diff options
author | Rob Austein <sra@hactrn.net> | 2016-09-09 00:33:52 -0400 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2016-09-09 00:33:52 -0400 |
commit | b1214089088d0321142f64abf2c820da9561bba9 (patch) | |
tree | 05a86d0c7ab9339a2102e8328f13fadd9a31330a | |
parent | 97ee7df6092551774b4c112a0349a25e76a684f3 (diff) |
Simplify hal_rpc_pkey_find() by removing `type` argument.
Now that key names are UUIDs generated by the HSM, there's no real
need to specify type key type when looking up a key, and removing the
`type` argument allows a few simplifications of both the internal
keystore API and of client code calling the public RPC API.
-rw-r--r-- | hal.h | 1 | ||||
-rw-r--r-- | hal_internal.h | 1 | ||||
-rw-r--r-- | ks_flash.c | 14 | ||||
-rw-r--r-- | ks_volatile.c | 17 | ||||
-rw-r--r-- | rpc_api.c | 5 | ||||
-rw-r--r-- | rpc_client.c | 4 | ||||
-rw-r--r-- | rpc_pkey.c | 14 | ||||
-rw-r--r-- | rpc_server.c | 4 |
8 files changed, 25 insertions, 35 deletions
@@ -699,7 +699,6 @@ extern hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client, extern hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client, const hal_session_handle_t session, hal_pkey_handle_t *pkey, - const hal_key_type_t type, const hal_uuid_t * const name, const hal_key_flags_t flags); diff --git a/hal_internal.h b/hal_internal.h index dcf532f..59efbff 100644 --- a/hal_internal.h +++ b/hal_internal.h @@ -178,7 +178,6 @@ typedef struct { hal_error_t (*find)(const hal_client_handle_t client, const hal_session_handle_t session, hal_pkey_handle_t *pkey, - const hal_key_type_t type, const hal_uuid_t * const name, const hal_key_flags_t flags); @@ -291,13 +291,12 @@ static inline int acceptable_key_type(const hal_key_type_t type) } } -static inline hal_ks_key_t *find(const hal_key_type_t type, - const hal_uuid_t * const name) +static inline hal_ks_key_t *find(const hal_uuid_t * const name) { - assert(name != NULL && acceptable_key_type(type)); + assert(name != NULL); for (int i = 0; i < sizeof(db.keys)/sizeof(*db.keys); i++) - if (db.keys[i].in_use && db.keys[i].type == type && hal_uuid_cmp(&db.keys[i].name, name) == 0) + if (db.keys[i].in_use && hal_uuid_cmp(&db.keys[i].name, name) == 0) return &db.keys[i]; return NULL; @@ -310,11 +309,12 @@ static hal_error_t ks_fetch(hal_ks_t *ks, if (ks != &db.ks || slot == NULL || !acceptable_key_type(slot->type)) return HAL_ERROR_BAD_ARGUMENTS; - const hal_ks_key_t * const k = find(slot->type, &slot->name); + const hal_ks_key_t * const k = find(&slot->name); if (k == NULL) return HAL_ERROR_KEY_NOT_FOUND; + slot->type = k->type; slot->curve = k->curve; slot->flags = k->flags; @@ -384,7 +384,7 @@ static hal_error_t ks_store(hal_ks_t *ks, if (ks != &db.ks || slot == NULL || der == NULL || der_len == 0 || !acceptable_key_type(slot->type)) return HAL_ERROR_BAD_ARGUMENTS; - if (find(slot->type, &slot->name) != NULL) + if (find(&slot->name) != NULL) return HAL_ERROR_KEY_NAME_IN_USE; int loc = -1; @@ -482,7 +482,7 @@ static hal_error_t ks_delete(hal_ks_t *ks, if (ks != &db.ks || slot == NULL || !acceptable_key_type(slot->type)) return HAL_ERROR_BAD_ARGUMENTS; - hal_ks_key_t *k = find(slot->type, &slot->name); + hal_ks_key_t *k = find(&slot->name); if (k == NULL) return HAL_ERROR_KEY_NOT_FOUND; diff --git a/ks_volatile.c b/ks_volatile.c index 155ae04..d4f8ebd 100644 --- a/ks_volatile.c +++ b/ks_volatile.c @@ -176,14 +176,12 @@ static hal_error_t ks_store(hal_ks_t *ks, return HAL_OK; } -static hal_ks_key_t *find(ks_t *ksv, - const hal_key_type_t type, - const hal_uuid_t * const name) +static hal_ks_key_t *find(ks_t *ksv, const hal_uuid_t * const name) { - assert(ksv != NULL && name != NULL && acceptable_key_type(type)); + assert(ksv != NULL && name != NULL); for (int i = 0; i < sizeof(ksv->db->keys)/sizeof(*ksv->db->keys); i++) - if (ksv->db->keys[i].in_use && ksv->db->keys[i].type == type && hal_uuid_cmp(&ksv->db->keys[i].name, name) == 0) + if (ksv->db->keys[i].in_use && hal_uuid_cmp(&ksv->db->keys[i].name, name) == 0) return &ksv->db->keys[i]; return NULL; @@ -193,7 +191,7 @@ static hal_error_t ks_fetch(hal_ks_t *ks, hal_pkey_slot_t *slot, uint8_t *der, size_t *der_len, const size_t der_max) { - if (ks == NULL || slot == NULL || !acceptable_key_type(slot->type)) + if (ks == NULL || slot == NULL) return HAL_ERROR_BAD_ARGUMENTS; ks_t *ksv = ks_to_ksv(ks); @@ -201,11 +199,12 @@ static hal_error_t ks_fetch(hal_ks_t *ks, if (ksv->db == NULL) return HAL_ERROR_KEYSTORE_ACCESS; - const hal_ks_key_t * const k = find(ksv, slot->type, &slot->name); + const hal_ks_key_t * const k = find(ksv, &slot->name); if (k == NULL) return HAL_ERROR_KEY_NOT_FOUND; + slot->type = k->type; slot->curve = k->curve; slot->flags = k->flags; @@ -238,7 +237,7 @@ static hal_error_t ks_fetch(hal_ks_t *ks, static hal_error_t ks_delete(hal_ks_t *ks, const hal_pkey_slot_t * const slot) { - if (ks == NULL || slot == NULL || !acceptable_key_type(slot->type)) + if (ks == NULL || slot == NULL) return HAL_ERROR_BAD_ARGUMENTS; ks_t *ksv = ks_to_ksv(ks); @@ -246,7 +245,7 @@ static hal_error_t ks_delete(hal_ks_t *ks, if (ksv->db == NULL) return HAL_ERROR_KEYSTORE_ACCESS; - hal_ks_key_t *k = find(ksv, slot->type, &slot->name); + hal_ks_key_t *k = find(ksv, &slot->name); if (k == NULL) return HAL_ERROR_KEY_NOT_FOUND; @@ -230,13 +230,12 @@ hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client, hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client, const hal_session_handle_t session, hal_pkey_handle_t *pkey, - const hal_key_type_t type, const hal_uuid_t * const name, const hal_key_flags_t flags) { - if (pkey == NULL || name == NULL || !check_pkey_type(type)) + if (pkey == NULL || name == NULL) return HAL_ERROR_BAD_ARGUMENTS; - return hal_rpc_pkey_dispatch->find(client, session, pkey, type, name, flags); + return hal_rpc_pkey_dispatch->find(client, session, pkey, name, flags); } hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client, diff --git a/rpc_client.c b/rpc_client.c index 14ef23b..b4184d4 100644 --- a/rpc_client.c +++ b/rpc_client.c @@ -447,11 +447,10 @@ static hal_error_t pkey_remote_load(const hal_client_handle_t client, static hal_error_t pkey_remote_find(const hal_client_handle_t client, const hal_session_handle_t session, hal_pkey_handle_t *pkey, - const hal_key_type_t type, const hal_uuid_t * const name, const hal_key_flags_t flags) { - uint8_t outbuf[nargs(6) + pad(sizeof(name->uuid))], *optr = outbuf, *olimit = outbuf + sizeof(outbuf); + uint8_t outbuf[nargs(5) + pad(sizeof(name->uuid))], *optr = outbuf, *olimit = outbuf + sizeof(outbuf); uint8_t inbuf[nargs(4)]; const uint8_t *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf); hal_error_t rpc_ret; @@ -459,7 +458,6 @@ static hal_error_t pkey_remote_find(const