From 6faa13d83e5166e4bbe97d85935aca779fde9089 Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Thu, 2 Jul 2020 14:46:29 +0200
Subject: [PATCH 2/2] pkcstok_migrate: Fix private token object conversion on
 little endian platforms

The new format stores numeric fields in the object header in big endian, while
the old format uses the platform endianness. So convert the fields to big endian
during conversion.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
 usr/sbin/pkcstok_migrate/pkcstok_migrate.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/usr/sbin/pkcstok_migrate/pkcstok_migrate.c b/usr/sbin/pkcstok_migrate/pkcstok_migrate.c
index e0c19125..0148102c 100644
--- a/usr/sbin/pkcstok_migrate/pkcstok_migrate.c
+++ b/usr/sbin/pkcstok_migrate/pkcstok_migrate.c
@@ -239,7 +239,7 @@ static CK_RV make_OBJECT_PRIV_312(unsigned char **obj_new, unsigned int *obj_new
 
     /* Setup header */
     memset(&header, 0, sizeof(header));
-    header.tokversion = 0x0003000C;
+    header.tokversion = htobe32(0x0003000C);
     header.private_flag = 0x01;
     ret = aes_256_wrap(header.key_wrapped, obj_key, masterkey);
     if (ret != CKR_OK) {
@@ -252,7 +252,7 @@ static CK_RV make_OBJECT_PRIV_312(unsigned char **obj_new, unsigned int *obj_new
     header.iv[9] = 0;
     header.iv[10] = 0;
     header.iv[11] = 1;
-    header.object_len = clear_len;
+    header.object_len = htobe32(clear_len);
     memcpy(object, &header, HEADER_LEN);
 
     /* Encrypt body */
-- 
2.16.2.windows.1