added:
- certificate parsing - support for reading RSA public key modulus on the fly - support for ASN.1 object id decoding and printing - fixed a lot of u8 * --> const u8 * git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@28 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
2a981ac02c
commit
f43f23050c
@ -122,6 +122,7 @@ CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
|
||||
}
|
||||
pInfo->hardwareVersion.major = 1;
|
||||
pInfo->firmwareVersion.major = 1;
|
||||
LOG("C_GetSlotInfo() ret: flags %X\n", pInfo->flags);
|
||||
|
||||
return CKR_OK;
|
||||
}
|
||||
@ -149,8 +150,9 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
|
||||
strncpy(pInfo->serialNumber, slot[slotID].p15card->serial_number, 16);
|
||||
pInfo->serialNumber[15] = 0;
|
||||
|
||||
pInfo->flags = CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED;
|
||||
pInfo->ulMaxSessionCount = 1; /* opened in exclusive mode */
|
||||
pInfo->flags = CKF_USER_PIN_INITIALIZED | CKF_LOGIN_REQUIRED;
|
||||
// pInfo->ulMaxSessionCount = 1; /* opened in exclusive mode */
|
||||
pInfo->ulMaxSessionCount = 0; /* FIXME */
|
||||
pInfo->ulSessionCount = 0;
|
||||
pInfo->ulMaxRwSessionCount = 1;
|
||||
pInfo->ulRwSessionCount = 0;
|
||||
@ -179,8 +181,9 @@ CK_RV C_GetMechanismList(CK_SLOT_ID slotID,
|
||||
CK_ULONG_PTR pulCount)
|
||||
{
|
||||
static const CK_MECHANISM_TYPE mechanism_list[] = {
|
||||
//CKM_RSA_PKCS,
|
||||
//CKM_RSA_X_509
|
||||
CKM_RSA_PKCS,
|
||||
CKM_RSA_X_509,
|
||||
CKM_SHA1_RSA_PKCS,
|
||||
};
|
||||
const int numMechanisms = sizeof(mechanism_list) / sizeof(mechanism_list[0]);
|
||||
|
||||
@ -218,5 +221,3 @@ CK_RV C_InitToken(CK_SLOT_ID slotID,
|
||||
LOG("C_InitToken(%d, '%s', %d, '%s')\n", slotID, pPin, ulPinLen, pLabel);
|
||||
return CKR_FUNCTION_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
|
||||
|
@ -83,6 +83,8 @@ CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession, /* the session's handle */
|
||||
pInfo->state = ses->state;
|
||||
pInfo->flags = ses->flags;
|
||||
pInfo->ulDeviceError = 0;
|
||||
LOG("C_GetSessionInfo() ret: slotID = %d, state %ld, flags 0x%X\n",
|
||||
pInfo->slotID, pInfo->state, pInfo->flags);
|
||||
|
||||
return CKR_OK;
|
||||
}
|
||||
|
@ -2,30 +2,6 @@
|
||||
#include <malloc.h>
|
||||
#include "sc-pkcs11.h"
|
||||
|
||||
static CK_BYTE modulus[] =
|
||||
#if 1
|
||||
"\x00\xdd\x7e\x8d\x0c\x62\x31\x6e\xb7\x8f\x59\xa2\xd5\x93\x29"
|
||||
"\xd5\xe8\x5d\xdb\x28\x1a\x63\xfb\x36\x94\x69\x8e\x0a\xf4\xb5"
|
||||
"\xf5\xb7\x43\xb8\xce\xaf\x95\x6f\x5b\xfc\x4f\x59\xc2\xda\xcf"
|
||||
"\x1c\x59\x9b\x55\xb6\xe8\x42\x26\xc5\x8d\x67\x86\xf0\x65\xff"
|
||||
"\xbe\x65\x9b\x7a\x46\xde\x94\xb0\xb0\xda\x46\x6e\x55\x84\xed"
|
||||
"\xef\x74\xf7\x1f\xb3\x92\x02\xe5\x9a\xb9\x7a\xfe\xe7\x00\x9f"
|
||||
"\x6f\x66\x02\xf8\x99\xb5\xca\x6f\x09\x1a\x08\xeb\x7a\xfd\xea"
|
||||
"\x88\x37\xc2\xf4\xc5\x79\xa4\xcf\x86\x78\xf2\x56\x82\x99\x60"
|
||||
"\x8b\x49\xf7\x9c\xf4\x01\xc2\xd3\xdd";
|
||||
#else
|
||||
"\x00\xba\xb3\xc3\x65\xfb\xab\xd3\x4f\xf1\xe8\x72\xb8\xaa\x48"
|
||||
"\x6a\x82\x31\x43\xc9\x3e\xe6\xff\x6b\xb6\x0e\xa3\x82\xb4\xda"
|
||||
"\x3f\xed\xa6\x0b\xbc\xf2\xd3\xad\x53\x88\x88\x14\x14\x3f\x2b"
|
||||
"\x24\x8d\xd7\x3f\x4b\xb3\xe6\xc1\xb9\xb1\x4d\x3a\x10\xc4\x65"
|
||||
"\xdc\xe2\xa1\x27\xd2\x8f\xb2\x67\x54\x34\x73\x53\xeb\xec\x84"
|
