Security Audit. Checkpoint changes thus far to c code.

include/micasa.h

@@ -238,7 +238,7 @@ typedef struct _sscs_passcode
 
 typedef struct _sscs_secretstore
 {
-	uint32_t			version;
+	uint32_t			version;	
 	SS_UTF8_T			ssName[NSSCS_MAX_SECRET_ID_LEN];
 } SSCS_SECRETSTORE_T;
 
@@ -455,10 +455,10 @@ miCASAWriteKey
 	uint32_t				ssFlags, 
 	SSCS_KEYCHAIN_ID_T	*	keyChainID, 	
 	SSCS_SECRET_ID_T	*	sharedSecretID,
-    SS_UTF8_T           *	key,
-    uint32_t                keyLen,
-    uint8_t             *	val,
-    uint32_t                valLen,	
+  SS_UTF8_T           *	key,
+  uint32_t                keyLen,
+  uint8_t             *	val,
+  uint32_t                valLen,	
 	SSCS_PASSWORD_T		*	epPassword, 
 	SSCS_EXT_T			*	ext
 );
@@ -470,10 +470,10 @@ miCASAWriteBinaryKey
 	uint32_t				ssFlags, 
 	SSCS_KEYCHAIN_ID_T	*	keyChainID, 	
 	SSCS_SECRET_ID_T	*	sharedSecretID,
-    SS_UTF8_T           *	key,
-    uint32_t                keyLen,
-    uint8_t             *	val,
-    uint32_t            *   valLen,	
+  SS_UTF8_T           *	key,
+  uint32_t                keyLen,
+  uint8_t             *	val,
+  uint32_t            *   valLen,	
 	SSCS_PASSWORD_T		*	epPassword, 
 	SSCS_EXT_T			*	ext
 );
@@ -485,10 +485,10 @@ miCASAReadKey
 	uint32_t				ssFlags, 
 	SSCS_KEYCHAIN_ID_T	*	keyChainID, 	
 	SSCS_SECRET_ID_T	*	sharedSecretID,
-    SS_UTF8_T           *	key,
-    uint32_t                keyLen,
-    uint8_t             *	val,
-    uint32_t            *   valLen,	
+  SS_UTF8_T           *	key,
+  uint32_t                keyLen,
+  uint8_t             *	val,
+  uint32_t            *   valLen,	
 	SSCS_PASSWORD_T		*	epPassword, 
 	uint32_t			*   bytesRequired,
 	SSCS_EXT_T			*	ext
@@ -501,10 +501,10 @@ miCASAReadBinaryKey
 	uint32_t				ssFlags, 
 	SSCS_KEYCHAIN_ID_T	*	keyChainID, 	
 	SSCS_SECRET_ID_T	*	sharedSecretID,
-    SS_UTF8_T           *	key,
-    uint32_t                keyLen,
-    uint8_t             *	val,
-    uint32_t            *   valLen,	
+  SS_UTF8_T           *	key,
+  uint32_t                keyLen,
+  uint8_t             *	val,
+  uint32_t            *   valLen,	
 	SSCS_PASSWORD_T		*	epPassword, 
 	uint32_t			*   bytesRequired,
 	SSCS_EXT_T			*	ext
@@ -546,6 +546,7 @@ SSCS_EXTERN_LIBCALL(int32_t)
 miCASA_AddSHSEntry
 (
 	void			*secretHandle,
+	uint32_t		keyLen,
 	SS_UTF8_T		*key,
 	uint32_t		valueLen,
 	uint8_t			*value
@@ -554,7 +555,8 @@ miCASA_AddSHSEntry
 SSCS_EXTERN_LIBCALL(int32_t)
 miCASA_RemoveSHSEntry
 (
-	void 			*secretHandle, 
+	void 			*secretHandle,
+	uint32_t		keyLen,
 	SS_UTF8_T		*key, 
 	uint32_t		valueLen,
 	uint8_t			*value

include/micasa_mgmd.h

@@ -44,13 +44,13 @@ extern "C"
 typedef	unsigned char	SS_UTF8_T;
 #endif
 
-#define 	NSSCS_MAX_USERID_LEN			256	    //* max username (bytes)
+#define NSSCS_MAX_USERID_LEN			256	    //* max username (bytes)
 #define	NSSCS_MAX_PWORD_LEN				128		//* max password (bytes)
 #define	NSSCS_MAX_SECRET_ID_LEN			512		//* in bytes including NULL
 
 // used to denote what structure is being used for the credentials
-#define		SSCS_CRED_TYPE_BASIC_F		0x00000001L
-#define		SSCS_CRED_TYPE_BINARY_F		0x00000002L
+#define	SSCS_CRED_TYPE_BASIC_F			0x00000001L
+#define	SSCS_CRED_TYPE_BINARY_F			0x00000002L
 
 // used to denote the type of username being requested or set
 #define USERNAME_TYPE_CN_F				0x00000000L  // default behavior
@@ -96,6 +96,7 @@ typedef	struct _sscs_ext_t
 	/* ############################## ERROR CODES ############################ */
 	/* ####################################################################### */
 
+
 #define		NSSCS_SUCCESS					0x00000000		/*    0 */
 #define		NSSCS_E_OBJECT_NOT_FOUND		0xFFFFFCE0		/* -800 */
 #define		NSSCS_E_NICI_FAILURE			0xFFFFFCDF		/* -801 */
@@ -146,13 +147,13 @@ typedef	struct _sscs_ext_t
 #define		NSSCS_E_VERSION_MISMATCH		0xFFFFFCB2		/* -846 */
 #define		NSSCS_E_SECRET_BUFF_TOO_SHORT	0xFFFFFCB1		/* -847 */
 #define	 	NSSCS_E_SH_SECRET_FAILURE		0xFFFFFCB0		/* -848 */
-#define  		NSSCS_E_PARSER_FAILURE			0xFFFFFCAF		/* -849 */
-#define  		NSSCS_E_UTF8_OP_FAILURE			0xFFFFFCAE		/* -850 */
-#define  		NSSCS_E_CTX_LESS_CN_NOT_UNIQUE	0xFFFFFCAD		/* -851 */
-#define  		NSSCS_E_UNSUPPORTED_BIND_CRED	0xFFFFFCAC		/* -852 */
-#define  		NSSCS_E_CERTIFICATE_NOT_FOUND	0xFFFFFCAB		/* -853 */
-#define  		NSSCS_E_CANT_OPEN_CLIENT_CACHE	0xFFFFFCAA		/* -854 */
-#define  		NSSCS_E_WRONG_SH_SEC_TYPE		0xFFFFFCA9		/* -855 */
+#define  	NSSCS_E_PARSER_FAILURE			0xFFFFFCAF		/* -849 */
+#define  	NSSCS_E_UTF8_OP_FAILURE			0xFFFFFCAE		/* -850 */
+#define  	NSSCS_E_CTX_LESS_CN_NOT_UNIQUE	0xFFFFFCAD		/* -851 */
+#define  	NSSCS_E_UNSUPPORTED_BIND_CRED	0xFFFFFCAC		/* -852 */
+#define  	NSSCS_E_CERTIFICATE_NOT_FOUND	0xFFFFFCAB		/* -853 */
+#define  	NSSCS_E_CANT_OPEN_CLIENT_CACHE	0xFFFFFCAA		/* -854 */
+#define  	NSSCS_E_WRONG_SH_SEC_TYPE		0xFFFFFCA9		/* -855 */
 
 #define		NSSCS_E_NOT_IMPLEMENTED			0xFFFFFC88		/* -888 */
 #define		NSSCS_E_BETA_EXPIRED			0xFFFFFC7D		/* -899 */
@@ -339,8 +340,6 @@ typedef	struct _sscs_ext_t
 
 	########################### END OFERROR CODES ########################## */
 
-#endif // _SSCS_SDK_H_
-
 
 	// * The following functions will be exposed as exported API:
 	// **************************************************************
@@ -425,4 +424,5 @@ typedef	struct _sscs_ext_t
 }
 #endif
 
+#endif
 

include/sscs_ipc.h

@@ -57,6 +57,11 @@ typedef uint8_t Byte;
 #include <sscs_lldefs.h>
 #include <errno.h>
 
+void * ipc_win_create(void);
+int ipc_win_write(HANDLE hPipe, LPCVOID lpBuffer, DWORD bytesToWrite);
+int ipc_win_read(HANDLE hPipe, LPVOID lpBuffer, DWORD numOfBytesToRead);
+int ipc_win_close(HANDLE hPipe);
+
 #define IPC_CREATE()		 ipc_win_create();
 #define IPC_READ(s1,s2,s3)   ipc_win_read(s1,s2,s3);
 #define IPC_WRITE(s1,s2,s3)  ipc_win_write(s1,s2,s3);

include/sscs_utf8.h

@@ -38,15 +38,15 @@ typedef	unsigned char SS_UTF8_T;
 
 #define sscs_Utf8Strlen(s)			sscs_strlen((s))
 #define sscs_Utf8StrSize(s)			(sscs_strlen((s)) ? (sscs_strlen((s))+1) : 0)
-#define sscs_Utf8Strcpy(s1, s2)		sscs_strcpy((s1), (s2))
-#define sscs_Utf8Strcat(s1, s2)		sscs_strcat((s1), (s2))
-#define sscs_Utf8Strcmp(s1, s2)		sscs_strcmp((s1), (s2))
-#define sscs_Utf8Stricmp(s1, s2)		sscs_stricmp((s1), (s2))
-#define sscs_Utf8Strstr(s1, s2)		sscs_strstr((s1), (s2))
-#define sscs_Utf8Strchr(s1, c)		sscs_strchr((s1), (c))
-#define sscs_Utf8Strncat(s1, s2, c)	sscs_strncat((s1), (s2), (c))
-#define sscs_Utf8Strncmp(s1, s2, c)	sscs_strncmp((s1), (s2), (c))
-#define sscs_Utf8Strncpy(s1, s2, c)	sscs_strncpy((s1), (s2), (c))
+#define sscs_Utf8Strcpy(s1, s2)		sscs_strcpy((s1),(s2))
+#define sscs_Utf8Strcat(s1, s2)		sscs_strcat((s1),(s2))
+#define sscs_Utf8Strcmp(s1, s2)		sscs_strcmp((s1),(s2))
+#define sscs_Utf8Stricmp(s1, s2)		sscs_stricmp((s1),(s2))
+#define sscs_Utf8Strstr(s1, s2)		sscs_strstr((s1),(s2))
+#define sscs_Utf8Strchr(s1, c)		sscs_strchr((s1),(c))
+#define sscs_Utf8Strncat(s1, s2, l)	{(s2)[(l)-1]='\0';strncat((s1),(s2),(l));}
+#define sscs_Utf8Strncmp(s1, s2, l)	(strncmp((s1),(s2),(l)))
+#define sscs_Utf8Strncpy(s1, s2, l)	{(s2)[(l)-1]='\0';strncpy((s1),(s2),(l));}
 
 
 #if defined(__cplusplus) || defined(c_plusplus)