[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-gnutls] About Future Plans: Private keys encrypted.

From: Nikos Mavrogiannopoulos
Subject: Re: [Help-gnutls] About Future Plans: Private keys encrypted.
Date: Fri, 18 Nov 2005 16:34:54 +0100
User-agent: KMail/1.8.2

On Thursday 17 November 2005 01:22, Fran wrote:
> On Mér, 2005-11-16 at 12:33 +0100, Nikos Mavrogiannopoulos wrote:
> > Which manpages were problematic?
> It is strange for me (for me):
> >  unsigned int flags
> >                    0 if encrypted or GNUTLS_PKCS_PLAIN if not encrypted.
> > Currently only RSA keys can be imported,
> >        and flags can only be used to indicate an unencrypted key.

It is indeed strange. The problem is that if the key is DER encoded that 
encryption status cannot be auto-detected[0]. In the PEM case it is different 
since there is a header we can check. That's the purpose of this flag.
I've added some clarification on the documentation...

[0]. We could try to decode it as encrypted and if that fails try the 
unencrypted decoding, but this is too high level. If needed it should
be done on a higher layer.

Nikos Mavrogiannopoulos

reply via email to

[Prev in Thread] Current Thread [Next in Thread]