aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--p11util.c4
-rw-r--r--pkcs11.c44
2 files changed, 25 insertions, 23 deletions
diff --git a/p11util.c b/p11util.c
index 697b696..ca4a38c 100644
--- a/p11util.c
+++ b/p11util.c
@@ -272,12 +272,12 @@ static int set_pin(const char * const pin_type, const int read_from_stdin)
sqlite3_column_type(q, 0) == SQLITE_NULL)
lose("Couldn't retrieve PBKDF2 iteration count from SQL");
- if ((err = hal_get_random(salt, sizeof(salt))) != HAL_OK) {
+ if ((err = hal_get_random(NULL, salt, sizeof(salt))) != HAL_OK) {
fprintf(stderr, "Couldn't generate salt: %s\n", hal_error_string(err));
goto fail;
}
- if ((err = hal_pbkdf2(hal_hash_sha256, (uint8_t *) pin, len, salt, sizeof(salt),
+ if ((err = hal_pbkdf2(NULL, hal_hash_sha256, (uint8_t *) pin, len, salt, sizeof(salt),
pinbuf, sizeof(pinbuf), sqlite3_column_int(q, 0))) != HAL_OK) {
fprintf(stderr, "Couldn't process new PIN: %s\n", hal_error_string(err));
goto fail;
diff --git a/pkcs11.c b/pkcs11.c
index de8f902..a3048f7 100644
--- a/pkcs11.c
+++ b/pkcs11.c
@@ -527,18 +527,18 @@ static int kek_init(void)
sqlite3_stmt *q = NULL;
- int ok = (sql_check_ok(sql_prepare(&q, test_kek)) &&
+ int ok = (sql_check_ok(sql_prepare(&q, test_kek)) &&
sql_check_row(sqlite3_step(q)));
if (ok && sqlite3_column_int(q, 0)) {
uint8_t kekbuf[bitsToBytes(256)];
- ok = (hal_check(hal_get_random(kekbuf, sizeof(kekbuf))) &&
- sql_check_ok(sql_finalize_and_clear(&q)) &&
- sql_check_ok(sql_prepare(&q, set_kek)) &&
+ ok = (hal_check(hal_get_random(NULL, kekbuf, sizeof(kekbuf))) &&
+ sql_check_ok(sql_finalize_and_clear(&q)) &&
+ sql_check_ok(sql_prepare(&q, set_kek)) &&
sql_check_ok(sqlite3_bind_blob(q, 1, kekbuf,
sizeof(kekbuf),
- NULL)) &&
+ NULL)) &&
sql_check_done(sqlite3_step(q)));
memset(kekbuf, 0, sizeof(kekbuf));
@@ -1204,7 +1204,8 @@ static int p11_object_set_generic_private_key(const CK_OBJECT_HANDLE object_hand
!sql_check_row(sqlite3_step(q)) ||
sqlite3_column_type(q, 0) == SQLITE_NULL ||
!hal_check(to_der(key, wrapbuf + 8, &der_len, sizeof(wrapbuf) - 8)) ||
- !hal_check(hal_aes_keywrap(sqlite3_column_blob(q, 0),
+ !hal_check(hal_aes_keywrap(NULL,
+ sqlite3_column_blob(q, 0),
sqlite3_column_bytes(q, 0),
wrapbuf+8, der_len, wrapbuf, &wrapbuf_len)) ||
!sql_check_ok(sql_finalize_and_clear(&q)) ||
@@ -1318,7 +1319,7 @@ static int p11_object_get_generic_private_key(const CK_OBJECT_HANDLE object_hand
size_t wrapbuf_len = pkey_len;
uint8_t wrapbuf[pkey_len];
- ok = (hal_check(hal_aes_keyunwrap(kek, kek_len, pkey, pkey_len, wrapbuf, &wrapbuf_len)) &&
+ ok = (hal_check(hal_aes_keyunwrap(NULL, kek, kek_len, pkey, pkey_len, wrapbuf, &wrapbuf_len)) &&
hal_check(from_der(key, keybuf, keybuf_len, wrapbuf, wrapbuf_len)));
memset(wrapbuf, 0, sizeof(wrapbuf));
@@ -1952,7 +1953,7 @@ static CK_RV generate_keypair_rsa_pkcs(p11_session_t *session,
memset(keybuf, 0, sizeof(keybuf));
- if (!hal_check(hal_rsa_key_gen(&key, keybuf, sizeof(keybuf), keysize / 8,
+ if (!hal_check(hal_rsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), keysize / 8,
public_exponent, public_exponent_len)))
lose(CKR_FUNCTION_FAILED);
@@ -2019,7 +2020,7 @@ static CK_RV generate_keypair_ec(p11_session_t *session,
memset(keybuf, 0, sizeof(keybuf));
- if (!hal_check(hal_ecdsa_key_gen(&key, keybuf, sizeof(keybuf), curve)) ||
+ if (!hal_check(hal_ecdsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), curve)) ||
!p11_object_set_ec_private_key(private_handle, key) ||
!p11_attribute_set(public_handle, CKA_EC_PARAMS, params, params_len) ||
!p11_attribute_set(private_handle, CKA_EC_PARAMS, params, params_len))
@@ -2196,7 +2197,7 @@ static CK_RV digest_update(const hal_hash_descriptor_t * const descriptor,
assert(descriptor != NULL && state != NULL && data != NULL);
if (*state == NULL) {
- switch (hal_hash_initialize(descriptor, state, NULL, 0)) {
