diff options
Diffstat (limited to 'lib/ncrypto_local.c')
-rw-r--r-- | lib/ncrypto_local.c | 16 |
1 files changed, 3 insertions, 13 deletions
diff --git a/lib/ncrypto_local.c b/lib/ncrypto_local.c index 1e88d2a..da1ccab 100644 --- a/lib/ncrypto_local.c +++ b/lib/ncrypto_local.c @@ -466,7 +466,6 @@ struct ncr_symm_cipher_session { EVP_CIPHER_CTX ctx; CK_MECHANISM_TYPE mech; - size_t padding_size; /* Additional space to reserve for padding */ bool encrypting; /* Debugging only */ enum { NSCS_NEW, NSCS_INITIALIZED, NSCS_UPDATED, NSCS_FINISHED } state; @@ -508,7 +507,6 @@ symm_cipher_init (struct ncr_symm_cipher_session *sess, bool encrypt, size_t param_size) { const EVP_CIPHER *type; - bool padding; g_return_val_if_fail (sess != NULL, CKR_SESSION_HANDLE_INVALID); g_return_val_if_fail (sess->state == NSCS_NEW || sess->state == NSCS_FINISHED, @@ -536,15 +534,12 @@ symm_cipher_init (struct ncr_symm_cipher_session *sess, bool encrypt, g_return_val_if_fail (key->type == CKK_AES, CKR_KEY_TYPE_INCONSISTENT); g_return_val_if_fail (param_size == 0, CKR_MECHANISM_PARAM_INVALID); AES_SWITCH (ecb); - padding = false; break; case CKM_AES_CBC: - case CKM_AES_CBC_PAD: g_return_val_if_fail (key->type == CKK_AES, CKR_KEY_TYPE_INCONSISTENT); g_return_val_if_fail (param_size == 16, CKR_MECHANISM_PARAM_INVALID); AES_SWITCH (cbc); - padding = sess->mech == CKM_AES_CBC_PAD; break; #undef AES_ENTRY @@ -553,16 +548,13 @@ symm_cipher_init (struct ncr_symm_cipher_session *sess, bool encrypt, g_return_val_if_fail (key->size == 24, CKR_KEY_SIZE_RANGE); g_return_val_if_fail (param_size == 0, CKR_MECHANISM_PARAM_INVALID); type = EVP_des_ede3 (); - padding = false; break; case CKM_DES3_CBC: - case CKM_DES3_CBC_PAD: g_return_val_if_fail (key->type == CKK_DES3, CKR_KEY_TYPE_INCONSISTENT); g_return_val_if_fail (key->size == 24, CKR_KEY_SIZE_RANGE); g_return_val_if_fail (param_size == 8, CKR_MECHANISM_PARAM_INVALID); type = EVP_des_ede3_cbc (); - padding = sess->mech == CKM_DES3_CBC_PAD; break; default: @@ -572,10 +564,9 @@ symm_cipher_init (struct ncr_symm_cipher_session *sess, bool encrypt, if (EVP_CipherInit_ex (&sess->ctx, type, NULL, key->value, param_size != 0 ? param : NULL, encrypt ? 1 : 0) == 0) return ckr_openssl (); - if (!padding && EVP_CIPHER_CTX_set_padding (&sess->ctx, 0) == 0) + if (EVP_CIPHER_CTX_set_padding (&sess->ctx, 0) == 0) return ckr_openssl (); - sess->padding_size = padding ? EVP_CIPHER_block_size (type) : 0; sess->encrypting = encrypt; sess->state = NSCS_INITIALIZED; return CKR_OK; @@ -598,7 +589,7 @@ symm_cipher_update (struct ncr_symm_cipher_session *sess, bool encrypt, if (dest == NULL) { - *dest_size_ptr = src_size + sess->padding_size; + *dest_size_ptr = src_size; return CKR_OK; } if (*dest_size_ptr < src_size) /* FIXME? this does not handle partial data */ @@ -634,10 +625,9 @@ do_symm_cipher_update_final (struct ncr_symm_cipher_session *sess, if (dest == NULL) { - *dest_size_ptr = src_size + sess->padding_size; + *dest_size_ptr = src_size; return CKR_OK; } - /* FIXME? this does not handle partial data or padding. */ if (*dest_size_ptr < src_size) { *dest_size_ptr = src_size; |