summaryrefslogtreecommitdiff
path: root/nss/cmd/pk11mode
diff options
context:
space:
mode:
Diffstat (limited to 'nss/cmd/pk11mode')
-rw-r--r--nss/cmd/pk11mode/pk11mode.c3540
-rw-r--r--nss/cmd/pk11mode/pk11mode.gyp24
2 files changed, 1835 insertions, 1729 deletions
diff --git a/nss/cmd/pk11mode/pk11mode.c b/nss/cmd/pk11mode/pk11mode.c
index 901323a..2f1fa37 100644
--- a/nss/cmd/pk11mode/pk11mode.c
+++ b/nss/cmd/pk11mode/pk11mode.c
@@ -10,7 +10,6 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
@@ -37,7 +36,7 @@
#include "pk11table.h"
-#define NUM_ELEM(array) (sizeof(array)/sizeof(array[0]))
+#define NUM_ELEM(array) (sizeof(array) / sizeof(array[0]))
#ifndef NULL_PTR
#define NULL_PTR 0
@@ -47,13 +46,15 @@
* Returns "unknown error" if errNum is unknown.
*/
const char *
-PKM_CK_RVtoStr(CK_RV errNum) {
- const char * err;
+PKM_CK_RVtoStr(CK_RV errNum)
+{
+ const char *err;
err = getName(errNum, ConstResult);
-
- if (err) return err;
-
+
+ if (err)
+ return err;
+
return "unknown error";
}
@@ -94,12 +95,12 @@ int MODE = FIPSMODE;
CK_BBOOL true = CK_TRUE;
CK_BBOOL false = CK_FALSE;
-static const CK_BYTE PLAINTEXT[] = {"Firefox Rules!"};
-static const CK_BYTE PLAINTEXT_PAD[] =
- {"Firefox and thunderbird rule the world!"};
+static const CK_BYTE PLAINTEXT[] = { "Firefox Rules!" };
+static const CK_BYTE PLAINTEXT_PAD[] =
+ { "Firefox and thunderbird rule the world!" };
CK_ULONG NUMTESTS = 0;
-static const char * slotFlagName[] = {
+static const char *slotFlagName[] = {
"CKF_TOKEN_PRESENT",
"CKF_REMOVABLE_DEVICE",
"CKF_HW_SLOT",
@@ -134,7 +135,7 @@ static const char * slotFlagName[] = {
"unknown token flag 0x80000000"
};
-static const char * tokenFlagName[] = {
+static const char *tokenFlagName[] = {
"CKF_PKM_RNG",
"CKF_WRITE_PROTECTED",
"CKF_LOGIN_REQUIRED",
@@ -198,13 +199,12 @@ dumpToHash64(const unsigned char *buf, unsigned int bufLen)
if (i % 32 == 0)
printf("\n");
printf(" 0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,0x%02x,",
- buf[i ], buf[i+1], buf[i+2], buf[i+3],
- buf[i+4], buf[i+5], buf[i+6], buf[i+7]);
+ buf[i], buf[i + 1], buf[i + 2], buf[i + 3],
+ buf[i + 4], buf[i + 5], buf[i + 6], buf[i + 7]);
}
printf("\n");
}
-
#ifdef _WIN32
HMODULE hModule;
#else
@@ -223,8 +223,8 @@ CK_RV PKM_InitPWforDB(CK_FUNCTION_LIST_PTR pFunctionList,
CK_SLOT_ID *pSlotList, CK_ULONG slotID,
CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID);
-CK_RV PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID * pSlotList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID);
+CK_RV PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList,
CK_ULONG slotID);
CK_RV PKM_SessionLogin(CK_FUNCTION_LIST_PTR pFunctionList,
CK_SLOT_ID *pSlotList, CK_ULONG slotID,
@@ -233,17 +233,17 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList,
CK_ULONG slotID, CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList,
CK_ULONG slotID, CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
-CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
+CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
CK_C_INITIALIZE_ARGS_NSS *initArgs);
CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
CK_RV PKM_MultiObjectManagement(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
CK_SLOT_ID *pSlotList, CK_ULONG slotID,
CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
@@ -256,67 +256,68 @@ CK_RV PKM_MechCheck(CK_FUNCTION_LIST_PTR pFunctionList,
CK_FLAGS flags, CK_BBOOL check_sizes,
CK_ULONG minkeysize, CK_ULONG maxkeysize);
CK_RV PKM_TLSKeyAndMacDerive(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
- CK_MECHANISM_TYPE mechType, enum_random_t rnd);
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
+ CK_MECHANISM_TYPE mechType, enum_random_t rnd);
CK_RV PKM_TLSMasterKeyDerive(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
- CK_MECHANISM_TYPE mechType,
- enum_random_t rnd);
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
+ CK_MECHANISM_TYPE mechType,
+ enum_random_t rnd);
CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID *pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen);
CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hRwSession,
- CK_OBJECT_HANDLE publicKey, CK_OBJECT_HANDLE privateKey,
- CK_MECHANISM *sigMech, CK_OBJECT_HANDLE secretKey,
- CK_MECHANISM *cryptMech,
- const CK_BYTE * pData, CK_ULONG pDataLen);
+ CK_SESSION_HANDLE hRwSession,
+ CK_OBJECT_HANDLE publicKey, CK_OBJECT_HANDLE privateKey,
+ CK_MECHANISM *sigMech, CK_OBJECT_HANDLE secretKey,
+ CK_MECHANISM *cryptMech,
+ const CK_BYTE *pData, CK_ULONG pDataLen);
CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hSecKey, CK_MECHANISM *cryptMech,
- CK_OBJECT_HANDLE hSecKeyDigest,
- CK_MECHANISM *digestMech,
- const CK_BYTE * pData, CK_ULONG pDataLen);
-CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hSecKey, CK_MECHANISM *cryptMech,
+ CK_OBJECT_HANDLE hSecKeyDigest,
+ CK_MECHANISM *digestMech,
+ const CK_BYTE *pData, CK_ULONG pDataLen);
+CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList,
CK_SESSION_HANDLE hRwSession,
CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey,
- CK_MECHANISM *signMech, const CK_BYTE * pData,
+ CK_MECHANISM *signMech, const CK_BYTE *pData,
CK_ULONG dataLen);
-CK_RV PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList,
+CK_RV PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList,
CK_SESSION_HANDLE hSession,
CK_OBJECT_HANDLE hSymKey, CK_MECHANISM *cryptMech,
- const CK_BYTE * pData, CK_ULONG dataLen);
+ const CK_BYTE *pData, CK_ULONG dataLen);
CK_RV PKM_Hmac(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE sKey, CK_MECHANISM *hmacMech,
- const CK_BYTE * pData, CK_ULONG pDataLen);
-CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_OBJECT_HANDLE sKey, CK_MECHANISM *hmacMech,
+ const CK_BYTE *pData, CK_ULONG pDataLen);
+CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList,
CK_SESSION_HANDLE hRwSession,
CK_MECHANISM *digestMech, CK_OBJECT_HANDLE hSecretKey,
- const CK_BYTE * pData, CK_ULONG pDataLen);
+ const CK_BYTE *pData, CK_ULONG pDataLen);
CK_RV PKM_wrapUnwrap(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hPublicKey,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hPublicKey,
CK_OBJECT_HANDLE hPrivateKey,
CK_MECHANISM *wrapMechanism,
CK_OBJECT_HANDLE hSecretKey,
CK_ATTRIBUTE *sKeyTemplate,
CK_ULONG skeyTempSize);
-CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey,
- CK_MECHANISM *signMech, const CK_BYTE * pData,
- CK_ULONG pDataLen);
+CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey,
+ CK_MECHANISM *signMech, const CK_BYTE *pData,
+ CK_ULONG pDataLen);
CK_RV PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList,
- PRBool forkAssert, CK_C_INITIALIZE_ARGS_NSS *initArgs);
+ PRBool forkAssert, CK_C_INITIALIZE_ARGS_NSS *initArgs);
-void PKM_Help();
-void PKM_CheckPath(char *string);
-char *PKM_FilePasswd(char *pwFile);
+void PKM_Help();
+void PKM_CheckPath(char *string);
+char *PKM_FilePasswd(char *pwFile);
static PRBool verbose = PR_FALSE;
-int main(int argc, char **argv)
+int
+main(int argc, char **argv)
{
CK_C_GetFunctionList pC_GetFunctionList;
CK_FUNCTION_LIST_PTR pFunctionList;
@@ -336,38 +337,40 @@ int main(int argc, char **argv)
PLOptStatus os;
PLOptState *opt = PL_CreateOptState(argc, argv, "nvhf:Fd:p:");
- while (PL_OPT_EOL != (os = PL_GetNextOpt(opt)))
- {
- if (PL_OPT_BAD == os) continue;
- switch (opt->option)
- {
- case 'F': /* disable fork tests */
- doForkTests = PR_FALSE;
- break;
- case 'n': /* non fips mode */
- MODE = NONFIPSMODE;
- slotID = 1;
- break;
- case 'f': /* password file */
- pwd = (CK_UTF8CHAR *) PKM_FilePasswd((char *)opt->value);
- if (!pwd) PKM_Help();
- break;
- case 'd': /* opt_CertDir */
- if (!opt->value) PKM_Help();
- configDir = strdup(opt->value);
- PKM_CheckPath(configDir);
- break;
- case 'p': /* opt_DBPrefix */
- if (!opt->value) PKM_Help();
- dbPrefix = strdup(opt->value);
- break;
- case 'v':
- verbose = PR_TRUE;
- break;
- case 'h': /* help message */
- default:
- PKM_Help();
- break;
+ while (PL_OPT_EOL != (os = PL_GetNextOpt(opt))) {
+ if (PL_OPT_BAD == os)
+ continue;
+ switch (opt->option) {
+ case 'F': /* disable fork tests */
+ doForkTests = PR_FALSE;
+ break;
+ case 'n': /* non fips mode */
+ MODE = NONFIPSMODE;
+ slotID = 1;
+ break;
+ case 'f': /* password file */
+ pwd = (CK_UTF8CHAR *)PKM_FilePasswd((char *)opt->value);
+ if (!pwd)
+ PKM_Help();
+ break;
+ case 'd': /* opt_CertDir */
+ if (!opt->value)
+ PKM_Help();
+ configDir = strdup(opt->value);
+ PKM_CheckPath(configDir);
+ break;
+ case 'p': /* opt_DBPrefix */
+ if (!opt->value)
+ PKM_Help();
+ dbPrefix = strdup(opt->value);
+ break;
+ case 'v':
+ verbose = PR_TRUE;
+ break;
+ case 'h': /* help message */
+ default:
+ PKM_Help();
+ break;
}
}
PL_DestroyOptState(opt);
@@ -375,7 +378,7 @@ int main(int argc, char **argv)
if (!pwd) {
pwd = (CK_UTF8CHAR *)strdup("1Mozilla");
}
- pwdLen = strlen((const char*)pwd);
+ pwdLen = strlen((const char *)pwd);
if (!configDir) {
configDir = strdup(".");
}
@@ -383,8 +386,7 @@ int main(int argc, char **argv)
dbPrefix = strdup("");
}
- if (doForkTests)
- {
+ if (doForkTests) {
/* first, try to fork without softoken loaded to make sure
* everything is OK */
crv = PKM_ForkCheck(123, NULL, PR_FALSE, NULL);
@@ -392,44 +394,43 @@ int main(int argc, char **argv)
goto cleanup;
}
-
#ifdef _WIN32
hModule = LoadLibrary(LIB_NAME);
if (hModule == NULL) {
- PKM_Error( "cannot load %s\n", LIB_NAME);
+ PKM_Error("cannot load %s\n", LIB_NAME);
goto cleanup;
}
if (MODE == FIPSMODE) {
/* FIPS mode == FC_GetFunctionList */
pC_GetFunctionList = (CK_C_GetFunctionList)
- GetProcAddress(hModule, "FC_GetFunctionList");
+ GetProcAddress(hModule, "FC_GetFunctionList");
} else {
/* NON FIPS mode == C_GetFunctionList */
pC_GetFunctionList = (CK_C_GetFunctionList)
- GetProcAddress(hModule, "C_GetFunctionList");
- }
+ GetProcAddress(hModule, "C_GetFunctionList");
+ }
if (pC_GetFunctionList == NULL) {
- PKM_Error( "cannot load %s\n", LIB_NAME);
+ PKM_Error("cannot load %s\n", LIB_NAME);
goto cleanup;
}
#else
{
- char *libname = NULL;
- /* Get the platform-dependent library name of the NSS cryptographic module */
- libname = PR_GetLibraryName(NULL, "softokn3");
- assert(libname != NULL);
- lib = PR_LoadLibrary(libname);
- assert(lib != NULL);
- PR_FreeLibraryName(libname);
- }
+ char *libname = NULL;
+ /* Get the platform-dependent library name of the NSS cryptographic module */
+ libname = PR_GetLibraryName(NULL, "softokn3");
+ assert(libname != NULL);
+ lib = PR_LoadLibrary(libname);
+ assert(lib != NULL);
+ PR_FreeLibraryName(libname);
+ }
if (MODE == FIPSMODE) {
- pC_GetFunctionList = (CK_C_GetFunctionList) PR_FindFunctionSymbol(lib,
- "FC_GetFunctionList");
+ pC_GetFunctionList = (CK_C_GetFunctionList)PR_FindFunctionSymbol(lib,
+ "FC_GetFunctionList");
assert(pC_GetFunctionList != NULL);
slotID = 0;
} else {
- pC_GetFunctionList = (CK_C_GetFunctionList) PR_FindFunctionSymbol(lib,
- "C_GetFunctionList");
+ pC_GetFunctionList = (CK_C_GetFunctionList)PR_FindFunctionSymbol(lib,
+ "C_GetFunctionList");
assert(pC_GetFunctionList != NULL);
slotID = 1;
}
@@ -437,25 +438,23 @@ int main(int argc, char **argv)
if (MODE == FIPSMODE) {
printf("Loaded FC_GetFunctionList for FIPS MODE; slotID %d \n",
- (int) slotID);
+ (int)slotID);
} else {
printf("loaded C_GetFunctionList for NON FIPS MODE; slotID %d \n",
- (int) slotID);
+ (int)slotID);
}
crv = (*pC_GetFunctionList)(&pFunctionList);
assert(crv == CKR_OK);
-
- if (doForkTests)
- {
+ if (doForkTests) {
/* now, try to fork with softoken loaded, but not initialized */
crv = PKM_ForkCheck(CKR_CRYPTOKI_NOT_INITIALIZED, pFunctionList,
- PR_TRUE, NULL);
+ PR_TRUE, NULL);
if (crv != CKR_OK)
goto cleanup;
}
-
+
initArgs.CreateMutex = NULL;
initArgs.DestroyMutex = NULL;
initArgs.LockMutex = NULL;
@@ -464,7 +463,7 @@ int main(int argc, char **argv)
moduleSpec = PR_smprintf("configdir='%s' certPrefix='%s' "
"keyPrefix='%s' secmod='secmod.db' flags= ",
configDir, dbPrefix, dbPrefix);
- initArgs.LibraryParameters = (CK_CHAR_PTR *) moduleSpec;
+ initArgs.LibraryParameters = (CK_CHAR_PTR *)moduleSpec;
initArgs.pReserved = NULL;
/*DebugBreak();*/
@@ -477,13 +476,12 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("C_Initialize succeeded\n");
} else {
- PKM_Error( "C_Initialize failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Initialize failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
- if (doForkTests)
- {
+ if (doForkTests) {
/* Disable core on fork for this test, since we are testing the
* pathological case, and if enabled, the child process would dump
* core in C_GetTokenInfo .
@@ -496,8 +494,7 @@ int main(int argc, char **argv)
goto cleanup;
}
- if (doForkTests)
- {
+ if (doForkTests) {
/* In this next test, we fork and try to re-initialize softoken in
* the child. This should now work because softoken has the ability
* to hard reset.
@@ -512,55 +509,55 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_ShowInfo succeeded\n");
} else {
- PKM_Error( "PKM_ShowInfo failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_ShowInfo failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
pSlotList = PKM_GetSlotList(pFunctionList, slotID);
if (pSlotList == NULL) {
- PKM_Error( "PKM_GetSlotList failed with \n");
+ PKM_Error("PKM_GetSlotList failed with \n");
goto cleanup;
}
crv = pFunctionList->C_GetTokenInfo(pSlotList[slotID], &tokenInfo);
if (crv == CKR_OK) {
PKM_LogIt("C_GetTokenInfo succeeded\n\n");
} else {
- PKM_Error( "C_GetTokenInfo failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GetTokenInfo failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
if (!(tokenInfo.flags & CKF_USER_PIN_INITIALIZED)) {
PKM_LogIt("Initing PW for DB\n");
crv = PKM_InitPWforDB(pFunctionList, pSlotList, slotID,
- pwd, pwdLen);
+ pwd, pwdLen);
if (crv == CKR_OK) {
PKM_LogIt("PKM_InitPWforDB succeeded\n\n");
} else {
- PKM_Error( "PKM_InitPWforDB failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_InitPWforDB failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
} else {
PKM_LogIt("using existing DB\n");
}
- /* general mechanism by token */
+ /* general mechanism by token */
crv = PKM_Mechanism(pFunctionList, pSlotList, slotID);
if (crv == CKR_OK) {
PKM_LogIt("PKM_Mechanism succeeded\n\n");
} else {
- PKM_Error( "PKM_Mechanism failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_Mechanism failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
- }
+ }
/* RNG example without Login */
crv = PKM_RNG(pFunctionList, pSlotList, slotID);
if (crv == CKR_OK) {
PKM_LogIt("PKM_RNG succeeded\n\n");
} else {
- PKM_Error( "PKM_RNG failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_RNG failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
@@ -569,33 +566,33 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_SessionLogin succeeded\n\n");
} else {
- PKM_Error( "PKM_SessionLogin failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_SessionLogin failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
/*
- * PKM_KeyTest creates RSA,DSA public keys
+ * PKM_KeyTest creates RSA,DSA public keys
* and AES, DES3 secret keys.
- * then does digest, hmac, encrypt/decrypt, signing operations.
+ * then does digest, hmac, encrypt/decrypt, signing operations.
*/
crv = PKM_KeyTests(pFunctionList, pSlotList, slotID,
- pwd, pwdLen);
+ pwd, pwdLen);
if (crv == CKR_OK) {
PKM_LogIt("PKM_KeyTests succeeded\n\n");
} else {
- PKM_Error( "PKM_KeyTest failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_KeyTest failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
- crv = PKM_SecretKey(pFunctionList, pSlotList, slotID, pwd,
+ crv = PKM_SecretKey(pFunctionList, pSlotList, slotID, pwd,
pwdLen);
if (crv == CKR_OK) {
PKM_LogIt("PKM_SecretKey succeeded\n\n");
} else {
- PKM_Error( "PKM_SecretKey failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_SecretKey failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
@@ -604,8 +601,8 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_PublicKey succeeded\n\n");
} else {
- PKM_Error( "PKM_PublicKey failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_PublicKey failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
crv = PKM_OperationalState(pFunctionList, pSlotList, slotID,
@@ -613,8 +610,8 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_OperationalState succeeded\n\n");
} else {
- PKM_Error( "PKM_OperationalState failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_OperationalState failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
crv = PKM_MultiObjectManagement(pFunctionList, pSlotList, slotID,
@@ -622,8 +619,8 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_MultiObjectManagement succeeded\n\n");
} else {
- PKM_Error( "PKM_MultiObjectManagement failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_MultiObjectManagement failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
crv = PKM_LegacyFunctions(pFunctionList, pSlotList, slotID,
@@ -631,8 +628,8 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_LegacyFunctions succeeded\n\n");
} else {
- PKM_Error( "PKM_LegacyFunctions failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_LegacyFunctions failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
crv = PKM_TLSKeyAndMacDerive(pFunctionList, pSlotList, slotID,
@@ -642,8 +639,8 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_TLSKeyAndMacDerive succeeded\n\n");
} else {
- PKM_Error( "PKM_TLSKeyAndMacDerive failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_TLSKeyAndMacDerive failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
crv = PKM_TLSMasterKeyDerive(pFunctionList, pSlotList, slotID,
@@ -653,8 +650,8 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_TLSMasterKeyDerive succeeded\n\n");
} else {
- PKM_Error( "PKM_TLSMasterKeyDerive failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_TLSMasterKeyDerive failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
crv = PKM_TLSMasterKeyDerive(pFunctionList, pSlotList, slotID,
@@ -664,8 +661,8 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_TLSMasterKeyDerive succeeded\n\n");
} else {
- PKM_Error( "PKM_TLSMasterKeyDerive failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_TLSMasterKeyDerive failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
crv = PKM_FindAllObjects(pFunctionList, pSlotList, slotID,
@@ -673,29 +670,28 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_FindAllObjects succeeded\n\n");
} else {
- PKM_Error( "PKM_FindAllObjects failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_FindAllObjects failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
crv = pFunctionList->C_Finalize(NULL);
if (crv == CKR_OK) {
PKM_LogIt("C_Finalize succeeded\n");
} else {
- PKM_Error( "C_Finalize failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Finalize failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
- if (doForkTests)
- {
+ if (doForkTests) {
/* try to fork with softoken still loaded, but de-initialized */
crv = PKM_ForkCheck(CKR_CRYPTOKI_NOT_INITIALIZED, pFunctionList,
- PR_TRUE, NULL);
+ PR_TRUE, NULL);
if (crv != CKR_OK)
goto cleanup;
}
- if (pSlotList) free(pSlotList);
+ free(pSlotList);
/* demonstrate how an application can be in Hybrid mode */
/* PKM_HybridMode shows how to switch between NONFIPS */
@@ -706,8 +702,8 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("PKM_HybridMode succeeded\n");
} else {
- PKM_Error( "PKM_HybridMode failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_HybridMode failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
@@ -718,16 +714,16 @@ int main(int argc, char **argv)
if (crv == CKR_OK) {
PKM_LogIt("C_Initialize succeeded\n");
} else {
- PKM_Error( "C_Initialize failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Initialize failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
crv = pFunctionList->C_Finalize(NULL);
if (crv == CKR_OK) {
PKM_LogIt("C_Finalize succeeded\n");
} else {
- PKM_Error( "C_Finalize failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Finalize failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
goto cleanup;
}
/* try to C_Initialize / C_Finalize in child. This should succeed */
@@ -754,7 +750,7 @@ cleanup:
#ifdef _WIN32
FreeLibrary(hModule);
#else
- disableUnload = PR_GetEnv("NSS_DISABLE_UNLOAD");
+ disableUnload = PR_GetEnvSecure("NSS_DISABLE_UNLOAD");
if (!disableUnload) {
PR_UnloadLibrary(lib);
}
@@ -764,8 +760,8 @@ cleanup:
crv = PKM_ForkCheck(123, NULL, PR_TRUE, NULL);
}
- printf("**** Total number of TESTS ran in %s is %d. ****\n",
- ((MODE == FIPSMODE) ? "FIPS MODE" : "NON FIPS MODE"), (int) NUMTESTS);
+ printf("**** Total number of TESTS ran in %s is %d. ****\n",
+ ((MODE == FIPSMODE) ? "FIPS MODE" : "NON FIPS MODE"), (int)NUMTESTS);
if (CKR_OK == crv) {
printf("**** ALL TESTS PASSED ****\n");
}
@@ -779,40 +775,42 @@ cleanup:
*
*/
-CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) {
+CK_RV
+PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen)
+{
CK_SESSION_HANDLE hRwSession;
CK_RV crv = CKR_OK;
-/*** DSA Key ***/
+ /*** DSA Key ***/
CK_MECHANISM dsaParamGenMech;
CK_ULONG primeBits = 1024;
- CK_ATTRIBUTE dsaParamGenTemplate[1];
+ CK_ATTRIBUTE dsaParamGenTemplate[1];
CK_OBJECT_HANDLE hDsaParams = CK_INVALID_HANDLE;
CK_BYTE DSA_P[128];
CK_BYTE DSA_Q[20];
CK_BYTE DSA_G[128];
CK_MECHANISM dsaKeyPairGenMech;
- CK_ATTRIBUTE dsaPubKeyTemplate[5];
- CK_ATTRIBUTE dsaPrivKeyTemplate[5];
+ CK_ATTRIBUTE dsaPubKeyTemplate[5];
+ CK_ATTRIBUTE dsaPrivKeyTemplate[5];
CK_OBJECT_HANDLE hDSApubKey = CK_INVALID_HANDLE;
CK_OBJECT_HANDLE hDSAprivKey = CK_INVALID_HANDLE;
-/**** RSA Key ***/
+ /**** RSA Key ***/
CK_KEY_TYPE rsatype = CKK_RSA;
CK_MECHANISM rsaKeyPairGenMech;
- CK_BYTE subject[] = {"RSA Private Key"};
+ CK_BYTE subject[] = { "RSA Private Key" };
CK_ULONG modulusBits = 1024;
- CK_BYTE publicExponent[] = {0x01, 0x00, 0x01};
- CK_BYTE id[] = {"RSA123"};
- CK_ATTRIBUTE rsaPubKeyTemplate[9];
- CK_ATTRIBUTE rsaPrivKeyTemplate[11];
+ CK_BYTE publicExponent[] = { 0x01, 0x00, 0x01 };
+ CK_BYTE id[] = { "RSA123" };
+ CK_ATTRIBUTE rsaPubKeyTemplate[9];
+ CK_ATTRIBUTE rsaPrivKeyTemplate[11];
CK_OBJECT_HANDLE hRSApubKey = CK_INVALID_HANDLE;
CK_OBJECT_HANDLE hRSAprivKey = CK_INVALID_HANDLE;
- /*** AES Key ***/
+ /*** AES Key ***/
CK_MECHANISM sAESKeyMech = {
CKM_AES_KEY_GEN, NULL, 0
};
@@ -820,10 +818,10 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
CK_KEY_TYPE keyAESType = CKK_AES;
CK_UTF8CHAR AESlabel[] = "An AES secret key object";
CK_ULONG AESvalueLen = 32;
- CK_ATTRIBUTE sAESKeyTemplate[9];
+ CK_ATTRIBUTE sAESKeyTemplate[9];
CK_OBJECT_HANDLE hAESSecKey;
-/*** DES3 Key ***/
+ /*** DES3 Key ***/
CK_KEY_TYPE keyDES3Type = CKK_DES3;
CK_UTF8CHAR DES3label[] = "An Triple DES secret key object";
CK_ULONG DES3valueLen = 56;
@@ -832,43 +830,43 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
};
CK_ATTRIBUTE sDES3KeyTemplate[9];
CK_OBJECT_HANDLE hDES3SecKey;
-
+
CK_MECHANISM dsaWithSha1Mech = {
CKM_DSA_SHA1, NULL, 0
};
CK_BYTE IV[16];
- CK_MECHANISM mech_DES3_CBC;
- CK_MECHANISM mech_DES3_CBC_PAD;
+ CK_MECHANISM mech_DES3_CBC;
+ CK_MECHANISM mech_DES3_CBC_PAD;
CK_MECHANISM mech_AES_CBC_PAD;
CK_MECHANISM mech_AES_CBC;
struct mech_str {
- CK_ULONG mechanism;
+ CK_ULONG mechanism;
const char *mechanismStr;
};
typedef struct mech_str mech_str;
mech_str digestMechs[] = {
- {CKM_SHA_1, "CKM_SHA_1 "},
- {CKM_SHA224, "CKM_SHA224"},
- {CKM_SHA256, "CKM_SHA256"},
- {CKM_SHA384, "CKM_SHA384"},
- {CKM_SHA512, "CKM_SHA512"}
+ { CKM_SHA_1, "CKM_SHA_1 " },
+ { CKM_SHA224, "CKM_SHA224" },
+ { CKM_SHA256, "CKM_SHA256" },
+ { CKM_SHA384, "CKM_SHA384" },
+ { CKM_SHA512, "CKM_SHA512" }
};
mech_str hmacMechs[] = {
- {CKM_SHA_1_HMAC, "CKM_SHA_1_HMAC"},
- {CKM_SHA224_HMAC, "CKM_SHA224_HMAC"},
- {CKM_SHA256_HMAC, "CKM_SHA256_HMAC"},
- {CKM_SHA384_HMAC, "CKM_SHA384_HMAC"},
- {CKM_SHA512_HMAC, "CKM_SHA512_HMAC"}
+ { CKM_SHA_1_HMAC, "CKM_SHA_1_HMAC" },
+ { CKM_SHA224_HMAC, "CKM_SHA224_HMAC" },
+ { CKM_SHA256_HMAC, "CKM_SHA256_HMAC" },
+ { CKM_SHA384_HMAC, "CKM_SHA384_HMAC" },
+ { CKM_SHA512_HMAC, "CKM_SHA512_HMAC" }
};
mech_str sigRSAMechs[] = {
- {CKM_SHA1_RSA_PKCS, "CKM_SHA1_RSA_PKCS"},
- {CKM_SHA224_RSA_PKCS, "CKM_SHA224_RSA_PKCS"},
- {CKM_SHA256_RSA_PKCS, "CKM_SHA256_RSA_PKCS"},
- {CKM_SHA384_RSA_PKCS, "CKM_SHA384_RSA_PKCS"},
- {CKM_SHA512_RSA_PKCS, "CKM_SHA512_RSA_PKCS"}
+ { CKM_SHA1_RSA_PKCS, "CKM_SHA1_RSA_PKCS" },
+ { CKM_SHA224_RSA_PKCS, "CKM_SHA224_RSA_PKCS" },
+ { CKM_SHA256_RSA_PKCS, "CKM_SHA256_RSA_PKCS" },
+ { CKM_SHA384_RSA_PKCS, "CKM_SHA384_RSA_PKCS" },
+ { CKM_SHA512_RSA_PKCS, "CKM_SHA512_RSA_PKCS" }
};
CK_ULONG digestMechsSZ = NUM_ELEM(digestMechs);
@@ -881,195 +879,195 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
NUMTESTS++; /* increment NUMTESTS */
/* DSA key init */
- dsaParamGenMech.mechanism = CKM_DSA_PARAMETER_GEN;
- dsaParamGenMech.pParameter = NULL_PTR;
+ dsaParamGenMech.mechanism = CKM_DSA_PARAMETER_GEN;
+ dsaParamGenMech.pParameter = NULL_PTR;
dsaParamGenMech.ulParameterLen = 0;
- dsaParamGenTemplate[0].type = CKA_PRIME_BITS;
- dsaParamGenTemplate[0].pValue = &primeBits;
+ dsaParamGenTemplate[0].type = CKA_PRIME_BITS;
+ dsaParamGenTemplate[0].pValue = &primeBits;
dsaParamGenTemplate[0].ulValueLen = sizeof(primeBits);
- dsaPubKeyTemplate[0].type = CKA_PRIME;
- dsaPubKeyTemplate[0].pValue = DSA_P;
+ dsaPubKeyTemplate[0].type = CKA_PRIME;
+ dsaPubKeyTemplate[0].pValue = DSA_P;
dsaPubKeyTemplate[0].ulValueLen = sizeof(DSA_P);
- dsaPubKeyTemplate[1].type = CKA_SUBPRIME;
+ dsaPubKeyTemplate[1].type = CKA_SUBPRIME;
dsaPubKeyTemplate[1].pValue = DSA_Q;
dsaPubKeyTemplate[1].ulValueLen = sizeof(DSA_Q);
- dsaPubKeyTemplate[2].type = CKA_BASE;
- dsaPubKeyTemplate[2].pValue = DSA_G;
+ dsaPubKeyTemplate[2].type = CKA_BASE;
+ dsaPubKeyTemplate[2].pValue = DSA_G;
dsaPubKeyTemplate[2].ulValueLen = sizeof(DSA_G);
- dsaPubKeyTemplate[3].type = CKA_TOKEN;
- dsaPubKeyTemplate[3].pValue = &true;
+ dsaPubKeyTemplate[3].type = CKA_TOKEN;
+ dsaPubKeyTemplate[3].pValue = &true;
dsaPubKeyTemplate[3].ulValueLen = sizeof(true);
- dsaPubKeyTemplate[4].type = CKA_VERIFY;
- dsaPubKeyTemplate[4].pValue = &true;
+ dsaPubKeyTemplate[4].type = CKA_VERIFY;
+ dsaPubKeyTemplate[4].pValue = &true;
dsaPubKeyTemplate[4].ulValueLen = sizeof(true);
- dsaKeyPairGenMech.mechanism = CKM_DSA_KEY_PAIR_GEN;
+ dsaKeyPairGenMech.mechanism = CKM_DSA_KEY_PAIR_GEN;
dsaKeyPairGenMech.pParameter = NULL_PTR;
dsaKeyPairGenMech.ulParameterLen = 0;
- dsaPrivKeyTemplate[0].type = CKA_TOKEN;
- dsaPrivKeyTemplate[0].pValue = &true;
+ dsaPrivKeyTemplate[0].type = CKA_TOKEN;
+ dsaPrivKeyTemplate[0].pValue = &true;
dsaPrivKeyTemplate[0].ulValueLen = sizeof(true);
- dsaPrivKeyTemplate[1].type = CKA_PRIVATE;
- dsaPrivKeyTemplate[1].pValue = &true;
+ dsaPrivKeyTemplate[1].type = CKA_PRIVATE;
+ dsaPrivKeyTemplate[1].pValue = &true;
dsaPrivKeyTemplate[1].ulValueLen = sizeof(true);
- dsaPrivKeyTemplate[2].type = CKA_SENSITIVE;
- dsaPrivKeyTemplate[2].pValue = &true;
+ dsaPrivKeyTemplate[2].type = CKA_SENSITIVE;
+ dsaPrivKeyTemplate[2].pValue = &true;
dsaPrivKeyTemplate[2].ulValueLen = sizeof(true);
- dsaPrivKeyTemplate[3].type = CKA_SIGN,
- dsaPrivKeyTemplate[3].pValue = &true;
+ dsaPrivKeyTemplate[3].type = CKA_SIGN,
+ dsaPrivKeyTemplate[3].pValue = &true;
dsaPrivKeyTemplate[3].ulValueLen = sizeof(true);
- dsaPrivKeyTemplate[4].type = CKA_EXTRACTABLE;
- dsaPrivKeyTemplate[4].pValue = &true;
+ dsaPrivKeyTemplate[4].type = CKA_EXTRACTABLE;
+ dsaPrivKeyTemplate[4].pValue = &true;
dsaPrivKeyTemplate[4].ulValueLen = sizeof(true);
/* RSA key init */
- rsaKeyPairGenMech.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
+ rsaKeyPairGenMech.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
rsaKeyPairGenMech.pParameter = NULL_PTR;
rsaKeyPairGenMech.ulParameterLen = 0;
- rsaPubKeyTemplate[0].type = CKA_KEY_TYPE;
- rsaPubKeyTemplate[0].pValue = &rsatype;
+ rsaPubKeyTemplate[0].type = CKA_KEY_TYPE;
+ rsaPubKeyTemplate[0].pValue = &rsatype;
rsaPubKeyTemplate[0].ulValueLen = sizeof(rsatype);
- rsaPubKeyTemplate[1].type = CKA_PRIVATE;
- rsaPubKeyTemplate[1].pValue = &true;
+ rsaPubKeyTemplate[1].type = CKA_PRIVATE;
+ rsaPubKeyTemplate[1].pValue = &true;
rsaPubKeyTemplate[1].ulValueLen = sizeof(true);
- rsaPubKeyTemplate[2].type = CKA_ENCRYPT;
- rsaPubKeyTemplate[2].pValue = &true;
+ rsaPubKeyTemplate[2].type = CKA_ENCRYPT;
+ rsaPubKeyTemplate[2].pValue = &true;
rsaPubKeyTemplate[2].ulValueLen = sizeof(true);
- rsaPubKeyTemplate[3].type = CKA_DECRYPT;
- rsaPubKeyTemplate[3].pValue = &true;
+ rsaPubKeyTemplate[3].type = CKA_DECRYPT;
+ rsaPubKeyTemplate[3].pValue = &true;
rsaPubKeyTemplate[3].ulValueLen = sizeof(true);
- rsaPubKeyTemplate[4].type = CKA_VERIFY;
- rsaPubKeyTemplate[4].pValue = &true;
+ rsaPubKeyTemplate[4].type = CKA_VERIFY;
+ rsaPubKeyTemplate[4].pValue = &true;
rsaPubKeyTemplate[4].ulValueLen = sizeof(true);
- rsaPubKeyTemplate[5].type = CKA_SIGN;
- rsaPubKeyTemplate[5].pValue = &true;
+ rsaPubKeyTemplate[5].type = CKA_SIGN;
+ rsaPubKeyTemplate[5].pValue = &true;
rsaPubKeyTemplate[5].ulValueLen = sizeof(true);
- rsaPubKeyTemplate[6].type = CKA_WRAP;
- rsaPubKeyTemplate[6].pValue = &true;
+ rsaPubKeyTemplate[6].type = CKA_WRAP;
+ rsaPubKeyTemplate[6].pValue = &true;
rsaPubKeyTemplate[6].ulValueLen = sizeof(true);
- rsaPubKeyTemplate[7].type = CKA_MODULUS_BITS;
- rsaPubKeyTemplate[7].pValue = &modulusBits;
+ rsaPubKeyTemplate[7].type = CKA_MODULUS_BITS;
+ rsaPubKeyTemplate[7].pValue = &modulusBits;
rsaPubKeyTemplate[7].ulValueLen = sizeof(modulusBits);
- rsaPubKeyTemplate[8].type = CKA_PUBLIC_EXPONENT;
- rsaPubKeyTemplate[8].pValue = publicExponent;
- rsaPubKeyTemplate[8].ulValueLen = sizeof (publicExponent);
+ rsaPubKeyTemplate[8].type = CKA_PUBLIC_EXPONENT;
+ rsaPubKeyTemplate[8].pValue = publicExponent;
+ rsaPubKeyTemplate[8].ulValueLen = sizeof(publicExponent);
- rsaPrivKeyTemplate[0].type = CKA_KEY_TYPE;
- rsaPrivKeyTemplate[0].pValue = &rsatype;
+ rsaPrivKeyTemplate[0].type = CKA_KEY_TYPE;
+ rsaPrivKeyTemplate[0].pValue = &rsatype;
rsaPrivKeyTemplate[0].ulValueLen = sizeof(rsatype);
- rsaPrivKeyTemplate[1].type = CKA_TOKEN;
- rsaPrivKeyTemplate[1].pValue = &true;
+ rsaPrivKeyTemplate[1].type = CKA_TOKEN;
+ rsaPrivKeyTemplate[1].pValue = &true;
rsaPrivKeyTemplate[1].ulValueLen = sizeof(true);
- rsaPrivKeyTemplate[2].type = CKA_PRIVATE;
- rsaPrivKeyTemplate[2].pValue = &true;
+ rsaPrivKeyTemplate[2].type = CKA_PRIVATE;
+ rsaPrivKeyTemplate[2].pValue = &true;
rsaPrivKeyTemplate[2].ulValueLen = sizeof(true);
- rsaPrivKeyTemplate[3].type = CKA_SUBJECT;
- rsaPrivKeyTemplate[3].pValue = subject;
+ rsaPrivKeyTemplate[3].type = CKA_SUBJECT;
+ rsaPrivKeyTemplate[3].pValue = subject;
rsaPrivKeyTemplate[3].ulValueLen = sizeof(subject);
- rsaPrivKeyTemplate[4].type = CKA_ID;
- rsaPrivKeyTemplate[4].pValue = id;
+ rsaPrivKeyTemplate[4].type = CKA_ID;
+ rsaPrivKeyTemplate[4].pValue = id;
rsaPrivKeyTemplate[4].ulValueLen = sizeof(id);
- rsaPrivKeyTemplate[5].type = CKA_SENSITIVE;
- rsaPrivKeyTemplate[5].pValue = &true;
+ rsaPrivKeyTemplate[5].type = CKA_SENSITIVE;
+ rsaPrivKeyTemplate[5].pValue = &true;
rsaPrivKeyTemplate[5].ulValueLen = sizeof(true);
- rsaPrivKeyTemplate[6].type = CKA_ENCRYPT;
- rsaPrivKeyTemplate[6].pValue = &true;
+ rsaPrivKeyTemplate[6].type = CKA_ENCRYPT;
+ rsaPrivKeyTemplate[6].pValue = &true;
rsaPrivKeyTemplate[6].ulValueLen = sizeof(true);
- rsaPrivKeyTemplate[7].type = CKA_DECRYPT;
- rsaPrivKeyTemplate[7].pValue = &true;
+ rsaPrivKeyTemplate[7].type = CKA_DECRYPT;
+ rsaPrivKeyTemplate[7].pValue = &true;
rsaPrivKeyTemplate[7].ulValueLen = sizeof(true);
- rsaPrivKeyTemplate[8].type = CKA_VERIFY;
- rsaPrivKeyTemplate[8].pValue = &true;
+ rsaPrivKeyTemplate[8].type = CKA_VERIFY;
+ rsaPrivKeyTemplate[8].pValue = &true;
rsaPrivKeyTemplate[8].ulValueLen = sizeof(true);
- rsaPrivKeyTemplate[9].type = CKA_SIGN;
- rsaPrivKeyTemplate[9].pValue = &true;
+ rsaPrivKeyTemplate[9].type = CKA_SIGN;
+ rsaPrivKeyTemplate[9].pValue = &true;
rsaPrivKeyTemplate[9].ulValueLen = sizeof(true);
- rsaPrivKeyTemplate[10].type = CKA_UNWRAP;
- rsaPrivKeyTemplate[10].pValue = &true;
+ rsaPrivKeyTemplate[10].type = CKA_UNWRAP;
+ rsaPrivKeyTemplate[10].pValue = &true;
rsaPrivKeyTemplate[10].ulValueLen = sizeof(true);
-
+
/* AES key template */
- sAESKeyTemplate[0].type = CKA_CLASS;
- sAESKeyTemplate[0].pValue = &class;
+ sAESKeyTemplate[0].type = CKA_CLASS;
+ sAESKeyTemplate[0].pValue = &class;
sAESKeyTemplate[0].ulValueLen = sizeof(class);
- sAESKeyTemplate[1].type = CKA_KEY_TYPE;
- sAESKeyTemplate[1].pValue = &keyAESType;
+ sAESKeyTemplate[1].type = CKA_KEY_TYPE;
+ sAESKeyTemplate[1].pValue = &keyAESType;
sAESKeyTemplate[1].ulValueLen = sizeof(keyAESType);
- sAESKeyTemplate[2].type = CKA_LABEL;
- sAESKeyTemplate[2].pValue = AESlabel;
- sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel)-1;
- sAESKeyTemplate[3].type = CKA_ENCRYPT;
- sAESKeyTemplate[3].pValue = &true;
+ sAESKeyTemplate[2].type = CKA_LABEL;
+ sAESKeyTemplate[2].pValue = AESlabel;
+ sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel) - 1;
+ sAESKeyTemplate[3].type = CKA_ENCRYPT;
+ sAESKeyTemplate[3].pValue = &true;
sAESKeyTemplate[3].ulValueLen = sizeof(true);
- sAESKeyTemplate[4].type = CKA_DECRYPT;
- sAESKeyTemplate[4].pValue = &true;
+ sAESKeyTemplate[4].type = CKA_DECRYPT;
+ sAESKeyTemplate[4].pValue = &true;
sAESKeyTemplate[4].ulValueLen = sizeof(true);
- sAESKeyTemplate[5].type = CKA_SIGN;
- sAESKeyTemplate[5].pValue = &true;
- sAESKeyTemplate[5].ulValueLen = sizeof (true);
- sAESKeyTemplate[6].type = CKA_VERIFY;
- sAESKeyTemplate[6].pValue = &true;
+ sAESKeyTemplate[5].type = CKA_SIGN;
+ sAESKeyTemplate[5].pValue = &true;
+ sAESKeyTemplate[5].ulValueLen = sizeof(true);
+ sAESKeyTemplate[6].type = CKA_VERIFY;
+ sAESKeyTemplate[6].pValue = &true;
sAESKeyTemplate[6].ulValueLen = sizeof(true);
- sAESKeyTemplate[7].type = CKA_UNWRAP;
- sAESKeyTemplate[7].pValue = &true;
+ sAESKeyTemplate[7].type = CKA_UNWRAP;
+ sAESKeyTemplate[7].pValue = &true;
sAESKeyTemplate[7].ulValueLen = sizeof(true);
- sAESKeyTemplate[8].type = CKA_VALUE_LEN;
- sAESKeyTemplate[8].pValue = &AESvalueLen;
+ sAESKeyTemplate[8].type = CKA_VALUE_LEN;
+ sAESKeyTemplate[8].pValue = &AESvalueLen;
sAESKeyTemplate[8].ulValueLen = sizeof(AESvalueLen);
/* DES3 key template */
- sDES3KeyTemplate[0].type = CKA_CLASS;
- sDES3KeyTemplate[0].pValue = &class;
+ sDES3KeyTemplate[0].type = CKA_CLASS;
+ sDES3KeyTemplate[0].pValue = &class;
sDES3KeyTemplate[0].ulValueLen = sizeof(class);
- sDES3KeyTemplate[1].type = CKA_KEY_TYPE;
- sDES3KeyTemplate[1].pValue = &keyDES3Type;
+ sDES3KeyTemplate[1].type = CKA_KEY_TYPE;
+ sDES3KeyTemplate[1].pValue = &keyDES3Type;
sDES3KeyTemplate[1].ulValueLen = sizeof(keyDES3Type);
- sDES3KeyTemplate[2].type = CKA_LABEL;
- sDES3KeyTemplate[2].pValue = DES3label;
- sDES3KeyTemplate[2].ulValueLen = sizeof(DES3label)-1;
- sDES3KeyTemplate[3].type = CKA_ENCRYPT;
- sDES3KeyTemplate[3].pValue = &true;
+ sDES3KeyTemplate[2].type = CKA_LABEL;
+ sDES3KeyTemplate[2].pValue = DES3label;
+ sDES3KeyTemplate[2].ulValueLen = sizeof(DES3label) - 1;
+ sDES3KeyTemplate[3].type = CKA_ENCRYPT;
+ sDES3KeyTemplate[3].pValue = &true;
sDES3KeyTemplate[3].ulValueLen = sizeof(true);
- sDES3KeyTemplate[4].type = CKA_DECRYPT;
- sDES3KeyTemplate[4].pValue = &true;
+ sDES3KeyTemplate[4].type = CKA_DECRYPT;
+ sDES3KeyTemplate[4].pValue = &true;
sDES3KeyTemplate[4].ulValueLen = sizeof(true);
- sDES3KeyTemplate[5].type = CKA_UNWRAP;
- sDES3KeyTemplate[5].pValue = &true;
+ sDES3KeyTemplate[5].type = CKA_UNWRAP;
+ sDES3KeyTemplate[5].pValue = &true;
sDES3KeyTemplate[5].ulValueLen = sizeof(true);
- sDES3KeyTemplate[6].type = CKA_SIGN,
- sDES3KeyTemplate[6].pValue = &true;
- sDES3KeyTemplate[6].ulValueLen = sizeof (true);
- sDES3KeyTemplate[7].type = CKA_VERIFY;
- sDES3KeyTemplate[7].pValue = &true;
+ sDES3KeyTemplate[6].type = CKA_SIGN,
+ sDES3KeyTemplate[6].pValue = &true;
+ sDES3KeyTemplate[6].ulValueLen = sizeof(true);
+ sDES3KeyTemplate[7].type = CKA_VERIFY;
+ sDES3KeyTemplate[7].pValue = &true;
sDES3KeyTemplate[7].ulValueLen = sizeof(true);
- sDES3KeyTemplate[8].type = CKA_VALUE_LEN;
- sDES3KeyTemplate[8].pValue = &DES3valueLen;
+ sDES3KeyTemplate[8].type = CKA_VALUE_LEN;
+ sDES3KeyTemplate[8].pValue = &DES3valueLen;
sDES3KeyTemplate[8].ulValueLen = sizeof(DES3valueLen);
-
+
/* mech init */
memset(IV, 0x01, sizeof(IV));
- mech_DES3_CBC.mechanism = CKM_DES3_CBC;
- mech_DES3_CBC.pParameter = IV;
+ mech_DES3_CBC.mechanism = CKM_DES3_CBC;
+ mech_DES3_CBC.pParameter = IV;
mech_DES3_CBC.ulParameterLen = sizeof(IV);
- mech_DES3_CBC_PAD.mechanism = CKM_DES3_CBC_PAD;
- mech_DES3_CBC_PAD.pParameter = IV;
+ mech_DES3_CBC_PAD.mechanism = CKM_DES3_CBC_PAD;
+ mech_DES3_CBC_PAD.pParameter = IV;
mech_DES3_CBC_PAD.ulParameterLen = sizeof(IV);
- mech_AES_CBC.mechanism = CKM_AES_CBC;
- mech_AES_CBC.pParameter = IV;
+ mech_AES_CBC.mechanism = CKM_AES_CBC;
+ mech_AES_CBC.pParameter = IV;
mech_AES_CBC.ulParameterLen = sizeof(IV);
- mech_AES_CBC_PAD.mechanism = CKM_AES_CBC_PAD;
- mech_AES_CBC_PAD.pParameter = IV;
+ mech_AES_CBC_PAD.mechanism = CKM_AES_CBC_PAD;
+ mech_AES_CBC_PAD.pParameter = IV;
mech_AES_CBC_PAD.ulParameterLen = sizeof(IV);
-
crv = pFunctionList->C_OpenSession(pSlotList[slotID],
CKF_RW_SESSION | CKF_SERIAL_SESSION,
NULL, NULL, &hRwSession);
if (crv == CKR_OK) {
PKM_LogIt("Opening a read/write session succeeded\n");
} else {
- PKM_Error( "Opening a read/write session failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("Opening a read/write session failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -1083,7 +1081,8 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
return CKR_GENERAL_ERROR;
} else {
PKM_LogIt("C_GenerateKey returned as EXPECTED with 0x%08X, %-26s\n"
- "since not logged in\n", crv, PKM_CK_RVtoStr(crv));
+ "since not logged in\n",
+ crv, PKM_CK_RVtoStr(crv));
}
crv = pFunctionList->C_GenerateKeyPair(hRwSession, &rsaKeyPairGenMech,
rsaPubKeyTemplate,
@@ -1096,7 +1095,8 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
return CKR_GENERAL_ERROR;
} else {
PKM_LogIt("C_GenerateKeyPair returned as EXPECTED with 0x%08X, "
- "%-26s\n since not logged in\n", crv,
+ "%-26s\n since not logged in\n",
+ crv,
PKM_CK_RVtoStr(crv));
}
}
@@ -1106,7 +1106,8 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
PKM_LogIt("C_Login with correct password succeeded\n");
} else {
PKM_Error("C_Login with correct password failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -1119,13 +1120,13 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_GenerateKey AES succeeded\n");
} else {
- PKM_Error( "C_GenerateKey AES failed with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GenerateKey AES failed with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
-
+
PKM_LogIt("Generate an 3DES key ...\n");
- /* generate an 3DES Secret Key */
+ /* generate an 3DES Secret Key */
crv = pFunctionList->C_GenerateKey(hRwSession, &sDES3KeyGenMechanism,
sDES3KeyTemplate,
NUM_ELEM(sDES3KeyTemplate),
@@ -1133,8 +1134,8 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_GenerateKey DES3 succeeded\n");
} else {
- PKM_Error( "C_GenerateKey failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GenerateKey failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -1147,8 +1148,9 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("DSA domain parameter generation succeeded\n");
} else {
- PKM_Error( "DSA domain parameter generation failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("DSA domain parameter generation failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_GetAttributeValue(hRwSession, hDsaParams,
@@ -1156,19 +1158,21 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("Getting DSA domain parameters succeeded\n");
} else {
- PKM_Error( "Getting DSA domain parameters failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("Getting DSA domain parameters failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_DestroyObject(hRwSession, hDsaParams);
if (crv == CKR_OK) {
PKM_LogIt("Destroying DSA domain parameters succeeded\n");
} else {
- PKM_Error( "Destroying DSA domain parameters failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("Destroying DSA domain parameters failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
-
+
PKM_LogIt("Generate a DSA key pair ... \n");
/* Generate a persistent DSA key pair */
crv = pFunctionList->C_GenerateKeyPair(hRwSession, &dsaKeyPairGenMech,
@@ -1180,11 +1184,12 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("DSA key pair generation succeeded\n");
} else {
- PKM_Error( "DSA key pair generation failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("DSA key pair generation failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
-
+
PKM_LogIt("Generate a RSA key pair ... \n");
/*** GEN RSA Key ***/
crv = pFunctionList->C_GenerateKeyPair(hRwSession, &rsaKeyPairGenMech,
@@ -1197,355 +1202,371 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
PKM_LogIt("C_GenerateKeyPair created an RSA key pair. \n");
} else {
PKM_Error("C_GenerateKeyPair failed to create an RSA key pair.\n"
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
PKM_LogIt("**** Generation of keys completed ***** \n");
-
+
mech.mechanism = CKM_RSA_PKCS;
mech.pParameter = NULL;
mech.ulParameterLen = 0;
crv = PKM_wrapUnwrap(pFunctionList,
- hRwSession,
- hRSApubKey, hRSAprivKey,
- &mech,
- hAESSecKey,
- sAESKeyTemplate,
- NUM_ELEM(sAESKeyTemplate));
-
- if (crv == CKR_OK) {
+ hRwSession,
+ hRSApubKey, hRSAprivKey,
+ &mech,
+ hAESSecKey,
+ sAESKeyTemplate,
+ NUM_ELEM(sAESKeyTemplate));
+
+ if (crv == CKR_OK) {
PKM_LogIt("PKM_wrapUnwrap using RSA keypair to wrap AES key "
"succeeded\n\n");
} else {
- PKM_Error( "PKM_wrapUnwrap using RSA keypair to wrap AES key failed "
- "with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_wrapUnwrap using RSA keypair to wrap AES key failed "
+ "with 0x%08X, %-26s\n",
+ crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_wrapUnwrap(pFunctionList,
- hRwSession,
- hRSApubKey, hRSAprivKey,
- &mech,
- hDES3SecKey,
- sDES3KeyTemplate,
- NUM_ELEM(sDES3KeyTemplate));
-
- if (crv == CKR_OK) {
+ hRwSession,
+ hRSApubKey, hRSAprivKey,
+ &mech,
+ hDES3SecKey,
+ sDES3KeyTemplate,
+ NUM_ELEM(sDES3KeyTemplate));
+
+ if (crv == CKR_OK) {
PKM_LogIt("PKM_wrapUnwrap using RSA keypair to wrap DES3 key "
"succeeded\n\n");
} else {
- PKM_Error( "PKM_wrapUnwrap using RSA keypair to wrap DES3 key "
- "failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_wrapUnwrap using RSA keypair to wrap DES3 key "
+ "failed with 0x%08X, %-26s\n",
+ crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_SecKeyCrypt(pFunctionList, hRwSession,
- hAESSecKey, &mech_AES_CBC_PAD,
- PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
+ hAESSecKey, &mech_AES_CBC_PAD,
+ PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
if (crv == CKR_OK) {
PKM_LogIt("PKM_SecKeyCrypt succeeded \n\n");
} else {
- PKM_Error( "PKM_SecKeyCrypt failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_SecKeyCrypt failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
-
+
crv = PKM_SecKeyCrypt(pFunctionList, hRwSession,
- hAESSecKey, &mech_AES_CBC,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hAESSecKey, &mech_AES_CBC,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_SecKeyCrypt AES succeeded \n\n");
} else {
- PKM_Error( "PKM_SecKeyCrypt failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_SecKeyCrypt failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_SecKeyCrypt(pFunctionList, hRwSession,
- hDES3SecKey, &mech_DES3_CBC,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hDES3SecKey, &mech_DES3_CBC,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_SecKeyCrypt DES3 succeeded \n");
} else {
- PKM_Error( "PKM_SecKeyCrypt DES3 failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_SecKeyCrypt DES3 failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_SecKeyCrypt(pFunctionList, hRwSession,
- hDES3SecKey, &mech_DES3_CBC_PAD,
- PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
+ hDES3SecKey, &mech_DES3_CBC_PAD,
+ PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
if (crv == CKR_OK) {
PKM_LogIt("PKM_SecKeyCrypt DES3 succeeded \n\n");
} else {
- PKM_Error( "PKM_SecKeyCrypt DES3 failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_SecKeyCrypt DES3 failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
-
+
mech.mechanism = CKM_RSA_PKCS;
crv = PKM_RecoverFunctions(pFunctionList, hRwSession,
- hRSApubKey, hRSAprivKey,
- &mech,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hRSApubKey, hRSAprivKey,
+ &mech,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_RecoverFunctions for CKM_RSA_PKCS succeeded\n\n");
} else {
- PKM_Error( "PKM_RecoverFunctions failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_RecoverFunctions failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
mech.pParameter = NULL;
mech.ulParameterLen = 0;
- for (i=0; i < sigRSAMechsSZ; i++) {
+ for (i = 0; i < sigRSAMechsSZ; i++) {
mech.mechanism = sigRSAMechs[i].mechanism;
crv = PKM_PubKeySign(pFunctionList, hRwSession,
- hRSApubKey, hRSAprivKey,
- &mech,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hRSApubKey, hRSAprivKey,
+ &mech,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
- PKM_LogIt("PKM_PubKeySign succeeded for %-10s\n\n",
- sigRSAMechs[i].mechanismStr );
+ PKM_LogIt("PKM_PubKeySign succeeded for %-10s\n\n",
+ sigRSAMechs[i].mechanismStr);
} else {
- PKM_Error( "PKM_PubKeySign failed for %-10s "
- "with 0x%08X, %-26s\n", sigRSAMechs[i].mechanismStr, crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_PubKeySign failed for %-10s "
+ "with 0x%08X, %-26s\n",
+ sigRSAMechs[i].mechanismStr, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_DualFuncSign(pFunctionList, hRwSession,
- hRSApubKey, hRSAprivKey,
- &mech,
- hAESSecKey, &mech_AES_CBC,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hRSApubKey, hRSAprivKey,
+ &mech,
+ hAESSecKey, &mech_AES_CBC,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_DualFuncSign with AES secret key succeeded "
- "for %-10s\n\n",
- sigRSAMechs[i].mechanismStr );
+ "for %-10s\n\n",
+ sigRSAMechs[i].mechanismStr);
} else {
- PKM_Error( "PKM_DualFuncSign with AES secret key failed "
- "for %-10s "
