diff options
Diffstat (limited to 'rpc_server.c')
| -rw-r--r-- | rpc_server.c | 131 |
1 files changed, 103 insertions, 28 deletions
diff --git a/rpc_server.c b/rpc_server.c index a21679a..d946b06 100644 --- a/rpc_server.c +++ b/rpc_server.c @@ -322,30 +322,28 @@ static hal_error_t pkey_load(const uint8_t **iptr, const uint8_t * const ilimit, hal_client_handle_t client; hal_session_handle_t session; hal_pkey_handle_t pkey; - uint32_t type; - uint32_t curve; hal_uuid_t name; const uint8_t *der; uint32_t der_len; hal_key_flags_t flags; hal_error_t ret; + uint8_t *optr_orig = *optr; check(hal_xdr_decode_int(iptr, ilimit, &client.handle)); check(hal_xdr_decode_int(iptr, ilimit, &session.handle)); - check(hal_xdr_decode_int(iptr, ilimit, &type)); - check(hal_xdr_decode_int(iptr, ilimit, &curve)); check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &der, &der_len)); check(hal_xdr_decode_int(iptr, ilimit, &flags)); - /* call the local function */ - ret = hal_rpc_pkey_load(client, session, &pkey, type, curve, &name, der, der_len, flags); + ret = hal_rpc_pkey_load(client, session, &pkey, &name, der, der_len, flags); - if (ret == HAL_OK) { - uint8_t *optr_orig = *optr; - if ((ret = hal_xdr_encode_int(optr, olimit, pkey.handle)) != HAL_OK || - (ret = hal_xdr_encode_buffer(optr, olimit, name.uuid, sizeof(name.uuid))) != HAL_OK) - *optr = optr_orig; - } + if (ret == HAL_OK) + ret = hal_xdr_encode_int(optr, olimit, pkey.handle); + + if (ret == HAL_OK) + ret = hal_xdr_encode_buffer(optr, olimit, name.uuid, sizeof(name.uuid)); + + if (ret != HAL_OK) + *optr = optr_orig; return ret; } @@ -358,19 +356,17 @@ static hal_error_t pkey_open(const uint8_t **iptr, const uint8_t * const ilimit, hal_pkey_handle_t pkey; const uint8_t *name_ptr; uint32_t name_len; - hal_key_flags_t flags; hal_error_t ret; check(hal_xdr_decode_int(iptr, ilimit, &client.handle)); check(hal_xdr_decode_int(iptr, ilimit, &session.handle)); check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &name_ptr, &name_len)); - check(hal_xdr_decode_int(iptr, ilimit, &flags)); if (name_len != sizeof(hal_uuid_t)) return HAL_ERROR_KEY_NAME_TOO_LONG; /* call the local function */ - ret = hal_rpc_pkey_open(client, session, &pkey, (const hal_uuid_t *) name_ptr, flags); + ret = hal_rpc_pkey_open(client, session, &pkey, (const hal_uuid_t *) name_ptr); if (ret == HAL_OK) check(hal_xdr_encode_int(optr, olimit, pkey.handle)); @@ -645,15 +641,17 @@ static hal_error_t pkey_match(const uint8_t **iptr, const uint8_t * const ilimit { hal_client_handle_t client; hal_session_handle_t session; - uint32_t type, curve, attributes_len, result_max, previous_uuid_len; + uint32_t type, curve, attributes_len, state, result_max, previous_uuid_len; const uint8_t *previous_uuid_ptr; - hal_key_flags_t flags; + hal_key_flags_t mask, flags; + uint8_t *optr_orig = *optr; hal_error_t ret; check(hal_xdr_decode_int(iptr, ilimit, &client.handle)); check(hal_xdr_decode_int(iptr, ilimit, &session.handle)); check(hal_xdr_decode_int(iptr, ilimit, &type)); check(hal_xdr_decode_int(iptr, ilimit, &curve)); + check(hal_xdr_decode_int(iptr, ilimit, &mask)); check(hal_xdr_decode_int(iptr, ilimit, &flags)); check(hal_xdr_decode_int(iptr, ilimit, &attributes_len)); @@ -669,6 +667,7 @@ static hal_error_t pkey_match(const uint8_t **iptr, const uint8_t * const ilimit a->length = value_len; } + check(hal_xdr_decode_int(iptr, ilimit, &state)); check(hal_xdr_decode_int(iptr, ilimit, &result_max)); check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &previous_uuid_ptr, &previous_uuid_len)); @@ -678,22 +677,24 @@ static hal_error_t pkey_match(const uint8_t **iptr, const uint8_t * const ilimit const hal_uuid_t * const