Diff

Differences From Artifact [5510d07f5c]:

To Artifact [dce840ec61]:


   469    469   			return("CACKEY_TLV_APP_SKI | CACKEY_TLV_APP_PKI");
   470    470   		case 0x07:
   471    471   			return("CACKEY_TLV_APP_GENERIC | CACKEY_TLV_APP_SKI | CACKEY_TLV_APP_PKI");
   472    472   	}
   473    473   
   474    474   	return("INVALID");
   475    475   }
          476  +
          477  +static const char *CACKEY_DEBUG_FUNC_ATTRIBUTE_TO_STR(CK_ATTRIBUTE_TYPE attr) {
          478  +	switch (attr) {
          479  +		case CKA_CLASS:
          480  +			return("CKA_CLASS");
          481  +		case CKA_TOKEN:
          482  +			return("CKA_TOKEN");
          483  +		case CKA_PRIVATE:
          484  +			return("CKA_PRIVATE");
          485  +		case CKA_LABEL:
          486  +			return("CKA_LABEL");
          487  +		case CKA_APPLICATION:
          488  +			return("CKA_APPLICATION");
          489  +		case CKA_VALUE:
          490  +			return("CKA_VALUE");
          491  +		case CKA_OBJECT_ID:
          492  +			return("CKA_OBJECT_ID");
          493  +		case CKA_CERTIFICATE_TYPE:
          494  +			return("CKA_CERTIFICATE_TYPE");
          495  +		case CKA_ISSUER:
          496  +			return("CKA_ISSUER");
          497  +		case CKA_SERIAL_NUMBER:
          498  +			return("CKA_SERIAL_NUMBER");
          499  +		case CKA_AC_ISSUER:
          500  +			return("CKA_AC_ISSUER");
          501  +		case CKA_OWNER:
          502  +			return("CKA_OWNER");
          503  +		case CKA_ATTR_TYPES:
          504  +			return("CKA_ATTR_TYPES");
          505  +		case CKA_TRUSTED:
          506  +			return("CKA_TRUSTED");
          507  +		case CKA_KEY_TYPE:
          508  +			return("CKA_KEY_TYPE");
          509  +		case CKA_SUBJECT:
          510  +			return("CKA_SUBJECT");
          511  +		case CKA_ID:
          512  +			return("CKA_ID");
          513  +		case CKA_SENSITIVE:
          514  +			return("CKA_SENSITIVE");
          515  +		case CKA_ENCRYPT:
          516  +			return("CKA_ENCRYPT");
          517  +		case CKA_DECRYPT:
          518  +			return("CKA_DECRYPT");
          519  +		case CKA_WRAP:
          520  +			return("CKA_WRAP");
          521  +		case CKA_UNWRAP:
          522  +			return("CKA_UNWRAP");
          523  +		case CKA_SIGN:
          524  +			return("CKA_SIGN");
          525  +		case CKA_SIGN_RECOVER:
          526  +			return("CKA_SIGN_RECOVER");
          527  +		case CKA_VERIFY:
          528  +			return("CKA_VERIFY");
          529  +		case CKA_VERIFY_RECOVER:
          530  +			return("CKA_VERIFY_RECOVER");
          531  +		case CKA_DERIVE:
          532  +			return("CKA_DERIVE");
          533  +		case CKA_START_DATE:
          534  +			return("CKA_START_DATE");
          535  +		case CKA_END_DATE:
          536  +			return("CKA_END_DATE");
          537  +		case CKA_MODULUS:
          538  +			return("CKA_MODULUS");
          539  +		case CKA_MODULUS_BITS:
          540  +			return("CKA_MODULUS_BITS");
          541  +		case CKA_PUBLIC_EXPONENT:
          542  +			return("CKA_PUBLIC_EXPONENT");
          543  +		case CKA_PRIVATE_EXPONENT:
          544  +			return("CKA_PRIVATE_EXPONENT");
          545  +		case CKA_PRIME_1:
          546  +			return("CKA_PRIME_1");
          547  +		case CKA_PRIME_2:
          548  +			return("CKA_PRIME_2");
          549  +		case CKA_EXPONENT_1:
          550  +			return("CKA_EXPONENT_1");
