From 6876edea5a01bd2809748b402d4d640f5d6bebe3 Mon Sep 17 00:00:00 2001 From: Pol Henarejos Date: Tue, 29 Mar 2022 19:06:00 +0200 Subject: [PATCH] Some fix in encode key Signed-off-by: Pol Henarejos --- src/hsm/dkek.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/hsm/dkek.c b/src/hsm/dkek.c index 3126e42..7610f6a 100644 --- a/src/hsm/dkek.c +++ b/src/hsm/dkek.c @@ -175,8 +175,13 @@ int dkek_encode_key(void *key_ctx, int key_type, uint8_t *out, size_t *out_len) mbedtls_mpi_write_binary(&rsa->N, kb+8+kb_len, mbedtls_mpi_size(&rsa->N)); kb_len += mbedtls_mpi_size(&rsa->N); put_uint16_t(mbedtls_mpi_size(&rsa->E), kb+8+kb_len); kb_len += 2; mbedtls_mpi_write_binary(&rsa->E, kb+8+kb_len, mbedtls_mpi_size(&rsa->E)); kb_len += mbedtls_mpi_size(&rsa->E); + + algo = "\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x01\x02"; + algo_len = 12; } else if (key_type & HSM_KEY_EC) { + if (*out_len < 8+1+10+6+4+48+16) + return HSM_WRONG_LENGTH; mbedtls_ecdsa_context *ecdsa = (mbedtls_ecdsa_context *)key_ctx; kb_len = 0; put_uint16_t(mbedtls_mpi_size(&ecdsa->grp.P)*8, kb+8+kb_len); kb_len += 2; @@ -198,6 +203,9 @@ int dkek_encode_key(void *key_ctx, int key_type, uint8_t *out, size_t *out_len) kb[8+kb_len++] = 0x4; mbedtls_mpi_write_binary(&ecdsa->Q.X, kb+8+kb_len, mbedtls_mpi_size(&ecdsa->Q.X)); kb_len += mbedtls_mpi_size(&ecdsa->Q.X); mbedtls_mpi_write_binary(&ecdsa->Q.Y, kb+8+kb_len, mbedtls_mpi_size(&ecdsa->Q.Y)); kb_len += mbedtls_mpi_size(&ecdsa->Q.Y); + + algo = "\x00\x0A\x04\x00\x7F\x00\x07\x02\x02\x02\x02\x03"; + algo_len = 12; } memset(out, 0, *out_len); *out_len = 0; @@ -205,11 +213,11 @@ int dkek_encode_key(void *key_ctx, int key_type, uint8_t *out, size_t *out_len) memcpy(out+*out_len, kcv, 8); *out_len += 8; - if (key_type == HSM_KEY_AES) + if (key_type & HSM_KEY_AES) out[*out_len] = 15; - else if (key_type == HSM_KEY_RSA) + else if (key_type & HSM_KEY_RSA) out[*out_len] = 5; - else if (key_type == HSM_KEY_EC) + else if (key_type & HSM_KEY_EC) out[*out_len] = 12; *out_len += 1;