YKCS11: remove some warnings.

This commit is contained in:
Alessio Di Mauro
2015-11-06 10:43:49 +01:00
parent 045860fd6b
commit fc9ebe996f
3 changed files with 44 additions and 36 deletions
+12 -12
View File
@@ -155,15 +155,15 @@ CK_RV do_create_empty_cert(CK_BYTE_PTR in, CK_ULONG in_len, CK_BBOOL is_rsa,
} }
p = out; p = out;
if ((*out_len = i2d_X509(cert, &p)) == 0) if ((*out_len = (CK_ULONG) i2d_X509(cert, &p)) == 0)
goto create_empty_cert_cleanup; goto create_empty_cert_cleanup;
/* TODO: REMOVE THIS */ /********************/
BIO *STDout = BIO_new_fp(stderr, BIO_NOCLOSE); /*BIO *STDout = BIO_new_fp(stderr, BIO_NOCLOSE);
X509_print_ex(STDout, cert, 0, 0); X509_print_ex(STDout, cert, 0, 0);
BIO_free(STDout); BIO_free(STDout);*/
/********************/ /********************/
rv = CKR_OK; rv = CKR_OK;
@@ -227,9 +227,9 @@ CK_RV do_check_cert(CK_BYTE_PTR in, CK_ULONG_PTR cert_len) {
len = 0; len = 0;
len += get_length(p + 1, &len) + 1; len += get_length(p + 1, &len) + 1;
*cert_len = len; *cert_len = (CK_ULONG) len;
cert = d2i_X509(NULL, &p, *cert_len); cert = d2i_X509(NULL, &p, (long) *cert_len);
if (cert == NULL) if (cert == NULL)
return CKR_FUNCTION_FAILED; return CKR_FUNCTION_FAILED;
@@ -250,7 +250,7 @@ CK_RV do_get_raw_cert(X509 *cert, CK_BYTE_PTR out, CK_ULONG_PTR out_len) {
return CKR_BUFFER_TOO_SMALL; return CKR_BUFFER_TOO_SMALL;
p = out; p = out;
if ((*out_len = i2d_X509(cert, &p)) == 0) if ((*out_len = (CK_ULONG) i2d_X509(cert, &p)) == 0)
return CKR_FUNCTION_FAILED; return CKR_FUNCTION_FAILED;
return CKR_OK; return CKR_OK;
@@ -308,7 +308,7 @@ CK_ULONG do_get_rsa_modulus_length(EVP_PKEY *key) {
if (rsa == NULL) if (rsa == NULL)
return 0; return 0;
key_len = RSA_size(rsa) * 8; // There is also RSA_bits but only in >= 1.1.0 key_len = (CK_ULONG) (RSA_size(rsa) * 8); // There is also RSA_bits but only in >= 1.1.0
RSA_free(rsa); RSA_free(rsa);
rsa = NULL; rsa = NULL;
@@ -363,7 +363,7 @@ CK_RV do_get_public_key(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len) {
p = data; p = data;
if ((*len = i2d_RSAPublicKey(rsa, &p)) == 0) { if ((*len = (CK_ULONG) i2d_RSAPublicKey(rsa, &p)) == 0) {
RSA_free(rsa); RSA_free(rsa);
rsa = NULL; rsa = NULL;
return CKR_FUNCTION_FAILED; return CKR_FUNCTION_FAILED;
@@ -417,7 +417,7 @@ CK_RV do_encode_rsa_public_key(CK_BYTE_PTR data, CK_ULONG len, RSA **key) {
if (data == NULL) if (data == NULL)
return CKR_ARGUMENTS_BAD; return CKR_ARGUMENTS_BAD;
if ((*key = d2i_RSAPublicKey(NULL, &p, len)) == NULL) if ((*key = d2i_RSAPublicKey(NULL, &p, (long) len)) == NULL)
return CKR_FUNCTION_FAILED; return CKR_FUNCTION_FAILED;
return CKR_OK; return CKR_OK;
@@ -435,7 +435,7 @@ CK_RV do_get_curve_parameters(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len)
p = data; p = data;
if ((*len = i2d_ECPKParameters(ecg, &p)) == 0) { if ((*len = (CK_ULONG) i2d_ECPKParameters(ecg, &p)) == 0) {
EC_KEY_free(eck); EC_KEY_free(eck);
eck = NULL; eck = NULL;
return CKR_FUNCTION_FAILED; return CKR_FUNCTION_FAILED;
@@ -519,7 +519,7 @@ CK_RV do_pkcs_pss(RSA *key, CK_BYTE_PTR in, CK_ULONG in_len, int nid,
return CKR_FUNCTION_FAILED; return CKR_FUNCTION_FAILED;
} }
*out_len = RSA_size(key); *out_len = (CK_ULONG) RSA_size(key);
EVP_cleanup(); EVP_cleanup();
+32 -22
View File
@@ -20,7 +20,7 @@
#define PIV_MGM_KEY_LEN 48 #define PIV_MGM_KEY_LEN 48
#define YKCS11_MAX_SLOTS 16 #define YKCS11_MAX_SLOTS 16
#define YKCS11_MAX_SIG_BUF_LEN 1024 //#define YKCS11_MAX_SIG_BUF_LEN 1024
#define YKCS11_SESSION_ID 5355104 #define YKCS11_SESSION_ID 5355104
@@ -49,10 +49,11 @@ CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(
CK_VOID_PTR pInitArgs CK_VOID_PTR pInitArgs
) )
{ {
DIN;
CK_BYTE readers[2048]; CK_BYTE readers[2048];
CK_ULONG len = sizeof(readers); CK_ULONG len = sizeof(readers);
DIN;
if (piv_state != NULL) if (piv_state != NULL)
return CKR_CRYPTOKI_ALREADY_INITIALIZED; return CKR_CRYPTOKI_ALREADY_INITIALIZED;
@@ -82,9 +83,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_Finalize)(
CK_VOID_PTR pReserved CK_VOID_PTR pReserved
) )
{ {
DIN;
CK_ULONG i; CK_ULONG i;
DIN;
if (pReserved != NULL_PTR) { if (pReserved != NULL_PTR) {
DBG("Finalized called with pReserved != NULL"); DBG("Finalized called with pReserved != NULL");
return CKR_ARGUMENTS_BAD; return CKR_ARGUMENTS_BAD;
@@ -111,8 +113,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetInfo)(
CK_INFO_PTR pInfo CK_INFO_PTR pInfo
) )
{ {
DIN;
CK_VERSION ver = {0, 0}; // TODO: set version number CK_VERSION ver = {0, 0}; // TODO: set version number
DIN;
pInfo->cryptokiVersion = function_list.version; pInfo->cryptokiVersion = function_list.version;
memset(pInfo->manufacturerID, ' ', sizeof(pInfo->manufacturerID)); memset(pInfo->manufacturerID, ' ', sizeof(pInfo->manufacturerID));
@@ -134,6 +138,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetFunctionList)(
) )
{ {
DIN; DIN;
if(ppFunctionList == NULL_PTR) { if(ppFunctionList == NULL_PTR) {
DBG("GetFunctionList called with ppFunctionList = NULL"); DBG("GetFunctionList called with ppFunctionList = NULL");
return CKR_ARGUMENTS_BAD; return CKR_ARGUMENTS_BAD;
@@ -152,10 +157,11 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetSlotList)(
CK_ULONG_PTR pulCount CK_ULONG_PTR pulCount
) )
{ {
DIN;
CK_ULONG i; CK_ULONG i;
int j; int j;
DIN;
if (piv_state == NULL) { if (piv_state == NULL) {
DBG("libykpiv is not initialized or already finalized"); DBG("libykpiv is not initialized or already finalized");
return CKR_CRYPTOKI_NOT_INITIALIZED; return CKR_CRYPTOKI_NOT_INITIALIZED;
@@ -286,10 +292,11 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismList)(
CK_ULONG_PTR pulCount CK_ULONG_PTR pulCount
) )
{ {
DIN;
token_vendor_t token; token_vendor_t token;
CK_ULONG count; CK_ULONG count;
DIN;
if (piv_state == NULL) { if (piv_state == NULL) {
DBG("libykpiv is not initialized or already finalized"); DBG("libykpiv is not initialized or already finalized");
return CKR_CRYPTOKI_NOT_INITIALIZED; return CKR_CRYPTOKI_NOT_INITIALIZED;
@@ -344,9 +351,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismInfo)(
CK_MECHANISM_INFO_PTR pInfo CK_MECHANISM_INFO_PTR pInfo
) )
{ {
DIN;
token_vendor_t token; token_vendor_t token;
DIN;
if (piv_state == NULL) { if (piv_state == NULL) {
DBG("libykpiv is not initialized or already finalized"); DBG("libykpiv is not initialized or already finalized");
return CKR_CRYPTOKI_NOT_INITIALIZED; return CKR_CRYPTOKI_NOT_INITIALIZED;
@@ -425,8 +433,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_OpenSession)(
CK_SESSION_HANDLE_PTR phSession CK_SESSION_HANDLE_PTR phSession
) )
{ {
