Yes, this is better but ... I believe there should be even better way :) Have you looked at RSA_FLAG_EXT_PKEY flag? From code in the crypto/rsa/rsa_eay.c file it looks like it is used to determine whether rsa->d will be used or not. And in the same time, the same flag is used in engines/ for *all* private keys :) Note that I am looking at source code for OpenSSL 0.9.8 and things might be different for older versions.
Aleksey _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
