From 6faa13d83e5166e4bbe97d85935aca779fde9089 Mon Sep 17 00:00:00 2001

From: Ingo Franzki <ifranzki@linux.ibm.com>

Date: Thu, 2 Jul 2020 14:46:29 +0200

Subject: [PATCH 2/2] pkcstok_migrate: Fix private token object conversion on

 little endian platforms

The new format stores numeric fields in the object header in big endian, while

the old format uses the platform endianness. So convert the fields to big endian

during conversion.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

---

 usr/sbin/pkcstok_migrate/pkcstok_migrate.c | 4 ++--

 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/usr/sbin/pkcstok_migrate/pkcstok_migrate.c b/usr/sbin/pkcstok_migrate/pkcstok_migrate.c

index e0c19125..0148102c 100644

--- a/usr/sbin/pkcstok_migrate/pkcstok_migrate.c

+++ b/usr/sbin/pkcstok_migrate/pkcstok_migrate.c

@@ -239,7 +239,7 @@ static CK_RV make_OBJECT_PRIV_312(unsigned char **obj_new, unsigned int *obj_new

     /* Setup header */

     memset(&header, 0, sizeof(header));

-    header.tokversion = 0x0003000C;

+    header.tokversion = htobe32(0x0003000C);

     header.private_flag = 0x01;

     ret = aes_256_wrap(header.key_wrapped, obj_key, masterkey);

     if (ret != CKR_OK) {

@@ -252,7 +252,7 @@ static CK_RV make_OBJECT_PRIV_312(unsigned char **obj_new, unsigned int *obj_new

     header.iv[9] = 0;

     header.iv[10] = 0;

     header.iv[11] = 1;

-    header.object_len = clear_len;

+    header.object_len = htobe32(clear_len);

     memcpy(object, &header, HEADER_LEN);

     /* Encrypt body */

-- 

2.16.2.windows.1