TclPKCS11

Diff
Login
Home Timeline Files Branches Tags Tickets Wiki Login
Annotate Patch Unified Diff

Differences From Artifact [35dd087458]:

To Artifact [5a54b809c1]:

1


2
3
4
5
6
7
8
9
10
11
12
13
14

15
16
17

18
19
20
21
22
23
24
25
26
27
28


29
30
31

32







33

34
35



36


37









38

#! /usr/bin/env tclsh



set pkcs11_module "/usr/local/lib/libcackey_g.so"

load tclpkcs11.so Tclpkcs11

set handle [::pki::pkcs11::loadmodule $pkcs11_module]
puts "Handle: $handle"

set slots [::pki::pkcs11::listslots $handle]
puts "Slots: $slots"

foreach slotinfo $slots {
	set slotid [lindex $slotinfo 0]

	set slotflags [lindex $slotinfo 1]

	if {[lsearch -exact $slotflags TOKEN_PRESENT] != -1} {

		set token_slotid $slotid
	}
}

if {![info exists token_slotid]} {
	puts stderr "Found no slots with tokens, aborting."

	exit 1
}

set certs [::pki::pkcs11::listcerts $handle $token_slotid]


foreach certinfo $certs {
	set certid [lindex $certinfo 0]
	set cert [lindex $certinfo 1]

}









#::pki::pkcs11::login <handle> <slot> <password>            -> true/false
#::pki::pkcs11::logout <handle> <slot>                      -> true/false



#::pki::pkcs11::sign <handle> <slot> <certId> <data>        -> data


#::pki::pkcs11::decrypt <handle> <slot> <certId> <data>     -> data









#::pki::pkcs11::unloadmoule <handle>                        -> true/false


>
>













>
|


>











>
>

|
|
>
|
>
>
>
>
>
>
>

>
|
|
>
>
>
|
>
>
|
>
>
>
>
>
>
>
>
>
|

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

#! /usr/bin/env tclsh

lappend auto_path [file join [pwd] work lib]

set pkcs11_module "/usr/local/lib/libcackey_g.so"

load tclpkcs11.so Tclpkcs11

set handle [::pki::pkcs11::loadmodule $pkcs11_module]
puts "Handle: $handle"

set slots [::pki::pkcs11::listslots $handle]
puts "Slots: $slots"

foreach slotinfo $slots {
	set slotid [lindex $slotinfo 0]
	set slotlabel [lindex $slotinfo 1]
	set slotflags [lindex $slotinfo 2]

	if {[lsearch -exact $slotflags TOKEN_PRESENT] != -1} {
		set token_slotlabel $slotlabel
		set token_slotid $slotid
	}
}

if {![info exists token_slotid]} {
	puts stderr "Found no slots with tokens, aborting."

	exit 1
}

set certs [::pki::pkcs11::listcerts $handle $token_slotid]
puts "Found [llength $certs] certificates"
set orig "TestMsg"
foreach certinfo $certs {
	puts "Cert: $certinfo"

	set cipher [pki::encrypt -binary -pub $orig $certinfo]

	if {[catch {
		set plain  [pki::decrypt -binary -priv $cipher $certinfo]
	} err]} {
		if {$err == "PKCS11_ERROR USER_NOT_LOGGED_IN"} {
			# Login and try it again...
			puts -nonewline " *** ENTER PIN: "
			flush stdout

			gets stdin password
			::pki::pkcs11::login $handle $token_slotid $password

			set plain  [pki::decrypt -binary -priv $cipher $certinfo]
		}
	}

	if {$plain != $orig} {
		puts "Decryption error!  Expected \"$orig\", got \"$plain\""

		exit
	}

	set cipher [pki::encrypt -binary -priv $orig $certinfo]
	set plain  [pki::decrypt -binary -pub $cipher $certinfo]

	puts "Got Match!"
}

::pki::pkcs11::unloadmodule $handle
This page was generated in about 0.011s by Fossil 2.22 [66ee0beb9b] 2023-05-31 15:26:08