[Opendnssec-develop] [OpenDNSSEC] #204: ods-hsmutil segfaults when listing keys in TPM chip
OpenDNSSEC
owner-dnssec-trac at kirei.se
Thu Jan 6 18:11:10 UTC 2011
#204: ods-hsmutil segfaults when listing keys in TPM chip
------------------------------------------+---------------------------------
Reporter: Ondřej Surý <ondrej@…> | Owner: jakob
Type: defect | Status: new
Priority: major | Component: libhsm
Version: 1.1.3 | Keywords:
------------------------------------------+---------------------------------
As reported at http://bugs.debian.org/609138 by David Carter
<dcarter at creativemk.com>
Package: libhsm-bin
Version: 1.1.3-3
Severity: important
I had to recompile opendnssec with debugging symbols to get a backtrace
but
made no other changes from 1.1.3-3. This same error occurs in the official
package.
This system is set up to use the TPM chip as a HSM using opencryptoki
2.2.8
and 'ods-hsmutil test' completes successfully. However, when I try to use
ods-hsmutil to list the keys in the HSM it segfaults (gdb backtrace
follows.)
I have not yet tried to use opendnssec to sign a zone as I was testing
with
ods-hsmutil during the initial configuration process.
Backtrace:
$ LD_PRELOAD=/lib/libpthread.so.0 gdb ods-hsmutil
GNU gdb (GDB) 7.0.1-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/ods-hsmutil...done.
(gdb) run list
Starting program: /usr/bin/ods-hsmutil list
[Thread debugging using libthread_db enabled]
Listing keys in all repositories.
1 key found.
Repository ID Type
---------- -- ----
Program received signal SIGSEGV, Segmentation fault.
0x00000000004019bd in cmd_list (argc=0, argv=0x7fffffffeca8)
at ../../../libhsm/src/hsmutil.c:114
114 snprintf(key_type, sizeof(key_type),
(gdb) thread apply all bt full
Thread 1 (Thread 0x7ffff7fee700 (LWP 25083)):
#0 0x00000000004019bd in cmd_list (argc=0, argv=0x7fffffffeca8)
at ../../../libhsm/src/hsmutil.c:114
key_info = 0x0
key = 0x0
key_type = "@\347`", '\000' <repeats 13 times>"\260,
\353\377\377\377\177\000"
i = 0
repository = 0x0
key_count = 1
keys = 0x604550
ctx = 0x0
key_info_format = 0x402b3f "%-20s %-32s %-10s\n"
#1 0x000000000040223e in main (argc=0, argv=0x7fffffffeca8)
at ../../../libhsm/src/hsmutil.c:405
result = 0
config = 0x0
ch = -1
Here's the output from 'ods-hsmutil test <repository>' for reference:
$ ods-hsmutil test <repository>
Testing repository: <repository>
Generating 512-bit RSA key... OK
Extracting key identifier... OK, b4d69efa6e655bc88a0897280e48b48a
Signing (RSA/SHA1) with key... OK
Signing (RSA/SHA256) with key... OK
Deleting key... OK
Generating 768-bit RSA key... Failed
generate key pair: CKR_KEY_SIZE_RANGE
Generating 1024-bit RSA key... OK
Extracting key identifier... OK, 94efe89cad1d42e67921d1c3bc2269c4
Signing (RSA/SHA1) with key... OK
Signing (RSA/SHA256) with key... OK
Signing (RSA/SHA512) with key... OK
Deleting key... OK
Generating 1536-bit RSA key... Failed
generate key pair: CKR_KEY_SIZE_RANGE
Generating 2048-bit RSA key... OK
Extracting key identifier... OK, 1b5551755fbec292100127ed4f156f50
Signing (RSA/SHA1) with key... OK
Signing (RSA/SHA256) with key... OK
Signing (RSA/SHA512) with key... OK
Deleting key... OK
Generating 4096-bit RSA key... Failed
generate key pair: CKR_KEY_SIZE_RANGE
Generating 1024 bytes of random data... OK
Generating 32-bit random data... 1938355139
Generating 64-bit random data... 17955271592229176371
--
Ticket URL: <http://trac.opendnssec.org/ticket/204>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list