diff --git a/AUTHORS b/AUTHORS index 70007d6..48aa3c8 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,26 +1,29 @@ Package: scute Maintainer: Damien Goutte-Gattat Bug reports: https://bugs.gnupg.org/ Security related bug reports: security@gnupg.org -License: GPLv2+ with exception for Mozilla +License: LGPL-2.1-or-later g10 Code GmbH - Design and implementation Andreas Jellinghaus - Contributions to src/pkcs11.h. Alon Bar-Lev - Contributions to src/pkcs11.h. +Damien Goutte-Gattat + - Various changes. + Copyright 2006, 2008 g10 Code GmbH This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/COPYING b/COPYING deleted file mode 100644 index 623b625..0000000 --- a/COPYING +++ /dev/null @@ -1,340 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General -Public License instead of this License. diff --git a/COPYING.LESSER b/COPYING.LESSER new file mode 100644 index 0000000..89d4489 --- /dev/null +++ b/COPYING.LESSER @@ -0,0 +1,508 @@ + + GNU LESSER GENERAL PUBLIC LICENSE + Version 2.1, February 1999 + + Copyright (C) 1991, 1999 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +[This is the first released version of the Lesser GPL. It also counts + as the successor of the GNU Library Public License, version 2, hence + the version number 2.1.] + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +Licenses are intended to guarantee your freedom to share and change +free software--to make sure the software is free for all its users. + + This license, the Lesser General Public License, applies to some +specially designated software packages--typically libraries--of the +Free Software Foundation and other authors who decide to use it. You +can use it too, but we suggest you first think carefully about whether +this license or the ordinary General Public License is the better +strategy to use in any particular case, based on the explanations +below. + + When we speak of free software, we are referring to freedom of use, +not price. Our General Public Licenses are designed to make sure that +you have the freedom to distribute copies of free software (and charge +for this service if you wish); that you receive source code or can get +it if you want it; that you can change the software and use pieces of +it in new free programs; and that you are informed that you can do +these things. + + To protect your rights, we need to make restrictions that forbid +distributors to deny you these rights or to ask you to surrender these +rights. These restrictions translate to certain responsibilities for +you if you distribute copies of the library or if you modify it. + + For example, if you distribute copies of the library, whether gratis +or for a fee, you must give the recipients all the rights that we gave +you. You must make sure that they, too, receive or can get the source +code. If you link other code with the library, you must provide +complete object files to the recipients, so that they can relink them +with the library after making changes to the library and recompiling +it. And you must show them these terms so they know their rights. + + We protect your rights with a two-step method: (1) we copyright the +library, and (2) we offer you this license, which gives you legal +permission to copy, distribute and/or modify the library. + + To protect each distributor, we want to make it very clear that +there is no warranty for the free library. Also, if the library is +modified by someone else and passed on, the recipients should know +that what they have is not the original version, so that the original +author's reputation will not be affected by problems that might be +introduced by others. +^L + Finally, software patents pose a constant threat to the existence of +any free program. We wish to make sure that a company cannot +effectively restrict the users of a free program by obtaining a +restrictive license from a patent holder. Therefore, we insist that +any patent license obtained for a version of the library must be +consistent with the full freedom of use specified in this license. + + Most GNU software, including some libraries, is covered by the +ordinary GNU General Public License. This license, the GNU Lesser +General Public License, applies to certain designated libraries, and +is quite different from the ordinary General Public License. We use +this license for certain libraries in order to permit linking those +libraries into non-free programs. + + When a program is linked with a library, whether statically or using +a shared library, the combination of the two is legally speaking a +combined work, a derivative of the original library. The ordinary +General Public License therefore permits such linking only if the +entire combination fits its criteria of freedom. The Lesser General +Public License permits more lax criteria for linking other code with +the library. + + We call this license the "Lesser" General Public License because it +does Less to protect the user's freedom than the ordinary General +Public License. It also provides other free software developers Less +of an advantage over competing non-free programs. These disadvantages +are the reason we use the ordinary General Public License for many +libraries. However, the Lesser license provides advantages in certain +special circumstances. + + For example, on rare occasions, there may be a special need to +encourage the widest possible use of a certain library, so that it +becomes a de-facto standard. To achieve this, non-free programs must +be allowed to use the library. A more frequent case is that a free +library does the same job as widely used non-free libraries. In this +case, there is little to gain by limiting the free library to free +software only, so we use the Lesser General Public License. + + In other cases, permission to use a particular library in non-free +programs enables a greater number of people to use a large body of +free software. For example, permission to use the GNU C Library in +non-free programs enables many more people to use the whole GNU +operating system, as well as its variant, the GNU/Linux operating +system. + + Although the Lesser General Public License is Less protective of the +users' freedom, it does ensure that the user of a program that is +linked with the Library has the freedom and the wherewithal to run +that program using a modified version of the Library. + + The precise terms and conditions for copying, distribution and +modification follow. Pay close attention to the difference between a +"work based on the library" and a "work that uses the library". The +former contains code derived from the library, whereas the latter must +be combined with the library in order to run. +^L + GNU LESSER GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License Agreement applies to any software library or other +program which contains a notice placed by the copyright holder or +other authorized party saying it may be distributed under the terms of +this Lesser General Public License (also called "this License"). +Each licensee is addressed as "you". + + A "library" means a collection of software functions and/or data +prepared so as to be conveniently linked with application programs +(which use some of those functions and data) to form executables. + + The "Library", below, refers to any such software library or work +which has been distributed under these terms. A "work based on the +Library" means either the Library or any derivative work under +copyright law: that is to say, a work containing the Library or a +portion of it, either verbatim or with modifications and/or translated +straightforwardly into another language. (Hereinafter, translation is +included without limitation in the term "modification".) + + "Source code" for a work means the preferred form of the work for +making modifications to it. For a library, complete source code means +all the source code for all modules it contains, plus any associated +interface definition files, plus the scripts used to control +compilation and installation of the library. + + Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running a program using the Library is not restricted, and output from +such a program is covered only if its contents constitute a work based +on the Library (independent of the use of the Library in a tool for +writing it). Whether that is true depends on what the Library does +and what the program that uses the Library does. + + 1. You may copy and distribute verbatim copies of the Library's +complete source code as you receive it, in any medium, provided that +you conspicuously and appropriately publish on each copy an +appropriate copyright notice and disclaimer of warranty; keep intact +all the notices that refer to this License and to the absence of any +warranty; and distribute a copy of this License along with the +Library. + + You may charge a fee for the physical act of transferring a copy, +and you may at your option offer warranty protection in exchange for a +fee. + + 2. You may modify your copy or copies of the Library or any portion +of it, thus forming a work based on the Library, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) The modified work must itself be a software library. + + b) You must cause the files modified to carry prominent notices + stating that you changed the files and the date of any change. + + c) You must cause the whole of the work to be licensed at no + charge to all third parties under the terms of this License. + + d) If a facility in the modified Library refers to a function or a + table of data to be supplied by an application program that uses + the facility, other than as an argument passed when the facility + is invoked, then you must make a good faith effort to ensure that, + in the event an application does not supply such function or + table, the facility still operates, and performs whatever part of + its purpose remains meaningful. + + (For example, a function in a library to compute square roots has + a purpose that is entirely well-defined independent of the + application. Therefore, Subsection 2d requires that any + application-supplied function or table used by this function must + be optional: if the application does not supply it, the square + root function must still compute square roots.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Library, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Library, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote +it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Library. + +In addition, mere aggregation of another work not based on the Library +with the Library (or with a work based on the Library) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may opt to apply the terms of the ordinary GNU General Public +License instead of this License to a given copy of the Library. To do +this, you must alter all the notices that refer to this License, so +that they refer to the ordinary GNU General Public License, version 2, +instead of to this License. (If a newer version than version 2 of the +ordinary GNU General Public License has appeared, then you can specify +that version instead if you wish.) Do not make any other change in +these notices. +^L + Once this change is made in a given copy, it is irreversible for +that copy, so the ordinary GNU General Public License applies to all +subsequent copies and derivative works made from that copy. + + This option is useful when you wish to copy part of the code of +the Library into a program that is not a library. + + 4. You may copy and distribute the Library (or a portion or +derivative of it, under Section 2) in object code or executable form +under the terms of Sections 1 and 2 above provided that you accompany +it with the complete corresponding machine-readable source code, which +must be distributed under the terms of Sections 1 and 2 above on a +medium customarily used for software interchange. + + If distribution of object code is made by offering access to copy +from a designated place, then offering equivalent access to copy the +source code from the same place satisfies the requirement to +distribute the source code, even though third parties are not +compelled to copy the source along with the object code. + + 5. A program that contains no derivative of any portion of the +Library, but is designed to work with the Library by being compiled or +linked with it, is called a "work that uses the Library". Such a +work, in isolation, is not a derivative work of the Library, and +therefore falls outside the scope of this License. + + However, linking a "work that uses the Library" with the Library +creates an executable that is a derivative of the Library (because it +contains portions of the Library), rather than a "work that uses the +library". The executable is therefore covered by this License. +Section 6 states terms for distribution of such executables. + + When a "work that uses the Library" uses material from a header file +that is part of the Library, the object code for the work may be a +derivative work of the Library even though the source code is not. +Whether this is true is especially significant if the work can be +linked without the Library, or if the work is itself a library. The +threshold for this to be true is not precisely defined by law. + + If such an object file uses only numerical parameters, data +structure layouts and accessors, and small macros and small inline +functions (ten lines or less in length), then the use of the object +file is unrestricted, regardless of whether it is legally a derivative +work. (Executables containing this object code plus portions of the +Library will still fall under Section 6.) + + Otherwise, if the work is a derivative of the Library, you may +distribute the object code for the work under the terms of Section 6. +Any executables containing that work also fall under Section 6, +whether or not they are linked directly with the Library itself. +^L + 6. As an exception to the Sections above, you may also combine or +link a "work that uses the Library" with the Library to produce a +work containing portions of the Library, and distribute that work +under terms of your choice, provided that the terms permit +modification of the work for the customer's own use and reverse +engineering for debugging such modifications. + + You must give prominent notice with each copy of the work that the +Library is used in it and that the Library and its use are covered by +this License. You must supply a copy of this License. If the work +during execution displays copyright notices, you must include the +copyright notice for the Library among them, as well as a reference +directing the user to the copy of this License. Also, you must do one +of these things: + + a) Accompany the work with the complete corresponding + machine-readable source code for the Library including whatever + changes were used in the work (which must be distributed under + Sections 1 and 2 above); and, if the work is an executable linked + with the Library, with the complete machine-readable "work that + uses the Library", as object code and/or source code, so that the + user can modify the Library and then relink to produce a modified + executable containing the modified Library. (It is understood + that the user who changes the contents of definitions files in the + Library will not necessarily be able to recompile the application + to use the modified definitions.) + + b) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (1) uses at run time a + copy of the library already present on the user's computer system, + rather than copying library functions into the executable, and (2) + will operate properly with a modified version of the library, if + the user installs one, as long as the modified version is + interface-compatible with the version that the work was made with. + + c) Accompany the work with a written offer, valid for at least + three years, to give the same user the materials specified in + Subsection 6a, above, for a charge no more than the cost of + performing this distribution. + + d) If distribution of the work is made by offering access to copy + from a designated place, offer equivalent access to copy the above + specified materials from the same place. + + e) Verify that the user has already received a copy of these + materials or that you have already sent this user a copy. + + For an executable, the required form of the "work that uses the +Library" must include any data and utility programs needed for +reproducing the executable from it. However, as a special exception, +the materials to be distributed need not include anything that is +normally distributed (in either source or binary form) with the major +components (compiler, kernel, and so on) of the operating system on +which the executable runs, unless that component itself accompanies +the executable. + + It may happen that this requirement contradicts the license +restrictions of other proprietary libraries that do not normally +accompany the operating system. Such a contradiction means you cannot +use both them and the Library together in an executable that you +distribute. +^L + 7. You may place library facilities that are a work based on the +Library side-by-side in a single library together with other library +facilities not covered by this License, and distribute such a combined +library, provided that the separate distribution of the work based on +the Library and of the other library facilities is otherwise +permitted, and provided that you do these two things: + + a) Accompany the combined library with a copy of the same work + based on the Library, uncombined with any other library + facilities. This must be distributed under the terms of the + Sections above. + + b) Give prominent notice with the combined library of the fact + that part of it is a work based on the Library, and explaining + where to find the accompanying uncombined form of the same work. + + 8. You may not copy, modify, sublicense, link with, or distribute +the Library except as expressly provided under this License. Any +attempt otherwise to copy, modify, sublicense, link with, or +distribute the Library is void, and will automatically terminate your +rights under this License. However, parties who have received copies, +or rights, from you under this License will not have their licenses +terminated so long as such parties remain in full compliance. + + 9. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Library or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Library (or any work based on the +Library), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Library or works based on it. + + 10. Each time you redistribute the Library (or any work based on the +Library), the recipient automatically receives a license from the +original licensor to copy, distribute, link with or modify the Library +subject to these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties with +this License. +^L + 11. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Library at all. For example, if a patent +license would not permit royalty-free redistribution of the Library by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Library. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply, and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 12. If the distribution and/or use of the Library is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Library under this License +may add an explicit geographical distribution limitation excluding those +countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 13. The Free Software Foundation may publish revised and/or new +versions of the Lesser General Public License from time to time. +Such new versions will be similar in spirit to the present version, +but may differ in detail to address new problems or concerns. + +Each version is given a distinguishing version number. If the Library +specifies a version number of this License which applies to it and +"any later version", you have the option of following the terms and +conditions either of that version or of any later version published by +the Free Software Foundation. If the Library does not specify a +license version number, you may choose any version ever published by +the Free Software Foundation. +^L + 14. If you wish to incorporate parts of the Library into other free +programs whose distribution conditions are incompatible with these, +write to the author to ask for permission. For software which is +copyrighted by the Free Software Foundation, write to the Free +Software Foundation; we sometimes make exceptions for this. Our +decision will be guided by the two goals of preserving the free status +of all derivatives of our free software and of promoting the sharing +and reuse of software generally. + + NO WARRANTY + + 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO +WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. +EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR +OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY +KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE +LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME +THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY +AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU +FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR +CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE +LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING +RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A +FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF +SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +DAMAGES. + + END OF TERMS AND CONDITIONS +^L + How to Apply These Terms to Your New Libraries + + If you develop a new library, and you want it to be of the greatest +possible use to the public, we recommend making it free software that +everyone can redistribute and change. You can do so by permitting +redistribution under these terms (or, alternatively, under the terms +of the ordinary General Public License). + + To apply these terms, attach the following notices to the library. +It is safest to attach them to the start of each source file to most +effectively convey the exclusion of warranty; and each file should +have at least the "copyright" line and a pointer to where the full +notice is found. + + + + Copyright (C) + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +Also add information on how to contact you by electronic and paper mail. + +You should also get your employer (if you work as a programmer) or +your school, if any, to sign a "copyright disclaimer" for the library, +if necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the + library `Frob' (a library for tweaking knobs) written by James + Random Hacker. + + , 1 April 1990 + Ty Coon, President of Vice + +That's all there is to it! diff --git a/Makefile.am b/Makefile.am index 68db8e8..808a956 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,42 +1,33 @@ # Makefile.am - Top level Makefile for scute. # Copyright (C) 2006 g10 Code GmbH -# +# # This file is part of Scute. # # Scute is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. # # Scute is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, see . +# Lesser General Public License for more details. # -# In addition, as a special exception, g10 Code GmbH gives permission -# to link this library: with the Mozilla Foundation's code for -# Mozilla (or with modified versions of it that use the same license -# as the "Mozilla" code), and distribute the linked executables. You -# must obey the GNU General Public License in all respects for all of -# the code used other than "Mozilla". If you modify this file, you -# may extend this exception to your version of the file, but you are -# not obligated to do so. If you do not wish to do so, delete this -# exception statement from your version. +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . +# SPDX-License-Identifier: LGPL-2.1-or-later ## Process this file with automake to produce Makefile.in ACLOCAL_AMFLAGS = -I m4 AUTOMAKE_OPTIONS = dist-bzip2 no-dist-gzip EXTRA_DIST = autogen.sh README.GIT if RUN_TESTS tests = tests else -tests = +tests = endif SUBDIRS = m4 src ${tests} doc diff --git a/README b/README index 4cd9a12..4d93733 100644 --- a/README +++ b/README @@ -1,439 +1,426 @@ Scute ===== This is a PKCS #11 implementation for the GnuPG Agent using the GnuPG Smart Card Daemon. Currently, only the OpenPGP card is supported. TOC === * Purpose * Prerequisites * Installation * Client Authentication * Troubleshooting * Features and Limitations * Development * Mozilla Bugs * Copyright and License Purpose ======= Scute enables you to use your OpenPGP smart card for client authentication with SSL in Mozilla. See below for more details on how to get this working. Scute also allows you to sign emails with Thunderbird, using the S/MIME protocol, and to sign OpenDocument and PDF files with LibreOffice. Prerequisites ============= For the compilation: * libgpg-error 1.14 * libassuan 2.0.0 At runtime: * Mozilla (or any other supported application using PKCS #11). * GnuPG 2.0, in particular: gpg-agent, scdaemon * Pinentry Note that client authentication with TLS 1.2 and S/MIME signing require GnuPG 2.1. Installation ============ To install the PKCS #11 Module, follow the generic installation instructions in the file INSTALL that accompanies this software. After installation, you can configure Mozilla to use Scute by visiting the preferences dialog in the "advanced" category, under "Security Devices". There you can "load" the module from its installed path, e.g. "/usr/lib/scute.so". Client Authentication ===================== For client authentication to work, several steps need to be completed. Depending on your situation, some of these steps may be performed by third parties, like service providers. However, they can also all be performed locally, if use of client authentication with a local service is desired. For this introduction, we assume an Apache web server with SSL at the server side, and a connecting client running Firefox. As a certification authority (CA) we use OpenSSL. Scute provides a PKCS #11 compatible security device to Firefox for client authentication. This security device gives Firefox access to the client's OpenPGP smart card. The Client Perspective ---------------------- To get things started, we have to prepare an initialised OpenPGP smart card by uploading an off-card key or generating a key on the card. The card you got may already have been initialised. Otherwise, you can find more information on this step in the smartcard HowTo, which also documents other basic card operations: http://www.gnupg.org/(en)/howtos/card-howto/en/smartcard-howto.html Once the card is initialised, we have to generate a certificate signing request (CSR) to get the authentication key of the card (OPENPGP.3, the third key on the card) certified by the CA. This can be done using "gpgsm --gen-key". For the CSR, a distinguished name (DN) is required. Your CA will have more information about what this DN should contain. Below we use an example for a test-employee "Floppy Head" of the test-CA that ships with OpenSSL ("Snake Oil, Ltd."). Generating the CSR is then just a matter of answering a few questions: $ gpgsm --gen-key > client.csr Please select what kind of key you want: (1) RSA (2) Existing key (3) Existing key from card Your selection? 3 Serial number of the card: 355F9746499F0D4B4ECEE4928B007D16 Available keys: (1) D53137B94C38D9BF6A199706EA6D5253 OPENPGP.1 (2) B0CD1A9DFC3539A1D6A8B851A11C8665 OPENPGP.2 (3) 53DB41052CC590A40B403F3E6350E5DC OPENPGP.3 Your selection? 3 Possible actions for a RSA key: (1) sign, encrypt (2) sign (3) encrypt Your selection? 2 Enter the X.509 subject name: CN=Floppy Head,OU="Webserver Team",O="Snake Oil, Ltd",L="Snake Town",ST="Snake Desert",C=XY Enter email addresses (end with an empty line): > floppy.head@example.org > Enter DNS names (optional; end with an empty line): > Enter URIs (optional; end with an empty line): > Create self-signed certificate? (y/N) n These parameters are used: Key-Type: card:OPENPGP.3 Key-Length: 1024 Key-Usage: sign Name-DN: CN=Floppy Head,OU="Webserver Team",O="Snake Oil, Ltd",L="Snake Town",ST="Snake Desert",C=XY Name-Email: floppy.head@example.org Proceed with creation? (y/N) y Now creating certificate request. This may take a while ... gpgsm: about to sign the CSR for key: &53DB41052CC590A40B403F3E6350E5DC gpgsm: certificate request created Ready. You should now send this request to your CA. It is required to enter the signing PIN of the card to complete this step. The certificate can then be found in the file "/tmp/floppy.csr". This file should then be sent to the CA for certification (see below). The CA will return to the client a certificate "/tmp/floppy.crt", who can then import the issuer certificate of the CA (in this example, we access directly the local server certificate) and its own certificate with gpgsm: $ gpgsm --import /etc/apache/ssl.crt/snakeoil-ca-rsa.crt gpgsm: total number processed: 1 gpgsm: imported: 1 marcus@ulysses:~/g10/projects/pkcs11-for-scdaemon/ca/usercert/card3$ gpgsm --import /tmp/floppy.crt gpgsm: total number processed: 1 gpgsm: unchanged: 1 $ gpgsm --list-keys Floppy Serial number: 08 Issuer: /CN=Snake Oil CA/OU=Certificate Authority/O=Snake Oil, Ltd/L=Snake Town/ST=Snake Desert/C=XY/EMail=ca@snakeoil.dom Subject: /CN=Floppy Head/OU=Webserver Team/O=Snake Oil, Ltd/ST=Snake Desert/C=XY validity: 2006-10-11 13:17:08 through 2007-10-11 13:17:08 key type: 1024 bit RSA fingerprint: C9:08:0E:86:92:6C:7B:4B:8C:23:1C:9D:D7:15:BF:D4:A4:00:54:11 Now the client can configure his web browser. If desired, the client can install the web servers certificate (alternatively, Firefox will ask when establishing the initial connection). To actually perform the client authentication, the client needs to set up the web browser for use with Scute. The Scute PKCS #11 module, installed under /usr/lib/scute.so by default, needs to be loaded as a security device in Firefox under Preferences->Advanced->Security->Certificates->Security Devices->Load When the security device is loaded, card insertion should cause the security device list be updated with the inserted token (the card), and the certificate that has been imported into gpgsm should be visible under Preferences->Advanced->Security->Certificates->View Certificates automatically. Firefox will by default select the certificate to be used for client authentication automatically from the list of available certificates. This setting can be changed if desired in Preferences->Advanced->Security->Certificates ("Select one automatically" vs. "Ask me every time") When the client then attempts to open the URL "https://localhost/" in this example, the web server will require SSL authentication, which causes Firefox to look (or ask) for a client certificate. If the certificate on the card is suitable (or selected), the user will have to enter the PIN number on the card to sign into the web site. The CA Perspective ------------------ The CA will have to process the CSR submitted by the client. After verifying the identity of the submitter by some external means, the CA may use for example this OpenSSL command to create a certificate (we use the example CA shipping with the Apache SSL module on Ubuntu): # cd /etc/apache/ssl.crt/ # openssl ca -in /tmp/floppy.csr -cert /etc/apache/ssl.crt/snakeoil-ca-rsa.crt -keyfile /etc/apache/ssl.key/snakeoil-ca-rsa.key -out /tmp/floppy.crt Using configuration from /usr/lib/ssl/openssl.cnf Check that the request matches the signature Signature ok Certificate Details: Serial Number: 8 (0x8) Validity Not Before: Oct 11 13:17:08 2006 GMT Not After : Oct 11 13:17:08 2007 GMT Subject: countryName = XY stateOrProvinceName = Snake Desert organizationName = Snake Oil, Ltd organizationalUnitName = Webserver Team commonName = Floppy Head X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: 72:AF:B8:13:3D:3D:9D:02:93:E4:D4:56:0C:06:90:4C:26:85:85:5D X509v3 Authority Key Identifier: DirName:/C=XY/ST=Snake Desert/L=Snake Town/O=Snake Oil, Ltd/OU=Certificate Authority/CN=Snake Oil CA/emailAddress=ca@snakeoil.dom serial:00 Certificate is to be certified until Oct 11 13:17:08 2007 GMT (365 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated The resulting file, "/tmp/floppy.crt" is sent back from the CA to the client along with the issuer certificate. For more information how to set up and work with a CA using OpenSSL, please see the OpenSSL documentation. The Server Perspective ---------------------- The service provider will set up an Apache web server with SSL support, and configure it to accept certificates from the CA. This step is quite involved. Garex has a concise HowTo online at http://www.garex.net/apache/ about how to do this. Beside the creation of a certificate that has its own fully qualified domain name (FQDN) as common name (CN part of the DN), this involves installing the Apache SSL module and configuration for it, for example in httpd.conf: SSLEngine on SSLCertificateFile /etc/apache/ssl.crt/server.crt SSLCertificateKeyFile /etc/apache/ssl.key/server.key SSLVerifyClient require SSLVerifyDepth 1 SSLCACertificateFile /etc/apache/ssl.crt/snakeoil-ca-rsa.crt The file server.key is not protected by a passphrase (if it is, this passphrase needs to be provided when starting up Apache), and server.crt has "CN=localhost" as part of its DN for this example. Troubleshooting =============== Symptom: Loading the Scute security device in the security device manager of Firefox fails with "Unable to load module". Solution: Make sure that Scute is correctly installed, and that all libraries and executables are available. Make sure that gpg-agent is running and can be found via the environment variable GPG_AGENT_INFO. Symptom: Client authentication fails with " has received an incorrect or unexpected message. Error code: -12227". Solution: Make sure that the correct OpenPGP card is inserted and the certificate available in GPGSM. Check that the OpenPGP card is detected correctly in the security device manager and the corresponding certificate is displayed in the certificate manager of Firefox. Symptom: The OpenPGP card is detected and displayed in the security device manager in Firefox, but no corresponding certificate is displayed in the certificate manager of Firefox. Solution: Make sure that the corresponding certificate is imported in GPGSM. Features and Limitations ======================== Scute implements version 2.20 of the PKCS #11 specification. The OpenPGP smart card application is supported in read-only mode. The following functions are not supported: * C_Initialize: No support for native thread package. Locking callbacks must be provided if multi-threaded operation is desired. * C_WaitForSlotEvent: Not implemented. The interface as specified by PKCS #11 is broken anyway, as the function can not safely be canceled. Thus, we require polling. * C_GetOperationState, C_SetOperationState: Not supported. * C_InitToken, C_InitPIN, C_SetPIN: Not supported. No write operations are allowed. To configure the token, please use the tools accompanying the GnuPG software suite. * C_Login, C_Logout: Not supported. No login into the token by the software is required. Passphrase queries are implemented by the use of GPG Agent and Pinentry. * C_EncryptInit, C_Encrypt, C_EncryptUpdate, C_EncryptFinal, C_DigestInit, C_Digest, C_DigestUpdate, C_DigestKey, C_DigestFinal, C_VerifyInit, C_Verify, C_VerifyUpdate, C_VerifyFinal, C_VerifyRecoverInit, C_VerifyRec: Not supported. Only secret key operations are supported. * C_DecryptInit, C_Decrypt: Not yet supported, but will be in the future. * C_SignUpdate, C_SignFinal, C_DecryptUpdate, C_DecryptFinal: No progressive crypto-operations are supported. * C_SignRecoverInit, C_SignRecover: Not supported. * C_DigestEncryptUpdate, C_DecryptDigestUpdate, C_SignEncryptUpdate, C_DecryptVerifyUpdate: Dual-purpose cryptographic functions are not supported. * C_GenerateKey, C_GenerateKeyPair, C_WrapKey, C_UnwrapKey, C_DeriveKey: Key management functions are not supported. Please use the tools accompanying the GnuPG software suite to generate and import keys for use with the token. * C_SeedRandom: Not supported. * C_CreateObject, C_CopyObject, C_DestroyObject, C_SetAttributeValue: Only read-only operations are supported on objects. * C_GetObjectSize: Not supported. * CKO_CERTIFICATE: The label specifies the key on the card used (e.g. OPENPGP.3). The ID is the fingerprint. * CKO_PRIVATE_KEY: The CKA_LOCAL attribute can not be supported by the OpenPGP card. It is always set to false (as the key on the card may be copied to the card from an external source). Development =========== Scute is single-threaded. There is a global lock that is taken in all entry points of Scute, except for C_Initialize, C_Finalize, C_GetFunctionList, and stubs. Here are a couple of hints on how to develop PKCS #11 modules for Mozilla: libopensc2 ships with a pkcs11-spy library that can be loaded as a wrapper around the PKCS #11 library you want to use to log all functions invoked by Mozilla. Here is how to use it: Set the PKCS11SPY_OUTPUT environment variable to a filename. pkcs11-spy appends its log messages at the end of this file. Set the PKCS11SPY environment variable to the filename of the PKCS #11 module you actually want to use. Start Mozilla within this environment. There is a different, probably more powerful way to debug Mozilla PKCS #11 libraries. However, to be able to use it, you need to configure and compile the Mozilla NSS sources with --enable-debug. Instructions can be found at: http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn2.html Here are a couple of links to more information about implementing a PKCS #11 module for Mozilla: Implementing PKCS #11 for the Netscape Security Library (Caution: The content may be out of date) http://docs.sun.com/source/816-6150-10/index.htm http://docs.sun.com/source/816-6150-10/pkcs.htm Common PKCS #11 Implementation Problems http://www.mozilla.org/projects/security/pki/pkcs11/netscape/problems.html PKCS #11 Conformance Testing http://www.mozilla.org/projects/security/pki/pkcs11/ And of course the Mozilla NSS web page: http://www.mozilla.org/projects/security/pki/nss/ Mozilla Bugs ============ Mozilla has a bug that causes the security devices list to become corrupt when a security device is unloaded: The wrong entry is removed from the list. This is corrected by waiting for a refresh or closing and reopening the security device manager. Copyright and License ===================== Scute is copyrighted by g10 Code GmbH and licensed under the GNU -General Pubic License version 2 or later with this exception: - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify the software, you - may extend this exception to your version of the software, but you - are not obligated to do so. If you do not wish to do so, delete this - exception statement from your version and from all source files. - - -g10 Code GmbH -marcus@g10code.com +Lesser General Public License version 2.1 or later. See the file +COPYING.LESSER for details. Copyright 2006, 2009 g10 Code GmbH This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. diff --git a/configure.ac b/configure.ac index bc56dae..5c4a98a 100644 --- a/configure.ac +++ b/configure.ac @@ -1,486 +1,477 @@ # configure.ac: Configure script for Scute. # Copyright (C) 2006, 2007, 2008, 2009, 2010, 2015 g10 Code GmbH # # This file is part of Scute. # # Scute is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. # # Scute is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. +# Lesser General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; if not, see . -# -# In addition, as a special exception, g10 Code GmbH gives permission -# to link this library: with the Mozilla Foundation's code for -# Mozilla (or with modified versions of it that use the same license -# as the "Mozilla" code), and distribute the linked executables. You -# must obey the GNU General Public License in all respects for all of -# the code used other than "Mozilla". If you modify this file, you -# may extend this exception to your version of the file, but you are -# not obligated to do so. If you do not wish to do so, delete this -# exception statement from your version. +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . +# SPDX-License-Identifier: LGPL-2.1-or-later # Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) min_automake_version="1.14" # To build a release you need to create a tag with the version number # (git tag -s scute-1.n.m) and run "./autogen.sh --force". Please # bump the version number immediately *after* the release and do # another commit and push so that the git magic is able to work. m4_define([mym4_package],[scute]) m4_define([mym4_major], [1]) m4_define([mym4_minor], [6]) m4_define([mym4_micro], [0]) # To start a new development series, i.e a new major or minor number # you need to mark an arbitrary commit before the first beta release # with an annotated tag. For example the 1.5 branch starts off with # the tag "scute-1.5-base". This is used as the base for counting # beta numbers before the first release of a series. # Below is m4 magic to extract and compute the git revision number, # the decimalized short revision number, a beta version string and a # flag indicating a development version (mym4_isbeta). Note that the # m4 processing is done by autoconf and not during the configure run. m4_define([mym4_verslist], m4_split(m4_esyscmd([./autogen.sh --find-version] \ mym4_package mym4_major mym4_minor mym4_micro),[:])) m4_define([mym4_isbeta], m4_argn(2, mym4_verslist)) m4_define([mym4_version], m4_argn(4, mym4_verslist)) m4_define([mym4_revision], m4_argn(7, mym4_verslist)) m4_define([mym4_revision_dec], m4_argn(8, mym4_verslist)) m4_esyscmd([echo ]mym4_version[>VERSION]) AC_INIT([mym4_package],[mym4_version], [https://bugs.gnupg.org]) # LT Version numbers, remember to change them just *before* a release. # (Code changed: REVISION++) # (Interfaces added/removed/changed: CURRENT++, REVISION=0) # (Interfaces added: AGE++) # (Interfaces removed/changed: AGE=0) # LIBSCUTE_LT_CURRENT=0 LIBSCUTE_LT_AGE=0 LIBSCUTE_LT_REVISION=3 # Version numbers reported by the PKCS #11 module to its users. VERSION_MAJOR=1 VERSION_MINOR=0 NEED_GPG_ERROR_VERSION=1.24 NEED_LIBASSUAN_VERSION=2.5.0 NEED_GPGSM_VERSION=2.2.0 # Some status variables to give feedback at the end of a configure run. have_gpg_error=no have_libassuan=no # # Provide information about the build. # BUILD_REVISION="mym4_revision" BUILD_REVISION_DEC="mym4_revision_dec" PACKAGE=$PACKAGE_NAME VERSION=$PACKAGE_VERSION AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_SRCDIR([src/cryptoki.h]) AC_CONFIG_HEADER([config.h]) AC_CONFIG_MACRO_DIR(m4) AM_INIT_AUTOMAKE AM_MAINTAINER_MODE AC_CANONICAL_HOST # Autobuilder support. AB_INIT # Enable GNU extensions on systems that have them. AC_GNU_SOURCE AH_VERBATIM([_REENTRANT], [/* To allow the use of scute in multithreaded programs we have to use special features from the library. */ #ifndef _REENTRANT # define _REENTRANT 1 #endif]) # Checks for programs. AC_PROG_CC # # Setup gcc specific options # AC_MSG_NOTICE([checking for cc features]) if test "$GCC" = yes; then mycflags= mycflags_save=$CFLAGS # Check whether gcc does not emit a diagnositc for unknow -Wno-* # options. This is the case for gcc >= 4.6 AC_MSG_CHECKING([if gcc ignores unknown -Wno-* options]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #if __GNUC__ < 4 || (__GNUC__ == 4 && __GNUC_MINOR__ < 6 ) #kickerror #endif]],[])],[_gcc_silent_wno=yes],[_gcc_silent_wno=no]) AC_MSG_RESULT($_gcc_silent_wno) # Note that it is okay to use CFLAGS here because these are just # warning options and the user should have a chance of overriding # them. if test "$USE_MAINTAINER_MODE" = "yes"; then mycflags="$mycflags -O3 -Wall -Wcast-align -Wshadow -Wstrict-prototypes" mycflags="$mycflags -Wformat -Wno-format-y2k -Wformat-security" if test x"$_gcc_silent_wno" = xyes ; then _gcc_wopt=yes else AC_MSG_CHECKING([if gcc supports -Wno-missing-field-initializers]) CFLAGS="-Wno-missing-field-initializers" AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])], [_gcc_wopt=yes],[_gcc_wopt=no]) AC_MSG_RESULT($_gcc_wopt) fi if test x"$_gcc_wopt" = xyes ; then mycflags="$mycflags -W -Wno-sign-compare" mycflags="$mycflags -Wno-missing-field-initializers" fi AC_MSG_CHECKING([if gcc supports -Wdeclaration-after-statement]) CFLAGS="-Wdeclaration-after-statement" AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],_gcc_wopt=yes,_gcc_wopt=no) AC_MSG_RESULT($_gcc_wopt) if test x"$_gcc_wopt" = xyes ; then mycflags="$mycflags -Wdeclaration-after-statement" fi else mycflags="$mycflags -Wall" fi if test x"$_gcc_silent_wno" = xyes ; then _gcc_psign=yes else AC_MSG_CHECKING([if gcc supports -Wno-pointer-sign]) CFLAGS="-Wno-pointer-sign" AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])], [_gcc_psign=yes],[_gcc_psign=no]) AC_MSG_RESULT($_gcc_psign) fi if test x"$_gcc_psign" = xyes ; then mycflags="$mycflags -Wno-pointer-sign" fi AC_MSG_CHECKING([if gcc supports -Wpointer-arith]) CFLAGS="-Wpointer-arith" AC_COMPILE_IFELSE([AC_LANG_PROGRAM([],[])],_gcc_psign=yes,_gcc_psign=no) AC_MSG_RESULT($_gcc_psign) if test x"$_gcc_psign" = xyes ; then mycflags="$mycflags -Wpointer-arith" fi CFLAGS="$mycflags $mycflags_save" fi AC_ARG_ENABLE(optimization, AC_HELP_STRING([--disable-optimization], [disable compiler optimization]), [if test $enableval = no ; then CFLAGS=`echo $CFLAGS | sed 's/-O[[0-9]]//'` fi]) AC_SUBST(LIBSCUTE_LT_CURRENT) AC_SUBST(LIBSCUTE_LT_AGE) AC_SUBST(LIBSCUTE_LT_REVISION) AC_DEFINE_UNQUOTED(NEED_GPGSM_VERSION, "$NEED_GPGSM_VERSION", [Min. needed GPGSM version.]) AC_SUBST(PACKAGE) AC_SUBST(VERSION) AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of this package]) AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version of this package]) AC_DEFINE_UNQUOTED(VERSION_MAJOR, $VERSION_MAJOR, [Major version number]) AC_DEFINE_UNQUOTED(VERSION_MINOR, $VERSION_MINOR, [Minor version number]) # Don't default to build static libs. # FIXME: Caution: Evil hack ahead. Libtool does not support linking a # static library to a shared library. But for libassuan, we need this. # Instead adding a lot of junk to Makefile.am to get this, we just override # all safety checks here. We are driving without seat belts now! # http://lists.cairographics.org/archives/cairo/2009-April/016962.html lt_cv_deplibs_check_method=pass_all LT_PREREQ([2.2.6]) LT_INIT([win32-dll disable-static]) LT_LANG([Windows Resource]) # For now we hardcode the use of version scripts. It would be better # to write a test for this or even implement this within libtool. have_ld_version_script=no case "${host}" in *-*-linux*) have_ld_version_script=yes ;; *-*-gnu*) have_ld_version_script=yes ;; esac AM_CONDITIONAL(HAVE_LD_VERSION_SCRIPT, test "$have_ld_version_script" = "yes") GPGSM_DEFAULT=no GPG_CONNECT_AGENT_DEFAULT=no have_w32_system=no case "${host}" in *-mingw32*) # special stuff for Windoze NT GPGSM_DEFAULT='c:\\gnupg\\gpgsm.exe' GPG_CONNECT_AGENT_DEFAULT='c:\\gnupg\\gpg-connect-agent.exe' have_w32_system=yes ;; *) ;; esac if test "$have_w32_system" = yes; then AC_DEFINE(HAVE_W32_SYSTEM,1, [Defined if we run on a W32 API based system]) fi AM_CONDITIONAL(HAVE_W32_SYSTEM, test "$have_w32_system" = yes) # Generate values for the DLL version info if test "$have_w32_system" = yes; then BUILD_TIMESTAMP=`date --iso-8601=minutes` changequote(,)dnl BUILD_FILEVERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./;s/\./,/g'` changequote([,])dnl BUILD_FILEVERSION="${BUILD_FILEVERSION}${BUILD_REVISION_DEC}" fi AC_SUBST(BUILD_REVISION) AC_SUBST(BUILD_REVISION_DEC) AC_SUBST(BUILD_TIMESTAMP) AC_SUBST(BUILD_FILEVERSION) # Checks for libraries. AC_CHECK_FUNCS([ttyname localtime_r timegm stpcpy]) # Run the checks needed for estream-printf.c estream_PRINTF_INIT # The error code library. Error codes are sent over the IPC layer and # have to be interpreted. AM_PATH_GPG_ERROR("$NEED_GPG_ERROR_VERSION", have_gpg_error=yes, have_gpg_error=no) # The IPC library. AM_PATH_LIBASSUAN("$NEED_LIBASSUAN_VERSION", have_libassuan=yes, have_libassuan=no) # GPGSM NO_OVERRIDE=no AC_ARG_WITH(gpgsm, AC_HELP_STRING([--with-gpgsm=PATH], [use GpgSM binary at PATH]), GPGSM=$withval, NO_OVERRIDE=yes) if test "$NO_OVERRIDE" = "yes" || test "$GPGSM" = "yes"; then GPGSM= NO_OVERRIDE=yes if test "$cross_compiling" != "yes"; then AC_PATH_PROG(GPGSM, gpgsm) fi if test -z "$GPGSM"; then GPGSM="$GPGSM_DEFAULT" fi fi if test "$GPGSM" = no; then if test "$NO_OVERRIDE" = "yes"; then if test "$cross_compiling" != "yes"; then AC_MSG_ERROR([ *** *** Could not find GpgSM, install GpgSM or use --with-gpgsm=PATH to enable it ***]) else AC_MSG_ERROR([ *** *** Can not determine path to GpgSM when cross-compiling, use --with-gpgsm=PATH ***]) fi fi else AC_DEFINE_UNQUOTED(GPGSM_PATH, "$GPGSM", [Path to the GPGSM binary.]) AC_DEFINE(ENABLE_GPGSM,1,[Whether GPGSM support is enabled]) fi AM_CONDITIONAL(HAVE_GPGSM, test "$GPGSM" != "no") dnl Check for GPGSM version requirement. GPGSM_VERSION=unknown ok=maybe if test -z "$GPGSM" -o "x$GPGSM" = "xno"; then ok=no else if test "$cross_compiling" = "yes"; then AC_MSG_WARN([GPGSM version can not be checked when cross compiling]) ok=no else if test ! -x "$GPGSM"; then AC_MSG_WARN([GPGSM not executable, version check disabled]) ok=no fi fi fi if test "$ok" = "maybe"; then AC_MSG_CHECKING(for GPGSM >= $NEED_GPGSM_VERSION) req_major=`echo $NEED_GPGSM_VERSION | \ sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'` req_minor=`echo $NEED_GPGSM_VERSION | \ sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'` req_micro=`echo $NEED_GPGSM_VERSION | \ sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'` gpgsm_version=`$GPGSM --version | grep ^gpgsm` major=`echo $gpgsm_version | \ sed 's/^gpgsm (GnuPG) \([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'` minor=`echo $gpgsm_version | \ sed 's/^gpgsm (GnuPG) \([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'` micro=`echo $gpgsm_version | \ sed 's/^gpgsm (GnuPG) \([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'` GPGSM_VERSION=`echo $gpgsm_version | sed 's/^gpgsm (GnuPG) //'` if test "$major" -gt "$req_major"; then ok=yes else if test "$major" -eq "$req_major"; then if test "$minor" -gt "$req_minor"; then ok=yes else if test "$minor" -eq "$req_minor"; then if test "$micro" -ge "$req_micro"; then ok=yes fi fi fi fi fi if test "$ok" = "yes"; then AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) AC_MSG_WARN([GPGSM must be at least version $NEED_GPGSM_VERSION]) fi fi gpgsm_ok="$ok" # GPG_CONNECT_AGENT NO_OVERRIDE=no AC_ARG_WITH(gpg-connect-agent, AC_HELP_STRING([--with-gpg-connect-agent=PATH], [use gpg-connect-agent binary at PATH]), GPG_CONNECT_AGENT=$withval, NO_OVERRIDE=yes) if test "$NO_OVERRIDE" = "yes" || test "$GPG_CONNECT_AGENT" = "yes"; then GPG_CONNECT_AGENT= NO_OVERRIDE=yes if test "$cross_compiling" != "yes"; then AC_CHECK_PROG(GPG_CONNECT_AGENT, gpg-connect-agent, gpg-connect-agent) fi if test -z "$GPG_CONNECT_AGENT"; then GPG_CONNECT_AGENT="$GPG_CONNECT_AGENT_DEFAULT" fi fi if test "$GPG_CONNECT_AGENT" = no; then if test "$NO_OVERRIDE" = "yes"; then if test "$cross_compiling" != "yes"; then AC_MSG_ERROR([ *** *** Could not find gpg-connect-agent, use --with-gpg-connect-agent=PATH to enable it ***]) else AC_MSG_ERROR([ *** *** Can not determine path to gpg-connect-agent when cross-compiling, use --with-gpg-connect-agent=PATH ***]) fi fi else AC_DEFINE_UNQUOTED(GPG_CONNECT_AGENT_PATH, "$GPG_CONNECT_AGENT", [Path to the GPG_CONNECT_AGENT binary.]) fi # Checks for header files. AC_HEADER_STDC AC_CHECK_HEADERS([stdlib.h string.h]) # Checks for typedefs, structures, and compiler characteristics. AC_HEADER_STDBOOL AC_C_INLINE # Checks for library functions. # Check for programs needed for the manual. AC_CHECK_PROG(CONVERT, convert, convert) AC_CHECK_PROG(EPSTOPDF, epstopdf, epstopdf) # Test if tests can be run ok=yes AM_CONDITIONAL(RUN_TESTS, test "$ok" = "yes") AH_BOTTOM([ /* Prefix all estream functions. */ #define _ESTREAM_EXT_SYM_PREFIX _scute_ ]) # Print errors here so that they are visible all # together and the user can acquire them all together. die=no if test "$have_gpg_error" = "no"; then die=yes AC_MSG_NOTICE([[ *** *** You need libgpg-error to build this program. ** This library is for example available at *** ftp://ftp.gnupg.org/pub/gcrypt/libgpg-error *** (at least version $NEED_GPG_ERROR_VERSION is required.) ***]]) fi if test "$have_libassuan" = "no"; then die=yes AC_MSG_NOTICE([[ *** *** You need libassuan to build this program. *** This library is for example available at *** ftp://ftp.gnupg.org/pub/gcrypt/alpha/libassuan/ *** (at least version $NEED_LIBASSUAN_VERSION is required). ***]]) fi if test "$die" = "yes"; then AC_MSG_ERROR([[ *** *** Required libraries not found. Please consult the above messages *** and install them before running configure again. ***]]) fi AC_CONFIG_FILES([Makefile m4/Makefile src/Makefile tests/Makefile doc/manual/Makefile doc/Makefile src/versioninfo.rc]) AC_OUTPUT echo " Scute v${VERSION} has been configured as follows: Revision: mym4_revision (mym4_revision_dec) Platform: $host GpgSM: ${GPGSM} Gpg-connect-agent: ${GPG_CONNECT_AGENT} " diff --git a/doc/Makefile.am b/doc/Makefile.am index 2c4ab5f..3f77522 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,37 +1,27 @@ # Makefile.am # Copyright (C) 2006 g10 Code GmbH -# -# This file is part of scute. +# +# This file is part of Scute. # # Scute is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. # # Scute is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Scute; if not, write to the Free Software Foundation, -# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +# Lesser General Public License for more details. # -# In addition, as a special exception, g10 Code GmbH gives permission -# to link this library: with the Mozilla Foundation's code for -# Mozilla (or with modified versions of it that use the same license -# as the "Mozilla" code), and distribute the linked executables. You -# must obey the GNU General Public License in all respects for all of -# the code used other than "Mozilla". If you modify this file, you -# may extend this exception to your version of the file, but you are -# not obligated to do so. If you do not wish to do so, delete this -# exception statement from your version. +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . +# SPDX-License-Identifier: LGPL-2.1-or-later ## Process this file with automake to produce Makefile.in website = index.xhtml documentation.xhtml download.xhtml contact.xhtml \ format/web.css format/scute-logo.svg format/scute-border.jpg EXTRA_DIST = $(addprefix website/, $(website)) -SUBDIRS = manual \ No newline at end of file +SUBDIRS = manual diff --git a/doc/manual/Makefile.am b/doc/manual/Makefile.am index 499e750..a3b8321 100644 --- a/doc/manual/Makefile.am +++ b/doc/manual/Makefile.am @@ -1,60 +1,50 @@ # Makefile.am - Doc directory Makefile for scute. # Copyright (C) 2006, 2007 g10 Code GmbH -# -# This file is part of scute. +# +# This file is part of Scute. # # Scute is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. # # Scute is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Scute; if not, write to the Free Software Foundation, -# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +# Lesser General Public License for more details. # -# In addition, as a special exception, g10 Code GmbH gives permission -# to link this library: with the Mozilla Foundation's code for -# Mozilla (or with modified versions of it that use the same license -# as the "Mozilla" code), and distribute the linked executables. You -# must obey the GNU General Public License in all respects for all of -# the code used other than "Mozilla". If you modify this file, you -# may extend this exception to your version of the file, but you are -# not obligated to do so. If you do not wish to do so, delete this -# exception statement from your version. +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . +# SPDX-License-Identifier: LGPL-2.1-or-later ## Process this file with automake to produce Makefile.in DISTCLEANFILES = scute.tmp images = firefox-cm.png firefox-cm-view-detail.png firefox-cm-view.png \ firefox-dm-load-after.png firefox-dm-load-before.png \ firefox-dm-load.png firefox-dm-token-present.png firefox-pref.png \ firefox-pref-view.png firefox-bad-pin.png \ thunderbird-account-settings.png thunderbird-smime-button.png \ libreoffice-certificate-selection.png \ libreoffice-digital-signatures.png libreoffice-pdf-signature.png images_eps = $(images:.png=.eps) EXTRA_DIST = $(images) CLEANFILES = $(images_eps) info_TEXINFOS = scute.texi -scute_TEXINFOS = gpl.texi +scute_TEXINFOS = lesser.texi scute.html: scute.texi $(foreach i,$(images),scute.html/$(i)) $(MAKEINFO) --html --output "$@" "$<" scute.html/%.png: %.png @mkdir -p scute.html cp -v "$<" "$@" scute.dvi: $(images_eps) scute.pdf: $(images) %.eps : %.png $(CONVERT) `test -f '$<' || echo '$(srcdir)/'`$< $@ diff --git a/doc/manual/gpl.texi b/doc/manual/gpl.texi deleted file mode 100644 index c14b055..0000000 --- a/doc/manual/gpl.texi +++ /dev/null @@ -1,397 +0,0 @@ -@node Copying -@appendix GNU GENERAL PUBLIC LICENSE - -@cindex GPL, GNU General Public License -@center Version 2, June 1991 - -@display -Copyright @copyright{} 1989, 1991 Free Software Foundation, Inc. -59 Temple Place -- Suite 330, Boston, MA 02111-1307, USA - -Everyone is permitted to copy and distribute verbatim copies -of this license document, but changing it is not allowed. -@end display - -@unnumberedsec Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software---to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - -@iftex -@appendixsubsec TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION -@end iftex -@ifinfo -@center TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION -@end ifinfo - -@enumerate -@item -This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The ``Program'', below, -refers to any such program or work, and a ``work based on the Program'' -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term ``modification''.) Each licensee is addressed as ``you''. - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - -@item -You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - -@item -You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - -@enumerate a -@item -You must cause the modified files to carry prominent notices -stating that you changed the files and the date of any change. - -@item -You must cause any work that you distribute or publish, that in -whole or in part contains or is derived from the Program or any -part thereof, to be licensed as a whole at no charge to all third -parties under the terms of this License. - -@item -If the modified program normally reads commands interactively -when run, you must cause it, when started running for such -interactive use in the most ordinary way, to print or display an -announcement including an appropriate copyright notice and a -notice that there is no warranty (or else, saying that you provide -a warranty) and that users may redistribute the program under -these conditions, and telling the user how to view a copy of this -License. (Exception: if the Program itself is interactive but -does not normally print such an announcement, your work based on -the Program is not required to print an announcement.) -@end enumerate - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - -@item -You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - -@enumerate a -@item -Accompany it with the complete corresponding machine-readable -source code, which must be distributed under the terms of Sections -1 and 2 above on a medium customarily used for software interchange; or, - -@item -Accompany it with a written offer, valid for at least three -years, to give any third party, for a charge no more than your -cost of physically performing source distribution, a complete -machine-readable copy of the corresponding source code, to be -distributed under the terms of Sections 1 and 2 above on a medium -customarily used for software interchange; or, - -@item -Accompany it with the information you received as to the offer -to distribute corresponding source code. (This alternative is -allowed only for noncommercial distribution and only if you -received the program in object code or executable form with such -an offer, in accord with Subsection b above.) -@end enumerate - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - -@item -You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - -@item -You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - -@item -Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - -@item -If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - -@item -If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - -@item -The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and ``any -later version'', you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - -@item -If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - -@iftex -@heading NO WARRANTY -@end iftex -@ifinfo -@center NO WARRANTY -@end ifinfo - -@item -BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM ``AS IS'' WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - -@item -IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. -@end enumerate - -@iftex -@heading END OF TERMS AND CONDITIONS -@end iftex -@ifinfo -@center END OF TERMS AND CONDITIONS -@end ifinfo - -@page -@unnumberedsec How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the ``copyright'' line and a pointer to where the full notice is found. - -@smallexample -@var{one line to give the program's name and an idea of what it does.} -Copyright (C) 19@var{yy} @var{name of author} - -This program is free software; you can redistribute it and/or -modify it under the terms of the GNU General Public License -as published by the Free Software Foundation; either version 2 -of the License, or (at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License along -with this program; if not, write to the Free Software Foundation, Inc., -59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. -@end smallexample - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - -@smallexample -Gnomovision version 69, Copyright (C) 19@var{yy} @var{name of author} -Gnomovision comes with ABSOLUTELY NO WARRANTY; for details -type `show w'. This is free software, and you are welcome -to redistribute it under certain conditions; type `show c' -for details. -@end smallexample - -The hypothetical commands @samp{show w} and @samp{show c} should show -the appropriate parts of the General Public License. Of course, the -commands you use may be called something other than @samp{show w} and -@samp{show c}; they could even be mouse-clicks or menu items---whatever -suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a ``copyright disclaimer'' for the program, if -necessary. Here is a sample; alter the names: - -@smallexample -@group -Yoyodyne, Inc., hereby disclaims all copyright -interest in the program `Gnomovision' -(which makes passes at compilers) written -by James Hacker. - -@var{signature of Ty Coon}, 1 April 1989 -Ty Coon, President of Vice -@end group -@end smallexample - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General -Public License instead of this License. diff --git a/doc/manual/lesser.texi b/doc/manual/lesser.texi new file mode 100644 index 0000000..64f3f7d --- /dev/null +++ b/doc/manual/lesser.texi @@ -0,0 +1,560 @@ +@node Library Copying +@appendix GNU Lesser General Public License + +@cindex LGPL, GNU Lesser General Public License +@center Version 2.1, February 1999 + +@display +Copyright @copyright{} 1991, 1999 Free Software Foundation, Inc. +59 Temple Place -- Suite 330, Boston, MA 02111-1307, USA + +Everyone is permitted to copy and distribute verbatim copies +of this license document, but changing it is not allowed. + +[This is the first released version of the Lesser GPL. It also counts +as the successor of the GNU Library Public License, version 2, hence the +version number 2.1.] +@end display + +@heading Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +Licenses are intended to guarantee your freedom to share and change +free software---to make sure the software is free for all its users. + + This license, the Lesser General Public License, applies to some +specially designated software---typically libraries---of the Free +Software Foundation and other authors who decide to use it. You can use +it too, but we suggest you first think carefully about whether this +license or the ordinary General Public License is the better strategy to +use in any particular case, based on the explanations below. + + When we speak of free software, we are referring to freedom of use, +not price. Our General Public Licenses are designed to make sure that +you have the freedom to distribute copies of free software (and charge +for this service if you wish); that you receive source code or can get +it if you want it; that you can change the software and use pieces of it +in new free programs; and that you are informed that you can do these +things. + + To protect your rights, we need to make restrictions that forbid +distributors to deny you these rights or to ask you to surrender these +rights. These restrictions translate to certain responsibilities for +you if you distribute copies of the library or if you modify it. + + For example, if you distribute copies of the library, whether gratis +or for a fee, you must give the recipients all the rights that we gave +you. You must make sure that they, too, receive or can get the source +code. If you link other code with the library, you must provide +complete object files to the recipients, so that they can relink them +with the library after making changes to the library and recompiling +it. And you must show them these terms so they know their rights. + + We protect your rights with a two-step method: (1) we copyright the +library, and (2) we offer you this license, which gives you legal +permission to copy, distribute and/or modify the library. + + To protect each distributor, we want to make it very clear that +there is no warranty for the free library. Also, if the library is +modified by someone else and passed on, the recipients should know +that what they have is not the original version, so that the original +author's reputation will not be affected by problems that might be +introduced by others. + + Finally, software patents pose a constant threat to the existence of +any free program. We wish to make sure that a company cannot +effectively restrict the users of a free program by obtaining a +restrictive license from a patent holder. Therefore, we insist that +any patent license obtained for a version of the library must be +consistent with the full freedom of use specified in this license. + + Most GNU software, including some libraries, is covered by the +ordinary GNU General Public License. This license, the GNU Lesser +General Public License, applies to certain designated libraries, and +is quite different from the ordinary General Public License. We use +this license for certain libraries in order to permit linking those +libraries into non-free programs. + + When a program is linked with a library, whether statically or using +a shared library, the combination of the two is legally speaking a +combined work, a derivative of the original library. The ordinary +General Public License therefore permits such linking only if the +entire combination fits its criteria of freedom. The Lesser General +Public License permits more lax criteria for linking other code with +the library. + + We call this license the @dfn{Lesser} General Public License because it +does @emph{Less} to protect the user's freedom than the ordinary General +Public License. It also provides other free software developers Less +of an advantage over competing non-free programs. These disadvantages +are the reason we use the ordinary General Public License for many +libraries. However, the Lesser license provides advantages in certain +special circumstances. + + For example, on rare occasions, there may be a special need to +encourage the widest possible use of a certain library, so that it becomes +a de-facto standard. To achieve this, non-free programs must be +allowed to use the library. A more frequent case is that a free +library does the same job as widely used non-free libraries. In this +case, there is little to gain by limiting the free library to free +software only, so we use the Lesser General Public License. + + In other cases, permission to use a particular library in non-free +programs enables a greater number of people to use a large body of +free software. For example, permission to use the GNU C Library in +non-free programs enables many more people to use the whole GNU +operating system, as well as its variant, the GNU/Linux operating +system. + + Although the Lesser General Public License is Less protective of the +users' freedom, it does ensure that the user of a program that is +linked with the Library has the freedom and the wherewithal to run +that program using a modified version of the Library. + + The precise terms and conditions for copying, distribution and +modification follow. Pay close attention to the difference between a +``work based on the library'' and a ``work that uses the library''. The +former contains code derived from the library, whereas the latter must +be combined with the library in order to run. + +@iftex +@heading TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION +@end iftex +@ifinfo +@center GNU LESSER GENERAL PUBLIC LICENSE +@center TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION +@end ifinfo + +@enumerate 0 +@item +This License Agreement applies to any software library or other program +which contains a notice placed by the copyright holder or other +authorized party saying it may be distributed under the terms of this +Lesser General Public License (also called ``this License''). Each +licensee is addressed as ``you''. + + A ``library'' means a collection of software functions and/or data +prepared so as to be conveniently linked with application programs +(which use some of those functions and data) to form executables. + + The ``Library'', below, refers to any such software library or work +which has been distributed under these terms. A ``work based on the +Library'' means either the Library or any derivative work under +copyright law: that is to say, a work containing the Library or a +portion of it, either verbatim or with modifications and/or translated +straightforwardly into another language. (Hereinafter, translation is +included without limitation in the term ``modification''.) + + ``Source code'' for a work means the preferred form of the work for +making modifications to it. For a library, complete source code means +all the source code for all modules it contains, plus any associated +interface definition files, plus the scripts used to control compilation +and installation of the library. + + Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running a program using the Library is not restricted, and output from +such a program is covered only if its contents constitute a work based +on the Library (independent of the use of the Library in a tool for +writing it). Whether that is true depends on what the Library does +and what the program that uses the Library does. + +@item +You may copy and distribute verbatim copies of the Library's +complete source code as you receive it, in any medium, provided that +you conspicuously and appropriately publish on each copy an +appropriate copyright notice and disclaimer of warranty; keep intact +all the notices that refer to this License and to the absence of any +warranty; and distribute a copy of this License along with the +Library. + + You may charge a fee for the physical act of transferring a copy, +and you may at your option offer warranty protection in exchange for a +fee. + +@item +You may modify your copy or copies of the Library or any portion +of it, thus forming a work based on the Library, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + +@enumerate a +@item +The modified work must itself be a software library. + +@item +You must cause the files modified to carry prominent notices +stating that you changed the files and the date of any change. + +@item +You must cause the whole of the work to be licensed at no +charge to all third parties under the terms of this License. + +@item +If a facility in the modified Library refers to a function or a +table of data to be supplied by an application program that uses +the facility, other than as an argument passed when the facility +is invoked, then you must make a good faith effort to ensure that, +in the event an application does not supply such function or +table, the facility still operates, and performs whatever part of +its purpose remains meaningful. + +(For example, a function in a library to compute square roots has +a purpose that is entirely well-defined independent of the +application. Therefore, Subsection 2d requires that any +application-supplied function or table used by this function must +be optional: if the application does not supply it, the square +root function must still compute square roots.) +@end enumerate + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Library, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Library, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote +it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Library. + +In addition, mere aggregation of another work not based on the Library +with the Library (or with a work based on the Library) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + +@item +You may opt to apply the terms of the ordinary GNU General Public +License instead of this License to a given copy of the Library. To do +this, you must alter all the notices that refer to this License, so +that they refer to the ordinary GNU General Public License, version 2, +instead of to this License. (If a newer version than version 2 of the +ordinary GNU General Public License has appeared, then you can specify +that version instead if you wish.) Do not make any other change in +these notices. + + Once this change is made in a given copy, it is irreversible for +that copy, so the ordinary GNU General Public License applies to all +subsequent copies and derivative works made from that copy. + + This option is useful when you wish to copy part of the code of +the Library into a program that is not a library. + +@item +You may copy and distribute the Library (or a portion or +derivative of it, under Section 2) in object code or executable form +under the terms of Sections 1 and 2 above provided that you accompany +it with the complete corresponding machine-readable source code, which +must be distributed under the terms of Sections 1 and 2 above on a +medium customarily used for software interchange. + + If distribution of object code is made by offering access to copy +from a designated place, then offering equivalent access to copy the +source code from the same place satisfies the requirement to +distribute the source code, even though third parties are not +compelled to copy the source along with the object code. + +@item +A program that contains no derivative of any portion of the +Library, but is designed to work with the Library by being compiled or +linked with it, is called a ``work that uses the Library''. Such a +work, in isolation, is not a derivative work of the Library, and +therefore falls outside the scope of this License. + + However, linking a ``work that uses the Library'' with the Library +creates an executable that is a derivative of the Library (because it +contains portions of the Library), rather than a ``work that uses the +library''. The executable is therefore covered by this License. +Section 6 states terms for distribution of such executables. + + When a ``work that uses the Library'' uses material from a header file +that is part of the Library, the object code for the work may be a +derivative work of the Library even though the source code is not. +Whether this is true is especially significant if the work can be +linked without the Library, or if the work is itself a library. The +threshold for this to be true is not precisely defined by law. + + If such an object file uses only numerical parameters, data +structure layouts and accessors, and small macros and small inline +functions (ten lines or less in length), then the use of the object +file is unrestricted, regardless of whether it is legally a derivative +work. (Executables containing this object code plus portions of the +Library will still fall under Section 6.) + + Otherwise, if the work is a derivative of the Library, you may +distribute the object code for the work under the terms of Section 6. +Any executables containing that work also fall under Section 6, +whether or not they are linked directly with the Library itself. + +@item +As an exception to the Sections above, you may also combine or +link a ``work that uses the Library'' with the Library to produce a +work containing portions of the Library, and distribute that work +under terms of your choice, provided that the terms permit +modification of the work for the customer's own use and reverse +engineering for debugging such modifications. + + You must give prominent notice with each copy of the work that the +Library is used in it and that the Library and its use are covered by +this License. You must supply a copy of this License. If the work +during execution displays copyright notices, you must include the +copyright notice for the Library among them, as well as a reference +directing the user to the copy of this License. Also, you must do one +of these things: + +@enumerate a +@item +Accompany the work with the complete corresponding +machine-readable source code for the Library including whatever +changes were used in the work (which must be distributed under +Sections 1 and 2 above); and, if the work is an executable linked +with the Library, with the complete machine-readable ``work that +uses the Library'', as object code and/or source code, so that the +user can modify the Library and then relink to produce a modified +executable containing the modified Library. (It is understood +that the user who changes the contents of definitions files in the +Library will not necessarily be able to recompile the application +to use the modified definitions.) + +@item +Use a suitable shared library mechanism for linking with the Library. A +suitable mechanism is one that (1) uses at run time a copy of the +library already present on the user's computer system, rather than +copying library functions into the executable, and (2) will operate +properly with a modified version of the library, if the user installs +one, as long as the modified version is interface-compatible with the +version that the work was made with. + +@item +Accompany the work with a written offer, valid for at +least three years, to give the same user the materials +specified in Subsection 6a, above, for a charge no more +than the cost of performing this distribution. + +@item +If distribution of the work is made by offering access to copy +from a designated place, offer equivalent access to copy the above +specified materials from the same place. + +@item +Verify that the user has already received a copy of these +materials or that you have already sent this user a copy. +@end enumerate + + For an executable, the required form of the ``work that uses the +Library'' must include any data and utility programs needed for +reproducing the executable from it. However, as a special exception, +the materials to be distributed need not include anything that is +normally distributed (in either source or binary form) with the major +components (compiler, kernel, and so on) of the operating system on +which the executable runs, unless that component itself accompanies the +executable. + + It may happen that this requirement contradicts the license +restrictions of other proprietary libraries that do not normally +accompany the operating system. Such a contradiction means you cannot +use both them and the Library together in an executable that you +distribute. + +@item +You may place library facilities that are a work based on the +Library side-by-side in a single library together with other library +facilities not covered by this License, and distribute such a combined +library, provided that the separate distribution of the work based on +the Library and of the other library facilities is otherwise +permitted, and provided that you do these two things: + +@enumerate a +@item +Accompany the combined library with a copy of the same work +based on the Library, uncombined with any other library +facilities. This must be distributed under the terms of the +Sections above. + +@item +Give prominent notice with the combined library of the fact +that part of it is a work based on the Library, and explaining +where to find the accompanying uncombined form of the same work. +@end enumerate + +@item +You may not copy, modify, sublicense, link with, or distribute +the Library except as expressly provided under this License. Any +attempt otherwise to copy, modify, sublicense, link with, or +distribute the Library is void, and will automatically terminate your +rights under this License. However, parties who have received copies, +or rights, from you under this License will not have their licenses +terminated so long as such parties remain in full compliance. + +@item +You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Library or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Library (or any work based on the +Library), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Library or works based on it. + +@item +Each time you redistribute the Library (or any work based on the +Library), the recipient automatically receives a license from the +original licensor to copy, distribute, link with or modify the Library +subject to these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties with +this License. + +@item +If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Library at all. For example, if a patent +license would not permit royalty-free redistribution of the Library by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Library. + +If any portion of this section is held invalid or unenforceable under any +particular circumstance, the balance of the section is intended to apply, +and the section as a whole is intended to apply in other circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + +@item +If the distribution and/or use of the Library is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Library under this License may add +an explicit geographical distribution limitation excluding those countries, +so that distribution is permitted only in or among countries not thus +excluded. In such case, this License incorporates the limitation as if +written in the body of this License. + +@item +The Free Software Foundation may publish revised and/or new +versions of the Lesser General Public License from time to time. +Such new versions will be similar in spirit to the present version, +but may differ in detail to address new problems or concerns. + +Each version is given a distinguishing version number. If the Library +specifies a version number of this License which applies to it and +``any later version'', you have the option of following the terms and +conditions either of that version or of any later version published by +the Free Software Foundation. If the Library does not specify a +license version number, you may choose any version ever published by +the Free Software Foundation. + +@item +If you wish to incorporate parts of the Library into other free +programs whose distribution conditions are incompatible with these, +write to the author to ask for permission. For software which is +copyrighted by the Free Software Foundation, write to the Free +Software Foundation; we sometimes make exceptions for this. Our +decision will be guided by the two goals of preserving the free status +of all derivatives of our free software and of promoting the sharing +and reuse of software generally. + +@center NO WARRANTY + +@item +BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO +WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. +EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR +OTHER PARTIES PROVIDE THE LIBRARY ``AS IS'' WITHOUT WARRANTY OF ANY +KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE +LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME +THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + +@item +IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY +AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU +FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR +CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE +LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING +RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A +FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF +SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +DAMAGES. +@end enumerate + +@iftex +@heading END OF TERMS AND CONDITIONS +@end iftex +@ifinfo +@center END OF TERMS AND CONDITIONS +@end ifinfo + +@page +@heading How to Apply These Terms to Your New Libraries + + If you develop a new library, and you want it to be of the greatest +possible use to the public, we recommend making it free software that +everyone can redistribute and change. You can do so by permitting +redistribution under these terms (or, alternatively, under the terms of the +ordinary General Public License). + + To apply these terms, attach the following notices to the library. It is +safest to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least the +``copyright'' line and a pointer to where the full notice is found. + +@smallexample +@var{one line to give the library's name and an idea of what it does.} +Copyright (C) @var{year} @var{name of author} + +This library is free software; you can redistribute it and/or modify it +under the terms of the GNU Lesser General Public License as published by +the Free Software Foundation; either version 2.1 of the License, or (at +your option) any later version. + +This library is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +Lesser General Public License for more details. + +You should have received a copy of the GNU Lesser General Public +License along with this library; if not, write to the Free Software +Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, +USA. +@end smallexample + +Also add information on how to contact you by electronic and paper mail. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a ``copyright disclaimer'' for the library, if +necessary. Here is a sample; alter the names: + +@smallexample +Yoyodyne, Inc., hereby disclaims all copyright interest in the library +`Frob' (a library for tweaking knobs) written by James Random Hacker. + +@var{signature of Ty Coon}, 1 April 1990 +Ty Coon, President of Vice +@end smallexample + +That's all there is to it! diff --git a/doc/manual/scute.texi b/doc/manual/scute.texi index 70c1f35..b27da91 100644 --- a/doc/manual/scute.texi +++ b/doc/manual/scute.texi @@ -1,878 +1,872 @@ \input texinfo @c -*- Texinfo -*- @setfilename scute.info @settitle The Scute Manual @dircategory GNU Utilities @direntry * Scute: (scute). PKCS #11 module for the OpenPGP Card @end direntry @include version.texi @c Unify some of the indices. @syncodeindex tp fn @syncodeindex pg fn @ifinfo This file documents the Scute module. This is Edition @value{EDITION}, last updated @value{UPDATED}, of @cite{The Scute Manual}, for Version @value{VERSION}. @c NOTE: Don't forget to update the year for the TeX version, too. Copyright @copyright{} 2002, 2003, 2004, 2005, 2006, 2007 g10 Code GmbH. -The Scute Manual is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by the -Free Software Foundation; either version 2 of the License, or (at your -option) any later version. +The Scute Manual is free software; you can redistribute it and/or +modify it under the terms of the GNU Lesser General Public License as +published by the Free Software Foundation; either version 2.1 of the +License, or (at your option) any later version. The text of the +license can be found in the section entitled ``Library Copying''. The Scute Manual is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. -You should have received a copy of the GNU Lesser General Public License -along with this program; if not, write to the Free Software Foundation, -Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - @end ifinfo @iftex @shorttitlepage The Scute Manual @end iftex @titlepage @center @titlefont{The Scute Manual} @sp 6 @center Edition @value{EDITION} @sp 1 @center last updated @value{UPDATED} @sp 1 @center for version @value{VERSION} @page @vskip 0pt plus 1filll Copyright @copyright{} 2002, 2003, 2004, 2005, 2006, 2007 g10 Code GmbH. -The Scute Manual is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by the -Free Software Foundation; either version 2 of the License, or (at your -option) any later version. +The Scute Manual is free software; you can redistribute it and/or +modify it under the terms of the GNU Lesser General Public License as +published by the Free Software Foundation; either version 2.1 of the +License, or (at your option) any later version. The text of the +license can be found in the section entitled ``Library Copying''. The Scute Manual is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - -You should have received a copy of the GNU Lesser General Public License -along with this program; if not, write to the Free Software Foundation, -Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA @end titlepage @page @ifnottex @node Top @top Main Menu This is Edition @value{EDITION}, last updated @value{UPDATED}, of @cite{The Scute Manual}, for Version @value{VERSION} of the Scute module. @end ifnottex @menu * Introduction:: How to use this manual. * Preparation:: What you should do before using Scute. * Client Authentication:: How to use Scute for client authentication. * Email Signing:: How to use Scute for S/MIME email signing. * Document Signing:: How to use Scute with LibreOffice. * Troubleshooting:: What to do when things go wrong. * Internals:: Technical details about Scute. Appendices -* Copying:: The GNU General Public License says +* Library Copying:: The GNU General Public License says how you can copy and share Scute. Indices * Concept Index:: Index of concepts and programs. @detailmenu --- The Detailed Node Listing --- Introduction * Getting Started:: Purpose of the manual, and how to use it. * Features:: Reasons to install and use Scute. * Overview:: Basic architecture of the Scute module. Preparation * Prerequisites:: Dependencies of Scute. * Building the Source:: How to build Scute. * Certificate Preparation:: Preparing certificates for use with Scute. Client Authentication * Application Configuration:: Preparing the application for use with Scute. * Authentication With Service:: Using Scute for client authentication. Email Signing Document Signing Troubleshooting Internals * Features and Limitations:: Details about the interfaces implemented. * Developing Scute:: How to understand or improve Scute. * Mozilla Compatibility:: Interoperability notes for Mozilla NSS. @end detailmenu @end menu @node Introduction @chapter Introduction This is a PKCS #11 implementation for the GnuPG Agent using the GnuPG Smart Card Daemon. Currently, only the OpenPGP card is supported. Scute enables use of the OpenPGP smart card in applications supporting PKCS #11 compliant security tokens. The main application at this time is client authentication in Mozilla-based web browsers. In the future, other applications will be supported. @menu * Getting Started:: Purpose of the manual, and how to use it. * Features:: Reasons to install and use Scute. * Overview:: Basic architecture of the Scute module. @end menu @node Getting Started @section Getting Started This manual documents the Scute module, how it can be used for common applications supported by it, and how it can be extended and improved by programmers. It is thus a user manual as well as a developer manual. The reader is assumed to possess basic knowledge about cryptography in general, and public key cryptography in particular. The underlying cryptographic engines that are used by the library are not explained, but where necessary, special features or requirements are provided. This manual can be used in several ways. If read from the beginning to the end, it gives a good introduction into the module and how it can be used in an application. Forward references are included where necessary. Later on, the manual can be used as a reference manual to get just the information needed about any particular application of the module. @node Features @section Features Scute is currently the only implementation of PKCS #11 for the OpenPGP smart card. Apart from that, it offers a couple of other benefits: @table @asis @item it's free software Anybody can use, modify, and redistribute it under the terms of the GNU -General Public License (@pxref{Copying}). +General Public License (@pxref{Library Copying}). @item it's built to grow Although Scute initially provided a single function, client authentication using OpenPGP smart cards in Mozilla-based web browsers, it was built with the intention of supporting other applications as well in the future. @item it's easy Building and installing Scute is easy, and preparing smart cards for use with Scute is a snatch using the GnuPG 2 framework. The integration of Scute into the application is seamless. @end table @node Overview @section Overview Scute is a security device that implements the PKCS #11 interface for security tokens. Applications which know how to use the PKCS #11 interface to access security tokens for cryptographic operations can use Scute to access the OpenPGP smart card. An important example of such an application is the Firefox web browser by the Mozilla project, which uses the Mozilla Network Security Services library (NSS). Scute itself does not include a driver for the smart card itself. Instead, it uses the GnuPG 2 framework to access the smart cards and associated data like certificates. Scute acts as the glue between the application and GnuPG 2. Currently supported usages are client authentication over HTTPS with Firefox (allowing users to authenticate themselves to a remote web service without entering their log-in information), email signing with Thunderbird, and document signing with LibreOffice. @node Preparation @chapter Preparation To use Scute, you first have to install the software. You also have to prepare each card you want to use with Scute before it can be used. Furthermore, you need to configure the application to make use of Scute for cryptographic operations. This chapter explains each of these steps in detail. @menu * Prerequisites:: Dependencies of Scute. * Building the Source:: How to build Scute. * Certificate Preparation:: Preparing certificates for use with Scute. @end menu @node Prerequisites @section Prerequisites There are two types of dependencies for Scute: compile-time dependencies and run-time dependencies. The compile-time dependencies only need to be fulfilled when Scute is compiled and installed. The run-time dependencies need to be fulfilled when Scute is used in an application. Scute depends, in addition to the essential build utilities, on the following packages at build time: @table @code @item libgpg-error Scute uses the GnuPG 2 framework for error handling, so it depends on the GPG error library. The minimum version required is 1.14. @item libassuan Scute uses the GnuPG 2 framework for communication with the GPG Agent, so it depends on the Assuan library. The minimum version required is 2.0.0. @end table At run-time, in addition to the run-time versions of the above libraries, you also need the following packages installed and configured: @table @asis @item GnuPG Scute uses the GnuPG 2 framework to access the OpenPGP card and for certificate management. The minimum version required is 2.0.0 for client authentication with TLS 1.0 and 1.1. Client authentication with TLS 1.2, email and document signing require GnuPG 2.1.0. @item Pinentry Pinentry is a dependency of GnuPG 2, so it also needs to be installed with it. @item Firefox et al. Firefox is the first application supported by Scute. In the future, other applications may be supported. The applications are not dependencies of Scute, but Scute can not be used stand-alone, so you can not experience it without an application. @end table @node Building the Source @section Building the Source Scute does comply to the GNU coding standards and thus can be compiled and installed according to the generic installation instructions found in the source package in the file @code{INSTALL}. There are no Scute specific options to the configure script. After installation, the @code{scute.so} module file can be found in the library directory of the installation path. @node Certificate Preparation @section Certificate Preparation To use an OpenPGP card with Scute, it first has to be initialized by generating or loading a key on the card, see @uref{http://www.gnupg.org/(en)/howtos/card-howto/en/smartcard-howto.html, the OpenPGP Card How-To}. Then a certificate has to be created and imported into GPGSM. This task involves three steps: First, a certificate signing request (@acronym{CSR}) has to be created that matches the key on the card. This certificate signing request then has to be submitted to a certificate authority (@acronym{CA}), which will create the certificate and send it back to you. At last, the certificate has to be imported into GPGSM. This section will explain all of these steps in detail. @menu * Creating a CSR:: How to create a card-based CSR. * Signing the CSR:: Obtain a certificate from the CSR. * Importing the Certificate:: How to import the certificate into GPGSM. * On-card Certificate:: How to store the certificate on the card. @end menu @node Creating a CSR @subsection Creating a CSR Before you start, make sure that the GPG Agent is running, see @ref{Prerequisites} and that your card is in the reader. There is no need to configure GPGSM, so you can create a CSR with the command: @example $ gpgsm --gen-key > floppy-head.csr Please select what kind of key you want: (1) RSA (2) Existing key (3) Existing key from card Your selection? 3 @end example As we create a certificate for the OpenPGP Card, the option ``@code{[3] Direct from card}'' should be selected. @example Serial number of the card: 355F9746499F0D4B4ECEE4928B007D16 Available keys: (1) D53137B94C38D9BF6A199706EA6D5253 OPENPGP.1 (2) B0CD1A9DFC3539A1D6A8B851A11C8665 OPENPGP.2 (3) 53DB41052CC590A40B403F3E6350E5DC OPENPGP.3 Your selection? 3 Possible actions for a RSA key: (1) sign, encrypt (2) sign (3) encrypt Your selection? 2 @end example The only operation currently supported is client authentication. For this, the authentication key has to be selected. This is the third key on the card, so the options ``@code{[3] OPENPGP.3}'' and ``@code{[2] sign}'' should be chosen. Note that the key usage is only advisory, and the CA may assign different capabilities. @example Enter the X.509 subject name: CN=Floppy Head,OU="Webserver Team",O="Snake Oil, Ltd",L="Snake Town",ST="Snake Desert",C=XY Enter email addresses (end with an empty line): > floppy.head@@example.org > Enter DNS names (optional; end with an empty line): > Enter URIs (optional; end with an empty line): > Create self-signed certificate? (y/N) n @end example As a last step, the common name and e-mail address of the key owner need to be specified by you. The above are only an example for a fictious person working at a fictious company. DNS names are only meaningful for server certificates and thus should be left empty. We have now entered all required information and gpgsm will display what it has gathered and ask whether to create the certificate request: @example These parameters are used: Key-Type: card:OPENPGP.3 Key-Length: 1024 Key-Usage: sign Name-DN: CN=Floppy Head,OU="Webserver Team",O="Snake Oil, Ltd",L="Snake Town",ST="Snake Desert",C=XY Name-Email: floppy.head@@example.org Proceed with creation? (y/N) y Now creating certificate request. This may take a while ... gpgsm: about to sign the CSR for key: &53DB41052CC590A40B403F3E6350E5DC @end example GPGSM will now start working on creating the request. During this time you will be asked once for a passphrase to unprotect the authentication key on the card. A pop up window will appear to ask for it. When it is ready, you should see the final notice: @example gpgsm: certificate request created Ready. You should now send this request to your CA. @end example Now, you may look at the created request: @example $ cat floppy-head.csr -----BEGIN CERTIFICATE REQUEST----- MIICCDCCAXECAQAwgYExCzAJBgNVBAYTAlhZMRUwEwYDVQQIEwxTbmFrZSBEZXNl cnQxEzARBgNVBAcTClNuYWtlIFRvd24xFzAVBgNVBAoTDlNuYWtlIE9pbCwgTHRk MRcwFQYDVQQLEw5XZWJzZXJ2ZXIgVGVhbTEUMBIGA1UEAxMLRmxvcHB5IEhlYWQw gaAwDQYJKoZIhvcNAQEBBQADgY4AMIGKAoGBANWaM9YS89AOx3GX1Rua+4DUHwbL wt0rBYdBddlabMMteVjUcOOhbFMirLpLAi1S8fUXNiy84ysOmFStmvSIXDsAgXq5 1ESOU4SNg2zEkPDF1WYJ5BFIXdYq9i2k5W7+ctV8PkKv3e5IeYXTa5qppIPD31de gM8Qj7tK0hL/eNCfAgQAAQABoEUwQwYJKoZIhvcNAQkOMTYwNDAiBgNVHREEGzAZ gRdmbG9wcHkuaGVhZEBleGFtcGxlLmNvbTAOBgNVHQ8BAf8EBAMCBsAwDQYJKoZI hvcNAQEFBQADgYEAFC9q6+ib9YGCLB/2AlZR+/dvb+pEeXR1EbpV/dw/gjP1yPY6 29n8ZIDLUvQvNCtfCcXFxFimVSSB/KmFXXsJbM+NXQyT6Ocn34iHmkf9IVRMWQWg ZBYfQVeXAd7XlxI6d1wXDLwD/26lTU/rH2JU6H1+zSfZxqwVC4Iu+kiN4Y8= -----END CERTIFICATE REQUEST----- $ @end example @node Signing the CSR @subsection Signing the CSR The next step is to submit this certificate request to the CA, which can then create a certificate and send it back to you. If, for example, you use the CA @uref{http://www.cacert.org, CAcert}, then you can log into your account at the CAcert website, choose ``Client Certificates -> New'', check ``Show advanced options'', paste the above request block into the text field and click on ``Submit''. If everything works correctly, a certificate will be shown, which you can cut and paste into a new file @file{floppy-head.crt}. Alternatively if, for example, you set up your own CA with OpenSSL, then you can create your own certificate by issueing a command similar @code{openssl ca -in floppy-head.csr -cert snakeoil-ca-rsa.crt -keyfile snakeoil-ca-rsa.key -out floppy-head.crt}. Please see the OpenSSL documentation for more details on how to set up and administrate a certificate authority infrastructure. @node Importing the Certificate @subsection Importing the Certificate into GPGSM Once the CSR has been signed, you should end up with a certificate file @file{floppy-head.crt}, which you then have to import into GPGSM. It is also recommended that you import the root certificate of the CA first in the same fashion. @example $ gpgsm --import floppy-head.crt gpgsm: certificate imported - + gpgsm: total number processed: 1 gpgsm: imported: 1 @end example gpgsm tells you that it has imported the certificate. It is now associated with the key you used when creating the request. To see the content of your certificate, you may now enter: @example $ gpgsm -K Floppy /home/foo/.gnupg/pubring.kbx --------------------------- Serial number: 10 Issuer: /CN=Snake Oil CA/OU=Certificate Authority/O=Snake Oil, Ltd/L=Snake Town/ST=Snake Desert/C=XY/EMail=ca@@snakeoil.dom Subject: /CN=Floppy Head/OU=Webserver Team/O=Snake Oil, Ltd/ST=Snake Desert/C=XY validity: 2006-11-11 14:09:12 through 2007-11-11 14:09:12 key type: 1024 bit RSA fingerprint: EC:93:A2:55:C6:58:7F:C9:9E:96:DB:12:6E:64:99:54:BB:E1:94:68 @end example The option ``@code{-K}'' is used above because this will only list certificates for which a private key is available. To see more details, you may use ``@code{--dump-secret-keys}'' instead of ``@code{-K}''. @node On-card Certificate @subsection Loading the Certificate onto the Card This step is optional. You may choose to store the certificate directly into your OpenPGP card. The benefit of doing so is that Scute will then be able to fetch the certificate from the card without having to look into the GPGSM store. You need your certificate in the DER format. Export it from the GPGSM store with the following command: @example $ gpgsm -o floppy-head.crt --export Floppy @end example Then, fire up the GnuPG card editor to transfer the certificate to the card (note that the @code{writecert} command is not listed in the editor's online help): @example $ gpg2 --card-edit Application ID ...: D27600012301020000005000012340000 [...] gpg/card> admin Admin commands are allowed gpg/card> writecert 3 < floppy-head.crt gpg/card> quit @end example @node Client Authentication @chapter Client Authentication @menu * Application Configuration:: Preparing the application for use with Scute. * Authentication With Service:: Using Scute for client authentication. @end menu Scute allows you to authenticate yourself to a website securely without entering a username or password by simply using your OpenPGP card. Currently, only Mozilla-based browsers like Firefox are supported, although other applications using Mozilla NSS or supporting PKCS #11 modules may work. @node Application Configuration @section Application Configuration To prepare your application for use with Scute, you have to load the Scute module as a PKCS #11 module into the application. With Firefox, this can be done by choosing @code{Edit->Preferences} in the menu. In the preferences configuration dialog, you should select the @code{Advanced} configuration section, then the @code{Security} tab, and then select @code{Security Devices} in the category @code{Certificates}. @center @image{firefox-pref,13cm} In the devices manager dialog, you can select @code{Load} to load a new PKCS #11 device. @center @image{firefox-dm-load-before,13cm} In the pop-up dialog that follows, you can give a module name (e.g. ``@code{Scute}'') and a module filename. The latter should correspond to the full file name of the installed Scute module file @file{scute.so}. The default installation path is @file{/usr/local/lib}, which would mean that you have to provide the file name @file{/usr/local/lib/scute.so}. If you or your system administrator installed Scute in a different location, you have to adjust the file name correspondingly. @center @image{firefox-dm-load,8cm} After confirming installation of the security device, a pop-up window should confirm that the module was successfully loaded, and an entry for the security device should appear in the device manager list of @code{Security Modules and Devices}. @center @image{firefox-dm-load-after,15cm} When you insert the OpenPGP card for which you generated and imported a certificate earlier (see @ref{Certificate Preparation}), the device manager should detect this security token and display some information about it in the @code{Details} list when you select it from the module list. @center @image{firefox-dm-token-present,15cm} The client certificate will show up in the @code{Certificate Manager} under @code{Your Certificates}: @center @image{firefox-cm,13cm} @node Authentication With Service @section Authentication With Service Before you access a web service which requires client authentication, for instance a fictious web service @ifnottex @indicateurl{https://example.com}, @end ifnottex @iftex @code{https://example.com}, @end iftex the OpenPGP card should be present. In this case, a pop-up window will appear that requests you to enter the PIN number protecting the authentication key on the OpenPGP card. After entering the PIN number, your browser will be authenticated to the server. If the server accepts your request and certificate, this is all which is required. You should leave the card in the reader as long as the connection persists. Depending on how aggressively GPG Agent caches your PIN number, you may have to enter the PIN number again later to keep up the connection to the server. If the card is not present, or you enter the wrong PIN, or the server does not admit your certificate, you will get an error message. This error message is generated by the application and Scute can not influence it. Unfortunately, in Firefox (at least up to version 38.5.0), this error message is not very user friendly. For example, entering a bad PIN results in the following generic error message, and the @code{Try Again} button does not work as expected: @center @image{firefox-bad-pin,11cm} @comment FIXME: Document possible error codes. @node Email Signing @chapter Email Signing Scute also allows you to use your card-based X.509 certificate to sign your emails with the S/MIME signature format. This has been tested with Mozilla Thunderbird only, but should work with any mail client with support for PKCS #11 (notably GNOME Evolution). You must first load the Scute module into your mail client. With Mozilla Thunderbird, the procedure is the same as the one described above for Mozilla Firefox. Then, open your accent configuration dialog (@code{Edit->Account Settings}), and in the @code{Security} tab, under the section @code{Digital Signing}, use the @code{Select...} button to associate your card-based certificate with your account. @center @image{thunderbird-account-settings,13cm} When writing a new message, you may then use the @code{S/MIME} button and select @code{Digitally sign this message} in the popup menu. You will be prompted for your User PIN before the message is sent. @center @image{thunderbird-smime-button,13cm} @node Document Signing @chapter Document Signing Scute can also be used with LibreOffice to sign OpenDocument files. First, you must load the Scute module into Mozilla Firefox according to the above procedure. Then, configure LibreOffice to use Firefox's certificate store by defining the @code{MOZILLA_CERTIFICATE_FOLDER} environment variable to your Firefox profile directory. Then, to sign the document you are editing, select the @code{File->Digital Signatures...} menu option to open the @code{Digital Signatures} dialog. @center @image{libreoffice-digital-signatures,13cm} Click the @code{Sign Document} button to open the certificate selection dialog. Select your card-based certificate, then validate. Enter your User PIN when prompted by GPG Agent. @center @image{libreoffice-certificate-selection,13cm} You may also sign a PDF export of your document. Select the @code{File->Export as PDF...} menu option to open the @code{PDF Options} dialog. In the @code{Digital Signatures} tab, use the @code{Select} button to open the certificate selection dialog as above. You will be prompted for your User PIN when you will click the @code{Export} button. @center @image{libreoffice-pdf-signature,13cm} @node Troubleshooting @chapter Troubleshooting @strong{Symptom:} Loading the Scute security device in the security device manager of Firefox fails with "Unable to load module". @strong{Solution:} Make sure that Scute is correctly installed, and that all libraries and executables are available. If you are using GnuPG 2.0 (instead of 2.1), you may need to make sure that the GPG Agent is running and can be found via the environment variable @code{GPG_AGENT_INFO}. @xref{Invoking GPG-AGENT, , , gnupg, Using the GNU Privacy Guard}, for details on how to run the GPG Agent. @strong{Symptom:} Client authentication fails with " has received an incorrect or unexpected message. Error code: -12227". @strong{Solution:} Make sure that the correct OpenPGP card is inserted and the certificate available in GPGSM. Check that the OpenPGP card is detected correctly in the security device manager and the corresponding certificate is displayed in the certificate manager of Firefox. @xref{Authentication With Service}. @strong{Symptom:} The OpenPGP card is detected and displayed in the security device manager in Firefox, but no corresponding certificate is displayed in the certificate manager of Firefox. @strong{Solution:} Make sure that the corresponding certificate is imported in GPGSM. @comment FIXME: Can this really happen??? @node Internals @chapter Internals The following notes are intended for people interested in more technical details about Scute and its implementation. They give an overview about its scope and potential compatibility issues with applications. @menu * Features and Limitations:: Details about the interfaces implemented. * Developing Scute:: How to understand or improve Scute. * Mozilla Compatibility:: Interoperability notes for Mozilla NSS. @end menu @node Features and Limitations @section Features and Limitations Scute implements version 2.20 of the @uref{https://www.emc.com/emc-plus/rsa-labs/standards-initiatives/pkcs-11-cryptographic-token-interface-standard.htm, PKCS #11} specification. The @uref{http://www.g10code.com/p-card.html,OpenPGP smart card} application is supported in read-only mode. The following functions are not supported: @table @code @item C_Initialize No support for native thread package. Locking callbacks must be provided if multi-threaded operation is desired. @item C_WaitForSlotEvent Not implemented. The interface as specified by PKCS #11 is broken anyway, as the function can not safely be canceled. Thus, we require polling. @item C_GetOperationState @itemx C_SetOperationState Not supported. @item C_InitToken @itemx C_InitPIN @itemx C_SetPIN Not supported. No write operations are allowed. To configure the token, please use the tools accompanying the GnuPG software suite. @item C_Login @itemx C_Logout Not supported. No login into the token by the software is required. Passphrase queries are implemented by the use of GPG Agent and Pinentry. @item C_EncryptInit @itemx C_Encrypt @itemx C_EncryptUpdate @itemx C_EncryptFinal @itemx C_DigestInit @itemx C_Digest @itemx C_DigestUpdate @itemx C_DigestKey @itemx C_DigestFinal @itemx C_VerifyInit @itemx C_Verify @itemx C_VerifyUpdate @itemx C_VerifyFinal @itemx C_VerifyRecoverInit @itemx C_VerifyRec Not supported. Only secret key operations are supported. @item C_DecryptInit @itemx C_Decrypt Not yet supported, but will be in the future. @item C_SignUpdate @itemx C_SignFinal @itemx C_DecryptUpdate @itemx C_DecryptFinal No progressive crypto-operations are supported. @item C_SignRecoverInit @itemx C_SignRecover Not supported. @item C_DigestEncryptUpdate @itemx C_DecryptDigestUpdate @itemx C_SignEncryptUpdate @itemx C_DecryptVerifyUpdate Dual-purpose cryptographic functions are not supported. @item C_GenerateKey @itemx C_GenerateKeyPair @itemx C_WrapKey @itemx C_UnwrapKey @itemx C_DeriveKey Key management functions are not supported. Please use the tools accompanying the GnuPG software suite to generate and import keys for use with the token. @item C_SeedRandom Not supported. @item C_CreateObject @itemx C_CopyObject @itemx C_DestroyObject @itemx C_SetAttributeValue: Only read-only operations are supported on objects. @item C_GetObjectSize Not supported. @item CKO_CERTIFICATE The label specifies the key on the card used (e.g. @code{OPENPGP.3}). The ID is the fingerprint. @item CKO_PRIVATE_KEY: The @code{CKA_LOCAL} attribute can not be supported by the OpenPGP card. It is always set to false (as the key on the card may be copied to the card from an external source). @end table @node Developing Scute @section Developing Scute Scute is single-threaded. There is a global lock that is taken in all entry points of Scute, except for @code{C_Initialize}, @code{C_Finalize}, @code{C_GetFunctionList}, and stubs. Here are a couple of hints on how to develop PKCS #11 modules for Mozilla: @code{libopensc2} ships with a @code{pkcs11-spy} library that can be loaded as a wrapper around the PKCS #11 library you want to use to log all functions invoked by Mozilla. Here is how to use it: Set the @code{PKCS11SPY_OUTPUT} environment variable to a filename. @code{pkcs11-spy} appends its log messages at the end of this file. Set the @code{PKCS11SPY} environment variable to the filename of the PKCS #11 module you actually want to use. Start Mozilla within this environment. There is a different, probably more powerful way to debug Mozilla PKCS #11 libraries. However, to be able to use it, you need to configure and compile the Mozilla NSS sources with @code{--enable-debug}. Instructions can be found at: @uref{https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/nss_tech_notes} Here are a couple of links to more information about implementing a PKCS #11 module for Mozilla: @table @uref @item https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/PKCS11_Implement Guidelines for implementors of PKCS #11 modules targeting Mozilla @item http://www-archive.mozilla.org/projects/security/pki/pkcs11/ PKCS #11 Conformance Testing @item https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS The Mozilla NSS web page @end table @node Mozilla Compatibility @section Mozilla Compatibility Mozilla has a bug that causes the wrong security device to be unloaded when unloading a security device. Also, the displayed list becomes corrupt. When closing and reopening the security device manager, the list displayed is correct, but in anyway the wrong security module is unloaded. -@include gpl.texi +@include lesser.texi @node Concept Index @unnumbered Concept Index @printindex cp @summarycontents @contents @bye diff --git a/doc/website/contact.xhtml b/doc/website/contact.xhtml index d1e306b..600431f 100644 --- a/doc/website/contact.xhtml +++ b/doc/website/contact.xhtml @@ -1,81 +1,72 @@ + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, see . + SPDX-License-Identifier: LGPL-2.1-or-later + --> Scute

