Comments (5)
vkkoskie
commented on June 3, 2024
Well, this is frustrating.
Long story short: Seg faults I was seeing working on #66 are indeed a packing issue. It just took me a while to get around to confirming it.
I now have a clear picture of why following the spec to use 1-byte structure packing results in seg faults: libsofthsm2 doesn't follow it!
When C_GetFunctionList is called, the returned list struct is the 2-byte library version followed by all the function pointers. With default packing (on presumably all 64-bit Linux) this pads the version out to the width of another pointer. This is contrary to the spec and requires an explicit override. However, libsofthsm2 is using default packing everywhere except Windows, returning this (wrong!) platform-default padding. So if a client sets up their structs correctly, as soon as they try to call into a function from the list, they get a value that's part of the correct address and part an adjacent one, seg faulting on deref.
According to this issue, it seems to have become such a deeply ingrained assumption (originating in pk11-kit) it's now a de facto standard they refuse to fix. 🙄
So I guess there's a bit of a philosophical question to be answered here: follow the standard or the mob?
from rust-cryptoki.
ionut-arm
commented on June 3, 2024
Changing the packing for a struct is just a matter of adding an attribute to it at build time, right? Could we add a feature to control that, so that users are free to choose whichever suits them?
from rust-cryptoki.
vkkoskie
commented on June 3, 2024
That's right. However, I don't think there's a way to test the bindings since there's currently only one way to simulate the device. It would require matching compilation(s) of libsofthsm2. There's a preprocessor hook for that, but the current CI setup uses the image default instead of doing the compilation itself.
from rust-cryptoki.
jhagborgftx
commented on June 3, 2024
Copying this here from the original PR:
It seems that structure packing should be limited to Windows. This is a known inaccuracy of the spec, and there is a proposal to change this in v3.2. This was accepted without objection according to these meeting minutes.
Even in older versions of the spec, it seems nobody was actually packing structures on Unix. So following the spec literally will cause ABI incompatibility with every existing PKCS#11 implementation.
from rust-cryptoki.
jhagborgftx
commented on June 3, 2024
According to this issue, it seems to have become such a deeply ingrained assumption (originating in pk11-kit) it's now a de facto standard they refuse to fix. roll_eyes
AFAIK, it goes back much further than that. See this thread between TC members for some background.
from rust-cryptoki.
Related Issues (20)
- Session Pool Management HOT 1
- Set homepage in GitHub project info HOT 1
- Missing constants for x86_64-unknown-linux-gnu HOT 6
- Function name as part of errors HOT 3
- CKA_PUBLIC_KEY_INFO getting TypeInvalid HOT 8
- Wrapper for C_WaitForSlotEvent HOT 5
- finalize() without drop()? HOT 1
- `clone()` and `is_initialized()` HOT 13
- bug: `is_fn_supported()` always returns `true` HOT 1
- UserNotLoggedIn calling decrypt after login.... HOT 5
- Signing and Verifying HOT 2
- PKCS OAEP padding always returns: Pkcs11(ArgumentsBad) HOT 3
- test slot::token_info::test::debug_info fails on 32-bit architectures. HOT 1
- Add Wycheproof-based tests
- Wasm support HOT 2
- session.login fails on MacOS Sonoma HOT 8
- New release? HOT 6
- PkcsOaepParams HOT 3
- Build of cryptoki v0.6.1 failing on Fedora 39+ HOT 23
- Cannot init_token using an HSM with PED
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-cryptoki.