[kmf-discuss] Import/Export issues
Hai-May Chao
Hai-May.Chao at sun.com
Mon Mar 19 12:07:18 PDT 2007
Wyllys Ingersoll wrote:
>Massimiliano Pala wrote:
>> Hi all,
>>
>> I have seen that there are some asymmetries in the import/export
>> functionalities
>> of the KMF:
>> - There is a KMF_CreateCSRFile() but there is not a KMF_ImportCSRFile()
>
>
>This is correct, because we did not intend to support many features of a CA
>in the first phase. Now that we have moved beyond that we should consider
>some new additions to help support CA products.
>
>> - There is a KMF_ImportCert() but there is not a KMF_CreateCertFile()
>> (correct me if I am wrong)
>
>
>KMF_StoreCert() with the KMF_OPENSSL_KEYSTORE will export a certificate
>to a file.
>
Also, we have KMF_CreateCertFile() available which will write a PEM
or DER format of KMF cert data to a file.
>
>>
>> Could also be useful to provide name consistency for the functionalities,
>> for example:
>>
>> - to import/export a datatype:
>>
>> KMF_ImportDATATYPE_MEDIA ()
>> KMF_ExportDATATYPE_MEDIA ()
>>
>> where:
>>
>> DATATYPE could be CSR, Cert, KEY, PKCS12, and SYMKEY
>> MEDIA could be File, Store, and URI
>>
>> I guess this would help developers.
>
>Agreed. Function naming symmetry and consistency is helpful
>for developers. We should start compiling a list of things
>that need attention and try to address them at the same time
>so we are not constantly changing the APIs.
>
Agreed that sounds like a good approach.
- Hai-May
More information about the kmf-discuss
mailing list