Steve, Thanks for the response.
I think that rsautl already uses load_key() so the EVP_PKEY structure should already be handled. What's the policy on contributed source code from outside the core group - I'd be willing to have a stab at this if it's acceptable. Regards Andrew -----Original Message----- From: Dr. Stephen Henson [mailto:[EMAIL PROTECTED] Sent: 15 September 2003 18:31 To: [EMAIL PROTECTED] Subject: Re: RSAUTL and PASSIN On Mon, Sep 15, 2003, Andrew Stickland wrote: > Hi, > > I've encountered a problem with "openssl rsautl" in that I need to use the > sign function and submit the passphrase from another application. > > On Unix I could use an 'expect' but even that would be rather dirty and I'm > not on Unix for this project. I could decrypt the private key to disk and > use it but this has security implications. This has been raised before on > this forum but I've not found a satisfactory answer. > > As a rusty C programmer I've had a look at the rsa.c code in \apps - > couldn't the "app_passwd(bio_err, passargin, passargout, &passin, &passout)" > functionality be added to rsautl and 'passin' handed to load_key()? > > As I said, I'm rusty so I may have overlooked obvious problems with this. > > I look forward to your responses. > Yes it could be done (I may look into it if I ever get any time...) there's a minor complication in that you get an EVP_PKEY structure back from load_key() which you have to extract the RSA structure from (checking first that it really is and RSA key). Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ******************************************************* This email has originated from Perwill plc (Registration No. 1906964) Office registered at: 13A Market Square, Alton, Hampshire, GU34 1UR, UK Tel: +44 (0)1420 545000 Fax: +44 (0)1420 545001 www.perwill.com ******************************************************* Privileged, confidential and/or copyright information may be contained in this email, and is only for the use of the intended addressee. To copy, forward, disclose or otherwise use it in any way if you are not the intended recipient or responsible for delivering to him/her is prohibited. If you receive this email by mistake, please advise the sender immediately, by using the reply facility in your email software. We may monitor the content of emails sent and received via our network for the purposes of ensuring compliance with policies and procedures. This message is subject to and does not create or vary any contractual relationships between Perwill plc and the recipient. ******************************************************* Any opinions expressed in the email are those of the sender and not necessarily of Perwill plc. ******************************************************* This email has been scanned for known viruses using McAfee WebShield 4.5 MR1a ******************************************************* ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
