yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-08 10:09:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

PKCS11: Parametrize buffers

Browse source 
Change magic numbers to more descriptive names
This commit is contained in:
Andrzej Kurek 2018-02-19 04:03:11 -05:00
parent 7e19f77745
commit 33f566541c
2 changed files with 8 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
library/pkcs11_client.c
View file

@ -368,7 +368,7 @@ int mbedtls_pk_setup_pkcs11( mbedtls_pk_context *ctx,
case CKK_ECDSA: case CKK_ECDSA:
can_do = MBEDTLS_PK_ECKEY; can_do = MBEDTLS_PK_ECKEY;
{ {
unsigned char ecParams[16]; unsigned char ecParams[MBEDTLS_OID_EC_GRP_MAX_SIZE];
mbedtls_asn1_buf params_asn1; mbedtls_asn1_buf params_asn1;
mbedtls_ecp_group_id grp_id; mbedtls_ecp_group_id grp_id;
const mbedtls_ecp_curve_info *curve_info; const mbedtls_ecp_curve_info *curve_info;

15
tests/suites/test_suite_pkcs11_client.function
View file

@ -110,8 +110,7 @@ static CK_RV pkcs11_generate_key( mbedtls_pk_type_t key_type,
{CKA_DECRYPT, &ck_true, sizeof( ck_true )}, {CKA_DECRYPT, &ck_true, sizeof( ck_true )},
{CKA_SIGN, &ck_true, sizeof( ck_true )}, {CKA_SIGN, &ck_true, sizeof( ck_true )},
}; };
CK_ULONG ck_rsa_key_size = RSA_KEY_SIZE_BITS; unsigned char ecParams[MBEDTLS_OID_EC_GRP_MAX_SIZE];
unsigned char ecParams[16];
size_t ecParams_length; size_t ecParams_length;
switch( key_type ) switch( key_type )
@ -201,8 +200,8 @@ void pk_generate_sign( int key_type )
#if defined(MBEDTLS_ECDSA_C) #if defined(MBEDTLS_ECDSA_C)
case MBEDTLS_PK_ECDSA: case MBEDTLS_PK_ECDSA:
{ {
unsigned char ecParams[16]; unsigned char ecParams[MBEDTLS_OID_EC_GRP_MAX_SIZE];
unsigned char ecPoint[128]; unsigned char ecPoint[MBEDTLS_ECP_MAX_PT_LEN];
CK_ATTRIBUTE public_attributes[] = { CK_ATTRIBUTE public_attributes[] = {
{CKA_EC_PARAMS, ecParams, sizeof( ecParams )}, {CKA_EC_PARAMS, ecParams, sizeof( ecParams )},
{CKA_EC_POINT, ecPoint, sizeof( ecPoint )}, {CKA_EC_POINT, ecPoint, sizeof( ecPoint )},
@ -246,7 +245,7 @@ void pk_generate_sign( int key_type )
break; break;
} }
/* Sign with the token and verify in software */ /* Sign with cryptoki and verify with mbed TLS */
TEST_ASSERT( mbedtls_pk_sign( &pkcs11_ctx, MBEDTLS_MD_SHA256, TEST_ASSERT( mbedtls_pk_sign( &pkcs11_ctx, MBEDTLS_MD_SHA256,
hash_value, 32, hash_value, 32,
sig_buffer, &sig_length, sig_buffer, &sig_length,
@ -276,7 +275,7 @@ void pk_import_sign( char *file )
CK_OBJECT_HANDLE hPublicKey = CK_INVALID_HANDLE; CK_OBJECT_HANDLE hPublicKey = CK_INVALID_HANDLE;
CK_OBJECT_HANDLE hPrivateKey = CK_INVALID_HANDLE; CK_OBJECT_HANDLE hPrivateKey = CK_INVALID_HANDLE;
unsigned char hash_value[32] = "Fake hash, it doesn't matter...."; unsigned char hash_value[32] = "Fake hash, it doesn't matter....";
unsigned char sig_buffer[4096]; unsigned char sig_buffer[MBEDTLS_MPI_MAX_SIZE];
size_t sig_length = sizeof( sig_buffer ); size_t sig_length = sizeof( sig_buffer );
mbedtls_pk_init( &pkcs11_ctx ); mbedtls_pk_init( &pkcs11_ctx );
@ -336,7 +335,7 @@ void pk_import_sign_verify( char *file )
CK_OBJECT_HANDLE hPublicKey = CK_INVALID_HANDLE; CK_OBJECT_HANDLE hPublicKey = CK_INVALID_HANDLE;
CK_OBJECT_HANDLE hPrivateKey = CK_INVALID_HANDLE; CK_OBJECT_HANDLE hPrivateKey = CK_INVALID_HANDLE;
unsigned char hash_value[32] = "Fake hash, it doesn't matter...."; unsigned char hash_value[32] = "Fake hash, it doesn't matter....";
unsigned char sig_buffer[4096]; unsigned char sig_buffer[MBEDTLS_MPI_MAX_SIZE];
size_t sig_length = sizeof( sig_buffer ); size_t sig_length = sizeof( sig_buffer );
mbedtls_pk_init( &pkcs11_ctx ); mbedtls_pk_init( &pkcs11_ctx );
@ -395,7 +394,7 @@ void pk_import_verify_signed( char *file )
CK_OBJECT_HANDLE hPublicKey = CK_INVALID_HANDLE; CK_OBJECT_HANDLE hPublicKey = CK_INVALID_HANDLE;
CK_OBJECT_HANDLE hPrivateKey = CK_INVALID_HANDLE; CK_OBJECT_HANDLE hPrivateKey = CK_INVALID_HANDLE;
unsigned char hash_value[32] = "Fake hash, it doesn't matter...."; unsigned char hash_value[32] = "Fake hash, it doesn't matter....";
unsigned char sig_buffer[4096]; unsigned char sig_buffer[MBEDTLS_MPI_MAX_SIZE];
size_t sig_length = sizeof( sig_buffer ); size_t sig_length = sizeof( sig_buffer );
mbedtls_pk_init( &pkcs11_ctx ); mbedtls_pk_init( &pkcs11_ctx );