[opensc-devel] Do smart card drivers generally support more than one PKCS#11 session?
Stef Walter
stefw at collabora.co.uk
Thu Jun 9 13:17:45 PDT 2011
On 06/09/2011 10:11 PM, Alon Bar-Lev wrote:
> Yes.
> Most [usable] providers support this.
Good to hear.
> Although there are different issues to solve in your case, such as
> calling twice to C_Initialize, not calling C_Finalize if C_Initialize
> returned with already initialized.
This is what p11-kit [1] solves. Gnutls now uses p11-kit for its PKCS#11
access. As you note, there must be a coordinator between multiple users
of a PKCS#11 module within a single process, even if these consumers do
not wish to interact in any way. [2]
> I am not sure who OpenSC provider in lock mode [secured] will
> behave...
I'm not familiar with that. Is this an extension to the PKCS#11 spec?
Cheers,
Stef
[1] http://p11-glue.freedesktop.org/p11-kit.html
[2] http://p11-glue.freedesktop.org/doc/p11-kit/sharing.html
More information about the p11-glue
mailing list