Contact

Scute is developed and maintained by g10 Code GmbH. You can support its development by getting support contracts for custom development, security consulting and training.

Bug Reports

All bug reports should be submitted to our bug tracking system or sent via e-mail to the GnuPG development mailing list. Sensitive information can also be submitted by following the instructions in the file AUTHORS in the top-level directory of the source package.

Community

The members of our community can be reached via e-mail on the GnuPG mailing lists.

diff --git a/doc/website/documentation.xhtml b/doc/website/documentation.xhtml index ef2373e..ba22bd9 100644 --- a/doc/website/documentation.xhtml +++ b/doc/website/documentation.xhtml @@ -1,60 +1,51 @@ + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, see . + SPDX-License-Identifier: LGPL-2.1-or-later + --> Scute

Documentation

The Scute Manual is available on-line.

diff --git a/doc/website/download.xhtml b/doc/website/download.xhtml index 5eee902..98c6b76 100644 --- a/doc/website/download.xhtml +++ b/doc/website/download.xhtml @@ -1,211 +1,203 @@ + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, see . + SPDX-License-Identifier: LGPL-2.1-or-later + --> Scute

Download

Scute is currently available in source format only, and should compile on any recent GNU/Linux system. It can also be cross-built for Windows 32-bit using MingW32.

The most recent release of Scute is version 1.5.0.

Scute source distributions.
Description Version Date Size Tarball Signature
Scute source distribution 1.5.0 2017-07-14 969 kB - + download - + download
Scute source distribution 1.4.0 2010-04-21 755 kB download download
Scute source distribution 1.3.0 2009-06-20 754 kB - + download - + download
Scute source distribution 1.2.0 2008-09-02 731 kB - + download - + download
Scute source distribution 1.1.0 2007-05-02 675 kB - + download - + download
Scute source distribution 1.0.0 2006-11-11 325 kB - + download - + download

Prerequisites

Scute requires the following packages to compile: + href="https://gnupg.org/software/libgpg-error/">libgpg-error + href="https://gnupg.org/software/libassuan/">libassuan
Compile-time dependencies of Scute
PackageMin. Version
libgpg-error1.14
1.14
libassuan2.0.0
2.0.0

Scute also requires the following packages to run: + href="https://www.mozilla.com/">Firefox + href="https://gnupg.org/">GnuPG + href="https://gnupg.org/software/pinentry/">PinEntry
Run-time dependencies of Scute
PackageMin. Version
Firefoxany
any
GnuPG2.0
2.0
PinEntry0.7.0
0.7.0

Installation

Canonical installation instructions can be found in the file INSTALL in the top-level directory of the source package. Instructions for users of Scute are available in the documentation section.

Development

The source of Scute is managed using the GIT distributed revision control system. The repository can be retrieved with the following command: 

 	    $ git clone git://git.gnupg.org/scute.git
Please send an e-mail to the GnuPG + href="https://lists.gnupg.org/mailman/listinfo/gnupg-devel">GnuPG development mailing list if you are interested in participating in the Scute development.

A web interface to the Scute + href="https://git.gnupg.org/cgi-bin/gitweb.cgi?p=scute.git">Scute source repository is available on-line, and contains up-to-date as well as archived versions of all files included in the Scute source package, including the most recent development changes.

+x diff --git a/doc/website/format/web.css b/doc/website/format/web.css index 44bcb7c..baf9098 100644 --- a/doc/website/format/web.css +++ b/doc/website/format/web.css @@ -1,87 +1,77 @@ /* web.css Copyright (C) 2006 g10 Code GmbH This file is part of Scute. - + Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. Scute is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, see . + SPDX-License-Identifier: LGPL-2.1-or-later + */ /* Note that the dimensions here specify the view-port size, not the image size, which is specified in the SVG file itself. */ body { font-family: "sans-serif"; background-image: url("scute-border.jpg"); background-repeat: repeat-y; margin: 0em; } /* Same constant also below for div#main. FIXME: Can be fixed by using another div for the body. */ div#toc { margin-left: 150px; } div#toc object { width: 310px; height: 110px; float: left; margin-left: -45px } div#toc h1 { display: none; } div#toc ul { float: left; padding: 0em; } div#toc ul li { font-size: small; float: left; font-weight: bold; border-style: none none none solid; border-width: 3px 0px 3px 3px; padding: 0.6em 0em 0.6em 0.6em; margin: 0.6em 0em 0.6em 0.6em; text-align: center; list-style-type: none; } div#toc ul li:first-child { border-width: 3px 0px 3px 0px; } div#toc ul li a:link { text-decoration: none; color: black } div#toc ul li a:visited { text-decoration: none; color: black } div#toc ul li a:hover { text-decoration: underline; color: black } div#toc ul li a:active { text-decoration: underline; color: white; background-color: black; } div#main { clear: left; margin-left: 150px; margin-right: 15%; } div#main h1 { padding-top: 1em; } div#main table > caption { display: none; } div#main table { border-style: none none none solid; border-width: 3px; margin: 0.6em; text-align: left; } div#main table > tr > td,th { padding-left: 0.6em; } - diff --git a/src/Makefile.am b/src/Makefile.am index 9ceef93..266eb86 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -1,135 +1,125 @@ # Makefile.am - Makefile src/ for scute. # Copyright (C) 2006, 2008 g10 Code GmbH -# +# # This file is part of Scute. # # Scute is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. # # Scute is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Scute; if not, write to the Free Software Foundation, -# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +# Lesser General Public License for more details. # -# In addition, as a special exception, g10 Code GmbH gives permission -# to link this library: with the Mozilla Foundation's code for -# Mozilla (or with modified versions of it that use the same license -# as the "Mozilla" code), and distribute the linked executables. You -# must obey the GNU General Public License in all respects for all of -# the code used other than "Mozilla". If you modify this file, you -# may extend this exception to your version of the file, but you are -# not obligated to do so. If you do not wish to do so, delete this -# exception statement from your version. +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . +# SPDX-License-Identifier: LGPL-2.1-or-later ## Process this file with automake to produce Makefile.in EXTRA_DIST = libscute.vers scute.def versioninfo.rc.in sources = cryptoki.h pkcs11.h debug.c debug.h settings.h support.h \ locking.h locking.c error-mapping.h error-mapping.c \ get-path.c agent.h agent.c \ slots.h slots.c table.h table.c \ cert.h cert-gpgsm.c cert-object.c gpgsm.h gpgsm.c \ p11-cancelfunction.c p11-closeallsessions.c p11-closesession.c \ p11-copyobject.c p11-createobject.c p11-decrypt.c \ p11-decryptdigestupdate.c p11-decryptfinal.c p11-decryptinit.c \ p11-decryptupdate.c p11-decryptverifyupdate.c p11-derivekey.c \ p11-destroyobject.c p11-digest.c p11-digestencryptupdate.c \ p11-digestfinal.c p11-digestinit.c p11-digestkey.c \ p11-digestupdate.c p11-encrypt.c p11-encryptfinal.c \ p11-encryptinit.c p11-encryptupdate.c p11-finalize.c \ p11-findobjects.c p11-findobjectsfinal.c p11-findobjectsinit.c \ p11-generatekey.c p11-generatekeypair.c p11-generaterandom.c \ p11-getattributevalue.c p11-getfunctionlist.c \ p11-getfunctionstatus.c p11-getinfo.c p11-getmechanisminfo.c \ p11-getmechanismlist.c p11-getobjectsize.c \ p11-getoperationstate.c p11-getsessioninfo.c p11-getslotinfo.c \ p11-getslotlist.c p11-gettokeninfo.c p11-initialize.c \ p11-initpin.c p11-inittoken.c p11-login.c p11-logout.c \ p11-opensession.c p11-seedrandom.c p11-setattributevalue.c \ p11-setoperationstate.c p11-setpin.c p11-sign.c \ p11-signencryptupdate.c p11-signfinal.c p11-signinit.c \ p11-signrecover.c p11-signrecoverinit.c p11-signupdate.c \ p11-unwrapkey.c p11-verify.c p11-verifyfinal.c p11-verifyinit.c \ p11-verifyrecover.c p11-verifyrecoverinit.c p11-verifyupdate.c \ p11-waitforslotevent.c p11-wrapkey.c sexp-parse.h if HAVE_LD_VERSION_SCRIPT scute_version_script_cmd = -Wl,--version-script=$(srcdir)/libscute.vers else scute_version_script_cmd = endif lib_LTLIBRARIES = scute.la if HAVE_W32_SYSTEM RCCOMPILE = $(RC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ $(AM_CPPFLAGS) $(CPPFLAGS) LTRCCOMPILE = $(LIBTOOL) --mode=compile --tag=RC $(RCCOMPILE) SUFFIXES: .rc .lo .rc.lo: $(LTRCCOMPILE) -i "$<" -o "$@" scute_res = versioninfo.lo scute_res_ldflag = -Wl,.libs/versioninfo.o no_undefined = -no-undefined export_symbols = -export-symbols $(srcdir)/scute.def install-def-file: $(INSTALL) $(srcdir)/scute.def $(DESTDIR)$(libdir)/scute.def uninstall-def-file: -rm $(DESTDIR)$(libdir)/scute.def # On Windows targets, link statically to libgpg-error and libassuan. scute_deps = $(scute_res) scute.def libgpg-error.a libassuan.a scute_libadd = -L. libgpg-error.a: ln -sf $$($(GPG_ERROR_CONFIG) --prefix)/lib/libgpg-error.a . libassuan.a: ln -sf $$($(LIBASSUAN_CONFIG) --prefix)/lib/libassuan.a . clean-local: rm -f libgpg-error.a libassuan.a else scute_res = scute_res_ldflag = no_undefined = export_symbols = install-def-file: uninstall-def-file: scute_deps = scute_libadd = endif scute_la_LDFLAGS = $(scute_res_ldflag) $(no_undefined) -module -avoid-version $(export_symbols) \ $(scute_version_script_cmd) -version-info \ @LIBSCUTE_LT_CURRENT@:@LIBSCUTE_LT_REVISION@:@LIBSCUTE_LT_AGE@ scute_la_DEPENDENCIES = @LTLIBOBJS@ $(srcdir)/libscute.vers $(scute_deps) # scute_libadd must come BEFORE libassuan and gpg-error, because we # override it on Windows targets. scute_la_LIBADD = $(scute_libadd) \ @LTLIBOBJS@ @LIBASSUAN_LIBS@ @GPG_ERROR_LIBS@ scute_la_CPPFLAGS = -I$(srcdir)/../include \ @LIBASSUAN_CFLAGS@ @GPG_ERROR_CFLAGS@ scute_la_SOURCES = $(sources) diff --git a/src/agent.c b/src/agent.c index 9a25820..df9cdc1 100644 --- a/src/agent.c +++ b/src/agent.c @@ -1,1226 +1,1217 @@ /* agent.c - Talking to gpg-agent. - Copyright (C) 2006, 2007, 2008, 2015 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006, 2007, 2008, 2015 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include #include #include #include #ifdef HAVE_W32_SYSTEM #define PATHSEP_C ';' #define WINVER 0x0500 /* Required for AllowSetForegroundWindow. */ #include #else #define PATHSEP_C ':' #endif #include #include #include "debug.h" #include "support.h" #include "sexp-parse.h" #include "cert.h" #include "agent.h" /* The global agent context. */ static assuan_context_t agent_ctx = NULL; /* The version number of the agent. */ static int agent_version_major; static int agent_version_minor; /* Hack required for Windows. */ void gnupg_allow_set_foregound_window (pid_t pid) { if (!pid || pid == (pid_t)(-1)) return; #ifdef HAVE_W32_SYSTEM else if (!AllowSetForegroundWindow (pid)) DEBUG (DBG_CRIT, "AllowSetForegroundWindow(%lu) failed: %i\n", (unsigned long)pid, GetLastError ()); #endif } /* Establish a connection to a running GPG agent. */ static gpg_error_t agent_connect (assuan_context_t *ctx_r) { gpg_error_t err = 0; assuan_context_t ctx = NULL; char buffer[255]; FILE *p; /* Use gpg-connect-agent to obtain the socket name * directly from the agent itself. */ snprintf (buffer, sizeof buffer, "%s 'GETINFO socket_name' /bye", get_gpg_connect_agent_path ()); #ifdef HAVE_W32_SYSTEM p = _popen (buffer, "r"); #else p = popen (buffer, "r"); #endif if (p) { int ret; ret = fscanf (p, "D %254s\nOK\n", buffer); if (ret == EOF) /* I/O error? */ err = gpg_error_from_errno (errno); else if (ret != 1) /* Unexpected reply */ err = gpg_error (GPG_ERR_NO_AGENT); pclose (p); } else err = gpg_error_from_errno (errno); /* Then connect to the socket we got. */ if (!err) { err = assuan_new (&ctx); if (!err) { err = assuan_socket_connect (ctx, buffer, 0, 0); if (!err) { *ctx_r = ctx; if (_scute_debug_flags & DBG_ASSUAN) assuan_set_log_stream (*ctx_r, _scute_debug_stream); } else assuan_release (ctx); } } /* We do not try any harder. If gpg-connect-agent somehow failed * to give us a suitable socket, we probably cannot do better. */ if (err) DEBUG (DBG_CRIT, "cannot connect to GPG agent: %s", gpg_strerror (err)); return err; } /* This is the default inquiry callback. It mainly handles the Pinentry notifications. */ static gpg_error_t default_inq_cb (void *opaque, const char *line) { (void)opaque; if (!strncmp (line, "PINENTRY_LAUNCHED", 17) && (line[17]==' '||!line[17])) { gnupg_allow_set_foregound_window ((pid_t)strtoul (line+17, NULL, 10)); /* We do not pass errors to avoid breaking other code. */ } else DEBUG (DBG_CRIT, "ignoring gpg-agent inquiry `%s'\n", line); return 0; } /* Send a simple command to the agent. */ static gpg_error_t agent_simple_cmd (assuan_context_t ctx, const char *fmt, ...) { gpg_error_t err; char *optstr; va_list arg; int res; va_start (arg, fmt); res = vasprintf (&optstr, fmt, arg); va_end (arg); if (res < 0) return gpg_error_from_errno (errno); err = assuan_transact (ctx, optstr, NULL, NULL, default_inq_cb, NULL, NULL, NULL); if (err) DEBUG (DBG_CRIT, "gpg-agent command '%s' failed: %s", optstr, gpg_strerror (err)); free (optstr); return err; } /* Read and stroe the agent's version number. */ static gpg_error_t read_version_cb (void *opaque, const void *buffer, size_t length) { char version[20]; const char *s; (void) opaque; if (length > sizeof (version) -1) length = sizeof (version) - 1; strncpy (version, buffer, length); version[length] = 0; agent_version_major = atoi (version); s = strchr (version, '.'); agent_version_minor = s? atoi (s+1) : 0; return 0; } /* Configure the GPG agent at connection CTX. */ static gpg_error_t agent_configure (assuan_context_t ctx) { gpg_error_t err = 0; char *dft_display = NULL; char *dft_ttyname = NULL; char *dft_ttytype = NULL; #if defined(HAVE_SETLOCALE) && (defined(LC_CTYPE) || defined(LC_MESSAGES)) char *old_lc = NULL; char *dft_lc = NULL; #endif char *dft_xauthority = NULL; char *dft_pinentry_user_data = NULL; err = agent_simple_cmd (ctx, "RESET"); if (err) return err; /* Set up display, terminal and locale options. */ dft_display = getenv ("DISPLAY"); if (dft_display) err = agent_simple_cmd (ctx, "OPTION display=%s", dft_display); if (err) return err; dft_ttyname = getenv ("GPG_TTY"); if ((!dft_ttyname || !*dft_ttyname) && ttyname (0)) dft_ttyname = ttyname (0); if (dft_ttyname) { err = agent_simple_cmd (ctx, "OPTION ttyname=%s", dft_ttyname); if (err) return err; } dft_ttytype = getenv ("TERM"); if (dft_ttytype) err = agent_simple_cmd (ctx, "OPTION ttytype=%s", dft_ttytype); if (err) return err; #if defined(HAVE_SETLOCALE) && defined(LC_CTYPE) old_lc = setlocale (LC_CTYPE, NULL); if (old_lc) { old_lc = strdup (old_lc); if (!old_lc) return gpg_error_from_errno (errno); } dft_lc = setlocale (LC_CTYPE, ""); if (dft_lc) err = agent_simple_cmd ("OPTION lc-ctype=%s", dft_lc); if (old_lc) { setlocale (LC_CTYPE, old_lc); free (old_lc); } #endif if (err) return err; #if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES) old_lc = setlocale (LC_MESSAGES, NULL); if (old_lc) { old_lc = strdup (old_lc); if (!old_lc) err = gpg_error_from_errno (errno); } dft_lc = setlocale (LC_MESSAGES, ""); if (dft_lc) err = agent_simple_cmd ("OPTION lc-messages=%s", dft_lc); if (old_lc) { setlocale (LC_MESSAGES, old_lc); free (old_lc); } #endif dft_xauthority = getenv ("XAUTHORITY"); if (dft_xauthority) err = agent_simple_cmd (ctx, "OPTION xauthority=%s", dft_xauthority); if (gpg_err_code (err) == GPG_ERR_UNKNOWN_OPTION) err = 0; else if (err) return err; dft_pinentry_user_data = getenv ("PINENTRY_USER_DATA"); if (dft_pinentry_user_data) err = agent_simple_cmd (ctx, "OPTION pinentry_user_data=%s", dft_pinentry_user_data); if (err && gpg_err_code (err) != GPG_ERR_UNKNOWN_OPTION) return err; err = agent_simple_cmd (ctx, "OPTION allow-pinentry-notify"); if (err && gpg_err_code (err) != GPG_ERR_UNKNOWN_OPTION) return err; err = assuan_transact (ctx, "GETINFO version", read_version_cb, NULL, NULL, NULL, NULL, NULL); if (gpg_err_code (err) == GPG_ERR_UNKNOWN_OPTION) err = 0; else if (err) return err; return err; } /* Try to connect to the agent via socket. Handle the server's initial greeting. */ gpg_error_t scute_agent_initialize (void) { gpg_error_t err = 0; if (agent_ctx) { DEBUG (DBG_CRIT, "GPG Agent connection already established"); return 0; } DEBUG (DBG_INFO, "Establishing connection to gpg-agent"); err = agent_connect (&agent_ctx); if (err) return err; err = agent_configure (agent_ctx); if (err) scute_agent_finalize (); return err; } int scute_agent_get_agent_version (int *minor) { *minor = agent_version_minor; return agent_version_major; } /* Return a new malloced string by unescaping the string S. Escaping is percent escaping and '+'/space mapping. A binary nul will silently be replaced by a 0xFF. Function returns NULL to indicate an out of memory status. */ static char * unescape_status_string (const unsigned char *src) { char *buffer; char *dst; buffer = malloc (strlen (src) + 1); if (!buffer) return NULL; dst = buffer; while (*src) { if (*src == '%' && src[1] && src[2]) { src++; *dst = xtoi_2 (src); if (*dst == '\0') *dst = '\xff'; dst++; src += 2; } else if (*src == '+') { *(dst++) = ' '; src++; } else *(dst++) = *(src++); } *dst = 0; return buffer; } /* Take a 20 byte hexencoded string and put it into the provided 20 byte buffer FPR in binary format. Returns true if successful, and false otherwise. */ static int unhexify_fpr (const char *hexstr, unsigned char *fpr) { const char *src; int cnt; /* Check for invalid or wrong length. */ for (src = hexstr, cnt = 0; hexdigitp (src); src++, cnt++) ; if ((*src && !spacep (src)) || (cnt != 40)) return 0; for (src = hexstr, cnt = 0; *src && !spacep (src); src += 2, cnt++) fpr[cnt] = xtoi_2 (src); return 1; } /* Return true if HEXSTR is a valid keygrip. */ static unsigned int hexgrip_valid_p (const char *hexstr) { const char *s; int n; for (s=hexstr, n=0; hexdigitp (s); s++, n++) ; if ((*s && *s != ' ') || n != 40) return 0; /* Bad keygrip */ else return 1; /* Valid. */ } /* Take the serial number from LINE and return it verbatim in a newly allocated string. We make sure that only hex characters are returned. */ static char * store_serialno (const char *line) { const char *src; char *ptr; for (src = line; hexdigitp (src); src++) ; ptr = malloc (src + 1 - line); if (ptr) { memcpy (ptr, line, src - line); ptr[src - line] = 0; } return ptr; } /* Release the card info structure INFO. */ void scute_agent_release_card_info (struct agent_card_info_s *info) { if (!info) return; free (info->serialno); free (info->dispserialno); free (info->cardtype); free (info->disp_name); free (info->disp_lang); free (info->pubkey_url); free (info->login_data); while (info->kinfo) { key_info_t ki = info->kinfo->next; free (info->kinfo); info->kinfo = ki; } memset (info, 0, sizeof (*info)); } /* Return the key info object for the key KEYREF. If it is not found * NULL is returned. */ key_info_t scute_find_kinfo (agent_card_info_t info, const char *keyref) { key_info_t kinfo; for (kinfo = info->kinfo; kinfo; kinfo = kinfo->next) if (!strcmp (kinfo->keyref, keyref)) return kinfo; return NULL; } /* Create a new key info object with KEYREF. All fields but the * keyref are zeroed out. The created object is appended to the list * at INFO. */ static key_info_t create_kinfo (agent_card_info_t info, const char *keyref) { key_info_t kinfo, ki; kinfo = calloc (1, sizeof *kinfo + strlen (keyref)); if (!kinfo) return NULL; strcpy (kinfo->keyref, keyref); if (!info->kinfo) info->kinfo = kinfo; else { for (ki=info->kinfo; ki->next; ki = ki->next) ; ki->next = kinfo; } return kinfo; } /* FIXME: We are not returning out of memory errors. */ static gpg_error_t learn_status_cb (void *opaque, const char *line) { agent_card_info_t parm = opaque; const char *keyword = line; int keywordlen; key_info_t kinfo; const char *keyref; int i; for (keywordlen = 0; *line && !spacep (line); line++, keywordlen++) ; while (spacep (line)) line++; if (keywordlen == 8 && !memcmp (keyword, "SERIALNO", keywordlen)) { free (parm->serialno); parm->serialno = store_serialno (line); } else if (keywordlen == 13 && !memcmp (keyword, "$DISPSERIALNO", keywordlen)) { free (parm->dispserialno); parm->dispserialno = unescape_status_string (line); } else if (keywordlen == 7 && !memcmp (keyword, "APPTYPE", keywordlen)) { parm->is_piv = !strcmp (line, "PIV"); } else if (keywordlen == 8 && !memcmp (keyword, "CARDTYPE", keywordlen)) { free (parm->cardtype); parm->cardtype = unescape_status_string (line); } else if (keywordlen == 9 && !memcmp (keyword, "DISP-NAME", keywordlen)) { if (parm->disp_name) free (parm->disp_name); parm->disp_name = unescape_status_string (line); } else if (keywordlen == 9 && !memcmp (keyword, "DISP-LANG", keywordlen)) { if (parm->disp_lang) free (parm->disp_lang); parm->disp_lang = unescape_status_string (line); } else if (keywordlen == 8 && !memcmp (keyword, "DISP-SEX", keywordlen)) { parm->disp_sex = *line == '1'? 1 : *line == '2' ? 2: 0; } else if (keywordlen == 10 && !memcmp (keyword, "PUBKEY-URL", keywordlen)) { if (parm->pubkey_url) free (parm->pubkey_url); parm->pubkey_url = unescape_status_string (line); } else if (keywordlen == 10 && !memcmp (keyword, "LOGIN-DATA", keywordlen)) { if (parm->login_data) free (parm->login_data); parm->login_data = unescape_status_string (line); } else if (keywordlen == 11 && !memcmp (keyword, "SIG-COUNTER", keywordlen)) { parm->sig_counter = strtoul (line, NULL, 0); } else if (keywordlen == 10 && !memcmp (keyword, "CHV-STATUS", keywordlen)) { char *p, *buf; buf = p = unescape_status_string (line); if (buf) { while (spacep (p)) p++; parm->chv1_cached = atoi (p); while (*p && !spacep (p)) p++; while (spacep (p)) p++; for (i = 0; *p && i < 3; i++) { parm->chvmaxlen[i] = atoi (p); while (*p && !spacep (p)) p++; while (spacep (p)) p++; } for (i=0; *p && i < 3; i++) { parm->chvretry[i] = atoi (p); while (*p && !spacep (p)) p++; while (spacep (p)) p++; } free (buf); } } else if (keywordlen == 7 && !memcmp (keyword, "KEY-FPR", keywordlen)) { int no = atoi (line); while (*line && !spacep (line)) line++; while (spacep (line)) line++; if (no == 1) parm->fpr1valid = unhexify_fpr (line, parm->fpr1); else if (no == 2) parm->fpr2valid = unhexify_fpr (line, parm->fpr2); else if (no == 3) parm->fpr3valid = unhexify_fpr (line, parm->fpr3); } else if (keywordlen == 6 && !memcmp (keyword, "CA-FPR", keywordlen)) { int no = atoi (line); while (*line && !spacep (line)) line++; while (spacep (line)) line++; if (no == 1) parm->cafpr1valid = unhexify_fpr (line, parm->cafpr1); else if (no == 2) parm->cafpr2valid = unhexify_fpr (line, parm->cafpr2); else if (no == 3) parm->cafpr3valid = unhexify_fpr (line, parm->cafpr3); } else if (keywordlen == 11 && !memcmp (keyword, "KEYPAIRINFO", keywordlen)) { /* The format of such a line is: * KEYPARINFO */ const char *hexgrip = line; while (*line && !spacep (line)) line++; while (spacep (line)) line++; keyref = line; if (hexgrip_valid_p (hexgrip)) { /* Check whether we already have an item for the keyref. */ kinfo = scute_find_kinfo (parm, keyref); if (!kinfo) /* New entry. */ { kinfo = create_kinfo (parm, keyref); if (!kinfo) goto no_core; } else /* Existing entry - clear the grip. */ *kinfo->grip = 0; strncpy (kinfo->grip, hexgrip, sizeof kinfo->grip); kinfo->grip[sizeof kinfo->grip -1] = 0; } } else if (keywordlen == 6 && !memcmp (keyword, "EXTCAP", keywordlen)) { char *p, *p2, *buf; int abool; buf = p = unescape_status_string (line); if (buf) { for (p = strtok (buf, " "); p; p = strtok (NULL, " ")) { p2 = strchr (p, '='); if (p2) { *p2++ = 0; abool = (*p2 == '1'); if (!strcmp (p, "gc")) parm->rng_available = abool; /* We're currently not interested in the * other capabilities. */ } } free (buf); } } return 0; no_core: return gpg_error_from_syserror (); } /* Call the agent to learn about a smartcard. */ gpg_error_t scute_agent_learn (struct agent_card_info_s *info) { gpg_error_t err; memset (info, 0, sizeof (*info)); err = assuan_transact (agent_ctx, "LEARN --sendinfo", NULL, NULL, default_inq_cb, NULL, learn_status_cb, info); if (gpg_err_source(err) == GPG_ERR_SOURCE_SCD && gpg_err_code (err) == GPG_ERR_CARD_REMOVED) { /* SCD session is in card removed state. clear that state. */ err = assuan_transact (agent_ctx, "SCD SERIALNO", NULL, NULL, NULL, NULL, NULL, NULL); if (!err) { memset (info, 0, sizeof (*info)); err = assuan_transact (agent_ctx, "LEARN --sendinfo", NULL, NULL, default_inq_cb, NULL, learn_status_cb, info); } } if (!err) { /* Also try to get the human readabale serial number. */ err = assuan_transact (agent_ctx, "SCD GETATTR $DISPSERIALNO", NULL, NULL, default_inq_cb, NULL, learn_status_cb, info); if (gpg_err_code (err) == GPG_ERR_INV_NAME || gpg_err_code (err) == GPG_ERR_UNSUPPORTED_OPERATION) err = 0; /* Not implemented or GETATTR not supported. */ } return err; } static gpg_error_t geteventcounter_status_cb (void *opaque, const char *line) { int *result = opaque; const char *keyword = line; int keywordlen; for (keywordlen=0; *line && !spacep (line); line++, keywordlen++) ; while (spacep (line)) line++; if (keywordlen == 12 && !memcmp (keyword, "EVENTCOUNTER", keywordlen)) { static int any_count; static unsigned int last_count; unsigned int count; if (sscanf (line, "%*u %*u %u ", &count) == 1) { if (any_count && last_count != count) *result = 1; any_count = 1; last_count = count; } } return 0; } static gpg_error_t read_status_cb (void *opaque, const void *buffer, size_t length) { char *flag = opaque; if (length == 0) *flag = 'r'; else *flag = *((char *) buffer); return 0; } /* Check the agent status. This returns 0 if a token is present, GPG_ERR_CARD_REMOVED if no token is present, and an error code otherwise. */ gpg_error_t scute_agent_check_status (void) { static char last_flag; gpg_error_t err; int any = 0; char flag = '-'; /* First we look at the eventcounter to see if anything happened at all. This is a low overhead function which won't even clutter a gpg-agent log file. There is no need for error checking here. */ if (last_flag) assuan_transact (agent_ctx, "GETEVENTCOUNTER", NULL, NULL, NULL, NULL, geteventcounter_status_cb, &any); if (any || !last_flag) { err = assuan_transact (agent_ctx, "SCD GETINFO status", read_status_cb, &flag, default_inq_cb, NULL, NULL, NULL); if (err) return err; last_flag = flag; } else flag = last_flag; if (flag == 'r') return gpg_error (GPG_ERR_CARD_REMOVED); return 0; } /* We only support RSA signatures up to 4096 bits. */ #define MAX_SIGNATURE_BITS 4096 /* Enough space to hold a 4096 bit RSA signature in an S-expression. */ #define MAX_SIGNATURE_LEN 640 /* FIXME: magic value */ struct signature { unsigned char data[MAX_SIGNATURE_LEN]; int len; }; static gpg_error_t pksign_cb (void *opaque, const void *buffer, size_t length) { struct signature *sig = opaque; if (sig->len + length > MAX_SIGNATURE_LEN) { DEBUG (DBG_INFO, "maximum signature length exceeded"); return gpg_error (GPG_ERR_BAD_DATA); } memcpy (&sig->data[sig->len], buffer, length); sig->len += length; return 0; } /* Parse the result of an pksign operation which is a s-expression in canonical form that looks like (7:sig-val(3:rsa(1:s:))). The raw result is stored in RESULT of size *LEN, and *LEN is adjusted to the actual size. */ static gpg_error_t pksign_parse_result (const struct signature *sig, unsigned char *result, unsigned int *len) { gpg_error_t err; const unsigned char *s = sig->data; size_t n; int depth; if (*s++ != '(') gpg_error (GPG_ERR_INV_SEXP); n = snext (&s); if (! n) return gpg_error (GPG_ERR_INV_SEXP); if (! smatch (&s, n, "sig-val")) return gpg_error (GPG_ERR_UNKNOWN_SEXP); if (*s++ != '(') gpg_error (GPG_ERR_UNKNOWN_SEXP); n = snext (&s); if (! n) return gpg_error (GPG_ERR_INV_SEXP); if (! smatch (&s, n, "rsa")) return gpg_error (GPG_ERR_UNKNOWN_SEXP); if (*s++ != '(') gpg_error (GPG_ERR_UNKNOWN_SEXP); n = snext (&s); if (! n) return gpg_error (GPG_ERR_INV_SEXP); if (! smatch (&s, n, "s")) return gpg_error (GPG_ERR_UNKNOWN_SEXP); n = snext (&s); if (! n) return gpg_error (GPG_ERR_INV_SEXP); /* Remove a possible prepended zero byte. */ if (!*s && n > 1) { n -= 1; s += 1; } if (*len < (unsigned int) n) return gpg_error (GPG_ERR_INV_LENGTH); *len = (unsigned int) n; memcpy (result, s, n); s += n; depth = 3; err = sskip (&s, &depth); if (err) return err; if (s - sig->data != sig->len || depth != 0) return gpg_error (GPG_ERR_INV_SEXP); return 0; } /* Decodes the hash DATA of size LEN (if necessary). Returns a pointer to the raw hash data in R_DATA, the size in R_LEN, and the name of the hash function in R_HASH. Prior to TLSv1.2, the hash function was the concatenation of MD5 and SHA1 applied to the data respectively, and no encoding was applied. From TLSv1.2 on, the hash value is prefixed with an hash identifier and encoded using ASN1. FIXME: Reference. */ static gpg_error_t decode_hash (const unsigned char *data, int len, const unsigned char **r_data, size_t *r_len, const char **r_hash) { static unsigned char rmd160_prefix[15] = /* Object ID is 1.3.36.3.2.1 */ { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x24, 0x03, 0x02, 0x01, 0x05, 0x00, 0x04, 0x14 }; static unsigned char sha1_prefix[15] = /* (1.3.14.3.2.26) */ { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 }; static unsigned char sha224_prefix[19] = /* (2.16.840.1.101.3.4.2.4) */ { 0x30, 0x2D, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, 0x00, 0x04, 0x1C }; static unsigned char sha256_prefix[19] = /* (2.16.840.1.101.3.4.2.1) */ { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20 }; static unsigned char sha384_prefix[19] = /* (2.16.840.1.101.3.4.2.2) */ { 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30 }; static unsigned char sha512_prefix[19] = /* (2.16.840.1.101.3.4.2.3) */ { 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40 }; #define HANDLE(hash,hashlen) \ if (len == sizeof hash ## _prefix + (hashlen) \ && !memcmp (data, hash ## _prefix, sizeof hash ## _prefix)) \ { \ *r_data = data + sizeof hash ## _prefix; \ *r_len = hashlen; \ *r_hash = #hash; \ } if (len == 36) { /* Prior to TLSv1.2, a combination of MD5 and SHA1 was used. */ *r_data = data; *r_len = 36; *r_hash = "tls-md5sha1"; } /* TLSv1.2 encodes the hash value using ASN1. */ else HANDLE (sha1, 20) else HANDLE (rmd160, 20) else HANDLE (sha224, 28) else HANDLE (sha256, 32) else HANDLE (sha384, 48) else HANDLE (sha512, 64) else return gpg_error (GPG_ERR_INV_ARG); #undef HANDLE return 0; } /* Call the agent to sign (DATA,LEN) using the key described by * HEXGRIP. Stores the signature in SIG_RESULT and its lengtn at * SIG_LEN; SIGLEN must initially point to the allocated size of * SIG_RESULT. */ gpg_error_t scute_agent_sign (const char *hexgrip, unsigned char *data, int len, unsigned char *sig_result, unsigned int *sig_len) { char cmd[150]; gpg_error_t err; const char *hash; const unsigned char *raw_data; size_t raw_len; #define MAX_DATA_LEN 64 /* Size of an SHA512 sum. */ unsigned char pretty_data[2 * MAX_DATA_LEN + 1]; int i; struct signature sig; sig.len = 0; if (sig_len == NULL) return gpg_error (GPG_ERR_INV_ARG); err = decode_hash (data, len, &raw_data, &raw_len, &hash); if (err) return err; if (sig_result == NULL) { *sig_len = raw_len; return 0; } if (!hexgrip || !sig_result) return gpg_error (GPG_ERR_INV_ARG); snprintf (cmd, sizeof (cmd), "SIGKEY %s", hexgrip); err = assuan_transact (agent_ctx, cmd, NULL, NULL, default_inq_cb, NULL, NULL, NULL); if (err) return err; for (i = 0; i < raw_len; i++) snprintf (&pretty_data[2 * i], 3, "%02X", raw_data[i]); pretty_data[2 * raw_len] = '\0'; snprintf (cmd, sizeof (cmd), "SETHASH --hash=%s %s", hash, pretty_data); err = assuan_transact (agent_ctx, cmd, NULL, NULL, default_inq_cb, NULL, NULL, NULL); if (err) return err; err = assuan_transact (agent_ctx, "PKSIGN", pksign_cb, &sig, default_inq_cb, NULL, NULL, NULL); if (err) return err; err = pksign_parse_result (&sig, sig_result, sig_len); return err; } /* Determine if FPR is trusted. */ gpg_error_t scute_agent_is_trusted (const char *fpr, bool *is_trusted) { gpg_error_t err; bool trusted = false; char cmd[150]; snprintf (cmd, sizeof (cmd), "ISTRUSTED %s", fpr); err = assuan_transact (agent_ctx, cmd, NULL, NULL, default_inq_cb, NULL, NULL, NULL); if (err && gpg_err_code (err) != GPG_ERR_NOT_TRUSTED) return err; else if (!err) trusted = true; *is_trusted = trusted; return 0; } #define GET_CERT_INIT_SIZE 2048 struct get_cert_s { unsigned char *cert_der; int cert_der_len; int cert_der_size; }; gpg_error_t get_cert_data_cb (void *opaque, const void *data, size_t data_len) { struct get_cert_s *cert_s = opaque; int needed_size; needed_size = cert_s->cert_der_len + data_len; if (needed_size > cert_s->cert_der_size) { unsigned char *new_cert_der; int new_cert_der_size = cert_s->cert_der_size; if (new_cert_der_size == 0) new_cert_der_size = GET_CERT_INIT_SIZE; while (new_cert_der_size < needed_size) new_cert_der_size *= 2; if (cert_s->cert_der == NULL) new_cert_der = malloc (new_cert_der_size); else new_cert_der = realloc (cert_s->cert_der, new_cert_der_size); if (new_cert_der == NULL) return gpg_error_from_syserror (); cert_s->cert_der = new_cert_der; cert_s->cert_der_size = new_cert_der_size; } memcpy (cert_s->cert_der + cert_s->cert_der_len, data, data_len); cert_s->cert_der_len += data_len; return 0; } /* Try to get certificate for CERTREF. */ gpg_error_t scute_agent_get_cert (const char *certref, struct cert *cert) { gpg_error_t err; char cmd[150]; struct get_cert_s cert_s; cert_s.cert_der = NULL; cert_s.cert_der_len = 0; cert_s.cert_der_size = 0; snprintf (cmd, sizeof (cmd), "SCD READCERT %s", certref); err = assuan_transact (agent_ctx, cmd, get_cert_data_cb, &cert_s, NULL, NULL, NULL, NULL); /* Just to be safe... */ if (!err && (cert_s.cert_der_len <= 16 || cert_s.cert_der[0] != 0x30)) { DEBUG (DBG_INFO, "bad card certificate rejected"); err = gpg_error (GPG_ERR_BAD_CERT); } if (err) { if (cert_s.cert_der) free (cert_s.cert_der); return err; } DEBUG (DBG_INFO, "got certificate from card with length %i", cert_s.cert_der_len); cert->cert_der = cert_s.cert_der; cert->cert_der_len = cert_s.cert_der_len; strncpy (cert->certref, certref, sizeof cert->certref -1); cert->certref[sizeof cert->certref - 1] = 0; return 0; } struct random_request { unsigned char *buffer; size_t len; }; gpg_error_t get_challenge_data_cb (void *opaque, const void *line, size_t len) { struct random_request *request = opaque; if (len != request->len) return gpg_error (GPG_ERR_INV_LENGTH); memcpy (request->buffer, line, len); return 0; } gpg_error_t scute_agent_get_random (unsigned char *data, size_t len) { char command[16]; gpg_error_t err; struct random_request request; snprintf (command, sizeof(command), "SCD RANDOM %zu", len); request.buffer = data; request.len = len; err = assuan_transact (agent_ctx, command, get_challenge_data_cb, &request, NULL, NULL, NULL, NULL); return err; } void scute_agent_finalize (void) { if (!agent_ctx) { DEBUG (DBG_CRIT, "no GPG Agent connection established"); return; } DEBUG (DBG_INFO, "releasing agent context"); assuan_release (agent_ctx); agent_ctx = NULL; } diff --git a/src/cert-gpgsm.c b/src/cert-gpgsm.c index 14a675a..c3d8e31 100644 --- a/src/cert-gpgsm.c +++ b/src/cert-gpgsm.c @@ -1,642 +1,633 @@ /* cert-gpgsm.c - Scute certificate searching. - Copyright (C) 2006, 2007 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006, 2007 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include #include #include #include #include #include "agent.h" #include "cert.h" #include "support.h" #include "debug.h" /* The maximum length of a key listing line. We take the double of * the allowed Assuan line length plus some extra space to avoid a * memmove after a part of a line has been processed. */ #define MAX_LINE_LEN (ASSUAN_LINELENGTH*2 + 200) struct keylist_ctx { /* The pending line in an active key listing. */ char pending[MAX_LINE_LEN + 1]; unsigned int pending_len; /* The current certificate. */ struct cert cert; /* The caller's search callback, invoked for each certificate. */ cert_search_cb_t search_cb; void *search_cb_hook; }; /* Support macros */ #define atoi_1(p) (*(p) - '0' ) #define atoi_2(p) ((atoi_1(p) * 10) + atoi_1((p)+1)) #define atoi_4(p) ((atoi_2(p) * 100) + atoi_2((p)+2)) /*** Local prototypes ***/ static gpg_error_t export_cert (const char *fpr, struct cert *cert); /* Release allocated storage for the certificate CERT and reset the certificate. */ static void cert_reset (struct cert *cert) { if (cert->issuer_serial) free (cert->issuer_serial); if (cert->issuer_name) free (cert->issuer_name); if (cert->uid) free (cert->uid); if (cert->cert_der) free (cert->cert_der); memset (cert, '\0', sizeof (struct cert)); } /* Parse the string TIMESTAMP into a time_t. The string may either be seconds since Epoch or in the ISO 8601 format like "20390815T143012". Returns 0 for an empty string or seconds since Epoch. Leading spaces are skipped. If ENDP is not NULL, it will point to the next non-parsed character in TIMESTRING. */ static time_t parse_timestamp (const char *timestamp, char **endp) { /* Need to skip leading spaces, because that is what strtoul does but not our ISO 8601 checking code. */ while (*timestamp && *timestamp== ' ') timestamp++; if (!*timestamp) return 0; if (strlen (timestamp) >= 15 && timestamp[8] == 'T') { struct tm buf; int year; year = atoi_4 (timestamp); if (year < 1900) return (time_t)(-1); /* Fixme: We would better use a configure test to see whether mktime can handle dates beyond 2038. */ if (sizeof (time_t) <= 4 && year >= 2038) return (time_t)2145914603; /* 2037-12-31 23:23:23 */ memset (&buf, 0, sizeof buf); buf.tm_year = year - 1900; buf.tm_mon = atoi_2 (timestamp+4) - 1; buf.tm_mday = atoi_2 (timestamp+6); buf.tm_hour = atoi_2 (timestamp+9); buf.tm_min = atoi_2 (timestamp+11); buf.tm_sec = atoi_2 (timestamp+13); if (endp) *endp = (char*)(timestamp + 15); #ifdef HAVE_TIMEGM return timegm (&buf); #else /* FIXME: Need to set TZ to UTC, but that is not thread-safe. */ return mktime (&buf); #endif } else return (time_t)strtoul (timestamp, endp, 10); } /* Decode the C formatted string SRC and store the result in the buffer *DESTP which is LEN bytes long. If LEN is zero, then a large enough buffer is allocated with malloc and *DESTP is set to the result. Currently, LEN is only used to specify if allocation is desired or not, the caller is expected to make sure that *DESTP is large enough if LEN is not zero. */ static gpg_error_t decode_c_string (const char *src, char **destp, size_t len) { char *dest; /* Set up the destination buffer. */ if (len) { if (len < strlen (src) + 1) return gpg_error (GPG_ERR_INTERNAL); dest = *destp; } else { /* The converted string will never be larger than the original string. */ dest = malloc (strlen (src) + 1); if (!dest) return gpg_error_from_syserror (); *destp = dest; } /* Convert the string. */ while (*src) { if (*src != '\\') { *(dest++) = *(src++); continue; } switch (src[1]) { #define DECODE_ONE(match,result) \ case match: \ src += 2; \ *(dest++) = result; \ break; DECODE_ONE ('\'', '\''); DECODE_ONE ('\"', '\"'); DECODE_ONE ('\?', '\?'); DECODE_ONE ('\\', '\\'); DECODE_ONE ('a', '\a'); DECODE_ONE ('b', '\b'); DECODE_ONE ('f', '\f'); DECODE_ONE ('n', '\n'); DECODE_ONE ('r', '\r'); DECODE_ONE ('t', '\t'); DECODE_ONE ('v', '\v'); case 'x': { int val = xtoi_2 (&src[2]); if (val == -1) { /* Should not happen. */ *(dest++) = *(src++); *(dest++) = *(src++); if (*src) *(dest++) = *(src++); if (*src) *(dest++) = *(src++); } else { if (!val) { /* A binary zero is not representable in a C string. */ *(dest++) = '\\'; *(dest++) = '0'; } else *((unsigned char *) dest++) = val; src += 4; } } break; default: { /* Should not happen. */ *(dest++) = *(src++); *(dest++) = *(src++); } } } *(dest++) = 0; return 0; } /* Helper for keylist_cb. This fucntion is invoked for each complete * line assembled by keylist_cb. */ static gpg_error_t keylist_cb_line (struct keylist_ctx *ctx) { char *line; enum { RT_NONE, RT_CRT, RT_CRS, RT_FPR, RT_GRP, RT_UID } rectype = RT_NONE; #define NR_FIELDS 16 char *field[NR_FIELDS]; int fields = 0; struct cert *cert; /* Strip a trailing carriage return. */ if (ctx->pending_len > 0 && ctx->pending[ctx->pending_len - 1] == '\r') ctx->pending_len--; ctx->pending[ctx->pending_len - 1] = '\0'; ctx->pending_len = 0; cert = &ctx->cert; line = ctx->pending; while (line && fields < NR_FIELDS) { field[fields++] = line; line = strchr (line, ':'); if (line) *(line++) = '\0'; } if (!strcmp (field[0], "crt")) rectype = RT_CRT; else if (!strcmp (field[0], "crs")) rectype = RT_CRS; else if (!strcmp (field[0], "fpr")) rectype = RT_FPR; else if (!strcmp (field[0], "grp")) rectype = RT_GRP; else if (!strcmp (field[0], "uid")) rectype = RT_UID; else rectype = RT_NONE; switch (rectype) { case RT_CRT: case RT_CRS: /* Reinitialize CERT. */ if (cert->valid) { gpg_error_t err; /* Return the cert. */ err = export_cert (ctx->cert.fpr, &ctx->cert); if (!err) err = ctx->search_cb (ctx->search_cb_hook, &ctx->cert); if (err) return err; cert_reset (cert); } cert->valid = true; #if 0 /* Field 2 has the trust info. */ if (fields >= 2) set_mainkey_trust_info (key, field[1]); #endif /* Field 3 has the key length. */ if (fields >= 3) { int i = atoi (field[2]); /* Ignore invalid values. */ if (i > 1) cert->length = i; } /* Field 4 has the public key algorithm. */ if (fields >= 4) { int i = atoi (field[3]); if (i >= 1 && i < 128) cert->pubkey_algo = i; } /* Field 5 has the long keyid. Allow short key IDs for the output of an external keyserver listing. */ if (fields >= 5 && strlen (field[4]) <= sizeof (cert->keyid) - 1) strcpy (cert->keyid, field[4]); /* Field 6 has the timestamp (seconds). */ if (fields >= 6) cert->timestamp = parse_timestamp (field[5], NULL); /* Field 7 has the expiration time (seconds). */ if (fields >= 7) cert->expires = parse_timestamp (field[6], NULL); /* Field 8 has the X.509 serial number. */ if (fields >= 8) { cert->issuer_serial = strdup (field[7]); if (!cert->issuer_serial) return gpg_error_from_syserror (); } #if 0 /* Field 9 has the ownertrust. */ if (fields >= 9) set_ownertrust (key, field[8]); #endif /* Field 10 is the issuer name. */ if (fields >= 10) if (decode_c_string (field[9], &cert->issuer_name, 0)) return gpg_error (GPG_ERR_ENOMEM); /* FIXME */ /* Field 11 has the signature class. */ #if 0 /* Field 12 has the capabilities. */ if (fields >= 12) set_mainkey_capability (key, field[11]); #endif break; case RT_UID: if (cert->valid) { /* Field 2 has the trust info, and field 10 has the user ID. Note that more than one UID field can appear. We only remember the last one. It's not used anyway. */ if (fields >= 10 && !cert->uid) { if (decode_c_string (field[9], &cert->uid, 0)) return gpg_error (GPG_ERR_ENOMEM); /* FIXME */ } } break; case RT_FPR: if (cert->valid) { /* Field 10 has the fingerprint (take only the first one). */ if (fields >= 10 && strlen (field[9]) <= sizeof (cert->fpr) - 1) strcpy (cert->fpr, field[9]); /* Field 13 has the gpgsm chain ID (take only the first one). */ if (fields >= 13 && strlen (field[12]) <= sizeof (cert->chain_id) - 1) strcpy (cert->chain_id, field[12]); } break; case RT_GRP: if (cert->valid) { /* Field 10 has the key grip. */ if (fields >= 10 && strlen (field[9]) <= sizeof (cert->grip) - 1) strcpy (cert->grip, field[9]); } break; case RT_NONE: /* Unknown record. */ break; } return 0; } /* This is the data line callback handler provided to assuan_transact * in scute_gpgsm_search_certs_by_{grip,fpr}. It buffers incomplete * lines, and is also used to handle the EOF signal directly outside * of assuan_transact. */ static gpg_error_t keylist_cb (void *hook, const void *line_data, size_t line_len) { struct keylist_ctx *ctx = hook; const char *line = line_data; gpg_error_t err; if (!line) { /* This indicates an EOF. */ /* Check for a pending line, in case GPGSM didn't close with a newline. */ if (ctx->pending_len) { err = keylist_cb_line (ctx); if (err) return err; } /* Check for a pending certificate and return it. */ if (ctx->cert.valid) { err = export_cert (ctx->cert.fpr, &ctx->cert); if (!err) err = ctx->search_cb (ctx->search_cb_hook, &ctx->cert); } else err = 0; return err; } while (line_len) { if (*line == '\n') { err = keylist_cb_line (ctx); if (err) return err; } else { if (ctx->pending_len >= MAX_LINE_LEN) return gpg_error (GPG_ERR_LINE_TOO_LONG); ctx->pending[ctx->pending_len++] = *line; } line++; line_len--; } return 0; } struct export_hook { /* The exported data. */ char *buffer; /* The length of the exported data buffer. */ unsigned int buffer_len; /* The size of the allocated exported data buffer. */ unsigned int buffer_size; }; #define EXP_DATA_START 4096 static gpg_error_t export_cert_cb (void *hook, const void *line_data, size_t line_len) { struct export_hook *exp = hook; const char *line = line_data; if (exp->buffer_size - exp->buffer_len < line_len) { unsigned int new_buffer_size = exp->buffer_size ? (exp->buffer_size * 2) : EXP_DATA_START; char *new_buffer = realloc (exp->buffer, new_buffer_size); if (!new_buffer) return gpg_error_from_syserror (); exp->buffer = new_buffer; exp->buffer_size = new_buffer_size; } memcpy (exp->buffer + exp->buffer_len, line, line_len); exp->buffer_len += line_len; return 0; } /* Export the certifciate using a second assuan connection. This is * called during the key listing after a "crt" record has been * received. */ static gpg_error_t export_cert (const char *fpr, struct cert *cert) { gpg_error_t err; assuan_context_t ctx; const char *argv[] = { "gpgsm", "--server", NULL }; #define COMMANDLINELEN 80 char cmd[COMMANDLINELEN]; struct export_hook exp; err = assuan_new (&ctx); if (err) { DEBUG (DBG_CRIT, "failed to allocate assuan context: %s", gpg_strerror (err)); return err; } err = assuan_pipe_connect (ctx, get_gpgsm_path (), argv, NULL, NULL, NULL, 128); if (err) { assuan_release (ctx); DEBUG (DBG_CRIT, "spawning %s\n", get_gpgsm_path ()); return err; } exp.buffer = NULL; exp.buffer_len = 0; exp.buffer_size = 0; snprintf (cmd, sizeof (cmd), "EXPORT --data -- %s", cert->fpr); err = assuan_transact (ctx, cmd, export_cert_cb, &exp, NULL, NULL, NULL, NULL); assuan_release (ctx); if (!err) { cert->cert_der = exp.buffer; cert->cert_der_len = exp.buffer_len; } if (!err) err = scute_agent_is_trusted (fpr, &cert->is_trusted); return err; } /* Search for certificates using a key listing using PATTERN which is * described by MODE. Invoke SEARCH_CB for each certificate found. */ gpg_error_t scute_gpgsm_search_certs (enum keylist_modes mode, const char *pattern, cert_search_cb_t search_cb, void *search_cb_hook) { gpg_error_t err; assuan_context_t ctx; const char *argv[] = { "gpgsm", "--server", NULL }; char line[ASSUAN_LINELENGTH]; struct keylist_ctx keylist_ctx; err = assuan_new (&ctx); if (err) { DEBUG (DBG_CRIT, "failed to allocate assuan context: %s", gpg_strerror (err)); return err; } err = assuan_pipe_connect (ctx, get_gpgsm_path (), argv, NULL, NULL, NULL, 128); if (err) { assuan_release (ctx); DEBUG (DBG_CRIT, "failed to spawn %s\n", get_gpgsm_path ()); return err; } memset (&keylist_ctx, 0, sizeof keylist_ctx); keylist_ctx.search_cb = search_cb; keylist_ctx.search_cb_hook = search_cb_hook; err = assuan_transact (ctx, "OPTION with-key-data", NULL, NULL, NULL, NULL, NULL, NULL); if (err) goto leave; snprintf (line, sizeof line, "LISTKEYS %s%s", mode == KEYLIST_BY_GRIP? "&":"", pattern); err = assuan_transact (ctx, line, keylist_cb, &keylist_ctx, NULL, NULL, NULL, NULL); if (err) goto leave; /* Signal the EOF. This is not done by Assuan for us. */ err = keylist_cb (&keylist_ctx, NULL, 0); if (err) goto leave; leave: cert_reset (&keylist_ctx.cert); assuan_release (ctx); return err; } diff --git a/src/cert-object.c b/src/cert-object.c index a0f07bd..d3a594d 100644 --- a/src/cert-object.c +++ b/src/cert-object.c @@ -1,817 +1,808 @@ /* cert-object.c - Convert a GPGSM certificate into a PKCS #11 object. - Copyright (C) 2006, 2007 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006, 2007 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include #include #include #include #include "cryptoki.h" #include "support.h" #include "cert.h" #include "debug.h" #define atoi_1(p) (*(p) - '0' ) #define atoi_2(p) ((atoi_1(p) * 10) + atoi_1((p)+1)) #define atoi_4(p) ((atoi_2(p) * 100) + atoi_2((p)+2)) #if 0 /* Currently not used. */ static bool time_to_ck_date (time_t *atime, CK_DATE *ckdate) { struct tm broken_time; int nr; if (!