[Cryptech-Commits] [sw/libhal] 02/12: Simplify hal_rpc_pkey_find() by removing `type` argument.

git at cryptech.is git at cryptech.is
Fri Sep 16 19:53:10 UTC 2016


This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch ksng
in repository sw/libhal.

commit b1214089088d0321142f64abf2c820da9561bba9
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Fri Sep 9 00:33:52 2016 -0400

    Simplify hal_rpc_pkey_find() by removing `type` argument.
    
    Now that key names are UUIDs generated by the HSM, there's no real
    need to specify type key type when looking up a key, and removing the
    `type` argument allows a few simplifications of both the internal
    keystore API and of client code calling the public RPC API.
---
 hal.h          |  1 -
 hal_internal.h |  1 -
 ks_flash.c     | 14 +++++++-------
 ks_volatile.c  | 17 ++++++++---------
 rpc_api.c      |  5 ++---
 rpc_client.c   |  4 +---
 rpc_pkey.c     | 14 ++++++--------
 rpc_server.c   |  4 +---
 8 files changed, 25 insertions(+), 35 deletions(-)

diff --git a/hal.h b/hal.h
index f6573a4..6f312af 100644
--- a/hal.h
+++ b/hal.h
@@ -699,7 +699,6 @@ extern hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client,
 extern hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client,
                                      const hal_session_handle_t session,
                                      hal_pkey_handle_t *pkey,
-                                     const hal_key_type_t type,
                                      const hal_uuid_t * const name,
                                      const hal_key_flags_t flags);
 
diff --git a/hal_internal.h b/hal_internal.h
index dcf532f..59efbff 100644
--- a/hal_internal.h
+++ b/hal_internal.h
@@ -178,7 +178,6 @@ typedef struct {
   hal_error_t  (*find)(const hal_client_handle_t client,
                        const hal_session_handle_t session,
                        hal_pkey_handle_t *pkey,
-                       const hal_key_type_t type,
                        const hal_uuid_t * const name,
                        const hal_key_flags_t flags);
 
diff --git a/ks_flash.c b/ks_flash.c
index c3d12aa..9393100 100644
--- a/ks_flash.c
+++ b/ks_flash.c
@@ -291,13 +291,12 @@ static inline int acceptable_key_type(const hal_key_type_t type)
   }
 }
 
-static inline hal_ks_key_t *find(const hal_key_type_t type,
-                          const hal_uuid_t * const name)
+static inline hal_ks_key_t *find(const hal_uuid_t * const name)
 {
-  assert(name != NULL && acceptable_key_type(type));
+  assert(name != NULL);
 
   for (int i = 0; i < sizeof(db.keys)/sizeof(*db.keys); i++)
-    if (db.keys[i].in_use && db.keys[i].type == type && hal_uuid_cmp(&db.keys[i].name, name) == 0)
+    if (db.keys[i].in_use && hal_uuid_cmp(&db.keys[i].name, name) == 0)
       return &db.keys[i];
 
   return NULL;
@@ -310,11 +309,12 @@ static hal_error_t ks_fetch(hal_ks_t *ks,
   if (ks != &db.ks || slot == NULL || !acceptable_key_type(slot->type))
     return HAL_ERROR_BAD_ARGUMENTS;
 
-  const hal_ks_key_t * const k = find(slot->type, &slot->name);
+  const hal_ks_key_t * const k = find(&slot->name);
 
   if (k == NULL)
     return HAL_ERROR_KEY_NOT_FOUND;
 
+  slot->type  = k->type;
   slot->curve = k->curve;
   slot->flags = k->flags;
 
@@ -384,7 +384,7 @@ static hal_error_t ks_store(hal_ks_t *ks,
   if (ks != &db.ks || slot == NULL || der == NULL || der_len == 0 || !acceptable_key_type(slot->type))
     return HAL_ERROR_BAD_ARGUMENTS;
 
-  if (find(slot->type, &slot->name) != NULL)
+  if (find(&slot->name) != NULL)
     return HAL_ERROR_KEY_NAME_IN_USE;
 
   int loc = -1;
@@ -482,7 +482,7 @@ static hal_error_t ks_delete(hal_ks_t *ks,
   if (ks != &db.ks || slot == NULL || !acceptable_key_type(slot->type))
     return HAL_ERROR_BAD_ARGUMENTS;
 
-  hal_ks_key_t *k = find(slot->type, &slot->name);
+  hal_ks_key_t *k = find(&slot->name);
 
   if (k == NULL)
     return HAL_ERROR_KEY_NOT_FOUND;
diff --git a/ks_volatile.c b/ks_volatile.c
index 155ae04..d4f8ebd 100644
--- a/ks_volatile.c
+++ b/ks_volatile.c
@@ -176,14 +176,12 @@ static hal_error_t ks_store(hal_ks_t *ks,
   return HAL_OK;
 }
 
