[PATCH] display_more_attr_pkcs11.patch

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] display_more_attr_pkcs11.patch

Marc Bevand
This patch adds more PKCS#11 CKA_* attributes, the main advantage is
that pkcs11-spy can display them. Moreover all unknown attributes are
now displayed using an hexadecimal form.

Nils, can you apply it please ?

--
Marc Bevand                              http://epita.fr/~bevand_m
Computer Science School EPITA - System, Network and Security Dept.

This patch adds more PKCS#11 CKA_* attributes, the main advantage is
that pkcs11-spy can display them. Moreover all unknown attributes are
now displayed using an hexadecimal form.


Index: src/pkcs11/rsaref/pkcs11t.h
===================================================================
--- src/pkcs11/rsaref/pkcs11t.h (revision 2384)
+++ src/pkcs11/rsaref/pkcs11t.h (working copy)
@@ -237,6 +237,11 @@
  * expired by the card. */
 #define CKF_SO_PIN_TO_BE_CHANGED     0x00800000
 
+/* Any attribute whose value is an array of attributes is
+ * identifiable by virtue of the attribute type having the
+ * CKF_ARRAY_ATTRIBUTE bit set. */
+#define CKF_ARRAY_ATTRIBUTE          0x40000000
+
 typedef CK_TOKEN_INFO CK_PTR CK_TOKEN_INFO_PTR;
 
 
@@ -409,6 +414,12 @@
 /* CKA_TRUSTED is new for v2.11 */
 #define CKA_TRUSTED            0x00000086
 
+#define CKA_CERTIFICATE_CATEGORY       0x00000087
+#define CKA_JAVA_MIDP_SECURITY_DOMAIN  0x00000088
+#define CKA_URL                        0x00000089
+#define CKA_HASH_OF_SUBJECT_PUBLIC_KEY 0x0000008a
+#define CKA_HASH_OF_ISSUER_PUBLIC_KEY  0x0000008b
+#define CKA_CHECK_VALUE                0x00000090
 #define CKA_KEY_TYPE           0x00000100
 #define CKA_SUBJECT            0x00000101
 #define CKA_ID                 0x00000102
@@ -469,9 +480,28 @@
  * are new for v2.10 */
 #define CKA_SECONDARY_AUTH     0x00000200
 #define CKA_AUTH_PIN_FLAGS     0x00000201
+#define CKA_ALWAYS_AUTHENTICATE        0x00000202
+#define CKA_WRAP_WITH_TRUSTED          0x00000210
+#define CKA_WRAP_TEMPLATE              (CKF_ARRAY_ATTRIBUTE|0x00000211)
+#define CKA_UNWRAP_TEMPLATE            (CKF_ARRAY_ATTRIBUTE|0x00000212)
 #define CKA_HW_FEATURE_TYPE    0x00000300
 #define CKA_RESET_ON_INIT      0x00000301
 #define CKA_HAS_RESET          0x00000302
+#define CKA_PIXEL_X                    0x00000400
+#define CKA_PIXEL_Y                    0x00000401
+#define CKA_RESOLUTION                 0x00000402
+#define CKA_CHAR_ROWS                  0x00000403
+#define CKA_CHAR_COLUMNS               0x00000404
+#define CKA_COLOR                      0x00000405
+#define CKA_BITS_PER_PIXEL             0x00000406
+#define CKA_CHAR_SETS                  0x00000480
+#define CKA_ENCODING_METHODS           0x00000481
+#define CKA_MIME_TYPES                 0x00000482
+#define CKA_MECHANISM_TYPE             0x00000500
+#define CKA_REQUIRED_CMS_ATTRIBUTES    0x00000501
+#define CKA_DEFAULT_CMS_ATTRIBUTES     0x00000502
+#define CKA_SUPPORTED_CMS_ATTRIBUTES   0x00000503
+#define CKA_ALLOWED_MECHANISMS         (CKF_ARRAY_ATTRIBUTE|0x00000600)
 
 #define CKA_VENDOR_DEFINED     0x80000000
 
Index: src/pkcs11/pkcs11-display.c
===================================================================
--- src/pkcs11/pkcs11-display.c (revision 2384)
+++ src/pkcs11/pkcs11-display.c (working copy)
@@ -485,6 +485,12 @@
   { CKA_OWNER             , "CKA_OWNER            ", print_generic, NULL },
   { CKA_ATTR_TYPES        , "CKA_ATTR_TYPES       ", print_generic, NULL },
   { CKA_TRUSTED           , "CKA_TRUSTED          ", print_generic, NULL },
+  { CKA_CERTIFICATE_CATEGORY, "CKA_CERTIFICATE_CATEGORY ", print_generic, NULL },
+  { CKA_JAVA_MIDP_SECURITY_DOMAIN, "CKA_JAVA_MIDP_SECURITY_DOMAIN ", print_generic, NULL },
+  { CKA_URL               , "CKA_URL              ", print_generic, NULL },
+  { CKA_HASH_OF_SUBJECT_PUBLIC_KEY, "CKA_HASH_OF_SUBJECT_PUBLIC_KEY ", print_generic, NULL },
+  { CKA_HASH_OF_ISSUER_PUBLIC_KEY, "CKA_HASH_OF_ISSUER_PUBLIC_KEY ", print_generic, NULL },
+  { CKA_CHECK_VALUE       , "CKA_CHECK_VALUE      ", print_generic, NULL },
   { CKA_KEY_TYPE          , "CKA_KEY_TYPE         ", print_enum,    ck_key_t },
 #ifdef HAVE_OPENSSL
   { CKA_SUBJECT           , "CKA_SUBJECT          ", print_dn,      NULL },
@@ -526,13 +532,33 @@
   { CKA_ALWAYS_SENSITIVE  , "CKA_ALWAYS_SENSITIVE ", print_boolean, NULL },
   { CKA_KEY_GEN_MECHANISM , "CKA_KEY_GEN_MECHANISM", print_boolean, NULL },
   { CKA_MODIFIABLE        , "CKA_MODIFIABLE       ", print_boolean, NULL },
+  { CKA_ECDSA_PARAMS      , "CKA_ECDSA_PARAMS     ", print_generic, NULL },
   { CKA_EC_PARAMS         , "CKA_EC_PARAMS        ", print_generic, NULL },
   { CKA_EC_POINT          , "CKA_EC_POINT         ", print_generic, NULL },
   { CKA_SECONDARY_AUTH    , "CKA_SECONDARY_AUTH   ", print_generic, NULL },
   { CKA_AUTH_PIN_FLAGS    , "CKA_AUTH_PIN_FLAGS   ", print_generic, NULL },
+  { CKA_ALWAYS_AUTHENTICATE, "CKA_ALWAYS_AUTHENTICATE ", print_generic, NULL },
+  { CKA_WRAP_WITH_TRUSTED , "CKA_WRAP_WITH_TRUSTED ", print_generic, NULL },
+  { CKA_WRAP_TEMPLATE     , "CKA_WRAP_TEMPLATE    ", print_generic, NULL },
+  { CKA_UNWRAP_TEMPLATE   , "CKA_UNWRAP_TEMPLATE  ", print_generic, NULL },
   { CKA_HW_FEATURE_TYPE   , "CKA_HW_FEATURE_TYPE  ", print_generic, NULL },
   { CKA_RESET_ON_INIT     , "CKA_RESET_ON_INIT    ", print_generic, NULL },
-  { CKA_HAS_RESET         , "CKA_HAS_RESET        ", print_generic, NULL }
+  { CKA_HAS_RESET         , "CKA_HAS_RESET        ", print_generic, NULL },
+  { CKA_PIXEL_X           , "CKA_PIXEL_X          ", print_generic, NULL },
+  { CKA_PIXEL_Y           , "CKA_PIXEL_Y          ", print_generic, NULL },
+  { CKA_RESOLUTION        , "CKA_RESOLUTION       ", print_generic, NULL },
+  { CKA_CHAR_ROWS         , "CKA_CHAR_ROWS        ", print_generic, NULL },
+  { CKA_CHAR_COLUMNS      , "CKA_CHAR_COLUMNS     ", print_generic, NULL },
+  { CKA_COLOR             , "CKA_COLOR            ", print_generic, NULL },
+  { CKA_BITS_PER_PIXEL    , "CKA_BITS_PER_PIXEL   ", print_generic, NULL },
+  { CKA_CHAR_SETS         , "CKA_CHAR_SETS        ", print_generic, NULL },
+  { CKA_ENCODING_METHODS  , "CKA_ENCODING_METHODS ", print_generic, NULL },
+  { CKA_MIME_TYPES        , "CKA_MIME_TYPES       ", print_generic, NULL },
+  { CKA_MECHANISM_TYPE    , "CKA_MECHANISM_TYPE   ", print_generic, NULL },
+  { CKA_REQUIRED_CMS_ATTRIBUTES, "CKA_REQUIRED_CMS_ATTRIBUTES ", print_generic, NULL },
+  { CKA_DEFAULT_CMS_ATTRIBUTES, "CKA_DEFAULT_CMS_ATTRIBUTES ", print_generic, NULL },
+  { CKA_SUPPORTED_CMS_ATTRIBUTES, "CKA_SUPPORTED_CMS_ATTRIBUTES ", print_generic, NULL },
+  { CKA_ALLOWED_MECHANISMS, "CKA_ALLOWED_MECHANISMS ", print_generic, NULL },
 };
 
 CK_ULONG ck_attribute_num = sizeof(ck_attribute_specs)/sizeof(type_spec);
@@ -724,9 +750,12 @@
   CK_ULONG  ulCount)
 {
   CK_ULONG j, k;
+  int found;
   for(j = 0; j < ulCount ; j++) {
+    found = 0;
     for(k = 0; k < ck_attribute_num; k++) {
       if(ck_attribute_specs[k].type == pTemplate[j].type) {
+ found = 1;
  fprintf(f, "    %s ", ck_attribute_specs[k].name);
  if(pTemplate[j].pValue) {
   ck_attribute_specs[k].display
@@ -739,6 +768,10 @@
  k = ck_attribute_num;
       }
     }
+    if (!found) {
+ fprintf(f, "    CKA_? (0x%08lx)    ", pTemplate[j].type);
+ fprintf(f, "has size %ld\n", pTemplate[j].ulValueLen);
+    }
   }
 }
 
@@ -746,14 +779,21 @@
       CK_ULONG  ulCount)
 {
   CK_ULONG j, k;
+  int found;
   for(j = 0; j < ulCount ; j++) {
+    found = 0;
     for(k = 0; k < ck_attribute_num; k++) {
       if(ck_attribute_specs[k].type == pTemplate[j].type) {
+ found = 1;
  fprintf(f, "    %s ", ck_attribute_specs[k].name);
  fprintf(f, "requested with %ld buffer\n", pTemplate[j].ulValueLen);
  k = ck_attribute_num;
       }
     }
+    if (!found) {
+ fprintf(f, "    CKA_? (0x%08lx)    ", pTemplate[j].type);
+ fprintf(f, "requested with %ld buffer\n", pTemplate[j].ulValueLen);
+    }
   }
 }

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] display_more_attr_pkcs11.patch

Nils Larsch
Marc Bevand wrote:
> This patch adds more PKCS#11 CKA_* attributes, the main advantage is
> that pkcs11-spy can display them. Moreover all unknown attributes are
> now displayed using an hexadecimal form.
>
> Nils, can you apply it please ?

sure, done. Please test.

Nils
_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel