Changeset 112
- Timestamp:
- 12/06/08 16:43:39 (3 years ago)
- File:
-
- 1 edited
-
trunk/src/engine_pkcs11.c (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/engine_pkcs11.c
r110 r112 393 393 PKCS11_CERT *certs, *selected_cert = NULL; 394 394 X509 *x509; 395 unsigned int count, n, m;395 unsigned int slot_count, cert_count, n, m; 396 396 unsigned char cert_id[MAX_VALUE_LEN / 2]; 397 397 size_t cert_id_len = sizeof(cert_id); … … 424 424 fprintf(stderr, "label: %s\n", cert_label); 425 425 426 } 427 } 428 429 if (PKCS11_enumerate_slots(ctx, &slot_list, &slot_count) < 0) 430 fail("failed to enumerate slots\n"); 431 432 if (verbose) { 433 fprintf(stderr, "Found %u slot%s\n", slot_count, 434 (slot_count <= 1) ? "" : "s"); 435 } 436 for (n = 0; n < slot_count; n++) { 437 slot = slot_list + n; 438 flags[0] = '\0'; 439 if (slot->token) { 440 if (!slot->token->initialized) 441 strcat(flags, "uninitialized, "); 442 else if (!slot->token->userPinSet) 443 strcat(flags, "no pin, "); 444 if (slot->token->loginRequired) 445 strcat(flags, "login, "); 446 if (slot->token->readOnly) 447 strcat(flags, "ro, "); 448 } else { 449 strcpy(flags, "no token"); 450 } 451 if ((m = strlen(flags)) != 0) { 452 flags[m - 2] = '\0'; 453 } 454 455 if (verbose) { 456 fprintf(stderr, "[%u] %-25.25s %-16s", n, 457 slot->description, flags); 458 if (slot->token) { 459 fprintf(stderr, " (%s)", 460 slot->token->label[0] ? 461 slot->token->label : "no label"); 462 } 463 fprintf(stderr, "\n"); 464 } 465 } 466 467 if (slot_nr == -1) { 468 if (!(slot = PKCS11_find_token(ctx, slot_list, slot_count))) 469 fail("didn't find any tokens\n"); 470 } else if (slot_nr >= 0 && slot_nr < slot_count) 471 slot = slot_list + slot_nr; 472 else { 473 fprintf(stderr, "Invalid slot number: %d\n", slot_nr); 474 PKCS11_release_all_slots(ctx, slot_list, slot_count); 475 return NULL; 476 } 477 tok = slot->token; 478 479 if (tok == NULL) { 480 fprintf(stderr, "Found empty token; \n"); 481 PKCS11_release_all_slots(ctx, slot_list, slot_count); 482 return NULL; 483 } 484 485 if (verbose) { 486 fprintf(stderr, "Found slot: %s\n", slot->description); 487 fprintf(stderr, "Found token: %s\n", slot->token->label); 488 } 489 490 if (PKCS11_enumerate_certs(tok, &certs, &cert_count)) { 491 fprintf(stderr, "unable to enumerate certificates\n"); 492 PKCS11_release_all_slots(ctx, slot_list, slot_count); 493 return NULL; 494 } 495 496 if (verbose) { 497 fprintf(stderr, "Found %u cert%s:\n", cert_count, 498 (cert_count <= 1) ? "" : "s"); 499 } 500 if ((s_slot_cert_id && *s_slot_cert_id) || (cert_id_len == 0)) { 501 for (n = 0; n < cert_count; n++) { 502 PKCS11_CERT *k = certs + n; 503 504 if (cert_id_len != 0 && k->id_len == cert_id_len && 505 memcmp(k->id, cert_id, cert_id_len) == 0) { 506 selected_cert = k; 507 } 508 } 509 } else { 510 selected_cert = certs; /* use first */ 511 } 512 513 if (selected_cert == NULL) { 514 fprintf(stderr, "certificate not found.