summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-security
diff options
context:
space:
mode:
Diffstat (limited to 'meta-oe/recipes-security')
-rw-r--r--meta-oe/recipes-security/softhsm/files/0002-Prevent-accessing-of-global-c-objects-once-they-are-.patch672
-rw-r--r--meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb1
2 files changed, 673 insertions, 0 deletions
diff --git a/meta-oe/recipes-security/softhsm/files/0002-Prevent-accessing-of-global-c-objects-once-they-are-.patch b/meta-oe/recipes-security/softhsm/files/0002-Prevent-accessing-of-global-c-objects-once-they-are-.patch
new file mode 100644
index 0000000000..6e61aeac3c
--- /dev/null
+++ b/meta-oe/recipes-security/softhsm/files/0002-Prevent-accessing-of-global-c-objects-once-they-are-.patch
@@ -0,0 +1,672 @@
1From 41968e7b742ad59046523a7eeb63514237fb63af Mon Sep 17 00:00:00 2001
2From: Neil Horman <nhorman@openssl.org>
3Date: Fri, 27 Oct 2023 14:57:37 -0400
4Subject: [PATCH] Prevent accessing of global c++ objects once they are deleted
5
6Fixes (Maybe) #729.
7Reset objects_deleted after reset is called.
8
9Upstream-Status: Submitted [https://github.com/opendnssec/SoftHSMv2/pull/742]
10---
11 src/lib/SoftHSM.cpp | 5 ++
12 src/lib/main.cpp | 138 ++++++++++++++++++++++++++++++++++++++++++++
13 2 files changed, 143 insertions(+)
14
15diff --git a/src/lib/SoftHSM.cpp b/src/lib/SoftHSM.cpp
16index 02c0f95..95bf208 100644
17--- a/src/lib/SoftHSM.cpp
18+++ b/src/lib/SoftHSM.cpp
19@@ -89,6 +89,8 @@
20
21 // Initialise the one-and-only instance
22
23+int objects_deleted = 0;
24+
25 #ifdef HAVE_CXX11
26
27 std::unique_ptr<MutexFactory> MutexFactory::instance(nullptr);
28@@ -406,6 +408,8 @@ void SoftHSM::reset()
29 {
30 if (instance.get())
31 instance.reset();
32+
33+ objects_deleted = 0;
34 }
35
36 // Constructor
37@@ -445,6 +449,7 @@ SoftHSM::~SoftHSM()
38
39 isInitialised = false;
40
41+ objects_deleted = 1;
42 resetMutexFactoryCallbacks();
43 }
44
45diff --git a/src/lib/main.cpp b/src/lib/main.cpp
46index 2dfd0eb..e89f18c 100644
47--- a/src/lib/main.cpp
48+++ b/src/lib/main.cpp
49@@ -49,6 +49,8 @@
50 #define PKCS_API
51 #endif
52
53+extern int objects_deleted;
54+
55 // PKCS #11 function list
56 static CK_FUNCTION_LIST functionList =
57 {
58@@ -130,6 +132,8 @@ PKCS_API CK_RV C_Initialize(CK_VOID_PTR pInitArgs)
59 {
60 try
61 {
62+ if (objects_deleted == 1)
63+ return CKR_FUNCTION_FAILED;
64 return SoftHSM::i()->C_Initialize(pInitArgs);
65 }
66 catch (...)
67@@ -145,6 +149,8 @@ PKCS_API CK_RV C_Finalize(CK_VOID_PTR pReserved)
68 {
69 try
70 {
71+ if (objects_deleted == 1)
72+ return CKR_FUNCTION_FAILED;
73 return SoftHSM::i()->C_Finalize(pReserved);
74 }
75 catch (...)
76@@ -160,6 +166,8 @@ PKCS_API CK_RV C_GetInfo(CK_INFO_PTR pInfo)
77 {
78 try
79 {
80+ if (objects_deleted == 1)
81+ return CKR_FUNCTION_FAILED;
82 return SoftHSM::i()->C_GetInfo(pInfo);
83 }
84 catch (...)
85@@ -175,6 +183,8 @@ PKCS_API CK_RV C_GetFunctionList(CK_FUNCTION_LIST_PTR_PTR ppFunctionList)
86 {
87 try
88 {
89+ if (objects_deleted == 1)
90+ return CKR_FUNCTION_FAILED;
91 if (ppFunctionList == NULL_PTR) return CKR_ARGUMENTS_BAD;
92
93 *ppFunctionList = &functionList;
94@@ -194,6 +204,8 @@ PKCS_API CK_RV C_GetSlotList(CK_BBOOL tokenPresent, CK_SLOT_ID_PTR pSlotList, CK
95 {
96 try
97 {
98+ if (objects_deleted == 1)
99+ return CKR_FUNCTION_FAILED;
100 return SoftHSM::i()->C_GetSlotList(tokenPresent, pSlotList, pulCount);
101 }
102 catch (...)
103@@ -209,6 +221,8 @@ PKCS_API CK_RV C_GetSlotInfo(CK_SLOT_ID slotID, CK_SLOT_INFO_PTR pInfo)
104 {
105 try
106 {
107+ if (objects_deleted == 1)
108+ return CKR_FUNCTION_FAILED;
109 return SoftHSM::i()->C_GetSlotInfo(slotID, pInfo);
110 }
111 catch (...)
112@@ -224,6 +238,8 @@ PKCS_API CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
113 {
114 try
115 {
116+ if (objects_deleted == 1)
117+ return CKR_FUNCTION_FAILED;
118 return SoftHSM::i()->C_GetTokenInfo(slotID, pInfo);
119 }
120 catch (...)
121@@ -239,6 +255,8 @@ PKCS_API CK_RV C_GetMechanismList(CK_SLOT_ID slotID, CK_MECHANISM_TYPE_PTR pMech
122 {
123 try
124 {
125+ if (objects_deleted == 1)
126+ return CKR_FUNCTION_FAILED;
127 return SoftHSM::i()->C_GetMechanismList(slotID, pMechanismList, pulCount);
128 }
129 catch (...)
130@@ -254,6 +272,8 @@ PKCS_API CK_RV C_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, CK_
131 {
132 try
133 {
134+ if (objects_deleted == 1)
135+ return CKR_FUNCTION_FAILED;
136 return SoftHSM::i()->C_GetMechanismInfo(slotID, type, pInfo);
137 }
138 catch (...)
139@@ -269,6 +289,8 @@ PKCS_API CK_RV C_InitToken(CK_SLOT_ID slotID, CK_UTF8CHAR_PTR pPin, CK_ULONG ulP
140 {
141 try
142 {
143+ if (objects_deleted == 1)
144+ return CKR_FUNCTION_FAILED;
145 return SoftHSM::i()->C_InitToken(slotID, pPin, ulPinLen, pLabel);
146 }
147 catch (...)
148@@ -284,6 +306,8 @@ PKCS_API CK_RV C_InitPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pPin, CK_UL
149 {
150 try
151 {
152+ if (objects_deleted == 1)
153+ return CKR_FUNCTION_FAILED;
154 return SoftHSM::i()->C_InitPIN(hSession, pPin, ulPinLen);
155 }
156 catch (...)
157@@ -299,6 +323,8 @@ PKCS_API CK_RV C_SetPIN(CK_SESSION_HANDLE hSession, CK_UTF8CHAR_PTR pOldPin, CK_
158 {
159 try
160 {
161+ if (objects_deleted == 1)
162+ return CKR_FUNCTION_FAILED;
163 return SoftHSM::i()->C_SetPIN(hSession, pOldPin, ulOldLen, pNewPin, ulNewLen);
164 }
165 catch (...)
166@@ -314,6 +340,8 @@ PKCS_API CK_RV C_OpenSession(CK_SLOT_ID slotID, CK_FLAGS flags, CK_VOID_PTR pApp
167 {
168 try
169 {
170+ if (objects_deleted == 1)
171+ return CKR_FUNCTION_FAILED;
172 return SoftHSM::i()->C_OpenSession(slotID, flags, pApplication, notify, phSession);
173 }
174 catch (...)
175@@ -329,6 +357,8 @@ PKCS_API CK_RV C_CloseSession(CK_SESSION_HANDLE hSession)
176 {
177 try
178 {
179+ if (objects_deleted == 1)
180+ return CKR_FUNCTION_FAILED;
181 return SoftHSM::i()->C_CloseSession(hSession);
182 }
183 catch (...)
