[Bug 3561] Open SSH does not support 1-byte structure packing on non-windows systems for PKCS11
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Apr 18 01:44:49 AEST 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=3561
--- Comment #3 from RickyDoug <doug.springer at idahoscientific.com> ---
My apologies. Please ignore the reference to CK_ULONG...that is another
issue. Perhaps a re-state is in order:
The PKCS11 specification is very clear on byte packing (1 byte), but
openssh does not even attempt to do so for anything besides Windows.
http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html#_Toc416959683
While the PKCS11 API is painful in it's original form, it is a very
simple matter to add a definition for the appropriate packed syntax,
and define it for the compiler, or rely on a pragma, such as the gcc
pragma pack.
This should at least be configurable at build time. Although many
implementations of PKCS11 on non-windows systems also do this, is that
really a good reason to ignore the standard? There really isn't a
standard at that point. This is especially troubling since the API
allows many places to fail.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list