+2733. [cleanup] Clean up coding style in pkcs11-* tools. [RT #20355]
+
2732. [func] Add optional filter-aaaa-on-v4 option, available
if built with './configure --enable-filter-aaaa'.
Filters out AAAA answers to clients connecting
+/*
+ * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
+ * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
+ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * Portions copyright (c) 2008 Nominet UK. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id: pkcs11-destroy.c,v 1.7 2009/10/26 23:36:53 each Exp $ */
+
/* pkcs11-destroy [-m module] [-s $slot] [-i $id | -l $label] [-p $pin] */
+/*! \file */
+
#include <config.h>
#include <stdio.h>
int
main(int argc, char *argv[])
{
- CK_RV rv;
- CK_SLOT_ID slot = 0;
- CK_SESSION_HANDLE hSession;
- CK_UTF8CHAR *pin = NULL;
- CK_BYTE attr_id[2];
- CK_OBJECT_HANDLE akey[50];
- char *label = NULL;
- int error = 0;
- unsigned int id = 0, i = 0;
- int c, errflg = 0;
- CK_ULONG ulObjectCount;
- CK_ATTRIBUTE search_template[] = {
- {CKA_ID, &attr_id, sizeof(attr_id)}
- };
- extern char *optarg;
- extern int optopt;
- char *pk11_provider;
-
- pk11_provider = getenv("PKCS11_PROVIDER");
- if (pk11_provider != NULL)
- pk11_libname = pk11_provider;
-
- while ((c = getopt(argc, argv, ":m:s:i:l:p:")) != -1) {
- switch (c) {
- case 'm':
- pk11_libname = optarg;
- break;
- case 's':
- slot = atoi(optarg);
- break;
- case 'i':
- id = atoi(optarg);
- id &= 0xffff;
- break;
- case 'l':
- label = optarg;
- break;
- case 'p':
- pin = (CK_UTF8CHAR *)optarg;
- break;
- case ':':
- fprintf(stderr, "Option -%c requires an operand\n", optopt);
- errflg++;
- break;
- case '?':
- default:
- fprintf(stderr, "Unrecognised option: -%c\n", optopt);
- errflg++;
- }
- }
- if (errflg || ((!id) && (!label))) {
- fprintf(stderr,
- "usage: pkcs11-destroy [-m module] [-s slot] "
- "[-i id | -l label] [-p pin]\n");
- exit(1);
- }
- if (id) {
- printf("id %i\n", id);
- attr_id[0] = (id >> 8) & 0xff;
- attr_id[1] = id & 0xff;
- } else if (label) {
- printf("label %s\n", label);
- search_template[0].type = CKA_LABEL;
- search_template[0].pValue = label;
- search_template[0].ulValueLen = strlen(label);
- }
-
- /* Initialize the CRYPTOKI library */
- rv = C_Initialize(NULL_PTR);
- if (rv != CKR_OK) {
- if (rv == 0xfe)
- fprintf(stderr,
- "Can't load or link module \"%s\"\n",
- pk11_libname);
- else
- fprintf(stderr, "C_Initialize: Error = 0x%.8lX\n", rv);
- exit(1);
- }
-
- /* Open a session on the slot found */
- rv = C_OpenSession(slot, CKF_RW_SESSION+CKF_SERIAL_SESSION,
- NULL_PTR, NULL_PTR, &hSession);
- if (rv != CKR_OK) {
- fprintf(stderr, "C_OpenSession: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_program;
- }
-
- /* Login to the Token (Keystore) */
- if (!pin)
- pin = (CK_UTF8CHAR *)getpassphrase("Enter Pin: ");
- rv = C_Login(hSession, CKU_USER, pin, strlen((char *)pin));
- memset(pin, 0, strlen((char *)pin));
- if (rv != CKR_OK) {
- fprintf(stderr, "C_Login: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_session;
- }
-
- rv = C_FindObjectsInit(hSession, search_template,
- ((id != 0) || (label != NULL)) ? 1 : 0);
- if (rv != CKR_OK) {
- fprintf(stderr, "C_FindObjectsInit: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_session;
- }
-
- rv = C_FindObjects(hSession, akey, 50, &ulObjectCount);
- if (rv != CKR_OK) {
- fprintf(stderr, "C_FindObjects: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_search;
- }
-
- for (i = 0; i < ulObjectCount; i++) {
- CK_OBJECT_CLASS oclass = 0;
- CK_BYTE labelbuf[64 + 1];
- CK_BYTE idbuf[64];
- CK_ATTRIBUTE attr_template[] = {
- {CKA_CLASS, &oclass, sizeof(oclass)},
- {CKA_LABEL, labelbuf, sizeof(labelbuf) - 1},
- {CKA_ID, idbuf, sizeof(idbuf)}
+ CK_RV rv;
+ CK_SLOT_ID slot = 0;
+ CK_SESSION_HANDLE hSession;
+ CK_UTF8CHAR *pin = NULL;
+ CK_BYTE attr_id[2];
+ CK_OBJECT_HANDLE akey[50];
+ char *label = NULL;
+ int error = 0;
+ unsigned int id = 0, i = 0;
+ int c, errflg = 0;
+ CK_ULONG ulObjectCount;
+ CK_ATTRIBUTE search_template[] = {
+ {CKA_ID, &attr_id, sizeof(attr_id)}
};
+ char *pk11_provider;
unsigned int j, len;
+ extern char *optarg;
+ extern int optopt;
+
+ pk11_provider = getenv("PKCS11_PROVIDER");
+ if (pk11_provider != NULL)
+ pk11_libname = pk11_provider;
+
+ while ((c = getopt(argc, argv, ":m:s:i:l:p:")) != -1) {
+ switch (c) {
+ case 'm':
+ pk11_libname = optarg;
+ break;
+ case 's':
+ slot = atoi(optarg);
+ break;
+ case 'i':
+ id = atoi(optarg);
+ id &= 0xffff;
+ break;
+ case 'l':
+ label = optarg;
+ break;
+ case 'p':
+ pin = (CK_UTF8CHAR *)optarg;
+ break;
+ case ':':
+ fprintf(stderr,
+ "Option -%c requires an operand\n",
+ optopt);
+ errflg++;
+ break;
+ case '?':
+ default:
+ fprintf(stderr, "Unrecognised option: -%c\n", optopt);
+ errflg++;
+ }
+ }
- memset(labelbuf, 0, sizeof(labelbuf));
- memset(idbuf, 0, sizeof(idbuf));
+ if (errflg || (!id && (label != NULL))) {
+ fprintf(stderr, "Usage:\n");
+ fprintf(stderr, "\tpkcs11-destroy [-m module] [-s slot] "
+ "[-i id | -l label] [-p pin]\n");
+ exit(1);
+ }
+
+ if (id) {
+ printf("id %i\n", id);
+ attr_id[0] = (id >> 8) & 0xff;
+ attr_id[1] = id & 0xff;
+ } else if (label) {
+ printf("label %s\n", label);
+ search_template[0].type = CKA_LABEL;
+ search_template[0].pValue = label;
+ search_template[0].ulValueLen = strlen(label);
+ }
+
+ /* Initialize the CRYPTOKI library */
+ rv = C_Initialize(NULL_PTR);
+ if (rv != CKR_OK) {
+ if (rv == 0xfe)
+ fprintf(stderr,
+ "Can't load or link module \"%s\"\n",
+ pk11_libname);
+ else
+ fprintf(stderr, "C_Initialize: Error = 0x%.8lX\n", rv);
+ exit(1);
+ }
- rv = C_GetAttributeValue(hSession, akey[i], attr_template, 3);
+ /* Open a session on the slot found */
+ rv = C_OpenSession(slot, CKF_RW_SESSION+CKF_SERIAL_SESSION,
+ NULL_PTR, NULL_PTR, &hSession);
if (rv != CKR_OK) {
- fprintf(stderr, "C_GetAttributeValue[%u]: rv = 0x%.8lX\n", i, rv);
- error = 1;
- goto exit_search;
+ fprintf(stderr, "C_OpenSession: Error = 0x%.8lX\n", rv);
+ error = 1;
+ goto exit_program;
}
- len = attr_template[2].ulValueLen;
- printf("object[%u]: class %lu label '%s' id[%lu] ",
- i, oclass, labelbuf, attr_template[2].ulValueLen);
- if (len > 4)
- len = 4;
- if (len > 0)
- printf("0x");
- for (j = 0; j < len; j++)
- printf("%02x", idbuf[j]);
- if (attr_template[2].ulValueLen > len)
- printf("...\n");
- else
- printf("\n");
- }
-
- /* give a chance to kill this */
- printf("sleeping 5 seconds...\n");
- sleep(5);
-
- for (i = 0; i < ulObjectCount; i++) {
- rv = C_DestroyObject(hSession, akey[i]);
+
+ if (pin == NULL)
+ pin = (CK_UTF8CHAR *)getpassphrase("Enter Pin: ");
+
+ /* Login to the Token (Keystore) */
+ rv = C_Login(hSession, CKU_USER, pin, strlen((char *)pin));
+ memset(pin, 0, strlen((char *)pin));
if (rv != CKR_OK) {
- fprintf(stderr, "C_DestroyObject[%u]: rv = 0x%.8lX\n", i, rv);
- error = 1;
+ fprintf(stderr, "C_Login: Error = 0x%.8lX\n", rv);
+ error = 1;
+ goto exit_session;
+ }
+
+ rv = C_FindObjectsInit(hSession, search_template,
+ ((id != 0) || (label != NULL)) ? 1 : 0);
+
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_FindObjectsInit: Error = 0x%.8lX\n", rv);
+ error = 1;
+ goto exit_session;
+ }
+
+ rv = C_FindObjects(hSession, akey, 50, &ulObjectCount);
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_FindObjects: Error = 0x%.8lX\n", rv);
+ error = 1;
+ goto exit_search;
+ }
+
+ for (i = 0; i < ulObjectCount; i++) {
+ CK_OBJECT_CLASS oclass = 0;
+ CK_BYTE labelbuf[64 + 1];
+ CK_BYTE idbuf[64];
+ CK_ATTRIBUTE attr_template[] = {
+ {CKA_CLASS, &oclass, sizeof(oclass)},
+ {CKA_LABEL, labelbuf, sizeof(labelbuf) - 1},
+ {CKA_ID, idbuf, sizeof(idbuf)}
+ };
+
+ memset(labelbuf, 0, sizeof(labelbuf));
+ memset(idbuf, 0, sizeof(idbuf));
+
+ rv = C_GetAttributeValue(hSession, akey[i], attr_template, 3);
+ if (rv != CKR_OK) {
+ fprintf(stderr,
+ "C_GetAttributeValue[%u]: rv = 0x%.8lX\n",
+ i, rv);
+ error = 1;
+ goto exit_search;
+ }
+ len = attr_template[2].ulValueLen;
+ printf("object[%u]: class %lu label '%s' id[%lu] ",
+ i, oclass, labelbuf, attr_template[2].ulValueLen);
+ if (len > 4)
+ len = 4;
+ if (len > 0)
+ printf("0x");
+ for (j = 0; j < len; j++)
+ printf("%02x", idbuf[j]);
+ if (attr_template[2].ulValueLen > len)
+ printf("...\n");
+ else
+ printf("\n");
+ }
+
+ /* give a chance to kill this */
+ printf("sleeping 5 seconds...\n");
+ sleep(5);
+
+ for (i = 0; i < ulObjectCount; i++) {
+ rv = C_DestroyObject(hSession, akey[i]);
+ if (rv != CKR_OK) {
+ fprintf(stderr,
+ "C_DestroyObject[%u]: rv = 0x%.8lX\n",
+ i, rv);
+ error = 1;
+ }
}
- }
exit_search:
- rv = C_FindObjectsFinal(hSession);
- if (rv != CKR_OK) {
- fprintf(stderr, "C_FindObjectsFinal: Error = 0x%.8lX\n", rv);
- error = 1;
- }
+ rv = C_FindObjectsFinal(hSession);
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_FindObjectsFinal: Error = 0x%.8lX\n", rv);
+ error = 1;
+ }
exit_session:
- (void) C_CloseSession(hSession);
+ (void)C_CloseSession(hSession);
exit_program:
- (void) C_Finalize(NULL_PTR);
+ (void)C_Finalize(NULL_PTR);
- exit(error);
+ exit(error);
}
-/* pkcs11-keygen - pkcs11 rsa key generator
+/*
+ * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
*
- * create RSASHA1 key in the keystore of an SCA6000
- * The calculation of key tag is left to the script
- * that converts the key into a DNSKEY RR and inserts
- * it into a zone file.
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
+ * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
+ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * Portions copyright (c) 2008 Nominet UK. All rights reserved.
*
- * usage:
- * pkcs11-keygen [-P] [-m module] [-s slot] [-e] -b keysize
- * -l label [-i id] [-p pin]
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
*
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+/* $Id: pkcs11-keygen.c,v 1.9 2009/10/26 23:36:53 each Exp $ */
+
+/* pkcs11-keygen - pkcs11 rsa key generator
+*
+* create RSASHA1 key in the keystore of an SCA6000
+* The calculation of key tag is left to the script
+* that converts the key into a DNSKEY RR and inserts
+* it into a zone file.
+*
+* usage:
+* pkcs11-keygen [-P] [-m module] [-s slot] [-e] -b keysize
+* -l label [-i id] [-p pin]
+*
+*/
+
+/*! \file */
+
#include <config.h>
#include <stdio.h>
int
main(int argc, char *argv[])
{
- CK_RV rv;
- CK_SLOT_ID slot = 0;
- CK_MECHANISM genmech;
- CK_SESSION_HANDLE hSession;
- CK_UTF8CHAR *pin = NULL;
- CK_ULONG modulusbits = 0;
- CK_CHAR *label = NULL;
- CK_OBJECT_HANDLE privatekey, publickey;
- CK_BYTE public_exponent[5];
- CK_ULONG expsize = 3;
- int error = 0;
- int c, errflg = 0;
- int hide = 1;
- int idlen = 0;
- unsigned long id = 0;
- CK_BYTE idbuf[4];
- CK_ULONG ulObjectCount;
- /* Set search template */
- CK_ATTRIBUTE search_template[] = {
- {CKA_LABEL, NULL_PTR, 0}
- };
- CK_ATTRIBUTE publickey_template[] = {
- {CKA_LABEL, NULL_PTR, 0},
- {CKA_VERIFY, &truevalue, sizeof (truevalue)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_MODULUS_BITS, &modulusbits, sizeof (modulusbits)},
- {CKA_PUBLIC_EXPONENT, &public_exponent, expsize},
- {CKA_ID, &idbuf, idlen}
- };
- CK_ULONG publickey_attrcnt = 6;
- CK_ATTRIBUTE privatekey_template[] = {
- {CKA_LABEL, NULL_PTR, 0},
- {CKA_SIGN, &truevalue, sizeof (truevalue)},
- {CKA_TOKEN, &truevalue, sizeof (truevalue)},
- {CKA_PRIVATE, &truevalue, sizeof (truevalue)},
- {CKA_SENSITIVE, &truevalue, sizeof (truevalue)},
- {CKA_EXTRACTABLE, &falsevalue, sizeof (falsevalue)},
- {CKA_ID, &idbuf, idlen}
- };
- CK_ULONG privatekey_attrcnt = 7;
- extern char *optarg;
- extern int optopt;
- char *pk11_provider;
+ CK_RV rv;
+ CK_SLOT_ID slot = 0;
+ CK_MECHANISM genmech;
+ CK_SESSION_HANDLE hSession;
+ CK_UTF8CHAR *pin = NULL;
+ CK_ULONG modulusbits = 0;
+ CK_CHAR *label = NULL;
+ CK_OBJECT_HANDLE privatekey, publickey;
+ CK_BYTE public_exponent[5];
+ CK_ULONG expsize = 3;
+ int error = 0;
+ int c, errflg = 0;
+ int hide = 1;
+ int idlen = 0;
+ unsigned long id = 0;
+ CK_BYTE idbuf[4];
+ CK_ULONG ulObjectCount;
+ /* Set search template */
