This reduces drastically the amount of copy-on-write memory the code
requires.
---
usr/lib/pkcs11/cca_stdll/cca_specific.c | 12 ++--
usr/lib/pkcs11/cca_stdll/globals.c | 62 ++++++++++++------------
usr/lib/pkcs11/cca_stdll/h_extern.h | 72 ++++++++++++++--------------
usr/lib/pkcs11/cca_stdll/mech_rsa.c | 2 +-
usr/lib/pkcs11/common/globals.c | 62 ++++++++++++------------
usr/lib/pkcs11/common/h_extern.h | 72 ++++++++++++++--------------
usr/lib/pkcs11/soft_stdll/soft_specific.c | 12 ++--
usr/sbin/pkcsslotd/err.c | 40 ++++++++--------
usr/sbin/pkcsslotd/err.h | 3 +-
usr/sbin/pkcsslotd/odm.h | 3 +-
10 files changed, 171 insertions(+), 169 deletions(-)
diff --git a/usr/lib/pkcs11/cca_stdll/cca_specific.c
b/usr/lib/pkcs11/cca_stdll/cca_specific.c
index 02ce069..bb1afaa 100644
--- a/usr/lib/pkcs11/cca_stdll/cca_specific.c
+++ b/usr/lib/pkcs11/cca_stdll/cca_specific.c
@@ -36,13 +36,13 @@
#include "csulincl.h"
-CK_CHAR manuf[] = "IBM Corp.";
-CK_CHAR model[] = "IBM CCA Token";
-CK_CHAR descr[] = "IBM PKCS#11 CCA Token";
-CK_CHAR label[] = "IBM PKCS#11 for CCA";
+static const CK_CHAR manuf[] = "IBM Corp.";
+static const CK_CHAR model[] = "IBM CCA Token";
+static const CK_CHAR descr[] = "IBM PKCS#11 CCA Token";
+static const CK_CHAR label[] = "IBM PKCS#11 for CCA";
/* mechanisms provided by this token */
-MECH_LIST_ELEMENT mech_list[] = {
+const MECH_LIST_ELEMENT mech_list[] = {
{ CKM_DES_KEY_GEN, { 8, 8, CKF_HW | CKF_GENERATE } },
{ CKM_DES3_KEY_GEN, { 24, 24, CKF_HW | CKF_GENERATE } },
{ CKM_RSA_PKCS_KEY_PAIR_GEN, { 512, 4096, CKF_HW | CKF_GENERATE_KEY_PAIR
} },
@@ -93,7 +93,7 @@ MECH_LIST_ELEMENT mech_list[] = {
{ CKM_MD2_HMAC_GENERAL, { 0, 0, CKF_SIGN | CKF_VERIFY } }
};
-CK_ULONG mech_list_len = (sizeof(mech_list) / sizeof(MECH_LIST_ELEMENT));
+const CK_ULONG mech_list_len = (sizeof(mech_list) / sizeof(MECH_LIST_ELEMENT));
CK_RV
diff --git a/usr/lib/pkcs11/cca_stdll/globals.c
b/usr/lib/pkcs11/cca_stdll/globals.c
index e4471da..a0a321b 100644
--- a/usr/lib/pkcs11/cca_stdll/globals.c
+++ b/usr/lib/pkcs11/cca_stdll/globals.c
@@ -133,49 +133,49 @@ struct ST_FCN_LIST function_list ;
// OBJECT IDENTIFIERs
//
-CK_BYTE ber_idDSA[] = { 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x38,
0x04, 0x01 };
-CK_BYTE ber_rsaEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x01 };
-CK_BYTE ber_md2WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x02 };
-CK_BYTE ber_md4WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x03 };
-CK_BYTE ber_md5WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x04 };
-CK_BYTE ber_sha1WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x05 };
+const CK_BYTE ber_idDSA[] = { 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce,
0x38, 0x04, 0x01 };
+const CK_BYTE ber_rsaEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x01 };
+const CK_BYTE ber_md2WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x02 };
+const CK_BYTE ber_md4WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x03 };
+const CK_BYTE ber_md5WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04 };
+const CK_BYTE ber_sha1WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05 };
// Algorithm IDs. (Sequence of OID plus parms, usually NULL)
//
-CK_BYTE ber_AlgMd2[] = { 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x02, 0x02, 0x05, 0x00 };
-CK_BYTE ber_AlgMd5[] = { 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x02, 0x05, 0x05, 0x00 };
-CK_BYTE ber_AlgSha1[] = { 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02,
