I'm exploring XMLSec 0.1.1. Background item 1: The OpenSSL implementation provides for storing and retrieving a keyCert, which is the certificate that is associated with the private key (in a PKCS12 file, for instance). PKCS12 loading is not implemented in XMLSec's NSS and GnuTLS engines.
Background item 2: The simple keys store load and save routines do not handle this certificate. I'm writing my own keys manager and keys store routines, and I'd like to persist this information. The question: Assuming I have my facts straight, what's the best (robust and forward-compatible) way to obtain and set the key certificate? Since I'm using OpenSSL (at the moment), I can use xmlSecOpenSSLKeyDataX509GetKeyCert() and xmlSecOpenSSLKeyDataX509AdoptKeyCert(), but I'd prefer to use function names not tied to the implementation (like the xmlSecCrypto...() macros). Have I missed something? Are there plans for something of this sort? (I imagine that if they're not already there,it's because of uncertainty about implementation details in the other engines.) _______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
