diff options
Diffstat (limited to 'usr/src/lib/pkcs11/pkcs11_softtoken/common/softRSA.c')
| -rw-r--r-- | usr/src/lib/pkcs11/pkcs11_softtoken/common/softRSA.c | 523 |
1 files changed, 115 insertions, 408 deletions
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softRSA.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softRSA.c index 669c1bfda4..a919b32d0e 100644 --- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softRSA.c +++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softRSA.c @@ -18,27 +18,24 @@ * * CDDL HEADER END */ + /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. - * Use is subject to license terms. + * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. */ -#pragma ident "%Z%%M% %I% %E% SMI" - #include <pthread.h> #include <stdlib.h> #include <string.h> #include <strings.h> #include <sys/types.h> #include <security/cryptoki.h> -#include <bignum.h> +#include <cryptoutil.h> #include "softGlobal.h" #include "softSession.h" #include "softObject.h" #include "softOps.h" #include "softRSA.h" #include "softMAC.h" -#include "softRandom.h" #include "softCrypt.h" CK_RV @@ -54,8 +51,7 @@ soft_rsa_encrypt(soft_object_t *key, CK_BYTE_PTR in, uint32_t in_len, uchar_t modulus[MAX_KEY_ATTR_BUFLEN]; uint32_t expo_len = sizeof (expo); uint32_t modulus_len = sizeof (modulus); - BIGNUM msg; - RSAkey *rsakey; + RSAbytekey k; if (realpublic) { rv = soft_get_public_value(key, CKA_PUBLIC_EXPONENT, expo, @@ -76,58 +72,14 @@ soft_rsa_encrypt(soft_object_t *key, CK_BYTE_PTR in, uint32_t in_len, goto clean1; } - if (expo_len > modulus_len) { - rv = CKR_KEY_SIZE_RANGE; - goto clean1; - } - - rsakey = calloc(1, sizeof (RSAkey)); - if (rsakey == NULL) { - rv = CKR_HOST_MEMORY; - goto clean1; - } + k.modulus = modulus; + k.modulus_bits = CRYPTO_BYTES2BITS(modulus_len); + k.pubexpo = expo; + k.pubexpo_bytes = expo_len; + k.rfunc = NULL; - if (RSA_key_init(rsakey, modulus_len * 4, modulus_len * 4) != BIG_OK) { - rv = CKR_HOST_MEMORY; - goto clean4; - } - - /* Size for big_init is in BIG_CHUNK_TYPE words. */ - if (big_init(&msg, CHARLEN2BIGNUMLEN(in_len)) != BIG_OK) { - rv = CKR_HOST_MEMORY; - goto clean5; - } - - /* Convert octet string exponent to big integer format. */ - bytestring2bignum(&(rsakey->e), expo, expo_len); - - /* Convert octet string modulus to big integer format. */ - bytestring2bignum(&(rsakey->n), modulus, modulus_len); - - /* Convert octet string input data to big integer format. */ - bytestring2bignum(&msg, (uchar_t *)in, in_len); - - if (big_cmp_abs(&msg, &(rsakey->n)) > 0) { - rv = CKR_DATA_LEN_RANGE; - goto clean6; - } + rv = rsa_encrypt(&k, in, in_len, out); - /* Perform RSA computation on big integer input data. */ - if (big_modexp(&msg, &msg, &(rsakey->e), &(rsakey->n), NULL) != - BIG_OK) { - rv = CKR_HOST_MEMORY; - goto clean6; - } - - /* Convert the big integer output data to octet string. */ - bignum2bytestring((uchar_t *)out, &msg, modulus_len); - -clean6: - big_finish(&msg); -clean5: - RSA_key_finish(rsakey); -clean4: - free(rsakey); clean1: /* EXPORT DELETE END */ @@ -157,8 +109,7 @@ soft_rsa_decrypt(soft_object_t *key, CK_BYTE_PTR in, uint32_t in_len, uint32_t expo1_len = sizeof (expo1); uint32_t expo2_len = sizeof (expo2); uint32_t coef_len = sizeof (coef); - BIGNUM msg; - RSAkey *rsakey; + RSAbytekey k; rv = soft_get_private_value(key, CKA_MODULUS, modulus, &modulus_len); if (rv != CKR_OK) { @@ -215,66 +166,22 @@ soft_rsa_decrypt(soft_object_t *key, CK_BYTE_PTR in, uint32_t in_len, goto clean1; } - rsakey = calloc(1, sizeof (RSAkey)); - if (rsakey == NULL) { - rv = CKR_HOST_MEMORY; - goto clean1; - } - - /* psize and qsize for RSA_key_init is in bits. */ - if (RSA_key_init(rsakey, prime2_len * 8, prime1_len * 8) != BIG_OK) { - rv = CKR_HOST_MEMORY; - goto clean8; - } - - /* Size for big_init is in BIG_CHUNK_TYPE words. */ - if (big_init(&msg, CHARLEN2BIGNUMLEN(in_len)) != BIG_OK) { - rv = CKR_HOST_MEMORY; - goto clean9; - } - - /* Convert octet string input data to big integer format. */ - bytestring2bignum(&msg, (uchar_t *)in, in_len); - - /* Convert octet string modulus to big integer format. */ - bytestring2bignum(&(rsakey->n), modulus, modulus_len); - - if (big_cmp_abs(&msg, &(rsakey->n)) > 0) { - rv = CKR_DATA_LEN_RANGE; - goto clean10; - } + k.modulus = modulus; + k.modulus_bits = CRYPTO_BYTES2BITS(modulus_len); + k.prime1 = prime1; + k.prime1_bytes = prime1_len; + k.prime2 = prime2; + k.prime2_bytes = prime2_len; + k.expo1 = expo1; + k.expo1_bytes = expo1_len; + k.expo2 = expo2; + k.expo2_bytes = expo2_len; + k.coeff = coef; + k.coeff_bytes = coef_len; + k.rfunc = NULL; - /* Convert the rest of private key attributes to big integer format. */ - bytestring2bignum(&(rsakey->dmodpminus1), expo2, expo2_len); - bytestring2bignum(&(rsakey->dmodqminus1), expo1, expo1_len); - bytestring2bignum(&(rsakey->p), prime2, prime2_len); - bytestring2bignum(&(rsakey->q), prime1, prime1_len); - bytestring2bignum(&(rsakey->pinvmodq), coef, coef_len); + rv = rsa_decrypt(&k, in, in_len, out); - if ((big_cmp_abs(&(rsakey->dmodpminus1), &(rsakey->p)) > 0) || - (big_cmp_abs(&(rsakey->dmodqminus1), &(rsakey->q)) > 0) || - (big_cmp_abs(&(rsakey->pinvmodq), &(rsakey->q)) > 0)) { - rv = CKR_KEY_SIZE_RANGE; - goto clean10; - } - - /* Perform RSA computation on big integer input data. */ - if (big_modexp_crt(&msg, &msg, &(rsakey->dmodpminus1), - &(rsakey->dmodqminus1), &(rsakey->p), &(rsakey->q), - &(rsakey->pinvmodq), NULL, NULL) != BIG_OK) { - rv = CKR_HOST_MEMORY; - goto clean10; - } - - /* Convert the big integer output data to octet string. */ - bignum2bytestring((uchar_t *)out, &msg, modulus_len); - -clean10: - big_finish(&msg); -clean9: - RSA_key_finish(rsakey); -clean8: - free(rsakey); clean1: /* EXPORT DELETE END */ @@ -397,7 +304,7 @@ soft_rsa_encrypt_common(soft_session_t *session_p, CK_BYTE_PTR pData, * Add PKCS padding