- "with 0x%08X, %-26s\n", sigRSAMechs[i].mechanismStr, crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_DualFuncSign with AES secret key failed "
+ "for %-10s "
+ "with 0x%08X, %-26s\n",
+ sigRSAMechs[i].mechanismStr, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_DualFuncSign(pFunctionList, hRwSession,
- hRSApubKey, hRSAprivKey,
- &mech,
- hDES3SecKey, &mech_DES3_CBC,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hRSApubKey, hRSAprivKey,
+ &mech,
+ hDES3SecKey, &mech_DES3_CBC,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_DualFuncSign with DES3 secret key succeeded "
- "for %-10s\n\n",
- sigRSAMechs[i].mechanismStr );
+ "for %-10s\n\n",
+ sigRSAMechs[i].mechanismStr);
} else {
- PKM_Error( "PKM_DualFuncSign with DES3 secret key failed "
- "for %-10s "
- "with 0x%08X, %-26s\n", sigRSAMechs[i].mechanismStr, crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_DualFuncSign with DES3 secret key failed "
+ "for %-10s "
+ "with 0x%08X, %-26s\n",
+ sigRSAMechs[i].mechanismStr, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_DualFuncSign(pFunctionList, hRwSession,
- hRSApubKey, hRSAprivKey,
- &mech,
- hAESSecKey, &mech_AES_CBC_PAD,
- PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
+ hRSApubKey, hRSAprivKey,
+ &mech,
+ hAESSecKey, &mech_AES_CBC_PAD,
+ PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
if (crv == CKR_OK) {
PKM_LogIt("PKM_DualFuncSign with AES secret key CBC_PAD "
- "succeeded for %-10s\n\n",
- sigRSAMechs[i].mechanismStr );
+ "succeeded for %-10s\n\n",
+ sigRSAMechs[i].mechanismStr);
} else {
- PKM_Error( "PKM_DualFuncSign with AES secret key CBC_PAD "
- "failed for %-10s "
- "with 0x%08X, %-26s\n", sigRSAMechs[i].mechanismStr, crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_DualFuncSign with AES secret key CBC_PAD "
+ "failed for %-10s "
+ "with 0x%08X, %-26s\n",
+ sigRSAMechs[i].mechanismStr, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_DualFuncSign(pFunctionList, hRwSession,
- hRSApubKey, hRSAprivKey,
- &mech,
- hDES3SecKey, &mech_DES3_CBC_PAD,
- PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
+ hRSApubKey, hRSAprivKey,
+ &mech,
+ hDES3SecKey, &mech_DES3_CBC_PAD,
+ PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
if (crv == CKR_OK) {
PKM_LogIt("PKM_DualFuncSign with DES3 secret key CBC_PAD "
- "succeeded for %-10s\n\n",
- sigRSAMechs[i].mechanismStr );
+ "succeeded for %-10s\n\n",
+ sigRSAMechs[i].mechanismStr);
} else {
- PKM_Error( "PKM_DualFuncSign with DES3 secret key CBC_PAD "
- "failed for %-10s "
- "with 0x%08X, %-26s\n", sigRSAMechs[i].mechanismStr, crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_DualFuncSign with DES3 secret key CBC_PAD "
+ "failed for %-10s "
+ "with 0x%08X, %-26s\n",
+ sigRSAMechs[i].mechanismStr, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
} /* end of RSA for loop */
crv = PKM_PubKeySign(pFunctionList, hRwSession,
- hDSApubKey, hDSAprivKey,
- &dsaWithSha1Mech, PLAINTEXT, sizeof(PLAINTEXT));
+ hDSApubKey, hDSAprivKey,
+ &dsaWithSha1Mech, PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_PubKeySign for DSAwithSHA1 succeeded \n\n");
} else {
- PKM_Error( "PKM_PubKeySign failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_PubKeySign failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_DualFuncSign(pFunctionList, hRwSession,
- hDSApubKey, hDSAprivKey,
- &dsaWithSha1Mech,
- hAESSecKey, &mech_AES_CBC,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hDSApubKey, hDSAprivKey,
+ &dsaWithSha1Mech,
+ hAESSecKey, &mech_AES_CBC,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_DualFuncSign with AES secret key succeeded "
- "for DSAWithSHA1\n\n");
+ "for DSAWithSHA1\n\n");
} else {
- PKM_Error( "PKM_DualFuncSign with AES secret key failed "
- "for DSAWithSHA1 with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
- return crv;
+ PKM_Error("PKM_DualFuncSign with AES secret key failed "
+ "for DSAWithSHA1 with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
+ return crv;
}
crv = PKM_DualFuncSign(pFunctionList, hRwSession,
- hDSApubKey, hDSAprivKey,
- &dsaWithSha1Mech,
- hDES3SecKey, &mech_DES3_CBC,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hDSApubKey, hDSAprivKey,
+ &dsaWithSha1Mech,
+ hDES3SecKey, &mech_DES3_CBC,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_DualFuncSign with DES3 secret key succeeded "
- "for DSAWithSHA1\n\n");
+ "for DSAWithSHA1\n\n");
} else {
- PKM_Error( "PKM_DualFuncSign with DES3 secret key failed "
- "for DSAWithSHA1 with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
- return crv;
+ PKM_Error("PKM_DualFuncSign with DES3 secret key failed "
+ "for DSAWithSHA1 with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
+ return crv;
}
crv = PKM_DualFuncSign(pFunctionList, hRwSession,
- hDSApubKey, hDSAprivKey,
- &dsaWithSha1Mech,
- hAESSecKey, &mech_AES_CBC_PAD,
- PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
+ hDSApubKey, hDSAprivKey,
+ &dsaWithSha1Mech,
+ hAESSecKey, &mech_AES_CBC_PAD,
+ PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
if (crv == CKR_OK) {
PKM_LogIt("PKM_DualFuncSign with AES secret key CBC_PAD succeeded "
- "for DSAWithSHA1\n\n");
+ "for DSAWithSHA1\n\n");
} else {
- PKM_Error( "PKM_DualFuncSign with AES secret key CBC_PAD failed "
- "for DSAWithSHA1 with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
- return crv;
+ PKM_Error("PKM_DualFuncSign with AES secret key CBC_PAD failed "
+ "for DSAWithSHA1 with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
+ return crv;
}
crv = PKM_DualFuncSign(pFunctionList, hRwSession,
- hDSApubKey, hDSAprivKey,
- &dsaWithSha1Mech,
- hDES3SecKey, &mech_DES3_CBC_PAD,
- PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
+ hDSApubKey, hDSAprivKey,
+ &dsaWithSha1Mech,
+ hDES3SecKey, &mech_DES3_CBC_PAD,
+ PLAINTEXT_PAD, sizeof(PLAINTEXT_PAD));
if (crv == CKR_OK) {
PKM_LogIt("PKM_DualFuncSign with DES3 secret key CBC_PAD succeeded "
- "for DSAWithSHA1\n\n");
+ "for DSAWithSHA1\n\n");
} else {
- PKM_Error( "PKM_DualFuncSign with DES3 secret key CBC_PAD failed "
- "for DSAWithSHA1 with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
- return crv;
+ PKM_Error("PKM_DualFuncSign with DES3 secret key CBC_PAD failed "
+ "for DSAWithSHA1 with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
+ return crv;
}
-
- for (i=0; i < digestMechsSZ; i++) {
+ for (i = 0; i < digestMechsSZ; i++) {
mech.mechanism = digestMechs[i].mechanism;
crv = PKM_Digest(pFunctionList, hRwSession,
- &mech, hAESSecKey,
- PLAINTEXT, sizeof(PLAINTEXT));
+ &mech, hAESSecKey,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
- PKM_LogIt("PKM_Digest with AES secret key succeeded for %-10s\n\n",
- digestMechs[i].mechanismStr);
+ PKM_LogIt("PKM_Digest with AES secret key succeeded for %-10s\n\n",
+ digestMechs[i].mechanismStr);
} else {
- PKM_Error( "PKM_Digest with AES secret key failed for "
- "%-10s with 0x%08X, %-26s\n",
- digestMechs[i].mechanismStr, crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_Digest with AES secret key failed for "
+ "%-10s with 0x%08X, %-26s\n",
+ digestMechs[i].mechanismStr, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_DualFuncDigest(pFunctionList, hRwSession,
- hAESSecKey, &mech_AES_CBC,
- 0,&mech,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hAESSecKey, &mech_AES_CBC,
+ 0, &mech,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_DualFuncDigest with AES secret key succeeded\n\n");
} else {
- PKM_Error( "PKM_DualFuncDigest with AES secret key "
- "failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_DualFuncDigest with AES secret key "
+ "failed with 0x%08X, %-26s\n",
+ crv,
+ PKM_CK_RVtoStr(crv));
}
crv = PKM_Digest(pFunctionList, hRwSession,
- &mech, hDES3SecKey,
- PLAINTEXT, sizeof(PLAINTEXT));
+ &mech, hDES3SecKey,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
- PKM_LogIt("PKM_Digest with DES3 secret key succeeded for %-10s\n\n",
- digestMechs[i].mechanismStr);
+ PKM_LogIt("PKM_Digest with DES3 secret key succeeded for %-10s\n\n",
+ digestMechs[i].mechanismStr);
} else {
- PKM_Error( "PKM_Digest with DES3 secret key failed for "
- "%-10s with 0x%08X, %-26s\n",
- digestMechs[i].mechanismStr, crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_Digest with DES3 secret key failed for "
+ "%-10s with 0x%08X, %-26s\n",
+ digestMechs[i].mechanismStr, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_DualFuncDigest(pFunctionList, hRwSession,
- hDES3SecKey, &mech_DES3_CBC,
- 0,&mech,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hDES3SecKey, &mech_DES3_CBC,
+ 0, &mech,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_DualFuncDigest DES3 secret key succeeded\n\n");
} else {
- PKM_Error( "PKM_DualFuncDigest DES3 secret key "
- "failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_DualFuncDigest DES3 secret key "
+ "failed with 0x%08X, %-26s\n",
+ crv,
+ PKM_CK_RVtoStr(crv));
}
crv = PKM_Digest(pFunctionList, hRwSession,
- &mech, 0,
- PLAINTEXT, sizeof(PLAINTEXT));
+ &mech, 0,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
- PKM_LogIt("PKM_Digest with no secret key succeeded for %-10s\n\n",
- digestMechs[i].mechanismStr );
+ PKM_LogIt("PKM_Digest with no secret key succeeded for %-10s\n\n",
+ digestMechs[i].mechanismStr);
} else {
- PKM_Error( "PKM_Digest with no secret key failed for %-10s "
- "with 0x%08X, %-26s\n", digestMechs[i].mechanismStr, crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_Digest with no secret key failed for %-10s "
+ "with 0x%08X, %-26s\n",
+ digestMechs[i].mechanismStr, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
} /* end of digest loop */
- for (i=0; i < hmacMechsSZ; i++) {
+ for (i = 0; i < hmacMechsSZ; i++) {
mech.mechanism = hmacMechs[i].mechanism;
crv = PKM_Hmac(pFunctionList, hRwSession,
- hAESSecKey, &mech,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hAESSecKey, &mech,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
- PKM_LogIt("PKM_Hmac with AES secret key succeeded for %-10s\n\n",
- hmacMechs[i].mechanismStr);
+ PKM_LogIt("PKM_Hmac with AES secret key succeeded for %-10s\n\n",
+ hmacMechs[i].mechanismStr);
} else {
- PKM_Error( "PKM_Hmac with AES secret key failed for %-10s "
- "with 0x%08X, %-26s\n",
- hmacMechs[i].mechanismStr, crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_Hmac with AES secret key failed for %-10s "
+ "with 0x%08X, %-26s\n",
+ hmacMechs[i].mechanismStr, crv, PKM_CK_RVtoStr(crv));
return crv;
}
- if ((MODE == FIPSMODE) && (mech.mechanism == CKM_SHA512_HMAC)) break;
+ if ((MODE == FIPSMODE) && (mech.mechanism == CKM_SHA512_HMAC))
+ break;
crv = PKM_Hmac(pFunctionList, hRwSession,
- hDES3SecKey, &mech,
- PLAINTEXT, sizeof(PLAINTEXT));
+ hDES3SecKey, &mech,
+ PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
- PKM_LogIt("PKM_Hmac with DES3 secret key succeeded for %-10s\n\n",
- hmacMechs[i].mechanismStr);
+ PKM_LogIt("PKM_Hmac with DES3 secret key succeeded for %-10s\n\n",
+ hmacMechs[i].mechanismStr);
} else {
- PKM_Error( "PKM_Hmac with DES3 secret key failed for %-10s "
- "with 0x%08X, %-26s\n",
- hmacMechs[i].mechanismStr, crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_Hmac with DES3 secret key failed for %-10s "
+ "with 0x%08X, %-26s\n",
+ hmacMechs[i].mechanismStr, crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -1555,42 +1576,45 @@ CK_RV PKM_KeyTests(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_Logout succeeded\n");
} else {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hRwSession);
if (crv != CKR_OK) {
- PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return crv;
-
}
-void PKM_LogIt(const char *fmt, ...) {
+void
+PKM_LogIt(const char *fmt, ...)
+{
va_list args;
-
+
if (verbose) {
- va_start (args, fmt);
+ va_start(args, fmt);
if (MODE == FIPSMODE) {
printf("FIPS MODE: ");
} else if (MODE == NONFIPSMODE) {
printf("NON FIPS MODE: ");
} else if (MODE == HYBRIDMODE) {
printf("Hybrid MODE: ");
- }
+ }
vprintf(fmt, args);
va_end(args);
}
}
-void PKM_Error(const char *fmt, ...) {
+void
+PKM_Error(const char *fmt, ...)
+{
va_list args;
- va_start (args, fmt);
+ va_start(args, fmt);
if (MODE == FIPSMODE) {
fprintf(stderr, "\nFIPS MODE PKM_Error: ");
@@ -1598,158 +1622,167 @@ void PKM_Error(const char *fmt, ...) {
fprintf(stderr, "NON FIPS MODE PKM_Error: ");
} else if (MODE == HYBRIDMODE) {
fprintf(stderr, "Hybrid MODE PKM_Error: ");
- } else fprintf(stderr, "NOMODE PKM_Error: ");
+ } else
+ fprintf(stderr, "NOMODE PKM_Error: ");
vfprintf(stderr, fmt, args);
va_end(args);
}
-CK_SLOT_ID *PKM_GetSlotList(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_ULONG slotID) {
+CK_SLOT_ID *
+PKM_GetSlotList(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_ULONG slotID)
+{
CK_RV crv = CKR_OK;
CK_SLOT_ID *pSlotList = NULL;
CK_ULONG slotCount;
-
+
NUMTESTS++; /* increment NUMTESTS */
/* Get slot list */
crv = pFunctionList->C_GetSlotList(CK_FALSE /* all slots */,
NULL, &slotCount);
if (crv != CKR_OK) {
- PKM_Error( "C_GetSlotList failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GetSlotList failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return NULL;
}
PKM_LogIt("C_GetSlotList reported there are %lu slots\n", slotCount);
pSlotList = (CK_SLOT_ID *)malloc(slotCount * sizeof(CK_SLOT_ID));
if (!pSlotList) {
- PKM_Error( "failed to allocate slot list\n");
+ PKM_Error("failed to allocate slot list\n");
return NULL;
}
crv = pFunctionList->C_GetSlotList(CK_FALSE /* all slots */,
pSlotList, &slotCount);
if (crv != CKR_OK) {
- PKM_Error( "C_GetSlotList failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
- if (pSlotList) free(pSlotList);
+ PKM_Error("C_GetSlotList failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
+ if (pSlotList)
+ free(pSlotList);
return NULL;
}
return pSlotList;
}
-CK_RV PKM_InitPWforDB(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) {
+CK_RV
+PKM_InitPWforDB(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen)
+{
CK_RV crv = CKR_OK;
CK_SESSION_HANDLE hSession;
- static const CK_UTF8CHAR testPin[] = {"0Mozilla"};
- static const CK_UTF8CHAR weakPin[] = {"mozilla"};
+ static const CK_UTF8CHAR testPin[] = { "0Mozilla" };
+ static const CK_UTF8CHAR weakPin[] = { "mozilla" };
crv = pFunctionList->C_OpenSession(pSlotList[slotID],
CKF_RW_SESSION | CKF_SERIAL_SESSION,
NULL, NULL, &hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt("CKU_USER 0x%08X \n", CKU_USER);
+ PKM_LogIt("CKU_USER 0x%08X \n", CKU_USER);
crv = pFunctionList->C_Login(hSession, CKU_SO, NULL, 0);
if (crv != CKR_OK) {
- PKM_Error( "C_Login failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Login failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
if (MODE == FIPSMODE) {
- crv = pFunctionList->C_InitPIN(hSession, (CK_UTF8CHAR *) weakPin,
+ crv = pFunctionList->C_InitPIN(hSession, (CK_UTF8CHAR *)weakPin,
strlen((char *)weakPin));
if (crv == CKR_OK) {
- PKM_Error( "C_InitPIN with a weak password succeeded\n");
+ PKM_Error("C_InitPIN with a weak password succeeded\n");
return crv;
} else {
PKM_LogIt("C_InitPIN with a weak password failed with "
- "0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
}
}
- crv = pFunctionList->C_InitPIN(hSession, (CK_UTF8CHAR *) testPin,
+ crv = pFunctionList->C_InitPIN(hSession, (CK_UTF8CHAR *)testPin,
strlen((char *)testPin));
if (crv == CKR_OK) {
PKM_LogIt("C_InitPIN succeeded\n");
} else {
- PKM_Error( "C_InitPIN failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_InitPIN failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_Logout(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
-
crv = pFunctionList->C_OpenSession(pSlotList[slotID],
CKF_RW_SESSION | CKF_SERIAL_SESSION,
NULL, NULL, &hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt("CKU_USER 0x%08X \n", CKU_USER);
+ PKM_LogIt("CKU_USER 0x%08X \n", CKU_USER);
- crv = pFunctionList->C_Login(hSession, CKU_USER, (CK_UTF8CHAR *) testPin,
+ crv = pFunctionList->C_Login(hSession, CKU_USER, (CK_UTF8CHAR *)testPin,
strlen((const char *)testPin));
if (crv != CKR_OK) {
- PKM_Error( "C_Login failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Login failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
if (MODE == FIPSMODE) {
crv = pFunctionList->C_SetPIN(
- hSession, (CK_UTF8CHAR *) testPin,
- strlen((const char *)testPin),
- (CK_UTF8CHAR *) weakPin,
- strlen((const char *)weakPin));
+ hSession, (CK_UTF8CHAR *)testPin,
+ strlen((const char *)testPin),
+ (CK_UTF8CHAR *)weakPin,
+ strlen((const char *)weakPin));
if (crv == CKR_OK) {
- PKM_Error( "C_SetPIN with a weak password succeeded\n");
+ PKM_Error("C_SetPIN with a weak password succeeded\n");
return crv;
} else {
PKM_LogIt("C_SetPIN with a weak password returned with "
- "0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
}
}
crv = pFunctionList->C_SetPIN(
- hSession, (CK_UTF8CHAR *) testPin,
- strlen((const char *)testPin),
- pwd, pwdLen);
+ hSession, (CK_UTF8CHAR *)testPin,
+ strlen((const char *)testPin),
+ pwd, pwdLen);
if (crv != CKR_OK) {
- PKM_Error( "C_CSetPin failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CSetPin failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_Logout(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return crv;
}
-CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) {
+CK_RV
+PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID)
+{
CK_RV crv = CKR_OK;
CK_INFO info;
CK_SLOT_ID *pSlotList = NULL;
@@ -1758,16 +1791,15 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) {
CK_SLOT_INFO slotInfo;
CK_TOKEN_INFO tokenInfo;
CK_FLAGS bitflag;
-
- NUMTESTS++; /* increment NUMTESTS */
+ NUMTESTS++; /* increment NUMTESTS */
crv = pFunctionList->C_GetInfo(&info);
if (crv == CKR_OK) {
PKM_LogIt("C_GetInfo succeeded\n");
} else {
- PKM_Error( "C_GetInfo failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GetInfo failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
PKM_LogIt("General information about the PKCS #11 library:\n");
@@ -1784,15 +1816,15 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) {
/* Get slot list */
pSlotList = PKM_GetSlotList(pFunctionList, slotID);
if (pSlotList == NULL) {
- PKM_Error( "PKM_GetSlotList failed with \n");
+ PKM_Error("PKM_GetSlotList failed with \n");
return crv;
}
crv = pFunctionList->C_GetSlotInfo(pSlotList[slotID], &slotInfo);
if (crv == CKR_OK) {
PKM_LogIt("C_GetSlotInfo succeeded\n");
} else {
- PKM_Error( "C_GetSlotInfo failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GetSlotInfo failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
PKM_LogIt("Information about slot %lu:\n", pSlotList[slotID]);
@@ -1800,7 +1832,7 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) {
PKM_LogIt(" slot manufacturer ID: %.32s\n", slotInfo.manufacturerID);
PKM_LogIt(" flags: 0x%08lX\n", slotInfo.flags);
bitflag = 1;
- for (i = 0; i < sizeof(slotFlagName)/sizeof(slotFlagName[0]); i++) {
+ for (i = 0; i < sizeof(slotFlagName) / sizeof(slotFlagName[0]); i++) {
if (slotInfo.flags & bitflag) {
PKM_LogIt(" %s\n", slotFlagName[i]);
}
@@ -1818,8 +1850,8 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) {
if (crv == CKR_OK) {
PKM_LogIt("C_GetTokenInfo succeeded\n");
} else {
- PKM_Error( "C_GetTokenInfo failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GetTokenInfo failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
PKM_LogIt("Information about the token in slot %lu:\n",
@@ -1831,7 +1863,7 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) {
PKM_LogIt(" device serial number: %.16s\n", tokenInfo.serialNumber);
PKM_LogIt(" flags: 0x%08lX\n", tokenInfo.flags);
bitflag = 1;
- for (i = 0; i < sizeof(tokenFlagName)/sizeof(tokenFlagName[0]); i++) {
+ for (i = 0; i < sizeof(tokenFlagName) / sizeof(tokenFlagName[0]); i++) {
if (tokenInfo.flags & bitflag) {
PKM_LogIt(" %s\n", tokenFlagName[i]);
}
@@ -1864,7 +1896,7 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) {
PKM_LogIt(" current time: %.16s\n", tokenInfo.utcTime);
}
PKM_LogIt("PKM_ShowInfo done \n\n");
- if (pSlotList) free(pSlotList);
+ free(pSlotList);
return crv;
}
@@ -1877,10 +1909,12 @@ CK_RV PKM_ShowInfo(CK_FUNCTION_LIST_PTR pFunctionList, CK_ULONG slotID) {
/* is inactive. */
/* PKM_HybridMode demostrates how an application can switch between the */
/* two modes: FIPS Approved mode and NONFIPS mode. */
-CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
- CK_C_INITIALIZE_ARGS_NSS *initArgs) {
+CK_RV
+PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
+ CK_C_INITIALIZE_ARGS_NSS *initArgs)
+{
- CK_C_GetFunctionList pC_GetFunctionList; /* NONFIPSMode */
+ CK_C_GetFunctionList pC_GetFunctionList; /* NONFIPSMode */
CK_FUNCTION_LIST_PTR pC_FunctionList;
CK_SLOT_ID *pC_SlotList = NULL;
CK_ULONG slotID_C = 1;
@@ -1890,22 +1924,22 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
CK_ULONG slotID_FC = 0;
CK_RV crv = CKR_OK;
CK_SESSION_HANDLE hSession;
- int origMode = MODE; /* remember the orginal MODE value */
+ int origMode = MODE; /* remember the orginal MODE value */
NUMTESTS++; /* increment NUMTESTS */
MODE = NONFIPSMODE;
#ifdef _WIN32
/* NON FIPS mode == C_GetFunctionList */
pC_GetFunctionList = (CK_C_GetFunctionList)
- GetProcAddress(hModule, "C_GetFunctionList");
+ GetProcAddress(hModule, "C_GetFunctionList");
if (pC_GetFunctionList == NULL) {
- PKM_Error( "cannot load %s\n", LIB_NAME);
+ PKM_Error("cannot load %s\n", LIB_NAME);
return crv;
}
#else
- pC_GetFunctionList = (CK_C_GetFunctionList) PR_FindFunctionSymbol(lib,
- "C_GetFunctionList");
- assert(pC_GetFunctionList != NULL);
+ pC_GetFunctionList = (CK_C_GetFunctionList)PR_FindFunctionSymbol(lib,
+ "C_GetFunctionList");
+ assert(pC_GetFunctionList != NULL);
#endif
PKM_LogIt("loading C_GetFunctionList for Non FIPS Mode; slotID %d \n",
slotID_C);
@@ -1917,14 +1951,14 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
if (crv == CKR_OK) {
PKM_LogIt("C_Initialize succeeded\n");
} else {
- PKM_Error( "C_Initialize failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Initialize failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
pC_SlotList = PKM_GetSlotList(pC_FunctionList, slotID_C);
if (pC_SlotList == NULL) {
- PKM_Error( "PKM_GetSlotList failed with \n");
+ PKM_Error("PKM_GetSlotList failed with \n");
return crv;
}
crv = pC_FunctionList->C_OpenSession(pC_SlotList[slotID_C],
@@ -1933,8 +1967,9 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
if (crv == CKR_OK) {
PKM_LogIt("NONFIPS C_OpenSession succeeded\n");
} else {
- PKM_Error( "C_OpenSession failed for NONFIPS token "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed for NONFIPS token "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -1942,8 +1977,9 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
if (crv == CKR_OK) {
PKM_LogIt("able to login in NONFIPS token\n");
} else {
- PKM_Error( "Unable to login in to NONFIPS token "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("Unable to login in to NONFIPS token "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -1951,8 +1987,8 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
if (crv == CKR_OK) {
PKM_LogIt("C_Logout succeeded\n");
} else {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -1961,21 +1997,21 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
