Use slot enum consistently. Move slot->object translation into libykpiv.
This commit is contained in:
+3
-3
@@ -1245,7 +1245,7 @@ ykpiv_rc ykpiv_util_reset(ykpiv_state *state) {
|
|||||||
return YKPIV_GENERIC_ERROR;
|
return YKPIV_GENERIC_ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int _slot2object(uint8_t slot) {
|
uint32_t ykpiv_util_slot_object(uint8_t slot) {
|
||||||
int object_id = -1;
|
int object_id = -1;
|
||||||
|
|
||||||
switch (slot) {
|
switch (slot) {
|
||||||
@@ -1283,7 +1283,7 @@ static ykpiv_rc _read_certificate(ykpiv_state *state, uint8_t slot, uint8_t *buf
|
|||||||
// TREV TODO: should this select application?
|
// TREV TODO: should this select application?
|
||||||
ykpiv_rc res = YKPIV_OK;
|
ykpiv_rc res = YKPIV_OK;
|
||||||
uint8_t *ptr = NULL;
|
uint8_t *ptr = NULL;
|
||||||
int object_id = _slot2object(slot);
|
int object_id = ykpiv_util_slot_object(slot);
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
|
|
||||||
if (-1 == object_id) return YKPIV_INVALID_OBJECT;
|
if (-1 == object_id) return YKPIV_INVALID_OBJECT;
|
||||||
@@ -1323,7 +1323,7 @@ static ykpiv_rc _write_certificate(ykpiv_state *state, uint8_t slot, uint8_t *da
|
|||||||
// TREV TODO: should this select application?
|
// TREV TODO: should this select application?
|
||||||
uint8_t buf[CB_OBJ_MAX];
|
uint8_t buf[CB_OBJ_MAX];
|
||||||
size_t cbBuf = sizeof(buf);
|
size_t cbBuf = sizeof(buf);
|
||||||
int object_id = _slot2object(slot);
|
int object_id = ykpiv_util_slot_object(slot);
|
||||||
size_t offset = 0;
|
size_t offset = 0;
|
||||||
size_t req_len = 0;
|
size_t req_len = 0;
|
||||||
|
|
||||||
|
|||||||
@@ -492,6 +492,12 @@ extern "C"
|
|||||||
*/
|
*/
|
||||||
ykpiv_rc ykpiv_util_block_puk(ykpiv_state *state);
|
ykpiv_rc ykpiv_util_block_puk(ykpiv_state *state);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Object ID of given slot.
|
||||||
|
*
|
||||||
|
* @param slot key slot
|
||||||
|
*/
|
||||||
|
uint32_t ykpiv_util_slot_object(uint8_t slot);
|
||||||
|
|
||||||
ykpiv_rc ykpiv_connect_with_card(ykpiv_state *state, uint64_t context, uint64_t card);
|
ykpiv_rc ykpiv_connect_with_card(ykpiv_state *state, uint64_t context, uint64_t card);
|
||||||
|
|
||||||
|
|||||||
-168
@@ -300,174 +300,6 @@ int get_slot_hex(enum enum_slot slot_enum) {
|
|||||||
return slot;
|
return slot;
|
||||||
}
|
}
|
||||||
|
|
||||||
int get_object_id(enum enum_slot slot) {
|
|
||||||
int object;
|
|
||||||
|
|
||||||
switch(slot) {
|
|
||||||
case slot_arg_9a:
|
|
||||||
object = YKPIV_OBJ_AUTHENTICATION;
|
|
||||||
break;
|
|
||||||
case slot_arg_9c:
|
|
||||||
object = YKPIV_OBJ_SIGNATURE;
|
|
||||||
break;
|
|
||||||
case slot_arg_9d:
|
|
||||||
object = YKPIV_OBJ_KEY_MANAGEMENT;
|
|
||||||
break;
|
|
||||||
case slot_arg_9e:
|
|
||||||
object = YKPIV_OBJ_CARD_AUTH;
|
|
||||||
break;
|
|
||||||
case slot_arg_82:
|
|
||||||
object = YKPIV_OBJ_RETIRED1;
|
|
||||||
break;
|
|
||||||
case slot_arg_83:
|
|
||||||
object = YKPIV_OBJ_RETIRED2;
|
|
||||||
break;
|
|
||||||
case slot_arg_84:
|
|
||||||
