giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
5,189 Commits 1 Branch 30 Tags 20 MiB
Commit Graph

189 Commits

Author SHA1 Message Date
Anthony Foiani f63135afab tools: check return value after each call. 
It seems that this suffered some copy and paste damage at some point.
Change so that we check each return value immediately after the API
call.

Signed-Off-By: Anthony Foiani <anthony.foiani@gmail.com>
 2012-11-20 08:46:27 +01:00
Andreas Schwier fba298c6f4 pksc11: Added ability to indicate hardware and firmware version information at PKCS#11 interface 2012-10-21 15:51:55 +02:00
Andreas Schwier 1619a42375 ecc: Adding more curves 2012-10-01 13:04:02 +02:00
Andreas Schwier 02fe6d474b pkcs11-tool: Fixed issue with ID increment failing on constant data 2012-10-01 13:04:01 +02:00
Viktor Tarasov 628ead7e41 pkcs11-tool: suppress warnings about the missing attributes 
when showing an object  do not print warnings about missing 'uncommon' attributes
 2012-09-24 11:51:04 +02:00
Viktor Tarasov 58b4304957 libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures 
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....

(*)
This bug reported by Andreas Schwier :
8e75d971cb (commitcomment-1792477)

In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
 2012-09-06 10:47:29 +02:00
Andreas Schwier 0fa6e7f977 pkcs11-tool: Added CKM_SHA256_RSA_PKCS to tests in test_signatures 2012-08-20 11:22:02 +02:00
Andreas Schwier efb4673ec8 Revert change to pkcs11-tool because of upstream changes in RSA signature tests 
Fixed a typo that went undetected
 2012-08-20 11:22:02 +02:00
Viktor Tarasov 8e8acf1ff6 pkcs11-tool: implement 'find mechanism from the given list' 
and use it when testing signature
 2012-08-20 11:22:02 +02:00
Andreas Schwier f678b68650 Activated ECDSA for SmartCard-HSM 
Fixed issues in pkcs11-tool/test_signature is card has RSA and ECDSA keys
Fixed bug in sc_pkcs11_signature_size that returns the wrong ECDSA signature size
 2012-08-20 11:22:02 +02:00
Viktor Tarasov cb54ebf747 pkcs11: #371: Public key create template should not include CKA_MODULUS_BITS 
Thanks to 'z22' and Martin.
 2012-08-16 16:00:35 +02:00
Viktor Tarasov 7e42c6d97d pkcs11-tool: #407: on Windows use O_BINARY open file mode 
https://www.opensc-project.org/opensc/ticket/407
http://msdn.microsoft.com/en-us/library/ee2849wt%28v=VS.71%29.aspx
 2012-08-15 23:15:06 +02:00
Viktor Tarasov dfbc3996bf pkcs11: #439: 'SEQUENCE' of 'SET' issue when comparing cert attributes 
Thanks to 'crank'.
https://www.opensc-project.org/opensc/ticket/439

Some pkcs11 callers (i.e. netscape) will pass in the ASN.1 encoded SEQUENCE OF SET,
while OpenSC just keeps the SET in the issuer/subject field.
 2012-08-15 19:59:09 +02:00
Viktor Tarasov 25f7bc5ac5 pkcs11-tool: implement 'find mechanism from the given list' 
and use it when testing signature
 2012-08-13 11:34:01 +02:00
Viktor Tarasov 2cff47d9b3 pkcs11-tool: support for secret-key objects 
support of 'secret-key' objects
key conversion procedures are now in libopensc library
change name for OPENSC NON-REPUDIATION CKA attribute
 2012-06-02 18:25:23 +02:00
Peter Marschall 367ebd94d4 tools: allow arguments to be printed in usage message 
Extend util_print_usage_and_die() by a string argument that describes
further arguments to the program.

1st user: opensc-explorer
 2012-05-30 09:39:12 +02:00
Viktor Tarasov cb13633634 remove trailing whitespaces 
inspired by
http://www.opensc-project.org/pipermail/opensc-devel/2012-March/017883.html

Change-Id: If170e830d8d9587a31742feffb6fff54cfdf75b4
 2012-04-03 00:00:56 +02:00
andre 8a5961e970 pkcs11-tool.c: At least CKS_RO_PUBLIC_SESSION is needed. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5563 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-06-08 08:50:42 +00:00
vtarasov a479c368a6 pkcs11-tool: allow non-interactive change of User/SO PIN 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5543 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-06-02 19:20:11 +00:00
vtarasov 3095f5479f pkcs11-tool: resolve compiler warning '"OPENSSL_VERSION_NUMBER" is not defined', thanks to Ludovic 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5536 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-06-02 17:12:12 +00:00
andre 31a56bb374 pkcs11-tool.c: Remove useless parameter 'slot' from a lot of function prototypes. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5533 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-06-01 18:51:26 +00:00
vtarasov 185e3f8259 pkcs11-tool: replace 'slot-label' argument with the two new ones -- 'slot-description' and 'token-label'... 
the main difference between 'slot-description' and 'token-label' is that 
the first one is unique in any case, 
the second one can be the same for more then one slots.


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5528 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-05-30 14:47:50 +00:00
vtarasov 8931231396 pkcs11-tool: show CKA_VALUE of the GOST public key object 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5527 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-05-30 13:28:16 +00:00
vtarasov 4d2428378d pkcs11-tool: CKA_VALUE of imported GOST key has to be presented in the little endian order 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5518 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-05-29 17:55:26 +00:00
andre 4a2dfa6822 pkcs11-tool.c: In function ‘sign_data’: 
pkcs11-tool.c:1253: warning: comparison between signed and unsigned
pkcs11-tool.c: In function ‘write_object’:
pkcs11-tool.c:1777: warning: unused variable ‘type’


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5505 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-05-27 09:24:09 +00:00
vtarasov dd30eb1905 pkcs11-tool: import GOST key; key to import in DER or PEM format 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5465 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-05-22 10:52:44 +00:00
vtarasov cb39b2dcc9 pkcs11-tool: when doing signature try at first the procedure for the short input data ... 
Not all PKCS#11 driver support the C_SignUpdate. 
So, for the short data begin with procedure "C_SignInit & C_Sign".
If no success, try to applicate the procedure "C_SignInit & C_SignUpdate & ... & C_SignFinal".


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5458 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-05-22 07:13:09 +00:00
martin 6277099a27 pkcs11-tool: correct typos about --login-type option, change id -> ID in help texts. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5448 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-05-17 13:27:13 +00:00
martin 18baf42780 pkcs11-tool: move --module to the first position in help text and make it mandatory. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5447 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-05-17 13:27:09 +00:00
andre 85b40a553c pkcs11-tool.c:54: warning: missing initializer 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5425 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-05-04 16:45:51 +00:00
vtarasov e430fe9d87 pkcs11-tool: add test procedure for EC keys ... 
... for a while it includes key generation and data signing.


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5383 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-04-21 16:18:23 +00:00
vtarasov c2a87ae2b1 pkcs11-tool: prepare 'gen_keypair' procedure to generate also the EC keys ... 
... 'prime256v1' and 'secp384r1'


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5381 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-04-21 14:29:51 +00:00
andre 9026ea6f3f pkcs11-tool.c: Avoid warning: 
pkcs11-tool.c:1978: warning: ‘getPUBLIC_EXPONENT’ defined but not used

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5374 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-04-19 13:03:49 +00:00
andre 6409755bea pkcs11-tool.c: Avoid warning: 
pkcs11-tool.c:2000: warning: comparison between signed and unsigned


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5363 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-04-19 09:18:12 +00:00
vtarasov e8f6a3e407 pkcs11-tool: now it's possible to show only the objects of a given type ... 
when 'type' option is used with the 'list-objects' actions


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5325 c6295689-39f2-0310-b995-f0e70906c6a9
 2011-04-11 13:00:57 +00:00
andre 02c4f1ec77 pkcs11-tool.c: Avoid compiler warning 'may be used uninitialized in this function'. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4968 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-12-18 00:44:12 +00:00
andre b7fad04e10 pkcs11-tool.c: Simplifies interface to show_key() and avoids more compiler warnings. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4967 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-12-17 23:02:03 +00:00
andre 548630971e pkcs11-tool: replaced OPENSSL_NO_EDSA with OPENSSL_NO_ECDSA 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4922 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-12-06 16:28:26 +00:00
martin b5f329ba7c tools: EC(DSA) requires OpenSSL >= 0.9.8. 
This fixes building for OS X 10.5.

