Stef Walter stefw at redhat.com
Fri Jul 4 05:56:33 PDT 2014

On 25.06.2014 14:25, Nikos Mavrogiannopoulos wrote:
> Hello,
>  By mistake I came across a PKCS #11 URL that is like that:
> "pkcs11:model=SoftHSM;manufacturer=SoftHSM;serial=1;token=master-key;id=;object=;object-type=private"
> Note that id and object are empty. However using
> p11_kit_uri_get_attribute(), I cannot distinguish between a given but
> empty ID, and an ID that doesn't exist, as they are in both cases NULL.
> Would it make sense for p11_kit_uri_get_attribute() to distinguish
> between these two cases and return the empty string for that particular
> URL? My issue is that I was using the id and object fields as a way to
> perform sanity check on the URL provided by the user, but with this
> particular object I cannot distinguish between intentional empty ID and
> object, and not having these fields at all.

Hmmm, indeed. That seems broken. An attribute that doesn't exist should
cause p11_kit_uri_get_attribute() to return NULL. That's what the
documentation says:


Did you look into this further? Do you have a patch by chance?



More information about the p11-glue mailing list