[xmlsec] xmlsec-nss patches from Sun( 2003-07-22 )

Aleksey Sanin aleksey@aleksey.com
Tue, 22 Jul 2003 08:14:08 -0700


Hi, Andrew!

I got the new files but I think your forgot to attach diffs for existing 
files.
Because right now these are just standalone files and nobody uses them :)

Aleksey


Andrew Fan wrote:

> Hi,
>
> This xmlsec-nss patch is based on the XMLSEC_NSS_030714 branch. It add 
> two new files in order to support end-user designated PKCS#11 slot 
> instead of useing the default NSS built-in ones( PK11_GetBestSlot ).
>
> Why I add the new interfaces:
> 1. NSS' function "PK11_GetBestSlot ", which will load all of the 
> internal built-in slots or all of the actived pkcs11 module's slots;
> 2. Some time, end user hopes that a certain crypto operation act in a 
> certain crypto device, especially in multi-crypto-devices environment.
> 3. Some time, a key generated from a certain slot, it only work in 
> that slot( such as RSA private key ). PK11_GetBestSlot can not ensure 
> this. In the case, end user can assign the specific slot with the new 
> interface.
>
> Here's the usage of the interfaces:
> 1. "xmlSecSetSlotList" is used to set the user designated slot list.
> 2. "xmlSecFreeSlot" is used to destroy the slot list repository.
> 3. When generate a new key, "xmlSecGetSlot" gives the user designated 
> slot;
> 4. If end user want to maintain the slot list repository, he can 
> access the repository with "xmlSecGetSlotList".
>
> Andrew
>
>  
>