OpenSC
Add and use PKCS11_get_{key,x509}_from_template
This adds new public functions to get the EVP/X509 object directly based on object template:
- speeds up object searches if token has lot of objects as no enumeration is needed
- the implementation does not need the public PKCS11_KEY/CERT structures and bypasses object caching completely
- final step to add thread safety to pkcs#11 engine
Please fix "Segmentation fault (core dumped)" on Ubuntu: https://github.com/OpenSC/libp11/runs/7743371103?check_suite_focus=true#step:10:179
So this seems to be OpenSSL 3 related issue as mentioned in https://github.com/OpenSC/libp11/pull/414#issuecomment-1209206618
As you note PR #414 passed the test suite at time of merging.
I suspect this PR just triggers the underlying issue of how OpenSSL 3 and the test suite's SoftHSM build are integrated. I think the fix is separate commit that either fixes the OpenSSL3 support, or changes SoftHSM to be Botan build so it does not depend on OpenSSL.
I would not be surprised if the underlying issue triggers in other scenarios in the current code base.
I'll try to schedule some time to further fix it. But I'm not sure when I get to it as I am currently a bit back logged.
As you note PR #414 passed the test suite at time of merging.
No, it did not. See https://github.com/OpenSC/libp11/pull/414#issuecomment-1122645166 for details.
As you note PR #414 passed the test suite at time of merging.
No, it did not. See #414 (comment) for details.
Right. What I meant to say is it worked during the time of PR being created, as the PR passed test suite.
As you note PR #414 passed the test suite at time of merging.
No, it did not. See #414 (comment) for details.
Right. What I meant to say is it worked during the time of PR being created, as the PR passed test suite.
There was no automatic PR testing with GitHub Actions at that time. I added it later to address similar issues.