CACKey
Check-in [d689039e52]
Login
HomeDownloadsSource CodeWiki
Overview
Comment:Updated to deal with comparing the MODULUS attribute with non-exact matches
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: d689039e524e2bcdad37ef90843aab991bb8169b
User & Date: rkeene on 2011-08-24 03:35:38
Other Links: manifest | tags
Context
2011-08-24
03:36
Corrected typo check-in: 8cb81a67c7 user: rkeene tags: trunk
03:35
Updated to deal with comparing the MODULUS attribute with non-exact matches check-in: d689039e52 user: rkeene tags: trunk
01:46
Updated Mac OS X build scripts check-in: e8be04d9cf user: rkeene tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Modified cackey.c from [375972947e] to [05aec72ac3]. 

1733
1734
1735
1736
1737
1738
1739
1740

1741
1742
1743
1744
1745
1746
1747

1733
1734
1735
1736
1737
1738
1739

1740
1741
1742
1743
1744
1745
1746
1747








-
+








		CACKEY_DEBUG_PRINTF("Read failed, returning in failure");

		return(NULL);
	}

	vlen = (vlen_buf[1] << 8) | vlen_buf[0];

	CACKEY_DEBUG_PRINTF("Tag Length = %i, Value Length = %i", tlen, vlen);
	CACKEY_DEBUG_PRINTF("Tag Length = %lu, Value Length = %lu", (unsigned long) tlen, (unsigned long) vlen);

	offset_t += 2;
	offset_v += 2;

	if (tlen > sizeof(tval_buf)) {
		CACKEY_DEBUG_PRINTF("Tag length is too large, returning in failure");


4625
4626
4627
4628
4629
4630
4631








































































4632
4633
4634
4635
4636
4637
4638

4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710








+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+








		return(CKR_GENERAL_ERROR);
	}

	CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK);

	return(CKR_OK);
}

static int cackey_pkcs11_compare_attributes(CK_ATTRIBUTE *a, CK_ATTRIBUTE *b) {
	unsigned char *smallbuf, *largebuf;
	size_t smallbuf_len, largebuf_len;

	CACKEY_DEBUG_PRINTF("Called.");

	if (a->type != b->type) {
		return(0);
	}

	CACKEY_DEBUG_PRINTF("    ... found matching type ...");

	CACKEY_DEBUG_PRINTBUF("    ... our value:", a->pValue, a->ulValueLen);

	if (b->pValue == NULL) {
		CACKEY_DEBUG_PRINTF("       ... found wildcard match");

		return(1);
	}

	if (a->pValue == NULL) {
		return(0);
	}

 	if (b->ulValueLen == a->ulValueLen && memcmp(a->pValue, b->pValue, b->ulValueLen) == 0) {
		CACKEY_DEBUG_PRINTF("       ... found exact match");

		return(1);
	}

	switch (a->type) {
		case CKA_MODULUS:
			if (a->ulValueLen == b->ulValueLen) {
				break;
			}

			if (a->ulValueLen > b->ulValueLen) {
				smallbuf = b->pValue;
				smallbuf_len = b->ulValueLen;

				largebuf = a->pValue;
				largebuf_len = a->ulValueLen;
			} else {
				smallbuf = a->pValue;
				smallbuf_len = a->ulValueLen;

				largebuf = b->pValue;
				largebuf_len = b->ulValueLen;
			}

			for (; largebuf_len != smallbuf_len; largebuf++,largebuf_len--) {
				if (largebuf[0] != 0) {
					break;
				}
			}

			if (largebuf_len != smallbuf_len) {
				break;
			}

			if (memcmp(largebuf, smallbuf, smallbuf_len) == 0) {
				CACKEY_DEBUG_PRINTF("       ... found approximate match");

				return(1);
			}

			break;
	}

	return(0);
}

CK_DEFINE_FUNCTION(CK_RV, C_FindObjects)(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR phObject, CK_ULONG ulMaxObjectCount, CK_ULONG_PTR pulObjectCount) {
	struct cackey_identity *curr_id;
	CK_ATTRIBUTE *curr_attr;
	CK_ULONG curr_id_idx, curr_out_id_idx, curr_attr_idx, sess_attr_idx;
	CK_ULONG matched_count, prev_matched_count;
	int mutex_retval;

4714
4715
4716
4717
4718
4719
4720
4721

4722
4723
4724
4725
4726
4727
4728

4729
4730

4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746

4786
4787
4788
4789
4790
4791
4792

4793







4794
4795

4796









4797
4798
4799
4800
4801
4802
4803








-
+
-
-
-
-
-
-
-
+

-
+
-
-
-
-
-
-
-
-
-









			curr_attr = &cackey_sessions[hSession].search_query[curr_attr_idx];

			CACKEY_DEBUG_PRINTF("  Checking for attribute 0x%08lx in identity:%i...", (unsigned long) curr_attr->type, (int) curr_id_idx);
			CACKEY_DEBUG_PRINTBUF("    Value looking for:", curr_attr->pValue, curr_attr->ulValueLen);

			for (sess_attr_idx = 0; sess_attr_idx < curr_id->attributes_count; sess_attr_idx++) {
				if (curr_id->attributes[sess_attr_idx].type == curr_attr->type) {
				if (cackey_pkcs11_compare_attributes(&curr_id->attributes[sess_attr_idx], curr_attr)) {
					CACKEY_DEBUG_PRINTF("    ... found matching type ...");
					CACKEY_DEBUG_PRINTBUF("    ... our value:", curr_id->attributes[sess_attr_idx].pValue, curr_id->attributes[sess_attr_idx].ulValueLen);

					if (curr_attr->pValue == NULL) {
						CACKEY_DEBUG_PRINTF("       ... found wildcard match");

						matched_count++;
					matched_count++;

						break;
					break;
					}

 					if (curr_attr->ulValueLen == curr_id->attributes[sess_attr_idx].ulValueLen && memcmp(curr_attr->pValue, curr_id->attributes[sess_attr_idx].pValue, curr_id->attributes[sess_attr_idx].ulValueLen) == 0) {
						CACKEY_DEBUG_PRINTF("       ... found exact match");

						matched_count++;

						break;
					}
				}
			}

			/* If the attribute could not be matched, do not try to match additional attributes */
			if (prev_matched_count == matched_count) {
				break;
			}

Powered by Fossil · RSS