Comments (3)
mheese
commented on June 16, 2024
Oh yeah! You are absolutely right... and I thought by now I know that standard by heart, and I could recite it in my sleep! ๐ ... I'm not sure how I missed such a fundamental part - in particular because I just read about it not too long ago in the v3.00 specifications (I somehow assumed it was new there).
We have a similar situation already here: https://github.com/mheese/rust-pkcs11/blob/master/src/lib.rs#L162 ... which is handled with what I believe you have in mind here https://github.com/mheese/rust-pkcs11/blob/master/src/lib.rs#L393, and then errors in the function call like this https://github.com/mheese/rust-pkcs11/blob/master/src/lib.rs#L1848
@ionut-arm is that what you have in mind? if yes, do you want to make a PR for this? I agree that making them optional is the right choice then. Additionally it would actually be great if one could find out the profile of a token as well.
from rust-pkcs11.
ionut-arm
commented on June 16, 2024
Actually...! We just realised that we had tested with your crate on a PKCS11 implementation that only supports part of the functions and it worked - this was some time before we noticed the Ctx constructor method. Looking in the spec, it actually says this for CK_FUNCTION_LIST:
Every function in the Cryptoki API MUST have an entry point defined in the Cryptoki libraryโs CK_FUNCTION_LIST structure. If a particular function in the Cryptoki API is not supported by a library, then the function pointer for that function in the libraryโs CK_FUNCTION_LIST structure should point to a function stub which simply returns CKR_FUNCTION_NOT_SUPPORTED.
The wording is a bit uncertain and could be interpreted both ways (for how the missing functions should be handled), but we can stick with the one more favourable to us.
So I guess this issue becomes a non-issue, you did know this by heart ๐
Apologies for the confusion. I think the functions that are added in subsequent revisions should definitely be placed in an Option, but I think you already cover all PKCS11 v2.x functions. v3 is a different matter
from rust-pkcs11.
mheese
commented on June 16, 2024
@ionut-arm feels kind of weird telling you to switch to the cryptoki crate ๐ ... as you obviously know by now I'm not maintaining this any longer. Life happened.... thanks for picking that up! And btw, if you guys want to take over ownership of the pkcs11 crate on crates.io, please let me know.
from rust-pkcs11.
Related Issues (17)
- About the safety of `CK_ATTRIBUTE::get_bytes` HOT 6
- Mutability compile errors HOT 2
- Crash on initialize HOT 7
- How to use it with a different SHM HOT 4
- Safety of types containing raw pointers and methods using them HOT 15
- Commit "Fix Windows x64 compatiblity" breaks MacOS HOT 7
- CK_ATTRIBUTE get_biginteger mixes up endianness HOT 4
- Disabling of compiler optimizations needed to prevent non-null `pReserved` when invoking `C_Initialize()`. HOT 2
- `ctx.open_session` against Luna Network HSM crashed with SIGSEGV HOT 2
- Unknown error code from `Ctx::new()` on ARMv7 when calling the PKCS#11 `C_GetFunctionList()` function. HOT 3
- Change `Ctx::generate_random` to take the buffer to be filled instead of generating the buffer from a given size HOT 1
- possible segmentation fault HOT 1
- Unsound transmute_copy in `attr_ck_long`, `get_date`, `attr_ck_ulong`
- Report as unmaintained? HOT 1
- latest code not available in https://crates.io/ HOT 7
- Ctx::new should take a &Path HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-pkcs11.