Hi Martin,
I've got a working OpenCA test installation (0.9.2.1 based) running that supports Java Keystore download.
Cool.
- Two Java classes; as I started to develop the stuff before thinking about integration into OpenCA, I used the Java class path de.cynops.crypto.keystore.*
The class path is not the problem - only the copyright and license ;)
- A Shell script wrapper for the Java tool that makes invocation easier and automatically handles encoding conversion
Could you put this into a new OpenCA class like OpenCA::Java::Keystore or something other. It has nothing to do with OpenSSL and I don't like to overload the OpenCA::OpenSSL class (even openca-sv in OpenCA::OpenSSL is not really clean).
I think I am going to add the additional tools to src/createkeystore.
Could you use something like javakeystore. createkeystore blocks any further development and we don't know what the future brings. Keystore itself is perhaps not enough because nearly every crypto toolkit has a keystore.
Other questions: - Should I modify my sources to org.openca.crypto.keystore or something similar before adding the tool to the OpenCA project?
This would be really nice because it allows further development. Nevertheless I would include a notice which was the original owner of the code - even if you publish it under the full control of OpenCA.
- Where should I install the shell wrapper tool? My suggestion is the same directory as the scep executable, e. g. /usr/local/bin because the tool may be useful outside OpenCA as well
There are two problems - what do you want to implement for a shell wrapper and how do you want to use it from inside of OpenCA. Usually OpenCA implements a shell wrapper in an OpenCA class like OpenCA::Java::Keystore. This class usually acts as wrapper (like for OpenCA::OpenSSL).
- Where should I install the Java classes? 1. /usr/local/openca-0.9.2/lib/java/... 2. /usr/local/lib/... I think 2. is a sensible choice.
Does it be possible to integrate the java stuff like the other C stuff? The other C binaries installs to /usr/local/bin (in your case /usr/local/lib/) but we can put the complete stuff via configure into /usr/local/OpenCA/lib. It depends on the choosen openca configuration.
I need some additional configuration settings for OpenCA: - Java executable binary (or should be assume that it is in the PATH?) - Classpath to the Java classes
Objections against including the two new settings in config.xml and servers/pub.conf?
Yes, I would like to see two additional configure options too support easy packaging. A CLASSPATH and a java binary are installation issues and no configuration issues (like the openca-sv binary). Which CLASSPATH do you mean (the extension for the new classes or the default crypto classes)?
My last java code is some time ago. So perhaps the questions are really trivial ...
Michael -- _______________________________________________________________
Michael Bell Humboldt-Universitaet zu Berlin
Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel
