Add support for CKM_RSA_PKCS_OAEP in encrypt_decrypt(). fix mechanism value in call to util_fatal(). fix formatting.
This commit is contained in:
parent
16ca73ae40
commit
2be799f739
@ -5270,45 +5270,45 @@ static int encrypt_decrypt(CK_SESSION_HANDLE session,
|
||||
return 0;
|
||||
}
|
||||
if (mech_type == CKM_RSA_PKCS_OAEP) {
|
||||
EVP_PKEY_CTX *ctx;
|
||||
ctx = EVP_PKEY_CTX_new(pkey, NULL);
|
||||
if (!ctx) {
|
||||
EVP_PKEY_free(pkey);
|
||||
printf("EVP_PKEY_CTX_new failed, returning\n");
|
||||
return 0;
|
||||
}
|
||||
if (EVP_PKEY_encrypt_init(ctx) <= 0) {
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
EVP_PKEY_free(pkey);
|
||||
printf("EVP_PKEY_encrypt_init failed, returning\n");
|
||||
return 0;
|
||||
}
|
||||
EVP_PKEY_CTX *ctx;
|
||||
ctx = EVP_PKEY_CTX_new(pkey, NULL);
|
||||
if (!ctx) {
|
||||
EVP_PKEY_free(pkey);
|
||||
printf("EVP_PKEY_CTX_new failed, returning\n");
|
||||
return 0;
|
||||
}
|
||||
if (EVP_PKEY_encrypt_init(ctx) <= 0) {
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
EVP_PKEY_free(pkey);
|
||||
printf("EVP_PKEY_encrypt_init failed, returning\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) {
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
EVP_PKEY_free(pkey);
|
||||
printf("set OAEP padding failed, returning\n");
|
||||
return 0;
|
||||
}
|
||||
size_t outlen = sizeof(encrypted);
|
||||
if (EVP_PKEY_encrypt(ctx, encrypted, &outlen, orig_data, sizeof(orig_data)) <= 0) {
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
EVP_PKEY_free(pkey);
|
||||
printf("Encryption failed, returning\n");
|
||||
return 0;
|
||||
}
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
EVP_PKEY_free(pkey);
|
||||
encrypted_len = outlen;
|
||||
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) {
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
EVP_PKEY_free(pkey);
|
||||
printf("set OAEP padding failed, returning\n");
|
||||
return 0;
|
||||
}
|
||||
size_t outlen = sizeof(encrypted);
|
||||
if (EVP_PKEY_encrypt(ctx, encrypted, &outlen, orig_data, sizeof(orig_data)) <= 0) {
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
EVP_PKEY_free(pkey);
|
||||
printf("Encryption failed, returning\n");
|
||||
return 0;
|
||||
}
|
||||
EVP_PKEY_CTX_free(ctx);
|
||||
EVP_PKEY_free(pkey);
|
||||
encrypted_len = outlen;
|
||||
|
||||
} else {
|
||||
encrypted_len = EVP_PKEY_encrypt_old(encrypted, orig_data, sizeof(orig_data), pkey);
|
||||
EVP_PKEY_free(pkey);
|
||||
if (((int) encrypted_len) <= 0) {
|
||||
printf("Encryption failed, returning\n");
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
encrypted_len = EVP_PKEY_encrypt_old(encrypted, orig_data, sizeof(orig_data), pkey);
|
||||
EVP_PKEY_free(pkey);
|
||||
if (((int) encrypted_len) <= 0) {
|
||||
printf("Encryption failed, returning\n");
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
/* set "default" MGF and hash algorithms. We can overwrite MGF later */
|
||||
switch (mech_type) {
|
||||
@ -5461,6 +5461,7 @@ static int test_decrypt(CK_SESSION_HANDLE sess)
|
||||
printf("No OpenSSL support, unable to validate decryption\n");
|
||||
#else
|
||||
for (n = 0; n < num_mechs; n++) {
|
||||
|
||||
errors += encrypt_decrypt(sess, mechs[n], privKeyObject);
|
||||
}
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user