1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
/*
* Copyright (c) 2014, NORDUnet A/S.
* See LICENSE for licensing information.
*/
#include <stdio.h>
#include <err.h>
#include <stdlib.h>
#include <string.h>
#include "hsmhelper.h"
#include "erlport.h"
static long
parseslot(char *slotstring)
{
char *endptr = NULL;
if (slotstring[0] == '\0') {
errx(1, "no slot given");
}
long slot = strtol(slotstring, &endptr, 10);
if (endptr[0] != '\0') {
errx(1, "not a valid slot number: %s", slotstring);
}
return slot;
}
static void
loop(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey,
CK_MECHANISM_TYPE mechanism)
{
unsigned char buf[10000];
unsigned char signature[2048];
ssize_t len;
while ((len = read_command(buf, sizeof(buf), 4)) > 0) {
unsigned long signatureLen = sizeof(signature);
sign(hSession, hKey, buf, len, signature, &signatureLen, mechanism);
write_reply(signature, signatureLen, 4);
}
}
int
main(int argc, char *argv[])
{
if (argc < 6) {
errx(1, "usage: %s <pkcs11library> <slot> rsa|ecdsa <keyname> <pin>", argv[0]);
}
char *library_path = argv[1];
char *slotstring = argv[2];
char *keytype = argv[3];
char *keyname = argv[4];
char *pin = argv[5];
init(library_path);
long slot = parseslot(slotstring);
CK_MECHANISM_TYPE mechanism;
if (strcmp(keytype, "ecdsa") == 0) {
mechanism = CKM_ECDSA;
} else if (strcmp(keytype, "rsa") == 0) {
mechanism = CKM_SHA256_RSA_PKCS;
} else {
errx(1, "invalid key type: %s", keytype);
}
CK_SESSION_HANDLE hSession = open_session(slot);
login(hSession, pin);
CK_OBJECT_HANDLE hKey = find_key(hSession, CKO_PRIVATE_KEY, keyname);
loop(hSession, hKey, mechanism);
return 0;
}
|