You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
Recently I have used this module to able to write a speed test application for a hsm device. Later on, I recognized that for some cryptographic operations api uses a method (calling with NULL ) to learn result size and then apply real cryptographic operation. Such as: CK_RV Decrypt(struct ctx * c, CK_SESSION_HANDLE session, CK_BYTE_PTR cipher, CK_ULONG clen, CK_BYTE_PTR * plain, CK_ULONG_PTR plainlen) { **CK_RV e = c->sym->C_Decrypt(session, cipher, clen, NULL, plainlen);** if (e != CKR_OK) { return e; } *plain = calloc(*plainlen, sizeof(CK_BYTE)); if (*plain == NULL) { return CKR_HOST_MEMORY; } **e = c->sym->C_Decrypt(session, cipher, clen, *plain, plainlen);** return e; }
As you can see, here api calls C_Decrypt function 2 times. First one used to able to learn result size, second one used to apply cryptographic operations. Since we know the mechanism that we are using actually we know the result size. So in this case calling 2 times C_Decrypt function is cumbersome especially if you are calculating speeds for specific mechanism.
Nice to have that if we can give size from outsize and api does not need to call 2 times.
Best regards
The text was updated successfully, but these errors were encountered:
Hi,
Recently I have used this module to able to write a speed test application for a hsm device. Later on, I recognized that for some cryptographic operations api uses a method (calling with NULL ) to learn result size and then apply real cryptographic operation. Such as:
CK_RV Decrypt(struct ctx * c, CK_SESSION_HANDLE session, CK_BYTE_PTR cipher, CK_ULONG clen, CK_BYTE_PTR * plain, CK_ULONG_PTR plainlen) { **CK_RV e = c->sym->C_Decrypt(session, cipher, clen, NULL, plainlen);** if (e != CKR_OK) { return e; } *plain = calloc(*plainlen, sizeof(CK_BYTE)); if (*plain == NULL) { return CKR_HOST_MEMORY; } **e = c->sym->C_Decrypt(session, cipher, clen, *plain, plainlen);** return e; }As you can see, here api calls C_Decrypt function 2 times. First one used to able to learn result size, second one used to apply cryptographic operations. Since we know the mechanism that we are using actually we know the result size. So in this case calling 2 times C_Decrypt function is cumbersome especially if you are calculating speeds for specific mechanism.
Nice to have that if we can give size from outsize and api does not need to call 2 times.
Best regards
The text was updated successfully, but these errors were encountered: