Aleksey Sanin wrote:
Andrew,
First of all, please use xmlsec mailing list for any questions regarding xmlsec.
Otherwise, you messages have a very good chance to go to my trash (sorry,
I recieve too many spam).
Probably the simplest solution to your problem would be to have a special
NSS specific function "SetSlot" that will set slot in xmlSecNssEvpBlockCipherCtx
structure. Later on, xmlSecNssEvpBlockCipherCtxInit() would use either this
slot or call GetBestSlot(). This would change an internal xmlsec-nss structure
not visible to user and I don't see any backward compatibility problems.
Because the KeyData( Transform ) is intialized from an global list( xmlSecAllKeyDataIds/xmlSecAllTransformIds ), I can not forecast when and how the intiailization taken place, so I can not directly set slot in xmlSecNssEvpBlockCipherCtx in my application, some internal functions maybe swallow or ignore my settings in xmlSecNssEvpBlockCipherCtx .
I think, the way is set something global, such as the global PK11Slot, the function "SetSlot" and "GetSlot" access the global stuff in order to set or get a slot. xmlSecNssEvpBlockCipherCtxInit() , if GetSlot gets nothing, would use the GetBestSlot, otherwise, use the slot gotten by "GetSlot".
Global variable is not a good choice. Do you have any excellent suggestions?
Regards, Andrew
Aleksey
Andrew Fan wrote:
Hi Aleksey,
In the crypto engine implementation on NSS, you use the interface: PK11_GetBestSlot to initialize a slot( in cipher.c ). I think, if a Kalss, such as xmlSecNssAes128CbcKlass can accept a parameter( PK11SlotInfo* ), it'll be better. Because a user maybe want to use a particular slot instead of the default ones. PK11-GetBestSlot can not tie to a particular slot, I think.
If I correct, how can I feed the parameter( PK11SlotInfo* ) into a certain Klass?
Thanks & Regards, Andrew
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
