diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-09-10 15:36:50 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-09-10 15:36:50 +0200 |
| commit | 976acc75484c5cf08f9d6bd19c45f680b7940d81 (patch) | |
| tree | 06b056cdd2bf26eda3c054581bc1d9dd75d35ae3 | |
| parent | 3b8b975ddbaf0750ec7e92d71fa5e005653d1085 (diff) | |
| download | gnutls-976acc75484c5cf08f9d6bd19c45f680b7940d81.tar.gz | |
Added 3 levels of details in PKCS #11 URLs.
1st level: Token level. Object is unique up to token.
2nd level: Object is unique up to token and module used to access it.
3rd level: Object is unique up to token and module and version of module used to access it.
| -rw-r--r-- | lib/includes/gnutls/pkcs11.h | 12 | ||||
| -rw-r--r-- | lib/pkcs11.c | 18 | ||||
| -rw-r--r-- | lib/pkcs11_int.h | 2 | ||||
| -rw-r--r-- | lib/pkcs11_privkey.c | 2 | ||||
| -rw-r--r-- | src/certtool-gaa.c | 205 | ||||
| -rw-r--r-- | src/certtool-gaa.h | 66 | ||||
| -rw-r--r-- | src/certtool.gaa | 3 | ||||
| -rw-r--r-- | src/pkcs11.c | 2 |
8 files changed, 160 insertions, 150 deletions
diff --git a/lib/includes/gnutls/pkcs11.h b/lib/includes/gnutls/pkcs11.h index dd3eacc418..470fe98a85 100644 --- a/lib/includes/gnutls/pkcs11.h +++ b/lib/includes/gnutls/pkcs11.h @@ -52,9 +52,15 @@ int gnutls_pkcs11_obj_init ( gnutls_pkcs11_obj_t *certificate); #define GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED (1<<1) /* object marked as trusted */ #define GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE (1<<2) /* object marked as sensitive (unexportable) */ +typedef enum { + GNUTLS_PKCS11_URL_GENERIC, /* URL specifies the object on token level */ + GNUTLS_PKCS11_URL_LIB, /* URL specifies the object on module level */ + GNUTLS_PKCS11_URL_LIB_VERSION, /* URL specifies the object on module and version level */ +} gnutls_pkcs11_url_type_t; + int gnutls_pkcs11_obj_import_url (gnutls_pkcs11_obj_t, const char * url, unsigned int flags/* GNUTLS_PKCS11_OBJ_FLAG_* */); -int gnutls_pkcs11_obj_export_url (gnutls_pkcs11_obj_t, int detailed, char** url); +int gnutls_pkcs11_obj_export_url (gnutls_pkcs11_obj_t, gnutls_pkcs11_url_type_t detailed, char** url); void gnutls_pkcs11_obj_deinit ( gnutls_pkcs11_obj_t); int gnutls_pkcs11_obj_export(gnutls_pkcs11_obj_t obj, @@ -111,7 +117,7 @@ typedef enum { GNUTLS_PKCS11_OBJ_DATA, } gnutls_pkcs11_obj_type_t; -int gnutls_pkcs11_token_get_url (unsigned int seq, int detailed, char** url); +int gnutls_pkcs11_token_get_url (unsigned int seq, gnutls_pkcs11_url_type_t detailed, char** url); int gnutls_pkcs11_token_get_info(const char* url, gnutls_pkcs11_token_info_t, void* output, size_t *output_size); #define GNUTLS_PKCS11_TOKEN_HW 1 @@ -156,7 +162,7 @@ int gnutls_pkcs11_privkey_decrypt_data(gnutls_pkcs11_privkey_t key, unsigned int flags, const gnutls_datum_t * ciphertext, gnutls_datum_t * plaintext); -int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key, int detailed, char ** url); +int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key, gnutls_pkcs11_url_type_t detailed, char ** url); /** @} */ diff --git a/lib/pkcs11.c b/lib/pkcs11.c index 5a4a617f34..066793b163 100644 --- a/lib/pkcs11.c +++ b/lib/pkcs11.c @@ -710,7 +710,7 @@ static int append(gnutls_buffer_st * dest, const char *tname, } -int pkcs11_info_to_url(const struct pkcs11_url_info *info, int detailed, char **url) +int pkcs11_info_to_url(const struct pkcs11_url_info *info, gnutls_pkcs11_url_type_t detailed, char **url) { gnutls_buffer_st str; int init = 0; @@ -776,7 +776,7 @@ int pkcs11_info_to_url(const struct pkcs11_url_info *info, int detailed, char ** init = 1; } - if (detailed) { + if (detailed > GNUTLS_PKCS11_URL_GENERIC) { if (info->lib_manufacturer[0]) { ret = append(&str, info->lib_manufacturer, "library-manufacturer", init); if (ret < 0) { @@ -786,17 +786,19 @@ int pkcs11_info_to_url(const struct pkcs11_url_info *info, int detailed, char ** init = 1; } - if (info->lib_version[0]) { - ret = append(&str, info->lib_version, "library-version", init); + if (info->lib_desc[0]) { + ret = append(&str, info->lib_desc, "library-description", init); if (ret < 0) { gnutls_assert(); goto cleanup; } init = 1; } + } - if (info->lib_desc[0]) { - ret = append(&str, info->lib_desc, "library-description", init); + if (detailed > GNUTLS_PKCS11_URL_LIB) { + if (info->lib_version[0]) { + ret = append(&str, info->lib_version, "library-version", init); if (ret < 0) { gnutls_assert(); goto cleanup; @@ -1707,7 +1709,7 @@ static int find_token_num(pakchois_session_t * pks, * if the sequence number exceeds the available tokens, otherwise a negative error value. **/ -int gnutls_pkcs11_token_get_url(unsigned int seq, int detailed, char **url) +int gnutls_pkcs11_token_get_url(unsigned int seq, gnutls_pkcs11_url_type_t detailed, char **url) { int ret; struct token_num tn; @@ -1801,7 +1803,7 @@ int gnutls_pkcs11_token_get_info(const char *url, * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a * negative error value. **/ -int gnutls_pkcs11_obj_export_url(gnutls_pkcs11_obj_t cert, int detailed, char **url) +int gnutls_pkcs11_obj_export_url(gnutls_pkcs11_obj_t cert, gnutls_pkcs11_url_type_t detailed, char **url) { int ret; diff --git a/lib/pkcs11_int.h b/lib/pkcs11_int.h index a8c84b5143..46ad5cacb7 100644 --- a/lib/pkcs11_int.h +++ b/lib/pkcs11_int.h @@ -70,7 +70,7 @@ extern gnutls_pkcs11_token_callback_t token_func; extern void *token_data; void pkcs11_rescan_slots(void); -int pkcs11_info_to_url(const struct pkcs11_url_info *info, int detailed, char **url); +int pkcs11_info_to_url(const struct pkcs11_url_info *info, gnutls_pkcs11_url_type_t detailed, char **url); #define SESSION_WRITE 1 #define SESSION_LOGIN 2 diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c index a076c5dec8..dc738d3ce2 100644 --- a/lib/pkcs11_privkey.c +++ b/lib/pkcs11_privkey.c @@ -378,7 +378,7 @@ gnutls_pkcs11_privkey_decrypt_data(gnutls_pkcs11_privkey_t key, * negative error value. **/ int gnutls_pkcs11_privkey_export_url(gnutls_pkcs11_privkey_t key, - int detailed, char **url) + gnutls_pkcs11_url_type_t detailed, char **url) { int ret; diff --git a/src/certtool-gaa.c b/src/certtool-gaa.c index e3a2c4fd58..278dd725d2 100644 --- a/src/certtool-gaa.c +++ b/src/certtool-gaa.c @@ -12,6 +12,7 @@ #endif #include "certtool-common.h" +#include <gnutls/pkcs11.h> #include <stdio.h> #include <string.h> @@ -210,71 +211,71 @@ typedef struct _gaainfo gaainfo; struct _gaainfo { -#line 168 "certtool.gaa" +#line 169 "certtool.gaa" int debug; -#line 163 "certtool.gaa" +#line 164 "certtool.gaa" int pkcs11_detailed_url; -#line 160 "certtool.gaa" +#line 161 "certtool.gaa" int pkcs11_trusted; -#line 157 "certtool.gaa" +#line 158 "certtool.gaa" char* pkcs11_label; -#line 154 "certtool.gaa" +#line 155 "certtool.gaa" int pkcs11_login; -#line 146 "certtool.gaa" +#line 147 "certtool.gaa" int pkcs11_type; -#line 143 "certtool.gaa" +#line 144 "certtool.gaa" char* pkcs11_url; -#line 140 "certtool.gaa" +#line 141 "certtool.gaa" char* pkcs11_provider; -#line 137 "certtool.gaa" +#line 138 "certtool.gaa" char *pkcs_cipher; -#line 134 "certtool.gaa" +#line 135 "certtool.gaa" char *template; -#line 131 "certtool.gaa" +#line 132 "certtool.gaa" char *infile; -#line 128 "certtool.gaa" +#line 129 "certtool.gaa" char *outfile; -#line 125 "certtool.gaa" +#line 126 "certtool.gaa" int quick_random; -#line 122 "certtool.gaa" +#line 123 "certtool.gaa" char* sec_param; -#line 119 "certtool.gaa" +#line 120 "certtool.gaa" int bits; -#line 115 "certtool.gaa" +#line 116 "certtool.gaa" int outcert_format; -#line 111 "certtool.gaa" +#line 112 "certtool.gaa" int incert_format; -#line 108 "certtool.gaa" +#line 109 "certtool.gaa" int export; -#line 105 "certtool.gaa" +#line 106 "certtool.gaa" char *hash; -#line 102 "certtool.gaa" +#line 103 "certtool.gaa" int dsa; -#line 99 "certtool.gaa" +#line 100 "certtool.gaa" int pkcs8; -#line 92 "certtool.gaa" +#line 93 "certtool.gaa" int v1_cert; -#line 89 "certtool.gaa" +#line 90 "certtool.gaa" int fix_key; -#line 72 "certtool.gaa" +#line 73 "certtool.gaa" int crq_extensions; -#line 57 "certtool.gaa" +#line 58 "certtool.gaa" char *pass; -#line 54 "certtool.gaa" +#line 55 "certtool.gaa" char *ca; -#line 51 "certtool.gaa" +#line 52 "certtool.gaa" char *ca_privkey; -#line 48 "certtool.gaa" +#line 49 "certtool.gaa" char *cert; -#line 45 "certtool.gaa" +#line 46 "certtool.gaa" char *request; -#line 42 "certtool.gaa" +#line 43 "certtool.gaa" char *pubkey; -#line 39 "certtool.gaa" +#line 40 "certtool.gaa" char *privkey; -#line 17 "certtool.gaa" +#line 18 "certtool.gaa" int action; -#line 16 "certtool.gaa" +#line 17 "certtool.gaa" int privkey_op; #line 114 "gaa.skel" @@ -927,14 +928,14 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) { case GAAOPTID_version: OK = 0; -#line 173 "certtool.gaa" +#line 174 "certtool.gaa" { certtool_version(); exit(0); ;}; return GAA_OK; break; case GAAOPTID_help: OK = 0; -#line 171 "certtool.gaa" +#line 172 "certtool.gaa" { gaa_help(); exit(0); ;}; return GAA_OK; @@ -944,7 +945,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_debug.arg1, gaa_getint, GAATMP_debug.size1); gaa_index++; -#line 169 "certtool.gaa" +#line 170 "certtool.gaa" { gaaval->debug = GAATMP_debug.arg1 ;}; return GAA_OK; @@ -954,21 +955,21 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pkcs11_delete_url.arg1, gaa_getstr, GAATMP_pkcs11_delete_url.size1); gaa_index++; -#line 166 "certtool.gaa" +#line 167 "certtool.gaa" { gaaval->action = ACTION_PKCS11_DELETE_URL; gaaval->pkcs11_url = GAATMP_pkcs11_delete_url.arg1; ;}; return