Check-in [eaa9f36a2b]
Overview
Comment:Fixed issues with signdecrypt buffer sizes

Centralized reading of identities

Added debugging to determine why wrong applet ID is being stored in identity

Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:eaa9f36a2b5334d84356e8d645fb21301444baf2
User & Date: rkeene on 2010-05-17 00:20:06
Other Links: manifest | tags
Context
2010-05-17
03:24
Added splint target to makefile check-in: b59eaf52c0 user: rkeene tags: trunk
00:20
Fixed issues with signdecrypt buffer sizes

Centralized reading of identities

Added debugging to determine why wrong applet ID is being stored in identity check-in: eaa9f36a2b user: rkeene tags: trunk

2010-05-15
00:56
Updated leakcheck to require a filename as parameter check-in: 9cf62b20d5 user: rkeene tags: trunk
Changes

Modified cackey.c from [e8f3ee7748] to [4cc11579bd].

  1757   1757   			curr_id = &certs[outidx];
  1758   1758   			outidx++;
  1759   1759   
  1760   1760   			memcpy(curr_id->applet, curr_aid, sizeof(curr_id->applet));
  1761   1761   			curr_id->file = ccc_curr->value_cardurl->objectid;
  1762   1762   			curr_id->label = NULL;
  1763   1763   
         1764  +			CACKEY_DEBUG_PRINTF("Filling curr_id->applet (%p) with %lu bytes:", curr_id->applet, (unsigned long) sizeof(curr_id->applet));
         1765  +			CACKEY_DEBUG_PRINTBUF("VAL:", curr_id->applet, sizeof(curr_id->applet));
         1766  +
  1764   1767   			curr_id->certificate_len = app_curr->length;
  1765   1768   
  1766   1769   			curr_id->certificate = malloc(curr_id->certificate_len);
  1767   1770   			memcpy(curr_id->certificate, app_curr->value, curr_id->certificate_len);
  1768   1771   
  1769   1772   			if (outidx >= *count) {
  1770   1773   				if (certs_resizable) {
................................................................................
  1809   1812    *
  1810   1813    * NOTES
  1811   1814    *     ...
  1812   1815    *
  1813   1816    */
  1814   1817   static ssize_t cackey_signdecrypt(struct cackey_slot *slot, struct cackey_identity *identity, unsigned char *buf, size_t buflen, unsigned char *outbuf, size_t outbuflen) {
  1815   1818   	cackey_ret send_ret;
         1819  +	int le;
  1816   1820   
  1817   1821   	CACKEY_DEBUG_PRINTF("Called.");
  1818   1822   
  1819   1823   	if (buflen > 255) {
  1820   1824   		CACKEY_DEBUG_PRINTF("Error.  buflen is greater than 255 (buflen = %lu)", (unsigned long) buflen);
  1821   1825   
  1822   1826   		return(-1);
  1823   1827   	}
  1824   1828   
  1825         -	if (outbuflen > 255) {
  1826         -		CACKEY_DEBUG_PRINTF("Error.  outbuflen is grater than 255 (outbuflen = %lu)", (unsigned long) outbuflen);
  1827         -
  1828         -		return(-1);
         1829  +	if (outbuflen > 253) {
         1830  +		le = 253;
         1831  +	} else {
         1832  +		le = outbuflen;
  1829   1833   	}
  1830   1834   
  1831   1835   	if (slot == NULL) {
  1832   1836   		CACKEY_DEBUG_PRINTF("Error.  slot is NULL");
  1833   1837   
  1834   1838   		return(-1);
  1835   1839   	}
................................................................................
  1846   1850   		return(-1);
  1847   1851   	}
  1848   1852   
  1849   1853   	/* Begin transaction */
  1850   1854   	cackey_begin_transaction(slot);
  1851   1855   
  1852   1856   	/* Select correct applet */
         1857  +	CACKEY_DEBUG_PRINTF("Selecting applet found at %p ...", identity->identity->applet);
  1853   1858   	cackey_select_applet(slot, identity->identity->applet, sizeof(identity->identity->applet));
  1854   1859   
  1855   1860   	/* Select correct file */
  1856   1861   	cackey_select_file(slot, identity->identity->file);
  1857   1862   
  1858         -	send_ret = cackey_send_apdu(slot, GSCIS_CLASS_GLOBAL_PLATFORM, GSCIS_INSTR_SIGNDECRYPT, 0x00, 0x00, buflen, buf, outbuflen, NULL, outbuf, &outbuflen);
         1863  +	send_ret = cackey_send_apdu(slot, GSCIS_CLASS_GLOBAL_PLATFORM, GSCIS_INSTR_SIGNDECRYPT, 0x00, 0x00, buflen, buf, le, NULL, outbuf, &outbuflen);
  1859   1864   	if (send_ret != CACKEY_PCSC_S_OK) {
  1860   1865   		CACKEY_DEBUG_PRINTF("ADPU Sending Failed -- returning in error.");
  1861   1866   
  1862   1867   		/* End transaction */
  1863   1868   		cackey_end_transaction(slot);
  1864   1869   
  1865   1870   		return(-1);
................................................................................
  2110   2115   	}
  2111   2116   
  2112   2117   	CACKEY_DEBUG_PRINTF("Returning sucessfully (0)");
  2113   2118   
  2114   2119   	return(0);
  2115   2120   }
  2116   2121   
  2117         -static void cackey_free_identities(struct cackey_identity *identities, unsigned long identities_count) {
  2118         -	CK_ATTRIBUTE *curr_attr;
  2119         -	unsigned long id_idx, attr_idx;
  2120         -
  2121         -	if (identities == NULL || identities_count == 0) {
  2122         -		return;
  2123         -	}
  2124         -
  2125         -	for (id_idx = 0; id_idx < identities_count; id_idx++) {
  2126         -		if (identities[id_idx].attributes) {
  2127         -			for (attr_idx = 0; attr_idx < identities[id_idx].attributes_count; attr_idx++) {
  2128         -				curr_attr = &identities[id_idx].attributes[attr_idx];
  2129         -
  2130         -				if (curr_attr->pValue) {
  2131         -					free(curr_attr->pValue);
  2132         -				}
  2133         -			}
  2134         -
  2135         -			free(identities[id_idx].attributes);
  2136         -		}
  2137         -	}
  2138         -
  2139         -	free(identities);
  2140         -}
  2141         -
  2142   2122   static CK_ATTRIBUTE_PTR cackey_get_attributes(CK_OBJECT_CLASS objectclass, struct cackey_pcsc_identity *identity, unsigned long identity_num, CK_ULONG_PTR pulCount) {
  2143   2123   	static CK_BBOOL ck_true = 1;
  2144   2124   	static CK_BBOOL ck_false = 0;
  2145   2125   	CK_ULONG numattrs = 0, retval_count;
  2146   2126   	CK_ATTRIBUTE_TYPE curr_attr_type;
  2147   2127   	CK_ATTRIBUTE curr_attr, *retval;
  2148   2128   	CK_VOID_PTR pValue;
................................................................................
  2477   2457   
  2478   2458   	*pulCount = numattrs;
  2479   2459   
  2480   2460   	CACKEY_DEBUG_PRINTF("Returning %lu objects (%p).", numattrs, retval);
  2481   2461   
  2482   2462   	return(retval);
  2483   2463   }
         2464  +
         2465  +static void cackey_free_identities(struct cackey_identity *identities, unsigned long identities_count) {
         2466  +	CK_ATTRIBUTE *curr_attr;
         2467  +	unsigned long id_idx, attr_idx;
         2468  +
         2469  +	if (identities == NULL || identities_count == 0) {
         2470  +		return;
         2471  +	}
         2472  +
         2473  +	for (id_idx = 0; id_idx < identities_count; id_idx++) {
         2474  +		if (identities[id_idx].attributes) {
         2475  +			for (attr_idx = 0; attr_idx < identities[id_idx].attributes_count; attr_idx++) {
         2476  +				curr_attr = &identities[id_idx].attributes[attr_idx];
         2477  +
         2478  +				if (curr_attr->pValue) {
         2479  +					free(curr_attr->pValue);
         2480  +				}
         2481  +			}
         2482  +
         2483  +			free(identities[id_idx].attributes);
         2484  +		}
         2485  +	}
         2486  +
         2487  +	free(identities);
         2488  +}
         2489  +
         2490  +static struct cackey_identity *cackey_read_identities(struct cackey_slot *slot, unsigned long *ids_found) {
         2491  +	struct cackey_pcsc_identity *pcsc_identities;
         2492  +	struct cackey_identity *identities;
         2493  +	unsigned long num_ids, id_idx, curr_id_type;
         2494  +	unsigned long num_certs, cert_idx;
         2495  +
         2496  +	CACKEY_DEBUG_PRINTF("Called.");
         2497  +
         2498  +	if (ids_found == NULL) {
         2499  +		CACKEY_DEBUG_PRINTF("Error.  ids_found is NULL");
         2500  +
         2501  +		return(NULL);
         2502  +	}
         2503  +
         2504  +	pcsc_identities = cackey_read_certs(slot, NULL, &num_certs);
         2505  +	if (pcsc_identities != NULL) {
         2506  +		/* Convert number of Certs to number of objects */
         2507  +		num_ids = (CKO_PRIVATE_KEY - CKO_CERTIFICATE + 1) * num_certs;
         2508  +
         2509  +		identities = malloc(num_ids * sizeof(*identities));
         2510  +
         2511  +		id_idx = 0;
         2512  +		for (cert_idx = 0; cert_idx < num_certs; cert_idx++) {
         2513  +			for (curr_id_type = CKO_CERTIFICATE; curr_id_type <= CKO_PRIVATE_KEY; curr_id_type++) {
         2514  +				identities[id_idx].attributes = cackey_get_attributes(curr_id_type, &pcsc_identities[cert_idx], cert_idx, &identities[id_idx].attributes_count);
         2515  +
         2516  +				if (identities[id_idx].attributes == NULL) {
         2517  +					identities[id_idx].attributes_count = 0;
         2518  +				}
         2519  +
         2520  +				id_idx++;
         2521  +			}
         2522  +		}
         2523  +
         2524  +		cackey_free_certs(pcsc_identities, num_certs, 1);
         2525  +
         2526  +		*ids_found = num_ids;
         2527  +		return(identities);
         2528  +	}
         2529  +
         2530  +	*ids_found = 0;
         2531  +	return(NULL);
         2532  +}
  2484   2533   
  2485   2534   CK_DEFINE_FUNCTION(CK_RV, C_Initialize)(CK_VOID_PTR pInitArgs) {
  2486   2535   	CK_C_INITIALIZE_ARGS CK_PTR args;
  2487   2536   	uint32_t idx;
  2488   2537   	int mutex_init_ret;
  2489   2538   
  2490   2539   	CACKEY_DEBUG_PRINTF("Called.");
................................................................................
  3171   3220   
  3172   3221   		cackey_mutex_unlock(cackey_biglock);
  3173   3222   
  3174   3223   		return(CKR_SLOT_ID_INVALID);
  3175   3224   	}
  3176   3225   
  3177   3226   	/* Verify that the card is actually in the slot. */
         3227  +	/* XXX: Check to make sure this is in the PKCS#11 specification */
  3178   3228   	if (cackey_token_present(&cackey_slots[slotID]) != CACKEY_PCSC_S_TOKENPRESENT) {
  3179   3229   		CACKEY_DEBUG_PRINTF("Error.  Card not present.  Returning CKR_DEVICE_REMOVED");
  3180   3230   
  3181   3231   		cackey_mutex_unlock(cackey_biglock);
  3182   3232   
  3183   3233   		return(CKR_DEVICE_REMOVED);
  3184   3234   	}
................................................................................
  3201   3251   			cackey_sessions[idx].identities_count = 0;
  3202   3252   
  3203   3253   			cackey_sessions[idx].search_active = 0;
  3204   3254   
  3205   3255   			cackey_sessions[idx].sign_active = 0;
  3206   3256   
  3207   3257   			cackey_sessions[idx].decrypt_active = 0;
         3258  +
         3259  +			cackey_sessions[idx].identities = cackey_read_identities(&cackey_slots[slotID], &cackey_sessions[idx].identities_count);
         3260  +
  3208   3261   
  3209   3262   			break;
  3210   3263   		}
  3211   3264   	}
  3212   3265   
  3213   3266   	mutex_retval = cackey_mutex_unlock(cackey_biglock);
  3214   3267   	if (mutex_retval != 0) {
................................................................................
  3721   3774   
  3722   3775   	CACKEY_DEBUG_PRINTF("Returning CKR_FUNCTION_NOT_SUPPORTED (%i)", CKR_FUNCTION_NOT_SUPPORTED);
  3723   3776   
  3724   3777   	return(CKR_FUNCTION_NOT_SUPPORTED);
  3725   3778   }
  3726   3779   
  3727   3780   CK_DEFINE_FUNCTION(CK_RV, C_FindObjectsInit)(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) {
  3728         -	struct cackey_pcsc_identity *pcsc_identities;
  3729         -	struct cackey_identity *identities;
  3730         -	unsigned long num_ids, id_idx, curr_id_type;
  3731         -	unsigned long num_certs, cert_idx;
  3732   3781   	int mutex_retval;
  3733   3782   
  3734   3783   	CACKEY_DEBUG_PRINTF("Called.");
  3735   3784   
  3736   3785   	if (!cackey_initialized) {
  3737   3786   		CACKEY_DEBUG_PRINTF("Error.  Not initialized.");
  3738   3787   
................................................................................
  3778   3827   			cackey_sessions[hSession].identities_count = 0;
  3779   3828   		}
  3780   3829   
