diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-08-21 10:11:16 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-08-21 10:11:16 +0200 |
commit | 5543826bf1a2b550d8ce4fe116288178537ec902 (patch) | |
tree | 43ca3d1cdfad805709c24d69c40d1626c48ab6cc /ncr-sessions.c | |
parent | 88d38939bcf937e62b32f39d006d4e86ca89083c (diff) | |
download | cryptodev-linux-5543826bf1a2b550d8ce4fe116288178537ec902.tar.gz cryptodev-linux-5543826bf1a2b550d8ce4fe116288178537ec902.tar.xz cryptodev-linux-5543826bf1a2b550d8ce4fe116288178537ec902.zip |
Prevent usage of wrapping keys for anything else except wrapping.
Diffstat (limited to 'ncr-sessions.c')
-rw-r--r-- | ncr-sessions.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/ncr-sessions.c b/ncr-sessions.c index 2916729..0a48b23 100644 --- a/ncr-sessions.c +++ b/ncr-sessions.c @@ -250,6 +250,15 @@ static int _ncr_session_init(struct ncr_lists* lists, struct ncr_session_st* ses err(); goto fail; } + + /* wrapping keys cannot be used for encryption or decryption + */ + if (ns->key->flags & NCR_KEY_FLAG_WRAPPING) { + err(); + ret = -EINVAL; + goto fail; + } + if (ns->key->type == NCR_KEY_TYPE_SECRET) { int keysize = ns->key->key.secret.size; @@ -320,6 +329,14 @@ static int _ncr_session_init(struct ncr_lists* lists, struct ncr_session_st* ses goto fail; } + /* wrapping keys cannot be used for anything except wrapping. + */ + if (ns->key->flags & NCR_KEY_FLAG_WRAPPING) { + err(); + ret = -EINVAL; + goto fail; + } + if (ns->algorithm->is_hmac && ns->key->type == NCR_KEY_TYPE_SECRET) { if (ns->algorithm->kstr == NULL) { err(); |