Aleksey Sanin wrote:
Hi, Andrew!
I got the new files but I think your forgot to attach diffs for existing files.
Because right now these are just standalone files and nobody uses them :)
I want to patch the branch step by step. If you agree that the new interfaces can take the place of "PK11_GetBestSlot" in other files. I'll modify them like pkikeys.c. Because they're standalone files, so I think there is no diffs. :-)
Today, I'll patch other files and I'll provide the diffs. :-)
Many Thanks, Andrew
Aleksey
Andrew Fan wrote:
Hi,
This xmlsec-nss patch is based on the XMLSEC_NSS_030714 branch. It add two new files in order to support end-user designated PKCS#11 slot instead of useing the default NSS built-in ones( PK11_GetBestSlot ).
Why I add the new interfaces:
1. NSS' function "PK11_GetBestSlot ", which will load all of the internal built-in slots or all of the actived pkcs11 module's slots;
2. Some time, end user hopes that a certain crypto operation act in a certain crypto device, especially in multi-crypto-devices environment.
3. Some time, a key generated from a certain slot, it only work in that slot( such as RSA private key ). PK11_GetBestSlot can not ensure this. In the case, end user can assign the specific slot with the new interface.
Here's the usage of the interfaces:
1. "xmlSecSetSlotList" is used to set the user designated slot list.
2. "xmlSecFreeSlot" is used to destroy the slot list repository.
3. When generate a new key, "xmlSecGetSlot" gives the user designated slot;
4. If end user want to maintain the slot list repository, he can access the repository with "xmlSecGetSlotList".
Andrew
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