*atime) return false; #ifdef HAVE_LOCALTIME_R if (!localtime_r (atime, &broken_time)) return false; #else { /* FIXME: This is not thread-safe, but it minimizes risk. */ struct tm *b_time = localtime (atime); if (!b_time) return false; memcpy (&broken_time, b_time, sizeof (*b_time)); } #endif /* We can only represent years until 9999. */ if (!(broken_time.tm_year >= 0 && broken_time.tm_year <= 8099 && broken_time.tm_mon >= 0 && broken_time.tm_mon <= 11 && broken_time.tm_mday >= 1 && broken_time.tm_mday <= 31)) { DEBUG (DBG_INFO, "unrepresentable time %i-%i-%i", broken_time.tm_year, broken_time.tm_mon, broken_time.tm_mday); return false; } #define LAST_DIGIT(d) (((d) % 10) + '0') nr = broken_time.tm_year + 1900; ckdate->year[3] = LAST_DIGIT (nr); nr = nr / 10; ckdate->year[2] = LAST_DIGIT (nr); nr = nr / 10; ckdate->year[1] = LAST_DIGIT (nr); nr = nr / 10; ckdate->year[0] = LAST_DIGIT (nr); nr = broken_time.tm_mon + 1; ckdate->month[1] = LAST_DIGIT (nr); nr = nr / 10; ckdate->month[0] = LAST_DIGIT (nr); nr = broken_time.tm_mday; ckdate->day[1] = LAST_DIGIT (nr); nr = nr / 10; ckdate->day[0] = LAST_DIGIT (nr); return true; } #endif /*0*/ static gpg_error_t asn1_get_len (unsigned char **asn1, int *asn1_len, int *rlen) { unsigned char *ptr = *asn1; int len = *asn1_len; int cnt; int result = 0; if (len < 1) { DEBUG (DBG_INFO, "unexpected end of certificate"); return gpg_error (GPG_ERR_GENERAL); } if (*ptr & 0x80) { cnt = *ptr & 0x7f; ptr++; len--; } else cnt = 1; /* We only support a limited number of length bytes. */ if (cnt > 2) { DEBUG (DBG_INFO, "unsupported length field"); return gpg_error (GPG_ERR_GENERAL); } if (len < cnt) { DEBUG (DBG_INFO, "unexpected end of certificate"); return gpg_error (GPG_ERR_GENERAL); } while (cnt--) { result = (result << 8) | *ptr; ptr++; len--; } *asn1 = ptr; *asn1_len = len; *rlen = result; return 0; } /* A path to an ASN.1 element that can be looked up with asn1_get_element. The last element in the list is returned (that one should have ENTER being false. */ struct asn1_path { unsigned char tag; /* True if we should enter the element, false if we should skip it. */ bool enter; }; static gpg_error_t asn1_get_element (unsigned char *cert, int cert_len, unsigned char **sub_start, int *sub_len, struct asn1_path *path, int path_size) { gpg_error_t err; unsigned char *prev_certp = NULL; unsigned char *certp = cert; int cert_left = cert_len; int len; int i; for (i = 0; i < path_size; i++) { prev_certp = certp; if (cert_left < 1) { DEBUG (DBG_INFO, "unexpected end of certificate"); return gpg_error (GPG_ERR_GENERAL); } if (*certp != path[i].tag) { DEBUG (DBG_INFO, "wrong element in lookup path"); return gpg_error (GPG_ERR_GENERAL); } certp++; cert_left--; err = asn1_get_len (&certp, &cert_left, &len); if (err) return err; if (!path[i].enter) { if (cert_left < len) { DEBUG (DBG_INFO, "unexpected end of certificate"); return gpg_error (GPG_ERR_GENERAL); } certp += len; cert_left -= len; } else { /* Special code to deal with ASN.1 data encapsulated in a bit string. */ if (path[i].tag == '\x03') { if (cert_left < 1) { DEBUG (DBG_INFO, "unexpected end of certificate"); return gpg_error (GPG_ERR_GENERAL); } if (*certp != '\x00') { DEBUG (DBG_INFO, "expected binary encapsulation missing"); return gpg_error (GPG_ERR_GENERAL); } certp++; cert_left--; } } } /* We found the subject. */ *sub_start = prev_certp; *sub_len = certp - prev_certp; return 0; } static gpg_error_t asn1_get_issuer (unsigned char *cert, int cert_len, unsigned char **sub_start, int *sub_len) { /* The path to the issuer entry in the DER file. This is Sequence->Sequence->Version,Serial,AlgID,Issuer. */ struct asn1_path path[] = { { '\x30', true }, { '\x30', true }, { '\xa0', false }, { '\x02', false }, { '\x30', false }, { '\x30', false } }; return asn1_get_element (cert, cert_len, sub_start, sub_len, path, DIM (path)); } static gpg_error_t asn1_get_subject (unsigned char *cert, int cert_len, unsigned char **sub_start, int *sub_len) { /* The path to the subject entry in the DER file. This is Sequence->Sequence->Version,Serial,AlgID,Issuer,Time,Subject. */ struct asn1_path path[] = { { '\x30', true }, { '\x30', true }, { '\xa0', false }, { '\x02', false }, { '\x30', false }, { '\x30', false }, { '\x30', false }, { '\x30', false } }; return asn1_get_element (cert, cert_len, sub_start, sub_len, path, DIM (path)); } static gpg_error_t asn1_get_serial (unsigned char *cert, int cert_len, unsigned char **sub_start, int *sub_len) { /* The path to the serial entry in the DER file. This is Sequence->Sequence->Version,Serial. */ struct asn1_path path[] = { { '\x30', true }, { '\x30', true }, { '\xa0', false }, { '\x02', false } }; return asn1_get_element (cert, cert_len, sub_start, sub_len, path, DIM (path)); } static gpg_error_t asn1_get_modulus (unsigned char *cert, int cert_len, unsigned char **sub_start, int *sub_len) { gpg_error_t err; int len; struct asn1_path path[] = { { '\x30', true }, { '\x30', true }, { '\xa0', false }, { '\x02', false }, { '\x30', false }, { '\x30', false }, { '\x30', false }, { '\x30', false }, { '\x30', true }, { '\x30', false }, { '\x03', true }, { '\x30', true }, { '\x02', false } }; /* The path to the modulus entry in the DER file. This is Sequence->Sequence->Version,Serial,AlgID,Issuer,Time,Subject, Sequence->Sequence,Bitstring->Sequence->Integer,Integer */ err = asn1_get_element (cert, cert_len, sub_start, sub_len, path, DIM (path)); if (err) return err; if (*sub_len < 1) { DEBUG (DBG_INFO, "modulus too short"); return gpg_error (GPG_ERR_GENERAL); } (*sub_start)++; (*sub_len)--; err = asn1_get_len (sub_start, sub_len, &len); if (err) return err; /* PKCS #11 expects an unsigned big integer. */ while (**sub_start == '\x00' && *sub_len > 0) { (*sub_start)++; (*sub_len)--; } return 0; } static gpg_error_t asn1_get_public_exp (unsigned char *cert, int cert_len, unsigned char **sub_start, int *sub_len) { gpg_error_t err; int len; /* The path to the public exp entry in the DER file. This is Sequence->Sequence->Version,Serial,AlgID,Issuer,Time,Subject, Sequence->Sequence,Bitstring->Sequence->Integer,Integer */ struct asn1_path path[] = { { '\x30', true }, { '\x30', true }, { '\xa0', false }, { '\x02', false }, { '\x30', false }, { '\x30', false }, { '\x30', false }, { '\x30', false }, { '\x30', true }, { '\x30', false }, { '\x03', true }, { '\x30', true }, { '\x02', false }, { '\x02', false } }; err = asn1_get_element (cert, cert_len, sub_start, sub_len, path, DIM (path)); if (err) return err; if (*sub_len < 1) { DEBUG (DBG_INFO, "public exponent too short"); return gpg_error (GPG_ERR_GENERAL); } (*sub_start)++; (*sub_len)--; err = asn1_get_len (sub_start, sub_len, &len); if (err) return err; /* PKCS #11 expects an unsigned big integer. */ while (**sub_start == '\x00' && *sub_len > 0) { (*sub_start)++; (*sub_len)--; } return 0; } static gpg_error_t attr_one (CK_ATTRIBUTE_PTR attr, CK_ULONG *attr_count, CK_ATTRIBUTE_TYPE type, CK_VOID_PTR val, CK_ULONG size) { CK_ULONG i = *attr_count; attr[i].type = type; attr[i].ulValueLen = size; attr[i].pValue = malloc (size); if (attr[i].pValue == NULL) { DEBUG (DBG_CRIT, "out of memory"); return gpg_error (GPG_ERR_ENOMEM); } memcpy (attr[i].pValue, val, size); (*attr_count)++; return 0; } static gpg_error_t attr_empty (CK_ATTRIBUTE_PTR attr, CK_ULONG *attr_count, CK_ATTRIBUTE_TYPE type) { CK_ULONG i = *attr_count; attr[i].type = type; attr[i].ulValueLen = 0; attr[i].pValue = NULL_PTR; (*attr_count)++; return 0; } void scute_attr_free (CK_ATTRIBUTE_PTR attr, CK_ULONG attr_count) { while (0 < attr_count--) free (attr[attr_count].pValue); } gpg_error_t scute_attr_cert (struct cert *cert, const char *grip, CK_ATTRIBUTE_PTR *attrp, CK_ULONG *attr_countp) { CK_RV err = 0; CK_ATTRIBUTE_PTR attr; CK_ULONG attr_count; unsigned char *subject_start; int subject_len; unsigned char *issuer_start; int issuer_len; unsigned char *serial_start; int serial_len; CK_OBJECT_CLASS obj_class = CKO_CERTIFICATE; CK_BBOOL obj_token = CK_TRUE; CK_BBOOL obj_private = CK_FALSE; CK_BBOOL obj_modifiable = CK_FALSE; CK_CERTIFICATE_TYPE obj_cert_type = CKC_X_509; CK_BBOOL obj_trusted = cert->is_trusted; CK_ULONG obj_cert_cat = 0; CK_BYTE obj_check_value[3] = { '\0', '\0', '\0' }; CK_DATE obj_start_date; CK_DATE obj_end_date; CK_ULONG obj_java_midp_sec_domain = 0; err = asn1_get_subject (cert->cert_der, cert->cert_der_len, &subject_start, &subject_len); if (err) { DEBUG (DBG_INFO, "rejecting certificate: could not get subject: %s", gpg_strerror (err)); return err; } err = asn1_get_issuer (cert->cert_der, cert->cert_der_len, &issuer_start, &issuer_len); if (err) { DEBUG (DBG_INFO, "rejecting certificate: could not get issuer: %s", gpg_strerror (err)); return err; } err = asn1_get_serial (cert->cert_der, cert->cert_der_len, &serial_start, &serial_len); if (err) { DEBUG (DBG_INFO, "rejecting certificate: could not get serial: %s", gpg_strerror (err)); return err; } #define NR_ATTR_CERT 20 attr = malloc (sizeof (CK_ATTRIBUTE) * NR_ATTR_CERT); attr_count = 0; if (!attr) { DEBUG (DBG_INFO, "out of memory"); return gpg_error (GPG_ERR_ENOMEM); } if (!err) err = attr_one (attr, &attr_count, CKA_CLASS, &obj_class, sizeof obj_class); if (!err) err = attr_one (attr, &attr_count, CKA_TOKEN, &obj_token, sizeof obj_token); if (!err) err = attr_one (attr, &attr_count, CKA_PRIVATE, &obj_private, sizeof obj_private); if (!err) err = attr_one (attr, &attr_count, CKA_MODIFIABLE, &obj_modifiable, sizeof obj_modifiable); if (!err) { if (*cert->certref) err = attr_one (attr, &attr_count, CKA_LABEL, cert->certref, strlen (cert->certref)); else err = attr_one (attr, &attr_count, CKA_LABEL, "DummyLabel", 10); } if (!err) err = attr_one (attr, &attr_count, CKA_CERTIFICATE_TYPE, &obj_cert_type, sizeof obj_cert_type); if (!err) err = attr_one (attr, &attr_count, CKA_TRUSTED, &obj_trusted, sizeof obj_trusted); if (!err) err = attr_one (attr, &attr_count, CKA_CERTIFICATE_CATEGORY, &obj_cert_cat, sizeof obj_cert_cat); /* FIXME: Calculate check_value. */ if (!err) err = attr_one (attr, &attr_count, CKA_CHECK_VALUE, &obj_check_value, sizeof obj_check_value); #if 0 if (time_to_ck_date (&cert->timestamp, &obj_start_date)) { if (!err) err = attr_one (attr, &attr_count, CKA_START_DATE, &obj_start_date, sizeof obj_start_date); } if (time_to_ck_date (&cert->expires, &obj_end_date)) { if (!err) err = attr_one (attr, &attr_count, CKA_END_DATE, &obj_end_date, sizeof obj_end_date); } #else /* For now, we disable these fields. We can parse them from the certificate just as the other data. However, we would like to avoid parsing the certificates at all, let's see how much functionality we really need in the PKCS#11 token first. */ (void)obj_start_date; (void)obj_end_date; if (!err) err = attr_empty (attr, &attr_count, CKA_START_DATE); if (!err) err = attr_empty (attr, &attr_count, CKA_END_DATE); #endif /* Note: This attribute is mandatory. Without it, Firefox client authentication won't work. */ if (!err) err = attr_one (attr, &attr_count, CKA_SUBJECT, subject_start, subject_len); /* We construct the CKA_ID from the CERTREF and the KEYGRIP. This * allows us to use both values as needed. */ if (!err) { char cka_id_buffer[200]; snprintf (cka_id_buffer, sizeof cka_id_buffer, "%s %s", *cert->certref ? cert->certref:"-", grip && *grip? grip : "?" ); err = attr_one (attr, &attr_count, CKA_ID, cka_id_buffer, strlen (cka_id_buffer)); } if (!err) err = attr_one (attr, &attr_count, CKA_ISSUER, issuer_start, issuer_len); if (!err) err = attr_one (attr, &attr_count, CKA_SERIAL_NUMBER, serial_start, serial_len); if (!err) err = attr_one (attr, &attr_count, CKA_VALUE, cert->cert_der, cert->cert_der_len); if (!err) err = attr_empty (attr, &attr_count, CKA_URL); if (!err) err = attr_empty (attr, &attr_count, CKA_HASH_OF_SUBJECT_PUBLIC_KEY); if (!err) err = attr_empty (attr, &attr_count, CKA_HASH_OF_ISSUER_PUBLIC_KEY); if (!err) err = attr_one (attr, &attr_count, CKA_JAVA_MIDP_SECURITY_DOMAIN, &obj_java_midp_sec_domain, sizeof obj_java_midp_sec_domain); if (err) { DEBUG (DBG_INFO, "could not build certificate object: %s", gpg_strerror (err)); scute_attr_free (attr, attr_count); return err; } /* FIXME: Not completely safe. */ assert (NR_ATTR_CERT >= attr_count); *attrp = attr; *attr_countp = attr_count; return 0; } gpg_error_t scute_attr_prv (struct cert *cert, const char *grip, CK_ATTRIBUTE_PTR *attrp, CK_ULONG *attr_countp) { CK_RV err = 0; CK_ATTRIBUTE_PTR attr; CK_ULONG attr_count; unsigned char *subject_start; int subject_len; unsigned char *modulus_start; int modulus_len; unsigned char *public_exp_start; int public_exp_len; CK_OBJECT_CLASS obj_class = CKO_PRIVATE_KEY; CK_BBOOL obj_token = CK_TRUE; CK_BBOOL obj_private = CK_FALSE; CK_BBOOL obj_modifiable = CK_FALSE; CK_KEY_TYPE obj_key_type = CKK_RSA; CK_DATE obj_start_date; CK_DATE obj_end_date; CK_BBOOL obj_derive = CK_FALSE; CK_BBOOL obj_local = CK_FALSE; /* FIXME: Unknown. */ CK_MECHANISM_TYPE obj_key_gen = CKM_RSA_PKCS_KEY_PAIR_GEN; CK_MECHANISM_TYPE obj_mechanisms[] = { CKM_RSA_PKCS }; CK_BBOOL obj_sensitive = CK_TRUE; CK_BBOOL obj_decrypt = CK_FALSE; /* Authentication only for now. */ CK_BBOOL obj_sign = CK_TRUE; CK_BBOOL obj_sign_recover = CK_FALSE; CK_BBOOL obj_unwrap = CK_FALSE; CK_BBOOL obj_extractable = CK_FALSE; CK_BBOOL obj_always_sensitive = CK_TRUE; CK_BBOOL obj_never_extractable = CK_TRUE; CK_BBOOL obj_wrap_with_trusted = CK_FALSE; CK_BBOOL obj_always_authenticate = CK_FALSE; err = asn1_get_subject (cert->cert_der, cert->cert_der_len, &subject_start, &subject_len); if (err) { DEBUG (DBG_INFO, "rejecting certificate: could not get subject: %s", gpg_strerror (err)); return err; } err = asn1_get_modulus (cert->cert_der, cert->cert_der_len, &modulus_start, &modulus_len); if (err) { DEBUG (DBG_INFO, "rejecting certificate: could not get modulus: %s", gpg_strerror (err)); return err; } err = asn1_get_public_exp (cert->cert_der, cert->cert_der_len, &public_exp_start, &public_exp_len); if (err) { DEBUG (DBG_INFO, "rejecting certificate: could not get public exp: %s", gpg_strerror (err)); return err; } #define NR_ATTR_PRV 27 attr = malloc (sizeof (CK_ATTRIBUTE) * NR_ATTR_PRV); attr_count = 0; if (!attr) { DEBUG (DBG_INFO, "out of core"); return gpg_error (GPG_ERR_ENOMEM); } if (!err) err = attr_one (attr, &attr_count, CKA_CLASS, &obj_class, sizeof obj_class); if (!err) err = attr_one (attr, &attr_count, CKA_TOKEN, &obj_token, sizeof obj_token); if (!err) err = attr_one (attr, &attr_count, CKA_PRIVATE, &obj_private, sizeof obj_private); if (!err) err = attr_one (attr, &attr_count, CKA_MODIFIABLE, &obj_modifiable, sizeof obj_modifiable); if (!err) { if (*cert->certref) err = attr_one (attr, &attr_count, CKA_LABEL, cert->certref, strlen (cert->certref)); else err = attr_one (attr, &attr_count, CKA_LABEL, "DummyLabel", 10); } if (!err) err = attr_one (attr, &attr_count, CKA_KEY_TYPE, &obj_key_type, sizeof obj_key_type); /* We construct the CKA_ID from the CERTREF and the KEYGRIP. This * allows us to use both values as needed. */ if (!err) { char cka_id_buffer[200]; snprintf (cka_id_buffer, sizeof cka_id_buffer, "%s %s", *cert->certref ? cert->certref:"-", grip && *grip? grip : "?" ); err = attr_one (attr, &attr_count, CKA_ID, cka_id_buffer, strlen (cka_id_buffer)); } #if 0 /* For now, we disable these fields. We can parse them from the certificate just as the other data. However, we would like to avoid parsing the certificates at all, let's see how much functionality we really need in the PKCS#11 token first. */ /* This code currently only works for certificates retrieved through gpgsm. */ if (time_to_ck_date (&cert->timestamp, &obj_start_date)) { if (!err) err = attr_one (attr, &attr_count, CKA_START_DATE, &obj_start_date, sizeof obj_start_date); } if (time_to_ck_date (&cert->expires, &obj_end_date)) { if (!err) err = attr_one (attr, &attr_count, CKA_END_DATE, &obj_end_date, sizeof obj_end_date); } #else /* For now, we disable these fields. We can parse them from the certificate just as the other data. However, we would like to avoid parsing the certificates at all, let's see how much functionality we really need in the PKCS#11 token first. */ (void)obj_start_date; (void)obj_end_date; if (!err) err = attr_empty (attr, &attr_count, CKA_START_DATE); if (!err) err = attr_empty (attr, &attr_count, CKA_END_DATE); #endif if (!err) err = attr_one (attr, &attr_count, CKA_DERIVE, &obj_derive, sizeof obj_derive); if (!err) err = attr_one (attr, &attr_count, CKA_LOCAL, &obj_local, sizeof obj_local); if (!err) err = attr_one (attr, &attr_count, CKA_KEY_GEN_MECHANISM, &obj_key_gen, sizeof obj_key_gen); if (!err) err = attr_one (attr, &attr_count, CKA_ALLOWED_MECHANISMS, &obj_mechanisms, sizeof obj_mechanisms); if (!err) err = attr_one (attr, &attr_count, CKA_SUBJECT, subject_start, subject_len); if (!err) err = attr_one (attr, &attr_count, CKA_SENSITIVE, &obj_sensitive, sizeof obj_sensitive); if (!err) err = attr_one (attr, &attr_count, CKA_DECRYPT, &obj_decrypt, sizeof obj_decrypt); if (!err) err = attr_one (attr, &attr_count, CKA_SIGN, &obj_sign, sizeof obj_sign); if (!err) err = attr_one (attr, &attr_count, CKA_SIGN_RECOVER, &obj_sign_recover, sizeof obj_sign_recover); if (!err) err = attr_one (attr, &attr_count, CKA_UNWRAP, &obj_unwrap, sizeof obj_unwrap); if (!err) err = attr_one (attr, &attr_count, CKA_EXTRACTABLE, &obj_extractable, sizeof obj_extractable); if (!err) err = attr_one (attr, &attr_count, CKA_ALWAYS_SENSITIVE, &obj_always_sensitive, sizeof obj_always_sensitive); if (!err) err = attr_one (attr, &attr_count, CKA_NEVER_EXTRACTABLE, &obj_never_extractable, sizeof obj_never_extractable); if (!err) err = attr_one (attr, &attr_count, CKA_WRAP_WITH_TRUSTED, &obj_wrap_with_trusted, sizeof obj_wrap_with_trusted); if (!err) err = attr_empty (attr, &attr_count, CKA_UNWRAP_TEMPLATE); if (!err) err = attr_one (attr, &attr_count, CKA_ALWAYS_AUTHENTICATE, &obj_always_authenticate, sizeof obj_always_authenticate); if (!err) err = attr_one (attr, &attr_count, CKA_MODULUS, modulus_start, modulus_len); if (!err) err = attr_one (attr, &attr_count, CKA_PUBLIC_EXPONENT, public_exp_start, public_exp_len); if (err) { DEBUG (DBG_INFO, "could not build private certificate object: %s", gpg_strerror (err)); scute_attr_free (attr, attr_count); return err; } /* FIXME: Not completely safe. */ assert (NR_ATTR_PRV >= attr_count); *attrp = attr; *attr_countp = attr_count; return 0; } diff --git a/src/cryptoki.h b/src/cryptoki.h index 1446e4f..fed3747 100644 --- a/src/cryptoki.h +++ b/src/cryptoki.h @@ -1,37 +1,28 @@ /* cryptoki.h - A wrapper for the cryptoki interface. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #ifndef _CRYPTOKI_H_ #define _CRYPTOKI_H_ 1 #define CRYPTOKI_EXPORTS #include "pkcs11.h" #endif /* !_CRYPTOKI_H_ */ diff --git a/src/debug.c b/src/debug.c index 82638c6..66ab8c4 100644 --- a/src/debug.c +++ b/src/debug.c @@ -1,142 +1,133 @@ /* debug.c - Cryptoki implementation. - Copyright (C) 2008 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2008 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include #include #include #include #include "debug.h" FILE *_scute_debug_stream; unsigned int _scute_debug_flags; #ifdef HAVE_W32_SYSTEM #define PATHSEP_C ';' #else #define PATHSEP_C ':' #endif /* Remove leading and trailing white spaces. */ static char * trim_spaces (char *str) { char *string, *p, *mark; string = str; /* Find first non space character. */ for (p = string; *p && isspace (*(unsigned char *) p); p++) ; /* Move characters. */ for (mark = NULL; (*string = *p); string++, p++) if (isspace (*(unsigned char *) p)) { if (!mark) mark = string; } else mark = NULL; if (mark) *mark = '\0'; /* Remove trailing spaces. */ return str; } #include void _scute_debug_init (void) { static int initialized; if (!initialized) { char *e; const char *s1, *s2; FILE *stream; e = getenv ("SCUTE_DEBUG"); initialized = 1; - + stream = stderr; if (e) { _scute_debug_flags = atoi (e); s1 = strchr (e, PATHSEP_C); if (s1) { #ifndef HAVE_W32_SYSTEM if (getuid () == geteuid ()) { #endif char *p; FILE *fp; s1++; if (!(s2 = strchr (s1, PATHSEP_C))) s2 = s1 + strlen (s1); p = malloc (s2 - s1 + 1); if (p) { memcpy (p, s1, s2 - s1); p[s2-s1] = 0; trim_spaces (p); fp = fopen (p,"a"); if (fp) { setvbuf (fp, NULL, _IOLBF, 0); stream = fp; } free (p); } #ifndef HAVE_W32_SYSTEM } #endif } } if (_scute_debug_flags > 0) fprintf (stream, "scute debug init: flags=0x%x\n", _scute_debug_flags); assuan_set_assuan_log_prefix ("scute-assuan"); _scute_debug_stream = stream; } } diff --git a/src/debug.h b/src/debug.h index a123636..3a223fb 100644 --- a/src/debug.h +++ b/src/debug.h @@ -1,56 +1,47 @@ /* debug.c - Debug interface. - Copyright (C) 2006, 2008 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006, 2008 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #ifndef DEBUG_H #define DEBUG_H 1 #include #define DEBUG_PREFIX "scute: " #define DBG_CRIT 0 #define DBG_INFO (1 << 0) #define DBG_ASSUAN (1 << 1) extern FILE *_scute_debug_stream; extern unsigned int _scute_debug_flags; #define DEBUG(flag, format, ...) \ do \ { \ if (_scute_debug_flags & (flag) || flag == DBG_CRIT) \ fprintf (_scute_debug_stream, \ DEBUG_PREFIX "%s: " format "\n", __func__, ##__VA_ARGS__); \ } \ while (0) void _scute_debug_init (void); #endif /* !DEBUG_H */ diff --git a/src/dllmain.c b/src/dllmain.c index 440b2b7..9e48f9d 100644 --- a/src/dllmain.c +++ b/src/dllmain.c @@ -1,49 +1,50 @@ -/* main.cc - DLL entry point - Copyright (C) 2007 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public License - as published by the Free Software Foundation; either version 2.1 - of the License, or (at your option) any later version. - - Scute is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ +/* dllmain.c - DLL entry point (Windows) + * Copyright (C) 2007 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include #include #include #include /* Entry point called by DLL loader. */ STDAPI DllMain (HINSTANCE hinst, DWORD reason, LPVOID reserved) { if (reason == DLL_PROCESS_ATTACH) { WSADATA wsadat; - + WSAStartup (0x202, &wsadat); } else if (reason == DLL_PROCESS_DETACH) { WSACleanup (); } - + return TRUE; } diff --git a/src/error-mapping.c b/src/error-mapping.c index ce6b0b6..fdad5ab 100644 --- a/src/error-mapping.c +++ b/src/error-mapping.c @@ -1,92 +1,83 @@ /* error-mapping.c - Scute error mapping. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include "cryptoki.h" #include "debug.h" #include "error-mapping.h" /* Map a system error code to a cryptoki return value. */ CK_RV scute_sys_to_ck (int err) { switch (err) { case 0: return CKR_OK; - + case ENOMEM: return CKR_HOST_MEMORY; default: /* CKR_GENERAL_ERROR is too strong. */ return CKR_FUNCTION_FAILED; } } /* Map a GnuPG error code to a cryptoki return value. */ CK_RV scute_gpg_err_to_ck (gpg_error_t err) { if (err) DEBUG (DBG_CRIT, "Error occurred: %s (%s)\n", gpg_strerror (err), gpg_strsource (err)); switch (gpg_err_code (err)) { case GPG_ERR_NO_ERROR: return CKR_OK; case GPG_ERR_NO_AGENT: return CKR_GENERAL_ERROR; case GPG_ERR_ENOMEM: return CKR_HOST_MEMORY; case GPG_ERR_BAD_PIN: return CKR_PIN_INCORRECT; case GPG_ERR_PIN_BLOCKED: return CKR_PIN_LOCKED; default: /* CKR_GENERAL_ERROR is too strong. */ return CKR_FUNCTION_FAILED; } } diff --git a/src/error-mapping.h b/src/error-mapping.h index 5cc88a9..f4781bf 100644 --- a/src/error-mapping.h +++ b/src/error-mapping.h @@ -1,45 +1,36 @@ /* error-mapping.c - Scute error mapping interface. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #ifndef ERROR_MAPPING_H #define ERROR_MAPPING_H 1 #include #include #include "cryptoki.h" /* Map a system error code to a cryptoki return value. */ CK_RV scute_sys_to_ck (int err); /* Map a GnuPG error code to a cryptoki return value. */ CK_RV scute_gpg_err_to_ck (gpg_error_t err); #endif /* !ERROR_MAPPING_H */ diff --git a/src/get-path.c b/src/get-path.c index bb24b12..521c727 100644 --- a/src/get-path.c +++ b/src/get-path.c @@ -1,311 +1,302 @@ /* agent.c - Talking to gpg-agent. - Copyright (C) 2008 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ - -#ifdef HAVE_CONFIG_H + * Copyright (C) 2008 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ + +#if HAVE_CONFIG_H #include #endif #include #include #include #ifdef HAVE_W32_SYSTEM #include #include #include #endif #include "support.h" #ifdef HAVE_W32_SYSTEM #define RTLD_LAZY 0 static __inline__ void * dlopen (const char * name, int flag) { void * hd = LoadLibrary (name); return hd; } static __inline__ void * dlsym (void * hd, const char * sym) { if (hd && sym) { void * fnc = GetProcAddress (hd, sym); if (!fnc) return NULL; return fnc; } return NULL; } static __inline__ int dlclose (void * hd) { if (hd) { FreeLibrary (hd); return 0; } return -1; -} +} /* Return a string from the W32 Registry or NULL in case of error. Caller must release the return value. A NULL for root is an alias for HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE in turn. */ static char * read_w32_registry_string (const char *root, const char *dir, const char *name) { HKEY root_key, key_handle; DWORD n1, nbytes, type; char *result = NULL; - + if ( !root ) root_key = HKEY_CURRENT_USER; else if ( !strcmp( root, "HKEY_CLASSES_ROOT" ) ) root_key = HKEY_CLASSES_ROOT; else if ( !strcmp( root, "HKEY_CURRENT_USER" ) ) root_key = HKEY_CURRENT_USER; else if ( !strcmp( root, "HKEY_LOCAL_MACHINE" ) ) root_key = HKEY_LOCAL_MACHINE; else if ( !strcmp( root, "HKEY_USERS" ) ) root_key = HKEY_USERS; else if ( !strcmp( root, "HKEY_PERFORMANCE_DATA" ) ) root_key = HKEY_PERFORMANCE_DATA; else if ( !strcmp( root, "HKEY_CURRENT_CONFIG" ) ) root_key = HKEY_CURRENT_CONFIG; else return NULL; - + if ( RegOpenKeyEx ( root_key, dir, 0, KEY_READ, &key_handle ) ) { if (root) return NULL; /* no need for a RegClose, so return direct */ /* It seems to be common practise to fall back to HKLM. */ if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, dir, 0, KEY_READ, &key_handle) ) return NULL; /* still no need for a RegClose, so return direct */ } nbytes = 1; if ( RegQueryValueEx( key_handle, name, 0, NULL, NULL, &nbytes ) ) { if (root) goto leave; /* Try to fallback to HKLM also vor a missing value. */ RegCloseKey (key_handle); if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, dir, 0, KEY_READ, &key_handle) ) return NULL; /* Nope. */ if (RegQueryValueEx ( key_handle, name, 0, NULL, NULL, &nbytes)) goto leave; } result = malloc ( (n1=nbytes+1) ); if ( !result ) goto leave; if ( RegQueryValueEx ( key_handle, name, 0, &type, result, &n1 ) ) { free(result); result = NULL; goto leave; } result[nbytes] = 0; /* Make sure it is really a string. */ - if (type == REG_EXPAND_SZ && strchr (result, '%')) + if (type == REG_EXPAND_SZ && strchr (result, '%')) { char *tmp; - + n1 += 1000; tmp = malloc (n1+1); if (!tmp) goto leave; nbytes = ExpandEnvironmentStrings (result, tmp, n1); if (nbytes && nbytes > n1) { free (tmp); n1 = nbytes; tmp = malloc (n1 + 1); if (!tmp) goto leave; nbytes = ExpandEnvironmentStrings (result, tmp, n1); if (nbytes && nbytes > n1) { free (tmp); /* Oops - truncated, better don't expand at all. */ goto leave; } tmp[nbytes] = 0; free (result); result = tmp; } else if (nbytes) /* Okay, reduce the length. */ { tmp[nbytes] = 0; free (result); result = malloc (strlen (tmp)+1); if (!result) result = tmp; - else + else { strcpy (result, tmp); free (tmp); } } else /* Error - don't expand. */ { free (tmp); } } leave: RegCloseKey( key_handle ); return result; } /* This is a helper function to load and run a Windows function from either of one DLLs. */ static HRESULT w32_shgetfolderpath (HWND a, int b, HANDLE c, DWORD d, LPSTR e) { static int initialized; static HRESULT (WINAPI * func)(HWND,int,HANDLE,DWORD,LPSTR); if (!initialized) { static char *dllnames[] = { "shell32.dll", "shfolder.dll", NULL }; void *handle; int i; initialized = 1; for (i=0, handle = NULL; !handle && dllnames[i]; i++) { handle = dlopen (dllnames[i], RTLD_LAZY); if (handle) { func = dlsym (handle, "SHGetFolderPathA"); if (!func) { dlclose (handle); handle = NULL; } } } } if (func) return func (a,b,c,d,e); else return -1; } static char * find_program_in_inst_dir (const char *name) { char *result = NULL; char *tmp; tmp = read_w32_registry_string ("HKEY_LOCAL_MACHINE", "Software\\GNU\\GnuPG", "Install Directory"); if (!tmp) return NULL; result = malloc (strlen (tmp) + 1 + strlen (name) + 1); if (!result) { free (tmp); return NULL; } strcpy (stpcpy (stpcpy (result, tmp), "\\"), name); free (tmp); if (access (result, F_OK)) { free (result); return NULL; } return result; } static char * find_program_at_standard_place (const char *name) { char path[MAX_PATH]; char *result = NULL; - - if (w32_shgetfolderpath (NULL, CSIDL_PROGRAM_FILES, NULL, 0, path) >= 0) + + if (w32_shgetfolderpath (NULL, CSIDL_PROGRAM_FILES, NULL, 0, path) >= 0) { result = malloc (strlen (path) + 1 + strlen (name) + 1); if (result) { strcpy (stpcpy (stpcpy (result, path), "\\"), name); if (access (result, F_OK)) { free (result); result = NULL; } } } return result; } #endif const char * get_gpgsm_path (void) { static const char *pgmname; #ifdef HAVE_W32_SYSTEM if (!pgmname) pgmname = find_program_in_inst_dir ("gpgsm.exe"); if (!pgmname) pgmname = find_program_at_standard_place ("GNU\\GnuPG\\gpgsm.exe"); #endif if (!pgmname) pgmname = GPGSM_PATH; return pgmname; } const char * get_gpg_connect_agent_path (void) { static const char *pgmname; #ifdef HAVE_W32_SYSTEM if (!pgmname) pgmname = find_program_in_inst_dir ("gpg-connect-agent.exe"); if (!pgmname) pgmname = find_program_at_standard_place ("GNU\\GnuPG\\gpg-connect-agent.exe"); #endif if (!pgmname) pgmname = GPG_CONNECT_AGENT_PATH; return pgmname; } diff --git a/src/gpgsm.c b/src/gpgsm.c index b0d4c4c..5c3e220 100644 --- a/src/gpgsm.c +++ b/src/gpgsm.c @@ -1,166 +1,157 @@ /* gpgsm.c - Talking to gpgsm. - Copyright (C) 2006, 2008 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006, 2008 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include #include #include #include #include #include #include "cryptoki.h" #include "support.h" #include "cert.h" #include "agent.h" #include "gpgsm.h" #include "debug.h" /* Communication object for search_cb. */ struct search_cb_parm { bool found; /* Set to true if a private key object was found. */ cert_get_cb_t cert_get_cb; void *hook; bool with_chain; const char *grip; }; static gpg_error_t search_cb (void *hook, struct cert *cert) { struct search_cb_parm *ctx = hook; gpg_error_t err = 0; CK_ATTRIBUTE_PTR attrp; CK_ULONG attr_countp; /* Add the private key object only once. */ if (!ctx->found) { err = scute_attr_prv (cert, ctx->grip, &attrp, &attr_countp); if (err) return err; err = (*ctx->cert_get_cb) (ctx->hook, attrp, attr_countp); if (err) { scute_attr_free (attrp, attr_countp); return err; } ctx->found = true; } /* Add the certificate chain recursively before adding the certificate. But ignore errors. If the chain is incomplete, we might still be able to proceed, for example with client authentication. */ if (ctx->with_chain && strcmp (cert->chain_id, cert->fpr)) scute_gpgsm_search_certs (KEYLIST_BY_FPR, cert->chain_id, search_cb, ctx); /* Turn this certificate into a certificate object. */ err = scute_attr_cert (cert, ctx->grip, &attrp, &attr_countp); if (err) return err; err = (*ctx->cert_get_cb) (ctx->hook, attrp, attr_countp); if (err) { scute_attr_free (attrp, attr_countp); return err; } return err; } /* Create the attributes required for a new certificate object. If * CERTREF is not NULL it is used to locate the cert directly from the * card; if CERTREF is NULL or a cert was not found on the card, GRIP * is used to find the certificate in the local key store of gpgsm. * * FIXME: This is all pretty questionable because our input data * always comes from the card. * * Returns allocated attributes for the certificate object in ATTRP * and ATTR_COUNTP, and for the private key object in PRV_ATTRP and * PRV_ATTR_COUNTP. */ gpg_error_t scute_gpgsm_get_cert (char *grip, const char *certref, cert_get_cb_t cert_get_cb, void *hook) { gpg_error_t err; struct search_cb_parm search; search.found = false; search.cert_get_cb = cert_get_cb; search.hook = hook; search.with_chain = false; search.grip = grip; DEBUG (DBG_INFO, "scute_gpgsm_get_cert: certref='%s'", certref); /* If the cert is requested from the card, we try to get it from * the card as well. */ if (certref) { struct cert cert; memset (&cert, '\0', sizeof (cert)); err = scute_agent_get_cert (certref, &cert); if (! err) { #if 0 /* For now, we don't need no stinking chain. */ /* As we only have the DER certificate from the card, we need to parse that and fill out the missing info and try to get the certificate chain from gpgsm. */ err = scute_cert_from_der (&cert); #endif if (! err) err = search_cb (&search, &cert); return err; } } DEBUG (DBG_INFO, "scute_gpgsm_get_cert: falling back to gpgsm"); search.with_chain = true; err = scute_gpgsm_search_certs (KEYLIST_BY_GRIP, grip, search_cb, &search); return err; } diff --git a/src/libscute.vers b/src/libscute.vers index b8be2e9..2a5705b 100644 --- a/src/libscute.vers +++ b/src/libscute.vers @@ -1,107 +1,97 @@ # libscute.vers - List of symbols to export. # Copyright (C) 2002, 2004, 2005, 2006 g10 Code GmbH # # This file is part of Scute. # # Scute is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. # # Scute is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. +# Lesser General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with Scute; if not, write to the Free Software Foundation, -# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -# -# In addition, as a special exception, g10 Code GmbH gives permission -# to link this library: with the Mozilla Fondations's code for -# Mozilla (or with modified versions of it that use the same license -# as the "Mozilla" code), and distribute the linked executables. You -# must obey the GNU General Public License in all respects for all of -# the code used other than "Mozilla". If you modify this file, you -# may extend this exception to your version of the file, but you are -# not obligated to do so. If you do not wish to do so, delete this -# exception statement from your version. +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . +# SPDX-License-Identifier: LGPL-2.1-or-later #---------------------------------------------------------- # Please remember to add new functions also to scute.def #---------------------------------------------------------- SCUTE_1.0 { global: C_CancelFunction; C_CloseAllSessions; C_CloseSession; C_CopyObject; C_CreateObject; C_Decrypt; C_DecryptDigestUpdate; C_DecryptFinal; C_DecryptInit; C_DecryptUpdate; C_DecryptVerifyUpdate; C_DeriveKey; C_DestroyObject; C_Digest; C_DigestEncryptUpdate; C_DigestFinal; C_DigestInit; C_DigestKey; C_DigestUpdate; C_Encrypt; C_EncryptFinal; C_EncryptInit; C_EncryptUpdate; C_Finalize; C_FindObjects; C_FindObjectsFinal; C_FindObjectsInit; C_GenerateKey; C_GenerateKeyPair; C_GenerateRandom; C_GetAttributeValue; C_GetFunctionList; C_GetFunctionStatus; C_GetInfo; C_GetMechanismInfo; C_GetMechanismList; C_GetObjectSize; C_GetOperationState; C_GetSessionInfo; C_GetSlotInfo; C_GetSlotList; C_GetTokenInfo; C_InitPIN; C_InitToken; C_Initialize; C_Login; C_Logout; C_OpenSession; C_SeedRandom; C_SetAttributeValue; C_SetOperationState; C_SetPIN; C_Sign; C_SignEncryptUpdate; C_SignFinal; C_SignInit; C_SignRecover; C_SignRecoverInit; C_SignUpdate; C_UnwrapKey; C_Verify; C_VerifyFinal; C_VerifyInit; C_VerifyRecover; C_VerifyRecoverInit; C_VerifyUpdate; C_WaitForSlotEvent; C_WrapKey; local: *; }; diff --git a/src/locking.c b/src/locking.c index d377f5a..696c7db 100644 --- a/src/locking.c +++ b/src/locking.c @@ -1,115 +1,106 @@ /* locking.c - Locking support. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include "locking.h" /* Our copy of the initialization arguments. */ static CK_C_INITIALIZE_ARGS init_args; /* The global lock. */ mutex_t scute_lock; /* Initialize the locking support. ARGS is as provided to C_Initialize. */ CK_RV scute_locking_initialize (CK_C_INITIALIZE_ARGS_PTR args) { CK_RV err; if (args) init_args = *args; err = scute_mutex_create (&scute_lock); if (err) { if (args) memset (&init_args, 0, sizeof (init_args)); return err; } return CKR_OK; } /* Finalize the locking support. ARGS is as provided to C_Initialize. */ void scute_locking_finalize (void) { (void) scute_mutex_destroy (scute_lock); memset (&init_args, 0, sizeof (init_args)); } CK_RV scute_mutex_create (mutex_t *mutexp) { if (init_args.CreateMutex) return (*init_args.CreateMutex) (mutexp); return 0; } CK_RV scute_mutex_destroy (mutex_t mutex) { if (init_args.DestroyMutex) return (*init_args.DestroyMutex) (mutex); return 0; } CK_RV scute_mutex_lock (mutex_t mutex) { if (init_args.LockMutex) return (*init_args.LockMutex) (mutex); return 0; } CK_RV scute_mutex_unlock (mutex_t mutex) { if (init_args.LockMutex) return (*init_args.UnlockMutex) (mutex); return 0; } diff --git a/src/locking.h b/src/locking.h index 8710de2..e45e0b4 100644 --- a/src/locking.h +++ b/src/locking.h @@ -1,83 +1,74 @@ /* locking.h - Scute locking interface. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #ifndef LOCKING_H #define LOCKING_H 1 #include "cryptoki.h" /* The lock type. */ typedef void *mutex_t; /* Initialize the locking support. ARGS is as provided to C_Initialize. */ CK_RV scute_locking_initialize (CK_C_INITIALIZE_ARGS_PTR args); /* Finalize the locking support. ARGS is as provided to C_Initialize. */ void scute_locking_finalize (void); /* Create a new mutex object. */ CK_RV scute_mutex_create (mutex_t *mutexp); /* Destroy an existing mutex object. */ CK_RV scute_mutex_destroy (mutex_t mutex); /* Lock a mutex object. */ CK_RV scute_mutex_lock (mutex_t mutex); /* Unlock a mutex object. */ CK_RV scute_mutex_unlock (mutex_t mutex); /* Scute is single-threaded, thus there is a single global lock taken at all entry points except for C_GetFunctionList, C_Initialize, C_Finalize and stubs. */ /* The global lock. */ extern mutex_t scute_lock; /* Take the global lock. */ static inline CK_RV scute_global_lock (void) { return scute_mutex_lock (scute_lock); } /* Release the global lock. */ static inline void scute_global_unlock (void) { (void) scute_mutex_unlock (scute_lock); } #endif /* !LOCKING_H */ diff --git a/src/p11-cancelfunction.c b/src/p11-cancelfunction.c index 458385d..2215720 100644 --- a/src/p11-cancelfunction.c +++ b/src/p11-cancelfunction.c @@ -1,42 +1,33 @@ /* p11-cancelfunction.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_CancelFunction (CK_SESSION_HANDLE hSession) { (void) hSession; return CKR_FUNCTION_NOT_PARALLEL; } diff --git a/src/p11-closeallsessions.c b/src/p11-closeallsessions.c index c09df24..f024d23 100644 --- a/src/p11-closeallsessions.c +++ b/src/p11-closeallsessions.c @@ -1,59 +1,50 @@ /* p11-closeallsessions.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "locking.h" #include "slots.h" CK_RV CK_SPEC C_CloseAllSessions (CK_SLOT_ID slotID) { CK_RV err = CKR_OK; slot_iterator_t slot; err = scute_global_lock (); if (err) return err; err = slots_lookup (slotID, &slot); if (err) goto out; err = slot_close_all_sessions (slot); out: scute_global_unlock (); return err; } diff --git a/src/p11-closesession.c b/src/p11-closesession.c index aeb09d4..669b842 100644 --- a/src/p11-closesession.c +++ b/src/p11-closesession.c @@ -1,60 +1,51 @@ /* p11-closesession.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "locking.h" #include "slots.h" CK_RV CK_SPEC C_CloseSession (CK_SESSION_HANDLE hSession) { CK_RV err = CKR_OK; slot_iterator_t slot; session_iterator_t session; err = scute_global_lock (); if (err) return err; err = slots_lookup_session (hSession, &slot, &session); if (err) goto out; err = slot_close_session (slot, session); out: scute_global_unlock (); return err; } diff --git a/src/p11-copyobject.c b/src/p11-copyobject.c index 8230595..015584f 100644 --- a/src/p11-copyobject.c +++ b/src/p11-copyobject.c @@ -1,48 +1,39 @@ /* p11-copyobject.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_CopyObject (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phNewObject) { (void) hSession; (void) hObject; (void) pTemplate; (void) ulCount; (void) phNewObject; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-createobject.c b/src/p11-createobject.c index be62075..55b615c 100644 --- a/src/p11-createobject.c +++ b/src/p11-createobject.c @@ -1,46 +1,37 @@ /* p11-createobject.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_CreateObject (CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phObject) { (void) hSession; (void) pTemplate; (void) ulCount; (void) phObject; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-decrypt.c b/src/p11-decrypt.c index 4764102..8530720 100644 --- a/src/p11-decrypt.c +++ b/src/p11-decrypt.c @@ -1,49 +1,40 @@ /* p11-decrypt.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_Decrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) { /* FIXME: Implement this. */ (void) hSession; (void) pEncryptedData; (void) ulEncryptedDataLen; (void) pData; (void) pulDataLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-decryptdigestupdate.c b/src/p11-decryptdigestupdate.c index 80943c1..fc5a0d4 100644 --- a/src/p11-decryptdigestupdate.c +++ b/src/p11-decryptdigestupdate.c @@ -1,48 +1,39 @@ /* p11-decryptdigestupdate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DecryptDigestUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) { (void) hSession; (void) pEncryptedPart; (void) ulEncryptedPartLen; (void) pPart; (void) pulPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-decryptfinal.c b/src/p11-decryptfinal.c index 77e41c9..d855280 100644 --- a/src/p11-decryptfinal.c +++ b/src/p11-decryptfinal.c @@ -1,46 +1,37 @@ /* p11-decryptfinal.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DecryptFinal (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastPart, CK_ULONG_PTR pulLastPartLen) { /* FIXME: Implement this. */ (void) hSession; (void) pLastPart; (void) pulLastPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-decryptinit.c b/src/p11-decryptinit.c index 1f73d8a..dce1e00 100644 --- a/src/p11-decryptinit.c +++ b/src/p11-decryptinit.c @@ -1,46 +1,37 @@ /* p11-decryptinit.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DecryptInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { /* FIXME: Implement this. */ (void) hSession; (void) pMechanism; (void) hKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-decryptupdate.c b/src/p11-decryptupdate.c index 4939475..79843a1 100644 --- a/src/p11-decryptupdate.c +++ b/src/p11-decryptupdate.c @@ -1,48 +1,39 @@ /* p11-decryptupdate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DecryptUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart,CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) { (void) hSession; (void) pEncryptedPart; (void) ulEncryptedPartLen; (void) pPart; (void) pulPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-decryptverifyupdate.c b/src/p11-decryptverifyupdate.c index d98e546..b32361f 100644 --- a/src/p11-decryptverifyupdate.c +++ b/src/p11-decryptverifyupdate.c @@ -1,48 +1,39 @@ /* p11-decryptverifyupdate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DecryptVerifyUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedPart, CK_ULONG ulEncryptedPartLen, CK_BYTE_PTR pPart, CK_ULONG_PTR pulPartLen) { (void) hSession; (void) pEncryptedPart; (void) ulEncryptedPartLen; (void) pPart; (void) pulPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-derivekey.c b/src/p11-derivekey.c index 615ef88..23e10cf 100644 --- a/src/p11-derivekey.c +++ b/src/p11-derivekey.c @@ -1,49 +1,40 @@ /* p11-derivekey.