subject:"\[opensc\-devel\] SIGV when deleting certificate but not related public key"

[opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Andreas Schwier (ML)

Hi all,

there is apparently a nasty bug in framework-pkcs15.c that causes a SIGV
when via PKCS#11 a certificate object is deleted, but not the related
public key object.

Occasionally this triggers a SIGV when the caller later accesses the
CKA_ID attribute which tries to access the then deleted certificate object.

Is there any expert on the list that has intimate knowledge of the
framework code that could take a look at it ?

Andreas


-- 

-CardContact Software  System Consulting
   |.## ##.|   Andreas Schwier
   |#   #|   Schülerweg 38
   |#   #|   32429 Minden, Germany
   |'## ##'|   Phone +49 571 56149
-http://www.cardcontact.de
 http://www.tscons.de
 http://www.openscdp.org

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Andreas Schwier

Hi Peter,

I will first need to write a small test in C to reproduce the problem.
Right now we test from Java, which makes debugging a real nightmare.

Andreas

Am 27.09.2012 11:25, schrieb Peter Stuge:
 Andreas Schwier (ML) wrote:
 there is apparently a nasty bug in framework-pkcs15.c that causes a SIGV
 when via PKCS#11 a certificate object is deleted, but not the related
 public key object.

 Occasionally this triggers a SIGV when the caller later accesses the
 CKA_ID attribute which tries to access the then deleted certificate object.

 Is there any expert on the list that has intimate knowledge of the
 framework code that could take a look at it ?
 Please send a backtrace.

 Build the program with debugging, run the program with gdb --args
 program, then type bt after the crash. Post output.


 //Peter
 ___
 opensc-devel mailing list
 opensc-devel@lists.opensc-project.org
 http://www.opensc-project.org/mailman/listinfo/opensc-devel


-- 

-CardContact Software  System Consulting
   |.## ##.|   Andreas Schwier
   |#   #|   Schülerweg 38
   |#   #|   32429 Minden, Germany
   |'## ##'|   Phone +49 571 56149
-http://www.cardcontact.de
 http://www.tscons.de
 http://www.openscdp.org

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Peter Stuge

Andreas Schwier wrote:
 I will first need to write a small test in C to reproduce the problem.
 Right now we test from Java, which makes debugging a real nightmare.

Maybe you can reproduce it using some of the existing command line
tools?


//Peter
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Viktor Tarasov

On Thu, Sep 27, 2012 at 11:30 AM, Peter Stuge pe...@stuge.se wrote:

 Andreas Schwier wrote:
  I will first need to write a small test in C to reproduce the problem.
  Right now we test from Java, which makes debugging a real nightmare.

 Maybe you can reproduce it using some of the existing command line
 tools?


It can be reproduced, using command
#  pkcs11-tool --module ./build/lib/opensc-pkcs11.so --slot-index 0 -l
--pin 1234 --delete-object --type cert --id object-id

and patched pkcs11-tool:
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index f23948b..30074d8 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -824,6 +824,9 @@ int main(int argc, char * argv[])
 util_fatal(You should specify at least one of the

 object ID, object label,
application label or application ID\n);
delete_object(session);
+
+   printf(Now list public keys ...\n);
+   list_objects(session, CKO_PUBLIC_KEY);
}

if (do_set_id) {


I will look for the solution.



 //Peter
 ___
 opensc-devel mailing list
 opensc-devel@lists.opensc-project.org
 http://www.opensc-project.org/mailman/listinfo/opensc-devel

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Andreas Schwier

Just tried the same.

There is also a SIGV if you try to delete the public key alone.
Apparently the public key object in the framework has no related object
in the pkcs15 layer.

Andreas

Am 27.09.2012 13:04, schrieb Viktor Tarasov:


 On Thu, Sep 27, 2012 at 11:30 AM, Peter Stuge pe...@stuge.se
 mailto:pe...@stuge.se wrote:

 Andreas Schwier wrote:
  I will first need to write a small test in C to reproduce the
 problem.
  Right now we test from Java, which makes debugging a real nightmare.

 Maybe you can reproduce it using some of the existing command line
 tools?


 It can be reproduced, using command 
 #  pkcs11-tool --module ./build/lib/opensc-pkcs11.so --slot-index 0 -l
 --pin 1234 --delete-object --type cert --id object-id

 and patched pkcs11-tool:
 diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
 index f23948b..30074d8 100644
 --- a/src/tools/pkcs11-tool.c
 +++ b/src/tools/pkcs11-tool.c
 @@ -824,6 +824,9 @@ int main(int argc, char * argv[])
  util_fatal(You should specify at least one
 of the 
  object ID, object label,
 application label or application ID\n);
 delete_object(session);
 +
 +   printf(Now list public keys ...\n);
 +   list_objects(session, CKO_PUBLIC_KEY);
 }
  
 if (do_set_id) {


 I will look for the solution.



 //Peter
 ___
 opensc-devel mailing list
 opensc-devel@lists.opensc-project.org
 mailto:opensc-devel@lists.opensc-project.org
 http://www.opensc-project.org/mailman/listinfo/opensc-devel




 ___
 opensc-devel mailing list
 opensc-devel@lists.opensc-project.org
 http://www.opensc-project.org/mailman/listinfo/opensc-devel


-- 

-CardContact Software  System Consulting
   |.## ##.|   Andreas Schwier
   |#   #|   Schülerweg 38
   |#   #|   32429 Minden, Germany
   |'## ##'|   Phone +49 571 56149
-http://www.cardcontact.de
 http://www.tscons.de
 http://www.openscdp.org

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] SIGV when deleting certificate but not related public key

2012-09-27 Thread Viktor Tarasov

On Thu, Sep 27, 2012 at 1:13 PM, Andreas Schwier 
andreas.schw...@cardcontact.de wrote:

 Just tried the same.

 There is also a SIGV if you try to delete the public key alone.
 Apparently the public key object in the framework has no related object
 in the pkcs15 layer.



Public key PKCS#11 object is created from certificate if there is no
corresponding PKCS#15 public key object.
https://github.com/OpenSC/OpenSC/blob/master/src/pkcs11/framework-pkcs15.c#L544

As we see, the deletion of the 'parent' cert object has not been
sufficiently tested.




 Andreas

 Am 27.09.2012 13:04, schrieb Viktor Tarasov:
 
 
  On Thu, Sep 27, 2012 at 11:30 AM, Peter Stuge pe...@stuge.se
  mailto:pe...@stuge.se wrote:
 
  Andreas Schwier wrote:
   I will first need to write a small test in C to reproduce the
  problem.
   Right now we test from Java, which makes debugging a real
 nightmare.
 
  Maybe you can reproduce it using some of the existing command line
  tools?
 
 
  It can be reproduced, using command
  #  pkcs11-tool --module ./build/lib/opensc-pkcs11.so --slot-index 0 -l
  --pin 1234 --delete-object --type cert --id object-id
 
  and patched pkcs11-tool:
  diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
  index f23948b..30074d8 100644
  --- a/src/tools/pkcs11-tool.c
  +++ b/src/tools/pkcs11-tool.c
  @@ -824,6 +824,9 @@ int main(int argc, char * argv[])
   util_fatal(You should specify at least one
  of the 
   object ID, object label,
  application label or application ID\n);
  delete_object(session);
  +
  +   printf(Now list public keys ...\n);
  +   list_objects(session, CKO_PUBLIC_KEY);
  }
 
  if (do_set_id) {
 
 
  I will look for the solution.
 
 
 
  //Peter
  ___
  opensc-devel mailing list
  opensc-devel@lists.opensc-project.org
  mailto:opensc-devel@lists.opensc-project.org
  http://www.opensc-project.org/mailman/listinfo/opensc-devel
 
 
 
 
  ___
  opensc-devel mailing list
  opensc-devel@lists.opensc-project.org
  http://www.opensc-project.org/mailman/listinfo/opensc-devel


 --

 -CardContact Software  System Consulting
|.## ##.|   Andreas Schwier
|#   #|   Schülerweg 38
|#   #|   32429 Minden, Germany
|'## ##'|   Phone +49 571 56149
 -http://www.cardcontact.de
  http://www.tscons.de
  http://www.openscdp.org

 ___
 opensc-devel mailing list
 opensc-devel@lists.opensc-project.org
 http://www.opensc-project.org/mailman/listinfo/opensc-devel

___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

[opensc-devel] SIGV when deleting certificate but not related public key

Re: [opensc-devel] SIGV when deleting certificate but not related public key

Re: [opensc-devel] SIGV when deleting certificate but not related public key

Re: [opensc-devel] SIGV when deleting certificate but not related public key

Re: [opensc-devel] SIGV when deleting certificate but not related public key

Re: [opensc-devel] SIGV when deleting certificate but not related public key

6 matches

Site Navigation

Mail list logo

Footer information