In-house patch created to clear any merge conflicts from source in archive
repo to build properly on Solaris.
--- CACKey-0.7.4/cackey.c 2016-05-19 14:16:48.230399914 -0400
+++ CACKey-0.7.4/cackey.c 2015-07-16 12:20:20.000000000 -0400
@@ -35,13 +35,10 @@
#ifdef HAVE_STDIO_H
# include <stdio.h>
#endif
-<<<<<<< HEAD
-=======
#define HAVE_ERRNO_H 1
#ifdef HAVE_ERRNO_H
# include <errno.h>
#endif
->>>>>>> trunk
#ifdef HAVE_ZLIB_H
# ifdef HAVE_LIBZ
# include <zlib.h>
@@ -51,12 +48,9 @@
# undef HAVE_LIBZ
# endif
#endif
-<<<<<<< HEAD
-=======
#ifdef CACKEY_DEBUG_SEARCH_SPEEDTEST
# include <sys/time.h>
#endif
->>>>>>> trunk
#define CK_PTR *
#define CK_DEFINE_FUNCTION(returnType, name) returnType name
@@ -73,17 +67,6 @@
#include "sha1.h"
#include "md5.h"
-<<<<<<< HEAD
-/*
- * Include these source files in this translation unit so that we can bind to
- * functions and not include any symbols in the output shared object.
- */
-#include "asn1-x509.c"
-#include "sha1.c"
-#include "md5.c"
-
-=======
->>>>>>> trunk
#ifndef CACKEY_CRYPTOKI_VERSION_CODE
# define CACKEY_CRYPTOKI_VERSION_CODE 0x021e00
#endif
@@ -102,10 +85,7 @@
#define GSCIS_INSTR_GET_CHALLENGE 0x84
#define GSCIS_INSTR_INTERNAL_AUTH 0x88
#define GSCIS_INSTR_VERIFY 0x20
-<<<<<<< HEAD
-=======
#define GSCIS_INSTR_CHANGE_REFERENCE 0x24
->>>>>>> trunk
#define GSCIS_INSTR_SIGN 0x2A
#define GSCIS_INSTR_GET_PROP 0x56
#define GSCIS_INSTR_GET_ACR 0x4C
@@ -173,13 +153,10 @@
#define GSCIS_TAG_SECURITY_CODE 0x57
#define GSCIS_TAG_CARDID_AID 0x58
-<<<<<<< HEAD
-=======
/*** PIV Codes ***/
#define NISTSP800_73_3_INSTR_GET_DATA 0xCB
#define NISTSP800_73_3_INSTR_GENAUTH 0x87
->>>>>>> trunk
/*** PKI Information - EF 7000 ***/
#define GSCIS_TAG_CERTIFICATE 0x70
#define GSCIS_TAG_CERT_ISSUE_DATE 0x71
@@ -187,8 +164,6 @@
/** Applet IDs **/
#define GSCIS_AID_CCC 0xA0, 0x00, 0x00, 0x01, 0x16, 0xDB, 0x00
-<<<<<<< HEAD
-=======
#define NISTSP800_73_3_PIV_AID 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00, 0x10, 0x00, 0x01, 0x00
/* PIV IDs */
@@ -207,7 +182,6 @@
#define NISTSP800_73_3_OID_SIGNATURE 0x5F, 0xC1, 0x0A
#define NISTSP800_73_3_OID_KEYMGT 0x5F, 0xC1, 0x0B
#define NISTSP800_73_3_OID_CARDAUTH 0x5F, 0xC1, 0x01
->>>>>>> trunk
/* Maximum size of data portion of APDUs */
/** Do not set this above 250 **/
@@ -222,17 +196,6 @@
# ifdef HAVE_TIME_H
# include <time.h>
static time_t cackey_debug_start_time = 0;
-<<<<<<< HEAD
-# define CACKEY_DEBUG_PRINTTIME { if (cackey_debug_start_time == 0) { cackey_debug_start_time = time(NULL); }; fprintf(cackey_debug_fd(), "[%lu]: ", (unsigned long) (time(NULL) - cackey_debug_start_time)); }
-# else
-# define CACKEY_DEBUG_PRINTTIME /**/
-# endif
-
-# define CACKEY_DEBUG_PRINTF(x...) { CACKEY_DEBUG_PRINTTIME; fprintf(cackey_debug_fd(), "%s():%i: ", __func__, __LINE__); fprintf(cackey_debug_fd(), x); fprintf(cackey_debug_fd(), "\n"); fflush(cackey_debug_fd()); }
-# define CACKEY_DEBUG_PRINTBUF(f, x, y) { unsigned char *TMPBUF; unsigned long idx; TMPBUF = (unsigned char *) (x); CACKEY_DEBUG_PRINTTIME; fprintf(cackey_debug_fd(), "%s():%i: %s (%s/%lu = {%02x", __func__, __LINE__, f, #x, (unsigned long) (y), TMPBUF[0]); for (idx = 1; idx < (y); idx++) { fprintf(cackey_debug_fd(), ", %02x", TMPBUF[idx]); }; fprintf(cackey_debug_fd(), "})\n"); fflush(cackey_debug_fd()); }
-# define CACKEY_DEBUG_PERROR(x) { fprintf(cackey_debug_fd(), "%s():%i: ", __func__, __LINE__); CACKEY_DEBUG_PRINTTIME; perror(x); fflush(cackey_debug_fd()); }
-# define free(x) { CACKEY_DEBUG_PRINTF("FREE(%p) (%s)", x, #x); free(x); }
-=======
static unsigned long CACKEY_DEBUG_GETTIME(void) {
if (cackey_debug_start_time == 0) {
cackey_debug_start_time = time(NULL);
@@ -254,17 +217,16 @@
fflush(cackey_debug_fd()); \
}
# define CACKEY_DEBUG_PRINTBUF(f, x, y) { \
- static char buf_user[4096] = {0}, *buf_user_p, *buf_user_print; \
+ static char buf_user[4096] = {0}, *buf_user_p; \
unsigned long buf_user_size; \
unsigned char *TMPBUF; \
unsigned long idx; \
int snprintf_ret; \
TMPBUF = (unsigned char *) (x); \
buf_user[0] = 0; \
- buf_user[2] = 0; \
buf_user_p = buf_user; \
buf_user_size = sizeof(buf_user); \
- for (idx = 0; idx < (y); idx++) { \
+ for (idx = 1; idx < (y); idx++) { \
if (buf_user_size <= 0) { \
break; \
}; \
@@ -276,12 +238,10 @@
buf_user_size -= snprintf_ret; \
}; \
buf_user[sizeof(buf_user) - 1] = '\0'; \
- buf_user_print = buf_user + 2; \
- fprintf(cackey_debug_fd(), "[%lu]: %s():%i: %s (%s/%lu = {%s})\n", CACKEY_DEBUG_GETTIME(), __func__, __LINE__, f, #x, (unsigned long) (y), buf_user_print); \
+ fprintf(cackey_debug_fd(), "[%lu]: %s():%i: %s (%s/%lu = {%02x%s})\n", CACKEY_DEBUG_GETTIME(), __func__, __LINE__, f, #x, (unsigned long) (y), TMPBUF[0], buf_user); \
fflush(cackey_debug_fd()); \
}
# define free(x) { CACKEY_DEBUG_PRINTF("FREE(%p) (%s)", (void *) x, #x); free(x); }
->>>>>>> trunk
static FILE *cackey_debug_fd(void) {
static FILE *fd = NULL;
@@ -309,15 +269,12 @@
}
}
-<<<<<<< HEAD
-=======
#ifdef CACKEY_DEBUG_LOGFILE
if (logfile == NULL) {
logfile = CACKEY_DEBUG_LOGFILE;
}
#endif
->>>>>>> trunk
if (logfile != NULL) {
CACKEY_DEBUG_PRINTF("Found log file: %s", logfile);
@@ -331,11 +288,7 @@
if (fd == stderr) {
CACKEY_DEBUG_PRINTF("Returning stderr");
} else {
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTF("Returning %p", fd);
-=======
CACKEY_DEBUG_PRINTF("Returning %p", (void *) fd);
->>>>>>> trunk
}
return(fd);
@@ -346,14 +299,7 @@
retval = malloc(size);
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTTIME;
- fprintf(cackey_debug_fd(), "%s():%i: ", func, line);
- fprintf(cackey_debug_fd(), "MALLOC() = %p", retval);
- fprintf(cackey_debug_fd(), "\n");
-=======
fprintf(cackey_debug_fd(), "[%lu]: %s():%i: MALLOC() = %p\n", CACKEY_DEBUG_GETTIME(), func, line, retval);
->>>>>>> trunk
fflush(cackey_debug_fd());
return(retval);
@@ -365,14 +311,7 @@
retval = realloc(ptr, size);
if (retval != ptr) {
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTTIME;
- fprintf(cackey_debug_fd(), "%s():%i: ", func, line);
- fprintf(cackey_debug_fd(), "REALLOC(%p) = %p", ptr, retval);
- fprintf(cackey_debug_fd(), "\n");
-=======
fprintf(cackey_debug_fd(), "[%lu]: %s():%i: REALLOC(%p) = %p\n", CACKEY_DEBUG_GETTIME(), func, line, ptr, retval);
->>>>>>> trunk
fflush(cackey_debug_fd());
}
@@ -388,14 +327,7 @@
retval = strdup(ptr);
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTTIME;
- fprintf(cackey_debug_fd(), "%s():%i: ", func, line);
- fprintf(cackey_debug_fd(), "STRDUP_MALLOC() = %p", retval);
- fprintf(cackey_debug_fd(), "\n");
-=======
fprintf(cackey_debug_fd(), "[%lu]: %s():%i: STRDUP_MALLOC() = %p\n", CACKEY_DEBUG_GETTIME(), func, line, retval);
->>>>>>> trunk
fflush(cackey_debug_fd());
return(retval);
@@ -777,10 +709,6 @@
#else
# define CACKEY_DEBUG_PRINTF(x...) /**/
# define CACKEY_DEBUG_PRINTBUF(f, x, y) /**/
-<<<<<<< HEAD
-# define CACKEY_DEBUG_PERROR(x) /**/
-=======
->>>>>>> trunk
# define CACKEY_DEBUG_FUNC_TAG_TO_STR(x) "DEBUG_DISABLED"
# define CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(x) "DEBUG_DISABLED"
# define CACKEY_DEBUG_FUNC_OBJID_TO_STR(x) "DEBUG_DISABLED"
@@ -788,11 +716,6 @@
# define CACKEY_DEBUG_FUNC_ATTRIBUTE_TO_STR(x) "DEBUG_DISABLED"
#endif
-<<<<<<< HEAD
-struct cackey_pcsc_identity {
- unsigned char applet[7];
- uint16_t file;
-=======
/*
* Include these source files in this translation unit so that we can bind to
* functions and not include any symbols in the output shared object.
