From 0968f903fe66f9bb8957b8d01e35f3743c74404b Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Tue, 4 Nov 2014 11:31:31 +0100 Subject: Brought old blog over --- .../introducing-libgck-a-pkcs11-gobject-wrapper.md | 31 ++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 content/technical/introducing-libgck-a-pkcs11-gobject-wrapper.md (limited to 'content/technical/introducing-libgck-a-pkcs11-gobject-wrapper.md') diff --git a/content/technical/introducing-libgck-a-pkcs11-gobject-wrapper.md b/content/technical/introducing-libgck-a-pkcs11-gobject-wrapper.md new file mode 100644 index 0000000..8901cc4 --- /dev/null +++ b/content/technical/introducing-libgck-a-pkcs11-gobject-wrapper.md @@ -0,0 +1,31 @@ +Title: Introducing libgck: A PKCS#11 GObject wrapper +Date: 2010-10-04 +Tags: technical, security, gnome +Slug: introducing-libgck-pkcs11-gobject + +In gnome-keyring we use [PKCS#11][] for the storage of keys and +certificates. PKCS#11 is standard sort of a plugin API that allows +drivers or software to provide key storage and crypto algorithms to an +application. +libgck is a GObject wrapper of PKCS#11. Still pretty low level but +makes PKCS#11 easier to use from GNOME or GTK+ apps. libgck is used +extensively in gnome-keyring and seahorse. + +- GCK stands for "**G**object **C**rypto**K**i". +- Currently lives in the gnome-keyring git module, but could be split + into its own module in the future. +- Replaces libgp11 with many lessons learned and a cleaner API. + +Besides the mundane expected key and certificate storage functionality +and crypto mechanisms. There's support for stuff like [PKCS#11 URIs][] +used to identify keys or certificates residing in a certain key storage +or smart card. Also enumeration and loading of modules from a [common +system location][]. + +All this goodness is in gnome-keyring master or 2.91.0 + +

+ + [PKCS#11]: http://www.rsa.com/rsalabs/node.asp?id=2133 + [PKCS#11 URIs]: http://tools.ietf.org/html/draft-pechanec-pkcs11uri-02 + [common system location]: http://wiki.cacert.org/Pkcs11TaskForce -- cgit v1.2.3