aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2016-10-26 21:03:56 -0400
committerRob Austein <sra@hactrn.net>2016-10-26 21:03:56 -0400
commit1c2e11cde5020e577040d1f18ac07db26dc97210 (patch)
tree7bd6004d7bfe60dde9c322e9db1b9ffb9bb0da60
parentdca4161990a2f9286c9400d014645c2ae69a3369 (diff)
Fix pure-remote-mode hal_rpc_pkey_{sign,verify}().
Pure-remote-mode (where even the hashing is done in the HSM) did not work, because XDR passes zero length strings rather than NULL string pointers. Mostly, we use fixed mode, so nobody noticed.
-rw-r--r--rpc_pkey.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/rpc_pkey.c b/rpc_pkey.c
index 493dec8..268f1b4 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -656,7 +656,7 @@ static hal_error_t pkey_local_sign_rsa(uint8_t *keybuf, const size_t keybuf_len,
if (*signature_len > signature_max)
return HAL_ERROR_RESULT_TOO_LONG;
- if (input == NULL) {
+ if (input == NULL || input_len == 0) {
if ((err = hal_rpc_pkcs1_construct_digestinfo(hash, signature, &input_len, *signature_len)) != HAL_OK)
return err;
input = signature;
@@ -684,7 +684,7 @@ static hal_error_t pkey_local_sign_ecdsa(uint8_t *keybuf, const size_t keybuf_le
if ((err = hal_ecdsa_private_key_from_der(&key, keybuf, keybuf_len, der, der_len)) != HAL_OK)
return err;
- if (input == NULL) {
+ if (input == NULL || input_len == 0) {
hal_digest_algorithm_t alg;
if ((err = hal_rpc_hash_get_algorithm(hash, &alg)) != HAL_OK ||
@@ -788,7 +788,7 @@ static hal_error_t pkey_local_verify_rsa(uint8_t *keybuf, const size_t keybuf_le
if (err != HAL_OK)
return err;
- if (input == NULL) {
+ if (input == NULL || input_len == 0) {
if ((err = hal_rpc_pkcs1_construct_digestinfo(hash, expected, &input_len, sizeof(expected))) != HAL_OK)
return err;
input = expected;
@@ -835,7 +835,7 @@ static hal_error_t pkey_local_verify_ecdsa(uint8_t *keybuf, const size_t keybuf_
if (err != HAL_OK)
return err;
- if (input == NULL) {
+ if (input == NULL || input_len == 0) {
hal_digest_algorithm_t alg;
if ((err = hal_rpc_hash_get_algorithm(hash, &alg)) != HAL_OK ||