Hello, Andreas Jellinghaus: > Am Dienstag 06 Oktober 2009 16:06:52 schrieb Aktiv Co. Aleksey Samsonov: >> Aktiv Co. Aleksey Samsonov: >>> Hello, >>> Rutoken initialization failed after >>> http://www.opensc-project.org/opensc/changeset/3765#file8 >>> $ pkcs15-init -l "Rutoken ECP User PIN" -a 02 --pin "12345678" --puk "" >>> -P --so-pin "87654321" -F >>> Failed to store PIN: Requested object not found >>> => >>> new_entry -> calloc >>> ... >>> sc_keycache_get_key -> search_key -> if (s->len != 0) then error >>> >>> Any idea? >>> Thanks. >> Cause: http://www.opensc-project.org/opensc/changeset/3741 > > hmm. I'm not 100% sure how keycache works either. but > that code is bogus - int is returned from the function, > written into an unsigned int, which is then checked "< 0" > which can't ever happen to unsigned int. > > thus I "fixed" the code to get the value as int, > compare "< 0" and only write it into the unsigned int > len field if it is >= 0.
Your patch is good, bug in http://www.opensc-project.org/opensc/changeset/3741 Alternative: Index: src/pkcs15init/keycache.c =================================================================== --- src/pkcs15init/keycache.c (revision 3765) +++ src/pkcs15init/keycache.c (working copy) @@ -267,9 +267,8 @@ return SC_ERROR_OUT_OF_MEMORY; r = sc_keycache_get_key(path, SC_AC_CHV, -1, s->value, MAX_SECRET); - if(r < 0) - return SC_ERROR_OBJECT_NOT_FOUND; - s->len = r; + if (r > 0) + s->len = r; } /* Set the pin name */ ------- but I think this is not good idea. I think, we need to rollback: Index: src/pkcs15init/keycache.c =================================================================== --- src/pkcs15init/keycache.c (revision 3765) +++ src/pkcs15init/keycache.c (working copy) @@ -259,17 +259,11 @@ } if (ref >= 0) { - int r; /* Create the named PIN if it doesn't exist */ if (!(s = find_entry(path, SC_AC_CHV, ref, 0))) { s = new_entry(path, SC_AC_CHV, ref); if (s == NULL) return SC_ERROR_OUT_OF_MEMORY; - - r = sc_keycache_get_key(path, SC_AC_CHV, -1, s->value, MAX_SECRET); - if(r < 0) - return SC_ERROR_OBJECT_NOT_FOUND; - s->len = r; } /* Set the pin name */ ------- > but no idea when keycache code is actually used. > can you post a backtrace? or does anyone else know? Rainbow iKey 3000 initialization failed also: $ pkcs15-init -E -C --so-pin "87654321" --so-puk "" Using reader with a card: Rainbow iKey 3000 $ gdb pkcs15-init (gdb) set args -l "User PIN" -a 02 --pin "12345678" --puk "" -P --so-pin "87654321" -F (gdb) break sc_keycache_set_pin_name (gdb) run Starting program: /usr/local/bin/pkcs15-init -l "User PIN" -a 02 --pin "12345678" --puk "" -P --so-pin "87654321" -F Breakpoint 2 at 0xb7e62649: file keycache.c, line 251. Pending breakpoint "sc_keycache_set_pin_name" resolved Using reader with a card: Rainbow iKey 3000 Breakpoint 2, sc_keycache_set_pin_name (path=0x8141bf8, ref=1, name=0) at keycache.c:251 251 if (name < 0 || name >= SC_PKCS15INIT_NPINS) (gdb) n 248 { (gdb) 251 if (name < 0 || name >= SC_PKCS15INIT_NPINS) (gdb) 256 if ((old = named_pin[name]) != NULL) { (gdb) 261 if (ref >= 0) { (gdb) 264 if (!(s = find_entry(path, SC_AC_CHV, ref, 0))) { (gdb) 265 s = new_entry(path, SC_AC_CHV, ref); (gdb) 266 if (s == NULL) (gdb) p/x *s $2 = {next = 0x0, path = {value = {0x3f, 0x0, 0x50, 0x15, 0x0 <repeats 12 times>}, len = 0x4, index = 0x0, count = 0xffffffff, type = 0x2}, type = 0x1, ref = 0x1, named_pin = 0xffffffff, len = 0x0, value = {0x0 <repeats 32 times>}} (gdb) bt #0 sc_keycache_set_pin_name (path=0x8141bf8, ref=1, name=0) at keycache.c:266 #1 0xb7e59618 in set_so_pin_from_card (p15card=Variable "p15card" is not available. ) at pkcs15-lib.c:3213 #2 0xb7e5a775 in sc_pkcs15init_store_pin (p15card=0x8140dd0, profile=0x813fe38, args=0xbfa9a1f8) at pkcs15-lib.c:1017 #3 0x0804e142 in main (argc=Cannot access memory at address 0x0 ) at pkcs15-init.c:716 (gdb) n 269 r = sc_keycache_get_key(path, SC_AC_CHV, -1, s->value, MAX_SECRET); (gdb) s sc_keycache_get_key (path=0x8141bf8, type=1, ref=-1, key=0x8143254 "", size=32) at keycache.c:222 (gdb) 222 if (!(s = search_key(path, type, ref))) (gdb) search_key (path=0x8141bf8, type=1, ref=-1) at keycache.c:126 126 if (type == SC_AC_SYMBOLIC) { (gdb) n 123 { (gdb) 126 if (type == SC_AC_SYMBOLIC) { (gdb) 134 for (s = secret_cache; s; s = s->next) { (gdb) 135 if (s->len != 0 (gdb) p/x *s $3 = {next = 0x0, path = {value = {0x3f, 0x0, 0x50, 0x15, 0x0 <repeats 12 times>}, len = 0x4, index = 0x0, count = 0xffffffff, type = 0x2}, type = 0x1, ref = 0x1, named_pin = 0xffffffff, len = 0x0, value = {0x0 <repeats 32 times>}} (gdb) n 147 } (gdb) sc_keycache_get_key (path=0x8141bf8, type=1, ref=-1, key=0x8143254 "", size=32) at keycache.c:229 229 } (gdb) sc_keycache_set_pin_name (path=0x8141bf8, ref=1, name=0) at keycache.c:270 270 if(r < 0) (gdb) p/x r $4 = 0xfffffa81 (gdb) p r $5 = -1407 (gdb) n 292 } (gdb) c Continuing. Failed to store PIN: Requested object not found Program exited with code 01. Thanks _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
