From e6277fc6d33cb6087594da009ebfd124c0c5b555 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Tue, 12 Jul 2016 14:07:32 -0400 Subject: Whoops, CKR_BUFFER_TOO_SMALL doesn't terminate a sign or digest operation. --- pkcs11.c | 31 ++++++++++--------------------- 1 file changed, 10 insertions(+), 21 deletions(-) diff --git a/pkcs11.c b/pkcs11.c index 6b32440..3623dcb 100644 --- a/pkcs11.c +++ b/pkcs11.c @@ -2667,16 +2667,11 @@ static CK_RV sign_hal_rpc(p11_session_t *session, if (!get_signature_len(session->sign_key_handle, pkey, &signature_len)) lose(CKR_FUNCTION_FAILED); - rv = signature_len > *pulSignatureLen ? CKR_BUFFER_TOO_SMALL : CKR_OK; + rv = pSignature != NULL && signature_len > *pulSignatureLen ? CKR_BUFFER_TOO_SMALL : CKR_OK; *pulSignatureLen = signature_len; - if (pSignature != NULL && rv == CKR_BUFFER_TOO_SMALL) - lose(CKR_BUFFER_TOO_SMALL); - - if (pSignature == NULL) - rv = CKR_OK; - else + if (pSignature != NULL && rv == CKR_OK) rv = p11_whine_from_hal(hal_rpc_pkey_sign(p11_session_hal_session(session), pkey, session->sign_digest_handle, pData, ulDataLen, pSignature, &signature_len, signature_len)); /* Fall through */ @@ -3837,15 +3832,12 @@ CK_RV C_Digest(CK_SESSION_HANDLE hSession, if (!hal_check(hal_rpc_hash_get_digest_length(session->digest_algorithm, &digest_len))) lose(CKR_FUNCTION_FAILED); - rv = *pulDigestLen < digest_len ? CKR_BUFFER_TOO_SMALL : CKR_OK; + rv = pDigest != NULL && *pulDigestLen < digest_len ? CKR_BUFFER_TOO_SMALL : CKR_OK; *pulDigestLen = digest_len; - if (pDigest == NULL) - return mutex_unlock(p11_global_mutex); - - if (rv == CKR_BUFFER_TOO_SMALL) - lose(CKR_BUFFER_TOO_SMALL); + if (pDigest == NULL || rv == CKR_BUFFER_TOO_SMALL) + mutex_unlock_return_with_rv(rv, p11_global_mutex); if ((rv = digest_update(session, session->digest_algorithm, &session->digest_handle, pData, ulDataLen)) != CKR_OK) @@ -3922,15 +3914,12 @@ CK_RV C_DigestFinal(CK_SESSION_HANDLE hSession, if (!hal_check(hal_rpc_hash_get_digest_length(session->digest_algorithm, &digest_len))) lose(CKR_FUNCTION_FAILED); - rv = *pulDigestLen < digest_len ? CKR_BUFFER_TOO_SMALL : CKR_OK; + rv = pDigest != NULL && *pulDigestLen < digest_len ? CKR_BUFFER_TOO_SMALL : CKR_OK; *pulDigestLen = digest_len; - if (pDigest == NULL) - return mutex_unlock(p11_global_mutex); - - if (rv == CKR_BUFFER_TOO_SMALL) - lose(CKR_BUFFER_TOO_SMALL); + if (pDigest == NULL || rv == CKR_BUFFER_TOO_SMALL) + mutex_unlock_return_with_rv(rv, p11_global_mutex); if (!hal_check(hal_rpc_hash_finalize(session->digest_handle, pDigest, *pulDigestLen))) lose(CKR_FUNCTION_FAILED); @@ -4091,7 +4080,7 @@ CK_RV C_Sign(CK_SESSION_HANDLE hSession, } /* Fall through */ fail: - if (session != NULL && pSignature != NULL) { + if (session != NULL && pSignature != NULL && rv != CKR_BUFFER_TOO_SMALL) { session->sign_key_handle = CK_INVALID_HANDLE; session->sign_digest_algorithm = hal_digest_algorithm_none; digest_cleanup(&session->sign_digest_handle); @@ -4175,7 +4164,7 @@ CK_RV C_SignFinal(CK_SESSION_HANDLE hSession, } /* Fall through */ fail: - if (session != NULL && pSignature != NULL) { + if (session != NULL && pSignature != NULL && rv != CKR_BUFFER_TOO_SMALL) { session->sign_key_handle = CK_INVALID_HANDLE; session->sign_digest_algorithm = hal_digest_algorithm_none; digest_cleanup(&session->sign_digest_handle); -- cgit v1.2.3