+ CK_ATTRIBUTE search_template[] = {
+ {CKA_LABEL, NULL_PTR, 0}
+ };
+ CK_ATTRIBUTE publickey_template[] = {
+ {CKA_LABEL, NULL_PTR, 0},
+ {CKA_VERIFY, &truevalue, sizeof(truevalue)},
+ {CKA_TOKEN, &truevalue, sizeof(truevalue)},
+ {CKA_MODULUS_BITS, &modulusbits, sizeof(modulusbits)},
+ {CKA_PUBLIC_EXPONENT, &public_exponent, expsize},
+ {CKA_ID, &idbuf, idlen}
+ };
+ CK_ULONG publickey_attrcnt = 6;
+ CK_ATTRIBUTE privatekey_template[] = {
+ {CKA_LABEL, NULL_PTR, 0},
+ {CKA_SIGN, &truevalue, sizeof(truevalue)},
+ {CKA_TOKEN, &truevalue, sizeof(truevalue)},
+ {CKA_PRIVATE, &truevalue, sizeof(truevalue)},
+ {CKA_SENSITIVE, &truevalue, sizeof(truevalue)},
+ {CKA_EXTRACTABLE, &falsevalue, sizeof(falsevalue)},
+ {CKA_ID, &idbuf, idlen}
+ };
+ CK_ULONG privatekey_attrcnt = 7;
+ char *pk11_provider;
+ extern char *optarg;
+ extern int optopt;
+
+ pk11_provider = getenv("PKCS11_PROVIDER");
+ if (pk11_provider != NULL)
+ pk11_libname = pk11_provider;
+
+ while ((c = getopt(argc, argv, ":Pm:s:b:ei:l:p:")) != -1) {
+ switch (c) {
+ case 'P':
+ hide = 0;
+ break;
+ case 'm':
+ pk11_libname = optarg;
+ break;
+ case 's':
+ slot = atoi(optarg);
+ break;
+ case 'e':
+ expsize = 5;
+ break;
+ case 'b':
+ modulusbits = atoi(optarg);
+ break;
+ case 'l':
+ label = (CK_CHAR *)optarg;
+ break;
+ case 'i':
+ id = strtoul(optarg, NULL, 0);
+ idlen = 4;
+ break;
+ case 'p':
+ pin = (CK_UTF8CHAR *)optarg;
+ break;
+ case ':':
+ fprintf(stderr,
+ "Option -%c requires an operand\n",
+ optopt);
+ errflg++;
+ break;
+ case '?':
+ default:
+ fprintf(stderr, "Unrecognised option: -%c\n", optopt);
+ errflg++;
+ }
+ }
+
+ if (errflg || !modulusbits || (label == NULL)) {
+ fprintf(stderr, "Usage:\n");
+ fprintf(stderr, "\tpkcs11-keygen -b keysize -l label\n");
+ fprintf(stderr, "\t [-P] [-m module] "
+ "[-s slot] [-e] [-i id] [-p PIN]\n");
+ exit(2);
+ }
+
+ search_template[0].pValue = label;
+ search_template[0].ulValueLen = strlen((char *)label);
+ publickey_template[0].pValue = label;
+ publickey_template[0].ulValueLen = strlen((char *)label);
+ privatekey_template[0].pValue = label;
+ privatekey_template[0].ulValueLen = strlen((char *)label);
+
+ /* Set public exponent to F4 or F5 */
+ public_exponent[0] = 0x01;
+ public_exponent[1] = 0x00;
+ if (expsize == 3)
+ public_exponent[2] = 0x01;
+ else {
+ publickey_template[4].ulValueLen = expsize;
+ public_exponent[2] = 0x00;
+ public_exponent[3] = 0x00;
+ public_exponent[4] = 0x01;
+ }
+
+ /* Set up mechanism for generating key pair */
+ genmech.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
+ genmech.pParameter = NULL_PTR;
+ genmech.ulParameterLen = 0;
- pk11_provider = getenv("PKCS11_PROVIDER");
- if (pk11_provider != NULL)
- pk11_libname = pk11_provider;
-
- while ((c = getopt(argc, argv, ":Pm:s:b:ei:l:p:")) != -1) {
- switch (c) {
- case 'P':
- hide = 0;
- break;
- case 'm':
- pk11_libname = optarg;
- break;
- case 's':
- slot = atoi(optarg);
- break;
- case 'e':
- expsize = 5;
- break;
- case 'b':
- modulusbits = atoi(optarg);
- break;
- case 'l':
- label = (CK_CHAR *)optarg;
- break;
- case 'i':
- id = strtoul(optarg, NULL, 0);
- idlen = 4;
- break;
- case 'p':
- pin = (CK_UTF8CHAR *)optarg;
- break;
- case ':':
- fprintf(stderr, "Option -%c requires an operand\n", optopt);
- errflg++;
- break;
- case '?':
- default:
- fprintf(stderr, "Unrecognised option: -%c\n", optopt);
- errflg++;
- }
- }
- if ((errflg) || (!modulusbits) || (!label)) {
- fprintf(stderr,
- "usage: pkcs11-keygen "
- "[-P] [-m module] [-s slot] [-e] -b keysize\n"
- " "
- "-l label [-i id] [-p pin]\n");
- exit(2);
- }
-
- search_template[0].pValue = label;
- search_template[0].ulValueLen = strlen((char *)label);
- publickey_template[0].pValue = label;
- publickey_template[0].ulValueLen = strlen((char *)label);
- privatekey_template[0].pValue = label;
- privatekey_template[0].ulValueLen = strlen((char *)label);
+ if (idlen == 0) {
+ publickey_attrcnt--;
+ privatekey_attrcnt--;
+ } else if (id <= 0xffff) {
