[pkg-opensc-commit] [libp11] 33/67: Code formatting
Eric Dorland
eric at moszumanska.debian.org
Sat Jan 30 05:34:14 UTC 2016
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository libp11.
commit 120f98a0e4746e3f75e8cedfd3bef32015529327
Author: Michał Trojnara <Michal.Trojnara at stunnel.org>
Date: Mon Jan 4 15:54:45 2016 +0100
Code formatting
---
examples/auth.c | 14 +-
examples/decrypt.c | 12 +-
examples/getrandom.c | 8 +-
examples/rawrsasign.c | 514 +++++++++++++++++++++++++-------------------------
src/libp11-int.h | 10 +-
src/libp11.h | 12 +-
src/libpkcs11.c | 13 +-
src/p11_attr.c | 18 +-
src/p11_cert.c | 14 +-
src/p11_ec.c | 108 +++++------
src/p11_key.c | 6 +-
src/p11_ops.c | 57 +++---
src/p11_rsa.c | 11 +-
src/p11_slot.c | 54 +++---
14 files changed, 418 insertions(+), 433 deletions(-)
diff --git a/examples/auth.c b/examples/auth.c
index 21216a3..a23fef4 100644
--- a/examples/auth.c
+++ b/examples/auth.c
@@ -174,7 +174,7 @@ int main(int argc, char *argv[])
if (rc < RANDOM_SIZE) {
fprintf(stderr, "fatal: read returned less than %d<%d bytes\n",
- rc, RANDOM_SIZE);
+ rc, RANDOM_SIZE);
close(fd);
goto failed;
}
@@ -193,8 +193,8 @@ int main(int argc, char *argv[])
if (signature == NULL)
goto failed;
- rc = PKCS11_sign(NID_sha1, random, RANDOM_SIZE, signature, &siglen,
- authkey);
+ rc = PKCS11_sign(NID_sha1, random, RANDOM_SIZE,
+ signature, &siglen, authkey);
if (rc != 1) {
fprintf(stderr, "fatal: pkcs11_sign failed\n");
goto failed;
@@ -234,15 +234,15 @@ int main(int argc, char *argv[])
return 0;
- failed:
+failed:
ERR_print_errors_fp(stderr);
- notoken:
+notoken:
PKCS11_release_all_slots(ctx, slots, nslots);
- noslots:
+noslots:
PKCS11_CTX_unload(ctx);
- nolib:
+nolib:
PKCS11_CTX_free(ctx);
diff --git a/examples/decrypt.c b/examples/decrypt.c
index e209733..4715924 100644
--- a/examples/decrypt.c
+++ b/examples/decrypt.c
@@ -110,7 +110,7 @@ int main(int argc, char *argv[])
if (rc < RANDOM_SIZE) {
fprintf(stderr, "fatal: read returned less than %d<%d bytes\n",
- rc, RANDOM_SIZE);
+ rc, RANDOM_SIZE);
close(fd);
goto failed;
}
@@ -177,7 +177,7 @@ int main(int argc, char *argv[])
goto failed;
}
- loggedin:
+loggedin:
authkey = PKCS11_find_key(authcert);
if (authkey == NULL) {
@@ -224,15 +224,15 @@ int main(int argc, char *argv[])
return 0;
- failed:
+failed:
ERR_print_errors_fp(stderr);
- notoken:
+notoken:
PKCS11_release_all_slots(ctx, slots, nslots);
- noslots:
+noslots:
PKCS11_CTX_unload(ctx);
- nolib:
+nolib:
PKCS11_CTX_free(ctx);
diff --git a/examples/getrandom.c b/examples/getrandom.c
index f1c074c..d49de7f 100644
--- a/examples/getrandom.c
+++ b/examples/getrandom.c
@@ -75,14 +75,14 @@ int main(int argc, char *argv[])
rc = 0;
- norandom:
- notoken:
+norandom:
+notoken:
PKCS11_release_all_slots(ctx, slots, nslots);
- noslots:
+noslots:
PKCS11_CTX_unload(ctx);
- nolib:
+nolib:
PKCS11_CTX_free(ctx);
return rc;
}
diff --git a/examples/rawrsasign.c b/examples/rawrsasign.c
index aab1fe2..3c594d9 100644
--- a/examples/rawrsasign.c
+++ b/examples/rawrsasign.c
@@ -37,265 +37,265 @@
int main(int argc, char *argv[])
{
- PKCS11_CTX *ctx = NULL;
- PKCS11_SLOT *slots = NULL, *slot = NULL;
- PKCS11_CERT *certs = NULL;
-
- PKCS11_KEY *authkey = NULL;
- PKCS11_CERT *authcert = NULL;
- EVP_PKEY *pubkey = NULL;
- EVP_MD_CTX mctx;
- EVP_PKEY_CTX *pkeyctx = NULL;
-
- unsigned char *random = NULL, *signature = NULL;
-
- char password[20];
- int rc = 0, fd;
- unsigned int nslots, ncerts, siglen;
-
- static unsigned char hash[EVP_MAX_MD_SIZE];
- static unsigned char enc[MAX_SIGSIZE];
- static unsigned char pad[MAX_SIGSIZE];
- unsigned int plen = MAX_SIGSIZE;
- unsigned int elen = 0;
- unsigned int hlen = 0;
- unsigned char* p;
-
- X509_SIG sig;
- ASN1_TYPE parameter;
- X509_ALGOR algorithm;
- ASN1_OCTET_STRING digest;
-
- int ret;
-
- if (argc < 2) {
- fprintf(stderr, "usage: auth /usr/lib/opensc-pkcs11.so [PIN]\n");
- END(1);
- }
-
- ctx = PKCS11_CTX_new();
-
- /* load pkcs #11 module */
- rc = PKCS11_CTX_load(ctx, argv[1]);
- if (rc) {
- fprintf(stderr, "loading pkcs11 engine failed: %s\n",
- ERR_reason_error_string(ERR_get_error()));
- END(1);
- }
-
- /* get information on all slots */
- rc = PKCS11_enumerate_slots(ctx, &slots, &nslots);
- if (rc < 0) {
- fprintf(stderr, "no slots available\n");
- END(1);
- }
-
- /* get first slot with a token */
- slot = PKCS11_find_token(ctx, slots, nslots);
- if (slot == NULL || slot->token == NULL) {
- fprintf(stderr, "no token available\n");
- END(1);
- }
- printf("Slot manufacturer......: %s\n", slot->manufacturer);
- printf("Slot description.......: %s\n", slot->description);
- printf("Slot token label.......: %s\n", slot->token->label);
- printf("Slot token manufacturer: %s\n", slot->token->manufacturer);
- printf("Slot token model.......: %s\n", slot->token->model);
- printf("Slot token serialnr....: %s\n", slot->token->serialnr);
-
- if (!slot->token->loginRequired)
- goto loggedin;
-
- /* get password */
- if (argc > 2) {
- strcpy(password, argv[2]);
- } else {
- struct termios old, new;
-
- /* Turn echoing off and fail if we can't. */
- if (tcgetattr(0, &old) != 0)
- END(1);
-
- new = old;
- new.c_lflag &= ~ECHO;
- if (tcsetattr(0, TCSAFLUSH, &new) != 0)
- END(1);
-
- /* Read the password. */
- printf("Password for token %.32s: ", slot->token->label);
- if (fgets(password, sizeof(password), stdin) == NULL)