  3781   3830   		cackey_slots[cackey_sessions[hSession].slotID].slot_reset = 0;
  3782   3831   	}
  3783   3832   
  3784   3833   	if (cackey_sessions[hSession].identities == NULL) {
  3785         -		pcsc_identities = cackey_read_certs(&cackey_slots[cackey_sessions[hSession].slotID], NULL, &num_certs);
  3786         -		if (pcsc_identities != NULL) {
  3787         -			/* Convert number of Certs to number of objects */
  3788         -			num_ids = (CKO_PRIVATE_KEY - CKO_CERTIFICATE + 1) * num_certs;
  3789         -
  3790         -			identities = malloc(num_ids * sizeof(*identities));
  3791         -
  3792         -			id_idx = 0;
  3793         -			for (cert_idx = 0; cert_idx < num_certs; cert_idx++) {
  3794         -				for (curr_id_type = CKO_CERTIFICATE; curr_id_type <= CKO_PRIVATE_KEY; curr_id_type++) {
  3795         -					identities[id_idx].attributes = cackey_get_attributes(curr_id_type, &pcsc_identities[cert_idx], cert_idx, &identities[id_idx].attributes_count);
  3796         -
  3797         -					if (identities[id_idx].attributes == NULL) {
  3798         -						identities[id_idx].attributes_count = 0;
  3799         -					}
  3800         -
  3801         -					id_idx++;
  3802         -				}
  3803         -			}
  3804         -
  3805         -			cackey_sessions[hSession].identities = identities;
  3806         -			cackey_sessions[hSession].identities_count = num_ids;
  3807         -
  3808         -			cackey_free_certs(pcsc_identities, num_certs, 1);
  3809         -		}
         3834  +		cackey_sessions[hSession].identities = cackey_read_identities(&cackey_slots[cackey_sessions[hSession].slotID], &cackey_sessions[hSession].identities_count);
  3810   3835   	}
  3811   3836   
  3812   3837   	if (pTemplate != NULL) {
  3813   3838   		if (ulCount != 0) {
  3814   3839   			cackey_sessions[hSession].search_query_count = ulCount;
  3815   3840   			cackey_sessions[hSession].search_query = malloc(ulCount * sizeof(*pTemplate));
  3816   3841   
................................................................................
  4538   4563   	cackey_sessions[hSession].sign_active = 1;
  4539   4564   
  4540   4565   	cackey_sessions[hSession].sign_mechanism = pMechanism->mechanism;
  4541   4566   
  4542   4567   	cackey_sessions[hSession].sign_buflen = 128;
  4543   4568   	cackey_sessions[hSession].sign_bufused = 0;
  4544   4569   	cackey_sessions[hSession].sign_buf = malloc(sizeof(*cackey_sessions[hSession].sign_buf) * cackey_sessions[hSession].sign_buflen);
         4570  +
         4571  +	CACKEY_DEBUG_PRINTF("Session %lu sign_identity is %p (identitie #%lu)", (unsigned long) hSession, &cackey_sessions[hSession].identities[hKey], (unsigned long) hKey);
  4545   4572   	cackey_sessions[hSession].sign_identity = &cackey_sessions[hSession].identities[hKey];
  4546   4573   
  4547   4574   	mutex_retval = cackey_mutex_unlock(cackey_biglock);
  4548   4575   	if (mutex_retval != 0) {
  4549   4576   		CACKEY_DEBUG_PRINTF("Error.  Unlocking failed.");
  4550   4577   
  4551   4578   		return(CKR_GENERAL_ERROR);
................................................................................
  4730   4757   		
  4731   4758   		return(CKR_OPERATION_NOT_INITIALIZED);
  4732   4759   	}
  4733   4760   
  4734   4761   	switch (cackey_sessions[hSession].sign_mechanism) {
  4735   4762   		case CKM_RSA_PKCS:
  4736   4763   			/* Ask card to sign */
         4764  +			CACKEY_DEBUG_PRINTF("Asking to decrypt from identity %p in session %lu", cackey_sessions[hSession].sign_identity, (unsigned long) hSession);
  4737   4765   			sigbuflen = cackey_signdecrypt(&cackey_slots[cackey_sessions[hSession].slotID], cackey_sessions[hSession].sign_identity, cackey_sessions[hSession].sign_buf, cackey_sessions[hSession].sign_buflen, sigbuf, sizeof(sigbuf));
  4738   4766   
  4739   4767   			if (sigbuflen < 0) {
  4740   4768   				/* Signing failed. */
  4741   4769   				retval = CKR_GENERAL_ERROR;
  4742   4770   			} else if (((unsigned long) sigbuflen) > *pulSignatureLen && pSignature) {
  4743   4771   				/* Signed data too large */