[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: Small inconsistencies of the OpenPGP API
From: |
Simon Josefsson |
Subject: |
[Help-gnutls] Re: Small inconsistencies of the OpenPGP API |
Date: |
Mon, 30 Oct 2006 13:41:38 +0100 |
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.90 (gnu/linux) |
address@hidden (Ludovic Courtès) writes:
> Hi,
>
> `gnutls_openpgp_key_get_pk_algorithm ()' currently returns an `int'
> while it should really return `gnutls_pk_algorithm_t'. Same for
> `privkey_get_pk_algorithm ()'.
Hi! Thanks, fixed in CVS.
> Also, `key_get_name ()' assumes that SIZEOF_BUF points to the size of
> BUF when it is invoked and uses that information to avoid buffer
> overflows; however, it does not modify *SIZEOF_BUF as one would expect
> to indicate the actual length of the name returned on success.
Fixed too, but please verify that it works OK.
> Conversely, `key_get_fingerprint ()' does not take into account the
> initial value of *FPRLEN (thus, it may write data past the end of FPR)
> but it does modify it on return to indicate the actual length of the
> fingerprint returned.
Here the problem is that cdk_pk_get_fingerprint doesn't take a length
parameter. I think a better solution here is to simply require that
key_get_fingerprint must get a buffer of at least 20 bytes in size.
Otherwise we would change the OpenCDK API/ABI, and that seems
unwarranted here. Fixed in CVS now.
> I think it would be best to both take into account the original value of
> these arguments _and_ modify them upon return to indicate the actual
> length of the element returned in both cases.
Right, although API/ABI concerns may trump this, I think.
Thanks,
Simon