2 * Copyright (c) 2006 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
39 find_object(CK_SESSION_HANDLE session
,
41 CK_OBJECT_CLASS key_class
,
42 CK_OBJECT_HANDLE_PTR object
)
44 CK_ULONG object_count
;
46 CK_ATTRIBUTE search_data
[] = {
48 {CKA_CLASS
, &key_class
, sizeof(key_class
)}
50 CK_ULONG num_search_data
= sizeof(search_data
)/sizeof(search_data
[0]);
52 search_data
[0].ulValueLen
= strlen(id
);
54 ret
= C_FindObjectsInit(session
, search_data
, num_search_data
);
58 ret
= C_FindObjects(session
, object
, 1, &object_count
);
61 if (object_count
== 0) {
62 printf("found no object\n");
66 ret
= C_FindObjectsFinal(session
);
73 static char *sighash
= "hej";
74 static char signature
[1024];
78 main(int argc
, char **argv
)
80 CK_SLOT_ID_PTR slot_ids
;
84 CK_SLOT_INFO slot_info
;
85 CK_TOKEN_INFO token_info
;
86 CK_SESSION_HANDLE session
;
87 CK_OBJECT_HANDLE
public, private;
89 C_Initialize(NULL_PTR
);
91 ret
= C_GetSlotList(FALSE
, NULL
, &num_slots
);
93 errx(1, "C_GetSlotList1 failed: %d", (int)ret
);
98 if ((slot_ids
= calloc(1, num_slots
* sizeof(*slot_ids
))) == NULL
)
99 err(1, "alloc slots failed");
101 ret
= C_GetSlotList(FALSE
, slot_ids
, &num_slots
);
103 errx(1, "C_GetSlotList2 failed: %d", (int)ret
);
108 ret
= C_GetSlotInfo(slot
, &slot_info
);
110 errx(1, "C_GetSlotInfo failed: %d", (int)ret
);
112 if ((slot_info
.flags
& CKF_TOKEN_PRESENT
) == 0)
113 errx(1, "no token present");
115 ret
= C_OpenSession(slot
, CKF_SERIAL_SESSION
, NULL
, NULL
, &session
);
117 errx(1, "C_OpenSession failed: %d", (int)ret
);
119 ret
= C_Login(session
, CKU_USER
, (unsigned char*)"foobar", 6);
121 errx(1, "C_Login failed: %d", (int)ret
);
123 ret
= C_GetTokenInfo(slot
, &token_info
);
125 errx(1, "C_GetTokenInfo failed: %d", (int)ret
);
127 if (token_info
.flags
& CKF_LOGIN_REQUIRED
)
128 errx(1, "login required, even after C_Login");
130 ret
= find_object(session
, "cert", CKO_PUBLIC_KEY
, &public);
132 errx(1, "find cert failed: %d", (int)ret
);
133 ret
= find_object(session
, "cert", CKO_PRIVATE_KEY
, &private);
135 errx(1, "find private key failed: %d", (int)ret
);
139 CK_MECHANISM mechanism
;
141 memset(&mechanism
, 0, sizeof(mechanism
));
142 mechanism
.mechanism
= CKM_RSA_PKCS
;
144 ret
= C_SignInit(session
, &mechanism
, private);
148 ck_sigsize
= sizeof(signature
);
149 ret
= C_Sign(session
, (CK_BYTE
*)sighash
, strlen(sighash
),
150 (CK_BYTE
*)signature
, &ck_sigsize
);
152 printf("C_Sign failed with: %d\n", (int)ret
);
156 ret
= C_VerifyInit(session
, &mechanism
, public);
160 ret
= C_Verify(session
, (CK_BYTE
*)signature
, ck_sigsize
,
161 (CK_BYTE
*)sighash
, strlen(sighash
));
163 printf("message: %d\n", (int)ret
);
170 CK_ULONG ck_sigsize
, outsize
;
171 CK_MECHANISM mechanism
;
174 memset(&mechanism
, 0, sizeof(mechanism
));
175 mechanism
.mechanism
= CKM_RSA_PKCS
;
177 ret
= C_EncryptInit(session
, &mechanism
, public);
181 ck_sigsize
= sizeof(signature
);
182 ret
= C_Encrypt(session
, (CK_BYTE
*)sighash
, strlen(sighash
),
183 (CK_BYTE
*)signature
, &ck_sigsize
);
185 printf("message: %d\n", (int)ret
);
189 ret
= C_DecryptInit(session
, &mechanism
, private);
193 outsize
= sizeof(outdata
);
194 ret
= C_Decrypt(session
, (CK_BYTE
*)signature
, ck_sigsize
,
195 (CK_BYTE
*)outdata
, &outsize
);
197 printf("message: %d\n", (int)ret
);
201 if (memcmp(sighash
, outdata
, strlen(sighash
)) != 0)
206 ret
= C_CloseSession(session
);
210 C_Finalize(NULL_PTR
);