object = YKPIV_OBJ_RETIRED3;
|
|
||||||
break;
|
|
||||||
case slot_arg_85:
|
|
||||||
object = YKPIV_OBJ_RETIRED4;
|
|
||||||
break;
|
|
||||||
case slot_arg_86:
|
|
||||||
object = YKPIV_OBJ_RETIRED5;
|
|
||||||
break;
|
|
||||||
case slot_arg_87:
|
|
||||||
object = YKPIV_OBJ_RETIRED6;
|
|
||||||
break;
|
|
||||||
case slot_arg_88:
|
|
||||||
object = YKPIV_OBJ_RETIRED7;
|
|
||||||
break;
|
|
||||||
case slot_arg_89:
|
|
||||||
object = YKPIV_OBJ_RETIRED8;
|
|
||||||
break;
|
|
||||||
case slot_arg_8a:
|
|
||||||
object = YKPIV_OBJ_RETIRED9;
|
|
||||||
break;
|
|
||||||
case slot_arg_8b:
|
|
||||||
object = YKPIV_OBJ_RETIRED10;
|
|
||||||
break;
|
|
||||||
case slot_arg_8c:
|
|
||||||
object = YKPIV_OBJ_RETIRED11;
|
|
||||||
break;
|
|
||||||
case slot_arg_8d:
|
|
||||||
object = YKPIV_OBJ_RETIRED12;
|
|
||||||
break;
|
|
||||||
case slot_arg_8e:
|
|
||||||
object = YKPIV_OBJ_RETIRED13;
|
|
||||||
break;
|
|
||||||
case slot_arg_8f:
|
|
||||||
object = YKPIV_OBJ_RETIRED14;
|
|
||||||
break;
|
|
||||||
case slot_arg_90:
|
|
||||||
object = YKPIV_OBJ_RETIRED15;
|
|
||||||
break;
|
|
||||||
case slot_arg_91:
|
|
||||||
object = YKPIV_OBJ_RETIRED16;
|
|
||||||
break;
|
|
||||||
case slot_arg_92:
|
|
||||||
object = YKPIV_OBJ_RETIRED17;
|
|
||||||
break;
|
|
||||||
case slot_arg_93:
|
|
||||||
object = YKPIV_OBJ_RETIRED18;
|
|
||||||
break;
|
|
||||||
case slot_arg_94:
|
|
||||||
object = YKPIV_OBJ_RETIRED19;
|
|
||||||
break;
|
|
||||||
case slot_arg_95:
|
|
||||||
object = YKPIV_OBJ_RETIRED20;
|
|
||||||
break;
|
|
||||||
case slot_arg_f9:
|
|
||||||
object = YKPIV_OBJ_ATTESTATION;
|
|
||||||
break;
|
|
||||||
case slot__NULL:
|
|
||||||
default:
|
|
||||||
object = 0;
|
|
||||||
}
|
|
||||||
return object;
|
|
||||||
}
|
|
||||||
|
|
||||||
int key_to_object_id(int key) {
|
|
||||||
int object;
|
|
||||||
|
|
||||||
switch(key) {
|
|
||||||
case YKPIV_KEY_AUTHENTICATION:
|
|
||||||
object = YKPIV_OBJ_AUTHENTICATION;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_CARDMGM:
|
|
||||||
object = YKPIV_OBJ_SIGNATURE;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_KEYMGM:
|
|
||||||
object = YKPIV_OBJ_KEY_MANAGEMENT;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_CARDAUTH:
|
|
||||||
object = YKPIV_OBJ_CARD_AUTH;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED1:
|
|
||||||
object = YKPIV_OBJ_RETIRED1;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED2:
|
|
||||||
object = YKPIV_OBJ_RETIRED2;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED3:
|
|
||||||
object = YKPIV_OBJ_RETIRED3;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED4:
|
|
||||||
object = YKPIV_OBJ_RETIRED4;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED5:
|
|
||||||
object = YKPIV_OBJ_RETIRED5;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED6:
|
|
||||||
object = YKPIV_OBJ_RETIRED6;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED7:
|
|
||||||
object = YKPIV_OBJ_RETIRED7;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED8:
|
|
||||||
object = YKPIV_OBJ_RETIRED8;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED9:
