Compare commits
No commits in common. "c8" and "c9s" have entirely different histories.
|
|
@ -1,3 +1,45 @@
|
|||
SOURCES/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg
|
||||
SOURCES/p11-kit-0.23.22.tar.xz
|
||||
SOURCES/p11-kit-0.23.22.tar.xz.sig
|
||||
/p11-kit-*.tar.gz
|
||||
/.*.log
|
||||
/*.src.rpm
|
||||
/p11-kit-0.*/
|
||||
/x86_64/
|
||||
/trust-extract-compat
|
||||
/p11-kit-0.23.9.tar.gz
|
||||
/p11-kit-client.service
|
||||
/trust-extract-compat
|
||||
/p11-kit-0.23.9.tar.gz
|
||||
/p11-kit-client.service
|
||||
/trust-extract-compat
|
||||
/p11-kit-0.23.10.tar.gz
|
||||
/p11-kit-client.service
|
||||
/trust-extract-compat
|
||||
/p11-kit-0.23.12.tar.gz
|
||||
/p11-kit-client.service
|
||||
/trust-extract-compat
|
||||
/p11-kit-0.23.14.tar.gz
|
||||
/p11-kit-client.service
|
||||
/trust-extract-compat
|
||||
/p11-kit-0.23.15.tar.gz
|
||||
/p11-kit-client.service
|
||||
/trust-extract-compat
|
||||
/p11-kit-0.23.16.tar.gz
|
||||
/p11-kit-client.service
|
||||
/trust-extract-compat
|
||||
/p11-kit-0.23.16.1.tar.gz
|
||||
/p11-kit-client.service
|
||||
/trust-extract-compat
|
||||
/p11-kit-0.23.18.1.tar.gz
|
||||
/p11-kit-0.23.19.tar.xz
|
||||
/p11-kit-0.23.19.tar.xz.sig
|
||||
/p11-kit-0.23.20.tar.xz
|
||||
/p11-kit-0.23.21.tar.xz
|
||||
/p11-kit-0.23.22.tar.xz
|
||||
/p11-kit-0.24.0.tar.xz
|
||||
/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg
|
||||
/p11-kit-0.24.1.tar.xz
|
||||
/p11-kit-0.24.1.tar.xz.sig
|
||||
/p11-kit-0.25.2.tar.xz
|
||||
/p11-kit-0.25.2.tar.xz.sig
|
||||
/p11-kit-release-keyring.gpg
|
||||
/p11-kit-0.25.3.tar.xz
|
||||
/p11-kit-0.25.3.tar.xz.sig
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
526f07b62624739ba318a171bab3352af91d0134 SOURCES/gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg
|
||||
339e5163ed50a9984a74739b9207ea8cd77fa7e2 SOURCES/p11-kit-0.23.22.tar.xz
|
||||
1ab50d9f01bb186c60c32b56467c6f9f56e365da SOURCES/p11-kit-0.23.22.tar.xz.sig
|
||||
6fecd5be3ee12d07f6f61a65e18523ee03e0f925 p11-kit-release-keyring.gpg
|
||||
796f3b69cad054a52e04f520459beaaab936b99f p11-kit-0.25.3.tar.xz
|
||||
4133131840ef3f9609403fe391ce414878bcb9f1 p11-kit-0.25.3.tar.xz.sig
|
||||
|
|
|
|||
|
|
@ -0,0 +1,298 @@
|
|||
From 58cd1c05e001a4fe250c15f3599e79974bc509e3 Mon Sep 17 00:00:00 2001
|
||||
From: Zoltan Fridrich <zfridric@redhat.com>
|
||||
Date: Thu, 16 Nov 2023 10:12:14 +0100
|
||||
Subject: [PATCH] Fix issues found by static analysis
|
||||
|
||||
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
||||
---
|
||||
common/frob-getprogname.c | 4 ++--
|
||||
common/test.c | 4 +---
|
||||
p11-kit/generate-keypair.c | 25 +++++++++----------------
|
||||
p11-kit/import-object.c | 22 +++++-----------------
|
||||
p11-kit/lists.c | 1 +
|
||||
p11-kit/print-config.c | 4 +++-
|
||||
p11-kit/rpc-client.c | 6 ++++--
|
||||
p11-kit/test-uri.c | 4 ++--
|
||||
trust/test-trust.c | 2 +-
|
||||
9 files changed, 28 insertions(+), 44 deletions(-)
|
||||
|
||||
diff --git a/common/frob-getprogname.c b/common/frob-getprogname.c
|
||||
index ead658cc8..46e3b7fd3 100644
|
||||
--- a/common/frob-getprogname.c
|
||||
+++ b/common/frob-getprogname.c
|
||||
@@ -76,14 +76,14 @@ main (int argc,
|
||||
execv (BUILDDIR "/common/frob-getprogname" EXEEXT, args);
|
||||
} else {
|
||||
int status;
|
||||
- char buffer[1024];
|
||||
+ char buffer[1024] = { 0 };
|
||||
size_t offset = 0;
|
||||
ssize_t nread;
|
||||
char *p;
|
||||
|
||||
close (pfds[1]);
|
||||
while (1) {
|
||||
- nread = read (pfds[0], buffer + offset, sizeof(buffer) - offset);
|
||||
+ nread = read (pfds[0], buffer + offset, sizeof(buffer) - offset - 1);
|
||||
if (nread < 0) {
|
||||
perror ("read");
|
||||
exit (EXIT_FAILURE);
|
||||
diff --git a/common/test.c b/common/test.c
|
||||
index 3ed98da01..6cdbd1fa2 100644
|
||||
--- a/common/test.c
|
||||
+++ b/common/test.c
|
||||
@@ -272,7 +272,6 @@ p11_testx (void (* function) (void *),
|
||||
test_item item = { TEST, };
|
||||
va_list va;
|
||||
|
||||
- item.type = TEST;
|
||||
item.x.test.func = function;
|
||||
item.x.test.argument = argument;
|
||||
|
||||
@@ -287,9 +286,8 @@ void
|
||||
p11_fixture (void (* setup) (void *),
|
||||
void (* teardown) (void *))
|
||||
{
|
||||
- test_item item;
|
||||
+ test_item item = { FIXTURE, };
|
||||
|
||||
- item.type = FIXTURE;
|
||||
item.x.fix.setup = setup;
|
||||
item.x.fix.teardown = teardown;
|
||||
|
||||
diff --git a/p11-kit/generate-keypair.c b/p11-kit/generate-keypair.c
|
||||
index 49dc11830..695103d1d 100644
|
||||
--- a/p11-kit/generate-keypair.c
|
||||
+++ b/p11-kit/generate-keypair.c
|
||||
@@ -351,7 +351,7 @@ int
|
||||
p11_kit_generate_keypair (int argc,
|
||||
char *argv[])
|
||||
{
|
||||
- int opt, ret = 2;
|
||||
+ int opt, ret;
|
||||
char *label = NULL;
|
||||
CK_ULONG bits = 0;
|
||||
const uint8_t *ec_params = NULL;
|
||||
@@ -396,31 +396,27 @@ p11_kit_generate_keypair (int argc,
|
||||
while ((opt = p11_tool_getopt (argc, argv, options)) != -1) {
|
||||
switch (opt) {
|
||||
case opt_label:
|
||||
- label = strdup (optarg);
|
||||
- if (label == NULL) {
|
||||
- p11_message (_("failed to allocate memory"));
|
||||
- goto cleanup;
|
||||
- }
|
||||
+ label = optarg;
|
||||
break;
|
||||
case opt_type:
|
||||
mechanism = get_mechanism (optarg);
|
||||
if (mechanism.mechanism == CKA_INVALID) {
|
||||
p11_message (_("unknown mechanism type: %s"), optarg);
|
||||
- goto cleanup;
|
||||
+ return 2;
|
||||
}
|
||||
break;
|
||||
case opt_bits:
|
||||
bits = strtol (optarg, NULL, 10);
|
||||
if (bits == 0) {
|
||||
p11_message (_("failed to parse bits value: %s"), optarg);
|
||||
- goto cleanup;
|
||||
+ return 2;
|
||||
}
|
||||
break;
|
||||
case opt_curve:
|
||||
ec_params = get_ec_params (optarg, &ec_params_len);
|
||||
if (ec_params == NULL) {
|
||||
p11_message (_("unknown curve name: %s"), optarg);
|
||||
- goto cleanup;
|
||||
+ return 2;
|
||||
}
|
||||
break;
|
||||
case opt_login:
|
||||
@@ -434,10 +430,9 @@ p11_kit_generate_keypair (int argc,
|
||||
break;
|
||||
case opt_help:
|
||||
p11_tool_usage (usages, options);
|
||||
- ret = 0;
|
||||
- goto cleanup;
|
||||
+ return 0;
|
||||
case '?':
|
||||
- goto cleanup;
|
||||
+ return 2;
|
||||
default:
|
||||
assert_not_reached ();
|
||||
break;
|
||||
@@ -449,11 +444,11 @@ p11_kit_generate_keypair (int argc,
|
||||
|
||||
if (argc != 1) {
|
||||
p11_tool_usage (usages, options);
|
||||
- goto cleanup;
|
||||
+ return 2;
|
||||
}
|
||||
|
||||
if (!check_args (mechanism.mechanism, bits, ec_params))
|
||||
- goto cleanup;
|
||||
+ return 2;
|
||||
|
||||
#ifdef OS_UNIX
|
||||
/* Register a fallback PIN callback that reads from terminal.
