Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unknown error code from Ctx::new() on ARMv7 when calling the PKCS#11 C_GetFunctionList() function. #51

Closed
ximon18 opened this issue Jan 4, 2022 · 3 comments
Closed

Unknown error code from Ctx::new() on ARMv7 when calling the PKCS#11 C_GetFunctionList() function. #51

ximon18 opened this issue Jan 4, 2022 · 3 comments

Comments

@ximon18
Copy link

ximon18 commented Jan 4, 2022
edited

See:

This issue was observed with a YubiHSM2 Nano connected to a Raspberry Pi 4b which is an ARMv7 (arm7l) architecture platform. The issue occurred both when building the code locally on the Pi and when cross compiling from an x86_64 host.

The error message produced by the pkcs11 crate was:

PKCS#11: unknown (0xb6ab784000000000)

The issue occurs in the pkcs11 v0.5.0 Rust crate code when func() is invoked within Ctx::new() in the code shown below (link to actual pkcs11 crate code):

let func: libloading::Symbol<
    unsafe extern "C" fn(CK_FUNCTION_LIST_PTR_PTR) -> CK_RV,
> = lib.get(b"C_GetFunctionList")?;
match func(list.as_mut_ptr()) {
    CKR_OK => (),
    err => return Err(Error::Pkcs11(err)),
}

The same code works fine on x86_64 targets. pkcs11-tool had no issues on ARM?7 using the same PKCS#11 library.

The cryptoki create doesn't appear to have the same problem as switching to that crate resolved the issue for the simple https://github.com/ximon18/keyls tool.
This was referenced Jan 4, 2022
Closed
Merged
@ximon18 ximon18 changed the title Unknown error code during Ctx::new() on ARMv7 during PKCS#11 C_GetFunctionList() call. Unknown error code from Ctx::new() on ARMv7 during PKCS#11 C_GetFunctionList() call. Jan 5, 2022
@ximon18 ximon18 changed the title Unknown error code from Ctx::new() on ARMv7 during PKCS#11 C_GetFunctionList() call. Unknown error code from Ctx::new() on ARMv7 when calling the PKCS#11 C_GetFunctionList() function. Jan 5, 2022
@mheese
Copy link
Owner

mheese commented Oct 27, 2022

@ximon18 yes, because the cryptoki crate is dealing with the different architectures in the right way now. Please use the cryptoki crate https://github.com/parallaxsecond/rust-cryptoki. I'm trying to catch up to properly deprecate this crate.

@mheese mheese closed this as completed Oct 27, 2022
@ximon18
Copy link
Author

ximon18 commented Oct 27, 2022

Thanks @mheese for all the great work you put in to the rust-pkcs11 crate, it was very nice to find and use initially and both happy and sad that the move to rust-crpytoki is needed, but I can very much appreciate it if you don't have the time to maintain it. One thought on that though: having more than one crate that provides PKCS#11 functionality would be better for the health of the Rust ecosystem overall, did you consider calling for volunteers to take over this crate or is it that it has fundamental issues that make it not worth continuing with?

@mheese
Copy link
Owner

mheese commented Oct 27, 2022

@ximon18 yes, I would like to make the pkcs11 crate name available to either the cryptoki owners or the RustCrypto org (@tarcieri fyi). I agree with you on the health of the Rust ecosystem. It's always trouble/difficult when things like this happen. IMHO crates in this space should be owned by an org - for multiple reasons.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mheese @ximon18