@@ -809,14 +732,11 @@
struct cackey_pcsc_identity {
cackey_pcsc_id_type id_type;
->>>>>>> trunk
size_t certificate_len;
unsigned char *certificate;
ssize_t keysize;
-<<<<<<< HEAD
-=======
union {
struct {
@@ -829,7 +749,6 @@
char label[32];
} piv;
} card;
->>>>>>> trunk
};
struct cackey_identity {
@@ -874,10 +793,7 @@
struct cackey_slot {
int active;
-<<<<<<< HEAD
-=======
int internal;
->>>>>>> trunk
char *pcsc_reader;
@@ -894,12 +810,9 @@
unsigned char *label;
DWORD protocol;
-<<<<<<< HEAD
-=======
unsigned int cached_certs_count;
struct cackey_pcsc_identity *cached_certs;
->>>>>>> trunk
};
typedef enum {
@@ -931,12 +844,7 @@
CACKEY_PCSC_E_LOCKED = -3,
CACKEY_PCSC_E_NEEDLOGIN = -4,
CACKEY_PCSC_E_TOKENABSENT = -6,
-<<<<<<< HEAD
CACKEY_PCSC_E_RETRY = -7
-=======
- CACKEY_PCSC_E_RETRY = -7,
- CACKEY_PCSC_E_NODATA = -8
->>>>>>> trunk
} cackey_ret;
struct cackey_tlv_cardurl {
@@ -974,19 +882,11 @@
#include "cackey_builtin_certs.h"
};
-<<<<<<< HEAD
-=======
-#define CACKEY_MACRO_DEFAULT_XSTR(str) CACKEY_MACRO_DEFAULT_STR(str)
-#define CACKEY_MACRO_DEFAULT_STR(str) #str
-
/* Protected Authentication Path command */
+#define CACKEY_PIN_COMMAND_DEFAULT_XSTR(str) CACKEY_PIN_COMMAND_DEFAULT_STR(str)
+#define CACKEY_PIN_COMMAND_DEFAULT_STR(str) #str
static char *cackey_pin_command = NULL;
-/* Reader Exclusion or Include-only */
-static char *cackey_readers_include_only = NULL;
-static char *cackey_readers_exclude = NULL;
-
->>>>>>> trunk
/* PCSC Global Handles */
static LPSCARDCONTEXT cackey_pcsc_handle = NULL;
@@ -1046,14 +946,11 @@
CACKEY_DEBUG_PRINTF("Called.");
for (idx = 0; idx < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); idx++) {
-<<<<<<< HEAD
-=======
if (cackey_slots[idx].internal) {
/* Skip internal slots */
continue;
}
->>>>>>> trunk
if (cackey_slots[idx].pcsc_card_connected) {
CACKEY_DEBUG_PRINTF("SCardDisconnect(%lu) called", (unsigned long) idx);
@@ -1226,15 +1123,11 @@
slot->slot_reset = 1;
slot->pcsc_card_connected = 0;
-<<<<<<< HEAD
- slot->token_flags = CKF_LOGIN_REQUIRED;
-=======
if (cackey_pin_command == NULL) {
slot->token_flags = CKF_LOGIN_REQUIRED;
} else {
slot->token_flags = 0;
}
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Returning.");
@@ -1243,11 +1136,7 @@
/*
* SYNPOSIS
-<<<<<<< HEAD
- * LONG cackey_reconnect_card(struct cackey_slot *slot, DWORD default_protocol, LPDWORD selected_protocol);
-=======
* LONG cackey_reconnect_card(struct cackey_slot *slot, DWORD default_protocol);
->>>>>>> trunk
*
* ARGUMENTS
* cackey_slot *slot
@@ -1256,12 +1145,6 @@
* DWORD default_protocol
* Protocol to attempt first
*
-<<<<<<< HEAD
- * LPDWORD selected_protocol
- * [OUT] Protocol selected
- *
-=======
->>>>>>> trunk
* RETURN VALUE
* The return value from SCardReconnect()
*
@@ -1274,23 +1157,6 @@
* that T=1.
*
*/
-<<<<<<< HEAD
-static LONG cackey_reconnect_card(struct cackey_slot *slot, DWORD default_protocol, LPDWORD selected_protocol) {
- LONG scard_conn_ret;
-
- scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, default_protocol, SCARD_RESET_CARD, selected_protocol);
-
- if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) {
- CACKEY_DEBUG_PRINTF("SCardReconnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=0")
- scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, SCARD_RESET_CARD, selected_protocol);
-
- if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) {
- CACKEY_DEBUG_PRINTF("SCardReconnect() returned SCARD_E_PROTO_MISMATCH, trying with just T=1")
- scard_conn_ret = SCardReconnect(slot->pcsc_card, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T1, SCARD_RESET_CARD, selected_protocol);
- }
- }
-
-=======
static LONG cackey_reconnect_card(struct cackey_slot *slot, DWORD default_protocol) {
DWORD selected_protocol;
LONG scard_conn_ret;
@@ -1313,7 +1179,6 @@
slot->protocol = selected_protocol;
}
->>>>>>> trunk
return(scard_conn_ret);
}
@@ -1355,11 +1220,7 @@
/* Connect to reader, if needed */
if (!slot->pcsc_card_connected) {
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTF("SCardConnect(%s) called", slot->pcsc_reader);
-=======
CACKEY_DEBUG_PRINTF("SCardConnect(%s) called for slot %p", slot->pcsc_reader, slot);
->>>>>>> trunk
scard_conn_ret = SCardConnect(*cackey_pcsc_handle, slot->pcsc_reader, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &slot->pcsc_card, &protocol);
if (scard_conn_ret == SCARD_E_PROTO_MISMATCH) {
@@ -1387,11 +1248,7 @@
}
}
-<<<<<<< HEAD
- scard_conn_ret = cackey_reconnect_card(slot, protocol, &protocol);
-=======
scard_conn_ret = cackey_reconnect_card(slot, protocol);
->>>>>>> trunk
}
if (scard_conn_ret != SCARD_S_SUCCESS) {
@@ -1406,11 +1263,8 @@
slot->protocol = protocol;
}
-<<<<<<< HEAD
-=======
CACKEY_DEBUG_PRINTF("Returning in success");
->>>>>>> trunk
return(CACKEY_PCSC_S_OK);
}
@@ -1587,12 +1441,6 @@
* CACKEY_PCSC_E_GENERIC On error
* CACKEY_PCSC_E_TOKENABSENT If the sending failed because the token is
* absent
-<<<<<<< HEAD
-=======
- * CACKEY_PCSC_E_RETRY If something that looks retry'able went
- * wrong -- try the whole transaction over
- * again
->>>>>>> trunk
*
* NOTES
* This function will connect to the PC/SC Connection Manager via
@@ -1603,18 +1451,10 @@
* goes away.
