Overview
Comment: | Updated to treat returning a zero-length signed message as an error |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: | 0c7c5100481f28840eabea699c6cf08d266ca269 |
User & Date: | rkeene on 2017-07-17 13:56:51 |
Other Links: | manifest | tags |
Context
2017-12-27
| ||
18:54 | Integrated dlmopen() wrapper library (not for general use) check-in: 59356166dc user: rkeene tags: trunk | |
18:48 | Added a wrapper PKCS#11 module which uses GNU dlmopen to segregate loading cackey and its libraries to avoid issues with different linkspaces Closed-Leaf check-in: 45c70bc44d user: rkeene tags: dlopen-wrapper | |
17:59 | Started work on updating DOD certs Leaf check-in: ff2eb37b0a user: rkeene tags: update-dod-certs | |
17:52 | Started work on runtime loading of dependencies Leaf check-in: e14e862239 user: rkeene tags: runtime-loading-of-deps | |
2017-07-17
| ||
13:56 | Updated to treat returning a zero-length signed message as an error check-in: 0c7c510048 user: rkeene tags: trunk | |
13:56 | Corrected typo causing debug builds to fail check-in: d02f2af7a5 user: rkeene tags: trunk | |
Changes
Modified build/chrome/cackey-chrome-pkcs11.c from [d840c2c357] to [8bb129b692].
600 600 chk_rv = moduleFunctionList->C_SignInit(hSession, &signMechanism, hKey); 601 601 if (chk_rv != CKR_OK) { 602 602 break; 603 603 } 604 604 605 605 tmpDestinationLength = *destinationLength; 606 606 chk_rv = moduleFunctionList->C_Sign(hSession, data, dataLength, destination, &tmpDestinationLength); 607 + 608 + if (tmpDestinationLength == 0) { 609 + chk_rv = CKR_GENERAL_ERROR; 610 + } 611 + 607 612 switch (chk_rv) { 608 613 case CKR_OK: 609 614 *destinationLength = tmpDestinationLength; 610 615 retval = CACKEY_CHROME_OK; 611 616 break; 612 617 case CKR_USER_NOT_LOGGED_IN: 613 618 retval = CACKEY_CHROME_NEEDLOGIN;
Modified build/chrome/cackey-chrome-plugin.cc from [77c6f00e8d] to [c633169af7].
114 114 pin = message->Get("pin").AsString().c_str(); 115 115 } else { 116 116 pin = NULL; 117 117 } 118 118 119 119 incomingCertificateCACKey.certificate = incomingCertificateContents->Map(); 120 120 incomingCertificateCACKey.certificate_len = incomingCertificateContents->ByteLength(); 121 - 122 121 outgoingDataLength = sizeof(buffer); 123 122 124 123 signRet = cackey_chrome_signMessage(&incomingCertificateCACKey, 125 124 incomingData->Map(), incomingData->ByteLength(), 126 125 buffer, &outgoingDataLength, 127 126 &pinPrompt, pin 128 127 );