From f3bd82710087eea9a8ba8049fba97612fd430d07 Mon Sep 17 00:00:00 2001 From: Alessio Di Mauro Date: Thu, 5 Nov 2015 14:09:09 +0100 Subject: [PATCH] YKCS11: add more precondition checks during SingInit. --- ykcs11/ykcs11.c | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/ykcs11/ykcs11.c b/ykcs11/ykcs11.c index 4d76606..701a2e7 100644 --- a/ykcs11/ykcs11.c +++ b/ykcs11/ykcs11.c @@ -1747,7 +1747,30 @@ CK_DEFINE_FUNCTION(CK_RV, C_Sign)( goto sign_out; } - // TODO: check other conditions + if (session.handle != YKCS11_SESSION_ID) { + DBG(("Session is not open")); + rv = CKR_SESSION_CLOSED; + goto sign_out; + } + + if (hSession != session.handle) { + DBG(("Unknown session %lu", hSession)); + rv = CKR_SESSION_HANDLE_INVALID; + goto sign_out; + } + + if (op_info.type != YKCS11_SIGN) { + DBG(("Operation not initialized")); + rv = CKR_OPERATION_NOT_INITIALIZED; + goto sign_out; + } + + if (session.info.state == CKS_RO_PUBLIC_SESSION || + session.info.state == CKS_RW_PUBLIC_SESSION) { + DBG(("User is not logged in")); + rv = CKR_USER_NOT_LOGGED_IN; + goto sign_out; + } if (pSignature == NULL_PTR) { // Just return the size of the signature