diff --git a/.github/.cSpellWords.txt b/.github/.cSpellWords.txt
index e7a7dfe3..d8cd72b6 100644
--- a/.github/.cSpellWords.txt
+++ b/.github/.cSpellWords.txt
@@ -37,6 +37,7 @@ DUNITTEST
DUNITY
ecdh
ecjpake
+EABNVYL
ECKEY
FAAOCAQE
Fithb
@@ -51,6 +52,7 @@ HKDF
isystem
JITP
JITR
+JLATES
Karthikeyan
lcov
LPDWORD
@@ -103,11 +105,14 @@ utest
vect
Vect
VECT
+VEIQ
+VQIDAQAB
Wunused
xfindobjectwithlabelandclass
xgetslotlist
xinitializepkcs
xtea
XTEA
+yfiv
zeroize
ZEROIZE
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5ecdeb79..f6856ce0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,8 @@
# Change Log for corePKCS11 Library
+## v3.6.2 (October 2024)
+* [#202](https://github.com/FreeRTOS/corePKCS11/pull/202) Export RSA key attributes from mbedtls context to support TLSv1.3
+
## v3.6.1 (June 2024)
* Fix doxygen deployment on Github.
diff --git a/README.md b/README.md
index 30dcdc6e..70b07f9b 100644
--- a/README.md
+++ b/README.md
@@ -47,8 +47,8 @@ safety through the
See memory requirements for this library
[here](./docs/doxygen/include/size_table.md).
-**corePKCS11 v3.6.1
-[source code](https://github.com/FreeRTOS/corePKCS11/tree/v3.6.1/source) is part
+**corePKCS11 v3.6.2
+[source code](https://github.com/FreeRTOS/corePKCS11/tree/v3.6.2/source) is part
of the
[FreeRTOS 202406.00 LTS](https://github.com/FreeRTOS/FreeRTOS-LTS/tree/202406.00-LTS)
release.**
@@ -192,7 +192,7 @@ locations below:
| Location |
| :------------------------------------------------------------------------------------------------------------------: |
| [AWS IoT Device SDK for Embedded C](https://github.com/aws/aws-iot-device-sdk-embedded-C#releases-and-documentation) |
-| [FreeRTOS.org](https://freertos.org/Documentation/api-ref/corePKCS11/docs/doxygen/output/html/index.html) |
+| [FreeRTOS.org](https://freertos.github.io/corePKCS11/v3.6.1/) |
Note that the latest included version of corePKCS11 may differ across
repositories.
diff --git a/docs/doxygen/config.doxyfile b/docs/doxygen/config.doxyfile
index 5f09a937..04e4d298 100644
--- a/docs/doxygen/config.doxyfile
+++ b/docs/doxygen/config.doxyfile
@@ -48,7 +48,7 @@ PROJECT_NAME = corePKCS11
# could be handy for archiving the generated documentation or if some version
# control system is used.
-PROJECT_NUMBER = v3.6.1
+PROJECT_NUMBER = v3.6.2
# Using the PROJECT_BRIEF tag one can provide an optional one line description
# for a project that appears at the top of each page and should give viewer a
diff --git a/docs/doxygen/include/size_table.md b/docs/doxygen/include/size_table.md
index d999d2b6..2bfcb51f 100644
--- a/docs/doxygen/include/size_table.md
+++ b/docs/doxygen/include/size_table.md
@@ -19,12 +19,12 @@
| core_pkcs11_mbedtls.c |
- 9.0K |
- 7.4K |
+ 9.4K |
+ 7.7K |
| Total estimates |
- 10.3K |
- 8.4K |
+ 10.7K |
+ 8.7K |
diff --git a/manifest.yml b/manifest.yml
index f9b11af8..5b0f7a7f 100644
--- a/manifest.yml
+++ b/manifest.yml
@@ -1,5 +1,5 @@
name: "corePKCS11"
-version: "v3.6.1"
+version: "v3.6.2"
description: "Software implementation of the PKCS #11 standard."
license: "MIT"
diff --git a/source/core_pkcs11.c b/source/core_pkcs11.c
index b22d8380..4edc2c43 100644
--- a/source/core_pkcs11.c
+++ b/source/core_pkcs11.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/core_pki_utils.c b/source/core_pki_utils.c
index 0c6d51f9..723e40b8 100644
--- a/source/core_pki_utils.c
+++ b/source/core_pki_utils.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.c b/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.c
index a59c931b..5a4098d8 100644
--- a/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.c
+++ b/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.h b/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.h
index a2c6c4c9..c939d508 100644
--- a/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.h
+++ b/source/dependency/3rdparty/mbedtls_utils/mbedtls_utils.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/include/core_pkcs11.h b/source/include/core_pkcs11.h
index fccbc6a6..d25f7f67 100644
--- a/source/include/core_pkcs11.h
+++ b/source/include/core_pkcs11.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/include/core_pkcs11_config_defaults.h b/source/include/core_pkcs11_config_defaults.h
index f967bdac..37a910b4 100644
--- a/source/include/core_pkcs11_config_defaults.h
+++ b/source/include/core_pkcs11_config_defaults.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/include/core_pkcs11_pal.h b/source/include/core_pkcs11_pal.h
index 68c341d9..ac64fb78 100644
--- a/source/include/core_pkcs11_pal.h
+++ b/source/include/core_pkcs11_pal.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/include/core_pki_utils.h b/source/include/core_pki_utils.h
index 852d9938..85eaeeee 100644
--- a/source/include/core_pki_utils.h
+++ b/source/include/core_pki_utils.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/portable/mbedtls/core_pkcs11_mbedtls.c b/source/portable/mbedtls/core_pkcs11_mbedtls.c
index b24db405..53580caf 100644
--- a/source/portable/mbedtls/core_pkcs11_mbedtls.c
+++ b/source/portable/mbedtls/core_pkcs11_mbedtls.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
@@ -779,6 +779,156 @@ static CK_RV prvRsaContextParse( const CK_ATTRIBUTE * pxAttribute,
return xResult;
}
+/**
+ * @brief Populates attribute values for an RSA key from the mbed TLS context.
