Allow working with a non-finalizing Pkcs11
#290
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Wiktor Kwapisiewicz <[email protected]>
Signed-off-by: Wiktor Kwapisiewicz <[email protected]>
Signed-off-by: Wiktor Kwapisiewicz <[email protected]>
wiktor-k
force-pushed
the
wiktor/allow-working-with-non-finalizing-pkcs11
branch
from
0673f4e to
e51d16f
Compare
|
I do not have this use case and I do not feel knowledgeable enough of rust to be able to judge which of the approaches is better. But this one looks more straightforward, while the other more "bolted on top of the existing things". Generally, I think it is a good idea, especially when we have people asking for this. |
|
Yep, good point. I've pinged folks in #208 to check if this makes sense (I'd rather avoid making changes without backing approval from real-world users). Thanks for your help! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi folks,
There is much interest in a Pkcs11 that does not finalize the underlying implementation and I thought I'll try out one idea I had: splitting the
Pkcs11into an owning and ref structs (similarly to how Rust does withStringandstr). I've made thePkcs11finalize itself and thePkcs11Impljust work on what's passed in. This way, folks that manage the lifecycle themselves can construct a new instance viaPkcs11Impl::new_uncheckedwhich should resolve #208.I've also dropped inner Arc from
Pkcs11(so that the concurrency is now managed by the client outside of Pkcs11) and madeSessionown a reference to the client. I'd further renamePkcs11Implinto something likePkcs11Refbut I want to keep the diff as small as possible, and in case you don't like it it's not worth the refactor.See what you think about it @hug-dev and @Jakuje.
The alternative posted on Slack by @testingapisname is adding additional finalization flag: testingapisname@6a4e58d