to the input data to format a block * type "02" encryption block. */ - rv = soft_encrypt_rsa_pkcs_encode(pData, ulDataLen, plain_data, + rv = pkcs1_encode(PKCS1_ENCRYPT, pData, ulDataLen, plain_data, modulus_len); if (rv != CKR_OK) @@ -474,11 +381,11 @@ soft_rsa_decrypt_common(soft_session_t *session_p, CK_BYTE_PTR pEncrypted, } if (mechanism == CKM_RSA_PKCS) { - int plain_len = modulus_len; - uint32_t num_padding; + size_t plain_len = modulus_len; + size_t num_padding; /* Strip off the PKCS block formatting data. */ - rv = soft_decrypt_rsa_pkcs_decode(plain_data, &plain_len); + rv = pkcs1_decode(PKCS1_DECRYPT, plain_data, &plain_len); if (rv != CKR_OK) goto clean_exit; @@ -691,7 +598,7 @@ soft_rsa_sign_common(soft_session_t *session_p, CK_BYTE_PTR pData, * Add PKCS padding to the input data to format a block * type "01" encryption block. */ - rv = soft_sign_rsa_pkcs_encode(pData, ulDataLen, plain_data, + rv = pkcs1_encode(PKCS1_SIGN, pData, ulDataLen, plain_data, modulus_len); if (rv != CKR_OK) { @@ -755,6 +662,11 @@ soft_rsa_verify_common(soft_session_t *session_p, CK_BYTE_PTR pData, goto clean_exit; } + if (ulDataLen == 0) { + rv = CKR_DATA_LEN_RANGE; + goto clean_exit; + } + if (ulSignatureLen != (CK_ULONG)modulus_len) { rv = CKR_SIGNATURE_LEN_RANGE; goto clean_exit; @@ -780,15 +692,15 @@ soft_rsa_verify_common(soft_session_t *session_p, CK_BYTE_PTR pData, * recovered data, then compare the recovered data with * the original data. */ - int data_len = modulus_len; + size_t data_len = modulus_len; - rv = soft_verify_rsa_pkcs_decode(plain_data, &data_len); + rv = pkcs1_decode(PKCS1_VERIFY, plain_data, &data_len); if (rv != CKR_OK) { goto clean_exit; } if ((CK_ULONG)data_len != ulDataLen) { - rv = CKR_SIGNATURE_LEN_RANGE; + rv = CKR_DATA_LEN_RANGE; goto clean_exit; } else if (memcmp(pData, &plain_data[modulus_len - data_len], @@ -840,36 +752,17 @@ clean_exit: } CK_RV -soft_genRSAkey_set_attribute(soft_object_t *key, RSAkey *rsakey, - CK_ATTRIBUTE_TYPE type, uint32_t modulus_len, boolean_t public) +soft_genRSAkey_set_attribute(soft_object_t *key, CK_ATTRIBUTE_TYPE type, + uchar_t *buf, uint32_t buflen, boolean_t public) { - - uchar_t *buf, *buf1; - uint32_t buflen; CK_RV rv = CKR_OK; biginteger_t *dst = NULL; biginteger_t src; - /* - * Allocate the buffer used to store the value of key fields - * for bignum2bytestring. Since bignum only deals with a buffer - * whose size is multiple of sizeof (BIG_CHUNK_TYPE), - * modulus_len is rounded up to be multiple of that. - */ - if ((buf1 = malloc((modulus_len + sizeof (BIG_CHUNK_TYPE) - 1) & - ~(sizeof (BIG_CHUNK_TYPE) - 1))) == NULL) { - rv = CKR_HOST_MEMORY; - goto cleanexit; - } - - buf = buf1; - switch (type) { case CKA_MODULUS: - buflen = rsakey->n.len * (int)sizeof (BIG_CHUNK_TYPE); - bignum2bytestring(buf, &rsakey->n, buflen); if (public) dst = OBJ_PUB_RSA_MOD(key); else @@ -878,8 +771,6 @@ soft_genRSAkey_set_attribute(soft_object_t *key, RSAkey *rsakey, case CKA_PUBLIC_EXPONENT: - buflen = rsakey->e.len * (int)sizeof (BIG_CHUNK_TYPE); - bignum2bytestring(buf, &rsakey->e, buflen); if (public) dst = OBJ_PUB_RSA_PUBEXPO(key); else @@ -888,269 +779,90 @@ soft_genRSAkey_set_attribute(soft_object_t *key, RSAkey *rsakey, case CKA_PRIVATE_EXPONENT: - buflen = rsakey->d.len * (int)sizeof (BIG_CHUNK_TYPE); - bignum2bytestring(buf, &rsakey->d, buflen); dst = OBJ_PRI_RSA_PRIEXPO(key); break; case CKA_PRIME_1: - buflen = rsakey->q.len * (int)sizeof (BIG_CHUNK_TYPE); - bignum2bytestring(buf, &rsakey->q, buflen); dst = OBJ_PRI_RSA_PRIME1(key); break; case CKA_PRIME_2: - buflen = rsakey->p.len * (int)sizeof (BIG_CHUNK_TYPE); - bignum2bytestring(buf, &rsakey->p, buflen); dst = OBJ_PRI_RSA_PRIME2(key); break; case CKA_EXPONENT_1: - buflen = rsakey->dmodqminus1.len * - (int)sizeof (BIG_CHUNK_TYPE); - bignum2bytestring(buf, &rsakey->dmodqminus1, buflen); dst = OBJ_PRI_RSA_EXPO1(key); break; case CKA_EXPONENT_2: - buflen = rsakey->dmodpminus1.len * - (int)sizeof (BIG_CHUNK_TYPE); - bignum2bytestring(buf, &rsakey->dmodpminus1, buflen); dst = OBJ_PRI_RSA_EXPO2(key); break; case CKA_COEFFICIENT: - buflen = rsakey->pinvmodq.len * (int)sizeof (BIG_CHUNK_TYPE); - bignum2bytestring(buf, &rsakey->pinvmodq, buflen); dst = OBJ_PRI_RSA_COEF(key); break; } + /* Note: no explanation found for why this is needed */ while (buf[0] == 0) { /* remove proceeding 0x00 */ buf++; buflen--; } - src.big_value_len = buflen; - - if ((src.big_value = malloc(buflen)) == NULL) { - rv = CKR_HOST_MEMORY; + if ((rv = dup_bigint_attr(&src, buf, buflen)) != CKR_OK) goto cleanexit; - } - (void) memcpy(src.big_value, buf, buflen); /* Copy the attribute in the key object. */ copy_bigint_attr(&src, dst); cleanexit: - free(buf1); return (rv); } CK_RV -generate_rsa_key(RSAkey *key, int psize, int qsize, BIGNUM * pubexp, - boolean_t token_obj) -{ - CK_RV rv = CKR_OK; - -/* EXPORT DELETE START */ - - BIGNUM a, b, c, d, e, f, g, h; - int len, keylen, size; - BIG_ERR_CODE brv = BIG_OK; - - size = psize + qsize; - keylen = BITLEN2BIGNUMLEN(size); - len = keylen * 2 + 1; - key->size = size; - - a.malloced = 0; - b.malloced = 0; - c.malloced = 0; - d.malloced = 0; - e.malloced = 0; - f.malloced = 0; - g.malloced = 0; - h.malloced = 0; - - if ((big_init(&a, len) != BIG_OK) || - (big_init(&b, len) != BIG_OK) || - (big_init(&c, len) != BIG_OK) || - (big_init(&d, len) != BIG_OK) || - (big_init(&e, len) != BIG_OK) || - (big_init(&f, len) != BIG_OK) || - (big_init(&g, len) != BIG_OK) || - (big_init(&h, len) != BIG_OK)) { - big_finish(&h); - big_finish(&g); - big_finish(&f); - big_finish(&e); - big_finish(&d); - big_finish(&c); - big_finish(&b); - big_finish(&a); - - return (CKR_HOST_MEMORY); - } -nextp: - if ((brv = random_bignum(&a, psize, token_obj)) != BIG_OK) { - goto ret; - } - - if ((brv = big_nextprime_pos(&b, &a)) != BIG_OK) { - goto ret; - } - (void) big_sub_pos(&a, &b, &big_One); - if ((brv = big_ext_gcd_pos(&f, &d, &g, pubexp, &a)) != BIG_OK) { - goto ret; - } - if (big_cmp_abs(&f, &big_One) != 0) { - goto nextp; - } - - if ((brv = random_bignum(&c, qsize, token_obj)) != BIG_OK) { - goto ret; - } - -nextq: - (void) big_add(&a, &c, &big_Two); - - if (big_bitlength(&a) != qsize) { - goto nextp; - } - if (big_cmp_abs(&a, &b) == 0) { - goto nextp; - } - if ((brv = big_nextprime_pos(&c, &a)) != BIG_OK) { - goto ret; - } - if ((brv = big_mul(&g, &b, &c)) != BIG_OK) { - goto ret; - } - if (big_bitlength(&g) != size) { - goto nextp; - } - - (void) big_sub_pos(&a, &b, &big_One); - (void) big_sub_pos(&d, &c, &big_One); - - if ((brv = big_mul(&a, &a, &d)) != BIG_OK) { - goto ret; - } - if ((brv = big_ext_gcd_pos(&f, &d, &h, pubexp, &a)) != BIG_OK) { - goto ret; - } - if (big_cmp_abs(&f, &big_One) != 0) { - goto nextq; - } else { - (void) big_copy(&e, pubexp); - } - if (d.sign == -1) { - if ((brv = big_add(&d, &d, &a)) != BIG_OK) { - goto ret; - } - } - (void) big_copy(&(key->p), &b); - (void) big_copy(&(key->q), &c); - (void) big_copy(&(key->n), &g); - (void) big_copy(&(key->d), &d); - (void) big_copy(&(key->e), &e); - - if ((brv = big_ext_gcd_pos(&a, &f, &h, &b, &c)) != BIG_OK) { - goto ret; - } - if (f.sign == -1) { - if ((brv = big_add(&f, &f, &c)) != BIG_OK) { - goto ret; - } - } - (void) big_copy(&(key->pinvmodq), &f); - - (void) big_sub(&a, &b, &big_One); - if ((brv = big_div_pos(&a, &f, &d, &a)) != BIG_OK) { - goto ret; - } - (void) big_copy(&(key->dmodpminus1), &f); - (void) big_sub(&a, &c, &big_One); - if ((brv = big_div_pos(&a, &f, &d, &a)) != BIG_OK) { - goto ret; - } - (void) big_copy(&(key->dmodqminus1), &f); - - if ((brv = random_bignum(&h, size, token_obj)) != BIG_OK) { - goto ret; - } - if ((brv = big_div_pos(&a, &h, &h, &g)) != BIG_OK) { - goto ret; - } - if ((brv = big_modexp(&a, &h, &d, &g, NULL)) != BIG_OK) { - goto ret; - } - - if ((brv = big_modexp(&b, &a, &e, &g, NULL)) != BIG_OK) { - goto ret; - } - - if (big_cmp_abs(&b, &h) != 0) { - rv = generate_rsa_key(key, psize, qsize, pubexp, token_obj); - goto ret1; - } else { - brv = BIG_OK; - } - -ret: - rv = convert_rv(brv); -ret1: - big_finish(&h); - big_finish(&g); - big_finish(&f); - big_finish(&e); - big_finish(&d); - big_finish(&c); - big_finish(&b); - big_finish(&a); - -/* EXPORT DELETE END */ - - return (rv); -} - - -CK_RV soft_rsa_genkey_pair(soft_object_t *pubkey, soft_object_t *prikey) { - CK_RV rv = CKR_OK; + CK_ATTRIBUTE template; + uchar_t modulus[MAX_KEY_ATTR_BUFLEN]; uint32_t modulus_len; - uchar_t pub_expo[MAX_KEY_ATTR_BUFLEN]; + uchar_t pub_expo[MAX_KEY_ATTR_BUFLEN]; uint32_t pub_expo_len = sizeof (pub_expo); - BIGNUM public_exponent = {0}; - RSAkey rsakey = {0}; - CK_ATTRIBUTE template; + uchar_t private_exponent[MAX_KEY_ATTR_BUFLEN]; + uint32_t private_exponent_len = sizeof (private_exponent); + uchar_t prime1[MAX_KEY_ATTR_BUFLEN]; + uint32_t