[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-gnutls] About Future Plans: Private keys encrypted.

From: Nikos Mavrogiannopoulos
Subject: Re: [Help-gnutls] About Future Plans: Private keys encrypted.
Date: Wed, 16 Nov 2005 12:33:11 +0100
User-agent: KMail/1.8.2

On Wednesday 16 November 2005 01:52, Fran wrote:
>       * You can both encrypt and decrypt pkcs8 keys in gnutls. The only
>         limitation is
>       * that pkcs8 2.0 is supported and not previous versions.
> Well, But encryption of key file with password do not work for me,
> always exports the key as plain. I used 2,4,8,16 types.
> I can not understand very well the man pages, and why the key do not is
> saved as encrypted.
Which manpages were problematic? The whole PKCS #8 stuff is complex though.

> In the code exposed is the same put GNUTLS_PKCS_PLAIN or
> I can not understand it.
If you use "certtool --generate-privkey -8" you get a pkcs8 encrypted key.
The only thing you need to do is call gnutls_x509_privkey_export_pkcs8()
with the flag (say) GNUTLS_PKCS_USE_PKCS12_3DES and an ASCII password.

Nikos Mavrogiannopoulos

reply via email to

[Prev in Thread] Current Thread [Next in Thread]