With this fix the VALUE attribute is cleared out after an successfull import is done. Minor improments and corrections for UNKNOWN strings with some traces and some typo fixes.
Signed-off-by: Harald Freudenberger <[email protected]> --- usr/lib/pkcs11/ep11_stdll/ep11_specific.c | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/usr/lib/pkcs11/ep11_stdll/ep11_specific.c b/usr/lib/pkcs11/ep11_stdll/ep11_specific.c index 365d7cd..21ac0f9 100644 --- a/usr/lib/pkcs11/ep11_stdll/ep11_specific.c +++ b/usr/lib/pkcs11/ep11_stdll/ep11_specific.c @@ -978,13 +978,24 @@ static const char* ep11_get_ckm(CK_ULONG mechanism) case CKM_SHA224_HMAC: return "CKM_SHA224_HMAC"; case CKM_SHA384_KEY_DERIVATION: return "CKM_SHA384_KEY_DERIVATION"; case CKM_SHA512_KEY_DERIVATION: return "CKM_SHA512_KEY_DERIVATION"; - case CKM_VENDOR_DEFINED + 0x20007: return "CKM_IBM_ECDH1_DERIVE_RAW"; + case CKM_VENDOR_DEFINED + 0x10007: return "CKA_IBM_MACKEY"; + case CKM_VENDOR_DEFINED + 0x10008: return "CKM_IBM_ECDSA_SHA224"; + case CKM_VENDOR_DEFINED + 0x10009: return "CKM_IBM_ECDSA_SHA256"; + case CKM_VENDOR_DEFINED + 0x1000a: return "CKM_IBM_ECDSA_SHA384"; + case CKM_VENDOR_DEFINED + 0x1000b: return "CKM_IBM_ECDSA_SHA512"; case CKR_VENDOR_DEFINED + 0x1000c: return "CKM_IBM_EC_MULTIPLY"; - case CKM_VENDOR_DEFINED + 0x20006: return "CKM_IBM_DH_PKCS_DERIVE_RAW"; - case CKM_VENDOR_DEFINED + 0x20004: return "CKM_IBM_ATTRIBUTEBOUND_WRAP"; case CKM_VENDOR_DEFINED + 0x1000d: return "CKM_IBM_EAC"; + case CKM_VENDOR_DEFINED + 0x10012: return "CKM_IBM_SHA512_256"; + case CKM_VENDOR_DEFINED + 0x10013: return "CKM_IBM_SHA512_224"; + case CKM_VENDOR_DEFINED + 0x10014: return "CKM_IBM_SHA512_256_HMAC"; + case CKM_VENDOR_DEFINED + 0x10015: return "CKM_IBM_SHA512_224_HMAC"; + case CKM_VENDOR_DEFINED + 0x10016: return "CKM_IBM_SHA512_256_KEY_DERIVATION"; + case CKM_VENDOR_DEFINED + 0x10017: return "CKM_IBM_SHA512_224_KEY_DERIVATION"; + case CKM_VENDOR_DEFINED + 0x20004: return "CKM_IBM_ATTRIBUTEBOUND_WRAP"; + case CKM_VENDOR_DEFINED + 0x20005: return "CKM_IBM_TRANSPORTKEY"; + case CKM_VENDOR_DEFINED + 0x20006: return "CKM_IBM_DH_PKCS_DERIVE_RAW"; + case CKM_VENDOR_DEFINED + 0x20007: return "CKM_IBM_ECDH1_DERIVE_RAW"; case CKM_VENDOR_DEFINED + 0x40001: return "CKM_IBM_RETAINKEY"; - case CKM_VENDOR_DEFINED + 0x10007: return "CKA_IBM_MACKEY"; default: TRACE_WARNING("%s unknown mechanism %lx\n", __func__, mechanism); return "UNKNOWN"; @@ -1537,6 +1548,8 @@ token_specific_object_add(OBJECT *obj) new_op.blob_size); return CKR_FUNCTION_FAILED; } + /* clear value attribute */ + memset(attr->pValue, 0, attr->ulValueLen); TRACE_INFO("%s rawkey_2_blob rc=0x%lx blob_size=0x%zx\n", __func__, rc, new_op.blob_size); @@ -3797,7 +3810,7 @@ CK_RV ep11tok_get_mechanism_info(CK_MECHANISM_TYPE type, return rc; } - /* The card operates always in a FISP mode that requires stronger + /* The card operates always in a FIPS mode that requires stronger * key sizes, but, in theory, can also operate with weaker key sizes. * Customers are not interested in theory but in what mechanism * they can use (mechanisms that are not rejected by the card). -- 1.7.9.5 ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
