in src/wrapping/wrap_with_template.c [149:201]
CK_RV wrap_key_with_template(
CK_SESSION_HANDLE session,
CK_OBJECT_HANDLE wrapping_key,
CK_BBOOL attr_val) {
// Generate a wrapping key.
CK_BYTE_PTR wrapped_key = NULL;
CK_RV rv;
// Generate key to be wrapped.
CK_OBJECT_HANDLE key_to_wrap = CK_INVALID_HANDLE;
rv = generate_symmetric_key(session, 32, &key_to_wrap, attr_val);
if (rv != CKR_OK) {
fprintf(stderr, "Symmetric key generation failed: %lu\n", rv);
goto done;
}
// Determine how much space needs to be allocated for the wrapped key.
CK_ULONG wrapped_len = 0;
rv = aes_wrap_key(session, wrapping_key, key_to_wrap, NULL, &wrapped_len);
if (rv != CKR_OK) {
fprintf(stderr, "Could not determine size of wrapped key: %lu\n", rv);
goto done;
}
wrapped_key = malloc(wrapped_len);
if (NULL == wrapped_key) {
rv = CKR_FUNCTION_FAILED;
fprintf(stderr, "Could not allocate memory to hold wrapped key\n");
goto done;
}
// Wrap the key
rv = aes_wrap_key(session, wrapping_key, key_to_wrap, wrapped_key, &wrapped_len);
if (rv != CKR_OK) {
fprintf(stderr, "Could not wrap key: %lu\n", rv);
goto done;
}
done:
if (NULL != wrapped_key) {
free(wrapped_key);
}
if (CK_INVALID_HANDLE != key_to_wrap) {
CK_RV destroy_rv = funcs->C_DestroyObject(session, key_to_wrap);
if (CKR_OK != destroy_rv) {
fprintf(stderr, "Could not delete symmetric key: %lu\n", destroy_rv);
rv = destroy_rv;
}
}
return rv;
}