/* Now load the FIPS token */
/* FIPS mode == FC_GetFunctionList */
- pFC_GetFunctionList = NULL;
+ pFC_GetFunctionList = NULL;
#ifdef _WIN32
pFC_GetFunctionList = (CK_C_GetFunctionList)
- GetProcAddress(hModule, "FC_GetFunctionList");
+ GetProcAddress(hModule, "FC_GetFunctionList");
#else
- pFC_GetFunctionList = (CK_C_GetFunctionList) PR_FindFunctionSymbol(lib,
- "FC_GetFunctionList");
- assert(pFC_GetFunctionList != NULL);
+ pFC_GetFunctionList = (CK_C_GetFunctionList)PR_FindFunctionSymbol(lib,
+ "FC_GetFunctionList");
+ assert(pFC_GetFunctionList != NULL);
#endif
PKM_LogIt("loading FC_GetFunctionList for FIPS Mode; slotID %d \n",
slotID_FC);
PKM_LogIt("pFC_FunctionList->C_Foo == pFC_FunctionList->FC_Foo\n");
if (pFC_GetFunctionList == NULL) {
- PKM_Error( "unable to load pFC_GetFunctionList\n");
+ PKM_Error("unable to load pFC_GetFunctionList\n");
return crv;
}
@@ -1987,15 +2023,15 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
if (crv == CKR_OK) {
PKM_LogIt("FC_Initialize succeeded\n");
} else {
- PKM_Error( "FC_Initialize failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("FC_Initialize failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
PKM_ShowInfo(pFC_FunctionList, slotID_FC);
pFC_SlotList = PKM_GetSlotList(pFC_FunctionList, slotID_FC);
if (pFC_SlotList == NULL) {
- PKM_Error( "PKM_GetSlotList failed with \n");
+ PKM_Error("PKM_GetSlotList failed with \n");
return crv;
}
@@ -2010,8 +2046,9 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
if (crv == CKR_OK) {
PKM_LogIt("NONFIPS pC_CloseSession succeeded\n");
} else {
- PKM_Error( "pC_CloseSession failed for NONFIPS token "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("pC_CloseSession failed for NONFIPS token "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2019,16 +2056,16 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
"only when the NONFIPS Approved mode is inactive by \n"
"calling C_Finalize on the NONFIPS token.\n");
-
/* to go in FIPSMODE you must Finalize the NONFIPS mode pointer */
crv = pC_FunctionList->C_Finalize(NULL);
if (crv == CKR_OK) {
PKM_LogIt("C_Finalize of NONFIPS Token succeeded\n");
MODE = FIPSMODE;
} else {
- PKM_Error( "C_Finalize of NONFIPS Token failed with "
- "0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Finalize of NONFIPS Token failed with "
+ "0x%08X, %-26s\n",
+ crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2041,27 +2078,31 @@ CK_RV PKM_HybridMode(CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
PKM_LogIt("Exiting FIPSMODE by caling FC_Finalize.\n");
MODE = NOMODE;
} else {
- PKM_Error( "FC_Finalize failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("FC_Finalize failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- if (pC_SlotList) free(pC_SlotList);
- if (pFC_SlotList) free(pFC_SlotList);
+ if (pC_SlotList)
+ free(pC_SlotList);
+ if (pFC_SlotList)
+ free(pFC_SlotList);
MODE = origMode; /* set the mode back to the orginal Mode value */
PKM_LogIt("PKM_HybridMode test Completed\n\n");
return crv;
}
-CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID) {
+CK_RV
+PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID)
+{
CK_RV crv = CKR_OK;
CK_MECHANISM_TYPE *pMechanismList;
CK_ULONG mechanismCount;
CK_ULONG i;
- const char * mechName = NULL;
+ const char *mechName = NULL;
NUMTESTS++; /* increment NUMTESTS */
@@ -2069,23 +2110,23 @@ CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_GetMechanismList(pSlotList[slotID],
NULL, &mechanismCount);
if (crv != CKR_OK) {
- PKM_Error( "C_GetMechanismList failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GetMechanismList failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
PKM_LogIt("C_GetMechanismList reported there are %lu mechanisms\n",
mechanismCount);
pMechanismList = (CK_MECHANISM_TYPE *)
- malloc(mechanismCount * sizeof(CK_MECHANISM_TYPE));
+ malloc(mechanismCount * sizeof(CK_MECHANISM_TYPE));
if (!pMechanismList) {
- PKM_Error( "failed to allocate mechanism list\n");
+ PKM_Error("failed to allocate mechanism list\n");
return crv;
}
crv = pFunctionList->C_GetMechanismList(pSlotList[slotID],
pMechanismList, &mechanismCount);
if (crv != CKR_OK) {
- PKM_Error( "C_GetMechanismList failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GetMechanismList failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
PKM_LogIt("C_GetMechanismList returned the mechanism types:\n");
@@ -2096,87 +2137,91 @@ CK_RV PKM_Mechanism(CK_FUNCTION_LIST_PTR pFunctionList,
/* output two mechanism name on each line */
/* currently the longest known mechansim name length is 37 */
if (mechName) {
- printf("%-40s",mechName);
+ printf("%-40s", mechName);
} else {
printf("Unknown mechanism: 0x%08lX ", pMechanismList[i]);
- }
- if ((i % 2) == 1 ) printf("\n");
+ }
+ if ((i % 2) == 1)
+ printf("\n");
}
printf("\n\n");
}
- for ( i = 0; i < mechanismCount; i++ ) {
+ for (i = 0; i < mechanismCount; i++) {
CK_MECHANISM_INFO minfo;
memset(&minfo, 0, sizeof(CK_MECHANISM_INFO));
crv = pFunctionList->C_GetMechanismInfo(pSlotList[slotID],
pMechanismList[i], &minfo);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_GetMechanismInfo(%lu, %lu) returned 0x%08X, %-26s\n",
- pSlotList[slotID], pMechanismList[i], crv,
- PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_GetMechanismInfo(%lu, %lu) returned 0x%08X, %-26s\n",
+ pSlotList[slotID], pMechanismList[i], crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
mechName = getName(pMechanismList[i], ConstMechanism);
- if (!mechName) mechName = "Unknown mechanism";
- PKM_LogIt( " [%lu]: CK_MECHANISM_TYPE = %s 0x%08lX\n", (i+1),
- mechName,
- pMechanismList[i]);
- PKM_LogIt( " ulMinKeySize = %lu\n", minfo.ulMinKeySize);
- PKM_LogIt( " ulMaxKeySize = %lu\n", minfo.ulMaxKeySize);
- PKM_LogIt( " flags = 0x%08x\n", minfo.flags);
- PKM_LogIt( " -> HW = %s\n", minfo.flags & CKF_HW ?
- "TRUE" : "FALSE");
- PKM_LogIt( " -> ENCRYPT = %s\n", minfo.flags & CKF_ENCRYPT ?
- "TRUE" : "FALSE");
- PKM_LogIt( " -> DECRYPT = %s\n", minfo.flags & CKF_DECRYPT ?
- "TRUE" : "FALSE");
- PKM_LogIt( " -> DIGEST = %s\n", minfo.flags & CKF_DIGEST ?
- "TRUE" : "FALSE");
- PKM_LogIt( " -> SIGN = %s\n", minfo.flags & CKF_SIGN ?
- "TRUE" : "FALSE");
- PKM_LogIt( " -> SIGN_RECOVER = %s\n", minfo.flags &
- CKF_SIGN_RECOVER ? "TRUE" : "FALSE");
- PKM_LogIt( " -> VERIFY = %s\n", minfo.flags & CKF_VERIFY ?
- "TRUE" : "FALSE");
- PKM_LogIt( " -> VERIFY_RECOVER = %s\n",
- minfo.flags & CKF_VERIFY_RECOVER ? "TRUE" : "FALSE");
- PKM_LogIt( " -> GENERATE = %s\n", minfo.flags & CKF_GENERATE ?
- "TRUE" : "FALSE");
- PKM_LogIt( " -> GENERATE_KEY_PAIR = %s\n",
- minfo.flags & CKF_GENERATE_KEY_PAIR ? "TRUE" : "FALSE");
- PKM_LogIt( " -> WRAP = %s\n", minfo.flags & CKF_WRAP ?
- "TRUE" : "FALSE");
- PKM_LogIt( " -> UNWRAP = %s\n", minfo.flags & CKF_UNWRAP ?
- "TRUE" : "FALSE");
- PKM_LogIt( " -> DERIVE = %s\n", minfo.flags & CKF_DERIVE ?
- "TRUE" : "FALSE");
- PKM_LogIt( " -> EXTENSION = %s\n", minfo.flags & CKF_EXTENSION ?
- "TRUE" : "FALSE");
-
- PKM_LogIt( "\n");
+ if (!mechName)
+ mechName = "Unknown mechanism";
+ PKM_LogIt(" [%lu]: CK_MECHANISM_TYPE = %s 0x%08lX\n", (i + 1),
+ mechName,
+ pMechanismList[i]);
+ PKM_LogIt(" ulMinKeySize = %lu\n", minfo.ulMinKeySize);
+ PKM_LogIt(" ulMaxKeySize = %lu\n", minfo.ulMaxKeySize);
+ PKM_LogIt(" flags = 0x%08x\n", minfo.flags);
+ PKM_LogIt(" -> HW = %s\n", minfo.flags & CKF_HW ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> ENCRYPT = %s\n", minfo.flags & CKF_ENCRYPT ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> DECRYPT = %s\n", minfo.flags & CKF_DECRYPT ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> DIGEST = %s\n", minfo.flags & CKF_DIGEST ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> SIGN = %s\n", minfo.flags & CKF_SIGN ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> SIGN_RECOVER = %s\n", minfo.flags &
+ CKF_SIGN_RECOVER
+ ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> VERIFY = %s\n", minfo.flags & CKF_VERIFY ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> VERIFY_RECOVER = %s\n",
+ minfo.flags & CKF_VERIFY_RECOVER ? "TRUE" : "FALSE");
+ PKM_LogIt(" -> GENERATE = %s\n", minfo.flags & CKF_GENERATE ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> GENERATE_KEY_PAIR = %s\n",
+ minfo.flags & CKF_GENERATE_KEY_PAIR ? "TRUE" : "FALSE");
+ PKM_LogIt(" -> WRAP = %s\n", minfo.flags & CKF_WRAP ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> UNWRAP = %s\n", minfo.flags & CKF_UNWRAP ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> DERIVE = %s\n", minfo.flags & CKF_DERIVE ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> EXTENSION = %s\n", minfo.flags & CKF_EXTENSION ? "TRUE"
+ : "FALSE");
+
+ PKM_LogIt("\n");
}
-
return crv;
-
}
-CK_RV PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID * pSlotList,
- CK_ULONG slotID) {
+CK_RV
+PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID *pSlotList,
+ CK_ULONG slotID)
+{
CK_SESSION_HANDLE hSession;
CK_RV crv = CKR_OK;
CK_BYTE randomData[16];
- CK_BYTE seed[] = {0x01, 0x03, 0x35, 0x55, 0xFF};
+ CK_BYTE seed[] = { 0x01, 0x03, 0x35, 0x55, 0xFF };
NUMTESTS++; /* increment NUMTESTS */
crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION,
NULL, NULL, &hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2185,16 +2230,18 @@ CK_RV PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID * pSlotList,
if (crv == CKR_OK) {
PKM_LogIt("C_GenerateRandom without login succeeded\n");
} else {
- PKM_Error( "C_GenerateRandom without login failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GenerateRandom without login failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_SeedRandom(hSession, seed, sizeof(seed));
if (crv == CKR_OK) {
PKM_LogIt("C_SeedRandom without login succeeded\n");
} else {
- PKM_Error( "C_SeedRandom without login failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SeedRandom without login failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_GenerateRandom(hSession,
@@ -2202,70 +2249,74 @@ CK_RV PKM_RNG(CK_FUNCTION_LIST_PTR pFunctionList, CK_SLOT_ID * pSlotList,
if (crv == CKR_OK) {
PKM_LogIt("C_GenerateRandom without login succeeded\n");
} else {
- PKM_Error( "C_GenerateRandom without login failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GenerateRandom without login failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return crv;
-
}
-CK_RV PKM_SessionLogin(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID *pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) {
+CK_RV
+PKM_SessionLogin(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen)
+{
CK_SESSION_HANDLE hSession;
CK_RV crv = CKR_OK;
-
+
NUMTESTS++; /* increment NUMTESTS */
crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION,
NULL, NULL, &hSession);
if (crv != CKR_OK) {
- PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_Login(hSession, CKU_USER, (unsigned char *)
- "netscape", 8);
+ crv = pFunctionList->C_Login(hSession, CKU_USER, (unsigned char *)"netscape", 8);
if (crv == CKR_OK) {
PKM_Error("C_Login with wrong password succeeded\n");
return CKR_FUNCTION_FAILED;
} else {
PKM_LogIt("As expected C_Login with wrong password returned 0x%08X, "
- "%-26s.\n ", crv, PKM_CK_RVtoStr(crv));
+ "%-26s.\n ",
+ crv, PKM_CK_RVtoStr(crv));
}
- crv = pFunctionList->C_Login(hSession, CKU_USER, (unsigned char *)
- "red hat", 7);
+ crv = pFunctionList->C_Login(hSession, CKU_USER, (unsigned char *)"red hat", 7);
if (crv == CKR_OK) {
PKM_Error("C_Login with wrong password succeeded\n");
return CKR_FUNCTION_FAILED;
} else {
PKM_LogIt("As expected C_Login with wrong password returned 0x%08X, "
- "%-26s.\n ", crv, PKM_CK_RVtoStr(crv));
+ "%-26s.\n ",
+ crv, PKM_CK_RVtoStr(crv));
}
- crv = pFunctionList->C_Login(hSession, CKU_USER,
- (unsigned char *) "sun", 3);
+ crv = pFunctionList->C_Login(hSession, CKU_USER,
+ (unsigned char *)"sun", 3);
if (crv == CKR_OK) {
PKM_Error("C_Login with wrong password succeeded\n");
return CKR_FUNCTION_FAILED;
} else {
PKM_LogIt("As expected C_Login with wrong password returned 0x%08X, "
- "%-26s.\n ", crv, PKM_CK_RVtoStr(crv));
+ "%-26s.\n ",
+ crv, PKM_CK_RVtoStr(crv));
}
crv = pFunctionList->C_Login(hSession, CKU_USER, pwd, pwdLen);
if (crv == CKR_OK) {
PKM_LogIt("C_Login with correct password succeeded\n");
} else {
PKM_Error("C_Login with correct password failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2273,20 +2324,19 @@ CK_RV PKM_SessionLogin(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_Logout succeeded\n");
} else {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return crv;
-
}
/*
@@ -2303,9 +2353,11 @@ CK_RV PKM_SessionLogin(CK_FUNCTION_LIST_PTR pFunctionList,
* value CKR_FUNCTION_NOT_PARALLEL.
*
*/
-CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) {
+CK_RV
+PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen)
+{
CK_SESSION_HANDLE hSession;
CK_RV crv = CKR_OK;
NUMTESTS++; /* increment NUMTESTS */
@@ -2313,8 +2365,8 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION,
NULL, NULL, &hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2322,8 +2374,9 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_Login with correct password succeeded\n");
} else {
- PKM_Error( "C_Login with correct password failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Login with correct password failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2332,8 +2385,9 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
PKM_LogIt("C_GetFunctionStatus correctly"
"returned CKR_FUNCTION_NOT_PARALLEL \n");
} else {
- PKM_Error( "C_GetFunctionStatus failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GetFunctionStatus failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2342,8 +2396,9 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
PKM_LogIt("C_CancelFunction correctly "
"returned CKR_FUNCTION_NOT_PARALLEL \n");
} else {
- PKM_Error( "C_CancelFunction failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CancelFunction failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2351,20 +2406,19 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_Logout succeeded\n");
} else {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return crv;
-
}
/*
@@ -2377,12 +2431,14 @@ CK_RV PKM_LegacyFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
*
*/
-CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hSecKey, CK_MECHANISM *cryptMech,
- CK_OBJECT_HANDLE hSecKeyDigest,
- CK_MECHANISM *digestMech,
- const CK_BYTE * pData, CK_ULONG pDataLen) {
+CK_RV
+PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hSecKey, CK_MECHANISM *cryptMech,
+ CK_OBJECT_HANDLE hSecKeyDigest,
+ CK_MECHANISM *digestMech,
+ const CK_BYTE *pData, CK_ULONG pDataLen)
+{
CK_RV crv = CKR_OK;
CK_BYTE eDigest[MAX_DIGEST_SZ];
CK_BYTE dDigest[MAX_DIGEST_SZ];
@@ -2405,44 +2461,43 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList,
*/
crv = pFunctionList->C_EncryptInit(hSession, cryptMech, hSecKey);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_DigestInit(hSession, digestMech);
if (crv != CKR_OK) {
- PKM_Error( "C_DigestInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DigestInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
ciphertextLen = sizeof(ciphertext);
- crv = pFunctionList->C_DigestEncryptUpdate(hSession, (CK_BYTE * ) pData,
+ crv = pFunctionList->C_DigestEncryptUpdate(hSession, (CK_BYTE *)pData,
pDataLen,
ciphertext, &ciphertextLen);
if (crv != CKR_OK) {
- PKM_Error( "C_DigestEncryptUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DigestEncryptUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
ulDigestLen = sizeof(eDigest);
crv = pFunctionList->C_DigestFinal(hSession, eDigest, &ulDigestLen);
if (crv != CKR_OK) {
- PKM_Error( "C_DigestFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DigestFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
-
/* get the last piece of ciphertext (length should be 0 */
lastLen = sizeof(ciphertext) - ciphertextLen;
crv = pFunctionList->C_EncryptFinal(hSession,
- (CK_BYTE * )&ciphertext[ciphertextLen],
- &lastLen);
+ (CK_BYTE *)&ciphertext[ciphertextLen],
+ &lastLen);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
ciphertextLen = ciphertextLen + lastLen;
@@ -2462,14 +2517,14 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList,
/* Decrypt the text */
crv = pFunctionList->C_DecryptInit(hSession, cryptMech, hSecKey);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_DigestInit(hSession, digestMech);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2479,18 +2534,18 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList,
plaintext,
&plaintextLen);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptDigestUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptDigestUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
lastLen = sizeof(plaintext) - plaintextLen;
crv = pFunctionList->C_DecryptFinal(hSession,
- (CK_BYTE * )&plaintext[plaintextLen],
+ (CK_BYTE *)&plaintext[plaintextLen],
&lastLen);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
plaintextLen = plaintextLen + lastLen;
@@ -2498,16 +2553,16 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList,
ulDigestLen = sizeof(dDigest);
crv = pFunctionList->C_DigestFinal(hSession, dDigest, &ulDigestLen);
if (crv != CKR_OK) {
- PKM_Error( "C_DigestFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DigestFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
if (plaintextLen != pDataLen) {
- PKM_Error( "plaintextLen is %lu\n", plaintextLen);
+ PKM_Error("plaintextLen is %lu\n", plaintextLen);
return crv;
}
-
+
if (verbose) {
printf("plaintext = ");
for (i = 0; i < plaintextLen; i++) {
@@ -2520,22 +2575,21 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList,
}
printf("\n");
}
-
+
if (memcmp(eDigest, dDigest, ulDigestLen) == 0) {
PKM_LogIt("Encrypted Digest equals Decrypted Digest\n");
} else {
- PKM_Error( "Digests don't match\n");
+ PKM_Error("Digests don't match\n");
}
if ((plaintextLen == pDataLen) &&
- (memcmp(plaintext, pData, pDataLen)) == 0) {
+ (memcmp(plaintext, pData, pDataLen)) == 0) {
PKM_LogIt("DualFuncDigest decrypt test case passed\n");
} else {
- PKM_Error( "DualFuncDigest derypt test case failed\n");
+ PKM_Error("DualFuncDigest derypt test case failed\n");
}
return crv;
-
}
/*
@@ -2543,19 +2597,21 @@ CK_RV PKM_DualFuncDigest(CK_FUNCTION_LIST_PTR pFunctionList,
*
*/
-CK_RV PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hSymKey, CK_MECHANISM *cryptMech,
- const CK_BYTE * pData, CK_ULONG dataLen) {
+CK_RV
+PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hSymKey, CK_MECHANISM *cryptMech,
+ const CK_BYTE *pData, CK_ULONG dataLen)
+{
CK_RV crv = CKR_OK;
CK_BYTE cipher1[MAX_CIPHER_SZ];
CK_BYTE cipher2[MAX_CIPHER_SZ];
CK_BYTE data1[MAX_DATA_SZ];
CK_BYTE data2[MAX_DATA_SZ];
- CK_ULONG cipher1Len =0, cipher2Len =0, lastLen =0;
- CK_ULONG data1Len =0, data2Len =0;
-
+ CK_ULONG cipher1Len = 0, cipher2Len = 0, lastLen = 0;
+ CK_ULONG data1Len = 0, data2Len = 0;
+
NUMTESTS++; /* increment NUMTESTS */
memset(cipher1, 0, sizeof(cipher1));
@@ -2566,70 +2622,70 @@ CK_RV PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList,
/* C_Encrypt */
crv = pFunctionList->C_EncryptInit(hSession, cryptMech, hSymKey);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
cipher1Len = sizeof(cipher1);
- crv = pFunctionList->C_Encrypt(hSession, (CK_BYTE * ) pData, dataLen,
+ crv = pFunctionList->C_Encrypt(hSession, (CK_BYTE *)pData, dataLen,
cipher1, &cipher1Len);
if (crv != CKR_OK) {
- PKM_Error( "C_Encrypt failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Encrypt failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
/* C_EncryptUpdate */
crv = pFunctionList->C_EncryptInit(hSession, cryptMech, hSymKey);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
cipher2Len = sizeof(cipher2);
- crv = pFunctionList->C_EncryptUpdate (hSession, (CK_BYTE * ) pData,
- dataLen,
- cipher2, &cipher2Len);
+ crv = pFunctionList->C_EncryptUpdate(hSession, (CK_BYTE *)pData,
+ dataLen,
+ cipher2, &cipher2Len);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
lastLen = sizeof(cipher2) - cipher2Len;
crv = pFunctionList->C_EncryptFinal(hSession,
- (CK_BYTE * )&cipher2[cipher2Len],
- &lastLen);
+ (CK_BYTE *)&cipher2[cipher2Len],
+ &lastLen);
cipher2Len = cipher2Len + lastLen;
- if ( (cipher1Len == cipher2Len) &&
- (memcmp(cipher1, cipher2, sizeof(cipher1Len)) == 0) ) {
+ if ((cipher1Len == cipher2Len) &&
+ (memcmp(cipher1, cipher2, sizeof(cipher1Len)) == 0)) {
PKM_LogIt("encrypt test case passed\n");
} else {
- PKM_Error( "encrypt test case failed\n");
+ PKM_Error("encrypt test case failed\n");
return CKR_GENERAL_ERROR;
}
/* C_Decrypt */
crv = pFunctionList->C_DecryptInit(hSession, cryptMech, hSymKey);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
data1Len = sizeof(data1);
crv = pFunctionList->C_Decrypt(hSession, cipher1, cipher1Len,
data1, &data1Len);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
/* now use C_DecryptUpdate the text */
crv = pFunctionList->C_DecryptInit(hSession, cryptMech, hSymKey);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
data2Len = sizeof(data2);
@@ -2637,40 +2693,39 @@ CK_RV PKM_SecKeyCrypt(CK_FUNCTION_LIST_PTR pFunctionList,
cipher2Len,
data2, &data2Len);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
lastLen = sizeof(data2) - data2Len;
crv = pFunctionList->C_DecryptFinal(hSession,
- (CK_BYTE * )&data2[data2Len],
+ (CK_BYTE *)&data2[data2Len],
&lastLen);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
data2Len = data2Len + lastLen;
-
/* Comparison of Decrypt data */
- if ( (data1Len == data2Len) && (dataLen == data1Len) &&
- (memcmp(data1, pData, dataLen) == 0) &&
- (memcmp(data2, pData, dataLen) == 0) ) {
+ if ((data1Len == data2Len) && (dataLen == data1Len) &&
+ (memcmp(data1, pData, dataLen) == 0) &&
+ (memcmp(data2, pData, dataLen) == 0)) {
PKM_LogIt("decrypt test case passed\n");
} else {
- PKM_Error( "derypt test case failed\n");
+ PKM_Error("derypt test case failed\n");
}
return crv;
-
}
-
-CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) {
+CK_RV
+PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen)
+{
CK_SESSION_HANDLE hSession;
CK_RV crv = CKR_OK;
CK_MECHANISM sAESKeyMech = {
@@ -2680,14 +2735,14 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList,
CK_KEY_TYPE keyAESType = CKK_AES;
CK_UTF8CHAR AESlabel[] = "An AES secret key object";
CK_ULONG AESvalueLen = 16;
- CK_ATTRIBUTE sAESKeyTemplate[9];
+ CK_ATTRIBUTE sAESKeyTemplate[9];
CK_OBJECT_HANDLE hKey = CK_INVALID_HANDLE;
CK_BYTE KEY[16];
CK_BYTE IV[16];
static const CK_BYTE CIPHERTEXT[] = {
- 0x7e,0x6a,0x3f,0x3b,0x39,0x3c,0xf2,0x4b,
- 0xce,0xcc,0x23,0x6d,0x80,0xfd,0xe0,0xff
+ 0x7e, 0x6a, 0x3f, 0x3b, 0x39, 0x3c, 0xf2, 0x4b,
+ 0xce, 0xcc, 0x23, 0x6d, 0x80, 0xfd, 0xe0, 0xff
};
CK_BYTE ciphertext[64];
CK_BYTE ciphertext2[64];
@@ -2709,45 +2764,45 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList,
memset(ciphertext2, 0, sizeof(ciphertext2));
memset(IV, 0x00, sizeof(IV));
memset(KEY, 0x00, sizeof(KEY));
-
- mech_AES_CBC.mechanism = CKM_AES_CBC;
- mech_AES_CBC.pParameter = IV;
+
+ mech_AES_CBC.mechanism = CKM_AES_CBC;
+ mech_AES_CBC.pParameter = IV;