          551  +		case CKA_EXPONENT_2:
          552  +			return("CKA_EXPONENT_2");
          553  +		case CKA_COEFFICIENT:
          554  +			return("CKA_COEFFICIENT");
          555  +		case CKA_PRIME:
          556  +			return("CKA_PRIME");
          557  +		case CKA_SUBPRIME:
          558  +			return("CKA_SUBPRIME");
          559  +		case CKA_BASE:
          560  +			return("CKA_BASE");
          561  +		case CKA_PRIME_BITS:
          562  +			return("CKA_PRIME_BITS");
          563  +		case CKA_SUB_PRIME_BITS:
          564  +			return("CKA_SUB_PRIME_BITS");
          565  +		case CKA_VALUE_BITS:
          566  +			return("CKA_VALUE_BITS");
          567  +		case CKA_VALUE_LEN:
          568  +			return("CKA_VALUE_LEN");
          569  +		case CKA_EXTRACTABLE:
          570  +			return("CKA_EXTRACTABLE");
          571  +		case CKA_LOCAL:
          572  +			return("CKA_LOCAL");
          573  +		case CKA_NEVER_EXTRACTABLE:
          574  +			return("CKA_NEVER_EXTRACTABLE");
          575  +		case CKA_ALWAYS_SENSITIVE:
          576  +			return("CKA_ALWAYS_SENSITIVE");
          577  +		case CKA_KEY_GEN_MECHANISM:
          578  +			return("CKA_KEY_GEN_MECHANISM");
          579  +		case CKA_MODIFIABLE:
          580  +			return("CKA_MODIFIABLE");
          581  +		case CKA_ECDSA_PARAMS:
          582  +			return("CKA_ECDSA_PARAMS");
          583  +		case CKA_EC_POINT:
          584  +			return("CKA_EC_POINT");
          585  +		case CKA_SECONDARY_AUTH:
          586  +			return("CKA_SECONDARY_AUTH");
          587  +		case CKA_AUTH_PIN_FLAGS:
          588  +			return("CKA_AUTH_PIN_FLAGS");
          589  +		case CKA_HW_FEATURE_TYPE:
          590  +			return("CKA_HW_FEATURE_TYPE");
          591  +		case CKA_RESET_ON_INIT:
          592  +			return("CKA_RESET_ON_INIT");
          593  +		case CKA_HAS_RESET:
          594  +			return("CKA_HAS_RESET");
          595  +		case CKA_VENDOR_DEFINED:
          596  +			return("CKA_VENDOR_DEFINED");
          597  +	}
          598  +
          599  +	return("UNKNOWN");
          600  +}
   476    601   
   477    602   #  define malloc(x) CACKEY_DEBUG_FUNC_MALLOC(x, __func__, __LINE__)
   478    603   #  define realloc(x, y) CACKEY_DEBUG_FUNC_REALLOC(x, y, __func__, __LINE__)
   479    604   #  ifdef strdup
   480    605   #    undef strdup
   481    606   #  endif
   482    607   #  define strdup(x) CACKEY_DEBUG_FUNC_STRDUP(x, __func__, __LINE__)
................................................................................
   484    609   #  define CACKEY_DEBUG_PRINTF(x...) /**/
   485    610   #  define CACKEY_DEBUG_PRINTBUF(f, x, y) /**/
   486    611   #  define CACKEY_DEBUG_PERROR(x) /**/
   487    612   #  define CACKEY_DEBUG_FUNC_TAG_TO_STR(x) "DEBUG_DISABLED"
   488    613   #  define CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(x) "DEBUG_DISABLED"
   489    614   #  define CACKEY_DEBUG_FUNC_OBJID_TO_STR(x) "DEBUG_DISABLED"
   490    615   #  define CACKEY_DEBUG_FUNC_APPTYPE_TO_STR(x) "DEBUG_DISABLED"
          616  +#  define CACKEY_DEBUG_FUNC_ATTRIBUTE_TO_STR(x) "DEBUG_DISABLED"
   491    617   #endif
   492    618   
   493    619   struct cackey_pcsc_identity {
   494    620   	unsigned char applet[7];
   495    621   	uint16_t file;
   496    622   
   497    623   	size_t certificate_len;
................................................................................
