list.c revision 7711facfe58561dd91d6ece0f5f41150c3956c83
7711facfe58561dd91d6ece0f5f41150c3956c83dinak/*
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * CDDL HEADER START
7711facfe58561dd91d6ece0f5f41150c3956c83dinak *
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * The contents of this file are subject to the terms of the
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * Common Development and Distribution License, Version 1.0 only
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * (the "License"). You may not use this file except in compliance
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * with the License.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak *
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * or http://www.opensolaris.org/os/licensing.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * See the License for the specific language governing permissions
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * and limitations under the License.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak *
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * When distributing Covered Code, include this CDDL HEADER in each
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * If applicable, add the following below this CDDL HEADER, with the
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * fields enclosed by brackets "[]" replaced with your own identifying
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * information: Portions Copyright [yyyy] [name of copyright owner]
7711facfe58561dd91d6ece0f5f41150c3956c83dinak *
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * CDDL HEADER END
7711facfe58561dd91d6ece0f5f41150c3956c83dinak */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak/*
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * Copyright 2005 Sun Microsystems, Inc. All rights reserved.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * Use is subject to license terms.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak#pragma ident "%Z%%M% %I% %E% SMI"
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak/*
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * This file implements the token object list operation for this tool.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * It loads the PKCS#11 modules, finds the object to list, lists it,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * and cleans up. User must be logged into the token to list private
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * objects.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak#include <stdio.h>
7711facfe58561dd91d6ece0f5f41150c3956c83dinak#include <errno.h>
7711facfe58561dd91d6ece0f5f41150c3956c83dinak#include <string.h>
7711facfe58561dd91d6ece0f5f41150c3956c83dinak#include <cryptoutil.h>
7711facfe58561dd91d6ece0f5f41150c3956c83dinak#include <security/cryptoki.h>
7711facfe58561dd91d6ece0f5f41150c3956c83dinak#include "common.h"
7711facfe58561dd91d6ece0f5f41150c3956c83dinak#include "derparse.h"
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak/*
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * Get key size based on the key type.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak */
7711facfe58561dd91d6ece0f5f41150c3956c83dinakstatic CK_ULONG
7711facfe58561dd91d6ece0f5f41150c3956c83dinakget_key_size(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj, CK_KEY_TYPE key_type)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak{
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_RV rv = CKR_OK;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG key_size;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ATTRIBUTE modulus_sz =
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_MODULUS, NULL, 0 }; /* RSA */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ATTRIBUTE prime_sz =
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_PRIME, NULL, 0 }; /* DSA, DH X9.42 */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ATTRIBUTE value_sz =
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_VALUE, NULL_PTR, 0 }; /* DH, DES/DES3, AES, GENERIC */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("inside get_key_size");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak switch (key_type) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKK_RSA:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, &modulus_sz, 1)) !=
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get modulus attribute size (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak } else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Convert key size to bits. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak key_size = modulus_sz.ulValueLen * 8;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKK_DH:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, &value_sz, 1)) !=
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get value attribute size (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak } else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Convert key size to bits. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak key_size = value_sz.ulValueLen * 8;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKK_X9_42_DH:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKK_DSA:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, &prime_sz, 1)) !=
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get prime attribute size (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak } else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Convert key size to bits. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak key_size = prime_sz.ulValueLen * 8;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKK_DES:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKK_DES3:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, &value_sz, 1)) !=
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get value attribute size (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak } else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Convert key size to bits -- omitting parity bit. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak key_size = value_sz.ulValueLen * 7;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKK_AES:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKK_GENERIC_SECRET:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, &value_sz, 1)) !=
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get value attribute size (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak } else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Convert key size to bits. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak key_size = value_sz.ulValueLen * 8;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak default:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unknown object key type (0x%02x)."), key_type);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (key_size);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak}
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak/*
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * Display private key.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak */
7711facfe58561dd91d6ece0f5f41150c3956c83dinakstatic CK_RV
7711facfe58561dd91d6ece0f5f41150c3956c83dinakdisplay_prikey(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj, int counter)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak{
