[kmf-discuss] getting info on TA certificate
Wyllys Ingersoll
wyllys.ingersoll at sun.com
Mon Feb 11 09:10:36 PST 2008
Jan Pechanec wrote:
> you understand, that's fine. The question is whether I have to parse
> the XML file to get it. It looks like I have to then.
>
> I think that normally an application doesn't need to know what is in
> the policy database. I can see now only one reason why I need to know that -
> to find out whether I can accept certificates with RSA or DSS signatures. So
> I was wondering whether I can get such info without parsing the policy file
> myself.
>
> cheers, Jan.
>
I don't think you should have to parse the policy file yourself. When
you initialize
your KMF_HANDLE, the policy file is automatically read and recorded in
the policy record
attached to the handle.
You could find it like this:
ta_name = handle->policy->ta_name;
However, the KMF_HANDLE is intentionally opaque, so it looks like maybe
we should just
add a couple of functions to return the values to you.
kmf_get_policy_ta(KMF_HANDLE_T, char **taname, char **taserial)
Would that help?
-w
More information about the kmf-discuss
mailing list