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DeriveKey (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hBaseKey, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey) { (void) hSession; (void) pMechanism; (void) hBaseKey; (void) pTemplate; (void) ulAttributeCount; (void) phKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-destroyobject.c b/src/p11-destroyobject.c index 7f942a4..7c119f1 100644 --- a/src/p11-destroyobject.c +++ b/src/p11-destroyobject.c @@ -1,43 +1,34 @@ /* p11-destroyobject.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DestroyObject (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject) { /* FIXME: Implement this. */ (void) hSession; (void) hObject; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-digest.c b/src/p11-digest.c index 393a588..414dc76 100644 --- a/src/p11-digest.c +++ b/src/p11-digest.c @@ -1,47 +1,38 @@ /* p11-digest.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_Digest (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) { (void) hSession; (void) pData; (void) ulDataLen; (void) pDigest; (void) pulDigestLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-digestencryptupdate.c b/src/p11-digestencryptupdate.c index b608b74..67efcef 100644 --- a/src/p11-digestencryptupdate.c +++ b/src/p11-digestencryptupdate.c @@ -1,49 +1,40 @@ /* p11-digestencryptupdate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DigestEncryptUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen) { (void) hSession; (void) pPart; (void) ulPartLen; (void) pEncryptedPart; (void) pulEncryptedPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-digestfinal.c b/src/p11-digestfinal.c index ba29f24..edec94c 100644 --- a/src/p11-digestfinal.c +++ b/src/p11-digestfinal.c @@ -1,45 +1,36 @@ /* p11-digestfinal.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DigestFinal (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, CK_ULONG_PTR pulDigestLen) { (void) hSession; (void) pDigest; (void) pulDigestLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-digestinit.c b/src/p11-digestinit.c index a4da028..c52359e 100644 --- a/src/p11-digestinit.c +++ b/src/p11-digestinit.c @@ -1,43 +1,34 @@ /* p11-digestinit.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DigestInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism) { (void) hSession; (void) pMechanism; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-digestkey.c b/src/p11-digestkey.c index 0ccf809..5480798 100644 --- a/src/p11-digestkey.c +++ b/src/p11-digestkey.c @@ -1,42 +1,33 @@ /* p11-digestkey.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DigestKey (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey) { (void) hSession; (void) hKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-digestupdate.c b/src/p11-digestupdate.c index 6567582..59c3f84 100644 --- a/src/p11-digestupdate.c +++ b/src/p11-digestupdate.c @@ -1,44 +1,35 @@ /* p11-digestupdate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_DigestUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) { (void) hSession; (void) pPart; (void) ulPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-encrypt.c b/src/p11-encrypt.c index 254f265..f56768a 100644 --- a/src/p11-encrypt.c +++ b/src/p11-encrypt.c @@ -1,47 +1,38 @@ /* p11-encrypt.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_Encrypt (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pEncryptedData, CK_ULONG_PTR pulEncryptedDataLen) { (void) hSession; (void) pData; (void) ulDataLen; (void) pEncryptedData; (void) pulEncryptedDataLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-encryptfinal.c b/src/p11-encryptfinal.c index 74010c4..c27eb14 100644 --- a/src/p11-encryptfinal.c +++ b/src/p11-encryptfinal.c @@ -1,45 +1,36 @@ /* p11-encryptfinal.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_EncryptFinal (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pLastEncryptedPart, CK_ULONG_PTR pulLastEncryptedPartLen) { (void) hSession; (void) pLastEncryptedPart; (void) pulLastEncryptedPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-encryptinit.c b/src/p11-encryptinit.c index 0fca3af..d769a91 100644 --- a/src/p11-encryptinit.c +++ b/src/p11-encryptinit.c @@ -1,44 +1,35 @@ /* p11-encryptinit.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_EncryptInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { (void) hSession; (void) pMechanism; (void) hKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-encryptupdate.c b/src/p11-encryptupdate.c index 43f9bce..432fdf3 100644 --- a/src/p11-encryptupdate.c +++ b/src/p11-encryptupdate.c @@ -1,47 +1,38 @@ /* p11-encryptupdate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_EncryptUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen) { (void) hSession; (void) pPart; (void) ulPartLen; (void) pEncryptedPart; (void) pulEncryptedPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-finalize.c b/src/p11-finalize.c index de5f989..7dbd00b 100644 --- a/src/p11-finalize.c +++ b/src/p11-finalize.c @@ -1,63 +1,54 @@ /* p11-finalize.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #ifdef HAVE_W32_SYSTEM #define __USE_W32_SOCKETS 1 #include #endif #include "cryptoki.h" #include "slots.h" #include "agent.h" #include "locking.h" CK_RV CK_SPEC C_Finalize (CK_VOID_PTR pReserved) { /* This is one of the few functions which do not need to take the global lock. */ if (pReserved != NULL_PTR) return CKR_ARGUMENTS_BAD; scute_slots_finalize (); scute_agent_finalize (); scute_locking_finalize (); #ifdef HAVE_W32_SYSTEM WSACleanup (); #endif return CKR_OK; } diff --git a/src/p11-findobjects.c b/src/p11-findobjects.c index 26fa879..b355189 100644 --- a/src/p11-findobjects.c +++ b/src/p11-findobjects.c @@ -1,83 +1,74 @@ /* p11-findobjects.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include "cryptoki.h" #include "locking.h" #include "slots.h" #define MIN(a,b) ((a) < (b) ? (a) : (b)) CK_RV CK_SPEC C_FindObjects (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject, CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount) { CK_RV err = CKR_OK; CK_ULONG count; slot_iterator_t slot; session_iterator_t session; object_iterator_t *oids; int oids_len; if (!pulObjectCount) return CKR_ARGUMENTS_BAD; err = scute_global_lock (); if (err) return err; err = slots_lookup_session (hSession, &slot, &session); if (err) goto out; err = session_get_search_result (slot, session, &oids, &oids_len); assert (!err); count = MIN ((int) ulMaxObjectCount, oids_len); memcpy (phObject, oids, sizeof (CK_OBJECT_HANDLE) * count); oids_len = oids_len - count; memmove (oids, oids + count, sizeof (CK_OBJECT_HANDLE) * oids_len); err = session_set_search_result (slot, session, oids, oids_len); assert (!err); *pulObjectCount = count; out: scute_global_unlock (); return err; } diff --git a/src/p11-findobjectsfinal.c b/src/p11-findobjectsfinal.c index 4737b27..64b3dcc 100644 --- a/src/p11-findobjectsfinal.c +++ b/src/p11-findobjectsfinal.c @@ -1,62 +1,53 @@ /* p11-findobjectsfinal.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include "cryptoki.h" #include "locking.h" #include "slots.h" CK_RV CK_SPEC C_FindObjectsFinal (CK_SESSION_HANDLE hSession) { CK_RV err = CKR_OK; slot_iterator_t slot; session_iterator_t session; err = scute_global_lock (); if (err) return err; err = slots_lookup_session (hSession, &slot, &session); if (err) goto out; err = session_set_search_result (slot, session, NULL, 0); out: scute_global_unlock (); return err; } diff --git a/src/p11-findobjectsinit.c b/src/p11-findobjectsinit.c index 4db1d26..cecfb68 100644 --- a/src/p11-findobjectsinit.c +++ b/src/p11-findobjectsinit.c @@ -1,138 +1,129 @@ /* p11-findobjectsinit.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include #include "cryptoki.h" #include "locking.h" #include "error-mapping.h" #include "slots.h" CK_RV CK_SPEC C_FindObjectsInit (CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) { CK_RV err = CKR_OK; slot_iterator_t slot; session_iterator_t session; object_iterator_t object; object_iterator_t *search_result; int search_result_len = 0; if (ulCount && pTemplate == NULL_PTR) return CKR_ARGUMENTS_BAD; err = scute_global_lock (); if (err) return err; err = slots_lookup_session (hSession, &slot, &session); if (err) goto out; err = slot_get_object_count (slot, &search_result_len); if (err) goto out; search_result = malloc (search_result_len * sizeof (object_iterator_t)); if (!search_result) { err = scute_sys_to_ck (errno); goto out; } search_result_len = 0; err = objects_iterate_first (slot, &object); if (err) { free (search_result); goto out; } while (!objects_iterate_last (slot, &object) && !err) { CK_ATTRIBUTE_PTR attr; CK_ULONG attr_count; err = slot_get_object (slot, object, &attr, &attr_count); if (!err) { CK_ULONG count = ulCount; /* For each template attribute, check if it matches the object. */ while (count--) { CK_ULONG i; for (i = 0; i < attr_count; i++) if (attr[i].type == pTemplate[count].type) break; /* Lots of ways not to match. */ if (i == attr_count) break; if (pTemplate[count].ulValueLen != attr[i].ulValueLen) break; if (memcmp (pTemplate[count].pValue, attr[i].pValue, attr[i].ulValueLen)) break; } if (count == (CK_ULONG) -1) { /* Got a match. */ search_result[search_result_len++] = object; } err = objects_iterate_next (slot, &object); } } if (err) { free (search_result); goto out; } err = session_set_search_result (slot, session, search_result, search_result_len); out: scute_global_unlock (); return err; } diff --git a/src/p11-generatekey.c b/src/p11-generatekey.c index 587ad94..e916442 100644 --- a/src/p11-generatekey.c +++ b/src/p11-generatekey.c @@ -1,48 +1,39 @@ /* p11-generatekey.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_GenerateKey (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount, CK_OBJECT_HANDLE_PTR phKey) { (void) hSession; (void) pMechanism; (void) pTemplate; (void) ulCount; (void) phKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-generatekeypair.c b/src/p11-generatekeypair.c index d37a2e1..3873633 100644 --- a/src/p11-generatekeypair.c +++ b/src/p11-generatekeypair.c @@ -1,55 +1,46 @@ /* p11-generatekeypair.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_GenerateKeyPair (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate, CK_ULONG ulPublicKeyAttributeCount, CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount, CK_OBJECT_HANDLE_PTR phPublicKey, CK_OBJECT_HANDLE_PTR phPrivateKey) { (void) hSession; (void) pMechanism; (void) pPublicKeyTemplate; (void) ulPublicKeyAttributeCount; (void) pPrivateKeyTemplate; (void) ulPrivateKeyAttributeCount; (void) phPublicKey; (void) phPrivateKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-generaterandom.c b/src/p11-generaterandom.c index 338f957..f5cc8e9 100644 --- a/src/p11-generaterandom.c +++ b/src/p11-generaterandom.c @@ -1,64 +1,55 @@ /* p11-generaterandom.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "locking.h" #include "slots.h" #include "agent.h" #include "error-mapping.h" CK_RV CK_SPEC C_GenerateRandom (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pRandomData, CK_ULONG ulRandomLen) { CK_RV err; slot_iterator_t slot; session_iterator_t session; if (pRandomData == NULL_PTR) return CKR_ARGUMENTS_BAD; err = scute_global_lock (); if (err) return err; err = slots_lookup_session (hSession, &slot, &session); if (!err) err = scute_gpg_err_to_ck (scute_agent_get_random (pRandomData, ulRandomLen)); scute_global_unlock (); return err; } diff --git a/src/p11-getattributevalue.c b/src/p11-getattributevalue.c index 4dd31c8..7532033 100644 --- a/src/p11-getattributevalue.c +++ b/src/p11-getattributevalue.c @@ -1,103 +1,94 @@ /* p11-getattributevalue.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include "cryptoki.h" #include "locking.h" #include "slots.h" CK_RV CK_SPEC C_GetAttributeValue (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) { CK_RV err = CKR_OK; slot_iterator_t slot; session_iterator_t session; CK_ATTRIBUTE_PTR attr; CK_ULONG attr_count; if (pTemplate == NULL_PTR) return CKR_ARGUMENTS_BAD; err = scute_global_lock (); if (err) return err; err = slots_lookup_session (hSession, &slot, &session); if (err) goto out; err = slot_get_object (slot, hObject, &attr, &attr_count); if (err) goto out; while (ulCount--) { CK_ULONG i; for (i = 0; i < attr_count; i++) if (attr[i].type == pTemplate[ulCount].type) break; if (i == attr_count) { pTemplate[ulCount].ulValueLen = -1; err = CKR_ATTRIBUTE_TYPE_INVALID; } else { CK_ATTRIBUTE_PTR attribute = &attr[i]; pTemplate[ulCount].ulValueLen = attribute->ulValueLen; if (pTemplate[ulCount].pValue) { if (pTemplate[ulCount].ulValueLen >= attribute->ulValueLen) memcpy (pTemplate[ulCount].pValue, attribute->pValue, attribute->ulValueLen); else { pTemplate[ulCount].ulValueLen = -1; err = CKR_BUFFER_TOO_SMALL; } } } } out: scute_global_unlock (); return err; } diff --git a/src/p11-getfunctionlist.c b/src/p11-getfunctionlist.c index f06f8ca..3987758 100644 --- a/src/p11-getfunctionlist.c +++ b/src/p11-getfunctionlist.c @@ -1,126 +1,117 @@ /* p11-getfunctionlist.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "settings.h" /* The list of exported functions. */ static CK_FUNCTION_LIST function_list = { version: { major: VERSION_MAJOR, minor: VERSION_MINOR }, C_Initialize: C_Initialize, C_Finalize: C_Finalize, C_GetInfo: C_GetInfo, C_GetFunctionList: C_GetFunctionList, C_GetSlotList: C_GetSlotList, C_GetSlotInfo: C_GetSlotInfo, C_GetTokenInfo: C_GetTokenInfo, C_GetMechanismList: C_GetMechanismList, C_GetMechanismInfo: C_GetMechanismInfo, C_InitToken: C_InitToken, C_InitPIN: C_InitPIN, C_SetPIN: C_SetPIN, C_OpenSession: C_OpenSession, C_CloseSession: C_CloseSession, C_CloseAllSessions: C_CloseAllSessions, C_GetSessionInfo: C_GetSessionInfo, C_GetOperationState: C_GetOperationState, C_SetOperationState: C_SetOperationState, C_Login: C_Login, C_Logout: C_Logout, C_CreateObject: C_CreateObject, C_CopyObject: C_CopyObject, C_DestroyObject: C_DestroyObject, C_GetObjectSize: C_GetObjectSize, C_GetAttributeValue: C_GetAttributeValue, C_SetAttributeValue: C_SetAttributeValue, C_FindObjectsInit: C_FindObjectsInit, C_FindObjects: C_FindObjects, C_FindObjectsFinal: C_FindObjectsFinal, C_EncryptInit: C_EncryptInit, C_Encrypt: C_Encrypt, C_EncryptUpdate: C_EncryptUpdate, C_EncryptFinal: C_EncryptFinal, C_DecryptInit: C_DecryptInit, C_Decrypt: C_Decrypt, C_DecryptUpdate: C_DecryptUpdate, C_DecryptFinal: C_DecryptFinal, C_DigestInit: C_DigestInit, C_Digest: C_Digest, C_DigestUpdate: C_DigestUpdate, C_DigestKey: C_DigestKey, C_DigestFinal: C_DigestFinal, C_SignInit: C_SignInit, C_Sign: C_Sign, C_SignUpdate: C_SignUpdate, C_SignFinal: C_SignFinal, C_SignRecoverInit: C_SignRecoverInit, C_SignRecover: C_SignRecover, C_VerifyInit: C_VerifyInit, C_Verify: C_Verify, C_VerifyUpdate: C_VerifyUpdate, C_VerifyFinal: C_VerifyFinal, C_VerifyRecoverInit: C_VerifyRecoverInit, C_VerifyRecover: C_VerifyRecover, C_DigestEncryptUpdate: C_DigestEncryptUpdate, C_DecryptDigestUpdate: C_DecryptDigestUpdate, C_SignEncryptUpdate: C_SignEncryptUpdate, C_DecryptVerifyUpdate: C_DecryptVerifyUpdate, C_GenerateKey: C_GenerateKey, C_GenerateKeyPair: C_GenerateKeyPair, C_WrapKey: C_WrapKey, C_UnwrapKey: C_UnwrapKey, C_DeriveKey: C_DeriveKey, C_SeedRandom: C_SeedRandom, C_GenerateRandom: C_GenerateRandom, C_GetFunctionStatus: C_GetFunctionStatus, C_CancelFunction: C_CancelFunction, C_WaitForSlotEvent: C_WaitForSlotEvent }; CK_RV CK_SPEC C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR ppFunctionList) { /* This is one of the few functions which do not need to take the global lock. */ if (ppFunctionList == NULL_PTR) return CKR_ARGUMENTS_BAD; *ppFunctionList = &function_list; return CKR_OK; } diff --git a/src/p11-getfunctionstatus.c b/src/p11-getfunctionstatus.c index 8fe156c..2a325cd 100644 --- a/src/p11-getfunctionstatus.c +++ b/src/p11-getfunctionstatus.c @@ -1,42 +1,33 @@ /* p11-getfunctionstatus.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_GetFunctionStatus (CK_SESSION_HANDLE hSession) { (void) hSession; return CKR_FUNCTION_NOT_PARALLEL; } diff --git a/src/p11-getinfo.c b/src/p11-getinfo.c index 5e053dd..28bb841 100644 --- a/src/p11-getinfo.c +++ b/src/p11-getinfo.c @@ -1,55 +1,46 @@ /* p11-getinfo.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "support.h" #include "settings.h" CK_RV CK_SPEC C_GetInfo (CK_INFO_PTR pInfo) { if (pInfo == NULL_PTR) return CKR_ARGUMENTS_BAD; pInfo->cryptokiVersion.major = CRYPTOKI_VERSION_MAJOR; pInfo->cryptokiVersion.minor = CRYPTOKI_VERSION_MINOR; scute_copy_string (pInfo->manufacturerID, MANUFACTURER_ID, 32); pInfo->flags = 0; scute_copy_string (pInfo->libraryDescription, LIBRARY_DESCRIPTION, 32); pInfo->libraryVersion.major = VERSION_MAJOR; pInfo->libraryVersion.minor = VERSION_MINOR; return CKR_OK; } diff --git a/src/p11-getmechanisminfo.c b/src/p11-getmechanisminfo.c index 2c11e95..3a1184a 100644 --- a/src/p11-getmechanisminfo.c +++ b/src/p11-getmechanisminfo.c @@ -1,68 +1,59 @@ /* p11-getmechanisminfo.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "locking.h" #include "slots.h" CK_RV CK_SPEC C_GetMechanismInfo (CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR pInfo) { CK_RV err = CKR_OK; slot_iterator_t slot; mechanism_iterator_t mechanism; if (pInfo == NULL_PTR) return CKR_ARGUMENTS_BAD; err = scute_global_lock (); if (err) return err; err = slots_lookup (slotID, &slot); if (err) goto out; err = mechanisms_lookup (slot, &mechanism, type); if (err) goto out; *pInfo = *(mechanism_get_info (slot, mechanism)); out: scute_global_unlock (); return CKR_OK; } diff --git a/src/p11-getmechanismlist.c b/src/p11-getmechanismlist.c index 2309424..0af104d 100644 --- a/src/p11-getmechanismlist.c +++ b/src/p11-getmechanismlist.c @@ -1,91 +1,82 @@ /* p11-getmechanismlist.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "locking.h" #include "slots.h" CK_RV CK_SPEC C_GetMechanismList (CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMechanismList, CK_ULONG_PTR pulCount) { CK_RV err = CKR_OK; CK_ULONG left; slot_iterator_t slot; mechanism_iterator_t mechanism; if (pulCount == NULL_PTR) return CKR_ARGUMENTS_BAD; err = scute_global_lock (); if (err) return err; err = slots_lookup (slotID, &slot); if (err) goto out; /* Leave LEFT positive for the whole search when only counting. */ left = pMechanismList ? *pulCount : 1; *pulCount = 0; err = mechanisms_iterate_first (slot, &mechanism); if (err) goto out; while (!mechanisms_iterate_last (slot, &mechanism) && left && !err) { (*pulCount)++; if (pMechanismList) { *(pMechanismList++) = mechanism_get_type (slot, mechanism); left--; } err = mechanisms_iterate_next (slot, &mechanism); } if (err) goto out; if (!mechanisms_iterate_last (slot, &mechanism) && !left) { err = CKR_BUFFER_TOO_SMALL; goto out; } out: scute_global_unlock (); return err; } diff --git a/src/p11-getobjectsize.c b/src/p11-getobjectsize.c index f8076dc..4a84ac3 100644 --- a/src/p11-getobjectsize.c +++ b/src/p11-getobjectsize.c @@ -1,45 +1,36 @@ /* p11-getobjectsize.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_GetObjectSize (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize) { (void) hSession; (void) hObject; (void) pulSize; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-getoperationstate.c b/src/p11-getoperationstate.c index ecc4930..31ee416 100644 --- a/src/p11-getoperationstate.c +++ b/src/p11-getoperationstate.c @@ -1,45 +1,36 @@ /* p11-getoperationstate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_GetOperationState (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, CK_ULONG_PTR pulOperationStateLen) { (void) hSession; (void) pOperationState; (void) pulOperationStateLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-getsessioninfo.c b/src/p11-getsessioninfo.c index 4ada773..e365c47 100644 --- a/src/p11-getsessioninfo.c +++ b/src/p11-getsessioninfo.c @@ -1,100 +1,91 @@ /* p11-getsessioninfo.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include "cryptoki.h" #include "locking.h" #include "slots.h" CK_RV CK_SPEC C_GetSessionInfo (CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR pInfo) { CK_RV err = CKR_OK; slot_iterator_t slot; session_iterator_t session; bool rw; if (pInfo == NULL_PTR) return CKR_ARGUMENTS_BAD; err = scute_global_lock (); if (err) return err; err = slots_lookup_session (hSession, &slot, &session); if (err) goto out; err = slots_update_slot (slot); if (err) goto out; /* We have to re-lookup the session handle, as it might just have become invalid. */ err = slots_lookup_session (hSession, &slot, &session); if (err) goto out; rw = session_get_rw (slot, session); switch (slot_get_status (slot)) { case SLOT_LOGIN_PUBLIC: pInfo->state = rw ? CKS_RW_PUBLIC_SESSION : CKS_RO_PUBLIC_SESSION; break; case SLOT_LOGIN_USER: pInfo->state = rw ? CKS_RW_USER_FUNCTIONS : CKS_RO_USER_FUNCTIONS; break; case SLOT_LOGIN_SO: assert (rw); pInfo->state = CKS_RW_SO_FUNCTIONS; break; default: assert (!"Unhandled slot login state."); break; } pInfo->slotID = slot_get_id (slot); pInfo->flags = CKF_SERIAL_SESSION | (rw ? CKF_RW_SESSION : 0); pInfo->ulDeviceError = 0; out: scute_global_unlock (); return err; } diff --git a/src/p11-getslotinfo.c b/src/p11-getslotinfo.c index 27b35df..c5bd8ed 100644 --- a/src/p11-getslotinfo.c +++ b/src/p11-getslotinfo.c @@ -1,87 +1,78 @@ /* p11-getslotinfo.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include "cryptoki.h" #include "agent.h" #include "locking.h" #include "support.h" #include "settings.h" #include "slots.h" CK_RV CK_SPEC C_GetSlotInfo (CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo) { CK_RV err = CKR_OK; slot_iterator_t slot; const char *s; int minor; err = scute_global_lock (); if (err) return err; err = slots_lookup (slotID, &slot); if (err) goto out; err = slots_update_slot (slot); if (err) goto out; /* FIXME: Query some of this from SCD. */ scute_copy_string (pInfo->slotDescription, SLOT_DESCRIPTION, 64); scute_copy_string (pInfo->manufacturerID, SLOT_MANUFACTURER_ID, 32); pInfo->flags = CKF_REMOVABLE_DEVICE | CKF_HW_SLOT; if (slot_token_present (slot)) pInfo->flags |= CKF_TOKEN_PRESENT; /* Use the gpg-agent version for the hardware version.. */ pInfo->hardwareVersion.major = scute_agent_get_agent_version (&minor); pInfo->hardwareVersion.minor = minor; /* Use Scute version as Firmware version. */ s = PACKAGE_VERSION; pInfo->firmwareVersion.major = atoi (s); s = strchr (s, '.'); pInfo->firmwareVersion.minor = s? atoi (s+1): 0; out: scute_global_unlock (); return err; } diff --git a/src/p11-getslotlist.c b/src/p11-getslotlist.c index d494ed9..0d7999c 100644 --- a/src/p11-getslotlist.c +++ b/src/p11-getslotlist.c @@ -1,106 +1,97 @@ /* p11-getslotlist.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "locking.h" #include "slots.h" /* Return the list of available slots. With TOKENPRESENT set only * slots with a present tokens are returned. If PSLOTLIST is NULL the * function only counts the number of slots and stores that number at * PULCOUNT. Further this also updates the inetrnal state and thus * this needs to be called to check for new devices. If PSLOTLIST is * not NULL it must point to an array which receives the slot * information. PULCOUNT must point to a variable which initially * holds the number of allocated slot items and will be updated on * return to the stored number of slot items. */ CK_RV CK_SPEC C_GetSlotList (CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) { CK_RV err = CKR_OK; CK_ULONG left; slot_iterator_t slot; if (pulCount == NULL_PTR) return CKR_ARGUMENTS_BAD; err = scute_global_lock (); if (err) return err; if (pSlotList == NULL_PTR) { err = slots_update (); if (err) goto out; } /* Leave LEFT positive for the whole search when only counting. */ left = pSlotList ? *pulCount : 1; *pulCount = 0; err = slots_iterate_first (&slot); if (err) goto out; while (!slots_iterate_last (&slot) && left && !err) { if (!tokenPresent || slot_token_present (slot)) { (*pulCount)++; if (pSlotList) { *(pSlotList++) = slot_get_id (slot); left--; } } err = slots_iterate_next (&slot); } if (err) goto out; if (!slots_iterate_last (&slot) && !left) { err = CKR_BUFFER_TOO_SMALL; goto out; } out: scute_global_unlock (); return err; } diff --git a/src/p11-gettokeninfo.c b/src/p11-gettokeninfo.c index bb9190a..b7cc1c7 100644 --- a/src/p11-gettokeninfo.c +++ b/src/p11-gettokeninfo.c @@ -1,118 +1,109 @@ /* p11-gettokeninfo.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "locking.h" #include "support.h" #include "settings.h" #include "slots.h" CK_RV CK_SPEC C_GetTokenInfo (CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo) { CK_RV err = CKR_OK; slot_iterator_t slot; int len; int max; err = scute_global_lock (); if (err) return err; err = slots_lookup (slotID, &slot); if (err) goto out; if (!slot_token_present (slot)) { err = CKR_TOKEN_NOT_PRESENT; goto out; } scute_copy_string (pInfo->label, slot_token_label (slot), 32); scute_copy_string (pInfo->manufacturerID, slot_token_manufacturer (slot), 32); scute_copy_string (pInfo->model, slot_token_application (slot), 16); scute_copy_string (pInfo->serialNumber, slot_token_serial (slot), 16); pInfo->flags = CKF_TOKEN_INITIALIZED | CKF_PROTECTED_AUTHENTICATION_PATH | CKF_WRITE_PROTECTED | CKF_USER_PIN_INITIALIZED; if (slot_token_has_rng (slot)) pInfo->flags |= CKF_RNG; /* FIXME: CKF_USER_PIN_INITIALIZED only if PIN is not default pin? FIXME: CKF_LOGIN_REQUIRED needed? We could implement login via the "SCD CHECKPIN" command. I am not sure how this mixes with CKF_PROTECTED_AUTHENTICATION_PATH. Not supported: CKF_RESTORE_KEY_NOT_NEEDED, CKF_DUAL_CRYPTO_OPERATIONS. FIXME: We can support those, but do we worry about SO operations? CKF_SO_PIN_COUNT_LOW, CKF_SO_PIN_FINAL_TRY, CKF_SO_PIN_LOCKED. Not supported: CKF_USER_PIN_TO_BE_CHANGED, CKF_SO_PIN_TO_BE_CHANGED. */ slot_token_pincount (slot, &max, &len); if (len < max) pInfo->flags |= CKF_USER_PIN_COUNT_LOW; if (len == 1) pInfo->flags |= CKF_USER_PIN_FINAL_TRY; else if (len == 0) pInfo->flags |= CKF_USER_PIN_LOCKED; pInfo->ulMaxSessionCount = CK_EFFECTIVELY_INFINITE; pInfo->ulSessionCount = CK_UNAVAILABLE_INFORMATION; pInfo->ulMaxRwSessionCount = CK_EFFECTIVELY_INFINITE; pInfo->ulRwSessionCount = CK_UNAVAILABLE_INFORMATION; slot_token_maxpinlen (slot, &pInfo->ulMaxPinLen, &pInfo->ulMinPinLen); /* FIXME: Get the data from SCD? */ pInfo->ulTotalPublicMemory = CK_UNAVAILABLE_INFORMATION; pInfo->ulFreePublicMemory = CK_UNAVAILABLE_INFORMATION; pInfo->ulTotalPrivateMemory = CK_UNAVAILABLE_INFORMATION; pInfo->ulFreePrivateMemory = CK_UNAVAILABLE_INFORMATION; slot_token_version (slot, &pInfo->hardwareVersion.major, &pInfo->hardwareVersion.minor, &pInfo->firmwareVersion.major, &pInfo->firmwareVersion.minor); scute_copy_string (pInfo->utcTime, "0000000000000000", 16); out: scute_global_unlock (); return err; } diff --git a/src/p11-initialize.c b/src/p11-initialize.c index d52ab59..386df0e 100644 --- a/src/p11-initialize.c +++ b/src/p11-initialize.c @@ -1,129 +1,120 @@ /* p11-initialize.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #ifdef HAVE_W32_SYSTEM #define __USE_W32_SOCKETS 1 #include #endif #include #include #include "cryptoki.h" #include "settings.h" #include "locking.h" #include "agent.h" #include "error-mapping.h" #include "slots.h" #include "debug.h" CK_RV CK_SPEC C_Initialize (CK_VOID_PTR pInitArgs) { CK_RV err; #ifdef HAVE_W32_SYSTEM WSADATA wsadat; WSAStartup (0x202, &wsadat); #endif /* This is one of the few functions which do not need to take the global lock. */ assuan_set_gpg_err_source (GPG_ERR_SOURCE_ANY); _scute_debug_init (); /* Check the threading configuration. */ if (pInitArgs != NULL_PTR) { CK_C_INITIALIZE_ARGS_PTR args = pInitArgs; bool callbacks; if (args->pReserved != NULL_PTR) return CKR_ARGUMENTS_BAD; if (NEED_TO_CREATE_THREADS && (args->flags & CKF_LIBRARY_CANT_CREATE_OS_THREADS)) return CKR_NEED_TO_CREATE_THREADS; /* Either all pointers are provided, or none are. */ if (args->CreateMutex == NULL_PTR) { if (args->DestroyMutex != NULL_PTR || args->LockMutex != NULL_PTR || args->UnlockMutex != NULL_PTR) return CKR_ARGUMENTS_BAD; callbacks = false; } else { if (args->DestroyMutex == NULL_PTR || args->LockMutex == NULL_PTR || args->UnlockMutex == NULL_PTR) return CKR_ARGUMENTS_BAD; callbacks = true; } /* FIXME: At this point, we do not support using the native thread package. */ if (!callbacks && (args->flags & CKF_OS_LOCKING_OK)) return CKR_CANT_LOCK; } err = scute_locking_initialize (pInitArgs); if (err) return err; err = scute_agent_initialize (); if (err) { scute_locking_finalize (); return scute_gpg_err_to_ck (err); } err = scute_slots_initialize (); if (err) { scute_agent_finalize (); scute_locking_finalize (); return err; } return err; } diff --git a/src/p11-initpin.c b/src/p11-initpin.c index 1c7d327..50b9913 100644 --- a/src/p11-initpin.c +++ b/src/p11-initpin.c @@ -1,44 +1,35 @@ /* p11-initpin.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_InitPIN (CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen) { (void) hSession; (void) pPin; (void) ulPinLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-inittoken.c b/src/p11-inittoken.c index 0586c4e..6e90674 100644 --- a/src/p11-inittoken.c +++ b/src/p11-inittoken.c @@ -1,46 +1,37 @@ /* p11-inittoken.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_InitToken (CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen, CK_UTF8CHAR_PTR pLabel) { (void) slotID; (void) pPin; (void) ulPinLen; (void) pLabel; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-login.c b/src/p11-login.c index afb6a8e..bbaef78 100644 --- a/src/p11-login.c +++ b/src/p11-login.c @@ -1,46 +1,37 @@ /* p11-login.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_Login (CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen) { (void) hSession; (void) userType; (void) pPin; (void) ulPinLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-logout.c b/src/p11-logout.c index bb83a3b..db7d7c3 100644 --- a/src/p11-logout.c +++ b/src/p11-logout.c @@ -1,42 +1,33 @@ /* p11-logout.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_Logout (CK_SESSION_HANDLE hSession) { (void) hSession; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-opensession.c b/src/p11-opensession.c index 32f197c..bf6e7b9 100644 --- a/src/p11-opensession.c +++ b/src/p11-opensession.c @@ -1,79 +1,70 @@ /* p11-opensession.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "locking.h" #include "slots.h" CK_RV CK_SPEC C_OpenSession (CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication, CK_NOTIFY Notify, CK_SESSION_HANDLE_PTR phSession) { CK_RV err = CKR_OK; slot_iterator_t slot; session_iterator_t session; if (!(flags & CKF_SERIAL_SESSION)) return CKR_SESSION_PARALLEL_NOT_SUPPORTED; /* We only support read-only operation for now. */ if (flags & CKF_RW_SESSION) return CKR_TOKEN_WRITE_PROTECTED; /* We ignore the notification callback data in pApplication and Notify. We never call back into the application. */ (void)pApplication; (void)Notify; err = scute_global_lock (); if (err) return err; err = slots_lookup (slotID, &slot); if (err) goto out; err = slot_create_session (slot, &session, flags & CKF_RW_SESSION); if (err) goto out; /* FIXME: Further initialisation comes here. */ *phSession = session; out: scute_global_unlock (); return err; } diff --git a/src/p11-seedrandom.c b/src/p11-seedrandom.c index 883e2e3..f21d61b 100644 --- a/src/p11-seedrandom.c +++ b/src/p11-seedrandom.c @@ -1,44 +1,35 @@ /* p11-seedrandom.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_SeedRandom (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed, CK_ULONG ulSeedLen) { (void) hSession; (void) pSeed; (void) ulSeedLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-setattributevalue.c b/src/p11-setattributevalue.c index 92117b7..bb3734c 100644 --- a/src/p11-setattributevalue.c +++ b/src/p11-setattributevalue.c @@ -1,46 +1,37 @@ /* p11-setattributevalue.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_SetAttributeValue (CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) { (void) hSession; (void) hObject; (void) pTemplate; (void) ulCount; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-setoperationstate.c b/src/p11-setoperationstate.c index 716b93b..f9d465a 100644 --- a/src/p11-setoperationstate.c +++ b/src/p11-setoperationstate.c @@ -1,49 +1,40 @@ /* p11-setoperationstate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_SetOperationState (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOperationState, CK_ULONG ulOperationStateLen, CK_OBJECT_HANDLE hEncryptionKey, CK_OBJECT_HANDLE hAuthenticationKey) { (void) hSession; (void) pOperationState; (void) ulOperationStateLen; (void) hEncryptionKey; (void) hAuthenticationKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-setpin.c b/src/p11-setpin.c index ce8eefc..e5df166 100644 --- a/src/p11-setpin.c +++ b/src/p11-setpin.c @@ -1,48 +1,39 @@ /* p11-setpin.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_SetPIN (CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewLen) { (void) hSession; (void) pOldPin; (void) ulOldLen; (void) pNewPin; (void) ulNewLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-sign.c b/src/p11-sign.c index 344bfd8..870f08c 100644 --- a/src/p11-sign.c +++ b/src/p11-sign.c @@ -1,81 +1,72 @@ /* p11-sign.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "locking.h" #include "slots.h" /* Sign the data (PDATA,ULDATALEN) using the information recorded in * the HSESSION by C_SignInit. PSIGNAURE is a buffer to receive the * signature. The length of that buffer must be stored in a variable * to which PULSIGNATURELEN points to; on success that length is * updated to the actual length of the signature in PULSIGNATURE. * * If the function returns CKR_BUFFER_TOO_SMALL no further C_SignInit * is required, instead the function can be called again with a larger * buffer. On a successful operation CKR_OK is returned and other * signatures may be created without an new C_SignInit. On all other * return codes a new C_SignInit is required. */ CK_RV CK_SPEC C_Sign (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) { CK_RV err = CKR_OK; slot_iterator_t slot; session_iterator_t session; if (pData == NULL_PTR || pulSignatureLen == NULL_PTR) return CKR_ARGUMENTS_BAD; err = scute_global_lock (); if (err) return err; err = slots_lookup_session (hSession, &slot, &session); if (err) goto out; /* FIXME: Check that C_SignInit has been called. */ err = session_sign (slot, session, pData, ulDataLen, pSignature, pulSignatureLen); out: /* FIXME: Update the flag which indicates whether C_SignInit has * been called. */ scute_global_unlock (); return err; } diff --git a/src/p11-signencryptupdate.c b/src/p11-signencryptupdate.c index 21377a7..f5a6bac 100644 --- a/src/p11-signencryptupdate.c +++ b/src/p11-signencryptupdate.c @@ -1,49 +1,40 @@ /* p11-signencryptupdate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_SignEncryptUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen, CK_BYTE_PTR pEncryptedPart, CK_ULONG_PTR pulEncryptedPartLen) { (void) hSession; (void) pPart; (void) ulPartLen; (void) pEncryptedPart; (void) pulEncryptedPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-signfinal.c b/src/p11-signfinal.c index f136c0f..1d26075 100644 --- a/src/p11-signfinal.c +++ b/src/p11-signfinal.c @@ -1,45 +1,36 @@ /* p11-signfinal.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_SignFinal (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) { (void) hSession; (void) pSignature; (void) pulSignatureLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-signinit.c b/src/p11-signinit.c index 598d91d..2c54502 100644 --- a/src/p11-signinit.c +++ b/src/p11-signinit.c @@ -1,71 +1,62 @@ /* p11-signinit.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" #include "locking.h" #include "slots.h" /* Prepare a signature operation. HSESSION is the session's handle. * PMECHANISM describes the mechanism to be used. HKEY describes the * key to be used. After calling this function either C_Sign or * (C_SignUpdate, C_SignFinal) can be used to actually sign the data. * The preparation is valid until C_Sign or C_SignFinal. */ CK_RV CK_SPEC C_SignInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { CK_RV err = CKR_OK; slot_iterator_t slot; session_iterator_t session; if (pMechanism == NULL_PTR || pMechanism->mechanism != CKM_RSA_PKCS) return CKR_ARGUMENTS_BAD; if (hKey == CK_INVALID_HANDLE) return CKR_ARGUMENTS_BAD; err = scute_global_lock (); if (err) return err; err = slots_lookup_session (hSession, &slot, &session); if (err) goto out; err = session_set_signing_key (slot, session, hKey); out: scute_global_unlock (); return err; } diff --git a/src/p11-signrecover.c b/src/p11-signrecover.c index c7e097d..5c93e56 100644 --- a/src/p11-signrecover.c +++ b/src/p11-signrecover.c @@ -1,48 +1,39 @@ /* p11-signrecover.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_SignRecover (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) { (void) hSession; (void) pData; (void) ulDataLen; (void) pSignature; (void) pulSignatureLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-signrecoverinit.c b/src/p11-signrecoverinit.c index 39b18bb..744ca29 100644 --- a/src/p11-signrecoverinit.c +++ b/src/p11-signrecoverinit.c @@ -1,45 +1,36 @@ /* p11-signrecoverinit.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_SignRecoverInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { (void) hSession; (void) pMechanism; (void) hKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-signupdate.c b/src/p11-signupdate.c index b8e2500..c958db6 100644 --- a/src/p11-signupdate.c +++ b/src/p11-signupdate.c @@ -1,44 +1,35 @@ /* p11-signupdate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_SignUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) { (void) hSession; (void) pPart; (void) ulPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-unwrapkey.c b/src/p11-unwrapkey.c index ac1f6e0..34bee37 100644 --- a/src/p11-unwrapkey.c +++ b/src/p11-unwrapkey.c @@ -1,52 +1,43 @@ /* p11-unwrapkey.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_UnwrapKey (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hUnwrappingKey, CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount, CK_OBJECT_HANDLE_PTR phKey) { (void) hSession; (void) pMechanism; (void) hUnwrappingKey; (void) pWrappedKey; (void) ulWrappedKeyLen; (void) pTemplate; (void) ulAttributeCount; (void) phKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-verify.c b/src/p11-verify.c index e4eb00e..0de9f72 100644 --- a/src/p11-verify.c +++ b/src/p11-verify.c @@ -1,47 +1,38 @@ /* p11-verify.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_Verify (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) { (void) hSession; (void) pData; (void) ulDataLen; (void) pSignature; (void) ulSignatureLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-verifyfinal.c b/src/p11-verifyfinal.c index 1ac34da..174d73e 100644 --- a/src/p11-verifyfinal.c +++ b/src/p11-verifyfinal.c @@ -1,45 +1,36 @@ /* p11-verifyfinal.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_VerifyFinal (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen) { (void) hSession; (void) pSignature; (void) ulSignatureLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-verifyinit.c b/src/p11-verifyinit.c index b548849..6b519fd 100644 --- a/src/p11-verifyinit.c +++ b/src/p11-verifyinit.c @@ -1,45 +1,36 @@ /* p11-verifyinit.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_VerifyInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { (void) hSession; (void) pMechanism; (void) hKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-verifyrecover.c b/src/p11-verifyrecover.c index c8df451..9b6a434 100644 --- a/src/p11-verifyrecover.c +++ b/src/p11-verifyrecover.c @@ -1,48 +1,39 @@ /* p11-verifyrecover.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_VerifyRecover (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, CK_ULONG ulSignatureLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen) { (void) hSession; (void) pSignature; (void) ulSignatureLen; (void) pData; (void) pulDataLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-verifyrecoverinit.c b/src/p11-verifyrecoverinit.c index fe45cd4..f85d40e 100644 --- a/src/p11-verifyrecoverinit.c +++ b/src/p11-verifyrecoverinit.c @@ -1,45 +1,36 @@ /* p11-verifyrecoverinit.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_VerifyRecoverInit (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hKey) { (void) hSession; (void) pMechanism; (void) hKey; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-verifyupdate.c b/src/p11-verifyupdate.c index 7d7699e..666c36d 100644 --- a/src/p11-verifyupdate.c +++ b/src/p11-verifyupdate.c @@ -1,45 +1,36 @@ /* p11-verifyupdate.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_VerifyUpdate (CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) { (void) hSession; (void) pPart; (void) ulPartLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-waitforslotevent.c b/src/p11-waitforslotevent.c index af443fb..0211575 100644 --- a/src/p11-waitforslotevent.c +++ b/src/p11-waitforslotevent.c @@ -1,45 +1,36 @@ /* p11-waitforslotevent.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_WaitForSlotEvent (CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, CK_VOID_PTR pReserved) { /* See the TODO file why this is not implemented. */ (void) flags; (void) pSlot; (void) pReserved; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/p11-wrapkey.c b/src/p11-wrapkey.c index e717957..4a39963 100644 --- a/src/p11-wrapkey.c +++ b/src/p11-wrapkey.c @@ -1,49 +1,40 @@ /* p11-wrapkey.c - Cryptoki implementation. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include "cryptoki.h" CK_RV CK_SPEC C_WrapKey (CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey, CK_BYTE_PTR pWrappedKey, CK_ULONG_PTR pulWrappedKeyLen) { (void) hSession; (void) pMechanism; (void) hWrappingKey; (void) hKey; (void) pWrappedKey; (void) pulWrappedKeyLen; return CKR_FUNCTION_NOT_SUPPORTED; } diff --git a/src/pkcs11.h b/src/pkcs11.h index 03e904b..6efefa9 100644 --- a/src/pkcs11.h +++ b/src/pkcs11.h @@ -1,1365 +1,1370 @@ /* pkcs11.h - Copyright 2006, 2007 g10 Code GmbH - Copyright 2006 Andreas Jellinghaus - - This file is free software; as a special exception the author gives - unlimited permission to copy and/or distribute it, with or without - modifications, as long as this notice is preserved. - - This file is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY, to the extent permitted by law; without even - the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR - PURPOSE. */ - -/* Please submit changes back to the Scute project at - http://www.scute.org/ (or send them to marcus@g10code.com), so that - they can be picked up by other projects from there as well. */ + * Copyright 2006, 2007 g10 Code GmbH + * Copyright 2006 Andreas Jellinghaus + * + * This file is free software; as a special exception the authors give + * unlimited permission to copy and/or distribute it, with or without + * modifications, as long as this notice is preserved. + * + * This file is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY, to the extent permitted by law; without even + * the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR + * PURPOSE. + * SPDX-License-Identifier: FSFULLR + */ /* This file is a modified implementation of the PKCS #11 standard by - RSA Security Inc. It is mostly a drop-in replacement, with the - following change: - - This header file does not require any macro definitions by the user - (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros - for you (if useful, some are missing, let me know if you need - more). - - There is an additional API available that does comply better to the - GNU coding standard. It can be switched on by defining - CRYPTOKI_GNU before including this header file. For this, the - following changes are made to the specification: - - All structure types are changed to a "struct ck_foo" where CK_FOO - is the type name in PKCS #11. - - All non-structure types are changed to ck_foo_t where CK_FOO is the - lowercase version of the type name in PKCS #11. The basic types - (CK_ULONG et al.) are removed without substitute. - - All members of structures are modified in the following way: Type - indication prefixes are removed, and underscore characters are - inserted before words. Then the result is lowercased. - - Note that function names are still in the original case, as they - need for ABI compatibility. - - CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use - . + * RSA Security Inc. It is mostly a drop-in replacement, with the + * following change: + * + * This header file does not require any macro definitions by the user + * (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros + * for you (if useful, some are missing, let me know if you need + * more). + * + * There is an additional API available that does comply better to the + * GNU coding standard. It can be switched on by defining + * CRYPTOKI_GNU before including this header file. For this, the + * following changes are made to the specification: + * + * All structure types are changed to a "struct ck_foo" where CK_FOO + * is the type name in PKCS #11. + * + * All non-structure types are changed to ck_foo_t where CK_FOO is the + * lowercase version of the type name in PKCS #11. The basic types + * (CK_ULONG et al.) are removed without substitute. + * + * All members of structures are modified in the following way: Type + * indication prefixes are removed, and underscore characters are + * inserted before words. Then the result is lowercased. + * + * Note that function names are still in the original case, as they + * need for ABI compatibility. + * + * CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use + * . + * + * If CRYPTOKI_COMPAT is defined before including this header file, + * then none of the API changes above take place, and the API is the + * one defined by the PKCS #11 standard. + * + * + * Please submit changes back to the Scute project with a request to + * https://dev.gnupg.org, so that they can be picked up by other + * projects from there as well. + */ - If CRYPTOKI_COMPAT is defined before including this header file, - then none of the API changes above take place, and the API is the - one defined by the PKCS #11 standard. */ #ifndef PKCS11_H #define PKCS11_H 1 #if defined(__cplusplus) extern "C" { #endif /* The version of cryptoki we implement. The revision is changed with each modification of this file. If you do not use the "official" version of this file, please consider deleting the revision macro (you may use a macro with a different name to keep track of your versions). */ #define CRYPTOKI_VERSION_MAJOR 2 #define CRYPTOKI_VERSION_MINOR 20 #define CRYPTOKI_VERSION_REVISION 6 /* Compatibility interface is default, unless CRYPTOKI_GNU is given. */ #ifndef CRYPTOKI_GNU #ifndef CRYPTOKI_COMPAT #define CRYPTOKI_COMPAT 1 #endif #endif /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) /* There is a matching pop below. */ #pragma pack(push, cryptoki, 1) #ifdef CRYPTOKI_EXPORTS #define CK_SPEC __declspec(dllexport) #else #define CK_SPEC __declspec(dllimport) #endif #else #define CK_SPEC #endif #ifdef CRYPTOKI_COMPAT /* If we are in compatibility mode, switch all exposed names to the PKCS #11 variant. There are corresponding #undefs below. */ #define ck_flags_t CK_FLAGS #define ck_version _CK_VERSION #define ck_info _CK_INFO #define cryptoki_version cryptokiVersion #define manufacturer_id manufacturerID #define library_description libraryDescription #define library_version libraryVersion #define ck_notification_t CK_NOTIFICATION #define ck_slot_id_t CK_SLOT_ID #define ck_slot_info _CK_SLOT_INFO #define slot_description slotDescription #define hardware_version hardwareVersion #define firmware_version firmwareVersion #define ck_token_info _CK_TOKEN_INFO #define serial_number serialNumber #define max_session_count ulMaxSessionCount #define session_count ulSessionCount #define max_rw_session_count ulMaxRwSessionCount #define rw_session_count ulRwSessionCount #define max_pin_len ulMaxPinLen #define min_pin_len ulMinPinLen #define total_public_memory ulTotalPublicMemory #define free_public_memory ulFreePublicMemory #define total_private_memory ulTotalPrivateMemory #define free_private_memory ulFreePrivateMemory #define utc_time utcTime #define ck_session_handle_t CK_SESSION_HANDLE #define ck_user_type_t CK_USER_TYPE #define ck_state_t CK_STATE #define ck_session_info _CK_SESSION_INFO #define slot_id slotID #define device_error ulDeviceError #define ck_object_handle_t CK_OBJECT_HANDLE #define ck_object_class_t CK_OBJECT_CLASS #define ck_hw_feature_type_t CK_HW_FEATURE_TYPE #define ck_key_type_t CK_KEY_TYPE #define ck_certificate_type_t CK_CERTIFICATE_TYPE #define ck_attribute_type_t CK_ATTRIBUTE_TYPE #define ck_attribute _CK_ATTRIBUTE #define value pValue #define value_len ulValueLen #define ck_date _CK_DATE #define ck_mechanism_type_t CK_MECHANISM_TYPE #define ck_mechanism _CK_MECHANISM #define parameter pParameter #define parameter_len ulParameterLen #define ck_mechanism_info _CK_MECHANISM_INFO #define min_key_size ulMinKeySize #define max_key_size ulMaxKeySize #define ck_rv_t CK_RV #define ck_notify_t CK_NOTIFY #define ck_function_list _CK_FUNCTION_LIST #define ck_createmutex_t CK_CREATEMUTEX #define ck_destroymutex_t CK_DESTROYMUTEX #define ck_lockmutex_t CK_LOCKMUTEX #define ck_unlockmutex_t CK_UNLOCKMUTEX #define ck_c_initialize_args _CK_C_INITIALIZE_ARGS #define create_mutex CreateMutex #define destroy_mutex DestroyMutex #define lock_mutex LockMutex #define unlock_mutex UnlockMutex #define reserved pReserved #endif /* CRYPTOKI_COMPAT */ typedef unsigned long ck_flags_t; struct ck_version { unsigned char major; unsigned char minor; }; struct ck_info { struct ck_version cryptoki_version; unsigned char manufacturer_id[32]; ck_flags_t flags; unsigned char library_description[32]; struct ck_version library_version; }; typedef unsigned long ck_notification_t; #define CKN_SURRENDER (0UL) typedef unsigned long ck_slot_id_t; struct ck_slot_info { unsigned char slot_description[64]; unsigned char manufacturer_id[32]; ck_flags_t flags; struct ck_version hardware_version; struct ck_version firmware_version; }; #define CKF_TOKEN_PRESENT (1UL << 0) #define CKF_REMOVABLE_DEVICE (1UL << 1) #define CKF_HW_SLOT (1UL << 2) #define CKF_ARRAY_ATTRIBUTE (1UL << 30) struct ck_token_info { unsigned char label[32]; unsigned char manufacturer_id[32]; unsigned char model[16]; unsigned char serial_number[16]; ck_flags_t flags; unsigned long max_session_count; unsigned long session_count; unsigned long max_rw_session_count; unsigned long rw_session_count; unsigned long max_pin_len; unsigned long min_pin_len; unsigned long total_public_memory; unsigned long free_public_memory; unsigned long total_private_memory; unsigned long free_private_memory; struct ck_version hardware_version; struct ck_version firmware_version; unsigned char utc_time[16]; }; #define CKF_RNG (1UL << 0) #define CKF_WRITE_PROTECTED (1UL << 1) #define CKF_LOGIN_REQUIRED (1UL << 2) #define CKF_USER_PIN_INITIALIZED (1UL << 3) #define CKF_RESTORE_KEY_NOT_NEEDED (1UL << 5) #define CKF_CLOCK_ON_TOKEN (1UL << 6) #define CKF_PROTECTED_AUTHENTICATION_PATH (1UL << 8) #define CKF_DUAL_CRYPTO_OPERATIONS (1UL << 9) #define CKF_TOKEN_INITIALIZED (1UL << 10) #define CKF_SECONDARY_AUTHENTICATION (1UL << 11) #define CKF_USER_PIN_COUNT_LOW (1UL << 16) #define CKF_USER_PIN_FINAL_TRY (1UL << 17) #define CKF_USER_PIN_LOCKED (1UL << 18) #define CKF_USER_PIN_TO_BE_CHANGED (1UL << 19) #define CKF_SO_PIN_COUNT_LOW (1UL << 20) #define CKF_SO_PIN_FINAL_TRY (1UL << 21) #define CKF_SO_PIN_LOCKED (1UL << 22) #define CKF_SO_PIN_TO_BE_CHANGED (1UL << 23) #define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1) #define CK_EFFECTIVELY_INFINITE (0UL) typedef unsigned long ck_session_handle_t; #define CK_INVALID_HANDLE (0UL) typedef unsigned long ck_user_type_t; #define CKU_SO (0UL) #define CKU_USER (1UL) #define CKU_CONTEXT_SPECIFIC (2UL) typedef unsigned long ck_state_t; #define CKS_RO_PUBLIC_SESSION (0UL) #define CKS_RO_USER_FUNCTIONS (1UL) #define CKS_RW_PUBLIC_SESSION (2UL) #define CKS_RW_USER_FUNCTIONS (3UL) #define CKS_RW_SO_FUNCTIONS (4UL) struct ck_session_info { ck_slot_id_t slot_id; ck_state_t state; ck_flags_t flags; unsigned long device_error; }; #define CKF_RW_SESSION (1UL << 1) #define CKF_SERIAL_SESSION (1UL << 2) typedef unsigned long ck_object_handle_t; typedef unsigned long ck_object_class_t; #define CKO_DATA (0UL) #define CKO_CERTIFICATE (1UL) #define CKO_PUBLIC_KEY (2UL) #define CKO_PRIVATE_KEY (3UL) #define CKO_SECRET_KEY (4UL) #define CKO_HW_FEATURE (5UL) #define CKO_DOMAIN_PARAMETERS (6UL) #define CKO_MECHANISM (7UL) #define CKO_VENDOR_DEFINED (1UL << 31) typedef unsigned long ck_hw_feature_type_t; #define CKH_MONOTONIC_COUNTER (1UL) #define CKH_CLOCK (2UL) #define CKH_USER_INTERFACE (3UL) #define CKH_VENDOR_DEFINED (1UL << 31) typedef unsigned long ck_key_type_t; #define CKK_RSA (0UL) #define CKK_DSA (1UL) #define CKK_DH (2UL) #define CKK_ECDSA (3UL) #define CKK_EC (3UL) #define CKK_X9_42_DH (4UL) #define CKK_KEA (5UL) #define CKK_GENERIC_SECRET (0x10UL) #define CKK_RC2 (0x11UL) #define CKK_RC4 (0x12UL) #define CKK_DES (0x13UL) #define CKK_DES2 (0x14UL) #define CKK_DES3 (0x15UL) #define CKK_CAST (0x16UL) #define CKK_CAST3 (0x17UL) #define CKK_CAST128 (0x18UL) #define CKK_RC5 (0x19UL) #define CKK_IDEA (0x1aUL) #define CKK_SKIPJACK (0x1bUL) #define CKK_BATON (0x1cUL) #define CKK_JUNIPER (0x1dUL) #define CKK_CDMF (0x1eUL) #define CKK_AES (0x1fUL) #define CKK_BLOWFISH (0x20UL) #define CKK_TWOFISH (0x21UL) #define CKK_GOSTR3410 (0x30UL) #define CKK_VENDOR_DEFINED (1UL << 31) typedef unsigned long ck_certificate_type_t; #define CKC_X_509 (0UL) #define CKC_X_509_ATTR_CERT (1UL) #define CKC_WTLS (2UL) #define CKC_VENDOR_DEFINED (1UL << 31) typedef unsigned long ck_attribute_type_t; #define CKA_CLASS (0UL) #define CKA_TOKEN (1UL) #define CKA_PRIVATE (2UL) #define CKA_LABEL (3UL) #define CKA_APPLICATION (0x10UL) #define CKA_VALUE (0x11UL) #define CKA_OBJECT_ID (0x12UL) #define CKA_CERTIFICATE_TYPE (0x80UL) #define CKA_ISSUER (0x81UL) #define CKA_SERIAL_NUMBER (0x82UL) #define CKA_AC_ISSUER (0x83UL) #define CKA_OWNER (0x84UL) #define CKA_ATTR_TYPES (0x85UL) #define CKA_TRUSTED (0x86UL) #define CKA_CERTIFICATE_CATEGORY (0x87UL) #define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88UL) #define CKA_URL (0x89UL) #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8aUL) #define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8bUL) #define CKA_CHECK_VALUE (0x90UL) #define CKA_KEY_TYPE (0x100UL) #define CKA_SUBJECT (0x101UL) #define CKA_ID (0x102UL) #define CKA_SENSITIVE (0x103UL) #define CKA_ENCRYPT (0x104UL) #define CKA_DECRYPT (0x105UL) #define CKA_WRAP (0x106UL) #define CKA_UNWRAP (0x107UL) #define CKA_SIGN (0x108UL) #define CKA_SIGN_RECOVER (0x109UL) #define CKA_VERIFY (0x10aUL) #define CKA_VERIFY_RECOVER (0x10bUL) #define CKA_DERIVE (0x10cUL) #define CKA_START_DATE (0x110UL) #define CKA_END_DATE (0x111UL) #define CKA_MODULUS (0x120UL) #define CKA_MODULUS_BITS (0x121UL) #define CKA_PUBLIC_EXPONENT (0x122UL) #define CKA_PRIVATE_EXPONENT (0x123UL) #define CKA_PRIME_1 (0x124UL) #define CKA_PRIME_2 (0x125UL) #define CKA_EXPONENT_1 (0x126UL) #define CKA_EXPONENT_2 (0x127UL) #define CKA_COEFFICIENT (0x128UL) #define CKA_PRIME (0x130UL) #define CKA_SUBPRIME (0x131UL) #define CKA_BASE (0x132UL) #define CKA_PRIME_BITS (0x133UL) #define CKA_SUB_PRIME_BITS (0x134UL) #define CKA_VALUE_BITS (0x160UL) #define CKA_VALUE_LEN (0x161UL) #define CKA_EXTRACTABLE (0x162UL) #define CKA_LOCAL (0x163UL) #define CKA_NEVER_EXTRACTABLE (0x164UL) #define CKA_ALWAYS_SENSITIVE (0x165UL) #define CKA_KEY_GEN_MECHANISM (0x166UL) #define CKA_MODIFIABLE (0x170UL) #define CKA_ECDSA_PARAMS (0x180UL) #define CKA_EC_PARAMS (0x180UL) #define CKA_EC_POINT (0x181UL) #define CKA_SECONDARY_AUTH (0x200UL) #define CKA_AUTH_PIN_FLAGS (0x201UL) #define CKA_ALWAYS_AUTHENTICATE (0x202UL) #define CKA_WRAP_WITH_TRUSTED (0x210UL) #define CKA_GOSTR3410_PARAMS (0x250UL) #define CKA_GOSTR3411_PARAMS (0x251UL) #define CKA_GOST28147_PARAMS (0x252UL) #define CKA_HW_FEATURE_TYPE (0x300UL) #define CKA_RESET_ON_INIT (0x301UL) #define CKA_HAS_RESET (0x302UL) #define CKA_PIXEL_X (0x400UL) #define CKA_PIXEL_Y (0x401UL) #define CKA_RESOLUTION (0x402UL) #define CKA_CHAR_ROWS (0x403UL) #define CKA_CHAR_COLUMNS (0x404UL) #define CKA_COLOR (0x405UL) #define CKA_BITS_PER_PIXEL (0x406UL) #define CKA_CHAR_SETS (0x480UL) #define CKA_ENCODING_METHODS (0x481UL) #define CKA_MIME_TYPES (0x482UL) #define CKA_MECHANISM_TYPE (0x500UL) #define CKA_REQUIRED_CMS_ATTRIBUTES (0x501UL) #define CKA_DEFAULT_CMS_ATTRIBUTES (0x502UL) #define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503UL) #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211UL) #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212UL) #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600UL) #define CKA_VENDOR_DEFINED (1UL << 31) struct ck_attribute { ck_attribute_type_t type; void *value; unsigned long value_len; }; struct ck_date { unsigned char year[4]; unsigned char month[2]; unsigned char day[2]; }; typedef unsigned long ck_mechanism_type_t; #define CKM_RSA_PKCS_KEY_PAIR_GEN (0UL) #define CKM_RSA_PKCS (1UL) #define CKM_RSA_9796 (2UL) #define CKM_RSA_X_509 (3UL) #define CKM_MD2_RSA_PKCS (4UL) #define CKM_MD5_RSA_PKCS (5UL) #define CKM_SHA1_RSA_PKCS (6UL) #define CKM_RIPEMD128_RSA_PKCS (7UL) #define CKM_RIPEMD160_RSA_PKCS (8UL) #define CKM_RSA_PKCS_OAEP (9UL) #define CKM_RSA_X9_31_KEY_PAIR_GEN (0xaUL) #define CKM_RSA_X9_31 (0xbUL) #define CKM_SHA1_RSA_X9_31 (0xcUL) #define CKM_RSA_PKCS_PSS (0xdUL) #define CKM_SHA1_RSA_PKCS_PSS (0xeUL) #define CKM_DSA_KEY_PAIR_GEN (0x10UL) #define CKM_DSA (0x11UL) #define CKM_DSA_SHA1 (0x12UL) #define CKM_DH_PKCS_KEY_PAIR_GEN (0x20UL) #define CKM_DH_PKCS_DERIVE (0x21UL) #define CKM_X9_42_DH_KEY_PAIR_GEN (0x30UL) #define CKM_X9_42_DH_DERIVE (0x31UL) #define CKM_X9_42_DH_HYBRID_DERIVE (0x32UL) #define CKM_X9_42_MQV_DERIVE (0x33UL) #define CKM_SHA256_RSA_PKCS (0x40UL) #define CKM_SHA384_RSA_PKCS (0x41UL) #define CKM_SHA512_RSA_PKCS (0x42UL) #define CKM_SHA256_RSA_PKCS_PSS (0x43UL) #define CKM_SHA384_RSA_PKCS_PSS (0x44UL) #define CKM_SHA512_RSA_PKCS_PSS (0x45UL) #define CKM_RC2_KEY_GEN (0x100UL) #define CKM_RC2_ECB (0x101UL) #define CKM_RC2_CBC (0x102UL) #define CKM_RC2_MAC (0x103UL) #define CKM_RC2_MAC_GENERAL (0x104UL) #define CKM_RC2_CBC_PAD (0x105UL) #define CKM_RC4_KEY_GEN (0x110UL) #define CKM_RC4 (0x111UL) #define CKM_DES_KEY_GEN (0x120UL) #define CKM_DES_ECB (0x121UL) #define CKM_DES_CBC (0x122UL) #define CKM_DES_MAC (0x123UL) #define CKM_DES_MAC_GENERAL (0x124UL) #define CKM_DES_CBC_PAD (0x125UL) #define CKM_DES2_KEY_GEN (0x130UL) #define CKM_DES3_KEY_GEN (0x131UL) #define CKM_DES3_ECB (0x132UL) #define CKM_DES3_CBC (0x133UL) #define CKM_DES3_MAC (0x134UL) #define CKM_DES3_MAC_GENERAL (0x135UL) #define CKM_DES3_CBC_PAD (0x136UL) #define CKM_CDMF_KEY_GEN (0x140UL) #define CKM_CDMF_ECB (0x141UL) #define CKM_CDMF_CBC (0x142UL) #define CKM_CDMF_MAC (0x143UL) #define CKM_CDMF_MAC_GENERAL (0x144UL) #define CKM_CDMF_CBC_PAD (0x145UL) #define CKM_MD2 (0x200UL) #define CKM_MD2_HMAC (0x201UL) #define CKM_MD2_HMAC_GENERAL (0x202UL) #define CKM_MD5 (0x210UL) #define CKM_MD5_HMAC (0x211UL) #define CKM_MD5_HMAC_GENERAL (0x212UL) #define CKM_SHA_1 (0x220UL) #define CKM_SHA_1_HMAC (0x221UL) #define CKM_SHA_1_HMAC_GENERAL (0x222UL) #define CKM_RIPEMD128 (0x230UL) #define CKM_RIPEMD128_HMAC (0x231UL) #define CKM_RIPEMD128_HMAC_GENERAL (0x232UL) #define CKM_RIPEMD160 (0x240UL) #define CKM_RIPEMD160_HMAC (0x241UL) #define CKM_RIPEMD160_HMAC_GENERAL (0x242UL) #define CKM_SHA256 (0x250UL) #define CKM_SHA256_HMAC (0x251UL) #define CKM_SHA256_HMAC_GENERAL (0x252UL) #define CKM_SHA384 (0x260UL) #define CKM_SHA384_HMAC (0x261UL) #define CKM_SHA384_HMAC_GENERAL (0x262UL) #define CKM_SHA512 (0x270UL) #define CKM_SHA512_HMAC (0x271UL) #define CKM_SHA512_HMAC_GENERAL (0x272UL) #define CKM_CAST_KEY_GEN (0x300UL) #define CKM_CAST_ECB (0x301UL) #define CKM_CAST_CBC (0x302UL) #define CKM_CAST_MAC (0x303UL) #define CKM_CAST_MAC_GENERAL (0x304UL) #define CKM_CAST_CBC_PAD (0x305UL) #define CKM_CAST3_KEY_GEN (0x310UL) #define CKM_CAST3_ECB (0x311UL) #define CKM_CAST3_CBC (0x312UL) #define CKM_CAST3_MAC (0x313UL) #define CKM_CAST3_MAC_GENERAL (0x314UL) #define CKM_CAST3_CBC_PAD (0x315UL) #define CKM_CAST5_KEY_GEN (0x320UL) #define CKM_CAST128_KEY_GEN (0x320UL) #define CKM_CAST5_ECB (0x321UL) #define CKM_CAST128_ECB (0x321UL) #define CKM_CAST5_CBC (0x322UL) #define CKM_CAST128_CBC (0x322UL) #define CKM_CAST5_MAC (0x323UL) #define CKM_CAST128_MAC (0x323UL) #define CKM_CAST5_MAC_GENERAL (0x324UL) #define CKM_CAST128_MAC_GENERAL (0x324UL) #define CKM_CAST5_CBC_PAD (0x325UL) #define CKM_CAST128_CBC_PAD (0x325UL) #define CKM_RC5_KEY_GEN (0x330UL) #define CKM_RC5_ECB (0x331UL) #define CKM_RC5_CBC (0x332UL) #define CKM_RC5_MAC (0x333UL) #define CKM_RC5_MAC_GENERAL (0x334UL) #define CKM_RC5_CBC_PAD (0x335UL) #define CKM_IDEA_KEY_GEN (0x340UL) #define CKM_IDEA_ECB (0x341UL) #define CKM_IDEA_CBC (0x342UL) #define CKM_IDEA_MAC (0x343UL) #define CKM_IDEA_MAC_GENERAL (0x344UL) #define CKM_IDEA_CBC_PAD (0x345UL) #define CKM_GENERIC_SECRET_KEY_GEN (0x350UL) #define CKM_CONCATENATE_BASE_AND_KEY (0x360UL) #define CKM_CONCATENATE_BASE_AND_DATA (0x362UL) #define CKM_CONCATENATE_DATA_AND_BASE (0x363UL) #define CKM_XOR_BASE_AND_DATA (0x364UL) #define CKM_EXTRACT_KEY_FROM_KEY (0x365UL) #define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370UL) #define CKM_SSL3_MASTER_KEY_DERIVE (0x371UL) #define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372UL) #define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373UL) #define CKM_TLS_PRE_MASTER_KEY_GEN (0x374UL) #define CKM_TLS_MASTER_KEY_DERIVE (0x375UL) #define CKM_TLS_KEY_AND_MAC_DERIVE (0x376UL) #define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377UL) #define CKM_SSL3_MD5_MAC (0x380UL) #define CKM_SSL3_SHA1_MAC (0x381UL) #define CKM_MD5_KEY_DERIVATION (0x390UL) #define CKM_MD2_KEY_DERIVATION (0x391UL) #define CKM_SHA1_KEY_DERIVATION (0x392UL) #define CKM_PBE_MD2_DES_CBC (0x3a0UL) #define CKM_PBE_MD5_DES_CBC (0x3a1UL) #define CKM_PBE_MD5_CAST_CBC (0x3a2UL) #define CKM_PBE_MD5_CAST3_CBC (0x3a3UL) #define CKM_PBE_MD5_CAST5_CBC (0x3a4UL) #define CKM_PBE_MD5_CAST128_CBC (0x3a4UL) #define CKM_PBE_SHA1_CAST5_CBC (0x3a5UL) #define CKM_PBE_SHA1_CAST128_CBC (0x3a5UL) #define CKM_PBE_SHA1_RC4_128 (0x3a6UL) #define CKM_PBE_SHA1_RC4_40 (0x3a7UL) #define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8UL) #define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9UL) #define CKM_PBE_SHA1_RC2_128_CBC (0x3aaUL) #define CKM_PBE_SHA1_RC2_40_CBC (0x3abUL) #define CKM_PKCS5_PBKD2 (0x3b0UL) #define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0UL) #define CKM_KEY_WRAP_LYNKS (0x400UL) #define CKM_KEY_WRAP_SET_OAEP (0x401UL) #define CKM_SKIPJACK_KEY_GEN (0x1000UL) #define CKM_SKIPJACK_ECB64 (0x1001UL) #define CKM_SKIPJACK_CBC64 (0x1002UL) #define CKM_SKIPJACK_OFB64 (0x1003UL) #define CKM_SKIPJACK_CFB64 (0x1004UL) #define CKM_SKIPJACK_CFB32 (0x1005UL) #define CKM_SKIPJACK_CFB16 (0x1006UL) #define CKM_SKIPJACK_CFB8 (0x1007UL) #define CKM_SKIPJACK_WRAP (0x1008UL) #define CKM_SKIPJACK_PRIVATE_WRAP (0x1009UL) #define CKM_SKIPJACK_RELAYX (0x100aUL) #define CKM_KEA_KEY_PAIR_GEN (0x1010UL) #define CKM_KEA_KEY_DERIVE (0x1011UL) #define CKM_FORTEZZA_TIMESTAMP (0x1020UL) #define CKM_BATON_KEY_GEN (0x1030UL) #define CKM_BATON_ECB128 (0x1031UL) #define CKM_BATON_ECB96 (0x1032UL) #define CKM_BATON_CBC128 (0x1033UL) #define CKM_BATON_COUNTER (0x1034UL) #define CKM_BATON_SHUFFLE (0x1035UL) #define CKM_BATON_WRAP (0x1036UL) #define CKM_ECDSA_KEY_PAIR_GEN (0x1040UL) #define CKM_EC_KEY_PAIR_GEN (0x1040UL) #define CKM_ECDSA (0x1041UL) #define CKM_ECDSA_SHA1 (0x1042UL) #define CKM_ECDH1_DERIVE (0x1050UL) #define CKM_ECDH1_COFACTOR_DERIVE (0x1051UL) #define CKM_ECMQV_DERIVE (0x1052UL) #define CKM_JUNIPER_KEY_GEN (0x1060UL) #define CKM_JUNIPER_ECB128 (0x1061UL) #define CKM_JUNIPER_CBC128 (0x1062UL) #define CKM_JUNIPER_COUNTER (0x1063UL) #define CKM_JUNIPER_SHUFFLE (0x1064UL) #define CKM_JUNIPER_WRAP (0x1065UL) #define CKM_FASTHASH (0x1070UL) #define CKM_AES_KEY_GEN (0x1080UL) #define CKM_AES_ECB (0x1081UL) #define CKM_AES_CBC (0x1082UL) #define CKM_AES_MAC (0x1083UL) #define CKM_AES_MAC_GENERAL (0x1084UL) #define CKM_AES_CBC_PAD (0x1085UL) #define CKM_GOSTR3410_KEY_PAIR_GEN (0x1200UL) #define CKM_GOSTR3410 (0x1201UL) #define CKM_GOSTR3410_WITH_GOSTR3411 (0x1202UL) #define CKM_GOSTR3411 (0x1210UL) #define CKM_DSA_PARAMETER_GEN (0x2000UL) #define CKM_DH_PKCS_PARAMETER_GEN (0x2001UL) #define CKM_X9_42_DH_PARAMETER_GEN (0x2002UL) #define CKM_VENDOR_DEFINED (1UL << 31) struct ck_mechanism { ck_mechanism_type_t mechanism; void *parameter; unsigned long parameter_len; }; struct ck_mechanism_info { unsigned long min_key_size; unsigned long max_key_size; ck_flags_t flags; }; #define CKF_HW (1UL << 0) #define CKF_ENCRYPT (1UL << 8) #define CKF_DECRYPT (1UL << 9) #define CKF_DIGEST (1UL << 10) #define CKF_SIGN (1UL << 11) #define CKF_SIGN_RECOVER (1UL << 12) #define CKF_VERIFY (1UL << 13) #define CKF_VERIFY_RECOVER (1UL << 14) #define CKF_GENERATE (1UL << 15) #define CKF_GENERATE_KEY_PAIR (1UL << 16) #define CKF_WRAP (1UL << 17) #define CKF_UNWRAP (1UL << 18) #define CKF_DERIVE (1UL << 19) #define CKF_EXTENSION (1UL << 31) /* Flags for C_WaitForSlotEvent. */ #define CKF_DONT_BLOCK (1UL) typedef unsigned long ck_rv_t; typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session, ck_notification_t event, void *application); /* Forward reference. */ struct ck_function_list; #define _CK_DECLARE_FUNCTION(name, args) \ typedef ck_rv_t (*CK_ ## name) args; \ ck_rv_t CK_SPEC name args _CK_DECLARE_FUNCTION (C_Initialize, (void *init_args)); _CK_DECLARE_FUNCTION (C_Finalize, (void *reserved)); _CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info)); _CK_DECLARE_FUNCTION (C_GetFunctionList, (struct ck_function_list **function_list)); _CK_DECLARE_FUNCTION (C_GetSlotList, (unsigned char token_present, ck_slot_id_t *slot_list, unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetSlotInfo, (ck_slot_id_t slot_id, struct ck_slot_info *info)); _CK_DECLARE_FUNCTION (C_GetTokenInfo, (ck_slot_id_t slot_id, struct ck_token_info *info)); _CK_DECLARE_FUNCTION (C_WaitForSlotEvent, (ck_flags_t flags, ck_slot_id_t *slot, void *reserved)); _CK_DECLARE_FUNCTION (C_GetMechanismList, (ck_slot_id_t slot_id, ck_mechanism_type_t *mechanism_list, unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetMechanismInfo, (ck_slot_id_t slot_id, ck_mechanism_type_t type, struct ck_mechanism_info *info)); _CK_DECLARE_FUNCTION (C_InitToken, (ck_slot_id_t slot_id, unsigned char *pin, unsigned long pin_len, unsigned char *label)); _CK_DECLARE_FUNCTION (C_InitPIN, (ck_session_handle_t session, unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_SetPIN, (ck_session_handle_t session, unsigned char *old_pin, unsigned long old_len, unsigned char *new_pin, unsigned long new_len)); _CK_DECLARE_FUNCTION (C_OpenSession, (ck_slot_id_t slot_id, ck_flags_t flags, void *application, ck_notify_t notify, ck_session_handle_t *session)); _CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id)); _CK_DECLARE_FUNCTION (C_GetSessionInfo, (ck_session_handle_t session, struct ck_session_info *info)); _CK_DECLARE_FUNCTION (C_GetOperationState, (ck_session_handle_t session, unsigned char *operation_state, unsigned long *operation_state_len)); _CK_DECLARE_FUNCTION (C_SetOperationState, (ck_session_handle_t session, unsigned char *operation_state, unsigned long operation_state_len, ck_object_handle_t encryption_key, ck_object_handle_t authentiation_key)); _CK_DECLARE_FUNCTION (C_Login, (ck_session_handle_t session, ck_user_type_t user_type, unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CreateObject, (ck_session_handle_t session, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *object)); _CK_DECLARE_FUNCTION (C_CopyObject, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *new_object)); _CK_DECLARE_FUNCTION (C_DestroyObject, (ck_session_handle_t session, ck_object_handle_t object)); _CK_DECLARE_FUNCTION (C_GetObjectSize, (ck_session_handle_t session, ck_object_handle_t object, unsigned long *size)); _CK_DECLARE_FUNCTION (C_GetAttributeValue, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_SetAttributeValue, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjectsInit, (ck_session_handle_t session, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjects, (ck_session_handle_t session, ck_object_handle_t *object, unsigned long max_object_count, unsigned long *object_count)); _CK_DECLARE_FUNCTION (C_FindObjectsFinal, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_EncryptInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Encrypt, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *encrypted_data, unsigned long *encrypted_data_len)); _CK_DECLARE_FUNCTION (C_EncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_EncryptFinal, (ck_session_handle_t session, unsigned char *last_encrypted_part, unsigned long *last_encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Decrypt, (ck_session_handle_t session, unsigned char *encrypted_data, unsigned long encrypted_data_len, unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DecryptUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_DecryptFinal, (ck_session_handle_t session, unsigned char *last_part, unsigned long *last_part_len)); _CK_DECLARE_FUNCTION (C_DigestInit, (ck_session_handle_t session, struct ck_mechanism *mechanism)); _CK_DECLARE_FUNCTION (C_Digest, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *digest, unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_DigestUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_DigestKey, (ck_session_handle_t session, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_DigestFinal, (ck_session_handle_t session, unsigned char *digest, unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_SignInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Sign, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_SignFinal, (ck_session_handle_t session, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignRecoverInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_SignRecover, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_VerifyInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Verify, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_VerifyFinal, (ck_session_handle_t session, unsigned char *signature, unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyRecoverInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_VerifyRecover, (ck_session_handle_t session, unsigned char *signature, unsigned long signature_len, unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DigestEncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptDigestUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_SignEncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_GenerateKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_GenerateKeyPair, (ck_session_handle_t session, struct ck_mechanism *mechanism, struct ck_attribute *public_key_template, unsigned long public_key_attribute_count, struct ck_attribute *private_key_template, unsigned long private_key_attribute_count, ck_object_handle_t *public_key, ck_object_handle_t *private_key)); _CK_DECLARE_FUNCTION (C_WrapKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t wrapping_key, ck_object_handle_t key, unsigned char *wrapped_key, unsigned long *wrapped_key_len)); _CK_DECLARE_FUNCTION (C_UnwrapKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t unwrapping_key, unsigned char *wrapped_key, unsigned long wrapped_key_len, struct ck_attribute *templ, unsigned long attribute_count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_DeriveKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t base_key, struct ck_attribute *templ, unsigned long attribute_count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_SeedRandom, (ck_session_handle_t session, unsigned char *seed, unsigned long seed_len)); _CK_DECLARE_FUNCTION (C_GenerateRandom, (ck_session_handle_t session, unsigned char *random_data, unsigned long random_len)); _CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session)); struct ck_function_list { struct ck_version version; CK_C_Initialize C_Initialize; CK_C_Finalize C_Finalize; CK_C_GetInfo C_GetInfo; CK_C_GetFunctionList C_GetFunctionList; CK_C_GetSlotList C_GetSlotList; CK_C_GetSlotInfo C_GetSlotInfo; CK_C_GetTokenInfo C_GetTokenInfo; CK_C_GetMechanismList C_GetMechanismList; CK_C_GetMechanismInfo C_GetMechanismInfo; CK_C_InitToken C_InitToken; CK_C_InitPIN C_InitPIN; CK_C_SetPIN C_SetPIN; CK_C_OpenSession C_OpenSession; CK_C_CloseSession C_CloseSession; CK_C_CloseAllSessions C_CloseAllSessions; CK_C_GetSessionInfo C_GetSessionInfo; CK_C_GetOperationState C_GetOperationState; CK_C_SetOperationState C_SetOperationState; CK_C_Login C_Login; CK_C_Logout C_Logout; CK_C_CreateObject C_CreateObject; CK_C_CopyObject C_CopyObject; CK_C_DestroyObject C_DestroyObject; CK_C_GetObjectSize C_GetObjectSize; CK_C_GetAttributeValue C_GetAttributeValue; CK_C_SetAttributeValue C_SetAttributeValue; CK_C_FindObjectsInit C_FindObjectsInit; CK_C_FindObjects C_FindObjects; CK_C_FindObjectsFinal C_FindObjectsFinal; CK_C_EncryptInit C_EncryptInit; CK_C_Encrypt C_Encrypt; CK_C_EncryptUpdate C_EncryptUpdate; CK_C_EncryptFinal C_EncryptFinal; CK_C_DecryptInit C_DecryptInit; CK_C_Decrypt C_Decrypt; CK_C_DecryptUpdate C_DecryptUpdate; CK_C_DecryptFinal C_DecryptFinal; CK_C_DigestInit C_DigestInit; CK_C_Digest C_Digest; CK_C_DigestUpdate C_DigestUpdate; CK_C_DigestKey C_DigestKey; CK_C_DigestFinal C_DigestFinal; CK_C_SignInit C_SignInit; CK_C_Sign C_Sign; CK_C_SignUpdate C_SignUpdate; CK_C_SignFinal C_SignFinal; CK_C_SignRecoverInit C_SignRecoverInit; CK_C_SignRecover C_SignRecover; CK_C_VerifyInit C_VerifyInit; CK_C_Verify C_Verify; CK_C_VerifyUpdate C_VerifyUpdate; CK_C_VerifyFinal C_VerifyFinal; CK_C_VerifyRecoverInit C_VerifyRecoverInit; CK_C_VerifyRecover C_VerifyRecover; CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; CK_C_SignEncryptUpdate C_SignEncryptUpdate; CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; CK_C_GenerateKey C_GenerateKey; CK_C_GenerateKeyPair C_GenerateKeyPair; CK_C_WrapKey C_WrapKey; CK_C_UnwrapKey C_UnwrapKey; CK_C_DeriveKey C_DeriveKey; CK_C_SeedRandom C_SeedRandom; CK_C_GenerateRandom C_GenerateRandom; CK_C_GetFunctionStatus C_GetFunctionStatus; CK_C_CancelFunction C_CancelFunction; CK_C_WaitForSlotEvent C_WaitForSlotEvent; }; typedef ck_rv_t (*ck_createmutex_t) (void **mutex); typedef ck_rv_t (*ck_destroymutex_t) (void *mutex); typedef ck_rv_t (*ck_lockmutex_t) (void *mutex); typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex); struct ck_c_initialize_args { ck_createmutex_t create_mutex; ck_destroymutex_t destroy_mutex; ck_lockmutex_t lock_mutex; ck_unlockmutex_t unlock_mutex; ck_flags_t flags; void *reserved; }; #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1UL << 0) #define CKF_OS_LOCKING_OK (1UL << 1) #define CKR_OK (0UL) #define CKR_CANCEL (1UL) #define CKR_HOST_MEMORY (2UL) #define CKR_SLOT_ID_INVALID (3UL) #define CKR_GENERAL_ERROR (5UL) #define CKR_FUNCTION_FAILED (6UL) #define CKR_ARGUMENTS_BAD (7UL) #define CKR_NO_EVENT (8UL) #define CKR_NEED_TO_CREATE_THREADS (9UL) #define CKR_CANT_LOCK (0xaUL) #define CKR_ATTRIBUTE_READ_ONLY (0x10UL) #define CKR_ATTRIBUTE_SENSITIVE (0x11UL) #define CKR_ATTRIBUTE_TYPE_INVALID (0x12UL) #define CKR_ATTRIBUTE_VALUE_INVALID (0x13UL) #define CKR_DATA_INVALID (0x20UL) #define CKR_DATA_LEN_RANGE (0x21UL) #define CKR_DEVICE_ERROR (0x30UL) #define CKR_DEVICE_MEMORY (0x31UL) #define CKR_DEVICE_REMOVED (0x32UL) #define CKR_ENCRYPTED_DATA_INVALID (0x40UL) #define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41UL) #define CKR_FUNCTION_CANCELED (0x50UL) #define CKR_FUNCTION_NOT_PARALLEL (0x51UL) #define CKR_FUNCTION_NOT_SUPPORTED (0x54UL) #define CKR_KEY_HANDLE_INVALID (0x60UL) #define CKR_KEY_SIZE_RANGE (0x62UL) #define CKR_KEY_TYPE_INCONSISTENT (0x63UL) #define CKR_KEY_NOT_NEEDED (0x64UL) #define CKR_KEY_CHANGED (0x65UL) #define CKR_KEY_NEEDED (0x66UL) #define CKR_KEY_INDIGESTIBLE (0x67UL) #define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68UL) #define CKR_KEY_NOT_WRAPPABLE (0x69UL) #define CKR_KEY_UNEXTRACTABLE (0x6aUL) #define CKR_MECHANISM_INVALID (0x70UL) #define CKR_MECHANISM_PARAM_INVALID (0x71UL) #define CKR_OBJECT_HANDLE_INVALID (0x82UL) #define CKR_OPERATION_ACTIVE (0x90UL) #define CKR_OPERATION_NOT_INITIALIZED (0x91UL) #define CKR_PIN_INCORRECT (0xa0UL) #define CKR_PIN_INVALID (0xa1UL) #define CKR_PIN_LEN_RANGE (0xa2UL) #define CKR_PIN_EXPIRED (0xa3UL) #define CKR_PIN_LOCKED (0xa4UL) #define CKR_SESSION_CLOSED (0xb0UL) #define CKR_SESSION_COUNT (0xb1UL) #define CKR_SESSION_HANDLE_INVALID (0xb3UL) #define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4UL) #define CKR_SESSION_READ_ONLY (0xb5UL) #define CKR_SESSION_EXISTS (0xb6UL) #define CKR_SESSION_READ_ONLY_EXISTS (0xb7UL) #define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8UL) #define CKR_SIGNATURE_INVALID (0xc0UL) #define CKR_SIGNATURE_LEN_RANGE (0xc1UL) #define CKR_TEMPLATE_INCOMPLETE (0xd0UL) #define CKR_TEMPLATE_INCONSISTENT (0xd1UL) #define CKR_TOKEN_NOT_PRESENT (0xe0UL) #define CKR_TOKEN_NOT_RECOGNIZED (0xe1UL) #define CKR_TOKEN_WRITE_PROTECTED (0xe2UL) #define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0UL) #define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1UL) #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2UL) #define CKR_USER_ALREADY_LOGGED_IN (0x100UL) #define CKR_USER_NOT_LOGGED_IN (0x101UL) #define CKR_USER_PIN_NOT_INITIALIZED (0x102UL) #define CKR_USER_TYPE_INVALID (0x103UL) #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104UL) #define CKR_USER_TOO_MANY_TYPES (0x105UL) #define CKR_WRAPPED_KEY_INVALID (0x110UL) #define CKR_WRAPPED_KEY_LEN_RANGE (0x112UL) #define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113UL) #define CKR_WRAPPING_KEY_SIZE_RANGE (0x114UL) #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115UL) #define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120UL) #define CKR_RANDOM_NO_RNG (0x121UL) #define CKR_DOMAIN_PARAMS_INVALID (0x130UL) #define CKR_BUFFER_TOO_SMALL (0x150UL) #define CKR_SAVED_STATE_INVALID (0x160UL) #define CKR_INFORMATION_SENSITIVE (0x170UL) #define CKR_STATE_UNSAVEABLE (0x180UL) #define CKR_CRYPTOKI_NOT_INITIALIZED (0x190UL) #define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191UL) #define CKR_MUTEX_BAD (0x1a0UL) #define CKR_MUTEX_NOT_LOCKED (0x1a1UL) #define CKR_FUNCTION_REJECTED (0x200UL) #define CKR_VENDOR_DEFINED (1UL << 31) /* Compatibility layer. */ #ifdef CRYPTOKI_COMPAT #undef CK_DEFINE_FUNCTION #define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name /* For NULL. */ #include typedef unsigned char CK_BYTE; typedef unsigned char CK_CHAR; typedef unsigned char CK_UTF8CHAR; typedef unsigned char CK_BBOOL; typedef unsigned long int CK_ULONG; typedef long int CK_LONG; typedef CK_BYTE *CK_BYTE_PTR; typedef CK_CHAR *CK_CHAR_PTR; typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; typedef CK_ULONG *CK_ULONG_PTR; typedef void *CK_VOID_PTR; typedef void **CK_VOID_PTR_PTR; #define CK_FALSE 0 #define CK_TRUE 1 #ifndef CK_DISABLE_TRUE_FALSE #ifndef FALSE #define FALSE 0 #endif #ifndef TRUE #define TRUE 1 #endif #endif typedef struct ck_version CK_VERSION; typedef struct ck_version *CK_VERSION_PTR; typedef struct ck_info CK_INFO; typedef struct ck_info *CK_INFO_PTR; typedef ck_slot_id_t *CK_SLOT_ID_PTR; typedef struct ck_slot_info CK_SLOT_INFO; typedef struct ck_slot_info *CK_SLOT_INFO_PTR; typedef struct ck_token_info CK_TOKEN_INFO; typedef struct ck_token_info *CK_TOKEN_INFO_PTR; typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR; typedef struct ck_session_info CK_SESSION_INFO; typedef struct ck_session_info *CK_SESSION_INFO_PTR; typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR; typedef ck_object_class_t *CK_OBJECT_CLASS_PTR; typedef struct ck_attribute CK_ATTRIBUTE; typedef struct ck_attribute *CK_ATTRIBUTE_PTR; typedef struct ck_date CK_DATE; typedef struct ck_date *CK_DATE_PTR; typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR; typedef struct ck_mechanism CK_MECHANISM; typedef struct ck_mechanism *CK_MECHANISM_PTR; typedef struct ck_mechanism_info CK_MECHANISM_INFO; typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR; typedef struct ck_function_list CK_FUNCTION_LIST; typedef struct ck_function_list *CK_FUNCTION_LIST_PTR; typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR; typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS; typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; #define NULL_PTR NULL /* Delete the helper macros defined at the top of the file. */ #undef ck_flags_t #undef ck_version #undef ck_info #undef cryptoki_version #undef manufacturer_id #undef library_description #undef library_version #undef ck_notification_t #undef ck_slot_id_t #undef ck_slot_info #undef slot_description #undef hardware_version #undef firmware_version #undef ck_token_info #undef serial_number #undef max_session_count #undef session_count #undef max_rw_session_count #undef rw_session_count #undef max_pin_len #undef min_pin_len #undef total_public_memory #undef free_public_memory #undef total_private_memory #undef free_private_memory #undef utc_time #undef ck_session_handle_t #undef ck_user_type_t #undef ck_state_t #undef ck_session_info #undef slot_id #undef device_error #undef ck_object_handle_t #undef ck_object_class_t #undef ck_hw_feature_type_t #undef ck_key_type_t #undef ck_certificate_type_t #undef ck_attribute_type_t #undef ck_attribute #undef value #undef value_len #undef ck_date #undef ck_mechanism_type_t #undef ck_mechanism #undef parameter #undef parameter_len #undef ck_mechanism_info #undef min_key_size #undef max_key_size #undef ck_rv_t #undef ck_notify_t #undef ck_function_list #undef ck_createmutex_t #undef ck_destroymutex_t #undef ck_lockmutex_t #undef ck_unlockmutex_t #undef ck_c_initialize_args #undef create_mutex #undef destroy_mutex #undef lock_mutex #undef unlock_mutex #undef reserved #endif /* CRYPTOKI_COMPAT */ /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) #pragma pack(pop, cryptoki) #endif #if defined(__cplusplus) } #endif #endif /* PKCS11_H */ diff --git a/src/scute.def b/src/scute.def index a74a027..8521035 100644 --- a/src/scute.def +++ b/src/scute.def @@ -1,101 +1,91 @@ ; scute.def - List of symbols to export. ; Copyright (C) 2005, 2006 g10 Code GmbH ; ; This file is part of Scute. ; ; Scute is free software; you can redistribute it and/or modify it -; under the terms of the GNU General Public License as published by -; the Free Software Foundation; either version 2 of the License, or -; (at your option) any later version. +; under the terms of the GNU Lesser General Public License as +; published by the Free Software Foundation; either version 2.1 of +; the License, or (at your option) any later version. ; ; Scute is distributed in the hope that it will be useful, but ; WITHOUT ANY WARRANTY; without even the implied warranty of ; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -; General Public License for more details. +; Lesser General Public License for more details. ; -; You should have received a copy of the GNU General Public License -; along with Scute; if not, write to the Free Software Foundation, -; Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -; -; In addition, as a special exception, g10 Code GmbH gives permission -; to link this library: with the Mozilla Fondations's code for -; Mozilla (or with modified versions of it that use the same license -; as the "Mozilla" code), and distribute the linked executables. You -; must obey the GNU General Public License in all respects for all of -; the code used other than "Mozilla". If you modify this file, you -; may extend this exception to your version of the file, but you are -; not obligated to do so. If you do not wish to do so, delete this -; exception statement from your version. +; You should have received a copy of the GNU Lesser General Public +; License along with this program; if not, see . +; SPDX-License-Identifier: LGPL-2.1-or-later LIBRARY scute.dll EXPORTS C_CancelFunction @1 C_CloseAllSessions @2 C_CloseSession @3 C_CopyObject @4 C_CreateObject @5 C_Decrypt @6 C_DecryptDigestUpdate @7 C_DecryptFinal @8 C_DecryptInit @9 C_DecryptUpdate @10 C_DecryptVerifyUpdate @11 C_DeriveKey @12 C_DestroyObject @13 C_Digest @14 C_DigestEncryptUpdate @15 C_DigestFinal @16 C_DigestInit @17 C_DigestKey @18 C_DigestUpdate @19 C_Encrypt @20 C_EncryptFinal @21 C_EncryptInit @22 C_EncryptUpdate @23 C_Finalize @24 C_FindObjects @25 C_FindObjectsFinal @26 C_FindObjectsInit @27 C_GenerateKey @28 C_GenerateKeyPair @29 C_GenerateRandom @30 C_GetAttributeValue @31 C_GetFunctionList @32 C_GetFunctionStatus @33 C_GetInfo @34 C_GetMechanismInfo @35 C_GetMechanismList @36 C_GetObjectSize @37 C_GetOperationState @38 C_GetSessionInfo @39 C_GetSlotInfo @40 C_GetSlotList @41 C_GetTokenInfo @42 C_InitPIN @43 C_InitToken @44 C_Initialize @45 C_Login @46 C_Logout @47 C_OpenSession @48 C_SeedRandom @49 C_SetAttributeValue @50 C_SetOperationState @51 C_SetPIN @52 C_Sign @53 C_SignEncryptUpdate @54 C_SignFinal @55 C_SignInit @56 C_SignRecover @57 C_SignRecoverInit @58 C_SignUpdate @59 C_UnwrapKey @60 C_Verify @61 C_VerifyFinal @62 C_VerifyInit @63 C_VerifyRecover @64 C_VerifyRecoverInit @65 C_VerifyUpdate @66 C_WaitForSlotEvent @67 C_WrapKey @68 ; END diff --git a/src/sexp-parse.h b/src/sexp-parse.h index f2edafa..3be8b04 100644 --- a/src/sexp-parse.h +++ b/src/sexp-parse.h @@ -1,137 +1,134 @@ /* sexp-parse.h - S-expression helper functions * Copyright (C) 2002, 2003, 2007 Free Software Foundation, Inc. + * Copyright (C) 2002, 2003, 2007 Werner Koch * - * This file is free software; you can redistribute it and/or modify - * it under the terms of either + * This file is part of Scute. * - * - the GNU Lesser General Public License as published by the Free - * Software Foundation; either version 3 of the License, or (at - * your option) any later version. + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. * - * or + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. * - * - the GNU General Public License as published by the Free - * Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * or both in parallel, as here. - * - * This file is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see . + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later */ +/* Note that this file has been taken from GnuPG and re-licensed to + * the LGPL. See the commit log for details. */ + #ifndef SEXP_PARSE_H #define SEXP_PARSE_H #include /* Return the length of the next S-Exp part and update the pointer to the first data byte. 0 is returned on error */ static inline size_t snext (unsigned char const **buf) { const unsigned char *s; int n; s = *buf; for (n=0; *s && *s != ':' && (*s >= '0' && *s <= '9'); s++) n = n*10 + (*s - '0'); if (!n || *s != ':') return 0; /* we don't allow empty lengths */ *buf = s+1; return n; } /* Skip over the S-Expression BUF points to and update BUF to point to the chacter right behind. DEPTH gives the initial number of open lists and may be passed as a positive number to skip over the remainder of an S-Expression if the current position is somewhere in an S-Expression. The function may return an error code if it encounters an impossible condition. */ static inline gpg_error_t sskip (unsigned char const **buf, int *depth) { const unsigned char *s = *buf; size_t n; int d = *depth; while (d > 0) { if (*s == '(') { d++; s++; } else if (*s == ')') { d--; s++; } else { if (!d) return gpg_error (GPG_ERR_INV_SEXP); n = snext (&s); if (!n) return gpg_error (GPG_ERR_INV_SEXP); s += n; } } *buf = s; *depth = d; return 0; } /* Check whether the string at the address BUF points to matches the token. Return true on match and update BUF to point behind the token. Return false and do not update the buffer if it does not match. */ static inline int smatch (unsigned char const **buf, size_t buflen, const char *token) { size_t toklen = strlen (token); if (buflen != toklen || memcmp (*buf, token, toklen)) return 0; *buf += toklen; return 1; } /* Format VALUE for use as the length indicatior of an S-expression. The caller needs to provide a buffer HELP_BUFFER wth a length of HELP_BUFLEN. The return value is a pointer into HELP_BUFFER with the formatted length string. The colon and a trailing nul are appended. HELP_BUFLEN must be at least 3 - a more useful value is 15. If LENGTH is not NULL, the LENGTH of the resulting string (excluding the terminating nul) is stored at that address. */ static inline char * smklen (char *help_buffer, size_t help_buflen, size_t value, size_t *length) { char *p = help_buffer + help_buflen; if (help_buflen >= 3) { *--p = 0; *--p = ':'; do { *--p = '0' + (value % 10); value /= 10; } while (value && p > help_buffer); } if (length) *length = (help_buffer + help_buflen) - p; return p; } #endif /*SEXP_PARSE_H*/ diff --git a/src/slots.c b/src/slots.c index 70d4ea2..c97bbb8 100644 --- a/src/slots.c +++ b/src/slots.c @@ -1,1100 +1,1091 @@ /* slots.c - Slot management. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include #include #include "cryptoki.h" #include "table.h" #include "error-mapping.h" #include "slots.h" #include "agent.h" #include "support.h" #include "gpgsm.h" #include "debug.h" /* A session is just a slot identifier with a per-slot session identifier. */ /* Must be power of two. */ #define SLOT_MAX (1 << 15) #define SESSION_SLOT_MASK (SLOT_MAX - 1) #define SESSION_SLOT_SHIFT 16 #define SESSION_MAX (1 << SESSION_SLOT_SHIFT) #define SESSION_ID_MASK (SESSION_MAX - 1) /* Get slot ID from session. */ #define SESSION_SLOT(session) \ ((session >> SESSION_SLOT_SHIFT) & SESSION_SLOT_MASK) /* Get session ID from session. */ #define SESSION_ID(session) (session & SESSION_ID_MASK) /* Because the slot is already 1-based, we can make the session 0-based. */ #define SESSION_BUILD_ID(slot, session) \ (((slot & SESSION_SLOT_MASK) << SESSION_SLOT_SHIFT) \ | (session & SESSION_ID_MASK)) /* We use one-based IDs. */ #define OBJECT_ID_TO_IDX(id) (id - 1) #define OBJECT_IDX_TO_ID(idx) (idx + 1) struct object { CK_ATTRIBUTE_PTR attributes; CK_ULONG attributes_count; }; /* A mechanism. */ struct mechanism { CK_MECHANISM_TYPE type; CK_MECHANISM_INFO info; }; /* We use one-based IDs. */ #define MECHANISM_ID_TO_IDX(id) (id - 1) #define MECHANISM_IDX_TO_ID(idx) (idx + 1) /* The session state. */ struct session { /* True iff read-write session. */ bool rw; /* The list of objects for the current search. */ object_iterator_t *search_result; /* The length of the list of objects for the current search. */ int search_result_len; /* The signing key. */ CK_OBJECT_HANDLE signing_key; }; /* The slot status. */ typedef enum { SLOT_STATUS_USED = 0, SLOT_STATUS_DEAD = 1 } slot_status_t; struct slot { /* The slot status. Starts out as 0 (pristine). */ slot_status_t status; /* The slot login status. Starts out as 0 (public). */ slot_login_t login; /* True iff a token is present. */ bool token_present; /* The supported mechanisms. */ scute_table_t mechanisms; /* The sessions. */ scute_table_t sessions; /* The objects on the token. */ scute_table_t objects; /* The info about the current token. */ struct agent_card_info_s info; }; /* The slot table. */ static scute_table_t slots; /* Deallocator for mechanisms. */ static void mechanism_dealloc (void *data) { free (data); } /* Allocator for mechanisms. The hook must be a pointer to a CK_FLAGS that should be a combination of CKF_SIGN and/or CKF_DECRYPT. */ static gpg_error_t mechanism_alloc (void **data_r, void *hook) { struct mechanism *mechanism; CK_FLAGS *flags = hook; mechanism = calloc (1, sizeof (*mechanism)); if (mechanism == NULL) return gpg_error_from_syserror (); /* Set some default values. */ mechanism->type = CKM_RSA_PKCS; mechanism->info.ulMinKeySize = 1024; mechanism->info.ulMaxKeySize = 4096; mechanism->info.flags = CKF_HW | (*flags); *data_r = mechanism; return 0; } static void object_dealloc (void *data) { struct object *obj = data; while (0 < obj->attributes_count--) free (obj->attributes[obj->attributes_count].pValue); free (obj->attributes); free (obj); } /* Allocator for objects. The hook is currently unused. */ static gpg_error_t object_alloc (void **data_r, void *hook) { struct object *object; (void) hook; object = calloc (1, sizeof (*object)); if (object == NULL) return gpg_error_from_syserror (); *data_r = object; return 0; } static void session_dealloc (void *data) { struct session *session = data; if (session->search_result) free (session->search_result); free (session); } /* Allocator for sessions. The hook is currently unused. */ static gpg_error_t session_alloc (void **data_r, void *hook) { struct session *session; (void) hook; session = calloc (1, sizeof (*session)); if (session == NULL) return gpg_error_from_syserror (); *data_r = session; return 0; } /* Deallocator for slots. */ static void slot_dealloc (void *data) { struct slot *slot = data; scute_table_destroy (slot->sessions); scute_table_destroy (slot->mechanisms); scute_table_destroy (slot->objects); free (slot); } /* Allocator for slots. The hook does not indicate anything at this point. */ static gpg_error_t slot_alloc (void **data_r, void *hook) { gpg_error_t err; struct slot *slot; int idx; CK_FLAGS flags; (void) hook; slot = calloc (1, sizeof (*slot)); if (slot == NULL) return gpg_error_from_syserror (); err = scute_table_create (&slot->mechanisms, mechanism_alloc, mechanism_dealloc); if (err) goto slot_alloc_out; /* Register the signing mechanism. */ flags = CKF_SIGN; err = scute_table_alloc (slot->mechanisms, &idx, NULL, &flags); if (err) goto slot_alloc_out; err = scute_table_create (&slot->sessions, session_alloc, session_dealloc); if (err) goto slot_alloc_out; err = scute_table_create (&slot->objects, object_alloc, object_dealloc); if (err) goto slot_alloc_out; slot->status = SLOT_STATUS_USED; slot->token_present = false; slot->login = SLOT_LOGIN_PUBLIC; *data_r = slot; slot_alloc_out: if (err) slot_dealloc (slot); return err; } /* Initialize the slot list. */ CK_RV scute_slots_initialize (void) { gpg_error_t err; int slot_idx; err = scute_table_create (&slots, slot_alloc, slot_dealloc); if (err) return err; /* Allocate a new slot for authentication. */ err = scute_table_alloc (slots, &slot_idx, NULL, NULL); if (err) scute_slots_finalize (); /* FIXME: Allocate a new slot for signing and decryption of email. */ return scute_gpg_err_to_ck (err); } void scute_slots_finalize (void) { if (slots == NULL) return; /* This recursively releases all slots and any objects associated with them. */ scute_table_destroy (slots); slots = NULL; } /* Reset the slot SLOT after the token has been removed. */ static void slot_reset (slot_iterator_t id) { struct slot *slot = scute_table_data (slots, id); int oid; /* This also resets the login state. */ slot_close_all_sessions (id); oid = scute_table_first (slot->objects); while (!scute_table_last (slot->objects, oid)) scute_table_dealloc (slot->objects, &oid); assert (scute_table_used (slot->objects) == 0); scute_agent_release_card_info (&slot->info); slot->token_present = false; } static gpg_error_t add_object (void *hook, CK_ATTRIBUTE_PTR attrp, CK_ULONG attr_countp) { gpg_error_t err; struct slot *slot = hook; struct object *object; unsigned int oidx; void *objp; err = scute_table_alloc (slot->objects, &oidx, &objp, NULL); if (err) return err; object = objp; object->attributes = attrp; object->attributes_count = attr_countp; return 0; } /* Initialize the slot after a token has been inserted. SLOT->info must already be valid. */ static gpg_error_t slot_init (slot_iterator_t id) { gpg_error_t err = 0; struct slot *slot = scute_table_data (slots, id); key_info_t ki; for (ki = slot->info.kinfo; ki; ki = ki->next) { err = scute_gpgsm_get_cert (ki->grip, ki->keyref, add_object, slot); if (err) goto leave; } /* FIXME: Perform the rest of the initialization of the token. */ slot->token_present = true; leave: if (err) slot_reset (id); return err; } /* Update the slot SLOT. */ CK_RV slots_update_slot (slot_iterator_t id) { struct slot *slot = scute_table_data (slots, id); gpg_error_t err; if (slot->token_present) { err = scute_agent_check_status (); if (gpg_err_code (err) == GPG_ERR_CARD_REMOVED) slot_reset (id); else if (err) return scute_gpg_err_to_ck (err); else return 0; } /* At this point, the card was or is removed, and we need to reopen the session, if possible. */ err = scute_agent_learn (&slot->info); /* First check if this is really a PIV or an OpenPGP card. FIXME: * Should probably report the error in a better way and use a * generic way to identify cards without resorting to special-casing * PIV cards. */ if (!err && slot->info.is_piv) ; /* Okay, this is a PIV card. */ else if (!err && (!slot->info.serialno || strncmp (slot->info.serialno, "D27600012401", 12) || strlen (slot->info.serialno) != 32)) { DEBUG (DBG_INFO, "token not an OpenPGP card: %s", slot->info.serialno); err = gpg_error (GPG_ERR_CARD_NOT_PRESENT); scute_agent_release_card_info (&slot->info); } /* We also ignore card errors, because unusable cards should not affect slots, and firefox is quite unhappy about returning errors here. */ if (gpg_err_code (err) == GPG_ERR_CARD_REMOVED || gpg_err_code (err) == GPG_ERR_CARD_NOT_PRESENT || gpg_err_code (err) == GPG_ERR_CARD || gpg_err_code (err) == GPG_ERR_ENODEV) /* Nothing to do. */ err = 0; else if (err == 0) err = slot_init (id); return scute_sys_to_ck (err); } /* Update the slot list by finding new devices. Please note that Mozilla NSS currently assumes that the slot list never shrinks (see TODO file for a discussion). This is the only function allowed to manipulate the slot list. */ CK_RV slots_update (void) { slot_iterator_t id = scute_table_first (slots); while (!scute_table_last (slots, id)) { CK_RV err; err = slots_update_slot (id); if (err) return err; id = scute_table_next (slots, id); } return CKR_OK; } /* Begin iterating over the list of slots. */ CK_RV slots_iterate_first (slot_iterator_t *slot) { *slot = scute_table_first (slots); return CKR_OK; } /* Continue iterating over the list of slots. */ CK_RV slots_iterate_next (slot_iterator_t *slot) { *slot = scute_table_next (slots, *slot); return CKR_OK; } /* Return true iff the previous slot was the last one. */ bool slots_iterate_last (slot_iterator_t *slot) { return scute_table_last (slots, *slot); } /* Acquire the slot for the slot ID ID. */ CK_RV slots_lookup (CK_SLOT_ID id, slot_iterator_t *id_r) { struct slot *slot = scute_table_data (slots, id); if (slot == NULL) return CKR_SLOT_ID_INVALID; *id_r = id; return CKR_OK; } /* Return true iff a token is present in slot SLOT. */ bool slot_token_present (slot_iterator_t id) { struct slot *slot = scute_table_data (slots, id); return slot->token_present; } /* Return the token label. We use the dispserialno here too because * Firefox prints that value in the prompt ("Stored at:"). */ const char * slot_token_label (slot_iterator_t id) { return slot_token_serial (id); } /* Get the manufacturer of the token. */ const char * slot_token_manufacturer (slot_iterator_t id) { struct slot *slot = scute_table_data (slots, id); unsigned int uval; if (slot->info.is_piv) { if (slot->info.cardtype && !strcmp (slot->info.cardtype, "yubikey")) return "Yubikey"; return "Unknown"; } /* slots_update() makes sure this is valid. */ uval = xtoi_2 (slot->info.serialno + 16) * 256 + xtoi_2 (slot->info.serialno + 18); /* Note: Make sure that there is no colon or linefeed in the string. */ switch (uval) { case 0x0001: return "PPC Card Systems"; case 0x0002: return "Prism"; case 0x0003: return "OpenFortress"; case 0x0004: return "Wewid AB"; case 0x0005: return "ZeitControl"; case 0x002A: return "Magrathea"; case 0x0000: case 0xffff: return "test card"; default: return (uval & 0xff00) == 0xff00? "unmanaged S/N range":"unknown"; } /* Not reached. */ } /* Get the application used on the token. */ const char * slot_token_application (slot_iterator_t id) { struct slot *slot = scute_table_data (slots, id); if (!slot) return "[ooops]"; /* slots_update() makes sure this is correct. */ if (slot->info.is_piv) return "PIV"; else return "OpenPGP"; } /* Get the serial number of the token. */ const char * slot_token_serial (slot_iterator_t id) { struct slot *slot = scute_table_data (slots, id); /* slots_update() makes sure this is valid. */ return slot->info.dispserialno? slot->info.dispserialno : slot->info.serialno; } /* Get the manufacturer of the token. */ void slot_token_version (slot_iterator_t id, CK_BYTE *hw_major, CK_BYTE *hw_minor, CK_BYTE *fw_major, CK_BYTE *fw_minor) { struct slot *slot = scute_table_data (slots, id); /* slots_update() makes sure serialno is valid. */ if (slot->info.is_piv) { *hw_major = 0; *hw_minor = 0; *fw_major = 0; *fw_minor = 0; } else { *hw_major = xtoi_2 (slot->info.serialno + 12); *hw_minor = xtoi_2 (slot->info.serialno + 14); *fw_major = 0; *fw_minor = 0; } } /* Get the maximum and minimum pin length. */ void slot_token_maxpinlen (slot_iterator_t id, CK_ULONG *max, CK_ULONG *min) { struct slot *slot = scute_table_data (slots, id); /* In version 2 of the OpenPGP card, the second counter is for the reset operation, so we only take the first counter. */ *max = slot->info.chvmaxlen[0]; /* FIXME: This is true at least for the user pin (CHV1 and CHV2). */ *min = 6; } /* Get the maximum and the actual pin count. */ void slot_token_pincount (slot_iterator_t id, int *max, int *len) { struct slot *slot = scute_table_data (slots, id); *max = 3; /* In version 2 of the OpenPGP card, the second counter is for the reset operation, so we only take the first counter. */ *len = slot->info.chvretry[0]; } /* Return the ID of slot SLOT. */ CK_SLOT_ID slot_get_id (slot_iterator_t slot) { return slot; } /* Return true if the token supports the GET CHALLENGE operation. */ bool slot_token_has_rng (slot_iterator_t id) { struct slot *slot = scute_table_data (slots, id); return slot->info.rng_available; } /* Mechanism management. */ /* Begin iterating over the list of mechanisms. */ CK_RV mechanisms_iterate_first (slot_iterator_t id, mechanism_iterator_t *mechanism) { struct slot *slot = scute_table_data (slots, id); *mechanism = scute_table_first (slot->mechanisms); return CKR_OK; } /* Continue iterating over the list of mechanisms. */ CK_RV mechanisms_iterate_next (slot_iterator_t id, mechanism_iterator_t *mechanism) { struct slot *slot = scute_table_data (slots, id); *mechanism = scute_table_next (slot->mechanisms, *mechanism); return CKR_OK; } /* Return true iff the previous slot was the last one. */ bool mechanisms_iterate_last (slot_iterator_t id, mechanism_iterator_t *mechanism) { struct slot *slot = scute_table_data (slots, id); return scute_table_last (slot->mechanisms, *mechanism); } /* Acquire the mechanism TYPE for the slot id ID. */ CK_RV mechanisms_lookup (slot_iterator_t id, mechanism_iterator_t *mid_r, CK_MECHANISM_TYPE type) { struct slot *slot = scute_table_data (slots, id); int mid = scute_table_first (slot->mechanisms); while (!scute_table_last (slot->mechanisms, mid)) { struct mechanism *mechanism = scute_table_data (slot->mechanisms, mid); if (mechanism->type == type) { *mid_r = mid; return CKR_OK; } mid = scute_table_next (slot->mechanisms, mid); } return CKR_MECHANISM_INVALID; } /* Return the type of mechanism MID in slot ID. */ CK_MECHANISM_TYPE mechanism_get_type (slot_iterator_t id, mechanism_iterator_t mid) { struct slot *slot = scute_table_data (slots, id); struct mechanism *mechanism = scute_table_data (slot->mechanisms, mid); return mechanism->type; } /* Return the info of mechanism MID. */ CK_MECHANISM_INFO_PTR mechanism_get_info (slot_iterator_t id, mechanism_iterator_t mid) { struct slot *slot = scute_table_data (slots, id); struct mechanism *mechanism = scute_table_data (slot->mechanisms, mid); return &mechanism->info; } /* Session management. */ /* Create a new session. */ CK_RV slot_create_session (slot_iterator_t id, session_iterator_t *session, bool rw) { int err; struct slot *slot = scute_table_data (slots, id); unsigned int tsid; void *rawp; struct session *session_p; assert (slot); if (scute_table_used (slot->sessions) == SESSION_MAX) return CKR_SESSION_COUNT; if (slot->login == SLOT_LOGIN_SO && !rw) return CKR_SESSION_READ_WRITE_SO_EXISTS; err = scute_table_alloc (slot->sessions, &tsid, &rawp, NULL); if (err) return scute_sys_to_ck (err); session_p = rawp; session_p->rw = rw; session_p->search_result = NULL; session_p->search_result_len = 0; session_p->signing_key = CK_INVALID_HANDLE; *session = SESSION_BUILD_ID (id, tsid); return CKR_OK; } /* Look up session. */ CK_RV slots_lookup_session (CK_SESSION_HANDLE sid, slot_iterator_t *id, session_iterator_t *session_id) { CK_RV err; unsigned int idx = SESSION_SLOT (sid); unsigned session_idx = SESSION_ID (sid); struct slot *slot; /* Verify the slot. */ err = slots_lookup (SESSION_SLOT (sid), id); if (err) return err; *session_id = session_idx; /* Verify the session. */ slot = scute_table_data (slots, idx); if (!scute_table_data (slot->sessions, session_idx)) return CKR_SESSION_HANDLE_INVALID; return 0; } /* Close the session. */ CK_RV slot_close_session (slot_iterator_t id, session_iterator_t sid) { struct slot *slot = scute_table_data (slots, id); scute_table_dealloc (slot->sessions, &sid); /* At last session closed, return to public sessions. */ if (!scute_table_used (slot->sessions)) slot->login = SLOT_LOGIN_PUBLIC; return CKR_OK; } /* Close all sessions. */ CK_RV slot_close_all_sessions (slot_iterator_t id) { struct slot *slot = scute_table_data (slots, id); int sid = scute_table_first (slot->sessions); while (!scute_table_last (slot->sessions, sid)) { slot_close_session (id, sid); sid = scute_table_next (slot->sessions, sid); } assert (scute_table_used (slot->sessions) == 0); return CKR_OK; } /* Get the RW flag from the session SID in slot ID. */ bool session_get_rw (slot_iterator_t id, session_iterator_t sid) { struct slot *slot = scute_table_data (slots, id); struct session *session = scute_table_data (slot->sessions, sid); return session->rw; } /* Get the login state from the slot ID. */ slot_login_t slot_get_status (slot_iterator_t id) { struct slot *slot = scute_table_data (slots, id); return slot->status; } /* Object management. */ /* Begin iterating over the list of objects. */ CK_RV objects_iterate_first (slot_iterator_t id, object_iterator_t *object) { struct slot *slot = scute_table_data (slots, id); *object = scute_table_first (slot->objects); return CKR_OK; } /* Continue iterating over the list of objects. */ CK_RV objects_iterate_next (slot_iterator_t id, object_iterator_t *object) { struct slot *slot = scute_table_data (slots, id); *object = scute_table_next (slot->objects, *object); return CKR_OK; } /* Return true iff the previous slot was the last one. */ bool objects_iterate_last (slot_iterator_t id, object_iterator_t *object) { struct slot *slot = scute_table_data (slots, id); return scute_table_last (slot->objects, *object); } /* Return the max. number of objects in the slot. May overcount somewhat. */ CK_RV slot_get_object_count (slot_iterator_t id, int *nr) { struct slot *slot = scute_table_data (slots, id); *nr = scute_table_used (slot->objects); return CKR_OK; } /* Get the object information for object OBJECT_ID in slot ID. */ CK_RV slot_get_object (slot_iterator_t id, object_iterator_t oid, CK_ATTRIBUTE_PTR *obj, CK_ULONG *obj_count) { struct slot *slot = scute_table_data (slots, id); struct object *object = scute_table_data (slot->objects, oid); if (!object) return CKR_OBJECT_HANDLE_INVALID; *obj = object->attributes; *obj_count = object->attributes_count; return 0; } /* Set the result of a search for session SID in slot ID to SEARCH_RESULT and SEARCH_RESULT_LEN. */ CK_RV session_set_search_result (slot_iterator_t id, session_iterator_t sid, object_iterator_t *search_result, int search_result_len) { struct slot *slot = scute_table_data (slots, id); struct session *session = scute_table_data (slot->sessions, sid); if (session->search_result && session->search_result != search_result) free (session->search_result); session->search_result = search_result; session->search_result_len = search_result_len; return 0; } /* Get the stored search result for the session SID in slot ID. */ CK_RV session_get_search_result (slot_iterator_t id, session_iterator_t sid, object_iterator_t **search_result, int *search_result_len) { struct slot *slot = scute_table_data (slots, id); struct session *session = scute_table_data (slot->sessions, sid); assert (search_result); assert (search_result_len); *search_result = session->search_result; *search_result_len = session->search_result_len; return 0; } /* Set the signing key for session SID in slot ID to KEY. */ CK_RV session_set_signing_key (slot_iterator_t id, session_iterator_t sid, object_iterator_t key) { struct slot *slot = scute_table_data (slots, id); struct session *session = scute_table_data (slot->sessions, sid); CK_RV err; CK_ATTRIBUTE_PTR attr; CK_ULONG attr_count; CK_OBJECT_CLASS key_class = CKO_PRIVATE_KEY; err = slot_get_object (id, key, &attr, &attr_count); if (err) return err; /* FIXME: What kind of strange loop is this? */ while (attr_count-- > 0) if (attr->type == CKA_CLASS) break; if (attr_count == (CK_ULONG) -1) return CKR_KEY_HANDLE_INVALID; if (attr->ulValueLen != sizeof (key_class) || memcmp (attr->pValue, &key_class, sizeof (key_class))) return CKR_KEY_HANDLE_INVALID; /* It's the private RSA key object. */ session->signing_key = key; return 0; } /* FIXME: The description is wrong: Set the signing key for session SID in slot ID to KEY. */ CK_RV session_sign (slot_iterator_t id, session_iterator_t sid, CK_BYTE_PTR pData, CK_ULONG ulDataLen, CK_BYTE_PTR pSignature, CK_ULONG_PTR pulSignatureLen) { struct slot *slot = scute_table_data (slots, id); struct session *session = scute_table_data (slot->sessions, sid); gpg_error_t err; CK_ATTRIBUTE_PTR attr; CK_ULONG attr_count; CK_OBJECT_CLASS key_class = CKO_PRIVATE_KEY; unsigned int sig_len; CK_BYTE key_id[100]; int i; const char *keyref; if (!pSignature) return CKR_ARGUMENTS_BAD; if (!session->signing_key) return CKR_OPERATION_NOT_INITIALIZED; err = slot_get_object (id, session->signing_key, &attr, &attr_count); if (err) return err; if (attr_count == (CK_ULONG) -1) return CKR_KEY_HANDLE_INVALID; if (attr->ulValueLen != sizeof (key_class) || memcmp (attr->pValue, &key_class, sizeof (key_class))) return CKR_KEY_HANDLE_INVALID; /* Find the CKA_ID */ for (i = 0; i < attr_count; i++) if (attr[i].type == CKA_ID) break; if (i == attr_count) return CKR_GENERAL_ERROR; if (attr[i].ulValueLen >= sizeof key_id - 1) return CKR_GENERAL_ERROR; strncpy (key_id, attr[i].pValue, attr[i].ulValueLen); key_id[attr[i].ulValueLen] = 0; DEBUG (DBG_INFO, "Found CKA_ID '%s'", key_id); for (keyref=key_id; *keyref && *keyref != ' '; keyref++) ; if (*keyref) keyref++; /* Point to the grip. */ DEBUG (DBG_INFO, "Using keyref '%s'", keyref); sig_len = *pulSignatureLen; err = scute_agent_sign (keyref, pData, ulDataLen, pSignature, &sig_len); /* Take care of error codes which are not mapped by default. */ if (gpg_err_code (err) == GPG_ERR_INV_LENGTH) return CKR_BUFFER_TOO_SMALL; else if (gpg_err_code (err) == GPG_ERR_INV_ARG) return CKR_ARGUMENTS_BAD; else return scute_gpg_err_to_ck (err); } diff --git a/src/table.c b/src/table.c index a1d4869..1101590 100644 --- a/src/table.c +++ b/src/table.c @@ -1,319 +1,310 @@ /* table.c - Indexed table implementation. - Copyright (C) 2006, 2007 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006, 2007 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #if HAVE_CONFIG_H #include #endif #include #include #include #include "table.h" /* Indices are 1 based externally, but 0 based internally. */ #define INDEX_COPY_IN(idx) ((idx) - 1) #define INDEX_COPY_OUT(idx) ((idx) + 1) /* End of table marker. */ #define INDEX_EOT (-1) /* This is an indexed list implementation. It only supports storing and retrieving pointers. One would like to support arbitrary data types inline, but this is not possible in a portable manner, because of aliasing and alignment restrictions. Note that this implementation is only fast if the lists are very short. */ struct scute_table { /* The user data pointers. */ void **data; /* The size of DATA. */ int size; /* The number of used entries in DATA. */ int used; /* The index of the lowest entry that is unused. */ int first_free; /* The index after the highest entry that is used. */ int last_used; /* The allocator and deallocator callback. */ scute_table_alloc_cb_t alloc; scute_table_dealloc_cb_t dealloc; }; /* Some support functions for iteration. */ /* Return the first element in TABLE. */ static int index_first (scute_table_t table) { int index = 0; while (index < table->last_used && table->data[index] == NULL) index++; if (index == table->last_used) return INDEX_EOT; return index; } /* Return the element following INDEX, or the end-of-list marker if INDEX is the last element on the list. */ static int index_next (scute_table_t table, int index) { index++; while (index < table->last_used && table->data[index] == NULL) index++; if (index >= table->last_used) index = INDEX_EOT; return index; } /* TABLE interface implementation. */ /* Create a new table and return it in TABLE_R. */ gpg_error_t scute_table_create (scute_table_t *table_r, scute_table_alloc_cb_t alloc, scute_table_dealloc_cb_t dealloc) { scute_table_t table; table = malloc (sizeof (*table)); if (!table) return gpg_error_from_syserror (); table->data = NULL; table->size = 0; table->used = 0; table->first_free = 0; table->last_used = 0; table->alloc = alloc; table->dealloc = dealloc; *table_r = table; return 0; } /* Destroy the indexed list TABLE. The user has to make sure that the existing entries are not needed anymore before calling this function. */ void scute_table_destroy (scute_table_t table) { int idx = 0; if (table == NULL) return; for (idx = 0; idx < table->last_used; idx++) if (table->data[idx] != NULL) (*table->dealloc) (table->data[idx]); if (table->data) free (table->data); free (table); } /* The initial table size. */ #define TABLE_START_SIZE 4 /* Allocate a new table entry with a free index. Returns the index pointing to the new list entry in INDEX_R. This calls the allocator on the new entry before returning. Also returns the table entry in *DATA_R if this is not NULL. */ gpg_error_t scute_table_alloc (scute_table_t table, int *index_r, void **data_r, void *hook) { gpg_error_t err; int idx; void *data; if (table->used == table->size) { unsigned int size_new = table->size ? 2 * table->size : TABLE_START_SIZE; void *data_new; data_new = realloc (table->data, size_new * sizeof (*(table->data))); if (!data_new) return gpg_error_from_syserror (); table->first_free = table->size; table->data = data_new; table->size = size_new; } /* We may needlessly have increased the table size if this fails, but that is not a problem. */ err = (*table->alloc) (&data, hook); if (err) return err; for (idx = table->first_free; idx < table->last_used; idx++) if (table->data[idx] == NULL) break; /* The following setting for FIRST_FREE is safe, because if this was the last table entry, then the table is full and we will grow the table the next time we are called (if no elements are removed in the meantime. */ table->first_free = idx + 1; if (idx == table->last_used) table->last_used++; table->data[idx] = data; table->used++; *index_r = INDEX_COPY_OUT (idx); if (data_r != NULL) *data_r = data; return 0; } /* Deallocate the list entry index. Afterwards, INDEX points to the following entry. This calls the deallocator on the entry before returning. */ void scute_table_dealloc (scute_table_t table, int *index) { int idx = INDEX_COPY_IN (*index); void *data = NULL; if (idx == INDEX_EOT) return; assert (idx >= 0 && idx < table->last_used); assert (table->data[idx] != NULL); data = table->data[idx]; table->data[idx] = NULL; table->used--; if (idx < table->first_free) table->first_free = idx; /* Update TABLE->last_used if necessary. */ if (idx + 1 == table->last_used) while (table->last_used > 0) { if (table->data[table->last_used - 1] != NULL) break; table->last_used--; } *index = INDEX_COPY_OUT (index_next (table, idx)); (*table->dealloc) (data); } /* Return the iterator for the beginning of the list TABLE. */ int scute_table_first (scute_table_t table) { if (table->used) { if (table->data[0] != NULL) return INDEX_COPY_OUT (0); else return INDEX_COPY_OUT (index_first (table)); } return 0; } /* Return the index following INDEX. If INDEX is the last element in the list, return 0. */ int scute_table_next (scute_table_t table, int index) { int idx = INDEX_COPY_IN (index); if (idx == INDEX_EOT) return 0; idx = index_next (table, idx); return INDEX_COPY_OUT (idx); } /* Return true iff INDEX is the end-of-list marker. */ bool scute_table_last (scute_table_t table, int index) { (void) table; return INDEX_COPY_IN (index) == INDEX_EOT; } /* Return the user data associated with INDEX. Return NULL if INDEX is not valid. */ void * scute_table_data (scute_table_t table, int index) { int idx = INDEX_COPY_IN (index); if (idx >= 0 && idx < table->last_used) return table->data[idx]; return NULL; } /* Return the number of entries in the table TABLE. */ int scute_table_used (scute_table_t table) { return table->used; } diff --git a/src/table.h b/src/table.h index c75c7f7..e31db2f 100644 --- a/src/table.h +++ b/src/table.h @@ -1,90 +1,81 @@ /* table.h - Iterative table interface. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #ifndef TABLE_H #define TABLE_H 1 #include #include /* The indexed list type. */ struct scute_table; typedef struct scute_table *scute_table_t; /* TABLE interface. */ /* A table entry allocator function callback. Should return the new table entry in DATA_R. */ typedef gpg_error_t (*scute_table_alloc_cb_t) (void **data_r, void *hook); /* A table entry deallocator function callback. */ typedef void (*scute_table_dealloc_cb_t) (void *data); /* Allocate a new table and return it in TABLE_R. */ gpg_error_t scute_table_create (scute_table_t *table_r, scute_table_alloc_cb_t alloc, scute_table_dealloc_cb_t dealloc); /* Destroy the indexed list TABLE. This also calls the deallocator on all entries. */ void scute_table_destroy (scute_table_t table); /* Allocate a new table entry with a free index. Returns the index pointing to the new list entry in INDEX_R. This calls the allocator on the new entry before returning. Also returns the table entry in *DATA_R if this is not NULL. */ gpg_error_t scute_table_alloc (scute_table_t table, int *index_r, void **data_r, void *hook); /* Deallocate the list entry index. Afterwards, INDEX points to the following entry. This calls the deallocator on the entry before returning. */ void scute_table_dealloc (scute_table_t table, int *index); /* Return the index for the beginning of the list TABLE. */ int scute_table_first (scute_table_t table); /* Return the index following INDEX. If INDEX is the last element in the list, return 0. */ int scute_table_next (scute_table_t table, int index); /* Return true iff INDEX is the end-of-list marker. */ bool scute_table_last (scute_table_t table, int index); /* Return the user data associated with INDEX. Return NULL if INDEX is the end-of-list marker. */ void *scute_table_data (scute_table_t table, int index); /* Return the number of entries in the table TABLE. */ int scute_table_used (scute_table_t table); #endif /* !TABLE_H */ diff --git a/src/versioninfo.rc.in b/src/versioninfo.rc.in index 6968473..4be84a9 100644 --- a/src/versioninfo.rc.in +++ b/src/versioninfo.rc.in @@ -1,52 +1,52 @@ /* versioninfo.rc.in - for scute - * Copyright (C) 2005 g10 Code GmbH - * + * Copyright (C) 2005 g10 Code GmbH + * * This file is free software; as a special exception the author gives * unlimited permission to copy and/or distribute it, with or without * modifications, as long as this notice is preserved. * * This program is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY, to the extent permitted by law; without even the * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * SPDX-License-Identifier: FSFULLR */ - + /* This file is processed by configure to create versioninfo.rc */ #line __LINE__ "versioninfo.rc.in" #include VS_VERSION_INFO VERSIONINFO FILEVERSION @LIBSCUTE_LT_CURRENT@,@LIBSCUTE_LT_AGE@,@LIBSCUTE_LT_REVISION@,@BUILD_REVISION_DEC@ PRODUCTVERSION @BUILD_FILEVERSION@ FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x21L #else FILEFLAGS 0x20L #endif FILEOS 0x40004L FILETYPE 0x1L FILESUBTYPE 0x0L BEGIN BLOCK "StringFileInfo" BEGIN BLOCK "040904b0" BEGIN - VALUE "Comments", "Provided under the terms of the GNU Lesser General Public License version 2 or later with a special exception for Mozilla based software.\0" + VALUE "Comments", "Provided under the terms of the GNU Lesser General Public License version 2.1.\0" VALUE "CompanyName", "g10 Code GmbH\0" VALUE "FileDescription", "SCUTE - The GnuPG PKCS#11 interface\0" VALUE "FileVersion", "@LIBSCUTE_LT_CURRENT@.@LIBSCUTE_LT_AGE@.@LIBSCUTE_LT_REVISION@.@BUILD_REVISION@\0" VALUE "InternalName", "scute\0" VALUE "LegalCopyright", "Copyright © 2005, 2008, 2009 g10 Code GmbH\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "scute.dll\0" VALUE "PrivateBuild", "\0" VALUE "ProductName", "SCUTE\0" VALUE "ProductVersion", "@VERSION@\0" VALUE "SpecialBuild", "@BUILD_TIMESTAMP@\0" END END END - diff --git a/tests/Makefile.am b/tests/Makefile.am index 311303d..c438dd1 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -1,48 +1,38 @@ # Makefile.am - Makefile in tests/ for scute. # Copyright (C) 2006 g10 Code GmbH -# +# # This file is part of Scute. # # Scute is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. # # Scute is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Scute; if not, write to the Free Software Foundation, -# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +# Lesser General Public License for more details. # -# In addition, as a special exception, g10 Code GmbH gives permission -# to link this library: with the Mozilla Foundation's code for -# Mozilla (or with modified versions of it that use the same license -# as the "Mozilla" code), and distribute the linked executables. You -# must obey the GNU General Public License in all respects for all of -# the code used other than "Mozilla". If you modify this file, you -# may extend this exception to your version of the file, but you are -# not obligated to do so. If you do not wish to do so, delete this -# exception statement from your version. +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . +# SPDX-License-Identifier: LGPL-2.1-or-later ## Process this file with automake to produce Makefile.in noinst_HEADERS = t-support.h TESTS = t-link t-getfunctionlist t-initialize t-getinfo t-getslotlist \ t-getslotinfo t-gettokeninfo t-getmechanismlist t-getmechanisminfo \ t-opensession t-closeallsessions t-getsessioninfo \ t-findobjects t-getattribute t-auth t-generaterandom noinst_PROGRAMS = $(TESTS) EXTRA_DIST = clean-socketdir TESTS_ENVIRONMENT = GNUPGHOME=`/bin/pwd` GPG_AGENT_INFO= LC_ALL=C AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/src LDADD = ../src/scute.la clean-local: $(TESTS_ENVIRONMENT) $(srcdir)/clean-socketdir diff --git a/tests/t-auth.c b/tests/t-auth.c index ba69ccd..3ac60ad 100644 --- a/tests/t-auth.c +++ b/tests/t-auth.c @@ -1,160 +1,151 @@ /* t-auth.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" CK_RV dump_one (unsigned char *data, int size) { bool some; int i; some = false; for (i = 0; i < size; i++) { if (some == false) { printf (" "); some = true; } printf ("%02x", data[i]); if (((i + 1) % 32) == 0) { printf ("\n"); some = false; } } if (some) printf ("\n"); return 0; } CK_RV sign_with_object (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object) { CK_RV err; CK_MECHANISM mechanism = { CKM_RSA_PKCS, NULL_PTR, 0 }; CK_BYTE data[36] = "01234567890123456789012345678901234"; CK_BYTE sig[256]; CK_ULONG sig_len = sizeof (sig); err = C_SignInit (session, &mechanism, object); if (err) return err; err = C_Sign (session, data, sizeof (data), sig, &sig_len); if (err) return err; printf (" Sign Result: Length %lu\n", sig_len); err = dump_one (sig, sig_len); if (err) return err; return 0; } int main (int argc, char *argv[]) { CK_RV err; CK_SLOT_ID_PTR slots; CK_ULONG slots_count; unsigned int i; (void) argc; (void) argv; init_cryptoki (); err = C_GetSlotList (true, NULL, &slots_count); fail_if_err (err); if (slots_count == 0) { printf ("Skipping test because no token is present.\n"); return 77; } printf ("Number of slots with tokens: %lu\n", slots_count); slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (true, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) { CK_SESSION_HANDLE session; CK_OBJECT_CLASS obj_class = CKO_PRIVATE_KEY; CK_ATTRIBUTE attr[] = { { CKA_CLASS, &obj_class, sizeof (obj_class) } }; CK_OBJECT_HANDLE object; CK_ULONG count; printf ("%2i. Slot ID %lu\n", i, slots[i]); err = C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &session); fail_if_err (err); printf (" Session ID: %lu\n", session); err = C_FindObjectsInit (session, attr, DIM (attr)); fail_if_err (err); do { err = C_FindObjects (session, &object, 1, &count); fail_if_err (err); if (count) { printf (" Object Handle: %lu\n", object); err = sign_with_object (session, object); fail_if_err (err); } } while (count); err = C_FindObjectsFinal (session); fail_if_err (err); err = C_CloseSession (session); fail_if_err (err); } return 0; } diff --git a/tests/t-closeallsessions.c b/tests/t-closeallsessions.c index 69d8b53..f118590 100644 --- a/tests/t-closeallsessions.c +++ b/tests/t-closeallsessions.c @@ -1,94 +1,85 @@ /* t-closeallsessions.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" int main (int argc, char *argv[]) { CK_RV err; CK_SLOT_ID_PTR slots; CK_SESSION_HANDLE_PTR sessions; CK_ULONG slots_count; unsigned int i; (void) argc; (void) argv; init_cryptoki (); err = C_GetSlotList (true, NULL, &slots_count); fail_if_err (err); if (slots_count == 0) { printf ("Skipping test because no token is present.\n"); return 77; } printf ("Number of slots with tokens: %lu\n", slots_count); slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); sessions = malloc (sizeof (CK_SESSION_HANDLE) * slots_count * 2); if (!sessions) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (true, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) { printf ("%2i. Slot ID %lu\n", i, slots[i]); err = C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[2 * i]); fail_if_err (err); printf (" Session ID 1: %lu\n", sessions[2 * i]); err = C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[2 * i + 1]); fail_if_err (err); printf (" Session ID 2: %lu\n", sessions[2 * i + 1]); } for (i = 0; i < slots_count; i++) { err = C_CloseAllSessions (slots[i]); fail_if_err (err); } return 0; } diff --git a/tests/t-findobjects.c b/tests/t-findobjects.c index fc0cd24..f0e02b5 100644 --- a/tests/t-findobjects.c +++ b/tests/t-findobjects.c @@ -1,119 +1,110 @@ /* t-findobjects.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" int main (int argc, char *argv[]) { CK_RV err; CK_SLOT_ID_PTR slots; CK_ULONG slots_count; unsigned int i; (void) argc; (void) argv; init_cryptoki (); err = C_GetSlotList (true, NULL, &slots_count); fail_if_err (err); if (slots_count == 0) { printf ("Skipping test because no token is present.\n"); return 77; } printf ("Number of slots with tokens: %lu\n", slots_count); slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (true, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) { CK_SESSION_HANDLE session; CK_OBJECT_HANDLE object; CK_ULONG count; CK_BBOOL cert_token = CK_TRUE; CK_OBJECT_CLASS cert_class = CKO_CERTIFICATE; CK_ATTRIBUTE attr[] = { { CKA_TOKEN, &cert_token, sizeof (cert_token) }, { CKA_CLASS, &cert_class, sizeof (cert_class) } }; - + printf ("%2i. Slot ID %lu\n", i, slots[i]); err = C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &session); fail_if_err (err); - + printf (" Session ID: %lu\n", session); err = C_FindObjectsInit (session, NULL, 0); fail_if_err (err); do { err = C_FindObjects (session, &object, 1, &count); fail_if_err (err); if (count) printf (" Object Handle: %lu\n", object); } while (count); printf (" Template Search: Token, Class\n"); err = C_FindObjectsInit (session, attr, DIM (attr)); fail_if_err (err); do { err = C_FindObjects (session, &object, 1, &count); fail_if_err (err); if (count) printf (" Object Handle: %lu\n", object); } while (count); err = C_FindObjectsFinal (session); fail_if_err (err); err = C_CloseSession (session); fail_if_err (err); } return 0; } diff --git a/tests/t-generaterandom.c b/tests/t-generaterandom.c index 675138d..425cc7e 100644 --- a/tests/t-generaterandom.c +++ b/tests/t-generaterandom.c @@ -1,105 +1,96 @@ /* t-generaterandom.c - Regression test. - Copyright (C) 2016 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2016 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" int main (int argc, char *argv[]) { CK_RV err; CK_SLOT_ID_PTR slots; CK_ULONG slots_count; unsigned int i; (void) argc; (void) argv; init_cryptoki (); err = C_GetSlotList (true, NULL, &slots_count); fail_if_err (err); if (slots_count == 0) { printf ("Skipping test because no token is present.