On Tue, 2003-04-01 at 11:23, Michael Bell wrote:
The sad thing is I couldn't test OpenSSL::Fast, because I don't know how to use it.. it is not documented and I don't understand XS.
Ok, I integrated it into OpenCA::OpenSSL and commited it to the CVS. So it is available via the HEAD of OpenCA's CVS (openca-0.9/src/modules/openca-openssl/). You can use make test. The tests are in t/*.t. These files show the usage. It's quite simple.
Also, it won't compile in my system:
cc -c -I. -I/usr/local/ssl/include -DDEBIAN -fno-strict-aliasing
-I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -DVERSION=\"0.02\" -DXS_VERSION=\"0.02\" -fPIC
-I/usr/lib/perl/5.6.1/CORE -DPERL5 Fast.c
Fast.xs: In function `XS_OpenCA__OpenSSL__PKCS10_attributes':
Fast.xs:1239: structure has no member named `single'
make: *** [Fast.o] Error 1
I had to change line 1239 in Fast.xs (i don't know exactly what I'm doing, but it compiled! :))
if (a->single) to if (a->value.single)
Do you use OpenSSL 0.9.7? The code works on my machine and is directly from OpenSSL 0.9.7a crypto/asn1/t_req.c. The definition of the structure in x509.h is the follwoing one:
typedef struct x509_attributes_st
{
ASN1_OBJECT *object;
int single; /* 0 for a set, 1 for a single item (which is wrong) */
union {
char *ptr;
/* 0 */ STACK_OF(ASN1_TYPE) *set;
/* 1 */ ASN1_TYPE *single;
} value;
} X509_ATTRIBUTE;If you use the headerfiles from 0.9.6 then single is called set. There was a renaming of a structure member.
the problem is: a. private keys do not belong to X509 nor to requests, they could be in the same file, but aren't part of the structures (nor desirable to be there!); b. by storing keys as pem-encoded data, you can not have opaque processing of them, to retrieve information as key size, fingerprint, etc.; and c. it is not nice :-)
So it is a good idea if you program such a module ... :)
Greetings Michael -- ------------------------------------------------------------------- Michael Bell Email: [EMAIL PROTECTED] ZE Computer- und Medienservice Tel.: +49 (0)30-2093 2482 (Computing Centre) Fax: +49 (0)30-2093 2704 Humboldt-University of Berlin Unter den Linden 6 10099 Berlin Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
-------------------------------------------------------
This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server
http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel
