Re: gnome-keyring p11-unity [was: Re: Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED]
- From: Nikos Mavrogiannopoulos <nmav gnutls org>
- To: Stef Walter <stefw collabora co uk>
- Cc: gnome-keyring-list gnome org
- Subject: Re: gnome-keyring p11-unity [was: Re: Multiple libraries using PKCS#11 modules and CKR_ALREADY_INITIALIZED]
- Date: Sun, 23 Jan 2011 17:04:12 +0100
On 01/21/2011 11:10 PM, Stef Walter wrote:
> On 01/20/2011 11:16 AM, Stef Walter wrote:
>> That said, your concept has a lot of merit. The idea of a having a
>> pkcs11 proxy module is a good one, which could solve refcounting
>> and other issues like a system configuration file. That is, without
>> a deamon. I'm going to play with the idea a bit and try out a proof
>> of concept.
>
> I've put together a PKCS#11 proxy module which loads other modules
> and manages them properly with refcounts as Joe suggested. It
> combines all the slots from the modules into one module with
> multiple slots. Currently it loads all the modules in /usr/lib/pkcs11
> but that's just because I haven't had a chance to implement a config
> system (based on discussion on this list). The name p11-unity was
> something that I found scribbled on Nikos and my discussion notes
> from a meeting last year.
I couldn't test because I get a segfault with that[0], but as an
idea, I like it because it works... I now understand the reasoning of
microsoft defining their own crypto module format instead of using PKCS #11.
[0].
==15939== at 0x62A5116: readdir (readdir.c:45)
==15939== by 0x6BC7387: initialize_registered_unlocked_reentrant
(p11-unity.c:270)
==15939== by 0x6BC75B8: unity_C_Initialize (p11-unity.c:900)
regards,
Nikos
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