\n"); return 77; } printf ("Number of slots with tokens: %lu\n", slots_count); slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (true, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) { CK_TOKEN_INFO info; printf ("%2i. Slot ID %lu\n", i, slots[i]); err = C_GetTokenInfo (slots[i], &info); fail_if_err (err); if ((info.flags & CKF_RNG) > 0) { CK_SESSION_HANDLE session; unsigned char buffer[16]; unsigned int j; printf(" RNG available\n"); err = C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &session); fail_if_err (err); printf (" Session ID: %lu\n", session); err = C_GenerateRandom (session, buffer, sizeof(buffer)); fail_if_err (err); printf (" Random bytes: 0x"); for (j = 0; j < sizeof(buffer); j++) printf ("%02x", buffer[j]); printf ("\n"); err = C_CloseSession (session); fail_if_err (err); } else printf (" No RNG available on token\n"); } return 0; } diff --git a/tests/t-getattribute.c b/tests/t-getattribute.c index 982aaae..a451460 100644 --- a/tests/t-getattribute.c +++ b/tests/t-getattribute.c @@ -1,627 +1,618 @@ /* t-getattribute.c - Regression test. - Copyright (C) 2006, 2007 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006, 2007 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include #include #include "t-support.h" /* If printable characters should be output "as-is". */ bool printable; CK_RV dump_one (CK_ATTRIBUTE_PTR attr, unsigned char *data, unsigned int max_size) { unsigned int i; int col; if (attr->ulValueLen > max_size) return CKR_GENERAL_ERROR; col = 0; for (i = 0; i < attr->ulValueLen; i++) { if (col == 0) printf (" "); if (printable) { if (isprint (data[i])) { printf ("%c", data[i]); col++; } else { printf ("\\x%02x", data[i]); col += 4; } } else { printf ("%02x", data[i]); col += 2; } if (col >= 64) { printf ("\n"); col = 0; } } if (col) printf ("\n"); return 0; } CK_RV dump_one_string (CK_ATTRIBUTE_PTR attr, unsigned char *data, unsigned int max_size) { unsigned int i; int blanks = 0; if (attr->ulValueLen > max_size) { putc ('\n', stdout); return CKR_GENERAL_ERROR; } for (i = 0; i < attr->ulValueLen; i++) { if (data[i] == ' ') { blanks++; continue; } for (; blanks; blanks--) putc (' ', stdout); putc (data[i], stdout); } putc ('\n', stdout); return 0; } CK_RV dump_object (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object) { CK_RV err; CK_OBJECT_CLASS obj_class; CK_ATTRIBUTE attr_class = { CKA_CLASS, &obj_class, sizeof (obj_class) }; err = C_GetAttributeValue (session, object, &attr_class, 1); if (err) return err; printf (" Object Class: %lu = ", obj_class); switch (obj_class) { #define MAX_CERT_LEN 4096 case CKO_CERTIFICATE: { CK_CERTIFICATE_TYPE cert_type; CK_BBOOL cert_token; CK_BBOOL cert_private; CK_BBOOL cert_modifiable; CK_BYTE cert_label[MAX_CERT_LEN]; CK_BBOOL cert_trusted; CK_ULONG cert_cc; CK_BYTE cert_check[3]; CK_DATE cert_sdate; CK_DATE cert_edate; CK_BYTE cert_subject[MAX_CERT_LEN]; CK_BYTE cert_id[MAX_CERT_LEN]; CK_BYTE cert_issuer[MAX_CERT_LEN]; CK_BYTE cert_serial[MAX_CERT_LEN]; CK_BYTE cert_value[MAX_CERT_LEN]; CK_ULONG cert_jm; /* Note that the order is encoded below in the various length checks. */ CK_ATTRIBUTE cert_attr[] = { { CKA_CERTIFICATE_TYPE, &cert_type, sizeof (cert_type) }, { CKA_TOKEN, &cert_token, sizeof (cert_token) }, { CKA_PRIVATE, &cert_private, sizeof (cert_private) }, { CKA_MODIFIABLE, &cert_modifiable, sizeof (cert_modifiable) }, { CKA_LABEL, &cert_label, sizeof (cert_label) }, { CKA_TRUSTED, &cert_trusted, sizeof (cert_trusted) }, { CKA_CERTIFICATE_CATEGORY, &cert_cc, sizeof (cert_cc) }, { CKA_CHECK_VALUE, &cert_check, sizeof (cert_check) }, { CKA_START_DATE, &cert_sdate, sizeof (cert_sdate) }, { CKA_END_DATE, &cert_edate, sizeof (cert_edate) }, { CKA_SUBJECT, &cert_subject, sizeof (cert_subject) }, { CKA_ID, &cert_id, sizeof (cert_id) }, { CKA_ISSUER, &cert_issuer, sizeof (cert_issuer) }, { CKA_SERIAL_NUMBER, &cert_serial, sizeof (cert_serial) }, { CKA_VALUE, cert_value, sizeof (cert_value) }, { CKA_URL, NULL, 0 }, { CKA_HASH_OF_SUBJECT_PUBLIC_KEY, NULL, 0 }, { CKA_HASH_OF_ISSUER_PUBLIC_KEY, NULL, 0 }, { CKA_JAVA_MIDP_SECURITY_DOMAIN, &cert_jm, sizeof (cert_jm) } }; printf ("CKO_CERTIFICATE\n"); err = C_GetAttributeValue (session, object, cert_attr, DIM (cert_attr)); if (err) return err; fail_if_err ((cert_attr[0].ulValueLen != sizeof (cert_type)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Type: %lu = ", cert_type); switch (cert_type) { case CKC_X_509: printf ("CKC_X_509"); break; case CKC_WTLS: printf ("CKC_WTLS"); break; case CKC_X_509_ATTR_CERT: printf ("CKC_X_509_ATTR_CERT"); break; default: printf ("(unknown"); break; } printf ("\n"); fail_if_err ((cert_attr[1].ulValueLen != sizeof (cert_token)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Token: %s\n", cert_token ? "true" : "false"); fail_if_err ((cert_attr[2].ulValueLen != sizeof (cert_private)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Private: %s\n", cert_private ? "true" : "false"); fail_if_err ((cert_attr[3].ulValueLen != sizeof (cert_modifiable)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Modifiable: %s\n", cert_modifiable ? "true" : "false"); printf (" Certificate Label: "); err = dump_one_string (&cert_attr[4], cert_label, sizeof (cert_label)); fail_if_err (err); fail_if_err ((cert_attr[5].ulValueLen != sizeof (cert_trusted)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Trusted: %s\n", cert_trusted ? "true" : "false"); fail_if_err ((cert_attr[6].ulValueLen != sizeof (cert_cc)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Category: %lu = ", cert_cc); switch (cert_cc) { case 0: printf ("unspecified"); break; case 1: printf ("token user"); break; case 2: printf ("authority"); break; case 3: printf ("other entity"); break; default: printf ("(unknown)"); break; } printf ("\n"); fail_if_err ((cert_attr[7].ulValueLen != sizeof (cert_check)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Check Value: %02x%02x%02x\n", cert_check[0], cert_check[1], cert_check[2]); if (cert_attr[8].ulValueLen && cert_attr[9].ulValueLen) { fail_if_err ((cert_attr[8].ulValueLen != sizeof (cert_sdate)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Start Date: %.4s/%.2s/%.2s\n", cert_sdate.year, cert_sdate.month, cert_sdate.day); fail_if_err ((cert_attr[9].ulValueLen != sizeof (cert_edate)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate End Date: %.4s/%.2s/%.2s\n", cert_edate.year, cert_edate.month, cert_edate.day); } printf (" Certificate Subject: Length %lu\n", cert_attr[10].ulValueLen); err = dump_one (&cert_attr[10], cert_subject, sizeof (cert_subject)); fail_if_err (err); printf (" Certificate ID: "); err = dump_one_string (&cert_attr[11], cert_id, sizeof (cert_id)); fail_if_err (err); printf (" Certificate Issuer: Length %lu\n", cert_attr[12].ulValueLen); err = dump_one (&cert_attr[12], cert_issuer, sizeof (cert_issuer)); fail_if_err (err); printf (" Certificate Serial Number: Length %lu\n", cert_attr[13].ulValueLen); err = dump_one (&cert_attr[13], cert_serial, sizeof (cert_serial)); fail_if_err (err); printf (" Certificate Value: Length %lu\n", cert_attr[14].ulValueLen); err = dump_one (&cert_attr[14], cert_value, sizeof (cert_value)); fail_if_err (err); fail_if_err ((cert_attr[15].ulValueLen != 0) ? CKR_GENERAL_ERROR : 0); fail_if_err ((cert_attr[16].ulValueLen != 0) ? CKR_GENERAL_ERROR : 0); fail_if_err ((cert_attr[17].ulValueLen != 0) ? CKR_GENERAL_ERROR : 0); fail_if_err ((cert_attr[18].ulValueLen != sizeof (cert_jm)) ? CKR_GENERAL_ERROR : 0); printf (" Certificate Java MIDP Security Domain: %lu = ", cert_jm); switch (cert_jm) { case 0: printf ("unspecified"); break; case 1: printf ("manufacturer"); break; case 2: printf ("operator"); break; case 3: printf ("third party"); break; default: printf ("(unknown)"); break; } printf ("\n"); } break; case CKO_PRIVATE_KEY: { CK_KEY_TYPE key_type; CK_BBOOL key_token; CK_BBOOL key_private; CK_BBOOL key_modifiable; CK_BYTE key_label[MAX_CERT_LEN]; CK_BYTE key_id[MAX_CERT_LEN]; CK_DATE key_sdate; CK_DATE key_edate; CK_BBOOL key_derive; CK_BBOOL key_local; CK_MECHANISM_TYPE key_gen; CK_MECHANISM_TYPE key_mechanisms[1]; /* FIXME, hard-coded constant. */ CK_BYTE key_subject[MAX_CERT_LEN]; CK_BBOOL key_sensitive; CK_BBOOL key_decrypt; CK_BBOOL key_sign; CK_BBOOL key_sign_recover; CK_BBOOL key_unwrap; CK_BBOOL key_extractable; CK_BBOOL key_always_sensitive; CK_BBOOL key_never_extractable; CK_BBOOL key_wrap_with_trusted; CK_BBOOL key_always_authenticate; CK_BYTE key_modulus[MAX_CERT_LEN]; CK_BYTE key_public_exp[MAX_CERT_LEN]; /* Note that the order is encoded below in the various length checks. */ CK_ATTRIBUTE key_attr[] = { { CKA_KEY_TYPE, &key_type, sizeof (key_type) }, { CKA_TOKEN, &key_token, sizeof (key_token) }, { CKA_PRIVATE, &key_private, sizeof (key_private) }, { CKA_MODIFIABLE, &key_modifiable, sizeof (key_modifiable) }, { CKA_LABEL, &key_label, sizeof (key_label) }, { CKA_ID, &key_id, sizeof (key_id) }, { CKA_START_DATE, &key_sdate, sizeof (key_sdate) }, { CKA_END_DATE, &key_edate, sizeof (key_edate) }, { CKA_DERIVE, &key_derive, sizeof (key_derive) }, { CKA_LOCAL, &key_local, sizeof (key_local) }, { CKA_KEY_GEN_MECHANISM, &key_gen, sizeof (key_gen) }, { CKA_ALLOWED_MECHANISMS, &key_mechanisms, sizeof (key_mechanisms) }, { CKA_SUBJECT, &key_subject, sizeof (key_subject) }, { CKA_SENSITIVE, &key_sensitive, sizeof (key_sensitive) }, { CKA_DECRYPT, &key_decrypt, sizeof (key_decrypt) }, { CKA_SIGN, &key_sign, sizeof (key_sign) }, { CKA_SIGN_RECOVER, &key_sign_recover, sizeof (key_sign_recover) }, { CKA_UNWRAP, &key_unwrap, sizeof (key_unwrap) }, { CKA_EXTRACTABLE, &key_extractable, sizeof (key_extractable) }, { CKA_ALWAYS_SENSITIVE, &key_always_sensitive, sizeof (key_always_sensitive) }, { CKA_NEVER_EXTRACTABLE, &key_never_extractable, sizeof (key_never_extractable) }, { CKA_WRAP_WITH_TRUSTED, &key_wrap_with_trusted, sizeof (key_wrap_with_trusted) }, { CKA_UNWRAP_TEMPLATE, NULL, 0 }, { CKA_ALWAYS_AUTHENTICATE, &key_always_authenticate, sizeof (key_always_authenticate) }, { CKA_MODULUS, &key_modulus, sizeof (key_modulus) }, { CKA_PUBLIC_EXPONENT, &key_public_exp, sizeof (key_public_exp) } }; printf ("CKO_PRIVATE_KEY\n"); err = C_GetAttributeValue (session, object, key_attr, DIM (key_attr)); if (err) return err; fail_if_err ((key_attr[0].ulValueLen != sizeof (key_type)) ? CKR_GENERAL_ERROR : 0); printf (" Key Type: %lu = ", key_type); switch (key_type) { case CKK_RSA: printf ("CKK_RSA"); break; case CKK_DSA: printf ("CKK_DSA"); break; default: printf ("(unknown"); break; } printf ("\n"); fail_if_err ((key_attr[1].ulValueLen != sizeof (key_token)) ? CKR_GENERAL_ERROR : 0); printf (" Key Token: %s\n", key_token ? "true" : "false"); fail_if_err ((key_attr[2].ulValueLen != sizeof (key_private)) ? CKR_GENERAL_ERROR : 0); printf (" Key Private: %s\n", key_private ? "true" : "false"); fail_if_err ((key_attr[3].ulValueLen != sizeof (key_modifiable)) ? CKR_GENERAL_ERROR : 0); printf (" Key Modifiable: %s\n", key_modifiable ? "true" : "false"); printf (" Key Label: "); err = dump_one_string (&key_attr[4], key_label, sizeof (key_label)); fail_if_err (err); printf (" Key ID: "); err = dump_one_string (&key_attr[5], key_id, sizeof (key_id)); fail_if_err (err); if (key_attr[6].ulValueLen && key_attr[7].ulValueLen) { fail_if_err ((key_attr[6].ulValueLen != sizeof (key_sdate)) ? CKR_GENERAL_ERROR : 0); printf (" Key Start Date: %.4s/%.2s/%.2s\n", key_sdate.year, key_sdate.month, key_sdate.day); fail_if_err ((key_attr[7].ulValueLen != sizeof (key_edate)) ? CKR_GENERAL_ERROR : 0); printf (" Key End Date: %.4s/%.2s/%.2s\n", key_edate.year, key_edate.month, key_edate.day); } fail_if_err ((key_attr[8].ulValueLen != sizeof (key_derive)) ? CKR_GENERAL_ERROR : 0); printf (" Key Derive: %s\n", key_derive ? "true" : "false"); fail_if_err ((key_attr[9].ulValueLen != sizeof (key_local)) ? CKR_GENERAL_ERROR : 0); printf (" Key Local: %s\n", key_local ? "true" : "false"); fail_if_err ((key_attr[10].ulValueLen != sizeof (key_gen)) ? CKR_GENERAL_ERROR : 0); /* FIXME: Print Mechanism. */ printf (" Key Gen Mechanism: %lu\n", key_gen); /* FIXME: Print supported mechanisms. 11 */ printf (" Key Subject: Length %lu\n", key_attr[12].ulValueLen); err = dump_one (&key_attr[12], key_subject, sizeof (key_subject)); fail_if_err (err); fail_if_err ((key_attr[13].ulValueLen != sizeof (key_sensitive)) ? CKR_GENERAL_ERROR : 0); printf (" Key Sensitive: %s\n", key_sensitive ? "true" : "false"); fail_if_err ((key_attr[14].ulValueLen != sizeof (key_decrypt)) ? CKR_GENERAL_ERROR : 0); printf (" Key Decrypt: %s\n", key_decrypt ? "true" : "false"); fail_if_err ((key_attr[15].ulValueLen != sizeof (key_sign)) ? CKR_GENERAL_ERROR : 0); printf (" Key Sign: %s\n", key_sign ? "true" : "false"); fail_if_err ((key_attr[16].ulValueLen != sizeof (key_sign_recover)) ? CKR_GENERAL_ERROR : 0); printf (" Key Sign Recover: %s\n", key_sign_recover ? "true" : "false"); fail_if_err ((key_attr[17].ulValueLen != sizeof (key_unwrap)) ? CKR_GENERAL_ERROR : 0); printf (" Key Unwrap: %s\n", key_unwrap ? "true" : "false"); fail_if_err ((key_attr[18].ulValueLen != sizeof (key_extractable)) ? CKR_GENERAL_ERROR : 0); printf (" Key Extractable: %s\n", key_extractable ? "true" : "false"); fail_if_err ((key_attr[19].ulValueLen != sizeof (key_always_sensitive)) ? CKR_GENERAL_ERROR : 0); printf (" Key Always Sensitive: %s\n", key_always_sensitive ? "true" : "false"); fail_if_err ((key_attr[20].ulValueLen != sizeof (key_never_extractable)) ? CKR_GENERAL_ERROR : 0); printf (" Key Never Extractable: %s\n", key_never_extractable ? "true" : "false"); fail_if_err ((key_attr[21].ulValueLen != sizeof (key_wrap_with_trusted)) ? CKR_GENERAL_ERROR : 0); printf (" Key Wrap With Trusted: %s\n", key_wrap_with_trusted ? "true" : "false"); fail_if_err ((key_attr[22].ulValueLen != 0) ? CKR_GENERAL_ERROR : 0); fail_if_err ((key_attr[23].ulValueLen != sizeof (key_always_authenticate)) ? CKR_GENERAL_ERROR : 0); printf (" Key Always Authenticate: %s\n", key_always_authenticate ? "true" : "false"); printf (" Key Modulus: Length %lu\n", key_attr[24].ulValueLen); err = dump_one (&key_attr[24], key_modulus, sizeof (key_modulus)); fail_if_err (err); printf (" Key Subject: Length %lu\n", key_attr[25].ulValueLen); err = dump_one (&key_attr[25], key_public_exp, sizeof (key_public_exp)); fail_if_err (err); } break; default: printf ("(unknown)\n"); } return 0; } int main (int argc, char *argv[]) { CK_RV err; CK_SLOT_ID_PTR slots; CK_ULONG slots_count; unsigned int i; (void) argc; (void) argv; if (argc > 1 && !strcmp ("--printable", argv[1])) printable = true; init_cryptoki (); err = C_GetSlotList (true, NULL, &slots_count); fail_if_err (err); if (slots_count == 0) { printf ("Skipping test because no token is present.\n"); return 77; } printf ("Number of slots with tokens: %lu\n", slots_count); slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (true, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) { CK_SESSION_HANDLE session; CK_OBJECT_HANDLE object; CK_ULONG count; printf ("%2i. Slot ID %lu\n", i, slots[i]); err = C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &session); fail_if_err (err); printf (" Session ID: %lu\n", session); err = C_FindObjectsInit (session, NULL, 0); fail_if_err (err); do { err = C_FindObjects (session, &object, 1, &count); fail_if_err (err); if (count) { printf (" Object Handle: %lu\n", object); err = dump_object (session, object); fail_if_err (err); } } while (count); err = C_FindObjectsFinal (session); fail_if_err (err); err = C_CloseSession (session); fail_if_err (err); } return 0; } diff --git a/tests/t-getfunctionlist.c b/tests/t-getfunctionlist.c index 702ed29..25a121a 100644 --- a/tests/t-getfunctionlist.c +++ b/tests/t-getfunctionlist.c @@ -1,129 +1,120 @@ /* t-getfunctionlist.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" bool mismatch = false; CK_FUNCTION_LIST_PTR fl; #define DO_ONE(fnc) printf (#fnc ": %p %c= %p \n", fnc, \ fl->fnc == fnc ? '=' : (mismatch = true, '!'), fl->fnc) int main (int argc, char *argv[]) { CK_RV err; (void) argc; (void) argv; /* This is the only function that can be called without initialization. */ err = C_GetFunctionList (&fl); fail_if_err (err); /* Check for each function if the member in the function list is identical to the exported symbol. */ DO_ONE (C_CancelFunction); DO_ONE (C_CloseAllSessions); DO_ONE (C_CloseSession); DO_ONE (C_CopyObject); DO_ONE (C_CreateObject); DO_ONE (C_Decrypt); DO_ONE (C_DecryptDigestUpdate); DO_ONE (C_DecryptFinal); DO_ONE (C_DecryptInit); DO_ONE (C_DecryptUpdate); DO_ONE (C_DecryptVerifyUpdate); DO_ONE (C_DeriveKey); DO_ONE (C_DestroyObject); DO_ONE (C_Digest); DO_ONE (C_DigestEncryptUpdate); DO_ONE (C_DigestFinal); DO_ONE (C_DigestInit); DO_ONE (C_DigestKey); DO_ONE (C_DigestUpdate); DO_ONE (C_Encrypt); DO_ONE (C_EncryptFinal); DO_ONE (C_EncryptInit); DO_ONE (C_EncryptUpdate); DO_ONE (C_Finalize); DO_ONE (C_FindObjects); DO_ONE (C_FindObjectsFinal); DO_ONE (C_FindObjectsInit); DO_ONE (C_GenerateKey); DO_ONE (C_GenerateKeyPair); DO_ONE (C_GenerateRandom); DO_ONE (C_GetAttributeValue); DO_ONE (C_GetFunctionList); DO_ONE (C_GetFunctionStatus); DO_ONE (C_GetInfo); DO_ONE (C_GetMechanismInfo); DO_ONE (C_GetMechanismList); DO_ONE (C_GetObjectSize); DO_ONE (C_GetOperationState); DO_ONE (C_GetSessionInfo); DO_ONE (C_GetSlotInfo); DO_ONE (C_GetSlotList); DO_ONE (C_GetTokenInfo); DO_ONE (C_InitPIN); DO_ONE (C_InitToken); DO_ONE (C_Initialize); DO_ONE (C_Login); DO_ONE (C_Logout); DO_ONE (C_OpenSession); DO_ONE (C_SeedRandom); DO_ONE (C_SetAttributeValue); DO_ONE (C_SetOperationState); DO_ONE (C_SetPIN); DO_ONE (C_Sign); DO_ONE (C_SignEncryptUpdate); DO_ONE (C_SignFinal); DO_ONE (C_SignInit); DO_ONE (C_SignRecover); DO_ONE (C_SignRecoverInit); DO_ONE (C_SignUpdate); DO_ONE (C_UnwrapKey); DO_ONE (C_Verify); DO_ONE (C_VerifyFinal); DO_ONE (C_VerifyInit); DO_ONE (C_VerifyRecover); DO_ONE (C_VerifyRecoverInit); DO_ONE (C_VerifyUpdate); DO_ONE (C_WaitForSlotEvent); DO_ONE (C_WrapKey); if (mismatch) fail ("Some members of the function list do not match symbol value"); return 0; } diff --git a/tests/t-getinfo.c b/tests/t-getinfo.c index f246254..7e23158 100644 --- a/tests/t-getinfo.c +++ b/tests/t-getinfo.c @@ -1,66 +1,57 @@ /* t-getinfo.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" int main (int argc, char *argv[]) { CK_RV err; CK_INFO info; (void) argc; (void) argv; init_cryptoki (); err = C_GetInfo (&info); fail_if_err (err); printf ("Cryptoki version: %i.%i\n", info.cryptokiVersion.major, info.cryptokiVersion.minor); if (info.cryptokiVersion.major != 2) fail ("Cryptoki major version is not 2"); if (info.cryptokiVersion.minor != 20) fail ("Cryptoki minor version is not 20"); printf ("Manufacturer ID: %.32s\n", info.manufacturerID); printf ("Flags: %#lx\n", info.flags); if (info.flags != 0) fail ("Flags is not 0"); printf ("Library description: %.32s\n", info.libraryDescription); printf ("Library version: %i.%i\n", info.libraryVersion.major, info.libraryVersion.minor); return 0; } diff --git a/tests/t-getmechanisminfo.c b/tests/t-getmechanisminfo.c index b384b56..efcf4e7 100644 --- a/tests/t-getmechanisminfo.c +++ b/tests/t-getmechanisminfo.c @@ -1,136 +1,127 @@ /* t-getmechanismlist.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" int main (int argc, char *argv[]) { CK_RV err; CK_SLOT_ID_PTR slots; CK_ULONG slots_count; unsigned int i; (void) argc; (void) argv; init_cryptoki (); err = C_GetSlotList (true, NULL, &slots_count); fail_if_err (err); if (slots_count == 0) { printf ("Skipping test because no token is present.\n"); return 77; } printf ("Number of slots with tokens: %lu\n", slots_count); slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (true, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) { CK_MECHANISM_TYPE_PTR mechanisms; CK_ULONG mechanisms_count; unsigned int j; printf ("%2i. Slot ID %lu\n", i, slots[i]); err = C_GetMechanismList (slots[i], NULL, &mechanisms_count); fail_if_err (err); printf (" Mechanisms: %lu\n", mechanisms_count); mechanisms = malloc (sizeof (CK_MECHANISM_TYPE) * mechanisms_count); if (!mechanisms) fail_if_err (CKR_HOST_MEMORY); err = C_GetMechanismList (slots[i], mechanisms, &mechanisms_count); fail_if_err (err); for (j = 0; j < mechanisms_count; j++) { CK_MECHANISM_INFO info; printf (" %2i. %s\n", j, mechanism_type_str (mechanisms[j])); err = C_GetMechanismInfo (slots[i], mechanisms[j], &info); fail_if_err (err); printf (" Minimum key size: %lu\n", info.ulMinKeySize); printf (" Maximum key size: %lu\n", info.ulMaxKeySize); printf (" Flags: %#lx", info.flags); if (info.flags) { bool any = false; CK_FLAGS xflags = 0; printf (" == "); #define DO_FLAG(sym) \ if (info.flags & sym) \ { \ printf ("%s" #sym, any ? " | " : ""); \ any = true; \ xflags |= sym; \ } DO_FLAG (CKF_HW); DO_FLAG (CKF_ENCRYPT); DO_FLAG (CKF_DECRYPT); DO_FLAG (CKF_DIGEST); DO_FLAG (CKF_SIGN); DO_FLAG (CKF_SIGN_RECOVER); DO_FLAG (CKF_VERIFY); DO_FLAG (CKF_VERIFY_RECOVER); DO_FLAG (CKF_GENERATE); DO_FLAG (CKF_GENERATE_KEY_PAIR); DO_FLAG (CKF_WRAP); DO_FLAG (CKF_UNWRAP); DO_FLAG (CKF_DERIVE); DO_FLAG (CKF_EXTENSION); xflags = info.flags & ~xflags; if (xflags) printf ("%s%#lx", any ? " | " : "", xflags); } printf ("\n"); } free (mechanisms); } return 0; } diff --git a/tests/t-getmechanismlist.c b/tests/t-getmechanismlist.c index e3455be..fbb8d31 100644 --- a/tests/t-getmechanismlist.c +++ b/tests/t-getmechanismlist.c @@ -1,92 +1,83 @@ /* t-getmechanismlist.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" int main (int argc, char *argv[]) { CK_RV err; CK_SLOT_ID_PTR slots; CK_ULONG slots_count; unsigned int i; (void) argc; (void) argv; init_cryptoki (); err = C_GetSlotList (true, NULL, &slots_count); fail_if_err (err); if (slots_count == 0) { printf ("Skipping test because no token is present.\n"); return 77; } printf ("Number of slots with tokens: %lu\n", slots_count); slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (true, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) { CK_MECHANISM_TYPE_PTR mechanisms; CK_ULONG mechanisms_count; unsigned int j; printf ("%2i. Slot ID %lu\n", i, slots[i]); err = C_GetMechanismList (slots[i], NULL, &mechanisms_count); fail_if_err (err); printf (" Mechanisms: %lu\n", mechanisms_count); mechanisms = malloc (sizeof (CK_MECHANISM_TYPE) * mechanisms_count); if (!mechanisms) fail_if_err (CKR_HOST_MEMORY); err = C_GetMechanismList (slots[i], mechanisms, &mechanisms_count); fail_if_err (err); for (j = 0; j < mechanisms_count; j++) printf (" %2i. %s\n", j, mechanism_type_str (mechanisms[j])); free (mechanisms); } return 0; } diff --git a/tests/t-getsessioninfo.c b/tests/t-getsessioninfo.c index 92746e5..5c83ebe 100644 --- a/tests/t-getsessioninfo.c +++ b/tests/t-getsessioninfo.c @@ -1,126 +1,117 @@ /* t-getsessioninfo.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" int main (int argc, char *argv[]) { CK_RV err; CK_SLOT_ID_PTR slots; CK_SESSION_HANDLE_PTR sessions; CK_ULONG slots_count; unsigned int i; (void) argc; (void) argv; init_cryptoki (); err = C_GetSlotList (true, NULL, &slots_count); fail_if_err (err); if (slots_count == 0) { printf ("Skipping test because no token is present.\n"); return 77; } printf ("Number of slots with tokens: %lu\n", slots_count); slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); sessions = malloc (sizeof (CK_SESSION_HANDLE) * slots_count); if (!sessions) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (true, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) { CK_SESSION_INFO info; printf ("%2i. Slot ID %lu\n", i, slots[i]); err = C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i]); fail_if_err (err); printf (" Session ID: %lu\n", sessions[i]); err = C_GetSessionInfo (sessions[i], &info); fail_if_err (err); printf (" Slot ID: %lu\n", info.slotID); printf (" State: %s\n", session_state_str (info.state)); printf (" Flags: %#lx", info.flags); if (info.flags) { bool any = false; CK_FLAGS xflags = 0; printf (" == "); #define DO_FLAG(sym) \ if (info.flags & sym) \ { \ printf ("%s" #sym, any ? " | " : ""); \ any = true; \ xflags |= sym; \ } DO_FLAG (CKF_RW_SESSION); DO_FLAG (CKF_SERIAL_SESSION); xflags = info.flags & ~xflags; if (xflags) printf ("%s%#lx", any ? " | " : "", xflags); } printf ("\n"); printf (" Device Error: %lu\n", info.ulDeviceError); fail_if_err (info.slotID != slots[i] ? CKR_GENERAL_ERROR : 0); fail_if_err (info.state != CKS_RO_PUBLIC_SESSION ? CKR_GENERAL_ERROR : 0); fail_if_err (info.flags != CKF_SERIAL_SESSION ? CKR_GENERAL_ERROR : 0); fail_if_err (info.ulDeviceError ? CKR_GENERAL_ERROR : 0); } for (i = 0; i < slots_count; i++) { err = C_CloseSession (sessions[i]); fail_if_err (err); } return 0; } diff --git a/tests/t-getslotinfo.c b/tests/t-getslotinfo.c index f63ad9a..7633e82 100644 --- a/tests/t-getslotinfo.c +++ b/tests/t-getslotinfo.c @@ -1,166 +1,157 @@ /* t-getslotinfo.c - Regression test. - Copyright (C) 2006, 2008 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006, 2008 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #define PGM "t-getslotinfo" #include "t-support.h" int main (int argc, char *argv[]) { int last_argc = -1; CK_RV err; int loop = 0; int token = 0; CK_SLOT_ID_PTR slots; CK_ULONG slots_count; unsigned int i; if (argc) { argc--; argv++; } while (argc && last_argc != argc ) { last_argc = argc; if (!strcmp (*argv, "--")) { argc--; argv++; break; } else if (!strcmp (*argv, "--help")) { fputs ("usage: " PGM " [options]\n" "Options:\n" " --loop N Run N times with a 2 second delay.\n" " --token Only present tokens\n", stdout); exit (0); } else if (!strcmp (*argv, "--loop")) { argc--; argv++; if (argc) { loop = atoi (*argv); argc--; argv++; } } else if (!strcmp (*argv, "--token")) { argc--; argv++; token = 1; } else if (!strncmp (*argv, "--", 2)) { fprintf (stderr, "unknown option '%s'\n", *argv); exit (1); } } init_cryptoki (); err = C_GetSlotList (token, NULL, &slots_count); fail_if_err (err); printf ("Number of slots%s: %lu\n", token ? " (with tokens)" : "", slots_count); if (!slots_count) return 0; /* Nothing to do. */ slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (token, slots, &slots_count); fail_if_err (err); again: for (i = 0; i < slots_count; i++) { CK_SLOT_INFO info; err = C_GetSlotInfo (slots[i], &info); fail_if_err (err); printf ("%2i. Slot ID %lu\n", i, slots[i]); printf (" %.64s\n", info.slotDescription); printf (" Manufacturer ID: %.32s\n", info.manufacturerID); printf (" Flags: %#lx", info.flags); if (info.flags) { int any = 0; CK_FLAGS xflags; xflags = info.flags & ~(CKF_TOKEN_PRESENT | CKF_REMOVABLE_DEVICE | CKF_HW_SLOT); printf (" == "); if (info.flags & CKF_TOKEN_PRESENT) { printf ("TOKEN_PRESENT"); any = 1; } if (info.flags & CKF_REMOVABLE_DEVICE) { printf ("%sREMOVABLE_DEVICE", any ? " | " : ""); any = 1; } if (info.flags & CKF_HW_SLOT) { printf ("%sHW_SLOT", any ? " | " : ""); any = 1; } if (xflags) printf ("%s%#lx", any ? " | " : "", xflags); } printf ("\n"); printf (" Hardware version: %i.%i\n", info.hardwareVersion.major, info.hardwareVersion.minor); printf (" Firmware version: %i.%i\n", info.firmwareVersion.major, info.firmwareVersion.minor); } if (loop > 0) loop--; if (loop) { #ifdef WIN32 _sleep (2); #else sleep (2); /* Why? */ #endif goto again; } return 0; } diff --git a/tests/t-getslotlist.c b/tests/t-getslotlist.c index 1256b4c..3362b07 100644 --- a/tests/t-getslotlist.c +++ b/tests/t-getslotlist.c @@ -1,98 +1,89 @@ /* t-getslotlist.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #define PGM "t-getslotlist" #include "t-support.h" int main (int argc, char *argv[]) { int last_argc = -1; CK_RV err; int token = 0; CK_SLOT_ID_PTR slots; CK_ULONG slots_count; unsigned int i; if (argc) { argc--; argv++; } while (argc && last_argc != argc ) { last_argc = argc; if (!strcmp (*argv, "--")) { argc--; argv++; break; } else if (!strcmp (*argv, "--help")) { fputs ("usage: " PGM " [options]\n" "Options:\n" " --token Only present tokens\n", stdout); exit (0); } else if (!strcmp (*argv, "--token")) { argc--; argv++; token = 1; } else if (!strncmp (*argv, "--", 2)) { fprintf (stderr, "unknown option '%s'\n", *argv); exit (1); } } init_cryptoki (); err = C_GetSlotList (token, NULL, &slots_count); fail_if_err (err); printf ("Number of slots%s: %lu\n", token ? " (with tokens)" : "", slots_count); if (!slots_count) return 0; slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (token, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) printf ("%2i. Slot ID %lu\n", i, slots[i]); return 0; } diff --git a/tests/t-gettokeninfo.c b/tests/t-gettokeninfo.c index 444c190..02a4137 100644 --- a/tests/t-gettokeninfo.c +++ b/tests/t-gettokeninfo.c @@ -1,146 +1,137 @@ /* t-gettokeninfo.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" int main (int argc, char *argv[]) { CK_RV err; CK_SLOT_ID_PTR slots; CK_ULONG slots_count; unsigned int i; (void) argc; (void) argv; init_cryptoki (); err = C_GetSlotList (true, NULL, &slots_count); fail_if_err (err); if (slots_count == 0) { printf ("Skipping test because no token is present.\n"); return 77; } printf ("Number of slots with tokens: %lu\n", slots_count); slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (true, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) { CK_TOKEN_INFO info; err = C_GetTokenInfo (slots[i], &info); fail_if_err (err); printf ("%2i. Slot ID %lu\n", i, slots[i]); printf (" Label: %.32s\n", info.label); printf (" Manufacturer ID: %.32s\n", info.manufacturerID); printf (" Model: %.16s\n", info.model); printf (" Serial number: %.16s\n", info.serialNumber); printf (" Flags: %#lx", info.flags); - + if (info.flags) { bool any = false; CK_FLAGS xflags; xflags = info.flags & ~(CKF_RNG | CKF_WRITE_PROTECTED | CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | CKF_RESTORE_KEY_NOT_NEEDED | CKF_CLOCK_ON_TOKEN | CKF_PROTECTED_AUTHENTICATION_PATH | CKF_DUAL_CRYPTO_OPERATIONS | CKF_TOKEN_INITIALIZED | CKF_SECONDARY_AUTHENTICATION | CKF_USER_PIN_COUNT_LOW | CKF_USER_PIN_FINAL_TRY | CKF_USER_PIN_LOCKED | CKF_USER_PIN_TO_BE_CHANGED | CKF_SO_PIN_COUNT_LOW | CKF_SO_PIN_FINAL_TRY | CKF_SO_PIN_LOCKED | CKF_SO_PIN_TO_BE_CHANGED); printf (" == "); #define DO_FLAG(sym) \ if (info.flags & sym) \ { \ printf ("%s" #sym, any ? " | " : ""); \ any = true; \ } DO_FLAG (CKF_RNG); DO_FLAG (CKF_WRITE_PROTECTED); DO_FLAG (CKF_LOGIN_REQUIRED); DO_FLAG (CKF_USER_PIN_INITIALIZED); DO_FLAG (CKF_RESTORE_KEY_NOT_NEEDED); DO_FLAG (CKF_CLOCK_ON_TOKEN); DO_FLAG (CKF_PROTECTED_AUTHENTICATION_PATH); DO_FLAG (CKF_DUAL_CRYPTO_OPERATIONS); DO_FLAG (CKF_TOKEN_INITIALIZED); DO_FLAG (CKF_SECONDARY_AUTHENTICATION); DO_FLAG (CKF_USER_PIN_COUNT_LOW); DO_FLAG (CKF_USER_PIN_FINAL_TRY); DO_FLAG (CKF_USER_PIN_LOCKED); DO_FLAG (CKF_USER_PIN_TO_BE_CHANGED); DO_FLAG (CKF_SO_PIN_COUNT_LOW); DO_FLAG (CKF_SO_PIN_FINAL_TRY); DO_FLAG (CKF_SO_PIN_LOCKED); DO_FLAG (CKF_SO_PIN_TO_BE_CHANGED); if (xflags) printf ("%s%#lx", any ? " | " : "", xflags); } printf ("\n"); printf (" Max session count: %li\n", info.ulMaxSessionCount); printf (" Session count: %li\n", info.ulSessionCount); printf (" Max rw session count: %li\n", info.ulMaxRwSessionCount); printf (" Rw session count: %li\n", info.ulRwSessionCount); printf (" Max PIN length: %li\n", info.ulMaxPinLen); printf (" Min PIN length: %li\n", info.ulMinPinLen); printf (" Total public memory: %li\n", info.ulTotalPublicMemory); printf (" Free public memory: %li\n", info.ulFreePublicMemory); printf (" Total private memory: %li\n", info.ulTotalPrivateMemory); printf (" Free private memory: %li\n", info.ulFreePrivateMemory); printf (" Hardware version: %i.%i\n", info.hardwareVersion.major, info.hardwareVersion.minor); printf (" Firmware version: %i.%i\n", info.firmwareVersion.major, info.firmwareVersion.minor); printf (" UTC time: %.16s\n", info.utcTime); } return 0; } diff --git a/tests/t-initialize.c b/tests/t-initialize.c index a8a6c7b..0278f05 100644 --- a/tests/t-initialize.c +++ b/tests/t-initialize.c @@ -1,49 +1,40 @@ /* t-initialize.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include "t-support.h" int main (int argc, char *argv[]) { CK_RV err; (void) argc; (void) argv; init_cryptoki (); err = C_Finalize (NULL); fail_if_err (err); return 0; } diff --git a/tests/t-link.c b/tests/t-link.c index 4bac096..87a4c20 100644 --- a/tests/t-link.c +++ b/tests/t-link.c @@ -1,114 +1,105 @@ /* t-link.c - Simple linking regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include "t-support.h" #define DO_ONE(fnc) printf (#fnc ": %p\n", fnc) int main (int argc, char *argv[]) { (void) argc; (void) argv; /* We don't do anything useful. We just print a list of function pointers to avoid elimination of dead code. */ DO_ONE (C_CancelFunction); DO_ONE (C_CloseAllSessions); DO_ONE (C_CloseSession); DO_ONE (C_CopyObject); DO_ONE (C_CreateObject); DO_ONE (C_Decrypt); DO_ONE (C_DecryptDigestUpdate); DO_ONE (C_DecryptFinal); DO_ONE (C_DecryptInit); DO_ONE (C_DecryptUpdate); DO_ONE (C_DecryptVerifyUpdate); DO_ONE (C_DeriveKey); DO_ONE (C_DestroyObject); DO_ONE (C_Digest); DO_ONE (C_DigestEncryptUpdate); DO_ONE (C_DigestFinal); DO_ONE (C_DigestInit); DO_ONE (C_DigestKey); DO_ONE (C_DigestUpdate); DO_ONE (C_Encrypt); DO_ONE (C_EncryptFinal); DO_ONE (C_EncryptInit); DO_ONE (C_EncryptUpdate); DO_ONE (C_Finalize); DO_ONE (C_FindObjects); DO_ONE (C_FindObjectsFinal); DO_ONE (C_FindObjectsInit); DO_ONE (C_GenerateKey); DO_ONE (C_GenerateKeyPair); DO_ONE (C_GenerateRandom); DO_ONE (C_GetAttributeValue); DO_ONE (C_GetFunctionList); DO_ONE (C_GetFunctionStatus); DO_ONE (C_GetInfo); DO_ONE (C_GetMechanismInfo); DO_ONE (C_GetMechanismList); DO_ONE (C_GetObjectSize); DO_ONE (C_GetOperationState); DO_ONE (C_GetSessionInfo); DO_ONE (C_GetSlotInfo); DO_ONE (C_GetSlotList); DO_ONE (C_GetTokenInfo); DO_ONE (C_InitPIN); DO_ONE (C_InitToken); DO_ONE (C_Initialize); DO_ONE (C_Login); DO_ONE (C_Logout); DO_ONE (C_OpenSession); DO_ONE (C_SeedRandom); DO_ONE (C_SetAttributeValue); DO_ONE (C_SetOperationState); DO_ONE (C_SetPIN); DO_ONE (C_Sign); DO_ONE (C_SignEncryptUpdate); DO_ONE (C_SignFinal); DO_ONE (C_SignInit); DO_ONE (C_SignRecover); DO_ONE (C_SignRecoverInit); DO_ONE (C_SignUpdate); DO_ONE (C_UnwrapKey); DO_ONE (C_Verify); DO_ONE (C_VerifyFinal); DO_ONE (C_VerifyInit); DO_ONE (C_VerifyRecover); DO_ONE (C_VerifyRecoverInit); DO_ONE (C_VerifyUpdate); DO_ONE (C_WaitForSlotEvent); DO_ONE (C_WrapKey); return 0; } diff --git a/tests/t-opensession.c b/tests/t-opensession.c index 9258c8b..ac85669 100644 --- a/tests/t-opensession.c +++ b/tests/t-opensession.c @@ -1,112 +1,103 @@ /* t-opensession.c - Regression test. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #define PGM "t-opensession" #include "t-support.h" int main (int argc, char *argv[]) { int last_argc = -1; CK_RV err; CK_SLOT_ID_PTR slots; CK_SESSION_HANDLE_PTR sessions; CK_ULONG slots_count; unsigned int i; if (argc) { argc--; argv++; } while (argc && last_argc != argc ) { last_argc = argc; if (!strcmp (*argv, "--")) { argc--; argv++; break; } else if (!strcmp (*argv, "--help")) { fputs ("usage: " PGM " [options]\n" "No Options\n", stdout); exit (0); } else if (!strncmp (*argv, "--", 2)) { fprintf (stderr, "unknown option '%s'\n", *argv); exit (1); } } init_cryptoki (); err = C_GetSlotList (1, NULL, &slots_count); fail_if_err (err); if (slots_count == 0) { printf ("Skipping test because no token is present.\n"); return 77; } printf ("Number of slots with tokens: %lu\n", slots_count); slots = malloc (sizeof (CK_SLOT_ID) * slots_count); if (!slots) fail_if_err (CKR_HOST_MEMORY); sessions = malloc (sizeof (CK_SESSION_HANDLE) * slots_count); if (!sessions) fail_if_err (CKR_HOST_MEMORY); err = C_GetSlotList (1, slots, &slots_count); fail_if_err (err); for (i = 0; i < slots_count; i++) { printf ("%2i. Slot ID %lu\n", i, slots[i]); err = C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i]); fail_if_err (err); printf (" Session ID: %lu\n", sessions[i]); } for (i = 0; i < slots_count; i++) { err = C_CloseSession (sessions[i]); fail_if_err (err); } return 0; } diff --git a/tests/t-support.h b/tests/t-support.h index 7ae1da7..9657e4e 100644 --- a/tests/t-support.h +++ b/tests/t-support.h @@ -1,281 +1,272 @@ /* t-support.h - Helper routines for regression tests. - Copyright (C) 2006 g10 Code GmbH - - This file is part of Scute. - - Scute is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - Scute is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - General Public License for more details. - - You should have received a copy of the GNU General Public License - along with Scute; if not, write to the Free Software Foundation, - Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - - In addition, as a special exception, g10 Code GmbH gives permission - to link this library: with the Mozilla Foundation's code for - Mozilla (or with modified versions of it that use the same license - as the "Mozilla" code), and distribute the linked executables. You - must obey the GNU General Public License in all respects for all of - the code used other than "Mozilla". If you modify this file, you - may extend this exception to your version of the file, but you are - not obligated to do so. If you do not wish to do so, delete this - exception statement from your version. */ + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of Scute. + * + * Scute is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Scute is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1-or-later + */ #include #include #include #include #include #define DIM(x) (sizeof (x) / sizeof (x[0])) /* Check for compiler features. */ #if __GNUC__ #define _GCC_VERSION (__GNUC__ * 10000 \ + __GNUC_MINOR__ * 100 \ + __GNUC_PATCHLEVEL__) #if _GCC_VERSION > 30100 #define UNUSED __attribute__ ((__unused__)) #endif #endif #ifndef UNUSED #define UNUSED #endif const char *msg[] = { "OK", "Cancel", "Host memory", "Slot ID invalid", "Flags invalid", "General error", "Function failed", "Arguments bad", "No event", "Need to create threads", "Can't lock", "0x0000000b", "0x0000000c", "0x0000000d", "0x0000000e", "0x0000000f", "Attribute read only", "Attribute sensitive", "Attribute type invalid", "Attribute value invalid", "0x00000014", "0x00000015", "0x00000016", "0x00000017", "0x00000018", "0x00000019", "0x0000001a", "0x0000001b", "0x0000001c", "0x0000001d", "0x0000001e", "0x0000001f", "Data invalid", "Data length range", "0x00000022", "0x00000023", "0x00000024", "0x00000025", "0x00000026", "0x00000027", "0x00000028", "0x00000029", "0x0000002a", "0x0000002b", "0x0000002c", "0x0000002d", "0x0000002e", "0x0000002f", "Device error", "Device memory", "Devire removed", "0x00000033", "0x00000034", "0x00000035", "0x00000036", "0x00000037", "0x00000038", "0x00000039", "0x0000003a", "0x0000003b", "0x0000003c", "0x0000003d", "0x0000003e", "0x0000003f", "Encrypted data invalid", "Encrypted data length range", "0x00000042", "0x00000043", "0x00000044", "0x00000045", "0x00000046", "0x00000047", "0x00000048", "0x00000049", "0x0000004a", "0x0000004b", "0x0000004c", "0x0000004d", "0x0000004e", "0x0000004f", "Function canceled", "Function not parallel", "0x00000052", "0x00000053", "Function not supported", "0x00000055", "0x00000056", "0x00000057", "0x00000058", "0x00000059", "0x0000005a", "0x0000005b", "0x0000005c", "0x0000005d", "0x0000005e", "0x0000005f", "Key handle invalid", "Key sensitive", "Key size range", "Key type inconsistent", "Key not needed", "Key changed", "Key needed", "Key indigestible", "Key function not permitted", "Key not wrappable", "Key unextractable", "0x0000006b", "0x0000006c", "0x0000006d", "0x0000006e", "0x0000006f", "Mechanism invalid", "Mechanism parameter invalid", "0x00000072", "0x00000073", "0x00000074", "0x00000075", "0x00000076", "0x00000077", "0x00000078", "0x00000079", "0x0000007a", "0x0000007b", "0x0000007c", "0x0000007d", "0x0000007e", "0x0000007f", "Object class inconsistent", "Object class invalid", "Object handle invalid", "0x00000083", "0x00000084", "0x00000085", "0x00000086", "0x00000087", "0x00000088", "0x00000089", "0x0000008a", "0x0000008b", "0x0000008c", "0x0000008d", "0x0000008e", "0x0000008f", "Operation active", "Operation not initialized", "0x00000092", "0x00000093", "0x00000094", "0x00000095", "0x00000096", "0x00000097", "0x00000098", "0x00000099", "0x0000009a", "0x0000009b", "0x0000009c", "0x0000009d", "0x0000009e", "0x0000009f", "PIN incorrect", "PIN invalid", "PIN length range", "PIN expired", "PIN locked", "0x000000a5", "0x000000a6", "0x000000a7", "0x000000a8", "0x000000a9", "0x000000aa", "0x000000ab", "0x000000ac", "0x000000ad", "0x000000ae", "0x000000af", "Session closed", "Session count", "0x000000b2", "Session handle invalid", "Session parallel not supported", "Session read only", "Session exists", "Session read only exists", "Session read write SO exists", "0x000000b9", "0x000000ba", "0x000000bb", "0x000000bc", "0x000000bd", "0x000000be", "0x000000bf", "Signature invalid", "Signature length range", "0x000000c2", "0x000000c3", "0x000000c4", "0x000000c5", "0x000000c6", "0x000000c7", "0x000000c8", "0x000000c9", "0x000000ca", "0x000000cb", "0x000000cc", "0x000000cd", "0x000000ce", "0x000000cf", "Template incomplete", "Template inconsistent", "0x000000d2", "0x000000d3", "0x000000d4", "0x000000d5", "0x000000d6", "0x000000d7", "0x000000d8", "0x000000d9", "0x000000da", "0x000000db", "0x000000dc", "0x000000dd", "0x000000de", "0x000000df", "Token not present", "Token not recognized", "Token write protected", "0x000000e3", "0x000000e4", "0x000000e5", "0x000000e6", "0x000000e7", "0x000000e8", "0x000000e9", "0x000000ea", "0x000000eb", "0x000000ec", "0x000000ed", "0x000000ee", "0x000000ef", "Unwrapping key handle invalid", "Unwrapping key size range", "Unwrapping key type inconsistent", "0x000000f3", "0x000000f4", "0x000000f5", "0x000000f6", "0x000000f7", "0x000000f8", "0x000000f9", "0x000000fa", "0x000000fb", "0x000000fc", "0x000000fd", "0x000000fe", "0x000000ff", "User already logged in", "User not logged in", "User PIN not initialized", "User type invalid", "Another user already logged in", "User too many types", "0x00000106", "0x00000107", "0x00000108", "0x00000109", "0x0000010a", "0x0000010b", "0x0000010c", "0x0000010d", "0x0000010e", "0x0000010f", "Wrapped key invalid", "0x00000110", "Wrapped key length range", "Wrapping key handle invalid", "Wrapping key size range", "Wrapping key type inconsistent", "0x00000116", "0x00000117", "0x00000118", "0x00000119", "0x0000011a", "0x0000011b", "0x0000011c", "0x0000011d", "0x0000011e", "0x0000011f", "Random seed not supported", "No random number generator", "0x00000122", "0x00000123", "0x00000124", "0x00000125", "0x00000126", "0x00000127", "0x00000128", "0x00000129", "0x0000012a", "0x0000012b", "0x0000012c", "0x0000012d", "0x0000012e", "0x0000012f", "Domain parameters invalid", "0x00000131", "0x00000132", "0x00000133", "0x00000134", "0x00000135", "0x00000136", "0x00000137", "0x00000138", "0x00000139", "0x0000013a", "0x0000013b", "0x0000013c", "0x0000013d", "0x0000013e", "0x0000013f", "0x00000140", "0x00000141", "0x00000142", "0x00000143", "0x00000144", "0x00000145", "0x00000146", "0x00000147", "0x00000148", "0x00000149", "0x0000014a", "0x0000014b", "0x0000014c", "0x0000014d", "0x0000014e", "0x0000014f", "Buffer too small", "0x00000151", "0x00000152", "0x00000153", "0x00000154", "0x00000155", "0x00000156", "0x00000157", "0x00000158", "0x00000159", "0x0000015a", "0x0000015b", "0x0000015c", "0x0000015d", "0x0000015e", "0x0000015f", "Saved state invalid", "0x00000161", "0x00000162", "0x00000163", "0x00000164", "0x00000165", "0x00000166", "0x00000167", "0x00000168", "0x00000169", "0x0000016a", "0x0000016b", "0x0000016c", "0x0000016d", "0x0000016e", "0x0000016f", "Information sensitive", "0x00000171", "0x00000172", "0x00000173", "0x00000174", "0x00000175", "0x00000176", "0x00000177", "0x00000178", "0x00000179", "0x0000017a", "0x0000017b", "0x0000017c", "0x0000017d", "0x0000017e", "0x0000017f", "State unsaveable", "0x00000181", "0x00000182", "0x00000183", "0x00000184", "0x00000185", "0x00000186", "0x00000187", "0x00000188", "0x00000189", "0x0000018a", "0x0000018b", "0x0000018c", "0x0000018d", "0x0000018e", "0x0000018f", "Cryptoki not initialized", "Cryptoki already initialized", "0x00000192", "0x00000193", "0x00000194", "0x00000195", "0x00000196", "0x00000197", "0x00000198", "0x00000199", "0x0000019a", "0x0000019b", "0x0000019c", "0x0000019d", "0x0000019e", "0x0000019f", "Mutex bad", "Mutex not locked", "0x000001a2", "0x000001a3", "0x000001a4", "0x000001a5", "0x000001a6", "0x000001a7", "0x000001a8", "0x000001a9", "0x000001aa", "0x000001ab", "0x000001ac", "0x000001ad", "0x000001ae", "0x000001af", "0x000001b0", "0x000001b1", "0x000001b2", "0x000001b3", "0x000001b4", "0x000001b5", "0x000001b6", "0x000001b7", "0x000001b8", "0x000001b9", "0x000001ba", "0x000001bb", "0x000001bc", "0x000001bd", "0x000001be", "0x000001bf", "0x000001c0", "0x000001c1", "0x000001c2", "0x000001c3", "0x000001c4", "0x000001c5", "0x000001c6", "0x000001c7", "0x000001c8", "0x000001c9", "0x000001ca", "0x000001cb", "0x000001cc", "0x000001cd", "0x000001ce", "0x000001cf", "0x000001d0", "0x000001d1", "0x000001d2", "0x000001d3", "0x000001d4", "0x000001d5", "0x000001d6", "0x000001d7", "0x000001d8", "0x000001d9", "0x000001da", "0x000001db", "0x000001dc", "0x000001dd", "0x000001de", "0x000001df", "0x000001e0", "0x000001e1", "0x000001e2", "0x000001e3", "0x000001e4", "0x000001e5", "0x000001e6", "0x000001e7", "0x000001e8", "0x000001e9", "0x000001ea", "0x000001eb", "0x000001ec", "0x000001ed", "0x000001ee", "0x000001ef", "0x000001f0", "0x000001f1", "0x000001f2", "0x000001f3", "0x000001f4", "0x000001f5", "0x000001f6", "0x000001f7", "0x000001f8", "0x000001f9", "0x000001fa", "0x000001fb", "0x000001fc", "0x000001fd", "0x000001fe", "0x000001ff", "Function rejected" }; #define ERRMSG(nr) ((nr) == CKR_VENDOR_DEFINED ? "Vendor defined" : \ ((nr) > sizeof (msg) / sizeof (msg[0]) ? \ "(unknown error code)" : msg[(nr)])) static const char * mechanism_type_str (CK_MECHANISM_TYPE mechanism_type) UNUSED; static const char * mechanism_type_str (CK_MECHANISM_TYPE mechanism_type) { switch (mechanism_type) { #define CKM_ONE(mechanism) \ case mechanism: \ return #mechanism; CKM_ONE (CKM_RSA_PKCS_KEY_PAIR_GEN); CKM_ONE (CKM_RSA_PKCS); default: return NULL; } } static const char *session_state_str (CK_STATE state) UNUSED; static const char * session_state_str (CK_STATE state) { switch (state) { #define CKS_ONE(state) \ case state: \ return #state; CKS_ONE (CKS_RO_PUBLIC_SESSION); CKS_ONE (CKS_RO_USER_FUNCTIONS); CKS_ONE (CKS_RW_PUBLIC_SESSION); CKS_ONE (CKS_RW_USER_FUNCTIONS); CKS_ONE (CKS_RW_SO_FUNCTIONS); default: return NULL; } } #define fail_if_err(err) \ do \ { unsigned int _err = (err); \ if (_err) \ { \ fprintf (stderr, "%s:%d: %s\n", \ __FILE__, __LINE__, ERRMSG(_err)); \ exit (1); \ } \ } \ while (0) #define fail(errmsg) \ do \ { \ if (err) \ { \ fprintf (stderr, "%s:%d: %s\n", \ __FILE__, __LINE__, errmsg); \ exit (1); \ } \ } \ while (0) #ifdef _WIN32 #include #endif void init_cryptoki (void) { CK_RV err; #ifdef _WIN32 WSADATA wsadat; WSAStartup (0x202, &wsadat); #endif err = C_Initialize (NULL); fail_if_err (err); }