Menu

Usage Log in to Edit

Mikhail Ryzhov Dmitry Avramenko

Dynamic loading and initialization

aToken is a dynamically loaded module with PKCS#11 API.

As usual for such modules, at first it should be loaded, then a list of functions has to be obtained. It can be done either by resolving C_GetFunctionList function address and then getting a structure with all function addresses, or resolving all functions addresses manually.

Then it's necessary to run an initialization function C_Initialize. An argument for this function is a CK_C_INITIALIZE_ARGS structure. Even as the standard states that pReserved member of this structure has to be NULL_PTR, this token implementation processes it as a pointer to a null-terminated configuration string.
In the case when pReserved value is NULL_PTR, the configuration string will be taken from the value of ATOKEN_CONFIG environmental variable.
When pReserved is NULL_PTR and ATOKEN_CONFIG is not set, the default value for configuration string is used.

Configuration

Module configuration is defined (in ABNF notation) as follows:

Configuration string

Configuration string (module_config) consists of one or more slot configuration substrings divided by "%".

module_config = slot_config *( "%" slot_config )

Slot configuration substring

Slot configuration substring (slof_config) consists of a storage type tag and additional storage parameters.

slot_config = storage_type [ "|" storage_parameters ]

Value of storage_parameters substring depends on the storage_type.

No storage

If storage_type is an empty substring, the designated slot will have no storage and will be flagged read-only, initialized and not requiring login.

Local storage

This type of storage will be used for slots where storage_type equals string "local". Objects are stored using a "ldb" API similar to dbm key-data pair storage and retrieval.

local_storage_parameters = [ ldb_module ] [ "|" ldb_parameters ]

Here ldb_module is a full filename of a dynamically loadable module that implements the storing of objects via the mentioned above ldb API. String ldb_parameters depends on the used ldb module.
If ldb_module is omitted, then the compiled-in implementation is used (located in /sources/storage/lldb_fs.c in the source tree). Parameters string for it is a full path to the directory, where the objects are stored.

Default configuration

*nix/Linux/MacOSX:
local||<value of HOME environmental variable>/.atoken

Windows:
local||<value of APPDATA environmental variable>\aToken

Discussion

Anonymous
Anonymous

Add attachments
Cancel





MongoDB Logo MongoDB