Bugs 130336, and 130387

c_micasad/lib/common/WrappedObject.cs

@@ -1,4 +1,5 @@
 using System;
+using System.Text;
 
 namespace Novell.CASA.MiCasa.Common
 {
@@ -38,13 +39,13 @@ namespace Novell.CASA.MiCasa.Common
 			if (sSecretID != null)
 			{
 				if (sSecretID.StartsWith("SS_CredSet"))
-					m_SecretID = sSecretID + '\0';
+					m_SecretID = "SS_CredSet:" + EscapeReservedChars(sSecretID.Substring(12)) + '\0';
 				else
-					m_SecretID = "SS_CredSet:" + sSecretID + '\0';
+					m_SecretID = "SS_CredSet:" + EscapeReservedChars(sSecretID) + '\0';
 			}
 	
 			if (sKeyID != null)
-				m_KeyID = sKeyID; // + '\0';
+				m_KeyID = EscapeReservedChars(sKeyID); // + '\0';
 
 			// serialize the object
 			m_object = theObject;						
@@ -95,5 +96,34 @@ namespace Novell.CASA.MiCasa.Common
 		{
 			return m_errorMsg;
 		}
+
+		private string EscapeReservedChars(string origString)
+		{
+			StringBuilder sb = new StringBuilder();
+			for (int i=0; i<origString.Length; i++)
+			{
+				switch (origString[i])
+				{
+					case ':'  :	
+					{
+						sb.Append("\\");
+						break;
+					}
+					case '\\' :		
+					{
+						sb.Append("\\");
+						break;
+					}
+					case '='  :
+					{
+						sb.Append("\\");
+						break;
+					}					
+					
+				}
+				sb.Append(origString[i]);				
+			}
+			return sb.ToString();
+		}
 	}
 }

c_micasadk/sscs_ndk.c

@@ -556,7 +556,7 @@ static int32_t sscsshs_ParseSecretBuf
 	// if we've exhausted the buffer, get out.
 	if (*index >= len)
 	{ 
-		return(NSSCS_E_PARSER_FAILURE);
+		return(NSSCS_E_OBJECT_NOT_FOUND);
 	}
 
 	//* extract the key
@@ -1045,14 +1045,14 @@ miCASAReadSecret
 
 	if(SSCS_BINARY_TYPE_F & sharedSecretID->type)
 	{
-		if((rc = sscsshs_ParseBinarySecretBuf(key, &vLen, val, &secBuf) == NSSCS_SUCCESS))
+		if((rc = sscsshs_ParseBinarySecretBuf(key, &vLen, val, &secBuf)) == NSSCS_SUCCESS)
 		{
 			rc = sscsshs_AddSHSBinaryEntry((LL_LINKLIST_T *)secretHandle, key, vLen, val);
 		}
 	}
 	else
 	{
-		while((rc = sscsshs_ParseSecretBuf(&index, sharedSecretID->type, key, (SS_UTF8_T *)val, &secBuf) == NSSCS_SUCCESS))
+		while ((rc = sscsshs_ParseSecretBuf(&index, sharedSecretID->type, key, (SS_UTF8_T *)val, &secBuf)) == NSSCS_SUCCESS)
 		{
 			if(rc = sscsshs_AddSHSEntry((LL_LINKLIST_T *)secretHandle, key, val))
 			{
@@ -1062,6 +1062,10 @@ miCASAReadSecret
 			memset(key, 0, NSSCS_MAX_SECRET_ID_LEN);
 			memset(val, 0, NSSCS_MAX_SECRET_BUF_LEN);
 		}
+
+		// did we exhaust the buffer?
+		if (rc == NSSCS_E_OBJECT_NOT_FOUND)
+			rc = NSSCS_SUCCESS;
 	}		
 
 /* ############################### CODE EXITS HERE ############################# */
@@ -1475,6 +1479,8 @@ miCASAWriteKey
 	uint32_t				escNameLen = 0;
 	SSCS_SECRET_ID_T		secretID = {0};
 	SS_UTF8_T				*escapedSHSName = NULL;	
+	SS_UTF8_T				*escapedSHSKey = NULL;	
+	SS_UTF8_T				*escapedSHSValue = NULL;	
 	SSCS_CONTEXT_T		*	storeContext = (SSCS_CONTEXT_T *)context; 
 										  