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4918 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-12-06 14:41:15 +00:00
dengert b7f4537031 Test for OPENSSL_NO_EC as some systems build OPENSSL without EC. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4906 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-12-03 15:15:29 +00:00
dengert c2fe4609a9 Modifications to support EC and ECDSA for 
emulated cards. True PKCS#15 cards with EC 
will need additional changes. 

Main changes are in framework-pkcs15.c, mechanism.c,
padding.c, pkcs15-algo.c and pkcs15-sec.c 
where switch statements for key type, and testing
of flags was modified to make it easier to add 
additional key types in the future. 

The code was tested using RSA and ECDSA using a PIV card 
from pkcs11-tool, OpenSSL and Thunderbird with 
modifications to NSS-3.12.7 to get ECDSA to sign e-mail. 

Only named curves are supported for ECDSA, ECDH is still 
needed. pkcs11-tool has only minimal changes need to work 
with the -O option to list EC keys. 

One additional line was added to pkcs15-sec.c which 
should get GOSTR sign to work. 

libp11 and engine do not yet have EC support. 

 --This line, and those below, will be ignored--

M    src/tools/piv-tool.c
M    src/tools/pkcs11-tool.c
M    src/pkcs11/framework-pkcs15.c
M    src/pkcs11/mechanism.c
M    src/pkcs11/pkcs11-object.c
M    src/libopensc/pkcs15-prkey.c
M    src/libopensc/card-piv.c
M    src/libopensc/padding.c
M    src/libopensc/cardctl.h
M    src/libopensc/pkcs15-algo.c
M    src/libopensc/libopensc.exports
M    src/libopensc/pkcs15-piv.c
M    src/libopensc/pkcs15-sec.c


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4904 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-12-01 20:08:42 +00:00
andre fd11c909bd pkcs11-tool: Completing the output of "Mechanism Information Flags". 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4885 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-11-28 23:46:12 +00:00
andre 146041fcee pkcs11-tool: Correcting the behaviour in the case where C_SignUpdate fails. Quotation from PKCS#11: 
"A call to C_SignUpdate which results in an error terminates the current signature operation."

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4884 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-11-28 22:16:50 +00:00
andre b63a601666 pkcs11-tool: Use attributes MODULUS and PUBLIC_EXPONENT instead of VALUE to retrieve RSA-Public-Key. The first two attributes are valid whereas the latter is not. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4883 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-11-28 18:09:30 +00:00
andre bcef13cfd2 In login() the flag CKF_LOGIN_REQUIRED is now ignored. This makes the behaviour of login() more predictable. If parameter --login is specified on the command line, then C_Login() is always called.fixes #220 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4875 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-11-18 14:56:26 +00:00
martin 364ba4882d pkcs11-tool: handle non-recognized tokens gracefully. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4803 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-10-08 08:36:56 +00:00
martin fad0116fef pkcs11-tool: if no slot is specified on the command line, try to locate a slot with a token. 
A modified patch from Andre Zepezauer.

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4802 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-10-08 08:36:48 +00:00
martin f339f9ba77 pkcs11-tool: only do hotplug testing before other activities. 
Thanks to Andre Zepezauer for noticing.

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4765 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-09-24 07:24:43 +00:00
martin 3202355fa3 pkcs11-tool: print the token before asking for a PIN code; shorten CKU_CONTEXT_SPECIFIC prompt 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4751 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-09-21 16:11:49 +00:00
martin 01931d6794 pkcs11-tool: do --test even without a slot, at least hotplug. print a proper error name for C_GetSlotInfo 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4750 c6295689-39f2-0310-b995-f0e70906c6a9
 2010-09-21 16:11:44 +00:00