*
*/
-<<<<<<< HEAD
-static cackey_ret cackey_send_apdu(struct cackey_slot *slot, unsigned char class, unsigned char instruction, unsigned char p1, unsigned char p2, unsigned char lc, unsigned char *data, unsigned char le, uint16_t *respcode, unsigned char *respdata, size_t *respdata_len) {
- uint8_t major_rc, minor_rc;
- size_t bytes_to_copy, tmp_respdata_len;
- LPCSCARD_IO_REQUEST pioSendPci;
- DWORD protocol;
-=======
static cackey_ret cackey_send_apdu(struct cackey_slot *slot, unsigned char class, unsigned char instruction, unsigned char p1, unsigned char p2, unsigned int lc, unsigned char *data, unsigned int le, uint16_t *respcode, unsigned char *respdata, size_t *respdata_len) {
uint8_t major_rc, minor_rc;
size_t bytes_to_copy, tmp_respdata_len;
LPCSCARD_IO_REQUEST pioSendPci;
->>>>>>> trunk
DWORD xmit_len, recv_len;
LONG scard_xmit_ret, scard_reconn_ret;
BYTE xmit_buf[1024], recv_buf[1024];
@@ -1639,20 +1479,14 @@
/* Determine which protocol to send using */
switch (slot->protocol) {
case SCARD_PROTOCOL_T0:
-<<<<<<< HEAD
-=======
CACKEY_DEBUG_PRINTF("Protocol to send datagram is T=0");
->>>>>>> trunk
pioSendPci = SCARD_PCI_T0;
break;
case SCARD_PROTOCOL_T1:
-<<<<<<< HEAD
-=======
CACKEY_DEBUG_PRINTF("Protocol to send datagram is T=1");
->>>>>>> trunk
pioSendPci = SCARD_PCI_T1;
break;
@@ -1669,9 +1503,6 @@
xmit_buf[xmit_len++] = p1;
xmit_buf[xmit_len++] = p2;
if (data) {
-<<<<<<< HEAD
- xmit_buf[xmit_len++] = lc;
-=======
if (lc > 255) {
CACKEY_DEBUG_PRINTF("CAUTION! Using an Lc greater than 255 is untested. Lc = %u", lc);
@@ -1681,16 +1512,12 @@
} else {
xmit_buf[xmit_len++] = lc;
}
->>>>>>> trunk
for (idx = 0; idx < lc; idx++) {
xmit_buf[xmit_len++] = data[idx];
}
}
if (le != 0x00) {
-<<<<<<< HEAD
- xmit_buf[xmit_len++] = le;
-=======
if (le > 256) {
CACKEY_DEBUG_PRINTF("CAUTION! Using an Le greater than 256 is untested. Le = %u", le);
@@ -1702,17 +1529,12 @@
} else {
xmit_buf[xmit_len++] = le;
}
->>>>>>> trunk
}
/* Begin Smartcard Transaction */
cackey_begin_transaction(slot);
-<<<<<<< HEAD
- if (class == GSCIS_CLASS_ISO7816 && instruction == GSCIS_INSTR_VERIFY && p1 == 0x00 && p2 == 0x00) {
-=======
if (class == GSCIS_CLASS_ISO7816 && (instruction == GSCIS_INSTR_VERIFY || instruction == GSCIS_INSTR_CHANGE_REFERENCE) && p1 == 0x00) {
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Sending APDU: <<censored>>");
} else {
CACKEY_DEBUG_PRINTBUF("Sending APDU:", xmit_buf, xmit_len);
@@ -1727,11 +1549,8 @@
/* Begin Smartcard Transaction */
cackey_end_transaction(slot);
-<<<<<<< HEAD
-=======
cackey_reconnect_card(slot, slot->protocol);
->>>>>>> trunk
return(CACKEY_PCSC_E_RETRY);
}
@@ -1744,17 +1563,9 @@
if (scard_xmit_ret == SCARD_W_RESET_CARD) {
CACKEY_DEBUG_PRINTF("Reset required, please hold...");
-<<<<<<< HEAD
- scard_reconn_ret = cackey_reconnect_card(slot, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &protocol);
-
- if (scard_reconn_ret == SCARD_S_SUCCESS) {
- /* Update protocol */
- slot->protocol = protocol;
-=======
scard_reconn_ret = cackey_reconnect_card(slot, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1);
if (scard_reconn_ret == SCARD_S_SUCCESS) {
->>>>>>> trunk
switch (slot->protocol) {
case SCARD_PROTOCOL_T0:
pioSendPci = SCARD_PCI_T0;
@@ -1831,16 +1642,7 @@
/* End Smartcard Transaction */
cackey_end_transaction(slot);
-<<<<<<< HEAD
return(CACKEY_PCSC_E_GENERIC);
-=======
- /* Supply an invalid response code */
- if (respcode) {
- *respcode = 0;
- }
-
- return(CACKEY_PCSC_E_NODATA);
->>>>>>> trunk
}
/* Determine result code */
@@ -1927,8 +1729,6 @@
return(CACKEY_PCSC_E_GENERIC);
}
-<<<<<<< HEAD
-=======
static unsigned char *cackey_read_bertlv_tag(unsigned char *buffer, size_t *buffer_len_p, unsigned char tag, unsigned char *outbuffer, size_t *outbuffer_len_p) {
unsigned char *buffer_p;
size_t outbuffer_len, buffer_len;
@@ -2106,7 +1906,6 @@
return(size);
}
->>>>>>> trunk
/*
* SYNPOSIS
* ssize_t cackey_read_buffer(struct cackey_slot *slot, unsigned char *buffer, size_t count, unsigned char t_or_v, size_t initial_offset);
@@ -2584,8 +2383,6 @@
return;
}
-<<<<<<< HEAD
-=======
static struct cackey_pcsc_identity *cackey_copy_certs(struct cackey_pcsc_identity *dest, struct cackey_pcsc_identity *start, size_t count) {
size_t idx;
@@ -2622,7 +2419,6 @@
return(dest);
}
->>>>>>> trunk
/*
* SYNPOSIS
* ...
@@ -2640,14 +2436,6 @@
static struct cackey_pcsc_identity *cackey_read_certs(struct cackey_slot *slot, struct cackey_pcsc_identity *certs, unsigned long *count) {
struct cackey_pcsc_identity *curr_id;
struct cackey_tlv_entity *ccc_tlv, *ccc_curr, *app_tlv, *app_curr;
-<<<<<<< HEAD
- unsigned char ccc_aid[] = {GSCIS_AID_CCC};
- unsigned char curr_aid[7];
- unsigned long outidx = 0;
- cackey_ret transaction_ret;
- int certs_resizable;
- int send_ret, select_ret;
-=======
unsigned char ccc_aid[] = {GSCIS_AID_CCC}, piv_aid[] = {NISTSP800_73_3_PIV_AID};
unsigned char *piv_oid, piv_oid_pivauth[] = {NISTSP800_73_3_OID_PIVAUTH}, piv_oid_signature[] = {NISTSP800_73_3_OID_SIGNATURE}, piv_oid_keymgt[] = {NISTSP800_73_3_OID_KEYMGT};
unsigned char curr_aid[7];
@@ -2665,7 +2453,6 @@
int uncompress_ret;
z_stream gzip_stream;
#endif
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Called.");
@@ -2683,8 +2470,6 @@
}
}
-<<<<<<< HEAD
-=======
if (!slot->slot_reset) {
if (slot->cached_certs) {
if (certs == NULL) {
@@ -2708,7 +2493,6 @@
slot->cached_certs = NULL;
}
->>>>>>> trunk
/* Begin a SmartCard transaction */
transaction_ret = cackey_begin_transaction(slot);
if (transaction_ret != CACKEY_PCSC_S_OK) {
@@ -2717,7 +2501,6 @@
return(NULL);
}
-<<<<<<< HEAD
if (certs == NULL) {
certs = malloc(sizeof(*certs) * 5);
*count = 5;
@@ -2729,68 +2512,6 @@
/* Select the CCC Applet */
send_ret = cackey_select_applet(slot, ccc_aid, sizeof(ccc_aid));
if (send_ret != CACKEY_PCSC_S_OK) {
- CACKEY_DEBUG_PRINTF("Unable to select CCC Applet, returning in failure");
-
- /* Terminate SmartCard Transaction */
- cackey_end_transaction(slot);
-
- return(NULL);
- }
-
- /* Read all the applets from the CCC's TLV */
- ccc_tlv = cackey_read_tlv(slot);
-
- /* Look for CARDURLs that coorespond to PKI applets */
- for (ccc_curr = ccc_tlv; ccc_curr; ccc_curr = ccc_curr->_next) {
- CACKEY_DEBUG_PRINTF("Found tag: %s ... ", CACKEY_DEBUG_FUNC_TAG_TO_STR(ccc_curr->tag));
-
- if (ccc_curr->tag != GSCIS_TAG_CARDURL) {
- CACKEY_DEBUG_PRINTF(" ... skipping it (we only care about CARDURLs)");
-
- continue;
- }
-
- if ((ccc_curr->value_cardurl->apptype & CACKEY_TLV_APP_PKI) != CACKEY_TLV_APP_PKI) {
- CACKEY_DEBUG_PRINTF(" ... skipping it (we only care about PKI applets, this applet supports: %s/%02x)", CACKEY_DEBUG_FUNC_APPTYPE_TO_STR(ccc_curr->value_cardurl->apptype), (unsigned int) ccc_curr->value_cardurl->apptype);
-
- continue;
- }
-
- CACKEY_DEBUG_PRINTBUF("RID:", ccc_curr->value_cardurl->rid, sizeof(ccc_curr->value_cardurl->rid));
- CACKEY_DEBUG_PRINTF("AppID = %s/%04lx", CACKEY_DEBUG_FUNC_OBJID_TO_STR(ccc_curr->value_cardurl->appid), (unsigned long) ccc_curr->value_cardurl->appid);
- CACKEY_DEBUG_PRINTF("ObjectID = %s/%04lx", CACKEY_DEBUG_FUNC_OBJID_TO_STR(ccc_curr->value_cardurl->objectid), (unsigned long) ccc_curr->value_cardurl->objectid);
-
- memcpy(curr_aid, ccc_curr->value_cardurl->rid, sizeof(ccc_curr->value_cardurl->rid));
- curr_aid[sizeof(curr_aid) - 2] = (ccc_curr->value_cardurl->appid >> 8) & 0xff;
- curr_aid[sizeof(curr_aid) - 1] = ccc_curr->value_cardurl->appid & 0xff;
-
- /* Select found applet ... */
- select_ret = cackey_select_applet(slot, curr_aid, sizeof(curr_aid));
- if (select_ret != CACKEY_PCSC_S_OK) {
- CACKEY_DEBUG_PRINTF("Failed to select applet, skipping processing of this object");
-
- continue;
- }
-
- /* ... and object (file) */
- select_ret = cackey_select_file(slot, ccc_curr->value_cardurl->objectid);
- if (select_ret != CACKEY_PCSC_S_OK) {
- CACKEY_DEBUG_PRINTF("Failed to select file, skipping processing of this object");
-
- continue;
- }
-
- /* Process this file's TLV looking for certificates */
- app_tlv = cackey_read_tlv(slot);
-
- for (app_curr = app_tlv; app_curr; app_curr = app_curr->_next) {
- CACKEY_DEBUG_PRINTF("Found tag: %s", CACKEY_DEBUG_FUNC_TAG_TO_STR(app_curr->tag));
- if (app_curr->tag != GSCIS_TAG_CERTIFICATE) {
- CACKEY_DEBUG_PRINTF(" ... skipping it (we only care about CERTIFICATEs)");
