[pkg-opensc-commit] [opensc] 195/295: pkcs11-tool: Add feature to get random data. (#995)

Eric Dorland eric at moszumanska.debian.org
Sat Jun 24 21:11:31 UTC 2017 

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository opensc.

commit c77cb511d90e2f6ad44949b27f4d360f72750471
Author: Christoph Müllner <christophm30 at gmail.com>
Date:   Mon Mar 27 10:52:38 2017 +0200

    pkcs11-tool: Add feature to get random data. (#995)
    
    * pkcs11-tool: Add feature to get random data.
    
    Getting random data is an essential part of the PKCS11 API.
    This patch provides a new command line parameter to get
    random data from the pkcs11-tool.
    
    Tested with a Yubikey (PIV applet) and the following command line:
    
    $ pkcs11-tool --slot=0 --generate-random=128 | hexdump -C
      00000000  0c 35 85 2e 85 68 ab ce  e8 56 b3 f6 f3 33 e6 37  |.5...h...V...3.7|
      00000010  12 10 eb fd 8a 1e 75 b7  3f 4d fa 61 8f ab d8 bf  |......u.?M.a....|
      00000020  f7 2c 7d ba 07 a5 45 6e  a7 85 1c 47 3b 46 01 2c  |.,}...En...G;F.,|
      00000030  79 18 6e 51 4d c4 ae 20  37 37 1d 7b 7e b0 d5 18  |y.nQM.. 77.{~...|
      00000040  ef a4 3c 09 91 68 db dd  2a a8 fc b9 34 06 2a ee  |..<..h..*...4.*.|
      00000050  5a 86 55 54 11 1f ef 4e  07 73 79 27 0a e4 58 cf  |Z.UT...N.sy'..X.|
      00000060  f4 bd bc 2f ad 27 b1 a7  a4 fa c7 1a 7b 31 de a3  |.../.'......{1..|
      00000070  e8 dc 85 28 18 82 00 45  3c f8 eb 48 a4 20 e4 3b  |...(...E<..H. .;|
      00000080
    
    Signed-off-by: Christoph Müllner <christophm30 at gmail.com>
    
    * pkcs11-tool: Add documenation for --generate-random.
    
    Signed-off-by: Christoph Müllner <christophm30 at gmail.com>
---
 doc/tools/pkcs11-tool.1.xml |  8 ++++++++
 src/tools/pkcs11-tool.c     | 49 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 57 insertions(+)

diff --git a/doc/tools/pkcs11-tool.1.xml b/doc/tools/pkcs11-tool.1.xml
index 5d7f005..471b9b4 100644
--- a/doc/tools/pkcs11-tool.1.xml
+++ b/doc/tools/pkcs11-tool.1.xml
@@ -482,6 +482,14 @@
                                         </para></listitem>
 				</varlistentry>
 
+				<varlistentry>
+					<term>
+						<option>--generate-random</option> <replaceable>num</replaceable>
+					</term>
+					<listitem><para>Get <replaceable>num</replaceable> bytes of random data.
+                                        </para></listitem>
+				</varlistentry>
+
 			</variablelist>
 		</para>
 	</refsect1>
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index c832a8b..6990d14 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -144,6 +144,7 @@ enum {
 	OPT_DECRYPT,
 	OPT_TEST_FORK,
 	OPT_GENERATE_KEY,
+	OPT_GENERATE_RANDOM,
 };
 
 static const struct option options[] = {
@@ -206,6 +207,7 @@ static const struct option options[] = {
 #ifndef _WIN32
 	{ "test-fork",		0, NULL,		OPT_TEST_FORK },
 #endif
+	{ "generate-random",	1, NULL,		OPT_GENERATE_RANDOM },
 
 	{ NULL, 0, NULL, 0 }
 };
@@ -270,6 +272,7 @@ static const char *option_help[] = {
 #ifndef _WIN32
 	"Test forking and calling C_Initialize() in the child",
 #endif
+	"Generate given amount of random data",
 };
 
 static const char *	app_name = "pkcs11-tool"; /* for utils.c */
@@ -311,6 +314,7 @@ static int		opt_key_usage_decrypt = 0;
 static int		opt_key_usage_derive = 0;
 static int		opt_key_usage_default = 1; /* uses defaults if no opt_key_usage options */
 static int		opt_derive_pass_der = 0;
+static unsigned long	opt_random_bytes = 0;
 
 static void *module = NULL;
 static CK_FUNCTION_LIST_PTR p11 = NULL;
@@ -413,6 +417,7 @@ static void		test_ec(CK_SLOT_ID slot, CK_SESSION_HANDLE session);
 #ifndef _WIN32
 static void		test_fork(void);
 #endif
+static void		generate_random(CK_SESSION_HANDLE session);
 static CK_RV		find_object_with_attributes(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE *out,
 				CK_ATTRIBUTE *attrs, CK_ULONG attrsLen, CK_ULONG obj_index);
 static CK_ULONG		get_private_key_length(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE prkey);
@@ -455,6 +460,7 @@ int main(int argc, char * argv[])
 	int do_change_pin = 0;
 	int do_unlock_pin = 0;
 	int action_count = 0;
+	int do_generate_random = 0;
 	CK_RV rv;
 
 #ifdef _WIN32
@@ -747,6 +753,13 @@ int main(int argc, char * argv[])
 			action_count++;
 			break;
 #endif
+		case OPT_GENERATE_RANDOM:
+			need_session |= NEED_SESSION_RO;
+			opt_random_bytes = strtoul(optarg, NULL, 0);
+			do_generate_random = 1;
+			action_count++;
+			break;
+
 		default:
 			util_print_usage_and_die(app_name, options, option_help, NULL);
 		}
@@ -984,6 +997,11 @@ int main(int argc, char * argv[])
 		else
 			test_ec(opt_slot, session);
 	}
+
+	if (do_generate_random) {
+		generate_random(session);
+	}
+
 end:
 	if (session != CK_INVALID_HANDLE) {
 		rv = p11->C_CloseSession(session);
@@ -5285,6 +5303,37 @@ static void test_fork(void)
 }
 #endif
 
+static void generate_random(CK_SESSION_HANDLE session)
+{
+	CK_RV rv;
+	CK_BYTE *buf;
+	FILE *out;
+
+	buf = malloc(opt_random_bytes);
+	if (!buf)
+		util_fatal("Not enough memory to allocate random data buffer");
+
+	rv = p11->C_GenerateRandom(session, buf, opt_random_bytes);
+	if (rv != CKR_OK)
+		util_fatal("Could not generate random bytes");
+
+	if (opt_output) {
+		out = fopen(opt_output, "wb");
+		if (out==NULL)
+			util_fatal("Cannot open '%s'", opt_output);
+	}
+	else
+		out = stdout;
+
+	if (fwrite(buf, 1, opt_random_bytes, out) != opt_random_bytes)
+		util_fatal("Cannot write to '%s'", opt_output);
+
+	if (opt_output)
+		fclose(out);
+
+	free(buf);
+}
+
 static const char *p11_flag_names(struct flag_info *list, CK_FLAGS value)
 {
 	static char	buffer[1024];

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git

More information about the pkg-opensc-commit mailing list