||||
"\xab\xdd\xc1\x76\xc9\x73\x49\x4c\x7c\x18\x98\xd3\x40\xc4\x1c"
|
||||
"\xfd\x0d\x6b\xae\xb7\x9f\x44\xc6\x0a\x5a\x89\x91\xb8\x6e\x20"
|
||||
"\x38\x2b\xff\x42\xf7\xfe\x95\xc0\x1f\xa5\xca\x07\x2e\x4a\xb0"
|
||||
"\x9c\x07\x60\x02\x61\xe1\x8b\x25\x01";
|
||||
#endif
|
||||
|
||||
|
||||
void set_attribute(CK_ATTRIBUTE_PTR attr, CK_OBJECT_CLASS oc, void *ptr, int len)
|
||||
{
|
||||
attr->type = oc;
|
||||
@ -59,7 +35,8 @@ int slot_add_object(int id, int token_id, CK_ATTRIBUTE_PTR object, int num_attrs
|
||||
return CKR_OK;
|
||||
}
|
||||
|
||||
int slot_add_private_key_object(int id, int token_id, struct sc_pkcs15_prkey_info *key)
|
||||
int slot_add_private_key_object(int id, int token_id, struct sc_pkcs15_prkey_info *key,
|
||||
struct sc_pkcs15_cert *cert)
|
||||
{
|
||||
static CK_OBJECT_CLASS key_class = CKO_PRIVATE_KEY;
|
||||
static CK_BBOOL btrue = 1;
|
||||
@ -71,23 +48,24 @@ int slot_add_private_key_object(int id, int token_id, struct sc_pkcs15_prkey_inf
|
||||
set_attribute(&object[2], CKA_ID, key->id.value, key->id.len);
|
||||
set_attribute(&object[3], CKA_TOKEN, &btrue, sizeof(btrue));
|
||||
set_attribute(&object[4], CKA_KEY_TYPE, &rsakey, sizeof(rsakey));
|
||||
set_attribute(&object[5], CKA_MODULUS, modulus, sizeof(modulus)-1);
|
||||
set_attribute(&object[5], CKA_MODULUS, cert->key.modulus, cert->key.modulus_len);
|
||||
|
||||
return slot_add_object(id, token_id, object, 6);
|
||||
}
|
||||
|
||||
int slot_add_certificate_object(int id, int token_id,
|
||||
struct sc_pkcs15_cert_info *cert,
|
||||
u8 *x509data, int x509length)
|
||||
struct sc_pkcs15_cert_info *info,
|
||||
struct sc_pkcs15_cert *cert)
|
||||
{
|
||||
static CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE;
|
||||
CK_ATTRIBUTE_PTR object = (CK_ATTRIBUTE_PTR) malloc(sizeof(CK_ATTRIBUTE) * 4);
|
||||
|
||||
set_attribute(&object[0], CKA_CLASS, &cert_class, sizeof(cert_class));
|
||||
set_attribute(&object[1], CKA_LABEL, cert->com_attr.label, strlen(cert->com_attr.label));
|
||||
set_attribute(&object[2], CKA_ID, cert->id.value, cert->id.len);
|
||||
set_attribute(&object[3], CKA_VALUE, x509data, x509length);
|
||||
|
||||
set_attribute(&object[1], CKA_LABEL, info->com_attr.label, strlen(info->com_attr.label));
|
||||
set_attribute(&object[2], CKA_ID, info->id.value, info->id.len);
|
||||
set_attribute(&object[3], CKA_VALUE, cert->data, cert->data_len);
|
||||
/* FIXME: save cert object */
|
||||
|
||||
return slot_add_object(id, token_id, object, 4);
|
||||
}
|
||||
|
||||
@ -95,7 +73,7 @@ int slot_connect(int id)
|
||||
{
|
||||
struct sc_card *card;
|
||||
struct sc_pkcs15_card *p15card;
|
||||
int r, c;
|
||||
int r, c, i;
|
||||
|
||||
r = sc_connect_card(ctx, id, &card);
|
||||
if (r) {
|
||||
@ -123,30 +101,34 @@ int slot_connect(int id)
|
||||
r = sc_pkcs15_enum_certificates(p15card);
|
||||
if (r < 0)
|
||||
return CKR_DEVICE_ERROR;
|
||||
|
||||
LOG("Found total of %d certificates.\n", r);
|
||||
for (c = 0; c < r; c++) {
|
||||
int len;
|
||||
u8 *buf;
|
||||
|
||||
LOG("Reading '%s' certificate.\n", p15card->cert_info[c].com_attr.label);
|
||||
len = sc_pkcs15_read_certificate(p15card, &p15card->cert_info[c], &buf);
|
||||
if (len < 0)
|
||||
return len;
|
||||
|
||||
LOG("Adding '%s' certificate object.\n", p15card->cert_info[c].com_attr.label);
|
||||
