Anthony Foiani
f63135afab
tools: check return value after each call.
...
It seems that this suffered some copy and paste damage at some point.
Change so that we check each return value immediately after the API
call.
Signed-Off-By: Anthony Foiani <anthony.foiani@gmail.com>
2012-11-20 08:46:27 +01:00
Andreas Schwier
fba298c6f4
pksc11: Added ability to indicate hardware and firmware version information at PKCS#11 interface
2012-10-21 15:51:55 +02:00
Andreas Schwier
1619a42375
ecc: Adding more curves
2012-10-01 13:04:02 +02:00
Andreas Schwier
02fe6d474b
pkcs11-tool: Fixed issue with ID increment failing on constant data
2012-10-01 13:04:01 +02:00
Viktor Tarasov
628ead7e41
pkcs11-tool: suppress warnings about the missing attributes
...
when showing an object do not print warnings about missing 'uncommon' attributes
2012-09-24 11:51:04 +02:00
Viktor Tarasov
58b4304957
libopensc: 'init', 'format', 'compare', 'is-valid' OID procedures
...
In a reason of number of bugs(*) that concern the OID management,
the general usage OID procedures 'init', 'format', 'compare', 'is-valid' are introduced.
These procedures should be used by all actors: libopensc, pkcs15, pkcs11, tools, ....
(*)
This bug reported by Andreas Schwier :
8e75d971cb (commitcomment-1792477)
In pkcs15-algo sc_asn1_get_algorithm_info() can return the OID without ending '-1's:
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L452
https://github.com/OpenSC/OpenSC/blob/staging/src/libopensc/pkcs15-algo.c#L459
2012-09-06 10:47:29 +02:00
Andreas Schwier
0fa6e7f977
pkcs11-tool: Added CKM_SHA256_RSA_PKCS to tests in test_signatures
2012-08-20 11:22:02 +02:00
Andreas Schwier
efb4673ec8
Revert change to pkcs11-tool because of upstream changes in RSA signature tests
...
Fixed a typo that went undetected
2012-08-20 11:22:02 +02:00
Viktor Tarasov
8e8acf1ff6
pkcs11-tool: implement 'find mechanism from the given list'
...
and use it when testing signature
2012-08-20 11:22:02 +02:00
Andreas Schwier
f678b68650
Activated ECDSA for SmartCard-HSM
...
Fixed issues in pkcs11-tool/test_signature is card has RSA and ECDSA keys
Fixed bug in sc_pkcs11_signature_size that returns the wrong ECDSA signature size
2012-08-20 11:22:02 +02:00
Viktor Tarasov
cb54ebf747
pkcs11: #371 : Public key create template should not include CKA_MODULUS_BITS
...
Thanks to 'z22' and Martin.
2012-08-16 16:00:35 +02:00
Viktor Tarasov
7e42c6d97d
pkcs11-tool: #407 : on Windows use O_BINARY open file mode
...
https://www.opensc-project.org/opensc/ticket/407
http://msdn.microsoft.com/en-us/library/ee2849wt%28v=VS.71%29.aspx
2012-08-15 23:15:06 +02:00
Viktor Tarasov
dfbc3996bf
pkcs11: #439 : 'SEQUENCE' of 'SET' issue when comparing cert attributes
...
Thanks to 'crank'.
https://www.opensc-project.org/opensc/ticket/439
Some pkcs11 callers (i.e. netscape) will pass in the ASN.1 encoded SEQUENCE OF SET,
while OpenSC just keeps the SET in the issuer/subject field.
2012-08-15 19:59:09 +02:00
Viktor Tarasov
25f7bc5ac5
pkcs11-tool: implement 'find mechanism from the given list'
...
and use it when testing signature
2012-08-13 11:34:01 +02:00
Viktor Tarasov
2cff47d9b3
pkcs11-tool: support for secret-key objects
...
support of 'secret-key' objects
key conversion procedures are now in libopensc library
change name for OPENSC NON-REPUDIATION CKA attribute
2012-06-02 18:25:23 +02:00
Peter Marschall
367ebd94d4
tools: allow arguments to be printed in usage message
...
Extend util_print_usage_and_die() by a string argument that describes
further arguments to the program.
