On Tue, 2016-12-06 at 13:44 +0100, Jakub Jelen wrote: > > > > They don't, in fact, have different URIs. If I add a .module > > > > file for > > > > ykcs11.so, I get the attached output for p11tool --list-tokens. > > > > > > You forgot to attach it :) > > > > Let's try again. :) > > I suspect the problem is related to the issue #98 on github [1] > already > fixed in git, but not yet released. The PKCS#11 module returns a > very > weird results at this point: > > 239: C_GetSlotList > 2016-12-06 13:15:19.158 > [in] tokenPresent = 0x1 > [out] pSlotList: > Slot 0 > Slot -1 > [...garbage values ...] > [out] *pulCount = 0x30 > Returned: 0 CKR_OK > > I would pull the module to p11-kit no earlier than this will get > fixed. > > Also the duplicate keys might be related to the issue #101 [2]. The > returned values might be really different objects, bug Yubico is > unable > to get the serial from them. This module might be good enough for > yubico-piv-tool, but I am not sure if for other use cases (p11-kit > and system-wide querying). It makes sense not to register incomplete or modules applicable to a single application (internal) system-wide. I've updated the proposed guidelines to say: "Any package in Fedora containing a PKCS#11 provider module, intended to be used outside this package, must be registered with p11-kit. " [0]. regards, Nikos [0]. https://fedoraproject.org/wiki/PackagingDrafts/Pkcs11Support _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
