[Opencryptoki-tech] [PATCH 1/2] Return default public exponent if not stored and/or returned by the TPM token device

Thu, 13 Jan 2011 16:19:15 -0800 

From: Nelson Araujo <[email protected]>

---
 usr/lib/pkcs11/tpm_stdll/new_host.c |   27 +++++++++++++++++++++++++++
 1 files changed, 27 insertions(+), 0 deletions(-)

diff --git a/usr/lib/pkcs11/tpm_stdll/new_host.c 
b/usr/lib/pkcs11/tpm_stdll/new_host.c
index 96ebf54..f9ccc13 100644
--- a/usr/lib/pkcs11/tpm_stdll/new_host.c
+++ b/usr/lib/pkcs11/tpm_stdll/new_host.c
@@ -28,6 +28,9 @@
        4/25/03    Kapil Sood ([email protected])
                   Added DH key pair generation and DH shared key derivation
                   functions.
+      11/16/10    Nelson Araujo ([email protected])
+                  Return default public exponent if not stored and/or returned
+                  by the TPM token device
 ****************************************************************************/
 
 
@@ -120,6 +123,7 @@ CK_ULONG  usage_count = 0; // variable for number of times 
the DLL has been used
 
 CK_C_INITIALIZE_ARGS cinit_args = { NULL, NULL, NULL, NULL, 0, NULL };
 
+CK_BYTE pub_exp[] = { 0x1, 0x0, 0x1 }; // 65537
 
 extern void stlogterm();
 extern void stloginit();
@@ -1926,11 +1930,34 @@ CK_RV SC_GetAttributeValue( ST_SESSION_HANDLE  sSession,
       goto done;
    }
 
+   for (i=0; i<ulCount; i++) {
+      if (pTemplate[i].type == CKA_PUBLIC_EXPONENT) {
+         // 'object_mgr_get_attribute_values' requires the buffer to be
+         // of the right size, otherwise it will fail with a too generic
+         // error code. if buffer is too small, return to the caller
+         // failure with more appropriate (specific) error code.
+         if (pTemplate[i].ulValueLen < sizeof(pub_exp)) {
+            rc = CKR_BUFFER_TOO_SMALL;
+            goto done;
+         }
+      }
+   }
+
    rc = object_mgr_get_attribute_values( sess, hObject, pTemplate, ulCount );
    if (rc != CKR_OK){
       st_err_log(159, __FILE__, __LINE__);
    }
 
+   for (i=0; i<ulCount; i++) {
+      if (pTemplate[i].type == CKA_PUBLIC_EXPONENT) {
+         if (rc || pTemplate[i].ulValueLen == 0) {
+            // Use well-known exponent if value not stored by the device.
+            memcpy( pTemplate[i].pValue, pub_exp, sizeof(pub_exp) );
+            pTemplate[i].ulValueLen = sizeof(pub_exp);
+           rc = 0;
+         }
+      }
+   }
 
 done:
    LLOCK;
-- 
1.7.4.rc1


------------------------------------------------------------------------------
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics and how to avoid them. Understand 
malware threats, the impact they can have on your business, and how you 
can protect your company and customers by using code signing.
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Opencryptoki-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech

Reply via email to