- END(1);
-
- /* Restore terminal. */
- (void)tcsetattr(0, TCSAFLUSH, &old);
-
- /* strip tailing \n from password */
- rc = strlen(password);
- if (rc <= 0)
- END(1);
- password[rc-1]=0;
- }
+ PKCS11_CTX *ctx = NULL;
+ PKCS11_SLOT *slots = NULL, *slot = NULL;
+ PKCS11_CERT *certs = NULL;
+
+ PKCS11_KEY *authkey = NULL;
+ PKCS11_CERT *authcert = NULL;
+ EVP_PKEY *pubkey = NULL;
+ EVP_MD_CTX mctx;
+ EVP_PKEY_CTX *pkeyctx = NULL;
+
+ unsigned char *random = NULL, *signature = NULL;
+
+ char password[20];
+ int rc = 0, fd;
+ unsigned int nslots, ncerts, siglen;
+
+ static unsigned char hash[EVP_MAX_MD_SIZE];
+ static unsigned char enc[MAX_SIGSIZE];
+ static unsigned char pad[MAX_SIGSIZE];
+ unsigned int plen = MAX_SIGSIZE;
+ unsigned int elen = 0;
+ unsigned int hlen = 0;
+ unsigned char* p;
+
+ X509_SIG sig;
+ ASN1_TYPE parameter;
+ X509_ALGOR algorithm;
+ ASN1_OCTET_STRING digest;
+
+ int ret;
+
+ if (argc < 2) {
+ fprintf(stderr, "usage: auth /usr/lib/opensc-pkcs11.so [PIN]\n");
+ END(1);
+ }
+
+ ctx = PKCS11_CTX_new();
+
+ /* load pkcs #11 module */
+ rc = PKCS11_CTX_load(ctx, argv[1]);
+ if (rc) {
+ fprintf(stderr, "loading pkcs11 engine failed: %s\n",
+ ERR_reason_error_string(ERR_get_error()));
+ END(1);
+ }
+
+ /* get information on all slots */
+ rc = PKCS11_enumerate_slots(ctx, &slots, &nslots);
+ if (rc < 0) {
+ fprintf(stderr, "no slots available\n");
+ END(1);
+ }
+
+ /* get first slot with a token */
+ slot = PKCS11_find_token(ctx, slots, nslots);
+ if (slot == NULL || slot->token == NULL) {
+ fprintf(stderr, "no token available\n");
+ END(1);
+ }
+ printf("Slot manufacturer......: %s\n", slot->manufacturer);
+ printf("Slot description.......: %s\n", slot->description);
+ printf("Slot token label.......: %s\n", slot->token->label);
+ printf("Slot token manufacturer: %s\n", slot->token->manufacturer);
+ printf("Slot token model.......: %s\n", slot->token->model);
+ printf("Slot token serialnr....: %s\n", slot->token->serialnr);
+
+ if (!slot->token->loginRequired)
+ goto loggedin;
+
+ /* get password */
+ if (argc > 2) {
+ strcpy(password, argv[2]);
+ } else {
+ struct termios old, new;
+
+ /* Turn echoing off and fail if we can't. */
+ if (tcgetattr(0, &old) != 0)
+ END(1);
+
+ new = old;
+ new.c_lflag &= ~ECHO;
+ if (tcsetattr(0, TCSAFLUSH, &new) != 0)
+ END(1);
+
+ /* Read the password. */
+ printf("Password for token %.32s: ", slot->token->label);
+ if (fgets(password, sizeof(password), stdin) == NULL)
+ END(1);
+
+ /* Restore terminal. */
+ (void)tcsetattr(0, TCSAFLUSH, &old);
+
+ /* strip tailing \n from password */
+ rc = strlen(password);
+ if (rc <= 0)
+ END(1);
+ password[rc-1]=0;
+ }
loggedin:
- /* perform pkcs #11 login */
- rc = PKCS11_login(slot, 0, password);
- memset(password, 0, strlen(password));
- if (rc != 0) {
- fprintf(stderr, "PKCS11_login failed\n");
- END(1);
- }
-
- /* get all certs */
- rc = PKCS11_enumerate_certs(slot->token, &certs, &ncerts);
- if (rc) {
- fprintf(stderr, "PKCS11_enumerate_certs failed\n");
- END(1);
- }
- if (ncerts <= 0) {
- fprintf(stderr, "no certificates found\n");
- END(1);
- }
-
- /* use the first cert */
- authcert=&certs[0];
-
- /* get random bytes */
- random = OPENSSL_malloc(RANDOM_SIZE);
- if (random == NULL)
- END(1);
-
- fd = open(RANDOM_SOURCE, O_RDONLY);
- if (fd < 0) {
- fprintf(stderr, "fatal: cannot open RANDOM_SOURCE: %s\n",
- strerror(errno));
- END(1);
- }
-
- rc = read(fd, random, RANDOM_SIZE);
- if (rc < 0) {
- fprintf(stderr, "fatal: read from random source failed: %s\n",
- strerror(errno));
- close(fd);
- END(1);
- }
-
- if (rc < RANDOM_SIZE) {
- fprintf(stderr, "fatal: read returned less than %d<%d bytes\n",
- rc, RANDOM_SIZE);
- close(fd);
- END(1);
- }
-
- close(fd);
-
- authkey = PKCS11_find_key(authcert);
- if (authkey == NULL) {
- fprintf(stderr, "no key matching certificate available\n");
- END(1);
- }
-
- /* Compute the SHA1 hash of the random bytes */
- EVP_MD_CTX_init(&mctx);
- if (EVP_DigestInit(&mctx, EVP_sha1()) != 1) {
- fprintf(stderr, "fatal: EVP_DigestInit failed\n");
- END(1);
- }
- if (EVP_DigestUpdate(&mctx, random, RANDOM_SIZE) != 1) {
- fprintf(stderr, "fatal: EVP_DigestUpdate failed\n");
- END(1);
- }
- if (EVP_DigestFinal(&mctx, hash, &hlen) != 1) {
- fprintf(stderr, "fatal: EVP_DigestFinal failed\n");
- END(1);
- }
-
- /* Compute a PKCS #1 "block type 01" encryption-block */
- sig.algor = &algorithm;
- algorithm.algorithm = OBJ_nid2obj(NID_sha1);
- parameter.type = V_ASN1_NULL;
- parameter.value.ptr = NULL;
- algorithm.parameter = ¶meter;
- sig.digest = &digest;
- sig.digest->data = hash;
- sig.digest->length = hlen;
- p = enc;
- elen = i2d_X509_SIG(&sig, &p);
- p = enc;
-
- /* Compute PKCS #1 v1.5 padding */
- if (RSA_padding_add_PKCS1_type_1(pad, plen, p, elen) != 1) {
- fprintf(stderr, "fatal: RSA_padding_add_PKCS1_type_1 failed\n");
- END(1);
- }
-
- siglen = MAX_SIGSIZE;
- signature = OPENSSL_malloc(MAX_SIGSIZE);
- if (signature == NULL)
- END(1);
-
- /* Do a raw RSA sign operation with the smart card */
- rc = PKCS11_private_encrypt(plen, pad, signature, authkey, RSA_NO_PADDING);
- if (rc < 0) {
- fprintf(stderr, "PKCS11_private_encrypt failed\n");
- END(1);
- }
-
- /* Verify the signature */
- /* As we have done a PKCS#1 complient padding, we can verify the signature
- * with "standard code", using openssl EVP interface.
