本文整理汇总了C++中CK_FUNCTION_LIST_PTR::C_OpenSession方法的典型用法代码示例。如果您正苦于以下问题:C++ CK_FUNCTION_LIST_PTR::C_OpenSession方法的具体用法?C++ CK_FUNCTION_LIST_PTR::C_OpenSession怎么用?C++ CK_FUNCTION_LIST_PTR::C_OpenSession使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类CK_FUNCTION_LIST_PTR的用法示例。
在下文中一共展示了CK_FUNCTION_LIST_PTR::C_OpenSession方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: EstEID_sighHashWindows
int EstEID_sighHashWindows(char **signature, unsigned int *signatureLength, CK_SLOT_ID slotID, EstEID_Map cert, const char *hash, unsigned int hashLength, EstEID_PINPromptData pinPromptData) {
CK_SESSION_HANDLE session = 0L;
char message[1024];
int remainingTries = 0;
CK_RV loginResult = CKR_FUNCTION_CANCELED;
LOG_LOCATION;
if (EstEID_CK_failure("C_OpenSession", fl->C_OpenSession(slotID, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &session))) return FAILURE;
remainingTries = EstEID_getRemainingTries(slotID);
EstEID_log("EstEID_getRemainingTries(slotID) = %i", remainingTries);
if (remainingTries == -1)
CLOSE_SESSION_AND_RETURN(FAILURE);
if (!remainingTries) {
sprintf_s(EstEID_error, ESTEID_ERROR_SIZE, "C_Login error: %s (%li)", pkcs11_error_message(CKR_PIN_LOCKED), CKR_PIN_LOCKED);
CLOSE_SESSION_AND_RETURN(FAILURE);
}
if (remainingTries < 3) {
sprintf_s(message, 1024, "%s %i", l10n("Tries left:"), remainingTries);
}
else {
message[0] = 0;
}
loginResult = fl->C_Login(session, CKU_USER, (unsigned char *)pinPromptData.pin2, strlen(pinPromptData.pin2));
if(loginResult != CKR_OK) {
EstEID_log("loginResult = %s", pkcs11_error_message(loginResult));
sprintf_s(EstEID_error, 1024, "C_Login error: %s (%li)", pkcs11_error_message(loginResult), loginResult);
CLOSE_SESSION_AND_RETURN(loginResult);
}
return EstEID_RealSign(session, signature, signatureLength, hash, hashLength, NULL);
}示例2: if
CK_RV pkcs11_login_session(CK_FUNCTION_LIST_PTR funcs, FILE *out, CK_SLOT_ID slot,
CK_SESSION_HANDLE_PTR session, CK_BBOOL readwrite,
CK_USER_TYPE user, CK_UTF8CHAR_PTR pin, CK_ULONG pinLen)
{
CK_SESSION_HANDLE h_session;
CK_FLAGS flags = CKF_SERIAL_SESSION | (readwrite ? CKF_RW_SESSION : 0);
CK_RV rc;
rc = funcs->C_OpenSession(slot, flags, NULL, NULL, &h_session);
if (rc != CKR_OK) {
if(out) {
show_error(stdout, "C_OpenSession", rc);
}
return rc;
}
if(pin) {
rc = funcs->C_Login(h_session, user, pin, pinLen);
if (rc != CKR_OK) {
if(out) {
show_error(out, "C_Login", rc);
}
goto end;
}
} else if(readwrite || pinLen > 0) {
CK_TOKEN_INFO info;
rc = funcs->C_GetTokenInfo(slot, &info);
if (rc != CKR_OK) {
if(out) {
show_error(out, "C_GetTokenInfo", rc);
}
goto end;
}
if(info.flags & CKF_PROTECTED_AUTHENTICATION_PATH) {
rc = funcs->C_Login(h_session, user, NULL, 0);
if (rc != CKR_OK) {
if(out) {
show_error(out, "C_Login", rc);
}
goto end;
}
}
}
end:
if (rc != CKR_OK) {
/* We want to keep the original error code */
CK_RV r = funcs->C_CloseSession(h_session);
if ((r != CKR_OK) && out) {
show_error(out, "C_CloseSession", r);
}
} else if(session) {
*session = h_session;
}
return rc;
}示例3: test_session
static void test_session() {
CK_SESSION_HANDLE session;
CK_SESSION_INFO info;
asrt(funcs->C_Initialize(NULL), CKR_OK, "INITIALIZE");
asrt(funcs->C_OpenSession(0, CKF_SERIAL_SESSION, NULL, NULL, &session), CKR_OK, "OpenSession1");
asrt(funcs->C_CloseSession(session), CKR_OK, "CloseSession");
asrt(funcs->C_OpenSession(0, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session), CKR_OK, "OpenSession2");
asrt(funcs->C_GetSessionInfo(session, &info), CKR_OK, "GetSessionInfo");
asrt(info.state, CKS_RW_PUBLIC_SESSION, "CHECK STATE");
asrt(info.flags, CKF_SERIAL_SESSION | CKF_RW_SESSION, "CHECK FLAGS");
asrt(info.ulDeviceError, 0, "CHECK DEVICE ERROR");
asrt(funcs->C_CloseSession(session), CKR_OK, "CloseSession");
asrt(funcs->C_OpenSession(0, CKF_SERIAL_SESSION, NULL, NULL, &session), CKR_OK, "OpenSession3");
asrt(funcs->C_CloseAllSessions(0), CKR_OK, "CloseAllSessions");
asrt(funcs->C_Finalize(NULL), CKR_OK, "FINALIZE");
}示例4: openP11
// Connect and login to the token
int openP11(CK_SLOT_ID slotID, char* userPIN, CK_SESSION_HANDLE* hSession)
{
char user_pin_copy[MAX_PIN_LEN+1];
CK_RV rv;
rv = p11->C_OpenSession(slotID, CKF_SERIAL_SESSION | CKF_RW_SESSION,
NULL_PTR, NULL_PTR, hSession);
if (rv != CKR_OK)
{
if (rv == CKR_SLOT_ID_INVALID)
{
fprintf(stderr, "ERROR: The given slot does not exist.\n");
}
else
{
fprintf(stderr, "ERROR: Could not open a session on the given slot.\n");
}
return 1;
}
// Get the password
if (getPW(userPIN, user_pin_copy, CKU_USER) != 0)
{
fprintf(stderr, "ERROR: Could not get user PIN\n");
return 1;
}
rv = p11->C_Login(*hSession, CKU_USER, (CK_UTF8CHAR_PTR)user_pin_copy, strlen(user_pin_copy));
if (rv != CKR_OK)
{
if (rv == CKR_PIN_INCORRECT) {
fprintf(stderr, "ERROR: The given user PIN does not match the one in the token.\n");
}
else
{
fprintf(stderr, "ERROR: Could not log in on the token.\n");
}
return 1;
}
return 0;
}示例5: test_login
static void test_login() {
CK_SESSION_HANDLE session;
CK_SESSION_INFO info;
asrt(funcs->C_Initialize(NULL), CKR_OK, "INITIALIZE");
asrt(funcs->C_OpenSession(0, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session), CKR_OK, "OpenSession1");
asrt(funcs->C_Login(session, CKU_USER, "123456", 6), CKR_OK, "Login USER");
asrt(funcs->C_Logout(session), CKR_OK, "Logout USER");
asrt(funcs->C_Login(session, CKU_SO, "010203040506070801020304050607080102030405060708", 48), CKR_OK, "Login SO");
asrt(funcs->C_Logout(session), CKR_OK, "Logout SO");
asrt(funcs->C_CloseSession(session), CKR_OK, "CloseSession");
asrt(funcs->C_Finalize(NULL), CKR_OK, "FINALIZE");
}示例6:
static CK_RV
hacky_perform_initialize_pin (GP11Slot *slot)
{
CK_FUNCTION_LIST_PTR funcs;
CK_SESSION_HANDLE session;
CK_SLOT_ID slot_id;
CK_RV rv;
/*
* This hack only works when:
*
* - Module is protected authentication path
* - No other sessions are open.
*
* Thankfully this is the case with mate-keyring-daemon and
* the mate-keyring tool.
*/
funcs = gp11_module_get_functions (gp11_slot_get_module (slot));
g_return_val_if_fail (funcs, CKR_GENERAL_ERROR);
slot_id = gp11_slot_get_handle (slot);
rv = funcs->C_OpenSession (slot_id, CKF_RW_SESSION | CKF_SERIAL_SESSION, NULL, NULL, &session);
if (rv != CKR_OK)
return rv;
rv = funcs->C_Login (session, CKU_SO, NULL, 0);
if (rv == CKR_OK) {
rv = funcs->C_InitPIN (session, NULL, 0);
funcs->C_Logout (session);
}
funcs->C_CloseSession (session);
return rv;
}示例7: EstEID_signHash
int EstEID_signHash(char **signature, unsigned int *signatureLength, CK_SLOT_ID slotID, EstEID_Map cert, const char *hash, unsigned int hashLength, EstEID_PINPromptData pinPromptData) {
CK_SESSION_HANDLE session = 0L;
LOG_LOCATION;
if (EstEID_CK_failure("C_OpenSession", fl->C_OpenSession(slotID, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &session))) return FAILURE;
char *name = EstEID_getFullNameWithPersonalCode(cert);
for (int attempt = 0, blocked = FALSE;; attempt++) {
char message[1024];
int remainingTries = EstEID_getRemainingTries(slotID);
if (remainingTries == -1)
CLOSE_SESSION_AND_RETURN(FAILURE);
if (!remainingTries || blocked) {
sprintf(EstEID_error, "C_Login error: %s (%li)", pkcs11_error_message(CKR_PIN_LOCKED), CKR_PIN_LOCKED);
pinPromptData.alertFunction(pinPromptData.nativeWindowHandle, l10n("PIN2 blocked, can not sign!"));
CLOSE_SESSION_AND_RETURN(FAILURE);
}
if (remainingTries < 3 || attempt) {
sprintf(message, "%s%s %i", (attempt ? l10n("Incorrect PIN2! ") : ""), l10n("Tries left:"), remainingTries);
}
else {
message[0] = 0;
}
int isPinPad = EstEID_isPinPad(slotID);
CK_RV loginResult = CKR_FUNCTION_CANCELED;
if(!isPinPad) {
// Simple card reader
char *pin = pinPromptData.promptFunction(pinPromptData.nativeWindowHandle, name, message, (unsigned)atoi(EstEID_mapGet(cert, "minPinLen")), isPinPad);
if (!pin || strlen(pin) == 0) {
if (pin) free(pin);
setUserCancelErrorCodeAndMessage();
CLOSE_SESSION_AND_RETURN(FAILURE);
}
loginResult = fl->C_Login(session, CKU_USER, (unsigned char *)pin, strlen(pin));
free(pin);
}
else {
// PIN pad
#ifdef _WIN32
EstEID_log("creating pinpad dialog UI thread");
pinpad_thread_result = -1;
FAIL_IF_THREAD_ERROR("CreateMutex", (pinpad_thread_mutex = CreateMutex(NULL, FALSE, NULL)));
#else
EstEID_log("creating pinpad worker thread");
pinpad_thread_result = -1;
FAIL_IF_PTHREAD_ERROR("pthread_mutex_init", pthread_mutex_init(&pinpad_thread_mutex, NULL));
FAIL_IF_PTHREAD_ERROR("pthread_cond_init", pthread_cond_init(&pinpad_thread_condition, NULL));
pthread_t pinpad_thread;
EstEID_PINPadThreadData threadData;
threadData.session = session;
threadData.result = CKR_OK;
#endif
EstEID_log("thread launched");
#ifdef _WIN32
/*
NB! Due to Firefox for Windows specific behaviour C_Login() is launched from main thread
and UI code is running in separate thread if running on Windows.
*/
EstEID_PINPromptDataEx pinPromptDataEx;
pinPromptDataEx.pinPromptData = pinPromptData;
pinPromptDataEx.message = message;
pinPromptDataEx.name = name;
CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&EstEID_pinPadLogin, (LPVOID)&pinPromptDataEx, 0, NULL);
loginResult = fl->C_Login(session, CKU_USER, NULL, 0);
closePinPadModalSheet();
#else
FAIL_IF_PTHREAD_ERROR("pthread_create", pthread_create(&pinpad_thread, NULL, EstEID_pinPadLogin, (void*)&threadData));
pinPromptData.promptFunction(pinPromptData.nativeWindowHandle, name, message, 0, isPinPad);
loginResult = threadData.result;
#endif
EstEID_log("pinpad sheet/dialog closed");
if (loginResult == CKR_FUNCTION_CANCELED) {
setUserCancelErrorCodeAndMessage();
CLOSE_SESSION_AND_RETURN(FAILURE);
}
}
EstEID_log("loginResult = %s", pkcs11_error_message(loginResult));
switch (loginResult) {
case CKR_PIN_LOCKED:
blocked = TRUE;
case CKR_PIN_INCORRECT:
case CKR_PIN_INVALID:
case CKR_PIN_LEN_RANGE:
EstEID_log("this was attempt %i, loginResult causes to run next round", attempt);
continue;
default:
if (EstEID_CK_failure("C_Login", loginResult)) CLOSE_SESSION_AND_RETURN(FAILURE);
}
break; // Login successful - correct PIN supplied
}
return EstEID_RealSign(session, signature, signatureLength, hash, hashLength, name);
}示例8: usage
//.........这里部分代码省略.........
PR_fprintf(PR_STDOUT, " ulMaxKeySize = %lu\n", minfo.ulMaxKeySize);
PR_fprintf(PR_STDOUT, " flags = 0x%08x\n", minfo.flags);
PR_fprintf(PR_STDOUT, " -> HW = %s\n", minfo.flags & CKF_HW ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> ENCRYPT = %s\n", minfo.flags & CKF_ENCRYPT ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> DECRYPT = %s\n", minfo.flags & CKF_DECRYPT ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> DIGEST = %s\n", minfo.flags & CKF_DIGEST ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> SIGN = %s\n", minfo.flags & CKF_SIGN ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> SIGN_RECOVER = %s\n", minfo.flags & CKF_SIGN_RECOVER ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> VERIFY = %s\n", minfo.flags & CKF_VERIFY ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> VERIFY_RECOVER = %s\n", minfo.flags & CKF_VERIFY_RECOVER ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> GENERATE = %s\n", minfo.flags & CKF_GENERATE ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> GENERATE_KEY_PAIR = %s\n", minfo.flags & CKF_GENERATE_KEY_PAIR ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> WRAP = %s\n", minfo.flags & CKF_WRAP ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> UNWRAP = %s\n", minfo.flags & CKF_UNWRAP ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> DERIVE = %s\n", minfo.flags & CKF_DERIVE ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> EXTENSION = %s\n", minfo.flags & CKF_EXTENSION ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, "\n");
}
if( tinfo.flags & CKF_LOGIN_REQUIRED ) {
PR_fprintf(PR_STDERR, "*** LOGIN REQUIRED but not yet implemented ***\n");
/* all the stuff about logging in as SO and setting the user pin if needed, etc. */
return 2;
}
/* session to find objects */
{
CK_SESSION_HANDLE h = (CK_SESSION_HANDLE)0;
CK_SESSION_INFO sinfo;
CK_ATTRIBUTE_PTR pTemplate;
CK_ULONG tnObjects = 0;
ck_rv = epv->C_OpenSession(pSlots[i], CKF_SERIAL_SESSION, (CK_VOID_PTR)CK_NULL_PTR, (CK_NOTIFY)CK_NULL_PTR, &h);
if( CKR_OK != ck_rv ) {
PR_fprintf(PR_STDERR, "C_OpenSession(%lu, CKF_SERIAL_SESSION, , ) returned 0x%08x\n", pSlots[i], ck_rv);
return 1;
}
PR_fprintf(PR_STDOUT, " Opened a session: handle = 0x%08x\n", h);
(void)memset(&sinfo, 0, sizeof(CK_SESSION_INFO));
ck_rv = epv->C_GetSessionInfo(h, &sinfo);
if( CKR_OK != ck_rv ) {
PR_fprintf(PR_STDOUT, "C_GetSessionInfo(%lu, ) returned 0x%08x\n", h, ck_rv);
return 1;
}
PR_fprintf(PR_STDOUT, " SESSION INFO:\n");
PR_fprintf(PR_STDOUT, " slotID = %lu\n", sinfo.slotID);
PR_fprintf(PR_STDOUT, " state = %lu\n", sinfo.state);
PR_fprintf(PR_STDOUT, " flags = 0x%08x\n", sinfo.flags);
#ifdef CKF_EXCLUSIVE_SESSION
PR_fprintf(PR_STDOUT, " -> EXCLUSIVE SESSION = %s\n", sinfo.flags & CKF_EXCLUSIVE_SESSION ? "TRUE" : "FALSE");
#endif /* CKF_EXCLUSIVE_SESSION */
PR_fprintf(PR_STDOUT, " -> RW SESSION = %s\n", sinfo.flags & CKF_RW_SESSION ? "TRUE" : "FALSE");
PR_fprintf(PR_STDOUT, " -> SERIAL SESSION = %s\n", sinfo.flags & CKF_SERIAL_SESSION ? "TRUE" : "FALSE");
#ifdef CKF_INSERTION_CALLBACK
PR_fprintf(PR_STDOUT, " -> INSERTION CALLBACK = %s\n", sinfo.flags & CKF_INSERTION_CALLBACK ? "TRUE" : "FALSE");
#endif /* CKF_INSERTION_CALLBACK */
PR_fprintf(PR_STDOUT, " ulDeviceError = %lu\n", sinfo.ulDeviceError);
PR_fprintf(PR_STDOUT, "\n");
ck_rv = epv->C_FindObjectsInit(h, (CK_ATTRIBUTE_PTR)CK_NULL_PTR, 0);
if( CKR_OK != ck_rv ) {
PR_fprintf(PR_STDOUT, "C_FindObjectsInit(%lu, NULL_PTR, 0) returned 0x%08x\n", h, ck_rv);示例9: DataMarshalling
void
processRequest(int client)
{
DataMarshalling *d = NULL;
while (1) {
d = new DataMarshalling(client);
d->recvData();
if (!strcmp(d->getMsgType(), "C_Initialize")) {
int p = 0;
printf("Processing: C_Initialize\n");
p = d->unpackInt();
if (p == 0)
pFunctionList->C_Initialize(NULL);
else {
printf("ERROR: C_Initialize shouldn't be called with not NULL\n");
}
} else if (!strcmp(d->getMsgType(), "C_Finalize")) {
int p = 0;
CK_RV ret = 0;
printf("Processing: C_Finalize\n");
p = d->unpackInt();
if (p == NULL) {
ret = pFunctionList->C_Finalize(NULL);
} else {
printf("ERROR: C_Finalize shouldn't be called with not NULL\n");
ret = CKR_CANCEL;
}
{
CK_ULONG count = 0;
DataMarshalling *d2 = new DataMarshalling(client);
d2->setMsgType(d->getMsgType());
d2->packInt((char *)&ret);
d2->sendData();
delete d2;
}
break;
} else if (!strcmp(d->getMsgType(), "C_GetSlotList")) {
int p = 0;
printf("Processing: C_GetSlotList\n");
p = d->unpackInt();
if (p == 0) {
CK_ULONG count = 0;
CK_RV ret = 0;
DataMarshalling *d2 = new DataMarshalling(client);
/*
* Retrieving Slots size
*/
ret = pFunctionList->C_GetSlotList(TRUE, NULL, &count);
d2->setMsgType(d->getMsgType());
d2->packInt((char *)&ret);
d2->packInt((char *)&count);
d2->sendData();
delete d2;
} else {
CK_ULONG count = 0;
CK_SLOT_ID_PTR slot = NULL;
CK_RV ret = 0;
DataMarshalling *d2 = new DataMarshalling(client);
/*
* Retrieving Slots size
*/
pFunctionList->C_GetSlotList(TRUE, NULL, &count);
slot = new(CK_SLOT_ID[count]);
ret = pFunctionList->C_GetSlotList(TRUE, slot, &count);
d2->setMsgType(d->getMsgType());
d2->packInt((char *)&ret);
d2->packInt((char *)&count);
for (int i = 0; i < count; i ++)
d2->packInt((char *)&slot[i]);
d2->sendData();
delete d2;
}
} else if (!strcmp(d->getMsgType(), "C_OpenSession")) {
unsigned int slotId = 0, flags = 0;
CK_SESSION_HANDLE sessionId = 0;
printf("Processing: C_OpenSession\n");
slotId = d->unpackInt();
flags = d->unpackInt();
{
CK_RV ret = 0;
DataMarshalling *d2 = new DataMarshalling(client);
/*
* Opening session
*/
ret = pFunctionList->C_OpenSession(slotId, flags, NULL, NULL, &sessionId);
d2->setMsgType(d->getMsgType());
d2->packInt((char *)&ret);
d2->packInt((char *)&sessionId);
d2->sendData();
delete d2;
}
} else if (!strcmp(d->getMsgType(), "C_CloseSession")) {
CK_SESSION_HANDLE sessionId = 0;
printf("Processing: C_CloseSession\n");
sessionId = d->unpackInt();
{
//.........这里部分代码省略.........
