CACKey: Check-in [0c7c510048]

Overview

Comment:	Updated to treat returning a zero-length signed message as an error
Downloads:	Tarball \| ZIP archive \| SQL archive
Timelines:	family \| ancestors \| descendants \| both \| trunk
Files:	files \| file ages \| folders
SHA1:	0c7c5100481f28840eabea699c6cf08d266ca269
User & Date:	rkeene on 2017-07-17 13:56:51
Other Links:	manifest \| tags

Context

2017-12-27
18:54		Integrated dlmopen() wrapper library (not for general use) check-in: 59356166dc user: rkeene tags: trunk
18:48		Added a wrapper PKCS#11 module which uses GNU dlmopen to segregate loading cackey and its libraries to avoid issues with different linkspaces Closed-Leaf check-in: 45c70bc44d user: rkeene tags: dlopen-wrapper
17:59		Started work on updating DOD certs Leaf check-in: ff2eb37b0a user: rkeene tags: update-dod-certs
17:52		Started work on runtime loading of dependencies Leaf check-in: e14e862239 user: rkeene tags: runtime-loading-of-deps
2017-07-17
13:56		Updated to treat returning a zero-length signed message as an error check-in: 0c7c510048 user: rkeene tags: trunk
13:56		Corrected typo causing debug builds to fail check-in: d02f2af7a5 user: rkeene tags: trunk

Changes

Hide Diffs Side-by-Side Diffs Show Whitespace Changes Patch

Modified build/chrome/cackey-chrome-pkcs11.c from [d840c2c357] to [8bb129b692].

   600    600   						chk_rv = moduleFunctionList->C_SignInit(hSession, &signMechanism, hKey);
   601    601   						if (chk_rv != CKR_OK) {
   602    602   							break;
   603    603   						}
   604    604   
   605    605   						tmpDestinationLength = *destinationLength;
   606    606   						chk_rv = moduleFunctionList->C_Sign(hSession, data, dataLength, destination, &tmpDestinationLength);
          607  +
          608  +						if (tmpDestinationLength == 0) {
          609  +							chk_rv = CKR_GENERAL_ERROR;
          610  +						}
          611  +
   607    612   						switch (chk_rv) {
   608    613   							case CKR_OK:
   609    614   								*destinationLength = tmpDestinationLength;
   610    615   								retval = CACKEY_CHROME_OK;
   611    616   								break;
   612    617   							case CKR_USER_NOT_LOGGED_IN:
   613    618   								retval = CACKEY_CHROME_NEEDLOGIN;

Modified build/chrome/cackey-chrome-plugin.cc from [77c6f00e8d] to [c633169af7].

   114    114   						pin = message->Get("pin").AsString().c_str();
   115    115   					} else {
   116    116   						pin = NULL;
   117    117   					}
   118    118   
   119    119   					incomingCertificateCACKey.certificate = incomingCertificateContents->Map();					
   120    120   					incomingCertificateCACKey.certificate_len = incomingCertificateContents->ByteLength();					
   121         -
   122    121   					outgoingDataLength = sizeof(buffer);
   123    122   
   124    123   					signRet = cackey_chrome_signMessage(&incomingCertificateCACKey,
   125    124   						incomingData->Map(), incomingData->ByteLength(),
   126    125   						buffer, &outgoingDataLength,
   127    126   						&pinPrompt, pin
   128    127   					);