Compare trimmed token serial numbers (PKCS11 provider)

Fixes: parallaxsecond#615 Signed-off-by: Mohamed Omar Asaker <mohamed.omarasaker@arm.com>
mohamedasaker-arm · Jul 20, 2022 · 5b9d656 · 5b9d656
1 parent 8d8bbe9
commit 5b9d656
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/config.toml b/config.toml
@@ -152,6 +152,7 @@ key_info_manager = "sqlite-manager"
 #library_path = "/usr/local/lib/softhsm/libsofthsm2.so"
 # (Optional) PKCS 11 serial number of the token that will be used by Parsec.
 # If the token serial number is entered, then the slot that has the provided serial number will be used. Otherwise, if both `serial_number` and `slot_number` are given but do not match, a warning is issued and serial number takes precedence.
+# Note: Matching the serial_number done after trimming the leading and trailing whitespaces for serial numbers shorter than 16 charachter.
 #serial_number = "0123456789abcdef"
 # (Optional) PKCS 11 slot that will be used by Parsec If Token serial number is not entered. i.e, serial_number is preferred
 # If the slot number is not entered and there is only one slot available - with a valid token - it will be automatically used

diff --git a/src/providers/pkcs11/mod.rs b/src/providers/pkcs11/mod.rs
@@ -524,7 +524,7 @@ impl ProviderBuilder {
                             format_error!("Failed parsing token serial number", e);
                             Error::new(ErrorKind::InvalidData, "Failed parsing token serial number")
                         })?;
-                    if sn == serial_number {
+                    if sn.trim() == serial_number.trim() {
                         slot = Some(current_slot);
                         break;
                     }