- */
- pubkey = X509_get_pubkey(authcert->x509);
- if (pubkey == NULL) {
- fprintf(stderr, "could not extract public key\n");
- END(1);
- }
-
- EVP_MD_CTX_init(&mctx);
- if (EVP_DigestVerifyInit(&mctx, &pkeyctx, EVP_sha1(), NULL, pubkey) != 1) {
- fprintf(stderr, "fatal: EVP_DigestVerifyInit failed\n");
- END(1);
- }
-
- if (EVP_PKEY_CTX_set_rsa_padding(pkeyctx, RSA_PKCS1_PADDING) <= 0) {
- fprintf(stderr, "fatal: EVP_PKEY_CTX_set_rsa_padding failed\n");
- END(1);
- }
-
- if (EVP_DigestVerifyUpdate(&mctx, (const void*)random, RANDOM_SIZE) <= 0) {
- fprintf(stderr, "fatal: EVP_DigestVerifyUpdate failed\n");
- END(1);
- }
- if ((rc = EVP_DigestVerifyFinal(&mctx, signature, siglen)) != 1) {
- fprintf(stderr, "fatal: EVP_DigestVerifyFinal failed : %d\n", rc);
- END(1);
- }
-
- printf("raw signing operation and signature verification successfull.\n");
- ret = 0;
+ /* perform pkcs #11 login */
+ rc = PKCS11_login(slot, 0, password);
+ memset(password, 0, strlen(password));
+ if (rc != 0) {
+ fprintf(stderr, "PKCS11_login failed\n");
+ END(1);
+ }
+
+ /* get all certs */
+ rc = PKCS11_enumerate_certs(slot->token, &certs, &ncerts);
+ if (rc) {
+ fprintf(stderr, "PKCS11_enumerate_certs failed\n");
+ END(1);
+ }
+ if (ncerts <= 0) {
+ fprintf(stderr, "no certificates found\n");
+ END(1);
+ }
+
+ /* use the first cert */
+ authcert=&certs[0];
+
+ /* get random bytes */
+ random = OPENSSL_malloc(RANDOM_SIZE);
+ if (random == NULL)
+ END(1);
+
+ fd = open(RANDOM_SOURCE, O_RDONLY);
+ if (fd < 0) {
+ fprintf(stderr, "fatal: cannot open RANDOM_SOURCE: %s\n",
+ strerror(errno));
+ END(1);
+ }
+
+ rc = read(fd, random, RANDOM_SIZE);
+ if (rc < 0) {
+ fprintf(stderr, "fatal: read from random source failed: %s\n",
+ strerror(errno));
+ close(fd);
+ END(1);
+ }
+
+ if (rc < RANDOM_SIZE) {
+ fprintf(stderr, "fatal: read returned less than %d<%d bytes\n",
+ rc, RANDOM_SIZE);
+ close(fd);
+ END(1);
+ }
+
+ close(fd);
+
+ authkey = PKCS11_find_key(authcert);
+ if (authkey == NULL) {
+ fprintf(stderr, "no key matching certificate available\n");
+ END(1);
+ }
+
+ /* Compute the SHA1 hash of the random bytes */
+ EVP_MD_CTX_init(&mctx);
+ if (EVP_DigestInit(&mctx, EVP_sha1()) != 1) {
+ fprintf(stderr, "fatal: EVP_DigestInit failed\n");
+ END(1);
+ }
+ if (EVP_DigestUpdate(&mctx, random, RANDOM_SIZE) != 1) {
+ fprintf(stderr, "fatal: EVP_DigestUpdate failed\n");
+ END(1);
+ }
+ if (EVP_DigestFinal(&mctx, hash, &hlen) != 1) {
+ fprintf(stderr, "fatal: EVP_DigestFinal failed\n");
+ END(1);
+ }
+
+ /* Compute a PKCS #1 "block type 01" encryption-block */
+ sig.algor = &algorithm;
+ algorithm.algorithm = OBJ_nid2obj(NID_sha1);
+ parameter.type = V_ASN1_NULL;
+ parameter.value.ptr = NULL;
+ algorithm.parameter = ¶meter;
+ sig.digest = &digest;
+ sig.digest->data = hash;
+ sig.digest->length = hlen;
+ p = enc;
+ elen = i2d_X509_SIG(&sig, &p);
+ p = enc;
+
+ /* Compute PKCS #1 v1.5 padding */
+ if (RSA_padding_add_PKCS1_type_1(pad, plen, p, elen) != 1) {
+ fprintf(stderr, "fatal: RSA_padding_add_PKCS1_type_1 failed\n");
+ END(1);
+ }
+
+ siglen = MAX_SIGSIZE;
+ signature = OPENSSL_malloc(MAX_SIGSIZE);
+ if (signature == NULL)
+ END(1);
+
+ /* Do a raw RSA sign operation with the smart card */
+ rc = PKCS11_private_encrypt(plen, pad, signature, authkey, RSA_NO_PADDING);
+ if (rc < 0) {
+ fprintf(stderr, "PKCS11_private_encrypt failed\n");
+ END(1);
+ }
+
+ /* Verify the signature */
+ /* As we have done a PKCS#1 complient padding, we can verify the signature
+ * with "standard code", using openssl EVP interface.
+ */
+ pubkey = X509_get_pubkey(authcert->x509);
+ if (pubkey == NULL) {
+ fprintf(stderr, "could not extract public key\n");
+ END(1);
+ }
+
+ EVP_MD_CTX_init(&mctx);
+ if (EVP_DigestVerifyInit(&mctx, &pkeyctx, EVP_sha1(), NULL, pubkey) != 1) {
+ fprintf(stderr, "fatal: EVP_DigestVerifyInit failed\n");
+ END(1);
+ }
+
+ if (EVP_PKEY_CTX_set_rsa_padding(pkeyctx, RSA_PKCS1_PADDING) <= 0) {
+ fprintf(stderr, "fatal: EVP_PKEY_CTX_set_rsa_padding failed\n");
+ END(1);
+ }
+
+ if (EVP_DigestVerifyUpdate(&mctx, (const void*)random, RANDOM_SIZE) <= 0) {
+ fprintf(stderr, "fatal: EVP_DigestVerifyUpdate failed\n");
+ END(1);
+ }
+ if ((rc = EVP_DigestVerifyFinal(&mctx, signature, siglen)) != 1) {
+ fprintf(stderr, "fatal: EVP_DigestVerifyFinal failed : %d\n", rc);
+ END(1);
+ }
+
+ printf("raw signing operation and signature verification successfull.\n");
+ ret = 0;
end:
- if (ret != 0) {
- ERR_print_errors_fp(stderr);
- printf("raw signing operation failed.\n");
- }
-
- if (pubkey != NULL)
- EVP_PKEY_free(pubkey);
- if (random != NULL)
- OPENSSL_free(random);
- if (signature != NULL)
- OPENSSL_free(signature);
-
- if (slots != NULL)
- PKCS11_release_all_slots(ctx, slots, nslots);
-
- if ( ctx != NULL ) {
- PKCS11_CTX_unload(ctx);
- PKCS11_CTX_free(ctx);
- }
-
- CRYPTO_cleanup_all_ex_data();
- ERR_free_strings();
-
- return ret;
+ if (ret != 0) {
+ ERR_print_errors_fp(stderr);
+ printf("raw signing operation failed.\n");
+ }
+
+ if (pubkey != NULL)
+ EVP_PKEY_free(pubkey);
+ if (random != NULL)
+ OPENSSL_free(random);
+ if (signature != NULL)
+ OPENSSL_free(signature);
+
+ if (slots != NULL)
+ PKCS11_release_all_slots(ctx, slots, nslots);
+
+ if ( ctx != NULL ) {
+ PKCS11_CTX_unload(ctx);
+ PKCS11_CTX_free(ctx);
+ }
+
+ CRYPTO_cleanup_all_ex_data();
+ ERR_free_strings();
+
+ return ret;
}
diff --git a/src/libp11-int.h b/src/libp11-int.h
index 863c9a3..d4619aa 100644
--- a/src/libp11-int.h
+++ b/src/libp11-int.h
@@ -91,7 +91,7 @@ typedef struct pkcs11_token_private {
#define TOKEN2CTX(token) SLOT2CTX(TOKEN2SLOT(token))
typedef struct pkcs11_key_ops {
- int type; /* EVP_PKEY_xxx */
+ int type; /* EVP_PKEY_xxx */
EVP_PKEY *(*get_evp_key) (PKCS11_KEY *);
} PKCS11_KEY_ops;
@@ -154,13 +154,13 @@ extern void pkcs11_destroy_certs(PKCS11_TOKEN *);
extern char *pkcs11_strdup(char *, size_t);
extern int pkcs11_getattr(PKCS11_TOKEN *, CK_OBJECT_HANDLE,
- unsigned int, void *, size_t);
+ unsigned int, void *, size_t);
extern int pkcs11_getattr_s(PKCS11_TOKEN *, CK_OBJECT_HANDLE,
- unsigned int, void *, size_t);
+ unsigned int, void *, size_t);
extern int pkcs11_getattr_var(PKCS11_TOKEN *, CK_OBJECT_HANDLE,
- unsigned int, void *, size_t *);
+ unsigned int, void *, size_t *);
extern int pkcs11_getattr_bn(PKCS11_TOKEN *, CK_OBJECT_HANDLE,
- unsigned int, BIGNUM **);
+ unsigned int, BIGNUM **);
extern int pkcs11_reload_key(PKCS11_KEY *);
diff --git a/src/libp11.h b/src/libp11.h
index c782a8f..17039d3 100644
--- a/src/libp11.h
+++ b/src/libp11.h
@@ -181,7 +181,7 @@ extern int PKCS11_enumerate_slots(PKCS11_CTX * ctx,
* Get the slot_id from a slot as it is stored in private
*
* @param slotp pointer on a slot
- * @retval the slotid
+ * @retval the slotid
*/
extern unsigned long PKCS11_get_slotid_from_slot(PKCS11_SLOT *slotp);
@@ -204,7 +204,7 @@ extern void PKCS11_release_all_slots(PKCS11_CTX * ctx,
* @retval !=NULL pointer on a slot structure
* @retval NULL error
*/
-PKCS11_SLOT *PKCS11_find_token(PKCS11_CTX * ctx,
+PKCS11_SLOT *PKCS11_find_token(PKCS11_CTX * ctx,
PKCS11_SLOT *slots, unsigned int nslots);
/**
@@ -261,7 +261,7 @@ extern int PKCS11_get_key_exponent(PKCS11_KEY *, BIGNUM **);
*
* @param key PKCS11_KEY object
* @retval !=NULL reference to EVP_PKEY object.
- * The returned EVP_PKEY object should be treated as const
+ * The returned EVP_PKEY object should be treated as const
* and must not be freed.
* @retval NULL error
*/
@@ -323,7 +323,7 @@ extern int PKCS11_init_pin(PKCS11_TOKEN * token, const char *pin);
extern int PKCS11_change_pin(PKCS11_SLOT * slot, const char *old_pin,
const char *new_pin);
-/**
+/**
* Generate and store a private key on the token
*
* @param token token returned by PKCS11_find_token()
@@ -391,11 +391,11 @@ extern int PKCS11_private_encrypt(int flen, const unsigned char *from,
unsigned char *to, PKCS11_KEY * rsa, int padding);
/**
* Decrypts data using the private key
- *
+ *
* @param flen length of the encrypted data
* @param from encrypted data
* @param to output buffer (MUST be a least flen bytes long)
- * @param key private key object
+ * @param key private key object
* @param padding padding algorithm to be used
* @return the length of the decrypted data or 0 if an error occurred
*/
diff --git a/src/libpkcs11.c b/src/libpkcs11.c
index c4abf29..85bc5ff 100644
--- a/src/libpkcs11.c
+++ b/src/libpkcs11.c
@@ -79,15 +79,8 @@ C_LoadModule(const char *mspec, CK_FUNCTION_LIST_PTR_PTR funcs)
/*
* Make compiler happy!
