[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnutls] About Future Plans: Private keys encrypted.
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: [Help-gnutls] About Future Plans: Private keys encrypted. |
Date: |
Fri, 18 Nov 2005 16:34:54 +0100 |
User-agent: |
KMail/1.8.2 |
On Thursday 17 November 2005 01:22, Fran wrote:
> On Mér, 2005-11-16 at 12:33 +0100, Nikos Mavrogiannopoulos wrote:
> > Which manpages were problematic?
>
> It is strange for me (for me):
> > unsigned int flags
> > 0 if encrypted or GNUTLS_PKCS_PLAIN if not encrypted.
> > Currently only RSA keys can be imported,
> > and flags can only be used to indicate an unencrypted key.
It is indeed strange. The problem is that if the key is DER encoded that
encryption status cannot be auto-detected[0]. In the PEM case it is different
since there is a header we can check. That's the purpose of this flag.
I've added some clarification on the documentation...
[0]. We could try to decode it as encrypted and if that fails try the
unencrypted decoding, but this is too high level. If needed it should
be done on a higher layer.
--
Nikos Mavrogiannopoulos