aboutsummaryrefslogtreecommitdiff
path: root/rpc_pkey.c
diff options
context:
space:
mode:
Diffstat (limited to 'rpc_pkey.c')
-rw-r--r--rpc_pkey.c42
1 files changed, 10 insertions, 32 deletions
diff --git a/rpc_pkey.c b/rpc_pkey.c
index 4867f97..ce67614 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -1062,33 +1062,6 @@ static hal_error_t pkey_local_get_attributes(const hal_pkey_handle_t pkey,
return err;
}
-/*
- * This is an RPC function, so the NULL pointer input convention for
- * querying required buffer length isn't all that useful, but buffer
- * lengths are predictable anyway:
- *
- * Size of the pkcs8 buffer is a constant, determined by
- * oid_aes_aesKeyWrap_len, HAL_KS_WRAPPED_KEYSIZE, and some ASN.1
- * overhead;
- *
- * Size of the kek buffer is the same as the length of the
- * modulus of the RSA public key indicated by wrap_handle.
- *
- * Except that we might want ASN.1 around the KEK, something like:
- *
- * SEQUENCE {
- * keyEncryptionAlgorithm AlgorithmIdentifier { rsaEncryption },
- * encryptedKey OCTET STRING
- * }
- *
- * which would still be constant-length, just a bit more verbose.
- *
- * Oddly enough, this is exactly the syntax of PKCS #8
- * EncryptedPrivateKeyInfo, which we already use for other purposes.
- * Using it to wrap an AES key encrypted with an RSA key seems a bit
- * odd, but it's a good fit and lets us reuse ASN.1 code. Cool.
- */
-
static hal_error_t pkey_local_export(const hal_pkey_handle_t pkey_handle,
const hal_pkey_handle_t kekek_handle,
uint8_t *pkcs8, size_t *pkcs8_len, const size_t pkcs8_max,
@@ -1158,11 +1131,14 @@ static hal_error_t pkey_local_export(const hal_pkey_handle_t pkey_handle,
if ((err = hal_get_random(NULL, kek, KEK_LENGTH)) != HAL_OK)
goto fail;
- if ((err = hal_aes_keywrap(NULL, kek, KEK_LENGTH, pkcs8, len, pkcs8, &len)) != HAL_OK)
+ *pkcs8_len = pkcs8_max;
+ if ((err = hal_aes_keywrap(NULL, kek, KEK_LENGTH, pkcs8, len, pkcs8, pkcs8_len)) != HAL_OK)
goto fail;
- if ((err = hal_asn1_encode_pkcs8_encryptedprivatekeyinfo(hal_asn1_oid_aesKeyWrap, hal_asn1_oid_aesKeyWrap_len,
- pkcs8, len, pkcs8, pkcs8_len, pkcs8_max)) != HAL_OK)
+ if ((err = hal_asn1_encode_pkcs8_encryptedprivatekeyinfo(hal_asn1_oid_aesKeyWrap,
+ hal_asn1_oid_aesKeyWrap_len,
+ pkcs8, *pkcs8_len,
+ pkcs8, pkcs8_len, pkcs8_max)) != HAL_OK)
goto fail;
if ((err = pkcs1_5_pad(kek, KEK_LENGTH, kek, *kek_len, 0x02)) != HAL_OK)
@@ -1171,8 +1147,10 @@ static hal_error_t pkey_local_export(const hal_pkey_handle_t pkey_handle,
if ((err = hal_rsa_encrypt(NULL, rsa, kek, *kek_len, kek, *kek_len)) != HAL_OK)
goto fail;
- if ((err = hal_asn1_encode_pkcs8_encryptedprivatekeyinfo(hal_asn1_oid_rsaEncryption, hal_asn1_oid_rsaEncryption_len,
- kek, *kek_len, kek, kek_len, kek_max)) != HAL_OK)
+ if ((err = hal_asn1_encode_pkcs8_encryptedprivatekeyinfo(hal_asn1_oid_rsaEncryption,
+ hal_asn1_oid_rsaEncryption_len,
+ kek, *kek_len,
+ kek, kek_len, kek_max)) != HAL_OK)
goto fail;
memset(rsabuf, 0, sizeof(rsabuf));