0x1A, 0x05, 0x00 };
-CK_BYTE ber_AlgSha256[] = { 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00 };
-CK_BYTE ber_AlgIdRSAEncryption[] = { 0x30, 0x0D, 0x06, 0x09, 0x2a, 0x86,
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00 };
+const CK_BYTE ber_AlgMd2[] = { 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48,
0x86, 0xF7, 0x0D, 0x02, 0x02, 0x05, 0x00 };
+const CK_BYTE ber_AlgMd5[] = { 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48,
0x86, 0xF7, 0x0D, 0x02, 0x05, 0x05, 0x00 };
+const CK_BYTE ber_AlgSha1[] = { 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03,
0x02, 0x1A, 0x05, 0x00 };
+const CK_BYTE ber_AlgSha256[] = { 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48,
0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00 };
+const CK_BYTE ber_AlgIdRSAEncryption[] = { 0x30, 0x0D, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00 };
// ID Lengths
//
-CK_ULONG ber_idDSALen = sizeof(ber_idDSA);
-CK_ULONG ber_rsaEncryptionLen = sizeof(ber_rsaEncryption);
-CK_ULONG ber_md2WithRSAEncryptionLen = sizeof(ber_md2WithRSAEncryption);
-CK_ULONG ber_md4WithRSAEncryptionLen = sizeof(ber_md4WithRSAEncryption);
-CK_ULONG ber_md5WithRSAEncryptionLen = sizeof(ber_md5WithRSAEncryption);
-CK_ULONG ber_sha1WithRSAEncryptionLen= sizeof(ber_sha1WithRSAEncryption);
+const CK_ULONG ber_idDSALen = sizeof(ber_idDSA);
+const CK_ULONG ber_rsaEncryptionLen = sizeof(ber_rsaEncryption);
+const CK_ULONG ber_md2WithRSAEncryptionLen = sizeof(ber_md2WithRSAEncryption);
+const CK_ULONG ber_md4WithRSAEncryptionLen = sizeof(ber_md4WithRSAEncryption);
+const CK_ULONG ber_md5WithRSAEncryptionLen = sizeof(ber_md5WithRSAEncryption);
+const CK_ULONG ber_sha1WithRSAEncryptionLen= sizeof(ber_sha1WithRSAEncryption);
-CK_ULONG ber_AlgMd2Len= sizeof(ber_AlgMd2);
-CK_ULONG ber_AlgMd5Len= sizeof(ber_AlgMd5);
-CK_ULONG ber_AlgSha1Len= sizeof(ber_AlgSha1);
-CK_ULONG ber_AlgSha256Len= sizeof(ber_AlgSha256);
-CK_ULONG ber_AlgIdRSAEncryptionLen = sizeof(ber_AlgIdRSAEncryption);
+const CK_ULONG ber_AlgMd2Len= sizeof(ber_AlgMd2);
+const CK_ULONG ber_AlgMd5Len= sizeof(ber_AlgMd5);
+const CK_ULONG ber_AlgSha1Len= sizeof(ber_AlgSha1);
+const CK_ULONG ber_AlgSha256Len= sizeof(ber_AlgSha256);
+const CK_ULONG ber_AlgIdRSAEncryptionLen = sizeof(ber_AlgIdRSAEncryption);
-CK_ULONG des_weak_count = 4;
-CK_ULONG des_semi_weak_count = 12;
-CK_ULONG des_possibly_weak_count = 48;
+const CK_ULONG des_weak_count = 4;
+const CK_ULONG des_semi_weak_count = 12;
+const CK_ULONG des_possibly_weak_count = 48;
-CK_BYTE des_weak_keys[4][8] = {
+const CK_BYTE des_weak_keys[4][8] = {
{0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
{0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
{0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1},
{0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE}
};
-CK_BYTE des_semi_weak_keys[12][8] = {
+const CK_BYTE des_semi_weak_keys[12][8] = {
{0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE},
{0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01},
{0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1},
@@ -190,7 +190,7 @@ CK_BYTE des_semi_weak_keys[12][8] = {
{0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}
};
-CK_BYTE des_possibly_weak_keys[48][8] = {
+const CK_BYTE des_possibly_weak_keys[48][8] = {
{0x1F, 0x1F, 0x01, 0x01, 0x0E, 0x0E, 0x01, 0x01},
{0x01, 0x1F, 0x1F, 0x01, 0x01, 0x0E, 0x0E, 0x01},
{0x1F, 0x01, 0x01, 0x1F, 0x0E, 0x01, 0x01, 0x0E},
@@ -252,19 +252,19 @@ CK_BYTE des_possibly_weak_keys[48][8] = {
//
// default SO pin = "87654321"
//
-CK_BYTE default_so_pin_md5[MD5_HASH_SIZE] = {
+const CK_BYTE default_so_pin_md5[MD5_HASH_SIZE] = {
0x5E, 0x86, 0x67, 0xA4, 0x39, 0xC6, 0x8F, 0x51,
0x45, 0xDD, 0x2F, 0xCB, 0xEC, 0xF0, 0x22, 0x09
};
-CK_BYTE default_so_pin_sha[SHA1_HASH_SIZE] = {
+const CK_BYTE default_so_pin_sha[SHA1_HASH_SIZE] = {
0xA7, 0xD5, 0x79, 0xBA, 0x76, 0x39, 0x80, 0x70,
0xEA, 0xE6, 0x54, 0xC3, 0x0F, 0xF1, 0x53, 0xA4,
0xC2, 0x73, 0x27, 0x2A
};
/* SHA-1 of "12345678" */
-CK_BYTE default_user_pin_sha[SHA1_HASH_SIZE] = {
+const CK_BYTE default_user_pin_sha[SHA1_HASH_SIZE] = {
0x7c, 0x22, 0x2f, 0xb2, 0x92, 0x7d, 0x82, 0x8a,
0xf2, 0x2f, 0x59, 0x21, 0x34, 0xe8, 0x93, 0x24,
0x80, 0x63, 0x7c, 0x0d
diff --git a/usr/lib/pkcs11/cca_stdll/h_extern.h
b/usr/lib/pkcs11/cca_stdll/h_extern.h
index 6671ec3..f94ec65 100644
--- a/usr/lib/pkcs11/cca_stdll/h_extern.h
+++ b/usr/lib/pkcs11/cca_stdll/h_extern.h
@@ -40,8 +40,8 @@ extern CK_BBOOL initialized;
extern char *card_function_names[];
extern char *total_function_names[];
-extern MECH_LIST_ELEMENT mech_list[];
-extern CK_ULONG mech_list_len;
+extern const MECH_LIST_ELEMENT mech_list[];
+extern const CK_ULONG mech_list_len;
extern pthread_mutex_t native_mutex;
#if SYSVSEM
@@ -64,9 +64,9 @@ extern CK_BYTE master_key[MASTER_KEY_SIZE];
extern CK_BYTE so_pin_md5[MD5_HASH_SIZE];
extern CK_BYTE user_pin_md5[MD5_HASH_SIZE];
-extern CK_BYTE default_user_pin_sha[SHA1_HASH_SIZE];
-extern CK_BYTE default_so_pin_sha[SHA1_HASH_SIZE];
-extern CK_BYTE default_so_pin_md5[MD5_HASH_SIZE];
+extern const CK_BYTE default_user_pin_sha[SHA1_HASH_SIZE];
+extern const CK_BYTE default_so_pin_sha[SHA1_HASH_SIZE];
+extern const CK_BYTE default_so_pin_md5[MD5_HASH_SIZE];
extern LW_SHM_TYPE *global_shm;
@@ -81,37 +81,37 @@ extern CK_ULONG ro_session_count;
extern CK_STATE global_login_state;
-extern CK_BYTE ber_AlgIdRSAEncryption[];
-extern CK_ULONG ber_AlgIdRSAEncryptionLen;
-extern CK_BYTE ber_rsaEncryption[];
-extern CK_ULONG ber_rsaEncryptionLen;
-extern CK_BYTE ber_idDSA[];
-extern CK_ULONG ber_idDSALen;
-
-extern CK_BYTE ber_md2WithRSAEncryption[];
-extern CK_ULONG ber_md2WithRSAEncryptionLen;
-extern CK_BYTE ber_md4WithRSAEncryption[];
-extern CK_ULONG ber_md4WithRSAEncryptionLen;
-extern CK_BYTE ber_md5WithRSAEncryption[];
-extern CK_ULONG ber_md5WithRSAEncryptionLen;
-extern CK_BYTE ber_sha1WithRSAEncryption[];
-extern CK_ULONG ber_sha1WithRSAEncryptionLen;
-extern CK_BYTE ber_AlgMd2[];
-extern CK_ULONG ber_AlgMd2Len;
-extern CK_BYTE ber_AlgMd5[];
-extern CK_ULONG ber_AlgMd5Len;
-extern CK_BYTE ber_AlgSha1[];
-extern CK_ULONG ber_AlgSha1Len;
-extern CK_BYTE ber_AlgSha256[];
-extern CK_ULONG ber_AlgSha256Len;
-
-
-extern CK_ULONG des_weak_count;
-extern CK_ULONG des_semi_weak_count;
-extern CK_ULONG des_possibly_weak_count;
-extern CK_BYTE des_weak_keys[4][8];
-extern CK_BYTE des_semi_weak_keys[12][8];
-extern CK_BYTE des_possibly_weak_keys[48][8];
+extern const CK_BYTE ber_AlgIdRSAEncryption[];
+extern const CK_ULONG ber_AlgIdRSAEncryptionLen;
+extern const CK_BYTE ber_rsaEncryption[];
+extern const CK_ULONG ber_rsaEncryptionLen;
+extern const CK_BYTE ber_idDSA[];
+extern const CK_ULONG ber_idDSALen;
+
+extern const CK_BYTE ber_md2WithRSAEncryption[];
+extern const CK_ULONG ber_md2WithRSAEncryptionLen;
+extern const CK_BYTE ber_md4WithRSAEncryption[];
+extern const CK_ULONG ber_md4WithRSAEncryptionLen;
+extern const CK_BYTE ber_md5WithRSAEncryption[];
+extern const CK_ULONG ber_md5WithRSAEncryptionLen;
