in kmsp11/operation/rsaes_oaep.cc [115:144]
absl::Status ValidateRsaOaepParameters(Object* key, void* parameters,
CK_ULONG parameters_size) {
if (parameters_size != sizeof(CK_RSA_PKCS_OAEP_PARAMS)) {
return InvalidMechanismParamError(
"mechanism parameters must be of type CK_RSA_PKCS_OAEP_PARAMS",
SOURCE_LOCATION);
}
CK_RSA_PKCS_OAEP_PARAMS* params =
static_cast<CK_RSA_PKCS_OAEP_PARAMS*>(parameters);
ASSIGN_OR_RETURN(const EVP_MD* digest,
DigestForMechanism(*key->algorithm().digest_mechanism));
RETURN_IF_ERROR(EnsureHashMatches(params->hashAlg, digest));
RETURN_IF_ERROR(EnsureMgf1HashMatches(params->mgf, digest));
switch (params->source) {
case 0: // For compatibility. See b/217419373.
case CKZ_DATA_SPECIFIED:
break;
default:
return InvalidMechanismParamError(
"source for OAEP must be 0 or CKZ_DATA_SPECIFIED", SOURCE_LOCATION);
}
if (params->pSourceData != nullptr || params->ulSourceDataLen != 0) {
return InvalidMechanismParamError("OAEP labels are not supported",
SOURCE_LOCATION);
}
return absl::OkStatus();
}