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_RV rv = CKR_OK;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_BBOOL private;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_BBOOL modifiable;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_KEY_TYPE key_type;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG key_size;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *label = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG label_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *id = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG id_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *subject = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG subject_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_DATE *start_date = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG start_date_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_DATE *end_date = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG end_date_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ATTRIBUTE attrs[18] = {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* 0 to 2 */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_PRIVATE, &private, sizeof (private) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_MODIFIABLE, &modifiable, sizeof (modifiable) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_KEY_TYPE, &key_type, sizeof (key_type) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* 3 to 12 */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_DERIVE, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_LOCAL, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_DECRYPT, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_SIGN, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_SIGN_RECOVER, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_UNWRAP, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_SENSITIVE, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_ALWAYS_SENSITIVE, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_EXTRACTABLE, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_NEVER_EXTRACTABLE, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* 13 to 17 */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_LABEL, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_ID, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_SUBJECT, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_START_DATE, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_END_DATE, NULL, 0 } /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* not displaying CKA_KEY_GEN_MECHANISM */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak };
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG n_attrs = sizeof (attrs) / sizeof (CK_ATTRIBUTE);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int i;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *hex_id = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int hex_id_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *hex_subject = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int hex_subject_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("inside display_prikey");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Get the sizes of the attributes we need. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("calling C_GetAttributeValue for size info");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, attrs, n_attrs)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get private key attribute sizes (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (rv);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Allocate memory for each variable-length attribute. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 3; i < n_attrs; i++) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen == (CK_ULONG)-1 ||
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen == 0) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("display_prikey: *** should not happen");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak continue;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((attrs[i].pValue = malloc(attrs[i].ulValueLen)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_prikey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Now really get the attributes. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("calling C_GetAttributeValue for attribute info");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, attrs, n_attrs)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get private key attributes (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_prikey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Fill in all the optional temp variables. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak i = 13;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &label, &label_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &id, &id_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &subject, &subject_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_date(&(attrs[i++]), &start_date, &start_date_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_date(&(attrs[i++]), &end_date, &end_date_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Get the key size for the object. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak key_size = get_key_size(sess, obj, key_type);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Display the object ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the label and what it is (and key size in bits) ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("%d. \"%.*s\" (%d-bit %s %s)\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak counter, label_len, label_len > 0 ? (char *)label :
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("<no label>"), key_size, keytype_str(key_type),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak class_str(CKO_PRIVATE_KEY));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the id ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (id_len == (CK_ULONG)-1 || id_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tId: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_id_len = 3 * id_len + 1;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((hex_id = malloc(hex_id_len)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_prikey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak octetify(id, id_len, hex_id, hex_id_len, B_FALSE, B_FALSE, 60,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "\n\t\t", "");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tId: %s\n"), hex_id);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(hex_id);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the subject name ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (subject_len == (CK_ULONG)-1 || subject_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tSubject: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_subject_len = 2 * subject_len + 1; /* best guesstimate */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((hex_subject = malloc(hex_subject_len)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_prikey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rdnseq_to_str(subject, subject_len, hex_subject,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_subject_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tSubject: %.*s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_subject_len, hex_subject);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(hex_subject);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the start date ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (start_date_len == (CK_ULONG)-1 || start_date_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tStart Date: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "\tStart Date: %02.2s/%02.2s/%04.4s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak start_date->month, start_date->day, start_date->year);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the end date ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (end_date_len == (CK_ULONG)-1 || end_date_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tEnd Date: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "\tEnd Date: %02.2s/%02.2s/%04.4s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak end_date->month, end_date->day, end_date->year);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... and its capabilities */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, "\t(%s, %s",
7711facfe58561dd91d6ece0f5f41150c3956c83dinak private != pk_false ? gettext("private") : gettext("public"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak modifiable == B_TRUE ? gettext("modifiable") :
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("not modifiable"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 3; i <= 12; i++) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen != (CK_ULONG)-1 &&
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen != 0 &&
7711facfe58561dd91d6ece0f5f41150c3956c83dinak *((CK_BBOOL *)(attrs[i].pValue)) == B_TRUE)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, ", %s", attr_str(attrs[i].type));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, ")\n");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinakfree_display_prikey:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 3; i < n_attrs; i++)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen != (CK_ULONG)-1 &&
