[prev in list] [next in list] [prev in thread] [next in thread]
List: gnutls-dev
Subject: Re: Fwd: LP#929108 support reading PIN from file when using PKCS#11 devices
From: Nikos Mavrogiannopoulos <nmav () gnutls ! org>
Date: 2012-04-16 18:22:35
Message-ID: 4F8C636B.3020307 () gnutls ! org
[Download RAW message or body]
On 04/16/2012 07:27 PM, Stef Walter wrote:
>> Maybe this can be mitigated by providing a sanitize_pkcs11_url()
>> function that would strip this field? Then programmers would be advised
>> to call this function for untrusted urls.
> Is the problem of PKCS#11 URIs from untrusted sources sufficiently
> understood? Until the problem and use cases are better understood, I
> would err on the side of discouraging any use of PKCS#11 URIs from
> untrusted sources.
Untrusted sources is quite difficult to define. Untrusted source
might also be the user in some application, so a sanitization might
be required for some applications.
>>> But for sanity's sake would we want to limit the size of the file that
>>> p11-kit will read in its p11_kit_pin_file_callback() handler?
>> Having a sanity check would also be good regardless of a url sanitize
>> function.
> 1MB be a good max sanity check size?
For a PIN? I'd use something like 256 bytes or so!
> Also, while we're on the topic, is the current behavior of reading the
> PIN file byte-for-byte verbatim what's generally expected?
Are there alternatives? PKCS #11 accepts a byte string anyway.
regards,
Nikos
_______________________________________________
Gnutls-devel mailing list
Gnutls-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/gnutls-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic