md: config option 'use GUID as crypto object's label'

2013-12-29 12:46:51 +01:00 · 2013-12-29 12:46:51 +01:00 · f7a9ac90e8
parent f71e241f03
commit f7a9ac90e8
1 changed files with 62 additions and 5 deletions
--- a/src/minidriver/minidriver.c
+++ b/src/minidriver/minidriver.c
@ -169,6 +169,8 @@ typedef struct _VENDOR_SPECIFIC
 #define MD_STATIC_FLAG_SUPPORTS_X509_ENROLLMENT	2
 #define MD_STATIC_FLAG_CONTEXT_DELETED		4
 #define MD_STATIC_FLAG_GUID_AS_ID		8
+#define MD_STATIC_FLAG_GUID_AS_LABEL		16
+
 #define MD_STATIC_PROCESS_ATTACHED		0xA11AC4EDL
 struct md_opensc_static_data {
 	unsigned flags, flags_checked;
@ -469,9 +471,10 @@ md_is_supports_X509_enrollment(PCARD_DATA pCardData)
 	return ret;
 }

-/* Get know if the ID of crypto objects has to be set to GUID */
+
+/* Get know if the GUID has to used as ID of crypto objects */
 static BOOL
-md_is_id_as_guid(PCARD_DATA pCardData)
+md_is_guid_as_id(PCARD_DATA pCardData)
 {
 	VENDOR_SPECIFIC *vs;
 	BOOL ret = FALSE;
@ -494,7 +497,7 @@ md_is_id_as_guid(PCARD_DATA pCardData)
 		loghex(pCardData, 3, vs->reader->atr.value, vs->reader->atr.len);

 		if (atrblock)
-			if (scconf_get_bool(atrblock, "md_id_as_guid", 0))
+			if (scconf_get_bool(atrblock, "md_guid_as_id", 0))
 				ret = TRUE;
 	}

@ -511,6 +514,48 @@ md_is_id_as_guid(PCARD_DATA pCardData)
 }


+/* Get know if the GUID has to used as label of crypto objects */
+static BOOL
+md_is_guid_as_label(PCARD_DATA pCardData)
+{
+	VENDOR_SPECIFIC *vs;
+	BOOL ret = FALSE;
+
+	if (!pCardData)
+		return FALSE;
+
+	logprintf(pCardData, 2, "Is GUID has to be used as label of crypto objects?\n");
+	if (md_static_data.flags_checked & MD_STATIC_FLAG_GUID_AS_LABEL)   {
+		ret = (md_static_data.flags & MD_STATIC_FLAG_GUID_AS_LABEL) ? TRUE : FALSE;
+		logprintf(pCardData, 2, "Returns checked flag: %s\n", ret ? "TRUE" : "FALSE");
+		return ret;
+	}
+
+	vs = pCardData->pvVendorSpecific;
+	if (vs->ctx && vs->reader)   {
+		/* TODO: use atr from pCardData */
+		scconf_block *atrblock = _sc_match_atr_block(vs->ctx, NULL, &vs->reader->atr);
+		logprintf(pCardData, 2, "Match ATR:\n");
+		loghex(pCardData, 3, vs->reader->atr.value, vs->reader->atr.len);
+
+		if (atrblock)
+			if (scconf_get_bool(atrblock, "md_guid_as_label", 0))
+				ret = TRUE;
+	}
+
+	md_static_data.flags_checked |= MD_STATIC_FLAG_GUID_AS_LABEL;
+	if (ret == TRUE)
+		md_static_data.flags |= MD_STATIC_FLAG_GUID_AS_LABEL;
+	else
+		md_static_data.flags &= ~MD_STATIC_FLAG_GUID_AS_LABEL;
+
+	logprintf(pCardData, 2, "Returns GUID-as-LABEL '%s', static flags %X/%X\n",
+			ret ? "TRUE" : "FALSE",
+			md_static_data.flags, md_static_data.flags_checked);
+	return ret;
+}
+
+
 /* Check if specified PIN has been verified */
 static BOOL
 md_is_pin_set(PCARD_DATA pCardData, DWORD role)
@ -1767,7 +1812,7 @@ md_pkcs15_generate_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, DWORD ke
 		keygen_args.prkey_args.guid_len = strlen(cont->guid);
 	}

-	if (md_is_id_as_guid(pCardData))  {
+	if (md_is_guid_as_id(pCardData))  {
 		if (strlen(cont->guid) > sizeof(keygen_args.prkey_args.id.value))   {
 			logprintf(pCardData, 3, "MdGenerateKey(): cannot set ID -- invalid GUID length\n");
 			goto done;
@ -1778,6 +1823,11 @@ md_pkcs15_generate_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, DWORD ke
 		logprintf(pCardData, 3, "MdGenerateKey(): use ID:%s\n", sc_pkcs15_print_id(&keygen_args.prkey_args.id));
 	}

+	if (md_is_guid_as_label(pCardData))  {
+		keygen_args.prkey_args.label =  cont->guid;
+		logprintf(pCardData, 3, "MdGenerateKey(): use label '%s'\n", keygen_args.prkey_args.label);
+	}
+
 	rv = sc_pkcs15init_generate_key(vs->p15card, profile, &keygen_args, key_size, &cont->prkey_obj);
 	if (rv < 0) {
 		logprintf(pCardData, 3, "MdGenerateKey(): key generation failed: sc-error %i\n", rv);
@ -1811,6 +1861,7 @@ md_pkcs15_store_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, BYTE *blob,
 	struct md_pkcs15_container *cont = NULL;
 	struct sc_pkcs15init_prkeyargs prkey_args;
 	struct sc_pkcs15init_pubkeyargs pubkey_args;
+	char *label = NULL;
 	BYTE *ptr = blob;
 	EVP_PKEY *pkey=NULL;
 	int rv;
@ -1894,7 +1945,7 @@ md_pkcs15_store_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, BYTE *blob,
 		prkey_args.guid_len = strlen(cont->guid);
 	}

-	if (md_is_id_as_guid(pCardData))  {
+	if (md_is_guid_as_id(pCardData))  {
 		if (strlen(cont->guid) > sizeof(prkey_args.id.value))   {
 			logprintf(pCardData, 3, "MdStoreKey(): cannot set ID -- invalid GUID length\n");
 			goto done;
@ -1909,6 +1960,12 @@ md_pkcs15_store_key(PCARD_DATA pCardData, DWORD idx, DWORD key_type, BYTE *blob,
 		logprintf(pCardData, 3, "MdStoreKey(): use ID:%s\n", sc_pkcs15_print_id(&prkey_args.id));
 	}

+	if (md_is_guid_as_label(pCardData))  {
+		prkey_args.label =  cont->guid;
+		pubkey_args.label =  cont->guid;
+		logprintf(pCardData, 3, "MdStoreKey(): use label '%s'\n", prkey_args.label);
+	}
+
 	rv = sc_pkcs15init_store_private_key(vs->p15card, profile, &prkey_args, &cont->prkey_obj);
 	if (rv < 0) {
 		logprintf(pCardData, 3, "MdStoreKey(): private key store failed: sc-error %i\n", rv);