|
||||
@@ -464,11 +459,9 @@ p11_kit_generate_keypair (int argc,
|
||||
|
||||
ret = generate_keypair (*argv, label, mechanism, bits, ec_params, ec_params_len, login);
|
||||
|
||||
-cleanup:
|
||||
#ifdef OS_UNIX
|
||||
p11_kit_pin_unregister_callback ("tty", p11_pin_tty_callback, NULL);
|
||||
#endif
|
||||
- free (label);
|
||||
|
||||
return ret;
|
||||
}
|
||||
diff --git a/p11-kit/import-object.c b/p11-kit/import-object.c
|
||||
index 270a0e027..feee07659 100644
|
||||
--- a/p11-kit/import-object.c
|
||||
+++ b/p11-kit/import-object.c
|
||||
@@ -500,7 +500,7 @@ int
|
||||
p11_kit_import_object (int argc,
|
||||
char *argv[])
|
||||
{
|
||||
- int opt, ret = 2;
|
||||
+ int opt, ret;
|
||||
char *label = NULL;
|
||||
char *file = NULL;
|
||||
bool login = false;
|
||||
@@ -536,18 +536,10 @@ p11_kit_import_object (int argc,
|
||||
while ((opt = p11_tool_getopt (argc, argv, options)) != -1) {
|
||||
switch (opt) {
|
||||
case opt_label:
|
||||
- label = strdup (optarg);
|
||||
- if (label == NULL) {
|
||||
- p11_message (_("failed to allocate memory"));
|
||||
- goto cleanup;
|
||||
- }
|
||||
+ label = optarg;
|
||||
break;
|
||||
case opt_file:
|
||||
- file = strdup (optarg);
|
||||
- if (file == NULL) {
|
||||
- p11_message (_("failed to allocate memory"));
|
||||
- goto cleanup;
|
||||
- }
|
||||
+ file = optarg;
|
||||
break;
|
||||
case opt_login:
|
||||
login = true;
|
||||
@@ -574,12 +566,12 @@ p11_kit_import_object (int argc,
|
||||
|
||||
if (argc != 1) {
|
||||
p11_tool_usage (usages, options);
|
||||
- goto cleanup;
|
||||
+ return 2;
|
||||
}
|
||||
|
||||
if (file == NULL) {
|
||||
p11_message (_("no file specified"));
|
||||
- goto cleanup;
|
||||
+ return 2;
|
||||
}
|
||||
|
||||
#ifdef OS_UNIX
|
||||
@@ -595,10 +587,6 @@ p11_kit_import_object (int argc,
|
||||
p11_kit_pin_unregister_callback ("tty", p11_pin_tty_callback, NULL);
|
||||
#endif
|
||||
|
||||
-cleanup:
|
||||
- free (label);
|
||||
- free (file);
|
||||
-
|
||||
return ret;
|
||||
}
|
||||
|
||||
diff --git a/p11-kit/lists.c b/p11-kit/lists.c
|
||||
index df58beb3f..007bb0f12 100644
|
||||
--- a/p11-kit/lists.c
|
||||
+++ b/p11-kit/lists.c
|
||||
@@ -295,6 +295,7 @@ print_modules (void)
|
||||
if (rv != CKR_OK) {
|
||||
p11_message (_("couldn't load module info: %s"),
|
||||
p11_kit_strerror (rv));
|
||||
+ p11_kit_modules_finalize_and_release (module_list);
|
||||
return 1;
|
||||
}
|
||||
|
||||
diff --git a/p11-kit/print-config.c b/p11-kit/print-config.c
|
||||
index 173b55feb..29daf3871 100644
|
||||
--- a/p11-kit/print-config.c
|
||||
+++ b/p11-kit/print-config.c
|
||||
@@ -74,8 +74,10 @@ print_config (void)
|
||||
P11_PACKAGE_CONFIG_MODULES,
|
||||
P11_SYSTEM_CONFIG_MODULES,
|
||||
P11_USER_CONFIG_MODULES);
|
||||
- if (modules_conf == NULL)
|
||||
+ if (modules_conf == NULL) {
|
||||
+ p11_dict_free (global_conf);
|
||||
return 1;
|
||||
+ }
|
||||
|
||||
printf ("[global]\n");
|
||||
p11_dict_iterate (global_conf, &i);
|
||||
diff --git a/p11-kit/rpc-client.c b/p11-kit/rpc-client.c
|
||||
index fb39103eb..19b628b1a 100644
|
||||
--- a/p11-kit/rpc-client.c
|
||||
+++ b/p11-kit/rpc-client.c
|
||||
@@ -173,6 +173,8 @@ call_done (rpc_client *module,
|
||||
p11_rpc_message *msg,
|
||||
CK_RV ret)
|
||||
{
|
||||
+ p11_buffer *buf;
|
||||
+
|
||||
assert (module != NULL);
|
||||
assert (msg != NULL);
|
||||
|
||||
@@ -189,9 +191,9 @@ call_done (rpc_client *module,
|
||||
|
||||
/* We used the same buffer for input/output, so this frees both */
|
||||
assert (msg->input == msg->output);
|
||||
- p11_rpc_buffer_free (msg->input);
|
||||
-
|
||||
+ buf = msg->input;
|
||||
p11_rpc_message_clear (msg);
|
||||
+ p11_rpc_buffer_free (buf);
|
||||
|
||||
return ret;
|
||||
}
|
||||
diff --git a/p11-kit/test-uri.c b/p11-kit/test-uri.c
|
||||
index 32e8da703..18b7a108a 100644
|
||||
--- a/p11-kit/test-uri.c
|
||||
+++ b/p11-kit/test-uri.c
|
||||
@@ -1019,7 +1019,7 @@ test_uri_get_set_unrecognized (void)
|
||||
static void
|
||||
test_uri_match_token (void)
|
||||
{
|
||||
- CK_TOKEN_INFO token;
|
||||
+ CK_TOKEN_INFO token = { 0 };
|
||||
P11KitUri *uri;
|
||||
int ret;
|
||||
|
||||
@@ -1056,7 +1056,7 @@ test_uri_match_token (void)
|
||||
static void
|
||||
test_uri_match_module (void)
|
||||
{
|
||||
- CK_INFO info;
|
||||
+ CK_INFO info = { 0 };
|
||||
P11KitUri *uri;
|
||||
int ret;
|
||||
|
||||
diff --git a/trust/test-trust.c b/trust/test-trust.c
|
||||
index 29b2797b5..3b27a1f31 100644
|
||||
--- a/trust/test-trust.c
|
||||
+++ b/trust/test-trust.c
|
||||
@@ -258,7 +258,7 @@ test_check_symlink_msg (const char *file,
|
||||
if (asprintf (&filename, "%s/%s", directory, name) < 0)
|
||||
assert_not_reached ();
|
||||
|
||||
- if (readlink (filename, buf, sizeof (buf)) < 0)
|
||||
+ if (readlink (filename, buf, sizeof (buf) - 1) < 0)
|
||||
p11_test_fail (file, line, function, "Couldn't read symlink: %s", filename);
|
||||
|
||||
if (strcmp (destination, buf) != 0)
|
||||
|
|
@ -1,42 +0,0 @@
|
|||
From a91266ef087532e2332c75c4fd9244df66f30b64 Mon Sep 17 00:00:00 2001
|
||||
From: Daiki Ueno <ueno@gnu.org>
|
||||
Date: Fri, 18 Dec 2020 13:37:10 +0100
|
||||
Subject: [PATCH] meson: Link trust/client modules explicitly to -ldl
|
||||
|
||||
This adds the -ldl link flag missing in the meson build, but present
|
||||
in the autotools build. Although the use-case is unlikely, this
|
||||
allows those modules to be linked as a normal shared library to a
|
||||
program.
|
||||
---
|
||||
p11-kit/meson.build | 1 +
|
||||
trust/meson.build | 2 +-
|
||||
2 files changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/p11-kit/meson.build b/p11-kit/meson.build
|
||||
index 7d57cd7..02147a9 100644
|
||||
--- a/p11-kit/meson.build
|
||||
+++ b/p11-kit/meson.build
|
||||
@@ -92,6 +92,7 @@ if host_system != 'windows'
|
||||
'client.c', 'client-init.c',
|
||||
name_prefix: '',
|
||||
include_directories: [configinc, commoninc],
|
||||
+ dependencies: dlopen_deps,
|
||||
link_args: p11_module_ldflags,
|
||||
link_depends: [p11_module_symbol_map,
|
||||
p11_module_symbol_def],
|
||||
diff --git a/trust/meson.build b/trust/meson.build
|
||||
index 482a3c1..d4a8e15 100644
|
||||
--- a/trust/meson.build
|
||||
+++ b/trust/meson.build
|
||||
@@ -56,7 +56,7 @@ shared_module('p11-kit-trust',
|
||||
'module-init.c',
|
||||
name_prefix: '',
|
||||
c_args: p11_kit_trust_c_args,
|
||||
- dependencies: [asn_h_dep, libp11_library_dep] + libtasn1_deps,
|
||||
+ dependencies: [asn_h_dep, libp11_library_dep] + dlopen_deps + libtasn1_deps,
|
||||
link_args: p11_module_ldflags,
|
||||
link_depends: [p11_module_symbol_map,
|
||||
p11_module_symbol_def],
|
||||
--
|
||||
2.29.2
|
||||
|
||||
|
|
@ -1,42 +0,0 @@
|
|||
From 9f01a8a45ba913a9b65894cef9369b6010005096 Mon Sep 17 00:00:00 2001
|
||||
From: Eli Schwartz <eschwartz@archlinux.org>
|
||||
Date: Tue, 11 Jan 2022 23:25:05 -0500
|
||||
Subject: [PATCH] gtkdoc: remove dependencies on custom target files
|
||||
|
||||
Sadly, the `dependencies` kwarg does not actually do what it seems to be
|
||||
trying to be used for, here. It is for listing dependency or library
|
||||
objects whose compiler flags should be added to gtkdoc-scangobj.
|
||||
|
||||
It will not actually add ninja target dependencies. The similar kwarg in
|
||||
other meson functions (e.g. genmarshal and compile_schemas) that *do*
|
||||
allow adding target dependencies, is `depend_files`.
|
||||
|
||||
Older versions of meson simply did nothing in an if/elif/elif block
|
||||
where these custom_targets never matched anything, and were thus
|
||||
silently ignored.
|
||||
|
||||
Meson 0.61 type-validates the arguments and rejects CustomTarget as
|
||||
invalid:
|
||||
|
||||
```
|
||||
doc/manual/meson.build:72:8: ERROR: gnome.gtkdoc keyword argument 'dependencies' was of type array[CustomTarget | PkgConfigDependency] but should have been array[Dependency | SharedLibrary | StaticLibrary]
|
||||
```
|
||||
|
||||
Fixes #406
|
||||
---
|
||||
doc/manual/meson.build | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/doc/manual/meson.build b/doc/manual/meson.build
|
||||
index cf8758dbf..560df8dbc 100644
|
||||
--- a/doc/manual/meson.build
|
||||
+++ b/doc/manual/meson.build
|
||||
@@ -73,7 +73,7 @@ if get_option('gtk_doc')
|
||||
main_xml: 'p11-kit-docs.xml',
|
||||
namespace: 'p11_kit',
|
||||
src_dir: 'p11-kit',
|
||||
- dependencies: libffi_deps + dlopen_deps + xml_deps,
|
||||
+ dependencies: libffi_deps + dlopen_deps,
|
||||
scan_args: [
|
||||
'--ignore-headers=' + ' '.join(ignore_headers),
|
||||
'--rebuild-types',
|
||||
|
|
@ -1,953 +0,0 @@
|
|||
diff --color -ruNp a/common/attrs.c b/common/attrs.c
|
||||
--- a/common/attrs.c 2020-12-11 15:48:46.000000000 +0100
|
||||
+++ b/common/attrs.c 2023-11-29 14:29:45.130552239 +0100
|
||||
@@ -709,6 +709,23 @@ attribute_is_sensitive (const CK_ATTRIBU
|
||||
X (CKA_TRUST_STEP_UP_APPROVED)
|
||||
X (CKA_CERT_SHA1_HASH)
|
||||
X (CKA_CERT_MD5_HASH)
|
||||
+ X (CKA_IBM_OPAQUE)
|
||||
+ X (CKA_IBM_RESTRICTABLE)
|
||||
+ X (CKA_IBM_NEVER_MODIFIABLE)
|
||||
+ X (CKA_IBM_RETAINKEY)
|
||||
+ X (CKA_IBM_ATTRBOUND)
|
||||
+ X (CKA_IBM_KEYTYPE)
|
||||
+ X (CKA_IBM_CV)
|
||||
+ X (CKA_IBM_MACKEY)
|
||||
+ X (CKA_IBM_USE_AS_DATA)
|
||||
+ X (CKA_IBM_STRUCT_PARAMS)
|
||||
+ X (CKA_IBM_STD_COMPLIANCE1)
|
||||
+ X (CKA_IBM_PROTKEY_EXTRACTABLE)
|
||||
+ X (CKA_IBM_PROTKEY_NEVER_EXTRACTABLE)
|
||||
+ X (CKA_IBM_OPAQUE_PKEY)
|
||||
+ X (CKA_IBM_DILITHIUM_KEYFORM)
|
||||
+ X (CKA_IBM_DILITHIUM_RHO)
|
||||
+ X (CKA_IBM_DILITHIUM_T1)
|
||||
case CKA_VALUE:
|
||||
return (klass != CKO_CERTIFICATE &&
|
||||
klass != CKO_X_CERTIFICATE_EXTENSION);
|
||||
diff --color -ruNp a/common/constants.c b/common/constants.c
|
||||
--- a/common/constants.c 2020-12-11 15:48:46.000000000 +0100
|
||||
+++ b/common/constants.c 2023-11-29 14:29:45.130552239 +0100
|
||||
@@ -141,6 +141,28 @@ const p11_constant p11_constant_types[]
|
||||
CT (CKA_WRAP_TEMPLATE, "wrap-template")
|
||||
CT (CKA_UNWRAP_TEMPLATE, "unwrap-template")
|
||||
CT (CKA_ALLOWED_MECHANISMS, "allowed-mechanisms")
|
||||
+ CT (CKA_IBM_OPAQUE, "ibm-opaque")
|
||||
+ CT (CKA_IBM_RESTRICTABLE, "ibm-restrictable")
|
||||
+ CT (CKA_IBM_NEVER_MODIFIABLE, "ibm-never-modifiable")
|
||||
+ CT (CKA_IBM_RETAINKEY, "ibm-retainkey")
|
||||
+ CT (CKA_IBM_ATTRBOUND, "ibm-attrbound")
|
||||
+ CT (CKA_IBM_KEYTYPE, "ibm-keytype")
|
||||
+ CT (CKA_IBM_CV, "ibm-cv")
|
||||
+ CT (CKA_IBM_MACKEY, "ibm-mackey")
|
||||
+ CT (CKA_IBM_USE_AS_DATA, "ibm-use-as-data")
|
||||
+ CT (CKA_IBM_STRUCT_PARAMS, "ibm-struct-params")
|
||||
+ CT (CKA_IBM_STD_COMPLIANCE1, "ibm-std_compliance1")
|
||||
+ CT (CKA_IBM_PROTKEY_EXTRACTABLE, "ibm-protkey-extractable")
|
||||
+ CT (CKA_IBM_PROTKEY_NEVER_EXTRACTABLE, "ibm-protkey-never-extractable")
|
||||
+ CT (CKA_IBM_DILITHIUM_KEYFORM, "ibm-dilithium-keyform")
|
||||
+ CT (CKA_IBM_DILITHIUM_RHO, "ibm-dilithium-rho")
|
||||
+ CT (CKA_IBM_DILITHIUM_SEED, "ibm-dilithium-seed")
|
||||
+ CT (CKA_IBM_DILITHIUM_TR, "ibm-dilithium-tr")
|
||||
+ CT (CKA_IBM_DILITHIUM_S1, "ibm-dilithium-s1")
|
||||
+ CT (CKA_IBM_DILITHIUM_S2, "ibm-dilithium-s2")
|
||||
+ CT (CKA_IBM_DILITHIUM_T0, "ibm-dilithium-t0")
|
||||
+ CT (CKA_IBM_DILITHIUM_T1, "ibm-dilithium-t1")
|
||||
+ CT (CKA_IBM_OPAQUE_PKEY, "ibm-opaque-pkey")
|
||||
CT (CKA_NSS_URL, "nss-url")
|
||||
CT (CKA_NSS_EMAIL, "nss-email")
|
||||
CT (CKA_NSS_SMIME_INFO, "nss-smime-constant")
|
||||
@@ -247,6 +269,7 @@ const p11_constant p11_constant_keys[] =
|
||||
CT (CKK_AES, "aes")
|
||||
CT (CKK_BLOWFISH, "blowfish")
|
||||
CT (CKK_TWOFISH, "twofish")
|
||||
+ CT (CKK_IBM_PQC_DILITHIUM, "ibm-dilithium")
|
||||
CT (CKK_NSS_PKCS8, "nss-pkcs8")
|
||||
{ CKA_INVALID },
|
||||
};
|
||||
@@ -595,6 +618,21 @@ const p11_constant p11_constant_mechanis
|
||||
CT (CKM_DSA_PARAMETER_GEN, "dsa-parameter-gen")
|
||||
CT (CKM_DH_PKCS_PARAMETER_GEN, "dh-pkcs-parameter-gen")
|
||||
CT (CKM_X9_42_DH_PARAMETER_GEN, "x9-42-dh-parameter-gen")
|
||||
+ CT (CKM_IBM_SHA3_224, "ibm-sha3-224")
|
||||
+ CT (CKM_IBM_SHA3_256, "ibm-sha3-256")
|
||||
+ CT (CKM_IBM_SHA3_384, "ibm-sha3-384")
|
||||
+ CT (CKM_IBM_SHA3_512, "ibm-sha3-512")
|
||||
+ CT (CKM_IBM_CMAC, "ibm-cmac")
|
||||
+ CT (CKM_IBM_EC_X25519, "ibm-ec-x25519")
|
||||
+ CT (CKM_IBM_ED25519_SHA512, "ibm-ed25519-sha512")
|
||||
+ CT (CKM_IBM_EC_X448, "ibm-ec-x448")
|
||||
+ CT (CKM_IBM_ED448_SHA3, "ibm-ed448-sha3")
|
||||
+ CT (CKM_IBM_DILITHIUM, "ibm-dilithium")
|
||||
+ CT (CKM_IBM_SHA3_224_HMAC, "ibm-sha3-224-hmac")
|
||||
+ CT (CKM_IBM_SHA3_256_HMAC, "ibm-sha3-256-hmac")
|
||||
+ CT (CKM_IBM_SHA3_384_HMAC, "ibm-sha3-384-hmac")
|
||||
+ CT (CKM_IBM_SHA3_512_HMAC, "ibm-sha3-512-hmac")
|
||||
+ CT (CKM_IBM_ATTRIBUTEBOUND_WRAP, "ibm-attributebound-wrap")
|
||||
{ CKA_INVALID },
|
||||
};
|
||||
|
||||
diff --color -ruNp a/common/pkcs11x.h b/common/pkcs11x.h
|
||||
--- a/common/pkcs11x.h 2020-12-11 16:24:01.000000000 +0100
|
||||
+++ b/common/pkcs11x.h 2023-11-29 14:29:45.252554771 +0100
|
||||
@@ -181,6 +181,71 @@ typedef CK_ULONG
|
||||
|
||||
#endif /* CRYPTOKI_RU_TEAM_TC26_VENDOR_DEFINED */
|
||||
|
||||
+/* Define this if you want the IBM specific symbols */
|
||||
+#define CRYPTOKI_IBM_VENDOR_DEFINED 1
|
||||
+#ifdef CRYPTOKI_IBM_VENDOR_DEFINED
|
||||
+
|
||||
+#define CKK_IBM_PQC_DILITHIUM CKK_VENDOR_DEFINED + 0x10023
|
||||
+
|
||||
+#define CKA_IBM_OPAQUE (CKA_VENDOR_DEFINED + 1)
|
||||
+#define CKA_IBM_RESTRICTABLE (CKA_VENDOR_DEFINED + 0x10001)
|
||||
+#define CKA_IBM_NEVER_MODIFIABLE (CKA_VENDOR_DEFINED + 0x10002)
|
||||
+#define CKA_IBM_RETAINKEY (CKA_VENDOR_DEFINED + 0x10003)
|
||||
+#define CKA_IBM_ATTRBOUND (CKA_VENDOR_DEFINED + 0x10004)
|
||||
+#define CKA_IBM_KEYTYPE (CKA_VENDOR_DEFINED + 0x10005)
|
||||
+#define CKA_IBM_CV (CKA_VENDOR_DEFINED + 0x10006)
|
||||
+#define CKA_IBM_MACKEY (CKA_VENDOR_DEFINED + 0x10007)
|
||||
+#define CKA_IBM_USE_AS_DATA (CKA_VENDOR_DEFINED + 0x10008)
|
||||
+#define CKA_IBM_STRUCT_PARAMS (CKA_VENDOR_DEFINED + 0x10009)
|
||||
+#define CKA_IBM_STD_COMPLIANCE1 (CKA_VENDOR_DEFINED + 0x1000a)
|
||||
+#define CKA_IBM_PROTKEY_EXTRACTABLE (CKA_VENDOR_DEFINED + 0x1000c)
|
||||
+#define CKA_IBM_PROTKEY_NEVER_EXTRACTABLE (CKA_VENDOR_DEFINED + 0x1000d)
|
||||
+#define CKA_IBM_DILITHIUM_KEYFORM (CKA_VENDOR_DEFINED + 0xd0001)
|
||||
+#define CKA_IBM_DILITHIUM_RHO (CKA_VENDOR_DEFINED + 0xd0002)
|
||||
+#define CKA_IBM_DILITHIUM_SEED (CKA_VENDOR_DEFINED + 0xd0003)
|
||||
+#define CKA_IBM_DILITHIUM_TR (CKA_VENDOR_DEFINED + 0xd0004)
|
||||
+#define CKA_IBM_DILITHIUM_S1 (CKA_VENDOR_DEFINED + 0xd0005)
|
||||
+#define CKA_IBM_DILITHIUM_S2 (CKA_VENDOR_DEFINED + 0xd0006)
|
||||
+#define CKA_IBM_DILITHIUM_T0 (CKA_VENDOR_DEFINED + 0xd0007)
|
||||
+#define CKA_IBM_DILITHIUM_T1 (CKA_VENDOR_DEFINED + 0xd0008)
|
||||
+#define CKA_IBM_OPAQUE_PKEY (CKA_VENDOR_DEFINED + 0xd0100)
|
||||
+
|
||||
+#define CKM_IBM_SHA3_224 (CKM_VENDOR_DEFINED + 0x10001)
|
||||
+#define CKM_IBM_SHA3_256 (CKM_VENDOR_DEFINED + 0x10002)
|
||||
+#define CKM_IBM_SHA3_384 (CKM_VENDOR_DEFINED + 0x10003)
|
||||
+#define CKM_IBM_SHA3_512 (CKM_VENDOR_DEFINED + 0x10004)
|
||||
+#define CKM_IBM_CMAC (CKM_VENDOR_DEFINED + 0x10007)
|
||||
+#define CKM_IBM_EC_X25519 (CKM_VENDOR_DEFINED + 0x1001b)
|
||||
+#define CKM_IBM_ED25519_SHA512 (CKM_VENDOR_DEFINED + 0x1001c)
|
||||
+#define CKM_IBM_EC_X448 (CKM_VENDOR_DEFINED + 0x1001e)
|
||||
+#define CKM_IBM_ED448_SHA3 (CKM_VENDOR_DEFINED + 0x1001f)
|
||||
+#define CKM_IBM_DILITHIUM (CKM_VENDOR_DEFINED + 0x10023)
|
||||
+#define CKM_IBM_SHA3_224_HMAC (CKM_VENDOR_DEFINED + 0x10025)
|
||||
+#define CKM_IBM_SHA3_256_HMAC (CKM_VENDOR_DEFINED + 0x10026)
|
||||
+#define CKM_IBM_SHA3_384_HMAC (CKM_VENDOR_DEFINED + 0x10027)
|
||||
+#define CKM_IBM_SHA3_512_HMAC (CKM_VENDOR_DEFINED + 0x10028)
|
||||
+#define CKM_IBM_ATTRIBUTEBOUND_WRAP (CKM_VENDOR_DEFINED + 0x20004)
|
||||
+
|
||||
+/*
|
||||
+ * If the caller is using the PKCS#11 GNU calling convention, then we cater
|
||||
+ * to that here.
