diff options
| -rw-r--r-- | GNUmakefile | 2 | ||||
| -rw-r--r-- | p11util.c | 32 | ||||
| -rw-r--r-- | schema.sql | 9 | ||||
| -rw-r--r-- | scripts/convert-schema.sed | 10 | ||||
| -rw-r--r-- | sql_common.h | 4 |
5 files changed, 27 insertions, 30 deletions
diff --git a/GNUmakefile b/GNUmakefile index c7e69c3..872930e 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -62,7 +62,7 @@ schema.h: schema.sql scripts/convert-schema.sed GNUmakefile attributes.h: attributes.yaml scripts/build-attributes GNUmakefile python scripts/build-attributes attributes.yaml attributes.h -pkcs11.o: pkcs11.c schema.h attributes.h +pkcs11.o: pkcs11.c sql_common.h schema.h attributes.h ${CC} ${CFLAGS} -c $< pkcs11.so: pkcs11.o ${LIBS} @@ -3,12 +3,7 @@ * things like setting PINs. */ -/* - * Apparently getopt_long() works everywhere we're likely to care - * about. At least, we've been getting away with it for years in - * rcynic. rcynic.c has code to wrap option and usage stuff using - * getopt_long(), proably just reuse that. - */ +#define _POSIX_SOURCE #include <stdio.h> #include <stdlib.h> @@ -86,20 +81,20 @@ static int getpin_tty(const char *prompt, OPT_FLG('s', "set-so-pin", "set Security Officer PIN") \ OPT_FLG('u', "set-user-pin", "set \"user\" PIN") \ OPT_ARG('i', "set-iterations", "set PBKDF2 iteration count") \ - OPT_ARG('p', "pin-from-stdin", "read PIN from stdin instead of /dev/tty") \ + OPT_FLG('p', "pin-from-stdin", "read PIN from stdin instead of /dev/tty") \ OPT_END #define OPT_END -static void usage (const int code, const char *jane) +static void usage(const int code, const char *jane) { assert(jane != NULL); FILE *f = code ? stderr : stdout; fprintf(f, "usage: %s [options]\noptions:\n", jane); -#define OPT_FLG(_short_, _long_, _help_) fprintf(f, " -%c --%-32s%s", _short_, _long_, _help_); -#define OPT_ARG(_short_, _long_, _help_) fprintf(f, " -%c ARG --%-32s%s", _short_, _long_ " ARG", _help_); +#define OPT_FLG(_short_, _long_, _help_) fprintf(f, " -%c --%-32s%s\n", _short_, _long_, _help_); +#define OPT_ARG(_short_, _long_, _help_) fprintf(f, " -%c ARG --%-32s%s\n", _short_, _long_ " ARG", _help_); OPTIONS; #undef OPT_ARG #undef OPT_FLG @@ -107,12 +102,12 @@ static void usage (const int code, const char *jane) exit(code); } -static void parse_args (int argc, char *argv[], - int *do_set_so_pin, - int *do_set_user_pin, - int *do_set_iterations, - int *read_from_stdin, - unsigned long *iterations) +static void parse_args(int argc, char *argv[], + int *do_set_so_pin, + int *do_set_user_pin, + int *do_set_iterations, + int *read_from_stdin, + unsigned long *iterations) { char *endptr; int c; @@ -134,6 +129,9 @@ static void parse_args (int argc, char *argv[], read_from_stdin != NULL && iterations != NULL); opterr = 0; + if (argc == 1) + usage(0, argv[0]); + while ((c = getopt_long(argc, argv, short_opts, long_opts, NULL)) > 0) { switch (c) { @@ -270,7 +268,7 @@ static int set_pin(const char * const pin_type, const int read_from_stdin) return ok; } -int main (int argc, char *argv[]) +int main(int argc, char *argv[]) { int do_set_so_pin = 0, do_set_user_pin = 0, do_set_iterations = 0, read_from_stdin = 0; unsigned long iterations; @@ -84,14 +84,17 @@ CREATE TABLE IF NOT EXISTS global ( -- Numeric minima for PBKDF2 iterations, length of PIN, and -- length of PBKDF2 salt are somewhat arbitrary, and will -- probably change over time (which is why they are minima). - -- Feel free to suggest better minima. + -- Initial testing was with 100000, which takes about 8 seconds + -- on a Novena with the current SHA256 and PBKDF2 + -- implementation, which seems a bit slow, so backed that down + -- a bit. Feel free to suggest better minima. - pbkdf2_iterations INTEGER NOT NULL DEFAULT 100000, + pbkdf2_iterations INTEGER NOT NULL DEFAULT 20000, so_pin BLOB, user_pin BLOB, so_pin_salt, BLOB, user_pin_salt BLOB, - CHECK ((pbkdf2_iterations >= 100000) AND + CHECK ((pbkdf2_iterations >= 10000) AND (so_pin IS NULL OR (typeof(so_pin) = "blob" AND length(so_pin) >= 32)) AND (user_pin IS NULL OR (typeof(user_pin) = "blob" AND length(user_pin) >= 32)) AND (so_pin_salt IS NULL OR (typeof(so_pin_salt) = "blob" AND length(so_pin_salt) >= 16)) AND diff --git a/scripts/convert-schema.sed b/scripts/convert-schema.sed index 55aaadc..f8874b3 100644 --- a/scripts/convert-schema.sed +++ b/scripts/convert-schema.sed @@ -56,11 +56,5 @@ s/[ ]*$// s/\\/\\\\/g s/"/\\"/g -# Quote each line of text. Literal transcription would be: -# -# s/^.*$/"&\\n"/ -# -# but SQL doesn't need the line breaks, so we can use -# whitespace to generate something a bit more readable. -# -s/^.*$/" &"/ +# Quote each line of text. +s/^.*$/" &" "\\n"/ diff --git a/sql_common.h b/sql_common.h index 8f1844b..1e55322 100644 --- a/sql_common.h +++ b/sql_common.h @@ -50,10 +50,12 @@ /* * Placeholders for PIN length limits. Figure out real values later. + * Minimum length here is much too short, we allow it for now because + * some test programs fail if we insist on a reasonable length. */ #warning Figure out PIN length limits -#define P11_MIN_PIN_LENGTH 16 +#define P11_MIN_PIN_LENGTH 4 #define P11_MAX_PIN_LENGTH 4096 /* |