DELETED HEADER Index: HEADER ================================================================== --- HEADER +++ /dev/null @@ -1,12 +0,0 @@ - CACKey @@VERS@@ - -Release information: - pkg: CACKey version @@VERS@@ - date: @@DATE@@ - author: US Army Corps of Engineers -contact: Roy Keene - US Army Corps of Engineers - Information Technology Laboratory - Vicksburg, MS 39180 --------------------------------------------------------------------------- - DELETED LICENSE Index: LICENSE ================================================================== --- LICENSE +++ /dev/null @@ -1,17 +0,0 @@ -The following files in this directory are the intellectual property of the -Free Software Foundation and are licensed under the terms of the GNU General -Public License (GPL): - config.guess, config.sub, install-sh - -The files in this directory and the "leakcheck" directory are the intellectual -property of the United States Government. It is not clear which, if any, -license is made on them. In addition, as of 07-JUN-2010 they have not be -cleared for public release. - -The files in the "pkcs11/" directory are licensed under the terms of the -following licenses: - mypkcs11.h : GNU General Public License 2.1. - pkcs11.h : GNU General Public License 2.1. - pkcs11f.h : GNU General Public License 2.1. - pkcs11n.h : Mozilla Public License or GNU General Public License - pkcs11t.h : GNU General Public License 2.1. DELETED Makefile.in Index: Makefile.in ================================================================== --- Makefile.in +++ /dev/null @@ -1,68 +0,0 @@ -CC = @PTHREAD_CC@ -CFLAGS = @CFLAGS@ @PTHREAD_CFLAGS@ -DEBUGCFLAGS = @CFLAGS@ @PTHREAD_CFLAGS@ -DCACKEY_DEBUG=1 -CPPFLAGS = @CPPFLAGS@ @DEFS@ -I./pkcs11/ -DEBUGCPPFLAGS = @CPPFLAGS@ -DCACKEY_DEBUG=1 -I./pkcs11/ @DEFS@ -LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ @PTHREAD_LIBS@ -SHOBJFLAGS = @SHOBJFLAGS@ -SHOBJLDFLAGS = @SHOBJLDFLAGS@ -AR = @AR@ -RANLIB = @RANLIB@ -STRIP = @STRIP@ -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -@SET_MAKE@ - -all: - $(MAKE) libcackey.@SHOBJEXT@ - -$(MAKE) libcackey_g.@SHOBJEXT@ - -cackey.o: cackey.c asn1-x509.h config.h - $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) -o cackey.o -c cackey.c - -cackey_g.o: cackey.c asn1-x509.h config.h - $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) -o cackey_g.o -c cackey.c - -asn1-x509.o: asn1-x509.c asn1-x509.h config.h - $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) -o asn1-x509.o -c asn1-x509.c - -asn1-x509_g.o: asn1-x509.c asn1-x509.h config.h - $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) -o asn1-x509_g.o -c asn1-x509.c - -libcackey.@SHOBJEXT@: cackey.o asn1-x509.o - $(CC) $(SHOBJFLAGS) $(CPPFLAGS) $(CFLAGS) $(SHOBJLDFLAGS) $(LDFLAGS) -o libcackey.@SHOBJEXT@ cackey.o asn1-x509.o $(LIBS) - -$(STRIP) -x "libcackey.@SHOBJEXT@" - -libcackey_g.@SHOBJEXT@: cackey_g.o asn1-x509_g.o - $(CC) $(SHOBJFLAGS) $(DEBUGCPPFLAGS) $(DEBUGCFLAGS) $(SHOBJLDFLAGS) $(LDFLAGS) -o libcackey_g.@SHOBJEXT@ cackey_g.o asn1-x509_g.o $(LIBS) - -test: test.c libcackey_g.@SHOBJEXT@ - $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o test test.c -Wl,-R,. libcackey_g.@SHOBJEXT@ - -splint-cackey.txt: cackey.c asn1-x509.c asn1-x509.h config.h - splint $(DEBUGCPPFLAGS) -DCACKEY_PARANOID=1 -weak +posixlib -I/usr/include/PCSC -Ipkcs11 cackey.c > splint-cackey.txt - -install: libcackey.@SHOBJEXT@ - -mkdir -p "$(DESTDIR)$(libdir)" - rm -f "$(DESTDIR)$(libdir)/libcackey.@SHOBJEXT@" - rm -f "$(DESTDIR)$(libdir)/libcackey_g.@SHOBJEXT@" - cp "libcackey.@SHOBJEXT@" "$(DESTDIR)$(libdir)/" - -cp "libcackey_g.@SHOBJEXT@" "$(DESTDIR)$(libdir)/" - -clean: - rm -f libcackey.@SHOBJEXT@ libcackey_g.@SHOBJEXT@ - rm -f libcackey.@SHOBJEXT@.def libcackey_g.@SHOBJEXT@.def - rm -f libcackey.@SHOBJEXT@.a libcackey_g.@SHOBJEXT@.a - rm -f cackey.o asn1-x509.o cackey_g.o asn1-x509_g.o - rm -f test - rm -f splint-cackey.txt - -distclean: clean - rm -f config.log config.status config.h Makefile - -mrproper: distclean - rm -f configure config.h.in aclocal.m4 *~ - -.PHONY: all clean distclean mrproper install DELETED README.txt Index: README.txt ================================================================== --- README.txt +++ /dev/null @@ -1,31 +0,0 @@ -Description: - CACKey provides a standard interface (PKCS#11) for smartcards connected - to a PC/SC compliant reader. It performs a similar function to - "CoolKey", but only supports Government Smartcards. It supports all - Government Smartcards that implement the Government Smartcard - Interoperability Specification (GSC-IS) v2.1 or newer. - -Compiling: - $ ./configure - $ make - # make install - - This will install two libraries (libcackey.so, and libcackey_g.so) into - "/usr/local/lib". - -Usage: - The libraries "libcackey.so" and "libcackey_g.so" are RSA PKCS#11 - Providers. They are meant to be linked into any application that - requires a PKCS#11 provider. - - The library "libcackey.so" is meant for general purpose use. - - The library "libcackey_g.so" is for debugging purposes. It has - debugging symbols compiled in and generates debugging information on - stderr. - -Testing: - $ make test - $ ./test - - or - - $ ./test 2>cackey_debug.log DELETED aclocal/Makefile Index: aclocal/Makefile ================================================================== --- aclocal/Makefile +++ /dev/null @@ -1,2 +0,0 @@ -../aclocal.m4: acx_pthread.m4 dc_shobjs.m4 dc_pcsc.m4 dc_versionscript.m4 - cat $^ > "$@" DELETED aclocal/acx_pthread.m4 Index: aclocal/acx_pthread.m4 ================================================================== --- aclocal/acx_pthread.m4 +++ /dev/null @@ -1,190 +0,0 @@ -dnl Available from the GNU Autoconf Macro Archive at: -dnl http://www.gnu.org/software/ac-archive/htmldoc/acx_pthread.html -dnl -AC_DEFUN([ACX_PTHREAD], [ -AC_REQUIRE([AC_CANONICAL_HOST]) -AC_LANG_SAVE -AC_LANG_C -acx_pthread_ok=no - -# We used to check for pthread.h first, but this fails if pthread.h -# requires special compiler flags (e.g. on True64 or Sequent). -# It gets checked for in the link test anyway. - -# First of all, check if the user has set any of the PTHREAD_LIBS, -# etcetera environment variables, and if threads linking works using -# them: -if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $PTHREAD_CFLAGS" - save_LIBS="$LIBS" - LIBS="$PTHREAD_LIBS $LIBS" - AC_MSG_CHECKING([for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS]) - AC_TRY_LINK_FUNC(pthread_join, acx_pthread_ok=yes) - AC_MSG_RESULT($acx_pthread_ok) - if test x"$acx_pthread_ok" = xno; then - PTHREAD_LIBS="" - PTHREAD_CFLAGS="" - fi - LIBS="$save_LIBS" - CFLAGS="$save_CFLAGS" -fi - -# We must check for the threads library under a number of different -# names; the ordering is very important because some systems -# (e.g. DEC) have both -lpthread and -lpthreads, where one of the -# libraries is broken (non-POSIX). - -# Create a list of thread flags to try. Items starting with a "-" are -# C compiler flags, and other items are library names, except for "none" -# which indicates that we try without any flags at all. - -acx_pthread_flags="pthreads none -Kthread -kthread lthread pthread -pthread -pthreads -mthreads --thread-safe -mt" - -# The ordering *is* (sometimes) important. Some notes on the -# individual items follow: - -# pthreads: AIX (must check this before -lpthread) -# none: in case threads are in libc; should be tried before -Kthread and -# other compiler flags to prevent continual compiler warnings -# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) -# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) -# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) -# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) -# -pthreads: Solaris/gcc -# -mthreads: Mingw32/gcc, Lynx/gcc -# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it -# doesn't hurt to check since this sometimes defines pthreads too; -# also defines -D_REENTRANT) -# pthread: Linux, etcetera -# --thread-safe: KAI C++ - -case "${host_cpu}-${host_os}" in - *solaris*) - - # On Solaris (at least, for some versions), libc contains stubbed - # (non-functional) versions of the pthreads routines, so link-based - # tests will erroneously succeed. (We need to link with -pthread or - # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather - # a function called by this macro, so we could check for that, but - # who knows whether they'll stub that too in a future libc.) So, - # we'll just look for -pthreads and -lpthread first: - - acx_pthread_flags="-pthread -pthreads pthread -mt $acx_pthread_flags" - ;; -esac - -if test x"$acx_pthread_ok" = xno; then -for flag in $acx_pthread_flags; do - - case $flag in - none) - AC_MSG_CHECKING([whether pthreads work without any flags]) - ;; - - -*) - AC_MSG_CHECKING([whether pthreads work with $flag]) - PTHREAD_CFLAGS="$flag" - ;; - - *) - AC_MSG_CHECKING([for the pthreads library -l$flag]) - PTHREAD_LIBS="-l$flag" - ;; - esac - - save_LIBS="$LIBS" - save_CFLAGS="$CFLAGS" - LIBS="$PTHREAD_LIBS $LIBS" - CFLAGS="$CFLAGS $PTHREAD_CFLAGS" - - # Check for various functions. We must include pthread.h, - # since some functions may be macros. (On the Sequent, we - # need a special flag -Kthread to make this header compile.) - # We check for pthread_join because it is in -lpthread on IRIX - # while pthread_create is in libc. We check for pthread_attr_init - # due to DEC craziness with -lpthreads. We check for - # pthread_cleanup_push because it is one of the few pthread - # functions on Solaris that doesn't have a non-functional libc stub. - # We try pthread_create on general principles. - AC_TRY_LINK([#include ], - [pthread_t th; pthread_join(th, 0); - pthread_attr_init(0); pthread_cleanup_push(0, 0); - pthread_create(0,0,0,0); pthread_cleanup_pop(0); ], - [acx_pthread_ok=yes]) - - LIBS="$save_LIBS" - CFLAGS="$save_CFLAGS" - - AC_MSG_RESULT($acx_pthread_ok) - if test "x$acx_pthread_ok" = xyes; then - break; - fi - - PTHREAD_LIBS="" - PTHREAD_CFLAGS="" -done -fi - -# Various other checks: -if test "x$acx_pthread_ok" = xyes; then - save_LIBS="$LIBS" - LIBS="$PTHREAD_LIBS $LIBS" - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $PTHREAD_CFLAGS" - - # Detect AIX lossage: threads are created detached by default - # and the JOINABLE attribute has a nonstandard name (UNDETACHED). - AC_MSG_CHECKING([for joinable pthread attribute]) - AC_TRY_LINK([#include ], - [int attr=PTHREAD_CREATE_JOINABLE;], - ok=PTHREAD_CREATE_JOINABLE, ok=unknown) - if test x"$ok" = xunknown; then - AC_TRY_LINK([#include ], - [int attr=PTHREAD_CREATE_UNDETACHED;], - ok=PTHREAD_CREATE_UNDETACHED, ok=unknown) - fi - if test x"$ok" != xPTHREAD_CREATE_JOINABLE; then - AC_DEFINE(PTHREAD_CREATE_JOINABLE, $ok, - [Define to the necessary symbol if this constant - uses a non-standard name on your system.]) - fi - AC_MSG_RESULT(${ok}) - if test x"$ok" = xunknown; then - AC_MSG_WARN([we do not know how to create joinable pthreads]) - fi - - AC_MSG_CHECKING([if more special flags are required for pthreads]) - flag=no - case "${host_cpu}-${host_os}" in - *-aix* | *-freebsd*) flag="-D_THREAD_SAFE";; - *solaris* | *-osf* | *-hpux*) flag="-D_REENTRANT";; - esac - AC_MSG_RESULT(${flag}) - if test "x$flag" != xno; then - PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" - fi - - LIBS="$save_LIBS" - CFLAGS="$save_CFLAGS" - - # More AIX lossage: must compile with cc_r - AC_CHECK_PROG(PTHREAD_CC, cc_r, cc_r, ${CC}) -else - PTHREAD_CC="$CC" -fi - -AC_SUBST(PTHREAD_LIBS) -AC_SUBST(PTHREAD_CFLAGS) -AC_SUBST(PTHREAD_CC) - -# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: -if test x"$acx_pthread_ok" = xyes; then - ifelse([$1],,AC_DEFINE(HAVE_PTHREAD,1,[Define if you have POSIX threads libraries and header files.]),[$1]) - : -else - acx_pthread_ok=no - $2 -fi -AC_LANG_RESTORE -])dnl ACX_PTHREAD DELETED aclocal/dc_pcsc.m4 Index: aclocal/dc_pcsc.m4 ================================================================== --- aclocal/dc_pcsc.m4 +++ /dev/null @@ -1,146 +0,0 @@ -AC_DEFUN(DC_PCSC_HEADERS, [ - AC_ARG_WITH(pcsc-headers, AC_HELP_STRING([--with-pcsc-headers=], [Specify a path to look for PC/SC Headers]), [ - manualheaders="${withval}" - ], [ - manualheaders="no" - ]) - - if test "${manualheaders}" != "no"; then - CFLAGS="${CFLAGS} -I${manualheaders}" - CPPFLAGS="${CPPFLAGS} -I${manualheaders}" - - AC_CHECK_HEADER(wintypes.h, [ - AC_DEFINE(HAVE_WINTYPES_H, [1], [Define if you have the PCSC-Lite header file (you should)]) - ]) - - AC_CHECK_HEADER(pcsclite.h, [ - AC_DEFINE(HAVE_PCSCLITE_H, [1], [Define if you have the PCSC-Lite header file (you should)]) - ]) - - AC_CHECK_HEADER(winscard.h, [ - AC_DEFINE(HAVE_WINSCARD_H, [1], [Define if you have the PCSC-Lite header file (you should)]) - ]) - else - DC_PCSC_HEADERS_SEARCH - fi -]) - -AC_DEFUN(DC_PCSC_HEADERS_SEARCH, [ - SAVE_CFLAGS="${CFLAGS}" - SAVE_CPPFLAGS="${CPPFLAGS}" - ADD_CFLAGS="" - ADD_CPPFLAGS="" - - found_pcsclite=0 - found_winscard=0 - found_wintypes=0 - - for headerpath in /usr/include /usr/local/include /usr/cac/include /Developer/SDKs/*/System/Library/Frameworks/PCSC.framework/Versions/A/Headers; do - for subdir in smartcard PCSC pcsc pcsclite ""; do - headerdir="${headerpath}/${subdir}" - CFLAGS="${SAVE_CFLAGS} -I${headerdir}" - CPPFLAGS="${SAVE_CPPFLAGS} -I${headerdir}" - - unset ac_cv_header_pcsclite_h - unset ac_cv_header_winscard_h - unset ac_cv_header_wintypes_h - - just_found_pcsclite=0 - just_found_winscard=0 - just_found_wintypes=0 - - AC_CHECK_HEADER(wintypes.h, [ - AC_DEFINE(HAVE_WINTYPES_H, [1], [Define if you have the PCSC-Lite header file (you should)]) - - found_wintypes=1 - just_found_wintypes=1 - ]) - - AC_CHECK_HEADER(pcsclite.h, [ - AC_DEFINE(HAVE_PCSCLITE_H, [1], [Define if you have the PCSC-Lite header file (you should)]) - - found_pcsclite=1 - just_found_pcsclite=1 - ]) - - AC_CHECK_HEADER(winscard.h, [ - AC_DEFINE(HAVE_WINSCARD_H, [1], [Define if you have the PCSC-Lite header file (you should)]) - - found_winscard=1 - just_found_winscard=1 - ]) - - - if test "${just_found_pcsclite}" = 1 -a "${just_found_winscard}" = 1 -a "${just_found_wintypes}" = 1; then - ADD_CFLAGS=" -I${headerdir}" - ADD_CPPFLAGS=" -I${headerdir}" - fi - - if test "${found_pcsclite}" = 1 -a "${found_winscard}" = 1 -a "${found_wintypes}" = 1; then - break - fi - done - - if test -n "${ADD_CFLAGS}" -o -n "${ADD_CPPFLAGS}"; then - break - fi - done - - CFLAGS="${SAVE_CFLAGS}${ADD_CFLAGS}" - CPPFLAGS="${SAVE_CPPFLAGS}${ADD_CPPFLAGS}" -]) - -AC_DEFUN(DC_PCSC_LIBS, [ - AC_ARG_WITH(pcsc-libs, AC_HELP_STRING([--with-pcsc-libs=], [Specify PC/SC Libraries (e.g., -lpcsclite)]), [ - manuallibs="${withval}" - ], [ - manuallibs="no" - ]) - - if test "${manuallibs}" != "no"; then - LIBS="${LIBS} ${manuallibs}" - else - DC_PCSC_LIBS_SEARCH - fi -]) - -AC_DEFUN(DC_PCSC_LIBS_SEARCH, [ - foundlib="0" - - SAVELIBS="${LIBS}" - - AC_MSG_CHECKING([for how to link to PC/SC]) - - for lib in -lpcsclite -lpcsc-lite -lpcsc /Developer/SDKs/*/System/Library/Frameworks/PCSC.framework/PCSC; do - LIBS="${SAVELIBS} ${lib}" - - AC_LINK_IFELSE(AC_LANG_PROGRAM([[ -int SCardEstablishContext(void); -]], [[ - int x; - - x = SCardEstablishContext(); - ]]), [ - AC_MSG_RESULT([${lib}]) - LIBS="${SAVELIBS} ${lib}" - - foundlib="1" - - break - ]) - done - - if test "${foundlib}" = "0"; then - AC_MSG_RESULT(cant) - - AC_MSG_WARN([unable to find PCSC library, compilation will likely fail.]) - fi - - dnl Check for SCardIsValidContext, only in newer PCSC-Lite - AC_CHECK_FUNCS(SCardIsValidContext) -]) - -AC_DEFUN(DC_PCSC, [ - DC_PCSC_HEADERS - DC_PCSC_LIBS -]) DELETED aclocal/dc_shobjs.m4 Index: aclocal/dc_shobjs.m4 ================================================================== --- aclocal/dc_shobjs.m4 +++ /dev/null @@ -1,134 +0,0 @@ -dnl Usage: -dnl DC_TEST_SHOBJFLAGS(shobjflags, shobjldflags, action-if-not-found) -dnl -AC_DEFUN(DC_TEST_SHOBJFLAGS, [ - AC_SUBST(SHOBJFLAGS) - AC_SUBST(SHOBJLDFLAGS) - - OLD_LDFLAGS="$LDFLAGS" - SHOBJFLAGS="" - - LDFLAGS="$OLD_LDFLAGS $1 $2" - - AC_TRY_LINK([#include -int unrestst(void);], [ printf("okay\n"); unrestst(); return(0); ], [ SHOBJFLAGS="$1"; SHOBJLDFLAGS="$2" ], [ - LDFLAGS="$OLD_LDFLAGS" - $3 - ]) - - LDFLAGS="$OLD_LDFLAGS" -]) - -AC_DEFUN(DC_GET_SHOBJFLAGS, [ - AC_SUBST(SHOBJFLAGS) - AC_SUBST(SHOBJLDFLAGS) - - AC_MSG_CHECKING(how to create shared objects) - - if test -z "$SHOBJFLAGS" -a -z "$SHOBJLDFLAGS"; then - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -rdynamic], [ - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared], [ - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -rdynamic -mimpure-text], [ - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -mimpure-text], [ - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -rdynamic -Wl,-G,-z,textoff], [ - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -Wl,-G,-z,textoff], [ - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-shared -dynamiclib -flat_namespace -undefined suppress -bind_at_load], [ - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-dynamiclib -flat_namespace -undefined suppress -bind_at_load], [ - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-Wl,-dynamiclib -Wl,-flat_namespace -Wl,-undefined,suppress -Wl,-bind_at_load], [ - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-dynamiclib -flat_namespace -undefined suppress], [ - DC_TEST_SHOBJFLAGS([-fPIC -DPIC], [-dynamiclib], [ - AC_MSG_RESULT(cant) - AC_MSG_ERROR([We are unable to make shared objects.]) - ]) - ]) - ]) - ]) - ]) - ]) - ]) - ]) - ]) - ]) - ]) - fi - - AC_MSG_RESULT($SHOBJLDFLAGS $SHOBJFLAGS) - - DC_SYNC_SHLIBOBJS -]) - -AC_DEFUN(DC_SYNC_SHLIBOBJS, [ - AC_SUBST(SHLIBOBJS) - SHLIBOBJS="" - for obj in $LIB@&t@OBJS; do - SHLIBOBJS="$SHLIBOBJS `echo $obj | sed 's/\.o$/_shr.o/g'`" - done -]) - -AC_DEFUN(DC_SYNC_RPATH, [ - OLD_LDFLAGS="$LDFLAGS" - - for tryrpath in "-Wl,-rpath" "-Wl,--rpath" "-Wl,-R"; do - LDFLAGS="$OLD_LDFLAGS $tryrpath -Wl,/tmp" - AC_LINK_IFELSE(AC_LANG_PROGRAM([], [ return(0); ]), [ - rpathldflags="$tryrpath" - break - ]) - done - unset tryrpath - - LDFLAGS="$OLD_LDFLAGS" - unset OLD_LDFLAGS - - ADDLDFLAGS="" - for opt in $LDFLAGS; do - if echo "$opt" | grep '^-L' >/dev/null; then - rpathdir=`echo "$opt" | sed 's@^-L *@@'` - ADDLDFLAGS="$ADDLDFLAGS $rpathldflags -Wl,$rpathdir" - fi - done - unset opt rpathldflags - - LDFLAGS="$LDFLAGS $ADDLDFLAGS" - - unset ADDLDFLAGS -]) - -AC_DEFUN(DC_CHK_OS_INFO, [ - AC_CANONICAL_HOST - AC_SUBST(SHOBJEXT) - AC_SUBST(SHOBJFLAGS) - AC_SUBST(SHOBJLDFLAGS) - AC_SUBST(CFLAGS) - AC_SUBST(CPPFLAGS) - AC_SUBST(AREXT) - - AC_MSG_CHECKING(host operating system) - AC_MSG_RESULT($host_os) - - SHOBJEXT="so" - AREXT="a" - - case $host_os in - darwin*) - SHOBJEXT="dylib" - ;; - hpux*) - SHOBJEXT="sl" - ;; - mingw32msvc*) - SHOBJEXT="dll" - SHOBJFLAGS="-DPIC" - CFLAGS="$CFLAGS -mno-cygwin -mms-bitfields" - CPPFLAGS="$CPPFLAGS -mno-cygwin -mms-bitfields" - SHOBJLDFLAGS='-shared -Wl,--dll -Wl,--enable-auto-image-base -Wl,--output-def,$[@].def,--out-implib,$[@].a' - ;; - cygwin*) - SHOBJEXT="dll" - SHOBJFLAGS="-fPIC -DPIC" - CFLAGS="$CFLAGS -mms-bitfields" - CPPFLAGS="$CPPFLAGS -mms-bitfields" - SHOBJLDFLAGS='-shared -Wl,--enable-auto-image-base -Wl,--output-def,$[@].def,--out-implib,$[@].a' - ;; - esac -]) DELETED aclocal/dc_versionscript.m4 Index: aclocal/dc_versionscript.m4 ================================================================== --- aclocal/dc_versionscript.m4 +++ /dev/null @@ -1,24 +0,0 @@ -AC_DEFUN(DC_SETVERSIONSCRIPT, [ - VERSIONSCRIPT="$1" - - SAVE_LDFLAGS="${LDFLAGS}" - - AC_MSG_CHECKING([for how to set version script]) - - for tryaddldflags in "-Wl,--version-script -Wl,${VERSIONSCRIPT}"; do - LDFLAGS="${SAVE_LDFLAGS} ${tryaddldflags}" - AC_TRY_LINK([], [], [ - addldflags="${tryaddldflags}" - - break - ]) - done - - if test -n "${addldflags}"; then - LDFLAGS="${SAVE_LDFLAGS} ${addldflags}" - AC_MSG_RESULT($addldflags) - else - LDFLAGS="${SAVE_LDFLAGS}" - AC_MSG_RESULT([don't know]) - fi -]) DELETED asn1-x509.c Index: asn1-x509.c ================================================================== --- asn1-x509.c +++ /dev/null @@ -1,412 +0,0 @@ -/* - * Basic implementation of ITU-T X.690 (07/2002) for parsing BER encoded - * X.509 certificates - */ - -#ifdef HAVE_CONFIG_H -# include "config.h" -#endif - -#ifdef HAVE_UNISTD_H -# include -#endif -#ifdef HAVE_STDLIB_H -# include -#endif -#ifdef HAVE_STDARG_H -# include -#endif -#ifdef HAVE_STDIO_H -# include -#endif -#ifdef HAVE_STRING_H -# include -#endif - -#include "asn1-x509.h" - -struct asn1_object { - unsigned long tag; - unsigned long size; - void *contents; - - unsigned long asn1rep_len; - void *asn1rep; -}; - -struct x509_object { - struct asn1_object wholething; - struct asn1_object certificate; - struct asn1_object version; - struct asn1_object serial_number; - struct asn1_object signature_algo; - struct asn1_object issuer; - struct asn1_object validity; - struct asn1_object subject; - struct asn1_object pubkeyinfo; - struct asn1_object pubkey_algoid; - struct asn1_object pubkey_algo; - struct asn1_object pubkey_algoparm; - struct asn1_object pubkey; -}; - -static int _asn1_x509_read_asn1_object(unsigned char *buf, size_t buflen, va_list *args) { - unsigned char small_object_size; - unsigned char *buf_p; - struct asn1_object *outbuf; - - outbuf = va_arg(*args, struct asn1_object *); - - if (outbuf == NULL) { - return(0); - } - - if (buflen == 0) { - return(-1); - } - - buf_p = buf; - - outbuf->tag = *buf_p; - buf_p++; - buflen--; - if (buflen == 0) { - return(-1); - } - - /* NULL Tag -- no size is required */ - if (outbuf->tag == 0x00) { - return(_asn1_x509_read_asn1_object(buf_p, buflen, args)); - } - - small_object_size = *buf_p; - buf_p++; - buflen--; - if (buflen == 0) { - return(-1); - } - - if ((small_object_size & 0x80) == 0x80) { - outbuf->size = 0; - - for (small_object_size ^= 0x80; small_object_size; small_object_size--) { - outbuf->size <<= 8; - outbuf->size += *buf_p; - - buf_p++; - buflen--; - if (buflen == 0) { - break; - } - } - } else { - outbuf->size = small_object_size; - } - - if (outbuf->size > buflen) { - return(-1); - } - - outbuf->contents = buf_p; - outbuf->asn1rep_len = outbuf->size + (buf_p - buf); - outbuf->asn1rep = buf; - - buf_p += outbuf->size; - buflen -= outbuf->size; - - return(_asn1_x509_read_asn1_object(buf_p, buflen, args)); -} - -static int asn1_x509_read_asn1_object(unsigned char *buf, size_t buflen, ...) { - va_list args; - int retval; - - va_start(args, buflen); - - retval = _asn1_x509_read_asn1_object(buf, buflen, &args); - - va_end(args); - - return(retval); -} - -static int asn1_x509_read_object(unsigned char *buf, size_t buflen, struct x509_object *outbuf) { - int read_ret; - - read_ret = asn1_x509_read_asn1_object(buf, buflen, &outbuf->wholething, NULL); - if (read_ret != 0) { - return(-1); - } - - read_ret = asn1_x509_read_asn1_object(outbuf->wholething.contents, outbuf->wholething.size, &outbuf->certificate, NULL); - if (read_ret != 0) { - return(-1); - } - - read_ret = asn1_x509_read_asn1_object(outbuf->certificate.contents, outbuf->certificate.size, &outbuf->version, &outbuf->serial_number, &outbuf->signature_algo, &outbuf->issuer, &outbuf->validity, &outbuf->subject, &outbuf->pubkeyinfo, NULL); - if (read_ret != 0) { - return(-1); - } - - read_ret = asn1_x509_read_asn1_object(outbuf->pubkeyinfo.contents, outbuf->pubkeyinfo.size, &outbuf->pubkey_algoid, &outbuf->pubkey, NULL); - if (read_ret != 0) { - return(-1); - } - - return(0); -} - -ssize_t x509_to_issuer(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { - struct x509_object x509; - int read_ret; - - read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); - if (read_ret != 0) { - return(-1); - } - - if (outbuf) { - *outbuf = x509.issuer.asn1rep; - } - - return(x509.issuer.asn1rep_len); -} - -ssize_t x509_to_subject(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { - struct x509_object x509; - int read_ret; - - read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); - if (read_ret != 0) { - return(-1); - } - - if (outbuf) { - *outbuf = x509.subject.asn1rep; - } - - return(x509.subject.asn1rep_len); -} - -ssize_t x509_to_serial(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { - struct x509_object x509; - int read_ret; - - read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); - if (read_ret != 0) { - return(-1); - } - - if (outbuf) { - *outbuf = x509.serial_number.asn1rep; - } - - return(x509.serial_number.asn1rep_len); -} - -ssize_t x509_to_modulus(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { - struct asn1_object null, pubkey, modulus, exponent; - struct x509_object x509; - int read_ret; - - read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); - if (read_ret != 0) { - return(-1); - } - - /* The structure of "pubkey" is specified in PKCS #1 */ - read_ret = asn1_x509_read_asn1_object(x509.pubkey.contents, x509.pubkey.size, &null, &pubkey, NULL); - if (read_ret != 0) { - return(-1); - } - - read_ret = asn1_x509_read_asn1_object(pubkey.contents, pubkey.size, &modulus, &exponent, NULL); - if (read_ret != 0) { - return(-1); - } - - if (outbuf) { - *outbuf = modulus.contents; - } - - return(modulus.size); -} - -ssize_t x509_to_exponent(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf) { - struct asn1_object null, pubkey, modulus, exponent; - struct x509_object x509; - int read_ret; - - read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); - if (read_ret != 0) { - return(-1); - } - - /* The structure of "pubkey" is specified in PKCS #1 */ - read_ret = asn1_x509_read_asn1_object(x509.pubkey.contents, x509.pubkey.size, &null, &pubkey, NULL); - if (read_ret != 0) { - return(-1); - } - - read_ret = asn1_x509_read_asn1_object(pubkey.contents, pubkey.size, &modulus, &exponent, NULL); - if (read_ret != 0) { - return(-1); - } - - if (outbuf) { - *outbuf = exponent.contents; - } - - return(exponent.size); -} - -ssize_t x509_to_keysize(void *x509_der_buf, size_t x509_der_buf_len) { - struct asn1_object null, pubkey, modulus, exponent; - struct x509_object x509; - int read_ret; - - read_ret = asn1_x509_read_object(x509_der_buf, x509_der_buf_len, &x509); - if (read_ret != 0) { - return(-1); - } - - /* The structure of "pubkey" is specified in PKCS #1 */ - read_ret = asn1_x509_read_asn1_object(x509.pubkey.contents, x509.pubkey.size, &null, &pubkey, NULL); - if (read_ret != 0) { - return(-1); - } - - read_ret = asn1_x509_read_asn1_object(pubkey.contents, pubkey.size, &modulus, &exponent, NULL); - if (read_ret != 0) { - return(-1); - } - - return(modulus.size - 1); -} - -/* - * http://www.blackberry.com/developers/docs/4.6.0api/javax/microedition/pki/Certificate.html - */ -static const char *_x509_objectid_to_label_string(void *buf, size_t buflen) { - switch (buflen) { - case 3: - if (memcmp(buf, "\x55\x04\x03", 3) == 0) { - return("CN"); - } - if (memcmp(buf, "\x55\x04\x04", 3) == 0) { - return("SN"); - } - if (memcmp(buf, "\x55\x04\x06", 3) == 0) { - return("C"); - } - if (memcmp(buf, "\x55\x04\x07", 3) == 0) { - return("L"); - } - if (memcmp(buf, "\x55\x04\x08", 3) == 0) { - return("ST"); - } - if (memcmp(buf, "\x55\x04\x09", 3) == 0) { - return("STREET"); - } - if (memcmp(buf, "\x55\x04\x0A", 3) == 0) { - return("O"); - } - if (memcmp(buf, "\x55\x04\x0B", 3) == 0) { - return("OU"); - } - break; - case 9: - if (memcmp(buf, "\x2A\x86\x48\x86\xF7\x0D\x01\x09\x01", 9) == 0) { - return("EmailAddress"); - } - break; - } - - return("???"); -} - -ssize_t x509_dn_to_string(void *asn1_der_buf, size_t asn1_der_buf_len, char *outbuf, size_t outbuf_len, char *matchlabel) { - struct asn1_object whole_thing, current_set, current_seq; - struct asn1_object label, value; - const char *label_str; - ssize_t snprintf_ret, retval; - char *outbuf_s; - int read_ret; - int offset; - - if (outbuf == NULL) { - return(-1); - } - - if (outbuf_len == 0 || asn1_der_buf_len == 0 || asn1_der_buf == NULL) { - return(0); - } - - read_ret = asn1_x509_read_asn1_object(asn1_der_buf, asn1_der_buf_len, &whole_thing, NULL); - if (read_ret != 0) { - return(-1); - } - - /* Terminate string, in case no valid elements are found we still return a valid string */ - *outbuf = '\0'; - outbuf_s = outbuf; - - offset = 0; - while (1) { - read_ret = asn1_x509_read_asn1_object(whole_thing.contents + offset, whole_thing.size - offset, ¤t_set, NULL); - if (read_ret != 0) { - break; - } - - offset += current_set.size + 2; - - read_ret = asn1_x509_read_asn1_object(current_set.contents, current_set.size, ¤t_seq, NULL); - if (read_ret != 0) { - break; - } - - read_ret = asn1_x509_read_asn1_object(current_seq.contents, current_seq.size, &label, &value, NULL); - - label_str = _x509_objectid_to_label_string(label.contents, label.size); - - /* If the user requested only certain labels, exclude others */ - if (matchlabel) { - if (strcmp(matchlabel, label_str) != 0) { - continue; - } - } - - /* If the user requested only certain labels, don't include them in the reply */ - if (matchlabel) { - snprintf_ret = snprintf(outbuf, outbuf_len, "%.*s, ", (unsigned int) value.size, (char *) value.contents); - } else { - snprintf_ret = snprintf(outbuf, outbuf_len, "%s=%.*s, ", label_str, (unsigned int) value.size, (char *) value.contents); - } - if (snprintf_ret < 0) { - break; - } - - if (snprintf_ret > outbuf_len) { - snprintf_ret = outbuf_len; - } - - outbuf += snprintf_ret; - outbuf_len -= snprintf_ret; - - if (outbuf_len < 2) { - break; - } - } - - retval = outbuf - outbuf_s; - - /* Remove trailing ", " added by cumulative process, if found. */ - if (retval > 2) { - if (outbuf_s[retval - 2] == ',') { - outbuf_s[retval - 2] = '\0'; - retval -= 2; - } - } - - return(retval); -} DELETED asn1-x509.h Index: asn1-x509.h ================================================================== --- asn1-x509.h +++ /dev/null @@ -1,27 +0,0 @@ -#ifndef USACEIT_ASN1_X509_H -#define USACEIT_ASN1_X509_H 1 - -#ifdef HAVE_CONFIG_H -# include "config.h" -# ifdef HAVE_UNISTD_H -# include -# endif -#else -# include -#endif - -ssize_t x509_to_subject(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); - -ssize_t x509_to_issuer(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); - -ssize_t x509_to_serial(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); - -ssize_t x509_to_modulus(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); - -ssize_t x509_to_exponent(void *x509_der_buf, size_t x509_der_buf_len, void **outbuf); - -ssize_t x509_to_keysize(void *x509_der_buf, size_t x509_der_buf_len); - -ssize_t x509_dn_to_string(void *asn1_der_buf, size_t asn1_der_buf_len, char *outbuf, size_t outbuf_len, char *matchlabel); - -#endif DELETED autogen.sh Index: autogen.sh ================================================================== --- autogen.sh +++ /dev/null @@ -1,8 +0,0 @@ -#! /bin/sh - -rm -f aclocal.m4 - -${MAKE:-make} -C aclocal -autoconf; autoheader - -rm -rf autom4te.cache/ DELETED build/PLATFORMS Index: build/PLATFORMS ================================================================== --- build/PLATFORMS +++ /dev/null @@ -1,17 +0,0 @@ - /-------------------\ /----------------------\ /---------\ /----------------------\ -| OS | CPU Arch | Compiler | Last Tested Vers | -|=====================+========================+===========+========================| -| Linux | x86 | gcc | 0.5.18 | -| |------------------------+-----------+------------------------| -| | x86_64 | gcc | 0.5.12 | -|---------------------+------------------------+-----------+------------------------| -| Mac OS X | PPC | gcc | 0.5.18 | -| |------------------------+-----------+------------------------| -| | x86 | gcc | 0.5.18 | -| |------------------------+-----------+------------------------| -| | x86_64 | gcc | 0.5.18 | -|---------------------+------------------------+-----------+------------------------| -| Solaris 10 | sun4u | SunStudio | 0.5.10 | -|---------------------+------------------------+-----------+------------------------| -| HP/UX | PA-RISC 2.0 | gcc | 0.5.15 | - \-------------------/ \----------------------/ \---------/ \----------------------/ DELETED build/build.sh Index: build/build.sh ================================================================== --- build/build.sh +++ /dev/null @@ -1,37 +0,0 @@ -#! /bin/sh - -find . -type f -name '.*.sw?' | xargs rm -f -find . -type f -name '.nfs*' | xargs rm -f - -if [ "${SNAPSHOT}" = "1" ]; then - sed "s@\(AC_INIT([^)]*\))@\1.${VERS})@" configure.ac > configure.ac.new - cat configure.ac.new > configure.ac - rm -f configure.ac.new -fi - -./autogen.sh || exit 1 - -if [ ! -x configure ]; then - exit 1 -fi - -for basefile in install-sh config.sub config.guess; do - for path in /usr/share/automake-*; do - file="${path}/${basefile}" - if [ -f "${file}" ]; then - cp "${file}" . - chmod 755 "./${basefile}" - - break - fi - done -done - -if [ "${SNAPSHOT}" != "1" ]; then - mv build build_delete - - mkdir build || exit 1 - cp -rp build_delete/cackey_win32_build build/ -fi - -exit 0 DELETED build/cackey_osx_build/Template_pmbuild/01libcackey-contents.xml.in Index: build/cackey_osx_build/Template_pmbuild/01libcackey-contents.xml.in ================================================================== --- build/cackey_osx_build/Template_pmbuild/01libcackey-contents.xml.in +++ /dev/null @@ -1,7 +0,0 @@ - - - owner - mode - group - - DELETED build/cackey_osx_build/Template_pmbuild/01libcackey.xml.in Index: build/cackey_osx_build/Template_pmbuild/01libcackey.xml.in ================================================================== --- build/cackey_osx_build/Template_pmbuild/01libcackey.xml.in +++ /dev/null @@ -1,35 +0,0 @@ - - - mil.army.usace.cackeyForMacOsX@@OSXVERSION@@.libcackey.pkg - 1 - - - - ../../macbuild/@@OSXVERSION@@/libcackey.dylib - /Library/CACKey/ - - - - - parent - scripts.postinstall.path - scripts.scriptsDirectoryPath.isRelativeType - scripts.scriptsDirectoryPath.path - relocatable - installTo.path - installFrom.path - installTo - - - @@BUILDROOTDIR@@/build/cackey_osx_build/Template_pmbuild/scripts/01libcackey-post.sh - @@BUILDROOTDIR@@/build/cackey_osx_build/Template_pmbuild/scripts - - - 01libcackey-contents.xml - /CVS$ - /\.svn$ - /\.cvsignore$ - /\.cvspass$ - /\.DS_Store$ - - DELETED build/cackey_osx_build/Template_pmbuild/02libcackey-contents.xml.in Index: build/cackey_osx_build/Template_pmbuild/02libcackey-contents.xml.in ================================================================== --- build/cackey_osx_build/Template_pmbuild/02libcackey-contents.xml.in +++ /dev/null @@ -1,7 +0,0 @@ - - - owner - mode - group - - DELETED build/cackey_osx_build/Template_pmbuild/02libcackey.xml.in Index: build/cackey_osx_build/Template_pmbuild/02libcackey.xml.in ================================================================== --- build/cackey_osx_build/Template_pmbuild/02libcackey.xml.in +++ /dev/null @@ -1,35 +0,0 @@ - - - mil.army.usace.cackeyForMacOsX@@OSXVERSION@@.@@LIBCACKEYG@@ - 1 - - - - ../../macbuild/@@OSXVERSION@@/libcackey_g.dylib - /Library/CACKey/ - - - - - parent - scripts.postinstall.path - scripts.scriptsDirectoryPath.isRelativeType - scripts.scriptsDirectoryPath.path - relocatable - installTo.path - installFrom.path - installTo - - - @@BUILDROOTDIR@@/build/cackey_osx_build/Template_pmbuild/scripts/02libcackey-post.sh - @@BUILDROOTDIR@@/build/cackey_osx_build/Template_pmbuild/scripts - - - 02libcackey-contents.xml - /CVS$ - /\.svn$ - /\.cvsignore$ - /\.cvspass$ - /\.DS_Store$ - - DELETED build/cackey_osx_build/Template_pmbuild/03libcackey-contents.xml.in Index: build/cackey_osx_build/Template_pmbuild/03libcackey-contents.xml.in ================================================================== --- build/cackey_osx_build/Template_pmbuild/03libcackey-contents.xml.in +++ /dev/null @@ -1,7 +0,0 @@ - - - owner - mode - group - - DELETED build/cackey_osx_build/Template_pmbuild/03libcackey.xml.in Index: build/cackey_osx_build/Template_pmbuild/03libcackey.xml.in ================================================================== --- build/cackey_osx_build/Template_pmbuild/03libcackey.xml.in +++ /dev/null @@ -1,37 +0,0 @@ - - - mil.army.usace.cackeyForMacOsX@@OSXVERSION@@.cackey.pkg - 1 - - - - cackey.dylib - /usr/lib/pkcs11 - - - parent - scripts.postinstall.path - scripts.scriptsDirectoryPath.isRelativeType - scripts.scriptsDirectoryPath.path - installTo.isAbsoluteType - installTo.isRelativeType - scripts.postflight.path - relocatable - version - installTo.path - installFrom.path - installTo - - - @@BUILDROOTDIR@@/build/cackey_osx_build/Template_pmbuild/scripts/03libcackey-post.sh - @@BUILDROOTDIR@@/build/cackey_osx_build/Template_pmbuild/scripts - - - 03libcackey-contents.xml - /CVS$ - /\.svn$ - /\.cvsignore$ - /\.cvspass$ - /\.DS_Store$ - - DELETED build/cackey_osx_build/Template_pmbuild/index.xml.in Index: build/cackey_osx_build/Template_pmbuild/index.xml.in ================================================================== --- build/cackey_osx_build/Template_pmbuild/index.xml.in +++ /dev/null @@ -1,91 +0,0 @@ - - - CACKey for Mac OS X @@OSXVERSION@@ - mil.army.usace - - - - - - - - - CACKey - - - - - - - - - - - - - \ - US Army Corps of Engineers\ - Information Technology Laboratory\ - Vicksburg, MS 39180\ -contact: Roy Keene \ -------------------------------------------------\ -\ -The following files in the source directory are the intellectual property of the\ -Free Software Foundation and are licensed under the terms of the GNU General\ -Public License (GPL):\ - config.guess, config.sub, install-sh\ -\ -The files in the source directory and the "leakcheck" directory are the intellectual\ -property of the United States Government. It is not clear which, if any,\ -license is made on them. In addition, as of 07-JUN-2010 they have not be\ -cleared for public release.\ -\ -The files in the "pkcs11/" directory are licensed under the terms of the\ -following licenses:\ - mypkcs11.h : GNU General Public License 2.1.\ - pkcs11.h : GNU General Public License 2.1.\ - pkcs11f.h : GNU General Public License 2.1.\ - pkcs11n.h : Mozilla Public License or GNU General Public License\ - pkcs11t.h : GNU General Public License 2.1.}]]> - - - - - - - - - This CACKey release requires Mac OS X @@CUROSXVER@@. - - - This CACKey release requires Mac OS X @@CUROSXVER@@. - - - - 01libcackey.xml - 02libcackey.xml - 03libcackey.xml - properties.customizeOption - properties.title - description - properties.systemDomain - properties.anywhereDomain - DELETED build/cackey_osx_build/Template_pmbuild/scripts/01libcackey-post.sh Index: build/cackey_osx_build/Template_pmbuild/scripts/01libcackey-post.sh ================================================================== --- build/cackey_osx_build/Template_pmbuild/scripts/01libcackey-post.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -chmod 755 /Library/CACKey -chown root:admin /Library/CACKey DELETED build/cackey_osx_build/Template_pmbuild/scripts/02libcackey-post.sh Index: build/cackey_osx_build/Template_pmbuild/scripts/02libcackey-post.sh ================================================================== --- build/cackey_osx_build/Template_pmbuild/scripts/02libcackey-post.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -chmod 755 /Library/CACKey -chown root:admin /Library/CACKey DELETED build/cackey_osx_build/Template_pmbuild/scripts/03libcackey-post.sh Index: build/cackey_osx_build/Template_pmbuild/scripts/03libcackey-post.sh ================================================================== --- build/cackey_osx_build/Template_pmbuild/scripts/03libcackey-post.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -chmod 755 /usr/lib/pkcs11 -chown root:wheel /usr/lib/pkcs11 DELETED build/cackey_osx_build/build_osx.sh Index: build/cackey_osx_build/build_osx.sh ================================================================== --- build/cackey_osx_build/build_osx.sh +++ /dev/null @@ -1,257 +0,0 @@ -#!/bin/bash -# Shell Script to make Mac OS X Releases of CACKey -# Kenneth Van Alstyne -# kenneth.l.vanalstyne@usace.army.mil -CACKEY_VERSION=`cat configure.ac | grep AC_INIT | cut -d " " -f 2 | sed 's_)__'` - -# Usage function -usage() { - echo "Usage: build_osx.sh " - echo Where target is one of: - echo " panther - (Builds 10.3 Library for PPCG3)" - echo " tiger - (Builds Universal 10.4 Library for PPCG3/i386)" - echo " leopard - (Builds Universal 10.5 Library for PPCG4/i386)" - echo " snowleopard - (Builds Universal 10.6 Library for i386/x86_64)" - echo " all - (Builds for all supported targets)" - echo " clean - (Cleans up)" - echo "Run from CACKey Build Root." - exit $? -} - -# Clean up function -clean() { - rm -f build/cackey_osx_build/cackey.dylib - rm -rf macbuild - rm -rf build/cackey_osx_build/*.pmdoc - make distclean -} - -# Directory creation function -makedir() { - if [ "`uname -r | cut -d . -f 1`" -lt "10" ]; then - LIBTOOLDIR=/Developer/usr/share/libtool - else - LIBTOOLDIR=/Developer/usr/share/libtool/config - fi - if [ ! -d macbuild ]; then - mkdir macbuild - mkdir macbuild/Panther - mkdir macbuild/Tiger - mkdir macbuild/Leopard - mkdir macbuild/Snowleopard - mkdir macbuild/pkg - fi - if [ ! -f config.guess ]; then - cp ${LIBTOOLDIR}/config.guess . - fi - if [ ! -f config.sub ]; then - cp ${LIBTOOLDIR}/config.sub . - fi - if [ ! -f install-sh ]; then - cp ${LIBTOOLDIR}/install-sh . - fi -} - -# Build function for Panther -panther() { - makedir - HEADERS=/Developer/SDKs/MacOSX10.3.9.sdk/System/Library/Frameworks/PCSC.framework/Versions/A/Headers/ - LIBRARY=/Developer/SDKs/MacOSX10.3.9.sdk/System/Library/Frameworks/PCSC.framework/PCSC - OSX=Panther - PKTARGETOS=1 - NEXTOSXVER=10.4 - CUROSXVER=10.3 - HOST=powerpc-apple-darwin7 - make distclean - ARCH="ppc -mcpu=G3" - CFLAGS="-arch ${ARCH}" ./configure --with-pcsc-headers=${HEADERS} --with-pcsc-libs=${LIBRARY} --host=${HOST} - make - cp libcackey.dylib macbuild/${OSX}/libcackey.dylib - cp libcackey_g.dylib macbuild/${OSX}/libcackey_g.dylib - pkgbuild -} - -# Build function for Tiger -tiger() { - makedir - HEADERS=/Developer/SDKs/MacOSX10.4u.sdk/System/Library/Frameworks/PCSC.framework/Versions/A/Headers/ - LIBRARY=/Developer/SDKs/MacOSX10.4u.sdk/System/Library/Frameworks/PCSC.framework/PCSC - LIB="" - ARCHLIST="" - DLIB="" - DARCHLIST="" - OSX=Tiger - PKTARGETOS=2 - NEXTOSXVER=10.5 - CUROSXVER=10.4 - for HOST in powerpc-apple-darwin8 i386-apple-darwin8; do - genbuild - done - libbuild - pkgbuild -} - -# Build function for Leopard -leopard() { - makedir - HEADERS=/Developer/SDKs/MacOSX10.5.sdk/System/Library/Frameworks/PCSC.framework/Versions/A/Headers/ - LIBRARY=/Developer/SDKs/MacOSX10.5.sdk/System/Library/Frameworks/PCSC.framework/PCSC - LIB="" - ARCHLIST="" - DLIB="" - DARCHLIST="" - OSX=Leopard - PKTARGETOS=3 - NEXTOSXVER=10.6 - CUROSXVER=10.5 - for HOST in powerpc-apple-darwin9 i386-apple-darwin9; do - genbuild - done - libbuild - pkgbuild -} - -# Build function for Snow Leopard -snowleopard() { - makedir - HEADERS=/Developer/SDKs/MacOSX10.6.sdk/System/Library/Frameworks/PCSC.framework/Versions/A/Headers/ - LIBRARY=/Developer/SDKs/MacOSX10.6.sdk/System/Library/Frameworks/PCSC.framework/PCSC - LIB="" - ARCHLIST="" - DLIB="" - DARCHLIST="" - OSX=Snowleopard - PKTARGETOS=3 - NEXTOSXVER=10.7 - CUROSXVER=10.6 - for HOST in i386-apple-darwin10 x86_64-apple-darwin10; do - genbuild - done - libbuild - pkgbuild -} - -# Generic build function -genbuild() { - make distclean - ARCH=`echo ${HOST} | cut -d "-" -f 1` - if [ ${ARCH} == "powerpc" ]; then - if [ ${OSX} == "Leopard" ]; then - ARCH="ppc -mcpu=G4" - else - ARCH="ppc -mcpu=G3" - fi - fi - CFLAGS="-arch ${ARCH}" ./configure --with-pcsc-headers=${HEADERS} --with-pcsc-libs=${LIBRARY} --host=${HOST} - make - cp libcackey.dylib macbuild/${OSX}/libcackey.dylib.`echo ${ARCH} | cut -d ' ' -f 1` - cp libcackey_g.dylib macbuild/${OSX}/libcackey_g.dylib.`echo ${ARCH} | cut -d ' ' -f 1` -} - -# Library build function -libbuild() { - for LIB in macbuild/${OSX}/libcackey.dylib.*; do - ARCHLIST="${ARCHLIST} `echo '-arch '` `echo ${LIB} | cut -d . -f 3` `echo ' '` `echo ${LIB}`" - done - lipo -create ${ARCHLIST} -output macbuild/${OSX}/libcackey.dylib - for DLIB in macbuild/${OSX}/libcackey_g.dylib.*; do - DARCHLIST="${DARCHLIST} `echo '-arch '` `echo ${DLIB} | cut -d . -f 3` `echo ' '` `echo ${DLIB}`" - done - lipo -create ${DARCHLIST} -output macbuild/${OSX}/libcackey_g.dylib - rm macbuild/${OSX}/libcackey*.dylib.* -} - -# Function to build Mac OS X Packages -pkgbuild() { - if [ "`uname -r | cut -d . -f 1`" -lt "10" ]; then - LIBCACKEYG=libcackeyg.pkg - else - LIBCACKEYG=libcackey_g.pkg - fi - rm -f build/cackey_osx_build/cackey.dylib - ln macbuild/${OSX}/libcackey.dylib build/cackey_osx_build/cackey.dylib - for PMDOC in build/cackey_osx_build/Template_pmbuild/*.in; do - PMDOC="`echo "${PMDOC}" | sed 's|l.in|l|g' | sed 's|build/cackey_osx_build/Template_pmbuild/||g'`" - UUID="`python -c 'import uuid; print uuid.uuid1()' | dd conv=ucase 2>/dev/null`" - mkdir -p build/cackey_osx_build/${OSX}_pmbuild.pmdoc - sed "s|@@BUILDROOTDIR@@|$(pwd)|g" build/cackey_osx_build/Template_pmbuild/${PMDOC}.in > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} - sed "s|@@OSXVERSION@@|${OSX}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 - sed "s|@@UUID@@|${UUID}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} - sed "s|@@TARGETOS@@|${PKTARGETOS}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 - sed "s|@@NEXTOSXVER@@|${NEXTOSXVER}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} - sed "s|@@CUROSXVER@@|${CUROSXVER}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 - sed "s|@@LIBCACKEYG@@|${LIBCACKEYG}|g" build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} - cp build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 - mv build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC}.1 build/cackey_osx_build/${OSX}_pmbuild.pmdoc/${PMDOC} - done - if [ ${OSX} == "Panther" ]; then - EXT=mpkg - cat build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml | grep -v -i require > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml.new - mv build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml.new build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml - else - EXT=pkg - fi - if [ ${OSX} == "Snowleopard" ]; then - cat build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml | sed 's|for Mac OS X Snowleopard|for Mac OS X SnowLeopard|g' > build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml.new - mv build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml.new build/cackey_osx_build/${OSX}_pmbuild.pmdoc/index.xml - fi - /Developer/Applications/Utilities/PackageMaker.app/Contents/MacOS/PackageMaker -d build/cackey_osx_build/${OSX}_pmbuild.pmdoc -o macbuild/pkg/CACKey_${CACKEY_VERSION}_${OSX}.${EXT} - tar --create --directory macbuild/pkg/ --file macbuild/pkg/CACKey_${CACKEY_VERSION}_${OSX}.${EXT}.tar CACKey_${CACKEY_VERSION}_${OSX}.${EXT} - gzip -9 macbuild/pkg/CACKey_${CACKEY_VERSION}_${OSX}.${EXT}.tar - rm -rf macbuild/pkg/CACKey_${CACKEY_VERSION}_${OSX}.${EXT} - rm -f build/cackey_osx_build/cackey.dylib - echo "${OSX} build complete" -} - -# Take command line arguments and execute -case "$1" in - "") - usage - exit $? - ;; - - "panther") - ./autogen.sh - panther - exit $? - ;; - - "tiger") - ./autogen.sh - tiger - exit $? - ;; - - "leopard") - ./autogen.sh - leopard - exit $? - ;; - - "snowleopard") - ./autogen.sh - snowleopard - exit $? - ;; - - "all") - ./autogen.sh - panther - tiger - leopard - snowleopard - echo "" - echo "All builds complete." - exit $? - ;; - - "clean") - clean - exit $? - ;; - - *) - usage - exit $? - ;; -esac DELETED build/cackey_win32_build/build.sh Index: build/cackey_win32_build/build.sh ================================================================== --- build/cackey_win32_build/build.sh +++ /dev/null @@ -1,13 +0,0 @@ -#! /bin/bash - -make distclean - -cp "./build/cackey_win32_build/lib/winscard.dll" "./build/cackey_win32_build/lib/WinSCard.dll" - -./configure --with-pcsc-headers="$(pwd)/build/cackey_win32_build/include" --with-pcsc-libs="-L$(pwd)/build/cackey_win32_build/lib -lwinscard" --host=i586-mingw32msvc CPPFLAGS="-I$(pwd)/build/cackey_win32_build/include" || exit 1 - -make || exit 1 - -rm -f "./build/cackey_win32_build/lib/WinSCard.dll" - -exit 0 DELETED build/cackey_win32_build/include/SCardErr.h Index: build/cackey_win32_build/include/SCardErr.h ================================================================== --- build/cackey_win32_build/include/SCardErr.h +++ /dev/null @@ -1,655 +0,0 @@ -/* - scarderr.mc - - Error message codes from the Smart Card Resource Manager - These messages must be reconciled with winerror.w - They exist here to provide error messages on pre-Win2K systems. - -*/ -#ifndef SCARD_S_SUCCESS -// -// ============================= -// Facility SCARD Error Messages -// ============================= -// -#define SCARD_S_SUCCESS NO_ERROR -// -// Values are 32 bit values laid out as follows: -// -// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 -// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 -// +---+-+-+-----------------------+-------------------------------+ -// |Sev|C|R| Facility | Code | -// +---+-+-+-----------------------+-------------------------------+ -// -// where -// -// Sev - is the severity code -// -// 00 - Success -// 01 - Informational -// 10 - Warning -// 11 - Error -// -// C - is the Customer code flag -// -// R - is a reserved bit -// -// Facility - is the facility code -// -// Code - is the facility's status code -// -// -// Define the facility codes -// -#define FACILITY_SYSTEM 0x0 -#define FACILITY_SCARD 0x10 - - -// -// Define the severity codes -// -#define STATUS_SEVERITY_WARNING 0x2 -#define STATUS_SEVERITY_INFORMATIONAL 0x1 -#define STATUS_SEVERITY_ERROR 0x3 - - -// -// MessageId: SCARD_F_INTERNAL_ERROR -// -// MessageText: -// -// An internal consistency check failed. -// -#define SCARD_F_INTERNAL_ERROR ((DWORD)0x80100001L) - -// -// MessageId: SCARD_E_CANCELLED -// -// MessageText: -// -// The action was cancelled by an SCardCancel request. -// -#define SCARD_E_CANCELLED ((DWORD)0x80100002L) - -// -// MessageId: SCARD_E_INVALID_HANDLE -// -// MessageText: -// -// The supplied handle was invalid. -// -#define SCARD_E_INVALID_HANDLE ((DWORD)0x80100003L) - -// -// MessageId: SCARD_E_INVALID_PARAMETER -// -// MessageText: -// -// One or more of the supplied parameters could not be properly interpreted. -// -#define SCARD_E_INVALID_PARAMETER ((DWORD)0x80100004L) - -// -// MessageId: SCARD_E_INVALID_TARGET -// -// MessageText: -// -// Registry startup information is missing or invalid. -// -#define SCARD_E_INVALID_TARGET ((DWORD)0x80100005L) - -// -// MessageId: SCARD_E_NO_MEMORY -// -// MessageText: -// -// Not enough memory available to complete this command. -// -#define SCARD_E_NO_MEMORY ((DWORD)0x80100006L) - -// -// MessageId: SCARD_F_WAITED_TOO_LONG -// -// MessageText: -// -// An internal consistency timer has expired. -// -#define SCARD_F_WAITED_TOO_LONG ((DWORD)0x80100007L) - -// -// MessageId: SCARD_E_INSUFFICIENT_BUFFER -// -// MessageText: -// -// The data buffer to receive returned data is too small for the returned data. -// -#define SCARD_E_INSUFFICIENT_BUFFER ((DWORD)0x80100008L) - -// -// MessageId: SCARD_E_UNKNOWN_READER -// -// MessageText: -// -// The specified reader name is not recognized. -// -#define SCARD_E_UNKNOWN_READER ((DWORD)0x80100009L) - -// -// MessageId: SCARD_E_TIMEOUT -// -// MessageText: -// -// The user-specified timeout value has expired. -// -#define SCARD_E_TIMEOUT ((DWORD)0x8010000AL) - -// -// MessageId: SCARD_E_SHARING_VIOLATION -// -// MessageText: -// -// The smart card cannot be accessed because of other connections outstanding. -// -#define SCARD_E_SHARING_VIOLATION ((DWORD)0x8010000BL) - -// -// MessageId: SCARD_E_NO_SMARTCARD -// -// MessageText: -// -// The operation requires a Smart Card, but no Smart Card is currently in the device. -// -#define SCARD_E_NO_SMARTCARD ((DWORD)0x8010000CL) - -// -// MessageId: SCARD_E_UNKNOWN_CARD -// -// MessageText: -// -// The specified smart card name is not recognized. -// -#define SCARD_E_UNKNOWN_CARD ((DWORD)0x8010000DL) - -// -// MessageId: SCARD_E_CANT_DISPOSE -// -// MessageText: -// -// The system could not dispose of the media in the requested manner. -// -#define SCARD_E_CANT_DISPOSE ((DWORD)0x8010000EL) - -// -// MessageId: SCARD_E_PROTO_MISMATCH -// -// MessageText: -// -// The requested protocols are incompatible with the protocol currently in use with the smart card. -// -#define SCARD_E_PROTO_MISMATCH ((DWORD)0x8010000FL) - -// -// MessageId: SCARD_E_NOT_READY -// -// MessageText: -// -// The reader or smart card is not ready to accept commands. -// -#define SCARD_E_NOT_READY ((DWORD)0x80100010L) - -// -// MessageId: SCARD_E_INVALID_VALUE -// -// MessageText: -// -// One or more of the supplied parameters values could not be properly interpreted. -// -#define SCARD_E_INVALID_VALUE ((DWORD)0x80100011L) - -// -// MessageId: SCARD_E_SYSTEM_CANCELLED -// -// MessageText: -// -// The action was cancelled by the system, presumably to log off or shut down. -// -#define SCARD_E_SYSTEM_CANCELLED ((DWORD)0x80100012L) - -// -// MessageId: SCARD_F_COMM_ERROR -// -// MessageText: -// -// An internal communications error has been detected. -// -#define SCARD_F_COMM_ERROR ((DWORD)0x80100013L) - -// -// MessageId: SCARD_F_UNKNOWN_ERROR -// -// MessageText: -// -// An internal error has been detected, but the source is unknown. -// -#define SCARD_F_UNKNOWN_ERROR ((DWORD)0x80100014L) - -// -// MessageId: SCARD_E_INVALID_ATR -// -// MessageText: -// -// An ATR obtained from the registry is not a valid ATR string. -// -#define SCARD_E_INVALID_ATR ((DWORD)0x80100015L) - -// -// MessageId: SCARD_E_NOT_TRANSACTED -// -// MessageText: -// -// An attempt was made to end a non-existent transaction. -// -#define SCARD_E_NOT_TRANSACTED ((DWORD)0x80100016L) - -// -// MessageId: SCARD_E_READER_UNAVAILABLE -// -// MessageText: -// -// The specified reader is not currently available for use. -// -#define SCARD_E_READER_UNAVAILABLE ((DWORD)0x80100017L) - -// -// MessageId: SCARD_P_SHUTDOWN -// -// MessageText: -// -// The operation has been aborted to allow the server application to exit. -// -#define SCARD_P_SHUTDOWN ((DWORD)0x80100018L) - -// -// MessageId: SCARD_E_PCI_TOO_SMALL -// -// MessageText: -// -// The PCI Receive buffer was too small. -// -#define SCARD_E_PCI_TOO_SMALL ((DWORD)0x80100019L) - -// -// MessageId: SCARD_E_READER_UNSUPPORTED -// -// MessageText: -// -// The reader driver does not meet minimal requirements for support. -// -#define SCARD_E_READER_UNSUPPORTED ((DWORD)0x8010001AL) - -// -// MessageId: SCARD_E_DUPLICATE_READER -// -// MessageText: -// -// The reader driver did not produce a unique reader name. -// -#define SCARD_E_DUPLICATE_READER ((DWORD)0x8010001BL) - -// -// MessageId: SCARD_E_CARD_UNSUPPORTED -// -// MessageText: -// -// The smart card does not meet minimal requirements for support. -// -#define SCARD_E_CARD_UNSUPPORTED ((DWORD)0x8010001CL) - -// -// MessageId: SCARD_E_NO_SERVICE -// -// MessageText: -// -// The Smart card resource manager is not running. -// -#define SCARD_E_NO_SERVICE ((DWORD)0x8010001DL) - -// -// MessageId: SCARD_E_SERVICE_STOPPED -// -// MessageText: -// -// The Smart card resource manager has shut down. -// -#define SCARD_E_SERVICE_STOPPED ((DWORD)0x8010001EL) - -// -// MessageId: SCARD_E_UNEXPECTED -// -// MessageText: -// -// An unexpected card error has occurred. -// -#define SCARD_E_UNEXPECTED ((DWORD)0x8010001FL) - -// -// MessageId: SCARD_E_ICC_INSTALLATION -// -// MessageText: -// -// No Primary Provider can be found for the smart card. -// -#define SCARD_E_ICC_INSTALLATION ((DWORD)0x80100020L) - -// -// MessageId: SCARD_E_ICC_CREATEORDER -// -// MessageText: -// -// The requested order of object creation is not supported. -// -#define SCARD_E_ICC_CREATEORDER ((DWORD)0x80100021L) - -// -// MessageId: SCARD_E_UNSUPPORTED_FEATURE -// -// MessageText: -// -// This smart card does not support the requested feature. -// -#define SCARD_E_UNSUPPORTED_FEATURE ((DWORD)0x80100022L) - -// -// MessageId: SCARD_E_DIR_NOT_FOUND -// -// MessageText: -// -// The identified directory does not exist in the smart card. -// -#define SCARD_E_DIR_NOT_FOUND ((DWORD)0x80100023L) - -// -// MessageId: SCARD_E_FILE_NOT_FOUND -// -// MessageText: -// -// The identified file does not exist in the smart card. -// -#define SCARD_E_FILE_NOT_FOUND ((DWORD)0x80100024L) - -// -// MessageId: SCARD_E_NO_DIR -// -// MessageText: -// -// The supplied path does not represent a smart card directory. -// -#define SCARD_E_NO_DIR ((DWORD)0x80100025L) - -// -// MessageId: SCARD_E_NO_FILE -// -// MessageText: -// -// The supplied path does not represent a smart card file. -// -#define SCARD_E_NO_FILE ((DWORD)0x80100026L) - -// -// MessageId: SCARD_E_NO_ACCESS -// -// MessageText: -// -// Access is denied to this file. -// -#define SCARD_E_NO_ACCESS ((DWORD)0x80100027L) - -// -// MessageId: SCARD_E_WRITE_TOO_MANY -// -// MessageText: -// -// The smartcard does not have enough memory to store the information. -// -#define SCARD_E_WRITE_TOO_MANY ((DWORD)0x80100028L) - -// -// MessageId: SCARD_E_BAD_SEEK -// -// MessageText: -// -// There was an error trying to set the smart card file object pointer. -// -#define SCARD_E_BAD_SEEK ((DWORD)0x80100029L) - -// -// MessageId: SCARD_E_INVALID_CHV -// -// MessageText: -// -// The supplied PIN is incorrect. -// -#define SCARD_E_INVALID_CHV ((DWORD)0x8010002AL) - -// -// MessageId: SCARD_E_UNKNOWN_RES_MNG -// -// MessageText: -// -// An unrecognized error code was returned from a layered component. -// -#define SCARD_E_UNKNOWN_RES_MNG ((DWORD)0x8010002BL) - -// -// MessageId: SCARD_E_NO_SUCH_CERTIFICATE -// -// MessageText: -// -// The requested certificate does not exist. -// -#define SCARD_E_NO_SUCH_CERTIFICATE ((DWORD)0x8010002CL) - -// -// MessageId: SCARD_E_CERTIFICATE_UNAVAILABLE -// -// MessageText: -// -// The requested certificate could not be obtained. -// -#define SCARD_E_CERTIFICATE_UNAVAILABLE ((DWORD)0x8010002DL) - -// -// MessageId: SCARD_E_NO_READERS_AVAILABLE -// -// MessageText: -// -// Cannot find a smart card reader. -// -#define SCARD_E_NO_READERS_AVAILABLE ((DWORD)0x8010002EL) - -// -// MessageId: SCARD_E_COMM_DATA_LOST -// -// MessageText: -// -// A communications error with the smart card has been detected. Retry the operation. -// -#define SCARD_E_COMM_DATA_LOST ((DWORD)0x8010002FL) - -// -// MessageId: SCARD_E_NO_KEY_CONTAINER -// -// MessageText: -// -// The requested key container does not exist on the smart card. -// -#define SCARD_E_NO_KEY_CONTAINER ((DWORD)0x80100030L) - -// -// MessageId: SCARD_E_SERVER_TOO_BUSY -// -// MessageText: -// -// The Smart card resource manager is too busy to complete this operation. -// -#define SCARD_E_SERVER_TOO_BUSY ((DWORD)0x80100031L) - -// -// MessageId: SCARD_E_PIN_CACHE_EXPIRED -// -// MessageText: -// -// The smart card PIN cache has expired. -// -#define SCARD_E_PIN_CACHE_EXPIRED ((DWORD)0x80100032L) - -// -// MessageId: SCARD_E_NO_PIN_CACHE -// -// MessageText: -// -// The smart card PIN cannot be cached. -// -#define SCARD_E_NO_PIN_CACHE ((DWORD)0x80100033L) - -// -// MessageId: SCARD_E_READ_ONLY_CARD -// -// MessageText: -// -// The smart card is read only and cannot be written to. -// -#define SCARD_E_READ_ONLY_CARD ((DWORD)0x80100034L) - -// -// These are warning codes. -// -// -// MessageId: SCARD_W_UNSUPPORTED_CARD -// -// MessageText: -// -// The reader cannot communicate with the smart card, due to ATR configuration conflicts. -// -#define SCARD_W_UNSUPPORTED_CARD ((DWORD)0x80100065L) - -// -// MessageId: SCARD_W_UNRESPONSIVE_CARD -// -// MessageText: -// -// The smart card is not responding to a reset. -// -#define SCARD_W_UNRESPONSIVE_CARD ((DWORD)0x80100066L) - -// -// MessageId: SCARD_W_UNPOWERED_CARD -// -// MessageText: -// -// Power has been removed from the smart card, so that further communication is not possible. -// -#define SCARD_W_UNPOWERED_CARD ((DWORD)0x80100067L) - -// -// MessageId: SCARD_W_RESET_CARD -// -// MessageText: -// -// The smart card has been reset, so any shared state information is invalid. -// -#define SCARD_W_RESET_CARD ((DWORD)0x80100068L) - -// -// MessageId: SCARD_W_REMOVED_CARD -// -// MessageText: -// -// The smart card has been removed, so that further communication is not possible. -// -#define SCARD_W_REMOVED_CARD ((DWORD)0x80100069L) - -// -// MessageId: SCARD_W_SECURITY_VIOLATION -// -// MessageText: -// -// Access was denied because of a security violation. -// -#define SCARD_W_SECURITY_VIOLATION ((DWORD)0x8010006AL) - -// -// MessageId: SCARD_W_WRONG_CHV -// -// MessageText: -// -// The card cannot be accessed because the wrong PIN was presented. -// -#define SCARD_W_WRONG_CHV ((DWORD)0x8010006BL) - -// -// MessageId: SCARD_W_CHV_BLOCKED -// -// MessageText: -// -// The card cannot be accessed because the maximum number of PIN entry attempts has been reached. -// -#define SCARD_W_CHV_BLOCKED ((DWORD)0x8010006CL) - -// -// MessageId: SCARD_W_EOF -// -// MessageText: -// -// The end of the smart card file has been reached. -// -#define SCARD_W_EOF ((DWORD)0x8010006DL) - -// -// MessageId: SCARD_W_CANCELLED_BY_USER -// -// MessageText: -// -// The action was cancelled by the user. -// -#define SCARD_W_CANCELLED_BY_USER ((DWORD)0x8010006EL) - -// -// MessageId: SCARD_W_CARD_NOT_AUTHENTICATED -// -// MessageText: -// -// No PIN was presented to the smart card. -// -#define SCARD_W_CARD_NOT_AUTHENTICATED ((DWORD)0x8010006FL) - -// -// MessageId: SCARD_W_CACHE_ITEM_NOT_FOUND -// -// MessageText: -// -// The requested item could not be found in the cache. -// -#define SCARD_W_CACHE_ITEM_NOT_FOUND ((DWORD)0x80100070L) - -// -// MessageId: SCARD_W_CACHE_ITEM_STALE -// -// MessageText: -// -// The requested cache item is too old and was deleted from the cache. -// -#define SCARD_W_CACHE_ITEM_STALE ((DWORD)0x80100071L) - -// -// MessageId: SCARD_W_CACHE_ITEM_TOO_BIG -// -// MessageText: -// -// The new cache item exceeds the maximum per-item size defined for the cache. -// -#define SCARD_W_CACHE_ITEM_TOO_BIG ((DWORD)0x80100072L) - -#endif // SCARD_S_SUCCESS - DELETED build/cackey_win32_build/include/pcsclite.h Index: build/cackey_win32_build/include/pcsclite.h ================================================================== --- build/cackey_win32_build/include/pcsclite.h +++ /dev/null @@ -1,1 +0,0 @@ -#include DELETED build/cackey_win32_build/include/pthread.h Index: build/cackey_win32_build/include/pthread.h ================================================================== --- build/cackey_win32_build/include/pthread.h +++ /dev/null @@ -1,53 +0,0 @@ -/* Thread_emulation.h */ -/* Author: Johnson M. Hart */ -/* Emulate the Pthreads model for the Win32 platform */ -/* The emulation is not complete, but it does provide a subset */ -/* required for a first project */ -/* Source: http://world.std.com/~jmhart/opensource.htm */ -/* The emulation is not complete, but it does provide a subset */ -/* that will work with many well-behaved programs */ -/* IF YOU ARE REALLY SERIOUS ABOUT THIS, USE THE OPEN SOURCE */ -/* PTHREAD LIBRARY. YOU'LL FIND IT ON THE RED HAT SITE */ - -#ifndef _THREAD_EMULATION -# define _THREAD_EMULATION - -/* Thread management macros */ -# ifdef _WIN32 -# define _WIN32_WINNT 0x500 /* WINBASE.H - Enable SignalObjectAndWait */ -# include -# include -# define THREAD_FUNCTION_PROTO THREAD_FUNCTION_RETURN (__stdcall *) (void *) -# define THREAD_FUNCTION_RETURN unsigned int -# define THREAD_SPECIFIC_INDEX DWORD -# define pthread_t HANDLE -# define pthread_attr_t DWORD -# define pthread_create(thhandle, attr, thfunc, tharg) ((int) ((*thhandle = (HANDLE) _beginthreadex(NULL, 0, (THREAD_FUNCTION_PROTO) thfunc, tharg, 0, NULL)) == NULL)) -# define pthread_join(thread, result) ((WaitForSingleObject((thread), INFINITE) != WAIT_OBJECT_0) || !CloseHandle(thread)) -# define pthread_detach(thread) { if (((void *) thread) != NULL) { CloseHandle((void *) thread); }} -# define thread_sleep(nms) Sleep(nms) -# define pthread_cancel(thread) TerminateThread(thread, 0) -# define ts_key_create(ts_key, destructor) {ts_key = TlsAlloc();} -# define pthread_getspecific(ts_key) TlsGetValue(ts_key) -# define pthread_setspecific(ts_key, value) TlsSetValue(ts_key, (void *)value) -# define pthread_self() GetCurrentThreadId() -# else -# include -# define THREAD_FUNCTION_RETURN void * -# endif - -/* Syncrhronization macros: Win32->pthread */ -# ifdef _WIN32 -# define pthread_mutex_t HANDLE -# define pthread_cond_t HANDLE -# define pthread_mutex_lock(pobject) WaitForSingleObject(*pobject, INFINITE) -# define pthread_mutex_unlock(pobject) (!ReleaseMutex(*pobject)) -# define pthread_mutex_init(pobject,pattr) ((*pobject=CreateMutex(NULL, FALSE, NULL)) == NULL) -# define pthread_cond_init(pobject,pattr) (*pobject=CreateEvent(NULL, FALSE, FALSE, NULL)) -# define pthread_mutex_destroy(pobject) CloseHandle(*pobject) -# define pthread_cond_destroy(pobject) CloseHandle(*pobject) -# define pthread_cond_wait(pcv,pmutex) { SignalObjectAndWait(*pmutex, *pcv, INFINITE, FALSE); WaitForSingleObject(*pmutex, INFINITE); } -# define pthread_cond_signal(pcv) SetEvent(*pcv) -# endif - -#endif DELETED build/cackey_win32_build/include/winscard.h Index: build/cackey_win32_build/include/winscard.h ================================================================== --- build/cackey_win32_build/include/winscard.h +++ /dev/null @@ -1,1151 +0,0 @@ -/*++ - -Copyright (c) 1996 Microsoft Corporation - -Module Name: - - WinSCard - -Abstract: - - This header file provides the definitions and symbols necessary for an - Application or Smart Card Service Provider to access the Smartcard - Subsystem. - -Environment: - - Win32 - -Notes: - ---*/ - -#ifndef _WINSCARD_H_ -#define _WINSCARD_H_ - -#if defined (_MSC_VER) && (_MSC_VER >= 1020) -#pragma once -#endif - - -#include -#include -#include -#include "winsmcrd.h" -#ifndef SCARD_S_SUCCESS -#include "SCardErr.h" -#endif - -#ifdef __cplusplus -extern "C" { -#endif - - -#if 1 /* jkm */ -#ifndef __LPCGUID_DEFINED__ -#define __LPCGUID_DEFINED__ -typedef const GUID *LPCGUID; -#endif -#endif - -#ifndef _LPCBYTE_DEFINED -#define _LPCBYTE_DEFINED -typedef const BYTE *LPCBYTE; -#endif -#ifndef _LPCVOID_DEFINED -#define _LPCVOID_DEFINED -typedef const VOID *LPCVOID; -#endif - -#ifndef WINSCARDAPI -#define WINSCARDAPI -#endif -#ifndef WINSCARDDATA -#define WINSCARDDATA __declspec(dllimport) -#endif - -/* In clr:pure we cannot mark data export with dllimport. - * We should add small functions which returns the value of - * the global. - */ -#if !defined(_M_CEE_PURE) -static const SCARD_IO_REQUEST static_g_rgSCardT0Pci = { SCARD_PROTOCOL_T0, 8 }; -static const SCARD_IO_REQUEST static_g_rgSCardT1Pci = { SCARD_PROTOCOL_T1, 8 }; - -WINSCARDDATA extern const SCARD_IO_REQUEST - g_rgSCardT0Pci, - g_rgSCardT1Pci, - g_rgSCardRawPci; -#define SCARD_PCI_T0 (&static_g_rgSCardT0Pci) -#define SCARD_PCI_T1 (&static_g_rgSCardT1Pci) -#define SCARD_PCI_RAW (&g_rgSCardRawPci) -#endif - -// -//////////////////////////////////////////////////////////////////////////////// -// -// Service Manager Access Services -// -// The following services are used to manage user and terminal contexts for -// Smart Cards. -// - -typedef ULONG_PTR SCARDCONTEXT; -typedef SCARDCONTEXT *PSCARDCONTEXT, *LPSCARDCONTEXT; - -typedef ULONG_PTR SCARDHANDLE; -typedef SCARDHANDLE *PSCARDHANDLE, *LPSCARDHANDLE; - -#define SCARD_AUTOALLOCATE (DWORD)(-1) - -#define SCARD_SCOPE_USER 0 // The context is a user context, and any - // database operations are performed within the - // domain of the user. -#define SCARD_SCOPE_TERMINAL 1 // The context is that of the current terminal, - // and any database operations are performed - // within the domain of that terminal. (The - // calling application must have appropriate - // access permissions for any database actions.) -#define SCARD_SCOPE_SYSTEM 2 // The context is the system context, and any - // database operations are performed within the - // domain of the system. (The calling - // application must have appropriate access - // permissions for any database actions.) - -extern WINSCARDAPI LONG WINAPI -SCardEstablishContext( - DWORD dwScope, - LPCVOID pvReserved1, - LPCVOID pvReserved2, - LPSCARDCONTEXT phContext); - -extern WINSCARDAPI LONG WINAPI -SCardReleaseContext( - SCARDCONTEXT hContext); - -extern WINSCARDAPI LONG WINAPI -SCardIsValidContext( - SCARDCONTEXT hContext); - - -// -//////////////////////////////////////////////////////////////////////////////// -// -// Smart Card Database Management Services -// -// The following services provide for managing the Smart Card Database. -// - -#define SCARD_ALL_READERS TEXT("SCard$AllReaders\000") -#define SCARD_DEFAULT_READERS TEXT("SCard$DefaultReaders\000") -#define SCARD_LOCAL_READERS TEXT("SCard$LocalReaders\000") -#define SCARD_SYSTEM_READERS TEXT("SCard$SystemReaders\000") - -#define SCARD_PROVIDER_PRIMARY 1 // Primary Provider Id -#define SCARD_PROVIDER_CSP 2 // Crypto Service Provider Id -#define SCARD_PROVIDER_KSP 3 // Key Storage Provider Id - - -// -// Database Reader routines -// - -extern WINSCARDAPI LONG WINAPI -SCardListReaderGroupsA( - SCARDCONTEXT hContext, - LPSTR mszGroups, - LPDWORD pcchGroups); -extern WINSCARDAPI LONG WINAPI -SCardListReaderGroupsW( - SCARDCONTEXT hContext, - LPWSTR mszGroups, - LPDWORD pcchGroups); -#ifdef UNICODE -#define SCardListReaderGroups SCardListReaderGroupsW -#else -#define SCardListReaderGroups SCardListReaderGroupsA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardListReadersA( - SCARDCONTEXT hContext, - LPCSTR mszGroups, - LPSTR mszReaders, - LPDWORD pcchReaders); -extern WINSCARDAPI LONG WINAPI -SCardListReadersW( - SCARDCONTEXT hContext, - LPCWSTR mszGroups, - LPWSTR mszReaders, - LPDWORD pcchReaders); -#ifdef UNICODE -#define SCardListReaders SCardListReadersW -#else -#define SCardListReaders SCardListReadersA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardListCardsA( - SCARDCONTEXT hContext, - LPCBYTE pbAtr, - LPCGUID rgquidInterfaces, - DWORD cguidInterfaceCount, - LPSTR mszCards, - LPDWORD pcchCards); -extern WINSCARDAPI LONG WINAPI -SCardListCardsW( - SCARDCONTEXT hContext, - LPCBYTE pbAtr, - LPCGUID rgquidInterfaces, - DWORD cguidInterfaceCount, - LPWSTR mszCards, - LPDWORD pcchCards); -#ifdef UNICODE -#define SCardListCards SCardListCardsW -#else -#define SCardListCards SCardListCardsA -#endif // !UNICODE -// -// NOTE: The routine SCardListCards name differs from the PC/SC definition. -// It should be: -// -// extern WINSCARDAPI LONG WINAPI -// SCardListCardTypes( -// SCARDCONTEXT hContext, -// LPCBYTE pbAtr, -// LPCGUID rgquidInterfaces, -// DWORD cguidInterfaceCount, -// LPTSTR mszCards, -// out LPDWORD pcchCards); -// -// Here's a work-around MACRO: -#define SCardListCardTypes SCardListCards - -extern WINSCARDAPI LONG WINAPI -SCardListInterfacesA( - SCARDCONTEXT hContext, - LPCSTR szCard, - LPGUID pguidInterfaces, - LPDWORD pcguidInterfaces); -extern WINSCARDAPI LONG WINAPI -SCardListInterfacesW( - SCARDCONTEXT hContext, - LPCWSTR szCard, - LPGUID pguidInterfaces, - LPDWORD pcguidInterfaces); -#ifdef UNICODE -#define SCardListInterfaces SCardListInterfacesW -#else -#define SCardListInterfaces SCardListInterfacesA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardGetProviderIdA( - SCARDCONTEXT hContext, - LPCSTR szCard, - LPGUID pguidProviderId); -extern WINSCARDAPI LONG WINAPI -SCardGetProviderIdW( - SCARDCONTEXT hContext, - LPCWSTR szCard, - LPGUID pguidProviderId); -#ifdef UNICODE -#define SCardGetProviderId SCardGetProviderIdW -#else -#define SCardGetProviderId SCardGetProviderIdA -#endif // !UNICODE -// -// NOTE: The routine SCardGetProviderId in this implementation uses GUIDs. -// The PC/SC definition uses BYTEs. -// - -extern WINSCARDAPI LONG WINAPI -SCardGetCardTypeProviderNameA( - SCARDCONTEXT hContext, - LPCSTR szCardName, - DWORD dwProviderId, - LPSTR szProvider, - LPDWORD pcchProvider); -extern WINSCARDAPI LONG WINAPI -SCardGetCardTypeProviderNameW( - SCARDCONTEXT hContext, - LPCWSTR szCardName, - DWORD dwProviderId, - LPWSTR szProvider, - LPDWORD pcchProvider); -#ifdef UNICODE -#define SCardGetCardTypeProviderName SCardGetCardTypeProviderNameW -#else -#define SCardGetCardTypeProviderName SCardGetCardTypeProviderNameA -#endif // !UNICODE -// -// NOTE: This routine is an extension to the PC/SC definitions. -// - - -// -// Database Writer routines -// - -extern WINSCARDAPI LONG WINAPI -SCardIntroduceReaderGroupA( - SCARDCONTEXT hContext, - LPCSTR szGroupName); -extern WINSCARDAPI LONG WINAPI -SCardIntroduceReaderGroupW( - SCARDCONTEXT hContext, - LPCWSTR szGroupName); -#ifdef UNICODE -#define SCardIntroduceReaderGroup SCardIntroduceReaderGroupW -#else -#define SCardIntroduceReaderGroup SCardIntroduceReaderGroupA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardForgetReaderGroupA( - SCARDCONTEXT hContext, - LPCSTR szGroupName); -extern WINSCARDAPI LONG WINAPI -SCardForgetReaderGroupW( - SCARDCONTEXT hContext, - LPCWSTR szGroupName); -#ifdef UNICODE -#define SCardForgetReaderGroup SCardForgetReaderGroupW -#else -#define SCardForgetReaderGroup SCardForgetReaderGroupA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardIntroduceReaderA( - SCARDCONTEXT hContext, - LPCSTR szReaderName, - LPCSTR szDeviceName); -extern WINSCARDAPI LONG WINAPI -SCardIntroduceReaderW( - SCARDCONTEXT hContext, - LPCWSTR szReaderName, - LPCWSTR szDeviceName); -#ifdef UNICODE -#define SCardIntroduceReader SCardIntroduceReaderW -#else -#define SCardIntroduceReader SCardIntroduceReaderA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardForgetReaderA( - SCARDCONTEXT hContext, - LPCSTR szReaderName); -extern WINSCARDAPI LONG WINAPI -SCardForgetReaderW( - SCARDCONTEXT hContext, - LPCWSTR szReaderName); -#ifdef UNICODE -#define SCardForgetReader SCardForgetReaderW -#else -#define SCardForgetReader SCardForgetReaderA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardAddReaderToGroupA( - SCARDCONTEXT hContext, - LPCSTR szReaderName, - LPCSTR szGroupName); -extern WINSCARDAPI LONG WINAPI -SCardAddReaderToGroupW( - SCARDCONTEXT hContext, - LPCWSTR szReaderName, - LPCWSTR szGroupName); -#ifdef UNICODE -#define SCardAddReaderToGroup SCardAddReaderToGroupW -#else -#define SCardAddReaderToGroup SCardAddReaderToGroupA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardRemoveReaderFromGroupA( - SCARDCONTEXT hContext, - LPCSTR szReaderName, - LPCSTR szGroupName); -extern WINSCARDAPI LONG WINAPI -SCardRemoveReaderFromGroupW( - SCARDCONTEXT hContext, - LPCWSTR szReaderName, - LPCWSTR szGroupName); -#ifdef UNICODE -#define SCardRemoveReaderFromGroup SCardRemoveReaderFromGroupW -#else -#define SCardRemoveReaderFromGroup SCardRemoveReaderFromGroupA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardIntroduceCardTypeA( - SCARDCONTEXT hContext, - LPCSTR szCardName, - LPCGUID pguidPrimaryProvider, - LPCGUID rgguidInterfaces, - DWORD dwInterfaceCount, - LPCBYTE pbAtr, - LPCBYTE pbAtrMask, - DWORD cbAtrLen); -extern WINSCARDAPI LONG WINAPI -SCardIntroduceCardTypeW( - SCARDCONTEXT hContext, - LPCWSTR szCardName, - LPCGUID pguidPrimaryProvider, - LPCGUID rgguidInterfaces, - DWORD dwInterfaceCount, - LPCBYTE pbAtr, - LPCBYTE pbAtrMask, - DWORD cbAtrLen); -#ifdef UNICODE -#define SCardIntroduceCardType SCardIntroduceCardTypeW -#else -#define SCardIntroduceCardType SCardIntroduceCardTypeA -#endif // !UNICODE -// -// NOTE: The routine SCardIntroduceCardType's parameters' order differs from -// the PC/SC definition. It should be: -// -// extern WINSCARDAPI LONG WINAPI -// SCardIntroduceCardType( -// SCARDCONTEXT hContext, -// LPCTSTR szCardName, -// LPCBYTE pbAtr, -// LPCBYTE pbAtrMask, -// DWORD cbAtrLen, -// LPCGUID pguidPrimaryProvider, -// LPCGUID rgguidInterfaces, -// DWORD dwInterfaceCount); -// -// Here's a work-around MACRO: -#define PCSCardIntroduceCardType(hContext, szCardName, pbAtr, pbAtrMask, cbAtrLen, pguidPrimaryProvider, rgguidInterfaces, dwInterfaceCount) \ - SCardIntroduceCardType(hContext, szCardName, pguidPrimaryProvider, rgguidInterfaces, dwInterfaceCount, pbAtr, pbAtrMask, cbAtrLen) - -extern WINSCARDAPI LONG WINAPI -SCardSetCardTypeProviderNameA( - SCARDCONTEXT hContext, - LPCSTR szCardName, - DWORD dwProviderId, - LPCSTR szProvider); -extern WINSCARDAPI LONG WINAPI -SCardSetCardTypeProviderNameW( - SCARDCONTEXT hContext, - LPCWSTR szCardName, - DWORD dwProviderId, - LPCWSTR szProvider); -#ifdef UNICODE -#define SCardSetCardTypeProviderName SCardSetCardTypeProviderNameW -#else -#define SCardSetCardTypeProviderName SCardSetCardTypeProviderNameA -#endif // !UNICODE -// -// NOTE: This routine is an extention to the PC/SC specifications. -// - -extern WINSCARDAPI LONG WINAPI -SCardForgetCardTypeA( - SCARDCONTEXT hContext, - LPCSTR szCardName); -extern WINSCARDAPI LONG WINAPI -SCardForgetCardTypeW( - SCARDCONTEXT hContext, - LPCWSTR szCardName); -#ifdef UNICODE -#define SCardForgetCardType SCardForgetCardTypeW -#else -#define SCardForgetCardType SCardForgetCardTypeA -#endif // !UNICODE - - -// -//////////////////////////////////////////////////////////////////////////////// -// -// Service Manager Support Routines -// -// The following services are supplied to simplify the use of the Service -// Manager API. -// - -extern WINSCARDAPI LONG WINAPI -SCardFreeMemory( - SCARDCONTEXT hContext, - LPCVOID pvMem); - -#if (NTDDI_VERSION >= NTDDI_WINXP) -extern WINSCARDAPI HANDLE WINAPI -SCardAccessStartedEvent(void); - -extern WINSCARDAPI void WINAPI -SCardReleaseStartedEvent(void); -#endif // (NTDDI_VERSION >= NTDDI_WINXP) - -// -//////////////////////////////////////////////////////////////////////////////// -// -// Reader Services -// -// The following services supply means for tracking cards within readers. -// - -typedef struct { - LPCSTR szReader; // reader name - LPVOID pvUserData; // user defined data - DWORD dwCurrentState; // current state of reader at time of call - DWORD dwEventState; // state of reader after state change - DWORD cbAtr; // Number of bytes in the returned ATR. - BYTE rgbAtr[36]; // Atr of inserted card, (extra alignment bytes) -} SCARD_READERSTATEA, *PSCARD_READERSTATEA, *LPSCARD_READERSTATEA; -typedef struct { - LPCWSTR szReader; // reader name - LPVOID pvUserData; // user defined data - DWORD dwCurrentState; // current state of reader at time of call - DWORD dwEventState; // state of reader after state change - DWORD cbAtr; // Number of bytes in the returned ATR. - BYTE rgbAtr[36]; // Atr of inserted card, (extra alignment bytes) -} SCARD_READERSTATEW, *PSCARD_READERSTATEW, *LPSCARD_READERSTATEW; -#ifdef UNICODE -typedef SCARD_READERSTATEW SCARD_READERSTATE; -typedef PSCARD_READERSTATEW PSCARD_READERSTATE; -typedef LPSCARD_READERSTATEW LPSCARD_READERSTATE; -#else -typedef SCARD_READERSTATEA SCARD_READERSTATE; -typedef PSCARD_READERSTATEA PSCARD_READERSTATE; -typedef LPSCARD_READERSTATEA LPSCARD_READERSTATE; -#endif // UNICODE - -// Backwards compatibility macros -#define SCARD_READERSTATE_A SCARD_READERSTATEA -#define SCARD_READERSTATE_W SCARD_READERSTATEW -#define PSCARD_READERSTATE_A PSCARD_READERSTATEA -#define PSCARD_READERSTATE_W PSCARD_READERSTATEW -#define LPSCARD_READERSTATE_A LPSCARD_READERSTATEA -#define LPSCARD_READERSTATE_W LPSCARD_READERSTATEW - -#define SCARD_STATE_UNAWARE 0x00000000 // The application is unaware of the - // current state, and would like to - // know. The use of this value - // results in an immediate return - // from state transition monitoring - // services. This is represented by - // all bits set to zero. -#define SCARD_STATE_IGNORE 0x00000001 // The application requested that - // this reader be ignored. No other - // bits will be set. -#define SCARD_STATE_CHANGED 0x00000002 // This implies that there is a - // difference between the state - // believed by the application, and - // the state known by the Service - // Manager. When this bit is set, - // the application may assume a - // significant state change has - // occurred on this reader. -#define SCARD_STATE_UNKNOWN 0x00000004 // This implies that the given - // reader name is not recognized by - // the Service Manager. If this bit - // is set, then SCARD_STATE_CHANGED - // and SCARD_STATE_IGNORE will also - // be set. -#define SCARD_STATE_UNAVAILABLE 0x00000008 // This implies that the actual - // state of this reader is not - // available. If this bit is set, - // then all the following bits are - // clear. -#define SCARD_STATE_EMPTY 0x00000010 // This implies that there is not - // card in the reader. If this bit - // is set, all the following bits - // will be clear. -#define SCARD_STATE_PRESENT 0x00000020 // This implies that there is a card - // in the reader. -#define SCARD_STATE_ATRMATCH 0x00000040 // This implies that there is a card - // in the reader with an ATR - // matching one of the target cards. - // If this bit is set, - // SCARD_STATE_PRESENT will also be - // set. This bit is only returned - // on the SCardLocateCard() service. -#define SCARD_STATE_EXCLUSIVE 0x00000080 // This implies that the card in the - // reader is allocated for exclusive - // use by another application. If - // this bit is set, - // SCARD_STATE_PRESENT will also be - // set. -#define SCARD_STATE_INUSE 0x00000100 // This implies that the card in the - // reader is in use by one or more - // other applications, but may be - // connected to in shared mode. If - // this bit is set, - // SCARD_STATE_PRESENT will also be - // set. -#define SCARD_STATE_MUTE 0x00000200 // This implies that the card in the - // reader is unresponsive or not - // supported by the reader or - // software. -#define SCARD_STATE_UNPOWERED 0x00000400 // This implies that the card in the - // reader has not been powered up. - -extern WINSCARDAPI LONG WINAPI -SCardLocateCardsA( - SCARDCONTEXT hContext, - LPCSTR mszCards, - LPSCARD_READERSTATEA rgReaderStates, - DWORD cReaders); -extern WINSCARDAPI LONG WINAPI -SCardLocateCardsW( - SCARDCONTEXT hContext, - LPCWSTR mszCards, - LPSCARD_READERSTATEW rgReaderStates, - DWORD cReaders); -#ifdef UNICODE -#define SCardLocateCards SCardLocateCardsW -#else -#define SCardLocateCards SCardLocateCardsA -#endif // !UNICODE - -#if (NTDDI_VERSION >= NTDDI_WINXP) -typedef struct _SCARD_ATRMASK { - DWORD cbAtr; // Number of bytes in the ATR and the mask. - BYTE rgbAtr[36]; // Atr of card (extra alignment bytes) - BYTE rgbMask[36]; // Mask for the Atr (extra alignment bytes) -} SCARD_ATRMASK, *PSCARD_ATRMASK, *LPSCARD_ATRMASK; - - -extern WINSCARDAPI LONG WINAPI -SCardLocateCardsByATRA( - SCARDCONTEXT hContext, - LPSCARD_ATRMASK rgAtrMasks, - DWORD cAtrs, - LPSCARD_READERSTATEA rgReaderStates, - DWORD cReaders); -extern WINSCARDAPI LONG WINAPI -SCardLocateCardsByATRW( - SCARDCONTEXT hContext, - LPSCARD_ATRMASK rgAtrMasks, - DWORD cAtrs, - LPSCARD_READERSTATEW rgReaderStates, - DWORD cReaders); -#ifdef UNICODE -#define SCardLocateCardsByATR SCardLocateCardsByATRW -#else -#define SCardLocateCardsByATR SCardLocateCardsByATRA -#endif // !UNICODE -#endif // (NTDDI_VERSION >= NTDDI_WINXP) - -extern WINSCARDAPI LONG WINAPI -SCardGetStatusChangeA( - SCARDCONTEXT hContext, - DWORD dwTimeout, - LPSCARD_READERSTATEA rgReaderStates, - DWORD cReaders); -extern WINSCARDAPI LONG WINAPI -SCardGetStatusChangeW( - SCARDCONTEXT hContext, - DWORD dwTimeout, - LPSCARD_READERSTATEW rgReaderStates, - DWORD cReaders); -#ifdef UNICODE -#define SCardGetStatusChange SCardGetStatusChangeW -#else -#define SCardGetStatusChange SCardGetStatusChangeA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardCancel( - SCARDCONTEXT hContext); - - -// -//////////////////////////////////////////////////////////////////////////////// -// -// Card/Reader Communication Services -// -// The following services provide means for communication with the card. -// - -#define SCARD_SHARE_EXCLUSIVE 1 // This application is not willing to share this - // card with other applications. -#define SCARD_SHARE_SHARED 2 // This application is willing to share this - // card with other applications. -#define SCARD_SHARE_DIRECT 3 // This application demands direct control of - // the reader, so it is not available to other - // applications. - -#define SCARD_LEAVE_CARD 0 // Don't do anything special on close -#define SCARD_RESET_CARD 1 // Reset the card on close -#define SCARD_UNPOWER_CARD 2 // Power down the card on close -#define SCARD_EJECT_CARD 3 // Eject the card on close - -extern WINSCARDAPI LONG WINAPI -SCardConnectA( - SCARDCONTEXT hContext, - LPCSTR szReader, - DWORD dwShareMode, - DWORD dwPreferredProtocols, - LPSCARDHANDLE phCard, - LPDWORD pdwActiveProtocol); -extern WINSCARDAPI LONG WINAPI -SCardConnectW( - SCARDCONTEXT hContext, - LPCWSTR szReader, - DWORD dwShareMode, - DWORD dwPreferredProtocols, - LPSCARDHANDLE phCard, - LPDWORD pdwActiveProtocol); -#ifdef UNICODE -#define SCardConnect SCardConnectW -#else -#define SCardConnect SCardConnectA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardReconnect( - SCARDHANDLE hCard, - DWORD dwShareMode, - DWORD dwPreferredProtocols, - DWORD dwInitialization, - LPDWORD pdwActiveProtocol); - -extern WINSCARDAPI LONG WINAPI -SCardDisconnect( - SCARDHANDLE hCard, - DWORD dwDisposition); - -extern WINSCARDAPI LONG WINAPI -SCardBeginTransaction( - SCARDHANDLE hCard); - -extern WINSCARDAPI LONG WINAPI -SCardEndTransaction( - SCARDHANDLE hCard, - DWORD dwDisposition); - -extern WINSCARDAPI LONG WINAPI -SCardCancelTransaction( - SCARDHANDLE hCard); -// -// NOTE: This call corresponds to the PC/SC SCARDCOMM::Cancel routine, -// terminating a blocked SCardBeginTransaction service. -// - - -extern WINSCARDAPI LONG WINAPI -SCardState( - SCARDHANDLE hCard, - LPDWORD pdwState, - LPDWORD pdwProtocol, - LPBYTE pbAtr, - LPDWORD pcbAtrLen); -// -// NOTE: SCardState is an obsolete routine. PC/SC has replaced it with -// SCardStatus. -// - -extern WINSCARDAPI LONG WINAPI -SCardStatusA( - SCARDHANDLE hCard, - LPSTR mszReaderNames, - LPDWORD pcchReaderLen, - LPDWORD pdwState, - LPDWORD pdwProtocol, - LPBYTE pbAtr, - LPDWORD pcbAtrLen); -extern WINSCARDAPI LONG WINAPI -SCardStatusW( - SCARDHANDLE hCard, - LPWSTR mszReaderNames, - LPDWORD pcchReaderLen, - LPDWORD pdwState, - LPDWORD pdwProtocol, - LPBYTE pbAtr, - LPDWORD pcbAtrLen); -#ifdef UNICODE -#define SCardStatus SCardStatusW -#else -#define SCardStatus SCardStatusA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardTransmit( - SCARDHANDLE hCard, - LPCSCARD_IO_REQUEST pioSendPci, - LPCBYTE pbSendBuffer, - DWORD cbSendLength, - LPSCARD_IO_REQUEST pioRecvPci, - LPBYTE pbRecvBuffer, - LPDWORD pcbRecvLength); - -#if (NTDDI_VERSION >= NTDDI_VISTA) -extern WINSCARDAPI LONG WINAPI -SCardGetTransmitCount( - SCARDHANDLE hCard, - LPDWORD pcTransmitCount); -#endif // (NTDDI_VERSION >= NTDDI_VISTA) - -// -//////////////////////////////////////////////////////////////////////////////// -// -// Reader Control Routines -// -// The following services provide for direct, low-level manipulation of the -// reader by the calling application allowing it control over the -// attributes of the communications with the card. -// - -extern WINSCARDAPI LONG WINAPI -SCardControl( - SCARDHANDLE hCard, - DWORD dwControlCode, - LPCVOID lpInBuffer, - DWORD cbInBufferSize, - LPVOID lpOutBuffer, - DWORD cbOutBufferSize, - LPDWORD lpBytesReturned); - -extern WINSCARDAPI LONG WINAPI -SCardGetAttrib( - SCARDHANDLE hCard, - DWORD dwAttrId, - LPBYTE pbAttr, - LPDWORD pcbAttrLen); -// -// NOTE: The routine SCardGetAttrib's name differs from the PC/SC definition. -// It should be: -// -// extern WINSCARDAPI LONG WINAPI -// SCardGetReaderCapabilities( -// SCARDHANDLE hCard, -// DWORD dwTag, -// LPBYTE pbAttr, -// out LPDWORD pcbAttrLen); -// -// Here's a work-around MACRO: -#define SCardGetReaderCapabilities SCardGetAttrib - -extern WINSCARDAPI LONG WINAPI -SCardSetAttrib( - SCARDHANDLE hCard, - DWORD dwAttrId, - LPCBYTE pbAttr, - DWORD cbAttrLen); -// -// NOTE: The routine SCardSetAttrib's name differs from the PC/SC definition. -// It should be: -// -// extern WINSCARDAPI LONG WINAPI -// SCardSetReaderCapabilities( -// SCARDHANDLE hCard, -// DWORD dwTag, -// LPCBYTE pbAttr, -// DWORD cbAttrLen); -// -// Here's a work-around MACRO: -#define SCardSetReaderCapabilities SCardSetAttrib - - -// -//////////////////////////////////////////////////////////////////////////////// -// -// Smart Card Dialog definitions -// -// The following section contains structures and exported function -// declarations for the Smart Card Common Dialog dialog. -// - -// Defined constants -// Flags -#define SC_DLG_MINIMAL_UI 0x01 -#define SC_DLG_NO_UI 0x02 -#define SC_DLG_FORCE_UI 0x04 - -#define SCERR_NOCARDNAME 0x4000 -#define SCERR_NOGUIDS 0x8000 - -typedef SCARDHANDLE (WINAPI *LPOCNCONNPROCA) ( SCARDCONTEXT, LPSTR, LPSTR, PVOID); -typedef SCARDHANDLE (WINAPI *LPOCNCONNPROCW) ( SCARDCONTEXT, LPWSTR, LPWSTR, PVOID); -#ifdef UNICODE -#define LPOCNCONNPROC LPOCNCONNPROCW -#else -#define LPOCNCONNPROC LPOCNCONNPROCA -#endif // !UNICODE -typedef BOOL (WINAPI *LPOCNCHKPROC) ( SCARDCONTEXT, SCARDHANDLE, PVOID); -typedef void (WINAPI *LPOCNDSCPROC) ( SCARDCONTEXT, SCARDHANDLE, PVOID); - - -// -// OPENCARD_SEARCH_CRITERIA: In order to specify a user-extended search, -// lpfnCheck must not be NULL. Moreover, the connection to be made to the -// card before performing the callback must be indicated by either providing -// lpfnConnect and lpfnDisconnect OR by setting dwShareMode. -// If both the connection callbacks and dwShareMode are non-NULL, the callbacks -// will be used. -// - -typedef struct { - DWORD dwStructSize; - LPSTR lpstrGroupNames; // OPTIONAL reader groups to include in - DWORD nMaxGroupNames; // search. NULL defaults to - // SCard$DefaultReaders - LPCGUID rgguidInterfaces; // OPTIONAL requested interfaces - DWORD cguidInterfaces; // supported by card's SSP - LPSTR lpstrCardNames; // OPTIONAL requested card names; all cards w/ - DWORD nMaxCardNames; // matching ATRs will be accepted - LPOCNCHKPROC lpfnCheck; // OPTIONAL if NULL no user check will be performed. - LPOCNCONNPROCA lpfnConnect; // OPTIONAL if lpfnConnect is provided, - LPOCNDSCPROC lpfnDisconnect; // lpfnDisconnect must also be set. - LPVOID pvUserData; // OPTIONAL parameter to callbacks - DWORD dwShareMode; // OPTIONAL must be set if lpfnCheck is not null - DWORD dwPreferredProtocols; // OPTIONAL -} OPENCARD_SEARCH_CRITERIAA, *POPENCARD_SEARCH_CRITERIAA, *LPOPENCARD_SEARCH_CRITERIAA; -typedef struct { - DWORD dwStructSize; - LPWSTR lpstrGroupNames; // OPTIONAL reader groups to include in - DWORD nMaxGroupNames; // search. NULL defaults to - // SCard$DefaultReaders - LPCGUID rgguidInterfaces; // OPTIONAL requested interfaces - DWORD cguidInterfaces; // supported by card's SSP - LPWSTR lpstrCardNames; // OPTIONAL requested card names; all cards w/ - DWORD nMaxCardNames; // matching ATRs will be accepted - LPOCNCHKPROC lpfnCheck; // OPTIONAL if NULL no user check will be performed. - LPOCNCONNPROCW lpfnConnect; // OPTIONAL if lpfnConnect is provided, - LPOCNDSCPROC lpfnDisconnect; // lpfnDisconnect must also be set. - LPVOID pvUserData; // OPTIONAL parameter to callbacks - DWORD dwShareMode; // OPTIONAL must be set if lpfnCheck is not null - DWORD dwPreferredProtocols; // OPTIONAL -} OPENCARD_SEARCH_CRITERIAW, *POPENCARD_SEARCH_CRITERIAW, *LPOPENCARD_SEARCH_CRITERIAW; -#ifdef UNICODE -typedef OPENCARD_SEARCH_CRITERIAW OPENCARD_SEARCH_CRITERIA; -typedef POPENCARD_SEARCH_CRITERIAW POPENCARD_SEARCH_CRITERIA; -typedef LPOPENCARD_SEARCH_CRITERIAW LPOPENCARD_SEARCH_CRITERIA; -#else -typedef OPENCARD_SEARCH_CRITERIAA OPENCARD_SEARCH_CRITERIA; -typedef POPENCARD_SEARCH_CRITERIAA POPENCARD_SEARCH_CRITERIA; -typedef LPOPENCARD_SEARCH_CRITERIAA LPOPENCARD_SEARCH_CRITERIA; -#endif // UNICODE - - -// -// OPENCARDNAME_EX: used by SCardUIDlgSelectCard; replaces obsolete OPENCARDNAME -// - -typedef struct { - DWORD dwStructSize; // REQUIRED - SCARDCONTEXT hSCardContext; // REQUIRED - HWND hwndOwner; // OPTIONAL - DWORD dwFlags; // OPTIONAL -- default is SC_DLG_MINIMAL_UI - LPCSTR lpstrTitle; // OPTIONAL - LPCSTR lpstrSearchDesc; // OPTIONAL (eg. "Please insert your smart card.") - HICON hIcon; // OPTIONAL 32x32 icon for your brand insignia - POPENCARD_SEARCH_CRITERIAA pOpenCardSearchCriteria; // OPTIONAL - LPOCNCONNPROCA lpfnConnect; // OPTIONAL - performed on successful selection - LPVOID pvUserData; // OPTIONAL parameter to lpfnConnect - DWORD dwShareMode; // OPTIONAL - if lpfnConnect is NULL, dwShareMode and - DWORD dwPreferredProtocols; // OPTIONAL dwPreferredProtocols will be used to - // connect to the selected card - LPSTR lpstrRdr; // REQUIRED [IN|OUT] Name of selected reader - DWORD nMaxRdr; // REQUIRED [IN|OUT] - LPSTR lpstrCard; // REQUIRED [IN|OUT] Name of selected card - DWORD nMaxCard; // REQUIRED [IN|OUT] - DWORD dwActiveProtocol; // [OUT] set only if dwShareMode not NULL - SCARDHANDLE hCardHandle; // [OUT] set if a card connection was indicated -} OPENCARDNAME_EXA, *POPENCARDNAME_EXA, *LPOPENCARDNAME_EXA; -typedef struct { - DWORD dwStructSize; // REQUIRED - SCARDCONTEXT hSCardContext; // REQUIRED - HWND hwndOwner; // OPTIONAL - DWORD dwFlags; // OPTIONAL -- default is SC_DLG_MINIMAL_UI - LPCWSTR lpstrTitle; // OPTIONAL - LPCWSTR lpstrSearchDesc; // OPTIONAL (eg. "Please insert your smart card.") - HICON hIcon; // OPTIONAL 32x32 icon for your brand insignia - POPENCARD_SEARCH_CRITERIAW pOpenCardSearchCriteria; // OPTIONAL - LPOCNCONNPROCW lpfnConnect; // OPTIONAL - performed on successful selection - LPVOID pvUserData; // OPTIONAL parameter to lpfnConnect - DWORD dwShareMode; // OPTIONAL - if lpfnConnect is NULL, dwShareMode and - DWORD dwPreferredProtocols; // OPTIONAL dwPreferredProtocols will be used to - // connect to the selected card - LPWSTR lpstrRdr; // REQUIRED [IN|OUT] Name of selected reader - DWORD nMaxRdr; // REQUIRED [IN|OUT] - LPWSTR lpstrCard; // REQUIRED [IN|OUT] Name of selected card - DWORD nMaxCard; // REQUIRED [IN|OUT] - DWORD dwActiveProtocol; // [OUT] set only if dwShareMode not NULL - SCARDHANDLE hCardHandle; // [OUT] set if a card connection was indicated -} OPENCARDNAME_EXW, *POPENCARDNAME_EXW, *LPOPENCARDNAME_EXW; -#ifdef UNICODE -typedef OPENCARDNAME_EXW OPENCARDNAME_EX; -typedef POPENCARDNAME_EXW POPENCARDNAME_EX; -typedef LPOPENCARDNAME_EXW LPOPENCARDNAME_EX; -#else -typedef OPENCARDNAME_EXA OPENCARDNAME_EX; -typedef POPENCARDNAME_EXA POPENCARDNAME_EX; -typedef LPOPENCARDNAME_EXA LPOPENCARDNAME_EX; -#endif // UNICODE - -#define OPENCARDNAMEA_EX OPENCARDNAME_EXA -#define OPENCARDNAMEW_EX OPENCARDNAME_EXW -#define POPENCARDNAMEA_EX POPENCARDNAME_EXA -#define POPENCARDNAMEW_EX POPENCARDNAME_EXW -#define LPOPENCARDNAMEA_EX LPOPENCARDNAME_EXA -#define LPOPENCARDNAMEW_EX LPOPENCARDNAME_EXW - - -// -// SCardUIDlgSelectCard replaces GetOpenCardName -// - -extern WINSCARDAPI LONG WINAPI -SCardUIDlgSelectCardA( - LPOPENCARDNAMEA_EX); -extern WINSCARDAPI LONG WINAPI -SCardUIDlgSelectCardW( - LPOPENCARDNAMEW_EX); -#ifdef UNICODE -#define SCardUIDlgSelectCard SCardUIDlgSelectCardW -#else -#define SCardUIDlgSelectCard SCardUIDlgSelectCardA -#endif // !UNICODE - - -// -// "Smart Card Common Dialog" definitions for backwards compatibility -// with the Smart Card Base Services SDK version 1.0 -// - -typedef struct { - DWORD dwStructSize; - HWND hwndOwner; - SCARDCONTEXT hSCardContext; - LPSTR lpstrGroupNames; - DWORD nMaxGroupNames; - LPSTR lpstrCardNames; - DWORD nMaxCardNames; - LPCGUID rgguidInterfaces; - DWORD cguidInterfaces; - LPSTR lpstrRdr; - DWORD nMaxRdr; - LPSTR lpstrCard; - DWORD nMaxCard; - LPCSTR lpstrTitle; - DWORD dwFlags; - LPVOID pvUserData; - DWORD dwShareMode; - DWORD dwPreferredProtocols; - DWORD dwActiveProtocol; - LPOCNCONNPROCA lpfnConnect; - LPOCNCHKPROC lpfnCheck; - LPOCNDSCPROC lpfnDisconnect; - SCARDHANDLE hCardHandle; -} OPENCARDNAMEA, *POPENCARDNAMEA, *LPOPENCARDNAMEA; -typedef struct { - DWORD dwStructSize; - HWND hwndOwner; - SCARDCONTEXT hSCardContext; - LPWSTR lpstrGroupNames; - DWORD nMaxGroupNames; - LPWSTR lpstrCardNames; - DWORD nMaxCardNames; - LPCGUID rgguidInterfaces; - DWORD cguidInterfaces; - LPWSTR lpstrRdr; - DWORD nMaxRdr; - LPWSTR lpstrCard; - DWORD nMaxCard; - LPCWSTR lpstrTitle; - DWORD dwFlags; - LPVOID pvUserData; - DWORD dwShareMode; - DWORD dwPreferredProtocols; - DWORD dwActiveProtocol; - LPOCNCONNPROCW lpfnConnect; - LPOCNCHKPROC lpfnCheck; - LPOCNDSCPROC lpfnDisconnect; - SCARDHANDLE hCardHandle; -} OPENCARDNAMEW, *POPENCARDNAMEW, *LPOPENCARDNAMEW; -#ifdef UNICODE -typedef OPENCARDNAMEW OPENCARDNAME; -typedef POPENCARDNAMEW POPENCARDNAME; -typedef LPOPENCARDNAMEW LPOPENCARDNAME; -#else -typedef OPENCARDNAMEA OPENCARDNAME; -typedef POPENCARDNAMEA POPENCARDNAME; -typedef LPOPENCARDNAMEA LPOPENCARDNAME; -#endif // UNICODE - -// Backwards compatibility macros -#define OPENCARDNAME_A OPENCARDNAMEA -#define OPENCARDNAME_W OPENCARDNAMEW -#define POPENCARDNAME_A POPENCARDNAMEA -#define POPENCARDNAME_W POPENCARDNAMEW -#define LPOPENCARDNAME_A LPOPENCARDNAMEA -#define LPOPENCARDNAME_W LPOPENCARDNAMEW - -extern WINSCARDAPI LONG WINAPI -GetOpenCardNameA( - LPOPENCARDNAMEA); -extern WINSCARDAPI LONG WINAPI -GetOpenCardNameW( - LPOPENCARDNAMEW); -#ifdef UNICODE -#define GetOpenCardName GetOpenCardNameW -#else -#define GetOpenCardName GetOpenCardNameA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardDlgExtendedError (void); - -#if (NTDDI_VERSION >= NTDDI_VISTA) - -// -// Smartcard Caching API -// - -extern WINSCARDAPI LONG WINAPI -SCardReadCacheA( - SCARDCONTEXT hContext, - UUID *CardIdentifier, - DWORD FreshnessCounter, - LPSTR LookupName, - PBYTE Data, - DWORD *DataLen); -extern WINSCARDAPI LONG WINAPI -SCardReadCacheW( - SCARDCONTEXT hContext, - UUID *CardIdentifier, - DWORD FreshnessCounter, - LPWSTR LookupName, - PBYTE Data, - DWORD *DataLen); -#ifdef UNICODE -#define SCardReadCache SCardReadCacheW -#else -#define SCardReadCache SCardReadCacheA -#endif // !UNICODE - -extern WINSCARDAPI LONG WINAPI -SCardWriteCacheA( - SCARDCONTEXT hContext, - UUID *CardIdentifier, - DWORD FreshnessCounter, - LPSTR LookupName, - PBYTE Data, - DWORD DataLen); -extern WINSCARDAPI LONG WINAPI -SCardWriteCacheW( - SCARDCONTEXT hContext, - UUID *CardIdentifier, - DWORD FreshnessCounter, - LPWSTR LookupName, - PBYTE Data, - DWORD DataLen); -#ifdef UNICODE -#define SCardWriteCache SCardWriteCacheW -#else -#define SCardWriteCache SCardWriteCacheA -#endif // !UNICODE - -#endif // (NTDDI_VERSION >= NTDDI_VISTA) - -#ifdef __cplusplus -} -#endif -#endif // _WINSCARD_H_ - - DELETED build/cackey_win32_build/include/winsmcrd.h Index: build/cackey_win32_build/include/winsmcrd.h ================================================================== --- build/cackey_win32_build/include/winsmcrd.h +++ /dev/null @@ -1,333 +0,0 @@ -/*++ - -Copyright (c) 1996 Microsoft Corporation - -Module Name: - - winsmcrd.h - -Abstract: - Smart Card class/port IOCTL codes. This file is required for all code - user mode and kernel mode, using Smart Card IOCTL's, defines, - data structures - -Revision History: - ---*/ - - -#ifndef _NTDDSCRD_H2_ -#define _NTDDSCRD_H2_ - -#if defined (_MSC_VER) && (_MSC_VER >= 1020) -#pragma once -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef _WINSCARD_H_ -typedef DWORD ULONG; -typedef WORD UWORD; -typedef BYTE UCHAR; -#else -typedef ULONG DWORD; -// typedef UWORD WORD; -typedef UCHAR BYTE; -#endif - -#ifndef DEVICE_TYPE_SMARTCARD -#ifndef FILE_DEVICE_SMARTCARD -#define FILE_DEVICE_SMARTCARD 0x00000031 -#endif -#else -#if 0x00000031 != FILE_DEVICE_SMARTCARD -#error "Incorrect Smart Card Device Definition" -#endif -#endif - - -// -// Various constants -// - -#define SCARD_ATR_LENGTH 33 // ISO 7816-3 spec. - -// -/////////////////////////////////////////////////////////////////////////////// -// -// Protocol Flag definitions -// - -#define SCARD_PROTOCOL_UNDEFINED 0x00000000 // There is no active protocol. -#define SCARD_PROTOCOL_T0 0x00000001 // T=0 is the active protocol. -#define SCARD_PROTOCOL_T1 0x00000002 // T=1 is the active protocol. -#define SCARD_PROTOCOL_RAW 0x00010000 // Raw is the active protocol. -// -// This is the mask of ISO defined transmission protocols -// -#define SCARD_PROTOCOL_Tx (SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1) -// -// Use the default transmission parameters / card clock freq. -// -#define SCARD_PROTOCOL_DEFAULT 0x80000000 -// -// Use optimal transmission parameters / card clock freq. -// Since using the optimal parameters is the default case no bit is defined to be 1 -// -#define SCARD_PROTOCOL_OPTIMAL 0x00000000 - - -// -// Ioctl parameters 1 for IOCTL_SMARTCARD_POWER -// -#define SCARD_POWER_DOWN 0 // Power down the card. -#define SCARD_COLD_RESET 1 // Cycle power and reset the card. -#define SCARD_WARM_RESET 2 // Force a reset on the card. - -// -/////////////////////////////////////////////////////////////////////////////// -// -// Reader Action IOCTLs -// - -#define SCARD_CTL_CODE(code) CTL_CODE(FILE_DEVICE_SMARTCARD, \ - (code), \ - METHOD_BUFFERED, \ - FILE_ANY_ACCESS) - -#define IOCTL_SMARTCARD_POWER SCARD_CTL_CODE( 1) -#define IOCTL_SMARTCARD_GET_ATTRIBUTE SCARD_CTL_CODE( 2) -#define IOCTL_SMARTCARD_SET_ATTRIBUTE SCARD_CTL_CODE( 3) -#define IOCTL_SMARTCARD_CONFISCATE SCARD_CTL_CODE( 4) -#define IOCTL_SMARTCARD_TRANSMIT SCARD_CTL_CODE( 5) -#define IOCTL_SMARTCARD_EJECT SCARD_CTL_CODE( 6) -#define IOCTL_SMARTCARD_SWALLOW SCARD_CTL_CODE( 7) -// #define IOCTL_SMARTCARD_READ SCARD_CTL_CODE( 8) obsolete -// #define IOCTL_SMARTCARD_WRITE SCARD_CTL_CODE( 9) obsolete -#define IOCTL_SMARTCARD_IS_PRESENT SCARD_CTL_CODE(10) -#define IOCTL_SMARTCARD_IS_ABSENT SCARD_CTL_CODE(11) -#define IOCTL_SMARTCARD_SET_PROTOCOL SCARD_CTL_CODE(12) -#define IOCTL_SMARTCARD_GET_STATE SCARD_CTL_CODE(14) -#define IOCTL_SMARTCARD_GET_LAST_ERROR SCARD_CTL_CODE(15) -#define IOCTL_SMARTCARD_GET_PERF_CNTR SCARD_CTL_CODE(16) - - -// -/////////////////////////////////////////////////////////////////////////////// -// -// Tags for requesting card and reader attributes -// - -#define MAXIMUM_ATTR_STRING_LENGTH 32 // Nothing bigger than this from getAttr -#define MAXIMUM_SMARTCARD_READERS 10 // Limit the readers on the system - -#define SCARD_ATTR_VALUE(Class, Tag) ((((ULONG)(Class)) << 16) | ((ULONG)(Tag))) - -#define SCARD_CLASS_VENDOR_INFO 1 // Vendor information definitions -#define SCARD_CLASS_COMMUNICATIONS 2 // Communication definitions -#define SCARD_CLASS_PROTOCOL 3 // Protocol definitions -#define SCARD_CLASS_POWER_MGMT 4 // Power Management definitions -#define SCARD_CLASS_SECURITY 5 // Security Assurance definitions -#define SCARD_CLASS_MECHANICAL 6 // Mechanical characteristic definitions -#define SCARD_CLASS_VENDOR_DEFINED 7 // Vendor specific definitions -#define SCARD_CLASS_IFD_PROTOCOL 8 // Interface Device Protocol options -#define SCARD_CLASS_ICC_STATE 9 // ICC State specific definitions -#define SCARD_CLASS_PERF 0x7ffe // performace counters -#define SCARD_CLASS_SYSTEM 0x7fff // System-specific definitions - -#define SCARD_ATTR_VENDOR_NAME SCARD_ATTR_VALUE(SCARD_CLASS_VENDOR_INFO, 0x0100) -#define SCARD_ATTR_VENDOR_IFD_TYPE SCARD_ATTR_VALUE(SCARD_CLASS_VENDOR_INFO, 0x0101) -#define SCARD_ATTR_VENDOR_IFD_VERSION SCARD_ATTR_VALUE(SCARD_CLASS_VENDOR_INFO, 0x0102) -#define SCARD_ATTR_VENDOR_IFD_SERIAL_NO SCARD_ATTR_VALUE(SCARD_CLASS_VENDOR_INFO, 0x0103) -#define SCARD_ATTR_CHANNEL_ID SCARD_ATTR_VALUE(SCARD_CLASS_COMMUNICATIONS, 0x0110) -#define SCARD_ATTR_PROTOCOL_TYPES SCARD_ATTR_VALUE(SCARD_CLASS_PROTOCOL, 0x0120) -// #define SCARD_ATTR_ASYNC_PROTOCOL_TYPES SCARD_ATTR_VALUE(SCARD_CLASS_PROTOCOL, 0x0120) -#define SCARD_ATTR_DEFAULT_CLK SCARD_ATTR_VALUE(SCARD_CLASS_PROTOCOL, 0x0121) -#define SCARD_ATTR_MAX_CLK SCARD_ATTR_VALUE(SCARD_CLASS_PROTOCOL, 0x0122) -#define SCARD_ATTR_DEFAULT_DATA_RATE SCARD_ATTR_VALUE(SCARD_CLASS_PROTOCOL, 0x0123) -#define SCARD_ATTR_MAX_DATA_RATE SCARD_ATTR_VALUE(SCARD_CLASS_PROTOCOL, 0x0124) -#define SCARD_ATTR_MAX_IFSD SCARD_ATTR_VALUE(SCARD_CLASS_PROTOCOL, 0x0125) -// #define SCARD_ATTR_SYNC_PROTOCOL_TYPES SCARD_ATTR_VALUE(SCARD_CLASS_PROTOCOL, 0x0126) -#define SCARD_ATTR_POWER_MGMT_SUPPORT SCARD_ATTR_VALUE(SCARD_CLASS_POWER_MGMT, 0x0131) -#define SCARD_ATTR_USER_TO_CARD_AUTH_DEVICE SCARD_ATTR_VALUE(SCARD_CLASS_SECURITY, 0x0140) -#define SCARD_ATTR_USER_AUTH_INPUT_DEVICE SCARD_ATTR_VALUE(SCARD_CLASS_SECURITY, 0x0142) -#define SCARD_ATTR_CHARACTERISTICS SCARD_ATTR_VALUE(SCARD_CLASS_MECHANICAL, 0x0150) - -#define SCARD_ATTR_CURRENT_PROTOCOL_TYPE SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x0201) -#define SCARD_ATTR_CURRENT_CLK SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x0202) -#define SCARD_ATTR_CURRENT_F SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x0203) -#define SCARD_ATTR_CURRENT_D SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x0204) -#define SCARD_ATTR_CURRENT_N SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x0205) -#define SCARD_ATTR_CURRENT_W SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x0206) -#define SCARD_ATTR_CURRENT_IFSC SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x0207) -#define SCARD_ATTR_CURRENT_IFSD SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x0208) -#define SCARD_ATTR_CURRENT_BWT SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x0209) -#define SCARD_ATTR_CURRENT_CWT SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x020a) -#define SCARD_ATTR_CURRENT_EBC_ENCODING SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x020b) -#define SCARD_ATTR_EXTENDED_BWT SCARD_ATTR_VALUE(SCARD_CLASS_IFD_PROTOCOL, 0x020c) - -#define SCARD_ATTR_ICC_PRESENCE SCARD_ATTR_VALUE(SCARD_CLASS_ICC_STATE, 0x0300) -#define SCARD_ATTR_ICC_INTERFACE_STATUS SCARD_ATTR_VALUE(SCARD_CLASS_ICC_STATE, 0x0301) -#define SCARD_ATTR_CURRENT_IO_STATE SCARD_ATTR_VALUE(SCARD_CLASS_ICC_STATE, 0x0302) -#define SCARD_ATTR_ATR_STRING SCARD_ATTR_VALUE(SCARD_CLASS_ICC_STATE, 0x0303) -#define SCARD_ATTR_ICC_TYPE_PER_ATR SCARD_ATTR_VALUE(SCARD_CLASS_ICC_STATE, 0x0304) - -#define SCARD_ATTR_ESC_RESET SCARD_ATTR_VALUE(SCARD_CLASS_VENDOR_DEFINED, 0xA000) -#define SCARD_ATTR_ESC_CANCEL SCARD_ATTR_VALUE(SCARD_CLASS_VENDOR_DEFINED, 0xA003) -#define SCARD_ATTR_ESC_AUTHREQUEST SCARD_ATTR_VALUE(SCARD_CLASS_VENDOR_DEFINED, 0xA005) -#define SCARD_ATTR_MAXINPUT SCARD_ATTR_VALUE(SCARD_CLASS_VENDOR_DEFINED, 0xA007) - -#define SCARD_ATTR_DEVICE_UNIT SCARD_ATTR_VALUE(SCARD_CLASS_SYSTEM, 0x0001) -#define SCARD_ATTR_DEVICE_IN_USE SCARD_ATTR_VALUE(SCARD_CLASS_SYSTEM, 0x0002) -#define SCARD_ATTR_DEVICE_FRIENDLY_NAME_A SCARD_ATTR_VALUE(SCARD_CLASS_SYSTEM, 0x0003) -#define SCARD_ATTR_DEVICE_SYSTEM_NAME_A SCARD_ATTR_VALUE(SCARD_CLASS_SYSTEM, 0x0004) -#define SCARD_ATTR_DEVICE_FRIENDLY_NAME_W SCARD_ATTR_VALUE(SCARD_CLASS_SYSTEM, 0x0005) -#define SCARD_ATTR_DEVICE_SYSTEM_NAME_W SCARD_ATTR_VALUE(SCARD_CLASS_SYSTEM, 0x0006) -#define SCARD_ATTR_SUPRESS_T1_IFS_REQUEST SCARD_ATTR_VALUE(SCARD_CLASS_SYSTEM, 0x0007) - -#define SCARD_PERF_NUM_TRANSMISSIONS SCARD_ATTR_VALUE(SCARD_CLASS_PERF, 0x0001) -#define SCARD_PERF_BYTES_TRANSMITTED SCARD_ATTR_VALUE(SCARD_CLASS_PERF, 0x0002) -#define SCARD_PERF_TRANSMISSION_TIME SCARD_ATTR_VALUE(SCARD_CLASS_PERF, 0x0003) - -#ifdef UNICODE -#define SCARD_ATTR_DEVICE_FRIENDLY_NAME SCARD_ATTR_DEVICE_FRIENDLY_NAME_W -#define SCARD_ATTR_DEVICE_SYSTEM_NAME SCARD_ATTR_DEVICE_SYSTEM_NAME_W -#else -#define SCARD_ATTR_DEVICE_FRIENDLY_NAME SCARD_ATTR_DEVICE_FRIENDLY_NAME_A -#define SCARD_ATTR_DEVICE_SYSTEM_NAME SCARD_ATTR_DEVICE_SYSTEM_NAME_A -#endif - - -// -// T=0 Protocol Defines -// - -#define SCARD_T0_HEADER_LENGTH 7 -#define SCARD_T0_CMD_LENGTH 5 - - -// -// T=1 Protocol Defines -// - -#define SCARD_T1_PROLOGUE_LENGTH 3 -#define SCARD_T1_EPILOGUE_LENGTH 2 -#define SCARD_T1_MAX_IFS 254 - - -// -/////////////////////////////////////////////////////////////////////////////// -// -// Reader states -// - -#define SCARD_UNKNOWN 0 // This value implies the driver is unaware - // of the current state of the reader. -#define SCARD_ABSENT 1 // This value implies there is no card in - // the reader. -#define SCARD_PRESENT 2 // This value implies there is a card is - // present in the reader, but that it has - // not been moved into position for use. -#define SCARD_SWALLOWED 3 // This value implies there is a card in the - // reader in position for use. The card is - // not powered. -#define SCARD_POWERED 4 // This value implies there is power is - // being provided to the card, but the - // Reader Driver is unaware of the mode of - // the card. -#define SCARD_NEGOTIABLE 5 // This value implies the card has been - // reset and is awaiting PTS negotiation. -#define SCARD_SPECIFIC 6 // This value implies the card has been - // reset and specific communication - // protocols have been established. - -//////////////////////////////////////////////////////////////////////////////// -// -// I/O Services -// -// The following services provide access to the I/O capabilities of the -// reader drivers. Services of the Smart Card are requested by placing the -// following structure into the protocol buffer: -// - - -typedef struct _SCARD_IO_REQUEST{ - DWORD dwProtocol; // Protocol identifier - DWORD cbPciLength; // Protocol Control Information Length -} SCARD_IO_REQUEST, *PSCARD_IO_REQUEST, *LPSCARD_IO_REQUEST; -typedef const SCARD_IO_REQUEST *LPCSCARD_IO_REQUEST; - - -// -// T=0 protocol services. -// - -typedef struct { - BYTE - bCla, // The instruction class - bIns, // The instruction code within the instruction class - bP1, - bP2, // Parameters to the instruction - bP3; // Size of I/O Transfer -} SCARD_T0_COMMAND, *LPSCARD_T0_COMMAND; - -typedef struct { - SCARD_IO_REQUEST ioRequest; - BYTE - bSw1, - bSw2; // Return codes from the instruction - union - { - SCARD_T0_COMMAND CmdBytes; - BYTE rgbHeader[5]; - } DUMMYUNIONNAME; -} SCARD_T0_REQUEST; - -typedef SCARD_T0_REQUEST *PSCARD_T0_REQUEST, *LPSCARD_T0_REQUEST; - - -// -// T=1 Protocol Services -// - -typedef struct { - SCARD_IO_REQUEST ioRequest; -} SCARD_T1_REQUEST; -typedef SCARD_T1_REQUEST *PSCARD_T1_REQUEST, *LPSCARD_T1_REQUEST; - - -// -//////////////////////////////////////////////////////////////////////////////// -// -// Driver attribute flags -// - -#define SCARD_READER_SWALLOWS 0x00000001 // Reader has a card swallowing - // mechanism. -#define SCARD_READER_EJECTS 0x00000002 // Reader has a card ejection - // mechanism. -#define SCARD_READER_CONFISCATES 0x00000004 // Reader has a card capture - // mechanism. - -// -/////////////////////////////////////////////////////////////////////////////// -// -// Type of reader -// -#define SCARD_READER_TYPE_SERIAL 0x01 -#define SCARD_READER_TYPE_PARALELL 0x02 -#define SCARD_READER_TYPE_KEYBOARD 0x04 -#define SCARD_READER_TYPE_SCSI 0x08 -#define SCARD_READER_TYPE_IDE 0x10 -#define SCARD_READER_TYPE_USB 0x20 -#define SCARD_READER_TYPE_PCMCIA 0x40 -#define SCARD_READER_TYPE_VENDOR 0xF0 - -#ifdef __cplusplus -} -#endif -#endif - - DELETED build/cackey_win32_build/include/zconf.h Index: build/cackey_win32_build/include/zconf.h ================================================================== --- build/cackey_win32_build/include/zconf.h +++ /dev/null @@ -1,332 +0,0 @@ -/* zconf.h -- configuration of the zlib compression library - * Copyright (C) 1995-2005 Jean-loup Gailly. - * For conditions of distribution and use, see copyright notice in zlib.h - */ - -/* @(#) $Id$ */ - -#ifndef ZCONF_H -#define ZCONF_H - -/* - * If you *really* need a unique prefix for all types and library functions, - * compile with -DZ_PREFIX. The "standard" zlib should be compiled without it. - */ -#ifdef Z_PREFIX -# define deflateInit_ z_deflateInit_ -# define deflate z_deflate -# define deflateEnd z_deflateEnd -# define inflateInit_ z_inflateInit_ -# define inflate z_inflate -# define inflateEnd z_inflateEnd -# define deflateInit2_ z_deflateInit2_ -# define deflateSetDictionary z_deflateSetDictionary -# define deflateCopy z_deflateCopy -# define deflateReset z_deflateReset -# define deflateParams z_deflateParams -# define deflateBound z_deflateBound -# define deflatePrime z_deflatePrime -# define inflateInit2_ z_inflateInit2_ -# define inflateSetDictionary z_inflateSetDictionary -# define inflateSync z_inflateSync -# define inflateSyncPoint z_inflateSyncPoint -# define inflateCopy z_inflateCopy -# define inflateReset z_inflateReset -# define inflateBack z_inflateBack -# define inflateBackEnd z_inflateBackEnd -# define compress z_compress -# define compress2 z_compress2 -# define compressBound z_compressBound -# define uncompress z_uncompress -# define adler32 z_adler32 -# define crc32 z_crc32 -# define get_crc_table z_get_crc_table -# define zError z_zError - -# define alloc_func z_alloc_func -# define free_func z_free_func -# define in_func z_in_func -# define out_func z_out_func -# define Byte z_Byte -# define uInt z_uInt -# define uLong z_uLong -# define Bytef z_Bytef -# define charf z_charf -# define intf z_intf -# define uIntf z_uIntf -# define uLongf z_uLongf -# define voidpf z_voidpf -# define voidp z_voidp -#endif - -#if defined(__MSDOS__) && !defined(MSDOS) -# define MSDOS -#endif -#if (defined(OS_2) || defined(__OS2__)) && !defined(OS2) -# define OS2 -#endif -#if defined(_WINDOWS) && !defined(WINDOWS) -# define WINDOWS -#endif -#if defined(_WIN32) || defined(_WIN32_WCE) || defined(__WIN32__) -# ifndef WIN32 -# define WIN32 -# endif -#endif -#if (defined(MSDOS) || defined(OS2) || defined(WINDOWS)) && !defined(WIN32) -# if !defined(__GNUC__) && !defined(__FLAT__) && !defined(__386__) -# ifndef SYS16BIT -# define SYS16BIT -# endif -# endif -#endif - -/* - * Compile with -DMAXSEG_64K if the alloc function cannot allocate more - * than 64k bytes at a time (needed on systems with 16-bit int). - */ -#ifdef SYS16BIT -# define MAXSEG_64K -#endif -#ifdef MSDOS -# define UNALIGNED_OK -#endif - -#ifdef __STDC_VERSION__ -# ifndef STDC -# define STDC -# endif -# if __STDC_VERSION__ >= 199901L -# ifndef STDC99 -# define STDC99 -# endif -# endif -#endif -#if !defined(STDC) && (defined(__STDC__) || defined(__cplusplus)) -# define STDC -#endif -#if !defined(STDC) && (defined(__GNUC__) || defined(__BORLANDC__)) -# define STDC -#endif -#if !defined(STDC) && (defined(MSDOS) || defined(WINDOWS) || defined(WIN32)) -# define STDC -#endif -#if !defined(STDC) && (defined(OS2) || defined(__HOS_AIX__)) -# define STDC -#endif - -#if defined(__OS400__) && !defined(STDC) /* iSeries (formerly AS/400). */ -# define STDC -#endif - -#ifndef STDC -# ifndef const /* cannot use !defined(STDC) && !defined(const) on Mac */ -# define const /* note: need a more gentle solution here */ -# endif -#endif - -/* Some Mac compilers merge all .h files incorrectly: */ -#if defined(__MWERKS__)||defined(applec)||defined(THINK_C)||defined(__SC__) -# define NO_DUMMY_DECL -#endif - -/* Maximum value for memLevel in deflateInit2 */ -#ifndef MAX_MEM_LEVEL -# ifdef MAXSEG_64K -# define MAX_MEM_LEVEL 8 -# else -# define MAX_MEM_LEVEL 9 -# endif -#endif - -/* Maximum value for windowBits in deflateInit2 and inflateInit2. - * WARNING: reducing MAX_WBITS makes minigzip unable to extract .gz files - * created by gzip. (Files created by minigzip can still be extracted by - * gzip.) - */ -#ifndef MAX_WBITS -# define MAX_WBITS 15 /* 32K LZ77 window */ -#endif - -/* The memory requirements for deflate are (in bytes): - (1 << (windowBits+2)) + (1 << (memLevel+9)) - that is: 128K for windowBits=15 + 128K for memLevel = 8 (default values) - plus a few kilobytes for small objects. For example, if you want to reduce - the default memory requirements from 256K to 128K, compile with - make CFLAGS="-O -DMAX_WBITS=14 -DMAX_MEM_LEVEL=7" - Of course this will generally degrade compression (there's no free lunch). - - The memory requirements for inflate are (in bytes) 1 << windowBits - that is, 32K for windowBits=15 (default value) plus a few kilobytes - for small objects. -*/ - - /* Type declarations */ - -#ifndef OF /* function prototypes */ -# ifdef STDC -# define OF(args) args -# else -# define OF(args) () -# endif -#endif - -/* The following definitions for FAR are needed only for MSDOS mixed - * model programming (small or medium model with some far allocations). - * This was tested only with MSC; for other MSDOS compilers you may have - * to define NO_MEMCPY in zutil.h. If you don't need the mixed model, - * just define FAR to be empty. - */ -#ifdef SYS16BIT -# if defined(M_I86SM) || defined(M_I86MM) - /* MSC small or medium model */ -# define SMALL_MEDIUM -# ifdef _MSC_VER -# define FAR _far -# else -# define FAR far -# endif -# endif -# if (defined(__SMALL__) || defined(__MEDIUM__)) - /* Turbo C small or medium model */ -# define SMALL_MEDIUM -# ifdef __BORLANDC__ -# define FAR _far -# else -# define FAR far -# endif -# endif -#endif - -#if defined(WINDOWS) || defined(WIN32) - /* If building or using zlib as a DLL, define ZLIB_DLL. - * This is not mandatory, but it offers a little performance increase. - */ -# ifdef ZLIB_DLL -# if defined(WIN32) && (!defined(__BORLANDC__) || (__BORLANDC__ >= 0x500)) -# ifdef ZLIB_INTERNAL -# define ZEXTERN extern __declspec(dllexport) -# else -# define ZEXTERN extern __declspec(dllimport) -# endif -# endif -# endif /* ZLIB_DLL */ - /* If building or using zlib with the WINAPI/WINAPIV calling convention, - * define ZLIB_WINAPI. - * Caution: the standard ZLIB1.DLL is NOT compiled using ZLIB_WINAPI. - */ -# ifdef ZLIB_WINAPI -# ifdef FAR -# undef FAR -# endif -# include - /* No need for _export, use ZLIB.DEF instead. */ - /* For complete Windows compatibility, use WINAPI, not __stdcall. */ -# define ZEXPORT WINAPI -# ifdef WIN32 -# define ZEXPORTVA WINAPIV -# else -# define ZEXPORTVA FAR CDECL -# endif -# endif -#endif - -#if defined (__BEOS__) -# ifdef ZLIB_DLL -# ifdef ZLIB_INTERNAL -# define ZEXPORT __declspec(dllexport) -# define ZEXPORTVA __declspec(dllexport) -# else -# define ZEXPORT __declspec(dllimport) -# define ZEXPORTVA __declspec(dllimport) -# endif -# endif -#endif - -#ifndef ZEXTERN -# define ZEXTERN extern -#endif -#ifndef ZEXPORT -# define ZEXPORT -#endif -#ifndef ZEXPORTVA -# define ZEXPORTVA -#endif - -#ifndef FAR -# define FAR -#endif - -#if !defined(__MACTYPES__) -typedef unsigned char Byte; /* 8 bits */ -#endif -typedef unsigned int uInt; /* 16 bits or more */ -typedef unsigned long uLong; /* 32 bits or more */ - -#ifdef SMALL_MEDIUM - /* Borland C/C++ and some old MSC versions ignore FAR inside typedef */ -# define Bytef Byte FAR -#else - typedef Byte FAR Bytef; -#endif -typedef char FAR charf; -typedef int FAR intf; -typedef uInt FAR uIntf; -typedef uLong FAR uLongf; - -#ifdef STDC - typedef void const *voidpc; - typedef void FAR *voidpf; - typedef void *voidp; -#else - typedef Byte const *voidpc; - typedef Byte FAR *voidpf; - typedef Byte *voidp; -#endif - -#if 1 /* HAVE_UNISTD_H -- this line is updated by ./configure */ -# include /* for off_t */ -# include /* for SEEK_* and off_t */ -# ifdef VMS -# include /* for off_t */ -# endif -# define z_off_t off_t -#endif -#ifndef SEEK_SET -# define SEEK_SET 0 /* Seek from beginning of file. */ -# define SEEK_CUR 1 /* Seek from current position. */ -# define SEEK_END 2 /* Set file pointer to EOF plus "offset" */ -#endif -#ifndef z_off_t -# define z_off_t long -#endif - -#if defined(__OS400__) -# define NO_vsnprintf -#endif - -#if defined(__MVS__) -# define NO_vsnprintf -# ifdef FAR -# undef FAR -# endif -#endif - -/* MVS linker does not support external names larger than 8 bytes */ -#if defined(__MVS__) -# pragma map(deflateInit_,"DEIN") -# pragma map(deflateInit2_,"DEIN2") -# pragma map(deflateEnd,"DEEND") -# pragma map(deflateBound,"DEBND") -# pragma map(inflateInit_,"ININ") -# pragma map(inflateInit2_,"ININ2") -# pragma map(inflateEnd,"INEND") -# pragma map(inflateSync,"INSY") -# pragma map(inflateSetDictionary,"INSEDI") -# pragma map(compressBound,"CMBND") -# pragma map(inflate_table,"INTABL") -# pragma map(inflate_fast,"INFA") -# pragma map(inflate_copyright,"INCOPY") -#endif - -#endif /* ZCONF_H */ DELETED build/cackey_win32_build/include/zlib.h Index: build/cackey_win32_build/include/zlib.h ================================================================== --- build/cackey_win32_build/include/zlib.h +++ /dev/null @@ -1,1357 +0,0 @@ -/* zlib.h -- interface of the 'zlib' general purpose compression library - version 1.2.3, July 18th, 2005 - - Copyright (C) 1995-2005 Jean-loup Gailly and Mark Adler - - This software is provided 'as-is', without any express or implied - warranty. In no event will the authors be held liable for any damages - arising from the use of this software. - - Permission is granted to anyone to use this software for any purpose, - including commercial applications, and to alter it and redistribute it - freely, subject to the following restrictions: - - 1. The origin of this software must not be misrepresented; you must not - claim that you wrote the original software. If you use this software - in a product, an acknowledgment in the product documentation would be - appreciated but is not required. - 2. Altered source versions must be plainly marked as such, and must not be - misrepresented as being the original software. - 3. This notice may not be removed or altered from any source distribution. - - Jean-loup Gailly Mark Adler - jloup@gzip.org madler@alumni.caltech.edu - - - The data format used by the zlib library is described by RFCs (Request for - Comments) 1950 to 1952 in the files http://www.ietf.org/rfc/rfc1950.txt - (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format). -*/ - -#ifndef ZLIB_H -#define ZLIB_H - -#include "zconf.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#define ZLIB_VERSION "1.2.3" -#define ZLIB_VERNUM 0x1230 - -/* - The 'zlib' compression library provides in-memory compression and - decompression functions, including integrity checks of the uncompressed - data. This version of the library supports only one compression method - (deflation) but other algorithms will be added later and will have the same - stream interface. - - Compression can be done in a single step if the buffers are large - enough (for example if an input file is mmap'ed), or can be done by - repeated calls of the compression function. In the latter case, the - application must provide more input and/or consume the output - (providing more output space) before each call. - - The compressed data format used by default by the in-memory functions is - the zlib format, which is a zlib wrapper documented in RFC 1950, wrapped - around a deflate stream, which is itself documented in RFC 1951. - - The library also supports reading and writing files in gzip (.gz) format - with an interface similar to that of stdio using the functions that start - with "gz". The gzip format is different from the zlib format. gzip is a - gzip wrapper, documented in RFC 1952, wrapped around a deflate stream. - - This library can optionally read and write gzip streams in memory as well. - - The zlib format was designed to be compact and fast for use in memory - and on communications channels. The gzip format was designed for single- - file compression on file systems, has a larger header than zlib to maintain - directory information, and uses a different, slower check method than zlib. - - The library does not install any signal handler. The decoder checks - the consistency of the compressed data, so the library should never - crash even in case of corrupted input. -*/ - -typedef voidpf (*alloc_func) OF((voidpf opaque, uInt items, uInt size)); -typedef void (*free_func) OF((voidpf opaque, voidpf address)); - -struct internal_state; - -typedef struct z_stream_s { - Bytef *next_in; /* next input byte */ - uInt avail_in; /* number of bytes available at next_in */ - uLong total_in; /* total nb of input bytes read so far */ - - Bytef *next_out; /* next output byte should be put there */ - uInt avail_out; /* remaining free space at next_out */ - uLong total_out; /* total nb of bytes output so far */ - - char *msg; /* last error message, NULL if no error */ - struct internal_state FAR *state; /* not visible by applications */ - - alloc_func zalloc; /* used to allocate the internal state */ - free_func zfree; /* used to free the internal state */ - voidpf opaque; /* private data object passed to zalloc and zfree */ - - int data_type; /* best guess about the data type: binary or text */ - uLong adler; /* adler32 value of the uncompressed data */ - uLong reserved; /* reserved for future use */ -} z_stream; - -typedef z_stream FAR *z_streamp; - -/* - gzip header information passed to and from zlib routines. See RFC 1952 - for more details on the meanings of these fields. -*/ -typedef struct gz_header_s { - int text; /* true if compressed data believed to be text */ - uLong time; /* modification time */ - int xflags; /* extra flags (not used when writing a gzip file) */ - int os; /* operating system */ - Bytef *extra; /* pointer to extra field or Z_NULL if none */ - uInt extra_len; /* extra field length (valid if extra != Z_NULL) */ - uInt extra_max; /* space at extra (only when reading header) */ - Bytef *name; /* pointer to zero-terminated file name or Z_NULL */ - uInt name_max; /* space at name (only when reading header) */ - Bytef *comment; /* pointer to zero-terminated comment or Z_NULL */ - uInt comm_max; /* space at comment (only when reading header) */ - int hcrc; /* true if there was or will be a header crc */ - int done; /* true when done reading gzip header (not used - when writing a gzip file) */ -} gz_header; - -typedef gz_header FAR *gz_headerp; - -/* - The application must update next_in and avail_in when avail_in has - dropped to zero. It must update next_out and avail_out when avail_out - has dropped to zero. The application must initialize zalloc, zfree and - opaque before calling the init function. All other fields are set by the - compression library and must not be updated by the application. - - The opaque value provided by the application will be passed as the first - parameter for calls of zalloc and zfree. This can be useful for custom - memory management. The compression library attaches no meaning to the - opaque value. - - zalloc must return Z_NULL if there is not enough memory for the object. - If zlib is used in a multi-threaded application, zalloc and zfree must be - thread safe. - - On 16-bit systems, the functions zalloc and zfree must be able to allocate - exactly 65536 bytes, but will not be required to allocate more than this - if the symbol MAXSEG_64K is defined (see zconf.h). WARNING: On MSDOS, - pointers returned by zalloc for objects of exactly 65536 bytes *must* - have their offset normalized to zero. The default allocation function - provided by this library ensures this (see zutil.c). To reduce memory - requirements and avoid any allocation of 64K objects, at the expense of - compression ratio, compile the library with -DMAX_WBITS=14 (see zconf.h). - - The fields total_in and total_out can be used for statistics or - progress reports. After compression, total_in holds the total size of - the uncompressed data and may be saved for use in the decompressor - (particularly if the decompressor wants to decompress everything in - a single step). -*/ - - /* constants */ - -#define Z_NO_FLUSH 0 -#define Z_PARTIAL_FLUSH 1 /* will be removed, use Z_SYNC_FLUSH instead */ -#define Z_SYNC_FLUSH 2 -#define Z_FULL_FLUSH 3 -#define Z_FINISH 4 -#define Z_BLOCK 5 -/* Allowed flush values; see deflate() and inflate() below for details */ - -#define Z_OK 0 -#define Z_STREAM_END 1 -#define Z_NEED_DICT 2 -#define Z_ERRNO (-1) -#define Z_STREAM_ERROR (-2) -#define Z_DATA_ERROR (-3) -#define Z_MEM_ERROR (-4) -#define Z_BUF_ERROR (-5) -#define Z_VERSION_ERROR (-6) -/* Return codes for the compression/decompression functions. Negative - * values are errors, positive values are used for special but normal events. - */ - -#define Z_NO_COMPRESSION 0 -#define Z_BEST_SPEED 1 -#define Z_BEST_COMPRESSION 9 -#define Z_DEFAULT_COMPRESSION (-1) -/* compression levels */ - -#define Z_FILTERED 1 -#define Z_HUFFMAN_ONLY 2 -#define Z_RLE 3 -#define Z_FIXED 4 -#define Z_DEFAULT_STRATEGY 0 -/* compression strategy; see deflateInit2() below for details */ - -#define Z_BINARY 0 -#define Z_TEXT 1 -#define Z_ASCII Z_TEXT /* for compatibility with 1.2.2 and earlier */ -#define Z_UNKNOWN 2 -/* Possible values of the data_type field (though see inflate()) */ - -#define Z_DEFLATED 8 -/* The deflate compression method (the only one supported in this version) */ - -#define Z_NULL 0 /* for initializing zalloc, zfree, opaque */ - -#define zlib_version zlibVersion() -/* for compatibility with versions < 1.0.2 */ - - /* basic functions */ - -ZEXTERN const char * ZEXPORT zlibVersion OF((void)); -/* The application can compare zlibVersion and ZLIB_VERSION for consistency. - If the first character differs, the library code actually used is - not compatible with the zlib.h header file used by the application. - This check is automatically made by deflateInit and inflateInit. - */ - -/* -ZEXTERN int ZEXPORT deflateInit OF((z_streamp strm, int level)); - - Initializes the internal stream state for compression. The fields - zalloc, zfree and opaque must be initialized before by the caller. - If zalloc and zfree are set to Z_NULL, deflateInit updates them to - use default allocation functions. - - The compression level must be Z_DEFAULT_COMPRESSION, or between 0 and 9: - 1 gives best speed, 9 gives best compression, 0 gives no compression at - all (the input data is simply copied a block at a time). - Z_DEFAULT_COMPRESSION requests a default compromise between speed and - compression (currently equivalent to level 6). - - deflateInit returns Z_OK if success, Z_MEM_ERROR if there was not - enough memory, Z_STREAM_ERROR if level is not a valid compression level, - Z_VERSION_ERROR if the zlib library version (zlib_version) is incompatible - with the version assumed by the caller (ZLIB_VERSION). - msg is set to null if there is no error message. deflateInit does not - perform any compression: this will be done by deflate(). -*/ - - -ZEXTERN int ZEXPORT deflate OF((z_streamp strm, int flush)); -/* - deflate compresses as much data as possible, and stops when the input - buffer becomes empty or the output buffer becomes full. It may introduce some - output latency (reading input without producing any output) except when - forced to flush. - - The detailed semantics are as follows. deflate performs one or both of the - following actions: - - - Compress more input starting at next_in and update next_in and avail_in - accordingly. If not all input can be processed (because there is not - enough room in the output buffer), next_in and avail_in are updated and - processing will resume at this point for the next call of deflate(). - - - Provide more output starting at next_out and update next_out and avail_out - accordingly. This action is forced if the parameter flush is non zero. - Forcing flush frequently degrades the compression ratio, so this parameter - should be set only when necessary (in interactive applications). - Some output may be provided even if flush is not set. - - Before the call of deflate(), the application should ensure that at least - one of the actions is possible, by providing more input and/or consuming - more output, and updating avail_in or avail_out accordingly; avail_out - should never be zero before the call. The application can consume the - compressed output when it wants, for example when the output buffer is full - (avail_out == 0), or after each call of deflate(). If deflate returns Z_OK - and with zero avail_out, it must be called again after making room in the - output buffer because there might be more output pending. - - Normally the parameter flush is set to Z_NO_FLUSH, which allows deflate to - decide how much data to accumualte before producing output, in order to - maximize compression. - - If the parameter flush is set to Z_SYNC_FLUSH, all pending output is - flushed to the output buffer and the output is aligned on a byte boundary, so - that the decompressor can get all input data available so far. (In particular - avail_in is zero after the call if enough output space has been provided - before the call.) Flushing may degrade compression for some compression - algorithms and so it should be used only when necessary. - - If flush is set to Z_FULL_FLUSH, all output is flushed as with - Z_SYNC_FLUSH, and the compression state is reset so that decompression can - restart from this point if previous compressed data has been damaged or if - random access is desired. Using Z_FULL_FLUSH too often can seriously degrade - compression. - - If deflate returns with avail_out == 0, this function must be called again - with the same value of the flush parameter and more output space (updated - avail_out), until the flush is complete (deflate returns with non-zero - avail_out). In the case of a Z_FULL_FLUSH or Z_SYNC_FLUSH, make sure that - avail_out is greater than six to avoid repeated flush markers due to - avail_out == 0 on return. - - If the parameter flush is set to Z_FINISH, pending input is processed, - pending output is flushed and deflate returns with Z_STREAM_END if there - was enough output space; if deflate returns with Z_OK, this function must be - called again with Z_FINISH and more output space (updated avail_out) but no - more input data, until it returns with Z_STREAM_END or an error. After - deflate has returned Z_STREAM_END, the only possible operations on the - stream are deflateReset or deflateEnd. - - Z_FINISH can be used immediately after deflateInit if all the compression - is to be done in a single step. In this case, avail_out must be at least - the value returned by deflateBound (see below). If deflate does not return - Z_STREAM_END, then it must be called again as described above. - - deflate() sets strm->adler to the adler32 checksum of all input read - so far (that is, total_in bytes). - - deflate() may update strm->data_type if it can make a good guess about - the input data type (Z_BINARY or Z_TEXT). In doubt, the data is considered - binary. This field is only for information purposes and does not affect - the compression algorithm in any manner. - - deflate() returns Z_OK if some progress has been made (more input - processed or more output produced), Z_STREAM_END if all input has been - consumed and all output has been produced (only when flush is set to - Z_FINISH), Z_STREAM_ERROR if the stream state was inconsistent (for example - if next_in or next_out was NULL), Z_BUF_ERROR if no progress is possible - (for example avail_in or avail_out was zero). Note that Z_BUF_ERROR is not - fatal, and deflate() can be called again with more input and more output - space to continue compressing. -*/ - - -ZEXTERN int ZEXPORT deflateEnd OF((z_streamp strm)); -/* - All dynamically allocated data structures for this stream are freed. - This function discards any unprocessed input and does not flush any - pending output. - - deflateEnd returns Z_OK if success, Z_STREAM_ERROR if the - stream state was inconsistent, Z_DATA_ERROR if the stream was freed - prematurely (some input or output was discarded). In the error case, - msg may be set but then points to a static string (which must not be - deallocated). -*/ - - -/* -ZEXTERN int ZEXPORT inflateInit OF((z_streamp strm)); - - Initializes the internal stream state for decompression. The fields - next_in, avail_in, zalloc, zfree and opaque must be initialized before by - the caller. If next_in is not Z_NULL and avail_in is large enough (the exact - value depends on the compression method), inflateInit determines the - compression method from the zlib header and allocates all data structures - accordingly; otherwise the allocation will be deferred to the first call of - inflate. If zalloc and zfree are set to Z_NULL, inflateInit updates them to - use default allocation functions. - - inflateInit returns Z_OK if success, Z_MEM_ERROR if there was not enough - memory, Z_VERSION_ERROR if the zlib library version is incompatible with the - version assumed by the caller. msg is set to null if there is no error - message. inflateInit does not perform any decompression apart from reading - the zlib header if present: this will be done by inflate(). (So next_in and - avail_in may be modified, but next_out and avail_out are unchanged.) -*/ - - -ZEXTERN int ZEXPORT inflate OF((z_streamp strm, int flush)); -/* - inflate decompresses as much data as possible, and stops when the input - buffer becomes empty or the output buffer becomes full. It may introduce - some output latency (reading input without producing any output) except when - forced to flush. - - The detailed semantics are as follows. inflate performs one or both of the - following actions: - - - Decompress more input starting at next_in and update next_in and avail_in - accordingly. If not all input can be processed (because there is not - enough room in the output buffer), next_in is updated and processing - will resume at this point for the next call of inflate(). - - - Provide more output starting at next_out and update next_out and avail_out - accordingly. inflate() provides as much output as possible, until there - is no more input data or no more space in the output buffer (see below - about the flush parameter). - - Before the call of inflate(), the application should ensure that at least - one of the actions is possible, by providing more input and/or consuming - more output, and updating the next_* and avail_* values accordingly. - The application can consume the uncompressed output when it wants, for - example when the output buffer is full (avail_out == 0), or after each - call of inflate(). If inflate returns Z_OK and with zero avail_out, it - must be called again after making room in the output buffer because there - might be more output pending. - - The flush parameter of inflate() can be Z_NO_FLUSH, Z_SYNC_FLUSH, - Z_FINISH, or Z_BLOCK. Z_SYNC_FLUSH requests that inflate() flush as much - output as possible to the output buffer. Z_BLOCK requests that inflate() stop - if and when it gets to the next deflate block boundary. When decoding the - zlib or gzip format, this will cause inflate() to return immediately after - the header and before the first block. When doing a raw inflate, inflate() - will go ahead and process the first block, and will return when it gets to - the end of that block, or when it runs out of data. - - The Z_BLOCK option assists in appending to or combining deflate streams. - Also to assist in this, on return inflate() will set strm->data_type to the - number of unused bits in the last byte taken from strm->next_in, plus 64 - if inflate() is currently decoding the last block in the deflate stream, - plus 128 if inflate() returned immediately after decoding an end-of-block - code or decoding the complete header up to just before the first byte of the - deflate stream. The end-of-block will not be indicated until all of the - uncompressed data from that block has been written to strm->next_out. The - number of unused bits may in general be greater than seven, except when - bit 7 of data_type is set, in which case the number of unused bits will be - less than eight. - - inflate() should normally be called until it returns Z_STREAM_END or an - error. However if all decompression is to be performed in a single step - (a single call of inflate), the parameter flush should be set to - Z_FINISH. In this case all pending input is processed and all pending - output is flushed; avail_out must be large enough to hold all the - uncompressed data. (The size of the uncompressed data may have been saved - by the compressor for this purpose.) The next operation on this stream must - be inflateEnd to deallocate the decompression state. The use of Z_FINISH - is never required, but can be used to inform inflate that a faster approach - may be used for the single inflate() call. - - In this implementation, inflate() always flushes as much output as - possible to the output buffer, and always uses the faster approach on the - first call. So the only effect of the flush parameter in this implementation - is on the return value of inflate(), as noted below, or when it returns early - because Z_BLOCK is used. - - If a preset dictionary is needed after this call (see inflateSetDictionary - below), inflate sets strm->adler to the adler32 checksum of the dictionary - chosen by the compressor and returns Z_NEED_DICT; otherwise it sets - strm->adler to the adler32 checksum of all output produced so far (that is, - total_out bytes) and returns Z_OK, Z_STREAM_END or an error code as described - below. At the end of the stream, inflate() checks that its computed adler32 - checksum is equal to that saved by the compressor and returns Z_STREAM_END - only if the checksum is correct. - - inflate() will decompress and check either zlib-wrapped or gzip-wrapped - deflate data. The header type is detected automatically. Any information - contained in the gzip header is not retained, so applications that need that - information should instead use raw inflate, see inflateInit2() below, or - inflateBack() and perform their own processing of the gzip header and - trailer. - - inflate() returns Z_OK if some progress has been made (more input processed - or more output produced), Z_STREAM_END if the end of the compressed data has - been reached and all uncompressed output has been produced, Z_NEED_DICT if a - preset dictionary is needed at this point, Z_DATA_ERROR if the input data was - corrupted (input stream not conforming to the zlib format or incorrect check - value), Z_STREAM_ERROR if the stream structure was inconsistent (for example - if next_in or next_out was NULL), Z_MEM_ERROR if there was not enough memory, - Z_BUF_ERROR if no progress is possible or if there was not enough room in the - output buffer when Z_FINISH is used. Note that Z_BUF_ERROR is not fatal, and - inflate() can be called again with more input and more output space to - continue decompressing. If Z_DATA_ERROR is returned, the application may then - call inflateSync() to look for a good compression block if a partial recovery - of the data is desired. -*/ - - -ZEXTERN int ZEXPORT inflateEnd OF((z_streamp strm)); -/* - All dynamically allocated data structures for this stream are freed. - This function discards any unprocessed input and does not flush any - pending output. - - inflateEnd returns Z_OK if success, Z_STREAM_ERROR if the stream state - was inconsistent. In the error case, msg may be set but then points to a - static string (which must not be deallocated). -*/ - - /* Advanced functions */ - -/* - The following functions are needed only in some special applications. -*/ - -/* -ZEXTERN int ZEXPORT deflateInit2 OF((z_streamp strm, - int level, - int method, - int windowBits, - int memLevel, - int strategy)); - - This is another version of deflateInit with more compression options. The - fields next_in, zalloc, zfree and opaque must be initialized before by - the caller. - - The method parameter is the compression method. It must be Z_DEFLATED in - this version of the library. - - The windowBits parameter is the base two logarithm of the window size - (the size of the history buffer). It should be in the range 8..15 for this - version of the library. Larger values of this parameter result in better - compression at the expense of memory usage. The default value is 15 if - deflateInit is used instead. - - windowBits can also be -8..-15 for raw deflate. In this case, -windowBits - determines the window size. deflate() will then generate raw deflate data - with no zlib header or trailer, and will not compute an adler32 check value. - - windowBits can also be greater than 15 for optional gzip encoding. Add - 16 to windowBits to write a simple gzip header and trailer around the - compressed data instead of a zlib wrapper. The gzip header will have no - file name, no extra data, no comment, no modification time (set to zero), - no header crc, and the operating system will be set to 255 (unknown). If a - gzip stream is being written, strm->adler is a crc32 instead of an adler32. - - The memLevel parameter specifies how much memory should be allocated - for the internal compression state. memLevel=1 uses minimum memory but - is slow and reduces compression ratio; memLevel=9 uses maximum memory - for optimal speed. The default value is 8. See zconf.h for total memory - usage as a function of windowBits and memLevel. - - The strategy parameter is used to tune the compression algorithm. Use the - value Z_DEFAULT_STRATEGY for normal data, Z_FILTERED for data produced by a - filter (or predictor), Z_HUFFMAN_ONLY to force Huffman encoding only (no - string match), or Z_RLE to limit match distances to one (run-length - encoding). Filtered data consists mostly of small values with a somewhat - random distribution. In this case, the compression algorithm is tuned to - compress them better. The effect of Z_FILTERED is to force more Huffman - coding and less string matching; it is somewhat intermediate between - Z_DEFAULT and Z_HUFFMAN_ONLY. Z_RLE is designed to be almost as fast as - Z_HUFFMAN_ONLY, but give better compression for PNG image data. The strategy - parameter only affects the compression ratio but not the correctness of the - compressed output even if it is not set appropriately. Z_FIXED prevents the - use of dynamic Huffman codes, allowing for a simpler decoder for special - applications. - - deflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough - memory, Z_STREAM_ERROR if a parameter is invalid (such as an invalid - method). msg is set to null if there is no error message. deflateInit2 does - not perform any compression: this will be done by deflate(). -*/ - -ZEXTERN int ZEXPORT deflateSetDictionary OF((z_streamp strm, - const Bytef *dictionary, - uInt dictLength)); -/* - Initializes the compression dictionary from the given byte sequence - without producing any compressed output. This function must be called - immediately after deflateInit, deflateInit2 or deflateReset, before any - call of deflate. The compressor and decompressor must use exactly the same - dictionary (see inflateSetDictionary). - - The dictionary should consist of strings (byte sequences) that are likely - to be encountered later in the data to be compressed, with the most commonly - used strings preferably put towards the end of the dictionary. Using a - dictionary is most useful when the data to be compressed is short and can be - predicted with good accuracy; the data can then be compressed better than - with the default empty dictionary. - - Depending on the size of the compression data structures selected by - deflateInit or deflateInit2, a part of the dictionary may in effect be - discarded, for example if the dictionary is larger than the window size in - deflate or deflate2. Thus the strings most likely to be useful should be - put at the end of the dictionary, not at the front. In addition, the - current implementation of deflate will use at most the window size minus - 262 bytes of the provided dictionary. - - Upon return of this function, strm->adler is set to the adler32 value - of the dictionary; the decompressor may later use this value to determine - which dictionary has been used by the compressor. (The adler32 value - applies to the whole dictionary even if only a subset of the dictionary is - actually used by the compressor.) If a raw deflate was requested, then the - adler32 value is not computed and strm->adler is not set. - - deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a - parameter is invalid (such as NULL dictionary) or the stream state is - inconsistent (for example if deflate has already been called for this stream - or if the compression method is bsort). deflateSetDictionary does not - perform any compression: this will be done by deflate(). -*/ - -ZEXTERN int ZEXPORT deflateCopy OF((z_streamp dest, - z_streamp source)); -/* - Sets the destination stream as a complete copy of the source stream. - - This function can be useful when several compression strategies will be - tried, for example when there are several ways of pre-processing the input - data with a filter. The streams that will be discarded should then be freed - by calling deflateEnd. Note that deflateCopy duplicates the internal - compression state which can be quite large, so this strategy is slow and - can consume lots of memory. - - deflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not - enough memory, Z_STREAM_ERROR if the source stream state was inconsistent - (such as zalloc being NULL). msg is left unchanged in both source and - destination. -*/ - -ZEXTERN int ZEXPORT deflateReset OF((z_streamp strm)); -/* - This function is equivalent to deflateEnd followed by deflateInit, - but does not free and reallocate all the internal compression state. - The stream will keep the same compression level and any other attributes - that may have been set by deflateInit2. - - deflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source - stream state was inconsistent (such as zalloc or state being NULL). -*/ - -ZEXTERN int ZEXPORT deflateParams OF((z_streamp strm, - int level, - int strategy)); -/* - Dynamically update the compression level and compression strategy. The - interpretation of level and strategy is as in deflateInit2. This can be - used to switch between compression and straight copy of the input data, or - to switch to a different kind of input data requiring a different - strategy. If the compression level is changed, the input available so far - is compressed with the old level (and may be flushed); the new level will - take effect only at the next call of deflate(). - - Before the call of deflateParams, the stream state must be set as for - a call of deflate(), since the currently available input may have to - be compressed and flushed. In particular, strm->avail_out must be non-zero. - - deflateParams returns Z_OK if success, Z_STREAM_ERROR if the source - stream state was inconsistent or if a parameter was invalid, Z_BUF_ERROR - if strm->avail_out was zero. -*/ - -ZEXTERN int ZEXPORT deflateTune OF((z_streamp strm, - int good_length, - int max_lazy, - int nice_length, - int max_chain)); -/* - Fine tune deflate's internal compression parameters. This should only be - used by someone who understands the algorithm used by zlib's deflate for - searching for the best matching string, and even then only by the most - fanatic optimizer trying to squeeze out the last compressed bit for their - specific input data. Read the deflate.c source code for the meaning of the - max_lazy, good_length, nice_length, and max_chain parameters. - - deflateTune() can be called after deflateInit() or deflateInit2(), and - returns Z_OK on success, or Z_STREAM_ERROR for an invalid deflate stream. - */ - -ZEXTERN uLong ZEXPORT deflateBound OF((z_streamp strm, - uLong sourceLen)); -/* - deflateBound() returns an upper bound on the compressed size after - deflation of sourceLen bytes. It must be called after deflateInit() - or deflateInit2(). This would be used to allocate an output buffer - for deflation in a single pass, and so would be called before deflate(). -*/ - -ZEXTERN int ZEXPORT deflatePrime OF((z_streamp strm, - int bits, - int value)); -/* - deflatePrime() inserts bits in the deflate output stream. The intent - is that this function is used to start off the deflate output with the - bits leftover from a previous deflate stream when appending to it. As such, - this function can only be used for raw deflate, and must be used before the - first deflate() call after a deflateInit2() or deflateReset(). bits must be - less than or equal to 16, and that many of the least significant bits of - value will be inserted in the output. - - deflatePrime returns Z_OK if success, or Z_STREAM_ERROR if the source - stream state was inconsistent. -*/ - -ZEXTERN int ZEXPORT deflateSetHeader OF((z_streamp strm, - gz_headerp head)); -/* - deflateSetHeader() provides gzip header information for when a gzip - stream is requested by deflateInit2(). deflateSetHeader() may be called - after deflateInit2() or deflateReset() and before the first call of - deflate(). The text, time, os, extra field, name, and comment information - in the provided gz_header structure are written to the gzip header (xflag is - ignored -- the extra flags are set according to the compression level). The - caller must assure that, if not Z_NULL, name and comment are terminated with - a zero byte, and that if extra is not Z_NULL, that extra_len bytes are - available there. If hcrc is true, a gzip header crc is included. Note that - the current versions of the command-line version of gzip (up through version - 1.3.x) do not support header crc's, and will report that it is a "multi-part - gzip file" and give up. - - If deflateSetHeader is not used, the default gzip header has text false, - the time set to zero, and os set to 255, with no extra, name, or comment - fields. The gzip header is returned to the default state by deflateReset(). - - deflateSetHeader returns Z_OK if success, or Z_STREAM_ERROR if the source - stream state was inconsistent. -*/ - -/* -ZEXTERN int ZEXPORT inflateInit2 OF((z_streamp strm, - int windowBits)); - - This is another version of inflateInit with an extra parameter. The - fields next_in, avail_in, zalloc, zfree and opaque must be initialized - before by the caller. - - The windowBits parameter is the base two logarithm of the maximum window - size (the size of the history buffer). It should be in the range 8..15 for - this version of the library. The default value is 15 if inflateInit is used - instead. windowBits must be greater than or equal to the windowBits value - provided to deflateInit2() while compressing, or it must be equal to 15 if - deflateInit2() was not used. If a compressed stream with a larger window - size is given as input, inflate() will return with the error code - Z_DATA_ERROR instead of trying to allocate a larger window. - - windowBits can also be -8..-15 for raw inflate. In this case, -windowBits - determines the window size. inflate() will then process raw deflate data, - not looking for a zlib or gzip header, not generating a check value, and not - looking for any check values for comparison at the end of the stream. This - is for use with other formats that use the deflate compressed data format - such as zip. Those formats provide their own check values. If a custom - format is developed using the raw deflate format for compressed data, it is - recommended that a check value such as an adler32 or a crc32 be applied to - the uncompressed data as is done in the zlib, gzip, and zip formats. For - most applications, the zlib format should be used as is. Note that comments - above on the use in deflateInit2() applies to the magnitude of windowBits. - - windowBits can also be greater than 15 for optional gzip decoding. Add - 32 to windowBits to enable zlib and gzip decoding with automatic header - detection, or add 16 to decode only the gzip format (the zlib format will - return a Z_DATA_ERROR). If a gzip stream is being decoded, strm->adler is - a crc32 instead of an adler32. - - inflateInit2 returns Z_OK if success, Z_MEM_ERROR if there was not enough - memory, Z_STREAM_ERROR if a parameter is invalid (such as a null strm). msg - is set to null if there is no error message. inflateInit2 does not perform - any decompression apart from reading the zlib header if present: this will - be done by inflate(). (So next_in and avail_in may be modified, but next_out - and avail_out are unchanged.) -*/ - -ZEXTERN int ZEXPORT inflateSetDictionary OF((z_streamp strm, - const Bytef *dictionary, - uInt dictLength)); -/* - Initializes the decompression dictionary from the given uncompressed byte - sequence. This function must be called immediately after a call of inflate, - if that call returned Z_NEED_DICT. The dictionary chosen by the compressor - can be determined from the adler32 value returned by that call of inflate. - The compressor and decompressor must use exactly the same dictionary (see - deflateSetDictionary). For raw inflate, this function can be called - immediately after inflateInit2() or inflateReset() and before any call of - inflate() to set the dictionary. The application must insure that the - dictionary that was used for compression is provided. - - inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a - parameter is invalid (such as NULL dictionary) or the stream state is - inconsistent, Z_DATA_ERROR if the given dictionary doesn't match the - expected one (incorrect adler32 value). inflateSetDictionary does not - perform any decompression: this will be done by subsequent calls of - inflate(). -*/ - -ZEXTERN int ZEXPORT inflateSync OF((z_streamp strm)); -/* - Skips invalid compressed data until a full flush point (see above the - description of deflate with Z_FULL_FLUSH) can be found, or until all - available input is skipped. No output is provided. - - inflateSync returns Z_OK if a full flush point has been found, Z_BUF_ERROR - if no more input was provided, Z_DATA_ERROR if no flush point has been found, - or Z_STREAM_ERROR if the stream structure was inconsistent. In the success - case, the application may save the current current value of total_in which - indicates where valid compressed data was found. In the error case, the - application may repeatedly call inflateSync, providing more input each time, - until success or end of the input data. -*/ - -ZEXTERN int ZEXPORT inflateCopy OF((z_streamp dest, - z_streamp source)); -/* - Sets the destination stream as a complete copy of the source stream. - - This function can be useful when randomly accessing a large stream. The - first pass through the stream can periodically record the inflate state, - allowing restarting inflate at those points when randomly accessing the - stream. - - inflateCopy returns Z_OK if success, Z_MEM_ERROR if there was not - enough memory, Z_STREAM_ERROR if the source stream state was inconsistent - (such as zalloc being NULL). msg is left unchanged in both source and - destination. -*/ - -ZEXTERN int ZEXPORT inflateReset OF((z_streamp strm)); -/* - This function is equivalent to inflateEnd followed by inflateInit, - but does not free and reallocate all the internal decompression state. - The stream will keep attributes that may have been set by inflateInit2. - - inflateReset returns Z_OK if success, or Z_STREAM_ERROR if the source - stream state was inconsistent (such as zalloc or state being NULL). -*/ - -ZEXTERN int ZEXPORT inflatePrime OF((z_streamp strm, - int bits, - int value)); -/* - This function inserts bits in the inflate input stream. The intent is - that this function is used to start inflating at a bit position in the - middle of a byte. The provided bits will be used before any bytes are used - from next_in. This function should only be used with raw inflate, and - should be used before the first inflate() call after inflateInit2() or - inflateReset(). bits must be less than or equal to 16, and that many of the - least significant bits of value will be inserted in the input. - - inflatePrime returns Z_OK if success, or Z_STREAM_ERROR if the source - stream state was inconsistent. -*/ - -ZEXTERN int ZEXPORT inflateGetHeader OF((z_streamp strm, - gz_headerp head)); -/* - inflateGetHeader() requests that gzip header information be stored in the - provided gz_header structure. inflateGetHeader() may be called after - inflateInit2() or inflateReset(), and before the first call of inflate(). - As inflate() processes the gzip stream, head->done is zero until the header - is completed, at which time head->done is set to one. If a zlib stream is - being decoded, then head->done is set to -1 to indicate that there will be - no gzip header information forthcoming. Note that Z_BLOCK can be used to - force inflate() to return immediately after header processing is complete - and before any actual data is decompressed. - - The text, time, xflags, and os fields are filled in with the gzip header - contents. hcrc is set to true if there is a header CRC. (The header CRC - was valid if done is set to one.) If extra is not Z_NULL, then extra_max - contains the maximum number of bytes to write to extra. Once done is true, - extra_len contains the actual extra field length, and extra contains the - extra field, or that field truncated if extra_max is less than extra_len. - If name is not Z_NULL, then up to name_max characters are written there, - terminated with a zero unless the length is greater than name_max. If - comment is not Z_NULL, then up to comm_max characters are written there, - terminated with a zero unless the length is greater than comm_max. When - any of extra, name, or comment are not Z_NULL and the respective field is - not present in the header, then that field is set to Z_NULL to signal its - absence. This allows the use of deflateSetHeader() with the returned - structure to duplicate the header. However if those fields are set to - allocated memory, then the application will need to save those pointers - elsewhere so that they can be eventually freed. - - If inflateGetHeader is not used, then the header information is simply - discarded. The header is always checked for validity, including the header - CRC if present. inflateReset() will reset the process to discard the header - information. The application would need to call inflateGetHeader() again to - retrieve the header from the next gzip stream. - - inflateGetHeader returns Z_OK if success, or Z_STREAM_ERROR if the source - stream state was inconsistent. -*/ - -/* -ZEXTERN int ZEXPORT inflateBackInit OF((z_streamp strm, int windowBits, - unsigned char FAR *window)); - - Initialize the internal stream state for decompression using inflateBack() - calls. The fields zalloc, zfree and opaque in strm must be initialized - before the call. If zalloc and zfree are Z_NULL, then the default library- - derived memory allocation routines are used. windowBits is the base two - logarithm of the window size, in the range 8..15. window is a caller - supplied buffer of that size. Except for special applications where it is - assured that deflate was used with small window sizes, windowBits must be 15 - and a 32K byte window must be supplied to be able to decompress general - deflate streams. - - See inflateBack() for the usage of these routines. - - inflateBackInit will return Z_OK on success, Z_STREAM_ERROR if any of - the paramaters are invalid, Z_MEM_ERROR if the internal state could not - be allocated, or Z_VERSION_ERROR if the version of the library does not - match the version of the header file. -*/ - -typedef unsigned (*in_func) OF((void FAR *, unsigned char FAR * FAR *)); -typedef int (*out_func) OF((void FAR *, unsigned char FAR *, unsigned)); - -ZEXTERN int ZEXPORT inflateBack OF((z_streamp strm, - in_func in, void FAR *in_desc, - out_func out, void FAR *out_desc)); -/* - inflateBack() does a raw inflate with a single call using a call-back - interface for input and output. This is more efficient than inflate() for - file i/o applications in that it avoids copying between the output and the - sliding window by simply making the window itself the output buffer. This - function trusts the application to not change the output buffer passed by - the output function, at least until inflateBack() returns. - - inflateBackInit() must be called first to allocate the internal state - and to initialize the state with the user-provided window buffer. - inflateBack() may then be used multiple times to inflate a complete, raw - deflate stream with each call. inflateBackEnd() is then called to free - the allocated state. - - A raw deflate stream is one with no zlib or gzip header or trailer. - This routine would normally be used in a utility that reads zip or gzip - files and writes out uncompressed files. The utility would decode the - header and process the trailer on its own, hence this routine expects - only the raw deflate stream to decompress. This is different from the - normal behavior of inflate(), which expects either a zlib or gzip header and - trailer around the deflate stream. - - inflateBack() uses two subroutines supplied by the caller that are then - called by inflateBack() for input and output. inflateBack() calls those - routines until it reads a complete deflate stream and writes out all of the - uncompressed data, or until it encounters an error. The function's - parameters and return types are defined above in the in_func and out_func - typedefs. inflateBack() will call in(in_desc, &buf) which should return the - number of bytes of provided input, and a pointer to that input in buf. If - there is no input available, in() must return zero--buf is ignored in that - case--and inflateBack() will return a buffer error. inflateBack() will call - out(out_desc, buf, len) to write the uncompressed data buf[0..len-1]. out() - should return zero on success, or non-zero on failure. If out() returns - non-zero, inflateBack() will return with an error. Neither in() nor out() - are permitted to change the contents of the window provided to - inflateBackInit(), which is also the buffer that out() uses to write from. - The length written by out() will be at most the window size. Any non-zero - amount of input may be provided by in(). - - For convenience, inflateBack() can be provided input on the first call by - setting strm->next_in and strm->avail_in. If that input is exhausted, then - in() will be called. Therefore strm->next_in must be initialized before - calling inflateBack(). If