Jakub Jelen
a2715f0a4a
Use OpenSSL 1.1.0 API
2017-11-13 17:43:06 +01:00
Jakub Jelen
4a847677cc
WIP:Use RSA/EC_KEY METHOD to provide X509 signatures using high-level OpenSSL API
2017-11-13 17:39:34 +01:00
Jakub Jelen
d2ffc41a6c
RAND_pseudo_bytes is deprecated in OpenSSL 1.1.0
2017-11-13 17:39:34 +01:00
Jakub Jelen
ad4e93a462
Few more OpenSSL 1.1.0 incompatibilities
2017-11-13 17:39:34 +01:00
Klas Lindfors
bf9c09f9e8
ykcs11: disable rsa keygeneration for yk4 < 4.3.5
...
see https://yubi.co/ysa201701/
relates #127
2017-10-17 12:51:48 +02:00
edent
ea00678314
http->https
2017-10-17 08:02:02 +01:00
Hannes Mehnert
03849d9722
alias RSA type, call openssl functions only in openssl_utils.c
2017-03-29 23:01:17 +01:00
Hannes Mehnert
847b0b4267
fix PSS signing support
2017-03-26 19:13:07 +02:00
Alessio Di Mauro
127227fe4c
Better approximation for signature size
...
Relates to #98 .
2016-10-05 16:39:58 +02:00
Alessio Di Mauro
af78e18151
Always set number of slots
...
Relates to #98 .
2016-10-05 16:39:58 +02:00
Alessio Di Mauro
7b7c798ef6
Return correct modulus
...
When asked for CKA_MODULUS on a private key return only n and not the
whole key
Relates to #98 .
2016-10-05 16:39:54 +02:00
Simon Josefsson
e54176d530
Drop cflags since this "library" doesn't have any public header files.
2016-08-12 15:39:25 +02:00
Simon Josefsson
1b453e0f38
We modified it => add license header.
2016-08-12 15:38:31 +02:00
Simon Josefsson
4937270a13
Don't install ykcs11-version.h.
2016-08-12 15:37:33 +02:00
Simon Josefsson
89bec1260a
Improve license headers.
2016-08-12 15:30:06 +02:00
Klas Lindfors
8e7a2796b9
if CRYPTOKI_EXPORTS is not defined don't add __declspec
...
this messes up the windows build since we're already using libtool for
the exports.
2016-08-12 15:09:49 +02:00
Klas Lindfors
56cb376b3c
drop ykcs11_check_version() that was never used or exported
2016-08-12 14:46:13 +02:00
Klas Lindfors
c5f60bac4f
fixup license header of Makefile.am
2016-08-12 14:03:42 +02:00
Klas Lindfors
e7b4fc6ccf
switch out the pkcs11 headers for the SCUTE pkcs11 header from opensc
...
create pkcs11y.h for our additional things
2016-08-12 14:00:15 +02:00
Klas Lindfors
fead011e71
add copyright and license header
2016-08-12 13:37:56 +02:00
Klas Lindfors
0d7854540e
correct license on ykcs11 files
2016-08-11 15:46:47 +02:00
Alessio Di Mauro
89d8a60876
Return CKR_FUNCTION_FAILED for unimplemented func
...
Closes #84
2016-08-11 14:41:12 +02:00
Klas Lindfors
fc5e1536ef
Merge pull request #74 from mscherer/fix_constant_name
...
Fix error in the define name YKPIV_INS_GENERATE_ASYMMERTRIC
2016-05-09 08:58:39 +02:00
Michael Scherer
fd9a0a324d
Fix error in the define name YKPIV_INS_GENERATE_ASYMMERTRIC
2016-05-05 01:11:33 +02:00
Michael Scherer
6e4266c886
Add YKPIV_ALGO_TAG
...
Replace the magic constant 0x80 when sending a packet to the key
2016-05-05 01:11:18 +02:00
Mikhail Denisenko
47cb761a7e
Fix bugs windows
2016-01-14 11:03:22 -05:00
Alessio Di Mauro
58766ac403
Whitespace fix.
