[EMAIL PROTECTED] - Sat Mar 19 03:36:28 2005]: > Hi Stephen, > > Thanks for the response. > Could you let me know why is this not supported? > This used to work before and since the API doens't > allow it it seems to be a valid use? >
If we had to preserve the behaviour of every undocumented feature of OpenSSL we'd never be able to change anything. Among other things this has a dependency on the way the PEM routines work. Currently they buffer the whole lot in memory and request the passphrase afterwards. A more efficient way would be to read in the headers, request the passphrase at that point, then decrypt the rest on the fly. What are you trying to do? There may be a portable way to do it. I'm not really sure what the purpose of placing a private key and its passphrase on the same stream are. If the stream is secure you might as well send the unencrypted private key. If it is not secure then an attacker could just as easily obtain the private key and passphrase. Steve. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
