From patchwork Tue Jun 15 00:43:31 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lev Stipakov X-Patchwork-Id: 1860 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director9.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id 2CvGA6SEyGAiSQAAIUCqbw (envelope-from ) for ; Tue, 15 Jun 2021 06:44:52 -0400 Received: from proxy11.mail.ord1d.rsapps.net ([172.30.191.6]) by director9.mail.ord1d.rsapps.net with LMTP id GDufA6SEyGDKfAAAalYnBA (envelope-from ) for ; Tue, 15 Jun 2021 06:44:52 -0400 Received: from smtp16.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy11.mail.ord1d.rsapps.net with LMTPS id QJG1MpaEyGDJFQAAgKDEHA (envelope-from ) for ; Tue, 15 Jun 2021 06:44:38 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp16.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: b6585f6a-cdc6-11eb-a3a6-525400ca3ad5-1-1 Received: from [216.105.38.7] ([216.105.38.7:50270] helo=lists.sourceforge.net) by smtp16.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 2F/37-13739-3A488C06; Tue, 15 Jun 2021 06:44:51 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1lt6Y7-0001Li-JZ; Tue, 15 Jun 2021 10:44:03 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lt6Y0-0001L5-P5 for openvpn-devel@lists.sourceforge.net; Tue, 15 Jun 2021 10:43:56 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To: MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=wsk7M+EoiM0RUcg1urQZ+AIlMjm7n5G9tEVB66rvsPE=; b=eapkKHMThyi/ZQAtLAcRkaGRZg UJDuiIHIt75t7tLRbAUWKbH6ZttWxMfd27VsPe9yN1jqY3Bp3PTca+54mqtzmDbiZo8v+KhsBteFC 5Sh4840oMWgdbPuNYz92J3e2sCXt5SVIpEZFggligIqzySbbZF+OpE3qI8Zq3+sYnXRg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=wsk7M+EoiM0RUcg1urQZ+AIlMjm7n5G9tEVB66rvsPE=; b=dVQUHwmfqtTg4FLROhp0CHPfsv s7TBVhJiUDEKswdGO3jjYyr3J6vzwHko+vPK99Cvv6rFoGkeKsnrFQYnMFW1TqGEeSKHSE9sTZDXO mjHPM8VMMVh2zPnfQW40L/67l7JMiWaiSYJdU/rj2Ty1iIfXtBSWeji2HQSLs+beWMIw=; Received: from mail-ed1-f49.google.com ([209.85.208.49]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.3) id 1lt6Xs-00AXlS-VJ for openvpn-devel@lists.sourceforge.net; Tue, 15 Jun 2021 10:44:00 +0000 Received: by mail-ed1-f49.google.com with SMTP id dj8so50428940edb.6 for ; Tue, 15 Jun 2021 03:43:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=wsk7M+EoiM0RUcg1urQZ+AIlMjm7n5G9tEVB66rvsPE=; b=HgO+oQKhMmF1TA/AiyFnArX/lXK9JA925y0jDHhKJzsgtg1XdjzaDja6iW1uNBFrIo k1T0SctPjabv69NEG6d9INKrcP0pyEKyx4NfSv5DfFTuKihxxrSFduTWO+NpaqhRJOkc UxXjlCdWWSgUWL4yzb5pVUSUuw/lLK4xMaVF4cMyN8NPTgfQaw4HLeIjr97Ecu5SFJz/ uISOjgX+ItmFJAL1quLBi5x+QQvt6laNZDfaiOh+8utzvXOwrRJYgaUqfhEScO4GOR82 W/JnqMk6UZNnaz4qvqb4gA5adCk1mHQEp1H5mn6KPaOz0Hn3NTHVzxzsZX/asSMui+9t kxpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=wsk7M+EoiM0RUcg1urQZ+AIlMjm7n5G9tEVB66rvsPE=; b=dasVxuBqg/VCgenD/0sVDPZ83pUkvKb+Qppm0xTDCuRi8iIcfbulLF3hiAdncB8nuW egXRwiHekwWt0tgjuQjuD6/3Rs3zjlW3UAB9+0KYmpvW2Lkx7eTfiQDmuQ+ZHVeT2+nH EYrw8sKIajoPi/7uCfpgy+wlEakLXsuEDGJrHbuCkGt63Bac6/9nk/8YA6aLz66Hw8vp /CjdO1qhNukRi7B7A8o4kpa5zWHjR17UJu0FGMQnTiflS4eMfq4upA9hg7DXTPkTWXAH gAHCa9wZejFBeSZTmD1bJGfI4aETm54BkaQ/QXhUrm+yx3NJovlVijR50RLS5IExCB6/ PlRg== X-Gm-Message-State: AOAM531p/icvwaG0kEQpKJk2dV1A8908SNKqGjuny63dS0eTaKeXT1yC 6XXwb1mToZlKshZXsEllaVzqT+oMIMVeNg== X-Google-Smtp-Source: ABdhPJxGJOv+TJSEfFX5zFxSinppoYvzSL+yvKnwFDGAtyHQrazVdiLZGo45YyNUt1wWDU/zI+PTGg== X-Received: by 2002:aa7:db16:: with SMTP id t22mr22318317eds.49.1623753822267; Tue, 15 Jun 2021 03:43:42 -0700 (PDT) Received: from LAPTOP-4L3N7KFS.localdomain (nat3.panoulu.net. [185.38.2.3]) by smtp.gmail.com with ESMTPSA id i26sm11267981edq.54.2021.06.15.03.43.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Jun 2021 03:43:41 -0700 (PDT) From: Lev Stipakov To: openvpn-devel@lists.sourceforge.net Date: Tue, 15 Jun 2021 13:43:31 +0300 Message-Id: <20210615104331.210-1-lstipakov@gmail.com> X-Mailer: git-send-email 2.17.1 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (lstipakov[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.208.49 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.208.49 listed in wl.mailspike.net] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1lt6Xs-00AXlS-VJ Subject: [Openvpn-devel] [PATCH] vcpkg-ports: restore trailing whitespaces in .patch files X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Lev Stipakov MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Lev Stipakov Commit 36b9aa "contrib/vcpkg-ports: add pkcs11-helper port" has trimmed trailing white space in .patch files and thus corrupted them. Restore trailing whitespaces to "uncorrupt" patches. Signed-off-by: Lev Stipakov Acked-By: Gert Doering --- .../0001-nmake-openssl-1.1.1-support.patch | 6 +- .../pkcs11-helper-001-RFC7512.patch | 240 +++++++++--------- 2 files changed, 123 insertions(+), 123 deletions(-) diff --git a/contrib/vcpkg-ports/pkcs11-helper/0001-nmake-openssl-1.1.1-support.patch b/contrib/vcpkg-ports/pkcs11-helper/0001-nmake-openssl-1.1.1-support.patch index 4b584755..d1942a98 100644 --- a/contrib/vcpkg-ports/pkcs11-helper/0001-nmake-openssl-1.1.1-support.patch +++ b/contrib/vcpkg-ports/pkcs11-helper/0001-nmake-openssl-1.1.1-support.patch @@ -74,7 +74,7 @@ index 2edab39..b2ac746 100644 +++ b/lib/Makefile.w32-vc @@ -60,9 +60,9 @@ OPENSSL_HOME = ..\..\openssl-0.9.8a !endif - + !ifdef OPENSSL -OPENSSL_STATIC = libeay32.lib +OPENSSL_STATIC = libcrypto.lib @@ -82,7 +82,7 @@ index 2edab39..b2ac746 100644 -OPENSSL_DYNAMIC = libeay32.lib +OPENSSL_DYNAMIC = libcrypto.lib #OPENSSL_DYNAMIC = libeay32d.lib - + OPENSSL_INC=$(OPENSSL_HOME)\include --- +-- 2.23.0.windows.1 diff --git a/contrib/vcpkg-ports/pkcs11-helper/pkcs11-helper-001-RFC7512.patch b/contrib/vcpkg-ports/pkcs11-helper/pkcs11-helper-001-RFC7512.patch index ea4cee34..84fba080 100644 --- a/contrib/vcpkg-ports/pkcs11-helper/pkcs11-helper-001-RFC7512.patch +++ b/contrib/vcpkg-ports/pkcs11-helper/pkcs11-helper-001-RFC7512.patch @@ -3,7 +3,7 @@ Author: David Woodhouse Date: Thu Apr 30 14:58:24 2015 +0100 Serialize to RFC7512-compliant PKCS#11 URIs - + Signed-off-by: David Woodhouse commit 4d5280da8df591aab701dff4493d13a835a9b29c @@ -11,9 +11,9 @@ Author: David Woodhouse Date: Wed Dec 10 14:00:21 2014 +0000 Accept RFC7512-compliant PKCS#11 URIs as serialized token/certificate IDs - + The old format is still accepted for compatibility. - + Signed-off-by: David Woodhouse