[pkg-opensc-commit] [opensc] 51/295: pkcs11-tool: in 4rd test use other signature keys
Eric Dorland
eric at moszumanska.debian.org
Sat Jun 24 21:11:15 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository opensc.
commit 1ab99f375643059132f214b5eedf473f53488485
Author: carblue <ka6613-496 at online.de>
Date: Mon Jul 4 19:19:46 2016 +0200
pkcs11-tool: in 4rd test use other signature keys
also increase signature buffer in framework-pkcs15
closes #814
---
src/pkcs11/framework-pkcs15.c | 2 +-
src/tools/pkcs11-tool.c | 14 ++++++++++++--
2 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
index 88f47f5..a3aab5b 100644
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@@ -3608,7 +3608,7 @@ pkcs15_prkey_decrypt(struct sc_pkcs11_session *session, void *obj,
struct sc_pkcs11_card *p11card = session->slot->p11card;
struct pkcs15_fw_data *fw_data = NULL;
struct pkcs15_prkey_object *prkey;
- unsigned char decrypted[256]; /* FIXME: Will not work for keys above 2048 bits */
+ unsigned char decrypted[512]; /* FIXME: Will not work for keys above 4096 bits */
int buff_too_small, rv, flags = 0, prkey_has_path = 0;
sc_log(context, "Initiating decryption.");
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index ca49a16..061dec7 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -3901,7 +3901,7 @@ static int test_signature(CK_SESSION_HANDLE sess)
CK_MECHANISM_TYPE firstMechType;
CK_SESSION_INFO sessionInfo;
CK_ULONG i, j;
- unsigned char data[256];
+ unsigned char data[512]; /* FIXME: Will not work for keys above 4096 bits */
CK_ULONG modLenBytes = 0;
CK_ULONG dataLen;
unsigned char sig1[1024], sig2[1024];
@@ -4115,7 +4115,7 @@ static int test_signature(CK_SESSION_HANDLE sess)
/* 4rd test: the other signature keys */
for (i = 0; mechTypes[i] != 0xffffff; i++)
- if (i == firstMechType)
+ if (mechTypes[i] == firstMechType)
break;
ck_mech.mechanism = mechTypes[i];
j = 1; /* j-th signature key */
@@ -4126,6 +4126,16 @@ static int test_signature(CK_SESSION_HANDLE sess)
modLenBits = get_private_key_length(sess, privKeyObject);
modLenBytes = (modLenBits + 7) / 8;
+ /* Fill in data[0] and dataLens[0] */
+ dataLen = modLenBytes;
+ data[0] = 0x00;
+ data[1] = 0x01;
+ memset(data + 2, 0xFF, dataLen - 3 - dataLens[1]);
+ data[dataLen - 36] = 0x00;
+ memcpy(data + (dataLen - dataLens[1]), datas[1], dataLens[1]);
+ datas[0] = data;
+ dataLens[0] = dataLen;
+
printf(" testing key %d (%u bits%s%s) with 1 signature mechanism",
(int) (j-1),
(int) modLenBits,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git
More information about the pkg-opensc-commit
mailing list