[pkg-opensc-commit] [libp11] 32/86: Code style unification
Eric Dorland
eric at moszumanska.debian.org
Sun Jul 24 21:40:19 UTC 2016
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository libp11.
commit 9c14369d98d9688c197e45f856828fdc675799b5
Author: Michał Trojnara <Michal.Trojnara at stunnel.org>
Date: Tue Feb 2 18:38:05 2016 +0100
Code style unification
---
src/p11_cert.c | 27 +++++-----
src/p11_ec.c | 12 +++--
src/p11_key.c | 11 ++--
src/p11_load.c | 62 ++++++++++-----------
src/p11_misc.c | 38 ++++++-------
src/p11_ops.c | 112 +++++++++++++-------------------------
src/p11_rsa.c | 9 ++--
src/p11_slot.c | 168 ++++++++++++++++++++++++++++-----------------------------
8 files changed, 201 insertions(+), 238 deletions(-)
diff --git a/src/p11_cert.c b/src/p11_cert.c
index 5a49cf2..c6f0f8b 100644
--- a/src/p11_cert.c
+++ b/src/p11_cert.c
@@ -38,7 +38,7 @@ PKCS11_enumerate_certs(PKCS11_TOKEN * token,
PKCS11_CERT ** certp, unsigned int *countp)
{
PKCS11_SLOT *slot = TOKEN2SLOT(token);
- PKCS11_CTX *ctx = TOKEN2CTX(token);
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
PKCS11_TOKEN_private *tpriv = PRIVTOKEN(token);
PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
@@ -91,7 +91,7 @@ PKCS11_CERT *PKCS11_find_certificate(PKCS11_KEY * key)
static int pkcs11_find_certs(PKCS11_TOKEN * token)
{
PKCS11_SLOT *slot = TOKEN2SLOT(token);
- PKCS11_CTX *ctx = TOKEN2CTX(token);
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
PKCS11_TOKEN_private *tpriv = PRIVTOKEN(token);
PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
CK_OBJECT_CLASS cert_search_class;
@@ -215,10 +215,10 @@ static int pkcs11_init_cert(PKCS11_CTX * ctx, PKCS11_TOKEN * token,
*/
void pkcs11_destroy_certs(PKCS11_TOKEN * token)
{
- PKCS11_TOKEN_private *priv = PRIVTOKEN(token);
+ PKCS11_TOKEN_private *tpriv = PRIVTOKEN(token);
- while (priv->ncerts > 0) {
- PKCS11_CERT *cert = &priv->certs[--(priv->ncerts)];
+ while (tpriv->ncerts > 0) {
+ PKCS11_CERT *cert = &tpriv->certs[--(tpriv->ncerts)];
if (cert->x509)
X509_free(cert->x509);
@@ -228,10 +228,10 @@ void pkcs11_destroy_certs(PKCS11_TOKEN * token)
if (cert->_private != NULL)
OPENSSL_free(cert->_private);
}
- if (priv->certs)
- OPENSSL_free(priv->certs);
- priv->certs = NULL;
- priv->ncerts = -1;
+ if (tpriv->certs)
+ OPENSSL_free(tpriv->certs);
+ tpriv->certs = NULL;
+ tpriv->ncerts = -1;
}
/*
@@ -242,8 +242,8 @@ PKCS11_store_certificate(PKCS11_TOKEN * token, X509 * x509, char *label,
unsigned char *id, size_t id_len, PKCS11_CERT ** ret_cert)
{
PKCS11_SLOT *slot = TOKEN2SLOT(token);
- PKCS11_CTX *ctx = TOKEN2CTX(token);
- CK_SESSION_HANDLE session;
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
CK_OBJECT_HANDLE object;
CK_ATTRIBUTE attrs[32];
unsigned int n = 0;
@@ -254,7 +254,6 @@ PKCS11_store_certificate(PKCS11_TOKEN * token, X509 * x509, char *label,
/* First, make sure we have a session */
if (!PRIVSLOT(slot)->haveSession && PKCS11_open_session(slot, 1))
return -1;
- session = PRIVSLOT(slot)->session;
/* Now build the template */
pkcs11_addattr_int(attrs + n++, CKA_CLASS, CKO_CERTIFICATE);
@@ -267,7 +266,7 @@ PKCS11_store_certificate(PKCS11_TOKEN * token, X509 * x509, char *label,
pkcs11_addattr(attrs + n++, CKA_ID, id, id_len);
/* Now call the pkcs11 module to create the object */
- rv = CRYPTOKI_call(ctx, C_CreateObject(session, attrs, n, &object));
+ rv = CRYPTOKI_call(ctx, C_CreateObject(spriv->session, attrs, n, &object));
/* Zap all memory allocated when building the template */
pkcs11_zap_attrs(attrs, n);
@@ -275,7 +274,7 @@ PKCS11_store_certificate(PKCS11_TOKEN * token, X509 * x509, char *label,
CRYPTOKI_checkerr(PKCS11_F_PKCS11_STORE_CERTIFICATE, rv);
/* Gobble the key object */
- return pkcs11_init_cert(ctx, token, session, object, ret_cert);
+ return pkcs11_init_cert(ctx, token, spriv->session, object, ret_cert);
}
/* vim: set noexpandtab: */
diff --git a/src/p11_ec.c b/src/p11_ec.c
index 0fb9c7a..872b120 100644
--- a/src/p11_ec.c
+++ b/src/p11_ec.c
@@ -301,7 +301,8 @@ err:
#if OPENSSL_VERSION_NUMBER >= 0x10100002L
-static void alloc_ec_key_ex_index() {
+static void alloc_ec_key_ex_index()
+{
if (ec_key_ex_index == 0) {
while (ec_key_ex_index == 0) /* Workaround for OpenSSL RT3710 */
ec_key_ex_index = EC_KEY_get_ex_new_index(0, "libp11 ec_key",
@@ -311,7 +312,8 @@ static void alloc_ec_key_ex_index() {
}
}
#else
-static void alloc_ecdsa_ex_index() {
+static void alloc_ecdsa_ex_index()
+{
if (ecdsa_ex_index == 0) {
while (ecdsa_ex_index == 0) /* Workaround for OpenSSL RT3710 */
ecdsa_ex_index = ECDSA_get_ex_new_index(0, "libp11 ecdsa",