  3259   3385   		return(NULL);
  3260   3386   	}
  3261   3387   
  3262   3388   	pcsc_identities = cackey_read_certs(slot, NULL, &num_certs);
  3263   3389   	if (pcsc_identities != NULL) {
  3264   3390   		/* Convert number of Certs to number of objects */
  3265   3391   		num_ids = (CKO_PRIVATE_KEY - CKO_CERTIFICATE + 1) * num_certs;
  3266         -		num_ids += num_extra_certs * 2;
         3392  +		num_ids += num_extra_certs * 3;
  3267   3393   
  3268   3394   		identities = malloc(num_ids * sizeof(*identities));
  3269   3395   
  3270   3396   		/* Add certificates, public keys, and private keys from the smartcard */
  3271   3397   		id_idx = 0;
  3272   3398   		for (cert_idx = 0; cert_idx < num_certs; cert_idx++) {
  3273   3399   			for (curr_id_type = CKO_CERTIFICATE; curr_id_type <= CKO_PRIVATE_KEY; curr_id_type++) {
................................................................................
  3285   3411   
  3286   3412   		cackey_free_certs(pcsc_identities, num_certs, 1);
  3287   3413   
  3288   3414   		/* Add DoD Certificates and Netscape Trust Objects */
  3289   3415   		for (cert_idx = 0; cert_idx < num_extra_certs; cert_idx++) {
  3290   3416   			identities[id_idx].pcsc_identity = NULL;
  3291   3417   			identities[id_idx].attributes = cackey_get_attributes(CKO_CERTIFICATE, &extra_certs[cert_idx], 0xf000 | cert_idx, &identities[id_idx].attributes_count);
         3418  +			id_idx++;
  3292   3419   
         3420  +			identities[id_idx].pcsc_identity = NULL;
         3421  +			identities[id_idx].attributes = cackey_get_attributes(CKO_PUBLIC_KEY, &extra_certs[cert_idx], 0xf000 | cert_idx, &identities[id_idx].attributes_count);
  3293   3422   			id_idx++;
  3294         -		}
  3295   3423   
  3296         -		for (cert_idx = 0; cert_idx < num_extra_certs; cert_idx++) {
  3297   3424   			identities[id_idx].pcsc_identity = NULL;
  3298   3425   			identities[id_idx].attributes = cackey_get_attributes(CKO_NETSCAPE_TRUST, &extra_certs[cert_idx], 0xf000 | cert_idx, &identities[id_idx].attributes_count);
  3299         -
  3300   3426   			id_idx++;
  3301   3427   		}
  3302   3428   
  3303   3429   		*ids_found = num_ids;
  3304   3430   		return(identities);
  3305   3431   	}
  3306   3432   
................................................................................
  4910   5036   		matched_count = 0;
  4911   5037   
  4912   5038   		for (curr_attr_idx = 0; curr_attr_idx < cackey_sessions[hSession].search_query_count; curr_attr_idx++) {
  4913   5039   			prev_matched_count = matched_count;
  4914   5040   
  4915   5041   			curr_attr = &cackey_sessions[hSession].search_query[curr_attr_idx];
  4916   5042   
  4917         -			CACKEY_DEBUG_PRINTF("  Checking for attribute 0x%08lx in identity:%i...", (unsigned long) curr_attr->type, (int) curr_id_idx);
         5043  +			CACKEY_DEBUG_PRINTF("  Checking for attribute %s (0x%08lx) in identity:%i...", CACKEY_DEBUG_FUNC_ATTRIBUTE_TO_STR(curr_attr->type), (unsigned long) curr_attr->type, (int) curr_id_idx);
  4918   5044   			CACKEY_DEBUG_PRINTBUF("    Value looking for:", curr_attr->pValue, curr_attr->ulValueLen);
  4919   5045   
  4920   5046   			for (sess_attr_idx = 0; sess_attr_idx < curr_id->attributes_count; sess_attr_idx++) {
  4921   5047   				if (cackey_pkcs11_compare_attributes(&curr_id->attributes[sess_attr_idx], curr_attr)) {
  4922   5048   					matched_count++;
  4923   5049   
  4924   5050   					break;