diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-08-21 10:11:38 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-08-21 10:12:56 +0200 |
commit | 7b2f60fb851e7fe728ff80e5f9416b34ba47dde1 (patch) | |
tree | 07e9c00eb8a1fc1adf56d5602e670e0f908431ca /ncr-key.c | |
parent | 5543826bf1a2b550d8ce4fe116288178537ec902 (diff) | |
download | cryptodev-linux-7b2f60fb851e7fe728ff80e5f9416b34ba47dde1.tar.gz cryptodev-linux-7b2f60fb851e7fe728ff80e5f9416b34ba47dde1.tar.xz cryptodev-linux-7b2f60fb851e7fe728ff80e5f9416b34ba47dde1.zip |
export ncr_key_clear(). And disallow key derivation from wrapping keys.
Diffstat (limited to 'ncr-key.c')
-rw-r--r-- | ncr-key.c | 12 |
1 files changed, 9 insertions, 3 deletions
@@ -32,8 +32,6 @@ #include "ncr.h" #include "ncr-int.h" -static void ncr_key_clear(struct key_item_st* item); - static int key_list_deinit_fn(int id, void *item, void *unused) { (void)unused; @@ -413,7 +411,7 @@ fail: return ret; } -static void ncr_key_clear(struct key_item_st* item) +void ncr_key_clear(struct key_item_st* item) { /* clears any previously allocated parameters */ if (item->type == NCR_KEY_TYPE_PRIVATE || @@ -715,6 +713,14 @@ struct key_item_st* newkey = NULL; err(); return ret; } + + /* wrapping keys cannot be used for anything except wrapping. + */ + if (key->flags & NCR_KEY_FLAG_WRAPPING) { + err(); + ret = -EINVAL; + goto fail; + } ret = ncr_key_item_get_write( &newkey, lst, data.newkey); if (ret < 0) { |