@@ -2413,7 +2413,8 @@ static int wp11_Object_Store_RsaKey(WP11_Object* object, int tokenId, int objId)
24132413 storeType = WOLFPKCS11_STORE_RSAKEY_PUB ;
24142414
24152415 /* Open access to RSA key. */
2416- ret = wp11_storage_open (storeType , tokenId , objId , object -> keyDataLen ,
2416+ if (ret == 0 )
2417+ ret = wp11_storage_open (storeType , tokenId , objId , object -> keyDataLen ,
24172418 & storage );
24182419 if (ret == 0 ) {
24192420 /* Write encoded RSA key to storage. */
@@ -2608,7 +2609,8 @@ static int wp11_Object_Store_EccKey(WP11_Object* object, int tokenId, int objId)
26082609 storeType = WOLFPKCS11_STORE_ECCKEY_PUB ;
26092610
26102611 /* Open access to ECC key. */
2611- ret = wp11_storage_open (storeType , tokenId , objId , object -> keyDataLen ,
2612+ if (ret == 0 )
2613+ ret = wp11_storage_open (storeType , tokenId , objId , object -> keyDataLen ,
26122614 & storage );
26132615 if (ret == 0 ) {
26142616 /* Write encoded ECC key to storage. */
@@ -2935,8 +2937,10 @@ static int wp11_Object_Store_DhKey(WP11_Object* object, int tokenId, int objId)
29352937 storeType = WOLFPKCS11_STORE_DHKEY_PUB ;
29362938
29372939 /* Open access to DH key. */
2938- ret = wp11_storage_open (storeType , tokenId , objId , object -> keyDataLen + len ,
2939- & storage );
2940+ if (ret == 0 )
2941+ ret = wp11_storage_open (storeType , tokenId , objId ,
2942+ object -> keyDataLen + len , & storage );
2943+
29402944 if (ret == 0 ) {
29412945 ret = wp11_storage_write_array (storage , object -> keyData ,
29422946 object -> keyDataLen );
@@ -3059,7 +3063,8 @@ static int wp11_Object_Store_SymmKey(WP11_Object* object, int tokenId,
30593063 }
30603064
30613065 /* Open access to symmetric key. */
3062- ret = wp11_storage_open (WOLFPKCS11_STORE_SYMMKEY , tokenId , objId ,
3066+ if (ret == 0 )
3067+ ret = wp11_storage_open (WOLFPKCS11_STORE_SYMMKEY , tokenId , objId ,
30633068 object -> keyDataLen , & storage );
30643069 if (ret == 0 ) {
30653070 /* Write symmetric key to storage. */
@@ -5662,61 +5667,61 @@ int WP11_Object_SetRsaKey(WP11_Object* object, unsigned char** data,
56625667
56635668 key = & object -> data .rsaKey ;
56645669 ret = wc_InitRsaKey_ex (key , NULL , object -> slot -> devId );
5670+ if (ret == 0 )
5671+ ret = SetMPI (& key -> d , data [1 ], (int )len [1 ]);
5672+ if (ret == 0 )
5673+ ret = SetMPI (& key -> p , data [2 ], (int )len [2 ]);
5674+ if (ret == 0 )
5675+ ret = SetMPI (& key -> q , data [3 ], (int )len [3 ]);
5676+ /* If modulus is not provided, calculate it */
56655677 if (ret == 0 ) {
5666- if (ret == 0 )
5667- ret = SetMPI (& key -> d , data [1 ], (int )len [1 ]);
5668- if (ret == 0 )
5669- ret = SetMPI (& key -> p , data [2 ], (int )len [2 ]);
5670- if (ret == 0 )
5671- ret = SetMPI (& key -> q , data [3 ], (int )len [3 ]);
5672- /* If modulus is not provided, calculate it */
56735678 if (data [0 ] == NULL || len [0 ] == 0 ) {
56745679 ret = mp_mul (& key -> p , & key -> q , & key -> n );
56755680 } else {
56765681 ret = SetMPI (& key -> n , data [0 ], (int )len [0 ]);
56775682 }
5678- if (ret == 0 )
5679- ret = SetMPI (& key -> dP , data [4 ], (int )len [4 ]);
5680- if (ret == 0 )
5681- ret = SetMPI (& key -> dQ , data [5 ], (int )len [5 ]);
5682- if (ret == 0 )
5683- ret = SetMPI (& key -> u , data [6 ], (int )len [6 ]);
5684- if (ret == 0 ) {
5685- /* Public exponent defaults to 65537 in PKCS11 > 2.11 */
5686- if (len [7 ] > 0 )
