On 06/09/2011 09:37 PM, Stef Walter wrote: > I'm working on integrating smart card support via PKCS#11 into glib and > gcr (part of gnome-keyring). We're integrating with GnuTLS for TLS support. > > I'd like to be able to do a C_Login in my code, and then pass off the > URL to Gnutls. GnuTLS would then open another session, recognize that > we're already logged in (this may need a slight tweak in the gnutls > code) and then proceed without prompting the user.
After sleeping on this idea, I realized it won't work in certain cases. In particular when the key has CKA_ALWAYS_AUTHENTICATE and requires C_Login with CKU_CONTEXT_SPECIFIC. > The reason for this is that the gnutls callback for prompting the user > to login is a global one, and hard to use from another library without > assuming that the caller is the only gnutls consumer. I'll instead propose a patch to gnutls which associates the login callback with the private key. Cheers, Stef _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
