175 static int pk11_DH_compute_key(unsigned char *key,
200  * Increment existing or create a new reference for an asymmetric key PKCS#11
241  * search key and return refcnt of the found/created entry or -1 in case of
1195  * Get a key from a file whose name is 'keyid'.
1267  * Get a key from a token.
1285 	CK_OBJECT_HANDLE ks_key = CK_INVALID_HANDLE;	/* key in keystore */
1289 	 * structure with something we can use to look up the key. Note that we
1333 	 * case of failure the sp structure will have both key pointer
1367 	/* We only export the non-sensitive key components: n and e */
1374 		 * well. They serve as a public look-up key for the private key
1403 		 * a public key stored in the keystore or not so it's better if
1404 		 * we always have a session key. Note that this is different
1433  * Load an RSA key from a file or get its PKCS#11 handle if stored in the
1456 		/* PKCS#11 URI: try to find a key from a PKCS#11 token */
1473  * Load RSA private key from a file or get its PKCS#11 handle if stored in the
1484 /* Load RSA public key from a file or load it from the PKCS#11 token. */
1494  * Get a public key object in a session from a given rsa structure. If the
1667 	/* Put the private key components into the template */
1692 	 * We are getting the private key but the private 'd' component is NULL.
1693 	 * That means this is key by reference RSA key. In that case, we can
1694 	 * use only public components for searching for the private key handle.
1730 		 * tried to find the private key in the keystore. If it was
1731 		 * really a token key we have a problem. Note that for other key
1732 		 * types we just create a new session key using the private
1770 	 * For the key by reference code, we need public components as well
1808 	 * 6 to 13 entries in the key template are key components.
1825  * meaning that it's a different RSA key pair. Return 1 for cache hit, 0 for
1834 	 * key matter here so it is sufficient to compare them with values
1837 	 * We must check the handle as well since with key by reference, public
1839 	 * could have a cache hit in a private key when looking for a public
1840 	 * key. That would not work, you cannot have one PKCS#11 object for
1850 			 * No public key object yet but we have the right RSA
1851 			 * structure with potentially existing private key
1860 	 * A different RSA key pair was using this session structure previously
1870  * meaning that it's a different RSA key pair. Return 1 for cache hit, 0 for
1879 	 * key with value cached in PK11_SESSION structure should
1892 			 * No private key object yet but we have the right RSA
1893 			 * structure with potentially existing public key
1902 	 * A different RSA key pair was using this session structure previously
2114  * Create a public key object in a session from a given dsa structure.
2230  * Create a private key object in the session from a given dsa structure
2263 	/* Put the private key components into the template */
2340 	 * 5 to 8 entries in the key template are key components.
2364 	 * check for cache hit stronger. Only public key component of DSA
2365 	 * key matters here so it is sufficient to compare it with value
2372 		 * failure the sp structure will have both key pointer
2391 	 * check for cache hit stronger. Only private key component of DSA
2392 	 * key matters here so it is sufficient to compare it with value
2399 		 * failure the sp structure will have both key pointer
2428  * Generate DH key-pair.
2648 pk11_DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
2743 	 * OpenSSL allocates the output buffer 'key' which is the same
2744 	 * length of the public key. It is long enough for the derived key
2762 		(void) memcpy(key, ((char *)priv_key_result[0].pValue) + i,
2931 	 * check for cache hit stronger. Private key component of DH key
2939 		 * failure the sp structure will have both key pointer
2951  * Local function to simplify key template population

Indexes created Tue Jul 24 14:28:13 CEST 2018