Fixes AES secret key import failing on newline characters

ijsf · ijsf · commit 9255a6dd5af5 · 2024-04-30T23:02:46.000+02:00
diff --git a/src/bin/util/softhsm2-util-botan.cpp b/src/bin/util/softhsm2-util-botan.cpp
@@ -68,15 +68,17 @@ int crypto_import_aes_key
 	size_t objIDLen
 )
 {
-	const size_t cMaxAesKeySize = 1024 + 1; // including null-character
+	const size_t cMaxAesKeySize = 1024;
 	char aesKeyValue[cMaxAesKeySize];
+	size_t aesKeyLength = 0;
 	FILE* fp = fopen(filePath, "rb");
 	if (fp == NULL)
 	{
 		fprintf(stderr, "ERROR: Could not open the secret key file.\n");
 		return 1;
 	}
-	if (fgets(aesKeyValue, cMaxAesKeySize, fp) == NULL)
+	aesKeyLength = fread(aesKeyValue, 1, cMaxAesKeySize, fp);
+	if (aesKeyLength == 0)
 	{
 		fprintf(stderr, "ERROR: Could not read the secret key file.\n");
 		fclose(fp);
@@ -96,7 +98,7 @@ int crypto_import_aes_key
 		{ CKA_ENCRYPT,          &ckTrue,      sizeof(ckTrue) },
 		{ CKA_DECRYPT,          &ckTrue,      sizeof(ckTrue) },
 		{ CKA_SENSITIVE,        &ckTrue,      sizeof(ckTrue) },
-        	{ CKA_VALUE,		&aesKeyValue, strlen(aesKeyValue) }
+        	{ CKA_VALUE,		&aesKeyValue, aesKeyLength }
 	};
 
 	CK_OBJECT_HANDLE hKey;
diff --git a/src/bin/util/softhsm2-util-ossl.cpp b/src/bin/util/softhsm2-util-ossl.cpp
@@ -81,15 +81,17 @@ int crypto_import_aes_key
 	size_t objIDLen
 )
 {
-	const size_t cMaxAesKeySize = 1024 + 1; // including null-character
+	const size_t cMaxAesKeySize = 1024;
 	char aesKeyValue[cMaxAesKeySize];
+	size_t aesKeyLength = 0;
 	FILE* fp = fopen(filePath, "rb");
 	if (fp == NULL)
 	{
 		fprintf(stderr, "ERROR: Could not open the secret key file.\n");
 		return 1;
 	}
-	if (fgets(aesKeyValue, cMaxAesKeySize, fp) == NULL)
+	aesKeyLength = fread(aesKeyValue, 1, cMaxAesKeySize, fp);
+	if (aesKeyLength == 0)
 	{
 		fprintf(stderr, "ERROR: Could not read the secret key file.\n");
 		fclose(fp);
@@ -109,7 +111,7 @@ int crypto_import_aes_key
 		{ CKA_ENCRYPT,          &ckTrue,      sizeof(ckTrue) },
 		{ CKA_DECRYPT,          &ckTrue,      sizeof(ckTrue) },
 		{ CKA_SENSITIVE,        &ckTrue,      sizeof(ckTrue) },
-        	{ CKA_VALUE,		&aesKeyValue, strlen(aesKeyValue) }
+        	{ CKA_VALUE,		&aesKeyValue, aesKeyLength }
 	};
 
 	CK_OBJECT_HANDLE hKey;

Original file line number	Diff line number	Diff line change
`@@ -68,15 +68,17 @@ int crypto_import_aes_key`
`68`	`68`	`size_t objIDLen`
`69`	`69`	`)`
`70`	`70`	`{`
`71`		`- const size_t cMaxAesKeySize = 1024 + 1; // including null-character`
	`71`	`+ const size_t cMaxAesKeySize = 1024;`
`72`	`72`	`char aesKeyValue[cMaxAesKeySize];`
	`73`	`+ size_t aesKeyLength = 0;`
`73`	`74`	`FILE* fp = fopen(filePath, "rb");`
`74`	`75`	`if (fp == NULL)`
`75`	`76`	`{`
`76`	`77`	`fprintf(stderr, "ERROR: Could not open the secret key file.\n");`
`77`	`78`	`return 1;`
`78`	`79`	`}`
`79`		`- if (fgets(aesKeyValue, cMaxAesKeySize, fp) == NULL)`
	`80`	`+ aesKeyLength = fread(aesKeyValue, 1, cMaxAesKeySize, fp);`
	`81`	`+ if (aesKeyLength == 0)`
`80`	`82`	`{`
`81`	`83`	`fprintf(stderr, "ERROR: Could not read the secret key file.\n");`
`82`	`84`	`fclose(fp);`
`@@ -96,7 +98,7 @@ int crypto_import_aes_key`
`96`	`98`	`{ CKA_ENCRYPT, &ckTrue, sizeof(ckTrue) },`
`97`	`99`	`{ CKA_DECRYPT, &ckTrue, sizeof(ckTrue) },`
`98`	`100`	`{ CKA_SENSITIVE, &ckTrue, sizeof(ckTrue) },`
`99`		`- { CKA_VALUE, &aesKeyValue, strlen(aesKeyValue) }`
	`101`	`+ { CKA_VALUE, &aesKeyValue, aesKeyLength }`
`100`	`102`	`};`
`101`	`103`
`102`	`104`	`CK_OBJECT_HANDLE hKey;`
Original file line number	Diff line number	Diff line change
`@@ -81,15 +81,17 @@ int crypto_import_aes_key`
`81`	`81`	`size_t objIDLen`
`82`	`82`	`)`
`83`	`83`	`{`
`84`		`- const size_t cMaxAesKeySize = 1024 + 1; // including null-character`
	`84`	`+ const size_t cMaxAesKeySize = 1024;`
`85`	`85`	`char aesKeyValue[cMaxAesKeySize];`
	`86`	`+ size_t aesKeyLength = 0;`
`86`	`87`	`FILE* fp = fopen(filePath, "rb");`
`87`	`88`	`if (fp == NULL)`
`88`	`89`	`{`
`89`	`90`	`fprintf(stderr, "ERROR: Could not open the secret key file.\n");`
`90`	`91`	`return 1;`
`91`	`92`	`}`
`92`		`- if (fgets(aesKeyValue, cMaxAesKeySize, fp) == NULL)`
	`93`	`+ aesKeyLength = fread(aesKeyValue, 1, cMaxAesKeySize, fp);`
	`94`	`+ if (aesKeyLength == 0)`
`93`	`95`	`{`
`94`	`96`	`fprintf(stderr, "ERROR: Could not read the secret key file.\n");`
`95`	`97`	`fclose(fp);`
`@@ -109,7 +111,7 @@ int crypto_import_aes_key`
`109`	`111`	`{ CKA_ENCRYPT, &ckTrue, sizeof(ckTrue) },`
`110`	`112`	`{ CKA_DECRYPT, &ckTrue, sizeof(ckTrue) },`
`111`	`113`	`{ CKA_SENSITIVE, &ckTrue, sizeof(ckTrue) },`
`112`		`- { CKA_VALUE, &aesKeyValue, strlen(aesKeyValue) }`
	`114`	`+ { CKA_VALUE, &aesKeyValue, aesKeyLength }`
`113`	`115`	`};`
`114`	`116`
`115`	`117`	`CK_OBJECT_HANDLE hKey;`