diff --git a/c_micasad/lib/common/WrappedObject.cs b/c_micasad/lib/common/WrappedObject.cs index 4c416276..0a6b24d3 100644 --- a/c_micasad/lib/common/WrappedObject.cs +++ b/c_micasad/lib/common/WrappedObject.cs @@ -1,4 +1,5 @@ using System; +using System.Text; namespace Novell.CASA.MiCasa.Common { @@ -14,7 +15,7 @@ namespace Novell.CASA.MiCasa.Common private int m_verb = 0; private string m_KeychainID = null; private string m_SecretID = null; - private string m_KeyID = null; + private string m_KeyID = null; private object m_object; @@ -38,13 +39,13 @@ namespace Novell.CASA.MiCasa.Common if (sSecretID != null) { if (sSecretID.StartsWith("SS_CredSet")) - m_SecretID = sSecretID + '\0'; + m_SecretID = "SS_CredSet:" + EscapeReservedChars(sSecretID.Substring(12)) + '\0'; else - m_SecretID = "SS_CredSet:" + sSecretID + '\0'; + m_SecretID = "SS_CredSet:" + EscapeReservedChars(sSecretID) + '\0'; } if (sKeyID != null) - m_KeyID = sKeyID; // + '\0'; + m_KeyID = EscapeReservedChars(sKeyID); // + '\0'; // serialize the object m_object = theObject; @@ -95,5 +96,34 @@ namespace Novell.CASA.MiCasa.Common { return m_errorMsg; } + + private string EscapeReservedChars(string origString) + { + StringBuilder sb = new StringBuilder(); + for (int i=0; i= len) { - return(NSSCS_E_PARSER_FAILURE); + return(NSSCS_E_OBJECT_NOT_FOUND); } //* extract the key @@ -1045,14 +1045,14 @@ miCASAReadSecret if(SSCS_BINARY_TYPE_F & sharedSecretID->type) { - if((rc = sscsshs_ParseBinarySecretBuf(key, &vLen, val, &secBuf) == NSSCS_SUCCESS)) + if((rc = sscsshs_ParseBinarySecretBuf(key, &vLen, val, &secBuf)) == NSSCS_SUCCESS) { rc = sscsshs_AddSHSBinaryEntry((LL_LINKLIST_T *)secretHandle, key, vLen, val); } } else { - while((rc = sscsshs_ParseSecretBuf(&index, sharedSecretID->type, key, (SS_UTF8_T *)val, &secBuf) == NSSCS_SUCCESS)) + while ((rc = sscsshs_ParseSecretBuf(&index, sharedSecretID->type, key, (SS_UTF8_T *)val, &secBuf)) == NSSCS_SUCCESS) { if(rc = sscsshs_AddSHSEntry((LL_LINKLIST_T *)secretHandle, key, val)) { @@ -1062,7 +1062,11 @@ miCASAReadSecret memset(key, 0, NSSCS_MAX_SECRET_ID_LEN); memset(val, 0, NSSCS_MAX_SECRET_BUF_LEN); } - } + + // did we exhaust the buffer? + if (rc == NSSCS_E_OBJECT_NOT_FOUND) + rc = NSSCS_SUCCESS; + } /* ############################### CODE EXITS HERE ############################# */ @@ -1475,6 +1479,8 @@ miCASAWriteKey uint32_t escNameLen = 0; SSCS_SECRET_ID_T secretID = {0}; SS_UTF8_T *escapedSHSName = NULL; + SS_UTF8_T *escapedSHSKey = NULL; + SS_UTF8_T *escapedSHSValue = NULL; SSCS_CONTEXT_T * storeContext = (SSCS_CONTEXT_T *)context; /* ############################## CODE STARTS HERE ############################ */ @@ -1493,12 +1499,34 @@ miCASAWriteKey goto errorLevel2; } + if((escapedSHSKey = (SS_UTF8_T *) malloc(NSSCS_MAX_PASSCODE_LEN)) == NULL) + { + rc = NSSCS_E_SYSTEM_FAILURE; + goto errorLevel1; + } + + if((escapedSHSValue = (SS_UTF8_T *) malloc(NSSCS_MAX_PASSCODE_LEN)) == NULL) + { + rc = NSSCS_E_SYSTEM_FAILURE; + goto errorLevel1; + } + + memset(secretID.id, 0, NSSCS_MAX_SECRET_ID_LEN); memset(escapedSHSName, 0, NSSCS_MAX_SECRET_ID_LEN); + memset(escapedSHSKey, 0, NSSCS_MAX_PASSCODE_LEN); + memset(escapedSHSValue, 0, NSSCS_MAX_PASSCODE_LEN); + // escape delimited characters memcpy(escapedSHSName, sharedSecretID->id, sscs_Utf8StrSize((SS_UTF8_T *)sharedSecretID->id)); sscsshs_ChkEscapeString(escapedSHSName); + + memcpy(escapedSHSKey, key, keyLen); + sscsshs_ChkEscapeString(escapedSHSKey); + + memcpy(escapedSHSValue, val, valLen); + sscsshs_ChkEscapeString(escapedSHSValue); if((escNameLen = sscs_Utf8Strlen((SS_UTF8_T *)escapedSHSName)) < 1) { @@ -1513,7 +1541,18 @@ miCASAWriteKey //rc = sscs_CacheWriteSecret(storeContext->ssHandle, ssFlags, keyChainID, &secretID, &secBuf, epPassword, ext); // -1 to prevent the null from being cached in micasad - rc = sscs_CacheWriteKey(storeContext->ssHandle, ssFlags, keyChainID, &secretID, key, keyLen-1, val, valLen-1, epPassword, ext); + + + rc = sscs_CacheWriteKey(storeContext->ssHandle, + ssFlags, + keyChainID, + &secretID, + escapedSHSKey, + sscs_Utf8Strlen(escapedSHSKey), + escapedSHSValue, + sscs_Utf8Strlen(escapedSHSValue), + epPassword, + ext); /* ############################### CODE EXITS HERE ############################# */ @@ -1524,6 +1563,19 @@ errorLevel1: free(escapedSHSName); } + if (escapedSHSKey) + { + memset(escapedSHSKey, 0, NSSCS_MAX_PASSCODE_LEN); + free(escapedSHSKey); + } + + if (escapedSHSValue) + { + memset(escapedSHSValue, 0, NSSCS_MAX_PASSCODE_LEN); + free(escapedSHSValue); + } + + errorLevel2: memset(secretID.id, 0, NSSCS_MAX_SECRET_ID_LEN); diff --git a/c_sharp/NSSCSWrapper/NativeCalls.cs b/c_sharp/NSSCSWrapper/NativeCalls.cs index 3fe240f8..112a067c 100644 --- a/c_sharp/NSSCSWrapper/NativeCalls.cs +++ b/c_sharp/NSSCSWrapper/NativeCalls.cs @@ -796,7 +796,7 @@ namespace Novell.CASA sKeyChainID, secret.getID(), sKey, - sValue); + EscapeReservedChars(sValue)); /* rcode = miCASAWriteKey( @@ -1309,8 +1309,37 @@ namespace Novell.CASA Console.WriteLine(e.ToString()); } } - return value; - } + return value; + } + + private string EscapeReservedChars(string origString) + { + StringBuilder sb = new StringBuilder(); + for (int i=0; i