Some compatibility issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Todd sent me a trace of his session. We have found two issues with
coolkey PKCS#11 provider.

1. Metadata

I can see that C_GetTokenInfo returns empty fields for most of the
fields (manufacturerId, model, serialNumber). I guess because NULL

This is highly none standard!

These fields must not be empty, each provider should put its signature
in these fields to allow distinguish between providers and tokens.

Please make it return something logical.

2. Threading/multiprocess

The following sequence should be valid with PKCS#11 (explicitly stated
by standard):

Given A, B processes.

A.1. C_Initialize ()
A.2. <do whatever>
A.3. fork()
B.1 C_Initialize () /* REQUIRED by standard, C_Initialize () after fork() */
B.2 C_Finalize () /* We don't need PKCS#11 in this process */
B.3 <continue not using token>
A.4 <continue using token>

From some strange reason the sequence in the child process causes the
parent to fail interaction with the token.

Please make this sequence work, it is very important as child must not
affect its parent.
The simplest solution would be to store getpid () result at
C_Initialize() an compare it in sequence C_Initialize () calls, if it
is different, first clean up state and start fresh.

Best Regards,
Alon Bar-Lev.

Coolkey-devel mailing list

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Women]

  Powered by Linux