Hi, This is really directed at the OpenSSL development but I didn't want to intrude on the core group's work at this time.
I've encountered a problem with "openssl rsautl" in that I need to use the sign function and submit the passphrase from another application. On Unix I could use an 'expect' but even that would be rather dirty. I could decrypt the private key to disk and use it but this has security implications. This has been raised before on this forum but I've not found a satisfactory answer. As a rusty C programmer I've had a look at the rsa.c code in \apps - couldn't the "app_passwd(bio_err, passargin, passargout, &passin, &passout)" functionality be added to rsautl and 'passin' handed to load_key()? As I said, I'm rusty so I may have overlooked obvious problems with this. I look forward to your responses. Regards Andrew Stickland ________________________________________________________________________ Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://mail.messenger.yahoo.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
