Fixed extraction of RSA modulus and exponent

This commit is contained in:
Mikhail Denisenko
2015-12-09 13:13:24 -05:00
parent 2bbe710559
commit 5a60faf779
3 changed files with 45 additions and 13 deletions
+13 -9
View File
@@ -340,8 +340,12 @@ static CK_ULONG get_modulus_bits(EVP_PKEY *key) {
return do_get_rsa_modulus_length(key);
}
static CK_ULONG get_public_exponent(EVP_PKEY *key) {
return do_get_public_exponent(key);
static CK_RV get_public_exponent(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len) {
return do_get_public_exponent(key, data, len);
}
static CK_RV get_modulus(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len) {
return do_get_modulus(key, data, len);
}
static CK_RV get_public_key(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len) {
@@ -727,10 +731,9 @@ CK_RV get_proa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) {
if (ul_tmp != CKK_RSA)
return CKR_ATTRIBUTE_VALUE_INVALID;
ul_tmp = get_public_exponent(pubkey_objects[piv_objects[obj].sub_id].data); // Getting the info from the pubk
if (ul_tmp == 0)
if (get_public_exponent(pubkey_objects[piv_objects[obj].sub_id].data, b_tmp, &len) != CKR_OK)
return CKR_FUNCTION_FAILED;
data = (CK_BYTE_PTR) &ul_tmp;
data = b_tmp;
break;
/* case CKA_PRIVATE_EXPONENT: */
@@ -928,7 +931,7 @@ CK_RV get_puoa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) {
if (ul_tmp != CKK_RSA)
return CKR_ATTRIBUTE_VALUE_INVALID;
if (get_public_key(pubkey_objects[piv_objects[obj].sub_id].data, b_tmp, &len) != CKR_OK)
if (get_modulus(pubkey_objects[piv_objects[obj].sub_id].data, b_tmp, &len) != CKR_OK)
return CKR_FUNCTION_FAILED;
data = b_tmp;
break;
@@ -961,10 +964,9 @@ CK_RV get_puoa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) {
if (ul_tmp != CKK_RSA)
return CKR_ATTRIBUTE_VALUE_INVALID;
ul_tmp = get_public_exponent(pubkey_objects[piv_objects[obj].sub_id].data); // Getting the info from the pubk
if (ul_tmp == 0)
if (get_public_exponent(pubkey_objects[piv_objects[obj].sub_id].data, b_tmp, &len) != CKR_OK)
return CKR_FUNCTION_FAILED;
data = (CK_BYTE_PTR) &ul_tmp;
data = b_tmp;
break;
case CKA_LOCAL:
@@ -1301,6 +1303,8 @@ CK_RV check_create_cert(CK_ATTRIBUTE_PTR templ, CK_ULONG n,
case CKA_TOKEN:
case CKA_LABEL:
case CKA_SUBJECT:
case CKA_ISSUER:
case CKA_CERTIFICATE_TYPE:
// Ignore other attributes
break;
+30 -3
View File
@@ -317,16 +317,43 @@ CK_ULONG do_get_rsa_modulus_length(EVP_PKEY *key) {
}
CK_ULONG do_get_public_exponent(EVP_PKEY *key) {
CK_RV do_get_modulus(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len) {
RSA *rsa;
rsa = EVP_PKEY_get1_RSA(key);
if (rsa == NULL)
return CKR_FUNCTION_FAILED;
if ((CK_ULONG)BN_num_bytes(rsa->n) > *len) {
RSA_free(rsa);
rsa = NULL;
return CKR_BUFFER_TOO_SMALL;
}
*len = (CK_ULONG)BN_bn2bin(rsa->n, data);
RSA_free(rsa);
rsa = NULL;
return CKR_OK;
}
CK_RV do_get_public_exponent(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len) {
CK_ULONG e = 0;
RSA *rsa;
rsa = EVP_PKEY_get1_RSA(key);
if (rsa == NULL)
return 0;
return CKR_FUNCTION_FAILED;
BN_bn2bin(rsa->e, (unsigned char *)&e);
if ((CK_ULONG)BN_num_bytes(rsa->e) > *len) {
RSA_free(rsa);
rsa = NULL;
return CKR_BUFFER_TOO_SMALL;
}
*len = (CK_ULONG)BN_bn2bin(rsa->e, data);
RSA_free(rsa);
rsa = NULL;
+2 -1
View File
@@ -20,8 +20,9 @@ CK_RV do_delete_cert(X509 **cert);
CK_RV do_store_pubk(X509 *cert, EVP_PKEY **key);
CK_KEY_TYPE do_get_key_type(EVP_PKEY *key);
CK_ULONG do_get_rsa_modulus_length(EVP_PKEY *key);
CK_ULONG do_get_public_exponent(EVP_PKEY *key);
CK_RV do_get_public_exponent(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len);
CK_RV do_get_public_key(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len);
CK_RV do_get_modulus(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len);
CK_RV do_encode_rsa_public_key(CK_BYTE_PTR data, CK_ULONG len, RSA **key);
CK_RV do_get_curve_parameters(EVP_PKEY *key, CK_BYTE_PTR data, CK_ULONG_PTR len);
CK_RV do_delete_pubk(EVP_PKEY **key);