value_type operator[](uint64_t idx) const { uint64_t pos = m_high_bits.select(idx); uint64_t l; // ignored return retrieve_value(idx, pos, l); }
const double &value() const override { if (!current_) retrieve_value(); return UnivParams::value(); }
CK_RV gkm_aes_mechanism_wrap (GkmSession *session, CK_MECHANISM_PTR mech, GkmObject *wrapper, GkmObject *wrapped, CK_BYTE_PTR output, CK_ULONG_PTR n_output) { gcry_cipher_hd_t cih; gcry_error_t gcry; GkmAesKey *key; gpointer value, padded; gsize n_value, n_padded; gsize block, pos; gboolean ret; CK_RV rv; g_return_val_if_fail (GKM_IS_SESSION (session), CKR_GENERAL_ERROR); g_return_val_if_fail (mech, CKR_GENERAL_ERROR); g_return_val_if_fail (mech->mechanism == CKM_AES_CBC_PAD, CKR_GENERAL_ERROR); g_return_val_if_fail (GKM_IS_OBJECT (wrapped), CKR_GENERAL_ERROR); g_return_val_if_fail (n_output, CKR_GENERAL_ERROR); if (!GKM_IS_AES_KEY (wrapper)) return CKR_WRAPPING_KEY_TYPE_INCONSISTENT; key = GKM_AES_KEY (wrapper); block = gkm_aes_key_get_block_size (key); g_return_val_if_fail (block != 0, CKR_GENERAL_ERROR); /* They just want the length */ if (!output) { rv = retrieve_length (session, wrapped, &n_value); if (rv != CKR_OK) return rv; if (!egg_padding_pkcs7_pad (NULL, block, NULL, n_value, NULL, &n_padded)) return CKR_KEY_SIZE_RANGE; *n_output = n_padded; return CKR_OK; } cih = gkm_aes_key_get_cipher (key, GCRY_CIPHER_MODE_CBC); if (cih == NULL) return CKR_FUNCTION_FAILED; if (!mech->pParameter || gcry_cipher_setiv (cih, mech->pParameter, mech->ulParameterLen) != 0) { gcry_cipher_close (cih); return CKR_MECHANISM_PARAM_INVALID; } rv = retrieve_value (session, wrapped, &value, &n_value); if (rv != CKR_OK) { gcry_cipher_close (cih); return rv; } ret = egg_padding_pkcs7_pad (egg_secure_realloc, block, value, n_value, &padded, &n_padded); egg_secure_free (value); if (ret == FALSE) { gcry_cipher_close (cih); return CKR_KEY_SIZE_RANGE; } /* In place encryption */ for (pos = 0; pos < n_padded; pos += block) { gcry = gcry_cipher_encrypt (cih, (guchar*)padded + pos, block, NULL, 0); g_return_val_if_fail (gcry == 0, CKR_GENERAL_ERROR); } gcry_cipher_close (cih); rv = gkm_util_return_data (output, n_output, padded, n_padded); egg_secure_free (padded); return rv; }