Overview
| Comment: | Updated to print attribute type as string in lookups
Updated to include public key objects for DoD certificates |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
638b5f52a7db3c548f3be9b32b98255c |
| User & Date: | rkeene on 2012-05-09 16:38:24 |
| Other Links: | manifest | tags |
Context
|
2012-07-19
| ||
| 04:00 | Added first attempt at Win64 build support check-in: 40d223588a user: rkeene tags: trunk | |
|
2012-05-09
| ||
| 16:38 |
Updated to print attribute type as string in lookups
Updated to include public key objects for DoD certificates check-in: 638b5f52a7 user: rkeene tags: trunk | |
| 16:37 | Removed spurious variables check-in: cfd166f381 user: rkeene tags: trunk | |
Changes
Modified cackey.c from [5510d07f5c] to [dce840ec61].
| ︙ | ︙ | |||
469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 |
return("CACKEY_TLV_APP_SKI | CACKEY_TLV_APP_PKI");
case 0x07:
return("CACKEY_TLV_APP_GENERIC | CACKEY_TLV_APP_SKI | CACKEY_TLV_APP_PKI");
}
return("INVALID");
}
# define malloc(x) CACKEY_DEBUG_FUNC_MALLOC(x, __func__, __LINE__)
# define realloc(x, y) CACKEY_DEBUG_FUNC_REALLOC(x, y, __func__, __LINE__)
# ifdef strdup
# undef strdup
# endif
# define strdup(x) CACKEY_DEBUG_FUNC_STRDUP(x, __func__, __LINE__)
#else
# define CACKEY_DEBUG_PRINTF(x...) /**/
# define CACKEY_DEBUG_PRINTBUF(f, x, y) /**/
# define CACKEY_DEBUG_PERROR(x) /**/
# define CACKEY_DEBUG_FUNC_TAG_TO_STR(x) "DEBUG_DISABLED"
# define CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(x) "DEBUG_DISABLED"
# define CACKEY_DEBUG_FUNC_OBJID_TO_STR(x) "DEBUG_DISABLED"
# define CACKEY_DEBUG_FUNC_APPTYPE_TO_STR(x) "DEBUG_DISABLED"
#endif
struct cackey_pcsc_identity {
unsigned char applet[7];
uint16_t file;
size_t certificate_len;
| > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 |
return("CACKEY_TLV_APP_SKI | CACKEY_TLV_APP_PKI");
case 0x07:
return("CACKEY_TLV_APP_GENERIC | CACKEY_TLV_APP_SKI | CACKEY_TLV_APP_PKI");
}
return("INVALID");
}
static const char *CACKEY_DEBUG_FUNC_ATTRIBUTE_TO_STR(CK_ATTRIBUTE_TYPE attr) {
switch (attr) {
case CKA_CLASS:
return("CKA_CLASS");
case CKA_TOKEN:
return("CKA_TOKEN");
case CKA_PRIVATE:
return("CKA_PRIVATE");
case CKA_LABEL:
return("CKA_LABEL");
case CKA_APPLICATION:
return("CKA_APPLICATION");
case CKA_VALUE:
return("CKA_VALUE");
case CKA_OBJECT_ID:
return("CKA_OBJECT_ID");
case CKA_CERTIFICATE_TYPE:
return("CKA_CERTIFICATE_TYPE");
case CKA_ISSUER:
return("CKA_ISSUER");
case CKA_SERIAL_NUMBER:
return("CKA_SERIAL_NUMBER");
case CKA_AC_ISSUER:
return("CKA_AC_ISSUER");
case CKA_OWNER:
return("CKA_OWNER");
case CKA_ATTR_TYPES:
return("CKA_ATTR_TYPES");
case CKA_TRUSTED:
return("CKA_TRUSTED");
case CKA_KEY_TYPE:
return("CKA_KEY_TYPE");
case CKA_SUBJECT:
return("CKA_SUBJECT");
case CKA_ID:
return("CKA_ID");
case CKA_SENSITIVE:
return("CKA_SENSITIVE");
case CKA_ENCRYPT:
return("CKA_ENCRYPT");
case CKA_DECRYPT:
return("CKA_DECRYPT");
case CKA_WRAP:
return("CKA_WRAP");
case CKA_UNWRAP:
return("CKA_UNWRAP");