-=======
- /* Select the CCC Applet */
- send_ret = cackey_select_applet(slot, ccc_aid, sizeof(ccc_aid));
- if (send_ret != CACKEY_PCSC_S_OK) {
/* Try PIV application */
send_ret = cackey_select_applet(slot, piv_aid, sizeof(piv_aid));
if (send_ret == CACKEY_PCSC_S_OK) {
@@ -2803,22 +2524,10 @@
/* Terminate SmartCard Transaction */
cackey_end_transaction(slot);
- if (certs == NULL) {
- *count = 0;
- }
-
return(NULL);
}
}
- if (certs == NULL) {
- certs = malloc(sizeof(*certs) * 5);
- *count = 5;
- certs_resizable = 1;
- } else {
- certs_resizable = 0;
- }
-
if (piv) {
for (idx = 0; idx < 3; idx++) {
switch (idx) {
@@ -2867,46 +2576,10 @@
curr_id->certificate = NULL;
outidx--;
->>>>>>> trunk
continue;
}
-<<<<<<< HEAD
- curr_id = &certs[outidx];
- outidx++;
-
- memcpy(curr_id->applet, curr_aid, sizeof(curr_id->applet));
- curr_id->file = ccc_curr->value_cardurl->objectid;
- curr_id->keysize = -1;
-
- CACKEY_DEBUG_PRINTF("Filling curr_id->applet (%p) with %lu bytes:", curr_id->applet, (unsigned long) sizeof(curr_id->applet));
- CACKEY_DEBUG_PRINTBUF("VAL:", curr_id->applet, sizeof(curr_id->applet));
-
- curr_id->certificate_len = app_curr->length;
-
- curr_id->certificate = malloc(curr_id->certificate_len);
- memcpy(curr_id->certificate, app_curr->value, curr_id->certificate_len);
-
- if (outidx >= *count) {
- if (certs_resizable) {
- *count *= 2;
- certs = realloc(certs, sizeof(*certs) * (*count));
- } else {
- break;
- }
- }
- }
-
- cackey_free_tlv(app_tlv);
-
- if (outidx >= *count) {
- break;
- }
- }
-
- cackey_free_tlv(ccc_tlv);
-=======
#ifdef HAVE_LIBZ
if (curr_id->certificate_len > 4) {
if (memcmp(curr_id->certificate, "\x1f\x8b\x08\x00", 4) == 0) {
@@ -3048,21 +2721,13 @@
cackey_free_tlv(ccc_tlv);
}
->>>>>>> trunk
*count = outidx;
if (certs_resizable) {
-<<<<<<< HEAD
- certs = realloc(certs, sizeof(*certs) * (*count));
- }
-
-=======
if (*count != 0) {
certs = realloc(certs, sizeof(*certs) * (*count));
} else {
- free(certs);
-
certs = NULL;
}
}
@@ -3070,7 +2735,6 @@
slot->cached_certs = cackey_copy_certs(NULL, certs, *count);
slot->cached_certs_count = *count;
->>>>>>> trunk
/* Terminate SmartCard Transaction */
cackey_end_transaction(slot);
@@ -3092,24 +2756,15 @@
*
*/
static ssize_t cackey_signdecrypt(struct cackey_slot *slot, struct cackey_identity *identity, unsigned char *buf, size_t buflen, unsigned char *outbuf, size_t outbuflen, int padInput, int unpadOutput) {
-<<<<<<< HEAD
- unsigned char *tmpbuf, *tmpbuf_s, *outbuf_s;
- unsigned char bytes_to_send, p1;
-=======
cackey_pcsc_id_type id_type;
unsigned char dyn_auth_template[10], *dyn_auth_tmpbuf;
unsigned char *tmpbuf, *tmpbuf_s, *outbuf_s, *outbuf_p;
unsigned char bytes_to_send, p1, class;
->>>>>>> trunk
unsigned char blocktype;
cackey_ret send_ret;
uint16_t respcode;
ssize_t retval = 0, unpadoffset;
-<<<<<<< HEAD
- size_t tmpbuflen, padlen, tmpoutbuflen;
-=======
size_t tmpbuflen, padlen, tmpoutbuflen, outbuf_len;
->>>>>>> trunk
int free_tmpbuf = 0;
int le;
@@ -3145,8 +2800,6 @@
return(-1);
}
-<<<<<<< HEAD
-=======
id_type = identity->pcsc_identity->id_type;
if (id_type == CACKEY_ID_TYPE_CERT_ONLY) {
CACKEY_DEBUG_PRINTF("Error. identity->pcsc_identity is CACKEY_ID_TYPE_CERT_ONLY, which cannot be used for sign/decrypt");
@@ -3164,7 +2817,6 @@
return(-1);
}
->>>>>>> trunk
/* Determine identity Key size */
if (identity->pcsc_identity->keysize < 0) {
identity->pcsc_identity->keysize = x509_to_keysize(identity->pcsc_identity->certificate, identity->pcsc_identity->certificate_len);
@@ -3174,11 +2826,7 @@
if (padInput) {
if (identity->pcsc_identity->keysize > 0) {
if (buflen != identity->pcsc_identity->keysize) {
-<<<<<<< HEAD
if (buflen > (identity->pcsc_identity->keysize + 3)) {
-=======
- if (buflen > (identity->pcsc_identity->keysize - 3)) {
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Error. Message is too large to sign/decrypt");
return(-1);
@@ -3190,11 +2838,6 @@
padlen = tmpbuflen - buflen - 3;
-<<<<<<< HEAD
-=======
- CACKEY_DEBUG_PRINTF("Need to pad the buffer with %llu bytes (tmpbuflen = %llu, buflen = %llu)", (unsigned long long) padlen, (unsigned long long) tmpbuflen, (unsigned long long) buflen);
-
->>>>>>> trunk
/* RSA PKCS#1 EMSA-PKCS1-v1_5 Padding */
tmpbuf[0] = 0x00;
tmpbuf[1] = 0x01;
@@ -3229,13 +2872,6 @@
cackey_begin_transaction(slot);
/* Select correct applet */
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTF("Selecting applet found at %p ...", identity->pcsc_identity->applet);
- cackey_select_applet(slot, identity->pcsc_identity->applet, sizeof(identity->pcsc_identity->applet));
-
- /* Select correct file */
- cackey_select_file(slot, identity->pcsc_identity->file);
-=======
switch (id_type) {
case CACKEY_ID_TYPE_CAC:
CACKEY_DEBUG_PRINTF("Selecting applet found at %p ...", identity->pcsc_identity->card.cac.applet);
@@ -3272,29 +2908,10 @@
case CACKEY_ID_TYPE_CERT_ONLY:
break;
}
->>>>>>> trunk
tmpbuf_s = tmpbuf;
outbuf_s = outbuf;
while (tmpbuflen) {
-<<<<<<< HEAD
- if (tmpbuflen > 245) {
- bytes_to_send = 245;
- p1 = 0x80;
- le = 0x00;
- } else {
- bytes_to_send = tmpbuflen;
- p1 = 0x00;
- le = 0x00;
- }
-
- tmpoutbuflen = outbuflen;
-
- send_ret = cackey_send_apdu(slot, GSCIS_CLASS_GLOBAL_PLATFORM, GSCIS_INSTR_SIGNDECRYPT, p1, 0x00, bytes_to_send, tmpbuf, le, &respcode, outbuf, &tmpoutbuflen);
- if (send_ret != CACKEY_PCSC_S_OK) {
- CACKEY_DEBUG_PRINTF("ADPU Sending Failed -- returning in error.");
-
-=======
tmpoutbuflen = outbuflen;
if (tmpbuflen > CACKEY_APDU_MTU) {
@@ -3332,7 +2949,6 @@
}
if (send_ret != CACKEY_PCSC_S_OK) {
->>>>>>> trunk
if (free_tmpbuf) {
if (tmpbuf_s) {
free(tmpbuf_s);
@@ -3342,12 +2958,6 @@
/* End transaction */
cackey_end_transaction(slot);
-<<<<<<< HEAD
- if (respcode == 0x6982) {
- CACKEY_DEBUG_PRINTF("Security status not satisified. Returning NEEDLOGIN");
-
- cackey_mark_slot_reset(slot);
-=======
if (send_ret == CACKEY_PCSC_E_RETRY) {
CACKEY_DEBUG_PRINTF("ADPU Sending Failed -- retrying.");
@@ -3365,7 +2975,6 @@
cackey_mark_slot_reset(slot);
->>>>>>> trunk
slot->token_flags = CKF_LOGIN_REQUIRED;
return(CACKEY_PCSC_E_NEEDLOGIN);
@@ -3375,23 +2984,11 @@
CACKEY_DEBUG_PRINTF("Token absent. Returning TOKENABSENT");
cackey_mark_slot_reset(slot);
-<<<<<<< HEAD
- slot->token_flags = CKF_LOGIN_REQUIRED;
-=======
->>>>>>> trunk
return(CACKEY_PCSC_E_TOKENABSENT);
}
-<<<<<<< HEAD
return(-1);
-=======
- CACKEY_DEBUG_PRINTF("Something went wrong during signing, resetting the slot and hoping for the best.");
-
- cackey_mark_slot_reset(slot);
-
- return(CACKEY_PCSC_E_GENERIC);
->>>>>>> trunk
}
tmpbuf += bytes_to_send;
@@ -3423,8 +3020,6 @@
# endif
#endif
-<<<<<<< HEAD
-=======
/* We must remove the "7C" tag to get to the signature */
switch (id_type) {
case CACKEY_ID_TYPE_PIV:
@@ -3454,7 +3049,6 @@
break;
}
->>>>>>> trunk
/* Unpad reply */
if (unpadOutput) {
if (retval < 3) {
@@ -3549,90 +3143,20 @@
* ...
*
*/
-<<<<<<< HEAD
-static cackey_ret cackey_login(struct cackey_slot *slot, unsigned char *pin, unsigned long pin_len, int *tries_remaining_p) {
- unsigned char cac_pin[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
- uint16_t response_code;
- int tries_remaining;
- int send_ret;
-
- /* Indicate that we do not know about how many tries are remaining */
- if (tries_remaining_p) {
- *tries_remaining_p = -1;
- }
-
- /* Apparently, CAC PINs are *EXACTLY* 8 bytes long -- pad with 0xFF if too short */
- if (pin_len >= 8) {
- memcpy(cac_pin, pin, 8);
- } else {
- memcpy(cac_pin, pin, pin_len);
- }
-
- /* Issue PIN Verify */
- send_ret = cackey_send_apdu(slot, GSCIS_CLASS_ISO7816, GSCIS_INSTR_VERIFY, 0x00, 0x00, sizeof(cac_pin), cac_pin, 0x00, &response_code, NULL, NULL);
- if (send_ret != CACKEY_PCSC_S_OK) {
- if ((response_code & 0x63C0) == 0x63C0) {
- tries_remaining = (response_code & 0xF);
-
- CACKEY_DEBUG_PRINTF("PIN Verification failed, %i tries remaining", tries_remaining);
-
- if (tries_remaining_p) {
- *tries_remaining_p = tries_remaining;
- }
-
- return(CACKEY_PCSC_E_BADPIN);
- }
-
- if (response_code == 0x6983) {
- CACKEY_DEBUG_PRINTF("PIN Verification failed, device is locked");
-
- return(CACKEY_PCSC_E_LOCKED);
- }
-
- return(CACKEY_PCSC_E_GENERIC);
- }
-
- CACKEY_DEBUG_PRINTF("PIN Verification succeeded");
-
- return(CACKEY_PCSC_S_OK);
-}
-
-/*
- * SYNPOSIS
- * ...