*/
- void *p = dlsym(
- mod->handle,
- "C_GetFunctionList"
- );
- memmove(
- &c_get_function_list,
- &p,
- sizeof(void *)
- );
+ void *p = dlsym(mod->handle, "C_GetFunctionList");
+ memmove(&c_get_function_list, &p, sizeof(void *));
}
#endif
@@ -95,7 +88,7 @@ C_LoadModule(const char *mspec, CK_FUNCTION_LIST_PTR_PTR funcs)
goto failed;
rv = c_get_function_list(funcs);
if (rv == CKR_OK)
- return (void *) mod;
+ return mod;
failed:
C_UnloadModule((void *) mod);
diff --git a/src/p11_attr.c b/src/p11_attr.c
index b79a234..7ac1bcc 100644
--- a/src/p11_attr.c
+++ b/src/p11_attr.c
@@ -36,8 +36,8 @@
*/
static int
pkcs11_getattr_int(PKCS11_CTX * ctx, CK_SESSION_HANDLE session,
- CK_OBJECT_HANDLE o, CK_ATTRIBUTE_TYPE type, void *value,
- size_t * size)
+ CK_OBJECT_HANDLE o, CK_ATTRIBUTE_TYPE type, void *value,
+ size_t * size)
{
CK_ATTRIBUTE templ;
int rv;
@@ -55,23 +55,23 @@ pkcs11_getattr_int(PKCS11_CTX * ctx, CK_SESSION_HANDLE session,
int
pkcs11_getattr_var(PKCS11_TOKEN * token, CK_OBJECT_HANDLE object,
- unsigned int type, void *value, size_t * size)
+ unsigned int type, void *value, size_t * size)
{
return pkcs11_getattr_int(TOKEN2CTX(token),
- PRIVSLOT(TOKEN2SLOT(token))->session,
- object, type, value, size);
+ PRIVSLOT(TOKEN2SLOT(token))->session,
+ object, type, value, size);
}
int
pkcs11_getattr(PKCS11_TOKEN * token, CK_OBJECT_HANDLE object,
- unsigned int type, void *value, size_t size)
+ unsigned int type, void *value, size_t size)
{
return pkcs11_getattr_var(token, object, type, value, &size);
}
int
pkcs11_getattr_s(PKCS11_TOKEN * token, CK_OBJECT_HANDLE object,
- unsigned int type, void *value, size_t size)
+ unsigned int type, void *value, size_t size)
{
memset(value, 0, size);
return pkcs11_getattr_var(token, object, type, value, &size);
@@ -79,7 +79,7 @@ pkcs11_getattr_s(PKCS11_TOKEN * token, CK_OBJECT_HANDLE object,
int
pkcs11_getattr_bn(PKCS11_TOKEN * token, CK_OBJECT_HANDLE object,
- unsigned int type, BIGNUM ** bn)
+ unsigned int type, BIGNUM ** bn)
{
CK_BYTE *binary;
size_t size;
@@ -105,7 +105,7 @@ pkcs11_getattr_bn(PKCS11_TOKEN * token, CK_OBJECT_HANDLE object,
*/
if (size == (size_t)-1) {
PKCS11err(PKCS11_F_PKCS11_GETATTR,
- pkcs11_map_err(CKR_ATTRIBUTE_TYPE_INVALID));
+ pkcs11_map_err(CKR_ATTRIBUTE_TYPE_INVALID));
ret = -1;
goto cleanup;
}
diff --git a/src/p11_cert.c b/src/p11_cert.c
index 7e4822f..3576772 100644
--- a/src/p11_cert.c
+++ b/src/p11_cert.c
@@ -31,12 +31,6 @@ static int pkcs11_next_cert(PKCS11_CTX *, PKCS11_TOKEN *, CK_SESSION_HANDLE);
static int pkcs11_init_cert(PKCS11_CTX * ctx, PKCS11_TOKEN * token,
CK_SESSION_HANDLE session, CK_OBJECT_HANDLE o, PKCS11_CERT **);
-static CK_OBJECT_CLASS cert_search_class;
-static CK_ATTRIBUTE cert_search_attrs[] = {
- {CKA_CLASS, &cert_search_class, sizeof(cert_search_class)},
-};
-#define numof(arr) (sizeof(arr)/sizeof((arr)[0]))
-
/*
* Enumerate all certs on the card
*/
@@ -85,6 +79,11 @@ PKCS11_CERT *PKCS11_find_certificate(PKCS11_KEY * key)
*/
static int pkcs11_find_certs(PKCS11_TOKEN * token)
{
+ CK_OBJECT_CLASS cert_search_class;
+ CK_ATTRIBUTE cert_search_attrs[] = {
+ {CKA_CLASS, &cert_search_class, sizeof(cert_search_class)},
+ };
+
PKCS11_SLOT *slot = TOKEN2SLOT(token);
PKCS11_CTX *ctx = TOKEN2CTX(token);
CK_SESSION_HANDLE session;
@@ -97,8 +96,7 @@ static int pkcs11_find_certs(PKCS11_TOKEN * token)
/* Tell the PKCS11 lib to enumerate all matching objects */
cert_search_class = CKO_CERTIFICATE;
- rv = CRYPTOKI_call(ctx, C_FindObjectsInit(session, cert_search_attrs,
- numof(cert_search_attrs)));
+ rv = CRYPTOKI_call(ctx, C_FindObjectsInit(session, cert_search_attrs, 1));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_CERTS, rv);
do {
diff --git a/src/p11_ec.c b/src/p11_ec.c
index 2a2b3ac..fec25ba 100644
--- a/src/p11_ec.c
+++ b/src/p11_ec.c
@@ -51,34 +51,34 @@
*/
#if defined(ECDSA_F_ECDSA_METHOD_NEW) && defined(BUILD_WITH_ECS_LOCL_H)
- #warning "Both BUILD_WITH_ECS_LOCL_H and ECDSA_F_ECDSA_METHOD_NEW defined"
- #warning "Consider not using BUILD_WITH_ECS_LOCL_H"
+ #warning "Both BUILD_WITH_ECS_LOCL_H and ECDSA_F_ECDSA_METHOD_NEW defined"
+ #warning "Consider not using BUILD_WITH_ECS_LOCL_H"
#endif
#if defined(BUILD_WITH_ECS_LOCL_H)
- #warning "Consider not using BUILD_WITH_ECS_LOCL_H"
- #warning "newer version of OpenSSL >-1.0.2 does not need BUILD_WITH_ECS_LOCL_H"
- #include "ecs_locl.h"
-
- #if !defined(HEADER_ECS_LOCL_H)
- #warning "Unable to find OpenSSL src/crypto/ecs_locl.h"
- #warning "add to CPPFLAGS: -I/path/to/source/openssl-n.n.n/src/crypto/ecdsa"
- #warning "or copy ecs_locl.h or create symlink to it"
- #if defined(ECDSA_F_ECDSA_METHOD_NEW)
- #warning "Will build instead using ECDSA_F_ECDSA_METHOD_NEW"
+ #warning "Consider not using BUILD_WITH_ECS_LOCL_H"
+ #warning "newer version of OpenSSL >-1.0.2 does not need BUILD_WITH_ECS_LOCL_H"
+ #include "ecs_locl.h"
+
+ #if !defined(HEADER_ECS_LOCL_H)
+ #warning "Unable to find OpenSSL src/crypto/ecs_locl.h"
+ #warning "add to CPPFLAGS: -I/path/to/source/openssl-n.n.n/src/crypto/ecdsa"
+ #warning "or copy ecs_locl.h or create symlink to it"
+ #if defined(ECDSA_F_ECDSA_METHOD_NEW)
+ #warning "Will build instead using ECDSA_F_ECDSA_METHOD_NEW"
+ #else
+ #error "Unable to build with ECDSA support"
+ #endif
#else
- #error " Unable to build with ECDSA support"
- #endif
- #else
- #define LIBP11_BUILD_WITH_ECS_LOCL_H
- #endif
+ #define LIBP11_BUILD_WITH_ECS_LOCL_H
+ #endif
#else
- #if !defined(ECDSA_F_ECDSA_METHOD_NEW)
- #define LIBP11_BUILD_WITHOUT_ECDSA
- #endif
+ #if !defined(ECDSA_F_ECDSA_METHOD_NEW)
+ #define LIBP11_BUILD_WITHOUT_ECDSA
+ #endif
#endif
-#endif /* OpenSSL EC tests and version */
+#endif /* OpenSSL EC tests and version */
#if !defined(LIBP11_BUILD_WITHOUT_ECDSA)
@@ -120,7 +120,7 @@ static EVP_PKEY *pkcs11_get_evp_key_ec(PKCS11_KEY * key)
EVP_PKEY_set1_EC_KEY(pk, ec); /* Also increments the ec ref count */
if (key_getattr(key, CKA_SENSITIVE, &sensitive, sizeof(sensitive))
- || key_getattr(key, CKA_EXTRACTABLE, &extractable, sizeof(extractable))) {
+ || key_getattr(key, CKA_EXTRACTABLE, &extractable, sizeof(extractable))) {
EVP_PKEY_free(pk);
EC_KEY_free(ec);
return NULL;
@@ -136,12 +136,12 @@ static EVP_PKEY *pkcs11_get_evp_key_ec(PKCS11_KEY * key)
ec_paramslen > 0) {
ec_params = OPENSSL_malloc(ec_paramslen);
if (ec_params) {
- ckrv = key_getattr_var(key, CKA_EC_PARAMS, ec_params, &ec_paramslen);
- if (ckrv == CKR_OK) {
- const unsigned char * a = ec_params;
- /* convert to OpenSSL parmas */
- d2i_ECParameters(&ec, &a, ec_paramslen);
- }
+ ckrv = key_getattr_var(key, CKA_EC_PARAMS, ec_params, &ec_paramslen);
+ if (ckrv == CKR_OK) {
+ const unsigned char * a = ec_params;
+ /* convert to OpenSSL parmas */
+ d2i_ECParameters(&ec, &a, ec_paramslen);
+ }
}
}
@@ -152,20 +152,20 @@ static EVP_PKEY *pkcs11_get_evp_key_ec(PKCS11_KEY * key)
if (ckrv == CKR_OK && ec_pointlen > 0) {
ec_point = OPENSSL_malloc(ec_pointlen);
if (ec_point) {
- ckrv = key_getattr_var(pubkey, CKA_EC_POINT, ec_point, &ec_pointlen);
- if (ckrv == CKR_OK) {
- /* PKCS#11 returns ASN1 octstring*/
- const unsigned char * a;
- /* we have asn1 octet string, need to strip off 04 len */
-
- a = ec_point;
- os = d2i_ASN1_OCTET_STRING(NULL, &a, ec_pointlen);
- if (os) {
- a = os->data;
- o2i_ECPublicKey(&ec, &a, os->length);
- }
+ ckrv = key_getattr_var(pubkey, CKA_EC_POINT, ec_point, &ec_pointlen);
+ if (ckrv == CKR_OK) {
+ /* PKCS#11 returns ASN1 octstring*/
+ const unsigned char * a;
+ /* we have asn1 octet string, need to strip off 04 len */
+
+ a = ec_point;
+ os = d2i_ASN1_OCTET_STRING(NULL, &a, ec_pointlen);
+ if (os) {
+ a = os->data;
+ o2i_ECPublicKey(&ec, &a, os->length);
+ }
/* EC_KEY_print_fp(stderr, ec, 5); */
- }
+ }
}
}
}
@@ -218,7 +218,7 @@ static ECDSA_SIG * pkcs11_ecdsa_do_sign(const unsigned char *dgst, int dlen,
int rv;
key = (PKCS11_KEY *) ECDSA_get_ex_data(ec, 0);
- if (key == NULL)
+ if (key == NULL)
return NULL;
siglen = sizeof(sigret);
@@ -246,19 +246,19 @@ static ECDSA_SIG * pkcs11_ecdsa_do_sign(const unsigned char *dgst, int dlen,
ECDSA_METHOD *PKCS11_get_ecdsa_method(void)
{
- if (ops == NULL) {
- ops = ECDSA_METHOD_new((ECDSA_METHOD *)ECDSA_OpenSSL());
- ECDSA_METHOD_set_sign(ops, pkcs11_ecdsa_do_sign);
- ECDSA_METHOD_set_sign_setup(ops, pkcs11_ecdsa_sign_setup);
- }
- return ops;
+ if (ops == NULL) {
+ ops = ECDSA_METHOD_new((ECDSA_METHOD *)ECDSA_OpenSSL());
+ ECDSA_METHOD_set_sign(ops, pkcs11_ecdsa_do_sign);
+ ECDSA_METHOD_set_sign_setup(ops, pkcs11_ecdsa_sign_setup);
+ }
+ return ops;
}
void PKCS11_ecdsa_method_free(void)
{
if (ops) {
- ECDSA_METHOD_free(ops);
- ops = NULL;
+ ECDSA_METHOD_free(ops);
+ ops = NULL;
}
}
@@ -270,7 +270,7 @@ ECDSA_METHOD *PKCS11_get_ecdsa_method(void)
static struct ecdsa_method sops;
if (!sops.ecdsa_do_sign) {
-/* question if compiler is copying each member of struct or not */
+/* question if compiler is copying each member of struct or not */
sops = *ECDSA_get_default_method();
sops.ecdsa_do_sign = pkcs11_ecdsa_do_sign;
sops.ecdsa_sign_setup = pkcs11_ecdsa_sign_setup;
@@ -280,7 +280,7 @@ ECDSA_METHOD *PKCS11_get_ecdsa_method(void)
void PKCS11_ecdsa_method_free(void)
{
- /* It is static in the old method */
+ /* It is static in the old method */
}
#endif /* LIBP11_BUILD_WITH_ECS_LOCL_H */
@@ -289,7 +289,7 @@ PKCS11_KEY_ops pkcs11_ec_ops_s = {
EVP_PKEY_EC,
pkcs11_get_evp_key_ec
};
-PKCS11_KEY_ops *pkcs11_ec_ops = {&pkcs11_ec_ops_s};
+PKCS11_KEY_ops *pkcs11_ec_ops = {&pkcs11_ec_ops_s};
#else /* LIBP11_BUILD_WITHOUT_ECDSA */
@@ -298,7 +298,7 @@ void *pkcs11_ec_ops = {NULL};
/* if not built with EC or OpenSSL does not support ECDSA
* add these routines so engine_pkcs11 can be built now and not
* require further changes */
-#warning "ECDSA support not built with libp11"
+#warning "ECDSA support not built with libp11"
void * PKCS11_get_ecdsa_method(void)
{
diff --git a/src/p11_key.c b/src/p11_key.c
index be08fbb..573a5ff 100644
--- a/src/p11_key.c
+++ b/src/p11_key.c
@@ -339,9 +339,9 @@ static int pkcs11_enumerate_keys(PKCS11_TOKEN * token, unsigned int type,
return -1;
}
}
- if(keyp)
+ if (keyp)
*keyp = keys->keys;
- if(countp)
+ if (countp)
*countp = keys->num;
return 0;
}
@@ -449,7 +449,7 @@ static int pkcs11_init_key(PKCS11_CTX * ctx, PKCS11_TOKEN * token,
key = keys->keys + keys->num++;
memset(key, 0, sizeof(PKCS11_KEY));
kpriv = OPENSSL_malloc(sizeof(PKCS11_KEY_private));
- if(kpriv)
+ if (kpriv)
memset(kpriv, 0, sizeof(PKCS11_KEY_private));
key->_private = kpriv;
kpriv->object = obj;
diff --git a/src/p11_ops.c b/src/p11_ops.c
index de33ef1..703e090 100644
--- a/src/p11_ops.c
+++ b/src/p11_ops.c
@@ -52,12 +52,9 @@ PKCS11_ecdsa_sign(const unsigned char *m, unsigned int m_len,
mechanism.mechanism = CKM_ECDSA;
CRYPTO_w_lock(PRIVSLOT(slot)->lockid);
- if((rv = CRYPTOKI_call(ctx, C_SignInit
- (session, &mechanism, priv->object))) == 0) {
- rv = CRYPTOKI_call(ctx, C_Sign
- (session, (CK_BYTE *) m, m_len,
- sigret, &ck_sigsize));
- }
+ rv = CRYPTOKI_call(ctx, C_SignInit(session, &mechanism, priv->object)) ||
+ CRYPTOKI_call(ctx,
+ C_Sign(session, (CK_BYTE *) m, m_len, sigret, &ck_sigsize));
CRYPTO_w_unlock(PRIVSLOT(slot)->lockid);
if (rv) {
@@ -86,9 +83,9 @@ PKCS11_sign(int type, const unsigned char *m, unsigned int m_len,
sigsize = PKCS11_get_key_size(key);
if (ssl) {
- if((m_len != 36) /* SHA1 + MD5 */ ||
- ((m_len + RSA_PKCS1_PADDING_SIZE) > (unsigned)sigsize)) {
- return(0); /* the size is wrong */
+ if ((m_len != 36) /* SHA1 + MD5 */ ||
+ ((m_len + RSA_PKCS1_PADDING_SIZE) > (unsigned)sigsize)) {
+ return 0; /* the size is wrong */
}
} else {
ASN1_TYPE parameter = { V_ASN1_NULL, { NULL } };
@@ -97,20 +94,20 @@ PKCS11_sign(int type, const unsigned char *m, unsigned int m_len,
X509_SIG digest_info = { &algor, &digest };
int size;
/* Fetch the OID of the algorithm used */
- if((algor.algorithm = OBJ_nid2obj(type)) &&
- (algor.algorithm->length) &&
- /* Get the size of the encoded DigestInfo */
- (size = i2d_X509_SIG(&digest_info, NULL)) &&
- /* Check that size is compatible with PKCS#11 padding */
- (size + RSA_PKCS1_PADDING_SIZE <= sigsize) &&
- (encoded = OPENSSL_malloc(sigsize))) {
+ if ((algor.algorithm = OBJ_nid2obj(type)) &&
+ (algor.algorithm->length) &&
+ /* Get the size of the encoded DigestInfo */
+ (size = i2d_X509_SIG(&digest_info, NULL)) &&
+ /* Check that size is compatible with PKCS#11 padding */
+ (size + RSA_PKCS1_PADDING_SIZE <= sigsize) &&
+ (encoded = OPENSSL_malloc(sigsize))) {
unsigned char *tmp = encoded;
/* Actually do the encoding */
i2d_X509_SIG(&digest_info,&tmp);
m = encoded;
m_len = size;
} else {
- return(0);
+ return 0;
}
}
@@ -131,7 +128,7 @@ PKCS11_sign(int type, const unsigned char *m, unsigned int m_len,
int
PKCS11_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
- PKCS11_KEY * key, int padding)
+ PKCS11_KEY * key, int padding)
{
PKCS11_KEY_private *priv;
PKCS11_SLOT *slot;
@@ -180,12 +177,9 @@ PKCS11_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
/* API is somewhat fishy here. *siglen is 0 on entry (cleared
* by OpenSSL). The library assumes that the memory passed
* by the caller is always big enough */
- if((rv = CRYPTOKI_call(ctx, C_SignInit
- (session, &mechanism, priv->object))) == 0) {
- rv = CRYPTOKI_call(ctx, C_Sign
- (session, (CK_BYTE *) from, flen,
- to, &ck_sigsize));
- }
+ rv = CRYPTOKI_call(ctx, C_SignInit(session, &mechanism, priv->object)) ||
+ CRYPTOKI_call(ctx,
+ C_Sign(session, (CK_BYTE *) from, flen, to, &ck_sigsize));
CRYPTO_w_unlock(PRIVSLOT(slot)->lockid);
if (rv) {
@@ -201,7 +195,7 @@ PKCS11_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
int
PKCS11_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
- PKCS11_KEY * key, int padding)
+ PKCS11_KEY * key, int padding)
{
CK_RV rv;
PKCS11_KEY_private *priv;
@@ -231,23 +225,22 @@ PKCS11_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
CRYPTO_w_lock(PRIVSLOT(slot)->lockid);
- if( (rv = CRYPTOKI_call(ctx, C_DecryptInit(session, &mechanism, priv->object))) == 0) {
- rv = CRYPTOKI_call(ctx, C_Decrypt
- (session, (CK_BYTE *) from, (CK_ULONG)flen,
- (CK_BYTE_PTR)to, &size));
- }
+ rv = CRYPTOKI_call(ctx, C_DecryptInit(session, &mechanism, priv->object)) ||
+ CRYPTOKI_call(ctx,
+ C_Decrypt(session, (CK_BYTE *) from, (CK_ULONG)flen,
+ (CK_BYTE_PTR)to, &size));
CRYPTO_w_unlock(PRIVSLOT(slot)->lockid);
if (rv) {
PKCS11err(PKCS11_F_PKCS11_RSA_DECRYPT, pkcs11_map_err(rv));
}
- return (rv) ? 0 : size;
+ return rv ? 0 : size;
}
int
PKCS11_verify(int type, const unsigned char *m, unsigned int m_len,
- unsigned char *signature, unsigned int siglen, PKCS11_KEY * key)
+ unsigned char *signature, unsigned int siglen, PKCS11_KEY * key)
{
(void)type;
(void)m;
diff --git a/src/p11_rsa.c b/src/p11_rsa.c
index fa84b51..1b915a3 100644
--- a/src/p11_rsa.c
+++ b/src/p11_rsa.c
@@ -69,15 +69,15 @@ static EVP_PKEY *pkcs11_get_evp_key_rsa(PKCS11_KEY * key)
for(ki = 0; ki < tpriv->pub.num; ki++) {
PKCS11_KEY* pubkey = &tpriv->pub.keys[ki];
- if(key_getattr_bn(pubkey, CKA_MODULUS, &pubmod)) {
+ if (key_getattr_bn(pubkey, CKA_MODULUS, &pubmod)) {
continue;
}
- if(BN_cmp(rsa->n, pubmod)) { // Modulus not same -- this public from another key
+ if (BN_cmp(rsa->n, pubmod)) { // Modulus not same -- this public from another key
continue;
}
// If modulus are same -- we found required key, extract public exponent from it
- if(key_getattr_bn(pubkey, CKA_PUBLIC_EXPONENT, &rsa->e)) {
+ if (key_getattr_bn(pubkey, CKA_PUBLIC_EXPONENT, &rsa->e)) {
continue;
}
if (BN_is_zero(rsa->e)) {
@@ -85,7 +85,8 @@ static EVP_PKEY *pkcs11_get_evp_key_rsa(PKCS11_KEY * key)