-static hal_ks_key_t *find(ks_t *ksv,
-                          const hal_key_type_t type,
-                          const hal_uuid_t * const name)
+static hal_ks_key_t *find(ks_t *ksv, const hal_uuid_t * const name)
 {
-  assert(ksv != NULL && name != NULL && acceptable_key_type(type));
+  assert(ksv != NULL && name != NULL);
 
   for (int i = 0; i < sizeof(ksv->db->keys)/sizeof(*ksv->db->keys); i++)
-    if (ksv->db->keys[i].in_use && ksv->db->keys[i].type == type && hal_uuid_cmp(&ksv->db->keys[i].name, name) == 0)
+    if (ksv->db->keys[i].in_use && hal_uuid_cmp(&ksv->db->keys[i].name, name) == 0)
       return &ksv->db->keys[i];
 
   return NULL;
@@ -193,7 +191,7 @@ static hal_error_t ks_fetch(hal_ks_t *ks,
                             hal_pkey_slot_t *slot,
                             uint8_t *der, size_t *der_len, const size_t der_max)
 {
-  if (ks == NULL || slot == NULL || !acceptable_key_type(slot->type))
+  if (ks == NULL || slot == NULL)
     return HAL_ERROR_BAD_ARGUMENTS;
 
   ks_t *ksv = ks_to_ksv(ks);
@@ -201,11 +199,12 @@ static hal_error_t ks_fetch(hal_ks_t *ks,
   if (ksv->db == NULL)
     return HAL_ERROR_KEYSTORE_ACCESS;
 
-  const hal_ks_key_t * const k = find(ksv, slot->type, &slot->name);
+  const hal_ks_key_t * const k = find(ksv, &slot->name);
 
   if (k == NULL)
     return HAL_ERROR_KEY_NOT_FOUND;
 
+  slot->type  = k->type;
   slot->curve = k->curve;
   slot->flags = k->flags;
 
@@ -238,7 +237,7 @@ static hal_error_t ks_fetch(hal_ks_t *ks,
 static hal_error_t ks_delete(hal_ks_t *ks,
                              const hal_pkey_slot_t * const slot)
 {
-  if (ks == NULL || slot == NULL || !acceptable_key_type(slot->type))
+  if (ks == NULL || slot == NULL)
     return HAL_ERROR_BAD_ARGUMENTS;
 
   ks_t *ksv = ks_to_ksv(ks);
@@ -246,7 +245,7 @@ static hal_error_t ks_delete(hal_ks_t *ks,
   if (ksv->db == NULL)
     return HAL_ERROR_KEYSTORE_ACCESS;
 
-  hal_ks_key_t *k = find(ksv, slot->type, &slot->name);
+  hal_ks_key_t *k = find(ksv, &slot->name);
 
   if (k == NULL)
     return HAL_ERROR_KEY_NOT_FOUND;
diff --git a/rpc_api.c b/rpc_api.c
index 2fe7e63..a8dc89d 100644
--- a/rpc_api.c
+++ b/rpc_api.c
@@ -230,13 +230,12 @@ hal_error_t hal_rpc_pkey_load(const hal_client_handle_t client,
 hal_error_t hal_rpc_pkey_find(const hal_client_handle_t client,
                               const hal_session_handle_t session,
                               hal_pkey_handle_t *pkey,
-                              const hal_key_type_t type,
                               const hal_uuid_t * const name,
                               const hal_key_flags_t flags)
 {
-  if (pkey == NULL || name == NULL || !check_pkey_type(type))
+  if (pkey == NULL || name == NULL)
     return HAL_ERROR_BAD_ARGUMENTS;
-  return hal_rpc_pkey_dispatch->find(client, session, pkey, type, name, flags);
+  return hal_rpc_pkey_dispatch->find(client, session, pkey, name, flags);
 }
 
 hal_error_t hal_rpc_pkey_generate_rsa(const hal_client_handle_t client,
diff --git a/rpc_client.c b/rpc_client.c
index 14ef23b..b4184d4 100644
--- a/rpc_client.c
+++ b/rpc_client.c
@@ -447,11 +447,10 @@ static hal_error_t pkey_remote_load(const hal_client_handle_t client,
 static hal_error_t pkey_remote_find(const hal_client_handle_t client,
                                     const hal_session_handle_t session,
                                     hal_pkey_handle_t *pkey,
-                                    const hal_key_type_t type,
                                     const hal_uuid_t * const name,
                                     const hal_key_flags_t flags)
 {
-  uint8_t outbuf[nargs(6) + pad(sizeof(name->uuid))], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
+  uint8_t outbuf[nargs(5) + pad(sizeof(name->uuid))], *optr = outbuf, *olimit = outbuf + sizeof(outbuf);
   uint8_t inbuf[nargs(4)];
   const uint8_t *iptr = inbuf, *ilimit = inbuf + sizeof(inbuf);
   hal_error_t rpc_ret;
@@ -459,7 +458,6 @@ static hal_error_t pkey_remote_find(const hal_client_handle_t client,
   check(hal_xdr_encode_int(&optr, olimit, RPC_FUNC_PKEY_FIND));
   check(hal_xdr_encode_int(&optr, olimit, client.handle));
   check(hal_xdr_encode_int(&optr, olimit, session.handle));
-  check(hal_xdr_encode_int(&optr, olimit, type));
   check(hal_xdr_encode_buffer(&optr, olimit, name->uuid, sizeof(name->uuid)));
   check(hal_xdr_encode_int(&optr, olimit, flags));
   check(hal_rpc_send(outbuf, optr - outbuf));
diff --git a/rpc_pkey.c b/rpc_pkey.c
index 069a73b..cf0975b 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -191,9 +191,9 @@ static hal_error_t pkey_local_load(const hal_client_handle_t client,
   if ((err = hal_uuid_gen(&slot->name)) != HAL_OK)
     return err;
 
