diff options
author | Krzysztof Jackiewicz <k.jackiewicz@samsung.com> | 2019-01-29 15:56:52 +0100 |
---|---|---|
committer | Krzysztof Jackiewicz <k.jackiewicz@samsung.com> | 2019-02-13 13:37:15 +0100 |
commit | ec32181d03f9c34708a7605c724a36fd91364f9b (patch) | |
tree | d49564506c00b8afad854cebadb87ad11d8ce3c7 | |
parent | 0b4db5ef0ee9ab0827259cd8d8236ed3996315d7 (diff) | |
download | key-manager-ec32181d03f9c34708a7605c724a36fd91364f9b.tar.gz key-manager-ec32181d03f9c34708a7605c724a36fd91364f9b.tar.bz2 key-manager-ec32181d03f9c34708a7605c724a36fd91364f9b.zip |
Add helper randomization function in key-provider.cpp
Change-Id: I657ac68ce8e9253ca63187132eef3fb769d8426a
-rw-r--r-- | src/manager/service/key-provider.cpp | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/src/manager/service/key-provider.cpp b/src/manager/service/key-provider.cpp index 0ed59cc5..aea5c9b5 100644 --- a/src/manager/service/key-provider.cpp +++ b/src/manager/service/key-provider.cpp @@ -162,6 +162,13 @@ KeyData makePKEK2(const uint8_t *domainKEK, const std::string &user) return key; } + +template <size_t N> +bool randomize(uint8_t (&array)[N]) +{ + return RAND_bytes(array, N) == 1; +} + } // anonymous namespace WrappedKeyAndInfoContainer::WrappedKeyAndInfoContainer() @@ -425,8 +432,7 @@ RawBuffer KeyProvider::generateDEK(const ClientId &client) uint8_t key[MAX_KEY_SIZE]; - if (!RAND_bytes(key, m_kmcDKEK->getKeyAndInfo().keyInfo.keyLength) || - !RAND_bytes(wkmcDEK.getWrappedKeyAndInfo().keyInfo.iv, MAX_IV_SIZE)) + if (!randomize(key) || !randomize(wkmcDEK.getWrappedKeyAndInfo().keyInfo.iv)) ThrowErr(Exc::InternalError, "OPENSSL_ENGINE_ERROR"); KeyData PKEK2 = makePKEK2(m_kmcDKEK->getKeyAndInfo().key, resized_client); @@ -512,10 +518,11 @@ RawBuffer KeyProvider::generateDomainKEK( wkmcDKEK.setKeyInfoClient(user); - if (!RAND_bytes(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.salt, MAX_SALT_SIZE) || - !RAND_bytes(key, MAX_KEY_SIZE) || - !RAND_bytes(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.iv, MAX_IV_SIZE)) + if (!randomize(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.salt) || + !randomize(key) || + !randomize(wkmcDKEK.getWrappedKeyAndInfo().keyInfo.iv)) { ThrowErr(Exc::InternalError, "OPENSSL_ENGINE_ERROR"); + } KeyData PKEK1 = makePKEK1(wkmcDKEK.getWrappedKeyAndInfo().keyInfo, userPassword); |