/** Calculate hex-encoded keygrip of public key in sexp. */
char *keyutil_get_cert_hexgrip (gcry_sexp_t sexp)
{
char *ret = NULL;
unsigned char grip[20];
if (gcry_pk_get_keygrip (sexp, grip)) {
ret = encoding_bin2hex (grip, sizeof (grip));
}
return ret;
}
static
gpg_err_code_t
get_serial_of_tokenid(
pkcs11h_token_id_t tokenid,
char **serial
) {
gpg_err_code_t error = GPG_ERR_GENERAL;
char *serialized = NULL;
char *serialpart = NULL;
unsigned char *digest = NULL;
size_t n;
*serial = NULL;
if (
(error = common_map_pkcs11_error(
pkcs11h_token_serializeTokenId(
NULL,
&n,
tokenid
)
)) != GPG_ERR_NO_ERROR
) {
goto cleanup;
}
if ((serialized = (char *)malloc(n)) == NULL) {
error = GPG_ERR_ENOMEM;
goto cleanup;
}
if (
(error = common_map_pkcs11_error(
pkcs11h_token_serializeTokenId(
serialized,
&n,
tokenid
)
)) != GPG_ERR_NO_ERROR
) {
goto cleanup;
}
if ((digest = (unsigned char *)malloc(gcry_md_get_algo_dlen(GCRY_MD_SHA1))) == NULL) {
error = GPG_ERR_ENOMEM;
goto cleanup;
}
gcry_md_hash_buffer(GCRY_MD_SHA1, digest, serialized, strlen(serialized));
/*
* Take the first N bytes.
*/
if ((serialpart = encoding_bin2hex(digest, OPENPGP_PKCS11_SERIAL_BYTES)) == NULL) {
error = GPG_ERR_ENOMEM;
goto cleanup;
}
if ((*serial = malloc(strlen(OPENPGP_PKCS11_SERIAL) + OPENPGP_PKCS11_SERIAL_BYTES * 2 + 1)) == NULL) {
error = GPG_ERR_ENOMEM;
goto cleanup;
}
sprintf(*serial, OPENPGP_PKCS11_SERIAL, serialpart);
error = GPG_ERR_NO_ERROR;
cleanup:
if (serialized != NULL) {
free(serialized);
serialized = NULL;
}
if (serialpart != NULL) {
free(serialpart);
serialpart = NULL;
}
if (digest != NULL) {
free(digest);
digest = NULL;
}
return error;
}