Bob,
Thanks for your reply. See, my aim is to print CKA_IDs when we run
certutil -K.
And also, I want certutuil to take CKA_ID as input to delete a key.
I want to do this way:
certutil -K should give some thing like this
1a340caa2a1a54a1aa2b
9c040baa1b1b94a1ca22
32a40faaafcac4a11a22
...
...
And, when I want to delete a key using it's CKA_ID, I give
certutil -(deleteoption) 9c040baa1b1b94a1ca22.
Now, to acheive that, there is some difficulty in using the
functions available in nss/cmd/lib/secutil.c.
There are functions which will dump the raw bytes in SECItem
to a file and also convert the bytes in the file to a SECItem but
they still prob. won't serve my purpose. I want the user to simply
copy-paste the hexa equivalent/(or any printable form like in decimal
or in octal of the CKA_ID and give that as input to certutil.
That's why I wrote two functions, and both of these functions use
SECItem and mpi data structures together.
So, when you say that I should put one in nss/cmd/lib, can it access
mpi functions from there? Or, is it that I should not attempt any such
function where both of these(mpi and SECItems are used)?
Or you have any other suggestions?
Thanks
Biswatosh
Bob Relyea wrote:
Biswatosh wrote:
Hi,
Does there exist any utility to print a SECItem in any radix format
and the
inverse utilty? That is, given any array of hexas.,octets or of any
radix, I should
be able to convert it to a SECItem?
There should be some utilities for this under nss/cmd/lib, but not the
general functions you are describing.
I searched but could not find and so wrote down this utilty (to do an
enhancement
on certutil). Now, I am in a fix, as to where should I place the
functions? These functions
directly deal with mpi routines and SECItems and so I need
suggestions as where
should I place them so that the basic NSS function structure model is
not violated.
I see that if I place them in any file, for ex. in rsa.c(I know I
should not place it here),
it gets compiled and then suppose I make a wrapper function on it in
softtoken/pkcs11c.c,
then also it gets compiled but when I call this wrapper function from
certutul.c, it gives
"symbol not defined" error. I can solve it prob. using some changes
in this or that .def file/s
but as said before, it may be against the basic model. That is why,
I need your opinion/s
on this.
Put your secitem util in nss/cmd/lib. NSS has no printing functions,
and anything as low as softoken would not be available to applications
anyway.
You should put your mpi functions in the mpi directory in freebl.
Those are only useful for mpi debugging (applications never have
direct access to MPI).
bob
Thanks
Biswatosh
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
