latest version
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@26 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
32d6315d54
commit
e52d097f23
|
@ -117,6 +117,7 @@ CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
|
|||
LOG("Detected card in slot %d\n", slotID);
|
||||
pInfo->flags |= CKF_TOKEN_PRESENT;
|
||||
} else {
|
||||
LOG("No card in slot %d\n", slotID);
|
||||
slot_disconnect(slotID);
|
||||
}
|
||||
pInfo->hardwareVersion.major = 1;
|
||||
|
|
|
@ -151,7 +151,7 @@ CK_RV C_FindObjectsInit(CK_SESSION_HANDLE hSession, /* the session's handle */
|
|||
struct pkcs11_slot *slt;
|
||||
int i, j, k;
|
||||
|
||||
LOG("C_FindObjectsInit(%d, %d, 0x%x, %d)\n", hSession, pTemplate, ulCount);
|
||||
LOG("C_FindObjectsInit(%d, 0x%p, %d)\n", hSession, pTemplate, ulCount);
|
||||
dump_template("C_FindObjectsInit", pTemplate, ulCount);
|
||||
|
||||
if (hSession < 1 || hSession > PKCS11_MAX_SESSIONS || session[hSession] == NULL)
|
||||
|
|
|
@ -3,16 +3,16 @@
|
|||
#include "sc-pkcs11.h"
|
||||
|
||||
static CK_BYTE modulus[] =
|
||||
#if 0
|
||||
"\x00\xc7\x50\xbb\x9e\xf7\x43\x18\x7e\x8d\xb5\xe3\xa1\x6e\x4c"
|
||||
"\x8c\x0f\x0f\xc7\x9a\xce\xad\x05\x1b\x16\xf0\x30\x25\xdb\x1f"
|
||||
"\xbd\xf3\x68\x76\x29\xee\x75\x97\xba\x20\x1a\x48\xa8\x55\xa1"
|
||||
"\x50\x91\x45\x0e\x64\x70\xcd\xda\x52\x0b\x67\x94\x16\x89\x73"
|
||||
"\x7d\xa1\x7c\x5b\xa9\x29\xd8\xe2\x38\xc8\x24\x73\xaa\xc1\x7a"
|
||||
"\x99\x6f\x4f\xe9\xa6\xcc\x9e\x02\xd4\xb2\xf1\xf5\xe5\x94\x1f"
|
||||
"\x30\x70\x6c\x29\xe6\x65\x06\x55\x67\xc5\xa7\x35\x82\x5c\x6d"
|
||||
"\x4d\xe7\x60\x83\xf4\x0c\xed\xbe\x6b\xb1\xc3\xe4\x55\x99\x7f"
|
||||
"\x79\x07\x99\x2f\x65\x8b\xe5\x89\xe5";
|
||||
#if 1
|
||||
"\x00\xdd\x7e\x8d\x0c\x62\x31\x6e\xb7\x8f\x59\xa2\xd5\x93\x29"
|
||||
"\xd5\xe8\x5d\xdb\x28\x1a\x63\xfb\x36\x94\x69\x8e\x0a\xf4\xb5"
|
||||
"\xf5\xb7\x43\xb8\xce\xaf\x95\x6f\x5b\xfc\x4f\x59\xc2\xda\xcf"
|
||||
"\x1c\x59\x9b\x55\xb6\xe8\x42\x26\xc5\x8d\x67\x86\xf0\x65\xff"
|
||||
"\xbe\x65\x9b\x7a\x46\xde\x94\xb0\xb0\xda\x46\x6e\x55\x84\xed"
|
||||
"\xef\x74\xf7\x1f\xb3\x92\x02\xe5\x9a\xb9\x7a\xfe\xe7\x00\x9f"
|
||||
"\x6f\x66\x02\xf8\x99\xb5\xca\x6f\x09\x1a\x08\xeb\x7a\xfd\xea"
|
||||
"\x88\x37\xc2\xf4\xc5\x79\xa4\xcf\x86\x78\xf2\x56\x82\x99\x60"
|
||||
"\x8b\x49\xf7\x9c\xf4\x01\xc2\xd3\xdd";
|
||||
#else
|
||||
"\x00\xba\xb3\xc3\x65\xfb\xab\xd3\x4f\xf1\xe8\x72\xb8\xaa\x48"
|
||||
"\x6a\x82\x31\x43\xc9\x3e\xe6\xff\x6b\xb6\x0e\xa3\x82\xb4\xda"
|
||||
|
|
|
@ -16,17 +16,18 @@ struct sc_pkcs15_card *p15_card = NULL;
|
|||
#define DO_PRKEY_ENUM 1
|
||||
#define DO_PIN_ENUM 1
|
||||
#define DO_PIN_VERIFY 1
|
||||
#define DO_DECIPHER 0
|
||||
#define DO_DECIPHER 1
|
||||
#define DO_SIGN 1
|
||||
#define DO_CERT_ENUM 0
|
||||
#define DO_CERT_READ 0
|
||||
#define DO_CERT_ENUM 1
|
||||
#define DO_CERT_READ 1
|
||||
|
||||
int enum_private_keys()
|
||||
{
|
||||
int i;
|
||||
i = sc_pkcs15_enum_private_keys(p15_card);
|
||||
if (i < 0) {
|
||||
fprintf(stderr, "Private key enumeration failed with %s\n", sc_strerror(i));
|
||||
fprintf(stderr, "Private key enumeration failed with %s\n",
|
||||
sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -43,7 +44,8 @@ int enum_pins()
|
|||
|
||||
c = sc_pkcs15_enum_pins(p15_card);
|
||||
if (c < 0) {
|
||||
fprintf(stderr, "Error enumerating PIN codes: %s\n", sc_strerror(i));
|
||||
fprintf(stderr, "Error enumerating PIN codes: %s\n",
|
||||
sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
if (c == 0)
|
||||
|
@ -56,17 +58,23 @@ int enum_pins()
|
|||
|
||||
int ask_and_verify_pin(struct sc_pkcs15_pin_info *pin)
|
||||
{
|
||||
int i;
|
||||
int i = 0;
|
||||
char buf[32];
|
||||
|
||||
i = sc_sec_ask_pin_code(pin, buf, sizeof(buf), "Please enter PIN code");
|
||||
|
||||
// i = sc_sec_ask_pin_code(pin, buf, sizeof(buf),
|
||||
// "Please enter PIN code");
|
||||
strcpy(buf, "1234");
|
||||
if (i == 0) {
|
||||
i = sc_pkcs15_verify_pin(p15_card, pin, buf, strlen(buf));
|
||||
if (i) {
|
||||
if (i == SC_ERROR_PIN_CODE_INCORRECT)
|
||||
fprintf(stderr, "Incorrect PIN code (%d tries left)\n", pin->tries_left);
|
||||
fprintf(stderr,
|
||||
"Incorrect PIN code (%d tries left)\n",
|
||||
pin->tries_left);
|
||||
else
|
||||
fprintf(stderr, "PIN verifying failed: %s\n", sc_strerror(i));
|
||||
fprintf(stderr,
|
||||
"PIN verifying failed: %s\n",
|
||||
sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
printf("PIN code correct.\n");
|
||||
|
@ -76,48 +84,57 @@ int ask_and_verify_pin(struct sc_pkcs15_pin_info *pin)
|
|||
return 0;
|
||||
}
|
||||
|
||||
int main(int argc, char **argv) {
|
||||
u8 buf[256], buf2[256];
|
||||
u8 *certbuf;
|
||||
struct sc_security_env senv;
|
||||
FILE *file;
|
||||
|
||||
int i,c ;
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
u8 buf[256], buf2[256];
|
||||
struct sc_security_env senv;
|
||||
FILE *file;
|
||||
|
||||
i = sc_establish_context(&ctx);
|
||||
if (i < 0) {
|
||||
printf("sc_establish_context() failed (%d)\n", i);
|
||||
return 1;
|
||||
}
|
||||
i = sc_detect_card(ctx, 0);
|
||||
printf("Card %s.\n", i == 1 ? "present" : "absent");
|
||||
if (i < 0) {
|
||||
return 1;
|
||||
}
|
||||
if (i == 0) {
|
||||
printf("Please insert a smart card.");
|
||||
fflush(stdout);
|
||||
i = sc_wait_for_card(ctx, 0, -1);
|
||||
if (i != 1)
|
||||
return 1;
|
||||
printf("\n");
|
||||
}
|
||||
printf("Connecting... ");
|
||||
fflush(stdout);
|
||||
i = sc_connect_card(ctx, 0, &card);
|
||||
if (i != 0) {
|
||||
printf("Connecting to card failed\n");
|
||||
return 1;
|
||||
}
|
||||
printf("done.\n");
|
||||
fflush(stdout);
|
||||
int i, c;
|
||||
|
||||
i = sc_pkcs15_init(card, &p15_card);
|
||||
if (i != 0) {
|
||||
fprintf(stderr, "PKCS#15 card init failed: %s\n", sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
sc_pkcs15_print_card(p15_card);
|
||||
i = sc_establish_context(&ctx);
|
||||
if (i < 0) {
|
||||
printf("sc_establish_context() failed (%d)\n", i);
|
||||
return 1;
|
||||
}
|
||||
i = sc_detect_card(ctx, 0);
|
||||
printf("Card %s.\n", i == 1 ? "present" : "absent");
|
||||
if (i < 0) {
|
||||
return 1;
|
||||
}
|
||||
if (i == 0) {
|
||||
printf("Please insert a smart card.");
|
||||
fflush(stdout);
|
||||
i = sc_wait_for_card(ctx, -1, -1);
|
||||
if (i != 1)
|
||||
return 1;
|
||||
c = -1;
|
||||
for (i = 0; i < ctx->reader_count; i++) {
|
||||
if (sc_detect_card(ctx, i) == 1) {
|
||||
c = i;
|
||||
break;
|
||||
}
|
||||
}
|
||||
printf("\n");
|
||||
} else
|
||||
c = 0;
|
||||
printf("Connecting... ");
|
||||
fflush(stdout);
|
||||
i = sc_connect_card(ctx, c, &card);
|
||||
if (i != 0) {
|
||||
printf("Connecting to card failed\n");
|
||||
return 1;
|
||||
}
|
||||
printf("done.\n");
|
||||
fflush(stdout);
|
||||
|
||||
i = sc_pkcs15_init(card, &p15_card);
|
||||
if (i != 0) {
|
||||
fprintf(stderr, "PKCS#15 card init failed: %s\n",
|
||||
sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
sc_pkcs15_print_card(p15_card);
|
||||
|
||||
#if DO_PRKEY_ENUM
|
||||
if (enum_private_keys())
|
||||
|
@ -132,106 +149,116 @@ int main(int argc, char **argv) {
|
|||
return 1;
|
||||
#endif
|
||||
#if DO_DECIPHER
|
||||
senv.signature = 0;
|
||||
senv.algorithm_ref = 0x02;
|
||||
senv.key_ref = 0;
|
||||
senv.key_file_id = p15_card->prkey_info[0].file_id;
|
||||
senv.app_df_path = p15_card->file_app.path;
|
||||
i = sc_set_security_env(p15_card->card, &senv);
|
||||
if (i) {
|
||||
fprintf(stderr, "Security environment set failed: %s\n", sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
file = fopen("cryptogram", "r");
|
||||
if (file != NULL) {
|
||||
i = fread(buf, 1, sizeof(buf), file);
|
||||
c = sc_decipher(card, buf, i, buf2, sizeof(buf2));
|
||||
if (c < 0) {
|
||||
fprintf(stderr, "Decipher failed: (%d) %s\n", c, sc_strerror(c));
|
||||
} else {
|
||||
printf("Decrypted payload: ");
|
||||
for (i = 0; i < c; i++) {
|
||||
printf("%02X ", buf2[i]);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(file);
|
||||
file = fopen("decrypted.dat", "w");
|
||||
fwrite(buf2, c, 1, file);
|
||||
fclose(file);
|
||||
senv.signature = 0;
|
||||
senv.algorithm_ref = 0x02;
|
||||
senv.key_ref = 0;
|
||||
senv.key_file_id = p15_card->prkey_info[0].file_id;
|
||||
senv.app_df_path = p15_card->file_app.path;
|
||||
i = sc_set_security_env(p15_card->card, &senv);
|
||||
if (i) {
|
||||
fprintf(stderr, "Security environment set failed: %s\n",
|
||||
sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
file = fopen("cryptogram", "r");
|
||||
if (file != NULL) {
|
||||
i = fread(buf, 1, sizeof(buf), file);
|
||||
c = sc_decipher(card, buf, i, buf2, sizeof(buf2));
|
||||
if (c < 0) {
|
||||
fprintf(stderr, "Decipher failed: (%d) %s\n", c,
|
||||
sc_strerror(c));
|
||||
} else {
|
||||
printf("Decrypted payload: ");
|
||||
for (i = 0; i < c; i++) {
|
||||
printf("%02X ", buf2[i]);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(file);
|
||||
file = fopen("decrypted.dat", "w");
|
||||
fwrite(buf2, c, 1, file);
|
||||
fclose(file);
|
||||
}
|
||||
} else {
|
||||
printf("File 'cryptogram' not found, not decrypting.\n");
|
||||
}
|
||||
} else {
|
||||
printf("File 'cryptogram' not found, not decrypting.\n");
|
||||
}
|
||||
#endif
|
||||
#if DO_SIGN
|
||||
senv.signature = 1;
|
||||
senv.algorithm_ref = 0x02;
|
||||
senv.key_ref = 0;
|
||||
senv.key_file_id = p15_card->prkey_info[0].file_id;
|
||||
senv.app_df_path = p15_card->file_app.path;
|
||||
i = sc_set_security_env(p15_card->card, &senv);
|
||||
if (i) {
|
||||
fprintf(stderr, "Security environment set failed: %s\n", sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
file = fopen("input", "r");
|
||||
if (file != NULL) {
|
||||
i = fread(buf, 1, sizeof(buf), file);
|
||||
SCardSetTimeout(ctx->pcsc_ctx, 15000);
|
||||
c = sc_compute_signature(card, buf, i, buf2, sizeof(buf2));
|
||||
if (c < 0) {
|
||||
fprintf(stderr, "Signing failed: (%d) %s\n", c, sc_strerror(c));
|
||||
} else {
|
||||
printf("Signed payload: ");
|
||||
for (i = 0; i < c; i++) {
|
||||
printf("%02X ", buf2[i]);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(file);
|
||||
file = fopen("signed.dat", "w");
|
||||
fwrite(buf2, c, 1, file);
|
||||
fclose(file);
|
||||
senv.signature = 1;
|
||||
senv.algorithm_ref = 0x02;
|
||||
senv.key_ref = 0;
|
||||
senv.key_file_id = p15_card->prkey_info[0].file_id;
|
||||
senv.app_df_path = p15_card->file_app.path;
|
||||
i = sc_set_security_env(p15_card->card, &senv);
|
||||
if (i) {
|
||||
fprintf(stderr, "Security environment set failed: %s\n",
|
||||
sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
file = fopen("input", "r");
|
||||
if (file != NULL) {
|
||||
i = fread(buf, 1, sizeof(buf), file);
|
||||
SCardSetTimeout(ctx->pcsc_ctx, 15000);
|
||||
c = sc_compute_signature(card, buf, i, buf2, sizeof(buf2));
|
||||
if (c < 0) {
|
||||
fprintf(stderr, "Signing failed: (%d) %s\n", c,
|
||||
sc_strerror(c));
|
||||
} else {
|
||||
