From ee2a364c15146a83e47e7ee61897d3989941ede4 Mon Sep 17 00:00:00 2001 From: Alessio Di Mauro Date: Wed, 2 Sep 2015 16:06:37 +0200 Subject: [PATCH] More cleanup. --- ykcs11/objects.c | 53 +++++++++++------------------------------------- ykcs11/ykcs11.c | 39 ++++++----------------------------- 2 files changed, 18 insertions(+), 74 deletions(-) diff --git a/ykcs11/objects.c b/ykcs11/objects.c index cef92f6..44e94e5 100644 --- a/ykcs11/objects.c +++ b/ykcs11/objects.c @@ -142,21 +142,6 @@ static piv_pubk_obj_t pubkey_objects[] = { {NULL, 1, 1, 0, 0} }; - -/*static void get_object_class(CK_OBJECT_HANDLE obj, CK_OBJECT_CLASS_PTR class) { - if (obj >= 0 && obj < PIV_DATA_OBJ_LAST) - *class = CKO_DATA; - else if (obj > PIV_DATA_OBJ_LAST && obj < PIV_CERT_OBJ_LAST) - *class = CKO_CERTIFICATE; - else - *class = CKO_VENDOR_DEFINED | CKO_DATA; // Invalid value - }*/ - -/*static void get_object_label(CK_OBJECT_HANDLE obj, CK_UTF8CHAR_PTR label) { - strcpy((char *)label, objects[obj].name); -} -*/ - // Next two functions based off the code at // https://github.com/m9aertner/oidConverter/blob/master/oid.c // TODO: how to give credit? OR JUST STORE THE OID ALREADY ENCODED? @@ -173,7 +158,7 @@ static void make_base128(unsigned long l, int first, CK_BYTE_PTR buf, CK_ULONG_P } static void asn1_encode_oid(CK_CHAR_PTR oid, CK_BYTE_PTR asn1_oid, CK_ULONG_PTR len) { - CK_CHAR_PTR tmp = strdup((char *)oid); + CK_CHAR_PTR tmp = (CK_BYTE_PTR) strdup((char *)oid); CK_CHAR_PTR p = tmp; CK_BYTE_PTR q = NULL; CK_ULONG n = 0; @@ -229,20 +214,6 @@ static void asn1_encode_oid(CK_CHAR_PTR oid, CK_BYTE_PTR asn1_oid, CK_ULONG_PTR free(tmp); } -/*static void get_object_oid(CK_OBJECT_HANDLE obj, CK_UTF8CHAR_PTR oid) { - strcpy((char *)oid, objects[obj].oid); -} - -static void get_object_certificate_type(CK_OBJECT_HANDLE obj, CK_CERTIFICATE_TYPE_PTR type) { - if ((objects[obj].flags & PIV_OBJECT_TYPE_CERT)) - *type = CKC_X_509; -} - -static void get_object_key_id(CK_OBJECT_HANDLE obj, CK_UTF8CHAR_PTR key_id) { - memcpy((char *)key_id, objects[obj].containerid, 2); -} -*/ - static CK_KEY_TYPE get_key_type(EVP_PKEY *key) { return do_get_key_type(key); } @@ -292,13 +263,13 @@ CK_RV get_doa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { case CKA_LABEL: DBG(("LABEL")); len = strlen(piv_objects[obj].label) + 1; - data = piv_objects[obj].label; + data = (CK_BYTE_PTR) piv_objects[obj].label; break; case CKA_APPLICATION: DBG(("APPLICATION")); len = strlen(piv_objects[obj].label) + 1; - data = piv_objects[obj].label; + data = (CK_BYTE_PTR) piv_objects[obj].label; break; case CKA_VALUE: // TODO: this can be done with -r and -d|-a @@ -327,7 +298,7 @@ CK_RV get_doa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { /* Just get the length */ if (template->pValue == NULL_PTR) { - template->ulValueLen = len; // TODO: define? + template->ulValueLen = len; return CKR_OK; } @@ -375,7 +346,7 @@ CK_RV get_coa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { case CKA_LABEL: DBG(("LABEL")); len = strlen(piv_objects[obj].label) + 1; - data = piv_objects[obj].label; + data = (CK_BYTE_PTR) piv_objects[obj].label; break; case CKA_VALUE: @@ -431,7 +402,7 @@ CK_RV get_coa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { /* Just get the length */ if (template->pValue == NULL_PTR) { - template->ulValueLen = len; // TODO: define? + template->ulValueLen = len; return CKR_OK; } @@ -480,7 +451,7 @@ CK_RV get_proa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { case CKA_LABEL: DBG(("LABEL")); len = strlen(piv_objects[obj].label) + 1; - data = piv_objects[obj].label; + data =(CK_BYTE_PTR) piv_objects[obj].label; break; case CKA_KEY_TYPE: @@ -617,7 +588,7 @@ CK_RV get_proa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { /* Just get the length */ if (template->pValue == NULL_PTR) { - template->ulValueLen = len; // TODO: define? + template->ulValueLen = len; return CKR_OK; } @@ -666,11 +637,9 @@ CK_RV get_puoa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { case CKA_LABEL: DBG(("LABEL")); len = strlen(piv_objects[obj].label) + 1; - data = piv_objects[obj].label; + data = (CK_BYTE_PTR)piv_objects[obj].label; break; -// case CKA_VALUE: // TODO: this can be done with -r and -d|-a - case CKA_KEY_TYPE: DBG(("KEY TYPE")); len = sizeof(CK_ULONG); @@ -774,7 +743,7 @@ CK_RV get_puoa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { /* Just get the length */ if (template->pValue == NULL_PTR) { - template->ulValueLen = len; // TODO: define? + template->ulValueLen = len; return CKR_OK; } @@ -913,6 +882,8 @@ CK_RV store_cert(piv_obj_id_t cert_id, CK_BYTE_PTR data, CK_ULONG len) { // Extract and store the public key as an object rv = do_store_pubk(cert_objects[piv_objects[cert_id].sub_id].data, &pubkey_objects[piv_objects[cert_id].sub_id].data); + if (rv != CKR_OK) + return rv; return CKR_OK; } diff --git a/ykcs11/ykcs11.c b/ykcs11/ykcs11.c index f5bacab..c795d17 100644 --- a/ykcs11/ykcs11.c +++ b/ykcs11/ykcs11.c @@ -110,12 +110,12 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetInfo)( pInfo->cryptokiVersion = function_list.version; memset(pInfo->manufacturerID, ' ', sizeof(pInfo->manufacturerID)); - strcpy(pInfo->manufacturerID, YKCS11_MANUFACTURER); + strcpy((char *)pInfo->manufacturerID, YKCS11_MANUFACTURER); pInfo->flags = 0; memset(pInfo->libraryDescription, ' ', sizeof(pInfo->libraryDescription)); - strcpy(pInfo->libraryDescription, YKCS11_LIBDESC); + strcpy((char *)pInfo->libraryDescription, YKCS11_LIBDESC); pInfo->libraryVersion = ver; @@ -132,7 +132,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetFunctionList)( DBG(("GetFunctionList called with ppFunctionList = NULL")); return CKR_ARGUMENTS_BAD; } - *ppFunctionList = &function_list; + *ppFunctionList = &function_list; // TODO: filter out unsupported functions DOUT; return CKR_OK; @@ -689,7 +689,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_Login)( return CKR_CRYPTOKI_NOT_INITIALIZED; } - if (userType != CKU_SO && // TODO: what can SO do? + if (userType != CKU_SO && userType != CKU_USER && userType != CKU_CONTEXT_SPECIFIC) return CKR_USER_TYPE_INVALID; @@ -828,8 +828,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_CreateObject)( CK_BYTE id; CK_BYTE_PTR value; CK_ULONG value_len; - CK_BYTE_PTR ec_params; - CK_ULONG ec_params_len; CK_BYTE_PTR p; CK_BYTE_PTR q; CK_BYTE_PTR dp; @@ -967,7 +965,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_CreateObject)( } DBG(("Key id is %u", id)); - DBG(("ITEM LENGTH IS %lu", value_len)); + object = PIV_PVTK_OBJ_PIV_AUTH + id; if (is_rsa == CK_TRUE) { @@ -1067,9 +1065,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue)( if (pTemplate == NULL_PTR || ulCount == 0) return CKR_ARGUMENTS_BAD; - /*if (find_obj.active != CK_TRUE) - return CKR_OPERATION_NOT_INITIALIZED; actually this can be called from many other functions*/ - rv_final = CKR_OK; for (i = 0; i < ulCount; i++) { @@ -1581,7 +1576,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignInit)( } // The buffer contains an uncompressed point of the form 04, len, 04, x, y - // Where len is the |x| + |y| + 1 bytes + // Where len is |x| + |y| + 1 bytes op_info.op.sign.key_len = ((buf[1] - 1) / 2) * 8; @@ -2018,13 +2013,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair)( return rv; } - /* rv = token.get_token_objects_num(piv_state, &n_objs, &n_certs); */ - /* if (rv != CKR_OK) { */ - /* DBG(("Unable to retrieve token objects")); */ - /* return rv; */ - /* } */ - /* DBG(("There were %lu objs and %lu certs, there are %lu objs and %lu certs", session.slot->token->n_objects, session.slot->token->n_certs, n_objs, n_certs)); */ - is_new = CK_TRUE; for (i = 0; i < session.slot->token->n_objects; i++) { if (session.slot->token->objects[i] == op_info.op.gen.key_id) @@ -2071,21 +2059,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair)( return CKR_FUNCTION_FAILED; // TODO: although key generation succeeded at this point } - /*session.slot->token->n_objects += 4; - session.slot->token->n_certs++; - - obj_ptr = realloc(session.slot->token->objects, session.slot->token->n_objects * sizeof(piv_obj_id_t)); - if (obj_ptr == NULL) { - DBG(("Unable to store new item in the session")); - return CKR_HOST_MEMORY; - } - - obj_ptr = session.slot->token->objects + session.slot->token->n_objects - 4; - *obj_ptr++ = dobj_id; - *obj_ptr++ = cert_id; - *obj_ptr++ = pvtk_id; - *obj_ptr++ = pubk_id;*/ - *phPrivateKey = op_info.op.gen.key_id; *phPublicKey = op_info.op.gen.key_id - PIV_PVTK_OBJ_KM + PIV_PUBK_OBJ_KM; // TODO: make function for these?