Dr. Stephen Henson wrote:
On Fri, Nov 14, 2008, Martin P. Hellwig wrote:
Hi all,
I was playing around with the 0.9.8g version (actually I am wrapping the
CLI to use with python) and I stumbled across the following:
when I do:
openssl rsa -outform NET -in test.pem -out test.net -passout pass:test
It still asks me on the command line for an password while I expected it to
use the password defined by -passout pass:test.
I also tried -passin, but that didn't work either.
Is there some obvious thing I am doing wrong?
No that's just a limitation of the NET format functions in OpenSSL. It is such
an old non-standard and broken format, I can't see why anyone would want to
use it anymore.
Steve
Ah yes, thank you, I was just wondering if I was doing something wrong.
No, problem I'll just do a workaround in my wrapping.
For people who might be interested, I am currently as a sort of hobby
project, wrapping the openssl command line function in python (via
subprocess) so that I can exposed the well documented interface as
python functions.
I am aware of existing wrappers like PyOpenSSL and POW, but they seem to
be interfacing with the libraries directly, which means they force the
user to build it for their system (POW especially for windows platform).
What I want to do is use the interface binary itself and by that can use
preexisting compiled versions. Effectively separating the python files
from the openssl files. So that no specific building is necessary and
the interface is mostly the same as the unwrapped one. Probably the only
people benefiting from my work (I'll release the code, as soon as I find
it not hugely embarrassing, as open-source under MIT license) are the
ones that want to subprocess the openssl binary themselves with python
because they find the documentation of existing wrappers a bit
unhelpful. By leaving the exposed interface similar to existing one I
only have to document the differences and for everything else point to
the already existing documentation. A huge time safer.
For me it is just a way to get to know OpenSSL better and interface it
from my favorite programming language. Perhaps later on I build some
more functions on top of my wrapper to ease administration a bit. Things
like automatic detection of the key file formats and easier x509 CA
management, though I have to study CA management more thoroughly to be
able to build something that is substantial better in line of the
business processes then the existing ones.
Thanks again for your answer, it is very appreciated.
--
Martin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
