コード例 #1
0
/*  C_Sign signs data in a single part, where the signature is an appendix to the data. */
CK_DECLARE_FUNCTION(CK_RV, C_Sign)(
		CK_SESSION_HANDLE hSession,
		CK_BYTE_PTR pData,
		CK_ULONG ulDataLen,
		CK_BYTE_PTR pSignature,
		CK_ULONG_PTR pulSignatureLen
)
{
	int rv;
	struct p11Object_t *pObject;
	struct p11Slot_t *pSlot;
	struct p11Session_t *pSession;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	rv = findSessionByHandle(&context->sessionPool, hSession, &pSession);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	if (pSession->activeObjectHandle == CK_INVALID_HANDLE) {
		FUNC_FAILS(CKR_OPERATION_NOT_INITIALIZED, "Operation not initialized");
	}

	rv = findSlot(&context->slotPool, pSession->slotID, &pSlot);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	rv = findSlotKey(pSlot, pSession->activeObjectHandle, &pObject);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	if (pObject->C_Sign != NULL) {
		rv = pObject->C_Sign(pObject, pSession->activeMechanism, pData, ulDataLen, pSignature, pulSignatureLen);

		if ((pSignature != NULL) && (rv != CKR_BUFFER_TOO_SMALL)) {
			pSession->activeObjectHandle = CK_INVALID_HANDLE;
		}

		if (rv == CKR_DEVICE_ERROR) {
			rv = handleDeviceError(hSession);
			FUNC_FAILS(rv, "Device error reported");
		}
	} else {
		FUNC_FAILS(CKR_FUNCTION_NOT_SUPPORTED, "Operation not supported by token");
	}

	FUNC_RETURNS(rv);
}
コード例 #2
0
/*  C_SignInit initializes a signature operation,
    here the signature is an appendix to the data. */
CK_DECLARE_FUNCTION(CK_RV, C_SignInit)(
		CK_SESSION_HANDLE hSession,
		CK_MECHANISM_PTR pMechanism,
		CK_OBJECT_HANDLE hKey
)
{
	int rv;
	struct p11Object_t *pObject;
	struct p11Slot_t *pSlot;
	struct p11Session_t *pSession;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	rv = findSessionByHandle(&context->sessionPool, hSession, &pSession);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	if (pSession->activeObjectHandle != CK_INVALID_HANDLE) {
		FUNC_FAILS(CKR_OPERATION_ACTIVE, "Operation is already active");
	}

	rv = findSlot(&context->slotPool, pSession->slotID, &pSlot);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	rv = findSlotKey(pSlot, hKey, &pObject);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	if (pObject->C_SignInit != NULL) {
		rv = pObject->C_SignInit(pObject, pMechanism);
		if (rv == CKR_DEVICE_ERROR) {
			rv = handleDeviceError(hSession);
			FUNC_FAILS(rv, "Device error reported");
		}
	} else {
		FUNC_FAILS(CKR_FUNCTION_NOT_SUPPORTED, "Operation not supported by token");
	}

	if (!rv) {
		pSession->activeObjectHandle = pObject->handle;
		pSession->activeMechanism = pMechanism->mechanism;
		rv = CKR_OK;
	}

	FUNC_RETURNS(rv);
}
コード例 #3
0
/*  C_EncryptFinal finishes a multiple-part encryption operation. */
CK_DECLARE_FUNCTION(CK_RV, C_EncryptFinal)(
		CK_SESSION_HANDLE hSession,
		CK_BYTE_PTR pLastEncryptedPart,
		CK_ULONG_PTR pulLastEncryptedPartLen
)
{
	int rv;
	struct p11Object_t *pObject;
	struct p11Slot_t *pSlot;
	struct p11Session_t *pSession;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	rv = findSessionByHandle(&context->sessionPool, hSession, &pSession);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	if (pSession->activeObjectHandle == CK_INVALID_HANDLE) {
		FUNC_FAILS(CKR_OPERATION_NOT_INITIALIZED, "Operation not initialized");
	}

	rv = findSlot(&context->slotPool, pSession->slotID, &pSlot);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	rv = findSlotKey(pSlot, pSession->activeObjectHandle, &pObject);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	if (pObject->C_EncryptFinal != NULL) {
		rv = pObject->C_EncryptFinal(pObject, pSession->activeMechanism, pLastEncryptedPart, pulLastEncryptedPartLen);
		if (rv == CKR_DEVICE_ERROR) {
			rv = handleDeviceError(hSession);
			FUNC_FAILS(rv, "Device error reported");
		}
	} else {
		FUNC_FAILS(CKR_FUNCTION_NOT_SUPPORTED, "Operation not supported by token");
	}