slot_add_certificate_object(id, c, &p15card->cert_info[c],
|
||||
buf, len);
|
||||
}
|
||||
LOG("Found total of %d certificates.\n", p15card->cert_count);
|
||||
|
||||
r = sc_pkcs15_enum_private_keys(p15card);
|
||||
if (r < 0)
|
||||
return CKR_DEVICE_ERROR;
|
||||
LOG("Found total of %d private keys.\n", p15card->prkey_count);
|
||||
|
||||
LOG("Found total of %d private keys.\n", r);
|
||||
for (c = 0; c < r; c++) {
|
||||
LOG("Adding '%s' private key object.\n", p15card->prkey_info[c].com_attr.label);
|
||||
slot_add_private_key_object(id, c, &p15card->prkey_info[c]);
|
||||
for (c = 0; c < p15card->cert_count; c++) {
|
||||
struct sc_pkcs15_cert *cert;
|
||||
struct sc_pkcs15_cert_info *cinfo = &p15card->cert_info[c];
|
||||
|
||||
// if (cinfo->authority)
|
||||
// continue;
|
||||
LOG("Reading '%s' certificate.\n", cinfo->com_attr.label);
|
||||
r = sc_pkcs15_read_certificate(p15card, cinfo, &cert);
|
||||
if (r)
|
||||
return r;
|
||||
LOG("Adding '%s' certificate object (id %X).\n",
|
||||
cinfo->com_attr.label, cinfo->id);
|
||||
slot_add_certificate_object(id, c, cinfo, cert);
|
||||
for (i = 0; i < p15card->prkey_count; i++) {
|
||||
struct sc_pkcs15_prkey_info *pinfo = &p15card->prkey_info[i];
|
||||
if (sc_pkcs15_compare_id(&cinfo->id, &pinfo->id)) {
|
||||
LOG("Adding '%s' private key object (id %X).\n",
|
||||
pinfo->com_attr.label, pinfo->id);
|
||||
slot_add_private_key_object(id, i, pinfo, cert);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return CKR_OK;
|
||||
|
@ -14,10 +14,10 @@ struct sc_card *card = NULL;
|
||||
struct sc_pkcs15_card *p15_card = NULL;
|
||||
|
||||
#define DO_PRKEY_ENUM 1
|
||||
#define DO_PIN_ENUM 1
|
||||
#define DO_PIN_VERIFY 1
|
||||
#define DO_DECIPHER 1
|
||||
#define DO_SIGN 1
|
||||
#define DO_PIN_ENUM 0
|
||||
#define DO_PIN_VERIFY 0
|
||||
#define DO_DECIPHER 0
|
||||
#define DO_SIGN 0
|
||||
#define DO_CERT_ENUM 1
|
||||
#define DO_CERT_READ 1
|
||||
|
||||
@ -88,9 +88,12 @@ int main(int argc, char **argv)
|
||||
u8 buf[256], buf2[256];
|
||||
struct sc_security_env senv;
|
||||
FILE *file;
|
||||
struct sc_object_id oid;
|
||||
|
||||
int i, c;
|
||||
|
||||
sc_asn1_decode_object_id("\x2a\x86\x48\x86\xf7\x0d", 6, &oid);
|
||||
|
||||
i = sc_establish_context(&ctx);
|
||||
if (i < 0) {
|
||||
printf("sc_establish_context() failed (%d)\n", i);
|
||||
@ -228,7 +231,7 @@ int main(int argc, char **argv)
|
||||
#if DO_CERT_READ
|
||||
for (i = 0; i < p15_card->cert_count; i++) {
|
||||
char fname[16];
|
||||
u8 *certbuf;
|
||||
struct sc_pkcs15_cert *cert;
|
||||
|
||||
sc_pkcs15_print_cert_info(&p15_card->cert_info[i]);
|
||||
|
||||
@ -239,17 +242,16 @@ int main(int argc, char **argv)
|
||||
if (file != NULL) {
|
||||
c = sc_pkcs15_read_certificate(p15_card,
|
||||
&p15_card->cert_info[i],
|
||||
&certbuf);
|
||||
if (c < 0) {
|
||||
&cert);
|
||||
if (c) {
|
||||
fprintf(stderr,
|
||||
"Certificate read failed.\n");
|
||||
return 1;
|
||||
}
|
||||
sc_asn1_print_tags(certbuf, c);
|
||||
printf("Dumping certificate to file '%s' (%d bytes)\n",
|
||||
fname, c);
|
||||
fwrite(certbuf, c, 1, file);
|
||||
free(certbuf);
|
||||
fname, cert->data_len);
|
||||
fwrite(cert->data, cert->data_len, 1, file);
|
||||
sc_pkcs15_free_certificate(cert);
|
||||
fclose(file);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user