5687- ret = SetMPI (& key -> e , data [7 ], (int )len [7 ]);
5688- else {
5689- byte defaultPublic [] = {0x01 , 0x00 , 0x01 };
5690- ret = SetMPI (& key -> e , defaultPublic , sizeof (defaultPublic ));
5691- }
5692- }
5693- if (ret == 0 ) {
5694- if (len [8 ] == sizeof (CK_ULONG ))
5695- object -> size = (word32 )* (CK_ULONG * )data [8 ];
5696- else if (len [8 ] != 0 )
5697- ret = BUFFER_E ;
5683+ }
5684+ if (ret == 0 )
5685+ ret = SetMPI (& key -> dP , data [4 ], (int )len [4 ]);
5686+ if (ret == 0 )
5687+ ret = SetMPI (& key -> dQ , data [5 ], (int )len [5 ]);
5688+ if (ret == 0 )
5689+ ret = SetMPI (& key -> u , data [6 ], (int )len [6 ]);
5690+ if (ret == 0 ) {
5691+ /* Public exponent defaults to 65537 in PKCS11 > 2.11 */
5692+ if (len [7 ] > 0 )
5693+ ret = SetMPI (& key -> e , data [7 ], (int )len [7 ]);
5694+ else {
5695+ byte defaultPublic [] = {0x01 , 0x00 , 0x01 };
5696+ ret = SetMPI (& key -> e , defaultPublic , sizeof (defaultPublic ));
56985697 }
5699- if (ret == 0 ) {
5700- if (mp_iszero (& key -> d ) && mp_iszero (& key -> p )) {
5701- key -> type = RSA_PUBLIC ;
5702- }
5703- else {
5704- key -> type = RSA_PRIVATE ;
5705- }
5698+ }
5699+ if (ret == 0 ) {
5700+ if (len [8 ] == sizeof (CK_ULONG ))
5701+ object -> size = (word32 )* (CK_ULONG * )data [8 ];
5702+ else if (len [8 ] != 0 )
5703+ ret = BUFFER_E ;
5704+ }
5705+ if (ret == 0 ) {
5706+ if (mp_iszero (& key -> d ) && mp_iszero (& key -> p )) {
5707+ key -> type = RSA_PUBLIC ;
57065708 }
5707- #ifdef WOLFPKCS11_TPM
5708- if (ret == 0 && key -> type == RSA_PRIVATE ) {
5709- /* load private key - populates handle */
5710- object -> slot -> tpmCtx .rsaKey = (WOLFTPM2_KEY * )& object -> tpmKey ;
5711- ret = wolfTPM2_RsaKey_WolfToTpm_ex (& object -> slot -> tpmDev ,
5712- & object -> slot -> tpmSrk , & object -> data .rsaKey ,
5713- (WOLFTPM2_KEY * )& object -> tpmKey );
5709+ else {
5710+ key -> type = RSA_PRIVATE ;
57145711 }
5715- #endif
5716-
5717- if (ret != 0 )
5718- wc_FreeRsaKey (key );
57195712 }
5713+ #ifdef WOLFPKCS11_TPM
5714+ if (ret == 0 && key -> type == RSA_PRIVATE ) {
5715+ /* load private key - populates handle */
5716+ object -> slot -> tpmCtx .rsaKey = (WOLFTPM2_KEY * )& object -> tpmKey ;
5717+ ret = wolfTPM2_RsaKey_WolfToTpm_ex (& object -> slot -> tpmDev ,
5718+ & object -> slot -> tpmSrk , & object -> data .rsaKey ,
5719+ (WOLFTPM2_KEY * )& object -> tpmKey );
5720+ }
5721+ #endif
5722+
5723+ if (ret != 0 )
5724+ wc_FreeRsaKey (key );
57205725
57215726 if (object -> onToken )
57225727 WP11_Lock_UnlockRW (object -> lock );
@@ -6892,7 +6897,7 @@ int WP11_Object_SetAttr(WP11_Object* object, CK_ATTRIBUTE_TYPE type, byte* data,
68926897 WP11_Object_SetOpFlag (object , CKF_WRAP , * (CK_BBOOL * )data );
68936898 break ;
68946899 case CKA_UNWRAP :
6895- WP11_Object_SetOpFlag (object , CKF_WRAP , * (CK_BBOOL * )data );
6900+ WP11_Object_SetOpFlag (object , CKF_UNWRAP , * (CK_BBOOL * )data );
68966901 break ;
68976902 case CKA_DERIVE :
68986903 WP11_Object_SetOpFlag (object , CKF_DERIVE , * (CK_BBOOL * )data );
@@ -7007,10 +7012,8 @@ int WP11_Object_SetAttr(WP11_Object* object, CK_ATTRIBUTE_TYPE type, byte* data,
70077012 break ;
70087013 case CKA_KEY_TYPE :
70097014 /* Handled in layer above */
7010- break ;
70117015 case CKA_TOKEN :
70127016 /* Handled in layer above */
7013- break ;
70147017 case CKA_CERTIFICATE_TYPE :
70157018 /* Handled in WP11_Object_SetCert */
70167019 break ;
0 commit comments