Commit Graph

188 Commits

Author SHA1 Message Date
Jakub Jelen eda075fa57 Provide the bogus signature with OpenSSL 1.1.0 API 2017-11-14 10:37:02 +01:00
Jakub Jelen 13f542c1f8 Use the new OpenSSL 1.1.0 API also in the HW tests 2017-11-14 10:29:34 +01:00
Jakub Jelen a2715f0a4a Use OpenSSL 1.1.0 API 2017-11-13 17:43:06 +01:00
Jakub Jelen 4a847677cc WIP:Use RSA/EC_KEY METHOD to provide X509 signatures using high-level OpenSSL API 2017-11-13 17:39:34 +01:00
Jakub Jelen d2ffc41a6c RAND_pseudo_bytes is deprecated in OpenSSL 1.1.0 2017-11-13 17:39:34 +01:00
Jakub Jelen ad4e93a462 Few more OpenSSL 1.1.0 incompatibilities 2017-11-13 17:39:34 +01:00
Klas Lindfors bf9c09f9e8 ykcs11: disable rsa keygeneration for yk4 < 4.3.5
see https://yubi.co/ysa201701/
relates #127
2017-10-17 12:51:48 +02:00
edent ea00678314 http->https 2017-10-17 08:02:02 +01:00
Hannes Mehnert 03849d9722 alias RSA type, call openssl functions only in openssl_utils.c 2017-03-29 23:01:17 +01:00
Hannes Mehnert 847b0b4267 fix PSS signing support 2017-03-26 19:13:07 +02:00
Alessio Di Mauro 127227fe4c Better approximation for signature size
Relates to #98.
2016-10-05 16:39:58 +02:00
Alessio Di Mauro af78e18151 Always set number of slots
Relates to #98.
2016-10-05 16:39:58 +02:00
Alessio Di Mauro 7b7c798ef6 Return correct modulus
When asked for CKA_MODULUS on a private key return only n and not the
whole key

