From: GitHub <no...@gi...> - 2014-09-07 21:52:33
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: be200ab3c8165510736ef945b2a29eedcbea99a0 https://github.com/OpenSC/OpenSC/commit/be200ab3c8165510736ef945b2a29eedcbea99a0 Author: Andreas Schwier <and...@ca...> Date: 2014-09-07 (Sun, 07 Sep 2014) Changed paths: M src/libopensc/libopensc.exports M src/libopensc/pkcs15-pubkey.c M src/libopensc/pkcs15.h M src/pkcs11/framework-pkcs15.c Log Message: ----------- Merge pull request #282 from CardContact/fix-deleted-related-public-key framework-pkcs15: Duplicate public key related to private key rather than referencing the framework object Referencing the related public key is required to return PKCS#11 attributes for a private key only available in the public key object (i.e. CKA_MODULUS). This patch adds a copy of the public key to the private key object rather than referencing the public key object in the framework. This prevents SEGV when the public key framework object is deleted with C_DestroyObject, but the reference from the public key remains intact. The bug leads to all kind of stability problems when keys are created and deleted in the same session. The patch is in particular important if OpenSC is used with EJBCA or any other application using the SUN PKCS#11 provider: When generating key pairs, then the public key object is eventually garbage collected which removes the related object in the PKCS#11 module. Because there is no fixed time for this operation, corruption occurs at random. In a next step, the remaining related_xxx fields in sc_pkcs11_object should be revised and possibly removed. framework: Added more error checking |