SecureBlackbox 2020 PHP Edition

Questions / Feedback?

Open Method

Opens existing storage or creates one in memory.

Object Oriented Interface

public function doOpen($storageid);

Procedural Interface

secureblackbox_cryptokeystorage_do_open($res, $storageid);

Remarks

Use this method to open the storage with the given StorageID. Key storages can come from several different locations, detailed below.

Memory
A storage can be created in memory by passing an empty string ("").

File
A storage can be opened from a file using one of two syntaxes:

  • C:\Certs\keys.pem
  • file://C:/Certs/keys.pem

Windows System
A storage can be opened from the Windows System using this syntax: system://{user}@{host}/?{params}

user is one of these values:

  • currentuser
  • localmachine
  • currentservice
host is either "localhost", an IP address, or FQDN.

params are chosen from this list:
  • store (required), is the name of the Windows store to access (e.g. "MY")
  • readonly, whether to access the store with only read permissions. Use 0 for false, and 1 for true.
Example: system://currentuser@localhost/?store=MY&readonly=1

PKCS#11 Device
A storage can be opened from a PKCS#11 device using this syntax: pkcs11://{user}:{pin}@/{driverpath}?{params}

user is the username used to access the device.

pin is the pin code used to access the device.

driverpath is the path to the driver used to access the device.

params are chosen from this list:

  • slot, the token slot to access on the device. If not provided, one will be chosen automatically.
  • readonly, whether to access the device with only read permissions. Use 0 for false, and 1 for true.
Example: pkcs11://john.doe:1234@/c:/windows/system32/asepkcs.dll?slot=0&readonly=1

KMIP Server
A storage can be opened from a KMIP server using this syntax: mailto:{password}@{remotehost}:{remoteport}/?{params}

password is the password use to authenticate to the server.

remotehost is the FQDN to the server.

remoteport is the server port to connect to.

params are chosen from this list:

  • encoder, the message encoding used to communicate with the server. Possible values are:
    • 1 (XML)
    • 2 (JSON)
    • 3 (TTLV)
Example: mailto:password@kmip.website.com:5696/?encoder=1TBD: add information specific to crypto key storage

Copyright (c) 2022 /n software inc. - All rights reserved.
SecureBlackbox 2020 PHP Edition - Version 20.0 [Build 8154]