+extern const CK_BYTE ber_sha1WithRSAEncryption[];
+extern const CK_ULONG ber_sha1WithRSAEncryptionLen;
+extern const CK_BYTE ber_AlgMd2[];
+extern const CK_ULONG ber_AlgMd2Len;
+extern const CK_BYTE ber_AlgMd5[];
+extern const CK_ULONG ber_AlgMd5Len;
+extern const CK_BYTE ber_AlgSha1[];
+extern const CK_ULONG ber_AlgSha1Len;
+extern const CK_BYTE ber_AlgSha256[];
+extern const CK_ULONG ber_AlgSha256Len;
+
+
+extern const CK_ULONG des_weak_count;
+extern const CK_ULONG des_semi_weak_count;
+extern const CK_ULONG des_possibly_weak_count;
+extern const CK_BYTE des_weak_keys[4][8];
+extern const CK_BYTE des_semi_weak_keys[12][8];
+extern const CK_BYTE des_possibly_weak_keys[48][8];
extern struct ST_FCN_LIST function_list;
diff --git a/usr/lib/pkcs11/cca_stdll/mech_rsa.c
b/usr/lib/pkcs11/cca_stdll/mech_rsa.c
index cd14d2c..b1da7d5 100644
--- a/usr/lib/pkcs11/cca_stdll/mech_rsa.c
+++ b/usr/lib/pkcs11/cca_stdll/mech_rsa.c
@@ -313,7 +313,7 @@ rsa_hash_pkcs_sign( SESSION * sess,
{
CK_BYTE * ber_data = NULL;
CK_BYTE * octet_str = NULL;
- CK_BYTE * oid = NULL;
+ const CK_BYTE * oid = NULL;
CK_BYTE * tmp = NULL;
CK_ULONG buf1[16]; // 64 bytes is more than enough
diff --git a/usr/lib/pkcs11/common/globals.c b/usr/lib/pkcs11/common/globals.c
index 43aa68c..93ae298 100644
--- a/usr/lib/pkcs11/common/globals.c
+++ b/usr/lib/pkcs11/common/globals.c
@@ -409,49 +409,49 @@ struct ST_FCN_LIST function_list ;
// OBJECT IDENTIFIERs
//
-CK_BYTE ber_idDSA[] = { 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x38,
0x04, 0x01 };
-CK_BYTE ber_rsaEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7,
0x0d, 0x01, 0x01, 0x01 };
-CK_BYTE ber_md2WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x02 };
-CK_BYTE ber_md4WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x03 };
-CK_BYTE ber_md5WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x04 };
-CK_BYTE ber_sha1WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x05 };
+const CK_BYTE ber_idDSA[] = { 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce,
0x38, 0x04, 0x01 };
+const CK_BYTE ber_rsaEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
0xf7, 0x0d, 0x01, 0x01, 0x01 };
+const CK_BYTE ber_md2WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x02 };
+const CK_BYTE ber_md4WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x03 };
+const CK_BYTE ber_md5WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x04 };
+const CK_BYTE ber_sha1WithRSAEncryption[] = { 0x06, 0x09, 0x2a, 0x86, 0x48,
0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05 };
// Algorithm IDs. (Sequence of OID plus parms, usually NULL)
//
-CK_BYTE ber_AlgMd2[] = { 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x02, 0x02, 0x05, 0x00 };
-CK_BYTE ber_AlgMd5[] = { 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86,
0xF7, 0x0D, 0x02, 0x05, 0x05, 0x00 };
-CK_BYTE ber_AlgSha1[] = { 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02,
0x1A, 0x05, 0x00 };
-CK_BYTE ber_AlgSha256[] = { 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00 };
-CK_BYTE ber_AlgIdRSAEncryption[] = { 0x30, 0x0D, 0x06, 0x09, 0x2a, 0x86,
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00 };
+const CK_BYTE ber_AlgMd2[] = { 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48,
0x86, 0xF7, 0x0D, 0x02, 0x02, 0x05, 0x00 };
+const CK_BYTE ber_AlgMd5[] = { 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48,
0x86, 0xF7, 0x0D, 0x02, 0x05, 0x05, 0x00 };
+const CK_BYTE ber_AlgSha1[] = { 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03,
0x02, 0x1A, 0x05, 0x00 };
+const CK_BYTE ber_AlgSha256[] = { 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48,
0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00 };
+const CK_BYTE ber_AlgIdRSAEncryption[] = { 0x30, 0x0D, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00 };
// ID Lengths
//
-CK_ULONG ber_idDSALen = sizeof(ber_idDSA);
-CK_ULONG ber_rsaEncryptionLen = sizeof(ber_rsaEncryption);
-CK_ULONG ber_md2WithRSAEncryptionLen = sizeof(ber_md2WithRSAEncryption);
-CK_ULONG ber_md4WithRSAEncryptionLen = sizeof(ber_md4WithRSAEncryption);
-CK_ULONG ber_md5WithRSAEncryptionLen = sizeof(ber_md5WithRSAEncryption);
-CK_ULONG ber_sha1WithRSAEncryptionLen= sizeof(ber_sha1WithRSAEncryption);
+const CK_ULONG ber_idDSALen = sizeof(ber_idDSA);
+const CK_ULONG ber_rsaEncryptionLen = sizeof(ber_rsaEncryption);
+const CK_ULONG ber_md2WithRSAEncryptionLen = sizeof(ber_md2WithRSAEncryption);
+const CK_ULONG ber_md4WithRSAEncryptionLen = sizeof(ber_md4WithRSAEncryption);
+const CK_ULONG ber_md5WithRSAEncryptionLen = sizeof(ber_md5WithRSAEncryption);
+const CK_ULONG ber_sha1WithRSAEncryptionLen= sizeof(ber_sha1WithRSAEncryption);
-CK_ULONG ber_AlgMd2Len= sizeof(ber_AlgMd2);
-CK_ULONG ber_AlgMd5Len= sizeof(ber_AlgMd5);
-CK_ULONG ber_AlgSha1Len= sizeof(ber_AlgSha1);
-CK_ULONG ber_AlgSha256Len= sizeof(ber_AlgSha256);
-CK_ULONG ber_AlgIdRSAEncryptionLen = sizeof(ber_AlgIdRSAEncryption);
+const CK_ULONG ber_AlgMd2Len= sizeof(ber_AlgMd2);
+const CK_ULONG ber_AlgMd5Len= sizeof(ber_AlgMd5);
+const CK_ULONG ber_AlgSha1Len= sizeof(ber_AlgSha1);
+const CK_ULONG ber_AlgSha256Len= sizeof(ber_AlgSha256);
+const CK_ULONG ber_AlgIdRSAEncryptionLen = sizeof(ber_AlgIdRSAEncryption);
-CK_ULONG des_weak_count = 4;
-CK_ULONG des_semi_weak_count = 12;
-CK_ULONG des_possibly_weak_count = 48;
+const CK_ULONG des_weak_count = 4;
+const CK_ULONG des_semi_weak_count = 12;
+const CK_ULONG des_possibly_weak_count = 48;
-CK_BYTE des_weak_keys[4][8] = {
+const CK_BYTE des_weak_keys[4][8] = {
{0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
{0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
{0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1},
{0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE}
};
-CK_BYTE des_semi_weak_keys[12][8] = {
+const CK_BYTE des_semi_weak_keys[12][8] = {
{0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE},
{0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01},
{0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1},
@@ -466,7 +466,7 @@ CK_BYTE des_semi_weak_keys[12][8] = {
{0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}
};
-CK_BYTE des_possibly_weak_keys[48][8] = {
+const CK_BYTE des_possibly_weak_keys[48][8] = {
{0x1F, 0x1F, 0x01, 0x01, 0x0E, 0x0E, 0x01, 0x01},
{0x01, 0x1F, 0x1F, 0x01, 0x01, 0x0E, 0x0E, 0x01},
{0x1F, 0x01, 0x01, 0x1F, 0x0E, 0x01, 0x01, 0x0E},
@@ -528,19 +528,19 @@ CK_BYTE des_possibly_weak_keys[48][8] = {
//
// default SO pin = "87654321"
//
-CK_BYTE default_so_pin_md5[MD5_HASH_SIZE] = {
+const CK_BYTE default_so_pin_md5[MD5_HASH_SIZE] = {
0x5E, 0x86, 0x67, 0xA4, 0x39, 0xC6, 0x8F, 0x51,
0x45, 0xDD, 0x2F, 0xCB, 0xEC, 0xF0, 0x22, 0x09
};
-CK_BYTE default_so_pin_sha[SHA1_HASH_SIZE] = {
+const CK_BYTE default_so_pin_sha[SHA1_HASH_SIZE] = {
0xA7, 0xD5, 0x79, 0xBA, 0x76, 0x39, 0x80, 0x70,
0xEA, 0xE6, 0x54, 0xC3, 0x0F, 0xF1, 0x53, 0xA4,
0xC2, 0x73, 0x27, 0x2A
};
/* SHA-1 of "12345678" */
-CK_BYTE default_user_pin_sha[SHA1_HASH_SIZE] = {