|
|
||||||
object = YKPIV_OBJ_RETIRED9;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED10:
|
|
||||||
object = YKPIV_OBJ_RETIRED10;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED11:
|
|
||||||
object = YKPIV_OBJ_RETIRED11;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED12:
|
|
||||||
object = YKPIV_OBJ_RETIRED12;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED13:
|
|
||||||
object = YKPIV_OBJ_RETIRED13;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED14:
|
|
||||||
object = YKPIV_OBJ_RETIRED14;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED15:
|
|
||||||
object = YKPIV_OBJ_RETIRED15;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED16:
|
|
||||||
object = YKPIV_OBJ_RETIRED16;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED17:
|
|
||||||
object = YKPIV_OBJ_RETIRED17;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED18:
|
|
||||||
object = YKPIV_OBJ_RETIRED18;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED19:
|
|
||||||
object = YKPIV_OBJ_RETIRED19;
|
|
||||||
break;
|
|
||||||
case YKPIV_KEY_RETIRED20:
|
|
||||||
object = YKPIV_OBJ_RETIRED20;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
object = 0;
|
|
||||||
}
|
|
||||||
return object;
|
|
||||||
}
|
|
||||||
|
|
||||||
bool set_component(unsigned char *in_ptr, const BIGNUM *bn, int element_len) {
|
bool set_component(unsigned char *in_ptr, const BIGNUM *bn, int element_len) {
|
||||||
int real_len = BN_num_bytes(bn);
|
int real_len = BN_num_bytes(bn);
|
||||||
|
|
||||||
|
|||||||
@@ -48,8 +48,6 @@ X509_NAME *parse_name(const char*);
|
|||||||
unsigned char get_algorithm(EVP_PKEY*);
|
unsigned char get_algorithm(EVP_PKEY*);
|
||||||
FILE *open_file(const char*, int);
|
FILE *open_file(const char*, int);
|
||||||
int get_slot_hex(enum enum_slot slot_enum);
|
int get_slot_hex(enum enum_slot slot_enum);
|
||||||
int get_object_id(enum enum_slot slot);
|
|
||||||
int key_to_object_id(int key);
|
|
||||||
bool set_component(unsigned char *in_ptr, const BIGNUM *bn, int element_len);
|
bool set_component(unsigned char *in_ptr, const BIGNUM *bn, int element_len);
|
||||||
bool prepare_rsa_signature(const unsigned char*, unsigned int, unsigned char*,
|
bool prepare_rsa_signature(const unsigned char*, unsigned int, unsigned char*,
|
||||||
unsigned int*, int);
|
unsigned int*, int);
|
||||||
|
|||||||
+21
-21
@@ -97,7 +97,7 @@ static bool sign_data(ykpiv_state *state, const unsigned char *in, size_t len, u
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool generate_key(ykpiv_state *state, const char *slot,
|
static bool generate_key(ykpiv_state *state, enum enum_slot slot,
|
||||||
enum enum_algorithm algorithm, const char *output_file_name,
|
enum enum_algorithm algorithm, const char *output_file_name,
|
||||||
enum enum_key_format key_format, enum enum_pin_policy pin_policy,
|
enum enum_key_format key_format, enum enum_pin_policy pin_policy,
|
||||||
enum enum_touch_policy touch_policy) {
|
enum enum_touch_policy touch_policy) {
|
||||||
