├── .dir-locals.el ├── .github ├── actions │ ├── basic-autotools │ │ └── action.yaml │ └── basic-meson │ │ └── action.yaml └── workflows │ ├── build-image.yml │ ├── cifuzz.yml │ ├── codeql.yml │ └── test.yaml ├── .gitignore ├── .gitmodules ├── .packit.yaml ├── AUTHORS ├── CONTRIBUTING.md ├── COPYING ├── ChangeLog ├── Makefile.am ├── NEWS ├── README ├── README.md ├── SECURITY.md ├── autogen.sh ├── automaint.sh ├── bash-completion ├── meson.build ├── p11-kit └── trust ├── build ├── certs │ ├── Makefile │ ├── cacert-ca.der │ ├── cacert3.der │ ├── distant-end-date.der │ ├── entrust-invalid.der │ ├── redhat-newca.der │ ├── self-server.der │ ├── self-signed-with-eku.der │ ├── self-signed-with-ku.der │ ├── testing-ca.der │ ├── testing-server.der │ ├── verisign-v1.der │ ├── with-eku.conf │ └── with-ku.conf ├── cross_file_mingw64.txt ├── gtk-doc.make ├── litter │ └── .empty ├── lsan.supp ├── m4 │ ├── .empty │ └── ld-version-script.m4 ├── run-wrapper.sh ├── setup-wrapper.sh ├── tx-update └── wine-wrapper.sh ├── ci └── Dockerfile ├── common ├── Makefile.am ├── argv.c ├── argv.h ├── array.c ├── array.h ├── asn1.c ├── asn1.h ├── attrs.c ├── attrs.h ├── base64.c ├── base64.h ├── basic.asn ├── buffer.c ├── buffer.h ├── compat.c ├── compat.h ├── constants.c ├── constants.h ├── debug.c ├── debug.h ├── dict.c ├── dict.h ├── frob-getauxval.c ├── frob-getenv.c ├── frob-getprogname.c ├── hash.c ├── hash.h ├── hex.c ├── hex.h ├── init.h ├── lexer.c ├── lexer.h ├── library.c ├── library.h ├── meson.build ├── message.c ├── message.h ├── mock.c ├── mock.h ├── oid.c ├── oid.h ├── openssl.asn ├── options.c ├── options.h ├── path.c ├── path.h ├── pem.c ├── pem.h ├── persist.c ├── persist.h ├── pkcs11.h ├── pkcs11i.h ├── pkcs11x.h ├── pkix.asn ├── print.c ├── print.h ├── readpassphrase.c ├── runtime.c ├── runtime.h ├── test-argv.c ├── test-array.c ├── test-asn1.c ├── test-attrs.c ├── test-buffer.c ├── test-compat.c ├── test-constants.c ├── test-dict.c ├── test-hash.c ├── test-hex.c ├── test-init.sh.in ├── test-lexer.c ├── test-message.c ├── test-oid.c ├── test-path.c ├── test-runtime.c ├── test-tests.c ├── test-url.c ├── test.c ├── test.h ├── types.h ├── unix-peer.c ├── unix-peer.h ├── url.c ├── url.h ├── vsock.c └── vsock.h ├── configure.ac ├── doc ├── Makefile.am ├── internal │ └── persist-format.txt └── manual │ ├── Makefile.am │ ├── annotation-glossary.xml │ ├── docbook-params.xsl │ ├── meson.build │ ├── p11-kit-config.xml │ ├── p11-kit-devel.xml │ ├── p11-kit-docs.xml │ ├── p11-kit-overrides.txt │ ├── p11-kit-proxy.xml │ ├── p11-kit-remoting.xml │ ├── p11-kit-sections.txt │ ├── p11-kit-sharing.xml │ ├── p11-kit-trust.xml │ ├── p11-kit.xml │ ├── pkcs11.conf.xml │ ├── style.css │ ├── sysdir.xml.in │ ├── trust.xml │ ├── userdir.xml.in │ └── version.xml.in ├── fuzz ├── Makefile.am ├── fuzz.h ├── main.c ├── meson.build ├── rpc.in │ ├── C_CloseAllSessions_slot_one │ ├── C_CloseAllSessions_slot_two │ ├── C_CloseSession │ ├── C_CopyObject_attribute_array │ ├── C_CopyObject_byte │ ├── C_CopyObject_byte_array │ ├── C_CopyObject_date │ ├── C_CopyObject_date_empty │ ├── C_CopyObject_invalid │ ├── C_CopyObject_mechanism_type_array │ ├── C_CopyObject_ulong │ ├── C_CreateObject_attribute_array │ ├── C_CreateObject_byte │ ├── C_CreateObject_byte_array │ ├── C_CreateObject_date │ ├── C_CreateObject_date_empty │ ├── C_CreateObject_invalid │ ├── C_CreateObject_mechanism_type_array │ ├── C_CreateObject_ulong │ ├── C_Decrypt │ ├── C_DecryptDigestUpdate │ ├── C_DecryptFinal │ ├── C_DecryptInit │ ├── C_DecryptUpdate │ ├── C_DecryptVerifyUpdate │ ├── C_DeriveKey │ ├── C_DestroyObject │ ├── C_Digest │ ├── C_DigestEncryptUpdate │ ├── C_DigestFinal │ ├── C_DigestInit │ ├── C_DigestKey │ ├── C_DigestUpdate │ ├── C_Encrypt │ ├── C_EncryptFinal │ ├── C_EncryptInit │ ├── C_EncryptUpdate │ ├── C_Finalize │ ├── C_FindObjects │ ├── C_FindObjectsFinal │ ├── C_FindObjectsInit_attribute_array │ ├── C_FindObjectsInit_byte │ ├── C_FindObjectsInit_byte_array │ ├── C_FindObjectsInit_date │ ├── C_FindObjectsInit_date_empty │ ├── C_FindObjectsInit_invalid │ ├── C_FindObjectsInit_mechanism_type_array │ ├── C_FindObjectsInit_ulong │ ├── C_GenerateKeyPair │ ├── C_GenerateKey_attribute_array │ ├── C_GenerateKey_byte │ ├── C_GenerateKey_byte_array │ ├── C_GenerateKey_date │ ├── C_GenerateKey_date_empty │ ├── C_GenerateKey_invalid │ ├── C_GenerateKey_mechanism_type_array │ ├── C_GenerateKey_ulong │ ├── C_GenerateRandom │ ├── C_GetAttributeValue │ ├── C_GetInfo │ ├── C_GetMechanismInfo │ ├── C_GetMechanismInfo_slot_one_capitalize │ ├── C_GetMechanismInfo_slot_one_prefix │ ├── C_GetMechanismInfo_slot_two_capitalize │ ├── C_GetMechanismInfo_slot_two_prefix │ ├── C_GetMechanismList │ ├── C_GetMechanismList_slot_one_buffer │ ├── C_GetMechanismList_slot_one_length │ ├── C_GetMechanismList_slot_two_buffer │ ├── C_GetMechanismList_slot_two_length │ ├── C_GetObjectSize │ ├── C_GetOperationState │ ├── C_GetSessionInfo │ ├── C_GetSlotInfo_slot_one │ ├── C_GetSlotInfo_slot_two │ ├── C_GetSlotList_all_buffer │ ├── C_GetSlotList_all_length │ ├── C_GetSlotList_token_present_buffer │ ├── C_GetSlotList_token_present_length │ ├── C_GetTokenInfo_slot_one │ ├── C_GetTokenInfo_slot_two │ ├── C_InitPIN │ ├── C_InitToken_slot_one │ ├── C_InitToken_slot_two │ ├── C_Initialize │ ├── C_Login │ ├── C_Logout │ ├── C_OpenSession_slot_one │ ├── C_OpenSession_slot_two │ ├── C_SeedRandom │ ├── C_SetAttributeValue_attribute_array │ ├── C_SetAttributeValue_byte │ ├── C_SetAttributeValue_byte_array │ ├── C_SetAttributeValue_date │ ├── C_SetAttributeValue_date_empty │ ├── C_SetAttributeValue_invalid │ ├── C_SetAttributeValue_mechanism_type_array │ ├── C_SetAttributeValue_ulong │ ├── C_SetOperationState │ ├── C_SetPIN │ ├── C_Sign │ ├── C_SignEncryptUpdate │ ├── C_SignFinal │ ├── C_SignInit │ ├── C_SignRecover │ ├── C_SignRecoverInit │ ├── C_SignUpdate │ ├── C_UnwrapKey │ ├── C_Verify │ ├── C_VerifyFinal │ ├── C_VerifyInit │ ├── C_VerifyRecover │ ├── C_VerifyRecoverInit │ ├── C_VerifyUpdate │ ├── C_WaitForSlotEvent │ └── C_WrapKey ├── rpc_fuzzer.c └── run-afl.sh ├── meson.build ├── meson_options.txt ├── meson_post_install_test.sh ├── p11-kit ├── Makefile.am ├── add-profile.c ├── client-init.c ├── client.c ├── client.h ├── conf.c ├── conf.h ├── delete-object.c ├── delete-profile.c ├── deprecated.h ├── docs.h ├── export-object.c ├── filter.c ├── filter.h ├── fixtures │ ├── package-modules │ │ ├── eleven.module │ │ ├── four-v3.module │ │ ├── four.module │ │ ├── fourteen.module │ │ ├── six.module │ │ ├── thirteen.module │ │ ├── twelve.module │ │ └── win32 │ │ │ ├── four-v3.module │ │ │ ├── four.module │ │ │ ├── six.module │ │ │ └── twelve.module │ ├── system-modules │ │ ├── one.module │ │ ├── seven.module │ │ ├── two-duplicate.module │ │ ├── two.badname │ │ └── win32 │ │ │ ├── one.module │ │ │ ├── seven.module │ │ │ ├── two-duplicate.module │ │ │ └── two.badname │ ├── system-pkcs11.conf │ ├── test-1.conf │ ├── test-pinfile │ ├── test-pinfile-large │ ├── test-system-invalid.conf │ ├── test-system-merge.conf │ ├── test-system-none.conf │ ├── test-system-only.conf │ ├── test-user-invalid.conf │ ├── test-user-only.conf │ ├── test-user.conf │ └── user-modules │ │ ├── one.module │ │ ├── three.module │ │ └── win32 │ │ ├── one.module │ │ └── three.module ├── frob-setuid.c ├── gen-fixed-closures.py ├── gen-pkcs11-gnu.sh ├── gen-wrappers.py ├── generate-keypair.c ├── import-object.c ├── iter.c ├── iter.h ├── libp11-kit-0.dll.def ├── libp11-kit.map ├── list-mechanisms.c ├── list-objects.c ├── list-profiles.c ├── list-tokens.c ├── lists.c ├── log.c ├── log.h ├── meson.build ├── meson_post_install.sh ├── messages.c ├── mock-module-ep.c ├── mock-module-ep10.c ├── mock-module-ep11.c ├── mock-module-ep12.c ├── mock-module-ep2.c ├── mock-module-ep3.c ├── mock-module-ep4.c ├── mock-module-ep5.c ├── mock-module-ep6.c ├── mock-module-ep7.c ├── mock-module-ep8.c ├── mock-module-ep9.c ├── mock-module-v3-ep.c ├── mock-module-v3-ep2.c ├── mock-module-v3-ep4.c ├── modules.c ├── modules.h ├── p11-kit-1.pc.in ├── p11-kit-server.service.in ├── p11-kit-server.socket ├── p11-kit.c ├── p11-kit.h ├── p11-module.map ├── pin.c ├── pin.h ├── pkcs11-gnu.c ├── pkcs11.conf.example.in ├── pkcs11.h ├── print-config.c ├── print-messages.c ├── private.h ├── proxy-init.c ├── proxy.c ├── proxy.h ├── remote.c ├── remote.h ├── rpc-client.c ├── rpc-message.c ├── rpc-message.h ├── rpc-server.c ├── rpc-transport.c ├── rpc.h ├── server.c ├── templates │ ├── base-wrappers.py │ ├── binding-wrappers.py │ ├── fixed-wrappers.py │ ├── proxy-excludes.list │ ├── proxy-wrappers.py │ ├── stack-wrappers.py │ └── virtual-excludes.list ├── test-conf.c ├── test-deprecated.c ├── test-export-public.sh ├── test-filter.c ├── test-generate-keypair.sh ├── test-import-public.sh ├── test-init.c ├── test-iter.c ├── test-list-mechanisms.sh ├── test-list-tokens.sh ├── test-lists.sh ├── test-log.c ├── test-log3.c ├── test-managed.c ├── test-messages.sh ├── test-mock.c ├── test-modules.c ├── test-objects.sh ├── test-pin.c ├── test-profiles.sh ├── test-progname.c ├── test-proxy.c ├── test-proxy3.c ├── test-rpc-message.c ├── test-rpc.c ├── test-server.c ├── test-server.sh ├── test-softhsm2.sh ├── test-transport-base.c ├── test-transport.c ├── test-transport3.c ├── test-uri.c ├── test-util.c ├── test-version.c ├── test-virtual.c ├── tool.c ├── tool.h ├── tty.c ├── tty.h ├── uri.c ├── uri.h ├── util.c ├── version.h.in ├── virtual.c └── virtual.h ├── po ├── LINGUAS ├── Makevars ├── POTFILES.in ├── ar.po ├── as.po ├── ast.po ├── az.po ├── bg.po ├── bn_IN.po ├── boldquot.sed ├── ca.po ├── ca@valencia.po ├── cs.po ├── cy.po ├── da.po ├── de.po ├── el.po ├── en_GB.po ├── eo.po ├── es.po ├── et.po ├── eu.po ├── fa.po ├── fi.po ├── fo.po ├── fr.po ├── fur.po ├── ga.po ├── gl.po ├── gu.po ├── he.po ├── hi.po ├── hr.po ├── hu.po ├── ia.po ├── id.po ├── it.po ├── ja.po ├── ka.po ├── kk.po ├── kn.po ├── ko.po ├── lt.po ├── lv.po ├── meson.build ├── ml.po ├── mr.po ├── ms.po ├── nb.po ├── nl.po ├── nn.po ├── oc.po ├── or.po ├── pa.po ├── pl.po ├── pt.po ├── pt_BR.po ├── quot.sed ├── ro.po ├── ru.po ├── si.po ├── sk.po ├── sl.po ├── sq.po ├── sr.po ├── sr@latin.po ├── sv.po ├── ta.po ├── te.po ├── th.po ├── tr.po ├── uk.po ├── vi.po ├── wa.po ├── zh_CN.po ├── zh_HK.po └── zh_TW.po ├── trust ├── Makefile.am ├── anchor.c ├── anchor.h ├── builder.c ├── builder.h ├── check-format.c ├── check-format.h ├── digest.c ├── digest.h ├── dump.c ├── dump.h ├── enumerate.c ├── enumerate.h ├── extract-cer.c ├── extract-edk2.c ├── extract-jks.c ├── extract-openssl.c ├── extract-pem.c ├── extract.c ├── extract.h ├── fixtures │ ├── cacert-ca.der │ ├── cacert3-distrust-all.pem │ ├── cacert3-distrusted-all.pem │ ├── cacert3-not-trusted.pem │ ├── cacert3-trusted-alias.pem │ ├── cacert3-trusted-keyid.pem │ ├── cacert3-trusted-server-alias.pem │ ├── cacert3-trusted.pem │ ├── cacert3-twice.pem │ ├── cacert3.der │ ├── cacert3.pem │ ├── distrusted.pem │ ├── duplicated.jks │ ├── duplicated1.der │ ├── duplicated2.der │ ├── empty-file │ ├── multiple.edk2 │ ├── multiple.jks │ ├── multiple.pem │ ├── openssl-trust-no-trust.pem │ ├── redhat-ca.der │ ├── self-signed-with-eku.der │ ├── self-signed-with-ku.der │ ├── simple-string │ ├── testing-server.der │ ├── thawte.pem │ ├── unrecognized-file.txt │ ├── verisign-v1.der │ └── verisign-v1.pem ├── frob-bc.c ├── frob-cert.c ├── frob-eku.c ├── frob-ext.c ├── frob-ku.c ├── frob-multi-init.c ├── frob-nss-trust.c ├── frob-oid.c ├── frob-pow.c ├── frob-token.c ├── index.c ├── index.h ├── input │ ├── anchors │ │ ├── cacert3.der │ │ └── testing-ca.der │ ├── blocklist │ │ └── self-server.der │ ├── cacert-ca.der │ ├── distrusted.pem │ ├── extensions.p11-kit │ ├── extensions.pem │ └── verisign-v1.p11-kit ├── list.c ├── list.h ├── meson.build ├── module-init.c ├── module.c ├── module.h ├── p11-kit-trust.module ├── parser.c ├── parser.h ├── save.c ├── save.h ├── session.c ├── session.h ├── test-base64.c ├── test-builder.c ├── test-bundle.c ├── test-cer.c ├── test-digest.c ├── test-edk2.c ├── test-enumerate.c ├── test-extract.sh ├── test-index.c ├── test-jks.c ├── test-module.c ├── test-openssl.c ├── test-parser.c ├── test-pem.c ├── test-persist.c ├── test-save.c ├── test-token.c ├── test-trust.c ├── test-trust.h ├── test-trust.sh ├── test-utf8.c ├── test-x509.c ├── token.c ├── token.h ├── trust-extract-compat ├── trust.c ├── utf8.c ├── utf8.h ├── x509.c └── x509.h └── zsh-completion ├── meson.build ├── p11-kit.zsh └── trust.zsh /.dir-locals.el: -------------------------------------------------------------------------------- 1 | ((c-mode . ((c-file-style . "linux") 2 | (gnome-c-align-arglist . nil))) 3 | (meson-mode . ((indent-tabs-mode . nil))) 4 | (sh-mode . ((sh-basic-offset . 8)))) 5 | -------------------------------------------------------------------------------- /.github/actions/basic-meson/action.yaml: -------------------------------------------------------------------------------- 1 | name: 'Basic build process of p11-kit using meson' 2 | description: 'Set up user and build directories, build, and run tests' 3 | 4 | runs: 5 | using: composite 6 | steps: 7 | - name: Create user 8 | run: $GITHUB_WORKSPACE/build/setup-wrapper.sh 9 | shell: bash 10 | 11 | - name: Setup 12 | run: | 13 | $GITHUB_WORKSPACE/build/run-wrapper.sh meson setup $GITHUB_WORKSPACE/$BUILDDIR -Dstrict=true -Dprefix=$GITHUB_WORKSPACE/$INSTALLDIR -Dlibdir=$GITHUB_WORKSPACE/$INSTALLDIR/lib -Dsysconfdir=$GITHUB_WORKSPACE/$INSTALLDIR/etc -Dtrust_paths=$GITHUB_WORKSPACE/$INSTALLDIR/etc/pki/ca-trust-source:$GITHUB_WORKSPACE/$INSTALLDIR/share/pki/ca-trust-source -Dsystemd=disabled -Dbash_completion=disabled -Dpost_install_test=true $MESON_BUILD_OPTS 14 | shell: bash 15 | 16 | - name: Build (scan-build) 17 | if: ${{ env.SCAN_BUILD != 0 }} 18 | run: $GITHUB_WORKSPACE/build/run-wrapper.sh ninja scan-build -C $GITHUB_WORKSPACE/$BUILDDIR 19 | shell: bash 20 | 21 | - name: Build 22 | if: ${{ env.SCAN_BUILD == 0 }} 23 | run: $GITHUB_WORKSPACE/build/run-wrapper.sh ninja -C $GITHUB_WORKSPACE/$BUILDDIR 24 | shell: bash 25 | 26 | - name: Test 27 | if: ${{ env.SCAN_BUILD == 0 }} 28 | run: | 29 | P11_KIT_DEBUG=all $GITHUB_WORKSPACE/build/run-wrapper.sh meson test -C $GITHUB_WORKSPACE/$BUILDDIR $MESON_TEST_OPTS 30 | ret=$? 31 | test $ret -eq 0 || cat $GITHUB_WORKSPACE/$BUILDDIR/meson-logs/testlog.txt 32 | exit $ret 33 | shell: bash 34 | 35 | - name: Prepare for post-install tests 36 | run: | 37 | # This is necessary for 'trust/test-extract.sh' 38 | mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/etc/pki/ca-trust-source 39 | mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/share/pki/ca-trust-source 40 | mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/libexec/p11-kit 41 | ln -sf /usr/bin/true $GITHUB_WORKSPACE/$INSTALLDIR/libexec/p11-kit/trust-extract-compat 42 | if [ "$RUNNER_OS" = "macOS" ]; then 43 | export DD=gdd 44 | fi 45 | # This is necessary for 'p11-kit/test-softhsm2.sh' 46 | mkdir -p $GITHUB_WORKSPACE/$INSTALLDIR/share/p11-kit/modules 47 | ln -sf /usr/share/p11-kit/modules/softhsm2.module $GITHUB_WORKSPACE/$INSTALLDIR/share/p11-kit/modules || : 48 | shell: bash 49 | 50 | - name: Install 51 | run: ninja -C $GITHUB_WORKSPACE/$BUILDDIR install 52 | shell: bash 53 | -------------------------------------------------------------------------------- /.github/workflows/build-image.yml: -------------------------------------------------------------------------------- 1 | name: Create and publish a Docker image 2 | 3 | on: 4 | workflow_dispatch 5 | 6 | env: 7 | REGISTRY: ghcr.io 8 | IMAGE_NAME: ${{ github.repository }} 9 | 10 | jobs: 11 | build: 12 | 13 | runs-on: ubuntu-latest 14 | 15 | steps: 16 | - name: Checkout repository 17 | uses: actions/checkout@v4 18 | 19 | - name: Log in to the Container registry 20 | uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 21 | with: 22 | registry: ${{ env.REGISTRY }} 23 | username: ${{ github.actor }} 24 | password: ${{ secrets.GITHUB_TOKEN }} 25 | 26 | - name: Extract metadata (tags, labels) for Docker 27 | id: meta 28 | uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 29 | with: 30 | images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} 31 | 32 | - name: Build and push Docker image 33 | uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc 34 | with: 35 | context: . 36 | file: ci/Dockerfile 37 | push: true 38 | tags: ${{ steps.meta.outputs.tags }} 39 | labels: ${{ steps.meta.outputs.labels }} 40 | -------------------------------------------------------------------------------- /.github/workflows/cifuzz.yml: -------------------------------------------------------------------------------- 1 | name: CIFuzz 2 | on: [pull_request] 3 | jobs: 4 | Fuzzing: 5 | runs-on: ubuntu-latest 6 | steps: 7 | - name: Build Fuzzers 8 | id: build 9 | uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master 10 | with: 11 | oss-fuzz-project-name: 'p11-kit' 12 | dry-run: false 13 | language: c 14 | - name: Run Fuzzers 15 | uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master 16 | with: 17 | oss-fuzz-project-name: 'p11-kit' 18 | fuzz-seconds: 300 19 | dry-run: false 20 | language: c 21 | - name: Upload Crash 22 | uses: actions/upload-artifact@v4 23 | if: failure() && steps.build.outcome == 'success' 24 | with: 25 | name: artifacts 26 | path: ./out/artifacts 27 | -------------------------------------------------------------------------------- /.github/workflows/codeql.yml: -------------------------------------------------------------------------------- 1 | name: "CodeQL" 2 | 3 | on: 4 | push: 5 | branches: [ "master" ] 6 | pull_request: 7 | branches: [ "master" ] 8 | schedule: 9 | - cron: "12 13 * * 4" 10 | 11 | jobs: 12 | analyze: 13 | name: Analyze 14 | runs-on: ubuntu-latest 15 | permissions: 16 | actions: read 17 | contents: read 18 | security-events: write 19 | 20 | strategy: 21 | fail-fast: false 22 | matrix: 23 | language: [ cpp ] 24 | 25 | steps: 26 | - name: Checkout 27 | uses: actions/checkout@v4 28 | with: 29 | submodules: true 30 | 31 | - name: Initialize CodeQL 32 | uses: github/codeql-action/init@v3 33 | with: 34 | languages: ${{ matrix.language }} 35 | queries: +security-and-quality 36 | 37 | - name: Install dependencies 38 | run: sudo apt-get install -y meson 39 | 40 | - name: Build 41 | run: | 42 | meson setup -Dstrict=true _build 43 | meson compile -C _build 44 | 45 | - name: Perform CodeQL Analysis 46 | uses: github/codeql-action/analyze@v3 47 | with: 48 | category: "/language:${{ matrix.language }}" 49 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "pkcs11-json"] 2 | path = subprojects/pkcs11-json 3 | url = https://github.com/p11-glue/pkcs11-json.git 4 | -------------------------------------------------------------------------------- /.packit.yaml: -------------------------------------------------------------------------------- 1 | specfile_path: p11-kit.spec 2 | upstream_package_name: p11-kit 3 | downstream_package_name: p11-kit 4 | 5 | # Use only populated spec files and upstream sources. 6 | actions: 7 | post-upstream-clone: 8 | - wget https://src.fedoraproject.org/rpms/p11-kit/raw/rawhide/f/p11-kit.spec 9 | - wget https://src.fedoraproject.org/rpms/p11-kit/raw/rawhide/f/p11-kit-client.service 10 | - wget https://src.fedoraproject.org/rpms/p11-kit/raw/rawhide/f/trust-extract-compat 11 | get-current-version: 12 | - "git describe --abbrev=0" 13 | create-archive: 14 | - "wget https://github.com/p11-glue/p11-kit/releases/download/$PACKIT_PROJECT_VERSION/p11-kit-$PACKIT_PROJECT_VERSION.tar.xz" 15 | - "wget https://github.com/p11-glue/p11-kit/releases/download/$PACKIT_PROJECT_VERSION/p11-kit-$PACKIT_PROJECT_VERSION.tar.xz.sig" 16 | 17 | jobs: 18 | - job: propose_downstream 19 | trigger: release 20 | metadata: 21 | dist_git_branches: fedora-all 22 | -------------------------------------------------------------------------------- /AUTHORS: -------------------------------------------------------------------------------- 1 | Stef Walter 2 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # p11-kit -- Information about our contribution rules and coding style 2 | 3 | # Test suite 4 | 5 | New functionality should be accompanied by a test case which verifies 6 | the correctness of p11-kit's operation on successful use of the new 7 | functionality, as well as on failure cases. The p11-kit test suite is 8 | run on "ninja test" if you use meson for building, or on "make check" 9 | if you use autotools. 