}
break;
}
- if(pubmod!=NULL) BN_free(pubmod);
+ if (pubmod!=NULL)
+ BN_free(pubmod);
}
/* If the key is not extractable, create a key object
@@ -124,7 +125,7 @@ int PKCS11_get_key_size(const PKCS11_KEY * key)
{
BIGNUM *n = NULL;
int numbytes = 0;
- if(key_getattr_bn(key, CKA_MODULUS, &n))
+ if (key_getattr_bn(key, CKA_MODULUS, &n))
return 0;
numbytes = BN_num_bytes(n);
BN_free(n);
diff --git a/src/p11_slot.c b/src/p11_slot.c
index 5ce0d5e..3588a3b 100644
--- a/src/p11_slot.c
+++ b/src/p11_slot.c
@@ -61,7 +61,8 @@ pkcs11_enumerate_slots(PKCS11_CTX * ctx, PKCS11_SLOT ** slotp, unsigned int *cou
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_SLOTS, rv);
slotid = OPENSSL_malloc(nslots * sizeof(CK_SLOT_ID));
- if (slotid == NULL) return (-1);
+ if (slotid == NULL)
+ return -1;
rv = priv->method->C_GetSlotList(FALSE, slotid, &nslots);
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_SLOTS, rv);
@@ -107,10 +108,10 @@ PKCS11_SLOT *PKCS11_find_token(PKCS11_CTX * ctx, PKCS11_SLOT * slots, unsigned
best = NULL;
for (n = 0, slot = slots; n < nslots; n++, slot++) {
if ((tok = slot->token) != NULL) {
- if (best == NULL
- || (tok->initialized > best->token->initialized
- && tok->userPinSet > best->token->userPinSet
- && tok->loginRequired > best->token->loginRequired))
+ if (best == NULL ||
+ (tok->initialized > best->token->initialized &&
+ tok->userPinSet > best->token->userPinSet &&
+ tok->loginRequired > best->token->loginRequired))
best = slot;
}
}
@@ -136,10 +137,9 @@ int pkcs11_open_session(PKCS11_SLOT * slot, int rw, int relogin)
}
}
rv = CRYPTOKI_call(ctx,
- C_OpenSession(priv->id,
- CKF_SERIAL_SESSION | (rw ? CKF_RW_SESSION :
- 0), NULL, NULL,
- &priv->session));
+ C_OpenSession(priv->id,
+ CKF_SERIAL_SESSION | (rw ? CKF_RW_SESSION : 0),
+ NULL, NULL, &priv->session));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_OPEN_SESSION, rv);
priv->haveSession = 1;
priv->prev_rw = rw;
@@ -159,10 +159,9 @@ int PKCS11_reopen_session(PKCS11_SLOT * slot)
int rv;
rv = CRYPTOKI_call(ctx,
- C_OpenSession(priv->id,
- CKF_SERIAL_SESSION | (priv->prev_rw ? CKF_RW_SESSION :
- 0), NULL, NULL,
- &priv->session));
+ C_OpenSession(priv->id,
+ CKF_SERIAL_SESSION | (priv->prev_rw ? CKF_RW_SESSION : 0),
+ NULL, NULL, &priv->session));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_OPEN_SESSION, rv);
priv->haveSession = 1;
@@ -190,9 +189,8 @@ int PKCS11_is_logged_in(PKCS11_SLOT * slot, int so, int * res)
return -1;
}
- rv = CRYPTOKI_call(ctx, C_GetSessionInfo(priv->session,
- &session_info));
- CRYPTOKI_checkerr(PKCS11_F_PKCS11_GETSESSIONINFO, rv);
+ rv = CRYPTOKI_call(ctx, C_GetSessionInfo(priv->session, &session_info));
+ CRYPTOKI_checkerr(PKCS11_F_PKCS11_GETSESSIONINFO, rv);
if (so) {
*res = session_info.state == CKS_RW_SO_FUNCTIONS;
} else {
@@ -234,10 +232,9 @@ int pkcs11_login(PKCS11_SLOT * slot, int so, const char *pin, int relogin)
return -1;
}
- rv = CRYPTOKI_call(ctx, C_Login(priv->session,
- so ? CKU_SO : CKU_USER,
- (CK_UTF8CHAR *) pin,
- pin ? strlen(pin) : 0));
+ rv = CRYPTOKI_call(ctx,
+ C_Login(priv->session, so ? CKU_SO : CKU_USER,
+ (CK_UTF8CHAR *) pin, pin ? strlen(pin) : 0));
if (rv && rv != CKR_USER_ALREADY_LOGGED_IN) /* logged in -> OK */
CRYPTOKI_checkerr(PKCS11_F_PKCS11_LOGIN, rv);
priv->loggedIn = 1;
@@ -311,9 +308,9 @@ int PKCS11_init_token(PKCS11_TOKEN * token, const char *pin, const char *label)
if (label == NULL)
label = "PKCS#11 Token";
- rv = CRYPTOKI_call(ctx, C_InitToken(priv->id,
- (CK_UTF8CHAR *) pin, strlen(pin),
- (CK_UTF8CHAR *) label));
+ rv = CRYPTOKI_call(ctx,
+ C_InitToken(priv->id,
+ (CK_UTF8CHAR *) pin, strlen(pin), (CK_UTF8CHAR *) label));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_INIT_TOKEN, rv);
/* FIXME: how to update the token?
@@ -371,8 +368,9 @@ int PKCS11_change_pin(PKCS11_SLOT * slot, const char *old_pin,
old_len = old_pin ? strlen(old_pin) : 0;
new_len = new_pin ? strlen(new_pin) : 0;
- rv = CRYPTOKI_call(ctx, C_SetPIN(priv->session, (CK_UTF8CHAR *) old_pin,
- old_len, (CK_UTF8CHAR *) new_pin, new_len));
+ rv = CRYPTOKI_call(ctx,
+ C_SetPIN(priv->session, (CK_UTF8CHAR *) old_pin, old_len,
+ (CK_UTF8CHAR *) new_pin, new_len));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_CHANGE_PIN, rv);
return pkcs11_check_token(ctx, slot);
@@ -395,7 +393,8 @@ int PKCS11_seed_random(PKCS11_SLOT *slot, const unsigned char *s,
return -1;
}
- rv = CRYPTOKI_call(ctx, C_SeedRandom(priv->session, (CK_BYTE_PTR) s, s_len));
+ rv = CRYPTOKI_call(ctx,
+ C_SeedRandom(priv->session, (CK_BYTE_PTR) s, s_len));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_SEED_RANDOM, rv);
return pkcs11_check_token(ctx, slot);
@@ -418,7 +417,8 @@ int PKCS11_generate_random(PKCS11_SLOT *slot, unsigned char *r,
return -1;
}
- rv = CRYPTOKI_call(ctx, C_GenerateRandom(priv->session, (CK_BYTE_PTR) r, r_len));
+ rv = CRYPTOKI_call(ctx,
+ C_GenerateRandom(priv->session, (CK_BYTE_PTR) r, r_len));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_GENERATE_RANDOM, rv);
return pkcs11_check_token(ctx, slot);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git
More information about the pkg-opensc-commit
mailing list