[Open Crypto Project] #44: Port PKCS11 library to RPC API

Open Crypto Project trac at cryptech.is
Sun May 15 19:44:37 UTC 2016

Previous message (by thread): [Open Crypto Project] #44: Port PKCS11 library to RPC API
Next message (by thread): [Open Crypto Project] #56: Trac Internal Error: AttributeError: 'NoneType' object has no attribute 'split'
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

#44: Port PKCS11 library to RPC API
-----------------------+---------------------------------------
  Reporter:  pselkirk  |      Owner:  sra
      Type:  task      |     Status:  accepted
  Priority:  critical  |  Milestone:  Alpha board DNSSEC signer
 Component:  HAL       |    Version:
Resolution:            |   Keywords:
Blocked By:            |   Blocking:
-----------------------+---------------------------------------

Comment (by sra):

 Sigh, failing hsmbully tests because hsmbully doesn't set `CKA_ID`.
 Which, apparently, is legal, if strange.  More generally, there does not
 appear to be **any** PKCS !#11 attribute which we can really depend upon
 being able to map to the libhal key name.  Feh.

 Perhaps the best approach would be to have libhal supply the "key name"
 instead of having the user do so.  In which case the key name would
 probably start looking more like an X.509 Subject Key Identifier (ie, a
 hash of the public key), perhaps with a few other bits thrown in if needed
 to break ties allowed by PKCS !#11.

--
Ticket URL: <https://trac.cryptech.is/ticket/44#comment:4>
Open Crypto Project <https://wiki.cryptech.is/>

Previous message (by thread): [Open Crypto Project] #44: Port PKCS11 library to RPC API
Next message (by thread): [Open Crypto Project] #56: Trac Internal Error: AttributeError: 'NoneType' object has no attribute 'split'
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Ticket-BCC mailing list