Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Viktor Tarasov 
On Thu, Sep 27, 2012 at 1:13 PM, Andreas Schwier <
andreas.schw...@cardcontact.de> wrote:

> Just tried the same.
>
> There is also a SIGV if you try to delete the public key alone.
> Apparently the public key object in the framework has no related object
> in the pkcs15 layer.
>


Public key PKCS#11 object is created from certificate if there is no
corresponding PKCS#15 public key object.
https://github.com/OpenSC/OpenSC/blob/master/src/pkcs11/framework-pkcs15.c#L544

As we see, the deletion of the 'parent' cert object has not been
sufficiently tested.



>
> Andreas
>
> Am 27.09.2012 13:04, schrieb Viktor Tarasov:
> >
> >
> > On Thu, Sep 27, 2012 at 11:30 AM, Peter Stuge  > > wrote:
> >
> > Andreas Schwier wrote:
> > > I will first need to write a small test in C to reproduce the
> > problem.
> > > Right now we test from Java, which makes debugging a real
> nightmare.
> >
> > Maybe you can reproduce it using some of the existing command line
> > tools?
> >
> >
> > It can be reproduced, using command
> > #  pkcs11-tool --module ./build/lib/opensc-pkcs11.so --slot-index 0 -l
> > --pin "1234" --delete-object --type cert --id 
> >
> > and patched pkcs11-tool:
> > diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
> > index f23948b..30074d8 100644
> > --- a/src/tools/pkcs11-tool.c
> > +++ b/src/tools/pkcs11-tool.c
> > @@ -824,6 +824,9 @@ int main(int argc, char * argv[])
> >  util_fatal("You should specify at least one
> > of the "
> >  "object ID, object label,
> > application label or application ID\n");
> > delete_object(session);
> > +
> > +   printf("Now list public keys ...\n");
> > +   list_objects(session, CKO_PUBLIC_KEY);
> > }
> >
> > if (do_set_id) {
> >
> >
> > I will look for the solution.
> >
> >
> >
> > //Peter
> > ___
> > opensc-devel mailing list
> > opensc-devel@lists.opensc-project.org
> > 
> > http://www.opensc-project.org/mailman/listinfo/opensc-devel
> >
> >
> >
> >
> > ___
> > opensc-devel mailing list
> > opensc-devel@lists.opensc-project.org
> > http://www.opensc-project.org/mailman/listinfo/opensc-devel
>
>
> --
>
> -CardContact Software & System Consulting
>|.##> <##.|   Andreas Schwier
>|#   #|   Schülerweg 38
>|#   #|   32429 Minden, Germany
>|'##> <##'|   Phone +49 571 56149
> -http://www.cardcontact.de
>  http://www.tscons.de
>  http://www.openscdp.org
>
> ___
> opensc-devel mailing list
> opensc-devel@lists.opensc-project.org
> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Andreas Schwier 
Just tried the same.

There is also a SIGV if you try to delete the public key alone.
Apparently the public key object in the framework has no related object
in the pkcs15 layer.

Andreas

Am 27.09.2012 13:04, schrieb Viktor Tarasov:
>
>
> On Thu, Sep 27, 2012 at 11:30 AM, Peter Stuge  > wrote:
>
> Andreas Schwier wrote:
> > I will first need to write a small test in C to reproduce the
> problem.
> > Right now we test from Java, which makes debugging a real nightmare.
>
> Maybe you can reproduce it using some of the existing command line
> tools?
>
>
> It can be reproduced, using command 
> #  pkcs11-tool --module ./build/lib/opensc-pkcs11.so --slot-index 0 -l
> --pin "1234" --delete-object --type cert --id 
>
> and patched pkcs11-tool:
> diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
> index f23948b..30074d8 100644
> --- a/src/tools/pkcs11-tool.c
> +++ b/src/tools/pkcs11-tool.c
> @@ -824,6 +824,9 @@ int main(int argc, char * argv[])
>  util_fatal("You should specify at least one
> of the "
>  "object ID, object label,
> application label or application ID\n");
> delete_object(session);
> +
> +   printf("Now list public keys ...\n");
> +   list_objects(session, CKO_PUBLIC_KEY);
> }
>  
> if (do_set_id) {
>
>
> I will look for the solution.
>
>
>
> //Peter
> ___
> opensc-devel mailing list
> opensc-devel@lists.opensc-project.org
> 
> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>
>
>
>
> ___
> opensc-devel mailing list
> opensc-devel@lists.opensc-project.org
> http://www.opensc-project.org/mailman/listinfo/opensc-devel


-- 

-CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#   #|   Schülerweg 38
   |#   #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
-http://www.cardcontact.de
 http://www.tscons.de
 http://www.openscdp.org

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Viktor Tarasov 
On Thu, Sep 27, 2012 at 11:30 AM, Peter Stuge  wrote:

> Andreas Schwier wrote:
> > I will first need to write a small test in C to reproduce the problem.
> > Right now we test from Java, which makes debugging a real nightmare.
>
> Maybe you can reproduce it using some of the existing command line
> tools?
>
>
It can be reproduced, using command
#  pkcs11-tool --module ./build/lib/opensc-pkcs11.so --slot-index 0 -l
--pin "1234" --delete-object --type cert --id 

and patched pkcs11-tool:
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index f23948b..30074d8 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -824,6 +824,9 @@ int main(int argc, char * argv[])
 util_fatal("You should specify at least one of the
"
 "object ID, object label,
application label or application ID\n");
delete_object(session);
+
+   printf("Now list public keys ...\n");
+   list_objects(session, CKO_PUBLIC_KEY);
}

if (do_set_id) {


I will look for the solution.



> //Peter
> ___
> opensc-devel mailing list
> opensc-devel@lists.opensc-project.org
> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Peter Stuge 
Andreas Schwier wrote:
> I will first need to write a small test in C to reproduce the problem.
> Right now we test from Java, which makes debugging a real nightmare.

Maybe you can reproduce it using some of the existing command line
tools?


//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Andreas Schwier 
Hi Peter,

I will first need to write a small test in C to reproduce the problem.
Right now we test from Java, which makes debugging a real nightmare.

Andreas

Am 27.09.2012 11:25, schrieb Peter Stuge:
> Andreas Schwier (ML) wrote:
>> there is apparently a nasty bug in framework-pkcs15.c that causes a SIGV
>> when via PKCS#11 a certificate object is deleted, but not the related
>> public key object.
>>
>> Occasionally this triggers a SIGV when the caller later accesses the
>> CKA_ID attribute which tries to access the then deleted certificate object.
>>
>> Is there any expert on the list that has intimate knowledge of the
>> framework code that could take a look at it ?
> Please send a backtrace.
>
> Build the program with debugging, run the program with gdb --args
> program, then type bt after the crash. Post output.
>
>
> //Peter
> ___
> opensc-devel mailing list
> opensc-devel@lists.opensc-project.org
> http://www.opensc-project.org/mailman/listinfo/opensc-devel


-- 

-CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#   #|   Schülerweg 38
   |#   #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
-http://www.cardcontact.de
 http://www.tscons.de
 http://www.openscdp.org

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Peter Stuge 
Andreas Schwier (ML) wrote:
> there is apparently a nasty bug in framework-pkcs15.c that causes a SIGV
> when via PKCS#11 a certificate object is deleted, but not the related
> public key object.
> 
> Occasionally this triggers a SIGV when the caller later accesses the
> CKA_ID attribute which tries to access the then deleted certificate object.
> 
> Is there any expert on the list that has intimate knowledge of the
> framework code that could take a look at it ?

Please send a backtrace.

Build the program with debugging, run the program with gdb --args
program, then type bt after the crash. Post output.


//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

[opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Andreas Schwier (ML) 
Hi all,

there is apparently a nasty bug in framework-pkcs15.c that causes a SIGV
when via PKCS#11 a certificate object is deleted, but not the related
public key object.

Occasionally this triggers a SIGV when the caller later accesses the
CKA_ID attribute which tries to access the then deleted certificate object.

Is there any expert on the list that has intimate knowledge of the
framework code that could take a look at it ?

Andreas


-- 

-CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#   #|   Schülerweg 38
   |#   #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
-http://www.cardcontact.de
 http://www.tscons.de
 http://www.openscdp.org

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel