[kmf-discuss] Loading/Saving data structures

Massimiliano Pala pala at cs.dartmouth.edu
Wed May 23 10:27:59 PDT 2007 

Hi,

I have another big problem now. How can I load a data structure like
a Certificate, a CSR, a KeyPair or a CRL from a file ?

For a Certificate I guess I have several Options:
* KMF_ReadInputFile() + KMF_DecodeCertData()
* KMF_FindCert() on an OpenSSL store

For a Request I could not find anything that would let me load a
request. Are there any methods to do so ?

For CRLs shall I use an OpenSSL store and use the KMF_ListCRL() ?
For KEYPAIRS shall I use KMF_FindKey() ?

I definitely need those functions because I have to store/retrieve
these data from a DBMS and/or the filesystem...

A useful option, would be:

	KMF_ReadInputFile(...);

	KMF_Decode[object_type](KMF_Data *);

For example for CSRs:

	KMF_CSR csr;

	rv = KMF_ReadInputFile(handle, "request.pem", buf_data);
	rv = KMF_DecodeCSR( handle, data, &csr );

This would allow to read objects directly also from memory (e.g., useful
when the source of the data is an external source like LDAP or a DBMS).
To provide a similar and useful interface it would be useful to have a
write-to-memory API:

	KMF_Data data;

	KMF_EncodeCSR( handle, data, &csr );
	KMF_WriteDataFile( handle, "out_request.pem", data );

This design would allow for a simpler handling of the data when interacting
when exporting/importing objects that are not inside the store. Summarizing:

I/O Functions:
- KMF_ReadInputFile()           [ exists ]
- KMF_WriteDataFile()

Encoding/Decoding functions:
- KMF_EncodeKeyPair()
- KMF_DecodeKeyPair()
- KMF_EncodeCSR()
- KMF_DecodeCSR()
- KMF_EncodeCRL()
- KMF_DecodeCRL()
- KMF_EncodeCert()              [ exists ]
- KMF_DecodeCert()              [ exists ]
- KMF_EncodePKCS12()
- KMF_DecodePKCS12()

I guess this would be a way to import/export objects that would be the easiest
to implement with the current API. Let me know... I am quite stuck... :(


Later,
Dr. Max

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3088 bytes
Desc: S/MIME Cryptographic Signature
Url : http://oss-beta1.opensolaris.org/pipermail/kmf-discuss/attachments/20070523/055a6bb6/attachment.bin

More information about the kmf-discuss mailing list