gnome-keyring Gnome keyring refactoring
- From: Stef <stef-list memberwebs com>
- To: gnome-keyring-list gnome org
- Subject: gnome-keyring Gnome keyring refactoring
- Date: Thu, 8 Jan 2009 20:55:55 +0000 (UTC)
A heads up ... There's a major refactoring afoot in the gnome-keyring
sources. This is to make them more hackable and testable, and hopefully
encourage more participation.
INDIVIDUAL PKCS#11 MODULES
- ssh-store (exposes ~/.ssh/ keys as a PKCS#11 module)
- roots-store (exposes /etc/ssl/certs/ as a PKCS#11 module)
- user-store (user writable key and certificate store)
The above are individually testable, and don't integrate with the rest
of the daemon. Integration comes in layers above.
OTHER PKCS#11 LAYERS
- rpc-layer (the module that 'remotes' PKCS#11 to the daemon)
- auth-layer (integrates with the daemon, for password auth caching)
- plex-layer (combines multiple PKCS#11 module into one)
Again these are individually testable, hackable, with only the
auth-layer actually being bound to gnome-keyring-daemon.
- ssh-agent (Exposes openssh agent ontop of a PKCS#11 module)
Much of the above coding is complete, and I've just integrated the
following components into the daemon: ssh-agent, ssh-store, auth-layer
More commits and integration to come over the next couple weeks. I'll
also be working on documenting our gnome-keyring stack and it's various
parts in more detail.
] [Thread Prev