Relates to #98.
2016-10-05 16:39:54 +02:00
Simon Josefsson e54176d530 Drop cflags since this "library" doesn't have any public header files. 2016-08-12 15:39:25 +02:00
Simon Josefsson 1b453e0f38 We modified it => add license header. 2016-08-12 15:38:31 +02:00
Simon Josefsson 4937270a13 Don't install ykcs11-version.h. 2016-08-12 15:37:33 +02:00
Simon Josefsson 89bec1260a Improve license headers. 2016-08-12 15:30:06 +02:00
Klas Lindfors 8e7a2796b9 if CRYPTOKI_EXPORTS is not defined don't add __declspec
this messes up the windows build since we're already using libtool for
the exports.
2016-08-12 15:09:49 +02:00
Klas Lindfors 56cb376b3c drop ykcs11_check_version() that was never used or exported 2016-08-12 14:46:13 +02:00
Klas Lindfors c5f60bac4f fixup license header of Makefile.am 2016-08-12 14:03:42 +02:00
Klas Lindfors e7b4fc6ccf switch out the pkcs11 headers for the SCUTE pkcs11 header from opensc
create pkcs11y.h for our additional things
2016-08-12 14:00:15 +02:00
Klas Lindfors fead011e71 add copyright and license header 2016-08-12 13:37:56 +02:00
Klas Lindfors 0d7854540e correct license on ykcs11 files 2016-08-11 15:46:47 +02:00
Alessio Di Mauro 89d8a60876 Return CKR_FUNCTION_FAILED for unimplemented func
Closes #84
2016-08-11 14:41:12 +02:00
Klas Lindfors fc5e1536ef Merge pull request #74 from mscherer/fix_constant_name
Fix error in the define name YKPIV_INS_GENERATE_ASYMMERTRIC
2016-05-09 08:58:39 +02:00
Michael Scherer fd9a0a324d Fix error in the define name YKPIV_INS_GENERATE_ASYMMERTRIC 2016-05-05 01:11:33 +02:00
Michael Scherer 6e4266c886 Add YKPIV_ALGO_TAG
Replace the magic constant 0x80 when sending a packet to the key
2016-05-05 01:11:18 +02:00
Mikhail Denisenko 47cb761a7e Fix bugs windows 2016-01-14 11:03:22 -05:00
Alessio Di Mauro 58766ac403 Whitespace fix. 2016-01-11 12:49:15 +01:00
Alessio Di Mauro 018821e99d Addresses #59, ykcs11 still has issues on Win64. 2016-01-11 12:45:09 +01:00
Klas Lindfors abcce21353 Merge remote-tracking branch 'origin/generic_objects' 2015-12-21 10:42:38 +01:00
Klas Lindfors a143c6d67d remove the util function dump_hex() in favor of dump_data() 2015-12-15 10:27:54 +01:00
Klas Lindfors 35c449e374 change multiplication of minor to 10 so we don't overflow
possibly temporary fix..
2015-12-14 12:48:28 +01:00
Mikhail Denisenko 6042a2140e Implemented C_SetPIN 2015-12-11 13:23:38 -05:00
Mikhail Denisenko 5a60faf779 Fixed extraction of RSA modulus and exponent 2015-12-09 13:13:24 -05:00
Jakub Jelen b784f0ea8d Get rid of warnings about unused functions when running without HW_TESTS 2015-12-08 13:27:04 +01:00
Mikhail Denisenko 8297815622 Return CKR_ATTRIBUTE_TYPE_INVALID instead of CKR_FUNCTION_FAILED on unsupported attributes.
This result works better with Java IaikPkcs11 wrapper, and possibly others.
2015-12-03 18:04:44 -05:00
Alessio Di Mauro bfda53303c YKCS11: update cert buffer size. 2015-12-03 10:47:49 -08:00
Alessio Di Mauro ebdb9f7f5f YKCS11: Fix RSA2048 key generation template. 2015-12-03 10:10:38 -08:00
Alessio Di Mauro b660837909 Merge pull request #38 from denisenkom/patch-1
Return CKR_SESSION_READ_ONLY_EXISTS only when trying to log in SO.
2015-12-03 09:43:02 -08:00
Mikhail Denisenko 36972ebc6f Securely dispose of pin copy 2015-12-01 16:45:09 -05:00
Mikhail Denisenko 1a533ea0dc Fixed bug #39
C_Login fails with CKR_PIN_INCORRECT when pin and pinLen are valid but pin is not null terminated
2015-12-01 16:24:38 -05:00
denisenkom 9d4ff79dd6 Update ykcs11.c
According to PKCS11 spec CKR_SESSION_READ_ONLY_EXISTS should only be returned by C_Login when SO user is logging in.

From spec:
If the application calling C_Login has a R/O session open with the token, then it will be unable to log the SO into a session (see [PKCS11-UG] for further details).  An attempt to do this will result in the error code CKR_SESSION_READ_ONLY_EXISTS.
2015-12-01 13:26:33 -05:00
Alessio Di Mauro e949618ec2 YKCS11: started adding RSA test. 2015-11-27 17:13:54 +01:00
Alessio Di Mauro 72a5137e9d More memcpy. 2015-11-27 15:43:32 +01:00
Alessio Di Mauro 4e8f818e82 YKCS11: add more tests. 2015-11-27 15:43:32 +01:00
Alessio Di Mauro 669997b2dc Minor fix. 2015-11-27 15:43:32 +01:00
Alessio Di Mauro 968348a4c2 YKCS11: use memcpy. 2015-11-27 15:43:32 +01:00
Alessio Di Mauro 721ad03e35 Fix parameter check in SignInit. 2015-11-27 15:43:32 +01:00
Alessio Di Mauro 8b0ed073d3 YKCS11: Return the object handler after importing certs/keys. 2015-11-27 15:43:32 +01:00