Add support for some IBM specific mechanisms supported by OpenCryptoki for the RPC protocol #415
Commits on May 16, 2022
-
Add IBM specific mechanism and attributes
Signed-off-by: Ingo Franzki <[email protected]>
-
Add support for serializing CK_ECDH1_DERIVE_PARAMS mech param
Used by CKM_ECDH1_DERIVE, CKM_IBM_EC_X25519 and CKM_IBM_EC_X448. Signed-off-by: Ingo Franzki <[email protected]>
-
client: Allow zero part length at C_SignUpdate
Signed-off-by: Ingo Franzki <[email protected]>
-
Fix support of CKA_DERIVE_TEMPLATE
Signed-off-by: Ingo Franzki <[email protected]>
-
Add other SHA variants, also for RSA and EC signatures
Signed-off-by: Ingo Franzki <[email protected]>
-
Add support for missing AES and DES/DES3 mechanisms
They take a 16 byte (AES) or 8 byte (DES/DES3) IV as mechanism parameter. Signed-off-by: Ingo Franzki <[email protected]>
-
Add support for MAC and HMAC general mechanisms
The take a mechanism parameter of type CK_MAC_GENERAL_PARAMS which is a CK_ULONG. Signed-off-by: Ingo Franzki <[email protected]>
-
Add support for CKM_DH_PKCS_DERIVE
It takes the the public value of the other party as mechanism parameter. Signed-off-by: Ingo Franzki <[email protected]>
-
rpc: Handle special cases for buffer and length
When the buffer is not NULL, but the length is zero then treat this as an empty message. Serialize this in a special way so that the server can restore the same situation. Example: Terminate an operation via C_XxxFinal, but there is no more data for the final part. A call to C_XxxFinal with buffer=NULL and length=0 would be treated as a size query, and would not terminate the operation. So the way to terminate the operation without more data is to specify buffer!=NULL but length=0. When sending a byte array, and the buffer is NULL, and the length is zero, don't treat this is invalid, but as empty message. Example: C_XxxUpdate with an empty message. Signed-off-by: Ingo Franzki <[email protected]>
-
It takes a CK_AES_CTR_PARAMS structure as mechanism parameter. Signed-off-by: Ingo Franzki <[email protected]>
-
It takes a CK_GCM_PARAMS structure as mechanism parameter. Signed-off-by: Ingo Franzki <[email protected]>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.