The error code CKR_BUFFER_TOO_SMALL does not seem to be the correct return value when the attribute value length in a template is in error. The PKCS#11 spec states:
CKR_BUFFER_TOO_SMALL: The output of the function is too large to fit in the supplied buffer. CKR_ATTRIBUTE_VALUE_INVALID: An invalid value was specified for a particular attribute in a template. See Section 10.1 for more information. I think CKR_ATTRIBUTE_VALUE_INVALID should be used here. Also for the original bug 6660315, C_GenerateKeyPair() should not fail with CKR_BUFFER_TOO_SMALL as it is not an applicable error code to that function. The rest of change looks good to me. Hai-May Anthony Scarpino wrote: > Hi, > > I need a code review of: > > 6739502 attribute value length checking not always happening in softtoken > > http://cr.opensolaris.org/~izick/attrlen/ > > thanks > > Tony > _______________________________________________ > crypto-discuss mailing list > crypto-discuss at opensolaris.org > http://mail.opensolaris.org/mailman/listinfo/crypto-discuss >
