Annotation of src/external/mpl/bind/dist/bin/pkcs11/pkcs11-list.c, Revision 1.1.1.5
1.1 christos 1: /* $NetBSD$ */
2:
3: /*
4: * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
5: *
1.1.1.5 ! christos 6: * SPDX-License-Identifier: MPL-2.0
! 7: *
1.1 christos 8: * This Source Code Form is subject to the terms of the Mozilla Public
1.1.1.5 ! christos 9: * License, v. 2.0. If a copy of the MPL was not distributed with this
1.1.1.4 christos 10: * file, you can obtain one at https://mozilla.org/MPL/2.0/.
1.1 christos 11: *
12: * See the COPYRIGHT file distributed with this work for additional
13: * information regarding copyright ownership.
14: */
15:
16: /*
17: * Portions copyright (c) 2008 Nominet UK. All rights reserved.
18: *
19: * Redistribution and use in source and binary forms, with or without
20: * modification, are permitted provided that the following conditions
21: * are met:
22: * 1. Redistributions of source code must retain the above copyright
23: * notice, this list of conditions and the following disclaimer.
24: * 2. Redistributions in binary form must reproduce the above copyright
25: * notice, this list of conditions and the following disclaimer in the
26: * documentation and/or other materials provided with the distribution.
27: *
28: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
29: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
30: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
31: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
32: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
33: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
34: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
35: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
36: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
37: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
38: */
39:
40: /* pkcs11-list [-P] [-m module] [-s slot] [-i $id | -l $label] [-p $pin] */
41:
42: /*! \file */
43:
1.1.1.3 christos 44: #include <errno.h>
45: #include <fcntl.h>
1.1.1.2 christos 46: #include <stdbool.h>
1.1.1.3 christos 47: #include <stdio.h>
1.1 christos 48: #include <stdlib.h>
49: #include <string.h>
50: #include <sys/types.h>
51:
52: #include <isc/commandline.h>
53: #include <isc/print.h>
54: #include <isc/result.h>
55: #include <isc/types.h>
56:
57: #include <pk11/pk11.h>
58: #include <pk11/result.h>
59:
60: int
61: main(int argc, char *argv[]) {
62: isc_result_t result;
63: CK_RV rv;
64: CK_SLOT_ID slot = 0;
65: CK_SESSION_HANDLE hSession;
66: CK_BYTE attr_id[2];
67: CK_OBJECT_HANDLE akey[50];
68: pk11_context_t pctx;
69: char *lib_name = NULL;
70: char *label = NULL;
71: char *pin = NULL;
1.1.1.2 christos 72: bool error = false, logon = true, all = false;
1.1 christos 73: unsigned int i = 0, id = 0;
74: int c, errflg = 0;
75: CK_ULONG ulObjectCount;
1.1.1.3 christos 76: CK_ATTRIBUTE search_template[] = { { CKA_ID, &attr_id,
77: sizeof(attr_id) } };
1.1 christos 78:
79: while ((c = isc_commandline_parse(argc, argv, ":m:s:i:l:p:P")) != -1) {
80: switch (c) {
81: case 'P':
1.1.1.2 christos 82: logon = false;
1.1 christos 83: break;
84: case 'm':
85: lib_name = isc_commandline_argument;
86: break;
87: case 's':
88: slot = atoi(isc_commandline_argument);
89: break;
90: case 'i':
91: id = atoi(isc_commandline_argument);
92: id &= 0xffff;
93: break;
94: case 'l':
95: label = isc_commandline_argument;
96: break;
97: case 'p':
98: pin = isc_commandline_argument;
99: break;
100: case ':':
101: fprintf(stderr, "Option -%c requires an operand\n",
102: isc_commandline_option);
103: errflg++;
104: break;
105: case '?':
106: default:
107: fprintf(stderr, "Unrecognised option: -%c\n",
108: isc_commandline_option);
109: errflg++;
110: }
111: }
112:
113: if (errflg) {
114: fprintf(stderr, "Usage:\n");
115: fprintf(stderr, "\tpkcs11-list [-P] [-m module] [-s slot] "
116: "[-i id | -l label] [-p pin]\n");
117: exit(1);
118: }
119:
1.1.1.3 christos 120: if (!id && (label == NULL)) {
1.1.1.2 christos 121: all = true;
1.1.1.3 christos 122: }
1.1 christos 123:
1.1.1.3 christos 124: if (slot) {
1.1 christos 125: printf("slot %lu\n", slot);
1.1.1.3 christos 126: }
1.1 christos 127:
128: if (id) {
129: printf("id %u\n", id);
130: attr_id[0] = (id >> 8) & 0xff;
131: attr_id[1] = id & 0xff;
132: } else if (label != NULL) {
133: printf("label %s\n", label);
134: search_template[0].type = CKA_LABEL;
135: search_template[0].pValue = label;
136: search_template[0].ulValueLen = strlen(label);
137: }
138:
139: pk11_result_register();
