diff options
-rw-r--r-- | pkcs11.c | 21 |
1 files changed, 11 insertions, 10 deletions
@@ -1293,20 +1293,21 @@ static int p11_object_set_rsa_private_key(const CK_OBJECT_HANDLE object_handle, uint8_t wrapbuf[hal_aes_keywrap_ciphertext_length(hal_rsa_key_to_der_len(key))]; const char *flavor = is_token_handle(object_handle) ? "token" : "session"; + size_t der_len, wrapbuf_len = sizeof(wrapbuf); sqlite3_stmt *q = NULL; - size_t len; int ok = 0; if (!sql_check_ok(sql_prepare(&q, select_kek)) || !sql_check_row(sqlite3_step(q)) || sqlite3_column_type(q, 0) == SQLITE_NULL || - !hal_check(hal_rsa_key_to_der(key, wrapbuf+8, &len, sizeof(wrapbuf)-8)) || + !hal_check(hal_rsa_key_to_der(key, wrapbuf+8, &der_len, + sizeof(wrapbuf)-8)) || !hal_check(hal_aes_keywrap(sqlite3_column_blob(q, 0), sqlite3_column_bytes(q, 0), - wrapbuf+8, len, wrapbuf, &len)) || + wrapbuf+8, der_len, wrapbuf, &wrapbuf_len)) || !sql_check_ok(sql_finalize_and_clear(&q)) || !sql_check_ok(sql_prepare(&q, update_format, flavor, flavor, flavor)) || - !sql_check_ok(sqlite3_bind_blob( q, 1, wrapbuf, len, NULL)) || + !sql_check_ok(sqlite3_bind_blob( q, 1, wrapbuf, wrapbuf_len, NULL)) || !sql_check_ok(sqlite3_bind_int64(q, 2, object_handle)) || !sql_check_done(sqlite3_step(q))) goto fail; @@ -1363,8 +1364,8 @@ static int p11_object_get_rsa_private_key(const CK_OBJECT_HANDLE object_handle, const uint8_t * const pkey = sqlite3_column_blob(q, 1); const size_t kek_len = sqlite3_column_bytes(q, 0); const size_t pkey_len = sqlite3_column_bytes(q, 1); - uint8_t wrapbuf[sqlite3_column_bytes(q, 1)]; - size_t wrapbuf_len; + size_t wrapbuf_len = pkey_len; + uint8_t wrapbuf[pkey_len]; ok = (hal_check(hal_aes_keyunwrap(kek, kek_len, pkey, pkey_len, wrapbuf, &wrapbuf_len)) && hal_check(hal_rsa_key_from_der(key, keybuf, keybuf_len, wrapbuf, wrapbuf_len))); @@ -1906,7 +1907,7 @@ static CK_RV generate_keypair_rsa_pkcs(p11_session_t *session, pMechanism)) == CK_INVALID_HANDLE || !p11_attribute_get(public_handle, CKA_PUBLIC_EXPONENT, public_exponent, &public_exponent_len, sizeof(public_exponent)) || - !hal_check(hal_rsa_key_gen(&key, keybuf, sizeof(keybuf), keysize, + !hal_check(hal_rsa_key_gen(&key, keybuf, sizeof(keybuf), keysize/8, public_exponent, public_exponent_len)) || !p11_object_set_rsa_private_key(private_handle, key) || !hal_check(hal_rsa_key_get_modulus(key, modulus, &modulus_len, sizeof(modulus))) || @@ -2576,9 +2577,9 @@ CK_RV C_DestroyObject(CK_SESSION_HANDLE hSession, " DELETE FROM object WHERE object_handle = ?"; static const char delete_token_object[] = - " WITH" - " t AS (SELECT token_object_id FROM object WHERE object_handle = ?)" - " DELETE FROM token_object WHERE token_object_id = t"; + " DELETE FROM token_object" + " WHERE token_object_id = (SELECT token_object_id FROM object WHERE object_handle = ?)"; + p11_session_t *session; sqlite3_stmt *q = NULL; |