+ idlen = 2;
+ publickey_template[5].ulValueLen = idlen;
+ privatekey_template[6].ulValueLen = idlen;
+ idbuf[0] = (CK_BYTE)(id >> 8);
+ idbuf[1] = (CK_BYTE)id;
+ } else {
+ idbuf[0] = (CK_BYTE)(id >> 24);
+ idbuf[1] = (CK_BYTE)(id >> 16);
+ idbuf[2] = (CK_BYTE)(id >> 8);
+ idbuf[3] = (CK_BYTE)id;
+ }
- /* Set public exponent to F4 or F5 */
- public_exponent[0] = 0x01;
- public_exponent[1] = 0x00;
- if (expsize == 3)
- public_exponent[2] = 0x01;
- else {
- publickey_template[4].ulValueLen = expsize;
- public_exponent[2] = 0x00;
- public_exponent[3] = 0x00;
- public_exponent[4] = 0x01;
- }
+ /* Initialize the CRYPTOKI library */
+ rv = C_Initialize(NULL_PTR);
- /* Set up mechanism for generating key pair */
- genmech.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
- genmech.pParameter = NULL_PTR;
- genmech.ulParameterLen = 0;
+ if (rv != CKR_OK) {
+ if (rv == 0xfe)
+ fprintf(stderr,
+ "Can't load or link module \"%s\"\n",
+ pk11_libname);
+ else
+ fprintf(stderr, "C_Initialize: Error = 0x%.8lX\n", rv);
+ exit(1);
+ }
- if (idlen == 0) {
- publickey_attrcnt--;
- privatekey_attrcnt--;
- } else if (id <= 0xffff) {
- idlen = 2;
- publickey_template[5].ulValueLen = idlen;
- privatekey_template[6].ulValueLen = idlen;
- idbuf[0] = (CK_BYTE) (id >> 8);
- idbuf[1] = (CK_BYTE) id;
- } else {
- idbuf[0] = (CK_BYTE) (id >> 24);
- idbuf[1] = (CK_BYTE) (id >> 16);
- idbuf[2] = (CK_BYTE) (id >> 8);
- idbuf[3] = (CK_BYTE) id;
- }
+ /* Open a session on the slot found */
+ rv = C_OpenSession(slot, CKF_RW_SESSION+CKF_SERIAL_SESSION,
+ NULL_PTR, NULL_PTR, &hSession);
- /* Initialize the CRYPTOKI library */
- rv = C_Initialize(NULL_PTR);
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_OpenSession: Error = 0x%.8lX\n", rv);
+ error = 1;
+ goto exit_program;
+ }
- if (rv != CKR_OK) {
- if (rv == 0xfe)
- fprintf(stderr,
- "Can't load or link module \"%s\"\n",
- pk11_libname);
- else
- fprintf(stderr, "C_Initialize: Error = 0x%.8lX\n", rv);
- exit(1);
- }
+ /* Login to the Token (Keystore) */
+ if (pin == NULL)
+ pin = (CK_UTF8CHAR *)getpassphrase("Enter Pin: ");
- /* Open a session on the slot found */
- rv = C_OpenSession(slot, CKF_RW_SESSION+CKF_SERIAL_SESSION,
- NULL_PTR, NULL_PTR, &hSession);
+ rv = C_Login(hSession, CKU_USER, pin, strlen((char *)pin));
+ memset(pin, 0, strlen((char *)pin));
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_Login: Error = 0x%.8lX\n", rv);
+ error = 1;
+ goto exit_session;
+ }
- if (rv != CKR_OK) {
- fprintf(stderr, "C_OpenSession: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_program;
- }
+ /* check if a key with the same id already exists */
+ rv = C_FindObjectsInit(hSession, search_template, 1);
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_FindObjectsInit: Error = 0x%.8lX\n", rv);
+ error = 1;
+ goto exit_session;
+ }
+ rv = C_FindObjects(hSession, &privatekey, 1, &ulObjectCount);
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_FindObjects: Error = 0x%.8lX\n", rv);
+ error = 1;
+ goto exit_search;
+ }
+ if (ulObjectCount != 0) {
+ fprintf(stderr, "Key already exists.\n");
+ error = 1;
+ goto exit_search;
+ }
- /* Login to the Token (Keystore) */
- if (!pin)
- pin = (CK_UTF8CHAR *)getpassphrase("Enter Pin: ");
- rv = C_Login(hSession, CKU_USER, pin, strlen((char *)pin));
- memset(pin, 0, strlen((char *)pin));
- if (rv != CKR_OK) {
- fprintf(stderr, "C_Login: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_session;
- }
-
- /* check if a key with the same id already exists */
- rv = C_FindObjectsInit(hSession, search_template, 1);
- if (rv != CKR_OK) {
- fprintf(stderr, "C_FindObjectsInit: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_session;
- }
- rv = C_FindObjects(hSession, &privatekey, 1, &ulObjectCount);
- if (rv != CKR_OK) {
- fprintf(stderr, "C_FindObjects: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_search;
- }
- if (ulObjectCount != 0) {
- fprintf(stderr, "Key already exists.\n");
- error = 1;
- goto exit_search;
- }
-
- /* Set attributes if the key is not to be hidden */
- if (!hide) {
- privatekey_template[4].pValue = &falsevalue;
- privatekey_template[5].pValue = &truevalue;
- }
+ /* Set attributes if the key is not to be hidden */
+ if (!hide) {
+ privatekey_template[4].pValue = &falsevalue;
+ privatekey_template[5].pValue = &truevalue;
+ }
- /* Generate Key pair for signing/verifying */
- rv = C_GenerateKeyPair(hSession, &genmech,
- publickey_template, publickey_attrcnt,
- privatekey_template, privatekey_attrcnt,
- &publickey, &privatekey);
-
- if (rv != CKR_OK) {
- fprintf(stderr, "C_GenerateKeyPair: Error = 0x%.8lX\n", rv);
- error = 1;
- }
-
+ /* Generate Key pair for signing/verifying */
+ rv = C_GenerateKeyPair(hSession, &genmech,
+ publickey_template, publickey_attrcnt,
+ privatekey_template, privatekey_attrcnt,
+ &publickey, &privatekey);
+
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_GenerateKeyPair: Error = 0x%.8lX\n", rv);
+ error = 1;
+ }
+
exit_search:
- rv = C_FindObjectsFinal(hSession);
- if (rv != CKR_OK) {
- fprintf(stderr, "C_FindObjectsFinal: Error = 0x%.8lX\n", rv);
- error = 1;
- }
+ rv = C_FindObjectsFinal(hSession);
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_FindObjectsFinal: Error = 0x%.8lX\n", rv);
+ error = 1;
+ }
exit_session:
- (void) C_CloseSession(hSession);
+ (void)C_CloseSession(hSession);
exit_program:
- (void) C_Finalize(NULL_PTR);
+ (void)C_Finalize(NULL_PTR);
- exit(error);
+ exit(error);
}
+/*
+ * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
+ * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
+ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * Portions copyright (c) 2008 Nominet UK. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* $Id: pkcs11-list.c,v 1.7 2009/10/26 23:36:53 each Exp $ */
+
/* pkcs11-list [-P] [-m module] [-s slot] [-i $id | -l $label] [-p $pin] */
+/*! \file */
+
#include <config.h>
#include <stdio.h>
#endif
#if !(defined(HAVE_GETPASSPHRASE) || (defined (__SVR4) && defined (__sun)))
-#define getpassphrase(x) getpass(x)
+#define getpassphrase(x) getpass(x)
#endif
int
main(int argc, char *argv[])
{
- CK_RV rv;
- CK_SLOT_ID slot = 0;
- CK_SESSION_HANDLE hSession;
- CK_UTF8CHAR *pin = NULL;
- CK_BYTE attr_id[2];
- CK_OBJECT_HANDLE akey[50];
- char *label = NULL;
- int error = 0, public = 0, all = 0;
- unsigned int i = 0, id = 0;
- int c, errflg = 0;
- CK_ULONG ulObjectCount;
- CK_ATTRIBUTE search_template[] = {
- {CKA_ID, &attr_id, sizeof(attr_id)}
- };
- extern char *optarg;
- extern int optopt;
- char *pk11_provider;
-
- pk11_provider = getenv("PKCS11_PROVIDER");
- if (pk11_provider != NULL)
- pk11_libname = pk11_provider;
-
- while ((c = getopt(argc, argv, ":m:s:i:l:p:P")) != -1) {
- switch (c) {
- case 'P':
- public = 1;
- break;
- case 'm':
- pk11_libname = optarg;
- break;
- case 's':
- slot = atoi(optarg);
- break;
- case 'i':
- id = atoi(optarg);
- id &= 0xffff;
- break;
- case 'l':
- label = optarg;
- break;
- case 'p':
- pin = (CK_UTF8CHAR *)optarg;
- break;
- case ':':
- fprintf(stderr, "Option -%c requires an operand\n", optopt);
- errflg++;
- break;
- case '?':
- default:
- fprintf(stderr, "Unrecognised option: -%c\n", optopt);
- errflg++;
+ CK_RV rv;
+ CK_SLOT_ID slot = 0;
+ CK_SESSION_HANDLE hSession;
+ CK_UTF8CHAR *pin = NULL;
+ CK_BYTE attr_id[2];
+ CK_OBJECT_HANDLE akey[50];
+ char *label = NULL;
+ int error = 0, public = 0, all = 0;
+ unsigned int i = 0, id = 0;
+ int c, errflg = 0;
+ CK_ULONG ulObjectCount;
+ CK_ATTRIBUTE search_template[] = {
+ {CKA_ID, &attr_id, sizeof(attr_id)}
+ };
+ char *pk11_provider;
+ extern char *optarg;
+ extern int optopt;
+
+ pk11_provider = getenv("PKCS11_PROVIDER");
+ if (pk11_provider != NULL)
+ pk11_libname = pk11_provider;
+
+ while ((c = getopt(argc, argv, ":m:s:i:l:p:P")) != -1) {
+ switch (c) {
+ case 'P':
+ public = 1;
+ break;
+ case 'm':
+ pk11_libname = optarg;
+ break;
+ case 's':
+ slot = atoi(optarg);
+ break;
+ case 'i':
+ id = atoi(optarg);
+ id &= 0xffff;
+ break;
+ case 'l':
+ label = optarg;
+ break;
+ case 'p':
+ pin = (CK_UTF8CHAR *)optarg;
+ break;
+ case ':':
+ fprintf(stderr, "Option -%c requires an operand\n",
+ optopt);
+ errflg++;
+ break;
+ case '?':
+ default:
+ fprintf(stderr, "Unrecognised option: -%c\n", optopt);
+ errflg++;
+ }
+ }
+
+ if (errflg) {
+ fprintf(stderr, "Usage:\n");
+ fprintf(stderr, "\tpkcs11-list [-P] [-m module] [-s slot] "
+ "[-i id | -l label] [-p pin]\n");
+ exit(1);
}
- }
- if (errflg) {
- fprintf(stderr,
- "usage: pkcs11-list [-P] [-m module] [-s slot] "
- "[-i id | -l label] [-p pin]\n");
- exit(1);
- }
- if ((!id) && (!label))
- all = 1;
- if (slot)
- printf("slot %lu\n", slot);
- if (id) {
- printf("id %i\n", id);
- attr_id[0] = (id >> 8) & 0xff;
- attr_id[1] = id & 0xff;
- } else if (label) {
- printf("label %s\n", label);
- search_template[0].type = CKA_LABEL;
- search_template[0].pValue = label;
- search_template[0].ulValueLen = strlen(label);
- }
-
- /* Initialize the CRYPTOKI library */
- rv = C_Initialize(NULL_PTR);
- if (rv != CKR_OK) {
- if (rv == 0xfe)
- fprintf(stderr,
- "Can't load or link module \"%s\"\n",
- pk11_libname);
- else
- fprintf(stderr, "C_Initialize: Error = 0x%.8lX\n", rv);
- exit(1);
- }
-
- /* Open a session on the slot found */
- rv = C_OpenSession(slot, CKF_SERIAL_SESSION,
- NULL_PTR, NULL_PTR, &hSession);
- if (rv != CKR_OK) {
- fprintf(stderr, "C_OpenSession: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_program;
- }
-
- /* Login to the Token (Keystore) */
- if (!public) {
- if (!pin)
- pin = (CK_UTF8CHAR *)getpassphrase("Enter Pin: ");
- rv = C_Login(hSession, CKU_USER, pin, strlen((char *)pin));
- memset(pin, 0, strlen((char *)pin));
+
+ if (!id && (label == NULL))
+ all = 1;
+
+ if (slot)
+ printf("slot %lu\n", slot);
+
+ if (id) {
+ printf("id %i\n", id);
+ attr_id[0] = (id >> 8) & 0xff;
+ attr_id[1] = id & 0xff;
+ } else if (label != NULL) {
+ printf("label %s\n", label);
+ search_template[0].type = CKA_LABEL;
+ search_template[0].pValue = label;
+ search_template[0].ulValueLen = strlen(label);
+ }
+
+ /* Initialize the CRYPTOKI library */
+ rv = C_Initialize(NULL_PTR);
if (rv != CKR_OK) {
- fprintf(stderr, "C_Login: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_session;
+ if (rv == 0xfe)
+ fprintf(stderr,
+ "Can't load or link module \"%s\"\n",
+ pk11_libname);
+ else
+ fprintf(stderr, "C_Initialize: Error = 0x%.8lX\n", rv);
+ exit(1);
}
- }
-
- rv = C_FindObjectsInit(hSession, search_template, all ? 0 : 1);
- if (rv != CKR_OK) {
- fprintf(stderr, "C_FindObjectsInit: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_session;
- }
-
- ulObjectCount = 1;
- while (ulObjectCount) {
- rv = C_FindObjects(hSession, akey, 50, &ulObjectCount);
+
+ /* Open a session on the slot found */
+ rv = C_OpenSession(slot, CKF_SERIAL_SESSION,
+ NULL_PTR, NULL_PTR, &hSession);
if (rv != CKR_OK) {
- fprintf(stderr, "C_FindObjects: Error = 0x%.8lX\n", rv);
- error = 1;
- goto exit_search;
+ fprintf(stderr, "C_OpenSession: Error = 0x%.8lX\n", rv);
+ error = 1;
+ goto exit_program;
+ }
+
+ /* Login to the Token (Keystore) */
+ if (!public) {
+ if (pin == NULL)
+ pin = (CK_UTF8CHAR *)getpassphrase("Enter Pin: ");
+ rv = C_Login(hSession, CKU_USER, pin, strlen((char *)pin));
+ memset(pin, 0, strlen((char *)pin));
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_Login: Error = 0x%.8lX\n", rv);
+ error = 1;
+ goto exit_session;
+ }
}
- for (i = 0; i < ulObjectCount; i++) {
- CK_OBJECT_CLASS oclass = 0;
- CK_BYTE labelbuf[64 + 1];
- CK_BYTE idbuf[64];
- CK_ATTRIBUTE attr_template[] = {
- {CKA_CLASS, &oclass, sizeof(oclass)},
- {CKA_LABEL, labelbuf, sizeof(labelbuf) - 1},
- {CKA_ID, idbuf, sizeof(idbuf)}
- };
- unsigned int j, len;
-
- memset(labelbuf, 0, sizeof(labelbuf));
- memset(idbuf, 0, sizeof(idbuf));
-
- rv = C_GetAttributeValue(hSession, akey[i], attr_template, 3);
- if (rv != CKR_OK) {
- fprintf(stderr,
- "C_GetAttributeValue[%u]: rv = 0x%.8lX\n", i, rv);
- if (rv == CKR_BUFFER_TOO_SMALL)
