Re: gnome-keyring p11-unity [was: Re: Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED]

On 01/21/2011 11:10 PM, Stef Walter wrote:
> On 01/20/2011 11:16 AM, Stef Walter wrote:
>> That said, your concept has a lot of merit. The idea of a having a 
>> pkcs11 proxy module is a good one, which could solve refcounting
>> and other issues like a system configuration file. That is, without
>> a deamon. I'm going to play with the idea a bit and try out a proof
>> of concept.
> I've put together a PKCS#11 proxy module which loads other modules
> and manages them properly with refcounts as Joe suggested. It
> combines all the slots from the modules into one module with
> multiple slots. Currently it loads all the modules in /usr/lib/pkcs11
> but that's just because I haven't had a chance to implement a config
> system (based on discussion on this list). The name p11-unity was
> something that I found scribbled on Nikos and my discussion notes
> from a meeting last year.

I couldn't test because I get a segfault with that[0], but as an
idea, I like it because it works... I now understand the reasoning of
microsoft defining their own crypto module format instead of using PKCS #11.

==15939==    at 0x62A5116: readdir (readdir.c:45)
==15939==    by 0x6BC7387: initialize_registered_unlocked_reentrant
==15939==    by 0x6BC75B8: unity_C_Initialize (p11-unity.c:900)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]