File 0011-Add-support-for-CKM_AES_GCM.patch of Package p11-kit

Overview Repositories Revisions Requests Users Attributes Meta

File 0011-Add-support-for-CKM_AES_GCM.patch of Package p11-kit

From 733905eacbaf29aa807a416bbb3535f75b53a314 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Mon, 11 Apr 2022 11:43:12 +0200
Subject: [PATCH 11/11] Add support for CKM_AES_GCM

It takes a CK_GCM_PARAMS structure as mechanism parameter.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
 p11-kit/rpc-message.c | 70 +++++++++++++++++++++++++++++++++++++++++++
 p11-kit/rpc-message.h |  9 ++++++
 2 files changed, 79 insertions(+)

diff --git a/p11-kit/rpc-message.c b/p11-kit/rpc-message.c
index 7c92fb5..a4974b5 100644
--- a/p11-kit/rpc-message.c
+++ b/p11-kit/rpc-message.c
@@ -1653,6 +1653,75 @@ p11_rpc_buffer_get_aes_ctr_mechanism_value (p11_buffer *buffer,
 	return true;
 }
 
+void
+p11_rpc_buffer_add_aes_gcm_mechanism_value (p11_buffer *buffer,
+					    const void *value,
+					    CK_ULONG value_length)
+{
+	CK_GCM_PARAMS params;
+
+	/* Check if value can be converted to CK_GCM_PARAMS. */
+	if (value_length != sizeof (CK_GCM_PARAMS)) {
+		p11_buffer_fail (buffer);
+		return;
+	}
+
+	memcpy (&params, value, value_length);
+
+	/* Check if params.ulTagBits/ulIvBits can be converted to uint64_t. */
+	if (params.ulTagBits > UINT64_MAX || params.ulIvBits > UINT64_MAX) {
+		p11_buffer_fail (buffer);
+		return;
+	}
+
+	p11_rpc_buffer_add_byte_array (buffer,
+				       (unsigned char *)params.pIv,
+				       params.ulIvLen);
+	p11_rpc_buffer_add_uint64 (buffer, params.ulIvBits);
+	p11_rpc_buffer_add_byte_array (buffer,
+				       (unsigned char *)params.pAAD,
+				       params.ulAADLen);
+	p11_rpc_buffer_add_uint64 (buffer, params.ulTagBits);
+}
+
+bool
+p11_rpc_buffer_get_aes_gcm_mechanism_value (p11_buffer *buffer,
+					    size_t *offset,
+					    void *value,
+					    CK_ULONG *value_length)
+{
+	uint64_t val1, val2;
+	const unsigned char *data1, *data2;
+	size_t len1, len2;
+
+	if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data1, &len1))
+		return false;
+	if (!p11_rpc_buffer_get_uint64 (buffer, offset, &val1))
+		return false;
+	if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data2, &len2))
+		return false;
+	if (!p11_rpc_buffer_get_uint64 (buffer, offset, &val2))
+		return false;
+
+	if (value) {
+		CK_GCM_PARAMS params;
+
+		params.pIv = (void *) data1;
+		params.ulIvLen = len1;
+		params.ulIvBits = val1;
+		params.pAAD = (void *) data2;
+		params.ulAADLen = len2;
+		params.ulTagBits = val2;
+
+		memcpy (value, &params, sizeof (CK_GCM_PARAMS));
+	}
+
+	if (value_length)
+		*value_length = sizeof (CK_GCM_PARAMS);
+
+	return true;
+}
+
 void
 p11_rpc_buffer_add_des_iv_mechanism_value (p11_buffer *buffer,
 					   const void *value,
@@ -1800,6 +1869,7 @@ static p11_rpc_mechanism_serializer p11_rpc_mechanism_serializers[] = {
 	{ CKM_AES_CFB128, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
 	{ CKM_AES_CTS, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
 	{ CKM_AES_CTR, p11_rpc_buffer_add_aes_ctr_mechanism_value, p11_rpc_buffer_get_aes_ctr_mechanism_value },
+	{ CKM_AES_GCM, p11_rpc_buffer_add_aes_gcm_mechanism_value, p11_rpc_buffer_get_aes_gcm_mechanism_value },
 	{ CKM_DES_CBC, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
 	{ CKM_DES_CBC_PAD, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
 	{ CKM_DES3_CBC, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
diff --git a/p11-kit/rpc-message.h b/p11-kit/rpc-message.h
index 6998443..69c274c 100644
--- a/p11-kit/rpc-message.h
+++ b/p11-kit/rpc-message.h
@@ -520,6 +520,15 @@ bool		p11_rpc_buffer_get_aes_ctr_mechanism_value (p11_buffer *buffer,
 							    void *value,
 							    CK_ULONG *value_length);
 
+void		p11_rpc_buffer_add_aes_gcm_mechanism_value (p11_buffer *buffer,
+							    const void *value,
+							    CK_ULONG value_length);
+
+bool		p11_rpc_buffer_get_aes_gcm_mechanism_value (p11_buffer *buffer,
+							    size_t *offset,
+							    void *value,
+							    CK_ULONG *value_length);
+
 void		p11_rpc_buffer_add_des_iv_mechanism_value (p11_buffer *buffer,
 							   const void *value,
 							   CK_ULONG value_length);
-- 
2.38.1

Places

File 0011-Add-support-for-CKM_AES_GCM.patch of Package p11-kit

Places