Check for vendor-defined object classes and return CKR_ATTRIBUTE_TYPE_INVALID when trying to create a vendor-defined object.
Signed-off-by: Klaus Heinrich Kiwi <[email protected]> --- usr/lib/pkcs11/common/object.c | 8 ++++++++ 1 files changed, 8 insertions(+), 0 deletions(-) diff --git a/usr/lib/pkcs11/common/object.c b/usr/lib/pkcs11/common/object.c index 0077893..03e3bfb 100755 --- a/usr/lib/pkcs11/common/object.c +++ b/usr/lib/pkcs11/common/object.c @@ -379,6 +379,14 @@ object_create( CK_ATTRIBUTE * pTemplate, st_err_log(48, __FILE__, __LINE__); return CKR_TEMPLATE_INCOMPLETE; } + + // Return CKR_ATTRIBUTE_TYPE_INVALID when trying to create a + // vendor-defined object. + if (class >= CKO_VENDOR_DEFINED) { + st_err_log(8, __FILE__, __LINE__); + return CKR_ATTRIBUTE_TYPE_INVALID; + } + if (class != CKO_DATA && subclass_given != TRUE){ st_err_log(48, __FILE__, __LINE__); return CKR_TEMPLATE_INCOMPLETE; -- 1.6.3.3 ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