184@@ -344,6 +374,8 @@ PKCS_API CK_RV C_CloseAllSessions(CK_SLOT_ID slotID)
185 {
186 try
187 {
188+ if (objects_deleted == 1)
189+ return CKR_FUNCTION_FAILED;
190 return SoftHSM::i()->C_CloseAllSessions(slotID);
191 }
192 catch (...)
193@@ -359,6 +391,8 @@ PKCS_API CK_RV C_GetSessionInfo(CK_SESSION_HANDLE hSession, CK_SESSION_INFO_PTR
194 {
195 try
196 {
197+ if (objects_deleted == 1)
198+ return CKR_FUNCTION_FAILED;
199 return SoftHSM::i()->C_GetSessionInfo(hSession, pInfo);
200 }
201 catch (...)
202@@ -374,6 +408,8 @@ PKCS_API CK_RV C_GetOperationState(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOper
203 {
204 try
205 {
206+ if (objects_deleted == 1)
207+ return CKR_FUNCTION_FAILED;
208 return SoftHSM::i()->C_GetOperationState(hSession, pOperationState, pulOperationStateLen);
209 }
210 catch (...)
211@@ -389,6 +425,8 @@ PKCS_API CK_RV C_SetOperationState(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pOper
212 {
213 try
214 {
215+ if (objects_deleted == 1)
216+ return CKR_FUNCTION_FAILED;
217 return SoftHSM::i()->C_SetOperationState(hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey);
218 }
219 catch (...)
220@@ -404,6 +442,8 @@ PKCS_API CK_RV C_Login(CK_SESSION_HANDLE hSession, CK_USER_TYPE userType, CK_UTF
221 {
222 try
223 {
224+ if (objects_deleted == 1)
225+ return CKR_FUNCTION_FAILED;
226 return SoftHSM::i()->C_Login(hSession, userType, pPin, ulPinLen);
227 }
228 catch (...)
229@@ -419,6 +459,8 @@ PKCS_API CK_RV C_Logout(CK_SESSION_HANDLE hSession)
230 {
231 try
232 {
233+ if (objects_deleted == 1)
234+ return CKR_FUNCTION_FAILED;
235 return SoftHSM::i()->C_Logout(hSession);
236 }
237 catch (...)
238@@ -434,6 +476,8 @@ PKCS_API CK_RV C_CreateObject(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pTemp
239 {
240 try
241 {
242+ if (objects_deleted == 1)
243+ return CKR_FUNCTION_FAILED;
244 return SoftHSM::i()->C_CreateObject(hSession, pTemplate, ulCount, phObject);
245 }
246 catch (...)
247@@ -449,6 +493,8 @@ PKCS_API CK_RV C_CopyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject
248 {
249 try
250 {
251+ if (objects_deleted == 1)
252+ return CKR_FUNCTION_FAILED;
253 return SoftHSM::i()->C_CopyObject(hSession, hObject, pTemplate, ulCount, phNewObject);
254 }
255 catch (...)
256@@ -464,6 +510,8 @@ PKCS_API CK_RV C_DestroyObject(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObj
257 {
258 try
259 {
260+ if (objects_deleted == 1)
261+ return CKR_FUNCTION_FAILED;
262 return SoftHSM::i()->C_DestroyObject(hSession, hObject);
263 }
264 catch (...)
265@@ -479,6 +527,8 @@ PKCS_API CK_RV C_GetObjectSize(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObj
266 {
267 try
268 {
269+ if (objects_deleted == 1)
270+ return CKR_FUNCTION_FAILED;
271 return SoftHSM::i()->C_GetObjectSize(hSession, hObject, pulSize);
272 }
273 catch (...)
274@@ -494,6 +544,8 @@ PKCS_API CK_RV C_GetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE
275 {
276 try
277 {
278+ if (objects_deleted == 1)
279+ return CKR_FUNCTION_FAILED;
280 return SoftHSM::i()->C_GetAttributeValue(hSession, hObject, pTemplate, ulCount);
281 }
282 catch (...)
283@@ -509,6 +561,8 @@ PKCS_API CK_RV C_SetAttributeValue(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE
284 {
285 try
286 {
287+ if (objects_deleted == 1)
288+ return CKR_FUNCTION_FAILED;
289 return SoftHSM::i()->C_SetAttributeValue(hSession, hObject, pTemplate, ulCount);
290 }
291 catch (...)
292@@ -524,6 +578,8 @@ PKCS_API CK_RV C_FindObjectsInit(CK_SESSION_HANDLE hSession, CK_ATTRIBUTE_PTR pT
293 {
294 try
295 {
296+ if (objects_deleted == 1)
297+ return CKR_FUNCTION_FAILED;
298 return SoftHSM::i()->C_FindObjectsInit(hSession, pTemplate, ulCount);
299 }
300 catch (...)
301@@ -539,6 +595,8 @@ PKCS_API CK_RV C_FindObjects(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE_PTR ph
302 {
303 try
304 {
305+ if (objects_deleted == 1)
306+ return CKR_FUNCTION_FAILED;
307 return SoftHSM::i()->C_FindObjects(hSession, phObject, ulMaxObjectCount, pulObjectCount);
308 }
309 catch (...)
310@@ -554,6 +612,8 @@ PKCS_API CK_RV C_FindObjectsFinal(CK_SESSION_HANDLE hSession)
311 {
312 try
313 {
314+ if (objects_deleted == 1)
315+ return CKR_FUNCTION_FAILED;
316 return SoftHSM::i()->C_FindObjectsFinal(hSession);
317 }
318 catch (...)
319@@ -569,6 +629,8 @@ PKCS_API CK_RV C_EncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMecha
320 {
321 try
322 {
323+ if (objects_deleted == 1)
324+ return CKR_FUNCTION_FAILED;
325 return SoftHSM::i()->C_EncryptInit(hSession, pMechanism, hObject);
326 }
327 catch (...)
328@@ -584,6 +646,8 @@ PKCS_API CK_RV C_Encrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG
329 {
330 try
331 {
332+ if (objects_deleted == 1)
333+ return CKR_FUNCTION_FAILED;
334 return SoftHSM::i()->C_Encrypt(hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
335 }
336 catch (...)
337@@ -599,6 +663,8 @@ PKCS_API CK_RV C_EncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK
338 {
339 try
340 {
341+ if (objects_deleted == 1)
342+ return CKR_FUNCTION_FAILED;
343 return SoftHSM::i()->C_EncryptUpdate(hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen);
344 }
345 catch (...)
346@@ -614,6 +680,8 @@ PKCS_API CK_RV C_EncryptFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncrypted
347 {
348 try
349 {
350+ if (objects_deleted == 1)
351+ return CKR_FUNCTION_FAILED;
352 return SoftHSM::i()->C_EncryptFinal(hSession, pEncryptedData, pulEncryptedDataLen);
353 }
354 catch (...)
355@@ -629,6 +697,8 @@ PKCS_API CK_RV C_DecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMecha
356 {
357 try
358 {
359+ if (objects_deleted == 1)
360+ return CKR_FUNCTION_FAILED;
361 return SoftHSM::i()->C_DecryptInit(hSession, pMechanism, hObject);
362 }
363 catch (...)
364@@ -644,6 +714,8 @@ PKCS_API CK_RV C_Decrypt(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncryptedData,
365 {
366 try
367 {
368+ if (objects_deleted == 1)
369+ return CKR_FUNCTION_FAILED;
370 return SoftHSM::i()->C_Decrypt(hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen);
371 }
372 catch (...)
373@@ -659,6 +731,8 @@ PKCS_API CK_RV C_DecryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEncrypte
374 {
375 try
376 {
377+ if (objects_deleted == 1)
378+ return CKR_FUNCTION_FAILED;
379 return SoftHSM::i()->C_DecryptUpdate(hSession, pEncryptedData, ulEncryptedDataLen, pData, pDataLen);
380 }
381 catch (...)
382@@ -674,6 +748,8 @@ PKCS_API CK_RV C_DecryptFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_
383 {
384 try
385 {
386+ if (objects_deleted == 1)
387+ return CKR_FUNCTION_FAILED;
388 return SoftHSM::i()->C_DecryptFinal(hSession, pData, pDataLen);
389 }
390 catch (...)