10 | 11 | Bug fixes should also come with a test case that exercises the code 12 | path that previously failed to operate. This prevents future 13 | regressions. 14 | 15 | # Coding style 16 | 17 | In general, use [the Linux kernel coding 18 | style](https://www.kernel.org/doc/html/latest/process/coding-style.html), 19 | except that we put a space between function name and open parenthesis. 20 | 21 | # API documentation 22 | 23 | Use [gtk-doc](https://www.gtk.org/gtk-doc/) for API documentation. 24 | 25 | # Library symbol versioning 26 | 27 | We use [the libtool versioning scheme](https://www.gnu.org/software/libtool/manual/html_node/Versioning.html#Versioning) to ensure ABI compatibility. If you add a new API function, update [libp11-kit.map](https://github.com/p11-glue/p11-kit/blob/master/p11-kit/libp11-kit.map) and [libp11-kit-*.dll.def](https://github.com/p11-glue/p11-kit/blob/master/p11-kit/libp11-kit-0.dll.def) accordingly. 28 | 29 | # Resources: 30 | 31 | * [Documentation on developing p11-kit](https://p11-glue.github.io/p11-glue/p11-kit/manual/devel.html) 32 | * [Code available at](https://github.com/p11-glue/p11-kit) 33 | * [General Website](https://p11-glue.github.io/p11-glue/p11-kit.html) 34 | * [Mailing list](https://lists.freedesktop.org/mailman/listinfo/p11-glue) 35 | * [Report bugs](https://github.com/p11-glue/p11-kit/issues) 36 | -------------------------------------------------------------------------------- /COPYING: -------------------------------------------------------------------------------- 1 | Redistribution and use in source and binary forms, with or without 2 | modification, are permitted provided that the following conditions 3 | are met: 4 | 5 | * Redistributions of source code must retain the above 6 | copyright notice, this list of conditions and the 7 | following disclaimer. 8 | * Redistributions in binary form must reproduce the 9 | above copyright notice, this list of conditions and 10 | the following disclaimer in the documentation and/or 11 | other materials provided with the distribution. 12 | * The names of contributors to this software may not be 13 | used to endorse or promote products derived from this 14 | software without specific prior written permission. 15 | 16 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 17 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 18 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 19 | FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 20 | COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 21 | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 22 | BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 23 | OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 24 | AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 25 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 26 | THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 27 | DAMAGE. -------------------------------------------------------------------------------- /ChangeLog: -------------------------------------------------------------------------------- 1 | === ChangeLog is autogenerated === 2 | 3 | This project relies on commit messages to provide change history. Please 4 | write commit messages in the following format: 5 | 6 | === begin example commit === 7 | 8 | Short explanation of the commit 9 | 10 | Longer explanation explaining exactly what's changed, whether any 11 | external or private interfaces changed, what bugs were fixed (with bug 12 | tracker reference if applicable) and so forth. Be concise but not too 13 | brief. 14 | 15 | === end example commit === 16 | 17 | - Always add a brief description of the commit to the _first_ line of 18 | the commit and terminate by two newlines. This may be the title of 19 | a fixed bug, copied from Bugzilla. 20 | 21 | - First line (the brief description) must only be one sentence and 22 | should start with a capital letter unless it starts with a 23 | lowercase symbol or identifier. Don't use a trailing full stop, 24 | and don't exceed 72 characters. 25 | 26 | - The main description (the body) is normal prose and should use 27 | normal punctuation and capital letters where appropriate. 28 | 29 | - When committing code on behalf of others use the --author option, 30 | e.g. git commit -a --author "Joe Coder " and 31 | --signoff. 32 | -------------------------------------------------------------------------------- /README: -------------------------------------------------------------------------------- 1 | README.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # p11-kit 2 | [![test](https://github.com/p11-glue/p11-kit/actions/workflows/test.yaml/badge.svg?branch=master)](https://github.com/p11-glue/p11-kit/actions/workflows/test.yaml) [![Coverage Status](https://img.shields.io/coveralls/p11-glue/p11-kit.svg)](https://coveralls.io/r/p11-glue/p11-kit) [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/1627/badge)](https://bestpractices.coreinfrastructure.org/en/projects/1627) 3 | 4 | p11-kit aims to solve problems with coordinating the use of [PKCS #11] 5 | by different components or libraries living in the same process, by 6 | providing a way to load and enumerate PKCS #11 modules, as well as a 7 | standard configuration setup for installing PKCS #11 modules in such a 8 | way that they're discoverable. 9 | 10 | # Documentation 11 | 12 | * [Main site](https://p11-glue.github.io/p11-glue/p11-kit.html) 13 | * [Manual](https://p11-glue.github.io/p11-glue/p11-kit/manual/) 14 | 15 | # Building 16 | 17 | To build and install p11-kit, you can use the following commands: 18 | 19 | ```console 20 | $ meson setup _build 21 | $ meson compile -C _build 22 | $ meson test -C _build 23 | # meson install -C _build 24 | ``` 25 | 26 | If you install it locally for testing purposes, you may want to 27 | specify `-Dsystemd=disabled -Dbash_completion=disabled` at the 28 | invocation of `meson _build`, to avoid installing files to the 29 | system locations. 30 | 31 | # Releases 32 | 33 | Releases are made available via the [primary github site](https://github.com/p11-glue/p11-kit/releases). They are signed with OpenPGP key of one of the maintainers: [Daiki Ueno](https://keys.openpgp.org/search?q=462225C3B46F34879FC8496CD605848ED7E69871), [Zoltan Fridrich](https://keys.openpgp.org/search?q=5D46CB0F763405A7053556F47A75A648B3F9220C). 34 | 35 | [PKCS #11]: https://en.wikipedia.org/wiki/PKCS_11 36 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | # Reporting security issues 2 | 3 | If you find an issue that could potentially impact security, report it 4 | to [the current maintainer](mailto:ueno@gnu.org]) by email, encrypted 5 | with [the corresponding OpenPGP key](https://keys.openpgp.org/search?q=462225C3B46F34879FC8496CD605848ED7E69871). 6 | -------------------------------------------------------------------------------- /autogen.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | set -e 4 | 5 | oldpwd=`pwd` 6 | topdir=`dirname $0` 7 | cd $topdir 8 | 9 | # Some boiler plate to get git setup as expected 10 | if test -d .git; then 11 | if test -f .git/hooks/pre-commit.sample && \ 12 | test ! -f .git/hooks/pre-commit; then 13 | cp -p .git/hooks/pre-commit.sample .git/hooks/pre-commit 14 | fi 15 | fi 16 | 17 | set -x 18 | 19 | autoreconf --force --install --verbose 20 | if test x"$NOCONFIGURE" = x; then 21 | cd $oldpwd 22 | exec $topdir/configure "$@" 23 | fi 24 | 25 | -------------------------------------------------------------------------------- /automaint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -e 4 | 5 | NOCONFIGURE=1 ./autogen.sh 6 | 7 | ARGS="--enable-strict --enable-debug" 8 | CROSS="x86_64-w64-mingw32" 9 | 10 | configure() 11 | ( 12 | build=$1 13 | shift 14 | 15 | pwd=$(pwd) 16 | mkdir -p $build 17 | cd $build 18 | echo "Configuring for: $build" >&2 19 | echo $pwd/configure "$@" >&2 20 | $pwd/configure "$@" 21 | ) 22 | 23 | # Configure the local build. To control which arguments are used create a 24 | # CONFIG_SITE script as directed in the autoconf documentation: 25 | # http://www.gnu.org/software/autoconf/manual/autoconf.html#Site-Defaults 26 | configure ./build --prefix=/usr --enable-doc --enable-coverage $ARGS "$@" 27 | 28 | # Configure the cross builds 29 | for cross in $CROSS; do 30 | configure ./$cross --prefix=/opt/$cross --host=$cross $ARGS "$@" 31 | done 32 | 33 | # B 34 | 35 | ( 36 | echo "CROSS = $CROSS" 37 | 38 | for target in all check clean distclean; do 39 | echo "$target:" 40 | echo ' $(MAKE) -C ./build' $target 41 | echo ' @for dir in $(CROSS); do \' 42 | echo ' $(MAKE) -C ./$$dir' $target '; \' 43 | echo ' done' 44 | done 45 | 46 | for target in distcheck memcheck leakcheck hellcheck install upload-coverage \ 47 | coverage upload-doc upload-release transifex; do 48 | echo "$target:" 49 | echo ' $(MAKE) -C ./build' $target 50 | done 51 | 52 | ) > ./makefile 53 | -------------------------------------------------------------------------------- /bash-completion/meson.build: -------------------------------------------------------------------------------- 1 | bashcompdir = get_option('bashcompdir') 2 | if bashcompdir == '' 3 | bashcomp = dependency('bash-completion', required: get_option('bash_completion')) 4 | if bashcomp.found() 5 | bashcompdir = bashcomp.get_variable(pkgconfig : 'completionsdir') 6 | else 7 | warning('Will not install bash completion due to missing dependencies!') 8 | endif 9 | endif 10 | if bashcompdir != '' 11 | install_data('p11-kit', install_dir: bashcompdir) 12 | if with_trust_module 13 | install_data('trust', install_dir: bashcompdir) 14 | endif 15 | endif 16 | -------------------------------------------------------------------------------- /bash-completion/p11-kit: -------------------------------------------------------------------------------- 1 | # p11-kit(8) completion -*- shell-script -*- 2 | 3 | _p11-kit() 4 | { 5 | local cur prev words cword 6 | _init_completion || return 7 | 8 | if [[ $cur == -* ]]; then 9 | local opts="--help --verbose -q --quiet" 10 | COMPREPLY=( $(compgen -W "$opts" -- "$cur") ) 11 | return 12 | elif [[ $cword -eq 1 ]]; then 13 | local commands='list-mechanisms generate-keypair import-object export-object delete-object list-objects add-profile delete-profile list-profiles list-modules list-tokens print-config extract server remote' 14 | COMPREPLY=( $(compgen -W "$commands" -- "$cur") ) 15 | fi 16 | } && 17 | complete -F _p11-kit p11-kit 18 | 19 | # ex: filetype=sh 20 | -------------------------------------------------------------------------------- /bash-completion/trust: -------------------------------------------------------------------------------- 1 | # trust(1) completion -*- shell-script -*- 2 | 3 | _trust() 4 | { 5 | local cur prev words cword 6 | _init_completion || return 7 | 8 | local commands command 9 | 10 | commands='list extract extract-compat anchor dump check-format' 11 | 12 | if [[ $cword -eq 1 ]]; then 13 | COMPREPLY=( $(compgen -W "$commands" -- "$cur") ) 14 | else 15 | command=${words[1]} 16 | case $prev in 17 | --filter) 18 | list="" 19 | case $command in 20 | extract|list) 21 | list="ca-anchors trust-policy blocklist certificates pkcs11:" 22 | ;; 23 | dump) 24 | list="all pkcs11:" 25 | ;; 26 | esac 27 | COMPREPLY=( $(compgen -W "$list" -- "$cur") ) 28 | return 29 | ;; 30 | --purpose) 31 | COMPREPLY=( $(compgen -W "server-auth client-auth email code-signing" -- "$cur") ) 32 | return 33 | ;; 34 | --format) 35 | options='x509-file x509-directory pem-bundle pem-directory 36 | pem-directory-hash openssl-bundle openssl-directory 37 | java-cacarts' 38 | COMPREPLY=( $(compgen -W "$options" -- "$cur") ) 39 | return 40 | ;; 41 | esac 42 | 43 | if [[ "$cur" == -* ]]; then 44 | # possible options for the command 45 | case $command in 46 | list) 47 | options='--filter --purpose' 48 | ;; 49 | extract) 50 | options='--comment --filter --format --overwrite --purpose' 51 | ;; 52 | anchor) 53 | options='--remove --store' 54 | ;; 55 | dump) 56 | options='--filter' 57 | ;; 58 | esac 59 | COMPREPLY=( $(compgen -W "$options --verbose --help --quiet" -- "$cur") ) 60 | else 61 | _filedir 62 | fi 63 | fi 64 | } && 65 | complete -F _trust trust 66 | 67 | # ex: filetype=sh 68 | -------------------------------------------------------------------------------- /build/certs/cacert-ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/cacert-ca.der -------------------------------------------------------------------------------- /build/certs/cacert3.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/cacert3.der -------------------------------------------------------------------------------- /build/certs/distant-end-date.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/distant-end-date.der -------------------------------------------------------------------------------- /build/certs/entrust-invalid.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/entrust-invalid.der -------------------------------------------------------------------------------- /build/certs/redhat-newca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/redhat-newca.der -------------------------------------------------------------------------------- /build/certs/self-server.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/self-server.der -------------------------------------------------------------------------------- /build/certs/self-signed-with-eku.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/self-signed-with-eku.der -------------------------------------------------------------------------------- /build/certs/self-signed-with-ku.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/self-signed-with-ku.der -------------------------------------------------------------------------------- /build/certs/testing-ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/testing-ca.der -------------------------------------------------------------------------------- /build/certs/testing-server.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/testing-server.der -------------------------------------------------------------------------------- /build/certs/verisign-v1.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/build/certs/verisign-v1.der -------------------------------------------------------------------------------- /build/certs/with-eku.conf: -------------------------------------------------------------------------------- 1 | # 2 | # Use with the following command 3 | # $ openssl req -new -x509 -outform DER -out self-signed-with-ku.pem \ 4 | # -newkey rsa -keyout self-signed-with-ku.key -nodes \ 5 | # -config with-ku.conf -set_serial 888 -extensions v3_ca 6 | # 7 | 8 | [ req ] 9 | default_bits = 1024 10 | distinguished_name = req_distinguished_name 11 | x509_extensions = v3_ca 12 | dirstring_type = nobmp 13 | 14 | [ req_distinguished_name ] 15 | commonName = Common Name 16 | commonName_max = 64 17 | 18 | [ v3_ca ] 19 | keyUsage=keyCertSign,digitalSignature -------------------------------------------------------------------------------- /build/certs/with-ku.conf: -------------------------------------------------------------------------------- 1 | # 2 | # Use with the following command 3 | # $ openssl req -new -x509 -outform DER -out self-signed-with-eku.pem \ 4 | # -newkey rsa -keyout self-signed-with-eku.key -nodes \ 5 | # -config with-eku.conf -set_serial 888 -extensions v3_ca 6 | # 7 | 8 | [ req ] 9 | default_bits = 1024 10 | distinguished_name = req_distinguished_name 11 | x509_extensions = v3_ca 12 | dirstring_type = nobmp 13 | 14 | [ req_distinguished_name ] 15 | commonName = Common Name 16 | commonName_max = 64 17 | 18 | [ v3_ca ] 19 | extendedKeyUsage=clientAuth,emailProtection,1.2.3.4 -------------------------------------------------------------------------------- /build/cross_file_mingw64.txt: -------------------------------------------------------------------------------- 1 | [host_machine] 2 | system = 'windows' 3 | cpu_family = 'x86_64' 4 | cpu = 'x86_64' 5 | endian = 'little' 6 | 7 | [built-in options] 8 | c_args = ['-fstack-protector'] 9 | c_link_args = ['-fstack-protector'] 10 | 11 | [binaries] 12 | c = 'x86_64-w64-mingw32-gcc' 13 | cpp = 'x86_64-w64-mingw32-g++' 14 | ar = 'x86_64-w64-mingw32-ar' 15 | strip = 'x86_64-w64-mingw32-strip' 16 | pkgconfig = 'x86_64-w64-mingw32-pkg-config' 17 | windres = 'x86_64-w64-mingw32-windres' 18 | exe_wrapper = 'wine' 19 | -------------------------------------------------------------------------------- /build/litter/.empty: -------------------------------------------------------------------------------- 1 | Stub file to track in git 2 | -------------------------------------------------------------------------------- /build/lsan.supp: -------------------------------------------------------------------------------- 1 | leak:bash 2 | leak:bfd 3 | leak:gcc 4 | -------------------------------------------------------------------------------- /build/m4/.empty: -------------------------------------------------------------------------------- 1 | Stub file to track in git 2 | -------------------------------------------------------------------------------- /build/m4/ld-version-script.m4: -------------------------------------------------------------------------------- 1 | # ld-version-script.m4 serial 4 2 | dnl Copyright (C) 2008-2018 Free Software Foundation, Inc. 3 | dnl This file is free software; the Free Software Foundation 4 | dnl gives unlimited permission to copy and/or distribute it, 5 | dnl with or without modifications, as long as this notice is preserved. 6 | 7 | dnl From Simon Josefsson 8 | 9 | # FIXME: The test below returns a false positive for mingw 10 | # cross-compiles, 'local:' statements does not reduce number of 11 | # exported symbols in a DLL. Use --disable-ld-version-script to work 12 | # around the problem. 13 | 14 | # gl_LD_VERSION_SCRIPT 15 | # -------------------- 16 | # Check if LD supports linker scripts, and define automake conditional 17 | # HAVE_LD_VERSION_SCRIPT if so. 18 | AC_DEFUN([gl_LD_VERSION_SCRIPT], 19 | [ 20 | AC_ARG_ENABLE([ld-version-script], 21 | [AS_HELP_STRING([--enable-ld-version-script], 22 | [enable linker version script (default is enabled when possible)])], 23 | [have_ld_version_script=$enableval], 24 | [AC_CACHE_CHECK([if LD -Wl,--version-script works], 25 | [gl_cv_sys_ld_version_script], 26 | [gl_cv_sys_ld_version_script=no 27 | save_LDFLAGS=$LDFLAGS 28 | LDFLAGS="$LDFLAGS -Wl,--version-script=conftest.map" 29 | echo foo >conftest.map 30 | AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], 31 | [], 32 | [cat > conftest.map <&2 12 | exit 1 13 | ;; 14 | esac 15 | else 16 | exec "$@" 17 | fi 18 | -------------------------------------------------------------------------------- /build/setup-wrapper.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -ex 4 | 5 | mkdir "$GITHUB_WORKSPACE/$BUILDDIR" 6 | mkdir "$GITHUB_WORKSPACE/$INSTALLDIR" 7 | mkdir -p "$GITHUB_WORKSPACE/$INSTALLDIR/etc/pki/ca-trust-source" 8 | mkdir -p "$GITHUB_WORKSPACE/$INSTALLDIR/share/pki/ca-trust-source" 9 | 10 | if test $(id -u) -eq 0; then 11 | case "$RUNNER_OS" in 12 | Linux) 13 | useradd -m "$RUNUSER" 14 | chown -R "$RUNUSER" "$GITHUB_WORKSPACE/$BUILDDIR" 15 | # This is necessary to put p11-kit.pot in $(srcdir) 16 | chown -R "$RUNUSER" "$GITHUB_WORKSPACE/po" 17 | ;; 18 | *) 19 | echo "Unsupported OS: $RUNNER_OS" 1>&2 20 | exit 1 21 | ;; 22 | esac 23 | fi 24 | -------------------------------------------------------------------------------- /build/tx-update: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -euf 4 | 5 | TX_PROJECT="p11-kit" 6 | TX_HOST="https://www.transifex.com" 7 | TX_RESOURCE="$TX_PROJECT.master" 8 | 9 | fail() 10 | { 11 | echo "tx-update: $@" >&2 12 | exit 2 13 | } 14 | 15 | tx_langs() 16 | ( 17 | cd .tx/$TX_RESOURCE 18 | ls | sed 's/_translation//' 19 | ) 20 | 21 | lingua_langs() 22 | { 23 | cat po/LINGUAS | while read lang extra; do 24 | case $lang in \ 25 | \#*) ;; 26 | en) ;; 27 | *) echo -n "$lang " 28 | esac 29 | done 30 | } 31 | 32 | if [ ! -d po ]; then 33 | fail "run this script in the top level project directory" 34 | fi 35 | 36 | if [ ! -d .tx ]; then 37 | tx init --host=$TX_HOST 38 | tx set --source -r $TX_RESOURCE -l en po/$TX_PROJECT.pot 39 | fi 40 | 41 | # Push source to server 42 | tx push -s 43 | 44 | # Pull from the server 45 | tx pull -a 46 | 47 | pull_again="no" 48 | 49 | # Update LINGUAS 50 | for lang in $(tx_langs); do 51 | if ! grep -qw $lang po/LINGUAS; then 52 | echo $lang >> po/LINGUAS 53 | pull_again="yes" 54 | fi 55 | done 56 | 57 | # Setup associations 58 | for lang in $(lingua_langs); do 59 | tx set -r $TX_RESOURCE -l $lang po/$lang.po 60 | pull_again="yes" 61 | done 62 | 63 | # Pull and get all translations 64 | if [ "$pull_again" = "yes" ]; then 65 | tx pull 66 | fi 67 | -------------------------------------------------------------------------------- /build/wine-wrapper.sh: -------------------------------------------------------------------------------- 1 | #/bin/sh 2 | 3 | : ${WINE=wine} 4 | export WINE 5 | 6 | case "$1" in 7 | *.sh) 8 | exec $1 9 | ;; 10 | *) 11 | ${WINE} $1 | tr -d '\r' 12 | ;; 13 | esac 14 | -------------------------------------------------------------------------------- /ci/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM fedora:38 2 | 3 | MAINTAINER Daiki Ueno 4 | 5 | RUN dnf -y update 6 | RUN dnf -y install 'dnf-command(builddep)' 7 | RUN dnf -y builddep 'p11-kit' 8 | RUN dnf install -y gettext-devel git libtool make opensc openssl valgrind meson ninja-build bash-completion lcov python-pip libasan libubsan clang-analyzer mingw64-gcc mingw64-libffi mingw64-libtasn1 wine cppcheck gnutls-utils p11-kit-devel softhsm 9 | RUN dnf clean all 10 | -------------------------------------------------------------------------------- /common/argv.