Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add fixes to cryptoauthlib to support Java PKCS11 requirements, to support Greengrass V2 #290

Merged
merged 3 commits into from
Apr 13, 2022
Merged

Add fixes to cryptoauthlib to support Java PKCS11 requirements, to support Greengrass V2 #290

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a7cbf7d
fix: When PKCS11 C_Sign is passed null pSignature, it is expected to …
JamieHunter Apr 12, 2022
4cf67b4
fix: Java PKCS11 requires CKA_EXTRACTABLE to return extractable statu…
JamieHunter Apr 12, 2022
6457c1c
fix: Java honors ulMaxSessionCount constant and needs to create at le…
JamieHunter Apr 12, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
fix: Java honors ulMaxSessionCount constant and needs to create at le… 
…ast 2 sessions.

When used with Greengrass V2, at least 3 sessions are needed.
  • Loading branch information
@JamieHunter
JamieHunter committed Apr 12, 2022
commit 6457c1ceac18459dd342dc2925030e6a4de89f20
4 changes: 2 additions & 2 deletions lib/pkcs11/pkcs11_token.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -428,8 +428,8 @@ CK_RV pkcs11_token_get_info(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
pInfo->ulMinPinLen = 0;
pInfo->flags = CKF_RNG;// | CKF_LOGIN_REQUIRED;

pInfo->ulMaxSessionCount = 1;
pInfo->ulMaxRwSessionCount = 1;
pInfo->ulMaxSessionCount = PKCS11_MAX_SESSIONS_ALLOWED;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Based on bug reports, there is risk that setting this to PKCS11_MAX_SESSIONS_ALLOWED might break something?

pInfo->ulMaxRwSessionCount = PKCS11_MAX_SESSIONS_ALLOWED;

pInfo->ulSessionCount = (slot_ctx->session) ? TRUE : FALSE;
pInfo->ulRwSessionCount = (slot_ctx->session) ? TRUE : FALSE;
Expand Down