diff options
| author | Lorry Tar Creator <lorry-tar-importer@lorry> | 2017-01-04 14:24:24 +0000 |
|---|---|---|
| committer | Lorry Tar Creator <lorry-tar-importer@lorry> | 2017-01-04 14:24:24 +0000 |
| commit | dc1565216a5d20ae0d75872151523252309a1292 (patch) | |
| tree | d57454ba9a40386552179eddf60d28bd1e8f3d54 /nss/cmd/pk11mode | |
| parent | 26c046fbc57d53136b4fb3b5e0d18298318125d4 (diff) | |
| download | nss-822b884019ac3b4a984e5d3b33b2cd07bc1518c1.tar.gz | |
nss-3.28.1nss-3.28.1
Diffstat (limited to 'nss/cmd/pk11mode')
| -rw-r--r-- | nss/cmd/pk11mode/pk11mode.c | 3540 | ||||
| -rw-r--r-- | nss/cmd/pk11mode/pk11mode.gyp | 24 |
2 files changed, 1835 insertions, 1729 deletions
diff --git a/nss/cmd/pk11mode/pk11mode.c b/nss/cmd/pk11mode/pk11mode.c index 901323a..2f1fa37 100644 --- a/nss/cmd/pk11mode/pk11mode.c +++ b/nss/cmd/pk11mode/pk11mode.c @@ -10,7 +10,6 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - #include <assert.h> #include <stdio.h> #include <stdlib.h> @@ -37,7 +36,7 @@ #include "pk11table.h" -#define NUM_ELEM(array) (sizeof(array)/sizeof(array[0])) +#define NUM_ELEM(array) (sizeof(array) / sizeof(array[0])) #ifndef NULL_PTR #define NULL_PTR 0 @@ -47,13 +46,15 @@ * Returns "unknown error" if errNum is unknown. */ const char * -PKM_CK_RVtoStr(CK_RV errNum) { - const char * err; +PKM_CK_RVtoStr(CK_RV errNum) +{ + const char *err; err = getName(errNum, ConstResult); - - if (err) return err; - + + if (err) + return err; + return "unknown error"; } @@ -94,12 +95,12 @@ int MODE = FIPSMODE; CK_BBOOL true = CK_TRUE; CK_BBOOL false = CK_FALSE; -static const CK_BYTE PLAINTEXT[] = {"Firefox Rules!"}; -static const CK_BYTE PLAINTEXT_PAD[] = - {"Firefox and thunderbird rule the world!"}; +static const CK_BYTE PLAINTEXT[] = { "Firefox Rules!" }; +static const CK_BYTE PLAINTEXT_PAD[] = + { "Firefox and thunderbird rule the world!" }; CK_ULONG NUMTESTS = 0; -static const char * slotFlagName[] = { +static const char *slotFlagName[] = { "CKF_TOKEN_PRESENT", "CKF_REMOVABLE_DEVICE", "CKF_HW_SLOT", @@ -134,7 +135,7 @@ static const char * slotFlagName[] = { "unknown token flag 0x80000000" }; -static const char * tokenFlagName[] = { +static const char *tokenFlagName[] = { "CKF_PKM_RNG", "CKF_WRITE_PROTECTED", "CKF_LOGIN_REQUIRED", @@ -198,13 +199,12 @@ dumpToHash64(const unsigned char *buf, unsigned int bufLen) if (i % 32 == 0) printf("\n"); printf(" 0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,", - buf[i ], buf[i+1], buf[i+2], buf[i+3], - buf[i+4], buf[i+5], buf[i+6], buf[i+7]); + buf[i], buf[i + 1], buf[i + 2], buf[i + 3], + buf[i + 4], buf[i + 5], buf[i + 6], buf[i + 7]); } printf("\n"); } - #ifdef _WIN32 HMODULE hModule; #else @@ -223,8 +223,8 @@ CK_RV PKM_InitPWforDB(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList, CK_ULONG slotID, CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID); -CK_RV PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID * pSlotList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID); +CK_RV PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList, CK_ULONG slotID); CK_RV PKM_SessionLogin(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList, CK_ULONG slotID, @@ -233,17 +233,17 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList, CK_ULONG slotID, CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList, CK_ULONG slotID, CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); -CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, +CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, CK_C_INITIALIZE_ARGS_NSS *initArgs); CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); CK_RV PKM_MultiObjectManagement(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList, CK_ULONG slotID, CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); @@ -256,67 +256,68 @@ CK_RV PKM_MechCheck(CK_FUNCTION_LIST_PTR pFunctionList, CK_FLAGS flags, CK_BBOOL check_sizes, CK_ULONG minkeysize, CK_ULONG maxkeysize); CK_RV PKM_TLSKeyAndMacDerive(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, - CK_MECHANISM_TYPE mechType, enum_random_t rnd); + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, + CK_MECHANISM_TYPE mechType, enum_random_t rnd); CK_RV PKM_TLSMasterKeyDerive(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, - CK_MECHANISM_TYPE mechType, - enum_random_t rnd); + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, + CK_MECHANISM_TYPE mechType, + enum_random_t rnd); CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID *pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen); CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hRwSession, - CK_OBJECT_HANDLE publicKey, CK_OBJECT_HANDLE privateKey, - CK_MECHANISM *sigMech, CK_OBJECT_HANDLE secretKey, - CK_MECHANISM *cryptMech, - const CK_BYTE * pData, CK_ULONG pDataLen); + CK_SESSION_HANDLE hRwSession, + CK_OBJECT_HANDLE publicKey, CK_OBJECT_HANDLE privateKey, + CK_MECHANISM *sigMech, CK_OBJECT_HANDLE secretKey, + CK_MECHANISM *cryptMech, + const CK_BYTE *pData, CK_ULONG pDataLen); CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hSecKey, CK_MECHANISM *cryptMech, - CK_OBJECT_HANDLE hSecKeyDigest, - CK_MECHANISM *digestMech, - const CK_BYTE * pData, CK_ULONG pDataLen); -CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hSecKey, CK_MECHANISM *cryptMech, + CK_OBJECT_HANDLE hSecKeyDigest, + CK_MECHANISM *digestMech, + const CK_BYTE *pData, CK_ULONG pDataLen); +CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hRwSession, CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey, - CK_MECHANISM *signMech, const CK_BYTE * pData, + CK_MECHANISM *signMech, const CK_BYTE *pData, CK_ULONG dataLen); -CK_RV PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList, +CK_RV PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hSymKey, CK_MECHANISM *cryptMech, - const CK_BYTE * pData, CK_ULONG dataLen); + const CK_BYTE *pData, CK_ULONG dataLen); CK_RV PKM_Hmac(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE sKey, CK_MECHANISM *hmacMech, - const CK_BYTE * pData, CK_ULONG pDataLen); -CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList, + CK_OBJECT_HANDLE sKey, CK_MECHANISM *hmacMech, + const CK_BYTE *pData, CK_ULONG pDataLen); +CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hRwSession, CK_MECHANISM *digestMech, CK_OBJECT_HANDLE hSecretKey, - const CK_BYTE * pData, CK_ULONG pDataLen); + const CK_BYTE *pData, CK_ULONG pDataLen); CK_RV PKM_wrapUnwrap(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hPublicKey, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hPublicKey, CK_OBJECT_HANDLE hPrivateKey, CK_MECHANISM *wrapMechanism, CK_OBJECT_HANDLE hSecretKey, CK_ATTRIBUTE *sKeyTemplate, CK_ULONG skeyTempSize); -CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey, - CK_MECHANISM *signMech, const CK_BYTE * pData, - CK_ULONG pDataLen); +CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey, + CK_MECHANISM *signMech, const CK_BYTE *pData, + CK_ULONG pDataLen); CK_RV PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList, - PRBool forkAssert, CK_C_INITIALIZE_ARGS_NSS *initArgs); + PRBool forkAssert, CK_C_INITIALIZE_ARGS_NSS *initArgs); -void PKM_Help(); -void PKM_CheckPath(char *string); -char *PKM_FilePasswd(char *pwFile); +void PKM_Help(); +void PKM_CheckPath(char *string); +char *PKM_FilePasswd(char *pwFile); static PRBool verbose = PR_FALSE; -int main(int argc, char **argv) +int +main(int argc, char **argv) { CK_C_GetFunctionList pC_GetFunctionList; CK_FUNCTION_LIST_PTR pFunctionList; @@ -336,38 +337,40 @@ int main(int argc, char **argv) PLOptStatus os; PLOptState *opt = PL_CreateOptState(argc, argv, "nvhf:Fd:p:"); - while (PL_OPT_EOL != (os = PL_GetNextOpt(opt))) - { - if (PL_OPT_BAD == os) continue; - switch (opt->option) - { - case 'F': /* disable fork tests */ - doForkTests = PR_FALSE; - break; - case 'n': /* non fips mode */ - MODE = NONFIPSMODE; - slotID = 1; - break; - case 'f': /* password file */ - pwd = (CK_UTF8CHAR *) PKM_FilePasswd((char *)opt->value); - if (!pwd) PKM_Help(); - break; - case 'd': /* opt_CertDir */ - if (!opt->value) PKM_Help(); - configDir = strdup(opt->value); - PKM_CheckPath(configDir); - break; - case 'p': /* opt_DBPrefix */ - if (!opt->value) PKM_Help(); - dbPrefix = strdup(opt->value); - break; - case 'v': - verbose = PR_TRUE; - break; - case 'h': /* help message */ - default: - PKM_Help(); - break; + while (PL_OPT_EOL != (os = PL_GetNextOpt(opt))) { + if (PL_OPT_BAD == os) + continue; + switch (opt->option) { + case 'F': /* disable fork tests */ + doForkTests = PR_FALSE; + break; + case 'n': /* non fips mode */ + MODE = NONFIPSMODE; + slotID = 1; + break; + case 'f': /* password file */ + pwd = (CK_UTF8CHAR *)PKM_FilePasswd((char *)opt->value); + if (!pwd) + PKM_Help(); + break; + case 'd': /* opt_CertDir */ + if (!opt->value) + PKM_Help(); + configDir = strdup(opt->value); + PKM_CheckPath(configDir); + break; + case 'p': /* opt_DBPrefix */ + if (!opt->value) + PKM_Help(); + dbPrefix = strdup(opt->value); + break; + case 'v': + verbose = PR_TRUE; + break; + case 'h': /* help message */ + default: + PKM_Help(); + break; } } PL_DestroyOptState(opt); @@ -375,7 +378,7 @@ int main(int argc, char **argv) if (!pwd) { pwd = (CK_UTF8CHAR *)strdup("1Mozilla"); } - pwdLen = strlen((const char*)pwd); + pwdLen = strlen((const char *)pwd); if (!configDir) { configDir = strdup("."); } @@ -383,8 +386,7 @@ int main(int argc, char **argv) dbPrefix = strdup(""); } - if (doForkTests) - { + if (doForkTests) { /* first, try to fork without softoken loaded to make sure * everything is OK */ crv = PKM_ForkCheck(123, NULL, PR_FALSE, NULL); @@ -392,44 +394,43 @@ int main(int argc, char **argv) goto cleanup; } - #ifdef _WIN32 hModule = LoadLibrary(LIB_NAME); if (hModule == NULL) { - PKM_Error( "cannot load %s\n", LIB_NAME); + PKM_Error("cannot load %s\n", LIB_NAME); goto cleanup; } if (MODE == FIPSMODE) { /* FIPS mode == FC_GetFunctionList */ pC_GetFunctionList = (CK_C_GetFunctionList) - GetProcAddress(hModule, "FC_GetFunctionList"); + GetProcAddress(hModule, "FC_GetFunctionList"); } else { /* NON FIPS mode == C_GetFunctionList */ pC_GetFunctionList = (CK_C_GetFunctionList) - GetProcAddress(hModule, "C_GetFunctionList"); - } + GetProcAddress(hModule, "C_GetFunctionList"); + } if (pC_GetFunctionList == NULL) { - PKM_Error( "cannot load %s\n", LIB_NAME); + PKM_Error("cannot load %s\n", LIB_NAME); goto cleanup; } #else { - char *libname = NULL; - /* Get the platform-dependent library name of the NSS cryptographic module */ - libname = PR_GetLibraryName(NULL, "softokn3"); - assert(libname != NULL); - lib = PR_LoadLibrary(libname); - assert(lib != NULL); - PR_FreeLibraryName(libname); - } + char *libname = NULL; + /* Get the platform-dependent library name of the NSS cryptographic module */ + libname = PR_GetLibraryName(NULL, "softokn3"); + assert(libname != NULL); + lib = PR_LoadLibrary(libname); + assert(lib != NULL); + PR_FreeLibraryName(libname); + } if (MODE == FIPSMODE) { - pC_GetFunctionList = (CK_C_GetFunctionList) PR_FindFunctionSymbol(lib, - "FC_GetFunctionList"); + pC_GetFunctionList = (CK_C_GetFunctionList)PR_FindFunctionSymbol(lib, + "FC_GetFunctionList"); assert(pC_GetFunctionList != NULL); slotID = 0; } else { - pC_GetFunctionList = (CK_C_GetFunctionList) PR_FindFunctionSymbol(lib, - "C_GetFunctionList"); + pC_GetFunctionList = (CK_C_GetFunctionList)PR_FindFunctionSymbol(lib, + "C_GetFunctionList"); assert(pC_GetFunctionList != NULL); slotID = 1; } @@ -437,25 +438,23 @@ int main(int argc, char **argv) if (MODE == FIPSMODE) { printf("Loaded FC_GetFunctionList for FIPS MODE; slotID %d \n", - (int) slotID); + (int)slotID); } else { printf("loaded C_GetFunctionList for NON FIPS MODE; slotID %d \n", - (int) slotID); + (int)slotID); } crv = (*pC_GetFunctionList)(&pFunctionList); assert(crv == CKR_OK); - - if (doForkTests) - { + if (doForkTests) { /* now, try to fork with softoken loaded, but not initialized */ crv = PKM_ForkCheck(CKR_CRYPTOKI_NOT_INITIALIZED, pFunctionList, - PR_TRUE, NULL); + PR_TRUE, NULL); if (crv != CKR_OK) goto cleanup; } - + initArgs.CreateMutex = NULL; initArgs.DestroyMutex = NULL; initArgs.LockMutex = NULL; @@ -464,7 +463,7 @@ int main(int argc, char **argv) moduleSpec = PR_smprintf("configdir='%s' certPrefix='%s' " "keyPrefix='%s' secmod='secmod.db' flags= ", configDir, dbPrefix, dbPrefix); - initArgs.LibraryParameters = (CK_CHAR_PTR *) moduleSpec; + initArgs.LibraryParameters = (CK_CHAR_PTR *)moduleSpec; initArgs.pReserved = NULL; /*DebugBreak();*/ @@ -477,13 +476,12 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("C_Initialize succeeded\n"); } else { - PKM_Error( "C_Initialize failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Initialize failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } - if (doForkTests) - { + if (doForkTests) { /* Disable core on fork for this test, since we are testing the * pathological case, and if enabled, the child process would dump * core in C_GetTokenInfo . @@ -496,8 +494,7 @@ int main(int argc, char **argv) goto cleanup; } - if (doForkTests) - { + if (doForkTests) { /* In this next test, we fork and try to re-initialize softoken in * the child. This should now work because softoken has the ability * to hard reset. @@ -512,55 +509,55 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_ShowInfo succeeded\n"); } else { - PKM_Error( "PKM_ShowInfo failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_ShowInfo failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } pSlotList = PKM_GetSlotList(pFunctionList, slotID); if (pSlotList == NULL) { - PKM_Error( "PKM_GetSlotList failed with \n"); + PKM_Error("PKM_GetSlotList failed with \n"); goto cleanup; } crv = pFunctionList->C_GetTokenInfo(pSlotList[slotID], &tokenInfo); if (crv == CKR_OK) { PKM_LogIt("C_GetTokenInfo succeeded\n\n"); } else { - PKM_Error( "C_GetTokenInfo failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GetTokenInfo failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } if (!(tokenInfo.flags & CKF_USER_PIN_INITIALIZED)) { PKM_LogIt("Initing PW for DB\n"); crv = PKM_InitPWforDB(pFunctionList, pSlotList, slotID, - pwd, pwdLen); + pwd, pwdLen); if (crv == CKR_OK) { PKM_LogIt("PKM_InitPWforDB succeeded\n\n"); } else { - PKM_Error( "PKM_InitPWforDB failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_InitPWforDB failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } } else { PKM_LogIt("using existing DB\n"); } - /* general mechanism by token */ + /* general mechanism by token */ crv = PKM_Mechanism(pFunctionList, pSlotList, slotID); if (crv == CKR_OK) { PKM_LogIt("PKM_Mechanism succeeded\n\n"); } else { - PKM_Error( "PKM_Mechanism failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_Mechanism failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; - } + } /* RNG example without Login */ crv = PKM_RNG(pFunctionList, pSlotList, slotID); if (crv == CKR_OK) { PKM_LogIt("PKM_RNG succeeded\n\n"); } else { - PKM_Error( "PKM_RNG failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_RNG failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } @@ -569,33 +566,33 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_SessionLogin succeeded\n\n"); } else { - PKM_Error( "PKM_SessionLogin failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_SessionLogin failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } /* - * PKM_KeyTest creates RSA,DSA public keys + * PKM_KeyTest creates RSA,DSA public keys * and AES, DES3 secret keys. - * then does digest, hmac, encrypt/decrypt, signing operations. + * then does digest, hmac, encrypt/decrypt, signing operations. */ crv = PKM_KeyTests(pFunctionList, pSlotList, slotID, - pwd, pwdLen); + pwd, pwdLen); if (crv == CKR_OK) { PKM_LogIt("PKM_KeyTests succeeded\n\n"); } else { - PKM_Error( "PKM_KeyTest failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_KeyTest failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } - crv = PKM_SecretKey(pFunctionList, pSlotList, slotID, pwd, + crv = PKM_SecretKey(pFunctionList, pSlotList, slotID, pwd, pwdLen); if (crv == CKR_OK) { PKM_LogIt("PKM_SecretKey succeeded\n\n"); } else { - PKM_Error( "PKM_SecretKey failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_SecretKey failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } @@ -604,8 +601,8 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_PublicKey succeeded\n\n"); } else { - PKM_Error( "PKM_PublicKey failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_PublicKey failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } crv = PKM_OperationalState(pFunctionList, pSlotList, slotID, @@ -613,8 +610,8 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_OperationalState succeeded\n\n"); } else { - PKM_Error( "PKM_OperationalState failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_OperationalState failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } crv = PKM_MultiObjectManagement(pFunctionList, pSlotList, slotID, @@ -622,8 +619,8 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_MultiObjectManagement succeeded\n\n"); } else { - PKM_Error( "PKM_MultiObjectManagement failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_MultiObjectManagement failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } crv = PKM_LegacyFunctions(pFunctionList, pSlotList, slotID, @@ -631,8 +628,8 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_LegacyFunctions succeeded\n\n"); } else { - PKM_Error( "PKM_LegacyFunctions failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_LegacyFunctions failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } crv = PKM_TLSKeyAndMacDerive(pFunctionList, pSlotList, slotID, @@ -642,8 +639,8 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_TLSKeyAndMacDerive succeeded\n\n"); } else { - PKM_Error( "PKM_TLSKeyAndMacDerive failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_TLSKeyAndMacDerive failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } crv = PKM_TLSMasterKeyDerive(pFunctionList, pSlotList, slotID, @@ -653,8 +650,8 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_TLSMasterKeyDerive succeeded\n\n"); } else { - PKM_Error( "PKM_TLSMasterKeyDerive failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_TLSMasterKeyDerive failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } crv = PKM_TLSMasterKeyDerive(pFunctionList, pSlotList, slotID, @@ -664,8 +661,8 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_TLSMasterKeyDerive succeeded\n\n"); } else { - PKM_Error( "PKM_TLSMasterKeyDerive failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_TLSMasterKeyDerive failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } crv = PKM_FindAllObjects(pFunctionList, pSlotList, slotID, @@ -673,29 +670,28 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_FindAllObjects succeeded\n\n"); } else { - PKM_Error( "PKM_FindAllObjects failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_FindAllObjects failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } crv = pFunctionList->C_Finalize(NULL); if (crv == CKR_OK) { PKM_LogIt("C_Finalize succeeded\n"); } else { - PKM_Error( "C_Finalize failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Finalize failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } - if (doForkTests) - { + if (doForkTests) { /* try to fork with softoken still loaded, but de-initialized */ crv = PKM_ForkCheck(CKR_CRYPTOKI_NOT_INITIALIZED, pFunctionList, - PR_TRUE, NULL); + PR_TRUE, NULL); if (crv != CKR_OK) goto cleanup; } - if (pSlotList) free(pSlotList); + free(pSlotList); /* demonstrate how an application can be in Hybrid mode */ /* PKM_HybridMode shows how to switch between NONFIPS */ @@ -706,8 +702,8 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("PKM_HybridMode succeeded\n"); } else { - PKM_Error( "PKM_HybridMode failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_HybridMode failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } @@ -718,16 +714,16 @@ int main(int argc, char **argv) if (crv == CKR_OK) { PKM_LogIt("C_Initialize succeeded\n"); } else { - PKM_Error( "C_Initialize failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Initialize failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } crv = pFunctionList->C_Finalize(NULL); if (crv == CKR_OK) { PKM_LogIt("C_Finalize succeeded\n"); } else { - PKM_Error( "C_Finalize failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Finalize failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); goto cleanup; } /* try to C_Initialize / C_Finalize in child. This should succeed */ @@ -754,7 +750,7 @@ cleanup: #ifdef _WIN32 FreeLibrary(hModule); #else - disableUnload = PR_GetEnv("NSS_DISABLE_UNLOAD"); + disableUnload = PR_GetEnvSecure("NSS_DISABLE_UNLOAD"); if (!disableUnload) { PR_UnloadLibrary(lib); } @@ -764,8 +760,8 @@ cleanup: crv = PKM_ForkCheck(123, NULL, PR_TRUE, NULL); } - printf("**** Total number of TESTS ran in %s is %d. ****\n", - ((MODE == FIPSMODE) ? "FIPS MODE" : "NON FIPS MODE"), (int) NUMTESTS); + printf("**** Total number of TESTS ran in %s is %d. ****\n", + ((MODE == FIPSMODE) ? "FIPS MODE" : "NON FIPS MODE"), (int)NUMTESTS); if (CKR_OK == crv) { printf("**** ALL TESTS PASSED ****\n"); } @@ -779,40 +775,42 @@ cleanup: * */ -CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) { +CK_RV +PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) +{ CK_SESSION_HANDLE hRwSession; CK_RV crv = CKR_OK; -/*** DSA Key ***/ + /*** DSA Key ***/ CK_MECHANISM dsaParamGenMech; CK_ULONG primeBits = 1024; - CK_ATTRIBUTE dsaParamGenTemplate[1]; + CK_ATTRIBUTE dsaParamGenTemplate[1]; CK_OBJECT_HANDLE hDsaParams = CK_INVALID_HANDLE; CK_BYTE DSA_P[128]; CK_BYTE DSA_Q[20]; CK_BYTE DSA_G[128]; CK_MECHANISM dsaKeyPairGenMech; - CK_ATTRIBUTE dsaPubKeyTemplate[5]; - CK_ATTRIBUTE dsaPrivKeyTemplate[5]; + CK_ATTRIBUTE dsaPubKeyTemplate[5]; + CK_ATTRIBUTE dsaPrivKeyTemplate[5]; CK_OBJECT_HANDLE hDSApubKey = CK_INVALID_HANDLE; CK_OBJECT_HANDLE hDSAprivKey = CK_INVALID_HANDLE; -/**** RSA Key ***/ + /**** RSA Key ***/ CK_KEY_TYPE rsatype = CKK_RSA; CK_MECHANISM rsaKeyPairGenMech; - CK_BYTE subject[] = {"RSA Private Key"}; + CK_BYTE subject[] = { "RSA Private Key" }; CK_ULONG modulusBits = 1024; - CK_BYTE publicExponent[] = {0x01, 0x00, 0x01}; - CK_BYTE id[] = {"RSA123"}; - CK_ATTRIBUTE rsaPubKeyTemplate[9]; - CK_ATTRIBUTE rsaPrivKeyTemplate[11]; + CK_BYTE publicExponent[] = { 0x01, 0x00, 0x01 }; + CK_BYTE id[] = { "RSA123" }; + CK_ATTRIBUTE rsaPubKeyTemplate[9]; + CK_ATTRIBUTE rsaPrivKeyTemplate[11]; CK_OBJECT_HANDLE hRSApubKey = CK_INVALID_HANDLE; CK_OBJECT_HANDLE hRSAprivKey = CK_INVALID_HANDLE; - /*** AES Key ***/ + /*** AES Key ***/ CK_MECHANISM sAESKeyMech = { CKM_AES_KEY_GEN, NULL, 0 }; @@ -820,10 +818,10 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, CK_KEY_TYPE keyAESType = CKK_AES; CK_UTF8CHAR AESlabel[] = "An AES secret key object"; CK_ULONG AESvalueLen = 32; - CK_ATTRIBUTE sAESKeyTemplate[9]; + CK_ATTRIBUTE sAESKeyTemplate[9]; CK_OBJECT_HANDLE hAESSecKey; -/*** DES3 Key ***/ + /*** DES3 Key ***/ CK_KEY_TYPE keyDES3Type = CKK_DES3; CK_UTF8CHAR DES3label[] = "An Triple DES secret key object"; CK_ULONG DES3valueLen = 56; @@ -832,43 +830,43 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, }; CK_ATTRIBUTE sDES3KeyTemplate[9]; CK_OBJECT_HANDLE hDES3SecKey; - + CK_MECHANISM dsaWithSha1Mech = { CKM_DSA_SHA1, NULL, 0 }; CK_BYTE IV[16]; - CK_MECHANISM mech_DES3_CBC; - CK_MECHANISM mech_DES3_CBC_PAD; + CK_MECHANISM mech_DES3_CBC; + CK_MECHANISM mech_DES3_CBC_PAD; CK_MECHANISM mech_AES_CBC_PAD; CK_MECHANISM mech_AES_CBC; struct mech_str { - CK_ULONG mechanism; + CK_ULONG mechanism; const char *mechanismStr; }; typedef struct mech_str mech_str; mech_str digestMechs[] = { - {CKM_SHA_1, "CKM_SHA_1 "}, - {CKM_SHA224, "CKM_SHA224"}, - {CKM_SHA256, "CKM_SHA256"}, - {CKM_SHA384, "CKM_SHA384"}, - {CKM_SHA512, "CKM_SHA512"} + { CKM_SHA_1, "CKM_SHA_1 " }, + { CKM_SHA224, "CKM_SHA224" }, + { CKM_SHA256, "CKM_SHA256" }, + { CKM_SHA384, "CKM_SHA384" }, + { CKM_SHA512, "CKM_SHA512" } }; mech_str hmacMechs[] = { - {CKM_SHA_1_HMAC, "CKM_SHA_1_HMAC"}, - {CKM_SHA224_HMAC, "CKM_SHA224_HMAC"}, - {CKM_SHA256_HMAC, "CKM_SHA256_HMAC"}, - {CKM_SHA384_HMAC, "CKM_SHA384_HMAC"}, - {CKM_SHA512_HMAC, "CKM_SHA512_HMAC"} + { CKM_SHA_1_HMAC, "CKM_SHA_1_HMAC" }, + { CKM_SHA224_HMAC, "CKM_SHA224_HMAC" }, + { CKM_SHA256_HMAC, "CKM_SHA256_HMAC" }, + { CKM_SHA384_HMAC, "CKM_SHA384_HMAC" }, + { CKM_SHA512_HMAC, "CKM_SHA512_HMAC" } }; mech_str sigRSAMechs[] = { - {CKM_SHA1_RSA_PKCS, "CKM_SHA1_RSA_PKCS"}, - {CKM_SHA224_RSA_PKCS, "CKM_SHA224_RSA_PKCS"}, - {CKM_SHA256_RSA_PKCS, "CKM_SHA256_RSA_PKCS"}, - {CKM_SHA384_RSA_PKCS, "CKM_SHA384_RSA_PKCS"}, - {CKM_SHA512_RSA_PKCS, "CKM_SHA512_RSA_PKCS"} + { CKM_SHA1_RSA_PKCS, "CKM_SHA1_RSA_PKCS" }, + { CKM_SHA224_RSA_PKCS, "CKM_SHA224_RSA_PKCS" }, + { CKM_SHA256_RSA_PKCS, "CKM_SHA256_RSA_PKCS" }, + { CKM_SHA384_RSA_PKCS, "CKM_SHA384_RSA_PKCS" }, + { CKM_SHA512_RSA_PKCS, "CKM_SHA512_RSA_PKCS" } }; CK_ULONG digestMechsSZ = NUM_ELEM(digestMechs); @@ -881,195 +879,195 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, NUMTESTS++; /* increment NUMTESTS */ /* DSA key init */ - dsaParamGenMech.mechanism = CKM_DSA_PARAMETER_GEN; - dsaParamGenMech.pParameter = NULL_PTR; + dsaParamGenMech.mechanism = CKM_DSA_PARAMETER_GEN; + dsaParamGenMech.pParameter = NULL_PTR; dsaParamGenMech.ulParameterLen = 0; - dsaParamGenTemplate[0].type = CKA_PRIME_BITS; - dsaParamGenTemplate[0].pValue = &primeBits; + dsaParamGenTemplate[0].type = CKA_PRIME_BITS; + dsaParamGenTemplate[0].pValue = &primeBits; dsaParamGenTemplate[0].ulValueLen = sizeof(primeBits); - dsaPubKeyTemplate[0].type = CKA_PRIME; - dsaPubKeyTemplate[0].pValue = DSA_P; + dsaPubKeyTemplate[0].type = CKA_PRIME; + dsaPubKeyTemplate[0].pValue = DSA_P; dsaPubKeyTemplate[0].ulValueLen = sizeof(DSA_P); - dsaPubKeyTemplate[1].type = CKA_SUBPRIME; + dsaPubKeyTemplate[1].type = CKA_SUBPRIME; dsaPubKeyTemplate[1].pValue = DSA_Q; dsaPubKeyTemplate[1].ulValueLen = sizeof(DSA_Q); - dsaPubKeyTemplate[2].type = CKA_BASE; - dsaPubKeyTemplate[2].pValue = DSA_G; + dsaPubKeyTemplate[2].type = CKA_BASE; + dsaPubKeyTemplate[2].pValue = DSA_G; dsaPubKeyTemplate[2].ulValueLen = sizeof(DSA_G); - dsaPubKeyTemplate[3].type = CKA_TOKEN; - dsaPubKeyTemplate[3].pValue = &true; + dsaPubKeyTemplate[3].type = CKA_TOKEN; + dsaPubKeyTemplate[3].pValue = &true; dsaPubKeyTemplate[3].ulValueLen = sizeof(true); - dsaPubKeyTemplate[4].type = CKA_VERIFY; - dsaPubKeyTemplate[4].pValue = &true; + dsaPubKeyTemplate[4].type = CKA_VERIFY; + dsaPubKeyTemplate[4].pValue = &true; dsaPubKeyTemplate[4].ulValueLen = sizeof(true); - dsaKeyPairGenMech.mechanism = CKM_DSA_KEY_PAIR_GEN; + dsaKeyPairGenMech.mechanism = CKM_DSA_KEY_PAIR_GEN; dsaKeyPairGenMech.pParameter = NULL_PTR; dsaKeyPairGenMech.ulParameterLen = 0; - dsaPrivKeyTemplate[0].type = CKA_TOKEN; - dsaPrivKeyTemplate[0].pValue = &true; + dsaPrivKeyTemplate[0].type = CKA_TOKEN; + dsaPrivKeyTemplate[0].pValue = &true; dsaPrivKeyTemplate[0].ulValueLen = sizeof(true); - dsaPrivKeyTemplate[1].type = CKA_PRIVATE; - dsaPrivKeyTemplate[1].pValue = &true; + dsaPrivKeyTemplate[1].type = CKA_PRIVATE; + dsaPrivKeyTemplate[1].pValue = &true; dsaPrivKeyTemplate[1].ulValueLen = sizeof(true); - dsaPrivKeyTemplate[2].type = CKA_SENSITIVE; - dsaPrivKeyTemplate[2].pValue = &true; + dsaPrivKeyTemplate[2].type = CKA_SENSITIVE; + dsaPrivKeyTemplate[2].pValue = &true; dsaPrivKeyTemplate[2].ulValueLen = sizeof(true); - dsaPrivKeyTemplate[3].type = CKA_SIGN, - dsaPrivKeyTemplate[3].pValue = &true; + dsaPrivKeyTemplate[3].type = CKA_SIGN, + dsaPrivKeyTemplate[3].pValue = &true; dsaPrivKeyTemplate[3].ulValueLen = sizeof(true); - dsaPrivKeyTemplate[4].type = CKA_EXTRACTABLE; - dsaPrivKeyTemplate[4].pValue = &true; + dsaPrivKeyTemplate[4].type = CKA_EXTRACTABLE; + dsaPrivKeyTemplate[4].pValue = &true; dsaPrivKeyTemplate[4].ulValueLen = sizeof(true); /* RSA key init */ - rsaKeyPairGenMech.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; + rsaKeyPairGenMech.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; rsaKeyPairGenMech.pParameter = NULL_PTR; rsaKeyPairGenMech.ulParameterLen = 0; - rsaPubKeyTemplate[0].type = CKA_KEY_TYPE; - rsaPubKeyTemplate[0].pValue = &rsatype; + rsaPubKeyTemplate[0].type = CKA_KEY_TYPE; + rsaPubKeyTemplate[0].pValue = &rsatype; rsaPubKeyTemplate[0].ulValueLen = sizeof(rsatype); - rsaPubKeyTemplate[1].type = CKA_PRIVATE; - rsaPubKeyTemplate[1].pValue = &true; + rsaPubKeyTemplate[1].type = CKA_PRIVATE; + rsaPubKeyTemplate[1].pValue = &true; rsaPubKeyTemplate[1].ulValueLen = sizeof(true); - rsaPubKeyTemplate[2].type = CKA_ENCRYPT; - rsaPubKeyTemplate[2].pValue = &true; + rsaPubKeyTemplate[2].type = CKA_ENCRYPT; + rsaPubKeyTemplate[2].pValue = &true; rsaPubKeyTemplate[2].ulValueLen = sizeof(true); - rsaPubKeyTemplate[3].type = CKA_DECRYPT; - rsaPubKeyTemplate[3].pValue = &true; + rsaPubKeyTemplate[3].type = CKA_DECRYPT; + rsaPubKeyTemplate[3].pValue = &true; rsaPubKeyTemplate[3].ulValueLen = sizeof(true); - rsaPubKeyTemplate[4].type = CKA_VERIFY; - rsaPubKeyTemplate[4].pValue = &true; + rsaPubKeyTemplate[4].type = CKA_VERIFY; + rsaPubKeyTemplate[4].pValue = &true; rsaPubKeyTemplate[4].ulValueLen = sizeof(true); - rsaPubKeyTemplate[5].type = CKA_SIGN; - rsaPubKeyTemplate[5].pValue = &true; + rsaPubKeyTemplate[5].type = CKA_SIGN; + rsaPubKeyTemplate[5].pValue = &true; rsaPubKeyTemplate[5].ulValueLen = sizeof(true); - rsaPubKeyTemplate[6].type = CKA_WRAP; - rsaPubKeyTemplate[6].pValue = &true; + rsaPubKeyTemplate[6].type = CKA_WRAP; + rsaPubKeyTemplate[6].pValue = &true; rsaPubKeyTemplate[6].ulValueLen = sizeof(true); - rsaPubKeyTemplate[7].type = CKA_MODULUS_BITS; - rsaPubKeyTemplate[7].pValue = &modulusBits; + rsaPubKeyTemplate[7].type = CKA_MODULUS_BITS; + rsaPubKeyTemplate[7].pValue = &modulusBits; rsaPubKeyTemplate[7].ulValueLen = sizeof(modulusBits); - rsaPubKeyTemplate[8].type = CKA_PUBLIC_EXPONENT; - rsaPubKeyTemplate[8].pValue = publicExponent; - rsaPubKeyTemplate[8].ulValueLen = sizeof (publicExponent); + rsaPubKeyTemplate[8].type = CKA_PUBLIC_EXPONENT; + rsaPubKeyTemplate[8].pValue = publicExponent; + rsaPubKeyTemplate[8].ulValueLen = sizeof(publicExponent); - rsaPrivKeyTemplate[0].type = CKA_KEY_TYPE; - rsaPrivKeyTemplate[0].pValue = &rsatype; + rsaPrivKeyTemplate[0].type = CKA_KEY_TYPE; + rsaPrivKeyTemplate[0].pValue = &rsatype; rsaPrivKeyTemplate[0].ulValueLen = sizeof(rsatype); - rsaPrivKeyTemplate[1].type = CKA_TOKEN; - rsaPrivKeyTemplate[1].pValue = &true; + rsaPrivKeyTemplate[1].type = CKA_TOKEN; + rsaPrivKeyTemplate[1].pValue = &true; rsaPrivKeyTemplate[1].ulValueLen = sizeof(true); - rsaPrivKeyTemplate[2].type = CKA_PRIVATE; - rsaPrivKeyTemplate[2].pValue = &true; + rsaPrivKeyTemplate[2].type = CKA_PRIVATE; + rsaPrivKeyTemplate[2].pValue = &true; rsaPrivKeyTemplate[2].ulValueLen = sizeof(true); - rsaPrivKeyTemplate[3].type = CKA_SUBJECT; - rsaPrivKeyTemplate[3].pValue = subject; + rsaPrivKeyTemplate[3].type = CKA_SUBJECT; + rsaPrivKeyTemplate[3].pValue = subject; rsaPrivKeyTemplate[3].ulValueLen = sizeof(subject); - rsaPrivKeyTemplate[4].type = CKA_ID; - rsaPrivKeyTemplate[4].pValue = id; + rsaPrivKeyTemplate[4].type = CKA_ID; + rsaPrivKeyTemplate[4].pValue = id; rsaPrivKeyTemplate[4].ulValueLen = sizeof(id); - rsaPrivKeyTemplate[5].type = CKA_SENSITIVE; - rsaPrivKeyTemplate[5].pValue = &true; + rsaPrivKeyTemplate[5].type = CKA_SENSITIVE; + rsaPrivKeyTemplate[5].pValue = &true; rsaPrivKeyTemplate[5].ulValueLen = sizeof(true); - rsaPrivKeyTemplate[6].type = CKA_ENCRYPT; - rsaPrivKeyTemplate[6].pValue = &true; + rsaPrivKeyTemplate[6].type = CKA_ENCRYPT; + rsaPrivKeyTemplate[6].pValue = &true; rsaPrivKeyTemplate[6].ulValueLen = sizeof(true); - rsaPrivKeyTemplate[7].type = CKA_DECRYPT; - rsaPrivKeyTemplate[7].pValue = &true; + rsaPrivKeyTemplate[7].type = CKA_DECRYPT; + rsaPrivKeyTemplate[7].pValue = &true; rsaPrivKeyTemplate[7].ulValueLen = sizeof(true); - rsaPrivKeyTemplate[8].type = CKA_VERIFY; - rsaPrivKeyTemplate[8].pValue = &true; + rsaPrivKeyTemplate[8].type = CKA_VERIFY; + rsaPrivKeyTemplate[8].pValue = &true; rsaPrivKeyTemplate[8].ulValueLen = sizeof(true); - rsaPrivKeyTemplate[9].type = CKA_SIGN; - rsaPrivKeyTemplate[9].pValue = &true; + rsaPrivKeyTemplate[9].type = CKA_SIGN; + rsaPrivKeyTemplate[9].pValue = &true; rsaPrivKeyTemplate[9].ulValueLen = sizeof(true); - rsaPrivKeyTemplate[10].type = CKA_UNWRAP; - rsaPrivKeyTemplate[10].pValue = &true; + rsaPrivKeyTemplate[10].type = CKA_UNWRAP; + rsaPrivKeyTemplate[10].pValue = &true; rsaPrivKeyTemplate[10].ulValueLen = sizeof(true); - + /* AES key template */ - sAESKeyTemplate[0].type = CKA_CLASS; - sAESKeyTemplate[0].pValue = &class; + sAESKeyTemplate[0].type = CKA_CLASS; + sAESKeyTemplate[0].pValue = &class; sAESKeyTemplate[0].ulValueLen = sizeof(class); - sAESKeyTemplate[1].type = CKA_KEY_TYPE; - sAESKeyTemplate[1].pValue = &keyAESType; + sAESKeyTemplate[1].type = CKA_KEY_TYPE; + sAESKeyTemplate[1].pValue = &keyAESType; sAESKeyTemplate[1].ulValueLen = sizeof(keyAESType); - sAESKeyTemplate[2].type = CKA_LABEL; - sAESKeyTemplate[2].pValue = AESlabel; - sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel)-1; - sAESKeyTemplate[3].type = CKA_ENCRYPT; - sAESKeyTemplate[3].pValue = &true; + sAESKeyTemplate[2].type = CKA_LABEL; + sAESKeyTemplate[2].pValue = AESlabel; + sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel) - 1; + sAESKeyTemplate[3].type = CKA_ENCRYPT; + sAESKeyTemplate[3].pValue = &true; sAESKeyTemplate[3].ulValueLen = sizeof(true); - sAESKeyTemplate[4].type = CKA_DECRYPT; - sAESKeyTemplate[4].pValue = &true; + sAESKeyTemplate[4].type = CKA_DECRYPT; + sAESKeyTemplate[4].pValue = &true; sAESKeyTemplate[4].ulValueLen = sizeof(true); - sAESKeyTemplate[5].type = CKA_SIGN; - sAESKeyTemplate[5].pValue = &true; - sAESKeyTemplate[5].ulValueLen = sizeof (true); - sAESKeyTemplate[6].type = CKA_VERIFY; - sAESKeyTemplate[6].pValue = &true; + sAESKeyTemplate[5].type = CKA_SIGN; + sAESKeyTemplate[5].pValue = &true; + sAESKeyTemplate[5].ulValueLen = sizeof(true); + sAESKeyTemplate[6].type = CKA_VERIFY; + sAESKeyTemplate[6].pValue = &true; sAESKeyTemplate[6].ulValueLen = sizeof(true); - sAESKeyTemplate[7].type = CKA_UNWRAP; - sAESKeyTemplate[7].pValue = &true; + sAESKeyTemplate[7].type = CKA_UNWRAP; + sAESKeyTemplate[7].pValue = &true; sAESKeyTemplate[7].ulValueLen = sizeof(true); - sAESKeyTemplate[8].type = CKA_VALUE_LEN; - sAESKeyTemplate[8].pValue = &AESvalueLen; + sAESKeyTemplate[8].type = CKA_VALUE_LEN; + sAESKeyTemplate[8].pValue = &AESvalueLen; sAESKeyTemplate[8].ulValueLen = sizeof(AESvalueLen); /* DES3 key template */ - sDES3KeyTemplate[0].type = CKA_CLASS; - sDES3KeyTemplate[0].pValue = &class; + sDES3KeyTemplate[0].type = CKA_CLASS; + sDES3KeyTemplate[0].pValue = &class; sDES3KeyTemplate[0].ulValueLen = sizeof(class); - sDES3KeyTemplate[1].type = CKA_KEY_TYPE; - sDES3KeyTemplate[1].pValue = &keyDES3Type; + sDES3KeyTemplate[1].type = CKA_KEY_TYPE; + sDES3KeyTemplate[1].pValue = &keyDES3Type; sDES3KeyTemplate[1].ulValueLen = sizeof(keyDES3Type); - sDES3KeyTemplate[2].type = CKA_LABEL; - sDES3KeyTemplate[2].pValue = DES3label; - sDES3KeyTemplate[2].ulValueLen = sizeof(DES3label)-1; - sDES3KeyTemplate[3].type = CKA_ENCRYPT; - sDES3KeyTemplate[3].pValue = &true; + sDES3KeyTemplate[2].type = CKA_LABEL; + sDES3KeyTemplate[2].pValue = DES3label; + sDES3KeyTemplate[2].ulValueLen = sizeof(DES3label) - 1; + sDES3KeyTemplate[3].type = CKA_ENCRYPT; + sDES3KeyTemplate[3].pValue = &true; sDES3KeyTemplate[3].ulValueLen = sizeof(true); - sDES3KeyTemplate[4].type = CKA_DECRYPT; - sDES3KeyTemplate[4].pValue = &true; + sDES3KeyTemplate[4].type = CKA_DECRYPT; + sDES3KeyTemplate[4].pValue = &true; sDES3KeyTemplate[4].ulValueLen = sizeof(true); - sDES3KeyTemplate[5].type = CKA_UNWRAP; - sDES3KeyTemplate[5].pValue = &true; + sDES3KeyTemplate[5].type = CKA_UNWRAP; + sDES3KeyTemplate[5].pValue = &true; sDES3KeyTemplate[5].ulValueLen = sizeof(true); - sDES3KeyTemplate[6].type = CKA_SIGN, - sDES3KeyTemplate[6].pValue = &true; - sDES3KeyTemplate[6].ulValueLen = sizeof (true); - sDES3KeyTemplate[7].type = CKA_VERIFY; - sDES3KeyTemplate[7].pValue = &true; + sDES3KeyTemplate[6].type = CKA_SIGN, + sDES3KeyTemplate[6].pValue = &true; + sDES3KeyTemplate[6].ulValueLen = sizeof(true); + sDES3KeyTemplate[7].type = CKA_VERIFY; + sDES3KeyTemplate[7].pValue = &true; sDES3KeyTemplate[7].ulValueLen = sizeof(true); - sDES3KeyTemplate[8].type = CKA_VALUE_LEN; - sDES3KeyTemplate[8].pValue = &DES3valueLen; + sDES3KeyTemplate[8].type = CKA_VALUE_LEN; + sDES3KeyTemplate[8].pValue = &DES3valueLen; sDES3KeyTemplate[8].ulValueLen = sizeof(DES3valueLen); - + /* mech init */ memset(IV, 0x01, sizeof(IV)); - mech_DES3_CBC.mechanism = CKM_DES3_CBC; - mech_DES3_CBC.pParameter = IV; + mech_DES3_CBC.mechanism = CKM_DES3_CBC; + mech_DES3_CBC.pParameter = IV; mech_DES3_CBC.ulParameterLen = sizeof(IV); - mech_DES3_CBC_PAD.mechanism = CKM_DES3_CBC_PAD; - mech_DES3_CBC_PAD.pParameter = IV; + mech_DES3_CBC_PAD.mechanism = CKM_DES3_CBC_PAD; + mech_DES3_CBC_PAD.pParameter = IV; mech_DES3_CBC_PAD.ulParameterLen = sizeof(IV); - mech_AES_CBC.mechanism = CKM_AES_CBC; - mech_AES_CBC.pParameter = IV; + mech_AES_CBC.mechanism = CKM_AES_CBC; + mech_AES_CBC.pParameter = IV; mech_AES_CBC.ulParameterLen = sizeof(IV); - mech_AES_CBC_PAD.mechanism = CKM_AES_CBC_PAD; - mech_AES_CBC_PAD.pParameter = IV; + mech_AES_CBC_PAD.mechanism = CKM_AES_CBC_PAD; + mech_AES_CBC_PAD.pParameter = IV; mech_AES_CBC_PAD.ulParameterLen = sizeof(IV); - crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_RW_SESSION | CKF_SERIAL_SESSION, NULL, NULL, &hRwSession); if (crv == CKR_OK) { PKM_LogIt("Opening a read/write session succeeded\n"); } else { - PKM_Error( "Opening a read/write session failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("Opening a read/write session failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -1083,7 +1081,8 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, return CKR_GENERAL_ERROR; } else { PKM_LogIt("C_GenerateKey returned as EXPECTED with 0x%08X, %-26s\n" - "since not logged in\n", crv, PKM_CK_RVtoStr(crv)); + "since not logged in\n", + crv, PKM_CK_RVtoStr(crv)); } crv = pFunctionList->C_GenerateKeyPair(hRwSession, &rsaKeyPairGenMech, rsaPubKeyTemplate, @@ -1096,7 +1095,8 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, return CKR_GENERAL_ERROR; } else { PKM_LogIt("C_GenerateKeyPair returned as EXPECTED with 0x%08X, " - "%-26s\n since not logged in\n", crv, + "%-26s\n since not logged in\n", + crv, PKM_CK_RVtoStr(crv)); } } @@ -1106,7 +1106,8 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, PKM_LogIt("C_Login with correct password succeeded\n"); } else { PKM_Error("C_Login with correct password failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -1119,13 +1120,13 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_GenerateKey AES succeeded\n"); } else { - PKM_Error( "C_GenerateKey AES failed with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_GenerateKey AES failed with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - + PKM_LogIt("Generate an 3DES key ...\n"); - /* generate an 3DES Secret Key */ + /* generate an 3DES Secret Key */ crv = pFunctionList->C_GenerateKey(hRwSession, &sDES3KeyGenMechanism, sDES3KeyTemplate, NUM_ELEM(sDES3KeyTemplate), @@ -1133,8 +1134,8 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_GenerateKey DES3 succeeded\n"); } else { - PKM_Error( "C_GenerateKey failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GenerateKey failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -1147,8 +1148,9 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("DSA domain parameter generation succeeded\n"); } else { - PKM_Error( "DSA domain parameter generation failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("DSA domain parameter generation failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_GetAttributeValue(hRwSession, hDsaParams, @@ -1156,19 +1158,21 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("Getting DSA domain parameters succeeded\n"); } else { - PKM_Error( "Getting DSA domain parameters failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("Getting DSA domain parameters failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_DestroyObject(hRwSession, hDsaParams); if (crv == CKR_OK) { PKM_LogIt("Destroying DSA domain parameters succeeded\n"); } else { - PKM_Error( "Destroying DSA domain parameters failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("Destroying DSA domain parameters failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - + PKM_LogIt("Generate a DSA key pair ... \n"); /* Generate a persistent DSA key pair */ crv = pFunctionList->C_GenerateKeyPair(hRwSession, &dsaKeyPairGenMech, @@ -1180,11 +1184,12 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("DSA key pair generation succeeded\n"); } else { - PKM_Error( "DSA key pair generation failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("DSA key pair generation failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - + PKM_LogIt("Generate a RSA key pair ... \n"); /*** GEN RSA Key ***/ crv = pFunctionList->C_GenerateKeyPair(hRwSession, &rsaKeyPairGenMech, @@ -1197,355 +1202,371 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, PKM_LogIt("C_GenerateKeyPair created an RSA key pair. \n"); } else { PKM_Error("C_GenerateKeyPair failed to create an RSA key pair.\n" - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } PKM_LogIt("**** Generation of keys completed ***** \n"); - + mech.mechanism = CKM_RSA_PKCS; mech.pParameter = NULL; mech.ulParameterLen = 0; crv = PKM_wrapUnwrap(pFunctionList, - hRwSession, - hRSApubKey, hRSAprivKey, - &mech, - hAESSecKey, - sAESKeyTemplate, - NUM_ELEM(sAESKeyTemplate)); - - if (crv == CKR_OK) { + hRwSession, + hRSApubKey, hRSAprivKey, + &mech, + hAESSecKey, + sAESKeyTemplate, + NUM_ELEM(sAESKeyTemplate)); + + if (crv == CKR_OK) { PKM_LogIt("PKM_wrapUnwrap using RSA keypair to wrap AES key " "succeeded\n\n"); } else { - PKM_Error( "PKM_wrapUnwrap using RSA keypair to wrap AES key failed " - "with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_wrapUnwrap using RSA keypair to wrap AES key failed " + "with 0x%08X, %-26s\n", + crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_wrapUnwrap(pFunctionList, - hRwSession, - hRSApubKey, hRSAprivKey, - &mech, - hDES3SecKey, - sDES3KeyTemplate, - NUM_ELEM(sDES3KeyTemplate)); - - if (crv == CKR_OK) { + hRwSession, + hRSApubKey, hRSAprivKey, + &mech, + hDES3SecKey, + sDES3KeyTemplate, + NUM_ELEM(sDES3KeyTemplate)); + + if (crv == CKR_OK) { PKM_LogIt("PKM_wrapUnwrap using RSA keypair to wrap DES3 key " "succeeded\n\n"); } else { - PKM_Error( "PKM_wrapUnwrap using RSA keypair to wrap DES3 key " - "failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_wrapUnwrap using RSA keypair to wrap DES3 key " + "failed with 0x%08X, %-26s\n", + crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_SecKeyCrypt(pFunctionList, hRwSession, - hAESSecKey, &mech_AES_CBC_PAD, - PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); + hAESSecKey, &mech_AES_CBC_PAD, + PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); if (crv == CKR_OK) { PKM_LogIt("PKM_SecKeyCrypt succeeded \n\n"); } else { - PKM_Error( "PKM_SecKeyCrypt failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_SecKeyCrypt failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - + crv = PKM_SecKeyCrypt(pFunctionList, hRwSession, - hAESSecKey, &mech_AES_CBC, - PLAINTEXT, sizeof(PLAINTEXT)); + hAESSecKey, &mech_AES_CBC, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_SecKeyCrypt AES succeeded \n\n"); } else { - PKM_Error( "PKM_SecKeyCrypt failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_SecKeyCrypt failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_SecKeyCrypt(pFunctionList, hRwSession, - hDES3SecKey, &mech_DES3_CBC, - PLAINTEXT, sizeof(PLAINTEXT)); + hDES3SecKey, &mech_DES3_CBC, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_SecKeyCrypt DES3 succeeded \n"); } else { - PKM_Error( "PKM_SecKeyCrypt DES3 failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_SecKeyCrypt DES3 failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_SecKeyCrypt(pFunctionList, hRwSession, - hDES3SecKey, &mech_DES3_CBC_PAD, - PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); + hDES3SecKey, &mech_DES3_CBC_PAD, + PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); if (crv == CKR_OK) { PKM_LogIt("PKM_SecKeyCrypt DES3 succeeded \n\n"); } else { - PKM_Error( "PKM_SecKeyCrypt DES3 failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_SecKeyCrypt DES3 failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - + mech.mechanism = CKM_RSA_PKCS; crv = PKM_RecoverFunctions(pFunctionList, hRwSession, - hRSApubKey, hRSAprivKey, - &mech, - PLAINTEXT, sizeof(PLAINTEXT)); + hRSApubKey, hRSAprivKey, + &mech, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_RecoverFunctions for CKM_RSA_PKCS succeeded\n\n"); } else { - PKM_Error( "PKM_RecoverFunctions failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_RecoverFunctions failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } mech.pParameter = NULL; mech.ulParameterLen = 0; - for (i=0; i < sigRSAMechsSZ; i++) { + for (i = 0; i < sigRSAMechsSZ; i++) { mech.mechanism = sigRSAMechs[i].mechanism; crv = PKM_PubKeySign(pFunctionList, hRwSession, - hRSApubKey, hRSAprivKey, - &mech, - PLAINTEXT, sizeof(PLAINTEXT)); + hRSApubKey, hRSAprivKey, + &mech, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { - PKM_LogIt("PKM_PubKeySign succeeded for %-10s\n\n", - sigRSAMechs[i].mechanismStr ); + PKM_LogIt("PKM_PubKeySign succeeded for %-10s\n\n", + sigRSAMechs[i].mechanismStr); } else { - PKM_Error( "PKM_PubKeySign failed for %-10s " - "with 0x%08X, %-26s\n", sigRSAMechs[i].mechanismStr, crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_PubKeySign failed for %-10s " + "with 0x%08X, %-26s\n", + sigRSAMechs[i].mechanismStr, crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_DualFuncSign(pFunctionList, hRwSession, - hRSApubKey, hRSAprivKey, - &mech, - hAESSecKey, &mech_AES_CBC, - PLAINTEXT, sizeof(PLAINTEXT)); + hRSApubKey, hRSAprivKey, + &mech, + hAESSecKey, &mech_AES_CBC, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_DualFuncSign with AES secret key succeeded " - "for %-10s\n\n", - sigRSAMechs[i].mechanismStr ); + "for %-10s\n\n", + sigRSAMechs[i].mechanismStr); } else { - PKM_Error( "PKM_DualFuncSign with AES secret key failed " - "for %-10s " - "with 0x%08X, %-26s\n", sigRSAMechs[i].mechanismStr, crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_DualFuncSign with AES secret key failed " + "for %-10s " + "with 0x%08X, %-26s\n", + sigRSAMechs[i].mechanismStr, crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_DualFuncSign(pFunctionList, hRwSession, - hRSApubKey, hRSAprivKey, - &mech, - hDES3SecKey, &mech_DES3_CBC, - PLAINTEXT, sizeof(PLAINTEXT)); + hRSApubKey, hRSAprivKey, + &mech, + hDES3SecKey, &mech_DES3_CBC, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_DualFuncSign with DES3 secret key succeeded " - "for %-10s\n\n", - sigRSAMechs[i].mechanismStr ); + "for %-10s\n\n", + sigRSAMechs[i].mechanismStr); } else { - PKM_Error( "PKM_DualFuncSign with DES3 secret key failed " - "for %-10s " - "with 0x%08X, %-26s\n", sigRSAMechs[i].mechanismStr, crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_DualFuncSign with DES3 secret key failed " + "for %-10s " + "with 0x%08X, %-26s\n", + sigRSAMechs[i].mechanismStr, crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_DualFuncSign(pFunctionList, hRwSession, - hRSApubKey, hRSAprivKey, - &mech, - hAESSecKey, &mech_AES_CBC_PAD, - PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); + hRSApubKey, hRSAprivKey, + &mech, + hAESSecKey, &mech_AES_CBC_PAD, + PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); if (crv == CKR_OK) { PKM_LogIt("PKM_DualFuncSign with AES secret key CBC_PAD " - "succeeded for %-10s\n\n", - sigRSAMechs[i].mechanismStr ); + "succeeded for %-10s\n\n", + sigRSAMechs[i].mechanismStr); } else { - PKM_Error( "PKM_DualFuncSign with AES secret key CBC_PAD " - "failed for %-10s " - "with 0x%08X, %-26s\n", sigRSAMechs[i].mechanismStr, crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_DualFuncSign with AES secret key CBC_PAD " + "failed for %-10s " + "with 0x%08X, %-26s\n", + sigRSAMechs[i].mechanismStr, crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_DualFuncSign(pFunctionList, hRwSession, - hRSApubKey, hRSAprivKey, - &mech, - hDES3SecKey, &mech_DES3_CBC_PAD, - PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); + hRSApubKey, hRSAprivKey, + &mech, + hDES3SecKey, &mech_DES3_CBC_PAD, + PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); if (crv == CKR_OK) { PKM_LogIt("PKM_DualFuncSign with DES3 secret key CBC_PAD " - "succeeded for %-10s\n\n", - sigRSAMechs[i].mechanismStr ); + "succeeded for %-10s\n\n", + sigRSAMechs[i].mechanismStr); } else { - PKM_Error( "PKM_DualFuncSign with DES3 secret key CBC_PAD " - "failed for %-10s " - "with 0x%08X, %-26s\n", sigRSAMechs[i].mechanismStr, crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_DualFuncSign with DES3 secret key CBC_PAD " + "failed for %-10s " + "with 0x%08X, %-26s\n", + sigRSAMechs[i].mechanismStr, crv, + PKM_CK_RVtoStr(crv)); return crv; } } /* end of RSA for loop */ crv = PKM_PubKeySign(pFunctionList, hRwSession, - hDSApubKey, hDSAprivKey, - &dsaWithSha1Mech, PLAINTEXT, sizeof(PLAINTEXT)); + hDSApubKey, hDSAprivKey, + &dsaWithSha1Mech, PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_PubKeySign for DSAwithSHA1 succeeded \n\n"); } else { - PKM_Error( "PKM_PubKeySign failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_PubKeySign failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_DualFuncSign(pFunctionList, hRwSession, - hDSApubKey, hDSAprivKey, - &dsaWithSha1Mech, - hAESSecKey, &mech_AES_CBC, - PLAINTEXT, sizeof(PLAINTEXT)); + hDSApubKey, hDSAprivKey, + &dsaWithSha1Mech, + hAESSecKey, &mech_AES_CBC, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_DualFuncSign with AES secret key succeeded " - "for DSAWithSHA1\n\n"); + "for DSAWithSHA1\n\n"); } else { - PKM_Error( "PKM_DualFuncSign with AES secret key failed " - "for DSAWithSHA1 with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); - return crv; + PKM_Error("PKM_DualFuncSign with AES secret key failed " + "for DSAWithSHA1 with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); + return crv; } crv = PKM_DualFuncSign(pFunctionList, hRwSession, - hDSApubKey, hDSAprivKey, - &dsaWithSha1Mech, - hDES3SecKey, &mech_DES3_CBC, - PLAINTEXT, sizeof(PLAINTEXT)); + hDSApubKey, hDSAprivKey, + &dsaWithSha1Mech, + hDES3SecKey, &mech_DES3_CBC, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_DualFuncSign with DES3 secret key succeeded " - "for DSAWithSHA1\n\n"); + "for DSAWithSHA1\n\n"); } else { - PKM_Error( "PKM_DualFuncSign with DES3 secret key failed " - "for DSAWithSHA1 with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); - return crv; + PKM_Error("PKM_DualFuncSign with DES3 secret key failed " + "for DSAWithSHA1 with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); + return crv; } crv = PKM_DualFuncSign(pFunctionList, hRwSession, - hDSApubKey, hDSAprivKey, - &dsaWithSha1Mech, - hAESSecKey, &mech_AES_CBC_PAD, - PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); + hDSApubKey, hDSAprivKey, + &dsaWithSha1Mech, + hAESSecKey, &mech_AES_CBC_PAD, + PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); if (crv == CKR_OK) { PKM_LogIt("PKM_DualFuncSign with AES secret key CBC_PAD succeeded " - "for DSAWithSHA1\n\n"); + "for DSAWithSHA1\n\n"); } else { - PKM_Error( "PKM_DualFuncSign with AES secret key CBC_PAD failed " - "for DSAWithSHA1 with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); - return crv; + PKM_Error("PKM_DualFuncSign with AES secret key CBC_PAD failed " + "for DSAWithSHA1 with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); + return crv; } crv = PKM_DualFuncSign(pFunctionList, hRwSession, - hDSApubKey, hDSAprivKey, - &dsaWithSha1Mech, - hDES3SecKey, &mech_DES3_CBC_PAD, - PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); + hDSApubKey, hDSAprivKey, + &dsaWithSha1Mech, + hDES3SecKey, &mech_DES3_CBC_PAD, + PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD)); if (crv == CKR_OK) { PKM_LogIt("PKM_DualFuncSign with DES3 secret key CBC_PAD succeeded " - "for DSAWithSHA1\n\n"); + "for DSAWithSHA1\n\n"); } else { - PKM_Error( "PKM_DualFuncSign with DES3 secret key CBC_PAD failed " - "for DSAWithSHA1 with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); - return crv; + PKM_Error("PKM_DualFuncSign with DES3 secret key CBC_PAD failed " + "for DSAWithSHA1 with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); + return crv; } - - for (i=0; i < digestMechsSZ; i++) { + for (i = 0; i < digestMechsSZ; i++) { mech.mechanism = digestMechs[i].mechanism; crv = PKM_Digest(pFunctionList, hRwSession, - &mech, hAESSecKey, - PLAINTEXT, sizeof(PLAINTEXT)); + &mech, hAESSecKey, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { - PKM_LogIt("PKM_Digest with AES secret key succeeded for %-10s\n\n", - digestMechs[i].mechanismStr); + PKM_LogIt("PKM_Digest with AES secret key succeeded for %-10s\n\n", + digestMechs[i].mechanismStr); } else { - PKM_Error( "PKM_Digest with AES secret key failed for " - "%-10s with 0x%08X, %-26s\n", - digestMechs[i].mechanismStr, crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_Digest with AES secret key failed for " + "%-10s with 0x%08X, %-26s\n", + digestMechs[i].mechanismStr, crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_DualFuncDigest(pFunctionList, hRwSession, - hAESSecKey, &mech_AES_CBC, - 0,&mech, - PLAINTEXT, sizeof(PLAINTEXT)); + hAESSecKey, &mech_AES_CBC, + 0, &mech, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_DualFuncDigest with AES secret key succeeded\n\n"); } else { - PKM_Error( "PKM_DualFuncDigest with AES secret key " - "failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_DualFuncDigest with AES secret key " + "failed with 0x%08X, %-26s\n", + crv, + PKM_CK_RVtoStr(crv)); } crv = PKM_Digest(pFunctionList, hRwSession, - &mech, hDES3SecKey, - PLAINTEXT, sizeof(PLAINTEXT)); + &mech, hDES3SecKey, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { - PKM_LogIt("PKM_Digest with DES3 secret key succeeded for %-10s\n\n", - digestMechs[i].mechanismStr); + PKM_LogIt("PKM_Digest with DES3 secret key succeeded for %-10s\n\n", + digestMechs[i].mechanismStr); } else { - PKM_Error( "PKM_Digest with DES3 secret key failed for " - "%-10s with 0x%08X, %-26s\n", - digestMechs[i].mechanismStr, crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_Digest with DES3 secret key failed for " + "%-10s with 0x%08X, %-26s\n", + digestMechs[i].mechanismStr, crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_DualFuncDigest(pFunctionList, hRwSession, - hDES3SecKey, &mech_DES3_CBC, - 0,&mech, - PLAINTEXT, sizeof(PLAINTEXT)); + hDES3SecKey, &mech_DES3_CBC, + 0, &mech, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_DualFuncDigest DES3 secret key succeeded\n\n"); } else { - PKM_Error( "PKM_DualFuncDigest DES3 secret key " - "failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_DualFuncDigest DES3 secret key " + "failed with 0x%08X, %-26s\n", + crv, + PKM_CK_RVtoStr(crv)); } crv = PKM_Digest(pFunctionList, hRwSession, - &mech, 0, - PLAINTEXT, sizeof(PLAINTEXT)); + &mech, 0, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { - PKM_LogIt("PKM_Digest with no secret key succeeded for %-10s\n\n", - digestMechs[i].mechanismStr ); + PKM_LogIt("PKM_Digest with no secret key succeeded for %-10s\n\n", + digestMechs[i].mechanismStr); } else { - PKM_Error( "PKM_Digest with no secret key failed for %-10s " - "with 0x%08X, %-26s\n", digestMechs[i].mechanismStr, crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_Digest with no secret key failed for %-10s " + "with 0x%08X, %-26s\n", + digestMechs[i].mechanismStr, crv, + PKM_CK_RVtoStr(crv)); return crv; } } /* end of digest loop */ - for (i=0; i < hmacMechsSZ; i++) { + for (i = 0; i < hmacMechsSZ; i++) { mech.mechanism = hmacMechs[i].mechanism; crv = PKM_Hmac(pFunctionList, hRwSession, - hAESSecKey, &mech, - PLAINTEXT, sizeof(PLAINTEXT)); + hAESSecKey, &mech, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { - PKM_LogIt("PKM_Hmac with AES secret key succeeded for %-10s\n\n", - hmacMechs[i].mechanismStr); + PKM_LogIt("PKM_Hmac with AES secret key succeeded for %-10s\n\n", + hmacMechs[i].mechanismStr); } else { - PKM_Error( "PKM_Hmac with AES secret key failed for %-10s " - "with 0x%08X, %-26s\n", - hmacMechs[i].mechanismStr, crv, PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_Hmac with AES secret key failed for %-10s " + "with 0x%08X, %-26s\n", + hmacMechs[i].mechanismStr, crv, PKM_CK_RVtoStr(crv)); return crv; } - if ((MODE == FIPSMODE) && (mech.mechanism == CKM_SHA512_HMAC)) break; + if ((MODE == FIPSMODE) && (mech.mechanism == CKM_SHA512_HMAC)) + break; crv = PKM_Hmac(pFunctionList, hRwSession, - hDES3SecKey, &mech, - PLAINTEXT, sizeof(PLAINTEXT)); + hDES3SecKey, &mech, + PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { - PKM_LogIt("PKM_Hmac with DES3 secret key succeeded for %-10s\n\n", - hmacMechs[i].mechanismStr); + PKM_LogIt("PKM_Hmac with DES3 secret key succeeded for %-10s\n\n", + hmacMechs[i].mechanismStr); } else { - PKM_Error( "PKM_Hmac with DES3 secret key failed for %-10s " - "with 0x%08X, %-26s\n", - hmacMechs[i].mechanismStr, crv, PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_Hmac with DES3 secret key failed for %-10s " + "with 0x%08X, %-26s\n", + hmacMechs[i].mechanismStr, crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -1555,42 +1576,45 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_Logout succeeded\n"); } else { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hRwSession); if (crv != CKR_OK) { - PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } return crv; - } -void PKM_LogIt(const char *fmt, ...) { +void +PKM_LogIt(const char *fmt, ...) +{ va_list args; - + if (verbose) { - va_start (args, fmt); + va_start(args, fmt); if (MODE == FIPSMODE) { printf("FIPS MODE: "); } else if (MODE == NONFIPSMODE) { printf("NON FIPS MODE: "); } else if (MODE == HYBRIDMODE) { printf("Hybrid MODE: "); - } + } vprintf(fmt, args); va_end(args); } } -void PKM_Error(const char *fmt, ...) { +void +PKM_Error(const char *fmt, ...) +{ va_list args; - va_start (args, fmt); + va_start(args, fmt); if (MODE == FIPSMODE) { fprintf(stderr, "\nFIPS MODE PKM_Error: "); @@ -1598,158 +1622,167 @@ void PKM_Error(const char *fmt, ...) { fprintf(stderr, "NON FIPS MODE PKM_Error: "); } else if (MODE == HYBRIDMODE) { fprintf(stderr, "Hybrid MODE PKM_Error: "); - } else fprintf(stderr, "NOMODE PKM_Error: "); + } else + fprintf(stderr, "NOMODE PKM_Error: "); vfprintf(stderr, fmt, args); va_end(args); } -CK_SLOT_ID *PKM_GetSlotList(CK_FUNCTION_LIST_PTR pFunctionList, - CK_ULONG slotID) { +CK_SLOT_ID * +PKM_GetSlotList(CK_FUNCTION_LIST_PTR pFunctionList, + CK_ULONG slotID) +{ CK_RV crv = CKR_OK; CK_SLOT_ID *pSlotList = NULL; CK_ULONG slotCount; - + NUMTESTS++; /* increment NUMTESTS */ /* Get slot list */ crv = pFunctionList->C_GetSlotList(CK_FALSE /* all slots */, NULL, &slotCount); if (crv != CKR_OK) { - PKM_Error( "C_GetSlotList failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GetSlotList failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return NULL; } PKM_LogIt("C_GetSlotList reported there are %lu slots\n", slotCount); pSlotList = (CK_SLOT_ID *)malloc(slotCount * sizeof(CK_SLOT_ID)); if (!pSlotList) { - PKM_Error( "failed to allocate slot list\n"); + PKM_Error("failed to allocate slot list\n"); return NULL; } crv = pFunctionList->C_GetSlotList(CK_FALSE /* all slots */, pSlotList, &slotCount); if (crv != CKR_OK) { - PKM_Error( "C_GetSlotList failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); - if (pSlotList) free(pSlotList); + PKM_Error("C_GetSlotList failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); + if (pSlotList) + free(pSlotList); return NULL; } return pSlotList; } -CK_RV PKM_InitPWforDB(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) { +CK_RV +PKM_InitPWforDB(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) +{ CK_RV crv = CKR_OK; CK_SESSION_HANDLE hSession; - static const CK_UTF8CHAR testPin[] = {"0Mozilla"}; - static const CK_UTF8CHAR weakPin[] = {"mozilla"}; + static const CK_UTF8CHAR testPin[] = { "0Mozilla" }; + static const CK_UTF8CHAR weakPin[] = { "mozilla" }; crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_RW_SESSION | CKF_SERIAL_SESSION, NULL, NULL, &hSession); if (crv != CKR_OK) { - PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt("CKU_USER 0x%08X \n", CKU_USER); + PKM_LogIt("CKU_USER 0x%08X \n", CKU_USER); crv = pFunctionList->C_Login(hSession, CKU_SO, NULL, 0); if (crv != CKR_OK) { - PKM_Error( "C_Login failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Login failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } if (MODE == FIPSMODE) { - crv = pFunctionList->C_InitPIN(hSession, (CK_UTF8CHAR *) weakPin, + crv = pFunctionList->C_InitPIN(hSession, (CK_UTF8CHAR *)weakPin, strlen((char *)weakPin)); if (crv == CKR_OK) { - PKM_Error( "C_InitPIN with a weak password succeeded\n"); + PKM_Error("C_InitPIN with a weak password succeeded\n"); return crv; } else { PKM_LogIt("C_InitPIN with a weak password failed with " - "0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); } } - crv = pFunctionList->C_InitPIN(hSession, (CK_UTF8CHAR *) testPin, + crv = pFunctionList->C_InitPIN(hSession, (CK_UTF8CHAR *)testPin, strlen((char *)testPin)); if (crv == CKR_OK) { PKM_LogIt("C_InitPIN succeeded\n"); } else { - PKM_Error( "C_InitPIN failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_InitPIN failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_Logout(hSession); if (crv != CKR_OK) { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hSession); if (crv != CKR_OK) { - PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_RW_SESSION | CKF_SERIAL_SESSION, NULL, NULL, &hSession); if (crv != CKR_OK) { - PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt("CKU_USER 0x%08X \n", CKU_USER); + PKM_LogIt("CKU_USER 0x%08X \n", CKU_USER); - crv = pFunctionList->C_Login(hSession, CKU_USER, (CK_UTF8CHAR *) testPin, + crv = pFunctionList->C_Login(hSession, CKU_USER, (CK_UTF8CHAR *)testPin, strlen((const char *)testPin)); if (crv != CKR_OK) { - PKM_Error( "C_Login failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Login failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } if (MODE == FIPSMODE) { crv = pFunctionList->C_SetPIN( - hSession, (CK_UTF8CHAR *) testPin, - strlen((const char *)testPin), - (CK_UTF8CHAR *) weakPin, - strlen((const char *)weakPin)); + hSession, (CK_UTF8CHAR *)testPin, + strlen((const char *)testPin), + (CK_UTF8CHAR *)weakPin, + strlen((const char *)weakPin)); if (crv == CKR_OK) { - PKM_Error( "C_SetPIN with a weak password succeeded\n"); + PKM_Error("C_SetPIN with a weak password succeeded\n"); return crv; } else { PKM_LogIt("C_SetPIN with a weak password returned with " - "0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); } } crv = pFunctionList->C_SetPIN( - hSession, (CK_UTF8CHAR *) testPin, - strlen((const char *)testPin), - pwd, pwdLen); + hSession, (CK_UTF8CHAR *)testPin, + strlen((const char *)testPin), + pwd, pwdLen); if (crv != CKR_OK) { - PKM_Error( "C_CSetPin failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CSetPin failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_Logout(hSession); if (crv != CKR_OK) { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hSession); if (crv != CKR_OK) { - PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } return crv; } -CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) { +CK_RV +PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) +{ CK_RV crv = CKR_OK; CK_INFO info; CK_SLOT_ID *pSlotList = NULL; @@ -1758,16 +1791,15 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) { CK_SLOT_INFO slotInfo; CK_TOKEN_INFO tokenInfo; CK_FLAGS bitflag; - - NUMTESTS++; /* increment NUMTESTS */ + NUMTESTS++; /* increment NUMTESTS */ crv = pFunctionList->C_GetInfo(&info); if (crv == CKR_OK) { PKM_LogIt("C_GetInfo succeeded\n"); } else { - PKM_Error( "C_GetInfo failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GetInfo failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } PKM_LogIt("General information about the PKCS #11 library:\n"); @@ -1784,15 +1816,15 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) { /* Get slot list */ pSlotList = PKM_GetSlotList(pFunctionList, slotID); if (pSlotList == NULL) { - PKM_Error( "PKM_GetSlotList failed with \n"); + PKM_Error("PKM_GetSlotList failed with \n"); return crv; } crv = pFunctionList->C_GetSlotInfo(pSlotList[slotID], &slotInfo); if (crv == CKR_OK) { PKM_LogIt("C_GetSlotInfo succeeded\n"); } else { - PKM_Error( "C_GetSlotInfo failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GetSlotInfo failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } PKM_LogIt("Information about slot %lu:\n", pSlotList[slotID]); @@ -1800,7 +1832,7 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) { PKM_LogIt(" slot manufacturer ID: %.32s\n", slotInfo.manufacturerID); PKM_LogIt(" flags: 0x%08lX\n", slotInfo.flags); bitflag = 1; - for (i = 0; i < sizeof(slotFlagName)/sizeof(slotFlagName[0]); i++) { + for (i = 0; i < sizeof(slotFlagName) / sizeof(slotFlagName[0]); i++) { if (slotInfo.flags & bitflag) { PKM_LogIt(" %s\n", slotFlagName[i]); } @@ -1818,8 +1850,8 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) { if (crv == CKR_OK) { PKM_LogIt("C_GetTokenInfo succeeded\n"); } else { - PKM_Error( "C_GetTokenInfo failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GetTokenInfo failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } PKM_LogIt("Information about the token in slot %lu:\n", @@ -1831,7 +1863,7 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) { PKM_LogIt(" device serial number: %.16s\n", tokenInfo.serialNumber); PKM_LogIt(" flags: 0x%08lX\n", tokenInfo.flags); bitflag = 1; - for (i = 0; i < sizeof(tokenFlagName)/sizeof(tokenFlagName[0]); i++) { + for (i = 0; i < sizeof(tokenFlagName) / sizeof(tokenFlagName[0]); i++) { if (tokenInfo.flags & bitflag) { PKM_LogIt(" %s\n", tokenFlagName[i]); } @@ -1864,7 +1896,7 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) { PKM_LogIt(" current time: %.16s\n", tokenInfo.utcTime); } PKM_LogIt("PKM_ShowInfo done \n\n"); - if (pSlotList) free(pSlotList); + free(pSlotList); return crv; } @@ -1877,10 +1909,12 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) { /* is inactive. */ /* PKM_HybridMode demostrates how an application can switch between the */ /* two modes: FIPS Approved mode and NONFIPS mode. */ -CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, - CK_C_INITIALIZE_ARGS_NSS *initArgs) { +CK_RV +PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, + CK_C_INITIALIZE_ARGS_NSS *initArgs) +{ - CK_C_GetFunctionList pC_GetFunctionList; /* NONFIPSMode */ + CK_C_GetFunctionList pC_GetFunctionList; /* NONFIPSMode */ CK_FUNCTION_LIST_PTR pC_FunctionList; CK_SLOT_ID *pC_SlotList = NULL; CK_ULONG slotID_C = 1; @@ -1890,22 +1924,22 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, CK_ULONG slotID_FC = 0; CK_RV crv = CKR_OK; CK_SESSION_HANDLE hSession; - int origMode = MODE; /* remember the orginal MODE value */ + int origMode = MODE; /* remember the orginal MODE value */ NUMTESTS++; /* increment NUMTESTS */ MODE = NONFIPSMODE; #ifdef _WIN32 /* NON FIPS mode == C_GetFunctionList */ pC_GetFunctionList = (CK_C_GetFunctionList) - GetProcAddress(hModule, "C_GetFunctionList"); + GetProcAddress(hModule, "C_GetFunctionList"); if (pC_GetFunctionList == NULL) { - PKM_Error( "cannot load %s\n", LIB_NAME); + PKM_Error("cannot load %s\n", LIB_NAME); return crv; } #else - pC_GetFunctionList = (CK_C_GetFunctionList) PR_FindFunctionSymbol(lib, - "C_GetFunctionList"); - assert(pC_GetFunctionList != NULL); + pC_GetFunctionList = (CK_C_GetFunctionList)PR_FindFunctionSymbol(lib, + "C_GetFunctionList"); + assert(pC_GetFunctionList != NULL); #endif PKM_LogIt("loading C_GetFunctionList for Non FIPS Mode; slotID %d \n", slotID_C); @@ -1917,14 +1951,14 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, if (crv == CKR_OK) { PKM_LogIt("C_Initialize succeeded\n"); } else { - PKM_Error( "C_Initialize failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Initialize failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } pC_SlotList = PKM_GetSlotList(pC_FunctionList, slotID_C); if (pC_SlotList == NULL) { - PKM_Error( "PKM_GetSlotList failed with \n"); + PKM_Error("PKM_GetSlotList failed with \n"); return crv; } crv = pC_FunctionList->C_OpenSession(pC_SlotList[slotID_C], @@ -1933,8 +1967,9 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, if (crv == CKR_OK) { PKM_LogIt("NONFIPS C_OpenSession succeeded\n"); } else { - PKM_Error( "C_OpenSession failed for NONFIPS token " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed for NONFIPS token " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -1942,8 +1977,9 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, if (crv == CKR_OK) { PKM_LogIt("able to login in NONFIPS token\n"); } else { - PKM_Error( "Unable to login in to NONFIPS token " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("Unable to login in to NONFIPS token " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -1951,8 +1987,8 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, if (crv == CKR_OK) { PKM_LogIt("C_Logout succeeded\n"); } else { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -1961,21 +1997,21 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, /* Now load the FIPS token */ /* FIPS mode == FC_GetFunctionList */ - pFC_GetFunctionList = NULL; + pFC_GetFunctionList = NULL; #ifdef _WIN32 pFC_GetFunctionList = (CK_C_GetFunctionList) - GetProcAddress(hModule, "FC_GetFunctionList"); + GetProcAddress(hModule, "FC_GetFunctionList"); #else - pFC_GetFunctionList = (CK_C_GetFunctionList) PR_FindFunctionSymbol(lib, - "FC_GetFunctionList"); - assert(pFC_GetFunctionList != NULL); + pFC_GetFunctionList = (CK_C_GetFunctionList)PR_FindFunctionSymbol(lib, + "FC_GetFunctionList"); + assert(pFC_GetFunctionList != NULL); #endif PKM_LogIt("loading FC_GetFunctionList for FIPS Mode; slotID %d \n", slotID_FC); PKM_LogIt("pFC_FunctionList->C_Foo == pFC_FunctionList->FC_Foo\n"); if (pFC_GetFunctionList == NULL) { - PKM_Error( "unable to load pFC_GetFunctionList\n"); + PKM_Error("unable to load pFC_GetFunctionList\n"); return crv; } @@ -1987,15 +2023,15 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, if (crv == CKR_OK) { PKM_LogIt("FC_Initialize succeeded\n"); } else { - PKM_Error( "FC_Initialize failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("FC_Initialize failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } PKM_ShowInfo(pFC_FunctionList, slotID_FC); pFC_SlotList = PKM_GetSlotList(pFC_FunctionList, slotID_FC); if (pFC_SlotList == NULL) { - PKM_Error( "PKM_GetSlotList failed with \n"); + PKM_Error("PKM_GetSlotList failed with \n"); return crv; } @@ -2010,8 +2046,9 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, if (crv == CKR_OK) { PKM_LogIt("NONFIPS pC_CloseSession succeeded\n"); } else { - PKM_Error( "pC_CloseSession failed for NONFIPS token " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("pC_CloseSession failed for NONFIPS token " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -2019,16 +2056,16 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, "only when the NONFIPS Approved mode is inactive by \n" "calling C_Finalize on the NONFIPS token.\n"); - /* to go in FIPSMODE you must Finalize the NONFIPS mode pointer */ crv = pC_FunctionList->C_Finalize(NULL); if (crv == CKR_OK) { PKM_LogIt("C_Finalize of NONFIPS Token succeeded\n"); MODE = FIPSMODE; } else { - PKM_Error( "C_Finalize of NONFIPS Token failed with " - "0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Finalize of NONFIPS Token failed with " + "0x%08X, %-26s\n", + crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -2041,27 +2078,31 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, PKM_LogIt("Exiting FIPSMODE by caling FC_Finalize.\n"); MODE = NOMODE; } else { - PKM_Error( "FC_Finalize failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("FC_Finalize failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - if (pC_SlotList) free(pC_SlotList); - if (pFC_SlotList) free(pFC_SlotList); + if (pC_SlotList) + free(pC_SlotList); + if (pFC_SlotList) + free(pFC_SlotList); MODE = origMode; /* set the mode back to the orginal Mode value */ PKM_LogIt("PKM_HybridMode test Completed\n\n"); return crv; } -CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID) { +CK_RV +PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID) +{ CK_RV crv = CKR_OK; CK_MECHANISM_TYPE *pMechanismList; CK_ULONG mechanismCount; CK_ULONG i; - const char * mechName = NULL; + const char *mechName = NULL; NUMTESTS++; /* increment NUMTESTS */ @@ -2069,23 +2110,23 @@ CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_GetMechanismList(pSlotList[slotID], NULL, &mechanismCount); if (crv != CKR_OK) { - PKM_Error( "C_GetMechanismList failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GetMechanismList failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } PKM_LogIt("C_GetMechanismList reported there are %lu mechanisms\n", mechanismCount); pMechanismList = (CK_MECHANISM_TYPE *) - malloc(mechanismCount * sizeof(CK_MECHANISM_TYPE)); + malloc(mechanismCount * sizeof(CK_MECHANISM_TYPE)); if (!pMechanismList) { - PKM_Error( "failed to allocate mechanism list\n"); + PKM_Error("failed to allocate mechanism list\n"); return crv; } crv = pFunctionList->C_GetMechanismList(pSlotList[slotID], pMechanismList, &mechanismCount); if (crv != CKR_OK) { - PKM_Error( "C_GetMechanismList failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GetMechanismList failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } PKM_LogIt("C_GetMechanismList returned the mechanism types:\n"); @@ -2096,87 +2137,91 @@ CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList, /* output two mechanism name on each line */ /* currently the longest known mechansim name length is 37 */ if (mechName) { - printf("%-40s",mechName); + printf("%-40s", mechName); } else { printf("Unknown mechanism: 0x%08lX ", pMechanismList[i]); - } - if ((i % 2) == 1 ) printf("\n"); + } + if ((i % 2) == 1) + printf("\n"); } printf("\n\n"); } - for ( i = 0; i < mechanismCount; i++ ) { + for (i = 0; i < mechanismCount; i++) { CK_MECHANISM_INFO minfo; memset(&minfo, 0, sizeof(CK_MECHANISM_INFO)); crv = pFunctionList->C_GetMechanismInfo(pSlotList[slotID], pMechanismList[i], &minfo); - if ( CKR_OK != crv ) { - PKM_Error( "C_GetMechanismInfo(%lu, %lu) returned 0x%08X, %-26s\n", - pSlotList[slotID], pMechanismList[i], crv, - PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_GetMechanismInfo(%lu, %lu) returned 0x%08X, %-26s\n", + pSlotList[slotID], pMechanismList[i], crv, + PKM_CK_RVtoStr(crv)); return crv; } mechName = getName(pMechanismList[i], ConstMechanism); - if (!mechName) mechName = "Unknown mechanism"; - PKM_LogIt( " [%lu]: CK_MECHANISM_TYPE = %s 0x%08lX\n", (i+1), - mechName, - pMechanismList[i]); - PKM_LogIt( " ulMinKeySize = %lu\n", minfo.ulMinKeySize); - PKM_LogIt( " ulMaxKeySize = %lu\n", minfo.ulMaxKeySize); - PKM_LogIt( " flags = 0x%08x\n", minfo.flags); - PKM_LogIt( " -> HW = %s\n", minfo.flags & CKF_HW ? - "TRUE" : "FALSE"); - PKM_LogIt( " -> ENCRYPT = %s\n", minfo.flags & CKF_ENCRYPT ? - "TRUE" : "FALSE"); - PKM_LogIt( " -> DECRYPT = %s\n", minfo.flags & CKF_DECRYPT ? - "TRUE" : "FALSE"); - PKM_LogIt( " -> DIGEST = %s\n", minfo.flags & CKF_DIGEST ? - "TRUE" : "FALSE"); - PKM_LogIt( " -> SIGN = %s\n", minfo.flags & CKF_SIGN ? - "TRUE" : "FALSE"); - PKM_LogIt( " -> SIGN_RECOVER = %s\n", minfo.flags & - CKF_SIGN_RECOVER ? "TRUE" : "FALSE"); - PKM_LogIt( " -> VERIFY = %s\n", minfo.flags & CKF_VERIFY ? - "TRUE" : "FALSE"); - PKM_LogIt( " -> VERIFY_RECOVER = %s\n", - minfo.flags & CKF_VERIFY_RECOVER ? "TRUE" : "FALSE"); - PKM_LogIt( " -> GENERATE = %s\n", minfo.flags & CKF_GENERATE ? - "TRUE" : "FALSE"); - PKM_LogIt( " -> GENERATE_KEY_PAIR = %s\n", - minfo.flags & CKF_GENERATE_KEY_PAIR ? "TRUE" : "FALSE"); - PKM_LogIt( " -> WRAP = %s\n", minfo.flags & CKF_WRAP ? - "TRUE" : "FALSE"); - PKM_LogIt( " -> UNWRAP = %s\n", minfo.flags & CKF_UNWRAP ? - "TRUE" : "FALSE"); - PKM_LogIt( " -> DERIVE = %s\n", minfo.flags & CKF_DERIVE ? - "TRUE" : "FALSE"); - PKM_LogIt( " -> EXTENSION = %s\n", minfo.flags & CKF_EXTENSION ? - "TRUE" : "FALSE"); - - PKM_LogIt( "\n"); + if (!mechName) + mechName = "Unknown mechanism"; + PKM_LogIt(" [%lu]: CK_MECHANISM_TYPE = %s 0x%08lX\n", (i + 1), + mechName, + pMechanismList[i]); + PKM_LogIt(" ulMinKeySize = %lu\n", minfo.ulMinKeySize); + PKM_LogIt(" ulMaxKeySize = %lu\n", minfo.ulMaxKeySize); + PKM_LogIt(" flags = 0x%08x\n", minfo.flags); + PKM_LogIt(" -> HW = %s\n", minfo.flags & CKF_HW ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> ENCRYPT = %s\n", minfo.flags & CKF_ENCRYPT ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> DECRYPT = %s\n", minfo.flags & CKF_DECRYPT ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> DIGEST = %s\n", minfo.flags & CKF_DIGEST ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> SIGN = %s\n", minfo.flags & CKF_SIGN ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> SIGN_RECOVER = %s\n", minfo.flags & + CKF_SIGN_RECOVER + ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> VERIFY = %s\n", minfo.flags & CKF_VERIFY ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> VERIFY_RECOVER = %s\n", + minfo.flags & CKF_VERIFY_RECOVER ? "TRUE" : "FALSE"); + PKM_LogIt(" -> GENERATE = %s\n", minfo.flags & CKF_GENERATE ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> GENERATE_KEY_PAIR = %s\n", + minfo.flags & CKF_GENERATE_KEY_PAIR ? "TRUE" : "FALSE"); + PKM_LogIt(" -> WRAP = %s\n", minfo.flags & CKF_WRAP ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> UNWRAP = %s\n", minfo.flags & CKF_UNWRAP ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> DERIVE = %s\n", minfo.flags & CKF_DERIVE ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> EXTENSION = %s\n", minfo.flags & CKF_EXTENSION ? "TRUE" + : "FALSE"); + + PKM_LogIt("\n"); } - return crv; - } -CK_RV PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID * pSlotList, - CK_ULONG slotID) { +CK_RV +PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList, + CK_ULONG slotID) +{ CK_SESSION_HANDLE hSession; CK_RV crv = CKR_OK; CK_BYTE randomData[16]; - CK_BYTE seed[] = {0x01, 0x03, 0x35, 0x55, 0xFF}; + CK_BYTE seed[] = { 0x01, 0x03, 0x35, 0x55, 0xFF }; NUMTESTS++; /* increment NUMTESTS */ crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION, NULL, NULL, &hSession); if (crv != CKR_OK) { - PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -2185,16 +2230,18 @@ CK_RV PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID * pSlotList, if (crv == CKR_OK) { PKM_LogIt("C_GenerateRandom without login succeeded\n"); } else { - PKM_Error( "C_GenerateRandom without login failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_GenerateRandom without login failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_SeedRandom(hSession, seed, sizeof(seed)); if (crv == CKR_OK) { PKM_LogIt("C_SeedRandom without login succeeded\n"); } else { - PKM_Error( "C_SeedRandom without login failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_SeedRandom without login failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_GenerateRandom(hSession, @@ -2202,70 +2249,74 @@ CK_RV PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID * pSlotList, if (crv == CKR_OK) { PKM_LogIt("C_GenerateRandom without login succeeded\n"); } else { - PKM_Error( "C_GenerateRandom without login failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_GenerateRandom without login failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hSession); if (crv != CKR_OK) { - PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } return crv; - } -CK_RV PKM_SessionLogin(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID *pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) { +CK_RV +PKM_SessionLogin(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) +{ CK_SESSION_HANDLE hSession; CK_RV crv = CKR_OK; - + NUMTESTS++; /* increment NUMTESTS */ crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION, NULL, NULL, &hSession); if (crv != CKR_OK) { - PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_Login(hSession, CKU_USER, (unsigned char *) - "netscape", 8); + crv = pFunctionList->C_Login(hSession, CKU_USER, (unsigned char *)"netscape", 8); if (crv == CKR_OK) { PKM_Error("C_Login with wrong password succeeded\n"); return CKR_FUNCTION_FAILED; } else { PKM_LogIt("As expected C_Login with wrong password returned 0x%08X, " - "%-26s.\n ", crv, PKM_CK_RVtoStr(crv)); + "%-26s.\n ", + crv, PKM_CK_RVtoStr(crv)); } - crv = pFunctionList->C_Login(hSession, CKU_USER, (unsigned char *) - "red hat", 7); + crv = pFunctionList->C_Login(hSession, CKU_USER, (unsigned char *)"red hat", 7); if (crv == CKR_OK) { PKM_Error("C_Login with wrong password succeeded\n"); return CKR_FUNCTION_FAILED; } else { PKM_LogIt("As expected C_Login with wrong password returned 0x%08X, " - "%-26s.\n ", crv, PKM_CK_RVtoStr(crv)); + "%-26s.\n ", + crv, PKM_CK_RVtoStr(crv)); } - crv = pFunctionList->C_Login(hSession, CKU_USER, - (unsigned char *) "sun", 3); + crv = pFunctionList->C_Login(hSession, CKU_USER, + (unsigned char *)"sun", 3); if (crv == CKR_OK) { PKM_Error("C_Login with wrong password succeeded\n"); return CKR_FUNCTION_FAILED; } else { PKM_LogIt("As expected C_Login with wrong password returned 0x%08X, " - "%-26s.\n ", crv, PKM_CK_RVtoStr(crv)); + "%-26s.\n ", + crv, PKM_CK_RVtoStr(crv)); } crv = pFunctionList->C_Login(hSession, CKU_USER, pwd, pwdLen); if (crv == CKR_OK) { PKM_LogIt("C_Login with correct password succeeded\n"); } else { PKM_Error("C_Login with correct password failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -2273,20 +2324,19 @@ CK_RV PKM_SessionLogin(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_Logout succeeded\n"); } else { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hSession); if (crv != CKR_OK) { - PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } return crv; - } /* @@ -2303,9 +2353,11 @@ CK_RV PKM_SessionLogin(CK_FUNCTION_LIST_PTR pFunctionList, * value CKR_FUNCTION_NOT_PARALLEL. * */ -CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) { +CK_RV +PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) +{ CK_SESSION_HANDLE hSession; CK_RV crv = CKR_OK; NUMTESTS++; /* increment NUMTESTS */ @@ -2313,8 +2365,8 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION, NULL, NULL, &hSession); if (crv != CKR_OK) { - PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -2322,8 +2374,9 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_Login with correct password succeeded\n"); } else { - PKM_Error( "C_Login with correct password failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_Login with correct password failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -2332,8 +2385,9 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList, PKM_LogIt("C_GetFunctionStatus correctly" "returned CKR_FUNCTION_NOT_PARALLEL \n"); } else { - PKM_Error( "C_GetFunctionStatus failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_GetFunctionStatus failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -2342,8 +2396,9 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList, PKM_LogIt("C_CancelFunction correctly " "returned CKR_FUNCTION_NOT_PARALLEL \n"); } else { - PKM_Error( "C_CancelFunction failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_CancelFunction failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -2351,20 +2406,19 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_Logout succeeded\n"); } else { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hSession); if (crv != CKR_OK) { - PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } return crv; - } /* @@ -2377,12 +2431,14 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList, * */ -CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hSecKey, CK_MECHANISM *cryptMech, - CK_OBJECT_HANDLE hSecKeyDigest, - CK_MECHANISM *digestMech, - const CK_BYTE * pData, CK_ULONG pDataLen) { +CK_RV +PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hSecKey, CK_MECHANISM *cryptMech, + CK_OBJECT_HANDLE hSecKeyDigest, + CK_MECHANISM *digestMech, + const CK_BYTE *pData, CK_ULONG pDataLen) +{ CK_RV crv = CKR_OK; CK_BYTE eDigest[MAX_DIGEST_SZ]; CK_BYTE dDigest[MAX_DIGEST_SZ]; @@ -2405,44 +2461,43 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList, */ crv = pFunctionList->C_EncryptInit(hSession, cryptMech, hSecKey); if (crv != CKR_OK) { - PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_DigestInit(hSession, digestMech); if (crv != CKR_OK) { - PKM_Error( "C_DigestInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DigestInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } ciphertextLen = sizeof(ciphertext); - crv = pFunctionList->C_DigestEncryptUpdate(hSession, (CK_BYTE * ) pData, + crv = pFunctionList->C_DigestEncryptUpdate(hSession, (CK_BYTE *)pData, pDataLen, ciphertext, &ciphertextLen); if (crv != CKR_OK) { - PKM_Error( "C_DigestEncryptUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DigestEncryptUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } ulDigestLen = sizeof(eDigest); crv = pFunctionList->C_DigestFinal(hSession, eDigest, &ulDigestLen); if (crv != CKR_OK) { - PKM_Error( "C_DigestFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DigestFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - /* get the last piece of ciphertext (length should be 0 */ lastLen = sizeof(ciphertext) - ciphertextLen; crv = pFunctionList->C_EncryptFinal(hSession, - (CK_BYTE * )&ciphertext[ciphertextLen], - &lastLen); + (CK_BYTE *)&ciphertext[ciphertextLen], + &lastLen); if (crv != CKR_OK) { - PKM_Error( "C_EncryptFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } ciphertextLen = ciphertextLen + lastLen; @@ -2462,14 +2517,14 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList, /* Decrypt the text */ crv = pFunctionList->C_DecryptInit(hSession, cryptMech, hSecKey); if (crv != CKR_OK) { - PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_DigestInit(hSession, digestMech); if (crv != CKR_OK) { - PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -2479,18 +2534,18 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList, plaintext, &plaintextLen); if (crv != CKR_OK) { - PKM_Error( "C_DecryptDigestUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptDigestUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } lastLen = sizeof(plaintext) - plaintextLen; crv = pFunctionList->C_DecryptFinal(hSession, - (CK_BYTE * )&plaintext[plaintextLen], + (CK_BYTE *)&plaintext[plaintextLen], &lastLen); if (crv != CKR_OK) { - PKM_Error( "C_DecryptFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } plaintextLen = plaintextLen + lastLen; @@ -2498,16 +2553,16 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList, ulDigestLen = sizeof(dDigest); crv = pFunctionList->C_DigestFinal(hSession, dDigest, &ulDigestLen); if (crv != CKR_OK) { - PKM_Error( "C_DigestFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DigestFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } if (plaintextLen != pDataLen) { - PKM_Error( "plaintextLen is %lu\n", plaintextLen); + PKM_Error("plaintextLen is %lu\n", plaintextLen); return crv; } - + if (verbose) { printf("plaintext = "); for (i = 0; i < plaintextLen; i++) { @@ -2520,22 +2575,21 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList, } printf("\n"); } - + if (memcmp(eDigest, dDigest, ulDigestLen) == 0) { PKM_LogIt("Encrypted Digest equals Decrypted Digest\n"); } else { - PKM_Error( "Digests don't match\n"); + PKM_Error("Digests don't match\n"); } if ((plaintextLen == pDataLen) && - (memcmp(plaintext, pData, pDataLen)) == 0) { + (memcmp(plaintext, pData, pDataLen)) == 0) { PKM_LogIt("DualFuncDigest decrypt test case passed\n"); } else { - PKM_Error( "DualFuncDigest derypt test case failed\n"); + PKM_Error("DualFuncDigest derypt test case failed\n"); } return crv; - } /* @@ -2543,19 +2597,21 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList, * */ -CK_RV PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hSymKey, CK_MECHANISM *cryptMech, - const CK_BYTE * pData, CK_ULONG dataLen) { +CK_RV +PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hSymKey, CK_MECHANISM *cryptMech, + const CK_BYTE *pData, CK_ULONG dataLen) +{ CK_RV crv = CKR_OK; CK_BYTE cipher1[MAX_CIPHER_SZ]; CK_BYTE cipher2[MAX_CIPHER_SZ]; CK_BYTE data1[MAX_DATA_SZ]; CK_BYTE data2[MAX_DATA_SZ]; - CK_ULONG cipher1Len =0, cipher2Len =0, lastLen =0; - CK_ULONG data1Len =0, data2Len =0; - + CK_ULONG cipher1Len = 0, cipher2Len = 0, lastLen = 0; + CK_ULONG data1Len = 0, data2Len = 0; + NUMTESTS++; /* increment NUMTESTS */ memset(cipher1, 0, sizeof(cipher1)); @@ -2566,70 +2622,70 @@ CK_RV PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList, /* C_Encrypt */ crv = pFunctionList->C_EncryptInit(hSession, cryptMech, hSymKey); if (crv != CKR_OK) { - PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } cipher1Len = sizeof(cipher1); - crv = pFunctionList->C_Encrypt(hSession, (CK_BYTE * ) pData, dataLen, + crv = pFunctionList->C_Encrypt(hSession, (CK_BYTE *)pData, dataLen, cipher1, &cipher1Len); if (crv != CKR_OK) { - PKM_Error( "C_Encrypt failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Encrypt failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } /* C_EncryptUpdate */ crv = pFunctionList->C_EncryptInit(hSession, cryptMech, hSymKey); if (crv != CKR_OK) { - PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } cipher2Len = sizeof(cipher2); - crv = pFunctionList->C_EncryptUpdate (hSession, (CK_BYTE * ) pData, - dataLen, - cipher2, &cipher2Len); + crv = pFunctionList->C_EncryptUpdate(hSession, (CK_BYTE *)pData, + dataLen, + cipher2, &cipher2Len); if (crv != CKR_OK) { - PKM_Error( "C_EncryptUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } lastLen = sizeof(cipher2) - cipher2Len; crv = pFunctionList->C_EncryptFinal(hSession, - (CK_BYTE * )&cipher2[cipher2Len], - &lastLen); + (CK_BYTE *)&cipher2[cipher2Len], + &lastLen); cipher2Len = cipher2Len + lastLen; - if ( (cipher1Len == cipher2Len) && - (memcmp(cipher1, cipher2, sizeof(cipher1Len)) == 0) ) { + if ((cipher1Len == cipher2Len) && + (memcmp(cipher1, cipher2, sizeof(cipher1Len)) == 0)) { PKM_LogIt("encrypt test case passed\n"); } else { - PKM_Error( "encrypt test case failed\n"); + PKM_Error("encrypt test case failed\n"); return CKR_GENERAL_ERROR; } /* C_Decrypt */ crv = pFunctionList->C_DecryptInit(hSession, cryptMech, hSymKey); if (crv != CKR_OK) { - PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } data1Len = sizeof(data1); crv = pFunctionList->C_Decrypt(hSession, cipher1, cipher1Len, data1, &data1Len); if (crv != CKR_OK) { - PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } /* now use C_DecryptUpdate the text */ crv = pFunctionList->C_DecryptInit(hSession, cryptMech, hSymKey); if (crv != CKR_OK) { - PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } data2Len = sizeof(data2); @@ -2637,40 +2693,39 @@ CK_RV PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList, cipher2Len, data2, &data2Len); if (crv != CKR_OK) { - PKM_Error( "C_DecryptUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } lastLen = sizeof(data2) - data2Len; crv = pFunctionList->C_DecryptFinal(hSession, - (CK_BYTE * )&data2[data2Len], + (CK_BYTE *)&data2[data2Len], &lastLen); if (crv != CKR_OK) { - PKM_Error( "C_DecryptFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } data2Len = data2Len + lastLen; - /* Comparison of Decrypt data */ - if ( (data1Len == data2Len) && (dataLen == data1Len) && - (memcmp(data1, pData, dataLen) == 0) && - (memcmp(data2, pData, dataLen) == 0) ) { + if ((data1Len == data2Len) && (dataLen == data1Len) && + (memcmp(data1, pData, dataLen) == 0) && + (memcmp(data2, pData, dataLen) == 0)) { PKM_LogIt("decrypt test case passed\n"); } else { - PKM_Error( "derypt test case failed\n"); + PKM_Error("derypt test case failed\n"); } return crv; - } - -CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) { +CK_RV +PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) +{ CK_SESSION_HANDLE hSession; CK_RV crv = CKR_OK; CK_MECHANISM sAESKeyMech = { @@ -2680,14 +2735,14 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, CK_KEY_TYPE keyAESType = CKK_AES; CK_UTF8CHAR AESlabel[] = "An AES secret key object"; CK_ULONG AESvalueLen = 16; - CK_ATTRIBUTE sAESKeyTemplate[9]; + CK_ATTRIBUTE sAESKeyTemplate[9]; CK_OBJECT_HANDLE hKey = CK_INVALID_HANDLE; CK_BYTE KEY[16]; CK_BYTE IV[16]; static const CK_BYTE CIPHERTEXT[] = { - 0x7e,0x6a,0x3f,0x3b,0x39,0x3c,0xf2,0x4b, - 0xce,0xcc,0x23,0x6d,0x80,0xfd,0xe0,0xff + 0x7e, 0x6a, 0x3f, 0x3b, 0x39, 0x3c, 0xf2, 0x4b, + 0xce, 0xcc, 0x23, 0x6d, 0x80, 0xfd, 0xe0, 0xff }; CK_BYTE ciphertext[64]; CK_BYTE ciphertext2[64]; @@ -2709,45 +2764,45 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, memset(ciphertext2, 0, sizeof(ciphertext2)); memset(IV, 0x00, sizeof(IV)); memset(KEY, 0x00, sizeof(KEY)); - - mech_AES_CBC.mechanism = CKM_AES_CBC; - mech_AES_CBC.pParameter = IV; + + mech_AES_CBC.mechanism = CKM_AES_CBC; + mech_AES_CBC.pParameter = IV; mech_AES_CBC.ulParameterLen = sizeof(IV); /* AES key template */ - sAESKeyTemplate[0].type = CKA_CLASS; - sAESKeyTemplate[0].pValue = &class; + sAESKeyTemplate[0].type = CKA_CLASS; + sAESKeyTemplate[0].pValue = &class; sAESKeyTemplate[0].ulValueLen = sizeof(class); - sAESKeyTemplate[1].type = CKA_KEY_TYPE; - sAESKeyTemplate[1].pValue = &keyAESType; + sAESKeyTemplate[1].type = CKA_KEY_TYPE; + sAESKeyTemplate[1].pValue = &keyAESType; sAESKeyTemplate[1].ulValueLen = sizeof(keyAESType); - sAESKeyTemplate[2].type = CKA_LABEL; - sAESKeyTemplate[2].pValue = AESlabel; - sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel)-1; - sAESKeyTemplate[3].type = CKA_ENCRYPT; - sAESKeyTemplate[3].pValue = &true; + sAESKeyTemplate[2].type = CKA_LABEL; + sAESKeyTemplate[2].pValue = AESlabel; + sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel) - 1; + sAESKeyTemplate[3].type = CKA_ENCRYPT; + sAESKeyTemplate[3].pValue = &true; sAESKeyTemplate[3].ulValueLen = sizeof(true); - sAESKeyTemplate[4].type = CKA_DECRYPT; - sAESKeyTemplate[4].pValue = &true; + sAESKeyTemplate[4].type = CKA_DECRYPT; + sAESKeyTemplate[4].pValue = &true; sAESKeyTemplate[4].ulValueLen = sizeof(true); - sAESKeyTemplate[5].type = CKA_SIGN; - sAESKeyTemplate[5].pValue = &true; - sAESKeyTemplate[5].ulValueLen = sizeof (true); - sAESKeyTemplate[6].type = CKA_VERIFY; - sAESKeyTemplate[6].pValue = &true; + sAESKeyTemplate[5].type = CKA_SIGN; + sAESKeyTemplate[5].pValue = &true; + sAESKeyTemplate[5].ulValueLen = sizeof(true); + sAESKeyTemplate[6].type = CKA_VERIFY; + sAESKeyTemplate[6].pValue = &true; sAESKeyTemplate[6].ulValueLen = sizeof(true); - sAESKeyTemplate[7].type = CKA_UNWRAP; - sAESKeyTemplate[7].pValue = &true; + sAESKeyTemplate[7].type = CKA_UNWRAP; + sAESKeyTemplate[7].pValue = &true; sAESKeyTemplate[7].ulValueLen = sizeof(true); - sAESKeyTemplate[8].type = CKA_VALUE_LEN; - sAESKeyTemplate[8].pValue = &AESvalueLen; + sAESKeyTemplate[8].type = CKA_VALUE_LEN; + sAESKeyTemplate[8].pValue = &AESvalueLen; sAESKeyTemplate[8].ulValueLen = sizeof(AESvalueLen); crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION, NULL, NULL, &hSession); if (crv != CKR_OK) { - PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -2755,8 +2810,9 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_Login with correct password succeeded\n"); } else { - PKM_Error( "C_Login with correct password failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_Login with correct password failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -2769,27 +2825,27 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_GenerateKey AES succeeded\n"); } else { - PKM_Error( "C_GenerateKey AES failed with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_GenerateKey AES failed with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_EncryptInit(hSession, &aesEcbMech, hKey); if (crv != CKR_OK) { - PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } wrappedKeyLen = sizeof(wrappedKey); crv = pFunctionList->C_Encrypt(hSession, KEY, sizeof(KEY), wrappedKey, &wrappedKeyLen); if (crv != CKR_OK) { - PKM_Error( "C_Encrypt failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Encrypt failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } if (wrappedKeyLen != sizeof(wrappedKey)) { - PKM_Error( "wrappedKeyLen is %lu\n", wrappedKeyLen); + PKM_Error("wrappedKeyLen is %lu\n", wrappedKeyLen); return crv; } /* Import an encrypted key */ @@ -2799,93 +2855,93 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, NUM_ELEM(sAESKeyTemplate), &hTestKey); if (crv != CKR_OK) { - PKM_Error( "C_UnwraPKey failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_UnwraPKey failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } /* AES Encrypt the text */ crv = pFunctionList->C_EncryptInit(hSession, &mech_AES_CBC, hTestKey); if (crv != CKR_OK) { - PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } ciphertextLen = sizeof(ciphertext); - crv = pFunctionList->C_Encrypt(hSession, (CK_BYTE *) PLAINTEXT, + crv = pFunctionList->C_Encrypt(hSession, (CK_BYTE *)PLAINTEXT, sizeof(PLAINTEXT), ciphertext, &ciphertextLen); if (crv != CKR_OK) { - PKM_Error( "C_Encrypt failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Encrypt failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - if ( (ciphertextLen == sizeof(CIPHERTEXT)) && - (memcmp(ciphertext, CIPHERTEXT, ciphertextLen) == 0)) { + if ((ciphertextLen == sizeof(CIPHERTEXT)) && + (memcmp(ciphertext, CIPHERTEXT, ciphertextLen) == 0)) { PKM_LogIt("AES CBCVarKey128 encrypt test case 1 passed\n"); } else { - PKM_Error( "AES CBCVarKey128 encrypt test case 1 failed\n"); + PKM_Error("AES CBCVarKey128 encrypt test case 1 failed\n"); return crv; } /* now use EncryptUpdate the text */ crv = pFunctionList->C_EncryptInit(hSession, &mech_AES_CBC, hTestKey); if (crv != CKR_OK) { - PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } ciphertext2Len = sizeof(ciphertext2); - crv = pFunctionList->C_EncryptUpdate (hSession, (CK_BYTE *) PLAINTEXT, - sizeof(PLAINTEXT), - ciphertext2, &ciphertext2Len); + crv = pFunctionList->C_EncryptUpdate(hSession, (CK_BYTE *)PLAINTEXT, + sizeof(PLAINTEXT), + ciphertext2, &ciphertext2Len); if (crv != CKR_OK) { - PKM_Error( "C_EncryptUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } lastLen = sizeof(ciphertext2) - ciphertext2Len; crv = pFunctionList->C_EncryptFinal(hSession, - (CK_BYTE * )&ciphertext2[ciphertext2Len], - &lastLen); + (CK_BYTE *)&ciphertext2[ciphertext2Len], + &lastLen); ciphertext2Len = ciphertext2Len + lastLen; - if ( (ciphertextLen == ciphertext2Len) && - (memcmp(ciphertext, ciphertext2, sizeof(CIPHERTEXT)) == 0) && - (memcmp(ciphertext2, CIPHERTEXT, sizeof(CIPHERTEXT)) == 0)) { + if ((ciphertextLen == ciphertext2Len) && + (memcmp(ciphertext, ciphertext2, sizeof(CIPHERTEXT)) == 0) && + (memcmp(ciphertext2, CIPHERTEXT, sizeof(CIPHERTEXT)) == 0)) { PKM_LogIt("AES CBCVarKey128 encrypt test case 2 passed\n"); } else { - PKM_Error( "AES CBCVarKey128 encrypt test case 2 failed\n"); + PKM_Error("AES CBCVarKey128 encrypt test case 2 failed\n"); return CKR_GENERAL_ERROR; } /* AES CBC Decrypt the text */ crv = pFunctionList->C_DecryptInit(hSession, &mech_AES_CBC, hTestKey); if (crv != CKR_OK) { - PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } plaintextLen = sizeof(plaintext); crv = pFunctionList->C_Decrypt(hSession, ciphertext, ciphertextLen, plaintext, &plaintextLen); if (crv != CKR_OK) { - PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - if ((plaintextLen == sizeof(PLAINTEXT)) - && (memcmp(plaintext, PLAINTEXT, plaintextLen) == 0)) { + if ((plaintextLen == sizeof(PLAINTEXT)) && + (memcmp(plaintext, PLAINTEXT, plaintextLen) == 0)) { PKM_LogIt("AES CBCVarKey128 decrypt test case 1 passed\n"); } else { - PKM_Error( "AES CBCVarKey128 derypt test case 1 failed\n"); + PKM_Error("AES CBCVarKey128 derypt test case 1 failed\n"); } /* now use DecryptUpdate the text */ crv = pFunctionList->C_DecryptInit(hSession, &mech_AES_CBC, hTestKey); if (crv != CKR_OK) { - PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } plaintext2Len = sizeof(plaintext2); @@ -2893,22 +2949,22 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, ciphertext2Len, plaintext2, &plaintext2Len); if (crv != CKR_OK) { - PKM_Error( "C_DecryptUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } lastLen = sizeof(plaintext2) - plaintext2Len; crv = pFunctionList->C_DecryptFinal(hSession, - (CK_BYTE * )&plaintext2[plaintext2Len], - &lastLen); + (CK_BYTE *)&plaintext2[plaintext2Len], + &lastLen); plaintext2Len = plaintext2Len + lastLen; - if ( (plaintextLen == plaintext2Len) && - (memcmp(plaintext, plaintext2, plaintext2Len) == 0) && - (memcmp(plaintext2, PLAINTEXT, sizeof(PLAINTEXT)) == 0)) { + if ((plaintextLen == plaintext2Len) && + (memcmp(plaintext, plaintext2, plaintext2Len) == 0) && + (memcmp(plaintext2, PLAINTEXT, sizeof(PLAINTEXT)) == 0)) { PKM_LogIt("AES CBCVarKey128 decrypt test case 2 passed\n"); } else { - PKM_Error( "AES CBCVarKey128 decrypt test case 2 failed\n"); + PKM_Error("AES CBCVarKey128 decrypt test case 2 failed\n"); return CKR_GENERAL_ERROR; } @@ -2916,69 +2972,69 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_Logout succeeded\n"); } else { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hSession); if (crv != CKR_OK) { - PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - return crv; - } -CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hRwSession, - CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey, - CK_MECHANISM *signMech, const CK_BYTE * pData, - CK_ULONG pDataLen) { +CK_RV +PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SESSION_HANDLE hRwSession, + CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey, + CK_MECHANISM *signMech, const CK_BYTE *pData, + CK_ULONG pDataLen) +{ CK_RV crv = CKR_OK; CK_BYTE sig[MAX_SIG_SZ]; - CK_ULONG sigLen = 0 ; - + CK_ULONG sigLen = 0; + NUMTESTS++; /* increment NUMTESTS */ memset(sig, 0, sizeof(sig)); /* C_Sign */ crv = pFunctionList->C_SignInit(hRwSession, signMech, hPrivKey); if (crv != CKR_OK) { - PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } sigLen = sizeof(sig); - crv = pFunctionList->C_Sign(hRwSession, (CK_BYTE * ) pData, pDataLen, + crv = pFunctionList->C_Sign(hRwSession, (CK_BYTE *)pData, pDataLen, sig, &sigLen); if (crv != CKR_OK) { - PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } /* C_Verify the signature */ crv = pFunctionList->C_VerifyInit(hRwSession, signMech, hPubKey); if (crv != CKR_OK) { - PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_Verify(hRwSession, (CK_BYTE * ) pData, pDataLen, + crv = pFunctionList->C_Verify(hRwSession, (CK_BYTE *)pData, pDataLen, sig, sigLen); if (crv == CKR_OK) { PKM_LogIt("C_Verify succeeded\n"); } else { - PKM_Error( "C_Verify failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Verify failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - /* Check that the mechanism is Multi-part */ - if (signMech->mechanism == CKM_DSA || + /* Check that the mechanism is Multi-part */ + if (signMech->mechanism == CKM_DSA || signMech->mechanism == CKM_RSA_PKCS) { return crv; } @@ -2987,22 +3043,22 @@ CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList, /* SignUpdate */ crv = pFunctionList->C_SignInit(hRwSession, signMech, hPrivKey); if (crv != CKR_OK) { - PKM_Error( "C_SignInit failed with 0x%08lX %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignInit failed with 0x%08lX %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_SignUpdate(hRwSession, (CK_BYTE * ) pData, pDataLen); + crv = pFunctionList->C_SignUpdate(hRwSession, (CK_BYTE *)pData, pDataLen); if (crv != CKR_OK) { - PKM_Error( "C_Sign failed with 0x%08lX %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Sign failed with 0x%08lX %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } sigLen = sizeof(sig); crv = pFunctionList->C_SignFinal(hRwSession, sig, &sigLen); if (crv != CKR_OK) { - PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -3010,50 +3066,51 @@ CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_VerifyInit(hRwSession, signMech, hPubKey); if (crv != CKR_OK) { - PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_VerifyUpdate(hRwSession, (CK_BYTE * ) pData, + crv = pFunctionList->C_VerifyUpdate(hRwSession, (CK_BYTE *)pData, pDataLen); if (crv != CKR_OK) { - PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_VerifyFinal(hRwSession, sig, sigLen); if (crv == CKR_OK) { PKM_LogIt("C_VerifyFinal succeeded\n"); } else { - PKM_Error( "C_VerifyFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } return crv; - } -CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, - CK_ULONG slotID, CK_UTF8CHAR_PTR pwd, - CK_ULONG pwdLen){ +CK_RV +PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, + CK_ULONG slotID, CK_UTF8CHAR_PTR pwd, + CK_ULONG pwdLen) +{ CK_SESSION_HANDLE hSession; CK_RV crv = CKR_OK; -/*** DSA Key ***/ + /*** DSA Key ***/ CK_MECHANISM dsaParamGenMech; CK_ULONG primeBits = 1024; - CK_ATTRIBUTE dsaParamGenTemplate[1]; + CK_ATTRIBUTE dsaParamGenTemplate[1]; CK_OBJECT_HANDLE hDsaParams = CK_INVALID_HANDLE; CK_BYTE DSA_P[128]; CK_BYTE DSA_Q[20]; CK_BYTE DSA_G[128]; CK_MECHANISM dsaKeyPairGenMech; - CK_ATTRIBUTE dsaPubKeyTemplate[5]; - CK_ATTRIBUTE dsaPrivKeyTemplate[5]; + CK_ATTRIBUTE dsaPubKeyTemplate[5]; + CK_ATTRIBUTE dsaPrivKeyTemplate[5]; CK_OBJECT_HANDLE hDSApubKey = CK_INVALID_HANDLE; CK_OBJECT_HANDLE hDSAprivKey = CK_INVALID_HANDLE; - + /* From SHA1ShortMsg.req, Len = 136 */ CK_BYTE MSG[] = { 0xba, 0x33, 0x95, 0xfb, @@ -3087,52 +3144,52 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, NUMTESTS++; /* increment NUMTESTS */ /* DSA key init */ - dsaParamGenMech.mechanism = CKM_DSA_PARAMETER_GEN; - dsaParamGenMech.pParameter = NULL_PTR; + dsaParamGenMech.mechanism = CKM_DSA_PARAMETER_GEN; + dsaParamGenMech.pParameter = NULL_PTR; dsaParamGenMech.ulParameterLen = 0; - dsaParamGenTemplate[0].type = CKA_PRIME_BITS; - dsaParamGenTemplate[0].pValue = &primeBits; + dsaParamGenTemplate[0].type = CKA_PRIME_BITS; + dsaParamGenTemplate[0].pValue = &primeBits; dsaParamGenTemplate[0].ulValueLen = sizeof(primeBits); - dsaPubKeyTemplate[0].type = CKA_PRIME; - dsaPubKeyTemplate[0].pValue = DSA_P; + dsaPubKeyTemplate[0].type = CKA_PRIME; + dsaPubKeyTemplate[0].pValue = DSA_P; dsaPubKeyTemplate[0].ulValueLen = sizeof(DSA_P); - dsaPubKeyTemplate[1].type = CKA_SUBPRIME; + dsaPubKeyTemplate[1].type = CKA_SUBPRIME; dsaPubKeyTemplate[1].pValue = DSA_Q; dsaPubKeyTemplate[1].ulValueLen = sizeof(DSA_Q); - dsaPubKeyTemplate[2].type = CKA_BASE; - dsaPubKeyTemplate[2].pValue = DSA_G; + dsaPubKeyTemplate[2].type = CKA_BASE; + dsaPubKeyTemplate[2].pValue = DSA_G; dsaPubKeyTemplate[2].ulValueLen = sizeof(DSA_G); - dsaPubKeyTemplate[3].type = CKA_TOKEN; - dsaPubKeyTemplate[3].pValue = &true; + dsaPubKeyTemplate[3].type = CKA_TOKEN; + dsaPubKeyTemplate[3].pValue = &true; dsaPubKeyTemplate[3].ulValueLen = sizeof(true); - dsaPubKeyTemplate[4].type = CKA_VERIFY; - dsaPubKeyTemplate[4].pValue = &true; + dsaPubKeyTemplate[4].type = CKA_VERIFY; + dsaPubKeyTemplate[4].pValue = &true; dsaPubKeyTemplate[4].ulValueLen = sizeof(true); - dsaKeyPairGenMech.mechanism = CKM_DSA_KEY_PAIR_GEN; + dsaKeyPairGenMech.mechanism = CKM_DSA_KEY_PAIR_GEN; dsaKeyPairGenMech.pParameter = NULL_PTR; dsaKeyPairGenMech.ulParameterLen = 0; - dsaPrivKeyTemplate[0].type = CKA_TOKEN; - dsaPrivKeyTemplate[0].pValue = &true; + dsaPrivKeyTemplate[0].type = CKA_TOKEN; + dsaPrivKeyTemplate[0].pValue = &true; dsaPrivKeyTemplate[0].ulValueLen = sizeof(true); - dsaPrivKeyTemplate[1].type = CKA_PRIVATE; - dsaPrivKeyTemplate[1].pValue = &true; + dsaPrivKeyTemplate[1].type = CKA_PRIVATE; + dsaPrivKeyTemplate[1].pValue = &true; dsaPrivKeyTemplate[1].ulValueLen = sizeof(true); - dsaPrivKeyTemplate[2].type = CKA_SENSITIVE; - dsaPrivKeyTemplate[2].pValue = &true; + dsaPrivKeyTemplate[2].type = CKA_SENSITIVE; + dsaPrivKeyTemplate[2].pValue = &true; dsaPrivKeyTemplate[2].ulValueLen = sizeof(true); - dsaPrivKeyTemplate[3].type = CKA_SIGN, - dsaPrivKeyTemplate[3].pValue = &true; + dsaPrivKeyTemplate[3].type = CKA_SIGN, + dsaPrivKeyTemplate[3].pValue = &true; dsaPrivKeyTemplate[3].ulValueLen = sizeof(true); - dsaPrivKeyTemplate[4].type = CKA_EXTRACTABLE; - dsaPrivKeyTemplate[4].pValue = &true; + dsaPrivKeyTemplate[4].type = CKA_EXTRACTABLE; + dsaPrivKeyTemplate[4].pValue = &true; dsaPrivKeyTemplate[4].ulValueLen = sizeof(true); crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_RW_SESSION | CKF_SERIAL_SESSION, NULL, NULL, &hSession); if (crv != CKR_OK) { - PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -3140,8 +3197,9 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_Login with correct password succeeded\n"); } else { - PKM_Error( "C_Login with correct password failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_Login with correct password failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -3154,8 +3212,9 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("DSA domain parameter generation succeeded\n"); } else { - PKM_Error( "DSA domain parameter generation failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("DSA domain parameter generation failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_GetAttributeValue(hSession, hDsaParams, @@ -3163,19 +3222,21 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("Getting DSA domain parameters succeeded\n"); } else { - PKM_Error( "Getting DSA domain parameters failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("Getting DSA domain parameters failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_DestroyObject(hSession, hDsaParams); if (crv == CKR_OK) { PKM_LogIt("Destroying DSA domain parameters succeeded\n"); } else { - PKM_Error( "Destroying DSA domain parameters failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("Destroying DSA domain parameters failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - + PKM_LogIt("Generate a DSA key pair ... \n"); /* Generate a persistent DSA key pair */ crv = pFunctionList->C_GenerateKeyPair(hSession, &dsaKeyPairGenMech, @@ -3187,79 +3248,82 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("DSA key pair generation succeeded\n"); } else { - PKM_Error( "DSA key pair generation failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("DSA key pair generation failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } /* Compute SHA-1 digest */ crv = pFunctionList->C_DigestInit(hSession, &sha1Mech); if (crv != CKR_OK) { - PKM_Error( "C_DigestInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DigestInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } sha1DigestLen = sizeof(sha1Digest); crv = pFunctionList->C_Digest(hSession, MSG, sizeof(MSG), sha1Digest, &sha1DigestLen); if (crv != CKR_OK) { - PKM_Error( "C_Digest failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Digest failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } if (sha1DigestLen != sizeof(sha1Digest)) { - PKM_Error( "sha1DigestLen is %lu\n", sha1DigestLen); + PKM_Error("sha1DigestLen is %lu\n", sha1DigestLen); return crv; } if (memcmp(sha1Digest, MD, sizeof(MD)) == 0) { PKM_LogIt("SHA-1 SHA1ShortMsg test case Len = 136 passed\n"); } else { - PKM_Error( "SHA-1 SHA1ShortMsg test case Len = 136 failed\n"); + PKM_Error("SHA-1 SHA1ShortMsg test case Len = 136 failed\n"); } crv = PKM_PubKeySign(pFunctionList, hSession, - hDSApubKey, hDSAprivKey, - &dsaMech, sha1Digest, sizeof(sha1Digest)); + hDSApubKey, hDSAprivKey, + &dsaMech, sha1Digest, sizeof(sha1Digest)); if (crv == CKR_OK) { PKM_LogIt("PKM_PubKeySign CKM_DSA succeeded \n"); } else { - PKM_Error( "PKM_PubKeySign failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_PubKeySign failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = PKM_PubKeySign(pFunctionList, hSession, - hDSApubKey, hDSAprivKey, - &dsaWithSha1Mech, PLAINTEXT, sizeof(PLAINTEXT)); + hDSApubKey, hDSAprivKey, + &dsaWithSha1Mech, PLAINTEXT, sizeof(PLAINTEXT)); if (crv == CKR_OK) { PKM_LogIt("PKM_PubKeySign CKM_DSA_SHA1 succeeded \n"); } else { - PKM_Error( "PKM_PubKeySign failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_PubKeySign failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } /* Sign with DSA */ crv = pFunctionList->C_SignInit(hSession, &dsaMech, hDSAprivKey); if (crv != CKR_OK) { - PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } dsaSigLen = sizeof(dsaSig); crv = pFunctionList->C_Sign(hSession, sha1Digest, sha1DigestLen, dsaSig, &dsaSigLen); if (crv != CKR_OK) { - PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } /* Verify the DSA signature */ crv = pFunctionList->C_VerifyInit(hSession, &dsaMech, hDSApubKey); if (crv != CKR_OK) { - PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_Verify(hSession, sha1Digest, sha1DigestLen, @@ -3267,8 +3331,8 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_Verify succeeded\n"); } else { - PKM_Error( "C_Verify failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Verify failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -3276,28 +3340,28 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_VerifyInit(hSession, &dsaWithSha1Mech, hDSApubKey); if (crv != CKR_OK) { - PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_VerifyUpdate(hSession, MSG, 1); if (crv != CKR_OK) { - PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_VerifyUpdate(hSession, MSG+1, sizeof(MSG)-1); + crv = pFunctionList->C_VerifyUpdate(hSession, MSG + 1, sizeof(MSG) - 1); if (crv != CKR_OK) { - PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_VerifyFinal(hSession, dsaSig, dsaSigLen); if (crv == CKR_OK) { PKM_LogIt("C_VerifyFinal succeeded\n"); } else { - PKM_Error( "C_VerifyFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -3305,28 +3369,28 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_VerifyInit(hSession, &dsaWithSha1Mech, hDSApubKey); if (crv != CKR_OK) { - PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_VerifyUpdate(hSession, MSG, 1); if (crv != CKR_OK) { - PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_VerifyUpdate(hSession, MSG+1, sizeof(MSG)-1); + crv = pFunctionList->C_VerifyUpdate(hSession, MSG + 1, sizeof(MSG) - 1); if (crv != CKR_OK) { - PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_VerifyFinal(hSession, dsaSig, dsaSigLen); if (crv == CKR_OK) { PKM_LogIt("C_VerifyFinal of multi update succeeded.\n"); } else { - PKM_Error("C_VerifyFinal of multi update failed with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyFinal of multi update failed with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } /* Now modify the data */ @@ -3334,57 +3398,59 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, /* Compute SHA-1 digest */ crv = pFunctionList->C_DigestInit(hSession, &sha1Mech); if (crv != CKR_OK) { - PKM_Error( "C_DigestInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DigestInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } sha1DigestLen = sizeof(sha1Digest); crv = pFunctionList->C_Digest(hSession, MSG, sizeof(MSG), sha1Digest, &sha1DigestLen); if (crv != CKR_OK) { - PKM_Error( "C_Digest failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Digest failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_VerifyInit(hSession, &dsaMech, hDSApubKey); if (crv != CKR_OK) { - PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_Verify(hSession, sha1Digest, sha1DigestLen, dsaSig, dsaSigLen); if (crv != CKR_SIGNATURE_INVALID) { - PKM_Error( "C_Verify of modified data succeeded\n"); + PKM_Error("C_Verify of modified data succeeded\n"); return crv; } else { PKM_LogIt("C_Verify of modified data returned as EXPECTED " - " with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + " with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); } crv = pFunctionList->C_Logout(hSession); if (crv == CKR_OK) { PKM_LogIt("C_Logout succeeded\n"); } else { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hSession); if (crv != CKR_OK) { - PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } return crv; - } -CK_RV PKM_Hmac(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE sKey, CK_MECHANISM *hmacMech, - const CK_BYTE * pData, CK_ULONG pDataLen) { +CK_RV +PKM_Hmac(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE sKey, CK_MECHANISM *hmacMech, + const CK_BYTE *pData, CK_ULONG pDataLen) +{ CK_RV crv = CKR_OK; @@ -3395,27 +3461,27 @@ CK_RV PKM_Hmac(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, memset(hmac1, 0, sizeof(hmac1)); memset(hmac2, 0, sizeof(hmac2)); - + NUMTESTS++; /* increment NUMTESTS */ crv = pFunctionList->C_SignInit(hSession, hmacMech, sKey); if (crv == CKR_OK) { PKM_LogIt("C_SignInit succeeded\n"); } else { - PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } hmac1Len = sizeof(hmac1); - crv = pFunctionList->C_Sign(hSession, (CK_BYTE * )pData, + crv = pFunctionList->C_Sign(hSession, (CK_BYTE *)pData, pDataLen, - (CK_BYTE * )hmac1, &hmac1Len); + (CK_BYTE *)hmac1, &hmac1Len); if (crv == CKR_OK) { PKM_LogIt("C_Sign succeeded\n"); } else { - PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -3423,82 +3489,84 @@ CK_RV PKM_Hmac(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, if (crv == CKR_OK) { PKM_LogIt("C_SignInit succeeded\n"); } else { - PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_SignUpdate(hSession, (CK_BYTE * )pData, + crv = pFunctionList->C_SignUpdate(hSession, (CK_BYTE *)pData, pDataLen); if (crv == CKR_OK) { PKM_LogIt("C_SignUpdate succeeded\n"); } else { - PKM_Error( "C_SignUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } hmac2Len = sizeof(hmac2); - crv = pFunctionList->C_SignFinal(hSession, (CK_BYTE * )hmac2, &hmac2Len); + crv = pFunctionList->C_SignFinal(hSession, (CK_BYTE *)hmac2, &hmac2Len); if (crv == CKR_OK) { PKM_LogIt("C_SignFinal succeeded\n"); } else { - PKM_Error( "C_SignFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - if ((hmac1Len == hmac2Len) && (memcmp(hmac1, hmac2, hmac1Len) == 0) ) { + if ((hmac1Len == hmac2Len) && (memcmp(hmac1, hmac2, hmac1Len) == 0)) { PKM_LogIt("hmacs are equal!\n"); } else { PKM_Error("hmacs are not equal!\n"); } crv = pFunctionList->C_VerifyInit(hSession, hmacMech, sKey); if (crv != CKR_OK) { - PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_Verify(hSession, (CK_BYTE * )pData, + crv = pFunctionList->C_Verify(hSession, (CK_BYTE *)pData, pDataLen, - (CK_BYTE * ) hmac2, hmac2Len); + (CK_BYTE *)hmac2, hmac2Len); if (crv == CKR_OK) { PKM_LogIt("C_Verify of hmac succeeded\n"); } else { - PKM_Error( "C_Verify failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Verify failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_VerifyInit(hSession, hmacMech, sKey); if (crv != CKR_OK) { - PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_VerifyUpdate(hSession, (CK_BYTE * )pData, - pDataLen); + crv = pFunctionList->C_VerifyUpdate(hSession, (CK_BYTE *)pData, + pDataLen); if (crv == CKR_OK) { PKM_LogIt("C_VerifyUpdate of hmac succeeded\n"); } else { - PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_VerifyFinal(hSession, (CK_BYTE * ) hmac1, + crv = pFunctionList->C_VerifyFinal(hSession, (CK_BYTE *)hmac1, hmac1Len); if (crv == CKR_OK) { PKM_LogIt("C_VerifyFinal of hmac succeeded\n"); } else { - PKM_Error( "C_VerifyFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } return crv; } -CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) { +CK_RV +PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) +{ CK_RV crv = CKR_OK; CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0; @@ -3507,69 +3575,78 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG tnObjects = 0; int curMode; unsigned int i; - unsigned int number_of_all_known_attribute_types = totalKnownType(ConstAttribute); + unsigned int number_of_all_known_attribute_types = totalKnownType(ConstAttribute); NUMTESTS++; /* increment NUMTESTS */ crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION, NULL, NULL, &h); - if ( CKR_OK != crv ) { + if (CKR_OK != crv) { PKM_Error("C_OpenSession(%lu, CKF_SERIAL_SESSION, , )" - "returned 0x%08X, %-26s\n", pSlotList[slotID], crv, + "returned 0x%08X, %-26s\n", + pSlotList[slotID], crv, PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt( " Opened a session: handle = 0x%08x\n", h); + PKM_LogIt(" Opened a session: handle = 0x%08x\n", h); (void)memset(&sinfo, 0, sizeof(CK_SESSION_INFO)); crv = pFunctionList->C_GetSessionInfo(h, &sinfo); - if ( CKR_OK != crv ) { - PKM_LogIt( "C_GetSessionInfo(%lu, ) returned 0x%08X, %-26s\n", h, crv, - PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_LogIt("C_GetSessionInfo(%lu, ) returned 0x%08X, %-26s\n", h, crv, + PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt( " SESSION INFO:\n"); - PKM_LogIt( " slotID = %lu\n", sinfo.slotID); - PKM_LogIt( " state = %lu\n", sinfo.state); - PKM_LogIt( " flags = 0x%08x\n", sinfo.flags); + PKM_LogIt(" SESSION INFO:\n"); + PKM_LogIt(" slotID = %lu\n", sinfo.slotID); + PKM_LogIt(" state = %lu\n", sinfo.state); + PKM_LogIt(" flags = 0x%08x\n", sinfo.flags); #ifdef CKF_EXCLUSIVE_SESSION - PKM_LogIt( " -> EXCLUSIVE SESSION = %s\n", sinfo.flags & - CKF_EXCLUSIVE_SESSION ? "TRUE" : "FALSE"); + PKM_LogIt(" -> EXCLUSIVE SESSION = %s\n", sinfo.flags & + CKF_EXCLUSIVE_SESSION + ? "TRUE" + : "FALSE"); #endif /* CKF_EXCLUSIVE_SESSION */ - PKM_LogIt( " -> RW SESSION = %s\n", sinfo.flags & - CKF_RW_SESSION ? "TRUE" : "FALSE"); - PKM_LogIt( " -> SERIAL SESSION = %s\n", sinfo.flags & - CKF_SERIAL_SESSION ? "TRUE" : "FALSE"); + PKM_LogIt(" -> RW SESSION = %s\n", sinfo.flags & + CKF_RW_SESSION + ? "TRUE" + : "FALSE"); + PKM_LogIt(" -> SERIAL SESSION = %s\n", sinfo.flags & + CKF_SERIAL_SESSION + ? "TRUE" + : "FALSE"); #ifdef CKF_INSERTION_CALLBACK - PKM_LogIt( " -> INSERTION CALLBACK = %s\n", sinfo.flags & - CKF_INSERTION_CALLBACK ? "TRUE" : "FALSE"); + PKM_LogIt(" -> INSERTION CALLBACK = %s\n", sinfo.flags & + CKF_INSERTION_CALLBACK + ? "TRUE" + : "FALSE"); #endif /* CKF_INSERTION_CALLBACK */ - PKM_LogIt( " ulDeviceError = %lu\n", sinfo.ulDeviceError); - PKM_LogIt( "\n"); + PKM_LogIt(" ulDeviceError = %lu\n", sinfo.ulDeviceError); + PKM_LogIt("\n"); crv = pFunctionList->C_FindObjectsInit(h, NULL, 0); - if ( CKR_OK != crv ) { - PKM_LogIt( "C_FindObjectsInit(%lu, NULL, 0) returned " - "0x%08X, %-26s\n", - h, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_LogIt("C_FindObjectsInit(%lu, NULL, 0) returned " + "0x%08X, %-26s\n", + h, crv, PKM_CK_RVtoStr(crv)); return crv; } pTemplate = (CK_ATTRIBUTE_PTR)calloc(number_of_all_known_attribute_types, sizeof(CK_ATTRIBUTE)); - if ( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) { - PKM_Error( "[pTemplate memory allocation of %lu bytes failed]\n", - number_of_all_known_attribute_types * - sizeof(CK_ATTRIBUTE)); + if ((CK_ATTRIBUTE_PTR)NULL == pTemplate) { + PKM_Error("[pTemplate memory allocation of %lu bytes failed]\n", + number_of_all_known_attribute_types * + sizeof(CK_ATTRIBUTE)); return crv; } - PKM_LogIt( " All objects:\n"); + PKM_LogIt(" All objects:\n"); /* Printing table set to NOMODE */ curMode = MODE; - MODE = NOMODE; + MODE = NOMODE; while (1) { CK_OBJECT_HANDLE o = (CK_OBJECT_HANDLE)0; @@ -3578,29 +3655,29 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG nAttributes = 0; CK_ATTRIBUTE_PTR pT2; CK_ULONG l; - const char * attName = NULL; + const char *attName = NULL; crv = pFunctionList->C_FindObjects(h, &o, 1, &nObjects); - if ( CKR_OK != crv ) { - PKM_Error( "C_FindObjects(%lu, , 1, ) returned 0x%08X, %-26s\n", - h, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_FindObjects(%lu, , 1, ) returned 0x%08X, %-26s\n", + h, crv, PKM_CK_RVtoStr(crv)); return crv; } - if ( 0 == nObjects ) { - PKM_LogIt( "\n"); + if (0 == nObjects) { + PKM_LogIt("\n"); break; } tnObjects++; - PKM_LogIt( " OBJECT HANDLE %lu:\n", o); + PKM_LogIt(" OBJECT HANDLE %lu:\n", o); k = 0; - for (i=0; i < constCount; i++) { + for (i = 0; i < constCount; i++) { if (consts[i].type == ConstAttribute) { pTemplate[k].type = consts[i].value; - pTemplate[k].pValue = (CK_VOID_PTR) NULL; + pTemplate[k].pValue = (CK_VOID_PTR)NULL; pTemplate[k].ulValueLen = 0; k++; } @@ -3608,123 +3685,125 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList, } crv = pFunctionList->C_GetAttributeValue(h, o, pTemplate, - number_of_all_known_attribute_types); - switch ( crv ) { - case CKR_OK: - case CKR_ATTRIBUTE_SENSITIVE: - case CKR_ATTRIBUTE_TYPE_INVALID: - case CKR_BUFFER_TOO_SMALL: - break; - default: - PKM_Error( "C_GetAtributeValue(%lu, %lu, {all attribute types}," - "%lu) returned 0x%08X, %-26s\n", - h, o, number_of_all_known_attribute_types, crv, - PKM_CK_RVtoStr(crv)); - return crv; + number_of_all_known_attribute_types); + switch (crv) { + case CKR_OK: + case CKR_ATTRIBUTE_SENSITIVE: + case CKR_ATTRIBUTE_TYPE_INVALID: + case CKR_BUFFER_TOO_SMALL: + break; + default: + PKM_Error("C_GetAtributeValue(%lu, %lu, {all attribute types}," + "%lu) returned 0x%08X, %-26s\n", + h, o, number_of_all_known_attribute_types, crv, + PKM_CK_RVtoStr(crv)); + return crv; } - for ( k = 0; k < (CK_ULONG) number_of_all_known_attribute_types; k++) { - if ( -1 != (CK_LONG)pTemplate[k].ulValueLen ) { + for (k = 0; k < (CK_ULONG)number_of_all_known_attribute_types; k++) { + if (-1 != (CK_LONG)pTemplate[k].ulValueLen) { nAttributes++; } } - - PKM_LogIt( " %lu attributes:\n", nAttributes); - for ( k = 0; k < (CK_ULONG) number_of_all_known_attribute_types; - k++ ) { - if ( -1 != (CK_LONG)pTemplate[k].ulValueLen ) { + + PKM_LogIt(" %lu attributes:\n", nAttributes); + for (k = 0; k < (CK_ULONG)number_of_all_known_attribute_types; + k++) { + if (-1 != (CK_LONG)pTemplate[k].ulValueLen) { attName = getNameFromAttribute(pTemplate[k].type); if (!attName) { PKM_Error("Unable to find attribute name update pk11table.c\n"); } - PKM_LogIt( " %s 0x%08x (len = %lu)\n", + PKM_LogIt(" %s 0x%08x (len = %lu)\n", attName, pTemplate[k].type, pTemplate[k].ulValueLen); } } - PKM_LogIt( "\n"); - + PKM_LogIt("\n"); + pT2 = (CK_ATTRIBUTE_PTR)calloc(nAttributes, sizeof(CK_ATTRIBUTE)); - if ( (CK_ATTRIBUTE_PTR)NULL == pT2 ) { - PKM_Error( "[pT2 memory allocation of %lu bytes failed]\n", - nAttributes * sizeof(CK_ATTRIBUTE)); + if ((CK_ATTRIBUTE_PTR)NULL == pT2) { + PKM_Error("[pT2 memory allocation of %lu bytes failed]\n", + nAttributes * sizeof(CK_ATTRIBUTE)); return crv; } /* allocate memory for the attribute values */ - for ( l = 0, k = 0; k < (CK_ULONG) number_of_all_known_attribute_types; - k++ ) { - if ( -1 != (CK_LONG)pTemplate[k].ulValueLen ) { + for (l = 0, k = 0; k < (CK_ULONG)number_of_all_known_attribute_types; + k++) { + if (-1 != (CK_LONG)pTemplate[k].ulValueLen) { pT2[l].type = pTemplate[k].type; pT2[l].ulValueLen = pTemplate[k].ulValueLen; if (pT2[l].ulValueLen > 0) { pT2[l].pValue = (CK_VOID_PTR)malloc(pT2[l].ulValueLen); - if ( (CK_VOID_PTR)NULL == pT2[l].pValue ) { - PKM_Error( "pValue memory allocation of %lu bytes failed]\n", + if ((CK_VOID_PTR)NULL == pT2[l].pValue) { + PKM_Error("pValue memory allocation of %lu bytes failed]\n", pT2[l].ulValueLen); return crv; } - } else pT2[l].pValue = (CK_VOID_PTR) NULL; + } else + pT2[l].pValue = (CK_VOID_PTR)NULL; l++; } } - assert( l == nAttributes ); + assert(l == nAttributes); crv = pFunctionList->C_GetAttributeValue(h, o, pT2, nAttributes); - switch ( crv ) { - case CKR_OK: - case CKR_ATTRIBUTE_SENSITIVE: - case CKR_ATTRIBUTE_TYPE_INVALID: - case CKR_BUFFER_TOO_SMALL: - break; - default: - PKM_Error( "C_GetAtributeValue(%lu, %lu, {existent attribute" - " types}, %lu) returned 0x%08X, %-26s\n", - h, o, nAttributes, crv, PKM_CK_RVtoStr(crv)); - return crv; + switch (crv) { + case CKR_OK: + case CKR_ATTRIBUTE_SENSITIVE: + case CKR_ATTRIBUTE_TYPE_INVALID: + case CKR_BUFFER_TOO_SMALL: + break; + default: + PKM_Error("C_GetAtributeValue(%lu, %lu, {existent attribute" + " types}, %lu) returned 0x%08X, %-26s\n", + h, o, nAttributes, crv, PKM_CK_RVtoStr(crv)); + return crv; } - for ( l = 0; l < nAttributes; l++ ) { + for (l = 0; l < nAttributes; l++) { attName = getNameFromAttribute(pT2[l].type); - if (!attName) attName = "unknown attribute"; - PKM_LogIt( " type = %s len = %ld", - attName, (CK_LONG)pT2[l].ulValueLen); + if (!attName) + attName = "unknown attribute"; + PKM_LogIt(" type = %s len = %ld", + attName, (CK_LONG)pT2[l].ulValueLen); - if ( -1 == (CK_LONG)pT2[l].ulValueLen ) { + if (-1 == (CK_LONG)pT2[l].ulValueLen) { ; } else { CK_ULONG m; - if ( pT2[l].ulValueLen <= 8 ) { - PKM_LogIt( ", value = "); + if (pT2[l].ulValueLen <= 8) { + PKM_LogIt(", value = "); } else { - PKM_LogIt( ", value = \n "); + PKM_LogIt(", value = \n "); } - for ( m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++ ) { - PKM_LogIt( "%02x", (CK_ULONG)(0xff & - ((CK_CHAR_PTR)pT2[l].pValue)[m])); + for (m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++) { + PKM_LogIt("%02x", (CK_ULONG)(0xff & + ((CK_CHAR_PTR)pT2[l].pValue)[m])); } - PKM_LogIt( " "); + PKM_LogIt(" "); - for ( m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++ ) { + for (m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++) { CK_CHAR c = ((CK_CHAR_PTR)pT2[l].pValue)[m]; - if ( (c < 0x20) || (c >= 0x7f) ) { + if ((c < 0x20) || (c >= 0x7f)) { c = '.'; } - PKM_LogIt( "%c", c); + PKM_LogIt("%c", c); } } - PKM_LogIt( "\n"); + PKM_LogIt("\n"); } - PKM_LogIt( "\n"); + PKM_LogIt("\n"); - for ( l = 0; l < nAttributes; l++ ) { + for (l = 0; l < nAttributes; l++) { if (pT2[l].pValue) { free(pT2[l].pValue); } @@ -3733,29 +3812,31 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList, } /* while(1) */ MODE = curMode; /* reset the logging MODE */ - + crv = pFunctionList->C_FindObjectsFinal(h); - if ( CKR_OK != crv ) { - PKM_Error( "C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", h, crv, - PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", h, crv, + PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt( " (%lu objects total)\n", tnObjects); + PKM_LogIt(" (%lu objects total)\n", tnObjects); crv = pFunctionList->C_CloseSession(h); - if ( CKR_OK != crv ) { - PKM_Error( "C_CloseSession(%lu) returned 0x%08X, %-26s\n", h, crv, - PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_CloseSession(%lu) returned 0x%08X, %-26s\n", h, crv, + PKM_CK_RVtoStr(crv)); return crv; } return crv; } /* session to create, find, and delete a couple session objects */ -CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) { +CK_RV +PKM_MultiObjectManagement(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) +{ CK_RV crv = CKR_OK; @@ -3764,47 +3845,47 @@ CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList, CK_ATTRIBUTE one[7], two[7], three[7], delta[1], mask[1]; CK_OBJECT_CLASS cko_data = CKO_DATA; char *key = "TEST PROGRAM"; - CK_ULONG key_len = 0; + CK_ULONG key_len = 0; CK_OBJECT_HANDLE hOneIn = (CK_OBJECT_HANDLE)0; CK_OBJECT_HANDLE hTwoIn = (CK_OBJECT_HANDLE)0; CK_OBJECT_HANDLE hThreeIn = (CK_OBJECT_HANDLE)0; CK_OBJECT_HANDLE hDeltaIn = (CK_OBJECT_HANDLE)0; CK_OBJECT_HANDLE found[10]; CK_ULONG nFound; - CK_ULONG hDeltaLen, hThreeLen = 0; + CK_ULONG hDeltaLen, hThreeLen = 0; CK_TOKEN_INFO tinfo; - + NUMTESTS++; /* increment NUMTESTS */ key_len = sizeof(key); crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION, NULL, NULL, &h); - if ( CKR_OK != crv ) { - PKM_Error( "C_OpenSession(%lu, CKF_SERIAL_SESSION, , )" - "returned 0x%08X, %-26s\n", pSlotList[slotID], crv, - PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_OpenSession(%lu, CKF_SERIAL_SESSION, , )" + "returned 0x%08X, %-26s\n", + pSlotList[slotID], crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_Login(h, CKU_USER, pwd, pwdLen); if (crv == CKR_OK) { PKM_LogIt("C_Login with correct password succeeded\n"); } else { - PKM_Error( "C_Login with correct password failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_Login with correct password failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - (void)memset(&tinfo, 0, sizeof(CK_TOKEN_INFO)); crv = pFunctionList->C_GetTokenInfo(pSlotList[slotID], &tinfo); - if ( CKR_OK != crv ) { + if (CKR_OK != crv) { PKM_Error("C_GetTokenInfo(%lu, ) returned 0x%08X, %-26s\n", pSlotList[slotID], crv, PKM_CK_RVtoStr(crv)); return crv; } - - PKM_LogIt( " Opened a session: handle = 0x%08x\n", h); + PKM_LogIt(" Opened a session: handle = 0x%08x\n", h); one[0].type = CKA_CLASS; one[0].pValue = &cko_data; @@ -3873,27 +3954,27 @@ CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList, three[6].ulValueLen = strlen(three[6].pValue); crv = pFunctionList->C_CreateObject(h, one, 7, &hOneIn); - if ( CKR_OK != crv ) { - PKM_Error( "C_CreateObject(%lu, one, 7, ) returned 0x%08X, %-26s\n", - h, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_CreateObject(%lu, one, 7, ) returned 0x%08X, %-26s\n", + h, crv, PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt( " Created object one: handle = %lu\n", hOneIn); + PKM_LogIt(" Created object one: handle = %lu\n", hOneIn); crv = pFunctionList->C_CreateObject(h, two, 7, &hTwoIn); - if ( CKR_OK != crv ) { - PKM_Error( "C_CreateObject(%lu, two, 7, ) returned 0x%08X, %-26s\n", - h, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_CreateObject(%lu, two, 7, ) returned 0x%08X, %-26s\n", + h, crv, PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt( " Created object two: handle = %lu\n", hTwoIn); + PKM_LogIt(" Created object two: handle = %lu\n", hTwoIn); crv = pFunctionList->C_CreateObject(h, three, 7, &hThreeIn); - if ( CKR_OK != crv ) { - PKM_Error( "C_CreateObject(%lu, three, 7, ) returned 0x%08x\n", - h, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_CreateObject(%lu, three, 7, ) returned 0x%08x\n", + h, crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_GetObjectSize(h, hThreeIn, &hThreeLen); @@ -3901,21 +3982,22 @@ CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList, PKM_LogIt("C_GetObjectSize succeeded\n"); } else { PKM_Error("C_GetObjectSize failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt( " Created object three: handle = %lu\n", hThreeIn); + PKM_LogIt(" Created object three: handle = %lu\n", hThreeIn); delta[0].type = CKA_VALUE; delta[0].pValue = "Copied object"; delta[0].ulValueLen = strlen(delta[0].pValue); crv = pFunctionList->C_CopyObject(h, hThreeIn, delta, 1, &hDeltaIn); - if ( CKR_OK != crv ) { - PKM_Error( "C_CopyObject(%lu, %lu, delta, 1, ) returned " - "0x%08X, %-26s\n", - h, hThreeIn, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_CopyObject(%lu, %lu, delta, 1, ) returned " + "0x%08X, %-26s\n", + h, hThreeIn, crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_GetObjectSize(h, hDeltaIn, &hDeltaLen); @@ -3923,7 +4005,8 @@ CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList, PKM_LogIt("C_GetObjectSize succeeded\n"); } else { PKM_Error("C_GetObjectSize failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -3934,132 +4017,135 @@ CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList, return CKR_DEVICE_ERROR; } - PKM_LogIt( " Copied object three: new handle = %lu\n", hDeltaIn); + PKM_LogIt(" Copied object three: new handle = %lu\n", hDeltaIn); mask[0].type = CKA_APPLICATION; mask[0].pValue = key; mask[0].ulValueLen = key_len; crv = pFunctionList->C_FindObjectsInit(h, mask, 1); - if ( CKR_OK != crv ) { - PKM_Error( "C_FindObjectsInit(%lu, mask, 1) returned 0x%08X, %-26s\n", - h, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_FindObjectsInit(%lu, mask, 1) returned 0x%08X, %-26s\n", + h, crv, PKM_CK_RVtoStr(crv)); return crv; } (void)memset(&found, 0, sizeof(found)); nFound = 0; crv = pFunctionList->C_FindObjects(h, found, 10, &nFound); - if ( CKR_OK != crv ) { - PKM_Error( "C_FindObjects(%lu,, 10, ) returned 0x%08X, %-26s\n", - h, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_FindObjects(%lu,, 10, ) returned 0x%08X, %-26s\n", + h, crv, PKM_CK_RVtoStr(crv)); return crv; } - if ( 4 != nFound ) { - PKM_Error( "Found %lu objects, not 4.\n", nFound); + if (4 != nFound) { + PKM_Error("Found %lu objects, not 4.\n", nFound); return crv; } - PKM_LogIt( " Found 4 objects: %lu, %lu, %lu, %lu\n", - found[0], found[1], found[2], found[3]); + PKM_LogIt(" Found 4 objects: %lu, %lu, %lu, %lu\n", + found[0], found[1], found[2], found[3]); crv = pFunctionList->C_FindObjectsFinal(h); - if ( CKR_OK != crv ) { - PKM_Error( "C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", - h, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", + h, crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_DestroyObject(h, hThreeIn); - if ( CKR_OK != crv ) { - PKM_Error( "C_DestroyObject(%lu, %lu) returned 0x%08X, %-26s\n", h, - hThreeIn, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_DestroyObject(%lu, %lu) returned 0x%08X, %-26s\n", h, + hThreeIn, crv, PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt( " Destroyed object three (handle = %lu)\n", hThreeIn); + PKM_LogIt(" Destroyed object three (handle = %lu)\n", hThreeIn); delta[0].type = CKA_APPLICATION; delta[0].pValue = "Changed application"; delta[0].ulValueLen = strlen(delta[0].pValue); crv = pFunctionList->C_SetAttributeValue(h, hTwoIn, delta, 1); - if ( CKR_OK != crv ) { + if (CKR_OK != crv) { PKM_Error("C_SetAttributeValue(%lu, %lu, delta, 1) returned " "0x%08X, %-26s\n", h, hTwoIn, crv, PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt( " Changed object two (handle = %lu).\n", hTwoIn); + PKM_LogIt(" Changed object two (handle = %lu).\n", hTwoIn); /* Can another session find these session objects? */ crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION, NULL, NULL, &h2); - if ( CKR_OK != crv ) { - PKM_Error( "C_OpenSession(%lu, CKF_SERIAL_SESSION, , )" - " returned 0x%08X, %-26s\n", pSlotList[slotID], crv, - PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_OpenSession(%lu, CKF_SERIAL_SESSION, , )" + " returned 0x%08X, %-26s\n", + pSlotList[slotID], crv, + PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt( " Opened a second session: handle = 0x%08x\n", h2); + PKM_LogIt(" Opened a second session: handle = 0x%08x\n", h2); /* mask is still the same */ crv = pFunctionList->C_FindObjectsInit(h2, mask, 1); - if ( CKR_OK != crv ) { - PKM_Error( "C_FindObjectsInit(%lu, mask, 1) returned 0x%08X, %-26s\n", - h2, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_FindObjectsInit(%lu, mask, 1) returned 0x%08X, %-26s\n", + h2, crv, PKM_CK_RVtoStr(crv)); return crv; } (void)memset(&found, 0, sizeof(found)); nFound = 0; crv = pFunctionList->C_FindObjects(h2, found, 10, &nFound); - if ( CKR_OK != crv ) { - PKM_Error( "C_FindObjects(%lu,, 10, ) returned 0x%08X, %-26s\n", - h2, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_FindObjects(%lu,, 10, ) returned 0x%08X, %-26s\n", + h2, crv, PKM_CK_RVtoStr(crv)); return crv; } - if ( 2 != nFound ) { - PKM_Error( "Found %lu objects, not 2.\n", nFound); + if (2 != nFound) { + PKM_Error("Found %lu objects, not 2.\n", nFound); return crv; } - PKM_LogIt( " Found 2 objects: %lu, %lu\n", - found[0], found[1]); + PKM_LogIt(" Found 2 objects: %lu, %lu\n", + found[0], found[1]); crv = pFunctionList->C_FindObjectsFinal(h2); - if ( CKR_OK != crv ) { - PKM_Error( "C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", h2, crv, - PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", h2, crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_Logout(h); if (crv == CKR_OK) { PKM_LogIt("C_Logout succeeded\n"); } else { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseAllSessions(pSlotList[slotID]); - if ( CKR_OK != crv ) { - PKM_Error( "C_CloseAllSessions(%lu) returned 0x%08X, %-26s\n", - pSlotList[slotID], crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_CloseAllSessions(%lu) returned 0x%08X, %-26s\n", + pSlotList[slotID], crv, PKM_CK_RVtoStr(crv)); return crv; } - PKM_LogIt( "\n"); + PKM_LogIt("\n"); return crv; } -CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) { +CK_RV +PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) +{ CK_SESSION_HANDLE hSession; CK_RV crv = CKR_OK; CK_MECHANISM sAESKeyMech = { @@ -4069,51 +4155,49 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, CK_KEY_TYPE keyAESType = CKK_AES; CK_UTF8CHAR AESlabel[] = "An AES secret key object"; CK_ULONG AESvalueLen = 16; - CK_ATTRIBUTE sAESKeyTemplate[9]; + CK_ATTRIBUTE sAESKeyTemplate[9]; CK_OBJECT_HANDLE sKey = CK_INVALID_HANDLE; - CK_BYTE_PTR pstate = NULL; + CK_BYTE_PTR pstate = NULL; CK_ULONG statelen, digestlen, plainlen, plainlen_1, plainlen_2, slen; static const CK_UTF8CHAR *plaintext = (CK_UTF8CHAR *)"Firefox rules."; static const CK_UTF8CHAR *plaintext_1 = (CK_UTF8CHAR *)"Thunderbird rules."; - static const CK_UTF8CHAR *plaintext_2 = (CK_UTF8CHAR *) - "Firefox and Thunderbird."; + static const CK_UTF8CHAR *plaintext_2 = (CK_UTF8CHAR *)"Firefox and Thunderbird."; - char digest[MAX_DIGEST_SZ], digest_1[MAX_DIGEST_SZ]; - char sign[MAX_SIG_SZ]; + char digest[MAX_DIGEST_SZ], digest_1[MAX_DIGEST_SZ]; + char sign[MAX_SIG_SZ]; CK_MECHANISM signmech; CK_MECHANISM digestmech; NUMTESTS++; /* increment NUMTESTS */ - /* AES key template */ - sAESKeyTemplate[0].type = CKA_CLASS; - sAESKeyTemplate[0].pValue = &class; + sAESKeyTemplate[0].type = CKA_CLASS; + sAESKeyTemplate[0].pValue = &class; sAESKeyTemplate[0].ulValueLen = sizeof(class); - sAESKeyTemplate[1].type = CKA_KEY_TYPE; - sAESKeyTemplate[1].pValue = &keyAESType; + sAESKeyTemplate[1].type = CKA_KEY_TYPE; + sAESKeyTemplate[1].pValue = &keyAESType; sAESKeyTemplate[1].ulValueLen = sizeof(keyAESType); - sAESKeyTemplate[2].type = CKA_LABEL; - sAESKeyTemplate[2].pValue = AESlabel; - sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel)-1; - sAESKeyTemplate[3].type = CKA_ENCRYPT; - sAESKeyTemplate[3].pValue = &true; + sAESKeyTemplate[2].type = CKA_LABEL; + sAESKeyTemplate[2].pValue = AESlabel; + sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel) - 1; + sAESKeyTemplate[3].type = CKA_ENCRYPT; + sAESKeyTemplate[3].pValue = &true; sAESKeyTemplate[3].ulValueLen = sizeof(true); - sAESKeyTemplate[4].type = CKA_DECRYPT; - sAESKeyTemplate[4].pValue = &true; + sAESKeyTemplate[4].type = CKA_DECRYPT; + sAESKeyTemplate[4].pValue = &true; sAESKeyTemplate[4].ulValueLen = sizeof(true); - sAESKeyTemplate[5].type = CKA_SIGN; - sAESKeyTemplate[5].pValue = &true; - sAESKeyTemplate[5].ulValueLen = sizeof (true); - sAESKeyTemplate[6].type = CKA_VERIFY; - sAESKeyTemplate[6].pValue = &true; + sAESKeyTemplate[5].type = CKA_SIGN; + sAESKeyTemplate[5].pValue = &true; + sAESKeyTemplate[5].ulValueLen = sizeof(true); + sAESKeyTemplate[6].type = CKA_VERIFY; + sAESKeyTemplate[6].pValue = &true; sAESKeyTemplate[6].ulValueLen = sizeof(true); - sAESKeyTemplate[7].type = CKA_UNWRAP; - sAESKeyTemplate[7].pValue = &true; + sAESKeyTemplate[7].type = CKA_UNWRAP; + sAESKeyTemplate[7].pValue = &true; sAESKeyTemplate[7].ulValueLen = sizeof(true); - sAESKeyTemplate[8].type = CKA_VALUE_LEN; - sAESKeyTemplate[8].pValue = &AESvalueLen; + sAESKeyTemplate[8].type = CKA_VALUE_LEN; + sAESKeyTemplate[8].pValue = &AESvalueLen; sAESKeyTemplate[8].ulValueLen = sizeof(AESvalueLen); signmech.mechanism = CKM_SHA_1_HMAC; @@ -4123,18 +4207,16 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, digestmech.pParameter = NULL; digestmech.ulParameterLen = 0; - plainlen = strlen((char *)plaintext); plainlen_1 = strlen((char *)plaintext_1); plainlen_2 = strlen((char *)plaintext_2); digestlen = MAX_DIGEST_SZ; - crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION, NULL, NULL, &hSession); if (crv != CKR_OK) { - PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -4142,8 +4224,9 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_Login with correct password succeeded\n"); } else { - PKM_Error( "C_Login with correct password failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_Login with correct password failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -4156,14 +4239,14 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_GenerateKey AES succeeded\n"); } else { - PKM_Error( "C_GenerateKey AES failed with 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_GenerateKey AES failed with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_SignInit(hSession, &signmech, sKey); if (crv != CKR_OK) { - PKM_Error("C_SignInit failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_SignInit failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -4172,14 +4255,14 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_Sign(hSession, (CK_BYTE_PTR)plaintext, plainlen, (CK_BYTE_PTR)sign, &slen); if (crv != CKR_OK) { - PKM_Error("C_Sign failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_Sign failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_DestroyObject(hSession, sKey); if (crv != CKR_OK) { - PKM_Error("C_DestroyObject failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_DestroyObject failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -4187,29 +4270,29 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, digestlen = MAX_DIGEST_SZ; crv = pFunctionList->C_DigestInit(hSession, &digestmech); if (crv != CKR_OK) { - PKM_Error("C_DigestInit failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_DigestInit failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_DigestUpdate(hSession, (CK_BYTE_PTR)plaintext, plainlen); if (crv != CKR_OK) { - PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_GetOperationState(hSession, NULL, &statelen); if (crv != CKR_OK) { - PKM_Error("C_GetOperationState failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_GetOperationState failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } - pstate = (CK_BYTE_PTR) malloc(statelen * sizeof (CK_BYTE_PTR)); + pstate = (CK_BYTE_PTR)malloc(statelen * sizeof(CK_BYTE_PTR)); crv = pFunctionList->C_GetOperationState(hSession, pstate, &statelen); if (crv != CKR_OK) { - PKM_Error("C_GetOperationState failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_GetOperationState failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -4217,14 +4300,14 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_DigestUpdate(hSession, (CK_BYTE_PTR)plaintext_1, plainlen_1); if (crv != CKR_OK) { - PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_DigestUpdate(hSession, (CK_BYTE_PTR)plaintext_2, plainlen_2); if (crv != CKR_OK) { - PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -4236,28 +4319,28 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_SetOperationState(hSession, pstate, statelen, 0, 0); if (crv != CKR_OK) { - PKM_Error("C_SetOperationState failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_SetOperationState failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_DigestFinal(hSession, (CK_BYTE_PTR)digest, &digestlen); if (crv != CKR_OK) { - PKM_Error("C_DigestFinal failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_DigestFinal failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } digestlen = MAX_DIGEST_SZ; crv = pFunctionList->C_DigestInit(hSession, &digestmech); if (crv != CKR_OK) { - PKM_Error("C_DigestInit failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_DigestInit failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_Digest(hSession, (CK_BYTE_PTR)plaintext, plainlen, (CK_BYTE_PTR)digest_1, &digestlen); if (crv != CKR_OK) { - PKM_Error("C_Digest failed returned 0x%08X, %-26s\n", crv, + PKM_Error("C_Digest failed returned 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -4270,37 +4353,38 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_Logout succeeded\n"); } else { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hSession); - if ( CKR_OK != crv ) { - PKM_Error( "C_CloseSession(%lu) returned 0x%08X, %-26s\n", - hSession, crv, PKM_CK_RVtoStr(crv)); + if (CKR_OK != crv) { + PKM_Error("C_CloseSession(%lu) returned 0x%08X, %-26s\n", + hSession, crv, PKM_CK_RVtoStr(crv)); return crv; } return crv; } - /* * Recover Functions */ -CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey, - CK_MECHANISM *signMech, const CK_BYTE * pData, - CK_ULONG pDataLen) { +CK_RV +PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey, + CK_MECHANISM *signMech, const CK_BYTE *pData, + CK_ULONG pDataLen) +{ CK_RV crv = CKR_OK; CK_BYTE sig[MAX_SIG_SZ]; CK_ULONG sigLen = MAX_SIG_SZ; CK_BYTE recover[MAX_SIG_SZ]; CK_ULONG recoverLen = MAX_SIG_SZ; - + NUMTESTS++; /* increment NUMTESTS */ - + /* initializes a signature operation, * where the data can be recovered from the signature */ @@ -4310,21 +4394,23 @@ CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList, PKM_LogIt("C_SignRecoverInit succeeded. \n"); } else { PKM_Error("C_SignRecoverInit failed.\n" - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } /* signs single-part data, * where the data can be recovered from the signature */ - crv = pFunctionList->C_SignRecover(hSession, (CK_BYTE * )pData, + crv = pFunctionList->C_SignRecover(hSession, (CK_BYTE *)pData, pDataLen, - (CK_BYTE * )sig, &sigLen); + (CK_BYTE *)sig, &sigLen); if (crv == CKR_OK) { PKM_LogIt("C_SignRecover succeeded. \n"); } else { PKM_Error("C_SignRecoverInit failed to create an RSA key pair.\n" - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -4338,7 +4424,8 @@ CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList, PKM_LogIt("C_VerifyRecoverInit succeeded. \n"); } else { PKM_Error("C_VerifyRecoverInit failed.\n" - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } @@ -4346,22 +4433,23 @@ CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList, * verifies a signature on single-part data, * where the data is recovered from the signature */ - crv = pFunctionList->C_VerifyRecover(hSession, (CK_BYTE * )sig, + crv = pFunctionList->C_VerifyRecover(hSession, (CK_BYTE *)sig, sigLen, - (CK_BYTE * )recover, &recoverLen); + (CK_BYTE *)recover, &recoverLen); if (crv == CKR_OK) { PKM_LogIt("C_VerifyRecover succeeded. \n"); } else { PKM_Error("C_VerifyRecover failed.\n" - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - if ((recoverLen == pDataLen) - && (memcmp(recover, pData, pDataLen) == 0)) { + if ((recoverLen == pDataLen) && + (memcmp(recover, pData, pDataLen) == 0)) { PKM_LogIt("VerifyRecover test case passed\n"); } else { - PKM_Error( "VerifyRecover test case failed\n"); + PKM_Error("VerifyRecover test case failed\n"); } return crv; @@ -4371,14 +4459,16 @@ CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList, * wrap the secretkey with the public key. * unwrap the secretkey with the private key. */ -CK_RV PKM_wrapUnwrap(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hSession, - CK_OBJECT_HANDLE hPublicKey, - CK_OBJECT_HANDLE hPrivateKey, - CK_MECHANISM *wrapMechanism, - CK_OBJECT_HANDLE hSecretKey, - CK_ATTRIBUTE *sKeyTemplate, - CK_ULONG skeyTempSize) { +CK_RV +PKM_wrapUnwrap(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hPublicKey, + CK_OBJECT_HANDLE hPrivateKey, + CK_MECHANISM *wrapMechanism, + CK_OBJECT_HANDLE hSecretKey, + CK_ATTRIBUTE *sKeyTemplate, + CK_ULONG skeyTempSize) +{ CK_RV crv = CKR_OK; CK_OBJECT_HANDLE hSecretKeyUnwrapped = CK_INVALID_HANDLE; CK_BYTE wrappedKey[128]; @@ -4388,26 +4478,26 @@ CK_RV PKM_wrapUnwrap(CK_FUNCTION_LIST_PTR pFunctionList, ulWrappedKeyLen = sizeof(wrappedKey); crv = pFunctionList->C_WrapKey( - hSession, wrapMechanism, - hPublicKey, hSecretKey, - wrappedKey, &ulWrappedKeyLen); + hSession, wrapMechanism, + hPublicKey, hSecretKey, + wrappedKey, &ulWrappedKeyLen); if (crv == CKR_OK) { PKM_LogIt("C_WrapKey succeeded\n"); } else { - PKM_Error( "C_WrapKey failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_WrapKey failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_UnwrapKey( - hSession, wrapMechanism, hPrivateKey, - wrappedKey, ulWrappedKeyLen, sKeyTemplate, - skeyTempSize, - &hSecretKeyUnwrapped); + hSession, wrapMechanism, hPrivateKey, + wrappedKey, ulWrappedKeyLen, sKeyTemplate, + skeyTempSize, + &hSecretKeyUnwrapped); if ((crv == CKR_OK) && (hSecretKeyUnwrapped != CK_INVALID_HANDLE)) { PKM_LogIt("C_UnwrapKey succeeded\n"); } else { - PKM_Error( "C_UnwrapKey failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_UnwrapKey failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -4426,11 +4516,11 @@ PKM_AttributeCheck(CK_FUNCTION_LIST_PTR pFunctionList, CK_RV crv; CK_ATTRIBUTE_PTR tmp_attrs; unsigned int i; - + NUMTESTS++; /* increment NUMTESTS */ /* First duplicate the themplate */ - tmp_attrs = malloc(expected_attrs_count * sizeof (CK_ATTRIBUTE)); + tmp_attrs = malloc(expected_attrs_count * sizeof(CK_ATTRIBUTE)); if (tmp_attrs == NULL) { PKM_Error("Internal test memory failure\n"); @@ -4459,8 +4549,8 @@ PKM_AttributeCheck(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_GetAttributeValue(hSession, obj, tmp_attrs, expected_attrs_count); if (crv != CKR_OK) { - PKM_Error( "C_GetAttributeValue failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GetAttributeValue failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); crv = CKR_FUNCTION_FAILED; goto out; } @@ -4470,15 +4560,15 @@ PKM_AttributeCheck(CK_FUNCTION_LIST_PTR pFunctionList, if (memcmp(tmp_attrs[i].pValue, expected_attrs[i].pValue, expected_attrs[i].ulValueLen) != 0) { - PKM_LogIt("comparing attribute type 0x%x with expected 0x%x\n", + PKM_LogIt("comparing attribute type 0x%x with expected 0x%x\n", tmp_attrs[i].type, expected_attrs[i].type); - PKM_LogIt("comparing attribute type value 0x%x with expected 0x%x\n", + PKM_LogIt("comparing attribute type value 0x%x with expected 0x%x\n", tmp_attrs[i].pValue, expected_attrs[i].pValue); - /* don't report error at this time */ + /* don't report error at this time */ } } - out: +out: for (i = 0; i < expected_attrs_count; i++) free(tmp_attrs[i].pValue); free(tmp_attrs); @@ -4493,29 +4583,28 @@ PKM_MechCheck(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, CK_MECHANISM_TYPE mechType, CK_FLAGS flags, CK_BBOOL check_sizes, CK_ULONG minkeysize, CK_ULONG maxkeysize) { - CK_SESSION_INFO sess_info; - CK_MECHANISM_INFO mech_info; - CK_RV crv; + CK_SESSION_INFO sess_info; + CK_MECHANISM_INFO mech_info; + CK_RV crv; NUMTESTS++; /* increment NUMTESTS */ - if ((crv = pFunctionList->C_GetSessionInfo(hSession, &sess_info)) - != CKR_OK) { - PKM_Error( "C_GetSessionInfo failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + if ((crv = pFunctionList->C_GetSessionInfo(hSession, &sess_info)) != + CKR_OK) { + PKM_Error("C_GetSessionInfo failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return (CKR_FUNCTION_FAILED); } crv = pFunctionList->C_GetMechanismInfo(0, mechType, &mech_info); - crv = pFunctionList->C_GetMechanismInfo(sess_info.slotID, mechType, &mech_info); if (crv != CKR_OK) { - PKM_Error( "C_GetMechanismInfo failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GetMechanismInfo failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return (CKR_FUNCTION_FAILED); } @@ -4539,10 +4628,6 @@ PKM_MechCheck(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, return (CKR_OK); } - - - - /* * Can be called with a non-null premaster_key_len for the * *_DH mechanisms. In that case, no checking for the matching of @@ -4550,89 +4635,90 @@ PKM_MechCheck(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession, * The rnd argument tells which correct/bogus randomInfo to use. */ CK_RV -PKM_TLSMasterKeyDerive( CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, - CK_MECHANISM_TYPE mechType, - enum_random_t rnd) { +PKM_TLSMasterKeyDerive(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, + CK_MECHANISM_TYPE mechType, + enum_random_t rnd) +{ CK_SESSION_HANDLE hSession; CK_RV crv; - CK_MECHANISM mk_mech; - CK_VERSION version; - CK_OBJECT_CLASS class = CKO_SECRET_KEY; - CK_KEY_TYPE type = CKK_GENERIC_SECRET; - CK_BBOOL derive_bool = true; - CK_ATTRIBUTE attrs[4]; - CK_ULONG attrs_count = 4; - CK_OBJECT_HANDLE pmk_obj = CK_INVALID_HANDLE; - CK_OBJECT_HANDLE mk_obj = CK_INVALID_HANDLE; + CK_MECHANISM mk_mech; + CK_VERSION version; + CK_OBJECT_CLASS class = CKO_SECRET_KEY; + CK_KEY_TYPE type = CKK_GENERIC_SECRET; + CK_BBOOL derive_bool = true; + CK_ATTRIBUTE attrs[4]; + CK_ULONG attrs_count = 4; + CK_OBJECT_HANDLE pmk_obj = CK_INVALID_HANDLE; + CK_OBJECT_HANDLE mk_obj = CK_INVALID_HANDLE; CK_SSL3_MASTER_KEY_DERIVE_PARAMS mkd_params; - CK_MECHANISM skmd_mech; + CK_MECHANISM skmd_mech; CK_BBOOL isDH = false; - + NUMTESTS++; /* increment NUMTESTS */ - attrs[0].type = CKA_CLASS; - attrs[0].pValue = &class; - attrs[0].ulValueLen = sizeof (class); - attrs[1].type = CKA_KEY_TYPE; - attrs[1].pValue = &type; - attrs[1].ulValueLen = sizeof (type); - attrs[2].type = CKA_DERIVE; - attrs[2].pValue = &derive_bool; - attrs[2].ulValueLen = sizeof (derive_bool); - attrs[3].type = CKA_VALUE; - attrs[3].pValue = NULL; + attrs[0].type = CKA_CLASS; + attrs[0].pValue = &class; + attrs[0].ulValueLen = sizeof(class); + attrs[1].type = CKA_KEY_TYPE; + attrs[1].pValue = &type; + attrs[1].ulValueLen = sizeof(type); + attrs[2].type = CKA_DERIVE; + attrs[2].pValue = &derive_bool; + attrs[2].ulValueLen = sizeof(derive_bool); + attrs[3].type = CKA_VALUE; + attrs[3].pValue = NULL; attrs[3].ulValueLen = 0; - crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION, NULL, NULL, &hSession); if (crv != CKR_OK) { - PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_Login(hSession, CKU_USER, pwd, pwdLen); if (crv == CKR_OK) { PKM_LogIt("C_Login with correct password succeeded\n"); } else { - PKM_Error( "C_Login with correct password failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_Login with correct password failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } /* Before all, check if the mechanism is supported correctly */ if (MODE == FIPSMODE) { - crv = PKM_MechCheck(pFunctionList, hSession, mechType, CKF_DERIVE, false, - 0, 0); - if (crv != CKR_OK) { - PKM_Error( "PKM_MechCheck failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); - return (crv); - } + crv = PKM_MechCheck(pFunctionList, hSession, mechType, CKF_DERIVE, false, + 0, 0); + if (crv != CKR_OK) { + PKM_Error("PKM_MechCheck failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); + return (crv); + } } mk_mech.mechanism = mechType; mk_mech.pParameter = &mkd_params; - mk_mech.ulParameterLen = sizeof (mkd_params); + mk_mech.ulParameterLen = sizeof(mkd_params); switch (mechType) { - case CKM_TLS_MASTER_KEY_DERIVE_DH: - isDH = true; + case CKM_TLS_MASTER_KEY_DERIVE_DH: + isDH = true; /* FALLTHRU */ - case CKM_TLS_MASTER_KEY_DERIVE: - attrs[3].pValue = NULL; - attrs[3].ulValueLen = 0; - - mkd_params.RandomInfo.pClientRandom = (unsigned char * ) TLSClientRandom; - mkd_params.RandomInfo.ulClientRandomLen = - sizeof (TLSClientRandom); - mkd_params.RandomInfo.pServerRandom = (unsigned char * ) TLSServerRandom; - mkd_params.RandomInfo.ulServerRandomLen = - sizeof (TLSServerRandom); - break; + case CKM_TLS_MASTER_KEY_DERIVE: + attrs[3].pValue = NULL; + attrs[3].ulValueLen = 0; + + mkd_params.RandomInfo.pClientRandom = (unsigned char *)TLSClientRandom; + mkd_params.RandomInfo.ulClientRandomLen = + sizeof(TLSClientRandom); + mkd_params.RandomInfo.pServerRandom = (unsigned char *)TLSServerRandom; + mkd_params.RandomInfo.ulServerRandomLen = + sizeof(TLSServerRandom); + break; } mkd_params.pVersion = (!isDH) ? &version : NULL; @@ -4640,8 +4726,7 @@ PKM_TLSMasterKeyDerive( CK_FUNCTION_LIST_PTR pFunctionList, skmd_mech.mechanism = CKM_SSL3_PRE_MASTER_KEY_GEN; skmd_mech.pParameter = &mkd_params; - skmd_mech.ulParameterLen = sizeof (mkd_params); - + skmd_mech.ulParameterLen = sizeof(mkd_params); crv = pFunctionList->C_GenerateKey(hSession, &skmd_mech, attrs, @@ -4650,97 +4735,93 @@ PKM_TLSMasterKeyDerive( CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_GenerateKey succeeded\n"); } else { - PKM_Error( "C_GenerateKey failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GenerateKey failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; - } /* Test the bad cases */ switch (rnd) { - case CORRECT: - goto correct; + case CORRECT: + goto correct; - case BOGUS_CLIENT_RANDOM: - mkd_params.RandomInfo.pClientRandom = NULL; - break; + case BOGUS_CLIENT_RANDOM: + mkd_params.RandomInfo.pClientRandom = NULL; + break; - case BOGUS_CLIENT_RANDOM_LEN: - mkd_params.RandomInfo.ulClientRandomLen = 0; - break; + case BOGUS_CLIENT_RANDOM_LEN: + mkd_params.RandomInfo.ulClientRandomLen = 0; + break; - case BOGUS_SERVER_RANDOM: - mkd_params.RandomInfo.pServerRandom = NULL; - break; + case BOGUS_SERVER_RANDOM: + mkd_params.RandomInfo.pServerRandom = NULL; + break; - case BOGUS_SERVER_RANDOM_LEN: - mkd_params.RandomInfo.ulServerRandomLen = 0; - break; + case BOGUS_SERVER_RANDOM_LEN: + mkd_params.RandomInfo.ulServerRandomLen = 0; + break; } crv = pFunctionList->C_DeriveKey(hSession, &mk_mech, pmk_obj, NULL, 0, &mk_obj); if (crv != CKR_MECHANISM_PARAM_INVALID) { - PKM_LogIt( "C_DeriveKey returned as EXPECTED with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_LogIt("C_DeriveKey returned as EXPECTED with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); } else { - PKM_Error( "C_DeriveKey did not fail with bad data \n" ); + PKM_Error("C_DeriveKey did not fail with bad data \n"); } goto out; - - correct: +correct: /* Now derive the master secret key */ crv = pFunctionList->C_DeriveKey(hSession, &mk_mech, pmk_obj, NULL, 0, &mk_obj); if (crv == CKR_OK) { PKM_LogIt("C_DeriveKey succeeded\n"); } else { - PKM_Error( "C_DeriveKey failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DeriveKey failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; - } - out: +out: if (pmk_obj != CK_INVALID_HANDLE) - (void) pFunctionList->C_DestroyObject(hSession, pmk_obj); + (void)pFunctionList->C_DestroyObject(hSession, pmk_obj); if (mk_obj != CK_INVALID_HANDLE) - (void) pFunctionList->C_DestroyObject(hSession, mk_obj); + (void)pFunctionList->C_DestroyObject(hSession, mk_obj); crv = pFunctionList->C_Logout(hSession); if (crv == CKR_OK) { PKM_LogIt("C_Logout succeeded\n"); } else { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hSession); if (crv != CKR_OK) { - PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } return (crv); } - CK_RV -PKM_TLSKeyAndMacDerive( CK_FUNCTION_LIST_PTR pFunctionList, - CK_SLOT_ID * pSlotList, CK_ULONG slotID, - CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, - CK_MECHANISM_TYPE mechType, enum_random_t rnd) +PKM_TLSKeyAndMacDerive(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SLOT_ID *pSlotList, CK_ULONG slotID, + CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen, + CK_MECHANISM_TYPE mechType, enum_random_t rnd) { CK_SESSION_HANDLE hSession; CK_RV crv; - CK_MECHANISM kmd_mech; - CK_MECHANISM skmd_mech; - CK_OBJECT_CLASS class = CKO_SECRET_KEY; - CK_KEY_TYPE type = CKK_GENERIC_SECRET; - CK_BBOOL derive_bool = true; - CK_BBOOL sign_bool = true, verify_bool = true; - CK_BBOOL encrypt_bool = true, decrypt_bool = true; - CK_ULONG value_len; + CK_MECHANISM kmd_mech; + CK_MECHANISM skmd_mech; + CK_OBJECT_CLASS class = CKO_SECRET_KEY; + CK_KEY_TYPE type = CKK_GENERIC_SECRET; + CK_BBOOL derive_bool = true; + CK_BBOOL sign_bool = true, verify_bool = true; + CK_BBOOL encrypt_bool = true, decrypt_bool = true; + CK_ULONG value_len; /* * We arrange this template so that: @@ -4748,79 +4829,79 @@ PKM_TLSKeyAndMacDerive( CK_FUNCTION_LIST_PTR pFunctionList, * . Attributes 2-5 are good for the master key creation template. * . Attributes 3-8 are good for a cipher key comparison template. */ - CK_ATTRIBUTE attrs[9]; + CK_ATTRIBUTE attrs[9]; - CK_OBJECT_HANDLE mk_obj = CK_INVALID_HANDLE; + CK_OBJECT_HANDLE mk_obj = CK_INVALID_HANDLE; CK_SSL3_KEY_MAT_PARAMS km_params; CK_SSL3_KEY_MAT_OUT kmo; - CK_BYTE IVClient[8]; - CK_BYTE IVServer[8]; + CK_BYTE IVClient[8]; + CK_BYTE IVServer[8]; NUMTESTS++; /* increment NUMTESTS */ - attrs[0].type = CKA_SIGN; - attrs[0].pValue = &sign_bool; - attrs[0].ulValueLen = sizeof (sign_bool); - attrs[1].type = CKA_VERIFY; - attrs[1].pValue = &verify_bool; - attrs[1].ulValueLen = sizeof (verify_bool); - attrs[2].type = CKA_KEY_TYPE; - attrs[2].pValue = &type; - attrs[2].ulValueLen = sizeof (type); - attrs[3].type = CKA_CLASS; - attrs[3].pValue = &class; - attrs[3].ulValueLen = sizeof (class); - attrs[4].type = CKA_DERIVE; - attrs[4].pValue = &derive_bool; - attrs[4].ulValueLen = sizeof (derive_bool); - attrs[5].type = CKA_VALUE; - attrs[5].pValue = NULL; + attrs[0].type = CKA_SIGN; + attrs[0].pValue = &sign_bool; + attrs[0].ulValueLen = sizeof(sign_bool); + attrs[1].type = CKA_VERIFY; + attrs[1].pValue = &verify_bool; + attrs[1].ulValueLen = sizeof(verify_bool); + attrs[2].type = CKA_KEY_TYPE; + attrs[2].pValue = &type; + attrs[2].ulValueLen = sizeof(type); + attrs[3].type = CKA_CLASS; + attrs[3].pValue = &class; + attrs[3].ulValueLen = sizeof(class); + attrs[4].type = CKA_DERIVE; + attrs[4].pValue = &derive_bool; + attrs[4].ulValueLen = sizeof(derive_bool); + attrs[5].type = CKA_VALUE; + attrs[5].pValue = NULL; attrs[5].ulValueLen = 0; - attrs[6].type = CKA_VALUE_LEN; - attrs[6].pValue = &value_len; - attrs[6].ulValueLen = sizeof (value_len); - attrs[7].type = CKA_ENCRYPT; - attrs[7].pValue = &encrypt_bool; - attrs[7].ulValueLen = sizeof (encrypt_bool); - attrs[8].type = CKA_DECRYPT; - attrs[8].pValue = &decrypt_bool; - attrs[8].ulValueLen = sizeof (decrypt_bool); + attrs[6].type = CKA_VALUE_LEN; + attrs[6].pValue = &value_len; + attrs[6].ulValueLen = sizeof(value_len); + attrs[7].type = CKA_ENCRYPT; + attrs[7].pValue = &encrypt_bool; + attrs[7].ulValueLen = sizeof(encrypt_bool); + attrs[8].type = CKA_DECRYPT; + attrs[8].pValue = &decrypt_bool; + attrs[8].ulValueLen = sizeof(decrypt_bool); crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION, NULL, NULL, &hSession); if (crv != CKR_OK) { - PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_Login(hSession, CKU_USER, pwd, pwdLen); if (crv == CKR_OK) { PKM_LogIt("C_Login with correct password succeeded\n"); } else { - PKM_Error( "C_Login with correct password failed " - "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); + PKM_Error("C_Login with correct password failed " + "with 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); return crv; } - /* Before all, check if the mechanism is supported correctly */ if (MODE == FIPSMODE) { crv = PKM_MechCheck(pFunctionList, hSession, mechType, CKF_DERIVE, CK_TRUE, 48, 48); if (crv != CKR_OK) { - PKM_Error( "PKM_MechCheck failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("PKM_MechCheck failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return (crv); } } kmd_mech.mechanism = mechType; kmd_mech.pParameter = &km_params; - kmd_mech.ulParameterLen = sizeof (km_params); + kmd_mech.ulParameterLen = sizeof(km_params); - km_params.ulMacSizeInBits = 128; /* an MD5 based MAC */ - km_params.ulKeySizeInBits = 192; /* 3DES key size */ - km_params.ulIVSizeInBits = 64; /* 3DES block size */ + km_params.ulMacSizeInBits = 128; /* an MD5 based MAC */ + km_params.ulKeySizeInBits = 192; /* 3DES key size */ + km_params.ulIVSizeInBits = 64; /* 3DES block size */ km_params.pReturnedKeyMaterial = &kmo; km_params.bIsExport = false; kmo.hClientMacSecret = CK_INVALID_HANDLE; @@ -4832,8 +4913,7 @@ PKM_TLSKeyAndMacDerive( CK_FUNCTION_LIST_PTR pFunctionList, skmd_mech.mechanism = CKM_SSL3_PRE_MASTER_KEY_GEN; skmd_mech.pParameter = &km_params; - skmd_mech.ulParameterLen = sizeof (km_params); - + skmd_mech.ulParameterLen = sizeof(km_params); crv = pFunctionList->C_GenerateKey(hSession, &skmd_mech, &attrs[2], @@ -4842,54 +4922,54 @@ PKM_TLSKeyAndMacDerive( CK_FUNCTION_LIST_PTR pFunctionList, if (crv == CKR_OK) { PKM_LogIt("C_GenerateKey succeeded\n"); } else { - PKM_Error( "C_GenerateKey failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_GenerateKey failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - attrs[5].pValue = NULL; - attrs[5].ulValueLen = 0; + attrs[5].pValue = NULL; + attrs[5].ulValueLen = 0; - km_params.RandomInfo.pClientRandom = (unsigned char *) TLSClientRandom; + km_params.RandomInfo.pClientRandom = (unsigned char *)TLSClientRandom; km_params.RandomInfo.ulClientRandomLen = - sizeof (TLSClientRandom); - km_params.RandomInfo.pServerRandom = (unsigned char *) TLSServerRandom; + sizeof(TLSClientRandom); + km_params.RandomInfo.pServerRandom = (unsigned char *)TLSServerRandom; km_params.RandomInfo.ulServerRandomLen = - sizeof (TLSServerRandom); + sizeof(TLSServerRandom); /* Test the bad cases */ switch (rnd) { - case CORRECT: - goto correct; + case CORRECT: + goto correct; - case BOGUS_CLIENT_RANDOM: - km_params.RandomInfo.pClientRandom = NULL; - break; + case BOGUS_CLIENT_RANDOM: + km_params.RandomInfo.pClientRandom = NULL; + break; - case BOGUS_CLIENT_RANDOM_LEN: - km_params.RandomInfo.ulClientRandomLen = 0; - break; + case BOGUS_CLIENT_RANDOM_LEN: + km_params.RandomInfo.ulClientRandomLen = 0; + break; - case BOGUS_SERVER_RANDOM: - km_params.RandomInfo.pServerRandom = NULL; - break; + case BOGUS_SERVER_RANDOM: + km_params.RandomInfo.pServerRandom = NULL; + break; - case BOGUS_SERVER_RANDOM_LEN: - km_params.RandomInfo.ulServerRandomLen = 0; - break; + case BOGUS_SERVER_RANDOM_LEN: + km_params.RandomInfo.ulServerRandomLen = 0; + break; } crv = pFunctionList->C_DeriveKey(hSession, &kmd_mech, mk_obj, NULL, 0, NULL); if (crv != CKR_MECHANISM_PARAM_INVALID) { - PKM_Error( "key materials derivation returned unexpected " - "error 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv)); - (void) pFunctionList->C_DestroyObject(hSession, mk_obj); + PKM_Error("key materials derivation returned unexpected " + "error 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); + (void)pFunctionList->C_DestroyObject(hSession, mk_obj); return (CKR_FUNCTION_FAILED); - } return (CKR_OK); - correct: +correct: /* * Then use the master key and the client 'n server random data to * derive the key materials @@ -4897,52 +4977,54 @@ PKM_TLSKeyAndMacDerive( CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_DeriveKey(hSession, &kmd_mech, mk_obj, NULL, 0, NULL); if (crv != CKR_OK) { - PKM_Error( "Cannot derive the key materials, crv 0x%08X, %-26s\n", - crv, PKM_CK_RVtoStr(crv)); - (void) pFunctionList->C_DestroyObject(hSession, mk_obj); + PKM_Error("Cannot derive the key materials, crv 0x%08X, %-26s\n", + crv, PKM_CK_RVtoStr(crv)); + (void)pFunctionList->C_DestroyObject(hSession, mk_obj); return (crv); } if (mk_obj != CK_INVALID_HANDLE) - (void) pFunctionList->C_DestroyObject(hSession, mk_obj); + (void)pFunctionList->C_DestroyObject(hSession, mk_obj); if (kmo.hClientMacSecret != CK_INVALID_HANDLE) - (void) pFunctionList->C_DestroyObject(hSession, kmo.hClientMacSecret); + (void)pFunctionList->C_DestroyObject(hSession, kmo.hClientMacSecret); if (kmo.hServerMacSecret != CK_INVALID_HANDLE) - (void) pFunctionList->C_DestroyObject(hSession, kmo.hServerMacSecret); + (void)pFunctionList->C_DestroyObject(hSession, kmo.hServerMacSecret); if (kmo.hClientKey != CK_INVALID_HANDLE) - (void) pFunctionList->C_DestroyObject(hSession, kmo.hClientKey); + (void)pFunctionList->C_DestroyObject(hSession, kmo.hClientKey); if (kmo.hServerKey != CK_INVALID_HANDLE) - (void) pFunctionList->C_DestroyObject(hSession, kmo.hServerKey); + (void)pFunctionList->C_DestroyObject(hSession, kmo.hServerKey); crv = pFunctionList->C_Logout(hSession); if (crv == CKR_OK) { PKM_LogIt("C_Logout succeeded\n"); } else { - PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_CloseSession(hSession); if (crv != CKR_OK) { - PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } return (crv); } -CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hRwSession, - CK_OBJECT_HANDLE publicKey, CK_OBJECT_HANDLE privateKey, - CK_MECHANISM *sigMech, - CK_OBJECT_HANDLE secretKey, CK_MECHANISM *cryptMech, - const CK_BYTE * pData, CK_ULONG pDataLen) { +CK_RV +PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SESSION_HANDLE hRwSession, + CK_OBJECT_HANDLE publicKey, CK_OBJECT_HANDLE privateKey, + CK_MECHANISM *sigMech, + CK_OBJECT_HANDLE secretKey, CK_MECHANISM *cryptMech, + const CK_BYTE *pData, CK_ULONG pDataLen) +{ CK_RV crv = CKR_OK; CK_BYTE encryptedData[MAX_CIPHER_SZ]; CK_ULONG ulEncryptedDataLen = 0; - CK_ULONG ulLastUpdateSize = 0 ; + CK_ULONG ulLastUpdateSize = 0; CK_BYTE sig[MAX_SIG_SZ]; CK_ULONG ulSigLen = 0; CK_BYTE data[MAX_DATA_SZ]; @@ -4956,8 +5038,8 @@ CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList, /* Check that the mechanism is Multi-part */ if (sigMech->mechanism == CKM_DSA || sigMech->mechanism == CKM_RSA_PKCS) { - PKM_Error( "PKM_DualFuncSign must be called with a Multi-part " - "operation mechanism\n"); + PKM_Error("PKM_DualFuncSign must be called with a Multi-part " + "operation mechanism\n"); return CKR_DEVICE_ERROR; } @@ -4965,51 +5047,50 @@ CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList, if (privateKey == 0 && publicKey == 0) { crv = pFunctionList->C_SignInit(hRwSession, sigMech, secretKey); if (crv != CKR_OK) { - PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } } else { crv = pFunctionList->C_SignInit(hRwSession, sigMech, privateKey); if (crv != CKR_OK) { - PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - } + } crv = pFunctionList->C_EncryptInit(hRwSession, cryptMech, secretKey); if (crv != CKR_OK) { - PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - ulEncryptedDataLen = sizeof(encryptedData); - crv = pFunctionList->C_SignEncryptUpdate(hRwSession, (CK_BYTE * ) pData, + crv = pFunctionList->C_SignEncryptUpdate(hRwSession, (CK_BYTE *)pData, pDataLen, encryptedData, &ulEncryptedDataLen); if (crv != CKR_OK) { - PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } ulLastUpdateSize = sizeof(encryptedData) - ulEncryptedDataLen; crv = pFunctionList->C_EncryptFinal(hRwSession, - (CK_BYTE * )&encryptedData[ulEncryptedDataLen], &ulLastUpdateSize); + (CK_BYTE *)&encryptedData[ulEncryptedDataLen], &ulLastUpdateSize); if (crv != CKR_OK) { - PKM_Error( "C_EncryptFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_EncryptFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - ulEncryptedDataLen = ulEncryptedDataLen + ulLastUpdateSize; + ulEncryptedDataLen = ulEncryptedDataLen + ulLastUpdateSize; ulSigLen = sizeof(sig); crv = pFunctionList->C_SignFinal(hRwSession, sig, &ulSigLen); if (crv != CKR_OK) { - PKM_Error( "C_SignFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -5017,15 +5098,15 @@ CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_DecryptInit(hRwSession, cryptMech, secretKey); if (crv != CKR_OK) { - PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } crv = pFunctionList->C_VerifyInit(hRwSession, sigMech, publicKey); if (crv != CKR_OK) { - PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } @@ -5035,8 +5116,8 @@ CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList, ulEncryptedDataLen, data, &ulDataLen); if (crv != CKR_OK) { - PKM_Error( "C_DecryptVerifyUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptVerifyUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } ulLastUpdateSize = sizeof(data) - ulDataLen; @@ -5044,51 +5125,52 @@ CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList, crv = pFunctionList->C_DecryptFinal(hRwSession, &data[ulDataLen], &ulLastUpdateSize); if (crv != CKR_OK) { - PKM_Error( "C_DecryptFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - + if (ulLastUpdateSize != 0) { crv = pFunctionList->C_VerifyUpdate(hRwSession, &data[ulDataLen], - ulLastUpdateSize); + ulLastUpdateSize); if (crv != CKR_OK) { - PKM_Error( "C_DecryptFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DecryptFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } } - ulDataLen = ulDataLen + ulLastUpdateSize; + ulDataLen = ulDataLen + ulLastUpdateSize; /* input for the verify operation is the decrypted data */ crv = pFunctionList->C_VerifyFinal(hRwSession, sig, ulSigLen); if (crv == CKR_OK) { PKM_LogIt("C_VerifyFinal succeeded\n"); } else { - PKM_Error( "C_VerifyFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_VerifyFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } /* Comparison of Decrypted data with inputed data */ - if ( (ulDataLen == pDataLen) && - (memcmp(data, pData, pDataLen) == 0) ) { + if ((ulDataLen == pDataLen) && + (memcmp(data, pData, pDataLen) == 0)) { PKM_LogIt("PKM_DualFuncSign decrypt test case passed\n"); } else { - PKM_Error( "PKM_DualFuncSign derypt test case failed\n"); + PKM_Error("PKM_DualFuncSign derypt test case failed\n"); } return crv; - } -CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList, - CK_SESSION_HANDLE hSession, - CK_MECHANISM *digestMech, CK_OBJECT_HANDLE hSecretKey, - const CK_BYTE * pData, CK_ULONG pDataLen) { +CK_RV +PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList, + CK_SESSION_HANDLE hSession, + CK_MECHANISM *digestMech, CK_OBJECT_HANDLE hSecretKey, + const CK_BYTE *pData, CK_ULONG pDataLen) +{ CK_RV crv = CKR_OK; CK_BYTE digest1[MAX_DIGEST_SZ]; - CK_ULONG digest1Len = 0 ; + CK_ULONG digest1Len = 0; CK_BYTE digest2[MAX_DIGEST_SZ]; CK_ULONG digest2Len = 0; @@ -5096,46 +5178,45 @@ CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList, memset(digest1, 0, sizeof(digest1)); memset(digest2, 0, sizeof(digest2)); - + NUMTESTS++; /* increment NUMTESTS */ crv = pFunctionList->C_DigestInit(hSession, digestMech); if (crv != CKR_OK) { - PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } digest1Len = sizeof(digest1); - crv = pFunctionList->C_Digest(hSession, (CK_BYTE * ) pData, pDataLen, - digest1, &digest1Len); + crv = pFunctionList->C_Digest(hSession, (CK_BYTE *)pData, pDataLen, + digest1, &digest1Len); if (crv != CKR_OK) { - PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_DigestInit(hSession, digestMech); if (crv != CKR_OK) { - PKM_Error( "C_DigestInit failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DigestInit failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - crv = pFunctionList->C_DigestUpdate(hSession, (CK_BYTE * ) pData, pDataLen); + crv = pFunctionList->C_DigestUpdate(hSession, (CK_BYTE *)pData, pDataLen); if (crv != CKR_OK) { - PKM_Error( "C_DigestUpdate failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DigestUpdate failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - + /* C_DigestKey continues a multiple-part message-digesting operation by*/ /* digesting the value of a secret key. (only used with C_DigestUpdate)*/ if (hSecretKey != 0) { crv = pFunctionList->C_DigestKey(hSession, hSecretKey); if (crv != CKR_OK) { - PKM_Error( "C_DigestKey failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DigestKey failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } } @@ -5143,37 +5224,36 @@ CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList, digest2Len = sizeof(digest2); crv = pFunctionList->C_DigestFinal(hSession, digest2, &digest2Len); if (crv != CKR_OK) { - PKM_Error( "C_DigestFinal failed with 0x%08X, %-26s\n", crv, - PKM_CK_RVtoStr(crv)); + PKM_Error("C_DigestFinal failed with 0x%08X, %-26s\n", crv, + PKM_CK_RVtoStr(crv)); return crv; } - if (hSecretKey == 0){ - /* did not digest a secret key so digests should equal */ - if ( (digest1Len == digest2Len) - && (memcmp(digest1, digest2, digest1Len) == 0) ) { - PKM_LogIt("Single and Multiple-part message digest " - "operations successful\n"); - } else { - PKM_Error("Single and Multiple-part message digest " - "operations failed\n"); - } + if (hSecretKey == 0) { + /* did not digest a secret key so digests should equal */ + if ((digest1Len == digest2Len) && + (memcmp(digest1, digest2, digest1Len) == 0)) { + PKM_LogIt("Single and Multiple-part message digest " + "operations successful\n"); + } else { + PKM_Error("Single and Multiple-part message digest " + "operations failed\n"); + } } else { - if (digest1Len == digest2Len) { + if (digest1Len == digest2Len) { PKM_LogIt("PKM_Digest Single and Multiple-part message digest " - "operations successful\n"); + "operations successful\n"); } else { PKM_Error("PKM_Digest Single and Multiple-part message digest " - "operations failed\n"); + "operations failed\n"); } - } return crv; - } -char * PKM_FilePasswd(char *pwFile) +char * +PKM_FilePasswd(char *pwFile) { unsigned char phrase[200]; PRFileDesc *fd; @@ -5190,20 +5270,22 @@ char * PKM_FilePasswd(char *pwFile) } nb = PR_Read(fd, phrase, sizeof(phrase)); - + PR_Close(fd); /* handle the Windows EOL case */ i = 0; - while (phrase[i] != '\r' && phrase[i] != '\n' && i < nb) i++; + while (phrase[i] != '\r' && phrase[i] != '\n' && i < nb) + i++; phrase[i] = '\0'; if (nb == 0) { - fprintf(stderr,"password file contains no data\n"); + fprintf(stderr, "password file contains no data\n"); return NULL; } - return (char*) strdup((char*)phrase); + return (char *)strdup((char *)phrase); } -void PKM_Help() +void +PKM_Help() { PRFileDesc *debug_out = PR_GetSpecialFD(PR_StandardError); PR_fprintf(debug_out, "pk11mode test program usage:\n"); @@ -5217,29 +5299,30 @@ void PKM_Help() exit(1); } -void PKM_CheckPath(char *string) +void +PKM_CheckPath(char *string) { - char *src; - char *dest; + char *src; + char *dest; - /* + /* * windows support convert any back slashes to * forward slashes. */ - for (src=string, dest=string; *src; src++,dest++) { - if (*src == '\\') { - *dest = '/'; - } - } - dest--; - /* if the last char is a / set it to 0 */ - if (*dest == '/') - *dest = 0; - + for (src = string, dest = string; *src; src++, dest++) { + if (*src == '\\') { + *dest = '/'; + } + } + dest--; + /* if the last char is a / set it to 0 */ + if (*dest == '/') + *dest = 0; } -CK_RV PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList, - PRBool forkAssert, CK_C_INITIALIZE_ARGS_NSS *initArgs) +CK_RV +PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList, + PRBool forkAssert, CK_C_INITIALIZE_ARGS_NSS *initArgs) { CK_RV crv = CKR_OK; #ifndef NO_FORK_CHECK @@ -5247,59 +5330,58 @@ CK_RV PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList, pid_t child, ret; NUMTESTS++; /* increment NUMTESTS */ if (forkAssert) { - putenv("NSS_STRICT_NOFORK=1"); + putenv("NSS_STRICT_NOFORK=1"); } else { - putenv("NSS_STRICT_NOFORK=0"); + putenv("NSS_STRICT_NOFORK=0"); } child = fork(); switch (child) { - case -1: - PKM_Error("Fork failed.\n"); - crv = CKR_DEVICE_ERROR; - break; - case 0: - if (fList) { - if (!initArgs) { - /* If softoken is loaded, make a PKCS#11 call to C_GetTokenInfo + case -1: + PKM_Error("Fork failed.\n"); + crv = CKR_DEVICE_ERROR; + break; + case 0: + if (fList) { + if (!initArgs) { + /* If softoken is loaded, make a PKCS#11 call to C_GetTokenInfo * in the child. This call should always fail. * If softoken is uninitialized, * it fails with CKR_CRYPTOKI_NOT_INITIALIZED. * If it was initialized in the parent, the fork check should * kick in, and make it return CKR_DEVICE_ERROR. */ - CK_RV child_crv = fList->C_GetTokenInfo(0, NULL); - exit(child_crv & 255); - } else { - /* If softoken is loaded, make a PKCS#11 call to C_Initialize + CK_RV child_crv = fList->C_GetTokenInfo(0, NULL); + exit(child_crv & 255); + } else { + /* If softoken is loaded, make a PKCS#11 call to C_Initialize * in the child. This call should always fail. * If softoken is uninitialized, this should succeed. * If it was initialized in the parent, the fork check should * kick in, and make it return CKR_DEVICE_ERROR. */ - CK_RV child_crv = fList->C_Initialize(initArgs); - if (CKR_OK == child_crv) { - child_crv = fList->C_Finalize(NULL); + CK_RV child_crv = fList->C_Initialize(initArgs); + if (CKR_OK == child_crv) { + child_crv = fList->C_Finalize(NULL); + } + exit(child_crv & 255); } - exit(child_crv & 255); } - } - exit(expected & 255); - default: - PKM_LogIt("Fork succeeded.\n"); - ret = wait(&rc); - if (ret != child || (!WIFEXITED(rc)) || - ( (expected & 255) != (WEXITSTATUS(rc) & 255)) ) { - int retStatus = -1; - if (WIFEXITED(rc)) { - retStatus = WEXITSTATUS(rc); + exit(expected & 255); + default: + PKM_LogIt("Fork succeeded.\n"); + ret = wait(&rc); + if (ret != child || (!WIFEXITED(rc)) || + ((expected & 255) != (WEXITSTATUS(rc) & 255))) { + int retStatus = -1; + if (WIFEXITED(rc)) { + retStatus = WEXITSTATUS(rc); + } + PKM_Error("Child misbehaved.\n"); + printf("Child return status : %d.\n", retStatus & 255); + crv = CKR_DEVICE_ERROR; } - PKM_Error("Child misbehaved.\n"); - printf("Child return status : %d.\n", retStatus & 255); - crv = CKR_DEVICE_ERROR; - } - break; + break; } #endif return crv; } - diff --git a/nss/cmd/pk11mode/pk11mode.gyp b/nss/cmd/pk11mode/pk11mode.gyp new file mode 100644 index 0000000..ed042c1 --- /dev/null +++ b/nss/cmd/pk11mode/pk11mode.gyp @@ -0,0 +1,24 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +{ + 'includes': [ + '../../coreconf/config.gypi', + '../../cmd/platlibs.gypi' + ], + 'targets': [ + { + 'target_name': 'pk11mode', + 'type': 'executable', + 'sources': [ + 'pk11mode.c' + ], + 'dependencies': [ + '<(DEPTH)/exports.gyp:nss_exports' + ] + } + ], + 'variables': { + 'module': 'nss' + } +}
\ No newline at end of file |