcs15_get_objects(fw_data->p15_card, p15_type, p15_object, MAX_OBJECTS); + rv = count = sc_pkcs15_get_objects(fw_data->p15_card, p15_type, p15_object, MAX_OBJECTS); if (rv >= 0) { sc_debug(context, "Found %d %s%s\n", count, @@ -582,7 +582,7 @@ static CK_RV pkcs15_create_slot(struct sc_pkcs11_card *p11card, struct sc_pkcs15_object *auth, struct sc_pkcs11_slot **out) { - struct pkcs15_fw_data *fw_data = (struct pkcs15_fw_data *) p11card->fw_data; + struct pkcs15_fw_data *fw_data = (struct pkcs15_fw_data *) p11card->fw_data; struct sc_pkcs11_slot *slot; int rv; @@ -606,38 +606,38 @@ static CK_RV pkcs15_create_tokens(struct sc_pkcs11_card *p11card) struct sc_pkcs15_object *auths[MAX_OBJECTS]; struct sc_pkcs11_slot *slot; int i, rv, reader = p11card->reader; - int auth_count; + int auth_count; unsigned int j; - rv = sc_pkcs15_get_objects(fw_data->p15_card, + rv = sc_pkcs15_get_objects(fw_data->p15_card, SC_PKCS15_TYPE_AUTH_PIN, auths, SC_PKCS15_MAX_PINS); if (rv < 0) - return sc_to_cryptoki_error(rv, reader); + return sc_to_cryptoki_error(rv, reader); sc_debug(context, "Found %d authentication objects\n", rv); auth_count = rv; - rv = pkcs15_create_pkcs11_objects(fw_data, + rv = pkcs15_create_pkcs11_objects(fw_data, SC_PKCS15_TYPE_PRKEY_RSA, "private key", __pkcs15_create_prkey_object); if (rv < 0) - return sc_to_cryptoki_error(rv, reader); + return sc_to_cryptoki_error(rv, reader); - rv = pkcs15_create_pkcs11_objects(fw_data, + rv = pkcs15_create_pkcs11_objects(fw_data, SC_PKCS15_TYPE_PUBKEY_RSA, "public key", __pkcs15_create_pubkey_object); if (rv < 0) - return sc_to_cryptoki_error(rv, reader); + return sc_to_cryptoki_error(rv, reader); rv = pkcs15_create_pkcs11_objects(fw_data, SC_PKCS15_TYPE_CERT_X509, "certificate", __pkcs15_create_cert_object); if (rv < 0) - return sc_to_cryptoki_error(rv, reader); + return sc_to_cryptoki_error(rv, reader); rv = pkcs15_create_pkcs11_objects(fw_data, SC_PKCS15_TYPE_DATA_OBJECT, @@ -730,7 +730,7 @@ static CK_RV pkcs15_login(struct sc_pkcs11_card *p11card, int rc; struct pkcs15_fw_data *fw_data = (struct pkcs15_fw_data *) p11card->fw_data; struct sc_pkcs15_card *card = fw_data->p15_card; - struct sc_pkcs15_object *auth_object; + struct sc_pkcs15_object *auth_object; struct sc_pkcs15_pin_info *pin; switch (userType) { @@ -784,7 +784,7 @@ static CK_RV pkcs15_login(struct sc_pkcs11_card *p11card, return sc_to_cryptoki_error(rc, p11card->reader); rc = sc_pkcs15_verify_pin(card, pin, pPin, ulPinLen); - sc_debug(context, "PIN verification returned %d\n", rc); + sc_debug(context, "PIN verification returned %d\n", rc); if (rc >= 0) cache_pin(fw_token, userType, &pin->path, pPin, ulPinLen); @@ -835,7 +835,7 @@ static CK_RV pkcs15_change_pin(struct sc_pkcs11_card *p11card, rc = sc_pkcs15_change_pin(fw_data->p15_card, pin, pOldPin, ulOldLen, pNewPin, ulNewLen); - sc_debug(context, "PIN verification returned %d\n", rc); + sc_debug(context, "PIN change returned %d\n", rc); if (rc >= 0) cache_pin(fw_token, CKU_USER, &pin->path, pNewPin, ulNewLen); @@ -1418,16 +1418,16 @@ struct sc_pkcs11_framework_ops framework_pkcs15 = { pkcs15_create_tokens, pkcs15_release_token, pkcs15_login, - pkcs15_logout, + pkcs15_logout, pkcs15_change_pin, - NULL, /* init_token */ + NULL, /* init_token */ #ifdef USE_PKCS15_INIT pkcs15_init_pin, - pkcs15_create_object, - pkcs15_gen_keypair, + pkcs15_create_object, + pkcs15_gen_keypair, #else - NULL, - NULL + NULL, + NULL #endif }; @@ -1436,18 +1436,18 @@ static CK_RV pkcs15_set_attrib(struct sc_pkcs11_session *session, CK_ATTRIBUTE_PTR attr) { #ifndef USE_PKCS15_INIT - return CKR_FUNCTION_NOT_SUPPORTED; + return CKR_FUNCTION_NOT_SUPPORTED; #else - struct sc_profile *profile = NULL; - struct sc_pkcs11_card *p11card = session->slot->card; - struct pkcs15_fw_data *fw_data = (struct pkcs15_fw_data *) p11card->fw_data; - struct sc_pkcs15_id id; - int rc = 0; - CK_RV rv = CKR_OK; + struct sc_profile *profile = NULL; + struct sc_pkcs11_card *p11card = session->slot->card; + struct pkcs15_fw_data *fw_data = (struct pkcs15_fw_data *) p11card->fw_data; + struct sc_pkcs15_id id; + int rc = 0; + CK_RV rv = CKR_OK; - rc = sc_pkcs15init_bind(p11card->card, "pkcs15", NULL, &profile); - if (rc < 0) - return sc_to_cryptoki_error(rc, p11card->reader); + rc = sc_pkcs15init_bind(p11card->card, "pkcs15", NULL, &profile); + if (rc < 0) + return sc_to_cryptoki_error(rc, p11card->reader); rc = sc_lock(p11card->card); if (rc < 0) { @@ -1458,36 +1458,36 @@ static CK_RV pkcs15_set_attrib(struct sc_pkcs11_session *session, /* Add the PINs the user presented so far to the keycache. */ add_pins_to_keycache(p11card, session->slot); - switch(attr->type) { - case CKA_LABEL: - rc = sc_pkcs15init_change_attrib(fw_data->p15_card, profile, p15_object, - P15_ATTR_TYPE_LABEL, attr->pValue, attr->ulValueLen); - break; - case CKA_ID: - if (attr->ulValueLen > SC_PKCS15_MAX_ID_SIZE) { - rc = SC_ERROR_INVALID_ARGUMENTS; - break; - } - memcpy(id.value, attr->pValue, attr->ulValueLen); - id.len = attr->ulValueLen; - rc = sc_pkcs15init_change_attrib(fw_data->p15_card, profile, p15_object, - P15_ATTR_TYPE_ID, &id, sizeof(id)); - break; + switch(attr->type) { + case CKA_LABEL: + rc = sc_pkcs15init_change_attrib(fw_data->p15_card, profile, p15_object, + P15_ATTR_TYPE_LABEL, attr->pValue, attr->ulValueLen); + break; + case CKA_ID: + if (attr->ulValueLen > SC_PKCS15_MAX_ID_SIZE) { + rc = SC_ERROR_INVALID_ARGUMENTS; + break; + } + memcpy(id.value, attr->pValue, attr->ulValueLen); + id.len = attr->ulValueLen; + rc = sc_pkcs15init_change_attrib(fw_data->p15_card, profile, p15_object, + P15_ATTR_TYPE_ID, &id, sizeof(id)); + break; case CKA_SUBJECT: rc = SC_SUCCESS; break; - default: - rv = CKR_ATTRIBUTE_READ_ONLY; - goto set_attr_done; - } + default: + rv = CKR_ATTRIBUTE_READ_ONLY; + goto set_attr_done; + } - rv = sc_to_cryptoki_error(rc, p11card->reader); + rv = sc_to_cryptoki_error(rc, p11card->reader); set_attr_done: sc_unlock(p11card->card); - sc_pkcs15init_unbind(profile); - - return rv; + sc_pkcs15init_unbind(profile); + + return rv; #endif } @@ -1508,8 +1508,8 @@ static CK_RV pkcs15_cert_set_attribute(struct sc_pkcs11_session *session, void *object, CK_ATTRIBUTE_PTR attr) { - struct pkcs15_cert_object *cert = (struct pkcs15_cert_object*) object; - return pkcs15_set_attrib(session, cert->base.p15_object, attr); + struct pkcs15_cert_object *cert = (struct pkcs15_cert_object*) object; + return pkcs15_set_attrib(session, cert->base.p15_object, attr); } static CK_RV pkcs15_cert_get_attribute(struct sc_pkcs11_session *session, @@ -1523,24 +1523,24 @@ static CK_RV pkcs15_cert_get_attribute(struct sc_pkcs11_session *session, case CKA_CLASS: check_attribute_buffer(attr, sizeof(CK_OBJECT_CLASS)); *(CK_OBJECT_CLASS*)attr->pValue = CKO_CERTIFICATE; - break; + break; case CKA_TOKEN: check_attribute_buffer(attr, sizeof(CK_BBOOL)); *(CK_BBOOL*)attr->pValue = TRUE; - break; + break; case CKA_PRIVATE: case CKA_MODIFIABLE: check_attribute_buffer(attr, sizeof(CK_BBOOL)); *(CK_BBOOL*)attr->pValue = FALSE; - break; + break; case CKA_LABEL: len = strlen(cert->cert_p15obj->label); check_attribute_buffer(attr, len); - memcpy(attr->pValue, cert->cert_p15obj->label, len); - break; + memcpy(attr->pValue, cert->cert_p15obj->label, len); + break; case CKA_CERTIFICATE_TYPE: check_attribute_buffer(attr, sizeof(CK_CERTIFICATE_TYPE)); - *(CK_CERTIFICATE_TYPE*)attr->pValue = CKC_X_509; + *(CK_CERTIFICATE_TYPE*)attr->pValue = CKC_X_509; break; case CKA_ID: /* Not sure why CA certs should be reported with an @@ -1551,12 +1551,12 @@ static CK_RV pkcs15_cert_get_attribute(struct sc_pkcs11_session *session, } else { check_attribute_buffer(attr, cert->cert_info->id.len); memcpy(attr->pValue, cert->cert_info->id.value, cert->cert_info->id.len); - } - break; + } + break; case CKA_TRUSTED: check_attribute_buffer(attr, sizeof(CK_BBOOL)); - *(CK_BBOOL*)attr->pValue = cert->cert_info->authority?TRUE:FALSE; - break; + *(CK_BBOOL*)attr->pValue = cert->cert_info->authority ? TRUE : FALSE; + break; case CKA_VALUE: check_attribute_buffer(attr, cert->cert_data->data_len); memcpy(attr->pValue, cert->cert_data->data, cert->cert_data->data_len); @@ -1574,10 +1574,10 @@ static CK_RV pkcs15_cert_get_attribute(struct sc_pkcs11_session *session, cert->cert_data->issuer_len, attr); default: - return CKR_ATTRIBUTE_TYPE_INVALID; + return CKR_ATTRIBUTE_TYPE_INVALID; } - return CKR_OK; + return CKR_OK; } static int @@ -1615,20 +1615,19 @@ pkcs15_cert_cmp_attribute(struct sc_pkcs11_session *session, return 1; break; default: - return sc_pkcs11_any_cmp_attribute(session, object, attr); + return sc_pkcs11_any_cmp_attribute(session, object, attr); } - - return 0; + return 0; } struct sc_pkcs11_object_ops pkcs15_cert_ops = { pkcs15_cert_release, - pkcs15_cert_set_attribute, + pkcs15_cert_set_attribute, pkcs15_cert_get_attribute, pkcs15_cert_cmp_attribute, NULL, NULL, - NULL + NULL }; /* @@ -1643,8 +1642,8 @@ static CK_RV pkcs15_prkey_set_attribute(struct sc_pkcs11_session *session, void *object, CK_ATTRIBUTE_PTR attr) { - struct pkcs15_prkey_object *prkey = (struct pkcs15_prkey_object*) object; - return pkcs15_set_attrib(session, prkey->base.p15_object, attr); + struct pkcs15_prkey_object *prkey = (struct pkcs15_prkey_object*) object; + return pkcs15_set_attrib(session, prkey->base.p15_object, attr); } static CK_RV pkcs15_prkey_get_attribute(struct sc_pkcs11_session *session, @@ -1734,10 +1733,10 @@ static CK_RV pkcs15_prkey_get_attribute(struct sc_pkcs11_session *session, attr->ulValueLen = 0; return CKR_OK; default: - return CKR_ATTRIBUTE_TYPE_INVALID; + return CKR_ATTRIBUTE_TYPE_INVALID; } - return CKR_OK; + return CKR_OK; } static CK_RV pkcs15_prkey_sign(struct sc_pkcs11_session *ses, void *obj, @@ -1798,10 +1797,10 @@ static CK_RV pkcs15_prkey_sign(struct sc_pkcs11_session *ses, void *obj, flags = SC_ALGORITHM_RSA_RAW; break; default: - return CKR_MECHANISM_INVALID; + return CKR_MECHANISM_INVALID; } - sc_debug(context, "Selected flags %X. Now computing signature for %d bytes. %d bytes reserved.\n", flags, ulDataLen, *pulDataLen); + sc_debug(context, "Selected flags %X. Now computing signature for %d bytes. %d bytes reserved.\n", flags, ulDataLen, *pulDataLen); rv = sc_pkcs15_compute_signature(fw_data->p15_card, prkey->prv_p15obj, flags, @@ -1827,14 +1826,14 @@ static CK_RV pkcs15_prkey_sign(struct sc_pkcs11_session *ses, void *obj, sc_unlock(ses->slot->card->card); } - sc_debug(context, "Sign complete. Result %d.\n", rv); + sc_debug(context, "Sign complete. Result %d.\n", rv); if (rv > 0) { - *pulDataLen = rv; - return CKR_OK; + *pulDataLen = rv; + return CKR_OK; } - return sc_to_cryptoki_error(rv, ses->slot->card->reader); + return sc_to_cryptoki_error(rv, ses->slot->card->reader); } static CK_RV @@ -1941,7 +1940,7 @@ struct sc_pkcs11_object_ops pkcs15_prkey_ops = { sc_pkcs11_any_cmp_attribute, NULL, NULL, - pkcs15_prkey_sign, + pkcs15_prkey_sign, pkcs15_prkey_unwrap, pkcs15_prkey_decrypt }; @@ -1962,8 +1961,8 @@ static CK_RV pkcs15_pubkey_set_attribute(struct sc_pkcs11_session *session, void *object, CK_ATTRIBUTE_PTR attr) { - struct pkcs15_pubkey_object *pubkey = (struct pkcs15_pubkey_object*) object; - return pkcs15_set_attrib(session, pubkey->base.p15_object, attr); + struct pkcs15_pubkey_object *pubkey = (struct pkcs15_pubkey_object*) object; + return pkcs15_set_attrib(session, pubkey->base.p15_object, attr); } static CK_RV pkcs15_pubkey_get_attribute(struct sc_pkcs11_session *session, @@ -2059,10 +2058,10 @@ static CK_RV pkcs15_pubkey_get_attribute(struct sc_pkcs11_session *session, } break; default: - return CKR_ATTRIBUTE_TYPE_INVALID; + return CKR_ATTRIBUTE_TYPE_INVALID; } - return CKR_OK; + return CKR_OK; } struct sc_pkcs11_object_ops pkcs15_pubkey_ops = { @@ -2072,7 +2071,7 @@ struct sc_pkcs11_object_ops pkcs15_pubkey_ops = { sc_pkcs11_any_cmp_attribute, NULL, NULL, - NULL + NULL }; @@ -2292,8 +2291,8 @@ get_usage_bit(unsigned int usage, CK_ATTRIBUTE_PTR attr) CK_ATTRIBUTE_TYPE type; unsigned int flag; } flag_mapping[] = { - { CKA_ENCRYPT, SC_PKCS15_PRKEY_USAGE_ENCRYPT }, - { CKA_DECRYPT, SC_PKCS15_PRKEY_USAGE_DECRYPT }, + { CKA_ENCRYPT, SC_PKCS15_PRKEY_USAGE_ENCRYPT }, + { CKA_DECRYPT, SC_PKCS15_PRKEY_USAGE_DECRYPT }, { CKA_SIGN, SC_PKCS15_PRKEY_USAGE_SIGN|SC_PKCS15_PRKEY_USAGE_NONREPUDIATION }, { CKA_SIGN_RECOVER, SC_PKCS15_PRKEY_USAGE_SIGNRECOVER }, { CKA_WRAP, SC_PKCS15_PRKEY_USAGE_WRAP }, diff --git a/src/pkcs11/misc.c b/src/pkcs11/misc.c index 5af149ca..c8f1aab6 100644 --- a/src/pkcs11/misc.c +++ b/src/pkcs11/misc.c @@ -24,9 +24,9 @@ #define DUMP_TEMPLATE_MAX 32 -void strcpy_bp(u8 *dst, const char *src, int dstsize) +void strcpy_bp(u8 *dst, const char *src, size_t dstsize) { - int c; + size_t c; if (!dst || !src || !dstsize) return; @@ -88,31 +88,31 @@ CK_RV pool_initialize(struct sc_pkcs11_pool *pool, int type) pool->num_items = 0; pool->head = pool->tail = NULL; - return CKR_OK; + return CKR_OK; } CK_RV pool_insert(struct sc_pkcs11_pool *pool, void *item_ptr, CK_ULONG_PTR pHandle) { struct sc_pkcs11_pool_item *item; - int handle = pool->next_free_handle++; + int handle = pool->next_free_handle++; item = (struct sc_pkcs11_pool_item*) malloc(sizeof(struct sc_pkcs11_pool_item)); if (pHandle != NULL) - *pHandle = handle; + *pHandle = handle; - item->handle = handle; + item->handle = handle; item->item = item_ptr; item->next = NULL; - item->prev = pool->tail; + item->prev = pool->tail; if (pool->head != NULL && pool->tail != NULL) { pool->tail->next = item; - pool->tail = item; + pool->tail = item; } else - pool->head = pool->tail = item; - - return CKR_OK; + pool->head = pool->tail = item; + + return CKR_OK; } CK_RV pool_find(struct sc_pkcs11_pool *pool, CK_ULONG handle, void **item_ptr) @@ -120,12 +120,12 @@ CK_RV pool_find(struct sc_pkcs11_pool *pool, CK_ULONG handle, void **item_ptr) struct sc_pkcs11_pool_item *item; if (context == NULL) - return CKR_CRYPTOKI_NOT_INITIALIZED; + return CKR_CRYPTOKI_NOT_INITIALIZED; for (item = pool->head; item != NULL; item = item->next) { if (item->handle == handle) { *item_ptr = item->item; - return CKR_OK; + return CKR_OK; } } @@ -148,7 +148,7 @@ CK_RV pool_find_and_delete(struct sc_pkcs11_pool *pool, CK_ULONG handle, void ** if (pool->tail == item) pool->tail = item->prev; *item_ptr = item->item; - free(item); + free(item); return CKR_OK; } @@ -167,7 +167,7 @@ CK_RV session_start_operation(struct sc_pkcs11_session *session, sc_pkcs11_operation_t *op; if (context == NULL) - return CKR_CRYPTOKI_NOT_INITIALIZED; + return CKR_CRYPTOKI_NOT_INITIALIZED; if (type < 0 || type >= SC_PKCS11_OPERATION_MAX) return CKR_ARGUMENTS_BAD; @@ -182,7 +182,7 @@ CK_RV session_start_operation(struct sc_pkcs11_session *session, if (operation) *operation = op; - return CKR_OK; + return CKR_OK; } CK_RV session_get_operation(struct sc_pkcs11_session *session, int type, @@ -199,7 +199,7 @@ CK_RV session_get_operation(struct sc_pkcs11_session *session, int type, if (operation) *operation = op; - return CKR_OK; + return CKR_OK; } CK_RV session_stop_operation(struct sc_pkcs11_session *session, int type) @@ -211,7 +211,7 @@ CK_RV session_stop_operation(struct sc_pkcs11_session *session, int type) return CKR_OPERATION_NOT_INITIALIZED; sc_pkcs11_release_operation(&session->operation[type]); - return CKR_OK; + return CKR_OK; } CK_RV attr_extract(CK_ATTRIBUTE_PTR pAttr, void *ptr, size_t *sizep) diff --git a/src/pkcs11/pkcs11-display.c b/src/pkcs11/pkcs11-display.c index c4897d2c..01ab6d0c 100644 --- a/src/pkcs11/pkcs11-display.c +++ b/src/pkcs11/pkcs11-display.c @@ -70,7 +70,7 @@ void print_generic(FILE *f, CK_LONG type, CK_VOID_PTR value, CK_ULONG size, CK_V } #ifdef HAVE_OPENSSL -void print_dn(FILE *f, CK_LONG type, CK_VOID_PTR value, CK_ULONG size, CK_VOID_PTR arg) +static void print_dn(FILE *f, CK_LONG type, CK_VOID_PTR value, CK_ULONG size, CK_VOID_PTR arg) { print_generic(f, type, value, size, arg); if(size && value) { diff --git a/src/pkcs11/pkcs11-global.c b/src/pkcs11/pkcs11-global.c index d2f66e6a..51fa3efc 100644 --- a/src/pkcs11/pkcs11-global.c +++ b/src/pkcs11/pkcs11-global.c @@ -36,7 +36,7 @@ CK_RV C_Initialize(CK_VOID_PTR pReserved) if (context != NULL) { sc_error(context, "C_Initialize(): Cryptoki already initialized\n"); - return CKR_CRYPTOKI_ALREADY_INITIALIZED; + return CKR_CRYPTOKI_ALREADY_INITIALIZED; } rc = sc_establish_context(&context, "opensc-pkcs11"); if (rc != 0) { @@ -63,7 +63,8 @@ CK_RV C_Initialize(CK_VOID_PTR pReserved) context = NULL; } -out: if (context != NULL) +out: + if (context != NULL) sc_debug(context, "C_Initialize: result = %d\n", rv); return rv; } @@ -84,7 +85,7 @@ CK_RV C_Finalize(CK_VOID_PTR pReserved) sc_debug(context, "Shutting down Cryptoki\n"); for (i=0; ireader_count; i++) - card_removed(i); + card_removed(i); sc_release_context(context); context = NULL; @@ -92,7 +93,7 @@ CK_RV C_Finalize(CK_VOID_PTR pReserved) out: /* Release and destroy the mutex */ sc_pkcs11_free_lock(); - return rv; + return rv; } CK_RV C_GetInfo(CK_INFO_PTR pInfo) @@ -120,10 +121,10 @@ CK_RV C_GetInfo(CK_INFO_PTR pInfo) "SmartCard PKCS#11 API", sizeof(pInfo->libraryDescription)); pInfo->libraryVersion.major = 0; - pInfo->libraryVersion.minor = 8; + pInfo->libraryVersion.minor = 9; out: sc_pkcs11_unlock(); - return rv; + return rv; } CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList) @@ -140,7 +141,7 @@ CK_RV C_GetSlotList(CK_BBOOL tokenPresent, /* only slots with token prese CK_ULONG_PTR pulCount) /* receives the number of slots */ { CK_SLOT_ID found[SC_PKCS11_MAX_VIRTUAL_SLOTS]; - int i; + int i; CK_ULONG numMatches; sc_pkcs11_slot_t *slot; CK_RV rv; @@ -168,14 +169,14 @@ CK_RV C_GetSlotList(CK_BBOOL tokenPresent, /* only slots with token prese if (pSlotList == NULL_PTR) { sc_debug(context, "was only a size inquiry (%d)\n", numMatches); *pulCount = numMatches; - rv = CKR_OK; + rv = CKR_OK; goto out; } if (*pulCount < numMatches) { sc_debug(context, "buffer was too small (needed %d)\n", numMatches); *pulCount = numMatches; - rv = CKR_BUFFER_TOO_SMALL; + rv = CKR_BUFFER_TOO_SMALL; goto out; } @@ -186,14 +187,14 @@ CK_RV C_GetSlotList(CK_BBOOL tokenPresent, /* only slots with token prese sc_debug(context, "returned %d slots\n", numMatches); out: sc_pkcs11_unlock(); - return rv; + return rv; } CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) { struct sc_pkcs11_slot *slot; sc_timestamp_t now; - CK_RV rv; + CK_RV rv; rv = sc_pkcs11_lock(); if (rv != CKR_OK) @@ -229,7 +230,7 @@ out: sc_pkcs11_unlock(); CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo) { struct sc_pkcs11_slot *slot; - CK_RV rv; + CK_RV rv; rv = sc_pkcs11_lock(); if (rv != CKR_OK) @@ -255,7 +256,7 @@ CK_RV C_GetMechanismList(CK_SLOT_ID slotID, CK_ULONG_PTR pulCount) { struct sc_pkcs11_slot *slot; - CK_RV rv; + CK_RV rv; rv = sc_pkcs11_lock(); if (rv != CKR_OK) @@ -274,7 +275,7 @@ CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_INFO_PTR pInfo) { struct sc_pkcs11_slot *slot; - CK_RV rv; + CK_RV rv; rv = sc_pkcs11_lock(); if (rv != CKR_OK) @@ -300,7 +301,7 @@ CK_RV C_InitToken(CK_SLOT_ID slotID, struct sc_pkcs11_pool_item *item; struct sc_pkcs11_session *session; struct sc_pkcs11_slot *slot; - CK_RV rv; + CK_RV rv; rv = sc_pkcs11_lock(); if (rv != CKR_OK) @@ -553,7 +554,7 @@ CK_FUNCTION_LIST pkcs11_function_list = { C_Decrypt, C_DecryptUpdate, C_DecryptFinal, - C_DigestInit, + C_DigestInit, C_Digest, C_DigestUpdate, C_DigestKey, @@ -582,6 +583,6 @@ CK_FUNCTION_LIST pkcs11_function_list = { C_SeedRandom, C_GenerateRandom, C_GetFunctionStatus, - C_CancelFunction, + C_CancelFunction, C_WaitForSlotEvent }; diff --git a/src/pkcs11/pkcs11-object.c b/src/pkcs11/pkcs11-object.c index 89998193..4ee582aa 100644 --- a/src/pkcs11/pkcs11-object.c +++ b/src/pkcs11/pkcs11-object.c @@ -92,10 +92,11 @@ CK_RV C_GetAttributeValue(CK_SESSION_HANDLE hSession, /* the session's handle -1 }; char object_name[64]; - int i, j, rv; + int j, rv; struct sc_pkcs11_session *session; struct sc_pkcs11_object *object; int res, res_type; + unsigned int i; rv = sc_pkcs11_lock(); if (rv != CKR_OK) @@ -150,7 +151,8 @@ CK_RV C_SetAttributeValue(CK_SESSION_HANDLE hSession, /* the session's handle CK_ATTRIBUTE_PTR pTemplate, /* specifies attributes and values */ CK_ULONG ulCount) /* attributes in template */ { - int i, rv; + int rv; + unsigned int i; struct sc_pkcs11_session *session; struct sc_pkcs11_object *object; @@ -189,7 +191,8 @@ CK_RV C_FindObjectsInit(CK_SESSION_HANDLE hSession, /* the session's handle */ CK_BBOOL is_private = TRUE; CK_ATTRIBUTE private_attribute = { CKA_PRIVATE, &is_private, sizeof(is_private) }; - int j, rv, match, hide_private; + int rv, match, hide_private; + unsigned int j; struct sc_pkcs11_session *session; struct sc_pkcs11_object *object; struct sc_pkcs11_find_operation *operation; @@ -285,7 +288,8 @@ CK_RV C_FindObjects(CK_SESSION_HANDLE hSession, /* the session's han CK_ULONG ulMaxObjectCount, /* max handles to be returned */ CK_ULONG_PTR pulObjectCount) /* actual number returned */ { - int rv, to_return; + int rv; + CK_ULONG to_return; struct sc_pkcs11_session *session; struct sc_pkcs11_find_operation *operation; @@ -302,7 +306,7 @@ CK_RV C_FindObjects(CK_SESSION_HANDLE hSession, /* the session's han if (rv != CKR_OK) goto out; - to_return = operation->num_handles - operation->current_handle; + to_return = (CK_ULONG)operation->num_handles - operation->current_handle; if (to_return > ulMaxObjectCount) to_return = ulMaxObjectCount; diff --git a/src/pkcs11/pkcs11-session.c b/src/pkcs11/pkcs11-session.c index 2b70084f..7012ca0f 100644 --- a/src/pkcs11/pkcs11-session.c +++ b/src/pkcs11/pkcs11-session.c @@ -59,7 +59,7 @@ CK_RV C_OpenSession(CK_SLOT_ID slotID, /* the slot's ID */ goto out; } - session = (struct sc_pkcs11_session*) calloc(1, sizeof(struct sc_pkcs11_session)); + session = (struct sc_pkcs11_session*) calloc(1, sizeof(struct sc_pkcs11_session)); if (session == NULL) { rv = CKR_HOST_MEMORY; goto out; @@ -67,22 +67,22 @@ CK_RV C_OpenSession(CK_SLOT_ID slotID, /* the slot's ID */ session->slot = slot; session->notify_callback = Notify; - session->notify_data = pApplication; - session->flags = flags; + session->notify_data = pApplication; + session->flags = flags; rv = pool_insert(&session_pool, session, phSession); if (rv != CKR_OK) - free(session); + free(session); else slot->nsessions++; out: sc_pkcs11_unlock(); - return rv; + return rv; } /* Internal version of C_CloseSession that gets called with * the global lock held */ -CK_RV sc_pkcs11_close_session(CK_SESSION_HANDLE hSession) +static CK_RV sc_pkcs11_close_session(CK_SESSION_HANDLE hSession) { struct sc_pkcs11_slot *slot; struct sc_pkcs11_session *session; @@ -90,7 +90,7 @@ CK_RV sc_pkcs11_close_session(CK_SESSION_HANDLE hSession) rv = pool_find_and_delete(&session_pool, hSession, (void**) &session); if (rv != CKR_OK) - return rv; + return rv; /* If we're the last session using this slot, make sure * we log out */ @@ -110,18 +110,18 @@ CK_RV sc_pkcs11_close_session(CK_SESSION_HANDLE hSession) CK_RV sc_pkcs11_close_all_sessions(CK_SLOT_ID slotID) { struct sc_pkcs11_pool_item *item, *next; - struct sc_pkcs11_session *session; + struct sc_pkcs11_session *session; sc_debug(context, "C_CloseAllSessions(slot %d).\n", (int) slotID); for (item = session_pool.head; item != NULL; item = next) { session = (struct sc_pkcs11_session*) item->item; - next = item->next; + next = item->next; if (session->slot->id == slotID) - sc_pkcs11_close_session(item->handle); + sc_pkcs11_close_session(item->handle); } - return CKR_OK; + return CKR_OK; } CK_RV C_CloseSession(CK_SESSION_HANDLE hSession) /* the session's handle */ @@ -146,7 +146,7 @@ CK_RV C_CloseAllSessions(CK_SLOT_ID slotID) /* the token's slot */ if (rv != CKR_OK) return rv; - rv = slot_get_token(slotID, &slot); + rv = slot_get_token(slotID, &slot); if (rv != CKR_OK) goto out; @@ -161,7 +161,7 @@ CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession, /* the session's handle */ { struct sc_pkcs11_session *session; struct sc_pkcs11_slot *slot; - int rv; + int rv; rv = sc_pkcs11_lock(); if (rv != CKR_OK) @@ -172,7 +172,7 @@ CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession, /* the session's handle */ goto out; } - rv = pool_find(&session_pool, hSession, (void**) &session); + rv = pool_find(&session_pool, hSession, (void**) &session); if (rv != CKR_OK) goto out; @@ -202,7 +202,7 @@ CK_RV C_GetOperationState(CK_SESSION_HANDLE hSession, /* the session CK_BYTE_PTR pOperationState, /* location receiving