strm->next_in is Z_NULL, then in() will be called - immediately for input. If strm->next_in is not Z_NULL, then strm->avail_in - must also be initialized, and then if strm->avail_in is not zero, input will - initially be taken from strm->next_in[0 .. strm->avail_in - 1]. - - The in_desc and out_desc parameters of inflateBack() is passed as the - first parameter of in() and out() respectively when they are called. These - descriptors can be optionally used to pass any information that the caller- - supplied in() and out() functions need to do their job. - - On return, inflateBack() will set strm->next_in and strm->avail_in to - pass back any unused input that was provided by the last in() call. The - return values of inflateBack() can be Z_STREAM_END on success, Z_BUF_ERROR - if in() or out() returned an error, Z_DATA_ERROR if there was a format - error in the deflate stream (in which case strm->msg is set to indicate the - nature of the error), or Z_STREAM_ERROR if the stream was not properly - initialized. In the case of Z_BUF_ERROR, an input or output error can be - distinguished using strm->next_in which will be Z_NULL only if in() returned - an error. If strm->next is not Z_NULL, then the Z_BUF_ERROR was due to - out() returning non-zero. (in() will always be called before out(), so - strm->next_in is assured to be defined if out() returns non-zero.) Note - that inflateBack() cannot return Z_OK. -*/ - -ZEXTERN int ZEXPORT inflateBackEnd OF((z_streamp strm)); -/* - All memory allocated by inflateBackInit() is freed. - - inflateBackEnd() returns Z_OK on success, or Z_STREAM_ERROR if the stream - state was inconsistent. -*/ - -ZEXTERN uLong ZEXPORT zlibCompileFlags OF((void)); -/* Return flags indicating compile-time options. - - Type sizes, two bits each, 00 = 16 bits, 01 = 32, 10 = 64, 11 = other: - 1.0: size of uInt - 3.2: size of uLong - 5.4: size of voidpf (pointer) - 7.6: size of z_off_t - - Compiler, assembler, and debug options: - 8: DEBUG - 9: ASMV or ASMINF -- use ASM code - 10: ZLIB_WINAPI -- exported functions use the WINAPI calling convention - 11: 0 (reserved) - - One-time table building (smaller code, but not thread-safe if true): - 12: BUILDFIXED -- build static block decoding tables when needed - 13: DYNAMIC_CRC_TABLE -- build CRC calculation tables when needed - 14,15: 0 (reserved) - - Library content (indicates missing functionality): - 16: NO_GZCOMPRESS -- gz* functions cannot compress (to avoid linking - deflate code when not needed) - 17: NO_GZIP -- deflate can't write gzip streams, and inflate can't detect - and decode gzip streams (to avoid linking crc code) - 18-19: 0 (reserved) - - Operation variations (changes in library functionality): - 20: PKZIP_BUG_WORKAROUND -- slightly more permissive inflate - 21: FASTEST -- deflate algorithm with only one, lowest compression level - 22,23: 0 (reserved) - - The sprintf variant used by gzprintf (zero is best): - 24: 0 = vs*, 1 = s* -- 1 means limited to 20 arguments after the format - 25: 0 = *nprintf, 1 = *printf -- 1 means gzprintf() not secure! - 26: 0 = returns value, 1 = void -- 1 means inferred string length returned - - Remainder: - 27-31: 0 (reserved) - */ - - - /* utility functions */ - -/* - The following utility functions are implemented on top of the - basic stream-oriented functions. To simplify the interface, some - default options are assumed (compression level and memory usage, - standard memory allocation functions). The source code of these - utility functions can easily be modified if you need special options. -*/ - -ZEXTERN int ZEXPORT compress OF((Bytef *dest, uLongf *destLen, - const Bytef *source, uLong sourceLen)); -/* - Compresses the source buffer into the destination buffer. sourceLen is - the byte length of the source buffer. Upon entry, destLen is the total - size of the destination buffer, which must be at least the value returned - by compressBound(sourceLen). Upon exit, destLen is the actual size of the - compressed buffer. - This function can be used to compress a whole file at once if the - input file is mmap'ed. - compress returns Z_OK if success, Z_MEM_ERROR if there was not - enough memory, Z_BUF_ERROR if there was not enough room in the output - buffer. -*/ - -ZEXTERN int ZEXPORT compress2 OF((Bytef *dest, uLongf *destLen, - const Bytef *source, uLong sourceLen, - int level)); -/* - Compresses the source buffer into the destination buffer. The level - parameter has the same meaning as in deflateInit. sourceLen is the byte - length of the source buffer. Upon entry, destLen is the total size of the - destination buffer, which must be at least the value returned by - compressBound(sourceLen). Upon exit, destLen is the actual size of the - compressed buffer. - - compress2 returns Z_OK if success, Z_MEM_ERROR if there was not enough - memory, Z_BUF_ERROR if there was not enough room in the output buffer, - Z_STREAM_ERROR if the level parameter is invalid. -*/ - -ZEXTERN uLong ZEXPORT compressBound OF((uLong sourceLen)); -/* - compressBound() returns an upper bound on the compressed size after - compress() or compress2() on sourceLen bytes. It would be used before - a compress() or compress2() call to allocate the destination buffer. -*/ - -ZEXTERN int ZEXPORT uncompress OF((Bytef *dest, uLongf *destLen, - const Bytef *source, uLong sourceLen)); -/* - Decompresses the source buffer into the destination buffer. sourceLen is - the byte length of the source buffer. Upon entry, destLen is the total - size of the destination buffer, which must be large enough to hold the - entire uncompressed data. (The size of the uncompressed data must have - been saved previously by the compressor and transmitted to the decompressor - by some mechanism outside the scope of this compression library.) - Upon exit, destLen is the actual size of the compressed buffer. - This function can be used to decompress a whole file at once if the - input file is mmap'ed. - - uncompress returns Z_OK if success, Z_MEM_ERROR if there was not - enough memory, Z_BUF_ERROR if there was not enough room in the output - buffer, or Z_DATA_ERROR if the input data was corrupted or incomplete. -*/ - - -typedef voidp gzFile; - -ZEXTERN gzFile ZEXPORT gzopen OF((const char *path, const char *mode)); -/* - Opens a gzip (.gz) file for reading or writing. The mode parameter - is as in fopen ("rb" or "wb") but can also include a compression level - ("wb9") or a strategy: 'f' for filtered data as in "wb6f", 'h' for - Huffman only compression as in "wb1h", or 'R' for run-length encoding - as in "wb1R". (See the description of deflateInit2 for more information - about the strategy parameter.) - - gzopen can be used to read a file which is not in gzip format; in this - case gzread will directly read from the file without decompression. - - gzopen returns NULL if the file could not be opened or if there was - insufficient memory to allocate the (de)compression state; errno - can be checked to distinguish the two cases (if errno is zero, the - zlib error is Z_MEM_ERROR). */ - -ZEXTERN gzFile ZEXPORT gzdopen OF((int fd, const char *mode)); -/* - gzdopen() associates a gzFile with the file descriptor fd. File - descriptors are obtained from calls like open, dup, creat, pipe or - fileno (in the file has been previously opened with fopen). - The mode parameter is as in gzopen. - The next call of gzclose on the returned gzFile will also close the - file descriptor fd, just like fclose(fdopen(fd), mode) closes the file - descriptor fd. If you want to keep fd open, use gzdopen(dup(fd), mode). - gzdopen returns NULL if there was insufficient memory to allocate - the (de)compression state. -*/ - -ZEXTERN int ZEXPORT gzsetparams OF((gzFile file, int level, int strategy)); -/* - Dynamically update the compression level or strategy. See the description - of deflateInit2 for the meaning of these parameters. - gzsetparams returns Z_OK if success, or Z_STREAM_ERROR if the file was not - opened for writing. -*/ - -ZEXTERN int ZEXPORT gzread OF((gzFile file, voidp buf, unsigned len)); -/* - Reads the given number of uncompressed bytes from the compressed file. - If the input file was not in gzip format, gzread copies the given number - of bytes into the buffer. - gzread returns the number of uncompressed bytes actually read (0 for - end of file, -1 for error). */ - -ZEXTERN int ZEXPORT gzwrite OF((gzFile file, - voidpc buf, unsigned len)); -/* - Writes the given number of uncompressed bytes into the compressed file. - gzwrite returns the number of uncompressed bytes actually written - (0 in case of error). -*/ - -ZEXTERN int ZEXPORTVA gzprintf OF((gzFile file, const char *format, ...)); -/* - Converts, formats, and writes the args to the compressed file under - control of the format string, as in fprintf. gzprintf returns the number of - uncompressed bytes actually written (0 in case of error). The number of - uncompressed bytes written is limited to 4095. The caller should assure that - this limit is not exceeded. If it is exceeded, then gzprintf() will return - return an error (0) with nothing written. In this case, there may also be a - buffer overflow with unpredictable consequences, which is possible only if - zlib was compiled with the insecure functions sprintf() or vsprintf() - because the secure snprintf() or vsnprintf() functions were not available. -*/ - -ZEXTERN int ZEXPORT gzputs OF((gzFile file, const char *s)); -/* - Writes the given null-terminated string to the compressed file, excluding - the terminating null character. - gzputs returns the number of characters written, or -1 in case of error. -*/ - -ZEXTERN char * ZEXPORT gzgets OF((gzFile file, char *buf, int len)); -/* - Reads bytes from the compressed file until len-1 characters are read, or - a newline character is read and transferred to buf, or an end-of-file - condition is encountered. The string is then terminated with a null - character. - gzgets returns buf, or Z_NULL in case of error. -*/ - -ZEXTERN int ZEXPORT gzputc OF((gzFile file, int c)); -/* - Writes c, converted to an unsigned char, into the compressed file. - gzputc returns the value that was written, or -1 in case of error. -*/ - -ZEXTERN int ZEXPORT gzgetc OF((gzFile file)); -/* - Reads one byte from the compressed file. gzgetc returns this byte - or -1 in case of end of file or error. -*/ - -ZEXTERN int ZEXPORT gzungetc OF((int c, gzFile file)); -/* - Push one character back onto the stream to be read again later. - Only one character of push-back is allowed. gzungetc() returns the - character pushed, or -1 on failure. gzungetc() will fail if a - character has been pushed but not read yet, or if c is -1. The pushed - character will be discarded if the stream is repositioned with gzseek() - or gzrewind(). -*/ - -ZEXTERN int ZEXPORT gzflush OF((gzFile file, int flush)); -/* - Flushes all pending output into the compressed file. The parameter - flush is as in the deflate() function. The return value is the zlib - error number (see function gzerror below). gzflush returns Z_OK if - the flush parameter is Z_FINISH and all output could be flushed. - gzflush should be called only when strictly necessary because it can - degrade compression. -*/ - -ZEXTERN z_off_t ZEXPORT gzseek OF((gzFile file, - z_off_t offset, int whence)); -/* - Sets the starting position for the next gzread or gzwrite on the - given compressed file. The offset represents a number of bytes in the - uncompressed data stream. The whence parameter is defined as in lseek(2); - the value SEEK_END is not supported. - If the file is opened for reading, this function is emulated but can be - extremely slow. If the file is opened for writing, only forward seeks are - supported; gzseek then compresses a sequence of zeroes up to the new - starting position. - - gzseek returns the resulting offset location as measured in bytes from - the beginning of the uncompressed stream, or -1 in case of error, in - particular if the file is opened for writing and the new starting position - would be before the current position. -*/ - -ZEXTERN int ZEXPORT gzrewind OF((gzFile file)); -/* - Rewinds the given file. This function is supported only for reading. - - gzrewind(file) is equivalent to (int)gzseek(file, 0L, SEEK_SET) -*/ - -ZEXTERN z_off_t ZEXPORT gztell OF((gzFile file)); -/* - Returns the starting position for the next gzread or gzwrite on the - given compressed file. This position represents a number of bytes in the - uncompressed data stream. - - gztell(file) is equivalent to gzseek(file, 0L, SEEK_CUR) -*/ - -ZEXTERN int ZEXPORT gzeof OF((gzFile file)); -/* - Returns 1 when EOF has previously been detected reading the given - input stream, otherwise zero. -*/ - -ZEXTERN int ZEXPORT gzdirect OF((gzFile file)); -/* - Returns 1 if file is being read directly without decompression, otherwise - zero. -*/ - -ZEXTERN int ZEXPORT gzclose OF((gzFile file)); -/* - Flushes all pending output if necessary, closes the compressed file - and deallocates all the (de)compression state. The return value is the zlib - error number (see function gzerror below). -*/ - -ZEXTERN const char * ZEXPORT gzerror OF((gzFile file, int *errnum)); -/* - Returns the error message for the last error which occurred on the - given compressed file. errnum is set to zlib error number. If an - error occurred in the file system and not in the compression library, - errnum is set to Z_ERRNO and the application may consult errno - to get the exact error code. -*/ - -ZEXTERN void ZEXPORT gzclearerr OF((gzFile file)); -/* - Clears the error and end-of-file flags for file. This is analogous to the - clearerr() function in stdio. This is useful for continuing to read a gzip - file that is being written concurrently. -*/ - - /* checksum functions */ - -/* - These functions are not related to compression but are exported - anyway because they might be useful in applications using the - compression library. -*/ - -ZEXTERN uLong ZEXPORT adler32 OF((uLong adler, const Bytef *buf, uInt len)); -/* - Update a running Adler-32 checksum with the bytes buf[0..len-1] and - return the updated checksum. If buf is NULL, this function returns - the required initial value for the checksum. - An Adler-32 checksum is almost as reliable as a CRC32 but can be computed - much faster. Usage example: - - uLong adler = adler32(0L, Z_NULL, 0); - - while (read_buffer(buffer, length) != EOF) { - adler = adler32(adler, buffer, length); - } - if (adler != original_adler) error(); -*/ - -ZEXTERN uLong ZEXPORT adler32_combine OF((uLong adler1, uLong adler2, - z_off_t len2)); -/* - Combine two Adler-32 checksums into one. For two sequences of bytes, seq1 - and seq2 with lengths len1 and len2, Adler-32 checksums were calculated for - each, adler1 and adler2. adler32_combine() returns the Adler-32 checksum of - seq1 and seq2 concatenated, requiring only adler1, adler2, and len2. -*/ - -ZEXTERN uLong ZEXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len)); -/* - Update a running CRC-32 with the bytes buf[0..len-1] and return the - updated CRC-32. If buf is NULL, this function returns the required initial - value for the for the crc. Pre- and post-conditioning (one's complement) is - performed within this function so it shouldn't be done by the application. - Usage example: - - uLong crc = crc32(0L, Z_NULL, 0); - - while (read_buffer(buffer, length) != EOF) { - crc = crc32(crc, buffer, length); - } - if (crc != original_crc) error(); -*/ - -ZEXTERN uLong ZEXPORT crc32_combine OF((uLong crc1, uLong crc2, z_off_t len2)); - -/* - Combine two CRC-32 check values into one. For two sequences of bytes, - seq1 and seq2 with lengths len1 and len2, CRC-32 check values were - calculated for each, crc1 and crc2. crc32_combine() returns the CRC-32 - check value of seq1 and seq2 concatenated, requiring only crc1, crc2, and - len2. -*/ - - - /* various hacks, don't look :) */ - -/* deflateInit and inflateInit are macros to allow checking the zlib version - * and the compiler's view of z_stream: - */ -ZEXTERN int ZEXPORT deflateInit_ OF((z_streamp strm, int level, - const char *version, int stream_size)); -ZEXTERN int ZEXPORT inflateInit_ OF((z_streamp strm, - const char *version, int stream_size)); -ZEXTERN int ZEXPORT deflateInit2_ OF((z_streamp strm, int level, int method, - int windowBits, int memLevel, - int strategy, const char *version, - int stream_size)); -ZEXTERN int ZEXPORT inflateInit2_ OF((z_streamp strm, int windowBits, - const char *version, int stream_size)); -ZEXTERN int ZEXPORT inflateBackInit_ OF((z_streamp strm, int windowBits, - unsigned char FAR *window, - const char *version, - int stream_size)); -#define deflateInit(strm, level) \ - deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream)) -#define inflateInit(strm) \ - inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream)) -#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \ - deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\ - (strategy), ZLIB_VERSION, sizeof(z_stream)) -#define inflateInit2(strm, windowBits) \ - inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream)) -#define inflateBackInit(strm, windowBits, window) \ - inflateBackInit_((strm), (windowBits), (window), \ - ZLIB_VERSION, sizeof(z_stream)) - - -#if !defined(ZUTIL_H) && !defined(NO_DUMMY_DECL) - struct internal_state {int dummy;}; /* hack for buggy compilers */ -#endif - -ZEXTERN const char * ZEXPORT zError OF((int)); -ZEXTERN int ZEXPORT inflateSyncPoint OF((z_streamp z)); -ZEXTERN const uLongf * ZEXPORT get_crc_table OF((void)); - -#ifdef __cplusplus -} -#endif - -#endif /* ZLIB_H */ DELETED build/cackey_win32_build/lib/libz.a Index: build/cackey_win32_build/lib/libz.a ================================================================== --- build/cackey_win32_build/lib/libz.a +++ /dev/null cannot compute difference between binary files DELETED build/cackey_win32_build/lib/winscard.dll Index: build/cackey_win32_build/lib/winscard.dll ================================================================== --- build/cackey_win32_build/lib/winscard.dll +++ /dev/null cannot compute difference between binary files DELETED build/cackey_win32_build/lib/winscard.lib Index: build/cackey_win32_build/lib/winscard.lib ================================================================== --- build/cackey_win32_build/lib/winscard.lib +++ /dev/null cannot compute difference between binary files DELETED build/make-release Index: build/make-release ================================================================== --- build/make-release +++ /dev/null @@ -1,77 +0,0 @@ -#! /bin/bash - -PATH="${PATH}:/sbin:/usr/sbin:/usr/local/sbin" -export PATH - -VERSION="$1" - -if [ -z "${VERSION}" ]; then - echo 'Usage: make-release ' >&2 - exit 1 -fi - -for dir in ../../archive/ ../archive/; do - CACKEY_TARBALL="$(readlink -f "${dir}/cackey-${VERSION}.tar.gz")" - - if [ -f "${CACKEY_TARBALL}" ]; then - break - fi -done - -# Create RPM, SRPM, and Slackware package -## Create RPM/SRPM -mkdir -p ~/rpmbuild/SPECS ~/rpmbuild/SOURCES - -cp "${CACKEY_TARBALL}" ~/rpmbuild/SOURCES/ || exit 1 -tar -xOf "${CACKEY_TARBALL}" cackey-${VERSION}/cackey.spec > ~/rpmbuild/SPECS/cackey-${VERSION}.spec || exit 1 - -rpmbuild -ba ~/rpmbuild/SPECS/cackey-${VERSION}.spec || exit 1 - -# Create Debian package from RPM -mkdir -p ~/rpmbuild/DEB -"$(dirname "$0")/rpm2deb" ~/rpmbuild/RPMS/i386/cackey-${VERSION}-1.i386.rpm ~/rpmbuild/DEB/cackey_${VERSION}-1_i386.deb - -## Create Slackware package -mkdir -p ~/rpmbuild/TGZ - -WORKDIR="${TMPDIR:-/tmp}/cackey-build-$$${RANDOM}${RANDOM}${RANDOM}" -WORKDIRINSTROOT="${WORKDIR}/root" -export WORKDIR WORKDIRINSTROOT - -mkdir -p "${WORKDIR}" "${WORKDIRINSTROOT}" -cd "${WORKDIR}" || exit 1 - -tar -xf "${CACKEY_TARBALL}" - -cd "cackey-${VERSION}" || exit 1 - -./configure --prefix=/usr -make -make install DESTDIR="${WORKDIRINSTROOT}" - -mkdir "${WORKDIRINSTROOT}/install" -cat << __EOF__ > "${WORKDIRINSTROOT}/install/slack-desc" -cackey: Goverment Smartcard PKCS#11 Provider -cackey: -cackey: CACKey provides a standard interface (PKCS#11) for smartcards connected -cackey: to a PC/SC compliant reader. It performs a similar function to -cackey: "CoolKey", but only supports Government Smartcards. It supports all -cackey: Government Smartcards that implement the Government Smartcard -cackey: Interoperability Specification (GSC-IS) v2.1 or newer. -cackey: -cackey: -cackey: -cackey: -__EOF__ -cat << __EOF__ > "${WORKDIRINSTROOT}/install/slack-required" -pcsc-lite -__EOF__ - -cd "${WORKDIRINSTROOT}" || exit 1 -makepkg -l y -c n "${WORKDIR}/cackey-${VERSION}-i486-1.tgz" -gzip -dc "${WORKDIR}/cackey-${VERSION}-i486-1.tgz" | tardy -User root -Group root | gzip -9 > "${WORKDIR}/cackey-${VERSION}-i486-1.tgz.new" -mv "${WORKDIR}/cackey-${VERSION}-i486-1.tgz.new" "${WORKDIR}/cackey-${VERSION}-i486-1.tgz" -cp "${WORKDIR}/cackey-${VERSION}-i486-1.tgz" ~/rpmbuild/TGZ - -# Cleanup -rm -rf "${WORKDIR}" DELETED build/makearch.info Index: build/makearch.info ================================================================== --- build/makearch.info +++ /dev/null @@ -1,39 +0,0 @@ -# This is the name of the utility, it will be prefixed to the tarball name -UTIL="cackey" - -# This is the name of output files that should exist after configure -# procedures. -BINS="libcackey.so" - -# This lists the name of files that are required to exist -REQS="" - -# Version of utility, if empty it will be guessed. -# If set to "auto" it will be maintained in a file called .version -# in the source directory and the revision will be incremented -# each time a "makearch" is done. -VERS="" - -# Space sperated list of documents, if they exist, they will be -# prefixed with the contents of the DOC_HDR file and substitution -# will occur: -# @@UTIL@@ becomes the utility name ${UTIL} -# @@VERS@@ becomes the utility version -# @@DATE@@ becomes the current date -DOCS="README.txt LICENSE" -DOC_HDR="HEADER" - -# These files follow the same convention as DOCS, but don't have the header -# tacked onto them. -UPDATE_VARS="cackey.spec" - -# This script is executed immediately after copying the files -# to a temp directory to attempt to compile -BEFORE="build/build.sh" - -# This script is executed immediately prior to creation of the -# tarball -AFTER="" - -# Files matching these (space-seperated) patterns are deleted -TMPS="*.out HEADER work .project_aliases build_delete *~ *.tmp" DELETED build/pkcs-11v2-11r1.pdf Index: build/pkcs-11v2-11r1.pdf ================================================================== --- build/pkcs-11v2-11r1.pdf +++ /dev/null cannot compute difference between binary files DELETED build/rpm2deb Index: build/rpm2deb ================================================================== --- build/rpm2deb +++ /dev/null @@ -1,75 +0,0 @@ -#! /bin/bash - -RPMFILE="$(readlink -f "$1")" -DEBFILE="$2" -export RPMFILE DEBGFILE - -if [ -z "${RPMFILE}" ]; then - echo 'Usage: rpm2deb []' >&2 - - exit 1 -fi - -if [ -z "${DEBFILE}" ]; then - DEBFILE="$(echo "${RPMFILE}" | sed 's@\.rpm$@.deb@')" - - if [ "${DEBFILE}" = "${RPMFILE}" ]; then - DEBFILE="${RPMFILE}.deb" - fi -fi - -WORKDIR="${TMPDIR:-/tmp}/rpm2deb-$$${RANDOM}${RANDOM}${RANDOM}" -TMPCPIOFILE="${WORKDIR}/tmp.cpio" -export WORKDIR TMPCPIOFILE - -mkdir -p "${WORKDIR}" "${WORKDIR}/deb" "${WORKDIR}/control" "${WORKDIR}/root" || exit 1 -chmod 700 "${WORKDIR}" - -rpm2cpio < "${RPMFILE}" > "${TMPCPIOFILE}" - -# Extract files -( - cd "${WORKDIR}/root" || exit 1 - - cpio -i --no-absolute-filenames --quiet --make-directories < "${TMPCPIOFILE}" -) || exit 1 - -# Create control files -( - cd "${WORKDIR}/root" || exit 1 - - ## Create MD5 Sums - find . -type f | xargs md5sum > "${WORKDIR}/control/md5sums" - - ## Create Package description - rpm -q --queryformat 'Package: %{Name}\nVersion: %{Version}-%{Release}\nArchitecture: %{Arch}\nInstalled-Size: %{Size}\nMaintainer: %{Packager}\nDescription:' -p "${RPMFILE}" > "${WORKDIR}/control/control" - rpm -q --queryformat '%{Description}' -p "${RPMFILE}" | sed 's@^@ @;s@^ $@ .@' >> "${WORKDIR}/control/control" -echo '' >> "${WORKDIR}/control/control" - - ## Create tarball with all data - cd "${WORKDIR}/control" || exit 1 - tar -zcf "${WORKDIR}/deb/control.tar.gz" * -) || exit 1 - -# Create debian-binary -echo '2.0' > "${WORKDIR}/deb/debian-binary" - -# Create Data archive -( - cd "${WORKDIR}/root" || exit 1 - - cpio -i --list --quiet < "${TMPCPIOFILE}" > "${WORKDIR}/rpm-filelist" - - tar --files-from "${WORKDIR}/rpm-filelist" -cf - | tardy -User root -Group root | gzip -9c > "${WORKDIR}/deb/data.tar.gz" -) || exit 1 - -# Create Debian package -( - cd "${WORKDIR}/deb" || exit 1 - - ar rcu "${WORKDIR}/tmp.deb" debian-binary control.tar.gz data.tar.gz -) - -cp "${WORKDIR}/tmp.deb" "${DEBFILE}" - -rm -rf "${WORKDIR}" DELETED cackey.c Index: cackey.c ================================================================== --- cackey.c +++ /dev/null @@ -1,6110 +0,0 @@ -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#ifdef HAVE_WINTYPES_H -# include -#endif -#ifdef HAVE_PCSCLITE_H -# include -#endif -#ifdef HAVE_WINSCARD_H -# include -#endif -#ifdef HAVE_STDINT_H -# include -#endif -#ifdef HAVE_INTTYPES_H -# include -#endif -#ifdef HAVE_STDLIB_H -# include -#endif -#ifdef HAVE_UNISTD_H -# include -#endif -#ifdef HAVE_STRING_H -# include -#endif -#ifdef HAVE_PTHREAD_H -# include -#endif -#ifdef HAVE_LIMITS_H -# include -#endif -#ifdef HAVE_STDIO_H -# include -#endif -#ifdef HAVE_ZLIB_H -# ifdef HAVE_LIBZ -# include -# endif -#else -# ifdef HAVE_LIBZ -# undef HAVE_LIBZ -# endif -#endif - -#define CK_PTR * -#define CK_DEFINE_FUNCTION(returnType, name) returnType name -#define CK_DECLARE_FUNCTION(returnType, name) returnType name -#define CK_DECLARE_FUNCTION_POINTER(returnType, name) returnType (* name) -#define CK_CALLBACK_FUNCTION(returnType, name) returnType (* name) -#ifndef NULL_PTR -# define NULL_PTR 0 -#endif - -#include "pkcs11.h" -#include "asn1-x509.h" - -#ifndef CACKEY_CRYPTOKI_VERSION_CODE -# define CACKEY_CRYPTOKI_VERSION_CODE 0x021e00 -#endif - -#ifndef CKA_TRUST_SERVER_AUTH -# define CKA_TRUST_SERVER_AUTH 0xce536358 -#endif -#ifndef CKA_TRUST_CLIENT_AUTH -# define CKA_TRUST_CLIENT_AUTH 0xce536359 -#endif -#ifndef CKA_TRUST_CODE_SIGNING -# define CKA_TRUST_CODE_SIGNING 0xce53635a -#endif -#ifndef CKA_TRUST_EMAIL_PROTECTION -# define CKA_TRUST_EMAIL_PROTECTION 0xce53635b -#endif - -/* GSC-IS v2.1 Definitions */ -/** Classes **/ -#define GSCIS_CLASS_ISO7816 0x00 -#define GSCIS_CLASS_GLOBAL_PLATFORM 0x80 - -/** Instructions **/ -#define GSCIS_INSTR_GET_RESPONSE 0xC0 -#define GSCIS_INSTR_READ_BINARY 0xB0 -#define GSCIS_INSTR_UPDATE_BINARY 0xD6 -#define GSCIS_INSTR_SELECT 0xA4 -#define GSCIS_INSTR_EXTERNAL_AUTH 0x82 -#define GSCIS_INSTR_GET_CHALLENGE 0x84 -#define GSCIS_INSTR_INTERNAL_AUTH 0x88 -#define GSCIS_INSTR_VERIFY 0x20 -#define GSCIS_INSTR_SIGN 0x2A -#define GSCIS_INSTR_GET_PROP 0x56 -#define GSCIS_INSTR_GET_ACR 0x4C -#define GSCIS_INSTR_READ_BUFFER 0x52 -#define GSCIS_INSTR_SIGNDECRYPT 0x42 - -#define GSCIS_PARAM_SELECT_APPLET 0x04 - -/** Tags **/ -/*** CCC Tags ***/ -#define GSCIS_TAG_CARDID 0xF0 -#define GSCIS_TAG_CCC_VER 0xF1 -#define GSCIS_TAG_CCG_VER 0xF2 -#define GSCIS_TAG_CARDURL 0xF3 -#define GSCIS_TAG_PKCS15 0xF4 -#define GSCIS_TAG_REG_DATA_MODEL 0xF5 -#define GSCIS_TAG_ACR_TABLE 0xF6 -#define GSCIS_TAG_CARD_APDU 0xF7 -#define GSCIS_TAG_REDIRECTION 0xFA -#define GSCIS_TAG_CT 0xFB -#define GSCIS_TAG_ST 0xFC -#define GSCIS_TAG_NEXTCCC 0xFD - -/*** General - EF 2200 ***/ -#define GSCIS_TAG_FNAME 0x01 -#define GSCIS_TAG_MNAME 0x02 -#define GSCIS_TAG_LNAME 0x03 -#define GSCIS_TAG_SUFFIX 0x04 -#define GSCIS_TAG_GOVT_AGENCY 0x05 -#define GSCIS_TAG_BUREAU 0x06 -#define GSCIS_TAG_BUREAU_CODE 0x07 -#define GSCIS_TAG_DEPT_CODE 0x08 -#define GSCIS_TAG_TITLE 0x09 -#define GSCIS_TAG_BUILDING 0x10 -#define GSCIS_TAG_OFFICE_ADDR1 0x11 -#define GSCIS_TAG_OFFICE_ADDR2 0x12 -#define GSCIS_TAG_OFFICE_CITY 0x13 -#define GSCIS_TAG_OFFICE_STATE 0x14 -#define GSCIS_TAG_OFFICE_ZIP 0x15 -#define GSCIS_TAG_OFFICE_COUNTRY 0x16 -#define GSCIS_TAG_OFFICE_PHONE 0x17 -#define GSCIS_TAG_OFFICE_PHONE_EXT 0x18 -#define GSCIS_TAG_OFFICE_FAX 0x19 -#define GSCIS_TAG_OFFICE_EMAIL 0x1A -#define GSCIS_TAG_OFFICE_ROOM 0x1B -#define GSCIS_TAG_NONGOV_AGENCY 0x1C -#define GSCIS_TAG_SSN_DESIGNATOR 0x1D - -/*** PII - EF 2100 ***/ -#define GSCIS_TAG_SSN 0x20 -#define GSCIS_TAG_DOB 0x21 -#define GSCIS_TAG_GENDER 0x22 - -/*** Login Information - EF 4000 ***/ -#define GSCIS_TAG_USERID 0x40 -#define GSCIS_TAG_DOMAIN 0x41 -#define GSCIS_TAG_PASSWORD 0x42 - -/*** Card Information - EF 5000 ***/ -#define GSCIS_TAG_ISSUERID 0x50 -#define GSCIS_TAG_SERNO 0x51 -#define GSCIS_TAG_ISSUE_DATE 0x52 -#define GSCIS_TAG_EXPIRE_DATE 0x53 -#define GSCIS_TAG_CARD_TYPE 0x54 -#define GSCIS_TAG_SECURITY_CODE 0x57 -#define GSCIS_TAG_CARDID_AID 0x58 - -/*** PKI Information - EF 7000 ***/ -#define GSCIS_TAG_CERTIFICATE 0x70 -#define GSCIS_TAG_CERT_ISSUE_DATE 0x71 -#define GSCIS_TAG_CERT_EXPIRE_DATE 0x72 - -/** Applet IDs **/ -#define GSCIS_AID_CCC 0xA0, 0x00, 0x00, 0x01, 0x16, 0xDB, 0x00 - -/* Maximum size of data portion of APDUs */ -/** Do not set this above 250 **/ -#define CACKEY_APDU_MTU 250 - -/* ATR If not available */ -#ifndef MAX_ATR_SIZE -#define MAX_ATR_SIZE 1024 -#endif - -#ifdef CACKEY_DEBUG -# ifdef HAVE_TIME_H -# include -static time_t cackey_debug_start_time = 0; -# define CACKEY_DEBUG_PRINTTIME { if (cackey_debug_start_time == 0) { cackey_debug_start_time = time(NULL); }; fprintf(stderr, "[%lu]: ", (unsigned long) (time(NULL) - cackey_debug_start_time)); } -# else -# define CACKEY_DEBUG_PRINTTIME /**/ -# endif - -# define CACKEY_DEBUG_PRINTF(x...) { CACKEY_DEBUG_PRINTTIME; fprintf(stderr, "%s():%i: ", __func__, __LINE__); fprintf(stderr, x); fprintf(stderr, "\n"); fflush(stderr); } -# define CACKEY_DEBUG_PRINTBUF(f, x, y) { unsigned char *TMPBUF; unsigned long idx; TMPBUF = (unsigned char *) (x); CACKEY_DEBUG_PRINTTIME; fprintf(stderr, "%s():%i: %s (%s/%lu = {%02x", __func__, __LINE__, f, #x, (unsigned long) (y), TMPBUF[0]); for (idx = 1; idx < (y); idx++) { fprintf(stderr, ", %02x", TMPBUF[idx]); }; fprintf(stderr, "})\n"); fflush(stderr); } -# define CACKEY_DEBUG_PERROR(x) { fprintf(stderr, "%s():%i: ", __func__, __LINE__); CACKEY_DEBUG_PRINTTIME; perror(x); fflush(stderr); } -# define free(x) { CACKEY_DEBUG_PRINTF("FREE(%p) (%s)", x, #x); free(x); } - -static void *CACKEY_DEBUG_FUNC_MALLOC(size_t size, const char *func, int line) { - void *retval; - - retval = malloc(size); - - CACKEY_DEBUG_PRINTTIME; - fprintf(stderr, "%s():%i: ", func, line); - fprintf(stderr, "MALLOC() = %p", retval); - fprintf(stderr, "\n"); - fflush(stderr); - - return(retval); -} - -static void *CACKEY_DEBUG_FUNC_REALLOC(void *ptr, size_t size, const char *func, int line) { - void *retval; - - retval = realloc(ptr, size); - - if (retval != ptr) { - CACKEY_DEBUG_PRINTTIME; - fprintf(stderr, "%s():%i: ", func, line); - fprintf(stderr, "REALLOC(%p) = %p", ptr, retval); - fprintf(stderr, "\n"); - fflush(stderr); - } - - if (retval == NULL) { - CACKEY_DEBUG_PRINTF(" *** ERROR *** realloc returned NULL (size = %lu)", (unsigned long) size); - } - - return(retval); -} - -static char *CACKEY_DEBUG_FUNC_STRDUP(const char *ptr, const char *func, int line) { - char *retval; - - retval = strdup(ptr); - - CACKEY_DEBUG_PRINTTIME; - fprintf(stderr, "%s():%i: ", func, line); - fprintf(stderr, "STRDUP_MALLOC() = %p", retval); - fprintf(stderr, "\n"); - fflush(stderr); - - return(retval); -} - -static const char *CACKEY_DEBUG_FUNC_TAG_TO_STR(unsigned char tag) { - switch (tag) { - case GSCIS_TAG_CARDID: - return("GSCIS_TAG_CARDID"); - case GSCIS_TAG_CCC_VER: - return("GSCIS_TAG_CCC_VER"); - case GSCIS_TAG_CCG_VER: - return("GSCIS_TAG_CCG_VER"); - case GSCIS_TAG_CARDURL: - return("GSCIS_TAG_CARDURL"); - case GSCIS_TAG_PKCS15: - return("GSCIS_TAG_PKCS15"); - case GSCIS_TAG_REG_DATA_MODEL: - return("GSCIS_TAG_REG_DATA_MODEL"); - case GSCIS_TAG_ACR_TABLE: - return("GSCIS_TAG_ACR_TABLE"); - case GSCIS_TAG_CARD_APDU: - return("GSCIS_TAG_CARD_APDU"); - case GSCIS_TAG_REDIRECTION: - return("GSCIS_TAG_REDIRECTION"); - case GSCIS_TAG_CT: - return("GSCIS_TAG_CT"); - case GSCIS_TAG_ST: - return("GSCIS_TAG_ST"); - case GSCIS_TAG_NEXTCCC: - return("GSCIS_TAG_NEXTCCC"); - case GSCIS_TAG_FNAME: - return("GSCIS_TAG_FNAME"); - case GSCIS_TAG_MNAME: - return("GSCIS_TAG_MNAME"); - case GSCIS_TAG_LNAME: - return("GSCIS_TAG_LNAME"); - case GSCIS_TAG_SUFFIX: - return("GSCIS_TAG_SUFFIX"); - case GSCIS_TAG_GOVT_AGENCY: - return("GSCIS_TAG_GOVT_AGENCY"); - case GSCIS_TAG_BUREAU: - return("GSCIS_TAG_BUREAU"); - case GSCIS_TAG_BUREAU_CODE: - return("GSCIS_TAG_BUREAU_CODE"); - case GSCIS_TAG_DEPT_CODE: - return("GSCIS_TAG_DEPT_CODE"); - case GSCIS_TAG_TITLE: - return("GSCIS_TAG_TITLE"); - case GSCIS_TAG_BUILDING: - return("GSCIS_TAG_BUILDING"); - case GSCIS_TAG_OFFICE_ADDR1: - return("GSCIS_TAG_OFFICE_ADDR1"); - case GSCIS_TAG_OFFICE_ADDR2: - return("GSCIS_TAG_OFFICE_ADDR2"); - case GSCIS_TAG_OFFICE_CITY: - return("GSCIS_TAG_OFFICE_CITY"); - case GSCIS_TAG_OFFICE_STATE: - return("GSCIS_TAG_OFFICE_STATE"); - case GSCIS_TAG_OFFICE_ZIP: - return("GSCIS_TAG_OFFICE_ZIP"); - case GSCIS_TAG_OFFICE_COUNTRY: - return("GSCIS_TAG_OFFICE_COUNTRY"); - case GSCIS_TAG_OFFICE_PHONE: - return("GSCIS_TAG_OFFICE_PHONE"); - case GSCIS_TAG_OFFICE_PHONE_EXT: - return("GSCIS_TAG_OFFICE_PHONE_EXT"); - case GSCIS_TAG_OFFICE_FAX: - return("GSCIS_TAG_OFFICE_FAX"); - case GSCIS_TAG_OFFICE_EMAIL: - return("GSCIS_TAG_OFFICE_EMAIL"); - case GSCIS_TAG_OFFICE_ROOM: - return("GSCIS_TAG_OFFICE_ROOM"); - case GSCIS_TAG_NONGOV_AGENCY: - return("GSCIS_TAG_NONGOV_AGENCY"); - case GSCIS_TAG_SSN_DESIGNATOR: - return("GSCIS_TAG_SSN_DESIGNATOR"); - case GSCIS_TAG_SSN: - return("GSCIS_TAG_SSN"); - case GSCIS_TAG_DOB: - return("GSCIS_TAG_DOB"); - case GSCIS_TAG_GENDER: - return("GSCIS_TAG_GENDER"); - case GSCIS_TAG_USERID: - return("GSCIS_TAG_USERID"); - case GSCIS_TAG_DOMAIN: - return("GSCIS_TAG_DOMAIN"); - case GSCIS_TAG_PASSWORD: - return("GSCIS_TAG_PASSWORD"); - case GSCIS_TAG_ISSUERID: - return("GSCIS_TAG_ISSUERID"); - case GSCIS_TAG_SERNO: - return("GSCIS_TAG_SERNO"); - case GSCIS_TAG_ISSUE_DATE: - return("GSCIS_TAG_ISSUE_DATE"); - case GSCIS_TAG_EXPIRE_DATE: - return("GSCIS_TAG_EXPIRE_DATE"); - case GSCIS_TAG_CARD_TYPE: - return("GSCIS_TAG_CARD_TYPE"); - case GSCIS_TAG_SECURITY_CODE: - return("GSCIS_TAG_SECURITY_CODE"); - case GSCIS_TAG_CARDID_AID: - return("GSCIS_TAG_CARDID_AID"); - case GSCIS_TAG_CERTIFICATE: - return("GSCIS_TAG_CERTIFICATE"); - case GSCIS_TAG_CERT_ISSUE_DATE: - return("GSCIS_TAG_CERT_ISSUE_DATE"); - case GSCIS_TAG_CERT_EXPIRE_DATE: - return("GSCIS_TAG_CERT_EXPIRE_DATE"); - } - - return("UNKNOWN"); -} - -static const char *CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(LONG retcode) { - switch (retcode) { - case SCARD_S_SUCCESS: - return("SCARD_S_SUCCESS"); - case SCARD_E_CANCELLED: - return("SCARD_E_CANCELLED"); - case SCARD_E_CANT_DISPOSE: - return("SCARD_E_CANT_DISPOSE"); - case SCARD_E_INSUFFICIENT_BUFFER: - return("SCARD_E_INSUFFICIENT_BUFFER"); - case SCARD_E_INVALID_ATR: - return("SCARD_E_INVALID_ATR"); - case SCARD_E_INVALID_HANDLE: - return("SCARD_E_INVALID_HANDLE"); - case SCARD_E_INVALID_PARAMETER: - return("SCARD_E_INVALID_PARAMETER"); - case SCARD_E_INVALID_TARGET: - return("SCARD_E_INVALID_TARGET"); - case SCARD_E_INVALID_VALUE: - return("SCARD_E_INVALID_VALUE"); - case SCARD_E_NO_MEMORY: - return("SCARD_E_NO_MEMORY"); - case SCARD_E_UNKNOWN_READER: - return("SCARD_E_UNKNOWN_READER"); - case SCARD_E_TIMEOUT: - return("SCARD_E_TIMEOUT"); - case SCARD_E_SHARING_VIOLATION: - return("SCARD_E_SHARING_VIOLATION"); - case SCARD_E_NO_SMARTCARD: - return("SCARD_E_NO_SMARTCARD"); - case SCARD_E_UNKNOWN_CARD: - return("SCARD_E_UNKNOWN_CARD"); - case SCARD_E_PROTO_MISMATCH: - return("SCARD_E_PROTO_MISMATCH"); - case SCARD_E_NOT_READY: - return("SCARD_E_NOT_READY"); - case SCARD_E_SYSTEM_CANCELLED: - return("SCARD_E_SYSTEM_CANCELLED"); - case SCARD_E_NOT_TRANSACTED: - return("SCARD_E_NOT_TRANSACTED"); - case SCARD_E_READER_UNAVAILABLE: - return("SCARD_E_READER_UNAVAILABLE"); - case SCARD_W_UNSUPPORTED_CARD: - return("SCARD_W_UNSUPPORTED_CARD"); - case SCARD_W_UNRESPONSIVE_CARD: - return("SCARD_W_UNRESPONSIVE_CARD"); - case SCARD_W_UNPOWERED_CARD: - return("SCARD_W_UNPOWERED_CARD"); - case SCARD_W_RESET_CARD: - return("SCARD_W_RESET_CARD"); - case SCARD_W_REMOVED_CARD: - return("SCARD_W_REMOVED_CARD"); - case SCARD_E_PCI_TOO_SMALL: - return("SCARD_E_PCI_TOO_SMALL"); - case SCARD_E_READER_UNSUPPORTED: - return("SCARD_E_READER_UNSUPPORTED"); - case SCARD_E_DUPLICATE_READER: - return("SCARD_E_DUPLICATE_READER"); - case SCARD_E_CARD_UNSUPPORTED: - return("SCARD_E_CARD_UNSUPPORTED"); - case SCARD_E_NO_SERVICE: - return("SCARD_E_NO_SERVICE"); - case SCARD_E_SERVICE_STOPPED: - return("SCARD_E_SERVICE_STOPPED"); - case SCARD_E_UNSUPPORTED_FEATURE: - return("SCARD_E_UNSUPPORTED_FEATURE"); -#ifdef SCARD_W_INSERTED_CARD - case SCARD_W_INSERTED_CARD: - return("SCARD_W_INSERTED_CARD"); -#endif -#ifdef SCARD_E_NO_READERS_AVAILABLE - case SCARD_E_NO_READERS_AVAILABLE: - return("SCARD_E_NO_READERS_AVAILABLE"); -#endif - } - - return("UNKNOWN"); -} - -static const char *CACKEY_DEBUG_FUNC_OBJID_TO_STR(uint16_t objid) { - switch (objid) { - case 0x2000: - return("CACKEY_TLV_OBJID_GENERALINFO"); - case 0x2100: - return("CACKEY_TLV_OBJID_PROPERSONALINFO"); - case 0x3000: - return("CACKEY_TLV_OBJID_ACCESSCONTROL"); - case 0x4000: - return("CACKEY_TLV_OBJID_LOGIN"); - case 0x5000: - return("CACKEY_TLV_OBJID_CARDINFO"); - case 0x6000: - return("CACKEY_TLV_OBJID_BIOMETRICS"); - case 0x7000: - return("CACKEY_TLV_OBJID_DIGITALSIGCERT"); - case 0x0200: - return("CACKEY_TLV_OBJID_CAC_PERSON"); - case 0x0202: - return("CACKEY_TLV_OBJID_CAC_BENEFITS"); - case 0x0203: - return("CACKEY_TLV_OBJID_CAC_OTHERBENEFITS"); - case 0x0201: - return("CACKEY_TLV_OBJID_CAC_PERSONNEL"); - case 0x02FE: - return("CACKEY_TLV_OBJID_CAC_PKICERT"); - } - - return("UNKNOWN"); -} - -static const char *CACKEY_DEBUG_FUNC_APPTYPE_TO_STR(uint8_t apptype) { - switch (apptype) { - case 0x00: - return("NONE"); - case 0x01: - return("CACKEY_TLV_APP_GENERIC"); - case 0x02: - return("CACKEY_TLV_APP_SKI"); - case 0x03: - return("CACKEY_TLV_APP_GENERIC | CACKEY_TLV_APP_SKI"); - case 0x04: - return("CACKEY_TLV_APP_PKI"); - case 0x05: - return("CACKEY_TLV_APP_GENERIC | CACKEY_TLV_APP_PKI"); - case 0x06: - return("CACKEY_TLV_APP_SKI | CACKEY_TLV_APP_PKI"); - case 0x07: - return("CACKEY_TLV_APP_GENERIC | CACKEY_TLV_APP_SKI | CACKEY_TLV_APP_PKI"); - } - - return("INVALID"); -} - -# define malloc(x) CACKEY_DEBUG_FUNC_MALLOC(x, __func__, __LINE__) -# define realloc(x, y) CACKEY_DEBUG_FUNC_REALLOC(x, y, __func__, __LINE__) -# ifdef strdup -# undef strdup -# endif -# define strdup(x) CACKEY_DEBUG_FUNC_STRDUP(x, __func__, __LINE__) -#else -# define CACKEY_DEBUG_PRINTF(x...) /**/ -# define CACKEY_DEBUG_PRINTBUF(f, x, y) /**/ -# define CACKEY_DEBUG_PERROR(x) /**/ -# define CACKEY_DEBUG_FUNC_TAG_TO_STR(x) "DEBUG_DISABLED" -# define CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(x) "DEBUG_DISABLED" -# define CACKEY_DEBUG_FUNC_OBJID_TO_STR(x) "DEBUG_DISABLED" -# define CACKEY_DEBUG_FUNC_APPTYPE_TO_STR(x) "DEBUG_DISABLED" -#endif - -struct cackey_pcsc_identity { - unsigned char applet[7]; - uint16_t file; - - size_t certificate_len; - unsigned char *certificate; - - ssize_t keysize; -}; - -struct cackey_identity { - struct cackey_pcsc_identity *pcsc_identity; - - CK_ATTRIBUTE *attributes; - CK_ULONG attributes_count; -}; - -struct cackey_session { - int active; - - CK_SLOT_ID slotID; - - CK_STATE state; - CK_FLAGS flags; - CK_ULONG ulDeviceError; - CK_VOID_PTR pApplication; - CK_NOTIFY Notify; - - struct cackey_identity *identities; - unsigned long identities_count; - - int search_active; - CK_ATTRIBUTE_PTR search_query; - CK_ULONG search_query_count; - unsigned long search_curr_id; - - int sign_active; - CK_MECHANISM_TYPE sign_mechanism; - CK_BYTE_PTR sign_buf; - unsigned long sign_buflen; - unsigned long sign_bufused; - struct cackey_identity *sign_identity; - - int decrypt_active; - CK_MECHANISM_TYPE decrypt_mechanism; - CK_VOID_PTR decrypt_mech_parm; - CK_ULONG decrypt_mech_parmlen; - struct cackey_identity *decrypt_identity; -}; - -struct cackey_slot { - int active; - - char *pcsc_reader; - - int pcsc_card_connected; - SCARDHANDLE pcsc_card; - - int transaction_depth; - int transaction_need_hw_lock; - - int slot_reset; - - CK_FLAGS token_flags; - - unsigned char *label; - - DWORD protocol; -}; - -typedef enum { - CACKEY_TLV_APP_GENERIC = 0x01, - CACKEY_TLV_APP_SKI = 0x02, - CACKEY_TLV_APP_PKI = 0x04 -} cackey_tlv_apptype; - -typedef enum { - CACKEY_TLV_OBJID_GENERALINFO = 0x2000, - CACKEY_TLV_OBJID_PROPERSONALINFO = 0x2100, - CACKEY_TLV_OBJID_ACCESSCONTROL = 0x3000, - CACKEY_TLV_OBJID_LOGIN = 0x4000, - CACKEY_TLV_OBJID_CARDINFO = 0x5000, - CACKEY_TLV_OBJID_BIOMETRICS = 0x6000, - CACKEY_TLV_OBJID_DIGITALSIGCERT = 0x7000, - CACKEY_TLV_OBJID_CAC_PERSON = 0x0200, - CACKEY_TLV_OBJID_CAC_BENEFITS = 0x0202, - CACKEY_TLV_OBJID_CAC_OTHERBENEFITS = 0x0203, - CACKEY_TLV_OBJID_CAC_PERSONNEL = 0x0201, - CACKEY_TLV_OBJID_CAC_PKICERT = 0x02FE -} cackey_tlv_objectid; - -typedef enum { - CACKEY_PCSC_S_TOKENPRESENT = 1, - CACKEY_PCSC_S_OK = 0, - CACKEY_PCSC_E_GENERIC = -1, - CACKEY_PCSC_E_BADPIN = -2, - CACKEY_PCSC_E_LOCKED = -3, - CACKEY_PCSC_E_NEEDLOGIN = -4, - CACKEY_PCSC_E_TOKENABSENT = -6, - CACKEY_PCSC_E_RETRY = -7 -} cackey_ret; - -struct cackey_tlv_cardurl { - unsigned char rid[5]; - cackey_tlv_apptype apptype; - cackey_tlv_objectid objectid; - cackey_tlv_objectid appid; - unsigned char pinid; -}; - -struct cackey_tlv_entity; -struct cackey_tlv_entity { - uint8_t tag; - size_t length; - - union { - void *value; - struct cackey_tlv_cardurl *value_cardurl; - uint8_t value_byte; - }; - - struct cackey_tlv_entity *_next; -}; - -/* CACKEY Global Handles */ -static void *cackey_biglock = NULL; -static struct cackey_session cackey_sessions[128]; -static struct cackey_slot cackey_slots[128]; -static int cackey_initialized = 0; -static int cackey_biglock_init = 0; -CK_C_INITIALIZE_ARGS cackey_args; - -/* PCSC Global Handles */ -static LPSCARDCONTEXT cackey_pcsc_handle = NULL; - -static unsigned long cackey_getversion(void) { - static unsigned long retval = 255; - unsigned long major = 0; - unsigned long minor = 0; - char *major_str = NULL; - char *minor_str = NULL; - - CACKEY_DEBUG_PRINTF("Called."); - - if (retval != 255) { - CACKEY_DEBUG_PRINTF("Returning 0x%lx (cached).", retval); - - return(retval); - } - - retval = 0; - -#ifdef PACKAGE_VERSION - major_str = PACKAGE_VERSION; - if (major_str) { - major = strtoul(major_str, &minor_str, 10); - - if (minor_str) { - minor = strtoul(minor_str + 1, NULL, 10); - } - } - - retval = (major << 16) | (minor << 8); -#endif - - CACKEY_DEBUG_PRINTF("Returning 0x%lx", retval); - - return(retval); -} - -/* PC/SC Related Functions */ -/* - * SYNPOSIS - * void cackey_slots_disconnect_all(void); - * - * ARGUMENTS - * None - * - * RETURN VALUE - * None - * - * NOTES - * This function disconnects from all cards. - * - */ -static void cackey_slots_disconnect_all(void) { - uint32_t idx; - - CACKEY_DEBUG_PRINTF("Called."); - - for (idx = 0; idx < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); idx++) { - if (cackey_slots[idx].pcsc_card_connected) { - CACKEY_DEBUG_PRINTF("SCardDisconnect(%lu) called", (unsigned long) idx); - - SCardDisconnect(cackey_slots[idx].pcsc_card, SCARD_LEAVE_CARD); - } - - if (cackey_slots[idx].label) { - free(cackey_slots[idx].label); - - cackey_slots[idx].label = NULL; - } - - cackey_slots[idx].pcsc_card_connected = 0; - cackey_slots[idx].transaction_depth = 0; - cackey_slots[idx].transaction_need_hw_lock = 0; - - if (cackey_slots[idx].active) { - CACKEY_DEBUG_PRINTF("Marking active slot %lu as being reset", (unsigned long) idx); - } - - cackey_slots[idx].slot_reset = 1; - } - - CACKEY_DEBUG_PRINTF("Returning"); - - return; -} - -/* - * SYNPOSIS - * cackey_ret cackey_pcsc_connect(void); - * - * ARGUMENTS - * None - * - * RETURN VALUE - * CACKEY_PCSC_S_OK On success - * CACKEY_PCSC_E_GENERIC On error - * - * NOTES - * This function connects to the PC/SC Connection Manager and updates the - * global handle. - * - */ -static cackey_ret cackey_pcsc_connect(void) { - LONG scard_est_context_ret; -#ifdef HAVE_SCARDISVALIDCONTEXT - LONG scard_isvalid_ret; -#endif - - CACKEY_DEBUG_PRINTF("Called."); - - if (cackey_pcsc_handle == NULL) { - cackey_pcsc_handle = malloc(sizeof(*cackey_pcsc_handle)); - if (cackey_pcsc_handle == NULL) { - CACKEY_DEBUG_PRINTF("Call to malloc() failed, returning in failure"); - - cackey_slots_disconnect_all(); - - return(CACKEY_PCSC_E_GENERIC); - } - - CACKEY_DEBUG_PRINTF("SCardEstablishContext() called"); - scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, cackey_pcsc_handle); - if (scard_est_context_ret != SCARD_S_SUCCESS) { - CACKEY_DEBUG_PRINTF("Call to SCardEstablishContext failed (returned %s/%li), returning in failure", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_est_context_ret), (long) scard_est_context_ret); - - free(cackey_pcsc_handle); - cackey_pcsc_handle = NULL; - - cackey_slots_disconnect_all(); - - return(CACKEY_PCSC_E_GENERIC); - } - } - -#ifdef HAVE_SCARDISVALIDCONTEXT - CACKEY_DEBUG_PRINTF("SCardIsValidContext() called"); - scard_isvalid_ret = SCardIsValidContext(*cackey_pcsc_handle); - if (scard_isvalid_ret != SCARD_S_SUCCESS) { - CACKEY_DEBUG_PRINTF("Handle has become invalid (SCardIsValidContext = %s/%li), trying to re-establish...", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_isvalid_ret), (long) scard_isvalid_ret); - - CACKEY_DEBUG_PRINTF("SCardEstablishContext() called"); - scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, cackey_pcsc_handle); - if (scard_est_context_ret != SCARD_S_SUCCESS) { - CACKEY_DEBUG_PRINTF("Call to SCardEstablishContext failed (returned %s/%li), returning in failure", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_est_context_ret), (long) scard_est_context_ret); - - free(cackey_pcsc_handle); - cackey_pcsc_handle = NULL; - - cackey_slots_disconnect_all(); - - return(CACKEY_PCSC_E_GENERIC); - } - - CACKEY_DEBUG_PRINTF("Handle has been re-established"); - } -#endif - - CACKEY_DEBUG_PRINTF("Sucessfully connected to PC/SC, returning in success"); - - return(CACKEY_PCSC_S_OK); -} - -/* - * SYNPOSIS - * cackey_ret cackey_pcsc_disconnect(void); - * - * ARGUMENTS - * None - * - * RETURN VALUE - * CACKEY_PCSC_S_OK On success - * CACKEY_PCSC_E_GENERIC On error - * - * NOTES - * This function disconnects from the PC/SC Connection manager and updates - * the global handle. - * - */ -static cackey_ret cackey_pcsc_disconnect(void) { - LONG scard_rel_context_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - if (cackey_pcsc_handle == NULL) { - return(CACKEY_PCSC_S_OK); - } - - scard_rel_context_ret = SCardReleaseContext(*cackey_pcsc_handle); - - if (cackey_pcsc_handle) { - free(cackey_pcsc_handle); - - cackey_pcsc_handle = NULL; - } - - if (scard_rel_context_ret != SCARD_S_SUCCESS) { - return(CACKEY_PCSC_E_GENERIC); - } - - return(CACKEY_PCSC_S_OK); -} - -/* - * SYNPOSIS - * void cackey_mark_slot_reset(struct cackey_slot *slot); - * - * ARGUMENTS - * None - * - * RETURN VALUE - * None - * - * NOTES - * This function marks a slot has having been reset, to later be cleaned up. - * Cleanup only happens when a PKCS#11 client calls C_FindObjectsInit. - * - */ -static void cackey_mark_slot_reset(struct cackey_slot *slot) { - if (slot == NULL) { - return; - } - - CACKEY_DEBUG_PRINTF("Called."); - - if (slot->pcsc_card_connected) { - SCardDisconnect(slot->pcsc_card, SCARD_LEAVE_CARD); - } - - slot->slot_reset = 1; - slot->pcsc_card_connected = 0; - slot->token_flags = CKF_LOGIN_REQUIRED; - - CACKEY_DEBUG_PRINTF("Returning."); - - return; -} - -/* - * SYNPOSIS - * LONG cackey_reconnect_card(struct cackey_slot *slot, DWORD default_protocol, LPDWORD selected_protocol); - * - * ARGUMENTS - * cackey_slot *slot - * Slot to send commands to - * - * DWORD default_protocol - * Protocol to attempt first - * - * LPDWORD selected_protocol - * [OUT] Protocol selected - * - * RETURN VALUE - * The return value from SCardReconnect() - * - * NOTES - * This function is a wrapper around SCardReconnect() - * - * The SCardReconnect() function call will be called first with the - * dwPreferredProtocols of "default_protocol". If that call returns - * SCARD_E_PROTO_MISMATCH try again with a protocol of T=0, and failing - * that T=1. - * - */ -static LONG cackey_reconnect_card(struct cackey_slot *slot, DWORD default_protocol, LPDWORD selected_protocol) { - LONG scard_conn_ret; - - scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, default_protocol, SCARD_RESET_CARD, selected_protocol); - - if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) { - CACKEY_DEBUG_PRINTF("SCardReconnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=0") - scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, SCARD_RESET_CARD, selected_protocol); - - if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) { - CACKEY_DEBUG_PRINTF("SCardReconnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=1") - scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T1, SCARD_RESET_CARD, selected_protocol); - } - } - - return(scard_conn_ret); -} - -/* - * SYNPOSIS - * cackey_ret cackey_connect_card(struct cackey_slot *slot); - * - * ARGUMENTS - * cackey_slot *slot - * Slot to send commands to - * - * RETURN VALUE - * CACKEY_PCSC_S_OK On success - * CACKEY_PCSC_E_GENERIC On error - * - * NOTES - * None - * - */ -static cackey_ret cackey_connect_card(struct cackey_slot *slot) { - cackey_ret pcsc_connect_ret; - DWORD protocol; - LONG scard_conn_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!slot) { - CACKEY_DEBUG_PRINTF("Invalid slot specified, returning in failure"); - - return(CACKEY_PCSC_E_GENERIC); - } - - pcsc_connect_ret = cackey_pcsc_connect(); - if (pcsc_connect_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Connection to PC/SC failed, returning in failure"); - - return(CACKEY_PCSC_E_GENERIC); - } - - /* Connect to reader, if needed */ - if (!slot->pcsc_card_connected) { - CACKEY_DEBUG_PRINTF("SCardConnect(%s) called", slot->pcsc_reader); - scard_conn_ret = SCardConnect(*cackey_pcsc_handle, slot->pcsc_reader, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &slot->pcsc_card, &protocol); - - if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) { - CACKEY_DEBUG_PRINTF("SCardConnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=0") - scard_conn_ret = SCardConnect(*cackey_pcsc_handle, slot->pcsc_reader, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &slot->pcsc_card, &protocol); - - if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) { - CACKEY_DEBUG_PRINTF("SCardConnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=1") - scard_conn_ret = SCardConnect(*cackey_pcsc_handle, slot->pcsc_reader, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T1, &slot->pcsc_card, &protocol); - } - } - - if (scard_conn_ret == SCARD_W_UNPOWERED_CARD) { - CACKEY_DEBUG_PRINTF("SCardConnect() returned SCARD_W_UNPOWERED_CARD, trying to re-connect..."); - - scard_conn_ret = SCardConnect(*cackey_pcsc_handle, slot->pcsc_reader, SCARD_SHARE_DIRECT, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &slot->pcsc_card, &protocol); - - if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) { - CACKEY_DEBUG_PRINTF("SCardConnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=0") - scard_conn_ret = SCardConnect(*cackey_pcsc_handle, slot->pcsc_reader, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &slot->pcsc_card, &protocol); - - if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) { - CACKEY_DEBUG_PRINTF("SCardConnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=1") - scard_conn_ret = SCardConnect(*cackey_pcsc_handle, slot->pcsc_reader, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T1, &slot->pcsc_card, &protocol); - } - } - - scard_conn_ret = cackey_reconnect_card(slot, protocol, &protocol); - } - - if (scard_conn_ret != SCARD_S_SUCCESS) { - CACKEY_DEBUG_PRINTF("Connection to card failed, returning in failure (SCardConnect() = %s/%li)", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_conn_ret), (long) scard_conn_ret); - - return(CACKEY_PCSC_E_GENERIC); - } - - slot->pcsc_card_connected = 1; - slot->transaction_depth = 0; - slot->transaction_need_hw_lock = 0; - slot->protocol = protocol; - } - - return(CACKEY_PCSC_S_OK); -} - -/* - * SYNPOSIS - * cackey_ret cackey_begin_transaction(struct cackey_slot *slot); - * - * ARGUMENTS - * cackey_slot *slot - * Slot to send commands to - * - * RETURN VALUE - * CACKEY_PCSC_S_OK On success - * CACKEY_PCSC_E_GENERIC On error - * - * NOTES - * The transaction should be terminated using "cackey_end_transaction" - * - */ -static cackey_ret cackey_begin_transaction(struct cackey_slot *slot) { - cackey_ret cackey_conn_ret; - LONG scard_trans_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - cackey_conn_ret = cackey_connect_card(slot); - if (cackey_conn_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Unable to connect to card, returning in error"); - - return(CACKEY_PCSC_E_GENERIC); - } - - slot->transaction_depth++; - - if (slot->transaction_depth > 1 && !slot->transaction_need_hw_lock) { - CACKEY_DEBUG_PRINTF("Already in a transaction, performing no action (new depth = %i)", slot->transaction_depth); - - return(CACKEY_PCSC_S_OK); - } - - slot->transaction_need_hw_lock = 0; - - scard_trans_ret = SCardBeginTransaction(slot->pcsc_card); - if (scard_trans_ret != SCARD_S_SUCCESS) { - CACKEY_DEBUG_PRINTF("Unable to begin transaction, returning in error"); - - return(CACKEY_PCSC_E_GENERIC); - } - - CACKEY_DEBUG_PRINTF("Sucessfully began transaction on slot (%s)", slot->pcsc_reader); - - return(CACKEY_PCSC_S_OK); -} - -/* - * SYNPOSIS - * cackey_ret cackey_end_transaction(struct cackey_slot *slot); - * - * ARGUMENTS - * cackey_slot *slot - * Slot to send commands to - * - * RETURN VALUE - * CACKEY_PCSC_S_OK On success - * CACKEY_PCSC_E_GENERIC On error - * - * NOTES - * This function requires "cackey_begin_transaction" to be called first - * - */ -static cackey_ret cackey_end_transaction(struct cackey_slot *slot) { - LONG scard_trans_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!slot->pcsc_card_connected) { - CACKEY_DEBUG_PRINTF("Card is not connected, unable to end transaction on card"); - - if (slot->transaction_depth > 0) { - CACKEY_DEBUG_PRINTF("Decreasing transaction depth and asking for a hardware lock on the next begin transaction (current depth = %i)", slot->transaction_depth); - - slot->transaction_depth--; - - if (slot->transaction_depth > 0) { - slot->transaction_need_hw_lock = 1; - } - } - - return(CACKEY_PCSC_E_GENERIC); - } - - if (slot->transaction_depth == 0) { - CACKEY_DEBUG_PRINTF("Terminating a transaction that has not begun!"); - - return(CACKEY_PCSC_E_GENERIC); - } - - slot->transaction_depth--; - - if (slot->transaction_depth > 0) { - CACKEY_DEBUG_PRINTF("Transactions still in progress, not terminating on-card Transaction (current depth = %i)", slot->transaction_depth); - - return(CACKEY_PCSC_S_OK); - } - - scard_trans_ret = SCardEndTransaction(slot->pcsc_card, SCARD_LEAVE_CARD); - if (scard_trans_ret != SCARD_S_SUCCESS) { - CACKEY_DEBUG_PRINTF("Unable to end transaction, returning in error"); - - return(CACKEY_PCSC_E_GENERIC); - } - - CACKEY_DEBUG_PRINTF("Sucessfully terminated transaction on slot (%s)", slot->pcsc_reader); - - return(CACKEY_PCSC_S_OK); -} - -/* APDU Related Functions */ -/* - * SYNPOSIS - * cackey_ret cackey_send_apdu(struct cackey_slot *slot, unsigned char class, unsigned char instruction, unsigned char p1, unsigned char p2, unsigned char lc, unsigned char *data, unsigned char le, uint16_t *respcode, unsigned char *respdata, size_t *respdata_len); - * - * ARGUMENTS - * cackey_slot *slot - * Slot to send commands to - * - * unsigned char class - * APDU Class (GSCIS_CLASS_ISO7816 or GSCIS_CLASS_GLOBAL_PLATFORM - * usually), (CLA) - * - * unsigned char instruction - * APDU Instruction (INS) - * - * unsigned char p1 - * APDU Parameter 1 (P1) - * - * unsigned char p2 - * APDU Parameter 2 (P2) - * - * unsigned char lc - * APDU Length of Content (Lc) -- this is the length of "data" - * parameter. If "data" is specified as NULL, this parameter will - * be ignored. - * - * unsigned char *data - * Pointer to buffer to send. It should be "Lc" bytes long. If - * specified as NULL, "Lc" will not be sent, and this buffer will be - * ignored. - * - * unsigned char le - * APDU Length of Expectation (Le) -- this is the length of the - * expected reply. If this is specified as 0 then it will not - * be sent. - * - * uint16_t *respcode - * [OUT] Pointer to storage of APDU response code. If this is - * specified as NULL, the response code will be discarded. - * - * unsigned char *respdata - * [OUT] Pointer to storage of APDU response data. If this is - * specified as NULL, the response data will be discarded. If - * the "respdata_len" parameter is specified as NULL, this buffer - * will not be updated. - * - * size_t *respdata_len - * [IN, OUT] Pointer initialing containing the size of the "respdata" - * buffer. Before returning, the pointed to value is updated to the - * number of bytes written to the buffer. If this is specified as - * NULL, it will not be updated, and "respdata" will be ignored causing - * the response data to be discarded. - * - * RETURN VALUE - * CACKEY_PCSC_S_OK On success - * CACKEY_PCSC_E_GENERIC On error - * CACKEY_PCSC_E_TOKENABSENT If the sending failed because the token is - * absent - * - * NOTES - * This function will connect to the PC/SC Connection Manager via - * cackey_pcsc_connect() if needed. - * - * It will connect to the card in the reader attached to the slot - * specified. It will reconnect to the card if the connection - * goes away. - * - */ -static cackey_ret cackey_send_apdu(struct cackey_slot *slot, unsigned char class, unsigned char instruction, unsigned char p1, unsigned char p2, unsigned char lc, unsigned char *data, unsigned char le, uint16_t *respcode, unsigned char *respdata, size_t *respdata_len) { - uint8_t major_rc, minor_rc; - size_t bytes_to_copy, tmp_respdata_len; - LPCSCARD_IO_REQUEST pioSendPci; - DWORD protocol; - DWORD xmit_len, recv_len; - LONG scard_xmit_ret, scard_reconn_ret; - BYTE xmit_buf[1024], recv_buf[1024]; - int pcsc_connect_ret, pcsc_getresp_ret; - int idx; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!slot) { - CACKEY_DEBUG_PRINTF("Invalid slot specified."); - - return(CACKEY_PCSC_E_GENERIC); - } - - pcsc_connect_ret = cackey_connect_card(slot); - if (pcsc_connect_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Unable to connect to card, returning in failure"); - - return(CACKEY_PCSC_E_GENERIC); - } - - /* Determine which protocol to send using */ - switch (slot->protocol) { - case SCARD_PROTOCOL_T0: - pioSendPci = SCARD_PCI_T0; - - break; - case SCARD_PROTOCOL_T1: - pioSendPci = SCARD_PCI_T1; - - break; - default: - CACKEY_DEBUG_PRINTF("Invalid protocol found, aborting."); - - return(CACKEY_PCSC_E_GENERIC); - } - - /* Transmit */ - xmit_len = 0; - xmit_buf[xmit_len++] = class; - xmit_buf[xmit_len++] = instruction; - xmit_buf[xmit_len++] = p1; - xmit_buf[xmit_len++] = p2; - if (data) { - xmit_buf[xmit_len++] = lc; - for (idx = 0; idx < lc; idx++) { - xmit_buf[xmit_len++] = data[idx]; - } - } - - if (le != 0x00) { - xmit_buf[xmit_len++] = le; - } - - /* Begin Smartcard Transaction */ - cackey_begin_transaction(slot); - - if (class == GSCIS_CLASS_ISO7816 && instruction == GSCIS_INSTR_VERIFY && p1 == 0x00 && p2 == 0x00) { - CACKEY_DEBUG_PRINTF("Sending APDU: <>"); - } else { - CACKEY_DEBUG_PRINTBUF("Sending APDU:", xmit_buf, xmit_len); - } - - recv_len = sizeof(recv_buf); - scard_xmit_ret = SCardTransmit(slot->pcsc_card, pioSendPci, xmit_buf, xmit_len, NULL, recv_buf, &recv_len); - - if (scard_xmit_ret == SCARD_E_NOT_TRANSACTED) { - CACKEY_DEBUG_PRINTF("Failed to send APDU to card (SCardTransmit() = %s/%lx), will ask calling function to retry (not resetting card)...", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_xmit_ret), (unsigned long) scard_xmit_ret); - - /* Begin Smartcard Transaction */ - cackey_end_transaction(slot); - - return(CACKEY_PCSC_E_RETRY); - } - - if (scard_xmit_ret != SCARD_S_SUCCESS) { - CACKEY_DEBUG_PRINTF("Failed to send APDU to card (SCardTransmit() = %s/%lx)", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_xmit_ret), (unsigned long) scard_xmit_ret); - - CACKEY_DEBUG_PRINTF("Marking slot as having been reset"); - cackey_mark_slot_reset(slot); - - if (scard_xmit_ret == SCARD_W_RESET_CARD) { - CACKEY_DEBUG_PRINTF("Reset required, please hold..."); - - scard_reconn_ret = cackey_reconnect_card(slot, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &protocol); - - if (scard_reconn_ret == SCARD_S_SUCCESS) { - /* Update protocol */ - slot->protocol = protocol; - switch (slot->protocol) { - case SCARD_PROTOCOL_T0: - pioSendPci = SCARD_PCI_T0; - - break; - case SCARD_PROTOCOL_T1: - pioSendPci = SCARD_PCI_T1; - - break; - default: - CACKEY_DEBUG_PRINTF("Invalid protocol found, but too late to do anything about it now -- trying anyway."); - - break; - } - - /* Re-establish transaction, if it was present */ - if (slot->transaction_depth > 0) { - slot->transaction_depth--; - slot->transaction_need_hw_lock = 1; - cackey_begin_transaction(slot); - } - - CACKEY_DEBUG_PRINTF("Reset successful, retransmitting"); - - recv_len = sizeof(recv_buf); - scard_xmit_ret = SCardTransmit(slot->pcsc_card, pioSendPci, xmit_buf, xmit_len, NULL, recv_buf, &recv_len); - - if (scard_xmit_ret != SCARD_S_SUCCESS) { - CACKEY_DEBUG_PRINTF("Retransmit failed, returning in failure after disconnecting the card (SCardTransmit = %s/%li)", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_xmit_ret), (long) scard_xmit_ret); - - SCardDisconnect(slot->pcsc_card, SCARD_LEAVE_CARD); - slot->pcsc_card_connected = 0; - - /* End Smartcard Transaction */ - slot->transaction_depth = 1; - cackey_end_transaction(slot); - - return(CACKEY_PCSC_E_TOKENABSENT); - } - } else { - CACKEY_DEBUG_PRINTF("Disconnecting card"); - - SCardDisconnect(slot->pcsc_card, SCARD_LEAVE_CARD); - slot->pcsc_card_connected = 0; - - /* End Smartcard Transaction */ - slot->transaction_depth = 1; - cackey_end_transaction(slot); - - CACKEY_DEBUG_PRINTF("Returning in failure"); - return(CACKEY_PCSC_E_TOKENABSENT); - } - } else { - CACKEY_DEBUG_PRINTF("Disconnecting card"); - - SCardDisconnect(slot->pcsc_card, SCARD_LEAVE_CARD); - slot->pcsc_card_connected = 0; - - /* End Smartcard Transaction */ - slot->transaction_depth = 1; - cackey_end_transaction(slot); - - CACKEY_DEBUG_PRINTF("Returning in failure"); - return(CACKEY_PCSC_E_TOKENABSENT); - } - } - - CACKEY_DEBUG_PRINTBUF("Returned Value:", recv_buf, recv_len); - - if (recv_len < 2) { - /* Minimal response length is 2 bytes, returning in failure */ - CACKEY_DEBUG_PRINTF("Response too small, returning in failure (recv_len = %lu)", (unsigned long) recv_len); - - /* End Smartcard Transaction */ - cackey_end_transaction(slot); - - return(CACKEY_PCSC_E_GENERIC); - } - - /* Determine result code */ - major_rc = recv_buf[recv_len - 2]; - minor_rc = recv_buf[recv_len - 1]; - if (respcode) { - *respcode = (major_rc << 8) | minor_rc; - } - - /* Adjust message buffer */ - recv_len -= 2; - - /* Add bytes to return value */ - tmp_respdata_len = 0; - if (respdata && respdata_len) { - tmp_respdata_len = *respdata_len; - - bytes_to_copy = *respdata_len; - - if (recv_len < bytes_to_copy) { - bytes_to_copy = recv_len; - } - - CACKEY_DEBUG_PRINTF("Copying %lu bytes to the buffer (recv'd %lu bytes, but only %lu bytes left in our buffer)", (unsigned long) bytes_to_copy, (unsigned long) recv_len, (unsigned long) *respdata_len); - - memcpy(respdata, recv_buf, bytes_to_copy); - respdata += bytes_to_copy; - - *respdata_len = bytes_to_copy; - tmp_respdata_len -= bytes_to_copy; - } else { - if (recv_len != 0) { - CACKEY_DEBUG_PRINTF("Throwing away %lu bytes, nowhere to put them!", (unsigned long) recv_len); - } - } - - if (major_rc == 0x61) { - /* We need to READ */ - CACKEY_DEBUG_PRINTF("Buffer read required"); - - if (minor_rc == 0x00) { - minor_rc = CACKEY_APDU_MTU; - } - - pcsc_getresp_ret = cackey_send_apdu(slot, GSCIS_CLASS_ISO7816, GSCIS_INSTR_GET_RESPONSE, 0x00, 0x00, 0, NULL, minor_rc, respcode, respdata, &tmp_respdata_len); - - if (pcsc_getresp_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Buffer read failed! Returning in failure"); - - /* End Smartcard Transaction */ - cackey_end_transaction(slot); - - if (pcsc_getresp_ret == CACKEY_PCSC_E_RETRY) { - return(CACKEY_PCSC_E_RETRY); - } - - return(CACKEY_PCSC_E_GENERIC); - } - - if (respdata_len) { - *respdata_len += tmp_respdata_len; - } - - /* End Smartcard Transaction */ - cackey_end_transaction(slot); - - CACKEY_DEBUG_PRINTF("Returning in success (buffer read complete)"); - return(CACKEY_PCSC_S_OK); - } - - /* End Smartcard Transaction */ - cackey_end_transaction(slot); - - if (major_rc == 0x90) { - /* Success */ - CACKEY_DEBUG_PRINTF("Returning in success (major_rc = 0x90)"); - - return(CACKEY_PCSC_S_OK); - } - - - CACKEY_DEBUG_PRINTF("APDU Returned an error, returning in failure"); - - return(CACKEY_PCSC_E_GENERIC); -} - -/* - * SYNPOSIS - * ssize_t cackey_read_buffer(struct cackey_slot *slot, unsigned char *buffer, size_t count, unsigned char t_or_v, size_t initial_offset); - * - * ARGUMENTS - * struct cackey_slot *slot - * Slot to send commands to - * - * unsigned char *buffer - * [OUT] Buffer - * - * size_t count - * Number of bytes to attempt to read - * - * unsigned char t_or_v - * Select the T-buffer (01) or V-buffer (02) to read from. - * - * size_t initial_offset - * Specify the offset to begin the read from - * - * - * RETURN VALUE - * This function returns the number of bytes actually read, or -1 on error. - * - * NOTES - * None - * - */ -static ssize_t cackey_read_buffer(struct cackey_slot *slot, unsigned char *buffer, size_t count, unsigned char t_or_v, size_t initial_offset) { - unsigned char *init_buffer; - size_t init_count; - size_t init_initial_offset; - - size_t offset = 0, max_offset, max_count; - unsigned char cmd[2]; - uint16_t respcode; - int send_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - init_buffer = buffer; - init_count = count; - init_initial_offset = initial_offset; - - max_offset = count; - max_count = CACKEY_APDU_MTU; - - if (t_or_v != 1 && t_or_v != 2) { - CACKEY_DEBUG_PRINTF("Invalid T or V parameter specified, returning in failure"); - - return(-1); - } - - cmd[0] = t_or_v; - - while (1) { - if (offset >= max_offset) { - CACKEY_DEBUG_PRINTF("Buffer too small, returning what we got..."); - - break; - } - - count = max_offset - offset; - if (count > max_count) { - count = max_count; - } - - cmd[1] = count; - - send_ret = cackey_send_apdu(slot, GSCIS_CLASS_GLOBAL_PLATFORM, GSCIS_INSTR_READ_BUFFER, ((initial_offset + offset) >> 8) & 0xff, (initial_offset + offset) & 0xff, sizeof(cmd), cmd, 0x00, &respcode, buffer + offset, &count); - - if (send_ret == CACKEY_PCSC_E_RETRY) { - CACKEY_DEBUG_PRINTF("ADPU Sending failed, retrying read buffer"); - - return(cackey_read_buffer(slot, init_buffer, init_count, t_or_v, init_initial_offset)); - } - - if (send_ret != CACKEY_PCSC_S_OK) { - if (respcode == 0x6A86) { - if (max_count == 1) { - break; - } - - max_count = max_count / 2; - - continue; - } - - CACKEY_DEBUG_PRINTF("cackey_send_apdu() failed, returning in failure"); - - return(-1); - } - - offset += count; - - if (count < max_count) { - CACKEY_DEBUG_PRINTF("Short read -- count = %i, cmd[1] = %i", (int) count, (int) cmd[1]); - - break; - } - } - -#ifdef CACKEY_PARANOID -# ifdef _POSIX_SSIZE_MAX - if (offset > _POSIX_SSIZE_MAX) { - CACKEY_DEBUG_PRINTF("Offset exceeds maximum value, returning in failure. (max = %li, offset = %lu)", (long) _POSIX_SSIZE_MAX, (unsigned long) offset); - - return(-1); - } -# endif -#endif - - CACKEY_DEBUG_PRINTF("Returning in success, read %lu bytes", (unsigned long) offset); - - return(offset); -} - -/* - * SYNPOSIS - * cackey_ret cackey_select_applet(struct cackey_slot *slot, unsigned char *aid, size_t aid_len); - * - * ARGUMENTS - * struct cackey_slot *slot - * Slot to send commands to - * - * unsigned char *aid - * Buffer containing Applet ID to select - * - * size_t aid_len - * Number of bytes in the "aid" (Applet ID) parameter - * - * RETURN VALUE - * CACKEY_PCSC_S_OK On success - * CACKEY_PCSC_E_GENERIC On error - * - * NOTES - * None - * - */ -static cackey_ret cackey_select_applet(struct cackey_slot *slot, unsigned char *aid, size_t aid_len) { - int send_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - CACKEY_DEBUG_PRINTBUF("Selecting applet:", aid, aid_len); - - send_ret = cackey_send_apdu(slot, GSCIS_CLASS_ISO7816, GSCIS_INSTR_SELECT, GSCIS_PARAM_SELECT_APPLET, 0x00, aid_len, aid, 0x00, NULL, NULL, NULL); - - if (send_ret == CACKEY_PCSC_E_RETRY) { - CACKEY_DEBUG_PRINTF("ADPU Sending failed, retrying select applet"); - - return(cackey_select_applet(slot, aid, aid_len)); - } - - if (send_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Failed to open applet, returning in failure"); - - return(CACKEY_PCSC_E_GENERIC); - } - - CACKEY_DEBUG_PRINTF("Successfully selected file"); - - return(CACKEY_PCSC_S_OK); -} - -/* - * SYNPOSIS - * cackey_ret cackey_select_file(struct cackey_slot *slot, uint16_t ef); - * - * ARGUMENTS - * struct cackey_slot *slot - * Slot to send commands to - * - * uint16_t ef - * Elemental File to select - * - * RETURN VALUE - * CACKEY_PCSC_S_OK On success - * CACKEY_PCSC_E_GENERIC On error - * - * NOTES - * This selects an Elementary File (EF) under the currently selected - * Dedicated File (DF) - * - * Typically this is called after selecting the correct Applet (using - * cackey_select_applet) for VM cards - * - */ -static cackey_ret cackey_select_file(struct cackey_slot *slot, uint16_t ef) { - unsigned char fid_buf[2]; - int send_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - /* Open the elementary file */ - fid_buf[0] = (ef >> 8) & 0xff; - fid_buf[1] = ef & 0xff; - - CACKEY_DEBUG_PRINTF("Selecting file: %04lx", (unsigned long) ef); - - send_ret = cackey_send_apdu(slot, GSCIS_CLASS_ISO7816, GSCIS_INSTR_SELECT, 0x02, 0x0C, sizeof(fid_buf), fid_buf, 0x00, NULL, NULL, NULL); - if (send_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Failed to open file, returning in failure"); - - return(CACKEY_PCSC_E_GENERIC); - } - - CACKEY_DEBUG_PRINTF("Successfully selected file"); - - return(CACKEY_PCSC_S_OK); -} - -/* - * SYNPOSIS - * void cackey_free_tlv(struct cackey_tlv_entity *root); - * - * ARGUMENTS - * struct cackey_tlv_entity *root - * Root of the TLV list to start freeing - * - * RETURN VALUE - * None - * - * NOTES - * This function frees the TLV linked listed returned from - * "cackey_read_tlv" - * - */ -static void cackey_free_tlv(struct cackey_tlv_entity *root) { - struct cackey_tlv_entity *curr, *next; - - if (root == NULL) { - return; - } - - for (curr = root; curr; curr = next) { - next = curr->_next; - - switch (curr->tag) { - case GSCIS_TAG_ACR_TABLE: - case GSCIS_TAG_CERTIFICATE: - if (curr->value) { - free(curr->value); - } - break; - case GSCIS_TAG_CARDURL: - if (curr->value_cardurl) { - free(curr->value_cardurl); - } - break; - } - - free(curr); - } - - return; -} - -/* - * SYNPOSIS - * ... - * - * ARGUMENTS - * ... - * - * RETURN VALUE - * ... - * - * NOTES - * ... - * - */ -static struct cackey_tlv_entity *cackey_read_tlv(struct cackey_slot *slot) { - struct cackey_tlv_entity *curr_entity, *root = NULL, *last = NULL; - unsigned char tlen_buf[2], tval_buf[1024], *tval; - unsigned char vlen_buf[2], vval_buf[8192], *vval; - unsigned char *tmpbuf; - unsigned long tmpbuflen; - ssize_t tlen, vlen; - ssize_t read_ret; - size_t offset_t = 0, offset_v = 0; - unsigned char tag; - size_t length; -#ifdef HAVE_LIBZ - int uncompress_ret; -#endif - - CACKEY_DEBUG_PRINTF("Called."); - - read_ret = cackey_read_buffer(slot, tlen_buf, sizeof(tlen_buf), 1, offset_t); - if (read_ret != sizeof(tlen_buf)) { - CACKEY_DEBUG_PRINTF("Read failed, returning in failure"); - - return(NULL); - } - - tlen = (tlen_buf[1] << 8) | tlen_buf[0]; - - read_ret = cackey_read_buffer(slot, vlen_buf, sizeof(vlen_buf), 2, offset_v); - if (read_ret != sizeof(vlen_buf)) { - CACKEY_DEBUG_PRINTF("Read failed, returning in failure"); - - return(NULL); - } - - vlen = (vlen_buf[1] << 8) | vlen_buf[0]; - - CACKEY_DEBUG_PRINTF("Tag Length = %i, Value Length = %i", tlen, vlen); - - offset_t += 2; - offset_v += 2; - - if (tlen > sizeof(tval_buf)) { - CACKEY_DEBUG_PRINTF("Tag length is too large, returning in failure"); - - return(NULL); - } - - if (vlen > sizeof(vval_buf)) { - CACKEY_DEBUG_PRINTF("Value length is too large, returning in failure"); - - return(NULL); - } - - read_ret = cackey_read_buffer(slot, tval_buf, tlen, 1, offset_t); - if (read_ret != tlen) { - CACKEY_DEBUG_PRINTF("Unable to read entire T-buffer, returning in failure"); - - return(NULL); - } - - read_ret = cackey_read_buffer(slot, vval_buf, vlen, 2, offset_v); - if (read_ret != vlen) { - CACKEY_DEBUG_PRINTF("Unable to read entire V-buffer, returning in failure"); - - return(NULL); - } - - tval = tval_buf; - vval = vval_buf; - while (tlen > 0 && vlen > 0) { - tag = *tval; - tval++; - tlen--; - - if (*tval == 0xff) { - length = (tval[2] << 8) | tval[1]; - tval += 3; - tlen -= 3; - } else { - length = *tval; - tval++; - tlen--; - } - - CACKEY_DEBUG_PRINTF("Tag: %s (%02x)", CACKEY_DEBUG_FUNC_TAG_TO_STR(tag), (unsigned int) tag); - CACKEY_DEBUG_PRINTBUF("Value:", vval, length); - - curr_entity = NULL; - switch (tag) { - case GSCIS_TAG_CARDURL: - curr_entity = malloc(sizeof(*curr_entity)); - curr_entity->value_cardurl = malloc(sizeof(*curr_entity->value_cardurl)); - - memcpy(curr_entity->value_cardurl->rid, vval, 5); - curr_entity->value_cardurl->apptype = vval[5]; - curr_entity->value_cardurl->objectid = (vval[6] << 8) | vval[7]; - curr_entity->value_cardurl->appid = (vval[8] << 8) | vval[9]; - - curr_entity->tag = tag; - curr_entity->_next = NULL; - - break; - case GSCIS_TAG_ACR_TABLE: - curr_entity = malloc(sizeof(*curr_entity)); - tmpbuf = malloc(length); - - memcpy(tmpbuf, vval, length); - - curr_entity->tag = tag; - curr_entity->length = length; - curr_entity->value = tmpbuf; - curr_entity->_next = NULL; - - break; - case GSCIS_TAG_CERTIFICATE: - curr_entity = malloc(sizeof(*curr_entity)); - -#ifdef HAVE_LIBZ - tmpbuflen = length * 2; - tmpbuf = malloc(tmpbuflen); - - uncompress_ret = uncompress(tmpbuf, &tmpbuflen, vval, length); - if (uncompress_ret != Z_OK) { - CACKEY_DEBUG_PRINTF("Failed to decompress, uncompress() returned %i -- resorting to direct copy", uncompress_ret); - - tmpbuflen = length; - memcpy(tmpbuf, vval, length); - } - - CACKEY_DEBUG_PRINTBUF("Decompressed to:", tmpbuf, tmpbuflen); -#else - CACKEY_DEBUG_PRINTF("Missing ZLIB Support, this certificate is likely useless..."); - - tmpbuflen = length; - memcpy(tmpbuf, vval, length); -#endif - - curr_entity->tag = tag; - curr_entity->length = tmpbuflen; - curr_entity->value = tmpbuf; - curr_entity->_next = NULL; - - break; - case GSCIS_TAG_PKCS15: - curr_entity = malloc(sizeof(*curr_entity)); - - curr_entity->tag = tag; - curr_entity->value_byte = vval[0]; - curr_entity->_next = NULL; - - break; - } - - vval += length; - vlen -= length; - - if (curr_entity != NULL) { - if (root == NULL) { - root = curr_entity; - } - - if (last != NULL) { - last->_next = curr_entity; - } - - last = curr_entity; - } - } - - return(root); -} - -/* - * SYNPOSIS - * ... - * - * ARGUMENTS - * ... - * - * RETURN VALUE - * ... - * - * NOTES - * ... - * - */ -static void cackey_free_certs(struct cackey_pcsc_identity *start, size_t count, int free_start) { - size_t idx; - - for (idx = 0; idx < count; idx++) { - if (start[idx].certificate) { - free(start[idx].certificate); - } - } - - if (free_start) { - free(start); - } - - return; -} - -/* - * SYNPOSIS - * ... - * - * ARGUMENTS - * ... - * - * RETURN VALUE - * ... - * - * NOTES - * ... - * - */ -static struct cackey_pcsc_identity *cackey_read_certs(struct cackey_slot *slot, struct cackey_pcsc_identity *certs, unsigned long *count) { - struct cackey_pcsc_identity *curr_id; - struct cackey_tlv_entity *ccc_tlv, *ccc_curr, *app_tlv, *app_curr; - unsigned char ccc_aid[] = {GSCIS_AID_CCC}; - unsigned char curr_aid[7]; - unsigned long outidx = 0; - cackey_ret transaction_ret; - int certs_resizable; - int send_ret, select_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - if (count == NULL) { - CACKEY_DEBUG_PRINTF("count is NULL, returning in failure"); - - return(NULL); - } - - if (certs != NULL) { - if (*count == 0) { - CACKEY_DEBUG_PRINTF("Requested we return 0 objects, short-circuit"); - - return(certs); - } - } - - /* Begin a SmartCard transaction */ - transaction_ret = cackey_begin_transaction(slot); - if (transaction_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Unable begin transaction, returning in failure"); - - return(NULL); - } - - if (certs == NULL) { - certs = malloc(sizeof(*certs) * 5); - *count = 5; - certs_resizable = 1; - } else { - certs_resizable = 0; - } - - /* Select the CCC Applet */ - send_ret = cackey_select_applet(slot, ccc_aid, sizeof(ccc_aid)); - if (send_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Unable to select CCC Applet, returning in failure"); - - /* Terminate SmartCard Transaction */ - cackey_end_transaction(slot); - - return(NULL); - } - - /* Read all the applets from the CCC's TLV */ - ccc_tlv = cackey_read_tlv(slot); - - /* Look for CARDURLs that coorespond to PKI applets */ - for (ccc_curr = ccc_tlv; ccc_curr; ccc_curr = ccc_curr->_next) { - CACKEY_DEBUG_PRINTF("Found tag: %s ... ", CACKEY_DEBUG_FUNC_TAG_TO_STR(ccc_curr->tag)); - - if (ccc_curr->tag != GSCIS_TAG_CARDURL) { - CACKEY_DEBUG_PRINTF(" ... skipping it (we only care about CARDURLs)"); - - continue; - } - - if ((ccc_curr->value_cardurl->apptype & CACKEY_TLV_APP_PKI) != CACKEY_TLV_APP_PKI) { - CACKEY_DEBUG_PRINTF(" ... skipping it (we only care about PKI applets, this applet supports: %s/%02x)", CACKEY_DEBUG_FUNC_APPTYPE_TO_STR(ccc_curr->value_cardurl->apptype), (unsigned int) ccc_curr->value_cardurl->apptype); - - continue; - } - - CACKEY_DEBUG_PRINTBUF("RID:", ccc_curr->value_cardurl->rid, sizeof(ccc_curr->value_cardurl->rid)); - CACKEY_DEBUG_PRINTF("AppID = %s/%04lx", CACKEY_DEBUG_FUNC_OBJID_TO_STR(ccc_curr->value_cardurl->appid), (unsigned long) ccc_curr->value_cardurl->appid); - CACKEY_DEBUG_PRINTF("ObjectID = %s/%04lx", CACKEY_DEBUG_FUNC_OBJID_TO_STR(ccc_curr->value_cardurl->objectid), (unsigned long) ccc_curr->value_cardurl->objectid); - - memcpy(curr_aid, ccc_curr->value_cardurl->rid, sizeof(ccc_curr->value_cardurl->rid)); - curr_aid[sizeof(curr_aid) - 2] = (ccc_curr->value_cardurl->appid >> 8) & 0xff; - curr_aid[sizeof(curr_aid) - 1] = ccc_curr->value_cardurl->appid & 0xff; - - /* Select found applet ... */ - select_ret = cackey_select_applet(slot, curr_aid, sizeof(curr_aid)); - if (select_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Failed to select applet, skipping processing of this object"); - - continue; - } - - /* ... and object (file) */ - select_ret = cackey_select_file(slot, ccc_curr->value_cardurl->objectid); - if (select_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Failed to select file, skipping processing of this object"); - - continue; - } - - /* Process this file's TLV looking for certificates */ - app_tlv = cackey_read_tlv(slot); - - for (app_curr = app_tlv; app_curr; app_curr = app_curr->_next) { - CACKEY_DEBUG_PRINTF("Found tag: %s", CACKEY_DEBUG_FUNC_TAG_TO_STR(app_curr->tag)); - if (app_curr->tag != GSCIS_TAG_CERTIFICATE) { - CACKEY_DEBUG_PRINTF(" ... skipping it (we only care about CERTIFICATEs)"); - - continue; - } - - curr_id = &certs[outidx]; - outidx++; - - memcpy(curr_id->applet, curr_aid, sizeof(curr_id->applet)); - curr_id->file = ccc_curr->value_cardurl->objectid; - curr_id->keysize = -1; - - CACKEY_DEBUG_PRINTF("Filling curr_id->applet (%p) with %lu bytes:", curr_id->applet, (unsigned long) sizeof(curr_id->applet)); - CACKEY_DEBUG_PRINTBUF("VAL:", curr_id->applet, sizeof(curr_id->applet)); - - curr_id->certificate_len = app_curr->length; - - curr_id->certificate = malloc(curr_id->certificate_len); - memcpy(curr_id->certificate, app_curr->value, curr_id->certificate_len); - - if (outidx >= *count) { - if (certs_resizable) { - *count *= 2; - certs = realloc(certs, sizeof(*certs) * (*count)); - } else { - break; - } - } - } - - cackey_free_tlv(app_tlv); - - if (outidx >= *count) { - break; - } - } - - cackey_free_tlv(ccc_tlv); - - *count = outidx; - - if (certs_resizable) { - certs = realloc(certs, sizeof(*certs) * (*count)); - } - - /* Terminate SmartCard Transaction */ - cackey_end_transaction(slot); - - return(certs); -} - -/* - * SYNPOSIS - * ... - * - * ARGUMENTS - * ... - * - * RETURN VALUE - * ... - * - * NOTES - * ... - * - */ -static ssize_t cackey_signdecrypt(struct cackey_slot *slot, struct cackey_identity *identity, unsigned char *buf, size_t buflen, unsigned char *outbuf, size_t outbuflen, int padInput, int unpadOutput) { - unsigned char *tmpbuf, *tmpbuf_s, *outbuf_s; - unsigned char bytes_to_send, p1; - unsigned char blocktype; - cackey_ret send_ret; - uint16_t respcode; - ssize_t retval = 0, unpadoffset; - size_t tmpbuflen, padlen, tmpoutbuflen; - int free_tmpbuf = 0; - int le; - - CACKEY_DEBUG_PRINTF("Called."); - - if (slot == NULL) { - CACKEY_DEBUG_PRINTF("Error. slot is NULL"); - - return(-1); - } - - if (buf == NULL) { - CACKEY_DEBUG_PRINTF("Error. buf is NULL"); - - return(-1); - } - - if (outbuf == NULL) { - CACKEY_DEBUG_PRINTF("Error. outbuf is NULL"); - - return(-1); - } - - if (identity == NULL) { - CACKEY_DEBUG_PRINTF("Error. identity is NULL"); - - return(-1); - } - - if (identity->pcsc_identity == NULL) { - CACKEY_DEBUG_PRINTF("Error. identity->pcsc_identity is NULL"); - - return(-1); - } - - /* Determine identity Key size */ - if (identity->pcsc_identity->keysize < 0) { - identity->pcsc_identity->keysize = x509_to_keysize(identity->pcsc_identity->certificate, identity->pcsc_identity->certificate_len); - } - - /* Pad message to key size */ - if (padInput) { - if (identity->pcsc_identity->keysize > 0) { - if (buflen != identity->pcsc_identity->keysize) { - if (buflen > (identity->pcsc_identity->keysize + 3)) { - CACKEY_DEBUG_PRINTF("Error. Message is too large to sign/decrypt"); - - return(-1); - } - - tmpbuflen = identity->pcsc_identity->keysize; - tmpbuf = malloc(tmpbuflen); - free_tmpbuf = 1; - - padlen = tmpbuflen - buflen - 3; - - /* RSA PKCS#1 EMSA-PKCS1-v1_5 Padding */ - tmpbuf[0] = 0x00; - tmpbuf[1] = 0x01; - memset(&tmpbuf[2], 0xFF, padlen); - tmpbuf[padlen + 2]= 0x00; - memcpy(&tmpbuf[padlen + 3], buf, buflen); - - CACKEY_DEBUG_PRINTBUF("Unpadded:", buf, buflen); - CACKEY_DEBUG_PRINTBUF("Padded:", tmpbuf, tmpbuflen); - } else { - tmpbuf = buf; - tmpbuflen = buflen; - free_tmpbuf = 0; - padlen = 0; - } - } else { - CACKEY_DEBUG_PRINTF("Unable to determine key size, hoping the message is properly padded!"); - - tmpbuf = buf; - tmpbuflen = buflen; - free_tmpbuf = 0; - padlen = 0; - } - } else { - tmpbuf = buf; - tmpbuflen = buflen; - free_tmpbuf = 0; - padlen = 0; - } - - /* Begin transaction */ - cackey_begin_transaction(slot); - - /* Select correct applet */ - CACKEY_DEBUG_PRINTF("Selecting applet found at %p ...", identity->pcsc_identity->applet); - cackey_select_applet(slot, identity->pcsc_identity->applet, sizeof(identity->pcsc_identity->applet)); - - /* Select correct file */ - cackey_select_file(slot, identity->pcsc_identity->file); - - tmpbuf_s = tmpbuf; - outbuf_s = outbuf; - while (tmpbuflen) { - if (tmpbuflen > 245) { - bytes_to_send = 245; - p1 = 0x80; - le = 0x00; - } else { - bytes_to_send = tmpbuflen; - p1 = 0x00; - le = 0x00; - } - - tmpoutbuflen = outbuflen; - - send_ret = cackey_send_apdu(slot, GSCIS_CLASS_GLOBAL_PLATFORM, GSCIS_INSTR_SIGNDECRYPT, p1, 0x00, bytes_to_send, tmpbuf, le, &respcode, outbuf, &tmpoutbuflen); - if (send_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("ADPU Sending Failed -- returning in error."); - - if (free_tmpbuf) { - if (tmpbuf_s) { - free(tmpbuf_s); - } - } - - /* End transaction */ - cackey_end_transaction(slot); - - if (respcode == 0x6982) { - CACKEY_DEBUG_PRINTF("Security status not satisified. Returning NEEDLOGIN"); - - cackey_mark_slot_reset(slot); - slot->token_flags = CKF_LOGIN_REQUIRED; - - return(CACKEY_PCSC_E_NEEDLOGIN); - } - - if (send_ret == CACKEY_PCSC_E_TOKENABSENT) { - CACKEY_DEBUG_PRINTF("Token absent. Returning TOKENABSENT"); - - cackey_mark_slot_reset(slot); - slot->token_flags = CKF_LOGIN_REQUIRED; - - return(CACKEY_PCSC_E_TOKENABSENT); - } - - return(-1); - } - - tmpbuf += bytes_to_send; - tmpbuflen -= bytes_to_send; - - outbuf += tmpoutbuflen; - outbuflen -= tmpoutbuflen; - retval += tmpoutbuflen; - } - - if (free_tmpbuf) { - if (tmpbuf_s) { - free(tmpbuf_s); - } - } - - outbuf = outbuf_s; - - /* End transaction */ - cackey_end_transaction(slot); - -#ifdef CACKEY_PARANOID -# ifdef _POSIX_SSIZE_MAX - if (outbuflen > _POSIX_SSIZE_MAX) { - CACKEY_DEBUG_PRINTF("Outbuflen exceeds maximum value, returning in failure. (max = %li, outbuflen = %lu)", (long) _POSIX_SSIZE_MAX, (unsigned long) outbuflen); - - return(-1); - } -# endif -#endif - - /* Unpad reply */ - if (unpadOutput) { - if (retval < 3) { - CACKEY_DEBUG_PRINTF("Reply is too small, we are not able to unpad -- passing back and hoping for the best!"); - - CACKEY_DEBUG_PRINTF("Returning in success, retval = %li (bytes)", (long) retval); - return(retval); - } - - if (outbuf[0] != 0x00) { - CACKEY_DEBUG_PRINTF("Unrecognized padding scheme -- passing back and hoping for the best!"); - - CACKEY_DEBUG_PRINTF("Returning in success, retval = %li (bytes)", (long) retval); - return(retval); - } - - blocktype = outbuf[1]; - unpadoffset = 0; - - switch (blocktype) { - case 0x00: - /* Padding Scheme 1, the first non-zero byte is the start of data */ - for (unpadoffset = 2; unpadoffset < retval; unpadoffset++) { - if (outbuf[unpadoffset] != 0x00) { - break; - } - } - break; - case 0x01: - /* Padding Scheme 2, pad bytes are 0xFF followed by 0x00 */ - for (unpadoffset = 2; unpadoffset < retval; unpadoffset++) { - if (outbuf[unpadoffset] != 0xFF) { - if (outbuf[unpadoffset] == 0x00) { - unpadoffset++; - - break; - } else { - CACKEY_DEBUG_PRINTF("Invalid padding data found, returning in failure, should have been 0x00 found 0x%02x", (unsigned int) outbuf[unpadoffset]); - - return(-1); - } - } else { - CACKEY_DEBUG_PRINTF("Invalid padding data found, returning in failure, should have been 0xFF found 0x%02x", (unsigned int) outbuf[unpadoffset]); - - return(-1); - } - } - break; - case 0x02: - /* Padding Scheme 3, pad bytes are non-zero first zero byte found is the seperator byte */ - for (unpadoffset = 2; unpadoffset < retval; unpadoffset++) { - if (outbuf[unpadoffset] == 0x00) { - unpadoffset++; - - break; - } - } - break; - } - - if (unpadoffset > retval) { - CACKEY_DEBUG_PRINTF("Offset greater than reply size, aborting. (unpadoffset = %lu, retval = %lu)", (unsigned long) unpadoffset, (unsigned long) retval); - - return(-1); - } - - CACKEY_DEBUG_PRINTBUF("Padded:", outbuf, retval); - - retval -= unpadoffset; - memmove(outbuf, outbuf + unpadoffset, retval); - - CACKEY_DEBUG_PRINTBUF("Unpadded:", outbuf, retval); - } - - - CACKEY_DEBUG_PRINTF("Returning in success, retval = %li (bytes)", (long) retval); - - return(retval); -} - -/* - * SYNPOSIS - * ... - * - * ARGUMENTS - * ... - * - * RETURN VALUE - * ... - * - * NOTES - * ... - * - */ -static cackey_ret cackey_login(struct cackey_slot *slot, unsigned char *pin, unsigned long pin_len, int *tries_remaining_p) { - unsigned char cac_pin[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; - uint16_t response_code; - int tries_remaining; - int send_ret; - - /* Indicate that we do not know about how many tries are remaining */ - if (tries_remaining_p) { - *tries_remaining_p = -1; - } - - /* Apparently, CAC PINs are *EXACTLY* 8 bytes long -- pad with 0xFF if too short */ - if (pin_len >= 8) { - memcpy(cac_pin, pin, 8); - } else { - memcpy(cac_pin, pin, pin_len); - } - - /* Issue PIN Verify */ - send_ret = cackey_send_apdu(slot, GSCIS_CLASS_ISO7816, GSCIS_INSTR_VERIFY, 0x00, 0x00, sizeof(cac_pin), cac_pin, 0x00, &response_code, NULL, NULL); - if (send_ret != CACKEY_PCSC_S_OK) { - if ((response_code & 0x63C0) == 0x63C0) { - tries_remaining = (response_code & 0xF); - - CACKEY_DEBUG_PRINTF("PIN Verification failed, %i tries remaining", tries_remaining); - - if (tries_remaining_p) { - *tries_remaining_p = tries_remaining; - } - - return(CACKEY_PCSC_E_BADPIN); - } - - if (response_code == 0x6983) { - CACKEY_DEBUG_PRINTF("PIN Verification failed, device is locked"); - - return(CACKEY_PCSC_E_LOCKED); - } - - return(CACKEY_PCSC_E_GENERIC); - } - - CACKEY_DEBUG_PRINTF("PIN Verification succeeded"); - - return(CACKEY_PCSC_S_OK); -} - -/* - * SYNPOSIS - * ... - * - * ARGUMENTS - * ... - * - * RETURN VALUE - * ... - * - * NOTES - * ... - * - */ -static cackey_ret cackey_token_present(struct cackey_slot *slot) { - cackey_ret pcsc_connect_ret; - DWORD reader_len, state, protocol, atr_len; - BYTE atr[MAX_ATR_SIZE]; - LONG status_ret, scard_reconn_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - pcsc_connect_ret = cackey_connect_card(slot); - if (pcsc_connect_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Unable to connect to card, returning token absent"); - - return(CACKEY_PCSC_E_TOKENABSENT); - } - - atr_len = sizeof(atr); - status_ret = SCardStatus(slot->pcsc_card, NULL, &reader_len, &state, &protocol, atr, &atr_len); - - if (status_ret == SCARD_E_INVALID_HANDLE) { - CACKEY_DEBUG_PRINTF("SCardStatus() returned SCARD_E_INVALID_HANDLE, marking is not already connected and trying again"); - cackey_mark_slot_reset(slot); - - pcsc_connect_ret = cackey_connect_card(slot); - if (pcsc_connect_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Unable to connect to card, returning token absent"); - - return(CACKEY_PCSC_E_TOKENABSENT); - } - - atr_len = sizeof(atr); - status_ret = SCardStatus(slot->pcsc_card, NULL, &reader_len, &state, &protocol, atr, &atr_len); - } - - if (status_ret != SCARD_S_SUCCESS) { - cackey_mark_slot_reset(slot); - - if (status_ret == SCARD_W_RESET_CARD) { - CACKEY_DEBUG_PRINTF("Reset required, please hold..."); - - scard_reconn_ret = cackey_reconnect_card(slot, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &protocol); - if (scard_reconn_ret == SCARD_S_SUCCESS) { - /* Update protocol */ - slot->protocol = protocol; - - /* Re-establish transaction, if it was present */ - if (slot->transaction_depth > 0) { - slot->transaction_depth--; - slot->transaction_need_hw_lock = 1; - cackey_begin_transaction(slot); - } - - CACKEY_DEBUG_PRINTF("Reset successful, requerying"); - status_ret = SCardStatus(slot->pcsc_card, NULL, &reader_len, &state, &protocol, atr, &atr_len); - if (status_ret != SCARD_S_SUCCESS) { - CACKEY_DEBUG_PRINTF("Still unable to query card status, returning token absent. SCardStatus() = %s", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(status_ret)); - - return(CACKEY_PCSC_E_TOKENABSENT); - } - } else { - CACKEY_DEBUG_PRINTF("Unable to reconnect to card, returning token absent. SCardReconnect() = %s", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_reconn_ret)); - - return(CACKEY_PCSC_E_TOKENABSENT); - } - } else { - CACKEY_DEBUG_PRINTF("Unable to query card status, returning token absent. SCardStatus() = %s", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(status_ret)); - - return(CACKEY_PCSC_E_TOKENABSENT); - } - } - - if ((state & SCARD_ABSENT) == SCARD_ABSENT) { - CACKEY_DEBUG_PRINTF("Card is absent, returning token absent"); - - return(CACKEY_PCSC_E_TOKENABSENT); - } - - CACKEY_DEBUG_PRINTF("Returning token present."); - - return(CACKEY_PCSC_S_TOKENPRESENT); -} - -/* - * SYNPOSIS - * ... - * - * ARGUMENTS - * ... - * - * RETURN VALUE - * ... - * - * NOTES - * ... - * - */ -static ssize_t cackey_pcsc_identity_to_label(struct cackey_pcsc_identity *identity, unsigned char *label_buf, unsigned long label_buf_len) { - unsigned long certificate_len; - char *label_asn1; - void *certificate; - int x509_read_ret; - - certificate = identity->certificate; - certificate_len = identity->certificate_len; - - if (certificate_len < 0) { - return(-1); - } - - x509_read_ret = x509_to_subject(certificate, certificate_len, (void **) &label_asn1); - if (x509_read_ret < 0) { - return(-1); - } - - x509_read_ret = x509_dn_to_string(label_asn1, x509_read_ret, (char *) label_buf, label_buf_len, "CN"); - if (x509_read_ret <= 0) { - x509_read_ret = x509_dn_to_string(label_asn1, x509_read_ret, (char *) label_buf, label_buf_len, NULL); - - if (x509_read_ret <= 0) { - return(-1); - } - } - -#ifdef CACKEY_PARANOID -# ifdef _POSIX_SSIZE_MAX - if (x509_read_ret > _POSIX_SSIZE_MAX) { - CACKEY_DEBUG_PRINTF("x509_read_ret exceeds maximum value, returning in failure. (max = %li, x509_read_ret = %lu)", (long) _POSIX_SSIZE_MAX, (unsigned long) x509_read_ret); - - return(-1); - } -# endif -#endif - - return(x509_read_ret); -} - -/* Returns 0 on success */ -static int cackey_mutex_create(void **mutex) { - pthread_mutex_t *pthread_mutex; - int pthread_retval; - CK_RV custom_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if ((cackey_args.flags & CKF_OS_LOCKING_OK) == CKF_OS_LOCKING_OK) { - pthread_mutex = malloc(sizeof(*pthread_mutex)); - if (!pthread_mutex) { - CACKEY_DEBUG_PRINTF("Failed to allocate memory."); - - return(-1); - } - - pthread_retval = pthread_mutex_init(pthread_mutex, NULL); - if (pthread_retval != 0) { - CACKEY_DEBUG_PRINTF("pthread_mutex_init() returned error (%i).", pthread_retval); - - return(-1); - } - - *mutex = pthread_mutex; - } else { - if (cackey_args.CreateMutex) { - custom_retval = cackey_args.CreateMutex(mutex); - - if (custom_retval != CKR_OK) { - CACKEY_DEBUG_PRINTF("cackey_args.CreateMutex() returned error (%li).", (long) custom_retval); - - return(-1); - } - } - } - - CACKEY_DEBUG_PRINTF("Returning sucessfully (0)"); - - return(0); -} - -/* Returns 0 on success */ -static int cackey_mutex_lock(void *mutex) { - pthread_mutex_t *pthread_mutex; - int pthread_retval; - CK_RV custom_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if ((cackey_args.flags & CKF_OS_LOCKING_OK) == CKF_OS_LOCKING_OK) { - pthread_mutex = mutex; - - pthread_retval = pthread_mutex_lock(pthread_mutex); - if (pthread_retval != 0) { - CACKEY_DEBUG_PRINTF("pthread_mutex_lock() returned error (%i).", pthread_retval); - - return(-1); - } - } else { - if (cackey_args.LockMutex) { - custom_retval = cackey_args.LockMutex(mutex); - - if (custom_retval != CKR_OK) { - CACKEY_DEBUG_PRINTF("cackey_args.LockMutex() returned error (%li).", (long) custom_retval); - - return(-1); - } - } - } - - CACKEY_DEBUG_PRINTF("Returning sucessfully (0)"); - - return(0); -} - -/* Returns 0 on success */ -static int cackey_mutex_unlock(void *mutex) { - pthread_mutex_t *pthread_mutex; - int pthread_retval; - CK_RV custom_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if ((cackey_args.flags & CKF_OS_LOCKING_OK) == CKF_OS_LOCKING_OK) { - pthread_mutex = mutex; - - pthread_retval = pthread_mutex_unlock(pthread_mutex); - if (pthread_retval != 0) { - CACKEY_DEBUG_PRINTF("pthread_mutex_unlock() returned error (%i).", pthread_retval); - - return(-1); - } - } else { - if (cackey_args.UnlockMutex) { - custom_retval = cackey_args.UnlockMutex(mutex); - - if (custom_retval != CKR_OK) { - CACKEY_DEBUG_PRINTF("cackey_args.UnlockMutex() returned error (%li).", (long) custom_retval); - - return(-1); - } - } - } - - CACKEY_DEBUG_PRINTF("Returning sucessfully (0)"); - - return(0); -} - -static CK_ATTRIBUTE_PTR cackey_get_attributes(CK_OBJECT_CLASS objectclass, struct cackey_pcsc_identity *identity, unsigned long identity_num, CK_ULONG_PTR pulCount) { - static CK_BBOOL ck_true = 1; - static CK_BBOOL ck_false = 0; - CK_ULONG numattrs = 0, retval_count; - CK_ATTRIBUTE_TYPE curr_attr_type; - CK_ATTRIBUTE curr_attr, *retval; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; - CK_OBJECT_CLASS ck_object_class; - CK_CERTIFICATE_TYPE ck_certificate_type; - CK_KEY_TYPE ck_key_type; - CK_UTF8CHAR ucTmpBuf[1024]; - unsigned char *certificate; - ssize_t certificate_len = -1, x509_read_ret; - int pValue_free; - - CACKEY_DEBUG_PRINTF("Called (objectClass = %lu, identity_num = %lu).", (unsigned long) objectclass, identity_num); - - if (objectclass != CKO_CERTIFICATE && objectclass != CKO_PUBLIC_KEY && objectclass != CKO_PRIVATE_KEY) { - CACKEY_DEBUG_PRINTF("Returning 0 objects (NULL), invalid object class"); - - return(NULL); - } - - /* Get Cert */ - if (identity == NULL) { - CACKEY_DEBUG_PRINTF("Returning 0 objects (NULL), invalid identiy provided"); - - return(NULL); - } - - certificate = identity->certificate; - certificate_len = identity->certificate_len; - - if (certificate_len == -1 || certificate == NULL) { - CACKEY_DEBUG_PRINTF("Returning 0 objects (NULL), this identity does not have an X.509 certificate associated with it and will not work"); - - return(NULL); - } - - /* Verify that certificate is ASN.1 encoded X.509 certificate */ - if (x509_to_serial(certificate, certificate_len, NULL) < 0) { - CACKEY_DEBUG_PRINTF("Returning 0 objects (NULL), the X.509 certificate associated with this identity is not valid"); - - return(NULL); - } - - retval_count = 16; - retval = malloc(retval_count * sizeof(*retval)); - - for (curr_attr_type = 0; curr_attr_type < 0xce53635f; curr_attr_type++) { - if (curr_attr_type == 0x800) { - curr_attr_type = 0xce536300; - } - - pValue_free = 0; - pValue = NULL; - ulValueLen = (CK_LONG) -1; - - switch (curr_attr_type) { - case CKA_CLASS: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_CLASS (0x%08lx) ...", (unsigned long) curr_attr_type); - - ck_object_class = objectclass; - - pValue = &ck_object_class; - ulValueLen = sizeof(ck_object_class); - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_OBJECT_CLASS *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_TOKEN: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_TOKEN (0x%08lx) ...", (unsigned long) curr_attr_type); - - pValue = &ck_true; - ulValueLen = sizeof(ck_true); - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_TRUSTED: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_TRUSTED (0x%08lx) ...", (unsigned long) curr_attr_type); - - pValue = &ck_true; - ulValueLen = sizeof(ck_true); - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_MODIFIABLE: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_MODIFIABLE (0x%08lx) ...", (unsigned long) curr_attr_type); - - pValue = &ck_false; - ulValueLen = sizeof(ck_false); - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_LABEL: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_LABEL (0x%08lx) ...", (unsigned long) curr_attr_type); - - /* XXX: Determine name */ - ulValueLen = snprintf((char *) ucTmpBuf, sizeof(ucTmpBuf), "Identity #%lu", (unsigned long) identity_num); - pValue = ucTmpBuf; - - if (ulValueLen >= sizeof(ucTmpBuf)) { - ulValueLen = 0; - pValue = NULL; - } - - CACKEY_DEBUG_PRINTF(" ... returning (%p/%lu)", pValue, (unsigned long) ulValueLen); - - break; - case CKA_VALUE: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_VALUE (0x%08lx) ...", (unsigned long) curr_attr_type); - - switch (objectclass) { - case CKO_PRIVATE_KEY: - CACKEY_DEBUG_PRINTF(" ... but not getting it because we are a private key."); - - break; - case CKO_PUBLIC_KEY: - /* XXX: TODO */ - - break; - case CKO_CERTIFICATE: - pValue = certificate; - ulValueLen = certificate_len; - - break; - } - - CACKEY_DEBUG_PRINTF(" ... returning %p/%lu", pValue, (unsigned long) ulValueLen); - - break; - case CKA_ISSUER: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_ISSUER (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (objectclass != CKO_CERTIFICATE) { - CACKEY_DEBUG_PRINTF(" ... but not getting it because we are not a certificate."); - - break; - } - - if (certificate_len >= 0) { - x509_read_ret = x509_to_issuer(certificate, certificate_len, &pValue); - if (x509_read_ret < 0) { - pValue = NULL; - } else { - ulValueLen = x509_read_ret; - } - } - - CACKEY_DEBUG_PRINTF(" ... returning %p/%lu", pValue, (unsigned long) ulValueLen); - - break; - case CKA_SERIAL_NUMBER: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_SERIAL_NUMBER (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (objectclass != CKO_CERTIFICATE) { - CACKEY_DEBUG_PRINTF(" ... but not getting it because we are not a certificate."); - - break; - } - - if (certificate_len >= 0) { - x509_read_ret = x509_to_serial(certificate, certificate_len, &pValue); - if (x509_read_ret < 0) { - pValue = NULL; - } else { - ulValueLen = x509_read_ret; - } - } - - CACKEY_DEBUG_PRINTF(" ... returning (%p/%lu)", pValue, (unsigned long) ulValueLen); - - break; - case CKA_SUBJECT: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_SUBJECT (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (objectclass != CKO_CERTIFICATE) { - CACKEY_DEBUG_PRINTF(" ... but not getting it because we are not a certificate."); - - break; - } - - if (certificate_len >= 0) { - x509_read_ret = x509_to_subject(certificate, certificate_len, &pValue); - if (x509_read_ret < 0) { - pValue = NULL; - } else { - ulValueLen = x509_read_ret; - } - } - - CACKEY_DEBUG_PRINTF(" ... returning %p/%lu", pValue, (unsigned long) ulValueLen); - - break; - case CKA_ID: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_ID (0x%08lx) ...", (unsigned long) curr_attr_type); - - ucTmpBuf[0] = ((identity_num + 1) >> 8) & 0xff; - ucTmpBuf[1] = (identity_num + 1) & 0xff; - - pValue = &ucTmpBuf; - ulValueLen = 2; - - CACKEY_DEBUG_PRINTF(" ... returning %p/%lu", pValue, (unsigned long) ulValueLen); - - break; - case CKA_CERTIFICATE_TYPE: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_CERTIFICATE_TYPE (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (objectclass != CKO_CERTIFICATE) { - CACKEY_DEBUG_PRINTF(" ... but not getting it because we are not a certificate."); - - break; - } - - /* We only support one certificate type */ - ck_certificate_type = CKC_X_509; - - pValue = &ck_certificate_type; - ulValueLen = sizeof(ck_certificate_type); - - CACKEY_DEBUG_PRINTF(" ... returning CKC_X_509 (%lu) (%p/%lu)", (unsigned long) *((CK_CERTIFICATE_TYPE *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_KEY_TYPE: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_KEY_TYPE (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (objectclass != CKO_PRIVATE_KEY && objectclass != CKO_PUBLIC_KEY) { - CACKEY_DEBUG_PRINTF(" ... but not getting it because we are not a key."); - - break; - } - - /* We only support one key type */ - ck_key_type = CKK_RSA; - - pValue = &ck_key_type; - ulValueLen = sizeof(ck_key_type); - - CACKEY_DEBUG_PRINTF(" ... returning CKK_RSA (%lu) (%p/%lu)", (unsigned long) *((CK_CERTIFICATE_TYPE *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_SIGN: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_SIGN (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (objectclass == CKO_PRIVATE_KEY) { - pValue = &ck_true; - ulValueLen = sizeof(ck_true); - } else { - pValue = &ck_false; - ulValueLen = sizeof(ck_false); - } - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_SIGN_RECOVER: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_SIGN_RECOVER (0x%08lx) ...", (unsigned long) curr_attr_type); - - /* We currently only support "Sign with Appendix" */ - pValue = &ck_false; - ulValueLen = sizeof(ck_false); - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_DECRYPT: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_DECRYPT (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (objectclass == CKO_PRIVATE_KEY || objectclass == CKO_PUBLIC_KEY) { - pValue = &ck_true; - ulValueLen = sizeof(ck_true); - } else { - pValue = &ck_false; - ulValueLen = sizeof(ck_false); - } - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_SENSITIVE: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_SENSITIVE (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (objectclass == CKO_PRIVATE_KEY) { - pValue = &ck_true; - ulValueLen = sizeof(ck_true); - } else { - pValue = &ck_false; - ulValueLen = sizeof(ck_false); - } - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_EXTRACTABLE: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_EXTRACTABLE (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (objectclass == CKO_PRIVATE_KEY) { - pValue = &ck_false; - ulValueLen = sizeof(ck_true); - } else { - pValue = &ck_true; - ulValueLen = sizeof(ck_false); - } - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_MODULUS: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_MODULUS (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (certificate_len >= 0) { - x509_read_ret = x509_to_modulus(certificate, certificate_len, &pValue); - if (x509_read_ret < 0) { - pValue = NULL; - } else { - ulValueLen = x509_read_ret; - } - } - - CACKEY_DEBUG_PRINTF(" ... returning (%p/%lu)", pValue, (unsigned long) ulValueLen); - - break; - case CKA_PUBLIC_EXPONENT: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_PUBLIC_EXPONENT (0x%08lx) ...", (unsigned long) curr_attr_type); - - if (certificate_len >= 0) { - x509_read_ret = x509_to_exponent(certificate, certificate_len, &pValue); - if (x509_read_ret < 0) { - pValue = NULL; - } else { - ulValueLen = x509_read_ret; - } - } - - CACKEY_DEBUG_PRINTF(" ... returning (%p/%lu)", pValue, (unsigned long) ulValueLen); - - break; - case CKA_TRUST_SERVER_AUTH: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_TRUST_SERVER_AUTH (0x%08lx) ...", (unsigned long) curr_attr_type); - - pValue = &ck_true; - ulValueLen = sizeof(ck_true); - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_TRUST_CLIENT_AUTH: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_TRUST_CLIENT_AUTH (0x%08lx) ...", (unsigned long) curr_attr_type); - - pValue = &ck_true; - ulValueLen = sizeof(ck_true); - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_TRUST_CODE_SIGNING: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_TRUST_CODE_SIGNING (0x%08lx) ...", (unsigned long) curr_attr_type); - - pValue = &ck_true; - ulValueLen = sizeof(ck_true); - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - case CKA_TRUST_EMAIL_PROTECTION: - CACKEY_DEBUG_PRINTF("Requesting attribute CKA_TRUST_EMAIL_PROTECTION (0x%08lx) ...", (unsigned long) curr_attr_type); - - pValue = &ck_true; - ulValueLen = sizeof(ck_true); - - CACKEY_DEBUG_PRINTF(" ... returning %lu (%p/%lu)", (unsigned long) *((CK_BBOOL *) pValue), pValue, (unsigned long) ulValueLen); - - break; - default: - pValue = NULL; - ulValueLen = (CK_LONG) -1; - break; - } - - if (((CK_LONG) ulValueLen) != ((CK_LONG) -1)) { - /* Push curr_attr onto the stack */ - curr_attr.type = curr_attr_type; - curr_attr.ulValueLen = ulValueLen; - - curr_attr.pValue = malloc(curr_attr.ulValueLen); - memcpy(curr_attr.pValue, pValue, curr_attr.ulValueLen); - - if (pValue_free && pValue) { - free(pValue); - } - - if (numattrs >= retval_count) { - retval_count *= 2; - retval = realloc(retval, retval_count * sizeof(*retval)); - } - - memcpy(&retval[numattrs], &curr_attr, sizeof(curr_attr)); - numattrs++; - } - } - - if (numattrs != 0) { - retval_count = numattrs; - retval = realloc(retval, retval_count * sizeof(*retval)); - } else { - free(retval); - - retval = NULL; - } - - *pulCount = numattrs; - - CACKEY_DEBUG_PRINTF("Returning %lu objects (%p).", numattrs, retval); - - return(retval); -} - -static void cackey_free_identities(struct cackey_identity *identities, unsigned long identities_count) { - CK_ATTRIBUTE *curr_attr; - unsigned long id_idx, attr_idx; - - if (identities == NULL || identities_count == 0) { - return; - } - - for (id_idx = 0; id_idx < identities_count; id_idx++) { - if (identities[id_idx].attributes) { - for (attr_idx = 0; attr_idx < identities[id_idx].attributes_count; attr_idx++) { - curr_attr = &identities[id_idx].attributes[attr_idx]; - - if (curr_attr->pValue) { - free(curr_attr->pValue); - } - } - - if (identities[id_idx].attributes) { - free(identities[id_idx].attributes); - } - - cackey_free_certs(identities[id_idx].pcsc_identity, 1, 1); - } - } - - free(identities); -} - -static struct cackey_identity *cackey_read_identities(struct cackey_slot *slot, unsigned long *ids_found) { - struct cackey_pcsc_identity *pcsc_identities; - struct cackey_identity *identities; - unsigned long num_ids, id_idx, curr_id_type; - unsigned long num_certs, cert_idx; - - CACKEY_DEBUG_PRINTF("Called."); - - if (ids_found == NULL) { - CACKEY_DEBUG_PRINTF("Error. ids_found is NULL"); - - return(NULL); - } - - pcsc_identities = cackey_read_certs(slot, NULL, &num_certs); - if (pcsc_identities != NULL) { - /* Convert number of Certs to number of objects */ - num_ids = (CKO_PRIVATE_KEY - CKO_CERTIFICATE + 1) * num_certs; - - identities = malloc(num_ids * sizeof(*identities)); - - id_idx = 0; - for (cert_idx = 0; cert_idx < num_certs; cert_idx++) { - for (curr_id_type = CKO_CERTIFICATE; curr_id_type <= CKO_PRIVATE_KEY; curr_id_type++) { - identities[id_idx].attributes = cackey_get_attributes(curr_id_type, &pcsc_identities[cert_idx], cert_idx, &identities[id_idx].attributes_count); - - if (identities[id_idx].attributes == NULL) { - identities[id_idx].attributes_count = 0; - } - - identities[id_idx].pcsc_identity = malloc(sizeof(*identities[id_idx].pcsc_identity)); - memcpy(identities[id_idx].pcsc_identity, &pcsc_identities[cert_idx], sizeof(*identities[id_idx].pcsc_identity)); - - identities[id_idx].pcsc_identity->certificate = malloc(pcsc_identities[cert_idx].certificate_len); - memcpy(identities[id_idx].pcsc_identity->certificate, pcsc_identities[cert_idx].certificate, pcsc_identities[cert_idx].certificate_len); - - id_idx++; - } - } - - cackey_free_certs(pcsc_identities, num_certs, 1); - - *ids_found = num_ids; - return(identities); - } - - *ids_found = 0; - return(NULL); -} - -CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(CK_VOID_PTR pInitArgs) { - CK_C_INITIALIZE_ARGS CK_PTR args; - uint32_t idx; - int mutex_init_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - if (cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Already initialized."); - - return(CKR_CRYPTOKI_ALREADY_INITIALIZED); - } - - if (pInitArgs != NULL) { - args = pInitArgs; - memcpy(&cackey_args, args, sizeof(cackey_args)); - - if (args->CreateMutex == NULL || args->DestroyMutex == NULL || args->LockMutex == NULL || args->UnlockMutex == NULL) { - if (args->CreateMutex != NULL || args->DestroyMutex != NULL || args->LockMutex != NULL || args->UnlockMutex != NULL) { - CACKEY_DEBUG_PRINTF("Error. Some, but not All threading primitives provided."); - - return(CKR_ARGUMENTS_BAD); - } - } - } else { - cackey_args.CreateMutex = NULL; - cackey_args.DestroyMutex = NULL; - cackey_args.LockMutex = NULL; - cackey_args.UnlockMutex = NULL; - cackey_args.flags = 0; - } - - for (idx = 0; idx < (sizeof(cackey_sessions) / sizeof(cackey_sessions[0])); idx++) { - cackey_sessions[idx].active = 0; - } - - for (idx = 0; idx < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); idx++) { - cackey_slots[idx].active = 0; - cackey_slots[idx].pcsc_reader = NULL; - cackey_slots[idx].transaction_depth = 0; - cackey_slots[idx].transaction_need_hw_lock = 0; - cackey_slots[idx].slot_reset = 0; - cackey_slots[idx].token_flags = 0; - cackey_slots[idx].label = NULL; - } - - cackey_initialized = 1; - - if (!cackey_biglock_init) { - mutex_init_ret = cackey_mutex_create(&cackey_biglock); - - if (mutex_init_ret != 0) { - CACKEY_DEBUG_PRINTF("Error. Mutex initialization failed."); - - return(CKR_CANT_LOCK); - } - - cackey_biglock_init = 1; - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_Finalize)(CK_VOID_PTR pReserved) { - uint32_t idx; - - CACKEY_DEBUG_PRINTF("Called."); - - if (pReserved != NULL) { - CACKEY_DEBUG_PRINTF("Error. pReserved is not NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - for (idx = 0; idx < (sizeof(cackey_sessions) / sizeof(cackey_sessions[0])); idx++) { - if (cackey_sessions[idx].active) { - C_CloseSession(idx); - } - } - - cackey_slots_disconnect_all(); - - for (idx = 0; idx < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); idx++) { - if (cackey_slots[idx].pcsc_reader) { - free(cackey_slots[idx].pcsc_reader); - } - } - - cackey_pcsc_disconnect(); - - cackey_initialized = 0; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GetInfo)(CK_INFO_PTR pInfo) { - static CK_UTF8CHAR manufacturerID[] = "U.S. Government"; - static CK_UTF8CHAR libraryDescription[] = "CACKey"; - - CACKEY_DEBUG_PRINTF("Called."); - - if (pInfo == NULL) { - CACKEY_DEBUG_PRINTF("Error. pInfo is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - pInfo->cryptokiVersion.major = ((CACKEY_CRYPTOKI_VERSION_CODE) >> 16) & 0xff; - pInfo->cryptokiVersion.minor = ((CACKEY_CRYPTOKI_VERSION_CODE) >> 8) & 0xff; - - memset(pInfo->manufacturerID, ' ', sizeof(pInfo->manufacturerID)); - memcpy(pInfo->manufacturerID, manufacturerID, sizeof(manufacturerID) - 1); - - pInfo->flags = 0x00; - - memset(pInfo->libraryDescription, ' ', sizeof(pInfo->libraryDescription)); - memcpy(pInfo->libraryDescription, libraryDescription, sizeof(libraryDescription) - 1); - - pInfo->libraryVersion.major = (cackey_getversion() >> 16) & 0xff; - pInfo->libraryVersion.minor = (cackey_getversion() >> 8) & 0xff; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -/* - * Process list of readers, and create mapping between reader name and slot ID - */ -CK_DEFINE_FUNCTION(CK_RV, C_GetSlotList)(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) { - int mutex_retval; - int pcsc_connect_ret; - CK_ULONG count, slot_count = 0, currslot; - char *pcsc_readers, *pcsc_readers_s, *pcsc_readers_e; - DWORD pcsc_readers_len; - LONG scard_listreaders_ret; - size_t curr_reader_len; - - CACKEY_DEBUG_PRINTF("Called."); - - if (pulCount == NULL) { - CACKEY_DEBUG_PRINTF("Error. pulCount is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - /* Clear list of slots */ - if (pSlotList) { - CACKEY_DEBUG_PRINTF("Purging all slot information."); - - /* Only update the list of slots if we are actually being supply the slot information */ - cackey_slots_disconnect_all(); - - for (currslot = 0; currslot < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); currslot++) { - if (cackey_slots[currslot].pcsc_reader) { - free(cackey_slots[currslot].pcsc_reader); - - cackey_slots[currslot].pcsc_reader = NULL; - } - - if (cackey_slots[currslot].label) { - free(cackey_slots[currslot].label); - - cackey_slots[currslot].label = NULL; - } - - cackey_slots[currslot].active = 0; - } - } - - /* Determine list of readers */ - pcsc_connect_ret = cackey_pcsc_connect(); - if (pcsc_connect_ret != CACKEY_PCSC_S_OK) { - CACKEY_DEBUG_PRINTF("Connection to PC/SC failed, assuming no slots"); - - slot_count = 0; - } else { - pcsc_readers_len = 0; - - scard_listreaders_ret = SCardListReaders(*cackey_pcsc_handle, NULL, NULL, &pcsc_readers_len); - - if (scard_listreaders_ret == SCARD_F_COMM_ERROR) { - CACKEY_DEBUG_PRINTF("Error. SCardListReaders() returned SCARD_F_COMM_ERROR, assuming Connection to PC/SC went away. Reconnecting."); - - cackey_pcsc_disconnect(); - cackey_pcsc_connect(); - - CACKEY_DEBUG_PRINTF("Trying SCardListReaders() again"); - scard_listreaders_ret = SCardListReaders(*cackey_pcsc_handle, NULL, NULL, &pcsc_readers_len); - } - - if (scard_listreaders_ret == SCARD_S_SUCCESS && pcsc_readers_len != 0) { - pcsc_readers = malloc(pcsc_readers_len); - pcsc_readers_s = pcsc_readers; - - scard_listreaders_ret = SCardListReaders(*cackey_pcsc_handle, NULL, pcsc_readers, &pcsc_readers_len); - if (scard_listreaders_ret == SCARD_S_SUCCESS) { - pcsc_readers_e = pcsc_readers + pcsc_readers_len; - - /* Start with Slot ID 1, to avoid a bug in GDM on RHEL */ - /* Bug 594911: https://bugzilla.redhat.com/show_bug.cgi?id=594911 */ - currslot = 1; - while (pcsc_readers < pcsc_readers_e) { - curr_reader_len = strlen(pcsc_readers); - - if ((pcsc_readers + curr_reader_len) > pcsc_readers_e) { - break; - } - - if (curr_reader_len == 0) { - break; - } - - if (currslot >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Found more readers than slots are available!"); - - break; - } - - CACKEY_DEBUG_PRINTF("Found reader: %s", pcsc_readers); - - /* Only update the list of slots if we are actually being asked supply the slot information */ - if (pSlotList) { - cackey_slots[currslot].active = 1; - cackey_slots[currslot].pcsc_reader = strdup(pcsc_readers); - cackey_slots[currslot].pcsc_card_connected = 0; - cackey_slots[currslot].transaction_depth = 0; - cackey_slots[currslot].transaction_need_hw_lock = 0; - cackey_slots[currslot].slot_reset = 1; - cackey_slots[currslot].token_flags = CKF_LOGIN_REQUIRED; - cackey_slots[currslot].label = NULL; - - cackey_mark_slot_reset(&cackey_slots[currslot]); - } - currslot++; - - pcsc_readers += curr_reader_len + 1; - } - - /* Start with Slot ID 1, to avoid a bug in GDM on RHEL */ - /* Bug 594911: https://bugzilla.redhat.com/show_bug.cgi?id=594911 */ - if (currslot > 1) { - /* Start with Slot ID 1, to avoid a bug in GDM on RHEL */ - /* Bug 594911: https://bugzilla.redhat.com/show_bug.cgi?id=594911 */ - slot_count = currslot - 1; - } - } else { - CACKEY_DEBUG_PRINTF("Second call to SCardListReaders failed, return %s/%li", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_listreaders_ret), (long) scard_listreaders_ret); - } - - free(pcsc_readers_s); - } else { - CACKEY_DEBUG_PRINTF("First call to SCardListReaders failed, return %s/%li", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_listreaders_ret), (long) scard_listreaders_ret); - } - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (pSlotList == NULL) { - *pulCount = slot_count; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i). Found %lu readers, but not storing IDs (pSlotList == NULL)", CKR_OK, (unsigned long) slot_count); - - return(CKR_OK); - } - - count = *pulCount; - if (count < slot_count) { - CACKEY_DEBUG_PRINTF("Error. User allocated %lu entries, but we have %lu entries.", count, slot_count); - - return(CKR_BUFFER_TOO_SMALL); - } - - for (currslot = 0; currslot < slot_count; currslot++) { - /* Start with Slot ID 1, to avoid a bug in GDM on RHEL */ - /* Bug 594911: https://bugzilla.redhat.com/show_bug.cgi?id=594911 */ - pSlotList[currslot] = currslot + 1; - } - - *pulCount = slot_count; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i). Found %lu readers.", CKR_OK, (unsigned long) slot_count); - - return(CKR_OK); - - tokenPresent = tokenPresent; /* Supress unused variable warning */ -} - -CK_DEFINE_FUNCTION(CK_RV, C_GetSlotInfo)(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) { - static CK_UTF8CHAR slotDescription[] = "CACKey Slot"; - int mutex_retval; - int bytes_to_copy; - - CACKEY_DEBUG_PRINTF("Called."); - - if (pInfo == NULL) { - CACKEY_DEBUG_PRINTF("Error. pInfo is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID); - - return(CKR_SLOT_ID_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].active == 0) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_SLOT_ID_INVALID); - } - - pInfo->flags = CKF_REMOVABLE_DEVICE | CKF_HW_SLOT; - - if (cackey_token_present(&cackey_slots[slotID]) == CACKEY_PCSC_S_TOKENPRESENT) { - pInfo->flags |= CKF_TOKEN_PRESENT; - } - - bytes_to_copy = strlen(cackey_slots[slotID].pcsc_reader); - if (sizeof(pInfo->manufacturerID) < bytes_to_copy) { - bytes_to_copy = sizeof(pInfo->manufacturerID); - } - memcpy(pInfo->manufacturerID, cackey_slots[slotID].pcsc_reader, bytes_to_copy); - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - memset(pInfo->slotDescription, ' ', sizeof(pInfo->slotDescription)); - memcpy(pInfo->slotDescription, slotDescription, sizeof(slotDescription) - 1); - - memset(pInfo->manufacturerID, ' ', sizeof(pInfo->manufacturerID)); - - pInfo->hardwareVersion.major = (cackey_getversion() >> 16) & 0xff; - pInfo->hardwareVersion.minor = (cackey_getversion() >> 8) & 0xff; - - pInfo->firmwareVersion.major = 0x00; - pInfo->firmwareVersion.minor = 0x00; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GetTokenInfo)(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo) { - static CK_UTF8CHAR manufacturerID[] = "U.S. Government"; - static CK_UTF8CHAR defaultLabel[] = "Unknown Token"; - static CK_UTF8CHAR model[] = "CAC Token"; - struct cackey_pcsc_identity *pcsc_identities; - unsigned long num_certs; - ssize_t label_ret; - int mutex_retval; - int use_default_label; - - CACKEY_DEBUG_PRINTF("Called."); - - if (pInfo == NULL) { - CACKEY_DEBUG_PRINTF("Error. pInfo is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID); - - return(CKR_SLOT_ID_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].active == 0) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_SLOT_ID_INVALID); - } - - if (cackey_token_present(&cackey_slots[slotID]) != CACKEY_PCSC_S_TOKENPRESENT) { - CACKEY_DEBUG_PRINTF("No token is present in slotID = %lu", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_TOKEN_NOT_PRESENT); - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - /* Determine token label from certificates */ - memset(pInfo->label, ' ', sizeof(pInfo->label)); - use_default_label = 1; - - if (cackey_slots[slotID].label == NULL) { - pcsc_identities = cackey_read_certs(&cackey_slots[slotID], NULL, &num_certs); - if (pcsc_identities != NULL) { - if (num_certs > 0) { - label_ret = cackey_pcsc_identity_to_label(pcsc_identities, pInfo->label, sizeof(pInfo->label)); - if (label_ret > 0) { - use_default_label = 0; - - cackey_slots[slotID].label = malloc(sizeof(pInfo->label)); - - memcpy(cackey_slots[slotID].label, pInfo->label, sizeof(pInfo->label)); - } - } - - cackey_free_certs(pcsc_identities, num_certs, 1); - } - } else { - memcpy(pInfo->label, cackey_slots[slotID].label, sizeof(pInfo->label)); - - use_default_label = 0; - } - - if (use_default_label) { - memcpy(pInfo->label, defaultLabel, sizeof(defaultLabel) - 1); - } - - memset(pInfo->manufacturerID, ' ', sizeof(pInfo->manufacturerID)); - memcpy(pInfo->manufacturerID, manufacturerID, sizeof(manufacturerID) - 1); - - memset(pInfo->model, ' ', sizeof(pInfo->model)); - memcpy(pInfo->model, model, sizeof(model) - 1); - - memset(pInfo->serialNumber, ' ', sizeof(pInfo->serialNumber)); - - memset(pInfo->utcTime, ' ', sizeof(pInfo->utcTime)); - - pInfo->hardwareVersion.major = (cackey_getversion() >> 16) & 0xff; - pInfo->hardwareVersion.minor = (cackey_getversion() >> 8) & 0xff; - - pInfo->firmwareVersion.major = 0x00; - pInfo->firmwareVersion.minor = 0x00; - - pInfo->flags = CKF_WRITE_PROTECTED | CKF_USER_PIN_INITIALIZED | CKF_TOKEN_INITIALIZED | cackey_slots[slotID].token_flags; - - pInfo->ulMaxSessionCount = (sizeof(cackey_sessions) / sizeof(cackey_sessions[0])) - 1; - pInfo->ulSessionCount = CK_UNAVAILABLE_INFORMATION; - pInfo->ulMaxRwSessionCount = 0; - pInfo->ulRwSessionCount = CK_UNAVAILABLE_INFORMATION; - pInfo->ulMaxPinLen = 128; - pInfo->ulMinPinLen = 0; - pInfo->ulTotalPublicMemory = CK_UNAVAILABLE_INFORMATION; - pInfo->ulFreePublicMemory = CK_UNAVAILABLE_INFORMATION; - pInfo->ulTotalPrivateMemory = CK_UNAVAILABLE_INFORMATION; - pInfo->ulFreePrivateMemory = CK_UNAVAILABLE_INFORMATION; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_WaitForSlotEvent)(CK_FLAGS flags, CK_SLOT_ID_PTR pSlotID, CK_VOID_PTR pReserved) { - CACKEY_DEBUG_PRINTF("Called."); - - if (pReserved != NULL) { - CACKEY_DEBUG_PRINTF("Error. pReserved is not NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - /* XXX: TODO: Implement this... */ - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismList)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (pulCount == NULL) { - CACKEY_DEBUG_PRINTF("Error. pulCount is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (pMechanismList == NULL) { - *pulCount = 2; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); - } - - if (*pulCount < 2) { - CACKEY_DEBUG_PRINTF("Error. Buffer too small."); - - return(CKR_BUFFER_TOO_SMALL); - } - - pMechanismList[0] = CKM_RSA_PKCS; - pMechanismList[1] = CKM_SHA1_RSA_PKCS; - *pulCount = 2; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GetMechanismInfo)(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR pInfo) { - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (pInfo == NULL) { - CACKEY_DEBUG_PRINTF("Error. pInfo is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID); - - return(CKR_SLOT_ID_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].active == 0) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_SLOT_ID_INVALID); - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - /* XXX: This is untested, and further I'm not really sure if this is correct. */ - switch (type) { - case CKM_RSA_PKCS: - pInfo->ulMinKeySize = 512; - pInfo->ulMaxKeySize = 8192; - pInfo->flags = CKF_HW | CKF_ENCRYPT | CKF_DECRYPT | CKF_SIGN | CKF_VERIFY; - break; - case CKM_RSA_X_509: - pInfo->ulMinKeySize = 512; - pInfo->ulMaxKeySize = 8192; - pInfo->flags = CKF_HW | CKF_ENCRYPT | CKF_DECRYPT | CKF_SIGN | CKF_VERIFY; - break; - case CKM_SHA1_RSA_PKCS: - pInfo->ulMinKeySize = 512; - pInfo->ulMaxKeySize = 8192; - pInfo->flags = CKF_HW | CKF_SIGN | CKF_VERIFY; - break; - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -/* We don't support this method. */ -CK_DEFINE_FUNCTION(CK_RV, C_InitToken)(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_TOKEN_WRITE_PROTECTED (%i)", CKR_TOKEN_WRITE_PROTECTED); - - return(CKR_TOKEN_WRITE_PROTECTED); -} - -/* We don't support this method. */ -CK_DEFINE_FUNCTION(CK_RV, C_InitPIN)(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_TOKEN_WRITE_PROTECTED (%i)", CKR_TOKEN_WRITE_PROTECTED); - - return(CKR_TOKEN_WRITE_PROTECTED); -} - -/* We don't support this method. */ -CK_DEFINE_FUNCTION(CK_RV, C_SetPIN)(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldPinLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewPinLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_OpenSession)(CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication, CK_NOTIFY notify, CK_SESSION_HANDLE_PTR phSession) { - unsigned long idx; - int mutex_retval; - int found_session = 0; - - CACKEY_DEBUG_PRINTF("Called."); - - if ((flags & CKF_SERIAL_SESSION) != CKF_SERIAL_SESSION) { - return(CKR_SESSION_PARALLEL_NOT_SUPPORTED); - } - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID); - - return(CKR_SLOT_ID_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].active == 0) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_SLOT_ID_INVALID); - } - - /* Verify that the card is actually in the slot. */ - /* XXX: Check to make sure this is in the PKCS#11 specification */ - if (cackey_token_present(&cackey_slots[slotID]) != CACKEY_PCSC_S_TOKENPRESENT) { - CACKEY_DEBUG_PRINTF("Error. Card not present. Returning CKR_DEVICE_REMOVED"); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_DEVICE_REMOVED); - } - - for (idx = 1; idx < (sizeof(cackey_sessions) / sizeof(cackey_sessions[0])); idx++) { - if (!cackey_sessions[idx].active) { - found_session = 1; - - *phSession = idx; - - cackey_sessions[idx].active = 1; - cackey_sessions[idx].slotID = slotID; - cackey_sessions[idx].state = CKS_RO_PUBLIC_SESSION; - cackey_sessions[idx].flags = flags; - cackey_sessions[idx].ulDeviceError = 0; - cackey_sessions[idx].pApplication = pApplication; - cackey_sessions[idx].Notify = notify; - - cackey_sessions[idx].identities = NULL; - cackey_sessions[idx].identities_count = 0; - - cackey_sessions[idx].search_active = 0; - - cackey_sessions[idx].sign_active = 0; - - cackey_sessions[idx].decrypt_active = 0; - - cackey_sessions[idx].identities = cackey_read_identities(&cackey_slots[slotID], &cackey_sessions[idx].identities_count); - - - break; - } - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!found_session) { - CACKEY_DEBUG_PRINTF("Returning CKR_SESSION_COUNT (%i)", CKR_SESSION_COUNT); - - return(CKR_SESSION_COUNT); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_CloseSession)(CK_SESSION_HANDLE hSession) { - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - cackey_sessions[hSession].active = 0; - cackey_free_identities(cackey_sessions[hSession].identities, cackey_sessions[hSession].identities_count); - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_CloseAllSessions)(CK_SLOT_ID slotID) { - uint32_t idx; - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID); - - return(CKR_SLOT_ID_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].active == 0) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_SLOT_ID_INVALID); - } - - for (idx = 0; idx < (sizeof(cackey_sessions) / sizeof(cackey_sessions[0])); idx++) { - if (cackey_sessions[idx].active) { - if (cackey_sessions[idx].slotID != slotID) { - continue; - } - - cackey_mutex_unlock(cackey_biglock); - C_CloseSession(idx); - cackey_mutex_lock(cackey_biglock); - } - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GetSessionInfo)(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo) { - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (pInfo == NULL) { - CACKEY_DEBUG_PRINTF("Error. pInfo is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - pInfo->slotID = cackey_sessions[hSession].slotID; - pInfo->state = cackey_sessions[hSession].state; - pInfo->flags = cackey_sessions[hSession].flags; - pInfo->ulDeviceError = cackey_sessions[hSession].ulDeviceError; - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GetOperationState)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_SetOperationState)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen, CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_Login)(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen) { - CK_SLOT_ID slotID; - int mutex_retval; - int tries_remaining; - int login_ret; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (userType != CKU_USER) { - CACKEY_DEBUG_PRINTF("Error. We only support USER mode, asked for %lu mode.", (unsigned long) userType) - - return(CKR_USER_TYPE_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - slotID = cackey_sessions[hSession].slotID; - - if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].active == 0) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_GENERAL_ERROR); - } - - login_ret = cackey_login(&cackey_slots[slotID], pPin, ulPinLen, &tries_remaining); - if (login_ret != CACKEY_PCSC_S_OK) { - cackey_mutex_unlock(cackey_biglock); - - if (login_ret == CACKEY_PCSC_E_LOCKED) { - CACKEY_DEBUG_PRINTF("Error. Token is locked."); - - cackey_slots[slotID].token_flags |= CKF_USER_PIN_LOCKED; - - return(CKR_PIN_LOCKED); - } else if (login_ret == CACKEY_PCSC_E_BADPIN) { - CACKEY_DEBUG_PRINTF("Error. Invalid PIN."); - - cackey_slots[slotID].token_flags |= CKF_USER_PIN_COUNT_LOW; - - if (tries_remaining == 1) { - cackey_slots[slotID].token_flags |= CKF_USER_PIN_FINAL_TRY; - } - - return(CKR_PIN_INCORRECT); - } - - CACKEY_DEBUG_PRINTF("Error. Unknown error returned from cackey_login() (%i)", login_ret); - - return(CKR_GENERAL_ERROR); - } - - cackey_slots[slotID].token_flags &= ~(CKF_USER_PIN_LOCKED | CKF_USER_PIN_COUNT_LOW | CKF_LOGIN_REQUIRED | CKF_USER_PIN_FINAL_TRY); - - cackey_sessions[hSession].state = CKS_RO_USER_FUNCTIONS; - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_Logout)(CK_SESSION_HANDLE hSession) { - CK_SLOT_ID slotID; - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - slotID = cackey_sessions[hSession].slotID; - - if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].active == 0) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_GENERAL_ERROR); - } - - cackey_sessions[hSession].state = CKS_RO_PUBLIC_SESSION; - cackey_slots[slotID].token_flags = CKF_LOGIN_REQUIRED; - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_CreateObject)(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phObject) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_CopyObject)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phNewObject) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DestroyObject)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GetObjectSize)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GetAttributeValue)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) { - CK_ATTRIBUTE *curr_attr; - struct cackey_identity *identity; - unsigned long identity_idx, attr_idx, sess_attr_idx, num_ids; - int mutex_retval; - CK_RV retval = CKR_OK; - CK_VOID_PTR pValue; - CK_ULONG ulValueLen; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (hObject == 0) { - CACKEY_DEBUG_PRINTF("Error. Object handle out of range."); - - return(CKR_OBJECT_HANDLE_INVALID); - } - - if (ulCount == 0) { - /* Short circuit, if zero objects were specified return zero items immediately */ - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i) (short circuit)", CKR_OK); - - return(CKR_OK); - } - - if (pTemplate == NULL) { - CACKEY_DEBUG_PRINTF("Error. pTemplate is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - identity_idx = hObject - 1; - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - num_ids = cackey_sessions[hSession].identities_count; - - if (identity_idx >= num_ids) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Object handle out of range. identity_idx = %lu, num_ids = %lu.", (unsigned long) identity_idx, (unsigned long) num_ids); - - return(CKR_OBJECT_HANDLE_INVALID); - } - - identity = &cackey_sessions[hSession].identities[identity_idx]; - - for (attr_idx = 0; attr_idx < ulCount; attr_idx++) { - curr_attr = &pTemplate[attr_idx]; - - pValue = NULL; - ulValueLen = (CK_LONG) -1; - - CACKEY_DEBUG_PRINTF("Looking for attribute 0x%08lx (identity:%lu) ...", (unsigned long) curr_attr->type, (unsigned long) identity_idx); - - for (sess_attr_idx = 0; sess_attr_idx < identity->attributes_count; sess_attr_idx++) { - if (identity->attributes[sess_attr_idx].type == curr_attr->type) { - CACKEY_DEBUG_PRINTF(" ... found it, pValue = %p, ulValueLen = %lu", identity->attributes[sess_attr_idx].pValue, identity->attributes[sess_attr_idx].ulValueLen); - - pValue = identity->attributes[sess_attr_idx].pValue; - ulValueLen = identity->attributes[sess_attr_idx].ulValueLen; - } - } - - if (curr_attr->pValue && pValue) { - if (curr_attr->ulValueLen >= ulValueLen) { - memcpy(curr_attr->pValue, pValue, ulValueLen); - } else { - ulValueLen = (CK_LONG) -1; - - retval = CKR_BUFFER_TOO_SMALL; - } - } - - curr_attr->ulValueLen = ulValueLen; - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (retval == CKR_ATTRIBUTE_TYPE_INVALID) { - CACKEY_DEBUG_PRINTF("Returning CKR_ATTRIBUTE_TYPE_INVALID (%i)", (int) retval); - } else if (retval == CKR_BUFFER_TOO_SMALL) { - CACKEY_DEBUG_PRINTF("Returning CKR_BUFFER_TOO_SMALL (%i)", (int) retval); - } else if (retval == CKR_OK) { - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", (int) retval); - } else { - CACKEY_DEBUG_PRINTF("Returning %i", (int) retval); - } - - return(retval); -} - -CK_DEFINE_FUNCTION(CK_RV, C_SetAttributeValue)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsInit)(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) { - CK_SLOT_ID slotID; - CK_ULONG idx; - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (cackey_sessions[hSession].search_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Search already active."); - - return(CKR_OPERATION_ACTIVE); - } - - slotID = cackey_sessions[hSession].slotID; - - if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].active == 0) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].slot_reset) { - CACKEY_DEBUG_PRINTF("The slot has been reset since we last looked for identities -- rescanning"); - - if (cackey_sessions[hSession].identities != NULL) { - cackey_free_identities(cackey_sessions[hSession].identities, cackey_sessions[hSession].identities_count); - - cackey_sessions[hSession].identities = NULL; - cackey_sessions[hSession].identities_count = 0; - } - - if (cackey_slots[slotID].label != NULL) { - free(cackey_slots[slotID].label); - cackey_slots[slotID].label = NULL; - } - - cackey_mark_slot_reset(&cackey_slots[slotID]); - cackey_slots[slotID].slot_reset = 0; - } - - if (cackey_sessions[hSession].identities == NULL) { - cackey_sessions[hSession].identities = cackey_read_identities(&cackey_slots[slotID], &cackey_sessions[hSession].identities_count); - } - - if (pTemplate != NULL) { - if (ulCount != 0) { - cackey_sessions[hSession].search_query_count = ulCount; - cackey_sessions[hSession].search_query = malloc(ulCount * sizeof(*pTemplate)); - - memcpy(cackey_sessions[hSession].search_query, pTemplate, ulCount * sizeof(*pTemplate)); - for (idx = 0; idx < ulCount; idx++) { - if (pTemplate[idx].ulValueLen == 0) { - cackey_sessions[hSession].search_query[idx].pValue = NULL; - - continue; - } - - cackey_sessions[hSession].search_query[idx].pValue = malloc(pTemplate[idx].ulValueLen); - - if (cackey_sessions[hSession].search_query[idx].pValue) { - memcpy(cackey_sessions[hSession].search_query[idx].pValue, pTemplate[idx].pValue, pTemplate[idx].ulValueLen); - } - } - } else { - cackey_sessions[hSession].search_query_count = 0; - cackey_sessions[hSession].search_query = NULL; - } - } else { - if (ulCount != 0) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Search query specified as NULL, but number of query terms not specified as 0."); - - return(CKR_ARGUMENTS_BAD); - } - - cackey_sessions[hSession].search_query_count = 0; - cackey_sessions[hSession].search_query = NULL; - } - - cackey_sessions[hSession].search_active = 1; - cackey_sessions[hSession].search_curr_id = 0; - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_FindObjects)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject, CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount) { - struct cackey_identity *curr_id; - CK_ATTRIBUTE *curr_attr; - CK_ULONG curr_id_idx, curr_out_id_idx, curr_attr_idx, sess_attr_idx; - CK_ULONG matched_count, prev_matched_count; - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (pulObjectCount == NULL) { - CACKEY_DEBUG_PRINTF("Error. pulObjectCount is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (phObject == NULL && ulMaxObjectCount == 0) { - /* Short circuit, if zero objects were specified return zero items immediately */ - *pulObjectCount = 0; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i) (short circuit)", CKR_OK); - - return(CKR_OK); - } - - if (phObject == NULL) { - CACKEY_DEBUG_PRINTF("Error. phObject is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (ulMaxObjectCount == 0) { - CACKEY_DEBUG_PRINTF("Error. Maximum number of objects specified as zero."); - - return(CKR_ARGUMENTS_BAD); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (!cackey_sessions[hSession].search_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Search not active."); - - return(CKR_OPERATION_NOT_INITIALIZED); - } - - curr_out_id_idx = 0; - for (curr_id_idx = cackey_sessions[hSession].search_curr_id; curr_id_idx < cackey_sessions[hSession].identities_count && ulMaxObjectCount; curr_id_idx++) { - curr_id = &cackey_sessions[hSession].identities[curr_id_idx]; - - CACKEY_DEBUG_PRINTF("Processing identity:%lu", (unsigned long) curr_id_idx); - - matched_count = 0; - - for (curr_attr_idx = 0; curr_attr_idx < cackey_sessions[hSession].search_query_count; curr_attr_idx++) { - prev_matched_count = matched_count; - - curr_attr = &cackey_sessions[hSession].search_query[curr_attr_idx]; - - CACKEY_DEBUG_PRINTF(" Checking for attribute 0x%08lx in identity:%i...", (unsigned long) curr_attr->type, (int) curr_id_idx); - CACKEY_DEBUG_PRINTBUF(" Value looking for:", curr_attr->pValue, curr_attr->ulValueLen); - - for (sess_attr_idx = 0; sess_attr_idx < curr_id->attributes_count; sess_attr_idx++) { - if (curr_id->attributes[sess_attr_idx].type == curr_attr->type) { - CACKEY_DEBUG_PRINTF(" ... found matching type ..."); - CACKEY_DEBUG_PRINTBUF(" ... our value:", curr_id->attributes[sess_attr_idx].pValue, curr_id->attributes[sess_attr_idx].ulValueLen); - - if (curr_attr->pValue == NULL) { - CACKEY_DEBUG_PRINTF(" ... found wildcard match"); - - matched_count++; - - break; - } - - if (curr_attr->ulValueLen == curr_id->attributes[sess_attr_idx].ulValueLen && memcmp(curr_attr->pValue, curr_id->attributes[sess_attr_idx].pValue, curr_id->attributes[sess_attr_idx].ulValueLen) == 0) { - CACKEY_DEBUG_PRINTF(" ... found exact match"); - - matched_count++; - - break; - } - } - } - - /* If the attribute could not be matched, do not try to match additional attributes */ - if (prev_matched_count == matched_count) { - break; - } - } - - if (matched_count == cackey_sessions[hSession].search_query_count) { - CACKEY_DEBUG_PRINTF(" ... All %i attributes checked for found, adding identity:%i to returned list", (int) cackey_sessions[hSession].search_query_count, (int) curr_id_idx); - - phObject[curr_out_id_idx] = curr_id_idx + 1; - - ulMaxObjectCount--; - - curr_out_id_idx++; - } else { - CACKEY_DEBUG_PRINTF(" ... Not all %i (only found %i) attributes checked for found, not adding identity:%i", (int) cackey_sessions[hSession].search_query_count, (int) matched_count, (int) curr_id_idx); - } - } - cackey_sessions[hSession].search_curr_id = curr_id_idx; - *pulObjectCount = curr_out_id_idx; - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i), num objects = %lu", CKR_OK, *pulObjectCount); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsFinal)(CK_SESSION_HANDLE hSession) { - CK_ULONG idx; - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (!cackey_sessions[hSession].search_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Search not active."); - - return(CKR_OPERATION_NOT_INITIALIZED); - } - - cackey_sessions[hSession].search_active = 0; - - for (idx = 0; idx < cackey_sessions[hSession].search_query_count; idx++) { - if (cackey_sessions[hSession].search_query[idx].pValue) { - free(cackey_sessions[hSession].search_query[idx].pValue); - } - } - - if (cackey_sessions[hSession].search_query) { - free(cackey_sessions[hSession].search_query); - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_EncryptInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_Encrypt)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_EncryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_EncryptFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pulLastEncryptedPartLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DecryptInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { - int mutex_retval; - - hKey--; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (pMechanism == NULL) { - CACKEY_DEBUG_PRINTF("Error. pMechanism is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (pMechanism->mechanism != CKM_RSA_PKCS) { - CACKEY_DEBUG_PRINTF("Error. pMechanism->mechanism not specified as CKM_RSA_PKCS"); - - return(CKR_MECHANISM_PARAM_INVALID); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (cackey_sessions[hSession].decrypt_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Decrypt already in progress."); - - return(CKR_OPERATION_ACTIVE); - } - - if (hKey >= cackey_sessions[hSession].identities_count) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Key handle out of range (requested key %lu, only %lu identities available).", (unsigned long) hKey, (unsigned long) cackey_sessions[hSession].identities_count); - - return(CKR_KEY_HANDLE_INVALID); - } - - cackey_sessions[hSession].decrypt_active = 1; - - cackey_sessions[hSession].decrypt_mechanism = pMechanism->mechanism; - cackey_sessions[hSession].decrypt_mech_parm = pMechanism->pParameter; - cackey_sessions[hSession].decrypt_mech_parmlen = pMechanism->ulParameterLen; - cackey_sessions[hSession].decrypt_identity = &cackey_sessions[hSession].identities[hKey]; - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_Decrypt)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) { - CK_ULONG datalen_update, datalen_final; - CK_RV decrypt_ret; - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (pulDataLen == NULL) { - CACKEY_DEBUG_PRINTF("Error. pulDataLen is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - datalen_update = *pulDataLen; - - decrypt_ret = C_DecryptUpdate(hSession, pEncryptedData, ulEncryptedDataLen, pData, &datalen_update); - if (decrypt_ret != CKR_OK) { - CACKEY_DEBUG_PRINTF("Error. DecryptUpdate() returned failure (rv = %lu).", (unsigned long) decrypt_ret); - - if (decrypt_ret != CKR_BUFFER_TOO_SMALL) { - /* Terminate decryption operation */ - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (!cackey_sessions[hSession].decrypt_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Decrypt not active."); - - return(CKR_OPERATION_NOT_INITIALIZED); - } - - cackey_sessions[hSession].decrypt_active = 0; - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - } - - return(decrypt_ret); - } - - if (pData) { - pData += datalen_update; - } - datalen_final = *pulDataLen - datalen_update; - - decrypt_ret = C_DecryptFinal(hSession, pData, &datalen_final); - if (decrypt_ret != CKR_OK) { - CACKEY_DEBUG_PRINTF("Error. DecryptFinal() returned failure (rv = %lu).", (unsigned long) decrypt_ret); - - return(decrypt_ret); - } - - *pulDataLen = datalen_update + datalen_final; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DecryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) { - static CK_BYTE buf[16384]; - ssize_t buflen; - CK_SLOT_ID slotID; - CK_RV retval = CKR_GENERAL_ERROR; - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (pEncryptedPart == NULL && ulEncryptedPartLen == 0) { - /* Short circuit if we are asked to decrypt nothing... */ - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i) (short circuit)", CKR_OK); - - return(CKR_OK); - } - - if (pEncryptedPart == NULL) { - CACKEY_DEBUG_PRINTF("Error. pEncryptedPart is NULL, but ulEncryptedPartLen is not 0."); - - return(CKR_ARGUMENTS_BAD); - } - - if (ulEncryptedPartLen == 0) { - CACKEY_DEBUG_PRINTF("Error. ulEncryptedPartLen is 0, but pPart is not NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (pulPartLen == NULL) { - CACKEY_DEBUG_PRINTF("Error. pulPartLen is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (!cackey_sessions[hSession].decrypt_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Decrypt not active."); - - return(CKR_OPERATION_NOT_INITIALIZED); - } - - slotID = cackey_sessions[hSession].slotID; - - if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].active == 0) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_GENERAL_ERROR); - } - - switch (cackey_sessions[hSession].decrypt_mechanism) { - case CKM_RSA_PKCS: - /* Ask card to decrypt */ - buflen = cackey_signdecrypt(&cackey_slots[slotID], cackey_sessions[hSession].decrypt_identity, pEncryptedPart, ulEncryptedPartLen, buf, sizeof(buf), 0, 1); - - if (buflen < 0) { - /* Decryption failed. */ - if (buflen == CACKEY_PCSC_E_NEEDLOGIN) { - retval = CKR_USER_NOT_LOGGED_IN; - } else if (buflen == CACKEY_PCSC_E_TOKENABSENT) { - retval = CKR_DEVICE_REMOVED; - } else { - retval = CKR_GENERAL_ERROR; - } - } else if (((unsigned long) buflen) > *pulPartLen && pPart) { - /* Decrypted data too large */ - retval = CKR_BUFFER_TOO_SMALL; - } else { - if (pPart) { - memcpy(pPart, buf, buflen); - } - - *pulPartLen = buflen; - - retval = CKR_OK; - } - - break; - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning %i", (int) retval); - - return(retval); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DecryptFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen) { - int mutex_retval; - int terminate_decrypt = 1; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (pulLastPartLen == NULL) { - CACKEY_DEBUG_PRINTF("Error. pulLastPartLen is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (!cackey_sessions[hSession].decrypt_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Decrypt not active."); - - return(CKR_OPERATION_NOT_INITIALIZED); - } - - *pulLastPartLen = 0; - - if (pLastPart == NULL) { - terminate_decrypt = 0; - } - - if (terminate_decrypt) { - cackey_sessions[hSession].decrypt_active = 0; - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DigestInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_Digest)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DigestUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DigestKey)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DigestFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_SignInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { - int mutex_retval; - - hKey--; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (pMechanism == NULL) { - CACKEY_DEBUG_PRINTF("Error. pMechanism is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (pMechanism->mechanism != CKM_RSA_PKCS && pMechanism->mechanism != CKM_SHA1_RSA_PKCS) { - CACKEY_DEBUG_PRINTF("Error. pMechanism->mechanism not specified as CKM_RSA_PKCS or CKM_SHA1_RSA_PKCS"); - - return(CKR_MECHANISM_PARAM_INVALID); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (cackey_sessions[hSession].sign_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Sign already in progress."); - - return(CKR_OPERATION_ACTIVE); - } - - if (hKey >= cackey_sessions[hSession].identities_count) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Key handle out of range (requested key %lu, only %lu identities available).", (unsigned long) hKey, (unsigned long) cackey_sessions[hSession].identities_count); - - return(CKR_KEY_HANDLE_INVALID); - } - - cackey_sessions[hSession].sign_active = 1; - - cackey_sessions[hSession].sign_mechanism = pMechanism->mechanism; - - cackey_sessions[hSession].sign_buflen = 128; - cackey_sessions[hSession].sign_bufused = 0; - cackey_sessions[hSession].sign_buf = malloc(sizeof(*cackey_sessions[hSession].sign_buf) * cackey_sessions[hSession].sign_buflen); - - CACKEY_DEBUG_PRINTF("Session %lu sign_identity is %p (identity #%lu)", (unsigned long) hSession, &cackey_sessions[hSession].identities[hKey], (unsigned long) hKey); - cackey_sessions[hSession].sign_identity = &cackey_sessions[hSession].identities[hKey]; - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_Sign)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) { - unsigned long start_sign_bufused; - CK_RV sign_ret; - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - start_sign_bufused = cackey_sessions[hSession].sign_bufused; - - sign_ret = C_SignUpdate(hSession, pData, ulDataLen); - if (sign_ret != CKR_OK) { - CACKEY_DEBUG_PRINTF("Error. SignUpdate() returned failure (rv = %lu).", (unsigned long) sign_ret); - - if (sign_ret != CKR_BUFFER_TOO_SMALL) { - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (!cackey_sessions[hSession].sign_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Sign not active."); - - return(CKR_OPERATION_NOT_INITIALIZED); - } - - cackey_sessions[hSession].sign_active = 0; - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - } - - return(sign_ret); - } - - sign_ret = C_SignFinal(hSession, pSignature, pulSignatureLen); - if (sign_ret != CKR_OK) { - if (sign_ret == CKR_BUFFER_TOO_SMALL) { - CACKEY_DEBUG_PRINTF("SignFinal() returned CKR_BUFFER_TOO_SMALL (rv = %lu), undoing C_SignUpdate()", (unsigned long) sign_ret); - - cackey_sessions[hSession].sign_bufused = start_sign_bufused; - - return(sign_ret); - } - - CACKEY_DEBUG_PRINTF("Error. SignFinal() returned failure (rv = %lu).", (unsigned long) sign_ret); - - return(sign_ret); - } - - if (pSignature == NULL) { - CACKEY_DEBUG_PRINTF("pSignature specified as NULL, undoing C_SignUpdate()"); - - cackey_sessions[hSession].sign_bufused = start_sign_bufused; - - return(sign_ret); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_SignUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) { - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (pPart == NULL && ulPartLen == 0) { - /* Short circuit if we are asked to sign nothing... */ - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i) (short circuit)", CKR_OK); - - return(CKR_OK); - } - - if (pPart == NULL) { - CACKEY_DEBUG_PRINTF("Error. pPart is NULL, but ulPartLen is not 0."); - - return(CKR_ARGUMENTS_BAD); - } - - if (ulPartLen == 0) { - CACKEY_DEBUG_PRINTF("Error. ulPartLen is 0, but pPart is not NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (!cackey_sessions[hSession].sign_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Sign not active."); - - return(CKR_OPERATION_NOT_INITIALIZED); - } - - switch (cackey_sessions[hSession].sign_mechanism) { - case CKM_RSA_PKCS: - /* Accumulate directly */ - if ((cackey_sessions[hSession].sign_bufused + ulPartLen) > cackey_sessions[hSession].sign_buflen) { - cackey_sessions[hSession].sign_buflen *= 2; - - cackey_sessions[hSession].sign_buf = realloc(cackey_sessions[hSession].sign_buf, sizeof(*cackey_sessions[hSession].sign_buf) * cackey_sessions[hSession].sign_buflen); - } - - memcpy(cackey_sessions[hSession].sign_buf + cackey_sessions[hSession].sign_bufused, pPart, ulPartLen); - - cackey_sessions[hSession].sign_bufused += ulPartLen; - - break; - case CKM_SHA1_RSA_PKCS: - /* XXX: Accumulate into a SHA1 hash */ - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); - break; - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - -CK_DEFINE_FUNCTION(CK_RV, C_SignFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) { - static CK_BYTE sigbuf[1024]; - ssize_t sigbuflen; - CK_SLOT_ID slotID; - CK_RV retval = CKR_GENERAL_ERROR; - int terminate_sign = 1; - int mutex_retval; - - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - if (pulSignatureLen == NULL) { - CACKEY_DEBUG_PRINTF("Error. pulSignatureLen is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - if (hSession == 0 || hSession >= (sizeof(cackey_sessions) / sizeof(cackey_sessions[0]))) { - CACKEY_DEBUG_PRINTF("Error. Session out of range."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - mutex_retval = cackey_mutex_lock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Locking failed."); - - return(CKR_GENERAL_ERROR); - } - - if (!cackey_sessions[hSession].active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Session not active."); - - return(CKR_SESSION_HANDLE_INVALID); - } - - if (!cackey_sessions[hSession].sign_active) { - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Error. Sign not active."); - - return(CKR_OPERATION_NOT_INITIALIZED); - } - - slotID = cackey_sessions[hSession].slotID; - - if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID); - - return(CKR_GENERAL_ERROR); - } - - if (cackey_slots[slotID].active == 0) { - CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID); - - cackey_mutex_unlock(cackey_biglock); - - return(CKR_GENERAL_ERROR); - } - - switch (cackey_sessions[hSession].sign_mechanism) { - case CKM_RSA_PKCS: - /* Ask card to sign */ - CACKEY_DEBUG_PRINTF("Asking to sign from identity %p in session %lu", cackey_sessions[hSession].sign_identity, (unsigned long) hSession); - sigbuflen = cackey_signdecrypt(&cackey_slots[slotID], cackey_sessions[hSession].sign_identity, cackey_sessions[hSession].sign_buf, cackey_sessions[hSession].sign_bufused, sigbuf, sizeof(sigbuf), 1, 0); - - if (sigbuflen < 0) { - /* Signing failed. */ - if (sigbuflen == CACKEY_PCSC_E_NEEDLOGIN) { - retval = CKR_USER_NOT_LOGGED_IN; - } else if (sigbuflen == CACKEY_PCSC_E_TOKENABSENT) { - retval = CKR_DEVICE_REMOVED; - } else { - retval = CKR_GENERAL_ERROR; - } - } else if (((unsigned long) sigbuflen) > *pulSignatureLen && pSignature) { - /* Signed data too large */ - CACKEY_DEBUG_PRINTF("retval = CKR_BUFFER_TOO_SMALL; sigbuflen = %lu, pulSignatureLen = %lu", (unsigned long) sigbuflen, (unsigned long) *pulSignatureLen); - - retval = CKR_BUFFER_TOO_SMALL; - - terminate_sign = 0; - } else { - terminate_sign = 0; - - if (pSignature) { - memcpy(pSignature, sigbuf, sigbuflen); - - terminate_sign = 1; - } - - *pulSignatureLen = sigbuflen; - - retval = CKR_OK; - } - - break; - case CKM_SHA1_RSA_PKCS: - /* XXX: Accumulate into a SHA1 hash */ - cackey_mutex_unlock(cackey_biglock); - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); - break; - } - - if (terminate_sign) { - if (cackey_sessions[hSession].sign_buf) { - free(cackey_sessions[hSession].sign_buf); - } - - cackey_sessions[hSession].sign_active = 0; - } - - mutex_retval = cackey_mutex_unlock(cackey_biglock); - if (mutex_retval != 0) { - CACKEY_DEBUG_PRINTF("Error. Unlocking failed."); - - return(CKR_GENERAL_ERROR); - } - - CACKEY_DEBUG_PRINTF("Returning %i", (int) retval); - - return(retval); -} - -CK_DEFINE_FUNCTION(CK_RV, C_SignRecoverInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_SignRecover)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_VerifyInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_Verify)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_VerifyUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_VerifyFinal)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecoverInit)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_VerifyRecover)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DigestEncryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DecryptDigestUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_SignEncryptUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DecryptVerifyUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GenerateKey)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_WrapKey)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_UnwrapKey)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_DeriveKey)(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_SeedRandom)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -CK_DEFINE_FUNCTION(CK_RV, C_GenerateRandom)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen) { - CACKEY_DEBUG_PRINTF("Called."); - - if (!cackey_initialized) { - CACKEY_DEBUG_PRINTF("Error. Not initialized."); - - return(CKR_CRYPTOKI_NOT_INITIALIZED); - } - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED); - - return(CKR_FUNCTION_NOT_SUPPORTED); -} - -/* Deprecated Function */ -CK_DEFINE_FUNCTION(CK_RV, C_GetFunctionStatus)(CK_SESSION_HANDLE hSession) { - CACKEY_DEBUG_PRINTF("Called."); - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_PARALLEL (%i)", CKR_FUNCTION_NOT_PARALLEL); - - return(CKR_FUNCTION_NOT_PARALLEL); - - hSession = hSession; /* Supress unused variable warning */ -} - -/* Deprecated Function */ -CK_DEFINE_FUNCTION(CK_RV, C_CancelFunction)(CK_SESSION_HANDLE hSession) { - CACKEY_DEBUG_PRINTF("Called."); - - CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_PARALLEL (%i)", CKR_FUNCTION_NOT_PARALLEL); - - return(CKR_FUNCTION_NOT_PARALLEL); - - hSession = hSession; /* Supress unused variable warning */ -} - -CK_DEFINE_FUNCTION(CK_RV, C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList) { - CK_FUNCTION_LIST_PTR pFunctionList; - - CACKEY_DEBUG_PRINTF("Called."); - - if (ppFunctionList == NULL) { - CACKEY_DEBUG_PRINTF("Error. ppFunctionList is NULL."); - - return(CKR_ARGUMENTS_BAD); - } - - pFunctionList = malloc(sizeof(*pFunctionList)); - - pFunctionList->version.major = ((CACKEY_CRYPTOKI_VERSION_CODE) >> 16) & 0xff; - pFunctionList->version.minor = ((CACKEY_CRYPTOKI_VERSION_CODE) >> 8) & 0xff; - - pFunctionList->C_Initialize = C_Initialize; - pFunctionList->C_Finalize = C_Finalize; - pFunctionList->C_GetInfo = C_GetInfo; - pFunctionList->C_GetSlotList = C_GetSlotList; - pFunctionList->C_GetSlotInfo = C_GetSlotInfo; - pFunctionList->C_GetTokenInfo = C_GetTokenInfo; - pFunctionList->C_WaitForSlotEvent = C_WaitForSlotEvent; - pFunctionList->C_GetMechanismList = C_GetMechanismList; - pFunctionList->C_GetMechanismInfo = C_GetMechanismInfo; - pFunctionList->C_InitToken = C_InitToken; - pFunctionList->C_InitPIN = C_InitPIN; - pFunctionList->C_SetPIN = C_SetPIN; - pFunctionList->C_OpenSession = C_OpenSession; - pFunctionList->C_CloseSession = C_CloseSession; - pFunctionList->C_CloseAllSessions = C_CloseAllSessions; - pFunctionList->C_GetSessionInfo = C_GetSessionInfo; - pFunctionList->C_GetOperationState = C_GetOperationState; - pFunctionList->C_SetOperationState = C_SetOperationState; - pFunctionList->C_Login = C_Login; - pFunctionList->C_Logout = C_Logout; - pFunctionList->C_CreateObject = C_CreateObject; - pFunctionList->C_CopyObject = C_CopyObject; - pFunctionList->C_DestroyObject = C_DestroyObject; - pFunctionList->C_GetObjectSize = C_GetObjectSize; - pFunctionList->C_GetAttributeValue = C_GetAttributeValue; - pFunctionList->C_SetAttributeValue = C_SetAttributeValue; - pFunctionList->C_FindObjectsInit = C_FindObjectsInit; - pFunctionList->C_FindObjects = C_FindObjects; - pFunctionList->C_FindObjectsFinal = C_FindObjectsFinal; - pFunctionList->C_EncryptInit = C_EncryptInit; - pFunctionList->C_Encrypt = C_Encrypt; - pFunctionList->C_EncryptUpdate = C_EncryptUpdate; - pFunctionList->C_EncryptFinal = C_EncryptFinal; - pFunctionList->C_DecryptInit = C_DecryptInit; - pFunctionList->C_Decrypt = C_Decrypt; - pFunctionList->C_DecryptUpdate = C_DecryptUpdate; - pFunctionList->C_DecryptFinal = C_DecryptFinal; - pFunctionList->C_DigestInit = C_DigestInit; - pFunctionList->C_Digest = C_Digest; - pFunctionList->C_DigestUpdate = C_DigestUpdate; - pFunctionList->C_DigestKey = C_DigestKey; - pFunctionList->C_DigestFinal = C_DigestFinal; - pFunctionList->C_SignInit = C_SignInit; - pFunctionList->C_Sign = C_Sign; - pFunctionList->C_SignUpdate = C_SignUpdate; - pFunctionList->C_SignFinal = C_SignFinal; - pFunctionList->C_SignRecoverInit = C_SignRecoverInit; - pFunctionList->C_SignRecover = C_SignRecover; - pFunctionList->C_VerifyInit = C_VerifyInit; - pFunctionList->C_Verify = C_Verify; - pFunctionList->C_VerifyUpdate = C_VerifyUpdate; - pFunctionList->C_VerifyFinal = C_VerifyFinal; - pFunctionList->C_VerifyRecoverInit = C_VerifyRecoverInit; - pFunctionList->C_VerifyRecover = C_VerifyRecover; - pFunctionList->C_DigestEncryptUpdate = C_DigestEncryptUpdate; - pFunctionList->C_DecryptDigestUpdate = C_DecryptDigestUpdate; - pFunctionList->C_SignEncryptUpdate = C_SignEncryptUpdate; - pFunctionList->C_DecryptVerifyUpdate = C_DecryptVerifyUpdate; - pFunctionList->C_GenerateKey = C_GenerateKey; - pFunctionList->C_GenerateKeyPair = C_GenerateKeyPair; - pFunctionList->C_WrapKey = C_WrapKey; - pFunctionList->C_UnwrapKey = C_UnwrapKey; - pFunctionList->C_DeriveKey = C_DeriveKey; - pFunctionList->C_SeedRandom = C_SeedRandom; - pFunctionList->C_GenerateRandom = C_GenerateRandom; - pFunctionList->C_GetFunctionStatus = C_GetFunctionStatus; - pFunctionList->C_CancelFunction = C_CancelFunction; - pFunctionList->C_GetFunctionList = C_GetFunctionList; - - *ppFunctionList = pFunctionList; - - CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); - - return(CKR_OK); -} - DELETED cackey.spec Index: cackey.spec ================================================================== --- cackey.spec +++ /dev/null @@ -1,44 +0,0 @@ -Summary: PC/SC PKCS#11 Provider for Government Smartcards -Name: cackey -Version: @@VERS@@ -Release: 1 -License: Public Domain -Packager: Roy Keene -URL: https://software.forge.mil/sf/frs/do/listReleases/projects.community_cac/frs.cackey -Source: %{name}-%{version}.tar.gz -BuildRoot: %{_tmppath}/%{name}-%{version}-root -Group: System Environment/Libraries -Requires: pcsc-lite - - -%description -CACKey provides a standard interface (PKCS#11) for smartcards connected to a -PC/SC compliant reader. It performs a similar function to "CoolKey", but -only supports Government Smartcards. It supports all Government Smartcards -that implement the Government Smartcard Interoperability Specification (GSC-IS) -v2.1 or newer. - - -%prep -%setup -q - - -%build -CFLAGS="%{optflags}" \ - ./configure --prefix=%{_prefix} --libdir=%{_libdir} --mandir=%{_mandir} -make %{?