libraries/libpcscxx
1
0
Fork 0
Code Issues Releases Activity

done in first release; closes #11

Browse Source
This commit is contained in:
Marc Wäckerlin
2011-04-21 06:30:51 +00:00
parent 17cbc8827d
commit 98967c3959
3 changed files with 239 additions and 161 deletions
Download Patch File Download Diff File Expand all files Collapse all files

285
src/cryptoki.hxx
View File

@@ -1229,118 +1229,6 @@ namespace cryptoki {
CRYPTOKI_FN_LOG("C_SetPIN")); CRYPTOKI_FN_LOG("C_SetPIN"));
} }
@endcode */ @endcode */
std::string sign(std::string in) {
CRYPTOKI_LOG("log");
std::string res;
res.resize(in.size());
CK_ULONG size(res.size()); //! @todo check if size is ok
//! calls @c C_Sign
check(_slot._init->_fn->C_Sign
(_session,
(unsigned char*)&in[0], in.size(),
(unsigned char*)&res[0], &size),
CRYPTOKI_FN_LOG("C_Sign"));
res.resize(size);
return res;
}
std::string signencryptupdate(std::string in) {
CRYPTOKI_LOG("log");
std::string res;
res.resize(in.size());
CK_ULONG size(res.size()); //! @todo check if size is ok
//! calls @c C_SignEncryptUpdate
check(_slot._init->_fn->C_SignEncryptUpdate
(_session,
(unsigned char*)&in[0], in.size(),
(unsigned char*)&res[0], &size),
CRYPTOKI_FN_LOG("C_SignEncryptUpdate"));
res.resize(size);
return res;
}
/*! @todo Not implemented:
@code
bool signfinal() {
CRYPTOKI_LOG("log");
//! calls @c C_SignFinal
return check(_slot._init->_fn->C_SignFinal(_session, CK_BYTE_PTR, CK_ULONG_PTR),
CRYPTOKI_FN_LOG("C_SignFinal"));
}
@endcode */
std::string signrecover(std::string in) {
CRYPTOKI_LOG("log");
std::string res;
res.resize(in.size());
CK_ULONG size(res.size()); //! @todo check if size is ok
//! calls @c C_SignRecover
check(_slot._init->_fn->C_SignRecover
(_session,
(unsigned char*)&in[0], in.size(),
(unsigned char*)&res[0], &size),
CRYPTOKI_FN_LOG("C_SignRecover"));
res.resize(size);
return res;
}
/*! @todo Not implemented:
@code
bool signupdate() {
CRYPTOKI_LOG("log");
//! calls @c C_SignUpdate
return check(_slot._init->_fn->C_SignUpdate(_session, CK_BYTE_PTR, CK_ULONG),
CRYPTOKI_FN_LOG("C_SignUpdate"));
}
@endcode */
/*! @todo Not implemented:
@code
bool verify() {
CRYPTOKI_LOG("log");
//! calls @c C_Verify
return check(_slot._init->_fn->C_Verify(_session, CK_BYTE_PTR, CK_ULONG,
CK_BYTE_PTR, CK_ULONG),
CRYPTOKI_FN_LOG("C_Verify"));
}
@endcode */
/*! @todo Not implemented:
@code
bool verifyfinal() {
CRYPTOKI_LOG("log");
//! calls @c C_VerifyFinal
return check(_slot._init->_fn->C_VerifyFinal(_session, CK_BYTE_PTR, CK_ULONG),
CRYPTOKI_FN_LOG("C_VerifyFinal"));
}
@endcode */
std::string verifyrecover(std::string in) {
CRYPTOKI_LOG("log");
std::string res;
res.resize(in.size());
CK_ULONG size(res.size()); //! @todo check if size is ok
//! calls @c C_VerifyRecover
check(_slot._init->_fn->C_VerifyRecover
(_session,
(unsigned char*)&in[0], in.size(),
(unsigned char*)&res[0], &size),
CRYPTOKI_FN_LOG("C_VerifyRecover"));
res.resize(size);
return res;
}
/*! @todo Not implemented:
@code
bool verifyupdate() {
CRYPTOKI_LOG("log");
//! calls @c C_VerifyUpdate
return check(_slot._init->_fn->C_VerifyUpdate(_session, CK_BYTE_PTR, CK_ULONG),
CRYPTOKI_FN_LOG("C_VerifyUpdate"));
}
@endcode */
//@}
}; };
class Object { class Object {
@@ -1399,6 +1287,27 @@ namespace cryptoki {
//! @todo don't call decryptfinal()? //! @todo don't call decryptfinal()?
} }
std::string sign(const std::string& data, CK_MECHANISM_TYPE type,
const std::string& param=std::string()) {
CRYPTOKI_LOG("log");
CRYPTOKI_LOG("signinit");
signinit(type, param);
CRYPTOKI_LOG("sign");
return sign(data);
//! @todo don't call signfinal()?
}
bool verify(const std::string& data, const std::string& signature,
CK_MECHANISM_TYPE type,
const std::string& param=std::string()) {
CRYPTOKI_LOG("log");
CRYPTOKI_LOG("verifyinit");
verifyinit(type, param);
CRYPTOKI_LOG("verify");
return verify(data, signature);
//! @todo don't call verifyfinal()?
}
//@} //@}
/*! @name C Like Error Handling /*! @name C Like Error Handling
@@ -1530,6 +1439,124 @@ namespace cryptoki {
return res; return res;
} }
std::string sign(std::string in) {
CRYPTOKI_LOG("log");
std::string res;
CK_ULONG size(0);
check(_session->_slot._init->_fn->C_Sign
(_session->_session,
(unsigned char*)&in[0], in.size(),0, &size),
CRYPTOKI_FN_LOG("C_Sign"));
CRYPTOKI_LOG("maximum size is "<<size<<"Bytes");
res.resize(size, 0);
//! calls @c C_Sign
check(_session->_slot._init->_fn->C_Sign
(_session->_session,
(unsigned char*)&in[0], in.size(),
(unsigned char*)&res[0], &size),
CRYPTOKI_FN_LOG("C_Sign"));
CRYPTOKI_LOG("exact size is "<<size<<"Bytes");
res.resize(size);
return res;
}
std::string signencryptupdate(std::string in) {
CRYPTOKI_LOG("log");
std::string res;
res.resize(in.size());
CK_ULONG size(res.size()); //! @todo check if size is ok
//! calls @c C_SignEncryptUpdate
check(_session->_slot._init->_fn->C_SignEncryptUpdate
(_session->_session,
(unsigned char*)&in[0], in.size(),
(unsigned char*)&res[0], &size),
CRYPTOKI_FN_LOG("C_SignEncryptUpdate"));
res.resize(size);
return res;
}
/*! @todo Not implemented:
@code
bool signfinal() {
CRYPTOKI_LOG("log");
//! calls @c C_SignFinal
return check(_slot._init->_fn->C_SignFinal(_session, CK_BYTE_PTR, CK_ULONG_PTR),
CRYPTOKI_FN_LOG("C_SignFinal"));
}
@endcode */
std::string signrecover(std::string in) {
CRYPTOKI_LOG("log");
std::string res;
res.resize(in.size());
CK_ULONG size(res.size()); //! @todo check if size is ok
//! calls @c C_SignRecover
check(_session->_slot._init->_fn->C_SignRecover
(_session->_session,
(unsigned char*)&in[0], in.size(),
(unsigned char*)&res[0], &size),
CRYPTOKI_FN_LOG("C_SignRecover"));
res.resize(size);
return res;
}
/*! @todo Not implemented:
@code
bool signupdate() {
CRYPTOKI_LOG("log");
//! calls @c C_SignUpdate
return check(_session->_slot._init->_fn->C_SignUpdate(_session->_session, CK_BYTE_PTR, CK_ULONG),
CRYPTOKI_FN_LOG("C_SignUpdate"));
}
@endcode */
bool verify(std::string data, std::string signature) {
CRYPTOKI_LOG("log");
//! calls @c C_Verify
return check(_session->_slot._init->_fn->C_Verify
(_session->_session,
(unsigned char*)&data[0], data.size(),
(unsigned char*)&signature[0], signature.size()),
CRYPTOKI_FN_LOG("C_Verify"));
}
/*! @todo Not implemented:
@code
bool verifyfinal() {
CRYPTOKI_LOG("log");
//! calls @c C_VerifyFinal
return check(_session->_slot._init->_fn->C_VerifyFinal(_session->_session, CK_BYTE_PTR, CK_ULONG),
CRYPTOKI_FN_LOG("C_VerifyFinal"));
}
@endcode */
std::string verifyrecover(std::string in) {
CRYPTOKI_LOG("log");
std::string res;
res.resize(in.size());
CK_ULONG size(res.size()); //! @todo check if size is ok
//! calls @c C_VerifyRecover
check(_session->_slot._init->_fn->C_VerifyRecover
(_session->_session,
(unsigned char*)&in[0], in.size(),
(unsigned char*)&res[0], &size),
CRYPTOKI_FN_LOG("C_VerifyRecover"));
res.resize(size);
return res;
}
/*! @todo Not implemented:
@code
bool verifyupdate() {
CRYPTOKI_LOG("log");
//! calls @c C_VerifyUpdate
return check(_session->_slot._init->_fn->C_VerifyUpdate(_session->_session, CK_BYTE_PTR, CK_ULONG),
CRYPTOKI_FN_LOG("C_VerifyUpdate"));
}
@endcode */
//@}
/*! @todo Not implemented: /*! @todo Not implemented:
@code @code
bool derivekey() { bool derivekey() {
@@ -1881,16 +1908,18 @@ namespace cryptoki {
} }
@endcode */ @endcode */
/*! @todo Not implemented: bool signinit(CK_MECHANISM_TYPE type, std::string param) {
@code CRYPTOKI_LOG("log");
bool signinit() { CK_MECHANISM mech = {
CRYPTOKI_LOG("log"); type, param.size()?&param[0]:0, param.size()
};
CRYPTOKI_LOG("signinit: type="<<type<<"; mech=("<<mech.mechanism
<<", "<<mech.pParameter<<", "<<mech.ulParameterLen<<')');
//! calls @c C_SignInit //! calls @c C_SignInit
return check(_session->_slot._init->_fn->C_SignInit(_session->_session, CK_MECHANISM_PTR, CK_OBJECT_HANDLE), return check(_session->_slot._init->_fn->C_SignInit
(_session->_session, &mech, _object),
CRYPTOKI_FN_LOG("C_SignInit")); CRYPTOKI_FN_LOG("C_SignInit"));
} }
@endcode */
/*! @todo Not implemented: /*! @todo Not implemented:
@code @code
@@ -1914,16 +1943,18 @@ namespace cryptoki {
} }
@endcode */ @endcode */
/*! @todo Not implemented: bool verifyinit(CK_MECHANISM_TYPE type, std::string param) {
@code CRYPTOKI_LOG("log");
bool verifyinit() { CK_MECHANISM mech = {
CRYPTOKI_LOG("log"); type, param.size()?&param[0]:0, param.size()
//! calls @c C_VerifyInit };
return check(_session->_slot._init->_fn->C_VerifyInit(_session->_session, CK_MECHANISM_PTR, CK_OBJECT_HANDLE), CRYPTOKI_LOG("verifyinit: type="<<type<<"; mech=("<<mech.mechanism
<<", "<<mech.pParameter<<", "<<mech.ulParameterLen<<')');
//! calls @c C_VerifyInit
return check(_session->_slot._init->_fn->C_VerifyInit
(_session->_session, &mech, _object),
CRYPTOKI_FN_LOG("C_VerifyInit")); CRYPTOKI_FN_LOG("C_VerifyInit"));
} }
@endcode */
/*! @todo Not implemented: /*! @todo Not implemented:
@code @code

28
src/openssl-engine.hxx
View File

@@ -114,9 +114,9 @@ namespace openssl {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return 1; return 1;
} }
virtual int rsaSign() { virtual std::string rsaSign(const std::string&, unsigned int) {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return 1; throw std::runtime_error("rsaSign not implemented");
} }
virtual int rsaVerify() { virtual int rsaVerify() {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
@@ -127,7 +127,7 @@ namespace openssl {
return 1; return 1;
} }
private: protected:
friend class EngineMapper; friend class EngineMapper;
ENGINE* _e; ENGINE* _e;
@@ -208,13 +208,25 @@ namespace openssl {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return _map[rsa->engine]->rsaDecrypt(); return _map[rsa->engine]->rsaDecrypt();
} }
static int rsaSign(int flen, const unsigned char *from, static int rsaSign(int type, const unsigned char *from,
unsigned int, unsigned int flen,
unsigned char *to, unsigned char *to,
unsigned int*, unsigned int*tlen,
const RSA *rsa) { const RSA *rsa) {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return _map[rsa->engine]->rsaSign(); try {
std::string res(_map[rsa->engine]
->rsaSign(std::string((const char*)from, flen),
type));
OPENSSL_LOG("to="<<(void*)to<<"; len="<<*tlen);
OPENSSL_LOG("siglen="<<res.size());
*tlen = res.size();
std::copy(res.begin(), res.end(), to);
return 1;
} catch (const std::exception& e) {
OPENSSL_LOG("ERROR: "<<e.what());
return 0;
}
} }
static int rsaVerify(int, const unsigned char*, static int rsaVerify(int, const unsigned char*,
unsigned int, OPENSSL_V0_CONST unsigned char*, unsigned int, OPENSSL_V0_CONST unsigned char*,
@@ -227,7 +239,7 @@ namespace openssl {
return _map[rsa->engine]->rsaFinish(); return _map[rsa->engine]->rsaFinish();
} }
private: protected:
static RSA_METHOD* rsa() { static RSA_METHOD* rsa() {
OPENSSL_LOG("log"); OPENSSL_LOG("log");