previous_uuid = (const void *) previous_uuid_ptr; hal_uuid_t result[result_max]; - unsigned result_len; + unsigned result_len, ustate = state; - ret = hal_rpc_pkey_match(client, session, type, curve, flags, + ret = hal_rpc_pkey_match(client, session, type, curve, mask, flags, attributes, attributes_len, - result, &result_len, result_max, + &ustate, result, &result_len, result_max, previous_uuid); - if (ret == HAL_OK) { - uint8_t *optr_orig = *optr; + if (ret == HAL_OK) + ret = hal_xdr_encode_int(optr, olimit, ustate); + + if (ret == HAL_OK) ret = hal_xdr_encode_int(optr, olimit, result_len); - for (int i = 0; ret == HAL_OK && i < result_len; ++i) - ret = hal_xdr_encode_buffer(optr, olimit, result[i].uuid, - sizeof(result[i].uuid)); - if (ret != HAL_OK) - *optr = optr_orig; - } + + for (int i = 0; ret == HAL_OK && i < result_len; ++i) + ret = hal_xdr_encode_buffer(optr, olimit, result[i].uuid, + sizeof(result[i].uuid)); + if (ret != HAL_OK) + *optr = optr_orig; return ret; } @@ -782,6 +783,74 @@ static hal_error_t pkey_get_attributes(const uint8_t **iptr, const uint8_t * con return ret; } +static hal_error_t pkey_export(const uint8_t **iptr, const uint8_t * const ilimit, + uint8_t **optr, const uint8_t * const olimit) +{ + hal_client_handle_t client; + hal_pkey_handle_t pkey; + hal_pkey_handle_t kekek; + size_t pkcs8_len, kek_len; + uint32_t pkcs8_max, kek_max; + uint8_t *optr_orig = *optr; + hal_error_t ret; + + check(hal_xdr_decode_int(iptr, ilimit, &client.handle)); + check(hal_xdr_decode_int(iptr, ilimit, &pkey.handle)); + check(hal_xdr_decode_int(iptr, ilimit, &kekek.handle)); + check(hal_xdr_decode_int(iptr, ilimit, &pkcs8_max)); + check(hal_xdr_decode_int(iptr, ilimit, &kek_max)); + + uint8_t pkcs8[pkcs8_max], kek[kek_max]; + + ret = hal_rpc_pkey_export(pkey, kekek, pkcs8, &pkcs8_len, sizeof(pkcs8), kek, &kek_len, sizeof(kek)); + + if (ret == HAL_OK) + ret = hal_xdr_encode_buffer(optr, olimit, pkcs8, pkcs8_len); + + if (ret == HAL_OK) + ret = hal_xdr_encode_buffer(optr, olimit, kek, kek_len); + + if (ret != HAL_OK) + *optr = optr_orig; + + return ret; +} + +static hal_error_t pkey_import(const uint8_t **iptr, const uint8_t * const ilimit, + uint8_t **optr, const uint8_t * const olimit) +{ + hal_client_handle_t client; + hal_session_handle_t session; + hal_pkey_handle_t pkey; + hal_pkey_handle_t kekek; + hal_uuid_t name; + const uint8_t *pkcs8, *kek; + uint32_t pkcs8_len, kek_len; + uint8_t *optr_orig = *optr; + hal_key_flags_t flags; + hal_error_t ret; + + check(hal_xdr_decode_int(iptr, ilimit, &client.handle)); + check(hal_xdr_decode_int(iptr, ilimit, &session.handle)); + check(hal_xdr_decode_int(iptr, ilimit, &kekek.handle)); + check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &pkcs8, &pkcs8_len)); + check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &kek, &kek_len)); + check(hal_xdr_decode_int(iptr, ilimit, &flags)); + + ret = hal_rpc_pkey_import(client, session, &pkey, &name, kekek, pkcs8, pkcs8_len, kek, kek_len, flags); + + if (ret == HAL_OK) + ret = hal_xdr_encode_int(optr, olimit, pkey.handle); + + if (ret == HAL_OK) + ret = hal_xdr_encode_buffer(optr, olimit, name.uuid, sizeof(name.uuid)); + + if (ret != HAL_OK) + *optr = optr_orig; + + return ret; +} + hal_error_t hal_rpc_server_dispatch(const uint8_t * const ibuf, const size_t ilen, uint8_t * const obuf, size_t * const olen) @@ -888,6 +957,12 @@ hal_error_t hal_rpc_server_dispatch(const uint8_t * const ibuf, const size_t ile case RPC_FUNC_PKEY_GET_ATTRIBUTES: handler = pkey_get_attributes; break; + case RPC_FUNC_PKEY_EXPORT: + handler = pkey_export; + break; + case RPC_FUNC_PKEY_IMPORT: + handler = pkey_import; + break; } if (handler) |