More NSS fixes

* `C_Decrypt` should return `CKR_ENCRYPTED_DATA_INVALID` when decryption
  fails
* Fix Clang compiler error
* Fix RSA test for storage disabled
* Fix NSS + storage disabled compiling
* Declare `CKM_HKDF_KEY_GEN` in mechanism list

Author: LinuxJedi

src/crypto.c

@@ -2946,7 +2946,7 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
                                                  &decDataLen, obj,
                                                  WP11_Session_GetSlot(session));
             if (ret < 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             *pulDataLen = decDataLen;
             break;
         case CKM_RSA_PKCS:
@@ -2966,7 +2966,7 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
                                                  &decDataLen, obj,
                                                  WP11_Session_GetSlot(session));
             if (ret < 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             *pulDataLen = decDataLen;
             break;
     #ifndef WC_NO_RSA_OAEP
@@ -2988,7 +2988,7 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
                                                  (int)ulEncryptedDataLen, pData,
                                                  &decDataLen, obj, session);
             if (ret < 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             *pulDataLen = decDataLen;
             break;
     #endif
@@ -3010,7 +3010,7 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
             ret = WP11_AesCbc_Decrypt(pEncryptedData, (int)ulEncryptedDataLen,
                                               pData, &decDataLen, session);
             if (ret < 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             *pulDataLen = decDataLen;
             break;
         case CKM_AES_CBC_PAD:
@@ -3029,7 +3029,7 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
                                                  (int)ulEncryptedDataLen, pData,
                                                  &decDataLen, session);
             if (ret < 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             *pulDataLen = decDataLen;
             break;
     #endif
@@ -3049,7 +3049,7 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
             ret = WP11_AesCtr_Do(pEncryptedData,
                     (word32)ulEncryptedDataLen, pData, &decDataLen, session);
             if (ret != 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             *pulDataLen = decDataLen;
             break;
     #endif
@@ -3070,7 +3070,7 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
             ret = WP11_AesGcm_Decrypt(pEncryptedData, (int)ulEncryptedDataLen,
                                               pData, &decDataLen, obj, session);
             if (ret < 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             *pulDataLen = decDataLen;
             break;
     #endif
@@ -3091,7 +3091,7 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
             ret = WP11_AesCcm_Decrypt(pEncryptedData, (int)ulEncryptedDataLen,
                                       pData, &decDataLen, obj, session);
             if (ret < 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             *pulDataLen = decDataLen;
             break;
     #endif
@@ -3111,7 +3111,7 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
             ret = WP11_AesEcb_Decrypt(pEncryptedData, (int)ulEncryptedDataLen,
                                       pData, &decDataLen, obj, session);
             if (ret < 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             *pulDataLen = decDataLen;
             break;
     #endif
@@ -3133,7 +3133,7 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
             if (ret == BUFFER_E)
                 return CKR_BUFFER_TOO_SMALL;
             if (ret < 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             *pulDataLen = decDataLen;
             break;
     #endif
@@ -3157,15 +3157,15 @@ CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
             ret = WP11_AesKeyWrap_Decrypt(pEncryptedData,
                     (word32)ulEncryptedDataLen, pData, &decDataLen, session);
             if (ret != 0)
-                return CKR_FUNCTION_FAILED;
+                return CKR_ENCRYPTED_DATA_INVALID;
             if (mechanism == CKM_AES_KEY_WRAP_PAD) {
                 int i;
                 byte padValue = pData[decDataLen - 1];
                 if (padValue > KEYWRAP_BLOCK_SIZE || padValue > decDataLen)
-                    return CKR_FUNCTION_FAILED;
+                    return CKR_ENCRYPTED_DATA_LEN_RANGE;
                 for (i = 0; i < padValue; i++) {
                     if (pData[decDataLen - 1 - i] != padValue)
-                        return CKR_FUNCTION_FAILED;
+                        return CKR_ENCRYPTED_DATA_INVALID;
                 }
                 decDataLen -= padValue;
             }
@@ -6747,7 +6747,7 @@ CK_RV C_UnwrapKey(CK_SESSION_HANDLE hSession,
                 return CKR_HOST_MEMORY;
 
             decryptedLen = (word32)ulUnwrappedLen;
-            ret = WP11_RsaPkcs15_PrivateDecrypt(pWrappedKey, ulWrappedKeyLen,
+            ret = WP11_RsaPkcs15_PrivateDecrypt(pWrappedKey, decryptedLen,
                                                 workBuffer, &decryptedLen,
                                                 unwrappingKey,
                                                 WP11_Session_GetSlot(session));

src/slot.c

@@ -357,6 +357,7 @@ static CK_MECHANISM_TYPE mechanismList[] = {
 #ifdef WOLFPKCS11_HKDF
     CKM_HKDF_DERIVE,
     CKM_HKDF_DATA,
+    CKM_HKDF_KEY_GEN,
 #endif
 #ifndef NO_DH
     CKM_DH_PKCS_KEY_PAIR_GEN,

src/wolfpkcs11.c

@@ -111,7 +111,7 @@ CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList)
 {
     CK_RV ret;
     WOLFPKCS11_ENTER("C_GetFunctionList");
-    
+
     if (ppFunctionList == NULL) {
         ret = CKR_ARGUMENTS_BAD;
         WOLFPKCS11_LEAVE("C_GetFunctionList", ret);
@@ -124,7 +124,7 @@ CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList)
     return ret;
 }
 
-#ifdef WOLFPKCS11_NSS
+#if (defined(WOLFPKCS11_NSS) && !defined(WOLFPKCS11_NO_STORE))
 /*
  * Parse a string of NSS configuration parameters. For now only the
  * configdir parameter is supported.
@@ -197,7 +197,7 @@ CK_RV C_Initialize(CK_VOID_PTR pInitArgs)
     if (args != NULL) {
         WOLFPKCS11_MSG("Warning: C_Initialize called with arguments, but most "
                        "are ignored.");
-#ifdef WOLFPKCS11_NSS
+#if (defined(WOLFPKCS11_NSS) && !defined(WOLFPKCS11_NO_STORE))
         if (args->LibraryParameters != NULL) {
             char* configdir = NULL;
             size_t configdirLen = 0;
@@ -241,7 +241,7 @@ CK_RV C_Finalize(CK_VOID_PTR pReserved)
 {
     CK_RV ret;
     WOLFPKCS11_ENTER("C_Finalize");
-    
+
     WP11_Library_Final();
 
     (void)pReserved;
@@ -271,7 +271,7 @@ CK_RV C_GetInfo(CK_INFO_PTR pInfo)
 {
     CK_RV ret;
     WOLFPKCS11_ENTER("C_GetInfo");
-    
+
     if (!WP11_Library_IsInitialized()) {
         ret = CKR_CRYPTOKI_NOT_INITIALIZED;
         WOLFPKCS11_LEAVE("C_GetInfo", ret);
@@ -288,4 +288,3 @@ CK_RV C_GetInfo(CK_INFO_PTR pInfo)
     WOLFPKCS11_LEAVE("C_GetInfo", ret);
     return ret;
 }
-

tests/pkcs11test.c

@@ -4349,6 +4349,7 @@ static CK_RV find_rsa_priv_key_label(CK_SESSION_HANDLE session,
 }
 #endif
 
+#ifndef WOLFPKCS11_NO_STORE
 static CK_RV test_rsa_wrap_unwrap_key(void* args)
 {
     CK_SESSION_HANDLE session = *(CK_SESSION_HANDLE*)args;
@@ -4375,10 +4376,11 @@ static CK_RV test_rsa_wrap_unwrap_key(void* args)
     if (ret == CKR_OK) {
         ret = get_rsa_pub_key(session, NULL, 0, &wrappingPubKey);
     }
-    
+
     /* Create a secret key to wrap */
     if (ret == CKR_OK) {
-        ret = get_generic_key(session, keyData, sizeof(keyData), CK_FALSE, &key);
+        ret = get_generic_key(session, keyData, sizeof(keyData), CK_FALSE,
+                              &key);
     }
 
     /* Test wrapping with RSA public key */
@@ -4402,7 +4404,8 @@ static CK_RV test_rsa_wrap_unwrap_key(void* args)
 
     /* Test getting wrapped key length */
     if (ret == CKR_OK) {
-        ret = get_generic_key(session, keyData, sizeof(keyData), CK_FALSE, &key);
+        ret = get_generic_key(session, keyData, sizeof(keyData), CK_FALSE,
+                              &key);
         if (ret == CKR_OK) {
             CK_ULONG testLen = 0;
             ret = funcList->C_WrapKey(session, &mech, wrappingPubKey, key,
@@ -4446,7 +4449,8 @@ static CK_RV test_rsa_wrap_unwrap_key(void* args)
     /* Test buffer too small error */
     if (ret == CKR_OK) {
         /* Create fresh key for this test since original was destroyed */
-        ret = get_generic_key(session, keyData, sizeof(keyData), CK_FALSE, &key);
+        ret = get_generic_key(session, keyData, sizeof(keyData), CK_FALSE,
+                              &key);
         if (ret == CKR_OK) {
             CK_ULONG smallLen = 1;
             CK_RV wrapRet = funcList->C_WrapKey(session, &mech, wrappingPubKey,
@@ -4464,6 +4468,7 @@ static CK_RV test_rsa_wrap_unwrap_key(void* args)
 
     return ret;
 }
+#endif
 
 static CK_RV test_attributes_rsa(void* args)
 {
@@ -13749,7 +13754,7 @@ static TEST_FUNC testFunc[] = {
     PKCS11TEST_FUNC_SESS_DECL(test_aes_wrap_unwrap_pad_key),
 #endif
     PKCS11TEST_FUNC_SESS_DECL(test_wrap_unwrap_key),
-#ifndef NO_RSA
+#if (!defined(NO_RSA) && !defined(WOLFPKCS11_NO_STORE))
     PKCS11TEST_FUNC_SESS_DECL(test_rsa_wrap_unwrap_key),
 #endif
 #ifndef NO_DH