@@ -323,7 +325,8 @@ static void alloc_ecdsa_ex_index() {
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10100002L
-static void free_ec_key_ex_index() {
+static void free_ec_key_ex_index()
+{
/* CRYPTO_free_ex_index requires OpenSSL version >= 1.1.0-pre1 */
if (ec_key_ex_index > 0) {
CRYPTO_free_ex_index(CRYPTO_EX_INDEX_EC_KEY, ec_key_ex_index);
@@ -331,7 +334,8 @@ static void free_ec_key_ex_index() {
}
}
#else
-static void free_ecdsa_ex_index() {
+static void free_ecdsa_ex_index()
+{
/* CRYPTO_free_ex_index requires OpenSSL version >= 1.1.0-pre1 */
#if OPENSSL_VERSION_NUMBER >= 0x10100001L
if (ecdsa_ex_index > 0) {
diff --git a/src/p11_key.c b/src/p11_key.c
index d42664c..e26412c 100644
--- a/src/p11_key.c
+++ b/src/p11_key.c
@@ -79,7 +79,7 @@ PKCS11_KEY *PKCS11_find_key(PKCS11_CERT *cert)
}
/*
- * Find key matching a key of the other type pub vs priv
+ * Find key matching a key of the other type (public vs private)
*/
PKCS11_KEY *PKCS11_find_key_from_key(PKCS11_KEY * keyin)
{
@@ -225,7 +225,7 @@ static int pkcs11_store_key(PKCS11_TOKEN * token, EVP_PKEY * pk,
{
PKCS11_SLOT *slot = TOKEN2SLOT(token);
PKCS11_CTX *ctx = TOKEN2CTX(token);
- CK_SESSION_HANDLE session;
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
CK_OBJECT_HANDLE object;
CK_ATTRIBUTE attrs[32];
unsigned int n = 0;
@@ -234,9 +234,8 @@ static int pkcs11_store_key(PKCS11_TOKEN * token, EVP_PKEY * pk,
CHECK_SLOT_FORK(slot);
/* First, make sure we have a session */
- if (!PRIVSLOT(slot)->haveSession && PKCS11_open_session(slot, 1))
+ if (!spriv->haveSession && PKCS11_open_session(slot, 1))
return -1;
- session = PRIVSLOT(slot)->session;
/* Now build the key attrs */
pkcs11_addattr_int(attrs + n++, CKA_CLASS, type);
@@ -281,7 +280,7 @@ static int pkcs11_store_key(PKCS11_TOKEN * token, EVP_PKEY * pk,
}
/* Now call the pkcs11 module to create the object */
- rv = CRYPTOKI_call(ctx, C_CreateObject(session, attrs, n, &object));
+ rv = CRYPTOKI_call(ctx, C_CreateObject(spriv->session, attrs, n, &object));
/* Zap all memory allocated when building the template */
pkcs11_zap_attrs(attrs, n);
@@ -289,7 +288,7 @@ static int pkcs11_store_key(PKCS11_TOKEN * token, EVP_PKEY * pk,
CRYPTOKI_checkerr(PKCS11_F_PKCS11_STORE_PRIVATE_KEY, rv);
/* Gobble the key object */
- return pkcs11_init_key(ctx, token, session, object, type, ret_key);
+ return pkcs11_init_key(ctx, token, spriv->session, object, type, ret_key);
}
/*
diff --git a/src/p11_load.c b/src/p11_load.c
index 8217b98..096b5c8 100644
--- a/src/p11_load.c
+++ b/src/p11_load.c
@@ -26,27 +26,27 @@ static void *handle = NULL;
*/
PKCS11_CTX *PKCS11_CTX_new(void)
{
- PKCS11_CTX_private *priv = NULL;
+ PKCS11_CTX_private *cpriv = NULL;
PKCS11_CTX *ctx = NULL;
/* Load error strings */
ERR_load_PKCS11_strings();
- priv = OPENSSL_malloc(sizeof(PKCS11_CTX_private));
- if (priv == NULL)
+ cpriv = OPENSSL_malloc(sizeof(PKCS11_CTX_private));
+ if (cpriv == NULL)
goto fail;
- memset(priv, 0, sizeof(PKCS11_CTX_private));
+ memset(cpriv, 0, sizeof(PKCS11_CTX_private));
ctx = OPENSSL_malloc(sizeof(PKCS11_CTX));
if (ctx == NULL)
goto fail;
memset(ctx, 0, sizeof(PKCS11_CTX));
- ctx->_private = priv;
- priv->forkid = _P11_get_forkid();
- priv->lockid = pkcs11_get_new_dynlockid();
+ ctx->_private = cpriv;
+ cpriv->forkid = _P11_get_forkid();
+ cpriv->lockid = pkcs11_get_new_dynlockid();
return ctx;
fail:
- OPENSSL_free(priv);
+ OPENSSL_free(cpriv);
OPENSSL_free(ctx);
return NULL;
}
@@ -56,12 +56,12 @@ PKCS11_CTX *PKCS11_CTX_new(void)
*/
void PKCS11_CTX_init_args(PKCS11_CTX * ctx, const char *init_args)
{
- PKCS11_CTX_private *priv = PRIVCTX(ctx);
+ PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
/* Free previously duplicated string */
- if (priv->init_args) {
- OPENSSL_free(priv->init_args);
+ if (cpriv->init_args) {
+ OPENSSL_free(cpriv->init_args);
}
- priv->init_args = init_args ? BUF_strdup(init_args) : NULL;
+ cpriv->init_args = init_args ? BUF_strdup(init_args) : NULL;
}
/*
@@ -69,38 +69,38 @@ void PKCS11_CTX_init_args(PKCS11_CTX * ctx, const char *init_args)
*/
int PKCS11_CTX_load(PKCS11_CTX * ctx, const char *name)
{
- PKCS11_CTX_private *priv = PRIVCTX(ctx);
+ PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
CK_C_INITIALIZE_ARGS _args;
CK_C_INITIALIZE_ARGS *args = NULL;
CK_INFO ck_info;
int rv;
- if (priv->libinfo != NULL) {
+ if (cpriv->libinfo != NULL) {
PKCS11err(PKCS11_F_PKCS11_CTX_LOAD, PKCS11_MODULE_LOADED_ERROR);
return -1;
}
- handle = C_LoadModule(name, &priv->method);
+ handle = C_LoadModule(name, &cpriv->method);
if (handle == NULL) {
PKCS11err(PKCS11_F_PKCS11_CTX_LOAD, PKCS11_LOAD_MODULE_ERROR);
return -1;
}
/* Tell the PKCS11 to initialize itself */
- if (priv->init_args != NULL) {
+ if (cpriv->init_args != NULL) {
memset(&_args, 0, sizeof(_args));
args = &_args;
/* Unconditionally say using OS locking primitives is OK */
args->flags |= CKF_OS_LOCKING_OK;
- args->pReserved = priv->init_args;
+ args->pReserved = cpriv->init_args;
}
- rv = priv->method->C_Initialize(args);
+ rv = cpriv->method->C_Initialize(args);
if (rv && rv != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
PKCS11err(PKCS11_F_PKCS11_CTX_LOAD, rv);
return -1;
}
/* Get info on the library */
- rv = priv->method->C_GetInfo(&ck_info);
+ rv = cpriv->method->C_GetInfo(&ck_info);
CRYPTOKI_checkerr(PKCS11_F_PKCS11_CTX_LOAD, rv);
ctx->manufacturer = PKCS11_DUP(ck_info.manufacturerID);
@@ -114,18 +114,18 @@ int PKCS11_CTX_load(PKCS11_CTX * ctx, const char *name)
*/
int PKCS11_CTX_reload(PKCS11_CTX * ctx)
{
- PKCS11_CTX_private *priv = PRIVCTX(ctx);
+ PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
CK_C_INITIALIZE_ARGS _args;
CK_C_INITIALIZE_ARGS *args = NULL;
int rv;
/* Tell the PKCS11 to initialize itself */
- if (priv->init_args != NULL) {
+ if (cpriv->init_args != NULL) {
memset(&_args, 0, sizeof(_args));
args = &_args;
- args->pReserved = priv->init_args;
+ args->pReserved = cpriv->init_args;
}
- rv = priv->method->C_Initialize(args);
+ rv = cpriv->method->C_Initialize(args);
if (rv && rv != CKR_CRYPTOKI_ALREADY_INITIALIZED) {
PKCS11err(PKCS11_F_PKCS11_CTX_LOAD, rv);
return -1;
@@ -140,12 +140,12 @@ int PKCS11_CTX_reload(PKCS11_CTX * ctx)
*/
void PKCS11_CTX_unload(PKCS11_CTX * ctx)
{
- PKCS11_CTX_private *priv;
- priv = PRIVCTX(ctx);
+ PKCS11_CTX_private *cpriv;
+ cpriv = PRIVCTX(ctx);
/* Tell the PKCS11 library to shut down */
- if (priv->forkid == _P11_get_forkid())
- priv->method->C_Finalize(NULL);
+ if (cpriv->forkid == _P11_get_forkid())
+ cpriv->method->C_Finalize(NULL);
/* Unload the module */
C_UnloadModule(handle);
@@ -156,17 +156,17 @@ void PKCS11_CTX_unload(PKCS11_CTX * ctx)
*/
void PKCS11_CTX_free(PKCS11_CTX * ctx)
{
- PKCS11_CTX_private *priv = PRIVCTX(ctx);
+ PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
/* TODO: move the global methods and ex_data indexes into
* the ctx structure, so they can be safely deallocated here:
PKCS11_rsa_method_free(ctx);
PKCS11_ecdsa_method_free(ctx);
*/
- if (priv->init_args) {
- OPENSSL_free(priv->init_args);
+ if (cpriv->init_args) {
+ OPENSSL_free(cpriv->init_args);
}
- pkcs11_destroy_dynlockid(priv->lockid);
+ pkcs11_destroy_dynlockid(cpriv->lockid);
OPENSSL_free(ctx->manufacturer);
OPENSSL_free(ctx->description);
OPENSSL_free(ctx->_private);
diff --git a/src/p11_misc.c b/src/p11_misc.c
index 6551642..36e4396 100644
--- a/src/p11_misc.c
+++ b/src/p11_misc.c
@@ -60,12 +60,12 @@ void *memdup(const void *src, size_t size)
*/
static int check_fork_int(PKCS11_CTX *ctx)
{
- PKCS11_CTX_private *priv = PRIVCTX(ctx);
+ PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
- if (_P11_detect_fork(priv->forkid)) {
+ if (_P11_detect_fork(cpriv->forkid)) {
if (PKCS11_CTX_reload(ctx) < 0)
return -1;
- priv->forkid = _P11_get_forkid();
+ cpriv->forkid = _P11_get_forkid();
}
return 0;
}
@@ -78,11 +78,11 @@ static int check_slot_fork_int(PKCS11_SLOT *slot)
{
PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
PKCS11_CTX *ctx = SLOT2CTX(slot);
- PKCS11_CTX_private *priv = PRIVCTX(ctx);
+ PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
if (check_fork_int(SLOT2CTX(slot)) < 0)
return -1;
- if (spriv->forkid != priv->forkid) {
+ if (spriv->forkid != cpriv->forkid) {
if (spriv->loggedIn) {
int saved = spriv->haveSession;
spriv->haveSession = 0;
@@ -96,7 +96,7 @@ static int check_slot_fork_int(PKCS11_SLOT *slot)
if (PKCS11_reopen_session(slot) < 0)
return -1;
}
- spriv->forkid = priv->forkid;
+ spriv->forkid = cpriv->forkid;
}
return 0;
}
@@ -107,15 +107,15 @@ static int check_slot_fork_int(PKCS11_SLOT *slot)
*/
static int check_key_fork_int(PKCS11_KEY *key)
{
- PKCS11_KEY_private *priv = PRIVKEY(key);
- PKCS11_SLOT *slot = TOKEN2SLOT(priv->parent);
+ PKCS11_SLOT *slot = KEY2SLOT(key);
+ PKCS11_KEY_private *kpriv = PRIVKEY(key);
PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
if (check_slot_fork_int(slot) < 0)
return -1;
- if (spriv->forkid != priv->forkid) {
+ if (spriv->forkid != kpriv->forkid) {
pkcs11_reload_key(key);
- priv->forkid = spriv->forkid;
+ kpriv->forkid = spriv->forkid;
}
return 0;
}
@@ -125,12 +125,12 @@ static int check_key_fork_int(PKCS11_KEY *key)
*/
int check_fork(PKCS11_CTX *ctx)
{
- PKCS11_CTX_private *priv = PRIVCTX(ctx);
+ PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
