Comments (5)
Note: Please don't block an 0.3.0 release on this point.
from rust-cryptoki.
Minor update: I've modified our code to test if finalizing and re-initializing works with cryptoki
with the same benefit that I saw with the pkcs11
crate but I've run out of time for today and am not working tomorrow, so actual testing will have to wait until next week.
from rust-cryptoki.
I discovered that calling C_Finalize() and then C_Initialize() again would "flush" this cache and permit Krill to connect to the HSM without requiring a restart of Krill.
Hmmm, as far as I know, we call finalize
on the open context when it's dropped, and so our "public" version of finalize
just takes ownership of the context and drops it. Presumably what you'd need is a method that calls finalize
while allowing the user to keep ownership of the context?
from rust-cryptoki.
Yes, previously I could call finalize and still have the context and call initialize on it again, now I cannot do that. I expect I can change my code to be able to create a whole new context instance but if it's a valid pattern to finalize and re-initialize and if it is valid per the PKCS#11 spec and it actually has real world value then an alternate model that permits ownership to be retained might be good to have.
Have you not run in to this same issue yourselves?
from rust-cryptoki.
@ionut-arm: I've tested my changes and it seems to work, thanks!
from rust-cryptoki.
Related Issues (20)
- Underlying library access / vendor extensions HOT 5
- `#[hsm_test]` attribute/macro HOT 9
- Session Pool Management HOT 1
- Set homepage in GitHub project info HOT 1
- Missing constants for x86_64-unknown-linux-gnu HOT 6
- Function name as part of errors HOT 3
- CKA_PUBLIC_KEY_INFO getting TypeInvalid HOT 8
- Wrapper for C_WaitForSlotEvent HOT 5
- finalize() without drop()? HOT 1
- `clone()` and `is_initialized()` HOT 13
- bug: `is_fn_supported()` always returns `true` HOT 1
- UserNotLoggedIn calling decrypt after login.... HOT 5
- Signing and Verifying HOT 2
- PKCS OAEP padding always returns: Pkcs11(ArgumentsBad) HOT 3
- test slot::token_info::test::debug_info fails on 32-bit architectures. HOT 1
- Add Wycheproof-based tests
- Wasm support HOT 2
- session.login fails on MacOS Sonoma HOT 8
- New release? HOT 6
- PkcsOaepParams HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-cryptoki.