Hello,
some time ago on 2011-01-29 i sent these patches to the list which didn't make
it into 2.4.
Is something wrong with these patches?
regards,
-ap
>From c8d5ccd0579ded34a4d395f0fe33a72e43f6d840 Mon Sep 17 00:00:00 2001
From: Andreas Piesk <[email protected]>
Date: Fri, 28 Jan 2011 13:34:32 +0100
Subject: [PATCH 1/6] lcv is uninitialized, replaced by slot_id
Signed-off-by: Andreas Piesk <[email protected]>
---
usr/sbin/pkcsconf/pkcsconf.c | 4 +---
1 files changed, 1 insertions(+), 3 deletions(-)
diff --git a/usr/sbin/pkcsconf/pkcsconf.c b/usr/sbin/pkcsconf/pkcsconf.c
index dad8ccb..f38dc3a 100755
--- a/usr/sbin/pkcsconf/pkcsconf.c
+++ b/usr/sbin/pkcsconf/pkcsconf.c
@@ -989,7 +989,7 @@ list_slot(int slot_id){
}
/* Display the slot description */
- printf("%ld:", SlotList[lcv]);
+ printf("%ld:", SlotList[slot_id]);
printf(PKCSINIT_MSG(SLOTDESC, "\tDescription: %.64s\n"),
SlotInfo.slotDescription);
return CKR_OK;
@@ -1127,8 +1127,6 @@ init_token(int slot_id, CK_CHAR_PTR pin){
CK_CHAR label[32], // What we want to set the Label of the card
to
enteredlabel[33]; // Max size of 32 + carriage return;
- unsigned int lcv; // Loop Control Varable
-
/* Find out the size of the entered PIN */
pinlen = strlen((char *)pin);
--
1.7.1
>From 0965572d6722d915099012d3d19d6e91e07d74c1 Mon Sep 17 00:00:00 2001
From: Andreas Piesk <[email protected]>
Date: Fri, 28 Jan 2011 13:35:21 +0100
Subject: [PATCH 2/6] replace VERSION by VVERSION, VERSION is the software
version not the cat msg id
Signed-off-by: Andreas Piesk <[email protected]>
---
usr/sbin/pkcsconf/pkcsconf.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/usr/sbin/pkcsconf/pkcsconf.c b/usr/sbin/pkcsconf/pkcsconf.c
index f38dc3a..b8fcbf2 100755
--- a/usr/sbin/pkcsconf/pkcsconf.c
+++ b/usr/sbin/pkcsconf/pkcsconf.c
@@ -783,7 +783,7 @@ display_pkcs11_info(void){
/* display the header and information */
printf(PKCSINIT_MSG(PKCSINFO, "PKCS#11 Info\n"));
- printf(PKCSINIT_MSG(VERSION, "\tVersion %d.%d \n"),
CryptokiInfo.cryptokiVersion.major,
+ printf(PKCSINIT_MSG(VVERSION, "\tVersion %d.%d \n"),
CryptokiInfo.cryptokiVersion.major,
CryptokiInfo.cryptokiVersion.minor);
printf(PKCSINIT_MSG(MANUFACT, "\tManufacturer: %32s \n"),
CryptokiInfo.manufacturerID);
printf(PKCSINIT_MSG(FLAGS, "\tFlags: 0x%X \n"), CryptokiInfo.flags);
--
1.7.1
>From 00872ce11220b9c8ea08ab36c4d5bebbdf70b67e Mon Sep 17 00:00:00 2001
From: Andreas Piesk <[email protected]>
Date: Fri, 28 Jan 2011 13:36:07 +0100
Subject: [PATCH 3/6] option -m needs a slot id to list the mechs
Signed-off-by: Andreas Piesk <[email protected]>
---
usr/sbin/pkcsconf/pkcsconf.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/usr/sbin/pkcsconf/pkcsconf.c b/usr/sbin/pkcsconf/pkcsconf.c
index b8fcbf2..99158d8 100755
--- a/usr/sbin/pkcsconf/pkcsconf.c
+++ b/usr/sbin/pkcsconf/pkcsconf.c
@@ -467,8 +467,8 @@ main(int argc, char *argv[]){
if (!flags) /* If there was no options print the usage statement */
usage(argv[0]);
- /* Eliminate the ability to specify -I -p -u -P without a slot number */
- if ( (flags & (CFG_INITIALIZE | CFG_INIT_USER | CFG_SET_USER | CFG_SET_SO))
+ /* Eliminate the ability to specify -I -p -u -P -m without a slot number */
+ if ( (flags & (CFG_INITIALIZE | CFG_INIT_USER | CFG_SET_USER | CFG_SET_SO |
CFG_MECHANISM_INFO))
&& !(flags & CFG_SLOT)){
usage(argv[0]);
}
@@ -515,7 +515,7 @@ main(int argc, char *argv[]){
/* If the user wants to display mechanism info call the function to do so */
if (flags & CFG_MECHANISM_INFO)
- if ((rc = display_mechanism_info((flags & CFG_SLOT) ? in_slot : -1)))
+ if ((rc = display_mechanism_info(in_slot)))
goto done;
/* If the user wants to initialize the card check to see if they passed in
--
1.7.1
>From 4a5c960a5e118a7988f6b7e5e7d1f09f8eba69e0 Mon Sep 17 00:00:00 2001
From: Andreas Piesk <[email protected]>
Date: Fri, 28 Jan 2011 13:40:12 +0100
Subject: [PATCH 4/6] depreceted includes tss/tcpa_* removed, some casts to
silence the compiler
Signed-off-by: Andreas Piesk <[email protected]>
---
usr/lib/pkcs11/common/utility.c | 4 +++-
usr/lib/pkcs11/tpm_stdll/tpm_openssl.c | 4 ----
usr/lib/pkcs11/tpm_stdll/tpm_specific.c | 4 ----
usr/lib/pkcs11/tpm_stdll/tpm_util.c | 4 ----
usr/sbin/pkcsconf/pkcsconf.c | 12 ++++++------
5 files changed, 9 insertions(+), 19 deletions(-)
diff --git a/usr/lib/pkcs11/common/utility.c b/usr/lib/pkcs11/common/utility.c
index 25ab1fd..fc772c6 100755
--- a/usr/lib/pkcs11/common/utility.c
+++ b/usr/lib/pkcs11/common/utility.c
@@ -971,8 +971,10 @@ init_token_data( void )
return CKR_FUNCTION_FAILED;
}
rc = save_token_data();
- if (rc != CKR_OK)
+ if (rc != CKR_OK) {
// st_err_log(4, __FILE__, __LINE__, __FUNCTION__);
+ }
+
return rc;
}
diff --git a/usr/lib/pkcs11/tpm_stdll/tpm_openssl.c
b/usr/lib/pkcs11/tpm_stdll/tpm_openssl.c
index 209ed45..33efde5 100644
--- a/usr/lib/pkcs11/tpm_stdll/tpm_openssl.c
+++ b/usr/lib/pkcs11/tpm_stdll/tpm_openssl.c
@@ -33,10 +33,6 @@
#include <openssl/rand.h>
#include <tss/platform.h>
-#include <tss/tcpa_defines.h>
-#include <tss/tcpa_typedef.h>
-#include <tss/tcpa_struct.h>
-#include <tss/tcpa_error.h>
#include <tss/tss_defines.h>
#include <tss/tss_typedef.h>
#include <tss/tss_structs.h>
diff --git a/usr/lib/pkcs11/tpm_stdll/tpm_specific.c
b/usr/lib/pkcs11/tpm_stdll/tpm_specific.c
index d5708c3..cd75ead 100644
--- a/usr/lib/pkcs11/tpm_stdll/tpm_specific.c
+++ b/usr/lib/pkcs11/tpm_stdll/tpm_specific.c
@@ -53,10 +53,6 @@
#include <openssl/evp.h>
#include <tss/platform.h>
-#include <tss/tcpa_defines.h>
-#include <tss/tcpa_typedef.h>
-#include <tss/tcpa_struct.h>
-#include <tss/tcpa_error.h>
#include <tss/tss_defines.h>
#include <tss/tss_typedef.h>
#include <tss/tss_structs.h>
diff --git a/usr/lib/pkcs11/tpm_stdll/tpm_util.c
b/usr/lib/pkcs11/tpm_stdll/tpm_util.c
index 443c12b..8aa9f16 100644
--- a/usr/lib/pkcs11/tpm_stdll/tpm_util.c
+++ b/usr/lib/pkcs11/tpm_stdll/tpm_util.c
@@ -30,10 +30,6 @@
#include <openssl/rsa.h>
#include <tss/platform.h>
-#include <tss/tcpa_defines.h>
-#include <tss/tcpa_typedef.h>
-#include <tss/tcpa_struct.h>
-#include <tss/tcpa_error.h>
#include <tss/tss_defines.h>
#include <tss/tss_typedef.h>
#include <tss/tss_structs.h>
diff --git a/usr/sbin/pkcsconf/pkcsconf.c b/usr/sbin/pkcsconf/pkcsconf.c
index 99158d8..121f268 100755
--- a/usr/sbin/pkcsconf/pkcsconf.c
+++ b/usr/sbin/pkcsconf/pkcsconf.c
@@ -559,14 +559,14 @@ main(int argc, char *argv[]){
fflush(stdout);
rc = get_pin(&newpin);
} while (rc == -EINVAL);
- newpinlen = strlen(newpin);
+ newpinlen = strlen((char *)newpin);
do {
printf(PKCSINIT_MSG(VNEWUSER,
"Re-enter the new user PIN: "));
fflush(stdout);
rc = get_pin(&newpin2);
} while (rc == -EINVAL);
- newpin2len = strlen(newpin2);
+ newpin2len = strlen((char *)newpin2);
if (newpinlen != newpin2len || memcmp(newpin, newpin2,
strlen((char *)newpin)) != 0) {
printf(PKCSINIT_MSG(PINMISMATCH, "New PINs do not
match.\n"));
fflush(stdout);
@@ -603,13 +603,13 @@ main(int argc, char *argv[]){
fflush(stdout);
rc = get_pin(&newpin);
} while (rc == -EINVAL);
- newpinlen = strlen(newpin);
+ newpinlen = strlen((char *)newpin);
do {
printf(PKCSINIT_MSG(VNEWSO, "Re-enter the new SO PIN: "));
fflush(stdout);
rc = get_pin(&newpin2);
} while (rc == -EINVAL);
- newpin2len = strlen(newpin2);
+ newpin2len = strlen((char *)newpin2);
if (newpinlen != newpin2len || memcmp(newpin, newpin2,
strlen((char *)newpin)) != 0) {
printf(PKCSINIT_MSG(PINMISMATCH, "New PINs do not
match.\n"));
fflush(stdout);
@@ -644,13 +644,13 @@ main(int argc, char *argv[]){
fflush(stdout);
rc = get_pin(&newpin);
} while (rc == -EINVAL);
- newpinlen = strlen(newpin);
+ newpinlen = strlen((char *)newpin);
do {
printf(PKCSINIT_MSG(VNEWUSER, "Re-enter the new user PIN:
"));
fflush(stdout);
rc = get_pin(&newpin2);
} while (rc == -EINVAL);
- newpin2len = strlen(newpin2);
+ newpin2len = strlen((char *)newpin2);
if (newpinlen != newpin2len || memcmp(newpin, newpin2,
strlen((char *)newpin)) != 0) {
printf(PKCSINIT_MSG(PINMISMATCH, "New PINs do not
match.\n"));
fflush(stdout);
--
1.7.1
>From 73bf0884a027a7f450adfbb732a25256a0b58a5a Mon Sep 17 00:00:00 2001
From: Andreas Piesk <[email protected]>
Date: Sat, 29 Jan 2011 14:38:37 +0100
Subject: [PATCH 5/6] add printf() string limit
Signed-off-by: Andreas Piesk <[email protected]>
---
usr/sbin/pkcsconf/pkcsconf.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/usr/sbin/pkcsconf/pkcsconf.c b/usr/sbin/pkcsconf/pkcsconf.c
index 121f268..f81fe85 100755
--- a/usr/sbin/pkcsconf/pkcsconf.c
+++ b/usr/sbin/pkcsconf/pkcsconf.c
@@ -785,9 +785,9 @@ display_pkcs11_info(void){
printf(PKCSINIT_MSG(PKCSINFO, "PKCS#11 Info\n"));
printf(PKCSINIT_MSG(VVERSION, "\tVersion %d.%d \n"),
CryptokiInfo.cryptokiVersion.major,
CryptokiInfo.cryptokiVersion.minor);
- printf(PKCSINIT_MSG(MANUFACT, "\tManufacturer: %32s \n"),
CryptokiInfo.manufacturerID);
+ printf(PKCSINIT_MSG(MANUFACT, "\tManufacturer: %.32s \n"),
CryptokiInfo.manufacturerID);
printf(PKCSINIT_MSG(FLAGS, "\tFlags: 0x%X \n"), CryptokiInfo.flags);
- printf(PKCSINIT_MSG(LIBDESCRIPT, "\tLibrary Description: %32s \n"),
+ printf(PKCSINIT_MSG(LIBDESCRIPT, "\tLibrary Description: %.32s \n"),
CryptokiInfo.libraryDescription);
printf(PKCSINIT_MSG(LIBVERSION, "\tLibrary Version %d.%d \n"),
CryptokiInfo.libraryVersion.major,
--
1.7.1
>From 7a0bdf1e59115467d668ab1d6c72af028d973e0d Mon Sep 17 00:00:00 2001
From: Andreas Piesk <[email protected]>
Date: Sat, 29 Jan 2011 14:40:28 +0100
Subject: [PATCH 6/6] catch eof in label input
Signed-off-by: Andreas Piesk <[email protected]>
---
usr/sbin/pkcsconf/pkcsconf.c | 14 +++++++++++---
1 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/usr/sbin/pkcsconf/pkcsconf.c b/usr/sbin/pkcsconf/pkcsconf.c
index f81fe85..66c987a 100755
--- a/usr/sbin/pkcsconf/pkcsconf.c
+++ b/usr/sbin/pkcsconf/pkcsconf.c
@@ -1135,12 +1135,20 @@ init_token(int slot_id, CK_CHAR_PTR pin){
* unique token label; however the PKCS11 spec does not. */
printf(PKCSINIT_MSG(GETLABEL, "Enter a unique token label: "));
fflush(stdout);
- fgets((char *)enteredlabel, sizeof(enteredlabel), stdin);
+
+ memset(enteredlabel, 0, sizeof(enteredlabel));
+ if(fgets((char *)enteredlabel, sizeof(enteredlabel), stdin) == NULL) {
+ /* cosmetic: print newline because no newline has been entered */
+ printf("\n");
+ } else {
+ /* chop trailing newline */
+ enteredlabel[strcspn((const char*)enteredlabel,"\n")] = '\0';
+ }
/* First clear the label array. Per PKCS#11 spec, We must PAD this field to
* 32 bytes, and it should NOT be null-terminated */
- memset(label, ' ', 32);
- strncpy((char *)label, (char *)enteredlabel, strlen((char *)enteredlabel)
- 1); // Strip the \n
+ memset(label, ' ', sizeof(label));
+ strncpy((char *)label, (char *)enteredlabel, strlen((char *)enteredlabel));
rc = FunctionPtr->C_InitToken(slot_id, pin,
pinlen, label);
--
1.7.1
------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
Opencryptoki-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
