Scheltema, R.A. wrote:
>
> Hi,
>
> Thanks for your reply. It's a shame though that the option isn't build yet
> in OpenSSL, since it will be too late for the project I'm working on (still
> only one month left) to be incorporated. Still I would like it if it would
> be build in OpenSSL, because I certainly intend to continue with OpenSSL in
> private projects.
>
> I'm still a bit uncertain about the following you wrote. What do you mean
> here:
> > I think the best you can currently do is either
> > have one callback for each piece of data ...
>
It depends on what you want to use the callback for and if it will
always be called in the same thread etc. Most of the options are, alas,
a bit "messy".
If for example you have various dialog boxes and the data is just being
used to supply a small number of fixed prompts then you could have
separate functions for each prompt.
If its all in one thread then you could I suppose use global variables.
If it is going to be spread across multiple threads then something
messier like a lookup table with per-thread data might be required and
with appropriate locking.
A third option is not to use SSL in such a way that it will call the
callback: that is pass unencrypted keys to it which have been decrypted
outside. This then depends on what format the private keys are: if they
are the normal PEM format you'll probably end up with a similar problem
with the PEM password callbacks though.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