hal_client_handle_t client, check(hal_xdr_encode_int(&optr, olimit, RPC_FUNC_PKEY_FIND)); check(hal_xdr_encode_int(&optr, olimit, client.handle)); check(hal_xdr_encode_int(&optr, olimit, session.handle)); - check(hal_xdr_encode_int(&optr, olimit, type)); check(hal_xdr_encode_buffer(&optr, olimit, name->uuid, sizeof(name->uuid))); check(hal_xdr_encode_int(&optr, olimit, flags)); check(hal_rpc_send(outbuf, optr - outbuf)); @@ -191,9 +191,9 @@ static hal_error_t pkey_local_load(const hal_client_handle_t client, if ((err = hal_uuid_gen(&slot->name)) != HAL_OK) return err; - slot->client_handle = client; + slot->client_handle = client; slot->session_handle = session; - slot->type = type; + slot->type = type; slot->curve = curve; slot->flags = flags; @@ -220,7 +220,6 @@ static hal_error_t pkey_local_load(const hal_client_handle_t client, static hal_error_t pkey_local_find(const hal_client_handle_t client, const hal_session_handle_t session, hal_pkey_handle_t *pkey, - const hal_key_type_t type, const hal_uuid_t * const name, const hal_key_flags_t flags) { @@ -236,7 +235,6 @@ static hal_error_t pkey_local_find(const hal_client_handle_t client, slot->name = *name; slot->client_handle = client; slot->session_handle = session; - slot->type = type; if ((err = ks_open_from_flags(&ks, flags)) == HAL_OK && (err = hal_ks_fetch(ks, slot, NULL, NULL, 0)) == HAL_OK) @@ -279,9 +277,9 @@ static hal_error_t pkey_local_generate_rsa(const hal_client_handle_t client, if ((err = hal_uuid_gen(&slot->name)) != HAL_OK) return err; - slot->client_handle = client; + slot->client_handle = client; slot->session_handle = session; - slot->type = HAL_KEY_TYPE_RSA_PRIVATE; + slot->type = HAL_KEY_TYPE_RSA_PRIVATE; slot->curve = HAL_CURVE_NONE; slot->flags = flags; @@ -340,9 +338,9 @@ static hal_error_t pkey_local_generate_ec(const hal_client_handle_t client, if ((err = hal_uuid_gen(&slot->name)) != HAL_OK) return err; - slot->client_handle = client; + slot->client_handle = client; slot->session_handle = session; - slot->type = HAL_KEY_TYPE_EC_PRIVATE; + slot->type = HAL_KEY_TYPE_EC_PRIVATE; slot->curve = curve; slot->flags = flags; diff --git a/rpc_server.c b/rpc_server.c index 9694ab8..9397d3e 100644 --- a/rpc_server.c +++ b/rpc_server.c @@ -354,7 +354,6 @@ static hal_error_t pkey_find(const uint8_t **iptr, const uint8_t * const ilimit, hal_client_handle_t client; hal_session_handle_t session; hal_pkey_handle_t pkey; - uint32_t type; const uint8_t *name_ptr; uint32_t name_len; hal_key_flags_t flags; @@ -362,7 +361,6 @@ static hal_error_t pkey_find(const uint8_t **iptr, const uint8_t * const ilimit, check(hal_xdr_decode_int(iptr, ilimit, &client.handle)); check(hal_xdr_decode_int(iptr, ilimit, &session.handle)); - check(hal_xdr_decode_int(iptr, ilimit, &type)); check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &name_ptr, &name_len)); check(hal_xdr_decode_int(iptr, ilimit, &flags)); @@ -370,7 +368,7 @@ static hal_error_t pkey_find(const uint8_t **iptr, const uint8_t * const ilimit, return HAL_ERROR_KEY_NAME_TOO_LONG; /* call the local function */ - ret = hal_rpc_local_pkey_dispatch.find(client, session, &pkey, type, (const hal_uuid_t *) name_ptr, flags); + ret = hal_rpc_local_pkey_dispatch.find(client, session, &pkey, (const hal_uuid_t *) name_ptr, flags); if (ret == HAL_OK) check(hal_xdr_encode_int(optr, olimit, pkey.handle)); |