On Nov 9, 2007, at 2:48 PM, Jim Crafton wrote:
Hi,
I'm writing a C++ wrapper library around the OpenSSL API with the
intent to not just support SSL for sockets, but as much of the other
parts as possible, things like the message digests,
encryption/decryption, certificates, etc.
Why are you doing this? I ask because your goals may help answer
your question. Your C++ API should be consistent with the goals of
your project.
Are there other ASN libraries available? If so, I can't see why a
user who wanted this functionality alone would use OpenSSL. And,
most users who would want a C++ wrapper for OpenSSL don't need access
to these low level functions.
What's the license for this work? I'm working on something similar,
but so far it just includes the certificate generation/verification
parts I need. I'd be happy to contribute my code to an open source
project.
For what I'm doing, I'll need to create a new X509v3 non-critical
extension, and fill it in. In my experience working with OpenSSL, I
probably won't need to touch the ASN.1 functions, but I haven't
written this part yet. Even if I do need them, I'm not sure I'd
expose them to the C++ API my code will provide.
So far I have wrapped the core message digests, encryption algos, BIO
support, BIGNUM structures and done the basics for RSA key generation
and public/private key persistence plus signing and verifying data
with them.
Even when working in C++, I've found that it's not much trouble to
use this functionality directly.
I am now torn between tackling the ASN API's or simply moving on to
the X509 API's. My question is: are the ASN functions worth wrapping?
Are they generally useful in and of themselves? I have looked around
and found (so far) very little documentation about them. I have found
a couple of uses, for example, setting the serial number on an X509
cert structure :
ASN1_INTEGER_set( X509_get_serialNumber(x),serial );
My wrapper code calls this function, but I didn't think my API would
need a wrapper for it.
Outside of the internal usage of the API's I haven't seen any other
examples of how to use them. As I understand it, ASN is used to
describe data structure and also how to encode it. This sounds like it
would be a nice thing to have a C++ wrapper for, but I'm kind of
clueless on where to begin. The other API's were relatively easy to
wrap, as it seemed pretty obvious from either documents or examples
what they were supposed to do.
ASN.1 is a widely marshaling format for encoding data used for
communication.
If the ASN stuff is worth wrapping would anyone have any suggestions
on were else to look to understnad better what needs to be wrapped and
how to approach it? I noticed that there was a book from O'Reilly
about OpenSSL programming maybe that might have enough info in it.
I'm sure there are more books about ASN.1 than there are about OpenSSL!
Cheers,
-Ian
Cheers
Jim
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
