p11-kit/0006-Add-support-for-missing-AES-and-DES-DES3-mechanisms.patch

From 1e86da126a191ec5b010ef86c6cfa15721a9bd0d Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Fri, 8 Apr 2022 12:36:51 +0200
Subject: [PATCH 06/11] Add support for missing AES and DES/DES3 mechanisms

They take a 16 byte (AES) or 8 byte (DES/DES3) IV as mechanism parameter.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
 p11-kit/rpc-message.c | 95 +++++++++++++++++++++++++++++++++++++++++++
 p11-kit/rpc-message.h | 18 ++++++++
 2 files changed, 113 insertions(+)

diff --git a/p11-kit/rpc-message.c b/p11-kit/rpc-message.c
index 40a4d9f..a574911 100644
--- a/p11-kit/rpc-message.c
+++ b/p11-kit/rpc-message.c
@@ -1552,6 +1552,86 @@ p11_rpc_buffer_get_ibm_attrbound_wrap_mechanism_value (p11_buffer *buffer,
 	return true;
 }
 
+void
+p11_rpc_buffer_add_aes_iv_mechanism_value (p11_buffer *buffer,
+					   const void *value,
+					   CK_ULONG value_length)
+{
+	/* Check if value can be converted to an AES IV. */
+	if (value_length != 16) {
+		p11_buffer_fail (buffer);
+		return;
+	}
+
+	p11_rpc_buffer_add_byte_array (buffer,
+				       (unsigned char *)value,
+				       value_length);
+}
+
+bool
+p11_rpc_buffer_get_aes_iv_mechanism_value (p11_buffer *buffer,
+					   size_t *offset,
+					   void *value,
+					   CK_ULONG *value_length)
+{
+	const unsigned char *data;
+	size_t len;
+
+	if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data, &len))
+		return false;
+
+	if (len != 16)
+		return false;
+
+	if (value)
+		memcpy (value, data, len);
+
+	if (value_length)
+		*value_length = len;
+
+	return true;
+}
+
+void
+p11_rpc_buffer_add_des_iv_mechanism_value (p11_buffer *buffer,
+					   const void *value,
+					   CK_ULONG value_length)
+{
+	/* Check if value can be converted to an DES IV. */
+	if (value_length != 8) {
+		p11_buffer_fail (buffer);
+		return;
+	}
+
+	p11_rpc_buffer_add_byte_array (buffer,
+				       (unsigned char *)value,
+				       value_length);
+}
+
+bool
+p11_rpc_buffer_get_des_iv_mechanism_value (p11_buffer *buffer,
+					   size_t *offset,
+					   void *value,
+					   CK_ULONG *value_length)
+{
+	const unsigned char *data;
+	size_t len;
+
+	if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data, &len))
+		return false;
+
+	if (len != 8)
+		return false;
+
+	if (value)
+		memcpy (value, data, len);
+
+	if (value_length)
+		*value_length = len;
+
+	return true;
+}
+
 static p11_rpc_mechanism_serializer p11_rpc_mechanism_serializers[] = {
 	{ CKM_RSA_PKCS_PSS, p11_rpc_buffer_add_rsa_pkcs_pss_mechanism_value, p11_rpc_buffer_get_rsa_pkcs_pss_mechanism_value },
 	{ CKM_SHA1_RSA_PKCS_PSS, p11_rpc_buffer_add_rsa_pkcs_pss_mechanism_value, p11_rpc_buffer_get_rsa_pkcs_pss_mechanism_value },
@@ -1564,6 +1644,21 @@ static p11_rpc_mechanism_serializer p11_rpc_mechanism_serializers[] = {
 	{ CKM_IBM_ATTRIBUTEBOUND_WRAP, p11_rpc_buffer_add_ibm_attrbound_wrap_mechanism_value, p11_rpc_buffer_get_ibm_attrbound_wrap_mechanism_value },
 	{ CKM_IBM_EC_X25519, p11_rpc_buffer_add_ecdh1_derive_mechanism_value, p11_rpc_buffer_get_ecdh1_derive_mechanism_value },
 	{ CKM_IBM_EC_X448, p11_rpc_buffer_add_ecdh1_derive_mechanism_value, p11_rpc_buffer_get_ecdh1_derive_mechanism_value },
+	{ CKM_AES_CBC, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
+	{ CKM_AES_CBC_PAD, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
+	{ CKM_AES_OFB, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
+	{ CKM_AES_CFB1, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
+	{ CKM_AES_CFB8, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
+	{ CKM_AES_CFB64, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
+	{ CKM_AES_CFB128, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
+	{ CKM_AES_CTS, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
+	{ CKM_DES_CBC, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
+	{ CKM_DES_CBC_PAD, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
+	{ CKM_DES3_CBC, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
+	{ CKM_DES3_CBC_PAD, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
+	{ CKM_DES_CFB8, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
+	{ CKM_DES_CFB64, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
+	{ CKM_DES_OFB64, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
 };
 
 static p11_rpc_mechanism_serializer p11_rpc_byte_array_mechanism_serializer = {
diff --git a/p11-kit/rpc-message.h b/p11-kit/rpc-message.h
index 66f512d..8c8119d 100644
--- a/p11-kit/rpc-message.h
+++ b/p11-kit/rpc-message.h
@@ -502,4 +502,22 @@ bool            p11_rpc_buffer_get_ibm_attrbound_wrap_mechanism_value
 							   void *value,
 							   CK_ULONG *value_length);
 
+void		p11_rpc_buffer_add_aes_iv_mechanism_value (p11_buffer *buffer,
+							   const void *value,
+							   CK_ULONG value_length);
+
+bool		p11_rpc_buffer_get_aes_iv_mechanism_value (p11_buffer *buffer,
+							   size_t *offset,
+							   void *value,
+							   CK_ULONG *value_length);
+
+void		p11_rpc_buffer_add_des_iv_mechanism_value (p11_buffer *buffer,
+							   const void *value,
+							   CK_ULONG value_length);
+
+bool		p11_rpc_buffer_get_des_iv_mechanism_value (p11_buffer *buffer,
+							   size_t *offset,
+							   void *value,
+							   CK_ULONG *value_length);
+
 #endif /* _RPC_MESSAGE_H */
-- 
2.38.1