pkcs11: Support for RSA PSS padding in verify
* Explicitly copies the mechanism parameters during a PKCS#11 `C_VerifyInit`
and `C_DecryptInit` operation.
* Resolves issues where the calling application deallocates the `pParameter`
pointer in the `CK_MECHANISM` struct between calls to `C_VerifyInit` and
`C_Verify`, or between `C_DecryptInit` and `C_Decrypt`.
* These mech parameters are used in RSASSA-PSS and RSAES-OAEP, for example.
* This commit copies the same fix that was applied to `sc_pkcs11_sign_init` in
commit e5707b545e
for supporting RSASSA-PSS.
This commit is contained in:
parent
ce71b171e2
commit
79a51e0d18
@ -566,6 +566,12 @@ sc_pkcs11_verif_init(struct sc_pkcs11_session *session, CK_MECHANISM_PTR pMechan
|
||||
return rv;
|
||||
|
||||
memcpy(&operation->mechanism, pMechanism, sizeof(CK_MECHANISM));
|
||||
if (pMechanism->pParameter) {
|
||||
memcpy(&operation->mechanism_params, pMechanism->pParameter,
|
||||
pMechanism->ulParameterLen);
|
||||
operation->mechanism.pParameter = &operation->mechanism_params;
|
||||
}
|
||||
|
||||
rv = mt->verif_init(operation, key);
|
||||
|
||||
if (rv != CKR_OK)
|
||||
@ -798,6 +804,11 @@ sc_pkcs11_decr_init(struct sc_pkcs11_session *session,
|
||||
return rv;
|
||||
|
||||
memcpy(&operation->mechanism, pMechanism, sizeof(CK_MECHANISM));
|
||||
if (pMechanism->pParameter) {
|
||||
memcpy(&operation->mechanism_params, pMechanism->pParameter,
|
||||
pMechanism->ulParameterLen);
|
||||
operation->mechanism.pParameter = &operation->mechanism_params;
|
||||
}
|
||||
rv = mt->decrypt_init(operation, key);
|
||||
|
||||
if (rv != CKR_OK)
|
||||
|
Loading…
Reference in New Issue
Block a user