[pkg-opensc-commit] [opensc] 51/295: pkcs11-tool: in 4rd test use other signature keys

Sat Jun 24 21:11:15 UTC 2017

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository opensc.

commit 1ab99f375643059132f214b5eedf473f53488485
Author: carblue <ka6613-496 at online.de>
Date:   Mon Jul 4 19:19:46 2016 +0200

    pkcs11-tool: in 4rd test use other signature keys
    
    also increase signature buffer in framework-pkcs15
    
    closes #814
---
 src/pkcs11/framework-pkcs15.c |  2 +-
 src/tools/pkcs11-tool.c       | 14 ++++++++++++--
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
index 88f47f5..a3aab5b 100644
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@@ -3608,7 +3608,7 @@ pkcs15_prkey_decrypt(struct sc_pkcs11_session *session, void *obj,
 	struct sc_pkcs11_card *p11card = session->slot->p11card;
 	struct pkcs15_fw_data *fw_data = NULL;
 	struct pkcs15_prkey_object *prkey;
-	unsigned char decrypted[256]; /* FIXME: Will not work for keys above 2048 bits */
+	unsigned char decrypted[512]; /* FIXME: Will not work for keys above 4096 bits */
 	int	buff_too_small, rv, flags = 0, prkey_has_path = 0;
 
 	sc_log(context, "Initiating decryption.");
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index ca49a16..061dec7 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -3901,7 +3901,7 @@ static int test_signature(CK_SESSION_HANDLE sess)
 	CK_MECHANISM_TYPE firstMechType;
 	CK_SESSION_INFO sessionInfo;
 	CK_ULONG        i, j;
-	unsigned char   data[256];
+	unsigned char   data[512]; /* FIXME: Will not work for keys above 4096 bits */
 	CK_ULONG        modLenBytes = 0;
 	CK_ULONG        dataLen;
 	unsigned char   sig1[1024], sig2[1024];
@@ -4115,7 +4115,7 @@ static int test_signature(CK_SESSION_HANDLE sess)
 	/* 4rd test: the other signature keys */
 
 	for (i = 0; mechTypes[i] != 0xffffff; i++)
-		if (i == firstMechType)
+		if (mechTypes[i] == firstMechType)
 			break;
 	ck_mech.mechanism = mechTypes[i];
 	j = 1;  /* j-th signature key */
@@ -4126,6 +4126,16 @@ static int test_signature(CK_SESSION_HANDLE sess)
 		modLenBits = get_private_key_length(sess, privKeyObject);
 		modLenBytes = (modLenBits + 7) / 8;
 
+		/* Fill in data[0] and dataLens[0] */
+		dataLen = modLenBytes;
+		data[0] = 0x00;
+		data[1] = 0x01;
+		memset(data + 2, 0xFF, dataLen - 3 - dataLens[1]);
+		data[dataLen - 36] = 0x00;
+		memcpy(data + (dataLen - dataLens[1]), datas[1], dataLens[1]);
+		datas[0] = data;
+		dataLens[0] = dataLen;
+
 		printf("  testing key %d (%u bits%s%s) with 1 signature mechanism",
 				(int) (j-1),
 				(int) modLenBits,

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git