mech_AES_CBC.ulParameterLen = sizeof(IV);
/* AES key template */
- sAESKeyTemplate[0].type = CKA_CLASS;
- sAESKeyTemplate[0].pValue = &class;
+ sAESKeyTemplate[0].type = CKA_CLASS;
+ sAESKeyTemplate[0].pValue = &class;
sAESKeyTemplate[0].ulValueLen = sizeof(class);
- sAESKeyTemplate[1].type = CKA_KEY_TYPE;
- sAESKeyTemplate[1].pValue = &keyAESType;
+ sAESKeyTemplate[1].type = CKA_KEY_TYPE;
+ sAESKeyTemplate[1].pValue = &keyAESType;
sAESKeyTemplate[1].ulValueLen = sizeof(keyAESType);
- sAESKeyTemplate[2].type = CKA_LABEL;
- sAESKeyTemplate[2].pValue = AESlabel;
- sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel)-1;
- sAESKeyTemplate[3].type = CKA_ENCRYPT;
- sAESKeyTemplate[3].pValue = &true;
+ sAESKeyTemplate[2].type = CKA_LABEL;
+ sAESKeyTemplate[2].pValue = AESlabel;
+ sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel) - 1;
+ sAESKeyTemplate[3].type = CKA_ENCRYPT;
+ sAESKeyTemplate[3].pValue = &true;
sAESKeyTemplate[3].ulValueLen = sizeof(true);
- sAESKeyTemplate[4].type = CKA_DECRYPT;
- sAESKeyTemplate[4].pValue = &true;
+ sAESKeyTemplate[4].type = CKA_DECRYPT;
+ sAESKeyTemplate[4].pValue = &true;
sAESKeyTemplate[4].ulValueLen = sizeof(true);
- sAESKeyTemplate[5].type = CKA_SIGN;
- sAESKeyTemplate[5].pValue = &true;
- sAESKeyTemplate[5].ulValueLen = sizeof (true);
- sAESKeyTemplate[6].type = CKA_VERIFY;
- sAESKeyTemplate[6].pValue = &true;
+ sAESKeyTemplate[5].type = CKA_SIGN;
+ sAESKeyTemplate[5].pValue = &true;
+ sAESKeyTemplate[5].ulValueLen = sizeof(true);
+ sAESKeyTemplate[6].type = CKA_VERIFY;
+ sAESKeyTemplate[6].pValue = &true;
sAESKeyTemplate[6].ulValueLen = sizeof(true);
- sAESKeyTemplate[7].type = CKA_UNWRAP;
- sAESKeyTemplate[7].pValue = &true;
+ sAESKeyTemplate[7].type = CKA_UNWRAP;
+ sAESKeyTemplate[7].pValue = &true;
sAESKeyTemplate[7].ulValueLen = sizeof(true);
- sAESKeyTemplate[8].type = CKA_VALUE_LEN;
- sAESKeyTemplate[8].pValue = &AESvalueLen;
+ sAESKeyTemplate[8].type = CKA_VALUE_LEN;
+ sAESKeyTemplate[8].pValue = &AESvalueLen;
sAESKeyTemplate[8].ulValueLen = sizeof(AESvalueLen);
crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION,
NULL, NULL, &hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2755,8 +2810,9 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_Login with correct password succeeded\n");
} else {
- PKM_Error( "C_Login with correct password failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Login with correct password failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -2769,27 +2825,27 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_GenerateKey AES succeeded\n");
} else {
- PKM_Error( "C_GenerateKey AES failed with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GenerateKey AES failed with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_EncryptInit(hSession, &aesEcbMech, hKey);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
wrappedKeyLen = sizeof(wrappedKey);
crv = pFunctionList->C_Encrypt(hSession, KEY, sizeof(KEY),
wrappedKey, &wrappedKeyLen);
if (crv != CKR_OK) {
- PKM_Error( "C_Encrypt failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Encrypt failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
if (wrappedKeyLen != sizeof(wrappedKey)) {
- PKM_Error( "wrappedKeyLen is %lu\n", wrappedKeyLen);
+ PKM_Error("wrappedKeyLen is %lu\n", wrappedKeyLen);
return crv;
}
/* Import an encrypted key */
@@ -2799,93 +2855,93 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList,
NUM_ELEM(sAESKeyTemplate),
&hTestKey);
if (crv != CKR_OK) {
- PKM_Error( "C_UnwraPKey failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_UnwraPKey failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
/* AES Encrypt the text */
crv = pFunctionList->C_EncryptInit(hSession, &mech_AES_CBC, hTestKey);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
ciphertextLen = sizeof(ciphertext);
- crv = pFunctionList->C_Encrypt(hSession, (CK_BYTE *) PLAINTEXT,
+ crv = pFunctionList->C_Encrypt(hSession, (CK_BYTE *)PLAINTEXT,
sizeof(PLAINTEXT),
ciphertext, &ciphertextLen);
if (crv != CKR_OK) {
- PKM_Error( "C_Encrypt failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Encrypt failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- if ( (ciphertextLen == sizeof(CIPHERTEXT)) &&
- (memcmp(ciphertext, CIPHERTEXT, ciphertextLen) == 0)) {
+ if ((ciphertextLen == sizeof(CIPHERTEXT)) &&
+ (memcmp(ciphertext, CIPHERTEXT, ciphertextLen) == 0)) {
PKM_LogIt("AES CBCVarKey128 encrypt test case 1 passed\n");
} else {
- PKM_Error( "AES CBCVarKey128 encrypt test case 1 failed\n");
+ PKM_Error("AES CBCVarKey128 encrypt test case 1 failed\n");
return crv;
}
/* now use EncryptUpdate the text */
crv = pFunctionList->C_EncryptInit(hSession, &mech_AES_CBC, hTestKey);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
ciphertext2Len = sizeof(ciphertext2);
- crv = pFunctionList->C_EncryptUpdate (hSession, (CK_BYTE *) PLAINTEXT,
- sizeof(PLAINTEXT),
- ciphertext2, &ciphertext2Len);
+ crv = pFunctionList->C_EncryptUpdate(hSession, (CK_BYTE *)PLAINTEXT,
+ sizeof(PLAINTEXT),
+ ciphertext2, &ciphertext2Len);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
lastLen = sizeof(ciphertext2) - ciphertext2Len;
crv = pFunctionList->C_EncryptFinal(hSession,
- (CK_BYTE * )&ciphertext2[ciphertext2Len],
- &lastLen);
+ (CK_BYTE *)&ciphertext2[ciphertext2Len],
+ &lastLen);
ciphertext2Len = ciphertext2Len + lastLen;
- if ( (ciphertextLen == ciphertext2Len) &&
- (memcmp(ciphertext, ciphertext2, sizeof(CIPHERTEXT)) == 0) &&
- (memcmp(ciphertext2, CIPHERTEXT, sizeof(CIPHERTEXT)) == 0)) {
+ if ((ciphertextLen == ciphertext2Len) &&
+ (memcmp(ciphertext, ciphertext2, sizeof(CIPHERTEXT)) == 0) &&
+ (memcmp(ciphertext2, CIPHERTEXT, sizeof(CIPHERTEXT)) == 0)) {
PKM_LogIt("AES CBCVarKey128 encrypt test case 2 passed\n");
} else {
- PKM_Error( "AES CBCVarKey128 encrypt test case 2 failed\n");
+ PKM_Error("AES CBCVarKey128 encrypt test case 2 failed\n");
return CKR_GENERAL_ERROR;
}
/* AES CBC Decrypt the text */
crv = pFunctionList->C_DecryptInit(hSession, &mech_AES_CBC, hTestKey);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
plaintextLen = sizeof(plaintext);
crv = pFunctionList->C_Decrypt(hSession, ciphertext, ciphertextLen,
plaintext, &plaintextLen);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- if ((plaintextLen == sizeof(PLAINTEXT))
- && (memcmp(plaintext, PLAINTEXT, plaintextLen) == 0)) {
+ if ((plaintextLen == sizeof(PLAINTEXT)) &&
+ (memcmp(plaintext, PLAINTEXT, plaintextLen) == 0)) {
PKM_LogIt("AES CBCVarKey128 decrypt test case 1 passed\n");
} else {
- PKM_Error( "AES CBCVarKey128 derypt test case 1 failed\n");
+ PKM_Error("AES CBCVarKey128 derypt test case 1 failed\n");
}
/* now use DecryptUpdate the text */
crv = pFunctionList->C_DecryptInit(hSession, &mech_AES_CBC, hTestKey);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
plaintext2Len = sizeof(plaintext2);
@@ -2893,22 +2949,22 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList,
ciphertext2Len,
plaintext2, &plaintext2Len);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
lastLen = sizeof(plaintext2) - plaintext2Len;
crv = pFunctionList->C_DecryptFinal(hSession,
- (CK_BYTE * )&plaintext2[plaintext2Len],
- &lastLen);
+ (CK_BYTE *)&plaintext2[plaintext2Len],
+ &lastLen);
plaintext2Len = plaintext2Len + lastLen;
- if ( (plaintextLen == plaintext2Len) &&
- (memcmp(plaintext, plaintext2, plaintext2Len) == 0) &&
- (memcmp(plaintext2, PLAINTEXT, sizeof(PLAINTEXT)) == 0)) {
+ if ((plaintextLen == plaintext2Len) &&
+ (memcmp(plaintext, plaintext2, plaintext2Len) == 0) &&
+ (memcmp(plaintext2, PLAINTEXT, sizeof(PLAINTEXT)) == 0)) {
PKM_LogIt("AES CBCVarKey128 decrypt test case 2 passed\n");
} else {
- PKM_Error( "AES CBCVarKey128 decrypt test case 2 failed\n");
+ PKM_Error("AES CBCVarKey128 decrypt test case 2 failed\n");
return CKR_GENERAL_ERROR;
}
@@ -2916,69 +2972,69 @@ CK_RV PKM_SecretKey(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_Logout succeeded\n");
} else {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
-
return crv;
-
}
-CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hRwSession,
- CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey,
- CK_MECHANISM *signMech, const CK_BYTE * pData,
- CK_ULONG pDataLen) {
+CK_RV
+PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SESSION_HANDLE hRwSession,
+ CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey,
+ CK_MECHANISM *signMech, const CK_BYTE *pData,
+ CK_ULONG pDataLen)
+{
CK_RV crv = CKR_OK;
CK_BYTE sig[MAX_SIG_SZ];
- CK_ULONG sigLen = 0 ;
-
+ CK_ULONG sigLen = 0;
+
NUMTESTS++; /* increment NUMTESTS */
memset(sig, 0, sizeof(sig));
/* C_Sign */
crv = pFunctionList->C_SignInit(hRwSession, signMech, hPrivKey);
if (crv != CKR_OK) {
- PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
sigLen = sizeof(sig);
- crv = pFunctionList->C_Sign(hRwSession, (CK_BYTE * ) pData, pDataLen,
+ crv = pFunctionList->C_Sign(hRwSession, (CK_BYTE *)pData, pDataLen,
sig, &sigLen);
if (crv != CKR_OK) {
- PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
/* C_Verify the signature */
crv = pFunctionList->C_VerifyInit(hRwSession, signMech, hPubKey);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_Verify(hRwSession, (CK_BYTE * ) pData, pDataLen,
+ crv = pFunctionList->C_Verify(hRwSession, (CK_BYTE *)pData, pDataLen,
sig, sigLen);
if (crv == CKR_OK) {
PKM_LogIt("C_Verify succeeded\n");
} else {
- PKM_Error( "C_Verify failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Verify failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- /* Check that the mechanism is Multi-part */
- if (signMech->mechanism == CKM_DSA ||
+ /* Check that the mechanism is Multi-part */
+ if (signMech->mechanism == CKM_DSA ||
signMech->mechanism == CKM_RSA_PKCS) {
return crv;
}
@@ -2987,22 +3043,22 @@ CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList,
/* SignUpdate */
crv = pFunctionList->C_SignInit(hRwSession, signMech, hPrivKey);
if (crv != CKR_OK) {
- PKM_Error( "C_SignInit failed with 0x%08lX %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignInit failed with 0x%08lX %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_SignUpdate(hRwSession, (CK_BYTE * ) pData, pDataLen);
+ crv = pFunctionList->C_SignUpdate(hRwSession, (CK_BYTE *)pData, pDataLen);
if (crv != CKR_OK) {
- PKM_Error( "C_Sign failed with 0x%08lX %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Sign failed with 0x%08lX %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
sigLen = sizeof(sig);
crv = pFunctionList->C_SignFinal(hRwSession, sig, &sigLen);
if (crv != CKR_OK) {
- PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -3010,50 +3066,51 @@ CK_RV PKM_PubKeySign(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_VerifyInit(hRwSession, signMech,
hPubKey);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_VerifyUpdate(hRwSession, (CK_BYTE * ) pData,
+ crv = pFunctionList->C_VerifyUpdate(hRwSession, (CK_BYTE *)pData,
pDataLen);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_VerifyFinal(hRwSession, sig, sigLen);
if (crv == CKR_OK) {
PKM_LogIt("C_VerifyFinal succeeded\n");
} else {
- PKM_Error( "C_VerifyFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return crv;
-
}
-CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList,
- CK_ULONG slotID, CK_UTF8CHAR_PTR pwd,
- CK_ULONG pwdLen){
+CK_RV
+PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList,
+ CK_ULONG slotID, CK_UTF8CHAR_PTR pwd,
+ CK_ULONG pwdLen)
+{
CK_SESSION_HANDLE hSession;
CK_RV crv = CKR_OK;
-/*** DSA Key ***/
+ /*** DSA Key ***/
CK_MECHANISM dsaParamGenMech;
CK_ULONG primeBits = 1024;
- CK_ATTRIBUTE dsaParamGenTemplate[1];
+ CK_ATTRIBUTE dsaParamGenTemplate[1];
CK_OBJECT_HANDLE hDsaParams = CK_INVALID_HANDLE;
CK_BYTE DSA_P[128];
CK_BYTE DSA_Q[20];
CK_BYTE DSA_G[128];
CK_MECHANISM dsaKeyPairGenMech;
- CK_ATTRIBUTE dsaPubKeyTemplate[5];
- CK_ATTRIBUTE dsaPrivKeyTemplate[5];
+ CK_ATTRIBUTE dsaPubKeyTemplate[5];
+ CK_ATTRIBUTE dsaPrivKeyTemplate[5];
CK_OBJECT_HANDLE hDSApubKey = CK_INVALID_HANDLE;
CK_OBJECT_HANDLE hDSAprivKey = CK_INVALID_HANDLE;
-
+
/* From SHA1ShortMsg.req, Len = 136 */
CK_BYTE MSG[] = {
0xba, 0x33, 0x95, 0xfb,
@@ -3087,52 +3144,52 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
NUMTESTS++; /* increment NUMTESTS */
/* DSA key init */
- dsaParamGenMech.mechanism = CKM_DSA_PARAMETER_GEN;
- dsaParamGenMech.pParameter = NULL_PTR;
+ dsaParamGenMech.mechanism = CKM_DSA_PARAMETER_GEN;
+ dsaParamGenMech.pParameter = NULL_PTR;
dsaParamGenMech.ulParameterLen = 0;
- dsaParamGenTemplate[0].type = CKA_PRIME_BITS;
- dsaParamGenTemplate[0].pValue = &primeBits;
+ dsaParamGenTemplate[0].type = CKA_PRIME_BITS;
+ dsaParamGenTemplate[0].pValue = &primeBits;
dsaParamGenTemplate[0].ulValueLen = sizeof(primeBits);
- dsaPubKeyTemplate[0].type = CKA_PRIME;
- dsaPubKeyTemplate[0].pValue = DSA_P;
+ dsaPubKeyTemplate[0].type = CKA_PRIME;
+ dsaPubKeyTemplate[0].pValue = DSA_P;
dsaPubKeyTemplate[0].ulValueLen = sizeof(DSA_P);
- dsaPubKeyTemplate[1].type = CKA_SUBPRIME;
+ dsaPubKeyTemplate[1].type = CKA_SUBPRIME;
dsaPubKeyTemplate[1].pValue = DSA_Q;
dsaPubKeyTemplate[1].ulValueLen = sizeof(DSA_Q);
- dsaPubKeyTemplate[2].type = CKA_BASE;
- dsaPubKeyTemplate[2].pValue = DSA_G;
+ dsaPubKeyTemplate[2].type = CKA_BASE;
+ dsaPubKeyTemplate[2].pValue = DSA_G;
dsaPubKeyTemplate[2].ulValueLen = sizeof(DSA_G);
- dsaPubKeyTemplate[3].type = CKA_TOKEN;
- dsaPubKeyTemplate[3].pValue = &true;
+ dsaPubKeyTemplate[3].type = CKA_TOKEN;
+ dsaPubKeyTemplate[3].pValue = &true;
dsaPubKeyTemplate[3].ulValueLen = sizeof(true);
- dsaPubKeyTemplate[4].type = CKA_VERIFY;
- dsaPubKeyTemplate[4].pValue = &true;
+ dsaPubKeyTemplate[4].type = CKA_VERIFY;
+ dsaPubKeyTemplate[4].pValue = &true;
dsaPubKeyTemplate[4].ulValueLen = sizeof(true);
- dsaKeyPairGenMech.mechanism = CKM_DSA_KEY_PAIR_GEN;
+ dsaKeyPairGenMech.mechanism = CKM_DSA_KEY_PAIR_GEN;
dsaKeyPairGenMech.pParameter = NULL_PTR;
dsaKeyPairGenMech.ulParameterLen = 0;
- dsaPrivKeyTemplate[0].type = CKA_TOKEN;
- dsaPrivKeyTemplate[0].pValue = &true;
+ dsaPrivKeyTemplate[0].type = CKA_TOKEN;
+ dsaPrivKeyTemplate[0].pValue = &true;
dsaPrivKeyTemplate[0].ulValueLen = sizeof(true);
- dsaPrivKeyTemplate[1].type = CKA_PRIVATE;
- dsaPrivKeyTemplate[1].pValue = &true;
+ dsaPrivKeyTemplate[1].type = CKA_PRIVATE;
+ dsaPrivKeyTemplate[1].pValue = &true;
dsaPrivKeyTemplate[1].ulValueLen = sizeof(true);
- dsaPrivKeyTemplate[2].type = CKA_SENSITIVE;
- dsaPrivKeyTemplate[2].pValue = &true;
+ dsaPrivKeyTemplate[2].type = CKA_SENSITIVE;
+ dsaPrivKeyTemplate[2].pValue = &true;
dsaPrivKeyTemplate[2].ulValueLen = sizeof(true);
- dsaPrivKeyTemplate[3].type = CKA_SIGN,
- dsaPrivKeyTemplate[3].pValue = &true;
+ dsaPrivKeyTemplate[3].type = CKA_SIGN,
+ dsaPrivKeyTemplate[3].pValue = &true;
dsaPrivKeyTemplate[3].ulValueLen = sizeof(true);
- dsaPrivKeyTemplate[4].type = CKA_EXTRACTABLE;
- dsaPrivKeyTemplate[4].pValue = &true;
+ dsaPrivKeyTemplate[4].type = CKA_EXTRACTABLE;
+ dsaPrivKeyTemplate[4].pValue = &true;
dsaPrivKeyTemplate[4].ulValueLen = sizeof(true);
crv = pFunctionList->C_OpenSession(pSlotList[slotID],
CKF_RW_SESSION | CKF_SERIAL_SESSION,
NULL, NULL, &hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -3140,8 +3197,9 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_Login with correct password succeeded\n");
} else {
- PKM_Error( "C_Login with correct password failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Login with correct password failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -3154,8 +3212,9 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("DSA domain parameter generation succeeded\n");
} else {
- PKM_Error( "DSA domain parameter generation failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("DSA domain parameter generation failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_GetAttributeValue(hSession, hDsaParams,
@@ -3163,19 +3222,21 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("Getting DSA domain parameters succeeded\n");
} else {
- PKM_Error( "Getting DSA domain parameters failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("Getting DSA domain parameters failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_DestroyObject(hSession, hDsaParams);
if (crv == CKR_OK) {
PKM_LogIt("Destroying DSA domain parameters succeeded\n");
} else {
- PKM_Error( "Destroying DSA domain parameters failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("Destroying DSA domain parameters failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
-
+
PKM_LogIt("Generate a DSA key pair ... \n");
/* Generate a persistent DSA key pair */
crv = pFunctionList->C_GenerateKeyPair(hSession, &dsaKeyPairGenMech,
@@ -3187,79 +3248,82 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("DSA key pair generation succeeded\n");
} else {
- PKM_Error( "DSA key pair generation failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("DSA key pair generation failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
/* Compute SHA-1 digest */
crv = pFunctionList->C_DigestInit(hSession, &sha1Mech);
if (crv != CKR_OK) {
- PKM_Error( "C_DigestInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DigestInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
sha1DigestLen = sizeof(sha1Digest);
crv = pFunctionList->C_Digest(hSession, MSG, sizeof(MSG),
sha1Digest, &sha1DigestLen);
if (crv != CKR_OK) {
- PKM_Error( "C_Digest failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Digest failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
if (sha1DigestLen != sizeof(sha1Digest)) {
- PKM_Error( "sha1DigestLen is %lu\n", sha1DigestLen);
+ PKM_Error("sha1DigestLen is %lu\n", sha1DigestLen);
return crv;
}
if (memcmp(sha1Digest, MD, sizeof(MD)) == 0) {
PKM_LogIt("SHA-1 SHA1ShortMsg test case Len = 136 passed\n");
} else {
- PKM_Error( "SHA-1 SHA1ShortMsg test case Len = 136 failed\n");
+ PKM_Error("SHA-1 SHA1ShortMsg test case Len = 136 failed\n");
}
crv = PKM_PubKeySign(pFunctionList, hSession,
- hDSApubKey, hDSAprivKey,
- &dsaMech, sha1Digest, sizeof(sha1Digest));
+ hDSApubKey, hDSAprivKey,
+ &dsaMech, sha1Digest, sizeof(sha1Digest));
if (crv == CKR_OK) {
PKM_LogIt("PKM_PubKeySign CKM_DSA succeeded \n");
} else {
- PKM_Error( "PKM_PubKeySign failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_PubKeySign failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = PKM_PubKeySign(pFunctionList, hSession,
- hDSApubKey, hDSAprivKey,
- &dsaWithSha1Mech, PLAINTEXT, sizeof(PLAINTEXT));
+ hDSApubKey, hDSAprivKey,
+ &dsaWithSha1Mech, PLAINTEXT, sizeof(PLAINTEXT));
if (crv == CKR_OK) {
PKM_LogIt("PKM_PubKeySign CKM_DSA_SHA1 succeeded \n");
} else {
- PKM_Error( "PKM_PubKeySign failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_PubKeySign failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
/* Sign with DSA */
crv = pFunctionList->C_SignInit(hSession, &dsaMech, hDSAprivKey);
if (crv != CKR_OK) {
- PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
dsaSigLen = sizeof(dsaSig);
crv = pFunctionList->C_Sign(hSession, sha1Digest, sha1DigestLen,
dsaSig, &dsaSigLen);
if (crv != CKR_OK) {
- PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
/* Verify the DSA signature */
crv = pFunctionList->C_VerifyInit(hSession, &dsaMech, hDSApubKey);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_Verify(hSession, sha1Digest, sha1DigestLen,
@@ -3267,8 +3331,8 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_Verify succeeded\n");
} else {
- PKM_Error( "C_Verify failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Verify failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -3276,28 +3340,28 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_VerifyInit(hSession, &dsaWithSha1Mech,
hDSApubKey);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_VerifyUpdate(hSession, MSG, 1);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_VerifyUpdate(hSession, MSG+1, sizeof(MSG)-1);
+ crv = pFunctionList->C_VerifyUpdate(hSession, MSG + 1, sizeof(MSG) - 1);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_VerifyFinal(hSession, dsaSig, dsaSigLen);
if (crv == CKR_OK) {
PKM_LogIt("C_VerifyFinal succeeded\n");
} else {
- PKM_Error( "C_VerifyFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -3305,28 +3369,28 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_VerifyInit(hSession, &dsaWithSha1Mech,
hDSApubKey);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_VerifyUpdate(hSession, MSG, 1);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_VerifyUpdate(hSession, MSG+1, sizeof(MSG)-1);
+ crv = pFunctionList->C_VerifyUpdate(hSession, MSG + 1, sizeof(MSG) - 1);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_VerifyFinal(hSession, dsaSig, dsaSigLen);
if (crv == CKR_OK) {
PKM_LogIt("C_VerifyFinal of multi update succeeded.\n");
} else {
- PKM_Error("C_VerifyFinal of multi update failed with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyFinal of multi update failed with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
/* Now modify the data */
@@ -3334,57 +3398,59 @@ CK_RV PKM_PublicKey(CK_FUNCTION_LIST_PTR pFunctionList,
/* Compute SHA-1 digest */
crv = pFunctionList->C_DigestInit(hSession, &sha1Mech);
if (crv != CKR_OK) {
- PKM_Error( "C_DigestInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DigestInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
sha1DigestLen = sizeof(sha1Digest);
crv = pFunctionList->C_Digest(hSession, MSG, sizeof(MSG),
sha1Digest, &sha1DigestLen);
if (crv != CKR_OK) {
- PKM_Error( "C_Digest failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Digest failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_VerifyInit(hSession, &dsaMech, hDSApubKey);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_Verify(hSession, sha1Digest, sha1DigestLen,
dsaSig, dsaSigLen);
if (crv != CKR_SIGNATURE_INVALID) {
- PKM_Error( "C_Verify of modified data succeeded\n");
+ PKM_Error("C_Verify of modified data succeeded\n");
return crv;
} else {
PKM_LogIt("C_Verify of modified data returned as EXPECTED "
- " with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ " with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
}
crv = pFunctionList->C_Logout(hSession);
if (crv == CKR_OK) {
PKM_LogIt("C_Logout succeeded\n");
} else {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return crv;
-
}
-CK_RV PKM_Hmac(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE sKey, CK_MECHANISM *hmacMech,
- const CK_BYTE * pData, CK_ULONG pDataLen) {
+CK_RV
+PKM_Hmac(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE sKey, CK_MECHANISM *hmacMech,
+ const CK_BYTE *pData, CK_ULONG pDataLen)
+{
CK_RV crv = CKR_OK;
@@ -3395,27 +3461,27 @@ CK_RV PKM_Hmac(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession,
memset(hmac1, 0, sizeof(hmac1));
memset(hmac2, 0, sizeof(hmac2));
-
+
NUMTESTS++; /* increment NUMTESTS */
crv = pFunctionList->C_SignInit(hSession, hmacMech, sKey);
if (crv == CKR_OK) {
PKM_LogIt("C_SignInit succeeded\n");
} else {
- PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
hmac1Len = sizeof(hmac1);
- crv = pFunctionList->C_Sign(hSession, (CK_BYTE * )pData,
+ crv = pFunctionList->C_Sign(hSession, (CK_BYTE *)pData,
pDataLen,
