Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose LowLevelPkcs11Library from session #191

Open
manison opened this issue Aug 20, 2021 · 4 comments
Open

Expose LowLevelPkcs11Library from session #191

manison opened this issue Aug 20, 2021 · 4 comments

Comments

@manison
Copy link

manison commented Aug 20, 2021

Today we try to use the high level API for everything, however there are some scenarios not covered by the high level API (e.g. multi-part operations, #186). For this one must use the low level API. However there seems no easy way to transition from the high level to the low level in spite of the high level API is naturaly built on top of the low level.

I propose exposing the LowLevelPkcs11Library from the ISession

interface ISession
{
  ...
  LowLevelPkcs11Library LowLevelPkcs11Library { get; }
}

so one could use if needed the following construct

ICryptoTransform CreateTransform(ISession session)
{
  switch (session.LowLevelPkcs11Library)
  {
    case LowLeveAPI40.Pkcs11Library lib40:
      return new CryptoTransform40(lib40);
    case LowLevelAPI41.Pkcs11Library lib41:
      return new CryptoTransform41(lib41);
    case LowLevelAPI80.Pkcs11Library lib80:
      return new CryptoTransform80(lib80);
    case LowLevelAPI81.Pkcs11Library lib81:
      return new CryptoTransform81(lib81);
  }
}
@jariq
Copy link
Member

jariq commented Aug 21, 2021
edited

Such feature was present in Pkcs11Interop 4 but turned out to be problematic for quite a few reasons I don't recall right now. The preferred way to do this kind of stuff (calling low level methods not exposed by HighLevelAPI interfaces) in Pkcs11Interop 5 is to create your own set of extended classes inherited from Pkcs11Interop classes. For a working example please take a look at Pkcs11Interop.Mock project and _28_VendorExtensionsTest.

@manison
Copy link
Author

manison commented Aug 23, 2021

The preferred way to do this kind of stuff (calling low level methods not exposed by HighLevelAPI interfaces) in Pkcs11Interop 5 is to create your own set of extended classes inherited from Pkcs11Interop classes.

I understand that concept. However this is only possible when you have the whole code path (factories etc.) under your control. Unfortunately this is not my case, since as a library author I need to work with an ISession I get.

@jariq
Copy link
Member

jariq commented Aug 23, 2021

I don't understand why can't you work with "your" IMockSession instead of ISession. Can you please provide more detailed explanation?

@manison
Copy link
Author

manison commented Aug 24, 2021

Because I'm not the one in charge of creating the session. I need to work with whatever ISession a user (i.e. the caller of my library) creates.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jariq @manison