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen != 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(attrs[i].pValue);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (rv);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak}
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak/*
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * Display public key.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak */
7711facfe58561dd91d6ece0f5f41150c3956c83dinakstatic CK_RV
7711facfe58561dd91d6ece0f5f41150c3956c83dinakdisplay_pubkey(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj, int counter)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak{
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_RV rv = CKR_OK;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_BBOOL private;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_BBOOL modifiable;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_BBOOL trusted;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_KEY_TYPE key_type;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG key_size;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *label = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG label_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *id = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG id_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *subject = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG subject_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_DATE *start_date = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG start_date_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_DATE *end_date = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG end_date_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ATTRIBUTE attrs[15] = {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* 0 to 3 */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_PRIVATE, &private, sizeof (private) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_MODIFIABLE, &modifiable, sizeof (modifiable) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_TRUSTED, &trusted, sizeof (trusted) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_KEY_TYPE, &key_type, sizeof (key_type) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* 4 to 9 */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_DERIVE, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_LOCAL, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_ENCRYPT, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_VERIFY, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_VERIFY_RECOVER, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_WRAP, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* 10 to 14 */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_LABEL, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_ID, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_SUBJECT, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_START_DATE, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_END_DATE, NULL, 0 } /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* not displaying CKA_KEY_GEN_MECHANISM */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak };
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG n_attrs = sizeof (attrs) / sizeof (CK_ATTRIBUTE);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int i;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *hex_id = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int hex_id_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *hex_subject = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int hex_subject_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("inside display_pubkey");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Get the sizes of the attributes we need. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("calling C_GetAttributeValue for size info");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, attrs, n_attrs)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get public key attribute sizes (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (rv);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Allocate memory for each variable-length attribute. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 4; i < n_attrs; i++) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen == (CK_ULONG)-1 ||
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen == 0) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("display_pubkey: *** should not happen");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak continue;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((attrs[i].pValue = malloc(attrs[i].ulValueLen)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_pubkey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Now really get the attributes. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("calling C_GetAttributeValue for attribute info");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, attrs, n_attrs)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get public key attributes (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_pubkey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Fill in all the optional temp variables. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak i = 10;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &label, &label_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &id, &id_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &subject, &subject_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_date(&(attrs[i++]), &start_date, &start_date_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_date(&(attrs[i++]), &end_date, &end_date_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Get the key size for the object. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak key_size = get_key_size(sess, obj, key_type);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Display the object ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the label and what it is (and key size in bits) ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("%d. \"%.*s\" (%d-bit %s %s)\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak counter, label_len, label_len > 0 ? (char *)label :
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("<no label>"), key_size, keytype_str(key_type),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak class_str(CKO_PUBLIC_KEY));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the id ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (id_len == (CK_ULONG)-1 || id_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tId: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_id_len = 3 * id_len + 1;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((hex_id = malloc(hex_id_len)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_pubkey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak octetify(id, id_len, hex_id, hex_id_len, B_FALSE, B_FALSE, 60,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "\n\t\t", "");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tId: %s\n"), hex_id);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(hex_id);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the subject name ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (subject_len == (CK_ULONG)-1 || subject_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tSubject: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_subject_len = 2 * subject_len + 1; /* best guesstimate */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((hex_subject = malloc(hex_subject_len)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_pubkey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rdnseq_to_str(subject, subject_len, hex_subject,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_subject_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tSubject: %.*s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_subject_len, hex_subject);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(hex_subject);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the start date ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (start_date_len == (CK_ULONG)-1 || start_date_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tStart Date: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "\tStart Date: %02.2s/%02.2s/%04.4s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak start_date->month, start_date->day, start_date->year);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the end date ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (end_date_len == (CK_ULONG)-1 || end_date_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tEnd Date: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "\tEnd Date: %02.2s/%02.2s/%04.4s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak end_date->month, end_date->day, end_date->year);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... and its capabilities */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, "\t(%s, %s, %s",
7711facfe58561dd91d6ece0f5f41150c3956c83dinak private == B_TRUE ? gettext("private") : gettext("public"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak modifiable == B_TRUE ? gettext("modifiable") :
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("not modifiable"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak trusted == B_TRUE ? gettext("trusted") : gettext("untrusted"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 4; i <= 9; i++) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen != (CK_ULONG)-1 &&
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen != 0 &&
7711facfe58561dd91d6ece0f5f41150c3956c83dinak *((CK_BBOOL *)(attrs[i].pValue)) == B_TRUE)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, ", %s", attr_str(attrs[i].type));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, ")\n");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinakfree_display_pubkey:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 4; i < n_attrs; i++)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen != (CK_ULONG)-1 &&
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen != 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(attrs[i].pValue);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (rv);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak}
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak/*
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * Display secret key.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak */
7711facfe58561dd91d6ece0f5f41150c3956c83dinakstatic CK_RV
7711facfe58561dd91d6ece0f5f41150c3956c83dinakdisplay_seckey(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj, int counter)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak{
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_RV rv = CKR_OK;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_BBOOL private;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_BBOOL modifiable;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_KEY_TYPE key_type;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_ULONG key_size;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *label = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG label_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *id = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG id_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_DATE *start_date = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG start_date_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_DATE *end_date = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG end_date_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ATTRIBUTE attrs[19] = {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* 0 to 2 */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_PRIVATE, &private, sizeof (private) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_MODIFIABLE, &modifiable, sizeof (modifiable) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_KEY_TYPE, &key_type, sizeof (key_type) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* 3 to 14 */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_DERIVE, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_LOCAL, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_ENCRYPT, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_DECRYPT, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_SIGN, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_VERIFY, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_WRAP, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_UNWRAP, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_SENSITIVE, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_ALWAYS_SENSITIVE, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_EXTRACTABLE, NULL, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_NEVER_EXTRACTABLE, 0 },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* 15 to 18 */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_LABEL, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_ID, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_START_DATE, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_END_DATE, NULL, 0 } /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* not displaying CKA_KEY_GEN_MECHANISM */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak };
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG n_attrs = sizeof (attrs) / sizeof (CK_ATTRIBUTE);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int i;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *hex_id = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int hex_id_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("inside display_seckey");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Get the sizes of the attributes we need. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("calling C_GetAttributeValue for size info");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, attrs, n_attrs)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get secret key attribute sizes (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (rv);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Allocate memory for each variable-length attribute. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 3; i < n_attrs; i++) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen == (CK_ULONG)-1 ||
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen == 0) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("display_seckey: *** should not happen");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak continue;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((attrs[i].pValue = malloc(attrs[i].ulValueLen)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_seckey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Now really get the attributes. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("calling C_GetAttributeValue for attribute info");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, attrs, n_attrs)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get secret key attributes (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_seckey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Fill in all the optional temp variables. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak i = 15;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &label, &label_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &id, &id_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_date(&(attrs[i++]), &start_date, &start_date_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_date(&(attrs[i++]), &end_date, &end_date_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Get the key size for the object. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak key_size = get_key_size(sess, obj, key_type);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Display the object ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the label and what it is (and key size in bytes) ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("%d. \"%.*s\" (%d-bit %s %s)\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak counter, label_len, label_len > 0 ? (char *)label :
