diff options
| author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2019-09-25 21:11:09 +0300 |
|---|---|---|
| committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2019-10-09 14:53:06 +0300 |
| commit | 7d229045474150149281182eba1ed0f968f56a07 (patch) | |
| tree | a15bb4f530cec1fb74d5efbda745657a8c5099f2 /src | |
| parent | fb791c361a641d7153d1e3e19b4a012236c6e8a4 (diff) | |
| download | gnutls-7d229045474150149281182eba1ed0f968f56a07.tar.gz | |
p11tool: print mechanism info in list-mechanisms
Print key size range and flags in mechanisms list.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/Makefile.am | 1 | ||||
| -rw-r--r-- | src/pkcs11.c | 61 |
2 files changed, 61 insertions, 1 deletions
diff --git a/src/Makefile.am b/src/Makefile.am index b2409fff2e..9e16698916 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -229,6 +229,7 @@ if ENABLE_PKCS11 BUILT_SOURCES += mech-list.h p11tool_SOURCES = p11tool-args.def p11tool.c pkcs11.c certtool-common.c \ certtool-extras.c p11tool.h common.c mech-list.h +p11tool_CPPFLAGS = $(AM_CPPFLAGS) $(P11_KIT_CFLAGS) p11tool_LDADD = ../lib/libgnutls.la p11tool_LDADD += libcmd-p11tool.la ../gl/libgnu.la gl/libgnu_gpl.la p11tool_LDADD += $(COMMON_LIBS) diff --git a/src/pkcs11.c b/src/pkcs11.c index d938231c35..0ab956f011 100644 --- a/src/pkcs11.c +++ b/src/pkcs11.c @@ -34,6 +34,8 @@ #include <stdint.h> #include <common.h> +#include <p11-kit/pkcs11.h> + #ifdef _WIN32 # define sleep(x) Sleep(x*1000) #endif @@ -1519,6 +1521,7 @@ pkcs11_mechanism_list(FILE * outfile, const char *url, unsigned int flags, int idx; unsigned long mechanism; const char *str; + CK_MECHANISM_INFO minfo; pkcs11_common(info); @@ -1537,7 +1540,63 @@ pkcs11_mechanism_list(FILE * outfile, const char *url, unsigned int flags, if (str == NULL) str = "UNKNOWN"; - fprintf(outfile, "[0x%.4lx] %s\n", mechanism, str); + fprintf(outfile, "[0x%.4lx] %s", mechanism, str); + + if (gnutls_pkcs11_token_check_mechanism(url, mechanism, &minfo, sizeof(minfo), 0) != 0) { + if (minfo.ulMaxKeySize != 0) + fprintf(outfile, " keysize range (%ld, %ld)", minfo.ulMinKeySize, minfo.ulMaxKeySize); + if (minfo.flags & CKF_HW) + printf(" hw"); + if (minfo.flags & CKF_ENCRYPT) + printf(" encrypt"); + if (minfo.flags & CKF_DECRYPT) + printf(" decrypt"); + if (minfo.flags & CKF_DIGEST) + printf(" digest"); + if (minfo.flags & CKF_SIGN) + printf(" sign"); + if (minfo.flags & CKF_SIGN_RECOVER) + printf(" sign_recover"); + if (minfo.flags & CKF_VERIFY) + printf(" verify"); + if (minfo.flags & CKF_VERIFY_RECOVER) + printf(" verify_recover"); + if (minfo.flags & CKF_GENERATE) + printf(" generate"); + if (minfo.flags & CKF_GENERATE_KEY_PAIR) + printf(" generate_key_pair"); + if (minfo.flags & CKF_WRAP) + printf(" wrap"); + if (minfo.flags & CKF_UNWRAP) + printf(" unwrap"); + if (minfo.flags & CKF_DERIVE) + printf(" derive"); +#ifdef CKF_EC_F_P + if (minfo.flags & CKF_EC_F_P) + printf(" ec_f_p"); +#endif +#ifdef CKF_EC_F_2M + if (minfo.flags & CKF_EC_F_2M) + printf(" ec_f_2m"); +#endif +#ifdef CKF_EC_ECPARAMETERS + if (minfo.flags & CKF_EC_ECPARAMETERS) + printf(" ec_ecparameters"); +#endif +#ifdef CKF_EC_NAMEDCURVE + if (minfo.flags & CKF_EC_NAMEDCURVE) + printf(" ec_namedcurve"); +#endif +#ifdef CKF_EC_UNCOMPRESS + if (minfo.flags & CKF_EC_UNCOMPRESS) + printf(" ec_uncompress"); +#endif +#ifdef CKF_EC_COMPRESS + if (minfo.flags & CKF_EC_COMPRESS) + printf(" ec_compress"); +#endif + } + fprintf(outfile, "\n"); } } while (ret >= 0); |