GAA_OK; break; case GAAOPTID_pkcs11_detailed_url: OK = 0; -#line 164 "certtool.gaa" -{ gaaval->pkcs11_detailed_url = 1; ;}; +#line 165 "certtool.gaa" +{ gaaval->pkcs11_detailed_url = GNUTLS_PKCS11_URL_LIB; ;}; return GAA_OK; break; case GAAOPTID_pkcs11_write_trusted: OK = 0; -#line 161 "certtool.gaa" +#line 162 "certtool.gaa" { gaaval->pkcs11_trusted = 1; ;}; return GAA_OK; @@ -978,7 +979,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pkcs11_write_label.arg1, gaa_getstr, GAATMP_pkcs11_write_label.size1); gaa_index++; -#line 159 "certtool.gaa" +#line 160 "certtool.gaa" { gaaval->pkcs11_label = GAATMP_pkcs11_write_label.arg1; ;}; return GAA_OK; @@ -988,56 +989,56 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pkcs11_write.arg1, gaa_getstr, GAATMP_pkcs11_write.size1); gaa_index++; -#line 158 "certtool.gaa" +#line 159 "certtool.gaa" { gaaval->action = ACTION_PKCS11_WRITE_URL; gaaval->pkcs11_url = GAATMP_pkcs11_write.arg1; ;}; return GAA_OK; break; case GAAOPTID_pkcs11_login: OK = 0; -#line 155 "certtool.gaa" +#line 156 "certtool.gaa" { gaaval->pkcs11_login = 1; ;}; return GAA_OK; break; case GAAOPTID_pkcs11_list_tokens: OK = 0; -#line 152 "certtool.gaa" +#line 153 "certtool.gaa" { gaaval->action = ACTION_PKCS11_TOKENS; ;}; return GAA_OK; break; case GAAOPTID_pkcs11_list_all: OK = 0; -#line 151 "certtool.gaa" +#line 152 "certtool.gaa" { gaaval->action = ACTION_PKCS11_LIST; gaaval->pkcs11_type=PKCS11_TYPE_ALL; ;}; return GAA_OK; break; case GAAOPTID_pkcs11_list_all_certs: OK = 0; -#line 150 "certtool.gaa" +#line 151 "certtool.gaa" { gaaval->action = ACTION_PKCS11_LIST; gaaval->pkcs11_type=PKCS11_TYPE_CRT_ALL; ;}; return GAA_OK; break; case GAAOPTID_pkcs11_list_trusted: OK = 0; -#line 149 "certtool.gaa" +#line 150 "certtool.gaa" { gaaval->action = ACTION_PKCS11_LIST; gaaval->pkcs11_type=PKCS11_TYPE_TRUSTED; ;}; return GAA_OK; break; case GAAOPTID_pkcs11_list_privkeys: OK = 0; -#line 148 "certtool.gaa" +#line 149 "certtool.gaa" { gaaval->action = ACTION_PKCS11_LIST; gaaval->pkcs11_type=PKCS11_TYPE_PRIVKEY; ;}; return GAA_OK; break; case GAAOPTID_pkcs11_list_certs: OK = 0; -#line 147 "certtool.gaa" +#line 148 "certtool.gaa" { gaaval->action = ACTION_PKCS11_LIST; gaaval->pkcs11_type=PKCS11_TYPE_PK; ;}; return GAA_OK; @@ -1047,7 +1048,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pkcs11_export_url.arg1, gaa_getstr, GAATMP_pkcs11_export_url.size1); gaa_index++; -#line 144 "certtool.gaa" +#line 145 "certtool.gaa" { gaaval->action = ACTION_PKCS11_EXPORT_URL; gaaval->pkcs11_url = GAATMP_pkcs11_export_url.arg1; ;}; return GAA_OK; @@ -1057,7 +1058,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pkcs11_provider.arg1, gaa_getstr, GAATMP_pkcs11_provider.size1); gaa_index++; -#line 141 "certtool.gaa" +#line 142 "certtool.gaa" { gaaval->pkcs11_provider = GAATMP_pkcs11_provider.arg1 ;}; return GAA_OK; @@ -1067,7 +1068,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_pkcs_cipher.arg1, gaa_getstr, GAATMP_pkcs_cipher.size1); gaa_index++; -#line 138 "certtool.gaa" +#line 139 "certtool.gaa" { gaaval->pkcs_cipher = GAATMP_pkcs_cipher.arg1 ;}; return GAA_OK; @@ -1077,7 +1078,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_template.arg1, gaa_getstr, GAATMP_template.size1); gaa_index++; -#line 135 "certtool.gaa" +#line 136 "certtool.gaa" { gaaval->template = GAATMP_template.arg1 ;}; return GAA_OK; @@ -1087,7 +1088,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_infile.arg1, gaa_getstr, GAATMP_infile.size1); gaa_index++; -#line 132 "certtool.gaa" +#line 133 "certtool.gaa" { gaaval->infile = GAATMP_infile.arg1 ;}; return GAA_OK; @@ -1097,14 +1098,14 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_outfile.arg1, gaa_getstr, GAATMP_outfile.size1); gaa_index++; -#line 129 "certtool.gaa" +#line 130 "certtool.gaa" { gaaval->outfile = GAATMP_outfile.arg1 ;}; return GAA_OK; break; case GAAOPTID_disable_quick_random: OK = 0; -#line 126 "certtool.gaa" +#line 127 "certtool.gaa" { gaaval->quick_random = 0; ;}; return GAA_OK; @@ -1114,7 +1115,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_sec_param.arg1, gaa_getstr, GAATMP_sec_param.size1); gaa_index++; -#line 123 "certtool.gaa" +#line 124 "certtool.gaa" { gaaval->sec_param = GAATMP_sec_param.arg1 ;}; return GAA_OK; @@ -1124,42 +1125,42 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_bits.arg1, gaa_getint, GAATMP_bits.size1); gaa_index++; -#line 120 "certtool.gaa" +#line 121 "certtool.gaa" { gaaval->bits = GAATMP_bits.arg1 ;}; return GAA_OK; break; case GAAOPTID_outraw: OK = 0; -#line 117 "certtool.gaa" +#line 118 "certtool.gaa" { gaaval->outcert_format=1 ;}; return GAA_OK; break; case GAAOPTID_outder: OK = 0; -#line 116 "certtool.gaa" +#line 117 "certtool.gaa" { gaaval->outcert_format=1 ;}; return GAA_OK; break; case GAAOPTID_inraw: OK = 0; -#line 113 "certtool.gaa" +#line 114 "certtool.gaa" { gaaval->incert_format=1 ;}; return GAA_OK; break; case GAAOPTID_inder: OK = 0; -#line 112 "certtool.gaa" +#line 113 "certtool.gaa" { gaaval->incert_format=1 ;}; return GAA_OK; break; case GAAOPTID_export_ciphers: OK = 0; -#line 109 "certtool.gaa" +#line 110 "certtool.gaa" { gaaval->export=1 ;}; return GAA_OK; @@ -1169,140 +1170,140 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_hash.arg1, gaa_getstr, GAATMP_hash.size1); gaa_index++; -#line 106 "certtool.gaa" +#line 107 "certtool.gaa" { gaaval->hash = GAATMP_hash.arg1 ;}; return GAA_OK; break; case GAAOPTID_dsa: OK = 0; -#line 103 "certtool.gaa" +#line 104 "certtool.gaa" { gaaval->dsa=1 ;}; return GAA_OK; break; case GAAOPTID_pkcs8: OK = 0; -#line 100 "certtool.gaa" +#line 101 "certtool.gaa" { gaaval->pkcs8=1 ;}; return GAA_OK; break; case GAAOPTID_to_p8: OK = 0; -#line 97 "certtool.gaa" +#line 98 "certtool.gaa" { gaaval->action = ACTION_GENERATE_PKCS8; ;}; return GAA_OK; break; case GAAOPTID_to_p12: OK = 0; -#line 95 "certtool.gaa" +#line 96 "certtool.gaa" { gaaval->action = ACTION_TO_PKCS12; ;}; return GAA_OK; break; case GAAOPTID_v1: OK = 0; -#line 93 "certtool.gaa" +#line 94 "certtool.gaa" { gaaval->v1_cert = 1; ;}; return GAA_OK; break; case GAAOPTID_fix_key: OK = 0; -#line 90 "certtool.gaa" +#line 91 "certtool.gaa" { gaaval->privkey_op=1; gaaval->fix_key = 1; ;}; return GAA_OK; break; case GAAOPTID_pubkey_info: OK = 0; -#line 87 "certtool.gaa" +#line 88 "certtool.gaa" { gaaval->action = ACTION_PUBKEY_INFO; ;}; return