search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove building with NOCRYPTO option
[minix.git] / external / bsd / bind / dist / bin / tests / pkcs11 / pkcs11-hmacmd5.c
blob6cfab31abb78dbbf0b6c07275bd3d471dbb98507
1 /* $NetBSD: pkcs11-hmacmd5.c,v 1.1.1.4 2014/12/10 03:34:28 christos Exp $ */
2
3 /*
4 * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
5 *
6 * Permission to use, copy, modify, and/or distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
11 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
12 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
13 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
14 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
15 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
16 * PERFORMANCE OF THIS SOFTWARE.
17 */
18
19 /*
20 * Portions copyright (c) 2008 Nominet UK. All rights reserved.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the above copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 *
31 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
32 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
33 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
34 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
35 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
36 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
37 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
38 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
39 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
40 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
41 */
42
43 /* Id */
44
45 /*
46 * pkcs11-hmacmd5
47 *
48 * Prints the MD5 HMAC of the standard input, using the PKCS#11 device.
49 *
50 * Usage:
51 * pkcs11-hmacmd5 [-m module] [-s $slot] [-n] [-p $pin]
52 * -m: PKCS#11 provider module. This must be the full
53 * path to a shared library object implementing the
54 * PKCS#11 API for a device.
55 * -s: Slot
56 * -p: PIN
57 * -n: don't log in to the PKCS#11 device
58 * -k: key name for the HMAC
59 */
60
61 /*! \file */
62
63 #include <config.h>
64
65 #include <stdio.h>
66 #include <stdlib.h>
67 #include <fcntl.h>
68 #include <errno.h>
69 #include <string.h>
70 #include <sys/types.h>
71
72 #include <isc/commandline.h>
73 #include <isc/result.h>
74 #include <isc/types.h>
75
76 #include <pk11/pk11.h>
77 #include <pk11/result.h>
78
79 #if !(defined(HAVE_GETPASSPHRASE) || (defined (__SVR4) && defined (__sun)))
80 #define getpassphrase(x) getpass(x)
81 #endif
82
83 /* Define static key template values */
84 static CK_BBOOL truevalue = TRUE;
85 static CK_BBOOL falsevalue = FALSE;
86
87 #define BLOCKSIZE 32768
88
89 char buffer[BLOCKSIZE + 72];
90 char digest[16];
91
92 int
93 main(int argc, char *argv[]) {
94 isc_result_t result;
95 CK_RV rv;
96 CK_SLOT_ID slot = 0;
97 CK_SESSION_HANDLE hSession;
98 CK_MECHANISM mech = { CKM_MD5_HMAC, NULL, 0 };
99 CK_ULONG len;
100 CK_OBJECT_HANDLE hKey = CK_INVALID_HANDLE;
101 CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
102 CK_KEY_TYPE keyType = CKK_MD5_HMAC;
103 CK_ATTRIBUTE keyTemplate[] =
104 {
105 { CKA_CLASS, &keyClass, (CK_ULONG) sizeof(keyClass) },
106 { CKA_KEY_TYPE, &keyType, (CK_ULONG) sizeof(keyType) },
107 { CKA_TOKEN, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
108 { CKA_PRIVATE, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
109 { CKA_SIGN, &truevalue, (CK_ULONG) sizeof(truevalue) },
110 { CKA_VALUE, NULL, 0 }
111 };
112 pk11_context_t pctx;
113 pk11_optype_t op_type = OP_DIGEST;
114 char *lib_name = NULL;
115 char *pin = NULL;
116 int error = 0;
117 isc_boolean_t logon = ISC_TRUE;
118 int c, errflg = 0;
119 char *key = NULL;
120 size_t sum = 0;
121 unsigned int i;
122
123 while ((c = isc_commandline_parse(argc, argv, ":m:s:np:k:")) != -1) {
124 switch (c) {
125 case 'm':
126 lib_name = isc_commandline_argument;
127 break;
128 case 's':
129 slot = atoi(isc_commandline_argument);
130 op_type = OP_ANY;
131 break;
132 case 'n':
133 logon = ISC_FALSE;
134 break;
135 case 'p':
136 pin = isc_commandline_argument;
137 break;
138 case 'k':
139 key = isc_commandline_argument;
140 break;
141 case ':':
142 fprintf(stderr,
143 "Option -%c requires an operand\n",