printf("Signed payload: ");
|
||||
for (i = 0; i < c; i++) {
|
||||
printf("%02X ", buf2[i]);
|
||||
}
|
||||
printf("\n");
|
||||
fclose(file);
|
||||
file = fopen("signed.dat", "w");
|
||||
fwrite(buf2, c, 1, file);
|
||||
fclose(file);
|
||||
}
|
||||
} else {
|
||||
printf("File 'input' not found, not signing.\n");
|
||||
}
|
||||
} else {
|
||||
printf("File 'input' not found, not signing.\n");
|
||||
}
|
||||
#endif
|
||||
#if DO_CERT_ENUM
|
||||
i = sc_pkcs15_enum_certificates(p15_card);
|
||||
if (i < 0) {
|
||||
fprintf(stderr, "Certificate enumeration failed: %s\n", sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
printf("%d certificates found.\n", i);
|
||||
i = sc_pkcs15_enum_certificates(p15_card);
|
||||
if (i < 0) {
|
||||
fprintf(stderr, "Certificate enumeration failed: %s\n",
|
||||
sc_strerror(i));
|
||||
return 1;
|
||||
}
|
||||
printf("%d certificates found.\n", i);
|
||||
#endif
|
||||
#if DO_CERT_READ
|
||||
for (i = 0; i < p15_card->cert_count; i++) {
|
||||
char fname[16];
|
||||
for (i = 0; i < p15_card->cert_count; i++) {
|
||||
char fname[16];
|
||||
u8 *certbuf;
|
||||
|
||||
sc_pkcs15_print_cert_info(&p15_card->cert_info[i]);
|
||||
sc_pkcs15_print_cert_info(&p15_card->cert_info[i]);
|
||||
|
||||
strcpy(fname, "cert-");
|
||||
sprintf(fname+5, "%02X", p15_card->cert_info[i].id.value[0]);
|
||||
file = fopen(fname, "r");
|
||||
if (file == NULL) {
|
||||
strcpy(fname, "cert-");
|
||||
sprintf(fname + 5, "%02X",
|
||||
p15_card->cert_info[i].id.value[0]);
|
||||
file = fopen(fname, "w");
|
||||
c = sc_pkcs15_read_certificate(p15_card, &p15_card->cert_info[i],
|
||||
&certbuf);
|
||||
if (c < 0) {
|
||||
fprintf(stderr, "Certificate read failed.\n");
|
||||
return 1;
|
||||
if (file != NULL) {
|
||||
c = sc_pkcs15_read_certificate(p15_card,
|
||||
&p15_card->cert_info[i],
|
||||
&certbuf);
|
||||
if (c < 0) {
|
||||
fprintf(stderr,
|
||||
"Certificate read failed.\n");
|
||||
return 1;
|
||||
}
|
||||
sc_asn1_print_tags(certbuf, c);
|
||||
printf("Dumping certificate to file '%s' (%d bytes)\n",
|
||||
fname, c);
|
||||
fwrite(certbuf, c, 1, file);
|
||||
free(certbuf);
|
||||
fclose(file);
|
||||
}
|
||||
printf("Dumping certificate to file '%s' (%d bytes)\n", fname, c);
|
||||
fwrite(certbuf, c, 1, file);
|
||||
free(certbuf);
|
||||
}
|
||||
fclose(file);
|
||||
}
|
||||
#endif
|
||||
printf("Cleaning up...\n");
|
||||
i = sc_pkcs15_destroy(p15_card);
|
||||
sc_disconnect_card(card);
|
||||
sc_destroy_context(ctx);
|
||||
|
||||
return 0;
|
||||
printf("Cleaning up...\n");
|
||||
i = sc_pkcs15_destroy(p15_card);
|
||||
sc_disconnect_card(card);
|
||||
sc_destroy_context(ctx);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue