2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
|
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
|
-
+
+
+
|
identity->pcsc_identity->keysize = x509_to_keysize(identity->pcsc_identity->certificate, identity->pcsc_identity->certificate_len);
}
/* Pad message to key size */
if (padInput) {
if (identity->pcsc_identity->keysize > 0) {
if (buflen != identity->pcsc_identity->keysize) {
if (buflen > (identity->pcsc_identity->keysize + 3)) {
if (buflen > (identity->pcsc_identity->keysize - 3)) {
CACKEY_DEBUG_PRINTF("Error. Message is too large to sign/decrypt");
return(-1);
}
tmpbuflen = identity->pcsc_identity->keysize;
tmpbuf = malloc(tmpbuflen);
free_tmpbuf = 1;
padlen = tmpbuflen - buflen - 3;
CACKEY_DEBUG_PRINTF("Need to pad the buffer with %llu bytes (tmpbuflen = %llu, buflen = %llu)", (unsigned long long) padlen, (unsigned long long) tmpbuflen, (unsigned long long) buflen);
/* RSA PKCS#1 EMSA-PKCS1-v1_5 Padding */
tmpbuf[0] = 0x00;
tmpbuf[1] = 0x01;
memset(&tmpbuf[2], 0xFF, padlen);
tmpbuf[padlen + 2]= 0x00;
memcpy(&tmpbuf[padlen + 3], buf, buflen);
|
7185
7186
7187
7188
7189
7190
7191
7192
7193
7194
7195
7196
7197
7198
|
7187
7188
7189
7190
7191
7192
7193
7194
7195
7196
7197
7198
7199
7200
7201
7202
|
+
+
|
CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);
return(CKR_OK);
}
CK_DEFINE_FUNCTION(CK_RV, C_SignUpdate)(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_ULONG ulPartLen) {
int mutex_retval;
int resizeRetry;
int needResize;
CACKEY_DEBUG_PRINTF("Called.");
if (!cackey_initialized) {
CACKEY_DEBUG_PRINTF("Error. Not initialized.");
return(CKR_CRYPTOKI_NOT_INITIALIZED);
|
7245
7246
7247
7248
7249
7250
7251
7252
7253
7254
7255
7256
7257
7258
7259
7260
7261
7262
7263
|
7249
7250
7251
7252
7253
7254
7255
7256
7257
7258
7259
7260
7261
7262
7263
7264
7265
7266
7267
7268
7269
7270
7271
7272
7273
7274
7275
7276
7277
7278
7279
7280
7281
7282
7283
7284
7285
7286
7287
7288
7289
7290
7291
7292
7293
7294
7295
|
+
+
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
|
return(CKR_OPERATION_NOT_INITIALIZED);
}
switch (cackey_sessions[hSession].sign_mechanism) {
case CKM_RSA_PKCS:
/* Accumulate directly */
for (resizeRetry = 0; resizeRetry < 11; resizeRetry++) {
needResize = 0;
if ((cackey_sessions[hSession].sign_bufused + ulPartLen) > cackey_sessions[hSession].sign_buflen) {
if ((cackey_sessions[hSession].sign_bufused + ulPartLen) > cackey_sessions[hSession].sign_buflen) {
needResize = 1;
}
if (!needResize) {
break;
}
CACKEY_DEBUG_PRINTF("Resizing signing buffer (try #%i of 10 -- 11th is fatal)", resizeRetry);
if (resizeRetry == 10) {
free(cackey_sessions[hSession].sign_buf);
cackey_sessions[hSession].sign_buflen = 0;
cackey_sessions[hSession].sign_buf = NULL;
break;
}
cackey_sessions[hSession].sign_buflen *= 2;
cackey_sessions[hSession].sign_buf = realloc(cackey_sessions[hSession].sign_buf, sizeof(*cackey_sessions[hSession].sign_buf) * cackey_sessions[hSession].sign_buflen);
}
if (cackey_sessions[hSession].sign_buf == NULL) {
cackey_mutex_unlock(cackey_biglock);
CACKEY_DEBUG_PRINTF("Error. Signing buffer is NULL.");
return(CKR_GENERAL_ERROR);
}
memcpy(cackey_sessions[hSession].sign_buf + cackey_sessions[hSession].sign_bufused, pPart, ulPartLen);
cackey_sessions[hSession].sign_bufused += ulPartLen;
break;
}
|