pkcs11-tool: Use attributes MODULUS and PUBLIC_EXPONENT instead of VALUE to retrieve RSA-Public-Key. The first two attributes are valid whereas the latter is not.

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4883 c6295689-39f2-0310-b995-f0e70906c6a9
2010-11-28 18:09:30 +00:00 · 2010-11-28 18:09:30 +00:00 · b63a601666
parent cf92133cef
commit b63a601666
1 changed files with 38 additions and 3 deletions
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@ -1929,7 +1929,8 @@ VARATTR_METHOD(LABEL, char);
 VARATTR_METHOD(APPLICATION, char);
 VARATTR_METHOD(ID, unsigned char);
 VARATTR_METHOD(OBJECT_ID, unsigned char);
-VARATTR_METHOD(MODULUS, unsigned char);
+VARATTR_METHOD(MODULUS, CK_BYTE);
+VARATTR_METHOD(PUBLIC_EXPONENT, CK_BYTE);
 VARATTR_METHOD(VALUE, unsigned char);
 VARATTR_METHOD(GOSTR3410_PARAMS, unsigned char);

@ -2490,13 +2491,14 @@ static int test_digest(CK_SLOT_ID slot)
 #ifdef ENABLE_OPENSSL
 static EVP_PKEY *get_public_key(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE privKeyObject)
 {
-	unsigned char  *id;
-	CK_ULONG        idLen;
+	CK_BYTE         *id, *mod, *exp;
+	CK_ULONG         idLen, modLen, expLen;
 	CK_OBJECT_HANDLE pubkeyObject;
 	unsigned char  *pubkey;
 	const unsigned char *pubkey_c;
 	CK_ULONG        pubkeyLen;
 	EVP_PKEY       *pkey;
+	RSA            *rsa;

 	id = NULL;
 	id = getID(session, privKeyObject, &idLen);
@ -2512,6 +2514,39 @@ static EVP_PKEY *get_public_key(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE priv
 	}
 	free(id);

+	switch(getKEY_TYPE(session, pubkeyObject)) {
+		case CKK_RSA:
+			pkey = EVP_PKEY_new();
+			rsa = RSA_new();
+			mod = getMODULUS(session, pubkeyObject, &modLen);
+			exp = getPUBLIC_EXPONENT(session, pubkeyObject, &expLen);
+			if ( !pkey || !rsa || !mod || !exp) {
+				printf("public key not extractable\n");
+				if (pkey)
+					free(pkey);
+				if (rsa)
+					free(rsa);
+				if (mod)
+					free(mod);
+				if (exp)
+					free(exp);
+				return NULL;
+			}
+			rsa->n = BN_bin2bn(mod, modLen, NULL);
+			rsa->e = BN_bin2bn(exp, expLen, NULL);
+			EVP_PKEY_assign_RSA(pkey, rsa);
+			free(mod);
+			free(exp);
+			return pkey;
+		case CKK_DSA:
+		case CKK_ECDSA:
+		case CKK_GOSTR3410:
+			break;
+		default:
+			printf("public key of unsupported type\n");
+			return NULL;
+	}
+
 	pubkey = getVALUE(session, pubkeyObject, &pubkeyLen);
 	if (pubkey == NULL) {
 		printf("couldn't get the pubkey VALUE attribute, no validation done\n");