	if (!rv) {
		pSession->activeObjectHandle = CK_INVALID_HANDLE;
		rv = CKR_OK;
	}

	FUNC_RETURNS(rv);
}
コード例 #4
0
/*  C_SignUpdate continues a multiple-part signature operation,
    processing another data part. */
CK_DECLARE_FUNCTION(CK_RV, C_SignUpdate)(
		CK_SESSION_HANDLE hSession,
		CK_BYTE_PTR pPart,
		CK_ULONG ulPartLen
)
{
	CK_RV rv;
	struct p11Object_t *pObject;
	struct p11Slot_t *pSlot;
	struct p11Session_t *pSession;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	rv = findSessionByHandle(&context->sessionPool, hSession, &pSession);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	if (pSession->activeObjectHandle == CK_INVALID_HANDLE) {
		FUNC_FAILS(CKR_OPERATION_NOT_INITIALIZED, "Operation not initialized");
	}

	rv = findSlot(&context->slotPool, pSession->slotID, &pSlot);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	rv = findSlotKey(pSlot, pSession->activeObjectHandle, &pObject);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	if (pObject->C_SignUpdate != NULL) {
		rv = pObject->C_SignUpdate(pObject, pSession->activeMechanism, pPart, ulPartLen);
		if (rv == CKR_DEVICE_ERROR) {
			rv = handleDeviceError(hSession);
			FUNC_FAILS(rv, "Device error reported");
		}
	} else {
		rv = appendToCryptoBuffer(pSession, pPart, ulPartLen);
	}

	FUNC_RETURNS(rv);
}
コード例 #5
0
int closePCSCSlot(struct p11Slot_t *slot)
{
	LONG rc;

	FUNC_CALLED();

#ifdef DEBUG
	debug("Trying to close slot (%i, %s)\n", slot->id, slot->readername);
#endif

	slotCounter--;

	if (slotCounter == 0 && globalContext) {
#ifdef DEBUG
		debug("Releasing global PC/SC context\n");
#endif
		rc = SCardReleaseContext(globalContext);

#ifdef DEBUG
		debug("SCardReleaseContext (%i, %s): %s\n", slot->id, slot->readername, pcsc_error_to_string(rc));
#endif

		globalContext = 0;
	}

	/* No token in slot */
	if (!slot->card) {
		slot->closed = TRUE;
		FUNC_RETURNS(CKR_OK);
	}

	rc = SCardDisconnect(slot->card, SCARD_UNPOWER_CARD);

#ifdef DEBUG
	debug("SCardDisconnect (%i, %s): %s\n", slot->id, slot->readername, pcsc_error_to_string(rc));
	debug("Releasing slot specific PC/SC context - slot counter is %i\n", slotCounter);
#endif

	rc = SCardReleaseContext(slot->context);

#ifdef DEBUG
	debug("SCardReleaseContext (%i, %s): %s\n", slot->id, slot->readername, pcsc_error_to_string(rc));
#endif

	slot->context = 0;
	slot->card = 0;
	slot->closed = TRUE;

	FUNC_RETURNS(CKR_OK);
}
コード例 #6
0
/**
 * Transmit APDU using PC/SC
 *
 * @param slot the slot to use for communication
 * @param capdu the command APDU
 * @param capdu_len the length of the command APDU
 * @param rapdu the response APDU
 * @param rapdu_len the length of the response APDU
 * @return -1 for error or length of received response APDU
 */
int transmitAPDUviaPCSC(struct p11Slot_t *slot,
	unsigned char *capdu, size_t capdu_len,
	unsigned char *rapdu, size_t rapdu_len)
{
	LONG rc;
	DWORD lenr;

	FUNC_CALLED();

	if (!slot->card) {
		FUNC_FAILS(-1, "No card handle");
	}

	lenr = rapdu_len;

	rc = SCardTransmit(slot->card, SCARD_PCI_T1, capdu, capdu_len, NULL, rapdu, &lenr);

#ifdef DEBUG
	debug("SCardTransmit: %s\n", pcsc_error_to_string(rc));
#endif

	if (rc != SCARD_S_SUCCESS) {
		FUNC_FAILS(-1, "SCardTransmit failed");
	}

	FUNC_RETURNS(lenr);
}
コード例 #7
0
static int starcos_C_DecryptInit(struct p11Object_t *pObject, CK_MECHANISM_PTR mech)
{
	unsigned char *algotlv;