+ */
+static CK_RV prvGetAttributesFromRsaContext( CK_ATTRIBUTE * pxAttribute,
+ const mbedtls_rsa_context * pxRsaContext )
+{
+ CK_RV xResult = CKR_OK;
+ int32_t lMbedTLSResult = 0;
+ mbedtls_mpi * pxMpi = ( mbedtls_mpi * ) pxAttribute->pValue;
+
+ mbedtls_mpi_init( pxMpi );
+
+ switch( pxAttribute->type )
+ {
+ case ( CKA_MODULUS ):
+
+ lMbedTLSResult = mbedtls_mpi_grow( pxMpi, pxRsaContext->N.n );
+
+ if( lMbedTLSResult == 0 )
+ {
+ lMbedTLSResult = mbedtls_rsa_export( pxRsaContext,
+ pxMpi, /* N */
+ NULL, /* P */
+ NULL, /* Q */
+ NULL, /* D */
+ NULL ); /* E */
+ }
+
+ break;
+
+ case ( CKA_PUBLIC_EXPONENT ):
+
+ lMbedTLSResult = mbedtls_mpi_grow( pxMpi, pxRsaContext->E.n );
+
+ if( lMbedTLSResult == 0 )
+ {
+ lMbedTLSResult = mbedtls_rsa_export( pxRsaContext,
+ NULL, /* N */
+ NULL, /* P */
+ NULL, /* Q */
+ NULL, /* D */
+ pxMpi ); /* E */
+ }
+
+ break;
+
+ case ( CKA_PRIME_1 ):
+
+ lMbedTLSResult = mbedtls_mpi_grow( pxMpi, pxRsaContext->P.n );
+
+ if( lMbedTLSResult == 0 )
+ {
+ lMbedTLSResult = mbedtls_rsa_export( pxRsaContext,
+ NULL, /* N */
+ pxMpi, /* P */
+ NULL, /* Q */
+ NULL, /* D */
+ NULL ); /* E */
+ }
+
+ break;
+
+ case ( CKA_PRIME_2 ):
+
+ lMbedTLSResult = mbedtls_mpi_grow( pxMpi, pxRsaContext->Q.n );
+
+ if( lMbedTLSResult == 0 )
+ {
+ lMbedTLSResult = mbedtls_rsa_export( pxRsaContext,
+ NULL, /* N */
+ NULL, /* P */
+ pxMpi, /* Q */
+ NULL, /* D */
+ NULL ); /* E */
+ }
+
+ break;
+
+ case ( CKA_PRIVATE_EXPONENT ):
+
+ lMbedTLSResult = mbedtls_mpi_grow( pxMpi, pxRsaContext->D.n );
+
+ if( lMbedTLSResult == 0 )
+ {
+ lMbedTLSResult = mbedtls_rsa_export( pxRsaContext,
+ NULL, /* N */
+ NULL, /* P */
+ NULL, /* Q */
+ pxMpi, /* D */
+ NULL ); /* E */
+ }
+
+ break;
+
+ case ( CKA_EXPONENT_1 ):
+
+ lMbedTLSResult = mbedtls_mpi_grow( pxMpi, pxRsaContext->DP.n );
+
+ if( lMbedTLSResult == 0 )
+ {
+ lMbedTLSResult = mbedtls_rsa_export_crt( pxRsaContext,
+ pxMpi, /* DP */
+ NULL, /* DQ */
+ NULL ); /* QP */
+ }
+
+ break;
+
+ case ( CKA_EXPONENT_2 ):
+
+ lMbedTLSResult = mbedtls_mpi_grow( pxMpi, pxRsaContext->DQ.n );
+
+ if( lMbedTLSResult == 0 )
+ {
+ lMbedTLSResult = mbedtls_rsa_export_crt( pxRsaContext,
+ NULL, /* DP */
+ pxMpi, /* DQ */
+ NULL ); /* QP */
+ }
+
+ break;
+
+ default:
+
+ /* This is the CKA_COEFFICIENT case. The type is checked in
+ * C_GetAttributeValue. */
+ lMbedTLSResult = mbedtls_mpi_grow( pxMpi, pxRsaContext->QP.n );
+
+ if( lMbedTLSResult == 0 )
+ {
+ lMbedTLSResult = mbedtls_rsa_export_crt( pxRsaContext,
+ NULL, /* DP */
+ NULL, /* DQ */
+ pxMpi ); /* QP */
+ }
+
+ break;
+ }
+
+ if( lMbedTLSResult != 0 )
+ {
+ LogError( ( "Failed to parse RSA private key attributes: mbed TLS error = %s : %s.",
+ mbedtlsHighLevelCodeOrDefault( lMbedTLSResult ),
+ mbedtlsLowLevelCodeOrDefault( lMbedTLSResult ) ) );
+ xResult = CKR_FUNCTION_FAILED;
+ }
+
+ return xResult;
+}
+
/**
* @brief Parses attribute values for a RSA Key.
*/
@@ -3076,6 +3226,7 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE hSession,
mbedtls_x509_crt xMbedX509Context = { 0 };
mbedtls_pk_type_t xKeyType;
const mbedtls_ecp_keypair * pxKeyPair;
+ const mbedtls_rsa_context * pxRsaContext;
CK_KEY_TYPE xPkcsKeyType = ( CK_KEY_TYPE ) ~0UL;
CK_OBJECT_CLASS xClass = ~0UL;
CK_BYTE_PTR pxObjectValue = NULL;
@@ -3294,15 +3445,6 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE hSession,
break;
- case CKA_PRIVATE_EXPONENT:
-
- LogError( ( "Failed to parse attribute. "
- "CKA_PRIVATE_EXPONENT is private data." ) );
- xResult = CKR_ATTRIBUTE_SENSITIVE;
- pTemplate[ iAttrib ].ulValueLen = CK_UNAVAILABLE_INFORMATION;
-
- break;
-
case CKA_EC_PARAMS:
if( pTemplate[ iAttrib ].pValue == NULL )
@@ -3384,6 +3526,44 @@ CK_DECLARE_FUNCTION( CK_RV, C_GetAttributeValue )( CK_SESSION_HANDLE hSession,
break;
+ case CKA_MODULUS:
+ case CKA_PUBLIC_EXPONENT:
+ case CKA_PRIME_1:
+ case CKA_PRIME_2:
+ case CKA_PRIVATE_EXPONENT:
+ case CKA_EXPONENT_1:
+ case CKA_EXPONENT_2:
+ case CKA_COEFFICIENT:
+
+ if( pTemplate[ iAttrib ].pValue == NULL )
+ {
+ pTemplate[ iAttrib ].ulValueLen = sizeof( mbedtls_mpi );
+ }
+ else
+ {
+ if( pTemplate[ iAttrib ].ulValueLen == sizeof( mbedtls_mpi ) )
+ {
+ pxRsaContext = ( mbedtls_rsa_context * ) xKeyContext.pk_ctx;
+
+ if( pxRsaContext != NULL )
+ {
+ xResult = prvGetAttributesFromRsaContext( &( pTemplate[ iAttrib ] ),
+ pxRsaContext );
+ }
+ else
+ {
+ xResult = CKR_FUNCTION_FAILED;
+ pTemplate[ iAttrib ].ulValueLen = CK_UNAVAILABLE_INFORMATION;
+ }
+ }
+ else
+ {
+ xResult = CKR_BUFFER_TOO_SMALL;
+ }
+ }
+
+ break;
+
default:
LogError( ( "Failed to parse attribute. Received unknown "
"attribute type." ) );
diff --git a/source/portable/os/core_pkcs11_pal_utils.c b/source/portable/os/core_pkcs11_pal_utils.c
index 376e827e..3f110cbb 100644
--- a/source/portable/os/core_pkcs11_pal_utils.c
+++ b/source/portable/os/core_pkcs11_pal_utils.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/portable/os/core_pkcs11_pal_utils.h b/source/portable/os/core_pkcs11_pal_utils.h
index d6b79467..e7b21190 100644
--- a/source/portable/os/core_pkcs11_pal_utils.h
+++ b/source/portable/os/core_pkcs11_pal_utils.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/portable/os/freertos_winsim/core_pkcs11_pal.c b/source/portable/os/freertos_winsim/core_pkcs11_pal.c
index 3adb0a8b..36dd3da6 100644
--- a/source/portable/os/freertos_winsim/core_pkcs11_pal.c
+++ b/source/portable/os/freertos_winsim/core_pkcs11_pal.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/source/portable/os/posix/core_pkcs11_pal.c b/source/portable/os/posix/core_pkcs11_pal.c
index 1098c2d3..86605d1e 100644
--- a/source/portable/os/posix/core_pkcs11_pal.c
+++ b/source/portable/os/posix/core_pkcs11_pal.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/include/core_pkcs11_config.h b/test/cbmc/include/core_pkcs11_config.h
index 0f1ec300..785abf62 100644
--- a/test/cbmc/include/core_pkcs11_config.h
+++ b/test/cbmc/include/core_pkcs11_config.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/include/pkcs11_interface_stubs.h b/test/cbmc/include/pkcs11_interface_stubs.h
index ef6e2991..2387e3ba 100644
--- a/test/cbmc/include/pkcs11_interface_stubs.h
+++ b/test/cbmc/include/pkcs11_interface_stubs.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_CloseSession/C_CloseSession_harness.c b/test/cbmc/proofs/C_CloseSession/C_CloseSession_harness.c
index 4b8281cf..867d2afd 100644
--- a/test/cbmc/proofs/C_CloseSession/C_CloseSession_harness.c
+++ b/test/cbmc/proofs/C_CloseSession/C_CloseSession_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_CreateObject/C_CreateObject_harness.c b/test/cbmc/proofs/C_CreateObject/C_CreateObject_harness.c
index d78e1c2d..e68a58a9 100644
--- a/test/cbmc/proofs/C_CreateObject/C_CreateObject_harness.c
+++ b/test/cbmc/proofs/C_CreateObject/C_CreateObject_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_DestroyObject/C_DestroyObject_harness.c b/test/cbmc/proofs/C_DestroyObject/C_DestroyObject_harness.c
index d82353c6..5d7fc562 100644
--- a/test/cbmc/proofs/C_DestroyObject/C_DestroyObject_harness.c
+++ b/test/cbmc/proofs/C_DestroyObject/C_DestroyObject_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_DigestFinal/C_DigestFinal_harness.c b/test/cbmc/proofs/C_DigestFinal/C_DigestFinal_harness.c
index 30685fda..b59b0555 100644
--- a/test/cbmc/proofs/C_DigestFinal/C_DigestFinal_harness.c
+++ b/test/cbmc/proofs/C_DigestFinal/C_DigestFinal_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_DigestInit/C_DigestInit_harness.c b/test/cbmc/proofs/C_DigestInit/C_DigestInit_harness.c
index 59f0837d..dcd20dac 100644
--- a/test/cbmc/proofs/C_DigestInit/C_DigestInit_harness.c
+++ b/test/cbmc/proofs/C_DigestInit/C_DigestInit_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_DigestUpdate/C_DigestUpdate_harness.c b/test/cbmc/proofs/C_DigestUpdate/C_DigestUpdate_harness.c
index 79387046..7752c439 100644
--- a/test/cbmc/proofs/C_DigestUpdate/C_DigestUpdate_harness.c
+++ b/test/cbmc/proofs/C_DigestUpdate/C_DigestUpdate_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_Finalize/C_Finalize_harness.c b/test/cbmc/proofs/C_Finalize/C_Finalize_harness.c
index 7de107e6..34c81bb3 100644
--- a/test/cbmc/proofs/C_Finalize/C_Finalize_harness.c
+++ b/test/cbmc/proofs/C_Finalize/C_Finalize_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_FindObjects/C_FindObjects_harness.c b/test/cbmc/proofs/C_FindObjects/C_FindObjects_harness.c
index 144f4616..88c41747 100644
--- a/test/cbmc/proofs/C_FindObjects/C_FindObjects_harness.c
+++ b/test/cbmc/proofs/C_FindObjects/C_FindObjects_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_FindObjectsFinal/C_FindObjectsFinal_harness.c b/test/cbmc/proofs/C_FindObjectsFinal/C_FindObjectsFinal_harness.c
index 7361481c..f175ccd5 100644
--- a/test/cbmc/proofs/C_FindObjectsFinal/C_FindObjectsFinal_harness.c
+++ b/test/cbmc/proofs/C_FindObjectsFinal/C_FindObjectsFinal_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_FindObjectsInit/C_FindObjectsInit_harness.c b/test/cbmc/proofs/C_FindObjectsInit/C_FindObjectsInit_harness.c
index 07ddb604..a3935ada 100644
--- a/test/cbmc/proofs/C_FindObjectsInit/C_FindObjectsInit_harness.c
+++ b/test/cbmc/proofs/C_FindObjectsInit/C_FindObjectsInit_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_GenerateKeyPair/C_GenerateKeyPair_harness.c b/test/cbmc/proofs/C_GenerateKeyPair/C_GenerateKeyPair_harness.c
index ee647ab2..3112541a 100644
--- a/test/cbmc/proofs/C_GenerateKeyPair/C_GenerateKeyPair_harness.c
+++ b/test/cbmc/proofs/C_GenerateKeyPair/C_GenerateKeyPair_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_GenerateRandom/C_GenerateRandom_harness.c b/test/cbmc/proofs/C_GenerateRandom/C_GenerateRandom_harness.c
index b6a16bf2..a43a53e8 100644
--- a/test/cbmc/proofs/C_GenerateRandom/C_GenerateRandom_harness.c
+++ b/test/cbmc/proofs/C_GenerateRandom/C_GenerateRandom_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_GetAttributeValue/C_GetAttributeValue_harness.c b/test/cbmc/proofs/C_GetAttributeValue/C_GetAttributeValue_harness.c
index 8e8dbfd8..1c0e83ab 100644
--- a/test/cbmc/proofs/C_GetAttributeValue/C_GetAttributeValue_harness.c
+++ b/test/cbmc/proofs/C_GetAttributeValue/C_GetAttributeValue_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_GetFunctionList/C_GetFunctionList_harness.c b/test/cbmc/proofs/C_GetFunctionList/C_GetFunctionList_harness.c
index 993490b4..3ed054ef 100644
--- a/test/cbmc/proofs/C_GetFunctionList/C_GetFunctionList_harness.c
+++ b/test/cbmc/proofs/C_GetFunctionList/C_GetFunctionList_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_GetMechanismInfo/C_GetMechanismInfo_harness.c b/test/cbmc/proofs/C_GetMechanismInfo/C_GetMechanismInfo_harness.c
index 3c0ab068..cf352fc8 100644
--- a/test/cbmc/proofs/C_GetMechanismInfo/C_GetMechanismInfo_harness.c
+++ b/test/cbmc/proofs/C_GetMechanismInfo/C_GetMechanismInfo_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_GetSlotList/C_GetSlotList_harness.c b/test/cbmc/proofs/C_GetSlotList/C_GetSlotList_harness.c
index 0c2e5eb7..16ad560b 100644
--- a/test/cbmc/proofs/C_GetSlotList/C_GetSlotList_harness.c
+++ b/test/cbmc/proofs/C_GetSlotList/C_GetSlotList_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_Initialize/C_Initialize_harness.c b/test/cbmc/proofs/C_Initialize/C_Initialize_harness.c
index 325ac99e..7da40751 100644
--- a/test/cbmc/proofs/C_Initialize/C_Initialize_harness.c
+++ b/test/cbmc/proofs/C_Initialize/C_Initialize_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_OpenSession/C_OpenSession_harness.c b/test/cbmc/proofs/C_OpenSession/C_OpenSession_harness.c
index e945df7d..ee3651a2 100644
--- a/test/cbmc/proofs/C_OpenSession/C_OpenSession_harness.c
+++ b/test/cbmc/proofs/C_OpenSession/C_OpenSession_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_Sign/C_Sign_harness.c b/test/cbmc/proofs/C_Sign/C_Sign_harness.c
index 8b32ffaa..7ce114dc 100644
--- a/test/cbmc/proofs/C_Sign/C_Sign_harness.c
+++ b/test/cbmc/proofs/C_Sign/C_Sign_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_SignInit/C_SignInit_harness.c b/test/cbmc/proofs/C_SignInit/C_SignInit_harness.c
index 25f220fe..cf63b61f 100644
--- a/test/cbmc/proofs/C_SignInit/C_SignInit_harness.c
+++ b/test/cbmc/proofs/C_SignInit/C_SignInit_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_Verify/C_Verify_harness.c b/test/cbmc/proofs/C_Verify/C_Verify_harness.c