commit 14e09211c3d50eb06825090c9765e4382cf52f19 @@ -21,21 +21,21 @@ Author: David Woodhouse Date: Sun Dec 14 19:42:18 2014 +0000 Stop _pkcs11h_util_hexToBinary() checking for trailing NUL - + We are going to want to use this for parsing %XX hex escapes in RFC7512 PKCS#11 URIs, where we cannot expect a trailing NUL. Since there's only one existing caller at the moment, it's simple just to let the caller have responsibility for that check. - + Signed-off-by: David Woodhouse diff --git a/lib/pkcs11h-serialization.c b/lib/pkcs11h-serialization.c index ad275f8..1d077e4 100644 --- a/lib/pkcs11h-serialization.c +++ b/lib/pkcs11h-serialization.c @@ -61,29 +61,127 @@ - + #if defined(ENABLE_PKCS11H_TOKEN) || defined(ENABLE_PKCS11H_CERTIFICATE) - + +#define URI_SCHEME "pkcs11:" + +#define token_field_ofs(field) ((unsigned long)&(((struct pkcs11h_token_id_s *)0)->field)) @@ -147,19 +147,19 @@ index ad275f8..1d077e4 100644 + CK_RV pkcs11h_token_serializeTokenId ( - OUT char * const sz, - IN OUT size_t *max, - IN const pkcs11h_token_id_t token_id + OUT char * const sz, + IN OUT size_t *max, + IN const pkcs11h_token_id_t token_id ) { - const char *sources[5]; - CK_RV rv = CKR_FUNCTION_FAILED; + CK_RV rv = CKR_FUNCTION_FAILED; - size_t n; - int e; - - /*_PKCS11H_ASSERT (sz!=NULL); Not required*/ - _PKCS11H_ASSERT (max!=NULL); - _PKCS11H_ASSERT (token_id!=NULL); - + + /*_PKCS11H_ASSERT (sz!=NULL); Not required*/ + _PKCS11H_ASSERT (max!=NULL); + _PKCS11H_ASSERT (token_id!=NULL); + - { /* Must be after assert */ - sources[0] = token_id->manufacturerID; - sources[1] = token_id->model; @@ -168,13 +168,13 @@ index ad275f8..1d077e4 100644 - sources[4] = NULL; - } - - _PKCS11H_DEBUG ( - PKCS11H_LOG_DEBUG2, - "PKCS#11: pkcs11h_token_serializeTokenId entry sz=%p, *max="P_Z", token_id=%p", + _PKCS11H_DEBUG ( + PKCS11H_LOG_DEBUG2, + "PKCS#11: pkcs11h_token_serializeTokenId entry sz=%p, *max="P_Z", token_id=%p", @@ -92,67 +190,161 @@ pkcs11h_token_serializeTokenId ( - (void *)token_id - ); - + (void *)token_id + ); + - n = 0; - for (e=0;sources[e] != NULL;e++) { - size_t t; @@ -232,15 +232,15 @@ index ad275f8..1d077e4 100644 + urilen -= 2; + } else { + *tokstr = *uri; - } + } - n+=t; + tokstr++; + uri++; + toklen--; + urilen--; + tokstr[0] = 0; - } - + } + - if (sz != NULL) { - if (*max < n) { - rv = CKR_ATTRIBUTE_VALUE_INVALID; @@ -295,7 +295,7 @@ index ad275f8..1d077e4 100644 + + goto matched; + } - } + } + if (certificate_id && !strncmp(p, "id=", 3)) { + p += 3; + @@ -304,7 +304,7 @@ index ad275f8..1d077e4 100644 + if (rv != CKR_OK) { + goto cleanup; + } - + - n = 0; - for (e=0;sources[e] != NULL;e++) { - size_t t = *max-n; @@ -321,16 +321,16 @@ index ad275f8..1d077e4 100644 + end - p + 1, + &certificate_id->attrCKA_ID_size); + if (rv != CKR_OK) { - goto cleanup; - } + goto cleanup; + } - n+=t; - sz[n-1] = '/'; + + goto matched; - } + } - sz[n-1] = '\x0'; - } - + - *max = n; - rv = CKR_OK; + /* We don't parse object= because the match code doesn't support @@ -338,7 +338,7 @@ index ad275f8..1d077e4 100644 + + /* Failed to parse PKCS#11 URI element. */ + return CKR_ATTRIBUTE_VALUE_INVALID; - + + matched: + ; + } @@ -351,7 +351,7 @@ index ad275f8..1d077e4 100644 + !token_id->manufacturerID[0] || !token_id->serialNumber[0]) { + return CKR_ATTRIBUTE_VALUE_INVALID; + } - + - _PKCS11H_DEBUG ( - PKCS11H_LOG_DEBUG2, - "PKCS#11: pkcs11h_token_serializeTokenId return rv=%lu-'%s', *max="P_Z", sz='%s'", @@ -364,29 +364,29 @@ index ad275f8..1d077e4 100644 + if (certificate_id && !certificate_id->attrCKA_ID_size) { + return CKR_ATTRIBUTE_VALUE_INVALID; + } - - return rv; + + return rv; } - + +static CK_RV -pkcs11h_token_deserializeTokenId ( - OUT pkcs11h_token_id_t *p_token_id, +__pkcs11h_token_legacy_deserializeTokenId ( + OUT pkcs11h_token_id_t token_id, - IN const char * const sz + IN const char * const sz ) { #define __PKCS11H_TARGETS_NUMBER 4 @@ -161,24 +353,11 @@ pkcs11h_token_deserializeTokenId ( - size_t s; - } targets[__PKCS11H_TARGETS_NUMBER]; - + size_t s; + } targets[__PKCS11H_TARGETS_NUMBER]; + - pkcs11h_token_id_t token_id = NULL; - char *p1 = NULL; - char *_sz = NULL; - int e; - CK_RV rv = CKR_FUNCTION_FAILED; - + char *p1 = NULL; + char *_sz = NULL; + int e; + CK_RV rv = CKR_FUNCTION_FAILED; + - _PKCS11H_ASSERT (p_token_id!=NULL); - _PKCS11H_ASSERT (sz!=NULL); - @@ -399,24 +399,24 @@ index ad275f8..1d077e4 100644 - - *p_token_id = NULL; - - if ( - (rv = _pkcs11h_mem_strdup ( - (void *)&_sz, + if ( + (rv = _pkcs11h_mem_strdup ( + (void *)&_sz, @@ -190,10 +369,6 @@ pkcs11h_token_deserializeTokenId ( - - p1 = _sz; - + + p1 = _sz; + - if ((rv = _pkcs11h_token_newTokenId (&token_id)) != CKR_OK) { - goto cleanup; - } - - targets[0].p = token_id->manufacturerID; - targets[0].s = sizeof (token_id->manufacturerID); - targets[1].p = token_id->model; + targets[0].p = token_id->manufacturerID; + targets[0].s = sizeof (token_id->manufacturerID); + targets[1].p = token_id->model; @@ -252,6 +427,51 @@ pkcs11h_token_deserializeTokenId ( - p1 = p2+1; - } - + p1 = p2+1; + } + + rv = CKR_OK; + +cleanup: @@ -462,43 +462,43 @@ index ad275f8..1d077e4 100644 + goto cleanup; + } + - strncpy ( - token_id->display, - token_id->label, + strncpy ( + token_id->display, + token_id->label, @@ -264,11 +484,6 @@ pkcs11h_token_deserializeTokenId ( - rv = CKR_OK; - + rv = CKR_OK; + cleanup: - - if (_sz != NULL) { - _pkcs11h_mem_free ((void *)&_sz); - } - - if (token_id != NULL) { - pkcs11h_token_freeTokenId (token_id); - } + if (token_id != NULL) { + pkcs11h_token_freeTokenId (token_id); + } @@ -281,7 +496,6 @@ cleanup: - ); - - return rv; + ); + + return rv; -#undef __PKCS11H_TARGETS_NUMBER } - + #endif /* ENABLE_PKCS11H_TOKEN || ENABLE_PKCS11H_CERTIFICATE */ @@ -295,9 +509,6 @@ pkcs11h_certificate_serializeCertificateId ( - IN const pkcs11h_certificate_id_t certificate_id + IN const pkcs11h_certificate_id_t certificate_id ) { - CK_RV rv = CKR_FUNCTION_FAILED; + CK_RV rv = CKR_FUNCTION_FAILED; - size_t saved_max = 0; - size_t n = 0; - size_t _max = 0; - - /*_PKCS11H_ASSERT (sz!=NULL); Not required */ - _PKCS11H_ASSERT (max!=NULL); + + /*_PKCS11H_ASSERT (sz!=NULL); Not required */ + _PKCS11H_ASSERT (max!=NULL); @@ -311,42 +522,7 @@ pkcs11h_certificate_serializeCertificateId ( - (void *)certificate_id - ); - + (void *)certificate_id + ); + - if (sz != NULL) { - saved_max = n = *max; - } @@ -536,25 +536,25 @@ index ad275f8..1d077e4 100644 - -cleanup: + rv = __generate_pkcs11_uri(sz, max, certificate_id, certificate_id->token_id); - - _PKCS11H_DEBUG ( - PKCS11H_LOG_DEBUG2, + + _PKCS11H_DEBUG ( + PKCS11H_LOG_DEBUG2, @@ -360,27 +536,16 @@ cleanup: - return rv; + return rv; } - + +static CK_RV -pkcs11h_certificate_deserializeCertificateId ( - OUT pkcs11h_certificate_id_t * const p_certificate_id, +__pkcs11h_certificate_legacy_deserializeCertificateId ( + OUT pkcs11h_certificate_id_t certificate_id, - IN const char * const sz + IN const char * const sz ) { - pkcs11h_certificate_id_t certificate_id = NULL; - CK_RV rv = CKR_FUNCTION_FAILED; - char *p = NULL; - char *_sz = NULL; + CK_RV rv = CKR_FUNCTION_FAILED; + char *p = NULL; + char *_sz = NULL; - - _PKCS11H_ASSERT (p_certificate_id!=NULL); - _PKCS11H_ASSERT (sz!=NULL); @@ -568,24 +568,24 @@ index ad275f8..1d077e4 100644 - sz - ); + size_t id_hex_len; - - if ( - (rv = _pkcs11h_mem_strdup ( + + if ( + (rv = _pkcs11h_mem_strdup ( @@ -393,10 +558,6 @@ pkcs11h_certificate_deserializeCertificateId ( - - p = _sz; - + + p = _sz; + - if ((rv = _pkcs11h_certificate_newCertificateId (&certificate_id)) != CKR_OK) { - goto cleanup; - } - - if ((p = strrchr (_sz, '/')) == NULL) { - rv = CKR_ATTRIBUTE_VALUE_INVALID; - goto cleanup; + if ((p = strrchr (_sz, '/')) == NULL) { + rv = CKR_ATTRIBUTE_VALUE_INVALID; + goto cleanup; @@ -414,7 +575,12 @@ pkcs11h_certificate_deserializeCertificateId ( - goto cleanup; - } - + goto cleanup; + } + - certificate_id->attrCKA_ID_size = strlen (p)/2; + id_hex_len = strlen (p); + if (id_hex_len & 1) { @@ -593,13 +593,13 @@ index ad275f8..1d077e4 100644 + goto cleanup; + } + certificate_id->attrCKA_ID_size = id_hex_len/2; - - if ( - (rv = _pkcs11h_mem_malloc ( + + if ( + (rv = _pkcs11h_mem_malloc ( @@ -430,21 +596,64 @@ pkcs11h_certificate_deserializeCertificateId ( - goto cleanup; - } - + goto cleanup; + } + + rv = CKR_OK; + +cleanup: @@ -648,32 +648,32 @@ index ad275f8..1d077e4 100644 + goto cleanup; + } + - *p_certificate_id = certificate_id; - certificate_id = NULL; - rv = CKR_OK; - + *p_certificate_id = certificate_id; + certificate_id = NULL; + rv = CKR_OK; + cleanup: - - if (certificate_id != NULL) { - pkcs11h_certificate_freeCertificateId (certificate_id); - certificate_id = NULL; - } - + if (certificate_id != NULL) { + pkcs11h_certificate_freeCertificateId (certificate_id); + certificate_id = NULL; + } + - if (_sz != NULL) { - _pkcs11h_mem_free ((void *)&_sz); - } - - _PKCS11H_DEBUG ( - PKCS11H_LOG_DEBUG2, - "PKCS#11: pkcs11h_certificate_deserializeCertificateId return rv=%lu-'%s'", + _PKCS11H_DEBUG ( + PKCS11H_LOG_DEBUG2, + "PKCS#11: pkcs11h_certificate_deserializeCertificateId return rv=%lu-'%s'", diff --git a/lib/pkcs11h-util.c b/lib/pkcs11h-util.c index 0743fd1..f90e443 100644 --- a/lib/pkcs11h-util.c +++ b/lib/pkcs11h-util.c @@ -110,12 +110,7 @@ _pkcs11h_util_hexToBinary ( - p++; - } - + p++; + } + - if (*p != '\x0') { - return CKR_ATTRIBUTE_VALUE_INVALID; - } @@ -682,5 +682,5 @@ index 0743fd1..f90e443 100644 - } + return CKR_OK; } - + CK_RV