Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:GA
openCryptoki.2417
ocki-3.2_06_icsf_sign_verify.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ocki-3.2_06_icsf_sign_verify.patch of Package openCryptoki.2417
commit 72a1ac0ae9898de4262c5b98751c281f8979704b Author: Joy Latten <jmlatten@linux.vnet.ibm.com> Date: Wed Mar 25 17:12:14 2015 -0500 ICSF Token: chain data was not being copied for hmac signing and verifying. Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com> diff --git a/usr/lib/pkcs11/icsf_stdll/icsf_specific.c b/usr/lib/pkcs11/icsf_stdll/icsf_specific.c index c6fc231..fa4bad7 100644 --- a/usr/lib/pkcs11/icsf_stdll/icsf_specific.c +++ b/usr/lib/pkcs11/icsf_stdll/icsf_specific.c @@ -3526,7 +3526,12 @@ CK_RV icsftok_sign_update(SESSION *session, CK_BYTE *in_data, if (rc != 0) { OCK_LOG_ERR(CKR_FUNCTION_FAILED); rc = icsf_to_ock_err(rc, reason); + } else { + multi_part_ctx->initiated = TRUE; + memcpy(multi_part_ctx->chain_data, chain_data, + chain_data_len); } + break; case CKM_MD5_RSA_PKCS: @@ -3675,7 +3680,8 @@ CK_RV icsftok_sign_final(SESSION *session, CK_BBOOL length_only, } rc = icsf_hmac_sign(session_state->ld, &reason, - &mapping->icsf_object, &ctx->mech, "LAST", "", + &mapping->icsf_object, &ctx->mech, + multi_part_ctx->initiated ? "LAST":"ONLY", "", 0, signature, sig_len, chain_data, &chain_data_len); if (rc != 0) @@ -4055,7 +4061,12 @@ CK_RV icsftok_verify_update(SESSION *session, CK_BYTE *in_data, if (rc != 0) { OCK_LOG_ERR(CKR_FUNCTION_FAILED); rc = icsf_to_ock_err(rc, reason); + } else { + multi_part_ctx->initiated = TRUE; + memcpy(multi_part_ctx->chain_data, chain_data, + chain_data_len); } + break; case CKM_MD5_RSA_PKCS: @@ -4122,6 +4133,7 @@ CK_RV icsftok_verify_update(SESSION *session, CK_BYTE *in_data, memcpy(multi_part_ctx->chain_data, chain_data, chain_data_len); } + if (buffer) free(buffer); @@ -4191,7 +4203,8 @@ CK_RV icsftok_verify_final(SESSION *session, CK_BYTE *signature, /* get the chain data */ rc = icsf_hmac_verify(session_state->ld, &reason, - &mapping->icsf_object, &ctx->mech, "LAST", "", + &mapping->icsf_object, &ctx->mech, + multi_part_ctx->initiated ? "LAST":"ONLY", "", 0, signature, sig_len, chain_data, &chain_data_len); if (rc != 0)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor