Differences From Artifact [6b8855e22d]:
- File cackey.c — part of check-in [b4a6b9d685] at 2010-05-17 14:55:37 on branch trunk — Added removable device flag to slot info (user: rkeene, size: 146546) [annotate] [blame] [check-ins using]
To Artifact [e6d26b97df]:
- File
cackey.c
— part of check-in
[a2ac84031e]
at
2010-05-17 19:37:43
on branch trunk
— Updated to support determining key size from X.509 object (untested)
Updated to set HW TOKEN flag
Updated to pad sign/decrypt message to key size (untested) (user: rkeene, size: 148161) [annotate] [blame] [check-ins using]
| ︙ | ︙ | |||
461 462 463 464 465 466 467 468 469 470 471 472 473 474 |
unsigned char applet[7];
uint16_t file;
unsigned char *label;
size_t certificate_len;
unsigned char *certificate;
};
struct cackey_identity {
struct cackey_pcsc_identity *pcsc_identity;
CK_ATTRIBUTE *attributes;
CK_ULONG attributes_count;
| > > | 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 |
unsigned char applet[7];
uint16_t file;
unsigned char *label;
size_t certificate_len;
unsigned char *certificate;
ssize_t keysize;
};
struct cackey_identity {
struct cackey_pcsc_identity *pcsc_identity;
CK_ATTRIBUTE *attributes;
CK_ULONG attributes_count;
|
| ︙ | ︙ | |||
1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 |
curr_id = &certs[outidx];
outidx++;
memcpy(curr_id->applet, curr_aid, sizeof(curr_id->applet));
curr_id->file = ccc_curr->value_cardurl->objectid;
curr_id->label = NULL;
CACKEY_DEBUG_PRINTF("Filling curr_id->applet (%p) with %lu bytes:", curr_id->applet, (unsigned long) sizeof(curr_id->applet));
CACKEY_DEBUG_PRINTBUF("VAL:", curr_id->applet, sizeof(curr_id->applet));
curr_id->certificate_len = app_curr->length;
curr_id->certificate = malloc(curr_id->certificate_len);
| > | 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 |
curr_id = &certs[outidx];
outidx++;
memcpy(curr_id->applet, curr_aid, sizeof(curr_id->applet));
curr_id->file = ccc_curr->value_cardurl->objectid;
curr_id->label = NULL;
curr_id->keysize = -1;
CACKEY_DEBUG_PRINTF("Filling curr_id->applet (%p) with %lu bytes:", curr_id->applet, (unsigned long) sizeof(curr_id->applet));
CACKEY_DEBUG_PRINTBUF("VAL:", curr_id->applet, sizeof(curr_id->applet));
curr_id->certificate_len = app_curr->length;
curr_id->certificate = malloc(curr_id->certificate_len);
|
| ︙ | ︙ | |||
1829 1830 1831 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 |
* ...
*
* NOTES
* ...
*
*/
static ssize_t cackey_signdecrypt(struct cackey_slot *slot, struct cackey_identity *identity, unsigned char *buf, size_t buflen, unsigned char *outbuf, size_t outbuflen) {
cackey_ret send_ret;
int le;
CACKEY_DEBUG_PRINTF("Called.");
if (buflen > 255) {
CACKEY_DEBUG_PRINTF("Error. buflen is greater than 255 (buflen = %lu)", (unsigned long) buflen);
| > > > > | 1832 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 |
* ...
*
* NOTES
* ...
*
*/
static ssize_t cackey_signdecrypt(struct cackey_slot *slot, struct cackey_identity *identity, unsigned char *buf, size_t buflen, unsigned char *outbuf, size_t outbuflen) {
unsigned char *tmpbuf, *tmpbuf_s;
unsigned char bytes_to_send, p1;
cackey_ret send_ret;
size_t tmpbuflen, padlen;
int free_tmpbuf = 0;
int le;
CACKEY_DEBUG_PRINTF("Called.");
if (buflen > 255) {
CACKEY_DEBUG_PRINTF("Error. buflen is greater than 255 (buflen = %lu)", (unsigned long) buflen);
|
| ︙ | ︙ | |||
1875 1876 1877 1878 1879 1880 1881 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 |
}
if (identity->pcsc_identity == NULL) {
CACKEY_DEBUG_PRINTF("Error. identity->pcsc_identity is NULL");
return(-1);
}
/* Begin transaction */
cackey_begin_transaction(slot);
/* Select correct applet */
CACKEY_DEBUG_PRINTF("Selecting applet found at %p ...", identity->pcsc_identity->applet);
cackey_select_applet(slot, identity->pcsc_identity->applet, sizeof(identity->pcsc_identity->applet));
/* Select correct file */
cackey_select_file(slot, identity->pcsc_identity->file);
| > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | | | > > > > > > | | | > > > > > > > > > > | 1882 1883 1884 1885 1886 1887 1888 1889 1890 1891 1892 1893 1894 1895 1896 1897 1898 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 1915 1916 1917 1918 1919 1920 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 1936 1937 1938 1939 1940 1941 1942 1943 1944 1945 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 1977 1978 1979 1980 |
}
if (identity->pcsc_identity == NULL) {
CACKEY_DEBUG_PRINTF("Error. identity->pcsc_identity is NULL");
return(-1);
}
/* Determine identity Key size */
if (identity->pcsc_identity->keysize < 0) {
identity->pcsc_identity->keysize = x509_to_keysize(identity->pcsc_identity->certificate, identity->pcsc_identity->certificate_len);
}
/* Pad message to key size */
if (identity->pcsc_identity->keysize > 0) {
if (buflen != identity->pcsc_identity->keysize) {
if (buflen > (identity->pcsc_identity->keysize + 3)) {
CACKEY_DEBUG_PRINTF("Error. Message is too large to sign/decrypt");
return(-1);
}
tmpbuflen = identity->pcsc_identity->keysize;
tmpbuf = malloc(tmpbuflen);
free_tmpbuf = 1;
padlen = tmpbuflen - buflen - 3;
tmpbuf[0] = 0x00;
tmpbuf[1] = 0x01;
memset(&tmpbuf[2], 0xFF, padlen);
tmpbuf[padlen]= 0x00;
memcpy(&tmpbuf[padlen + 1], buf, buflen);
} else {
tmpbuf = buf;
tmpbuflen = buflen;
free_tmpbuf = 0;
padlen = 0;
}
} else {
CACKEY_DEBUG_PRINTF("Unable to determine key size, hoping the message is properly padded!");
tmpbuf = buf;
tmpbuflen = buflen;
free_tmpbuf = 0;
padlen = 0;
}
/* Begin transaction */
cackey_begin_transaction(slot);
/* Select correct applet */
CACKEY_DEBUG_PRINTF("Selecting applet found at %p ...", identity->pcsc_identity->applet);
cackey_select_applet(slot, identity->pcsc_identity->applet, sizeof(identity->pcsc_identity->applet));
/* Select correct file */
cackey_select_file(slot, identity->pcsc_identity->file);
tmpbuf_s = tmpbuf;
while (tmpbuflen) {
if (tmpbuflen > 245) {
bytes_to_send = 245;
p1 = 0x80;
} else {
bytes_to_send = tmpbuflen;
p1 = 0x00;
}
send_ret = cackey_send_apdu(slot, GSCIS_CLASS_GLOBAL_PLATFORM, GSCIS_INSTR_SIGNDECRYPT, p1, 0x00, bytes_to_send, tmpbuf, le, NULL, outbuf, &outbuflen);
if (send_ret != CACKEY_PCSC_S_OK) {
CACKEY_DEBUG_PRINTF("ADPU Sending Failed -- returning in error.");
if (free_tmpbuf) {
if (tmpbuf_s) {
free(tmpbuf_s);
}
}
/* End transaction */
cackey_end_transaction(slot);
return(-1);
}
tmpbuf += bytes_to_send;
tmpbuflen -= bytes_to_send;
}
if (free_tmpbuf) {
if (tmpbuf_s) {
free(tmpbuf_s);
}
}
/* End transaction */
cackey_end_transaction(slot);
#ifdef CACKEY_PARANOID
# ifdef _POSIX_SSIZE_MAX
|
| ︙ | ︙ | |||
2938 2939 2940 2941 2942 2943 2944 |
bytes_to_copy = strlen(cackey_slots[slotID].pcsc_reader);
if (sizeof(pInfo->manufacturerID) < bytes_to_copy) {
bytes_to_copy = sizeof(pInfo->manufacturerID);
}
memcpy(pInfo->manufacturerID, cackey_slots[slotID].pcsc_reader, bytes_to_copy);
| | | 3011 3012 3013 3014 3015 3016 3017 3018 3019 3020 3021 3022 3023 3024 3025 |
bytes_to_copy = strlen(cackey_slots[slotID].pcsc_reader);
if (sizeof(pInfo->manufacturerID) < bytes_to_copy) {
bytes_to_copy = sizeof(pInfo->manufacturerID);
}
memcpy(pInfo->manufacturerID, cackey_slots[slotID].pcsc_reader, bytes_to_copy);
pInfo->flags = CKF_REMOVABLE_DEVICE | CKF_HW_SLOT;
if (cackey_token_present(&cackey_slots[slotID]) == CACKEY_PCSC_S_TOKENPRESENT) {
pInfo->flags |= CKF_TOKEN_PRESENT;
}
pInfo->hardwareVersion.major = (cackey_getversion() >> 16) & 0xff;
pInfo->hardwareVersion.minor = (cackey_getversion() >> 8) & 0xff;
|
| ︙ | ︙ |