+1 yes of course then it is a very good solution:
- it provides the legacy OASIS definitions with all the C_*
- anyone that is fine with your shortcut can leverage them.
I am ready for a code review of your C_* as soon as you'll get them.
Best regards,
Vincent
Le 16 août 2020 18:42:04 Guillaume Amringer <g.amrin...@gmail.com> a écrit :
So what do you think of this suggestion:
I keep the OO API as-is, but I add the C_* functions as methods of the
Pkcs11\Module object.
Example 1:
$module->C_GetSlotList() would be an alias of $module->getSlotList()
Example 2:
$session = $module->C_OpenSession($slotList[0], Pkcs11\CKF_RW_SESSION);
$module->C_Login($session, Pkcs11\CKU_USER, '123456' );
would be the same as
$session = $module->openSession($slotList[0], Pkcs11\CKF_RW_SESSION);
$session->login(Pkcs11\CKU_USER,'123456');
Guillaume Amringer
https://keybase.io/gamr
https://www.linkedin.com/in/guillaumeamringer
https://github.com/gamringer
On Sun, Aug 16, 2020 at 3:27 AM Vincent Jardin <vjar...@free.fr> wrote:
Hi Guillaume,
I agree with you that PECL is the best way to move forward. Nevertheless
looking at the API I get more and more concern about the differences with
the functional OASIS/pkcs11 definitions that is a standard for years and
yours knowing it shall become a PECL and mainstream reference.
Having an object oriented model is a good idea, but you should highlight
that it is not the standard pkcs11 API that we can refer to when one needs
to understand the behaviors: more comments about your visions as part of
the README would help.
That's why for a PECL project I would like your PHP extension to be named
with a prefix or suffix that reminds that it is not the legacy pkcs11
mapped to PHP. For instance the names could be:
php-op11 (o = object),
php-cp11 (c = class),
etc./TBD
Best regards,
Vincent
Le 16 août 2020 05:32:45 Guillaume Amringer <g.amrin...@gmail.com> a écrit :
Hi,
I worked on my pkcs11 extension some more, and I believe it is ready for at
least a 0.1 release. I have addressed the memory management issues and
implemented the remaining important features.
According to the PECL registration form, I need to obtain determination
that "it's time for me to have a PECL account".
Does that sound like the next step ? Also, feel free to provide more
commentary on my work if you think it is pertinent.
Guillaume Amringer
https://keybase.io/gamr
https://www.linkedin.com/in/guillaumeamringer
https://github.com/gamringer
On Tue, Jul 21, 2020 at 10:38 PM Guillaume Amringer <g.amrin...@gmail.com>
wrote:
Hi all,
Thanks for the feedback. I was mostly concerned with the happy path at
first, fixing memory management was on my list, but given it's the
recurring comment, I am starting on that now. This is my first real C
project, so your criticism is welcome.
Regarding the API, I can't simply expose the same API as the definition,
since at least, there won't be the need to pass the various argument
lengths in PHP land. Since I was going to change the API anyway, I thought
it best to use the recommended code convention for class and method names.
It is also in line with other languages PKCS11 implementations. One
compromise I think is appropriate would be to provide the vanilla API as
functions (as they are) taking a Pkcs11\Session object as the session
handler. and leave it up to the user to choose how to use it. @vjardin,
what do you think ?
Regarding
C_GetAttributeValue() return code, this is more of a design choice, since I
absolutely despise passing a variable reference to be filled by the method,
returning a partial result, along with an explanation would require some
hoop jumping. Not impossible, but worth thinking it over. What I see is
returning a new AttributeSet object, with isComplete(): bool (true if
CKR_OK, false otherwise), and getError() returning the code. Not married to
it though, I am open to suggestions.
https://python-pkcs11.readthedocs.io/en/latest/applied.html
https://godoc.org/github.com/miekg/pkcs11
Thank you for taking the time to comment.
Guillaume Amringer
https://keybase.io/gamr
https://www.linkedin.com/in/guillaumeamringer
https://github.com/gamringer
On Mon, Jul 20, 2020 at 3:46 PM <vjar...@free.fr> wrote:
Hi Guillaume,
same comments than Johannes, ecalloc()/efree()/emalloc() should be used.
Since they are many crypto sensitive contents, only ecalloc() should be
used (no emalloc()).
Regarding the Oasis' semantic, I feel that it is important to keep it "as
is" so the vanilla documentation would be the upstream Oasis PKCS11 standard.
It means, for instance:
getInfo() -> C_GetInfo()
It is nice to have some sign() methods in order to avoid combining
C_SignInit() + C_Sign(), but they are some cases when we need to stick with
the Oasis' specifications, so I believe that
C_SignInit()
C_VerifyInit()
C_FindObjectsInit()
C_FindObjectsFinal()
etc.
should still be exposed per the Oasis' specification, along having some
nice sign(), verify(), etc. methods too.
Regarding:
C_GetAttributeValue()
it has many "OK" cases:
See Oasis' comments:
"Note that the error codes CKR_ATTRIBUTE_SENSITIVE,
CKR_ATTRIBUTE_TYPE_INVALID, and CKR_BUFFER_TOO_SMALL do not denote true
errors for C_GetAttributeValue. If a call to C_GetAttributeValue returns
any of these three values, then the call MUST nonetheless have processed
every attribute in the template supplied to C_GetAttributeValue. Each
attribute in the template whose value can be returned by the call to
C_GetAttributeValue will be returned by the call to C_GetAttributeValue."
my 2 cents,
Vincent
----- Mail original -----
De: "Johannes Schlüter" <johan...@schlueters.de>
À: "Guillaume Amringer" <g.amrin...@gmail.com>, "pecl-dev"
<pecl-dev@lists.php.net>
Envoyé: Lundi 20 Juillet 2020 14:55:33
Objet: Re: [PECL-DEV] PKCS11 Extension
Hi,
On Sun, 2020-07-19 at 22:33 -0400, Guillaume Amringer wrote:
The extension is currently hosted here:
https://github.com/gamringer/php-pkcs11
I scrolled over it without much attention (thus probably missed other
issues) a few comments to this line I noticed:
pSlotList = (CK_SLOT_ID_PTR) malloc(ulSlotCount * sizeof(CK_SLOT_ID));
https://github.com/gamringer/php-pkcs11/blob/master/pkcs11.c#L300
1. The return value of malloc() is not checked. If the system runs out
of memory (OOM) or for some other reason can't return a memory block
this will return NULL and then lead to undefined behavior later.
(unlikely on today's systems, but might happen)
2. emalloc should be used instead of malloc. For one it counts towards
PHP's memory_limit, ten it also ensures the memory is freed if
something weird happens by the end of the request, thus reduces risk
of memory leaks and it fixes point 1. by terminating the request in
an OOM situation.
3. ulSlotCount * sizeof(CK_SLOT_ID) could eventually overflow. Better
use
safe_emalloc(ulSlotCount, sizeof(CK_SLOT_ID), 0)
this
calculates
ulSlotCount * sizeof(CK_SLOT_ID) + 0
in a overflow-safe
way and errors out in case of a problem.
johannes
--
PECL development discussion Mailing List (https://pecl.php.net/)
To unsubscribe, visit: https://www.php.net/unsub.php