	FUNC_CALLED();

	FUNC_RETURNS(getAlgorithmIdForDecryption(pObject->token, mech->mechanism, &algotlv));
}
コード例 #8
0
int closeSlot(struct p11Slot_t *slot)
{
	int rc;

	FUNC_CALLED();

	if (slot->primarySlot)
		FUNC_RETURNS(CKR_OK);

#ifdef CTAPI
	rc = closeCTAPISlot(slot);
#else
	rc = closePCSCSlot(slot);
#endif

	FUNC_RETURNS(rc);
}
コード例 #9
0
/**
 * Create a new DGN token if token detection and initialization is successful
 *
 * @param slot      The slot in which a token was detected
 * @param token     Pointer to pointer updated with newly created token structure
 * @return          CKR_OK or any other Cryptoki error code
 */
static int newDGNToken(struct p11Slot_t *slot, struct p11Token_t **token)
{
	static struct p11TokenDriver esign_token;
	struct p11Token_t *ptoken;
	struct p11TokenDriver *drv;
	struct p11Slot_t *vslot;
	int rc;

	FUNC_CALLED();

	esign_token = *getStarcosTokenDriver();
	esign_token.name = "3.5ID ECC C1 DGN";
	esign_token.isCandidate = isCandidate;
	esign_token.newToken = newDGNToken;
	esign_token.C_Sign = esign_C_Sign;

	rc = createStarcosToken(slot, &ptoken, &esign_token, &starcosApplications[1]);
	if (rc != CKR_OK)
		FUNC_FAILS(rc, "Base token creation failed");

	rc = addToken(slot, ptoken);
	if (rc != CKR_OK) {
		FUNC_FAILS(rc, "addToken() failed");
	}

	*token = ptoken;

	if (context->caller == CALLER_FIREFOX) {
		FUNC_RETURNS(CKR_OK);
	}

	rc = getVirtualSlot(slot, 0, &vslot);
	if (rc != CKR_OK)
		FUNC_FAILS(rc, "Virtual slot creation failed");

	drv = getDGNTokenDriver();
	rc = createStarcosToken(vslot, &ptoken, drv, &starcosApplications[0]);
	if (rc != CKR_OK)
		FUNC_FAILS(rc, "Token creation failed");

	rc = addToken(vslot, ptoken);
	if (rc != CKR_OK)
		FUNC_FAILS(rc, "addToken() failed");

	FUNC_RETURNS(CKR_OK);
}
コード例 #10
0
int getToken(struct p11Slot_t *slot, struct p11Token_t **token)
{
	FUNC_CALLED();

	*token = slot->token;

	FUNC_RETURNS(slot->token ? CKR_OK : CKR_TOKEN_NOT_PRESENT);
}
コード例 #11
0
int getVirtualSlot(struct p11Slot_t *slot, int index, struct p11Slot_t **vslot)
{
	struct p11Slot_t *newslot;
	char postfix[3];

	FUNC_CALLED();

	if ((index < 0) || (index > sizeof(slot->virtualSlots) / sizeof(*slot->virtualSlots)))
		FUNC_FAILS(CKR_ARGUMENTS_BAD, "Index must not exceed size of virtual slot list");

	if (slot->primarySlot)
		FUNC_FAILS(CKR_ARGUMENTS_BAD, "Slot is a virtual slot");

	if (slot->virtualSlots[index]) {
		*vslot = slot->virtualSlots[index];
		FUNC_RETURNS(CKR_OK);
	}

	newslot = (struct p11Slot_t *) calloc(1, sizeof(struct p11Slot_t));

	if (newslot == NULL)
		FUNC_FAILS(CKR_HOST_MEMORY, "Out of memory");

	*newslot = *slot;
	newslot->token = NULL;
	newslot->next = NULL;
	newslot->primarySlot = slot;

	/* If we already have a pre-allocated slot id, then assign the next id value */
	if (slot->id != 0)
		newslot->id = slot->id + index + 1;

	slot->virtualSlots[index] = newslot;

	postfix[0] = '.';
	postfix[1] = '2' + index;
	postfix[2] = 0;

	appendStr(newslot->info.slotDescription, sizeof(slot->info.slotDescription), postfix);

	addSlot(&context->slotPool, newslot);

	*vslot = newslot;
	FUNC_RETURNS(CKR_OK);
}
コード例 #12
0
int starcosSelectApplication(struct p11Token_t *token)
{
	struct starcosPrivateData *sc;

