Merge branch 'development' into githubmaster

This commit is contained in:
Alessio Di Mauro
2015-11-06 16:25:10 +01:00
5 changed files with 33 additions and 8 deletions
+14
View File
@@ -182,6 +182,19 @@ if test "$gl_gcc_warnings" = yes; then
gl_WARN_ADD([-fdiagnostics-show-option]) gl_WARN_ADD([-fdiagnostics-show-option])
fi fi
AC_ARG_ENABLE([ykcs11-debug],
[AS_HELP_STRING([--enable-ykcs11-debug],
[enables YKCS11 debug messages])],
[enable_ykcs11_debug="$enableval"],
[enable_ykcs11_debug="no"])
AS_IF([test "x$enable_ykcs11_debug" != xno],
[AC_DEFINE([YKCS11_DBG], [1], [Regular debug flag])
AC_DEFINE([YKCS11_DINOUT], [1], [Function accessed/left debug flag])],
[true],
[AC_DEFINE([YKCS11_DBG], [0], [Regular debug flag])
AC_DEFINE([YKCS11_DINOUT], [0], [Function accessed/left debug flag])])
AC_SUBST(YKPIV_VERSION_MAJOR, `echo $PACKAGE_VERSION | sed 's/\(.*\)\..*\..*/\1/g'`) AC_SUBST(YKPIV_VERSION_MAJOR, `echo $PACKAGE_VERSION | sed 's/\(.*\)\..*\..*/\1/g'`)
AC_SUBST(YKPIV_VERSION_MINOR, `echo $PACKAGE_VERSION | sed 's/.*\.\(.*\)\..*/\1/g'`) AC_SUBST(YKPIV_VERSION_MINOR, `echo $PACKAGE_VERSION | sed 's/.*\.\(.*\)\..*/\1/g'`)
AC_SUBST(YKPIV_VERSION_PATCH, `echo $PACKAGE_VERSION | sed 's/.*\..*\.\(.*\)/\1/g'`) AC_SUBST(YKPIV_VERSION_PATCH, `echo $PACKAGE_VERSION | sed 's/.*\..*\.\(.*\)/\1/g'`)
@@ -223,4 +236,5 @@ AC_MSG_NOTICE([summary of build options:
LIBS: ${PCSC_WIN_LIBS} LIBS: ${PCSC_WIN_LIBS}
Mac PCSC Mac PCSC
LIBS: ${PCSC_MACOSX_LIBS} LIBS: ${PCSC_MACOSX_LIBS}
]) ])
+10 -4
View File
@@ -126,7 +126,13 @@ valid information except for the public key.
DEBUGGING DEBUGGING
^^^^^^^^^ ^^^^^^^^^
By default the module has debugging enabled. This is _highly_ verbose By default the module has debugging disabled. This is _highly_ verbose
and might be confusing. In order to disable it, the two macros and might be confusing. In order to enabled it rebuild the project as
`YKCS11_DBG` and `YKCS11_DINOUT` in the file `debug.h` should be set follows:
to `0`. Once this is done the module must be recompiled.
----
yubico-piv-tool$ autoreconf --install
yubico-piv-tool$ ./configure --enable-ykcs11-debug
yubico-piv-tool$ make
yubico-piv-tool$ sudo make install
----
-3
View File
@@ -1,9 +1,6 @@
#ifndef DEBUG_H #ifndef DEBUG_H
#define DEBUG_H #define DEBUG_H
#define YKCS11_DBG 1 // General debug, must be either 1 or 0
#define YKCS11_DINOUT 1 // Function in/out debug, must be either 1 or 0
#define D(x...) do { \ #define D(x...) do { \
fprintf (stderr, "debug: %s:%d (%s): ", __FILE__, __LINE__, __FUNCTION__); \ fprintf (stderr, "debug: %s:%d (%s): ", __FILE__, __LINE__, __FUNCTION__); \
fprintf (stderr, x); \ fprintf (stderr, x); \
+8
View File
@@ -1784,7 +1784,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign)(
} }
DBG("Sending %lu bytes to sign", ulDataLen); DBG("Sending %lu bytes to sign", ulDataLen);
#if YKCS11_DBG == 1
dump_hex(pData, ulDataLen, stderr, CK_TRUE); dump_hex(pData, ulDataLen, stderr, CK_TRUE);
#endif
if (is_hashed_mechanism(op_info.mechanism.mechanism) == CK_TRUE) { if (is_hashed_mechanism(op_info.mechanism.mechanism) == CK_TRUE) {
if (apply_sign_mechanism_update(&op_info, pData, ulDataLen) != CKR_OK) { if (apply_sign_mechanism_update(&op_info, pData, ulDataLen) != CKR_OK) {
@@ -1824,7 +1826,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign)(
DBG("Using key %lx", op_info.op.sign.key_id); DBG("Using key %lx", op_info.op.sign.key_id);
DBG("After padding and transformation there are %lu bytes", op_info.buf_len); DBG("After padding and transformation there are %lu bytes", op_info.buf_len);
#if YKCS11_DBG == 1
dump_hex(op_info.buf, op_info.buf_len, stderr, CK_TRUE); dump_hex(op_info.buf, op_info.buf_len, stderr, CK_TRUE);
#endif
*pulSignatureLen = sizeof(op_info.buf); *pulSignatureLen = sizeof(op_info.buf);
@@ -1843,7 +1847,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign)(
} }
DBG("Got %lu bytes back", *pulSignatureLen); DBG("Got %lu bytes back", *pulSignatureLen);
#if YKCS11_DBG == 1
dump_hex(pSignature, *pulSignatureLen, stderr, CK_TRUE); dump_hex(pSignature, *pulSignatureLen, stderr, CK_TRUE);
#endif
if (!is_RSA_mechanism(op_info.mechanism.mechanism)) { if (!is_RSA_mechanism(op_info.mechanism.mechanism)) {
// ECDSA, we must remove the DER encoding and only return R,S // ECDSA, we must remove the DER encoding and only return R,S
@@ -1851,7 +1857,9 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign)(
strip_DER_encoding_from_ECSIG(pSignature, pulSignatureLen); strip_DER_encoding_from_ECSIG(pSignature, pulSignatureLen);
DBG("After removing DER encoding %lu", *pulSignatureLen); DBG("After removing DER encoding %lu", *pulSignatureLen);
#if YKCS11_DBG == 1
dump_hex(pSignature, *pulSignatureLen, stderr, CK_TRUE); dump_hex(pSignature, *pulSignatureLen, stderr, CK_TRUE);
#endif
} }
op_info.type = YKCS11_NOOP; op_info.type = YKCS11_NOOP;
+1 -1
View File
@@ -123,7 +123,7 @@ CK_RV YUBICO_get_token_manufacturer(CK_UTF8CHAR_PTR str, CK_ULONG len) {
return CKR_OK; return CKR_OK;
} }
#include "debug.h"
CK_RV YUBICO_get_token_model(ykpiv_state *state, CK_UTF8CHAR_PTR str, CK_ULONG len) { CK_RV YUBICO_get_token_model(ykpiv_state *state, CK_UTF8CHAR_PTR str, CK_ULONG len) {
char buf[16]; char buf[16];