140:
141: /* Initialize the CRYPTOKI library */
1.1.1.3 christos 142: if (lib_name != NULL) {
1.1 christos 143: pk11_set_lib_name(lib_name);
1.1.1.3 christos 144: }
1.1 christos 145:
1.1.1.2 christos 146: if (logon && pin == NULL) {
147: pin = getpass("Enter Pin: ");
148: }
1.1 christos 149:
1.1.1.3 christos 150: result = pk11_get_session(&pctx, OP_ANY, false, false, logon, pin,
151: slot);
1.1 christos 152: if (result == PK11_R_NORANDOMSERVICE ||
1.1.1.3 christos 153: result == PK11_R_NODIGESTSERVICE || result == PK11_R_NOAESSERVICE)
154: {
1.1 christos 155: fprintf(stderr, "Warning: %s\n", isc_result_totext(result));
156: fprintf(stderr, "This HSM will not work with BIND 9 "
157: "using native PKCS#11.\n");
158: } else if (result != ISC_R_SUCCESS) {
1.1.1.3 christos 159: fprintf(stderr,
160: "Unrecoverable error initializing "
161: "PKCS#11: %s\n",
162: isc_result_totext(result));
163: fprintf(stderr,
164: "Unrecoverable error initializing "
165: "PKCS#11: %s\n",
166: isc_result_totext(result));
1.1 christos 167: exit(1);
168: }
169:
1.1.1.3 christos 170: if (pin != NULL) {
1.1 christos 171: memset(pin, 0, strlen(pin));
1.1.1.3 christos 172: }
1.1 christos 173:
174: hSession = pctx.session;
175:
176: rv = pkcs_C_FindObjectsInit(hSession, search_template, all ? 0 : 1);
177: if (rv != CKR_OK) {
178: fprintf(stderr, "C_FindObjectsInit: Error = 0x%.8lX\n", rv);
179: error = 1;
180: goto exit_session;
181: }
182:
183: ulObjectCount = 1;
184: while (ulObjectCount) {
185: rv = pkcs_C_FindObjects(hSession, akey, 50, &ulObjectCount);
186: if (rv != CKR_OK) {
1.1.1.3 christos 187: fprintf(stderr, "C_FindObjects: Error = 0x%.8lX\n", rv);
1.1 christos 188: error = 1;
189: goto exit_search;
190: }
191: for (i = 0; i < ulObjectCount; i++) {
192: unsigned int j, len;
193:
194: CK_OBJECT_CLASS oclass = 0;
195: CK_BYTE labelbuf[64 + 1];
196: CK_BYTE idbuf[64];
197: CK_BBOOL extract = TRUE;
198: CK_BBOOL never = FALSE;
199: CK_ATTRIBUTE template[] = {
1.1.1.3 christos 200: { CKA_CLASS, &oclass, sizeof(oclass) },
201: { CKA_LABEL, labelbuf, sizeof(labelbuf) - 1 },
202: { CKA_ID, idbuf, sizeof(idbuf) }
1.1 christos 203: };
204: CK_ATTRIBUTE priv_template[] = {
1.1.1.3 christos 205: { CKA_EXTRACTABLE, &extract, sizeof(extract) },
206: { CKA_NEVER_EXTRACTABLE, &never, sizeof(never) }
1.1 christos 207: };
208:
209: memset(labelbuf, 0, sizeof(labelbuf));
210: memset(idbuf, 0, sizeof(idbuf));
211:
212: rv = pkcs_C_GetAttributeValue(hSession, akey[i],
1.1.1.3 christos 213: template, 3);
1.1 christos 214: if (rv != CKR_OK) {
215: fprintf(stderr,
216: "C_GetAttributeValue[%u]: "
217: "rv = 0x%.8lX\n",
218: i, rv);
1.1.1.3 christos 219: if (rv == CKR_BUFFER_TOO_SMALL) {
1.1 christos 220: fprintf(stderr,
221: "%u too small: %lu %lu %lu\n",
1.1.1.3 christos 222: i, template[0].ulValueLen,
1.1 christos 223: template[1].ulValueLen,
224: template[2].ulValueLen);
1.1.1.3 christos 225: }
1.1 christos 226: error = 1;
227: continue;
228: }
229:
230: len = template[2].ulValueLen;
231: printf("object[%u]: handle %lu class %lu "
232: "label[%lu] '%s' id[%lu] ",
1.1.1.3 christos 233: i, akey[i], oclass, template[1].ulValueLen,
234: labelbuf, template[2].ulValueLen);
1.1 christos 235: if (len == 2) {
236: id = (idbuf[0] << 8) & 0xff00;
237: id |= idbuf[1] & 0xff;
238: printf("%u", id);
239: } else {
1.1.1.3 christos 240: if (len > 8) {
1.1 christos 241: len = 8;
1.1.1.3 christos 242: }
243: if (len > 0) {
1.1 christos 244: printf("0x");
1.1.1.3 christos 245: }
1.1.1.5 ! christos 246: for (j = 0; j < len; j++) {
1.1 christos 247: printf("%02x", idbuf[j]);
1.1.1.5 ! christos 248: }
1.1.1.3 christos 249: if (template[2].ulValueLen > len) {
1.1 christos 250: printf("...");
1.1.1.3 christos 251: }
1.1 christos 252: }
253: if ((oclass == CKO_PRIVATE_KEY ||
254: oclass == CKO_SECRET_KEY) &&
255: pkcs_C_GetAttributeValue(hSession, akey[i],
1.1.1.3 christos 256: priv_template,
257: 2) == CKR_OK)
258: {
1.1 christos 259: printf(" E:%s",
1.1.1.3 christos 260: extract ? "true"
261: : (never ? "never" : "false"));
1.1 christos 262: }
263: printf("\n");
264: }
265: }
266:
1.1.1.3 christos 267: exit_search:
1.1 christos 268: rv = pkcs_C_FindObjectsFinal(hSession);
269: if (rv != CKR_OK) {
270: fprintf(stderr, "C_FindObjectsFinal: Error = 0x%.8lX\n", rv);
271: error = 1;
272: }
273:
1.1.1.3 christos 274: exit_session:
1.1 christos 275: pk11_return_session(&pctx);
1.1.1.3 christos 276: (void)pk11_finalize();
1.1 christos 277:
278: exit(error);
279: }
CVSweb <webmaster@jp.NetBSD.org>