Hi,
The attached patch fixes bug 3301770. Due to a common function being
used for unwrap, des and 3des key unwrapping was looking for a specific
template required only for AES keys, and additionally were being
unpacked into the CKA_VALUE attribute instead of the CKA_IBM_OPAQUE
attribute.
Thanks,
Kent
Signed-off-by: Kent Yoder <[email protected]>
diff --git a/usr/lib/pkcs11/cca_stdll/key.c b/usr/lib/pkcs11/cca_stdll/key.c
index 08d0286..648dea2 100644
--- a/usr/lib/pkcs11/cca_stdll/key.c
+++ b/usr/lib/pkcs11/cca_stdll/key.c
@@ -1133,7 +1133,6 @@ secret_key_unwrap( TEMPLATE *tmpl,
CK_RV rc;
switch (keytype) {
-#if 0
case CKK_CDMF:
case CKK_DES:
rc = des_unwrap( tmpl, data, data_len, fromend );
@@ -1146,14 +1145,6 @@ secret_key_unwrap( TEMPLATE *tmpl,
case CKK_AES:
rc = aes_unwrap( tmpl, data, data_len, fromend );
break;
-#else
- case CKK_CDMF:
- case CKK_DES:
- case CKK_DES3:
- case CKK_AES:
- rc = aes_unwrap( tmpl, data, data_len, fromend );
- break;
-#endif
case CKK_GENERIC_SECRET:
case CKK_RC2:
------------------------------------------------------------------------------
Achieve unprecedented app performance and reliability
What every C/C++ and Fortran developer should know.
Learn how Intel has extended the reach of its next-generation tools
to help boost performance applications - inlcuding clusters.
http://p.sf.net/sfu/intel-dev2devmay
_______________________________________________
Opencryptoki-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
