*heh* ;-)
This morning *I* installed Fedora 16 and tried it out with a pkcs12 file for the client identity. Same memory allocation error. Maybe libcoolkey has issues, but it's not the only problem.
Looks like I'll be spending a few days getting a true blue (red?) RHEL 6.2 system so I can submit a couple of service requests. I have a critical customer who will be needing this as part of some upgrades in a few months. I think we have time to do this right/officially.
On May 7, 2012, at 11:53 AM, Douglas E. Engert wrote:
> On 5/7/2012 9:45 AM, Douglas E. Engert wrote:
>>
>>
>> On 5/5/2012 12:58 PM, Henry B. Hotz wrote:
>>> Thanks for the info. I may have issues to deal with afer this one. *sigh*
>>>
>>> Since the specific problem shows with a PKCS12 credential as well, I'm thinking I should get a real RedHat 6.2 instance to test with first.
>>>
>
> Here is a possible patch that appears to work for 1024 bit keys at least:
>
> --- ./src/libckyapplet/,cky_applet.c Fri May 4 13:34:35 2012
> +++ ./src/libckyapplet/cky_applet.c Mon May 7 13:40:23 2012
> @@ -1298,7 +1298,7 @@
> if (length + dataSize > CKY_MAX_WRITE_CHUNK_SIZE) {
> CKYBuffer_AppendBuffer(&tmp, data, 0, CKY_MAX_WRITE_CHUNK_SIZE-length);
> } else {
> - CKYBuffer_AppendBuffer(&tmp, data, 0, length+dataSize);
> + CKYBuffer_AppendBuffer(&tmp, data, 0, dataSize);
> }
>
> prsd.tag_1.tag = 0;
> @@ -1331,7 +1331,7 @@
> }
>
> pasd.chain = 0;
> - pasd.len = dataSize;
> + pasd.len = dataSize + 1 + ber_len_1 + 1 + ber_len_2;
>
> ret = CKYApplet_HandleAPDU(conn, PIVAppletFactory_SignDecrypt,
> &pasd, NULL, CKY_SIZE_UNKNOWN,
_______________________________________________
Coolkey-devel mailing list
Coolkey-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/coolkey-devel