\n"); 515 PKCS11_release_all_slots(ctx, slot_list, slot_count); 516 return NULL; 517 } 518 519 x509 = X509_dup(selected_cert->x509); 520 if (cert_label != NULL) 521 free(cert_label); 522 return x509; 523 } 524 525 int load_cert_ctrl(ENGINE * e, void *p) 526 { 527 struct { 528 const char *s_slot_cert_id; 529 X509 *cert; 530 } *parms = p; 531 532 if (parms->cert != NULL) 533 return 0; 534 535 parms->cert = pkcs11_load_cert(e, parms->s_slot_cert_id); 536 if (parms->cert == NULL) 537 return 0; 538 539 return 1; 540 } 541 542 static EVP_PKEY *pkcs11_load_key(ENGINE * e, const char *s_slot_key_id, 543 UI_METHOD * ui_method, void *callback_data, 544 int isPrivate) 545 { 546 PKCS11_SLOT *slot_list, *slot; 547 PKCS11_TOKEN *tok; 548 PKCS11_KEY *keys, *selected_key = NULL; 549 PKCS11_CERT *certs; 550 EVP_PKEY *pk; 551 unsigned int count, n, m; 552 unsigned char key_id[MAX_VALUE_LEN / 2]; 553 size_t key_id_len = sizeof(key_id); 554 char *key_label = NULL; 555 int slot_nr = -1; 556 char flags[64]; 557 558 if (s_slot_key_id && *s_slot_key_id) { 559 n = parse_slot_id_string(s_slot_key_id, &slot_nr, 560 key_id, &key_id_len, &key_label); 561 562 if (!n) { 563 fprintf(stderr, 564 "supported formats: <id>, <slot>:<id>, id_<id>, slot_<slot>-id_<id>, label_<label>, slot_<slot>-label_<label>\n"); 565 fprintf(stderr, 566 "where <slot> is the slot number as normal integer,\n"); 567 fprintf(stderr, 568 "and <id> is the id number as hex string.\n"); 569 fprintf(stderr, 570 "and <label> is the textual key label string.\n"); 571 return NULL; 572 } 573 if (verbose) { 574 fprintf(stderr, "Looking in slot %d for key: ", 575 slot_nr); 576 if (key_label == NULL) { 577 for (n = 0; n < key_id_len; n++) 578 fprintf(stderr, "%02x", key_id[n]); 579 fprintf(stderr, "\n"); 580 } else 581 fprintf(stderr, "label: %s\n", key_label); 426 582 } 427 583 } … … 482 638 return NULL; 483 639 } 484 485 if (verbose) {486 fprintf(stderr, "Found slot: %s\n", slot->description);487 fprintf(stderr, "Found token: %s\n", slot->token->label);488 }489 490 if (PKCS11_enumerate_certs(tok, &certs, &count)) {491 fprintf(stderr, "unable to enumerate certificates\n");492 PKCS11_release_all_slots(ctx, slot_list, count);493 return NULL;494 }495 496 if (verbose) {497 fprintf(stderr, "Found %u cert%s:\n", count,498 (count <= 1) ? "" : "s");499 }500 if ((s_slot_cert_id && *s_slot_cert_id) || (cert_id_len == 0)) {501 for (n = 0; n < count; n++) {502 PKCS11_CERT *k = certs + n;503 504 if (cert_id_len != 0 && k->id_len == cert_id_len &&505 memcmp(k->id, cert_id, cert_id_len) == 0) {506 selected_cert = k;507 }508 }509 } else {510 selected_cert = certs; /* use first */511 }512 513 if (selected_cert == NULL) {514 fprintf(stderr, "certificate not found.