[Spice-devel] [PATCH libcacard 14/45] vcard_emul: New function vcard_emul_rsa_bits

Tue Jul 31 14:50:08 UTC 2018

* Introduce a new API to get the key size from the key to present it in
   CAC properties structures later

Signed-off-by: Jakub Jelen <jjelen at redhat.com>
Reviewed-by: Robert Relyea <rrelyea at redhat.com>
---
 docs/libcacard.txt   |  4 ++++
 src/libcacard.syms   |  1 +
 src/vcard_emul.h     |  1 +
 src/vcard_emul_nss.c | 22 ++++++++++++++++++++++
 4 files changed, 28 insertions(+)

diff --git a/docs/libcacard.txt b/docs/libcacard.txt
index b6ae392..324dcb8 100644
--- a/docs/libcacard.txt
+++ b/docs/libcacard.txt
@@ -350,6 +350,10 @@ and applet.
 
      This function does a raw rsa op on the buffer with the given key.
 
+         int vcard_emul_rsa_bits(VCardKey *key);
+
+     This function returns the size of RSA key in bits.
+
 The sample card type emulator is found in cac.c. It implements the cac specific
 applets.  Only those applets needed by the coolkey pkcs#11 driver on the guest
 have been implemented. To support the full range CAC middleware, a complete CAC
diff --git a/src/libcacard.syms b/src/libcacard.syms
index 84dd2a5..04c0f89 100644
--- a/src/libcacard.syms
+++ b/src/libcacard.syms
@@ -17,6 +17,7 @@ vcard_emul_options
 vcard_emul_replay_insertion_events
 vcard_emul_reset
 vcard_emul_rsa_op
+vcard_emul_rsa_bits
 vcard_emul_type_from_string
 vcard_emul_type_select
 vcard_emul_usage
diff --git a/src/vcard_emul.h b/src/vcard_emul.h
index a552efb..ec64605 100644
--- a/src/vcard_emul.h
+++ b/src/vcard_emul.h
@@ -47,6 +47,7 @@ void vcard_emul_logout(VCard *card);
  */
 /* delete a key */
 void vcard_emul_delete_key(VCardKey *key);
+int vcard_emul_rsa_bits(VCardKey *key);
 /* RSA sign/decrypt with the key, signature happens 'in place' */
 vcard_7816_status_t vcard_emul_rsa_op(VCard *card, VCardKey *key,
                                   unsigned char *buffer, int buffer_size);
diff --git a/src/vcard_emul_nss.c b/src/vcard_emul_nss.c
index a93b00d..e213d7f 100644
--- a/src/vcard_emul_nss.c
+++ b/src/vcard_emul_nss.c
@@ -213,6 +213,28 @@ vcard_emul_map_error(int error)
     return VCARD7816_STATUS_EXC_ERROR_CHANGE;
 }
 
+/* get RSA bits */
+int
+vcard_emul_rsa_bits(VCardKey *key)
+{
+    SECKEYPublicKey *pub_key;
+    int bits = -1;
+
+    if (key == NULL) {
+        /* couldn't get the key, indicate that we aren't logged in */
+        return -1;
+    }
+    pub_key = CERT_ExtractPublicKey(key->cert);
+    if (pub_key == NULL) {
+        /* couldn't get the key, indicate that we aren't logged in */
+        return -1;
+    }
+
+    bits = SECKEY_PublicKeyStrengthInBits(pub_key);
+    SECKEY_DestroyPublicKey(pub_key);
+    return bits;
+}
+
 /* RSA sign/decrypt with the key, signature happens 'in place' */
 vcard_7816_status_t
 vcard_emul_rsa_op(VCard *card, VCardKey *key,
-- 
2.17.1

