From 2b57a1884a345929dda86f84d252a80584a46d17 Mon Sep 17 00:00:00 2001 From: Eric Devolder Date: Thu, 23 Sep 2021 07:18:55 +0000 Subject: [PATCH] fix for issue #628 - CKA_VALUE_LEN is synthetized on every secret key --- src/lib/SoftHSM.cpp | 17 +++++++++++------ src/lib/test/SymmetricAlgorithmTests.cpp | 10 ++++++++++ 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/src/lib/SoftHSM.cpp b/src/lib/SoftHSM.cpp index dac68a3c6..9bf5920aa 100644 --- a/src/lib/SoftHSM.cpp +++ b/src/lib/SoftHSM.cpp @@ -7135,12 +7135,17 @@ CK_RV SoftHSM::C_UnwrapKey // Secret Attributes if (objClass == CKO_SECRET_KEY) { - ByteString value; - if (isPrivate) - token->encrypt(keydata, value); - else - value = keydata; - bOK = bOK && osobject->setAttribute(CKA_VALUE, value); + // CKA_VALUE_LEN synthetized for all secret keys + bOK = bOK && osobject->setAttribute(CKA_VALUE_LEN, keydata.size()); + + if(bOK) { + ByteString value; + if (isPrivate) + token->encrypt(keydata, value); + else + value = keydata; + bOK = bOK && osobject->setAttribute(CKA_VALUE, value); + } } else if (keyType == CKK_RSA) { diff --git a/src/lib/test/SymmetricAlgorithmTests.cpp b/src/lib/test/SymmetricAlgorithmTests.cpp index f6353f607..ef89b4557 100644 --- a/src/lib/test/SymmetricAlgorithmTests.cpp +++ b/src/lib/test/SymmetricAlgorithmTests.cpp @@ -1227,9 +1227,19 @@ void SymmetricAlgorithmTests::aesWrapUnwrapGeneric(CK_MECHANISM_TYPE mechanismTy CPPUNIT_ASSERT(rv == CKR_OK); CPPUNIT_ASSERT(hNew != CK_INVALID_HANDLE); + CK_ULONG returned_value_len = 0; + CK_ATTRIBUTE checkattribs[] = { + { CKA_VALUE_LEN, &returned_value_len, sizeof returned_value_len }, + }; + + rv = CRYPTOKI_F_PTR( C_GetAttributeValue(hSession, hNew, checkattribs, sizeof(checkattribs)/sizeof(CK_ATTRIBUTE)) ); + CPPUNIT_ASSERT(rv == CKR_OK); + CPPUNIT_ASSERT(returned_value_len == keyLen); + free(wrappedPtr); wrappedPtr = NULL_PTR; rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hSecret) ); + rv = CRYPTOKI_F_PTR( C_DestroyObject(hSession, hNew) ); CPPUNIT_ASSERT(rv == CKR_OK); }