From bae1005fb41a979f94ec46e186b0d00a4fd82b38 Mon Sep 17 00:00:00 2001 From: Alessio Di Mauro Date: Thu, 17 Sep 2015 16:46:04 +0200 Subject: [PATCH] Export more info for EC keys too. --- ykcs11/objects.c | 45 ++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 42 insertions(+), 3 deletions(-) diff --git a/ykcs11/objects.c b/ykcs11/objects.c index c9780a8..3767ca9 100644 --- a/ykcs11/objects.c +++ b/ykcs11/objects.c @@ -538,15 +538,39 @@ CK_RV get_proa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { break; case CKA_EC_POINT: - // We're trying to get the key length, get the ec point of the PUBLIC key - // TODO: or just give an error and explicitly fetch the pubk len when needed DBG(("EC_POINT")); len = sizeof(b_tmp); + + // Make sure that this is an EC key + ul_tmp = get_key_type(pubkey_objects[piv_objects[obj].sub_id].data); // Getting the info from the pubk + if (ul_tmp == CKK_VENDOR_DEFINED) + return CKR_FUNCTION_FAILED; + if (ul_tmp != CKK_ECDSA) + return CKR_ATTRIBUTE_VALUE_INVALID; + if (get_public_key(pubkey_objects[piv_objects[obj].sub_id].data, b_tmp, &len) != CKR_OK) return CKR_FUNCTION_FAILED; data = b_tmp; break; + case CKA_EC_PARAMS: + // Here we want the curve parameters (DER encoded OID) + DBG(("EC_PARAMS")); + len = sizeof(b_tmp); + + // Make sure that this is an EC key + ul_tmp = get_key_type(pubkey_objects[piv_objects[obj].sub_id].data); // Getting the info from the pubk + if (ul_tmp == CKK_VENDOR_DEFINED) + return CKR_FUNCTION_FAILED; + if (ul_tmp != CKK_ECDSA) + return CKR_ATTRIBUTE_VALUE_INVALID; + + if (get_curve_parameters(pubkey_objects[piv_objects[obj].sub_id].data, b_tmp, &len) != CKR_OK) + return CKR_FUNCTION_FAILED; + + data = b_tmp; + break; + case CKA_MODULUS_BITS: DBG(("MODULUS BITS")); len = sizeof(CK_ULONG); @@ -732,9 +756,16 @@ CK_RV get_puoa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { return CKR_FUNCTION_FAILED; case CKA_EC_POINT: - // We're trying to get the key length, get the ec point of the PUBLIC key DBG(("EC_POINT")); len = sizeof(b_tmp); + + // Make sure that this is an EC key + ul_tmp = get_key_type(pubkey_objects[piv_objects[obj].sub_id].data); // Getting the info from the pubk + if (ul_tmp == CKK_VENDOR_DEFINED) + return CKR_FUNCTION_FAILED; + if (ul_tmp != CKK_ECDSA) + return CKR_ATTRIBUTE_VALUE_INVALID; + if (get_public_key(pubkey_objects[piv_objects[obj].sub_id].data, b_tmp, &len) != CKR_OK) return CKR_FUNCTION_FAILED; data = b_tmp; @@ -744,6 +775,14 @@ CK_RV get_puoa(CK_OBJECT_HANDLE obj, CK_ATTRIBUTE_PTR template) { // Here we want the curve parameters (DER encoded OID) DBG(("EC_PARAMS")); len = sizeof(b_tmp); + + // Make sure that this is an EC key + ul_tmp = get_key_type(pubkey_objects[piv_objects[obj].sub_id].data); // Getting the info from the pubk + if (ul_tmp == CKK_VENDOR_DEFINED) + return CKR_FUNCTION_FAILED; + if (ul_tmp != CKK_ECDSA) + return CKR_ATTRIBUTE_VALUE_INVALID; + if (get_curve_parameters(pubkey_objects[piv_objects[obj].sub_id].data, b_tmp, &len) != CKR_OK) return CKR_FUNCTION_FAILED;