-
Notifications
You must be signed in to change notification settings - Fork 625
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update corePKCS11 demo to read the public key #1670
Conversation
@@ -155,7 +155,7 @@ CK_RV PKCS11SignVerifyDemo( void ) | |||
{ | |||
result = xFindObjectWithLabelAndClass( session, | |||
pkcs11demoPRIVATE_KEY_LABEL, | |||
sizeof( pkcs11demoPRIVATE_KEY_LABEL ), | |||
sizeof( pkcs11demoPRIVATE_KEY_LABEL ) - 1, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this change to discount the NUL
character?
The comment in the pkcs11_demo_objects.c
file mentions that the labels should not be NUL terminated...
aws-iot-device-sdk-embedded-C/demos/pkcs11/pkcs11_demo_objects/pkcs11_demo_objects.c
Lines 337 to 340 in a6ae985
/* Labels are application defined strings that are used to identify an | |
* object. It should not be NULL terminated. */ | |
CK_BYTE publicKeyLabel[] = { pkcs11demoPUBLIC_KEY_LABEL }; | |
CK_BYTE privateKeyLabel[] = { pkcs11demoPRIVATE_KEY_LABEL }; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, it is not NUL terminated in the objects demo as well because when passed to publicKeyTemplate
/privateKeyTemplate
, the NUL character is removed through the length.
aws-iot-device-sdk-embedded-C/demos/pkcs11/pkcs11_demo_objects/pkcs11_demo_objects.c
Line 358 in a6ae985
{ CKA_LABEL, publicKeyLabel, sizeof( publicKeyLabel ) - 1 } |
Hence, NUL character must also be subtracted from the length in the sign and verify demo.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay, should the It should not be NULL terminated.
comment be removed then as it is not fitting in declaration of the byte arrays..
A note about this fix in the CHANGELOG would be valuable |
Update the demo so that it doesn't treat the public key as a private key
By submitting this pull request, I confirm that my contribution is made under the terms of the MIT license.