diff options
Diffstat (limited to 'content/technical/introducing-libgck-a-pkcs11-gobject-wrapper.md')
-rw-r--r-- | content/technical/introducing-libgck-a-pkcs11-gobject-wrapper.md | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/content/technical/introducing-libgck-a-pkcs11-gobject-wrapper.md b/content/technical/introducing-libgck-a-pkcs11-gobject-wrapper.md new file mode 100644 index 0000000..8901cc4 --- /dev/null +++ b/content/technical/introducing-libgck-a-pkcs11-gobject-wrapper.md @@ -0,0 +1,31 @@ +Title: Introducing libgck: A PKCS#11 GObject wrapper +Date: 2010-10-04 +Tags: technical, security, gnome +Slug: introducing-libgck-pkcs11-gobject + +In gnome-keyring we use [PKCS#11][] for the storage of keys and +certificates. PKCS#11 is standard sort of a plugin API that allows +drivers or software to provide key storage and crypto algorithms to an +application. +libgck is a GObject wrapper of PKCS#11. Still pretty low level but +makes PKCS#11 easier to use from GNOME or GTK+ apps. libgck is used +extensively in gnome-keyring and seahorse. + +- GCK stands for "**G**object **C**rypto**K**i". +- Currently lives in the gnome-keyring git module, but could be split + into its own module in the future. +- Replaces libgp11 with many lessons learned and a cleaner API. + +Besides the mundane expected key and certificate storage functionality +and crypto mechanisms. There's support for stuff like [PKCS#11 URIs][] +used to identify keys or certificates residing in a certain key storage +or smart card. Also enumeration and loading of modules from a [common +system location][]. + +All this goodness is in gnome-keyring master or 2.91.0 + +</p> + + [PKCS#11]: http://www.rsa.com/rsalabs/node.asp?id=2133 + [PKCS#11 URIs]: http://tools.ietf.org/html/draft-pechanec-pkcs11uri-02 + [common system location]: http://wiki.cacert.org/Pkcs11TaskForce |