示例10: EstEID_signHash
int EstEID_signHash(char **signature, unsigned int *signatureLength, CK_SLOT_ID slotID, EstEID_Map cert, const char *hash, unsigned int hashLength, EstEID_PINPromptData pinPromptData) {
CK_SESSION_HANDLE session = 0L;
if (EstEID_CK_failure("C_OpenSession", fl->C_OpenSession(slotID, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &session))) return FAILURE;
const char *givenName = EstEID_mapGet(cert, "givenName");
if (!givenName) givenName = "";
const char *surname = EstEID_mapGet(cert, "surname");
if (!surname) surname = "";
const char *personalID = EstEID_mapGet(cert, "serialNumber");
if (!personalID) personalID = "";
char *name = (char *)malloc(strlen(givenName) + strlen(surname) + strlen(personalID) + 4);
sprintf(name, "%s %s", givenName, surname);
if(strlen(personalID)) {
strcat(name, ", ");
strcat(name, personalID);
}
for (int attempt = 0, blocked = FALSE;; attempt++) {
char message[1024];
int remainingTries = EstEID_getRemainingTries(slotID);
if (remainingTries == -1)
CLOSE_SESSION_AND_FAIL;
if (!remainingTries || blocked) {
sprintf(EstEID_error, "C_Login error: %s (%li)", pkcs11_error_message(CKR_PIN_LOCKED), CKR_PIN_LOCKED);
pinPromptData.alertFunction(pinPromptData.nativeWindowHandle, l10n("PIN2 blocked, cannot sign!"));
CLOSE_SESSION_AND_FAIL;
}
if (remainingTries < 3 || attempt) {
sprintf(message, "%s%s %i", (attempt ? l10n("Incorrect PIN2! ") : ""), l10n("Tries left:"), remainingTries);
}
else {
message[0] = 0;
}
int isPinPad = EstEID_isPinPad(slotID);
CK_RV loginResult = CKR_FUNCTION_CANCELED;
if(!isPinPad) {
// Simple card reader
char *pin = pinPromptData.promptFunction(pinPromptData.nativeWindowHandle, name, message, (unsigned)atoi(EstEID_mapGet(cert, "minPinLen")), isPinPad);
if (!pin || strlen(pin) == 0) {
if (pin) free(pin);
setUserCancelErrorCodeAndMessage();
CLOSE_SESSION_AND_FAIL;
}
loginResult = fl->C_Login(session, CKU_USER, (unsigned char *)pin, strlen(pin));
free(pin);
}
else {
// PIN pad
#ifdef _WIN32
EstEID_log("creating pinpad dialog UI thread");
pinpad_thread_result = -1;
FAIL_IF_THREAD_ERROR("CreateMutex", (pinpad_thread_mutex = CreateMutex(NULL, FALSE, NULL)));
#else
EstEID_log("creating pinpad worker thread");
pinpad_thread_result = -1;
FAIL_IF_PTHREAD_ERROR("pthread_mutex_init", pthread_mutex_init(&pinpad_thread_mutex, NULL));
FAIL_IF_PTHREAD_ERROR("pthread_cond_init", pthread_cond_init(&pinpad_thread_condition, NULL));
pthread_t pinpad_thread;
EstEID_PINPadThreadData threadData;
threadData.session = session;
threadData.result = CKR_OK;
#endif
EstEID_log("thread launched");
#ifdef _WIN32
/*
NB! Due to Firefox for Windows specific behaviour C_Login() is launched from main thread
and UI code is running in separate thread if running on Windows.
*/
EstEID_PINPromptDataEx pinPromptDataEx;
pinPromptDataEx.pinPromptData = pinPromptData;
pinPromptDataEx.message = message;
pinPromptDataEx.name = name;
CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&EstEID_pinPadLogin, (LPVOID)&pinPromptDataEx, 0, NULL);
loginResult = fl->C_Login(session, CKU_USER, NULL, 0);
closePinPadModalSheet();
#else
FAIL_IF_PTHREAD_ERROR("pthread_create", pthread_create(&pinpad_thread, NULL, EstEID_pinPadLogin, (void*)&threadData));
pinPromptData.promptFunction(pinPromptData.nativeWindowHandle, name, message, 0, isPinPad);
loginResult = threadData.result;
#endif
EstEID_log("pinpad sheet/dialog closed");
if (loginResult == CKR_FUNCTION_CANCELED) {
setUserCancelErrorCodeAndMessage();
CLOSE_SESSION_AND_FAIL;
}
}
EstEID_log("loginResult = %s", pkcs11_error_message(loginResult));
switch (loginResult) {
case CKR_PIN_LOCKED:
blocked = TRUE;
case CKR_PIN_INCORRECT:
case CKR_PIN_INVALID:
case CKR_PIN_LEN_RANGE:
EstEID_log("this was attempt %i, loginResult causes to run next round", attempt);
continue;
default:
//.........这里部分代码省略.........
示例11: testStability
int testStability(CK_SLOT_ID slotID, CK_SESSION_HANDLE hSession, int rollovers, int batchjobs, int signatures, int sleepTime)
{
CK_RV rv;
int retVal = 0;
CK_OBJECT_HANDLE hPublicKey, hPrivateKey;
CK_SESSION_HANDLE hSessionTmp;
CK_BYTE_PTR pSignature = NULL;
CK_ULONG ulSignatureLen = 0;
CK_BYTE pData[] = {"Text"};
CK_ULONG ulDataLen = sizeof(pData)-1;
printf("\n********************************************************\n");
printf("* Test for stability during key generation and signing *\n");
printf("********************************************************\n\n");
printf("This test will perform the following:\n\n");
printf("* Key rollovers = %i\n", rollovers);
printf(" The number of times that the key pair will be replaced.\n");
printf("* Batchjobs = %i\n", batchjobs);
printf(" The number of batchjobs for each key pair.\n");
printf("* signatures = %i\n", signatures);
printf(" Each batchjob will create signatures and verify them.\n");
printf("* sleep time = %i\n", sleepTime);
printf(" The process will sleep between the batchjobs.\n\n");
for (int i = 0; i <= rollovers; i++)
{
// Generate key pair
if (testStability_generate(hSession, &hPublicKey, &hPrivateKey))
{
retVal = 1;
continue;
}
for (int j = 0; j < batchjobs; j++)
{
// Open Session
rv = p11->C_OpenSession(slotID, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSessionTmp);
if (rv != CKR_OK)
{
printf("ERROR: Failed to open a session. rv=%s\n", rv2string(rv));
retVal = 1;
continue;
}
printf("Creating signatures and verifying them...\n");
for (int k = 0; k < signatures; k++)
{
// Sign data
if (testStability_sign(
hSessionTmp,
hPrivateKey,
pData,
ulDataLen,
&pSignature,
&ulSignatureLen))
{
retVal = 1;
continue;
}
// Verify signature
if (testStability_verify(
hSessionTmp,
hPublicKey,
pData,
ulDataLen,
pSignature,
ulSignatureLen))
{
retVal = 1;
}
// Clean up
if (pSignature != NULL)
{
free(pSignature);
pSignature = NULL;
ulSignatureLen = 0;
}
}
// Close session
rv = p11->C_CloseSession(hSessionTmp);
if (rv != CKR_OK)
{
printf("ERROR: Failed to close session. rv=%s\n", rv2string(rv));
retVal = 1;
}
// Sleep
printf("Sleeping for %i seconds...\n", sleepTime);
sleep(sleepTime);
}
// Delete key pair
printf("Deleting the key pair...\n");
rv = p11->C_DestroyObject(hSession, hPublicKey);
if (rv != CKR_OK)
{
//.........这里部分代码省略.........
示例12: sc_get_session
CK_SESSION_HANDLE sc_get_session(void *f, int try_write_syslog, CK_FUNCTION_LIST_PTR fl,
const char *token_label) {
#define SC_MAX_SLOT 16
CK_SESSION_HANDLE session = 0;
unsigned long slot_count = SC_MAX_SLOT;
CK_TOKEN_INFO token_info;
CK_SLOT_ID slots[SC_MAX_SLOT];
CK_SLOT_ID c_slot = SC_MAX_SLOT;
CK_SLOT_ID slot = SC_MAX_SLOT;
CK_RV rv = 0;
int i;
char msg[SC_STR_MAX_LEN] = "";
if(fl == 0) {
sprintf(msg, "sc: Invalid state, no function list");
goto err;
}
rv = fl->C_GetSlotList(TRUE, slots, &slot_count);
if(CKR_OK != rv) {
sprintf(msg, "sc: C_GetSlotList failed 0x%.4x", (int)rv);
goto err;
}
if(slot_count < 1) {
sprintf(msg, "sc: No token available");
goto err;
}
for(i=0; i<slot_count; i++) {
slot = slots[i];
rv = fl->C_GetTokenInfo(slot,&token_info);
if (CKR_OK != rv) {
sprintf(msg, "sc: C_GetTokenInfo failed for token in slot %i", i);
goto err;
}
{
char buf[40];
memset(buf, 0, 40);
int j;
strncpy(buf, token_info.label, 30);
for(j=29;j>0;j--) {
if(buf[j] == ' ') {
buf[j] = '\0';
} else {
break;
}
}
sprintf(msg, "sc: Found token in slot %i: %s", i, buf);
if(f) {
logevent(f, msg);
if(try_write_syslog) sc_write_syslog(msg);
}
}
if(strncmp(token_label, token_info.label, strlen(token_label)) == 0) {
