Biswatosh wrote:
> I wrote some functions so that certutil can display keys with their CKA_IDS
> in hex and also given a CKA_ID in hex, it can find the key and can delete it
> as well. But, then the main prob remains. The goal in that bug(291383) is to
> supply CertReq as an input to certutil, in order to delete the key.
> Question is, how do I parse a CertReq?
certutil already contains all the code to do that. Just reuse that code.
> Or that, the goal is something different? Any comments?
>
> Plus, I see that almost all options of certutil are exhausted. I mean almost
> all of {0-9}, {a-z},{A-Z} have been used as options and arguments. If I want
> to add more options, what do I do?
Consider overloading an existing option in the range 'a-z'. Find an option
in that range that takes an argument, that cannot be used (presently) in the
same command that will use the CKA_ID option, and consider making it dual use.
Another suggestion: use -n to specify either nicknames or CKA_IDs.
If the option argument is hexadecimal and of the right length, then treat it
as being a CKA_ID.
> The structure secuCommandFlag has a member called flag. Do we add one more
> member to the structure, like flag and use that for any future use?
What would that proposal accomplish?
What purpose would such a new flag serve?
--
Nelson B
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
