Bug #9948

PKCS#11 key handle uninitialized in crypto tests

Added by Jason King 4 months ago. Updated 3 months ago.

Status:ClosedStart date:2018-11-01
Priority:NormalDue date:
Assignee:Jason King% Done:


Target version:-
Difficulty:Bite-size Tags:needs-triage


Upstream of Joyent OS-7274.

Noticed during testing of OS-6576, the digest tests would sometimes crash during shutdown. Looking at the cores, they were crashing during C_DestroyOject. The crypto test PKCS#11 version of crypto_op_t structure contains a field for a handle to a key object. Unfortunately this is only initialized for the tests that use the key (i.e. the encryption tests), but not for the digest tests. This can cause a crash on deallocation if the value happens to contain something other than 0 (always an invalid handle value) due to OS-6601 (pkcs11softtoken should_ just fail with CKR_OBJECT_HANDLE_INVALID if given an invalid handle to destroy, but OS-6601 prevents that). Regardless, we should explicitly initialize the key object to CK_INVALID_HANDLE so we know if we've used it or not (and need to destroy it).


#1 Updated by Jason King 3 months ago

  • Status changed from New to Pending RTI

#2 Updated by Electric Monk 3 months ago

  • % Done changed from 0 to 100
  • Status changed from Pending RTI to Closed

git commit eed3be881cd8e53fe7187245b289da7106712dea

commit  eed3be881cd8e53fe7187245b289da7106712dea
Author: Jason King <jason.king@joyent.com>
Date:   2018-11-09T10:32:03.000Z

    9948 PKCS#11 key handle uninitialized in crypto tests
    Reviewed by: Dan McDonald <danmcd@joyent.com>
    Reviewed by: Toomas Soome <tsoome@me.com>
    Approved by: Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org>

Also available in: Atom