+const CK_BYTE default_user_pin_sha[SHA1_HASH_SIZE] = {
0x7c, 0x22, 0x2f, 0xb2, 0x92, 0x7d, 0x82, 0x8a,
0xf2, 0x2f, 0x59, 0x21, 0x34, 0xe8, 0x93, 0x24,
0x80, 0x63, 0x7c, 0x0d
diff --git a/usr/lib/pkcs11/common/h_extern.h b/usr/lib/pkcs11/common/h_extern.h
index d67a8d9..d0f54d8 100644
--- a/usr/lib/pkcs11/common/h_extern.h
+++ b/usr/lib/pkcs11/common/h_extern.h
@@ -324,8 +324,8 @@ extern CK_BBOOL initialized;
extern char *card_function_names[];
extern char *total_function_names[];
-extern MECH_LIST_ELEMENT mech_list[];
-extern CK_ULONG mech_list_len;
+extern const MECH_LIST_ELEMENT mech_list[];
+extern const CK_ULONG mech_list_len;
extern pthread_mutex_t native_mutex;
#if SYSVSEM
@@ -348,9 +348,9 @@ extern CK_BYTE master_key[3*DES_KEY_SIZE];
extern CK_BYTE so_pin_md5[MD5_HASH_SIZE];
extern CK_BYTE user_pin_md5[MD5_HASH_SIZE];
-extern CK_BYTE default_user_pin_sha[SHA1_HASH_SIZE];
-extern CK_BYTE default_so_pin_sha[SHA1_HASH_SIZE];
-extern CK_BYTE default_so_pin_md5[MD5_HASH_SIZE];
+extern const CK_BYTE default_user_pin_sha[SHA1_HASH_SIZE];
+extern const CK_BYTE default_so_pin_sha[SHA1_HASH_SIZE];
+extern const CK_BYTE default_so_pin_md5[MD5_HASH_SIZE];
extern LW_SHM_TYPE *global_shm;
@@ -365,37 +365,37 @@ extern CK_ULONG ro_session_count;
extern CK_STATE global_login_state;
-extern CK_BYTE ber_AlgIdRSAEncryption[];
-extern CK_ULONG ber_AlgIdRSAEncryptionLen;
-extern CK_BYTE ber_rsaEncryption[];
-extern CK_ULONG ber_rsaEncryptionLen;
-extern CK_BYTE ber_idDSA[];
-extern CK_ULONG ber_idDSALen;
-
-extern CK_BYTE ber_md2WithRSAEncryption[];
-extern CK_ULONG ber_md2WithRSAEncryptionLen;
-extern CK_BYTE ber_md4WithRSAEncryption[];
-extern CK_ULONG ber_md4WithRSAEncryptionLen;
-extern CK_BYTE ber_md5WithRSAEncryption[];
-extern CK_ULONG ber_md5WithRSAEncryptionLen;
-extern CK_BYTE ber_sha1WithRSAEncryption[];
-extern CK_ULONG ber_sha1WithRSAEncryptionLen;
-extern CK_BYTE ber_AlgMd2[];
-extern CK_ULONG ber_AlgMd2Len;
-extern CK_BYTE ber_AlgMd5[];
-extern CK_ULONG ber_AlgMd5Len;
-extern CK_BYTE ber_AlgSha1[];
-extern CK_ULONG ber_AlgSha1Len;
-extern CK_BYTE ber_AlgSha256[];
-extern CK_ULONG ber_AlgSha256Len;
-
-
-extern CK_ULONG des_weak_count;
-extern CK_ULONG des_semi_weak_count;
-extern CK_ULONG des_possibly_weak_count;
-extern CK_BYTE des_weak_keys[4][8];
-extern CK_BYTE des_semi_weak_keys[12][8];
-extern CK_BYTE des_possibly_weak_keys[48][8];
+extern const CK_BYTE ber_AlgIdRSAEncryption[];
+extern const CK_ULONG ber_AlgIdRSAEncryptionLen;
+extern const CK_BYTE ber_rsaEncryption[];
+extern const CK_ULONG ber_rsaEncryptionLen;
+extern const CK_BYTE ber_idDSA[];
+extern const CK_ULONG ber_idDSALen;
+
+extern const CK_BYTE ber_md2WithRSAEncryption[];
+extern const CK_ULONG ber_md2WithRSAEncryptionLen;
+extern const CK_BYTE ber_md4WithRSAEncryption[];
+extern const CK_ULONG ber_md4WithRSAEncryptionLen;
+extern const CK_BYTE ber_md5WithRSAEncryption[];
+extern const CK_ULONG ber_md5WithRSAEncryptionLen;
+extern const CK_BYTE ber_sha1WithRSAEncryption[];
+extern const CK_ULONG ber_sha1WithRSAEncryptionLen;
+extern const CK_BYTE ber_AlgMd2[];
+extern const CK_ULONG ber_AlgMd2Len;
+extern const CK_BYTE ber_AlgMd5[];
+extern const CK_ULONG ber_AlgMd5Len;
+extern const CK_BYTE ber_AlgSha1[];
+extern const CK_ULONG ber_AlgSha1Len;
+extern const CK_BYTE ber_AlgSha256[];
+extern const CK_ULONG ber_AlgSha256Len;
+
+
+extern const CK_ULONG des_weak_count;
+extern const CK_ULONG des_semi_weak_count;
+extern const CK_ULONG des_possibly_weak_count;
