[kmf-discuss] Extension to the API
Massimiliano Pala
pala at cs.dartmouth.edu
Wed Mar 21 21:02:48 PDT 2007
Wyllys Ingersoll wrote:
[...]
> This is not really a key management function, it is more of
> a general purpose utility.
Yes, you are right. But I just wanted to avoid having to link additional
libraries.
[...]
> Digest operations already covered by the libmd(3LIB) interfaces.
> Check out the following headers in /usr/include md4.h, md5.h, sha1.h,
> and sha2.h and look at the following interfaces:
> MD4FinalMD4Update MD4Init
> MD5FinalMD5Update MD5Initmd5_calc
> SHA1FinalSHA1Update SHA1Init
> SHA2FinalSHA2Update SHA2Init
>
> I doubt this is something we would duplicate in KMF.
>
> Or, if you prefer, there are PKCS#11 interfaces
> for doing just what you describe as well.
>
> C_DigestInit, C_DigestUpdate, C_DigestFinal.
Same as above. Anyhow thanks for the pointers, I will look into those and
pick the best ones. If the functions were provided via KMF and an hardware
token is used, then this would use the hardware implementation instead the
software one... maybe faster (the same argument can be made for the random
generator---hardware implementations are better than software, usually).
Cheers,
Max
--
Best Regards,
Massimiliano Pala
--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] pala at cs.dartmouth.edu
project.manager at openca.org
Dartmouth Computer Science Dept Home Phone: +1 (603) 397-3883
PKI/Trust - Office 063 Work Phone: +1 (603) 646-9179
--o------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3088 bytes
Desc: S/MIME Cryptographic Signature
Url : http://oss-beta1.opensolaris.org/pipermail/kmf-discuss/attachments/20070322/da049edb/attachment.bin
More information about the kmf-discuss
mailing list