[Cryptech-Commits] [sw/libhal] 01/03: Fix pure-remote-mode hal_rpc_pkey_{sign, verify}().

git at cryptech.is git at cryptech.is
Thu Oct 27 01:13:04 UTC 2016

Previous message (by thread): [Cryptech-Commits] [sw/libhal] branch ksng updated (dca4161 -> 3d3f71c)
Next message (by thread): [Cryptech-Commits] [sw/libhal] 02/03: Add PyCrypto-based mixed-mode support to Python RPC client.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch ksng
in repository sw/libhal.

commit 1c2e11cde5020e577040d1f18ac07db26dc97210
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Wed Oct 26 21:03:56 2016 -0400

    Fix pure-remote-mode hal_rpc_pkey_{sign,verify}().
    
    Pure-remote-mode (where even the hashing is done in the HSM) did not
    work, because XDR passes zero length strings rather than NULL string
    pointers.  Mostly, we use fixed mode, so nobody noticed.
---
 rpc_pkey.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/rpc_pkey.c b/rpc_pkey.c
index 493dec8..268f1b4 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -656,7 +656,7 @@ static hal_error_t pkey_local_sign_rsa(uint8_t *keybuf, const size_t keybuf_len,
   if (*signature_len > signature_max)
     return HAL_ERROR_RESULT_TOO_LONG;
 
-  if (input == NULL) {
+  if (input == NULL || input_len == 0) {
     if ((err = hal_rpc_pkcs1_construct_digestinfo(hash, signature, &input_len, *signature_len)) != HAL_OK)
       return err;
     input = signature;
@@ -684,7 +684,7 @@ static hal_error_t pkey_local_sign_ecdsa(uint8_t *keybuf, const size_t keybuf_le
   if ((err = hal_ecdsa_private_key_from_der(&key, keybuf, keybuf_len, der, der_len)) != HAL_OK)
     return err;
 
-  if (input == NULL) {
+  if (input == NULL || input_len == 0) {
     hal_digest_algorithm_t alg;
 
     if ((err = hal_rpc_hash_get_algorithm(hash, &alg))          != HAL_OK ||
@@ -788,7 +788,7 @@ static hal_error_t pkey_local_verify_rsa(uint8_t *keybuf, const size_t keybuf_le
   if (err != HAL_OK)
     return err;
 
-  if (input == NULL) {
+  if (input == NULL || input_len == 0) {
     if ((err = hal_rpc_pkcs1_construct_digestinfo(hash, expected, &input_len, sizeof(expected))) != HAL_OK)
       return err;
     input = expected;
@@ -835,7 +835,7 @@ static hal_error_t pkey_local_verify_ecdsa(uint8_t *keybuf, const size_t keybuf_
   if (err != HAL_OK)
     return err;
 
-  if (input == NULL) {
+  if (input == NULL || input_len == 0) {
     hal_digest_algorithm_t alg;
 
     if ((err = hal_rpc_hash_get_algorithm(hash, &alg))              != HAL_OK ||

Previous message (by thread): [Cryptech-Commits] [sw/libhal] branch ksng updated (dca4161 -> 3d3f71c)
Next message (by thread): [Cryptech-Commits] [sw/libhal] 02/03: Add PyCrypto-based mixed-mode support to Python RPC client.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Commits mailing list