+ switch (hal_hash_initialize(NULL, descriptor, state, NULL, 0)) {
case HAL_OK:
break;
case HAL_ERROR_ALLOCATION_FAILURE:
@@ -2353,7 +2354,7 @@ static CK_RV sign_rsa_pkcs(p11_session_t *session,
if (!pkcs1_5_pad(pData, ulDataLen, pSignature, signature_len))
lose(CKR_DATA_LEN_RANGE);
- if (!hal_check(hal_rsa_decrypt(key, pSignature, signature_len, pSignature, signature_len)))
+ if (!hal_check(hal_rsa_decrypt(NULL, key, pSignature, signature_len, pSignature, signature_len)))
lose(CKR_FUNCTION_FAILED);
}
@@ -2410,7 +2411,7 @@ static CK_RV verify_rsa_pkcs(p11_session_t *session,
if (!pkcs1_5_pad(pData, ulDataLen, expected, sizeof(expected)))
lose(CKR_DATA_LEN_RANGE);
- if (!hal_check(hal_rsa_encrypt(key, pSignature, ulSignatureLen, received, sizeof(received))))
+ if (!hal_check(hal_rsa_encrypt(NULL, key, pSignature, ulSignatureLen, received, sizeof(received))))
lose(CKR_FUNCTION_FAILED);
for (int i = 0; i < ulSignatureLen; i++)
@@ -2484,7 +2485,7 @@ static CK_RV sign_ecdsa(p11_session_t *session,
ulDataLen = sizeof(digest);
}
- if (pSignature != NULL && !hal_check(hal_ecdsa_sign(key, pData, ulDataLen,
+ if (pSignature != NULL && !hal_check(hal_ecdsa_sign(NULL, key, pData, ulDataLen,
pSignature, &signature_len, *pulSignatureLen,
HAL_ECDSA_SIGNATURE_FORMAT_PKCS11)))
lose(CKR_FUNCTION_FAILED);
@@ -2529,7 +2530,8 @@ static CK_RV verify_ecdsa(p11_session_t *session,
ulDataLen = sizeof(digest);
}
- if (!hal_check(hal_ecdsa_verify(key, pData, ulDataLen, pSignature, ulSignatureLen, HAL_ECDSA_SIGNATURE_FORMAT_PKCS11)))
+ if (!hal_check(hal_ecdsa_verify(NULL, key, pData, ulDataLen,
+ pSignature, ulSignatureLen, HAL_ECDSA_SIGNATURE_FORMAT_PKCS11)))
lose(CKR_SIGNATURE_INVALID);
rv = CKR_OK; /* Fall through */
@@ -3049,7 +3051,7 @@ CK_RV C_Login(CK_SESSION_HANDLE hSession,
uint8_t pinbuf[pin_len];
unsigned diff = 0;
- if (!hal_check(hal_pbkdf2(hal_hash_sha256, pPin, ulPinLen, salt, salt_len,
+ if (!hal_check(hal_pbkdf2(NULL, hal_hash_sha256, pPin, ulPinLen, salt, salt_len,
pinbuf, sizeof(pinbuf), iterations)))
lose(CKR_FUNCTION_FAILED);
@@ -3624,7 +3626,7 @@ CK_RV C_DigestInit(CK_SESSION_HANDLE hSession,
default: lose(CKR_MECHANISM_INVALID);
}
- if (!hal_check(hal_hash_core_present(session->digest_descriptor))) {
+ if (hal_core_find(session->digest_descriptor->core_name, NULL) == NULL) {
session->digest_descriptor = NULL;
lose(CKR_MECHANISM_INVALID);
}
@@ -4319,7 +4321,7 @@ CK_RV C_GenerateRandom(CK_SESSION_HANDLE hSession,
if (RandomData == NULL)
lose(CKR_ARGUMENTS_BAD);
- if (!hal_check(hal_get_random(RandomData, ulRandomLen)))
+ if (!hal_check(hal_get_random(NULL, RandomData, ulRandomLen)))
lose(CKR_FUNCTION_FAILED);
fail:
@@ -4365,7 +4367,7 @@ CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID,
case CKM_SHA1_RSA_PKCS:
case CKM_SHA_1_HMAC:
case CKM_ECDSA_SHA1:
- if (hal_hash_core_present(hal_hash_sha1) != HAL_OK)
+ if (hal_core_find(hal_hash_sha1->core_name, NULL) == NULL)
return CKR_MECHANISM_INVALID;
break;
@@ -4373,7 +4375,7 @@ CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID,
case CKM_SHA256_RSA_PKCS:
case CKM_SHA256_HMAC:
case CKM_ECDSA_SHA256:
- if (hal_hash_core_present(hal_hash_sha256) != HAL_OK)
+ if (hal_core_find(hal_hash_sha256->core_name, NULL) == NULL)
return CKR_MECHANISM_INVALID;
break;
@@ -4381,7 +4383,7 @@ CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID,
case CKM_SHA384_RSA_PKCS:
case CKM_SHA384_HMAC:
case CKM_ECDSA_SHA384:
- if (hal_hash_core_present(hal_hash_sha384) != HAL_OK)
+ if (hal_core_find(hal_hash_sha384->core_name, NULL) == NULL)
return CKR_MECHANISM_INVALID;
break;
@@ -4389,7 +4391,7 @@ CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID,
case CKM_SHA512_RSA_PKCS:
case CKM_SHA512_HMAC:
case CKM_ECDSA_SHA512:
- if (hal_hash_core_present(hal_hash_sha512) != HAL_OK)
+ if (hal_core_find(hal_hash_sha512->core_name, NULL) == NULL)
return CKR_MECHANISM_INVALID;
break;