[bind10-dev] cryptolink design
Francis Dupont
fdupont at isc.org
Mon Jul 2 15:24:09 UTC 2012
I was looking at the cryptolink design: IMHO it falled into a common
error by providing only one update function: in PKCS#11 you have:
- SignInit() (which takes the key)
- SignUpdate() and SignFinal()
- or Sign() which does the same than update*+final in one shot,
and the same for Verify. So there is not one update() but two update()
functions, one in each "direction". Of course you can go from 2 updates
to 1, but not the opposite.
Regards
Francis Dupont <fdupont at isc.org>
More information about the bind10-dev
mailing list