Allow signing more than 512 bytes of data #2314
Conversation
src/libopensc/pkcs15-sec.c
Outdated
|
|
||
| sc_mem_clear(buf, sizeof(buf)); | ||
| err: | ||
| sc_mem_secure_free(buf, buflen); |
There was a problem hiding this comment.
would it make sense to keep the sc_mem_clear() here to zeroize the memory before freeing?
src/libopensc/pkcs15-sec.c
Outdated
| if (inlen < modlen) { | ||
| if (modlen > sizeof(buf)) | ||
| if (modlen > buflen) | ||
| return SC_ERROR_BUFFER_TOO_SMALL; |
src/pkcs11/mechanism.c
Outdated
| if (!data) | ||
| return; | ||
| sc_pkcs11_release_operation(&data->md); | ||
| sc_mem_secure_free(data->buffer, data->buffer_len); |
There was a problem hiding this comment.
would it make sense to do sc_mem_clear() here too as it was in the previous implementation or using the secure memory implies this somehow (might be worth mentioning in comment?)?
|
@frankmorgner did you get back to my review comments? |
thanks, jakub for spotting this
|
Thanks for the reminder, all comments should be fixed now. There isn't a single case where we should call sc_secure_free without the need for clearing the memory. Therefor I've added |
|
I got back to this to verify it works as expected. I am able to sign arbitrary sizes with SoftHSM, but with Nitrokey (through OpenSC), I get only up to 256 bytes, for 384 and 512 bytes, I am getting I was not able to figure out if the gnuk/nitrokey is supposed to support chaining or not from its source code. Certainly the card response weirdly to the chained APDUs, which is something I would like to investigate later. But this PR is fine anyway. |
2 participants
Fixes #2300
Note, that I've used
sc_mem_secure_alloc()for saving the input data.Checklist