Hi Martin,
I needed some more time for thinking about the API. OpenCA moved in the last time consequently towards an objectoriented design. So what about an object-oriented API?
Authentication --------------
This could cleanup the authentication framework too. During the initialization of a request we would do this:
$api->set_x509_login_callback $api->set_passwd_login_callback $api->set_crypto_callback $api->set_output_callback(s)
The callbacks would have really simple interfaces:
set_x509_login_callback in: challenge out: name + signature set_passwd_login_callback in: - out: name + passwd set_crypto_callback in: passwd_parts out: passphrase
The session handling would simply require a getteer and setter for the session ID that's all (set_session_id and get_session_id). The interface decides by itself about the used storage method at the client side (e.g. cookie or parameter). This should clean op OpenCA::AC too.
The important question for me is what should we do if a callback requires to stop the api object (e.g. HTML passphrase callback)? My idea would be a function like serialize_api and if the HTML interface knows the passphrase then we can call deserialize_api (session_id). After this the callback returns the answer immediately. We have only to cleanup the serialized objects from time to time.
Functions ---------
The functions should be in common/lib/api/ while the frontends should be placed in a new area like common/lib/frontends/html/. The functions itself should look like this:
- get functions for objects
(cryptoShell should not be visible)
- data or serial based
- getters are:
- get_X509
- get_REQ
- get_CRL
- API functions like the todays commands (perhaps we can reuse the cmds/ directory instead of the api/ directory)
- set_approval (for new policy handling)
- get_errno
- get_errval
Ok, it's too much like always for one mail - so I should stop here.
Michael -- _______________________________________________________________
Michael Bell Humboldt-Universitaet zu Berlin
Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel