[kmf-discuss] KMF_SignCSR problem
Wyllys Ingersoll
wyllys.ingersoll at sun.com
Mon Mar 19 07:52:41 PDT 2007
Massimiliano Pala wrote:
> As usual.. Thanks!
>
> I think that it might be a good idea to add some 'OBJ_new' functions to the
> library so that when the objects are created, the lib itself could take
> care
> about initialization of the values (i.e., in most cases it will be zeroize
> the structure, but it might also be setting default values...).
> And, if possible, I would avoid macros, they are an inferno when it comes
> to debugging, usually :(
Agreed.
>
> Something like:
>
> KMF_CSR_DATA * KMF_CSR_DATA_new( void );
>
> if there was something like this for each datatype, it would be easier for
> the developer, because memory management would become more "linear", i.e.
> using the KMF_CSR_DATA_new() and KMF_CSR_DATA_free() [ or KMF_FreeCSR() and
> KMF_NewCSR() as it is now]
Yeah, I think this is a good idea. There are several places where an
"init" function like this would be helpful instead of leaving it up
to the caller to memset/bzero the structures.
>
> Thanks for the help!
>
> By the way, I am now actually working with the openssl store for "simple"
> operations and I'll go deeper into store support later when dealing with
> certificate issuing (I'll probably use a special datatype for that, the
> "PKI_TOKEN"). Anyway, let me know if and when you are including the new
> "in-memory" features also for the keys so that I can get rid of the file
> operations I am actually doing now.
I'll probably start on it (or at least file the RFE/Bug) this week.
-Wyllys
More information about the kmf-discuss
mailing list