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2012 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #ifndef P11_ARGV_H_ 36 | #define P11_ARGV_H_ 37 | 38 | #include "compat.h" 39 | 40 | bool p11_argv_parse (const char *string, 41 | void (*sink) (char *, void *), 42 | void *argument); 43 | 44 | #endif /* P11_ARGV_H_ */ 45 | -------------------------------------------------------------------------------- /common/basic.asn: -------------------------------------------------------------------------------- 1 | 2 | BASIC { } 3 | 4 | DEFINITIONS EXPLICIT TAGS ::= 5 | 6 | BEGIN 7 | 8 | Any ::= ANY 9 | 10 | ObjectIdentifier ::= OBJECT IDENTIFIER 11 | 12 | END -------------------------------------------------------------------------------- /common/frob-getauxval.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | #include "compat.h" 37 | 38 | #include 39 | #include 40 | #include 41 | #include 42 | 43 | int 44 | main (int argc, 45 | char *argv[]) 46 | { 47 | unsigned long type = 0; 48 | unsigned long ret; 49 | 50 | if (argc == 2) 51 | type = atoi (argv[1]); 52 | 53 | if (type == 0) { 54 | fprintf (stderr, "usage: frob-getauxval 23"); 55 | abort (); 56 | } 57 | 58 | ret = _p11_getauxval (type); 59 | printf ("getauxval(%lu) == %lu\n", type, ret); 60 | return (int)ret; 61 | } 62 | -------------------------------------------------------------------------------- /common/frob-getenv.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | #include "compat.h" 37 | 38 | #include 39 | #include 40 | #include 41 | #include 42 | 43 | int 44 | main (int argc, 45 | char *argv[]) 46 | { 47 | int ret; 48 | const char *val; 49 | 50 | fprintf (stderr, "calling secure_getenv(%s) getenv(%s) = %s\n", argv[1], argv[1], getenv(argv[1])); 51 | val = secure_getenv (argv[1]); 52 | if (val == NULL) { 53 | printf ("%s=NULL\n", argv[1]); 54 | return 0; 55 | } 56 | 57 | ret = atoi (val); 58 | if (ret == 0) { 59 | fprintf (stderr, "usage: frob-getenv VAR"); 60 | abort (); 61 | } 62 | 63 | printf ("%s=%d\n", argv[1], ret); 64 | return ret; 65 | } 66 | -------------------------------------------------------------------------------- /common/hash.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2012 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #ifndef P11_HASH_H_ 36 | #define P11_HASH_H_ 37 | 38 | #include "compat.h" 39 | 40 | #define P11_HASH_MURMUR3_LEN 4 41 | 42 | void p11_hash_murmur3 (void *hash, 43 | const void *input, 44 | size_t length, 45 | ...) GNUC_NULL_TERMINATED; 46 | 47 | #endif /* P11_HASH_H_ */ 48 | -------------------------------------------------------------------------------- /common/hex.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011, Collabora Ltd. 3 | * Copyright (c) 2023 Red Hat Inc. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 9 | * * Redistributions of source code must retain the above 10 | * copyright notice, this list of conditions and the 11 | * following disclaimer. 12 | * * Redistributions in binary form must reproduce the 13 | * above copyright notice, this list of conditions and 14 | * the following disclaimer in the documentation and/or 15 | * other materials provided with the distribution. 16 | * * The names of contributors to this software may not be 17 | * used to endorse or promote products derived from this 18 | * software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 24 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 31 | * DAMAGE. 32 | * 33 | * Author: Stef Walter , Daiki Ueno 34 | */ 35 | 36 | #ifndef P11_HEX_H 37 | #define P11_HEX_H 38 | 39 | #include 40 | 41 | char * 42 | hex_encode (const unsigned char *data, 43 | size_t n_data); 44 | 45 | unsigned char * 46 | hex_decode (const char *hex, 47 | size_t *bin_len); 48 | 49 | #endif /* P11_HEX_H */ 50 | -------------------------------------------------------------------------------- /common/openssl.asn: -------------------------------------------------------------------------------- 1 | 2 | OPENSSL { } 3 | 4 | DEFINITIONS IMPLICIT TAGS ::= 5 | 6 | BEGIN 7 | 8 | -- This module contains structures specific to OpenSSL 9 | 10 | CertAux ::= SEQUENCE { 11 | trust SEQUENCE OF OBJECT IDENTIFIER OPTIONAL, 12 | reject [0] SEQUENCE OF OBJECT IDENTIFIER OPTIONAL, 13 | alias UTF8String OPTIONAL, 14 | keyid OCTET STRING OPTIONAL, 15 | other [1] SEQUENCE OF AlgorithmIdentifier OPTIONAL 16 | } 17 | 18 | -- Dependencies brought in from other modules 19 | 20 | AlgorithmIdentifier ::= SEQUENCE { 21 | algorithm OBJECT IDENTIFIER, 22 | parameters ANY DEFINED BY algorithm OPTIONAL 23 | } 24 | 25 | END 26 | -------------------------------------------------------------------------------- /common/pem.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2012 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #ifndef P11_PEM_H_ 36 | #define P11_PEM_H_ 37 | 38 | #include "buffer.h" 39 | #include "compat.h" 40 | 41 | #include 42 | 43 | typedef void (*p11_pem_sink) (const char *type, 44 | const unsigned char *contents, 45 | size_t length, 46 | void *user_data); 47 | 48 | unsigned int p11_pem_parse (const char *input, 49 | size_t length, 50 | p11_pem_sink sink, 51 | void *user_data); 52 | 53 | bool p11_pem_write (const unsigned char *contents, 54 | size_t length, 55 | const char *type, 56 | p11_buffer *buf); 57 | 58 | #endif /* P11_PEM_H_ */ 59 | -------------------------------------------------------------------------------- /common/runtime.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2018 Red Hat Inc 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Daiki Ueno 33 | */ 34 | 35 | #ifndef __RUNTIME_H__ 36 | #define __RUNTIME_H__ 37 | 38 | #include "pkcs11.h" 39 | 40 | CK_RV p11_get_runtime_directory (char **directoryp); 41 | 42 | #endif /* __RUNTIME_H__ */ 43 | -------------------------------------------------------------------------------- /common/test-init.sh.in: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -euf 4 | 5 | # ----------------------------------------------------------------------------- 6 | # Basic fundamentals 7 | 8 | prefix=@prefix@ 9 | exec_prefix=@exec_prefix@ 10 | datarootdir=@datarootdir@ 11 | datadir=@datadir@ 12 | sysconfdir=@sysconfdir@ 13 | libdir=@libdir@ 14 | libexecdir=@libexecdir@ 15 | privatedir=@privatedir@ 16 | with_trust_paths=@with_trust_paths@ 17 | script=$(basename $0) 18 | 19 | # ----------------------------------------------------------------------------- 20 | # Testing 21 | 22 | warning() 23 | { 24 | echo "$script: $@" >&2 25 | } 26 | 27 | assert_fail() 28 | { 29 | warning $@ 30 | exit 1 31 | } 32 | 33 | assert_contains() 34 | { 35 | if ! grep -qF "$2" "$1"; then 36 | assert_fail "$1 does not contain $2" 37 | fi 38 | } 39 | 40 | assert_not_contains() 41 | { 42 | if grep -qF "$2" "$1"; then 43 | assert_fail "$1 contains $2" 44 | fi 45 | } 46 | 47 | teardown() 48 | { 49 | : 50 | } 51 | 52 | teardown_dirty() 53 | { 54 | echo "not ok $TEST_NUMBER $TEST_NAME" 55 | teardown 56 | } 57 | 58 | skip() 59 | { 60 | TEST_SKIP=yes 61 | echo "ok $TEST_NUMBER # skip $TEST_NAME: $@" 62 | } 63 | 64 | setup() 65 | { 66 | : 67 | } 68 | 69 | run() 70 | { 71 | TOTAL=0 72 | for TEST_NAME in $@; do 73 | TOTAL=$(expr $TOTAL + 1) 74 | done 75 | 76 | echo "1..$TOTAL" 77 | 78 | TEST_NUMBER=0 79 | for TEST_NAME in $@; do 80 | TEST_NUMBER=$(expr $TEST_NUMBER + 1) 81 | ( 82 | trap teardown_dirty EXIT 83 | trap "teardown_dirty; exit 127" INT TERM 84 | TD="" 85 | 86 | PATH="$exec_prefix/bin:$PATH" 87 | export PATH 88 | 89 | PKG_CONFIG_PATH="$libdir/pkgconfig:$datadir/pkgconfig" 90 | export PKG_CONFIG_PATH 91 | 92 | TEST_SKIP=no 93 | setup 94 | 95 | if [ $TEST_SKIP != "yes" ]; then 96 | $TEST_NAME 97 | fi 98 | if [ $TEST_SKIP != "yes" ]; then 99 | echo "ok $TEST_NUMBER $TEST_NAME" 100 | fi 101 | 102 | trap - EXIT 103 | teardown 104 | ) 105 | done 106 | } 107 | -------------------------------------------------------------------------------- /common/types.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #ifndef TYPES_H_ 36 | #define TYPES_H_ 1 37 | 38 | #include "pkcs11x.h" 39 | 40 | /* 41 | * A boolean value which denotes whether we auto generated 42 | * this object, as opposed to coming from outside the builder. 43 | * 44 | * We set this on all objects. It will always be either CK_TRUE 45 | * or CK_FALSE for all objects built by this builder. 46 | */ 47 | #define CKA_X_GENERATED (CKA_X_VENDOR + 8000) 48 | 49 | /* 50 | * A string pointing to the filename from which this was loaded. 51 | */ 52 | #define CKA_X_ORIGIN (CKA_X_VENDOR + 8001) 53 | 54 | #endif /* TYPES_H_ */ 55 | -------------------------------------------------------------------------------- /common/unix-peer.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2014 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Nikos Mavrogiannopoulos 33 | */ 34 | 35 | #ifndef P11_UNIX_PEER_H_ 36 | #define P11_UNIX_PEER_H_ 37 | 38 | #include 39 | 40 | int p11_get_upeer_id (int cfd, uid_t *uid, uid_t *gid, pid_t *pid); 41 | 42 | #endif /* P11_UNIX_PEER_H_ */ 43 | -------------------------------------------------------------------------------- /common/vsock.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright © 2020 Amazon.com, Inc. or its affiliates. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: David Woodhouse 33 | */ 34 | 35 | #ifndef P11_VSOCK_H 36 | #define P11_VSOCK_H 37 | 38 | #include "compat.h" 39 | 40 | bool p11_vsock_parse_addr (const char *target, 41 | unsigned int *cid, 42 | unsigned int *port); 43 | 44 | bool p11_vsock_get_local_cid (unsigned int *cid); 45 | 46 | #endif /* P11_VSOCK_H */ 47 | -------------------------------------------------------------------------------- /doc/Makefile.am: -------------------------------------------------------------------------------- 1 | 2 | SUBDIRS = manual 3 | 4 | memcheck: 5 | 6 | leakcheck: 7 | -------------------------------------------------------------------------------- /doc/internal/persist-format.txt: -------------------------------------------------------------------------------- 1 | These are some notes about the p11-kit persistence format 2 | 3 | The format is designed to be somewhat human readable and debuggable, and a bit 4 | transparent but it is also not encouraged to read/write this format from other 5 | applications or tools without first discussing this at the the mailing list: 6 | 7 | p11-glue@lists.freedesktop.org 8 | 9 | The format of the file reflects the PKCS#11 attributes exposed by p11-kit. The 10 | attributes have a one to one mapping with PKCS#11 attributes of similar names. 11 | No assumptions should be made that an attribute does what you think it does 12 | from the label. 13 | 14 | Each object in the file starts with the header '[p11-kit-object-v1]'. After that 15 | point there are names and valeus separated by colons. Whitespace surrounding 16 | the names and values is ignored. 17 | 18 | Boolean values are 'true' and 'false'. Unsigned long attributes are plain 19 | numbers. String/binary attributes are surrounded with quotes and percent 20 | encoded. Object id attributes are in their dotted form. Various PKCS#11 21 | constants are available. 22 | 23 | PEM blocks can be present within an object, and these contribute certain 24 | PKCS#11 attributes to the object. The attributes that come from PEM blocks 25 | never override those explicitly specified. 26 | 27 | A 'CERTIFICATE' type PEM block contributes the 'value', 'class', 28 | 'certificate-type', 'subject', 'issuer' 'start-date', 'end-date', 'id', 29 | 'certificate-category', 'check-value', 'serial-number', 'public-key-info' 30 | attributes with appropriate values. 31 | 32 | A 'PUBLIC KEY' type PEM block contributes the 'public-key-info' attribute 33 | with an appropriate value. 34 | 35 | Comments starting with a '#' and blank lines are ignored. 36 | 37 | Only rudimentary checks are done to make sure that the resulting attributes 38 | make sense. This may change in the future, and invalid files will be 39 | unceremoniously rejected. So again use the mailing list if there's a need 40 | to be writing these files at this point: 41 | 42 | p11-glue@lists.freedesktop.org 43 | 44 | Example file: 45 | 46 | [p11-kit-object-v1] 47 | class = certificate 48 | modifiable = true 49 | java-midp-security-domain = 0 50 | label = "My special label" 51 | id = "%01%02%03go" 52 | 53 | -----BEGIN CERTIFICATE----- 54 | MIIEXDCCA0SgAwIBAgIEOGO5ZjANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML 55 | ................................................................ 56 | B/L/CNDi3tm/Kq+4h4YhPATKt5Rof8886ZjXOP/swNlQ8C5LWK5Gb9Auw2DaclVy 57 | vUxFnmG6v4SBkgPR0ml8xQ== 58 | -----END CERTIFICATE----- 59 | x-distrusted = true 60 | -------------------------------------------------------------------------------- /doc/manual/annotation-glossary.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | ]> 6 | 7 | 8 | Annotation Glossary 9 | A 10 | 11 | allow-none 12 | 13 | NULL is ok, both for passing and for returning. 14 | 15 | 16 | 17 | array 18 | 19 | Parameter points to an array of items. 20 | 21 | 22 | 23 | E 24 | 25 | element-type 26 | 27 | Generics and defining elements of containers and arrays. 28 | 29 | 30 | 31 | I 32 | 33 | inout 34 | 35 | Parameter for input and for returning results. Default is transfer full. 36 | 37 | 38 | 39 | O 40 | 41 | out 42 | 43 | Parameter for returning results. Default is transfer full. 44 | 45 | 46 | 47 | T 48 | 49 | transfer full 50 | 51 | Free data after the code is done. 52 | 53 | 54 | 55 | type 56 | 57 | Override the parsed C type with given type 58 | 59 | 60 | 61 | transfer none 62 | 63 | Don't free data after the code is done. 64 | 65 | 66 | 67 | -------------------------------------------------------------------------------- /doc/manual/docbook-params.xsl: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 23 | 24 | 25 | 26 | 3 27 | 0 28 | 29 | book toc 30 | part nop 31 | chapter toc 32 | 33 | style.css 34 | ansi 35 | 1 36 | 0 37 | 1 38 | 39 | 40 | -------------------------------------------------------------------------------- /doc/manual/p11-kit-docs.xml: -------------------------------------------------------------------------------- 1 | 2 | 6 | 7 | ]> 8 | 9 | 10 | p11-kit 11 | for p11-kit &version; 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | Manual Pages 22 | 23 | 24 | 25 | 26 | 27 | 28 | API Reference 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | API Index 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | -------------------------------------------------------------------------------- /doc/manual/p11-kit-overrides.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/doc/manual/p11-kit-overrides.txt -------------------------------------------------------------------------------- /doc/manual/p11-kit-proxy.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 5 | Proxy Module 6 | 7 | When an application is aware of the fact that coordination 8 | is necessary between multiple consumers of a PKCS#11 module, and wants 9 | to load standard configured PKCS#11 modules, it can link to 10 | p11-kit and use the functions there to provide this 11 | functionality. 12 | 13 | However most current consumers of PKCS#11 are ignorant of 14 | this problem, and do not link to p11-kit. In order to solve this 15 | multiple initialization problem for all applications, 16 | p11-kit provides a proxy compatibility 17 | module. 18 | 19 | This proxy module acts like a normal PKCS#11 module, but 20 | internally loads a preconfigured set of PKCS#11 modules and 21 | manages their features as described earlier. Each slot in the configured modules 22 | is exposed as a slot of the p11-kit proxy module. The proxy 23 | module is then used as a normal PKCS#11 module would be. It can be loaded by 24 | crypto libraries like NSS and behaves as expected. 25 | 26 | The C_GetFunctionList, 27 | C_GetInterfaceList and C_GetInterface 28 | exported entry points of the proxy module returns a new managed PKCS#11 module 29 | each time it is called. These managed instances are released when the proxy 30 | module is unloaded. 31 | 32 | -------------------------------------------------------------------------------- /doc/manual/style.css: -------------------------------------------------------------------------------- 1 | @import url("gtk-doc.css"); 2 | 3 | TABLE.navigation { 4 | background-color: #f9b631 !important; 5 | border-width: 0 !important; 6 | color: white; 7 | font-family: Georgia, "Times New Roman", Times, serif; 8 | height: 4em !important; 9 | } 10 | 11 | TABLE.navigation TH { 12 | font-size: 30pt !important; 13 | font-weight: normal; 14 | text-align: left !important; 15 | padding-left: 10pt; 16 | } 17 | 18 | TABLE.navigation TH:first-child { 19 | padding-left: 40pt; 20 | } 21 | 22 | .shortcuts { 23 | color: white !important; 24 | } 25 | 26 | .shortcuts a { 27 | color: white !important; 28 | font-family: Verdana, Arial, 'Bitstream Vera Sans', Helvetica, sans-serif; 29 | } 30 | 31 | P.title { 32 | font-size: 30pt !important; 33 | } 34 | 35 | BODY { 36 | padding-top: 5.5em !important; 37 | } 38 | 39 | DIV.book, 40 | DIV.refentry, 41 | DIV.chapter, 42 | DIV.index, 43 | DIV.footer, 44 | DIV.section { 45 | font-family: Verdana, Arial, 'Bitstream Vera Sans', Helvetica, sans-serif; 46 | font-size: 9.5pt; 47 | line-height: 150%; 48 | } 49 | 50 | BODY > DIV.book, 51 | BODY > DIV.footer { 52 | margin-left: 1em; 53 | margin-right: 1em; 54 | } 55 | 56 | BODY > DIV.refentry, 57 | BODY > DIV.chapter, 58 | BODY > DIV.index, 59 | BODY > DIV.section { 60 | margin-left: 3em; 61 | margin-right: 1em; 62 | } 63 | 64 | DIV.variablelist TABLE { 65 | font-size: 9.5pt; 66 | line-height: 150%; 67 | } 68 | 69 | DIV.refsect1, 70 | DIV.refsect2, 71 | DIV.refsynopsisdiv { 72 | margin-bottom: 3em !important; 73 | } 74 | 75 | H1 { 76 | position: relative; 77 | left: -1em; 78 | font-weight: normal !important; 79 | } 80 | 81 | H2 { 82 | position: relative; 83 | left: -1em; 84 | font-weight: normal !important; 85 | } 86 | 87 | H3 { 88 | position: relative; 89 | left: -1em; 90 | font-weight: normal !important; 91 | } 92 | 93 | CODE.option { 94 | white-space: nowrap; 95 | } 96 | 97 | DIV.toc DL { 98 | margin-top: 0; 99 | margin-bottom: 0; 100 | } 101 | 102 | DIV.book > DIV.toc > DL > DT { 103 | margin-top: 1em; 104 | } 105 | 106 | DIV.toc DT { 107 | margin-bottom: 0.3em; 108 | } 109 | 110 | TABLE.variablelist SPAN.term { 111 | padding-right: 1em; 112 | } 113 | 114 | DIV.cmdsynopsis { 115 | font-family: monospace; 116 | } 117 | -------------------------------------------------------------------------------- /doc/manual/sysdir.xml.in: -------------------------------------------------------------------------------- 1 | @p11_system_config@ 2 | -------------------------------------------------------------------------------- /doc/manual/userdir.xml.in: -------------------------------------------------------------------------------- 1 | @p11_user_config@ 2 | -------------------------------------------------------------------------------- /doc/manual/version.xml.in: -------------------------------------------------------------------------------- 1 | @VERSION@ 2 | -------------------------------------------------------------------------------- /fuzz/Makefile.am: -------------------------------------------------------------------------------- 1 | fuzz_targets = fuzz/rpc_fuzzer 2 | check_PROGRAMS += $(fuzz_targets) 3 | fuzz: $(fuzz_targets) 4 | 5 | fuzz_rpc_fuzzer_SOURCES = fuzz/rpc_fuzzer.c fuzz/fuzz.h fuzz/main.c 6 | 7 | fuzz_rpc_fuzzer_LDADD = libp11-kit-testable.la libp11-test.la libp11-common.la 8 | 9 | EXTRA_DIST += fuzz/meson.build 10 | 11 | oss-fuzz: libp11-kit-testable.la libp11-test.la libp11-common.la 12 | if test "$$OUT" != ""; then \ 13 | for src_file in $(top_srcdir)/fuzz/*_fuzzer.c; do \ 14 | fuzzer=$$(basename $$src_file .c); \ 15 | $$CC $$CFLAGS -I. -I$(top_srcdir) -I$(top_srcdir)/common \ 16 | -c $(top_srcdir)"/fuzz/$${fuzzer}.c" -o "$${fuzzer}.o" ; \ 17 | $$CXX $$CXXFLAGS "$${fuzzer}.o" -o "$$OUT/$${fuzzer}" \ 18 | .libs/libp11-kit-testable.a .libs/libp11-test.a .libs/libp11-common.a \ 19 | -lffi -ldl -lpthread $${LIB_FUZZING_ENGINE} || exit $?; \ 20 | done; \ 21 | fi 22 | 23 | .PHONY: fuzz oss-fuzz 24 | -------------------------------------------------------------------------------- /fuzz/fuzz.h: -------------------------------------------------------------------------------- 1 | #ifndef __P11_FUZZ_H__ 2 | #define __P11_FUZZ_H__ 3 | 4 | #include 5 | 6 | #ifdef __cplusplus 7 | extern "C" { 8 | #endif 9 | 10 | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); 11 | 12 | #ifdef __cplusplus 13 | } 14 | #endif 15 | 16 | #endif /* __P11_FUZZ_H__ */ 17 | -------------------------------------------------------------------------------- /fuzz/main.