YKCS11: update cert buffer size.
This commit is contained in:
@@ -158,7 +158,7 @@ static CK_RV COMMON_token_generate_key(ykpiv_state *state, CK_BBOOL rsa,
|
|||||||
|
|
||||||
static CK_RV COMMON_token_import_cert(ykpiv_state *state, CK_ULONG cert_id, CK_BYTE_PTR in) {
|
static CK_RV COMMON_token_import_cert(ykpiv_state *state, CK_ULONG cert_id, CK_BYTE_PTR in) {
|
||||||
|
|
||||||
unsigned char certdata[2100];
|
unsigned char certdata[3072];
|
||||||
unsigned char *certptr;
|
unsigned char *certptr;
|
||||||
CK_ULONG cert_len;
|
CK_ULONG cert_len;
|
||||||
|
|
||||||
@@ -168,7 +168,7 @@ static CK_RV COMMON_token_import_cert(ykpiv_state *state, CK_ULONG cert_id, CK_B
|
|||||||
if ((rv = do_check_cert(in, &cert_len)) != CKR_OK)
|
if ((rv = do_check_cert(in, &cert_len)) != CKR_OK)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
if (cert_len > 2100)
|
if (cert_len > 3072)
|
||||||
return CKR_FUNCTION_FAILED;
|
return CKR_FUNCTION_FAILED;
|
||||||
|
|
||||||
certptr = certdata;
|
certptr = certdata;
|
||||||
|
|||||||
+2
-2
@@ -438,7 +438,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_OpenSession)(
|
|||||||
CK_RV rv;
|
CK_RV rv;
|
||||||
piv_obj_id_t *cert_ids;
|
piv_obj_id_t *cert_ids;
|
||||||
CK_ULONG i;
|
CK_ULONG i;
|
||||||
CK_BYTE cert_data[2100]; // Max cert value for ykpiv
|
CK_BYTE cert_data[3072]; // Max cert value for ykpiv
|
||||||
CK_ULONG cert_len = sizeof(cert_data);
|
CK_ULONG cert_len = sizeof(cert_data);
|
||||||
|
|
||||||
DIN; // TODO: pApplication and Notify
|
DIN; // TODO: pApplication and Notify
|
||||||
@@ -2115,7 +2115,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_GenerateKeyPair)(
|
|||||||
CK_ULONG pvtk_id;
|
CK_ULONG pvtk_id;
|
||||||
CK_ULONG pubk_id;
|
CK_ULONG pubk_id;
|
||||||
piv_obj_id_t *obj_ptr;
|
piv_obj_id_t *obj_ptr;
|
||||||
CK_BYTE cert_data[2100];
|
CK_BYTE cert_data[3072];
|
||||||
CK_ULONG cert_len;
|
CK_ULONG cert_len;
|
||||||
|
|
||||||
DIN;
|
DIN;
|
||||||
|
|||||||
Reference in New Issue
Block a user