Merge branch 'development' into githubmaster
This commit is contained in:
@@ -182,6 +182,19 @@ if test "$gl_gcc_warnings" = yes; then
|
|||||||
gl_WARN_ADD([-fdiagnostics-show-option])
|
gl_WARN_ADD([-fdiagnostics-show-option])
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
AC_ARG_ENABLE([ykcs11-debug],
|
||||||
|
[AS_HELP_STRING([--enable-ykcs11-debug],
|
||||||
|
[enables YKCS11 debug messages])],
|
||||||
|
[enable_ykcs11_debug="$enableval"],
|
||||||
|
[enable_ykcs11_debug="no"])
|
||||||
|
|
||||||
|
AS_IF([test "x$enable_ykcs11_debug" != xno],
|
||||||
|
[AC_DEFINE([YKCS11_DBG], [1], [Regular debug flag])
|
||||||
|
AC_DEFINE([YKCS11_DINOUT], [1], [Function accessed/left debug flag])],
|
||||||
|
[true],
|
||||||
|
[AC_DEFINE([YKCS11_DBG], [0], [Regular debug flag])
|
||||||
|
AC_DEFINE([YKCS11_DINOUT], [0], [Function accessed/left debug flag])])
|
||||||
|
|
||||||
AC_SUBST(YKPIV_VERSION_MAJOR, `echo $PACKAGE_VERSION | sed 's/\(.*\)\..*\..*/\1/g'`)
|
AC_SUBST(YKPIV_VERSION_MAJOR, `echo $PACKAGE_VERSION | sed 's/\(.*\)\..*\..*/\1/g'`)
|
||||||
AC_SUBST(YKPIV_VERSION_MINOR, `echo $PACKAGE_VERSION | sed 's/.*\.\(.*\)\..*/\1/g'`)
|
AC_SUBST(YKPIV_VERSION_MINOR, `echo $PACKAGE_VERSION | sed 's/.*\.\(.*\)\..*/\1/g'`)
|
||||||
AC_SUBST(YKPIV_VERSION_PATCH, `echo $PACKAGE_VERSION | sed 's/.*\..*\.\(.*\)/\1/g'`)
|
AC_SUBST(YKPIV_VERSION_PATCH, `echo $PACKAGE_VERSION | sed 's/.*\..*\.\(.*\)/\1/g'`)
|
||||||
@@ -223,4 +236,5 @@ AC_MSG_NOTICE([summary of build options:
|
|||||||
LIBS: ${PCSC_WIN_LIBS}
|
LIBS: ${PCSC_WIN_LIBS}
|
||||||
Mac PCSC
|
Mac PCSC
|
||||||
LIBS: ${PCSC_MACOSX_LIBS}
|
LIBS: ${PCSC_MACOSX_LIBS}
|
||||||
|
|
||||||
])
|
])
|
||||||
|
|||||||
@@ -126,7 +126,13 @@ valid information except for the public key.
|
|||||||
DEBUGGING
|
DEBUGGING
|
||||||
^^^^^^^^^
|
^^^^^^^^^
|
||||||
|
|
||||||
By default the module has debugging enabled. This is _highly_ verbose
|
By default the module has debugging disabled. This is _highly_ verbose
|
||||||
and might be confusing. In order to disable it, the two macros
|
and might be confusing. In order to enabled it rebuild the project as
|
||||||
`YKCS11_DBG` and `YKCS11_DINOUT` in the file `debug.h` should be set
|
follows:
|
||||||
to `0`. Once this is done the module must be recompiled.
