either in PEM or DER format, so the backward compatibility
is not really broken. The API for loading the key from
PEM/DER files takes in a password argument already, so
no API changes are needed to use PKCS8 files.
-Tej
Aleksey Sanin wrote:
_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec<title> The changes you suggest would break the backward compatibility_______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
(xmlsec command line options are also an API). Probably the right
way would be:
1) define new xmlSecKeyDataFormatPkcs8 item in xmlSecKeyDataFormat enum
2) implement PKCS8 keys loading in xmlSecCryptoAppKeyLoad
3) fix xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad to load DER certs
when Pkcs8 format is specified
4) Add new "privkeyPkcs8Param" for "--privkey-pkcs8" option
5) update tests scripts
xmlsec-nss might not support loading PEM and DER private key but other
implementations might still find use for it.
Aleksey