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("<no label>"), key_size, keytype_str(key_type),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak class_str(CKO_SECRET_KEY));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the id ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (id_len == (CK_ULONG)-1 || id_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tId: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_id_len = 3 * id_len + 1;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((hex_id = malloc(hex_id_len)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_seckey;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak octetify(id, id_len, hex_id, hex_id_len, B_FALSE, B_FALSE, 60,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "\n\t\t", "");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tId: %s\n"), hex_id);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(hex_id);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the start date ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (start_date_len == (CK_ULONG)-1 || start_date_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tStart Date: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "\tStart Date: %02.2s/%02.2s/%04.4s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak start_date->month, start_date->day, start_date->year);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the end date ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (end_date_len == (CK_ULONG)-1 || end_date_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tEnd Date: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "\tEnd Date: %02.2s/%02.2s/%04.4s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak end_date->month, end_date->day, end_date->year);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... and its capabilities */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, "\t(%s, %s",
7711facfe58561dd91d6ece0f5f41150c3956c83dinak private == B_TRUE ? gettext("private") : gettext("public"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak modifiable == B_TRUE ? gettext("modifiable") :
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("not modifiable"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 3; i <= 14; i++) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen != (CK_ULONG)-1 &&
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen != 0 &&
7711facfe58561dd91d6ece0f5f41150c3956c83dinak *((CK_BBOOL *)(attrs[i].pValue)) == B_TRUE)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, ", %s", attr_str(attrs[i].type));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, ")\n");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinakfree_display_seckey:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 3; i < n_attrs; i++)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen != (CK_ULONG)-1 &&
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen != 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(attrs[i].pValue);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (rv);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak}
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak/*
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * Display certificate.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak */
7711facfe58561dd91d6ece0f5f41150c3956c83dinakstatic CK_RV
7711facfe58561dd91d6ece0f5f41150c3956c83dinakdisplay_cert(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj, int counter)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak{
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_RV rv = CKR_OK;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_BBOOL private;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_BBOOL modifiable;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_BBOOL trusted;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *subject = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG subject_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *value = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG value_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *label = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG label_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *id = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG id_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *issuer = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG issuer_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *serial = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG serial_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ATTRIBUTE attrs[9] = {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_PRIVATE, &private, sizeof (private) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_MODIFIABLE, &modifiable, sizeof (modifiable) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_TRUSTED, &trusted, sizeof (trusted) },
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_SUBJECT, NULL, 0 }, /* required */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_VALUE, NULL, 0 }, /* required */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_LABEL, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_ID, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_ISSUER, NULL, 0 }, /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_SERIAL_NUMBER, NULL, 0 } /* optional */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak };
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG n_attrs = sizeof (attrs) / sizeof (CK_ATTRIBUTE);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int i;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *hex_id = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int hex_id_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *hex_subject = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int hex_subject_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *hex_issuer = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int hex_issuer_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *hex_serial = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int hex_serial_len = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak uint32_t serial_value = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *hex_value = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int hex_value_len = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("inside display_cert");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Get the sizes of the attributes we need. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("calling C_GetAttributeValue for size info");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, attrs, n_attrs)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get certificate attribute sizes (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (rv);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Allocate memory for each variable-length attribute. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 3; i < n_attrs; i++) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen == (CK_ULONG)-1 ||
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen == 0) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("display_cert: *** should not happen");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak continue;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((attrs[i].pValue = malloc(attrs[i].ulValueLen)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_cert;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Now really get the attributes. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("calling C_GetAttributeValue for attribute info");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, obj, attrs, n_attrs)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get certificate attributes (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_cert;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /*
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * Fill in all the temp variables. Subject and value are required.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * The rest are optional.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak i = 3;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &subject, &subject_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &value, &value_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &label, &label_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &id, &id_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &issuer, &issuer_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak copy_attr_to_string(&(attrs[i++]), &serial, &serial_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Display the object ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the label and what it is ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("%d. \"%.*s\" (%s %s)\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak counter, label_len, label_len > 0 ? (char *)label :
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("<no label>"), "X.509", class_str(CKO_CERTIFICATE));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... its capabilities ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\t(%s, %s, %s)\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak private == B_TRUE ? gettext("private") : gettext("public"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak modifiable == B_TRUE ? gettext("modifiable") :
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("not modifiable"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak trusted == B_TRUE ? gettext("trusted") : gettext("untrusted"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the id ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (id_len == (CK_ULONG)-1 || id_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tId: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_id_len = 3 * id_len + 1;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((hex_id = malloc(hex_id_len)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_cert;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak octetify(id, id_len, hex_id, hex_id_len, B_FALSE, B_FALSE, 60,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "\n\t\t", "");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tId: %s\n"), hex_id);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(hex_id);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the subject name ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (subject_len == (CK_ULONG)-1 || subject_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tSubject: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_subject_len = 2 * subject_len + 1; /* best guesstimate */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((hex_subject = malloc(hex_subject_len)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_cert;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rdnseq_to_str(subject, subject_len, hex_subject,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_subject_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tSubject: %.*s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_subject_len, hex_subject);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(hex_subject);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the issuer name ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (issuer_len == (CK_ULONG)-1 || issuer_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tIssuer: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_issuer_len = 2 * issuer_len + 1; /* best guesstimate */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((hex_issuer = malloc(hex_issuer_len)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_cert;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rdnseq_to_str(issuer, issuer_len, hex_issuer, hex_issuer_len);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tIssuer: %.*s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_issuer_len, hex_issuer);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(hex_issuer);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... the serial number ... */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (serial_len == (CK_ULONG)-1 || serial_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tSerial: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_serial_len = 3 * serial_len + 1;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((hex_serial = malloc(hex_serial_len)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_cert;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak octetify(serial, serial_len, hex_serial, hex_serial_len,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak B_FALSE, B_FALSE, 60, "\n\t\t", "");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (serial_len > 4)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tSerial: %s\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_serial);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 0; i < serial_len; i++) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak serial_value <<= 8;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak serial_value |= (serial[i] & 0xff);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tSerial: %s (%d)\n"),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_serial, serial_value);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(hex_serial);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* ... and the value */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (value_len == (CK_ULONG)-1 || value_len == 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tValue: --\n"));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak hex_value_len = 3 * value_len + 1;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((hex_value = malloc(hex_value_len)) == NULL) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, "%s.", strerror(errno));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak rv = CKR_HOST_MEMORY;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak goto free_display_cert;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak octetify(value, value_len, hex_value, hex_value_len,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak B_FALSE, B_FALSE, 60, "\n\t\t", "");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak (void) fprintf(stdout, gettext("\tValue: %s\n"), hex_value);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(hex_value);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinakfree_display_cert:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 3; i < n_attrs; i++)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (attrs[i].ulValueLen != (CK_ULONG)-1 &&
7711facfe58561dd91d6ece0f5f41150c3956c83dinak attrs[i].ulValueLen != 0)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak free(attrs[i].pValue);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (rv);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak}
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak/*
7711facfe58561dd91d6ece0f5f41150c3956c83dinak * List token object.
7711facfe58561dd91d6ece0f5f41150c3956c83dinak */
7711facfe58561dd91d6ece0f5f41150c3956c83dinakint
7711facfe58561dd91d6ece0f5f41150c3956c83dinakpk_list(int argc, char *argv[])
7711facfe58561dd91d6ece0f5f41150c3956c83dinak{
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int opt;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak extern int optind;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak extern char *optarg;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *token_name = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *manuf_id = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char *serial_no = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak char full_name[FULL_NAME_LEN];
7711facfe58561dd91d6ece0f5f41150c3956c83dinak boolean_t public_objs = B_FALSE;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak boolean_t private_objs = B_FALSE;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_BYTE *list_label = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int obj_type = 0x00;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_SLOT_ID slot_id;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_FLAGS pin_state;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_UTF8CHAR_PTR pin = NULL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG pinlen = 0;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_SESSION_HANDLE sess;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_OBJECT_HANDLE *objs;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ULONG num_objs;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_RV rv = CKR_OK;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak int i;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak static CK_OBJECT_CLASS objclass;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CK_ATTRIBUTE class_attr =
7711facfe58561dd91d6ece0f5f41150c3956c83dinak { CKA_CLASS, &objclass, sizeof (objclass) };
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("inside pk_list");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Parse command line options. Do NOT i18n/l10n. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak while ((opt = getopt(argc, argv, "p(private)P(public)l:(label)")) !=
