From 0690aa3d48966a4b151a468fd3a0a65bb99de439 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Sun, 15 May 2016 20:49:18 -0400
Subject: Add hal_rpc_pkey_rename(); allow null string as (temporary) key name.

Temporary nature of null string as key name is not enforced by the
keystore code, it's just a convention to allow callers to generate a
keypair, obtain the public key, hash that to a Subject Key Identifier
(SKI), and rename the key using the SKI as the new name.

This is a compromise to let us use SKI-based key names in PKCS #11
while keeping the keystore code simple.
---
 rpc_api.c | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)

(limited to 'rpc_api.c')

diff --git a/rpc_api.c b/rpc_api.c
index 8010f54..5bab506 100644
--- a/rpc_api.c
+++ b/rpc_api.c
@@ -199,11 +199,11 @@ hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client,
                               const uint8_t * const der, const size_t der_len,
                               const hal_key_flags_t flags)
 {
-  if (pkey == NULL ||
-      name == NULL || name_len == 0 ||
-      der == NULL || der_len == 0 ||
+  if (pkey == NULL || name == NULL || der == NULL || der_len == 0 ||
       !check_pkey_type_curve_flags(type, curve, flags))
     return HAL_ERROR_BAD_ARGUMENTS;
+  if (name_len > HAL_RPC_PKEY_NAME_MAX)
+    return HAL_ERROR_KEY_NAME_TOO_LONG;
   return hal_rpc_pkey_dispatch->load(client, session, pkey, type, curve, name, name_len, der, der_len, flags);
 }
 
@@ -214,8 +214,10 @@ hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client,
                               const uint8_t * const name, const size_t name_len,
                               const hal_key_flags_t flags)
 {
-  if (pkey == NULL || name == NULL || name_len == 0 || !check_pkey_type(type))
+  if (pkey == NULL || name == NULL || !check_pkey_type(type))
     return HAL_ERROR_BAD_ARGUMENTS;
+  if (name_len > HAL_RPC_PKEY_NAME_MAX)
+    return HAL_ERROR_KEY_NAME_TOO_LONG;
   return hal_rpc_pkey_dispatch->find(client, session, pkey, type, name, name_len, flags);
 }
 
@@ -227,9 +229,11 @@ hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client,
                                       const uint8_t * const exp, const size_t exp_len,
                                       const hal_key_flags_t flags)
 {
-  if (pkey == NULL || name == NULL || name_len == 0 || key_len == 0 || (key_len & 7) != 0 ||
+  if (pkey == NULL || name == NULL || key_len == 0 || (key_len & 7) != 0 ||
       exp == NULL || exp_len == 0 || !check_pkey_flags(flags))
     return HAL_ERROR_BAD_ARGUMENTS;
+  if (name_len > HAL_RPC_PKEY_NAME_MAX)
+    return HAL_ERROR_KEY_NAME_TOO_LONG;
   return hal_rpc_pkey_dispatch->generate_rsa(client, session, pkey, name, name_len, key_len, exp, exp_len, flags);
 }
 
@@ -240,9 +244,11 @@ hal_error_t hal_rpc_pkey_generate_ec(const hal_client_handle_t client,
                                      const hal_curve_name_t curve,
                                      const hal_key_flags_t flags)
 {
-  if (pkey == NULL || name == NULL || name_len == 0 ||
+  if (pkey == NULL || name == NULL ||
       !check_pkey_type_curve_flags(HAL_KEY_TYPE_EC_PRIVATE, curve, flags))
     return HAL_ERROR_BAD_ARGUMENTS;
+  if (name_len > HAL_RPC_PKEY_NAME_MAX)
+    return HAL_ERROR_KEY_NAME_TOO_LONG;
   return hal_rpc_pkey_dispatch->generate_ec(client, session, pkey, name, name_len, curve, flags);
 }
 
@@ -256,6 +262,16 @@ hal_error_t hal_rpc_pkey_delete(const hal_pkey_handle_t pkey)
   return hal_rpc_pkey_dispatch->delete(pkey);
 }
 
+hal_error_t hal_rpc_pkey_rename(const hal_pkey_handle_t pkey,
+                                const uint8_t * const name, const size_t name_len)
+{
+  if (name == NULL)
+    return HAL_ERROR_BAD_ARGUMENTS;
+  if (name_len > HAL_RPC_PKEY_NAME_MAX)
+    return HAL_ERROR_KEY_NAME_TOO_LONG;
+  return hal_rpc_pkey_dispatch->rename(pkey, name, name_len);
+}
+
 hal_error_t hal_rpc_pkey_get_key_type(const hal_pkey_handle_t pkey,
                                       hal_key_type_t *type)
 {
-- 
cgit v1.2.3