Differences From Artifact [f34f4e9e63]:
- File cackey.c — part of check-in [074f157a6a] at 2010-05-04 19:04:53 on branch trunk — Copied SSH Agent PKCS11 Provider to CACKey for use as a base (user: rkeene, size: 85897) [annotate] [blame] [check-ins using]
To Artifact [efb7accc6b]:
- File
cackey.c
— part of check-in
[40726d3b6c]
at
2010-05-11 16:49:46
on branch trunk
— Removed unused variables
Began work towards talking to the smartcard through PC/SC
Began work on a GSC-IS v2.1 SPM implementation (user: rkeene, size: 87521) [annotate] [blame] [check-ins using]
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | #ifdef HAVE_CONFIG_H #include "config.h" #endif #ifdef HAVE_PCSCLITE_H # include <pcsclite.h> #endif #ifdef HAVE_STDINT_H # include <stdint.h> #endif #ifdef HAVE_INTTYPES_H # include <inttypes.h> #endif #ifdef HAVE_STDLIB_H | > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | #ifdef HAVE_CONFIG_H #include "config.h" #endif #ifdef HAVE_PCSCLITE_H # include <pcsclite.h> #endif #ifdef HAVE_WINSCARD_H # include <winscard.h> #endif #ifdef HAVE_STDINT_H # include <stdint.h> #endif #ifdef HAVE_INTTYPES_H # include <inttypes.h> #endif #ifdef HAVE_STDLIB_H |
| ︙ | ︙ | |||
127 128 129 130 131 132 133 134 | int decrypt_active; CK_MECHANISM_TYPE decrypt_mechanism; CK_VOID_PTR decrypt_mech_parm; CK_ULONG decrypt_mech_parmlen; }; static void *cackey_biglock = NULL; | > | > > > | 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 |
int decrypt_active;
CK_MECHANISM_TYPE decrypt_mechanism;
CK_VOID_PTR decrypt_mech_parm;
CK_ULONG decrypt_mech_parmlen;
};
/* CACKEY Global Handles */
static void *cackey_biglock = NULL;
static struct cackey_session cackey_sessions[128];
static int cackey_initialized = 0;
static int cackey_biglock_init = 0;
CK_C_INITIALIZE_ARGS cackey_args;
/* PCSC Global Handles */
static LPSCARDCONTEXT cackey_pcsc_handle = NULL;
static unsigned long cackey_getversion(void) {
static unsigned long retval = 255;
unsigned long major = 0;
unsigned long minor = 0;
char *major_str = NULL;
char *minor_str = NULL;
|
| ︙ | ︙ | |||
167 168 169 170 171 172 173 174 175 176 177 178 179 180 |
retval = (major << 16) | (minor << 8);
#endif
CACKEY_DEBUG_PRINTF("Returning 0x%lx", retval);
return(retval);
}
/* Returns 0 on success */
static int cackey_mutex_create(void **mutex) {
pthread_mutex_t *pthread_mutex;
int pthread_retval;
CK_RV custom_retval;
| > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 |
retval = (major << 16) | (minor << 8);
#endif
CACKEY_DEBUG_PRINTF("Returning 0x%lx", retval);
return(retval);
}
/* APDU Related Functions */
static int cackey_send_apdu(unsigned char class, unsigned char instruction, unsigned char p1, unsigned char p2, unsigned char lc, unsigned char *data, unsigned char *resp, unsigned char resplen) {
LONG scard_est_context_ret;
#ifdef HAVE_SCARDISVALIDCONTEXT
LONG scard_isvalid_ret;
#endif
CACKEY_DEBUG_PRINTF("Called.");
if (cackey_pcsc_handle == NULL) {
cackey_pcsc_handle = malloc(sizeof(*cackey_pcsc_handle));
if (cackey_pcsc_handle == NULL) {
CACKEY_DEBUG_PRINTF("Call to malloc() failed, returning in failure");
return(-1);
}
scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, cackey_pcsc_handle);
if (scard_est_context_ret != SCARD_S_SUCCESS) {
CACKEY_DEBUG_PRINTF("Call to SCardEstablishContext failed (returned %li), returning in failure", (long) scard_est_context_ret);
free(cackey_pcsc_handle);
return(-1);
}
}
#ifdef HAVE_SCARDISVALIDCONTEXT
scard_isvalid_ret = SCardIsValidContext(*cackey_pcsc_handle);
if (scard_isvalid_ret != SCARD_S_SUCCESS) {
CACKEY_DEBUG_PRINTF("Handle has become invalid, trying to re-establish...");
scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, cackey_pcsc_handle);
if (scard_est_context_ret != SCARD_S_SUCCESS) {
CACKEY_DEBUG_PRINTF("Call to SCardEstablishContext failed (returned %li), returning in failure", (long) scard_est_context_ret);
free(cackey_pcsc_handle);
return(-1);
}
CACKEY_DEBUG_PRINTF("Handle has been re-established");
}
#endif
/* Connect to a reader, if needed */
/* Transmit */
}
/* Returns 0 on success */
static int cackey_mutex_create(void **mutex) {
pthread_mutex_t *pthread_mutex;
int pthread_retval;
CK_RV custom_retval;
|
| ︙ | ︙ | |||
290 291 292 293 294 295 296 | CK_VOID_PTR pValue; CK_ULONG ulValueLen; CK_OBJECT_CLASS ck_object_class; CK_CERTIFICATE_TYPE ck_certificate_type; CK_KEY_TYPE ck_key_type; CK_UTF8CHAR ucTmpBuf[1024]; unsigned char certificate[16384]; | | < | 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 |
CK_VOID_PTR pValue;
CK_ULONG ulValueLen;
CK_OBJECT_CLASS ck_object_class;
CK_CERTIFICATE_TYPE ck_certificate_type;
CK_KEY_TYPE ck_key_type;
CK_UTF8CHAR ucTmpBuf[1024];
unsigned char certificate[16384];
ssize_t certificate_len = -1, x509_read_ret;
int pValue_free;
CACKEY_DEBUG_PRINTF("Called (objectClass = %lu, identity_num = %lu).", (unsigned long) objectclass, identity_num);
if (objectclass != CKO_CERTIFICATE && objectclass != CKO_PUBLIC_KEY && objectclass != CKO_PRIVATE_KEY) {
CACKEY_DEBUG_PRINTF("Returning 0 objects (NULL), invalid object class");
|
| ︙ | ︙ | |||
695 696 697 698 699 700 701 |
CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);
return(CKR_OK);
}
CK_DEFINE_FUNCTION(CK_RV, C_GetInfo)(CK_INFO_PTR pInfo) {
static CK_UTF8CHAR manufacturerID[] = "U.S. Government";
| | | 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 |
CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);
return(CKR_OK);
}
CK_DEFINE_FUNCTION(CK_RV, C_GetInfo)(CK_INFO_PTR pInfo) {
static CK_UTF8CHAR manufacturerID[] = "U.S. Government";
static CK_UTF8CHAR libraryDescription[] = "CACKey";
CACKEY_DEBUG_PRINTF("Called.");
if (pInfo == NULL) {
CACKEY_DEBUG_PRINTF("Error. pInfo is NULL.");
return(CKR_ARGUMENTS_BAD);
|
| ︙ | ︙ | |||
733 734 735 736 737 738 739 |
return(CKR_OK);
}
/* We only support 1 slot. If the slot exists, the token exists. */
CK_DEFINE_FUNCTION(CK_RV, C_GetSlotList)(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) {
CK_ULONG count, slot_present = 0, currslot;
| < | 789 790 791 792 793 794 795 796 797 798 799 800 801 802 |
return(CKR_OK);
}
/* We only support 1 slot. If the slot exists, the token exists. */
CK_DEFINE_FUNCTION(CK_RV, C_GetSlotList)(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) {
CK_ULONG count, slot_present = 0, currslot;
CACKEY_DEBUG_PRINTF("Called.");
if (pulCount == NULL) {
CACKEY_DEBUG_PRINTF("Error. pulCount is NULL.");
return(CKR_ARGUMENTS_BAD);
|
| ︙ | ︙ | |||
781 782 783 784 785 786 787 |
return(CKR_OK);
tokenPresent = tokenPresent; /* Supress unused variable warning */
}
CK_DEFINE_FUNCTION(CK_RV, C_GetSlotInfo)(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
static CK_UTF8CHAR manufacturerID[] = "U.S. Government";
| | | 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 |
return(CKR_OK);
tokenPresent = tokenPresent; /* Supress unused variable warning */
}
CK_DEFINE_FUNCTION(CK_RV, C_GetSlotInfo)(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) {
static CK_UTF8CHAR manufacturerID[] = "U.S. Government";
static CK_UTF8CHAR slotDescription[] = "CACKey Slot";
CACKEY_DEBUG_PRINTF("Called.");
if (pInfo == NULL) {
CACKEY_DEBUG_PRINTF("Error. pInfo is NULL.");
return(CKR_ARGUMENTS_BAD);
|
| ︙ | ︙ | |||
826 827 828 829 830 831 832 |
return(CKR_OK);
}
CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo)(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo) {
static CK_UTF8CHAR manufacturerID[] = "U.S. Government";
static CK_UTF8CHAR defaultLabel[] = "Unknown Token";
| | < | 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 |
return(CKR_OK);
}
CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo)(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo) {
static CK_UTF8CHAR manufacturerID[] = "U.S. Government";
static CK_UTF8CHAR defaultLabel[] = "Unknown Token";
static CK_UTF8CHAR model[] = "CAC Token";
CACKEY_DEBUG_PRINTF("Called.");
if (pInfo == NULL) {
CACKEY_DEBUG_PRINTF("Error. pInfo is NULL.");
return(CKR_ARGUMENTS_BAD);
|
| ︙ | ︙ | |||
852 853 854 855 856 857 858 |
CACKEY_DEBUG_PRINTF("Error. Not initialized.");
return(CKR_CRYPTOKI_NOT_INITIALIZED);
}
/* XXX: Verify connection is valid */
if (0) {
| | | 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 |
CACKEY_DEBUG_PRINTF("Error. Not initialized.");
return(CKR_CRYPTOKI_NOT_INITIALIZED);
}
/* XXX: Verify connection is valid */
if (0) {
CACKEY_DEBUG_PRINTF("Error. Tried to connect to slot, but failed.");
return(CKR_SLOT_ID_INVALID);
}
/* XXX: Get list of identities */
if (0) {
CACKEY_DEBUG_PRINTF("Error. No identities found in slot.");
|
| ︙ | ︙ | |||
1055 1056 1057 1058 1059 1060 1061 |
CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED);
return(CKR_FUNCTION_NOT_SUPPORTED);
}
CK_DEFINE_FUNCTION(CK_RV, C_OpenSession)(CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication, CK_NOTIFY notify, CK_SESSION_HANDLE_PTR phSession) {
struct cackey_identity *identities;
| | < | 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 |
CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED);
return(CKR_FUNCTION_NOT_SUPPORTED);
}
CK_DEFINE_FUNCTION(CK_RV, C_OpenSession)(CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication, CK_NOTIFY notify, CK_SESSION_HANDLE_PTR phSession) {
struct cackey_identity *identities;
unsigned long idx, num_ids, id_idx, curr_id_type;
CK_BYTE sigbuf[1024];
ssize_t sigbuflen;
int mutex_retval;
int found_session = 0;
CACKEY_DEBUG_PRINTF("Called.");
if (slotID != 0) {
/* We only support one slot -- slot 0 */
CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), only one slot available: 0", slotID);
|
| ︙ | ︙ | |||
2124 2125 2126 2127 2128 2129 2130 |
}
CK_DEFINE_FUNCTION(CK_RV, C_DecryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) {
static CK_BYTE buf[16384];
ssize_t buflen;
CK_RV retval = CKR_GENERAL_ERROR;
int mutex_retval;
| < | 2177 2178 2179 2180 2181 2182 2183 2184 2185 2186 2187 2188 2189 2190 |
}
CK_DEFINE_FUNCTION(CK_RV, C_DecryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) {
static CK_BYTE buf[16384];
ssize_t buflen;
CK_RV retval = CKR_GENERAL_ERROR;
int mutex_retval;
CACKEY_DEBUG_PRINTF("Called.");
if (!cackey_initialized) {
CACKEY_DEBUG_PRINTF("Error. Not initialized.");
return(CKR_CRYPTOKI_NOT_INITIALIZED);
|
| ︙ | ︙ | |||
2577 2578 2579 2580 2581 2582 2583 |
CK_DEFINE_FUNCTION(CK_RV, C_SignFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) {
static CK_BYTE sigbuf[1024];
ssize_t sigbuflen;
CK_RV retval = CKR_GENERAL_ERROR;
int terminate_sign = 1;
int mutex_retval;
| < | 2629 2630 2631 2632 2633 2634 2635 2636 2637 2638 2639 2640 2641 2642 |
CK_DEFINE_FUNCTION(CK_RV, C_SignFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) {
static CK_BYTE sigbuf[1024];
ssize_t sigbuflen;
CK_RV retval = CKR_GENERAL_ERROR;
int terminate_sign = 1;
int mutex_retval;
CACKEY_DEBUG_PRINTF("Called.");
if (!cackey_initialized) {
CACKEY_DEBUG_PRINTF("Error. Not initialized.");
return(CKR_CRYPTOKI_NOT_INITIALIZED);
|
| ︙ | ︙ |