Skip to content

Commit

Permalink
Add error code checks when writing certificate data
Browse files Browse the repository at this point in the history
  • Loading branch information
@aveenismail
aveenismail committed Dec 6, 2023
1 parent b1bcc74 commit fac3a1c
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions ykcs11/token.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -463,7 +463,9 @@ CK_RV token_generate_key(ykpiv_state *state, gen_info_t *gen, CK_BYTE key, CK_BY
if(rv != CKR_OK)
return rv;

ykpiv_util_write_certdata(data, recv_len, YKPIV_CERTINFO_UNCOMPRESSED, certdata, &certdata_len);
if ((res = ykpiv_util_write_certdata(data, recv_len, YKPIV_CERTINFO_UNCOMPRESSED, certdata, &certdata_len)) != YKPIV_OK) {
return yrc_to_rv(res);
}

if(*cert_len < (CK_ULONG)certdata_len) {
DBG("Certificate buffer too small.");
Expand Down Expand Up @@ -494,7 +496,9 @@ CK_RV token_import_cert(ykpiv_state *state, CK_ULONG cert_id, CK_BYTE_PTR in, CK
return rv;
}

ykpiv_util_write_certdata(in, cert_len, YKPIV_CERTINFO_UNCOMPRESSED, certdata, &certdata_len);
if ((res = ykpiv_util_write_certdata(in, cert_len, YKPIV_CERTINFO_UNCOMPRESSED, certdata, &certdata_len)) != YKPIV_OK) {
return yrc_to_rv(res);
}

// Store the certificate into the token
if ((res = ykpiv_save_object(state, cert_id, certdata, certdata_len)) != YKPIV_OK)
Expand Down

0 comments on commit fac3a1c

Please sign in to comment.