Check-in [66507306f5]
Overview
Comment:Fixed issues with padding
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:66507306f5956ac2f95f1957d5c737097248a57b
User & Date: rkeene on 2010-05-17 19:43:12
Other Links: manifest | tags
Context
2010-05-17
19:53
Updated to treat a request of read of 0 bytes as a no-op. check-in: 45212cc4ca user: rkeene tags: trunk
19:43
Fixed issues with padding check-in: 66507306f5 user: rkeene tags: trunk
19:37
Updated to support determining key size from X.509 object (untested)

Updated to set HW TOKEN flag

Updated to pad sign/decrypt message to key size (untested) check-in: a2ac84031e user: rkeene tags: trunk

Changes

Modified cackey.c from [e6d26b97df] to [64d4505a46].

  1835   1835    *     ...
  1836   1836    *
  1837   1837    */
  1838   1838   static ssize_t cackey_signdecrypt(struct cackey_slot *slot, struct cackey_identity *identity, unsigned char *buf, size_t buflen, unsigned char *outbuf, size_t outbuflen) {
  1839   1839   	unsigned char *tmpbuf, *tmpbuf_s;
  1840   1840   	unsigned char bytes_to_send, p1;
  1841   1841   	cackey_ret send_ret;
         1842  +	uint16_t respcode;
  1842   1843   	size_t tmpbuflen, padlen;
  1843   1844   	int free_tmpbuf = 0;
  1844   1845   	int le;
  1845   1846   
  1846   1847   	CACKEY_DEBUG_PRINTF("Called.");
  1847   1848   
  1848   1849   	if (buflen > 255) {
................................................................................
  1906   1907   			free_tmpbuf = 1;
  1907   1908   
  1908   1909   			padlen = tmpbuflen - buflen - 3;
  1909   1910   
  1910   1911   			tmpbuf[0] = 0x00;
  1911   1912   			tmpbuf[1] = 0x01;
  1912   1913   			memset(&tmpbuf[2], 0xFF, padlen);
  1913         -			tmpbuf[padlen]= 0x00;
  1914         -			memcpy(&tmpbuf[padlen + 1], buf, buflen);
         1914  +			tmpbuf[padlen + 2]= 0x00;
         1915  +			memcpy(&tmpbuf[padlen + 3], buf, buflen);
         1916  +
         1917  +			CACKEY_DEBUG_PRINTBUF("Unpadded:", buf, buflen);
         1918  +			CACKEY_DEBUG_PRINTBUF("Padded:", tmpbuf, tmpbuflen);
  1915   1919   		} else {
  1916   1920   			tmpbuf = buf;
  1917   1921   			tmpbuflen = buflen;
  1918   1922   			free_tmpbuf = 0;
  1919   1923   			padlen = 0;
  1920   1924   		}
  1921   1925   	} else {
................................................................................
  1943   1947   			bytes_to_send = 245;
  1944   1948   			p1 = 0x80;
  1945   1949   		} else {
  1946   1950   			bytes_to_send = tmpbuflen;
  1947   1951   			p1 = 0x00;
  1948   1952   		}
  1949   1953   
  1950         -		send_ret = cackey_send_apdu(slot, GSCIS_CLASS_GLOBAL_PLATFORM, GSCIS_INSTR_SIGNDECRYPT, p1, 0x00, bytes_to_send, tmpbuf, le, NULL, outbuf, &outbuflen);
         1954  +		send_ret = cackey_send_apdu(slot, GSCIS_CLASS_GLOBAL_PLATFORM, GSCIS_INSTR_SIGNDECRYPT, p1, 0x00, bytes_to_send, tmpbuf, le, &respcode, outbuf, &outbuflen);
  1951   1955   		if (send_ret != CACKEY_PCSC_S_OK) {
  1952   1956   			CACKEY_DEBUG_PRINTF("ADPU Sending Failed -- returning in error.");
         1957  +
         1958  +			if (respcode == 0x6982) {
         1959  +				CACKEY_DEBUG_PRINTF("Security status not satisified.");
         1960  +			}
  1953   1961   
  1954   1962   			if (free_tmpbuf) {
  1955   1963   				if (tmpbuf_s) {
  1956   1964   					free(tmpbuf_s);
  1957   1965   				}
  1958   1966   			}
  1959   1967