[gnutls-devel] GnuTLS | [RFC]Add new API to fetch privkey type (!2074)

[Read-only notification of GnuTLS library development activities]

Ghadi Rahme created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/2074

Project:Branches: ghadi.rahme/gnutls:fix-p11tool-same-url to gnutls/gnutls:master
Author:   Ghadi Rahme



Added a new library API that allows fetching object type metadata for private keys.

Without this API call, there is no link between pkcs11 objects and private keys other than the URL.

However using the URL to retrieve the private key metadata is not reliable as multiple objects can share the same URL (see  #1467)

To fix this, retrieve private key metadata on object creation and call \`gnutls_pkcs11_get_privkey_type\` to retrieve the data in a usable format.

Looking for feedback on the addition of this new GnuTLS-Lib API before working tests.

Tested on Ubuntu 25.10. 

* p11tool: use object reference to list data

Closes #1467

Signed-off-by: Ghadi Elie Rahme ghadi.rahme at canonical.com

* lib/pkcs11.c: fix dangling pointer in pkcs11_read_pubkey

Fixes a dangling pointer affecting CKK_EC_EDWARD. if \_gnutls_pubkey_parse_ecc_eddsa_params or \_gnutls_ecc_curve_get_params fail, the cleanup section will be executed freeing tmpX and leaving the datum in pobj dangling.

Signed-off-by: Ghadi Elie Rahme ghadi.rahme at canonical.com

* lib/pkcs11: Add new API to fetch privkey type

Signed-off-by: Ghadi Elie Rahme ghadi.rahme at canonical.com

## Checklist

* [x] Commits have `Signed-off-by:` with name/author being identical to the commit author
* [x] Code modified for feature
* [ ] Test suite updated with functionality tests
* [ ] Test suite updated with negative tests
* [ ] Documentation updated / NEWS entry present (for non-trivial changes)

## Reviewer's checklist:

* [ ] Any issues marked for closing are addressed
* [ ] There is a test suite reasonably covering new functionality or modifications
* [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
* [ ] This feature/change has adequate documentation added
* [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2074
You're receiving this email because of your account on gitlab.com. Unsubscribe from this thread: https://gitlab.com/-/sent_notifications/3-5w8fo1sluqf8pnpgd0x9oraru/unsubscribe | Manage all notifications: https://gitlab.com/-/profile/notifications | Help: https://gitlab.com/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20260224/6cc4b4e9/attachment.html>