Move export flags to be tr31_export() parameter instead

openemv · Nov 1, 2023 · 97c590f · 97c590f
1 parent 32752ba
commit 97c590f
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 10 deletions.
diff --git a/src/tr31-tool.c b/src/tr31-tool.c
@@ -1474,9 +1474,6 @@ static int do_tr31_export(const struct tr31_tool_options_t* options)
 		return r;
 	}
 
-	// apply export flags
-	tr31_ctx.export_flags = options->export_flags;
-
 	// populate key block protection key
 	r = populate_kbpk(options, export_format_version, &kbpk);
 	if (r) {
@@ -1486,7 +1483,7 @@ static int do_tr31_export(const struct tr31_tool_options_t* options)
 	// export TR-31 key block
 	key_block_len = 16384;
 	key_block = malloc(key_block_len);
-	r = tr31_export(&tr31_ctx, &kbpk, key_block, key_block_len);
+	r = tr31_export(&tr31_ctx, &kbpk, options->export_flags, key_block, key_block_len);
 	if (r) {
 		fprintf(stderr, "TR-31 export error %d: %s\n", r, tr31_get_error_string(r));
 		return 1;

diff --git a/src/tr31.c b/src/tr31.c
@@ -2141,6 +2141,7 @@ int tr31_import(
 int tr31_export(
 	const struct tr31_ctx_t* ctx,
 	const struct tr31_key_t* kbpk,
+	uint32_t flags,
 	char* key_block,
 	size_t key_block_buf_len
 )
@@ -2172,7 +2173,7 @@ int tr31_export(
 	// - state.flags
 	// - state.enc_block_size
 	// - state.authenticator_length
-	r = tr31_state_init(ctx->export_flags, ctx->version, &state);
+	r = tr31_state_init(flags, ctx->version, &state);
 	if (r) {
 		// return error value as-is
 		return r;

diff --git a/src/tr31.h b/src/tr31.h
@@ -179,7 +179,7 @@ enum tr31_key_version_t {
 
 // TR-31 export flags
 #define TR31_EXPORT_NO_KEY_LENGTH_OBFUSCATION   (0x01) ///< Disable ANSI X9.143 key length obfuscation during key block export
-#define TR31_EXPORT_ZERO_OPT_BLOCK_PB           (0x02) ///< Fill optional block PB using zeros instead of random characters during TR-31 export.
+#define TR31_EXPORT_ZERO_OPT_BLOCK_PB           (0x02) ///< Fill optional block PB using zeros instead of random characters during key block export.
 
 /// TR-31 key object
 struct tr31_key_t {
@@ -273,8 +273,6 @@ struct tr31_ctx_t {
 
 	size_t opt_blocks_count; ///< TR-31 number of optional blocks
 	struct tr31_opt_ctx_t* opt_blocks; ///< TR-31 optional block context objects
-
-	uint32_t export_flags; ///< Flags used during TR-31 export
 };
 
 /// TR-31 library errors
@@ -886,13 +884,15 @@ int tr31_import(
  *
  * @param ctx TR-31 context object input
  * @param kbpk TR-31 key block protection key.
+ * @param flags TR-31 export flags.
  * @param key_block TR-31 key block output. Will contain printable ASCII characters and will be null-terminated.
  * @param key_block_buf_len TR-31 key block output buffer length.
  * @return Zero for success. Less than zero for internal error. Greater than zero for data error. See @ref tr31_error_t
  */
 int tr31_export(
 	const struct tr31_ctx_t* ctx,
 	const struct tr31_key_t* kbpk,
+	uint32_t flags,
 	char* key_block,
 	size_t key_block_buf_len
 );

diff --git a/test/tr31_export_test.c b/test/tr31_export_test.c
@@ -821,7 +821,6 @@ int main(void)
 			fprintf(stderr, "tr31_init() error %d: %s\n", r, tr31_get_error_string(r));
 			goto exit;
 		}
-		test_tr31.export_flags = test[i].export_flags;
 		if (test[i].cert_base64_count) {
 			for (size_t cert_idx = 0; cert_idx < test[i].cert_base64_count; ++cert_idx) {
 				r = tr31_opt_block_add_CT(
@@ -877,7 +876,7 @@ int main(void)
 		}
 
 		// Export key block
-		r = tr31_export(&test_tr31, &test[i].kbpk, key_block, sizeof(key_block));
+		r = tr31_export(&test_tr31, &test[i].kbpk, test[i].export_flags, key_block, sizeof(key_block));
 		if (r) {
 			fprintf(stderr, "tr31_export() error %d: %s\n", r, tr31_get_error_string(r));
 			goto exit;