Project

General

Profile

Actions

Bug #9876

closed

Move crypto2pkcs11_error_number to libcryptoutil

Added by Jason King over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
lib - userland libraries
Start date:
2018-10-08
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:

Description

Upstream of Joyent OS-6619

Currently, pkcs11_kernel.so (the PKCS#11 wrapper for the kernel crypto driver) has a function crypto2pkcs11_error_number which maps KCF error values (CRYPTO_xx) to PKCS#11 error values (CKM_xx). Since the code in usr/src/common/crypto and thus libsofttoken all use the KCF error values, it would be useful to move this function to a more common location. It could also prove useful with the crypto tests as well for similar reasons.
The pkcs11_kernel implementation is currently a strictly internal function to pkcs11_kernel and not exported in it's map file, so there should be no API or ABI concerns with moving it.
The most sensible place would be libcryptoutil. It is designed (at least from appearances) to be an assistive library for crypto (and especially PKCS#11) related bits in the system. It is considered a private library (all functions are exported as SUNWprivate), and at least for the time being, would be kept that way in libcryptoutil.

Actions #1

Updated by Electric Monk over 2 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

git commit cc543d0f9e35a75cc302a4cb152756d233299564

commit  cc543d0f9e35a75cc302a4cb152756d233299564
Author: Jason King <jason.king@joyent.com>
Date:   2018-10-15T15:36:58.000Z

    9876 Move crypto2pkcs11_error_number to libcryptoutil
    Reviewed by: Dan McDonald <danmcd@joyent.com>
    Reviewed by: Igor Kozhukhov <igor@dilos.org>
    Reviewed by: Andy Fiddaman <omnios@citrus-it.co.uk>
    Reviewed by: C Fraire <cfraire@me.com>
    Approved by: Richard Lowe <richlowe@richlowe.net>

Actions

Also available in: Atom PDF