New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement more options, for p11kcv
#60
base: master
Are you sure you want to change the base?
Conversation
@@ -223,6 +223,7 @@ typedef enum { | |||
sha512 | |||
} hash_alg_t ; | |||
|
|||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Whitespace
@@ -31,9 +32,10 @@ | |||
#define LABEL_WIDTH 32 | |||
#endif | |||
|
|||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Whitespace
@@ -90,6 +92,9 @@ void pkcs11_display_kcv( pkcs11Context *p11Context, char *label, unsigned hmacda | |||
_ATTR(CKA_KEY_TYPE), | |||
_ATTR(CKA_ID), | |||
_ATTR(CKA_LABEL), | |||
_ATTR(CKA_CHECK_VALUE), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Alignment
@@ -31,9 +32,10 @@ | |||
#define LABEL_WIDTH 32 | |||
#endif | |||
|
|||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Whitespace
/* target must point to a location with at least 3 bytes left */ | ||
|
||
void pkcs11_display_kcv( pkcs11Context *p11Context, char *label, unsigned hmacdatasize ) | ||
void pkcs11_display_kcv( pkcs11Context *p11Context, char *label, unsigned hmacdatasize, mac_alg_t algo, size_t num_bytes) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This function is too big. Consider chunking it down into smaller support functions and doing away with the nested switch statements.
CK_MECHANISM des_ecb = { CKM_DES_ECB, NULL_PTR, 0 }; | ||
CK_MECHANISM des_mac = { CKM_DES_MAC, NULL_PTR, 0 }; | ||
|
||
CK_MECHANISM des3_ecb = { CKM_DES3_ECB, NULL_PTR, 0 }; | ||
CK_MECHANISM des3_mac = { CKM_DES3_MAC, NULL_PTR, 0 }; | ||
CK_MECHANISM des3_cmac = { CKM_DES3_CMAC, NULL_PTR, 0 }; | ||
|
||
CK_MECHANISM aes_ecb = { CKM_AES_ECB, NULL_PTR, 0 }; | ||
CK_MECHANISM aes_mac = { CKM_AES_MAC, NULL_PTR, 0 }; | ||
CK_MECHANISM aes_cmac = { CKM_AES_CMAC, NULL_PTR, 0 }; | ||
CK_MECHANISM m_aes_xcbc_mac = { CKM_AES_XCBC_MAC, NULL_PTR, 0}; | ||
CK_MECHANISM m_aes_xcbc_mac_96 = { CKM_AES_XCBC_MAC_96, NULL_PTR, 0}; | ||
|
||
CK_MECHANISM sha1_hmac = { CKM_SHA_1_HMAC, NULL_PTR, 0 }; | ||
CK_MECHANISM sha224_hmac = { CKM_SHA224_HMAC, NULL_PTR, 0 }; | ||
CK_MECHANISM sha256_hmac = { CKM_SHA256_HMAC, NULL_PTR, 0 }; | ||
CK_MECHANISM sha384_hmac = { CKM_SHA384_HMAC, NULL_PTR, 0 }; | ||
CK_MECHANISM sha512_hmac = { CKM_SHA512_HMAC, NULL_PTR, 0 }; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Predefining these seems like overkill since only one mechanism will be used.
This PR brings the following features:
CKA_CHECK_VALUE
can be used (when present)This PR should address the requests from issue #59.