1st user: opensc-explorer
2012-05-30 09:39:12 +02:00
Viktor Tarasov
cb13633634
remove trailing whitespaces
...
inspired by
http://www.opensc-project.org/pipermail/opensc-devel/2012-March/017883.html
Change-Id: If170e830d8d9587a31742feffb6fff54cfdf75b4
2012-04-03 00:00:56 +02:00
andre
8a5961e970
pkcs11-tool.c: At least CKS_RO_PUBLIC_SESSION is needed.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5563 c6295689-39f2-0310-b995-f0e70906c6a9
2011-06-08 08:50:42 +00:00
vtarasov
a479c368a6
pkcs11-tool: allow non-interactive change of User/SO PIN
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5543 c6295689-39f2-0310-b995-f0e70906c6a9
2011-06-02 19:20:11 +00:00
vtarasov
3095f5479f
pkcs11-tool: resolve compiler warning '"OPENSSL_VERSION_NUMBER" is not defined', thanks to Ludovic
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5536 c6295689-39f2-0310-b995-f0e70906c6a9
2011-06-02 17:12:12 +00:00
andre
31a56bb374
pkcs11-tool.c: Remove useless parameter 'slot' from a lot of function prototypes.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5533 c6295689-39f2-0310-b995-f0e70906c6a9
2011-06-01 18:51:26 +00:00
vtarasov
185e3f8259
pkcs11-tool: replace 'slot-label' argument with the two new ones -- 'slot-description' and 'token-label'...
...
the main difference between 'slot-description' and 'token-label' is that
the first one is unique in any case,
the second one can be the same for more then one slots.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5528 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-30 14:47:50 +00:00
vtarasov
8931231396
pkcs11-tool: show CKA_VALUE of the GOST public key object
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5527 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-30 13:28:16 +00:00
vtarasov
4d2428378d
pkcs11-tool: CKA_VALUE of imported GOST key has to be presented in the little endian order
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5518 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-29 17:55:26 +00:00
andre
4a2dfa6822
pkcs11-tool.c: In function ‘sign_data’:
...
pkcs11-tool.c:1253: warning: comparison between signed and unsigned
pkcs11-tool.c: In function ‘write_object’:
pkcs11-tool.c:1777: warning: unused variable ‘type’
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5505 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-27 09:24:09 +00:00
vtarasov
dd30eb1905
pkcs11-tool: import GOST key; key to import in DER or PEM format
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5465 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-22 10:52:44 +00:00
vtarasov
cb39b2dcc9
pkcs11-tool: when doing signature try at first the procedure for the short input data ...
...
Not all PKCS#11 driver support the C_SignUpdate.
So, for the short data begin with procedure "C_SignInit & C_Sign".
If no success, try to applicate the procedure "C_SignInit & C_SignUpdate & ... & C_SignFinal".
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5458 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-22 07:13:09 +00:00
martin
6277099a27
pkcs11-tool: correct typos about --login-type option, change id -> ID in help texts.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5448 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-17 13:27:13 +00:00
martin
18baf42780
pkcs11-tool: move --module to the first position in help text and make it mandatory.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5447 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-17 13:27:09 +00:00
andre
85b40a553c
pkcs11-tool.c:54: warning: missing initializer
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5425 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-04 16:45:51 +00:00
vtarasov
e430fe9d87
pkcs11-tool: add test procedure for EC keys ...
...
... for a while it includes key generation and data signing.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5383 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-21 16:18:23 +00:00
vtarasov
c2a87ae2b1
pkcs11-tool: prepare 'gen_keypair' procedure to generate also the EC keys ...
...
... 'prime256v1' and 'secp384r1'
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5381 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-21 14:29:51 +00:00
andre
9026ea6f3f
pkcs11-tool.c: Avoid warning:
...
pkcs11-tool.c:1978: warning: ‘getPUBLIC_EXPONENT’ defined but not used
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5374 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-19 13:03:49 +00:00
andre
6409755bea
pkcs11-tool.c: Avoid warning:
...
pkcs11-tool.c:2000: warning: comparison between signed and unsigned
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5363 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-19 09:18:12 +00:00
vtarasov
e8f6a3e407
pkcs11-tool: now it's possible to show only the objects of a given type ...
...
when 'type' option is used with the 'list-objects' actions
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5325 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-11 13:00:57 +00:00
andre
02c4f1ec77
pkcs11-tool.c: Avoid compiler warning 'may be used uninitialized in this function'.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4968 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-18 00:44:12 +00:00
andre
b7fad04e10
pkcs11-tool.c: Simplifies interface to show_key() and avoids more compiler warnings.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4967 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-17 23:02:03 +00:00
andre
548630971e
pkcs11-tool: replaced OPENSSL_NO_EDSA with OPENSSL_NO_ECDSA
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4922 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-06 16:28:26 +00:00
martin
b5f329ba7c
tools: EC(DSA) requires OpenSSL >= 0.9.8.
...
This fixes building for OS X 10.5.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4918 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-06 14:41:15 +00:00
dengert
b7f4537031
Test for OPENSSL_NO_EC as some systems build OPENSSL without EC.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4906 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-03 15:15:29 +00:00
dengert
c2fe4609a9
Modifications to support EC and ECDSA for
...
emulated cards. True PKCS#15 cards with EC
will need additional changes.
Main changes are in framework-pkcs15.c, mechanism.c,
padding.c, pkcs15-algo.c and pkcs15-sec.c
where switch statements for key type, and testing
of flags was modified to make it easier to add
additional key types in the future.
The code was tested using RSA and ECDSA using a PIV card
from pkcs11-tool, OpenSSL and Thunderbird with
modifications to NSS-3.12.7 to get ECDSA to sign e-mail.
Only named curves are supported for ECDSA, ECDH is still
needed. pkcs11-tool has only minimal changes need to work
with the -O option to list EC keys.
One additional line was added to pkcs15-sec.c which
should get GOSTR sign to work.
libp11 and engine do not yet have EC support.
--This line, and those below, will be ignored--
M src/tools/piv-tool.c
M src/tools/pkcs11-tool.c
M src/pkcs11/framework-pkcs15.c
M src/pkcs11/mechanism.c
M src/pkcs11/pkcs11-object.c
M src/libopensc/pkcs15-prkey.c
M src/libopensc/card-piv.c
M src/libopensc/padding.c
M src/libopensc/cardctl.h
M src/libopensc/pkcs15-algo.c
M src/libopensc/libopensc.exports
M src/libopensc/pkcs15-piv.c
M src/libopensc/pkcs15-sec.c
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4904 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-01 20:08:42 +00:00
andre
fd11c909bd
pkcs11-tool: Completing the output of "Mechanism Information Flags".
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4885 c6295689-39f2-0310-b995-f0e70906c6a9
2010-11-28 23:46:12 +00:00
andre
146041fcee
pkcs11-tool: Correcting the behaviour in the case where C_SignUpdate fails. Quotation from PKCS#11:
...
"A call to C_SignUpdate which results in an error terminates the current signature operation."
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4884 c6295689-39f2-0310-b995-f0e70906c6a9
2010-11-28 22:16:50 +00:00
andre
b63a601666
pkcs11-tool: Use attributes MODULUS and PUBLIC_EXPONENT instead of VALUE to retrieve RSA-Public-Key. The first two attributes are valid whereas the latter is not.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4883 c6295689-39f2-0310-b995-f0e70906c6a9
2010-11-28 18:09:30 +00:00
andre
bcef13cfd2
In login() the flag CKF_LOGIN_REQUIRED is now ignored. This makes the behaviour of login() more predictable. If parameter --login is specified on the command line, then C_Login() is always called.fixes #220
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4875 c6295689-39f2-0310-b995-f0e70906c6a9
2010-11-18 14:56:26 +00:00
martin
364ba4882d
pkcs11-tool: handle non-recognized tokens gracefully.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4803 c6295689-39f2-0310-b995-f0e70906c6a9
2010-10-08 08:36:56 +00:00
martin
fad0116fef
pkcs11-tool: if no slot is specified on the command line, try to locate a slot with a token.
...
A modified patch from Andre Zepezauer.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4802 c6295689-39f2-0310-b995-f0e70906c6a9
2010-10-08 08:36:48 +00:00
martin
f339f9ba77
pkcs11-tool: only do hotplug testing before other activities.
...
Thanks to Andre Zepezauer for noticing.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4765 c6295689-39f2-0310-b995-f0e70906c6a9
2010-09-24 07:24:43 +00:00
martin
3202355fa3
pkcs11-tool: print the token before asking for a PIN code; shorten CKU_CONTEXT_SPECIFIC prompt
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4751 c6295689-39f2-0310-b995-f0e70906c6a9
2010-09-21 16:11:49 +00:00
martin
01931d6794
pkcs11-tool: do --test even without a slot, at least hotplug. print a proper error name for C_GetSlotInfo
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4750 c6295689-39f2-0310-b995-f0e70906c6a9
2010-09-21 16:11:44 +00:00