GAA_OK; break; case GAAOPTID_pgp_key_info: OK = 0; -#line 85 "certtool.gaa" +#line 86 "certtool.gaa" { gaaval->privkey_op=1; gaaval->action = ACTION_PGP_PRIVKEY_INFO; ;}; return GAA_OK; break; case GAAOPTID_key_info: OK = 0; -#line 83 "certtool.gaa" +#line 84 "certtool.gaa" { gaaval->privkey_op=1; gaaval->action = ACTION_PRIVKEY_INFO; ;}; return GAA_OK; break; case GAAOPTID_smime_to_p7: OK = 0; -#line 79 "certtool.gaa" +#line 80 "certtool.gaa" { gaaval->action = ACTION_SMIME_TO_P7; ;}; return GAA_OK; break; case GAAOPTID_p7_info: OK = 0; -#line 77 "certtool.gaa" +#line 78 "certtool.gaa" { gaaval->action = ACTION_P7_INFO; ;}; return GAA_OK; break; case GAAOPTID_p12_info: OK = 0; -#line 75 "certtool.gaa" +#line 76 "certtool.gaa" { gaaval->action = ACTION_PKCS12_INFO; ;}; return GAA_OK; break; case GAAOPTID_no_crq_extensions: OK = 0; -#line 73 "certtool.gaa" +#line 74 "certtool.gaa" { gaaval->crq_extensions = 0; ;}; return GAA_OK; break; case GAAOPTID_crq_info: OK = 0; -#line 70 "certtool.gaa" +#line 71 "certtool.gaa" { gaaval->action = ACTION_REQUEST; ;}; return GAA_OK; break; case GAAOPTID_crl_info: OK = 0; -#line 68 "certtool.gaa" +#line 69 "certtool.gaa" { gaaval->action = ACTION_CRL_INFO; ;}; return GAA_OK; break; case GAAOPTID_pgp_ring_info: OK = 0; -#line 66 "certtool.gaa" +#line 67 "certtool.gaa" { gaaval->action = ACTION_RING_INFO; ;}; return GAA_OK; break; case GAAOPTID_pgp_certificate_info: OK = 0; -#line 64 "certtool.gaa" +#line 65 "certtool.gaa" { gaaval->action = ACTION_PGP_INFO; ;}; return GAA_OK; break; case GAAOPTID_certificate_pubkey: OK = 0; -#line 62 "certtool.gaa" +#line 63 "certtool.gaa" { gaaval->action = ACTION_CERT_PUBKEY; ;}; return GAA_OK; break; case GAAOPTID_certificate_info: OK = 0; -#line 60 "certtool.gaa" +#line 61 "certtool.gaa" { gaaval->action = ACTION_CERT_INFO; ;}; return GAA_OK; @@ -1312,7 +1313,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_password.arg1, gaa_getstr, GAATMP_password.size1); gaa_index++; -#line 58 "certtool.gaa" +#line 59 "certtool.gaa" { gaaval->pass = GAATMP_password.arg1 ;}; return GAA_OK; @@ -1322,7 +1323,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_load_ca_certificate.arg1, gaa_getstr, GAATMP_load_ca_certificate.size1); gaa_index++; -#line 55 "certtool.gaa" +#line 56 "certtool.gaa" { gaaval->ca = GAATMP_load_ca_certificate.arg1 ;}; return GAA_OK; @@ -1332,7 +1333,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_load_ca_privkey.arg1, gaa_getstr, GAATMP_load_ca_privkey.size1); gaa_index++; -#line 52 "certtool.gaa" +#line 53 "certtool.gaa" { gaaval->ca_privkey = GAATMP_load_ca_privkey.arg1 ;}; return GAA_OK; @@ -1342,7 +1343,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_load_certificate.arg1, gaa_getstr, GAATMP_load_certificate.size1); gaa_index++; -#line 49 "certtool.gaa" +#line 50 "certtool.gaa" { gaaval->cert = GAATMP_load_certificate.arg1 ;}; return GAA_OK; @@ -1352,7 +1353,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_load_request.arg1, gaa_getstr, GAATMP_load_request.size1); gaa_index++; -#line 46 "certtool.gaa" +#line 47 "certtool.gaa" { gaaval->request = GAATMP_load_request.arg1 ;}; return GAA_OK; @@ -1362,7 +1363,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_load_pubkey.arg1, gaa_getstr, GAATMP_load_pubkey.size1); gaa_index++; -#line 43 "certtool.gaa" +#line 44 "certtool.gaa" { gaaval->pubkey = GAATMP_load_pubkey.arg1 ;}; return GAA_OK; @@ -1372,84 +1373,84 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_load_privkey.arg1, gaa_getstr, GAATMP_load_privkey.size1); gaa_index++; -#line 40 "certtool.gaa" +#line 41 "certtool.gaa" { gaaval->privkey = GAATMP_load_privkey.arg1 ;}; return GAA_OK; break; case GAAOPTID_get_dh_params: OK = 0; -#line 37 "certtool.gaa" +#line 38 "certtool.gaa" { gaaval->action=ACTION_GET_DH; ;}; return GAA_OK; break; case GAAOPTID_generate_dh_params: OK = 0; -#line 36 "certtool.gaa" +#line 37 "certtool.gaa" { gaaval->action=ACTION_GENERATE_DH; ;}; return GAA_OK; break; case GAAOPTID_verify_crl: OK = 0; -#line 34 "certtool.gaa" +#line 35 "certtool.gaa" { gaaval->action=ACTION_VERIFY_CRL; ;}; return GAA_OK; break; case GAAOPTID_verify_chain: OK = 0; -#line 32 "certtool.gaa" +#line 33 "certtool.gaa" { gaaval->action=ACTION_VERIFY_CHAIN; ;}; return GAA_OK; break; case GAAOPTID_generate_request: OK = 0; -#line 30 "certtool.gaa" +#line 31 "certtool.gaa" { gaaval->action=ACTION_GENERATE_REQUEST; ;}; return GAA_OK; break; case GAAOPTID_generate_privkey: OK = 0; -#line 28 "certtool.gaa" +#line 29 "certtool.gaa" { gaaval->privkey_op=1; gaaval->action=ACTION_GENERATE_PRIVKEY; ;}; return GAA_OK; break; case GAAOPTID_update_certificate: OK = 0; -#line 26 "certtool.gaa" +#line 27 "certtool.gaa" { gaaval->action=ACTION_UPDATE_CERTIFICATE; ;}; return GAA_OK; break; case GAAOPTID_generate_crl: OK = 0; -#line 24 "certtool.gaa" +#line 25 "certtool.gaa" { gaaval->action=ACTION_GENERATE_CRL; ;}; return GAA_OK; break; case GAAOPTID_generate_proxy: OK = 0; -#line 22 "certtool.gaa" +#line 23 "certtool.gaa" { gaaval->action=ACTION_GENERATE_PROXY; ;}; return GAA_OK; break; case GAAOPTID_generate_certificate: OK = 0; -#line 20 "certtool.gaa" +#line 21 "certtool.gaa" { gaaval->action=ACTION_GENERATE_CERTIFICATE; ;}; return GAA_OK; break; case GAAOPTID_generate_self_signed: OK = 0; -#line 18 "certtool.gaa" +#line 19 "certtool.gaa" { gaaval->action=ACTION_SELF_SIGNED; ;}; return GAA_OK; @@ -1478,7 +1479,7 @@ int gaa(int argc, char **argv, gaainfo *gaaval) if(inited == 0) { -#line 175 "certtool.gaa" +#line 176 "certtool.gaa" { gaaval->bits = 0; gaaval->pkcs8 = 0; gaaval->privkey = NULL; gaaval->ca=NULL; gaaval->ca_privkey = NULL; gaaval->debug=1; gaaval->request = NULL; gaaval->infile = NULL; gaaval->outfile = NULL; gaaval->cert = NULL; gaaval->incert_format = 0; gaaval->outcert_format = 0; gaaval->action=-1; gaaval->pass = NULL; gaaval->v1_cert = 0; diff --git a/src/certtool-gaa.h b/src/certtool-gaa.h index 43f1c4856a..49cb22519f 100644 --- a/src/certtool-gaa.h +++ b/src/certtool-gaa.h @@ -8,71 +8,71 @@ typedef struct _gaainfo gaainfo; struct _gaainfo { -#line 168 "certtool.gaa" +#line 169 "certtool.gaa" int debug; -#line 163 "certtool.gaa" +#line 164 "certtool.gaa" int pkcs11_detailed_url; -#line 160 "certtool.gaa" +#line 161 "certtool.gaa" int pkcs11_trusted; -#line 157 "certtool.gaa" +#line 158 "certtool.gaa" char* pkcs11_label; -#line 