[RFE] Bad module with C_GetInterface returning 0x54 - fallback to C_GetFunctionList

[space88man]

p11-kit: call to C_GetInterface failed in module: /usr/lib64/pkcs11/../../lib/libCryptoki2_64.so: This operation is not supported

I have a module that exports C_GetInterfaceList and C_GetInterface and returns 0x54, so p11-kit-proxy will error out.

RFE: In this case could we still fallback to C_GetFunctionList like pkcs11-spy or make this configurable.

The module works when wrapped by pkcs11-spy, though which seems to be more forgiving.

The module in question is Luna HSM v10.5.

When p11-kit calls C_GetInterface it checks for CKR_OK, perhaps it could also check for CKR_FUNCTION_NOT_SUPPORTED and bail out to C_GetFunctionList in that case.

[ZoltanFridrich]

Thank you for the RFE. Perhaps there could be a fallback to C_GetFunctionList in case C_GetInterface is not supported. We will look into it.

[ZoltanFridrich]

This has been done in https://github.com/p11-glue/p11-kit/pull/622