|
|
||||||
|
----
|
||||||
|
yubico-piv-tool$ autoreconf --install
|
||||||
|
yubico-piv-tool$ ./configure --enable-ykcs11-debug
|
||||||
|
yubico-piv-tool$ make
|
||||||
|
yubico-piv-tool$ sudo make install
|
||||||
|
----
|
||||||
|
|||||||
@@ -1,9 +1,6 @@
|
|||||||
#ifndef DEBUG_H
|
#ifndef DEBUG_H
|
||||||
#define DEBUG_H
|
#define DEBUG_H
|
||||||
|
|
||||||
#define YKCS11_DBG 1 // General debug, must be either 1 or 0
|
|
||||||
#define YKCS11_DINOUT 1 // Function in/out debug, must be either 1 or 0
|
|
||||||
|
|
||||||
#define D(x...) do { \
|
#define D(x...) do { \
|
||||||
fprintf (stderr, "debug: %s:%d (%s): ", __FILE__, __LINE__, __FUNCTION__); \
|
fprintf (stderr, "debug: %s:%d (%s): ", __FILE__, __LINE__, __FUNCTION__); \
|
||||||
fprintf (stderr, x); \
|
fprintf (stderr, x); \
|
||||||
|
|||||||
@@ -1784,7 +1784,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign)(
|
|||||||
}
|
}
|
||||||
|
|
||||||
DBG("Sending %lu bytes to sign", ulDataLen);
|
DBG("Sending %lu bytes to sign", ulDataLen);
|
||||||
|
#if YKCS11_DBG == 1
|
||||||
dump_hex(pData, ulDataLen, stderr, CK_TRUE);
|
dump_hex(pData, ulDataLen, stderr, CK_TRUE);
|
||||||
|
#endif
|
||||||
|
|
||||||
if (is_hashed_mechanism(op_info.mechanism.mechanism) == CK_TRUE) {
|
if (is_hashed_mechanism(op_info.mechanism.mechanism) == CK_TRUE) {
|
||||||
if (apply_sign_mechanism_update(&op_info, pData, ulDataLen) != CKR_OK) {
|
if (apply_sign_mechanism_update(&op_info, pData, ulDataLen) != CKR_OK) {
|
||||||
@@ -1824,7 +1826,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign)(
|
|||||||
|
|
||||||
DBG("Using key %lx", op_info.op.sign.key_id);
|
DBG("Using key %lx", op_info.op.sign.key_id);
|
||||||
DBG("After padding and transformation there are %lu bytes", op_info.buf_len);
|
DBG("After padding and transformation there are %lu bytes", op_info.buf_len);
|
||||||
|
#if YKCS11_DBG == 1
|
||||||
dump_hex(op_info.buf, op_info.buf_len, stderr, CK_TRUE);
|
dump_hex(op_info.buf, op_info.buf_len, stderr, CK_TRUE);
|
||||||
|
#endif
|
||||||
|
|
||||||
*pulSignatureLen = sizeof(op_info.buf);
|
*pulSignatureLen = sizeof(op_info.buf);
|
||||||
|
|
||||||
@@ -1843,7 +1847,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign)(
|
|||||||
}
|
}
|
||||||
|
|
||||||
DBG("Got %lu bytes back", *pulSignatureLen);
|
DBG("Got %lu bytes back", *pulSignatureLen);
|
||||||
|
#if YKCS11_DBG == 1
|
||||||
dump_hex(pSignature, *pulSignatureLen, stderr, CK_TRUE);
|
dump_hex(pSignature, *pulSignatureLen, stderr, CK_TRUE);
|
||||||
|
#endif
|
||||||
|
|
||||||
if (!is_RSA_mechanism(op_info.mechanism.mechanism)) {
|
if (!is_RSA_mechanism(op_info.mechanism.mechanism)) {
|
||||||
// ECDSA, we must remove the DER encoding and only return R,S
|
// ECDSA, we must remove the DER encoding and only return R,S
|
||||||
@@ -1851,7 +1857,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign)(
|
|||||||
strip_DER_encoding_from_ECSIG(pSignature, pulSignatureLen);
|
strip_DER_encoding_from_ECSIG(pSignature, pulSignatureLen);
|
||||||
|
|
||||||
DBG("After removing DER encoding %lu", *pulSignatureLen);
|
DBG("After removing DER encoding %lu", *pulSignatureLen);
|
||||||
|
#if YKCS11_DBG == 1
|
||||||
dump_hex(pSignature, *pulSignatureLen, stderr, CK_TRUE);
|
dump_hex(pSignature, *pulSignatureLen, stderr, CK_TRUE);
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
op_info.type = YKCS11_NOOP;
|
op_info.type = YKCS11_NOOP;
|
||||||
|
|||||||
@@ -123,7 +123,7 @@ CK_RV YUBICO_get_token_manufacturer(CK_UTF8CHAR_PTR str, CK_ULONG len) {
|
|||||||
return CKR_OK;
|
return CKR_OK;
|
||||||
|
|
||||||
}
|
}
|
||||||
#include "debug.h"
|
|
||||||
CK_RV YUBICO_get_token_model(ykpiv_state *state, CK_UTF8CHAR_PTR str, CK_ULONG len) {
|
CK_RV YUBICO_get_token_model(ykpiv_state *state, CK_UTF8CHAR_PTR str, CK_ULONG len) {
|
||||||
|
|
||||||
char buf[16];
|
char buf[16];
|
||||||
|
|||||||
Reference in New Issue
Block a user