[Spice-devel] [PATCH libcacard v2 02/35] vcard_emul: New function vcard_emul_rsa_bits
Marc-André Lureau
marcandre.lureau at gmail.com
Thu Aug 2 13:22:21 UTC 2018
Hi
On Thu, Aug 2, 2018 at 11:43 AM, Jakub Jelen <jjelen at redhat.com> wrote:
> * Introduce a new API to get the key size from the key to present it in
> CAC properties structures later
>
> Signed-off-by: Jakub Jelen <jjelen at redhat.com>
> Reviewed-by: Robert Relyea <rrelyea at redhat.com>
> ---
> docs/libcacard.txt | 4 ++++
> src/libcacard.syms | 1 +
> src/vcard_emul.h | 1 +
> src/vcard_emul_nss.c | 22 ++++++++++++++++++++++
> 4 files changed, 28 insertions(+)
>
> diff --git a/docs/libcacard.txt b/docs/libcacard.txt
> index acb70d2..f6cd46c 100644
> --- a/docs/libcacard.txt
> +++ b/docs/libcacard.txt
> @@ -350,6 +350,10 @@ and applet.
>
> This function does a raw rsa op on the buffer with the given key.
>
> + int vcard_emul_rsa_bits(VCardKey *key);
> +
> + This function returns the size of RSA key in bits.
> +
> The sample card type emulator is found in cac.c. It implements the cac specific
> applets. Only those applets needed by the coolkey pkcs#11 driver on the guest
> have been implemented. To support the full range CAC middleware, a complete CAC
> diff --git a/src/libcacard.syms b/src/libcacard.syms
> index 84dd2a5..04c0f89 100644
> --- a/src/libcacard.syms
> +++ b/src/libcacard.syms
> @@ -17,6 +17,7 @@ vcard_emul_options
> vcard_emul_replay_insertion_events
> vcard_emul_reset
> vcard_emul_rsa_op
> +vcard_emul_rsa_bits
why is this function exported?
(I think most vcard_emul functions shouldn't be exported in the first
place, but if there is no reason, let's not add more, and mark other
functions as deprecated)
> vcard_emul_type_from_string
> vcard_emul_type_select
> vcard_emul_usage
> diff --git a/src/vcard_emul.h b/src/vcard_emul.h
> index a552efb..ec64605 100644
> --- a/src/vcard_emul.h
> +++ b/src/vcard_emul.h
> @@ -47,6 +47,7 @@ void vcard_emul_logout(VCard *card);
> */
> /* delete a key */
> void vcard_emul_delete_key(VCardKey *key);
> +int vcard_emul_rsa_bits(VCardKey *key);
> /* RSA sign/decrypt with the key, signature happens 'in place' */
> vcard_7816_status_t vcard_emul_rsa_op(VCard *card, VCardKey *key,
> unsigned char *buffer, int buffer_size);
> diff --git a/src/vcard_emul_nss.c b/src/vcard_emul_nss.c
> index a93b00d..e213d7f 100644
> --- a/src/vcard_emul_nss.c
> +++ b/src/vcard_emul_nss.c
> @@ -213,6 +213,28 @@ vcard_emul_map_error(int error)
> return VCARD7816_STATUS_EXC_ERROR_CHANGE;
> }
>
> +/* get RSA bits */
> +int
> +vcard_emul_rsa_bits(VCardKey *key)
> +{
> + SECKEYPublicKey *pub_key;
> + int bits = -1;
> +
> + if (key == NULL) {
> + /* couldn't get the key, indicate that we aren't logged in */
> + return -1;
> + }
> + pub_key = CERT_ExtractPublicKey(key->cert);
> + if (pub_key == NULL) {
> + /* couldn't get the key, indicate that we aren't logged in */
> + return -1;
> + }
> +
> + bits = SECKEY_PublicKeyStrengthInBits(pub_key);
> + SECKEY_DestroyPublicKey(pub_key);
> + return bits;
> +}
> +
> /* RSA sign/decrypt with the key, signature happens 'in place' */
> vcard_7816_status_t
> vcard_emul_rsa_op(VCard *card, VCardKey *key,
> --
> 2.17.1
>
> _______________________________________________
> Spice-devel mailing list
> Spice-devel at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/spice-devel
--
Marc-André Lureau
More information about the Spice-devel
mailing list