Bug #12857: PKCS#11 should be more specific about invalid key handles - illumos gate - illumos

Actions

Copy link

Bug #12857

open

PKCS#11 should be more specific about invalid key handles

Added by Jason King over 3 years ago.

Status:

New

Priority:

Normal

Assignee:

Jason King

Category:

lib - userland libraries

Start date:

Due date:

% Done:

Estimated time:

Difficulty:

Medium

Tags:

Gerrit CR:

External Bug:

Description

PKCS#11 defines several errors that deal with invalid object handles:

CKR_OBJECT_HANDLE_INVALID
CKR_KEY_HANDLE_INVALID
CKR_UNWRAPPING_KEY_HANDLE_INVALID
CKR_WRAPPING_KEY_HANDLE_INVALID

The standard also defines that errors are allowed for a given PKCS#11 function. To summarize them, as the error values suggest, arguments that are supposed to be key objects should return CKR_KEY_HANDLE_INVALID if the handle is invalid. When C_{Unwrap,Wrap}Key() is called CKR_{UN}WRAPPING_KEY_HANDLE_INVALID should be returned when the (un)wrapping key object handle is invalid (C_WrapKey() takes two key handle arguments, so this allows disambiguation on error).

No data to display

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

illumos gate

Custom queries

Bug #12857

PKCS#11 should be more specific about invalid key handles