diff options
-rw-r--r-- | GNUmakefile | 12 | ||||
-rw-r--r-- | pkcs11.c | 38 |
2 files changed, 30 insertions, 20 deletions
diff --git a/GNUmakefile b/GNUmakefile index a74f06a..90440a7 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -45,6 +45,14 @@ ifndef ENABLE_DEBUGGING ENABLE_DEBUGGING := no endif +# Whether to disable #warning statements; generally these are present for +# a reason, but they can get distracting when one is attempting to debug +# something else. + +ifndef ENABLE_FOOTNOTE_WARNINGS + ENABLE_FOOTNOTE_WARNINGS := yes +endif + LIBHAL_DIR = ../libhal LIBTFM_DIR = ../thirdparty/libtfm SQLITE3_DIR = ../thirdparty/sqlite3 @@ -53,6 +61,10 @@ CFLAGS := -g3 -fPIC -Wall -std=c99 -I${LIBHAL_DIR} -I${SQLITE3_DIR} SOFLAGS := -Wl,-Bsymbolic-functions -Wl,-Bsymbolic -Wl,-z,noexecstack LIBS := ${LIBHAL_DIR}/libhal.a ${LIBTFM_DIR}/libtfm.a ${SQLITE3_DIR}/libsqlite3.a +ifeq "${ENABLE_FOOTNOTE_WARNINGS}" "no" + CFLAGS += -Wno-\#warnings +endif + ifeq "${ENABLE_THREADS}" "yes" CFLAGS += -pthread else @@ -481,7 +481,7 @@ static CK_RV posix_mutex_unlock(CK_VOID_PTR pMutex) */ #warning Perhaps this should be a utility routine in libhal instead of here -static int ec_curve_oid_to_name(const uint8_t * const oid, const size_t oid_len, hal_ecdsa_curve_t *curve) +static int ec_curve_oid_to_name(const uint8_t * const oid, const size_t oid_len, hal_curve_name_t *curve) { static uint8_t ec_curve_oid_p256[] = { 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07 }; static uint8_t ec_curve_oid_p384[] = { 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22 }; @@ -491,13 +491,13 @@ static int ec_curve_oid_to_name(const uint8_t * const oid, const size_t oid_len, return 0; else if (oid_len == sizeof(ec_curve_oid_p256) && memcmp(oid, ec_curve_oid_p256, oid_len) == 0) - *curve = HAL_ECDSA_CURVE_P256; + *curve = HAL_CURVE_P256; else if (oid_len == sizeof(ec_curve_oid_p384) && memcmp(oid, ec_curve_oid_p384, oid_len) == 0) - *curve = HAL_ECDSA_CURVE_P384; + *curve = HAL_CURVE_P384; else if (oid_len == sizeof(ec_curve_oid_p521) && memcmp(oid, ec_curve_oid_p521, oid_len) == 0) - *curve = HAL_ECDSA_CURVE_P521; + *curve = HAL_CURVE_P521; else return 0; @@ -1237,7 +1237,7 @@ static hal_error_t p11_object_encode_rsa_key(const void * const key, size_t *der_len, const size_t der_max) { - return hal_rsa_key_to_der(key, der, der_len, der_max); + return hal_rsa_private_key_to_der(key, der, der_len, der_max); } static int p11_object_set_rsa_private_key(const CK_OBJECT_HANDLE object_handle, @@ -1245,7 +1245,7 @@ static int p11_object_set_rsa_private_key(const CK_OBJECT_HANDLE object_handle, { return p11_object_set_generic_private_key(object_handle, key, - hal_rsa_key_to_der_len(key), + hal_rsa_private_key_to_der_len(key), p11_object_encode_rsa_key); } @@ -1261,7 +1261,7 @@ static hal_error_t p11_object_encode_ec_key(const void * const key, size_t *der_len, const size_t der_max) { - return hal_ecdsa_key_to_der(key, der, der_len, der_max); + return hal_ecdsa_private_key_to_der(key, der, der_len, der_max); } static int p11_object_set_ec_private_key(const CK_OBJECT_HANDLE object_handle, @@ -1269,7 +1269,7 @@ static int p11_object_set_ec_private_key(const CK_OBJECT_HANDLE object_handle, { return p11_object_set_generic_private_key(object_handle, key, - hal_ecdsa_key_to_der_len(key), + hal_ecdsa_private_key_to_der_len(key), p11_object_encode_ec_key); } @@ -1347,7 +1347,7 @@ static hal_error_t p11_object_decode_rsa_key(void **key_, { assert(key_ != NULL); hal_rsa_key_t *key = NULL; - hal_error_t err = hal_rsa_key_from_der(&key, keybuf, keybuf_len, der, der_len); + hal_error_t err = hal_rsa_private_key_from_der(&key, keybuf, keybuf_len, der, der_len); *key_ = key; return err; } @@ -1376,7 +1376,7 @@ static hal_error_t p11_object_decode_ec_key(void **key_, { assert(key_ != NULL); hal_ecdsa_key_t *key = NULL; - hal_error_t err = hal_ecdsa_key_from_der(&key, keybuf, keybuf_len, der, der_len); + hal_error_t err = hal_ecdsa_private_key_from_der(&key, keybuf, keybuf_len, der, der_len); *key_ = key; return err; } @@ -1451,7 +1451,7 @@ static int p11_object_get_ec_public_key(const CK_OBJECT_HANDLE object_handle, const char *flavor = is_token_handle(object_handle) ? "token" : "session"; sqlite3_stmt *q = NULL; - hal_ecdsa_curve_t curve; + hal_curve_name_t curve; assert(key != NULL && keybuf != NULL); @@ -1996,7 +1996,7 @@ static CK_RV generate_keypair_ec(p11_session_t *session, uint8_t keybuf[hal_ecdsa_key_t_size]; hal_ecdsa_key_t *key = NULL; const CK_BYTE *params = NULL; - hal_ecdsa_curve_t curve; + hal_curve_name_t curve; size_t params_len; CK_RV rv; int i; @@ -2443,7 +2443,7 @@ static CK_RV sign_ecdsa(p11_session_t *session, { uint8_t keybuf[hal_ecdsa_key_t_size]; hal_ecdsa_key_t *key = NULL; - hal_ecdsa_curve_t curve; + hal_curve_name_t curve; size_t signature_len; CK_RV rv; @@ -2463,9 +2463,9 @@ static CK_RV sign_ecdsa(p11_session_t *session, lose(CKR_FUNCTION_FAILED); switch (curve) { - case HAL_ECDSA_CURVE_P256: signature_len = 256; break; - case HAL_ECDSA_CURVE_P384: signature_len = 384; break; - case HAL_ECDSA_CURVE_P521: signature_len = 521; break; + case HAL_CURVE_P256: signature_len = 256; break; + case HAL_CURVE_P384: signature_len = 384; break; + case HAL_CURVE_P521: signature_len = 521; break; default: lose(CKR_FUNCTION_FAILED); } @@ -2488,8 +2488,7 @@ static CK_RV sign_ecdsa(p11_session_t *session, } if (pSignature != NULL && !hal_check(hal_ecdsa_sign(NULL, key, pData, ulDataLen, - pSignature, &signature_len, *pulSignatureLen, - HAL_ECDSA_SIGNATURE_FORMAT_PKCS11))) + pSignature, &signature_len, *pulSignatureLen))) lose(CKR_FUNCTION_FAILED); assert(signature_len == *pulSignatureLen); @@ -2532,8 +2531,7 @@ static CK_RV verify_ecdsa(p11_session_t *session, ulDataLen = sizeof(digest); } - if (!hal_check(hal_ecdsa_verify(NULL, key, pData, ulDataLen, - pSignature, ulSignatureLen, HAL_ECDSA_SIGNATURE_FORMAT_PKCS11))) + if (!hal_check(hal_ecdsa_verify(NULL, key, pData, ulDataLen, pSignature, ulSignatureLen))) lose(CKR_SIGNATURE_INVALID); rv = CKR_OK; /* Fall through */ |