pkcs15: add 'context' parameter to the strip padding procedures

and add debug messages
2013-05-22 12:10:26 +02:00 · 2013-05-22 12:10:26 +02:00 · bdd264936c
parent daa79054c0
commit bdd264936c
5 changed files with 26 additions and 19 deletions
--- a/src/libopensc/card-cardos.c
+++ b/src/libopensc/card-cardos.c
@ -902,7 +902,7 @@ cardos_compute_signature(sc_card_t *card, const u8 *data, size_t datalen,
 	if(do_rsa_sig == 1){
 		sc_log(ctx, "trying RSA_SIG (just the DigestInfo)");
 		/* remove padding: first try pkcs1 bt01 padding */
-		r = sc_pkcs1_strip_01_padding(data, datalen, buf, &tmp_len);
+		r = sc_pkcs1_strip_01_padding(ctx, data, datalen, buf, &tmp_len);
 		if (r != SC_SUCCESS) {
 			const u8 *p = data;
 			/* no pkcs1 bt01 padding => let's try zero padding
--- a/src/libopensc/card-incrypto34.c
+++ b/src/libopensc/card-incrypto34.c
@ -551,7 +551,7 @@ incrypto34_compute_signature(sc_card_t *card, const u8 *data, size_t datalen,
 	sc_debug(ctx, SC_LOG_DEBUG_NORMAL,
 		"trying RSA_SIG (just the DigestInfo)\n");
 	/* remove padding: first try pkcs1 bt01 padding */
-	r = sc_pkcs1_strip_01_padding(data, datalen, buf, &tmp_len);
+	r = sc_pkcs1_strip_01_padding(ctx, data, datalen, buf, &tmp_len);
 	if (r != SC_SUCCESS) {
 		const u8 *p = data;
 		/* no pkcs1 bt01 padding => let's try zero padding.
--- a/src/libopensc/internal.h
+++ b/src/libopensc/internal.h
@ -127,10 +127,10 @@ int _sc_card_add_ec_alg(struct sc_card *card, unsigned int key_length,
 /*                 pkcs1 padding/encoding functions                 */
 /********************************************************************/

-int sc_pkcs1_strip_01_padding(const u8 *in_dat, size_t in_len, u8 *out_dat,
-			      size_t *out_len);
-int sc_pkcs1_strip_02_padding(const u8 *data, size_t len, u8 *out_dat,
-			      size_t *out_len);
+int sc_pkcs1_strip_01_padding(struct sc_context *ctx, const u8 *in_dat, size_t in_len,
+		u8 *out_dat, size_t *out_len);
+int sc_pkcs1_strip_02_padding(struct sc_context *ctx, const u8 *data, size_t len,
+		u8 *out_dat, size_t *out_len);
 int sc_pkcs1_strip_digest_info_prefix(unsigned int *algorithm,
 		const u8 *in_dat, size_t in_len, u8 *out_dat, size_t *out_len);

@ -140,7 +140,7 @@ int sc_pkcs1_strip_digest_info_prefix(unsigned int *algorithm,
 * @param  flags   IN  the algorithm to use
 * @param  in      IN  input buffer
 * @param  inlen   IN  length of the input
- * @param  out     OUT output buffer (in == out is allowed) 
+ * @param  out     OUT output buffer (in == out is allowed)
 * @param  outlen  OUT length of the output buffer
 * @param  modlen  IN  length of the modulus in bytes
 * @return SC_SUCCESS on success and an error code otherwise
--- a/src/libopensc/padding.c
+++ b/src/libopensc/padding.c
@ -103,8 +103,9 @@ static int sc_pkcs1_add_01_padding(const u8 *in, size_t in_len,
 	return SC_SUCCESS;
 }

-int sc_pkcs1_strip_01_padding(const u8 *in_dat, size_t in_len,
-	u8 *out, size_t *out_len)
+int
+sc_pkcs1_strip_01_padding(struct sc_context *ctx, const u8 *in_dat, size_t in_len,
+		u8 *out, size_t *out_len)
 {
 	const u8 *tmp = in_dat;
 	size_t    len;
@ -134,37 +135,43 @@ int sc_pkcs1_strip_01_padding(const u8 *in_dat, size_t in_len,
 	return SC_SUCCESS;
 }

+
 /* remove pkcs1 BT02 padding (adding BT02 padding is currently not
 * needed/implemented) */
-int sc_pkcs1_strip_02_padding(const u8 *data, size_t len, u8 *out,
-	size_t *out_len)
+int
+sc_pkcs1_strip_02_padding(sc_context_t *ctx, const u8 *data, size_t len, u8 *out, size_t *out_len)
 {
 	unsigned int	n = 0;

+	LOG_FUNC_CALLED(ctx);
 	if (data == NULL || len < 3)
-		return SC_ERROR_INTERNAL;
+		LOG_FUNC_RETURN(ctx, SC_ERROR_INTERNAL);
+
 	/* skip leading zero byte */
 	if (*data == 0) {
 		data++;
 		len--;
 	}
 	if (data[0] != 0x02)
-		return SC_ERROR_WRONG_PADDING;
+		LOG_FUNC_RETURN(ctx, SC_ERROR_WRONG_PADDING);
 	/* skip over padding bytes */
 	for (n = 1; n < len && data[n]; n++)
 		;
 	/* Must be at least 8 pad bytes */
 	if (n >= len || n < 9)
-		return SC_ERROR_WRONG_PADDING;
+		LOG_FUNC_RETURN(ctx, SC_ERROR_WRONG_PADDING);
 	n++;
 	if (out == NULL)
 		/* just check the padding */
-		return SC_SUCCESS;
+		LOG_FUNC_RETURN(ctx, SC_SUCCESS);
+
 	/* Now move decrypted contents to head of buffer */
 	if (*out_len < len -  n)
-		return SC_ERROR_INTERNAL;
+		LOG_FUNC_RETURN(ctx, SC_ERROR_INTERNAL);
 	memmove(out, data + n, len - n);
-	return len - n;
+
+	sc_log(ctx, "stripped output(%i): %s", len - n, sc_dump_hex(out, len - n));
+	LOG_FUNC_RETURN(ctx, len - n);
 }

 /* add/remove DigestInfo prefix */
--- a/src/libopensc/pkcs15-sec.c
+++ b/src/libopensc/pkcs15-sec.c
@ -169,7 +169,7 @@ int sc_pkcs15_decipher(struct sc_pkcs15_card *p15card,
 	/* Strip any padding */
 	if (pad_flags & SC_ALGORITHM_RSA_PAD_PKCS1) {
 		size_t s = r;
-		r = sc_pkcs1_strip_02_padding(out, s, out, &s);
+		r = sc_pkcs1_strip_02_padding(ctx, out, s, out, &s);
 		LOG_TEST_RET(ctx, r, "Invalid PKCS#1 padding");
 	}

@ -276,7 +276,7 @@ int sc_pkcs15_derive(struct sc_pkcs15_card *p15card,
 	/* Strip any padding */
 	if (pad_flags & SC_ALGORITHM_RSA_PAD_PKCS1) {
 		size_t s = r;
-		r = sc_pkcs1_strip_02_padding(out, s, out, &s);
+		r = sc_pkcs1_strip_02_padding(ctx, out, s, out, &s);
 		LOG_TEST_RET(ctx, r, "Invalid PKCS#1 padding");
 	}