case CKA_SIGN:
return("CKA_SIGN");
case CKA_SIGN_RECOVER:
return("CKA_SIGN_RECOVER");
case CKA_VERIFY:
return("CKA_VERIFY");
case CKA_VERIFY_RECOVER:
return("CKA_VERIFY_RECOVER");
case CKA_DERIVE:
return("CKA_DERIVE");
case CKA_START_DATE:
return("CKA_START_DATE");
case CKA_END_DATE:
return("CKA_END_DATE");
case CKA_MODULUS:
return("CKA_MODULUS");
case CKA_MODULUS_BITS:
return("CKA_MODULUS_BITS");
case CKA_PUBLIC_EXPONENT:
return("CKA_PUBLIC_EXPONENT");
case CKA_PRIVATE_EXPONENT:
return("CKA_PRIVATE_EXPONENT");
case CKA_PRIME_1:
return("CKA_PRIME_1");
case CKA_PRIME_2:
return("CKA_PRIME_2");
case CKA_EXPONENT_1:
return("CKA_EXPONENT_1");
case CKA_EXPONENT_2:
return("CKA_EXPONENT_2");
case CKA_COEFFICIENT:
return("CKA_COEFFICIENT");
case CKA_PRIME:
return("CKA_PRIME");
case CKA_SUBPRIME:
return("CKA_SUBPRIME");
case CKA_BASE:
return("CKA_BASE");
case CKA_PRIME_BITS:
return("CKA_PRIME_BITS");
case CKA_SUB_PRIME_BITS:
return("CKA_SUB_PRIME_BITS");
case CKA_VALUE_BITS:
return("CKA_VALUE_BITS");
case CKA_VALUE_LEN:
return("CKA_VALUE_LEN");
case CKA_EXTRACTABLE:
return("CKA_EXTRACTABLE");
case CKA_LOCAL:
return("CKA_LOCAL");
case CKA_NEVER_EXTRACTABLE:
return("CKA_NEVER_EXTRACTABLE");
case CKA_ALWAYS_SENSITIVE:
return("CKA_ALWAYS_SENSITIVE");
case CKA_KEY_GEN_MECHANISM:
return("CKA_KEY_GEN_MECHANISM");
case CKA_MODIFIABLE:
return("CKA_MODIFIABLE");
case CKA_ECDSA_PARAMS:
return("CKA_ECDSA_PARAMS");
case CKA_EC_POINT:
return("CKA_EC_POINT");
case CKA_SECONDARY_AUTH:
return("CKA_SECONDARY_AUTH");
case CKA_AUTH_PIN_FLAGS:
return("CKA_AUTH_PIN_FLAGS");
case CKA_HW_FEATURE_TYPE:
return("CKA_HW_FEATURE_TYPE");
case CKA_RESET_ON_INIT:
return("CKA_RESET_ON_INIT");
case CKA_HAS_RESET:
return("CKA_HAS_RESET");
case CKA_VENDOR_DEFINED:
return("CKA_VENDOR_DEFINED");
}
return("UNKNOWN");
}
# define malloc(x) CACKEY_DEBUG_FUNC_MALLOC(x, __func__, __LINE__)
# define realloc(x, y) CACKEY_DEBUG_FUNC_REALLOC(x, y, __func__, __LINE__)
# ifdef strdup
# undef strdup
# endif
# define strdup(x) CACKEY_DEBUG_FUNC_STRDUP(x, __func__, __LINE__)
#else
# define CACKEY_DEBUG_PRINTF(x...) /**/
# define CACKEY_DEBUG_PRINTBUF(f, x, y) /**/
# define CACKEY_DEBUG_PERROR(x) /**/
# define CACKEY_DEBUG_FUNC_TAG_TO_STR(x) "DEBUG_DISABLED"
# define CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(x) "DEBUG_DISABLED"
# define CACKEY_DEBUG_FUNC_OBJID_TO_STR(x) "DEBUG_DISABLED"
# define CACKEY_DEBUG_FUNC_APPTYPE_TO_STR(x) "DEBUG_DISABLED"
# define CACKEY_DEBUG_FUNC_ATTRIBUTE_TO_STR(x) "DEBUG_DISABLED"
#endif
struct cackey_pcsc_identity {
unsigned char applet[7];
uint16_t file;
size_t certificate_len;
|
| ︙ | ︙ | |||
3259 3260 3261 3262 3263 3264 3265 |
return(NULL);
}
pcsc_identities = cackey_read_certs(slot, NULL, &num_certs);
if (pcsc_identities != NULL) {
/* Convert number of Certs to number of objects */
num_ids = (CKO_PRIVATE_KEY - CKO_CERTIFICATE + 1) * num_certs;
| | | 3385 3386 3387 3388 3389 3390 3391 3392 3393 3394 3395 3396 3397 3398 3399 |
return(NULL);