- *
- * ARGUMENTS
- * ...
- *
- * RETURN VALUE
- * ...
- *
- * NOTES
- * ...
- *
- */
-static cackey_ret cackey_token_present(struct cackey_slot *slot) {
- cackey_ret pcsc_connect_ret;
- DWORD reader_len, state, protocol, atr_len;
-=======
static cackey_ret cackey_token_present(struct cackey_slot *slot) {
cackey_ret pcsc_connect_ret;
DWORD reader_len = 0, state = 0, protocol = 0, atr_len;
->>>>>>> trunk
BYTE atr[MAX_ATR_SIZE];
LONG status_ret, scard_reconn_ret;
CACKEY_DEBUG_PRINTF("Called.");
-<<<<<<< HEAD
-=======
if (slot->internal) {
CACKEY_DEBUG_PRINTF("Returning token present (internal token)");
return(CACKEY_PCSC_S_TOKENPRESENT);
}
->>>>>>> trunk
pcsc_connect_ret = cackey_connect_card(slot);
if (pcsc_connect_ret != CACKEY_PCSC_S_OK) {
CACKEY_DEBUG_PRINTF("Unable to connect to card, returning token absent");
@@ -3640,11 +3164,8 @@
return(CACKEY_PCSC_E_TOKENABSENT);
}
-<<<<<<< HEAD
-=======
CACKEY_DEBUG_PRINTF("Calling SCardStatus() to determine card status");
->>>>>>> trunk
atr_len = sizeof(atr);
status_ret = SCardStatus(slot->pcsc_card, NULL, &reader_len, &state, &protocol, atr, &atr_len);
@@ -3659,11 +3180,8 @@
return(CACKEY_PCSC_E_TOKENABSENT);
}
-<<<<<<< HEAD
-=======
CACKEY_DEBUG_PRINTF("Calling SCardStatus() again");
->>>>>>> trunk
atr_len = sizeof(atr);
status_ret = SCardStatus(slot->pcsc_card, NULL, &reader_len, &state, &protocol, atr, &atr_len);
}
@@ -3674,16 +3192,8 @@
if (status_ret == SCARD_W_RESET_CARD) {
CACKEY_DEBUG_PRINTF("Reset required, please hold...");
-<<<<<<< HEAD
- scard_reconn_ret = cackey_reconnect_card(slot, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, &protocol);
- if (scard_reconn_ret == SCARD_S_SUCCESS) {
- /* Update protocol */
- slot->protocol = protocol;
-
-=======
scard_reconn_ret = cackey_reconnect_card(slot, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1);
if (scard_reconn_ret == SCARD_S_SUCCESS) {
->>>>>>> trunk
/* Re-establish transaction, if it was present */
if (slot->transaction_depth > 0) {
slot->transaction_depth--;
@@ -3735,11 +3245,6 @@
* ...
*
*/
-<<<<<<< HEAD
-static ssize_t cackey_pcsc_identity_to_label(struct cackey_pcsc_identity *identity, unsigned char *label_buf, unsigned long label_buf_len) {
- unsigned long certificate_len;
- char *label_asn1;
-=======
static cackey_ret cackey_set_pin(struct cackey_slot *slot, unsigned char *old_pin, unsigned long old_pin_len, unsigned char *pin, unsigned long pin_len) {
struct cackey_pcsc_identity *pcsc_identities;
unsigned char cac_pin[8] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
@@ -3821,9 +3326,6 @@
CACKEY_DEBUG_PRINTF("PIN Change succeeded");
return(CACKEY_PCSC_S_OK);
-
- /* Disable a warning, since this is only used in debug mode */
- tries_remaining = tries_remaining;
}
/*
@@ -3912,9 +3414,9 @@
}
if (response_code == 0x6d00) {
- if (retries > 0) {
+ if (have_piv == 1 && retries > 0) {
CACKEY_DEBUG_PRINTF("Got ISO 7816 Response \"6D 00\" in response to a VERIFY request.");
- CACKEY_DEBUG_PRINTF("We did not expect this because it is not mentioned in NIST SP 800-73-3 Part 2 Section 3.2.1 or GSC-IS v2.1");
+ CACKEY_DEBUG_PRINTF("We did not expect this because it is not mentioned in NIST SP 800-73-3 Part 2 Section 3.2.1");
CACKEY_DEBUG_PRINTF("We are going to try to reset the card and select the applet again.");
cackey_mark_slot_reset(slot);
@@ -3965,7 +3467,6 @@
static ssize_t cackey_pcsc_identity_to_label(struct cackey_pcsc_identity *identity, unsigned char *label_buf, unsigned long label_buf_len) {
unsigned long certificate_len;
void *label_asn1;
->>>>>>> trunk
void *certificate;
int x509_read_ret;
@@ -4241,15 +3742,6 @@
case CKA_LABEL:
CACKEY_DEBUG_PRINTF("Requesting attribute CKA_LABEL (0x%08lx) ...", (unsigned long) curr_attr_type);
-<<<<<<< HEAD
- /* XXX: Determine name */
- ulValueLen = snprintf((char *) ucTmpBuf, sizeof(ucTmpBuf), "Identity #%lu", (unsigned long) identity_num);
- pValue = ucTmpBuf;
-
- if (ulValueLen >= sizeof(ucTmpBuf)) {
- ulValueLen = 0;
- pValue = NULL;
-=======
if (identity->id_type == CACKEY_ID_TYPE_PIV) {
pValue = identity->card.piv.label;
ulValueLen = strlen(pValue);
@@ -4261,7 +3753,6 @@
ulValueLen = 0;
pValue = NULL;
}
->>>>>>> trunk
}
CACKEY_DEBUG_PRINTF(" ... returning (%p/%lu)", pValue, (unsigned long) ulValueLen);
@@ -4650,11 +4141,7 @@
*pulCount = numattrs;
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTF("Returning %lu objects (%p).", numattrs, retval);
-=======
CACKEY_DEBUG_PRINTF("Returning %lu objects (%p).", numattrs, (void *) retval);
->>>>>>> trunk
return(retval);
}
@@ -4688,8 +4175,6 @@
free(identities);
}
-<<<<<<< HEAD
-=======
static unsigned long cackey_read_dod_identities(struct cackey_identity *identities, unsigned long num_dod_certs) {
unsigned long cert_idx, id_idx = 0;
@@ -4714,36 +4199,10 @@
return(id_idx);
}
->>>>>>> trunk
static struct cackey_identity *cackey_read_identities(struct cackey_slot *slot, unsigned long *ids_found) {
struct cackey_pcsc_identity *pcsc_identities;
struct cackey_identity *identities;
unsigned long num_ids, id_idx, curr_id_type;
-<<<<<<< HEAD
- unsigned long num_certs, num_extra_certs, cert_idx;
- int include_extra_certs = 1;
-
- CACKEY_DEBUG_PRINTF("Called.");
-
- if (getenv("CACKEY_NO_EXTRA_CERTS") != NULL) {
- CACKEY_DEBUG_PRINTF("Asked not to include extra (DoD) certificates");
-
- include_extra_certs = 0;
- }
-
- if (include_extra_certs) {
- num_extra_certs = sizeof(extra_certs) / sizeof(extra_certs[0]);
-
- CACKEY_DEBUG_PRINTF("Including %i DoD Certificates as objects on this token", num_extra_certs);
- } else {
- num_extra_certs = 0;
- }
-
- if (ids_found == NULL) {
- CACKEY_DEBUG_PRINTF("Error. ids_found is NULL");
-
- return(NULL);
-=======
unsigned long num_certs, num_dod_certs, cert_idx;
int include_extra_certs = 0, include_dod_certs;
@@ -4801,21 +4260,16 @@
*ids_found = num_ids;
return(identities);
->>>>>>> trunk
}
pcsc_identities = cackey_read_certs(slot, NULL, &num_certs);
if (pcsc_identities != NULL) {
/* Convert number of Certs to number of objects */
num_ids = (CKO_PRIVATE_KEY - CKO_CERTIFICATE + 1) * num_certs;
-<<<<<<< HEAD
- num_ids += num_extra_certs * 3;
-=======
if (include_extra_certs) {
num_ids += cackey_read_dod_identities(NULL, num_dod_certs);
}
->>>>>>> trunk
identities = malloc(num_ids * sizeof(*identities));
@@ -4835,29 +4289,6 @@
}
}
-<<<<<<< HEAD
- cackey_free_certs(pcsc_identities, num_certs, 1);
-
- /* Add DoD Certificates and Netscape Trust Objects */
- for (cert_idx = 0; cert_idx < num_extra_certs; cert_idx++) {
- identities[id_idx].pcsc_identity = NULL;
- identities[id_idx].attributes = cackey_get_attributes(CKO_CERTIFICATE, &extra_certs[cert_idx], 0xf000 | cert_idx, &identities[id_idx].attributes_count);
- id_idx++;
-
- identities[id_idx].pcsc_identity = NULL;
- identities[id_idx].attributes = cackey_get_attributes(CKO_PUBLIC_KEY, &extra_certs[cert_idx], 0xf000 | cert_idx, &identities[id_idx].attributes_count);
- id_idx++;
-
- identities[id_idx].pcsc_identity = NULL;
- identities[id_idx].attributes = cackey_get_attributes(CKO_NETSCAPE_TRUST, &extra_certs[cert_idx], 0xf000 | cert_idx, &identities[id_idx].attributes_count);
- id_idx++;
- }
-
- *ids_found = num_ids;
- return(identities);
- }
-
-=======
if (include_extra_certs) {
CACKEY_DEBUG_PRINTF("Including US Government Certificates on hardware slot");
@@ -4872,17 +4303,10 @@
}
->>>>>>> trunk
*ids_found = 0;
return(NULL);
}
-<<<<<<< HEAD
-CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(CK_VOID_PTR pInitArgs) {
- CK_C_INITIALIZE_ARGS CK_PTR args;
- uint32_t idx;
- int mutex_init_ret;
-=======
static cackey_ret cackey_get_pin(char *pinbuf) {
FILE *pinfd;
char *fgets_ret;
@@ -4941,7 +4365,6 @@
uint32_t idx, highest_slot;
int mutex_init_ret;
int include_dod_certs;
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Called.");
@@ -4982,8 +4405,6 @@
cackey_slots[idx].slot_reset = 0;
cackey_slots[idx].token_flags = 0;
cackey_slots[idx].label = NULL;
-<<<<<<< HEAD
-=======
cackey_slots[idx].internal = 0;
}
@@ -5013,7 +4434,6 @@
cackey_slots[highest_slot].label = (unsigned char *) "US Government Certificates";
cackey_slots[highest_slot].pcsc_reader = "CACKey";
cackey_slots[highest_slot].token_flags = 0;
->>>>>>> trunk
}
cackey_initialized = 1;
@@ -5030,56 +4450,25 @@
cackey_biglock_init = 1;
}
-<<<<<<< HEAD
-=======
/* Define a command to prompt user for a PIN */
#ifdef CACKEY_PIN_COMMAND_DEFAULT
- cackey_pin_command = strdup(CACKEY_MACRO_DEFAULT_XSTR(CACKEY_PIN_COMMAND_DEFAULT));
+ cackey_pin_command = CACKEY_PIN_COMMAND_DEFAULT_XSTR(CACKEY_PIN_COMMAND_DEFAULT);
#endif
#ifdef CACKEY_PIN_COMMAND_XONLY_DEFAULT
if (getenv("DISPLAY") != NULL) {
- cackey_pin_command = strdup(CACKEY_MACRO_DEFAULT_XSTR(CACKEY_PIN_COMMAND_XONLY_DEFAULT));
+ cackey_pin_command = CACKEY_PIN_COMMAND_DEFAULT_XSTR(CACKEY_PIN_COMMAND_XONLY_DEFAULT);
}
#endif
if (getenv("CACKEY_PIN_COMMAND") != NULL) {
- cackey_pin_command = strdup(getenv("CACKEY_PIN_COMMAND"));
+ cackey_pin_command = getenv("CACKEY_PIN_COMMAND");
}
if (getenv("CACKEY_PIN_COMMAND_XONLY") != NULL && getenv("DISPLAY") != NULL) {
- cackey_pin_command = strdup(getenv("CACKEY_PIN_COMMAND_XONLY"));
+ cackey_pin_command = getenv("CACKEY_PIN_COMMAND_XONLY");
}
-#ifdef CACKEY_READERS_INCLUDE_ONLY_DEFAULT
- cackey_readers_include_only = strdup(CACKEY_MACRO_DEFAULT_XSTR(CACKEY_READERS_INCLUDE_ONLY_DEFAULT));
-#endif
-
-#ifdef CACKEY_READERS_EXCLUDE_DEFAULT
- cackey_readers_exclude = strdup(CACKEY_MACRO_DEFAULT_XSTR(CACKEY_READERS_EXCLUDE_DEFAULT));
-#endif
-
- if (getenv("CACKEY_READERS_INCLUDE_ONLY") != NULL) {
- cackey_readers_include_only = strdup(getenv("CACKEY_READERS_INCLUDE_ONLY"));
-
- if (cackey_readers_include_only[0] == '\0') {
- free(cackey_readers_include_only);
-
- cackey_readers_include_only = NULL;
- }
- }
-
- if (getenv("CACKEY_READERS_EXCLUDE") != NULL) {
- cackey_readers_exclude = strdup(getenv("CACKEY_READERS_EXCLUDE"));
-
- if (cackey_readers_exclude[0] == '\0') {
- free(cackey_readers_exclude);
-
- cackey_readers_exclude = NULL;
- }
- }
-
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);
return(CKR_OK);
@@ -5108,17 +4497,6 @@
}
}
-<<<<<<< HEAD
- cackey_slots_disconnect_all();
-
- for (idx = 0; idx < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); idx++) {
- if (cackey_slots[idx].pcsc_reader) {
- free(cackey_slots[idx].pcsc_reader);
- }
- }
-
- cackey_pcsc_disconnect();
-=======
cackey_slots_disconnect_all();
for (idx = 0; idx < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); idx++) {
@@ -5139,25 +4517,6 @@
cackey_pcsc_disconnect();
- if (cackey_pin_command != NULL) {
- free(cackey_pin_command);
-
- cackey_pin_command = NULL;
- }
-
- if (cackey_readers_include_only != NULL) {
- free(cackey_readers_include_only);
-
- cackey_readers_include_only = NULL;
- }
-
- if (cackey_readers_exclude != NULL) {
- free(cackey_readers_exclude);
-
- cackey_readers_exclude = NULL;
- }
->>>>>>> trunk
-
cackey_initialized = 0;
CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);
@@ -5206,27 +4565,15 @@
* Process list of readers, and create mapping between reader name and slot ID
*/
CK_DEFINE_FUNCTION(CK_RV, C_GetSlotList)(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK_ULONG_PTR pulCount) {
-<<<<<<< HEAD
- int mutex_retval;
- int pcsc_connect_ret;
- CK_ULONG count, slot_count = 0, currslot;
- char *pcsc_readers, *pcsc_readers_s, *pcsc_readers_e;
- DWORD pcsc_readers_len;
- LONG scard_listreaders_ret;
- size_t curr_reader_len;
-=======
static int first_call = 1;
int mutex_retval;
int pcsc_connect_ret;
CK_ULONG count, slot_count = 0, currslot, slot_idx;
char *pcsc_readers, *pcsc_readers_s, *pcsc_readers_e;
- char *reader_check_pattern;
DWORD pcsc_readers_len;
LONG scard_listreaders_ret;
size_t curr_reader_len;
int slot_reset;
- int include_reader;
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Called.");
@@ -5250,28 +4597,6 @@
}
/* Clear list of slots */
-<<<<<<< HEAD
- if (pSlotList) {
- CACKEY_DEBUG_PRINTF("Purging all slot information.");
-
- /* Only update the list of slots if we are actually being supply the slot information */
- cackey_slots_disconnect_all();
-
- for (currslot = 0; currslot < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); currslot++) {
- if (cackey_slots[currslot].pcsc_reader) {
- free(cackey_slots[currslot].pcsc_reader);
-
- cackey_slots[currslot].pcsc_reader = NULL;
- }
-
- if (cackey_slots[currslot].label) {
- free(cackey_slots[currslot].label);
-
- cackey_slots[currslot].label = NULL;
- }
-
- cackey_slots[currslot].active = 0;
-=======
slot_reset = 0;
if (pSlotList) {
if (first_call) {
@@ -5324,16 +4649,12 @@
}
} else {
->>>>>>> trunk
}
}
/* Determine list of readers */
pcsc_connect_ret = cackey_pcsc_connect();
-<<<<<<< HEAD
-=======
/* XXX: CAN HANG HERE ! */
->>>>>>> trunk
if (pcsc_connect_ret != CACKEY_PCSC_S_OK) {
CACKEY_DEBUG_PRINTF("Connection to PC/SC failed, assuming no slots");
@@ -5364,9 +4685,6 @@
/* Start with Slot ID 1, to avoid a bug in GDM on RHEL */
/* Bug 594911: https://bugzilla.redhat.com/show_bug.cgi?id=594911 */
currslot = 1;
-<<<<<<< HEAD
- while (pcsc_readers < pcsc_readers_e) {
-=======
slot_count = 0;
while (pcsc_readers < pcsc_readers_e) {
/* Find next available slot */
@@ -5376,7 +4694,6 @@
}
}
->>>>>>> trunk
curr_reader_len = strlen(pcsc_readers);
if ((pcsc_readers + curr_reader_len) > pcsc_readers_e) {
@@ -5393,55 +4710,8 @@
break;
}
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTF("Found reader: %s", pcsc_readers);
-
- /* Only update the list of slots if we are actually being asked supply the slot information */
- if (pSlotList) {
- cackey_slots[currslot].active = 1;
- cackey_slots[currslot].pcsc_reader = strdup(pcsc_readers);
- cackey_slots[currslot].pcsc_card_connected = 0;
- cackey_slots[currslot].transaction_depth = 0;
- cackey_slots[currslot].transaction_need_hw_lock = 0;
- cackey_slots[currslot].slot_reset = 1;
- cackey_slots[currslot].token_flags = CKF_LOGIN_REQUIRED;
- cackey_slots[currslot].label = NULL;
-
- cackey_mark_slot_reset(&cackey_slots[currslot]);
-=======
CACKEY_DEBUG_PRINTF("Found reader: %s (currslot = %lu)", pcsc_readers, (unsigned long) currslot);
- if (cackey_readers_include_only != NULL) {
- CACKEY_DEBUG_PRINTF("Asked to include only readers matching: %s", cackey_readers_include_only);
-
- include_reader = 0;
- reader_check_pattern = cackey_readers_include_only;
- } else if (cackey_readers_exclude != NULL) {
- CACKEY_DEBUG_PRINTF("Asked to exclude readers matching: %s", cackey_readers_exclude);
-
- include_reader = 1;
- reader_check_pattern = cackey_readers_exclude;
- } else {
