C_Digest does not check if buffer too small before update. Issue #327
C_Digest will now query for the buffer size using sc_pkcs15_md_final before calling sc_pkcs15_md_update. This avoids doing a double update when the user passes in a buffer to small, then gets the buffer and calls C_Digest again.
This commit is contained in:
parent
8aadbbd678
commit
cd01a73caf
|
@ -511,6 +511,7 @@ C_Digest(CK_SESSION_HANDLE hSession, /* the session's handle */
|
||||||
{
|
{
|
||||||
CK_RV rv;
|
CK_RV rv;
|
||||||
struct sc_pkcs11_session *session;
|
struct sc_pkcs11_session *session;
|
||||||
|
CK_ULONG ulBuflen = 0;
|
||||||
|
|
||||||
rv = sc_pkcs11_lock();
|
rv = sc_pkcs11_lock();
|
||||||
if (rv != CKR_OK)
|
if (rv != CKR_OK)
|
||||||
|
@ -521,7 +522,21 @@ C_Digest(CK_SESSION_HANDLE hSession, /* the session's handle */
|
||||||
if (rv != CKR_OK)
|
if (rv != CKR_OK)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
rv = sc_pkcs11_md_update(session, pData, ulDataLen);
|
/* if pDigest == NULL, buffer size request */
|
||||||
|
if (pDigest) {
|
||||||
|
/* As per PKCS#11 2.20 we need to check if buffer too small before update */
|
||||||
|
rv = sc_pkcs11_md_final(session, NULL, &ulBuflen);
|
||||||
|
if (rv != CKR_OK)
|
||||||
|
goto out;
|
||||||
|
|
||||||
|
if (ulBuflen > *pulDigestLen) {
|
||||||
|
*pulDigestLen = ulBuflen;
|
||||||
|
rv = CKR_BUFFER_TOO_SMALL;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
rv = sc_pkcs11_md_update(session, pData, ulDataLen);
|
||||||
|
}
|
||||||
if (rv == CKR_OK)
|
if (rv == CKR_OK)
|
||||||
rv = sc_pkcs11_md_final(session, pDigest, pulDigestLen);
|
rv = sc_pkcs11_md_final(session, pDigest, pulDigestLen);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue