p11_kit_uri_get_attribute

Stef Walter stefw at redhat.com
Fri Jul 4 06:54:14 PDT 2014


On 04.07.2014 15:42, Nikos Mavrogiannopoulos wrote:
> On Fri, 2014-07-04 at 14:56 +0200, Stef Walter wrote:
>> On 25.06.2014 14:25, Nikos Mavrogiannopoulos wrote:
>>> Hello,
>>>  By mistake I came across a PKCS #11 URL that is like that:
>>> "pkcs11:model=SoftHSM;manufacturer=SoftHSM;serial=1;token=master-key;id=;object=;object-type=private"
>>>
>>> Note that id and object are empty. However using
>>> p11_kit_uri_get_attribute(), I cannot distinguish between a given but
>>> empty ID, and an ID that doesn't exist, as they are in both cases NULL.
>>> Would it make sense for p11_kit_uri_get_attribute() to distinguish
>>> between these two cases and return the empty string for that particular
>>> URL? My issue is that I was using the id and object fields as a way to
>>> perform sanity check on the URL provided by the user, but with this
>>> particular object I cannot distinguish between intentional empty ID and
>>> object, and not having these fields at all.
>>
>> Hmmm, indeed. That seems broken. An attribute that doesn't exist should
>> cause p11_kit_uri_get_attribute() to return NULL. That's what the
>> documentation says:
> 
> I was wrong on that. My test for emptiness included a test on value_len,
> which was zero, and that's why I couldn't distinguish. I added a few
> test cases though.

Nice. Merged.

Stef



More information about the p11-glue mailing list