- (CK_BYTE * )hmac1, &hmac1Len);
+ (CK_BYTE *)hmac1, &hmac1Len);
if (crv == CKR_OK) {
PKM_LogIt("C_Sign succeeded\n");
} else {
- PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -3423,82 +3489,84 @@ CK_RV PKM_Hmac(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession,
if (crv == CKR_OK) {
PKM_LogIt("C_SignInit succeeded\n");
} else {
- PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_SignUpdate(hSession, (CK_BYTE * )pData,
+ crv = pFunctionList->C_SignUpdate(hSession, (CK_BYTE *)pData,
pDataLen);
if (crv == CKR_OK) {
PKM_LogIt("C_SignUpdate succeeded\n");
} else {
- PKM_Error( "C_SignUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
hmac2Len = sizeof(hmac2);
- crv = pFunctionList->C_SignFinal(hSession, (CK_BYTE * )hmac2, &hmac2Len);
+ crv = pFunctionList->C_SignFinal(hSession, (CK_BYTE *)hmac2, &hmac2Len);
if (crv == CKR_OK) {
PKM_LogIt("C_SignFinal succeeded\n");
} else {
- PKM_Error( "C_SignFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- if ((hmac1Len == hmac2Len) && (memcmp(hmac1, hmac2, hmac1Len) == 0) ) {
+ if ((hmac1Len == hmac2Len) && (memcmp(hmac1, hmac2, hmac1Len) == 0)) {
PKM_LogIt("hmacs are equal!\n");
} else {
PKM_Error("hmacs are not equal!\n");
}
crv = pFunctionList->C_VerifyInit(hSession, hmacMech, sKey);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_Verify(hSession, (CK_BYTE * )pData,
+ crv = pFunctionList->C_Verify(hSession, (CK_BYTE *)pData,
pDataLen,
- (CK_BYTE * ) hmac2, hmac2Len);
+ (CK_BYTE *)hmac2, hmac2Len);
if (crv == CKR_OK) {
PKM_LogIt("C_Verify of hmac succeeded\n");
} else {
- PKM_Error( "C_Verify failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Verify failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_VerifyInit(hSession, hmacMech, sKey);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_VerifyUpdate(hSession, (CK_BYTE * )pData,
- pDataLen);
+ crv = pFunctionList->C_VerifyUpdate(hSession, (CK_BYTE *)pData,
+ pDataLen);
if (crv == CKR_OK) {
PKM_LogIt("C_VerifyUpdate of hmac succeeded\n");
} else {
- PKM_Error( "C_VerifyUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_VerifyFinal(hSession, (CK_BYTE * ) hmac1,
+ crv = pFunctionList->C_VerifyFinal(hSession, (CK_BYTE *)hmac1,
hmac1Len);
if (crv == CKR_OK) {
PKM_LogIt("C_VerifyFinal of hmac succeeded\n");
} else {
- PKM_Error( "C_VerifyFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return crv;
}
-CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) {
+CK_RV
+PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen)
+{
CK_RV crv = CKR_OK;
CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
@@ -3507,69 +3575,78 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
CK_ULONG tnObjects = 0;
int curMode;
unsigned int i;
- unsigned int number_of_all_known_attribute_types = totalKnownType(ConstAttribute);
+ unsigned int number_of_all_known_attribute_types = totalKnownType(ConstAttribute);
NUMTESTS++; /* increment NUMTESTS */
crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION,
NULL, NULL, &h);
- if ( CKR_OK != crv ) {
+ if (CKR_OK != crv) {
PKM_Error("C_OpenSession(%lu, CKF_SERIAL_SESSION, , )"
- "returned 0x%08X, %-26s\n", pSlotList[slotID], crv,
+ "returned 0x%08X, %-26s\n",
+ pSlotList[slotID], crv,
PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt( " Opened a session: handle = 0x%08x\n", h);
+ PKM_LogIt(" Opened a session: handle = 0x%08x\n", h);
(void)memset(&sinfo, 0, sizeof(CK_SESSION_INFO));
crv = pFunctionList->C_GetSessionInfo(h, &sinfo);
- if ( CKR_OK != crv ) {
- PKM_LogIt( "C_GetSessionInfo(%lu, ) returned 0x%08X, %-26s\n", h, crv,
- PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_LogIt("C_GetSessionInfo(%lu, ) returned 0x%08X, %-26s\n", h, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt( " SESSION INFO:\n");
- PKM_LogIt( " slotID = %lu\n", sinfo.slotID);
- PKM_LogIt( " state = %lu\n", sinfo.state);
- PKM_LogIt( " flags = 0x%08x\n", sinfo.flags);
+ PKM_LogIt(" SESSION INFO:\n");
+ PKM_LogIt(" slotID = %lu\n", sinfo.slotID);
+ PKM_LogIt(" state = %lu\n", sinfo.state);
+ PKM_LogIt(" flags = 0x%08x\n", sinfo.flags);
#ifdef CKF_EXCLUSIVE_SESSION
- PKM_LogIt( " -> EXCLUSIVE SESSION = %s\n", sinfo.flags &
- CKF_EXCLUSIVE_SESSION ? "TRUE" : "FALSE");
+ PKM_LogIt(" -> EXCLUSIVE SESSION = %s\n", sinfo.flags &
+ CKF_EXCLUSIVE_SESSION
+ ? "TRUE"
+ : "FALSE");
#endif /* CKF_EXCLUSIVE_SESSION */
- PKM_LogIt( " -> RW SESSION = %s\n", sinfo.flags &
- CKF_RW_SESSION ? "TRUE" : "FALSE");
- PKM_LogIt( " -> SERIAL SESSION = %s\n", sinfo.flags &
- CKF_SERIAL_SESSION ? "TRUE" : "FALSE");
+ PKM_LogIt(" -> RW SESSION = %s\n", sinfo.flags &
+ CKF_RW_SESSION
+ ? "TRUE"
+ : "FALSE");
+ PKM_LogIt(" -> SERIAL SESSION = %s\n", sinfo.flags &
+ CKF_SERIAL_SESSION
+ ? "TRUE"
+ : "FALSE");
#ifdef CKF_INSERTION_CALLBACK
- PKM_LogIt( " -> INSERTION CALLBACK = %s\n", sinfo.flags &
- CKF_INSERTION_CALLBACK ? "TRUE" : "FALSE");
+ PKM_LogIt(" -> INSERTION CALLBACK = %s\n", sinfo.flags &
+ CKF_INSERTION_CALLBACK
+ ? "TRUE"
+ : "FALSE");
#endif /* CKF_INSERTION_CALLBACK */
- PKM_LogIt( " ulDeviceError = %lu\n", sinfo.ulDeviceError);
- PKM_LogIt( "\n");
+ PKM_LogIt(" ulDeviceError = %lu\n", sinfo.ulDeviceError);
+ PKM_LogIt("\n");
crv = pFunctionList->C_FindObjectsInit(h, NULL, 0);
- if ( CKR_OK != crv ) {
- PKM_LogIt( "C_FindObjectsInit(%lu, NULL, 0) returned "
- "0x%08X, %-26s\n",
- h, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_LogIt("C_FindObjectsInit(%lu, NULL, 0) returned "
+ "0x%08X, %-26s\n",
+ h, crv, PKM_CK_RVtoStr(crv));
return crv;
}
pTemplate = (CK_ATTRIBUTE_PTR)calloc(number_of_all_known_attribute_types,
sizeof(CK_ATTRIBUTE));
- if ( (CK_ATTRIBUTE_PTR)NULL == pTemplate ) {
- PKM_Error( "[pTemplate memory allocation of %lu bytes failed]\n",
- number_of_all_known_attribute_types *
- sizeof(CK_ATTRIBUTE));
+ if ((CK_ATTRIBUTE_PTR)NULL == pTemplate) {
+ PKM_Error("[pTemplate memory allocation of %lu bytes failed]\n",
+ number_of_all_known_attribute_types *
+ sizeof(CK_ATTRIBUTE));
return crv;
}
- PKM_LogIt( " All objects:\n");
+ PKM_LogIt(" All objects:\n");
/* Printing table set to NOMODE */
curMode = MODE;
- MODE = NOMODE;
+ MODE = NOMODE;
while (1) {
CK_OBJECT_HANDLE o = (CK_OBJECT_HANDLE)0;
@@ -3578,29 +3655,29 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
CK_ULONG nAttributes = 0;
CK_ATTRIBUTE_PTR pT2;
CK_ULONG l;
- const char * attName = NULL;
+ const char *attName = NULL;
crv = pFunctionList->C_FindObjects(h, &o, 1, &nObjects);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_FindObjects(%lu, , 1, ) returned 0x%08X, %-26s\n",
- h, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_FindObjects(%lu, , 1, ) returned 0x%08X, %-26s\n",
+ h, crv, PKM_CK_RVtoStr(crv));
return crv;
}
- if ( 0 == nObjects ) {
- PKM_LogIt( "\n");
+ if (0 == nObjects) {
+ PKM_LogIt("\n");
break;
}
tnObjects++;
- PKM_LogIt( " OBJECT HANDLE %lu:\n", o);
+ PKM_LogIt(" OBJECT HANDLE %lu:\n", o);
k = 0;
- for (i=0; i < constCount; i++) {
+ for (i = 0; i < constCount; i++) {
if (consts[i].type == ConstAttribute) {
pTemplate[k].type = consts[i].value;
- pTemplate[k].pValue = (CK_VOID_PTR) NULL;
+ pTemplate[k].pValue = (CK_VOID_PTR)NULL;
pTemplate[k].ulValueLen = 0;
k++;
}
@@ -3608,123 +3685,125 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
}
crv = pFunctionList->C_GetAttributeValue(h, o, pTemplate,
- number_of_all_known_attribute_types);
- switch ( crv ) {
- case CKR_OK:
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_BUFFER_TOO_SMALL:
- break;
- default:
- PKM_Error( "C_GetAtributeValue(%lu, %lu, {all attribute types},"
- "%lu) returned 0x%08X, %-26s\n",
- h, o, number_of_all_known_attribute_types, crv,
- PKM_CK_RVtoStr(crv));
- return crv;
+ number_of_all_known_attribute_types);
+ switch (crv) {
+ case CKR_OK:
+ case CKR_ATTRIBUTE_SENSITIVE:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_BUFFER_TOO_SMALL:
+ break;
+ default:
+ PKM_Error("C_GetAtributeValue(%lu, %lu, {all attribute types},"
+ "%lu) returned 0x%08X, %-26s\n",
+ h, o, number_of_all_known_attribute_types, crv,
+ PKM_CK_RVtoStr(crv));
+ return crv;
}
- for ( k = 0; k < (CK_ULONG) number_of_all_known_attribute_types; k++) {
- if ( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
+ for (k = 0; k < (CK_ULONG)number_of_all_known_attribute_types; k++) {
+ if (-1 != (CK_LONG)pTemplate[k].ulValueLen) {
nAttributes++;
}
}
-
- PKM_LogIt( " %lu attributes:\n", nAttributes);
- for ( k = 0; k < (CK_ULONG) number_of_all_known_attribute_types;
- k++ ) {
- if ( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
+
+ PKM_LogIt(" %lu attributes:\n", nAttributes);
+ for (k = 0; k < (CK_ULONG)number_of_all_known_attribute_types;
+ k++) {
+ if (-1 != (CK_LONG)pTemplate[k].ulValueLen) {
attName = getNameFromAttribute(pTemplate[k].type);
if (!attName) {
PKM_Error("Unable to find attribute name update pk11table.c\n");
}
- PKM_LogIt( " %s 0x%08x (len = %lu)\n",
+ PKM_LogIt(" %s 0x%08x (len = %lu)\n",
attName,
pTemplate[k].type,
pTemplate[k].ulValueLen);
}
}
- PKM_LogIt( "\n");
-
+ PKM_LogIt("\n");
+
pT2 = (CK_ATTRIBUTE_PTR)calloc(nAttributes, sizeof(CK_ATTRIBUTE));
- if ( (CK_ATTRIBUTE_PTR)NULL == pT2 ) {
- PKM_Error( "[pT2 memory allocation of %lu bytes failed]\n",
- nAttributes * sizeof(CK_ATTRIBUTE));
+ if ((CK_ATTRIBUTE_PTR)NULL == pT2) {
+ PKM_Error("[pT2 memory allocation of %lu bytes failed]\n",
+ nAttributes * sizeof(CK_ATTRIBUTE));
return crv;
}
/* allocate memory for the attribute values */
- for ( l = 0, k = 0; k < (CK_ULONG) number_of_all_known_attribute_types;
- k++ ) {
- if ( -1 != (CK_LONG)pTemplate[k].ulValueLen ) {
+ for (l = 0, k = 0; k < (CK_ULONG)number_of_all_known_attribute_types;
+ k++) {
+ if (-1 != (CK_LONG)pTemplate[k].ulValueLen) {
pT2[l].type = pTemplate[k].type;
pT2[l].ulValueLen = pTemplate[k].ulValueLen;
if (pT2[l].ulValueLen > 0) {
pT2[l].pValue = (CK_VOID_PTR)malloc(pT2[l].ulValueLen);
- if ( (CK_VOID_PTR)NULL == pT2[l].pValue ) {
- PKM_Error( "pValue memory allocation of %lu bytes failed]\n",
+ if ((CK_VOID_PTR)NULL == pT2[l].pValue) {
+ PKM_Error("pValue memory allocation of %lu bytes failed]\n",
pT2[l].ulValueLen);
return crv;
}
- } else pT2[l].pValue = (CK_VOID_PTR) NULL;
+ } else
+ pT2[l].pValue = (CK_VOID_PTR)NULL;
l++;
}
}
- assert( l == nAttributes );
+ assert(l == nAttributes);
crv = pFunctionList->C_GetAttributeValue(h, o, pT2, nAttributes);
- switch ( crv ) {
- case CKR_OK:
- case CKR_ATTRIBUTE_SENSITIVE:
- case CKR_ATTRIBUTE_TYPE_INVALID:
- case CKR_BUFFER_TOO_SMALL:
- break;
- default:
- PKM_Error( "C_GetAtributeValue(%lu, %lu, {existent attribute"
- " types}, %lu) returned 0x%08X, %-26s\n",
- h, o, nAttributes, crv, PKM_CK_RVtoStr(crv));
- return crv;
+ switch (crv) {
+ case CKR_OK:
+ case CKR_ATTRIBUTE_SENSITIVE:
+ case CKR_ATTRIBUTE_TYPE_INVALID:
+ case CKR_BUFFER_TOO_SMALL:
+ break;
+ default:
+ PKM_Error("C_GetAtributeValue(%lu, %lu, {existent attribute"
+ " types}, %lu) returned 0x%08X, %-26s\n",
+ h, o, nAttributes, crv, PKM_CK_RVtoStr(crv));
+ return crv;
}
- for ( l = 0; l < nAttributes; l++ ) {
+ for (l = 0; l < nAttributes; l++) {
attName = getNameFromAttribute(pT2[l].type);
- if (!attName) attName = "unknown attribute";
- PKM_LogIt( " type = %s len = %ld",
- attName, (CK_LONG)pT2[l].ulValueLen);
+ if (!attName)
+ attName = "unknown attribute";
+ PKM_LogIt(" type = %s len = %ld",
+ attName, (CK_LONG)pT2[l].ulValueLen);
- if ( -1 == (CK_LONG)pT2[l].ulValueLen ) {
+ if (-1 == (CK_LONG)pT2[l].ulValueLen) {
;
} else {
CK_ULONG m;
- if ( pT2[l].ulValueLen <= 8 ) {
- PKM_LogIt( ", value = ");
+ if (pT2[l].ulValueLen <= 8) {
+ PKM_LogIt(", value = ");
} else {
- PKM_LogIt( ", value = \n ");
+ PKM_LogIt(", value = \n ");
}
- for ( m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++ ) {
- PKM_LogIt( "%02x", (CK_ULONG)(0xff &
- ((CK_CHAR_PTR)pT2[l].pValue)[m]));
+ for (m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++) {
+ PKM_LogIt("%02x", (CK_ULONG)(0xff &
+ ((CK_CHAR_PTR)pT2[l].pValue)[m]));
}
- PKM_LogIt( " ");
+ PKM_LogIt(" ");
- for ( m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++ ) {
+ for (m = 0; (m < pT2[l].ulValueLen) && (m < 20); m++) {
CK_CHAR c = ((CK_CHAR_PTR)pT2[l].pValue)[m];
- if ( (c < 0x20) || (c >= 0x7f) ) {
+ if ((c < 0x20) || (c >= 0x7f)) {
c = '.';
}
- PKM_LogIt( "%c", c);
+ PKM_LogIt("%c", c);
}
}
- PKM_LogIt( "\n");
+ PKM_LogIt("\n");
}
- PKM_LogIt( "\n");
+ PKM_LogIt("\n");
- for ( l = 0; l < nAttributes; l++ ) {
+ for (l = 0; l < nAttributes; l++) {
if (pT2[l].pValue) {
free(pT2[l].pValue);
}
@@ -3733,29 +3812,31 @@ CK_RV PKM_FindAllObjects(CK_FUNCTION_LIST_PTR pFunctionList,
} /* while(1) */
MODE = curMode; /* reset the logging MODE */
-
+
crv = pFunctionList->C_FindObjectsFinal(h);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", h, crv,
- PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", h, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt( " (%lu objects total)\n", tnObjects);
+ PKM_LogIt(" (%lu objects total)\n", tnObjects);
crv = pFunctionList->C_CloseSession(h);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_CloseSession(%lu) returned 0x%08X, %-26s\n", h, crv,
- PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_CloseSession(%lu) returned 0x%08X, %-26s\n", h, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return crv;
}
/* session to create, find, and delete a couple session objects */
-CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) {
+CK_RV
+PKM_MultiObjectManagement(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen)
+{
CK_RV crv = CKR_OK;
@@ -3764,47 +3845,47 @@ CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList,
CK_ATTRIBUTE one[7], two[7], three[7], delta[1], mask[1];
CK_OBJECT_CLASS cko_data = CKO_DATA;
char *key = "TEST PROGRAM";
- CK_ULONG key_len = 0;
+ CK_ULONG key_len = 0;
CK_OBJECT_HANDLE hOneIn = (CK_OBJECT_HANDLE)0;
CK_OBJECT_HANDLE hTwoIn = (CK_OBJECT_HANDLE)0;
CK_OBJECT_HANDLE hThreeIn = (CK_OBJECT_HANDLE)0;
CK_OBJECT_HANDLE hDeltaIn = (CK_OBJECT_HANDLE)0;
CK_OBJECT_HANDLE found[10];
CK_ULONG nFound;
- CK_ULONG hDeltaLen, hThreeLen = 0;
+ CK_ULONG hDeltaLen, hThreeLen = 0;
CK_TOKEN_INFO tinfo;
-
+
NUMTESTS++; /* increment NUMTESTS */
key_len = sizeof(key);
crv = pFunctionList->C_OpenSession(pSlotList[slotID],
CKF_SERIAL_SESSION, NULL, NULL, &h);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_OpenSession(%lu, CKF_SERIAL_SESSION, , )"
- "returned 0x%08X, %-26s\n", pSlotList[slotID], crv,
- PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_OpenSession(%lu, CKF_SERIAL_SESSION, , )"
+ "returned 0x%08X, %-26s\n",
+ pSlotList[slotID], crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_Login(h, CKU_USER, pwd, pwdLen);
if (crv == CKR_OK) {
PKM_LogIt("C_Login with correct password succeeded\n");
} else {
- PKM_Error( "C_Login with correct password failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Login with correct password failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
-
(void)memset(&tinfo, 0, sizeof(CK_TOKEN_INFO));
crv = pFunctionList->C_GetTokenInfo(pSlotList[slotID], &tinfo);
- if ( CKR_OK != crv ) {
+ if (CKR_OK != crv) {
PKM_Error("C_GetTokenInfo(%lu, ) returned 0x%08X, %-26s\n",
pSlotList[slotID], crv, PKM_CK_RVtoStr(crv));
return crv;
}
-
- PKM_LogIt( " Opened a session: handle = 0x%08x\n", h);
+ PKM_LogIt(" Opened a session: handle = 0x%08x\n", h);
one[0].type = CKA_CLASS;
one[0].pValue = &cko_data;
@@ -3873,27 +3954,27 @@ CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList,
three[6].ulValueLen = strlen(three[6].pValue);
crv = pFunctionList->C_CreateObject(h, one, 7, &hOneIn);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_CreateObject(%lu, one, 7, ) returned 0x%08X, %-26s\n",
- h, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_CreateObject(%lu, one, 7, ) returned 0x%08X, %-26s\n",
+ h, crv, PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt( " Created object one: handle = %lu\n", hOneIn);
+ PKM_LogIt(" Created object one: handle = %lu\n", hOneIn);
crv = pFunctionList->C_CreateObject(h, two, 7, &hTwoIn);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_CreateObject(%lu, two, 7, ) returned 0x%08X, %-26s\n",
- h, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_CreateObject(%lu, two, 7, ) returned 0x%08X, %-26s\n",
+ h, crv, PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt( " Created object two: handle = %lu\n", hTwoIn);
+ PKM_LogIt(" Created object two: handle = %lu\n", hTwoIn);
crv = pFunctionList->C_CreateObject(h, three, 7, &hThreeIn);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_CreateObject(%lu, three, 7, ) returned 0x%08x\n",
- h, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_CreateObject(%lu, three, 7, ) returned 0x%08x\n",
+ h, crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_GetObjectSize(h, hThreeIn, &hThreeLen);
@@ -3901,21 +3982,22 @@ CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList,
PKM_LogIt("C_GetObjectSize succeeded\n");
} else {
PKM_Error("C_GetObjectSize failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt( " Created object three: handle = %lu\n", hThreeIn);
+ PKM_LogIt(" Created object three: handle = %lu\n", hThreeIn);
delta[0].type = CKA_VALUE;
delta[0].pValue = "Copied object";
delta[0].ulValueLen = strlen(delta[0].pValue);
crv = pFunctionList->C_CopyObject(h, hThreeIn, delta, 1, &hDeltaIn);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_CopyObject(%lu, %lu, delta, 1, ) returned "
- "0x%08X, %-26s\n",
- h, hThreeIn, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_CopyObject(%lu, %lu, delta, 1, ) returned "
+ "0x%08X, %-26s\n",
+ h, hThreeIn, crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_GetObjectSize(h, hDeltaIn, &hDeltaLen);
@@ -3923,7 +4005,8 @@ CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList,
PKM_LogIt("C_GetObjectSize succeeded\n");
} else {
PKM_Error("C_GetObjectSize failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -3934,132 +4017,135 @@ CK_RV PKM_MultiObjectManagement (CK_FUNCTION_LIST_PTR pFunctionList,
return CKR_DEVICE_ERROR;
}
- PKM_LogIt( " Copied object three: new handle = %lu\n", hDeltaIn);
+ PKM_LogIt(" Copied object three: new handle = %lu\n", hDeltaIn);
mask[0].type = CKA_APPLICATION;
mask[0].pValue = key;
mask[0].ulValueLen = key_len;
crv = pFunctionList->C_FindObjectsInit(h, mask, 1);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_FindObjectsInit(%lu, mask, 1) returned 0x%08X, %-26s\n",
- h, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_FindObjectsInit(%lu, mask, 1) returned 0x%08X, %-26s\n",
+ h, crv, PKM_CK_RVtoStr(crv));
return crv;
}
(void)memset(&found, 0, sizeof(found));
nFound = 0;
crv = pFunctionList->C_FindObjects(h, found, 10, &nFound);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_FindObjects(%lu,, 10, ) returned 0x%08X, %-26s\n",
- h, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_FindObjects(%lu,, 10, ) returned 0x%08X, %-26s\n",
+ h, crv, PKM_CK_RVtoStr(crv));
return crv;
}
- if ( 4 != nFound ) {
- PKM_Error( "Found %lu objects, not 4.\n", nFound);
+ if (4 != nFound) {
+ PKM_Error("Found %lu objects, not 4.\n", nFound);
return crv;
}
- PKM_LogIt( " Found 4 objects: %lu, %lu, %lu, %lu\n",
- found[0], found[1], found[2], found[3]);
+ PKM_LogIt(" Found 4 objects: %lu, %lu, %lu, %lu\n",
+ found[0], found[1], found[2], found[3]);
crv = pFunctionList->C_FindObjectsFinal(h);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n",
- h, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n",
+ h, crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_DestroyObject(h, hThreeIn);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_DestroyObject(%lu, %lu) returned 0x%08X, %-26s\n", h,
- hThreeIn, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_DestroyObject(%lu, %lu) returned 0x%08X, %-26s\n", h,
+ hThreeIn, crv, PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt( " Destroyed object three (handle = %lu)\n", hThreeIn);
+ PKM_LogIt(" Destroyed object three (handle = %lu)\n", hThreeIn);
delta[0].type = CKA_APPLICATION;
delta[0].pValue = "Changed application";
delta[0].ulValueLen = strlen(delta[0].pValue);
crv = pFunctionList->C_SetAttributeValue(h, hTwoIn, delta, 1);
- if ( CKR_OK != crv ) {
+ if (CKR_OK != crv) {
PKM_Error("C_SetAttributeValue(%lu, %lu, delta, 1) returned "
"0x%08X, %-26s\n",
h, hTwoIn, crv, PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt( " Changed object two (handle = %lu).\n", hTwoIn);
+ PKM_LogIt(" Changed object two (handle = %lu).\n", hTwoIn);
/* Can another session find these session objects? */
crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION,
NULL, NULL, &h2);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_OpenSession(%lu, CKF_SERIAL_SESSION, , )"
- " returned 0x%08X, %-26s\n", pSlotList[slotID], crv,
- PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_OpenSession(%lu, CKF_SERIAL_SESSION, , )"
+ " returned 0x%08X, %-26s\n",
+ pSlotList[slotID], crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt( " Opened a second session: handle = 0x%08x\n", h2);
+ PKM_LogIt(" Opened a second session: handle = 0x%08x\n", h2);
/* mask is still the same */
crv = pFunctionList->C_FindObjectsInit(h2, mask, 1);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_FindObjectsInit(%lu, mask, 1) returned 0x%08X, %-26s\n",
- h2, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_FindObjectsInit(%lu, mask, 1) returned 0x%08X, %-26s\n",
+ h2, crv, PKM_CK_RVtoStr(crv));
return crv;
}
(void)memset(&found, 0, sizeof(found));
nFound = 0;
crv = pFunctionList->C_FindObjects(h2, found, 10, &nFound);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_FindObjects(%lu,, 10, ) returned 0x%08X, %-26s\n",
- h2, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_FindObjects(%lu,, 10, ) returned 0x%08X, %-26s\n",
+ h2, crv, PKM_CK_RVtoStr(crv));
return crv;
}
- if ( 2 != nFound ) {
- PKM_Error( "Found %lu objects, not 2.\n", nFound);
+ if (2 != nFound) {
+ PKM_Error("Found %lu objects, not 2.\n", nFound);
return crv;
}
- PKM_LogIt( " Found 2 objects: %lu, %lu\n",
- found[0], found[1]);
+ PKM_LogIt(" Found 2 objects: %lu, %lu\n",
+ found[0], found[1]);
crv = pFunctionList->C_FindObjectsFinal(h2);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", h2, crv,
- PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_FindObjectsFinal(%lu) returned 0x%08X, %-26s\n", h2, crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_Logout(h);
if (crv == CKR_OK) {
PKM_LogIt("C_Logout succeeded\n");
} else {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseAllSessions(pSlotList[slotID]);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_CloseAllSessions(%lu) returned 0x%08X, %-26s\n",
- pSlotList[slotID], crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_CloseAllSessions(%lu) returned 0x%08X, %-26s\n",
+ pSlotList[slotID], crv, PKM_CK_RVtoStr(crv));
return crv;
}
- PKM_LogIt( "\n");
+ PKM_LogIt("\n");
return crv;
}
-CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen) {
+CK_RV
+PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen)
+{
CK_SESSION_HANDLE hSession;
CK_RV crv = CKR_OK;
CK_MECHANISM sAESKeyMech = {
@@ -4069,51 +4155,49 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
CK_KEY_TYPE keyAESType = CKK_AES;
CK_UTF8CHAR AESlabel[] = "An AES secret key object";
CK_ULONG AESvalueLen = 16;
- CK_ATTRIBUTE sAESKeyTemplate[9];
+ CK_ATTRIBUTE sAESKeyTemplate[9];
CK_OBJECT_HANDLE sKey = CK_INVALID_HANDLE;
- CK_BYTE_PTR pstate = NULL;
+ CK_BYTE_PTR pstate = NULL;
CK_ULONG statelen, digestlen, plainlen, plainlen_1, plainlen_2, slen;
static const CK_UTF8CHAR *plaintext = (CK_UTF8CHAR *)"Firefox rules.";
static const CK_UTF8CHAR *plaintext_1 = (CK_UTF8CHAR *)"Thunderbird rules.";
- static const CK_UTF8CHAR *plaintext_2 = (CK_UTF8CHAR *)
- "Firefox and Thunderbird.";
+ static const CK_UTF8CHAR *plaintext_2 = (CK_UTF8CHAR *)"Firefox and Thunderbird.";
- char digest[MAX_DIGEST_SZ], digest_1[MAX_DIGEST_SZ];
- char sign[MAX_SIG_SZ];
+ char digest[MAX_DIGEST_SZ], digest_1[MAX_DIGEST_SZ];
+ char sign[MAX_SIG_SZ];
CK_MECHANISM signmech;
CK_MECHANISM digestmech;
NUMTESTS++; /* increment NUMTESTS */
-
/* AES key template */
- sAESKeyTemplate[0].type = CKA_CLASS;
- sAESKeyTemplate[0].pValue = &class;
+ sAESKeyTemplate[0].type = CKA_CLASS;
+ sAESKeyTemplate[0].pValue = &class;
sAESKeyTemplate[0].ulValueLen = sizeof(class);
- sAESKeyTemplate[1].type = CKA_KEY_TYPE;
- sAESKeyTemplate[1].pValue = &keyAESType;
+ sAESKeyTemplate[1].type = CKA_KEY_TYPE;
+ sAESKeyTemplate[1].pValue = &keyAESType;
sAESKeyTemplate[1].ulValueLen = sizeof(keyAESType);
- sAESKeyTemplate[2].type = CKA_LABEL;
- sAESKeyTemplate[2].pValue = AESlabel;
- sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel)-1;
- sAESKeyTemplate[3].type = CKA_ENCRYPT;
- sAESKeyTemplate[3].pValue = &true;
+ sAESKeyTemplate[2].type = CKA_LABEL;
+ sAESKeyTemplate[2].pValue = AESlabel;
+ sAESKeyTemplate[2].ulValueLen = sizeof(AESlabel) - 1;
+ sAESKeyTemplate[3].type = CKA_ENCRYPT;
+ sAESKeyTemplate[3].pValue = &true;
sAESKeyTemplate[3].ulValueLen = sizeof(true);
- sAESKeyTemplate[4].type = CKA_DECRYPT;
- sAESKeyTemplate[4].pValue = &true;
+ sAESKeyTemplate[4].type = CKA_DECRYPT;
+ sAESKeyTemplate[4].pValue = &true;
sAESKeyTemplate[4].ulValueLen = sizeof(true);
- sAESKeyTemplate[5].type = CKA_SIGN;
- sAESKeyTemplate[5].pValue = &true;
- sAESKeyTemplate[5].ulValueLen = sizeof (true);
- sAESKeyTemplate[6].type = CKA_VERIFY;
- sAESKeyTemplate[6].pValue = &true;
+ sAESKeyTemplate[5].type = CKA_SIGN;
+ sAESKeyTemplate[5].pValue = &true;
+ sAESKeyTemplate[5].ulValueLen = sizeof(true);
+ sAESKeyTemplate[6].type = CKA_VERIFY;
+ sAESKeyTemplate[6].pValue = &true;
sAESKeyTemplate[6].ulValueLen = sizeof(true);
- sAESKeyTemplate[7].type = CKA_UNWRAP;
- sAESKeyTemplate[7].pValue = &true;
+ sAESKeyTemplate[7].type = CKA_UNWRAP;
+ sAESKeyTemplate[7].pValue = &true;
sAESKeyTemplate[7].ulValueLen = sizeof(true);
- sAESKeyTemplate[8].type = CKA_VALUE_LEN;
- sAESKeyTemplate[8].pValue = &AESvalueLen;
+ sAESKeyTemplate[8].type = CKA_VALUE_LEN;
+ sAESKeyTemplate[8].pValue = &AESvalueLen;
sAESKeyTemplate[8].ulValueLen = sizeof(AESvalueLen);
signmech.mechanism = CKM_SHA_1_HMAC;
@@ -4123,18 +4207,16 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
digestmech.pParameter = NULL;
digestmech.ulParameterLen = 0;
-
plainlen = strlen((char *)plaintext);
plainlen_1 = strlen((char *)plaintext_1);
plainlen_2 = strlen((char *)plaintext_2);
digestlen = MAX_DIGEST_SZ;
-
crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION,
NULL, NULL, &hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -4142,8 +4224,9 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_Login with correct password succeeded\n");
} else {
- PKM_Error( "C_Login with correct password failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Login with correct password failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -4156,14 +4239,14 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_GenerateKey AES succeeded\n");
} else {
- PKM_Error( "C_GenerateKey AES failed with 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GenerateKey AES failed with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_SignInit(hSession, &signmech, sKey);
if (crv != CKR_OK) {
- PKM_Error("C_SignInit failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_SignInit failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
@@ -4172,14 +4255,14 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_Sign(hSession, (CK_BYTE_PTR)plaintext, plainlen,
(CK_BYTE_PTR)sign, &slen);
if (crv != CKR_OK) {
- PKM_Error("C_Sign failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_Sign failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_DestroyObject(hSession, sKey);
if (crv != CKR_OK) {
- PKM_Error("C_DestroyObject failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_DestroyObject failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
@@ -4187,29 +4270,29 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
digestlen = MAX_DIGEST_SZ;
crv = pFunctionList->C_DigestInit(hSession, &digestmech);
if (crv != CKR_OK) {
- PKM_Error("C_DigestInit failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_DigestInit failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_DigestUpdate(hSession, (CK_BYTE_PTR)plaintext,
plainlen);
if (crv != CKR_OK) {
- PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_GetOperationState(hSession, NULL, &statelen);
if (crv != CKR_OK) {
- PKM_Error("C_GetOperationState failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_GetOperationState failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
- pstate = (CK_BYTE_PTR) malloc(statelen * sizeof (CK_BYTE_PTR));
+ pstate = (CK_BYTE_PTR)malloc(statelen * sizeof(CK_BYTE_PTR));
crv = pFunctionList->C_GetOperationState(hSession, pstate, &statelen);
if (crv != CKR_OK) {
- PKM_Error("C_GetOperationState failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_GetOperationState failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
@@ -4217,14 +4300,14 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_DigestUpdate(hSession, (CK_BYTE_PTR)plaintext_1,
plainlen_1);
if (crv != CKR_OK) {
- PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_DigestUpdate(hSession, (CK_BYTE_PTR)plaintext_2,
plainlen_2);
if (crv != CKR_OK) {
- PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_DigestUpdate failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
@@ -4236,28 +4319,28 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_SetOperationState(hSession, pstate, statelen,
0, 0);
if (crv != CKR_OK) {
- PKM_Error("C_SetOperationState failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_SetOperationState failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_DigestFinal(hSession, (CK_BYTE_PTR)digest,
&digestlen);
if (crv != CKR_OK) {
- PKM_Error("C_DigestFinal failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_DigestFinal failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
digestlen = MAX_DIGEST_SZ;
crv = pFunctionList->C_DigestInit(hSession, &digestmech);
if (crv != CKR_OK) {
- PKM_Error("C_DigestInit failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_DigestInit failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_Digest(hSession, (CK_BYTE_PTR)plaintext, plainlen,
(CK_BYTE_PTR)digest_1, &digestlen);
if (crv != CKR_OK) {
- PKM_Error("C_Digest failed returned 0x%08X, %-26s\n", crv,
+ PKM_Error("C_Digest failed returned 0x%08X, %-26s\n", crv,
PKM_CK_RVtoStr(crv));
return crv;
}
@@ -4270,37 +4353,38 @@ CK_RV PKM_OperationalState(CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_Logout succeeded\n");
} else {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hSession);
- if ( CKR_OK != crv ) {
- PKM_Error( "C_CloseSession(%lu) returned 0x%08X, %-26s\n",
- hSession, crv, PKM_CK_RVtoStr(crv));
+ if (CKR_OK != crv) {
+ PKM_Error("C_CloseSession(%lu) returned 0x%08X, %-26s\n",
+ hSession, crv, PKM_CK_RVtoStr(crv));
return crv;
}
return crv;
}
-
/*
* Recover Functions
*/
-CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey,
- CK_MECHANISM *signMech, const CK_BYTE * pData,
- CK_ULONG pDataLen) {
+CK_RV
+PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hPubKey, CK_OBJECT_HANDLE hPrivKey,
+ CK_MECHANISM *signMech, const CK_BYTE *pData,
+ CK_ULONG pDataLen)
+{
CK_RV crv = CKR_OK;
CK_BYTE sig[MAX_SIG_SZ];
CK_ULONG sigLen = MAX_SIG_SZ;
CK_BYTE recover[MAX_SIG_SZ];
CK_ULONG recoverLen = MAX_SIG_SZ;
-
+
NUMTESTS++; /* increment NUMTESTS */
-
+
/* initializes a signature operation,
* where the data can be recovered from the signature
*/
@@ -4310,21 +4394,23 @@ CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
PKM_LogIt("C_SignRecoverInit succeeded. \n");
} else {
PKM_Error("C_SignRecoverInit failed.\n"
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
/* signs single-part data,
* where the data can be recovered from the signature
*/
- crv = pFunctionList->C_SignRecover(hSession, (CK_BYTE * )pData,
+ crv = pFunctionList->C_SignRecover(hSession, (CK_BYTE *)pData,
pDataLen,
- (CK_BYTE * )sig, &sigLen);
+ (CK_BYTE *)sig, &sigLen);
if (crv == CKR_OK) {
PKM_LogIt("C_SignRecover succeeded. \n");
} else {
PKM_Error("C_SignRecoverInit failed to create an RSA key pair.\n"
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -4338,7 +4424,8 @@ CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
PKM_LogIt("C_VerifyRecoverInit succeeded. \n");
} else {
PKM_Error("C_VerifyRecoverInit failed.\n"
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
@@ -4346,22 +4433,23 @@ CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
* verifies a signature on single-part data,
* where the data is recovered from the signature
*/
- crv = pFunctionList->C_VerifyRecover(hSession, (CK_BYTE * )sig,
+ crv = pFunctionList->C_VerifyRecover(hSession, (CK_BYTE *)sig,
sigLen,
- (CK_BYTE * )recover, &recoverLen);
+ (CK_BYTE *)recover, &recoverLen);
if (crv == CKR_OK) {
PKM_LogIt("C_VerifyRecover succeeded. \n");
} else {
PKM_Error("C_VerifyRecover failed.\n"
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
- if ((recoverLen == pDataLen)
- && (memcmp(recover, pData, pDataLen) == 0)) {
+ if ((recoverLen == pDataLen) &&
+ (memcmp(recover, pData, pDataLen) == 0)) {
PKM_LogIt("VerifyRecover test case passed\n");
} else {
- PKM_Error( "VerifyRecover test case failed\n");
+ PKM_Error("VerifyRecover test case failed\n");
}
return crv;
@@ -4371,14 +4459,16 @@ CK_RV PKM_RecoverFunctions(CK_FUNCTION_LIST_PTR pFunctionList,
* wrap the secretkey with the public key.
* unwrap the secretkey with the private key.
*/
-CK_RV PKM_wrapUnwrap(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hSession,
- CK_OBJECT_HANDLE hPublicKey,
- CK_OBJECT_HANDLE hPrivateKey,
- CK_MECHANISM *wrapMechanism,
- CK_OBJECT_HANDLE hSecretKey,
- CK_ATTRIBUTE *sKeyTemplate,
- CK_ULONG skeyTempSize) {
+CK_RV
+PKM_wrapUnwrap(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SESSION_HANDLE hSession,
+ CK_OBJECT_HANDLE hPublicKey,
+ CK_OBJECT_HANDLE hPrivateKey,
+ CK_MECHANISM *wrapMechanism,
+ CK_OBJECT_HANDLE hSecretKey,
+ CK_ATTRIBUTE *sKeyTemplate,
+ CK_ULONG skeyTempSize)
+{
CK_RV crv = CKR_OK;
CK_OBJECT_HANDLE hSecretKeyUnwrapped = CK_INVALID_HANDLE;
CK_BYTE wrappedKey[128];
@@ -4388,26 +4478,26 @@ CK_RV PKM_wrapUnwrap(CK_FUNCTION_LIST_PTR pFunctionList,
ulWrappedKeyLen = sizeof(wrappedKey);
crv = pFunctionList->C_WrapKey(
- hSession, wrapMechanism,
- hPublicKey, hSecretKey,
- wrappedKey, &ulWrappedKeyLen);
+ hSession, wrapMechanism,
+ hPublicKey, hSecretKey,
+ wrappedKey, &ulWrappedKeyLen);
if (crv == CKR_OK) {
PKM_LogIt("C_WrapKey succeeded\n");
} else {
- PKM_Error( "C_WrapKey failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_WrapKey failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_UnwrapKey(
- hSession, wrapMechanism, hPrivateKey,
- wrappedKey, ulWrappedKeyLen, sKeyTemplate,
- skeyTempSize,
- &hSecretKeyUnwrapped);
+ hSession, wrapMechanism, hPrivateKey,
+ wrappedKey, ulWrappedKeyLen, sKeyTemplate,
+ skeyTempSize,
+ &hSecretKeyUnwrapped);
if ((crv == CKR_OK) && (hSecretKeyUnwrapped != CK_INVALID_HANDLE)) {
PKM_LogIt("C_UnwrapKey succeeded\n");
} else {
- PKM_Error( "C_UnwrapKey failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_UnwrapKey failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -4426,11 +4516,11 @@ PKM_AttributeCheck(CK_FUNCTION_LIST_PTR pFunctionList,
CK_RV crv;
CK_ATTRIBUTE_PTR tmp_attrs;
unsigned int i;
-
+
NUMTESTS++; /* increment NUMTESTS */
/* First duplicate the themplate */
- tmp_attrs = malloc(expected_attrs_count * sizeof (CK_ATTRIBUTE));
+ tmp_attrs = malloc(expected_attrs_count * sizeof(CK_ATTRIBUTE));
if (tmp_attrs == NULL) {
PKM_Error("Internal test memory failure\n");
@@ -4459,8 +4549,8 @@ PKM_AttributeCheck(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_GetAttributeValue(hSession, obj, tmp_attrs,
expected_attrs_count);
if (crv != CKR_OK) {
- PKM_Error( "C_GetAttributeValue failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GetAttributeValue failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
crv = CKR_FUNCTION_FAILED;
goto out;
}
@@ -4470,15 +4560,15 @@ PKM_AttributeCheck(CK_FUNCTION_LIST_PTR pFunctionList,
if (memcmp(tmp_attrs[i].pValue, expected_attrs[i].pValue,
expected_attrs[i].ulValueLen) != 0) {
- PKM_LogIt("comparing attribute type 0x%x with expected 0x%x\n",
+ PKM_LogIt("comparing attribute type 0x%x with expected 0x%x\n",
tmp_attrs[i].type, expected_attrs[i].type);
- PKM_LogIt("comparing attribute type value 0x%x with expected 0x%x\n",
+ PKM_LogIt("comparing attribute type value 0x%x with expected 0x%x\n",
tmp_attrs[i].pValue, expected_attrs[i].pValue);
- /* don't report error at this time */
+ /* don't report error at this time */
}
}
- out:
+out:
for (i = 0; i < expected_attrs_count; i++)
free(tmp_attrs[i].pValue);
free(tmp_attrs);
@@ -4493,29 +4583,28 @@ PKM_MechCheck(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession,
CK_MECHANISM_TYPE mechType, CK_FLAGS flags,
CK_BBOOL check_sizes, CK_ULONG minkeysize, CK_ULONG maxkeysize)
{
- CK_SESSION_INFO sess_info;
- CK_MECHANISM_INFO mech_info;
- CK_RV crv;
+ CK_SESSION_INFO sess_info;
+ CK_MECHANISM_INFO mech_info;
+ CK_RV crv;
NUMTESTS++; /* increment NUMTESTS */
- if ((crv = pFunctionList->C_GetSessionInfo(hSession, &sess_info))
- != CKR_OK) {
- PKM_Error( "C_GetSessionInfo failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ if ((crv = pFunctionList->C_GetSessionInfo(hSession, &sess_info)) !=
+ CKR_OK) {
+ PKM_Error("C_GetSessionInfo failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return (CKR_FUNCTION_FAILED);
}
crv = pFunctionList->C_GetMechanismInfo(0, mechType,
&mech_info);
-
crv = pFunctionList->C_GetMechanismInfo(sess_info.slotID, mechType,
&mech_info);
if (crv != CKR_OK) {
- PKM_Error( "C_GetMechanismInfo failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GetMechanismInfo failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return (CKR_FUNCTION_FAILED);
}
@@ -4539,10 +4628,6 @@ PKM_MechCheck(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession,
return (CKR_OK);
}
-
-
-
-
/*
* Can be called with a non-null premaster_key_len for the
* *_DH mechanisms. In that case, no checking for the matching of
@@ -4550,89 +4635,90 @@ PKM_MechCheck(CK_FUNCTION_LIST_PTR pFunctionList, CK_SESSION_HANDLE hSession,
* The rnd argument tells which correct/bogus randomInfo to use.
*/
CK_RV
-PKM_TLSMasterKeyDerive( CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
- CK_MECHANISM_TYPE mechType,
- enum_random_t rnd) {
+PKM_TLSMasterKeyDerive(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
+ CK_MECHANISM_TYPE mechType,
+ enum_random_t rnd)
+{
CK_SESSION_HANDLE hSession;
CK_RV crv;
- CK_MECHANISM mk_mech;
- CK_VERSION version;
- CK_OBJECT_CLASS class = CKO_SECRET_KEY;
- CK_KEY_TYPE type = CKK_GENERIC_SECRET;
- CK_BBOOL derive_bool = true;
- CK_ATTRIBUTE attrs[4];
- CK_ULONG attrs_count = 4;
- CK_OBJECT_HANDLE pmk_obj = CK_INVALID_HANDLE;
- CK_OBJECT_HANDLE mk_obj = CK_INVALID_HANDLE;
+ CK_MECHANISM mk_mech;
+ CK_VERSION version;
+ CK_OBJECT_CLASS class = CKO_SECRET_KEY;
+ CK_KEY_TYPE type = CKK_GENERIC_SECRET;
+ CK_BBOOL derive_bool = true;
+ CK_ATTRIBUTE attrs[4];
+ CK_ULONG attrs_count = 4;
+ CK_OBJECT_HANDLE pmk_obj = CK_INVALID_HANDLE;
+ CK_OBJECT_HANDLE mk_obj = CK_INVALID_HANDLE;
CK_SSL3_MASTER_KEY_DERIVE_PARAMS mkd_params;
- CK_MECHANISM skmd_mech;
+ CK_MECHANISM skmd_mech;
CK_BBOOL isDH = false;
-
+
NUMTESTS++; /* increment NUMTESTS */
- attrs[0].type = CKA_CLASS;
- attrs[0].pValue = &class;
- attrs[0].ulValueLen = sizeof (class);
- attrs[1].type = CKA_KEY_TYPE;
- attrs[1].pValue = &type;
- attrs[1].ulValueLen = sizeof (type);
- attrs[2].type = CKA_DERIVE;
- attrs[2].pValue = &derive_bool;
- attrs[2].ulValueLen = sizeof (derive_bool);
- attrs[3].type = CKA_VALUE;
- attrs[3].pValue = NULL;
+ attrs[0].type = CKA_CLASS;
+ attrs[0].pValue = &class;
+ attrs[0].ulValueLen = sizeof(class);
+ attrs[1].type = CKA_KEY_TYPE;
+ attrs[1].pValue = &type;
+ attrs[1].ulValueLen = sizeof(type);
+ attrs[2].type = CKA_DERIVE;
+ attrs[2].pValue = &derive_bool;
+ attrs[2].ulValueLen = sizeof(derive_bool);
+ attrs[3].type = CKA_VALUE;
+ attrs[3].pValue = NULL;
attrs[3].ulValueLen = 0;
-
crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION,
NULL, NULL, &hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_Login(hSession, CKU_USER, pwd, pwdLen);
if (crv == CKR_OK) {
PKM_LogIt("C_Login with correct password succeeded\n");
} else {
- PKM_Error( "C_Login with correct password failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Login with correct password failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
/* Before all, check if the mechanism is supported correctly */
if (MODE == FIPSMODE) {
- crv = PKM_MechCheck(pFunctionList, hSession, mechType, CKF_DERIVE, false,
- 0, 0);
- if (crv != CKR_OK) {
- PKM_Error( "PKM_MechCheck failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
- return (crv);
- }
+ crv = PKM_MechCheck(pFunctionList, hSession, mechType, CKF_DERIVE, false,
+ 0, 0);
+ if (crv != CKR_OK) {
+ PKM_Error("PKM_MechCheck failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
+ return (crv);
+ }
}
mk_mech.mechanism = mechType;
mk_mech.pParameter = &mkd_params;
- mk_mech.ulParameterLen = sizeof (mkd_params);
+ mk_mech.ulParameterLen = sizeof(mkd_params);
switch (mechType) {
- case CKM_TLS_MASTER_KEY_DERIVE_DH:
- isDH = true;
+ case CKM_TLS_MASTER_KEY_DERIVE_DH:
+ isDH = true;
/* FALLTHRU */
- case CKM_TLS_MASTER_KEY_DERIVE:
- attrs[3].pValue = NULL;
- attrs[3].ulValueLen = 0;
-
- mkd_params.RandomInfo.pClientRandom = (unsigned char * ) TLSClientRandom;
- mkd_params.RandomInfo.ulClientRandomLen =
- sizeof (TLSClientRandom);
- mkd_params.RandomInfo.pServerRandom = (unsigned char * ) TLSServerRandom;
- mkd_params.RandomInfo.ulServerRandomLen =
- sizeof (TLSServerRandom);
- break;
+ case CKM_TLS_MASTER_KEY_DERIVE:
+ attrs[3].pValue = NULL;
+ attrs[3].ulValueLen = 0;
+
+ mkd_params.RandomInfo.pClientRandom = (unsigned char *)TLSClientRandom;
+ mkd_params.RandomInfo.ulClientRandomLen =
+ sizeof(TLSClientRandom);
+ mkd_params.RandomInfo.pServerRandom = (unsigned char *)TLSServerRandom;
+ mkd_params.RandomInfo.ulServerRandomLen =
+ sizeof(TLSServerRandom);
+ break;
}
mkd_params.pVersion = (!isDH) ? &version : NULL;
@@ -4640,8 +4726,7 @@ PKM_TLSMasterKeyDerive( CK_FUNCTION_LIST_PTR pFunctionList,
skmd_mech.mechanism = CKM_SSL3_PRE_MASTER_KEY_GEN;
skmd_mech.pParameter = &mkd_params;
- skmd_mech.ulParameterLen = sizeof (mkd_params);
-
+ skmd_mech.ulParameterLen = sizeof(mkd_params);
crv = pFunctionList->C_GenerateKey(hSession, &skmd_mech,
attrs,
@@ -4650,97 +4735,93 @@ PKM_TLSMasterKeyDerive( CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_GenerateKey succeeded\n");
} else {
- PKM_Error( "C_GenerateKey failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GenerateKey failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
-
}
/* Test the bad cases */
switch (rnd) {
- case CORRECT:
- goto correct;
+ case CORRECT:
+ goto correct;
- case BOGUS_CLIENT_RANDOM:
- mkd_params.RandomInfo.pClientRandom = NULL;
- break;
+ case BOGUS_CLIENT_RANDOM:
+ mkd_params.RandomInfo.pClientRandom = NULL;
+ break;
- case BOGUS_CLIENT_RANDOM_LEN:
- mkd_params.RandomInfo.ulClientRandomLen = 0;
- break;
+ case BOGUS_CLIENT_RANDOM_LEN:
+ mkd_params.RandomInfo.ulClientRandomLen = 0;
+ break;
- case BOGUS_SERVER_RANDOM:
- mkd_params.RandomInfo.pServerRandom = NULL;
- break;
+ case BOGUS_SERVER_RANDOM:
+ mkd_params.RandomInfo.pServerRandom = NULL;
+ break;
- case BOGUS_SERVER_RANDOM_LEN:
- mkd_params.RandomInfo.ulServerRandomLen = 0;
- break;
+ case BOGUS_SERVER_RANDOM_LEN:
+ mkd_params.RandomInfo.ulServerRandomLen = 0;
+ break;
}
crv = pFunctionList->C_DeriveKey(hSession, &mk_mech, pmk_obj, NULL, 0,
&mk_obj);
if (crv != CKR_MECHANISM_PARAM_INVALID) {
- PKM_LogIt( "C_DeriveKey returned as EXPECTED with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_LogIt("C_DeriveKey returned as EXPECTED with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
} else {
- PKM_Error( "C_DeriveKey did not fail with bad data \n" );
+ PKM_Error("C_DeriveKey did not fail with bad data \n");
}
goto out;
-
- correct:
+correct:
/* Now derive the master secret key */
crv = pFunctionList->C_DeriveKey(hSession, &mk_mech, pmk_obj, NULL, 0,
&mk_obj);
if (crv == CKR_OK) {
PKM_LogIt("C_DeriveKey succeeded\n");
} else {
- PKM_Error( "C_DeriveKey failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DeriveKey failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
-
}
- out:
+out:
if (pmk_obj != CK_INVALID_HANDLE)
- (void) pFunctionList->C_DestroyObject(hSession, pmk_obj);
+ (void)pFunctionList->C_DestroyObject(hSession, pmk_obj);
if (mk_obj != CK_INVALID_HANDLE)
- (void) pFunctionList->C_DestroyObject(hSession, mk_obj);
+ (void)pFunctionList->C_DestroyObject(hSession, mk_obj);
crv = pFunctionList->C_Logout(hSession);
if (crv == CKR_OK) {
PKM_LogIt("C_Logout succeeded\n");
} else {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return (crv);
}
-
CK_RV
-PKM_TLSKeyAndMacDerive( CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SLOT_ID * pSlotList, CK_ULONG slotID,
- CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
- CK_MECHANISM_TYPE mechType, enum_random_t rnd)
+PKM_TLSKeyAndMacDerive(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SLOT_ID *pSlotList, CK_ULONG slotID,
+ CK_UTF8CHAR_PTR pwd, CK_ULONG pwdLen,
+ CK_MECHANISM_TYPE mechType, enum_random_t rnd)
{
CK_SESSION_HANDLE hSession;
CK_RV crv;
- CK_MECHANISM kmd_mech;
- CK_MECHANISM skmd_mech;
- CK_OBJECT_CLASS class = CKO_SECRET_KEY;
- CK_KEY_TYPE type = CKK_GENERIC_SECRET;
- CK_BBOOL derive_bool = true;
- CK_BBOOL sign_bool = true, verify_bool = true;
- CK_BBOOL encrypt_bool = true, decrypt_bool = true;
- CK_ULONG value_len;
+ CK_MECHANISM kmd_mech;
+ CK_MECHANISM skmd_mech;
+ CK_OBJECT_CLASS class = CKO_SECRET_KEY;
+ CK_KEY_TYPE type = CKK_GENERIC_SECRET;
+ CK_BBOOL derive_bool = true;
+ CK_BBOOL sign_bool = true, verify_bool = true;
+ CK_BBOOL encrypt_bool = true, decrypt_bool = true;
+ CK_ULONG value_len;
/*
* We arrange this template so that:
@@ -4748,79 +4829,79 @@ PKM_TLSKeyAndMacDerive( CK_FUNCTION_LIST_PTR pFunctionList,
* . Attributes 2-5 are good for the master key creation template.
* . Attributes 3-8 are good for a cipher key comparison template.
*/
- CK_ATTRIBUTE attrs[9];
+ CK_ATTRIBUTE attrs[9];
- CK_OBJECT_HANDLE mk_obj = CK_INVALID_HANDLE;
+ CK_OBJECT_HANDLE mk_obj = CK_INVALID_HANDLE;
CK_SSL3_KEY_MAT_PARAMS km_params;
CK_SSL3_KEY_MAT_OUT kmo;
- CK_BYTE IVClient[8];
- CK_BYTE IVServer[8];
+ CK_BYTE IVClient[8];
+ CK_BYTE IVServer[8];
NUMTESTS++; /* increment NUMTESTS */
- attrs[0].type = CKA_SIGN;
- attrs[0].pValue = &sign_bool;
- attrs[0].ulValueLen = sizeof (sign_bool);
- attrs[1].type = CKA_VERIFY;
- attrs[1].pValue = &verify_bool;
- attrs[1].ulValueLen = sizeof (verify_bool);
- attrs[2].type = CKA_KEY_TYPE;
- attrs[2].pValue = &type;
- attrs[2].ulValueLen = sizeof (type);
- attrs[3].type = CKA_CLASS;
- attrs[3].pValue = &class;
- attrs[3].ulValueLen = sizeof (class);
- attrs[4].type = CKA_DERIVE;
- attrs[4].pValue = &derive_bool;
- attrs[4].ulValueLen = sizeof (derive_bool);
- attrs[5].type = CKA_VALUE;
- attrs[5].pValue = NULL;
+ attrs[0].type = CKA_SIGN;
+ attrs[0].pValue = &sign_bool;
+ attrs[0].ulValueLen = sizeof(sign_bool);
+ attrs[1].type = CKA_VERIFY;
+ attrs[1].pValue = &verify_bool;
+ attrs[1].ulValueLen = sizeof(verify_bool);
+ attrs[2].type = CKA_KEY_TYPE;
+ attrs[2].pValue = &type;
+ attrs[2].ulValueLen = sizeof(type);
+ attrs[3].type = CKA_CLASS;
+ attrs[3].pValue = &class;
+ attrs[3].ulValueLen = sizeof(class);
+ attrs[4].type = CKA_DERIVE;
+ attrs[4].pValue = &derive_bool;
+ attrs[4].ulValueLen = sizeof(derive_bool);
+ attrs[5].type = CKA_VALUE;
+ attrs[5].pValue = NULL;
attrs[5].ulValueLen = 0;
- attrs[6].type = CKA_VALUE_LEN;
- attrs[6].pValue = &value_len;
- attrs[6].ulValueLen = sizeof (value_len);
- attrs[7].type = CKA_ENCRYPT;
- attrs[7].pValue = &encrypt_bool;
- attrs[7].ulValueLen = sizeof (encrypt_bool);
- attrs[8].type = CKA_DECRYPT;
- attrs[8].pValue = &decrypt_bool;
- attrs[8].ulValueLen = sizeof (decrypt_bool);
+ attrs[6].type = CKA_VALUE_LEN;
+ attrs[6].pValue = &value_len;
+ attrs[6].ulValueLen = sizeof(value_len);
+ attrs[7].type = CKA_ENCRYPT;
+ attrs[7].pValue = &encrypt_bool;
+ attrs[7].ulValueLen = sizeof(encrypt_bool);
+ attrs[8].type = CKA_DECRYPT;
+ attrs[8].pValue = &decrypt_bool;
+ attrs[8].ulValueLen = sizeof(decrypt_bool);
crv = pFunctionList->C_OpenSession(pSlotList[slotID], CKF_SERIAL_SESSION,
NULL, NULL, &hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_OpenSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_OpenSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_Login(hSession, CKU_USER, pwd, pwdLen);
if (crv == CKR_OK) {
PKM_LogIt("C_Login with correct password succeeded\n");
} else {
- PKM_Error( "C_Login with correct password failed "
- "with 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Login with correct password failed "
+ "with 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
return crv;
}
-
/* Before all, check if the mechanism is supported correctly */
if (MODE == FIPSMODE) {
crv = PKM_MechCheck(pFunctionList, hSession, mechType, CKF_DERIVE,
CK_TRUE, 48, 48);
if (crv != CKR_OK) {
- PKM_Error( "PKM_MechCheck failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("PKM_MechCheck failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return (crv);
}
}
kmd_mech.mechanism = mechType;
kmd_mech.pParameter = &km_params;
- kmd_mech.ulParameterLen = sizeof (km_params);
+ kmd_mech.ulParameterLen = sizeof(km_params);
- km_params.ulMacSizeInBits = 128; /* an MD5 based MAC */
- km_params.ulKeySizeInBits = 192; /* 3DES key size */
- km_params.ulIVSizeInBits = 64; /* 3DES block size */
+ km_params.ulMacSizeInBits = 128; /* an MD5 based MAC */
+ km_params.ulKeySizeInBits = 192; /* 3DES key size */
+ km_params.ulIVSizeInBits = 64; /* 3DES block size */
km_params.pReturnedKeyMaterial = &kmo;
km_params.bIsExport = false;
kmo.hClientMacSecret = CK_INVALID_HANDLE;
@@ -4832,8 +4913,7 @@ PKM_TLSKeyAndMacDerive( CK_FUNCTION_LIST_PTR pFunctionList,
skmd_mech.mechanism = CKM_SSL3_PRE_MASTER_KEY_GEN;
skmd_mech.pParameter = &km_params;
- skmd_mech.ulParameterLen = sizeof (km_params);
-
+ skmd_mech.ulParameterLen = sizeof(km_params);
crv = pFunctionList->C_GenerateKey(hSession, &skmd_mech,
&attrs[2],
@@ -4842,54 +4922,54 @@ PKM_TLSKeyAndMacDerive( CK_FUNCTION_LIST_PTR pFunctionList,
if (crv == CKR_OK) {
PKM_LogIt("C_GenerateKey succeeded\n");
} else {
- PKM_Error( "C_GenerateKey failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_GenerateKey failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- attrs[5].pValue = NULL;
- attrs[5].ulValueLen = 0;
+ attrs[5].pValue = NULL;
+ attrs[5].ulValueLen = 0;
- km_params.RandomInfo.pClientRandom = (unsigned char *) TLSClientRandom;
+ km_params.RandomInfo.pClientRandom = (unsigned char *)TLSClientRandom;
km_params.RandomInfo.ulClientRandomLen =
- sizeof (TLSClientRandom);
- km_params.RandomInfo.pServerRandom = (unsigned char *) TLSServerRandom;
+ sizeof(TLSClientRandom);
+ km_params.RandomInfo.pServerRandom = (unsigned char *)TLSServerRandom;
km_params.RandomInfo.ulServerRandomLen =
- sizeof (TLSServerRandom);
+ sizeof(TLSServerRandom);
/* Test the bad cases */
switch (rnd) {
- case CORRECT:
- goto correct;
+ case CORRECT:
+ goto correct;
- case BOGUS_CLIENT_RANDOM:
- km_params.RandomInfo.pClientRandom = NULL;
- break;
+ case BOGUS_CLIENT_RANDOM:
+ km_params.RandomInfo.pClientRandom = NULL;
+ break;
- case BOGUS_CLIENT_RANDOM_LEN:
- km_params.RandomInfo.ulClientRandomLen = 0;
- break;
+ case BOGUS_CLIENT_RANDOM_LEN:
+ km_params.RandomInfo.ulClientRandomLen = 0;
+ break;
- case BOGUS_SERVER_RANDOM:
- km_params.RandomInfo.pServerRandom = NULL;
- break;
+ case BOGUS_SERVER_RANDOM:
+ km_params.RandomInfo.pServerRandom = NULL;
+ break;
- case BOGUS_SERVER_RANDOM_LEN:
- km_params.RandomInfo.ulServerRandomLen = 0;
- break;
+ case BOGUS_SERVER_RANDOM_LEN:
+ km_params.RandomInfo.ulServerRandomLen = 0;
+ break;
}
crv = pFunctionList->C_DeriveKey(hSession, &kmd_mech, mk_obj, NULL, 0,
NULL);
if (crv != CKR_MECHANISM_PARAM_INVALID) {
- PKM_Error( "key materials derivation returned unexpected "
- "error 0x%08X, %-26s\n", crv, PKM_CK_RVtoStr(crv));
- (void) pFunctionList->C_DestroyObject(hSession, mk_obj);
+ PKM_Error("key materials derivation returned unexpected "
+ "error 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
+ (void)pFunctionList->C_DestroyObject(hSession, mk_obj);
return (CKR_FUNCTION_FAILED);
-
}
return (CKR_OK);
- correct:
+correct:
/*
* Then use the master key and the client 'n server random data to
* derive the key materials
@@ -4897,52 +4977,54 @@ PKM_TLSKeyAndMacDerive( CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_DeriveKey(hSession, &kmd_mech, mk_obj, NULL, 0,
NULL);
if (crv != CKR_OK) {
- PKM_Error( "Cannot derive the key materials, crv 0x%08X, %-26s\n",
- crv, PKM_CK_RVtoStr(crv));
- (void) pFunctionList->C_DestroyObject(hSession, mk_obj);
+ PKM_Error("Cannot derive the key materials, crv 0x%08X, %-26s\n",
+ crv, PKM_CK_RVtoStr(crv));
+ (void)pFunctionList->C_DestroyObject(hSession, mk_obj);
return (crv);
}
if (mk_obj != CK_INVALID_HANDLE)
- (void) pFunctionList->C_DestroyObject(hSession, mk_obj);
+ (void)pFunctionList->C_DestroyObject(hSession, mk_obj);
if (kmo.hClientMacSecret != CK_INVALID_HANDLE)
- (void) pFunctionList->C_DestroyObject(hSession, kmo.hClientMacSecret);
+ (void)pFunctionList->C_DestroyObject(hSession, kmo.hClientMacSecret);
if (kmo.hServerMacSecret != CK_INVALID_HANDLE)
- (void) pFunctionList->C_DestroyObject(hSession, kmo.hServerMacSecret);
+ (void)pFunctionList->C_DestroyObject(hSession, kmo.hServerMacSecret);
if (kmo.hClientKey != CK_INVALID_HANDLE)
- (void) pFunctionList->C_DestroyObject(hSession, kmo.hClientKey);
+ (void)pFunctionList->C_DestroyObject(hSession, kmo.hClientKey);
if (kmo.hServerKey != CK_INVALID_HANDLE)
- (void) pFunctionList->C_DestroyObject(hSession, kmo.hServerKey);
+ (void)pFunctionList->C_DestroyObject(hSession, kmo.hServerKey);
crv = pFunctionList->C_Logout(hSession);
if (crv == CKR_OK) {
PKM_LogIt("C_Logout succeeded\n");
} else {
- PKM_Error( "C_Logout failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Logout failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_CloseSession(hSession);
if (crv != CKR_OK) {
- PKM_Error( "C_CloseSession failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_CloseSession failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
return (crv);
}
-CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hRwSession,
- CK_OBJECT_HANDLE publicKey, CK_OBJECT_HANDLE privateKey,
- CK_MECHANISM *sigMech,
- CK_OBJECT_HANDLE secretKey, CK_MECHANISM *cryptMech,
- const CK_BYTE * pData, CK_ULONG pDataLen) {
+CK_RV
+PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SESSION_HANDLE hRwSession,
+ CK_OBJECT_HANDLE publicKey, CK_OBJECT_HANDLE privateKey,
+ CK_MECHANISM *sigMech,
+ CK_OBJECT_HANDLE secretKey, CK_MECHANISM *cryptMech,
+ const CK_BYTE *pData, CK_ULONG pDataLen)
+{
CK_RV crv = CKR_OK;
CK_BYTE encryptedData[MAX_CIPHER_SZ];
CK_ULONG ulEncryptedDataLen = 0;
- CK_ULONG ulLastUpdateSize = 0 ;
+ CK_ULONG ulLastUpdateSize = 0;
CK_BYTE sig[MAX_SIG_SZ];
CK_ULONG ulSigLen = 0;
CK_BYTE data[MAX_DATA_SZ];
@@ -4956,8 +5038,8 @@ CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList,
/* Check that the mechanism is Multi-part */
if (sigMech->mechanism == CKM_DSA || sigMech->mechanism == CKM_RSA_PKCS) {
- PKM_Error( "PKM_DualFuncSign must be called with a Multi-part "
- "operation mechanism\n");
+ PKM_Error("PKM_DualFuncSign must be called with a Multi-part "
+ "operation mechanism\n");
return CKR_DEVICE_ERROR;
}
@@ -4965,51 +5047,50 @@ CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList,
if (privateKey == 0 && publicKey == 0) {
crv = pFunctionList->C_SignInit(hRwSession, sigMech, secretKey);
if (crv != CKR_OK) {
- PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
} else {
crv = pFunctionList->C_SignInit(hRwSession, sigMech, privateKey);
if (crv != CKR_OK) {
- PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- }
+ }
crv = pFunctionList->C_EncryptInit(hRwSession, cryptMech, secretKey);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
-
ulEncryptedDataLen = sizeof(encryptedData);
- crv = pFunctionList->C_SignEncryptUpdate(hRwSession, (CK_BYTE * ) pData,
+ crv = pFunctionList->C_SignEncryptUpdate(hRwSession, (CK_BYTE *)pData,
pDataLen,
encryptedData,
&ulEncryptedDataLen);
if (crv != CKR_OK) {
- PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
ulLastUpdateSize = sizeof(encryptedData) - ulEncryptedDataLen;
crv = pFunctionList->C_EncryptFinal(hRwSession,
- (CK_BYTE * )&encryptedData[ulEncryptedDataLen], &ulLastUpdateSize);
+ (CK_BYTE *)&encryptedData[ulEncryptedDataLen], &ulLastUpdateSize);
if (crv != CKR_OK) {
- PKM_Error( "C_EncryptFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_EncryptFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- ulEncryptedDataLen = ulEncryptedDataLen + ulLastUpdateSize;
+ ulEncryptedDataLen = ulEncryptedDataLen + ulLastUpdateSize;
ulSigLen = sizeof(sig);
crv = pFunctionList->C_SignFinal(hRwSession, sig, &ulSigLen);
if (crv != CKR_OK) {
- PKM_Error( "C_SignFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -5017,15 +5098,15 @@ CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_DecryptInit(hRwSession, cryptMech, secretKey);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
crv = pFunctionList->C_VerifyInit(hRwSession, sigMech,
publicKey);
if (crv != CKR_OK) {
- PKM_Error( "C_VerifyInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
@@ -5035,8 +5116,8 @@ CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList,
ulEncryptedDataLen,
data, &ulDataLen);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptVerifyUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptVerifyUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
ulLastUpdateSize = sizeof(data) - ulDataLen;
@@ -5044,51 +5125,52 @@ CK_RV PKM_DualFuncSign(CK_FUNCTION_LIST_PTR pFunctionList,
crv = pFunctionList->C_DecryptFinal(hRwSession, &data[ulDataLen],
&ulLastUpdateSize);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
-
+
if (ulLastUpdateSize != 0) {
crv = pFunctionList->C_VerifyUpdate(hRwSession, &data[ulDataLen],
- ulLastUpdateSize);
+ ulLastUpdateSize);
if (crv != CKR_OK) {
- PKM_Error( "C_DecryptFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DecryptFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
}
- ulDataLen = ulDataLen + ulLastUpdateSize;
+ ulDataLen = ulDataLen + ulLastUpdateSize;
/* input for the verify operation is the decrypted data */
crv = pFunctionList->C_VerifyFinal(hRwSession, sig, ulSigLen);
if (crv == CKR_OK) {
PKM_LogIt("C_VerifyFinal succeeded\n");
} else {
- PKM_Error( "C_VerifyFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_VerifyFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
/* Comparison of Decrypted data with inputed data */
- if ( (ulDataLen == pDataLen) &&
- (memcmp(data, pData, pDataLen) == 0) ) {
+ if ((ulDataLen == pDataLen) &&
+ (memcmp(data, pData, pDataLen) == 0)) {
PKM_LogIt("PKM_DualFuncSign decrypt test case passed\n");
} else {
- PKM_Error( "PKM_DualFuncSign derypt test case failed\n");
+ PKM_Error("PKM_DualFuncSign derypt test case failed\n");
}
return crv;
-
}
-CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList,
- CK_SESSION_HANDLE hSession,
- CK_MECHANISM *digestMech, CK_OBJECT_HANDLE hSecretKey,
- const CK_BYTE * pData, CK_ULONG pDataLen) {
+CK_RV
+PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList,
+ CK_SESSION_HANDLE hSession,
+ CK_MECHANISM *digestMech, CK_OBJECT_HANDLE hSecretKey,
+ const CK_BYTE *pData, CK_ULONG pDataLen)
+{
CK_RV crv = CKR_OK;
CK_BYTE digest1[MAX_DIGEST_SZ];
- CK_ULONG digest1Len = 0 ;
+ CK_ULONG digest1Len = 0;
CK_BYTE digest2[MAX_DIGEST_SZ];
CK_ULONG digest2Len = 0;
@@ -5096,46 +5178,45 @@ CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList,
memset(digest1, 0, sizeof(digest1));
memset(digest2, 0, sizeof(digest2));
-
+
NUMTESTS++; /* increment NUMTESTS */
crv = pFunctionList->C_DigestInit(hSession, digestMech);
if (crv != CKR_OK) {
- PKM_Error( "C_SignInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_SignInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
digest1Len = sizeof(digest1);
- crv = pFunctionList->C_Digest(hSession, (CK_BYTE * ) pData, pDataLen,
- digest1, &digest1Len);
+ crv = pFunctionList->C_Digest(hSession, (CK_BYTE *)pData, pDataLen,
+ digest1, &digest1Len);
if (crv != CKR_OK) {
- PKM_Error( "C_Sign failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_Sign failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
-
crv = pFunctionList->C_DigestInit(hSession, digestMech);
if (crv != CKR_OK) {
- PKM_Error( "C_DigestInit failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DigestInit failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- crv = pFunctionList->C_DigestUpdate(hSession, (CK_BYTE * ) pData, pDataLen);
+ crv = pFunctionList->C_DigestUpdate(hSession, (CK_BYTE *)pData, pDataLen);
if (crv != CKR_OK) {
- PKM_Error( "C_DigestUpdate failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DigestUpdate failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
-
+
/* C_DigestKey continues a multiple-part message-digesting operation by*/
/* digesting the value of a secret key. (only used with C_DigestUpdate)*/
if (hSecretKey != 0) {
crv = pFunctionList->C_DigestKey(hSession, hSecretKey);
if (crv != CKR_OK) {
- PKM_Error( "C_DigestKey failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DigestKey failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
}
@@ -5143,37 +5224,36 @@ CK_RV PKM_Digest(CK_FUNCTION_LIST_PTR pFunctionList,
digest2Len = sizeof(digest2);
crv = pFunctionList->C_DigestFinal(hSession, digest2, &digest2Len);
if (crv != CKR_OK) {
- PKM_Error( "C_DigestFinal failed with 0x%08X, %-26s\n", crv,
- PKM_CK_RVtoStr(crv));
+ PKM_Error("C_DigestFinal failed with 0x%08X, %-26s\n", crv,
+ PKM_CK_RVtoStr(crv));
return crv;
}
- if (hSecretKey == 0){
- /* did not digest a secret key so digests should equal */
- if ( (digest1Len == digest2Len)
- && (memcmp(digest1, digest2, digest1Len) == 0) ) {
- PKM_LogIt("Single and Multiple-part message digest "
- "operations successful\n");
- } else {
- PKM_Error("Single and Multiple-part message digest "
- "operations failed\n");
- }
+ if (hSecretKey == 0) {
+ /* did not digest a secret key so digests should equal */
+ if ((digest1Len == digest2Len) &&
+ (memcmp(digest1, digest2, digest1Len) == 0)) {
+ PKM_LogIt("Single and Multiple-part message digest "
+ "operations successful\n");
+ } else {
+ PKM_Error("Single and Multiple-part message digest "
+ "operations failed\n");
+ }
} else {
- if (digest1Len == digest2Len) {
+ if (digest1Len == digest2Len) {
PKM_LogIt("PKM_Digest Single and Multiple-part message digest "
- "operations successful\n");
+ "operations successful\n");
} else {
PKM_Error("PKM_Digest Single and Multiple-part message digest "
- "operations failed\n");
+ "operations failed\n");
}
-
}
return crv;
-
}
-char * PKM_FilePasswd(char *pwFile)
+char *
+PKM_FilePasswd(char *pwFile)
{
unsigned char phrase[200];
PRFileDesc *fd;
@@ -5190,20 +5270,22 @@ char * PKM_FilePasswd(char *pwFile)
}
nb = PR_Read(fd, phrase, sizeof(phrase));
-
+
PR_Close(fd);
/* handle the Windows EOL case */
i = 0;
- while (phrase[i] != '\r' && phrase[i] != '\n' && i < nb) i++;
+ while (phrase[i] != '\r' && phrase[i] != '\n' && i < nb)
+ i++;
phrase[i] = '\0';
if (nb == 0) {
- fprintf(stderr,"password file contains no data\n");
+ fprintf(stderr, "password file contains no data\n");
return NULL;
}
- return (char*) strdup((char*)phrase);
+ return (char *)strdup((char *)phrase);
}
-void PKM_Help()
+void
+PKM_Help()
{
PRFileDesc *debug_out = PR_GetSpecialFD(PR_StandardError);
PR_fprintf(debug_out, "pk11mode test program usage:\n");
@@ -5217,29 +5299,30 @@ void PKM_Help()
exit(1);
}
-void PKM_CheckPath(char *string)
+void
+PKM_CheckPath(char *string)
{
- char *src;
- char *dest;
+ char *src;
+ char *dest;
- /*
+ /*
* windows support convert any back slashes to
* forward slashes.
*/
- for (src=string, dest=string; *src; src++,dest++) {
- if (*src == '\\') {
- *dest = '/';
- }
- }
- dest--;
- /* if the last char is a / set it to 0 */
- if (*dest == '/')
- *dest = 0;
-
+ for (src = string, dest = string; *src; src++, dest++) {
+ if (*src == '\\') {
+ *dest = '/';
+ }
+ }
+ dest--;
+ /* if the last char is a / set it to 0 */
+ if (*dest == '/')
+ *dest = 0;
}
-CK_RV PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList,
- PRBool forkAssert, CK_C_INITIALIZE_ARGS_NSS *initArgs)
+CK_RV
+PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList,
+ PRBool forkAssert, CK_C_INITIALIZE_ARGS_NSS *initArgs)
{
CK_RV crv = CKR_OK;
#ifndef NO_FORK_CHECK
@@ -5247,59 +5330,58 @@ CK_RV PKM_ForkCheck(int expected, CK_FUNCTION_LIST_PTR fList,
pid_t child, ret;
NUMTESTS++; /* increment NUMTESTS */
if (forkAssert) {
- putenv("NSS_STRICT_NOFORK=1");
+ putenv("NSS_STRICT_NOFORK=1");
} else {
- putenv("NSS_STRICT_NOFORK=0");
+ putenv("NSS_STRICT_NOFORK=0");
}
child = fork();
switch (child) {
- case -1:
- PKM_Error("Fork failed.\n");
- crv = CKR_DEVICE_ERROR;
- break;
- case 0:
- if (fList) {
- if (!initArgs) {
- /* If softoken is loaded, make a PKCS#11 call to C_GetTokenInfo
+ case -1:
+ PKM_Error("Fork failed.\n");
+ crv = CKR_DEVICE_ERROR;
+ break;
+ case 0:
+ if (fList) {
+ if (!initArgs) {
+ /* If softoken is loaded, make a PKCS#11 call to C_GetTokenInfo
* in the child. This call should always fail.
* If softoken is uninitialized,
* it fails with CKR_CRYPTOKI_NOT_INITIALIZED.
* If it was initialized in the parent, the fork check should
* kick in, and make it return CKR_DEVICE_ERROR.
*/
- CK_RV child_crv = fList->C_GetTokenInfo(0, NULL);
- exit(child_crv & 255);
- } else {
- /* If softoken is loaded, make a PKCS#11 call to C_Initialize
+ CK_RV child_crv = fList->C_GetTokenInfo(0, NULL);
+ exit(child_crv & 255);
+ } else {
+ /* If softoken is loaded, make a PKCS#11 call to C_Initialize
* in the child. This call should always fail.
* If softoken is uninitialized, this should succeed.
* If it was initialized in the parent, the fork check should
* kick in, and make it return CKR_DEVICE_ERROR.
*/
- CK_RV child_crv = fList->C_Initialize(initArgs);
- if (CKR_OK == child_crv) {
- child_crv = fList->C_Finalize(NULL);
+ CK_RV child_crv = fList->C_Initialize(initArgs);
+ if (CKR_OK == child_crv) {
+ child_crv = fList->C_Finalize(NULL);
+ }
+ exit(child_crv & 255);
}
- exit(child_crv & 255);
}
- }
- exit(expected & 255);
- default:
- PKM_LogIt("Fork succeeded.\n");
- ret = wait(&rc);
- if (ret != child || (!WIFEXITED(rc)) ||
- ( (expected & 255) != (WEXITSTATUS(rc) & 255)) ) {
- int retStatus = -1;
- if (WIFEXITED(rc)) {
- retStatus = WEXITSTATUS(rc);
+ exit(expected & 255);
+ default:
+ PKM_LogIt("Fork succeeded.\n");
+ ret = wait(&rc);
+ if (ret != child || (!WIFEXITED(rc)) ||
+ ((expected & 255) != (WEXITSTATUS(rc) & 255))) {
+ int retStatus = -1;
+ if (WIFEXITED(rc)) {
+ retStatus = WEXITSTATUS(rc);
+ }
+ PKM_Error("Child misbehaved.\n");
+ printf("Child return status : %d.\n", retStatus & 255);
+ crv = CKR_DEVICE_ERROR;
}
- PKM_Error("Child misbehaved.\n");
- printf("Child return status : %d.\n", retStatus & 255);
- crv = CKR_DEVICE_ERROR;
- }
- break;
+ break;
}
#endif
return crv;
}
-
diff --git a/nss/cmd/pk11mode/pk11mode.gyp b/nss/cmd/pk11mode/pk11mode.gyp
new file mode 100644
index 0000000..ed042c1
--- /dev/null
+++ b/nss/cmd/pk11mode/pk11mode.gyp
@@ -0,0 +1,24 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+{
+ 'includes': [
+ '../../coreconf/config.gypi',
+ '../../cmd/platlibs.gypi'
+ ],
+ 'targets': [
+ {
+ 'target_name': 'pk11mode',
+ 'type': 'executable',
+ 'sources': [
+ 'pk11mode.c'
+ ],
+ 'dependencies': [
+ '<(DEPTH)/exports.gyp:nss_exports'
+ ]
+ }
+ ],
+ 'variables': {
+ 'module': 'nss'
+ }
+} \ No newline at end of file
View Lorry Controller Status