[Help-gnutls] gnutls_openpgp_privkey_import() behavior seems inconsistent depending on choice of "format" variable
Daniel Kahn Gillmor
dkg-debian.org at fifthhorseman.net
Thu Apr 3 22:47:48 CEST 2008
On Thu 2008-04-03 13:48:37 -0400, Nikos Mavrogiannopoulos wrote:
> This is not quite easy to fix since it depends on the internals of
> opencdk. As far as I remember opencdk auto detects the input data
> and acts accordingly. However in gnutls we specifically set the
> raw/base64 flag. An improvement I could think would be to check the
> data after the import in order to verify that import was successful.
>
> Does the attached patch solve the issue for you?
Thanks, Nikos. That's certainly an improvement -- i now get
GNUTLS_E_OPENPGP_GETKEY_FAILED when i try a privkey_import in RAW mode
but the incoming datum is BASE64-encoded. I think this patch should
be applied to the master branch.
However, i don't get any failures when i set format to
GNUTLS_OPENPGP_FMT_BASE64, whether the input is raw or not. In fact,
i can successfully import the key and use it regardless of the input
format as long as i've set format this way.
So: why bother with this parameter to privkey_import, since one
setting (FMT_BASE64) works no matter what kind of input you've got?
Why would anyone choose FMT_RAW?
The inconsistency between format flags is confusing and unpredictable
From the docs; and unpredictability is a property that's undesirable
in a library, no?
Thanks for all your work on this! It's exciting to see what the new
versions of GnuTLS make possible.
--dkg
PS no need to Cc me. I read the list!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
URL: </pipermail/attachments/20080403/c33b66ed/attachment.pgp>
More information about the Gnutls-help
mailing list