Closed andreas-meissner closed 1 year ago
Issue is raised in pkcs11_find.c by alignment conflict between pkcs11_find_template_cache[] byte array (may be down to 1-byte alignment on strong size optimization) and its usage to store CK_ATTRIBUTE structs (4-byte alignment due to first member is an unsigned long). The cast of CK_ATTRIBUTE pointers on this byte-array produces invalid results / undefined behavior / unaligned access exceptions (when active) if these alignments do not match.
This issue has been marked as stale - please confirm the issue still exists with the latest version of the library and update the issue if it remains
This issue has been marked as stale - please confirm the issue still exists with the latest version of the library and update the issue if it remains
Issue still exists in v3.4.1
This issue has been marked as stale - please confirm the issue still exists with the latest version of the library and update the issue if it remains
Hi, we want to use ATECC608B-TFLXTLS as a PKCS#11 token to be usable with OpenSSL as a key store in our product. After doing all the configuration stuff with the Trust Platform Design Suite we now have the ATECC608B-TFLXTLS-PROTO as well as verification examples of our own configuration available for integration. Access to the devices works fine in cryptoauth_test utility:
Then I followed https://github.com/MicrochipTech/cryptoauthlib/tree/main/app/pkcs11#readme and https://github.com/MicrochipTech/cryptoauthlib/wiki/PKCS11-TNGTLS to set up the devices as PKCS#11 targets usable by p11tool for basic testing and verification.
p11tool is able to see the token:
But in difference to the mentioned instructions I get the following message when trying to make use of the ATECC608B devices:
or
I've also enabled the cryptoauthlib debug messages and had a deeper look at the source code of p11tool, but it is still unclear to me why there is this difference in the behavior compared to the instructions.
What could I probably be missing here?
Used software versions are:
cryptoauthlib.conf:
0.conf:
cryptoauthlib.module:
pkcs11.conf:
Thanks, Andreas