softoken does not properly implement CKR_BUFFER_TOO_SMALL

ASSIGNED
Assigned to

Status

P3
normal
ASSIGNED
5 years ago
5 years ago

People

(Reporter: ryan.sleevi, Assigned: wtc)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

5 years ago
According to the PKCS#11 specification (v2.20), the error code CKR_BUFFER_TOO_SMALL should be used when the output of the function is too large to fit in the supplied buffer.

A number of the softoken function implementations (eg: NSC_DecryptUpdate / NSC_DecryptFinal) fail to properly implement this check, instead assuming that the caller supplied data is valid.

The easiest demonstration of this is to attempt to perform an AES-CBC decryption operation. No length checks are made to ensure that pulLastPartLen is >= the required length before writing into pLastPart, as required by "Section 11.2, Item 2"

"If pBuf is not NULL_PTR, then *pulBufLen must contain the size in bytes of the  buffer pointed to by pBuf. If that buffer is large enough to hold the cryptographic output produced from the input to the function, then that cryptographic output is placed there, and CKR_OK is returned by the function. If the buffer is not large enough, then CKR_BUFFER_TOO_SMALL is returned. In either case, *pulBufLen is set to hold the exact number of bytes needed to hold the cryptographic output produced from the input to the function"
(Assignee)

Comment 1

5 years ago
Created attachment 812977 [details] [diff] [review]
Work in progress

1. Not yet tested.
2. Still need to fix NSC_EncryptUpdate.
Assignee: nobody → wtc
Status: NEW → ASSIGNED
You need to log in before you can comment on or make changes to this bug.