state */ CK_ULONG_PTR pulOperationStateLen) /* location receiving state length */ { - return CKR_FUNCTION_NOT_SUPPORTED; + return CKR_FUNCTION_NOT_SUPPORTED; } CK_RV C_SetOperationState(CK_SESSION_HANDLE hSession, /* the session's handle */ @@ -219,9 +219,9 @@ CK_RV C_Login(CK_SESSION_HANDLE hSession, /* the session's handle */ CK_CHAR_PTR pPin, /* the user's PIN */ CK_ULONG ulPinLen) /* the length of the PIN */ { - int rv; + int rv; struct sc_pkcs11_session *session; - struct sc_pkcs11_slot *slot; + struct sc_pkcs11_slot *slot; rv = sc_pkcs11_lock(); if (rv != CKR_OK) @@ -232,13 +232,13 @@ CK_RV C_Login(CK_SESSION_HANDLE hSession, /* the session's handle */ goto out; } - rv = pool_find(&session_pool, hSession, (void**) &session); + rv = pool_find(&session_pool, hSession, (void**) &session); if (rv != CKR_OK) goto out; sc_debug(context, "Login for session %d\n", hSession); - slot = session->slot; + slot = session->slot; if (!(slot->token_info.flags & CKF_USER_PIN_INITIALIZED)) { rv = CKR_USER_PIN_NOT_INITIALIZED; @@ -250,27 +250,26 @@ CK_RV C_Login(CK_SESSION_HANDLE hSession, /* the session's handle */ goto out; } - rv = slot->card->framework->login(slot->card, - slot->fw_data, - userType, pPin, ulPinLen); + rv = slot->card->framework->login(slot->card, slot->fw_data, + userType, pPin, ulPinLen); if (rv == CKR_OK) - slot->login_user = userType; + slot->login_user = userType; out: sc_pkcs11_unlock(); - return rv; + return rv; } CK_RV C_Logout(CK_SESSION_HANDLE hSession) /* the session's handle */ { - int rv; + int rv; struct sc_pkcs11_session *session; - struct sc_pkcs11_slot *slot; + struct sc_pkcs11_slot *slot; rv = sc_pkcs11_lock(); if (rv != CKR_OK) return rv; - rv = pool_find(&session_pool, hSession, (void**) &session); + rv = pool_find(&session_pool, hSession, (void**) &session); if (rv != CKR_OK) goto out; @@ -295,13 +294,13 @@ CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, { struct sc_pkcs11_session *session; struct sc_pkcs11_slot *slot; - int rv; + int rv; rv = sc_pkcs11_lock(); if (rv != CKR_OK) return rv; - rv = pool_find(&session_pool, hSession, (void**) &session); + rv = pool_find(&session_pool, hSession, (void**) &session); if (rv != CKR_OK) goto out; @@ -326,15 +325,15 @@ CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pNewPin, CK_ULONG ulNewLen) { - int rv; + int rv; struct sc_pkcs11_session *session; - struct sc_pkcs11_slot *slot; + struct sc_pkcs11_slot *slot; rv = sc_pkcs11_lock(); if (rv != CKR_OK) return rv; - rv = pool_find(&session_pool, hSession, (void**) &session); + rv = pool_find(&session_pool, hSession, (void**) &session); if (rv != CKR_OK) goto out; @@ -347,7 +346,7 @@ CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, #endif slot = session->slot; - rv = slot->card->framework->change_pin(slot->card, slot->fw_data, + rv = slot->card->framework->change_pin(slot->card, slot->fw_data, pOldPin, ulOldLen, pNewPin, ulNewLen); diff --git a/src/pkcs11/pkcs11-spy.c b/src/pkcs11/pkcs11-spy.c index bafa4a5a..9cae0ee4 100644 --- a/src/pkcs11/pkcs11-spy.c +++ b/src/pkcs11/pkcs11-spy.c @@ -117,9 +117,9 @@ void enter(char *function) CK_RV retne(CK_RV rv) { - fprintf(spy_output, "Returned: %ld %s\n", rv, - lookup_enum ( RV_T, rv )); - return rv; + fprintf(spy_output, "Returned: %ld %s\n", rv, lookup_enum ( RV_T, rv )); + fflush(spy_output); + return rv; } void spy_dump_string_in(char *name, CK_VOID_PTR data, CK_ULONG size) diff --git a/src/pkcs11/sc-pkcs11.h b/src/pkcs11/sc-pkcs11.h index 091ac3a3..6429f442 100644 --- a/src/pkcs11/sc-pkcs11.h +++ b/src/pkcs11/sc-pkcs11.h @@ -325,7 +325,7 @@ extern unsigned int first_free_slot; extern struct sc_pkcs11_framework_ops framework_pkcs15; extern struct sc_pkcs11_framework_ops framework_pkcs15init; -void strcpy_bp(u8 *dst, const char *src, int dstsize); +void strcpy_bp(u8 *dst, const char *src, size_t dstsize); CK_RV sc_to_cryptoki_error(int rc, int reader); void sc_pkcs11_print_attrs(const char *file, unsigned int line, const char *function, const char *info, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount); diff --git a/src/pkcs11/slot.c b/src/pkcs11/slot.c index 6ce0cb7a..2ac65b35 100644 --- a/src/pkcs11/slot.c +++ b/src/pkcs11/slot.c @@ -41,7 +41,7 @@ static void init_slot_info(CK_SLOT_INFO_PTR pInfo) pInfo->hardwareVersion.major = 0; pInfo->hardwareVersion.minor = 0; pInfo->firmwareVersion.major = 0; - pInfo->firmwareVersion.minor = 0; + pInfo->firmwareVersion.minor = 0; } CK_RV card_initialize(int reader) @@ -70,15 +70,15 @@ CK_RV card_initialize(int reader) card->num_slots = 0; first_free_slot += card->max_slots; - return CKR_OK; + return CKR_OK; } CK_RV card_detect(int reader) { struct sc_pkcs11_card *card = &card_table[reader]; - int rc, rv, i, retry = 1; + int rc, rv, i, retry = 1; - rv = CKR_OK; + rv = CKR_OK; sc_debug(context, "%d: Detecting SmartCard\n", reader); for (i = card->max_slots; i--; ) { @@ -143,7 +143,7 @@ again: rc = sc_detect_card_presence(context->reader[reader], 0); sc_debug(context, "%d: Detected framework %d. Creating tokens.\n", reader, i); rv = frameworks[i]->create_tokens(card); if (rv != CKR_OK) - return rv; + return rv; card->framework = frameworks[i]; } @@ -178,14 +178,14 @@ CK_RV card_detect_all(void) CK_RV card_removed(int reader) { int i; - struct sc_pkcs11_card *card; + struct sc_pkcs11_card *card; sc_debug(context, "%d: SmartCard removed\n", reader); for (i=0; ireader == reader) - slot_token_removed(i); + slot_token_removed(i); } /* beware - do not clean the entire sc_pkcs11_card struct; @@ -200,9 +200,9 @@ CK_RV card_removed(int reader) if (card->card) sc_disconnect_card(card->card, 0); - card->card = NULL; + card->card = NULL; - return CKR_OK; + return CKR_OK; } CK_RV slot_initialize(int id, struct sc_pkcs11_slot *slot) @@ -210,10 +210,10 @@ CK_RV slot_initialize(int id, struct sc_pkcs11_slot *slot) memset(slot, 0, sizeof(*slot)); slot->id = id; slot->login_user = -1; - init_slot_info(&slot->slot_info); + init_slot_info(&slot->slot_info); pool_initialize(&slot->object_pool, POOL_TYPE_OBJECT); - return CKR_OK; + return CKR_OK; } CK_RV slot_allocate(struct sc_pkcs11_slot **slot, struct sc_pkcs11_card *card) @@ -228,16 +228,14 @@ CK_RV slot_allocate(struct sc_pkcs11_slot **slot, struct sc_pkcs11_card *card) for (i = first; i < last; i++) { if (!virtual_slots[i].card) { sc_debug(context, "Allocated slot %d\n", i); - - virtual_slots[i].card = card; - virtual_slots[i].events = SC_EVENT_CARD_INSERTED; + virtual_slots[i].card = card; + virtual_slots[i].events = SC_EVENT_CARD_INSERTED; *slot = &virtual_slots[i]; card->num_slots++; return CKR_OK; } } - return CKR_FUNCTION_FAILED; - + return CKR_FUNCTION_FAILED; } CK_RV slot_get_slot(int id, struct sc_pkcs11_slot **slot) @@ -247,9 +245,9 @@ CK_RV slot_get_slot(int id, struct sc_pkcs11_slot **slot) if (id < 0 || id >= SC_PKCS11_MAX_VIRTUAL_SLOTS) return CKR_SLOT_ID_INVALID; - - *slot = &virtual_slots[id]; - return CKR_OK; + + *slot = &virtual_slots[id]; + return CKR_OK; } CK_RV slot_get_token(int id, struct sc_pkcs11_slot **slot) @@ -266,15 +264,14 @@ CK_RV slot_get_token(int id, struct sc_pkcs11_slot **slot) if (rv != CKR_OK) return CKR_TOKEN_NOT_PRESENT; } - - return CKR_OK; + return CKR_OK; } CK_RV slot_token_removed(int id) { int rv, token_was_present; - struct sc_pkcs11_slot *slot; - struct sc_pkcs11_object *object; + struct sc_pkcs11_slot *slot; + struct sc_pkcs11_object *object; CK_SLOT_INFO saved_slot_info; int reader; @@ -284,13 +281,13 @@ CK_RV slot_token_removed(int id) token_was_present = (slot->slot_info.flags & CKF_TOKEN_PRESENT); - /* Terminate active sessions */ - sc_pkcs11_close_all_sessions(id); + /* Terminate active sessions */ + sc_pkcs11_close_all_sessions(id); /* Object pool */ while (pool_find_and_delete(&slot->object_pool, 0, (void**) &object) == CKR_OK) { - if (object->ops->release) - object->ops->release(object); + if (object->ops->release) + object->ops->release(object); } /* Release framework stuff */ @@ -316,8 +313,7 @@ CK_RV slot_token_removed(int id) if (token_was_present) slot->events = SC_EVENT_CARD_REMOVED; - return CKR_OK; - + return CKR_OK; } CK_RV slot_find_changed(CK_SLOT_ID_PTR idp, int mask)