7711facfe58561dd91d6ece0f5f41150c3956c83dinak EOF) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak switch (opt) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case 'p': /* private objects */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak private_objs = B_TRUE;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak obj_type |= PK_PRIVATE_OBJ;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case 'P': /* public objects */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak public_objs = B_TRUE;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak obj_type |= PK_PUBLIC_OBJ;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case 'l': /* object with specific label */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (list_label)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (PK_ERR_USAGE);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak list_label = (CK_BYTE *)optarg;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak default:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (PK_ERR_USAGE);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* If nothing specified, default is public objects. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (!public_objs && !private_objs) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak public_objs = B_TRUE;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak obj_type |= PK_PUBLIC_OBJ;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* No additional args allowed. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak argc -= optind;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak argv += optind;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (argc)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (PK_ERR_USAGE);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Done parsing command line options. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* List operation only supported on softtoken. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (token_name == NULL)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak token_name = SOFT_TOKEN_LABEL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (manuf_id == NULL)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak manuf_id = SOFT_MANUFACTURER_ID;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (serial_no == NULL)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak serial_no = SOFT_TOKEN_SERIAL;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak full_token_name(token_name, manuf_id, serial_no, full_name);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Find the slot with token. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = find_token_slot(token_name, manuf_id, serial_no, &slot_id,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak &pin_state)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to find token %s (%s)."), full_name,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (PK_ERR_PK11);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* If private objects are to be listed, user must be logged in. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (private_objs) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Get the user's PIN. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = get_pin(gettext("Enter token passphrase:"), NULL,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak &pin, &pinlen)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("Unable to get token passphrase (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak quick_finish(NULL);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (PK_ERR_PK11);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Logging in user R/O into the token is sufficient. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("logging in with readonly session");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = quick_start(slot_id, 0, pin, pinlen, &sess)) !=
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("Unable to log into token (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak quick_finish(sess);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (PK_ERR_PK11);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Otherwise, just create a session. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak } else {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("opening a readonly session");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = open_sess(slot_id, 0, &sess)) != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("Unable to open token session (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak quick_finish(sess);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (PK_ERR_PK11);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Find the object(s) with the given label and/or type. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = find_objs(sess, obj_type, list_label, &objs, &num_objs)) !=
7711facfe58561dd91d6ece0f5f41150c3956c83dinak CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to find token objects (%s)."), pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak quick_finish(sess);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (PK_ERR_PK11);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if (num_objs == 0) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext("No objects found."));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak quick_finish(sess);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (0);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* List the objects found. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak for (i = 0; i < num_objs; i++) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Get object class first, then decide what is next. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptodebug("calling C_GetAttributeValue for object class");
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = C_GetAttributeValue(sess, objs[i], &class_attr, 1))
7711facfe58561dd91d6ece0f5f41150c3956c83dinak != CKR_OK) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unable to get object #%d class attribute (%s)."),
7711facfe58561dd91d6ece0f5f41150c3956c83dinak i+1, pkcs11_strerror(rv));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak continue;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Display based on the type of object. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak switch (objclass) {
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKO_CERTIFICATE:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = display_cert(sess, objs[i], i+1)) != CKR_OK)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("Unable to display certificate."));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKO_PUBLIC_KEY:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = display_pubkey(sess, objs[i], i+1)) != CKR_OK)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("Unable to display public key."));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKO_PRIVATE_KEY:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = display_prikey(sess, objs[i], i+1)) != CKR_OK)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("Unable to display private key."));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKO_SECRET_KEY:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak if ((rv = display_seckey(sess, objs[i], i+1)) != CKR_OK)
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("Unable to display secret key."));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak case CKO_DATA:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR,
7711facfe58561dd91d6ece0f5f41150c3956c83dinak gettext("Data object display not implemented."));
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak default:
7711facfe58561dd91d6ece0f5f41150c3956c83dinak cryptoerror(LOG_STDERR, gettext(
7711facfe58561dd91d6ece0f5f41150c3956c83dinak "Unknown token object class (0x%02x)."), objclass);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak break;
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak }
7711facfe58561dd91d6ece0f5f41150c3956c83dinak
7711facfe58561dd91d6ece0f5f41150c3956c83dinak /* Clean up. */
7711facfe58561dd91d6ece0f5f41150c3956c83dinak quick_finish(sess);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak return (0);
7711facfe58561dd91d6ece0f5f41150c3956c83dinak}