use consistent parameters
- in sc_pkcs15_wrap() - and sc_pkcs15_derive()
This commit is contained in:
parent
e28ada99fe
commit
72f474f09f
|
@ -304,7 +304,7 @@ int sc_pkcs15_derive(struct sc_pkcs15_card *p15card,
|
||||||
const struct sc_pkcs15_object *obj,
|
const struct sc_pkcs15_object *obj,
|
||||||
unsigned long flags,
|
unsigned long flags,
|
||||||
const u8 * in, size_t inlen, u8 *out,
|
const u8 * in, size_t inlen, u8 *out,
|
||||||
unsigned long *poutlen)
|
size_t *poutlen)
|
||||||
{
|
{
|
||||||
sc_context_t *ctx = p15card->card->ctx;
|
sc_context_t *ctx = p15card->card->ctx;
|
||||||
int r;
|
int r;
|
||||||
|
@ -444,8 +444,8 @@ int sc_pkcs15_wrap(struct sc_pkcs15_card *p15card,
|
||||||
const struct sc_pkcs15_object *key,
|
const struct sc_pkcs15_object *key,
|
||||||
struct sc_pkcs15_object *target_key,
|
struct sc_pkcs15_object *target_key,
|
||||||
unsigned long flags,
|
unsigned long flags,
|
||||||
u8 * cryptogram, unsigned long* crgram_len,
|
u8 *cryptogram, size_t *crgram_len,
|
||||||
const u8 * param, size_t paramlen) {
|
const u8 *param, size_t paramlen) {
|
||||||
sc_context_t *ctx = p15card->card->ctx;
|
sc_context_t *ctx = p15card->card->ctx;
|
||||||
int r;
|
int r;
|
||||||
sc_algorithm_info_t *alg_info = NULL;
|
sc_algorithm_info_t *alg_info = NULL;
|
||||||
|
@ -456,10 +456,6 @@ int sc_pkcs15_wrap(struct sc_pkcs15_card *p15card,
|
||||||
const struct sc_pkcs15_skey_info *target_skey = (const struct sc_pkcs15_skey_info *) target_key->data;
|
const struct sc_pkcs15_skey_info *target_skey = (const struct sc_pkcs15_skey_info *) target_key->data;
|
||||||
unsigned long pad_flags = 0, sec_flags = 0;
|
unsigned long pad_flags = 0, sec_flags = 0;
|
||||||
sc_path_t tkey_path;
|
sc_path_t tkey_path;
|
||||||
u8 *in = 0;
|
|
||||||
u8 *out = 0;
|
|
||||||
unsigned long *poutlen = 0;
|
|
||||||
size_t inlen = 0;
|
|
||||||
sc_path_t path, target_file_id;
|
sc_path_t path, target_file_id;
|
||||||
sc_sec_env_param_t senv_param;
|
sc_sec_env_param_t senv_param;
|
||||||
|
|
||||||
|
@ -531,18 +527,15 @@ int sc_pkcs15_wrap(struct sc_pkcs15_card *p15card,
|
||||||
LOG_TEST_RET(ctx, sec_env_add_param(&senv, &senv_param), "failed to add IV to security environment");
|
LOG_TEST_RET(ctx, sec_env_add_param(&senv, &senv_param), "failed to add IV to security environment");
|
||||||
}
|
}
|
||||||
|
|
||||||
out = cryptogram;
|
r = use_key(p15card, key, &senv, sc_wrap, NULL, 0, cryptogram, crgram_len ? *crgram_len : 0);
|
||||||
poutlen = crgram_len;
|
|
||||||
r = use_key(p15card, key, &senv, sc_wrap, in, inlen, out,
|
|
||||||
*poutlen);
|
|
||||||
|
|
||||||
if (r > -1) {
|
if (r > -1 && crgram_len) {
|
||||||
if (*crgram_len < (unsigned) r) {
|
if (*crgram_len < (size_t) r) {
|
||||||
*poutlen = r;
|
*crgram_len = r;
|
||||||
if (out != NULL) /* if NULL, return success and required buffer length by PKCS#11 convention */
|
if (cryptogram != NULL) /* if NULL, return success and required buffer length by PKCS#11 convention */
|
||||||
LOG_TEST_RET(ctx, SC_ERROR_BUFFER_TOO_SMALL, "Buffer too small to hold the wrapped key.");
|
LOG_TEST_RET(ctx, SC_ERROR_BUFFER_TOO_SMALL, "Buffer too small to hold the wrapped key.");
|
||||||
}
|
}
|
||||||
*poutlen = r;
|
*crgram_len = r;
|
||||||
}
|
}
|
||||||
|
|
||||||
LOG_FUNC_RETURN(ctx, r);
|
LOG_FUNC_RETURN(ctx, r);
|
||||||
|
|
|
