Closed Bug 1512475 Opened 6 years ago Closed 5 years ago

Have a new PKCS11 token impl to do synchronous IPC with private keys on the parent process

Categories

(Core :: Security: PSM, enhancement)

enhancement
Not set
normal

Tracking

()

RESOLVED WONTFIX
Tracking Status
firefox65 --- affected

People

(Reporter: mayhemer, Assigned: kershaw)

References

(Blocks 1 open bug)

Details

Client authentication is going to be processed on the socket process/socket thread. But private keys are physically present only on the parent process. All operations are made via the PKCS11 module API, synchronously, using only a handle to the private key. If we do the call and the processing (on the target process) both on background threads (socket -> worker pool/socket) we are fine to do this synchronously. The operation should only be a calculation w/o any possibility to deadlock.
Blocks: 1484751
Summary: Have a new PKCS11 module to do synchronous IPC with private keys on the parent process → Have a new PKCS11 token impl to do synchronous IPC with private keys on the parent process
Depends on: 1512478
Assignee: nobody → kershaw

In bug 1512478, we can serialize/deserialzie the private key and use it on socket process successfully. So, I think we might not need this bug.
I actually not really understand what is the goal of this bug and what need to do.
Dana, what do you think?

Flags: needinfo?(dkeeler)

Yeah, I don't think we need this bug now.

Status: NEW → RESOLVED
Closed: 5 years ago
Flags: needinfo?(dkeeler)
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.