rpms / opencryptoki

Clone
Source Code
GIT

Blame SOURCES/0007-EP11-Supply-CKA_PUBLIC_KEY_INFO-with-CKM_IBM_BTC_DER.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   971d89307817cf7bf5e1d6f6b10ac8349431397a
  2.   SOURCES
  3.   0007-EP11-Supply-CKA_PUBLIC_KEY_INFO-with-CKM_IBM_BTC_DER.patch
Blob History Raw
971d89 
From 63a42a9398f5ec7b2b139810ee7b5beb7ad1abc3 Mon Sep 17 00:00:00 2001
971d89 
From: Ingo Franzki <ifranzki@linux.ibm.com>
971d89 
Date: Fri, 4 Nov 2022 09:31:29 +0100
971d89 
Subject: [PATCH 07/34] EP11: Supply CKA_PUBLIC_KEY_INFO with
971d89 
 CKM_IBM_BTC_DERIVE of public key
971d89
971d89 
When deriving a public EC key with the CKM_IBM_BTC_DERIVE mechanism,
971d89 
also supply the SPKI in the CKA_PUBLIC_KEY_INFO attribute.
971d89
971d89 
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
971d89 
---
971d89 
 usr/lib/ep11_stdll/ep11_specific.c | 28 ++++++++++++++++++++++++++++
971d89 
 1 file changed, 28 insertions(+)
971d89
971d89 
diff --git a/usr/lib/ep11_stdll/ep11_specific.c b/usr/lib/ep11_stdll/ep11_specific.c
971d89 
index a56b5b82..886692c4 100644
971d89 
--- a/usr/lib/ep11_stdll/ep11_specific.c
971d89 
+++ b/usr/lib/ep11_stdll/ep11_specific.c
971d89 
@@ -4989,6 +4989,9 @@ CK_RV ep11tok_derive_key(STDLL_TokData_t * tokdata, SESSION * session,
971d89 
     CK_MECHANISM_PTR mech_orig = mech;
971d89 
     CK_ATTRIBUTE *ec_params;
971d89 
     CK_IBM_BTC_DERIVE_PARAMS *btc_params = NULL;
971d89 
+    CK_BYTE *spki = NULL;
971d89 
+    CK_ULONG spki_length = 0;
971d89 
+    CK_ATTRIBUTE *spki_attr = NULL;
971d89
971d89 
     memset(newblob, 0, sizeof(newblob));
971d89
971d89 
@@ -5329,6 +5332,29 @@ CK_RV ep11tok_derive_key(STDLL_TokData_t * tokdata, SESSION * session,
971d89 
                         __func__, rc);
971d89 
             goto error;
971d89 
         }
971d89 
+
971d89 
+        /* Extract the SPKI and add CKA_PUBLIC_KEY_INFO to key */
971d89 
+        rc = publ_key_get_spki(key_obj->template, ktype, FALSE,
971d89 
+                               &spki, &spki_length);
971d89 
+        if (rc != CKR_OK) {
971d89 
+            TRACE_DEVEL("publ_key_get_spki failed\n");
971d89 
+            goto error;
971d89 
+        }
971d89 
+
971d89 
+        rc = build_attribute(CKA_PUBLIC_KEY_INFO, spki, spki_length, &spki_attr);
971d89 
+        if (rc != CKR_OK) {
971d89 
+            TRACE_ERROR("%s build_attribute failed with rc=0x%lx\n",
971d89 
+                        __func__, rc);
971d89 
+            goto error;
971d89 
+        }
971d89 
+
971d89 
+        rc = template_update_attribute(key_obj->template, spki_attr);
971d89 
+        if (rc != CKR_OK) {
971d89 
+            TRACE_ERROR("%s template_update_attribute failed with "
971d89 
+                        "rc=0x%lx\n", __func__, rc);
971d89 
+            goto error;
971d89 
+        }
971d89 
+        spki_attr = NULL;
971d89 
     }
971d89
971d89 
     if (class == CKO_SECRET_KEY || class == CKO_PRIVATE_KEY) {
971d89 
@@ -5381,6 +5407,8 @@ error:
971d89 
         free(opaque_attr);
971d89 
     if (chk_attr != NULL)
971d89 
         free(chk_attr);
971d89 
+    if (spki_attr != NULL)
971d89 
+        free(spki_attr);
971d89 
     if (new_attrs)
971d89 
         free_attribute_array(new_attrs, new_attrs_len);
971d89 
     if (new_attrs1)
971d89 
--
971d89 
2.16.2.windows.1
971d89

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation