Add support for CKM_RSA_PKCS_OAEP in encrypt_decrypt(). fix mechanism value in call to util_fatal(). fix formatting.

2019-02-01 11:35:25 +01:00 · 2019-02-01 11:35:25 +01:00 · 2be799f739
commit 2be799f739
parent 16ca73ae40
1 changed files with 42 additions and 41 deletions
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@ -5270,45 +5270,45 @@ static int encrypt_decrypt(CK_SESSION_HANDLE session,
 		return 0;
 	}
 	if (mech_type == CKM_RSA_PKCS_OAEP) {
-	    EVP_PKEY_CTX *ctx;
-	    ctx = EVP_PKEY_CTX_new(pkey, NULL);
-	    if (!ctx) {
-            EVP_PKEY_free(pkey);
-            printf("EVP_PKEY_CTX_new failed, returning\n");
-            return 0;
-        }
-        if (EVP_PKEY_encrypt_init(ctx) <= 0) {
-            EVP_PKEY_CTX_free(ctx);
-            EVP_PKEY_free(pkey);
-            printf("EVP_PKEY_encrypt_init failed, returning\n");
-            return 0;
-        }
+		EVP_PKEY_CTX *ctx;
+		ctx = EVP_PKEY_CTX_new(pkey, NULL);
+		if (!ctx) {
+			EVP_PKEY_free(pkey);
+			printf("EVP_PKEY_CTX_new failed, returning\n");
+			return 0;
+		}
+		if (EVP_PKEY_encrypt_init(ctx) <= 0) {
+			EVP_PKEY_CTX_free(ctx);
+			EVP_PKEY_free(pkey);
+			printf("EVP_PKEY_encrypt_init failed, returning\n");
+			return 0;
+		}

-	    if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) {
-            EVP_PKEY_CTX_free(ctx);
-            EVP_PKEY_free(pkey);
-            printf("set OAEP padding failed, returning\n");
-            return 0;
-        }
-        size_t outlen = sizeof(encrypted);
-        if (EVP_PKEY_encrypt(ctx, encrypted, &outlen, orig_data, sizeof(orig_data)) <= 0) {
-            EVP_PKEY_CTX_free(ctx);
-            EVP_PKEY_free(pkey);
-            printf("Encryption failed, returning\n");
-            return 0;
-        }
-        EVP_PKEY_CTX_free(ctx);
-        EVP_PKEY_free(pkey);
-        encrypted_len = outlen;
+		if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0) {
+			EVP_PKEY_CTX_free(ctx);
+			EVP_PKEY_free(pkey);
+			printf("set OAEP padding failed, returning\n");
+			return 0;
+		}
+		size_t outlen = sizeof(encrypted);
+		if (EVP_PKEY_encrypt(ctx, encrypted, &outlen, orig_data, sizeof(orig_data)) <= 0) {
+			EVP_PKEY_CTX_free(ctx);
+			EVP_PKEY_free(pkey);
+			printf("Encryption failed, returning\n");
+			return 0;
+		}
+		EVP_PKEY_CTX_free(ctx);
+		EVP_PKEY_free(pkey);
+		encrypted_len = outlen;

-    } else {
-        encrypted_len = EVP_PKEY_encrypt_old(encrypted, orig_data, sizeof(orig_data), pkey);
-        EVP_PKEY_free(pkey);
-        if (((int) encrypted_len) <= 0) {
-            printf("Encryption failed, returning\n");
-            return 0;
-        }
-    }
+	} else {
+		encrypted_len = EVP_PKEY_encrypt_old(encrypted, orig_data, sizeof(orig_data), pkey);
+		EVP_PKEY_free(pkey);
+		if (((int) encrypted_len) <= 0) {
+			printf("Encryption failed, returning\n");
+			return 0;
+		}
+	}

 	/* set "default" MGF and hash algorithms. We can overwrite MGF later */
 	switch (mech_type) {
@ -5461,6 +5461,7 @@ static int test_decrypt(CK_SESSION_HANDLE sess)
 		printf("No OpenSSL support, unable to validate decryption\n");
 #else
 		for (n = 0; n < num_mechs; n++) {
+
 			errors += encrypt_decrypt(sess, mechs[n], privKeyObject);
 		}
 #endif