Hi Richard,

Richard Levitte wrote:
[SNIP]
James.Bottomley>    1. We agreed that usability is greatly enhanced if openssl 
simply loads
James.Bottomley>       a key when presented with the file/uri etc. without the 
user having
James.Bottomley>       to specify what the format of a key is

Check.  My STORE branch is made to support that.
One URI could represent more then one item.
STORE_INFO_types is enumerate but URI could be associated to custom data (handle) and this data could be used to get other data(handles).

See capi engine CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id)
..
        hstore = capi_open_store(ctx, NULL);
        if (!hstore)
            return NULL;
        cert = capi_find_cert(ctx, id, hstore);
        if (cert) {
            key = capi_get_cert_key(ctx, cert);
            CertFreeCertificateContext(cert);
        }
        CertCloseStore(hstore, 0);
..
Is above case PKEY is loaded only if CERT is located(found).

I guess that STORE_INFO_types could be bit-mask and to support application specific data in addition.


[SNIP]
Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to