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2017 Nikos Mavrogiannopoulos 3 | * 4 | * Author: Nikos Mavrogiannopoulos 5 | * 6 | * This file is part of GnuTLS. 7 | * 8 | * The GnuTLS is free software; you can redistribute it and/or 9 | * modify it under the terms of the GNU Lesser General Public License 10 | * as published by the Free Software Foundation; either version 2.1 of 11 | * the License, or (at your option) any later version. 12 | * 13 | * This library is distributed in the hope that it will be useful, but 14 | * WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 | * Lesser General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Lesser General Public License 19 | * along with this program. If not, see 20 | * 21 | */ 22 | 23 | #ifdef HAVE_CONFIG_H 24 | #include 25 | #endif 26 | 27 | #include 28 | #include 29 | #include 30 | #include 31 | 32 | #include "fuzz.h" 33 | 34 | int main(int argc, char **argv) 35 | { 36 | int ret; 37 | unsigned char buf[64*1024]; 38 | 39 | ret = fread(buf, 1, sizeof(buf), stdin); 40 | if (ret <= 0) 41 | return 0; 42 | 43 | return LLVMFuzzerTestOneInput(buf, ret); 44 | } 45 | -------------------------------------------------------------------------------- /fuzz/meson.build: -------------------------------------------------------------------------------- 1 | if get_option('test') 2 | fuzz_common_sources = [ 3 | 'main.c' 4 | ] 5 | 6 | fuzzer_target_names = [ 7 | 'rpc' 8 | ] 9 | 10 | fuzzer_targets = [] 11 | foreach target : fuzzer_target_names 12 | t = executable('@0@_fuzzer'.format(target), 13 | ['@0@_fuzzer.c'.format(target)] + fuzz_common_sources, 14 | c_args: tests_c_args, 15 | include_directories: [configinc, commoninc], 16 | link_with: [libp11_kit_testable, libp11_test, libp11_common]) 17 | fuzzer_targets += t 18 | endforeach 19 | 20 | # Make `ninja fuzz` build all fuzzer targets. 21 | # This could use alias_target() instead, with a version bump to Meson 0.52. 22 | run_target('fuzz', depends: fuzzer_targets, command: [ 'true' ]) 23 | endif 24 | -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CloseAllSessions_slot_one: -------------------------------------------------------------------------------- 1 | u4 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CloseAllSessions_slot_two: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_CloseAllSessions_slot_two -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CloseSession: -------------------------------------------------------------------------------- 1 | u -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CopyObject_attribute_array: -------------------------------------------------------------------------------- 1 | uuaA@ -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CopyObject_byte: -------------------------------------------------------------------------------- 1 | uuaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CopyObject_byte_array: -------------------------------------------------------------------------------- 1 | uuaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CopyObject_date: -------------------------------------------------------------------------------- 1 | uuaA20201101 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CopyObject_date_empty: -------------------------------------------------------------------------------- 1 | uuaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CopyObject_invalid: -------------------------------------------------------------------------------- 1 | uuaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CopyObject_mechanism_type_array: -------------------------------------------------------------------------------- 1 | uuaA@ -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CopyObject_ulong: -------------------------------------------------------------------------------- 1 | uuaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CreateObject_attribute_array: -------------------------------------------------------------------------------- 1 | uaA@ -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CreateObject_byte: -------------------------------------------------------------------------------- 1 | uaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CreateObject_byte_array: -------------------------------------------------------------------------------- 1 | uaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CreateObject_date: -------------------------------------------------------------------------------- 1 | uaA20201101 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CreateObject_date_empty: -------------------------------------------------------------------------------- 1 | uaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CreateObject_invalid: -------------------------------------------------------------------------------- 1 | uaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CreateObject_mechanism_type_array: -------------------------------------------------------------------------------- 1 | uaA@ -------------------------------------------------------------------------------- /fuzz/rpc.in/C_CreateObject_ulong: -------------------------------------------------------------------------------- 1 | uaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_Decrypt: -------------------------------------------------------------------------------- 1 | "uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DecryptDigestUpdate: -------------------------------------------------------------------------------- 1 | 7uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DecryptFinal: -------------------------------------------------------------------------------- 1 | $ufy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DecryptInit: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_DecryptInit -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DecryptUpdate: -------------------------------------------------------------------------------- 1 | #uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DecryptVerifyUpdate: -------------------------------------------------------------------------------- 1 | 9uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DeriveKey: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_DeriveKey -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DestroyObject: -------------------------------------------------------------------------------- 1 | uu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_Digest: -------------------------------------------------------------------------------- 1 | &uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DigestEncryptUpdate: -------------------------------------------------------------------------------- 1 | 6uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DigestFinal: -------------------------------------------------------------------------------- 1 | )ufy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DigestInit: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_DigestInit -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DigestKey: -------------------------------------------------------------------------------- 1 | (uu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_DigestUpdate: -------------------------------------------------------------------------------- 1 | 'uay -------------------------------------------------------------------------------- /fuzz/rpc.in/C_Encrypt: -------------------------------------------------------------------------------- 1 | uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_EncryptFinal: -------------------------------------------------------------------------------- 1 | ufy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_EncryptInit: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_EncryptInit -------------------------------------------------------------------------------- /fuzz/rpc.in/C_EncryptUpdate: -------------------------------------------------------------------------------- 1 | uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_Finalize: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /fuzz/rpc.in/C_FindObjects: -------------------------------------------------------------------------------- 1 | ufu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_FindObjectsFinal: -------------------------------------------------------------------------------- 1 | u -------------------------------------------------------------------------------- /fuzz/rpc.in/C_FindObjectsInit_attribute_array: -------------------------------------------------------------------------------- 1 | uaA@ -------------------------------------------------------------------------------- /fuzz/rpc.in/C_FindObjectsInit_byte: -------------------------------------------------------------------------------- 1 | uaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_FindObjectsInit_byte_array: -------------------------------------------------------------------------------- 1 | uaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_FindObjectsInit_date: -------------------------------------------------------------------------------- 1 | uaA20201101 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_FindObjectsInit_date_empty: -------------------------------------------------------------------------------- 1 | uaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_FindObjectsInit_invalid: -------------------------------------------------------------------------------- 1 | uaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_FindObjectsInit_mechanism_type_array: -------------------------------------------------------------------------------- 1 | uaA@ -------------------------------------------------------------------------------- /fuzz/rpc.in/C_FindObjectsInit_ulong: -------------------------------------------------------------------------------- 1 | uaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GenerateKeyPair: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GenerateKeyPair -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GenerateKey_attribute_array: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GenerateKey_attribute_array -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GenerateKey_byte: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GenerateKey_byte -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GenerateKey_byte_array: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GenerateKey_byte_array -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GenerateKey_date: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GenerateKey_date -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GenerateKey_date_empty: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GenerateKey_date_empty -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GenerateKey_invalid: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GenerateKey_invalid -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GenerateKey_mechanism_type_array: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GenerateKey_mechanism_type_array -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GenerateKey_ulong: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GenerateKey_ulong -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GenerateRandom: -------------------------------------------------------------------------------- 1 | @ufy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetAttributeValue: -------------------------------------------------------------------------------- 1 | uufA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetInfo: -------------------------------------------------------------------------------- 1 |  -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetMechanismInfo: -------------------------------------------------------------------------------- 1 | uu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetMechanismInfo_slot_one_capitalize: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GetMechanismInfo_slot_one_capitalize -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetMechanismInfo_slot_one_prefix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GetMechanismInfo_slot_one_prefix -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetMechanismInfo_slot_two_capitalize: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GetMechanismInfo_slot_two_capitalize -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetMechanismInfo_slot_two_prefix: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GetMechanismInfo_slot_two_prefix -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetMechanismList: -------------------------------------------------------------------------------- 1 | ufu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetMechanismList_slot_one_buffer: -------------------------------------------------------------------------------- 1 | ufu4 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetMechanismList_slot_one_length: -------------------------------------------------------------------------------- 1 | ufu4 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetMechanismList_slot_two_buffer: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GetMechanismList_slot_two_buffer -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetMechanismList_slot_two_length: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GetMechanismList_slot_two_length -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetObjectSize: -------------------------------------------------------------------------------- 1 | uu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetOperationState: -------------------------------------------------------------------------------- 1 | ufy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetSessionInfo: -------------------------------------------------------------------------------- 1 | u -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetSlotInfo_slot_one: -------------------------------------------------------------------------------- 1 | u4 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetSlotInfo_slot_two: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GetSlotInfo_slot_two -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetSlotList_all_buffer: -------------------------------------------------------------------------------- 1 | yfu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetSlotList_all_length: -------------------------------------------------------------------------------- 1 | yfu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetSlotList_token_present_buffer: -------------------------------------------------------------------------------- 1 | yfu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetSlotList_token_present_length: -------------------------------------------------------------------------------- 1 | yfu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetTokenInfo_slot_one: -------------------------------------------------------------------------------- 1 | u4 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_GetTokenInfo_slot_two: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_GetTokenInfo_slot_two -------------------------------------------------------------------------------- /fuzz/rpc.in/C_InitPIN: -------------------------------------------------------------------------------- 1 | uayTEST PIN -------------------------------------------------------------------------------- /fuzz/rpc.in/C_InitToken_slot_one: -------------------------------------------------------------------------------- 1 | uayz4TEST PIN 2 | TEST LABEL -------------------------------------------------------------------------------- /fuzz/rpc.in/C_InitToken_slot_two: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_InitToken_slot_two -------------------------------------------------------------------------------- /fuzz/rpc.in/C_Initialize: -------------------------------------------------------------------------------- 1 | ayyay)PRIVATE-GNOME-KEYRING-PKCS11-PROTOCOL-V-1 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_Login: -------------------------------------------------------------------------------- 1 | uuay -------------------------------------------------------------------------------- /fuzz/rpc.in/C_Logout: -------------------------------------------------------------------------------- 1 | u -------------------------------------------------------------------------------- /fuzz/rpc.in/C_OpenSession_slot_one: -------------------------------------------------------------------------------- 1 | 2 | uu4 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_OpenSession_slot_two: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_OpenSession_slot_two -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SeedRandom: -------------------------------------------------------------------------------- 1 | ?uay -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SetAttributeValue_attribute_array: -------------------------------------------------------------------------------- 1 | uuaA@ -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SetAttributeValue_byte: -------------------------------------------------------------------------------- 1 | uuaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SetAttributeValue_byte_array: -------------------------------------------------------------------------------- 1 | uuaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SetAttributeValue_date: -------------------------------------------------------------------------------- 1 | uuaA20201101 -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SetAttributeValue_date_empty: -------------------------------------------------------------------------------- 1 | uuaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SetAttributeValue_invalid: -------------------------------------------------------------------------------- 1 | uuaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SetAttributeValue_mechanism_type_array: -------------------------------------------------------------------------------- 1 | uuaA@ -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SetAttributeValue_ulong: -------------------------------------------------------------------------------- 1 | uuaA -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SetOperationState: -------------------------------------------------------------------------------- 1 | uayuu -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SetPIN: -------------------------------------------------------------------------------- 1 | uayayboooTEST PIN -------------------------------------------------------------------------------- /fuzz/rpc.in/C_Sign: -------------------------------------------------------------------------------- 1 | +uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SignEncryptUpdate: -------------------------------------------------------------------------------- 1 | 8uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SignFinal: -------------------------------------------------------------------------------- 1 | -ufy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SignInit: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_SignInit -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SignRecover: -------------------------------------------------------------------------------- 1 | /uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SignRecoverInit: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_SignRecoverInit -------------------------------------------------------------------------------- /fuzz/rpc.in/C_SignUpdate: -------------------------------------------------------------------------------- 1 | ,uay -------------------------------------------------------------------------------- /fuzz/rpc.in/C_UnwrapKey: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_UnwrapKey -------------------------------------------------------------------------------- /fuzz/rpc.in/C_Verify: -------------------------------------------------------------------------------- 1 | 1uayay -------------------------------------------------------------------------------- /fuzz/rpc.in/C_VerifyFinal: -------------------------------------------------------------------------------- 1 | 3uay -------------------------------------------------------------------------------- /fuzz/rpc.in/C_VerifyInit: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_VerifyInit -------------------------------------------------------------------------------- /fuzz/rpc.in/C_VerifyRecover: -------------------------------------------------------------------------------- 1 | 5uayfy -------------------------------------------------------------------------------- /fuzz/rpc.in/C_VerifyRecoverInit: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_VerifyRecoverInit -------------------------------------------------------------------------------- /fuzz/rpc.in/C_VerifyUpdate: -------------------------------------------------------------------------------- 1 | 2uay -------------------------------------------------------------------------------- /fuzz/rpc.in/C_WaitForSlotEvent: -------------------------------------------------------------------------------- 1 | Au -------------------------------------------------------------------------------- /fuzz/rpc.in/C_WrapKey: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/fuzz/rpc.in/C_WrapKey -------------------------------------------------------------------------------- /fuzz/rpc_fuzzer.c: -------------------------------------------------------------------------------- 1 | /* 2 | # Copyright 2016 Google Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); 5 | # you may not use this file except in compliance with the License. 6 | # You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | # 16 | ################################################################################ 17 | */ 18 | 19 | #include "config.h" 20 | #include "test.h" 21 | 22 | #include "fuzz/fuzz.h" 23 | #include "library.h" 24 | #include "mock.h" 25 | #include "p11-kit/rpc.h" 26 | 27 | #include 28 | 29 | static p11_virtual base; 30 | 31 | #ifdef __cplusplus 32 | extern "C" 33 | #endif 34 | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) 35 | { 36 | p11_buffer buffer; 37 | 38 | mock_module_init (); 39 | p11_library_init (); 40 | 41 | p11_buffer_init (&buffer, 0); 42 | 43 | p11_virtual_init (&base, &p11_virtual_base, &mock_module_no_slots, NULL); 44 | base.funcs.C_Initialize (&base.funcs, NULL); 45 | 46 | p11_buffer_add (&buffer, data, size); 47 | assert (!p11_buffer_failed (&buffer)); 48 | 49 | p11_rpc_server_handle (&base.funcs, &buffer, &buffer); 50 | 51 | p11_buffer_uninit (&buffer); 52 | mock_module_reset (); 53 | p11_library_uninit (); 54 | 55 | return 0; 56 | } 57 | -------------------------------------------------------------------------------- /fuzz/run-afl.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Copyright (C) 2017 Red Hat, Inc. 3 | # 4 | # This file is part of GnuTLS. 5 | # 6 | # This file is free software; you can redistribute it and/or modify it 7 | # under the terms of the GNU General Public License as published by 8 | # the Free Software Foundation; either version 3 of the License, or 9 | # (at your option) any later version. 10 | # 11 | # This file is distributed in the hope that it will be useful, but 12 | # WITHOUT ANY WARRANTY; without even the implied warranty of 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 | # General Public License for more details. 15 | # 16 | # You should have received a copy of the GNU Lesser General Public License 17 | # along with this program. If not, see 18 | 19 | srcdir="${srcdir:-.}" 20 | export LD_LIBRARY_PATH=${srcdir}/../../lib/.libs/ 21 | 22 | cat ${srcdir}/../../config.log|grep afl-gcc >/dev/null 2>&1 23 | if test $? != 0;then 24 | echo "compile first library as:" 25 | echo "CC=afl-gcc ./configure" 26 | exit 1 27 | fi 28 | 29 | if test -z "$1";then 30 | echo "Usage: $0 test-case" 31 | echo "Example: $0 gnutls_x509_parser_fuzzer" 32 | exit 1 33 | fi 34 | 35 | rm -f $1 36 | (cd ../.. && make build/fuzz/$1) || exit 1 37 | 38 | TEST=$(echo $1|sed s/_fuzzer//) 39 | 40 | TMPOUT=${TEST}.$$.out 41 | mkdir -p ${TMPOUT} 42 | afl-fuzz -i ${TEST}.in -o ${TMPOUT} -- ./${TEST}_fuzzer 43 | 44 | echo "output was stored in $TMPOUT" 45 | 46 | exit 0 47 | -------------------------------------------------------------------------------- /meson_post_install_test.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set +x 4 | 5 | bindir="$1" 6 | libdir="$2" 7 | shift 2 8 | 9 | export PATH="$MESON_INSTALL_DESTDIR_PREFIX/$bindir:$PATH" 10 | export LD_LIBRARY_PATH="$MESON_INSTALL_DESTDIR_PREFIX/$libdir:$LD_LIBRARY_PATH" 11 | export PKG_CONFIG_PATH="$MESON_INSTALL_DESTDIR_PREFIX/$libdir/pkg-config:$PKG_CONFIG_PATH" 12 | export abs_top_builddir="$MESON_BUILD_ROOT" 13 | export abs_top_srcdir="$MESON_SOURCE_ROOT" 14 | 15 | exec "$@" 16 | -------------------------------------------------------------------------------- /p11-kit/client-init.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011 Collabora Ltd 3 | * Copyright (c) 2012 Stef Walter 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 9 | * * Redistributions of source code must retain the above 10 | * copyright notice, this list of conditions and the 11 | * following disclaimer. 12 | * * Redistributions in binary form must reproduce the 13 | * above copyright notice, this list of conditions and 14 | * the following disclaimer in the documentation and/or 15 | * other materials provided with the distribution. 16 | * * The names of contributors to this software may not be 17 | * used to endorse or promote products derived from this 18 | * software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 24 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 31 | * DAMAGE. 32 | * 33 | * 34 | * CONTRIBUTORS 35 | * Stef Walter 36 | */ 37 | 38 | #include "config.h" 39 | 40 | #include "client.h" 41 | #include "pkcs11.h" 42 | 43 | /* p11_proxy_module_check() is defined as a weak symbol in modules.c */ 44 | #ifndef __GNUC__ 45 | bool p11_proxy_module_check (CK_FUNCTION_LIST_PTR module); 46 | 47 | bool 48 | p11_proxy_module_check (CK_FUNCTION_LIST_PTR module) 49 | { 50 | return false; 51 | } 52 | #endif 53 | 54 | #define INIT _p11_kit_init 55 | #define FINI _p11_kit_fini 56 | #define CLEANUP p11_client_module_cleanup () 57 | #include "init.h" 58 | -------------------------------------------------------------------------------- /p11-kit/client.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #ifndef __P11_CLIENT_H__ 36 | #define __P11_CLIENT_H__ 37 | 38 | void p11_client_module_cleanup (void); 39 | 40 | 41 | #endif /* __P11_CLIENT_H__ */ 42 | -------------------------------------------------------------------------------- /p11-kit/docs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | /* This header is not used by anything, and merely to help gtk-doc be sane */ 36 | 37 | #define P11_KIT_MODULE_UNMANAGED 1 38 | #define P11_KIT_MODULE_CRITICAL 1 39 | -------------------------------------------------------------------------------- /p11-kit/filter.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2016, Red Hat Inc. 3 | * 4 | * All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 10 | * * Redistributions of source code must retain the above 11 | * copyright notice, this list of conditions and the 12 | * following disclaimer. 13 | * * Redistributions in binary form must reproduce the 14 | * above copyright notice, this list of conditions and 15 | * the following disclaimer in the documentation and/or 16 | * other materials provided with the distribution. 17 | * * The names of contributors to this software may not be 18 | * used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 24 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 25 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 27 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 28 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 29 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 31 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 32 | * DAMAGE. 33 | * 34 | * 35 | * CONTRIBUTORS 36 | * Daiki Ueno 37 | */ 38 | 39 | #ifndef P11_FILTER_H_ 40 | #define P11_FILTER_H_ 41 | 42 | #include "virtual.h" 43 | 44 | p11_virtual *p11_filter_subclass (p11_virtual *lower, 45 | p11_destroyer destroyer); 46 | 47 | void p11_filter_release (void *filterger); 48 | 49 | void p11_filter_allow_token (p11_virtual *virt, 50 | CK_TOKEN_INFO *token); 51 | 52 | void p11_filter_deny_token (p11_virtual *virt, 53 | CK_TOKEN_INFO *token); 54 | 55 | #endif /* P11_FILTER_H_ */ 56 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/eleven.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-eleven.so 3 | managed: yes 4 | enable-in: p11-kit-testable 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/four-v3.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-v3-four.so 3 | enable-in: test-proxy3, test-log3, test-rpc 4 | priority: 4 5 | trust-policy: no 6 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/four.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-four.so 3 | disable-in: test-disable, test-other, test-proxy3, test-log3, test-rpc 4 | priority: 4 5 | trust-policy: no 6 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/fourteen.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-fourteen.so 3 | managed: yes 4 | enable-in: p11-kit-testable 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/six.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-six.so 3 | 4 | enable-in: test-proxy 5 | 6 | # the highest priority among others loaded by test-proxy 7 | priority: 100 8 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/thirteen.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-thirteen.so 3 | managed: yes 4 | enable-in: p11-kit-testable 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/twelve.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-twelve.so 3 | managed: yes 4 | enable-in: p11-kit-testable 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/win32/four-v3.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-v3-four.dll 3 | enable-in: test-proxy3, test-log3, test-rpc 4 | priority: 4 5 | trust-policy: no 6 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/win32/four.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-four.dll 3 | disable-in: test-disable, test-other, test-proxy3, test-log3, test-rpc 4 | priority: 4 5 | trust-policy: no 6 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/win32/six.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-six.dll 3 | 4 | enable-in: test-proxy 5 | 6 | # the highest priority among others loaded by test-proxy 7 | priority: 100 8 | -------------------------------------------------------------------------------- /p11-kit/fixtures/package-modules/win32/twelve.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-twelve.so 3 | managed: yes 4 | enable-in: p11-kit-testable 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/system-modules/one.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-one.so 3 | setting: system1 4 | trust-policy: yes 5 | number: 18 6 | -------------------------------------------------------------------------------- /p11-kit/fixtures/system-modules/seven.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-seven.so 3 | critical: yes 4 | enable-in: test-modules 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/system-modules/two-duplicate.module: -------------------------------------------------------------------------------- 1 | 2 | # This is a duplicate of the 'two' module 3 | module: mock-two.so 4 | # no priority, use name 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/system-modules/two.badname: -------------------------------------------------------------------------------- 1 | # This module doesn't have a .module extension, but p11-kit doesn't yet 2 | # enforce the naming, just warns, so it should still be loaded 3 | 4 | module: mock-two.so 5 | setting: system2 6 | # no priority, use name -------------------------------------------------------------------------------- /p11-kit/fixtures/system-modules/win32/one.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-one.dll 3 | setting: system1 4 | trust-policy: yes 5 | number: 18 6 | -------------------------------------------------------------------------------- /p11-kit/fixtures/system-modules/win32/seven.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-seven.dll 3 | critical: yes 4 | enable-in: test-modules 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/system-modules/win32/two-duplicate.module: -------------------------------------------------------------------------------- 1 | 2 | # This is a duplicate of the 'two' module 3 | module: mock-two.dll 4 | # no priority, use name 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/system-modules/win32/two.badname: -------------------------------------------------------------------------------- 1 | # This module doesn't have a .module extension, but p11-kit doesn't yet 2 | # enforce the naming, just warns, so it should still be loaded 3 | 4 | module: mock-two.dll 5 | setting: system2 6 | # no order, use name -------------------------------------------------------------------------------- /p11-kit/fixtures/system-pkcs11.conf: -------------------------------------------------------------------------------- 1 | 2 | # Merge in user config 3 | user-config: merge 4 | 5 | # Another option 6 | new: world -------------------------------------------------------------------------------- /p11-kit/fixtures/test-1.conf: -------------------------------------------------------------------------------- 1 | key1:value1 2 | with-whitespace : value-with-whitespace 3 | with-colon: value-of-colon 4 | 5 | # A comment 6 | embedded-comment: this is # not a comment 7 | -------------------------------------------------------------------------------- /p11-kit/fixtures/test-pinfile: -------------------------------------------------------------------------------- 1 | yogabbagabba -------------------------------------------------------------------------------- /p11-kit/fixtures/test-system-invalid.conf: -------------------------------------------------------------------------------- 1 | 2 | # Invalid user-config setting 3 | user-config: bad 4 | -------------------------------------------------------------------------------- /p11-kit/fixtures/test-system-merge.conf: -------------------------------------------------------------------------------- 1 | 2 | # Merge in user config 3 | user-config: merge 4 | 5 | key1: system1 6 | key2: system2 7 | key3: system3 -------------------------------------------------------------------------------- /p11-kit/fixtures/test-system-none.conf: -------------------------------------------------------------------------------- 1 | 2 | # Only user config 3 | user-config: none 4 | 5 | # These values will not be overridden 6 | key1: system1 7 | key2: system2 8 | key3: system3 -------------------------------------------------------------------------------- /p11-kit/fixtures/test-system-only.conf: -------------------------------------------------------------------------------- 1 | 2 | # Only user config 3 | user-config: only 4 | 5 | # This stuff will be ignored 6 | key1: system1 7 | key2: system2 8 | key3: system3 -------------------------------------------------------------------------------- /p11-kit/fixtures/test-user-invalid.conf: -------------------------------------------------------------------------------- 1 | 2 | # Invalid user-config setting 3 | user-config: bad 4 | -------------------------------------------------------------------------------- /p11-kit/fixtures/test-user-only.conf: -------------------------------------------------------------------------------- 1 | 2 | user-config: only 3 | key2: user2 4 | key3: user3 -------------------------------------------------------------------------------- /p11-kit/fixtures/test-user.conf: -------------------------------------------------------------------------------- 1 | 2 | key2: user2 3 | key3: user3 -------------------------------------------------------------------------------- /p11-kit/fixtures/user-modules/one.module: -------------------------------------------------------------------------------- 1 | 2 | setting: user1 3 | managed: yes 4 | number: 33 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/user-modules/three.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-three.so 3 | setting: user3 4 | 5 | enable-in: test-enable 6 | priority: 3 -------------------------------------------------------------------------------- /p11-kit/fixtures/user-modules/win32/one.module: -------------------------------------------------------------------------------- 1 | 2 | setting: user1 3 | managed: yes 4 | number: 33 5 | -------------------------------------------------------------------------------- /p11-kit/fixtures/user-modules/win32/three.module: -------------------------------------------------------------------------------- 1 | 2 | module: mock-three.dll 3 | setting: user3 4 | 5 | enable-in: test-enable 6 | priority: 3 -------------------------------------------------------------------------------- /p11-kit/gen-fixed-closures.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python 2 | 3 | """ 4 | SPDX-License-Identifier: BSD-3-Clause 5 | """ 6 | 7 | import sys 8 | 9 | INDENT = " " 10 | 11 | 12 | def write_fixed_instantiate(output, closures): 13 | for i in range(closures): 14 | output.write(f"P11_VIRTUAL_FIXED_FUNCTIONS({i})\n") 15 | 16 | initializers_concatenated = ",\n".join([ 17 | f"{INDENT}P11_VIRTUAL_FIXED_INITIALIZER({i})" 18 | for i in range(closures) 19 | ]) 20 | output.write(f''' 21 | CK_FUNCTION_LIST_3_0 p11_virtual_fixed[P11_VIRTUAL_MAX_FIXED] = {{ 22 | {initializers_concatenated} 23 | }}; 24 | 25 | ''') 26 | for i in range(closures): 27 | output.write(f"""\ 28 | P11_VIRTUAL_FIXED_GET_FUNCTION_LIST({i}) 29 | P11_VIRTUAL_FIXED_GET_INTERFACE_LIST({i}) 30 | P11_VIRTUAL_FIXED_GET_INTERFACE({i}) 31 | """) 32 | 33 | 34 | if __name__ == "__main__": 35 | import argparse 36 | parser = argparse.ArgumentParser() 37 | parser.add_argument("--closures", type=int, 38 | default=64) 39 | parser.add_argument("--outfile", type=argparse.FileType("w"), 40 | default=sys.stdout) 41 | args = parser.parse_args() 42 | 43 | write_fixed_instantiate(args.outfile, args.closures) 44 | -------------------------------------------------------------------------------- /p11-kit/gen-pkcs11-gnu.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | source="$1" 4 | target="$2" 5 | 6 | rm -f $target-t $target && \ 7 | { echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */'; \ 8 | echo; \ 9 | echo '#include '; \ 10 | echo '#include "p11-kit/p11-kit.h"'; \ 11 | cat $source; \ 12 | echo "void *${target}_funcs[] = {" | sed 's/[^][ *a-z0-9_={]/_/g'; \ 13 | sed -n -e '/^typedef/d' -e 's/.* \(p11_kit_[^ ]*\) *(.*/ \1,/p' $source; \ 14 | echo '};'; \ 15 | } > $target-t && \ 16 | mv -f $target-t $target 17 | -------------------------------------------------------------------------------- /p11-kit/log.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013, Red Hat Inc. 3 | * 4 | * All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 10 | * * Redistributions of source code must retain the above 11 | * copyright notice, this list of conditions and the 12 | * following disclaimer. 13 | * * Redistributions in binary form must reproduce the 14 | * above copyright notice, this list of conditions and 15 | * the following disclaimer in the documentation and/or 16 | * other materials provided with the distribution. 17 | * * The names of contributors to this software may not be 18 | * used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 24 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 25 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 27 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 28 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 29 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 31 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 32 | * DAMAGE. 33 | * 34 | * 35 | * CONTRIBUTORS 36 | * Stef Walter 37 | */ 38 | 39 | #ifndef P11_LOG_H_ 40 | #define P11_LOG_H_ 41 | 42 | #include "virtual.h" 43 | 44 | p11_virtual * p11_log_subclass (p11_virtual *lower, 45 | p11_destroyer destroyer); 46 | 47 | void p11_log_release (void *logger); 48 | 49 | extern bool p11_log_force; 50 | 51 | extern bool p11_log_output; 52 | 53 | #endif /* P11_LOG_H_ */ 54 | -------------------------------------------------------------------------------- /p11-kit/meson_post_install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set +x 4 | 5 | libdir="$1" 6 | p11_package_config_modules="$2" 7 | 8 | # Proxy module is actually same as library, so install a link 9 | for i in so dylib; do 10 | test -f "$MESON_INSTALL_DESTDIR_PREFIX/$libdir/libp11-kit.$i" && 11 | ln -sf `readlink $MESON_INSTALL_DESTDIR_PREFIX/$libdir/libp11-kit.$i` \ 12 | "$MESON_INSTALL_DESTDIR_PREFIX/$libdir/p11-kit-proxy.$i" || true; 13 | done 14 | 15 | mkdir -p "$MESON_INSTALL_DESTDIR_PREFIX/$p11_package_config_modules" 16 | -------------------------------------------------------------------------------- /p11-kit/mock-module-ep.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2012 Stefan Walter 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | 37 | #define CRYPTOKI_EXPORTS 1 38 | #include "pkcs11.h" 39 | 40 | #include "mock.h" 41 | 42 | #ifdef OS_WIN32 43 | __declspec(dllexport) 44 | #endif 45 | CK_RV 46 | C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list) 47 | { 48 | mock_module_init (); 49 | mock_module.C_GetFunctionList = C_GetFunctionList; 50 | if (list == NULL) 51 | return CKR_ARGUMENTS_BAD; 52 | *list = &mock_module; 53 | return CKR_OK; 54 | } 55 | -------------------------------------------------------------------------------- /p11-kit/mock-module-ep2.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2012 Stefan Walter 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | 37 | #define CRYPTOKI_EXPORTS 1 38 | #include "pkcs11.h" 39 | 40 | #include "mock.h" 41 | 42 | #include 43 | 44 | #ifdef OS_WIN32 45 | __declspec(dllexport) 46 | #endif 47 | CK_RV 48 | C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list) 49 | { 50 | mock_module_init (); 51 | mock_module.C_GetFunctionList = C_GetFunctionList; 52 | if (list == NULL) 53 | return CKR_ARGUMENTS_BAD; 54 | *list = &mock_module; 55 | return CKR_OK; 56 | } 57 | -------------------------------------------------------------------------------- /p11-kit/mock-module-ep3.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2012 Stefan Walter 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | 37 | #define CRYPTOKI_EXPORTS 1 38 | #include "pkcs11.h" 39 | 40 | #include "mock.h" 41 | #include "test.h" 42 | 43 | #include 44 | 45 | static CK_RV 46 | override_initialize (CK_VOID_PTR init_args) 47 | { 48 | CK_C_INITIALIZE_ARGS_PTR args = init_args; 49 | 50 | assert_str_eq ("initialize-arg", args->pReserved); 51 | 52 | return mock_C_Initialize (init_args); 53 | } 54 | 55 | #ifdef OS_WIN32 56 | __declspec(dllexport) 57 | #endif 58 | CK_RV 59 | C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list) 60 | { 61 | mock_module_init (); 62 | mock_module.C_GetFunctionList = C_GetFunctionList; 63 | if (list == NULL) 64 | return CKR_ARGUMENTS_BAD; 65 | mock_module.C_Initialize = override_initialize; 66 | *list = &mock_module; 67 | return CKR_OK; 68 | } 69 | -------------------------------------------------------------------------------- /p11-kit/mock-module-ep4.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2012 Stefan Walter 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | 37 | #define CRYPTOKI_EXPORTS 1 38 | #include "pkcs11.h" 39 | 40 | #include "mock.h" 41 | #include "test.h" 42 | 43 | #include 44 | 45 | static pid_t init_pid; 46 | 47 | static CK_RV 48 | override_initialize (CK_VOID_PTR init_args) 49 | { 50 | if (init_pid != getpid ()) 51 | return CKR_GENERAL_ERROR; 52 | return mock_C_Initialize (init_args); 53 | } 54 | 55 | #ifdef OS_WIN32 56 | __declspec(dllexport) 57 | #endif 58 | CK_RV 59 | C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list) 60 | { 61 | mock_module_init (); 62 | mock_module.C_GetFunctionList = C_GetFunctionList; 63 | if (list == NULL) 64 | return CKR_ARGUMENTS_BAD; 65 | init_pid = getpid (); 66 | mock_module.C_Initialize = override_initialize; 67 | *list = &mock_module; 68 | return CKR_OK; 69 | } 70 | -------------------------------------------------------------------------------- /p11-kit/mock-module-ep7.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2012 Stefan Walter 3 | * Copyright (c) 2019 Red Hat, Inc. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 9 | * * Redistributions of source code must retain the above 10 | * copyright notice, this list of conditions and the 11 | * following disclaimer. 12 | * * Redistributions in binary form must reproduce the 13 | * above copyright notice, this list of conditions and 14 | * the following disclaimer in the documentation and/or 15 | * other materials provided with the distribution. 16 | * * The names of contributors to this software may not be 17 | * used to endorse or promote products derived from this 18 | * software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 24 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 31 | * DAMAGE. 32 | * 33 | * Author: Stef Walter , Daiki Ueno 34 | */ 35 | 36 | #include "config.h" 37 | 38 | #define CRYPTOKI_EXPORTS 1 39 | #include "pkcs11.h" 40 | 41 | #include "mock.h" 42 | #include "test.h" 43 | 44 | static CK_RV 45 | override_wait_for_slot_event (CK_FLAGS flags, 46 | CK_SLOT_ID_PTR slot, 47 | CK_VOID_PTR reserved) 48 | { 49 | if (flags & CKF_DONT_BLOCK) { 50 | *slot = MOCK_SLOT_ONE_ID; 51 | return CKR_OK; 52 | } 53 | 54 | return mock_C_WaitForSlotEvent(flags, slot, reserved); 55 | } 56 | 57 | #ifdef OS_WIN32 58 | __declspec(dllexport) 59 | #endif 60 | CK_RV 61 | C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list) 62 | { 63 | mock_module_init (); 64 | mock_module.C_GetFunctionList = C_GetFunctionList; 65 | if (list == NULL) 66 | return CKR_ARGUMENTS_BAD; 67 | mock_module.C_WaitForSlotEvent = override_wait_for_slot_event; 68 | *list = &mock_module; 69 | return CKR_OK; 70 | } 71 | -------------------------------------------------------------------------------- /p11-kit/modules.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #ifndef __P11_MODULES_H__ 36 | #define __P11_MODULES_H__ 37 | 38 | #include "pkcs11.h" 39 | 40 | CK_RV p11_modules_load_inlock_reentrant (int flags, 41 | CK_FUNCTION_LIST_PTR **results); 42 | 43 | CK_RV p11_modules_release_inlock_reentrant (CK_FUNCTION_LIST_PTR *modules); 44 | 45 | CK_RV p11_module_load_inlock_reentrant (CK_FUNCTION_LIST_PTR module, 46 | int flags, 47 | CK_FUNCTION_LIST_PTR *result); 48 | 49 | CK_RV p11_module_release_inlock_reentrant (CK_FUNCTION_LIST_PTR module); 50 | 51 | #endif /* __P11_MODULES_H__ */ 52 | -------------------------------------------------------------------------------- /p11-kit/p11-kit-1.pc.in: -------------------------------------------------------------------------------- 1 | prefix=@prefix@ 2 | exec_prefix=@exec_prefix@ 3 | libdir=@libdir@ 4 | includedir=@includedir@ 5 | datarootdir=@datarootdir@ 6 | datadir=@datadir@ 7 | pkgdatadir=@datadir@/p11-kit 8 | sysconfdir=@sysconfdir@ 9 | p11_module_configs=@p11_package_config_modules@ 10 | p11_module_path=@p11_module_path@ 11 | p11_trust_paths=@with_trust_paths@ 12 | proxy_module=@libdir@/p11-kit-proxy@p11_shlext@ 13 | 14 | # This is for compatibility. Other packages were using this to determine 15 | # the directory they should install their module configs to, so override 16 | # this and redirect them to the new location 17 | p11_system_config_modules=@p11_package_config_modules@ 18 | 19 | Name: p11-kit 20 | Description: Library and proxy module for properly loading and sharing PKCS#11 modules. 21 | Version: @VERSION@ 22 | Libs: -L${libdir} -lp11-kit 23 | Cflags: -I${includedir}/p11-kit-1 24 | -------------------------------------------------------------------------------- /p11-kit/p11-kit-server.service.in: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=p11-kit server 3 | Documentation=man:p11-kit(8) 4 | 5 | Requires=p11-kit-server.socket 6 | 7 | [Service] 8 | Type=simple 9 | StandardError=journal 10 | ExecStart=@bindir@/p11-kit server -f -n %t/p11-kit/pkcs11 pkcs11: 11 | Restart=on-failure 12 | 13 | [Install] 14 | Also=p11-kit-server.socket 15 | WantedBy=default.target 16 | -------------------------------------------------------------------------------- /p11-kit/p11-kit-server.socket: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=p11-kit server 3 | 4 | [Socket] 5 | Priority=6 6 | Backlog=5 7 | ListenStream=%t/p11-kit/pkcs11 8 | SocketMode=0600 9 | 10 | [Install] 11 | WantedBy=sockets.target 12 | -------------------------------------------------------------------------------- /p11-kit/p11-module.map: -------------------------------------------------------------------------------- 1 | { 2 | global: 3 | C_GetFunctionList; 4 | C_GetInterface; 5 | C_GetInterfaceList; 6 | local: 7 | *; 8 | }; 9 | -------------------------------------------------------------------------------- /p11-kit/pkcs11-gnu.c: -------------------------------------------------------------------------------- 1 | #include "config.h" 2 | 3 | #include "p11-kit.h" 4 | #include "pkcs11x.h" 5 | 6 | #include "pkcs11-gnu-iter.h" 7 | #include "pkcs11-gnu-pin.h" 8 | #include "pkcs11-gnu-uri.h" 9 | -------------------------------------------------------------------------------- /p11-kit/pkcs11.conf.example.in: -------------------------------------------------------------------------------- 1 | # This is an example @p11_system_config_file@ file. Copy it into 2 | # place before use. 3 | 4 | # This setting controls whether to load user configuration from the 5 | # @p11_user_config@ directory. Possible values: 6 | # none: No user configuration 7 | # merge: Merge the user config over the system configuration (default) 8 | # only: Only user configuration, ignore system configuration 9 | user-config: merge 10 | -------------------------------------------------------------------------------- /p11-kit/pkcs11.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2012 Red Hat, Inc 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | /* 36 | * This is so that we can use the path in our installed 37 | * headers, but still have the actual file live in our common/ subdirectory. 38 | */ 39 | 40 | #include "common/pkcs11.h" 41 | -------------------------------------------------------------------------------- /p11-kit/proxy-init.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2011 Collabora Ltd 3 | * Copyright (c) 2012 Stef Walter 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 9 | * * Redistributions of source code must retain the above 10 | * copyright notice, this list of conditions and the 11 | * following disclaimer. 12 | * * Redistributions in binary form must reproduce the 13 | * above copyright notice, this list of conditions and 14 | * the following disclaimer in the documentation and/or 15 | * other materials provided with the distribution. 16 | * * The names of contributors to this software may not be 17 | * used to endorse or promote products derived from this 18 | * software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 24 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 31 | * DAMAGE. 32 | * 33 | * 34 | * CONTRIBUTORS 35 | * Stef Walter 36 | */ 37 | 38 | #include "config.h" 39 | 40 | #include "library.h" 41 | #include "p11-kit.h" 42 | #include "proxy.h" 43 | 44 | #define INIT _p11_kit_init 45 | #define FINI _p11_kit_fini 46 | #define CLEANUP p11_proxy_module_cleanup () 47 | #include "init.h" 48 | -------------------------------------------------------------------------------- /p11-kit/proxy.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #ifndef __P11_PROXY_H__ 36 | #define __P11_PROXY_H__ 37 | 38 | bool p11_proxy_module_check (CK_FUNCTION_LIST_PTR module); 39 | 40 | void p11_proxy_module_cleanup (void); 41 | 42 | CK_RV p11_proxy_module_create (CK_FUNCTION_LIST_PTR *module, 43 | CK_FUNCTION_LIST_PTR *modules); 44 | 45 | 46 | #endif /* __P11_PROXY_H__ */ 47 | -------------------------------------------------------------------------------- /p11-kit/templates/base-wrappers.py: -------------------------------------------------------------------------------- 1 | { 2 | "function_name": "base_{function}", 3 | "function_argument": "{argument_type} {argument_name}", 4 | "call_lower": "return funcs->{function}", 5 | "call_lower_argument": "{argument_name}", 6 | "function_body": """\ 7 | static CK_RV 8 | {function_name} (CK_X_FUNCTION_LIST *self, 9 | {arglist_indent}{arglist}) 10 | {{ 11 | {indent}p11_virtual *virt = (p11_virtual *)self; 12 | {indent}CK_FUNCTION_LIST *funcs = virt->lower_module; 13 | {indent}{call_lower} ({call_lower_arglist}); 14 | }} 15 | """, 16 | "function_body_v3": """\ 17 | static CK_RV 18 | {function_name} (CK_X_FUNCTION_LIST *self, 19 | {arglist_indent}{arglist}) 20 | {{ 21 | {indent}p11_virtual *virt = (p11_virtual *)self; 22 | {indent}CK_FUNCTION_LIST_3_0 *funcs = virt->lower_module; 23 | {indent}if (funcs->version.major < 3) 24 | {indent}{indent}return CKR_FUNCTION_NOT_SUPPORTED; 25 | {indent}{call_lower} ({call_lower_arglist}); 26 | }} 27 | """, 28 | "entry_argument": "", # unused 29 | "entry": "{function_name}", 30 | "outer": """ 31 | /* DO NOT EDIT! GENERATED AUTOMATICALLY! */ 32 | 33 | {wrappers} 34 | 35 | CK_X_FUNCTION_LIST p11_virtual_base = {{ 36 | {indent}{{ CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }}, /* version */ 37 | {xentries} 38 | }}; 39 | """ 40 | } 41 | -------------------------------------------------------------------------------- /p11-kit/templates/binding-wrappers.py: -------------------------------------------------------------------------------- 1 | { 2 | "function_name": "binding_{function}", 3 | "function_argument": "", # unused 4 | "call_lower": "*ret = funcs->{function}", 5 | "call_lower_argument": "*({argument_type} *)args[{argument_index}]", 6 | "function_body": """\ 7 | static void 8 | {function_name} (ffi_cif *cif, 9 | {arglist_indent}CK_RV *ret, 10 | {arglist_indent}void* args[], 11 | {arglist_indent}CK_X_FUNCTION_LIST *funcs) 12 | {{ 13 | {indent}{call_lower} (funcs, 14 | {call_lower_arglist_indent}{call_lower_arglist}); 15 | }} 16 | """, 17 | "entry_argument": "&ffi_type_{argument_ffi_type}", 18 | "entry": "{{ {function_name}, {{ {entry_arglist}, NULL }} }}", 19 | "outer": """ 20 | /* DO NOT EDIT! GENERATED AUTOMATICALLY! */ 21 | 22 | {wrappers} 23 | 24 | static const BindingInfo binding_info[] = {{ 25 | {xentries}, 26 | {indent}{{ 0, }} 27 | }}; 28 | """ 29 | } 30 | -------------------------------------------------------------------------------- /p11-kit/templates/proxy-excludes.list: -------------------------------------------------------------------------------- 1 | C_CancelFunction 2 | C_CloseAllSessions 3 | C_CloseSession 4 | C_Finalize 5 | C_GetFunctionList 6 | C_GetFunctionStatus 7 | C_GetInfo 8 | C_GetInterface 9 | C_GetInterfaceList 10 | C_GetSessionInfo 11 | C_GetSlotList 12 | C_Initialize 13 | C_OpenSession 14 | C_WaitForSlotEvent 15 | -------------------------------------------------------------------------------- /p11-kit/templates/stack-wrappers.py: -------------------------------------------------------------------------------- 1 | { 2 | "function_name": "stack_{function}", 3 | "function_argument": "{argument_type} {argument_name}", 4 | "call_lower": "return funcs->{function}", 5 | "call_lower_argument": "{argument_name}", 6 | "function_body": """\ 7 | static CK_RV 8 | {function_name} (CK_X_FUNCTION_LIST *self, 9 | {arglist_indent}{arglist}) 10 | {{ 11 | {indent}p11_virtual *virt = (p11_virtual *)self; 12 | {indent}CK_X_FUNCTION_LIST *funcs = virt->lower_module; 13 | {indent}{call_lower} (funcs, 14 | {call_lower_arglist_indent}{call_lower_arglist}); 15 | }} 16 | """, 17 | "entry_argument": "", # unused 18 | "entry": "{function_name}", 19 | "outer": """ 20 | /* DO NOT EDIT! GENERATED AUTOMATICALLY! */ 21 | 22 | {wrappers} 23 | 24 | CK_X_FUNCTION_LIST p11_virtual_stack = {{ 25 | {indent}{{ CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }}, /* version */ 26 | {xentries} 27 | }}; 28 | """ 29 | } 30 | -------------------------------------------------------------------------------- /p11-kit/templates/virtual-excludes.list: -------------------------------------------------------------------------------- 1 | C_GetFunctionList 2 | C_GetFunctionStatus 3 | C_CancelFunction 4 | C_GetInterfaceList 5 | C_GetInterface 6 | -------------------------------------------------------------------------------- /p11-kit/test-list-mechanisms.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | test "${abs_top_builddir+set}" = set || { 4 | echo "set abs_top_builddir" 1>&2 5 | exit 1 6 | } 7 | 8 | . "$abs_top_builddir/common/test-init.sh" 9 | 10 | setup() { 11 | testdir=$PWD/test-mechanisms-$$ 12 | test -d "$testdir" || mkdir "$testdir" 13 | cd "$testdir" 14 | } 15 | 16 | teardown() { 17 | rm -rf "$testdir" 18 | } 19 | 20 | test_list_mechanisms_multi() { # pkcs11: matches only the first token 21 | cat > list.exp < list.out; then 27 | assert_fail "unable to run: p11-kit list-mechanisms" 28 | fi 29 | 30 | : ${DIFF=diff} 31 | if ! ${DIFF} list.exp list.out > list.diff; then 32 | sed 's/^/# /' list.diff 33 | assert_fail "output contains wrong results" 34 | fi 35 | } 36 | 37 | test_list_mechanisms_single() { # specific existing token can be specified 38 | cat > list.exp < list.out; then 44 | assert_fail "unable to run: p11-kit list-mechanisms" 45 | fi 46 | 47 | : ${DIFF=diff} 48 | if ! ${DIFF} list.exp list.out > list.diff; then 49 | sed 's/^/# /' list.diff 50 | assert_fail "output contains wrong results" 51 | fi 52 | } 53 | 54 | test_list_mechanisms_nonex() { # specific nonexisting token leads to a warning 55 | if "$abs_top_builddir"/p11-kit/p11-kit-testable list-mechanisms pkcs11:token=nonex 2> list.err; then 56 | assert_fail "p11-kit list-mechanisms returned 0 for nonexisting token" 57 | fi 58 | 59 | : ${GREP=grep} 60 | if ! ${GREP} -Fqx 'p11-kit: no matching token' list.err; then 61 | assert_fail "p11-kit list-mechanisms hasn't printed 'no matching token' error" 62 | fi 63 | } 64 | 65 | run test_list_mechanisms_multi test_list_mechanisms_single test_list_mechanisms_nonex 66 | -------------------------------------------------------------------------------- /p11-kit/test-server.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | test "${abs_top_builddir+set}" = set || { 4 | echo "set abs_top_builddir" 1>&2 5 | exit 1 6 | } 7 | 8 | . "$abs_top_builddir/common/test-init.sh" 9 | 10 | : ${P11_MODULE_PATH="$abs_top_builddir"/.libs} 11 | 12 | setup() { 13 | testdir=`mktemp -d -t test-server.XXXXXX` 14 | if test $? -ne 0; then 15 | echo "cannot create temporary directory" >&2 16 | exit 77 17 | fi 18 | cd "$testdir" 19 | 20 | unset P11_KIT_SERVER_ADDRESS 21 | unset P11_KIT_SERVER_PID 22 | 23 | export XDG_RUNTIME_DIR="$testdir" 24 | export P11_KIT_PRIVATEDIR="${abs_top_builddir}/p11-kit" 25 | export ASAN_OPTIONS="verify_asan_link_order=0" 26 | } 27 | 28 | teardown() { 29 | rm -rf "$testdir" 30 | if test "${P11_KIT_SERVER_PID+set}" = "set"; then 31 | kill "$P11_KIT_SERVER_PID" 32 | fi 33 | } 34 | 35 | test_server_access() { 36 | "$abs_top_builddir"/p11-kit/p11-kit-server-testable -s --provider "$P11_MODULE_PATH"/mock-one.so pkcs11: > start.env 2> start.err 37 | if test $? -ne 0; then 38 | sed 's/^/# /' start.err 39 | assert_fail "unable to start server" 40 | fi 41 | 42 | . ./start.env 43 | 44 | if test "${P11_KIT_SERVER_ADDRESS-unset}" = "unset"; then 45 | assert_fail "P11_KIT_SERVER_ADDRESS is not set" 46 | fi 47 | 48 | if test "${P11_KIT_SERVER_PID-unset}" = "unset"; then 49 | assert_fail "P11_KIT_SERVER_PID is not set" 50 | fi 51 | 52 | : ${P11TOOL=p11tool} 53 | if "$P11TOOL" --version > /dev/null; then 54 | "$P11TOOL" --provider "$P11_MODULE_PATH"/p11-kit-client.so --list-tokens > /dev/null 2> p11tool.err 55 | if test $? -ne 0; then 56 | sed 's/^/# /' p11tool.err 57 | assert_fail "unable to access server" 58 | fi 59 | else 60 | skip "p11tool not found" 61 | return 62 | fi 63 | 64 | "$abs_top_builddir"/p11-kit/p11-kit-server-testable -s -k > stop.env 2> stop.err 65 | if test $? -ne 0; then 66 | sed 's/^/# /' stop.err 67 | assert_fail "unable to stop server" 68 | fi 69 | 70 | . ./stop.env 71 | 72 | if test "${P11_KIT_SERVER_ADDRESS+set}" = "set"; then 73 | assert_fail "P11_KIT_SERVER_ADDRESS is still set" 74 | fi 75 | 76 | if test "${P11_KIT_SERVER_PID+set}" = "set"; then 77 | assert_fail "P11_KIT_SERVER_PID is still set" 78 | fi 79 | } 80 | 81 | run test_server_access 82 | -------------------------------------------------------------------------------- /p11-kit/test-transport.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2012 Stefan Walter 3 | * Copyright (c) 2012-2023 Red Hat Inc. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 9 | * * Redistributions of source code must retain the above 10 | * copyright notice, this list of conditions and the 11 | * following disclaimer. 12 | * * Redistributions in binary form must reproduce the 13 | * above copyright notice, this list of conditions and 14 | * the following disclaimer in the documentation and/or 15 | * other materials provided with the distribution. 16 | * * The names of contributors to this software may not be 17 | * used to endorse or promote products derived from this 18 | * software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 24 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 31 | * DAMAGE. 32 | * 33 | * Author: Stef Walter 34 | */ 35 | 36 | #define MOCK_MODULE_TWO "mock-two" 37 | #define TEST_PREFIX "/transport" 38 | #define TEST_VERSION NULL 39 | 40 | #include "test-transport-base.c" 41 | -------------------------------------------------------------------------------- /p11-kit/test-transport3.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2012 Stefan Walter 3 | * Copyright (c) 2012-2023 Red Hat Inc. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 9 | * * Redistributions of source code must retain the above 10 | * copyright notice, this list of conditions and the 11 | * following disclaimer. 12 | * * Redistributions in binary form must reproduce the 13 | * above copyright notice, this list of conditions and 14 | * the following disclaimer in the documentation and/or 15 | * other materials provided with the distribution. 16 | * * The names of contributors to this software may not be 17 | * used to endorse or promote products derived from this 18 | * software without specific prior written permission. 19 | * 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 24 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 31 | * DAMAGE. 32 | * 33 | * Authors: Stef Walter 34 | * Jakub Jelen 35 | */ 36 | 37 | #include "p11-kit.h" 38 | 39 | #define MOCK_MODULE_TWO "mock-v3-two" 40 | #define TEST_PREFIX "/transport3" 41 | #define TEST_VERSION &test_version_three 42 | 43 | static const CK_VERSION test_version_three = {CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR}; 44 | 45 | #include "test-transport-base.c" 46 | -------------------------------------------------------------------------------- /p11-kit/test-util.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013, Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | #include "test.h" 37 | 38 | #include "p11-kit.h" 39 | 40 | #include 41 | #include 42 | 43 | static void 44 | test_space_strlen (void) 45 | { 46 | assert_num_eq (4, p11_kit_space_strlen ((const unsigned char *)"Test ", 20)); 47 | assert_num_eq (20, p11_kit_space_strlen ((const unsigned char *)"01234567890123456789", 20)); 48 | assert_num_eq (0, p11_kit_space_strlen ((const unsigned char *)" ", 20)); 49 | } 50 | 51 | int 52 | main (int argc, 53 | char *argv[]) 54 | { 55 | putenv ("P11_KIT_STRICT=1"); 56 | 57 | p11_test (test_space_strlen, "/util/space-strlen"); 58 | return p11_test_run (argc, argv); 59 | } 60 | -------------------------------------------------------------------------------- /p11-kit/tool.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2023, Red Hat Inc. 3 | * 4 | * All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 10 | * * Redistributions of source code must retain the above 11 | * copyright notice, this list of conditions and the 12 | * following disclaimer. 13 | * * Redistributions in binary form must reproduce the 14 | * above copyright notice, this list of conditions and 15 | * the following disclaimer in the documentation and/or 16 | * other materials provided with the distribution. 17 | * * The names of contributors to this software may not be 18 | * used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 24 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 25 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 27 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 28 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 29 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 31 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 32 | * DAMAGE. 33 | * 34 | * Author: Daiki Ueno 35 | */ 36 | 37 | #ifndef P11_KIT_TOOL_H 38 | #define P11_KIT_TOOL_H 39 | 40 | #include "compat.h" 41 | #include "iter.h" 42 | #include "pkcs11.h" 43 | #include "uri.h" 44 | 45 | typedef struct p11_tool p11_tool; 46 | 47 | p11_tool *p11_tool_new (void); 48 | void p11_tool_free (p11_tool *tool); 49 | P11KitUriResult p11_tool_set_uri (p11_tool *tool, 50 | const char *string, 51 | P11KitUriType type); 52 | void p11_tool_set_login (p11_tool *tool, 53 | bool login); 54 | bool p11_tool_set_provider 55 | (p11_tool *tool, 56 | const char *provider); 57 | P11KitIter *p11_tool_begin_iter (p11_tool *tool, 58 | P11KitIterBehavior behavior); 59 | void p11_tool_end_iter (p11_tool *tool, 60 | P11KitIter *iter); 61 | 62 | #endif /* P11_KIT_TOOL_H */ 63 | -------------------------------------------------------------------------------- /p11-kit/tty.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2023, Red Hat Inc. 3 | * 4 | * All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 10 | * * Redistributions of source code must retain the above 11 | * copyright notice, this list of conditions and the 12 | * following disclaimer. 13 | * * Redistributions in binary form must reproduce the 14 | * above copyright notice, this list of conditions and 15 | * the following disclaimer in the documentation and/or 16 | * other materials provided with the distribution. 17 | * * The names of contributors to this software may not be 18 | * used to endorse or promote products derived from this 19 | * software without specific prior written permission. 20 | * 21 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 24 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 25 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 27 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 28 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 29 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 31 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 32 | * DAMAGE. 33 | * 34 | * Author: Daiki Ueno 35 | */ 36 | 37 | #ifndef P11_KIT_TTY_H 38 | #define P11_KIT_TTY_H 39 | 40 | #include "pin.h" 41 | 42 | P11KitPin *p11_pin_tty_callback (const char *pin_source, 43 | P11KitUri *pin_uri, 44 | const char *pin_description, 45 | P11KitPinFlags pin_flags, 46 | void *callback_data); 47 | 48 | #endif /* P11_KIT_TTY_H */ 49 | -------------------------------------------------------------------------------- /p11-kit/version.h.in: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2024 Red Hat, Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Daiki Ueno 33 | */ 34 | 35 | #ifndef P11_KIT_VERSION_H 36 | #define P11_KIT_VERSION_H 37 | 38 | #ifdef __cplusplus 39 | extern "C" { 40 | #endif 41 | 42 | #define P11_KIT_VERSION_MAJOR (@PACKAGE_MAJOR@) 43 | #define P11_KIT_VERSION_MINOR (@PACKAGE_MINOR@) 44 | #define P11_KIT_VERSION_MICRO (@PACKAGE_MICRO@) 45 | 46 | #define P11_KIT_CHECK_VERSION(major, minor, micro) \ 47 | (P11_KIT_VERSION_MAJOR > (major) || \ 48 | (P11_KIT_VERSION_MAJOR == (major) && \ 49 | P11_KIT_VERSION_MINOR > (minor)) || \ 50 | (P11_KIT_VERSION_MAJOR == (major) && \ 51 | P11_KIT_VERSION_MINOR == (minor) && \ 52 | P11_KIT_VERSION_MICRO >= (micro))) 53 | 54 | int p11_kit_check_version (int major, int minor, int micro); 55 | 56 | #ifdef __cplusplus 57 | } /* extern "C" */ 58 | #endif 59 | 60 | #endif /* P11_KIT_VERSION_H */ 61 | -------------------------------------------------------------------------------- /po/LINGUAS: -------------------------------------------------------------------------------- 1 | # Set of available languages. 2 | ar 3 | as 4 | ast 5 | az 6 | bg 7 | bn_IN 8 | ca 9 | ca@valencia 10 | cs 11 | cy 12 | da 13 | de 14 | el 15 | en_GB 16 | eo 17 | es 18 | et 19 | eu 20 | fa 21 | fi 22 | fo 23 | fr 24 | fur 25 | ga 26 | gl 27 | gu 28 | he 29 | hi 30 | hr 31 | hu 32 | ia 33 | id 34 | it 35 | ja 36 | ka 37 | kk 38 | kn 39 | ko 40 | lt 41 | lv 42 | ml 43 | mr 44 | ms 45 | nb 46 | nl 47 | nn 48 | oc 49 | or 50 | pa 51 | pl 52 | pt 53 | pt_BR 54 | ro 55 | ru 56 | si 57 | sk 58 | sl 59 | sq 60 | sr 61 | sr@latin 62 | sv 63 | ta 64 | te 65 | th 66 | tr 67 | uk 68 | vi 69 | wa 70 | zh_CN 71 | zh_HK 72 | zh_TW 73 | -------------------------------------------------------------------------------- /po/POTFILES.in: -------------------------------------------------------------------------------- 1 | # List of source files which contain translatable strings. 2 | common/options.c 3 | common/persist.c 4 | p11-kit/add-profile.c 5 | p11-kit/conf.c 6 | p11-kit/delete-object.c 7 | p11-kit/delete-profile.c 8 | p11-kit/export-object.c 9 | p11-kit/filter.c 10 | p11-kit/generate-keypair.c 11 | p11-kit/import-object.c 12 | p11-kit/iter.c 13 | p11-kit/list-objects.c 14 | p11-kit/list-profiles.c 15 | p11-kit/list-mechanisms.c 16 | p11-kit/list-tokens.c 17 | p11-kit/lists.c 18 | p11-kit/messages.c 19 | p11-kit/modules.c 20 | p11-kit/p11-kit.c 21 | p11-kit/print-config.c 22 | p11-kit/remote.c 23 | p11-kit/rpc-client.c 24 | p11-kit/rpc-message.c 25 | p11-kit/rpc-server.c 26 | p11-kit/rpc-transport.c 27 | p11-kit/server.c 28 | trust/anchor.c 29 | trust/builder.c 30 | trust/check-format.c 31 | trust/dump.c 32 | trust/enumerate.c 33 | trust/extract.c 34 | trust/extract-cer.c 35 | trust/extract-edk2.c 36 | trust/extract-jks.c 37 | trust/extract-openssl.c 38 | trust/extract-pem.c 39 | trust/list.c 40 | trust/module.c 41 | trust/parser.c 42 | trust/save.c 43 | trust/token.c 44 | trust/trust.c 45 | -------------------------------------------------------------------------------- /po/boldquot.sed: -------------------------------------------------------------------------------- 1 | s/"\([^"]*\)"/“\1”/g 2 | s/`\([^`']*\)'/‘\1’/g 3 | s/ '\([^`']*\)' / ‘\1’ /g 4 | s/ '\([^`']*\)'$/ ‘\1’/g 5 | s/^'\([^`']*\)' /‘\1’ /g 6 | s/“”/""/g 7 | s/“/“/g 8 | s/”/”/g 9 | s/‘/‘/g 10 | s/’/’/g 11 | -------------------------------------------------------------------------------- /po/meson.build: -------------------------------------------------------------------------------- 1 | i18n.gettext(meson.project_name()) 2 | -------------------------------------------------------------------------------- /po/quot.sed: -------------------------------------------------------------------------------- 1 | s/"\([^"]*\)"/“\1”/g 2 | s/`\([^`']*\)'/‘\1’/g 3 | s/ '\([^`']*\)' / ‘\1’ /g 4 | s/ '\([^`']*\)'$/ ‘\1’/g 5 | s/^'\([^`']*\)' /‘\1’ /g 6 | s/“”/""/g 7 | -------------------------------------------------------------------------------- /trust/anchor.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013, Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | 37 | #ifndef P11_ANCHOR_H_ 38 | #define P11_ANCHOR_H_ 39 | 40 | int p11_trust_anchor (int argc, 41 | char **argv); 42 | 43 | #endif /* P11_ANCHOR_H_ */ 44 | -------------------------------------------------------------------------------- /trust/check-format.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2023, Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Zoltan Fridrich 33 | */ 34 | 35 | #include "config.h" 36 | 37 | #ifndef P11_CHECK_FORMAT_H_ 38 | #define P11_CHECK_FORMAT_H_ 39 | 40 | int p11_trust_check_format (int argc, 41 | char **argv); 42 | 43 | #endif /* P11_CHECK_FORMAT_H_ */ 44 | -------------------------------------------------------------------------------- /trust/digest.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2012 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #ifndef P11_DIGEST_H_ 36 | #define P11_DIGEST_H_ 37 | 38 | #include "compat.h" 39 | 40 | /* 41 | * The SHA-1 and MD5 digests here are used for checksums in legacy 42 | * protocols. We don't use them in cryptographic contexts at all. 43 | * These particular algorithms would be poor choices for that. 44 | */ 45 | 46 | #define P11_DIGEST_MD5_LEN 16 47 | 48 | void p11_digest_md5 (unsigned char *hash, 49 | const void *input, 50 | size_t length, 51 | ...) GNUC_NULL_TERMINATED; 52 | 53 | #define P11_DIGEST_SHA1_LEN 20 54 | 55 | void p11_digest_sha1 (unsigned char *hash, 56 | const void *input, 57 | size_t length, 58 | ...) GNUC_NULL_TERMINATED; 59 | 60 | #endif /* P11_DIGEST_H_ */ 61 | -------------------------------------------------------------------------------- /trust/dump.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013, Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | 37 | #ifndef P11_DUMP_H_ 38 | #define P11_DUMP_H_ 39 | 40 | int p11_trust_dump (int argc, 41 | char **argv); 42 | 43 | #endif /* P11_DUMP_H_ */ 44 | -------------------------------------------------------------------------------- /trust/fixtures/cacert-ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/cacert-ca.der -------------------------------------------------------------------------------- /trust/fixtures/cacert3.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/cacert3.der -------------------------------------------------------------------------------- /trust/fixtures/distrusted.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN TRUSTED CERTIFICATE----- 2 | MIIDsDCCAxmgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnTELMAkGA1UEBhMCVVMx 3 | FzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYD 4 | VQQKEw1SZWQgSGF0LCBJbmMuMQswCQYDVQQLEwJJUzEWMBQGA1UEAxMNUmVkIEhh 5 | dCBJUyBDQTEmMCQGCSqGSIb3DQEJARYXc3lzYWRtaW4tcmR1QHJlZGhhdC5jb20w 6 | HhcNMDkwOTE2MTg0NTI1WhcNMTkwOTE0MTg0NTI1WjCBnTELMAkGA1UEBhMCVVMx 7 | FzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYD 8 | VQQKEw1SZWQgSGF0LCBJbmMuMQswCQYDVQQLEwJJUzEWMBQGA1UEAxMNUmVkIEhh 9 | dCBJUyBDQTEmMCQGCSqGSIb3DQEJARYXc3lzYWRtaW4tcmR1QHJlZGhhdC5jb20w 10 | gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN/HDWGiL8BarUWDIjNC6uxCXqYN 11 | QkwcmhILX+cl+YuDDArFL1pYVrith228gF3dSUU5X7kIOmPkkjNheRkbnas61X+n 12 | i3+KWvbX3q+h5VMxKX2cA1U+R3jLuXqYjF+N2gkPyPvxeoDuEncKAItw+mK/r+4L 13 | WBb5nFzek7hP3017AgMBAAGjgf0wgfowHQYDVR0OBBYEFA2sGXDtBKdeeKv+i6g0 14 | 6yEmwVY1MIHKBgNVHSMEgcIwgb+AFA2sGXDtBKdeeKv+i6g06yEmwVY1oYGjpIGg 15 | MIGdMQswCQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExEDAOBgNV 16 | BAcTB1JhbGVpZ2gxFjAUBgNVBAoTDVJlZCBIYXQsIEluYy4xCzAJBgNVBAsTAklT 17 | MRYwFAYDVQQDEw1SZWQgSGF0IElTIENBMSYwJAYJKoZIhvcNAQkBFhdzeXNhZG1p 18 | bi1yZHVAcmVkaGF0LmNvbYIBATAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA 19 | A4GBAFBgO5y3JcPXH/goumNBW7rr8m9EFZmQyK5gT1Ljv5qaCSZwxkAomhriv04p 20 | mb1y8yjrK5OY3WwgaRaAWRHp4/hn2HWaRvx3S+gwLM7p8V1pWnbSFJOXF3kbuC41 21 | voMIMqAFfHKidKN/yrjJg/1ahIjSt11lMUvRJ4TNT+pk5VnBMB+gCgYIKwYBBQUH 22 | AwIMEVJlZCBIYXQgSXMgdGhlIENB 23 | -----END TRUSTED CERTIFICATE----- 24 | -------------------------------------------------------------------------------- /trust/fixtures/duplicated.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/duplicated.jks -------------------------------------------------------------------------------- /trust/fixtures/duplicated1.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/duplicated1.der -------------------------------------------------------------------------------- /trust/fixtures/duplicated2.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/duplicated2.der -------------------------------------------------------------------------------- /trust/fixtures/empty-file: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/empty-file -------------------------------------------------------------------------------- /trust/fixtures/multiple.edk2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/multiple.edk2 -------------------------------------------------------------------------------- /trust/fixtures/multiple.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/multiple.jks -------------------------------------------------------------------------------- /trust/fixtures/openssl-trust-no-trust.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN TRUSTED CERTIFICATE----- 2 | MIIEmTCCA4GgAwIBAgIQXSBhjowOuTRAk7mx2GOVtjANBgkqhkiG9w0BAQUFADBv 3 | MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk 4 | ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF 5 | eHRlcm5hbCBDQSBSb290MB4XDTE0MDgwNTAwMDAwMFoXDTE1MTEwMTIzNTk1OVow 6 | fzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug 7 | Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSowKAYDVQQDEyFV 8 | U0VSVHJ1c3QgTGVnYWN5IFNlY3VyZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEB 9 | AQUAA4IBDwAwggEKAoIBAQDZTSA65ikwhvLphol2NE5oH5ZE99H51oJOpjie7stb 10 | 4Y4uvfJXgP3JP/yQc0S8j7tXW+UtHxQwdTb1f7zPVvR/gf+ukc3Y0mrLl/n3zZBq 11 | RS3Eu6SFE2hXX+8puirK6vXMpASbY80A6/3tjd0jxnseVx02fx8Img1h21pscQJT 12 | KML6jf2ru7PxjXRL3729zAaTYwmVwhB6nSWQMp0BwjlTsOAVa8fXdOWkIpvklP+E 13 | kfstsxlDLZMPnBIJ5Ge5J3oyrXoqzEFYwG5ZX+44KxcinIn6buflVzX0Wu2SlZMt 14 | +cwkP6UcPSe9IgNzzPXK86n03P7P6dBc0A+rh/yD/cipAgMBAAGjggEfMIIBGzAf 15 | BgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73gJMtUGjAdBgNVHQ4EFgQUr6RAr58W 16 | /qsx/fvVl4v1kaMkhhYwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8C 17 | AQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBkGA1UdIAQSMBAwDgYM 18 | KwYBBAGyMQECAQMEMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRy 19 | dXN0LmNvbS9BZGRUcnVzdEV4dGVybmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQp 20 | MCcwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI 21 | hvcNAQEFBQADggEBAISuLWg4EWyDUWLAkcKYvMY7+qXFvTsJ5m5gbzADhiIasovz 22 | xs4euxt54BYUTdKaBUv/j+zwKCnqKgQdPa8REtVJmFBCn2FmOrZAmQQMaxAy6ffP 23 | hlhPLc3TrH7oW2qDfA2gnFxQNnUNbX5Ct9+m3JBcbyNOlx3zInW/AzXmXX/H+Zss 24 | h/aO1iWWWZ3P6hAe727qWpt3GDTMgXevmofCCuXlnhOVU729SRqldhL23PKRt+ka 25 | 4bxNPZVxffiNfD4DT1Pt/lL9yl+T4RoBGwK3c066Zul4i1D+EcvRZ9AiT3fqzRQV 26 | QK5mXegufx6Ib1V51rl+47X9kaDA8iaHSy+d9aA= 27 | -----END TRUSTED CERTIFICATE----- 28 | -------------------------------------------------------------------------------- /trust/fixtures/redhat-ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/redhat-ca.der -------------------------------------------------------------------------------- /trust/fixtures/self-signed-with-eku.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/self-signed-with-eku.der -------------------------------------------------------------------------------- /trust/fixtures/self-signed-with-ku.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/self-signed-with-ku.der -------------------------------------------------------------------------------- /trust/fixtures/simple-string: -------------------------------------------------------------------------------- 1 | The simple string is hairy -------------------------------------------------------------------------------- /trust/fixtures/testing-server.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/testing-server.der -------------------------------------------------------------------------------- /trust/fixtures/thawte.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB 3 | rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf 4 | Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw 5 | MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV 6 | BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0wODA0MDIwMDAwMDBa 7 | Fw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl 8 | LCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9u 9 | MTgwNgYDVQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXpl 10 | ZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEcz 11 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr8nLPvb2FvdeHsbnndm 12 | gcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2AtP0LMqmsywCPLLEHd5N/8 13 | YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC+BsUa0Lf 14 | b1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS9 15 | 9irY7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2S 16 | zhkGcuYMXDhpxwTWvGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUk 17 | OQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV 18 | HQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJKoZIhvcNAQELBQADggEBABpA 19 | 2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweKA3rD6z8KLFIW 20 | oCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu 21 | t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7c 22 | KUGRIjxpp7sC8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fM 23 | m7v/OeZWYdMKp8RcTGB7BXcmer/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZu 24 | MdRAGmI0Nj81Aa6sY6A= 25 | -----END CERTIFICATE----- 26 | -------------------------------------------------------------------------------- /trust/fixtures/unrecognized-file.txt: -------------------------------------------------------------------------------- 1 | # This file is not recognized by the parser -------------------------------------------------------------------------------- /trust/fixtures/verisign-v1.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/fixtures/verisign-v1.der -------------------------------------------------------------------------------- /trust/fixtures/verisign-v1.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN TRUSTED CERTIFICATE----- 2 | MIICPDCCAaUCED9pHoGc8JpK83P/uUii5N0wDQYJKoZIhvcNAQEFBQAwXzELMAkG 3 | A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz 4 | cyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2 5 | MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV 6 | BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmlt 7 | YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN 8 | ADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0f 9 | zGVuDLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHi 10 | TkVWaR94AoDa3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0G 11 | CSqGSIb3DQEBBQUAA4GBAFgVKTk8d6PaXCUDfGD67gmZPCcQcMgMCeazh88K4hiW 12 | NWLMv5sneYlfycQJ9M61Hd8qveXbhpxoJeUwfLaJFf5n0a3hUKw8fGJLj7qE1xIV 13 | Gx/KXQ/BUpQqEZnae88MNhPVNdwQGVnqlMEAv3WP2fr9dgTbYruQagPZRjXZ+Hxb 14 | MA4MDEN1c3RvbSBMYWJlbA== 15 | -----END TRUSTED CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /trust/frob-multi-init.c: -------------------------------------------------------------------------------- 1 | /* 2 | * gcc -Wall -o frob-multi-init $(pkg-config p11-kit-1 --cflags --libs) -ldl frob-multi-init.c 3 | */ 4 | 5 | #include 6 | #include 7 | #include 8 | 9 | #include 10 | 11 | #define TRUST_SO P11_MODULE_PATH "/p11-kit-trust" SHLEXT 12 | 13 | int 14 | main (void) 15 | { 16 | CK_C_INITIALIZE_ARGS args = 17 | { NULL, NULL, NULL, NULL, CKF_OS_LOCKING_OK, NULL, }; 18 | CK_C_GetFunctionList C_GetFunctionList; 19 | CK_SESSION_HANDLE session; 20 | CK_FUNCTION_LIST *module; 21 | CK_SLOT_ID slots[8]; 22 | CK_SESSION_INFO info; 23 | CK_ULONG count; 24 | CK_RV rv; 25 | void *dl; 26 | 27 | dl = dlopen (TRUST_SO, RTLD_LOCAL | RTLD_NOW); 28 | if (dl == NULL) 29 | fprintf (stderr, "%s\n", dlerror()); 30 | assert (dl != NULL); 31 | 32 | C_GetFunctionList = dlsym (dl, "C_GetFunctionList"); 33 | assert (C_GetFunctionList != NULL); 34 | 35 | rv = C_GetFunctionList (&module); 36 | assert (rv == CKR_OK); 37 | assert (module != NULL); 38 | 39 | rv = module->C_Initialize (&args); 40 | assert (rv == CKR_OK); 41 | 42 | count = 8; 43 | rv = module->C_GetSlotList (CK_TRUE, slots, &count); 44 | assert (rv == CKR_OK); 45 | assert (count > 1); 46 | 47 | rv = module->C_OpenSession (slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); 48 | assert (rv == CKR_OK); 49 | 50 | rv = module->C_GetSessionInfo (session, &info); 51 | assert (rv == CKR_OK); 52 | 53 | rv = p11_kit_initialize_registered (); 54 | assert (rv == CKR_OK); 55 | 56 | rv = module->C_GetSessionInfo (session, &info); 57 | if (rv == CKR_OK) { 58 | printf ("no reinitialization bug\n"); 59 | return 0; 60 | 61 | } else if (rv == CKR_SESSION_HANDLE_INVALID) { 62 | printf ("reinitialization bug present\n"); 63 | return 1; 64 | 65 | } else { 66 | printf ("another error: %lu\n", rv); 67 | return 1; 68 | } 69 | } 70 | -------------------------------------------------------------------------------- /trust/frob-pow.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | 37 | #include 38 | 39 | static unsigned int 40 | nearest_pow_2 (int num) 41 | { 42 | unsigned int n = num ? 1 : 0; 43 | while (n < num && n > 0) 44 | n <<= 1; 45 | return n; 46 | } 47 | 48 | int 49 | main (void) 50 | { 51 | int i; 52 | 53 | for (i = 0; i < 40; i++) 54 | printf ("nearest_pow_2 (%d) == %u\n", i, nearest_pow_2 (i)); 55 | 56 | return 0; 57 | } 58 | -------------------------------------------------------------------------------- /trust/frob-token.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2012 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | #include "compat.h" 37 | 38 | #include 39 | 40 | #include "token.h" 41 | 42 | int 43 | main (int argc, 44 | char *argv[]) 45 | { 46 | p11_token *token; 47 | p11_index *index; 48 | int count; 49 | 50 | if (argc != 2) { 51 | fprintf (stderr, "usage: frob-token path\n"); 52 | return 2; 53 | } 54 | 55 | token = p11_token_new (1, argv[1], "Label", P11_TOKEN_FLAG_NONE); 56 | count = p11_token_load (token); 57 | 58 | printf ("%d files loaded\n", count); 59 | index = p11_token_index (token); 60 | printf ("%d objects loaded\n", p11_index_size (index)); 61 | 62 | p11_token_free (token); 63 | return 0; 64 | } 65 | -------------------------------------------------------------------------------- /trust/input/anchors/cacert3.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/input/anchors/cacert3.der -------------------------------------------------------------------------------- /trust/input/anchors/testing-ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/input/anchors/testing-ca.der -------------------------------------------------------------------------------- /trust/input/blocklist/self-server.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/input/blocklist/self-server.der -------------------------------------------------------------------------------- /trust/input/cacert-ca.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/p11-glue/p11-kit/cd761134869d1350fb7b7d477947cf83a33133de/trust/input/cacert-ca.der -------------------------------------------------------------------------------- /trust/input/distrusted.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN TRUSTED CERTIFICATE----- 2 | MIIDsDCCAxmgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnTELMAkGA1UEBhMCVVMx 3 | FzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYD 4 | VQQKEw1SZWQgSGF0LCBJbmMuMQswCQYDVQQLEwJJUzEWMBQGA1UEAxMNUmVkIEhh 5 | dCBJUyBDQTEmMCQGCSqGSIb3DQEJARYXc3lzYWRtaW4tcmR1QHJlZGhhdC5jb20w 6 | HhcNMDkwOTE2MTg0NTI1WhcNMTkwOTE0MTg0NTI1WjCBnTELMAkGA1UEBhMCVVMx 7 | FzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRAwDgYDVQQHEwdSYWxlaWdoMRYwFAYD 8 | VQQKEw1SZWQgSGF0LCBJbmMuMQswCQYDVQQLEwJJUzEWMBQGA1UEAxMNUmVkIEhh 9 | dCBJUyBDQTEmMCQGCSqGSIb3DQEJARYXc3lzYWRtaW4tcmR1QHJlZGhhdC5jb20w 10 | gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAN/HDWGiL8BarUWDIjNC6uxCXqYN 11 | QkwcmhILX+cl+YuDDArFL1pYVrith228gF3dSUU5X7kIOmPkkjNheRkbnas61X+n 12 | i3+KWvbX3q+h5VMxKX2cA1U+R3jLuXqYjF+N2gkPyPvxeoDuEncKAItw+mK/r+4L 13 | WBb5nFzek7hP3017AgMBAAGjgf0wgfowHQYDVR0OBBYEFA2sGXDtBKdeeKv+i6g0 14 | 6yEmwVY1MIHKBgNVHSMEgcIwgb+AFA2sGXDtBKdeeKv+i6g06yEmwVY1oYGjpIGg 15 | MIGdMQswCQYDVQQGEwJVUzEXMBUGA1UECBMOTm9ydGggQ2Fyb2xpbmExEDAOBgNV 16 | BAcTB1JhbGVpZ2gxFjAUBgNVBAoTDVJlZCBIYXQsIEluYy4xCzAJBgNVBAsTAklT 17 | MRYwFAYDVQQDEw1SZWQgSGF0IElTIENBMSYwJAYJKoZIhvcNAQkBFhdzeXNhZG1p 18 | bi1yZHVAcmVkaGF0LmNvbYIBATAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA 19 | A4GBAFBgO5y3JcPXH/goumNBW7rr8m9EFZmQyK5gT1Ljv5qaCSZwxkAomhriv04p 20 | mb1y8yjrK5OY3WwgaRaAWRHp4/hn2HWaRvx3S+gwLM7p8V1pWnbSFJOXF3kbuC41 21 | voMIMqAFfHKidKN/yrjJg/1ahIjSt11lMUvRJ4TNT+pk5VnBMB+gCgYIKwYBBQUH 22 | AwIMEVJlZCBIYXQgSXMgdGhlIENB 23 | -----END TRUSTED CERTIFICATE----- 24 | -------------------------------------------------------------------------------- /trust/input/extensions.p11-kit: -------------------------------------------------------------------------------- 1 | [p11-kit-object-v1] 2 | class: x-certificate-extension 3 | label: "Example CA restriction for example.com and corp.example.com" 4 | object-id: 2.5.29.30 5 | value: "%30%2e%06%03%55%1d%1e%04%27%30%25%a0%23%30%0d%82%0b%65%78%61%6d%70%6c%65%2e%63%6f%6d%30%12%82%10%63%6f%72%70%2e%65%78%61%6d%70%6c%65%2e%63%6f%6d" 6 | -----BEGIN PUBLIC KEY----- 7 | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRtTajie6qgC9T/RJ1PvN6ntav 8 | +rwcYBBLJoETGlnj/kVsOAQ5J0ZX/dW8jYoQtjvUCoFaRS/sPoHw2U5Pl99LMg8I 9 | sSaivWlhXWY5Yy8QcDX7B4UK/1cSwfSDHfnG06S2cCuAoUB/SE7ZreuAzM+SwdGD 10 | ZAEjR469MZgFa2t8NwIDAQAB 11 | -----END PUBLIC KEY----- 12 | 13 | [p11-kit-object-v1] 14 | class: x-certificate-extension 15 | label: "Example CA restriction for example.com and corp.example.org" 16 | object-id: 2.5.29.30 17 | value: "%30%2e%06%03%55%1d%1e%04%27%30%25%a0%23%30%0d%82%0b%65%78%61%6d%70%6c%65%2e%63%6f%6d%30%12%82%10%63%6f%72%70%2e%65%78%61%6d%70%6c%65%2e%6f%72%67" 18 | -----BEGIN PUBLIC KEY----- 19 | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRtTajie6qgC9T/RJ1PvN6ntav 20 | +rwcYBBLJoETGlnj/kVsOAQ5J0ZX/dW8jYoQtjvUCoFaRS/sPoHw2U5Pl99LMg8I 21 | sSaivWlhXWY5Yy8QcDX7B4UK/1cSwfSDHfnG06S2cCuAoUB/SE7ZreuAzM+SwdGD 22 | ZAEjR469MZgFa2t8NwIDAQAB 23 | -----END PUBLIC KEY----- 24 | -------------------------------------------------------------------------------- /trust/input/extensions.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIIB7DCCAVWgAwIBAgIIWRMNpygap1cwDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE 3 | AxMKRXhhbXBsZSBDQTAgFw0xNzA1MTAxMjU1MDVaGA85OTk5MTIzMTIzNTk1OVow 4 | FTETMBEGA1UEAxMKRXhhbXBsZSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC 5 | gYEA0bU2o4nuqoAvU/0SdT7zep7Wr/q8HGAQSyaBExpZ4/5FbDgEOSdGV/3VvI2K 6 | ELY71AqBWkUv7D6B8NlOT5ffSzIPCLEmor1pYV1mOWMvEHA1+weFCv9XEsH0gx35 7 | xtOktnArgKFAf0hO2a3rgMzPksHRg2QBI0eOvTGYBWtrfDcCAwEAAaNDMEEwDwYD 8 | VR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBTAf2LZgNFX 9 | 6uQKWnFh05Br9JgOUjANBgkqhkiG9w0BAQsFAAOBgQA0xZVI3WmyWaa56nTSiuco 10 | 3u0Cye7N8bSzlfi2kmyh8efA7/OCyBuUzCtvmiftsfcG6fPz3A8fdk5sA2oy0gyY 11 | kJXukhHmLP0FHLVpa3vw1Sva5AlAkLGeQ25aSeYVZCASalMAAS72WAhsKdaD5TRS 12 | ifWyno0SswLLpXIJsLW2Lw== 13 | -----END CERTIFICATE----- 14 | -------------------------------------------------------------------------------- /trust/input/verisign-v1.p11-kit: -------------------------------------------------------------------------------- 1 | [p11-kit-object-v1] 2 | trusted: true 3 | 4 | -----BEGIN CERTIFICATE----- 5 | MIICPDCCAaUCED9pHoGc8JpK83P/uUii5N0wDQYJKoZIhvcNAQEFBQAwXzELMAkG 6 | A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz 7 | cyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2 8 | MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV 9 | BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmlt 10 | YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN 11 | ADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0f 12 | zGVuDLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHi 13 | TkVWaR94AoDa3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0G 14 | CSqGSIb3DQEBBQUAA4GBAFgVKTk8d6PaXCUDfGD67gmZPCcQcMgMCeazh88K4hiW 15 | NWLMv5sneYlfycQJ9M61Hd8qveXbhpxoJeUwfLaJFf5n0a3hUKw8fGJLj7qE1xIV 16 | Gx/KXQ/BUpQqEZnae88MNhPVNdwQGVnqlMEAv3WP2fr9dgTbYruQagPZRjXZ+Hxb 17 | -----END CERTIFICATE----- 18 | -------------------------------------------------------------------------------- /trust/list.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013, Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | 37 | #ifndef P11_LIST_H_ 38 | #define P11_LIST_H_ 39 | 40 | int p11_trust_list (int argc, 41 | char **argv); 42 | 43 | #endif /* P11_LIST_H_ */ 44 | -------------------------------------------------------------------------------- /trust/module-init.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2012 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "config.h" 36 | 37 | #include "module.h" 38 | #include "library.h" 39 | 40 | #define INIT p11_trust_module_init 41 | #define FINI p11_trust_module_fini 42 | #define CLEANUP 43 | #include "init.h" 44 | -------------------------------------------------------------------------------- /trust/module.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (C) 2012 Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #include "pkcs11.h" 36 | 37 | #ifndef P11_MODULE_H_ 38 | #define P11_MODULE_H_ 39 | 40 | CK_ULONG p11_module_next_id (void); 41 | 42 | #endif /* P11_MODULE_H_ */ 43 | -------------------------------------------------------------------------------- /trust/p11-kit-trust.module: -------------------------------------------------------------------------------- 1 | # See pkcs11.conf(5) to understand this file 2 | 3 | # This is a module config for the 'included' p11-kit trust module 4 | module: p11-kit-trust.so 5 | 6 | # This setting affects the order that trust policy and other information 7 | # is looked up when going across various modules. Other trust policy modules 8 | # need to specify the priority where they slot into things. 9 | priority: 1 10 | 11 | # Mark this module as a viable source of trust policy information 12 | trust-policy: yes 13 | 14 | # This is for drop-in compatibility with glib-networking and gcr. Those 15 | # projects used this non-standard attribute to denote slots to use to 16 | # retrieve trust information. 17 | x-trust-lookup: pkcs11:library-description=PKCS%2311%20Kit%20Trust%20Module 18 | 19 | # Prevent this module being loaded by the proxy module 20 | disable-in: p11-kit-proxy 21 | 22 | # This will be overwritten by appending "verbose=yes", if the trust 23 | # command is called with the -v option. 24 | x-init-reserved: 25 | -------------------------------------------------------------------------------- /trust/test-trust.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | test "${abs_top_builddir+set}" = set || { 4 | echo "set abs_top_builddir" 1>&2 5 | exit 1 6 | } 7 | 8 | . "$abs_top_builddir/common/test-init.sh" 9 | 10 | test_disable_in_proxy() 11 | { 12 | : ${PKCS11_TOOL=pkcs11-tool} 13 | if ! (type ${PKCS11_TOOL}) > /dev/null 2>&1; then 14 | skip "pkcs11-tool not found" 15 | fi 16 | : ${PKG_CONFIG=pkg-config} 17 | if ! (type ${PKG_CONFIG}) > /dev/null 2>&1; then 18 | skip "pkg-config not found" 19 | fi 20 | proxy_module=$(${PKG_CONFIG} --variable=proxy_module p11-kit-1) 21 | if ${PKCS11_TOOL} --module="$proxy_module" -T | grep '^ *token model *: *p11-kit-trust' > /dev/null 2>&1; then 22 | assert_fail "p11-kit-trust is not disabled in proxy module" 23 | fi 24 | } 25 | 26 | run test_disable_in_proxy 27 | -------------------------------------------------------------------------------- /trust/trust-extract-compat: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # This script is a placeholder designed to be replaced when this software 4 | # has been customized for distribution. It should be symlinked linked to the 5 | # distribution's update-ca-certificates or update-ca-trust command as 6 | # appropriate. In the future this script will be called when the PKCS#11 7 | # trust module is used to modify trust anchors and related data. 8 | 9 | if [ $# -ne 0 ]; then 10 | echo "usage: trust extract-compat" >&2 11 | exit 2 12 | fi 13 | 14 | uid=$(id -u) 15 | if [ "$uid" != 0 ]; then 16 | echo "trust: running as non-root user: skip extracting compat bundles" >&2 17 | exit 0 18 | fi 19 | 20 | echo "trust: the placeholder extract-compat command has not been customized by your distribution." >&2 21 | 22 | # You can use commands like this to extract data from trust modules 23 | # into appropriate locations for your distribution. 24 | # 25 | # trust extract --format=openssl-bundle --filter=ca-anchors \ 26 | # --overwrite /tmp/openssl-bundle.pem 27 | # trust extract --format=pem-bundle --filter=ca-anchors --overwrite \ 28 | # --purpose server-auth /tmp/server-auth-bundle.pem 29 | # trust extract --format=java-cacerts --filter=ca-anchors --overwrite \ 30 | # --purpose server-auth /tmp/cacerts 31 | 32 | exit 1 33 | -------------------------------------------------------------------------------- /trust/utf8.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013, Red Hat Inc. 3 | * 4 | * Redistribution and use in source and binary forms, with or without 5 | * modification, are permitted provided that the following conditions 6 | * are met: 7 | * 8 | * * Redistributions of source code must retain the above 9 | * copyright notice, this list of conditions and the 10 | * following disclaimer. 11 | * * Redistributions in binary form must reproduce the 12 | * above copyright notice, this list of conditions and 13 | * the following disclaimer in the documentation and/or 14 | * other materials provided with the distribution. 15 | * * The names of contributors to this software may not be 16 | * used to endorse or promote products derived from this 17 | * software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 22 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 23 | * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 24 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 25 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 26 | * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 27 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 28 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 29 | * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH 30 | * DAMAGE. 31 | * 32 | * Author: Stef Walter 33 | */ 34 | 35 | #ifndef P11_UTF8_H_ 36 | #define P11_UTF8_H_ 37 | 38 | #include "compat.h" 39 | 40 | #include 41 | 42 | bool p11_utf8_validate (const char *str, 43 | ssize_t len); 44 | 45 | char * p11_utf8_for_ucs2be (const unsigned char *str, 46 | size_t num_bytes, 47 | size_t *ret_len); 48 | 49 | char * p11_utf8_for_ucs4be (const unsigned char *str, 50 | size_t num_bytes, 51 | size_t *ret_len); 52 | 53 | #endif /* P11_UTF8_H_ */ 54 | -------------------------------------------------------------------------------- /zsh-completion/meson.build: -------------------------------------------------------------------------------- 1 | zshcompdir = get_option('zshcompdir') 2 | if zshcompdir == '' 3 | zshcompdir = datadir / 'zsh/site-functions' 4 | endif 5 | 6 | if not get_option('zsh_completion').disabled() 7 | install_data('p11-kit.zsh', rename: '_p11-kit', install_dir: zshcompdir) 8 | if with_trust_module 9 | install_data('trust.zsh', rename: '_trust', install_dir: zshcompdir) 10 | endif 11 | endif 12 | -------------------------------------------------------------------------------- /zsh-completion/p11-kit.zsh: -------------------------------------------------------------------------------- 1 | #compdef p11-kit 2 | 3 | local -a reply 4 | 5 | local -a _p11_kit_commands=( 6 | 'list-modules:list modules and tokens' 7 | 'list-tokens:list tokens' 8 | 'list-objects:list objects of a token' 9 | 'import-object:import object into a token' 10 | 'export-object:export object matching PKCS11 URI' 11 | 'delete-object:delete objects matching PKCS11 URI' 12 | 'generate-keypair:generate key-pair on a PKCS11 token' 13 | 'list-profiles:list PKCS11 profiles supported by the token' 14 | 'add-profile:add PKCS11 profile to the token' 15 | 'delete-profile:delete PKCS11 profile from the token' 16 | 'print-config:print merged configuration' 17 | 'list-mechanisms:list supported mechanisms' 18 | 'remote:run a specific PKCS11 module remotely' 19 | 'server:run a server process that exposes PKCS11 module remotely' 20 | ) 21 | 22 | _regex_words p11-kit-commands 'p11-kit command' $_p11_kit_commands 23 | _regex_arguments _p11-kit_cmd /$'[^\0]#\0'/ "$reply[@]" 24 | 25 | _arguments -S \ 26 | '(-h --help)'{-h,--help}'[show a help message and exit]' \ 27 | '*:: := _p11-kit_cmd' 28 | --------------------------------------------------------------------------------