diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-08-26 16:08:47 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-08-26 16:08:47 +0200 |
commit | 1f30d575e5b413e522d6b3e95d3e348df9e9c69e (patch) | |
tree | 39a3f5c118e75d45ce587a3c4e9486eef511cfd0 | |
parent | 3b521fbc223cafd360def97841544d34d7396dc2 (diff) | |
download | cryptodev-linux-1f30d575e5b413e522d6b3e95d3e348df9e9c69e.tar.gz cryptodev-linux-1f30d575e5b413e522d6b3e95d3e348df9e9c69e.tar.xz cryptodev-linux-1f30d575e5b413e522d6b3e95d3e348df9e9c69e.zip |
Unwrapping keys are restricted the same way as wrapping keys.
-rw-r--r-- | ncr-key.c | 2 | ||||
-rw-r--r-- | ncr-sessions.c | 4 |
2 files changed, 3 insertions, 3 deletions
@@ -723,7 +723,7 @@ struct key_item_st* newkey = NULL; /* wrapping keys cannot be used for anything except wrapping. */ - if (key->flags & NCR_KEY_FLAG_WRAPPING) { + if (key->flags & NCR_KEY_FLAG_WRAPPING || key->flags & NCR_KEY_FLAG_UNWRAPPING) { err(); ret = -EINVAL; goto fail; diff --git a/ncr-sessions.c b/ncr-sessions.c index 0a48b23..e0f8b7b 100644 --- a/ncr-sessions.c +++ b/ncr-sessions.c @@ -253,7 +253,7 @@ static int _ncr_session_init(struct ncr_lists* lists, struct ncr_session_st* ses /* wrapping keys cannot be used for encryption or decryption */ - if (ns->key->flags & NCR_KEY_FLAG_WRAPPING) { + if (ns->key->flags & NCR_KEY_FLAG_WRAPPING || ns->key->flags & NCR_KEY_FLAG_UNWRAPPING) { err(); ret = -EINVAL; goto fail; @@ -331,7 +331,7 @@ static int _ncr_session_init(struct ncr_lists* lists, struct ncr_session_st* ses /* wrapping keys cannot be used for anything except wrapping. */ - if (ns->key->flags & NCR_KEY_FLAG_WRAPPING) { + if (ns->key->flags & NCR_KEY_FLAG_WRAPPING || ns->key->flags & NCR_KEY_FLAG_UNWRAPPING) { err(); ret = -EINVAL; goto fail; |