mirrors
/
FreeRDP
mirror of https://github.com/FreeRDP/FreeRDP
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[winpr,ncrypt] obtain module path from provider 

Currently, the module path is hardcoded in the build_pkinit_args function.
Let's obtain the module path from provider as a preparation for the
follow-up changes.
This commit is contained in:
Ondrej Holy 2024-04-19 14:56:05 +02:00 committed by akallabeth
parent 79975cfbe3
commit 73991c48ce
5 changed files with 38 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libfreerdp/core/smartcardlogon.c
View File

@ -243,13 +243,12 @@ static BOOL set_info_certificate(SmartcardCertInfo* cert, BYTE* certBytes, DWORD
}
#ifndef _WIN32
static BOOL build_pkinit_args(const rdpSettings* settings, SmartcardCertInfo* scCert)
static BOOL build_pkinit_args(NCRYPT_PROV_HANDLE provider, SmartcardCertInfo* scCert)
{
/* pkinit args only under windows
* PKCS11:module_name=opensc-pkcs11.so
*/
const char* Pkcs11Module = freerdp_settings_get_string(settings, FreeRDP_Pkcs11Module);
const char* pkModule = Pkcs11Module ? Pkcs11Module : "opensc-pkcs11.so";
const char* pkModule = winpr_NCryptGetModulePath(provider);
size_t size = 0;
if (winpr_asprintf(&scCert->pkinitArgs, &size, "PKCS11:module_name=%s:slotid=%" PRIu16,
@ -515,7 +514,7 @@ static BOOL list_provider_keys(const rdpSettings* settings, NCRYPT_PROV_HANDLE p
goto endofloop;
#ifndef _WIN32
if (!build_pkinit_args(settings, cert))
if (!build_pkinit_args(provider, cert))
{
WLog_ERR(TAG, "error build pkinit args");
goto endofloop;

8
winpr/include/winpr/ncrypt.h
View File

@ -212,6 +212,14 @@ extern "C"
*/
WINPR_API const char* winpr_NCryptSecurityStatusError(SECURITY_STATUS status);
/**
* Gives a module path of provider handle
*
* @param phProvider [in] provider handle
* @return module path
*/
WINPR_API const char* winpr_NCryptGetModulePath(NCRYPT_PROV_HANDLE phProvider);
#ifdef __cplusplus
}
#endif

9
winpr/libwinpr/ncrypt/ncrypt.c
View File

@ -345,3 +345,12 @@ const char* winpr_NCryptSecurityStatusError(SECURITY_STATUS status)
#undef NTE_CASE
}
const char* winpr_NCryptGetModulePath(NCRYPT_PROV_HANDLE phProvider)
{
#if defined(WITH_PKCS11)
return NCryptGetModulePath(phProvider);
#else
return NULL;
#endif
}

2
winpr/libwinpr/ncrypt/ncrypt.h
View File

@ -89,6 +89,8 @@ void* ncrypt_new_handle(NCryptHandleType kind, size_t len, NCryptGetPropertyFn g
SECURITY_STATUS NCryptOpenP11StorageProviderEx(NCRYPT_PROV_HANDLE* phProvider,
LPCWSTR pszProviderName, DWORD dwFlags,
LPCSTR* modulePaths);
const char* NCryptGetModulePath(NCRYPT_PROV_HANDLE phProvider);
#endif
#endif /* WINPR_LIBWINPR_NCRYPT_NCRYPT_H_ */

16
winpr/libwinpr/ncrypt/ncrypt_pkcs11.c
View File

@ -42,6 +42,7 @@ typedef struct
HANDLE library;
CK_FUNCTION_LIST_PTR p11;
char* modulePath;
} NCryptP11ProviderHandle;
/** @brief a handle returned by NCryptOpenKey */
@ -112,6 +113,8 @@ static SECURITY_STATUS NCryptP11StorageProvider_dtor(NCRYPT_HANDLE handle)
{
}
free(provider->modulePath);
if (provider->library)
FreeLibrary(provider->library);
@ -1242,6 +1245,7 @@ SECURITY_STATUS NCryptOpenP11StorageProviderEx(NCRYPT_PROV_HANDLE* phProvider,
HANDLE library = LoadLibrary(*modulePaths);
typedef CK_RV (*c_get_function_list_t)(CK_FUNCTION_LIST_PTR_PTR);
c_get_function_list_t c_get_function_list = NULL;
NCryptP11ProviderHandle* provider = NULL;
WLog_DBG(TAG, "Trying pkcs11-helper module '%s'", *modulePaths);
if (!library)
@ -1264,6 +1268,9 @@ SECURITY_STATUS NCryptOpenP11StorageProviderEx(NCRYPT_PROV_HANDLE* phProvider,
goto out_load_library;
}
provider = (NCryptP11ProviderHandle*)*phProvider;
provider->modulePath = _strdup(*modulePaths);
WLog_DBG(TAG, "module '%s' loaded", *modulePaths);
return ERROR_SUCCESS;
@ -1275,3 +1282,12 @@ SECURITY_STATUS NCryptOpenP11StorageProviderEx(NCRYPT_PROV_HANDLE* phProvider,
return status;
}
const char* NCryptGetModulePath(NCRYPT_PROV_HANDLE phProvider)
{
NCryptP11ProviderHandle* provider = (NCryptP11ProviderHandle*)phProvider;
WINPR_ASSERT(provider);
return provider->modulePath;
}