+extern const CK_BYTE des_weak_keys[4][8];
+extern const CK_BYTE des_semi_weak_keys[12][8];
+extern const CK_BYTE des_possibly_weak_keys[48][8];
extern struct ST_FCN_LIST function_list;
diff --git a/usr/lib/pkcs11/soft_stdll/soft_specific.c
b/usr/lib/pkcs11/soft_stdll/soft_specific.c
index 7dfb077..80320b8 100644
--- a/usr/lib/pkcs11/soft_stdll/soft_specific.c
+++ b/usr/lib/pkcs11/soft_stdll/soft_specific.c
@@ -330,10 +330,10 @@ pthread_mutex_t rngmtx = PTHREAD_MUTEX_INITIALIZER;
pthread_mutex_t nextmutex = PTHREAD_MUTEX_INITIALIZER;
unsigned int rnginitialized=0;
-CK_CHAR manuf[] = "IBM Corp.";
-CK_CHAR model[] = "IBM SoftTok ";
-CK_CHAR descr[] = "IBM PKCS#11 Soft token";
-CK_CHAR label[] = "IBM OS PKCS#11 ";
+static const CK_CHAR manuf[] = "IBM Corp.";
+static const CK_CHAR model[] = "IBM SoftTok ";
+static const CK_CHAR descr[] = "IBM PKCS#11 Soft token";
+static const CK_CHAR label[] = "IBM OS PKCS#11 ";
@@ -1465,7 +1465,7 @@ token_specific_dh_pkcs_key_pair_gen( TEMPLATE *
publ_tmpl,
} /* end token_specific_dh_key_pair_gen() */
/* End code contributed by Corrent corp. */
-MECH_LIST_ELEMENT mech_list[] = {
+const MECH_LIST_ELEMENT mech_list[] = {
{ CKM_RSA_PKCS_KEY_PAIR_GEN, {512, 4096, CKF_GENERATE_KEY_PAIR} },
#if !(NODSA)
{ CKM_DSA_KEY_PAIR_GEN, {512, 1024, CKF_GENERATE_KEY_PAIR} },
@@ -1587,7 +1587,7 @@ MECH_LIST_ELEMENT mech_list[] = {
};
-CK_ULONG mech_list_len = (sizeof(mech_list) / sizeof(MECH_LIST_ELEMENT));
+const CK_ULONG mech_list_len = (sizeof(mech_list) / sizeof(MECH_LIST_ELEMENT));
CK_RV
token_specific_get_mechanism_list(CK_MECHANISM_TYPE_PTR pMechanismList,
diff --git a/usr/sbin/pkcsslotd/err.c b/usr/sbin/pkcsslotd/err.c
index 0409309..f6d1b7e 100644
--- a/usr/sbin/pkcsslotd/err.c
+++ b/usr/sbin/pkcsslotd/err.c
@@ -434,7 +434,7 @@
- static ConstInfo SignalInfo[] = {
+ static const ConstInfo SignalInfo[] = {
CONSTINFO(SIGHUP),
CONSTINFO(SIGINT),
@@ -485,13 +485,13 @@
};
- static int SignalInfoSize = (sizeof(SignalInfo) / sizeof(SignalInfo[0]));
+ static const int SignalInfoSize = (sizeof(SignalInfo) /
sizeof(SignalInfo[0]));
#ifndef NODAE
- static ConstInfo DAEError[] = {
+ static const ConstInfo DAEError[] = {
CONSTINFO(DAE_E_OK),
CONSTINFO(DAE_E_NOTAGAIN),
@@ -514,14 +514,14 @@
};
- static int DAEErrorSize = (sizeof(DAEError) / sizeof(DAEError[0]));
+ static const int DAEErrorSize = (sizeof(DAEError) / sizeof(DAEError[0]));
#endif
#ifndef NOODM
- static ConstInfo ODMError[] = {
+ static const ConstInfo ODMError[] = {
CONSTINFO(ODMI_OPEN_ERR),
CONSTINFO(ODMI_MALLOC_ERR),
CONSTINFO(ODMI_MAGICNO_ERR),
@@ -567,7 +567,7 @@
- static ConstInfo PkcsReturnInfo[] = {
+ static const ConstInfo PkcsReturnInfo[] = {
CONSTINFO(CKR_OK),
CONSTINFO(CKR_CANCEL),
@@ -657,12 +657,12 @@
};
- static int PkcsReturnSize = ( sizeof(PkcsReturnInfo) /
sizeof(PkcsReturnInfo[0]) );
+ static const int PkcsReturnSize = ( sizeof(PkcsReturnInfo) /
sizeof(PkcsReturnInfo[0]) );
- static ConstInfo PkcsFlagsInfo[] = {
+ static const ConstInfo PkcsFlagsInfo[] = {
CONSTINFO( ( CKF_RNG | CKF_HW | CKF_LIBRARY_CANT_CREATE_OS_THREADS |
CKF_TOKEN_PRESENT )),
CONSTINFO( ( CKF_REMOVABLE_DEVICE | CKF_OS_LOCKING_OK | CKF_RW_SESSION
| CKF_WRITE_PROTECTED )),
@@ -692,11 +692,11 @@
};
- static int PkcsFlagsSize = ( sizeof(PkcsFlagsInfo) /
sizeof(PkcsFlagsInfo[0]));
+ static const int PkcsFlagsSize = ( sizeof(PkcsFlagsInfo) /
sizeof(PkcsFlagsInfo[0]));
- static ConstInfo PkcsMechanismInfo[] = {
+ static const ConstInfo PkcsMechanismInfo[] = {
CONSTINFO(CKM_RSA_PKCS_KEY_PAIR_GEN),
