diff options
-rw-r--r-- | ncr-key-storage.c | 8 | ||||
-rw-r--r-- | ncr-key.c | 19 | ||||
-rw-r--r-- | ncr-pk.c | 15 | ||||
-rw-r--r-- | ncr-sessions.c | 4 | ||||
-rw-r--r-- | ncr_int.h | 3 |
5 files changed, 34 insertions, 15 deletions
diff --git a/ncr-key-storage.c b/ncr-key-storage.c index 69e1c50..90d3f74 100644 --- a/ncr-key-storage.c +++ b/ncr-key-storage.c @@ -52,7 +52,7 @@ int key_to_storage_data( uint8_t** sdata, size_t * sdata_size, const struct key_ pkey->type = key->type; pkey->flags = key->flags; - pkey->algorithm = key->algorithm; + pkey->algorithm = key->algorithm->algo; pkey->key_id_size = key->key_id_size; memcpy(pkey->key_id, key->key_id, key->key_id_size); @@ -95,7 +95,11 @@ int key_from_storage_data(struct key_item_st* key, const void* data, size_t data key->type = pkey->type; key->flags = pkey->flags; - key->algorithm = pkey->algorithm; + key->algorithm = _ncr_algo_to_properties(pkey->algorithm); + if (key->algorithm == NULL) { + err(); + return -EINVAL; + } key->key_id_size = pkey->key_id_size; memcpy(key->key_id, pkey->key_id, pkey->key_id_size); @@ -337,7 +337,12 @@ int ret; } item->type = data.type; - item->algorithm = data.algorithm; + item->algorithm = _ncr_algo_to_properties(data.algorithm); + if (item->algorithm == NULL) { + err(); + ret = -EINVAL; + goto fail; + } item->flags = data.flags; /* if data cannot be exported then the flags above * should be overriden */ @@ -434,7 +439,8 @@ size_t size; item->flags = gen.params.keyflags; item->type = ncr_algorithm_to_key_type(gen.params.algorithm); if (item->type == NCR_KEY_TYPE_SECRET) { - item->algorithm = /* arbitrary */ NCR_ALG_AES_CBC; + /* arbitrary */ + item->algorithm = _ncr_algo_to_properties(NCR_ALG_AES_CBC); size = gen.params.params.secret.bits/8; if ((gen.params.params.secret.bits % 8 != 0) || @@ -485,7 +491,7 @@ int ret; info.flags = item->flags; info.type = item->type; - info.algorithm = item->algorithm; + info.algorithm = item->algorithm->algo; _ncr_key_item_put( item); @@ -523,7 +529,12 @@ int ret; private->flags = public->flags = gen.params.keyflags; public->type = ncr_algorithm_to_key_type(gen.params.algorithm); private->type = NCR_KEY_TYPE_PRIVATE; - private->algorithm = public->algorithm = gen.params.algorithm; + private->algorithm = public->algorithm = _ncr_algo_to_properties(gen.params.algorithm); + if (private->algorithm == NULL) { + err(); + ret = -EINVAL; + goto fail; + } public->flags |= (NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE); if (public->type == NCR_KEY_TYPE_PUBLIC) { @@ -45,7 +45,9 @@ static int tomerr(int err) void ncr_pk_clear(struct key_item_st* key) { - switch(key->algorithm) { + if (key->algorithm == NULL) + return; + switch(key->algorithm->algo) { case NCR_ALG_RSA: rsa_free(&key->key.pk.rsa); break; @@ -71,7 +73,7 @@ static int ncr_pk_make_public_and_id( struct key_item_st * private, struct key_i return -ENOMEM; } - switch(private->algorithm) { + switch(private->algorithm->algo) { case NCR_ALG_RSA: cret = rsa_export(tmp, &max_size, PK_PUBLIC, &private->key.pk.rsa); if (cret != CRYPT_OK) { @@ -135,7 +137,7 @@ int ncr_pk_pack( const struct key_item_st * key, uint8_t * packed, uint32_t * pa return -EINVAL; } - switch(key->algorithm) { + switch(key->algorithm->algo) { case NCR_ALG_RSA: cret = rsa_export(packed, &max_size, key->key.pk.rsa.type, (void*)&key->key.pk.rsa); if (cret != CRYPT_OK) { @@ -170,7 +172,7 @@ int ncr_pk_unpack( struct key_item_st * key, const void * packed, size_t packed_ return -EINVAL; } - switch(key->algorithm) { + switch(key->algorithm->algo) { case NCR_ALG_RSA: cret = rsa_import(packed, packed_size, (void*)&key->key.pk.rsa); if (cret != CRYPT_OK) { @@ -253,7 +255,8 @@ int ncr_pk_generate(ncr_algorithm_t algo, int ret; struct keygen_st st; - private->algorithm = public->algorithm = algo; + private->algorithm = public->algorithm = _ncr_algo_to_properties(algo); + BUG_ON(private->algorithm == NULL); st.algo = algo; st.private = private; @@ -334,7 +337,7 @@ int ret; memset(ctx, 0, sizeof(*ctx)); - if (key->algorithm != algo) { + if (key->algorithm->algo != algo) { err(); return -EINVAL; } diff --git a/ncr-sessions.c b/ncr-sessions.c index 05247b3..e3fe411 100644 --- a/ncr-sessions.c +++ b/ncr-sessions.c @@ -163,7 +163,7 @@ static const struct algo_properties_st algo_properties[] = { }; -static const struct algo_properties_st *_ncr_algo_to_properties(ncr_algorithm_t algo) +const struct algo_properties_st *_ncr_algo_to_properties(ncr_algorithm_t algo) { ncr_algorithm_t a; int i = 0; @@ -367,7 +367,7 @@ static int _ncr_session_init(struct ncr_lists* lists, struct ncr_session_st* ses } } else if (ns->key->type == NCR_KEY_TYPE_PRIVATE || ns->key->type == NCR_KEY_TYPE_PUBLIC) { - ret = ncr_key_params_get_sign_hash(ns->key->algorithm, &session->params); + ret = ncr_key_params_get_sign_hash(ns->key->algorithm->algo, &session->params); if (ret < 0) { err(); return ret; @@ -68,7 +68,7 @@ struct key_item_st { */ ncr_key_type_t type; unsigned int flags; - ncr_algorithm_t algorithm; /* valid for public/private keys */ + const struct algo_properties_st *algorithm; /* non-NULL for public/private keys */ uint8_t key_id[MAX_KEY_ID_SIZE]; size_t key_id_size; @@ -203,6 +203,7 @@ inline static unsigned int data_flags_to_key(unsigned int data_flags) return flags; } +const struct algo_properties_st *_ncr_algo_to_properties(ncr_algorithm_t algo); const char* _ncr_algo_to_str(ncr_algorithm_t algo); int _ncr_algo_digest_size(ncr_algorithm_t algo); int ncr_key_params_get_sign_hash(ncr_algorithm_t algo, struct ncr_key_params_st * params); |