Skip to content

Commit 5b9f2ee

Browse files
ruiliioruiliio
committed
Address review comments
1 parent 19127cc commit 5b9f2ee

File tree

3 files changed

+18
-19
lines changed

3 files changed

+18
-19
lines changed

src/lib/SoftHSM.cpp

Lines changed: 14 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -6793,7 +6793,7 @@ CK_RV SoftHSM::C_WrapKey
67936793
emphKey->destroyObject();
67946794
hEmphKey = CK_INVALID_HANDLE;
67956795

6796-
CK_MECHANISM oaepMech = {CKM_RSA_PKCS_OAEP, params->oaep_params, sizeof(CK_RSA_AES_KEY_WRAP_PARAMS)};
6796+
CK_MECHANISM oaepMech = {CKM_RSA_PKCS_OAEP, params->oaep_params, sizeof(CK_RSA_PKCS_OAEP_PARAMS)};
67976797

67986798
// Wraps the AES emph key with the wrapping RSA key using CKM_RSA_PKCS_OAEP with parameters of OAEPParams.
67996799
rv = SoftHSM::WrapKeyAsym(&oaepMech, token, wrapKey, emphkeydata, wrapped_1);
@@ -7242,17 +7242,23 @@ CK_RV SoftHSM::C_UnwrapKey
72427242
CK_OBJECT_HANDLE hEmphKey = CK_INVALID_HANDLE;
72437243
CK_RSA_AES_KEY_WRAP_PARAMS_PTR params = (CK_RSA_AES_KEY_WRAP_PARAMS_PTR)pMechanism->pParameter;
72447244
ByteString emphkeydata;
7245-
ByteString pubexp = unwrapKey->getByteStringValue(CKA_PUBLIC_EXPONENT);
7246-
ByteString modulus = unwrapKey->getByteStringValue(CKA_MODULUS);
7247-
CK_ULONG wrappedLen1 = modulus.size();
7245+
ByteString modulus;
7246+
ByteString modulusValue = unwrapKey->getByteStringValue(CKA_MODULUS);
7247+
72487248
if(isUnwrapKeyPrivate)
72497249
{
7250-
wrappedLen1 = modulus.size() - pubexp.size();
7250+
token->decrypt(modulusValue, modulus);
7251+
}
7252+
else
7253+
{
7254+
modulus = modulusValue;
72517255
}
7256+
7257+
CK_ULONG wrappedLen1 = modulus.size();
72527258
CK_ULONG wrappedLen2 = ulWrappedKeyLen - wrappedLen1;
72537259

72547260
ByteString wrapped_1(pWrappedKey, wrappedLen1); // the wrapped AES key
7255-
CK_MECHANISM oaepMech = {CKM_RSA_PKCS_OAEP, params->oaep_params, sizeof(CK_RSA_AES_KEY_WRAP_PARAMS)};
7261+
CK_MECHANISM oaepMech = {CKM_RSA_PKCS_OAEP, params->oaep_params, sizeof(CK_RSA_PKCS_OAEP_PARAMS)};
72567262

72577263
// Un-wraps the temporary AES key from the first part with the private RSA key using CKM_RSA_PKCS_OAEP.
72587264
rv = UnwrapKeyAsym(&oaepMech, wrapped_1, token, unwrapKey, emphkeydata);
@@ -13119,14 +13125,9 @@ CK_RV SoftHSM::MechParamCheckRSAAESKEYWRAP(CK_MECHANISM_PTR pMechanism)
1311913125
ERROR_MSG("oaep_params must be of type CK_RSA_PKCS_OAEP_PARAMS");
1312013126
return CKR_ARGUMENTS_BAD;
1312113127
}
13122-
if (params->oaep_params->hashAlg != CKM_SHA_1)
13123-
{
13124-
ERROR_MSG("hashAlg must be CKM_SHA_1");
13125-
return CKR_ARGUMENTS_BAD;
13126-
}
13127-
if (params->oaep_params->mgf != CKG_MGF1_SHA1)
13128+
if (params->oaep_params->mgf < 1UL || params->oaep_params->mgf > 5UL)
1312813129
{
13129-
ERROR_MSG("mgf must be CKG_MGF1_SHA1");
13130+
ERROR_MSG("mgf not supported");
1313013131
return CKR_ARGUMENTS_BAD;
1313113132
}
1313213133
if (params->oaep_params->source != CKZ_DATA_SPECIFIED)

src/lib/test/AsymWrapUnwrapTests.cpp

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -77,7 +77,6 @@ CK_RV AsymWrapUnwrapTests::generateRsaKeyPair(CK_SESSION_HANDLE hSession, CK_BBO
7777
CK_BYTE pubExp[] = {0x01, 0x00, 0x01};
7878
CK_BYTE subject[] = { 0x12, 0x34 }; // dummy
7979
CK_BYTE id[] = { 123 } ; // dummy
80-
// CK_BBOOL bFalse = CK_FALSE;
8180
CK_BBOOL bTrue = CK_TRUE;
8281
CK_ATTRIBUTE pukAttribs[] = {
8382
{ CKA_TOKEN, &bTokenPuk, sizeof(bTokenPuk) },
@@ -117,10 +116,7 @@ void AsymWrapUnwrapTests::rsaWrapUnwrapPvt(CK_SESSION_HANDLE hSession, CK_OBJECT
117116
CK_RV rv = CKR_OK;
118117
CK_MECHANISM_INFO mechInfo;
119118
CK_RSA_PKCS_OAEP_PARAMS oaepParams = { CKM_SHA_1, CKG_MGF1_SHA1, CKZ_DATA_SPECIFIED, NULL_PTR, 0 };
120-
CK_RSA_AES_KEY_WRAP_PARAMS rsa_aes_params = {
121-
.aes_key_bits = 256,
122-
.oaep_params = &oaepParams
123-
};
119+
CK_RSA_AES_KEY_WRAP_PARAMS rsa_aes_params = { 256, &oaepParams };
124120
CK_MECHANISM mechanism = {CKM_RSA_AES_KEY_WRAP, &rsa_aes_params, sizeof(rsa_aes_params)};
125121
CK_MECHANISM sv_mechanism = { CKM_RSA_PKCS, NULL_PTR, 0 };
126122
CK_BYTE data[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,0x0C, 0x0D, 0x0F };

src/lib/test/AsymWrapUnwrapTests.h

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,8 +49,10 @@ class AsymWrapUnwrapTests : public TestsBase
4949
protected:
5050
CK_RV generateAesKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE &hKey);
5151
CK_RV generateRsaKeyPair(CK_SESSION_HANDLE hSession, CK_BBOOL bTokenPuk, CK_BBOOL bPrivatePuk, CK_BBOOL bTokenPrk, CK_BBOOL bPrivatePrk, CK_OBJECT_HANDLE &hPuk, CK_OBJECT_HANDLE &hPrk);
52-
void rsaWrapUnwrapPvt(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hPublicKey, CK_OBJECT_HANDLE hPrivateKey);
5352
void rsaWrapUnwrap(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hPublicKey, CK_OBJECT_HANDLE hPrivateKey);
53+
54+
private:
55+
void rsaWrapUnwrapPvt(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hPublicKey, CK_OBJECT_HANDLE hPrivateKey);
5456
};
5557

5658
#endif // !_SOFTHSM_V2_ASYMWRAPUNWRAPTESTS_H

0 commit comments

Comments
 (0)