Whack attribute code with a club until it works with PKCS #11.

PKCS #11 supports zero-length attributes (eg, CKA_LABEL) so hack of using zero length attribute as NIL value won't work, instead we use a slightly more portable version of the hack PKCS #11 uses (PKCS #11 stuffs -1 into a CK_ULONG, we stuff 0xFFFFFFFF into a uint32_t). ks_attribute.c code was trying too hard and tripping over its own socks. Instead of trying to maintain attributes[] in place during modification, we now perform the minimum necessary change then re-scan the block. This is (very slightly) slower but more robust, both because the scan code has better error checking and because it's the scan code that we want to be sure is happy before committing a change. Rename hal_rpc_pkey_attribute_t to hal_pkey_attribute_t.
author: Rob Austein <sra@hactrn.net> 2016-11-21 23:36:36 -0500
committer: Rob Austein <sra@hactrn.net> 2016-11-21 23:36:36 -0500
commit: 15efcdb3e2ebe20c35818447537728c9de2f089f (patch)
tree: 3dffa84f8e69254043ad088350e13c6010a16382 /ks_attribute.c
parent: 834924b3e4d827f6db03d307a88e23bf95dc4624 (diff)
1 files changed, 9 insertions, 25 deletions
diff --git a/ks_attribute.c b/ks_attribute.c
index 2621ed7..92e450d 100644
--- a/ks_attribute.c
+++ b/ks_attribute.c
@@ -44,7 +44,7 @@
  * issues, and doing it this way just isn't expensive enough to worry about.
  */
 
-const size_t hal_ks_attribute_header_size = 2 * sizeof(uint32_t);
+const size_t hal_ks_attribute_header_size = 6;
 
 static inline hal_error_t read_header(const uint8_t * const bytes, const size_t bytes_len,
                                       uint32_t *attribute_type, size_t *attribute_len)
@@ -80,7 +80,7 @@ static inline hal_error_t write_header(uint8_t *bytes, const size_t bytes_len,
 }
 
 hal_error_t hal_ks_attribute_scan(const uint8_t * const bytes, const size_t bytes_len,
-                                  hal_rpc_pkey_attribute_t *attributes, const unsigned attributes_len,
+                                  hal_pkey_attribute_t *attributes, const unsigned attributes_len,
                                   size_t *total_len)
 {
   if (bytes == NULL)
@@ -95,6 +95,8 @@ hal_error_t hal_ks_attribute_scan(const uint8_t * const bytes, const size_t byte
     hal_error_t err = read_header(b, end - b, &type, &length);
     if (err != HAL_OK)
       return err;
+    if (b + hal_ks_attribute_header_size + length  > end)
+      return HAL_ERROR_BAD_ATTRIBUTE_LENGTH;
     b += hal_ks_attribute_header_size;
     if (attributes != NULL) {
       attributes[i].type   = type;
@@ -102,8 +104,6 @@ hal_error_t hal_ks_attribute_scan(const uint8_t * const bytes, const size_t byte
       attributes[i].value  = b;
     }
     b += length;
-    if (b > end)
-      return HAL_ERROR_BAD_ATTRIBUTE_LENGTH;
   }
 
   if (total_len != NULL)
@@ -113,7 +113,7 @@ hal_error_t hal_ks_attribute_scan(const uint8_t * const bytes, const size_t byte
 }
 
 hal_error_t hal_ks_attribute_delete(uint8_t *bytes, const size_t bytes_len,
-                                    hal_rpc_pkey_attribute_t *attributes, unsigned *attributes_len,
+                                    hal_pkey_attribute_t *attributes, unsigned *attributes_len,
                                     size_t *total_len,
                                     const uint32_t type)
 {
@@ -138,17 +138,11 @@ hal_error_t hal_ks_attribute_delete(uint8_t *bytes, const size_t bytes_len,
           bytes + delete_offset + delete_length,
           *total_len - delete_length - delete_offset);
 
-  *total_len -= delete_length;
-
-  memmove(&attributes[i], &attributes[i + 1], *attributes_len - i - 1);
-
-  --*attributes_len;
-
-  return HAL_OK;
+  return hal_ks_attribute_scan(bytes, bytes_len, attributes, --*attributes_len, total_len);
 }
 
 hal_error_t hal_ks_attribute_insert(uint8_t *bytes, const size_t bytes_len,
-                                   hal_rpc_pkey_attribute_t *attributes, unsigned *attributes_len,
+                                   hal_pkey_attribute_t *attributes, unsigned *attributes_len,
                                    size_t *total_len,
                                    const uint32_t type,
                                    const uint8_t * const value, const size_t value_len)
@@ -172,19 +166,9 @@ hal_error_t hal_ks_attribute_insert(uint8_t *bytes, const size_t bytes_len,
   if ((err = write_header(b, bytes_len - *total_len, type, value_len)) != HAL_OK)
     return err;
 
-  b += hal_ks_attribute_header_size;
+  memcpy(b + hal_ks_attribute_header_size, value, value_len);
 
-  memcpy(b, value, value_len);
-
-  *total_len += hal_ks_attribute_header_size + value_len;
-
-  attributes[*attributes_len].type   = type;
-  attributes[*attributes_len].length = value_len;
-  attributes[*attributes_len].value  = b;
-
-  ++*attributes_len;
-
-  return HAL_OK;
+  return hal_ks_attribute_scan(bytes, bytes_len, attributes, ++*attributes_len, total_len);
 }
 
 /*
author	Rob Austein <sra@hactrn.net>	2016-11-21 23:36:36 -0500
committer	Rob Austein <sra@hactrn.net>	2016-11-21 23:36:36 -0500
commit	15efcdb3e2ebe20c35818447537728c9de2f089f (patch)
tree	3dffa84f8e69254043ad088350e13c6010a16382 /ks_attribute.c
parent	834924b3e4d827f6db03d307a88e23bf95dc4624 (diff)