bool pluginInvoke(PluginInstance *obj, NPIdentifier name, NPVariant *args, unsigned argCount, NPVariant *result) {
LOG_LOCATION;
EstEID_clear_error();
EstEID_setLocale(pluginLanguage);
if (isSameIdentifier(name, "sign")) {
return doSign(obj, args, argCount, result);
}
if (isSameIdentifier(name, "getCertificate")) {
return doGetCertificate(obj, result);
}
if (isSameIdentifier(name, "getVersion")) {
return pluginGetProperty(obj, browserFunctions->getstringidentifier("version"), result);
}
EstEID_log("obj=%p, name=%p, argCount=%u", obj, name, argCount);
return false;
}
int main(int argc, char *argv[])
{
int ec = EXIT_FAILURE;
poptContext optCon = NULL;
const char *arg;
xsetprogname(argv[0]); /* Portability call -- see system.h */
optCon = rpmcliInit(argc, argv, optionsTable);
if (argc <= 1) {
printUsage(optCon, stderr, 0);
goto exit;
}
if (poptPeekArg(optCon) == NULL) {
argerror(_("no arguments given"));
}
if (fileSigningKey && !signfiles) {
argerror(_("--fskpath may only be specified when signing files"));
}
switch (mode) {
case MODE_ADDSIGN:
case MODE_RESIGN:
ec = doSign(optCon);
break;
case MODE_DELSIGN:
ec = 0;
while ((arg = poptGetArg(optCon)) != NULL) {
ec += rpmPkgDelSign(arg);
}
break;
default:
argerror(_("only one major mode may be specified"));
break;
}
exit:
rpmcliFini(optCon);
return ec;
}
int doAsymTests(
CSSM_CSP_HANDLE cspHand,
privAlg palg,
CSSM_BOOL refKeys,
CSSM_BOOL quiet)
{
CSSM_ALGORITHMS keyAlg;
CSSM_ALGORITHMS sigAlg;
CSSM_ALGORITHMS encrAlg;
CSSM_ENCRYPT_MODE encrMode;
CSSM_PADDING encrPad;
uint32 keySizeInBits;
const char *keyAlgStr;
privAlgToCssm(palg, &keyAlg, &sigAlg, &encrAlg, &encrMode,
&encrPad, &keySizeInBits, &keyAlgStr);
CSSM_KEY pubKey;
CSSM_KEY privKey;
int irtn;
CSSM_KEYATTR_FLAGS pubKeyAttr = CSSM_KEYATTR_EXTRACTABLE;
CSSM_KEYATTR_FLAGS privKeyAttr = CSSM_KEYATTR_EXTRACTABLE;
if(refKeys) {
pubKeyAttr |= CSSM_KEYATTR_RETURN_REF;
privKeyAttr |= CSSM_KEYATTR_RETURN_REF;
}
else {
pubKeyAttr |= CSSM_KEYATTR_RETURN_DATA;
privKeyAttr |= CSSM_KEYATTR_RETURN_DATA;
}
if(!quiet) {
printf("...testing %s with %s keys\n", keyAlgStr,
refKeys ? "Ref" : "Raw");
printf(" ...verifying empty Dates\n");
}
irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits,
&pubKey, pubKeyAttr, CSSM_KEYUSE_ANY,
&privKey, privKeyAttr, CSSM_KEYUSE_ANY,
quiet,
CSSM_FALSE, 0, // no StartDate
CSSM_FALSE, 0); // no EndDate
if(irtn) {
return irtn;
}
irtn = doEncrypt(cspHand, keyAlgStr, &pubKey, encrAlg, encrMode,
encrPad, CSSM_OK, quiet);
if(irtn) {
printf("***Failure on encrypting with empty Key Dates\n");
return irtn;
}
irtn = doDecrypt(cspHand, keyAlgStr, &privKey, encrAlg, encrMode,
encrPad, DR_BadData, quiet);
if(irtn) {
printf("***Failure on decrypting with empty Key Dates\n");
return irtn;
}
irtn = doSign(cspHand, keyAlgStr, &privKey, sigAlg,
CSSM_OK, quiet);
if(irtn) {
printf("***Failure on signing with empty Key Dates\n");
return irtn;
}
irtn = doVerify(cspHand, keyAlgStr, &pubKey, sigAlg,
KD_VERIFY_FAIL_ERR, quiet);
if(irtn) {
printf("***Failure on verifying with empty Key Dates\n");
return irtn;
}
cspFreeKey(cspHand, &pubKey);
cspFreeKey(cspHand, &privKey);
if(!quiet) {
printf(" ...verifying Good Dates\n");
}
irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits,
