Project

General

Profile

Actions

Bug #9698

closed

pkcs11 C_Digest() is too restrictive in input

Added by Jason King about 3 years ago. Updated almost 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
lib - userland libraries
Start date:
2018-08-03
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:

Description

Upstream of Joyent OS-6605:

While adding a bunch of additional test vectors to the crypto-tests in illumos-joyent, it was discovered that the 0-length SHA1 and SHA2 (SHA256,SHA384,SHA512) tests fail. This is because pkcs11_softtoken doesn't allow a NULL or 0-length input for C_Digest (however, C_DigestUpdate/C_DigestFinal do work. There is nothing I can find in the PKCS#11 specification that suggests the input value MUST be > 0.

Actions #1

Updated by Electric Monk almost 3 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

git commit 0e986b9d87352cd82909c748e7f684afe0ed579f

commit  0e986b9d87352cd82909c748e7f684afe0ed579f
Author: Jason King <jason.king@joyent.com>
Date:   2018-08-07T19:46:09.000Z

    9698 pkcs11 C_Digest() is too restrictive in input
    Reviewed by: Dan McDonald <danmcd@joyent.com>
    Reviewed by: Robert Mustacchi <rm@joyent.com>
    Reviewed by: Yuri Pankov <yuripv@yuripv.net>
    Reviewed by: Igor Kozhukhov <igor@dilos.org>
    Reviewed by: Matt Barden <matt.barden@nexenta.com>
    Approved by: Richard Lowe <richlowe@richlowe.net>

Actions

Also available in: Atom PDF