C_FindObjectsFinal returns access violation reading location

Question

C_FindObjectsFinal returns access violation reading location

I want to install x509 cert into token. However, during the process, when i called on method C_FindObjectsFinal it return

access violation Exception thrown at 0x770B66FF (ntdll.dll) in EccInstallTest.exe: 0xC0000005: Access violation reading location 0xFF003FFF.

To be honest i have no idea on what is actually causing this. hSession has been declared as global parameter. It is only used by this function. Even if i declared it in as local also didn't work. Please help me. Below is my code.

CK_ULONG InstallX509(CK_SLOT_ID nSlotID,char* szCert, CK_BYTE_PTR pbX509, CK_ULONG *dwX509)
{
    CK_ULONG    i, rv = 0, iLen = strlen(szCert), ulCert = 2048, object_found, keyType = 0, TGR_CERT_CANNOT_DECODE = false, TGR_CERT_INVALID = false;
    CK_BYTE     szKeyId[40] = { 0 }, szLabel[40] = { 0 }, pbCert[2048] = { 0 };
    CK_ULONG    lenCertData, lenCertInfo, lenCertSerial, lenCertIssuer, lenCertSubjectDN, lenCertDate, lenDateStart, lenDateEnd, lenPubKeySeq, lenPubKeySeq2, lenPubKeyAlgo, lenPubKeyStr, lenPubKey = 0;
    CK_BYTE     CertData[1024] = { 0 }, CertInfo[1024] = { 0 }, CertSerial[20] = { 0 }, CertIssuer[512] = { 0 }, CertSubjectDN[512] = { 0 }, CertDate[20] = { 0 }, dtStart[15] = { 0 }, dtEnd[15] = { 0 }, PubKeySeq[512] = { 0 }, PubKeySeq2[512] = { 0 }, PubKeyAlgo[24] = { 0 }, PubKeyStr[512] = { 0 }, PubKey[256] = { 0 }, pbModulus[256] = { 0 };
    char DateStart[15] = { 0 }, DateEnd[15] = { 0 };
    CK_BBOOL            bTrue = TRUE;
    CK_OBJECT_CLASS     cert_object_class = CKO_CERTIFICATE;
    CK_CERTIFICATE_TYPE certType = CKC_X_509;
    CK_OBJECT_CLASS     priv_objectclass = CKO_PRIVATE_KEY, pub_objectclass = CKO_PUBLIC_KEY;
    CK_OBJECT_HANDLE    hPrivateKey = 0, hCert;
    CK_ATTRIBUTE        tCert[] = {
        {CKA_CLASS,             &cert_object_class, sizeof(CK_OBJECT_CLASS)},
        {CKA_TOKEN,             &bTrue,             sizeof(CK_BBOOL)},
        {CKA_CERTIFICATE_TYPE,  &certType,          sizeof(certType)},
        {CKA_VALUE,             pbCert,             sizeof(pbCert)},
        {CKA_SERIAL_NUMBER,     CertSerial,         sizeof(CertSerial)},
        {CKA_ISSUER,            CertIssuer,         sizeof(CertIssuer)},
        {CKA_SUBJECT,           CertSubjectDN,      sizeof(CertSubjectDN)},
        {CKA_START_DATE,        DateStart,          sizeof(DateStart)},
        {CKA_END_DATE,          DateEnd,            sizeof(DateEnd)},
        {CKA_ID,                szKeyId,            sizeof(szKeyId)},
        {CKA_LABEL,             szLabel,            sizeof(szLabel)},
    },
    tCheckCert[] = {
{CKA_CLASS,             &cert_object_class, sizeof(CK_OBJECT_CLASS)},
{CKA_VALUE,             pbCert,             sizeof(pbCert)},
    },
    tPrvKey[] = {
{CKA_CLASS,             &priv_objectclass,  sizeof(CK_OBJECT_CLASS)},
{CKA_KEY_TYPE,          &keyType,           sizeof(keyType)},
    },
    tModulus = { 0, pbModulus, sizeof(pbModulus) },
    tLabel[] = {
{CKA_ID,                szKeyId,            sizeof(szKeyId)},
{CKA_LABEL,             szLabel,            sizeof(szLabel)},
    };

    printf("selected slot: %d\n", (int)nSlotID);
    CK_FLAGS flags = (CKF_RW_SESSION | CKF_SERIAL_SESSION);
    rv = g_pFunctionList->C_OpenSession(nSlotID, flags, 0, 0, &hSession);
    if (rv != CKR_OK)
    {
        printf("C_OpenSession() failed, rv = 0x%.8X\n", (int)rv);
        hSession = 0;
        return 0;
    }

    printf("login into Token using Password %s \n", cUserPassword);
    rv = g_pFunctionList->C_Login(hSession, nUserType, (CK_UTF8CHAR_PTR)cUserPassword, (CK_ULONG)nUserPasswordSize);
    if (rv != CKR_OK) {
        printf("C_Login() failed: rv = 0x%.8X\n", (int)rv);
        return 0;
    }

    printf("\n\n===Start InstallX509===\n");

    if (iLen == 0) {
        printf("iLen equal to 0. Abandon cert injection");
        return TGR_CERT_CANNOT_DECODE;
    }
    printf("testing.");
    iLen = iLen / 4 * 3 + 1;

    if (pbX509 == NULL) {
        *dwX509 = iLen;
        return 0;
    }

    if (*dwX509 < iLen) return TGR_CERT_CANNOT_DECODE;

    const unsigned char* t = reinterpret_cast<const unsigned char *>(szCert);
    ulCert = Base64_Decode(pbCert, t);
    *dwX509 = ulCert;
    memcpy(pbX509, pbCert, ulCert);

    printf("The following certificate will be installed:\n%s\n", szCert);
    printf("Certificate Size (%d) bytes\n", *dwX509);
    tCheckCert[1].ulValueLen = ulCert;
    rv = g_pFunctionList->C_FindObjectsInit(hSession, tCheckCert, sizeof(tCheckCert) / sizeof(CK_ATTRIBUTE));
    if (rv != CKR_OK) {
        printf("Error C_FindObjectsInitfirst, return 0x%08x\n", rv);
        return rv;
    }

    rv = g_pFunctionList->C_FindObjects(hSession, &hCert, 1, &object_found);
    if (rv != CKR_OK) {
        printf("Error C_FindObjects, return 0x%08x\n", rv);
        return rv;
    }

    rv = g_pFunctionList->C_FindObjectsFinal(hSession);
    if (rv != CKR_OK) {
        printf("Error C_FindObjectsFinal, return 0x%08x\n", rv);
        return rv;
    }

    if (object_found) {
        printf("Certificate has been installed. Do not need to re-install.\n");
        return 0;
    }
    else {
        printf("Certificate has not been installed\n");
    }

    object_found = false;
    hCert = 0;

c++

pkcs#11

cryptoki

asked on Stack Overflow Oct 11, 2020 by

Mace

0 Answers

Nobody has answered this question yet.

User contributions licensed under CC BY-SA 3.0