From 401965f1e9f74b43c88477d2ff6ac4d6c62ab5a8 Mon Sep 17 00:00:00 2001
From: Paul Selkirk <paul@psgd.org>
Date: Tue, 28 Apr 2020 12:11:49 -0400
Subject: The new keywrap core now talks directly to the MKM, so I split the
 code that talks to that core out of aes_keywrap.c. The HSM will now be built
 with just the keywrap core, with no user access to aes or mkmif.

---
 rpc_pkey.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'rpc_pkey.c')

diff --git a/rpc_pkey.c b/rpc_pkey.c
index 84e506d..4f5decd 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -1358,7 +1358,7 @@ static hal_error_t pkey_local_export(const hal_pkey_handle_t pkey_handle,
     goto fail;
 
   *pkcs8_len = pkcs8_max;
-  if ((err = hal_aes_keywrap(NULL, kek, KEK_LENGTH, pkcs8, len, pkcs8, pkcs8_len)) != HAL_OK)
+  if ((err = hal_keywrap_wrap(NULL, kek, KEK_LENGTH, pkcs8, len, pkcs8, pkcs8_len)) != HAL_OK)
     goto fail;
 
   if ((err = hal_asn1_encode_pkcs8_encryptedprivatekeyinfo(hal_asn1_oid_aesKeyWrap,
@@ -1460,7 +1460,7 @@ static hal_error_t pkey_local_import(const hal_client_handle_t client,
   }
 
   der_len = sizeof(der);
-  if ((err = hal_aes_keyunwrap(NULL, kek, sizeof(kek), data, data_len, der, &der_len)) != HAL_OK)
+  if ((err = hal_keywrap_unwrap(NULL, kek, sizeof(kek), data, data_len, der, &der_len)) != HAL_OK)
     goto fail;
 
   hal_key_type_t type;
-- 
cgit v1.2.3