Oberthur PKCS#11 module is buggy on Ubuntu 18.04.01 LTS

open-eid / linux-installer

Ubuntu meta package

55 stars 21 forks source link

Oberthur PKCS#11 module is buggy on Ubuntu 18.04.01 LTS #41

Closed martinpaljak closed 5 years ago

martinpaljak commented 5 years ago

C_Finalize always hangs:

export PKCS11SPY=/usr/local/AWP/lib/libOcsPKCS11Wrapper.so
pkcs11-tool --module /usr/lib/x86_64-linux-gnu/pkcs11-spy.so -O

(running this via gdb)

4: C_Finalize
2019-01-07 23:25:07.782
^C
Thread 1 "pkcs11-tool" received signal SIGINT, Interrupt.
0x00007ffff716ed2d in __GI___pthread_timedjoin_ex (threadid=140737307977472, 
    thread_return=0x0, abstime=0x0, block=<optimized out>)
    at pthread_join_common.c:89
89  pthread_join_common.c: No such file or directory.
(gdb) bt
#0  0x00007ffff716ed2d in __GI___pthread_timedjoin_ex (
    threadid=140737307977472, thread_return=0x0, abstime=0x0, 
    block=<optimized out>) at pthread_join_common.c:89
#1  0x00007ffff59285bb in CSmartCardConnectionNotifier::stop(bool) ()
   from /usr/local/AWP/lib/libOcsCryptoki.so

martinpaljak commented 5 years ago

This seems to be a common problem: https://www.google.com/search?rls=en&q=pthread_join_common.c

virtual-machinist commented 5 years ago

May this be the cause why Chromium crashes randomly after a couple of minutes with the plugin enabled? I don't have any logs to tie the crashing to open-eid, but the crashes disappeared after removing open-eid and everything related (and there weren't any before the inclusion of this middleware). Can anyone confirm this?

martinpaljak commented 5 years ago

Have not tried with Chromium, but apparently having the PKCS#11 module loaded to Firefox (on Debian that is) resulted in random crashes of Firefox. As both are based on NSS on Linux, I assume the symptoms are the same. Keep in mind that open-eid should contain multiple PKCS#11 modules and only the Oberthur one seems to cause the random crashes (as currently observed)

thsnr commented 5 years ago

C_Finalize always hangs:

It seems that it only hangs if no card reader is connected:

2: C_GetSlotList
2019-05-09 11:42:17.939
[in] tokenPresent = 0x0
[out] pSlotList: 
Count is 0
[out] *pulCount = 0x0
Returned:  0 CKR_OK

...

4: C_Finalize
2019-05-09 11:42:17.941
^C

With one connected, it works:

2: C_GetSlotList
2019-05-09 11:42:08.528
[in] tokenPresent = 0x0
[out] pSlotList: 
Count is 1
[out] *pulCount = 0x1
Returned:  0 CKR_OK

...

5: C_Finalize
2019-05-09 11:42:08.530
Returned:  0 CKR_OK

Connecting a card reader while the library is hung also wakes it up.

Jalakas commented 5 years ago

"May this be the cause why Chromium crashes randomly after a couple of minutes with the plugin enabled?"

Yes, PCSC versions before 1.8.25 (and all browsers using it, tested firefox and chrome myself) crashed because "awp" flooded pcscd with too many threads. https://bugs.launchpad.net/ubuntu/+source/pcsc-lite/+bug/294830

"awp" dependency is removed now: https://github.com/open-eid/linux-installer/pull/49/files Hope there will be 19.06 release soon: https://installer.id.ee/media/ubuntu/