-
Bug
-
Resolution: Fixed
-
P3
-
6
-
None
-
b85
-
generic
-
generic
The special value CK_UNAVAILABLE_INFORMATION for some CK_ULONG fields is not handled correctly in 64-bit mode. PKCS#11 defines the types as:
typedef unsigned long int CK_ULONG;
#define CK_UNAVAILABLE_INFORMATION (~0UL)
This means that in 32-bit, CK_UNAVAILABLE_INFORMATION is
0xFFFFFFFF
but in 64-bit (LP64), it is
0xFFFFFFFFFFFFFFFF.
The problem is that we convert it to a Java long using a cast ((jlong)x) so we end up with either
0x00000000FFFFFFFF
or
0xFFFFFFFFFFFFFFFF
but in Java we always compare to 0x00000000FFFFFFFF.
The only known instance where this creates a problem is ulMaxSessionCount that is checked by the SessionManager, but the same problem exists in a couple of other places as well. (BTW, in Mustang the SessionManager already has a workaround for this particular issue, which was added as part of 6246411).
typedef unsigned long int CK_ULONG;
#define CK_UNAVAILABLE_INFORMATION (~0UL)
This means that in 32-bit, CK_UNAVAILABLE_INFORMATION is
0xFFFFFFFF
but in 64-bit (LP64), it is
0xFFFFFFFFFFFFFFFF.
The problem is that we convert it to a Java long using a cast ((jlong)x) so we end up with either
0x00000000FFFFFFFF
or
0xFFFFFFFFFFFFFFFF
but in Java we always compare to 0x00000000FFFFFFFF.
The only known instance where this creates a problem is ulMaxSessionCount that is checked by the SessionManager, but the same problem exists in a couple of other places as well. (BTW, in Mustang the SessionManager already has a workaround for this particular issue, which was added as part of 6246411).
- relates to
-
-
- Resolved
-