[gnutls-devel] PKCS#11 generate random functionality

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Fri Oct 25 14:30:48 CEST 2013


On 10/25/2013 11:29 AM, Wolfgang Meyer zu Bergsten wrote:
> Hello,
> is there interest in including the random generator functionality of
> PKCS#11 tokens in GnuTLS? I would be happy to contribute the attached
> implementation. I tried my best to follow the GnuTLS coding standards
> and other conventions in the existing code.
> 
> The patch implements a new public function:
> int
> gnutls_pkcs11_token_get_random (const char *token_url,
>                                 size_t len,
>                                 gnutls_datum_t *rnddata)

Hello Wolfgang,
 It looks like a nice addition. However why not follow gnutls_rnd() and
just return the random data in a caller-provided buffer rather than an
allocated string? I think this would make things simpler. Also adding
the function into the GNUTLS_3_1_0 would be fine (instead of defining a
new GNUTLS_3_2_6).

regards,
Nikos




More information about the Gnutls-devel mailing list