I have a need in the CRL cache to answer the following two questions : 1) between instants t1 and t2, has any new token been inserted ? (optionally: return which ones) 2) between instants t1 and t2, has any token been removed ? (optionally: return which ones) This question of course only applies to removable slots. I'm proposing new APIs that would look like the following : PK11SlotList* PK11_GetNewTokens(PK11TokenState* in, PK11TokenState** newstate) PK11SlotList* PK11_GetRemovedTokens(PK11TokenState* in, PK11TokenState** newstate); PK11_DestroyTokenState(PK11TokenState* in); PK11TokenState would be an opaque structure that would basically contain a slot list, along with a state and token series number. When calling PK11_GetNewTokens and PK11_GetRemovedTokens, one would get a list of new tokens were inserted or token that were removed. The first time one would call this, the input argument would be NULL, and one would get an opaque PK11TokenState structure returned, which could be used later for polling . It would be legal to do things like : PK11TokenState* newstate = NULL; PK11SlotList* alltokens = PK11_GetNewTokens(newstate, &newstate); /* starts with empty state - returns all tokens */ PK11TokenState* savedstate = newstate; newstate = NULL; /* do something here ... */ PK11SlotList* removedtokens = PK11GetRemovedTokens(savedstate, &newstate); /* were any tokens removed since state was saved ? Also get the new overall state */ PK11SlotList* newtokens = PK11GetNewTokens(savedstate, NULL); /* were any new tokens insertred since state was saved ? Don't need to save the new state since we just got it ...*/ This would be useful for any application that needs to be notified if certain new objects become available, as there is no blocking PKCS#11 call for that purpose. The application (in this case the CRL cache) could then simply check in each of the new slots if the needed object exists.
QA Contact: bishakhabanerjee → jason.m.reid
Assignee: wtchang → nobody
QA Contact: jason.m.reid → libraries
You need to log in before you can comment on or make changes to this bug.