Aleksey Sanin wrote:
OK
I'll do my best (not only slot :-)).
Looking at you're example sign3.c I was wandering if the signing sequence could be realised by modifying the underlying NSS layer so that:
- ...
- xmlSecCryptoAppKeyLoad could actually prepare a key structure for a pseudo-file whose name is something like 'slot-name : token-name'
(and here the API already provide PIN parameters);
- xmlSecCryptoAppKeyCertLoad could be used to actually select a certificate (ant its key) via a nickname specified with cert-file name;
- xmlSecKeySetName - as now
- xmlSecDSigCtxSign - performing the signature with the supplied infos abore
- ...
You are not required to use xmlSecCryptoAppKeyLoad(). You can write your own function to load key (NSS key handle) and insert it into the manager. Again, as soon as you have the key, you have the slot.
xmlSecCryptoAppKeyCertLoad() is a simple example and a helper function for xmlsec command line app. Your requirements go beyound the requirements for this application and you probably want to write a custom function for this.
Aleksey
Thanks
I'll take nss/app.c as a guideline to develop something like xmlSecCryptoAppKeyLoad and xmlSecCryptoAppKeyCertLoad for my purposes, and then will proceed as normal.
I'll let you know (and send you a copy of the new functions after debugging).
Bye Clizio
-- ---------------------------- Clizio dr. Merli
C.E.O. 4u Srl, Italy ISACA CISM (Certified Information Security Manager) EUCIP Certified Socio AIP (Associazione Informatici Professionisti) ----------------------------
_______________________________________________ xmlsec mailing list xmlsec@aleksey.com http://www.aleksey.com/mailman/listinfo/xmlsec
