Mirror/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-07-25 12:15:32 +03:00
Code Issues Wiki Activity
aports/testing/softhsm/01_aes_mac_fix.patch
Frank Felhoffer 147cd562d9 testing/softhsm: new aport 
http://www.softhsm.org/
cryptographic store accessible through a PKCS #11
2017-09-03 02:05:40 +00:00

65 lines
2.4 KiB
Diff
Raw Blame History

commit b8d509b24958756f845f17e95c9fb8c4f7eaacbc
Author: Scott Allan <scott.allan@securekey.com>
Date: Sun Aug 20 01:32:46 2017 -0500
Fix creating AES keys for MAC functions - Set Type to GENERIC_SECRET per spec 2.20
diff --git a/src/lib/SoftHSM.cpp b/src/lib/SoftHSM.cpp
index ee94d3f..eb1bbfa 100644
--- a/src/lib/SoftHSM.cpp
+++ b/src/lib/SoftHSM.cpp
@@ -5284,7 +5284,7 @@ CK_RV SoftHSM::C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMecha
(objClass != CKO_SECRET_KEY || keyType != CKK_DES3))
return CKR_TEMPLATE_INCONSISTENT;
if (pMechanism->mechanism == CKM_AES_KEY_GEN &&
- (objClass != CKO_SECRET_KEY || keyType != CKK_AES))
+ (objClass != CKO_SECRET_KEY || (keyType != CKK_AES && keyType != CKK_GENERIC_SECRET)))
return CKR_TEMPLATE_INCONSISTENT;
// Check authorization
@@ -5332,7 +5332,7 @@ CK_RV SoftHSM::C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMecha
// Generate AES secret key
if (pMechanism->mechanism == CKM_AES_KEY_GEN)
{
- return this->generateAES(hSession, pTemplate, ulCount, phKey, isOnToken, isPrivate);
+ return this->generateAES(hSession, pTemplate, ulCount, keyType, phKey, isOnToken, isPrivate);
}
return CKR_GENERAL_ERROR;
@@ -6554,6 +6554,7 @@ CK_RV SoftHSM::generateAES
(CK_SESSION_HANDLE hSession,
CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulCount,
+ CK_KEY_TYPE keyType,
CK_OBJECT_HANDLE_PTR phKey,
CK_BBOOL isOnToken,
CK_BBOOL isPrivate)
@@ -6642,7 +6643,6 @@ CK_RV SoftHSM::generateAES
// Create the secret key object using C_CreateObject
const CK_ULONG maxAttribs = 32;
CK_OBJECT_CLASS objClass = CKO_SECRET_KEY;
- CK_KEY_TYPE keyType = CKK_AES;
CK_ATTRIBUTE keyAttribs[maxAttribs] = {
{ CKA_CLASS, &objClass, sizeof(objClass) },
{ CKA_TOKEN, &isOnToken, sizeof(isOnToken) },
@@ -6651,7 +6651,7 @@ CK_RV SoftHSM::generateAES
};
CK_ULONG keyAttribsCount = 4;
- // Add the additional
+// Add the additional
if (ulCount > (maxAttribs - keyAttribsCount))
rv = CKR_TEMPLATE_INCONSISTENT;
for (CK_ULONG i=0; i < ulCount && rv == CKR_OK; ++i)
diff --git a/src/lib/SoftHSM.h b/src/lib/SoftHSM.h
index 72092be..59ce7a2 100644
--- a/src/lib/SoftHSM.h
+++ b/src/lib/SoftHSM.h
@@ -236,6 +236,7 @@ private:
CK_SESSION_HANDLE hSession,
CK_ATTRIBUTE_PTR pTemplate,
CK_ULONG ulCount,
+ CK_KEY_TYPE,
CK_OBJECT_HANDLE_PTR phKey,
CK_BBOOL isOnToken,
CK_BBOOL isPrivate
Reference in a new issue View git blame Copy permalink