-
Fredrik Thulin authored
A number of PKCS#11 functions take a pointer to a buffer size as argument. To be a transparent proxy of PKCS#11 calls, it is necessary to support invoking these functions with a NULL pointer. pkcs11-proxy used to send the buffer size as an integer and create a pointer to the integer on the server side, but this is different to the backend PKCS#11 module in some cases. E.g. the C_Encrypt call is specified to have side effectes (finalizing) when called with a NULL encrypted data length. The softhsm test suite exposed that these side effects never occured because the NULL data length pointer was conveyed as a valid pointer to the integer zero. Since an additional uint8_t was added to "byte buffers", this is an backwards incompatible change. As such, the version number in the protocol greeting was increased (GCK_RPC_HANDSHAKE).
Fredrik Thulin authoredA number of PKCS#11 functions take a pointer to a buffer size as argument. To be a transparent proxy of PKCS#11 calls, it is necessary to support invoking these functions with a NULL pointer. pkcs11-proxy used to send the buffer size as an integer and create a pointer to the integer on the server side, but this is different to the backend PKCS#11 module in some cases. E.g. the C_Encrypt call is specified to have side effectes (finalizing) when called with a NULL encrypted data length. The softhsm test suite exposed that these side effects never occured because the NULL data length pointer was conveyed as a valid pointer to the integer zero. Since an additional uint8_t was added to "byte buffers", this is an backwards incompatible change. As such, the version number in the protocol greeting was increased (GCK_RPC_HANDSHAKE).
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
