Signed-off-by: Harald Freudenberger <fre...@linux.vnet.ibm.com>
---
usr/lib/pkcs11/cca_stdll/cca_specific.c | 71 +++++++++++++++++++++++++++++++
1 file changed, 71 insertions(+)
diff --git a/usr/lib/pkcs11/cca_stdll/cca_specific.c
b/usr/lib/pkcs11/cca_stdll/cca_specific.c
index f859fb0..893b33c 100644
--- a/usr/lib/pkcs11/cca_stdll/cca_specific.c
+++ b/usr/lib/pkcs11/cca_stdll/cca_specific.c
@@ -2389,6 +2389,62 @@ static CK_RV import_aes_key(unsigned char *key, CK_ULONG
keylen,
return CKR_OK;
}
+static CK_RV import_des_key(unsigned char *key, CK_ULONG keylen,
+ TEMPLATE *obj_tmpl)
+{
+ CK_RV rc;
+ long return_code, reason_code, rule_array_count;
+ unsigned char key_token[CCA_KEY_TOKEN_SIZE] = { 0 };
+ unsigned char rule_array[CCA_RULE_ARRAY_SIZE] = { 0 };
+ long key_length, key_token_len;
+ CK_ATTRIBUTE *opaque_key = NULL;
+
+ memcpy(rule_array, "DES ", CCA_KEYWORD_SIZE);
+ rule_array_count = 1;
+ switch (keylen) {
+ case 8:
+ key_length = 8;
+ break;
+ case 16:
+ key_length = 16;
+ break;
+ case 24:
+ key_length = 24;
+ break;
+ default:
+ TRACE_ERROR("Invalid DES key size %lu specified.", keylen);
+ return CKR_FUNCTION_FAILED;
+ }
+
+ CSNBCKM( &return_code, &reason_code,
+ NULL, NULL,
+ &rule_array_count, rule_array,
+ &key_length,
+ key,
+ key_token);
+ if (return_code != CCA_SUCCESS) {
+ TRACE_ERROR("CSNBCKM (CLEAR DES KEY IMPORT) failed."
+ " return:%ld, reason:%ld\n",
+ return_code, reason_code);
+ return CKR_FUNCTION_FAILED;
+ }
+ key_token_len = 64;
+
+ /* Add the key object to the template */
+ if ((rc = build_attribute(CKA_IBM_OPAQUE, key_token,
+ key_token_len, &opaque_key))) {
+ TRACE_DEVEL("build_attribute(CKA_IBM_OPAQUE) failed\n");
+ return rc;
+ }
+ rc = template_update_attribute(obj_tmpl, opaque_key);
+ if (rc != CKR_OK) {
+ TRACE_DEVEL("template_update_attribute(CKA_IBM_OPAQUE)
failed\n");
+ return rc;
+ }
+
+ return CKR_OK;
+}
+
CK_RV token_specific_object_add(OBJECT *object)
{
@@ -2441,6 +2497,21 @@ CK_RV token_specific_object_add(OBJECT *object)
return rc;
}
+ } else if (keytype == CKK_DES || keytype == CKK_DES3) {
+
+ rc = template_attribute_find(object->template, CKA_VALUE,
&attr);
+ if (rc == FALSE) {
+ TRACE_ERROR("Incomplete DES key template\n");
+ return CKR_TEMPLATE_INCOMPLETE;
+ }
+ rc = import_des_key(attr->pValue, attr->ulValueLen,
+ object->template);
+ if (rc != CKR_OK) {
+ TRACE_DEVEL("DES key import failed with rc=0x%lx\n",
rc);
+ return CKR_FUNCTION_FAILED;
+ }
+ TRACE_INFO("DES key with len=%ld successful imported\n",
attr->ulValueLen);
+
} else if (keytype == CKK_AES) {
rc = template_attribute_find(object->template, CKA_VALUE,
&attr);
--
1.7.9.5
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
Opencryptoki-tech mailing list
Opencryptoki-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
