b0210e0710
- wrap_public_key() passed the address of the local stack variable internal_key to RSA_meth_set0_data(), which was used long after wrap_public_key() had returned. Changed to static. - The callback functions yk_rsa_meth_sign and yk_ec_meth_sign 'siglen' parameter has type (unisgned int *), which was cast to (size_t *) before it was used to write a value in the caller's memory space. This caused stack corruption on machines where size_t is bigger than unsigned int. - The callback function's 'siglen' parameter is output-only, not in-out. The input value was assumed to contain the maximum size of the output buffer as input, and a bogus value was compared to the amount of data received from the token in function _general_authenticate(). Changed to pass in the values returned by RSA_size(rsa) and ECDSA_size(ec), which Openssl specifies as minimum buffer sizes. - The callback functions' return values were swapped; fixed to return 1 on success, 0 on failure.