On Tuesday 15 November 2005 20:52, Fran wrote: > Hello, > I can see that certtool do not encrypt keys and not support some keys > generated with openssl (encrypted). > I can see : > > int gnutls_x509_privkey_import_pkcs8: > > This function will convert the given DER or PEM encoded PKCS8 2.0 > > encrypted key to the native gnutls_x509_privkey_t format. The output will > > be stored in key. Currently only RSA keys can be imported, and flags can > > only be used to indicate an unencrypted key. > I think that this is a very high risk security problem for applications > that use a file key.
You can both encrypt and decrypt pkcs8 keys in gnutls. The only limitation is that pkcs8 2.0 is supported and not previous versions. -- Nikos Mavrogiannopoulos _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
