fix for issue softhsm#628 - CKA_VALUE_LEN is synthetized on every sec…

…ret key
keldonin · Sep 23, 2021 · 2b57a18 · 2b57a18
1 parent 4975c0d
commit 2b57a18
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 6 deletions.
diff --git a/src/lib/SoftHSM.cpp b/src/lib/SoftHSM.cpp
@@ -7135,12 +7135,17 @@ CK_RV SoftHSM::C_UnwrapKey
 			// Secret Attributes
 			if (objClass == CKO_SECRET_KEY)
 			{
-				ByteString value;
-				if (isPrivate)
-					token->encrypt(keydata, value);
-				else
-					value = keydata;
-				bOK = bOK && osobject->setAttribute(CKA_VALUE, value);
+				// CKA_VALUE_LEN synthetized for all secret keys
+				bOK = bOK && osobject->setAttribute(CKA_VALUE_LEN, keydata.size());
+
+				if(bOK) {
+					ByteString value;
+					if (isPrivate)
+						token->encrypt(keydata, value);
+					else
+						value = keydata;
+					bOK = bOK && osobject->setAttribute(CKA_VALUE, value);
+				}
 			}
 			else if (keyType == CKK_RSA)
 			{

diff --git a/src/lib/test/SymmetricAlgorithmTests.cpp b/src/lib/test/SymmetricAlgorithmTests.cpp
@@ -1227,9 +1227,19 @@ void SymmetricAlgorithmTests::aesWrapUnwrapGeneric(CK_MECHANISM_TYPE mechanismTy
 	CPPUNIT_ASSERT(rv == CKR_OK);
 	CPPUNIT_ASSERT(hNew != CK_INVALID_HANDLE);
 
+	CK_ULONG returned_value_len = 0;
+	CK_ATTRIBUTE checkattribs[] = {
+		{ CKA_VALUE_LEN, &returned_value_len, sizeof returned_value_len },
+	};
+
+	rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hNew, checkattribs, sizeof(checkattribs)/sizeof(CK_ATTRIBUTE)) );
+	CPPUNIT_ASSERT(rv == CKR_OK);
+	CPPUNIT_ASSERT(returned_value_len == keyLen);
+
 	free(wrappedPtr);
 	wrappedPtr = NULL_PTR;
 	rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hSecret) );
+	rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hNew) );
 	CPPUNIT_ASSERT(rv == CKR_OK);
 }