	FUNC_CALLED();

	sc = starcosGetPrivateData(token);
	FUNC_RETURNS(starcosSwitchApplication(token, sc->application));
}
コード例 #13
0
int transmitVerifyPinAPDUviaPCSC(struct p11Slot_t *slot,
	unsigned char pinformat, unsigned char minpinsize, unsigned char maxpinsize,
	unsigned char pinblockstring, unsigned char pinlengthformat,
	unsigned char *capdu, size_t capdu_len,
	unsigned char *rapdu, size_t rapdu_len)
{
	LONG rc;
	DWORD lenr;
	PIN_VERIFY_DIRECT_STRUCTURE_t verify;

	FUNC_CALLED();

	if (!slot->card) {
		FUNC_FAILS(-1, "No card handle");
	}

	verify.bTimeOut = 0x00;
	verify.bTimeOut2 = 0x00;
	verify.bmFormatString = pinformat;
	verify.bmPINBlockString = pinblockstring;
	verify.bmPINLengthFormat = pinlengthformat;

	verify.wPINMaxExtraDigit = (minpinsize << 8) | maxpinsize;

	/*
	 * Bit 7-3: RFU
	 * Bit   2: Timout occurred
	 * Bit   1: Validation Key pressed
	 * Bit   0: Max size reached
	 */
	verify.bEntryValidationCondition = 0x02;

	verify.bNumberMessage = 0x01;
	verify.wLangID        = 0x0904;
	verify.bMsgIndex      = 0;

	verify.bTeoPrologue[0]= 0;
	verify.bTeoPrologue[1]= 0;
	verify.bTeoPrologue[2]= 0;

	verify.ulDataLength = capdu_len;
	memcpy(verify.abData, capdu, capdu_len);

	lenr = rapdu_len;

	rc = SCardControl(slot->card, slot->hasFeatureVerifyPINDirect, &verify,  18 + capdu_len + 1, rapdu, rapdu_len, &lenr);

#ifdef DEBUG
	debug("SCardControl (VERIFY_PIN_DIRECT): %s\n", pcsc_error_to_string(rc));
#endif

	if (rc != SCARD_S_SUCCESS) {
		FUNC_FAILS(-1, "SCardControl failed");
	}

	FUNC_RETURNS(lenr);
}
コード例 #14
0
/**
 * If a crypto operation returns CKR_DEVICE_ERROR, then check if the token
 * is still present.
 *
 */
int handleDeviceError(CK_SESSION_HANDLE hSession) {
	int rv;
	struct p11Session_t *session;
	struct p11Slot_t *slot;
	struct p11Token_t *token;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	// Even if SCardTransmit report a communication error with the card, the card present
	// switch and the card present status in the resource manager will still report a present card
	//
	// Wait 100ms to make sure the card status detection reports accurate results
#ifndef _WIN32
	usleep(100000);
#endif

	rv = findSessionByHandle(&context->sessionPool, hSession, &session);

	if (rv == CKR_SESSION_HANDLE_INVALID) {
		FUNC_RETURNS(CKR_DEVICE_REMOVED);
	}

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	rv = findSlot(&context->slotPool, session->slotID, &slot);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	rv = getValidatedToken(slot, &token);

	if (rv != CKR_OK) {
		FUNC_RETURNS(rv);
	}

	FUNC_RETURNS(CKR_DEVICE_ERROR);
}
コード例 #15
0
/*  C_CancelFunction cancelled a function running in parallel
    with an application. Now legacy! */
CK_DECLARE_FUNCTION(CK_RV, C_CancelFunction)(
		CK_SESSION_HANDLE hSession
)
{
	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	FUNC_RETURNS(CKR_FUNCTION_NOT_PARALLEL);
}
コード例 #16
0
static int sc_hsm_C_Decrypt(struct p11Object_t *pObject, CK_MECHANISM_TYPE mech, CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
{
	int rc, algo;
	unsigned short SW1SW2;
	unsigned char scr[256];