-  slot->client_handle = client;
+  slot->client_handle  = client;
   slot->session_handle = session;
-  slot->type = type;
+  slot->type  = type;
   slot->curve = curve;
   slot->flags = flags;
 
@@ -220,7 +220,6 @@ static hal_error_t pkey_local_load(const hal_client_handle_t client,
 static hal_error_t pkey_local_find(const hal_client_handle_t client,
                                    const hal_session_handle_t session,
                                    hal_pkey_handle_t *pkey,
-                                   const hal_key_type_t type,
                                    const hal_uuid_t * const name,
                                    const hal_key_flags_t flags)
 {
@@ -236,7 +235,6 @@ static hal_error_t pkey_local_find(const hal_client_handle_t client,
   slot->name = *name;
   slot->client_handle = client;
   slot->session_handle = session;
-  slot->type = type;
 
   if ((err = ks_open_from_flags(&ks, flags)) == HAL_OK &&
       (err = hal_ks_fetch(ks, slot, NULL, NULL, 0)) == HAL_OK)
@@ -279,9 +277,9 @@ static hal_error_t pkey_local_generate_rsa(const hal_client_handle_t client,
   if ((err = hal_uuid_gen(&slot->name)) != HAL_OK)
     return err;
 
-  slot->client_handle = client;
+  slot->client_handle  = client;
   slot->session_handle = session;
-  slot->type = HAL_KEY_TYPE_RSA_PRIVATE;
+  slot->type  = HAL_KEY_TYPE_RSA_PRIVATE;
   slot->curve = HAL_CURVE_NONE;
   slot->flags = flags;
 
@@ -340,9 +338,9 @@ static hal_error_t pkey_local_generate_ec(const hal_client_handle_t client,
   if ((err = hal_uuid_gen(&slot->name)) != HAL_OK)
     return err;
 
-  slot->client_handle = client;
+  slot->client_handle  = client;
   slot->session_handle = session;
-  slot->type = HAL_KEY_TYPE_EC_PRIVATE;
+  slot->type  = HAL_KEY_TYPE_EC_PRIVATE;
   slot->curve = curve;
   slot->flags = flags;
 
diff --git a/rpc_server.c b/rpc_server.c
index 9694ab8..9397d3e 100644
--- a/rpc_server.c
+++ b/rpc_server.c
@@ -354,7 +354,6 @@ static hal_error_t pkey_find(const uint8_t **iptr, const uint8_t * const ilimit,
     hal_client_handle_t client;
     hal_session_handle_t session;
     hal_pkey_handle_t pkey;
-    uint32_t type;
     const uint8_t *name_ptr;
     uint32_t name_len;
     hal_key_flags_t flags;
@@ -362,7 +361,6 @@ static hal_error_t pkey_find(const uint8_t **iptr, const uint8_t * const ilimit,
 
     check(hal_xdr_decode_int(iptr, ilimit, &client.handle));
     check(hal_xdr_decode_int(iptr, ilimit, &session.handle));
-    check(hal_xdr_decode_int(iptr, ilimit, &type));
     check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &name_ptr, &name_len));
     check(hal_xdr_decode_int(iptr, ilimit, &flags));
 
@@ -370,7 +368,7 @@ static hal_error_t pkey_find(const uint8_t **iptr, const uint8_t * const ilimit,
         return HAL_ERROR_KEY_NAME_TOO_LONG;
 
     /* call the local function */
-    ret = hal_rpc_local_pkey_dispatch.find(client, session, &pkey, type, (const hal_uuid_t *) name_ptr, flags);
+    ret = hal_rpc_local_pkey_dispatch.find(client, session, &pkey, (const hal_uuid_t *) name_ptr, flags);
 
     if (ret == HAL_OK)
         check(hal_xdr_encode_int(optr, olimit, pkey.handle));



More information about the Commits mailing list