|
||||
+ */
|
||||
+#ifdef CRYPTOKI_GNU
|
||||
+#define hSignVerifyKey h_sign_verify_key
|
||||
+#endif
|
||||
+
|
||||
+struct ck_ibm_attributebound_wrap {
|
||||
+ CK_OBJECT_HANDLE hSignVerifyKey;
|
||||
+};
|
||||
+
|
||||
+typedef struct ck_ibm_attributebound_wrap CK_IBM_ATTRIBUTEBOUND_WRAP_PARAMS;
|
||||
+
|
||||
+#ifdef CRYPTOKI_GNU
|
||||
+#undef hSignVerifyKey
|
||||
+#endif
|
||||
+
|
||||
+#endif /* CRYPTOKI_IBM_VENDOR_DEFINED */
|
||||
+
|
||||
#if defined(__cplusplus)
|
||||
}
|
||||
#endif
|
||||
diff --color -ruNp a/p11-kit/meson.build b/p11-kit/meson.build
|
||||
--- a/p11-kit/meson.build 2023-11-29 14:27:53.265231072 +0100
|
||||
+++ b/p11-kit/meson.build 2023-11-29 14:29:45.264555020 +0100
|
||||
@@ -211,6 +211,9 @@ gnu_h = gnu_h_gen.process(pkcs11_gnu_hea
|
||||
static_library('p11-kit-pkcs11-gnu',
|
||||
gnu_h,
|
||||
'pkcs11-gnu.c',
|
||||
+ c_args: [
|
||||
+ '-DCRYPTOKI_GNU=1', '-DP11_KIT_FUTURE_UNSTABLE_API=1',
|
||||
+ ],
|
||||
include_directories: [configinc, commoninc])
|
||||
|
||||
# Tests ----------------------------------------------------------------
|
||||
diff --color -ruNp a/p11-kit/p11-kit.h b/p11-kit/p11-kit.h
|
||||
--- a/p11-kit/p11-kit.h 2020-12-11 15:48:46.000000000 +0100
|
||||
+++ b/p11-kit/p11-kit.h 2023-11-29 14:29:45.265555041 +0100
|
||||
@@ -43,12 +43,17 @@
|
||||
*/
|
||||
#ifdef CRYPTOKI_GNU
|
||||
typedef ck_rv_t CK_RV;
|
||||
+typedef ck_object_handle_t CK_OBJECT_HANDLE;
|
||||
+typedef unsigned long int CK_ULONG;
|
||||
typedef struct ck_function_list* CK_FUNCTION_LIST_PTR;
|
||||
typedef struct ck_function_list CK_FUNCTION_LIST;
|
||||
#endif
|
||||
|
||||
#include "p11-kit/deprecated.h"
|
||||
|
||||
+/* For size_t. */
|
||||
+#include <stddef.h>
|
||||
+
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
diff --color -ruNp a/p11-kit/pkcs11-gnu.c b/p11-kit/pkcs11-gnu.c
|
||||
--- a/p11-kit/pkcs11-gnu.c 2020-12-11 15:48:46.000000000 +0100
|
||||
+++ b/p11-kit/pkcs11-gnu.c 2023-11-29 14:29:45.265555041 +0100
|
||||
@@ -1,3 +1,8 @@
|
||||
+#include "config.h"
|
||||
+
|
||||
+#include "p11-kit.h"
|
||||
+#include "pkcs11x.h"
|
||||
+
|
||||
#include "pkcs11-gnu-iter.h"
|
||||
#include "pkcs11-gnu-pin.h"
|
||||
#include "pkcs11-gnu-uri.h"
|
||||
diff --color -ruNp a/p11-kit/rpc-client.c b/p11-kit/rpc-client.c
|
||||
--- a/p11-kit/rpc-client.c 2020-12-11 15:48:46.000000000 +0100
|
||||
+++ b/p11-kit/rpc-client.c 2023-11-29 14:29:45.220554107 +0100
|
||||
@@ -570,7 +570,7 @@ proto_read_sesssion_info (p11_rpc_messag
|
||||
#define IN_BYTE_BUFFER(arr, len) \
|
||||
if (len == NULL) \
|
||||
{ _ret = CKR_ARGUMENTS_BAD; goto _cleanup; } \
|
||||
- if (!p11_rpc_message_write_byte_buffer (&_msg, arr ? *len : 0)) \
|
||||
+ if (!p11_rpc_message_write_byte_buffer (&_msg, arr ? (*len > 0 ? *len : (uint32_t)-1) : 0)) \
|
||||
{ _ret = CKR_HOST_MEMORY; goto _cleanup; }
|
||||
|
||||
#define IN_BYTE_ARRAY(arr, len) \
|
||||
@@ -1489,8 +1489,6 @@ rpc_C_SignUpdate (CK_X_FUNCTION_LIST *se
|
||||
CK_BYTE_PTR part,
|
||||
CK_ULONG part_len)
|
||||
{
|
||||
- return_val_if_fail (part_len, CKR_ARGUMENTS_BAD);
|
||||
-
|
||||
BEGIN_CALL_OR (C_SignUpdate, self, CKR_SESSION_HANDLE_INVALID);
|
||||
IN_ULONG (session);
|
||||
IN_BYTE_ARRAY (part, part_len);
|
||||
diff --color -ruNp a/p11-kit/rpc-message.c b/p11-kit/rpc-message.c
|
||||
--- a/p11-kit/rpc-message.c 2020-12-11 16:25:36.000000000 +0100
|
||||
+++ b/p11-kit/rpc-message.c 2023-11-29 14:29:45.243554584 +0100
|
||||
@@ -372,7 +372,7 @@ p11_rpc_message_write_byte_array (p11_rp
|
||||
assert (!msg->signature || p11_rpc_message_verify_part (msg, "ay"));
|
||||
|
||||
/* No array, no data, just length */
|
||||
- if (!arr) {
|
||||
+ if (!arr && num != 0) {
|
||||
p11_rpc_buffer_add_byte (msg->output, 0);
|
||||
p11_rpc_buffer_add_uint32 (msg->output, num);
|
||||
} else {
|
||||
@@ -800,6 +800,13 @@ map_attribute_to_value_type (CK_ATTRIBUT
|
||||
case CKA_RESET_ON_INIT:
|
||||
case CKA_HAS_RESET:
|
||||
case CKA_COLOR:
|
||||
+ case CKA_IBM_RESTRICTABLE:
|
||||
+ case CKA_IBM_NEVER_MODIFIABLE:
|
||||
+ case CKA_IBM_RETAINKEY:
|
||||
+ case CKA_IBM_ATTRBOUND:
|
||||
+ case CKA_IBM_USE_AS_DATA:
|
||||
+ case CKA_IBM_PROTKEY_EXTRACTABLE:
|
||||
+ case CKA_IBM_PROTKEY_NEVER_EXTRACTABLE:
|
||||
return P11_RPC_VALUE_BYTE;
|
||||
case CKA_CLASS:
|
||||
case CKA_CERTIFICATE_TYPE:
|
||||
@@ -821,9 +828,13 @@ map_attribute_to_value_type (CK_ATTRIBUT
|
||||
case CKA_CHAR_COLUMNS:
|
||||
case CKA_BITS_PER_PIXEL:
|
||||
case CKA_MECHANISM_TYPE:
|
||||
+ case CKA_IBM_DILITHIUM_KEYFORM:
|
||||
+ case CKA_IBM_STD_COMPLIANCE1:
|
||||
+ case CKA_IBM_KEYTYPE:
|
||||
return P11_RPC_VALUE_ULONG;
|
||||
case CKA_WRAP_TEMPLATE:
|
||||
case CKA_UNWRAP_TEMPLATE:
|
||||
+ case CKA_DERIVE_TEMPLATE:
|
||||
return P11_RPC_VALUE_ATTRIBUTE_ARRAY;
|
||||
case CKA_ALLOWED_MECHANISMS:
|
||||
return P11_RPC_VALUE_MECHANISM_TYPE_ARRAY;
|
||||
@@ -869,6 +880,18 @@ map_attribute_to_value_type (CK_ATTRIBUT
|
||||
case CKA_REQUIRED_CMS_ATTRIBUTES:
|
||||
case CKA_DEFAULT_CMS_ATTRIBUTES:
|
||||
case CKA_SUPPORTED_CMS_ATTRIBUTES:
|
||||
+ case CKA_IBM_OPAQUE:
|
||||
+ case CKA_IBM_CV:
|
||||
+ case CKA_IBM_MACKEY:
|
||||
+ case CKA_IBM_STRUCT_PARAMS:
|
||||
+ case CKA_IBM_OPAQUE_PKEY:
|
||||
+ case CKA_IBM_DILITHIUM_RHO:
|
||||
+ case CKA_IBM_DILITHIUM_SEED:
|
||||
+ case CKA_IBM_DILITHIUM_TR:
|
||||
+ case CKA_IBM_DILITHIUM_S1:
|
||||
+ case CKA_IBM_DILITHIUM_S2:
|
||||
+ case CKA_IBM_DILITHIUM_T0:
|
||||
+ case CKA_IBM_DILITHIUM_T1:
|
||||
return P11_RPC_VALUE_BYTE_ARRAY;
|
||||
}
|
||||
}
|
||||
@@ -1406,9 +1429,466 @@ p11_rpc_buffer_get_rsa_pkcs_oaep_mechani
|
||||
return true;
|
||||
}
|
||||
|
||||
+void
|
||||
+p11_rpc_buffer_add_ecdh1_derive_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length)
|
||||
+{
|
||||
+ CK_ECDH1_DERIVE_PARAMS params;
|
||||
+
|
||||
+ /* Check if value can be converted to CK_ECDH1_DERIVE_PARAMS. */
|
||||
+ if (value_length != sizeof (CK_ECDH1_DERIVE_PARAMS)) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ memcpy (¶ms, value, value_length);
|
||||
+
|
||||
+ /* Check if params.kdf can be converted to uint64_t. */
|
||||
+ if (params.kdf > UINT64_MAX) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ p11_rpc_buffer_add_uint64 (buffer, params.kdf);
|
||||
+
|
||||
+ /* parmas.shared_data can only be an array of CK_BYTE or
|
||||
+ * NULL */
|
||||
+ p11_rpc_buffer_add_byte_array (buffer,
|
||||
+ (unsigned char *)params.shared_data,
|
||||
+ params.shared_data_len);
|
||||
+
|
||||
+ /* parmas.public_data can only be an array of CK_BYTE or
|
||||
+ * NULL */
|
||||
+ p11_rpc_buffer_add_byte_array (buffer,
|
||||
+ (unsigned char *)params.public_data,
|
||||
+ params.public_data_len);
|
||||
+}
|
||||
+
|
||||
+bool
|
||||
+p11_rpc_buffer_get_ecdh1_derive_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length)
|
||||
+{
|
||||
+ uint64_t val;
|
||||
+ const unsigned char *data1, *data2;
|
||||
+ size_t len1, len2;
|
||||
+
|
||||
+ if (!p11_rpc_buffer_get_uint64 (buffer, offset, &val))
|
||||
+ return false;
|
||||
+
|
||||
+ if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data1, &len1))
|
||||
+ return false;
|
||||
+
|
||||
+ if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data2, &len2))
|
||||
+ return false;
|
||||
+
|
||||
+
|
||||
+ if (value) {
|
||||
+ CK_ECDH1_DERIVE_PARAMS params;
|
||||
+
|
||||
+ params.kdf = val;
|
||||
+ params.shared_data = (void *) data1;
|
||||
+ params.shared_data_len = len1;
|
||||
+ params.public_data = (void *) data2;
|
||||
+ params.public_data_len = len2;
|
||||
+
|
||||
+ memcpy (value, ¶ms, sizeof (CK_ECDH1_DERIVE_PARAMS));
|
||||
+ }
|
||||
+
|
||||
+ if (value_length)
|
||||
+ *value_length = sizeof (CK_ECDH1_DERIVE_PARAMS);
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+p11_rpc_buffer_add_ibm_attrbound_wrap_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length)
|
||||
+{
|
||||
+ CK_IBM_ATTRIBUTEBOUND_WRAP_PARAMS params;
|
||||
+
|
||||
+ /* Check if value can be converted to CKM_IBM_ATTRIBUTEBOUND_WRAP. */
|
||||
+ if (value_length != sizeof (CK_IBM_ATTRIBUTEBOUND_WRAP_PARAMS)) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ memcpy (¶ms, value, value_length);
|
||||
+
|
||||
+ /* Check if params.hSignVerifyKey can be converted to uint64_t. */
|
||||
+ if (params.hSignVerifyKey > UINT64_MAX) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ p11_rpc_buffer_add_uint64 (buffer, params.hSignVerifyKey);
|
||||
+}
|
||||
+
|
||||
+bool
|
||||
+p11_rpc_buffer_get_ibm_attrbound_wrap_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length)
|
||||
+{
|
||||
+ uint64_t val;
|
||||
+
|
||||
+ if (!p11_rpc_buffer_get_uint64 (buffer, offset, &val))
|
||||
+ return false;
|
||||
+
|
||||
+ if (value) {
|
||||
+ CK_IBM_ATTRIBUTEBOUND_WRAP_PARAMS params;
|
||||
+
|
||||
+ params.hSignVerifyKey = val;
|
||||
+
|
||||
+ memcpy (value, ¶ms, sizeof (CK_IBM_ATTRIBUTEBOUND_WRAP_PARAMS));
|
||||
+ }
|
||||
+
|
||||
+ if (value_length)
|
||||
+ *value_length = sizeof (CK_IBM_ATTRIBUTEBOUND_WRAP_PARAMS);
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+p11_rpc_buffer_add_aes_iv_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length)
|
||||
+{
|
||||
+ /* Check if value can be converted to an AES IV. */
|
||||
+ if (value_length != 16) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ p11_rpc_buffer_add_byte_array (buffer,
|
||||
+ (unsigned char *)value,
|
||||
+ value_length);
|
||||
+}
|
||||
+
|
||||
+bool
|
||||
+p11_rpc_buffer_get_aes_iv_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length)
|
||||
+{
|
||||
+ const unsigned char *data;
|
||||
+ size_t len;
|
||||
+
|
||||
+ if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data, &len))
|
||||
+ return false;
|
||||
+
|
||||
+ if (len != 16)
|
||||
+ return false;
|
||||
+
|
||||
+ if (value)
|
||||
+ memcpy (value, data, len);
|
||||
+
|
||||
+ if (value_length)
|
||||
+ *value_length = len;
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+p11_rpc_buffer_add_aes_ctr_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length)
|
||||
+{
|
||||
+ CK_AES_CTR_PARAMS params;
|
||||
+
|
||||
+ /* Check if value can be converted to CK_AES_CTR_PARAMS. */
|
||||
+ if (value_length != sizeof (CK_AES_CTR_PARAMS)) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ memcpy (¶ms, value, value_length);
|
||||
+
|
||||
+ /* Check if params.counter_bits can be converted to uint64_t. */
|
||||
+ if (params.counter_bits > UINT64_MAX) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ p11_rpc_buffer_add_uint64 (buffer, params.counter_bits);
|
||||
+
|
||||
+ p11_rpc_buffer_add_byte_array (buffer,
|
||||
+ (unsigned char *)params.cb,
|
||||
+ sizeof(params.cb));
|
||||
+}
|
||||
+
|
||||
+bool
|
||||
+p11_rpc_buffer_get_aes_ctr_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length)
|
||||
+{
|
||||
+ uint64_t val;
|
||||
+ const unsigned char *data;
|
||||
+ size_t len;
|
||||
+
|
||||
+ if (!p11_rpc_buffer_get_uint64 (buffer, offset, &val))
|
||||
+ return false;
|
||||
+ if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data, &len))
|
||||
+ return false;
|
||||
+
|
||||
+ if (value) {
|
||||
+ CK_AES_CTR_PARAMS params;
|
||||
+
|
||||
+ params.ulCounterBits = val;
|
||||
+
|
||||
+ if (len != sizeof (params.cb))
|
||||
+ return false;
|
||||
+
|
||||
+ memcpy (params.cb, data, sizeof (params.cb));
|
||||
+ memcpy (value, ¶ms, sizeof (CK_AES_CTR_PARAMS));
|
||||
+ }
|
||||
+
|
||||
+ if (value_length)
|
||||
+ *value_length = sizeof (CK_AES_CTR_PARAMS);
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+p11_rpc_buffer_add_aes_gcm_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length)
|
||||
+{
|
||||
+ CK_GCM_PARAMS params;
|
||||
+
|
||||
+ /* Check if value can be converted to CK_GCM_PARAMS. */
|
||||
+ if (value_length != sizeof (CK_GCM_PARAMS)) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ memcpy (¶ms, value, value_length);
|
||||
+
|
||||
+ /* Check if params.ulTagBits/ulIvBits can be converted to uint64_t. */
|
||||
+ if (params.ulTagBits > UINT64_MAX || params.ulIvBits > UINT64_MAX) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ p11_rpc_buffer_add_byte_array (buffer,
|
||||
+ (unsigned char *)params.pIv,
|
||||
+ params.ulIvLen);
|
||||
+ p11_rpc_buffer_add_uint64 (buffer, params.ulIvBits);
|
||||
+ p11_rpc_buffer_add_byte_array (buffer,
|
||||
+ (unsigned char *)params.pAAD,
|
||||
+ params.ulAADLen);
|
||||
+ p11_rpc_buffer_add_uint64 (buffer, params.ulTagBits);
|
||||
+}
|
||||
+
|
||||
+bool
|
||||
+p11_rpc_buffer_get_aes_gcm_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length)
|
||||
+{
|
||||
+ uint64_t val1, val2;
|
||||
+ const unsigned char *data1, *data2;
|
||||
+ size_t len1, len2;
|
||||
+
|
||||
+ if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data1, &len1))
|
||||
+ return false;
|
||||
+ if (!p11_rpc_buffer_get_uint64 (buffer, offset, &val1))
|
||||
+ return false;
|
||||
+ if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data2, &len2))
|
||||
+ return false;
|
||||
+ if (!p11_rpc_buffer_get_uint64 (buffer, offset, &val2))
|
||||
+ return false;
|
||||
+
|
||||
+ if (value) {
|
||||
+ CK_GCM_PARAMS params;
|
||||
+
|
||||
+ params.pIv = (void *) data1;
|
||||
+ params.ulIvLen = len1;
|
||||
+ params.ulIvBits = val1;
|
||||
+ params.pAAD = (void *) data2;
|
||||
+ params.ulAADLen = len2;
|
||||
+ params.ulTagBits = val2;
|
||||
+
|
||||
+ memcpy (value, ¶ms, sizeof (CK_GCM_PARAMS));
|
||||
+ }
|
||||
+
|
||||
+ if (value_length)
|
||||
+ *value_length = sizeof (CK_GCM_PARAMS);
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+p11_rpc_buffer_add_des_iv_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length)
|
||||
+{
|
||||
+ /* Check if value can be converted to an DES IV. */
|
||||
+ if (value_length != 8) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ p11_rpc_buffer_add_byte_array (buffer,
|
||||
+ (unsigned char *)value,
|
||||
+ value_length);
|
||||
+}
|
||||
+
|
||||
+bool
|
||||
+p11_rpc_buffer_get_des_iv_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length)
|
||||
+{
|
||||
+ const unsigned char *data;
|
||||
+ size_t len;
|
||||
+
|
||||
+ if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data, &len))
|
||||
+ return false;
|
||||
+
|
||||
+ if (len != 8)
|
||||
+ return false;
|
||||
+
|
||||
+ if (value)
|
||||
+ memcpy (value, data, len);
|
||||
+
|
||||
+ if (value_length)
|
||||
+ *value_length = len;
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+p11_rpc_buffer_add_mac_general_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length)
|
||||
+{
|
||||
+ CK_ULONG val;
|
||||
+ uint64_t params;
|
||||
+
|
||||
+ /*
|
||||
+ * Check if value can be converted to an CK_MAC_GENERAL_PARAMS which
|
||||
+ * is a CK_ULONG.
|
||||
+ */
|
||||
+ if (value_length != sizeof (CK_ULONG)) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ memcpy (&val, value, value_length);
|
||||
+ params = val;
|
||||
+
|
||||
+ p11_rpc_buffer_add_uint64 (buffer, params);
|
||||
+}
|
||||
+
|
||||
+bool
|
||||
+p11_rpc_buffer_get_mac_general_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length)
|
||||
+{
|
||||
+ uint64_t val;
|
||||
+ CK_ULONG params;
|
||||
+
|
||||
+ if (!p11_rpc_buffer_get_uint64 (buffer, offset, &val))
|
||||
+ return false;
|
||||
+
|
||||
+ params = val;
|
||||
+
|
||||
+ if (value)
|
||||
+ memcpy (value, ¶ms, sizeof (params));
|
||||
+
|
||||
+ if (value_length)
|
||||
+ *value_length = sizeof (params);
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+p11_rpc_buffer_add_dh_pkcs_derive_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length)
|
||||
+{
|
||||
+ /* Mechanism parameter is public value of the other party */
|
||||
+ if (value_length == 0) {
|
||||
+ p11_buffer_fail (buffer);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ p11_rpc_buffer_add_byte_array (buffer,
|
||||
+ (unsigned char *)value,
|
||||
+ value_length);
|
||||
+}
|
||||
+
|
||||
+bool
|
||||
+p11_rpc_buffer_get_dh_pkcs_derive_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length)
|
||||
+{
|
||||
+ const unsigned char *data;
|
||||
+ size_t len;
|
||||
+
|
||||
+ if (!p11_rpc_buffer_get_byte_array (buffer, offset, &data, &len))
|
||||
+ return false;
|
||||
+
|
||||
+ if (len == 0)
|
||||
+ return false;
|
||||
+
|
||||
+ if (value)
|
||||
+ memcpy (value, data, len);
|
||||
+
|
||||
+ if (value_length)
|
||||
+ *value_length = len;
|
||||
+
|
||||
+ return true;
|
||||
+}
|
||||
+
|
||||
static p11_rpc_mechanism_serializer p11_rpc_mechanism_serializers[] = {
|
||||
{ CKM_RSA_PKCS_PSS, p11_rpc_buffer_add_rsa_pkcs_pss_mechanism_value, p11_rpc_buffer_get_rsa_pkcs_pss_mechanism_value },
|
||||
- { CKM_RSA_PKCS_OAEP, p11_rpc_buffer_add_rsa_pkcs_oaep_mechanism_value, p11_rpc_buffer_get_rsa_pkcs_oaep_mechanism_value }
|
||||
+ { CKM_SHA1_RSA_PKCS_PSS, p11_rpc_buffer_add_rsa_pkcs_pss_mechanism_value, p11_rpc_buffer_get_rsa_pkcs_pss_mechanism_value },
|
||||
+ { CKM_SHA224_RSA_PKCS_PSS, p11_rpc_buffer_add_rsa_pkcs_pss_mechanism_value, p11_rpc_buffer_get_rsa_pkcs_pss_mechanism_value },
|
||||
+ { CKM_SHA256_RSA_PKCS_PSS, p11_rpc_buffer_add_rsa_pkcs_pss_mechanism_value, p11_rpc_buffer_get_rsa_pkcs_pss_mechanism_value },
|
||||
+ { CKM_SHA384_RSA_PKCS_PSS, p11_rpc_buffer_add_rsa_pkcs_pss_mechanism_value, p11_rpc_buffer_get_rsa_pkcs_pss_mechanism_value },
|
||||
+ { CKM_SHA512_RSA_PKCS_PSS, p11_rpc_buffer_add_rsa_pkcs_pss_mechanism_value, p11_rpc_buffer_get_rsa_pkcs_pss_mechanism_value },
|
||||
+ { CKM_RSA_PKCS_OAEP, p11_rpc_buffer_add_rsa_pkcs_oaep_mechanism_value, p11_rpc_buffer_get_rsa_pkcs_oaep_mechanism_value },
|
||||
+ { CKM_ECDH1_DERIVE, p11_rpc_buffer_add_ecdh1_derive_mechanism_value, p11_rpc_buffer_get_ecdh1_derive_mechanism_value },
|
||||
+ { CKM_IBM_ATTRIBUTEBOUND_WRAP, p11_rpc_buffer_add_ibm_attrbound_wrap_mechanism_value, p11_rpc_buffer_get_ibm_attrbound_wrap_mechanism_value },
|
||||
+ { CKM_IBM_EC_X25519, p11_rpc_buffer_add_ecdh1_derive_mechanism_value, p11_rpc_buffer_get_ecdh1_derive_mechanism_value },
|
||||
+ { CKM_IBM_EC_X448, p11_rpc_buffer_add_ecdh1_derive_mechanism_value, p11_rpc_buffer_get_ecdh1_derive_mechanism_value },
|
||||
+ { CKM_AES_CBC, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
|
||||
+ { CKM_AES_CBC_PAD, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
|
||||
+ { CKM_AES_OFB, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
|
||||
+ { CKM_AES_CFB1, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
|
||||
+ { CKM_AES_CFB8, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
|
||||
+ { CKM_AES_CFB64, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
|
||||
+ { CKM_AES_CFB128, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
|
||||
+ { CKM_AES_CTS, p11_rpc_buffer_add_aes_iv_mechanism_value, p11_rpc_buffer_get_aes_iv_mechanism_value },
|
||||
+ { CKM_AES_CTR, p11_rpc_buffer_add_aes_ctr_mechanism_value, p11_rpc_buffer_get_aes_ctr_mechanism_value },
|
||||
+ { CKM_AES_GCM, p11_rpc_buffer_add_aes_gcm_mechanism_value, p11_rpc_buffer_get_aes_gcm_mechanism_value },
|
||||
+ { CKM_DES_CBC, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
|
||||
+ { CKM_DES_CBC_PAD, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
|
||||
+ { CKM_DES3_CBC, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
|
||||
+ { CKM_DES3_CBC_PAD, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
|
||||
+ { CKM_DES_CFB8, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
|
||||
+ { CKM_DES_CFB64, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
|
||||
+ { CKM_DES_OFB64, p11_rpc_buffer_add_des_iv_mechanism_value, p11_rpc_buffer_get_des_iv_mechanism_value },
|
||||
+ { CKM_SHA_1_HMAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_SHA224_HMAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_SHA256_HMAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_SHA384_HMAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_SHA512_HMAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_SHA512_224_HMAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_SHA512_256_HMAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_AES_MAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_AES_CMAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_DES3_MAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_DES3_CMAC_GENERAL, p11_rpc_buffer_add_mac_general_mechanism_value, p11_rpc_buffer_get_mac_general_mechanism_value },
|
||||
+ { CKM_DH_PKCS_DERIVE, p11_rpc_buffer_add_dh_pkcs_derive_mechanism_value, p11_rpc_buffer_get_dh_pkcs_derive_mechanism_value },
|
||||
};
|
||||
|
||||
static p11_rpc_mechanism_serializer p11_rpc_byte_array_mechanism_serializer = {
|
||||
@@ -1453,6 +1933,7 @@ mechanism_has_no_parameters (CK_MECHANIS
|
||||
case CKM_MD2_RSA_PKCS:
|
||||
case CKM_MD5_RSA_PKCS:
|
||||
case CKM_SHA1_RSA_PKCS:
|
||||
+ case CKM_SHA224_RSA_PKCS:
|
||||
case CKM_SHA256_RSA_PKCS:
|
||||
case CKM_SHA384_RSA_PKCS:
|
||||
case CKM_SHA512_RSA_PKCS:
|
||||
@@ -1467,6 +1948,10 @@ mechanism_has_no_parameters (CK_MECHANIS
|
||||
case CKM_EC_KEY_PAIR_GEN:
|
||||
case CKM_ECDSA:
|
||||
case CKM_ECDSA_SHA1:
|
||||
+ case CKM_ECDSA_SHA224:
|
||||
+ case CKM_ECDSA_SHA256:
|
||||
+ case CKM_ECDSA_SHA384:
|
||||
+ case CKM_ECDSA_SHA512:
|
||||
case CKM_DH_PKCS_KEY_PAIR_GEN:
|
||||
case CKM_DH_PKCS_PARAMETER_GEN:
|
||||
case CKM_X9_42_DH_KEY_PAIR_GEN:
|
||||
@@ -1480,6 +1965,7 @@ mechanism_has_no_parameters (CK_MECHANIS
|
||||
case CKM_AES_KEY_GEN:
|
||||
case CKM_AES_ECB:
|
||||
case CKM_AES_MAC:
|
||||
+ case CKM_AES_CMAC:
|
||||
case CKM_DES_KEY_GEN:
|
||||
case CKM_DES2_KEY_GEN:
|
||||
case CKM_DES3_KEY_GEN:
|
||||
@@ -1505,6 +1991,7 @@ mechanism_has_no_parameters (CK_MECHANIS
|
||||
case CKM_RC2_MAC:
|
||||
case CKM_DES_MAC:
|
||||
case CKM_DES3_MAC:
|
||||
+ case CKM_DES3_CMAC:
|
||||
case CKM_CDMF_MAC:
|
||||
case CKM_CAST_MAC:
|
||||
case CKM_CAST3_MAC:
|
||||
@@ -1521,18 +2008,46 @@ mechanism_has_no_parameters (CK_MECHANIS
|
||||
case CKM_MD5_HMAC:
|
||||
case CKM_SHA_1:
|
||||
case CKM_SHA_1_HMAC:
|
||||
+ case CKM_SHA1_KEY_DERIVATION:
|
||||
+ case CKM_SHA224:
|
||||
+ case CKM_SHA224_HMAC:
|
||||
+ case CKM_SHA224_KEY_DERIVATION:
|
||||
case CKM_SHA256:
|
||||
case CKM_SHA256_HMAC:
|
||||
+ case CKM_SHA256_KEY_DERIVATION:
|
||||
case CKM_SHA384:
|
||||
case CKM_SHA384_HMAC:
|
||||
+ case CKM_SHA384_KEY_DERIVATION:
|
||||
case CKM_SHA512:
|
||||
case CKM_SHA512_HMAC:
|
||||
+ case CKM_SHA512_KEY_DERIVATION:
|
||||
+ case CKM_SHA512_T:
|
||||
+ case CKM_SHA512_T_HMAC:
|
||||
+ case CKM_SHA512_T_KEY_DERIVATION:
|
||||
+ case CKM_SHA512_224:
|
||||
+ case CKM_SHA512_224_HMAC:
|
||||
+ case CKM_SHA512_224_KEY_DERIVATION:
|
||||
+ case CKM_SHA512_256:
|
||||
+ case CKM_SHA512_256_HMAC:
|
||||
+ case CKM_SHA512_256_KEY_DERIVATION:
|
||||
case CKM_FASTHASH:
|
||||
case CKM_RIPEMD128:
|
||||
case CKM_RIPEMD128_HMAC:
|
||||
case CKM_RIPEMD160:
|
||||
case CKM_RIPEMD160_HMAC:
|
||||
case CKM_KEY_WRAP_LYNKS:
|
||||
+ case CKM_IBM_SHA3_224:
|
||||
+ case CKM_IBM_SHA3_256:
|
||||
+ case CKM_IBM_SHA3_384:
|
||||
+ case CKM_IBM_SHA3_512:
|
||||
+ case CKM_IBM_CMAC:
|
||||
+ case CKM_IBM_DILITHIUM:
|
||||
+ case CKM_IBM_SHA3_224_HMAC:
|
||||
+ case CKM_IBM_SHA3_256_HMAC:
|
||||
+ case CKM_IBM_SHA3_384_HMAC:
|
||||
+ case CKM_IBM_SHA3_512_HMAC:
|
||||
+ case CKM_IBM_ED25519_SHA512:
|
||||
+ case CKM_IBM_ED448_SHA3:
|
||||
return true;
|
||||
default:
|
||||
return false;
|
||||
diff --color -ruNp a/p11-kit/rpc-message.h b/p11-kit/rpc-message.h
|
||||
--- a/p11-kit/rpc-message.h 2020-12-11 16:25:36.000000000 +0100
|
||||
+++ b/p11-kit/rpc-message.h 2023-11-29 14:29:45.243554584 +0100
|
||||
@@ -42,6 +42,7 @@
|
||||
|
||||
#include "buffer.h"
|
||||
#include "pkcs11.h"
|
||||
+#include "pkcs11x.h"
|
||||
|
||||
/* The calls, must be in sync with array below */
|
||||
enum {
|
||||
@@ -478,5 +479,85 @@ bool p11_rpc_buffer_get_rsa_
|
||||
size_t *offset,
|
||||
void *value,
|
||||
CK_ULONG *value_length);
|
||||
+
|
||||
+void p11_rpc_buffer_add_ecdh1_derive_mechanism_value
|
||||
+ (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length);
|
||||
+
|
||||
+bool p11_rpc_buffer_get_ecdh1_derive_mechanism_value
|
||||
+ (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length);
|
||||
+
|
||||
+void p11_rpc_buffer_add_ibm_attrbound_wrap_mechanism_value
|
||||
+ (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length);
|
||||
+
|
||||
+bool p11_rpc_buffer_get_ibm_attrbound_wrap_mechanism_value
|
||||
+ (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length);
|
||||
+
|
||||
+void p11_rpc_buffer_add_aes_iv_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length);
|
||||
+
|
||||
+bool p11_rpc_buffer_get_aes_iv_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length);
|
||||
+
|
||||
+void p11_rpc_buffer_add_aes_ctr_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length);
|
||||
+
|
||||
+bool p11_rpc_buffer_get_aes_ctr_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length);
|
||||
+
|
||||
+void p11_rpc_buffer_add_aes_gcm_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length);
|
||||
+
|
||||
+bool p11_rpc_buffer_get_aes_gcm_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length);
|
||||
+
|
||||
+void p11_rpc_buffer_add_des_iv_mechanism_value (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length);
|
||||
+
|
||||
+bool p11_rpc_buffer_get_des_iv_mechanism_value (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length);
|
||||
+
|
||||
+void p11_rpc_buffer_add_mac_general_mechanism_value
|
||||
+ (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length);
|
||||
+
|
||||
+bool p11_rpc_buffer_get_mac_general_mechanism_value
|
||||
+ (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length);
|
||||
+
|
||||
+void p11_rpc_buffer_add_dh_pkcs_derive_mechanism_value
|
||||
+ (p11_buffer *buffer,
|
||||
+ const void *value,
|
||||
+ CK_ULONG value_length);
|
||||
+
|
||||
+bool p11_rpc_buffer_get_dh_pkcs_derive_mechanism_value
|
||||
+ (p11_buffer *buffer,
|
||||
+ size_t *offset,
|
||||
+ void *value,
|
||||
+ CK_ULONG *value_length);
|
||||
|
||||
#endif /* _RPC_MESSAGE_H */
|
||||
diff --color -ruNp a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c
|
||||
--- a/p11-kit/rpc-server.c 2020-12-11 16:25:36.000000000 +0100
|
||||
+++ b/p11-kit/rpc-server.c 2023-11-29 14:29:45.221554128 +0100
|
||||
@@ -84,6 +84,12 @@ proto_read_byte_buffer (p11_rpc_message
|
||||
*n_buffer = length;
|
||||
*buffer = NULL;
|
||||
|
||||
+ /* length = -1 indicates length = 0, but buffer not NULL */
|
||||
+ if (length == (uint32_t)-1) {
|
||||
+ *n_buffer = 0;
|
||||
+ length = 1; /*allocate 1 dummy byte */
|
||||
+ }
|
||||
+
|
||||
/* If set to zero, then they just want the length */
|
||||
if (length == 0)
|
||||
return CKR_OK;
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
--- !Policy
|
||||
product_versions:
|
||||
- rhel-9
|
||||
decision_context: osci_compose_gate
|
||||
rules:
|
||||
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
|
||||
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation}
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
# This spec file has been automatically updated
|
||||
Version: 0.23.22
|
||||
Version: 0.25.3
|
||||
Release: 2%{?dist}
|
||||
Name: p11-kit
|
||||
Summary: Library for loading and sharing PKCS#11 modules
|
||||
|
|
@ -8,19 +8,14 @@ License: BSD-3-Clause
|
|||
URL: http://p11-glue.freedesktop.org/p11-kit.html
|
||||
Source0: https://github.com/p11-glue/p11-kit/releases/download/%{version}/p11-kit-%{version}.tar.xz
|
||||
Source1: https://github.com/p11-glue/p11-kit/releases/download/%{version}/p11-kit-%{version}.tar.xz.sig
|
||||
Source2: gpgkey-462225C3B46F34879FC8496CD605848ED7E69871.gpg
|
||||
Source2: https://p11-glue.github.io/p11-glue/p11-kit/p11-kit-release-keyring.gpg
|
||||
Source3: trust-extract-compat
|
||||
Source4: p11-kit-client.service
|
||||
|
||||
Patch0: 001-dt-needed.patch
|
||||
Patch1: 002-doc-dep.patch
|
||||
# commits: 4059f17, d07a8ff, 218e971, c4ade85, 242e5db, ac0da82, 7235af6,
|
||||
# b72aa47, 506b941, 3c0be1d, 7ea5901, 7675f86, d1782b6
|
||||
Patch2: 003-IBM-mechs-and-attrs.patch
|
||||
Patch0: 001-static-analysis.patch
|
||||
|
||||
BuildRequires: gcc
|
||||
BuildRequires: libtasn1-devel >= 2.3
|
||||
BuildRequires: libtasn1-tools
|
||||
BuildRequires: libffi-devel
|
||||
BuildRequires: gettext
|
||||
BuildRequires: gtk-doc
|
||||
|
|
@ -159,44 +154,239 @@ fi
|
|||
|
||||
|
||||
%changelog
|
||||
* Fri Dec 01 2023 Zoltan Fridrich <zfridric@redhat.com> - 0.23.22-2
|
||||
* Thu Nov 23 2023 Zoltan Fridrich <zfridric@redhat.com> - 0.25.3-2
|
||||
- Fix issues found by static analysis
|
||||
Related: RHEL-14834
|
||||
|
||||
* Wed Nov 15 2023 Zoltan Fridrich <zfridric@redhat.com> - 0.25.3-1
|
||||
- Update to new upstream release 0.25.3
|
||||
Resolves: RHEL-14834
|
||||
|
||||
* Wed Nov 8 2023 Zoltan Fridrich <zfridric@redhat.com> - 0.25.2-1
|
||||
- Update to new upstream release 0.25.2
|
||||
Resolves: RHEL-14834
|
||||
- Add IBM specific mechanisms and attributes
|
||||
Resolves: RHEL-10571
|
||||
Resolves: RHEL-10570
|
||||
|
||||
* Mon Jan 11 2021 Daiki Ueno <dueno@redhat.com> - 0.23.22-1
|
||||
- Rebase to 0.23.22 to fix memory safety issues (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363)
|
||||
- Preserve DT_NEEDED information from the previous version, flagged by rpmdiff
|
||||
- Add xsltproc to BR
|
||||
* Tue Feb 1 2022 Daiki Ueno <dueno@redhat.com> - 0.24.1-2
|
||||
- Replace "black list" with "blocklist" in -trust subpackage description (#2026457)
|
||||
|
||||
* Tue Nov 10 2020 Daiki Ueno <dueno@redhat.com> - 0.23.21-4
|
||||
- Fix realloc usage on proxy cleanup (#1894979)
|
||||
- Make 'trust anchor --store' preserve all attributes from .p11-kit files
|
||||
* Mon Jan 17 2022 Packit Service <user-cont-team+packit-service@redhat.com> - 0.24.1-1
|
||||
- Release 0.24.1 (Daiki Ueno)
|
||||
- common: Support copying attribute array recursively (Daiki Ueno)
|
||||
- common: Add assert_ptr_cmp (Daiki Ueno)
|
||||
- gtkdoc: remove dependencies on custom target files (Eli Schwartz)
|
||||
- doc: Replace occurrence of black list with blocklist (Daiki Ueno)
|
||||
- build: Suppress cppcheck false-positive on array bounds (Daiki Ueno)
|
||||
- ci: Use Docker image from the same repository (Daiki Ueno)
|
||||
- ci: Integrate Docker image building to GitHub workflow (Daiki Ueno)
|
||||
- rpc: Fallback to version 0 if server does not support negotiation (Daiki Ueno)
|
||||
- build: Port e850e03be65ed573d0b69ee0408e776c08fad8a3 to meson (Daiki Ueno)
|
||||
- Link libp11-kit so that it cannot unload (Emmanuel Dreyfus)
|
||||
- trust: Use dngettext for plurals (Daiki Ueno)
|
||||
- rpc: Support protocol version negotiation (Daiki Ueno)
|
||||
- rpc: Separate authentication step from transaction (Daiki Ueno)
|
||||
- Meson: p11_system_config_modules instead of p11_package_config_modules (Issam E. Maghni)
|
||||
- shell: test -a|o is not POSIX (Issam E. Maghni)
|
||||
- Meson: Add libtasn1 to trust programs (Issam E. Maghni)
|
||||
- meson: optionalise glib's development files for gtk_doc (Đoàn Trần Công Danh)
|
||||
|
||||
* Tue Nov 3 2020 Daiki Ueno <dueno@redhat.com> - 0.23.21-3
|
||||
- Restore clobbered changelog entry
|
||||
* Wed Aug 18 2021 DJ Delorie <dj@redhat.com> - 0.24.0-4
|
||||
- Rebuilt for libffi 3.4.2 SONAME transition.
|
||||
Related: rhbz#1891914
|
||||
|
||||
* Mon Nov 2 2020 Daiki Ueno <dueno@redhat.com> - 0.23.21-2
|
||||
- Update p11-kit-invalid-config.patch to be more thorough (thanks to
|
||||
Alexander Sosedkin)
|
||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.24.0-3
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
|
||||
* Tue Oct 20 2020 Daiki Ueno <dueno@redhat.com> - 0.23.21-1
|
||||
- Update to upstream 0.23.21 release
|
||||
* Tue Jul 13 2021 Daiki Ueno <dueno@redhat.com> - 0.24.0-2
|
||||
- Rebuild with newer GCC to fix annocheck failures
|
||||
|
||||
* Fri Mar 29 2019 Daiki Ueno <dueno@redhat.com> - 0.23.14-5
|
||||
- Fix crash on unloading the library, when it is both linked and dlopen'ed
|
||||
* Thu Jun 03 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 0.24.0-1
|
||||
- common: Only check strndup behavior when replacement is used (Daiki Ueno)
|
||||
- Release 0.24.0 (Daiki Ueno)
|
||||
- Release 0.23.22 (Daiki Ueno)
|
||||
- rpc: Tighten attribute array check with manual enumeration (Daiki Ueno)
|
||||
- Check for SUN_LEN and provide fallback (Claes Nästén)
|
||||
- Do not define _XOPEN_SOURCE in compat.c on Solaris (Claes Nästén)
|
||||
- make autogen.sh a bit more portable (Claes Nästén)
|
||||
- rpc-server: Disable parsing CKF_ARRAY_ATTRIBUTE (Daiki Ueno)
|
||||
- Update README.md (Daiki Ueno)
|
||||
- README.md: Suggest using only meson sub-commands instead of ninja (Daiki Ueno)
|
||||
- p11-kit: Add missing <limits.h> include for SIZE_MAX (Daiki Ueno)
|
||||
- packit: drop synced_files (Tomas Tomecek)
|
||||
- packit: fedora renamed master branch to rawhide (Tomas Tomecek)
|
||||
- Fix minor typo (Yuri Chornoivan)
|
||||
- po: Add trust/trust.c to POTFILES.in (Daiki Ueno)
|
||||
- po: Update POTFILES.in (Daiki Ueno)
|
||||
- trust: Make more strings translatable (Daiki Ueno)
|
||||
- p11-kit: Make more strings translatable (Daiki Ueno)
|
||||
- common: Enable message translation in p11_tool_main (Daiki Ueno)
|
||||
- meson: Make sure to set PROJECT_NAME and ENABLE_NLS for 'nls' option (Daiki Ueno)
|
||||
- build: Add fuzz/meson.build in the distribution (Daiki Ueno)
|
||||
- fuzz: Move the directory out of build/ (Daiki Ueno)
|
||||
- Release all library/mock resources before exit (David Cook)
|
||||
- Add separate oss-fuzz Makefile target (David Cook)
|
||||
- Add build targets for future additional fuzzers (David Cook)
|
||||
- Build fuzzer target from meson/ninja (David Cook)
|
||||
- Explicit dependency for virtual-fixed-generated.h (David Cook)
|
||||
- Build fuzzer target from automake (David Cook)
|
||||
- rpc_fuzzer: Clean up buffer before exit (David Cook)
|
||||
- New set of fuzzer seeds (David Cook)
|
||||
- github: Remove unnecessary SRCDIR envvar (Daiki Ueno)
|
||||
- github: Use runuser instead of su for building and testing (Daiki Ueno)
|
||||
- github: Use composite action to simplify the main recipe (Daiki Ueno)
|
||||
- github: Use pre-built container image for building (Daiki Ueno)
|
||||
- README.md: Add GitHub workflow status (Daiki Ueno)
|
||||
- travis: Remove configurations other than FreeBSD (Daiki Ueno)
|
||||
- autotools: Fix for VPATH build (Daiki Ueno)
|
||||
- github actions: Initial CI setup (Anderson Toshiyuki Sasaki)
|
||||
- modules: p11_kit_initialize_module: Remove redundant module unref (Daiki Ueno)
|
||||
- server: Account for NUL byte at the end of Unix domain socket path (Daiki Ueno)
|
||||
- compat: Expose FreeBSD specific issetugid, getresuid, and getresgid (Daiki Ueno)
|
||||
- compat: Remove <unistd.h> inclusion from compat.h (Daiki Ueno)
|
||||
- compat: Avoid unused variables warning in fdwalk emulation (Daiki Ueno)
|
||||
- compat: Pacify ASan complaints on intentionally leaked buffer (Daiki Ueno)
|
||||
- meson: Link trust/client modules explicitly to -ldl (Daiki Ueno)
|
||||
- p11-kit/lists.c: Add stdint.h to fix compilation (Daniel Engberg)
|
||||
- Follow-up to arithmetic overflow fix (David Cook)
|
||||
- Check for arithmetic overflows before allocating (David Cook)
|
||||
- Check attribute length against buffer size (David Cook)
|
||||
- Fix bounds check in p11_rpc_buffer_get_byte_array (David Cook)
|
||||
- Fix buffer overflow in log_token_info (David Cook)
|
||||
- common: Don't assume __STDC_VERSION__ is always defined (Daiki Ueno)
|
||||
- compat: getauxval: correct compiler macro for FreeBSD (Daiki Ueno)
|
||||
- compat: fdwalk: add guard for Linux specific local variables (Daiki Ueno)
|
||||
- meson: Add missing libtasn1 dependency (Daiki Ueno)
|
||||
- travis: Add freebsd build (Daiki Ueno)
|
||||
- anchor: Prefer persistent format when storing anchor (Daiki Ueno)
|
||||
- travis: Run "make check" along with "make distcheck" for coverage (Daiki Ueno)
|
||||
- travis: Use python3 as the default Python interpreter (Daiki Ueno)
|
||||
- travis: Route to Ubuntu 20.04 base image (Daiki Ueno)
|
||||
- meson: Set -fstack-protector for MinGW64 cross build (Daiki Ueno)
|
||||
- meson: expand ternary operator in function call for compatibility (Daiki Ueno)
|
||||
- meson: Use custom_target for generating external XML entities (Daiki Ueno)
|
||||
- meson: Allow building manpages without gtk-doc (Jan Alexander Steffens (heftig))
|
||||
- Rename is_path_component to is_path_separator (Alexander Sosedkin)
|
||||
- Use is_path_component in one more place (Alexander Sosedkin)
|
||||
- Remove more duplicate separators in p11_path_build (Alexander Sosedkin)
|
||||
- common: Fix infloop in p11_path_build (Daiki Ueno)
|
||||
- Use inclusive language on certificate distrust (Daiki Ueno)
|
||||
- proxy: C_CloseAllSessions: Make sure that calloc args are non-zero (Daiki Ueno)
|
||||
- build: Use calloc in a consistent manner (Daiki Ueno)
|
||||
- meson: Allow override of default bashcompdir. Fixes meson regression (issue #322). Pass -Dbashcompdir=/xxx to meson. (John Hein)
|
||||
- common: Check for a NULL locale before freeing it (Tavian Barnes)
|
||||
- p11_test_copy_setgid: Skip setgid tests on nosuid filesystems (Anders Kaseorg)
|
||||
- unix-peer: replace incorrect include1 (Rosen Penev)
|
||||
- test-compat: Skip getprogname test if BUILDDIR contains a symlink (Daiki Ueno)
|
||||
- add trust-extract-compat into EXTRA-DIST (Xℹ Ruoyao)
|
||||
- meson: install trust-extract-compat (Xℹ Ruoyao)
|
||||
- rename trust-extract-compat.in to trust-extract-compat (Xℹ Ruoyao)
|
||||
|
||||
* Mon Oct 29 2018 Daiki Ueno <dueno@redhat.com> - 0.23.14-4
|
||||
- Prefer fixed closures to libffi closures
|
||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.23.22-4
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
* Wed Oct 17 2018 Daiki Ueno <dueno@redhat.com> - 0.23.14-3
|
||||
- Update p11-kit-coverity.patch
|
||||
* Tue Jan 26 2021 Daiki Ueno <dueno@redhat.com> - 0.23.22-3
|
||||
- Suppress intentional memleak in getprogname emulation (#1905581)
|
||||
|
||||
* Tue Oct 16 2018 Daiki Ueno <dueno@redhat.com> - 0.23.14-2
|
||||
- Fix issues spotted by coverity
|
||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.23.22-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
|
||||
* Wed Oct 10 2018 Daiki Ueno <dueno@redhat.com> - 0.23.14-1
|
||||
* Fri Dec 11 2020 Packit Service <user-cont-team+packit-service@redhat.com> - 0.23.22-1
|
||||
- Release 0.23.22 (Daiki Ueno)
|
||||
- Follow-up to arithmetic overflow fix (David Cook)
|
||||
- Check for arithmetic overflows before allocating (David Cook)
|
||||
- Check attribute length against buffer size (David Cook)
|
||||
- Fix bounds check in p11_rpc_buffer_get_byte_array (David Cook)
|
||||
- Fix buffer overflow in log_token_info (David Cook)
|
||||
- common: Don't assume __STDC_VERSION__ is always defined (Daiki Ueno)
|
||||
- compat: getauxval: correct compiler macro for FreeBSD (Daiki Ueno)
|
||||
- compat: fdwalk: add guard for Linux specific local variables (Daiki Ueno)
|
||||
- meson: Add missing libtasn1 dependency (Daiki Ueno)
|
||||
- travis: Add freebsd build (Daiki Ueno)
|
||||
- anchor: Prefer persistent format when storing anchor (Daiki Ueno)
|
||||
- travis: Run "make check" along with "make distcheck" for coverage (Daiki Ueno)
|
||||
- travis: Use python3 as the default Python interpreter (Daiki Ueno)
|
||||
- travis: Route to Ubuntu 20.04 base image (Daiki Ueno)
|
||||
- meson: Set -fstack-protector for MinGW64 cross build (Daiki Ueno)
|
||||
- meson: expand ternary operator in function call for compatibility (Daiki Ueno)
|
||||
- meson: Use custom_target for generating external XML entities (Daiki Ueno)
|
||||
- meson: Allow building manpages without gtk-doc (Jan Alexander Steffens (heftig))
|
||||
- Rename is_path_component to is_path_separator (Alexander Sosedkin)
|
||||
- Use is_path_component in one more place (Alexander Sosedkin)
|
||||
- Remove more duplicate separators in p11_path_build (Alexander Sosedkin)
|
||||
- common: Fix infloop in p11_path_build (Daiki Ueno)
|
||||
- proxy: C_CloseAllSessions: Make sure that calloc args are non-zero (Daiki Ueno)
|
||||
- build: Use calloc in a consistent manner (Daiki Ueno)
|
||||
- meson: Allow override of default bashcompdir. Fixes meson regression (issue #322). Pass -Dbashcompdir=/xxx to meson. (John Hein)
|
||||
- common: Check for a NULL locale before freeing it (Tavian Barnes)
|
||||
- p11_test_copy_setgid: Skip setgid tests on nosuid filesystems (Anders Kaseorg)
|
||||
- unix-peer: replace incorrect include1 (Rosen Penev)
|
||||
- test-compat: Skip getprogname test if BUILDDIR contains a symlink (Daiki Ueno)
|
||||
- add trust-extract-compat into EXTRA-DIST (Xℹ Ruoyao)
|
||||
- meson: install trust-extract-compat (Xℹ Ruoyao)
|
||||
- rename trust-extract-compat.in to trust-extract-compat (Xℹ Ruoyao)
|
||||
|
||||
* Thu Nov 12 2020 Alexander Sosedkin <asosedkin@redhat.com> - 0.23.21-3
|
||||
- Add an explicit build dependency on xsltproc
|
||||
|
||||
* Tue Aug 18 2020 Packit Service <user-cont-team+packit-service@redhat.com> - 0.23.21-2
|
||||
- new upstream release: 0.23.21
|
||||
|
||||
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.23.20-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
* Wed Jan 29 2020 Daiki Ueno <dueno@redhat.com> - 0.23.20-1
|
||||
- Update to upstream 0.23.20 release
|
||||
|
||||
* Wed Jan 22 2020 Daiki Ueno <dueno@redhat.com> - 0.23.19-1
|
||||
- Update to upstream 0.23.19 release
|
||||
- Check archive signature in %%prep
|
||||
- Switch to using Meson as the build system
|
||||
|
||||
* Mon Sep 30 2019 Daiki Ueno <dueno@redhat.com> - 0.23.18.1-1
|
||||
- Update to upstream 0.23.18.1 release
|
||||
|
||||
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.23.16.1-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Thu May 23 2019 Daiki Ueno <dueno@redhat.com> - 0.23.16.1-1
|
||||
- Update to upstream 0.23.16.1 release
|
||||
|
||||
* Thu May 23 2019 Daiki Ueno <dueno@redhat.com> - 0.23.16-1
|
||||
- Update to upstream 0.23.16 release
|
||||
|
||||
* Mon Feb 18 2019 Daiki Ueno <dueno@redhat.com> - 0.23.15-3
|
||||
- trust: Ignore unreadable content in anchors
|
||||
|
||||
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.23.15-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Mon Jan 21 2019 Daiki Ueno <dueno@redhat.com> - 0.23.15-1
|
||||
- Update to upstream 0.23.15 release
|
||||
|
||||
* Fri Jan 11 2019 Nils Philippsen <nils@tiptoe.de> - 0.23.14-3
|
||||
- use spaces instead of tabs consistently
|
||||
- prefer fixed closures to libffi closures (#1656245, patch by Daiki Ueno)
|
||||
|
||||
* Mon Oct 29 2018 James Antill <james.antill@redhat.com> - 0.23.14-2
|
||||
- Remove ldconfig scriptlet, now done via. transfiletrigger in glibc.
|
||||
|
||||
* Fri Sep 07 2018 Daiki Ueno <dueno@redhat.com> - 0.23.14-1
|
||||
- Update to upstream 0.23.14 release
|
||||
|
||||
* Wed Aug 15 2018 Daiki Ueno <dueno@redhat.com> - 0.23.13-3
|
||||
- Forcibly link with libpthread to avoid regressions (rhbz#1615038)
|
||||
|
||||
* Wed Aug 15 2018 Daiki Ueno <dueno@redhat.com> - 0.23.13-2
|
||||
- Fix invalid memory access on proxy cleanup
|
||||
|
||||
* Fri Aug 10 2018 Daiki Ueno <dueno@redhat.com> - 0.23.13-1
|
||||
- Update to upstream 0.23.13 release
|
||||
|
||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.23.12-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Wed May 30 2018 Daiki Ueno <dueno@redhat.com> - 0.23.12-1
|
||||
- Update to upstream 0.23.11 release
|
||||
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
SHA512 (p11-kit-release-keyring.gpg) = 9a832a8ac3a139cbbf1ecb66573f0709847ebfef4975777cf82b4dca09af1ad8e6400f0af0bcdb92860e7ed4fc05082ba1edda0238a21fe24d49555a1069e881
|
||||
SHA512 (p11-kit-0.25.3.tar.xz) = ad2d393bf122526cbba18dc9d5a13f2c1cad7d70125ec90ffd02059dfa5ef30ac59dfc0bb9bc6380c8f317e207c9e87e895f1945634f56ddf910c2958868fb4c
|
||||
SHA512 (p11-kit-0.25.3.tar.xz.sig) = 189a40b12e40818daff4aa6869d7e0fa342a42f3901d85fc52bb40f7023bb17790967be5ab9a183473fe8bb3e335a0d4d8c2b6345ccf811e90f8495009c085b8
|
||||
Loading…
Reference in New Issue