NIIBE Yutaka
30d4eb97db
tkd: Support READCERT command.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-23 08:35:20 +09:00
NIIBE Yutaka
512213d6ed
tkd: Fix PKSIGN.
...
Clean up confusion of hashing.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-20 11:08:51 +09:00
NIIBE Yutaka
e57c072ea6
tkd: Add RESTART command.
...
It will be useful, when TKDaemon will maintain a context for a
connection.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-20 10:13:24 +09:00
NIIBE Yutaka
d0d728a5b7
tkd: Fix RSA PKSIGN.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-17 15:22:22 +09:00
NIIBE Yutaka
84dd9cf6c3
Fix PKSIGN to get data by EXTRA.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-17 15:22:00 +09:00
NIIBE Yutaka
18a4002eab
tkd: Implement READKEY, returning canon SEXP.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-17 15:20:42 +09:00
NIIBE Yutaka
22be07a08c
tkd: sorted out entities and initialize PKCS#11 on demand.
...
tkd: host side process which manages KEYs on TOKENs
It's a KEYGRIP which identifies a KEY.
it's TKD which administrates: where is a KEY on which TOKEN.
cryptoki (ck): access object of PKCS#11 API. CRYPTOKI has slots.
token: abstraction of a device.
Each slots has slot_id. Slot_id corresponds a TOKEN.
1:1 map between slot_id and TOKEN.
KEY: TOKEN may have multiple KEYs.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-17 11:37:11 +09:00
NIIBE Yutaka
a53441c8dd
tkd: Fix for rescanning the slot list.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-16 14:59:14 +09:00
NIIBE Yutaka
fcae367ab5
tkd: Check CKF_TOKEN_PRESENT, too.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-15 15:05:15 +09:00
NIIBE Yutaka
4a48149d84
tkd: Implement finalizer.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-15 14:44:18 +09:00
NIIBE Yutaka
5d515d7059
agent: Add oTkdaemonProgram.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-13 14:14:48 +09:00
NIIBE Yutaka
c3dee068f9
Implement READKEY command.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-08 14:30:33 +09:00
NIIBE Yutaka
86d1d3ecd2
Add login feature.
...
Tested with YKCS#11 ECDSA and SoftHSM2 RSA.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-06 14:08:04 +09:00
NIIBE Yutaka
e944cead95
Use two-phase sign to match PKCS#11 API.
...
Tested Scute for RSA and ECDSA.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-06 11:53:07 +09:00
NIIBE Yutaka
6f5debd36a
Fix the length of ECDSA.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-06 11:16:03 +09:00
NIIBE Yutaka
aa8c5d12ef
Fix keygrip computation.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-03 20:44:24 +09:00
NIIBE Yutaka
395bcbc0ff
Fix listing keys.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-03 18:19:12 +09:00
NIIBE Yutaka
22f945cf30
Implement token_keyinfo.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-03 14:39:12 +09:00
NIIBE Yutaka
601e1e28df
Add key->flags member.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-03 14:02:04 +09:00
NIIBE Yutaka
20ba5794bf
Fix assuan context things.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-03 12:02:07 +09:00
NIIBE Yutaka
ef83c46362
Implement token_sign.
...
Still assuan_context_t should be fixed.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-02 15:13:59 +09:00
NIIBE Yutaka
338736c0fe
Move functions.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-03-02 13:01:45 +09:00
NIIBE Yutaka
5055718fec
Define routines for pkcs11.c in the header.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-02-27 18:41:31 +09:00
NIIBE Yutaka
d30ce02dd6
Start tkdaemon to offer PKCS#11 module access.
...
Currently, it's a mock-up.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-02-27 15:54:14 +09:00
NIIBE Yutaka
34abc6cd9b
Some implementations don't offer the information of key mechanisms.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-02-24 14:50:41 +09:00
NIIBE Yutaka
88b832dfab
Logout after use (when login).
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-02-24 13:27:50 +09:00
NIIBE Yutaka
c0a5dd3dcf
Yubikey PIV now somehow works.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-02-24 11:41:26 +09:00
NIIBE Yutaka
0f5e9dea89
Testing pksign.c for access to PKCS#11 module.
...
Scute and SoftHSMV2: RSA key works
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-02-22 16:13:21 +09:00
NIIBE Yutaka
c82f6b6599
Add test code to handle PKCS#11 module.
...
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-02-21 16:59:49 +09:00