pkcs11: Support for RSA PSS padding in verify
* Explicitly copies the mechanism parameters during a PKCS#11 `C_VerifyInit`
and `C_DecryptInit` operation.
* Resolves issues where the calling application deallocates the `pParameter`
pointer in the `CK_MECHANISM` struct between calls to `C_VerifyInit` and
`C_Verify`, or between `C_DecryptInit` and `C_Decrypt`.
* These mech parameters are used in RSASSA-PSS and RSAES-OAEP, for example.
* This commit copies the same fix that was applied to `sc_pkcs11_sign_init` in
commit e5707b545e
for supporting RSASSA-PSS.
This commit is contained in:
parent
ce71b171e2
commit
79a51e0d18
|
@ -566,6 +566,12 @@ sc_pkcs11_verif_init(struct sc_pkcs11_session *session, CK_MECHANISM_PTR pMechan
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
memcpy(&operation->mechanism, pMechanism, sizeof(CK_MECHANISM));
|
memcpy(&operation->mechanism, pMechanism, sizeof(CK_MECHANISM));
|
||||||
|
if (pMechanism->pParameter) {
|
||||||
|
memcpy(&operation->mechanism_params, pMechanism->pParameter,
|
||||||
|
pMechanism->ulParameterLen);
|
||||||
|
operation->mechanism.pParameter = &operation->mechanism_params;
|
||||||
|
}
|
||||||
|
|
||||||
rv = mt->verif_init(operation, key);
|
rv = mt->verif_init(operation, key);
|
||||||
|
|
||||||
if (rv != CKR_OK)
|
if (rv != CKR_OK)
|
||||||
|
@ -798,6 +804,11 @@ sc_pkcs11_decr_init(struct sc_pkcs11_session *session,
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
memcpy(&operation->mechanism, pMechanism, sizeof(CK_MECHANISM));
|
memcpy(&operation->mechanism, pMechanism, sizeof(CK_MECHANISM));
|
||||||
|
if (pMechanism->pParameter) {
|
||||||
|
memcpy(&operation->mechanism_params, pMechanism->pParameter,
|
||||||
|
pMechanism->ulParameterLen);
|
||||||
|
operation->mechanism.pParameter = &operation->mechanism_params;
|
||||||
|
}
|
||||||
rv = mt->decrypt_init(operation, key);
|
rv = mt->decrypt_init(operation, key);
|
||||||
|
|
||||||
if (rv != CKR_OK)
|
if (rv != CKR_OK)
|
||||||
|
|
Loading…
Reference in New Issue