@@ -133,7 +133,7 @@ static bool generate_key(ykpiv_state *state, const char *slot,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sscanf(slot, "%2x", &key);
|
key = get_slot_hex(slot);
|
||||||
|
|
||||||
output_file = open_file(output_file_name, OUTPUT);
|
output_file = open_file(output_file_name, OUTPUT);
|
||||||
if(!output_file) {
|
if(!output_file) {
|
||||||
@@ -252,7 +252,7 @@ static bool set_pin_retries(ykpiv_state *state, int pin_retries, int puk_retries
|
|||||||
}
|
}
|
||||||
|
|
||||||
static bool import_key(ykpiv_state *state, enum enum_key_format key_format,
|
static bool import_key(ykpiv_state *state, enum enum_key_format key_format,
|
||||||
const char *input_file_name, const char *slot, char *password,
|
const char *input_file_name, enum enum_slot slot, char *password,
|
||||||
enum enum_pin_policy pin_policy, enum enum_touch_policy touch_policy) {
|
enum enum_pin_policy pin_policy, enum enum_touch_policy touch_policy) {
|
||||||
int key = 0;
|
int key = 0;
|
||||||
FILE *input_file = NULL;
|
FILE *input_file = NULL;
|
||||||
@@ -262,7 +262,7 @@ static bool import_key(ykpiv_state *state, enum enum_key_format key_format,
|
|||||||
bool ret = false;
|
bool ret = false;
|
||||||
ykpiv_rc rc = YKPIV_GENERIC_ERROR;
|
ykpiv_rc rc = YKPIV_GENERIC_ERROR;
|
||||||
|
|
||||||
sscanf(slot, "%2x", &key);
|
key = get_slot_hex(slot);
|
||||||
|
|
||||||
input_file = open_file(input_file_name, INPUT);
|
input_file = open_file(input_file_name, INPUT);
|
||||||
if(!input_file) {
|
if(!input_file) {
|
||||||
@@ -537,7 +537,7 @@ static bool set_cardid(ykpiv_state *state, int verbose, int type) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
static bool request_certificate(ykpiv_state *state, enum enum_key_format key_format,
|
static bool request_certificate(ykpiv_state *state, enum enum_key_format key_format,
|
||||||
const char *input_file_name, const char *slot, char *subject, enum enum_hash hash,
|
const char *input_file_name, enum enum_slot slot, char *subject, enum enum_hash hash,
|
||||||
const char *output_file_name) {
|
const char *output_file_name) {
|
||||||
X509_REQ *req = NULL;
|
X509_REQ *req = NULL;
|
||||||
X509_NAME *name = NULL;
|
X509_NAME *name = NULL;
|
||||||
@@ -561,7 +561,7 @@ static bool request_certificate(ykpiv_state *state, enum enum_key_format key_for
|
|||||||
null_parameter.type = V_ASN1_NULL;
|
null_parameter.type = V_ASN1_NULL;
|
||||||
null_parameter.value.ptr = NULL;
|
null_parameter.value.ptr = NULL;
|
||||||
|
|
||||||
sscanf(slot, "%2x", &key);
|
key = get_slot_hex(slot);
|
||||||
|
|
||||||
input_file = open_file(input_file_name, INPUT);
|
input_file = open_file(input_file_name, INPUT);
|
||||||
output_file = open_file(output_file_name, OUTPUT);
|
output_file = open_file(output_file_name, OUTPUT);
|
||||||
@@ -684,7 +684,7 @@ request_out:
|
|||||||
}
|
}
|
||||||
|
|
||||||
static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_format,
|
static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_format,
|
||||||
const char *input_file_name, const char *slot, char *subject, enum enum_hash hash,
|
const char *input_file_name, enum enum_slot slot, char *subject, enum enum_hash hash,
|
||||||
const int *serial, int validDays, const char *output_file_name) {
|
const int *serial, int validDays, const char *output_file_name) {
|
||||||
FILE *input_file = NULL;
|
FILE *input_file = NULL;
|
||||||
FILE *output_file = NULL;
|
FILE *output_file = NULL;
|
||||||
@@ -710,7 +710,7 @@ static bool selfsign_certificate(ykpiv_state *state, enum enum_key_format key_fo
|
|||||||
null_parameter.type = V_ASN1_NULL;
|
null_parameter.type = V_ASN1_NULL;
|
||||||
null_parameter.value.ptr = NULL;
|
null_parameter.value.ptr = NULL;
|
||||||
|
|
||||||
sscanf(slot, "%2x", &key);
|
key = get_slot_hex(slot);
|
||||||
|
|
||||||
input_file = open_file(input_file_name, INPUT);
|
input_file = open_file(input_file_name, INPUT);
|
||||||
output_file = open_file(output_file_name, OUTPUT);
|
output_file = open_file(output_file_name, OUTPUT);
|
||||||
@@ -1028,7 +1028,7 @@ read_cert_out:
|
|||||||
}
|
}
|
||||||
|
|
||||||
static bool sign_file(ykpiv_state *state, const char *input, const char *output,
|
static bool sign_file(ykpiv_state *state, const char *input, const char *output,
|
||||||
const char *slot, enum enum_algorithm algorithm, enum enum_hash hash,
|
enum enum_slot slot, enum enum_algorithm algorithm, enum enum_hash hash,
|
||||||
int verbosity) {
|
int verbosity) {
|
||||||
FILE *input_file = NULL;
|
FILE *input_file = NULL;
|
||||||
FILE *output_file = NULL;
|
FILE *output_file = NULL;
|
||||||
@@ -1039,7 +1039,7 @@ static bool sign_file(ykpiv_state *state, const char *input, const char *output,
|
|||||||
int algo;
|
int algo;
|
||||||
const EVP_MD *md;
|
const EVP_MD *md;
|
||||||
|
|
||||||
sscanf(slot, "%2x", &key);
|
key = get_slot_hex(slot);
|
||||||
|
|
||||||
input_file = open_file(input, INPUT);
|
input_file = open_file(input, INPUT);
|
||||||
if(!input_file) {
|
if(!input_file) {
|
||||||
@@ -1121,7 +1121,7 @@ out:
|
|||||||
|
|
||||||
static void print_cert_info(ykpiv_state *state, enum enum_slot slot, const EVP_MD *md,
|
static void print_cert_info(ykpiv_state *state, enum enum_slot slot, const EVP_MD *md,
|
||||||
FILE *output) {
|
FILE *output) {
|
||||||
int object = get_object_id(slot);
|
int object = ykpiv_util_slot_object(get_slot_hex(slot));
|
||||||
int slot_name;
|
int slot_name;
|
||||||
unsigned char data[3072];
|
unsigned char data[3072];
|
||||||
const unsigned char *ptr = data;
|
const unsigned char *ptr = data;
|
||||||
@@ -1349,7 +1349,7 @@ static bool test_signature(ykpiv_state *state, enum enum_slot slot,
|
|||||||
if(algorithm == 0) {
|
if(algorithm == 0) {
|
||||||
goto test_out;
|
goto test_out;
|
||||||
}
|
}
|
||||||
sscanf(cmdline_parser_slot_values[slot], "%2x", &key);
|
key = get_slot_hex(slot);
|
||||||
if(YKPIV_IS_RSA(algorithm)) {
|
if(YKPIV_IS_RSA(algorithm)) {
|
||||||
prepare_rsa_signature(data, data_len, encoded, &enc_len, EVP_MD_type(md));
|
prepare_rsa_signature(data, data_len, encoded, &enc_len, EVP_MD_type(md));