2016-01-11 12:49:15 +01:00
Alessio Di Mauro
018821e99d
Addresses #59 , ykcs11 still has issues on Win64.
2016-01-11 12:45:09 +01:00
Klas Lindfors
abcce21353
Merge remote-tracking branch 'origin/generic_objects'
2015-12-21 10:42:38 +01:00
Klas Lindfors
a143c6d67d
remove the util function dump_hex() in favor of dump_data()
2015-12-15 10:27:54 +01:00
Klas Lindfors
35c449e374
change multiplication of minor to 10 so we don't overflow
...
possibly temporary fix..
2015-12-14 12:48:28 +01:00
Mikhail Denisenko
6042a2140e
Implemented C_SetPIN
2015-12-11 13:23:38 -05:00
Mikhail Denisenko
5a60faf779
Fixed extraction of RSA modulus and exponent
2015-12-09 13:13:24 -05:00
Jakub Jelen
b784f0ea8d
Get rid of warnings about unused functions when running without HW_TESTS
2015-12-08 13:27:04 +01:00
Mikhail Denisenko
8297815622
Return CKR_ATTRIBUTE_TYPE_INVALID instead of CKR_FUNCTION_FAILED on unsupported attributes.
...
This result works better with Java IaikPkcs11 wrapper, and possibly others.
2015-12-03 18:04:44 -05:00
Alessio Di Mauro
bfda53303c
YKCS11: update cert buffer size.
2015-12-03 10:47:49 -08:00
Alessio Di Mauro
ebdb9f7f5f
YKCS11: Fix RSA2048 key generation template.
2015-12-03 10:10:38 -08:00
Alessio Di Mauro
b660837909
Merge pull request #38 from denisenkom/patch-1
...
Return CKR_SESSION_READ_ONLY_EXISTS only when trying to log in SO.
2015-12-03 09:43:02 -08:00
Mikhail Denisenko
36972ebc6f
Securely dispose of pin copy
2015-12-01 16:45:09 -05:00
Mikhail Denisenko
1a533ea0dc
Fixed bug #39
...
C_Login fails with CKR_PIN_INCORRECT when pin and pinLen are valid but pin is not null terminated
2015-12-01 16:24:38 -05:00
denisenkom
9d4ff79dd6
Update ykcs11.c
...
According to PKCS11 spec CKR_SESSION_READ_ONLY_EXISTS should only be returned by C_Login when SO user is logging in.
From spec:
If the application calling C_Login has a R/O session open with the token, then it will be unable to log the SO into a session (see [PKCS11-UG] for further details). An attempt to do this will result in the error code CKR_SESSION_READ_ONLY_EXISTS.
2015-12-01 13:26:33 -05:00
Alessio Di Mauro
e949618ec2
YKCS11: started adding RSA test.
2015-11-27 17:13:54 +01:00
Alessio Di Mauro
72a5137e9d
More memcpy.
2015-11-27 15:43:32 +01:00
Alessio Di Mauro
4e8f818e82
YKCS11: add more tests.
2015-11-27 15:43:32 +01:00
Alessio Di Mauro
669997b2dc
Minor fix.
2015-11-27 15:43:32 +01:00
Alessio Di Mauro
968348a4c2
YKCS11: use memcpy.
2015-11-27 15:43:32 +01:00
Alessio Di Mauro
721ad03e35
Fix parameter check in SignInit.
2015-11-27 15:43:32 +01:00
Alessio Di Mauro
8b0ed073d3
YKCS11: Return the object handler after importing certs/keys.
2015-11-27 15:43:32 +01:00
Alessio Di Mauro
59faa09c7a
YKCS11: started test on key import and signatures.
2015-11-27 15:43:32 +01:00
Alessio Di Mauro
ef81317183
YKCS11: Test logins.
2015-11-27 15:43:32 +01:00