- fprintf(stderr, "%u too small: %lu %lu %lu\n", i,
- attr_template[0].ulValueLen,
- attr_template[1].ulValueLen,
- attr_template[2].ulValueLen);
+ rv = C_FindObjectsInit(hSession, search_template, all ? 0 : 1);
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_FindObjectsInit: Error = 0x%.8lX\n", rv);
error = 1;
- continue;
- }
-
- len = attr_template[2].ulValueLen;
- printf("object[%u]: handle %lu class %lu "
- "label[%lu] '%s' id[%lu] ",
- i, akey[i], oclass,
- attr_template[1].ulValueLen, labelbuf,
- attr_template[2].ulValueLen);
- if (len == 2) {
- id = (idbuf[0] << 8) & 0xff00;
- id |= idbuf[1] & 0xff;
- printf("%u\n", id);
- } else {
- if (len > 8)
- len = 8;
- if (len > 0)
- printf("0x");
- for (j = 0; j < len; j++)
- printf("%02x", idbuf[j]);
- if (attr_template[2].ulValueLen > len)
- printf("...\n");
- else
- printf("\n");
- }
+ goto exit_session;
+ }
+
+ ulObjectCount = 1;
+ while (ulObjectCount) {
+ rv = C_FindObjects(hSession, akey, 50, &ulObjectCount);
+ if (rv != CKR_OK) {
+ fprintf(stderr,
+ "C_FindObjects: Error = 0x%.8lX\n",
+ rv);
+ error = 1;
+ goto exit_search;
+ }
+
+ for (i = 0; i < ulObjectCount; i++) {
+ unsigned int j, len;
+
+ CK_OBJECT_CLASS oclass = 0;
+ CK_BYTE labelbuf[64 + 1];
+ CK_BYTE idbuf[64];
+ CK_ATTRIBUTE template[] = {
+ {CKA_CLASS, &oclass, sizeof(oclass)},
+ {CKA_LABEL, labelbuf, sizeof(labelbuf) - 1},
+ {CKA_ID, idbuf, sizeof(idbuf)}
+ };
+
+ memset(labelbuf, 0, sizeof(labelbuf));
+ memset(idbuf, 0, sizeof(idbuf));
+
+ rv = C_GetAttributeValue(hSession, akey[i],
+ template, 3);
+ if (rv != CKR_OK) {
+ fprintf(stderr,
+ "C_GetAttributeValue[%u]: "
+ "rv = 0x%.8lX\n",
+ i, rv);
+ if (rv == CKR_BUFFER_TOO_SMALL)
+ fprintf(stderr,
+ "%u too small: %lu %lu %lu\n",
+ i,
+ template[0].ulValueLen,
+ template[1].ulValueLen,
+ template[2].ulValueLen);
+ error = 1;
+ continue;
+ }
+
+ len = template[2].ulValueLen;
+ printf("object[%u]: handle %lu class %lu "
+ "label[%lu] '%s' id[%lu] ",
+ i, akey[i], oclass,
+ template[1].ulValueLen,
+ labelbuf,
+ template[2].ulValueLen);
+ if (len == 2) {
+ id = (idbuf[0] << 8) & 0xff00;
+ id |= idbuf[1] & 0xff;
+ printf("%u\n", id);
+ } else {
+ if (len > 8)
+ len = 8;
+ if (len > 0)
+ printf("0x");
+ for (j = 0; j < len; j++)
+ printf("%02x", idbuf[j]);
+ if (template[2].ulValueLen > len)
+ printf("...\n");
+ else
+ printf("\n");
+ }
+ }
}
- }
exit_search:
- rv = C_FindObjectsFinal(hSession);
- if (rv != CKR_OK) {
- fprintf(stderr, "C_FindObjectsFinal: Error = 0x%.8lX\n", rv);
- error = 1;
- }
+ rv = C_FindObjectsFinal(hSession);
+ if (rv != CKR_OK) {
+ fprintf(stderr, "C_FindObjectsFinal: Error = 0x%.8lX\n", rv);
+ error = 1;
+ }
exit_session:
- (void) C_CloseSession(hSession);
+ (void)C_CloseSession(hSession);
exit_program:
- (void) C_Finalize(NULL_PTR);
+ (void)C_Finalize(NULL_PTR);
- exit(error);
+ exit(error);
}
/* cryptoki.h include file for PKCS #11. */
-/* $Revision: 1.2 $ */
+/*
+ * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
+ * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
+ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+/* $Revision: 1.3 $ */
-/* License to copy and use this software is granted provided that it is
+/*
+ * Portions Copyright RSA Security Inc.
+ *
+ * License to copy and use this software is granted provided that it is
* identified as "RSA Security Inc. PKCS #11 Cryptographic Token Interface
* (Cryptoki)" in all material mentioning or referencing this software.
+/*
+ * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
+ * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
+ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id */
+
+/*! \file */
+
/* dynamic loader (ifndef FORCE_STATIC_PROVIDER) */
#include <dlfcn.h>
+/*
+ * Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE
+ * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
+ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id */
+
+/*! \file */
+
/* missing code for WIN32 */
#include <windows.h>
projects / thirdparty / bind9.git / commitdiff