391@@ -689,6 +765,8 @@ PKCS_API CK_RV C_DigestInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
392 {
393 try
394 {
395+ if (objects_deleted == 1)
396+ return CKR_FUNCTION_FAILED;
397 return SoftHSM::i()->C_DigestInit(hSession, pMechanism);
398 }
399 catch (...)
400@@ -704,6 +782,8 @@ PKCS_API CK_RV C_Digest(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG
401 {
402 try
403 {
404+ if (objects_deleted == 1)
405+ return CKR_FUNCTION_FAILED;
406 return SoftHSM::i()->C_Digest(hSession, pData, ulDataLen, pDigest, pulDigestLen);
407 }
408 catch (...)
409@@ -719,6 +799,8 @@ PKCS_API CK_RV C_DigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_
410 {
411 try
412 {
413+ if (objects_deleted == 1)
414+ return CKR_FUNCTION_FAILED;
415 return SoftHSM::i()->C_DigestUpdate(hSession, pPart, ulPartLen);
416 }
417 catch (...)
418@@ -734,6 +816,8 @@ PKCS_API CK_RV C_DigestKey(CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hObject)
419 {
420 try
421 {
422+ if (objects_deleted == 1)
423+ return CKR_FUNCTION_FAILED;
424 return SoftHSM::i()->C_DigestKey(hSession, hObject);
425 }
426 catch (...)
427@@ -749,6 +833,8 @@ PKCS_API CK_RV C_DigestFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pDigest, CK
428 {
429 try
430 {
431+ if (objects_deleted == 1)
432+ return CKR_FUNCTION_FAILED;
433 return SoftHSM::i()->C_DigestFinal(hSession, pDigest, pulDigestLen);
434 }
435 catch (...)
436@@ -764,6 +850,8 @@ PKCS_API CK_RV C_SignInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanis
437 {
438 try
439 {
440+ if (objects_deleted == 1)
441+ return CKR_FUNCTION_FAILED;
442 return SoftHSM::i()->C_SignInit(hSession, pMechanism, hKey);
443 }
444 catch (...)
445@@ -779,6 +867,8 @@ PKCS_API CK_RV C_Sign(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG ul
446 {
447 try
448 {
449+ if (objects_deleted == 1)
450+ return CKR_FUNCTION_FAILED;
451 return SoftHSM::i()->C_Sign(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
452 }
453 catch (...)
454@@ -794,6 +884,8 @@ PKCS_API CK_RV C_SignUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_UL
455 {
456 try
457 {
458+ if (objects_deleted == 1)
459+ return CKR_FUNCTION_FAILED;
460 return SoftHSM::i()->C_SignUpdate(hSession, pPart, ulPartLen);
461 }
462 catch (...)
463@@ -809,6 +901,8 @@ PKCS_API CK_RV C_SignFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature, C
464 {
465 try
466 {
467+ if (objects_deleted == 1)
468+ return CKR_FUNCTION_FAILED;
469 return SoftHSM::i()->C_SignFinal(hSession, pSignature, pulSignatureLen);
470 }
471 catch (...)
472@@ -824,6 +918,8 @@ PKCS_API CK_RV C_SignRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pM
473 {
474 try
475 {
476+ if (objects_deleted == 1)
477+ return CKR_FUNCTION_FAILED;
478 return SoftHSM::i()->C_SignRecoverInit(hSession, pMechanism, hKey);
479 }
480 catch (...)
481@@ -839,6 +935,8 @@ PKCS_API CK_RV C_SignRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_U
482 {
483 try
484 {
485+ if (objects_deleted == 1)
486+ return CKR_FUNCTION_FAILED;
487 return SoftHSM::i()->C_SignRecover(hSession, pData, ulDataLen, pSignature, pulSignatureLen);
488 }
489 catch (...)
490@@ -854,6 +952,8 @@ PKCS_API CK_RV C_VerifyInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechan
491 {
492 try
493 {
494+ if (objects_deleted == 1)
495+ return CKR_FUNCTION_FAILED;
496 return SoftHSM::i()->C_VerifyInit(hSession, pMechanism, hKey);
497 }
498 catch (...)
