From bfda53303ced4c5303f0a6859b4c98e872108849 Mon Sep 17 00:00:00 2001 From: Alessio Di Mauro Date: Thu, 3 Dec 2015 10:47:49 -0800 Subject: [PATCH] YKCS11: update cert buffer size. --- ykcs11/token_vendors.c | 4 ++-- ykcs11/ykcs11.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ykcs11/token_vendors.c b/ykcs11/token_vendors.c index 2f2ad7d..aa50ad2 100644 --- a/ykcs11/token_vendors.c +++ b/ykcs11/token_vendors.c @@ -158,7 +158,7 @@ static CK_RV COMMON_token_generate_key(ykpiv_state *state, CK_BBOOL rsa, static CK_RV COMMON_token_import_cert(ykpiv_state *state, CK_ULONG cert_id, CK_BYTE_PTR in) { - unsigned char certdata[2100]; + unsigned char certdata[3072]; unsigned char *certptr; CK_ULONG cert_len; @@ -168,7 +168,7 @@ static CK_RV COMMON_token_import_cert(ykpiv_state *state, CK_ULONG cert_id, CK_B if ((rv = do_check_cert(in, &cert_len)) != CKR_OK) return rv; - if (cert_len > 2100) + if (cert_len > 3072) return CKR_FUNCTION_FAILED; certptr = certdata; diff --git a/ykcs11/ykcs11.c b/ykcs11/ykcs11.c index cbb56b1..e0e4497 100644 --- a/ykcs11/ykcs11.c +++ b/ykcs11/ykcs11.c @@ -438,7 +438,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_OpenSession)( CK_RV rv; piv_obj_id_t *cert_ids; CK_ULONG i; - CK_BYTE cert_data[2100]; // Max cert value for ykpiv + CK_BYTE cert_data[3072]; // Max cert value for ykpiv CK_ULONG cert_len = sizeof(cert_data); DIN; // TODO: pApplication and Notify @@ -2115,7 +2115,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair)( CK_ULONG pvtk_id; CK_ULONG pubk_id; piv_obj_id_t *obj_ptr; - CK_BYTE cert_data[2100]; + CK_BYTE cert_data[3072]; CK_ULONG cert_len; DIN;