[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11] Define constants for (CK_ULONG)-1
On 5/10/2013 8:31 AM, Stef Walter wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As discussed earlier on the mailing list, following are the modifications to the specification to be made in order to define constants for (CK_ULONG)-1.
I went back and took a look at the source documents. The only place that this is used is as a return value of attribute length in C_GetAttributeValue to indicate which of the attributes are invalid. (I searched for '-1' and the only place I found it - other than SHA-1 and length-1 type constructs - was there).
So how about only CKL_INVALID_ATTRIBUTE = -1; (It's obviously not a CKR_ and I don't think its either of CKA_ or CKM_) Mike
In line with Peter's suggestion, three new constants are defined: CKA_INVALID CKM_INVALID CK_INVALID_LENGTH Since providing a clear diff of a docx file is challenging, I hope that the following format indicating which paragraphs should be added/replaced in which sections is sufficiently clear. Cheers, Stef 6.4 Object Types ... o CK_ATTRIBUTE_TYPE ... *** paragraph to be added | The constant CKA_INVALID is defined as an invalid attribute type. It | is equal to -1 (when cast to a CK_ULONG). Use of attribute with an | invalid type with any PKCS#11 function will result in a failure. o CK_ATTRIBUTE; CK_ATTRIBUTE_PTR ... *** paragraph to be added | The constant CK_INVALID_LENGTH is used to denote an invalid or | unavailable value in a CK_ATTRIBUTE. It is equal to -1 (when cast | to a CK_ULONG). See C_GetAttributeValue for further details. 6.5 Data types for mechanisms ... o CK_MECHANISM_TYPE; CK_MECHANISM_TYPE_PTR ... *** paragraph to be added | The constant CKM_INVALID is defined as an invalid or unknown | mechanism type. It is equal to -1 (when cast to a CK_ULONG). 7.7.2 Overview ... *** table row to be modified CKA_KEY_GEN_MECHANISM CK_MECHANISM_TYPE Identifier of the mechanism used to generate the key material. | (default CKM_INVALID) 8.7 Object management functions o C_GetAttributeValue ... *** paragraph to be modified 1. If the specified attribute (i.e., the attribute specified by the type field for the object cannot be revealed because the object is sensitive or unextractable, then the ulValueLen field in that | triple is modified to hold the value CK_INVALID_LENGTH. *** paragraph to be modified 2. Otherwise, if the specified value for the object is invalid (the object does not possess such an attribute), then the ulValueLen field in that triple is modified to hold the value | CK_INVALID_LENGTH. *** paragraph to be modified 5. Otherwise, the ulValueLen field is modified to hold the value | CK_INVALID_LENGTH. *** paragraph to be modified In the special case of an attribute whose value is an array of attributes, for example CKA_WRAP_TEMPLATE, where it is passed in with pValue not NULL, then if the pValue of elements within the array is NULL_PTR then the ulValueLen of elements within the array will be set to the required length. If the pValue of elements within the array is not NULL_PTR, then the ulValueLen element of attributes within the array must reflect the space that the corresponding pValue points to, and pValue is filled in if there is sufficient room. Therefore it is important to initialize the contents of a buffer before calling C_GetAttributeValue to get such an array value. If any ulValueLen within the array isn't large enough, it | will be set to CK_INVALID_LENGTH and the function will return CKR_BUFFER_TOO_SMALL, as it does if an attribute in the pTemplate argument has ulValueLen too small. Note that any attribute whose value is an array of attributes is identifiable by virtue of the attribute type having the CKF_ARRAY_ATTRIBUTE bit set. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlGM6KMACgkQe/sRCNknZa9AugCcDc9pU6qNTb62mDchXkPn1j2u az8AoN2lmSwLM9rVYTmmoklYaMFmTrEo =/G38 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe from this mail list, you must leave the OASIS TC that generates this mail. Follow this link to all your TCs in OASIS at: https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]