From f2ebc403b083a5911b6316c2fb5ad3847e45605e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Wed, 4 Jan 2006 06:31:28 +0000
Subject: [PATCH] Implement rsa_private_decrypt and add stubs for public ditto.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16461 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hx509/ks_p11.c | 58 ++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 54 insertions(+), 4 deletions(-)

diff --git a/lib/hx509/ks_p11.c b/lib/hx509/ks_p11.c
index 554ef4b63..9e59ce1f7 100644
--- a/lib/hx509/ks_p11.c
+++ b/lib/hx509/ks_p11.c
@@ -79,6 +79,27 @@ struct p11_rsa {
     CK_OBJECT_HANDLE private_key;
 };
 
+static int
+p11_rsa_public_encrypt(int flen,
+		       const unsigned char *from,
+		       unsigned char *to,
+		       RSA *rsa,
+		       int padding)
+{
+    return 0;
+}
+
+static int
+p11_rsa_public_decrypt(int flen,
+		       const unsigned char *from,
+		       unsigned char *to,
+		       RSA *rsa,
+		       int padding)
+{
+    return 0;
+}
+
+
 static int
 p11_rsa_private_encrypt(int flen, 
 			const unsigned char *from,
@@ -123,8 +144,37 @@ static int
 p11_rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
 			RSA * rsa, int padding)
 {
-    printf("p11_rsa_private_decrypt\n");
-    return 0;
+    struct p11_rsa *p11rsa = RSA_get_app_data(rsa);
+    CK_OBJECT_HANDLE key = p11rsa->private_key;
+    CK_MECHANISM mechanism;
+    CK_ULONG ck_sigsize;
+    int ret;
+
+    if (padding != RSA_PKCS1_PADDING)
+	return -1;
+
+    memset(&mechanism, 0, sizeof(mechanism));
+    mechanism.mechanism = CKM_RSA_PKCS;
+
+    ck_sigsize = RSA_size(rsa);
+
+    p11_get_session(p11rsa->p, p11rsa->slot);
+
+    ret = P11FUNC(p11rsa->p, DecryptInit,
+		  (P11SESSION(p11rsa->slot), &mechanism, key));
+    if (ret != CKR_OK) {
+	p11_put_session(p11rsa->p, p11rsa->slot);
+	return -1;
+    }
+
+    ret = P11FUNC(p11rsa->p, Decrypt,
+		  (P11SESSION(p11rsa->slot), (CK_BYTE *)from, flen, to, &ck_sigsize));
+    if (ret != CKR_OK)
+	return -1;
+
+    p11_put_session(p11rsa->p, p11rsa->slot);
+
+    return ck_sigsize;
 }
 
 static int 
@@ -144,8 +194,8 @@ p11_rsa_finish(RSA *rsa)
 
 static RSA_METHOD rsa_pkcs1_method = {
     "hx509 PKCS11 PKCS#1 RSA",
-    NULL, /* public_encrypt */
-    NULL, /* public_decrypt */
+    p11_rsa_public_encrypt,
+    p11_rsa_public_decrypt,
     p11_rsa_private_encrypt,
     p11_rsa_private_decrypt,
     NULL,