	FUNC_CALLED();

	if (pData == NULL) {
		*pulDataLen = pObject->keysize >> 3;
		FUNC_RETURNS(CKR_OK);
	}
コード例 #17
0
/**
 * Encode APDU using either short or extended notation
 *
 * @param CLA the instruction class
 * @param INS the instruction code
 * @param P1 the first parameter
 * @param P2 the second parameter
 * @param Nc number of outgoing bytes
 * @param OutData outgoing command data
 * @param Ne number of bytes expected from card,
 *           -1 for none,
 *           0 for all in short mode,
 *           > 255 in extended mode,
 *           >= 65536 all in extended mode
 * @param apdu buffer receiving the encoded APDU
 * @param apdu_len length of provided buffer
 * @return -1 for error or the length of the encoded APDU otherwise
 */
int encodeCommandAPDU(
		unsigned char CLA, unsigned char INS, unsigned char P1, unsigned char P2,
		size_t Nc, unsigned char *OutData, int Ne,
		unsigned char *apdu, size_t apdu_len)
{
	unsigned char *po;

	FUNC_CALLED();

	if (apdu == NULL)
		FUNC_FAILS(-1, "Output buffer not defined");

	if (Nc + 9 > apdu_len)
		FUNC_FAILS(-1, "Nc larger than output buffer");

	if (Nc && (OutData == NULL))
		FUNC_FAILS(-1, "OutData not defined for Nc > 0");

	apdu[0] = CLA;
	apdu[1] = INS;
	apdu[2] = P1;
	apdu[3] = P2;
	po = apdu + 4;

	if (OutData && Nc) {
		if ((Nc <= 255) && (Ne <= 255)) {		// Case 3s or 4s
			*po++ = (unsigned char)Nc;
		} else {
			*po++ = 0;							// Case 3e or 3e
			*po++ = (unsigned char)(Nc >> 8);
			*po++ = (unsigned char)(Nc & 0xFF);
		}
		memcpy(po, OutData, Nc);
		po += Nc;
	}

	if (Ne >= 0) {								// Case 2 or 4
		if ((Ne <= 255) && (Nc <= 255)) {		// Case 2s or 4s
			*po++ = (unsigned char)Ne;
		} else {
			if (Ne >= 65536)					// Request all for extended APDU
				Ne = 0;

			if (!OutData)						// Case 4e
				*po++ = 0;

			*po++ = (unsigned char)(Ne >> 8);
			*po++ = (unsigned char)(Ne & 0xFF);
		}
	}

	FUNC_RETURNS(po - apdu);
}
コード例 #18
0
static int sc_hsm_C_DecryptInit(struct p11Object_t *pObject, CK_MECHANISM_PTR mech)
{
	int algo;

	FUNC_CALLED();

	algo = getAlgorithmIdForDecryption(mech->mechanism);
	if (algo < 0) {
		FUNC_FAILS(CKR_MECHANISM_INVALID, "Mechanism not supported");
	}

	FUNC_RETURNS(CKR_OK);
}
コード例 #19
0
int updateSlots(struct p11SlotPool_t *pool)
{
	int rc;

	FUNC_CALLED();

#ifdef CTAPI
	rc = updateCTAPISlots(pool);
#else
	rc = updatePCSCSlots(pool);
#endif

	FUNC_RETURNS(rc);
}
コード例 #20
0
int getPCSCToken(struct p11Slot_t *slot, struct p11Token_t **token)
{
	int rc;

	FUNC_CALLED();

	if (slot->token) {
		rc = checkForRemovedPCSCToken(slot);
	} else {
		rc = checkForNewPCSCToken(slot);
	}

	*token = slot->token;
	FUNC_RETURNS(rc);
}
コード例 #21
0
/*  C_DigestKey continues a multiple-part message-digesting operation by
    digesting the value of a secret key. */
CK_DECLARE_FUNCTION(CK_RV, C_DigestKey)(
		CK_SESSION_HANDLE hSession,
		CK_OBJECT_HANDLE hKey
)
{
	CK_RV rv = CKR_FUNCTION_NOT_SUPPORTED;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	FUNC_RETURNS(rv);
}
コード例 #22
0
static int checkPINStatus(struct p11Slot_t *slot)
{
	int rc;
	unsigned short SW1SW2;
	FUNC_CALLED();

	rc = transmitAPDU(slot, 0x00, 0x20, 0x00, 0x81,
			0, NULL,
			0, NULL, 0, &SW1SW2);

	if (rc < 0) {
		FUNC_FAILS(rc, "transmitAPDU failed");
	}

	FUNC_RETURNS(SW1SW2);
}
コード例 #23
0
/*  C_SignRecoverInit initializes a signature operation, where the data
    can be recovered from the signature. */
CK_DECLARE_FUNCTION(CK_RV, C_SignRecoverInit)(
		CK_SESSION_HANDLE hSession,
		CK_MECHANISM_PTR pMechanism,
		CK_OBJECT_HANDLE hKey
)
{
	CK_RV rv = CKR_FUNCTION_NOT_SUPPORTED;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	FUNC_RETURNS(rv);
}
コード例 #24
0
int starcosCheckPINStatus(struct p11Slot_t *slot, unsigned char pinref)
{
	int rc;
	unsigned short SW1SW2;
	FUNC_CALLED();

	rc = transmitAPDU(slot, 0x00, 0x20, 0x00, pinref,
			0, NULL,
			0, NULL, 0, &SW1SW2);

	if (rc < 0) {
		FUNC_FAILS(rc, "transmitAPDU failed");
	}

	FUNC_RETURNS(SW1SW2);
}
コード例 #25
0
/*  C_GenerateRandom generates random or pseudo-random data. */
CK_DECLARE_FUNCTION(CK_RV, C_GenerateRandom)(
		CK_SESSION_HANDLE hSession,
		CK_BYTE_PTR pRandomData,
		CK_ULONG ulRandomLen
)
{
	CK_RV rv = CKR_FUNCTION_NOT_SUPPORTED;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	FUNC_RETURNS(rv);
}
コード例 #26
0
/*  C_DigestFinal finishes a multiple-part message-digesting operation. */
CK_DECLARE_FUNCTION(CK_RV, C_DigestFinal)(
		CK_SESSION_HANDLE hSession,
		CK_BYTE_PTR pDigest,
		CK_ULONG_PTR pulDigestLen
)
{
	CK_RV rv = CKR_FUNCTION_NOT_SUPPORTED;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	FUNC_RETURNS(rv);
}
コード例 #27
0
static int starcos_C_Decrypt(struct p11Object_t *pObject, CK_MECHANISM_TYPE mech, CK_BYTE_PTR pEncryptedData, CK_ULONG ulEncryptedDataLen, CK_BYTE_PTR pData, CK_ULONG_PTR pulDataLen)
{
	int rc, len;
	unsigned char *d,*s;
	unsigned short SW1SW2;
	unsigned char scr[257];
	struct p11Slot_t *slot;

	FUNC_CALLED();

	if (ulEncryptedDataLen != 256)
		FUNC_FAILS(CKR_ENCRYPTED_DATA_LEN_RANGE, "Cryptogram size must be 256 byte");

	if (pData == NULL) {
		*pulDataLen = pObject->keysize >> 3;
		FUNC_RETURNS(CKR_OK);
	}
コード例 #28
0
/*  C_GenerateKey generates a secret key or set of domain parameters,
    creating a new object. */
CK_DECLARE_FUNCTION(CK_RV, C_GenerateKey)(
		CK_SESSION_HANDLE hSession,
		CK_MECHANISM_PTR pMechanism,
		CK_ATTRIBUTE_PTR pTemplate,
		CK_ULONG ulCount,
		CK_OBJECT_HANDLE_PTR phKey
)
{
	CK_RV rv = CKR_FUNCTION_NOT_SUPPORTED;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	FUNC_RETURNS(rv);
}
コード例 #29
0
/*  C_SignRecover signs data in a single operation, where the data can be
    recovered from the signature. */
CK_DECLARE_FUNCTION(CK_RV, C_SignRecover)(
		CK_SESSION_HANDLE hSession,
		CK_BYTE_PTR pData,
		CK_ULONG ulDataLen,
		CK_BYTE_PTR pSignature,
		CK_ULONG_PTR pulSignatureLen
)
{
	CK_RV rv = CKR_FUNCTION_NOT_SUPPORTED;

	FUNC_CALLED();

	if (context == NULL) {
		FUNC_FAILS(CKR_CRYPTOKI_NOT_INITIALIZED, "C_Initialize not called");
	}

	FUNC_RETURNS(rv);
}
コード例 #30
0
int unlockPCSCSlot(struct p11Slot_t *slot)
{
	DWORD dwActiveProtocol;
	LONG rv;

	FUNC_CALLED();

	rv = SCardReconnect(slot->card, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T1, SCARD_LEAVE_CARD, &dwActiveProtocol);

#ifdef DEBUG
	debug("SCardReconnect (%i, %s): %s\n", slot->id, slot->readername, pcsc_error_to_string(rv));
#endif

	if (rv != SCARD_S_SUCCESS)
		FUNC_FAILS(CKR_DEVICE_ERROR, "Could not reconnect to card");

	FUNC_RETURNS(CKR_OK);
}