aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--GNUmakefile12
-rw-r--r--pkcs11.c38
2 files changed, 30 insertions, 20 deletions
diff --git a/GNUmakefile b/GNUmakefile
index a74f06a..90440a7 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -45,6 +45,14 @@ ifndef ENABLE_DEBUGGING
ENABLE_DEBUGGING := no
endif
+# Whether to disable #warning statements; generally these are present for
+# a reason, but they can get distracting when one is attempting to debug
+# something else.
+
+ifndef ENABLE_FOOTNOTE_WARNINGS
+ ENABLE_FOOTNOTE_WARNINGS := yes
+endif
+
LIBHAL_DIR = ../libhal
LIBTFM_DIR = ../thirdparty/libtfm
SQLITE3_DIR = ../thirdparty/sqlite3
@@ -53,6 +61,10 @@ CFLAGS := -g3 -fPIC -Wall -std=c99 -I${LIBHAL_DIR} -I${SQLITE3_DIR}
SOFLAGS := -Wl,-Bsymbolic-functions -Wl,-Bsymbolic -Wl,-z,noexecstack
LIBS := ${LIBHAL_DIR}/libhal.a ${LIBTFM_DIR}/libtfm.a ${SQLITE3_DIR}/libsqlite3.a
+ifeq "${ENABLE_FOOTNOTE_WARNINGS}" "no"
+ CFLAGS += -Wno-\#warnings
+endif
+
ifeq "${ENABLE_THREADS}" "yes"
CFLAGS += -pthread
else
diff --git a/pkcs11.c b/pkcs11.c
index e0a43ac..433e7ab 100644
--- a/pkcs11.c
+++ b/pkcs11.c
@@ -481,7 +481,7 @@ static CK_RV posix_mutex_unlock(CK_VOID_PTR pMutex)
*/
#warning Perhaps this should be a utility routine in libhal instead of here
-static int ec_curve_oid_to_name(const uint8_t * const oid, const size_t oid_len, hal_ecdsa_curve_t *curve)
+static int ec_curve_oid_to_name(const uint8_t * const oid, const size_t oid_len, hal_curve_name_t *curve)
{
static uint8_t ec_curve_oid_p256[] = { 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07 };
static uint8_t ec_curve_oid_p384[] = { 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22 };
@@ -491,13 +491,13 @@ static int ec_curve_oid_to_name(const uint8_t * const oid, const size_t oid_len,
return 0;
else if (oid_len == sizeof(ec_curve_oid_p256) && memcmp(oid, ec_curve_oid_p256, oid_len) == 0)
- *curve = HAL_ECDSA_CURVE_P256;
+ *curve = HAL_CURVE_P256;
else if (oid_len == sizeof(ec_curve_oid_p384) && memcmp(oid, ec_curve_oid_p384, oid_len) == 0)
- *curve = HAL_ECDSA_CURVE_P384;
+ *curve = HAL_CURVE_P384;
else if (oid_len == sizeof(ec_curve_oid_p521) && memcmp(oid, ec_curve_oid_p521, oid_len) == 0)
- *curve = HAL_ECDSA_CURVE_P521;
+ *curve = HAL_CURVE_P521;
else
return 0;
@@ -1237,7 +1237,7 @@ static hal_error_t p11_object_encode_rsa_key(const void * const key,
size_t *der_len,
const size_t der_max)
{
- return hal_rsa_key_to_der(key, der, der_len, der_max);
+ return hal_rsa_private_key_to_der(key, der, der_len, der_max);
}
static int p11_object_set_rsa_private_key(const CK_OBJECT_HANDLE object_handle,
@@ -1245,7 +1245,7 @@ static int p11_object_set_rsa_private_key(const CK_OBJECT_HANDLE object_handle,
{
return p11_object_set_generic_private_key(object_handle,
key,
- hal_rsa_key_to_der_len(key),
+ hal_rsa_private_key_to_der_len(key),
p11_object_encode_rsa_key);
}
@@ -1261,7 +1261,7 @@ static hal_error_t p11_object_encode_ec_key(const void * const key,
size_t *der_len,
const size_t der_max)
{
- return hal_ecdsa_key_to_der(key, der, der_len, der_max);