int rv;
- pkcs11_w_lock(priv->lockid);
+ pkcs11_w_lock(cpriv->lockid);
rv = check_fork_int(ctx);
- pkcs11_w_unlock(priv->lockid);
+ pkcs11_w_unlock(cpriv->lockid);
return rv;
}
@@ -140,12 +140,12 @@ int check_fork(PKCS11_CTX *ctx)
int check_slot_fork(PKCS11_SLOT *slot)
{
PKCS11_CTX *ctx = SLOT2CTX(slot);
- PKCS11_CTX_private *priv = PRIVCTX(ctx);
+ PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
int rv;
- pkcs11_w_lock(priv->lockid);
+ pkcs11_w_lock(cpriv->lockid);
rv = check_slot_fork_int(slot);
- pkcs11_w_unlock(priv->lockid);
+ pkcs11_w_unlock(cpriv->lockid);
return rv;
}
@@ -155,12 +155,12 @@ int check_slot_fork(PKCS11_SLOT *slot)
int check_key_fork(PKCS11_KEY *key)
{
PKCS11_CTX *ctx = KEY2CTX(key);
- PKCS11_CTX_private *priv = PRIVCTX(ctx);
+ PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
int rv;
- CRYPTO_w_lock(priv->lockid);
+ CRYPTO_w_lock(cpriv->lockid);
rv = check_key_fork_int(key);
- CRYPTO_w_unlock(priv->lockid);
+ CRYPTO_w_unlock(cpriv->lockid);
return rv;
}
diff --git a/src/p11_ops.c b/src/p11_ops.c
index a59f843..df6908d 100644
--- a/src/p11_ops.c
+++ b/src/p11_ops.c
@@ -32,7 +32,7 @@
* The secret key object is deleted
*
* In future CKM_ECMQV_DERIVE with CK_ECMQV_DERIVE_PARAMS
- * could also be supported, and the secret key object could be returned.
+ * could also be supported, and the secret key object could be returned.
*/
int pkcs11_ecdh_derive_internal(unsigned char **out, size_t *outlen,
const unsigned long ecdh_mechanism,
@@ -40,16 +40,16 @@ int pkcs11_ecdh_derive_internal(unsigned char **out, size_t *outlen,
void *outnewkey,
PKCS11_KEY * key)
{
+ PKCS11_SLOT *slot = KEY2SLOT(key);
+ PKCS11_CTX *ctx = KEY2CTX(key);
+ PKCS11_TOKEN *token = KEY2TOKEN(key);
+ PKCS11_KEY_private *kpriv = PRIVKEY(key);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
+ CK_MECHANISM mechanism;
int rv;
int ret = -1;
unsigned char * buf = NULL;
size_t buflen;
- PKCS11_KEY_private *priv;
- PKCS11_SLOT *slot;
- PKCS11_CTX *ctx;
- PKCS11_TOKEN *token;
- CK_SESSION_HANDLE session;
- CK_MECHANISM mechanism;
CK_BBOOL true = TRUE;
CK_BBOOL false = FALSE;
@@ -65,15 +65,8 @@ int pkcs11_ecdh_derive_internal(unsigned char **out, size_t *outlen,
{CKA_DECRYPT, &true, sizeof(true)}
};
- ctx = KEY2CTX(key);
- priv = PRIVKEY(key);
- token = KEY2TOKEN(key);
- slot = KEY2SLOT(key);
-
CHECK_KEY_FORK(key);
- session = PRIVSLOT(slot)->session;
-
memset(&mechanism, 0, sizeof(mechanism));
mechanism.mechanism = ecdh_mechanism;
mechanism.pParameter = (void*)ec_params;
@@ -91,14 +84,14 @@ int pkcs11_ecdh_derive_internal(unsigned char **out, size_t *outlen,
}
CRYPTO_w_lock(PRIVSLOT(slot)->lockid);
- rv = CRYPTOKI_call(ctx, C_DeriveKey(session, &mechanism, priv->object, newkey_template, 5, &newkey));
+ rv = CRYPTOKI_call(ctx, C_DeriveKey(spriv->session, &mechanism, kpriv->object, newkey_template, 5, &newkey));
if (rv) {
PKCS11err(PKCS11_F_PKCS11_EC_KEY_COMPUTE_KEY, pkcs11_map_err(rv));
goto err;
}
/* Return the value of the secret key and/or the object handle of the secret key */
-
+
/* pkcs11_ec_ckey only asks for the value */
if (out && outlen) {
@@ -133,44 +126,38 @@ int pkcs11_ecdh_derive_internal(unsigned char **out, size_t *outlen,
err:
if (buf)
OPENSSL_free(buf);
- if (newkey != CK_INVALID_HANDLE && session != CK_INVALID_HANDLE)
- CRYPTOKI_call(ctx, C_DestroyObject(session, newkey));
-
+ if (newkey != CK_INVALID_HANDLE && spriv->session != CK_INVALID_HANDLE)
+ CRYPTOKI_call(ctx, C_DestroyObject(spriv->session, newkey));
+
return ret;
}
#endif
+/* Signature size is the issue, will assume the caller has a big buffer! */
+/* No padding or other stuff needed. We can call PKCS11 from here */
int
PKCS11_ecdsa_sign(const unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, PKCS11_KEY * key)
{
-/* signature size is the issue, will assume caller has a big buffer ! */
-/* No padding or other stuff needed, we can cal PKCS11 from here */
int rv;
- PKCS11_KEY_private *priv;
- PKCS11_SLOT *slot;
- PKCS11_CTX *ctx;
- CK_SESSION_HANDLE session;
+ PKCS11_SLOT *slot = KEY2SLOT(key);
+ PKCS11_CTX *ctx = KEY2CTX(key);
+ PKCS11_KEY_private *kpriv = PRIVKEY(key);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
CK_MECHANISM mechanism;
CK_ULONG ck_sigsize;
- ctx = KEY2CTX(key);
- priv = PRIVKEY(key);
- slot = TOKEN2SLOT(priv->parent);
-
CHECK_KEY_FORK(key);
- session = PRIVSLOT(slot)->session;
-
ck_sigsize = *siglen;
memset(&mechanism, 0, sizeof(mechanism));
mechanism.mechanism = CKM_ECDSA;
pkcs11_w_lock(PRIVSLOT(slot)->lockid);
- rv = CRYPTOKI_call(ctx, C_SignInit(session, &mechanism, priv->object)) ||
+ rv = CRYPTOKI_call(ctx, C_SignInit(spriv->session, &mechanism, kpriv->object)) ||
CRYPTOKI_call(ctx,
- C_Sign(session, (CK_BYTE *) m, m_len, sigret, &ck_sigsize));
+ C_Sign(spriv->session, (CK_BYTE *) m, m_len, sigret, &ck_sigsize));
pkcs11_w_unlock(PRIVSLOT(slot)->lockid);
if (rv) {
@@ -191,9 +178,6 @@ PKCS11_sign(int type, const unsigned char *m, unsigned int m_len,
unsigned char *encoded = NULL;
int sigsize;
- if (key == NULL)
- return 0;
-
CHECK_KEY_FORK(key);
sigsize = PKCS11_get_key_size(key);
@@ -246,56 +230,44 @@ int
PKCS11_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
PKCS11_KEY * key, int padding)
{
- PKCS11_KEY_private *priv;
- PKCS11_SLOT *slot;
- PKCS11_CTX *ctx;
- CK_SESSION_HANDLE session;
+ PKCS11_SLOT *slot = KEY2SLOT(key);
+ PKCS11_CTX *ctx = KEY2CTX(key);
+ PKCS11_KEY_private *kpriv = PRIVKEY(key);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
CK_MECHANISM mechanism;
int rv;
int sigsize;
CK_ULONG ck_sigsize;
- if (key == NULL)
- return -1;
-
- sigsize=PKCS11_get_key_size(key);
- ck_sigsize=sigsize;
+ sigsize = PKCS11_get_key_size(key);
+ ck_sigsize = sigsize;
memset(&mechanism, 0, sizeof(mechanism));
switch (padding) {
-
case RSA_NO_PADDING:
mechanism.mechanism = CKM_RSA_X_509;
break;
-
case RSA_PKCS1_PADDING:
if ((flen + RSA_PKCS1_PADDING_SIZE) > sigsize) {
return -1; /* the size is wrong */
}
mechanism.mechanism = CKM_RSA_PKCS;
break;
-
default:
printf("pkcs11 engine: only RSA_NO_PADDING or RSA_PKCS1_PADDING allowed so far\n");
return -1;
}
- ctx = KEY2CTX(key);
- priv = PRIVKEY(key);
- slot = TOKEN2SLOT(priv->parent);
-
CHECK_KEY_FORK(key);
- session = PRIVSLOT(slot)->session;
-
pkcs11_w_lock(PRIVSLOT(slot)->lockid);
/* API is somewhat fishy here. *siglen is 0 on entry (cleared
* by OpenSSL). The library assumes that the memory passed
* by the caller is always big enough */
- rv = CRYPTOKI_call(ctx, C_SignInit(session, &mechanism, priv->object)) ||
+ rv = CRYPTOKI_call(ctx, C_SignInit(spriv->session, &mechanism, kpriv->object)) ||
CRYPTOKI_call(ctx,
- C_Sign(session, (CK_BYTE *) from, flen, to, &ck_sigsize));
+ C_Sign(spriv->session, (CK_BYTE *) from, flen, to, &ck_sigsize));
pkcs11_w_unlock(PRIVSLOT(slot)->lockid);
if (rv) {
@@ -313,43 +285,33 @@ int
PKCS11_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
PKCS11_KEY * key, int padding)
{
- CK_RV rv;
- PKCS11_KEY_private *priv;
- PKCS11_SLOT *slot;
- PKCS11_CTX *ctx;
- CK_SESSION_HANDLE session;
+ PKCS11_SLOT *slot = KEY2SLOT(key);
+ PKCS11_CTX *ctx = KEY2CTX(key);
+ PKCS11_KEY_private *kpriv = PRIVKEY(key);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
CK_MECHANISM mechanism;
CK_ULONG size = flen;
-
+ CK_RV rv;
+
if (padding != RSA_PKCS1_PADDING) {
printf("pkcs11 engine: only RSA_PKCS1_PADDING allowed so far\n");
return -1;
}
- if (key == NULL)
- return -1;
- /* PKCS11 calls go here */
-
- ctx = KEY2CTX(key);
- priv = PRIVKEY(key);
- slot = TOKEN2SLOT(priv->parent);
CHECK_KEY_FORK(key);
- session = PRIVSLOT(slot)->session;
memset(&mechanism, 0, sizeof(mechanism));
mechanism.mechanism = CKM_RSA_PKCS;
-
pkcs11_w_lock(PRIVSLOT(slot)->lockid);
- rv = CRYPTOKI_call(ctx, C_DecryptInit(session, &mechanism, priv->object)) ||
+ rv = CRYPTOKI_call(ctx, C_DecryptInit(spriv->session, &mechanism, kpriv->object)) ||
CRYPTOKI_call(ctx,
- C_Decrypt(session, (CK_BYTE *) from, (CK_ULONG)flen,
+ C_Decrypt(spriv->session, (CK_BYTE *) from, (CK_ULONG)flen,
(CK_BYTE_PTR)to, &size));
pkcs11_w_unlock(PRIVSLOT(slot)->lockid);
- if (rv) {
+ if (rv)
PKCS11err(PKCS11_F_PKCS11_RSA_DECRYPT, pkcs11_map_err(rv));
- }
return rv ? 0 : size;
}
diff --git a/src/p11_rsa.c b/src/p11_rsa.c
index 63ad15b..395e0f3 100644
--- a/src/p11_rsa.c
+++ b/src/p11_rsa.c
@@ -106,7 +106,6 @@ static EVP_PKEY *pkcs11_get_evp_key_rsa(PKCS11_KEY * key)
/* TODO: Retrieve the RSA private key object attributes instead,
* unless the key has the "sensitive" attribute set */
-
#if OPENSSL_VERSION_NUMBER < 0x01010000L
/* RSA_FLAG_SIGN_VER no longer in OpenSSL 1.1 */
rsa->flags |= RSA_FLAG_SIGN_VER;
@@ -146,7 +145,6 @@ int PKCS11_get_key_size(const PKCS11_KEY * key)
static int pkcs11_rsa_decrypt(int flen, const unsigned char *from,
unsigned char *to, RSA * rsa, int padding)
{
-
return PKCS11_private_decrypt(flen, from, to,
(PKCS11_KEY *) RSA_get_ex_data(rsa, rsa_ex_index), padding);
}
@@ -161,12 +159,12 @@ static int pkcs11_rsa_encrypt(int flen, const unsigned char *from,
static int pkcs11_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, const RSA * rsa)
{
-
return PKCS11_sign(type, m, m_len, sigret, siglen,
(PKCS11_KEY *) RSA_get_ex_data(rsa, rsa_ex_index));
}
-static void alloc_rsa_ex_index() {
+static void alloc_rsa_ex_index()
+{
if (rsa_ex_index == 0) {
while (rsa_ex_index == 0) /* Workaround for OpenSSL RT3710 */
rsa_ex_index = RSA_get_ex_new_index(0, "libp11 rsa",
@@ -176,7 +174,8 @@ static void alloc_rsa_ex_index() {
}
}
-static void free_rsa_ex_index() {
+static void free_rsa_ex_index()
+{
/* CRYPTO_free_ex_index requires OpenSSL version >= 1.1.0-pre1 */
#if OPENSSL_VERSION_NUMBER >= 0x10100001L
if (rsa_ex_index > 0) {
diff --git a/src/p11_slot.c b/src/p11_slot.c
index 1de1a9e..846875f 100644
--- a/src/p11_slot.c
+++ b/src/p11_slot.c
@@ -30,9 +30,9 @@ static void pkcs11_destroy_token(PKCS11_TOKEN *);
unsigned long
PKCS11_get_slotid_from_slot(PKCS11_SLOT *slot)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
- return priv->id;
+ return spriv->id;
}
/*
@@ -48,22 +48,20 @@ PKCS11_enumerate_slots(PKCS11_CTX * ctx, PKCS11_SLOT ** slotp, unsigned int *cou
int
pkcs11_enumerate_slots(PKCS11_CTX * ctx, PKCS11_SLOT ** slotp, unsigned int *countp)
{
- PKCS11_CTX_private *priv;
+ PKCS11_CTX_private *cpriv = PRIVCTX(ctx);
CK_SLOT_ID *slotid;
CK_ULONG nslots, n;
PKCS11_SLOT *slots;
int rv;
- priv = PRIVCTX(ctx);
-
- rv = priv->method->C_GetSlotList(FALSE, NULL_PTR, &nslots);
+ rv = cpriv->method->C_GetSlotList(FALSE, NULL_PTR, &nslots);
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_SLOTS, rv);
slotid = OPENSSL_malloc(nslots * sizeof(CK_SLOT_ID));
if (slotid == NULL)
return -1;
- rv = priv->method->C_GetSlotList(FALSE, slotid, &nslots);
+ rv = cpriv->method->C_GetSlotList(FALSE, slotid, &nslots);
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_SLOTS, rv);
slots = OPENSSL_malloc(nslots * sizeof(PKCS11_SLOT));
@@ -123,25 +121,25 @@ PKCS11_SLOT *PKCS11_find_token(PKCS11_CTX * ctx, PKCS11_SLOT * slots, unsigned
static
int pkcs11_open_session(PKCS11_SLOT * slot, int rw, int relogin)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
PKCS11_CTX *ctx = SLOT2CTX(slot);
int rv;
if (relogin == 0) {
CHECK_SLOT_FORK(slot);
- if (priv->haveSession) {
- CRYPTOKI_call(ctx, C_CloseSession(priv->session));
- priv->haveSession = 0;
+ if (spriv->haveSession) {
+ CRYPTOKI_call(ctx, C_CloseSession(spriv->session));
+ spriv->haveSession = 0;
}
}
rv = CRYPTOKI_call(ctx,
- C_OpenSession(priv->id,
+ C_OpenSession(spriv->id,
CKF_SERIAL_SESSION | (rw ? CKF_RW_SESSION : 0),
- NULL, NULL, &priv->session));
+ NULL, NULL, &spriv->session));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_OPEN_SESSION, rv);
- priv->haveSession = 1;
- priv->prev_rw = rw;
+ spriv->haveSession = 1;
+ spriv->prev_rw = rw;
return 0;
}
@@ -153,16 +151,16 @@ int PKCS11_open_session(PKCS11_SLOT * slot, int rw)
int PKCS11_reopen_session(PKCS11_SLOT * slot)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
PKCS11_CTX *ctx = SLOT2CTX(slot);
int rv;
rv = CRYPTOKI_call(ctx,
- C_OpenSession(priv->id,
- CKF_SERIAL_SESSION | (priv->prev_rw ? CKF_RW_SESSION : 0),
- NULL, NULL, &priv->session));
+ C_OpenSession(spriv->id,
+ CKF_SERIAL_SESSION | (spriv->prev_rw ? CKF_RW_SESSION : 0),
+ NULL, NULL, &spriv->session));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_OPEN_SESSION, rv);
- priv->haveSession = 1;
+ spriv->haveSession = 1;
return 0;
}
@@ -172,23 +170,23 @@ int PKCS11_reopen_session(PKCS11_SLOT * slot)
*/
int PKCS11_is_logged_in(PKCS11_SLOT * slot, int so, int * res)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
- PKCS11_CTX *ctx = priv->parent;
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
CK_SESSION_INFO session_info;
int rv;
- if (priv->loggedIn) {
+ if (spriv->loggedIn) {
*res = 1;
return 0;
}
- if (!priv->haveSession) {
+ if (!spriv->haveSession) {
/* SO gets a r/w session by default,
* user gets a r/o session by default. */
if (PKCS11_open_session(slot, so))
return -1;
}
- rv = CRYPTOKI_call(ctx, C_GetSessionInfo(priv->session, &session_info));
+ rv = CRYPTOKI_call(ctx, C_GetSessionInfo(spriv->session, &session_info));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_GETSESSIONINFO, rv);
if (so) {
*res = session_info.state == CKS_RW_SO_FUNCTIONS;
@@ -205,8 +203,8 @@ int PKCS11_is_logged_in(PKCS11_SLOT * slot, int so, int * res)
static
int pkcs11_login(PKCS11_SLOT * slot, int so, const char *pin, int relogin)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
- PKCS11_CTX *ctx = priv->parent;
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
int rv;
if (relogin == 0) {
@@ -218,13 +216,13 @@ int pkcs11_login(PKCS11_SLOT * slot, int so, const char *pin, int relogin)
pkcs11_destroy_keys(slot->token, CKO_PRIVATE_KEY);
pkcs11_destroy_keys(slot->token, CKO_PUBLIC_KEY);
}
- if (priv->loggedIn) {
+ if (spriv->loggedIn) {
/* already logged in, log out first */
if (PKCS11_logout(slot))
return -1;
}
}
- if (!priv->haveSession) {
+ if (!spriv->haveSession) {
/* SO gets a r/w session by default,
* user gets a r/o session by default. */
if (pkcs11_open_session(slot, so, relogin))
@@ -232,20 +230,20 @@ int pkcs11_login(PKCS11_SLOT * slot, int so, const char *pin, int relogin)
}
rv = CRYPTOKI_call(ctx,
- C_Login(priv->session, so ? CKU_SO : CKU_USER,
+ C_Login(spriv->session, so ? CKU_SO : CKU_USER,
(CK_UTF8CHAR *) pin, pin ? (unsigned long) strlen(pin) : 0));
if (rv && rv != CKR_USER_ALREADY_LOGGED_IN) /* logged in -> OK */
CRYPTOKI_checkerr(PKCS11_F_PKCS11_LOGIN, rv);
- priv->loggedIn = 1;
+ spriv->loggedIn = 1;
- if (priv->prev_pin != pin) {
- if (priv->prev_pin) {
- OPENSSL_cleanse(priv->prev_pin, strlen(priv->prev_pin));
- OPENSSL_free(priv->prev_pin);
+ if (spriv->prev_pin != pin) {
+ if (spriv->prev_pin) {
+ OPENSSL_cleanse(spriv->prev_pin, strlen(spriv->prev_pin));
+ OPENSSL_free(spriv->prev_pin);
}
- priv->prev_pin = BUF_strdup(pin);
+ spriv->prev_pin = BUF_strdup(pin);
}
- priv->prev_so = so;
+ spriv->prev_so = so;
return 0;
}
@@ -261,9 +259,9 @@ int PKCS11_login(PKCS11_SLOT * slot, int so, const char *pin)
int PKCS11_relogin(PKCS11_SLOT * slot)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
- return pkcs11_login(slot, priv->prev_so, priv->prev_pin, 1);
+ return pkcs11_login(slot, spriv->prev_so, spriv->prev_pin, 1);
}
/*
@@ -271,8 +269,8 @@ int PKCS11_relogin(PKCS11_SLOT * slot)
*/
int PKCS11_logout(PKCS11_SLOT * slot)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
- PKCS11_CTX *ctx = priv->parent;
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
int rv;
CHECK_SLOT_FORK(slot);
@@ -283,14 +281,14 @@ int PKCS11_logout(PKCS11_SLOT * slot)
pkcs11_destroy_keys(slot->token, CKO_PRIVATE_KEY);
pkcs11_destroy_keys(slot->token, CKO_PUBLIC_KEY);
}
- if (!priv->haveSession) {
+ if (!spriv->haveSession) {
PKCS11err(PKCS11_F_PKCS11_LOGOUT, PKCS11_NO_SESSION);
return -1;
}
- rv = CRYPTOKI_call(ctx, C_Logout(priv->session));
+ rv = CRYPTOKI_call(ctx, C_Logout(spriv->session));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_LOGOUT, rv);
- priv->loggedIn = 0;
+ spriv->loggedIn = 0;
return 0;
}
@@ -299,8 +297,9 @@ int PKCS11_logout(PKCS11_SLOT * slot)
*/
int PKCS11_init_token(PKCS11_TOKEN * token, const char *pin, const char *label)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(TOKEN2SLOT(token));
- PKCS11_CTX *ctx = priv->parent;
+ PKCS11_SLOT *slot = TOKEN2SLOT(token);
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
int rv;
CHECK_FORK(ctx);
@@ -308,7 +307,7 @@ int PKCS11_init_token(PKCS11_TOKEN * token, const char *pin, const char *label)
if (label == NULL)
label = "PKCS#11 Token";
rv = CRYPTOKI_call(ctx,
- C_InitToken(priv->id,
+ C_InitToken(spriv->id,
(CK_UTF8CHAR *) pin, (unsigned long) strlen(pin),
(CK_UTF8CHAR *) label));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_INIT_TOKEN, rv);
@@ -331,19 +330,20 @@ int PKCS11_init_token(PKCS11_TOKEN * token, const char *pin, const char *label)
*/
int PKCS11_init_pin(PKCS11_TOKEN * token, const char *pin)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(TOKEN2SLOT(token));
- PKCS11_CTX *ctx = priv->parent;
+ PKCS11_SLOT *slot = TOKEN2SLOT(token);
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
int len, rv;
CHECK_FORK(ctx);
- if (!priv->haveSession) {
+ if (!spriv->haveSession) {
PKCS11err(PKCS11_F_PKCS11_INIT_PIN, PKCS11_NO_SESSION);
return -1;
}
len = pin ? (int) strlen(pin) : 0;
- rv = CRYPTOKI_call(ctx, C_InitPIN(priv->session, (CK_UTF8CHAR *) pin, len));
+ rv = CRYPTOKI_call(ctx, C_InitPIN(spriv->session, (CK_UTF8CHAR *) pin, len));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_INIT_PIN, rv);
return pkcs11_check_token(ctx, TOKEN2SLOT(token));
@@ -355,13 +355,13 @@ int PKCS11_init_pin(PKCS11_TOKEN * token, const char *pin)
int PKCS11_change_pin(PKCS11_SLOT * slot, const char *old_pin,
const char *new_pin)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
- PKCS11_CTX *ctx = priv->parent;
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
int old_len, new_len, rv;
CHECK_SLOT_FORK(slot);
- if (!priv->haveSession) {
+ if (!spriv->haveSession) {
PKCS11err(PKCS11_F_PKCS11_CHANGE_PIN, PKCS11_NO_SESSION);
return -1;
}
@@ -369,7 +369,7 @@ int PKCS11_change_pin(PKCS11_SLOT * slot, const char *old_pin,
old_len = old_pin ? (int) strlen(old_pin) : 0;
new_len = new_pin ? (int) strlen(new_pin) : 0;
rv = CRYPTOKI_call(ctx,
- C_SetPIN(priv->session, (CK_UTF8CHAR *) old_pin, old_len,
