[xmlsec] xmlsec-nss patches from Sun( 2003-07-22 )
aleksey at aleksey.com
Thu Jul 24 00:14:37 PDT 2003
> "xmlSecNssKeyDataRsaGenerate" interfaces, I have no such a goog luck. So
> the 'getSlot' is designed only for "KeyDataXXXGenerate" functions.
The only thing that can use xmlSec*Generate functions is some keys
xmlsec never calls these functions by itself. And if you want, you can
function with one additional parameter "slot". Then xmlSecNssGenerate()
would simply call
> Can we design that we specify a deault xmlSecNssKeysManager, and every
> loaded keys ( read from xml
> document ) bind with the slot that enabled in the manager? That one
> things I want to do.
Sure. Again, I think that mapping alg->slot is better than plain
"enabled slots list"
(my favorite example again :) ).
> So if we provide such a keys manager, "getSlot" only work for key data
> generator. When we will
> use the "KeyDataXXXGenerate" functions?
Never. These functions are used *only* by xmlsec command line utility.
And these functions
are not called from xmlsec library itself.
> Now, maybe we have agreed where and when "getSlot" works, Only in the
See above the suggestion with xmlSecNss*GenerateExt() functions. If you
stick with NSS
and don't care about portability (i.e. switching to OpenSSL, etc.) then
you can use
More information about the xmlsec