[Help-gnutls] Re: Small inconsistencies of the OpenPGP API
jas at extundo.com
Mon Oct 30 13:41:38 CET 2006
ludovic.courtes at laas.fr (Ludovic Courtès) writes:
> `gnutls_openpgp_key_get_pk_algorithm ()' currently returns an `int'
> while it should really return `gnutls_pk_algorithm_t'. Same for
> `privkey_get_pk_algorithm ()'.
Hi! Thanks, fixed in CVS.
> Also, `key_get_name ()' assumes that SIZEOF_BUF points to the size of
> BUF when it is invoked and uses that information to avoid buffer
> overflows; however, it does not modify *SIZEOF_BUF as one would expect
> to indicate the actual length of the name returned on success.
Fixed too, but please verify that it works OK.
> Conversely, `key_get_fingerprint ()' does not take into account the
> initial value of *FPRLEN (thus, it may write data past the end of FPR)
> but it does modify it on return to indicate the actual length of the
> fingerprint returned.
Here the problem is that cdk_pk_get_fingerprint doesn't take a length
parameter. I think a better solution here is to simply require that
key_get_fingerprint must get a buffer of at least 20 bytes in size.
Otherwise we would change the OpenCDK API/ABI, and that seems
unwarranted here. Fixed in CVS now.
> I think it would be best to both take into account the original value of
> these arguments _and_ modify them upon return to indicate the actual
> length of the element returned in both cases.
Right, although API/ABI concerns may trump this, I think.
More information about the Gnutls-help