diff options
| author | Rob Austein <sra@hactrn.net> | 2016-05-15 20:49:18 -0400 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2016-05-15 20:49:18 -0400 |
| commit | 0690aa3d48966a4b151a468fd3a0a65bb99de439 (patch) | |
| tree | e88db7d7d677ea48d9bb3dbd57acc514785a44f7 /rpc_api.c | |
| parent | 53b0dd22287e07ca32184c27b7ec0d75d358bde4 (diff) | |
Add hal_rpc_pkey_rename(); allow null string as (temporary) key name.
Temporary nature of null string as key name is not enforced by the
keystore code, it's just a convention to allow callers to generate a
keypair, obtain the public key, hash that to a Subject Key Identifier
(SKI), and rename the key using the SKI as the new name.
This is a compromise to let us use SKI-based key names in PKCS #11
while keeping the keystore code simple.
Diffstat (limited to 'rpc_api.c')
| -rw-r--r-- | rpc_api.c | 28 |
1 files changed, 22 insertions, 6 deletions
@@ -199,11 +199,11 @@ hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client, const uint8_t * const der, const size_t der_len, const hal_key_flags_t flags) { - if (pkey == NULL || - name == NULL || name_len == 0 || - der == NULL || der_len == 0 || + if (pkey == NULL || name == NULL || der == NULL || der_len == 0 || !check_pkey_type_curve_flags(type, curve, flags)) return HAL_ERROR_BAD_ARGUMENTS; + if (name_len > HAL_RPC_PKEY_NAME_MAX) + return HAL_ERROR_KEY_NAME_TOO_LONG; return hal_rpc_pkey_dispatch->load(client, session, pkey, type, curve, name, name_len, der, der_len, flags); } @@ -214,8 +214,10 @@ hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client, const uint8_t * const name, const size_t name_len, const hal_key_flags_t flags) { - if (pkey == NULL || name == NULL || name_len == 0 || !check_pkey_type(type)) + if (pkey == NULL || name == NULL || !check_pkey_type(type)) return HAL_ERROR_BAD_ARGUMENTS; + if (name_len > HAL_RPC_PKEY_NAME_MAX) + return HAL_ERROR_KEY_NAME_TOO_LONG; return hal_rpc_pkey_dispatch->find(client, session, pkey, type, name, name_len, flags); } @@ -227,9 +229,11 @@ hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client, const uint8_t * const exp, const size_t exp_len, const hal_key_flags_t flags) { - if (pkey == NULL || name == NULL || name_len == 0 || key_len == 0 || (key_len & 7) != 0 || + if (pkey == NULL || name == NULL || key_len == 0 || (key_len & 7) != 0 || exp == NULL || exp_len == 0 || !check_pkey_flags(flags)) return HAL_ERROR_BAD_ARGUMENTS; + if (name_len > HAL_RPC_PKEY_NAME_MAX) + return HAL_ERROR_KEY_NAME_TOO_LONG; return hal_rpc_pkey_dispatch->generate_rsa(client, session, pkey, name, name_len, key_len, exp, exp_len, flags); } @@ -240,9 +244,11 @@ hal_error_t hal_rpc_pkey_generate_ec(const hal_client_handle_t client, const hal_curve_name_t curve, const hal_key_flags_t flags) { - if (pkey == NULL || name == NULL || name_len == 0 || + if (pkey == NULL || name == NULL || !check_pkey_type_curve_flags(HAL_KEY_TYPE_EC_PRIVATE, curve, flags)) return HAL_ERROR_BAD_ARGUMENTS; + if (name_len > HAL_RPC_PKEY_NAME_MAX) + return HAL_ERROR_KEY_NAME_TOO_LONG; return hal_rpc_pkey_dispatch->generate_ec(client, session, pkey, name, name_len, curve, flags); } @@ -256,6 +262,16 @@ hal_error_t hal_rpc_pkey_delete(const hal_pkey_handle_t pkey) return hal_rpc_pkey_dispatch->delete(pkey); } +hal_error_t hal_rpc_pkey_rename(const hal_pkey_handle_t pkey, + const uint8_t * const name, const size_t name_len) +{ + if (name == NULL) + return HAL_ERROR_BAD_ARGUMENTS; + if (name_len > HAL_RPC_PKEY_NAME_MAX) + return HAL_ERROR_KEY_NAME_TOO_LONG; + return hal_rpc_pkey_dispatch->rename(pkey, name, name_len); +} + hal_error_t hal_rpc_pkey_get_key_type(const hal_pkey_handle_t pkey, hal_key_type_t *type) { |