Skip to content

Commit a84b0f7

Browse files
mtrojnarmtrojnar
committed
Move ENGINE_CTX_keygen to util_uri.c
1 parent b92a6da commit a84b0f7

File tree

3 files changed

+64
-74
lines changed

3 files changed

+64
-74
lines changed

src/eng_back.c

Lines changed: 1 addition & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -257,42 +257,6 @@ static int ENGINE_CTX_ctrl_set_vlog(ENGINE_CTX *ctx, void *cb)
257257
return 1;
258258
}
259259

260-
static int ENGINE_CTX_keygen(ENGINE_CTX *ctx, void *p)
261-
{
262-
int rv;
263-
PKCS11_KGEN_ATTRS *kg_attrs = p;
264-
PKCS11_SLOT* found_slot = NULL;
265-
266-
if (kg_attrs == NULL)
267-
return 0;
268-
269-
/* Delayed libp11 initialization */
270-
if (UTIL_CTX_init_libp11(ctx->util_ctx)) {
271-
ENGerr(ENG_F_CTX_LOAD_OBJECT, ENG_R_INVALID_PARAMETER);
272-
return 0;
273-
}
274-
275-
found_slot = UTIL_CTX_find_token(ctx->util_ctx, kg_attrs->token_label);
276-
if (!found_slot)
277-
return 0;
278-
279-
/* Try logging in */
280-
ERR_clear_error();
281-
if (!(found_slot->token->loginRequired && UTIL_CTX_login(ctx->util_ctx,
282-
found_slot, ctx->ui_method, ctx->ui_data)))
283-
return 0;
284-
285-
rv = PKCS11_keygen(found_slot->token, kg_attrs);
286-
if (rv < 0) {
287-
ENGINE_CTX_log(ctx, LOG_ERR,
288-
"Failed to generate a key pair on the token. Error code: %d\n",
289-
rv);
290-
return 0;
291-
}
292-
293-
return 1;
294-
}
295-
296260
int ENGINE_CTX_ctrl(ENGINE_CTX *ctx, int cmd, long i, void *p, void (*f)())
297261
{
298262
(void)i; /* We don't currently take integer parameters */
@@ -330,7 +294,7 @@ int ENGINE_CTX_ctrl(ENGINE_CTX *ctx, int cmd, long i, void *p, void (*f)())
330294
case CMD_DEBUG_LEVEL:
331295
return ENGINE_CTX_ctrl_set_debug_level(ctx, (int)i);
332296
case CMD_KEYGEN:
333-
return ENGINE_CTX_keygen(ctx, p);
297+
return UTIL_CTX_keygen(ctx->util_ctx, p);
334298
default:
335299
ENGerr(ENG_F_CTX_ENGINE_CTRL, ENG_R_UNKNOWN_COMMAND);
336300
break;

src/util.h

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -64,8 +64,6 @@ void UTIL_CTX_log(UTIL_CTX *ctx, int level, const char *format, ...);
6464

6565
int UTIL_CTX_set_pin(UTIL_CTX *ctx, const char *pin);
6666
void UTIL_CTX_set_force_login(UTIL_CTX *ctx, int force_login);
67-
int UTIL_CTX_login(UTIL_CTX *ctx, PKCS11_SLOT *slot, UI_METHOD *ui_method,
68-
void *ui_data);
6967

7068
X509 *UTIL_CTX_get_cert_from_uri(UTIL_CTX *ctx, const char *uri,
7169
UI_METHOD *ui_method, void *ui_data);
@@ -74,7 +72,7 @@ EVP_PKEY *UTIL_CTX_get_pubkey_from_uri(UTIL_CTX *ctx, const char *uri,
7472
EVP_PKEY *UTIL_CTX_get_privkey_from_uri(UTIL_CTX *ctx, const char *uri,
7573
UI_METHOD *ui_method, void *ui_data);
7674

77-
PKCS11_SLOT *UTIL_CTX_find_token(UTIL_CTX *ctx, const char *token_label);
75+
int UTIL_CTX_keygen(UTIL_CTX *ctx, PKCS11_KGEN_ATTRS *kg_attrs);
7876

7977
#endif /* _UTIL_LIBP11_H */
8078

src/util_uri.c

Lines changed: 62 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -123,7 +123,7 @@ int UTIL_CTX_set_ui_method(UTIL_CTX *ctx, UI_METHOD *ui_method, void *ui_data)
123123
return 1;
124124
}
125125

126-
static int UTIL_CTX_enumerate_slots_unlocked(UTIL_CTX *ctx)
126+
static int util_ctx_enumerate_slots_unlocked(UTIL_CTX *ctx)
127127
{
128128
/* PKCS11_update_slots() uses C_GetSlotList() via libp11 */
129129
if (PKCS11_update_slots(ctx->pkcs11_ctx, &ctx->slot_list, &ctx->slot_count) < 0) {
@@ -145,7 +145,7 @@ int UTIL_CTX_enumerate_slots(UTIL_CTX *ctx)
145145

146146
pthread_mutex_lock(&ctx->lock);
147147
if (ctx->pkcs11_ctx)
148-
rv = UTIL_CTX_enumerate_slots_unlocked(ctx);
148+
rv = util_ctx_enumerate_slots_unlocked(ctx);
149149
else
150150
rv = UTIL_CTX_init_libp11(ctx) == 0;
151151
pthread_mutex_unlock(&ctx->lock);
@@ -172,7 +172,7 @@ int UTIL_CTX_init_libp11(UTIL_CTX *ctx)
172172
UTIL_CTX_free_libp11(ctx);
173173
return -1;
174174
}
175-
if (UTIL_CTX_enumerate_slots_unlocked(ctx) != 1) {
175+
if (util_ctx_enumerate_slots_unlocked(ctx) != 1) {
176176
UTIL_CTX_free_libp11(ctx);
177177
return -1;
178178
}
@@ -503,15 +503,6 @@ static int util_ctx_login(UTIL_CTX *ctx, PKCS11_SLOT *slot, PKCS11_TOKEN *tok,
503503
return 1;
504504
}
505505

506-
int UTIL_CTX_login(UTIL_CTX *ctx, PKCS11_SLOT *slot, UI_METHOD *ui_method,
507-
void *ui_data)
508-
{
509-
if (!slot->token)
510-
return 0;
511-
512-
return util_ctx_login(ctx, slot, slot->token, ui_method, ui_data);
513-
}
514-
515506
/******************************************************************************/
516507
/* URI parsing */
517508
/******************************************************************************/
@@ -1200,28 +1191,6 @@ static void *util_ctx_load_object(UTIL_CTX *ctx,
12001191
return obj;
12011192
}
12021193

1203-
PKCS11_SLOT *UTIL_CTX_find_token(UTIL_CTX *ctx, const char *tok_lbl)
1204-
{
1205-
PKCS11_SLOT *slot = NULL;
1206-
1207-
if (!ctx->pkcs11_ctx)
1208-
return NULL;
1209-
1210-
do {
1211-
slot = PKCS11_find_next_token(ctx->pkcs11_ctx, ctx->slot_list,
1212-
ctx->slot_count, slot);
1213-
if (slot && slot->token && slot->token->initialized
1214-
&& slot->token->label
1215-
&& !strncmp(slot->token->label, tok_lbl, 32)) {
1216-
return slot;
1217-
}
1218-
} while (!slot);
1219-
1220-
UTIL_CTX_log(ctx, LOG_ERR,
1221-
"Initialized token with matching label not found...\n");
1222-
return NULL;
1223-
}
1224-
12251194
/******************************************************************************/
12261195
/* Certificate handling */
12271196
/******************************************************************************/
@@ -1531,4 +1500,63 @@ EVP_PKEY *UTIL_CTX_get_privkey_from_uri(UTIL_CTX *ctx, const char *uri,
15311500
return key ? PKCS11_get_private_key(key) : NULL;
15321501
}
15331502

1503+
/******************************************************************************/
1504+
/* Key pair generation */
1505+
/******************************************************************************/
1506+
1507+
static PKCS11_SLOT *util_ctx_find_token(UTIL_CTX *ctx, const char *tok_lbl)
1508+
{
1509+
PKCS11_SLOT *slot = NULL;
1510+
1511+
if (!ctx->pkcs11_ctx)
1512+
return NULL;
1513+
1514+
do {
1515+
slot = PKCS11_find_next_token(ctx->pkcs11_ctx, ctx->slot_list,
1516+
ctx->slot_count, slot);
1517+
if (slot && slot->token && slot->token->initialized
1518+
&& slot->token->label
1519+
&& !strncmp(slot->token->label, tok_lbl, 32))
1520+
return slot;
1521+
} while (!slot);
1522+
1523+
UTIL_CTX_log(ctx, LOG_ERR,
1524+
"Initialized token with matching label not found...\n");
1525+
return NULL;
1526+
}
1527+
1528+
int UTIL_CTX_keygen(UTIL_CTX *ctx, PKCS11_KGEN_ATTRS *kg_attrs)
1529+
{
1530+
int rv;
1531+
PKCS11_SLOT *slot = NULL;
1532+
1533+
if (kg_attrs == NULL)
1534+
return 0;
1535+
1536+
/* Delayed libp11 initialization */
1537+
if (UTIL_CTX_init_libp11(ctx))
1538+
return 0;
1539+
1540+
slot = util_ctx_find_token(ctx, kg_attrs->token_label);
1541+
if (!slot || !slot->token)
1542+
return 0;
1543+
1544+
/* Try logging in */
1545+
ERR_clear_error();
1546+
if (slot->token->loginRequired)
1547+
if (!util_ctx_login(ctx, slot, slot->token,
1548+
ctx->ui_method, ctx->ui_data))
1549+
return 0;
1550+
1551+
rv = PKCS11_keygen(slot->token, kg_attrs);
1552+
if (rv < 0) {
1553+
UTIL_CTX_log(ctx, LOG_ERR,
1554+
"Failed to generate a key pair on the token. Error code: %d\n",
1555+
rv);
1556+
return 0;
1557+
}
1558+
1559+
return 1;
1560+
}
1561+
15341562
/* vim: set noexpandtab: */

0 commit comments

Comments
 (0)