87
src/openssl.hxx
View File

@@ -520,6 +520,40 @@ namespace openssl {
} }
}; };
//! Bignumber operations
class BigNum {
public:
BigNum():
_bn(BN_new()) {
}
BigNum(const std::string& num):
_bn(BN_bin2bn((const unsigned char*)num.data(), num.size(), 0)) {
}
~BigNum() {
BN_free(_bn);
}
int size() const {
return size(_bn);
}
static int size(BIGNUM* n) {
return BN_num_bytes(n);
}
std::string string() const {
return string(_bn);
}
static std::string string(BIGNUM* a) {
OPENSSL_LOG("log");
std::string res(BN_num_bytes(a), '0');
BN_bn2bin(a, (unsigned char*)res.begin().operator->());
return res;
}
private:
BigNum(const BigNum& o);
BigNum& operator=(const BigNum& o);
private:
BIGNUM* _bn;
};
class CBlock8 { class CBlock8 {
public: public:
CBlock8() { CBlock8() {
@@ -746,12 +780,13 @@ namespace openssl {
} }
X509(const X509& o): _x509(0) { X509(const X509& o): _x509(0) {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
unsigned char* d(0); _x509 = X509_dup(o._x509);
int len(i2d_X509(o._x509, &d)); // unsigned char* d(0);
if (!len) throw x509_copy_failed(); // int len(i2d_X509(o._x509, &d));
V0_CONST unsigned char* d2(d); // if (!len) throw x509_copy_failed();
_x509 = d2i_X509(0, &d2, len); // V0_CONST unsigned char* d2(d);
OPENSSL_free(d); // _x509 = d2i_X509(0, &d2, len);
// OPENSSL_free(d);
if (!_x509) throw x509_copy_failed(); if (!_x509) throw x509_copy_failed();
} }
//! Take over OpenSSL allocated certificate. //! Take over OpenSSL allocated certificate.
@@ -767,14 +802,20 @@ namespace openssl {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
X509_free(_x509); X509_free(_x509);
_x509 = 0; _x509 = 0;
unsigned char* d(0); _x509 = X509_dup(o._x509);
int len(i2d_X509(o._x509, &d)); // unsigned char* d(0);
if (!len) throw x509_copy_failed(); // int len(i2d_X509(o._x509, &d));
V0_CONST unsigned char* d2(d); // if (!len) throw x509_copy_failed();
_x509 = d2i_X509(0, &d2, len); // V0_CONST unsigned char* d2(d);
OPENSSL_free(d); // _x509 = d2i_X509(0, &d2, len);
// OPENSSL_free(d);
if (!_x509) throw x509_copy_failed(); if (!_x509) throw x509_copy_failed();
} }
//! Get a copy of the OpenSSL low level certificate
/*! @note you are responsible to free the certificate */
::X509* lowLevelCopy() const {
return X509_dup(_x509);
}
//! Get DER encoded subject. //! Get DER encoded subject.
std::string subjectDER() const { std::string subjectDER() const {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
@@ -957,35 +998,35 @@ namespace openssl {
} }
std::string modulus() const { std::string modulus() const {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return string(rsa()->n); return BigNum::string(rsa()->n);
} }
std::string publicExponent() const { std::string publicExponent() const {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return string(rsa()->e); return BigNum::string(rsa()->e);
} }
std::string privateExponent() const { std::string privateExponent() const {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return string(rsa()->d); return BigNum::string(rsa()->d);
} }
std::string prime1() const { std::string prime1() const {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return string(rsa()->p); return BigNum::string(rsa()->p);
} }
std::string prime2() const { std::string prime2() const {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return string(rsa()->q); return BigNum::string(rsa()->q);
} }
std::string exponent1() const { std::string exponent1() const {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return string(rsa()->dmp1); return BigNum::string(rsa()->dmp1);
} }
std::string exponent2() const { std::string exponent2() const {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return string(rsa()->dmq1); return BigNum::string(rsa()->dmq1);
} }
std::string coefficient() const { std::string coefficient() const {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
return string(rsa()->iqmp); return BigNum::string(rsa()->iqmp);
} }
private: private:
void copy(const PrivateKey& o) { void copy(const PrivateKey& o) {
@@ -997,12 +1038,6 @@ namespace openssl {
dh(o); dh(o);
/*ec(o);*/ /*ec(o);*/
} }
std::string string(BIGNUM* a) const {
OPENSSL_LOG("log");
std::string res(BN_num_bytes(a), '0');
BN_bn2bin(a, (unsigned char*)res.begin().operator->());
return res;
}
void rsa(const PrivateKey& o) { void rsa(const PrivateKey& o) {
OPENSSL_LOG("log"); OPENSSL_LOG("log");
//! @todo throw exception if 0? //! @todo throw exception if 0?