c_slot = i;
break;
}
}
if(c_slot == 64) {
sprintf(msg, "sc: No token named: %s", token_label);
goto err;
}
rv = fl->C_OpenSession(slots[c_slot],CKF_SERIAL_SESSION|CKF_RW_SESSION, 0, 0, &session);
if (CKR_OK != rv) {
sprintf(msg, "sc: C_OpenSession failed");
goto err;
} else {
if(f) logevent(f, "sc: Session opened");
}
return session;
err:
if(f) {
logevent(f, msg);
if(try_write_syslog) sc_write_syslog(msg);
}
// m_fl->C_Finalize(0);
// m_fl = 0;
return 0;
}示例13: EstEID_loadCertInfoEntries
int EstEID_loadCertInfoEntries(EstEID_Certs *certs, int index) {
EstEID_Map cert = certs->certs[index];
CK_SLOT_ID slotID = certs->slotIDs[index];
CK_SESSION_HANDLE session;
FAIL_IF(EstEID_CK_failure("C_OpenSession", fl->C_OpenSession(slotID, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &session)));
CK_OBJECT_CLASS objectClass = CKO_CERTIFICATE;
CK_ATTRIBUTE searchAttribute = {CKA_CLASS, &objectClass, sizeof(objectClass)};
if (EstEID_CK_failure("C_FindObjectsInit", fl->C_FindObjectsInit(session, &searchAttribute, 1))) return FAILURE;
CK_OBJECT_HANDLE objectHandle;
CK_ULONG objectCount;
if (EstEID_CK_failure("C_FindObjects", fl->C_FindObjects(session, &objectHandle, 1, &objectCount))) return FAILURE;
if (objectCount == 0) return SUCCESS;
CK_ATTRIBUTE attribute = {CKA_VALUE, NULL_PTR, 0};
if (EstEID_CK_failure("C_GetAttributeValue", fl->C_GetAttributeValue(session, objectHandle, &attribute, 1))) return FAILURE;
CK_ULONG certificateLength = attribute.ulValueLen;
CK_BYTE_PTR certificate = (CK_BYTE_PTR)malloc(certificateLength);
attribute.pValue = certificate;
if (EstEID_CK_failure("C_GetAttributeValue", fl->C_GetAttributeValue(session, objectHandle, &attribute, 1))) return FAILURE;
EstEID_mapPutNoAlloc(cert, strdup("certificateAsHex"), EstEID_bin2hex((char *)certificate, certificateLength));
const unsigned char *p = certificate;
X509 *x509 = d2i_X509(NULL, &p, certificateLength);
char *certMD5;
certMD5 = EstEID_getCertHash((char*)certificate);
FAIL_IF(EstEID_md5_failure(certMD5));
EstEID_mapPutNoAlloc(cert, strdup("certHash"), certMD5);
free(certificate);
// todo: error handling of all openssl functions
EstEID_mapPutNoAlloc(cert, strdup("validTo"), EstEID_ASN1_TIME_toString(X509_get_notAfter(x509)));
EstEID_mapPutNoAlloc(cert, strdup("validFrom"), EstEID_ASN1_TIME_toString(X509_get_notBefore(x509)));
unsigned long keyUsage;
ASN1_BIT_STRING *usage = (ASN1_BIT_STRING *)X509_get_ext_d2i(x509, NID_key_usage, NULL, NULL);
if (usage->length > 0) keyUsage = usage->data[0];
ASN1_BIT_STRING_free(usage);
if (keyUsage & X509v3_KU_DIGITAL_SIGNATURE) EstEID_mapPut(cert, "usageDigitalSignature", "TRUE");
if (keyUsage & X509v3_KU_NON_REPUDIATION) {
EstEID_mapPut(cert, "usageNonRepudiation", "TRUE");
EstEID_mapPut(cert, "keyUsage", "Non-Repudiation"); // for compatibility with older plugin
}
EstEID_loadCertEntries(cert, "", X509_get_subject_name(x509));
char *certSerialNumber = (char*)malloc(33);
snprintf(certSerialNumber, 32, "%lX", ASN1_INTEGER_get(X509_get_serialNumber(x509)));
EstEID_mapPutNoAlloc(cert, strdup("certSerialNumber"), certSerialNumber);
EstEID_loadCertEntries(cert, "issuer.", X509_get_issuer_name(x509));
BIO *bio = BIO_new(BIO_s_mem());
if (!PEM_write_bio_X509(bio, x509)) printf("Cannot create PEM\n");
char *b;
int len = BIO_get_mem_data(bio, &b);
char *pem = (char *)malloc(len + 1);
strncpy(pem, b, len);
pem[len] = 0;
BIO_free(bio);
EstEID_mapPutNoAlloc(cert, strdup("certificateAsPEM"), pem);
FAIL_IF(EstEID_CK_failure("C_CloseSession", fl->C_CloseSession(session)));
return SUCCESS;
}示例14: sizeof
//.........这里部分代码省略.........
if (EVP_PKEY_set1_RSA(evp, rsak) == 0)
exit(EXIT_FAILURE);
cert = X509_new();
if (cert == NULL)
exit(EXIT_FAILURE);
if (X509_set_pubkey(cert, evp) == 0)
exit(EXIT_FAILURE);
tm = ASN1_TIME_new();
if (tm == NULL)
exit(EXIT_FAILURE);
ASN1_TIME_set_string(tm, "000001010000Z");
X509_set_notBefore(cert, tm);
X509_set_notAfter(cert, tm);
cert->sig_alg->algorithm = OBJ_nid2obj(8);
cert->cert_info->signature->algorithm = OBJ_nid2obj(8);
ASN1_BIT_STRING_set_bit(cert->signature, 8, 1);
ASN1_BIT_STRING_set(cert->signature, "\x00", 1);
px = value_c;
if ((cert_len = (CK_ULONG) i2d_X509(cert, &px)) == 0 || cert_len > sizeof(value_c))
exit(EXIT_FAILURE);
publicKeyTemplate[2].ulValueLen = cert_len;
asrt(funcs->C_Initialize(NULL), CKR_OK, "INITIALIZE");
asrt(funcs->C_OpenSession(0, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session), CKR_OK, "OpenSession1");
asrt(funcs->C_Login(session, CKU_SO, "010203040506070801020304050607080102030405060708", 48), CKR_OK, "Login SO");
for (i = 0; i < 24; i++) {
id = i;
asrt(funcs->C_CreateObject(session, publicKeyTemplate, 3, obj + i), CKR_OK, "IMPORT CERT");
asrt(funcs->C_CreateObject(session, privateKeyTemplate, 9, obj + i), CKR_OK, "IMPORT KEY");
}
asrt(funcs->C_Logout(session), CKR_OK, "Logout SO");
for (i = 0; i < 24; i++) {
for (j = 0; j < 10; j++) {
if(RAND_pseudo_bytes(some_data, sizeof(some_data)) == -1)
exit(EXIT_FAILURE);
asrt(funcs->C_Login(session, CKU_USER, "123456", 6), CKR_OK, "Login USER");
asrt(funcs->C_SignInit(session, &mech, obj[i]), CKR_OK, "SignInit");
recv_len = sizeof(sig);
asrt(funcs->C_Sign(session, some_data, sizeof(some_data), sig, &recv_len), CKR_OK, "Sign");
/* r_len = 32; */
/* s_len = 32; */
/* der_ptr = der_encoded; */
/* *der_ptr++ = 0x30; */
/* *der_ptr++ = 0xff; // placeholder, fix below */
/* r_ptr = sig; */
/* *der_ptr++ = 0x02; */示例15: if
// Import a newly generated P256 pvt key and a certificate
// to every slot and use the key to sign some data
static void test_import_and_sign_all_10() {
EVP_PKEY *evp;
EC_KEY *eck;
const EC_POINT *ecp;
const BIGNUM *bn;
char pvt[32];
X509 *cert;
ASN1_TIME *tm;
CK_BYTE i, j;
CK_BYTE some_data[32];
CK_ULONG class_k = CKO_PRIVATE_KEY;
CK_ULONG class_c = CKO_CERTIFICATE;
CK_ULONG kt = CKK_ECDSA;
CK_BYTE id = 0;
CK_BYTE params[] = {0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07};
CK_BYTE sig[64];
CK_ULONG recv_len;
CK_BYTE value_c[3100];
CK_ULONG cert_len;
CK_BYTE der_encoded[80];
CK_BYTE_PTR der_ptr;
CK_BYTE_PTR r_ptr;
CK_BYTE_PTR s_ptr;
CK_ULONG r_len;
CK_ULONG s_len;
unsigned char *p;
CK_ATTRIBUTE privateKeyTemplate[] = {
{CKA_CLASS, &class_k, sizeof(class_k)},
{CKA_KEY_TYPE, &kt, sizeof(kt)},
{CKA_ID, &id, sizeof(id)},
{CKA_EC_PARAMS, ¶ms, sizeof(params)},
{CKA_VALUE, pvt, sizeof(pvt)}
};
CK_ATTRIBUTE publicKeyTemplate[] = {
{CKA_CLASS, &class_c, sizeof(class_c)},
{CKA_ID, &id, sizeof(id)},
{CKA_VALUE, value_c, sizeof(value_c)}
};
CK_OBJECT_HANDLE obj[24];
CK_SESSION_HANDLE session;
CK_MECHANISM mech = {CKM_ECDSA, NULL};
evp = EVP_PKEY_new();
if (evp == NULL)
exit(EXIT_FAILURE);
eck = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
if (eck == NULL)
exit(EXIT_FAILURE);
asrt(EC_KEY_generate_key(eck), 1, "GENERATE ECK");
bn = EC_KEY_get0_private_key(eck);
asrt(BN_bn2bin(bn, pvt), 32, "EXTRACT PVT");
if (EVP_PKEY_set1_EC_KEY(evp, eck) == 0)
exit(EXIT_FAILURE);
cert = X509_new();
if (cert == NULL)
exit(EXIT_FAILURE);
if (X509_set_pubkey(cert, evp) == 0)
exit(EXIT_FAILURE);
tm = ASN1_TIME_new();
if (tm == NULL)
exit(EXIT_FAILURE);
ASN1_TIME_set_string(tm, "000001010000Z");
X509_set_notBefore(cert, tm);
X509_set_notAfter(cert, tm);
cert->sig_alg->algorithm = OBJ_nid2obj(8);
cert->cert_info->signature->algorithm = OBJ_nid2obj(8);
ASN1_BIT_STRING_set_bit(cert->signature, 8, 1);
ASN1_BIT_STRING_set(cert->signature, "\x00", 1);
p = value_c;
if ((cert_len = (CK_ULONG) i2d_X509(cert, &p)) == 0 || cert_len > sizeof(value_c))
exit(EXIT_FAILURE);
publicKeyTemplate[2].ulValueLen = cert_len;
asrt(funcs->C_Initialize(NULL), CKR_OK, "INITIALIZE");
asrt(funcs->C_OpenSession(0, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session), CKR_OK, "OpenSession1");
asrt(funcs->C_Login(session, CKU_SO, "010203040506070801020304050607080102030405060708", 48), CKR_OK, "Login SO");
//.........这里部分代码省略.........