Closed
Bug 128172
Opened 23 years ago
Closed 22 years ago
function to convert a session key to a token key
Categories
(NSS :: Libraries, enhancement, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.6
People
(Reporter: jamie-bugzilla, Assigned: jamie-bugzilla)
References
Details
Attachments
(1 file, 1 obsolete file)
3.43 KB,
patch
|
rrelyea
:
review+
|
Details | Diff | Splinter Review |
In the JCA model, whenever you generate a keypair, the keys are temporary objects. Not until you store them do they become permanent. I already have the ability to create temporary (session) keys. Now I need a way to convert a session key to a token key. This would do a C_CopyObject on the key while modifying the CKA_TOKEN attribute to be TRUE.
Assignee | ||
Updated•23 years ago
|
Target Milestone: --- → 3.4
Assignee | ||
Comment 1•23 years ago
|
||
These are the functions I had in mind. I haven't tested them yet. But do they look OK, generally? Since they are new functions, not modifying existing code, adding them would be very low risk, right?
Comment 2•23 years ago
|
||
Yes, adding new functions that do not modify existing code would be low risk. You just need to verify that they work. Bob, if you think it's ok to add these two functions and you have reviewed the patch, I can take care of the mechanical part.
Assignee | ||
Comment 3•23 years ago
|
||
Actually, I can do the work as long as you guys approve of the changes.
Assignee: relyea → nicolson
Comment 4•23 years ago
|
||
I don't have any problem. I do have some comments on the code: 1) we probably should preserve wincx from the source key/private key. 2) I don't think we have ever tested copy object, at least for copying to token objects. I think it should work (as long as it is calling handle object at the bottom). bob
Updated•23 years ago
|
Priority: -- → P1
Assignee | ||
Comment 5•22 years ago
|
||
We can add a symmetric key, but it doesn't show up because of 130699, so it's not useful. I'm adding 130699 as a blocker of this bug.
Depends on: 130699
Comment 7•22 years ago
|
||
Changed the QA contact to Bishakha.
QA Contact: sonja.mirtitsch → bishakhabanerjee
Comment 10•22 years ago
|
||
Bob, could you work with Jamie to decide whether his patch can be checked in in the 3.6 timeframe?
Comment 11•22 years ago
|
||
Yes, he should check in his patch in the 3.6 time frame. It would also be good to test the patch to make sure it actually works, but I wouldn't hold 3.6 up in the failure case. bob
Assignee | ||
Comment 12•22 years ago
|
||
Improved patch. Includes the header file and nss.def changes. Also, we need to get a RW session before we can create a new token object.
Attachment #71794 -
Attachment is obsolete: true
Updated•22 years ago
|
Attachment #100344 -
Flags: review+
Comment 13•22 years ago
|
||
Comment on attachment 100344 [details] [diff] [review] updated patch Looks good
Assignee | ||
Comment 14•22 years ago
|
||
Checked in on trunk. /cvsroot/mozilla/security/nss/lib/nss/nss.def,v <-- nss.def new revision: 1.84; previous revision: 1.83 /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11func.h,v <-- pk11func.h new revision: 1.34; previous revision: 1.33 /cvsroot/mozilla/security/nss/lib/pk11wrap/pk11skey.c,v <-- pk11skey.c new revision: 1.56; previous revision: 1.55
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•