[pkg-opensc-commit] [opensc] 195/295: pkcs11-tool: Add feature to get random data. (#995)
Eric Dorland
eric at moszumanska.debian.org
Sat Jun 24 21:11:31 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository opensc.
commit c77cb511d90e2f6ad44949b27f4d360f72750471
Author: Christoph Müllner <christophm30 at gmail.com>
Date: Mon Mar 27 10:52:38 2017 +0200
pkcs11-tool: Add feature to get random data. (#995)
* pkcs11-tool: Add feature to get random data.
Getting random data is an essential part of the PKCS11 API.
This patch provides a new command line parameter to get
random data from the pkcs11-tool.
Tested with a Yubikey (PIV applet) and the following command line:
$ pkcs11-tool --slot=0 --generate-random=128 | hexdump -C
00000000 0c 35 85 2e 85 68 ab ce e8 56 b3 f6 f3 33 e6 37 |.5...h...V...3.7|
00000010 12 10 eb fd 8a 1e 75 b7 3f 4d fa 61 8f ab d8 bf |......u.?M.a....|
00000020 f7 2c 7d ba 07 a5 45 6e a7 85 1c 47 3b 46 01 2c |.,}...En...G;F.,|
00000030 79 18 6e 51 4d c4 ae 20 37 37 1d 7b 7e b0 d5 18 |y.nQM.. 77.{~...|
00000040 ef a4 3c 09 91 68 db dd 2a a8 fc b9 34 06 2a ee |..<..h..*...4.*.|
00000050 5a 86 55 54 11 1f ef 4e 07 73 79 27 0a e4 58 cf |Z.UT...N.sy'..X.|
00000060 f4 bd bc 2f ad 27 b1 a7 a4 fa c7 1a 7b 31 de a3 |.../.'......{1..|
00000070 e8 dc 85 28 18 82 00 45 3c f8 eb 48 a4 20 e4 3b |...(...E<..H. .;|
00000080
Signed-off-by: Christoph Müllner <christophm30 at gmail.com>
* pkcs11-tool: Add documenation for --generate-random.
Signed-off-by: Christoph Müllner <christophm30 at gmail.com>
---
doc/tools/pkcs11-tool.1.xml | 8 ++++++++
src/tools/pkcs11-tool.c | 49 +++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 57 insertions(+)
diff --git a/doc/tools/pkcs11-tool.1.xml b/doc/tools/pkcs11-tool.1.xml
index 5d7f005..471b9b4 100644
--- a/doc/tools/pkcs11-tool.1.xml
+++ b/doc/tools/pkcs11-tool.1.xml
@@ -482,6 +482,14 @@
</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term>
+ <option>--generate-random</option> <replaceable>num</replaceable>
+ </term>
+ <listitem><para>Get <replaceable>num</replaceable> bytes of random data.
+ </para></listitem>
+ </varlistentry>
+
</variablelist>
</para>
</refsect1>
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index c832a8b..6990d14 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -144,6 +144,7 @@ enum {
OPT_DECRYPT,
OPT_TEST_FORK,
OPT_GENERATE_KEY,
+ OPT_GENERATE_RANDOM,
};
static const struct option options[] = {
@@ -206,6 +207,7 @@ static const struct option options[] = {
#ifndef _WIN32
{ "test-fork", 0, NULL, OPT_TEST_FORK },
#endif
+ { "generate-random", 1, NULL, OPT_GENERATE_RANDOM },
{ NULL, 0, NULL, 0 }
};
@@ -270,6 +272,7 @@ static const char *option_help[] = {
#ifndef _WIN32
"Test forking and calling C_Initialize() in the child",
#endif
+ "Generate given amount of random data",
};
static const char * app_name = "pkcs11-tool"; /* for utils.c */
@@ -311,6 +314,7 @@ static int opt_key_usage_decrypt = 0;
static int opt_key_usage_derive = 0;
static int opt_key_usage_default = 1; /* uses defaults if no opt_key_usage options */
static int opt_derive_pass_der = 0;
+static unsigned long opt_random_bytes = 0;
static void *module = NULL;
static CK_FUNCTION_LIST_PTR p11 = NULL;
@@ -413,6 +417,7 @@ static void test_ec(CK_SLOT_ID slot, CK_SESSION_HANDLE session);
#ifndef _WIN32
static void test_fork(void);
#endif
+static void generate_random(CK_SESSION_HANDLE session);
static CK_RV find_object_with_attributes(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE *out,
CK_ATTRIBUTE *attrs, CK_ULONG attrsLen, CK_ULONG obj_index);
static CK_ULONG get_private_key_length(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE prkey);
@@ -455,6 +460,7 @@ int main(int argc, char * argv[])
int do_change_pin = 0;
int do_unlock_pin = 0;
int action_count = 0;
+ int do_generate_random = 0;
CK_RV rv;
#ifdef _WIN32
@@ -747,6 +753,13 @@ int main(int argc, char * argv[])
action_count++;
break;
#endif
+ case OPT_GENERATE_RANDOM:
+ need_session |= NEED_SESSION_RO;
+ opt_random_bytes = strtoul(optarg, NULL, 0);
+ do_generate_random = 1;
+ action_count++;
+ break;
+
default:
util_print_usage_and_die(app_name, options, option_help, NULL);
}
@@ -984,6 +997,11 @@ int main(int argc, char * argv[])
else
test_ec(opt_slot, session);
}
+
+ if (do_generate_random) {
+ generate_random(session);
+ }
+
end:
if (session != CK_INVALID_HANDLE) {
rv = p11->C_CloseSession(session);
@@ -5285,6 +5303,37 @@ static void test_fork(void)
}
#endif
+static void generate_random(CK_SESSION_HANDLE session)
+{
+ CK_RV rv;
+ CK_BYTE *buf;
+ FILE *out;
+
+ buf = malloc(opt_random_bytes);
+ if (!buf)
+ util_fatal("Not enough memory to allocate random data buffer");
+
+ rv = p11->C_GenerateRandom(session, buf, opt_random_bytes);
+ if (rv != CKR_OK)
+ util_fatal("Could not generate random bytes");
+
+ if (opt_output) {
+ out = fopen(opt_output, "wb");
+ if (out==NULL)
+ util_fatal("Cannot open '%s'", opt_output);
+ }
+ else
+ out = stdout;
+
+ if (fwrite(buf, 1, opt_random_bytes, out) != opt_random_bytes)
+ util_fatal("Cannot write to '%s'", opt_output);
+
+ if (opt_output)
+ fclose(out);
+
+ free(buf);
+}
+
static const char *p11_flag_names(struct flag_info *list, CK_FLAGS value)
{
static char buffer[1024];
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git
More information about the pkg-opensc-commit
mailing list