154 "certtool.gaa" +#line 155 "certtool.gaa" int pkcs11_login; -#line 146 "certtool.gaa" +#line 147 "certtool.gaa" int pkcs11_type; -#line 143 "certtool.gaa" +#line 144 "certtool.gaa" char* pkcs11_url; -#line 140 "certtool.gaa" +#line 141 "certtool.gaa" char* pkcs11_provider; -#line 137 "certtool.gaa" +#line 138 "certtool.gaa" char *pkcs_cipher; -#line 134 "certtool.gaa" +#line 135 "certtool.gaa" char *template; -#line 131 "certtool.gaa" +#line 132 "certtool.gaa" char *infile; -#line 128 "certtool.gaa" +#line 129 "certtool.gaa" char *outfile; -#line 125 "certtool.gaa" +#line 126 "certtool.gaa" int quick_random; -#line 122 "certtool.gaa" +#line 123 "certtool.gaa" char* sec_param; -#line 119 "certtool.gaa" +#line 120 "certtool.gaa" int bits; -#line 115 "certtool.gaa" +#line 116 "certtool.gaa" int outcert_format; -#line 111 "certtool.gaa" +#line 112 "certtool.gaa" int incert_format; -#line 108 "certtool.gaa" +#line 109 "certtool.gaa" int export; -#line 105 "certtool.gaa" +#line 106 "certtool.gaa" char *hash; -#line 102 "certtool.gaa" +#line 103 "certtool.gaa" int dsa; -#line 99 "certtool.gaa" +#line 100 "certtool.gaa" int pkcs8; -#line 92 "certtool.gaa" +#line 93 "certtool.gaa" int v1_cert; -#line 89 "certtool.gaa" +#line 90 "certtool.gaa" int fix_key; -#line 72 "certtool.gaa" +#line 73 "certtool.gaa" int crq_extensions; -#line 57 "certtool.gaa" +#line 58 "certtool.gaa" char *pass; -#line 54 "certtool.gaa" +#line 55 "certtool.gaa" char *ca; -#line 51 "certtool.gaa" +#line 52 "certtool.gaa" char *ca_privkey; -#line 48 "certtool.gaa" +#line 49 "certtool.gaa" char *cert; -#line 45 "certtool.gaa" +#line 46 "certtool.gaa" char *request; -#line 42 "certtool.gaa" +#line 43 "certtool.gaa" char *pubkey; -#line 39 "certtool.gaa" +#line 40 "certtool.gaa" char *privkey; -#line 17 "certtool.gaa" +#line 18 "certtool.gaa" int action; -#line 16 "certtool.gaa" +#line 17 "certtool.gaa" int privkey_op; #line 114 "gaa.skel" diff --git a/src/certtool.gaa b/src/certtool.gaa index 61e6675400..229508987a 100644 --- a/src/certtool.gaa +++ b/src/certtool.gaa @@ -8,6 +8,7 @@ #endif #include "certtool-common.h" +#include <gnutls/pkcs11.h> #} @@ -161,7 +162,7 @@ option (pkcs11-write-label) STR "label" { $pkcs11_label = $1; } "Sets a label fo option (pkcs11-write-trusted) { $pkcs11_trusted = 1; } "Marks the certificate to be imported as trusted." #int pkcs11_detailed_url; -option (pkcs11-detailed-url) { $pkcs11_detailed_url = 1; } "Export detailed URLs." +option (pkcs11-detailed-url) { $pkcs11_detailed_url = GNUTLS_PKCS11_URL_LIB; } "Export detailed URLs." option (pkcs11-delete-url) STR "URL" { $action = ACTION_PKCS11_DELETE_URL; $pkcs11_url = $1; } "Deletes objects matching the URL." diff --git a/src/pkcs11.c b/src/pkcs11.c index 0781ea5e17..c0d6239628 100644 --- a/src/pkcs11.c +++ b/src/pkcs11.c @@ -88,7 +88,7 @@ unsigned int obj_flags = 0; obj_flags = GNUTLS_PKCS11_OBJ_FLAG_LOGIN; if (!batch) { - pkcs11_list(outfile, url, PKCS11_TYPE_ALL, login, 1); + pkcs11_list(outfile, url, PKCS11_TYPE_ALL, login, GNUTLS_PKCS11_URL_LIB); ret = read_yesno("Are you sure you want to delete those objects? (y/N): "); if (ret == 0) { exit(1); |