_smp_mflags} - - -%install -if [ ! %{buildroot} = "/" ]; then %{__rm} -rf %{buildroot}; fi -make DESTDIR=%{buildroot} install - - -%clean -if [ ! %{buildroot} = "/" ]; then %{__rm} -rf %{buildroot}; fi - - -%files -%defattr(-,root,root) -%{_libdir}/libcackey.so -%{_libdir}/libcackey_g.so DELETED cackey_spm.c Index: cackey_spm.c ================================================================== --- cackey_spm.c +++ /dev/null @@ -1,113 +0,0 @@ -/* - * GSC-IS (v2.1) Service Call Level Service Provider Module for PC/SC Lite and - * DoD CAC/CACv2/PIV/PIVv2 Cards - */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -#include "cackey_spm.h" - -#ifdef HAVE_STDIO_H -# include -#endif -#ifdef HAVE_STDLIB_H -# include -#endif - -unsigned long gscBsiUtilAcquireContext(unsigned long hCard, unsigned char *AID, struct BSIAuthenticator strctAuthenticator[], unsigned long authNb) { -} - -unsigned long gscBsiUtilConnect(unsigned char *readerName, unsigned long *hCard) { -} - -unsigned long gscBsiUtilDisconnect(unsigned long hCard) { -} - -unsigned long gscBsiUtilBeginTransaction(unsigned long hCard, _Bool blType) { -} - -unsigned long gscBsiUtilEndTransaction(unsigned long hCard) { -} - -unsigned long gscBsiUtilGetVersion(unsigned char **version) { - int sprintf_ret; - - if (version == NULL) { - return(BSI_UNKNOWN_ERROR); - } - - if (*version == NULL) { - sprintf_ret = sprintf(NULL, "2,1,0,%s", PACKAGE_VERSION); - - if (sprintf_ret <= 0) { - return(BSI_UNKNOWN_ERROR); - } - - *version = malloc(sprintf_ret + 1); - } - - /* Hopefully their buffer is large enough ... */ - sprintf(*version, "2,1,0,%s", PACKAGE_VERSION); - - return(BSI_OK); -} - -unsigned long gscBsiUtilGetCardProperties(unsigned long hCard, unsigned char **CCCUniqueID, unsigned long *cardCapability) { -} - -unsigned long gscBsiUtilGetCardStatus(unsigned long hCard) { -} - -unsigned long gscBsiUtilGetExtendedErrorText(unsigned long hCard, unsigned char **errorText) { - if (errorText == NULL) { - return(BSI_UNKNOWN_ERROR); - } - - *errorText = NULL; - - return(BSI_NO_TEXT_AVAILABLE); -} - -unsigned long gscBsiUtilGetReaderList(unsigned char ***readerList) { -} - -unsigned long gscBsiUtilPassthru(unsigned long hCard, unsigned char *cardCommand, unsigned char **cardResponse) { -} - -unsigned long gscBsiUtilReleaseContext(unsigned long hCard, unsigned char *AID) { -} - -unsigned long gscBsiGcDataCreate(unsigned long hCard, unsigned char *AID, unsigned char tag, unsigned char *value) { -} - -unsigned long gscBsiGcDataDelete(unsigned long hCard, unsigned char *AID, unsigned char tag) { -} - -unsigned long gscBsiGcGetContainerProperties(unsigned long hCard, unsigned char *AID, struct GCacr *strctGCacr, struct GCContainerSize *strctContainerSizes, unsigned char **containerVersion) { -} - -unsigned long gscBsiGcReadTagList(unsigned long hCard, unsigned char *AID, unsigned char **tagArray) { -} - -unsigned long gscBsiGcReadValue(unsigned long hCard, unsigned char *AID, unsigned char tag, unsigned char **value) { -} - -unsigned long gscBsiGcUpdateValue(unsigned long hCard, unsigned char *AID, unsigned char tag, unsigned char *value) { -} - -unsigned long gscBsiGetChallenge(unsigned long hCard, unsigned char *AID, unsigned char **challenge) { -} - -unsigned long gscBsiSkiInternalAuthenticate(unsigned long hCard, unsigned char *AID, unsigned char algoID, unsigned char *challenge, unsigned char **cryptogram) { -} - -unsigned long gscBsiPkiCompute(unsigned long hCard, unsigned char *AID, unsigned char algoID, unsigned char *message, unsigned char **result) { -} - -unsigned long gscBsiPkiGetCertificate(unsigned long hCard, unsigned char *AID, unsigned char **Certificate) { -} - -unsigned long gscBsiGetCryptoProperties(unsigned long hCard, unsigned char *AID, struct CRYPTOacr *strctCRYPTOacr, unsigned long *keyLen) { -} DELETED cackey_spm.h Index: cackey_spm.h ================================================================== --- cackey_spm.h +++ /dev/null @@ -1,119 +0,0 @@ -/* - * GSC-IS (v2.1) Service Call Level Service Provider Module for PC/SC Lite and - * DoD CAC/CACv2/PIV/PIVv2 Cards - */ - -/* Access ... ? */ -#define BSI_AM_XAUTH 0x02 -#define BSI_AM_SECURE_CHANNEL_GP 0x04 -#define BSI_AM_PIN 0x06 -#define BSI_AM_SECURE_CHANNEL_ISO 0x0B - -/* Access Control Rules */ -#define BSI_ACR_ALWYS 0x00 -#define BSI_ACR_NEVER 0x01 -#define BSI_ACR_XAUTH 0x02 -#define BSI_ACR_XAUTH_OR_PIN 0x03 -#define BSI_SECURE_CHANNEL_GP 0x04 /* typo in spec? */ -#define BSI_ACR_SECURE_CHANNEL_GP 0x04 -#define BSI_ACR_PIN_ALWAYS 0x05 -#define BSI_ACR_PIN 0x06 -#define BSI_ACR_XAUTH_THEN_PIN 0x07 -#define BSI_ACR_UPDATE_ONCE 0x08 -#define BSI_ACR_PIN_THEN_XAUTH 0x09 -#define BSI_SECURE_CHANNEL_ISO 0x0B /* typo in spec? */ -#define BSI_ACR_SECURE_CHANNEL_ISO 0x0B -#define BSI_ACR_XAUTH_AND_PIN 0x0C - -/* Algorithms */ -#define BSI_CKM_DES3_ECB 0x81 -#define BSI_CKM_DES3_CBC 0x82 -#define BSI_CKM_RSA_NO_PAD 0xA3 - -/* Return Codes */ -#define BSI_OK 0x00 -#define BSI_ACCESS_DENIED 0x01 -#define BSI_ACR_NOT_AVAILABLE 0x02 -#define BSI_BAD_AID 0x03 -#define BSI_BAD_ALGO_ID 0x04 -#define BSI_BAD_AUTH 0x05 -#define BSI_BAD_HANDLE 0x06 -#define BSI_BAD_PARAM 0x07 -#define BSI_BAD_TAG 0x08 -#define BSI_CARD_ABSENT 0x09 -#define BSI_CARD_REMOVED 0x0A -#define BSI_NO_SPSSERVICE 0x0B -#define BSI_IO_ERROR 0x0C -#define BSI_INSUFFICIENT_BUFFER 0x0E -#define BSI_NO_CARDSERVICE 0x0F -#define BSI_NO_MORE_SPACE 0x10 -#define BSI_PIN_BLOCKED 0x11 -#define BSI_TAG_EXISTS 0x13 -#define BSI_TIMEOUT_ERROR 0x14 -#define BSI_TERMINAL_AUTH 0x15 -#define BSI_NO_TEXT_AVAILABLE 0x16 -#define BSI_UNKNOWN_ERROR 0x17 -#define BSI_UNKNOWN_READER 0x18 -#define BSI_SC_LOCKED 0x19 -#define BSI_NOT_TRANSACTED 0x20 - -#define MaxNbAM 50 - -struct BSIAcr { - unsigned long ACRType; - unsigned long keyIDOrReference[MaxNbAM]; - unsigned long AuthNb; - unsigned long ACRID; -}; - -struct GCacr { - struct BSIAcr createACR; - struct BSIAcr deleteACR; - struct BSIAcr readTagListACR; - struct BSIAcr readValueACR; - struct BSIAcr updateValueACR; -}; - -struct GCContainerSize { - unsigned long maxNbDataItems; - unsigned long maxValueStorageSize; - -}; - -struct CRYPTOacr { - struct BSIAcr getChallengeACR; - struct BSIAcr internalAuthenticateACR; - struct BSIAcr pkiComputeACR; - struct BSIAcr createACR; - struct BSIAcr deleteACR; - struct BSIAcr readTagListACR; - struct BSIAcr readValueACR; - struct BSIAcr updateValueACR; -}; - -struct BSIAuthenticator { -}; - -unsigned long gscBsiUtilAcquireContext(unsigned long hCard, unsigned char *AID, struct BSIAuthenticator strctAuthenticator[], unsigned long authNb); -unsigned long gscBsiUtilConnect(unsigned char *readerName, unsigned long *hCard); -unsigned long gscBsiUtilDisconnect(unsigned long hCard); -unsigned long gscBsiUtilBeginTransaction(unsigned long hCard, _Bool blType); -unsigned long gscBsiUtilEndTransaction(unsigned long hCard); -unsigned long gscBsiUtilGetVersion(unsigned char **version); -unsigned long gscBsiUtilGetCardProperties(unsigned long hCard, unsigned char **CCCUniqueID, unsigned long *cardCapability); -unsigned long gscBsiUtilGetCardStatus(unsigned long hCard); -unsigned long gscBsiUtilGetExtendedErrorText(unsigned long hCard, unsigned char **errorText); -unsigned long gscBsiUtilGetReaderList(unsigned char ***readerList); -unsigned long gscBsiUtilPassthru(unsigned long hCard, unsigned char *cardCommand, unsigned char **cardResponse); -unsigned long gscBsiUtilReleaseContext(unsigned long hCard, unsigned char *AID); -unsigned long gscBsiGcDataCreate(unsigned long hCard, unsigned char *AID, unsigned char tag, unsigned char *value); -unsigned long gscBsiGcDataDelete(unsigned long hCard, unsigned char *AID, unsigned char tag); -unsigned long gscBsiGcGetContainerProperties(unsigned long hCard, unsigned char *AID, struct GCacr *strctGCacr, struct GCContainerSize *strctContainerSizes, unsigned char **containerVersion); -unsigned long gscBsiGcReadTagList(unsigned long hCard, unsigned char *AID, unsigned char **tagArray); -unsigned long gscBsiGcReadValue(unsigned long hCard, unsigned char *AID, unsigned char tag, unsigned char **value); -unsigned long gscBsiGcUpdateValue(unsigned long hCard, unsigned char *AID, unsigned char tag, unsigned char *value); -unsigned long gscBsiGetChallenge(unsigned long hCard, unsigned char *AID, unsigned char **challenge); -unsigned long gscBsiSkiInternalAuthenticate(unsigned long hCard, unsigned char *AID, unsigned char algoID, unsigned char *challenge, unsigned char **cryptogram); -unsigned long gscBsiPkiCompute(unsigned long hCard, unsigned char *AID, unsigned char algoID, unsigned char *message, unsigned char **result); -unsigned long gscBsiPkiGetCertificate(unsigned long hCard, unsigned char *AID, unsigned char **Certificate); -unsigned long gscBsiGetCryptoProperties(unsigned long hCard, unsigned char *AID, struct CRYPTOacr *strctCRYPTOacr, unsigned long *keyLen); DELETED configure.ac Index: configure.ac ================================================================== --- configure.ac +++ /dev/null @@ -1,155 +0,0 @@ -AC_INIT(cackey, 0.5.21) -AC_CONFIG_HEADERS(config.h) - -dnl Locate standard tools -AC_PROG_CC -AC_PROG_MAKE_SET -AC_PROG_INSTALL -AC_AIX -AC_LANG(C) - -dnl Determine this platform -DC_CHK_OS_INFO - -dnl Determine how to create shared objects on this platform -DC_GET_SHOBJFLAGS - -ACX_PTHREAD(, [ - AC_MSG_WARN([Can not figure out how to compile with pthreads support, run-time will likely fail.]) -]) - -dnl Determine how to create static archives on this platform -AC_CHECK_TOOL(AR, ar) -AC_CHECK_TOOL(RANLIB, ranlib) - -dnl Determine how to strip executables -AC_CHECK_TOOL(STRIP, strip) - -dnl Check for all required headers -AC_CHECK_HEADERS(arpa/inet.h inttypes.h stdarg.h stdint.h stdio.h stdlib.h string.h sys/socket.h sys/types.h sys/un.h time.h unistd.h pthread.h zlib.h limits.h,,[ - AC_WARN([Required header missing, compilation will likely fail.]) -], [ -#ifdef HAVE_ARPA_INET_H -# include -#endif -#ifdef HAVE_INTTYPES_H -# include -#endif -#ifdef HAVE_STDARG_H -# include -#endif -#ifdef HAVE_STDINT_H -# include -#endif -#ifdef HAVE_STDIO_H -# include -#endif -#ifdef HAVE_STDLIB_H -# include -#endif -#ifdef HAVE_STRING_H -# include -#endif -#ifdef HAVE_SYS_SOCKET_H -# include -#endif -#ifdef HAVE_SYS_TYPES_H -# include -#endif -#ifdef HAVE_SYS_UN_H -# include -#endif -#ifdef HAVE_UNISTD_H -# include -#endif -#ifdef HAVE_TIME_H -# include -#endif -#ifdef HAVE_PTHREAD_H -# include -#endif -#ifdef HAVE_LIMITS_H -# include -#endif -#ifdef HAVE_ZLIB_H -# include -#endif -]) - -dnl Check for PC/SC headers and libraries -DC_PCSC - -dnl Check for ZLIB libraries -AC_CHECK_LIB(z, uncompress) - -dnl Verify that a basic program will compile -AC_MSG_CHECKING([if basic PC/SC program works]) -AC_LINK_IFELSE( - AC_LANG_PROGRAM([[ -#ifdef HAVE_WINTYPES_H -# include -#endif -#ifdef HAVE_PCSCLITE_H -# include -#endif -#ifdef HAVE_WINSCARD_H -# include -#endif -#ifdef HAVE_STDINT_H -# include -#endif -#ifdef HAVE_INTTYPES_H -# include -#endif -#ifdef HAVE_STDLIB_H -# include -#endif -#ifdef HAVE_UNISTD_H -# include -#endif -#ifdef HAVE_STRING_H -# include -#endif -#ifdef HAVE_PTHREAD_H -# include -#endif -#ifdef HAVE_LIMITS_H -# include -#endif -#ifdef HAVE_STDIO_H -# include -#endif -#ifdef HAVE_ZLIB_H -# ifdef HAVE_LIBZ -# include -# endif -#endif - ]], [[ - LPSCARDHANDLE hCard; - SCARDCONTEXT hContext; - DWORD dwActiveProtocol; - LONG scard_conn_ret, scard_est_context_ret; - - scard_est_context_ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext); - - scard_conn_ret = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &hCard, &dwActiveProtocol); - ]]), [ - AC_MSG_RESULT(okay) - ], [ - AC_MSG_RESULT(failed) - - AC_MSG_FAILURE([simple PC/SC program failed]) - ] -) - -dnl Set version script, to limit the scope of symbols -DC_SETVERSIONSCRIPT(libcackey.vers) - -dnl Upate LDFLAGS to include setting the run-time linker path to the same as our compile-time linker -DC_SYNC_RPATH - -dnl If we updated LIBOBJS, update SHLIBOBJS -- must be last. -DC_SYNC_SHLIBOBJS - -dnl Produce Makefile -AC_OUTPUT(Makefile) DELETED leakcheck/README.txt Index: leakcheck/README.txt ================================================================== --- leakcheck/README.txt +++ /dev/null @@ -1,19 +0,0 @@ -This script is intended to be used to parse the "debugging" output produced on -stderr when CACKey is compiled with debugging flags enabled. - -Sample usage: - $ ./test 2> cackey-debug.log - Testing libcackey... - PKCS#11 Client Version: 2.30, Library Version 0.0 - ... - Testing libcackey... DONE. Status = 0 - $ ./leakcheck/leakcheck cackey-debug.log - Unfreed memory 0x804d010: - cackey_mutex_create():2017: MALLOC() = 0x804d010 - - -(Note that the leak from cackey_mutex_create() is normal -- there's no safe way -to clean up that mutex) - -This functionality exists to check for leaks in libcackey independently of -dependent libraries, and the application hosting the library. DELETED leakcheck/leakcheck Index: leakcheck/leakcheck ================================================================== --- leakcheck/leakcheck +++ /dev/null @@ -1,61 +0,0 @@ -#! /bin/bash - -LEAKCHECKFILE="$1" -TMPFILE="${TMPDIR:-/tmp}/malloc-free-check-$$${RANDOM}${RANDOM}${RANDOM}.tmp" -export LEAKCHECKFILE TMPFILE - -if [ -z "${LEAKCHECKFILE}" ]; then - echo "Usage: leakcheck " >&2 - echo " filename Name of file containing debugging output" >&2 - - exit 1 -fi - -egrep '(MALLOC|FREE|REALLOC)' "${LEAKCHECKFILE}" | sed 's@^.*FREE(\(0x[0-9a-f]*\)).*$@free \1@;s@^.*MALLOC() = @malloc @;s@^.*REALLOC(\(0x[0-9a-f]*\)) = @realloc \1 @' > "${TMPFILE}" - -cat "${TMPFILE}" | while read op addr newaddr; do - case "${op}" in - malloc) - if [ -z "${alloclist}" ]; then - alloclist="${addr}" - else - alloclist="${alloclist} ${addr}" - fi - ;; - free) - if ! echo " ${alloclist} " | grep " ${addr} " >/dev/null; then - if [ -z "${alloclist}" ]; then - alloclist="!${addr}" - else - alloclist="${alloclist} !${addr}" - fi - else - alloclist="$(echo " ${alloclist} " | sed "s@ ${addr} @ @;s@^ *@@;s@ *\$@@")" - fi - ;; - realloc) - alloclist="$(echo " ${alloclist} " | sed "s@ ${addr} @ ${newaddr} @;s@^ *@@;s@ *\$@@")" - ;; - esac - - echo "${alloclist}" -done | tail -1 | while read leftovers; do - for leftover in ${leftovers}; do - case "${leftover}" in - !*) - leftover="$(echo "${leftover}" | cut -c 2-)" - - echo "Double freed or never allocated ${leftover}:" - grep "${leftover}" "${LEAKCHECKFILE}" | sed 's@^@ @' - echo '' - ;; - *) - echo "Unfreed memory ${leftover}:" - grep "${leftover}" "${LEAKCHECKFILE}" | sed 's@^@ @' - echo '' - ;; - esac - done -done - -rm -f "${TMPFILE}" DELETED libcackey.vers Index: libcackey.vers ================================================================== --- libcackey.vers +++ /dev/null @@ -1,73 +0,0 @@ -{ - global: - C_CancelFunction; - C_CloseAllSessions; - C_CloseSession; - C_CopyObject; - C_CreateObject; - C_Decrypt; - C_DecryptDigestUpdate; - C_DecryptFinal; - C_DecryptInit; - C_DecryptUpdate; - C_DecryptVerifyUpdate; - C_DeriveKey; - C_DestroyObject; - C_Digest; - C_DigestEncryptUpdate; - C_DigestFinal; - C_DigestInit; - C_DigestKey; - C_DigestUpdate; - C_Encrypt; - C_EncryptFinal; - C_EncryptInit; - C_EncryptUpdate; - C_Finalize; - C_FindObjects; - C_FindObjectsFinal; - C_FindObjectsInit; - C_GenerateKey; - C_GenerateKeyPair; - C_GenerateRandom; - C_GetAttributeValue; - C_GetFunctionList; - C_GetFunctionStatus; - C_GetInfo; - C_GetMechanismInfo; - C_GetMechanismList; - C_GetObjectSize; - C_GetOperationState; - C_GetSessionInfo; - C_GetSlotInfo; - C_GetSlotList; - C_GetTokenInfo; - C_InitPIN; - C_InitToken; - C_Initialize; - C_Login; - C_Logout; - C_OpenSession; - C_SeedRandom; - C_SetAttributeValue; - C_SetOperationState; - C_SetPIN; - C_Sign; - C_SignEncryptUpdate; - C_SignFinal; - C_SignInit; - C_SignRecover; - C_SignRecoverInit; - C_SignUpdate; - C_UnwrapKey; - C_Verify; - C_VerifyFinal; - C_VerifyInit; - C_VerifyRecover; - C_VerifyRecoverInit; - C_VerifyUpdate; - C_WaitForSlotEvent; - C_WrapKey; - local: - *; -}; DELETED pkcs11/mypkcs11.h Index: pkcs11/mypkcs11.h ================================================================== --- pkcs11/mypkcs11.h +++ /dev/null @@ -1,52 +0,0 @@ -/* ***** BEGIN COPYRIGHT BLOCK ***** - * Copyright (C) 2005 Red Hat, Inc. - * All rights reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation version - * 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - * ***** END COPYRIGHT BLOCK *****/ - -#ifndef COOLKEY_MYPKCS11_H -#define COOLKEY_MYPKCS11_H - -#if defined(_WIN32) -#define CK_PTR * -#define CK_DECLARE_FUNCTION(rv,func) rv __declspec(dllexport) func -#define CK_DECLARE_FUNCTION_POINTER(rv,func) rv (* func) -#define CK_CALLBACK_FUNCTION(rv,func) rv (* func) -#define CK_NULL_PTR 0 -#else -#define CK_PTR * -#define CK_DECLARE_FUNCTION(rv,func) rv func -#define CK_DECLARE_FUNCTION_POINTER(rv,func) rv (* func) -#define CK_CALLBACK_FUNCTION(rv,func) rv (* func) -#define CK_NULL_PTR 0 -#endif - -#if defined(_WIN32) -#pragma warning(disable:4103) -#pragma pack(push, cryptoki, 1) -#endif - -#include "pkcs11.h" - -#include "pkcs11n.h" - -#if defined (_WIN32) -#pragma warning(disable:4103) -#pragma pack(pop, cryptoki) -#endif - - -#endif DELETED pkcs11/pkcs11.h Index: pkcs11/pkcs11.h ================================================================== --- pkcs11/pkcs11.h +++ /dev/null @@ -1,309 +0,0 @@ -/* ***** BEGIN COPYRIGHT BLOCK ***** - * Copyright (C) 2005 Red Hat, Inc. - * All rights reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation version - * 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - * ***** END COPYRIGHT BLOCK *****/ - -/* pkcs11.h include file for PKCS #11. 2001 June 25 */ - -#ifndef _PKCS11_H_ -#define _PKCS11_H_ 1 - -#ifdef __cplusplus -extern "C" { -#endif - -/* Before including this file (pkcs11.h) (or pkcs11t.h by - * itself), 6 platform-specific macros must be defined. These - * macros are described below, and typical definitions for them - * are also given. Be advised that these definitions can depend - * on both the platform and the compiler used (and possibly also - * on whether a Cryptoki library is linked statically or - * dynamically). - * - * In addition to defining these 6 macros, the packing convention - * for Cryptoki structures should be set. The Cryptoki - * convention on packing is that structures should be 1-byte - * aligned. - * - * If you're using Microsoft Developer Studio 5.0 to produce - * Win32 stuff, this might be done by using the following - * preprocessor directive before including pkcs11.h or pkcs11t.h: - * - * #pragma pack(push, cryptoki, 1) - * - * and using the following preprocessor directive after including - * pkcs11.h or pkcs11t.h: - * - * #pragma pack(pop, cryptoki) - * - * If you're using an earlier version of Microsoft Developer - * Studio to produce Win16 stuff, this might be done by using - * the following preprocessor directive before including - * pkcs11.h or pkcs11t.h: - * - * #pragma pack(1) - * - * In a UNIX environment, you're on your own for this. You might - * not need to do (or be able to do!) anything. - * - * - * Now for the macros: - * - * - * 1. CK_PTR: The indirection string for making a pointer to an - * object. It can be used like this: - * - * typedef CK_BYTE CK_PTR CK_BYTE_PTR; - * - * If you're using Microsoft Developer Studio 5.0 to produce - * Win32 stuff, it might be defined by: - * - * #define CK_PTR * - * - * If you're using an earlier version of Microsoft Developer - * Studio to produce Win16 stuff, it might be defined by: - * - * #define CK_PTR far * - * - * In a typical UNIX environment, it might be defined by: - * - * #define CK_PTR * - * - * - * 2. CK_DEFINE_FUNCTION(returnType, name): A macro which makes - * an exportable Cryptoki library function definition out of a - * return type and a function name. It should be used in the - * following fashion to define the exposed Cryptoki functions in - * a Cryptoki library: - * - * CK_DEFINE_FUNCTION(CK_RV, C_Initialize)( - * CK_VOID_PTR pReserved - * ) - * { - * ... - * } - * - * If you're using Microsoft Developer Studio 5.0 to define a - * function in a Win32 Cryptoki .dll, it might be defined by: - * - * #define CK_DEFINE_FUNCTION(returnType, name) \ - * returnType __declspec(dllexport) name - * - * If you're using an earlier version of Microsoft Developer - * Studio to define a function in a Win16 Cryptoki .dll, it - * might be defined by: - * - * #define CK_DEFINE_FUNCTION(returnType, name) \ - * returnType __export _far _pascal name - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DEFINE_FUNCTION(returnType, name) \ - * returnType name - * - * - * 3. CK_DECLARE_FUNCTION(returnType, name): A macro which makes - * an importable Cryptoki library function declaration out of a - * return type and a function name. It should be used in the - * following fashion: - * - * extern CK_DECLARE_FUNCTION(CK_RV, C_Initialize)( - * CK_VOID_PTR pReserved - * ); - * - * If you're using Microsoft Developer Studio 5.0 to declare a - * function in a Win32 Cryptoki .dll, it might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType __declspec(dllimport) name - * - * If you're using an earlier version of Microsoft Developer - * Studio to declare a function in a Win16 Cryptoki .dll, it - * might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType __export _far _pascal name - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DECLARE_FUNCTION(returnType, name) \ - * returnType name - * - * - * 4. CK_DECLARE_FUNCTION_POINTER(returnType, name): A macro - * which makes a Cryptoki API function pointer declaration or - * function pointer type declaration out of a return type and a - * function name. It should be used in the following fashion: - * - * // Define funcPtr to be a pointer to a Cryptoki API function - * // taking arguments args and returning CK_RV. - * CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtr)(args); - * - * or - * - * // Define funcPtrType to be the type of a pointer to a - * // Cryptoki API function taking arguments args and returning - * // CK_RV, and then define funcPtr to be a variable of type - * // funcPtrType. - * typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, funcPtrType)(args); - * funcPtrType funcPtr; - * - * If you're using Microsoft Developer Studio 5.0 to access - * functions in a Win32 Cryptoki .dll, in might be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType __declspec(dllimport) (* name) - * - * If you're using an earlier version of Microsoft Developer - * Studio to access functions in a Win16 Cryptoki .dll, it might - * be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType __export _far _pascal (* name) - * - * In a UNIX environment, it might be defined by: - * - * #define CK_DECLARE_FUNCTION_POINTER(returnType, name) \ - * returnType (* name) - * - * - * 5. CK_CALLBACK_FUNCTION(returnType, name): A macro which makes - * a function pointer type for an application callback out of - * a return type for the callback and a name for the callback. - * It should be used in the following fashion: - * - * CK_CALLBACK_FUNCTION(CK_RV, myCallback)(args); - * - * to declare a function pointer, myCallback, to a callback - * which takes arguments args and returns a CK_RV. It can also - * be used like this: - * - * typedef CK_CALLBACK_FUNCTION(CK_RV, myCallbackType)(args); - * myCallbackType myCallback; - * - * If you're using Microsoft Developer Studio 5.0 to do Win32 - * Cryptoki development, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType (* name) - * - * If you're using an earlier version of Microsoft Developer - * Studio to do Win16 development, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType _far _pascal (* name) - * - * In a UNIX environment, it might be defined by: - * - * #define CK_CALLBACK_FUNCTION(returnType, name) \ - * returnType (* name) - * - * - * 6. NULL_PTR: This macro is the value of a NULL pointer. - * - * In any ANSI/ISO C environment (and in many others as well), - * this should best be defined by - * - * #ifndef NULL_PTR - * #define NULL_PTR 0 - * #endif - */ - -#ifdef _WIN32 -#pragma pack(push, cryptoki, 1) -#endif - -/* All the various Cryptoki types and #define'd values are in the - * file pkcs11t.h. */ -#include "pkcs11t.h" - -#define __PASTE(x,y) x##y - - -/* ============================================================== - * Define the "extern" form of all the entry points. - * ============================================================== - */ - -#define CK_NEED_ARG_LIST 1 -#define CK_PKCS11_FUNCTION_INFO(name) \ - CK_DECLARE_FUNCTION(CK_RV, name) - -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. */ -#include "pkcs11f.h" - -#undef CK_NEED_ARG_LIST -#undef CK_PKCS11_FUNCTION_INFO - - -/* ============================================================== - * Define the typedef form of all the entry points. That is, for - * each Cryptoki function C_XXX, define a type CK_C_XXX which is - * a pointer to that kind of function. - * ============================================================== - */ - -#define CK_NEED_ARG_LIST 1 -#define CK_PKCS11_FUNCTION_INFO(name) \ - typedef CK_DECLARE_FUNCTION_POINTER(CK_RV, __PASTE(CK_,name)) - -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. */ -#include "pkcs11f.h" - -#undef CK_NEED_ARG_LIST -#undef CK_PKCS11_FUNCTION_INFO - - -/* ============================================================== - * Define structed vector of entry points. A CK_FUNCTION_LIST - * contains a CK_VERSION indicating a library's Cryptoki version - * and then a whole slew of function pointers to the routines in - * the library. This type was declared, but not defined, in - * pkcs11t.h. - * ============================================================== - */ - -#define CK_PKCS11_FUNCTION_INFO(name) \ - __PASTE(CK_,name) name; - -struct CK_FUNCTION_LIST { - - CK_VERSION version; /* Cryptoki version */ - -/* Pile all the function pointers into the CK_FUNCTION_LIST. */ -/* pkcs11f.h has all the information about the Cryptoki - * function prototypes. */ -#include "pkcs11f.h" - -}; - -#ifdef _WIN32 -#pragma pack(pop, cryptoki) -#endif - -#undef CK_PKCS11_FUNCTION_INFO - - -#undef __PASTE - -#ifdef __cplusplus -} -#endif - -#endif DELETED pkcs11/pkcs11f.h Index: pkcs11/pkcs11f.h ================================================================== --- pkcs11/pkcs11f.h +++ /dev/null @@ -1,917 +0,0 @@ -/* ***** BEGIN COPYRIGHT BLOCK ***** - * Copyright (C) 2005 Red Hat, Inc. - * All rights reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation version - * 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - * ***** END COPYRIGHT BLOCK *****/ - -/* pkcs11f.h include file for PKCS #11. 2001 June 25 */ - -/* This function contains pretty much everything about all the */ -/* Cryptoki function prototypes. Because this information is */ -/* used for more than just declaring function prototypes, the */ -/* order of the functions appearing herein is important, and */ -/* should not be altered. */ - - - -/* General-purpose */ - -/* C_Initialize initializes the Cryptoki library. */ -CK_PKCS11_FUNCTION_INFO(C_Initialize) -#ifdef CK_NEED_ARG_LIST -( - CK_VOID_PTR pInitArgs /* if this is not NULL_PTR, it gets - * cast to CK_C_INITIALIZE_ARGS_PTR - * and dereferenced */ -); -#endif - - -/* C_Finalize indicates that an application is done with the - * Cryptoki library. */ -CK_PKCS11_FUNCTION_INFO(C_Finalize) -#ifdef CK_NEED_ARG_LIST -( - CK_VOID_PTR pReserved /* reserved. Should be NULL_PTR */ -); -#endif - - -/* C_GetInfo returns general information about Cryptoki. */ -CK_PKCS11_FUNCTION_INFO(C_GetInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_INFO_PTR pInfo /* location that receives information */ -); -#endif - - -/* C_GetFunctionList returns the function list. */ -CK_PKCS11_FUNCTION_INFO(C_GetFunctionList) -#ifdef CK_NEED_ARG_LIST -( - CK_FUNCTION_LIST_PTR_PTR ppFunctionList /* receives pointer to - * function list */ -); -#endif - - - -/* Slot and token management */ - -/* C_GetSlotList obtains a list of slots in the system. */ -CK_PKCS11_FUNCTION_INFO(C_GetSlotList) -#ifdef CK_NEED_ARG_LIST -( - CK_BBOOL tokenPresent, /* only slots with tokens? */ - CK_SLOT_ID_PTR pSlotList, /* receives array of slot IDs */ - CK_ULONG_PTR pulCount /* receives number of slots */ -); -#endif - - -/* C_GetSlotInfo obtains information about a particular slot in - * the system. */ -CK_PKCS11_FUNCTION_INFO(C_GetSlotInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* the ID of the slot */ - CK_SLOT_INFO_PTR pInfo /* receives the slot information */ -); -#endif - - -/* C_GetTokenInfo obtains information about a particular token - * in the system. */ -CK_PKCS11_FUNCTION_INFO(C_GetTokenInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_TOKEN_INFO_PTR pInfo /* receives the token information */ -); -#endif - - -/* C_GetMechanismList obtains a list of mechanism types - * supported by a token. */ -CK_PKCS11_FUNCTION_INFO(C_GetMechanismList) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of token's slot */ - CK_MECHANISM_TYPE_PTR pMechanismList, /* gets mech. array */ - CK_ULONG_PTR pulCount /* gets # of mechs. */ -); -#endif - - -/* C_GetMechanismInfo obtains information about a particular - * mechanism possibly supported by a token. */ -CK_PKCS11_FUNCTION_INFO(C_GetMechanismInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_MECHANISM_TYPE type, /* type of mechanism */ - CK_MECHANISM_INFO_PTR pInfo /* receives mechanism info */ -); -#endif - - -/* C_InitToken initializes a token. */ -CK_PKCS11_FUNCTION_INFO(C_InitToken) -#ifdef CK_NEED_ARG_LIST -/* pLabel changed from CK_CHAR_PTR to CK_UTF8CHAR_PTR for v2.10 */ -( - CK_SLOT_ID slotID, /* ID of the token's slot */ - CK_UTF8CHAR_PTR pPin, /* the SO's initial PIN */ - CK_ULONG ulPinLen, /* length in bytes of the PIN */ - CK_UTF8CHAR_PTR pLabel /* 32-byte token label (blank padded) */ -); -#endif - - -/* C_InitPIN initializes the normal user's PIN. */ -CK_PKCS11_FUNCTION_INFO(C_InitPIN) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_UTF8CHAR_PTR pPin, /* the normal user's PIN */ - CK_ULONG ulPinLen /* length in bytes of the PIN */ -); -#endif - - -/* C_SetPIN modifies the PIN of the user who is logged in. */ -CK_PKCS11_FUNCTION_INFO(C_SetPIN) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_UTF8CHAR_PTR pOldPin, /* the old PIN */ - CK_ULONG ulOldLen, /* length of the old PIN */ - CK_UTF8CHAR_PTR pNewPin, /* the new PIN */ - CK_ULONG ulNewLen /* length of the new PIN */ -); -#endif - - - -/* Session management */ - -/* C_OpenSession opens a session between an application and a - * token. */ -CK_PKCS11_FUNCTION_INFO(C_OpenSession) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID, /* the slot's ID */ - CK_FLAGS flags, /* from CK_SESSION_INFO */ - CK_VOID_PTR pApplication, /* passed to callback */ - CK_NOTIFY Notify, /* callback function */ - CK_SESSION_HANDLE_PTR phSession /* gets session handle */ -); -#endif - - -/* C_CloseSession closes a session between an application and a - * token. */ -CK_PKCS11_FUNCTION_INFO(C_CloseSession) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_CloseAllSessions closes all sessions with a token. */ -CK_PKCS11_FUNCTION_INFO(C_CloseAllSessions) -#ifdef CK_NEED_ARG_LIST -( - CK_SLOT_ID slotID /* the token's slot */ -); -#endif - - -/* C_GetSessionInfo obtains information about the session. */ -CK_PKCS11_FUNCTION_INFO(C_GetSessionInfo) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_SESSION_INFO_PTR pInfo /* receives session info */ -); -#endif - - -/* C_GetOperationState obtains the state of the cryptographic operation - * in a session. */ -CK_PKCS11_FUNCTION_INFO(C_GetOperationState) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pOperationState, /* gets state */ - CK_ULONG_PTR pulOperationStateLen /* gets state length */ -); -#endif - - -/* C_SetOperationState restores the state of the cryptographic - * operation in a session. */ -CK_PKCS11_FUNCTION_INFO(C_SetOperationState) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pOperationState, /* holds state */ - CK_ULONG ulOperationStateLen, /* holds state length */ - CK_OBJECT_HANDLE hEncryptionKey, /* en/decryption key */ - CK_OBJECT_HANDLE hAuthenticationKey /* sign/verify key */ -); -#endif - - -/* C_Login logs a user into a token. */ -CK_PKCS11_FUNCTION_INFO(C_Login) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_USER_TYPE userType, /* the user type */ - CK_UTF8CHAR_PTR pPin, /* the user's PIN */ - CK_ULONG ulPinLen /* the length of the PIN */ -); -#endif - - -/* C_Logout logs a user out from a token. */ -CK_PKCS11_FUNCTION_INFO(C_Logout) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Object management */ - -/* C_CreateObject creates a new object. */ -CK_PKCS11_FUNCTION_INFO(C_CreateObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* the object's template */ - CK_ULONG ulCount, /* attributes in template */ - CK_OBJECT_HANDLE_PTR phObject /* gets new object's handle. */ -); -#endif - - -/* C_CopyObject copies an object, creating a new object for the - * copy. */ -CK_PKCS11_FUNCTION_INFO(C_CopyObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* template for new object */ - CK_ULONG ulCount, /* attributes in template */ - CK_OBJECT_HANDLE_PTR phNewObject /* receives handle of copy */ -); -#endif - - -/* C_DestroyObject destroys an object. */ -CK_PKCS11_FUNCTION_INFO(C_DestroyObject) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject /* the object's handle */ -); -#endif - - -/* C_GetObjectSize gets the size of an object in bytes. */ -CK_PKCS11_FUNCTION_INFO(C_GetObjectSize) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ULONG_PTR pulSize /* receives size of object */ -); -#endif - - -/* C_GetAttributeValue obtains the value of one or more object - * attributes. */ -CK_PKCS11_FUNCTION_INFO(C_GetAttributeValue) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs; gets vals */ - CK_ULONG ulCount /* attributes in template */ -); -#endif - - -/* C_SetAttributeValue modifies the value of one or more object - * attributes */ -CK_PKCS11_FUNCTION_INFO(C_SetAttributeValue) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hObject, /* the object's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* specifies attrs and values */ - CK_ULONG ulCount /* attributes in template */ -); -#endif - - -/* C_FindObjectsInit initializes a search for token and session - * objects that match a template. */ -CK_PKCS11_FUNCTION_INFO(C_FindObjectsInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_ATTRIBUTE_PTR pTemplate, /* attribute values to match */ - CK_ULONG ulCount /* attrs in search template */ -); -#endif - - -/* C_FindObjects continues a search for token and session - * objects that match a template, obtaining additional object - * handles. */ -CK_PKCS11_FUNCTION_INFO(C_FindObjects) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_OBJECT_HANDLE_PTR phObject, /* gets obj. handles */ - CK_ULONG ulMaxObjectCount, /* max handles to get */ - CK_ULONG_PTR pulObjectCount /* actual # returned */ -); -#endif - - -/* C_FindObjectsFinal finishes a search for token and session - * objects. */ -CK_PKCS11_FUNCTION_INFO(C_FindObjectsFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Encryption and decryption */ - -/* C_EncryptInit initializes an encryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_EncryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the encryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of encryption key */ -); -#endif - - -/* C_Encrypt encrypts single-part data. */ -CK_PKCS11_FUNCTION_INFO(C_Encrypt) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pData, /* the plaintext data */ - CK_ULONG ulDataLen, /* bytes of plaintext */ - CK_BYTE_PTR pEncryptedData, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedDataLen /* gets c-text size */ -); -#endif - - -/* C_EncryptUpdate continues a multiple-part encryption - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_EncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext data len */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text size */ -); -#endif - - -/* C_EncryptFinal finishes a multiple-part encryption - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_EncryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session handle */ - CK_BYTE_PTR pLastEncryptedPart, /* last c-text */ - CK_ULONG_PTR pulLastEncryptedPartLen /* gets last size */ -); -#endif - - -/* C_DecryptInit initializes a decryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the decryption mechanism */ - CK_OBJECT_HANDLE hKey /* handle of decryption key */ -); -#endif - - -/* C_Decrypt decrypts encrypted data in a single part. */ -CK_PKCS11_FUNCTION_INFO(C_Decrypt) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedData, /* ciphertext */ - CK_ULONG ulEncryptedDataLen, /* ciphertext length */ - CK_BYTE_PTR pData, /* gets plaintext */ - CK_ULONG_PTR pulDataLen /* gets p-text size */ -); -#endif - - -/* C_DecryptUpdate continues a multiple-part decryption - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* encrypted data */ - CK_ULONG ulEncryptedPartLen, /* input length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* p-text size */ -); -#endif - - -/* C_DecryptFinal finishes a multiple-part decryption - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pLastPart, /* gets plaintext */ - CK_ULONG_PTR pulLastPartLen /* p-text size */ -); -#endif - - - -/* Message digesting */ - -/* C_DigestInit initializes a message-digesting operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism /* the digesting mechanism */ -); -#endif - - -/* C_Digest digests data in a single part. */ -CK_PKCS11_FUNCTION_INFO(C_Digest) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* data to be digested */ - CK_ULONG ulDataLen, /* bytes of data to digest */ - CK_BYTE_PTR pDigest, /* gets the message digest */ - CK_ULONG_PTR pulDigestLen /* gets digest length */ -); -#endif - - -/* C_DigestUpdate continues a multiple-part message-digesting - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* data to be digested */ - CK_ULONG ulPartLen /* bytes of data to be digested */ -); -#endif - - -/* C_DigestKey continues a multi-part message-digesting - * operation, by digesting the value of a secret key as part of - * the data already digested. */ -CK_PKCS11_FUNCTION_INFO(C_DigestKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_OBJECT_HANDLE hKey /* secret key to digest */ -); -#endif - - -/* C_DigestFinal finishes a multiple-part message-digesting - * operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pDigest, /* gets the message digest */ - CK_ULONG_PTR pulDigestLen /* gets byte count of digest */ -); -#endif - - - -/* Signing and MACing */ - -/* C_SignInit initializes a signature (private key encryption) - * operation, where the signature is (will be) an appendix to - * the data, and plaintext cannot be recovered from the - *signature. */ -CK_PKCS11_FUNCTION_INFO(C_SignInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ - CK_OBJECT_HANDLE hKey /* handle of signature key */ -); -#endif - - -/* C_Sign signs (encrypts with private key) data in a single - * part, where the signature is (will be) an appendix to the - * data, and plaintext cannot be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_Sign) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* the data to sign */ - CK_ULONG ulDataLen, /* count of bytes to sign */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - -/* C_SignUpdate continues a multiple-part signature operation, - * where the signature is (will be) an appendix to the data, - * and plaintext cannot be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_SignUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* the data to sign */ - CK_ULONG ulPartLen /* count of bytes to sign */ -); -#endif - - -/* C_SignFinal finishes a multiple-part signature operation, - * returning the signature. */ -CK_PKCS11_FUNCTION_INFO(C_SignFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - -/* C_SignRecoverInit initializes a signature operation, where - * the data can be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_SignRecoverInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the signature mechanism */ - CK_OBJECT_HANDLE hKey /* handle of the signature key */ -); -#endif - - -/* C_SignRecover signs data in a single operation, where the - * data can be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_SignRecover) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* the data to sign */ - CK_ULONG ulDataLen, /* count of bytes to sign */ - CK_BYTE_PTR pSignature, /* gets the signature */ - CK_ULONG_PTR pulSignatureLen /* gets signature length */ -); -#endif - - - -/* Verifying signatures and MACs */ - -/* C_VerifyInit initializes a verification operation, where the - * signature is an appendix to the data, and plaintext cannot - * cannot be recovered from the signature (e.g. DSA). */ -CK_PKCS11_FUNCTION_INFO(C_VerifyInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ - CK_OBJECT_HANDLE hKey /* verification key */ -); -#endif - - -/* C_Verify verifies a signature in a single-part operation, - * where the signature is an appendix to the data, and plaintext - * cannot be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_Verify) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pData, /* signed data */ - CK_ULONG ulDataLen, /* length of signed data */ - CK_BYTE_PTR pSignature, /* signature */ - CK_ULONG ulSignatureLen /* signature length*/ -); -#endif - - -/* C_VerifyUpdate continues a multiple-part verification - * operation, where the signature is an appendix to the data, - * and plaintext cannot be recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_VerifyUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pPart, /* signed data */ - CK_ULONG ulPartLen /* length of signed data */ -); -#endif - - -/* C_VerifyFinal finishes a multiple-part verification - * operation, checking the signature. */ -CK_PKCS11_FUNCTION_INFO(C_VerifyFinal) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* signature to verify */ - CK_ULONG ulSignatureLen /* signature length */ -); -#endif - - -/* C_VerifyRecoverInit initializes a signature verification - * operation, where the data is recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_VerifyRecoverInit) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the verification mechanism */ - CK_OBJECT_HANDLE hKey /* verification key */ -); -#endif - - -/* C_VerifyRecover verifies a signature in a single-part - * operation, where the data is recovered from the signature. */ -CK_PKCS11_FUNCTION_INFO(C_VerifyRecover) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSignature, /* signature to verify */ - CK_ULONG ulSignatureLen, /* signature length */ - CK_BYTE_PTR pData, /* gets signed data */ - CK_ULONG_PTR pulDataLen /* gets signed data len */ -); -#endif - - - -/* Dual-function cryptographic operations */ - -/* C_DigestEncryptUpdate continues a multiple-part digesting - * and encryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_DigestEncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext length */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ -); -#endif - - -/* C_DecryptDigestUpdate continues a multiple-part decryption and - * digesting operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptDigestUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* ciphertext */ - CK_ULONG ulEncryptedPartLen, /* ciphertext length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* gets plaintext len */ -); -#endif - - -/* C_SignEncryptUpdate continues a multiple-part signing and - * encryption operation. */ -CK_PKCS11_FUNCTION_INFO(C_SignEncryptUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pPart, /* the plaintext data */ - CK_ULONG ulPartLen, /* plaintext length */ - CK_BYTE_PTR pEncryptedPart, /* gets ciphertext */ - CK_ULONG_PTR pulEncryptedPartLen /* gets c-text length */ -); -#endif - - -/* C_DecryptVerifyUpdate continues a multiple-part decryption and - * verify operation. */ -CK_PKCS11_FUNCTION_INFO(C_DecryptVerifyUpdate) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_BYTE_PTR pEncryptedPart, /* ciphertext */ - CK_ULONG ulEncryptedPartLen, /* ciphertext length */ - CK_BYTE_PTR pPart, /* gets plaintext */ - CK_ULONG_PTR pulPartLen /* gets p-text length */ -); -#endif - - - -/* Key management */ - -/* C_GenerateKey generates a secret key, creating a new key - * object. */ -CK_PKCS11_FUNCTION_INFO(C_GenerateKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* key generation mech. */ - CK_ATTRIBUTE_PTR pTemplate, /* template for new key */ - CK_ULONG ulCount, /* # of attrs in template */ - CK_OBJECT_HANDLE_PTR phKey /* gets handle of new key */ -); -#endif - - -/* C_GenerateKeyPair generates a public-key/private-key pair, - * creating new key objects. */ -CK_PKCS11_FUNCTION_INFO(C_GenerateKeyPair) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session - * handle */ - CK_MECHANISM_PTR pMechanism, /* key-gen - * mech. */ - CK_ATTRIBUTE_PTR pPublicKeyTemplate, /* template - * for pub. - * key */ - CK_ULONG ulPublicKeyAttributeCount, /* # pub. - * attrs. */ - CK_ATTRIBUTE_PTR pPrivateKeyTemplate, /* template - * for priv. - * key */ - CK_ULONG ulPrivateKeyAttributeCount, /* # priv. - * attrs. */ - CK_OBJECT_HANDLE_PTR phPublicKey, /* gets pub. - * key - * handle */ - CK_OBJECT_HANDLE_PTR phPrivateKey /* gets - * priv. key - * handle */ -); -#endif - - -/* C_WrapKey wraps (i.e., encrypts) a key. */ -CK_PKCS11_FUNCTION_INFO(C_WrapKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_MECHANISM_PTR pMechanism, /* the wrapping mechanism */ - CK_OBJECT_HANDLE hWrappingKey, /* wrapping key */ - CK_OBJECT_HANDLE hKey, /* key to be wrapped */ - CK_BYTE_PTR pWrappedKey, /* gets wrapped key */ - CK_ULONG_PTR pulWrappedKeyLen /* gets wrapped key size */ -); -#endif - - -/* C_UnwrapKey unwraps (decrypts) a wrapped key, creating a new - * key object. */ -CK_PKCS11_FUNCTION_INFO(C_UnwrapKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_MECHANISM_PTR pMechanism, /* unwrapping mech. */ - CK_OBJECT_HANDLE hUnwrappingKey, /* unwrapping key */ - CK_BYTE_PTR pWrappedKey, /* the wrapped key */ - CK_ULONG ulWrappedKeyLen, /* wrapped key len */ - CK_ATTRIBUTE_PTR pTemplate, /* new key template */ - CK_ULONG ulAttributeCount, /* template length */ - CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ -); -#endif - - -/* C_DeriveKey derives a key from a base key, creating a new key - * object. */ -CK_PKCS11_FUNCTION_INFO(C_DeriveKey) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* session's handle */ - CK_MECHANISM_PTR pMechanism, /* key deriv. mech. */ - CK_OBJECT_HANDLE hBaseKey, /* base key */ - CK_ATTRIBUTE_PTR pTemplate, /* new key template */ - CK_ULONG ulAttributeCount, /* template length */ - CK_OBJECT_HANDLE_PTR phKey /* gets new handle */ -); -#endif - - - -/* Random number generation */ - -/* C_SeedRandom mixes additional seed material into the token's - * random number generator. */ -CK_PKCS11_FUNCTION_INFO(C_SeedRandom) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR pSeed, /* the seed material */ - CK_ULONG ulSeedLen /* length of seed material */ -); -#endif - - -/* C_GenerateRandom generates random data. */ -CK_PKCS11_FUNCTION_INFO(C_GenerateRandom) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_BYTE_PTR RandomData, /* receives the random data */ - CK_ULONG ulRandomLen /* # of bytes to generate */ -); -#endif - - - -/* Parallel function management */ - -/* C_GetFunctionStatus is a legacy function; it obtains an - * updated status of a function running in parallel with an - * application. */ -CK_PKCS11_FUNCTION_INFO(C_GetFunctionStatus) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - -/* C_CancelFunction is a legacy function; it cancels a function - * running in parallel. */ -CK_PKCS11_FUNCTION_INFO(C_CancelFunction) -#ifdef CK_NEED_ARG_LIST -( - CK_SESSION_HANDLE hSession /* the session's handle */ -); -#endif - - - -/* Functions added in for Cryptoki Version 2.01 or later */ - -/* C_WaitForSlotEvent waits for a slot event (token insertion, - * removal, etc.) to occur. */ -CK_PKCS11_FUNCTION_INFO(C_WaitForSlotEvent) -#ifdef CK_NEED_ARG_LIST -( - CK_FLAGS flags, /* blocking/nonblocking flag */ - CK_SLOT_ID_PTR pSlot, /* location that receives the slot ID */ - CK_VOID_PTR pRserved /* reserved. Should be NULL_PTR */ -); -#endif DELETED pkcs11/pkcs11n.h Index: pkcs11/pkcs11n.h ================================================================== --- pkcs11/pkcs11n.h +++ /dev/null @@ -1,76 +0,0 @@ -/* ***** BEGIN COPYRIGHT BLOCK ***** - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1994-2000 Netscape Communications Corporation. All - * Rights Reserved. - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - * ***** END COPYRIGHT BLOCK *****/ - -#ifndef _PKCS11N_H_ -#define _PKCS11N_H_ - -#ifdef DEBUG -static const char CKT_CVS_ID[] = "@(#) $RCSfile: pkcs11n.h,v $ $Revision: 1.1 $ $Date: 2006/06/09 18:39:11 $ $Name: $"; -#endif /* DEBUG */ - -/* - * pkcs11n.h - * - * This file contains the NSS-specific type definitions for Cryptoki - * (PKCS#11). - */ - -/* - * NSSCK_VENDOR_NETSCAPE - * - * Cryptoki reserves the high half of all the number spaces for - * vendor-defined use. I'd like to keep all of our Netscape- - * specific values together, but not in the oh-so-obvious - * 0x80000001, 0x80000002, etc. area. So I've picked an offset, - * and constructed values for the beginnings of our spaces. - * - * Note that some "historical" Netscape values don't fall within - * this range. - */ -#define NSSCK_VENDOR_NETSCAPE 0x4E534350 /* NSCP */ - -/* - * Netscape-defined object classes - * - */ -#define CKO_NETSCAPE (CKO_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE) -#define CKO_MOZ_READER (CKO_NETSCAPE + 5) - -/* - * Netscape-defined object attributes - * - */ -#define CKA_NETSCAPE (CKA_VENDOR_DEFINED|NSSCK_VENDOR_NETSCAPE) -#define CKA_MOZ_IS_COOL_KEY (CKA_NETSCAPE + 24) -#define CKA_MOZ_ATR (CKA_NETSCAPE + 25) -#define CKA_MOZ_TPS_URL (CKA_NETSCAPE + 26) - -#endif /* _PKCS11N_H_ */ DELETED pkcs11/pkcs11t.h Index: pkcs11/pkcs11t.h ================================================================== --- pkcs11/pkcs11t.h +++ /dev/null @@ -1,1353 +0,0 @@ -/* ***** BEGIN COPYRIGHT BLOCK ***** - * Copyright (C) 2005 Red Hat, Inc. - * All rights reserved. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation version - * 2.1 of the License. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - * ***** END COPYRIGHT BLOCK *****/ - -/* pkcs11t.h include file for PKCS #11. 2001 June 25 */ - -/* See top of pkcs11.h for information about the macros that - * must be defined and the structure-packing conventions that - * must be set before including this file. */ - -#ifndef _PKCS11T_H_ -#define _PKCS11T_H_ 1 - -#ifndef FALSE -#define FALSE 0 -#endif - -#ifndef TRUE -#define TRUE (!FALSE) -#endif - - -/* an unsigned 8-bit value */ -typedef unsigned char CK_BYTE; - -/* an unsigned 8-bit character */ -typedef CK_BYTE CK_CHAR; - -/* an 8-bit UTF-8 character */ -typedef CK_BYTE CK_UTF8CHAR; - -/* a BYTE-sized Boolean flag */ -typedef CK_BYTE CK_BBOOL; - -/* an unsigned value, at least 32 bits long */ -typedef unsigned long int CK_ULONG; - -/* a signed value, the same size as a CK_ULONG */ -/* CK_LONG is new for v2.0 */ -typedef long int CK_LONG; - -/* at least 32 bits; each bit is a Boolean flag */ -typedef CK_ULONG CK_FLAGS; - - -/* some special values for certain CK_ULONG variables */ -#define CK_UNAVAILABLE_INFORMATION (~0UL) -#define CK_EFFECTIVELY_INFINITE 0 - - -typedef CK_BYTE CK_PTR CK_BYTE_PTR; -typedef CK_CHAR CK_PTR CK_CHAR_PTR; -typedef CK_UTF8CHAR CK_PTR CK_UTF8CHAR_PTR; -typedef CK_ULONG CK_PTR CK_ULONG_PTR; -typedef void CK_PTR CK_VOID_PTR; - -/* Pointer to a CK_VOID_PTR-- i.e., pointer to pointer to void */ -typedef CK_VOID_PTR CK_PTR CK_VOID_PTR_PTR; - - -/* The following value is always invalid if used as a session */ -/* handle or object handle */ -#define CK_INVALID_HANDLE 0 - - -typedef struct CK_VERSION { - CK_BYTE major; /* integer portion of version number */ - CK_BYTE minor; /* 1/100ths portion of version number */ -} CK_VERSION; - -typedef CK_VERSION CK_PTR CK_VERSION_PTR; - - -typedef struct CK_INFO { - /* manufacturerID and libraryDecription have been changed from - * CK_CHAR to CK_UTF8CHAR for v2.10 */ - CK_VERSION cryptokiVersion; /* Cryptoki interface ver */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_FLAGS flags; /* must be zero */ - - /* libraryDescription and libraryVersion are new for v2.0 */ - CK_UTF8CHAR libraryDescription[32]; /* blank padded */ - CK_VERSION libraryVersion; /* version of library */ -} CK_INFO; - -typedef CK_INFO CK_PTR CK_INFO_PTR; - - -/* CK_NOTIFICATION enumerates the types of notifications that - * Cryptoki provides to an application */ -/* CK_NOTIFICATION has been changed from an enum to a CK_ULONG - * for v2.0 */ -typedef CK_ULONG CK_NOTIFICATION; -#define CKN_SURRENDER 0 - - -typedef CK_ULONG CK_SLOT_ID; - -typedef CK_SLOT_ID CK_PTR CK_SLOT_ID_PTR; - - -/* CK_SLOT_INFO provides information about a slot */ -typedef struct CK_SLOT_INFO { - /* slotDescription and manufacturerID have been changed from - * CK_CHAR to CK_UTF8CHAR for v2.10 */ - CK_UTF8CHAR slotDescription[64]; /* blank padded */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_FLAGS flags; - - /* hardwareVersion and firmwareVersion are new for v2.0 */ - CK_VERSION hardwareVersion; /* version of hardware */ - CK_VERSION firmwareVersion; /* version of firmware */ -} CK_SLOT_INFO; - -/* flags: bit flags that provide capabilities of the slot - * Bit Flag Mask Meaning - */ -#define CKF_TOKEN_PRESENT 0x00000001 /* a token is there */ -#define CKF_REMOVABLE_DEVICE 0x00000002 /* removable devices*/ -#define CKF_HW_SLOT 0x00000004 /* hardware slot */ - -typedef CK_SLOT_INFO CK_PTR CK_SLOT_INFO_PTR; - - -/* CK_TOKEN_INFO provides information about a token */ -typedef struct CK_TOKEN_INFO { - /* label, manufacturerID, and model have been changed from - * CK_CHAR to CK_UTF8CHAR for v2.10 */ - CK_UTF8CHAR label[32]; /* blank padded */ - CK_UTF8CHAR manufacturerID[32]; /* blank padded */ - CK_UTF8CHAR model[16]; /* blank padded */ - CK_CHAR serialNumber[16]; /* blank padded */ - CK_FLAGS flags; /* see below */ - - /* ulMaxSessionCount, ulSessionCount, ulMaxRwSessionCount, - * ulRwSessionCount, ulMaxPinLen, and ulMinPinLen have all been - * changed from CK_USHORT to CK_ULONG for v2.0 */ - CK_ULONG ulMaxSessionCount; /* max open sessions */ - CK_ULONG ulSessionCount; /* sess. now open */ - CK_ULONG ulMaxRwSessionCount; /* max R/W sessions */ - CK_ULONG ulRwSessionCount; /* R/W sess. now open */ - CK_ULONG ulMaxPinLen; /* in bytes */ - CK_ULONG ulMinPinLen; /* in bytes */ - CK_ULONG ulTotalPublicMemory; /* in bytes */ - CK_ULONG ulFreePublicMemory; /* in bytes */ - CK_ULONG ulTotalPrivateMemory; /* in bytes */ - CK_ULONG ulFreePrivateMemory; /* in bytes */ - - /* hardwareVersion, firmwareVersion, and time are new for - * v2.0 */ - CK_VERSION hardwareVersion; /* version of hardware */ - CK_VERSION firmwareVersion; /* version of firmware */ - CK_CHAR utcTime[16]; /* time */ -} CK_TOKEN_INFO; - -/* The flags parameter is defined as follows: - * Bit Flag Mask Meaning - */ -#define CKF_RNG 0x00000001 /* has random # - * generator */ -#define CKF_WRITE_PROTECTED 0x00000002 /* token is - * write- - * protected */ -#define CKF_LOGIN_REQUIRED 0x00000004 /* user must - * login */ -#define CKF_USER_PIN_INITIALIZED 0x00000008 /* normal user's - * PIN is set */ - -/* CKF_RESTORE_KEY_NOT_NEEDED is new for v2.0. If it is set, - * that means that *every* time the state of cryptographic - * operations of a session is successfully saved, all keys - * needed to continue those operations are stored in the state */ -#define CKF_RESTORE_KEY_NOT_NEEDED 0x00000020 - -/* CKF_CLOCK_ON_TOKEN is new for v2.0. If it is set, that means - * that the token has some sort of clock. The time on that - * clock is returned in the token info structure */ -#define CKF_CLOCK_ON_TOKEN 0x00000040 - -/* CKF_PROTECTED_AUTHENTICATION_PATH is new for v2.0. If it is - * set, that means that there is some way for the user to login - * without sending a PIN through the Cryptoki library itself */ -#define CKF_PROTECTED_AUTHENTICATION_PATH 0x00000100 - -/* CKF_DUAL_CRYPTO_OPERATIONS is new for v2.0. If it is true, - * that means that a single session with the token can perform - * dual simultaneous cryptographic operations (digest and - * encrypt; decrypt and digest; sign and encrypt; and decrypt - * and sign) */ -#define CKF_DUAL_CRYPTO_OPERATIONS 0x00000200 - -/* CKF_TOKEN_INITIALIZED if new for v2.10. If it is true, the - * token has been initialized using C_InitializeToken or an - * equivalent mechanism outside the scope of PKCS #11. - * Calling C_InitializeToken when this flag is set will cause - * the token to be reinitialized. */ -#define CKF_TOKEN_INITIALIZED 0x00000400 - -/* CKF_SECONDARY_AUTHENTICATION if new for v2.10. If it is - * true, the token supports secondary authentication for - * private key objects. */ -#define CKF_SECONDARY_AUTHENTICATION 0x00000800 - -/* CKF_USER_PIN_COUNT_LOW if new for v2.10. If it is true, an - * incorrect user login PIN has been entered at least once - * since the last successful authentication. */ -#define CKF_USER_PIN_COUNT_LOW 0x00010000 - -/* CKF_USER_PIN_FINAL_TRY if new for v2.10. If it is true, - * supplying an incorrect user PIN will it to become locked. */ -#define CKF_USER_PIN_FINAL_TRY 0x00020000 - -/* CKF_USER_PIN_LOCKED if new for v2.10. If it is true, the - * user PIN has been locked. User login to the token is not - * possible. */ -#define CKF_USER_PIN_LOCKED 0x00040000 - -/* CKF_USER_PIN_TO_BE_CHANGED if new for v2.10. If it is true, - * the user PIN value is the default value set by token - * initialization or manufacturing, or the PIN has been - * expired by the card. */ -#define CKF_USER_PIN_TO_BE_CHANGED 0x00080000 - -/* CKF_SO_PIN_COUNT_LOW if new for v2.10. If it is true, an - * incorrect SO login PIN has been entered at least once since - * the last successful authentication. */ -#define CKF_SO_PIN_COUNT_LOW 0x00100000 - -/* CKF_SO_PIN_FINAL_TRY if new for v2.10. If it is true, - * supplying an incorrect SO PIN will it to become locked. */ -#define CKF_SO_PIN_FINAL_TRY 0x00200000 - -/* CKF_SO_PIN_LOCKED if new for v2.10. If it is true, the SO - * PIN has been locked. SO login to the token is not possible. - */ -#define CKF_SO_PIN_LOCKED 0x00400000 - -/* CKF_SO_PIN_TO_BE_CHANGED if new for v2.10. If it is true, - * the SO PIN value is the default value set by token - * initialization or manufacturing, or the PIN has been - * expired by the card. */ -#define CKF_SO_PIN_TO_BE_CHANGED 0x00800000 - -typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR; - - -/* CK_SESSION_HANDLE is a Cryptoki-assigned value that - * identifies a session */ -typedef CK_ULONG CK_SESSION_HANDLE; - -typedef CK_SESSION_HANDLE CK_PTR CK_SESSION_HANDLE_PTR; - - -/* CK_USER_TYPE enumerates the types of Cryptoki users */ -/* CK_USER_TYPE has been changed from an enum to a CK_ULONG for - * v2.0 */ -typedef CK_ULONG CK_USER_TYPE; -/* Security Officer */ -#define CKU_SO 0 -/* Normal user */ -#define CKU_USER 1 - - -/* CK_STATE enumerates the session states */ -/* CK_STATE has been changed from an enum to a CK_ULONG for - * v2.0 */ -typedef CK_ULONG CK_STATE; -#define CKS_RO_PUBLIC_SESSION 0 -#define CKS_RO_USER_FUNCTIONS 1 -#define CKS_RW_PUBLIC_SESSION 2 -#define CKS_RW_USER_FUNCTIONS 3 -#define CKS_RW_SO_FUNCTIONS 4 - - -/* CK_SESSION_INFO provides information about a session */ -typedef struct CK_SESSION_INFO { - CK_SLOT_ID slotID; - CK_STATE state; - CK_FLAGS flags; /* see below */ - - /* ulDeviceError was changed from CK_USHORT to CK_ULONG for - * v2.0 */ - CK_ULONG ulDeviceError; /* device-dependent error code */ -} CK_SESSION_INFO; - -/* The flags are defined in the following table: - * Bit Flag Mask Meaning - */ -#define CKF_RW_SESSION 0x00000002 /* session is r/w */ -#define CKF_SERIAL_SESSION 0x00000004 /* no parallel */ - -typedef CK_SESSION_INFO CK_PTR CK_SESSION_INFO_PTR; - - -/* CK_OBJECT_HANDLE is a token-specific identifier for an - * object */ -typedef CK_ULONG CK_OBJECT_HANDLE; - -typedef CK_OBJECT_HANDLE CK_PTR CK_OBJECT_HANDLE_PTR; - - -/* CK_OBJECT_CLASS is a value that identifies the classes (or - * types) of objects that Cryptoki recognizes. It is defined - * as follows: */ -/* CK_OBJECT_CLASS was changed from CK_USHORT to CK_ULONG for - * v2.0 */ -typedef CK_ULONG CK_OBJECT_CLASS; - -/* The following classes of objects are defined: */ -/* CKO_HW_FEATURE is new for v2.10 */ -/* CKO_DOMAIN_PARAMETERS is new for v2.11 */ -#define CKO_DATA 0x00000000 -#define CKO_CERTIFICATE 0x00000001 -#define CKO_PUBLIC_KEY 0x00000002 -#define CKO_PRIVATE_KEY 0x00000003 -#define CKO_SECRET_KEY 0x00000004 -#define CKO_HW_FEATURE 0x00000005 -#define CKO_DOMAIN_PARAMETERS 0x00000006 -#define CKO_VENDOR_DEFINED 0x80000000 - -typedef CK_OBJECT_CLASS CK_PTR CK_OBJECT_CLASS_PTR; - -/* CK_HW_FEATURE_TYPE is new for v2.10. CK_HW_FEATURE_TYPE is a - * value that identifies the hardware feature type of an object - * with CK_OBJECT_CLASS equal to CKO_HW_FEATURE. */ -typedef CK_ULONG CK_HW_FEATURE_TYPE; - -/* The following hardware feature types are defined */ -#define CKH_MONOTONIC_COUNTER 0x00000001 -#define CKH_CLOCK 0x00000002 -#define CKH_VENDOR_DEFINED 0x80000000 - -/* CK_KEY_TYPE is a value that identifies a key type */ -/* CK_KEY_TYPE was changed from CK_USHORT to CK_ULONG for v2.0 */ -typedef CK_ULONG CK_KEY_TYPE; - -/* the following key types are defined: */ -#define CKK_RSA 0x00000000 -#define CKK_DSA 0x00000001 -#define CKK_DH 0x00000002 - -/* CKK_ECDSA and CKK_KEA are new for v2.0 */ -/* CKK_ECDSA is deprecated in v2.11, CKK_EC is preferred. */ -#define CKK_ECDSA 0x00000003 -#define CKK_EC 0x00000003 -#define CKK_X9_42_DH 0x00000004 -#define CKK_KEA 0x00000005 - -#define CKK_GENERIC_SECRET 0x00000010 -#define CKK_RC2 0x00000011 -#define CKK_RC4 0x00000012 -#define CKK_DES 0x00000013 -#define CKK_DES2 0x00000014 -#define CKK_DES3 0x00000015 - -/* all these key types are new for v2.0 */ -#define CKK_CAST 0x00000016 -#define CKK_CAST3 0x00000017 -/* CKK_CAST5 is deprecated in v2.11, CKK_CAST128 is preferred. */ -#define CKK_CAST5 0x00000018 -#define CKK_CAST128 0x00000018 -#define CKK_RC5 0x00000019 -#define CKK_IDEA 0x0000001A -#define CKK_SKIPJACK 0x0000001B -#define CKK_BATON 0x0000001C -#define CKK_JUNIPER 0x0000001D -#define CKK_CDMF 0x0000001E -#define CKK_AES 0x0000001F - -#define CKK_VENDOR_DEFINED 0x80000000 - - -/* CK_CERTIFICATE_TYPE is a value that identifies a certificate - * type */ -/* CK_CERTIFICATE_TYPE was changed from CK_USHORT to CK_ULONG - * for v2.0 */ -typedef CK_ULONG CK_CERTIFICATE_TYPE; - -/* The following certificate types are defined: */ -/* CKC_X_509_ATTR_CERT is new for v2.10 */ -#define CKC_X_509 0x00000000 -#define CKC_X_509_ATTR_CERT 0x00000001 -#define CKC_VENDOR_DEFINED 0x80000000 - - -/* CK_ATTRIBUTE_TYPE is a value that identifies an attribute - * type */ -/* CK_ATTRIBUTE_TYPE was changed from CK_USHORT to CK_ULONG for - * v2.0 */ -typedef CK_ULONG CK_ATTRIBUTE_TYPE; - -/* The following attribute types are defined: */ -#define CKA_CLASS 0x00000000 -#define CKA_TOKEN 0x00000001 -#define CKA_PRIVATE 0x00000002 -#define CKA_LABEL 0x00000003 -#define CKA_APPLICATION 0x00000010 -#define CKA_VALUE 0x00000011 - -/* CKA_OBJECT_ID is new for v2.10 */ -#define CKA_OBJECT_ID 0x00000012 - -#define CKA_CERTIFICATE_TYPE 0x00000080 -#define CKA_ISSUER 0x00000081 -#define CKA_SERIAL_NUMBER 0x00000082 - -/* CKA_AC_ISSUER, CKA_OWNER, and CKA_ATTR_TYPES are new - * for v2.10 */ -#define CKA_AC_ISSUER 0x00000083 -#define CKA_OWNER 0x00000084 -#define CKA_ATTR_TYPES 0x00000085 - -/* CKA_TRUSTED is new for v2.11 */ -#define CKA_TRUSTED 0x00000086 - -#define CKA_KEY_TYPE 0x00000100 -#define CKA_SUBJECT 0x00000101 -#define CKA_ID 0x00000102 -#define CKA_SENSITIVE 0x00000103 -#define CKA_ENCRYPT 0x00000104 -#define CKA_DECRYPT 0x00000105 -#define CKA_WRAP 0x00000106 -#define CKA_UNWRAP 0x00000107 -#define CKA_SIGN 0x00000108 -#define CKA_SIGN_RECOVER 0x00000109 -#define CKA_VERIFY 0x0000010A -#define CKA_VERIFY_RECOVER 0x0000010B -#define CKA_DERIVE 0x0000010C -#define CKA_START_DATE 0x00000110 -#define CKA_END_DATE 0x00000111 -#define CKA_MODULUS 0x00000120 -#define CKA_MODULUS_BITS 0x00000121 -#define CKA_PUBLIC_EXPONENT 0x00000122 -#define CKA_PRIVATE_EXPONENT 0x00000123 -#define CKA_PRIME_1 0x00000124 -#define CKA_PRIME_2 0x00000125 -#define CKA_EXPONENT_1 0x00000126 -#define CKA_EXPONENT_2 0x00000127 -#define CKA_COEFFICIENT 0x00000128 -#define CKA_PRIME 0x00000130 -#define CKA_SUBPRIME 0x00000131 -#define CKA_BASE 0x00000132 - -/* CKA_PRIME_BITS and CKA_SUB_PRIME_BITS are new for v2.11 */ -#define CKA_PRIME_BITS 0x00000133 -#define CKA_SUB_PRIME_BITS 0x00000134 - -#define CKA_VALUE_BITS 0x00000160 -#define CKA_VALUE_LEN 0x00000161 - -/* CKA_EXTRACTABLE, CKA_LOCAL, CKA_NEVER_EXTRACTABLE, - * CKA_ALWAYS_SENSITIVE, CKA_MODIFIABLE, CKA_ECDSA_PARAMS, - * and CKA_EC_POINT are new for v2.0 */ -#define CKA_EXTRACTABLE 0x00000162 -#define CKA_LOCAL 0x00000163 -#define CKA_NEVER_EXTRACTABLE 0x00000164 -#define CKA_ALWAYS_SENSITIVE 0x00000165 - -/* CKA_KEY_GEN_MECHANISM is new for v2.11 */ -#define CKA_KEY_GEN_MECHANISM 0x00000166 - -#define CKA_MODIFIABLE 0x00000170 - -/* CKA_ECDSA_PARAMS is deprecated in v2.11, - * CKA_EC_PARAMS is preferred. */ -#define CKA_ECDSA_PARAMS 0x00000180 -#define CKA_EC_PARAMS 0x00000180 - -#define CKA_EC_POINT 0x00000181 - -/* CKA_SECONDARY_AUTH, CKA_AUTH_PIN_FLAGS, - * CKA_HW_FEATURE_TYPE, CKA_RESET_ON_INIT, and CKA_HAS_RESET - * are new for v2.10 */ -#define CKA_SECONDARY_AUTH 0x00000200 -#define CKA_AUTH_PIN_FLAGS 0x00000201 -#define CKA_HW_FEATURE_TYPE 0x00000300 -#define CKA_RESET_ON_INIT 0x00000301 -#define CKA_HAS_RESET 0x00000302 - -#define CKA_VENDOR_DEFINED 0x80000000 - - -/* CK_ATTRIBUTE is a structure that includes the type, length - * and value of an attribute */ -typedef struct CK_ATTRIBUTE { - CK_ATTRIBUTE_TYPE type; - CK_VOID_PTR pValue; - - /* ulValueLen went from CK_USHORT to CK_ULONG for v2.0 */ - CK_ULONG ulValueLen; /* in bytes */ -} CK_ATTRIBUTE; - -typedef CK_ATTRIBUTE CK_PTR CK_ATTRIBUTE_PTR; - - -/* CK_DATE is a structure that defines a date */ -typedef struct CK_DATE{ - CK_CHAR year[4]; /* the year ("1900" - "9999") */ - CK_CHAR month[2]; /* the month ("01" - "12") */ - CK_CHAR day[2]; /* the day ("01" - "31") */ -} CK_DATE; - - -/* CK_MECHANISM_TYPE is a value that identifies a mechanism - * type */ -/* CK_MECHANISM_TYPE was changed from CK_USHORT to CK_ULONG for - * v2.0 */ -typedef CK_ULONG CK_MECHANISM_TYPE; - -/* the following mechanism types are defined: */ -#define CKM_RSA_PKCS_KEY_PAIR_GEN 0x00000000 -#define CKM_RSA_PKCS 0x00000001 -#define CKM_RSA_9796 0x00000002 -#define CKM_RSA_X_509 0x00000003 - -/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS - * are new for v2.0. They are mechanisms which hash and sign */ -#define CKM_MD2_RSA_PKCS 0x00000004 -#define CKM_MD5_RSA_PKCS 0x00000005 -#define CKM_SHA1_RSA_PKCS 0x00000006 - -/* CKM_RIPEMD128_RSA_PKCS, CKM_RIPEMD160_RSA_PKCS, and - * CKM_RSA_PKCS_OAEP are new for v2.10 */ -#define CKM_RIPEMD128_RSA_PKCS 0x00000007 -#define CKM_RIPEMD160_RSA_PKCS 0x00000008 -#define CKM_RSA_PKCS_OAEP 0x00000009 - -/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31, - * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */ -#define CKM_RSA_X9_31_KEY_PAIR_GEN 0x0000000A -#define CKM_RSA_X9_31 0x0000000B -#define CKM_SHA1_RSA_X9_31 0x0000000C -#define CKM_RSA_PKCS_PSS 0x0000000D -#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E - -#define CKM_DSA_KEY_PAIR_GEN 0x00000010 -#define CKM_DSA 0x00000011 -#define CKM_DSA_SHA1 0x00000012 -#define CKM_DH_PKCS_KEY_PAIR_GEN 0x00000020 -#define CKM_DH_PKCS_DERIVE 0x00000021 - -/* CKM_X9_42_DH_KEY_PAIR_GEN, CKM_X9_42_DH_DERIVE, - * CKM_X9_42_DH_HYBRID_DERIVE, and CKM_X9_42_MQV_DERIVE are new for - * v2.11 */ -#define CKM_X9_42_DH_KEY_PAIR_GEN 0x00000030 -#define CKM_X9_42_DH_DERIVE 0x00000031 -#define CKM_X9_42_DH_HYBRID_DERIVE 0x00000032 -#define CKM_X9_42_MQV_DERIVE 0x00000033 - -#define CKM_RC2_KEY_GEN 0x00000100 -#define CKM_RC2_ECB 0x00000101 -#define CKM_RC2_CBC 0x00000102 -#define CKM_RC2_MAC 0x00000103 - -/* CKM_RC2_MAC_GENERAL and CKM_RC2_CBC_PAD are new for v2.0 */ -#define CKM_RC2_MAC_GENERAL 0x00000104 -#define CKM_RC2_CBC_PAD 0x00000105 - -#define CKM_RC4_KEY_GEN 0x00000110 -#define CKM_RC4 0x00000111 -#define CKM_DES_KEY_GEN 0x00000120 -#define CKM_DES_ECB 0x00000121 -#define CKM_DES_CBC 0x00000122 -#define CKM_DES_MAC 0x00000123 - -/* CKM_DES_MAC_GENERAL and CKM_DES_CBC_PAD are new for v2.0 */ -#define CKM_DES_MAC_GENERAL 0x00000124 -#define CKM_DES_CBC_PAD 0x00000125 - -#define CKM_DES2_KEY_GEN 0x00000130 -#define CKM_DES3_KEY_GEN 0x00000131 -#define CKM_DES3_ECB 0x00000132 -#define CKM_DES3_CBC 0x00000133 -#define CKM_DES3_MAC 0x00000134 - -/* CKM_DES3_MAC_GENERAL, CKM_DES3_CBC_PAD, CKM_CDMF_KEY_GEN, - * CKM_CDMF_ECB, CKM_CDMF_CBC, CKM_CDMF_MAC, - * CKM_CDMF_MAC_GENERAL, and CKM_CDMF_CBC_PAD are new for v2.0 */ -#define CKM_DES3_MAC_GENERAL 0x00000135 -#define CKM_DES3_CBC_PAD 0x00000136 -#define CKM_CDMF_KEY_GEN 0x00000140 -#define CKM_CDMF_ECB 0x00000141 -#define CKM_CDMF_CBC 0x00000142 -#define CKM_CDMF_MAC 0x00000143 -#define CKM_CDMF_MAC_GENERAL 0x00000144 -#define CKM_CDMF_CBC_PAD 0x00000145 - -#define CKM_MD2 0x00000200 - -/* CKM_MD2_HMAC and CKM_MD2_HMAC_GENERAL are new for v2.0 */ -#define CKM_MD2_HMAC 0x00000201 -#define CKM_MD2_HMAC_GENERAL 0x00000202 - -#define CKM_MD5 0x00000210 - -/* CKM_MD5_HMAC and CKM_MD5_HMAC_GENERAL are new for v2.0 */ -#define CKM_MD5_HMAC 0x00000211 -#define CKM_MD5_HMAC_GENERAL 0x00000212 - -#define CKM_SHA_1 0x00000220 - -/* CKM_SHA_1_HMAC and CKM_SHA_1_HMAC_GENERAL are new for v2.0 */ -#define CKM_SHA_1_HMAC 0x00000221 -#define CKM_SHA_1_HMAC_GENERAL 0x00000222 - -/* CKM_RIPEMD128, CKM_RIPEMD128_HMAC, - * CKM_RIPEMD128_HMAC_GENERAL, CKM_RIPEMD160, CKM_RIPEMD160_HMAC, - * and CKM_RIPEMD160_HMAC_GENERAL are new for v2.10 */ -#define CKM_RIPEMD128 0x00000230 -#define CKM_RIPEMD128_HMAC 0x00000231 -#define CKM_RIPEMD128_HMAC_GENERAL 0x00000232 -#define CKM_RIPEMD160 0x00000240 -#define CKM_RIPEMD160_HMAC 0x00000241 -#define CKM_RIPEMD160_HMAC_GENERAL 0x00000242 - -/* All of the following mechanisms are new for v2.0 */ -/* Note that CAST128 and CAST5 are the same algorithm */ -#define CKM_CAST_KEY_GEN 0x00000300 -#define CKM_CAST_ECB 0x00000301 -#define CKM_CAST_CBC 0x00000302 -#define CKM_CAST_MAC 0x00000303 -#define CKM_CAST_MAC_GENERAL 0x00000304 -#define CKM_CAST_CBC_PAD 0x00000305 -#define CKM_CAST3_KEY_GEN 0x00000310 -#define CKM_CAST3_ECB 0x00000311 -#define CKM_CAST3_CBC 0x00000312 -#define CKM_CAST3_MAC 0x00000313 -#define CKM_CAST3_MAC_GENERAL 0x00000314 -#define CKM_CAST3_CBC_PAD 0x00000315 -#define CKM_CAST5_KEY_GEN 0x00000320 -#define CKM_CAST128_KEY_GEN 0x00000320 -#define CKM_CAST5_ECB 0x00000321 -#define CKM_CAST128_ECB 0x00000321 -#define CKM_CAST5_CBC 0x00000322 -#define CKM_CAST128_CBC 0x00000322 -#define CKM_CAST5_MAC 0x00000323 -#define CKM_CAST128_MAC 0x00000323 -#define CKM_CAST5_MAC_GENERAL 0x00000324 -#define CKM_CAST128_MAC_GENERAL 0x00000324 -#define CKM_CAST5_CBC_PAD 0x00000325 -#define CKM_CAST128_CBC_PAD 0x00000325 -#define CKM_RC5_KEY_GEN 0x00000330 -#define CKM_RC5_ECB 0x00000331 -#define CKM_RC5_CBC 0x00000332 -#define CKM_RC5_MAC 0x00000333 -#define CKM_RC5_MAC_GENERAL 0x00000334 -#define CKM_RC5_CBC_PAD 0x00000335 -#define CKM_IDEA_KEY_GEN 0x00000340 -#define CKM_IDEA_ECB 0x00000341 -#define CKM_IDEA_CBC 0x00000342 -#define CKM_IDEA_MAC 0x00000343 -#define CKM_IDEA_MAC_GENERAL 0x00000344 -#define CKM_IDEA_CBC_PAD 0x00000345 -#define CKM_GENERIC_SECRET_KEY_GEN 0x00000350 -#define CKM_CONCATENATE_BASE_AND_KEY 0x00000360 -#define CKM_CONCATENATE_BASE_AND_DATA 0x00000362 -#define CKM_CONCATENATE_DATA_AND_BASE 0x00000363 -#define CKM_XOR_BASE_AND_DATA 0x00000364 -#define CKM_EXTRACT_KEY_FROM_KEY 0x00000365 -#define CKM_SSL3_PRE_MASTER_KEY_GEN 0x00000370 -#define CKM_SSL3_MASTER_KEY_DERIVE 0x00000371 -#define CKM_SSL3_KEY_AND_MAC_DERIVE 0x00000372 - -/* CKM_SSL3_MASTER_KEY_DERIVE_DH, CKM_TLS_PRE_MASTER_KEY_GEN, - * CKM_TLS_MASTER_KEY_DERIVE, CKM_TLS_KEY_AND_MAC_DERIVE, and - * CKM_TLS_MASTER_KEY_DERIVE_DH are new for v2.11 */ -#define CKM_SSL3_MASTER_KEY_DERIVE_DH 0x00000373 -#define CKM_TLS_PRE_MASTER_KEY_GEN 0x00000374 -#define CKM_TLS_MASTER_KEY_DERIVE 0x00000375 -#define CKM_TLS_KEY_AND_MAC_DERIVE 0x00000376 -#define CKM_TLS_MASTER_KEY_DERIVE_DH 0x00000377 - -#define CKM_SSL3_MD5_MAC 0x00000380 -#define CKM_SSL3_SHA1_MAC 0x00000381 -#define CKM_MD5_KEY_DERIVATION 0x00000390 -#define CKM_MD2_KEY_DERIVATION 0x00000391 -#define CKM_SHA1_KEY_DERIVATION 0x00000392 -#define CKM_PBE_MD2_DES_CBC 0x000003A0 -#define CKM_PBE_MD5_DES_CBC 0x000003A1 -#define CKM_PBE_MD5_CAST_CBC 0x000003A2 -#define CKM_PBE_MD5_CAST3_CBC 0x000003A3 -#define CKM_PBE_MD5_CAST5_CBC 0x000003A4 -#define CKM_PBE_MD5_CAST128_CBC 0x000003A4 -#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5 -#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5 -#define CKM_PBE_SHA1_RC4_128 0x000003A6 -#define CKM_PBE_SHA1_RC4_40 0x000003A7 -#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8 -#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 -#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA -#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB - -/* CKM_PKCS5_PBKD2 is new for v2.10 */ -#define CKM_PKCS5_PBKD2 0x000003B0 - -#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0 -#define CKM_KEY_WRAP_LYNKS 0x00000400 -#define CKM_KEY_WRAP_SET_OAEP 0x00000401 - -/* Fortezza mechanisms */ -#define CKM_SKIPJACK_KEY_GEN 0x00001000 -#define CKM_SKIPJACK_ECB64 0x00001001 -#define CKM_SKIPJACK_CBC64 0x00001002 -#define CKM_SKIPJACK_OFB64 0x00001003 -#define CKM_SKIPJACK_CFB64 0x00001004 -#define CKM_SKIPJACK_CFB32 0x00001005 -#define CKM_SKIPJACK_CFB16 0x00001006 -#define CKM_SKIPJACK_CFB8 0x00001007 -#define CKM_SKIPJACK_WRAP 0x00001008 -#define CKM_SKIPJACK_PRIVATE_WRAP 0x00001009 -#define CKM_SKIPJACK_RELAYX 0x0000100a -#define CKM_KEA_KEY_PAIR_GEN 0x00001010 -#define CKM_KEA_KEY_DERIVE 0x00001011 -#define CKM_FORTEZZA_TIMESTAMP 0x00001020 -#define CKM_BATON_KEY_GEN 0x00001030 -#define CKM_BATON_ECB128 0x00001031 -#define CKM_BATON_ECB96 0x00001032 -#define CKM_BATON_CBC128 0x00001033 -#define CKM_BATON_COUNTER 0x00001034 -#define CKM_BATON_SHUFFLE 0x00001035 -#define CKM_BATON_WRAP 0x00001036 - -/* CKM_ECDSA_KEY_PAIR_GEN is deprecated in v2.11, - * CKM_EC_KEY_PAIR_GEN is preferred */ -#define CKM_ECDSA_KEY_PAIR_GEN 0x00001040 -#define CKM_EC_KEY_PAIR_GEN 0x00001040 - -#define CKM_ECDSA 0x00001041 -#define CKM_ECDSA_SHA1 0x00001042 - -/* CKM_ECDH1_DERIVE, CKM_ECDH1_COFACTOR_DERIVE, and CKM_ECMQV_DERIVE - * are new for v2.11 */ -#define CKM_ECDH1_DERIVE 0x00001050 -#define CKM_ECDH1_COFACTOR_DERIVE 0x00001051 -#define CKM_ECMQV_DERIVE 0x00001052 - -#define CKM_JUNIPER_KEY_GEN 0x00001060 -#define CKM_JUNIPER_ECB128 0x00001061 -#define CKM_JUNIPER_CBC128 0x00001062 -#define CKM_JUNIPER_COUNTER 0x00001063 -#define CKM_JUNIPER_SHUFFLE 0x00001064 -#define CKM_JUNIPER_WRAP 0x00001065 -#define CKM_FASTHASH 0x00001070 - -/* CKM_AES_KEY_GEN, CKM_AES_ECB, CKM_AES_CBC, CKM_AES_MAC, - * CKM_AES_MAC_GENERAL, CKM_AES_CBC_PAD, CKM_DSA_PARAMETER_GEN, - * CKM_DH_PKCS_PARAMETER_GEN, and CKM_X9_42_DH_PARAMETER_GEN are - * new for v2.11 */ -#define CKM_AES_KEY_GEN 0x00001080 -#define CKM_AES_ECB 0x00001081 -#define CKM_AES_CBC 0x00001082 -#define CKM_AES_MAC 0x00001083 -#define CKM_AES_MAC_GENERAL 0x00001084 -#define CKM_AES_CBC_PAD 0x00001085 -#define CKM_DSA_PARAMETER_GEN 0x00002000 -#define CKM_DH_PKCS_PARAMETER_GEN 0x00002001 -#define CKM_X9_42_DH_PARAMETER_GEN 0x00002002 - -#define CKM_VENDOR_DEFINED 0x80000000 - -typedef CK_MECHANISM_TYPE CK_PTR CK_MECHANISM_TYPE_PTR; - - -/* CK_MECHANISM is a structure that specifies a particular - * mechanism */ -typedef struct CK_MECHANISM { - CK_MECHANISM_TYPE mechanism; - CK_VOID_PTR pParameter; - - /* ulParameterLen was changed from CK_USHORT to CK_ULONG for - * v2.0 */ - CK_ULONG ulParameterLen; /* in bytes */ -} CK_MECHANISM; - -typedef CK_MECHANISM CK_PTR CK_MECHANISM_PTR; - - -/* CK_MECHANISM_INFO provides information about a particular - * mechanism */ -typedef struct CK_MECHANISM_INFO { - CK_ULONG ulMinKeySize; - CK_ULONG ulMaxKeySize; - CK_FLAGS flags; -} CK_MECHANISM_INFO; - -/* The flags are defined as follows: - * Bit Flag Mask Meaning */ -#define CKF_HW 0x00000001 /* performed by HW */ - -/* The flags CKF_ENCRYPT, CKF_DECRYPT, CKF_DIGEST, CKF_SIGN, - * CKG_SIGN_RECOVER, CKF_VERIFY, CKF_VERIFY_RECOVER, - * CKF_GENERATE, CKF_GENERATE_KEY_PAIR, CKF_WRAP, CKF_UNWRAP, - * and CKF_DERIVE are new for v2.0. They specify whether or not - * a mechanism can be used for a particular task */ -#define CKF_ENCRYPT 0x00000100 -#define CKF_DECRYPT 0x00000200 -#define CKF_DIGEST 0x00000400 -#define CKF_SIGN 0x00000800 -#define CKF_SIGN_RECOVER 0x00001000 -#define CKF_VERIFY 0x00002000 -#define CKF_VERIFY_RECOVER 0x00004000 -#define CKF_GENERATE 0x00008000 -#define CKF_GENERATE_KEY_PAIR 0x00010000 -#define CKF_WRAP 0x00020000 -#define CKF_UNWRAP 0x00040000 -#define CKF_DERIVE 0x00080000 - -/* CKF_EC_F_P, CKF_EC_F_2M, CKF_EC_ECPARAMETERS, CKF_EC_NAMEDCURVE, - * CKF_EC_UNCOMPRESS, and CKF_EC_COMPRESS are new for v2.11. They - * describe a token's EC capabilities not available in mechanism - * information. */ -#define CKF_EC_F_P 0x00100000 -#define CKF_EC_F_2M 0x00200000 -#define CKF_EC_ECPARAMETERS 0x00400000 -#define CKF_EC_NAMEDCURVE 0x00800000 -#define CKF_EC_UNCOMPRESS 0x01000000 -#define CKF_EC_COMPRESS 0x02000000 - -#define CKF_EXTENSION 0x80000000 /* FALSE for 2.01 */ - -typedef CK_MECHANISM_INFO CK_PTR CK_MECHANISM_INFO_PTR; - - -/* CK_RV is a value that identifies the return value of a - * Cryptoki function */ -/* CK_RV was changed from CK_USHORT to CK_ULONG for v2.0 */ -typedef CK_ULONG CK_RV; - -#define CKR_OK 0x00000000 -#define CKR_CANCEL 0x00000001 -#define CKR_HOST_MEMORY 0x00000002 -#define CKR_SLOT_ID_INVALID 0x00000003 - -/* CKR_FLAGS_INVALID was removed for v2.0 */ - -/* CKR_GENERAL_ERROR and CKR_FUNCTION_FAILED are new for v2.0 */ -#define CKR_GENERAL_ERROR 0x00000005 -#define CKR_FUNCTION_FAILED 0x00000006 - -/* CKR_ARGUMENTS_BAD, CKR_NO_EVENT, CKR_NEED_TO_CREATE_THREADS, - * and CKR_CANT_LOCK are new for v2.01 */ -#define CKR_ARGUMENTS_BAD 0x00000007 -#define CKR_NO_EVENT 0x00000008 -#define CKR_NEED_TO_CREATE_THREADS 0x00000009 -#define CKR_CANT_LOCK 0x0000000A - -#define CKR_ATTRIBUTE_READ_ONLY 0x00000010 -#define CKR_ATTRIBUTE_SENSITIVE 0x00000011 -#define CKR_ATTRIBUTE_TYPE_INVALID 0x00000012 -#define CKR_ATTRIBUTE_VALUE_INVALID 0x00000013 -#define CKR_DATA_INVALID 0x00000020 -#define CKR_DATA_LEN_RANGE 0x00000021 -#define CKR_DEVICE_ERROR 0x00000030 -#define CKR_DEVICE_MEMORY 0x00000031 -#define CKR_DEVICE_REMOVED 0x00000032 -#define CKR_ENCRYPTED_DATA_INVALID 0x00000040 -#define CKR_ENCRYPTED_DATA_LEN_RANGE 0x00000041 -#define CKR_FUNCTION_CANCELED 0x00000050 -#define CKR_FUNCTION_NOT_PARALLEL 0x00000051 - -/* CKR_FUNCTION_NOT_SUPPORTED is new for v2.0 */ -#define CKR_FUNCTION_NOT_SUPPORTED 0x00000054 - -#define CKR_KEY_HANDLE_INVALID 0x00000060 - -/* CKR_KEY_SENSITIVE was removed for v2.0 */ - -#define CKR_KEY_SIZE_RANGE 0x00000062 -#define CKR_KEY_TYPE_INCONSISTENT 0x00000063 - -/* CKR_KEY_NOT_NEEDED, CKR_KEY_CHANGED, CKR_KEY_NEEDED, - * CKR_KEY_INDIGESTIBLE, CKR_KEY_FUNCTION_NOT_PERMITTED, - * CKR_KEY_NOT_WRAPPABLE, and CKR_KEY_UNEXTRACTABLE are new for - * v2.0 */ -#define CKR_KEY_NOT_NEEDED 0x00000064 -#define CKR_KEY_CHANGED 0x00000065 -#define CKR_KEY_NEEDED 0x00000066 -#define CKR_KEY_INDIGESTIBLE 0x00000067 -#define CKR_KEY_FUNCTION_NOT_PERMITTED 0x00000068 -#define CKR_KEY_NOT_WRAPPABLE 0x00000069 -#define CKR_KEY_UNEXTRACTABLE 0x0000006A - -#define CKR_MECHANISM_INVALID 0x00000070 -#define CKR_MECHANISM_PARAM_INVALID 0x00000071 - -/* CKR_OBJECT_CLASS_INCONSISTENT and CKR_OBJECT_CLASS_INVALID - * were removed for v2.0 */ -#define CKR_OBJECT_HANDLE_INVALID 0x00000082 -#define CKR_OPERATION_ACTIVE 0x00000090 -#define CKR_OPERATION_NOT_INITIALIZED 0x00000091 -#define CKR_PIN_INCORRECT 0x000000A0 -#define CKR_PIN_INVALID 0x000000A1 -#define CKR_PIN_LEN_RANGE 0x000000A2 - -/* CKR_PIN_EXPIRED and CKR_PIN_LOCKED are new for v2.0 */ -#define CKR_PIN_EXPIRED 0x000000A3 -#define CKR_PIN_LOCKED 0x000000A4 - -#define CKR_SESSION_CLOSED 0x000000B0 -#define CKR_SESSION_COUNT 0x000000B1 -#define CKR_SESSION_HANDLE_INVALID 0x000000B3 -#define CKR_SESSION_PARALLEL_NOT_SUPPORTED 0x000000B4 -#define CKR_SESSION_READ_ONLY 0x000000B5 -#define CKR_SESSION_EXISTS 0x000000B6 - -/* CKR_SESSION_READ_ONLY_EXISTS and - * CKR_SESSION_READ_WRITE_SO_EXISTS are new for v2.0 */ -#define CKR_SESSION_READ_ONLY_EXISTS 0x000000B7 -#define CKR_SESSION_READ_WRITE_SO_EXISTS 0x000000B8 - -#define CKR_SIGNATURE_INVALID 0x000000C0 -#define CKR_SIGNATURE_LEN_RANGE 0x000000C1 -#define CKR_TEMPLATE_INCOMPLETE 0x000000D0 -#define CKR_TEMPLATE_INCONSISTENT 0x000000D1 -#define CKR_TOKEN_NOT_PRESENT 0x000000E0 -#define CKR_TOKEN_NOT_RECOGNIZED 0x000000E1 -#define CKR_TOKEN_WRITE_PROTECTED 0x000000E2 -#define CKR_UNWRAPPING_KEY_HANDLE_INVALID 0x000000F0 -#define CKR_UNWRAPPING_KEY_SIZE_RANGE 0x000000F1 -#define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT 0x000000F2 -#define CKR_USER_ALREADY_LOGGED_IN 0x00000100 -#define CKR_USER_NOT_LOGGED_IN 0x00000101 -#define CKR_USER_PIN_NOT_INITIALIZED 0x00000102 -#define CKR_USER_TYPE_INVALID 0x00000103 - -/* CKR_USER_ANOTHER_ALREADY_LOGGED_IN and CKR_USER_TOO_MANY_TYPES - * are new to v2.01 */ -#define CKR_USER_ANOTHER_ALREADY_LOGGED_IN 0x00000104 -#define CKR_USER_TOO_MANY_TYPES 0x00000105 - -#define CKR_WRAPPED_KEY_INVALID 0x00000110 -#define CKR_WRAPPED_KEY_LEN_RANGE 0x00000112 -#define CKR_WRAPPING_KEY_HANDLE_INVALID 0x00000113 -#define CKR_WRAPPING_KEY_SIZE_RANGE 0x00000114 -#define CKR_WRAPPING_KEY_TYPE_INCONSISTENT 0x00000115 -#define CKR_RANDOM_SEED_NOT_SUPPORTED 0x00000120 - -/* These are new to v2.0 */ -#define CKR_RANDOM_NO_RNG 0x00000121 - -/* These are new to v2.11 */ -#define CKR_DOMAIN_PARAMS_INVALID 0x00000130 - -/* These are new to v2.0 */ -#define CKR_BUFFER_TOO_SMALL 0x00000150 -#define CKR_SAVED_STATE_INVALID 0x00000160 -#define CKR_INFORMATION_SENSITIVE 0x00000170 -#define CKR_STATE_UNSAVEABLE 0x00000180 - -/* These are new to v2.01 */ -#define CKR_CRYPTOKI_NOT_INITIALIZED 0x00000190 -#define CKR_CRYPTOKI_ALREADY_INITIALIZED 0x00000191 -#define CKR_MUTEX_BAD 0x000001A0 -#define CKR_MUTEX_NOT_LOCKED 0x000001A1 - -#define CKR_VENDOR_DEFINED 0x80000000 - - -/* CK_NOTIFY is an application callback that processes events */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_NOTIFY)( - CK_SESSION_HANDLE hSession, /* the session's handle */ - CK_NOTIFICATION event, - CK_VOID_PTR pApplication /* passed to C_OpenSession */ -); - - -/* CK_FUNCTION_LIST is a structure holding a Cryptoki spec - * version and pointers of appropriate types to all the - * Cryptoki functions */ -/* CK_FUNCTION_LIST is new for v2.0 */ -typedef struct CK_FUNCTION_LIST CK_FUNCTION_LIST; - -typedef CK_FUNCTION_LIST CK_PTR CK_FUNCTION_LIST_PTR; - -typedef CK_FUNCTION_LIST_PTR CK_PTR CK_FUNCTION_LIST_PTR_PTR; - - -/* CK_CREATEMUTEX is an application callback for creating a - * mutex object */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_CREATEMUTEX)( - CK_VOID_PTR_PTR ppMutex /* location to receive ptr to mutex */ -); - - -/* CK_DESTROYMUTEX is an application callback for destroying a - * mutex object */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_DESTROYMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_LOCKMUTEX is an application callback for locking a mutex */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_LOCKMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_UNLOCKMUTEX is an application callback for unlocking a - * mutex */ -typedef CK_CALLBACK_FUNCTION(CK_RV, CK_UNLOCKMUTEX)( - CK_VOID_PTR pMutex /* pointer to mutex */ -); - - -/* CK_C_INITIALIZE_ARGS provides the optional arguments to - * C_Initialize */ -typedef struct CK_C_INITIALIZE_ARGS { - CK_CREATEMUTEX CreateMutex; - CK_DESTROYMUTEX DestroyMutex; - CK_LOCKMUTEX LockMutex; - CK_UNLOCKMUTEX UnlockMutex; - CK_FLAGS flags; - CK_VOID_PTR pReserved; -} CK_C_INITIALIZE_ARGS; - -/* flags: bit flags that provide capabilities of the slot - * Bit Flag Mask Meaning - */ -#define CKF_LIBRARY_CANT_CREATE_OS_THREADS 0x00000001 -#define CKF_OS_LOCKING_OK 0x00000002 - -typedef CK_C_INITIALIZE_ARGS CK_PTR CK_C_INITIALIZE_ARGS_PTR; - - -/* additional flags for parameters to functions */ - -/* CKF_DONT_BLOCK is for the function C_WaitForSlotEvent */ -#define CKF_DONT_BLOCK 1 - -/* CK_RSA_PKCS_OAEP_MGF_TYPE is new for v2.10. - * CK_RSA_PKCS_OAEP_MGF_TYPE is used to indicate the Message - * Generation Function (MGF) applied to a message block when - * formatting a message block for the PKCS #1 OAEP encryption - * scheme. */ -typedef CK_ULONG CK_RSA_PKCS_MGF_TYPE; - -typedef CK_RSA_PKCS_MGF_TYPE CK_PTR CK_RSA_PKCS_MGF_TYPE_PTR; - -/* The following MGFs are defined */ -#define CKG_MGF1_SHA1 0x00000001 - -/* CK_RSA_PKCS_OAEP_SOURCE_TYPE is new for v2.10. - * CK_RSA_PKCS_OAEP_SOURCE_TYPE is used to indicate the source - * of the encoding parameter when formatting a message block - * for the PKCS #1 OAEP encryption scheme. */ -typedef CK_ULONG CK_RSA_PKCS_OAEP_SOURCE_TYPE; - -typedef CK_RSA_PKCS_OAEP_SOURCE_TYPE CK_PTR CK_RSA_PKCS_OAEP_SOURCE_TYPE_PTR; - -/* The following encoding parameter sources are defined */ -#define CKZ_DATA_SPECIFIED 0x00000001 - -/* CK_RSA_PKCS_OAEP_PARAMS is new for v2.10. - * CK_RSA_PKCS_OAEP_PARAMS provides the parameters to the - * CKM_RSA_PKCS_OAEP mechanism. */ -typedef struct CK_RSA_PKCS_OAEP_PARAMS { - CK_MECHANISM_TYPE hashAlg; - CK_RSA_PKCS_MGF_TYPE mgf; - CK_RSA_PKCS_OAEP_SOURCE_TYPE source; - CK_VOID_PTR pSourceData; - CK_ULONG ulSourceDataLen; -} CK_RSA_PKCS_OAEP_PARAMS; - -typedef CK_RSA_PKCS_OAEP_PARAMS CK_PTR CK_RSA_PKCS_OAEP_PARAMS_PTR; - -/* CK_RSA_PKCS_PSS_PARAMS is new for v2.11. - * CK_RSA_PKCS_PSS_PARAMS provides the parameters to the - * CKM_RSA_PKCS_PSS mechanism(s). */ -typedef struct CK_RSA_PKCS_PSS_PARAMS { - CK_MECHANISM_TYPE hashAlg; - CK_RSA_PKCS_MGF_TYPE mgf; - CK_ULONG sLen; -} CK_RSA_PKCS_PSS_PARAMS; - -/* CK_KEA_DERIVE_PARAMS provides the parameters to the - * CKM_KEA_DERIVE mechanism */ -/* CK_KEA_DERIVE_PARAMS is new for v2.0 */ -typedef struct CK_KEA_DERIVE_PARAMS { - CK_BBOOL isSender; - CK_ULONG ulRandomLen; - CK_BYTE_PTR pRandomA; - CK_BYTE_PTR pRandomB; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; -} CK_KEA_DERIVE_PARAMS; - -typedef CK_KEA_DERIVE_PARAMS CK_PTR CK_KEA_DERIVE_PARAMS_PTR; - - -/* CK_RC2_PARAMS provides the parameters to the CKM_RC2_ECB and - * CKM_RC2_MAC mechanisms. An instance of CK_RC2_PARAMS just - * holds the effective keysize */ -typedef CK_ULONG CK_RC2_PARAMS; - -typedef CK_RC2_PARAMS CK_PTR CK_RC2_PARAMS_PTR; - - -/* CK_RC2_CBC_PARAMS provides the parameters to the CKM_RC2_CBC - * mechanism */ -typedef struct CK_RC2_CBC_PARAMS { - /* ulEffectiveBits was changed from CK_USHORT to CK_ULONG for - * v2.0 */ - CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ - - CK_BYTE iv[8]; /* IV for CBC mode */ -} CK_RC2_CBC_PARAMS; - -typedef CK_RC2_CBC_PARAMS CK_PTR CK_RC2_CBC_PARAMS_PTR; - - -/* CK_RC2_MAC_GENERAL_PARAMS provides the parameters for the - * CKM_RC2_MAC_GENERAL mechanism */ -/* CK_RC2_MAC_GENERAL_PARAMS is new for v2.0 */ -typedef struct CK_RC2_MAC_GENERAL_PARAMS { - CK_ULONG ulEffectiveBits; /* effective bits (1-1024) */ - CK_ULONG ulMacLength; /* Length of MAC in bytes */ -} CK_RC2_MAC_GENERAL_PARAMS; - -typedef CK_RC2_MAC_GENERAL_PARAMS CK_PTR \ - CK_RC2_MAC_GENERAL_PARAMS_PTR; - - -/* CK_RC5_PARAMS provides the parameters to the CKM_RC5_ECB and - * CKM_RC5_MAC mechanisms */ -/* CK_RC5_PARAMS is new for v2.0 */ -typedef struct CK_RC5_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ -} CK_RC5_PARAMS; - -typedef CK_RC5_PARAMS CK_PTR CK_RC5_PARAMS_PTR; - - -/* CK_RC5_CBC_PARAMS provides the parameters to the CKM_RC5_CBC - * mechanism */ -/* CK_RC5_CBC_PARAMS is new for v2.0 */ -typedef struct CK_RC5_CBC_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ - CK_BYTE_PTR pIv; /* pointer to IV */ - CK_ULONG ulIvLen; /* length of IV in bytes */ -} CK_RC5_CBC_PARAMS; - -typedef CK_RC5_CBC_PARAMS CK_PTR CK_RC5_CBC_PARAMS_PTR; - - -/* CK_RC5_MAC_GENERAL_PARAMS provides the parameters for the - * CKM_RC5_MAC_GENERAL mechanism */ -/* CK_RC5_MAC_GENERAL_PARAMS is new for v2.0 */ -typedef struct CK_RC5_MAC_GENERAL_PARAMS { - CK_ULONG ulWordsize; /* wordsize in bits */ - CK_ULONG ulRounds; /* number of rounds */ - CK_ULONG ulMacLength; /* Length of MAC in bytes */ -} CK_RC5_MAC_GENERAL_PARAMS; - -typedef CK_RC5_MAC_GENERAL_PARAMS CK_PTR \ - CK_RC5_MAC_GENERAL_PARAMS_PTR; - - -/* CK_MAC_GENERAL_PARAMS provides the parameters to most block - * ciphers' MAC_GENERAL mechanisms. Its value is the length of - * the MAC */ -/* CK_MAC_GENERAL_PARAMS is new for v2.0 */ -typedef CK_ULONG CK_MAC_GENERAL_PARAMS; - -typedef CK_MAC_GENERAL_PARAMS CK_PTR CK_MAC_GENERAL_PARAMS_PTR; - - -/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS provides the parameters to the - * CKM_SKIPJACK_PRIVATE_WRAP mechanism */ -/* CK_SKIPJACK_PRIVATE_WRAP_PARAMS is new for v2.0 */ -typedef struct CK_SKIPJACK_PRIVATE_WRAP_PARAMS { - CK_ULONG ulPasswordLen; - CK_BYTE_PTR pPassword; - CK_ULONG ulPublicDataLen; - CK_BYTE_PTR pPublicData; - CK_ULONG ulPAndGLen; - CK_ULONG ulQLen; - CK_ULONG ulRandomLen; - CK_BYTE_PTR pRandomA; - CK_BYTE_PTR pPrimeP; - CK_BYTE_PTR pBaseG; - CK_BYTE_PTR pSubprimeQ; -} CK_SKIPJACK_PRIVATE_WRAP_PARAMS; - -typedef CK_SKIPJACK_PRIVATE_WRAP_PARAMS CK_PTR \ - CK_SKIPJACK_PRIVATE_WRAP_PTR; - - -/* CK_SKIPJACK_RELAYX_PARAMS provides the parameters to the - * CKM_SKIPJACK_RELAYX mechanism */ -/* CK_SKIPJACK_RELAYX_PARAMS is new for v2.0 */ -typedef struct CK_SKIPJACK_RELAYX_PARAMS { - CK_ULONG ulOldWrappedXLen; - CK_BYTE_PTR pOldWrappedX; - CK_ULONG ulOldPasswordLen; - CK_BYTE_PTR pOldPassword; - CK_ULONG ulOldPublicDataLen; - CK_BYTE_PTR pOldPublicData; - CK_ULONG ulOldRandomLen; - CK_BYTE_PTR pOldRandomA; - CK_ULONG ulNewPasswordLen; - CK_BYTE_PTR pNewPassword; - CK_ULONG ulNewPublicDataLen; - CK_BYTE_PTR pNewPublicData; - CK_ULONG ulNewRandomLen; - CK_BYTE_PTR pNewRandomA; -} CK_SKIPJACK_RELAYX_PARAMS; - -typedef CK_SKIPJACK_RELAYX_PARAMS CK_PTR \ - CK_SKIPJACK_RELAYX_PARAMS_PTR; - - -typedef struct CK_PBE_PARAMS { - CK_BYTE_PTR pInitVector; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG ulPasswordLen; - CK_BYTE_PTR pSalt; - CK_ULONG ulSaltLen; - CK_ULONG ulIteration; -} CK_PBE_PARAMS; - -typedef CK_PBE_PARAMS CK_PTR CK_PBE_PARAMS_PTR; - - -/* CK_KEY_WRAP_SET_OAEP_PARAMS provides the parameters to the - * CKM_KEY_WRAP_SET_OAEP mechanism */ -/* CK_KEY_WRAP_SET_OAEP_PARAMS is new for v2.0 */ -typedef struct CK_KEY_WRAP_SET_OAEP_PARAMS { - CK_BYTE bBC; /* block contents byte */ - CK_BYTE_PTR pX; /* extra data */ - CK_ULONG ulXLen; /* length of extra data in bytes */ -} CK_KEY_WRAP_SET_OAEP_PARAMS; - -typedef CK_KEY_WRAP_SET_OAEP_PARAMS CK_PTR \ - CK_KEY_WRAP_SET_OAEP_PARAMS_PTR; - - -typedef struct CK_SSL3_RANDOM_DATA { - CK_BYTE_PTR pClientRandom; - CK_ULONG ulClientRandomLen; - CK_BYTE_PTR pServerRandom; - CK_ULONG ulServerRandomLen; -} CK_SSL3_RANDOM_DATA; - - -typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS { - CK_SSL3_RANDOM_DATA RandomInfo; - CK_VERSION_PTR pVersion; -} CK_SSL3_MASTER_KEY_DERIVE_PARAMS; - -typedef struct CK_SSL3_MASTER_KEY_DERIVE_PARAMS CK_PTR \ - CK_SSL3_MASTER_KEY_DERIVE_PARAMS_PTR; - - -typedef struct CK_SSL3_KEY_MAT_OUT { - CK_OBJECT_HANDLE hClientMacSecret; - CK_OBJECT_HANDLE hServerMacSecret; - CK_OBJECT_HANDLE hClientKey; - CK_OBJECT_HANDLE hServerKey; - CK_BYTE_PTR pIVClient; - CK_BYTE_PTR pIVServer; -} CK_SSL3_KEY_MAT_OUT; - -typedef CK_SSL3_KEY_MAT_OUT CK_PTR CK_SSL3_KEY_MAT_OUT_PTR; - - -typedef struct CK_SSL3_KEY_MAT_PARAMS { - CK_ULONG ulMacSizeInBits; - CK_ULONG ulKeySizeInBits; - CK_ULONG ulIVSizeInBits; - CK_BBOOL bIsExport; - CK_SSL3_RANDOM_DATA RandomInfo; - CK_SSL3_KEY_MAT_OUT_PTR pReturnedKeyMaterial; -} CK_SSL3_KEY_MAT_PARAMS; - -typedef CK_SSL3_KEY_MAT_PARAMS CK_PTR CK_SSL3_KEY_MAT_PARAMS_PTR; - - -typedef struct CK_KEY_DERIVATION_STRING_DATA { - CK_BYTE_PTR pData; - CK_ULONG ulLen; -} CK_KEY_DERIVATION_STRING_DATA; - -typedef CK_KEY_DERIVATION_STRING_DATA CK_PTR \ - CK_KEY_DERIVATION_STRING_DATA_PTR; - - -/* The CK_EXTRACT_PARAMS is used for the - * CKM_EXTRACT_KEY_FROM_KEY mechanism. It specifies which bit - * of the base key should be used as the first bit of the - * derived key */ -/* CK_EXTRACT_PARAMS is new for v2.0 */ -typedef CK_ULONG CK_EXTRACT_PARAMS; - -typedef CK_EXTRACT_PARAMS CK_PTR CK_EXTRACT_PARAMS_PTR; - -/* CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is new for v2.10. - * CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE is used to - * indicate the Pseudo-Random Function (PRF) used to generate - * key bits using PKCS #5 PBKDF2. */ -typedef CK_ULONG CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE; - -typedef CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE CK_PTR CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE_PTR; - -/* The following PRFs are defined in PKCS #5 v2.0. */ -#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001 - - -/* CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is new for v2.10. - * CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE is used to indicate the - * source of the salt value when deriving a key using PKCS #5 - * PBKDF2. */ -typedef CK_ULONG CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE; - -typedef CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE CK_PTR CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE_PTR; - -/* The following salt value sources are defined in PKCS #5 v2.0. */ -#define CKZ_SALT_SPECIFIED 0x00000001 - -/* CK_PKCS5_PBKD2_PARAMS is new for v2.10. - * CK_PKCS5_PBKD2_PARAMS is a structure that provides the - * parameters to the CKM_PKCS5_PBKD2 mechanism. */ -typedef struct CK_PKCS5_PBKD2_PARAMS { - CK_PKCS5_PBKDF2_SALT_SOURCE_TYPE saltSource; - CK_VOID_PTR pSaltSourceData; - CK_ULONG ulSaltSourceDataLen; - CK_ULONG iterations; - CK_PKCS5_PBKD2_PSEUDO_RANDOM_FUNCTION_TYPE prf; - CK_VOID_PTR pPrfData; - CK_ULONG ulPrfDataLen; - CK_UTF8CHAR_PTR pPassword; - CK_ULONG_PTR ulPasswordLen; -} CK_PKCS5_PBKD2_PARAMS; - -typedef CK_PKCS5_PBKD2_PARAMS CK_PTR CK_PKCS5_PBKD2_PARAMS_PTR; - -#endif DELETED test.c Index: test.c ================================================================== --- test.c +++ /dev/null @@ -1,550 +0,0 @@ -#include "mypkcs11.h" - -#include -#include -#include -#include -#include - -static char *pkcs11_attribute_to_name(CK_ATTRIBUTE_TYPE attrib) { - static char retbuf[1024]; - - switch (attrib) { - case 0x00000000: return "CKA_CLASS"; - case 0x00000001: return "CKA_TOKEN"; - case 0x00000002: return "CKA_PRIVATE"; - case 0x00000003: return "CKA_LABEL"; - case 0x00000010: return "CKA_APPLICATION"; - case 0x00000011: return "CKA_VALUE"; - case 0x00000012: return "CKA_OBJECT_ID"; - case 0x00000080: return "CKA_CERTIFICATE_TYPE"; - case 0x00000081: return "CKA_ISSUER"; - case 0x00000082: return "CKA_SERIAL_NUMBER"; - case 0x00000083: return "CKA_AC_ISSUER"; - case 0x00000084: return "CKA_OWNER"; - case 0x00000085: return "CKA_ATTR_TYPES"; - case 0x00000086: return "CKA_TRUSTED"; - case 0x00000100: return "CKA_KEY_TYPE"; - case 0x00000101: return "CKA_SUBJECT"; - case 0x00000102: return "CKA_ID"; - case 0x00000103: return "CKA_SENSITIVE"; - case 0x00000104: return "CKA_ENCRYPT"; - case 0x00000105: return "CKA_DECRYPT"; - case 0x00000106: return "CKA_WRAP"; - case 0x00000107: return "CKA_UNWRAP"; - case 0x00000108: return "CKA_SIGN"; - case 0x00000109: return "CKA_SIGN_RECOVER"; - case 0x0000010A: return "CKA_VERIFY"; - case 0x0000010B: return "CKA_VERIFY_RECOVER"; - case 0x0000010C: return "CKA_DERIVE"; - case 0x00000110: return "CKA_START_DATE"; - case 0x00000111: return "CKA_END_DATE"; - case 0x00000120: return "CKA_MODULUS"; - case 0x00000121: return "CKA_MODULUS_BITS"; - case 0x00000122: return "CKA_PUBLIC_EXPONENT"; - case 0x00000123: return "CKA_PRIVATE_EXPONENT"; - case 0x00000124: return "CKA_PRIME_1"; - case 0x00000125: return "CKA_PRIME_2"; - case 0x00000126: return "CKA_EXPONENT_1"; - case 0x00000127: return "CKA_EXPONENT_2"; - case 0x00000128: return "CKA_COEFFICIENT"; - case 0x00000130: return "CKA_PRIME"; - case 0x00000131: return "CKA_SUBPRIME"; - case 0x00000132: return "CKA_BASE"; - case 0x00000133: return "CKA_PRIME_BITS"; - case 0x00000134: return "CKA_SUB_PRIME_BITS"; - case 0x00000160: return "CKA_VALUE_BITS"; - case 0x00000161: return "CKA_VALUE_LEN"; - case 0x00000162: return "CKA_EXTRACTABLE"; - case 0x00000163: return "CKA_LOCAL"; - case 0x00000164: return "CKA_NEVER_EXTRACTABLE"; - case 0x00000165: return "CKA_ALWAYS_SENSITIVE"; - case 0x00000166: return "CKA_KEY_GEN_MECHANISM"; - case 0x00000170: return "CKA_MODIFIABLE"; - case 0x00000180: return "CKA_EC_PARAMS"; - case 0x00000181: return "CKA_EC_POINT"; - case 0x00000200: return "CKA_SECONDARY_AUTH"; - case 0x00000201: return "CKA_AUTH_PIN_FLAGS"; - case 0x00000300: return "CKA_HW_FEATURE_TYPE"; - case 0x00000301: return "CKA_RESET_ON_INIT"; - case 0x00000302: return "CKA_HAS_RESET"; - } - - snprintf(retbuf, sizeof(retbuf), "0x%08lx", (unsigned long) attrib); - retbuf[sizeof(retbuf) - 1] = '\0'; - - return(retbuf); -} - -int main_pkcs11(void) { - CK_C_INITIALIZE_ARGS initargs; - CK_INFO clientinfo; - CK_ULONG numSlots, currSlot; - CK_SLOT_ID_PTR slots; - CK_SLOT_INFO slotInfo; - CK_TOKEN_INFO tokenInfo; - CK_SESSION_HANDLE hSession; - CK_SESSION_INFO sessionInfo; - CK_OBJECT_HANDLE hObject, *privateKeyObjects_root, *privateKeyObjects, *currPrivKey; - CK_ULONG ulObjectCount; - CK_ATTRIBUTE template[] = { - {CKA_CLASS, NULL, 0}, - {CKA_TOKEN, NULL, 0}, - {CKA_LABEL, NULL, 0}, - {CKA_PRIVATE, NULL, 0}, - {CKA_ID, NULL, 0}, - {CKA_SERIAL_NUMBER, NULL, 0}, - {CKA_SUBJECT, NULL, 0}, - {CKA_ISSUER, NULL, 0}, - {CKA_PRIVATE, NULL, 0}, - {CKA_CERTIFICATE_TYPE, NULL, 0}, - {CKA_KEY_TYPE, NULL, 0}, - {CKA_SIGN, NULL, 0}, - {CKA_VALUE, NULL, 0} - }, *curr_attr; - CK_ULONG curr_attr_idx; - CK_ULONG byte_idx; - CK_UTF8CHAR user_pin[1024], *pucValue; - CK_OBJECT_CLASS objectClass; - CK_BYTE signature[1024], encrypted_buf[16384], decrypted_buf[16384]; - CK_ULONG signature_len, encrypted_buflen, decrypted_buflen; - CK_MECHANISM mechanism = {CKM_RSA_PKCS, NULL, 0}; - CK_RV chk_rv; - char *fgets_ret; - int i; - - privateKeyObjects = malloc(sizeof(*privateKeyObjects) * 1024); - privateKeyObjects_root = privateKeyObjects; - for (i = 0; i < 1024; i++) { - privateKeyObjects[i] = CK_INVALID_HANDLE; - } - - initargs.CreateMutex = NULL; - initargs.DestroyMutex = NULL; - initargs.LockMutex = NULL; - initargs.UnlockMutex = NULL; - initargs.flags = CKF_OS_LOCKING_OK; - initargs.pReserved = NULL; - - chk_rv = C_Initialize(&initargs); - if (chk_rv != CKR_OK) { - initargs.CreateMutex = NULL; - initargs.DestroyMutex = NULL; - initargs.LockMutex = NULL; - initargs.UnlockMutex = NULL; - initargs.flags = 0; - initargs.pReserved = NULL; - - chk_rv = C_Initialize(&initargs); - if (chk_rv != CKR_OK) { - printf("C_Initialize() failed."); - - return(1); - } - } - - chk_rv = C_GetInfo(&clientinfo); - if (chk_rv != CKR_OK) { - return(1); - } - - printf("PKCS#11 Client Version: %i.%i, Library Version %i.%i\n", clientinfo.cryptokiVersion.major, clientinfo.cryptokiVersion.minor, clientinfo.libraryVersion.major, clientinfo.libraryVersion.minor); - printf("PKCS#11 ManufID: %.*s, LibraryDesc: %.*s\n", 32, clientinfo.manufacturerID, 32, clientinfo.libraryDescription); - - chk_rv = C_GetSlotList(FALSE, NULL, &numSlots); - if (chk_rv != CKR_OK) { - return(1); - } - - printf("Number of Slots: %lu\n", numSlots); - - slots = malloc(sizeof(*slots) * numSlots); - - chk_rv = C_GetSlotList(FALSE, slots, &numSlots); - if (chk_rv != CKR_OK) { - return(1); - } - - for (currSlot = 0; currSlot < numSlots; currSlot++) { - printf(" Slot %lu:\n", currSlot); - - chk_rv = C_GetSlotInfo(slots[currSlot], &slotInfo); - if (chk_rv != CKR_OK) { - return(1); - } - - printf(" Desc : %.*s\n", 32, slotInfo.slotDescription); - printf(" ManufID: %.*s\n", 32, slotInfo.manufacturerID); - printf(" HWVers : %i.%i\n", slotInfo.hardwareVersion.major, slotInfo.hardwareVersion.minor); - printf(" FWVers : %i.%i\n", slotInfo.firmwareVersion.major, slotInfo.firmwareVersion.minor); - printf(" Flags : "); - if ((slotInfo.flags & CKF_TOKEN_PRESENT) == CKF_TOKEN_PRESENT) { - printf("CKF_TOKEN_PRESENT "); - } - if ((slotInfo.flags & CKF_REMOVABLE_DEVICE) == CKF_REMOVABLE_DEVICE) { - printf("CKF_REMOVABLE_DEVICE "); - } - if ((slotInfo.flags & CKF_HW_SLOT) == CKF_HW_SLOT) { - printf("CKF_HW_SLOT "); - } - printf("\n"); - - if ((slotInfo.flags & CKF_TOKEN_PRESENT) == CKF_TOKEN_PRESENT) { - printf(" Token:\n"); - - chk_rv = C_GetTokenInfo(slots[currSlot], &tokenInfo); - if (chk_rv != CKR_OK) { - return(1); - } - - printf(" Label : %.*s\n", 32, tokenInfo.label); - printf(" ManufID: %.*s\n", 32, tokenInfo.manufacturerID); - printf(" Model : %.*s\n", 16, tokenInfo.model); - printf(" SerNo : %.*s\n", 16, tokenInfo.serialNumber); - printf(" HWVers : %i.%i\n", tokenInfo.hardwareVersion.major, tokenInfo.hardwareVersion.minor); - printf(" FWVers : %i.%i\n", tokenInfo.firmwareVersion.major, tokenInfo.firmwareVersion.minor); - printf(" Flags : "); - if ((tokenInfo.flags & CKF_RNG) == CKF_RNG) { - printf("CKF_RNG "); - } - if ((tokenInfo.flags & CKF_WRITE_PROTECTED) == CKF_WRITE_PROTECTED) { - printf("CKF_WRITE_PROTECTED "); - } - if ((tokenInfo.flags & CKF_LOGIN_REQUIRED) == CKF_LOGIN_REQUIRED) { - printf("CKF_LOGIN_REQUIRED "); - } - if ((tokenInfo.flags & CKF_USER_PIN_INITIALIZED) == CKF_USER_PIN_INITIALIZED) { - printf("CKF_USER_PIN_INITIALIZED "); - } - if ((tokenInfo.flags & CKF_RESTORE_KEY_NOT_NEEDED) == CKF_RESTORE_KEY_NOT_NEEDED) { - printf("CKF_RESTORE_KEY_NOT_NEEDED "); - } - if ((tokenInfo.flags & CKF_CLOCK_ON_TOKEN) == CKF_CLOCK_ON_TOKEN) { - printf("CKF_CLOCK_ON_TOKEN "); - } - if ((tokenInfo.flags & CKF_PROTECTED_AUTHENTICATION_PATH) == CKF_PROTECTED_AUTHENTICATION_PATH) { - printf("CKF_PROTECTED_AUTHENTICATION_PATH "); - } - if ((tokenInfo.flags & CKF_DUAL_CRYPTO_OPERATIONS) == CKF_DUAL_CRYPTO_OPERATIONS) { - printf("CKF_DUAL_CRYPTO_OPERATIONS "); - } - if ((tokenInfo.flags & CKF_TOKEN_INITIALIZED) == CKF_TOKEN_INITIALIZED) { - printf("CKF_TOKEN_INITIALIZED "); - } - if ((tokenInfo.flags & CKF_SECONDARY_AUTHENTICATION) == CKF_SECONDARY_AUTHENTICATION) { - printf("CKF_SECONDARY_AUTHENTICATION "); - } - if ((tokenInfo.flags & CKF_USER_PIN_COUNT_LOW) == CKF_USER_PIN_COUNT_LOW) { - printf("CKF_USER_PIN_COUNT_LOW "); - } - if ((tokenInfo.flags & CKF_USER_PIN_FINAL_TRY) == CKF_USER_PIN_FINAL_TRY) { - printf("CKF_USER_PIN_FINAL_TRY "); - } - if ((tokenInfo.flags & CKF_USER_PIN_LOCKED) == CKF_USER_PIN_LOCKED) { - printf("CKF_USER_PIN_LOCKED "); - } - if ((tokenInfo.flags & CKF_USER_PIN_TO_BE_CHANGED) == CKF_USER_PIN_TO_BE_CHANGED) { - printf("CKF_USER_PIN_TO_BE_CHANGED "); - } - if ((tokenInfo.flags & CKF_SO_PIN_COUNT_LOW) == CKF_SO_PIN_COUNT_LOW) { - printf("CKF_SO_PIN_COUNT_LOW "); - } - if ((tokenInfo.flags & CKF_SO_PIN_FINAL_TRY) == CKF_SO_PIN_FINAL_TRY) { - printf("CKF_SO_PIN_FINAL_TRY "); - } - if ((tokenInfo.flags & CKF_SO_PIN_LOCKED) == CKF_SO_PIN_LOCKED) { - printf("CKF_SO_PIN_LOCKED "); - } - if ((tokenInfo.flags & CKF_SO_PIN_TO_BE_CHANGED) == CKF_SO_PIN_TO_BE_CHANGED) { - printf("CKF_SO_PIN_TO_BE_CHANGED "); - } - printf("\n"); - } - } - - chk_rv = C_OpenSession(slots[0], CKF_SERIAL_SESSION, NULL, NULL, &hSession); - if (chk_rv == CKR_OK) { - if ((tokenInfo.flags & CKF_LOGIN_REQUIRED) == CKF_LOGIN_REQUIRED) { - fgets_ret = NULL; - - while (fgets_ret == NULL) { - printf("** ENTER PIN: "); - fflush(stdout); - - fgets_ret = fgets((char *) user_pin, sizeof(user_pin), stdin); - } - - if (strlen((char *) user_pin) >= 1) { - while (user_pin[strlen((char *) user_pin) - 1] < ' ') { - user_pin[strlen((char *) user_pin) - 1] = '\0'; - } - } - - chk_rv = C_Login(hSession, CKU_USER, user_pin, strlen((char *) user_pin)); - } else { - chk_rv = C_Login(hSession, CKU_USER, NULL, 0); - } - if (chk_rv == CKR_OK) { - printf("Login to device succeed.\n"); - } else { - printf("Login to device failed.\n"); - } - - chk_rv = C_GetSessionInfo(hSession, &sessionInfo); - if (chk_rv == CKR_OK) { - printf("Session Info:\n"); - printf(" Slot ID: %lu\n", (unsigned long) sessionInfo.slotID); - printf(" Dev Err: %lu\n", (unsigned long) sessionInfo.ulDeviceError); - - printf(" State : "); - if (sessionInfo.state == CKS_RO_PUBLIC_SESSION) { - printf("CKS_RO_PUBLIC_SESSION\n"); - } else if (sessionInfo.state == CKS_RO_USER_FUNCTIONS) { - printf("CKS_RO_USER_FUNCTIONS\n"); - } else if (sessionInfo.state == CKS_RW_PUBLIC_SESSION) { - printf("CKS_RW_PUBLIC_SESSION\n"); - } else if (sessionInfo.state == CKS_RW_USER_FUNCTIONS) { - printf("CKS_RW_USER_FUNCTIONS\n"); - } else if (sessionInfo.state == CKS_RO_PUBLIC_SESSION) { - printf("CKS_RW_SO_FUNCTIONS\n"); - } else { - printf("Unknown (%lu)", (unsigned long) sessionInfo.state); - } - - printf(" Flags : "); - if ((sessionInfo.flags & CKF_RW_SESSION) == CKF_RW_SESSION) { - printf("CKF_RW_SESSION "); - } - if ((sessionInfo.flags & CKF_SERIAL_SESSION) == CKF_SERIAL_SESSION) { - printf("CKF_SERIAL_SESSION "); - } - printf("\n"); - } else { - printf("GetSessionInfo() failed.\n"); - } - - chk_rv = C_FindObjectsInit(hSession, NULL, 0); - if (chk_rv == CKR_OK) { - while (1) { - chk_rv = C_FindObjects(hSession, &hObject, 1, &ulObjectCount); - if (chk_rv != CKR_OK) { - printf("FindObjects() failed.\n"); - break; - } - - if (ulObjectCount == 0) { - break; - } - - if (ulObjectCount != 1) { - printf("FindObjects() returned a weird number of objects. Asked for 1, got %lu.\n", ulObjectCount); - break; - } - - printf(" Object Info (object %lu):\n", (unsigned long) hObject); - - for (curr_attr_idx = 0; curr_attr_idx < (sizeof(template) / sizeof(template[0])); curr_attr_idx++) { - curr_attr = &template[curr_attr_idx]; - if (curr_attr->pValue) { - free(curr_attr->pValue); - } - - curr_attr->pValue = NULL; - } - - chk_rv = C_GetAttributeValue(hSession, hObject, &template[0], sizeof(template) / sizeof(template[0])); - if (chk_rv == CKR_ATTRIBUTE_TYPE_INVALID || chk_rv == CKR_ATTRIBUTE_SENSITIVE || chk_rv == CKR_BUFFER_TOO_SMALL) { - chk_rv = CKR_OK; - } - - if (chk_rv == CKR_OK) { - for (curr_attr_idx = 0; curr_attr_idx < (sizeof(template) / sizeof(template[0])); curr_attr_idx++) { - curr_attr = &template[curr_attr_idx]; - - if (((CK_LONG) curr_attr->ulValueLen) != ((CK_LONG) -1)) { - curr_attr->pValue = malloc(curr_attr->ulValueLen); - } - } - - chk_rv = C_GetAttributeValue(hSession, hObject, &template[0], sizeof(template) / sizeof(template[0])); - if (chk_rv == CKR_OK || chk_rv == CKR_ATTRIBUTE_SENSITIVE || chk_rv == CKR_ATTRIBUTE_TYPE_INVALID || chk_rv == CKR_BUFFER_TOO_SMALL) { - for (curr_attr_idx = 0; curr_attr_idx < (sizeof(template) / sizeof(template[0])); curr_attr_idx++) { - curr_attr = &template[curr_attr_idx]; - - if (curr_attr->pValue) { - switch (curr_attr->type) { - case CKA_LABEL: - printf(" [%lu] %20s: %.*s\n", hObject, pkcs11_attribute_to_name(curr_attr->type), (int) curr_attr->ulValueLen, (char *) curr_attr->pValue); - break; - case CKA_CLASS: - objectClass = *((CK_OBJECT_CLASS *) curr_attr->pValue); - - if (objectClass == CKO_PRIVATE_KEY) { - *privateKeyObjects = hObject; - privateKeyObjects++; - } - case CKA_TOKEN: - case CKA_ID: - case CKA_SERIAL_NUMBER: - case CKA_PRIVATE: - case CKA_CERTIFICATE_TYPE: - case CKA_KEY_TYPE: - case CKA_SIGN: - case CKA_DECRYPT: - pucValue = curr_attr->pValue; - - printf(" [%lu] %20s: ", hObject, pkcs11_attribute_to_name(curr_attr->type)); - - for (byte_idx = 0; byte_idx < curr_attr->ulValueLen; byte_idx++) { - printf("%02x ", (unsigned int) pucValue[byte_idx]); - } - - printf(";; %p/%lu\n", curr_attr->pValue, curr_attr->ulValueLen); - - break; - case CKA_SUBJECT: - case CKA_ISSUER: - pucValue = curr_attr->pValue; - - printf(" [%lu] %20s: ", hObject, pkcs11_attribute_to_name(curr_attr->type)); - - for (byte_idx = 0; byte_idx < curr_attr->ulValueLen; byte_idx++) { - printf("\\x%02x", (unsigned int) pucValue[byte_idx]); - } - - printf(" ;; %p/%lu\n", curr_attr->pValue, curr_attr->ulValueLen); - - break; - default: - printf(" [%lu] %20s: %p/%lu\n", hObject, pkcs11_attribute_to_name(curr_attr->type), curr_attr->pValue, curr_attr->ulValueLen); - - break; - } - } else { - printf(" [%lu] %20s: (not found)\n", hObject, pkcs11_attribute_to_name(curr_attr->type)); - } - - free(curr_attr->pValue); - curr_attr->pValue = NULL; - } - } else { - printf("GetAttributeValue()/2 failed.\n"); - } - } else { - printf("GetAttributeValue(hObject=%lu)/1 failed (rv = %lu).\n", (unsigned long) hObject, (unsigned long) chk_rv); - } - - } - - chk_rv = C_FindObjectsFinal(hSession); - if (chk_rv != CKR_OK) { - printf("FindObjectsFinal() failed.\n"); - } - } else { - printf("FindObjectsInit() failed.\n"); - } - - printf("--- Operations ---\n"); - - for (currPrivKey = privateKeyObjects_root; *currPrivKey != CK_INVALID_HANDLE; currPrivKey++) { - chk_rv = C_SignInit(hSession, &mechanism, *currPrivKey); - if (chk_rv == CKR_OK) { - signature_len = sizeof(signature); - - chk_rv = C_Sign(hSession, (CK_BYTE_PTR) "Test", strlen("Test"), (CK_BYTE_PTR) &signature, &signature_len); - if (chk_rv == CKR_OK) { - printf("[%04lu/%02lx] Signature: ", (unsigned long) *currPrivKey, (unsigned long) mechanism.mechanism); - - for (byte_idx = 0; byte_idx < signature_len; byte_idx++) { - printf("%02x ", (unsigned int) signature[byte_idx]); - } - - printf("\n"); - } else { - printf("Sign() failed.\n"); - } - } else { - printf("SignInit() failed.\n"); - } - } - - for (currPrivKey = privateKeyObjects_root; *currPrivKey != CK_INVALID_HANDLE; currPrivKey++) { - chk_rv = C_EncryptInit(hSession, &mechanism, *currPrivKey); - if (chk_rv == CKR_OK) { - encrypted_buflen = sizeof(encrypted_buf); - - chk_rv = C_Encrypt(hSession, (CK_BYTE_PTR) "Test", strlen("Test"), encrypted_buf, &encrypted_buflen); - if (chk_rv == CKR_OK) { - printf("[%04lu/%02lx] Encrypted(Test): ", (unsigned long) *currPrivKey, (unsigned long) mechanism.mechanism); - - for (byte_idx = 0; byte_idx < encrypted_buflen; byte_idx++) { - printf("%02x ", (unsigned int) encrypted_buf[byte_idx]); - } - - printf("\n"); - } else { - printf("Encrypt() failed.\n"); - } - } else { - printf("EncryptInit() failed.\n"); - } - } - - for (currPrivKey = privateKeyObjects_root; *currPrivKey != CK_INVALID_HANDLE; currPrivKey++) { - chk_rv = C_DecryptInit(hSession, &mechanism, *currPrivKey); - if (chk_rv == CKR_OK) { - decrypted_buflen = sizeof(decrypted_buf); - - chk_rv = C_Decrypt(hSession, (CK_BYTE_PTR) "\x4c\x36\x0f\x86\x2d\xb7\xb2\x46\x92\x11\x7e\x5f\xd1\xeb\x2c\xb0\xdb\x34\x60\xb8\x0c\xf8\x27\xb5\xfb\xce\xd1\xf4\x58\xa3\x20\x52\x9d\x97\x08\xd8\x2b\x5e\xb2\x37\x46\x72\x45\x7c\x66\x23\x53\xb5\xa5\x16\x61\x96\xbc\x5c\x8d\x85\x18\x24\xcf\x74\x7f\xc2\x23\x15\xd6\x42\x72\xa5\x2b\x29\x29\x1d\xa6\xea\x2b\xcb\x57\x59\xb3\x5f\xe2\xf8\x30\x12\x2f\x1b\xfa\xbd\xa9\x19\xef\x5c\xbb\x48\xdc\x28\x42\xdd\x90\xbe\x63\xeb\x59\x0c\xaf\x59\xcb\xe4\x6a\xf2\x56\x24\x41\xc2\x77\x7b\xc9\xf8\x02\x0f\x67\x3d\x2a\x98\x91\x14\xa2\x57", 128, decrypted_buf, &decrypted_buflen); - if (chk_rv == CKR_OK) { - printf("[%04lu/%02lx] Decrypted(It works!): ", (unsigned long) *currPrivKey, (unsigned long) mechanism.mechanism); - - for (byte_idx = 0; byte_idx < decrypted_buflen; byte_idx++) { - printf("%02x ", (unsigned int) decrypted_buf[byte_idx]); - } - - printf("\n"); - } else { - printf("Decrypt() failed.\n"); - } - } else { - printf("DecryptInit() failed.\n"); - } - } - - chk_rv = C_CloseSession(hSession); - if (chk_rv != CKR_OK) { - printf("CloseSession failed.\n"); - } - } else { - printf("OpenSession failed.\n"); - } - - C_Finalize(NULL); - - if (slots) { - free(slots); - } - - if (privateKeyObjects_root) { - free(privateKeyObjects_root); - } - - return(0); -} - -int main(void) { - int retval = 0, ck_retval; - - printf("Testing libcackey...\n"); - - ck_retval = main_pkcs11(); - - if (ck_retval != 0) { - retval = ck_retval; - } - - printf("Testing libcackey... DONE. Status = %i\n", ck_retval); - - return(retval); -}