Overview
Comment: | Added SetPIN support |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
658145fe856b1a4e2c68d7840fda98f6 |
User & Date: | rkeene on 2015-09-14 10:11:37 |
Other Links: | manifest | tags |
Context
2015-10-05
| ||
10:56 | Updated to increase the reference count before calling Tcl_LoadFile(), which seems to be required check-in: 9a3f1ea155 user: rkeene tags: trunk | |
2015-09-14
| ||
10:11 | Added SetPIN support check-in: 658145fe85 user: rkeene tags: trunk | |
2014-01-07
| ||
00:02 | Updated to clean-up handles if unable to load (rare memory leak) check-in: 4ea7b9090a user: rkeene tags: trunk | |
Changes
Modified tclpkcs11.c from [8d34754bf9] to [755f362790].
︙ | |||
1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 | 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656 1657 1658 1659 | + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + | MODULE_SCOPE int tclpkcs11_encrypt(ClientData cd, Tcl_Interp *interp, int objc, Tcl_Obj *CONST objv[]) { return(tclpkcs11_perform_pki(1, cd, interp, objc, objv)); } MODULE_SCOPE int tclpkcs11_decrypt(ClientData cd, Tcl_Interp *interp, int objc, Tcl_Obj *CONST objv[]) { return(tclpkcs11_perform_pki(0, cd, interp, objc, objv)); } MODULE_SCOPE int tclpkcs11_setpin(ClientData cd, Tcl_Interp *interp, int objc, Tcl_Obj *CONST objv[]) { struct tclpkcs11_interpdata *interpdata; struct tclpkcs11_handle *handle; Tcl_HashEntry *tcl_handle_entry; Tcl_Obj *tcl_handle, *tcl_slotid, *tcl_oldpassword, *tcl_newpassword; long slotid_long; char *oldpassword, *newpassword; int oldpassword_len, newpassword_len; int tcl_rv; CK_SLOT_ID slotid; CK_RV chk_rv; if (!cd) { Tcl_SetObjResult(interp, Tcl_NewStringObj("invalid clientdata", -1)); return(TCL_ERROR); } if (objc != 5) { Tcl_SetObjResult(interp, Tcl_NewStringObj("wrong # args: should be \"pki::pkcs11::setpin handle slot oldpassword newpassword\"", -1)); return(TCL_ERROR); } tcl_handle = objv[1]; tcl_slotid = objv[2]; tcl_oldpassword = objv[3]; tcl_newpassword = objv[4]; interpdata = (struct tclpkcs11_interpdata *) cd; tcl_handle_entry = Tcl_FindHashEntry(&interpdata->handles, (const char *) tcl_handle); if (!tcl_handle_entry) { Tcl_SetObjResult(interp, Tcl_NewStringObj("invalid handle", -1)); return(TCL_ERROR); } handle = (struct tclpkcs11_handle *) Tcl_GetHashValue(tcl_handle_entry); if (!handle) { Tcl_SetObjResult(interp, Tcl_NewStringObj("invalid handle", -1)); return(TCL_ERROR); } tcl_rv = Tcl_GetLongFromObj(interp, tcl_slotid, &slotid_long); if (tcl_rv != TCL_OK) { return(tcl_rv); } slotid = slotid_long; chk_rv = tclpkcs11_start_session(handle, slotid); if (chk_rv != CKR_OK) { Tcl_SetObjResult(interp, tclpkcs11_pkcs11_error(chk_rv)); return(TCL_ERROR); } oldpassword = Tcl_GetStringFromObj(tcl_oldpassword, &oldpassword_len); newpassword = Tcl_GetStringFromObj(tcl_newpassword, &newpassword_len); chk_rv = handle->pkcs11->C_SetPIN(handle->session, (CK_UTF8CHAR_PTR) oldpassword, oldpassword_len, (CK_UTF8CHAR_PTR) newpassword, newpassword_len); switch (chk_rv) { case CKR_OK: case CKR_USER_ALREADY_LOGGED_IN: Tcl_SetObjResult(interp, Tcl_NewBooleanObj(1)); break; case CKR_PIN_INCORRECT: Tcl_SetObjResult(interp, Tcl_NewBooleanObj(0)); break; default: Tcl_SetObjResult(interp, tclpkcs11_pkcs11_error(chk_rv)); return(TCL_ERROR); } return(TCL_OK); } MODULE_SCOPE void tclpkcs11_unloadall(ClientData cd) { struct tclpkcs11_interpdata *interpdata; struct tclpkcs11_handle *handle; Tcl_HashEntry *tcl_handle_entry; Tcl_HashSearch search; |
︙ | |||
1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 | 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 | + + + + + | return(TCL_ERROR); } tclCreatComm_ret = Tcl_CreateObjCommand(interp, "pki::pkcs11::decrypt", tclpkcs11_decrypt, interpdata, NULL); if (!tclCreatComm_ret) { return(TCL_ERROR); } tclCreatComm_ret = Tcl_CreateObjCommand(interp, "pki::pkcs11::setpin", tclpkcs11_setpin, interpdata, NULL); if (!tclCreatComm_ret) { return(TCL_ERROR); } /* Create an exit handler to unload and close all PKCS#11 modules */ Tcl_CreateExitHandler(tclpkcs11_unloadall, interpdata); /* Register PKI handlers */ Tcl_ObjSetVar2(interp, Tcl_NewStringObj("pki::handlers", -1), |
︙ |
Modified usage.txt from [6fe644f73c] to [d81f14eb4c].
1 2 3 4 5 6 7 8 9 10 11 | 1 2 3 4 5 6 7 8 9 10 11 12 | + | ::pki::pkcs11::loadmodule <filename> -> handle ::pki::pkcs11::unloadmodule <handle> -> true/false ::pki::pkcs11::listslots <handle> -> list: slotId label flags ::pki::pkcs11::listcerts <handle> <slotId> -> list: keylist ::pki::pkcs11::encrypt <mode> <input> <keylist> -> data ::pki::pkcs11::decrypt <mode> <input> <keylist> -> data ::pki::pkcs11::login <handle> <slotId> <password> -> true/false ::pki::pkcs11::logout <handle> <slotId> -> true/false ::pki::pkcs11::setpin <handle> <slotId> <oldPass> <newPass> -> true/false # Future ::pki::pkcs11::listobjects <handle> <slotId> -> list: .... |