[pkcs11-tool] Do not use modLenBytes before validating
This commit is contained in:
parent
206b2cec28
commit
12fe5b5e67
|
@ -4431,7 +4431,7 @@ static int test_signature(CK_SESSION_HANDLE sess)
|
|||
modLenBytes, i);
|
||||
}
|
||||
|
||||
/* 4rd test: the other signature keys */
|
||||
/* 4th test: the other signature keys */
|
||||
|
||||
for (i = 0; mechTypes[i] != 0xffffff; i++)
|
||||
if (mechTypes[i] == firstMechType)
|
||||
|
@ -4445,16 +4445,6 @@ static int test_signature(CK_SESSION_HANDLE sess)
|
|||
modLenBits = get_private_key_length(sess, privKeyObject);
|
||||
modLenBytes = (modLenBits + 7) / 8;
|
||||
|
||||
/* Fill in data[0] and dataLens[0] */
|
||||
dataLen = modLenBytes;
|
||||
data[0] = 0x00;
|
||||
data[1] = 0x01;
|
||||
memset(data + 2, 0xFF, dataLen - 3 - dataLens[1]);
|
||||
data[dataLen - 36] = 0x00;
|
||||
memcpy(data + (dataLen - dataLens[1]), datas[1], dataLens[1]);
|
||||
datas[0] = data;
|
||||
dataLens[0] = dataLen;
|
||||
|
||||
printf(" testing key %d (%u bits%s%s) with 1 signature mechanism",
|
||||
(int) (j-1),
|
||||
(int) modLenBits,
|
||||
|
@ -4479,6 +4469,16 @@ static int test_signature(CK_SESSION_HANDLE sess)
|
|||
printf("\n");
|
||||
}
|
||||
|
||||
/* Fill in data[0] and dataLens[0] */
|
||||
dataLen = modLenBytes;
|
||||
data[0] = 0x00;
|
||||
data[1] = 0x01;
|
||||
memset(data + 2, 0xFF, dataLen - 3 - dataLens[1]);
|
||||
data[dataLen - 36] = 0x00;
|
||||
memcpy(data + (dataLen - dataLens[1]), datas[1], dataLens[1]);
|
||||
datas[0] = data;
|
||||
dataLens[0] = dataLen;
|
||||
|
||||
errors += sign_verify_openssl(sess, &ck_mech, privKeyObject,
|
||||
datas[i], dataLens[i], verifyData, sizeof(verifyData),
|
||||
modLenBytes, i);
|
||||
|
|
Loading…
Reference in New Issue