📄 decr_mgr.c
字号:
if (rc == FALSE){ st_err_log(85, __FILE__, __LINE__); return CKR_KEY_FUNCTION_NOT_PERMITTED; } else { flag = *(CK_BBOOL *)attr->pValue; if (flag != TRUE){ st_err_log(85, __FILE__, __LINE__); return CKR_KEY_FUNCTION_NOT_PERMITTED; } } } else if (operation == OP_UNWRAP) { rc = object_mgr_find_in_map1( key_handle, &key_obj ); if (rc != CKR_OK){ st_err_log(62, __FILE__, __LINE__); return CKR_WRAPPING_KEY_HANDLE_INVALID; } // is key allowed to unwrap other keys? // rc = template_attribute_find( key_obj->template, CKA_UNWRAP, &attr ); if (rc == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; // Cryptoki doesn't define a better return code } else { flag = *(CK_BBOOL *)attr->pValue; if (flag == FALSE){ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } } } else{ st_err_log(4, __FILE__, __LINE__, __FUNCTION__); return CKR_FUNCTION_FAILED; } // is the mechanism supported? is the key type correct? is a // parameter present if required? is the key size allowed? // does the key support decryption? // // Will the FCV allow the operation? // switch (mech->mechanism) { case CKM_DES_ECB: { if (mech->ulParameterLen != 0){ st_err_log(29, __FILE__, __LINE__); return CKR_MECHANISM_PARAM_INVALID; } // is the key type correct? // rc = template_attribute_find( key_obj->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } else { keytype = *(CK_KEY_TYPE *)attr->pValue; if (keytype != CKK_DES){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } } // Check FCV //// if ((nv_FCV.FunctionCntlBytes[DES_FUNCTION_BYTE] & FCV_56_BIT_DES) == 0)// return CKR_MECHANISM_INVALID; ctx->context_len = sizeof(DES_CONTEXT); ctx->context = (CK_BYTE *)malloc(sizeof(DES_CONTEXT)); if (!ctx->context){ st_err_log(1, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memset( ctx->context, 0x0, sizeof(DES_CONTEXT) ); } break; case CKM_CDMF_ECB: { if (mech->ulParameterLen != 0){ st_err_log(29, __FILE__, __LINE__); return CKR_MECHANISM_PARAM_INVALID; } // is the key type correct? // rc = template_attribute_find( key_obj->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } else { keytype = *(CK_KEY_TYPE *)attr->pValue; if (keytype != CKK_CDMF){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } } // Check FCV //// if ((nv_FCV.FunctionCntlBytes[DES_FUNCTION_BYTE] & FCV_CDMF_DES) == 0)// return CKR_MECHANISM_INVALID; ctx->context_len = sizeof(DES_CONTEXT); ctx->context = (CK_BYTE *)malloc(sizeof(DES_CONTEXT)); if (!ctx->context){ st_err_log(1, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memset( ctx->context, 0x0, sizeof(DES_CONTEXT) ); } break; case CKM_DES_CBC: case CKM_DES_CBC_PAD: { if (mech->ulParameterLen != DES_BLOCK_SIZE){ st_err_log(29, __FILE__, __LINE__); return CKR_MECHANISM_PARAM_INVALID; } // is the key type correct? // rc = template_attribute_find( key_obj->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } else { keytype = *(CK_KEY_TYPE *)attr->pValue; if (keytype != CKK_DES){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } } // Check FCV //// if ((nv_FCV.FunctionCntlBytes[DES_FUNCTION_BYTE] & FCV_56_BIT_DES) == 0)// return CKR_MECHANISM_INVALID; ctx->context_len = sizeof(DES_CONTEXT); ctx->context = (CK_BYTE *)malloc(sizeof(DES_CONTEXT)); if (!ctx->context){ st_err_log(1, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memset( ctx->context, 0x0, sizeof(DES_CONTEXT) ); } break; case CKM_CDMF_CBC: case CKM_CDMF_CBC_PAD: { if (mech->ulParameterLen != DES_BLOCK_SIZE){ st_err_log(29, __FILE__, __LINE__); return CKR_MECHANISM_PARAM_INVALID; } // is the key type correct? // rc = template_attribute_find( key_obj->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } else { keytype = *(CK_KEY_TYPE *)attr->pValue; if (keytype != CKK_CDMF){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } } ctx->context_len = sizeof(DES_CONTEXT); ctx->context = (CK_BYTE *)malloc(sizeof(DES_CONTEXT)); if (!ctx->context){ st_err_log(1, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memset( ctx->context, 0x0, sizeof(DES_CONTEXT) ); } break; case CKM_DES3_ECB: { if (mech->ulParameterLen != 0) return CKR_MECHANISM_PARAM_INVALID; // is the key type correct? // rc = template_attribute_find( key_obj->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } else { keytype = *(CK_KEY_TYPE *)attr->pValue; if (keytype != CKK_DES3 && keytype != CKK_DES2){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } } // Check FCV //// if ((nv_FCV.FunctionCntlBytes[DES_FUNCTION_BYTE] & FCV_TRIPLE_DES) == 0)// return CKR_MECHANISM_INVALID; ctx->context_len = sizeof(DES_CONTEXT); ctx->context = (CK_BYTE *)malloc(sizeof(DES_CONTEXT)); if (!ctx->context){ st_err_log(1, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memset( ctx->context, 0x0, sizeof(DES_CONTEXT) ); } break; case CKM_DES3_CBC: case CKM_DES3_CBC_PAD: { if (mech->ulParameterLen != DES_BLOCK_SIZE) return CKR_MECHANISM_PARAM_INVALID; // is the key type correct? // rc = template_attribute_find( key_obj->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } else { keytype = *(CK_KEY_TYPE *)attr->pValue; if (keytype != CKK_DES3 && keytype != CKK_DES2){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } } // Check FCV //// if ((nv_FCV.FunctionCntlBytes[DES_FUNCTION_BYTE] & FCV_TRIPLE_DES) == 0)// return CKR_MECHANISM_INVALID; ctx->context_len = sizeof(DES_CONTEXT); ctx->context = (CK_BYTE *)malloc(sizeof(DES_CONTEXT)); if (!ctx->context){ st_err_log(1, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memset( ctx->context, 0x0, sizeof(DES_CONTEXT) ); } break; case CKM_RSA_X_509: case CKM_RSA_PKCS: { if (mech->ulParameterLen != 0) return CKR_MECHANISM_PARAM_INVALID; rc = template_attribute_find( key_obj->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } else { keytype = *(CK_KEY_TYPE *)attr->pValue; if (keytype != CKK_RSA){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } } // Check FCV //// rc = template_attribute_find( key_obj->template, CKA_MODULUS, &attr );// if (rc == FALSE ||// nv_FCV.SymmetricModLength/8 < attr->value_length)// return (operation == OP_DECRYPT_INIT ? CKR_KEY_SIZE_RANGE : CKR_UNWRAPPING_KEY_SIZE_RANGE ); // RSA cannot be used for multi-part operations // ctx->context_len = 0; ctx->context = NULL; } break; case CKM_AES_ECB: { // XXX Copied from DES3, should be verified - KEY if (mech->ulParameterLen != 0) return CKR_MECHANISM_PARAM_INVALID; // is the key type correct? // rc = template_attribute_find( key_obj->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } else { keytype = *(CK_KEY_TYPE *)attr->pValue; if (keytype != CKK_AES){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; } } ctx->context_len = sizeof(AES_CONTEXT); ctx->context = (CK_BYTE *)malloc(sizeof(AES_CONTEXT)); if (!ctx->context){ st_err_log(1, __FILE__, __LINE__); return CKR_HOST_MEMORY; } memset( ctx->context, 0x0, sizeof(AES_CONTEXT) ); } break; case CKM_AES_CBC: case CKM_AES_CBC_PAD: { // XXX Copied from DES3, should be verified - KEY if (mech->ulParameterLen != AES_INIT_VECTOR_SIZE) return CKR_MECHANISM_PARAM_INVALID; // is the key type correct? // rc = template_attribute_find( key_obj->template, CKA_KEY_TYPE, &attr ); if (rc == FALSE){ st_err_log(20, __FILE__, __LINE__); return CKR_KEY_TYPE_INCONSISTENT; }⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -