[pkg-opensc-commit] [pkcs11-helper] 17/60: Unwrap fixups
Eric Dorland
eric at moszumanska.debian.org
Fri Jan 6 23:39:42 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to tag pkcs11-helper-1.02
in repository pkcs11-helper.
commit a2dafc03163386db84176e5006c2274f01da6889
Author: alonbl <alonbl at 485eb718-1723-0410-b8a9-88cf21a28c35>
Date: Tue Nov 28 21:02:32 2006 +0000
Unwrap fixups
---
ChangeLog | 2 +-
include/pkcs11-helper-1.0/pkcs11h-core.h | 24 --------------------
include/pkcs11-helper-1.0/pkcs11h-engines.h | 24 ++++++++++++++++++++
lib/pkcs11h-certificate.c | 34 ++++++++++++++++++++---------
4 files changed, 49 insertions(+), 35 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 6f4b7d9..9c80d53 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -31,7 +31,7 @@ $Id$
* Added win32 crypto engine.
-* Added decrypt option using C_UnwrapKey.
+* Added decrypt option using C_UnwrapKey, thanks for Christoph Neerfeld.
2006-06-26 - Version 1.01
diff --git a/include/pkcs11-helper-1.0/pkcs11h-core.h b/include/pkcs11-helper-1.0/pkcs11h-core.h
index 41a60a1..b63a5f4 100644
--- a/include/pkcs11-helper-1.0/pkcs11h-core.h
+++ b/include/pkcs11-helper-1.0/pkcs11h-core.h
@@ -317,30 +317,6 @@ pkcs11h_getMessage (
);
/**
- * @brief Set system engine to be used.
- * @param engine Engine to use.
- * @return CK_RV.
- * @note Must be called before pkcs11h_initialize.
- * @note Default engine is libc functions.
- */
-CK_RV
-pkcs11h_engine_setSystem (
- IN const pkcs11h_engine_system_t * const engine
-);
-
-/**
- * @brief Set crypto engine to be used.
- * @param engine Engine to use.
- * @return CK_RV.
- * @note Must be called before pkcs11h_initialize.
- * @note Default is provided at configuration time.
- */
-CK_RV
-pkcs11h_engine_setCrypto (
- IN const pkcs11h_engine_crypto_t * const engine
-);
-
-/**
* @brief Get version of library.
* @return version identifier.
*/
diff --git a/include/pkcs11-helper-1.0/pkcs11h-engines.h b/include/pkcs11-helper-1.0/pkcs11h-engines.h
index e8bedb8..180aeb5 100644
--- a/include/pkcs11-helper-1.0/pkcs11h-engines.h
+++ b/include/pkcs11-helper-1.0/pkcs11h-engines.h
@@ -200,6 +200,30 @@ typedef struct pkcs11h_crypto_engine_s {
);
} pkcs11h_engine_crypto_t;
+/**
+ * @brief Set system engine to be used.
+ * @param engine Engine to use.
+ * @return CK_RV.
+ * @note Must be called before pkcs11h_initialize.
+ * @note Default engine is libc functions.
+ */
+CK_RV
+pkcs11h_engine_setSystem (
+ IN const pkcs11h_engine_system_t * const engine
+);
+
+/**
+ * @brief Set crypto engine to be used.
+ * @param engine Engine to use.
+ * @return CK_RV.
+ * @note Must be called before pkcs11h_initialize.
+ * @note Default is provided at configuration time.
+ */
+CK_RV
+pkcs11h_engine_setCrypto (
+ IN const pkcs11h_engine_crypto_t * const engine
+);
+
#ifdef __cplusplus
}
#endif
diff --git a/lib/pkcs11h-certificate.c b/lib/pkcs11h-certificate.c
index c6e00bf..8613082 100644
--- a/lib/pkcs11h-certificate.c
+++ b/lib/pkcs11h-certificate.c
@@ -784,14 +784,15 @@ __pkcs11h_certificate_doPrivateOperation (
};
CK_BBOOL wrap_attrs_false = CK_FALSE;
- CK_BBOOL wrap_attrs_true = CK_TRUE;
+ CK_OBJECT_CLASS class = CKO_SECRET_KEY;
+ CK_KEY_TYPE keytype = CKK_GENERIC_SECRET;
CK_ATTRIBUTE wrap_attrs[] = {
- {CKA_VALUE, target, *p_target_size},
- {CKA_ALWAYS_SENSITIVE, &wrap_attrs_false, sizeof (wrap_attrs_false)},
- {CKA_NEVER_EXTRACTABLE, &wrap_attrs_false, sizeof (wrap_attrs_false)},
- {CKA_EXTRACTABLE, &wrap_attrs_true, sizeof (wrap_attrs_true)},
- {CKA_LOCAL, &wrap_attrs_false, sizeof (wrap_attrs_false)},
- {CKA_TOKEN, &wrap_attrs_false, sizeof (wrap_attrs_false)}
+ {CKA_CLASS, &class, sizeof (class)},
+ {CKA_KEY_TYPE, &keytype, sizeof (keytype)}
+/* OpenSC fail! {CKA_TOKEN, &wrap_attrs_false, sizeof (wrap_attrs_false)} */
+ };
+ CK_ATTRIBUTE wrap_value[] = {
+ {CKA_VALUE, target, 0}
};
CK_OBJECT_HANDLE wrap_key = PKCS11H_INVALID_OBJECT_HANDLE;
@@ -915,11 +916,16 @@ __pkcs11h_certificate_doPrivateOperation (
);
break;
case _pkcs11h_private_op_unwrap:
- size = wrap_attrs[0].ulValueLen;
- rv = certificate->session->provider->f->C_DestroyObject (
+ wrap_value[0].ulValueLen = size;
+
+ rv = certificate->session->provider->f->C_GetAttributeValue (
certificate->session->session_handle,
- wrap_key
+ wrap_key,
+ wrap_value,
+ sizeof (wrap_value) / sizeof (CK_ATTRIBUTE)
);
+
+ size = wrap_value[0].ulValueLen;
break;
default:
rv = CKR_ARGUMENTS_BAD;
@@ -935,6 +941,14 @@ __pkcs11h_certificate_doPrivateOperation (
);
}
+ if (wrap_key != PKCS11H_INVALID_OBJECT_HANDLE) {
+ certificate->session->provider->f->C_DestroyObject (
+ certificate->session->session_handle,
+ wrap_key
+ );
+ wrap_key = PKCS11H_INVALID_OBJECT_HANDLE;
+ }
+
if (
target == NULL &&
(
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/pkcs11-helper.git
More information about the pkg-opensc-commit
mailing list