Steve,
Thanks for the response.
I think that rsautl already uses load_key() so the EVP_PKEY structure should
already be handled.
What's the policy on contributed source code from outside the core group -
I'd be willing to have a stab at this if it's acceptable.
Regards
Andrew
-Original Message-
From: Dr. Stephen Henson [mailto:[EMAIL PROTECTED]
Sent: 15 September 2003 18:31
To: [EMAIL PROTECTED]
Subject: Re: RSAUTL and PASSIN
On Mon, Sep 15, 2003, Andrew Stickland wrote:
Hi,
I've encountered a problem with openssl rsautl in that I need to use the
sign function and submit the passphrase from another application.
On Unix I could use an 'expect' but even that would be rather dirty and
I'm
not on Unix for this project. I could decrypt the private key to disk and
use it but this has security implications. This has been raised before on
this forum but I've not found a satisfactory answer.
As a rusty C programmer I've had a look at the rsa.c code in \apps -
couldn't the app_passwd(bio_err, passargin, passargout, passin,
passout)
functionality be added to rsautl and 'passin' handed to load_key()?
As I said, I'm rusty so I may have overlooked obvious problems with this.
I look forward to your responses.
Yes it could be done (I may look into it if I ever get any time...) there's
a
minor complication in that you get an EVP_PKEY structure back from
load_key()
which you have to extract the RSA structure from (checking first that it
really is and RSA key).
Steve.
--
Dr Stephen N. Henson.
Core developer of the OpenSSL project: http://www.openssl.org/
Freelance consultant see: http://www.drh-consultancy.demon.co.uk/
Email: [EMAIL PROTECTED], PGP key: via homepage.
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
***
This email has originated from Perwill plc (Registration No. 1906964)
Office registered at: 13A Market Square, Alton, Hampshire, GU34 1UR, UK
Tel: +44 (0)1420 545000
Fax: +44 (0)1420 545001
www.perwill.com
***
Privileged, confidential and/or copyright information may be contained
in this email, and is only for the use of the intended addressee.
To copy, forward, disclose or otherwise use it in any way if you are not
the intended recipient or responsible for delivering to him/her is
prohibited.
If you receive this email by mistake, please advise the sender immediately,
by using the reply facility in your email software.
We may monitor the content of emails sent and received via our network
for the purposes of ensuring compliance with policies and procedures.
This message is subject to and does not create or vary any contractual
relationships between Perwill plc and the recipient.
***
Any opinions expressed in the email are those of the sender and not
necessarily of Perwill plc.
***
This email has been scanned for known viruses using
McAfee WebShield 4.5 MR1a
***
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