CONSTINFO(CKM_RSA_PKCS),
@@ -849,11 +849,11 @@
};
- static unsigned int PkcsMechanismSize = (sizeof(PkcsMechanismInfo) /
sizeof(PkcsMechanismInfo[0]));
+ static const unsigned int PkcsMechanismSize = (sizeof(PkcsMechanismInfo) /
sizeof(PkcsMechanismInfo[0]));
- static ConstInfo PkcsObjectInfo[] = {
+ static const ConstInfo PkcsObjectInfo[] = {
CONSTINFO(CKO_DATA),
CONSTINFO(CKO_CERTIFICATE),
@@ -864,13 +864,13 @@
};
- static unsigned int PkcsObjectSize = (sizeof(PkcsObjectInfo) /
sizeof(PkcsObjectInfo[0]));
+ static const unsigned int PkcsObjectSize = (sizeof(PkcsObjectInfo) /
sizeof(PkcsObjectInfo[0]));
- static ConstInfo PkcsKeyInfo[] = {
+ static const ConstInfo PkcsKeyInfo[] = {
CONSTINFO(CKK_RSA),
CONSTINFO(CKK_DSA),
@@ -896,13 +896,13 @@
};
- static unsigned int PkcsKeySize = ( sizeof(PkcsKeyInfo) /
sizeof(PkcsKeyInfo[0]) );
+ static const unsigned int PkcsKeySize = ( sizeof(PkcsKeyInfo) /
sizeof(PkcsKeyInfo[0]) );
- static ConstInfo PkcsAttributeInfo[] = {
+ static const ConstInfo PkcsAttributeInfo[] = {
CONSTINFO(CKA_CLASS),
CONSTINFO(CKA_TOKEN),
CONSTINFO(CKA_PRIVATE),
@@ -954,10 +954,10 @@
};
- static unsigned int PkcsAttributeSize = ( sizeof(PkcsAttributeInfo) /
sizeof(PkcsAttributeInfo[0]) );
+ static const unsigned int PkcsAttributeSize = ( sizeof(PkcsAttributeInfo) /
sizeof(PkcsAttributeInfo[0]) );
#if 0
-static ConstInfo PkcsSessionStateInfo[] = {
+static const ConstInfo PkcsSessionStateInfo[] = {
CONSTINFO(CKS_RO_PUBLIC_SESSION),
CONSTINFO(CKS_RO_USER_FUNCTIONS),
@@ -970,14 +970,14 @@ static ConstInfo PkcsSessionStateInfo[] = {
#endif
-static ConstInfo PkcsResponseSeverityInfo[] = {
+static const ConstInfo PkcsResponseSeverityInfo[] = {
{ SEV_EXPECTED, "expected" },
{ SEV_ALLOWED, "allowed" },
{ SEV_ERROR, "an error" },
{ SEV_FATAL, "fatal" },
};
-static unsigned int PkcsResponseSeveritySize = (
sizeof(PkcsResponseSeverityInfo) / sizeof(PkcsResponseSeverityInfo[0]) );
+static const unsigned int PkcsResponseSeveritySize = (
sizeof(PkcsResponseSeverityInfo) / sizeof(PkcsResponseSeverityInfo[0]) );
const unsigned char *ConstName( pConstInfo pInfoArray, unsigned int
InfoArraySize, unsigned int ConstValue ) {
diff --git a/usr/sbin/pkcsslotd/err.h b/usr/sbin/pkcsslotd/err.h
index c6cc8fe..488a06e 100644
--- a/usr/sbin/pkcsslotd/err.h
+++ b/usr/sbin/pkcsslotd/err.h
@@ -350,7 +350,8 @@ typedef struct _ConstInfo {
unsigned const int Code;
unsigned const char Name[128];
/* UCHAR Descrip[256]; */
-} ConstInfo, *pConstInfo;
+} ConstInfo;
+typedef const ConstInfo *pConstInfo;
#define CONSTINFO(_X) { (_X), (#_X) }
diff --git a/usr/sbin/pkcsslotd/odm.h b/usr/sbin/pkcsslotd/odm.h
index 76be323..12d49fd 100644
--- a/usr/sbin/pkcsslotd/odm.h
+++ b/usr/sbin/pkcsslotd/odm.h
@@ -309,7 +309,8 @@ typedef struct _ConstInfo {
unsigned const int Code;
unsigned const char Name[64];
/* UCHAR Descrip[256]; */
-} ConstInfo, *pConstInfo;
+} ConstInfo;
+typedef const ConstInfo *pConstInfo;
#define CONSTINFO(_X) { (_X), (#_X) }
--
1.7.5.rc1
------------------------------------------------------------------------------
Fulfilling the Lean Software Promise
Lean software platforms are now widely adopted and the benefits have been
demonstrated beyond question. Learn why your peers are replacing JEE
containers with lightweight application servers - and what you can gain
from the move. http://p.sf.net/sfu/vmware-sfemails
_______________________________________________
Opencryptoki-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