144 isc_commandline_option);
145 errflg++;
146 break;
147 case '?':
148 default:
149 fprintf(stderr, "Unrecognised option: -%c\n",
150 isc_commandline_option);
151 errflg++;
152 }
153 }
154
155 if (errflg || (key == NULL)) {
156 fprintf(stderr, "Usage:\n");
157 fprintf(stderr,
158 "\tpkcs11-hmacmd5 [-m module] [-s slot] "
159 "[-n|-p pin] -k key\n");
160 exit(1);
161 }
162
163 /* Decode the key */
164 for (i = 0; i < BLOCKSIZE / 2; i++) {
165 switch (c = *key++) {
166 case 0:
167 goto key_done;
168 case '0':
169 case '1':
170 case '2':
171 case '3':
172 case '4':
173 case '5':
174 case '6':
175 case '7':
176 case '8':
177 case '9':
178 if ((i & 1) == 0)
179 buffer[i >> 1] = (c - '0') << 4;
180 else
181 buffer[i >> 1] |= c - '0';
182 break;
183 case 'A':
184 case 'B':
185 case 'C':
186 case 'D':
187 case 'E':
188 case 'F':
189 if ((i & 1) == 0)
190 buffer[i >> 1] = (c - 'A' + 10) << 4;
191 else
192 buffer[i >> 1] |= c - 'A' + 10;
193 break;
194 case 'a':
195 case 'b':
196 case 'c':
197 case 'd':
198 case 'e':
199 case 'f':
200 if ((i & 1) == 0)
201 buffer[i >> 1] = (c - 'a' + 10) << 4;
202 else
203 buffer[i >> 1] |= c - 'a' + 10;
204 break;
205 default:
206 fprintf(stderr, "Not hexdigit '%c' in key\n", c);
207 exit(1);
208 }
209 }
210 key_done:
211 if ((i & 1) != 0) {
212 fprintf(stderr, "Even number of hexdigits in key\n");
213 exit(1);
214 }
215 len = i >> 1;
216 keyTemplate[5].pValue = buffer;
217 keyTemplate[5].ulValueLen = (CK_ULONG) len;
218
219 pk11_result_register();
220
221 /* Initialize the CRYPTOKI library */
222 if (lib_name != NULL)
223 pk11_set_lib_name(lib_name);
224
225 if (logon && pin == NULL)
226 pin = getpassphrase("Enter Pin: ");
227
228 result = pk11_get_session(&pctx, op_type, ISC_FALSE, ISC_FALSE, logon,
229 (const char *) pin, slot);
230 if ((result != ISC_R_SUCCESS) &&
231 (result != PK11_R_NORANDOMSERVICE) &&
232 (result != PK11_R_NOAESSERVICE)) {
233 fprintf(stderr, "Error initializing PKCS#11: %s\n",
234 isc_result_totext(result));
235 exit(1);
236 }
237
238 if (pin != NULL)
239 memset(pin, 0, strlen((char *)pin));
240
241 hSession = pctx.session;
242
243 rv = pkcs_C_CreateObject(hSession, keyTemplate, (CK_ULONG) 6, &hKey);
244 if (rv != CKR_OK) {
245 fprintf(stderr, "C_CreateObject: Error = 0x%.8lX\n", rv);
246 error = 1;
247 goto exit_session;
248 }
249 if (hKey == CK_INVALID_HANDLE) {
250 fprintf(stderr, "C_CreateObject failed\n");
251 error = 1;
252 goto exit_session;
253 }
254
255 rv = pkcs_C_SignInit(hSession, &mech, hKey);
256 if (rv != CKR_OK) {
257 fprintf(stderr, "C_SignInit: Error = 0x%.8lX\n", rv);
258 error = 1;
259 goto exit_sign;
260 }
261
262 for (;;) {
263 size_t n;
264
265 for (;;) {
266 n = fread(buffer + sum, 1, BLOCKSIZE - sum, stdin);
267 sum += n;
268 if (sum == BLOCKSIZE)
269 break;
270 if (n == 0) {
271 if (ferror(stdin)) {
272 fprintf(stderr, "fread failed\n");
273 error = 1;
274 goto exit_sign;
275 }
276 goto partial_block;
277 }
278 if (feof(stdin))
279 goto partial_block;
280 }
281
282 rv = pkcs_C_SignUpdate(hSession, (CK_BYTE_PTR) buffer,
283 (CK_ULONG) BLOCKSIZE);
284 if (rv != CKR_OK) {
285 fprintf(stderr,
286 "C_SignUpdate: Error = 0x%.8lX\n",
287 rv);
288 error = 1;
289 goto exit_sign;
290 }
291 }
292
293 partial_block:
294 if (sum > 0) {
295 rv = pkcs_C_SignUpdate(hSession, (CK_BYTE_PTR) buffer,
296 (CK_ULONG) sum);
297 if (rv != CKR_OK) {
298 fprintf(stderr,
299 "C_SignUpdate: Error = 0x%.8lX\n",
300 rv);
301 error = 1;
302 goto exit_sign;
303 }
304 }
305
306 len = 16;
307 rv = pkcs_C_SignFinal(hSession, (CK_BYTE_PTR) digest, &len);
308 if (rv != CKR_OK) {
309 fprintf(stderr, "C_SignFinal: Error = 0x%.8lX\n", rv);
310 error = 1;
311 goto exit_sign;
312 }
313 if (len != 16) {
314 fprintf(stderr, "C_SignFinal: bad length = %lu\n", len);
315 error = 1;
316 }
317
318 for (i = 0; i < 16; i++)
319 printf("%02x", digest[i] & 0xff);
320 printf("\n");
321
322 exit_sign:
323 rv = pkcs_C_DestroyObject(hSession, hKey);
324 if ((error == 0) && (rv != CKR_OK)) {
325 fprintf(stderr, "C_DestroyObject: Error = 0x%.8lX\n", rv);
326 error = 1;
327 }
328
329 exit_session:
330 pk11_return_session(&pctx);
331 (void) pk11_finalize();
332
333 exit(error);
334 }
MINIX 3 (repo.or.cz mirror)