- include_reader = 1;
- reader_check_pattern = NULL;
- }
-
- if (reader_check_pattern != NULL) {
- if (strstr(pcsc_readers, reader_check_pattern) != NULL) {
- CACKEY_DEBUG_PRINTF("This reader matched the pattern.");
-
- include_reader = !include_reader;
- }
- }
-
- if (include_reader != 1) {
- CACKEY_DEBUG_PRINTF("Skipping this reader.");
-
- pcsc_readers += curr_reader_len + 1;
-
- continue;
- }
-
/* Only update the list of slots if we are actually being asked supply the slot information */
if (pSlotList) {
if (slot_reset) {
@@ -5467,28 +4737,18 @@
slot_count++;
}
->>>>>>> trunk
}
currslot++;
pcsc_readers += curr_reader_len + 1;
}
-<<<<<<< HEAD
- /* Start with Slot ID 1, to avoid a bug in GDM on RHEL */
- /* Bug 594911: https://bugzilla.redhat.com/show_bug.cgi?id=594911 */
- if (currslot > 1) {
- /* Start with Slot ID 1, to avoid a bug in GDM on RHEL */
- /* Bug 594911: https://bugzilla.redhat.com/show_bug.cgi?id=594911 */
- slot_count = currslot - 1;
-=======
for (currslot = 0; currslot < (sizeof(cackey_slots) / sizeof(cackey_slots[0])); currslot++) {
if (cackey_slots[currslot].active) {
CACKEY_DEBUG_PRINTF("Found active slot %lu, reader = %s", (unsigned long) currslot, cackey_slots[currslot].pcsc_reader);
slot_count++;
}
->>>>>>> trunk
}
} else {
CACKEY_DEBUG_PRINTF("Second call to SCardListReaders failed, return %s/%li", CACKEY_DEBUG_FUNC_SCARDERR_TO_STR(scard_listreaders_ret), (long) scard_listreaders_ret);
@@ -5519,15 +4779,6 @@
if (count < slot_count) {
CACKEY_DEBUG_PRINTF("Error. User allocated %lu entries, but we have %lu entries.", count, slot_count);
-<<<<<<< HEAD
- return(CKR_BUFFER_TOO_SMALL);
- }
-
- for (currslot = 0; currslot < slot_count; currslot++) {
- /* Start with Slot ID 1, to avoid a bug in GDM on RHEL */
- /* Bug 594911: https://bugzilla.redhat.com/show_bug.cgi?id=594911 */
- pSlotList[currslot] = currslot + 1;
-=======
CACKEY_DEBUG_PRINTF("Returning CKR_BUFFER_TOO_SMALL");
return(CKR_BUFFER_TOO_SMALL);
@@ -5561,7 +4812,6 @@
CACKEY_DEBUG_PRINTF("Error. Unlocking failed.");
return(CKR_GENERAL_ERROR);
->>>>>>> trunk
}
*pulCount = slot_count;
@@ -5613,15 +4863,11 @@
return(CKR_SLOT_ID_INVALID);
}
-<<<<<<< HEAD
- pInfo->flags = CKF_REMOVABLE_DEVICE | CKF_HW_SLOT;
-=======
pInfo->flags = CKF_HW_SLOT;
if (!cackey_slots[slotID].internal) {
pInfo->flags |= CKF_REMOVABLE_DEVICE;
}
->>>>>>> trunk
if (cackey_token_present(&cackey_slots[slotID]) == CACKEY_PCSC_S_TOKENPRESENT) {
pInfo->flags |= CKF_TOKEN_PRESENT;
@@ -5764,13 +5010,10 @@
pInfo->flags = CKF_WRITE_PROTECTED | CKF_USER_PIN_INITIALIZED | CKF_TOKEN_INITIALIZED | cackey_slots[slotID].token_flags;
-<<<<<<< HEAD
-=======
if (cackey_pin_command != NULL) {
pInfo->flags |= CKF_PROTECTED_AUTHENTICATION_PATH;
}
->>>>>>> trunk
pInfo->ulMaxSessionCount = (sizeof(cackey_sessions) / sizeof(cackey_sessions[0])) - 1;
pInfo->ulSessionCount = CK_UNAVAILABLE_INFORMATION;
pInfo->ulMaxRwSessionCount = 0;
@@ -5933,17 +5176,12 @@
return(CKR_TOKEN_WRITE_PROTECTED);
}
-<<<<<<< HEAD
-/* We don't support this method. */
-CK_DEFINE_FUNCTION(CK_RV, C_SetPIN)(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldPinLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewPinLen) {
-=======
CK_DEFINE_FUNCTION(CK_RV, C_SetPIN)(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin, CK_ULONG ulOldPinLen, CK_UTF8CHAR_PTR pNewPin, CK_ULONG ulNewPinLen) {
char oldpinbuf[64], newpinbuf[64];
cackey_ret set_pin_ret, get_pin_ret;
CK_SLOT_ID slotID;
int mutex_retval;
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Called.");
if (!cackey_initialized) {
@@ -5952,11 +5190,6 @@
return(CKR_CRYPTOKI_NOT_INITIALIZED);
}
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED);
-
- return(CKR_FUNCTION_NOT_SUPPORTED);
-=======
mutex_retval = cackey_mutex_lock(cackey_biglock);
if (mutex_retval != 0) {
CACKEY_DEBUG_PRINTF("Error. Locking failed.");
@@ -6091,7 +5324,6 @@
}
return(CKR_GENERAL_ERROR);
->>>>>>> trunk
}
CK_DEFINE_FUNCTION(CK_RV, C_OpenSession)(CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApplication, CK_NOTIFY notify, CK_SESSION_HANDLE_PTR phSession) {
@@ -6377,15 +5609,10 @@
return(CKR_FUNCTION_NOT_SUPPORTED);
}
-<<<<<<< HEAD
-CK_DEFINE_FUNCTION(CK_RV, C_Login)(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen) {
- CK_SLOT_ID slotID;
-=======
CK_DEFINE_FUNCTION(CK_RV, _C_LoginMutexArg)(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen, int lock_mutex) {
CK_SLOT_ID slotID;
cackey_ret get_pin_ret;
char pinbuf[64];
->>>>>>> trunk
int mutex_retval;
int tries_remaining;
int login_ret;
@@ -6410,17 +5637,6 @@
return(CKR_USER_TYPE_INVALID);
}
-<<<<<<< HEAD
- mutex_retval = cackey_mutex_lock(cackey_biglock);
- if (mutex_retval != 0) {
- CACKEY_DEBUG_PRINTF("Error. Locking failed.");
-
- return(CKR_GENERAL_ERROR);
- }
-
- if (!cackey_sessions[hSession].active) {
- cackey_mutex_unlock(cackey_biglock);
-=======
if (lock_mutex) {
mutex_retval = cackey_mutex_lock(cackey_biglock);
if (mutex_retval != 0) {
@@ -6434,7 +5650,6 @@
if (lock_mutex) {
cackey_mutex_unlock(cackey_biglock);
}
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Error. Session not active.");
@@ -6446,35 +5661,23 @@
if (slotID < 0 || slotID >= (sizeof(cackey_slots) / sizeof(cackey_slots[0]))) {
CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), outside of valid range", slotID);
-<<<<<<< HEAD
-=======
if (lock_mutex) {
cackey_mutex_unlock(cackey_biglock);
}
->>>>>>> trunk
return(CKR_GENERAL_ERROR);
}
if (cackey_slots[slotID].active == 0) {
CACKEY_DEBUG_PRINTF("Error. Invalid slot requested (%lu), slot not currently active", slotID);
-<<<<<<< HEAD
- cackey_mutex_unlock(cackey_biglock);
-=======
if (lock_mutex) {
cackey_mutex_unlock(cackey_biglock);
}
->>>>>>> trunk
return(CKR_GENERAL_ERROR);
}
-<<<<<<< HEAD
- login_ret = cackey_login(&cackey_slots[slotID], pPin, ulPinLen, &tries_remaining);
- if (login_ret != CACKEY_PCSC_S_OK) {
- cackey_mutex_unlock(cackey_biglock);
-=======
if (cackey_pin_command != NULL) {
if (pPin != NULL) {
CACKEY_DEBUG_PRINTF("Protected authentication path in effect and PIN provided !?");
@@ -6501,18 +5704,14 @@
if (lock_mutex) {
cackey_mutex_unlock(cackey_biglock);
}
->>>>>>> trunk
if (login_ret == CACKEY_PCSC_E_LOCKED) {
CACKEY_DEBUG_PRINTF("Error. Token is locked.");
cackey_slots[slotID].token_flags |= CKF_USER_PIN_LOCKED;
-<<<<<<< HEAD
-=======
CACKEY_DEBUG_PRINTF("Returning CKR_PIN_LOCKED (%i)", (int) CKR_PIN_LOCKED);
->>>>>>> trunk
return(CKR_PIN_LOCKED);
} else if (login_ret == CACKEY_PCSC_E_BADPIN) {
CACKEY_DEBUG_PRINTF("Error. Invalid PIN.");
@@ -6523,11 +5722,8 @@
cackey_slots[slotID].token_flags |= CKF_USER_PIN_FINAL_TRY;
}
-<<<<<<< HEAD
-=======
CACKEY_DEBUG_PRINTF("Returning CKR_PIN_INCORRECT (%i)", (int) CKR_PIN_INCORRECT);
->>>>>>> trunk
return(CKR_PIN_INCORRECT);
}
@@ -6540,13 +5736,6 @@
cackey_sessions[hSession].state = CKS_RO_USER_FUNCTIONS;
-<<<<<<< HEAD
- mutex_retval = cackey_mutex_unlock(cackey_biglock);
- if (mutex_retval != 0) {
- CACKEY_DEBUG_PRINTF("Error. Unlocking failed.");
-
- return(CKR_GENERAL_ERROR);
-=======
if (lock_mutex) {
mutex_retval = cackey_mutex_unlock(cackey_biglock);
if (mutex_retval != 0) {
@@ -6554,7 +5743,6 @@
return(CKR_GENERAL_ERROR);
}
->>>>>>> trunk
}
CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);
@@ -6562,13 +5750,10 @@
return(CKR_OK);
}
-<<<<<<< HEAD
-=======
CK_DEFINE_FUNCTION(CK_RV, C_Login)(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF8CHAR_PTR pPin, CK_ULONG ulPinLen) {
return(_C_LoginMutexArg(hSession, userType, pPin, ulPinLen, 1));
}
->>>>>>> trunk
CK_DEFINE_FUNCTION(CK_RV, C_Logout)(CK_SESSION_HANDLE hSession) {
CK_SLOT_ID slotID;
int mutex_retval;
@@ -6619,16 +5804,12 @@
}
cackey_sessions[hSession].state = CKS_RO_PUBLIC_SESSION;
-<<<<<<< HEAD
- cackey_slots[slotID].token_flags = CKF_LOGIN_REQUIRED;
-=======
if (cackey_pin_command == NULL) {
cackey_slots[slotID].token_flags = CKF_LOGIN_REQUIRED;
} else {
cackey_slots[slotID].token_flags = 0;
}
->>>>>>> trunk
mutex_retval = cackey_mutex_unlock(cackey_biglock);
if (mutex_retval != 0) {
@@ -7041,13 +6222,10 @@
CK_ULONG curr_id_idx, curr_out_id_idx, curr_attr_idx, sess_attr_idx;
CK_ULONG matched_count, prev_matched_count;
int mutex_retval;
-<<<<<<< HEAD
-=======
#ifdef CACKEY_DEBUG_SEARCH_SPEEDTEST
struct timeval start, end;
uint64_t start_int, end_int;
#endif
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Called.");
@@ -7113,13 +6291,10 @@
return(CKR_OPERATION_NOT_INITIALIZED);
}
-<<<<<<< HEAD
-=======
#ifdef CACKEY_DEBUG_SEARCH_SPEEDTEST
gettimeofday(&start, NULL);
#endif
->>>>>>> trunk
curr_out_id_idx = 0;
for (curr_id_idx = cackey_sessions[hSession].search_curr_id; curr_id_idx < cackey_sessions[hSession].identities_count && ulMaxObjectCount; curr_id_idx++) {
curr_id = &cackey_sessions[hSession].identities[curr_id_idx];
@@ -7165,8 +6340,6 @@
cackey_sessions[hSession].search_curr_id = curr_id_idx;
*pulObjectCount = curr_out_id_idx;
-<<<<<<< HEAD
-=======
#ifdef CACKEY_DEBUG_SEARCH_SPEEDTEST
gettimeofday(&end, NULL);
start_int = (start.tv_sec * 1000000) + start.tv_usec;
@@ -7174,7 +6347,6 @@
fprintf(stderr, "Search took %lu microseconds\n", (unsigned long) (end_int - start_int));
#endif
->>>>>>> trunk
mutex_retval = cackey_mutex_unlock(cackey_biglock);
if (mutex_retval != 0) {
CACKEY_DEBUG_PRINTF("Error. Unlocking failed.");
@@ -7562,15 +6734,12 @@
/* Ask card to decrypt */
buflen = cackey_signdecrypt(&cackey_slots[slotID], cackey_sessions[hSession].decrypt_identity, pEncryptedPart, ulEncryptedPartLen, buf, sizeof(buf), 0, 1);
-<<<<<<< HEAD
-=======
if (buflen == CACKEY_PCSC_E_NEEDLOGIN && cackey_pin_command != NULL) {
if (_C_LoginMutexArg(hSession, CKU_USER, NULL, 0, 0) == CKR_OK) {
buflen = cackey_signdecrypt(&cackey_slots[slotID], cackey_sessions[hSession].decrypt_identity, pEncryptedPart, ulEncryptedPartLen, buf, sizeof(buf), 0, 1);
}
}
->>>>>>> trunk
if (buflen < 0) {
/* Decryption failed. */
if (buflen == CACKEY_PCSC_E_NEEDLOGIN) {
@@ -7578,11 +6747,8 @@
} else if (buflen == CACKEY_PCSC_E_TOKENABSENT) {
retval = CKR_DEVICE_REMOVED;
} else {
-<<<<<<< HEAD
-=======
CACKEY_DEBUG_PRINTF("Failed to send APDU, error = %li", (long int) buflen);
->>>>>>> trunk
retval = CKR_GENERAL_ERROR;
}
} else if (((unsigned long) buflen) > *pulPartLen && pPart) {
@@ -7822,11 +6988,7 @@
cackey_sessions[hSession].sign_bufused = 0;
cackey_sessions[hSession].sign_buf = malloc(sizeof(*cackey_sessions[hSession].sign_buf) * cackey_sessions[hSession].sign_buflen);
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTF("Session %lu sign_identity is %p (identity #%lu)", (unsigned long) hSession, &cackey_sessions[hSession].identities[hKey], (unsigned long) hKey);
-=======
CACKEY_DEBUG_PRINTF("Session %lu sign_identity is %p (identity #%lu)", (unsigned long) hSession, (void *) &cackey_sessions[hSession].identities[hKey], (unsigned long) hKey);
->>>>>>> trunk
cackey_sessions[hSession].sign_identity = &cackey_sessions[hSession].identities[hKey];
mutex_retval = cackey_mutex_unlock(cackey_biglock);
@@ -7933,11 +7095,6 @@
CK_DEFINE_FUNCTION(CK_RV, C_SignUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) {
int mutex_retval;
-<<<<<<< HEAD
-=======
- int resizeRetry;
- int needResize;
->>>>>>> trunk
CACKEY_DEBUG_PRINTF("Called.");
@@ -7998,47 +7155,12 @@
switch (cackey_sessions[hSession].sign_mechanism) {
case CKM_RSA_PKCS:
/* Accumulate directly */
-<<<<<<< HEAD
if ((cackey_sessions[hSession].sign_bufused + ulPartLen) > cackey_sessions[hSession].sign_buflen) {
-=======
- for (resizeRetry = 0; resizeRetry < 11; resizeRetry++) {
- needResize = 0;
- if ((cackey_sessions[hSession].sign_bufused + ulPartLen) > cackey_sessions[hSession].sign_buflen) {
- needResize = 1;
- }
-
- if (!needResize) {
- break;
- }
-
- CACKEY_DEBUG_PRINTF("Resizing signing buffer (try #%i of 10 -- 11th is fatal)", resizeRetry);
-
- if (resizeRetry == 10) {
- free(cackey_sessions[hSession].sign_buf);
-
- cackey_sessions[hSession].sign_buflen = 0;
- cackey_sessions[hSession].sign_buf = NULL;
-
- break;
- }
-
->>>>>>> trunk
cackey_sessions[hSession].sign_buflen *= 2;
cackey_sessions[hSession].sign_buf = realloc(cackey_sessions[hSession].sign_buf, sizeof(*cackey_sessions[hSession].sign_buf) * cackey_sessions[hSession].sign_buflen);
}
-<<<<<<< HEAD
-=======
- if (cackey_sessions[hSession].sign_buf == NULL) {
- cackey_mutex_unlock(cackey_biglock);
-
- CACKEY_DEBUG_PRINTF("Error. Signing buffer is NULL.");
-
- return(CKR_GENERAL_ERROR);
- }
-
->>>>>>> trunk
memcpy(cackey_sessions[hSession].sign_buf + cackey_sessions[hSession].sign_bufused, pPart, ulPartLen);
cackey_sessions[hSession].sign_bufused += ulPartLen;
@@ -8128,11 +7250,6 @@
switch (cackey_sessions[hSession].sign_mechanism) {
case CKM_RSA_PKCS:
/* Ask card to sign */
-<<<<<<< HEAD
- CACKEY_DEBUG_PRINTF("Asking to sign from identity %p in session %lu", cackey_sessions[hSession].sign_identity, (unsigned long) hSession);
- sigbuflen = cackey_signdecrypt(&cackey_slots[slotID], cackey_sessions[hSession].sign_identity, cackey_sessions[hSession].sign_buf, cackey_sessions[hSession].sign_bufused, sigbuf, sizeof(sigbuf), 1, 0);
-
-=======
CACKEY_DEBUG_PRINTF("Asking to sign from identity %p in session %lu", (void *) cackey_sessions[hSession].sign_identity, (unsigned long) hSession);
sigbuflen = cackey_signdecrypt(&cackey_slots[slotID], cackey_sessions[hSession].sign_identity, cackey_sessions[hSession].sign_buf, cackey_sessions[hSession].sign_bufused, sigbuf, sizeof(sigbuf), 1, 0);
@@ -8142,7 +7259,6 @@
}
}
->>>>>>> trunk
if (sigbuflen < 0) {
/* Signing failed. */
if (sigbuflen == CACKEY_PCSC_E_NEEDLOGIN) {
@@ -8485,10 +7601,6 @@
}
CK_DEFINE_FUNCTION(CK_RV, C_GetFunctionList)(CK_FUNCTION_LIST_PTR_PTR ppFunctionList) {
-<<<<<<< HEAD
-=======
- static CK_FUNCTION_LIST_PTR spFunctionList = NULL;
->>>>>>> trunk
CK_FUNCTION_LIST_PTR pFunctionList;
CACKEY_DEBUG_PRINTF("Called.");
@@ -8499,17 +7611,6 @@
return(CKR_ARGUMENTS_BAD);
}
-<<<<<<< HEAD
-=======
- if (spFunctionList != NULL) {
- *ppFunctionList = spFunctionList;
-
- CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);
-
- return(CKR_OK);
- }
-
->>>>>>> trunk
pFunctionList = malloc(sizeof(*pFunctionList));
pFunctionList->version.major = ((CACKEY_CRYPTOKI_VERSION_CODE) >> 16) & 0xff;
@@ -8584,17 +7685,10 @@
pFunctionList->C_CancelFunction = C_CancelFunction;
pFunctionList->C_GetFunctionList = C_GetFunctionList;
-<<<<<<< HEAD
-=======
- spFunctionList = pFunctionList;
->>>>>>> trunk
*ppFunctionList = pFunctionList;
CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);
return(CKR_OK);
}
-<<<<<<< HEAD
-=======
->>>>>>> trunk