jwhite@paha:~/org.glite.data.hydra-cli$ ls -l src/*/ | grep -v CVS | grep -v Root | grep -v Entries | grep -v Repos | less

src/c/:
total 120
-rw-r--r-- 1 jwhite jwhite  7588 2010-04-07 13:11 catalog-simple-api.c
-rw-r--r-- 1 jwhite jwhite  8562 2010-04-07 13:11 datatypes.c
-rw-r--r-- 1 jwhite jwhite 25143 2010-04-07 13:11 eds-simple.c
-rw-r--r-- 1 jwhite jwhite  5031 2010-04-07 13:11 internal.h
-rw-r--r-- 1 jwhite jwhite  4106 2011-04-20 09:45 Makefile.am
-rw-r--r-- 1 jwhite jwhite  1642 2010-04-07 13:11 metadata_internal.h
-rw-r--r-- 1 jwhite jwhite 26613 2010-04-07 13:11 metadata-simple-api.c
-rw-r--r-- 1 jwhite jwhite  5284 2010-04-07 13:11 metadata_soapconv.c
-rw-r--r-- 1 jwhite jwhite  7813 2010-04-07 13:11 soapconv.c
-rw-r--r-- 1 jwhite jwhite   136 2007-11-21 11:48 typemap.dat

total 16

src/utils/:
total 120
-rw-r--r-- 1 jwhite jwhite  4491 2010-04-07 13:11 eds-chmod.c
-rw-r--r-- 1 jwhite jwhite  6568 2010-04-07 13:11 eds-decrypt.c
-rw-r--r-- 1 jwhite jwhite  6569 2010-04-07 13:11 eds-encrypt.c
-rw-r--r-- 1 jwhite jwhite  4114 2010-04-07 13:11 eds-getacl.c
-rw-r--r-- 1 jwhite jwhite 12424 2010-08-16 17:11 eds-getfile.c
-rw-r--r-- 1 jwhite jwhite 14662 2010-08-16 17:11 eds-putfile.c
-rw-r--r-- 1 jwhite jwhite  3859 2010-04-07 13:11 eds-register.c
-rw-r--r-- 1 jwhite jwhite  6890 2010-04-07 13:11 eds-setacl.c
-rw-r--r-- 1 jwhite jwhite  6157 2010-04-07 13:11 eds-unlinkfile.c
-rw-r--r-- 1 jwhite jwhite  2864 2010-04-07 13:11 eds-unregister.c
-rw-r--r-- 1 jwhite jwhite  2662 2011-03-14 16:35 Makefile.am
-rw-r--r-- 1 jwhite jwhite  6124 2010-04-07 13:11 meta-tool-main.c
-rw-r--r-- 1 jwhite jwhite  3502 2007-11-30 18:47 tool-main.h
-rw-r--r-- 1 jwhite jwhite 10695 2010-04-07 13:11 util.c

The key registry is carried out by

org.glite.data.hydra-cli/src/utils/eds-register.c In turn, this calls glite_eds_register from org.glite.data.hydra-cli/src/c/eds-simple.c

_glite_eds_register_common(char *id, char * cipher, int keysize, char **key_p, char **iv_p, const EVP_CIPHER **type_p, char **error)

Initializes the cipher if different from default using OpenSSL routine OpenSSL_add_all_ciphers();

Then the metadata operations are done by

glite_eds_put_metadata(id, hex_key, hex_iv, cipher_to_use, keyl_str, error);

(Also from eds-simple.c)

What does this do? This puts the "metadata" .... actually the key fragments into the catalogue (the Hydra key stores)

The Hydra key stores are discovered: glite_eds_get_catalog_endpoints(&epcount, error); (Here the glite service discovery libraries are needed!) This may be tricky for re-implementation?

Then the key is split according to the SSSS scheme.

glite_security_ssss_split_key(hex_key, epcount, keys_needed)

Key fragments are saved to individual key stores:

glite_eds_put_metadata_single(endpoints[i], id, &data, error);

Then a general release of memory (C stuff only)

In order to remove key fragments

glite_eds_unregister_single(endpoints[i], id, &dummy_error))

is used.

In order to unregister a key fragment: (a more brief description)

glite_eds_unregister(argv[optind], &error)

glite_eds_get_catalog_endpoints(&epcount, error);

glite_discover_service_by_version(sd_type, NULL /*name*/, NULL /*version*/, error); SD_getService(serv_name, &exc);

glite_eds_unregister_single(endpoints[i], id, error)

glite_metadata_removeEntry(ctx, id)

-- JohnWhite - 30-May-2011