[Mono-dev] PKCS12 and SecretBags

Jay Miller jnmiller at cryptofreak.org
Mon Dec 18 18:09:21 EST 2006

I'm looking to make use of the SecretBag type in a PKCS12 file.  Mono
does not currently support SecretBags in any explicit sense, which is to
say that users cannot access them using the PKCS12 class.  This makes
some sense because SecretBags aren't really defined in the standard.

Nonetheless, I would like to make use of both the PKCS12 class *and*
SecretBags.  I was hoping I could run a couple of solutions by the
developers and perhaps submit a patch if one sounds good.

Solution 1)

Arbitrarily decide that SecretBags will be of type byte[].  Add
functions that mirror existing ones: AddSecretBag(), GetSecretBags(),
RemoveSecretBag(), etc.  Add a member _secretBags that stores the
current SecretBags.

Solution 2)

Make the _safeBags member accessible outside the class to allow the user
low-level access to the various bags stored by the instance.  This way a
user could write her own GetXxx() class for SecretBags, CRLs, or
whatever, simply by traversing the _safeBags list.

Solution 3)

Make PKCS12 more friendly as a base class such that users can derive
PKCS12 and implement their own understandings of SecretBags, CRLs, or
whatever else.  Private members will need to be made protected, maybe
add a few 'virtual' keywords..

Hopefully one of these solutions (or another that I hadn't considered?)
will sound reasonable, as I really don't want to maintain an entire
PKCS12 class just to add SecretBags!

Thanks very much for your time and comments!

Jay Miller
PGP Fingerprint | 5f7adbbe bfc60727 96dca94c 616d5080 09e3e846

More information about the Mono-devel-list mailing list