Re: [Openvpn-devel] [PATCH 1/1] openssl: add engine method for loading the key

On Wed, 2017-11-08 at 13:27 +0100, David Sommerseth wrote: > I need to spend a bit more time to fully grasp the UI get/set calls > and the related implementation.  But what is done in regards to > password retrieving in ui_read() makes sense to me. How to use UI methods is (unsurprisingly) badly d

Re: [Openvpn-devel] [PATCH 1/1] openssl: add engine method for loading the key

On 04/11/17 20:34, Selva wrote: > > > On Sat, Nov 4, 2017 at 1:58 PM, Gert Doering > wrote: > > Hi, > > On Wed, Nov 01, 2017 at 07:24:02PM +0100, Steffan Karger wrote: > > This looks like it should use our user query wrappers from (e.g.) > > console.

Re: [Openvpn-devel] [PATCH 1/1] openssl: add engine method for loading the key

On Sat, Nov 4, 2017 at 1:58 PM, Gert Doering wrote: > Hi, > > On Wed, Nov 01, 2017 at 07:24:02PM +0100, Steffan Karger wrote: > > This looks like it should use our user query wrappers from (e.g.) > > console.h. David, you're the expert here, what should James use to > > query for passwords? > >

Re: [Openvpn-devel] [PATCH 1/1] openssl: add engine method for loading the key

Hi, On Wed, Nov 01, 2017 at 07:24:02PM +0100, Steffan Karger wrote: > This looks like it should use our user query wrappers from (e.g.) > console.h. David, you're the expert here, what should James use to > query for passwords? The mechanics are "query_user_...()", most conveniently /** * A pl

Re: [Openvpn-devel] [PATCH 1/1] openssl: add engine method for loading the key

Hi, On 29-10-17 16:57, James Bottomley wrote: > On Sun, 2017-10-29 at 23:15 +0800, Antonio Quartulli wrote: >> James, >> >> could you please resend a full patch, so to have a better overview of >> the whole change? > > Sure thing.  It's below. Feature makes sense, so feature-ACK. An early quest

Re: [Openvpn-devel] [PATCH 1/1] openssl: add engine method for loading the key

On Sun, 2017-10-29 at 23:15 +0800, Antonio Quartulli wrote: > James, > > could you please resend a full patch, so to have a better overview of > the whole change? Sure thing.  It's below. James --- From d55d6f50cd156ac8e5cdead1b5c03569885158f6 Mon Sep 17 00:00:00 2001 From: James Bottomley Da

Re: [Openvpn-devel] [PATCH 1/1] openssl: add engine method for loading the key

James, could you please resend a full patch, so to have a better overview of the whole change? Thanks! On 29/10/17 23:07, James Bottomley wrote: > On Sun, 2017-10-29 at 17:34 +0500, Илья Шипицин wrote: >> 2017-10-28 17:03 GMT+05:00 James Bottomley < >> james.bottom...@hansenpartnership.com>: >>

Re: [Openvpn-devel] [PATCH 1/1] openssl: add engine method for loading the key

On Sun, 2017-10-29 at 17:34 +0500, Илья Шипицин wrote: > 2017-10-28 17:03 GMT+05:00 James Bottomley < > james.bottom...@hansenpartnership.com>: > > > > > As well as doing crypto acceleration, engines can also be used to > > load > > key files.  If the engine is set, and the private key loading fa

Re: [Openvpn-devel] [PATCH 1/1] openssl: add engine method for loading the key

2017-10-28 17:03 GMT+05:00 James Bottomley < james.bottom...@hansenpartnership.com>: > As well as doing crypto acceleration, engines can also be used to load > key files. If the engine is set, and the private key loading fails > for bio methods, this patch makes openvpn try to get the engine to >

[Openvpn-devel] [PATCH 1/1] openssl: add engine method for loading the key

As well as doing crypto acceleration, engines can also be used to load key files. If the engine is set, and the private key loading fails for bio methods, this patch makes openvpn try to get the engine to load the key. If that succeeds, we end up using an engine based key. This can be used with t