index e7511685..787d98f6 100644
--- a/test/cbmc/proofs/C_Verify/C_Verify_harness.c
+++ b/test/cbmc/proofs/C_Verify/C_Verify_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/C_VerifyInit/C_VerifyInit_harness.c b/test/cbmc/proofs/C_VerifyInit/C_VerifyInit_harness.c
index a904d100..77b06a16 100644
--- a/test/cbmc/proofs/C_VerifyInit/C_VerifyInit_harness.c
+++ b/test/cbmc/proofs/C_VerifyInit/C_VerifyInit_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/PKI_mbedTLSSignatureToPkcs11Signature/PKI_mbedTLSSignatureToPkcs11Signature_harness.c b/test/cbmc/proofs/PKI_mbedTLSSignatureToPkcs11Signature/PKI_mbedTLSSignatureToPkcs11Signature_harness.c
index 2903f521..261ccc7d 100644
--- a/test/cbmc/proofs/PKI_mbedTLSSignatureToPkcs11Signature/PKI_mbedTLSSignatureToPkcs11Signature_harness.c
+++ b/test/cbmc/proofs/PKI_mbedTLSSignatureToPkcs11Signature/PKI_mbedTLSSignatureToPkcs11Signature_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/PKI_pkcs11SignatureTombedTLSSignature/PKI_pkcs11SignatureTombedTLSSignature_harness.c b/test/cbmc/proofs/PKI_pkcs11SignatureTombedTLSSignature/PKI_pkcs11SignatureTombedTLSSignature_harness.c
index 85536fbc..a88994d7 100644
--- a/test/cbmc/proofs/PKI_pkcs11SignatureTombedTLSSignature/PKI_pkcs11SignatureTombedTLSSignature_harness.c
+++ b/test/cbmc/proofs/PKI_pkcs11SignatureTombedTLSSignature/PKI_pkcs11SignatureTombedTLSSignature_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/vAppendSHA256AlgorithmIdentifierSequence/vAppendSHA256AlgorithmIdentifierSequence_harness.c b/test/cbmc/proofs/vAppendSHA256AlgorithmIdentifierSequence/vAppendSHA256AlgorithmIdentifierSequence_harness.c
index a116f801..658f28d8 100644
--- a/test/cbmc/proofs/vAppendSHA256AlgorithmIdentifierSequence/vAppendSHA256AlgorithmIdentifierSequence_harness.c
+++ b/test/cbmc/proofs/vAppendSHA256AlgorithmIdentifierSequence/vAppendSHA256AlgorithmIdentifierSequence_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/xFindObjectWithLabelAndClass/xFindObjectWithLabelAndClass_harness.c b/test/cbmc/proofs/xFindObjectWithLabelAndClass/xFindObjectWithLabelAndClass_harness.c
index fab88f5c..15e3daba 100644
--- a/test/cbmc/proofs/xFindObjectWithLabelAndClass/xFindObjectWithLabelAndClass_harness.c
+++ b/test/cbmc/proofs/xFindObjectWithLabelAndClass/xFindObjectWithLabelAndClass_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/xGetSlotList/xGetSlotList_harness.c b/test/cbmc/proofs/xGetSlotList/xGetSlotList_harness.c
index f87f253a..5b4154e6 100644
--- a/test/cbmc/proofs/xGetSlotList/xGetSlotList_harness.c
+++ b/test/cbmc/proofs/xGetSlotList/xGetSlotList_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/xInitializePKCS11/xInitializePKCS11_harness.c b/test/cbmc/proofs/xInitializePKCS11/xInitializePKCS11_harness.c
index 964d512e..a202228b 100644
--- a/test/cbmc/proofs/xInitializePKCS11/xInitializePKCS11_harness.c
+++ b/test/cbmc/proofs/xInitializePKCS11/xInitializePKCS11_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/xInitializePkcs11Session/xInitializePkcs11Session_harness.c b/test/cbmc/proofs/xInitializePkcs11Session/xInitializePkcs11Session_harness.c
index 475792fd..af1af5a6 100644
--- a/test/cbmc/proofs/xInitializePkcs11Session/xInitializePkcs11Session_harness.c
+++ b/test/cbmc/proofs/xInitializePkcs11Session/xInitializePkcs11Session_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/proofs/xInitializePkcs11Token/xInitializePkcs11Token_harness.c b/test/cbmc/proofs/xInitializePkcs11Token/xInitializePkcs11Token_harness.c
index 070378e9..6185260f 100644
--- a/test/cbmc/proofs/xInitializePkcs11Token/xInitializePkcs11Token_harness.c
+++ b/test/cbmc/proofs/xInitializePkcs11Token/xInitializePkcs11Token_harness.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/stubs/core_pkcs11_pal_stubs.c b/test/cbmc/stubs/core_pkcs11_pal_stubs.c
index 8c8bd649..71be1167 100644
--- a/test/cbmc/stubs/core_pkcs11_pal_stubs.c
+++ b/test/cbmc/stubs/core_pkcs11_pal_stubs.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/stubs/core_pki_utils_stubs.c b/test/cbmc/stubs/core_pki_utils_stubs.c
index 82d07458..6b8b0878 100644
--- a/test/cbmc/stubs/core_pki_utils_stubs.c
+++ b/test/cbmc/stubs/core_pki_utils_stubs.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/stubs/mbedtls_stubs.c b/test/cbmc/stubs/mbedtls_stubs.c
index 64cb8c89..883349b1 100644
--- a/test/cbmc/stubs/mbedtls_stubs.c
+++ b/test/cbmc/stubs/mbedtls_stubs.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/cbmc/stubs/pkcs11_interface_stubs.c b/test/cbmc/stubs/pkcs11_interface_stubs.c
index 4452a8c3..a17b82a8 100644
--- a/test/cbmc/stubs/pkcs11_interface_stubs.c
+++ b/test/cbmc/stubs/pkcs11_interface_stubs.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/include/core_pkcs11_config.h b/test/include/core_pkcs11_config.h
index ef765eb8..d8f8c921 100644
--- a/test/include/core_pkcs11_config.h
+++ b/test/include/core_pkcs11_config.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/include/logging_levels.h b/test/include/logging_levels.h
index 05e445db..c88f9e01 100644
--- a/test/include/logging_levels.h
+++ b/test/include/logging_levels.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/include/logging_stack.h b/test/include/logging_stack.h
index 1e515299..833a532a 100644
--- a/test/include/logging_stack.h
+++ b/test/include/logging_stack.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/include/malloc_stub.h b/test/include/malloc_stub.h
index 5bda19ed..64a24cce 100644
--- a/test/include/malloc_stub.h
+++ b/test/include/malloc_stub.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/include/mock_osal.h b/test/include/mock_osal.h
index c4e47e63..8617735a 100644
--- a/test/include/mock_osal.h
+++ b/test/include/mock_osal.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/mbedtls_integration/core_pkcs11_config.h b/test/mbedtls_integration/core_pkcs11_config.h
index 1701ac01..9e6176b3 100644
--- a/test/mbedtls_integration/core_pkcs11_config.h
+++ b/test/mbedtls_integration/core_pkcs11_config.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/mbedtls_integration/core_pkcs11_test_config.h b/test/mbedtls_integration/core_pkcs11_test_config.h
index e67bfc70..834b4464 100644
--- a/test/mbedtls_integration/core_pkcs11_test_config.h
+++ b/test/mbedtls_integration/core_pkcs11_test_config.h
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/mbedtls_integration/mbedtls_integration_test.c b/test/mbedtls_integration/mbedtls_integration_test.c
index 4c030b20..56a4f4e7 100644
--- a/test/mbedtls_integration/mbedtls_integration_test.c
+++ b/test/mbedtls_integration/mbedtls_integration_test.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
@@ -954,7 +954,7 @@ static void commonValidateCredentialStorageRSA( const char * pPrivateKeyLabel,
TEST_ASSERT_EQUAL_MEMORY_MESSAGE( expectedCertInDer, template.pValue, template.ulValueLen, "GetAttributeValue returned incorrect data for RSA certificate" );
/* Check that the private key cannot be retrieved. */
- template.type = CKA_PRIVATE_EXPONENT;
+ template.type = CKA_VALUE;
template.pValue = keyComponent;
template.ulValueLen = sizeof( keyComponent );
result = globalFunctionList->C_GetAttributeValue( globalSession, privateKeyHandle, &template, 1 );
diff --git a/test/pkcs11_mbedtls_utest/core_pkcs11_mbedtls_utest.c b/test/pkcs11_mbedtls_utest/core_pkcs11_mbedtls_utest.c
index 4affea30..fea5e4d6 100644
--- a/test/pkcs11_mbedtls_utest/core_pkcs11_mbedtls_utest.c
+++ b/test/pkcs11_mbedtls_utest/core_pkcs11_mbedtls_utest.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
@@ -3212,10 +3212,13 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
CK_BYTE pulBuf[ sizeof( pulKnownBuf ) ] = { 0 };
CK_BYTE ulPoint[ pkcs11EC_POINT_LENGTH ] = { 0 };
CK_BYTE ulKnownPoint = 0x04;
+ CK_BYTE_PTR ulKnownPointLoc = &( ulKnownPoint );
CK_BBOOL xIsPrivate = CK_FALSE;
CK_OBJECT_CLASS xPrivateKeyClass = { 0 };
CK_OBJECT_CLASS xKnownPrivateKeyClass = CKO_PRIVATE_KEY;
CK_ATTRIBUTE xTemplate = { CKA_EC_PARAMS, pulBuf, sizeof( pulBuf ) };
+ mbedtls_ecp_keypair xEcpKeyPair = { 0 };
+ mbedtls_pk_context xKeyContext = { NULL, &xEcpKeyPair };
prvCommonInitStubs( &xSession );
@@ -3229,7 +3232,8 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
/* EC Params Case */
- mbedtls_pk_init_CMockIgnore();
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
mbedtls_x509_crt_init_CMockIgnore();
mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
PKCS11_PAL_GetObjectValueCleanup_CMockIgnore();
@@ -3245,6 +3249,8 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
xTemplate.pValue = NULL;
xTemplate.ulValueLen = 0;
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
TEST_ASSERT_EQUAL( CKR_OK, xResult );
TEST_ASSERT_EQUAL( pkcs11EC_POINT_LENGTH, xTemplate.ulValueLen );
@@ -3252,6 +3258,8 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
xTemplate.pValue = &ulPoint;
xTemplate.ulValueLen = sizeof( ulPoint );
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
TEST_ASSERT_EQUAL( CKR_OK, xResult );
TEST_ASSERT_EQUAL( ulKnownPoint, ulPoint[ 0 ] );
@@ -3260,6 +3268,8 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
xTemplate.ulValueLen = sizeof( ulPoint );
mbedtls_ecp_tls_write_point_IgnoreAndReturn( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
TEST_ASSERT_EQUAL( CKR_BUFFER_TOO_SMALL, xResult );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplate.ulValueLen );
@@ -3268,6 +3278,8 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
xTemplate.pValue = &ulPoint;
xTemplate.ulValueLen = sizeof( ulPoint );
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplate.ulValueLen );
@@ -3275,8 +3287,10 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
mbedtls_ecp_tls_write_point_IgnoreAndReturn( 1 );
/* Unknown attribute. */
- xTemplate.type = CKA_MODULUS;
+ xTemplate.type = CKA_SUBPRIME;
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
TEST_ASSERT_EQUAL( CKR_ATTRIBUTE_TYPE_INVALID, xResult );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplate.ulValueLen );
@@ -3287,6 +3301,8 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
xTemplate.ulValueLen = 0;
mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
TEST_ASSERT_EQUAL( CKR_OK, xResult );
TEST_ASSERT_EQUAL( NULL, xTemplate.pValue );
@@ -3294,6 +3310,8 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
xTemplate.pValue = &xPrivateKeyClass;
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
TEST_ASSERT_EQUAL( CKR_OK, xResult );
TEST_ASSERT_EQUAL( sizeof( xPrivateKeyClass ), xTemplate.ulValueLen );
@@ -3307,6 +3325,8 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
PKCS11_PAL_GetObjectValue_ExpectAnyArgsAndReturn( CKR_OK );
PKCS11_PAL_GetObjectValue_ReturnThruPtr_pIsPrivate( &xIsPrivate );
PKCS11_PAL_GetObjectValue_ReturnThruPtr_pulDataSize( &ulLength );
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
mbedtls_pk_parse_key_IgnoreAndReturn( 1 );
mbedtls_pk_parse_public_key_ExpectAnyArgsAndReturn( 0 );
xResult = C_GetAttributeValue( xSession, xObjectPub, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
@@ -3321,6 +3341,8 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
PKCS11_PAL_GetObjectValue_ReturnThruPtr_pIsPrivate( &xIsPrivate );
PKCS11_PAL_GetObjectValue_ReturnThruPtr_pulDataSize( &ulLength );
mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObjectPub, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
TEST_ASSERT_EQUAL( CKR_BUFFER_TOO_SMALL, xResult );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplate.ulValueLen );
@@ -3331,6 +3353,9 @@ void test_pkcs11_C_GetAttributeValueAttParsing( void )
PKCS11_PAL_GetObjectValue_ExpectAnyArgsAndReturn( CKR_OK );
PKCS11_PAL_GetObjectValue_ReturnThruPtr_pIsPrivate( &xIsPrivate );
+ PKCS11_PAL_GetObjectValue_ReturnThruPtr_ppucData( &ulKnownPointLoc );
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObjectPub, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
TEST_ASSERT_EQUAL( CKR_OK, xResult );
TEST_ASSERT_EQUAL( 1, xTemplate.ulValueLen );
@@ -3373,6 +3398,8 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
CK_ULONG ulCount = 2;
CK_BYTE ulPoint[ pkcs11EC_POINT_LENGTH ] = { 0 };
CK_ATTRIBUTE xTemplates[ 2 ] = { 0 };
+ mbedtls_ecp_keypair xEcpKeyPair = { 0 };
+ mbedtls_pk_context xKeyContext = { NULL, &xEcpKeyPair };
prvCommonInitStubs( &xSession );
@@ -3381,7 +3408,8 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
