Theoretically it's possible to embed certificates into a Windows and Linux
executables - not sure about other architectures though.
In my spare time I've been researching this topic as well. You can use the
ImageAddCertificate() Win32 API from Imagehlp.dll to programmatically store
a certificate inside of an executable. I'm not sure what format the
certificate has to be in, but knowing Micro$oft it whould have to be PKCS#7
or is it #12? - I forget which now.
As for Linux, it's possible to create another data segment and store the
certificate into that.
In either architecture, OpenSSL will not be able to read directly from the
executable image. You will need to develop a way to programmatically
extract from the executable image the certificate as binary data blob (see
the other APIs Imagehlp.dll exports) and supply it to openssl via an
in-memory BIO.
I hope this gives you some pointers on where to look next though.
Hi,
Can anyone tell me if it's possible to embed a client certificate inside my
executable, and what calls I should use to tell OpenSSL to use it? I think
I'll also need to do it for the CA, since we use self-signed certificates,
and I want the client to verify the server's certificate too.
Thanks,
;) james.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