|
||||||
ptr = encoded;
|
ptr = encoded;
|
||||||
@@ -1454,7 +1454,7 @@ static bool test_decipher(ykpiv_state *state, enum enum_slot slot,
|
|||||||
if(algorithm == 0) {
|
if(algorithm == 0) {
|
||||||
goto decipher_out;
|
goto decipher_out;
|
||||||
}
|
}
|
||||||
sscanf(cmdline_parser_slot_values[slot], "%2x", &key);
|
key = get_slot_hex(slot);
|
||||||
if(YKPIV_IS_RSA(algorithm)) {
|
if(YKPIV_IS_RSA(algorithm)) {
|
||||||
unsigned char secret[32];
|
unsigned char secret[32];
|
||||||
unsigned char secret2[32];
|
unsigned char secret2[32];
|
||||||
@@ -1566,7 +1566,7 @@ static bool list_readers(ykpiv_state *state) {
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool attest(ykpiv_state *state, const char *slot,
|
static bool attest(ykpiv_state *state, enum enum_slot slot,
|
||||||
enum enum_key_format key_format, const char *output_file_name) {
|
enum enum_key_format key_format, const char *output_file_name) {
|
||||||
unsigned char data[YKPIV_OBJ_MAX_SIZE];
|
unsigned char data[YKPIV_OBJ_MAX_SIZE];
|
||||||
unsigned long len = sizeof(data);
|
unsigned long len = sizeof(data);
|
||||||
@@ -1583,7 +1583,7 @@ static bool attest(ykpiv_state *state, const char *slot,
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
sscanf(slot, "%2x", &key);
|
key = get_slot_hex(slot);
|
||||||
if (ykpiv_attest(state, key, data, &len) != YKPIV_OK) {
|
if (ykpiv_attest(state, key, data, &len) != YKPIV_OK) {
|
||||||
fprintf(stderr, "Failed to attest data.\n");
|
fprintf(stderr, "Failed to attest data.\n");
|
||||||
goto attest_out;
|
goto attest_out;
|
||||||
@@ -1866,7 +1866,7 @@ int main(int argc, char *argv[]) {
|
|||||||
print_version(state, args_info.output_arg);
|
print_version(state, args_info.output_arg);
|
||||||
break;
|
break;
|
||||||
case action_arg_generate:
|
case action_arg_generate:
|
||||||
if(generate_key(state, args_info.slot_orig, args_info.algorithm_arg, args_info.output_arg, args_info.key_format_arg,
|
if(generate_key(state, args_info.slot_arg, args_info.algorithm_arg, args_info.output_arg, args_info.key_format_arg,
|
||||||
args_info.pin_policy_arg, args_info.touch_policy_arg) == false) {
|
args_info.pin_policy_arg, args_info.touch_policy_arg) == false) {
|
||||||
ret = EXIT_FAILURE;
|
ret = EXIT_FAILURE;
|
||||||
} else {
|
} else {
|
||||||
@@ -1921,7 +1921,7 @@ int main(int argc, char *argv[]) {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case action_arg_importMINUS_key:
|
case action_arg_importMINUS_key:
|
||||||
if(import_key(state, args_info.key_format_arg, args_info.input_arg, args_info.slot_orig, password,
|
if(import_key(state, args_info.key_format_arg, args_info.input_arg, args_info.slot_arg, password,
|
||||||
args_info.pin_policy_arg, args_info.touch_policy_arg) == false) {
|
args_info.pin_policy_arg, args_info.touch_policy_arg) == false) {
|
||||||
fprintf(stderr, "Unable to import private key\n");
|
fprintf(stderr, "Unable to import private key\n");
|
||||||
ret = EXIT_FAILURE;
|
ret = EXIT_FAILURE;
|
||||||
@@ -1946,7 +1946,7 @@ int main(int argc, char *argv[]) {
