[kmf-discuss] Create and Store Key APIs
Wyllys Ingersoll
wyllys.ingersoll at sun.com
Mon Mar 19 08:04:40 PDT 2007
Massimiliano Pala wrote:
> Hi Wyllys,
>
> I completely agree with you, this could be very handy for applications
> that, for example, need to create a key but they do not want to save it
> in a store but, for example, in a file.
A file is a store when using the KMF_OPENSSL_KEYSTORE type.
>
> One question, for storing/retrieving keys on file, is the pkcs12 the
> only export format ?
Currently, yes, because it is a standard and is fairly portable
(depending on the constructs used in the PKCS#12 bag) to other
systems and PKI tools.
Once I implement the KMF_StoreKey() API, I the on-disk format
used for the OpenSSL keystore will be the standard OpenSSL
supported formats (PKCS#1 DER and PEM), which is, I think,
what you are looking for.
-Wyllys
More information about the kmf-discuss
mailing list