[Cryptech-Commits] [sw/libhal] 02/03: ks_list() was returning garbage for keys not visible to current session.

git at cryptech.is git at cryptech.is
Sat Nov 5 18:59:42 UTC 2016

Previous message (by thread): [Cryptech-Commits] [sw/libhal] 01/03: .set_attribute() speed tests.
Next message (by thread): [Cryptech-Commits] [sw/libhal] 03/03: Add attribute read timing tests.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch ksng
in repository sw/libhal.

commit 1d7ff81bd24dc14730f84f040f63a8da5a344d39
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Sat Nov 5 00:44:42 2016 -0400

    ks_list() was returning garbage for keys not visible to current session.
---
 ks_flash.c    |  9 ++++-----
 ks_volatile.c | 12 ++++++++----
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/ks_flash.c b/ks_flash.c
index 2eda9e3..7a11f0f 100644
--- a/ks_flash.c
+++ b/ks_flash.c
@@ -1097,17 +1097,16 @@ static hal_error_t ks_list(hal_ks_t *ks,
   if (ks != &db.ks || result == NULL || result_len == NULL)
     return HAL_ERROR_BAD_ARGUMENTS;
 
-  if (db.ksi.used > result_max)
-    return HAL_ERROR_RESULT_TOO_LONG;
-
   flash_block_t *block;
   hal_error_t err;
-  unsigned b;
 
   *result_len = 0;
 
   for (int i = 0; i < db.ksi.used; i++) {
-    b = db.ksi.index[i];
+    unsigned b = db.ksi.index[i];
+
+    if (*result_len >= result_max)
+      return HAL_ERROR_RESULT_TOO_LONG;
 
     if ((err = block_read_cached(b, &block)) != HAL_OK)
       return err;
diff --git a/ks_volatile.c b/ks_volatile.c
index c416263..c8a424c 100644
--- a/ks_volatile.c
+++ b/ks_volatile.c
@@ -360,23 +360,27 @@ static hal_error_t ks_list(hal_ks_t *ks,
   if (ksv->db == NULL)
     return HAL_ERROR_KEYSTORE_ACCESS;
 
-  if (ksv->db->ksi.used > result_max)
-    return HAL_ERROR_RESULT_TOO_LONG;
+  *result_len = 0;
 
   for (int i = 0; i < ksv->db->ksi.used; i++) {
     unsigned b = ksv->db->ksi.index[i];
+
     if (ksv->db->ksi.names[b].chunk > 0)
       continue;
+
     if (!key_visible_to_session(ksv, client, session, &ksv->db->keys[b]))
       continue;
+
+    if (*result_len >= result_max)
+      return HAL_ERROR_RESULT_TOO_LONG;
+
     result[i].name  = ksv->db->ksi.names[b].name;
     result[i].type  = ksv->db->keys[b].type;
     result[i].curve = ksv->db->keys[b].curve;
     result[i].flags = ksv->db->keys[b].flags;
+    ++ *result_len;
   }
 
-  *result_len = ksv->db->ksi.used;
-
   return HAL_OK;
 }

Previous message (by thread): [Cryptech-Commits] [sw/libhal] 01/03: .set_attribute() speed tests.
Next message (by thread): [Cryptech-Commits] [sw/libhal] 03/03: Add attribute read timing tests.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Commits mailing list