Closed nathanvda closed 12 years ago
Hi Nathan,
thanks for your response. That's is an open topic at the current todo list...
Current gem covers all v2.2 functions, constants and structs defined in the standard. For now, the only way is to define vendor attributes in your application and handle attribute values and structs as binary Strings. But this is not very convenient.
So yes, I would like to have the vendor specific additions in the pkcs11.gem or even better in pkcs11-safenet.gem.
There are several things to consider:
The way I think about is something like:
require "pkcs11" lib=PKCS11.load("mylib.so", {}, :safenet) # loads "pkcs11-safenet.gem" internally p PKCS11::Safenet.constants # => [CKA_EXPORTABLE, ...]
We are also working with safenet HSMs, so a better solution for vendor additions would be equally interesting for us.
The pkcs11_protect_server gem is out, so the issue is solved, now.
Hi,
we want to work with safenet specific attributes, like CKA_EXPORTABLE, CKA_PRIVATE, ... These attributes are now not defined inside this pkcs11 gem.
Is this something you would add to the pkcs11 gem? I mean: is this the logical place to define them (to me it seems so, but i am not sure). If so, i will fork and add the definitions. Or do you think should we keep them to our own program? (as these are vendor-specific and the rest of the gem is generic).
We foresee to be working with a few different HSM's so i expect to add a few vendor-specific attributes. I think it would be useful to add them here, but not sure how you feel. I could also define inside our own program or inside a specific gem (an extension).
What is your opinion?