prime1_len = sizeof (prime1); + uchar_t prime2[MAX_KEY_ATTR_BUFLEN]; + uint32_t prime2_len = sizeof (prime2); + uchar_t exponent1[MAX_KEY_ATTR_BUFLEN]; + uint32_t exponent1_len = sizeof (exponent1); + uchar_t exponent2[MAX_KEY_ATTR_BUFLEN]; + uint32_t exponent2_len = sizeof (exponent2); + uchar_t coefficient[MAX_KEY_ATTR_BUFLEN]; + uint32_t coefficient_len = sizeof (coefficient); + RSAbytekey k; if ((pubkey == NULL) || (prikey == NULL)) { return (CKR_ARGUMENTS_BAD); } template.pValue = malloc(sizeof (CK_ULONG)); - if (template.pValue == NULL) { return (CKR_HOST_MEMORY); } - template.ulValueLen = sizeof (CK_ULONG); rv = get_ulong_attr_from_object(OBJ_PUB_RSA_MOD_BITS(pubkey), &template); - if (rv != CKR_OK) { + free(template.pValue); goto clean0; } @@ -1161,15 +873,7 @@ soft_rsa_genkey_pair(soft_object_t *pubkey, soft_object_t *prikey) modulus_len = *((CK_ULONG *)(template.pValue)); #endif /* __sparcv9 */ - /* Convert modulus length from bit length to byte length. */ - modulus_len = (modulus_len + 7) / 8; - - /* Modulus length needs to be between min key size and max key size. */ - if ((modulus_len < MIN_RSA_KEYLENGTH_IN_BYTES) || - (modulus_len > MAX_RSA_KEYLENGTH_IN_BYTES)) { - rv = CKR_ATTRIBUTE_VALUE_INVALID; - goto clean0; - } + free(template.pValue); rv = soft_get_public_value(pubkey, CKA_PUBLIC_EXPONENT, pub_expo, &pub_expo_len); @@ -1177,82 +881,85 @@ soft_rsa_genkey_pair(soft_object_t *pubkey, soft_object_t *prikey) goto clean0; } - /* Create a public exponent in bignum format. */ - if (big_init(&public_exponent, CHARLEN2BIGNUMLEN(modulus_len)) != - BIG_OK) { - rv = CKR_HOST_MEMORY; - goto clean0; - } - bytestring2bignum(&public_exponent, pub_expo, pub_expo_len); - - if (RSA_key_init(&rsakey, modulus_len * 4, modulus_len * 4) != BIG_OK) { - rv = CKR_HOST_MEMORY; - goto clean2; - } + /* Inputs to RSA key pair generation */ + k.modulus_bits = modulus_len; /* save modulus len in bits */ + modulus_len = CRYPTO_BITS2BYTES(modulus_len); /* convert to bytes */ + k.modulus = modulus; + k.pubexpo = pub_expo; + k.pubexpo_bytes = pub_expo_len; + k.rfunc = (IS_TOKEN_OBJECT(pubkey) || IS_TOKEN_OBJECT(prikey)) ? + pkcs11_get_random : pkcs11_get_urandom; + + /* Outputs from RSA key pair generation */ + k.privexpo = private_exponent; + k.privexpo_bytes = private_exponent_len; + k.prime1 = prime1; + k.prime1_bytes = prime1_len; + k.prime2 = prime2; + k.prime2_bytes = prime2_len; + k.expo1 = exponent1; + k.expo1_bytes = exponent1_len; + k.expo2 = exponent2; + k.expo2_bytes = exponent2_len; + k.coeff = coefficient; + k.coeff_bytes = coefficient_len; + + rv = rsa_genkey_pair(&k); - /* Generate RSA key pair. */ - if ((rv = generate_rsa_key(&rsakey, modulus_len * 4, modulus_len * 4, - &public_exponent, (IS_TOKEN_OBJECT(pubkey) || - IS_TOKEN_OBJECT(prikey)))) != CKR_OK) { - goto clean3; + if (rv != CKR_OK) { + goto clean0; } /* * Add modulus in public template, and add all eight key fields * in private template. */ - if ((rv = soft_genRSAkey_set_attribute(pubkey, &rsakey, - CKA_MODULUS, modulus_len, B_TRUE)) != CKR_OK) { - goto clean3; + if ((rv = soft_genRSAkey_set_attribute(pubkey, CKA_MODULUS, + modulus, CRYPTO_BITS2BYTES(k.modulus_bits), B_TRUE)) != CKR_OK) { + goto clean0; } - if ((rv = soft_genRSAkey_set_attribute(prikey, &rsakey, - CKA_MODULUS, modulus_len, B_FALSE)) != CKR_OK) { - goto clean3; + if ((rv = soft_genRSAkey_set_attribute(prikey, CKA_MODULUS, + modulus, CRYPTO_BITS2BYTES(k.modulus_bits), B_FALSE)) != CKR_OK) { + goto clean0; } - if ((rv = soft_genRSAkey_set_attribute(prikey, &rsakey, - CKA_PRIVATE_EXPONENT, modulus_len, B_FALSE)) != CKR_OK) { - goto clean3; + if ((rv = soft_genRSAkey_set_attribute(prikey, CKA_PRIVATE_EXPONENT, + private_exponent, k.privexpo_bytes, B_FALSE)) != CKR_OK) { + goto clean0; } - if ((rv = soft_genRSAkey_set_attribute(prikey, &rsakey, - CKA_PUBLIC_EXPONENT, modulus_len, B_FALSE)) != CKR_OK) { - goto clean3; + if ((rv = soft_genRSAkey_set_attribute(prikey, CKA_PUBLIC_EXPONENT, + pub_expo, k.pubexpo_bytes, B_FALSE)) != CKR_OK) { + goto clean0; } - if ((rv = soft_genRSAkey_set_attribute(prikey, &rsakey, - CKA_PRIME_1, modulus_len, B_FALSE)) != CKR_OK) { - goto clean3; + if ((rv = soft_genRSAkey_set_attribute(prikey, CKA_PRIME_1, + prime1, k.prime1_bytes, B_FALSE)) != CKR_OK) { + goto clean0; } - if ((rv = soft_genRSAkey_set_attribute(prikey, &rsakey, - CKA_PRIME_2, modulus_len, B_FALSE)) != CKR_OK) { - goto clean3; + if ((rv = soft_genRSAkey_set_attribute(prikey, CKA_PRIME_2, + prime2, k.prime2_bytes, B_FALSE)) != CKR_OK) { + goto clean0; } - if ((rv = soft_genRSAkey_set_attribute(prikey, &rsakey, - CKA_EXPONENT_1, modulus_len, B_FALSE)) != CKR_OK) { - goto clean3; + if ((rv = soft_genRSAkey_set_attribute(prikey, CKA_EXPONENT_1, + exponent1, k.expo1_bytes, B_FALSE)) != CKR_OK) { + goto clean0; } - if ((rv = soft_genRSAkey_set_attribute(prikey, &rsakey, - CKA_EXPONENT_2, modulus_len, B_FALSE)) != CKR_OK) { - goto clean3; + if ((rv = soft_genRSAkey_set_attribute(prikey, CKA_EXPONENT_2, + exponent2, k.expo2_bytes, B_FALSE)) != CKR_OK) { + goto clean0; } - if ((rv = soft_genRSAkey_set_attribute(prikey, &rsakey, - CKA_COEFFICIENT, modulus_len, B_FALSE)) != CKR_OK) { - goto clean3; + if ((rv = soft_genRSAkey_set_attribute(prikey, CKA_COEFFICIENT, + coefficient, k.coeff_bytes, B_FALSE)) != CKR_OK) { + goto clean0; } -clean3: - RSA_key_finish(&rsakey); -clean2: - big_finish(&public_exponent); clean0: - free(template.pValue); - return (rv); } @@ -1509,9 +1216,9 @@ soft_rsa_verify_recover(soft_session_t *session_p, CK_BYTE_PTR pSignature, * Strip off the encoded padding bytes in front of the * recovered data. */ - int data_len = modulus_len; + size_t data_len = modulus_len; - rv = soft_verify_rsa_pkcs_decode(plain_data, &data_len); + rv = pkcs1_decode(PKCS1_VERIFY, plain_data, &data_len); if (rv != CKR_OK) { goto clean_exit; } |