I'm fully prepared to allow developers using my MimeKit library to provide their own certificate store implementations, but having a default implementation (even if suboptimal) that they can use would be really helpful for allowing people to get up and running to get a feel for how things are supposed to work. When picking up a new library, this is really helpful.
Perhaps the simplest solution, instead of pulling in a System.Data backend, would be to use a pkcs12 file - it's something that BC already supports loading and saving to and it's encrypted as well. Jeff On Tue, Nov 5, 2013 at 10:05 AM, Mankowski, Chris <cmankow...@nfp.com>wrote: > I think there would also be benefit to sharing implementations of that > interface that he’s already created. > > > > I would be interested in code that saves certificates into DPAPI/CryptoAPI > and is also managed. I haven’t seen an implementation like this. > > > > *From:* Jaroslav Imrich [mailto:jaroslav.imr...@gmail.com] > *Sent:* Monday, November 04, 2013 6:47 PM > *To:* Jeff Stedfast > *Cc:* Bouncy Castle Developer List > *Subject:* Re: [dev-crypto-csharp] cross-platform way of storing X509 > certificates & private keys? > > > > Hello Jeff, > > > > I believe you should use "more abstract" and platform independent > Org.BouncyCastle.X509.Store.IX509Store interface and let user (developer > who uses BC) provide implementation suitable for his platform/scenario. > > > > -- > Kind Regards > > Jaroslav Imrich > http://www.jimrich.sk > > > > On Mon, Nov 4, 2013 at 11:53 PM, Jeff Stedfast <j...@xamarin.com> wrote: > > One of the last remaining pieces for me to complete the S/MIME library I'm > working on is having a cross-platform way of storing X509 certificates and > private keys. > > > > I was wondering if anyone had a solution they've already come up with that > they could share or perhaps give some thoughts. > > > > I had started working on a way to re-use the > System.Security.Cryptography.X509Certificates.X509Store for Windows and > something that used the native Mac OS X keychain APIs on Mac, but on Linux > and Android, there aren't any system-wide certificate stores. > > > > What have other people done? > > > > Jeff > > > ------------------------------ > Notice: This e-mail message and any attachment to this e-mail message may > contain information that is confidential, proprietary, privileged, legally > privileged and/or exempt from disclosure under applicable law. If you are > not the intended recipient, please accept this as notice that any > disclosure, copying, distribution or use of the information contained in > this transmission is strictly prohibited. NFP reserves the right, to the > extent and under circumstances permitted by applicable law, to retain, > monitor and intercept e-mail messages to and from its systems. > > Any views or opinions expressed in this e-mail are those of the sender and > do not necessarily express those of NFP. Although this transmission and any > attachment are believed to be free of any virus or other defect that might > affect any computer system into which it is received and opened, it is the > responsibility of the recipient to ensure that it is virus free and no > responsibility is accepted by NFP, its subsidiaries and affiliates, as > applicable, for any loss or damage arising in any way from its use. > > If you have received this e-mail in error, please immediately contact the > sender by return e-mail or by telephone at 212-301-4000 and destroy the > material in its entirety, whether electronic or hard copy format. >
