From 8bf407e33031dbd2d9866a05d32889be86b25531 Mon Sep 17 00:00:00 2001 From: Alessio Di Mauro Date: Tue, 24 Nov 2015 14:06:37 +0100 Subject: [PATCH] YKCS11: report correct version. --- ykcs11/token_vendors.h | 2 +- ykcs11/utils.c | 30 +++++++++++++++++------------- ykcs11/yubico_token.c | 30 ++++++++---------------------- ykcs11/yubico_token.h | 2 +- 4 files changed, 27 insertions(+), 37 deletions(-) diff --git a/ykcs11/token_vendors.h b/ykcs11/token_vendors.h index e091124..a9be63d 100644 --- a/ykcs11/token_vendors.h +++ b/ykcs11/token_vendors.h @@ -10,7 +10,7 @@ typedef CK_RV (*get_t_label_f)(CK_UTF8CHAR_PTR, CK_ULONG); typedef CK_RV (*get_t_manufacturer_f)(CK_UTF8CHAR_PTR, CK_ULONG); typedef CK_RV (*get_t_model_f)(ykpiv_state *, CK_UTF8CHAR_PTR, CK_ULONG); typedef CK_RV (*get_t_flags_f)(CK_FLAGS_PTR); -typedef CK_RV (*get_t_version_f)(CK_UTF8CHAR_PTR, CK_ULONG, CK_VERSION_PTR); +typedef CK_RV (*get_t_version_f)(ykpiv_state *, CK_VERSION_PTR); typedef CK_RV (*get_t_serial_f)(CK_CHAR_PTR, CK_ULONG); typedef CK_RV (*get_t_mechanisms_num_f)(CK_ULONG_PTR); typedef CK_RV (*get_t_mechanism_list_f)(CK_MECHANISM_TYPE_PTR, CK_ULONG); diff --git a/ykcs11/utils.c b/ykcs11/utils.c index 6402530..c647bf9 100644 --- a/ykcs11/utils.c +++ b/ykcs11/utils.c @@ -92,7 +92,7 @@ failure: CK_RV create_token(ykpiv_state *state, CK_BYTE_PTR p, ykcs11_slot_t *slot) { - token_vendor_t token; + token_vendor_t token; CK_TOKEN_INFO_PTR t_info; slot->token = malloc(sizeof(ykcs11_token_t)); // TODO: free @@ -116,16 +116,21 @@ CK_RV create_token(ykpiv_state *state, CK_BYTE_PTR p, ykcs11_slot_t *slot) { return CKR_FUNCTION_FAILED; memset(t_info->model, ' ', sizeof(t_info->model)); - if(token.get_token_model(state, t_info->model, sizeof(t_info->model)) != CKR_OK) + if(token.get_token_model(state, t_info->model, sizeof(t_info->model)) != CKR_OK) { + ykpiv_disconnect(state); return CKR_FUNCTION_FAILED; - ykpiv_disconnect(state); + } memset(t_info->serialNumber, ' ', sizeof(t_info->serialNumber)); - if(token.get_token_serial(t_info->serialNumber, sizeof(t_info->serialNumber)) != CKR_OK) + if(token.get_token_serial(t_info->serialNumber, sizeof(t_info->serialNumber)) != CKR_OK) { + ykpiv_disconnect(state); return CKR_FUNCTION_FAILED; + } - if (token.get_token_flags(&t_info->flags) != CKR_OK) + if (token.get_token_flags(&t_info->flags) != CKR_OK) { + ykpiv_disconnect(state); return CKR_FUNCTION_FAILED; + } t_info->ulMaxSessionCount = CK_UNAVAILABLE_INFORMATION; @@ -147,20 +152,19 @@ CK_RV create_token(ykpiv_state *state, CK_BYTE_PTR p, ykcs11_slot_t *slot) { t_info->ulFreePrivateMemory = CK_UNAVAILABLE_INFORMATION; - //ykpiv_get_version(piv_state, buf, sizeof(buf)); - //if (token_vendor.get_token_version(buf, strlen(buf), &ver) != CKR_OK) // TODO: fix this - // return CKR_FUNCTION_FAILED; - - //t_info->hardwareVersion = ver; // version number of hardware // TODO: fix - - //t_info->firmwareVersion = ver; // version number of firmware // TODO: fix + // Ignore hardware version, report firmware version + if (token.get_token_version(state, &t_info->firmwareVersion) != CKR_OK) { + ykpiv_disconnect(state); + return CKR_FUNCTION_FAILED; + } memset(t_info->utcTime, ' ', sizeof(t_info->utcTime)); // No clock present, clear - // TODO: also get token objects here? (and destroy on failure) slot->token->objects = NULL; slot->token->n_objects = 0; + ykpiv_disconnect(state); + return CKR_OK; } diff --git a/ykcs11/yubico_token.c b/ykcs11/yubico_token.c index b8cf730..4e89c85 100644 --- a/ykcs11/yubico_token.c +++ b/ykcs11/yubico_token.c @@ -153,32 +153,18 @@ CK_RV YUBICO_get_token_flags(CK_FLAGS_PTR flags) { } -CK_RV YUBICO_get_token_version(CK_UTF8CHAR_PTR v_str, CK_ULONG len, CK_VERSION_PTR version) { +CK_RV YUBICO_get_token_version(ykpiv_state *state, CK_VERSION_PTR version) { - CK_VERSION v = {0, 0}; - unsigned int i = 0; + char buf[16]; - while (i < len && v_str[i] != '.') { - v.major *= 10; - v.major += v_str[i++] - '0'; - } + if (version == NULL) + return CKR_ARGUMENTS_BAD; - i++; + if (ykpiv_get_version(state, buf, sizeof(buf)) != YKPIV_OK) + return CKR_FUNCTION_FAILED; - while (i < len && v_str[i] != '.') { - v.minor *= 10; - v.minor += v_str[i++] - '0'; - } - - i++; - - while (i < len && v_str[i] != '.') { - v.minor *= 10; - v.minor += v_str[i++] - '0'; - } - - version->major = v.major; - version->minor = v.minor; + version->major = (buf[0] - '0'); + version->minor = (buf[2] - '0') * 100 + (buf[4] - '0'); return CKR_OK; } diff --git a/ykcs11/yubico_token.h b/ykcs11/yubico_token.h index e95c8e3..b725123 100644 --- a/ykcs11/yubico_token.h +++ b/ykcs11/yubico_token.h @@ -10,7 +10,7 @@ CK_RV YUBICO_get_token_manufacturer(CK_UTF8CHAR_PTR str, CK_ULONG len); CK_RV YUBICO_get_token_model(ykpiv_state *state, CK_UTF8CHAR_PTR str, CK_ULONG len); CK_RV YUBICO_get_token_flags(CK_FLAGS_PTR flags); CK_RV YUBICO_get_token_serial(CK_CHAR_PTR str, CK_ULONG len); -CK_RV YUBICO_get_token_version(CK_UTF8CHAR_PTR v_str, CK_ULONG v_str_len, CK_VERSION_PTR version); +CK_RV YUBICO_get_token_version(ykpiv_state *state, CK_VERSION_PTR version); CK_RV YUBICO_get_token_mechanisms_num(CK_ULONG_PTR num); CK_RV YUBICO_get_token_mechanism_list(CK_MECHANISM_TYPE_PTR mec, CK_ULONG num); CK_RV YUBICO_get_token_mechanism_info(CK_MECHANISM_TYPE mec, CK_MECHANISM_INFO_PTR info);