}
pcsc_identities = cackey_read_certs(slot, NULL, &num_certs);
if (pcsc_identities != NULL) {
/* Convert number of Certs to number of objects */
num_ids = (CKO_PRIVATE_KEY - CKO_CERTIFICATE + 1) * num_certs;
num_ids += num_extra_certs * 3;
identities = malloc(num_ids * sizeof(*identities));
/* Add certificates, public keys, and private keys from the smartcard */
id_idx = 0;
for (cert_idx = 0; cert_idx < num_certs; cert_idx++) {
for (curr_id_type = CKO_CERTIFICATE; curr_id_type <= CKO_PRIVATE_KEY; curr_id_type++) {
|
| ︙ | ︙ | |||
3285 3286 3287 3288 3289 3290 3291 3292 3293 |
cackey_free_certs(pcsc_identities, num_certs, 1);
/* Add DoD Certificates and Netscape Trust Objects */
for (cert_idx = 0; cert_idx < num_extra_certs; cert_idx++) {
identities[id_idx].pcsc_identity = NULL;
identities[id_idx].attributes = cackey_get_attributes(CKO_CERTIFICATE, &extra_certs[cert_idx], 0xf000 | cert_idx, &identities[id_idx].attributes_count);
id_idx++;
| > > > | < < < | 3411 3412 3413 3414 3415 3416 3417 3418 3419 3420 3421 3422 3423 3424 3425 3426 3427 3428 3429 3430 3431 3432 |
cackey_free_certs(pcsc_identities, num_certs, 1);
/* Add DoD Certificates and Netscape Trust Objects */
for (cert_idx = 0; cert_idx < num_extra_certs; cert_idx++) {
identities[id_idx].pcsc_identity = NULL;
identities[id_idx].attributes = cackey_get_attributes(CKO_CERTIFICATE, &extra_certs[cert_idx], 0xf000 | cert_idx, &identities[id_idx].attributes_count);
id_idx++;
identities[id_idx].pcsc_identity = NULL;
identities[id_idx].attributes = cackey_get_attributes(CKO_PUBLIC_KEY, &extra_certs[cert_idx], 0xf000 | cert_idx, &identities[id_idx].attributes_count);
id_idx++;
identities[id_idx].pcsc_identity = NULL;
identities[id_idx].attributes = cackey_get_attributes(CKO_NETSCAPE_TRUST, &extra_certs[cert_idx], 0xf000 | cert_idx, &identities[id_idx].attributes_count);
id_idx++;
}
*ids_found = num_ids;
return(identities);
}
|
| ︙ | ︙ | |||
4910 4911 4912 4913 4914 4915 4916 |
matched_count = 0;
for (curr_attr_idx = 0; curr_attr_idx < cackey_sessions[hSession].search_query_count; curr_attr_idx++) {
prev_matched_count = matched_count;
curr_attr = &cackey_sessions[hSession].search_query[curr_attr_idx];
| | | 5036 5037 5038 5039 5040 5041 5042 5043 5044 5045 5046 5047 5048 5049 5050 |
matched_count = 0;
for (curr_attr_idx = 0; curr_attr_idx < cackey_sessions[hSession].search_query_count; curr_attr_idx++) {
prev_matched_count = matched_count;
curr_attr = &cackey_sessions[hSession].search_query[curr_attr_idx];
CACKEY_DEBUG_PRINTF(" Checking for attribute %s (0x%08lx) in identity:%i...", CACKEY_DEBUG_FUNC_ATTRIBUTE_TO_STR(curr_attr->type), (unsigned long) curr_attr->type, (int) curr_id_idx);
CACKEY_DEBUG_PRINTBUF(" Value looking for:", curr_attr->pValue, curr_attr->ulValueLen);
for (sess_attr_idx = 0; sess_attr_idx < curr_id->attributes_count; sess_attr_idx++) {
if (cackey_pkcs11_compare_attributes(&curr_id->attributes[sess_attr_idx], curr_attr)) {
matched_count++;
break;
|
| ︙ | ︙ |