giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

use consistent parameters 

- in sc_pkcs15_wrap()
- and sc_pkcs15_derive()
This commit is contained in:
Frank Morgner 2019-06-13 07:54:54 +02:00
parent e28ada99fe
commit 72f474f09f
4 changed files with 28 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/libopensc/pkcs15-sec.c
View File

@ -304,7 +304,7 @@ int sc_pkcs15_derive(struct sc_pkcs15_card *p15card,
const struct sc_pkcs15_object *obj, const struct sc_pkcs15_object *obj,
unsigned long flags, unsigned long flags,
const u8 * in, size_t inlen, u8 *out, const u8 * in, size_t inlen, u8 *out,
unsigned long *poutlen) size_t *poutlen)
{ {
sc_context_t *ctx = p15card->card->ctx; sc_context_t *ctx = p15card->card->ctx;
int r; int r;
@ -444,8 +444,8 @@ int sc_pkcs15_wrap(struct sc_pkcs15_card *p15card,
const struct sc_pkcs15_object *key, const struct sc_pkcs15_object *key,
struct sc_pkcs15_object *target_key, struct sc_pkcs15_object *target_key,
unsigned long flags, unsigned long flags,
u8 * cryptogram, unsigned long* crgram_len, u8 *cryptogram, size_t *crgram_len,
const u8 * param, size_t paramlen) { const u8 *param, size_t paramlen) {
sc_context_t *ctx = p15card->card->ctx; sc_context_t *ctx = p15card->card->ctx;
int r; int r;
sc_algorithm_info_t *alg_info = NULL; sc_algorithm_info_t *alg_info = NULL;
@ -456,10 +456,6 @@ int sc_pkcs15_wrap(struct sc_pkcs15_card *p15card,
const struct sc_pkcs15_skey_info *target_skey = (const struct sc_pkcs15_skey_info *) target_key->data; const struct sc_pkcs15_skey_info *target_skey = (const struct sc_pkcs15_skey_info *) target_key->data;
unsigned long pad_flags = 0, sec_flags = 0; unsigned long pad_flags = 0, sec_flags = 0;
sc_path_t tkey_path; sc_path_t tkey_path;
u8 *in = 0;
u8 *out = 0;
unsigned long *poutlen = 0;
size_t inlen = 0;
sc_path_t path, target_file_id; sc_path_t path, target_file_id;
sc_sec_env_param_t senv_param; sc_sec_env_param_t senv_param;
@ -531,18 +527,15 @@ int sc_pkcs15_wrap(struct sc_pkcs15_card *p15card,
LOG_TEST_RET(ctx, sec_env_add_param(&senv, &senv_param), "failed to add IV to security environment"); LOG_TEST_RET(ctx, sec_env_add_param(&senv, &senv_param), "failed to add IV to security environment");
} }
out = cryptogram; r = use_key(p15card, key, &senv, sc_wrap, NULL, 0, cryptogram, crgram_len ? *crgram_len : 0);
poutlen = crgram_len;
r = use_key(p15card, key, &senv, sc_wrap, in, inlen, out,
*poutlen);
if (r > -1) { if (r > -1 && crgram_len) {
if (*crgram_len < (unsigned) r) { if (*crgram_len < (size_t) r) {
*poutlen = r; *crgram_len = r;
if (out != NULL) /* if NULL, return success and required buffer length by PKCS#11 convention */ if (cryptogram != NULL) /* if NULL, return success and required buffer length by PKCS#11 convention */
LOG_TEST_RET(ctx, SC_ERROR_BUFFER_TOO_SMALL, "Buffer too small to hold the wrapped key."); LOG_TEST_RET(ctx, SC_ERROR_BUFFER_TOO_SMALL, "Buffer too small to hold the wrapped key.");
} }
*poutlen = r; *crgram_len = r;
} }
LOG_FUNC_RETURN(ctx, r); LOG_FUNC_RETURN(ctx, r);

4
src/libopensc/pkcs15.h
View File

@ -666,7 +666,7 @@ int sc_pkcs15_decipher(struct sc_pkcs15_card *p15card,
int sc_pkcs15_derive(struct sc_pkcs15_card *p15card, int sc_pkcs15_derive(struct sc_pkcs15_card *p15card,
const struct sc_pkcs15_object *prkey_obj, const struct sc_pkcs15_object *prkey_obj,
unsigned long flags, unsigned long flags,
const u8 *in, size_t inlen, u8 *out, unsigned long *poutlen); const u8 *in, size_t inlen, u8 *out, size_t *poutlen);
int sc_pkcs15_unwrap(struct sc_pkcs15_card *p15card, int sc_pkcs15_unwrap(struct sc_pkcs15_card *p15card,
const struct sc_pkcs15_object *key, const struct sc_pkcs15_object *key,
@ -679,7 +679,7 @@ int sc_pkcs15_wrap(struct sc_pkcs15_card *p15card,
const struct sc_pkcs15_object *key, const struct sc_pkcs15_object *key,
struct sc_pkcs15_object *target_key, struct sc_pkcs15_object *target_key,
unsigned long flags, unsigned long flags,
u8 * cryptogram, unsigned long* crgram_len, u8 * cryptogram, size_t* crgram_len,
const u8 * param, size_t paramlen); const u8 * param, size_t paramlen);
int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card, int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card,

14
src/minidriver/minidriver.c
View File

@ -4879,9 +4879,9 @@ DWORD WINAPI CardConstructDHAgreement(__in PCARD_DATA pCardData,
struct sc_pkcs15_object *pkey = NULL; struct sc_pkcs15_object *pkey = NULL;
int r, opt_derive_flags = SC_ALGORITHM_ECDH_CDH_RAW; int r, opt_derive_flags = SC_ALGORITHM_ECDH_CDH_RAW;
u8* out = 0; u8* out = 0;
unsigned long outlen = 0; size_t outlen = 0;
PBYTE pbPublicKey = NULL; PBYTE pbPublicKey = NULL;
DWORD dwPublicKeySize = 0; size_t publicKeySize = 0;
struct md_dh_agreement* dh_agreement = NULL; struct md_dh_agreement* dh_agreement = NULL;
struct md_dh_agreement* temp = NULL; struct md_dh_agreement* temp = NULL;
BYTE i; BYTE i;
@ -4936,18 +4936,18 @@ DWORD WINAPI CardConstructDHAgreement(__in PCARD_DATA pCardData,
} }
/* convert the Windows public key into an OpenSC public key */ /* convert the Windows public key into an OpenSC public key */
dwPublicKeySize = pAgreementInfo->dwPublicKey - sizeof(BCRYPT_ECCKEY_BLOB) + 1; publicKeySize = pAgreementInfo->dwPublicKey - sizeof(BCRYPT_ECCKEY_BLOB) + 1;
pbPublicKey = (PBYTE) pCardData->pfnCspAlloc(dwPublicKeySize); pbPublicKey = (PBYTE) pCardData->pfnCspAlloc(publicKeySize);
if (!pbPublicKey) { if (!pbPublicKey) {
dwret = ERROR_OUTOFMEMORY; dwret = ERROR_OUTOFMEMORY;
goto err; goto err;
} }
pbPublicKey[0] = 4; pbPublicKey[0] = 4;
memcpy(pbPublicKey+1, pAgreementInfo->pbPublicKey + sizeof(BCRYPT_ECCKEY_BLOB), dwPublicKeySize-1); memcpy(pbPublicKey+1, pAgreementInfo->pbPublicKey + sizeof(BCRYPT_ECCKEY_BLOB), publicKeySize-1);
/* derive the key using the OpenSC functions */ /* derive the key using the OpenSC functions */
r = sc_pkcs15_derive(vs->p15card, pkey, opt_derive_flags, pbPublicKey, dwPublicKeySize, out, &outlen ); r = sc_pkcs15_derive(vs->p15card, pkey, opt_derive_flags, pbPublicKey, publicKeySize, out, &outlen );
logprintf(pCardData, 2, "sc_pkcs15_derive returned %d\n", r); logprintf(pCardData, 2, "sc_pkcs15_derive returned %d\n", r);
if ( r < 0) { if ( r < 0) {
@ -4964,7 +4964,7 @@ DWORD WINAPI CardConstructDHAgreement(__in PCARD_DATA pCardData,
goto err; goto err;
} }
r = sc_pkcs15_derive(vs->p15card, pkey, opt_derive_flags, pbPublicKey, dwPublicKeySize, out, &outlen ); r = sc_pkcs15_derive(vs->p15card, pkey, opt_derive_flags, pbPublicKey, publicKeySize, out, &outlen );
logprintf(pCardData, 2, "sc_pkcs15_derive returned %d\n", r); logprintf(pCardData, 2, "sc_pkcs15_derive returned %d\n", r);
pCardData->pfnCspFree(pbPublicKey); pCardData->pfnCspFree(pbPublicKey);

13
src/pkcs11/framework-pkcs15.c
View File

@ -4268,12 +4268,14 @@ pkcs15_prkey_derive(struct sc_pkcs11_session *session, void *obj,
break; break;
} }
size_t len = *pulDataLen;
rv = sc_pkcs15_derive(fw_data->p15_card, prkey->prv_p15obj, flags, rv = sc_pkcs15_derive(fw_data->p15_card, prkey->prv_p15obj, flags,
pSeedData, ulSeedDataLen, pData, pulDataLen); pSeedData, ulSeedDataLen, pData, &len);
if (rv < 0 && !sc_pkcs11_conf.lock_login && !prkey_has_path && need_unlock) if (rv < 0 && !sc_pkcs11_conf.lock_login && !prkey_has_path && need_unlock)
if (reselect_app_df(fw_data->p15_card) == SC_SUCCESS) if (reselect_app_df(fw_data->p15_card) == SC_SUCCESS)
rv = sc_pkcs15_derive(fw_data->p15_card, prkey->prv_p15obj, flags, rv = sc_pkcs15_derive(fw_data->p15_card, prkey->prv_p15obj, flags,
pSeedData, ulSeedDataLen, pData, pulDataLen); pSeedData, ulSeedDataLen, pData, &len);
*pulDataLen = len;
/* this may have been a request for size */ /* this may have been a request for size */
@ -5049,6 +5051,7 @@ pkcs15_skey_wrap(struct sc_pkcs11_session *session, void *obj,
struct pkcs15_fw_data *fw_data = NULL; struct pkcs15_fw_data *fw_data = NULL;
struct pkcs15_skey_object *skey = (struct pkcs15_skey_object *) obj; struct pkcs15_skey_object *skey = (struct pkcs15_skey_object *) obj;
struct pkcs15_skey_object *targetKeyObj = (struct pkcs15_skey_object *) targetKey; struct pkcs15_skey_object *targetKeyObj = (struct pkcs15_skey_object *) targetKey;
size_t len = pulDataLen ? *pulDataLen : 0;
int rv, flags = 0; int rv, flags = 0;
sc_log(context, "Initializing wrapping with a secret key."); sc_log(context, "Initializing wrapping with a secret key.");
@ -5098,7 +5101,11 @@ pkcs15_skey_wrap(struct sc_pkcs11_session *session, void *obj,
/* Call the card to do the wrapping operation */ /* Call the card to do the wrapping operation */
rv = sc_pkcs15_wrap(fw_data->p15_card, skey->prv_p15obj, targetKeyObj->prv_p15obj, flags, rv = sc_pkcs15_wrap(fw_data->p15_card, skey->prv_p15obj, targetKeyObj->prv_p15obj, flags,
pData, pulDataLen, pMechanism->pParameter, pMechanism->ulParameterLen); pData, &len, pMechanism->pParameter, pMechanism->ulParameterLen);
if (pulDataLen) {
*pulDataLen = len;
}
sc_unlock(p11card->card); sc_unlock(p11card->card);