|
|||||||
break;
|
break;
|
||||||
case action_arg_requestMINUS_certificate:
|
case action_arg_requestMINUS_certificate:
|
||||||
if(request_certificate(state, args_info.key_format_arg, args_info.input_arg,
|
if(request_certificate(state, args_info.key_format_arg, args_info.input_arg,
|
||||||
args_info.slot_orig, args_info.subject_arg, args_info.hash_arg,
|
args_info.slot_arg, args_info.subject_arg, args_info.hash_arg,
|
||||||
args_info.output_arg) == false) {
|
args_info.output_arg) == false) {
|
||||||
ret = EXIT_FAILURE;
|
ret = EXIT_FAILURE;
|
||||||
} else {
|
} else {
|
||||||
@@ -2006,7 +2006,7 @@ int main(int argc, char *argv[]) {
|
|||||||
}
|
}
|
||||||
case action_arg_selfsignMINUS_certificate:
|
case action_arg_selfsignMINUS_certificate:
|
||||||
if(selfsign_certificate(state, args_info.key_format_arg, args_info.input_arg,
|
if(selfsign_certificate(state, args_info.key_format_arg, args_info.input_arg,
|
||||||
args_info.slot_orig, args_info.subject_arg, args_info.hash_arg,
|
args_info.slot_arg, args_info.subject_arg, args_info.hash_arg,
|
||||||
args_info.serial_given ? &args_info.serial_arg : NULL, args_info.valid_days_arg,
|
args_info.serial_given ? &args_info.serial_arg : NULL, args_info.valid_days_arg,
|
||||||
args_info.output_arg) == false) {
|
args_info.output_arg) == false) {
|
||||||
ret = EXIT_FAILURE;
|
ret = EXIT_FAILURE;
|
||||||
@@ -2060,7 +2060,7 @@ int main(int argc, char *argv[]) {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case action_arg_attest:
|
case action_arg_attest:
|
||||||
if(attest(state, args_info.slot_orig, args_info.key_format_arg,
|
if(attest(state, args_info.slot_arg, args_info.key_format_arg,
|
||||||
args_info.output_arg) == false) {
|
args_info.output_arg) == false) {
|
||||||
ret = EXIT_FAILURE;
|
ret = EXIT_FAILURE;
|
||||||
}
|
}
|
||||||
@@ -2081,7 +2081,7 @@ int main(int argc, char *argv[]) {
|
|||||||
ret = EXIT_FAILURE;
|
ret = EXIT_FAILURE;
|
||||||
}
|
}
|
||||||
else if(sign_file(state, args_info.input_arg, args_info.output_arg,
|
else if(sign_file(state, args_info.input_arg, args_info.output_arg,
|
||||||
args_info.slot_orig, args_info.algorithm_arg, args_info.hash_arg,
|
args_info.slot_arg, args_info.algorithm_arg, args_info.hash_arg,
|
||||||
verbosity)) {
|
verbosity)) {
|
||||||
fprintf(stderr, "Signature successful!\n");
|
fprintf(stderr, "Signature successful!\n");
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@@ -196,7 +196,7 @@ static CK_RV COMMON_token_generate_key(ykpiv_state *state, CK_BBOOL rsa,
|
|||||||
*certptr++ = 0;
|
*certptr++ = 0;
|
||||||
|
|
||||||
// Store the certificate into the token
|
// Store the certificate into the token
|
||||||
if (ykpiv_save_object(state, key_to_object_id(key), data, (size_t)(certptr - data)) != YKPIV_OK)
|
if (ykpiv_save_object(state, ykpiv_util_slot_object(key), data, (size_t)(certptr - data)) != YKPIV_OK)
|
||||||
return CKR_DEVICE_ERROR;
|
return CKR_DEVICE_ERROR;
|
||||||
|
|
||||||
return CKR_OK;
|
return CKR_OK;
|
||||||
|
|||||||
Reference in New Issue
Block a user