+ return hal_ecdsa_private_key_to_der(key, der, der_len, der_max);
}
static int p11_object_set_ec_private_key(const CK_OBJECT_HANDLE object_handle,
@@ -1269,7 +1269,7 @@ static int p11_object_set_ec_private_key(const CK_OBJECT_HANDLE object_handle,
{
return p11_object_set_generic_private_key(object_handle,
key,
- hal_ecdsa_key_to_der_len(key),
+ hal_ecdsa_private_key_to_der_len(key),
p11_object_encode_ec_key);
}
@@ -1347,7 +1347,7 @@ static hal_error_t p11_object_decode_rsa_key(void **key_,
{
assert(key_ != NULL);
hal_rsa_key_t *key = NULL;
- hal_error_t err = hal_rsa_key_from_der(&key, keybuf, keybuf_len, der, der_len);
+ hal_error_t err = hal_rsa_private_key_from_der(&key, keybuf, keybuf_len, der, der_len);
*key_ = key;
return err;
}
@@ -1376,7 +1376,7 @@ static hal_error_t p11_object_decode_ec_key(void **key_,
{
assert(key_ != NULL);
hal_ecdsa_key_t *key = NULL;
- hal_error_t err = hal_ecdsa_key_from_der(&key, keybuf, keybuf_len, der, der_len);
+ hal_error_t err = hal_ecdsa_private_key_from_der(&key, keybuf, keybuf_len, der, der_len);
*key_ = key;
return err;
}
@@ -1451,7 +1451,7 @@ static int p11_object_get_ec_public_key(const CK_OBJECT_HANDLE object_handle,
const char *flavor = is_token_handle(object_handle) ? "token" : "session";
sqlite3_stmt *q = NULL;
- hal_ecdsa_curve_t curve;
+ hal_curve_name_t curve;
assert(key != NULL && keybuf != NULL);
@@ -1996,7 +1996,7 @@ static CK_RV generate_keypair_ec(p11_session_t *session,
uint8_t keybuf[hal_ecdsa_key_t_size];
hal_ecdsa_key_t *key = NULL;
const CK_BYTE *params = NULL;
- hal_ecdsa_curve_t curve;
+ hal_curve_name_t curve;
size_t params_len;
CK_RV rv;
int i;
@@ -2443,7 +2443,7 @@ static CK_RV sign_ecdsa(p11_session_t *session,
{
uint8_t keybuf[hal_ecdsa_key_t_size];
hal_ecdsa_key_t *key = NULL;
- hal_ecdsa_curve_t curve;
+ hal_curve_name_t curve;
size_t signature_len;
CK_RV rv;
@@ -2463,9 +2463,9 @@ static CK_RV sign_ecdsa(p11_session_t *session,
lose(CKR_FUNCTION_FAILED);
switch (curve) {
- case HAL_ECDSA_CURVE_P256: signature_len = 256; break;
- case HAL_ECDSA_CURVE_P384: signature_len = 384; break;
- case HAL_ECDSA_CURVE_P521: signature_len = 521; break;
+ case HAL_CURVE_P256: signature_len = 256; break;
+ case HAL_CURVE_P384: signature_len = 384; break;
+ case HAL_CURVE_P521: signature_len = 521; break;
default: lose(CKR_FUNCTION_FAILED);
}
@@ -2488,8 +2488,7 @@ static CK_RV sign_ecdsa(p11_session_t *session,
}
if (pSignature != NULL && !hal_check(hal_ecdsa_sign(NULL, key, pData, ulDataLen,
- pSignature, &signature_len, *pulSignatureLen,
- HAL_ECDSA_SIGNATURE_FORMAT_PKCS11)))
+ pSignature, &signature_len, *pulSignatureLen)))
lose(CKR_FUNCTION_FAILED);
assert(signature_len == *pulSignatureLen);
@@ -2532,8 +2531,7 @@ static CK_RV verify_ecdsa(p11_session_t *session,
ulDataLen = sizeof(digest);
}
- if (!hal_check(hal_ecdsa_verify(NULL, key, pData, ulDataLen,
- pSignature, ulSignatureLen, HAL_ECDSA_SIGNATURE_FORMAT_PKCS11)))
+ if (!hal_check(hal_ecdsa_verify(NULL, key, pData, ulDataLen, pSignature, ulSignatureLen)))
lose(CKR_SIGNATURE_INVALID);
rv = CKR_OK; /* Fall through */