Debug PKCS #11 ECDSA signature and verification.

author: Rob Austein <sra@hactrn.net> 2015-09-14 17:14:57 -0400
committer: Rob Austein <sra@hactrn.net> 2015-09-14 17:14:57 -0400
commit: 3345ef8b1a7ad719dbd3a0f26697c6bc4bd884b1 (patch)
tree: 6dcc1f493f6ad5b0a008732054dc82b47d9bf092 /pkcs11.c
parent: e9eb486fae220903f039ffae5125894c1e156aa4 (diff)
1 files changed, 11 insertions, 13 deletions
diff --git a/pkcs11.c b/pkcs11.c
index 88ad883..2f6fcde 100644
--- a/pkcs11.c
+++ b/pkcs11.c
@@ -3502,22 +3502,20 @@ CK_RV C_Digest(CK_SESSION_HANDLE hSession,
   if (rv == CKR_BUFFER_TOO_SMALL)
     lose(CKR_BUFFER_TOO_SMALL);
 
-  {
-    uint8_t statebuf[session->digest_descriptor->hash_state_length];
-    hal_hash_state_t *state = NULL;
+  if ((rv = digest_update(session->digest_descriptor, &session->digest_state,
+                          pData, ulDataLen)) != CKR_OK)
+    goto fail;
 
-    if (!hal_check(hal_hash_initialize(session->digest_descriptor,
-                                       &state, statebuf, sizeof(statebuf)))     ||
-        !hal_check(hal_hash_update(state, pData, ulDataLen))                    ||
-        !hal_check(hal_hash_finalize(state, pDigest, *pulDigestLen)))
-      lose(CKR_FUNCTION_FAILED);
-  }
+  if (!hal_check(hal_hash_finalize(session->digest_state, pDigest, *pulDigestLen)))
+    lose(CKR_FUNCTION_FAILED);
 
   rv = CKR_OK;                  /* Fall through */
 
  fail:
-  if (session != NULL)
+  if (session != NULL) {
+    hal_hash_cleanup(&session->digest_state);
     session->digest_descriptor = NULL;
+  }
   mutex_unlock_return_with_rv(rv, p11_global_mutex);
 }
 
@@ -3719,7 +3717,7 @@ CK_RV C_Sign(CK_SESSION_HANDLE hSession,
   if (session->sign_digest_state != NULL)
     lose(CKR_OPERATION_ACTIVE);
 
-  if (session->sign_digest_descriptor != NULL &&
+  if (session->sign_digest_descriptor != NULL && pSignature != NULL &&
       (rv = digest_update(session->sign_digest_descriptor,
                           &session->sign_digest_state, pData, ulDataLen)) != CKR_OK)
     goto fail;
@@ -3780,8 +3778,8 @@ CK_RV C_VerifyInit(CK_SESSION_HANDLE hSession,
 
   if (!p11_attribute_get_ulong(hKey, CKA_CLASS,    &key_class)  ||
       !p11_attribute_get_ulong(hKey, CKA_KEY_TYPE, &key_type)   ||
-      !p11_attribute_get_bbool(hKey, CKA_SIGN,     &key_verify) ||
-      key_class != CKO_PRIVATE_KEY)
+      !p11_attribute_get_bbool(hKey, CKA_VERIFY,   &key_verify) ||
+      key_class != CKO_PUBLIC_KEY)
     lose(CKR_KEY_HANDLE_INVALID);
 
   if (!key_verify)
author	Rob Austein <sra@hactrn.net>	2015-09-14 17:14:57 -0400
committer	Rob Austein <sra@hactrn.net>	2015-09-14 17:14:57 -0400
commit	3345ef8b1a7ad719dbd3a0f26697c6bc4bd884b1 (patch)
tree	6dcc1f493f6ad5b0a008732054dc82b47d9bf092 /pkcs11.c
parent	e9eb486fae220903f039ffae5125894c1e156aa4 (diff)