+ C_SetPIN(spriv->session, (CK_UTF8CHAR *) old_pin, old_len,
(CK_UTF8CHAR *) new_pin, new_len));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_CHANGE_PIN, rv);
@@ -382,19 +382,19 @@ int PKCS11_change_pin(PKCS11_SLOT * slot, const char *old_pin,
int PKCS11_seed_random(PKCS11_SLOT *slot, const unsigned char *s,
unsigned int s_len)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
- PKCS11_CTX *ctx = priv->parent;
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
int rv;
CHECK_SLOT_FORK(slot);
- if (!priv->haveSession && PKCS11_open_session(slot, 0)) {
+ if (!spriv->haveSession && PKCS11_open_session(slot, 0)) {
PKCS11err(PKCS11_F_PKCS11_SEED_RANDOM, PKCS11_NO_SESSION);
return -1;
}
rv = CRYPTOKI_call(ctx,
- C_SeedRandom(priv->session, (CK_BYTE_PTR) s, s_len));
+ C_SeedRandom(spriv->session, (CK_BYTE_PTR) s, s_len));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_SEED_RANDOM, rv);
return pkcs11_check_token(ctx, slot);
@@ -406,19 +406,19 @@ int PKCS11_seed_random(PKCS11_SLOT *slot, const unsigned char *s,
int PKCS11_generate_random(PKCS11_SLOT *slot, unsigned char *r,
unsigned int r_len)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
- PKCS11_CTX *ctx = priv->parent;
+ PKCS11_CTX *ctx = SLOT2CTX(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
int rv;
CHECK_SLOT_FORK(slot);
- if (!priv->haveSession && PKCS11_open_session(slot, 0)) {
+ if (!spriv->haveSession && PKCS11_open_session(slot, 0)) {
PKCS11err(PKCS11_F_PKCS11_GENERATE_RANDOM, PKCS11_NO_SESSION);
return -1;
}
rv = CRYPTOKI_call(ctx,
- C_GenerateRandom(priv->session, (CK_BYTE_PTR) r, r_len));
+ C_GenerateRandom(spriv->session, (CK_BYTE_PTR) r, r_len));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_GENERATE_RANDOM, rv);
return pkcs11_check_token(ctx, slot);
@@ -429,30 +429,30 @@ int PKCS11_generate_random(PKCS11_SLOT *slot, unsigned char *r,
*/
static int pkcs11_init_slot(PKCS11_CTX * ctx, PKCS11_SLOT * slot, CK_SLOT_ID id)
{
- PKCS11_SLOT_private *priv;
+ PKCS11_SLOT_private *spriv;
CK_SLOT_INFO info;
int rv;
rv = CRYPTOKI_call(ctx, C_GetSlotInfo(id, &info));
CRYPTOKI_checkerr(PKCS11_F_PKCS11_ENUM_SLOTS, rv);
- priv = OPENSSL_malloc(sizeof(PKCS11_SLOT_private));
- if (priv == NULL)
+ spriv = OPENSSL_malloc(sizeof(PKCS11_SLOT_private));
+ if (spriv == NULL)
return -1;
- memset(priv, 0, sizeof(PKCS11_SLOT_private));
+ memset(spriv, 0, sizeof(PKCS11_SLOT_private));
- priv->parent = ctx;
- priv->id = id;
- priv->forkid = PRIVCTX(ctx)->forkid;
- priv->prev_rw = 0;
- priv->prev_pin = NULL;
- priv->prev_so = 0;
- priv->lockid = pkcs11_get_new_dynlockid();
+ spriv->parent = ctx;
+ spriv->id = id;
+ spriv->forkid = PRIVCTX(ctx)->forkid;
+ spriv->prev_rw = 0;
+ spriv->prev_pin = NULL;
+ spriv->prev_so = 0;
+ spriv->lockid = pkcs11_get_new_dynlockid();
slot->description = PKCS11_DUP(info.slotDescription);
slot->manufacturer = PKCS11_DUP(info.manufacturerID);
slot->removable = (info.flags & CKF_REMOVABLE_DEVICE) ? 1 : 0;
- slot->_private = priv;
+ slot->_private = spriv;
if ((info.flags & CKF_TOKEN_PRESENT) && pkcs11_check_token(ctx, slot))
return -1;
@@ -471,15 +471,15 @@ void PKCS11_release_all_slots(PKCS11_CTX * ctx, PKCS11_SLOT *slots, unsigned in
void pkcs11_release_slot(PKCS11_CTX * ctx, PKCS11_SLOT * slot)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
- if (priv) {
- if (priv->prev_pin) {
- OPENSSL_cleanse(priv->prev_pin, strlen(priv->prev_pin));
- OPENSSL_free(priv->prev_pin);
+ if (spriv) {
+ if (spriv->prev_pin) {
+ OPENSSL_cleanse(spriv->prev_pin, strlen(spriv->prev_pin));
+ OPENSSL_free(spriv->prev_pin);
}
- pkcs11_destroy_dynlockid(priv->lockid);
- CRYPTOKI_call(ctx, C_CloseAllSessions(priv->id));
+ pkcs11_destroy_dynlockid(spriv->lockid);
+ CRYPTOKI_call(ctx, C_CloseAllSessions(spriv->id));
}
OPENSSL_free(slot->_private);
OPENSSL_free(slot->description);
@@ -494,7 +494,7 @@ void pkcs11_release_slot(PKCS11_CTX * ctx, PKCS11_SLOT * slot)
static int pkcs11_check_token(PKCS11_CTX * ctx, PKCS11_SLOT * slot)
{
- PKCS11_SLOT_private *priv = PRIVSLOT(slot);
+ PKCS11_SLOT_private *spriv = PRIVSLOT(slot);
PKCS11_TOKEN_private *tpriv;
CK_TOKEN_INFO info;
int rv;
@@ -508,7 +508,7 @@ static int pkcs11_check_token(PKCS11_CTX * ctx, PKCS11_SLOT * slot)
memset(slot->token, 0, sizeof(PKCS11_TOKEN));
}
- rv = CRYPTOKI_call(ctx, C_GetTokenInfo(priv->id, &info));
+ rv = CRYPTOKI_call(ctx, C_GetTokenInfo(spriv->id, &info));
if (rv == CKR_TOKEN_NOT_PRESENT || rv == CKR_TOKEN_NOT_RECOGNIZED) {
OPENSSL_free(slot->token);
slot->token = NULL;
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git
More information about the pkg-opensc-commit
mailing list