\n");515 PKCS11_release_all_slots(ctx, slot_list, count);516 return NULL;517 }518 519 x509 = X509_dup(selected_cert->x509);520 if (cert_label != NULL)521 free(cert_label);522 return x509;523 }524 525 int load_cert_ctrl(ENGINE * e, void *p)526 {527 struct {528 const char *s_slot_cert_id;529 X509 *cert;530 } *parms = p;531 532 if (parms->cert != NULL)533 return 0;534 535 parms->cert = pkcs11_load_cert(e, parms->s_slot_cert_id);536 if (parms->cert == NULL)537 return 0;538 539 return 1;540 }541 542 static EVP_PKEY *pkcs11_load_key(ENGINE * e, const char *s_slot_key_id,543 UI_METHOD * ui_method, void *callback_data,544 int isPrivate)545 {546 PKCS11_SLOT *slot_list, *slot;547 PKCS11_TOKEN *tok;548 PKCS11_KEY *keys, *selected_key = NULL;549 PKCS11_CERT *certs;550 EVP_PKEY *pk;551 unsigned int count, n, m;552 unsigned char key_id[MAX_VALUE_LEN / 2];553 size_t key_id_len = sizeof(key_id);554 char *key_label = NULL;555 int slot_nr = -1;556 char flags[64];557 558 if (s_slot_key_id && *s_slot_key_id) {559 n = parse_slot_id_string(s_slot_key_id, &slot_nr,560 key_id, &key_id_len, &key_label);561 562 if (!n) {563 fprintf(stderr,564 "supported formats: <id>, <slot>:<id>, id_<id>, slot_<slot>-id_<id>, label_<label>, slot_<slot>-label_<label>\n");565 fprintf(stderr,566 "where <slot> is the slot number as normal integer,\n");567 fprintf(stderr,568 "and <id> is the id number as hex string.\n");569 fprintf(stderr,570 "and <label> is the textual key label string.\n");571 return NULL;572 }573 if (verbose) {574 fprintf(stderr, "Looking in slot %d for key: ",575 slot_nr);576 if (key_label == NULL) {577 for (n = 0; n < key_id_len; n++)578 fprintf(stderr, "%02x", key_id[n]);579 fprintf(stderr, "\n");580 } else581 fprintf(stderr, "label: %s\n", key_label);582 }583 }584 585 if (PKCS11_enumerate_slots(ctx, &slot_list, &count) < 0)586 fail("failed to enumerate slots\n");587 588 if (verbose) {589 fprintf(stderr, "Found %u slot%s\n", count,590 (count <= 1) ? "" : "s");591 }592 for (n = 0; n < count; n++) {593 slot = slot_list + n;594 flags[0] = '\0';595 if (slot->token) {596 if (!slot->token->initialized)597 strcat(flags, "uninitialized, ");598 else if (!slot->token->userPinSet)599 strcat(flags, "no pin, ");600 if (slot->token->loginRequired)601 strcat(flags, "login, ");602 if (slot->token->readOnly)603 strcat(flags, "ro, ");604 } else {605 strcpy(flags, "no token");606 }607 if ((m = strlen(flags)) != 0) {608 flags[m - 2] = '\0';609 }610 611 if (verbose) {612 fprintf(stderr, "[%u] %-25.25s %-16s", n,613 slot->description, flags);614 if (slot->token) {615 fprintf(stderr, " (%s)",616 slot->token->label[0] ?617 slot->token->label : "no label");618 }619 fprintf(stderr, "\n");620 }621 }622 623 if (slot_nr == -1) {624 if (!(slot = PKCS11_find_token(ctx, slot_list, count)))625 fail("didn't find any tokens\n");626 } else if (slot_nr >= 0 && slot_nr < count)627 slot = slot_list + slot_nr;628 else {629 fprintf(stderr, "Invalid slot number: %d\n", slot_nr);630 PKCS11_release_all_slots(ctx, slot_list, count);631 return NULL;632 }633 tok = slot->token;634 635 if (tok == NULL) {636 fprintf(stderr, "Found empty token; \n");637 PKCS11_release_all_slots(ctx, slot_list, count);638 return NULL;639 }640 640 /* Removed for interop with some other pkcs11 libs. */ 641 641 #if 0
Note: See TracChangeset
for help on using the changeset viewer.