@ -666,7 +666,7 @@ int sc_pkcs15_decipher(struct sc_pkcs15_card *p15card,
|
||||||
int sc_pkcs15_derive(struct sc_pkcs15_card *p15card,
|
int sc_pkcs15_derive(struct sc_pkcs15_card *p15card,
|
||||||
const struct sc_pkcs15_object *prkey_obj,
|
const struct sc_pkcs15_object *prkey_obj,
|
||||||
unsigned long flags,
|
unsigned long flags,
|
||||||
const u8 *in, size_t inlen, u8 *out, unsigned long *poutlen);
|
const u8 *in, size_t inlen, u8 *out, size_t *poutlen);
|
||||||
|
|
||||||
int sc_pkcs15_unwrap(struct sc_pkcs15_card *p15card,
|
int sc_pkcs15_unwrap(struct sc_pkcs15_card *p15card,
|
||||||
const struct sc_pkcs15_object *key,
|
const struct sc_pkcs15_object *key,
|
||||||
|
@ -679,7 +679,7 @@ int sc_pkcs15_wrap(struct sc_pkcs15_card *p15card,
|
||||||
const struct sc_pkcs15_object *key,
|
const struct sc_pkcs15_object *key,
|
||||||
struct sc_pkcs15_object *target_key,
|
struct sc_pkcs15_object *target_key,
|
||||||
unsigned long flags,
|
unsigned long flags,
|
||||||
u8 * cryptogram, unsigned long* crgram_len,
|
u8 * cryptogram, size_t* crgram_len,
|
||||||
const u8 * param, size_t paramlen);
|
const u8 * param, size_t paramlen);
|
||||||
|
|
||||||
int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card,
|
int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card,
|
||||||
|
|
|
@ -4879,9 +4879,9 @@ DWORD WINAPI CardConstructDHAgreement(__in PCARD_DATA pCardData,
|
||||||
struct sc_pkcs15_object *pkey = NULL;
|
struct sc_pkcs15_object *pkey = NULL;
|
||||||
int r, opt_derive_flags = SC_ALGORITHM_ECDH_CDH_RAW;
|
int r, opt_derive_flags = SC_ALGORITHM_ECDH_CDH_RAW;
|
||||||
u8* out = 0;
|
u8* out = 0;
|
||||||
unsigned long outlen = 0;
|
size_t outlen = 0;
|
||||||
PBYTE pbPublicKey = NULL;
|
PBYTE pbPublicKey = NULL;
|
||||||
DWORD dwPublicKeySize = 0;
|
size_t publicKeySize = 0;
|
||||||
struct md_dh_agreement* dh_agreement = NULL;
|
struct md_dh_agreement* dh_agreement = NULL;
|
||||||
struct md_dh_agreement* temp = NULL;
|
struct md_dh_agreement* temp = NULL;
|
||||||
BYTE i;
|
BYTE i;
|
||||||
|
@ -4936,18 +4936,18 @@ DWORD WINAPI CardConstructDHAgreement(__in PCARD_DATA pCardData,
|
||||||
}
|
}
|
||||||
|
|
||||||
/* convert the Windows public key into an OpenSC public key */
|
/* convert the Windows public key into an OpenSC public key */
|
||||||
dwPublicKeySize = pAgreementInfo->dwPublicKey - sizeof(BCRYPT_ECCKEY_BLOB) + 1;
|
publicKeySize = pAgreementInfo->dwPublicKey - sizeof(BCRYPT_ECCKEY_BLOB) + 1;
|
||||||
pbPublicKey = (PBYTE) pCardData->pfnCspAlloc(dwPublicKeySize);
|
pbPublicKey = (PBYTE) pCardData->pfnCspAlloc(publicKeySize);
|
||||||
if (!pbPublicKey) {
|
if (!pbPublicKey) {
|
||||||
dwret = ERROR_OUTOFMEMORY;
|
dwret = ERROR_OUTOFMEMORY;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
pbPublicKey[0] = 4;
|
pbPublicKey[0] = 4;
|
||||||
memcpy(pbPublicKey+1, pAgreementInfo->pbPublicKey + sizeof(BCRYPT_ECCKEY_BLOB), dwPublicKeySize-1);
|
memcpy(pbPublicKey+1, pAgreementInfo->pbPublicKey + sizeof(BCRYPT_ECCKEY_BLOB), publicKeySize-1);
|
||||||
|
|
||||||
/* derive the key using the OpenSC functions */
|
/* derive the key using the OpenSC functions */
|
||||||
r = sc_pkcs15_derive(vs->p15card, pkey, opt_derive_flags, pbPublicKey, dwPublicKeySize, out, &outlen );
|
r = sc_pkcs15_derive(vs->p15card, pkey, opt_derive_flags, pbPublicKey, publicKeySize, out, &outlen );
|
||||||
logprintf(pCardData, 2, "sc_pkcs15_derive returned %d\n", r);
|
logprintf(pCardData, 2, "sc_pkcs15_derive returned %d\n", r);
|
||||||
|
|
||||||
if ( r < 0) {
|
if ( r < 0) {
|
||||||
|
@ -4964,7 +4964,7 @@ DWORD WINAPI CardConstructDHAgreement(__in PCARD_DATA pCardData,
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
r = sc_pkcs15_derive(vs->p15card, pkey, opt_derive_flags, pbPublicKey, dwPublicKeySize, out, &outlen );
|
r = sc_pkcs15_derive(vs->p15card, pkey, opt_derive_flags, pbPublicKey, publicKeySize, out, &outlen );
|
||||||
logprintf(pCardData, 2, "sc_pkcs15_derive returned %d\n", r);
|
logprintf(pCardData, 2, "sc_pkcs15_derive returned %d\n", r);
|
||||||
|
|
||||||
pCardData->pfnCspFree(pbPublicKey);
|
pCardData->pfnCspFree(pbPublicKey);
|
||||||
|
|
|
@ -4268,12 +4268,14 @@ pkcs15_prkey_derive(struct sc_pkcs11_session *session, void *obj,
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
size_t len = *pulDataLen;
|
||||||
rv = sc_pkcs15_derive(fw_data->p15_card, prkey->prv_p15obj, flags,
|
rv = sc_pkcs15_derive(fw_data->p15_card, prkey->prv_p15obj, flags,
|
||||||
pSeedData, ulSeedDataLen, pData, pulDataLen);
|
pSeedData, ulSeedDataLen, pData, &len);
|
||||||
if (rv < 0 && !sc_pkcs11_conf.lock_login && !prkey_has_path && need_unlock)
|
if (rv < 0 && !sc_pkcs11_conf.lock_login && !prkey_has_path && need_unlock)
|
||||||
if (reselect_app_df(fw_data->p15_card) == SC_SUCCESS)
|
if (reselect_app_df(fw_data->p15_card) == SC_SUCCESS)
|
||||||
rv = sc_pkcs15_derive(fw_data->p15_card, prkey->prv_p15obj, flags,
|
rv = sc_pkcs15_derive(fw_data->p15_card, prkey->prv_p15obj, flags,
|
||||||
pSeedData, ulSeedDataLen, pData, pulDataLen);
|
pSeedData, ulSeedDataLen, pData, &len);
|
||||||
|
*pulDataLen = len;
|
||||||
|
|
||||||
/* this may have been a request for size */
|
/* this may have been a request for size */
|
||||||
|
|
||||||
|
@ -5049,6 +5051,7 @@ pkcs15_skey_wrap(struct sc_pkcs11_session *session, void *obj,
|
||||||
struct pkcs15_fw_data *fw_data = NULL;
|
struct pkcs15_fw_data *fw_data = NULL;
|
||||||
struct pkcs15_skey_object *skey = (struct pkcs15_skey_object *) obj;
|
struct pkcs15_skey_object *skey = (struct pkcs15_skey_object *) obj;
|
||||||
struct pkcs15_skey_object *targetKeyObj = (struct pkcs15_skey_object *) targetKey;
|
struct pkcs15_skey_object *targetKeyObj = (struct pkcs15_skey_object *) targetKey;
|
||||||
|
size_t len = pulDataLen ? *pulDataLen : 0;
|
||||||
int rv, flags = 0;
|
int rv, flags = 0;
|
||||||
|
|
||||||
sc_log(context, "Initializing wrapping with a secret key.");
|
sc_log(context, "Initializing wrapping with a secret key.");
|
||||||
|
@ -5098,7 +5101,11 @@ pkcs15_skey_wrap(struct sc_pkcs11_session *session, void *obj,
|
||||||
|
|
||||||
/* Call the card to do the wrapping operation */
|
/* Call the card to do the wrapping operation */
|
||||||
rv = sc_pkcs15_wrap(fw_data->p15_card, skey->prv_p15obj, targetKeyObj->prv_p15obj, flags,
|
rv = sc_pkcs15_wrap(fw_data->p15_card, skey->prv_p15obj, targetKeyObj->prv_p15obj, flags,
|
||||||
pData, pulDataLen, pMechanism->pParameter, pMechanism->ulParameterLen);
|
pData, &len, pMechanism->pParameter, pMechanism->ulParameterLen);
|
||||||
|
|
||||||
|
if (pulDataLen) {
|
||||||
|
*pulDataLen = len;
|
||||||
|
}
|
||||||
|
|
||||||
sc_unlock(p11card->card);
|
sc_unlock(p11card->card);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue