OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Summary/Proposal: Use CK_UNAVAILABLE_INFORMATION with C_GetAttributeValue

So from our discussion, it seems that we can assume that for all real
world usages of PKCS#11: ~0UL == (CK_ULONG)-1

In addition most people have preferred the ~0UL representation to be
clearer and closer to the intent: A number with all bits set to one.

So here we go again. This is simplified down just using
CK_UNAVAILABLE_INFORMATION as the value set on attributes by
C_GetAttributeValue when an attribute cannot be returned.

No changes have been made since this was raised last, and now this
should be ready for vote.

Cheers,

Stef


9.4 Object Types

   o CK_ATTRIBUTE; CK_ATTRIBUTE_PTR

   ...

*** Paragraph to be added
|  The constant CK_UNAVAILABLE_INFORMATION is used in the ulValueLen
|  field to denote an invalid or unavailable value. See
|  C_GetAttributeValue for further details.


11.7 Object management functions

   o C_GetAttributeValue

   ...

*** Paragraph to be modified
   1. If the specified attribute (i.e., the attribute specified by the
      type field) for the object cannot be revealed because the object
      is sensitive or unextractable, then the ulValueLen field in that
|     triple is modified to hold the value CK_UNAVAILABLE_INFORMATION.

*** Paragraph to be modified
   2. Otherwise, if the specified value for the object is invalid (the
      object does not possess such an attribute), then the ulValueLen
      field in that triple is modified to hold the value
|     CK_UNAVAILABLE_INFORMATION.

*** Paragraph to be modified
   5. Otherwise, the ulValueLen field is modified to hold the value
|     CK_UNAVAILABLE_INFORMATION.

*** Paragraph to be modified
   In the special case of an attribute whose value is an array of
   attributes, for example CKA_WRAP_TEMPLATE, where it is passed in
   with pValue not NULL, then if the pValue of elements within the
   array is NULL_PTR then the ulValueLen of elements within the array
   will be set to the required length. If the pValue of elements within
   the array is not NULL_PTR, then the ulValueLen element of attributes
   within the array must reflect the space that the corresponding
   pValue points to, and pValue is filled in if there is sufficient
   room. Therefore it is important to initialize the contents of a
   buffer before calling C_GetAttributeValue to get such an array
   value. If any ulValueLen within the array isn't large enough, it will
|  be set to CK_UNAVAILABLE_INFORMATION and the function will return
   CKR_BUFFER_TOO_SMALL, as it does if an attribute in the pTemplate
   argument has ulValueLen too small. Note that any attribute whose
   value is an array of attributes is identifiable by virtue of the
   attribute type having the CKF_ARRAY_ATTRIBUTE bit set.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]