[gnutls-devel] PKCS#11 generate random functionality

Wolfgang Meyer zu Bergsten w.bergsten at sirrix.com
Fri Oct 25 15:23:43 CEST 2013

Hello Nikos,
thank you for the review!

On 10/25/2013 02:30 PM, Nikos Mavrogiannopoulos wrote:
> On 10/25/2013 11:29 AM, Wolfgang Meyer zu Bergsten wrote:
>> The patch implements a new public function:
>> int
>> gnutls_pkcs11_token_get_random (const char *token_url,
>>                                 size_t len,
>>                                 gnutls_datum_t *rnddata)
> Hello Wolfgang,
>  It looks like a nice addition. However why not follow gnutls_rnd() and
> just return the random data in a caller-provided buffer rather than an
> allocated string? I think this would make things simpler. 

That was actually my first implementation. Then I looked at the other
PKCS#11 functions, and there the returned data was allocated in gnutls,
so I thought I should be doing this as well.

Changed in the appended patch to the proposed interface. New Interface:

gnutls_pkcs11_token_get_random (const char* token_url,
                                void* data,
                                size_t len);

> Also adding
> the function into the GNUTLS_3_1_0 would be fine (instead of defining a
> new GNUTLS_3_2_6).



Sirrix AG security technologies                 http://www.sirrix.com
Dipl.-Ing. Wolfgang Meyer zu Bergsten    eMail: w.bergsten at sirrix.com
Tel: +49 (234) 610071-131                   Fax: +49 (234) 610071-531

Vorstand: Ammar Alkassar (Vors.), Christian Stüble, Markus Bernhammer
Vorsitzender des Aufsichtsrates: Dipl.-Ing. Harald Stöber
Sitz der Gesellschaft: Homburg/Saar, HRB 3857 Amtsgericht Saarbrücken

This message may contain confidential and/or privileged information. If
you are not the addressee, you must not use, copy, disclose or take any
action  based on this message or any  information  herein.  If you have
received this message in error, please advise the sender immediately by
reply e-mail and delete this message.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-get-random-data-from-pkcs-11-tokens.patch
Type: text/x-patch
Size: 4253 bytes
Desc: not available
URL: </pipermail/attachments/20131025/e15f0502/attachment.bin>

More information about the Gnutls-devel mailing list