DIN; // TODO: pApplication and Notify
token_vendor_t token; token_vendor_t token;
CK_RV rv; CK_RV rv;
piv_obj_id_t *cert_ids; piv_obj_id_t *cert_ids;
@@ -434,6 +440,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_OpenSession)(
CK_BYTE cert_data[2100]; // Max cert value for ykpiv CK_BYTE cert_data[2100]; // Max cert value for ykpiv
CK_ULONG cert_len = sizeof(cert_data); CK_ULONG cert_len = sizeof(cert_data);
DIN; // TODO: pApplication and Notify
if (piv_state == NULL) { if (piv_state == NULL) {
DBG("libykpiv is not initialized or already finalized"); DBG("libykpiv is not initialized or already finalized");
return CKR_CRYPTOKI_NOT_INITIALIZED; return CKR_CRYPTOKI_NOT_INITIALIZED;
@@ -615,9 +623,10 @@ CK_DEFINE_FUNCTION(CK_RV, C_CloseAllSessions)(
CK_SLOT_ID slotID CK_SLOT_ID slotID
) )
{ {
DIN;
CK_RV rv; CK_RV rv;
DIN;
if (piv_state == NULL) { if (piv_state == NULL) {
DBG("libykpiv is not initialized or already finalized"); DBG("libykpiv is not initialized or already finalized");
return CKR_CRYPTOKI_NOT_INITIALIZED; return CKR_CRYPTOKI_NOT_INITIALIZED;
@@ -837,8 +846,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_CreateObject)(
CK_OBJECT_HANDLE_PTR phObject CK_OBJECT_HANDLE_PTR phObject
) )
{ {
DIN;
CK_ULONG i; CK_ULONG i;
CK_RV rv; CK_RV rv;
CK_OBJECT_CLASS class; CK_OBJECT_CLASS class;
@@ -860,6 +867,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_CreateObject)(
CK_ULONG pubk_id; CK_ULONG pubk_id;
piv_obj_id_t *obj_ptr; piv_obj_id_t *obj_ptr;
DIN;
if (piv_state == NULL) { if (piv_state == NULL) {
DBG("libykpiv is not initialized or already finalized"); DBG("libykpiv is not initialized or already finalized");
@@ -1036,8 +1044,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_DestroyObject)(
CK_OBJECT_HANDLE hObject CK_OBJECT_HANDLE hObject
) )
{ {
DIN;
CK_RV rv; CK_RV rv;
token_vendor_t token; token_vendor_t token;
CK_ULONG i; CK_ULONG i;
@@ -1048,6 +1054,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_DestroyObject)(
CK_ULONG pubk_id; CK_ULONG pubk_id;
piv_obj_id_t *obj_ptr; piv_obj_id_t *obj_ptr;
DIN;
DBG("Deleting object %lu", hObject); DBG("Deleting object %lu", hObject);
if (piv_state == NULL) { if (piv_state == NULL) {
@@ -1147,10 +1155,11 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue)(
CK_ULONG ulCount CK_ULONG ulCount
) )
{ {
DIN;
CK_ULONG i; CK_ULONG i;
CK_RV rv, rv_final; CK_RV rv, rv_final;
DIN;
if (piv_state == NULL) { if (piv_state == NULL) {
DBG("libykpiv is not initialized or already finalized"); DBG("libykpiv is not initialized or already finalized");
return CKR_CRYPTOKI_NOT_INITIALIZED; return CKR_CRYPTOKI_NOT_INITIALIZED;
@@ -1204,12 +1213,12 @@ CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsInit)(
CK_ULONG ulCount CK_ULONG ulCount
) )
{ {
DIN;
CK_ULONG i; CK_ULONG i;
CK_ULONG j; CK_ULONG j;
CK_ULONG total; CK_ULONG total;
CK_BBOOL private; CK_BBOOL private;
DIN;
if (piv_state == NULL) { if (piv_state == NULL) {
DBG("libykpiv is not initialized or already finalized"); DBG("libykpiv is not initialized or already finalized");
@@ -1585,8 +1594,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignInit)(
CK_OBJECT_HANDLE hKey CK_OBJECT_HANDLE hKey
) )
{ {
DIN; CK_KEY_TYPE type = 0;
CK_KEY_TYPE type = 0; // TODO: replace these with sign_info's fields?
CK_ULONG key_len = 0; CK_ULONG key_len = 0;
CK_BYTE buf[1024]; CK_BYTE buf[1024];
CK_ATTRIBUTE template[] = { CK_ATTRIBUTE template[] = {
@@ -1596,6 +1604,8 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignInit)(
{CKA_EC_POINT, buf, sizeof(buf)}, {CKA_EC_POINT, buf, sizeof(buf)},
}; };
DIN;
if (piv_state == NULL) { if (piv_state == NULL) {
DBG("libykpiv is not initialized or already finalized"); DBG("libykpiv is not initialized or already finalized");
return CKR_CRYPTOKI_NOT_INITIALIZED; return CKR_CRYPTOKI_NOT_INITIALIZED;
@@ -1682,7 +1692,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_SignInit)(
// The buffer contains an uncompressed point of the form 04, len, 04, x, y // The buffer contains an uncompressed point of the form 04, len, 04, x, y
// Where len is |x| + |y| + 1 bytes // Where len is |x| + |y| + 1 bytes
op_info.op.sign.key_len = ((buf[1] - 1) / 2) * 8; op_info.op.sign.key_len = (CK_ULONG) (((buf[1] - 1) / 2) * 8);
if (op_info.op.sign.key_len == 256) if (op_info.op.sign.key_len == 256)
op_info.op.sign.algo = YKPIV_ALGO_ECCP256; op_info.op.sign.algo = YKPIV_ALGO_ECCP256;
@@ -1727,11 +1737,11 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign)(
CK_ULONG_PTR pulSignatureLen CK_ULONG_PTR pulSignatureLen
) )
{ {
DIN;
ykpiv_rc piv_rv; ykpiv_rc piv_rv;
CK_RV rv; CK_RV rv;
DIN;
if (op_info.type != YKCS11_SIGN) { if (op_info.type != YKCS11_SIGN) {
DBG("Signature operation not initialized"); DBG("Signature operation not initialized");
rv = CKR_OPERATION_NOT_INITIALIZED; rv = CKR_OPERATION_NOT_INITIALIZED;
@@ -2062,7 +2072,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair)(
CK_OBJECT_HANDLE_PTR phPrivateKey CK_OBJECT_HANDLE_PTR phPrivateKey
) )
{ {
DIN;
CK_RV rv; CK_RV rv;
token_vendor_t token; token_vendor_t token;
CK_ULONG i; CK_ULONG i;
@@ -2075,6 +2084,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair)(
CK_BYTE cert_data[2100]; CK_BYTE cert_data[2100];
CK_ULONG cert_len; CK_ULONG cert_len;
DIN;
if (piv_state == NULL) { if (piv_state == NULL) {
DBG("libykpiv is not initialized or already finalized"); DBG("libykpiv is not initialized or already finalized");
-2
View File
@@ -4,8 +4,6 @@
#include "debug.h" #include "debug.h"
#include "objects.h" #include "objects.h"
#define YUBICO_MECHANISMS_NUM 5
#define MIN_RSA_KEY_SIZE 1024 #define MIN_RSA_KEY_SIZE 1024
#define MAX_RSA_KEY_SIZE 2048 #define MAX_RSA_KEY_SIZE 2048
#define MIN_ECC_KEY_SIZE 256 #define MIN_ECC_KEY_SIZE 256