for (auto &i: labelNameVector) {
// certificates can't be protected with custom user password
Crypto::GObjUPtr obj;
- int ec = readDataHelper(false, cred, DataType::CERTIFICATE, i.second, i.first, Password(), obj);
+ int ec;
+ ec = readDataHelper(true,
+ cred,
+ DataType::CERTIFICATE,
+ i.second,
+ i.first,
+ Password(),
+ obj);
if (ec != CKM_API_SUCCESS)
return ec;
// try to read chain certificates (if present)
Crypto::GObjUPtrVector caChainObjs;
- ec = readDataHelper(false, cred, DataType::DB_CHAIN_FIRST, i.second, i.first, CKM::Password(), caChainObjs);
+ ec = readDataHelper(true,
+ cred,
+ DataType::DB_CHAIN_FIRST,
+ i.second,
+ i.first,
+ CKM::Password(),
+ caChainObjs);
if(ec != CKM_API_SUCCESS && ec != CKM_API_ERROR_DB_ALIAS_UNKNOWN)
return ec;
for(auto &caCertObj : caChainObjs)
const Label & ownerLabel,
const Password &password, // password for private_key
const RawBuffer &message,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding)
+ const CryptoAlgorithm &cryptoAlg)
{
DB::Row row;
RawBuffer signature;
- CryptoAlgorithm cryptoAlg;
- cryptoAlg.setParam(ParamName::SV_HASH_ALGO, hash);
- cryptoAlg.setParam(ParamName::SV_RSA_PADDING, padding);
int retCode = CKM_API_SUCCESS;
const Password &password, // password for public_key (optional)
const RawBuffer &message,
const RawBuffer &signature,
- const HashAlgorithm hash,
- const RSAPaddingAlgorithm padding)
+ const CryptoAlgorithm ¶ms)
{
int retCode = CKM_API_ERROR_VERIFICATION_FAILED;
try {
DB::Row row;
- CryptoAlgorithm params;
- params.setParam(ParamName::SV_HASH_ALGO, hash);
- params.setParam(ParamName::SV_RSA_PADDING, padding);
-
// try certificate first - looking for a public key.
// in case of PKCS, pub key from certificate will be found first
// rather than private key from the same PKCS.