On Tue, 27 Apr 2021 18:36:28 GMT, Valerie Peng <[email protected]> wrote:
>> src/jdk.crypto.cryptoki/share/native/libj2pkcs11/p11_objmgmt.c line 252:
>>
>>> 250:
>>> 251: if (rv != CKR_OK) {
>>> 252: if (rv == CKR_ATTRIBUTE_SENSITIVE || rv ==
>>> CKR_ATTRIBUTE_TYPE_INVALID) {
>>
>> According to the PKCS#11v2.40 spec, `CKR_BUFFER_TOO_SMALL` should be handled
>> in the same special ways as these too (in that it isn't a "true error").
>
> For this particular call, the pValue field is null, it's meant to query the
> exact length of the specified attribute. Thus, CKR_BUFFER_TOO_SMALL should
> not be returned.
> Afterwards, we then allocate the buffer based on this queried result, so
> CKR_BUFFER_TOO_SMALL should also not occur.
> So, based on the current API usage, CKR_BUFFER_TOO_SMALL should not happen.
All my concerns are addressed then. So, while my review doesn't count towards
acceptance of this change, everything LGTM.
-------------
PR: https://git.openjdk.java.net/jdk/pull/3709
