Hello all, during the development of application that uses nCipher nShield F3 HSM I found few problems in current implementation (0.9.8m) of chil engine.
Problem no.1:
Prompt for card insertion was displayed with leading binary characters
(see attached screenshot). Zeroing of buffer where the prompt will be
stored solved this problem. This change was made in file
"openssl-0.9.8m/engines/e_chil.c" in function "hwcrhk_insert_card".
Problem no.2:
There is definition of callback function "getphystoken" in file
"openssl-0.9.8m\engines\vendor_defns\hwcryptohook.h" that is probably
provided by nCipher.
int (*getphystoken)(const char *prompt_info,
const char *wrong_info,
HWCryptoHook_PassphraseContext *ppctx,
HWCryptoHook_CallerContext *cactx);
/* Requests that the human user physically insert a different
* smartcard, DataKey, etc. The plugin should check whether the
* currently inserted token(s) are appropriate, and if they are it
* should not make this call.
*
* prompt_info is as before. wrong_info is a description of the
* currently inserted token(s) so that the user is told what
* something is. wrong_info, like prompt_info, may be null, but
* should not be an empty string. Its contents should be
* syntactically similar to that of prompt_info.
*/
Description in comment states that parameter "wrong_info" may be null,
but should not be an empty string. However in my environment hwcrhk
library passes EMPTY STRING.
Because of these empty strings there are really weird prompts displayed
to the end user. For example there is "opercs" card inserted in the slot
and UI displays following information:
Current card: ""
So to fix this I added additional checks if passed string is empty.
Problem no.3:
Almost identical as problem 2, but in callback function "getpassphrase",
that is also defined and described in file
"openssl-0.9.8m\engines\vendor_defns\hwcryptohook.h".
int (*getpassphrase)(const char *prompt_info,
int *len_io, char *buf,
HWCryptoHook_PassphraseContext *ppctx,
HWCryptoHook_CallerContext *cactx);
/* Passphrases and the prompt_info, if they contain high-bit-set
* characters, are UTF-8. The prompt_info may be a null pointer if
* no prompt information is available (it should not be an empty
* string). It will not contain text like `enter passphrase';
* instead it might say something like `Operator Card for John
* Smith' or `SmartCard in nFast Module #1, Slot #1'.
*
* buf points to a buffer in which to return the passphrase; on
* entry *len_io is the length of the buffer. It should be updated
* by the callback. The returned passphrase should not be
* null-terminated by the callback.
*/
Description in comment again states that parameter "prompt_info" may be
null, but should not be an empty string. However in my environment
hwcrhk library again passes EMPTY STRING.
Because of these empty strings there are really weird prompts displayed
to the end user. For example:
Please enter pass phrase for :
I fixed this same way as problem no.2. by adding additional checks if
passed string is empty.
The only explanation for problems 2 and 3 I could came up with is that
nCipher changed behaviour of hwcrhk library since 1998. However I am not
able to check if this is true.
I am attaching patch for openssl-0.9.8m that solves all three problems.
It would be great if this fix could be included in 0.9.8 branch.
Please let me know if you need me to rewrite this patch for other
version or if you need more information.
--
Jaroslav Imrich
Disig, a.s.
Zahradnicka 151, 821 08 Bratislava 2
[email protected]
www.disig.sk
__________ Information from ESET NOD32 Antivirus, version of virus signature
database 4932 (20100310) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
<<inline: insert_card.png>>
diff -ur openssl-0.9.8m/engines/e_chil.c
openssl-0.9.8m-modified/engines/e_chil.c
--- openssl-0.9.8m/engines/e_chil.c 2008-11-28 23:04:25.000000000 +0100
+++ openssl-0.9.8m-modified/engines/e_chil.c 2010-03-10 14:04:54.000000000
+0100
@@ -1205,6 +1205,10 @@
void *callback_data = NULL;
UI_METHOD *ui_method = NULL;
+ const char *prompt_info_checked = NULL;
+ if (0 != *prompt_info)
+ prompt_info_checked = prompt_info;
+
if (cactx)
{
if (cactx->ui_method)
@@ -1237,7 +1241,7 @@
{
int ok;
char *prompt = UI_construct_prompt(ui,
- "pass phrase", prompt_info);
+ "pass phrase", prompt_info_checked);
ok = UI_add_input_string(ui,prompt,
UI_INPUT_FLAG_DEFAULT_PWD,
@@ -1305,8 +1309,9 @@
{
char answer;
char buf[BUFSIZ];
+ memset(buf, 0, BUFSIZ);
- if (wrong_info)
+ if ((wrong_info) && (0 != *wrong_info))
BIO_snprintf(buf, sizeof(buf)-1,
"Current card: \"%s\"\n", wrong_info);
ok = UI_dup_info_string(ui, buf);
