On Wednesday, December 5, 2012, Ashok C wrote:
> Hi,
> Our current SSL server loads plain-text private keys using
the SSL_CTX_use_PrivateKey_file() method. We are moving from this strategy
to use custom encrypted private keys using the TPM concept. For this, we
have an engine implemented. Now the
exponent and modulus are put in the EVP_PKEY).
From: Jeffrey Walton
To: openssl-users@openssl.org
Sent: Friday, December 7, 2012 4:52 PM
Subject: Re: How to over-ride SSL_CTX_use_PrivateKey_file() behavior with
custom engine
On Fri, Dec 7, 2012 at 5:05 AM, LN wrote:
>
> ...
On Fri, Dec 7, 2012 at 5:05 AM, LN wrote:
>
> ...
>
>> MS CAPI has an option to mark a private key as "exportable" when you
>> create or install it, which means that the private key can then be read
>> anyway, but I don't know if that feature is used by the OpenSSL "CAPI
>> Engine". It is almost
On 12/07/2012 11:05 AM, LN wrote:
> I have a feeling it does so because I tried to save that returned
> EVP_PKEY to a PEM file with PEM_write_bio_PrivateKey and then to load it
> back from the same file with PEM_read_bio_PrivateKey.
> Saving worked, but loading failed (with some decoding error
ile encrypted
with a password, then keeping it in the windows store, if I want to pass it to
OpenSSL (through boost::asio::ssl) :)
From: Jakob Bohm
To: openssl-users@openssl.org
Sent: Thursday, December 6, 2012 12:23 PM
Subject: Re: How to over-ride SSL_CTX_u
On 12/6/2012 9:13 AM, LN wrote:
Hi,
Somehow related to private keys but about loading them with CAPI
engine... Does someone know if the ENGINE_load_private_key() for CAPI
engine returns the PUBLIC KEY ?
I have a feeling it does so because I tried to save that returned
EVP_PKEY to a PEM file wit
.
PEM_write_bio_PUBKEY and PEM_read_bio_PUBKEY worked with the returned EVP_PKEY.
Thanks!
From: Ashok C
To: openssl-users@openssl.org
Sent: Thursday, December 6, 2012 7:03 AM
Subject: Re: How to over-ride SSL_CTX_use_PrivateKey_file() behavior with
custom engine
Thanks Steve and Kent for the pointers.
Makes things clear for now.
On Thu, Dec 6, 2012 at 4:22 AM, Dr. Stephen Henson wrote:
> On Wed, Dec 05, 2012, Ashok C wrote:
>
> > Hi,
> >
> > Our current SSL server loads plain-text private keys using the
> > SSL_CTX_use_PrivateKey_file()
> > method. We ar
On Wed, Dec 05, 2012, Ashok C wrote:
> Hi,
>
> Our current SSL server loads plain-text private keys using the
> SSL_CTX_use_PrivateKey_file()
> method. We are moving from this strategy to use custom encrypted private
> keys using the TPM concept. For this, we have an engine implemented. Now
> the
Hi Ashok,
On Wed, Dec 5, 2012 at 12:29 AM, Ashok C wrote:
> Hi,
>
> Our current SSL server loads plain-text private keys using the
> SSL_CTX_use_PrivateKey_file() method. We are moving from this strategy to
> use custom encrypted private keys using the TPM concept. For this, we have
> an engine i
10 matches
Mail list logo