 /* ############################## CODE STARTS HERE ############################ */
@@ -1493,13 +1499,35 @@ miCASAWriteKey
 		goto errorLevel2;
 	}
 	
+	if((escapedSHSKey = (SS_UTF8_T *) malloc(NSSCS_MAX_PASSCODE_LEN)) == NULL) 
+	{
+		rc = NSSCS_E_SYSTEM_FAILURE;
+		goto errorLevel1;
+	}
+
+	if((escapedSHSValue = (SS_UTF8_T *) malloc(NSSCS_MAX_PASSCODE_LEN)) == NULL) 
+	{
+		rc = NSSCS_E_SYSTEM_FAILURE;
+		goto errorLevel1;
+	}
+
+
 	memset(secretID.id, 0, NSSCS_MAX_SECRET_ID_LEN);
 	memset(escapedSHSName, 0, NSSCS_MAX_SECRET_ID_LEN);
+	memset(escapedSHSKey, 0, NSSCS_MAX_PASSCODE_LEN);
+	memset(escapedSHSValue, 0, NSSCS_MAX_PASSCODE_LEN);
+	
 
 	// escape delimited characters
 	memcpy(escapedSHSName, sharedSecretID->id, sscs_Utf8StrSize((SS_UTF8_T *)sharedSecretID->id));
 	sscsshs_ChkEscapeString(escapedSHSName);
 
+	memcpy(escapedSHSKey, key, keyLen);
+	sscsshs_ChkEscapeString(escapedSHSKey);
+
+	memcpy(escapedSHSValue, val, valLen);
+	sscsshs_ChkEscapeString(escapedSHSValue);
+		
 	if((escNameLen = sscs_Utf8Strlen((SS_UTF8_T *)escapedSHSName)) < 1)
 	{
 		rc = NSSCS_E_SECRET_ID_TOO_SHORT;
@@ -1513,7 +1541,18 @@ miCASAWriteKey
 	
 	//rc = sscs_CacheWriteSecret(storeContext->ssHandle, ssFlags, keyChainID, &secretID, &secBuf, epPassword, ext);
 	// -1 to prevent the null from being cached in micasad
-	rc = sscs_CacheWriteKey(storeContext->ssHandle, ssFlags, keyChainID, &secretID, key, keyLen-1, val, valLen-1, epPassword, ext);
+
+
+	rc = sscs_CacheWriteKey(storeContext->ssHandle, 
+							ssFlags, 
+							keyChainID, 
+							&secretID, 
+							escapedSHSKey,
+							sscs_Utf8Strlen(escapedSHSKey), 
+							escapedSHSValue, 
+							sscs_Utf8Strlen(escapedSHSValue), 
+							epPassword, 
+							ext);
 
 /* ############################### CODE EXITS HERE ############################# */
 
@@ -1524,6 +1563,19 @@ errorLevel1:
 		free(escapedSHSName);
 	}
 
+	if (escapedSHSKey)
+	{
+		memset(escapedSHSKey, 0, NSSCS_MAX_PASSCODE_LEN);			
+		free(escapedSHSKey);
+	}
+
+	if (escapedSHSValue)
+	{
+		memset(escapedSHSValue, 0, NSSCS_MAX_PASSCODE_LEN);			
+		free(escapedSHSValue);
+	}
+
+
 errorLevel2:
 	memset(secretID.id, 0, NSSCS_MAX_SECRET_ID_LEN);
 

c_sharp/NSSCSWrapper/NativeCalls.cs

@@ -796,7 +796,7 @@ namespace Novell.CASA
 									sKeyChainID,
 									secret.getID(),
 									sKey,
-									sValue);
+									EscapeReservedChars(sValue));
 
 								/*
 								rcode = miCASAWriteKey(
@@ -1311,6 +1311,35 @@ namespace Novell.CASA
 			}
             return value;
         }
+
+		private string EscapeReservedChars(string origString)
+		{
+			StringBuilder sb = new StringBuilder();
+			for (int i=0; i<origString.Length; i++)
+			{
+				switch (origString[i])
+				{
+					case ':'  :	
+					{
+						sb.Append("\\");
+						break;
+					}
+					case '\\' :		
+					{
+						sb.Append("\\");
+						break;
+					}
+					case '='  :
+					{
+						sb.Append("\\");
+						break;
+					}					
+					
+				}
+				sb.Append(origString[i]);				
+			}
+			return sb.ToString();
+		}
 	}
 }