xResult = prvCreateEcPriv( &xSession, &xObject );
TEST_ASSERT_EQUAL( CKR_OK, xResult );
- mbedtls_pk_init_CMockIgnore();
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
mbedtls_x509_crt_init_CMockIgnore();
PKCS11_PAL_GetObjectValueCleanup_CMockIgnore();
mbedtls_pk_free_CMockIgnore();
@@ -3393,8 +3421,8 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
xTemplates[ 0 ].pValue = NULL;
xTemplates[ 0 ].ulValueLen = 0;
- /* CKR_ATTRIBUTE_TYPE_INVALID should be returned for unknow attribute CKA_MODULUS. */
- xTemplates[ 1 ].type = CKA_MODULUS;
+ /* CKR_ATTRIBUTE_TYPE_INVALID should be returned for unknow attribute CKA_SUBPRIME. */
+ xTemplates[ 1 ].type = CKA_SUBPRIME;
xTemplates[ 1 ].pValue = NULL;
xTemplates[ 1 ].ulValueLen = 0;
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
@@ -3405,8 +3433,8 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 1 ].ulValueLen );
/* Swap the sequence EC Point Case and unknown attribute case. */
- /* CKR_ATTRIBUTE_TYPE_INVALID should be returned for unknow attribute CKA_MODULUS. */
- xTemplates[ 0 ].type = CKA_MODULUS;
+ /* CKR_ATTRIBUTE_TYPE_INVALID should be returned for unknow attribute CKA_SUBPRIME. */
+ xTemplates[ 0 ].type = CKA_SUBPRIME;
xTemplates[ 0 ].pValue = NULL;
xTemplates[ 0 ].ulValueLen = 0;
@@ -3414,6 +3442,9 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
xTemplates[ 1 ].type = CKA_EC_POINT;
xTemplates[ 1 ].pValue = NULL;
xTemplates[ 1 ].ulValueLen = 0;
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
/* CKR_ATTRIBUTE_TYPE_INVALID should be returned. */
@@ -3432,6 +3463,8 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
xTemplates[ 1 ].ulValueLen = 0;
/* CKR_BUFFER_TOO_SMALL should be returned. */
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
TEST_ASSERT_EQUAL( CKR_BUFFER_TOO_SMALL, xResult );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 0 ].ulValueLen );
@@ -3449,14 +3482,15 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
xTemplates[ 1 ].ulValueLen = 0;
/* CKR_BUFFER_TOO_SMALL should be returned. */
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
TEST_ASSERT_EQUAL( CKR_BUFFER_TOO_SMALL, xResult );
TEST_ASSERT_EQUAL( pkcs11EC_POINT_LENGTH, xTemplates[ 0 ].ulValueLen );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 1 ].ulValueLen );
- /* CKR_ATTRIBUTE_SENSITIVE should be returned when getting CKA_PRIVATE_EXPONENT type. */
- mbedtls_pk_parse_key_ExpectAnyArgsAndReturn( 0 );
- xTemplates[ 0 ].type = CKA_PRIVATE_EXPONENT;
+ /* CKR_ATTRIBUTE_SENSITIVE should be returned when getting CKA_VALUE type. */
+ xTemplates[ 0 ].type = CKA_VALUE;
xTemplates[ 0 ].pValue = NULL;
xTemplates[ 0 ].ulValueLen = 0;
@@ -3466,6 +3500,9 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
xTemplates[ 1 ].ulValueLen = 0;
/* CKA_PRIVATE_EXPONENT should be returned. */
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_pk_parse_key_ExpectAnyArgsAndReturn( 0 );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
TEST_ASSERT_EQUAL( CKR_ATTRIBUTE_SENSITIVE, xResult );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 0 ].ulValueLen );
@@ -3476,21 +3513,21 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
xTemplates[ 0 ].pValue = NULL;
xTemplates[ 0 ].ulValueLen = 0;
- /* CKR_ATTRIBUTE_SENSITIVE should be returned when getting CKA_PRIVATE_EXPONENT type. */
- mbedtls_pk_parse_key_ExpectAnyArgsAndReturn( 0 );
- xTemplates[ 1 ].type = CKA_PRIVATE_EXPONENT;
+ /* CKR_ATTRIBUTE_SENSITIVE should be returned when getting CKA_VALUE type. */
+ xTemplates[ 1 ].type = CKA_VALUE;
xTemplates[ 1 ].pValue = NULL;
xTemplates[ 1 ].ulValueLen = 0;
/* CKA_PRIVATE_EXPONENT should be returned. */
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_pk_parse_key_ExpectAnyArgsAndReturn( 0 );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
TEST_ASSERT_EQUAL( CKR_ATTRIBUTE_SENSITIVE, xResult );
TEST_ASSERT_EQUAL( pkcs11EC_POINT_LENGTH, xTemplates[ 0 ].ulValueLen );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 1 ].ulValueLen );
/* CKR_FUNCTION_FAILED should be returned when mbedtls_ecp_tls_write_point returns -1. */
- mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
- mbedtls_ecp_tls_write_point_IgnoreAndReturn( -1 );
xTemplates[ 0 ].type = CKA_EC_POINT;
xTemplates[ 0 ].pValue = &ulPoint;
xTemplates[ 0 ].ulValueLen = sizeof( ulPoint );
@@ -3501,6 +3538,10 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
xTemplates[ 1 ].ulValueLen = 0;
/* CKR_FUNCTION_FAILED should be returned. */
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
+ mbedtls_ecp_tls_write_point_IgnoreAndReturn( -1 );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 0 ].ulValueLen );
@@ -3513,39 +3554,41 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
xTemplates[ 0 ].ulValueLen = 0;
/* CKR_FUNCTION_FAILED should be returned when mbedtls_ecp_tls_write_point returns -1. */
- mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
- mbedtls_ecp_tls_write_point_IgnoreAndReturn( -1 );
xTemplates[ 1 ].type = CKA_EC_POINT;
xTemplates[ 1 ].pValue = &ulPoint;
xTemplates[ 1 ].ulValueLen = sizeof( ulPoint );
/* CKR_FUNCTION_FAILED should be returned. */
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
+ mbedtls_ecp_tls_write_point_IgnoreAndReturn( -1 );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
TEST_ASSERT_EQUAL( pkcs11EC_POINT_LENGTH, xTemplates[ 0 ].ulValueLen );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 1 ].ulValueLen );
- /* CKR_ATTRIBUTE_TYPE_INVALID should be returned for unknow attribute CKA_MODULUS. */
- xTemplates[ 0 ].type = CKA_MODULUS;
+ /* CKR_ATTRIBUTE_TYPE_INVALID should be returned for unknow attribute CKA_SUBPRIME. */
+ xTemplates[ 0 ].type = CKA_SUBPRIME;
xTemplates[ 0 ].pValue = NULL;
xTemplates[ 0 ].ulValueLen = 0;
/* CKR_FUNCTION_FAILED should be returned when mbedtls_ecp_tls_write_point returns -1. */
- mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
- mbedtls_ecp_tls_write_point_IgnoreAndReturn( -1 );
xTemplates[ 1 ].type = CKA_EC_POINT;
xTemplates[ 1 ].pValue = &ulPoint;
xTemplates[ 1 ].ulValueLen = sizeof( ulPoint );
/* CKR_FUNCTION_FAILED should be returned. */
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
+ mbedtls_ecp_tls_write_point_IgnoreAndReturn( -1 );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 0 ].ulValueLen );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 1 ].ulValueLen );
/* CKR_FUNCTION_FAILED should be returned when mbedtls_ecp_tls_write_point returns -1. */
- mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
- mbedtls_ecp_tls_write_point_IgnoreAndReturn( -1 );
xTemplates[ 0 ].type = CKA_EC_POINT;
xTemplates[ 0 ].pValue = &ulPoint;
xTemplates[ 0 ].ulValueLen = sizeof( ulPoint );
@@ -3556,6 +3599,10 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
xTemplates[ 1 ].ulValueLen = 0;
/* CKR_FUNCTION_FAILED should be returned. */
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
+ mbedtls_ecp_tls_write_point_IgnoreAndReturn( -1 );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 0 ].ulValueLen );
@@ -3568,6 +3615,409 @@ void test_pkcs11_C_GetAttributeValueMultipleAttParsing( void )
}
}
+/*!
+ * @brief C_GetAttributeValue paths.
+ *
+ */
+void test_pkcs11_C_GetAttributeValueValidRsaContext( void )
+{
+ CK_RV xResult = CKR_OK;
+ CK_SESSION_HANDLE xSession = 0;
+ CK_OBJECT_HANDLE xObject = 0;
+ CK_ULONG ulCount = 1;
+ CK_ATTRIBUTE xTemplates[ 1 ] = { 0 };
+ mbedtls_rsa_context xRsaContext = { 0 };
+ mbedtls_pk_context xKeyContext = { NULL, &xRsaContext };
+ mbedtls_mpi xMpi;
+
+ prvCommonInitStubs( &xSession );
+
+ if( TEST_PROTECT() )
+ {
+ xResult = prvCreateRsaPriv( &xSession, &xObject );
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+ mbedtls_mpi_init_Ignore();
+ mbedtls_x509_crt_init_CMockIgnore();
+ mbedtls_pk_parse_key_IgnoreAndReturn( 0 );
+ PKCS11_PAL_GetObjectValue_IgnoreAndReturn( CKR_OK );
+ PKCS11_PAL_GetObjectValueCleanup_CMockIgnore();
+ mbedtls_pk_free_CMockIgnore();
+ mbedtls_x509_crt_free_CMockIgnore();
+
+ /* CKA_MODULUS case */
+ /* Failure path */
+ xTemplates[ 0 ].type = CKA_MODULUS;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 1 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
+
+ /* CKA_MODULUS case */
+ /* Success path */
+ xTemplates[ 0 ].type = CKA_MODULUS;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 0 );
+ mbedtls_rsa_export_ExpectAnyArgsAndReturn( 0 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+
+ /* CKA_PUBLIC_EXPONENT case */
+ /* Failure path */
+ xTemplates[ 0 ].type = CKA_PUBLIC_EXPONENT;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 1 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
+
+ /* CKA_PUBLIC_EXPONENT case */
+ /* Success path */
+ xTemplates[ 0 ].type = CKA_PUBLIC_EXPONENT;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 0 );
+ mbedtls_rsa_export_ExpectAnyArgsAndReturn( 0 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+
+ /* CKA_PRIME_1 case */
+ /* Failure path */
+ xTemplates[ 0 ].type = CKA_PRIME_1;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 1 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
+
+ /* CKA_PRIME_1 case */
+ /* Success path */
+ xTemplates[ 0 ].type = CKA_PRIME_1;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 0 );
+ mbedtls_rsa_export_ExpectAnyArgsAndReturn( 0 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+
+ /* CKA_PRIME_2 case */
+ /* Failure path */
+ xTemplates[ 0 ].type = CKA_PRIME_2;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 1 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
+
+ /* CKA_PRIME_2 case */
+ /* Success path */
+ xTemplates[ 0 ].type = CKA_PRIME_2;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 0 );
+ mbedtls_rsa_export_ExpectAnyArgsAndReturn( 0 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+
+ /* CKA_PRIVATE_EXPONENT case */
+ /* Failure path */
+ xTemplates[ 0 ].type = CKA_PRIVATE_EXPONENT;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 1 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
+
+ /* CKA_PRIVATE_EXPONENT case */
+ /* Success path */
+ xTemplates[ 0 ].type = CKA_PRIVATE_EXPONENT;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 0 );
+ mbedtls_rsa_export_ExpectAnyArgsAndReturn( 0 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+
+ /* CKA_PRIVATE_EXPONENT case */
+ /* Failure path */
+ xTemplates[ 0 ].type = CKA_PRIVATE_EXPONENT;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 1 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
+
+ /* CKA_PRIVATE_EXPONENT case */
+ /* Success path */
+ xTemplates[ 0 ].type = CKA_PRIVATE_EXPONENT;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 0 );
+ mbedtls_rsa_export_ExpectAnyArgsAndReturn( 0 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+
+ /* CKA_EXPONENT_1 case */
+ /* Failure path */
+ xTemplates[ 0 ].type = CKA_EXPONENT_1;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 1 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
+
+ /* CKA_EXPONENT_1 case */
+ /* Success path */
+ xTemplates[ 0 ].type = CKA_EXPONENT_1;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 0 );
+ mbedtls_rsa_export_crt_ExpectAnyArgsAndReturn( 0 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+
+ /* CKA_EXPONENT_2 case */
+ /* Failure path */
+ xTemplates[ 0 ].type = CKA_EXPONENT_2;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 1 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
+
+ /* CKA_EXPONENT_2 case */
+ /* Success path */
+ xTemplates[ 0 ].type = CKA_EXPONENT_2;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 0 );
+ mbedtls_rsa_export_crt_ExpectAnyArgsAndReturn( 0 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+
+ /* CKA_COEFFICIENT case */
+ /* Failure path */
+ xTemplates[ 0 ].type = CKA_COEFFICIENT;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 1 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
+
+ /* CKA_COEFFICIENT case */
+ /* Success path */
+ xTemplates[ 0 ].type = CKA_COEFFICIENT;
+ xTemplates[ 0 ].pValue = &( xMpi );
+ xTemplates[ 0 ].ulValueLen = sizeof( mbedtls_mpi );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_mpi_grow_ExpectAnyArgsAndReturn( 0 );
+ mbedtls_rsa_export_crt_ExpectAnyArgsAndReturn( 0 );
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+ }
+
+ if( TEST_PROTECT() )
+ {
+ prvCommonDeinitStubs( &xSession );
+ }
+}
+
+/*!
+ * @brief C_GetAttributeValue paths.
+ *
+ */
+void test_pkcs11_C_GetAttributeValueModulusNullRsaContext( void )
+{
+ CK_RV xResult = CKR_OK;
+ CK_SESSION_HANDLE xSession = 0;
+ CK_OBJECT_HANDLE xObject = 0;
+ CK_ULONG ulCount = 1;
+ CK_ATTRIBUTE xTemplates[ 1 ] = { 0 };
+ mbedtls_pk_context xKeyContext = { NULL, NULL };
+ CK_BYTE ulPoint[ pkcs11EC_POINT_LENGTH ] = { 0 };
+
+ prvCommonInitStubs( &xSession );
+
+ if( TEST_PROTECT() )
+ {
+ xResult = prvCreateEcPriv( &xSession, &xObject );
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+ mbedtls_pk_init_ExpectAnyArgs();
+ mbedtls_pk_init_ReturnThruPtr_ctx( &xKeyContext );
+ mbedtls_x509_crt_init_CMockIgnore();
+ PKCS11_PAL_GetObjectValueCleanup_CMockIgnore();
+ mbedtls_pk_free_CMockIgnore();
+ mbedtls_x509_crt_free_CMockIgnore();
+
+ /* MODULUS case*/
+ xTemplates[ 0 ].type = CKA_MODULUS;
+ xTemplates[ 0 ].pValue = &ulPoint;
+ xTemplates[ 0 ].ulValueLen = ( sizeof( mbedtls_mpi ) );
+
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_FUNCTION_FAILED, xResult );
+ TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplates[ 0 ].ulValueLen );
+ }
+
+ if( TEST_PROTECT() )
+ {
+ prvCommonDeinitStubs( &xSession );
+ }
+}
+
+
+/*!
+ * @brief C_GetAttributeValue paths.
+ *
+ */
+void test_pkcs11_C_GetAttributeValueModulusBadPath( void )
+{
+ CK_RV xResult = CKR_OK;
+ CK_SESSION_HANDLE xSession = 0;
+ CK_OBJECT_HANDLE xObject = 0;
+ CK_ULONG ulCount = 1;
+ CK_ATTRIBUTE xTemplates[ 1 ] = { 0 };
+ CK_BYTE ulPoint[ pkcs11EC_POINT_LENGTH ] = { 0 };
+
+ prvCommonInitStubs( &xSession );
+
+ if( TEST_PROTECT() )
+ {
+ xResult = prvCreateEcPriv( &xSession, &xObject );
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+
+ mbedtls_pk_init_CMockIgnore();
+ mbedtls_x509_crt_init_CMockIgnore();
+ PKCS11_PAL_GetObjectValueCleanup_CMockIgnore();
+ mbedtls_pk_free_CMockIgnore();
+ mbedtls_x509_crt_free_CMockIgnore();
+
+ /* MODULUS case*/
+ xTemplates[ 0 ].type = CKA_MODULUS;
+ xTemplates[ 0 ].pValue = NULL;
+ xTemplates[ 0 ].ulValueLen = 0;
+
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_OK, xResult );
+ TEST_ASSERT_EQUAL( sizeof( mbedtls_mpi ), xTemplates[ 0 ].ulValueLen );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+
+ /* MODULUS case*/
+ /* CKR_BUFFER_TOO_SMALL should be returned when mbedtls return buffer too small. */
+ xTemplates[ 0 ].type = CKA_MODULUS;
+ xTemplates[ 0 ].pValue = &ulPoint;
+ xTemplates[ 0 ].ulValueLen = ( sizeof( mbedtls_mpi ) - 1 );
+
+ xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplates, ulCount );
+
+ TEST_ASSERT_EQUAL( CKR_BUFFER_TOO_SMALL, xResult );
+
+/* -------------------------------------------------------------------------------------------------------------------- */
+ }
+
+ if( TEST_PROTECT() )
+ {
+ prvCommonDeinitStubs( &xSession );
+ }
+}
+
+
+
/*!
* @brief C_GetAttributeValue paths.
*
@@ -3688,7 +4138,7 @@ void test_pkcs11_C_GetAttributeValuePrivKey( void )
TEST_ASSERT_EQUAL( CKR_ATTRIBUTE_VALUE_INVALID, xResult );
TEST_ASSERT_EQUAL( CK_UNAVAILABLE_INFORMATION, xTemplate.ulValueLen );
- xTemplate.type = CKA_PRIVATE_EXPONENT;
+ xTemplate.type = CKA_VALUE;
mbedtls_pk_parse_key_ExpectAnyArgsAndReturn( 0 );
xResult = C_GetAttributeValue( xSession, xObject, ( CK_ATTRIBUTE_PTR ) &xTemplate, ulCount );
TEST_ASSERT_EQUAL( CKR_ATTRIBUTE_SENSITIVE, xResult );
diff --git a/test/pkcs11_utils_utest/pkcs11_utils_utest.c b/test/pkcs11_utils_utest/pkcs11_utils_utest.c
index 90313dc0..f5a8403b 100644
--- a/test/pkcs11_utils_utest/pkcs11_utils_utest.c
+++ b/test/pkcs11_utils_utest/pkcs11_utils_utest.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/test/wrapper_utest/core_pkcs11_utest.c b/test/wrapper_utest/core_pkcs11_utest.c
index bbab174d..f2c0d4e3 100644
--- a/test/wrapper_utest/core_pkcs11_utest.c
+++ b/test/wrapper_utest/core_pkcs11_utest.c
@@ -1,5 +1,5 @@
/*
- * corePKCS11 v3.6.1
+ * corePKCS11 v3.6.2
* Copyright (C) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* SPDX-License-Identifier: MIT
diff --git a/tools/coverity/README.md b/tools/coverity/README.md
index e6ca3a90..549b5596 100644
--- a/tools/coverity/README.md
+++ b/tools/coverity/README.md
@@ -1,6 +1,6 @@
# Static code analysis for corePKCS11 library
This directory is made for the purpose of statically testing the MISRA C:2012 compliance of corePKCS11 using
-[Synopsys Coverity](https://www.synopsys.com/software-integrity/security-testing/static-analysis-sast.html) static analysis tool.
+[Synopsys Coverity](https://www.blackduck.com/static-analysis-tools-sast/coverity.html) static analysis tool.
To that end, this directory provides a [configuration file](https://github.com/FreeRTOS/corePKCS11/blob/main/tools/coverity/misra.config) to use when
building a binary for the tool to analyze.