499@@ -869,6 +969,8 @@ PKCS_API CK_RV C_Verify(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pData, CK_ULONG
500 {
501 try
502 {
503+ if (objects_deleted == 1)
504+ return CKR_FUNCTION_FAILED;
505 return SoftHSM::i()->C_Verify(hSession, pData, ulDataLen, pSignature, ulSignatureLen);
506 }
507 catch (...)
508@@ -884,6 +986,8 @@ PKCS_API CK_RV C_VerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart, CK_
509 {
510 try
511 {
512+ if (objects_deleted == 1)
513+ return CKR_FUNCTION_FAILED;
514 return SoftHSM::i()->C_VerifyUpdate(hSession, pPart, ulPartLen);
515 }
516 catch (...)
517@@ -899,6 +1003,8 @@ PKCS_API CK_RV C_VerifyFinal(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignature,
518 {
519 try
520 {
521+ if (objects_deleted == 1)
522+ return CKR_FUNCTION_FAILED;
523 return SoftHSM::i()->C_VerifyFinal(hSession, pSignature, ulSignatureLen);
524 }
525 catch (...)
526@@ -914,6 +1020,8 @@ PKCS_API CK_RV C_VerifyRecoverInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR
527 {
528 try
529 {
530+ if (objects_deleted == 1)
531+ return CKR_FUNCTION_FAILED;
532 return SoftHSM::i()->C_VerifyRecoverInit(hSession, pMechanism, hKey);
533 }
534 catch (...)
535@@ -929,6 +1037,8 @@ PKCS_API CK_RV C_VerifyRecover(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSignatur
536 {
537 try
538 {
539+ if (objects_deleted == 1)
540+ return CKR_FUNCTION_FAILED;
541 return SoftHSM::i()->C_VerifyRecover(hSession, pSignature, ulSignatureLen, pData, pulDataLen);
542 }
543 catch (...)
544@@ -944,6 +1054,8 @@ PKCS_API CK_RV C_DigestEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPa
545 {
546 try
547 {
548+ if (objects_deleted == 1)
549+ return CKR_FUNCTION_FAILED;
550 return SoftHSM::i()->C_DigestEncryptUpdate(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
551 }
552 catch (...)
553@@ -959,6 +1071,8 @@ PKCS_API CK_RV C_DecryptDigestUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPa
554 {
555 try
556 {
557+ if (objects_deleted == 1)
558+ return CKR_FUNCTION_FAILED;
559 return SoftHSM::i()->C_DecryptDigestUpdate(hSession, pPart, ulPartLen, pDecryptedPart, pulDecryptedPartLen);
560 }
561 catch (...)
562@@ -974,6 +1088,8 @@ PKCS_API CK_RV C_SignEncryptUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pPart
563 {
564 try
565 {
566+ if (objects_deleted == 1)
567+ return CKR_FUNCTION_FAILED;
568 return SoftHSM::i()->C_SignEncryptUpdate(hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen);
569 }
570 catch (...)
571@@ -989,6 +1105,8 @@ PKCS_API CK_RV C_DecryptVerifyUpdate(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pEn
572 {
573 try
574 {
575+ if (objects_deleted == 1)
576+ return CKR_FUNCTION_FAILED;
577 return SoftHSM::i()->C_DecryptVerifyUpdate(hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen);
578 }
579 catch (...)
580@@ -1004,6 +1122,8 @@ PKCS_API CK_RV C_GenerateKey(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMecha
581 {
582 try
583 {
584+ if (objects_deleted == 1)
585+ return CKR_FUNCTION_FAILED;
586 return SoftHSM::i()->C_GenerateKey(hSession, pMechanism, pTemplate, ulCount, phKey);
587 }
588 catch (...)
589@@ -1029,6 +1149,8 @@ PKCS_API CK_RV C_GenerateKeyPair
590 {
591 try
592 {
593+ if (objects_deleted == 1)
594+ return CKR_FUNCTION_FAILED;
595 return SoftHSM::i()->C_GenerateKeyPair(hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey);
596 }
597 catch (...)
598@@ -1052,6 +1174,8 @@ PKCS_API CK_RV C_WrapKey
599 {
600 try
601 {
602+ if (objects_deleted == 1)
603+ return CKR_FUNCTION_FAILED;
604 return SoftHSM::i()->C_WrapKey(hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen);
605 }
606 catch (...)
607@@ -1077,6 +1201,8 @@ PKCS_API CK_RV C_UnwrapKey
608 {
609 try
610 {
611+ if (objects_deleted == 1)
612+ return CKR_FUNCTION_FAILED;
613 return SoftHSM::i()->C_UnwrapKey(hSession, pMechanism, hUnwrappingKey, pWrappedKey, ulWrappedKeyLen, pTemplate, ulCount, phKey);
614 }
615 catch (...)
616@@ -1100,6 +1226,8 @@ PKCS_API CK_RV C_DeriveKey
617 {
618 try
619 {
620+ if (objects_deleted == 1)
621+ return CKR_FUNCTION_FAILED;
622 return SoftHSM::i()->C_DeriveKey(hSession, pMechanism, hBaseKey, pTemplate, ulCount, phKey);
623 }
624 catch (...)
625@@ -1115,6 +1243,8 @@ PKCS_API CK_RV C_SeedRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pSeed, CK_UL
626 {
627 try
628 {
629+ if (objects_deleted == 1)
630+ return CKR_FUNCTION_FAILED;
631 return SoftHSM::i()->C_SeedRandom(hSession, pSeed, ulSeedLen);
632 }
633 catch (...)
634@@ -1130,6 +1260,8 @@ PKCS_API CK_RV C_GenerateRandom(CK_SESSION_HANDLE hSession, CK_BYTE_PTR pRandomD
635 {
636 try
637 {
638+ if (objects_deleted == 1)
639+ return CKR_FUNCTION_FAILED;
640 return SoftHSM::i()->C_GenerateRandom(hSession, pRandomData, ulRandomLen);
641 }
642 catch (...)
643@@ -1145,6 +1277,8 @@ PKCS_API CK_RV C_GetFunctionStatus(CK_SESSION_HANDLE hSession)
644 {
645 try
646 {
647+ if (objects_deleted == 1)
648+ return CKR_FUNCTION_FAILED;
649 return SoftHSM::i()->C_GetFunctionStatus(hSession);
650 }
651 catch (...)
652@@ -1160,6 +1294,8 @@ PKCS_API CK_RV C_CancelFunction(CK_SESSION_HANDLE hSession)
653 {
654 try
655 {
656+ if (objects_deleted == 1)
657+ return CKR_FUNCTION_FAILED;
658 return SoftHSM::i()->C_CancelFunction(hSession);
659 }
660 catch (...)
661@@ -1175,6 +1311,8 @@ PKCS_API CK_RV C_WaitForSlotEvent(CK_FLAGS flags, CK_SLOT_ID_PTR pSlot, CK_VOID_
662 {
663 try
664 {
665+ if (objects_deleted == 1)
666+ return CKR_FUNCTION_FAILED;
667 return SoftHSM::i()->C_WaitForSlotEvent(flags, pSlot, pReserved);
668 }
669 catch (...)
670--
6712.42.0
672
diff --git a/meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb b/meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb
index 930bca96ff..66f0488792 100644
--- a/meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb
+++ b/meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb
@@ -7,6 +7,7 @@ DEPENDS = "sqlite3"
7 7
8SRC_URI = "https://dist.opendnssec.org/source/softhsm-2.6.1.tar.gz \ 8SRC_URI = "https://dist.opendnssec.org/source/softhsm-2.6.1.tar.gz \
9 file://0001-avoid-unnecessary-check-for-sqlite3-binary.patch \ 9 file://0001-avoid-unnecessary-check-for-sqlite3-binary.patch \
10 file://0002-Prevent-accessing-of-global-c-objects-once-they-are-.patch \
10" 11"
11SRC_URI[sha256sum] = "61249473054bcd1811519ef9a989a880a7bdcc36d317c9c25457fc614df475f2" 12SRC_URI[sha256sum] = "61249473054bcd1811519ef9a989a880a7bdcc36d317c9c25457fc614df475f2"
12 13
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-04-22 10:40:19 +0000