&pubKey, pubKeyAttr, CSSM_KEYUSE_ANY,
&privKey, privKeyAttr, CSSM_KEYUSE_ANY,
quiet,
CSSM_TRUE, 0, // StartDate = today
CSSM_TRUE, 1); // EndDate = tomorrow
if(irtn) {
return irtn;
}
irtn = doEncrypt(cspHand, keyAlgStr, &pubKey, encrAlg, encrMode,
encrPad, CSSM_OK, quiet);
if(irtn) {
printf("***Failure on encrypting with good Key Dates\n");
return irtn;
}
irtn = doDecrypt(cspHand, keyAlgStr, &privKey, encrAlg, encrMode,
encrPad, DR_BadData, quiet);
if(irtn) {
printf("***Failure on decrypting with Good Key Dates\n");
return irtn;
}
irtn = doSign(cspHand, keyAlgStr, &privKey, sigAlg,
CSSM_OK, quiet);
if(irtn) {
printf("***Failure on signing with Good Key Dates\n");
return irtn;
}
irtn = doVerify(cspHand, keyAlgStr, &pubKey, sigAlg,
KD_VERIFY_FAIL_ERR, quiet);
if(irtn) {
printf("***Failure on verifying with Good Key Dates\n");
return irtn;
}
cspFreeKey(cspHand, &pubKey);
cspFreeKey(cspHand, &privKey);
if(!quiet) {
printf(" ...verifying Bad StartDate\n");
}
irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits,
&pubKey, pubKeyAttr, CSSM_KEYUSE_ANY,
&privKey, privKeyAttr, CSSM_KEYUSE_ANY,
quiet,
CSSM_TRUE, 1, // StartDate = tomorrow
CSSM_TRUE, 1); // EndDate = tomorrow
if(irtn) {
return irtn;
}
irtn = doEncrypt(cspHand, keyAlgStr, &pubKey, encrAlg, encrMode,
encrPad, CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE, quiet);
if(irtn) {
printf("***Failure on encrypting with bad StartDate\n");
return irtn;
}
irtn = doDecrypt(cspHand, keyAlgStr, &privKey, encrAlg, encrMode,
encrPad, DR_BadStartDate, quiet);
if(irtn) {
printf("***Failure on decrypting with bad StartDate\n");
return irtn;
}
irtn = doSign(cspHand, keyAlgStr, &privKey, sigAlg,
CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE, quiet);
if(irtn) {
printf("***Failure on signing with bad StartDate\n");
return irtn;
}
irtn = doVerify(cspHand, keyAlgStr, &pubKey, sigAlg,
CSSMERR_CSP_APPLE_INVALID_KEY_START_DATE, quiet);
if(irtn) {
printf("***Failure on verifying with bad StartDate\n");
return irtn;
}
cspFreeKey(cspHand, &pubKey);
cspFreeKey(cspHand, &privKey);
if(!quiet) {
printf(" ...verifying Bad EndDate\n");
}
irtn = genKeyPair(cspHand, keyAlg, keyAlgStr, keySizeInBits,
&pubKey, pubKeyAttr, CSSM_KEYUSE_ANY,
&privKey, privKeyAttr, CSSM_KEYUSE_ANY,
quiet,
CSSM_TRUE, 0, // StartDate = today
CSSM_TRUE, -1); // EndDate = yesterday
if(irtn) {
return irtn;
}
irtn = doEncrypt(cspHand, keyAlgStr, &pubKey, encrAlg, encrMode,
encrPad, CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE, quiet);
if(irtn) {
printf("***Failure on encrypting with bad EndDate\n");
return irtn;
}
irtn = doDecrypt(cspHand, keyAlgStr, &privKey, encrAlg, encrMode,
encrPad, DR_BadEndDate, quiet);
if(irtn) {
printf("***Failure on decrypting with bad EndDate\n");
return irtn;
}
irtn = doSign(cspHand, keyAlgStr, &privKey, sigAlg,
CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE, quiet);
if(irtn) {
printf("***Failure on signing with bad EndDate\n");
return irtn;
}
irtn = doVerify(cspHand, keyAlgStr, &pubKey, sigAlg,
CSSMERR_CSP_APPLE_INVALID_KEY_END_DATE, quiet);
if(irtn) {
printf("***Failure on verifying with bad EndDate\n");
return irtn;
}
cspFreeKey(cspHand, &pubKey);
cspFreeKey(cspHand, &privKey);
return 0;
}
