| Summary: | Using "ssh-keygen -D pkcs11" with HSM fails due to "xmalloc: zero size" | ||
|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | ietxezarreta |
| Component: | Smartcard | Assignee: | Assigned to nobody <unassigned-bugs> |
| Status: | CLOSED FIXED | ||
| Severity: | enhancement | CC: | djm |
| Priority: | P5 | ||
| Version: | 8.8p1 | ||
| Hardware: | amd64 | ||
| OS: | Linux | ||
| Bug Depends on: | |||
| Bug Blocks: | 3353 | ||
This will be fixed in OpenSSH 8.9p1: commit 97f9b6e61316c97a32dad94b7a37daa9b5f6b836 (HEAD -> master, origin/master, origin/HEAD) Author: djm@openbsd.org <djm@openbsd.org> Date: Thu Nov 18 21:11:01 2021 +0000 upstream: avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we already did this for RSA keys). Avoids fatal errors for PKCS#11 libraries that return empty keyid, e.g. Microchip ATECC608B "cryptoauthlib"; bz#3364 OpenBSD-Commit-ID: 054d4dc1d6a99a2e6f8eebc48207b534057c154d closing bugs resolved before openssh-8.9 |
When using the cryptochip ATECC608B, from Microchip, with the provided cryptolibrary "cryptoauthlib", the pkcs11 related operations fail due to "xmalloc: zero size". Steps to reproduce: 1.- Compile and install Microchip cryptoauthlib library. 2.- Modify this library to handle unset Mutexes (in functions pkcs11_lock_context and pkcs11_unlock_context change rv = CKR_CANT_LOCK for rv = CKR_OK) 3.- execute command ssh-keygen -D /usr/lib/libcryptoauth.so Actual result: xmalloc: zero size Expected output: C_GetAttributeValue failed: 7 failed to fetch key ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPmKkZ2M7DeVdwOpCW8XSnLYUbPx5RIk8OF8B0F0OwmRWexpsZONwft41YRI76gxZ/cN7wt4wO765ULvXQhxFCQ= device This issue was solved by protecting the allocation of "k11->keyid" in line 614 of file "ssh-pkcs11.c", for example like: ++ if(k11->keyid_len) ++ { k11->keyid = xmalloc(k11->keyid_len); memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); ++ } Would it be possible to include this fix or something similar to solve the problem? Thank you very much!